philologue/diachron
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: philologue:6f2ca2c15d0d4563f049dc9fe9231bfdb3ea11ef
Branches Tags
philologue:master philologue:hydrators-kysely philologue:beads-sync philologue:hydrators-kysely+bootstrapper philologue:hydrators philologue:experiments
..
compare: philologue:master
Branches Tags
philologue:hydrators-kysely philologue:beads-sync philologue:hydrators-kysely+bootstrapper philologue:master philologue:hydrators philologue:experiments

2 Commits
6f2ca2c15d ... master

Author SHA1 Message Date
Michael Wolf
eb12471941 Add macOS x86_64 platform support 
Platform detection now happens in framework/platform, sourced by both
sync.sh and the node shim. Uses shasum on macOS, sha256sum on Linux.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-02 11:37:47 -05:00
Michael Wolf
60643409f6 Tweak marketing blurb 2026-02-02 11:37:47 -05:00
27 changed files with 59 additions and 2993 deletions
Expand all files Collapse all files

3
TODO.md
View File

@@ -1,11 +1,8 @@
## high importance
- Many of the UUIDs generated are not UUIDv7. This needs to be fixed.
- [ ] Add unit tests all over the place.
- ⚠️ Huge task - needs breakdown before starting
- [ ] map exceptions back to source lines
- [ ] migrations, seeding, fixtures

13
docker-compose.test.yml
View File

@@ -1,13 +0,0 @@
name: diachron-test
services:
postgres:
image: postgres:17
ports:
- "5433:5432"
environment:
POSTGRES_USER: diachron_test
POSTGRES_PASSWORD: diachron_test
POSTGRES_DB: diachron_test
tmpfs:
- /var/lib/postgresql/data

80
express/auth/password.spec.ts
View File

@@ -1,80 +0,0 @@
// Tests for auth/password.ts
// Pure unit tests - no database needed
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import { hashPassword, verifyPassword } from "./password";
describe("password", () => {
describe("hashPassword", () => {
it("returns a scrypt formatted hash", async () => {
const hash = await hashPassword("testpassword");
assert.ok(hash.startsWith("$scrypt$"));
});
it("includes all scrypt parameters", async () => {
const hash = await hashPassword("testpassword");
const parts = hash.split("$");
// Format: $scrypt$N$r$p$salt$hash
assert.equal(parts.length, 7);
assert.equal(parts[0], "");
assert.equal(parts[1], "scrypt");
// N, r, p should be numbers
assert.ok(!Number.isNaN(parseInt(parts[2], 10)));
assert.ok(!Number.isNaN(parseInt(parts[3], 10)));
assert.ok(!Number.isNaN(parseInt(parts[4], 10)));
});
it("generates different hashes for same password (different salt)", async () => {
const hash1 = await hashPassword("testpassword");
const hash2 = await hashPassword("testpassword");
assert.notEqual(hash1, hash2);
});
});
describe("verifyPassword", () => {
it("returns true for correct password", async () => {
const hash = await hashPassword("correctpassword");
const result = await verifyPassword("correctpassword", hash);
assert.equal(result, true);
});
it("returns false for incorrect password", async () => {
const hash = await hashPassword("correctpassword");
const result = await verifyPassword("wrongpassword", hash);
assert.equal(result, false);
});
it("throws for invalid hash format", async () => {
await assert.rejects(
verifyPassword("password", "invalid-hash"),
/Invalid password hash format/,
);
});
it("throws for non-scrypt hash", async () => {
await assert.rejects(
verifyPassword("password", "$bcrypt$10$salt$hash"),
/Invalid password hash format/,
);
});
it("works with empty password", async () => {
const hash = await hashPassword("");
const result = await verifyPassword("", hash);
assert.equal(result, true);
});
it("works with unicode password", async () => {
const hash = await hashPassword("p@$$w0rd\u{1F511}");
const result = await verifyPassword("p@$$w0rd\u{1F511}", hash);
assert.equal(result, true);
});
it("is case sensitive", async () => {
const hash = await hashPassword("Password");
const result = await verifyPassword("password", hash);
assert.equal(result, false);
});
});
});

419
express/auth/service.spec.ts
View File

@@ -1,419 +0,0 @@
// Tests for auth/service.ts
// Uses InMemoryAuthStore - no database needed
import assert from "node:assert/strict";
import { beforeEach, describe, it } from "node:test";
import { AuthService } from "./service";
import { InMemoryAuthStore } from "./store";
describe("AuthService", () => {
let store: InMemoryAuthStore;
let service: AuthService;
beforeEach(() => {
store = new InMemoryAuthStore();
service = new AuthService(store);
});
describe("register", () => {
it("creates a new user", async () => {
const result = await service.register(
"test@example.com",
"password123",
"Test User",
);
assert.equal(result.success, true);
if (result.success) {
assert.equal(result.user.email, "test@example.com");
assert.equal(result.user.displayName, "Test User");
assert.ok(result.verificationToken.length > 0);
}
});
it("fails when email already registered", async () => {
await service.register("test@example.com", "password123");
const result = await service.register(
"test@example.com",
"password456",
);
assert.equal(result.success, false);
if (!result.success) {
assert.equal(result.error, "Email already registered");
}
});
it("creates user without displayName", async () => {
const result = await service.register(
"test@example.com",
"password123",
);
assert.equal(result.success, true);
if (result.success) {
assert.equal(result.user.displayName, undefined);
}
});
});
describe("login", () => {
beforeEach(async () => {
// Create and verify a user
const result = await service.register(
"test@example.com",
"password123",
"Test User",
);
if (result.success) {
// Verify email to activate user
await service.verifyEmail(result.verificationToken);
}
});
it("succeeds with correct credentials", async () => {
const result = await service.login(
"test@example.com",
"password123",
"cookie",
);
assert.equal(result.success, true);
if (result.success) {
assert.ok(result.token.length > 0);
assert.equal(result.user.email, "test@example.com");
}
});
it("fails with wrong password", async () => {
const result = await service.login(
"test@example.com",
"wrongpassword",
"cookie",
);
assert.equal(result.success, false);
if (!result.success) {
assert.equal(result.error, "Invalid credentials");
}
});
it("fails with unknown email", async () => {
const result = await service.login(
"unknown@example.com",
"password123",
"cookie",
);
assert.equal(result.success, false);
if (!result.success) {
assert.equal(result.error, "Invalid credentials");
}
});
it("fails for inactive user", async () => {
// Create a user but don't verify email (stays pending)
await service.register("pending@example.com", "password123");
const result = await service.login(
"pending@example.com",
"password123",
"cookie",
);
assert.equal(result.success, false);
if (!result.success) {
assert.equal(result.error, "Account is not active");
}
});
it("stores metadata", async () => {
const result = await service.login(
"test@example.com",
"password123",
"cookie",
{ userAgent: "TestAgent", ipAddress: "192.168.1.1" },
);
assert.equal(result.success, true);
});
});
describe("validateToken", () => {
let token: string;
beforeEach(async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
if (regResult.success) {
await service.verifyEmail(regResult.verificationToken);
}
const loginResult = await service.login(
"test@example.com",
"password123",
"cookie",
);
if (loginResult.success) {
token = loginResult.token;
}
});
it("returns authenticated for valid token", async () => {
const result = await service.validateToken(token);
assert.equal(result.authenticated, true);
if (result.authenticated) {
assert.equal(result.user.email, "test@example.com");
assert.notEqual(result.session, null);
}
});
it("returns unauthenticated for invalid token", async () => {
const result = await service.validateToken("invalid-token");
assert.equal(result.authenticated, false);
assert.equal(result.user.isAnonymous(), true);
assert.equal(result.session, null);
});
});
describe("logout", () => {
it("invalidates the session", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
if (regResult.success) {
await service.verifyEmail(regResult.verificationToken);
}
const loginResult = await service.login(
"test@example.com",
"password123",
"cookie",
);
assert.equal(loginResult.success, true);
if (!loginResult.success) return;
const token = loginResult.token;
// Token should be valid before logout
const beforeLogout = await service.validateToken(token);
assert.equal(beforeLogout.authenticated, true);
// Logout
await service.logout(token);
// Token should be invalid after logout
const afterLogout = await service.validateToken(token);
assert.equal(afterLogout.authenticated, false);
});
});
describe("logoutAllSessions", () => {
it("invalidates all user sessions", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
if (regResult.success) {
await service.verifyEmail(regResult.verificationToken);
}
// Create multiple sessions
const login1 = await service.login(
"test@example.com",
"password123",
"cookie",
);
const login2 = await service.login(
"test@example.com",
"password123",
"bearer",
);
assert.equal(login1.success, true);
assert.equal(login2.success, true);
if (!login1.success || !login2.success) return;
// Both should be valid
const before1 = await service.validateToken(login1.token);
const before2 = await service.validateToken(login2.token);
assert.equal(before1.authenticated, true);
assert.equal(before2.authenticated, true);
// Logout all
const user = await store.getUserByEmail("test@example.com");
const count = await service.logoutAllSessions(user!.id);
assert.equal(count, 2);
// Both should be invalid
const after1 = await service.validateToken(login1.token);
const after2 = await service.validateToken(login2.token);
assert.equal(after1.authenticated, false);
assert.equal(after2.authenticated, false);
});
});
describe("verifyEmail", () => {
it("activates user with valid token", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
assert.equal(regResult.success, true);
if (!regResult.success) return;
const result = await service.verifyEmail(
regResult.verificationToken,
);
assert.equal(result.success, true);
// User should now be active and can login
const loginResult = await service.login(
"test@example.com",
"password123",
"cookie",
);
assert.equal(loginResult.success, true);
});
it("fails with invalid token", async () => {
const result = await service.verifyEmail("invalid-token");
assert.equal(result.success, false);
if (!result.success) {
assert.equal(
result.error,
"Invalid or expired verification token",
);
}
});
it("fails when token already used", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
assert.equal(regResult.success, true);
if (!regResult.success) return;
// First verification succeeds
const result1 = await service.verifyEmail(
regResult.verificationToken,
);
assert.equal(result1.success, true);
// Second verification fails (token deleted)
const result2 = await service.verifyEmail(
regResult.verificationToken,
);
assert.equal(result2.success, false);
});
});
describe("createPasswordResetToken", () => {
it("returns token for existing user", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
assert.equal(regResult.success, true);
const result =
await service.createPasswordResetToken("test@example.com");
assert.notEqual(result, null);
assert.ok(result!.token.length > 0);
});
it("returns null for unknown email", async () => {
const result = await service.createPasswordResetToken(
"unknown@example.com",
);
assert.equal(result, null);
});
});
describe("resetPassword", () => {
it("changes password with valid token", async () => {
const regResult = await service.register(
"test@example.com",
"oldpassword",
);
if (regResult.success) {
await service.verifyEmail(regResult.verificationToken);
}
const resetToken =
await service.createPasswordResetToken("test@example.com");
assert.notEqual(resetToken, null);
const result = await service.resetPassword(
resetToken!.token,
"newpassword",
);
assert.equal(result.success, true);
// Old password should no longer work
const loginOld = await service.login(
"test@example.com",
"oldpassword",
"cookie",
);
assert.equal(loginOld.success, false);
// New password should work
const loginNew = await service.login(
"test@example.com",
"newpassword",
"cookie",
);
assert.equal(loginNew.success, true);
});
it("fails with invalid token", async () => {
const result = await service.resetPassword(
"invalid-token",
"newpassword",
);
assert.equal(result.success, false);
if (!result.success) {
assert.equal(result.error, "Invalid or expired reset token");
}
});
it("invalidates all existing sessions", async () => {
const regResult = await service.register(
"test@example.com",
"password123",
);
if (regResult.success) {
await service.verifyEmail(regResult.verificationToken);
}
// Create a session
const loginResult = await service.login(
"test@example.com",
"password123",
"cookie",
);
assert.equal(loginResult.success, true);
if (!loginResult.success) return;
const sessionToken = loginResult.token;
// Reset password
const resetToken =
await service.createPasswordResetToken("test@example.com");
await service.resetPassword(resetToken!.token, "newpassword");
// Old session should be invalid
const validateResult = await service.validateToken(sessionToken);
assert.equal(validateResult.authenticated, false);
});
});
});

