bump cookie parser dependency to 1.0.1

move support for multiple res.cookie calls to lib/response
Patch.js is simpler and follows upstream node.js closer as a result.
2014-02-22 09:20:15 -05:00 · 2014-02-17 23:50:22 -05:00 · 2014-02-17 23:39:09 -05:00 · 2014-02-17 23:36:56 -05:00 · 2014-02-15 20:21:45 -05:00 · 2014-02-04 10:15:46 -05:00
@@ -16,3 +16,4 @@ testing
 .coverage_data
 cover_html
 test.js
+.idea
@@ -1,3 +1,3 @@
 language: node_js
 node_js:
-  - 0.6
+  - "0.10"
@@ -1,10 +1,313 @@
+4.0.0 /
+==================

-3.0.0beta7 / 2012-07-16 
+ * remove:
+   - express(1) - moved to [express-generator](https://github.com/expressjs/generator)
+   - `req.accepted*` - use `req.accepts*()` instead
+   - `app.configure` - use logic in your own app code
+   - `express.createServer()` - it has been deprecated for a long time. Use `express()`
+   - `app.router` - is removed
+   - all bundled middleware except `static`
+ * change:
+   - `req.accepts*` -> `req.accepts*s` - i.e. `req.acceptsEncoding` -> `req.acceptsEncodings`
+   - `req.params` is now an object instead of an array
+   - `json spaces` no longer enabled by default in development
+   - `res.locals` is no longer a function. It is a plain js object. Treat it as such.
+   - `app.route` -> `app.mountpath` when mounting an express app in another express app
+   - `res.headerSent` -> `res.headersSent` to match node.js ServerResponse object
+ * refactor:
+   - `req.accepts*` with [accepts](https://github.com/expressjs/accepts)
+   - `req.is` with [type-is](https://github.com/expressjs/type-is)
+ * add:
+   - `app.router()` - returns the app Router instance
+   - `app.route()` - Proxy to the app's `Router#route()` method to create a new route
+   - Router & Route - public API
+
+3.4.7 / 2013-12-10
+==================
+
+ * update connect
+
+3.4.6 / 2013-12-01
+==================
+
+ * update connect (raw-body)
+
+3.4.5 / 2013-11-27
+==================
+
+ * update connect
+ * res.location: remove leading ./ #1802 @kapouer
+ * res.redirect: fix `res.redirect('toString') #1829 @michaelficarra
+ * res.send: always send ETag when content-length > 0
+ * router: add Router.all() method
+
+3.4.4 / 2013-10-29
+==================
+
+ * update connect
+ * update supertest
+ * update methods
+ * express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04
+
+3.4.3 / 2013-10-23
+==================
+
+ * update connect
+
+3.4.2 / 2013-10-18
+==================
+
+ * update connect
+ * downgrade commander
+
+3.4.1 / 2013-10-15
+==================
+
+ * update connect
+ * update commander
+ * jsonp: check if callback is a function
+ * router: wrap encodeURIComponent in a try/catch #1735 (@lxe)
+ * res.format: now includes chraset @1747 (@sorribas)
+ * res.links: allow multiple calls @1746 (@sorribas)
+
+3.4.0 / 2013-09-07
+==================
+
+ * add res.vary(). Closes #1682
+ * update connect
+
+3.3.8 / 2013-09-02
+==================
+
+ * update connect
+
+3.3.7 / 2013-08-28
+==================
+
+ * update connect
+
+3.3.6 / 2013-08-27
+==================
+
+ * Revert "remove charset from json responses. Closes #1631" (causes issues in some clients)
+ * add: req.accepts take an argument list
+
+3.3.4 / 2013-07-08
+==================
+
+ * update send and connect
+
+3.3.3 / 2013-07-04
+==================
+
+ * update connect
+
+3.3.2 / 2013-07-03
+==================
+
+ * update connect
+ * update send
+ * remove .version export
+
+3.3.1 / 2013-06-27
+==================
+
+ * update connect
+
+3.3.0 / 2013-06-26
+==================
+
+ * update connect
+ * add support for multiple X-Forwarded-Proto values. Closes #1646
+ * change: remove charset from json responses. Closes #1631
+ * change: return actual booleans from req.accept* functions
+ * fix jsonp callback array throw
+
+3.2.6 / 2013-06-02
+==================
+
+ * update connect
+
+3.2.5 / 2013-05-21
+==================
+
+ * update connect
+ * update node-cookie
+ * add: throw a meaningful error when there is no default engine
+ * change generation of ETags with res.send() to GET requests only. Closes #1619
+
+3.2.4 / 2013-05-09
+==================
+
+  * fix `req.subdomains` when no Host is present
+  * fix `req.host` when no Host is present, return undefined
+
+3.2.3 / 2013-05-07
+==================
+
+  * update connect / qs
+
+3.2.2 / 2013-05-03
+==================
+
+  * update qs
+
+3.2.1 / 2013-04-29
+==================
+
+  * add app.VERB() paths array deprecation warning
+  * update connect
+  * update qs and remove all ~ semver crap
+  * fix: accept number as value of Signed Cookie
+
+3.2.0 / 2013-04-15
+==================
+
+  * add "view" constructor setting to override view behaviour
+  * add req.acceptsEncoding(name)
+  * add req.acceptedEncodings
+  * revert cookie signature change causing session race conditions
+  * fix sorting of Accept values of the same quality
+
+3.1.2 / 2013-04-12
+==================
+
+  * add support for custom Accept parameters
+  * update cookie-signature
+
+3.1.1 / 2013-04-01
+==================
+
+  * add X-Forwarded-Host support to `req.host`
+  * fix relative redirects
+  * update mkdirp
+  * update buffer-crc32
+  * remove legacy app.configure() method from app template.
+
+3.1.0 / 2013-01-25
+==================
+
+  * add support for leading "." in "view engine" setting
+  * add array support to `res.set()`
+  * add node 0.8.x to travis.yml
+  * add "subdomain offset" setting for tweaking `req.subdomains`
+  * add `res.location(url)` implementing `res.redirect()`-like setting of Location
+  * use app.get() for x-powered-by setting for inheritance
+  * fix colons in passwords for `req.auth`
+
+3.0.6 / 2013-01-04
+==================
+
+  * add http verb methods to Router
+  * update connect
+  * fix mangling of the `res.cookie()` options object
+  * fix jsonp whitespace escape. Closes #1132
+
+3.0.5 / 2012-12-19
+==================
+
+  * add throwing when a non-function is passed to a route
+  * fix: explicitly remove Transfer-Encoding header from 204 and 304 responses
+  * revert "add 'etag' option"
+
+3.0.4 / 2012-12-05
+==================
+
+  * add 'etag' option to disable `res.send()` Etags
+  * add escaping of urls in text/plain in `res.redirect()`
+    for old browsers interpreting as html
+  * change crc32 module for a more liberal license
+  * update connect
+
+3.0.3 / 2012-11-13
+==================
+
+  * update connect
+  * update cookie module
+  * fix cookie max-age
+
+3.0.2 / 2012-11-08
+==================
+
+  * add OPTIONS to cors example. Closes #1398
+  * fix route chaining regression. Closes #1397
+
+3.0.1 / 2012-11-01
+==================
+
+  * update connect
+
+3.0.0 / 2012-10-23
+==================
+
+  * add `make clean`
+  * add "Basic" check to req.auth
+  * add `req.auth` test coverage
+  * add cb && cb(payload) to `res.jsonp()`. Closes #1374
+  * add backwards compat for `res.redirect()` status. Closes #1336
+  * add support for `res.json()` to retain previously defined Content-Types. Closes #1349
+  * update connect
+  * change `res.redirect()` to utilize a pathname-relative Location again. Closes #1382
+  * remove non-primitive string support for `res.send()`
+  * fix view-locals example. Closes #1370
+  * fix route-separation example
+
+3.0.0rc5 / 2012-09-18
+==================
+
+  * update connect
+  * add redis search example
+  * add static-files example
+  * add "x-powered-by" setting (`app.disable('x-powered-by')`)
+  * add "application/octet-stream" redirect Accept test case. Closes #1317
+
+3.0.0rc4 / 2012-08-30
+==================
+
+  * add `res.jsonp()`. Closes #1307
+  * add "verbose errors" option to error-pages example
+  * add another route example to express(1) so people are not so confused
+  * add redis online user activity tracking example
+  * update connect dep
+  * fix etag quoting. Closes #1310
+  * fix error-pages 404 status
+  * fix jsonp callback char restrictions
+  * remove old OPTIONS default response
+
+3.0.0rc3 / 2012-08-13
+==================
+
+  * update connect dep
+  * fix signed cookies to work with `connect.cookieParser()` ("s:" prefix was missing) [tnydwrds]
+  * fix `res.render()` clobbering of "locals"
+
+3.0.0rc2 / 2012-08-03
+==================
+
+  * add CORS example
+  * update connect dep
+  * deprecate `.createServer()` & remove old stale examples
+  * fix: escape `res.redirect()` link
+  * fix vhost example
+
+3.0.0rc1 / 2012-07-24
+==================
+
+  * add more examples to view-locals
+  * add scheme-relative redirects (`res.redirect("//foo.com")`) support
+  * update cookie dep
+  * update connect dep
+  * update send dep
+  * fix `express(1)` -h flag, use -H for hogan. Closes #1245
+  * fix `res.sendfile()` socket error handling regression
+
+3.0.0beta7 / 2012-07-16
 ==================

  * update connect dep for `send()` root normalization regression

-3.0.0beta6 / 2012-07-13 
+3.0.0beta6 / 2012-07-13
 ==================

  * add `err.view` property for view errors. Closes #1226
@@ -14,7 +317,7 @@
  * change `res.send` to use "response-send" module
  * remove `app.locals.use` and `res.locals.use`, use regular middleware

-3.0.0beta5 / 2012-07-03 
+3.0.0beta5 / 2012-07-03
 ==================

  * add "make check" support
@@ -25,7 +328,7 @@
  * update auth example to utilize cores pbkdf2
  * updated tests to use "supertest"

-3.0.0beta4 / 2012-06-25 
+3.0.0beta4 / 2012-06-25
 ==================

  * Added `req.auth`
@@ -37,7 +340,7 @@
  * Revert "Added + support to the router"
  * Fixed `res.send()` freshness check, respect res.statusCode

-3.0.0beta3 / 2012-06-15 
+3.0.0beta3 / 2012-06-15
 ==================

  * Added hogan `--hjs` to express(1) [nullfirm]
@@ -46,7 +349,7 @@
  * Changed: `res.send()` always checks freshness
  * Fixed: expose connects mime module. Cloases #1165

-3.0.0beta2 / 2012-06-06 
+3.0.0beta2 / 2012-06-06
 ==================

  * Added `+` support to the router
@@ -54,13 +357,13 @@
  * Changed `req.param()` to check route first
  * Update connect dep

-3.0.0beta1 / 2012-06-01 
+3.0.0beta1 / 2012-06-01
 ==================

  * Added `res.format()` callback to override default 406 behaviour
  * Fixed `res.redirect()` 406. Closes #1154

-3.0.0alpha5 / 2012-05-30 
+3.0.0alpha5 / 2012-05-30
 ==================

  * Added `req.ip`
@@ -69,14 +372,14 @@
  * Changed: dont reverse `req.ips`
  * Fixed "trust proxy" setting check for `req.ips`

-3.0.0alpha4 / 2012-05-09 
+3.0.0alpha4 / 2012-05-09
 ==================

  * Added: allow `[]` in jsonp callback. Closes #1128
  * Added `PORT` env var support in generated template. Closes #1118 [benatkin]
  * Updated: connect 2.2.2

-3.0.0alpha3 / 2012-05-04 
+3.0.0alpha3 / 2012-05-04
 ==================

  * Added public `app.routes`. Closes #887
@@ -91,7 +394,7 @@
  * Changed: `make test` now runs unit / acceptance tests
  * Fixed req/res proto inheritance

-3.0.0alpha2 / 2012-04-26 
+3.0.0alpha2 / 2012-04-26
 ==================

  * Added `make benchmark` back
@@ -107,7 +410,7 @@
  * Fixed session example. Closes #1105
  * Fixed generated express dep. Closes #1078

-3.0.0alpha1 / 2012-04-15 
+3.0.0alpha1 / 2012-04-15
 ==================

  * Added `app.locals.use(callback)`
@@ -162,54 +465,54 @@
  * Fixed `res.sendfile()` with non-GET. Closes #723
  * Fixed express(1) public dir for windows. Closes #866

-2.5.9/ 2012-04-02 
+2.5.9/ 2012-04-02
 ==================

  * Added support for PURGE request method [pbuyle]
  * Fixed `express(1)` generated app `app.address()` before `listening` [mmalecki]

-2.5.8 / 2012-02-08 
+2.5.8 / 2012-02-08
 ==================

  * Update mkdirp dep. Closes #991

-2.5.7 / 2012-02-06 
+2.5.7 / 2012-02-06
 ==================

  * Fixed `app.all` duplicate DELETE requests [mscdex]

-2.5.6 / 2012-01-13 
+2.5.6 / 2012-01-13
 ==================

  * Updated hamljs dev dep. Closes #953

-2.5.5 / 2012-01-08 
+2.5.5 / 2012-01-08
 ==================

  * Fixed: set `filename` on cached templates [matthewleon]

-2.5.4 / 2012-01-02 
+2.5.4 / 2012-01-02
 ==================

  * Fixed `express(1)` eol on 0.4.x. Closes #947

-2.5.3 / 2011-12-30 
+2.5.3 / 2011-12-30
 ==================

  * Fixed `req.is()` when a charset is present

-2.5.2 / 2011-12-10 
+2.5.2 / 2011-12-10
 ==================

  * Fixed: express(1) LF -> CRLF for windows

-2.5.1 / 2011-11-17 
+2.5.1 / 2011-11-17
 ==================

  * Changed: updated connect to 1.8.x
  * Removed sass.js support from express(1)

-2.5.0 / 2011-10-24 
+2.5.0 / 2011-10-24
 ==================

  * Added ./routes dir for generated app by default
@@ -218,7 +521,7 @@
  * Removed `make test-cov` since it wont work with node 0.5.x
  * Fixed express(1) public dir for windows. Closes #866

-2.4.7 / 2011-10-05 
+2.4.7 / 2011-10-05
 ==================

  * Added mkdirp to express(1). Closes #795
@@ -229,17 +532,17 @@
  * Fixed `req.flash()`, only escape args
  * Fixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie]

-2.4.6 / 2011-08-22 
+2.4.6 / 2011-08-22
 ==================

  * Fixed multiple param callback regression. Closes #824 [reported by TroyGoode]

