fix(server): Require Rust bridge for DNS packet processing; remove synchronous TypeScript fallback; change handler API to accept IDnsQuestion and adjust query API

changelog.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## 2026-02-12 - 7.8.1 - fix(server)
+Require Rust bridge for DNS packet processing; remove synchronous TypeScript fallback; change handler API to accept IDnsQuestion and adjust query API
+
+- Breaking API change: handler signature changed from dns-packet.Question to IDnsQuestion — update registered handlers accordingly.
+- Synchronous TypeScript fallback (processDnsRequest/processRawDnsPacket) removed; callers must start the server/bridge and use the async bridge path (processRawDnsPacketAsync) or the new resolveQuery API.
+- processRawDnsPacketAsync now throws if the Rust bridge is not started — call start() before processing packets.
+- Public/test API rename/adjustments: processDnsRequest usages were replaced with resolveQuery and tests updated to use tapbundle_serverside.
+- Dependency changes: moved dns-packet to devDependencies, bumped @push.rocks/smartenv to ^6.0.0, updated @git.zone/* build/test tools and @types/node; removed @push.rocks/smartrequest from client plugin exports.
+- Plugins: dns-packet removed from exported plugins and minimatch kept; ts_client no longer exports smartrequest.
+
 ## 2026-02-11 - 7.8.0 - feat(rustdns-client)
 add Rust DNS client binary and TypeScript IPC bridge to enable UDP and DoH resolution, RDATA decoding, and DNSSEC AD/rcode support
 

package.json

@@ -44,22 +44,21 @@
   "homepage": "https://code.foss.global/push.rocks/smartdns",
   "dependencies": {
     "@push.rocks/smartdelay": "^3.0.1",
-    "@push.rocks/smartenv": "^5.0.13",
+    "@push.rocks/smartenv": "^6.0.0",
     "@push.rocks/smartpromise": "^4.2.3",
-    "@push.rocks/smartrequest": "^2.1.0",
+    "@push.rocks/smartrust": "^1.2.1",
-    "@push.rocks/smartrust": "^1.2.0",
+    "@tsclass/tsclass": "^9.3.0",
-    "@tsclass/tsclass": "^9.2.0",
-    "@types/dns-packet": "^5.6.5",
     "acme-client": "^5.4.0",
-    "dns-packet": "^5.6.1",
+    "minimatch": "^10.2.0"
-    "minimatch": "^10.0.1"
   },
   "devDependencies": {
-    "@git.zone/tsbuild": "^2.6.8",
+    "@git.zone/tsbuild": "^4.1.2",
-    "@git.zone/tsrun": "^1.3.3",
+    "@git.zone/tsrun": "^2.0.1",
     "@git.zone/tsrust": "^1.3.0",
-    "@git.zone/tstest": "^2.3.7",
+    "@git.zone/tstest": "^3.1.8",
-    "@types/node": "^22.15.21"
+    "@types/dns-packet": "^5.6.5",
+    "@types/node": "^25.2.3",
+    "dns-packet": "^5.6.1"
   },
   "files": [
     "ts/**/*",

readme.hints.md

@@ -94,11 +94,10 @@ DNS Query -> Rust (UDP/HTTPS) -> Parse packet
 
 ## Key Dependencies
 
-- `dns-packet`: DNS packet encoding/decoding (wire format)
+- `dns-packet`: DNS packet encoding/decoding (wire format, used by TS fallback path)
-- `elliptic`: Cryptographic operations for DNSSEC
 - `acme-client`: Let's Encrypt certificate automation
 - `minimatch`: Glob pattern matching for domains
-- `@push.rocks/smartrequest`: HTTP client for DoH queries
+- `@push.rocks/smartrust`: TypeScript-to-Rust IPC bridge
 - `@tsclass/tsclass`: Type definitions for DNS records
 
 ## Testing Insights

test/test.dnssec.rrset.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.fixes.simple.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.multiplerecords.fixed.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.multiplerecords.simple.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.multiplerecords.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.server.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import { execSync } from 'child_process';
 
 import * as dnsPacket from 'dns-packet';
@@ -282,10 +282,8 @@ tap.test('lets add a handler', async () => {
   });
 
