Releases: SimplyLiz/DeviceRouter
Releases · SimplyLiz/DeviceRouter
v1.0.1
v1.0.0
Merge pull request #38 from SimplyLiz/develop Release: merge develop into main
v0.4.0
Release v0.4.0 (#27)
* Add onEvent observability hooks to all middleware packages (#18)
* Add onEvent observability hooks to all middleware packages
Enable logging, metrics, and monitoring by passing an onEvent callback
to createDeviceRouter(). Emits profile:classify, profile:store,
bot:reject, and error events with timing data. Callbacks are
fire-and-forget with built-in error isolation so they never disrupt
request handling.
* Fix endpoint error event losing sessionToken and handle malformed JSON in Hono
Hoist sessionToken before try block in all 4 endpoint handlers so the
catch block preserves the generated UUID for new sessions instead of
re-reading from the cookie (which is undefined for first requests).
Catch malformed JSON in Hono endpoint separately to return 400 instead
of falling through to the generic 500 handler.
Strengthen onEvent tests: assert event.error object and message in all
error tests, assert event.signals in all bot:reject tests.
* Add observability example with Grafana dashboard and Prometheus metrics (#20)
New examples/observability/ directory with a Docker Compose stack
(Express + Redis + Prometheus + Grafana) demonstrating all 6 Prometheus
metrics wired to the onEvent hook, including the new hint_total counter.
The Grafana dashboard is auto-provisioned with 12 panels across 4 rows.
* Add GitHub funding configuration
* Add docs for rate limiting, profile versioning, Client Hints compat, and meta-frameworks
- New docs/meta-frameworks.md: integration guide for Next.js, Remix, SvelteKit
using classifyFromHeaders and deriveHints directly from @device-router/types
- Add Client Hints browser compatibility table to getting-started.md
- Add rate limiting and profile versioning notes to deployment production checklist
- Add threshold versioning callout under Custom Thresholds in getting-started.md
- Link meta-frameworks guide from README docs index
* Add test for async callback rejection in emitEvent
Covers the async () => { throw } case that exercises the
result.then(undefined, () => {}) swallowing path.
* Document Express default error handler stack trace leak
Malformed JSON to the probe endpoint triggers Express's default error
handler before DeviceRouter code runs, exposing stack traces. Added a
production checklist note pointing to custom error handler docs.
* Add npm package metadata (repository, homepage, bugs, keywords)
All 7 published packages now include repository, homepage, bugs, keywords,
and description fields so npm pages link back to GitHub and are discoverable
via search.
* Add sideEffects, default export condition, funding, provenance, and community docs
- Add sideEffects: false to all packages for tree shaking
- Add default condition to exports maps for edge/Bun/Deno compat
- Add funding field linking to GitHub Sponsors
- Add provenance: true to publishConfig and --provenance to publish workflow
- Add browser field and ./browser export alias to probe package
- Add SECURITY.md with vulnerability reporting policy
- Add CODE_OF_CONDUCT.md (Contributor Covenant 2.1)
* Fix DeviceProfile.signals type to reflect stored shape (#23)
Middleware endpoints strip userAgent and viewport before storing, but
DeviceProfile.signals was typed as RawSignals — making TypeScript claim
those fields might exist when they never will. Add StoredSignals type
alias (Omit<RawSignals, 'userAgent' | 'viewport'>) and use it instead.
* Bump the dev-deps group with 2 updates (#21)
Bumps the dev-deps group with 2 updates: [eslint](https://github.com/eslint/eslint) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint).
Updates `eslint` from 10.0.1 to 10.0.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v10.0.1...v10.0.2)
Updates `typescript-eslint` from 8.56.0 to 8.56.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.56.1/packages/typescript-eslint)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 10.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: dev-deps
- dependency-name: typescript-eslint
dependency-version: 8.56.1
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: dev-deps
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump hono from 4.12.1 to 4.12.2 in the prod-deps group (#22)
Bumps the prod-deps group with 1 update: [hono](https://github.com/honojs/hono).
Updates `hono` from 4.12.1 to 4.12.2
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](https://github.com/honojs/hono/compare/v4.12.1...v4.12.2)
---
updated-dependencies:
- dependency-name: hono
dependency-version: 4.12.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: prod-deps
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Align Fastify middleware API shape with Express, Hono, and Koa (#24)
createDeviceRouter() now returns { middleware, probeEndpoint, injectionMiddleware? }
instead of { plugin, pluginOptions, probeEndpoint, injectionHook? }.
Removes the unused pluginOptions (always {}) from the public API.
Renames createInjectionHook to createInjectionMiddleware for consistency.
* Add server-side diagnostic warnings for missing probe data (#25)
* Fix npm badge link to point to package page instead of search
* Add server-side diagnostic warnings for missing probe data
Surface misconfigurations server-side since the probe client has no
room for error reporting within its 1 KB budget. Three strategies, all
gated behind NODE_ENV !== 'production':
- Startup: log the expected probe endpoint path via console.info
- Runtime: one-time console.warn after 50 middleware hits with zero
probe submissions
- onEvent: emit structured diagnostic:no-probe-data event through the
existing onEvent callback
* Verify dist artifacts exist before npm publish
Prevents publishing empty packages if the build silently fails to emit
.js or .d.ts files.
* Document threshold immutability constraint in deployment guide
Expand the brief production checklist mention into a dedicated section
with four mitigation strategies: shorten TTL, flush storage, rotate
cookie name, or do nothing when only numeric boundaries change.
* Bump v0.4.0 — fix misleading threshold staleness docs
Classification runs on every request using current thresholds, so
threshold changes take effect immediately. Removed incorrect
flush/TTL/cookie-rotation mitigation strategies from deployment guide.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
v0.3.0
Fix ESLint no-unused-vars for destructured rest siblings Add ignoreRestSiblings to @typescript-eslint/no-unused-vars so the omit-via-destructuring pattern in endpoint files is allowed.
v0.2.1
Contributors
SimplyLiz
Assets 2
v0.2.0
What's Changed
- Add customizable thresholds, framework adapters, and probe auto-injection by @SimplyLiz in #1
- Add CI/CD quality gates and Dependabot config by @SimplyLiz in #2
- Merge develop into main by @SimplyLiz in #9
Full Changelog: v0.1.0...v0.2.0
Contributors
SimplyLiz