Releases: Moro-JS/moro
Releases · Moro-JS/moro
v1.7.21: Make createApp/createAppNode/Edge/Lambda/Worker async for ESM config file support
feat!: make createApp/createAppNode/Edge/Lambda/Worker async for ESM config file support
- All createApp* functions now return Promise — must be awaited
- Config file loaded via dynamic import() (same as all other modules)
- ESM config files (projects with type:module) now load correctly
- Moro constructor accepts optional preloaded config from async factory
- Added loadConfigFromAllSourcesAsync + initializeConfigAsync internals
- Updated all tests to await createApp() and use async beforeEach/beforeAll
- Sync fallback still works via new Moro() directly (env vars + options only)
Migration: const app = createApp() → const app = await createApp()
This is a breaking change, points is all create methods App, Node, Edge etc. are now await.
v1.7.20: Resolve three cascading bugs in job scheduler for long-interval cron schedules
resolve three cascading bugs in job scheduler for long-interval cron schedules
- Cap setTimeout delay at 2^31-1 ms to prevent 32-bit overflow that caused
infinite rapid-fire execution for cron schedules >24.8 days away - Pass per-job executor options (timeout, maxRetries, retryBackoff,
enableCircuitBreaker) through to JobExecutor.execute() instead of silently
discarding them - Add jobs config to validateConfig() output so global executor settings
from moro.config.ts are no longer dropped during validation
v1.7.19: Correct parameter name handling in RadixTree for module routes
fix: correct parameter name handling in RadixTree for module routes
- Fixed bug where routes with different parameter names at the same position would incorrectly share parameter names
- Modified RadixTree to store parameter names per-route rather than per-node
- Added paramPath field to RadixNode to track complete parameter names for each route
- Updated insert() to collect all parameter names and store with handler
- Updated search() to map parameter values to correct names from matched route
- Added comprehensive test suite for parameter name handling
- Fixes issue where :leadId would be undefined but :id would work
v1.7.18: Add CORS origin function support in config and fix MiddlewareInterface warning
fix: Add CORS origin function support in config and fix MiddlewareInterface warning
- Added OriginFunction type support in config validator
- Updated SecurityConfig.cors.origin to accept functions
- Fixed CORS middleware export to use standard middleware (matching helmet/compression)
- Changed CORS middleware signature from StandardMiddleware to Middleware
- Exported OriginFunction type from main index
- zero breaking changes
v1.7.17: Resolve module root route overriding app root route
Resolve module root route overriding app root route
- Fixed routing conflict where module root path (/) was overriding application root route
- Modified createModuleRouter to calculate full path (basePath + routePath) before delegating to Router
- Applied same fix to registerLazyModules for lazy-loaded module routes
- Module root routes now correctly map to their full versioned path (e.g. /api/v1.0.0/moduleName)
- Added integration test to verify module root paths don't override app root
- Maintains compatibility with apiPrefix configuration option
v1.7.16: Convert Windows absolute paths to file URLs for ESM dynamic imports
Fix: Convert Windows absolute paths to file URLs for ESM dynamic imports
- Add filePathToImportURL utility to handle Windows path conversion
- Fix auto-discovery system to work with Windows absolute paths
- Update module loader to use proper file URLs on Windows
- Add comprehensive tests for cross-platform path handling
- Fixes issue where C:\path\to\module paths failed on Windows
v1.7.15: Add validation error handler with enhanced error formatting
Add validation error handler with enhanced error formatting
- Add comprehensive validation error handler with support for multiple validation libraries
- Add module path resolution utilities for dynamic module loading
- Enhance config system with deep partial types and better type safety
- Add module API prefix support with comprehensive integration tests
- Update validation middleware to use new error handler
- Add extensive test coverage for new features
v1.7.14: Fix production CORS hang and auto-discovery paths
fix: production CORS hang and auto-discovery paths
- Fix CORS hang in production when multiple origins + credentials enabled
- Allow same-origin requests without Origin header (common in production)
- Use first allowed origin for same-origin requests
- Fix auto-discovery paths for production (search dist/ folder)
- Add production path: ./dist/src/modules
- Support both .ts and .js files in patterns for flexibility
- Add test for same-origin CORS requests
v1.7.13: Enhance CORS and middleware config exposure
Enhance CORS and middleware config exposure
- Fix CORS multiple origins with credentials (auto-match request origin)
- Add missing CORS options: exposedHeaders, maxAge, preflightContinue
- Standardize on allowedHeaders throughout (removed headers alias)
- Add CSRF config to security section with all options
- Add CSP config to security section with full directives support
- Expand Helmet config with detailed options (backward compatible)
- Add Session config to modules section with all options
- Update all validators and default schemas
- Add comprehensive CORS tests for new functionality
v1.7.12: Fix register module routes directly in http-server route table
fix: register module routes directly in http-server route table
- Module routes now registered directly with http-server via mountRouter()
- Routes appear in route table and are found by findRoute()
- Eliminates deferred middleware-based routing system
- All module features preserved (middleware, validation, auth)
- Fixed test expectations for full module paths
fix: Handle headersSent read-only property error in CORS hook
- Add property descriptor check before setting headersSent in CORS hook
- Gracefully handle headersSent errors in HookManager for both sync/async paths
- Prevents error logging on OPTIONS preflight requests
- Maintains compatibility with native Node.js, UWS, HTTP/2, and mock responses
- All 623 tests passing