321
express/auth/store.spec.ts
View File

@@ -1,321 +0,0 @@
// Tests for auth/store.ts (InMemoryAuthStore)
// Pure unit tests - no database needed
import assert from "node:assert/strict";
import { after, before, beforeEach, describe, it } from "node:test";
import type { UserId } from "../user";
import { InMemoryAuthStore } from "./store";
import { hashToken } from "./token";
import type { TokenId } from "./types";
describe("InMemoryAuthStore", () => {
let store: InMemoryAuthStore;
beforeEach(() => {
store = new InMemoryAuthStore();
});
describe("createUser", () => {
it("creates a user with pending status", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
displayName: "Test User",
});
assert.equal(user.email, "test@example.com");
assert.equal(user.displayName, "Test User");
assert.equal(user.status, "pending");
});
it("creates a user without displayName", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
assert.equal(user.email, "test@example.com");
assert.equal(user.displayName, undefined);
});
it("generates a unique id", async () => {
const user1 = await store.createUser({
email: "test1@example.com",
passwordHash: "hash123",
});
const user2 = await store.createUser({
email: "test2@example.com",
passwordHash: "hash456",
});
assert.notEqual(user1.id, user2.id);
});
});
describe("getUserByEmail", () => {
it("returns user when found", async () => {
await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const user = await store.getUserByEmail("test@example.com");
assert.notEqual(user, null);
assert.equal(user!.email, "test@example.com");
});
it("is case-insensitive", async () => {
await store.createUser({
email: "Test@Example.COM",
passwordHash: "hash123",
});
const user = await store.getUserByEmail("test@example.com");
assert.notEqual(user, null);
});
it("returns null when not found", async () => {
const user = await store.getUserByEmail("notfound@example.com");
assert.equal(user, null);
});
});
describe("getUserById", () => {
it("returns user when found", async () => {
const created = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const user = await store.getUserById(created.id);
assert.notEqual(user, null);
assert.equal(user!.id, created.id);
});
it("returns null when not found", async () => {
const user = await store.getUserById("nonexistent" as UserId);
assert.equal(user, null);
});
});
describe("getUserPasswordHash", () => {
it("returns hash when found", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const hash = await store.getUserPasswordHash(user.id);
assert.equal(hash, "hash123");
});
it("returns null when not found", async () => {
const hash = await store.getUserPasswordHash(
"nonexistent" as UserId,
);
assert.equal(hash, null);
});
});
describe("setUserPassword", () => {
it("updates password hash", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "oldhash",
});
await store.setUserPassword(user.id, "newhash");
const hash = await store.getUserPasswordHash(user.id);
assert.equal(hash, "newhash");
});
});
describe("updateUserEmailVerified", () => {
it("sets user status to active", async () => {
const created = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
assert.equal(created.status, "pending");
await store.updateUserEmailVerified(created.id);
const user = await store.getUserById(created.id);
assert.equal(user!.status, "active");
});
});
describe("createSession", () => {
it("creates a session with token", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token, session } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
assert.ok(token.length > 0);
assert.equal(session.userId, user.id);
assert.equal(session.tokenType, "session");
assert.equal(session.authMethod, "cookie");
});
it("stores metadata", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { session } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
userAgent: "Mozilla/5.0",
ipAddress: "127.0.0.1",
});
assert.equal(session.userAgent, "Mozilla/5.0");
assert.equal(session.ipAddress, "127.0.0.1");
});
});
describe("getSession", () => {
it("returns session when found and not expired", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000), // 1 hour from now
});
const tokenId = hashToken(token) as TokenId;
const session = await store.getSession(tokenId);
assert.notEqual(session, null);
assert.equal(session!.userId, user.id);
});
it("returns null for expired session", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() - 1000), // Expired 1 second ago
});
const tokenId = hashToken(token) as TokenId;
const session = await store.getSession(tokenId);
assert.equal(session, null);
});
it("returns null for nonexistent session", async () => {
const session = await store.getSession("nonexistent" as TokenId);
assert.equal(session, null);
});
});
describe("deleteSession", () => {
it("removes the session", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
const tokenId = hashToken(token) as TokenId;
await store.deleteSession(tokenId);
const session = await store.getSession(tokenId);
assert.equal(session, null);
});
});
describe("deleteUserSessions", () => {
it("removes all sessions for user", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token: token1 } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
const { token: token2 } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "bearer",
expiresAt: new Date(Date.now() + 3600000),
});
const count = await store.deleteUserSessions(user.id);
assert.equal(count, 2);
const session1 = await store.getSession(
hashToken(token1) as TokenId,
);
const session2 = await store.getSession(
hashToken(token2) as TokenId,
);
assert.equal(session1, null);
assert.equal(session2, null);
});
it("returns 0 when user has no sessions", async () => {
const count = await store.deleteUserSessions(
"nonexistent" as UserId,
);
assert.equal(count, 0);
});
});
describe("updateLastUsed", () => {
it("updates lastUsedAt timestamp", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
});
const { token } = await store.createSession({
userId: user.id,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
const tokenId = hashToken(token) as TokenId;
const beforeUpdate = await store.getSession(tokenId);
assert.equal(beforeUpdate!.lastUsedAt, undefined);
await store.updateLastUsed(tokenId);
const afterUpdate = await store.getSession(tokenId);
assert.ok(afterUpdate!.lastUsedAt instanceof Date);
});
});
});

94
express/auth/token.spec.ts
View File

@@ -1,94 +0,0 @@
// Tests for auth/token.ts
// Pure unit tests - no database needed
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import {
generateToken,
hashToken,
parseAuthorizationHeader,
SESSION_COOKIE_NAME,
} from "./token";
describe("token", () => {
describe("generateToken", () => {
it("generates a non-empty string", () => {
const token = generateToken();
assert.equal(typeof token, "string");
assert.ok(token.length > 0);
});
it("generates unique tokens", () => {
const tokens = new Set<string>();
for (let i = 0; i < 100; i++) {
tokens.add(generateToken());
}
assert.equal(tokens.size, 100);
});
it("generates base64url encoded tokens", () => {
const token = generateToken();
// base64url uses A-Z, a-z, 0-9, -, _
assert.match(token, /^[A-Za-z0-9_-]+$/);
});
});
describe("hashToken", () => {
it("returns a hex string", () => {
const hash = hashToken("test-token");
assert.match(hash, /^[a-f0-9]+$/);
});
it("returns consistent hash for same input", () => {
const hash1 = hashToken("test-token");
const hash2 = hashToken("test-token");
assert.equal(hash1, hash2);
});
it("returns different hash for different input", () => {
const hash1 = hashToken("token-1");
const hash2 = hashToken("token-2");
assert.notEqual(hash1, hash2);
});
it("returns 64 character hash (SHA-256)", () => {
const hash = hashToken("test-token");
assert.equal(hash.length, 64);
});
});
describe("parseAuthorizationHeader", () => {
it("returns null for undefined header", () => {
assert.equal(parseAuthorizationHeader(undefined), null);
});
it("returns null for empty string", () => {
assert.equal(parseAuthorizationHeader(""), null);
});
it("returns null for non-bearer auth", () => {
assert.equal(parseAuthorizationHeader("Basic abc123"), null);
});
it("returns null for malformed header", () => {
assert.equal(parseAuthorizationHeader("Bearer"), null);
assert.equal(parseAuthorizationHeader("Bearer token extra"), null);
});
it("extracts token from valid bearer header", () => {
assert.equal(parseAuthorizationHeader("Bearer abc123"), "abc123");
});
it("is case-insensitive for Bearer keyword", () => {
assert.equal(parseAuthorizationHeader("bearer abc123"), "abc123");
assert.equal(parseAuthorizationHeader("BEARER abc123"), "abc123");
});
});
describe("SESSION_COOKIE_NAME", () => {
it("is defined", () => {
assert.equal(typeof SESSION_COOKIE_NAME, "string");
assert.ok(SESSION_COOKIE_NAME.length > 0);
});
});
});

