- Concurrent multi threadded web server
- Database framework with familiar MVC concepts
- Database models with migrations and validations
- Database models that work almost the same in frontend and backend
- Built-in record auditing for model lifecycle changes (see docs/auditing.md)
- Declarative state machines for models (see docs/state-machine.md)
- Migrations for schema changes and UTC datetime storage (see docs/database-migrations.md)
- External packages (engines) that contribute data models, frontend-model resources and migrations to a consuming app (see docs/packages.md)
- Controllers and views for HTTP endpoints
- Frontend-model transport for creating, updating, querying, and subscribing to query-filtered lifecycle events over HTTP/WebSocket, with structured per-attribute validation error responses (see docs/frontend-models.md)
- Client-side offline sync mutation logs and frontend-model optimistic queueing primitives (see docs/offline-sync.md)
- Declarative client sync scopes with per-scope cursors, automatic mutation tracking, realtime delivery, and
sync/pullprogress reporting for "X of Y" import screens (see docs/sync-client.md) - Reactive
useLiveQuery(Model.where(...))queries that stay current from committed local model changes across local writes, pulls, and realtime (see docs/live-queries.md) - Server-side sync envelope replay orchestration for app-owned sync receivers (see docs/sync-envelope-replay-service.md)
- SQLite web persistence that automatically prefers OPFS, then IndexedDB, and migrates legacy persisted bytes when possible (see docs/sqlite-web-persistence.md)
- Expo / Metro compatibility guidance and a real Expo export check (see docs/expo-metro-compatibility.md)
- Gap-less positional lists with automatic reordering via
actsAsList(see docs/acts-as-list.md) - Rails-style nested-attribute writes on frontend-model
save()(see docs/nested-attributes.md) - Per-row association counts via
.withCount(...)on frontend and backend queries (see docs/with-count.md) - Consumer-defined per-row SQL aggregates/computations via
.queryData(...)on frontend and backend queries (see docs/query-data.md) - Per-record ability checks via
.abilities(...)on frontend queries +record.can(action)(see docs/abilities.md) - Translated model attributes with current-locale relationship sorting (see docs/translations.md)
- Cross-process broadcast bus for
broadcastToChannelviavelocious beacon, including background job runner processes (see docs/beacon.md) - Configurable HTTP server worker handlers plus backpressured, descriptor-only file responses with completion callbacks (see docs/http-server.md)
- Background jobs with failure events for production reporting (see docs/background-jobs.md)
- Rails-style request and database query logging (see docs/logging.md)
- EJS-backed mailers with delivery, queueing, and payload rendering support (see docs/mailers.md)
- Trusted reverse proxy handling for
request.remoteAddress()(see docs/trusted-proxies.md) - In-process driver schema metadata caching (see docs/schema-metadata-cache.md)
- Planned local-first shared-resource sync architecture (see docs/offline-sync.md)
- Named database connection checkouts, bounded pool waits, and debugging held connections (see docs/database-connections.md)
- Optional built-in debug endpoint for inspecting server and database connection state (see docs/debug-endpoint.md)
- Optional built-in API manifest endpoint describing every registered frontend-model resource as human- and machine-readable JSON (see docs/api-manifest-endpoint.md)
Make a new NPM project.
mkdir project
cd project
npm install velocious
npx velocious initBy default, Velocious looks for your configuration in src/config/configuration.js. If you keep the configuration elsewhere, make sure your app imports it early and calls configuration.setCurrent().
When working on Velocious itself, npm scripts are cross-platform (Windows cmd/PowerShell and POSIX shells):
npm run build
npm run test
npm run test:expofallow analyzes the codebase for unused/dead code, duplication, and complexity. CI runs it as a regression gate: it fails only on findings beyond the committed baseline in fallow-baselines/, so existing backlog never blocks a PR but new issues do.
# Regression gate (what CI runs) — fails on new dead code / dupes / complexity beyond the baseline
npm run fallow
# Refresh the baseline after intentionally adding/removing code (commit the updated fallow-baselines/*.json)
npm run fallow:baselineBaselines are generated against a fresh checkout (no generated dummy configuration.js), so the gate is deterministic in CI and locally. Tuning (entry points, ignores) lives in .fallowrc.json.
Tag tests to filter runs.
describe("Tasks", {tags: ["db"]}, () => {
it("creates a task", {tags: ["fast"]}, async () => {})
})# Only run tagged tests (focused tests still run)
npx velocious test --tag fast
npx velocious test --include-tag fast,api
# Exclude tagged tests (always wins)
npx velocious test --exclude-tag slowTarget a test by line number or description.
npx velocious test spec/path/to/test-spec.js:34
npx velocious test --example "filters on nested relationship attributes"
npx velocious test --example "/nested.*attributes/i"
npx velocious test --name "filters on nested relationship attributes"Exclude tags via your testing config file.
// src/config/testing.js
import {configureTests} from "velocious/build/src/testing/test.js"
export default async function configureTesting() {
configureTests({excludeTags: ["mssql"]})
}Retry flaky tests by setting a retry count on the test args.
describe("Tasks", () => {
it("retries a flaky check", {retry: 2}, async () => {})
})Velocious captures console output emitted while each test executes, but does not print passing-test output by default. When a test fails, Velocious prints a truncated Console output: block for that failed test and saves the full captured log under tmp/screenshots next to failure screenshots/browser logs/HTML. Each failed test summary prints the saved console log path.
Configure console output behavior in your testing config file.
// src/config/testing.js
import {configureTests} from "velocious/build/src/testing/test.js"
export default async function configureTesting() {
configureTests({
consoleOutput: "failure", // default: print captured output only for failed tests
failedConsoleOutputMaxLines: 200 // default: print the last 200 lines inline
})
}Use consoleOutput: "live" to preserve the previous passthrough behavior where test console output is printed while tests run.
Listen for attempt and retry events if you need to reset shared state after a failed attempt or log retry lifecycle details. testAttemptFailed fires after every failed attempt, including the final failed attempt when no retries remain. testRetrying only fires before a retry, and testFailed only fires after retries are exhausted.
import {testEvents} from "velocious/build/src/testing/test.js"
testEvents.on("testAttemptFailed", async ({testDescription, attemptNumber, willRetry}) => {
console.log(`Failed ${testDescription} attempt ${attemptNumber}`)
if (willRetry) {
await resetBrowserOrExternalServices()
}
})
testEvents.on("testRetrying", ({testDescription, nextAttempt}) => {
console.log(`Retrying ${testDescription} (attempt ${nextAttempt})`)
})
testEvents.on("testRetried", ({testDescription, attemptNumber}) => {
console.log(`Retry attempt finished for ${testDescription} (attempt ${attemptNumber})`)
})Split test files across parallel CI jobs using --groups and --group-number.
# Run group 1 of 4
npx velocious test --groups=4 --group-number=1
# Run group 2 of 4
npx velocious test --groups=4 --group-number=2
# Combine with tags
npx velocious test --groups=3 --group-number=1 --tag fastFiles are distributed using a greedy load-balancing algorithm. Each file is
weighted by its spec directory (system/ = 20, frontend-models/ = 10,
controller/ = 3, default = 1) with a 2x multiplier for .browser-spec.js
files. The heaviest files are assigned first to the group with the least
accumulated weight, producing balanced wall-clock times across groups.
The algorithm is deterministic: the same file list always produces the same group assignments.
Run browser compatibility tests via System Testing:
npm run test:browserBrowser system tests must be named *.browser-test.js or *.browser-spec.js (override with VELOCIOUS_BROWSER_TEST_PATTERN).
Use beforeAll/afterAll for suite-level setup/teardown.
// src/config/testing.js
export default async function configureTesting() {
beforeAll(async () => {
// setup shared resources
})
afterAll(async () => {
// teardown shared resources
})
}Common matchers:
expect(value).toBeTruthy()
expect(value).toMatchObject({status: "success"})
expect({a: 1, b: 2}).toEqual(expect.objectContaining({a: 1}))
expect([1, 2, 3]).toEqual(expect.arrayContaining([2, 3]))Mailers live under src/mailers, with a mailer.js and matching .ejs templates.
import VelociousMailer, {deliveries, setDeliveryHandler} from "velocious/build/src/mailer.js"
class TasksMailer extends VelociousMailer {
newNotification(task, user) {
this.task = task
this.user = user
this.assignView({task, user})
return this.mail({to: user.email(), subject: "New task"})
}
}Velocious infers the action name from the mailer action method when this.mail(...) is called from that method. Pass actionName explicitly when rendering a different action template or when a shared helper should override the inferred action.
<b>Hello <%= mailer.user.name() %></b>
<p>
Task <%= task.id() %> has just been created.
</p>Deliver immediately or enqueue via background jobs:
await new TasksMailer().newNotification(task, user).deliverNow()
await new TasksMailer().newNotification(task, user).deliverLater()Build the rendered payload without sending when the app needs to store an audit copy or hand delivery to its own transport:
const payload = await new TasksMailer().newNotification(task, user).buildPayload()If your mailer needs async setup, keep the action sync and pass actionPromise:
resetPassword(user) {
return this.mail({
to: user.email(),
subject: "Reset your password",
actionPromise: (async () => {
this.token = await user.resetToken()
this.assignView({user, token: this.token})
})()
})
}Configure a delivery handler for non-test environments:
setDeliveryHandler(async ({to, subject, html}) => {
// send the email via your provider
})Mailer backends can also be configured via your app configuration.
import {SmtpMailerBackend} from "velocious/build/src/mailer.js"
export default new Configuration({
mailerBackend: new SmtpMailerBackend({
connectionOptions: {
host: "smtp.example.com",
port: 587,
secure: false,
auth: {user: "smtp-user", pass: "smtp-pass"}
},
defaultFrom: "no-reply@example.com"
})
})Install the SMTP peer dependency in your app:
npm install smtp-connectionWhen connectionOptions.auth is present, the SMTP backend authenticates before sending the message.
