Changelog
All notable changes to mimi.js are documented here.
Format follows Keep a Changelog. Versions follow Semantic Versioning.
[Unreleased] — v2.1.0
Production-readiness upgrade. All changes are backward-compatible.
Performance
- URL parsed once per request —
req.pathandreq.querynow memoize on first access instead of callingnew URL()on every read. Eliminates ~86k allocations/second under load. - Logger replaced — winston → pino. 7× faster structured logging, −6 MB RSS per process.
- Heavyweight deps moved to peer —
mongoose,sequelize,sqlite3,bcryptare now optional peer dependencies. Applications that don't use database features save 20+ MB RSS per process.
Features
app.setErrorHandler(fn)— register a global error handler that intercepts allnext(err)calls before the default 500 response.app.addHook(name, fn)— lifecycle hooks at 7 named points:onRequest,preParsing,preValidation,preHandler,onSend,onResponse,onError.app.close([timeoutMs])— graceful shutdown: stops accepting connections, drains in-flight requests, firesonClosehooks.validate(targets)— request validation middleware factory. Validatesbody,params,queryagainst any schema adapter.- Built-in Zod adapter —
validate({ body: z.object({...}) })with structured 400 responses. setAdapter(adapter)— swap the validation backend (Zod, Valibot, Joi, etc.) globally.rateLimit(options)— token-bucket rate limiter with per-IP tracking andX-RateLimit-*headers.RequestContext— per-request context object (ctx) with typedbody,params,query,store, and response helpers.- Ctx-style handlers —
app.get('/path', async (ctx) => { ctx.json(...) })as an alternative to(req, res, next).
Developer Experience
- vitest test infrastructure with V8 coverage.
- All new APIs exported from the main entry point with full TypeScript declarations.
- Graceful install-hint errors when optional peer deps are missing.
[2.0.0] — 2024
Breaking Changes
- Full TypeScript rewrite. The package now ships compiled
.js+.d.tsdeclarations from asrc/TypeScript source tree. mainentry changed fromlib/index.jstodist/index.js.mimi()now returns aMimiApptyped interface.
Added
- Radix trie router via
find-my-way— route lookup is O(path depth), not O(route count). 50-route throughput stays flat at 88,305 req/s (was 42,992 req/s with linear scan). - Custom HTTP router —
Routerclass withLayer/Routeinternals. Express-compatibleapp.get/post/put/patch/delete/head/options/allAPI. - Prototype-augmented
req/res—req.params,req.query,req.body,req.path,req.hostname,req.ip,req.locals,req.get(),req.is().res.status(),res.json(),res.send(),res.redirect(),res.sendStatus(),res.set(),res.type(). - Body parsing —
json(),urlencoded(),customParser(raw-body based). - CORS middleware —
cors()with origin function, credentials, maxAge. - Security headers —
security()sets CSP, X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, X-DNS-Prefetch-Control. - Static file serving —
serveStatic(). - Structured logging —
requestLoggermiddleware,loggerinstance (winston → pino in v2.1). - JWT auth —
generateToken,verifyToken,authMiddleware. - Password hashing —
hashPassword,comparePassword(bcrypt). - MongoDB adapter —
mongodbManagersingleton. - SQLite adapter —
SQLiteManagerclass (Sequelize + sqlite3). - Swagger UI —
setupSwagger(app, options)serves/api-docsfrom JSDoc annotations. - Auto route loader — scans
./routes/*.jsat startup and mounts each file. - Plugin system —
app.register(plugin, options)with async support. asynchandler support — errors from async handlers automatically forwarded tonext.- Full TypeScript declarations for all exports.
[1.x] — 2023–2024
The original JavaScript implementation (lib/ directory).
Key features in v1
mimi()factory wrapping Express with pre-configured middleware- JWT + bcrypt auth utilities
- MongoDB and SQLite wrappers
- Auto-route loading from
./routes/ - express-jsdoc-swagger integration
- Winston request logger
Versioning Policy
- Patch (
2.x.Y) — bug fixes, performance improvements, documentation - Minor (
2.Y.0) — new features, backward-compatible - Major (
X.0.0) — breaking API changes, announced in advance