253
express/auth/types.spec.ts
View File

@@ -1,253 +0,0 @@
// Tests for auth/types.ts
// Pure unit tests - no database needed
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import { z } from "zod";
import { AuthenticatedUser, anonymousUser } from "../user";
import {
authMethodParser,
forgotPasswordInputParser,
loginInputParser,
registerInputParser,
resetPasswordInputParser,
Session,
sessionDataParser,
tokenLifetimes,
tokenTypeParser,
} from "./types";
describe("auth/types", () => {
describe("tokenTypeParser", () => {
it("accepts valid token types", () => {
assert.equal(tokenTypeParser.parse("session"), "session");
assert.equal(
tokenTypeParser.parse("password_reset"),
"password_reset",
);
assert.equal(tokenTypeParser.parse("email_verify"), "email_verify");
});
it("rejects invalid token types", () => {
assert.throws(() => tokenTypeParser.parse("invalid"));
});
});
describe("authMethodParser", () => {
it("accepts valid auth methods", () => {
assert.equal(authMethodParser.parse("cookie"), "cookie");
assert.equal(authMethodParser.parse("bearer"), "bearer");
});
it("rejects invalid auth methods", () => {
assert.throws(() => authMethodParser.parse("basic"));
});
});
describe("sessionDataParser", () => {
it("accepts valid session data", () => {
const data = {
tokenId: "abc123",
userId: "user-1",
tokenType: "session",
authMethod: "cookie",
createdAt: new Date(),
expiresAt: new Date(),
};
const result = sessionDataParser.parse(data);
assert.equal(result.tokenId, "abc123");
assert.equal(result.userId, "user-1");
});
it("coerces date strings to dates", () => {
const data = {
tokenId: "abc123",
userId: "user-1",
tokenType: "session",
authMethod: "cookie",
createdAt: "2025-01-01T00:00:00Z",
expiresAt: "2025-01-02T00:00:00Z",
};
const result = sessionDataParser.parse(data);
assert.ok(result.createdAt instanceof Date);
assert.ok(result.expiresAt instanceof Date);
});
it("accepts optional fields", () => {
const data = {
tokenId: "abc123",
userId: "user-1",
tokenType: "session",
authMethod: "cookie",
createdAt: new Date(),
expiresAt: new Date(),
lastUsedAt: new Date(),
userAgent: "Mozilla/5.0",
ipAddress: "127.0.0.1",
isUsed: true,
};
const result = sessionDataParser.parse(data);
assert.equal(result.userAgent, "Mozilla/5.0");
assert.equal(result.ipAddress, "127.0.0.1");
assert.equal(result.isUsed, true);
});
});
describe("loginInputParser", () => {
it("accepts valid login input", () => {
const result = loginInputParser.parse({
email: "test@example.com",
password: "secret",
});
assert.equal(result.email, "test@example.com");
assert.equal(result.password, "secret");
});
it("rejects invalid email", () => {
assert.throws(() =>
loginInputParser.parse({
email: "not-an-email",
password: "secret",
}),
);
});
it("rejects empty password", () => {
assert.throws(() =>
loginInputParser.parse({
email: "test@example.com",
password: "",
}),
);
});
});
describe("registerInputParser", () => {
it("accepts valid registration input", () => {
const result = registerInputParser.parse({
email: "test@example.com",
password: "password123",
displayName: "Test User",
});
assert.equal(result.email, "test@example.com");
assert.equal(result.password, "password123");
assert.equal(result.displayName, "Test User");
});
it("accepts registration without displayName", () => {
const result = registerInputParser.parse({
email: "test@example.com",
password: "password123",
});
assert.equal(result.displayName, undefined);
});
it("rejects password shorter than 8 characters", () => {
assert.throws(() =>
registerInputParser.parse({
email: "test@example.com",
password: "short",
}),
);
});
});
describe("forgotPasswordInputParser", () => {
it("accepts valid email", () => {
const result = forgotPasswordInputParser.parse({
email: "test@example.com",
});
assert.equal(result.email, "test@example.com");
});
it("rejects invalid email", () => {
assert.throws(() =>
forgotPasswordInputParser.parse({
email: "invalid",
}),
);
});
});
describe("resetPasswordInputParser", () => {
it("accepts valid reset input", () => {
const result = resetPasswordInputParser.parse({
token: "abc123",
password: "newpassword",
});
assert.equal(result.token, "abc123");
assert.equal(result.password, "newpassword");
});
it("rejects empty token", () => {
assert.throws(() =>
resetPasswordInputParser.parse({
token: "",
password: "newpassword",
}),
);
});
it("rejects password shorter than 8 characters", () => {
assert.throws(() =>
resetPasswordInputParser.parse({
token: "abc123",
password: "short",
}),
);
});
});
describe("tokenLifetimes", () => {
it("defines session lifetime", () => {
assert.ok(tokenLifetimes.session > 0);
// 30 days in ms
assert.equal(tokenLifetimes.session, 30 * 24 * 60 * 60 * 1000);
});
it("defines password_reset lifetime", () => {
assert.ok(tokenLifetimes.password_reset > 0);
// 1 hour in ms
assert.equal(tokenLifetimes.password_reset, 1 * 60 * 60 * 1000);
});
it("defines email_verify lifetime", () => {
assert.ok(tokenLifetimes.email_verify > 0);
// 24 hours in ms
assert.equal(tokenLifetimes.email_verify, 24 * 60 * 60 * 1000);
});
});
describe("Session", () => {
it("wraps authenticated session", () => {
const user = AuthenticatedUser.create("test@example.com", {
id: "user-1",
});
const sessionData = {
tokenId: "token-1",
userId: "user-1",
tokenType: "session" as const,
authMethod: "cookie" as const,
createdAt: new Date(),
expiresAt: new Date(),
};
const session = new Session(sessionData, user);
assert.equal(session.isAuthenticated(), true);
assert.equal(session.getUser(), user);
assert.equal(session.getData(), sessionData);
assert.equal(session.tokenId, "token-1");
assert.equal(session.userId, "user-1");
});
it("wraps anonymous session", () => {
const session = new Session(null, anonymousUser);
assert.equal(session.isAuthenticated(), false);
assert.equal(session.getUser(), anonymousUser);
assert.equal(session.getData(), null);
assert.equal(session.tokenId, undefined);
assert.equal(session.userId, undefined);
});
});
});

24
express/basic/login.spec.ts
View File

@@ -1,24 +0,0 @@
// Tests for basic/login.ts
// These tests verify the route structure and export
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import { loginRoute } from "./login";
describe("basic/login", () => {
describe("loginRoute", () => {
it("has correct path", () => {
assert.equal(loginRoute.path, "/login");
});
it("handles GET and POST methods", () => {
assert.ok(loginRoute.methods.includes("GET"));
assert.ok(loginRoute.methods.includes("POST"));
assert.equal(loginRoute.methods.length, 2);
});
it("has a handler function", () => {
assert.equal(typeof loginRoute.handler, "function");
});
});
});

24
express/basic/logout.spec.ts
View File

@@ -1,24 +0,0 @@
// Tests for basic/logout.ts
// These tests verify the route structure and export
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import { logoutRoute } from "./logout";
describe("basic/logout", () => {
describe("logoutRoute", () => {
it("has correct path", () => {
assert.equal(logoutRoute.path, "/logout");
});
it("handles GET and POST methods", () => {
assert.ok(logoutRoute.methods.includes("GET"));
assert.ok(logoutRoute.methods.includes("POST"));
assert.equal(logoutRoute.methods.length, 2);
});
it("has a handler function", () => {
assert.equal(typeof logoutRoute.handler, "function");
});
});
});

73
express/basic/routes.spec.ts
View File

@@ -1,73 +0,0 @@
// Tests for basic/routes.ts
// These tests verify the route structure and exports
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import { routes } from "./routes";
describe("basic/routes", () => {
describe("routes object", () => {
it("exports routes as an object", () => {
assert.equal(typeof routes, "object");
});
it("contains hello route", () => {
assert.ok("hello" in routes);
assert.equal(routes.hello.path, "/hello");
assert.ok(routes.hello.methods.includes("GET"));
});
it("contains home route", () => {
assert.ok("home" in routes);
assert.equal(routes.home.path, "/");
assert.ok(routes.home.methods.includes("GET"));
});
it("contains login route", () => {
assert.ok("login" in routes);
assert.equal(routes.login.path, "/login");
});
it("contains logout route", () => {
assert.ok("logout" in routes);
assert.equal(routes.logout.path, "/logout");
});
it("all routes have handlers", () => {
for (const [name, route] of Object.entries(routes)) {
assert.equal(
typeof route.handler,
"function",
`Route ${name} should have a handler function`,
);
}
});
it("all routes have methods array", () => {
for (const [name, route] of Object.entries(routes)) {
assert.ok(
Array.isArray(route.methods),
`Route ${name} should have methods array`,
);
assert.ok(
route.methods.length > 0,
`Route ${name} should have at least one method`,
);
}
});
it("all routes have path string", () => {
for (const [name, route] of Object.entries(routes)) {
assert.equal(
typeof route.path,
"string",
`Route ${name} should have a path string`,
);
assert.ok(
route.path.startsWith("/"),
`Route ${name} path should start with /`,
);
}
});
});
});

10
express/basic/routes.ts
View File

@@ -1,5 +1,4 @@
import { DateTime } from "ts-luxon";
import { get, User } from "../framework/hydrators/user";
import { request } from "../request";
import { html, render } from "../request/util";
import type { Call, Result, Route } from "../types";
@@ -24,18 +23,11 @@ const routes: Record<string, Route> = {
const _auth = request.auth;
const me = request.session.getUser();
const id = me.id;
console.log(`*** id: ${id}`);
const u = await get(id);
const email = u?.email || "anonymous@example.com";
const name = u?.display_name || "anonymous";
const email = me.toString();
const showLogin = me.isAnonymous();
const showLogout = !me.isAnonymous();
const c = await render("basic/home", {
name,
email,
showLogin,
showLogout,

285
express/database.spec.ts
View File

@@ -1,285 +0,0 @@
// Tests for database.ts
// Requires test PostgreSQL: docker compose -f docker-compose.test.yml up -d
import assert from "node:assert/strict";
import { after, before, beforeEach, describe, it } from "node:test";
import {
connectionConfig,
db,
migrate,
migrationStatus,
PostgresAuthStore,
pool,
raw,
rawPool,
} from "./database";
import type { UserId } from "./user";
describe("database", () => {
before(async () => {
// Run migrations to set up schema
await migrate();
});
after(async () => {
await pool.end();
});
describe("connectionConfig", () => {
it("has required fields", () => {
assert.ok("host" in connectionConfig);
assert.ok("port" in connectionConfig);
assert.ok("user" in connectionConfig);
assert.ok("password" in connectionConfig);
assert.ok("database" in connectionConfig);
});
it("port is a number", () => {
assert.equal(typeof connectionConfig.port, "number");
});
});
describe("raw", () => {
it("executes raw SQL queries", async () => {
const result = await raw<{ one: number }>("SELECT 1 as one");
assert.equal(result.length, 1);
assert.equal(result[0].one, 1);
});
it("supports parameterized queries", async () => {
const result = await raw<{ sum: number }>(
"SELECT $1::int + $2::int as sum",
[2, 3],
);
assert.equal(result[0].sum, 5);
});
});
describe("db (Kysely instance)", () => {
it("can execute SELECT queries", async () => {
const result = await db
.selectFrom("users")
.select("id")
.limit(1)
.execute();
// May be empty, just verify it runs
assert.ok(Array.isArray(result));
});
});
describe("rawPool", () => {
it("is a pg Pool instance", () => {
assert.ok(rawPool.query !== undefined);
});
it("can execute queries", async () => {
const result = await rawPool.query("SELECT 1 as one");
assert.equal(result.rows[0].one, 1);
});
});
describe("migrate", () => {
it("runs without error when migrations are up to date", async () => {
// Should not throw
await migrate();
});
});
describe("migrationStatus", () => {
it("returns applied and pending arrays", async () => {
const status = await migrationStatus();
assert.ok(Array.isArray(status.applied));
assert.ok(Array.isArray(status.pending));
});
it("shows framework migrations as applied", async () => {
const status = await migrationStatus();
// At least the users migration should be applied
const hasUsersMigration = status.applied.some((m) =>
m.includes("users"),
);
assert.ok(hasUsersMigration);
});
});
describe("PostgresAuthStore", () => {
let store: PostgresAuthStore;
before(() => {
store = new PostgresAuthStore();
});
beforeEach(async () => {
// Clean up test data before each test
await rawPool.query("DELETE FROM sessions");
await rawPool.query("DELETE FROM user_credentials");
await rawPool.query("DELETE FROM user_emails");
await rawPool.query("DELETE FROM users");
});
describe("createUser", () => {
it("creates a user with pending status", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "hash123",
displayName: "Test User",
});
assert.equal(user.email, "test@example.com");
assert.equal(user.displayName, "Test User");
assert.equal(user.status, "pending");
});
it("stores the password hash", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "secrethash",
});
const hash = await store.getUserPasswordHash(user.id);
assert.equal(hash, "secrethash");
});
});
describe("getUserByEmail", () => {
it("returns user when found", async () => {
await store.createUser({
email: "find@example.com",
passwordHash: "hash",
});
const user = await store.getUserByEmail("find@example.com");
assert.notEqual(user, null);
assert.equal(user!.email, "find@example.com");
});
it("is case-insensitive", async () => {
await store.createUser({
email: "UPPER@EXAMPLE.COM",
passwordHash: "hash",
});
const user = await store.getUserByEmail("upper@example.com");
assert.notEqual(user, null);
});
it("returns null when not found", async () => {
const user = await store.getUserByEmail("notfound@example.com");
assert.equal(user, null);
});
});
describe("getUserById", () => {
it("returns user when found", async () => {
const created = await store.createUser({
email: "test@example.com",
passwordHash: "hash",
});
const user = await store.getUserById(created.id);
assert.notEqual(user, null);
assert.equal(user!.id, created.id);
});
it("returns null when not found", async () => {
const user = await store.getUserById(
"00000000-0000-0000-0000-000000000000" as UserId,
);
assert.equal(user, null);
});
});
describe("setUserPassword", () => {
it("updates the password hash", async () => {
const user = await store.createUser({
email: "test@example.com",
passwordHash: "oldhash",
});
await store.setUserPassword(user.id, "newhash");
const hash = await store.getUserPasswordHash(user.id);
assert.equal(hash, "newhash");
});
});
describe("updateUserEmailVerified", () => {
it("sets user status to active", async () => {
const created = await store.createUser({
email: "test@example.com",
passwordHash: "hash",
});
assert.equal(created.status, "pending");
await store.updateUserEmailVerified(created.id);
const user = await store.getUserById(created.id);
assert.equal(user!.status, "active");
});
});
describe("session operations", () => {
let userId: UserId;
beforeEach(async () => {
const user = await store.createUser({
email: "session@example.com",
passwordHash: "hash",
});
userId = user.id;
});
it("creates and retrieves sessions", async () => {
const { token, session } = await store.createSession({
userId,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
assert.ok(token.length > 0);
assert.equal(session.userId, userId);
assert.equal(session.tokenType, "session");
});
it("deletes sessions", async () => {
const { session } = await store.createSession({
userId,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
await store.deleteSession(session.tokenId as any);
// Session should be soft-deleted (revoked)
const retrieved = await store.getSession(
session.tokenId as any,
);
assert.equal(retrieved, null);
});
it("deletes all user sessions", async () => {
await store.createSession({
userId,
tokenType: "session",
authMethod: "cookie",
expiresAt: new Date(Date.now() + 3600000),
});
await store.createSession({
userId,
tokenType: "session",
authMethod: "bearer",
expiresAt: new Date(Date.now() + 3600000),
});
const count = await store.deleteUserSessions(userId);
assert.equal(count, 2);
});
});
});
});