-2.4.5 / 2011-08-19 
+2.4.5 / 2011-08-19
 ==================

  * Added support for routes to handle errors. Closes #809
  * Added `app.routes.all()`. Closes #803
-  * Added "basepath" setting to work in conjunction with reverse proxies etc.   
+  * Added "basepath" setting to work in conjunction with reverse proxies etc.
  * Refactored `Route` to use a single array of callbacks
  * Added support for multiple callbacks for `app.param()`. Closes #801
 Closes #805
@@ -247,25 +550,25 @@ Closes #805
  * Dependency: `qs >= 0.3.1`
  * Fixed `res.redirect()` on windows due to `join()` usage. Closes #808

-2.4.4 / 2011-08-05 
+2.4.4 / 2011-08-05
 ==================

  * Fixed `res.header()` intention of a set, even when `undefined`
  * Fixed `*`, value no longer required
  * Fixed `res.send(204)` support. Closes #771

-2.4.3 / 2011-07-14 
+2.4.3 / 2011-07-14
 ==================

  * Added docs for `status` option special-case. Closes #739
  * Fixed `options.filename`, exposing the view path to template engines

-2.4.2. / 2011-07-06 
+2.4.2. / 2011-07-06
 ==================

  * Revert "removed jsonp stripping" for XSS

-2.4.1 / 2011-07-06 
+2.4.1 / 2011-07-06
 ==================

  * Added `res.json()` JSONP support. Closes #737
@@ -277,14 +580,14 @@ Closes #805
  * Changed; default cookie path to "home" setting. Closes #731
  * Removed _pids/logs_ creation from express(1)

-2.4.0 / 2011-06-28 
+2.4.0 / 2011-06-28
 ==================

  * Added chainable `res.status(code)`
  * Added `res.json()`, an explicit version of `res.send(obj)`
  * Added simple web-service example

-2.3.12 / 2011-06-22 
+2.3.12 / 2011-06-22
 ==================

  * \#express is now on freenode! come join!
@@ -296,7 +599,7 @@ Closes #805
  * Fixed view layout bug. Closes #720
  * Fixed; ignore body on 304. Closes #701

-2.3.11 / 2011-06-04 
+2.3.11 / 2011-06-04
 ==================

  * Added `npm test`
@@ -304,14 +607,14 @@ Closes #805
  * Fixed; `express(1)` adds express as a dep
  * Fixed; prune on `prepublish`

-2.3.10 / 2011-05-27 
+2.3.10 / 2011-05-27
 ==================

  * Added `req.route`, exposing the current route
  * Added _package.json_ generation support to `express(1)`
  * Fixed call to `app.param()` function for optional params. Closes #682

-2.3.9 / 2011-05-25 
+2.3.9 / 2011-05-25
 ==================

  * Fixed bug-ish with `../' in `res.partial()` calls
@@ -330,7 +633,7 @@ Closes #805
  * Removed module.parent check from express(1) generated app. Closes #670
  * Refactored router. Closes #639

-2.3.6 / 2011-05-20 
+2.3.6 / 2011-05-20
 ==================

  * Changed; using devDependencies instead of git submodules
@@ -338,30 +641,30 @@ Closes #805
  * Fixed markdown example
  * Fixed view caching, should not be enabled in development

-2.3.5 / 2011-05-20 
+2.3.5 / 2011-05-20
 ==================

  * Added export `.view` as alias for `.View`

-2.3.4 / 2011-05-08 
+2.3.4 / 2011-05-08
 ==================

  * Added `./examples/say`
  * Fixed `res.sendfile()` bug preventing the transfer of files with spaces

-2.3.3 / 2011-05-03 
+2.3.3 / 2011-05-03
 ==================

  * Added "case sensitive routes" option.
  * Changed; split methods supported per rfc [slaskis]
  * Fixed route-specific middleware when using the same callback function several times

-2.3.2 / 2011-04-27 
+2.3.2 / 2011-04-27
 ==================

  * Fixed view hints

-2.3.1 / 2011-04-26 
+2.3.1 / 2011-04-26
 ==================

  * Added `app.match()` as `app.match.all()`
@@ -371,7 +674,7 @@ Closes #805
  * Fixed template caching collision issue. Closes #644
  * Moved router over from connect and started refactor

-2.3.0 / 2011-04-25 
+2.3.0 / 2011-04-25
 ==================

  * Added options support to `res.clearCookie()`
@@ -380,18 +683,18 @@ Closes #805
  * Changed; auto set Content-Type in res.attachement [Aaron Heckmann]
  * Renamed "cache views" to "view cache". Closes #628
  * Fixed caching of views when using several apps. Closes #637
-  * Fixed gotcha invoking `app.param()` callbacks once per route middleware. 
+  * Fixed gotcha invoking `app.param()` callbacks once per route middleware.
 Closes #638
  * Fixed partial lookup precedence. Closes #631
 Shaw]

-2.2.2 / 2011-04-12 
+2.2.2 / 2011-04-12
 ==================

  * Added second callback support for `res.download()` connection errors
  * Fixed `filename` option passing to template engine

-2.2.1 / 2011-04-04 
+2.2.1 / 2011-04-04
 ==================

  * Added `layout(path)` helper to change the layout within a view. Closes #610
@@ -405,7 +708,7 @@ Shaw]
  * Removed `request` and `response` locals
  * Changed; errorHandler page title is now `Express` instead of `Connect`

-2.2.0 / 2011-03-30 
+2.2.0 / 2011-03-30
 ==================

  * Added `app.lookup.VERB()`, ex `app.lookup.put('/user/:id')`. Closes #606
@@ -413,14 +716,14 @@ Shaw]
  * Added `app.VERB(path)` as alias of `app.lookup.VERB()`.
  * Dependency `connect >= 1.2.0`

-2.1.1 / 2011-03-29 
+2.1.1 / 2011-03-29
 ==================

  * Added; expose `err.view` object when failing to locate a view
  * Fixed `res.partial()` call `next(err)` when no callback is given [reported by aheckmann]
  * Fixed; `res.send(undefined)` responds with 204 [aheckmann]

-2.1.0 / 2011-03-24 
+2.1.0 / 2011-03-24
 ==================

  * Added `<root>/_?<name>` partial lookup support. Closes #447
@@ -431,20 +734,20 @@ Shaw]
  * Fixed stylus example for latest version
  * Fixed; wrap try/catch around `res.render()`

-2.0.0 / 2011-03-17 
+2.0.0 / 2011-03-17
 ==================

  * Fixed up index view path alternative.
  * Changed; `res.locals()` without object returns the locals

-2.0.0rc3 / 2011-03-17 
+2.0.0rc3 / 2011-03-17
 ==================

  * Added `res.locals(obj)` to compliment `res.local(key, val)`
  * Added `res.partial()` callback support
  * Fixed recursive error reporting issue in `res.render()`

-2.0.0rc2 / 2011-03-17 
+2.0.0rc2 / 2011-03-17
 ==================

  * Changed; `partial()` "locals" are now optional
@@ -453,14 +756,14 @@ Shaw]
  * Fixed blog example
  * Fixed `{req,res}.app` reference when mounting [Ben Weaver]

-2.0.0rc / 2011-03-14 
+2.0.0rc / 2011-03-14
 ==================

  * Fixed; expose `HTTPSServer` constructor
  * Fixed express(1) default test charset. Closes #579 [reported by secoif]
  * Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP]

-2.0.0beta3 / 2011-03-09 
+2.0.0beta3 / 2011-03-09
 ==================

  * Added support for `res.contentType()` literal
@@ -478,13 +781,13 @@ Shaw]
  * Fixed; default `res.send()` string charset to utf8
  * Removed `Partial` constructor (not currently used)

-2.0.0beta2 / 2011-03-07 
+2.0.0beta2 / 2011-03-07
 ==================

  * Added res.render() `.locals` support back to aid in migration process
  * Fixed flash example

-2.0.0beta / 2011-03-03 
+2.0.0beta / 2011-03-03
 ==================

  * Added HTTPS support
@@ -517,46 +820,46 @@ Shaw]
  * Fixed; strip unsafe chars from jsonp callbacks
  * Removed "stream threshold" setting

-1.0.8 / 2011-03-01 
+1.0.8 / 2011-03-01
 ==================

  * Allow `req.query` to be pre-defined (via middleware or other parent app)
  * "connect": ">= 0.5.0 < 1.0.0". Closes #547
  * Removed the long deprecated __EXPRESS_ENV__ support

-1.0.7 / 2011-02-07 
+1.0.7 / 2011-02-07
 ==================

  * Fixed `render()` setting inheritance.
    Mounted apps would not inherit "view engine"

-1.0.6 / 2011-02-07 
+1.0.6 / 2011-02-07
 ==================

  * Fixed `view engine` setting bug when period is in dirname

-1.0.5 / 2011-02-05 
+1.0.5 / 2011-02-05
 ==================

  * Added secret to generated app `session()` call

-1.0.4 / 2011-02-05 
+1.0.4 / 2011-02-05
 ==================

  * Added `qs` dependency to _package.json_
  * Fixed namespaced `require()`s for latest connect support

-1.0.3 / 2011-01-13 
+1.0.3 / 2011-01-13
 ==================

  * Remove unsafe characters from JSONP callback names [Ryan Grove]

-1.0.2 / 2011-01-10 
+1.0.2 / 2011-01-10
 ==================

  * Removed nested require, using `connect.router`

-1.0.1 / 2010-12-29 
+1.0.1 / 2010-12-29
 ==================

  * Fixed for middleware stacked via `createServer()`
@@ -564,7 +867,7 @@ Shaw]
    would not have access to Express methods such as `res.send()`
    or props like `req.query` etc.

-1.0.0 / 2010-11-16 
+1.0.0 / 2010-11-16
 ==================

  * Added; deduce partial object names from the last segment.
@@ -578,7 +881,7 @@ Shaw]
  * Added _-s, --session[s]_ flag to express(1) to add session related middleware
  * Added _--template_ flag to express(1) to specify the
    template engine to use.
-  * Added _--css_ flag to express(1) to specify the 
+  * Added _--css_ flag to express(1) to specify the
    stylesheet engine to use (or just plain css by default).
  * Added `app.all()` support [thanks aheckmann]
  * Added partial direct object support.
@@ -591,7 +894,7 @@ Shaw]
  * Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454
  * Fixed jsonp support; _text/javascript_ as per mailinglist discussion

-1.0.0rc4 / 2010-10-14 
+1.0.0rc4 / 2010-10-14
 ==================

  * Added _NODE_ENV_ support, _EXPRESS_ENV_ is deprecated and will be removed in 1.0.0
@@ -610,7 +913,7 @@ Shaw]
  * Fixed; exposing _./support_ libs to examples so they can run without installs
  * Fixed mvc example

-1.0.0rc3 / 2010-09-20 
+1.0.0rc3 / 2010-09-20
 ==================

  * Added confirmation for `express(1)` app generation. Closes #391
@@ -633,7 +936,7 @@ Shaw]
  * Fixed bug messing with error handlers when `listenFD()` is called instead of `listen()`. [thanks guillermo]


-1.0.0rc2 / 2010-08-17 
+1.0.0rc2 / 2010-08-17
 ==================

  * Added `app.register()` for template engine mapping. Closes #390
@@ -646,7 +949,7 @@ Shaw]
  * Fixed `res.sendfile()` error handling, defer via `next()`
  * Fixed `res.render()` callback when a layout is used [thanks guillermo]
  * Fixed; `make install` creating ~/.node_libraries when not present
-  * Fixed issue preventing error handlers from being defined anywhere. Closes #387 
+  * Fixed issue preventing error handlers from being defined anywhere. Closes #387

 1.0.0rc / 2010-07-28
 ==================
@@ -664,7 +967,7 @@ Shaw]
  * Fixed "home" setting
  * Fixed middleware/router precedence issue. Closes #366
  * Fixed; _configure()_ callbacks called immediately. Closes #368
-	
+
 1.0.0beta2 / 2010-07-23
 ==================

@@ -799,7 +1102,7 @@ Shaw]
  * Updated dependencies
  * Removed set("session cookie") in favour of use(Session, { cookie: { ... }})
  * Removed utils.mixin(); use Object#mergeDeep()
-  
+
 0.8.0 / 2010-03-19
 ==================

@@ -866,16 +1169,16 @@ Shaw]

  * Added seed.yml for kiwi package management support
  * Added HTTP client query string support when method is GET. Closes #205
-  
+
  * Added support for arbitrary view engines.
    For example "foo.engine.html" will now require('engine'),
    the exports from this module are cached after the first require().
-    
+
  * Added async plugin support
-  
+
  * Removed usage of RESTful route funcs as http client
    get() etc, use http.get() and friends
-  
+
  * Removed custom exceptions

 0.5.0 / 2010-03-10
@@ -1,6 +1,6 @@
 (The MIT License)

-Copyright (c) 2009-2011 TJ Holowaychuk <tj@vision-media.ca>
+Copyright (c) 2009-2013 TJ Holowaychuk <tj@vision-media.ca>

 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
@@ -1,16 +1,7 @@

-MOCHA_OPTS=
+MOCHA_OPTS= --check-leaks
 REPORTER = dot

-docs: docs/express.md
-
-docs/express.md: docs/application.md docs/request.md docs/response.md
-	cat $^ > $@
-
-docs/%.md: lib/%.js
-	@mkdir -p docs
-	dox --raw < $< | ./support/docs > $@
-
 check: test

 test: test-unit test-acceptance
@@ -18,6 +9,7 @@ test: test-unit test-acceptance
 test-unit:
 	@NODE_ENV=test ./node_modules/.bin/mocha \
 		--reporter $(REPORTER) \
+		--globals setImmediate,clearImmediate \
 		$(MOCHA_OPTS)

 test-acceptance:
@@ -32,10 +24,11 @@ test-cov: lib-cov
 lib-cov:
 	@jscoverage lib lib-cov

-docclean:
-	rm -fr docs
+bench:
+	@$(MAKE) -C benchmarks

-benchmark:
-	@./support/bench
+clean:
+	rm -f coverage.html
+	rm -fr lib-cov

-.PHONY: docs docclean test test-unit test-acceptance benchmark
+.PHONY: test test-unit test-acceptance bench clean
@@ -1,7 +1,8 @@
+[![express logo](http://f.cl.ly/items/0V2S1n0K1i3y1c122g04/Screen%20Shot%202012-04-11%20at%209.59.42%20AM.png)](http://expressjs.com/)

-![express logo](http://f.cl.ly/items/0V2S1n0K1i3y1c122g04/Screen%20Shot%202012-04-11%20at%209.59.42%20AM.png)
+  Fast, unopinionated, minimalist web framework for [node](http://nodejs.org).

