New Vercel App endpoints don't support res

Could this also help with method-discriminated validation more generally?

export const GET = withRouteSpec.get({
	queryParams: z.object({ })
} as const, async (req) => {
  return Response(200, JSON.stringify("{}"))
//  return NextApiResponse.json({ })
})

Could be converted from OpenAPI generation

The OpenAPI conversion has a little jank in my experience (auth gets set to seam-workspace as a header for all endpoints). Maybe there's something we can do to give Postman the right "hint" here?

e.g. a routespec property openapiMetadata

As an alternative to this PR: #115

We currently can't do z.object({ ... }).optional() with nextlove's formData, it will always fail to parse, so instead we do a hack where we do z.union([z.any(), z.object({ ... })]), let's fix this!

          yea this is imo a nextlove bug, we should be able to do `.optional()`

Originally posted by @seveibar in https://github.com/seamapi/seam-connect/pull/4685#discussion_r1371085647

In relation to: #82

The PR is too big and dangerous as is. This issue is to design an approach for getting edge-support merged

First let's get some opinions out of the way

• We will introduce withRouteSpecEdge to avoid a breaking change. This means it's an EDGE-COMPATIBLE withRouteSpec, it still shares the exact same API and types as withRouteSpec
• We will introduce an example app that uses edge e.g. example-edge-todo-app, this app also ideally deploys somewhere on cloudflare or vercel edge
• Introduce the edge term sparingly. Nextlove will work on both edge and lambda, so avoid any "edge-specific" terminology

If you disagree with the above, we can't move on to what's below

1. Propose changes to nextlove API e.g. the req.Response object that make nextlove compatible with edge. Do not introduce withRouteSpecEdge or any special edge handling
2. After the API changes are in, build withRouteSpecEdge (NOTE: withRouteSpecEdge is lambda and edge compatible)
3. Replace withRouteSpec with withRouteSpecEdge and deprecate withRouteSpecEdge

CC @itelo @codetheweb @razor-x

https://github.com/seamapi/seam-connect/issues/2439#issuecomment-1468782404

jsonResponse type checking should be applied when .status is omitted since it defaults to 200:

Allow auth to be an array

withRouteSpec({
  methods: ["GET"],
  jsonResponse: z.array(z.number())
} as const)

doesn't work:

Currently I think for arrays in query parameters, the logic erroneously assumes the contents are a string, and does not validate them

typescript should not complain since organization_id is already on the path

Requires support in nextjs server modules

publishing should happen inside of the packages/nextlove directory i.e. the current manual process is cd packages/nextlove && yarn build && npm publish

Note that seam-plop provides the boilerplate github ci release template

Many routes in our openapi spec do not have api_key set in the security property. Those routes use the key_or_session_or_token auth property.

See @razor-x 's comments in this PR: https://github.com/seamapi/seam-connect/pull/5809

api_key is not available as an auth option for many endpoints

See error (collapsed) below. Confirmed in this PR seamapi/fake-seam-connect#32

> tsup

CLI Building entry: src/index.ts
CLI Using tsconfig: tsconfig.build.json
CLI tsup v7.1.0
CLI Using tsup config: /home/runner/work/fake-template/fake-template/tsup.config.ts
CLI Target: es2021
CLI Cleaning output folder
ESM Build start
CJS Build start
DTS Build start
DTS ⚡️ Build success in 4582ms
DTS dist/index.d.ts  3.64 KB
DTS dist/index.d.cts 3.64 KB

<--- Last few GCs --->

[2169:0x58d7d00]    40727 ms: Mark-sweep (reduce) 2028.5 (2083.1) -> 2026.4 (2081.5) MB, 2440.7 / 0.0 ms  (+ 2.6 ms in 3 steps since start of marking, biggest step 2.4 ms, walltime since start of marking 2451 ms) (average mu = 0.293, current mu = 0.167) a[2169:0x58d7d00]    43245 ms: Mark-sweep (reduce) 2026.8 (2081.7) -> 2026.8 (2082.0) MB, 2514.4 / 0.0 ms  (average mu = 0.153, current mu = 0.001) allocation failure; GC in old space requested


