v11.11.0

.vscode/settings.json

@@ -1,7 +1,7 @@
 {
   "json.schemas": [
     {
-      "fileMatch": ["/npmextra.json"],
+      "fileMatch": ["/.smartconfig.json"],
       "schema": {
         "type": "object",
         "properties": {

Dockerfile

@@ -18,9 +18,17 @@ WORKDIR /app
 COPY --from=build /app /app
 
 ENV DCROUTER_MODE=OCI_CONTAINER
+ENV DCROUTER_HEAP_SIZE=512
+ENV UV_THREADPOOL_SIZE=16
 
 RUN pnpm install -g @servezone/healthy
-HEALTHCHECK --interval=30s --timeout=30s --start-period=30s --retries=3 CMD [ "healthy" ]
+HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 CMD [ "healthy" ]
 
-EXPOSE 80
-CMD ["npm", "start"]
+LABEL org.opencontainers.image.title="dcrouter" \
+      org.opencontainers.image.description="Multi-service datacenter gateway" \
+      org.opencontainers.image.source="https://code.foss.global/serve.zone/dcrouter"
+
+# HTTP/HTTPS, SMTP/Submission/SMTPS, DNS, RADIUS, OpsServer, RemoteIngress, dynamic range
+EXPOSE 80 443 25 587 465 53/tcp 53/udp 1812/udp 1813/udp 3000 8443 29000-30000
+
+CMD ["sh", "-c", "node --max_old_space_size=${DCROUTER_HEAP_SIZE} ./cli.js"]

changelog.md

@@ -1,5 +1,54 @@
 # Changelog
 
+## 2026-03-26 - 11.11.0 - feat(docker,cache,proxy)
+improve container runtime defaults and add configurable connection limits
+
+- replace the embedded cache backend integration from smartmongo LocalTsmDb to smartdb LocalSmartDb
+- add OCI container settings for heap size, threadpool size, expanded exposed ports, image metadata, and a direct node startup command
+- introduce startup checks for file descriptor limits and warn when container nofile limits are too low for production
+- set gateway-oriented SmartProxy default limits and allow max connections, per-IP connections, and rate limits to be configured through OCI environment variables
+
+## 2026-03-26 - 11.10.7 - fix(sms)
+update sms service to use async ProjectInfo initialization
+
+- Replace direct ProjectInfo construction with the async create() factory in the SMS service startup flow
+- Bump related dependencies including @push.rocks/projectinfo, @push.rocks/smartdata, @push.rocks/smartmongo, @serve.zone/remoteingress, and @git.zone/tstest
+
+## 2026-03-26 - 11.10.6 - fix(typescript)
+tighten TypeScript null safety and error handling across backend and ops UI
+
+- add explicit unknown error typing and safe message access in logging and handler code
+- mark deferred-initialized class properties with definite assignment assertions to satisfy stricter TypeScript checks
+- harden ops web state access and action return types with non-null assertions and explicit Promise state typing
+- update storage reads to allow missing values and align license file references with the lowercase license filename
+
+## 2026-03-26 - 11.10.5 - fix(build)
+rename smart tooling config to .smartconfig.json and update package references
+
+- Moves the shared tool configuration from npmextra.json to .smartconfig.json.
+- Updates package.json published files and documentation to reference the new config file.
+- Refreshes several development and runtime dependency versions alongside the config migration.
+
+## 2026-03-24 - 11.10.4 - fix(monitoring)
+handle multiple protocol cache entries per backend in metrics output
+
+- Group detected protocol cache entries by backend host and port so multiple domain-specific records are preserved.
+- Emit one backend metrics row per cached domain and avoid dropping unmatched protocol cache entries by tracking seen entries with a composite host:port:domain key.
+- Use cached protocol values when available while keeping backend-only rows for metrics without protocol cache data.
+
+## 2026-03-23 - 11.10.3 - fix(deps)
+bump tstest, smartmetrics, and taskbuffer to latest patch releases
+
+- update @git.zone/tstest from ^3.5.0 to ^3.5.1
+- update @push.rocks/smartmetrics from ^3.0.2 to ^3.0.3
+- update @push.rocks/taskbuffer from ^8.0.0 to ^8.0.2
+
+## 2026-03-23 - 11.10.2 - fix(deps)
+bump @api.global/typedserver to ^8.4.6 and @push.rocks/smartproxy to ^26.2.1
+
+- Updates @api.global/typedserver from ^8.4.2 to ^8.4.6
+- Updates @push.rocks/smartproxy from ^26.2.0 to ^26.2.1
+
 ## 2026-03-23 - 11.10.1 - fix(deps)
 bump @push.rocks/smartproxy to ^26.2.0
 

license

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Task Venture Capital GmbH
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@serve.zone/dcrouter",
   "private": false,
-  "version": "11.10.1",
+  "version": "11.11.0",
   "description": "A multifaceted routing service handling mail and SMS delivery functions.",
   "type": "module",
   "exports": {
@@ -13,7 +13,7 @@
   "license": "MIT",
   "scripts": {
     "test": "(tstest test/ --logfile --timeout 60)",
-    "start": "(node --max_old_space_size=250 ./cli.js)",
+    "start": "(node ./cli.js)",
     "startTs": "(node cli.ts.js)",
     "build": "(tsbuild tsfolders --allowimplicitany && npm run bundle)",
     "build:docker": "tsdocker build --verbose",
@@ -22,48 +22,48 @@
     "watch": "tswatch"
   },
   "devDependencies": {
-    "@git.zone/tsbuild": "^4.3.0",
-    "@git.zone/tsbundle": "^2.9.1",
-    "@git.zone/tsrun": "^2.0.1",
-    "@git.zone/tstest": "^3.5.0",
-    "@git.zone/tswatch": "^3.3.0",
+    "@git.zone/tsbuild": "^4.4.0",
+    "@git.zone/tsbundle": "^2.10.0",
+    "@git.zone/tsrun": "^2.0.2",
+    "@git.zone/tstest": "^3.6.1",
+    "@git.zone/tswatch": "^3.3.2",
     "@types/node": "^25.5.0"
   },
   "dependencies": {
     "@api.global/typedrequest": "^3.3.0",
     "@api.global/typedrequest-interfaces": "^3.0.19",
-    "@api.global/typedserver": "^8.4.2",
+    "@api.global/typedserver": "^8.4.6",
     "@api.global/typedsocket": "^4.1.2",
     "@apiclient.xyz/cloudflare": "^7.1.0",
-    "@design.estate/dees-catalog": "^3.48.5",
+    "@design.estate/dees-catalog": "^3.49.0",
     "@design.estate/dees-element": "^2.2.3",
     "@push.rocks/lik": "^6.4.0",
-    "@push.rocks/projectinfo": "^5.0.2",
+    "@push.rocks/projectinfo": "^5.1.0",
     "@push.rocks/qenv": "^6.1.3",
     "@push.rocks/smartacme": "^9.3.0",
-    "@push.rocks/smartdata": "^7.1.0",
+    "@push.rocks/smartdata": "^7.1.3",
+    "@push.rocks/smartdb": "^1.0.1",
     "@push.rocks/smartdns": "^7.9.0",
-    "@push.rocks/smartfile": "^13.1.2",
+    "@push.rocks/smartfs": "^1.5.0",
     "@push.rocks/smartguard": "^3.1.0",
     "@push.rocks/smartjwt": "^2.2.1",
     "@push.rocks/smartlog": "^3.2.1",
-    "@push.rocks/smartmetrics": "^3.0.2",
-    "@push.rocks/smartmongo": "^5.1.0",
+    "@push.rocks/smartmetrics": "^3.0.3",
     "@push.rocks/smartmta": "^5.3.1",
-    "@push.rocks/smartnetwork": "^4.4.0",
+    "@push.rocks/smartnetwork": "^4.5.2",
     "@push.rocks/smartpath": "^6.0.0",
     "@push.rocks/smartpromise": "^4.2.3",
-    "@push.rocks/smartproxy": "^26.2.0",
+    "@push.rocks/smartproxy": "^26.3.0",
     "@push.rocks/smartradius": "^1.1.1",
     "@push.rocks/smartrequest": "^5.0.1",
     "@push.rocks/smartrx": "^3.0.10",
-    "@push.rocks/smartstate": "^2.2.0",
+    "@push.rocks/smartstate": "^2.2.1",
     "@push.rocks/smartunique": "^3.0.9",
-    "@push.rocks/taskbuffer": "^8.0.0",
+    "@push.rocks/taskbuffer": "^8.0.2",
     "@serve.zone/catalog": "^2.9.0",
     "@serve.zone/interfaces": "^5.3.0",
-    "@serve.zone/remoteingress": "^4.14.1",
-    "@tsclass/tsclass": "^9.4.0",
+    "@serve.zone/remoteingress": "^4.14.3",
+    "@tsclass/tsclass": "^9.5.0",
     "lru-cache": "^11.2.7",
     "uuid": "^13.0.0"
   },
@@ -112,7 +112,7 @@
     "dist_ts_apiclient/**/*",
     "assets/**/*",
     "cli.js",
-    "npmextra.json",
+    ".smartconfig.json",
     "readme.md"
   ]
 }

readme.hints.md

@@ -133,7 +133,7 @@ The project now uses tswatch for development:
 ```bash
 pnpm run watch
 ```
-Configuration in `npmextra.json`:
+Configuration in `.smartconfig.json`:
 ```json
 {
   "@git.zone/tswatch": {

readme.md

@@ -83,7 +83,7 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
 
 ### 💾 Persistent Storage & Caching
 - **Multiple storage backends**: filesystem, custom functions, or in-memory
-- **Embedded cache database** via smartdata + LocalTsmDb (MongoDB-compatible)
+- **Embedded cache database** via smartdata + smartdb (MongoDB-compatible)
 - **Automatic TTL-based cleanup** for cached emails and IP reputation data
 
 ### 🖥️ OpsServer Dashboard
@@ -340,7 +340,7 @@ graph TB
 | **OpsServer** | `@api.global/typedserver` | Web dashboard + TypedRequest API for monitoring and management |
 | **MetricsManager** | `@push.rocks/smartmetrics` | Real-time metrics collection (CPU, memory, email, DNS, security) |
 | **StorageManager** | built-in | Pluggable key-value storage (filesystem, custom, or in-memory) |
-| **CacheDb** | `@push.rocks/smartdata` | Embedded MongoDB-compatible database (LocalTsmDb) for persistent caching |
+| **CacheDb** | `@push.rocks/smartdb` | Embedded MongoDB-compatible database (LocalSmartDb) for persistent caching |
 
 ### How It Works
 
@@ -1066,7 +1066,7 @@ Used for: TLS certificates, DKIM keys, email routes, bounce/suppression lists, I
 
 ### Cache Database
 
-An embedded MongoDB-compatible database (via smartdata + LocalTsmDb) for persistent caching with automatic TTL cleanup:
+An embedded MongoDB-compatible database (via smartdata + smartdb) for persistent caching with automatic TTL cleanup:
 
 ```typescript
 cacheConfig: {
@@ -1406,37 +1406,58 @@ tstest test/test.opsserver-api.ts --verbose --timeout 60
 
 ## Docker / OCI Container Deployment
 
-DcRouter ships with a `Dockerfile` and supports environment-variable-driven configuration for OCI container deployments. When `DCROUTER_MODE=OCI_CONTAINER` is set, DcRouter automatically reads configuration from environment variables (and optionally from a JSON config file).
+DcRouter ships with a production-ready `Dockerfile` and supports environment-variable-driven configuration for OCI container deployments. The container image includes tini as PID 1 (via the base image), proper health checks, and configurable resource limits. When `DCROUTER_MODE=OCI_CONTAINER` is set, DcRouter automatically reads configuration from environment variables (and optionally from a JSON config file).
 