12
express/database.ts
View File

@@ -21,13 +21,13 @@ import type { SessionData, TokenId } from "./auth/types";
import type { Domain } from "./types";
import { AuthenticatedUser, type User, type UserId } from "./user";
// Connection configuration (supports environment variable overrides)
// Connection configuration
const connectionConfig = {
host: process.env.DB_HOST ?? "localhost",
port: Number(process.env.DB_PORT ?? 5432),
user: process.env.DB_USER ?? "diachron",
password: process.env.DB_PASSWORD ?? "diachron",
database: process.env.DB_NAME ?? "diachron",
host: "localhost",
port: 5432,
user: "diachron",
password: "diachron",
database: "diachron",
};
// Database schema types for Kysely

29
express/framework/hydrators/hydrator.ts
View File

@@ -1,29 +0,0 @@
import { Kysely, PostgresDialect } from "kysely";
import { Pool } from "pg";
import { connectionConfig } from "../../database";
import type { DB } from "../../generated/db";
const db = new Kysely<DB>({
dialect: new PostgresDialect({
pool: new Pool(connectionConfig),
}),
log(event) {
if (event.level === "query") {
// FIXME: Wire this up to the logging system
console.log("SQL:", event.query.sql);
console.log("Params:", event.query.parameters);
}
},
});
abstract class Hydrator<T> {
public db: Kysely<DB>;
protected abstract table: string;
constructor() {
this.db = db;
}
}
export { Hydrator, db };

44
express/framework/hydrators/tests/setup.ts
View File

@@ -1,44 +0,0 @@
// Test setup for hydrator tests
// Run: DB_PORT=5433 DB_USER=diachron_test DB_PASSWORD=diachron_test DB_NAME=diachron_test npx tsx --test tests/*.test.ts
import { Pool } from "pg";
import { connectionConfig, migrate } from "../../../database";
const pool = new Pool(connectionConfig);
export async function setupTestDatabase(): Promise<void> {
await migrate();
}
export async function cleanupTables(): Promise<void> {
// Clean in reverse dependency order
await pool.query("DELETE FROM user_emails");
await pool.query("DELETE FROM users");
}
export async function teardownTestDatabase(): Promise<void> {
await pool.end();
}
export async function insertTestUser(data: {
id: string;
displayName: string;
status: string;
email: string;
}): Promise<void> {
const emailId = crypto.randomUUID();
const normalizedEmail = data.email.toLowerCase().trim();
await pool.query(
`INSERT INTO users (id, display_name, status) VALUES ($1, $2, $3)`,
[data.id, data.displayName, data.status],
);
await pool.query(
`INSERT INTO user_emails (id, user_id, email, normalized_email, is_primary)
VALUES ($1, $2, $3, $4, true)`,
[emailId, data.id, data.email, normalizedEmail],
);
}
export { pool };

98
express/framework/hydrators/tests/user.spec.ts
View File

@@ -1,98 +0,0 @@
// Tests for user hydrator
// Run with: cd express && DB_PORT=5433 DB_USER=diachron_test DB_PASSWORD=diachron_test DB_NAME=diachron_test ../cmd npx tsx --test framework/hydrators/tests/user.test.ts
import assert from "node:assert/strict";
import { after, before, beforeEach, describe, it } from "node:test";
import { get } from "../user";
import {
cleanupTables,
insertTestUser,
setupTestDatabase,
teardownTestDatabase,
} from "./setup";
describe("user hydrator", () => {
before(async () => {
await setupTestDatabase();
});
after(async () => {
await teardownTestDatabase();
});
beforeEach(async () => {
await cleanupTables();
});
describe("get", () => {
it("returns null for non-existent user", async () => {
const result = await get("00000000-0000-0000-0000-000000000000");
assert.equal(result, null);
});
it("returns user when found", async () => {
const userId = "cfae0a19-6515-4813-bc2d-1e032b72b203";
await insertTestUser({
id: userId,
displayName: "Test User",
status: "active",
email: "test@example.com",
});
const result = await get(userId);
assert.notEqual(result, null);
assert.equal(result!.id, userId);
assert.equal(result!.display_name, "Test User");
assert.equal(result!.status, "active");
assert.equal(result!.email, "test@example.com");
});
it("validates user data with zod parser", async () => {
const userId = crypto.randomUUID();
await insertTestUser({
id: userId,
displayName: "Valid User",
status: "active",
email: "valid@example.com",
});
const result = await get(userId);
// If we get here without throwing, parsing succeeded
assert.notEqual(result, null);
assert.equal(typeof result!.id, "string");
assert.equal(typeof result!.email, "string");
});
it("returns user with pending status", async () => {
const userId = crypto.randomUUID();
await insertTestUser({
id: userId,
displayName: "Pending User",
status: "pending",
email: "pending@example.com",
});
const result = await get(userId);
assert.notEqual(result, null);
assert.equal(result!.status, "pending");
});
it("returns user with suspended status", async () => {
const userId = crypto.randomUUID();
await insertTestUser({
id: userId,
displayName: "Suspended User",
status: "suspended",
email: "suspended@example.com",
});
const result = await get(userId);
assert.notEqual(result, null);
assert.equal(result!.status, "suspended");
});
});
});

71
express/handlers.spec.ts
View File

@@ -1,71 +0,0 @@
// Tests for handlers.ts
// These tests use mock Call objects
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import type { Request as ExpressRequest } from "express";
import { Session } from "./auth/types";
import { contentTypes } from "./content-types";
import { multiHandler } from "./handlers";
import { httpCodes } from "./http-codes";
import type { Call } from "./types";
import { anonymousUser } from "./user";
// Helper to create a minimal mock Call
function createMockCall(overrides: Partial<Call> = {}): Call {
const defaultSession = new Session(null, anonymousUser);
return {
pattern: "/test",
path: "/test",
method: "GET",
parameters: {},
request: {} as ExpressRequest,
user: anonymousUser,
session: defaultSession,
...overrides,
};
}
describe("handlers", () => {
describe("multiHandler", () => {
it("returns OK status", async () => {
const call = createMockCall({ method: "GET" });
const result = await multiHandler(call);
assert.equal(result.code, httpCodes.success.OK);
});
it("returns text/plain content type", async () => {
const call = createMockCall();
const result = await multiHandler(call);
assert.equal(result.contentType, contentTypes.text.plain);
});
it("includes method in result", async () => {
const call = createMockCall({ method: "POST" });
const result = await multiHandler(call);
assert.ok(result.result.includes("POST"));
});
it("includes a random number in result", async () => {
const call = createMockCall();
const result = await multiHandler(call);
// Result format: "that was GET (0.123456789)"
assert.match(result.result, /that was \w+ \(\d+\.?\d*\)/);
});
it("works with different HTTP methods", async () => {
const methods = ["GET", "POST", "PUT", "PATCH", "DELETE"] as const;
for (const method of methods) {
const call = createMockCall({ method });
const result = await multiHandler(call);
assert.ok(result.result.includes(method));
}
});
});
});

53
express/logging.spec.ts
View File

@@ -1,53 +0,0 @@
// Tests for logging.ts
// Note: These tests verify the module structure and types.
// Full integration tests would require a running logging service.
import assert from "node:assert/strict";
import { describe, it } from "node:test";
// We can't easily test log() and getLogs() without mocking fetch,
// but we can verify the module exports correctly and types work.
describe("logging", () => {
describe("module structure", () => {
it("exports log function", async () => {
const { log } = await import("./logging");
assert.equal(typeof log, "function");
});
it("exports getLogs function", async () => {
const { getLogs } = await import("./logging");
assert.equal(typeof getLogs, "function");
});
});
describe("Message type", () => {
// Type-level tests - if these compile, the types are correct
it("accepts valid message sources", () => {
type MessageSource = "logging" | "diagnostic" | "user";
const sources: MessageSource[] = ["logging", "diagnostic", "user"];
assert.equal(sources.length, 3);
});
});
describe("FilterArgument type", () => {
// Type-level tests
it("accepts valid filter options", () => {
type FilterArgument = {
limit?: number;
before?: number;
after?: number;
match?: (string | RegExp)[];
};
const filter: FilterArgument = {
limit: 10,
before: Date.now(),
after: Date.now() - 3600000,
match: ["error", /warning/i],
};
assert.ok(filter.limit === 10);
});
});
});