Test deliveries are stored in memory:
const sent = deliveries()Velocious uses gettext-universal by default. Configure your locales and fallbacks in the app configuration:
export default new Configuration({
locale: () => "en",
locales: ["en"],
localeFallbacks: {en: ["en"]}
})Load compiled translations for gettext-universal (for example, JS files generated from .po files):
import gettextConfig from "gettext-universal/build/src/config.js"
import en from "./locales/en.js"
Object.assign(gettextConfig.getLocales(), {en})Use translations in mailer views with _:
<b><%= _("Hello %{userName}", {userName}) %></b>If you want a different translation backend, set a custom translator:
configuration.setTranslator((msgID, args) => {
// return translated string
})npx velocious g:model Account
npx velocious g:model TaskYou can generate lightweight frontend model classes from resource definitions in your configuration.
import FrontendModelBaseResource from "velocious/build/src/frontend-model-resource/base-resource.js"
class UserResource extends FrontendModelBaseResource {
static resourceConfig() {
return {
attributes: ["id", "name", "email"],
relationships: {
projects: {type: "hasMany", model: "Project"}
}
}
}
}
export default new Configuration({
// ...
backendProjects: [
{
path: "/path/to/backend-project",
frontendModels: {
User: UserResource
}
}
]
})frontendModels entries must be FrontendModelBaseResource subclasses. Built-in CRUD/find/index/serialize behavior lives in the base class, and app resources override only the pieces they actually need.
Resource-level index customization should prefer indexQuery() or the pagination/search/sort hooks over replacing records(), so built-in pluck and aggregate count support can keep using the same query. See docs/frontend-model-resources.md for the resource extension points.
Custom class- and instance-level commands are declared via collectionCommands / memberCommands. Each entry is a plain camelCase method name, or a {name, args?, returnType?} object that types the command's arguments and response — e.g. memberCommands: ["suspend", {name: "refresh", args: [{name: "age", type: "number"}], returnType: "string"}]. Plain string commands derive args and return types from the backend resource method JSDoc; shared DTO @import types outside the backend src tree are preserved in generated frontend models, while backend-local helper types such as ReturnType<typeof serializePayload> are rejected. A command whose args are a single object literal with only optional fields generates an omittable parameter (record.command() works without passing {}); any required field keeps the argument mandatory. See docs/frontend-model-resources.md#custom-commands.
Resources expose the full CRUD ability set (create, destroy, read, update) by default. To restrict the API surface — for example to a read-only resource — declare an explicit subset:
class AuditLogResource extends FrontendModelBaseResource {
static abilities = ["read"]
static attributes = ["id", "message", "createdAt"]
}Generate classes:
npx velocious g:frontend-modelsFrontend-model attributes can usually be declared by name. The generator infers JSDoc typedefs and nullability from backend model columns and translated attribute columns. When an attribute entry needs resource-specific options such as selectedByDefault: false, keep only that option in the resource config, for example {name: "archivedAt", selectedByDefault: false}; the column type and nullability are still inferred. For computed resource attributes, add a typed ${attributeName}Attribute(model) method with an @returns tag in the backend project's src tree. Resource attribute return types take precedence over column types because the resource method controls the serialized value. If Velocious cannot infer a read attribute from a column, generated model accessor, resource method JSDoc, or explicit metadata, generation fails with a clear error instead of emitting a broad fallback type.
This creates src/frontend-models/user.js (and one file per configured resource). Import each model directly by its file path (e.g. import User from ".../frontend-models/user.js"); src/frontend-models/setup.js side-effect-imports every model file so they self-register (import it once at app startup). No barrel/index.js is generated. Every generated file — the per-model files and setup.js here, and the base-model files from g:base-models — starts with an auto-generated banner stating it must not be edited manually because changes are overwritten on the next regeneration, and naming the command that regenerates it. Apply changes at their source (resource/model definitions or the generator) and regenerate. Generated classes support:
await User.find(5)await User.findBy({email: "john@example.com"})await User.findByOrFail({email: "john@example.com"})await User.toArray()await User.create({name: "John"})await Task.sort("-createdAt").toArray()await Task.order("-createdAt").toArray()await Task.limit(10).offset(20).toArray()await Task.page(2).perPage(25).toArray()await Task.where({project: {creatingUser: {reference: "owner-b"}}}).toArray()await Task.joins({project: {creatingUser: true}}).where({project: {creatingUser: {reference: "owner-b"}}}).toArray()await Task.sort({project: {creatingUser: ["reference", "desc"]}}).toArray()await Task.sort({project: {account: [["name", "desc"], ["createdAt", "asc"]]}}).toArray()await Task.group({project: {account: ["id"]}}).toArray()await Task.sort({comments: ["body", "asc"]}).distinct().toArray()await Task.count()await Task.pluck("id")await Task.pluck({project: ["id"]})await User.preload({projects: ["tasks"]}).toArray()await Task.load()await Project.preload(["tasks"]).select({Project: ["id", "createdAt"], Task: ["updatedAt"]}).toArray()await user.update({...})await user.save()(persists new records and updates existing records; also carries dirty nested children through the single request when the parent opts in — see docs/nested-attributes.md)await user.destroy()user.markForDestruction()to queue a loaded child for destruction on the next parent save (see docs/nested-attributes.md)- State helpers like
user.isNewRecord(),user.isPersisted(),user.isChanged(), anduser.changes() - Attribute methods like
user.name()anduser.setName(...) - Relationship helpers (when
relationshipsare configured), for exampletask.project(),await task.projectOrLoad(),await project.tasks().toArray(),await project.tasks().load(), andproject.tasks().build({...}) - Preload relationships onto records you already have with
await record.preload(Model.preload({...}).select({...}))(orPreloader.preload(records, ...)for arrays), includingselectsExtra(...)and a{force: true}reload option — see docs/frontend-models.md - Attachment helpers (when
attachmentsare configured), for exampleawait task.descriptionFile().attach(file),await task.descriptionFile().download(),await task.files().purgeAll(), andawait task.update({descriptionFile: file})
React components can subscribe to lifecycle broadcasts without manual cleanup code:
import useModelClassEvent from "velocious/build/src/frontend-models/use-model-class-event.js"
useModelClassEvent(Subscription, ["create", "update"], () => {
void loadSubscriptionStatus()
})useCreatedEvent, useUpdatedEvent, and useDestroyedEvent are also available. useUpdatedEvent and useDestroyedEvent accept either a model class or model instance. Lifecycle subscriptions accept the same projection options as frontend-model queries for event records, including select, preload, withCount, abilities, and queryData.
Frontend-model group(...) is attribute/path based and does not accept raw SQL fragments. Use model/relationship shapes (for example Task.group({project: {account: ["id"]}})) so grouping resolves through known relationships and mapped columns.
Frontend-model where(...) supports nested relationship descriptors (for example Task.where({project: {creatingUser: {reference: "owner-b"}}})) and does not accept raw SQL fragments.
Frontend-model joins(...) supports relationship-object descriptors only (for example Task.joins({project: {creatingUser: true}})) and rejects raw SQL join strings.
Frontend-model distinct(...) only accepts booleans (true by default) and is applied server-side through the backend query API.
Frontend-model pluck(...) validates attribute/path descriptors against configured resource/model metadata and does not accept SQL fragments or hidden raw model columns when the resource declares an explicit attribute list.
Frontend-model query fields are limited to attributes exposed by the backend resource. Use {name: "attributeName", selectedByDefault: false} for fields that may be selected or filtered explicitly but should stay out of default payloads.
When backend payloads include __preloadedRelationships, nested frontend-model relationships are hydrated recursively. Relationship methods can use getRelationshipByName("relationship").loaded() and will throw when a relationship was not preloaded.
When queries include select(...), backend frontend-model actions only serialize selected attributes for each model class. Reading a non-selected attribute on a frontend model raises AttributeNotSelectedError.
You do not need to manually define frontend-index / frontend-find / frontend-create / frontend-update / frontend-destroy routes for those resources. Velocious can auto-resolve frontend model command paths from backendProjects.frontendModels.
For backend models, you can declare attachment helpers directly:
Task.hasManyAttachments("files")
Task.hasOneAttachment("descriptionFile")
Task.hasOneAttachment("archivedPdf", {driver: "s3"})You can also pass a driver class or instance directly on the attachment:
import NativeDriver from "./storage/native-driver.js"
Task.hasOneAttachment("mobileCache", {driver: NativeDriver})
// or:
Task.hasOneAttachment("mobileCache", {driver: new NativeDriver()})Then use them from backend records:
await task.descriptionFile().attach({
content: "my file content",
filename: "file.doc"
})
const descriptionFileUrl = await task.descriptionFile().url()
await task.update({
descriptionFile: {
contentBase64: Buffer.from("my file content").toString("base64"),
filename: "my-doc.doc"
}
})Purge a record's attachments — both the stored files and their rows — for example before destroying the owner record:
const purgedCount = await task.files().purgeAll()purgeAll() deletes each attachment's backing storage and then its row, and removes only the attachments that existed when the purge started (a concurrent attach() for the same record/name is left intact). It throws without deleting anything if a storage driver has no delete operation, so a driver configured without deletion can never silently leak storage. It is a no-op for unpersisted records and returns the number of attachments purged.