-  Fast, unopinionated, minimalist web framework for [node](http://nodejs.org). [![Build Status](https://secure.travis-ci.org/visionmedia/express.png)](http://travis-ci.org/visionmedia/express)
+  [![Build Status](https://secure.travis-ci.org/visionmedia/express.png)](http://travis-ci.org/visionmedia/express) [![Gittip](http://img.shields.io/gittip/visionmedia.png)](https://www.gittip.com/visionmedia/)

 ```js
 var express = require('express');
@@ -18,10 +19,6 @@ app.listen(3000);

    $ npm install -g express

- To install the 3.0 alpha:
- 
-    $ npm install -g express@3.0
-
 ## Quick Start

 The quickest way to get started with express is to utilize the executable `express(1)` to generate an application as shown below:
@@ -53,111 +50,57 @@ app.listen(3000);

 ## Philosophy

-  The Express philosophy is to provide small, robust tooling for HTTP servers. Making
+  The Express philosophy is to provide small, robust tooling for HTTP servers, making
  it a great solution for single page applications, web sites, hybrids, or public
  HTTP APIs.
-  
-  Built on Connect you can use _only_ what you need, and nothing more, applications
+
+  Built on Connect, you can use _only_ what you need, and nothing more. Applications
  can be as big or as small as you like, even a single file. Express does
  not force you to use any specific ORM or template engine. With support for over
-  14 template engines via [Consolidate.js](http://github.com/visionmedia/consolidate.js)
+  14 template engines via [Consolidate.js](http://github.com/visionmedia/consolidate.js),
  you can quickly craft your perfect framework.

 ## More Information

+  * [Website and Documentation](http://expressjs.com/) stored at [visionmedia/expressjs.com](https://github.com/visionmedia/expressjs.com)
  * Join #express on freenode
  * [Google Group](http://groups.google.com/group/express-js) for discussion
  * Follow [tjholowaychuk](http://twitter.com/tjholowaychuk) on twitter for updates
  * Visit the [Wiki](http://github.com/visionmedia/express/wiki)
-  * [日本語ドキュメンテーション](http://hideyukisaito.com/doc/expressjs/) by [hideyukisaito](https://github.com/hideyukisaito)
-  * [Русскоязычная документация](http://express-js.ru/)
+  * [Русскоязычная документация](http://jsman.ru/express/)
+  * Run express examples [online](https://runnable.com/express)

 ## Viewing Examples

-First install the dev dependencies to install all the example / test suite deps:
+Clone the Express repo, then install the dev dependencies to install all the example / test suite dependencies:

+    $ git clone git://github.com/visionmedia/express.git --depth 1
    $ cd express
    $ npm install

-then run whichever tests you want:
+Then run whichever tests you want:

    $ node examples/content-negotiation

+You can also view live examples here:
+
+<a href="https://runnable.com/express" target="_blank"><img src="https://runnable.com/external/styles/assets/runnablebtn.png" style="width:67px;height:25px;"></a>
+
 ## Running Tests

-To run the test suite first invoke the following command within the repo, installing the development dependencies:
+To run the test suite, first invoke the following command within the repo, installing the development dependencies:

    $ npm install

-then run the tests:
+Then run the tests:

    $ make test

 ## Contributors

-```
-project: express
-commits: 3559
-active : 468 days
-files  : 237
-authors: 
- 1891	Tj Holowaychuk          53.1%
- 1285	visionmedia             36.1%
-  182	TJ Holowaychuk          5.1%
-   54	Aaron Heckmann          1.5%
-   34	csausdev                1.0%
-   26	ciaranj                 0.7%
-   21	Robert Sköld          0.6%
-    6	Guillermo Rauch         0.2%
-    3	Dav Glass               0.1%
-    3	Nick Poulden            0.1%
-    2	Randy Merrill           0.1%
-    2	Benny Wong              0.1%
-    2	Hunter Loftis           0.1%
-    2	Jake Gordon             0.1%
-    2	Brian McKinney          0.1%
-    2	Roman Shtylman          0.1%
-    2	Ben Weaver              0.1%
-    2	Dave Hoover             0.1%
-    2	Eivind Fjeldstad        0.1%
-    2	Daniel Shaw             0.1%
-    1	Matt Colyer             0.0%
-    1	Pau Ramon               0.0%
-    1	Pero Pejovic            0.0%
-    1	Peter Rekdal Sunde      0.0%
-    1	Raynos                  0.0%
-    1	Teng Siong Ong          0.0%
-    1	Viktor Kelemen          0.0%
-    1	ctide                   0.0%
-    1	8bitDesigner            0.0%
-    1	isaacs                  0.0%
-    1	mgutz                   0.0%
-    1	pikeas                  0.0%
-    1	shuwatto                0.0%
-    1	tstrimple               0.0%
-    1	ewoudj                  0.0%
-    1	Adam Sanderson          0.0%
-    1	Andrii Kostenko         0.0%
-    1	Andy Hiew               0.0%
-    1	Arpad Borsos            0.0%
-    1	Ashwin Purohit          0.0%
-    1	Benjen                  0.0%
-    1	Darren Torpey           0.0%
-    1	Greg Ritter             0.0%
-    1	Gregory Ritter          0.0%
-    1	James Herdman           0.0%
-    1	Jim Snodgrass           0.0%
-    1	Joe McCann              0.0%
-    1	Jonathan Dumaine        0.0%
-    1	Jonathan Palardy        0.0%
-    1	Jonathan Zacsh          0.0%
-    1	Justin Lilly            0.0%
-    1	Ken Sato                0.0%
-    1	Maciej Małecki         0.0%
-    1	Masahiro Hayashi        0.0%
-```
+  https://github.com/visionmedia/express/graphs/contributors

-## License 
+## License

 (The MIT License)

@@ -0,0 +1,13 @@
+
+all:
+	@./run 1 middleware
+	@./run 5 middleware
+	@./run 10 middleware
+	@./run 15 middleware
+	@./run 20 middleware
+	@./run 30 middleware
+	@./run 50 middleware
+	@./run 100 middleware
+	@echo
+
+.PHONY: all
@@ -0,0 +1,23 @@
+
+var http = require('http');
+var express = require('..');
+var app = express();
+
+// number of middleware
+
+var n = parseInt(process.env.MW || '1', 10);
+console.log('  %s middleware', n);
+
+while (n--) {
+  app.use(function(req, res, next){
+    next();
+  });
+}
+
+var body = new Buffer('Hello World');
+
+app.use(function(req, res, next){
+  res.send(body);
+});
+
+app.listen(3333);
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+echo
+MW=$1 node $2 &
+pid=$!
+
+sleep 2
+
+wrk 'http://localhost:3333/?foo[bar]=baz' \
+  -d 3 \
+  -c 50 \
+  -t 8 \
+  | grep 'Requests/sec' \
+  | awk '{ print "  " $2 }'
+
+kill $pid
@@ -1,403 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Module dependencies.
- */
-
-var exec = require('child_process').exec
-  , program = require('commander')
-  , mkdirp = require('mkdirp')
-  , pkg = require('../package.json')
-  , version = pkg.version
-  , os = require('os')
-  , fs = require('fs');
-
-// CLI
-
-program
-  .version(version)
-  .option('-s, --sessions', 'add session support')
-  .option('-e, --ejs', 'add ejs engine support (defaults to jade)')
-  .option('-J, --jshtml', 'add jshtml engine support (defaults to jade)')
-  .option('-h, --hogan', 'add hogan.js engine support')
-  .option('-c, --css <engine>', 'add stylesheet <engine> support (less|stylus) (defaults to plain css)')
-  .option('-f, --force', 'force on non-empty directory')
-  .parse(process.argv);
-
-// Path
-
-var path = program.args.shift() || '.';
-
-// end-of-line code
-
-var eol = 'win32' == os.platform() ? '\r\n' : '\n'
-
-// Template engine
-
-program.template = 'jade';
-if (program.ejs) program.template = 'ejs';
-if (program.jshtml) program.template = 'jshtml';
-if (program.hogan) program.template = 'hjs';
-
-/**
- * Routes index template.
- */
-
-var index = [
-    ''
-  , '/*'
-  , ' * GET home page.'
-  , ' */'
-  , ''
-  , 'exports.index = function(req, res){'
-  , '  res.render(\'index\', { title: \'Express\' });'
-  , '};'
-].join(eol);
-
-/**
- * Jade layout template.
- */
-
-var jadeLayout = [
-    'doctype 5'
-  , 'html'
-  , '  head'
-  , '    title= title'
-  , '    link(rel=\'stylesheet\', href=\'/stylesheets/style.css\')'
-  , '  body'
-  , '    block content'
-].join(eol);
-
-/**
- * Jade index template.
- */
-
-var jadeIndex = [
-    'extends layout'
-  , ''
-  , 'block content'
-  , '  h1= title'
-  , '  p Welcome to #{title}'
-].join(eol);
-
-/**
- * EJS index template.
- */
-
-var ejsIndex = [
-    '<!DOCTYPE html>'
-  , '<html>'
-  , '  <head>'
-  , '    <title><%= title %></title>'
-  , '    <link rel=\'stylesheet\' href=\'/stylesheets/style.css\' />'
-  , '  </head>'
-  , '  <body>'
-  , '    <h1><%= title %></h1>'
-  , '    <p>Welcome to <%= title %></p>'
-  , '  </body>'
-  , '</html>'
-].join(eol);
-
-/**
- * JSHTML layout template.
- */
-
-var jshtmlLayout = [
-    '<!DOCTYPE html>'
-  , '<html>'
-  , '  <head>'
-  , '    <title> @write(title) </title>'
-  , '    <link rel=\'stylesheet\' href=\'/stylesheets/style.css\' />'
-  , '  </head>'
-  , '  <body>'
-  , '    @write(body)'
-  , '  </body>'
-  , '</html>'
-].join(eol);
-
-/**
- * JSHTML index template.
- */
-
-var jshtmlIndex = [
-    '<h1>@write(title)</h1>'
-  , '<p>Welcome to @write(title)</p>'
-].join(eol);
-
-/**
- * Hogan.js index template.
- */
-var hoganIndex = [
-    '<!DOCTYPE html>'
-  , '<html>'
-  , '  <head>'
-  , '    <title>{{ title }}</title>'
-  , '    <link rel=\'stylesheet\' href=\'/stylesheets/style.css\' />'
-  , '  </head>'
-  , '  <body>'
-  , '    <h1>{{ title }}</h1>'
-  , '    <p>Welcome to {{ title }}</p>'
-  , '  </body>'
-  , '</html>'
-].join(eol);
-
-/**
- * Default css template.
- */
-
-var css = [
-    'body {'
-  , '  padding: 50px;'
-  , '  font: 14px "Lucida Grande", Helvetica, Arial, sans-serif;'
-  , '}'
-  , ''
-  , 'a {'
-  , '  color: #00B7FF;'
-  , '}'
-].join(eol);
-
-/**
- * Default less template.
- */
-
-var less = [
-    'body {'
-  , '  padding: 50px;'
-  , '  font: 14px "Lucida Grande", Helvetica, Arial, sans-serif;'
-  , '}'
-  , ''
-  , 'a {'
-  , '  color: #00B7FF;'
-  , '}'
-].join(eol);
-
-/**
- * Default stylus template.
- */
-
-var stylus = [
-    'body'
-  , '  padding: 50px'
-  , '  font: 14px "Lucida Grande", Helvetica, Arial, sans-serif'
-  , 'a'
-  , '  color: #00B7FF'
-].join(eol);
-
-/**
- * App template.
- */
-
-var app = [
-    ''
-  , '/**'
-  , ' * Module dependencies.'
-  , ' */'
-  , ''
-  , 'var express = require(\'express\')'
-  , '  , routes = require(\'./routes\')'
-  , '  , http = require(\'http\');'
-  , ''
-  , 'var app = express();'
-  , ''
-  , 'app.configure(function(){'
-  , '  app.set(\'port\', process.env.PORT || 3000);'
-  , '  app.set(\'views\', __dirname + \'/views\');'
-  , '  app.set(\'view engine\', \':TEMPLATE\');'
-  , '  app.use(express.favicon());'
-  , '  app.use(express.logger(\'dev\'));'
-  , '  app.use(express.bodyParser());'
-  , '  app.use(express.methodOverride());{sess}'
-  , '  app.use(app.router);{css}'
-  , '  app.use(express.static(__dirname + \'/public\'));'
-  , '});'
-  , ''
-  , 'app.configure(\'development\', function(){'
-  , '  app.use(express.errorHandler());'
-  , '});'
-  , ''
-  , 'app.get(\'/\', routes.index);'
-  , ''
-  , 'http.createServer(app).listen(app.get(\'port\'), function(){'
-  , '  console.log("Express server listening on port " + app.get(\'port\'));'
-  , '});'
-  , ''
-].join(eol);
-
-// Generate application
-
-(function createApplication(path) {
-  emptyDirectory(path, function(empty){
-    if (empty || program.force) {
-      createApplicationAt(path);
-    } else {
-      program.confirm('destination is not empty, continue? ', function(ok){
-        if (ok) {
-          process.stdin.destroy();
-          createApplicationAt(path);
-        } else {
-          abort('aborting');
-        }
-      });
-    }
-  });
-})(path);
-
-/**
- * Create application at the given directory `path`.
- *
- * @param {String} path
- */
-
-function createApplicationAt(path) {
-  console.log();
-  process.on('exit', function(){
-    console.log();
-    console.log('   install dependencies:');
-    console.log('     $ cd %s && npm install', path);
-    console.log();
-    console.log('   run the app:');
-    console.log('     $ node app');
-    console.log();
-  });
-
-  mkdir(path, function(){
-    mkdir(path + '/public');
-    mkdir(path + '/public/javascripts');
-    mkdir(path + '/public/images');
-    mkdir(path + '/public/stylesheets', function(){
-      switch (program.css) {
-        case 'less':
-          write(path + '/public/stylesheets/style.less', less);
-          break;
-        case 'stylus':
-          write(path + '/public/stylesheets/style.styl', stylus);
-          break;
-        default:
-          write(path + '/public/stylesheets/style.css', css);
-      }
-    });
-
-    mkdir(path + '/routes', function(){
-      write(path + '/routes/index.js', index);
-    });
-
-    mkdir(path + '/views', function(){
-      switch (program.template) {
-        case 'ejs':
-          write(path + '/views/index.ejs', ejsIndex);
-          break;
-        case 'jade':
-          write(path + '/views/layout.jade', jadeLayout);
-          write(path + '/views/index.jade', jadeIndex);
-          break;
-        case 'jshtml':
-          write(path + '/views/layout.jshtml', jshtmlLayout);
-          write(path + '/views/index.jshtml', jshtmlIndex);
-          break;
-        case 'hjs':
-          write(path + '/views/index.hjs', hoganIndex);
-          break;
-
-      }
-    });
-
-    // CSS Engine support
-    switch (program.css) {
-      case 'less':
-        app = app.replace('{css}', eol + '  app.use(require(\'less-middleware\')({ src: __dirname + \'/public\' }));');
-        break;
-      case 'stylus':
-        app = app.replace('{css}', eol + '  app.use(require(\'stylus\').middleware(__dirname + \'/public\'));');
-        break;
-      default:
-        app = app.replace('{css}', '');
-    }
-
-    // Session support
-    app = app.replace('{sess}', program.sessions
-      ? eol + '  app.use(express.cookieParser(\'your secret here\'));' + eol + '  app.use(express.session());'
-      : '');
-
-    // Template support
-    app = app.replace(':TEMPLATE', program.template);
-
-    // package.json
-    var pkg = {
-        name: 'application-name'
-      , version: '0.0.1'
-      , private: true