10
express/package.json
View File

@@ -4,10 +4,8 @@
"description": "",
"main": "index.js",
"scripts": {
"test": "DB_PORT=5433 DB_USER=diachron_test DB_PASSWORD=diachron_test DB_NAME=diachron_test tsx --test '**/*.{test,spec}.ts'",
"test:watch": "DB_PORT=5433 DB_USER=diachron_test DB_PASSWORD=diachron_test DB_NAME=diachron_test tsx --test --watch '**/*.{test,spec}.ts'",
"nodemon": "nodemon dist/index.js",
"kysely-codegen": "kysely-codegen"
"test": "echo \"Error: no test specified\" && exit 1",
"nodemon": "nodemon dist/index.js"
},
"keywords": [],
"author": "",
@@ -26,14 +24,12 @@
"ts-luxon": "^6.2.0",
"ts-node": "^10.9.2",
"tsx": "^4.20.6",
"typeid-js": "^1.2.0",
"typescript": "^5.9.3",
"zod": "^4.1.12"
},
"devDependencies": {
"@biomejs/biome": "2.3.10",
"@types/express": "^5.0.5",
"@types/pg": "^8.16.0",
"kysely-codegen": "^0.19.0"
"@types/pg": "^8.16.0"
}
}

434
express/pnpm-lock.yaml generated
View File

@@ -44,9 +44,6 @@ importers:
tsx:
specifier: ^4.20.6
version: 4.20.6
typeid-js:
specifier: ^1.2.0
version: 1.2.0
typescript:
specifier: ^5.9.3
version: 5.9.3
@@ -63,20 +60,9 @@ importers:
'@types/pg':
specifier: ^8.16.0
version: 8.16.0
kysely-codegen:
specifier: ^0.19.0
version: 0.19.0(kysely@0.28.9)(pg@8.16.3)(typescript@5.9.3)
packages:
'@babel/code-frame@7.28.6':
resolution: {integrity: sha512-JYgintcMjRiCvS8mMECzaEn+m3PfoQiyqukOMCCVQtoJGYJw8j/8LBJEiqkHLkfwCcs74E3pbAUFNg7d9VNJ+Q==}
engines: {node: '>=6.9.0'}
'@babel/helper-validator-identifier@7.28.5':
resolution: {integrity: sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==}
engines: {node: '>=6.9.0'}
'@biomejs/biome@2.3.10':
resolution: {integrity: sha512-/uWSUd1MHX2fjqNLHNL6zLYWBbrJeG412/8H7ESuK8ewoRoMPUgHDebqKrPTx/5n6f17Xzqc9hdg3MEqA5hXnQ==}
engines: {node: '>=14.21.3'}
@@ -374,14 +360,6 @@ packages:
engines: {node: '>=0.4.0'}
hasBin: true
ansi-styles@3.2.1:
resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==}
engines: {node: '>=4'}
ansi-styles@4.3.0:
resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==}
engines: {node: '>=8'}
anymatch@3.1.3:
resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==}
engines: {node: '>= 8'}
@@ -389,9 +367,6 @@ packages:
arg@4.1.3:
resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==}
argparse@2.0.1:
resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==}
asap@2.0.6:
resolution: {integrity: sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==}
@@ -425,35 +400,10 @@ packages:
resolution: {integrity: sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==}
engines: {node: '>= 0.4'}
callsites@3.1.0:
resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==}
engines: {node: '>=6'}
chalk@2.4.2:
resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==}
engines: {node: '>=4'}
chalk@4.1.2:
resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==}
engines: {node: '>=10'}
chokidar@3.6.0:
resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==}
engines: {node: '>= 8.10.0'}
color-convert@1.9.3:
resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==}
color-convert@2.0.1:
resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==}
engines: {node: '>=7.0.0'}
color-name@1.1.3:
resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==}
color-name@1.1.4:
resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==}
commander@5.1.0:
resolution: {integrity: sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==}
engines: {node: '>= 6'}
@@ -477,15 +427,6 @@ packages:
resolution: {integrity: sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==}
engines: {node: '>= 0.6'}
cosmiconfig@9.0.0:
resolution: {integrity: sha512-itvL5h8RETACmOTFc4UfIyB2RfEHi71Ax6E/PivVxq9NseKbOWpeyHEOIbmAw1rs8Ak0VursQNww7lf7YtUwzg==}
engines: {node: '>=14'}
peerDependencies:
typescript: '>=4.9.5'
peerDependenciesMeta:
typescript:
optional: true
create-require@1.1.1:
resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==}
@@ -502,26 +443,10 @@ packages:
resolution: {integrity: sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==}
engines: {node: '>= 0.8'}
diff@3.5.0:
resolution: {integrity: sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==}
engines: {node: '>=0.3.1'}
diff@4.0.2:
resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==}
engines: {node: '>=0.3.1'}
dotenv-expand@12.0.3:
resolution: {integrity: sha512-uc47g4b+4k/M/SeaW1y4OApx+mtLWl92l5LMPP0GNXctZqELk+YGgOPIIC5elYmUH4OuoK3JLhuRUYegeySiFA==}
engines: {node: '>=12'}
dotenv@16.6.1:
resolution: {integrity: sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==}
engines: {node: '>=12'}
dotenv@17.2.3:
resolution: {integrity: sha512-JVUnt+DUIzu87TABbhPmNfVdBDt18BLOWjMUFJMSi/Qqg7NTYtabbvSNJGOJ7afbRuv9D/lngizHtP7QyLQ+9w==}
engines: {node: '>=12'}
dunder-proto@1.0.1:
resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==}
engines: {node: '>= 0.4'}
@@ -533,13 +458,6 @@ packages:
resolution: {integrity: sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==}
engines: {node: '>= 0.8'}
env-paths@2.2.1:
resolution: {integrity: sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A==}
engines: {node: '>=6'}
error-ex@1.3.4:
resolution: {integrity: sha512-sqQamAnR14VgCr1A618A3sGrygcpK+HEbenA/HiEAkkUwcZIIB/tgWqHFxWgOyDh4nB4JCRimh79dR5Ywc9MDQ==}
es-define-property@1.0.1:
resolution: {integrity: sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==}
engines: {node: '>= 0.4'}
@@ -560,10 +478,6 @@ packages:
escape-html@1.0.3:
resolution: {integrity: sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==}
escape-string-regexp@1.0.5:
resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==}
engines: {node: '>=0.8.0'}
etag@1.8.1:
resolution: {integrity: sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==}
engines: {node: '>= 0.6'}
@@ -588,9 +502,6 @@ packages:
resolution: {integrity: sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A==}
engines: {node: '>= 0.8'}
fs.realpath@1.0.0:
resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==}
fsevents@2.3.3:
resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==}
engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0}
@@ -610,18 +521,10 @@ packages:
get-tsconfig@4.13.0:
resolution: {integrity: sha512-1VKTZJCwBrvbd+Wn3AOgQP/2Av+TfTCOlE4AcRJE72W1ksZXbAx8PPBR9RzgTeSPzlPMHrbANMH3LbltH73wxQ==}
git-diff@2.0.6:
resolution: {integrity: sha512-/Iu4prUrydE3Pb3lCBMbcSNIf81tgGt0W1ZwknnyF62t3tHmtiJTRj0f+1ZIhp3+Rh0ktz1pJVoa7ZXUCskivA==}
engines: {node: '>= 4.8.0'}
glob-parent@5.1.2:
resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==}
engines: {node: '>= 6'}
glob@7.2.3:
resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
deprecated: Glob versions prior to v9 are no longer supported
gopd@1.2.0:
resolution: {integrity: sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==}
engines: {node: '>= 0.4'}
@@ -630,10 +533,6 @@ packages:
resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==}
engines: {node: '>=4'}
has-flag@4.0.0:
resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==}
engines: {node: '>=8'}
has-symbols@1.1.0:
resolution: {integrity: sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==}
engines: {node: '>= 0.4'}
@@ -657,36 +556,17 @@ packages:
ignore-by-default@1.0.1:
resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==}
import-fresh@3.3.1:
resolution: {integrity: sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==}
engines: {node: '>=6'}
inflight@1.0.6:
resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==}
deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
inherits@2.0.4:
resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==}
interpret@1.4.0:
resolution: {integrity: sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==}
engines: {node: '>= 0.10'}
ipaddr.js@1.9.1:
resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==}
engines: {node: '>= 0.10'}
is-arrayish@0.2.1:
resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==}
is-binary-path@2.1.0:
resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==}
engines: {node: '>=8'}
is-core-module@2.16.1:
resolution: {integrity: sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w==}
engines: {node: '>= 0.4'}
is-extglob@2.1.1:
resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==}
engines: {node: '>=0.10.0'}
@@ -702,62 +582,10 @@ packages:
is-promise@4.0.0:
resolution: {integrity: sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==}
js-tokens@4.0.0:
resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
js-yaml@4.1.1:
resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==}
hasBin: true
json-parse-even-better-errors@2.3.1:
resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==}
kysely-codegen@0.19.0:
resolution: {integrity: sha512-ZpdQQnpfY0kh45CA6yPA9vdFsBE+b06Fx7QVcbL5rX//yjbA0yYGZGhnH7GTd4P4BY/HIv5uAfuOD83JVZf95w==}
engines: {node: '>=20.0.0'}
hasBin: true
peerDependencies:
'@libsql/kysely-libsql': '>=0.3.0 <0.5.0'
'@tediousjs/connection-string': '>=0.5.0 <0.6.0'
better-sqlite3: '>=7.6.2 <13.0.0'
kysely: '>=0.27.0 <1.0.0'
kysely-bun-sqlite: '>=0.3.2 <1.0.0'
kysely-bun-worker: '>=1.2.0 <2.0.0'
mysql2: '>=2.3.3 <4.0.0'
pg: '>=8.8.0 <9.0.0'
tarn: '>=3.0.0 <4.0.0'
tedious: '>=18.0.0 <20.0.0'
peerDependenciesMeta:
'@libsql/kysely-libsql':
optional: true
'@tediousjs/connection-string':
optional: true
better-sqlite3:
optional: true
kysely-bun-sqlite:
optional: true
kysely-bun-worker:
optional: true
mysql2:
optional: true
pg:
optional: true
tarn:
optional: true
tedious:
optional: true
kysely@0.28.9:
resolution: {integrity: sha512-3BeXMoiOhpOwu62CiVpO6lxfq4eS6KMYfQdMsN/2kUCRNuF2YiEr7u0HLHaQU+O4Xu8YXE3bHVkwaQ85i72EuA==}
engines: {node: '>=20.0.0'}
lines-and-columns@1.2.4:
resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==}
loglevel@1.9.2:
resolution: {integrity: sha512-HgMmCqIJSAKqo68l0rS2AanEWfkxaZ5wNiEFb5ggm08lDs9Xl2KxBlX3PTcaD2chBM1gXAYf491/M2Rv8Jwayg==}
engines: {node: '>= 0.6.0'}
make-error@1.3.6:
resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==}