Configure attachment storage drivers in Configuration:
export default new Configuration({
attachments: {
defaultDriver: "filesystem",
// Path-based attachment input is disabled by default.
// Enable explicitly only when backend-side file ingestion is needed.
allowPathInput: false,
// Optional allowlist when allowPathInput is true.
allowedPathPrefixes: ["/var/app/uploads"],
drivers: {
filesystem: {
directory: "/tmp/velocious-attachments"
},
native: {
write: async ({attachmentId, contentBase64, filename}) => {
// Persist using your native file API and return a storage key
return {storageKey: `${attachmentId}-${filename}`}
},
read: async ({storageKey}) => {
// Return Buffer, Uint8Array, ArrayBuffer or base64 string
return await readNativeFile(storageKey)
},
url: async ({storageKey}) => {
return `file://${storageKey}`
}
},
s3: {
bucket: "my-bucket",
region: "eu-west-1",
signedUrlExpiresIn: 3600
}
}
}
})If you want backend-side path ingestion, enable it explicitly:
new Configuration({
attachments: {
allowPathInput: true,
allowedPathPrefixes: ["/var/app/uploads"]
}
})Then {path: "..."}
inputs are only accepted when the file resolves inside one of the allowed prefixes.
For frontend models, configure resourceConfig().attachments and use:
await frontendTask.update({descriptionFile: file})
const descriptionFile = await frontendTask.descriptionFile().download()
const descriptionFileUrl = await frontendTask.descriptionFile().url()
const descriptionFileMetadata = await frontendTask.descriptionFile().first()
const filesMetadata = await frontendTask.files().toArray()
await frontendTask.attach(file)Frontend model attachment input does not support {path: ...}.
Use File/Blob/bytes/contentBase64 payloads instead.
Attachment metadata is exposed through the built-in VelociousAttachment frontend model with safe fields only: id, recordType, recordId, name, position, filename, contentType, byteSize, createdAt, and updatedAt. Storage internals such as driver, storageKey, and contentBase64 remain hidden and non-queryable. Direct metadata queries require owner filters: recordType, recordId, and name.
When your frontend app calls a backend on another host/port (or under a path prefix), configure transport once:
import FrontendModelBase from "velocious/build/src/frontend-models/base.js"
FrontendModelBase.configureTransport({
url: "http://127.0.0.1:4501/frontend-models",
timeZone: () => Intl.DateTimeFormat().resolvedOptions().timeZone
})Available transport options:
url(can also be a relative path like"/frontend-models"on web)timeZone(an IANA timezone string or a function returning one). Browser clients auto-detect this when it is not configured. Frontend-model datetime strings without an explicit timezone are interpreted in this request timezone and stored/queried as UTC instants.
Use await FrontendModelBase.waitForIdle() when a test harness or app lifecycle needs to wait for queued, scheduled, and active frontend-model transport requests to finish before resetting state.
Frontend-model HTTP requests always use credentials: "include" so shared custom commands can set session cookies without app-level transport overrides.
Unexpected frontend-model endpoint failures stay client-safe in production with errorMessage: "Request failed.".
Invalid client query descriptors, such as unknown select, where, search, joins, preload, group, sort, pluck, or Ransack attributes, return the specific frontend-model query error message with velocious.code: "frontend-model-query-error" and are not emitted as framework errors.
Invalid frontend-model write attributes and attachment names, including attributes rejected by permittedParams(), return the specific safe error message with velocious.code: "frontend-model-attribute-error" and are not emitted as framework errors.
In development and test, Velocious also includes debugErrorClass, debugErrorMessage, and debugBacktrace fields so browser/system-test failures are easier to diagnose without exposing those details in production.
Other non-production environments, such as staging, keep the same client-safe default unless you explicitly opt in with exposeInternalErrorsToClients: true:
const configuration = new Configuration({
environment: "staging",
exposeInternalErrorsToClients: true
})This opt-in is ignored in production; production frontend-model responses never include internal exception details.
Backends can append client-safe metadata to frontend-model error responses with configuration.addClientErrorPayloadReporter(...). Reporters receive the caught error, the current request, a safe requestDetails snapshot, and a small context object, and should only return fields that are safe for clients to see. Frontend-model endpoint failures include context.frontendModelEndpoint, action, commandType, model, requestId, and expectedError. This is useful for attaching an error-reporting URL while keeping the normal production error message generic:
configuration.addClientErrorPayloadReporter(async ({error, requestDetails, context}) => {
const report = await reportErrorToService({error, requestDetails, context})
return {bugReportUrl: report.url}
})requestDetails includes httpMethod, path, and a parsed body snapshot when available. The body snapshot redacts common secret keys, truncates large strings and arrays, summarizes uploaded files and buffers without bytes, and compacts oversized frontend-model batches while preserving requestId, model, commandType / customPath, and payload shape.
For sqlite web databases, Velocious automatically picks the best browser persistence backend it can use: OPFS when a smoke test succeeds, then IndexedDB. Existing persisted bytes in a worse backend are migrated into the selected backend when possible. If neither OPFS nor IndexedDB is usable, Velocious keeps the legacy localStorage-style backend as a compatibility fallback. See docs/sqlite-web-persistence.md for the backend selection details.
Velocious defaults to https://sql.js.org/dist/<file> for sql.js wasm loading. You can override wasm resolution per database config with locateFile:
import SqliteDriver from "velocious/build/src/database/drivers/sqlite/index.web.js"
export default new Configuration({
database: {
test: {
default: {
driver: SqliteDriver,
type: "sqlite",
name: "app-db",
locateFile: (file) => `/assets/sqljs/${file}`
}
}
}
})If you want to serve sql.js assets directly from your running Velocious backend, install the built-in sql.js asset route plugin and point locateFile to it:
import installSqlJsWasmRoute, {sqlJsLocateFileFromBackend} from "velocious/build/src/plugins/sqljs-wasm-route.js"
import SqliteDriver from "velocious/build/src/database/drivers/sqlite/index.web.js"
const configuration = new Configuration({
// ...
database: {
development: {
default: {
driver: SqliteDriver,
type: "sqlite",
name: "app-db",
locateFile: sqlJsLocateFileFromBackend({
backendBaseUrl: "http://127.0.0.1:4501",
routePrefix: "/velocious/sqljs"
})
}
}
}
})
installSqlJsWasmRoute({
configuration,
routePrefix: "/velocious/sqljs"
})Frontend-model command transport preserves Date and undefined by encoding them as marker objects in JSON and decoding them on the other side:
Date->{__velocious_type: "date", value: "<ISO string>"}undefined->{__velocious_type: "undefined"}bigint->{__velocious_type: "bigint", value: "<decimal string>"}NaN/Infinity/-Infinity->{__velocious_type: "number", value: "NaN" | "Infinity" | "-Infinity"}
Frontend-model commands raise an Error when the backend responds with {status: "error"} (using errorMessage when present), so unauthorized or missing-record update/find/destroy responses fail fast in frontend code.
Libraries can hook unresolved routes and hijack them before Velocious falls back to the built-in 404 controller.
export default new Configuration({
// ...
routeResolverHooks: [
({currentPath}) => {
if (currentPath !== "/special-route") return null
return {controller: "hijacked", action: "index"}
}
]
})Hook return value:
nullto skip{controller, action}to resolve the request- Optional
controllerClassto resolve without importing a controller path - Optional
paramsobject to merge into request params - Optional
controllerPathstring to resolve a controller file outside the app route directory - Optional
viewPathstring override for view rendering lookups
For plugin-style integrations, you can register routes with a simple DSL:
configuration.routes((routes) => {
routes.get("/velocious/sqljs/:sqlJsAssetFileName", {
to: [SqlJsController, "downloadSqlJs"]
})
})Supported route helpers:
routes.get(path, {to: [ControllerClass, "action"], params?})routes.post(path, {to: [ControllerClass, "action"], params?})
import Record from "velocious/build/src/database/record/index.js"
class Task extends Record {
}
Task.belongsTo("account")
Task.translates("description", "subTitle", "title")
Task.validates("name", {presence: true, uniqueness: true})
export default TaskGenerated belongs-to setters synchronize the loaded relationship and foreign key before save, so task.setProject(project) updates task.projectId(), task.changes(), callbacks, and scoped features such as actsAsList. Custom relationship primary keys are also used after autosaving an assigned new or dirty related record. Generated backend write attributes accept belongs-to relationship names for create and update payloads. See docs/relationships.md.
Translated models also get a currentTranslation hasOne relationship scoped to the first available row in the current locale fallback order. See docs/translations.md for preloading and frontend-model sorting behavior.
Async class APIs initialize record metadata on first use when a model has not already been initialized eagerly. See docs/model-initialization.md for the eager and lazy initialization behavior.
