chore(deps-dev): bump hono from 4.12.9 to 4.12.18#175
Open
dependabot[bot] wants to merge 12 commits into
Open
Conversation
dependabot
Bot
added
dependencies
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/hono-4.12.18
branch
from
d98578e to
aba0d41
Compare
Sort GeneratedFiles output, index-file group iteration, formatter readdir, and plugin toposort with alphabetical tie-breaker. Generated artifacts are byte-identical; this locks in determinism for upcoming concurrent generation work.
Install effect + @effect/platform in gen, plus @effect/platform-node in cli. Expose an empty MainLayer for services to accrete into, and a CLI-side ManagedRuntime composed with NodeContext.layer. Smoke-tested via vanilla vitest + Effect.runPromise pending the @effect/vitest peer-dep resolution in task #9.
@effect/vitest@0.29.0 (the stable line aligned with effect v3) peers on vitest ^3.2.0. The project used only vanilla vitest APIs (describe, test, expect, vi, expectTypeOf, lifecycle hooks) — all stable across 3.x/4.x — so dropping to vitest 3.2.4 costs nothing material and unlocks it.effect, it.scoped, and the rest of the Effect test ergonomics. Smoke tests in packages/gen migrated from Effect.runPromise wrappers to it.effect for parity with the upcoming test-infrastructure work in task #9.
Every error in gen and cli now extends Data.TaggedError, carries a `_tag`
discriminator, and surfaces its fields as readonly props. Message strings
preserved verbatim so toThrowError assertions still pass. Tagged-union
types (NormalizationError, PluginError, ConfigError, GenerationError,
SpecLoadError) live next to the classes and are ready for Effect.catchTag.
Breaking: constructors switch from positional to object form, e.g.
new DuplicateOperationIdError({ operationId }) instead of (operationId).
Renamed PluginLoadingFailure -> PluginLoadError (XxxError convention) and
deleted the unused gen-side PluginLoadError stub plus the unused
DefinitionCompilationError. PluginLoadError / PluginDependencyError moved
out of plugins/types.ts into plugins/errors/ to keep the type module pure.
Introduce TemplateRenderer, GeneratedFiles, and PathSafety on the gen side plus Formatter on the cli side, all defined via Effect.Service and wired through MainLayer / ProductionLayer. Service implementations delegate to existing sync helpers so behaviour and golden output stay byte-identical; future effect-native callers (tasks #5/#6) reach the filesystem via these layers. Extract path-traversal logic out of pluginContext.ts into a dedicated helpers/pathSafety.ts module and introduce UnsafeGeneratedPathError as a Data.TaggedError replacing the previous generic Error throws. Twelve service tests cover happy paths, deterministic ordering, deduplication, and tagged-error mapping.
…effect normalizeSpec is now an Effect, returning NormalizedSpec on the success channel and the closed NormalizationError union on the failure channel. The internal transform stays sync — only the boundary changes — so callers can compose, recover via Effect.catchTag, and assert against tagged errors. The CLI's spec and config loading move from free functions on raw modules to four Effect services (ConfigLoader, SpecBundler, SpecImporter, SpecLoader) registered on ProductionLayer. SpecLoader's `dependencies` field stitches SpecBundler and SpecImporter into a single layer; Generator and cli.ts now bridge to the services via effectRuntime.runPromise. InvalidSpecEntrypointError moves into the errors directory and gains its tagged form (missed in task #3); SpecBundleError is added to discriminate rolldown failures from missing-output failures. pluginLoader.ts's ad-hoc LoadResult<T,E> is replaced by Effect's Either. The legacy modules configLoader.ts, generators/specLoader.ts, and generators/spec/specBundler.ts plus specImporter.ts are deleted; tests bridge via Effect.either so existing toBeInstanceOf assertions keep working, plus two new effect-native tests in normalizeSpec.test.ts demonstrate the Cause / catchTag pattern.