   // @ts-ignore - accessing private method for testing
-  const response = dnsServer.processDnsRequest({
+  const response = dnsServer.resolveQuery({
-    type: 'query',
+    correlationId: 'test-1',
-    id: 1,
-    flags: 0,
     questions: [
       {
         name: 'dnsly_a.bleu.de',
@@ -293,8 +291,8 @@ tap.test('lets add a handler', async () => {
         class: 'IN',
       },
     ],
-    answers: [],
   });
+  expect(response.answered).toEqual(true);
   expect(response.answers[0]).toEqual({
     name: 'dnsly_a.bleu.de',
     type: 'A',
@@ -324,7 +322,7 @@ tap.test('should unregister a handler', async () => {
       data: '127.0.0.1',
     };
   });
-  
+
   dnsServer.registerHandler('test.com', ['TXT'], (question) => {
     return {
       name: question.name,
@@ -338,13 +336,11 @@ tap.test('should unregister a handler', async () => {
   // Test unregistering
   const result = dnsServer.unregisterHandler('*.bleu.de', ['A']);
   expect(result).toEqual(true);
-  
+
   // Verify handler is removed
   // @ts-ignore - accessing private method for testing
-  const response = dnsServer.processDnsRequest({
+  const response = dnsServer.resolveQuery({
-    type: 'query',
+    correlationId: 'test-2',
-    id: 1,
-    flags: 0,
     questions: [
       {
         name: 'dnsly_a.bleu.de',
@@ -352,11 +348,11 @@ tap.test('should unregister a handler', async () => {
         class: 'IN',
       },
     ],
-    answers: [],
   });
-  
+
-  // Should get SOA record instead of A record
+  // Should not find any handler match
-  expect(response.answers[0].type).toEqual('SOA');
+  expect(response.answered).toEqual(false);
+  expect(response.answers.length).toEqual(0);
 });
 
 tap.test('lets query over https', async () => {

test/test.soa.debug.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.soa.final.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.soa.simple.ts

@@ -1,6 +1,6 @@
 import * as plugins from '../ts_server/plugins.js';
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

test/test.soa.timeout.ts

@@ -1,5 +1,5 @@
 import { expect, tap } from '@git.zone/tstest/tapbundle';
-import { tapNodeTools } from '@git.zone/tstest/tapbundle_node';
+import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
 import * as dnsPacket from 'dns-packet';
 import * as dgram from 'dgram';
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartdns',
-  version: '7.8.0',
+  version: '7.8.1',
   description: 'A robust TypeScript library providing advanced DNS management and resolution capabilities including support for DNSSEC, custom DNS servers, and integration with various DNS providers.'
 }

ts_client/plugins.ts

@@ -16,10 +16,9 @@ export const events = { EventEmitter };
 // pushrocks scope
 import * as smartdelay from '@push.rocks/smartdelay';
 import * as smartpromise from '@push.rocks/smartpromise';
-import * as smartrequest from '@push.rocks/smartrequest';
 import * as smartrust from '@push.rocks/smartrust';
 
-export { smartdelay, smartenv, smartpromise, smartrequest, smartrust };
+export { smartdelay, smartenv, smartpromise, smartrust };
 
 import * as tsclass from '@tsclass/tsclass';
 

ts_server/classes.dnsserver.ts

@@ -1,6 +1,5 @@
 import * as plugins from './plugins.js';
 import { RustDnsBridge, type IDnsQueryEvent, type IIpcDnsAnswer, type IRustDnsConfig } from './classes.rustdnsbridge.js';
-import * as dnsPacket from 'dns-packet';
 
 export interface IDnsServerOptions {
   httpsKey: string;
@@ -27,10 +26,16 @@ export interface DnsAnswer {
   data: any;
 }
 
+export interface IDnsQuestion {
+  name: string;
+  type: string;
+  class?: string;
+}
+
 export interface IDnsHandler {
   domainPattern: string;
   recordTypes: string[];
-  handler: (question: dnsPacket.Question) => DnsAnswer | null;
+  handler: (question: IDnsQuestion) => DnsAnswer | null;
 }
 
 // Let's Encrypt related interfaces
@@ -80,7 +85,7 @@ export class DnsServer {
   public registerHandler(
     domainPattern: string,
     recordTypes: string[],
-    handler: (question: dnsPacket.Question) => DnsAnswer | null
+    handler: (question: IDnsQuestion) => DnsAnswer | null
   ): void {
     this.handlers.push({ domainPattern, recordTypes, handler });
   }
@@ -225,146 +230,14 @@ export class DnsServer {
       });
   }
 