 ### Running with Docker
 
 ```bash
 docker run -d \
-  -e DCROUTER_MODE=OCI_CONTAINER \
+  --ulimit nofile=65536:65536 \
   -e DCROUTER_TLS_EMAIL=admin@example.com \
   -e DCROUTER_PUBLIC_IP=203.0.113.1 \
   -e DCROUTER_DNS_NS_DOMAINS=ns1.example.com,ns2.example.com \
   -e DCROUTER_DNS_SCOPES=example.com \
-  -p 80:80 -p 443:443 -p 25:25 -p 53:53/udp -p 3000:3000 \
+  -p 80:80 -p 443:443 -p 25:25 -p 587:587 -p 465:465 \
+  -p 53:53/udp -p 3000:3000 -p 8443:8443 \
   code.foss.global/serve.zone/dcrouter:latest
 ```
 
+> ⚡ **Production tip:** Always set `--ulimit nofile=65536:65536` for production deployments. DcRouter will log a warning at startup if the file descriptor limit is below 65536.
+
 ### Environment Variables
 
-| Variable | Description | Example |
-|----------|-------------|---------|
-| `DCROUTER_MODE` | Set to `OCI_CONTAINER` to enable container mode | `OCI_CONTAINER` |
-| `DCROUTER_CONFIG_PATH` | Path to a JSON config file (loaded as base, env vars override) | `/config/dcrouter.json` |
-| `DCROUTER_BASE_DIR` | Override base data directory | `/data/dcrouter` |
-| `DCROUTER_TLS_EMAIL` | ACME contact email | `admin@example.com` |
-| `DCROUTER_TLS_DOMAIN` | Primary TLS domain | `example.com` |
-| `DCROUTER_PUBLIC_IP` | Public IP for DNS records | `203.0.113.1` |
-| `DCROUTER_PROXY_IPS` | Comma-separated ingress proxy IPs | `198.51.100.1,198.51.100.2` |
-| `DCROUTER_DNS_NS_DOMAINS` | Comma-separated nameserver domains | `ns1.example.com,ns2.example.com` |
-| `DCROUTER_DNS_SCOPES` | Comma-separated authoritative domains | `example.com,other.com` |
-| `DCROUTER_EMAIL_HOSTNAME` | SMTP server hostname | `mail.example.com` |
-| `DCROUTER_EMAIL_PORTS` | Comma-separated email ports | `25,587,465` |
-| `DCROUTER_CACHE_ENABLED` | Enable/disable cache database | `true` |
+| Variable | Description | Default | Example |
+|----------|-------------|---------|---------|
+| `DCROUTER_MODE` | Container mode (set automatically in image) | `OCI_CONTAINER` | — |
+| `DCROUTER_CONFIG_PATH` | Path to JSON config file (env vars override) | — | `/config/dcrouter.json` |
+| `DCROUTER_BASE_DIR` | Base data directory | `~/.serve.zone/dcrouter` | `/data/dcrouter` |
+| `DCROUTER_TLS_EMAIL` | ACME contact email | — | `admin@example.com` |
+| `DCROUTER_TLS_DOMAIN` | Primary TLS domain | — | `example.com` |
+| `DCROUTER_PUBLIC_IP` | Public IP for DNS records | — | `203.0.113.1` |
+| `DCROUTER_PROXY_IPS` | Comma-separated ingress proxy IPs | — | `198.51.100.1,198.51.100.2` |
+| `DCROUTER_DNS_NS_DOMAINS` | Comma-separated nameserver domains | — | `ns1.example.com,ns2.example.com` |
+| `DCROUTER_DNS_SCOPES` | Comma-separated authoritative domains | — | `example.com,other.com` |
+| `DCROUTER_EMAIL_HOSTNAME` | SMTP server hostname | — | `mail.example.com` |
+| `DCROUTER_EMAIL_PORTS` | Comma-separated email ports | — | `25,587,465` |
+| `DCROUTER_CACHE_ENABLED` | Enable/disable cache database | `true` | `false` |
+| `DCROUTER_HEAP_SIZE` | Node.js V8 heap size in MB | `512` | `1024` |
+| `DCROUTER_MAX_CONNECTIONS` | Global max concurrent connections | `50000` | `100000` |
+| `DCROUTER_MAX_CONNECTIONS_PER_IP` | Max connections per source IP | `100` | `200` |
+| `DCROUTER_CONNECTION_RATE_LIMIT` | Max new connections/min per IP | `600` | `1200` |
+
+### Exposed Ports
+
+The container exposes all service ports:
+
+| Port(s) | Protocol | Service |
+|---------|----------|---------|
+| 80, 443 | TCP | HTTP/HTTPS (SmartProxy) |
+| 25, 587, 465 | TCP | SMTP, Submission, SMTPS |
+| 53 | TCP/UDP | DNS |
+| 1812, 1813 | UDP | RADIUS auth/acct |
+| 3000 | TCP | OpsServer dashboard |
+| 8443 | TCP | Remote ingress tunnels |
+| 29000–30000 | TCP | Dynamic port range |
 
 ### Building the Image
 
@@ -1449,7 +1470,7 @@ The Docker build supports multi-platform (`linux/amd64`, `linux/arm64`) via [tsd
 
 ## License and Legal Information
 
-This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](./LICENSE) file.
+This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file.
 
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '11.10.1',
+  version: '11.11.0',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts/cache/classes.cache.cleaner.ts

@@ -48,14 +48,14 @@ export class CacheCleaner {
     this.isRunning = true;
 
     // Run cleanup immediately on start
-    this.runCleanup().catch((error) => {
-      logger.log('error', `Initial cache cleanup failed: ${error.message}`);
+    this.runCleanup().catch((error: unknown) => {
+      logger.log('error', `Initial cache cleanup failed: ${(error as Error).message}`);
     });
 
     // Schedule periodic cleanup
     this.cleanupInterval = setInterval(() => {
-      this.runCleanup().catch((error) => {
-        logger.log('error', `Cache cleanup failed: ${error.message}`);
+      this.runCleanup().catch((error: unknown) => {
+        logger.log('error', `Cache cleanup failed: ${(error as Error).message}`);
       });
     }, this.options.intervalMs);
 
@@ -113,8 +113,8 @@ export class CacheCleaner {
           `Cache cleanup completed. Deleted ${totalDeleted} expired documents. ${summary || 'No deletions.'}`
         );
       }
-    } catch (error) {
-      logger.log('error', `Cache cleanup error: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Cache cleanup error: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -138,14 +138,14 @@ export class CacheCleaner {
         try {
           await doc.delete();
           deletedCount++;
-        } catch (deleteError) {
-          logger.log('warn', `Failed to delete expired document: ${deleteError.message}`);
+        } catch (deleteError: unknown) {
+          logger.log('warn', `Failed to delete expired document: ${(deleteError as Error).message}`);
         }
       }
 
       return deletedCount;
-    } catch (error) {
-      logger.log('error', `Error cleaning collection: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error cleaning collection: ${(error as Error).message}`);
       return 0;
     }
   }

ts/cache/classes.cached.document.ts

@@ -22,7 +22,7 @@ export abstract class CachedDocument<T extends CachedDocument<T>> extends plugin
    * Timestamp when the document expires and should be cleaned up
    * NOTE: Subclasses must add @svDb() decorator
    */
-  public expiresAt: Date;
+  public expiresAt!: Date;
 
   /**
    * Timestamp of last access (for LRU-style eviction if needed)

ts/cache/classes.cachedb.ts

@@ -15,16 +15,16 @@ export interface ICacheDbOptions {
 }
 
 /**
- * CacheDb - Wrapper around LocalTsmDb and smartdata
+ * CacheDb - Wrapper around LocalSmartDb and smartdata
  *
  * Provides persistent caching using smartdata as the ORM layer
- * and LocalTsmDb as the embedded database engine.
+ * and LocalSmartDb as the embedded database engine.
  */
 export class CacheDb {
   private static instance: CacheDb | null = null;
 
-  private localTsmDb: plugins.smartmongo.LocalTsmDb;
-  private smartdataDb: plugins.smartdata.SmartdataDb;
+  private localSmartDb!: plugins.smartdb.LocalSmartDb;
+  private smartdataDb!: plugins.smartdata.SmartdataDb;
   private options: Required<ICacheDbOptions>;
   private isStarted: boolean = false;
 
@@ -55,8 +55,8 @@ export class CacheDb {
 
   /**
    * Start the cache database
-   * - Initializes LocalTsmDb with file persistence
-   * - Connects smartdata to the LocalTsmDb via Unix socket
+   * - Initializes LocalSmartDb with file persistence
+   * - Connects smartdata to the LocalSmartDb via Unix socket
    */
   public async start(): Promise<void> {
     if (this.isStarted) {
@@ -68,16 +68,16 @@ export class CacheDb {
       // Ensure storage directory exists
       await plugins.fsUtils.ensureDir(this.options.storagePath);
 
-      // Create LocalTsmDb instance
-      this.localTsmDb = new plugins.smartmongo.LocalTsmDb({
+      // Create LocalSmartDb instance
+      this.localSmartDb = new plugins.smartdb.LocalSmartDb({
         folderPath: this.options.storagePath,
       });
 
-      // Start LocalTsmDb and get connection info
-      const connectionInfo = await this.localTsmDb.start();
+      // Start LocalSmartDb and get connection info
+      const connectionInfo = await this.localSmartDb.start();
 
       if (this.options.debug) {
-        logger.log('debug', `LocalTsmDb started with URI: ${connectionInfo.connectionUri}`);
+        logger.log('debug', `LocalSmartDb started with URI: ${connectionInfo.connectionUri}`);
       }
 
       // Initialize smartdata with the connection URI
@@ -89,8 +89,8 @@ export class CacheDb {
 
       this.isStarted = true;
       logger.log('info', `CacheDb started at ${this.options.storagePath}`);
-    } catch (error) {
-      logger.log('error', `Failed to start CacheDb: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to start CacheDb: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -109,15 +109,15 @@ export class CacheDb {
         await this.smartdataDb.close();
       }
 
-      // Stop LocalTsmDb
-      if (this.localTsmDb) {
-        await this.localTsmDb.stop();
+      // Stop LocalSmartDb
+      if (this.localSmartDb) {
+        await this.localSmartDb.stop();
       }
 
       this.isStarted = false;
       logger.log('info', 'CacheDb stopped');
-    } catch (error) {
-      logger.log('error', `Error stopping CacheDb: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error stopping CacheDb: ${(error as Error).message}`);
       throw error;
     }
   }

ts/cache/documents/classes.cached.email.ts

@@ -35,55 +35,55 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    */
   @plugins.smartdata.unI()
   @plugins.smartdata.svDb()
-  public id: string;
+  public id!: string;
 
   /**
    * Email message ID (RFC 822 Message-ID header)
    */
   @plugins.smartdata.svDb()
-  public messageId: string;
+  public messageId!: string;
 
   /**
    * Sender email address (envelope from)
    */
   @plugins.smartdata.svDb()
-  public from: string;
+  public from!: string;
 
   /**
    * Recipient email addresses
    */
   @plugins.smartdata.svDb()
-  public to: string[];
+  public to!: string[];
 
   /**
    * CC recipients
    */
   @plugins.smartdata.svDb()
-  public cc: string[];
+  public cc!: string[];
 
   /**
    * BCC recipients
    */
   @plugins.smartdata.svDb()
-  public bcc: string[];
+  public bcc!: string[];
 
   /**
    * Email subject
    */
   @plugins.smartdata.svDb()
-  public subject: string;
+  public subject!: string;
 
   /**
    * Raw RFC822 email content
    */
   @plugins.smartdata.svDb()
-  public rawContent: string;
+  public rawContent!: string;
 
   /**
    * Current status of the email
    */
   @plugins.smartdata.svDb()
-  public status: TCachedEmailStatus;
+  public status!: TCachedEmailStatus;
 
   /**
    * Number of delivery attempts
@@ -101,25 +101,25 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    * Timestamp for next delivery attempt
    */
   @plugins.smartdata.svDb()
-  public nextAttempt: Date;
+  public nextAttempt!: Date;
 
   /**
    * Last error message if delivery failed
    */
   @plugins.smartdata.svDb()
-  public lastError: string;
+  public lastError!: string;
 
   /**
    * Timestamp when the email was successfully delivered
    */
   @plugins.smartdata.svDb()
-  public deliveredAt: Date;
+  public deliveredAt!: Date;
 
   /**
    * Sender domain (for querying/filtering)
    */
   @plugins.smartdata.svDb()
-  public senderDomain: string;
+  public senderDomain!: string;
 
   /**
    * Priority level (higher = more important)
@@ -131,7 +131,7 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    * JSON-serialized route data
    */
   @plugins.smartdata.svDb()
-  public routeData: string;
+  public routeData!: string;
 
   /**
    * DKIM signature status

ts/cache/documents/classes.cached.ip.reputation.ts

@@ -45,61 +45,61 @@ export class CachedIPReputation extends CachedDocument<CachedIPReputation> {
    */
   @plugins.smartdata.unI()
   @plugins.smartdata.svDb()
-  public ipAddress: string;
+  public ipAddress!: string;
 
   /**
    * Reputation score (0-100, higher = better)
    */
   @plugins.smartdata.svDb()
-  public score: number;
+  public score!: number;
 
   /**
    * Whether the IP is flagged as spam source
    */
   @plugins.smartdata.svDb()
-  public isSpam: boolean;
+  public isSpam!: boolean;
 
   /**
    * Whether the IP is a known proxy
    */
   @plugins.smartdata.svDb()
-  public isProxy: boolean;
+  public isProxy!: boolean;
 
   /**
    * Whether the IP is a Tor exit node
    */
   @plugins.smartdata.svDb()
-  public isTor: boolean;
+  public isTor!: boolean;
 
   /**
    * Whether the IP is a VPN endpoint
    */
   @plugins.smartdata.svDb()
-  public isVPN: boolean;
+  public isVPN!: boolean;
 
   /**
    * Country code (ISO 3166-1 alpha-2)
    */
   @plugins.smartdata.svDb()
-  public country: string;
+  public country!: string;
 
   /**
    * Autonomous System Number
    */
   @plugins.smartdata.svDb()
-  public asn: string;
+  public asn!: string;
 
   /**
    * Organization name
    */
   @plugins.smartdata.svDb()
-  public org: string;
+  public org!: string;
 
   /**
    * List of blacklists the IP appears on
    */
   @plugins.smartdata.svDb()
-  public blacklists: string[];
+  public blacklists!: string[];
 