-      , scripts: { start: 'node app' }
-      , dependencies: {
-        express: version
-      }
-    }
-
-    if (program.template) pkg.dependencies[program.template] = '*';
-
-    // CSS Engine support
-    switch (program.css) {
-      case 'less':
-        pkg.dependencies['less-middleware'] = '*';
-        break;
-      default:
-        if (program.css) {
-          pkg.dependencies[program.css] = '*';
-        }
-    }
-
-    write(path + '/package.json', JSON.stringify(pkg, null, 2));
-    write(path + '/app.js', app);
-  });
-}
-
-/**
- * Check if the given directory `path` is empty.
- *
- * @param {String} path
- * @param {Function} fn
- */
-
-function emptyDirectory(path, fn) {
-  fs.readdir(path, function(err, files){
-    if (err && 'ENOENT' != err.code) throw err;
-    fn(!files || !files.length);
-  });
-}
-
-/**
- * echo str > path.
- *
- * @param {String} path
- * @param {String} str
- */
-
-function write(path, str) {
-  fs.writeFile(path, str);
-  console.log('   \x1b[36mcreate\x1b[0m : ' + path);
-}
-
-/**
- * Mkdir -p.
- *
- * @param {String} path
- * @param {Function} fn
- */
-
-function mkdir(path, fn) {
-  mkdirp(path, 0755, function(err){
-    if (err) throw err;
-    console.log('   \033[36mcreate\033[0m : ' + path);
-    fn && fn();
-  });
-}
-
-/**
- * Exit with the given `str`.
- *
- * @param {String} str
- */
-
-function abort(str) {
-  console.error(str);
-  process.exit(1);
-}
@@ -1,25 +0,0 @@
-
-var http = require('http');
-
-var times = 50;
-
-while (times--) {
-  var req = http.request({
-      port: 3000
-    , method: 'POST'
-    , headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
-  });
-
-  req.on('response', function(res){
-    console.log(res.statusCode);
-  });
-
-  var n = 500000;
-  while (n--) {
-    req.write('foo=bar&bar=baz&');
-  }
-
-  req.write('foo=bar&bar=baz');
-
-  req.end();
-}
@@ -1,181 +0,0 @@
-
-# app
-
-  Application prototype.
-
-# app.use()
-
-  Proxy `connect#use()` to apply settings to
-  mounted applications.
-
-# app.engine()
-
-  Register the given template engine callback `fn`
-  as `ext`.
-  
-  By default will `require()` the engine based on the
-  file extension. For example if you try to render
-  a "foo.jade" file Express will invoke the following internally:
-  
-      app.engine('jade', require('jade').__express);
-  
-  For engines that do not provide `.__express` out of the box,
-  or if you wish to "map" a different extension to the template engine
-  you may use this method. For example mapping the EJS template engine to
-  ".html" files
-  
-      app.engine('html', require('ejs').renderFile);
-  
-  In this case EJS provides a `.renderFile()` method with
-  the same signature that Express expects: `(path, options, callback)`,
-  though note that it aliases this method as `ejs.__express` internally
-  so if you're using ".ejs" extensions you dont need to do anything.
-  
-  Some template engines do not follow this convention, the
-  [Consolidate.js](https://github.com/visionmedia/consolidate.js)
-  library was created to map all of node's popular template
-  engines to follow this convention, thus allowing them to
-  work seemlessly within Express.
-
-# app.param()
-
-  Map the given param placeholder `name`(s) to the given callback(s).
-  
-  Parameter mapping is used to provide pre-conditions to routes
-  which use normalized placeholders. For example a _:user_id_ parameter
-  could automatically load a user's information from the database without
-  any additional code,
-  
-  The callback uses the samesignature as middleware, the only differencing
-  being that the value of the placeholder is passed, in this case the _id_
-  of the user. Once the `next()` function is invoked, just like middleware
-  it will continue on to execute the route, or subsequent parameter functions.
-  
-       app.param('user_id', function(req, res, next, id){
-         User.find(id, function(err, user){
-           if (err) {
-             next(err);
-           } else if (user) {
-             req.user = user;
-             next();
-           } else {
-             next(new Error('failed to load user'));
-           }
-         });
-       });
-
-# app.set()
-
-  Assign `setting` to `val`, or return `setting`'s value.
-  
-     app.set('foo', 'bar');
-     app.get('foo');
-     // => "bar"
-  
-  Mounted servers inherit their parent server's settings.
-
-# app.enabled()
-
-  Check if `setting` is enabled (truthy).
-  
-     app.enabled('foo')
-     // => false
-  
-     app.enable('foo')
-     app.enabled('foo')
-     // => true
-
-# app.disabled()
-
-  Check if `setting` is disabled.
-  
-     app.disabled('foo')
-     // => true
-  
-     app.enable('foo')
-     app.disabled('foo')
-     // => false
-
-# app.enable()
-
-  Enable `setting`.
-
-# app.disable()
-
-  Disable `setting`.
-
-# app.configure()
-
-  Configure callback for zero or more envs,
-  when no `env` is specified that callback will
-  be invoked for all environments. Any combination
-  can be used multiple times, in any order desired.
-  
-  ## Examples
-  
-     app.configure(function(){
-       // executed for all envs
-     });
-  
-     app.configure('stage', function(){
-       // executed staging env
-     });
-  
-     app.configure('stage', 'production', function(){
-       // executed for stage and production
-     });
-  
-  ## Note
-  
-   These callbacks are invoked immediately, and
-   are effectively sugar for the following.
-  
-      var env = process.env.NODE_ENV || 'development';
-  
-       switch (env) {
-         case 'development':
-           ...
-           break;
-         case 'stage':
-           ...
-           break;
-         case 'production':
-           ...
-           break;
-       }
-
-# app.all()
-
-  Special-cased "all" method, applying the given route `path`,
-  middleware, and callback to _every_ HTTP method.
-
-# app.render()
-
-  Render the given view `name` name with `options`
-  and a callback accepting an error and the
-  rendered template string.
-  
-  ## Example
-  
-     app.render('email', { name: 'Tobi' }, function(err, html){
-       // ...
-     })
-
-# app.listen()
-
-  Listen for connections.
-  
-  A node `http.Server` is returned, with this
-  application (which is a `Function`) as its
-  callback. If you wish to create both an HTTP
-  and HTTPS server you may do so with the "http"
-  and "https" modules as shown here.
-  
-     var http = require('http')
-       , https = require('https')
-       , express = require('express')
-       , app = express();
-  
-     http.createServer(app).listen(80);
-     http.createServer({ ... }, app).listen(443);
-
@@ -1,506 +0,0 @@
-
-# app
-
-  Application prototype.
-
-# app.use()
-
-  Proxy `connect#use()` to apply settings to
-  mounted applications.
-
-# app.engine()
-
-  Register the given template engine callback `fn`
-  as `ext`.
-  
-  By default will `require()` the engine based on the
-  file extension. For example if you try to render
-  a "foo.jade" file Express will invoke the following internally:
-  
-      app.engine('jade', require('jade').__express);
-  
-  For engines that do not provide `.__express` out of the box,
-  or if you wish to "map" a different extension to the template engine
-  you may use this method. For example mapping the EJS template engine to
-  ".html" files
-  
-      app.engine('html', require('ejs').renderFile);
-  
-  In this case EJS provides a `.renderFile()` method with
-  the same signature that Express expects: `(path, options, callback)`,
-  though note that it aliases this method as `ejs.__express` internally
-  so if you're using ".ejs" extensions you dont need to do anything.
-  
-  Some template engines do not follow this convention, the
-  [Consolidate.js](https://github.com/visionmedia/consolidate.js)
-  library was created to map all of node's popular template
-  engines to follow this convention, thus allowing them to
-  work seemlessly within Express.
-
-# app.param()
-
-  Map the given param placeholder `name`(s) to the given callback(s).
-  
-  Parameter mapping is used to provide pre-conditions to routes
-  which use normalized placeholders. For example a _:user_id_ parameter
-  could automatically load a user's information from the database without
-  any additional code,
-  
-  The callback uses the samesignature as middleware, the only differencing
-  being that the value of the placeholder is passed, in this case the _id_
-  of the user. Once the `next()` function is invoked, just like middleware
-  it will continue on to execute the route, or subsequent parameter functions.
-  
-       app.param('user_id', function(req, res, next, id){
-         User.find(id, function(err, user){
-           if (err) {
-             next(err);
-           } else if (user) {
-             req.user = user;
-             next();
-           } else {
-             next(new Error('failed to load user'));
-           }
-         });
-       });
-
-# app.set()
-
-  Assign `setting` to `val`, or return `setting`'s value.
-  
-     app.set('foo', 'bar');
-     app.get('foo');
-     // => "bar"
-  
-  Mounted servers inherit their parent server's settings.
-
-# app.enabled()
-
-  Check if `setting` is enabled (truthy).
-  
-     app.enabled('foo')
-     // => false
-  
-     app.enable('foo')
-     app.enabled('foo')
-     // => true
-
-# app.disabled()
-
-  Check if `setting` is disabled.
-  
-     app.disabled('foo')
-     // => true
-  
-     app.enable('foo')
-     app.disabled('foo')
-     // => false
-
-# app.enable()
-
-  Enable `setting`.
-
-# app.disable()
-
-  Disable `setting`.
-
-# app.configure()
-
-  Configure callback for zero or more envs,
-  when no `env` is specified that callback will
-  be invoked for all environments. Any combination
-  can be used multiple times, in any order desired.
-  
-  ## Examples
-  
-     app.configure(function(){
-       // executed for all envs
-     });
-  
-     app.configure('stage', function(){
-       // executed staging env
-     });
-  
-     app.configure('stage', 'production', function(){
-       // executed for stage and production
-     });
-  
-  ## Note
-  
-   These callbacks are invoked immediately, and
-   are effectively sugar for the following.
-  
-      var env = process.env.NODE_ENV || 'development';
-  
-       switch (env) {
-         case 'development':
-           ...
-           break;
-         case 'stage':
-           ...
-           break;
-         case 'production':
-           ...
-           break;
-       }
-
-# app.all()
-
-  Special-cased "all" method, applying the given route `path`,
-  middleware, and callback to _every_ HTTP method.
-
-# app.render()
-
-  Render the given view `name` name with `options`
-  and a callback accepting an error and the
-  rendered template string.
-  
-  ## Example
-  
-     app.render('email', { name: 'Tobi' }, function(err, html){
-       // ...
-     })
-
-# app.listen()
-
-  Listen for connections.
-  
-  A node `http.Server` is returned, with this
-  application (which is a `Function`) as its
-  callback. If you wish to create both an HTTP
-  and HTTPS server you may do so with the "http"
-  and "https" modules as shown here.
-  
-     var http = require('http')
-       , https = require('https')
-       , express = require('express')
-       , app = express();
-  
-     http.createServer(app).listen(80);
-     http.createServer({ ... }, app).listen(443);
-
-
-# req
-
-  Request prototype.
-
-# req.get
-
-  Return request header.
-  
-  The `Referrer` header field is special-cased,
-  both `Referrer` and `Referer` are interchangeable.
-  
-  ## Examples
-  
-      req.get('Content-Type');
-      // => "text/plain"
-      
-      req.get('content-type');
-      // => "text/plain"
-      
-      req.get('Something');
-      // => undefined
-  
-  Aliased as `req.header()`.
-
-# req.accepts()
-
-  Check if the given `type(s)` is acceptable, returning
-  the best match when true, otherwise `undefined`, in which
-  case you should respond with 406 "Not Acceptable".
-  
-  The `type` value may be a single mime type string
-  such as "application/json", the extension name
-  such as "json", a comma-delimted list such as "json, html, text/plain",
-  or an array `["json", "html", "text/plain"]`. When a list
-  or array is given the _best_ match, if any is returned.
-  
-  ## Examples
-  
-      // Accept: text/html
-      req.accepts('html');
-      // => "html"
-  
-      // Accept: text/*, application/json
-      req.accepts('html');
-      // => "html"
-      req.accepts('text/html');
-      // => "text/html"
-      req.accepts('json, text');
-      // => "json"
-      req.accepts('application/json');
-      // => "application/json"
-  
-      // Accept: text/*, application/json
-      req.accepts('image/png');
-      req.accepts('png');
-      // => undefined
-  
-      // Accept: text/*;q=.5, application/json
-      req.accepts(['html', 'json']);
-      req.accepts('html, json');
-      // => "json"
-
-# req.acceptsCharset()
-
-  Check if the given `charset` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.acceptsLanguage()
-
-  Check if the given `lang` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.param()
-
-  Return the value of param `name` when present or `defaultValue`.
-  
-   - Checks route placeholders, ex: _/user/:id_
-   - Checks body params, ex: id=12, {"id":12}
-   - Checks query string params, ex: ?id=12
-  
-  To utilize request bodies, `req.body`
-  should be an object. This can be done by using
-  the `connect.bodyParser()` middleware.
-
-# req.is()
-
-  Check if the incoming request contains the "Content-Type" 
-  header field, and it contains the give mime `type`.
-  
-  ## Examples
-  
-       // With Content-Type: text/html; charset=utf-8
-       req.is('html');
-       req.is('text/html');
-       req.is('text/*');
-       // => true
-      
-       // When Content-Type is application/json
-       req.is('json');
-       req.is('application/json');
-       req.is('application/*');
-       // => true