Register lifecycle callbacks with either a function or an instance method name. Registrations run in order, so you can stack multiple callbacks on the same lifecycle hook.
class Task extends Record {
async validateSomething() {
await doSomethingElse()
}
}
Task.beforeValidation(async (task) => {
await doSomething(task)
})
Task.beforeValidation("validateSomething")const tasks = await Task.preload({project: {translations: true}}).toArray()
const projectNames = tasks.map((task) => task.project().name())const task = await Task.find(5)
const project = await task.projectOrLoad()
await task.loadProject()
const sameProject = task.project()const project = await Project.find(4)
const tasks = await project.tasks().toArray()
const refreshedTasks = await project.tasks().load()
await project.loadTasks()
const tasks = project.tasks().loaded()When records are loaded as part of a batch (e.g. Task.where(...).toArray()), the first lazy access to a relationship on any sibling batch-loads that relationship for every sibling record in one query — avoiding the classic N+1.
const tasks = await Task.where({state: "open"}).toArray()
// First call issues ONE query to load the project for every task in the batch.
const firstProject = await tasks[0].projectOrLoad()
// Subsequent sibling accesses hit the preloaded cache — no extra query.
const secondProject = tasks[1].project()Auto-load is triggered by the async access paths that already exist: model.${name}OrLoad(), model.relationshipOrLoad("..."), and model.relationship().toArray() / model.relationship().load() for hasMany. The synchronous accessor model.relationship() still throws when the relationship has not been loaded — call the async form if you want the lazy-load behavior.
Scoped queries opt out of cohort batching by design, because the filter is specific to the accessing record:
// Triggers cohort batch — all cohort siblings get their comments preloaded in one query.
await firstTask.comments().load()
// Does NOT trigger cohort — scoped filter is unique to this call.
await firstTask.comments().query().where({isResolved: true}).load()Disable auto-load per relationship:
Task.belongsTo("project", {autoload: false})Disable auto-load globally via the framework configuration:
new Configuration({
autoload: false,
// ...
})Both flags default to true. When disabled, lazy access falls back to a per-record load.
The same cohort auto-batch-preload applies to frontend models. When a batch is loaded from the backend (Task.where(...).toArray() or similar), the first async relationship access on any cohort sibling triggers one combined HTTP request that preloads that relationship for every sibling at once:
const tasks = await Task.toArray()
// First call issues ONE request to preload the project for every task in the batch.
const firstProject = await tasks[0].projectOrLoad()
// Sibling has been populated from the same response — no extra request.
const secondProject = tasks[1].project()The generator threads the per-relationship autoload: false flag through automatically, so Task.belongsTo("project", {autoload: false}) on the backend also disables cohort batching on the generated frontend model.
Disable auto-batch-preload globally on the frontend:
import FrontendModelBase from "velocious/frontend-models"
FrontendModelBase.setAutoload(false)Scoped frontend queries (e.g. Task.where(...).preload([name]).toArray() from user code) bypass cohort batching by design, same as the backend. Siblings with locally set state from .setRelationship() / .build() are preserved across cohort batches.
Use the through option on hasMany to define a relationship that traverses an intermediate (join) table:
Invoice.hasMany("invoiceGroupLinks")
Invoice.hasMany("invoiceGroups", {through: "invoiceGroupLinks", className: "InvoiceGroup"})Through relationships work with both instance-level loading and batch preloading:
// Instance-level loading
const invoice = await Invoice.find(1)
const groups = await invoice.invoiceGroups().toArray()
// Batch preloading
const invoices = await Invoice.preload({invoiceGroups: true}).toArray()
const groups = invoices[0].invoiceGroupsLoaded()The intermediate relationship (e.g. invoiceGroupLinks) must be defined as a separate hasMany on the same model. The foreignKey option on the through relationship specifies the column on the target table that points to the intermediate table (defaults to the conventional foreign key).
You can pass a scope callback to hasMany, hasOne, or belongsTo to add custom filters. The callback receives the query and is also bound as this:
Project.hasMany("acceptedTasks", (scope) => scope.where({state: "accepted"}), {className: "Task"})
Project.hasOne("activeDetail", function() { return this.where({isActive: true}) }, {className: "ProjectDetail"})
Comment.belongsTo("acceptedTask", (scope) => scope.where({state: "accepted"}), {className: "Task"})When joining relationships, use getTableForJoin to retrieve the table (or alias) for a join path:
const query = Task.joins({project: {account: true}})
const accountTable = query.getTableForJoin("project", "account")Inside relationship scopes, getTableForJoin() is relative to the current scope path:
Project.hasMany("acceptedTasks", function() {
return this.where(`${this.getTableForJoin()}.state = 'accepted'`)
}, {className: "Task"})Backend records and frontend models can define reusable named scopes with defineScope(...).
class Task extends TaskBase {
static withAccepted = this.defineScope(({query}, accepted) => query.where({accepted}))
}
await Task.withAccepted(true).toArray()
await Task.where({projectId: 1}).scope(Task.withAccepted.scope(true)).toArray()
await Task.joins({project: {tasks: true}}).scope(["project", "tasks"], Task.withAccepted.scope(true)).toArray()Model.scopeName(args...) starts a fresh query for that model. Model.scopeName.scope(args...) returns a reusable scope descriptor for .scope(...) on an existing query. Backend record queries also support .scope(path, descriptor) to apply a scope to a joined relationship path.
Backend record scopes receive alias-aware SQL context:
class Task extends TaskBase {
static nameLike = this.defineScope(({driver, query, table}, value) => query.where(
`${driver.quoteTable(table)}.${driver.quoteColumn("name")} LIKE ${driver.quote(`%${value}%`)}`
))
}The table value is the active table reference for the current query and may be an alias from FROM ... AS ..., not just Task.tableName().
Joined-path scopes receive the joined path in context.path and may only add where(...) and joins(...) clauses.
find() and findByOrFail() throw an error when no record is found. findBy() returns null. These apply to records.
const task = new Task({identifier: "task-4"})
task.assign({name: "New task})
await task.save()const task = await Task.create({name: "Task 4"})Use insertMultiple to insert many rows in one call:
await Task.insertMultiple(
["project_id", "name", "created_at", "updated_at"],
[
[project.id(), "Task 1", new Date(), new Date()],
[project.id(), "Task 2", new Date(), new Date()]
]
)If a batch insert fails, you can retry each row and collect results:
const results = await Task.insertMultiple(
["project_id", "name"],
[
[project.id(), "Task A"],
[project.id(), "Task A"]
],
{retryIndividuallyOnFailure: true, returnResults: true}
)
console.log(results.succeededRows, results.failedRows, results.errors)const task = await Task.findOrInitializeBy({identifier: "task-5"})
if (task.isNewRecord()) {
console.log("Task didn't already exist")
await task.save()
}
if (task.isPersisted()) {
console.log("Task already exist")
}Use the user module to add password helpers to a record class. It attaches setPassword() and setPasswordConfirmation() to the model and stores encrypted values on the record. Your users table should include an encryptedPassword column for this to work.
import Record from "velocious/build/src/database/record/index.js"
import UserModule from "velocious/build/src/database/record/user-module.js"
class User extends Record {
}
new UserModule({secretKey: process.env.USER_SECRET_KEY}).attachTo(User)
const user = new User()
user.setPassword("my-password")
user.setPasswordConfirmation("my-password")const task = await Task.findOrCreateBy({identifier: "task-5"}, (newTask) => {
newTask.assign({description: "This callback only happens if not already existing"})
})npx velocious g:migration create-tasksImplicit id primary keys and references(...) columns use UUIDs by default. Set primaryKeyType on a database config to change the implicit type for that database, or pass an explicit id / reference type for legacy schemas and external compatibility.
export default new Configuration({
database: {
production: {
default: {
type: "pgsql",
primaryKeyType: "bigint"
}
}
}
})import Migration from "velocious/build/src/database/migration/index.js"
export default class CreateEvents extends Migration {
async up() {
await this.createTable("tasks", (t) => {
t.timestamps()
})
// Legacy numeric primary key
await this.createTable("legacy_events", {id: {type: "bigint"}}, (t) => {
t.references("task", {type: "bigint"})
t.timestamps()
})
// Column helper examples
await this.createTable("examples", (t) => {
t.bigint("count")
t.blob("payload")
t.boolean("published")
t.datetime("published_at")
t.integer("position")
t.json("metadata")
t.string("name")
t.text("body")
t.tinyint("priority")
t.uuid("uuid_column")
t.references("user")
t.timestamps()
})
await this.createTable("task_translations", (t) => {
t.references("task", {foreignKey: true, null: false})
t.string("locale", {null: false})
t.string("name")
t.timestamps()
})
await this.addIndex("task_translations", ["task_id", "locale"], {unique: true})
}
async down() {
await this.removeIndex("task_translations", ["task_id", "locale"])
await this.dropTable("task_translations")
await this.dropTable("examples")
await this.dropTable("tasks")
}
}npx velocious db:migrateRun project seeds from src/db/seed.js (default export should be an async function):
npx velocious db:seedYou can chain multiple commands in one invocation:
npx velocious db:create db:migrateRun script files with initialized app/database context:
npx velocious run-script src/scripts/my-task.jsEvaluate inline JavaScript (Rails-style runner) with initialized app/database context:
npx velocious runner "const users = await db.query('SELECT COUNT(*) AS count FROM users'); console.log(users[0].count)"By default, migrations write db/structure-<identifier>.sql files for each database in non-test environments. Test skips these automatic writes unless you explicitly opt in. Configure allow/deny lists in your configuration:
export default new Configuration({
// ...
structureSql: {
enabledEnvironments: ["development"],
disabledEnvironments: ["test"]
}
})If you only want automatic writes in one or two environments, prefer enabledEnvironments. db:schema:dump is an explicit schema-generation command and still writes missing structure files regardless of the current environment.