   /**
    * Number of times this IP has been checked

ts/classes.dcrouter.ts

@@ -215,7 +215,7 @@ export class DcRouter {
   public emailServer?: UnifiedEmailServer;
   public radiusServer?: RadiusServer;
   public storageManager: StorageManager;
-  public opsServer: OpsServer;
+  public opsServer!: OpsServer;
   public metricsManager?: MetricsManager;
 
   // Cache system (smartdata + LocalTsmDb)
@@ -448,7 +448,7 @@ export class DcRouter {
     }
 
     // DNS Server: optional, depends on SmartProxy
-    if (this.options.dnsNsDomains?.length > 0 && this.options.dnsScopes?.length > 0) {
+    if (this.options.dnsNsDomains && this.options.dnsNsDomains.length > 0 && this.options.dnsScopes && this.options.dnsScopes.length > 0) {
       this.serviceManager.addService(
         new plugins.taskbuffer.Service('DnsServer')
           .optional()
@@ -528,10 +528,36 @@ export class DcRouter {
   }
 
   public async start() {
+    await this.checkSystemLimits();
     logger.log('info', 'Starting DcRouter Services');
     await this.serviceManager.start();
     this.logStartupSummary();
   }
+
+  /**
+   * Detect OS-level resource limits and warn if they are too low for production use.
+   * This is detection only — no attempts to raise limits.
+   */
+  private async checkSystemLimits(): Promise<void> {
+    try {
+      const fs = new plugins.smartfs.SmartFs(new plugins.smartfs.SmartFsProviderNode());
+      const limitsContent = await fs.file('/proc/self/limits').encoding('utf8').read() as string;
+      const nofileLine = limitsContent.split('\n').find((line: string) => line.startsWith('Max open files'));
+      if (nofileLine) {
+        const parts = nofileLine.split(/\s{2,}/);
+        const softLimit = parseInt(parts[1], 10);
+        const hardLimit = parseInt(parts[2], 10);
+        if (softLimit < 65536) {
+          logger.log('warn', `File descriptor soft limit is ${softLimit} (hard: ${hardLimit}). ` +
+            `For production use, set --ulimit nofile=65536:65536 on the container runtime.`);
+        } else {
+          logger.log('info', `File descriptor limits: soft=${softLimit}, hard=${hardLimit}`);
+        }
+      }
+    } catch {
+      // Non-Linux or /proc not available — silently skip
+    }
+  }
   
   /**
    * Log comprehensive startup summary
@@ -708,9 +734,28 @@ export class DcRouter {
       // Track cert entries loaded from cert store so we can populate certificateStatusMap after start
       const loadedCertEntries: Array<{domain: string; publicKey: string; validUntil?: number; validFrom?: number}> = [];
 
-      // Create SmartProxy configuration
+      // Create SmartProxy configuration with sensible gateway defaults.
+      // User's smartProxyConfig overrides these defaults via spread.
       const smartProxyConfig: plugins.smartproxy.ISmartProxyOptions = {
+        // --- dcrouter gateway defaults ---
+        maxConnectionsPerIP: 100,
+        connectionRateLimitPerMinute: 600,
+        socketTimeout: 120_000,
+        inactivityTimeout: 120_000,
+        keepAlive: true,
+        noDelay: true,
+        gracefulShutdownTimeout: 30_000,
+        // --- user overrides ---
         ...this.options.smartProxyConfig,
+        // --- deep-merge defaults.security so user can override maxConnections ---
+        defaults: {
+          ...this.options.smartProxyConfig?.defaults,
+          security: {
+            maxConnections: 50_000,
+            ...this.options.smartProxyConfig?.defaults?.security,
+          },
+        },
+        // --- always set by dcrouter (after spread) ---
         routes,
         acme: acmeConfig,
         certStore: {
@@ -787,7 +832,7 @@ export class DcRouter {
             eventComms.log(`Attempting DNS-01 via SmartAcme for ${domain}`);
             eventComms.setSource('smartacme-dns-01');
             const isWildcardDomain = domain.startsWith('*.');
-            const cert = await this.smartAcme.getCertificateForDomain(domain, {
+            const cert = await this.smartAcme!.getCertificateForDomain(domain, {
               includeWildcard: !isWildcardDomain,
             });
             if (cert.validUntil) {
@@ -806,10 +851,10 @@ export class DcRouter {
             // Success — clear any backoff
             await scheduler.clearBackoff(domain);
             return result;
-          } catch (err) {
+          } catch (err: unknown) {
             // Record failure for backoff tracking
-            await scheduler.recordFailure(domain, err.message);
-            eventComms.warn(`SmartAcme DNS-01 failed for ${domain}: ${err.message}, falling back to http-01`);
+            await scheduler.recordFailure(domain, (err as Error).message);
+            eventComms.warn(`SmartAcme DNS-01 failed for ${domain}: ${(err as Error).message}, falling back to http-01`);
             return 'http01';
           }
         };
@@ -1248,21 +1293,21 @@ export class DcRouter {
     // Wire delivery events to MetricsManager and logger
     if (this.metricsManager && this.emailServer.deliverySystem) {
       this.emailServer.deliverySystem.on('deliveryStart', (item: any) => {
-        this.metricsManager.trackEmailReceived(item?.from);
+        this.metricsManager!.trackEmailReceived(item?.from);
         logger.log('info', `Email delivery started: ${item?.from} → ${item?.to}`, { zone: 'email' });
       });
       this.emailServer.deliverySystem.on('deliverySuccess', (item: any) => {
-        this.metricsManager.trackEmailSent(item?.to);
+        this.metricsManager!.trackEmailSent(item?.to);
         logger.log('info', `Email delivered to ${item?.to}`, { zone: 'email' });
       });
       this.emailServer.deliverySystem.on('deliveryFailed', (item: any, error: any) => {
-        this.metricsManager.trackEmailFailed(item?.to, error?.message);
+        this.metricsManager!.trackEmailFailed(item?.to, error?.message);
         logger.log('warn', `Email delivery failed to ${item?.to}: ${error?.message}`, { zone: 'email' });
       });
     }
     if (this.metricsManager && this.emailServer) {
       this.emailServer.on('bounceProcessed', () => {
-        this.metricsManager.trackEmailBounced();
+        this.metricsManager!.trackEmailBounced();
         logger.log('warn', 'Email bounce processed', { zone: 'email' });
       });
     }
@@ -1305,12 +1350,12 @@ export class DcRouter {
       }
       
       logger.log('info', 'All unified email components stopped');
-    } catch (error) {
-      logger.log('error', `Error stopping unified email components: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error stopping unified email components: ${(error as Error).message}`);
       throw error;
     }
   }
-  
+
   /**
    * Update domain rules for email routing
    * @param rules New domain rules to apply
@@ -1468,7 +1513,7 @@ export class DcRouter {
       this.dnsServer.on('query', (event: plugins.smartdns.dnsServerMod.IDnsQueryCompletedEvent) => {
         // Metrics tracking
         for (const question of event.questions) {
-          this.metricsManager.trackDnsQuery(
+          this.metricsManager?.trackDnsQuery(
             question.type,
             question.name,
             false,
@@ -1553,8 +1598,8 @@ export class DcRouter {
         // Use the built-in socket handler from smartdns
         // This handles HTTP/2, DoH protocol, etc.
         await (this.dnsServer as any).handleHttpsSocket(socket);
-      } catch (error) {
-        logger.log('error', `DNS socket handler error: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `DNS socket handler error: ${(error as Error).message}`);
         if (!socket.destroyed) {
           socket.destroy();
         }
@@ -1695,14 +1740,14 @@ export class DcRouter {
           } else {
             logger.log('warn', `Invalid DKIM record structure in ${file}`);
           }
-        } catch (error) {
-          logger.log('error', `Failed to load DKIM record from ${file}: ${error.message}`);
+        } catch (error: unknown) {
+          logger.log('error', `Failed to load DKIM record from ${file}: ${(error as Error).message}`);
         }
       }
-    } catch (error) {
-      logger.log('error', `Failed to load DKIM records: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to load DKIM records: ${(error as Error).message}`);
     }
-    
+
     return records;
   }
   
@@ -1734,11 +1779,11 @@ export class DcRouter {
         // This ensures keys are ready even if DNS mode changes later
         await dkimCreator.handleDKIMKeysForDomain(domainConfig.domain);
         logger.log('info', `DKIM keys initialized for ${domainConfig.domain}`);
-      } catch (error) {
-        logger.log('error', `Failed to initialize DKIM for ${domainConfig.domain}: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `Failed to initialize DKIM for ${domainConfig.domain}: ${(error as Error).message}`);
       }
     }
-    
+
     logger.log('info', 'DKIM initialization complete');
   }
   
@@ -1779,10 +1824,10 @@ export class DcRouter {
         } else {
           logger.log('warn', 'Could not auto-discover public IPv4 address');
         }
-      } catch (error) {
-        logger.log('error', `Failed to auto-discover public IP: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `Failed to auto-discover public IP: ${(error as Error).message}`);
       }
-      
+
       if (!publicIp) {
         logger.log('warn', 'No public IP available. Nameserver A records require either proxyIps, publicIp, or successful auto-discovery.');
       }
@@ -1876,8 +1921,8 @@ export class DcRouter {
       }
       
       return null;
-    } catch (error) {
-      logger.log('warn', `Failed to detect public IP: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Failed to detect public IP: ${(error as Error).message}`);
       return null;
     }
   }
@@ -1911,8 +1956,8 @@ export class DcRouter {
         const keyPem = plugins.fs.readFileSync(riCfg.tls.keyPath, 'utf8');
         tlsConfig = { certPem, keyPem };
         logger.log('info', 'Using explicit TLS cert/key for RemoteIngress tunnel');
-      } catch (err) {
-        logger.log('warn', `Failed to read RemoteIngress TLS cert/key files: ${err.message}`);
+      } catch (err: unknown) {
+        logger.log('warn', `Failed to read RemoteIngress TLS cert/key files: ${(err as Error).message}`);
       }
     }
 

ts/config/validator.ts

@@ -170,7 +170,7 @@ export class ConfigValidator {
                 } else if (rules.items.schema && itemType === 'object') {
                   const itemResult = this.validate(value[i], rules.items.schema);
                   if (!itemResult.valid) {
-                    errors.push(...itemResult.errors.map(err => `${key}[${i}].${err}`));
+                    errors.push(...itemResult.errors!.map(err => `${key}[${i}].${err}`));
                   }
                 }
               }
@@ -181,7 +181,7 @@ export class ConfigValidator {
             if (rules.schema) {
               const nestedResult = this.validate(value, rules.schema);
               if (!nestedResult.valid) {
-                errors.push(...nestedResult.errors.map(err => `${key}.${err}`));
+                errors.push(...nestedResult.errors!.map(err => `${key}.${err}`));
               }
               validatedConfig[key] = nestedResult.config;
             }
@@ -233,8 +233,8 @@ export class ConfigValidator {
 
       // Apply defaults to array items
       if (result[key] && rules.type === 'array' && rules.items && rules.items.schema) {
-        result[key] = result[key].map(item => 
-          typeof item === 'object' ? this.applyDefaults(item, rules.items.schema) : item
+        result[key] = result[key].map(item =>
+          typeof item === 'object' ? this.applyDefaults(item, rules.items!.schema!) : item
         );
       }
     }
@@ -255,7 +255,7 @@ export class ConfigValidator {
     
     if (!result.valid) {
       throw new ValidationError(
-        `Configuration validation failed: ${result.errors.join(', ')}`,
+        `Configuration validation failed: ${result.errors!.join(', ')}`,
         'CONFIG_VALIDATION_ERROR',
         { data: { errors: result.errors } }
       );

ts/errors/base.errors.ts

@@ -227,7 +227,7 @@ export class PlatformError extends Error {
     const { retry } = this.context;
     if (!retry) return false;
     
-    return retry.currentRetry < retry.maxRetries;
+    return (retry.currentRetry ?? 0) < (retry.maxRetries ?? 0);
   }
 
   /**

ts/monitoring/classes.metricsmanager.ts

@@ -296,11 +296,11 @@ export class MetricsManager {
       const proxyMetrics = this.dcRouter.smartProxy ? this.dcRouter.smartProxy.getMetrics() : null;
       
       if (!proxyMetrics) {
-        return [];
+        return [] as Array<{ type: string; count: number; source: string; lastActivity: Date }>;
       }
-      
+
       const connectionsByRoute = proxyMetrics.connections.byRoute();
-      const connectionInfo = [];
+      const connectionInfo: Array<{ type: string; count: number; source: string; lastActivity: Date }> = [];
       
       for (const [routeName, count] of connectionsByRoute) {
         connectionInfo.push({
@@ -595,47 +595,84 @@ export class MetricsManager {
       const backendMetrics = proxyMetrics.backends.byBackend();
       const protocolCache = proxyMetrics.backends.detectedProtocols();
 