<--- JS stacktrace --->

FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory
 1: 0xb7a940 node::Abort() [node]
 2: 0xa8e823  [node]
 3: 0xd5c990 v8::Utils::ReportOOMFailure(v8::internal::Isolate*, char const*, bool) [node]
 4: 0xd5cd37 v8::internal::V8::FatalProcessOutOfMemory(v8::internal::Isolate*, char const*, bool) [node]
 5: 0xf3a435  [node]
 6: 0xf4c91d v8::internal::Heap::CollectGarbage(v8::internal::AllocationSpace, v8::internal::GarbageCollectionReason, v8::GCCallbackFlags) [node]
 7: 0xf2701e v8::internal::HeapAllocator::AllocateRawWithLightRetrySlowPath(int, v8::internal::AllocationType, v8::internal::AllocationOrigin, v8::internal::AllocationAlignment) [node]
 8: 0xf283e7 v8::internal::HeapAllocator::AllocateRawWithRetryOrFailSlowPath(int, v8::internal::AllocationType, v8::internal::AllocationOrigin, v8::internal::AllocationAlignment) [node]
 9: 0xf095ba v8::internal::Factory::NewFillerObject(int, v8::internal::AllocationAlignment, v8::internal::AllocationType, v8::internal::AllocationOrigin) [node]
10: 0x12ce9bd v8::internal::Runtime_AllocateInOldGeneration(int, unsigned long*, v8::internal::Isolate*) [node]
11: 0x16fb6f9  [node]
Aborted (core dumped)
Error: Process completed with exit code 134.

          We should look into how Nextlove is validating arrays. There seems to be a validation process in place that works well for `POST`, but not for `GET`.

Originally posted by @itelo in seamapi/public-tracker#8 (comment)

The package.json file includes an nsm binary which is from this package's 'nextjs-server-modules' dependency:

  "bin": {
    "nsm": "node_modules/nextjs-server-modules/bin.js",
    "nextlove": "bin.js"
  }

https://github.com/seamapi/nextlove/blob/main/packages/nextlove/package.json#L14

This pattern is not optimal, as it assumes packages are always placed in sub-directories; however, optimizing package managers like pnpm only support this with a flag (and it makes pnpm slower).

When used in its default way, pnpm reports the following error:

 WARN  Failed to create bin at /home/duane/Seam/seamos-backend/node_modules/.bin/nsm. The source file at /home/duane/Seam/seamos-backend/node_modules/nextlove/node_modules/nextjs-server-modules/bin.js does not exist.

A route at /accounts/[account_id]/devices with a route spec of

withRouteSpec({
  queryParams: z.object({
    account_id: z.string()
  })
})

should not include account_id in the generated route types since it's part of the path.

          Itd be nice to see what this produced via a test but looks okay to start!

Originally posted by @seveibar in #72 (review)

CC @kainpets

Parse Zod description as Markdown with YAML front matter: https://jekyllrb.com/docs/front-matter/
This is a well established system for including metadata inside a plain markdown string.

The front matter would be included in the openapi spec as metadata while the body would be used as the description. Some keys can trigger special behavior, for example injecting @deprecated into the generated types.

For example:

const routeSpec = {
  methods: ["POST"],
  auth: "auth_token",
  jsonBody: z.object({
    name: z.string().describe(`
    ---
    deprecated: Use full_name
    ---
    The name of the user.
    `),
    full_name: z.string().describe("The name of the user."),
  }),
  jsonResponse: z.object({
    ok: z.boolean(),
  }),
} as const

I wrote a more generic title because there are 2 main reasons for that:

First reason is that the build command on package.json is using cp:

"build": "rimraf dist && nsm build && tsup ./index.ts --dts --sourcemap && cp -r .next dist/.next",

Which is not a command on windows. There are many ways to solve this, but if a solution without any extra packages is required, then there probably should be a build-windows command, like:

"build-windows": "rimraf dist && nsm build && tsup ./index.ts --dts --sourcemap && xcopy .next dist\\.next /e /i",

But that would affect other commands. So maybe there could be a discussion on what would be the best solution here.

The second bug occurs in parse-routes-in-package.ts:

The line

const fullPathGlob = path.join(packageDir, pathGlob)

returns an invalid path, at least on windows. It causes

const filepaths = await globby(`${fullPathGlob}`)

to return 0 filepaths.

Globby docs recommend using path.posix.join instead:

So it'd be:

// Load all route specs
  const fullPathGlob = path.posix.join(packageDir, pathGlob)
  console.log(`searching "${fullPathGlob}"...`)
  const filepaths = await globby(`${fullPathGlob}`)
  console.log(`found ${filepaths.length} files`)

And that worked for me.

I can attach a PR to this issue if necessary.

E.x. nextlove generate-route-schemas should output

import {z} from "zod"

const routes = {
  "/hello/world": {
    queryParams: z.object({device_id: z.string()})
    jsonResponse: z.object({message: z.string()})
  }
}

Hi, just curious if this is expected to work with app router?