If you need to regenerate missing structure files without rerunning migrations, use:
npx velocious db:schema:dumpdb:schema:dump generates a structure SQL file for each configured database identifier under db/structure-<identifier>.sql. It only writes files when one or more expected files are missing. The generated file includes the full DDL (tables, indexes, views, triggers, etc.) followed by INSERT INTO schema_migrations (version) VALUES (...) for every currently applied migration version. This preserves the migration ledger in the checked-in snapshot so fresh databases loaded from it do not re-run migrations that already shaped the schemas in the file.
If you need to load the checked-in structure files for each configured database, use:
npx velocious db:schema:loaddb:schema:load reads db/structure-<identifier>.sql for each configured database identifier and executes those statements against the current connections. Because the structure file includes the migration ledger rows, a load marks every listed version as already applied. The next db:migrate sees those versions and skips them, so migrations whose schema changes are already part of the loaded structure do not run again.
Velocious caches schema metadata on each database driver instance so repeated model initialization, table lookups, column introspection, and structure SQL generation can reuse the same database results. The cache is cleared automatically after schema-changing SQL runs through Velocious, such as migrations, createTable, dropTable, renameColumn, ALTER TABLE, CREATE INDEX, and COMMENT ON. See docs/schema-metadata-cache.md for details.
If another process changes the schema outside Velocious while the current process is still running, clear the cache before reading metadata again:
await configuration.ensureConnections(async (dbs) => {
dbs.default.clearSchemaCache()
})To disable schema metadata caching for a database connection, set schemaCache: false on that database config:
export default new Configuration({
database: {
development: {
default: {
type: "mysql",
schemaCache: false
}
}
}
})Node loads CLI commands from disk automatically via the Node environment handler:
import Configuration from "velocious/build/src/configuration.js"
import NodeEnvironmentHandler from "velocious/build/src/environment-handlers/node.js"
export default new Configuration({
// ...
environmentHandler: new NodeEnvironmentHandler()
})Browser builds can still register commands, but only the browser-safe wrappers are bundled:
import Configuration from "velocious/build/src/configuration.js"
import BrowserEnvironmentHandler from "velocious/build/src/environment-handlers/browser.js"
export default new Configuration({
// ...
environmentHandler: new BrowserEnvironmentHandler()
})Enable the browser CLI and run commands from devtools or app code:
import BrowserCli from "velocious/build/src/cli/browser-cli.js"
const browserCli = new BrowserCli({configuration})
browserCli.enable()
await browserCli.run("db:migrate")Once enabled, you can also run commands directly from the browser console:
await globalThis.velociousCLI.run("db:migrate")In React, you can use the hook which sets globalThis.velociousCLI:
import useBrowserCli from "velocious/build/src/cli/use-browser-cli.js"
export default function App() {
useBrowserCli({configuration})
return null
}const migrationsPath = `/some/dir/migrations`
const files = await new FilesFinder({path: migrationsPath}).findFiles()
await this.configuration.ensureConnections(async () => {
const migrator = new Migrator({configuration: this.configuration})
await migrator.prepare()
await migrator.migrateFiles(files, async (path) => await import(path))
})Each query feature has its own focused example.
import {Task} from "@/src/models/task"
const tasks = await Task.all().toArray()const tasks = await Task.where({status: "open"}).toArray()
const tasksForActiveProjects = await Task.where({
project: {projectDetail: {isActive: true}}
}).toArray()
const specificTask = await Task.where({
id: 1,
project: {nameEn: "Alpha"}
}).toArray()
const tasksWithRecentCreators = await Task.where({
project: {creatingUser: [["createdAt", ">=", new Date("2026-01-01T00:00:00.000Z")]]}
}).toArray()Use .ransack(...) on record queries, record classes, frontend-model queries, and frontend-model classes when you want Rails/Ransack-style predicate keys without hand-writing nested where(...) or search(...) calls.
Supported predicates include _eq, _not_eq, _gt, _gteq, _lt, _lteq, _cont, _start, _end, _in, _not_in, and _null.
const tasks = await Task.ransack({
name_cont: "deploy",
project_project_detail_is_active_eq: true
}).toArray()
const frontendTasks = await FrontendTask
.ransack({name_cont: "deploy", id_in: ["1", "2"]})
.toArray()Simple OR predicates use Ransack's _or_ shortcut:
const matchingUsers = await User
.ransack({email_or_reference_cont: "john"})
.toArray()Grouped Ransack hashes support m ("and" / "or"), c condition arrays, and nested g groups:
const matchingUsers = await User
.ransack({
c: [
{a: ["email"], p: "cont", v: ["jane"]}
],
g: [
{
c: [
{a: "reference", p: "cont", v: ["user-2"]},
{a: "email", p: "cont", v: ["john"]}
],
m: "and"
}
],
m: "or"
})
.limit(20)
.offset(0)
.toArray()Frontend-model .ransack(...) filters run on the backend, so count(), limit(...), offset(...), and toArray() all share the same query scope instead of loading records into memory first.
const tasks = await Task.where("tasks.completed_at IS NULL").toArray()const tasks = await Task
.joins({project: true})
.where({projects: {public: true}})
.toArray()const tasks = await Task.preload({project: {account: true}}).toArray()
const accountNames = tasks.map((task) => task.project().account().name())const tasks = await Task.select(["tasks.id", "tasks.name"]).toArray()reselect replaces any previously accumulated SELECT clauses — useful
when repurposing a shared base query for an aggregate or a column-
projected read. reselect() with no argument drops the projection so
the driver falls back to SELECT *.
const baseQuery = Task.where({state: "open"})
const counts = await baseQuery.reselect("COUNT(*) AS count").results()const tasks = await Task.order("name").toArray()
const sortedTasks = await Task.order({tableName: "tasks", column: "name", direction: "ASC"}).toArray()Use structured order descriptors for runtime-selected columns so identifiers are quoted by the active database driver. Plain string orders are still available for fixed SQL expressions that cannot be represented as a column descriptor.
const tasks = await Task.order("name").reorder("created_at").reverseOrder().toArray()const tasks = await Task.limit(10).offset(20).toArray()const tasks = await Task.group("tasks.project_id").toArray()const tasks = await Task.joins({project: true}).distinct().toArray()const tasks = await Task.page(2).perPage(25).toArray()const totalTasks = await Task.count()
const distinctProjects = await Task.joins({project: true}).distinct().count()Frontend-model count() runs as a backend aggregate, so list UIs can request counts without loading and serializing every matching model.
const firstTask = await Task.first()
const lastTask = await Task.last()const task = await Task.findBy({identifier: "task-5"})
const taskOrFail = await Task.findByOrFail({identifier: "task-5"})const task = await Task.findOrInitializeBy({identifier: "task-5"})
const task2 = await Task.findOrCreateBy({identifier: "task-6"}, (newTask) => {
newTask.assign({description: "Only runs when new"})
})await Task.where({tasks: {status: "archived"}}).destroyAll()const names = await Task.pluck("name") // ["Task A", "Task B"]
const idsAndNames = await Task.order("name").pluck("id", "name") // [[1, "Task A"], [2, "Task B"]]AsyncTrackedMultiConnection uses AsyncLocalStorage to pin a connection to the current async context. If you need to call getCurrentConnection() outside of ensureConnections/withConnection, ask the pool to create a global fallback connection for you:
import AsyncTrackedMultiConnection from "velocious/build/src/database/pool/async-tracked-multi-connection.js"
const pool = configuration.getDatabasePool("default")
// Create (or reuse) a dedicated fallback connection.
await pool.ensureGlobalConnection()
// Later, outside an async context, this will return the ensured fallback connection:
const db = pool.getCurrentConnection()To prime all configured pools at once, call configuration.ensureGlobalConnections(). It will invoke ensureGlobalConnection() on pools that support it and perform a checkout on simpler pools so getCurrentConnection() is safe everywhere.
When an async context exists, that connection is still preferred over the global one.
Checked-in AsyncTrackedMultiConnection connections are closed after 5 seconds of idle time by default. This keeps tenant-scoped and short-lived background-job connections from accumulating in long-running processes while still allowing immediate reuse by nearby async work. Configure database.<environment>.<identifier>.pool.idleTimeoutMillis to change the timeout, set it to 0 to close idle connections immediately unless a matching checkout is already waiting, or set it to null to disable idle reaping for that pool. A matching idle connection is reused before expired idle connections are reaped.
database: {
production: {
default: {
driver: MysqlDriver,
poolType: AsyncTrackedMultiConnection,
type: "mysql",
pool: {
idleTimeoutMillis: 10000,
max: 25
}
}
}
}pool.max caps live async-tracked connections for that pool and defaults to 10 when omitted. When the cap is reached, new checkouts wait until a matching checked-in connection can be handed over or capacity is freed. Set pool.max to null only when a process is deliberately allowed to open an unbounded number of database connections. The built-in debug endpoint reports each in-use connection's checkedOutForMs, each idle connection's idleForMs, and queued pendingCheckouts[].waitingForMs so production diagnostics can distinguish long-held checkouts from pool-capacity waits.
Velocious includes a lightweight websocket entry point for API-style calls and server-side events.
const socket = new WebSocket("ws://localhost:3006/websocket")
socket.addEventListener("open", () => {
socket.send(JSON.stringify({
id: "req-1",
method: "POST",
path: "/api/version",
body: {extra: true},
type: "request"
}))
})
socket.addEventListener("message", (event) => {
const msg = JSON.parse(event.data)
if (msg.type === "response" && msg.id === "req-1") {
console.log("Status", msg.statusCode, "Body", msg.body)
}
})Clients can send session metadata over the shared WebSocket. Metadata is exposed to WebSocket-borne controller requests and frontend-model subscription authorization through request.metadata(...); it is not merged into HTTP headers.
socket.addEventListener("open", () => {
socket.send(JSON.stringify({
data: {locale: "da", sessionToken: "abc"},
type: "metadata"
}))
socket.send(JSON.stringify({
id: "req-2",
method: "POST",
path: "/api/version",
type: "request"
}))
})const sessionToken = this.getRequest().metadata("sessionToken")Velocious includes a lightweight logger that can write to both console and file and is environment-aware.