-      
-       req.is('html');
-       // => false
-
-
-# res
-
-  Response prototype.
-
-# res.status()
-
-  Set status `code`.
-
-# res.send()
-
-  Send a response.
-  
-  ## Examples
-  
-      res.send(new Buffer('wahoo'));
-      res.send({ some: 'json' });
-      res.send('<p>some html</p>');
-      res.send(404, 'Sorry, cant find that');
-      res.send(404);
-
-# res.json()
-
-  Send JSON response.
-  
-  ## Examples
-  
-      res.json(null);
-      res.json({ user: 'tj' });
-      res.json(500, 'oh noes!');
-      res.json(404, 'I dont have that');
-
-# res.sendfile()
-
-  Transfer the file at the given `path`.
-  
-  Automatically sets the _Content-Type_ response header field.
-  The callback `fn(err)` is invoked when the transfer is complete
-  or when an error occurs. Be sure to check `res.sentHeader`
-  if you wish to attempt responding, as the header and some data
-  may have already been transferred.
-  
-  ## Options
-  
-    - `maxAge` defaulting to 0
-    - `root`   root directory for relative filenames
-  
-  ## Examples
-  
-   The following example illustrates how `res.sendfile()` may
-   be used as an alternative for the `static()` middleware for
-   dynamic situations. The code backing `res.sendfile()` is actually
-   the same code, so HTTP cache support etc is identical.
-  
-      app.get('/user/:uid/photos/:file', function(req, res){
-        var uid = req.params.uid
-          , file = req.params.file;
-      
-        req.user.mayViewFilesFrom(uid, function(yes){
-          if (yes) {
-            res.sendfile('/uploads/' + uid + '/' + file);
-          } else {
-            res.send(403, 'Sorry! you cant see that.');
-          }
-        });
-      });
-
-# res.download()
-
-  Transfer the file at the given `path` as an attachment.
-  
-  Optionally providing an alternate attachment `filename`,
-  and optional callback `fn(err)`. The callback is invoked
-  when the data transfer is complete, or when an error has
-  ocurred. Be sure to check `res.headerSent` if you plan to respond.
-  
-  This method uses `res.sendfile()`.
-
-# res.format()
-
-  Respond to the Acceptable formats using an `obj`
-  of mime-type callbacks.
-  
-  This method uses `req.accepted`, an array of
-  acceptable types ordered by their quality values.
-  When "Accept" is not present the _first_ callback
-  is invoked, otherwise the first match is used. When
-  no match is performed the server responds with
-  406 "Not Acceptable".
-  
-  Content-Type is set for you, however if you choose
-  you may alter this within the callback using `res.type()`
-  or `res.set('Content-Type', ...)`.
-  
-     res.format({
-       'text/plain': function(){
-         res.send('hey');
-       },
-     
-       'text/html': function(){
-         res.send('<p>hey</p>');
-       },
-     
-       'appliation/json': function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  In addition to canonicalized MIME types you may
-  also use extnames mapped to these types:
-  
-     res.format({
-       text: function(){
-         res.send('hey');
-       },
-     
-       html: function(){
-         res.send('<p>hey</p>');
-       },
-     
-       json: function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  By default Express passes an `Error`
-  with a `.status` of 406 to `next(err)`
-  if a match is not made, however you may
-  provide an optional callback `fn` to
-  be invoked instead.
-
-# res.attachment()
-
-  Set _Content-Disposition_ header to _attachment_ with optional `filename`.
-
-# res.set
-
-  Set header `field` to `val`, or pass
-  an object of header fields.
-  
-  ## Examples
-  
-     res.set('Accept', 'application/json');
-     res.set({ Accept: 'text/plain', 'X-API-Key': 'tobi' });
-  
-  Aliased as `res.header()`.
-
-# res.get()
-
-  Get value for header `field`.
-
-# res.clearCookie()
-
-  Clear cookie `name`.
-
-# res.cookie()
-
-  Set cookie `name` to `val`, with the given `options`.
-  
-  ## Options
-  
-     - `maxAge`   max-age in milliseconds, converted to `expires`
-     - `signed`   sign the cookie
-     - `path`     defaults to "/"
-  
-  ## Examples
-  
-     // "Remember Me" for 15 minutes
-     res.cookie('rememberme', '1', { expires: new Date(Date.now() + 900000), httpOnly: true });
-  
-     // save as above
-     res.cookie('rememberme', '1', { maxAge: 900000, httpOnly: true })
-
-# res.redirect()
-
-  Redirect to the given `url` with optional response `status`
-  defaulting to 302.
-  
-  The given `url` can also be the name of a mapped url, for
-  example by default express supports "back" which redirects
-  to the _Referrer_ or _Referer_ headers or "/".
-  
-  ## Examples
-  
-     res.redirect('/foo/bar');
-     res.redirect('http://example.com');
-     res.redirect(301, 'http://example.com');
-     res.redirect('../login'); // /blog/post/1 -> /blog/login
-  
-  ## Mounting
-  
-    When an application is mounted, and `res.redirect()`
-    is given a path that does _not_ lead with "/". For 
-    example suppose a "blog" app is mounted at "/blog",
-    the following redirect would result in "/blog/login":
-  
-       res.redirect('login');
-  
-    While the leading slash would result in a redirect to "/login":
-  
-       res.redirect('/login');
-
-# res.render()
-
-  Render `view` with the given `options` and optional callback `fn`.
-  When a callback function is given a response will _not_ be made
-  automatically, otherwise a response of _200_ and _text/html_ is given.
-  
-  ## Options
-   
-   - `status`    Response status code (`res.statusCode`)
-   - `charset`   Set the charset (`res.charset`)
-  
-  ## Reserved locals
-  
-   - `cache`     boolean hinting to the engine it should cache
-   - `filename`  filename of the view being rendered
-
@@ -1,107 +0,0 @@
-
-# req
-
-  Request prototype.
-
-# req.get
-
-  Return request header.
-  
-  The `Referrer` header field is special-cased,
-  both `Referrer` and `Referer` are interchangeable.
-  
-  ## Examples
-  
-      req.get('Content-Type');
-      // => "text/plain"
-      
-      req.get('content-type');
-      // => "text/plain"
-      
-      req.get('Something');
-      // => undefined
-  
-  Aliased as `req.header()`.
-
-# req.accepts()
-
-  Check if the given `type(s)` is acceptable, returning
-  the best match when true, otherwise `undefined`, in which
-  case you should respond with 406 "Not Acceptable".
-  
-  The `type` value may be a single mime type string
-  such as "application/json", the extension name
-  such as "json", a comma-delimted list such as "json, html, text/plain",
-  or an array `["json", "html", "text/plain"]`. When a list
-  or array is given the _best_ match, if any is returned.
-  
-  ## Examples
-  
-      // Accept: text/html
-      req.accepts('html');
-      // => "html"
-  
-      // Accept: text/*, application/json
-      req.accepts('html');
-      // => "html"
-      req.accepts('text/html');
-      // => "text/html"
-      req.accepts('json, text');
-      // => "json"
-      req.accepts('application/json');
-      // => "application/json"
-  
-      // Accept: text/*, application/json
-      req.accepts('image/png');
-      req.accepts('png');
-      // => undefined
-  
-      // Accept: text/*;q=.5, application/json
-      req.accepts(['html', 'json']);
-      req.accepts('html, json');
-      // => "json"
-
-# req.acceptsCharset()
-
-  Check if the given `charset` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.acceptsLanguage()
-
-  Check if the given `lang` is acceptable,
-  otherwise you should respond with 406 "Not Acceptable".
-
-# req.param()
-
-  Return the value of param `name` when present or `defaultValue`.
-  
-   - Checks route placeholders, ex: _/user/:id_
-   - Checks body params, ex: id=12, {"id":12}
-   - Checks query string params, ex: ?id=12
-  
-  To utilize request bodies, `req.body`
-  should be an object. This can be done by using
-  the `connect.bodyParser()` middleware.
-
-# req.is()
-
-  Check if the incoming request contains the "Content-Type" 
-  header field, and it contains the give mime `type`.
-  
-  ## Examples
-  
-       // With Content-Type: text/html; charset=utf-8
-       req.is('html');
-       req.is('text/html');
-       req.is('text/*');
-       // => true
-      
-       // When Content-Type is application/json
-       req.is('json');
-       req.is('application/json');
-       req.is('application/*');
-       // => true
-      
-       req.is('html');
-       // => false
-
@@ -1,218 +0,0 @@
-
-# res
-
-  Response prototype.
-
-# res.status()
-
-  Set status `code`.
-
-# res.send()
-
-  Send a response.
-  
-  ## Examples
-  
-      res.send(new Buffer('wahoo'));
-      res.send({ some: 'json' });
-      res.send('<p>some html</p>');
-      res.send(404, 'Sorry, cant find that');
-      res.send(404);
-
-# res.json()
-
-  Send JSON response.
-  
-  ## Examples
-  
-      res.json(null);
-      res.json({ user: 'tj' });
-      res.json(500, 'oh noes!');
-      res.json(404, 'I dont have that');
-
-# res.sendfile()
-
-  Transfer the file at the given `path`.
-  
-  Automatically sets the _Content-Type_ response header field.
-  The callback `fn(err)` is invoked when the transfer is complete
-  or when an error occurs. Be sure to check `res.sentHeader`
-  if you wish to attempt responding, as the header and some data
-  may have already been transferred.
-  
-  ## Options
-  
-    - `maxAge` defaulting to 0
-    - `root`   root directory for relative filenames
-  
-  ## Examples
-  
-   The following example illustrates how `res.sendfile()` may
-   be used as an alternative for the `static()` middleware for
-   dynamic situations. The code backing `res.sendfile()` is actually
-   the same code, so HTTP cache support etc is identical.
-  
-      app.get('/user/:uid/photos/:file', function(req, res){
-        var uid = req.params.uid
-          , file = req.params.file;
-      
-        req.user.mayViewFilesFrom(uid, function(yes){
-          if (yes) {
-            res.sendfile('/uploads/' + uid + '/' + file);
-          } else {
-            res.send(403, 'Sorry! you cant see that.');
-          }
-        });
-      });
-
-# res.download()
-
-  Transfer the file at the given `path` as an attachment.
-  
-  Optionally providing an alternate attachment `filename`,
-  and optional callback `fn(err)`. The callback is invoked
-  when the data transfer is complete, or when an error has
-  ocurred. Be sure to check `res.headerSent` if you plan to respond.
-  
-  This method uses `res.sendfile()`.
-
-# res.format()
-
-  Respond to the Acceptable formats using an `obj`
-  of mime-type callbacks.
-  
-  This method uses `req.accepted`, an array of
-  acceptable types ordered by their quality values.
-  When "Accept" is not present the _first_ callback
-  is invoked, otherwise the first match is used. When
-  no match is performed the server responds with
-  406 "Not Acceptable".
-  
-  Content-Type is set for you, however if you choose
-  you may alter this within the callback using `res.type()`
-  or `res.set('Content-Type', ...)`.
-  
-     res.format({
-       'text/plain': function(){
-         res.send('hey');
-       },
-     
-       'text/html': function(){
-         res.send('<p>hey</p>');
-       },
-     
-       'appliation/json': function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  In addition to canonicalized MIME types you may
-  also use extnames mapped to these types:
-  
-     res.format({
-       text: function(){
-         res.send('hey');
-       },
-     
-       html: function(){
-         res.send('<p>hey</p>');
-       },
-     
-       json: function(){
-         res.send({ message: 'hey' });
-       }
-     });
-  
-  By default Express passes an `Error`
-  with a `.status` of 406 to `next(err)`
-  if a match is not made, however you may
-  provide an optional callback `fn` to
-  be invoked instead.
-
-# res.attachment()
-
-  Set _Content-Disposition_ header to _attachment_ with optional `filename`.
-
-# res.set
-
-  Set header `field` to `val`, or pass
-  an object of header fields.
-  
-  ## Examples
-  
-     res.set('Accept', 'application/json');
-     res.set({ Accept: 'text/plain', 'X-API-Key': 'tobi' });
-  
-  Aliased as `res.header()`.
-
-# res.get()
-
-  Get value for header `field`.
-
-# res.clearCookie()
-
-  Clear cookie `name`.
-
-# res.cookie()
-
-  Set cookie `name` to `val`, with the given `options`.
-  
-  ## Options
-  
-     - `maxAge`   max-age in milliseconds, converted to `expires`
-     - `signed`   sign the cookie
-     - `path`     defaults to "/"
-  
-  ## Examples
-  
-     // "Remember Me" for 15 minutes
-     res.cookie('rememberme', '1', { expires: new Date(Date.now() + 900000), httpOnly: true });
-  
-     // save as above
-     res.cookie('rememberme', '1', { maxAge: 900000, httpOnly: true })
-
-# res.redirect()
-
-  Redirect to the given `url` with optional response `status`
-  defaulting to 302.
-  
-  The given `url` can also be the name of a mapped url, for
-  example by default express supports "back" which redirects
-  to the _Referrer_ or _Referer_ headers or "/".
-  
-  ## Examples
-  
-     res.redirect('/foo/bar');
-     res.redirect('http://example.com');
-     res.redirect(301, 'http://example.com');
-     res.redirect('../login'); // /blog/post/1 -> /blog/login
-  
-  ## Mounting
-  
-    When an application is mounted, and `res.redirect()`
-    is given a path that does _not_ lead with "/". For 
-    example suppose a "blog" app is mounted at "/blog",
-    the following redirect would result in "/blog/login":
-  
-       res.redirect('login');
-  
-    While the leading slash would result in a redirect to "/login":
-  
-       res.redirect('/login');
-
-# res.render()
-
-  Render `view` with the given `options` and optional callback `fn`.
-  When a callback function is given a response will _not_ be made
-  automatically, otherwise a response of _200_ and _text/html_ is given.
-  
-  ## Options
-   
-   - `status`    Response status code (`res.statusCode`)
-   - `charset`   Set the charset (`res.charset`)