@@ -773,10 +601,6 @@ packages:
resolution: {integrity: sha512-Snk314V5ayFLhp3fkUREub6WtjBfPdCPY1Ln8/8munuLuiYhsABgBVWsozAG+MWMbVEvcdcpbi9R7ww22l9Q3g==}
engines: {node: '>=18'}
micromatch@4.0.8:
resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==}
engines: {node: '>=8.6'}
mime-db@1.54.0:
resolution: {integrity: sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==}
engines: {node: '>= 0.6'}
@@ -788,9 +612,6 @@ packages:
minimatch@3.1.2:
resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==}
minimist@1.2.8:
resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==}
ms@2.1.3:
resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==}
@@ -828,25 +649,10 @@ packages:
once@1.4.0:
resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==}
parent-module@1.0.1:
resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==}
engines: {node: '>=6'}
parse-json@5.2.0:
resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==}
engines: {node: '>=8'}
parseurl@1.3.3:
resolution: {integrity: sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==}
engines: {node: '>= 0.8'}
path-is-absolute@1.0.1:
resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==}
engines: {node: '>=0.10.0'}
path-parse@1.0.7:
resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==}
path-to-regexp@8.3.0:
resolution: {integrity: sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==}
@@ -884,17 +690,10 @@ packages:
pgpass@1.0.5:
resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==}
picocolors@1.1.1:
resolution: {integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==}
picomatch@2.3.1:
resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==}
engines: {node: '>=8.6'}
pluralize@8.0.0:
resolution: {integrity: sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA==}
engines: {node: '>=4'}
postgres-array@2.0.0:
resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==}
engines: {node: '>=4'}
@@ -934,22 +733,9 @@ packages:
resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==}
engines: {node: '>=8.10.0'}
rechoir@0.6.2:
resolution: {integrity: sha512-HFM8rkZ+i3zrV+4LQjwQ0W+ez98pApMGM3HUrN04j3CqzPOzl9nmP15Y8YXNm8QHGv/eacOVEjqhmWpkRV0NAw==}
engines: {node: '>= 0.10'}
resolve-from@4.0.0:
resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==}
engines: {node: '>=4'}
resolve-pkg-maps@1.0.0:
resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==}
resolve@1.22.11:
resolution: {integrity: sha512-RfqAvLnMl313r7c9oclB1HhUEAezcpLjz95wFH4LVuhk9JF/r22qmVP9AMmOU4vMX7Q8pN8jwNg/CSpdFnMjTQ==}
engines: {node: '>= 0.4'}
hasBin: true
router@2.2.0:
resolution: {integrity: sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ==}
engines: {node: '>= 18'}
@@ -976,15 +762,6 @@ packages:
setprototypeof@1.2.0:
resolution: {integrity: sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==}
shelljs.exec@1.1.8:
resolution: {integrity: sha512-vFILCw+lzUtiwBAHV8/Ex8JsFjelFMdhONIsgKNLgTzeRckp2AOYRQtHJE/9LhNvdMmE27AGtzWx0+DHpwIwSw==}
engines: {node: '>= 4.0.0'}
shelljs@0.8.5:
resolution: {integrity: sha512-TiwcRcrkhHvbrZbnRcFYMLl30Dfov3HKqzp5tO5b4pt6G/SezKcYhmDg15zXVBswHmctSAQKznqNW2LO5tTDow==}
engines: {node: '>=4'}
hasBin: true
side-channel-list@1.0.0:
resolution: {integrity: sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==}
engines: {node: '>= 0.4'}
@@ -1021,14 +798,6 @@ packages:
resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==}
engines: {node: '>=4'}
supports-color@7.2.0:
resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==}
engines: {node: '>=8'}
supports-preserve-symlinks-flag@1.0.0:
resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==}
engines: {node: '>= 0.4'}
to-regex-range@5.0.1:
resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==}
engines: {node: '>=8.0'}
@@ -1068,9 +837,6 @@ packages:
resolution: {integrity: sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==}
engines: {node: '>= 0.6'}
typeid-js@1.2.0:
resolution: {integrity: sha512-t76ZucAnvGC60ea/HjVsB0TSoB0cw9yjnfurUgtInXQWUI/VcrlZGpO23KN3iSe8yOGUgb1zr7W7uEzJ3hSljA==}
typescript@5.9.3:
resolution: {integrity: sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==}
engines: {node: '>=14.17'}
@@ -1086,10 +852,6 @@ packages:
resolution: {integrity: sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==}
engines: {node: '>= 0.8'}
uuid@10.0.0:
resolution: {integrity: sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==}
hasBin: true
v8-compile-cache-lib@3.0.1:
resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==}
@@ -1113,14 +875,6 @@ packages:
snapshots:
'@babel/code-frame@7.28.6':
dependencies:
'@babel/helper-validator-identifier': 7.28.5
js-tokens: 4.0.0
picocolors: 1.1.1
'@babel/helper-validator-identifier@7.28.5': {}
'@biomejs/biome@2.3.10':
optionalDependencies:
'@biomejs/cli-darwin-arm64': 2.3.10
@@ -1327,14 +1081,6 @@ snapshots:
acorn@8.15.0: {}
ansi-styles@3.2.1:
dependencies:
color-convert: 1.9.3
ansi-styles@4.3.0:
dependencies:
color-convert: 2.0.1
anymatch@3.1.3:
dependencies:
normalize-path: 3.0.0
@@ -1342,8 +1088,6 @@ snapshots:
arg@4.1.3: {}
argparse@2.0.1: {}
asap@2.0.6: {}
balanced-match@1.0.2: {}
@@ -1385,19 +1129,6 @@ snapshots:
call-bind-apply-helpers: 1.0.2
get-intrinsic: 1.3.0
callsites@3.1.0: {}
chalk@2.4.2:
dependencies:
ansi-styles: 3.2.1
escape-string-regexp: 1.0.5
supports-color: 5.5.0
chalk@4.1.2:
dependencies:
ansi-styles: 4.3.0
supports-color: 7.2.0
chokidar@3.6.0:
dependencies:
anymatch: 3.1.3
@@ -1410,18 +1141,6 @@ snapshots:
optionalDependencies:
fsevents: 2.3.3
color-convert@1.9.3:
dependencies:
color-name: 1.1.3
color-convert@2.0.1:
dependencies:
color-name: 1.1.4
color-name@1.1.3: {}
color-name@1.1.4: {}
commander@5.1.0: {}
concat-map@0.0.1: {}
@@ -1436,15 +1155,6 @@ snapshots:
cookie@0.7.2: {}
cosmiconfig@9.0.0(typescript@5.9.3):
dependencies:
env-paths: 2.2.1
import-fresh: 3.3.1
js-yaml: 4.1.1
parse-json: 5.2.0
optionalDependencies:
typescript: 5.9.3
create-require@1.1.1: {}
debug@4.4.3(supports-color@5.5.0):
@@ -1455,18 +1165,8 @@ snapshots:
depd@2.0.0: {}
diff@3.5.0: {}
diff@4.0.2: {}
dotenv-expand@12.0.3:
dependencies:
dotenv: 16.6.1
dotenv@16.6.1: {}
dotenv@17.2.3: {}
dunder-proto@1.0.1:
dependencies:
call-bind-apply-helpers: 1.0.2
@@ -1477,12 +1177,6 @@ snapshots:
encodeurl@2.0.0: {}
env-paths@2.2.1: {}
error-ex@1.3.4:
dependencies:
is-arrayish: 0.2.1
es-define-property@1.0.1: {}
es-errors@1.3.0: {}
@@ -1522,8 +1216,6 @@ snapshots:
escape-html@1.0.3: {}
escape-string-regexp@1.0.5: {}
etag@1.8.1: {}
express@5.1.0:
@@ -1577,8 +1269,6 @@ snapshots:
fresh@2.0.0: {}
fs.realpath@1.0.0: {}
fsevents@2.3.3:
optional: true
@@ -1606,33 +1296,14 @@ snapshots:
dependencies:
resolve-pkg-maps: 1.0.0
git-diff@2.0.6:
dependencies:
chalk: 2.4.2
diff: 3.5.0
loglevel: 1.9.2
shelljs: 0.8.5
shelljs.exec: 1.1.8
glob-parent@5.1.2:
dependencies:
is-glob: 4.0.3
glob@7.2.3:
dependencies:
fs.realpath: 1.0.0
inflight: 1.0.6
inherits: 2.0.4
minimatch: 3.1.2
once: 1.4.0
path-is-absolute: 1.0.1
gopd@1.2.0: {}
has-flag@3.0.0: {}
has-flag@4.0.0: {}
has-symbols@1.1.0: {}
hasown@2.0.2:
@@ -1657,32 +1328,14 @@ snapshots:
ignore-by-default@1.0.1: {}
import-fresh@3.3.1:
dependencies:
parent-module: 1.0.1
resolve-from: 4.0.0
inflight@1.0.6:
dependencies:
once: 1.4.0
wrappy: 1.0.2
inherits@2.0.4: {}
interpret@1.4.0: {}
ipaddr.js@1.9.1: {}
is-arrayish@0.2.1: {}
is-binary-path@2.1.0:
dependencies:
binary-extensions: 2.3.0
is-core-module@2.16.1:
dependencies:
hasown: 2.0.2
is-extglob@2.1.1: {}
is-glob@4.0.3:
@@ -1693,37 +1346,8 @@ snapshots:
is-promise@4.0.0: {}
js-tokens@4.0.0: {}
js-yaml@4.1.1:
dependencies:
argparse: 2.0.1
json-parse-even-better-errors@2.3.1: {}
kysely-codegen@0.19.0(kysely@0.28.9)(pg@8.16.3)(typescript@5.9.3):
dependencies:
chalk: 4.1.2
cosmiconfig: 9.0.0(typescript@5.9.3)
dotenv: 17.2.3
dotenv-expand: 12.0.3
git-diff: 2.0.6
kysely: 0.28.9
micromatch: 4.0.8
minimist: 1.2.8
pluralize: 8.0.0
zod: 4.1.12
optionalDependencies:
pg: 8.16.3
transitivePeerDependencies:
- typescript
kysely@0.28.9: {}
lines-and-columns@1.2.4: {}
loglevel@1.9.2: {}
make-error@1.3.6: {}
math-intrinsics@1.1.0: {}
@@ -1732,11 +1356,6 @@ snapshots:
merge-descriptors@2.0.0: {}
micromatch@4.0.8:
dependencies:
braces: 3.0.3
picomatch: 2.3.1
mime-db@1.54.0: {}
mime-types@3.0.1:
@@ -1747,8 +1366,6 @@ snapshots:
dependencies:
brace-expansion: 1.1.12
minimist@1.2.8: {}
ms@2.1.3: {}
negotiator@1.0.0: {}
@@ -1786,23 +1403,8 @@ snapshots:
dependencies:
wrappy: 1.0.2
parent-module@1.0.1:
dependencies:
callsites: 3.1.0
parse-json@5.2.0:
dependencies:
'@babel/code-frame': 7.28.6
error-ex: 1.3.4
json-parse-even-better-errors: 2.3.1
lines-and-columns: 1.2.4
parseurl@1.3.3: {}
path-is-absolute@1.0.1: {}
path-parse@1.0.7: {}
path-to-regexp@8.3.0: {}
pg-cloudflare@1.2.7:
@@ -1840,12 +1442,8 @@ snapshots:
dependencies:
split2: 4.2.0
picocolors@1.1.1: {}
picomatch@2.3.1: {}
pluralize@8.0.0: {}
postgres-array@2.0.0: {}
postgres-bytea@1.0.1: {}
@@ -1880,20 +1478,8 @@ snapshots:
dependencies:
picomatch: 2.3.1
rechoir@0.6.2:
dependencies:
resolve: 1.22.11
resolve-from@4.0.0: {}
resolve-pkg-maps@1.0.0: {}
resolve@1.22.11:
dependencies:
is-core-module: 2.16.1
path-parse: 1.0.7
supports-preserve-symlinks-flag: 1.0.0
router@2.2.0:
dependencies:
debug: 4.4.3(supports-color@5.5.0)
@@ -1937,14 +1523,6 @@ snapshots:
setprototypeof@1.2.0: {}
shelljs.exec@1.1.8: {}
shelljs@0.8.5:
dependencies:
glob: 7.2.3
interpret: 1.4.0
rechoir: 0.6.2
side-channel-list@1.0.0:
dependencies:
es-errors: 1.3.0
@@ -1987,12 +1565,6 @@ snapshots:
dependencies:
has-flag: 3.0.0
supports-color@7.2.0:
dependencies:
has-flag: 4.0.0
supports-preserve-symlinks-flag@1.0.0: {}
to-regex-range@5.0.1:
dependencies:
is-number: 7.0.0
@@ -2034,10 +1606,6 @@ snapshots:
media-typer: 1.1.0
mime-types: 3.0.1
typeid-js@1.2.0:
dependencies:
uuid: 10.0.0
typescript@5.9.3: {}
undefsafe@2.0.5: {}
@@ -2046,8 +1614,6 @@ snapshots:
unpipe@1.0.0: {}
uuid@10.0.0: {}
v8-compile-cache-lib@3.0.1: {}
vary@1.1.2: {}