- Defaults: When no
loggingconfig is provided, Velocious sets up a console logger withinfo,warn, anderrorlevels. - Configuration: Supply a
loggingobject when creating your configuration:
const configuration = new Configuration({
// ...
logging: {
console: false, // disable console output
file: true, // enable file output
directory: "/custom/logs", // optional, defaults to "<project>/log" in Node
filePath: "/tmp/app.log" // optional explicit path
}
})- Custom logger list: Configure an explicit list of logger instances with levels:
import ConsoleLogger from "velocious/build/src/logger/console-logger.js"
import FileLogger from "velocious/build/src/logger/file-logger.js"
const configuration = new Configuration({
// ...
logging: {
loggers: [
new ConsoleLogger({levels: ["info", "warn", "error"]}),
new FileLogger({path: `log/${environment}.log`, levels: ["debug", "info", "warn", "error"]})
]
}
})- Base logger: Custom loggers should extend
BaseLoggerand implement eitherwrite(...)ortoOutputConfig(...):
import BaseLogger from "velocious/build/src/logger/base-logger.js"
class MyLogger extends BaseLogger {
async write({message}) {
console.log(message)
}
}-
Environment handlers: File-path resolution and file writes are delegated to the environment handler so browser builds stay bundle-friendly.
- Node handler writes to
<directory>/<environment>.logby default. - Custom handlers can override
getDefaultLogDirectory,getLogFilePath, andwriteLogToFileif needed.
- Node handler writes to
-
Debug logging: When
configuration.debugis true or aLoggeris constructed with{debug: true}, messages are emitted regardless of environment. -
Per-instance control: You can create a
new Logger("Subject", {configuration, debug: false})to honor the configuration defaults, or togglelogger.setDebug(true)for verbose output in specific cases. -
Request completion logging: HTTP and websocket-routed controller requests log a Rails-style completion line after the response is served:
Completed 200 OK in 1603ms (Controller: 107.8ms | Views: 1097.4ms | DB: 381.8ms (2 queries) | Velocious: 16.0ms)
Controller measures before callbacks plus action work, excluding nested view rendering and database queries. Views measures JSON/view rendering and file-response setup. DB measures database driver query time and query count. Velocious is the remaining framework overhead, including routing, request setup, timeout handling, and response writing.
- Query logging: Database queries log at
infolevel by default with Rails-style elapsed time:
Task Load (1.9ms) SELECT `tasks`.* FROM `tasks` WHERE `tasks`.`id` = 1 LIMIT 1
↳ src/routes/tasks/controller.js:12:in show
Model queries use operation names such as Task Load, Task Count, Task Pluck, Task Create, Task Update, and Task Destroy. Raw driver queries use SQL. The source arrow is included only when Velocious can identify an application frame; dependency and framework frames such as node_modules are omitted.
Query logging defaults to off in the test environment to keep CI output quiet and is skipped when no output emits info. Override it with logging: {queryLogging: true} when a test build should write SQL timing logs, and use the normal logging output settings to send those logs to console or file.
Velocious emits framework errors (including uncaught controller action errors) on the configuration error event bus:
configuration.getErrorEvents().on("framework-error", ({error, request, response, context}) => {
// Send to your error reporting tool of choice
console.error("Framework error", error, context)
})
configuration.getErrorEvents().on("all-error", ({error, errorType}) => {
console.error(`Velocious error (${errorType})`, error)
})Genuinely unexpected frontend-model command failures reach this bus too. The frontend-model controller catches them to return a client-safe Request failed. response, but it also emits them as framework-error/all-error (with context.frontendModelEndpoint === true) so they are reported instead of being silently swallowed. Expected user-flow errors are excluded: validation failures are forwarded with their real message (for example Name can't be blank), invalid client query descriptors are returned as frontend-model query errors, and error.velocious-annotated / safeToExpose / errorType-marked errors keep their expected-error status — none of these reach the error bus.
import WebsocketClient from "velocious/build/src/http-client/websocket-client.js"
const client = new WebsocketClient({url: "ws://localhost:3006/websocket"})
await client.connect()
// Call controller actions like normal HTTP helpers
const response = await client.post("/api/version", {locale: "en"})
console.log(response.statusCode, response.json())
// Listen for broadcast events
const unsubscribe = client.on("projects", (payload) => {
console.log("Project event", payload)
})
// Trigger a broadcast from another action
await client.post("/api/broadcast-event", {channel: "projects", payload: {id: 42}})
unsubscribe()
await client.close()For long-lived Node clients, the constructor also accepts opt-in liveness options (all default off, so browser/Expo usage is unchanged): webSocketImplementation (inject Node's ws, since the global/undici WebSocket exposes neither protocol ping nor an unref-able socket), heartbeatIntervalMs (a ping heartbeat that drops a socket whose peer stops ponging, so a client notices a vanished server), and unref (unref the underlying socket so an idle connection can't keep the process alive on its own). See docs/websocket-channels.md.
const socket = new WebSocket("ws://localhost:3006/websocket")
socket.addEventListener("open", () => {
socket.send(JSON.stringify({type: "subscribe", channel: "projects"}))
})
socket.addEventListener("message", (event) => {
const msg = JSON.parse(event.data)
if (msg.type === "event" && msg.channel === "projects") {
console.log("Got project event payload", msg.payload)
}
})If websocketChannelResolver is configured, subscribe messages are treated as channel identifiers (see below).
Any backend code (controllers, services, jobs) can publish to subscribed websocket clients using the shared event bus on the configuration:
// Inside a controller action
const {channel, payload} = this.getParams() // or compose your own payload
this.getConfiguration().getWebsocketEvents().publish(channel, payload)
this.renderJsonArg({status: "published"})You can resolve websocket channel classes from subscribe messages and let them decide which streams to allow:
import WebsocketChannel from "velocious/build/src/http-server/websocket-channel.js"
class NewsChannel extends WebsocketChannel {
async subscribed() {
if (this.params().token !== process.env.NEWS_TOKEN) return
await this.streamFrom("news")
}
async unsubscribed() {
// Optional: cleanup when the socket closes
}
}
const configuration = new Configuration({
// ...
websocketChannelResolver: ({request, subscription}) => {
const channel = subscription?.channel
const params = subscription?.params || {}
if (channel === "news") return NewsChannel
const query = request?.path?.().split("?")[1]
const legacyChannel = new URLSearchParams(query).get("channel")
if (legacyChannel === "news") return NewsChannel
}
})Channel classes are the recommended place to authorize subscriptions and decide which streams a connection should receive. If authorization fails, simply return without calling streamFrom or close the socket in subscribed().
Subscribe from the client using a channel identifier and params:
socket.send(JSON.stringify({
type: "subscribe",
channel: "news",
params: {token: "secret"}
}))If you need to accept custom websocket message formats (for example, a vendor that does not use the Velocious request/subscribe protocol), provide a websocketMessageHandlerResolver in your configuration. It receives the upgrade request and can return a handler object with onOpen, onMessage, onClose, and onError hooks:
const configuration = new Configuration({
// ...
websocketMessageHandlerResolver: ({request, configuration}) => {
const path = request.path().split("?")[0]
if (path === "/custom/socket") {
return {
onOpen: ({session}) => {
session.sendJson({event: "connected"})
},
onMessage: ({message}) => {
console.log("Inbound message", message)
}
}
}
}
})When a raw handler is attached, Velocious skips channel resolution and forwards parsed JSON messages directly to the handler.
You can subscribe first and then call another controller action over the same websocket connection to trigger broadcasts:
socket.send(JSON.stringify({type: "subscribe", channel: "news"}))
socket.send(JSON.stringify({
type: "request",
id: "req-broadcast",
method: "POST",
path: "/api/broadcast-event",
body: {channel: "news", payload: {headline: "breaking"}}
}))If you are using Velocious for an app, Velocious has a built-in testing framework. You can run your tests like this:
npx velocious testIf you are developing on Velocious, you can run the tests with:
./run-tests.shTests default to a 60-second timeout. Override per test with {timeoutSeconds: 5} or set a suite-wide default via configureTests({defaultTimeoutSeconds: 30}).