-  
-  ## Reserved locals
-  
-   - `cache`     boolean hinting to the engine it should cache
-   - `filename`  filename of the view being rendered
-
@@ -1,10 +1,12 @@
-
 /**
 * Module dependencies.
 */

-var express = require('../../lib/express')
-  , hash = require('./pass').hash;
+var express = require('../..')
+  , hash = require('./pass').hash
+  , bodyParser = require('body-parser')
+  , cookieParser = require('cookie-parser')
+  , session = require('express-session')

 var app = module.exports = express();

@@ -15,9 +17,9 @@ app.set('views', __dirname + '/views');

 // middleware

-app.use(express.bodyParser());
-app.use(express.cookieParser('shhhh, very secret'));
-app.use(express.session());
+app.use(bodyParser());
+app.use(cookieParser('shhhh, very secret'));
+app.use(session());

 // Session-persisted message middleware

@@ -50,6 +52,7 @@ hash('foobar', function(err, salt, hash){


 // Authenticate using our plain-object database of doom!
+
 function authenticate(name, pass, fn) {
  if (!module.parent) console.log('authenticating %s:%s', name, pass);
  var user = users[name];
@@ -79,7 +82,7 @@ app.get('/', function(req, res){
 });

 app.get('/restricted', restrict, function(req, res){
-  res.send('Wahoo! restricted area');
+  res.send('Wahoo! restricted area, click to <a href="/logout">logout</a>');
 });

 app.get('/logout', function(req, res){
@@ -91,11 +94,6 @@ app.get('/logout', function(req, res){
 });

 app.get('/login', function(req, res){
-  if (req.session.user) {
-    req.session.success = 'Authenticated as ' + req.session.user.name
-      + ' click to <a href="/logout">logout</a>. '
-      + ' You may now access <a href="/restricted">/restricted</a>.';
-  }
  res.render('login');
 });

@@ -109,6 +107,9 @@ app.post('/login', function(req, res){
        // in the session store to be retrieved,
        // or in this case the entire user object
        req.session.user = user;
+        req.session.success = 'Authenticated as ' + user.name
+          + ' click to <a href="/logout">logout</a>. '
+          + ' You may now access <a href="/restricted">/restricted</a>.';
        res.redirect('back');
      });
    } else {
@@ -123,4 +124,4 @@ app.post('/login', function(req, res){
 if (!module.parent) {
  app.listen(3000);
  console.log('Express started on port 3000');
-}
+}
@@ -31,7 +31,9 @@ var iterations = 12000;

 exports.hash = function (pwd, salt, fn) {
  if (3 == arguments.length) {
-    crypto.pbkdf2(pwd, salt, iterations, len, fn);
+    crypto.pbkdf2(pwd, salt, iterations, len, function(err, hash){
+      fn(err, hash.toString('base64'));
+    });
  } else {
    fn = salt;
    crypto.randomBytes(len, function(err, salt){
@@ -39,7 +41,7 @@ exports.hash = function (pwd, salt, fn) {
      salt = salt.toString('base64');
      crypto.pbkdf2(pwd, salt, iterations, len, function(err, hash){
        if (err) return fn(err);
-        fn(null, salt, hash);
+        fn(null, salt, hash.toString('base64'));
      });
    });
  }
@@ -0,0 +1,2 @@
+  </body>
+</html>
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
  <head>
-    <title>Authentication Example</title>
+    <title><%= title %></title>
    <style>
      body {
        padding: 50px;
@@ -16,6 +16,3 @@
    </style>
  </head>
  <body>
-    <%- body %>
-  </body>
-</html>
@@ -1,3 +1,7 @@
+
+<% var title = 'Authentication Example' %>
+<% include head %>
+
 <h1>Login</h1>
 <%- message %>
 Try accessing <a href="/restricted">/restricted</a>, then authenticate with "tj" and "foobar".
@@ -13,4 +17,6 @@ Try accessing <a href="/restricted">/restricted</a>, then authenticate with "tj"
  <p>
    <input type="submit" value="Login">
  </p>
-</form>
+</form>
+
+<% include foot %>
@@ -1,5 +1,6 @@

 var express = require('../..')
+  , logger = require('morgan')
  , app = express();

 app.set('views', __dirname);
@@ -14,11 +15,11 @@ while (n--) {
  pets.push({ name: 'Jane', age: 6, species: 'ferret' });
 }

-app.use(express.logger('dev'));
+app.use(logger('dev'));

 app.get('/', function(req, res){
  res.render('pets', { pets: pets });
 });

 app.listen(3000);
-console.log('Express listening on port 3000');
+console.log('Express listening on port 3000');
@@ -1,4 +1,4 @@
-style
+style.
  body {
    padding: 50px;
    font: 16px "Helvetica Neue", Helvetica;
@@ -1,8 +1,9 @@
-
 var express = require('../../')
  , app = module.exports = express()
  , users = require('./db');

+// so either you can deal with different types of formatting 
+// for expected response in index.js
 app.get('/', function(req, res){
  res.format({
    html: function(){
@@ -24,10 +25,11 @@ app.get('/', function(req, res){
 });

 // or you could write a tiny middleware like
-// this to abstract make things a bit more declarative:
+// this to add a layer of abstraction
+// and make things a bit more declarative:

-function format(mod) {
-  var obj = require(mod);
+function format(path) {
+  var obj = require(path);
  return function(req, res){
    res.format(obj);
  }
@@ -38,4 +40,4 @@ app.get('/users', format('./users'));
 if (!module.parent) {
  app.listen(3000);
  console.log('listening on port 3000');
-}
+}
@@ -4,17 +4,19 @@
 */

 var express = require('../../');
+var favicon = require('static-favicon');
+var cookie-parser = require('cookie-parser');

 var app = module.exports = express();

 // ignore GET /favicon.ico
-app.use(express.favicon());
+app.use(favicon());

 // pass a secret to cookieParser() for signed cookies
-app.use(express.cookieParser('manny is cool'));
+app.use(cookieParser('manny is cool'));

 // add req.session cookie support
-app.use(express.cookieSession());
+app.use(cookieSession());

 // do something with the session
 app.use(count);
@@ -29,4 +31,4 @@ function count(req, res) {
 if (!module.parent) {
  app.listen(3000);
  console.log('Express server listening on port 3000');
-}
+}
@@ -4,7 +4,11 @@
 */

 var express = require('../../')
-  , app = module.exports = express();
+  , app = module.exports = express()
+  , favicon = require('static-favicon')
+  , logger = require('morgan')
+  , cookieParser = require('cookie-parser')
+  , bodyParser = require('body-parser')


 // add favicon() before logger() so
@@ -12,20 +16,20 @@ var express = require('../../')
 // logged, because this middleware
 // reponds to /favicon.ico and does not
 // call next()
-app.use(express.favicon());
+app.use(favicon());

 // custom log format
 if ('test' != process.env.NODE_ENV)
-  app.use(express.logger(':method :url'));
+  app.use(logger(':method :url'));

 // parses request cookies, populating
 // req.cookies and req.signedCookies
-// when the secret is passed, used 
+// when the secret is passed, used
 // for signing the cookies.
-app.use(express.cookieParser('my secret here'));
+app.use(cookieParser('my secret here'));

 // parses json, x-www-form-urlencoded, and multipart/form-data
-app.use(express.bodyParser());
+app.use(bodyParser());

 app.get('/', function(req, res){
  if (req.cookies.remember) {
@@ -51,4 +55,4 @@ app.post('/', function(req, res){
 if (!module.parent){
  app.listen(3000);
  console.log('Express started on port 3000');
-}
+}
@@ -0,0 +1,48 @@
+/**
+ * Module dependencies.
+ */
+
+var express = require('../..')
+  , logger = require('morgan')
+  , app = express()
+  , bodyParser = require('body-parser')
+  , api = express();
+
+// app middleware
+
+app.use(express.static(__dirname + '/public'));
+
+// api middleware
+
+api.use(logger('dev'));
+api.use(bodyParser());
+
+/**
+ * CORS support.
+ */
+
+api.all('*', function(req, res, next){
+  if (!req.get('Origin')) return next();
+  // use "*" here to accept any origin
+  res.set('Access-Control-Allow-Origin', 'http://localhost:3000');
+  res.set('Access-Control-Allow-Methods', 'GET, POST');
+  res.set('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type');
+  // res.set('Access-Control-Allow-Max-Age', 3600);
+  if ('OPTIONS' == req.method) return res.send(200);
+  next();
+});
+
+/**
+ * POST a user.
+ */
+
+api.post('/user', function(req, res){
+  console.log(req.body);
+  res.send(201);
+});
+
+app.listen(3000);
+api.listen(3001);
+
+console.log('app listening on 3000');
+console.log('api listening on 3001');
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+  <body>
+    <script>
+      var req = new XMLHttpRequest;
+      req.open('POST', 'http://localhost:3001/user', false);
+      req.setRequestHeader('Content-Type', 'application/json');
+      req.send('{"name":"tobi","species":"ferret"}');
+      console.log(req.responseText);
+    </script>
+  </body>
+</html>
@@ -31,16 +31,20 @@ app.set('view engine', 'html');

 // Dummy users
 var users = [
-    { name: 'tobi', email: 'tobi@learnboost.com' }
-  , { name: 'loki', email: 'loki@learnboost.com' }
-  , { name: 'jane', email: 'jane@learnboost.com' }
+  { name: 'tobi', email: 'tobi@learnboost.com' },
+  { name: 'loki', email: 'loki@learnboost.com' },
+  { name: 'jane', email: 'jane@learnboost.com' }
 ];

 app.get('/', function(req, res){
-  res.render('users', { users: users });
+  res.render('users', {
+    users: users,
+    title: "EJS example",
+    header: "Some users"
+  });
 });

 if (!module.parent) {
  app.listen(3000);
  console.log('Express app started on port 3000');
-}
+}
@@ -0,0 +1,2 @@
+</body>
+</html>
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title> <%= title %> </title>
+  <style type="text/css">
+    body {
+      padding: 50px;
+      font: 13px Helvetica, Arial, sans-serif;
+    }
+  </style>
+</head>
+<body>
@@ -1,6 +1,10 @@
+<% include header.html %>
+
 <h1>Users</h1>
 <ul id="users">
  <% users.forEach(function(user){ %>
-    <li><%= user.name %> <%= user.email %></li>
+    <li><%= user.name %> &lt;<%= user.email %>&gt;</li>
  <% }) %>
-</ul>
+</ul>
+
+<% include footer.html %>
@@ -1,27 +1,58 @@
-
 /**
 * Module dependencies.
 */

 var express = require('../../')
  , app = module.exports = express()
+  , logger = require('morgan')
+  , favicon = require('static-favicon')
  , silent = 'test' == process.env.NODE_ENV;

+// general config
 app.set('views', __dirname + '/views');
 app.set('view engine', 'jade');

-app.use(express.favicon());
+// our custom "verbose errors" setting
+// which we can use in the templates
+// via settings['verbose errors']
+app.enable('verbose errors');

-silent || app.use(express.logger('dev'));
+// disable them in production
+// use $ NODE_ENV=production node examples/error-pages
+if ('production' == app.settings.env) {
+  app.disable('verbose errors');
+}

-// "app.router" positions our routes 
-// above the middleware defined below,
-// this means that Express will attempt
-// to match & call routes _before_ continuing
-// on, at which point we assume it's a 404 because
-// no route has handled the request.
+app.use(favicon());

-app.use(app.router);
+silent || app.use(logger('dev'));
+
+// Routes
+
+app.get('/', function(req, res){
+  res.render('index.jade');
+});
+
+app.get('/404', function(req, res, next){
+  // trigger a 404 since no other middleware
+  // will match /404 after this one, and we're not
+  // responding here
+  next();
+});
+
+app.get('/403', function(req, res, next){
+  // trigger a 403 error
+  var err = new Error('not allowed!');
+  err.status = 403;
+  next(err);
+});
+
+app.get('/500', function(req, res, next){
+  // trigger a generic (500) error
+  next(new Error('keyboard cat!'));
+});
+
+// Error handlers

 // Since this is the last non-error-handling
 // middleware use()d, we assume 404, as nothing else
@@ -32,9 +63,10 @@ app.use(app.router);
 // $ curl http://localhost:3000/notfound -H "Accept: text/plain"

 app.use(function(req, res, next){
+  res.status(404);
+
  // respond with html page
  if (req.accepts('html')) {
-    res.status(404);
    res.render('404', { url: req.url });
    return;
  }
@@ -69,27 +101,8 @@ app.use(function(err, req, res, next){
  res.render('500', { error: err });
 });

-// Routes
-
-app.get('/', function(req, res){
-  res.render('index.jade');
-});
-
-app.get('/404', function(req, res, next){
-  next();
-});
-
-app.get('/403', function(req, res, next){
-  var err = new Error('not allowed!');
-  err.status = 403;
-  next(err);
-});
-
-app.get('/500', function(req, res, next){
-  next(new Error('keyboard cat!'));
-});

 if (!module.parent) {
  app.listen(3000);
  silent || console.log('Express started on port 3000');
-}
+}
@@ -7,4 +7,7 @@ extends error

 block content
  h1 Error: #{error.message}
-  pre= error.stack
+  if settings['verbose errors']
+    pre= error.stack
+  else
+    p An error ocurred!
@@ -8,8 +8,8 @@ block content
      | visit 
      a(href="/500") 500
    li
-      | visit
+      | visit 
      a(href="/404") 404
    li
-      | visit
+      | visit 
      a(href='/403') 403
@@ -4,17 +4,11 @@
 */

 var express = require('../../')
+  , logger = require('morgan')
  , app = module.exports = express()
  , test = app.get('env') == 'test';

-if (!test) app.use(express.logger('dev'));
-app.use(app.router);
-
-// the error handler is strategically
-// placed *below* the app.router; if it
-// were above it would not receive errors
-// from app.get() etc 
-app.use(error);
+if (!test) app.use(logger('dev'));

 // error handling middleware have an arity of 4
 // instead of the typical (req, res, next),
@@ -42,7 +36,12 @@ app.get('/next', function(req, res, next){
  });
 });

+// the error handler is placed after routes
+// if it were above it would not receive errors
+// from app.get() etc
+app.use(error);
+
 if (!module.parent) {
  app.listen(3000);
  console.log('Express started on port 3000');
-}
+}
@@ -1,5 +1,6 @@

 var express = require('../..')
+  , logger = require('morgan')
  , app = express();

 app.set('view engine', 'jade');
@@ -23,7 +24,7 @@ User.prototype.toJSON = function(){
  }
 };

-app.use(express.logger('dev'));
+app.use(logger('dev'));

 // earlier on expose an object
 // that we can tack properties on.
@@ -57,4 +58,4 @@ app.get('/user', function(req, res){
 });

 app.listen(3000);
-console.log('app listening on port 3000');
+console.log('app listening on port 3000');
@@ -1,7 +1,7 @@
 html