-      // Index protocol cache by "host:port"
-      const cacheByKey = new Map<string, (typeof protocolCache)[number]>();
+      // Group protocol cache entries by host:port so we can match them to backend metrics.
+      // The protocol cache is keyed by (host, port, domain) in Rust, so the same host:port
+      // can have multiple entries for different domains.
+      const cacheByBackend = new Map<string, (typeof protocolCache)[number][]>();
       for (const entry of protocolCache) {
-        cacheByKey.set(`${entry.host}:${entry.port}`, entry);
+        const backendKey = `${entry.host}:${entry.port}`;
+        let entries = cacheByBackend.get(backendKey);
+        if (!entries) {
+          entries = [];
+          cacheByBackend.set(backendKey, entries);
+        }
+        entries.push(entry);
       }
 
       const backends: Array<any> = [];
-      const seen = new Set<string>();
+      const seenCacheKeys = new Set<string>();
 
       for (const [key, bm] of backendMetrics) {
-        seen.add(key);
-        const cache = cacheByKey.get(key);
-        backends.push({
-          backend: key,
-          domain: cache?.domain ?? null,
-          protocol: bm.protocol,
-          activeConnections: bm.activeConnections,
-          totalConnections: bm.totalConnections,
-          connectErrors: bm.connectErrors,
-          handshakeErrors: bm.handshakeErrors,
-          requestErrors: bm.requestErrors,
-          avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
-          poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
-          h2Failures: bm.h2Failures,
-          h2Suppressed: cache?.h2Suppressed ?? false,
-          h3Suppressed: cache?.h3Suppressed ?? false,
-          h2CooldownRemainingSecs: cache?.h2CooldownRemainingSecs ?? null,
-          h3CooldownRemainingSecs: cache?.h3CooldownRemainingSecs ?? null,
-          h2ConsecutiveFailures: cache?.h2ConsecutiveFailures ?? null,
-          h3ConsecutiveFailures: cache?.h3ConsecutiveFailures ?? null,
-          h3Port: cache?.h3Port ?? null,
-          cacheAgeSecs: cache?.ageSecs ?? null,
-        });
+        const cacheEntries = cacheByBackend.get(key);
+        if (!cacheEntries || cacheEntries.length === 0) {
+          // No protocol cache entry — emit one row with backend metrics only
+          backends.push({
+            backend: key,
+            domain: null,
+            protocol: bm.protocol,
+            activeConnections: bm.activeConnections,
+            totalConnections: bm.totalConnections,
+            connectErrors: bm.connectErrors,
+            handshakeErrors: bm.handshakeErrors,
+            requestErrors: bm.requestErrors,
+            avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
+            poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
+            h2Failures: bm.h2Failures,
+            h2Suppressed: false,
+            h3Suppressed: false,
+            h2CooldownRemainingSecs: null,
+            h3CooldownRemainingSecs: null,
+            h2ConsecutiveFailures: null,
+            h3ConsecutiveFailures: null,
+            h3Port: null,
+            cacheAgeSecs: null,
+          });
+        } else {
+          // One row per domain, each enriched with the shared backend metrics
+          for (const cache of cacheEntries) {
+            const compositeKey = `${cache.host}:${cache.port}:${cache.domain ?? ''}`;
+            seenCacheKeys.add(compositeKey);
+            backends.push({
+              backend: key,
+              domain: cache.domain ?? null,
+              protocol: cache.protocol ?? bm.protocol,
+              activeConnections: bm.activeConnections,
+              totalConnections: bm.totalConnections,
+              connectErrors: bm.connectErrors,
+              handshakeErrors: bm.handshakeErrors,
+              requestErrors: bm.requestErrors,
+              avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
+              poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
+              h2Failures: bm.h2Failures,
+              h2Suppressed: cache.h2Suppressed,
+              h3Suppressed: cache.h3Suppressed,
+              h2CooldownRemainingSecs: cache.h2CooldownRemainingSecs,
+              h3CooldownRemainingSecs: cache.h3CooldownRemainingSecs,
+              h2ConsecutiveFailures: cache.h2ConsecutiveFailures,
+              h3ConsecutiveFailures: cache.h3ConsecutiveFailures,
+              h3Port: cache.h3Port,
+              cacheAgeSecs: cache.ageSecs,
+            });
+          }
+        }
       }
 
       // Include protocol cache entries with no matching backend metric
       for (const entry of protocolCache) {
-        const key = `${entry.host}:${entry.port}`;
-        if (!seen.has(key)) {
+        const compositeKey = `${entry.host}:${entry.port}:${entry.domain ?? ''}`;
+        if (!seenCacheKeys.has(compositeKey)) {
           backends.push({
-            backend: key,
+            backend: `${entry.host}:${entry.port}`,
             domain: entry.domain,
             protocol: entry.protocol,
             activeConnections: 0,

ts/opsserver/classes.opsserver.ts

@@ -7,7 +7,7 @@ import { requireValidIdentity, requireAdminIdentity } from './helpers/guards.js'
 
 export class OpsServer {
   public dcRouterRef: DcRouter;
-  public server: plugins.typedserver.utilityservers.UtilityWebsiteServer;
+  public server!: plugins.typedserver.utilityservers.UtilityWebsiteServer;
 
   // Main TypedRouter — unauthenticated endpoints (login/logout/verify) and own-auth handlers
   public typedrouter = new plugins.typedrequest.TypedRouter();
@@ -17,17 +17,17 @@ export class OpsServer {
   public adminRouter = new plugins.typedrequest.TypedRouter<{ request: { identity: interfaces.data.IIdentity } }>();
 
   // Handler instances
-  public adminHandler: handlers.AdminHandler;
-  private configHandler: handlers.ConfigHandler;
-  private logsHandler: handlers.LogsHandler;
-  private securityHandler: handlers.SecurityHandler;
-  private statsHandler: handlers.StatsHandler;
-  private radiusHandler: handlers.RadiusHandler;
-  private emailOpsHandler: handlers.EmailOpsHandler;
-  private certificateHandler: handlers.CertificateHandler;
-  private remoteIngressHandler: handlers.RemoteIngressHandler;
-  private routeManagementHandler: handlers.RouteManagementHandler;
-  private apiTokenHandler: handlers.ApiTokenHandler;
+  public adminHandler!: handlers.AdminHandler;
+  private configHandler!: handlers.ConfigHandler;
+  private logsHandler!: handlers.LogsHandler;
+  private securityHandler!: handlers.SecurityHandler;
+  private statsHandler!: handlers.StatsHandler;
+  private radiusHandler!: handlers.RadiusHandler;
+  private emailOpsHandler!: handlers.EmailOpsHandler;
+  private certificateHandler!: handlers.CertificateHandler;
+  private remoteIngressHandler!: handlers.RemoteIngressHandler;
+  private routeManagementHandler!: handlers.RouteManagementHandler;
+  private apiTokenHandler!: handlers.ApiTokenHandler;
 
   constructor(dcRouterRefArg: DcRouter) {
     this.dcRouterRef = dcRouterRefArg;
@@ -39,7 +39,7 @@ export class OpsServer {
   public async start() {
     this.server = new plugins.typedserver.utilityservers.UtilityWebsiteServer({
       domain: 'localhost',
-      feedMetadata: null,
+      feedMetadata: undefined,
       serveDir: paths.distServe,
     });
     

ts/opsserver/handlers/admin.handler.ts

@@ -12,7 +12,7 @@ export class AdminHandler {
   public typedrouter = new plugins.typedrequest.TypedRouter();
   
   // JWT instance
-  public smartjwtInstance: plugins.smartjwt.SmartJwt<IJwtData>;
+  public smartjwtInstance!: plugins.smartjwt.SmartJwt<IJwtData>;
   
   // Simple in-memory user storage (in production, use proper database)
   private users = new Map<string, {

ts/opsserver/handlers/certificate.handler.ts

@@ -311,8 +311,8 @@ export class CertificateHandler {
         }
       }
       return { success: true, message: `Certificate reprovisioning triggered for route '${routeName}'` };
-    } catch (err) {
-      return { success: false, message: err.message || 'Failed to reprovision certificate' };
+    } catch (err: unknown) {
+      return { success: false, message: (err as Error).message || 'Failed to reprovision certificate' };
     }
   }
 
@@ -340,8 +340,8 @@ export class CertificateHandler {
       try {
         await dcRouter.smartAcme.getCertificateForDomain(domain);
         return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}'` };
-      } catch (err) {
-        return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
+      } catch (err: unknown) {
+        return { success: false, message: (err as Error).message || `Failed to reprovision certificate for ${domain}` };
       }
     }
 
@@ -351,8 +351,8 @@ export class CertificateHandler {
       try {
         await smartProxy.provisionCertificate(routeNames[0]);
         return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}' via route '${routeNames[0]}'` };
-      } catch (err) {
-        return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
+      } catch (err: unknown) {
+        return { success: false, message: (err as Error).message || `Failed to reprovision certificate for ${domain}` };
       }
     }
 

ts/opsserver/handlers/radius.handler.ts

@@ -52,8 +52,8 @@ export class RadiusHandler {
           try {
             await radiusServer.addClient(dataArg.client);
             return { success: true };
-          } catch (error) {
-            return { success: false, message: error.message };
+          } catch (error: unknown) {
+            return { success: false, message: (error as Error).message };
           }
         }
       )
@@ -144,8 +144,8 @@ export class RadiusHandler {
                 updatedAt: mapping.updatedAt,
               },
             };
-          } catch (error) {
-            return { success: false, message: error.message };
+          } catch (error: unknown) {
+            return { success: false, message: (error as Error).message };
           }
         }
       )

ts/opsserver/handlers/stats.handler.ts

@@ -279,7 +279,7 @@ export class StatsHandler {
           if (sections.network && this.opsServerRef.dcRouterRef.metricsManager) {
             promises.push(
               (async () => {
-                const stats = await this.opsServerRef.dcRouterRef.metricsManager.getNetworkStats();
+                const stats = await this.opsServerRef.dcRouterRef.metricsManager!.getNetworkStats();
                 const serverStats = await this.collectServerStats();
 
                 // Build per-IP bandwidth lookup from throughputByIP

ts/plugins.ts

@@ -47,13 +47,13 @@ import * as qenv from '@push.rocks/qenv';
 import * as smartacme from '@push.rocks/smartacme';
 import * as smartdata from '@push.rocks/smartdata';
 import * as smartdns from '@push.rocks/smartdns';
-import * as smartfile from '@push.rocks/smartfile';
+import * as smartfs from '@push.rocks/smartfs';
 import * as smartguard from '@push.rocks/smartguard';
 import * as smartjwt from '@push.rocks/smartjwt';
 import * as smartlog from '@push.rocks/smartlog';
 import * as smartmetrics from '@push.rocks/smartmetrics';
 import * as smartmta from '@push.rocks/smartmta';
-import * as smartmongo from '@push.rocks/smartmongo';
+import * as smartdb from '@push.rocks/smartdb';
 import * as smartnetwork from '@push.rocks/smartnetwork';
 import * as smartpath from '@push.rocks/smartpath';
 import * as smartproxy from '@push.rocks/smartproxy';
@@ -64,7 +64,7 @@ import * as smartrx from '@push.rocks/smartrx';
 import * as smartunique from '@push.rocks/smartunique';
 import * as taskbuffer from '@push.rocks/taskbuffer';
 
-export { projectinfo, qenv, smartacme, smartdata, smartdns, smartfile, smartguard, smartjwt, smartlog, smartmetrics, smartmongo, smartmta, smartnetwork, smartpath, smartproxy, smartpromise, smartradius, smartrequest, smartrx, smartunique, taskbuffer };
+export { projectinfo, qenv, smartacme, smartdata, smartdns, smartfs, smartguard, smartjwt, smartlog, smartmetrics, smartdb, smartmta, smartnetwork, smartpath, smartproxy, smartpromise, smartradius, smartrequest, smartrx, smartunique, taskbuffer };
 
 // Define SmartLog types for use in error handling
 export type TLogLevel = 'error' | 'warn' | 'info' | 'success' | 'debug';
@@ -90,7 +90,7 @@ export {
   uuid,
 }
 
-// Filesystem utilities (compatibility helpers for smartfile v13+)
+// Filesystem utilities
 export const fsUtils = {
   /**
    * Ensure a directory exists, creating it recursively if needed (sync)

ts/radius/classes.accounting.manager.ts

@@ -518,8 +518,8 @@ export class AccountingManager {
       if (deletedCount > 0) {
         logger.log('info', `Cleaned up ${deletedCount} old accounting sessions`);
       }
-    } catch (error) {
-      logger.log('error', `Failed to cleanup old sessions: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to cleanup old sessions: ${(error as Error).message}`);
     }
 
     return deletedCount;
@@ -582,8 +582,8 @@ export class AccountingManager {
           // Ignore individual errors
         }
       }
-    } catch (error) {
-      logger.log('warn', `Failed to load active sessions: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Failed to load active sessions: ${(error as Error).message}`);
     }
   }
 
@@ -598,8 +598,8 @@ export class AccountingManager {
     const key = `${this.config.storagePrefix}/active/${session.sessionId}.json`;
     try {
       await this.storageManager.setJSON(key, session);
-    } catch (error) {
-      logger.log('error', `Failed to persist session ${session.sessionId}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to persist session ${session.sessionId}: ${(error as Error).message}`);
     }
   }
 
