v3.2.1

Patch Changes

• #325 c182e59 Thanks @G4brym! - Export OrderByDirection type alias ("asc" | "desc") so consumers can import it directly instead of inlining literal unions

• #325 c182e59 Thanks @G4brym! - Add passthroughErrors option to bypass chanfana's error handling and let errors propagate raw to the framework's error handler

  import { Hono } from "hono";
  import { fromHono, ApiException } from "chanfana";
  import { ZodError } from "zod";
  
  const app = new Hono();
  
  app.onError((err, c) => {
    // Errors arrive as raw exceptions — no HTTPException wrapping
    if (err instanceof ApiException) {
      return c.json(
        { ok: false, code: err.code, message: err.message },
        err.status as any
      );
    }
    if (err instanceof ZodError) {
      return c.json({ ok: false, validationErrors: err.issues }, 400);
    }
    return c.json({ ok: false, message: "Internal Server Error" }, 500);
  });
  
  const openapi = fromHono(app, { passthroughErrors: true });

v3.2.0

Minor Changes

• #314 2408999 Thanks @G4brym! - Add tags support to auto endpoint _meta for OpenAPI tag grouping

• #323 d9b7297 Thanks @G4brym! - Add handleError hook, defaultOrderByDirection, fix validation error format and D1 update with extra columns

  • Add handleError(error) protected method on OpenAPIRoute to transform errors before chanfana formats them. Enables custom error wrapping (e.g., bypassing chanfana's formatter to use Hono's onError).

  • Add defaultOrderByDirection property to ListEndpoint (defaults to "asc"). Allows configuring the default sort direction when orderByFields is used.

  • Breaking: Validation errors from validateRequest() now return InputValidationException format instead of raw Zod issues. This makes the actual response match the OpenAPI schema that chanfana documents. If you parse validation error responses, update your code to use the new shape:

    Before:

    {
      "errors": [
        {
          "code": "invalid_type",
          "expected": "string",
          "received": "number",
          "message": "Invalid input: expected string, received number",
          "path": ["body", "name"]
        }
      ],
      "success": false,
      "result": {}
    }

    After:

    {
      "errors": [
        {
          "code": 7001,
          "message": "Invalid input: expected string, received number",
          "path": ["body", "name"]
        }
      ],
      "success": false,
      "result": {}
    }

    Key differences: code is now the numeric 7001 (was a string like "invalid_type"), and Zod-specific fields (expected, received) are no longer included.

  • D1UpdateEndpoint.update() now automatically filters updatedData to only include columns defined in the Zod schema. Previously, DB tables with extra columns not in the schema would cause validateColumnName() to throw.

v3.1.0

[email protected]

Minor Changes

Breaking Changes

• Parameter helpers removed — Str(), Num(), Int(), Bool(), DateTime(), DateOnly(), Email(), Uuid(), Hostname(), Ipv4(), Ipv6(), Ip(), Regex(), Enumeration(), and convertParams() removed. Use native Zod schemas directly.
• Legacy type support removed — legacyTypeIntoZod, Arr(), Obj() no longer exported. contentJson() now requires a Zod schema.
• D1 error messages sanitized — Database errors no longer expose internals. Use constraintsMessages for user-friendly messages.
• D1 delete/update restricted to primary key filters — Only primaryKeys filters used in WHERE clauses.
• D1 per_page capped at 100 — Configurable via maxPerPage.
• raiseUnknownParameters enforced — Was previously accepted but non-functional; now active.

New Features

• 10 new exception classes — UnauthorizedException (401), ForbiddenException (403), MethodNotAllowedException (405), ConflictException (409), UnprocessableEntityException (422), TooManyRequestsException (429), InternalServerErrorException (500), BadGatewayException (502), ServiceUnavailableException (503), GatewayTimeoutException (504)
• D1 SQL injection prevention — validateSqlIdentifier(), validateTableName(), validateColumnName(), buildSafeFilters(), buildPrimaryKeyFilters(), getD1Binding(), handleDbError(), and query clause builders
• Retry-After header — Automatically set for TooManyRequestsException and ServiceUnavailableException
• getUnvalidatedData() — Access raw request data before Zod defaults/transformations
• Hono basePath() auto-detection — Detected automatically; combining basePath() and base option now throws a descriptive error
• Hono error flow — Errors flow through Hono's app.onError as HTTPException instances instead of being caught internally

Bug Fixes

• D1: Prevent unscoped DELETE/UPDATE via buildPrimaryKeyFilters()
• D1: Fix shared exception instances, empty update SQL, LIKE wildcard escaping
• D1: Column names validated against model schema
• D1: Read/Delete endpoints use consistent primary key filters and error handling
• Fixed: schema generation errors now propagate instead of being silently swallowed
• Fixed: CreateEndpoint response schema references 201 instead of 200
• Fixed: falsy defaults (0, false, "") correctly applied
• Fixed: BigInt coercion uses BigInt() directly to avoid precision loss
• Fixed: boolean coercion null guard, HEAD request body parsing, YAML URL generation
• Fixed: ApiException import changed to value import for instanceof checks
• Fixed: ReadEndpoint/ListEndpoint document InputValidationException in 400 responses

Improvements

• D1 parallel queries via Promise.all() for list endpoint
• Configurable maxPerPage class property
• Normalized ORDER BY to lowercase "asc"/"desc"
• sanitizeOperationId() removes special characters
• Router constructor validation throws if router argument is missing
• Error responses include result: {} for consistent shape
• Comprehensive JSDoc across exception classes, D1 endpoints, and handler methods

Patch Changes

• Include source code, AI coding skills, and documentation in npm package. Added llms.txt entry point.

v3.0.0

Major release v3.0.0

Migration guide here: https://chanfana.pages.dev/migration-to-chanfana-3#migration-steps

What's Changed

• Upgraded to Zod v4
• Improved Type Hints for Auto-Endpoint Lifecycle Methods
• New getUnvalidatedData() Method

Full Changelog: v2.8.3...v3.0.0

v2.8.3

What's Changed

• Respect pathParameters on delete auto endpoint by @G4brym in #284
• fix(list): safe pagination and order_by whitelist; orderByFields typed by @AllenXPC in #283

Full Changelog: v2.8.2...v2.8.3

v2.8.2

What's Changed

• Fix chanfana cli not supporting writing schemas into folders

Full Changelog: v2.8.1...v2.8.2

v2.8.1

What's Changed

• feat: Add CLI command to extract schema.json from servers by @G4brym in #264
  npx chanfana [-o <path-to-output-schema.json>] [wrangler-options]

Full Changelog: v2.8.0...v2.8.1

v2.8.0

What's Changed

• Fix auto-endpoint create returning wrong http code by @G4brym in #255
  • Create endpoint will now return HTTP 201 instead of HTTP 200

Full Changelog: v2.7.2...v2.8.0

v2.7.2

What's Changed

• Add more Examples and Recipes to docs by @G4brym in #251
• fix: use literal false for the success field in exceptions by @ratnaraj7 in #253

Full Changelog: v2.7.1...v2.7.2

v2.7.1

What's Changed

• Fix auto-endpoints failing to validate path parameters on nested routers by @G4brym in #250

Full Changelog: v2.7.0...v2.7.1