179
express/types.spec.ts
View File

@@ -1,179 +0,0 @@
// Tests for types.ts
// Pure unit tests
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import type { Request as ExpressRequest } from "express";
import { Session } from "./auth/types";
import { contentTypes } from "./content-types";
import { httpCodes } from "./http-codes";
import {
AuthenticationRequired,
AuthorizationDenied,
type Call,
isRedirect,
massageMethod,
methodParser,
type Permission,
type RedirectResult,
type Result,
requireAuth,
requirePermission,
} from "./types";
import { AuthenticatedUser, anonymousUser } from "./user";
// Helper to create a minimal mock Call
function createMockCall(overrides: Partial<Call> = {}): Call {
const defaultSession = new Session(null, anonymousUser);
return {
pattern: "/test",
path: "/test",
method: "GET",
parameters: {},
request: {} as ExpressRequest,
user: anonymousUser,
session: defaultSession,
...overrides,
};
}
describe("types", () => {
describe("methodParser", () => {
it("accepts valid HTTP methods", () => {
assert.equal(methodParser.parse("GET"), "GET");
assert.equal(methodParser.parse("POST"), "POST");
assert.equal(methodParser.parse("PUT"), "PUT");
assert.equal(methodParser.parse("PATCH"), "PATCH");
assert.equal(methodParser.parse("DELETE"), "DELETE");
});
it("rejects invalid methods", () => {
assert.throws(() => methodParser.parse("get"));
assert.throws(() => methodParser.parse("OPTIONS"));
assert.throws(() => methodParser.parse("HEAD"));
assert.throws(() => methodParser.parse(""));
});
});
describe("massageMethod", () => {
it("converts lowercase to uppercase", () => {
assert.equal(massageMethod("get"), "GET");
assert.equal(massageMethod("post"), "POST");
assert.equal(massageMethod("put"), "PUT");
assert.equal(massageMethod("patch"), "PATCH");
assert.equal(massageMethod("delete"), "DELETE");
});
it("handles mixed case", () => {
assert.equal(massageMethod("Get"), "GET");
assert.equal(massageMethod("pOsT"), "POST");
});
it("throws for invalid methods", () => {
assert.throws(() => massageMethod("options"));
assert.throws(() => massageMethod("head"));
});
});
describe("isRedirect", () => {
it("returns true for redirect results", () => {
const result: RedirectResult = {
code: httpCodes.redirection.Found,
contentType: contentTypes.text.html,
result: "",
redirect: "/other",
};
assert.equal(isRedirect(result), true);
});
it("returns false for non-redirect results", () => {
const result: Result = {
code: httpCodes.success.OK,
contentType: contentTypes.text.html,
result: "hello",
};
assert.equal(isRedirect(result), false);
});
});
describe("AuthenticationRequired", () => {
it("has correct name and message", () => {
const err = new AuthenticationRequired();
assert.equal(err.name, "AuthenticationRequired");
assert.equal(err.message, "Authentication required");
});
it("is an instance of Error", () => {
const err = new AuthenticationRequired();
assert.ok(err instanceof Error);
});
});
describe("AuthorizationDenied", () => {
it("has correct name and message", () => {
const err = new AuthorizationDenied();
assert.equal(err.name, "AuthorizationDenied");
assert.equal(err.message, "Authorization denied");
});
it("is an instance of Error", () => {
const err = new AuthorizationDenied();
assert.ok(err instanceof Error);
});
});
describe("requireAuth", () => {
it("returns user for authenticated call", () => {
const user = AuthenticatedUser.create("test@example.com");
const session = new Session(null, user);
const call = createMockCall({ user, session });
const result = requireAuth(call);
assert.equal(result, user);
});
it("throws AuthenticationRequired for anonymous user", () => {
const call = createMockCall({ user: anonymousUser });
assert.throws(() => requireAuth(call), AuthenticationRequired);
});
});
describe("requirePermission", () => {
it("returns user when they have the permission", () => {
const user = AuthenticatedUser.create("test@example.com", {
permissions: ["posts:create" as Permission],
});
const session = new Session(null, user);
const call = createMockCall({ user, session });
const result = requirePermission(
call,
"posts:create" as Permission,
);
assert.equal(result, user);
});
it("throws AuthenticationRequired for anonymous user", () => {
const call = createMockCall({ user: anonymousUser });
assert.throws(
() => requirePermission(call, "posts:create" as Permission),
AuthenticationRequired,
);
});
it("throws AuthorizationDenied when missing permission", () => {
const user = AuthenticatedUser.create("test@example.com", {
permissions: ["posts:read" as Permission],
});
const session = new Session(null, user);
const call = createMockCall({ user, session });
assert.throws(
() => requirePermission(call, "posts:create" as Permission),
AuthorizationDenied,
);
});
});
});

213
express/user.spec.ts
View File

@@ -1,213 +0,0 @@
// Tests for user.ts
// These are pure unit tests - no database needed
import assert from "node:assert/strict";
import { describe, it } from "node:test";
import {
AnonymousUser,
AuthenticatedUser,
anonymousUser,
type Permission,
type Role,
} from "./user";
describe("User", () => {
describe("AuthenticatedUser.create", () => {
it("creates a user with default values", () => {
const user = AuthenticatedUser.create("test@example.com");
assert.equal(user.email, "test@example.com");
assert.equal(user.status, "active");
assert.equal(user.isAnonymous(), false);
assert.deepEqual([...user.roles], []);
assert.deepEqual([...user.permissions], []);
});
it("creates a user with custom values", () => {
const user = AuthenticatedUser.create("test@example.com", {
id: "custom-id",
displayName: "Test User",
status: "pending",
roles: ["admin"],
permissions: ["posts:create"],
});
assert.equal(user.id, "custom-id");
assert.equal(user.displayName, "Test User");
assert.equal(user.status, "pending");
assert.deepEqual([...user.roles], ["admin"]);
assert.deepEqual([...user.permissions], ["posts:create"]);
});
});
describe("status checks", () => {
it("isActive returns true for active users", () => {
const user = AuthenticatedUser.create("test@example.com", {
status: "active",
});
assert.equal(user.isActive(), true);
});
it("isActive returns false for suspended users", () => {
const user = AuthenticatedUser.create("test@example.com", {
status: "suspended",
});
assert.equal(user.isActive(), false);
});
it("isActive returns false for pending users", () => {
const user = AuthenticatedUser.create("test@example.com", {
status: "pending",
});
assert.equal(user.isActive(), false);
});
});
describe("role checks", () => {
it("hasRole returns true when user has the role", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["admin", "editor"],
});
assert.equal(user.hasRole("admin"), true);
assert.equal(user.hasRole("editor"), true);
});
it("hasRole returns false when user does not have the role", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["user"],
});
assert.equal(user.hasRole("admin"), false);
});
it("hasAnyRole returns true when user has at least one role", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["editor"],
});
assert.equal(user.hasAnyRole(["admin", "editor"]), true);
});
it("hasAnyRole returns false when user has none of the roles", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["user"],
});
assert.equal(user.hasAnyRole(["admin", "editor"]), false);
});
it("hasAllRoles returns true when user has all roles", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["admin", "editor", "user"],
});
assert.equal(user.hasAllRoles(["admin", "editor"]), true);
});
it("hasAllRoles returns false when user is missing a role", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["admin"],
});
assert.equal(user.hasAllRoles(["admin", "editor"]), false);
});
});
describe("permission checks", () => {
it("hasPermission returns true for direct permissions", () => {
const user = AuthenticatedUser.create("test@example.com", {
permissions: ["posts:create" as Permission],
});
assert.equal(
user.hasPermission("posts:create" as Permission),
true,
);
});
it("hasPermission returns true for role-derived permissions", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["admin" as Role],
});
// admin role has users:read, users:create, users:update, users:delete
assert.equal(user.hasPermission("users:read" as Permission), true);
assert.equal(
user.hasPermission("users:delete" as Permission),
true,
);
});
it("hasPermission returns false when permission not granted", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["user" as Role],
});
// user role only has users:read
assert.equal(
user.hasPermission("users:delete" as Permission),
false,
);
});
it("can() is a convenience method for hasPermission", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["admin" as Role],
});
assert.equal(user.can("read", "users"), true);
assert.equal(user.can("delete", "users"), true);
assert.equal(user.can("create", "posts"), false);
});
});
describe("effectivePermissions", () => {
it("returns combined direct and role-derived permissions", () => {
const user = AuthenticatedUser.create("test@example.com", {
roles: ["user" as Role],
permissions: ["posts:create" as Permission],
});
const perms = user.effectivePermissions();
assert.equal(perms.has("posts:create" as Permission), true);
assert.equal(perms.has("users:read" as Permission), true); // from user role
});
it("returns empty set for user with no roles or permissions", () => {
const user = AuthenticatedUser.create("test@example.com");
const perms = user.effectivePermissions();
assert.equal(perms.size, 0);
});
});
describe("serialization", () => {
it("toJSON returns plain object", () => {
const user = AuthenticatedUser.create("test@example.com", {
id: "test-id",
displayName: "Test",
status: "active",
roles: ["admin"],
permissions: ["posts:create"],
});
const json = user.toJSON();
assert.equal(json.id, "test-id");
assert.equal(json.email, "test@example.com");
assert.equal(json.displayName, "Test");
assert.equal(json.status, "active");
assert.deepEqual(json.roles, ["admin"]);
assert.deepEqual(json.permissions, ["posts:create"]);
});
it("toString returns readable string", () => {
const user = AuthenticatedUser.create("test@example.com", {
id: "test-id",
});
assert.equal(user.toString(), "User(id test-id)");
});
});
describe("AnonymousUser", () => {
it("isAnonymous returns true", () => {
const user = AnonymousUser.create("anon@example.com");
assert.equal(user.isAnonymous(), true);
});
it("anonymousUser singleton is anonymous", () => {
assert.equal(anonymousUser.isAnonymous(), true);
assert.equal(anonymousUser.id, "-1");
assert.equal(anonymousUser.email, "anonymous@example.com");
});
});
});