@@ -620,8 +620,8 @@ export class AccountingManager {
       const date = new Date(session.endTime);
       const archiveKey = `${this.config.storagePrefix}/archive/${date.getFullYear()}/${String(date.getMonth() + 1).padStart(2, '0')}/${String(date.getDate()).padStart(2, '0')}/${session.sessionId}.json`;
       await this.storageManager.setJSON(archiveKey, session);
-    } catch (error) {
-      logger.log('error', `Failed to archive session ${session.sessionId}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to archive session ${session.sessionId}: ${(error as Error).message}`);
     }
   }
 
@@ -653,8 +653,8 @@ export class AccountingManager {
           // Ignore individual errors
         }
       }
-    } catch (error) {
-      logger.log('warn', `Failed to get archived sessions: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Failed to get archived sessions: ${(error as Error).message}`);
     }
 
     return sessions;

ts/radius/classes.radius.server.ts

@@ -310,8 +310,8 @@ export class RadiusServer {
         default:
           logger.log('debug', `RADIUS Acct Unknown status type: ${statusType}`);
       }
-    } catch (error) {
-      logger.log('error', `RADIUS accounting error: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `RADIUS accounting error: ${(error as Error).message}`);
     }
 
     return { code: plugins.smartradius.ERadiusCode.AccountingResponse };

ts/radius/classes.vlan.manager.ts

@@ -104,7 +104,7 @@ export class VlanManager {
     if (this.normalizedMacCache.size > 10000) {
       const iterator = this.normalizedMacCache.keys();
       for (let i = 0; i < 1000; i++) {
-        this.normalizedMacCache.delete(iterator.next().value);
+        this.normalizedMacCache.delete(iterator.next().value!);
       }
     }
 
@@ -348,8 +348,8 @@ export class VlanManager {
         }
         logger.log('info', `Loaded ${data.length} VLAN mappings from storage`);
       }
-    } catch (error) {
-      logger.log('warn', `Failed to load VLAN mappings from storage: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Failed to load VLAN mappings from storage: ${(error as Error).message}`);
     }
   }
 
@@ -364,8 +364,8 @@ export class VlanManager {
     try {
       const mappings = Array.from(this.mappings.values());
       await this.storageManager.setJSON(this.config.storagePrefix, mappings);
-    } catch (error) {
-      logger.log('error', `Failed to save VLAN mappings to storage: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to save VLAN mappings to storage: ${(error as Error).message}`);
     }
   }
 }

ts/readme.md

@@ -136,7 +136,7 @@ Manages the Rust-based RemoteIngressHub lifecycle. Syncs allowed edges, tracks c
 
 ## License and Legal Information
 
-This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file.
+This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](../license) file.
 
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 

ts/security/classes.contentscanner.ts

@@ -60,7 +60,7 @@ export enum ThreatCategory {
  * Content Scanner for detecting malicious email content
  */
 export class ContentScanner {
-  private static instance: ContentScanner;
+  private static instance: ContentScanner | undefined;
   private scanCache: LRUCache<string, IScanResult>;
   private options: Required<IContentScannerOptions>;
   
@@ -258,12 +258,12 @@ export class ContentScanner {
       }
       
       return result;
-    } catch (error) {
-      logger.log('error', `Error scanning email: ${error.message}`, {
+    } catch (error: unknown) {
+      logger.log('error', `Error scanning email: ${(error as Error).message}`, {
         messageId: email.getMessageId(),
-        error: error.stack
+        error: (error as Error).stack
       });
-      
+
       // Return a safe default with error indication
       return {
         isClean: true, // Let it pass if scanner fails (configure as desired)
@@ -271,7 +271,7 @@ export class ContentScanner {
         scannedElements: ['error'],
         timestamp: Date.now(),
         threatType: 'scan_error',
-        threatDetails: `Scan error: ${error.message}`
+        threatDetails: `Scan error: ${(error as Error).message}`
       };
     }
   }
@@ -625,8 +625,8 @@ export class ContentScanner {
       return sample.toString('utf8')
         .replace(/[\x00-\x09\x0B-\x1F\x7F-\x9F]/g, '') // Remove control chars
         .replace(/\uFFFD/g, ''); // Remove replacement char
-    } catch (error) {
-      logger.log('warn', `Error extracting text from buffer: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Error extracting text from buffer: ${(error as Error).message}`);
       return '';
     }
   }
@@ -699,10 +699,10 @@ export class ContentScanner {
         subject: email.subject
       },
       success: false,
-      domain: email.getFromDomain()
+      domain: email.getFromDomain() ?? undefined
     });
   }
-  
+
   /**
    * Log a threat finding to the security logger
    * @param email The email containing the threat
@@ -722,10 +722,10 @@ export class ContentScanner {
         subject: email.subject
       },
       success: false,
-      domain: email.getFromDomain()
+      domain: email.getFromDomain() ?? undefined
     });
   }
-  
+
   /**
    * Get threat level description based on score
    * @param score Threat score

ts/security/classes.ipreputationchecker.ts

@@ -61,7 +61,7 @@ export interface IIPReputationOptions {
  * Class for checking IP reputation of inbound email senders
  */
 export class IPReputationChecker {
-  private static instance: IPReputationChecker;
+  private static instance: IPReputationChecker | undefined;
   private reputationCache: LRUCache<string, IReputationResult>;
   private options: Required<IIPReputationOptions>;
   private storageManager?: any; // StorageManager instance
@@ -127,8 +127,8 @@ export class IPReputationChecker {
     // Load cache from disk if enabled
     if (this.options.enableLocalCache) {
       // Fire and forget the load operation
-      this.loadCache().catch(error => {
-        logger.log('error', `Failed to load IP reputation cache during initialization: ${error.message}`);
+      this.loadCache().catch((error: unknown) => {
+        logger.log('error', `Failed to load IP reputation cache during initialization: ${(error as Error).message}`);
       });
     }
   }
@@ -237,13 +237,13 @@ export class IPReputationChecker {
       this.logReputationCheck(ip, result);
       
       return result;
-    } catch (error) {
-      logger.log('error', `Error checking IP reputation for ${ip}: ${error.message}`, {
+    } catch (error: unknown) {
+      logger.log('error', `Error checking IP reputation for ${ip}: ${(error as Error).message}`, {
         ip,
-        stack: error.stack
+        stack: (error as Error).stack
       });
-      
-      return this.createErrorResult(ip, error.message);
+
+      return this.createErrorResult(ip, (error as Error).message);
     }
   }
   
@@ -266,8 +266,8 @@ export class IPReputationChecker {
             const lookupDomain = `${reversedIP}.${server}`;
             await plugins.dns.promises.resolve(lookupDomain);
             return server; // IP is listed in this DNSBL
-          } catch (error) {
-            if (error.code === 'ENOTFOUND') {
+          } catch (error: unknown) {
+            if ((error as any).code === 'ENOTFOUND') {
               return null; // IP is not listed in this DNSBL
             }
             throw error; // Other error
@@ -286,8 +286,8 @@ export class IPReputationChecker {
         listCount: lists.length,
         lists
       };
-    } catch (error) {
-      logger.log('error', `Error checking DNSBL for ${ip}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error checking DNSBL for ${ip}: ${(error as Error).message}`);
       return {
         listCount: 0,
         lists: []
@@ -349,8 +349,8 @@ export class IPReputationChecker {
         org: this.determineOrg(ip), // Simplified, would use real org data
         type
       };
-    } catch (error) {
-      logger.log('error', `Error getting IP info for ${ip}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error getting IP info for ${ip}: ${(error as Error).message}`);
       return {
         type: IPType.UNKNOWN
       };
@@ -468,8 +468,8 @@ export class IPReputationChecker {
     }
     this.saveCacheTimer = setTimeout(() => {
       this.saveCacheTimer = null;
-      this.saveCache().catch(error => {
-        logger.log('error', `Failed to save IP reputation cache: ${error.message}`);
+      this.saveCache().catch((error: unknown) => {
+        logger.log('error', `Failed to save IP reputation cache: ${(error as Error).message}`);
       });
     }, IPReputationChecker.SAVE_CACHE_DEBOUNCE_MS);
   }
@@ -506,11 +506,11 @@ export class IPReputationChecker {
         
         logger.log('info', `Saved ${entries.length} IP reputation cache entries to disk`);
       }
-    } catch (error) {
-      logger.log('error', `Failed to save IP reputation cache: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to save IP reputation cache: ${(error as Error).message}`);
     }
   }
-  
+
   /**
    * Load cache from disk or storage manager
    */
@@ -542,12 +542,12 @@ export class IPReputationChecker {
                 plugins.fs.unlinkSync(cacheFile);
                 logger.log('info', 'Old cache file removed after migration');
               } catch (deleteError) {
-                logger.log('warn', `Could not delete old cache file: ${deleteError.message}`);
+                logger.log('warn', `Could not delete old cache file: ${(deleteError as Error).message}`);
               }
             }
           }
-        } catch (error) {
-          logger.log('error', `Error loading from StorageManager: ${error.message}`);
+        } catch (error: unknown) {
+          logger.log('error', `Error loading from StorageManager: ${(error as Error).message}`);
         }
       } else {
         // No storage manager, load from filesystem
@@ -578,8 +578,8 @@ export class IPReputationChecker {
         const source = fromFilesystem ? 'disk' : 'StorageManager';
         logger.log('info', `Loaded ${validEntries.length} IP reputation cache entries from ${source}`);
       }
-    } catch (error) {
-      logger.log('error', `Failed to load IP reputation cache: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to load IP reputation cache: ${(error as Error).message}`);
     }
   }
   
@@ -611,8 +611,8 @@ export class IPReputationChecker {
     
     // If cache is enabled and we have entries, save them to the new storage manager
     if (this.options.enableLocalCache && this.reputationCache.size > 0) {
-      this.saveCache().catch(error => {
-        logger.log('error', `Failed to save cache to new storage manager: ${error.message}`);
+      this.saveCache().catch((error: unknown) => {
+        logger.log('error', `Failed to save cache to new storage manager: ${(error as Error).message}`);
       });
     }
   }

ts/security/classes.securitylogger.ts

@@ -58,7 +58,7 @@ export interface ISecurityEvent {
  * Security logger for enhanced security monitoring
  */
 export class SecurityLogger {
-  private static instance: SecurityLogger;
+  private static instance: SecurityLogger | undefined;
   private securityEvents: ISecurityEvent[] = [];
   private maxEventHistory: number;
   private enableNotifications: boolean;
@@ -154,11 +154,13 @@ export class SecurityLogger {
       }
       
       if (filter.fromTimestamp) {
-        filteredEvents = filteredEvents.filter(event => event.timestamp >= filter.fromTimestamp);
+        const fromTs = filter.fromTimestamp;
+        filteredEvents = filteredEvents.filter(event => event.timestamp >= fromTs);
       }
-      
+
       if (filter.toTimestamp) {
-        filteredEvents = filteredEvents.filter(event => event.timestamp <= filter.toTimestamp);
+        const toTs = filter.toTimestamp;
+        filteredEvents = filteredEvents.filter(event => event.timestamp <= toTs);
       }
     }
     

ts/sms/classes.smsservice.ts

@@ -7,7 +7,7 @@ import { smsConfigSchema } from './config/sms.schema.js';
 import { ConfigValidator } from '../config/validator.js';
 
 export class SmsService {
-  public projectinfo: plugins.projectinfo.ProjectInfo;
+  public projectinfo!: plugins.projectinfo.ProjectInfo;
   public typedrouter = new plugins.typedrequest.TypedRouter();
   public config: ISmsConfig;
 
@@ -16,7 +16,7 @@ export class SmsService {
     const validationResult = ConfigValidator.validate(options, smsConfigSchema);
     
     if (!validationResult.valid) {
-      logger.warn(`SMS service configuration has validation errors: ${validationResult.errors.join(', ')}`);
+      logger.warn(`SMS service configuration has validation errors: ${validationResult.errors!.join(', ')}`);
     }
     
     // Set configuration with defaults
@@ -30,7 +30,7 @@ export class SmsService {
    */
   public async start() {
     logger.log('info', `starting sms service`);
-    this.projectinfo = new plugins.projectinfo.ProjectInfo(paths.packageDir);
+    this.projectinfo = await plugins.projectinfo.ProjectInfo.create(paths.packageDir);
     this.typedrouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.platformservice.sms.IRequest_SendSms>(
         'sendSms',

ts/storage/classes.storagemanager.ts

@@ -15,7 +15,7 @@ export interface IStorageConfig {
   /** Filesystem path for storage */
   fsPath?: string;
   /** Custom read function */
-  readFunction?: (key: string) => Promise<string>;
+  readFunction?: (key: string) => Promise<string | null>;
   /** Custom write function */
   writeFunction?: (key: string, value: string) => Promise<void>;
 }
@@ -57,9 +57,7 @@ export class StorageManager {
       this.ensureDirectory(this.fsBasePath);
       