  head
    title Express
-    script
+    script.
      // call this whatever you like,
      // or dump them into individual
      // props like "var user ="
@@ -10,5 +10,5 @@ html
    h1 Expose client data
    p The following was exposed to the client:
    pre
-      script
+      script.
        document.write(JSON.stringify(data, null, 2))
@@ -9,10 +9,9 @@ var express = require('../../lib/express');

 var pub = __dirname + '/public';

-// Auto-compile sass to css with "compiler"
-// and then serve with connect's staticProvider
+// setup middleware

-var app = express.createServer();
+var app = express();
 app.use(app.router);
 app.use(express.static(pub));
 app.use(express.errorHandler());
@@ -1,3 +1,4 @@
 body {
  padding: 50px 80px;
-  font: 14px "Helvetica Nueue", "Lucida Grande", Arial, sans-serif;}
+  font: 14px "Helvetica Nueue", "Lucida Grande", Arial, sans-serif;
+}
@@ -1,5 +1,5 @@
-!!! 5
+doctype html
 html
  include header
  body
-    block content
+    block content
@@ -3,9 +3,9 @@
 * Module dependencies.
 */

-var express = require('../../')
+var express = require('../..')
  , fs = require('fs')
-  , md = require('github-flavored-markdown').parse;
+  , md = require('marked').parse;

 var app = module.exports = express();

@@ -42,4 +42,4 @@ app.get('/fail', function(req, res){
 if (!module.parent) {
  app.listen(3000);
  console.log('Express started on port 3000');
-}
+}
@@ -3,7 +3,7 @@
 * Module dependencies.
 */

-var express = require('../../')
+var express = require('../..')
  , format = require('util').format;

 var app = module.exports = express()
@@ -1,5 +1,8 @@
-
 var express = require('../..');
+var logger = require('morgan');
+var session = require('express-session');
+var cookieParser = require('cookie-parser');
+var bodyParser = require('body-parser');

 var app = module.exports = express();

@@ -26,20 +29,17 @@ app.response.message = function(msg){
 };

 // log
-if (!module.parent) app.use(express.logger('dev'));
+if (!module.parent) app.use(logger('dev'));

 // serve static files
 app.use(express.static(__dirname + '/public'));

 // session support
-app.use(express.cookieParser('some secret here'));
-app.use(express.session());
+app.use(cookieParser('some secret here'));
+app.use(session());

 // parse request bodies (req.body)
-app.use(express.bodyParser());
-
-// support _method (PUT in forms etc)
-app.use(express.methodOverride());
+app.use(bodyParser());

 // expose the "messages" local variable when views are rendered
 app.use(function(req, res, next){
@@ -58,10 +58,10 @@ app.use(function(req, res, next){
   });
  */

+  next();
  // empty or "flush" the messages so they
  // don't build up
  req.session.messages = [];
-  next();
 });

 // load controllers
@@ -90,4 +90,4 @@ app.use(function(req, res, next){
 if (!module.parent) {
  app.listen(3000);
  console.log('\n  listening on port 3000\n');
-}
+}
@@ -37,7 +37,6 @@ module.exports = function(parent, options){
        case 'show':
          method = 'get';
          path = '/' + name + '/:' + name + '_id';
-          app[method](path, obj[key]);
          break;
        case 'list':
          method = 'get';
@@ -0,0 +1,54 @@
+
+// first:
+// $ npm install redis online
+// $ redis-server
+
+/**
+ * Module dependencies.
+ */
+
+var express = require('../..')
+  , online = require('online')
+  , redis = require('redis')
+  , db = redis.createClient();
+
+// online
+
+online = online(db);
+
+// app
+
+var app = express();
+
+// activity tracking, in this case using
+// the UA string, you would use req.user.id etc
+
+app.use(function(req, res, next){
+  // fire-and-forget
+  online.add(req.headers['user-agent']);
+  next();
+});
+
+/**
+ * List helper.
+ */
+
+function list(ids) {
+  return '<ul>' + ids.map(function(id){
+    return '<li>' + id + '</li>';
+  }).join('') + '</ul>';
+}
+
+/**
+ * GET users online.
+ */
+
+app.get('/', function(req, res, next){
+  online.last(5, function(err, ids){
+    if (err) return next(err);
+    res.send('<p>Users online: ' + ids.length + '</p>' + list(ids));
+  });
+});
+
+app.listen(3000);
+console.log('listening on port 3000');
@@ -1,32 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express');
-
-var app = express.createServer();
-
-// Optional since express defaults to CWD/views
-
-app.set('views', __dirname + '/views');
-
-// Set our default template engine to "jade"
-// which prevents the need for extensions
-// (although you can still mix and match)
-app.set('view engine', 'jade');
-
-// Dummy record
-var ninja = {
-  name: 'leonardo',
-  summary: { email: 'hunter.loftis+github@gmail.com', master: 'splinter', description: 'peaceful leader' },
-  weapons: ['katana', 'fists', 'shell'],
-  victims: ['shredder', 'brain', 'beebop', 'rocksteady']
-};
-
-app.get('/', function(req, res){
-  res.render('ninja', { ninja: ninja });
-});
-
-app.listen(3000);
-console.log('Express app started on port 3000');
@@ -1,5 +0,0 @@
-!!!
-html
-  head
-    title Partials Example
-  body!= body
@@ -1 +0,0 @@
-li= value
@@ -1 +0,0 @@
-li.weapon= weapon
@@ -1,22 +0,0 @@
-h1= ninja.name
-
-// file, partial name, and partial object all match ('summary')
-// the partial filename prefix '_' is completely optional.
-
-// In this case we need to specify ninja.summary as the object
-// option, since it is a "plain" object Express cannot otherwise
-// tell if it is intended to be locals, or THE summary object
-#summary!= partial('summary', { object: ninja.summary })
-
-// file, partial name = '_weapon', resolves to 'weapon' object within partial
-#weapons
-  h2 Weapons
-  // the weapon partial is rendered once per item in
-  // the weapons array or "collection"
-  ul!= partial('weapon', ninja.weapons)
-  
-// partial name 'victim' resolves to 'victim.jade'
-// or 'victim/index.jade', providing the "victim" local
-#victims
-  h2 Victims
-  ul!= partial('victim', ninja.victims)
@@ -1,4 +0,0 @@
-h2 Summary
-p= summary.email
-p= summary.description
-p taught by master #{summary.master}
@@ -1,5 +0,0 @@
-// this is insane overkill, I do not recommend
-// doing tiny partials like this as it gets expensive
-// with collections, however this illustrates the new
-// partial lookup mechanism
-!= partial('../../li', { object: victim, as: 'value' })
@@ -1,26 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var vm = require('vm')
-  , fs = require('fs');
-
-module.exports = function(app, db){
-  var dir = __dirname + '/routes';
-  // grab a list of our route files
-  fs.readdirSync(dir).forEach(function(file){
-    var str = fs.readFileSync(dir + '/' + file, 'utf8');
-    // inject some pseudo globals by evaluating
-    // the file with vm.runInNewContext()
-    // instead of loading it with require(). require's
-    // internals use similar, so dont be afraid of "boot time".
-    var context = { app: app, db: db };
-    // we have to merge the globals for console, process etc
-    for (var key in global) context[key] = global[key];
-    // note that this is essentially no different than ... just using
-    // global variables, though it's only YOUR code that could influence
-    // them, which is a bonus.
-    vm.runInNewContext(str, context, file);
-  });
-};
@@ -1,20 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express')
-  , app = express()
-  , db = { users: [] };
-
-app.set('views', __dirname + '/views');
-app.set('view engine', 'jade');
-app.use(express.bodyParser());
-
-// pretend db is a database, could be
-// whatever you like
-require('./boot')(app, db);
-
-app.listen(3000);
-console.log('Express app started on port 3000');
-
@@ -1,4 +0,0 @@
-
-app.get('/', function(req, res){
-  res.render('index');
-});
@@ -1,18 +0,0 @@
-
-app.get('/users', function(req, res){
-  res.render('user/list', { users: db.users });
-});
-
-app.get('/user/add', function(req, res){
-  res.render('user/add');
-});
-
-app.post('/user', function(req, res){
-  var user = req.body.user;
-  db.users.push(user);
-  res.redirect('/users');
-});
-
-app.get('/user/:id', function(req, res){
-  res.render('user');
-});
@@ -1,8 +0,0 @@
-
-extends layout
-
-block content
-  h2 Route sharing example
-  ul
-    li: a(href='/user/add') Add user
-    li: a(href='/users') User list
@@ -1,11 +0,0 @@
-doctype html
-html
-  head
-    title Route loading example
-    style
-      body {
-        padding: 50px;
-        font: 14px/1.5 solid helvetica, arial, sans-serif;
-      }
-  body
-    block content
@@ -1,9 +0,0 @@
-
-extends ../layout
-
-block content
-  h2 Add a user
-  form(action='/user', method='post')
-    p: input(type='text', name='user[name]', placeholder='Username')
-    p: input(type='text', name='user[email]', placeholder='Email')
-    p: input(type='submit', value='Add')
@@ -1,10 +0,0 @@
-
-extends ../layout
-
-block content
-  h1= user.name
-  table
-    tbody
-      tr
-        td Email
-        td= user.email
@@ -1,10 +0,0 @@
-
-extends ../layout
-
-block content
-  h1 Users
-  if users.length
-    for user in users
-      include index
-  else
-    p No users, head over to <a href='/user/add'>/user/add</a> to create one.
@@ -4,7 +4,7 @@

 var express = require('../../lib/express');

-var app = express.createServer();
+var app = express();

 // Example requests:
 //     curl http://localhost:3000/user/0
@@ -3,18 +3,22 @@
 * Module dependencies.
 */

-var express = require('../../lib/express')
-  , app = express.createServer()
+var express = require('../..')
+  , app = express()
+  , logger = require('morgan')
+  , cookieParser = require('cookie-parser')
+  , bodyParser = require('body-parser')
  , site = require('./site')
  , post = require('./post')
  , user = require('./user');

 // Config

-app.set('view engine', 'ejs');
+app.set('view engine', 'jade');
 app.set('views', __dirname + '/views');
-app.use(express.cookieParser());
-app.use(express.methodOverride());
+app.use(logger('dev'));
+app.use(cookieParser());
+app.use(bodyParser());
 app.use(express.static(__dirname + '/public'));

 // General
@@ -35,4 +39,4 @@ app.put('/user/:id/edit', user.update);
 app.get('/posts', post.list);

 app.listen(3000);
-console.log('Express app started on port 3000');
+console.log('Express app started on port 3000');
@@ -2,9 +2,9 @@
 // Fake posts database

 var posts = [
-    { title: 'Foo', body: 'some foo bar' }
-  , { title: 'Foo bar', body: 'more foo bar' }
-  , { title: 'Foo bar baz', body: 'more foo bar baz' }
+  { title: 'Foo', body: 'some foo bar' },
+  { title: 'Foo bar', body: 'more foo bar' },
+  { title: 'Foo bar baz', body: 'more foo bar baz' }
 ];

 exports.list = function(req, res){
@@ -11,10 +11,10 @@ a.edit {
  opacity: .3;
 }
 a.edit::before {
-  content: '[ ';
+  content: ' [';
 }
 a.edit::after {
-  content: ' ]';
+  content: ']';
 }
 dt {
  font-weight: bold;
@@ -2,8 +2,8 @@
 // Fake user database

 var users = [
-    { name: 'TJ', email: 'tj@vision-media.ca' }
-  , { name: 'Tobi', email: 'tobi@vision-media.ca' }
+  { name: 'TJ', email: 'tj@vision-media.ca' },
+  { name: 'Tobi', email: 'tobi@vision-media.ca' }
 ];

 exports.list = function(req, res){
@@ -22,15 +22,15 @@ exports.load = function(req, res, next){

 exports.view = function(req, res){
  res.render('users/view', {
-      title: 'Viewing user ' + req.user.name
-    , user: req.user
+    title: 'Viewing user ' + req.user.name,
+    user: req.user
  });
 };

 exports.edit = function(req, res){
  res.render('users/edit', {
-      title: 'Editing user ' + req.user.name
-    , user: req.user
+    title: 'Editing user ' + req.user.name,
+    user: req.user
  });
 };

@@ -1,4 +0,0 @@
-<ul>
-  <li>Visit the <a href="/users">users</a> page</li>
-  <li>Visit the <a href="/posts">posts</a> page</li>
-</ul>
@@ -0,0 +1,6 @@
+extends layout
+
+block content
+  ul
+    li Visit the <a href="/users">users</a> page
+    li Visit the <a href="/posts">posts</a> page
@@ -1,9 +0,0 @@
-<html>
-  <head>
-    <title><%= title %></title>
-    <link href="/style.css" rel="stylesheet" />
-  </head>
-  <body>
-    <%- body %>
-  </body>
-</html>
@@ -0,0 +1,6 @@
+html
+  head
+    title= title
+    link(href="/style.css", rel="stylesheet")
+  body
+    block content
@@ -1,7 +0,0 @@
-<h1>Posts</h1>
-<dl id="posts">
-  <% posts.forEach(function(post){ %>
-    <dt><%= post.title %></dt>
-    <dd><%= post.body %></dd>
-  <% }) %>
-</dl>
@@ -0,0 +1,8 @@
+extends ../layout
+
+block content
+  h1 Posts
+  dl#posts
+    for post in posts
+      dt= post.title
+      dd= post.body
@@ -1,9 +0,0 @@
-<h1>Editing <%= user.name %></h1>
-<div id="user">
-  <form method="post">
-    <input type="hidden" value="put" name="_method" />
-    <p>Name: <input type="text" value="<%= user.name %>" name="user[name]"/></p>
-    <p>Email: <input type="text" value="<%= user.email %>" name="user[email]"/></p>
-    <p><input type="submit" value="Save" /></p>
-  </form>
-</div>
@@ -0,0 +1,13 @@
+extends ../layout
+
+block content
+  h1 Editing #{user.name}
+  #user
+    form(method="post")
+      input(type="hidden", value="put", name="_method")
+      p Name: 
+        input(type="text", value= user.name, name="user[name]")
+      p Email: 
+        input(type="text", value= user.email, name="user[email]")
+      p 
+        input(type="submit", value="Save")
@@ -1,9 +0,0 @@
-<h1>Users</h1>
-<ul id="users">
-  <% users.forEach(function(user, id){ %>
-    <li>
-      <a href="/user/<%= id %>"><%= user.name %></a>
-      <a class="edit" href="/user/<%= id %>/edit">edit</a>
-    </li>
-  <% }) %>
-</ul>
@@ -0,0 +1,9 @@
+extends ../layout
+
+block content
+  h1 Users
+  #users
+    for user, i in users
+      li
+        a(href="/user/#{i}")= user.name
+        a.edit(href="/user/#{i}/edit") edit
@@ -1,4 +0,0 @@
-<h1><%= user.name %></h1>
-<div id="user">
-  <p>Email: <%= user.email %></p>
-</div>
@@ -0,0 +1,6 @@
+extends ../layout
+
+block content
+  h1= user.name
+  #user
+    p Email: #{user.email}
@@ -1,44 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../')
-  , path = require('path')
-  , exec = require('child_process').exec
-  , fs = require('fs');
-
-/**
- * Error handler.
- */
-
-function errorHandler(voice) {