Four review lenses turned up three real correctness issues that needed to land before task #6 builds on top of these foundations: - `PluginDependencyError` import in pluginRegistry.test.ts pointed at the old types.ts location after the task-#3 move; the binding resolved to `undefined`, silently degrading every `toThrowError(PluginDependencyError)` assertion into a "throws anything" check. Re-pointed at the errors barrel. - `Effect.try` catch handlers in normalizeSpec and ConfigLoader.load cast blindly to the declared union, stamping arbitrary upstream errors as NormalizationError / ConfigError. Replaced with `isNormalizationError` and `isConfigError` predicates that narrow safely; non-typed errors propagate as defects (or, for user-evaluated config modules, as plain Error inside the widened `ConfigError | Error` channel). - `Effect.sync(fs.mkdirSync/writeFileSync)` in SpecLoader produced defects, not typed failures, so the declared union under-described what could fail. Wrapped both in `Effect.try` with the new `SpecOutputWriteError`. `DuplicateResponseNameError` from core is now part of the NormalizationError union and exported from `@rexeus/typeweaver-core` (the class was already thrown from validateUniqueResponseNames but never re-exported, so it silently resolved to undefined in importers). Plus three small smells the maintainability lens flagged: - Inlined `revalidateGeneratedWritePath` in pluginContext — it was a one-line alias to `resolveSafeGeneratedFilePath` called six times for the same `(outputDir, path)` pair per write. Single resolve now flows through `writeGeneratedFileByReplacingDestination` as a SafeGeneratedFilePath. - Updated MainLayer.ts header to name the real consumer entrypoint. Two new tests close gaps the test-architect flagged: - `GeneratedFiles` concurrent unbounded `add` — verifies the design rationale (Ref+SortedSet → deterministic snapshot under fiber concurrency), unverified before. - `ProductionLayer` resolution smoke — every directly registered service must be reachable from the production runtime, catching dependency-graph regressions before task #6 amplifies them.
… service
Replaces the imperative BasePlugin class API with a V2 Plugin record API
where each lifecycle stage returns an Effect. Replaces the imperative
Generator class with an Effect.Service orchestrator that drives the full
pipeline (clean -> load -> bundle -> init -> collect -> generate ->
finalize -> format) with per-phase Effect.withSpan instrumentation.
* New services: PluginRegistry (Ref-backed, alphabetical toposort),
ContextBuilder (Effect facade over plugin-context factory), Generator
(CLI orchestrator), PluginLoader (V2-only resolver supporting plain
records and factory functions).
* New plugin API: definePlugin({ name, depends?, initialize?, generate?, ... })
with PluginExecutionError tagged failure channel.
* All 6 first-party plugins (types, clients, server, hono, aws-cdk, openapi)
migrated to V2 records / factories. BasePlugin, TypeweaverPlugin,
createPluginRegistry, createPluginContextBuilder, legacyAdapter deleted.
* Output remains byte-identical against the golden snapshot.
Fixes 2 correctness warnings, 3 maintainability warnings, and 1 correctness suggestion surfaced by the independent reviewer trio. Correctness * SpecBundler: temp dir leaked if wrapper write failed; move mkdtempSync inside the try/finally pair so every successful mkdtempSync is bound to a cleanup. * ContextBuilder + Generator: shared mutable `builder` singleton corrupted state under overlapping generate() calls (manifested only in tests, but real). Replace `reset()` with per-call builders returned from buildPluginContext / buildGeneratorContext. * indexFileGenerator: barrel writes bypassed the atomic-replace path AND weren't registered with addGeneratedFile. Promote to IndexFileGenerator service that routes writes through context.writeFile, finally giving TemplateRenderer a production caller. Maintainability * Five plugin entrypoints (types, clients, server, hono, aws-cdk) were byte-equivalent scaffolding. Extract `definePluginWithLibCopy` helper in @rexeus/typeweaver-gen; each entrypoint shrinks from ~40 to ~17 lines. * Document the sync-helpers contract on GeneratorContext (writeFile, renderTemplate, addGeneratedFile) so plugin authors don't have to reverse-engineer the throw semantics. No behavioral change to generated output (byte-identical golden snapshot). 2124/2124 tests pass. Deferred to follow-up tasks: GeneratedFiles + PathSafety production wiring, full FileSystem service adoption, console.* -> Effect.logInfo, PluginModuleLoader service, cycle-detection error semantics, file-split cleanup, plugin-author docs.