       // Set up internal filesystem read/write functions
-      this.config.readFunction = async (key: string) => {
-        return this.fsRead(key);
-      };
+      this.config.readFunction = (key: string): Promise<string | null> => this.fsRead(key);
       this.config.writeFunction = async (key: string, value: string) => {
         await this.fsWrite(key, value);
       };
@@ -88,8 +86,8 @@ export class StorageManager {
   private async ensureDirectory(dirPath: string): Promise<void> {
     try {
       await plugins.fsUtils.ensureDir(dirPath);
-    } catch (error) {
-      logger.log('error', `Failed to create storage directory: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to create storage directory: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -129,19 +127,19 @@ export class StorageManager {
   /**
    * Internal filesystem read function
    */
-  private async fsRead(key: string): Promise<string> {
+  private async fsRead(key: string): Promise<string | null> {
     const filePath = this.keyToPath(key);
     try {
       const content = await readFile(filePath, 'utf8');
       return content;
-    } catch (error) {
-      if (error.code === 'ENOENT') {
+    } catch (error: unknown) {
+      if ((error as any).code === 'ENOENT') {
         return null;
       }
       throw error;
     }
   }
-  
+
   /**
    * Internal filesystem write function
    */
@@ -186,8 +184,8 @@ export class StorageManager {
         default:
           throw new Error(`Unknown backend: ${this.backend}`);
       }
-    } catch (error) {
-      logger.log('error', `Storage get error for key ${key}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Storage get error for key ${key}: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -230,7 +228,7 @@ export class StorageManager {
           this.memoryStore.set(key, value);
           // Evict oldest entries if memory store exceeds limit
           while (this.memoryStore.size > StorageManager.MAX_MEMORY_ENTRIES) {
-            const firstKey = this.memoryStore.keys().next().value;
+            const firstKey = this.memoryStore.keys().next().value!;
             this.memoryStore.delete(firstKey);
           }
           break;
@@ -239,8 +237,8 @@ export class StorageManager {
         default:
           throw new Error(`Unknown backend: ${this.backend}`);
       }
-    } catch (error) {
-      logger.log('error', `Storage set error for key ${key}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Storage set error for key ${key}: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -257,8 +255,8 @@ export class StorageManager {
           const filePath = this.keyToPath(key);
           try {
             await unlink(filePath);
-          } catch (error) {
-            if (error.code !== 'ENOENT') {
+          } catch (error: unknown) {
+            if ((error as any).code !== 'ENOENT') {
               throw error;
             }
           }
@@ -281,8 +279,8 @@ export class StorageManager {
         default:
           throw new Error(`Unknown backend: ${this.backend}`);
       }
-    } catch (error) {
-      logger.log('error', `Storage delete error for key ${key}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Storage delete error for key ${key}: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -319,8 +317,8 @@ export class StorageManager {
                     }
                   }
                 }
-              } catch (error) {
-                if (error.code !== 'ENOENT') {
+              } catch (error: unknown) {
+                if ((error as any).code !== 'ENOENT') {
                   throw error;
                 }
               }
@@ -348,8 +346,8 @@ export class StorageManager {
         default:
           throw new Error(`Unknown backend: ${this.backend}`);
       }
-    } catch (error) {
-      logger.log('error', `Storage list error for prefix ${prefix}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Storage list error for prefix ${prefix}: ${(error as Error).message}`);
       throw error;
     }
   }
@@ -390,8 +388,8 @@ export class StorageManager {
     
     try {
       return JSON.parse(value) as T;
-    } catch (error) {
-      logger.log('error', `Failed to parse JSON for key ${key}: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to parse JSON for key ${key}: ${(error as Error).message}`);
       throw error;
     }
   }

ts_apiclient/readme.md

@@ -259,7 +259,7 @@ Resource classes (`Route`, `Certificate`, `ApiToken`, `RemoteIngress`, `Email`)
 
 ## License and Legal Information
 
-This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file.
+This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](../license) file.
 
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 

ts_interfaces/readme.md

@@ -280,7 +280,7 @@ console.log('Connection token:', tokenResponse.token);
 
 ## License and Legal Information
 
-This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file.
+This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](../license) file.
 
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 

ts_oci_container/index.ts

@@ -96,5 +96,27 @@ export function getOciContainerConfig(): IDcRouterOptions {
     };
   }
 
+  // Connection capacity config
+  const maxConnections = process.env.DCROUTER_MAX_CONNECTIONS;
+  const maxConnectionsPerIP = process.env.DCROUTER_MAX_CONNECTIONS_PER_IP;
+  const connectionRateLimit = process.env.DCROUTER_CONNECTION_RATE_LIMIT;
+  if (maxConnections || maxConnectionsPerIP || connectionRateLimit) {
+    options.smartProxyConfig = {
+      ...options.smartProxyConfig,
+      routes: options.smartProxyConfig?.routes || [],
+      ...(maxConnectionsPerIP ? { maxConnectionsPerIP: parseInt(maxConnectionsPerIP, 10) } : {}),
+      ...(connectionRateLimit ? { connectionRateLimitPerMinute: parseInt(connectionRateLimit, 10) } : {}),
+      ...(maxConnections ? {
+        defaults: {
+          ...options.smartProxyConfig?.defaults,
+          security: {
+            ...options.smartProxyConfig?.defaults?.security,
+            maxConnections: parseInt(maxConnections, 10),
+          },
+        },
+      } : {}),
+    };
+  }
+
   return options;
 }

ts_web/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '11.10.1',
+  version: '11.11.0',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts_web/appstate.ts

@@ -240,7 +240,7 @@ interface IActionContext {
 }
 
 const getActionContext = (): IActionContext => {
-  const identity = loginStatePart.getState().identity;
+  const identity = loginStatePart.getState()!.identity;
   // Treat expired JWTs as no identity — prevents stale persisted sessions from firing requests
   if (identity && identity.expiresAt && identity.expiresAt < Date.now()) {
     return { identity: null };
@@ -252,7 +252,7 @@ const getActionContext = (): IActionContext => {
 export const loginAction = loginStatePart.createAction<{
   username: string;
   password: string;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg): Promise<ILoginState> => {
   const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
     interfaces.requests.IReq_AdminLoginWithUsernameAndPassword
   >('/typedrequest', 'adminLoginWithUsernameAndPassword');
@@ -269,10 +269,10 @@ export const loginAction = loginStatePart.createAction<{
         isLoggedIn: true,
       };
     }
-    return statePartArg.getState();
-  } catch (error) {
+    return statePartArg.getState()!;
+  } catch (error: unknown) {
     console.error('Login failed:', error);
-    return statePartArg.getState();
+    return statePartArg.getState()!;
   }
 });
 
@@ -300,9 +300,9 @@ export const logoutAction = loginStatePart.createAction(async (statePartArg) =>
 });
 
 // Fetch All Stats Action - Using combined endpoint for efficiency
-export const fetchAllStatsAction = statsStatePart.createAction(async (statePartArg) => {
+export const fetchAllStatsAction = statsStatePart.createAction(async (statePartArg): Promise<IStatsState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -310,7 +310,7 @@ export const fetchAllStatsAction = statsStatePart.createAction(async (statePartA
     const combinedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
       interfaces.requests.IReq_GetCombinedMetrics
     >('/typedrequest', 'getCombinedMetrics');
-    
+
     const combinedResponse = await combinedRequest.fire({
       identity: context.identity,
       sections: {
@@ -332,19 +332,19 @@ export const fetchAllStatsAction = statsStatePart.createAction(async (statePartA
       isLoading: false,
       error: null,
     };
-  } catch (error) {
+  } catch (error: unknown) {
     return {
       ...currentState,
       isLoading: false,
-      error: error.message || 'Failed to fetch statistics',
+      error: (error as Error).message || 'Failed to fetch statistics',
     };
   }
 });
 
 // Fetch Configuration Action (read-only)
-export const fetchConfigurationAction = configStatePart.createAction(async (statePartArg) => {
+export const fetchConfigurationAction = configStatePart.createAction(async (statePartArg): Promise<IConfigState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -361,11 +361,11 @@ export const fetchConfigurationAction = configStatePart.createAction(async (stat
       isLoading: false,
       error: null,
     };
-  } catch (error) {
+  } catch (error: unknown) {
     return {
       ...currentState,
       isLoading: false,
-      error: error.message || 'Failed to fetch configuration',
+      error: (error as Error).message || 'Failed to fetch configuration',
     };
   }
 });
@@ -375,9 +375,9 @@ export const fetchRecentLogsAction = logStatePart.createAction<{
   limit?: number;
   level?: 'debug' | 'info' | 'warn' | 'error';
   category?: 'smtp' | 'dns' | 'security' | 'system' | 'email';
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg): Promise<ILogState> => {
   const context = getActionContext();
-  if (!context.identity) return statePartArg.getState();
+  if (!context.identity) return statePartArg.getState()!;
 
   const logsRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
     interfaces.requests.IReq_GetRecentLogs
@@ -391,14 +391,14 @@ export const fetchRecentLogsAction = logStatePart.createAction<{
   });
 
   return {
-    ...statePartArg.getState(),
+    ...statePartArg.getState()!,
     recentLogs: response.logs,
   };
 });
 
 // Toggle Auto Refresh Action
-export const toggleAutoRefreshAction = uiStatePart.createAction(async (statePartArg) => {
-  const currentState = statePartArg.getState();
+export const toggleAutoRefreshAction = uiStatePart.createAction(async (statePartArg): Promise<IUiState> => {
+  const currentState = statePartArg.getState()!;
   return {
     ...currentState,
     autoRefresh: !currentState.autoRefresh,
@@ -406,9 +406,9 @@ export const toggleAutoRefreshAction = uiStatePart.createAction(async (statePart
 });
 
 // Set Active View Action
-export const setActiveViewAction = uiStatePart.createAction<string>(async (statePartArg, viewName) => {
-  const currentState = statePartArg.getState();
-  
+export const setActiveViewAction = uiStatePart.createAction<string>(async (statePartArg, viewName): Promise<IUiState> => {
+  const currentState = statePartArg.getState()!;
+
   // If switching to network view, ensure we fetch network data
   if (viewName === 'network' && currentState.activeView !== 'network') {
     setTimeout(() => {
@@ -451,9 +451,9 @@ export const setActiveViewAction = uiStatePart.createAction<string>(async (state
 });
 
 // Fetch Network Stats Action
-export const fetchNetworkStatsAction = networkStatePart.createAction(async (statePartArg) => {
+export const fetchNetworkStatsAction = networkStatePart.createAction(async (statePartArg): Promise<INetworkState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -525,9 +525,9 @@ export const fetchNetworkStatsAction = networkStatePart.createAction(async (stat
 // ============================================================================
 
 // Fetch All Emails Action
-export const fetchAllEmailsAction = emailOpsStatePart.createAction(async (statePartArg) => {
+export const fetchAllEmailsAction = emailOpsStatePart.createAction(async (statePartArg): Promise<IEmailOpsState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -558,9 +558,9 @@ export const fetchAllEmailsAction = emailOpsStatePart.createAction(async (stateP
 // Certificate Actions
 // ============================================================================
 
-export const fetchCertificateOverviewAction = certificateStatePart.createAction(async (statePartArg) => {
+export const fetchCertificateOverviewAction = certificateStatePart.createAction(async (statePartArg): Promise<ICertificateState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -589,9 +589,9 @@ export const fetchCertificateOverviewAction = certificateStatePart.createAction(
 });
 
 export const reprovisionCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain, actionContext) => {
+  async (statePartArg, domain, actionContext): Promise<ICertificateState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -599,13 +599,13 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
       >('/typedrequest', 'reprovisionCertificateDomain');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         domain,
       });
 
       // Re-fetch overview after reprovisioning
-      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchCertificateOverviewAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to reprovision certificate',
@@ -615,9 +615,9 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
 );
 
 export const deleteCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain, actionContext) => {
+  async (statePartArg, domain, actionContext): Promise<ICertificateState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -625,13 +625,13 @@ export const deleteCertificateAction = certificateStatePart.createAction<string>
       >('/typedrequest', 'deleteCertificate');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         domain,
       });
 
       // Re-fetch overview after deletion
-      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchCertificateOverviewAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to delete certificate',
@@ -649,9 +649,9 @@ export const importCertificateAction = certificateStatePart.createAction<{
   publicKey: string;
   csr: string;
 }>(
-  async (statePartArg, cert, actionContext) => {
+  async (statePartArg, cert, actionContext): Promise<ICertificateState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -659,13 +659,13 @@ export const importCertificateAction = certificateStatePart.createAction<{
       >('/typedrequest', 'importCertificate');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         cert,
       });
 
       // Re-fetch overview after import
-      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchCertificateOverviewAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to import certificate',
@@ -681,7 +681,7 @@ export async function fetchCertificateExport(domain: string) {
   >('/typedrequest', 'exportCertificate');
 
   return request.fire({
-    identity: context.identity,
+    identity: context.identity!,
     domain,
   });
 }
@@ -695,16 +695,16 @@ export async function fetchConnectionToken(edgeId: string) {
   const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
     interfaces.requests.IReq_GetRemoteIngressConnectionToken
   >('/typedrequest', 'getRemoteIngressConnectionToken');
-  return request.fire({ identity: context.identity, edgeId });
+  return request.fire({ identity: context.identity!, edgeId });
 }
 
 // ============================================================================
 // Remote Ingress Actions
 // ============================================================================
 
