Summary
Point standard library modules are ordinary semantic Point files. Import with straight syntax:
module App
use http
use jsonuse http is shorthand for use std.http. Run point capabilities for the catalog.
Import forms
| Syntax | Resolves to |
|---|---|
use http | std/http.point |
use std.http | same module (explicit) |
use Billing from "./billing.point" | local file |
Standard modules map to files under std/, such as std/text.point, std/json.point, std/http.point, std/time.point, std/fs.point, std/env.point, std/path.point, std/crypto.point, std/process.point, std/pty.point, std/yaml.point, std/stream.point, std/sql.point, std/ai.point, and std/money.point.
### std.process vs std.pty
- `std.process` (
capabilities process) runs a subprocess with buffered stdout/stderr and line streaming over plain pipes (processSpawn,processStreamLines). - `std.pty` (
capabilities pty) keeps a pseudo-terminal spawn when Bun supports PTY (Bun.spawnterminal), withptyWritefor interactive stdin and line streaming merged from the PTY. On unsupported hosts the runtime falls back to pipe-backed spawn (TTY detection in the child is off). Use pty when you care about PTY-backed behavior or future terminal integration; otherwise process stays the simpler buffered API.
### std.http
HTTP client helpers and integration-test assertions:
http get(url: Text)/http post(url: Text, body: Text)— fetch response text or errorhttp fetch(url: Text, options: Text)— returns JSON snapshot text{ "status", "body" }for route testshttp assert status(response: Text, expected status: Int): Boolhttp assert json body(response: Text, expected json: Text): Bool
Use point test integration <file> to run actions named integration test … against a live route server — see Run, test, REPL.
### std.crypto
Hashing and JWT helpers for auth middleware and tooling:
digest sha256(value: Text): Text— SHA-256 hex digestdigest hmac sha256(value: Text, secret: Text): Text— HMAC-SHA256 hex digestsign jwt(payload: Text, secret: Text): Text— HS256 JWT for a JSON payload stringverify jwt(token: Text, secret: Text): Text or Error— validates Bearer or raw tokens; returns payload JSON textcheck jwt valid(token: Text, secret: Text): Bool— validates Bearer or raw tokensjwt auth ok(token: Text, secret: Text): Bool— convenience wrapper for route middleware
Secret handling: Load signing keys with std.env (for example JWT_SECRET) inside actions or commands. Never log secrets or embed production keys in .point source — use environment variables and keep demo secrets limited to examples/tests.
### std.ai
OpenAI and Anthropic HTTP provider actions for complete and stream text:
complete text with openai(prompt: Text, model: Text): Text or Errorstream text with openai(prompt: Text, model: Text): Text or Errorcomplete text with anthropic(prompt: Text, model: Text): Text or Errorstream text with anthropic(prompt: Text, model: Text): Text or Error
API keys: Set OPENAI_API_KEY and ANTHROPIC_API_KEY in the host environment and read them through std.env inside actions — never hard-code keys in source. See AI provider interop.
### std.sql
Parameterized SQLite queries for local scripts and tests (Bun bun:sqlite):
sql query raw(sql: Text, params: List<Text>): Text or Error
Set POINT_SQL_DATABASE or DATABASE_URL to a sqlite: path. For PostgreSQL in production, declare an external driver instead — see Database interop.
Why stdlib is small
The standard library stays narrow so agents choose known APIs instead of inventing local externals for common work. More capability can still come through explicit external declarations.