Path and wildcard routing
Register exact routes, path parameters, and wildcard segments. Access matched values through ctx.params.
Phase 1 · Pre-1.0
Orveth
Open-source modular TypeScript backend application platform.
Build strict, composable backend services with path routing, validation, security helpers, and a focused package ecosystem — without a monolithic platform.
server.ts
import { Orveth } from "orveth";
const app = new Orveth();
app.get("/", (ctx) => {
return ctx.json({ ok: true });
});
app.get("/users/:id", (ctx) => {
return ctx.json({ id: ctx.params.id });
});
await app.listen({ port: 3000 });Why Orveth
A backend platform you can grow into
Phase 1 adds routing, context, validation, and practical security helpers — still modular, still explicit.
Improved RequestContext
params, query, headers, method, path, and url — plus json, text, ok, and readJson on one context object.
Phase 1 foundation
404 and 405 handling, middleware lifecycle improvements, and a stronger core built for real application routes.
Validation with Zod
@orveth/validation-zod provides validateBody and validateQuery with typed ctx.valid results.
Security helpers
@orveth/cors and @orveth/security ship practical middleware — CORS, request IDs, and security headers.
Strict configuration
@orveth/config parses environment values strictly so invalid ports and coercions fail at startup.
Ecosystem
Phase 1 packages
Core runtime plus validation, security, TLS, JWT, and Prisma integrations.
orveth
Umbrella package — server runtime, routing, and optional modules on one version line.
npm install orveth
@orveth/server
Core runtime — Orveth app, path and wildcard routing, middleware, RequestContext.
npm install @orveth/server
@orveth/http
Status codes, response preparation, and header utilities.
npm install @orveth/http
@orveth/https
TLS file loading and HTTPS listeners — outside the core runtime.
npm install @orveth/https
@orveth/errors
Typed errors, JSON normalization, and HTTP-aware failure responses.
npm install @orveth/errors
@orveth/config
Strict environment-backed configuration parsing — invalid values fail clearly.
npm install @orveth/config
@orveth/logger
Structured logging interfaces for services.
npm install @orveth/logger
@orveth/validation
Validation result types and the Validator interface.
npm install @orveth/validation
@orveth/validation-zod
Official Zod adapter — validateBody, validateQuery, typed ctx.valid.
npm install @orveth/validation-zod
@orveth/jwt
HS256 JWT sign and verify helpers — not a full auth platform.
npm install @orveth/jwt
@orveth/prisma
Prisma shutdown hooks and database health routes.
npm install @orveth/prisma
@orveth/cors
Practical CORS middleware for browser-facing APIs.
npm install @orveth/cors
@orveth/security
Request ID and security header helpers — minimal, practical defaults.
npm install @orveth/security
Developer experience
Phase 1 patterns in practice
Examples aligned with the published Phase 1 APIs — routing, validation, security, and config.
Basic server
basic-server.ts
import { Orveth } from "orveth";
const app = new Orveth();
app.get("/", (ctx) => {
return ctx.json({ ok: true });
});
await app.listen({ port: 3000 });Path routing
path-routing.ts
app.get("/users/:id", (ctx) => {
return ctx.json({ id: ctx.params.id });
});
app.get("/docs/*", (ctx) => {
return ctx.json({ rest: ctx.params["*"] });
});Zod validation
zod-validation.ts
import { z } from "zod";
import { validateBody } from "@orveth/validation-zod";
const createUser = z.object({
email: z.string().email(),
});
app.post("/users", validateBody(createUser), (ctx) => {
return ctx.created(ctx.valid.body);
});CORS and security
cors-and-security.ts
import { cors } from "@orveth/cors";
import { requestId, securityHeaders } from "@orveth/security";
app.use(cors());
app.use(requestId());
app.use(securityHeaders());Strict config
strict-config.ts
import { coercedInteger, parseConfig } from "@orveth/config";
const config = parseConfig({
PORT: coercedInteger("PORT"),
});HTTPS
https.ts
import { listenHttps, readTlsFilePair } from "@orveth/https";
const tls = await readTlsFilePair({
certPath: process.env.TLS_CERT_PATH!,
keyPath: process.env.TLS_KEY_PATH!,
});
await listenHttps(app, 443, tls);Philosophy
Platform principles
Modular packages, explicit behavior, and honest scope.
Platform, not a toy runtime
Orveth is a modular application platform. The core stays focused; packages add validation, security, TLS, and integrations.
Explicit over magical
Routes, middleware order, and errors behave predictably. No hidden globals or surprise lifecycle hooks.
Modular over monolithic
Install @orveth/server alone or compose cors, security, validation-zod, jwt, and prisma as needed.
Integration over reinvention
Zod stays Zod. Prisma stays Prisma. JWT helpers sign tokens — they do not replace your auth model.
Honest scope
Pre-1.0 and improving fast. No WebSockets in core, no hosted cloud, no ORM — just a serious backend foundation.
Phase 1 is here — still pre-1.0
Orveth Phase 1 delivers a stronger backend foundation: path routing, improved context, validation, and security helpers. The ecosystem remains pre-1.0 — pin versions, read the changelog, and see limitations for what is intentionally out of scope.