-export const fetchRemoteIngressAction = remoteIngressStatePart.createAction(async (statePartArg) => {
+export const fetchRemoteIngressAction = remoteIngressStatePart.createAction(async (statePartArg): Promise<IRemoteIngressState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -743,9 +743,9 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRemoteIngressState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -753,7 +753,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
     >('/typedrequest', 'createRemoteIngress');
 
     const response = await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       name: dataArg.name,
       listenPorts: dataArg.listenPorts,
       autoDerivePorts: dataArg.autoDerivePorts,
@@ -762,16 +762,16 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 
     if (response.success) {
       // Refresh the list
-      await actionContext.dispatch(fetchRemoteIngressAction, null);
+      await actionContext!.dispatch(fetchRemoteIngressAction, null);
 
       return {
-        ...statePartArg.getState(),
+        ...statePartArg.getState()!,
         newEdgeId: response.edge.id,
       };
     }
 
     return currentState;
-  } catch (error) {
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to create edge',
@@ -780,9 +780,9 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 });
 
 export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<string>(
-  async (statePartArg, edgeId, actionContext) => {
+  async (statePartArg, edgeId, actionContext): Promise<IRemoteIngressState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -790,12 +790,12 @@ export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<str
       >('/typedrequest', 'deleteRemoteIngress');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         id: edgeId,
       });
 
-      return await actionContext.dispatch(fetchRemoteIngressAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchRemoteIngressAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to delete edge',
@@ -810,9 +810,9 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRemoteIngressState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -820,7 +820,7 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
     >('/typedrequest', 'updateRemoteIngress');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       id: dataArg.id,
       name: dataArg.name,
       listenPorts: dataArg.listenPorts,
@@ -828,8 +828,8 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
       tags: dataArg.tags,
     });
 
-    return await actionContext.dispatch(fetchRemoteIngressAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchRemoteIngressAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to update edge',
@@ -838,9 +838,9 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
 });
 
 export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.createAction<string>(
-  async (statePartArg, edgeId) => {
+  async (statePartArg, edgeId): Promise<IRemoteIngressState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -848,7 +848,7 @@ export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.create
       >('/typedrequest', 'regenerateRemoteIngressSecret');
 
       const response = await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         id: edgeId,
       });
 
@@ -870,9 +870,9 @@ export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.create
 );
 
 export const clearNewEdgeIdAction = remoteIngressStatePart.createAction(
-  async (statePartArg) => {
+  async (statePartArg): Promise<IRemoteIngressState> => {
     return {
-      ...statePartArg.getState(),
+      ...statePartArg.getState()!,
       newEdgeId: null,
     };
   }
@@ -881,9 +881,9 @@ export const clearNewEdgeIdAction = remoteIngressStatePart.createAction(
 export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRemoteIngressState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -891,13 +891,13 @@ export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
     >('/typedrequest', 'updateRemoteIngress');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       id: dataArg.id,
       enabled: dataArg.enabled,
     });
 
-    return await actionContext.dispatch(fetchRemoteIngressAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchRemoteIngressAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to toggle edge',
@@ -909,9 +909,9 @@ export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
 // Route Management Actions
 // ============================================================================
 
-export const fetchMergedRoutesAction = routeManagementStatePart.createAction(async (statePartArg) => {
+export const fetchMergedRoutesAction = routeManagementStatePart.createAction(async (statePartArg): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -943,9 +943,9 @@ export const fetchMergedRoutesAction = routeManagementStatePart.createAction(asy
 export const createRouteAction = routeManagementStatePart.createAction<{
   route: any;
   enabled?: boolean;
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -953,13 +953,13 @@ export const createRouteAction = routeManagementStatePart.createAction<{
     >('/typedrequest', 'createRoute');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       route: dataArg.route,
       enabled: dataArg.enabled,
     });
 
-    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchMergedRoutesAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to create route',
@@ -968,9 +968,9 @@ export const createRouteAction = routeManagementStatePart.createAction<{
 });
 
 export const deleteRouteAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeId, actionContext) => {
+  async (statePartArg, routeId, actionContext): Promise<IRouteManagementState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -978,12 +978,12 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
       >('/typedrequest', 'deleteRoute');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         id: routeId,
       });
 
-      return await actionContext.dispatch(fetchMergedRoutesAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchMergedRoutesAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to delete route',
@@ -995,9 +995,9 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
 export const toggleRouteAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1005,13 +1005,13 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
     >('/typedrequest', 'toggleRoute');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       id: dataArg.id,
       enabled: dataArg.enabled,
     });
 
-    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchMergedRoutesAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to toggle route',
@@ -1022,9 +1022,9 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
 export const setRouteOverrideAction = routeManagementStatePart.createAction<{
   routeName: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1032,13 +1032,13 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
     >('/typedrequest', 'setRouteOverride');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       routeName: dataArg.routeName,
       enabled: dataArg.enabled,
     });
 
-    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchMergedRoutesAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to set override',
@@ -1047,9 +1047,9 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
 });
 
 export const removeRouteOverrideAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeName, actionContext) => {
+  async (statePartArg, routeName, actionContext): Promise<IRouteManagementState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1057,12 +1057,12 @@ export const removeRouteOverrideAction = routeManagementStatePart.createAction<s
       >('/typedrequest', 'removeRouteOverride');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         routeName,
       });
 
-      return await actionContext.dispatch(fetchMergedRoutesAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchMergedRoutesAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to remove override',
@@ -1075,9 +1075,9 @@ export const removeRouteOverrideAction = routeManagementStatePart.createAction<s
 // API Token Actions
 // ============================================================================
 
-export const fetchApiTokensAction = routeManagementStatePart.createAction(async (statePartArg) => {
+export const fetchApiTokensAction = routeManagementStatePart.createAction(async (statePartArg): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
   if (!context.identity) return currentState;
 
   try {
@@ -1108,7 +1108,7 @@ export async function createApiToken(name: string, scopes: interfaces.data.TApiT
   >('/typedrequest', 'createApiToken');
 
   return request.fire({
-    identity: context.identity,
+    identity: context.identity!,
     name,
     scopes,
     expiresInDays,
@@ -1122,15 +1122,15 @@ export async function rollApiToken(id: string) {
   >('/typedrequest', 'rollApiToken');
 
   return request.fire({
-    identity: context.identity,
+    identity: context.identity!,
     id,
   });
 }
 
 export const revokeApiTokenAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, tokenId, actionContext) => {
+  async (statePartArg, tokenId, actionContext): Promise<IRouteManagementState> => {
     const context = getActionContext();
-    const currentState = statePartArg.getState();
+    const currentState = statePartArg.getState()!;
 
     try {
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1138,12 +1138,12 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
       >('/typedrequest', 'revokeApiToken');
 
       await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         id: tokenId,
       });
 
-      return await actionContext.dispatch(fetchApiTokensAction, null);
-    } catch (error) {
+      return await actionContext!.dispatch(fetchApiTokensAction, null);
+    } catch (error: unknown) {
       return {
         ...currentState,
         error: error instanceof Error ? error.message : 'Failed to revoke token',
@@ -1155,9 +1155,9 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
 export const toggleApiTokenAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg, actionContext) => {
+}>(async (statePartArg, dataArg, actionContext): Promise<IRouteManagementState> => {
   const context = getActionContext();
-  const currentState = statePartArg.getState();
+  const currentState = statePartArg.getState()!;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1165,13 +1165,13 @@ export const toggleApiTokenAction = routeManagementStatePart.createAction<{
     >('/typedrequest', 'toggleApiToken');
 
     await request.fire({
-      identity: context.identity,
+      identity: context.identity!,
       id: dataArg.id,
       enabled: dataArg.enabled,
     });
 
-    return await actionContext.dispatch(fetchApiTokensAction, null);
-  } catch (error) {
+    return await actionContext!.dispatch(fetchApiTokensAction, null);
+  } catch (error: unknown) {
     return {
       ...currentState,
       error: error instanceof Error ? error.message : 'Failed to toggle token',
@@ -1191,13 +1191,13 @@ socketRouter.addTypedHandler(
   new plugins.domtools.plugins.typedrequest.TypedHandler<interfaces.requests.IReq_PushLogEntry>(
     'pushLogEntry',
     async (dataArg) => {
-      const current = logStatePart.getState();
+      const current = logStatePart.getState()!;
       const updated = [...current.recentLogs, dataArg.entry];
       // Cap at 2000 entries
       if (updated.length > 2000) {
         updated.splice(0, updated.length - 2000);
       }
-      logStatePart.setState({ ...current, recentLogs: updated });
+      logStatePart.setState({ ...current, recentLogs: updated } as ILogState);
       return {};
     }
   )
@@ -1232,14 +1232,14 @@ async function disconnectSocket() {
 async function dispatchCombinedRefreshAction() {
   const context = getActionContext();
   if (!context.identity) return;
-  const currentView = uiStatePart.getState().activeView;
+  const currentView = uiStatePart.getState()!.activeView;
 
   try {
     // Always fetch basic stats for dashboard widgets
     const combinedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
       interfaces.requests.IReq_GetCombinedMetrics
     >('/typedrequest', 'getCombinedMetrics');
-    
+
     const combinedResponse = await combinedRequest.fire({
       identity: context.identity,
       sections: {
@@ -1252,12 +1252,13 @@ async function dispatchCombinedRefreshAction() {
     });
 
     // Update all stats from combined response
+    const currentStatsState = statsStatePart.getState()!;
     statsStatePart.setState({
-      ...statsStatePart.getState(),
-      serverStats: combinedResponse.metrics.server || statsStatePart.getState().serverStats,
-      emailStats: combinedResponse.metrics.email || statsStatePart.getState().emailStats,
-      dnsStats: combinedResponse.metrics.dns || statsStatePart.getState().dnsStats,
-      securityMetrics: combinedResponse.metrics.security || statsStatePart.getState().securityMetrics,
+      ...currentStatsState,
+      serverStats: combinedResponse.metrics.server || currentStatsState.serverStats,
+      emailStats: combinedResponse.metrics.email || currentStatsState.emailStats,
+      dnsStats: combinedResponse.metrics.dns || currentStatsState.dnsStats,
+      securityMetrics: combinedResponse.metrics.security || currentStatsState.securityMetrics,
       lastUpdated: Date.now(),
       isLoading: false,
       error: null,
@@ -1284,7 +1285,7 @@ async function dispatchCombinedRefreshAction() {
         });
 
         networkStatePart.setState({
-          ...networkStatePart.getState(),
+          ...networkStatePart.getState()!,
           connections: connectionsResponse.connections,
           connectionsByIP,
           throughputRate: {
@@ -1297,14 +1298,15 @@ async function dispatchCombinedRefreshAction() {
           throughputHistory: network.throughputHistory || [],
           requestsPerSecond: network.requestsPerSecond || 0,
           requestsTotal: network.requestsTotal || 0,
+          backends: network.backends || [],
           lastUpdated: Date.now(),
           isLoading: false,
           error: null,
         });
-      } catch (error) {
+      } catch (error: unknown) {
         console.error('Failed to fetch connections:', error);
         networkStatePart.setState({
-          ...networkStatePart.getState(),
+          ...networkStatePart.getState()!,
           connections: [],
           connectionsByIP,
           throughputRate: {
@@ -1317,6 +1319,7 @@ async function dispatchCombinedRefreshAction() {
           throughputHistory: network.throughputHistory || [],
           requestsPerSecond: network.requestsPerSecond || 0,
           requestsTotal: network.requestsTotal || 0,
+          backends: network.backends || [],
           lastUpdated: Date.now(),
           isLoading: false,
           error: null,
@@ -1359,9 +1362,9 @@ let currentRefreshRate = 1000; // Track current refresh rate to avoid unnecessar
 // Initialize auto-refresh when UI state is ready
 (() => {
   const startAutoRefresh = () => {
-    const uiState = uiStatePart.getState();
-    const loginState = loginStatePart.getState();
-    
+    const uiState = uiStatePart.getState()!;
+    const loginState = loginStatePart.getState()!;
+
     // Only start if conditions are met and not already running at the same rate
     if (uiState.autoRefresh && loginState.isLoggedIn) {
       // Check if we need to restart the interval (rate changed or not running)
@@ -1387,9 +1390,9 @@ let currentRefreshRate = 1000; // Track current refresh rate to avoid unnecessar
   };
 
   // Watch for relevant changes only
-  let previousAutoRefresh = uiStatePart.getState().autoRefresh;
-  let previousRefreshInterval = uiStatePart.getState().refreshInterval;
-  let previousIsLoggedIn = loginStatePart.getState().isLoggedIn;
+  let previousAutoRefresh = uiStatePart.getState()!.autoRefresh;
+  let previousRefreshInterval = uiStatePart.getState()!.refreshInterval;
+  let previousIsLoggedIn = loginStatePart.getState()!.isLoggedIn;
   
   uiStatePart.state.subscribe((state) => {
     // Only restart if relevant values changed
@@ -1420,7 +1423,7 @@ let currentRefreshRate = 1000; // Track current refresh rate to avoid unnecessar
   startAutoRefresh();
 
   // Connect TypedSocket if already logged in (e.g., persistent session)
-  if (loginStatePart.getState().isLoggedIn) {
+  if (loginStatePart.getState()!.isLoggedIn) {
     connectSocket();
   }
 })();

ts_web/elements/ops-dashboard.ts

@@ -195,17 +195,18 @@ export class OpsDashboard extends DeesElement {
   }
 
   public async firstUpdated() {
-    const simpleLogin = this.shadowRoot.querySelector('dees-simple-login');
-    simpleLogin.addEventListener('login', (e: CustomEvent) => {
+    const simpleLogin = this.shadowRoot!.querySelector('dees-simple-login') as any;
+    simpleLogin.addEventListener('login', (e: Event) => {
       // Handle logout event
-      this.login(e.detail.data.username, e.detail.data.password);
+      const detail = (e as CustomEvent).detail;
+      this.login(detail.data.username, detail.data.password);
     });
 