First create a test file under something like the following path 'src/routes/accounts/create-test.js' with something like the following content:
import {describe, expect, it} from "velocious/build/src/testing/test.js"
import Account from "../../models/account.js"
describe("accounts - create", {type: "request"}, async () => {
it("creates an account", async ({client}) => {
const response = await client.post("/accounts", {account: {name: "My event company"}})
expect(response.statusCode()).toEqual(200)
expect(response.contentType()).toEqual("application/json")
const data = JSON.parse(response.body())
expect(data.status).toEqual("success")
const createdAccount = await Account.last()
expect(createdAccount).toHaveAttributes({
name: "My event company"
})
})
})Create or edit the file src/config/routes.js and do something like this:
import Routes from "velocious/build/src/routes/index.js"
const routes = new Routes()
routes.draw((route) => {
route.resources("projects")
route.resources("tasks", (route) => {
route.get("users")
})
route.namespace("testing", (route) => {
route.post("truncate")
})
route.get("ping")
})
export default {routes}Create the file src/routes/testing/controller.js and do something like this:
import Controller from "velocious/build/src/controller.js"
export default class TestingController extends Controller {
async truncate() {
await doSomething()
await this.render({json: {status: "database-truncated"}})
}
async anotherAction() {
render("test-view")
}
}When render({json: ...}) receives Velocious backend model instances, it now auto-serializes them with frontend-model transport markers. After transport deserialization on the client, registered frontend models hydrate automatically:
import {deserializeFrontendModelTransportValue} from "velocious/build/src/frontend-models/transport-serialization.js"
const tasks = await Task.toArray()
await this.render({
json: {
tasks
}
})
const response = await fetch("/tasks")
const result = deserializeFrontendModelTransportValue(await response.json())
result.tasks[0] instanceof Task //=> true
result.tasks[0].name() //=> frontend model accessorSet cookies from controllers:
this.setCookie("session_id", "abc123", {httpOnly: true, sameSite: "Lax"})Read cookies from the request:
const cookies = this.getCookies()
const sessionCookie = cookies.find((cookie) => cookie.name() === "session_id")Encrypted cookies use cookieSecret from configuration:
this.setCookie("user_token", "secret", {encrypted: true, httpOnly: true})Create the file src/routes/testing/another-action.ejs and so something like this:
<p>
View for path: <%= controller.getRequest().path() %>
</p>Velocious includes a simple background jobs system inspired by Sidekiq.
Jobs can opt into cross-worker durable concurrency limits by pairing a non-empty concurrencyKey with a positive-integer maxConcurrency in their background-job options. The first cap registered for a key is stable; conflicting caps are rejected. See durable concurrency limits.
Production apps can listen for background-job-failed or its all-error mirror to report accepted failed attempts, including retry and terminal state metadata. See docs/background-jobs.md.
Create a jobs directory in your app:
src/jobs/
Start the background jobs main process (the queue router):
npx velocious background-jobs-mainStart one or more workers:
npx velocious background-jobs-workerYou can configure the main host/port in your configuration:
export default new Configuration({
// ...
backgroundJobs: {
host: "127.0.0.1",
port: 7331,
databaseIdentifier: "default",
maxConcurrentForkedJobs: 4,
maxConcurrentInlineJobs: 4,
dispatchStrategy: "beacon"
}
})Or via env vars:
VELOCIOUS_BACKGROUND_JOBS_HOST=127.0.0.1
VELOCIOUS_BACKGROUND_JOBS_PORT=7331
VELOCIOUS_BACKGROUND_JOBS_DATABASE_IDENTIFIER=default
VELOCIOUS_BACKGROUND_JOBS_MAX_CONCURRENT_FORKED_JOBS=4
VELOCIOUS_BACKGROUND_JOBS_MAX_CONCURRENT_INLINE_JOBS=4
VELOCIOUS_BACKGROUND_JOBS_DISPATCH_STRATEGY=beacon
VELOCIOUS_BACKGROUND_JOBS_POLL_INTERVAL_MS=1000
VELOCIOUS_BACKGROUND_JOBS_WORKER_SHUTDOWN_TIMEOUT_MS=indefinite
VELOCIOUS_BACKGROUND_JOBS_WORKER_SHUTDOWN_TIMEOUT_MS (default: indefinite) bounds how long a background-jobs-worker waits for in-flight jobs on SIGTERM/SIGINT before terminating any forked or spawned child runners still running, so they are not orphaned across a deploy. The default waits for jobs to finish and never interrupts a running job; set a positive number of milliseconds for a finite cap (keep it shorter than your process supervisor's graceful-stop window so the worker reaps its own runners first). See docs/background-jobs.md.
maxConcurrentInlineJobs (default: 4) caps how many executionMode: "inline" jobs a single background-jobs-worker process runs in parallel. Concurrency is at the JS event-loop level: every job in flight shares the worker's process and DB connection pool, so the cap should fit the pool, not the CPU count. Forking remains the right tool when you need memory isolation across long-running jobs or want to use more cores. The older forked: false option still maps to inline mode.
maxConcurrentForkedJobs (default: 4) caps how many out-of-process executionMode: "forked" or executionMode: "spawned" jobs one worker may keep in flight. Forked jobs use child_process.fork() with an attached IPC channel. After the main process acknowledges their durable status report, forked and spawned one-shot runners exit without waiting for graceful Beacon/database teardown; the OS closes their process-owned resources. A missing or rejected status acknowledgement makes the runner exit as failed instead of reporting clean success. Spawned jobs use the legacy background-jobs-runner CLI process via child_process.spawn() and are only for callers that intentionally want that spawned behavior.
dispatchStrategy controls how background-jobs-main detects new work.
"beacon"(default): event-driven dispatch.background-jobs-maindrains the queue when a job is enqueued (directly, or via a Beacon broadcast from another process), when a worker comes up or reports ready, and at the exactscheduled_at_msof the next future-scheduled job via a precisesetTimeout. There is no fixed-interval polling. Thebackground_jobstable is the durable log — on (re)connect to Beacon, the dispatcher does a one-shot catch-up drain so anything enqueued while the bus was unreachable is picked up."polling": legacy fixed-interval poll.background-jobs-mainrunsSELECT … FROM background_jobs WHERE status='queued' AND scheduled_at_ms <= noweverypollIntervalMs(default1000). Use this if you want the previous behavior, or for environments where Beacon is unavailable and you don't want event-driven dispatch.
Beacon is opt-in for the rest of the framework, but the dispatcher uses event-driven dispatch even when Beacon is not configured — it falls back to direct in-process triggering from the enqueue/handoff paths plus setTimeout for scheduled jobs. Configure Beacon when you want cross-process enqueues (e.g. enqueue from an HTTP server process) to wake the main process immediately.
import VelociousJob from "velocious/build/src/background-jobs/job.js"
/** @augments {VelociousJob<[string, string]>} */
export default class MyJob extends VelociousJob {
/**
* @param {string} arg1
* @param {string} arg2
* @returns {Promise<void>}
*/
async perform(arg1, arg2) {
await doWork(arg1, arg2)
}
}VelociousJob is generic over the tuple of arguments perform takes. Declaring it
with @augments {VelociousJob<[...]>} (or extends VelociousJob<[...]> in TypeScript)
lets a type-checked codebase declare perform's parameters as required and typed.
Argument-less jobs use a bare extends VelociousJob with async perform() — the
default empty-tuple type argument keeps that working unchanged. Plain (unchecked)
JavaScript can ignore the annotation entirely.
Queue a job:
await MyJob.performLater("a", "b")Jobs use executionMode: "forked" by default. This runs the job in a separate attached Node child process. To run inline:
await MyJob.performLaterWithOptions({
args: ["a", "b"],
options: {executionMode: "inline"}
})The older options: {forked: false} form is still accepted as an alias for inline execution, and options: {forked: true} maps to forked execution. To use the previous spawned CLI runner behavior explicitly, pass options: {executionMode: "spawned"}.
Inline jobs share the worker process and run concurrently up to maxConcurrentInlineJobs, so a single slow inline job no longer blocks the queue. A single worker can also override the configured cap explicitly:
new BackgroundJobsWorker({configuration, maxConcurrentInlineJobs: 8})Velocious can enqueue recurring jobs from the background-jobs-main process. Configure them with scheduledBackgroundJobs using Sidekiq Scheduler-style every arrays:
import BuildCleanupJob from "./src/jobs/build-cleanup-job.js"
export default new Configuration({
// ...
scheduledBackgroundJobs: {
jobs: {
buildCleanup: {
class: BuildCleanupJob,
every: ["1h", {firstIn: "10s"}],
options: {executionMode: "inline"}
}
}
}
})Supported schedule syntax:
every: "5m"every: ["1h", {firstIn: "30s"}]every: ["1 day", {firstIn: "5 minutes"}]
Or a 5-field POSIX crontab expression via cron:
scheduledBackgroundJobs: {
jobs: {
nightlyDigest: {
class: NightlyDigestJob,
cron: "0 3 * * *" // every day at 03:00 server-local time
},
weekdayMornings: {
class: WeekdayMorningJob,
cron: "0 9 * * 1-5" // 09:00 Mon–Fri
},
everyHour: {
class: HourlyCleanupJob,
cron: "@hourly"
}
}
}Cron fields are: minute hour day-of-month month day-of-week. Supported syntax:
*(any), single values (5), ranges (1-5), lists (1,3,5).- Step expressions:
*/15(every 15 minutes),0-30/5(every 5 between 0 and 30). - Month and weekday names:
jan-dec,sun-sat(case-insensitive). Both0and7mean Sunday. - POSIX shortcuts:
@hourly,@daily/@midnight,@weekly,@monthly,@yearly/@annually. - Day-of-month and day-of-week interaction follows POSIX/Vixie cron: when both are restricted (neither
*), the job fires when either matches.
Each job must define exactly one of every or cron. Cron times are evaluated in the server's local timezone, at minute granularity.
background-jobs-main owns the schedule and enqueues the configured jobs into the normal Velocious background-jobs queue. The HTTP server does not run scheduled jobs itself.