-  /**
-   * Process a raw DNS packet and return the response.
-   * Synchronous version using the TypeScript fallback (for backward compatibility).
-   */
-  public processRawDnsPacket(packet: Buffer): Buffer {
-    // Synchronous fallback — process locally using TypeScript handler logic
-    // This is needed for backward-compatible callers that expect sync results
-    try {
-      const request = dnsPacket.decode(packet);
-      const response = this.processDnsRequest(request);
-      return dnsPacket.encode(response) as unknown as Buffer;
-    } catch (err) {
-      console.error('Error processing raw DNS packet:', err);
-      throw err;
-    }
-  }
-
   /**
    * Process a raw DNS packet asynchronously via Rust bridge.
    */
   public async processRawDnsPacketAsync(packet: Buffer): Promise<Buffer> {
-    if (this.bridgeSpawned) {
+    if (!this.bridgeSpawned) {
-      return this.bridge.processPacket(packet);
+      throw new Error('DNS server not started — call start() first');
     }
-    // Fallback to local processing if bridge not spawned
+    return this.bridge.processPacket(packet);
-    return this.processRawDnsPacket(packet);
-  }
-
-  /**
-   * Process a DNS request locally (TypeScript handler resolution).
-   * Used as fallback and for pre-bridge-spawn calls.
-   */
-  public processDnsRequest(request: dnsPacket.Packet): dnsPacket.Packet {
-    const response: dnsPacket.Packet = {
-      type: 'response',
-      id: request.id,
-      flags:
-        dnsPacket.AUTHORITATIVE_ANSWER |
-        dnsPacket.RECURSION_AVAILABLE |
-        (request.flags & dnsPacket.RECURSION_DESIRED ? dnsPacket.RECURSION_DESIRED : 0),
-      questions: request.questions,
-      answers: [],
-      additionals: [],
-    };
-
-    for (const question of request.questions) {
-      let answered = false;
-      const recordsForQuestion: DnsAnswer[] = [];
-
-      // Built-in handling for localhost and reverse localhost (RFC 6761)
-      const enableLocal = this.options.enableLocalhostHandling !== false;
-      if (enableLocal) {
-        const qnameLower = (question.name || '').toLowerCase();
-        const qnameTrimmed = qnameLower.endsWith('.') ? qnameLower.slice(0, -1) : qnameLower;
-
-        if (qnameTrimmed === 'localhost') {
-          if (question.type === 'A') {
-            recordsForQuestion.push({
-              name: question.name,
-              type: 'A',
-              class: 'IN',
-              ttl: 0,
-              data: '127.0.0.1',
-            });
-            answered = true;
-          } else if (question.type === 'AAAA') {
-            recordsForQuestion.push({
-              name: question.name,
-              type: 'AAAA',
-              class: 'IN',
-              ttl: 0,
-              data: '::1',
-            });
-            answered = true;
-          }
-        }
-
-        if (!answered) {
-          const reverseLocalhostV4 = '1.0.0.127.in-addr.arpa';
-          if (qnameTrimmed === reverseLocalhostV4 && question.type === 'PTR') {
-            recordsForQuestion.push({
-              name: question.name,
-              type: 'PTR',
-              class: 'IN',
-              ttl: 0,
-              data: 'localhost.',
-            });
-            answered = true;
-          }
-        }
-      }
-
-      // Collect all matching records from handlers
-      if (!answered) {
-        for (const handlerEntry of this.handlers) {
-          if (
-            plugins.minimatch.minimatch(question.name, handlerEntry.domainPattern) &&
-            handlerEntry.recordTypes.includes(question.type)
-          ) {
-            const answer = handlerEntry.handler(question);
-            if (answer) {
-              const dnsAnswer: DnsAnswer = {
-                ...answer,
-                ttl: answer.ttl || 300,
-                class: answer.class || 'IN',
-              };
-              recordsForQuestion.push(dnsAnswer);
-              answered = true;
-            }
-          }
-        }
-      }
-
-      if (recordsForQuestion.length > 0) {
-        for (const record of recordsForQuestion) {
-          response.answers.push(record as plugins.dnsPacket.Answer);
-        }
-      }
-
-      if (!answered) {
-        const soaAnswer: DnsAnswer = {
-          name: question.name,
-          type: 'SOA',
-          class: 'IN',
-          ttl: 3600,
-          data: {
-            mname: this.options.primaryNameserver || `ns1.${this.options.dnssecZone}`,
-            rname: `hostmaster.${this.options.dnssecZone}`,
-            serial: Math.floor(Date.now() / 1000),
-            refresh: 3600,
-            retry: 600,
-            expire: 604800,
-            minimum: 86400,
-          },
-        };
-        response.answers.push(soaAnswer as plugins.dnsPacket.Answer);
-      }
-    }
-
-    return response;
   }
 
   /**
@@ -451,7 +324,7 @@ export class DnsServer {
         this.registerHandler(
           challengeDomain,
           ['TXT'],
-          (question: dnsPacket.Question): DnsAnswer | null => {
+          (question: IDnsQuestion): DnsAnswer | null => {
             if (question.name === challengeDomain && question.type === 'TXT') {
               return {
                 name: question.name,
@@ -554,10 +427,10 @@ export class DnsServer {
     let answered = false;
 
     for (const q of event.questions) {
-      const question: dnsPacket.Question = {
+      const question: IDnsQuestion = {
         name: q.name,
-        type: q.type as any,
+        type: q.type,
-        class: q.class as any,
+        class: q.class,
       };
 
       for (const handlerEntry of this.handlers) {

ts_server/plugins.ts

@@ -24,10 +24,8 @@ export {
 }
 
 // third party
-import * as dnsPacket from 'dns-packet';
 import * as minimatch from 'minimatch';
 
 export {
-  dnsPacket,
   minimatch,
 }