-  return function(err, req, res, next) {
-    var parts = err.stack.split('\n')[1].split(/[()]/)[1].split(':')
-      , filename = parts.shift()
-      , basename = path.basename(filename)
-      , lineno = parts.shift()
-      , col = parts.shift()
-      , lines = fs.readFileSync(filename, 'utf8').split('\n')
-      , line = lines[lineno - 1].replace(/\./, ' ');
-
-    exec('say -v "' + voice + '" '
-      + err.message
-      + ' on line ' + lineno
-      + ' of ' + basename + '.'
-      + ' The contents of this line is '
-      + ' "' + line + '".');
-
-    res.send(500);
-  }
-}
-
-var app = express.createServer();
-
-app.get('/', function(request, response){
-  if (request.is(foo)) response.end('bar');
-});
-
-app.use(errorHandler('Vicki'));
-
-app.listen(3000);
@@ -0,0 +1,14 @@
+
+var search = document.querySelector('[type=search]');
+var code = document.querySelector('pre');
+
+search.addEventListener('keyup', function(){
+  var xhr = new XMLHttpRequest;
+  xhr.open('GET', '/search/' + search.value, true);
+  xhr.onreadystatechange = function(){
+    if (4 == xhr.readyState) {
+      code.textContent = xhr.responseText;
+    }
+  };
+  xhr.send();
+}, false);
@@ -0,0 +1,61 @@
+
+// first:
+// $ npm install redis
+// $ redis-server
+
+/**
+ * Module dependencies.
+ */
+
+var express = require('../..')
+  , redis = require('redis')
+  , db = redis.createClient();
+
+// npm install redis
+
+var app = express();
+
+app.set('view engine', 'jade');
+app.set('views', __dirname);
+
+// populate search
+
+db.sadd('ferret', 'tobi');
+db.sadd('ferret', 'loki');
+db.sadd('ferret', 'jane');
+db.sadd('cat', 'manny');
+db.sadd('cat', 'luna');
+
+/**
+ * GET the search page.
+ */
+
+app.get('/', function(req, res){
+  res.render('search');
+});
+
+/**
+ * GET search for :query.
+ */
+
+app.get('/search/:query?', function(req, res){
+  var query = req.params.query;
+  db.smembers(query, function(err, vals){
+    if (err) return res.send(500);
+    res.send(vals);
+  });
+});
+
+/**
+ * GET client javascript. Here we use sendfile()
+ * because serving __dirname with the static() middleware
+ * would also mean serving our server "index.js" and the "search.jade"
+ * template.
+ */
+
+app.get('/client.js', function(req, res){
+  res.sendfile(__dirname + '/client.js');
+});
+
+app.listen(3000);
+console.log('app listening on port 3000');
@@ -0,0 +1,15 @@
+!!! 5
+html
+  head
+    title Search example
+    style.
+      body {
+        font: 14px "Helvetica Neue", Helvetica;
+        padding: 50px;
+      }
+  body
+    h2 Search
+    p Try searching for "ferret" or "cat".
+    input(type='search')
+    pre
+    script(src='client.js')
@@ -1,10 +1,12 @@

+// first:
+// $ npm install redis
+// $ redis-server
+
 var express = require('../..');

 var app = express();

-app.use(express.logger('dev'));
-
 // Required by session() middleware
 // pass the secret for signed cookies
 // (required by session())
@@ -25,4 +27,4 @@ app.get('/', function(req, res){
 });

 app.listen(3000);
-console.log('Express app started on port 3000');
+console.log('Express app started on port 3000');
@@ -0,0 +1,45 @@
+
+var express = require('../..');
+var logger = require('morgan');
+var app = express();
+
+// log requests
+app.use(logger('dev'));
+
+// express on its own has no notion
+// of a "file". The express.static()
+// middleware checks for a file matching
+// the `req.path` within the directory
+// that you pass it. In this case "GET /js/app.js"
+// will look for "./public/js/app.js".
+
+app.use(express.static(__dirname + '/public'));
+
+// if you wanted to "prefix" you may use
+// the mounting feature of Connect, for example
+// "GET /static/js/app.js" instead of "GET /js/app.js".
+// The mount-path "/static" is simply removed before
+// passing control to the express.static() middleware,
+// thus it serves the file correctly by ignoring "/static"
+app.use('/static', express.static(__dirname + '/public'));
+
+// if for some reason you want to serve files from
+// several directories, you can use express.static()
+// multiple times! Here we're passing "./public/css",
+// this will allow "GET /style.css" instead of "GET /css/style.css":
+app.use(express.static(__dirname + '/public/css'));
+
+// this examples does not have any routes, however
+// you may `app.use(app.router)` before or after these
+// static() middleware. If placed before them your routes
+// will be matched BEFORE file serving takes place. If placed
+// after as shown here then file serving is performed BEFORE
+// any routes are hit:
+app.use(app.router);
+
+app.listen(3000);
+console.log('listening on port 3000');
+console.log('try:');
+console.log('  GET /hello.txt');
+console.log('  GET /js/app.js');
+console.log('  GET /css/style.css');
@@ -0,0 +1,3 @@
+body {
+  
+}
@@ -0,0 +1 @@
+hey
@@ -0,0 +1 @@
+foo
@@ -1,51 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express')
-  , stylus = require('stylus');
-
-var app = express.createServer();
-
-// $ npm install stylus
-
-// completely optional, however
-// the compile function allows you to
-// define additional functions exposed to Stylus,
-// alter settings, etc
-
-function compile(str, path) {
-  return stylus(str)
-    .set('filename', path)
-    .set('compress', true);
-};
-
-// add the stylus middleware, which re-compiles when
-// a stylesheet has changed, compiling FROM src,
-// TO dest. dest is optional, defaulting to src
-
-app.use(stylus.middleware({
-    src: __dirname + '/views'
-  , dest: __dirname + '/public'
-  , compile: compile
-}));
-
-
-// minimal setup both reading and writting to ./public
-// would look like:
-//   app.use(stylus.middleware({ src: __dirname + '/public' }));
-
-// the middleware itself does not serve the static
-// css files, so we need to expose them with staticProvider
-
-app.use(express.static(__dirname + '/public'));
-
-app.set('views', __dirname + '/views');
-
-app.get('/', function(req, res){
-  res.render('index.jade');
-});
-
-app.listen(3000);
-console.log('server listening on port 3000');
@@ -1 +0,0 @@
-*.css
@@ -1,2 +0,0 @@
-h1 Stylus
-p Just an example of using Stylus with Express.
@@ -1,6 +0,0 @@
-html
-  head
-    title Stylus Example
-    link(rel='stylesheet', href='/reset.css')
-    link(rel='stylesheet', href='/main.css')
-  body!= body
@@ -1,8 +0,0 @@
-
-body
-  font 14px helvetica, arial, sans-serif
-  padding 50px
-  h1
-    font-size 50px
-  p
-    margin 15px 0
@@ -1,50 +0,0 @@
-
-/**
- * Module dependencies.
- */
-
-var express = require('../../lib/express');
-
-// Edit /etc/vhosts
-
-// First app
-
-var one = express.createServer();
-
-one.use(express.logger());
-
-one.get('/', function(req, res){
-  res.send('Hello from app one!')
-});
-
-one.get('/:sub', function(req, res){
-  res.send('requsted ' + req.params.sub);
-});
-
-// App two
-
-var two = express.createServer();
-
-two.get('/', function(req, res){
-  res.send('Hello from app two!')
-});
-
-// Redirect app
-
-var redirect = express.createServer();
-
-redirect.all('*', function(req, res){
-  console.log(req.subdomains);
-  res.redirect('http://localhost:3000/' + req.subdomains[0]);
-});
-
-// Main app
-
-var app = express.createServer();
-
-app.use(express.vhost('*.localhost', redirect))
-app.use(express.vhost('localhost', one));
-app.use(express.vhost('dev', two));
-
-app.listen(3000);
-console.log('Express app started on port 3000');
@@ -0,0 +1,47 @@
+/**
+ * Module dependencies.
+ */
+
+var express = require('../..');
+var logger = require('morgan');
+
+/*
+edit /etc/hosts:
+
+127.0.0.1       foo.example.com
+127.0.0.1       bar.example.com
+127.0.0.1       example.com
+*/
+
+// Main server app
+
+var main = express();
+
+main.use(logger('dev'));
+
+main.get('/', function(req, res){
+  res.send('Hello from main app!')
+});
+
+main.get('/:sub', function(req, res){
+  res.send('requested ' + req.params.sub);
+});
+
+// Redirect app
+
+var redirect = express();
+
+redirect.all('*', function(req, res){
+  console.log(req.subdomains);
+  res.redirect('http://example.com:3000/' + req.subdomains[0]);
+});
+
+// Vhost app
+
+var app = express();
+
+app.use(express.vhost('*.example.com', redirect)) // Serves all subdomains via Redirect app
+app.use(express.vhost('example.com', main)); // Serves top level domain via Main server app 
+
+app.listen(3000);
+console.log('Express app started on port 3000');
@@ -0,0 +1,52 @@
+
+/**
+ * Module dependencies.
+ */
+
+var http = require('http')
+  , path = require('path')
+  , extname = path.extname
+
+/**
+ * Expose `GithubView`.
+ */
+
+module.exports = GithubView;
+
+/**
+ * Custom view that fetches and renders
+ * remove github templates. You could
+ * render templates from a database etc.
+ */
+
+function GithubView(name, options){
+  this.name = name;
+  options = options || {};
+  this.engine = options.engines[extname(name)];
+  // "root" is the app.set('views') setting, however
+  // in your own implementation you could ignore this
+  this.path = '/' + options.root + '/master/' + name;
+}
+
+/**
+ * Render the view.
+ */
+
+GithubView.prototype.render = function(options, fn){
+  var self = this;
+  var opts = {
+    host: 'rawgithub.com',
+    port: 80,
+    path: this.path,
+    method: 'GET'
+  };
+
+  http.request(opts, function(res) {
+    var buf = '';
+    res.setEncoding('utf8');
+    res.on('data', function(str){ buf += str });
+    res.on('end', function(){
+      self.engine(buf, options, fn);
+    });
+  }).end();
+};
@@ -0,0 +1,47 @@
+
+/**
+ * Module dependencies.
+ */
+
+var express = require('../../')
+  , http = require('http')
+  , GithubView = require('./github-view')
+  , md = require('marked').parse;
+
+var app = module.exports = express();
+
+// register .md as an engine in express view system
+app.engine('md', function(str, options, fn){
+  try {
+    var html = md(str);
+    html = html.replace(/\{([^}]+)\}/g, function(_, name){
+      return options[name] || '';
+    })
+    fn(null, html);
+  } catch(err) {
+    fn(err);
+  }
+})
+
+// pointing to a particular github repo to load files from it
+app.set('views', 'visionmedia/express');
+
+// register a new view constructor
+app.set('view', GithubView);
+
+app.get('/', function(req, res){
+  // rendering a view relative to the repo.
+  // app.locals, res.locals, and locals passed
+  // work like they normally would
+  res.render('examples/markdown/views/index.md', { title: 'Example' });
+})
+
+app.get('/Readme.md', function(req, res){
+  // rendering a view from https://github.com/visionmedia/express/blob/master/Readme.md
+  res.render('Readme.md');
+})
+
+if (!module.parent) {
+  app.listen(3000);
+  console.log('Express started on port 3000');
+}
@@ -101,10 +101,46 @@ app.get('/middleware-locals', count2, users2, function(req, res, next){
  res.render('user', { title: 'Users' });
 });

+// keep in mind that middleware may be placed anywhere
+// and in various combinations, so if you have locals
+// that you wish to make available to all subsequent
+// middleware/routes you can do something like this:

-app.get('/locals', function(req, res){
-  res.render('user', { title: 'Users' });
+/*
+
+app.use(function(req, res, next){
+  res.locals.user = req.user;
+  res.locals.sess = req.session;
+  next();
 });

+*/
+
+// or suppose you have some /admin
+// "global" local variables:
+
+/*
+
+app.use('/api', function(req, res, next){
+  res.locals.user = req.user;
+  res.locals.sess = req.session;
+  next();
+});
+
+*/
+
+// the following is effectively the same,
+// but uses a route instead:
+
+/*
+
+app.all('/api/*', function(req, res, next){
+  res.locals.user = req.user;
+  res.locals.sess = req.session;
+  next();
+});
+
+*/
+
 app.listen(3000);
 console.log('Application listening on port 3000');
@@ -1,8 +1,8 @@
-doctype 5
+doctype html
 html
  head
    title= title
-    style
+    style.
      body {
        padding: 50px;
        font: 16px Helvetica, Arial;
@@ -40,29 +40,6 @@ app.use('/api', function(req, res, next){
  next();
 });

-// position our routes above the error handling middleware,
-// and below our API middleware, since we want the API validation
-// to take place BEFORE our routes
-app.use(app.router);
-
-// middleware with an arity of 4 are considered
-// error handling middleware. When you next(err)
-// it will be passed through the defined middleware
-// in order, but ONLY those with an arity of 4, ignoring
-// regular middleware.
-app.use(function(err, req, res, next){
-  // whatever you want here, feel free to populate
-  // properties on `err` to treat it differently in here.
-  res.send(err.status || 500, { error: err.message });
-});
-
-// our custom JSON 404 middleware. Since it's placed last
-// it will be the last middleware called, if all others
-// invoke next() and do not respond.
-app.use(function(req, res){
-  res.send(404, { error: "Lame, can't find that" });
-});
-
 // map of valid api keys, typically mapped to
 // account info with some sort of database like redis.
 // api keys do _not_ serve as authentication, merely to
@@ -104,12 +81,30 @@ app.get('/api/repos', function(req, res, next){
 app.get('/api/user/:name/repos', function(req, res, next){
  var name = req.params.name
    , user = userRepos[name];
-  
+
  if (user) res.send(user);
  else next();
 });

+// middleware with an arity of 4 are considered
+// error handling middleware. When you next(err)
+// it will be passed through the defined middleware
+// in order, but ONLY those with an arity of 4, ignoring
+// regular middleware.
+app.use(function(err, req, res, next){
+  // whatever you want here, feel free to populate
+  // properties on `err` to treat it differently in here.
+  res.send(err.status || 500, { error: err.message });
+});
+
+// our custom JSON 404 middleware. Since it's placed last
+// it will be the last middleware called, if all others
+// invoke next() and do not respond.
+app.use(function(req, res){
+  res.send(404, { error: "Lame, can't find that" });
+});
+
 if (!module.parent) {
  app.listen(3000);
  console.log('Express server listening on port 3000');
-}
+}
--- a/Mostrar Mais
+++ b/Mostrar Mais