     // Handle view changes
-    const appDash = this.shadowRoot.querySelector('dees-simple-appdash');
+    const appDash = this.shadowRoot!.querySelector('dees-simple-appdash');
     if (appDash) {
-      appDash.addEventListener('view-select', (e: CustomEvent) => {
-        const viewName = e.detail.view.name.toLowerCase();
+      appDash.addEventListener('view-select', (e: Event) => {
+        const viewName = (e as CustomEvent).detail.view.name.toLowerCase();
         // Use router for navigation instead of direct state update
         appRouter.navigateToView(viewName);
       });
@@ -217,7 +218,7 @@ export class OpsDashboard extends DeesElement {
     }
 
     // Handle initial state - check if we have a stored session that's still valid
-    const loginState = appstate.loginStatePart.getState();
+    const loginState = appstate.loginStatePart.getState()!;
     if (loginState.identity?.jwt) {
       if (loginState.identity.expiresAt > Date.now()) {
         // Client-side expiry looks valid — verify with server (keypair may have changed)
@@ -229,7 +230,7 @@ export class OpsDashboard extends DeesElement {
           if (response.valid) {
             // JWT confirmed valid by server
             this.loginState = loginState;
-            await simpleLogin.switchToSlottedContent();
+            await (simpleLogin as any).switchToSlottedContent();
             await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
             await appstate.configStatePart.dispatchAction(appstate.fetchConfigurationAction, null);
           } else {
@@ -250,8 +251,8 @@ export class OpsDashboard extends DeesElement {
   private async login(username: string, password: string) {
     const domtools = await this.domtoolsPromise;
     console.log(`Attempting to login...`);
-    const simpleLogin = this.shadowRoot.querySelector('dees-simple-login');
-    const form = simpleLogin.shadowRoot.querySelector('dees-form');
+    const simpleLogin = this.shadowRoot!.querySelector('dees-simple-login') as any;
+    const form = simpleLogin.shadowRoot!.querySelector('dees-form') as any;
     form.setStatus('pending', 'Logging in...');
     
     const state = await appstate.loginStatePart.dispatchAction(appstate.loginAction, {
@@ -262,14 +263,14 @@ export class OpsDashboard extends DeesElement {
     if (state.identity) {
       console.log('Login successful');
       this.loginState = state;
-      form.setStatus('success', 'Logged in!');
-      await simpleLogin.switchToSlottedContent();
+      form!.setStatus('success', 'Logged in!');
+      await simpleLogin!.switchToSlottedContent();
       await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
       await appstate.configStatePart.dispatchAction(appstate.fetchConfigurationAction, null);
     } else {
-      form.setStatus('error', 'Login failed!');
+      form!.setStatus('error', 'Login failed!');
       await domtools.convenience.smartdelay.delayFor(2000);
-      form.reset();
+      form!.reset();
     }
   }
 }

ts_web/elements/ops-view-certificates.ts

@@ -21,7 +21,7 @@ declare global {
 @customElement('ops-view-certificates')
 export class OpsViewCertificates extends DeesElement {
   @state()
-  accessor certState: appstate.ICertificateState = appstate.certificateStatePart.getState();
+  accessor certState: appstate.ICertificateState = appstate.certificateStatePart.getState()!;
 
   constructor() {
     super();
@@ -264,10 +264,10 @@ export class OpsViewCertificates extends DeesElement {
                   {
                     name: 'Import',
                     iconName: 'lucide:upload',
-                    action: async (modal) => {
+                    action: async (modal: any) => {
                       const { DeesToast } = await import('@design.estate/dees-catalog');
                       try {
-                        const form = modal.shadowRoot.querySelector('dees-form') as any;
+                        const form = modal.shadowRoot!.querySelector('dees-form') as any;
                         const formData = await form.collectFormData();
                         const files = formData.certJsonFile;
                         if (!files || files.length === 0) {
@@ -287,8 +287,8 @@ export class OpsViewCertificates extends DeesElement {
                         );
                         DeesToast.show({ message: `Certificate imported for ${cert.domainName}`, type: 'success', duration: 3000 });
                         modal.destroy();
-                      } catch (err) {
-                        DeesToast.show({ message: `Import failed: ${err.message}`, type: 'error', duration: 4000 });
+                      } catch (err: unknown) {
+                        DeesToast.show({ message: `Import failed: ${(err as Error).message}`, type: 'error', duration: 4000 });
                       }
                     },
                   },
@@ -339,8 +339,8 @@ export class OpsViewCertificates extends DeesElement {
                 } else {
                   DeesToast.show({ message: response.message || 'Export failed', type: 'error', duration: 4000 });
                 }
-              } catch (err) {
-                DeesToast.show({ message: `Export failed: ${err.message}`, type: 'error', duration: 4000 });
+              } catch (err: unknown) {
+                DeesToast.show({ message: `Export failed: ${(err as Error).message}`, type: 'error', duration: 4000 });
               }
             },
           },
@@ -363,7 +363,7 @@ export class OpsViewCertificates extends DeesElement {
                   {
                     name: 'Delete',
                     iconName: 'lucide:trash-2',
-                    action: async (modal) => {
+                    action: async (modal: any) => {
                       try {
                         await appstate.certificateStatePart.dispatchAction(
                           appstate.deleteCertificateAction,
@@ -371,8 +371,8 @@ export class OpsViewCertificates extends DeesElement {
                         );
                         DeesToast.show({ message: `Certificate deleted for ${cert.domain}`, type: 'success', duration: 3000 });
                         modal.destroy();
-                      } catch (err) {
-                        DeesToast.show({ message: `Delete failed: ${err.message}`, type: 'error', duration: 4000 });
+                      } catch (err: unknown) {
+                        DeesToast.show({ message: `Delete failed: ${(err as Error).message}`, type: 'error', duration: 4000 });
                       }
                     },
                   },

ts_web/elements/ops-view-config.ts

@@ -102,7 +102,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderSystemSection(sys: appstate.IConfigState['config']['system']): TemplateResult {
+  private renderSystemSection(sys: NonNullable<appstate.IConfigState['config']>['system']): TemplateResult {
     // Annotate proxy IPs with source hint when Remote Ingress is active
     const ri = this.configState.config?.remoteIngress;
     let proxyIpValues: string[] | null = sys.proxyIps.length > 0 ? [...sys.proxyIps] : null;
@@ -133,7 +133,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderSmartProxySection(proxy: appstate.IConfigState['config']['smartProxy']): TemplateResult {
+  private renderSmartProxySection(proxy: NonNullable<appstate.IConfigState['config']>['smartProxy']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Route Count', value: proxy.routeCount },
     ];
@@ -164,7 +164,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderEmailSection(email: appstate.IConfigState['config']['email']): TemplateResult {
+  private renderEmailSection(email: NonNullable<appstate.IConfigState['config']>['email']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Ports', value: email.ports.length > 0 ? email.ports.map(String) : null, type: 'pills' },
       { key: 'Hostname', value: email.hostname },
@@ -196,7 +196,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderDnsSection(dns: appstate.IConfigState['config']['dns']): TemplateResult {
+  private renderDnsSection(dns: NonNullable<appstate.IConfigState['config']>['dns']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Port', value: dns.port },
       { key: 'NS Domains', value: dns.nsDomains.length > 0 ? dns.nsDomains : null, type: 'pills' },
@@ -216,7 +216,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderTlsSection(tls: appstate.IConfigState['config']['tls']): TemplateResult {
+  private renderTlsSection(tls: NonNullable<appstate.IConfigState['config']>['tls']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Contact Email', value: tls.contactEmail },
       { key: 'Domain', value: tls.domain },
@@ -242,7 +242,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderCacheSection(cache: appstate.IConfigState['config']['cache']): TemplateResult {
+  private renderCacheSection(cache: NonNullable<appstate.IConfigState['config']>['cache']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Storage Path', value: cache.storagePath },
       { key: 'DB Name', value: cache.dbName },
@@ -267,7 +267,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderRadiusSection(radius: appstate.IConfigState['config']['radius']): TemplateResult {
+  private renderRadiusSection(radius: NonNullable<appstate.IConfigState['config']>['radius']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Auth Port', value: radius.authPort },
       { key: 'Accounting Port', value: radius.acctPort },
@@ -296,7 +296,7 @@ export class OpsViewConfig extends DeesElement {
     `;
   }
 
-  private renderRemoteIngressSection(ri: appstate.IConfigState['config']['remoteIngress']): TemplateResult {
+  private renderRemoteIngressSection(ri: NonNullable<appstate.IConfigState['config']>['remoteIngress']): TemplateResult {
     const fields: IConfigField[] = [
       { key: 'Tunnel Port', value: ri.tunnelPort },
       { key: 'Hub Domain', value: ri.hubDomain },

ts_web/elements/ops-view-emails.ts

@@ -83,13 +83,13 @@ export class OpsViewEmails extends DeesElement {
   private async handleEmailClick(e: CustomEvent<interfaces.requests.IEmail>) {
     const emailSummary = e.detail;
     try {
-      const context = appstate.loginStatePart.getState();
+      const context = appstate.loginStatePart.getState()!;
       const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
         interfaces.requests.IReq_GetEmailDetail
       >('/typedrequest', 'getEmailDetail');
 
       const response = await request.fire({
-        identity: context.identity,
+        identity: context.identity!,
         emailId: emailSummary.id,
       });
 

ts_web/elements/ops-view-network.ts

@@ -29,10 +29,10 @@ interface INetworkRequest {
 @customElement('ops-view-network')
 export class OpsViewNetwork extends DeesElement {
   @state()
-  accessor statsState = appstate.statsStatePart.getState();
+  accessor statsState = appstate.statsStatePart.getState()!;
 
   @state()
-  accessor networkState = appstate.networkStatePart.getState();
+  accessor networkState = appstate.networkStatePart.getState()!;
 
 
   @state()

ts_web/elements/ops-view-remoteingress.ts

@@ -21,7 +21,7 @@ declare global {
 @customElement('ops-view-remoteingress')
 export class OpsViewRemoteIngress extends DeesElement {
   @state()
-  accessor riState: appstate.IRemoteIngressState = appstate.remoteIngressStatePart.getState();
+  accessor riState: appstate.IRemoteIngressState = appstate.remoteIngressStatePart.getState()!;
 
   constructor() {
     super();
@@ -184,7 +184,7 @@ export class OpsViewRemoteIngress extends DeesElement {
             @click=${async () => {
               const { DeesToast } = await import('@design.estate/dees-catalog');
               try {
-                const response = await appstate.fetchConnectionToken(this.riState.newEdgeId);
+                const response = await appstate.fetchConnectionToken(this.riState.newEdgeId!);
                 if (response.success && response.token) {
                   if (navigator.clipboard && typeof navigator.clipboard.writeText === 'function') {
                     await navigator.clipboard.writeText(response.token);
@@ -202,8 +202,8 @@ export class OpsViewRemoteIngress extends DeesElement {
                 } else {
                   DeesToast.show({ message: response.message || 'Failed to get token', type: 'error', duration: 4000 });
                 }
-              } catch (err) {
-                DeesToast.show({ message: `Failed: ${err.message}`, type: 'error', duration: 4000 });
+              } catch (err: unknown) {
+                DeesToast.show({ message: `Failed: ${(err as Error).message}`, type: 'error', duration: 4000 });
               }
             }}
           >Copy Connection Token</dees-button>
@@ -399,8 +399,8 @@ export class OpsViewRemoteIngress extends DeesElement {
                   } else {
                     DeesToast.show({ message: response.message || 'Failed to get token', type: 'error', duration: 4000 });
                   }
-                } catch (err) {
-                  DeesToast.show({ message: `Failed: ${err.message}`, type: 'error', duration: 4000 });
+                } catch (err: unknown) {
+                  DeesToast.show({ message: `Failed: ${(err as Error).message}`, type: 'error', duration: 4000 });
                 }
               },
             },

ts_web/readme.md

@@ -237,7 +237,7 @@ export class OpsViewMyView extends DeesElement {
 
 ## License and Legal Information
 
-This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file.
+This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](../license) file.
 
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 

ts_web/router.ts

@@ -71,12 +71,12 @@ class AppRouter {
 
   private updateViewState(view: string): void {
     this.suppressStateUpdate = true;
-    const currentState = appstate.uiStatePart.getState();
+    const currentState = appstate.uiStatePart.getState()!;
     if (currentState.activeView !== view) {
       appstate.uiStatePart.setState({
         ...currentState,
         activeView: view,
-      });
+      } as appstate.IUiState);
     }
     this.suppressStateUpdate = false;
   }
@@ -94,7 +94,7 @@ class AppRouter {
   }
 
   public getCurrentView(): string {
-    return appstate.uiStatePart.getState().activeView;
+    return appstate.uiStatePart.getState()!.activeView;
   }
 
   public destroy(): void {