Jobs are persisted in the configured database (backgroundJobs.databaseIdentifier) in an internal background_jobs table. When a worker picks a job, the job is marked as handed off with a unique lease id and the worker reports completion or failure back to the main process. If that worker socket disconnects unexpectedly, only the leases handed to that exact socket are immediately returned to the queue; late reports are fenced by lease id so they cannot mutate a newer attempt. This recovery is at-least-once and may repeat application side effects if the disconnected attempt had already started them. Gracefully draining workers keep their leases while they finish. When the main itself restarts (every deploy), a reconnecting worker's still-active handoffs are adopted into its new socket on hello so a later disconnect releases them instead of leaving them stuck until the orphan sweep; the main never time-reclaims a disconnected worker's jobs, so a gracefully-draining old-release worker is not double-run. For rolling upgrades, upgrade workers before the main process: a lease-aware main keeps legacy workers connected for old reports but dispatches new jobs only to workers advertising lease-reporting support. See docs/background-jobs.md.
Failed jobs are re-queued with backoff and retried up to 10 times by default (10s, 1m, 10m, 1h, then +1h per retry). You can override the retry limit per job:
await MyJob.performLaterWithOptions({
args: ["a", "b"],
options: {maxRetries: 3}
})If a handed-off job does not report back within 2 hours, it is marked orphaned and re-queued if retries remain.
Workers also send periodic heartbeats (and use TCP keepalive) so the main can drop a wedged or half-open worker that never fires a socket close and release its leases, and job slots are freed independently of durable, background result reporting so a transient outage can't wedge a worker or lose a completion. See docs/background-jobs.md.
Every background-jobs process sets a descriptive process.title (velocious background-jobs-main/-worker/server/beacon), and each forked/spawned job runner is named after the job it runs (velocious job-runner: <JobName>, or a job class's static processTitle), so ps/top show which jobs are consuming resources. See docs/background-jobs.md.
Give a job a queue with static queue = "..." (or a {queue} job option; the option wins) and cap how many of that queue's jobs run in flight across the whole cluster under backgroundJobs.queues:
backgroundJobs: {
queues: {
builds: {maxConcurrent: 100}, // I/O-bound: can run well above the core count
default: {maxConcurrent: 8} // CPU-bound: keep near the core count
}
}A job with no queue runs on "default"; a queue with no cap is unlimited. Caps are enforced through the durable per-key concurrency mechanism (the reserved queue:<name> key), hold regardless of how many worker processes run, and are reconciled against the existing backlog on startup when you change them. Scheduled jobs honor a job's static queue too.
Set priority (default 0) to dispatch a queue ahead of lower-priority ones regardless of enqueue order, so a small time-critical queue is never starved by a flood of low-priority work sharing a worker pool. Unlike Sidekiq's strict queue ordering, priority composes with the caps: a higher-priority queue already at its maxConcurrent is skipped and dispatch falls through to the next eligible job. See docs/background-jobs.md.
Terminal background_jobs rows are not deleted automatically unless you configure retention, so a busy app otherwise grows the table indefinitely. Set backgroundJobs.retention to prune old terminal rows:
backgroundJobs: {
retention: {
completedTtlMs: 7 * 24 * 60 * 60 * 1000, // default: 7 days (null/0 disables)
failedTtlMs: 30 * 24 * 60 * 60 * 1000, // default: 30 days for failed/orphaned (null/0 disables)
batchSize: 1000, // default: 1000 rows per delete batch
sweepIntervalMs: 60 * 60 * 1000 // default: 1 hour
}
}background-jobs-main registers a built-in velocious:prune-terminal-background-jobs job on the scheduler when retention is enabled, so pruning runs as an ordinary scheduled/queued job (it needs a worker, appears in the job tables, and is bounded to one non-overlapping run). See docs/background-jobs.md.
Velocious ships a mountable read-only HTTP API for inspecting jobs (queued, running, completed, failed, orphaned and scheduled), similar in spirit to sidekiq-web. Mount it in your routes file the way Sidekiq::Web is mounted in Rails:
import VelociousBackgroundJobsApi from "velocious/build/src/background-jobs/web/index.js"
routes.draw((route) => {
route.mount(VelociousBackgroundJobsApi, {
at: "/velocious/jobs",
authorize: async ({request, ability}) => Boolean(ability?.can("manage", "BackgroundJobs")),
accessTokens: [process.env.VELOCIOUS_JOBS_TOKEN]
})
})It exposes GET /api/stats, /api/jobs, /api/jobs/:id, /api/schedule and /api/health under the mount path, gated by a bearer token and/or an authorize callback (loopback-only when neither is configured). The dashboard UI is a separate Expo app. See docs/background-jobs-dashboard.md.
npx velocious server --host 0.0.0.0 --port 8082When the server runs in the development environment, Velocious watches application src/ trees and hot-reloads by recycling HTTP workers after .js/.mjs/.cjs/.json/.ejs changes. That picks up edited controllers, models, resources, routes, and views without a manual server restart while keeping production/test behavior unchanged.
Starting the HTTP server creates tmp/server.lock under the configured application directory before Beacon, workers, or the TCP listener start. A second server for the same app fails fast with the lock owner details instead of partially starting. Normal shutdown removes the lock; stale locks with a dead local PID are reclaimed automatically, while locks from another host or unreadable metadata should be removed manually only after confirming no server is running. See docs/http-server.md.
Define resource classes with an abilities() method and use can / cannot rules to constrain model access.
import Ability from "velocious/build/src/authorization/ability.js"
import BaseResource from "velocious/build/src/authorization/base-resource.js"
import User from "@/src/models/user"
class UserResource extends BaseResource {
static ModelClass = User
abilities() {
const currentUser = this.currentUser()
if (currentUser) {
this.can("read", {id: currentUser.id()})
}
}
}
export default new Configuration({
// ...
abilityResolver: ({configuration, params, request, response}) => {
return new Ability({
context: {
configuration,
currentUser: undefined, // set from your auth/session layer
params,
request,
response
},
resources: [UserResource]
})
}
})Then query through authorization rules:
const users = await User.accessible().toArray()accessible() reads from Current.ability() (request-scoped via AsyncLocalStorage on Node).
You can also pass an ability explicitly:
const ability = new Ability({context: {currentUser}, resources: [UserResource]})
const users = await User.accessible(ability).toArray()Or require explicit ability passing:
const users = await User.accessibleBy(ability).toArray()Velocious can resolve a request-scoped tenant and override configured database identifiers per tenant for HTTP routes, websocket subscriptions, and websocket event delivery.
import Configuration from "velocious/build/src/configuration.js"
export default new Configuration({
// ...
tenantResolver: async ({params, subscription}) => {
const projectSlug = subscription?.params?.project_slug || params.project_slug
if (!projectSlug) return
return {
databaseIdentifiers: ["auditTenant"],
projectSlug
}
},
tenantDatabaseResolver: ({databaseConfiguration, identifier, tenant}) => {
if (identifier !== "auditTenant" || !tenant?.projectSlug) return
return {name: `${databaseConfiguration.name}-${tenant.projectSlug}`}
}
})Use configuration.runWithTenant(tenant, callback) or Current.tenant() when custom model/database routing needs to read the active tenant manually. The tenant is an app-defined value — inputs (runWithTenant/Current.setTenant/Current.withTenant) accept any object, Current.tenant() returns Record<string, unknown> | undefined, and the switchesTenantDatabase(...) resolver callback receives Record<string, unknown> | null | undefined, so narrow before reading fields. See tenant object typing.
Tenant-switched model classes fail closed by default: if switchesTenantDatabase(...) cannot resolve a tenant database identifier for the current tenant, Velocious raises TenantDatabaseScopeError instead of running the query against the configured fallback database. Set enforceTenantDatabaseScopes: false only for legacy apps that still need the old fallback behavior during migration.
For Apartment-style project/account databases, mark the logical per-tenant identifier with tenantOnly: true, provide tenantDatabaseProviders, and run tenant lifecycle commands explicitly. One logical identifier can resolve to any number of physical tenant databases at runtime; provider listTenants is queried for every command run so added/removed tenants do not require configuration changes or redeploys. Cross-tenant dependent: "restrict" checks use the matching provider's optional listRestrictTenants when present, otherwise listTenants, and fail closed when the target tenant identifier has no configured provider.
npx velocious db:tenants:create projectTenant
npx velocious db:tenants:check projectTenant
npx velocious db:tenants:migrate projectTenant
npx velocious db:tenants:migrate projectTenant --parallel 20afterMigrateTenant hooks run inside the active default and tenant database connection scope for the tenant being migrated.
At runtime, the apartment-style Tenant façade (velocious/build/src/tenants/tenant.js) is the single entry point: Tenant.with(tenant, callback) / Tenant.current() to switch into and read a tenant context, Tenant.each({identifier, callback, parallel?, filter?}) to run a callback within every provider-listed tenant, and Tenant.drop({identifier, tenant}) (plus the db:tenants:drop CLI command) to drop a tenant's database through the provider's dropDatabase hook. Tenant.with and Tenant.each run their callbacks inside ensureConnections, so switching into a tenant establishes its database connections (global + tenant) and passes them to the callback — the tenant is immediately queryable without the caller wiring up connections (already-open connections are reused, so nesting does not double-connect). Tenant.with is generic over its callback's return type, so a value returned from inside the tenant context comes back to the caller with its type preserved (no cast needed). Tenant.aggregateAcross({identifier, aggregates, keyColumns, subquery, tenants?, filter?}) runs one aggregate over the same table across many tenant databases and returns the merged result — grouping tenants by server and using a single cross-database UNION ALL where the driver supports two-part `database`.`table` references (MySQL/MariaDB) or one query per tenant otherwise (PostgreSQL/SQLite/MSSQL).
See docs/tenant-databases.md for the full configuration and migration pattern.