61
express/util.spec.ts
View File

@@ -1,61 +0,0 @@
// Tests for util.ts
// Pure unit tests with filesystem
import assert from "node:assert/strict";
import { mkdir, rm, writeFile } from "node:fs/promises";
import { join } from "node:path";
import { after, before, describe, it } from "node:test";
import { loadFile } from "./util";
describe("util", () => {
const testDir = join(import.meta.dirname, ".test-util-tmp");
before(async () => {
await mkdir(testDir, { recursive: true });
});
after(async () => {
await rm(testDir, { recursive: true, force: true });
});
describe("loadFile", () => {
it("loads file contents as string", async () => {
const testFile = join(testDir, "test.txt");
await writeFile(testFile, "hello world");
const content = await loadFile(testFile);
assert.equal(content, "hello world");
});
it("handles utf-8 content", async () => {
const testFile = join(testDir, "utf8.txt");
await writeFile(testFile, "hello \u{1F511} world");
const content = await loadFile(testFile);
assert.equal(content, "hello \u{1F511} world");
});
it("handles empty file", async () => {
const testFile = join(testDir, "empty.txt");
await writeFile(testFile, "");
const content = await loadFile(testFile);
assert.equal(content, "");
});
it("handles multiline content", async () => {
const testFile = join(testDir, "multiline.txt");
await writeFile(testFile, "line1\nline2\nline3");
const content = await loadFile(testFile);
assert.equal(content, "line1\nline2\nline3");
});
it("throws for nonexistent file", async () => {
await assert.rejects(
loadFile(join(testDir, "nonexistent.txt")),
/ENOENT/,
);
});
});
});

8
framework/develop.d/db-url
View File

@@ -1,8 +0,0 @@
#!/bin/bash
# This file belongs to the framework. You are not expected to modify it.
set -eu
# FIXME: don't hard code this of course
echo "postgres://diachron:diachron@localhost/diachron"

163
master/runexpress.go
View File

@@ -11,131 +11,45 @@ import (
"time"
)
// worker tracks the state of a single express worker process
type worker struct {
port int
addr string
cmd *exec.Cmd
stopping bool
mu sync.Mutex
}
func runExpress(changes <-chan FileChange, numProcesses int, basePort int, pool *WorkerPool) {
var currentWorkers []*worker
var currentProcesses []*exec.Cmd
var mu sync.Mutex
// Helper to start a worker and monitor it for crashes
startWorker := func(port int) *worker {
w := &worker{
port: port,
addr: fmt.Sprintf("127.0.0.1:%d", port),
}
// start spawns the worker process. Caller must NOT hold w.mu.
start := func() bool {
cmd := exec.Command("../express/run.sh", "--listen", w.addr)
// Helper to start an express process on a specific port
startExpress := func(port int) *exec.Cmd {
listenAddr := fmt.Sprintf("127.0.0.1:%d", port)
cmd := exec.Command("../express/run.sh", "--listen", listenAddr)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if err := cmd.Start(); err != nil {
log.Printf("[express:%d] Failed to start: %v", port, err)
return false
}
w.mu.Lock()
w.cmd = cmd
w.mu.Unlock()
log.Printf("[express:%d] Started (pid %d)", port, cmd.Process.Pid)
return true
}
if !start() {
return nil
}
// Monitor and restart on crash
go func() {
for {
w.mu.Lock()
currentCmd := w.cmd
stopping := w.stopping
w.mu.Unlock()
if stopping {
return
}
if currentCmd == nil {
time.Sleep(time.Second)
w.mu.Lock()
if w.stopping {
w.mu.Unlock()
return
}
w.mu.Unlock()
if start() {
pool.AddWorker(w.addr)
}
continue
}
err := currentCmd.Wait()
w.mu.Lock()
if w.stopping {
w.mu.Unlock()
return
}
w.cmd = nil
w.mu.Unlock()
// Worker crashed - remove from pool and restart
pool.RemoveWorker(w.addr)
log.Printf("[express:%d] Started (pid %d)", port, cmd.Process.Pid)
// Monitor the process in background
go func(p int) {
err := cmd.Wait()
if err != nil {
log.Printf("[express:%d] Process crashed: %v, restarting...", w.port, err)
log.Printf("[express:%d] Process exited: %v", p, err)
} else {
log.Printf("[express:%d] Process exited unexpectedly, restarting...", w.port)
log.Printf("[express:%d] Process exited normally", p)
}
}(port)
return cmd
}
time.Sleep(time.Second)
w.mu.Lock()
if w.stopping {
w.mu.Unlock()
return
}
w.mu.Unlock()
if start() {
pool.AddWorker(w.addr)
}
// If start failed, cmd is still nil and next iteration will retry
}
}()
return w
}
// Helper to stop a worker (for intentional shutdown)
stopWorker := func(w *worker) {
if w == nil {
return
}
w.mu.Lock()
w.stopping = true
cmd := w.cmd
w.mu.Unlock()
// Helper to stop an express process
stopExpress := func(cmd *exec.Cmd) {
if cmd == nil || cmd.Process == nil {
return
}
pid := cmd.Process.Pid
log.Printf("[express:%d] Stopping (pid %d)", w.port, pid)
log.Printf("[express] Stopping (pid %d)", pid)
cmd.Process.Signal(syscall.SIGTERM)
// Wait briefly for graceful shutdown
@@ -147,35 +61,36 @@ func runExpress(changes <-chan FileChange, numProcesses int, basePort int, pool
select {
case <-done:
log.Printf("[express:%d] Stopped gracefully (pid %d)", w.port, pid)
log.Printf("[express] Stopped gracefully (pid %d)", pid)
case <-time.After(5 * time.Second):
log.Printf("[express:%d] Force killing (pid %d)", w.port, pid)
log.Printf("[express] Force killing (pid %d)", pid)
cmd.Process.Kill()
}
}
// Helper to stop all workers
stopAllWorkers := func(workers []*worker) {
for _, w := range workers {
stopWorker(w)
// Helper to stop all express processes
stopAllExpress := func(processes []*exec.Cmd) {
for _, cmd := range processes {
stopExpress(cmd)
}
}
// Helper to start all workers and update the worker pool
startAllWorkers := func() []*worker {
workers := make([]*worker, 0, numProcesses)
// Helper to start all express processes and update the worker pool
startAllExpress := func() []*exec.Cmd {
processes := make([]*exec.Cmd, 0, numProcesses)
addresses := make([]string, 0, numProcesses)
for i := 0; i < numProcesses; i++ {
port := basePort + i
w := startWorker(port)
if w != nil {
workers = append(workers, w)
addresses = append(addresses, w.addr)
addr := fmt.Sprintf("127.0.0.1:%d", port)
cmd := startExpress(port)
if cmd != nil {
processes = append(processes, cmd)
addresses = append(addresses, addr)
}
}
// Update the worker pool with new worker addresses
pool.SetWorkers(addresses)
return workers
return processes
}
// Helper to run the build
@@ -213,7 +128,7 @@ func runExpress(changes <-chan FileChange, numProcesses int, basePort int, pool
// Initial build and start
log.Printf("[master] Initial build...")
if runBuild() {
currentWorkers = startAllWorkers()
currentProcesses = startAllExpress()
} else {
log.Printf("[master] Initial build failed")
}
@@ -228,18 +143,18 @@ func runExpress(changes <-chan FileChange, numProcesses int, basePort int, pool
debounceTimer = time.AfterFunc(debounceDelay, func() {
if !runBuild() {
log.Printf("[master] Build failed, keeping current workers")
log.Printf("[master] Build failed, keeping current processes")
return
}
mu.Lock()
defer mu.Unlock()
// Stop all old workers (this sets stopping=true to prevent auto-restart)
stopAllWorkers(currentWorkers)
// Stop all old processes
stopAllExpress(currentProcesses)
// Start all new workers
currentWorkers = startAllWorkers()
// Start all new processes
currentProcesses = startAllExpress()
})
}
}

63
master/workerpool.go
View File

@@ -46,32 +46,12 @@ func (p *WorkerPool) SetWorkers(addrs []string) {
}
// Acquire blocks until a worker is available and returns its address.
// Validates that the worker is still in the current set before returning.
func (p *WorkerPool) Acquire() (string, bool) {
for {
addr, ok := <-p.available
if !ok {
return "", false
}
// Validate worker is still in current set (might have crashed)
p.mu.Lock()
valid := false
for _, w := range p.workers {
if w == addr {
valid = true
break
}
}
p.mu.Unlock()
if valid {
if ok {
log.Printf("[pool] Acquired worker %s", addr)
return addr, true
}
log.Printf("[pool] Skipping stale worker %s", addr)
// Worker was removed, try next one
}
return addr, ok
}
// Release marks a worker as available again after it finishes handling a request.
@@ -93,42 +73,3 @@ func (p *WorkerPool) Release(addr string) {
}
// Worker not in current set (probably from before a rebuild), ignore
}
// RemoveWorker removes a worker from the pool (e.g., when it crashes).
// The worker will no longer receive requests.
func (p *WorkerPool) RemoveWorker(addr string) {
p.mu.Lock()
defer p.mu.Unlock()
// Remove from workers slice
newWorkers := make([]string, 0, len(p.workers))
for _, w := range p.workers {
if w != addr {
newWorkers = append(newWorkers, w)
}
}
p.workers = newWorkers
log.Printf("[pool] Removed worker %s, remaining: %v", addr, p.workers)
}
// AddWorker adds a worker to the pool and makes it available for requests.
func (p *WorkerPool) AddWorker(addr string) {
p.mu.Lock()
defer p.mu.Unlock()
// Check if already in pool
for _, w := range p.workers {
if w == addr {
return
}
}
p.workers = append(p.workers, addr)
select {
case p.available <- addr:
log.Printf("[pool] Added worker %s", addr)
default:
log.Printf("[pool] Added worker %s (channel full)", addr)
}
}

3
templates/basic/home.html.njk
View File

@@ -5,7 +5,8 @@
home
</p>
<p>
{{ name }} - {{ email }}
{{ email }}
</p>
{% if showLogin %}
<a href="/login">login</a>