…ect.logInfo Closes all remaining reviewer findings. The independent review trio (Correctness, Maintainability, Security, Tester-Architect) now reports PASS across the board after this commit; Tester-Architect goes from BLOCKING to CLEAN with Task #9 ("InMemoryFs + property tests") opened up as green-field. FileSystem service tag * Adopted at 5 orchestration sites: generatorIO, SpecLoader, SpecBundler, SpecImporter, generatorDefaults. * SpecBundler uses FileSystem.makeTempDirectoryScoped — auto-cleanup via Effect.Scope replaces the manual try/finally. * Kept on node:fs at 3 leaf sites by design: pluginContextBuilder.writeFile, copyPluginLibFiles, assertSafeCleanTargetEffect. Plugin.generate keeps R = never; the plugin author sync API stays sync. The deps-injection seams (PathSafetyFs, CleanTargetFs, PathSafetyShape, TemplateRendererShape) give tests the substitutability without breaking the contract. PluginModuleLoader service * New service wraps dynamic `import(specifier)`. Tagged failure channel via PluginModuleNotFoundError. * PluginLoader consumes it instead of raw `await import`. The .mjs-fixture pattern in pluginLoader.test.ts is now optional; PluginModuleLoader.test.ts demonstrates the in-memory layer pattern. GeneratedFiles + PathSafety + TemplateRenderer wiring * TemplateRenderer wired via IndexFileGenerator (Task #8.5) and via pluginContextBuilder (this task). * PathSafety wired via pluginContextBuilder. UnsafeGeneratedPathError unwraps cleanly through the runSync shim — no FiberFailure leaks to plugin authors. * GeneratedFiles singleton deleted; per-call tracker built inside createPluginContextBuilder. Per-call isolation is structural now, not policy. Effect.logInfo migration * All console.* in services replaced with Effect.logInfo/logWarning. * CliLoggerLayer reformats CLI output to bare lines (no timestamps, level-prefixed warnings and errors). * Only surviving console.info is inside the documented sync-runSync bridge in pluginContextBuilder.writeFile. Small cleanups * PluginDependencyError.missingDependency made optional; cycle errors no longer carry the misleading "X depends on X" field. * Duplicate plugin registration message corrected for both required and config-supplied collisions. Generated output is byte-identical against the golden snapshot. 2123/2123 tests pass (-5 GeneratedFiles tests, -1 obsolete clearGeneratedFiles test, +4 PluginModuleLoader tests, +1 per-call isolation test).
Replaces commander with @effect/cli for the CLI command tree, and adds a centralized formatErrorForCli translator so tagged-error output is human-friendly. The generate pipeline keeps its semantics; the underlying Generator service is unchanged. CLI rewrite * generate / init subcommands defined via @effect/cli Command + Options * --format / --no-format and --clean / --no-clean modeled as separate flags due to a known @effect/cli@0.75 bug where Options.boolean with `negationNames` short-circuits the outer withDefault * resolveGenerateOptions invoked inside Effect.try with MissingGenerateOptionError narrowing * CLI entry routes failures through formatErrorForCli before NodeRuntime.runMain; @effect/cli ValidationError is filtered to avoid double-printing * disablePrettyLogger: true on runMain so only the CliLoggerLayer fires (otherwise the default pretty logger duplicated every log line and swallowed the non-zero exit code on failure) * commander dependency removed formatErrorForCli * Cause -> failures or defects, joined newline-wise * Tagged errors render via their .message getter * Plain Error renders via .message * Unknown values stringify Verified manually: * `typeweaver --help` / `typeweaver generate --help` render via @effect/cli * Missing --input/--output exits 1 with friendly tagged-error message * Bundle failure exits 1 with formatted message (no FiberFailure trace) Tests: 2129/2129 pass (+6 new formatErrorForCli tests). Golden gate byte-identical.
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/hono-4.12.18
branch
from
aba0d41 to
be54281
Compare
Bumps [hono](https://github.com/honojs/hono) from 4.12.9 to 4.12.18. - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.9...v4.12.18) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.18 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/hono-4.12.18
branch
from
be54281 to
fd7886b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps hono from 4.12.9 to 4.12.18.
Release notes
Sourced from hono's releases.
... (truncated)
Commits
f10dee84.12.18a5bd9ebMerge commit from fork58d3d3aMerge commit from fork568c2ecMerge commit from forkff2b3d34.12.1752aaaf9fix(types): propagate middleware response types to app.on overloads (#4906)76d5589fix(cors): make origin optional in CORSOptions (#4905)8f027e5fix(ssg): addatom+xmlandrss+xmltodefaultExtensionMap(#4899)bfba97cfix(jsx): normalize SVG attributes on the <svg> root element (#4893)90d41824.12.16