@abtnode/core 1.16.52-beta-20250928-042319-ff3f0e04 → 1.16.52-beta-20250930-134044-9b691563

package/lib/api/team.js

@@ -8,7 +8,7 @@ const cloneDeep = require('@abtnode/util/lib/deep-clone');
 const { joinURL, withoutTrailingSlash } = require('ufo');
 const { Op } = require('sequelize');
 const dayjs = require('@abtnode/util/lib/dayjs');
-
+const Joi = require('joi');
 const logger = require('@abtnode/logger')('@abtnode/core:api:team');
 const {
   ROLES,
@@ -121,6 +121,19 @@ const formatTransferData = (data) => ({
   status: data.status || '',
 });
 
+const taggingSchema = Joi.object({
+  tagId: Joi.number().required(),
+  taggableIds: Joi.array().items(Joi.string()).min(1).required().messages({
+    'any.required': 'Must specify tagging.taggableIds to create',
+    'array.base': 'taggableIds must be an array',
+    'array.min': 'taggableIds must contain at least one element',
+  }),
+  taggableType: Joi.string().required().messages({
+    'any.required': 'Must specify tagging.taggableType to create',
+    'string.base': 'taggableType must be a string',
+  }),
+});
+
 const validatePassportDisplay = async (role, display) => {
   if (role.extra?.display === 'custom') {
     if (!display) {
@@ -270,39 +283,113 @@ class TeamAPI extends EventEmitter {
     };
   }
 
+  // Tagging
+  async createTagging({ teamDid, tagging }) {
+    const state = await this.getTaggingState(teamDid);
+
+    const { error, value } = taggingSchema.validate(tagging, { stripUnknown: true });
+    if (error) {
+      throw new Error(error.details.map((d) => d.message).join('; '));
+    }
+
+    const fns = value.taggableIds.map(async (id) => {
+      const found = await state.findOne({ tagId: tagging.tagId, taggableId: id });
+      if (found) return found;
+
+      return state.insert({ tagId: tagging.tagId, taggableId: id, taggableType: tagging.taggableType });
+    });
+
+    const docs = await Promise.all(fns);
+    logger.info('tagging created successfully', { teamDid, tagging });
+    return docs;
+  }
+
+  async deleteTagging({ teamDid, tagging }) {
+    const { error, value } = taggingSchema.validate(tagging, { stripUnknown: true });
+    if (error) {
+      throw new Error(error.details.map((d) => d.message).join('; '));
+    }
+
+    const state = await this.getTaggingState(teamDid);
+
+    const { tagId, taggableIds } = value;
+    const fns = taggableIds.map((id) => {
+      return state.remove({ tagId, taggableId: id });
+    });
+
+    const docs = await Promise.all(fns);
+    logger.info('tagging deleted successfully', { teamDid, tagging });
+
+    return docs;
+  }
+
   // Tags
-  async createTag({ teamDid, tag }) {
+  async createTag({ teamDid, tag }, context = {}) {
     if (!tag.title) {
       throw new Error('Must specify tag.title to create');
     }
     if (!tag.color || !tag.color.match(/^#[0-9a-f]{6}$/i)) {
       throw new Error('Must specify hex encoded tag.color to create');
     }
+    if (!tag.slug) {
+      throw new Error('Must specify tag.slug to create');
+    }
 
     const state = await this.getTagState(teamDid);
-    const doc = await state.insert(pick(tag, ['title', 'color', 'description']));
+    const tagData = pick(tag, ['title', 'description', 'color', 'slug', 'type', 'componentDid', 'parentId']);
+    tagData.createdBy = context.user.did;
+    tagData.updatedBy = context.user.did;
+    const doc = await state.insert(tagData);
     logger.info('tags created successfully', { teamDid, tag });
     return doc;
   }
 
-  async updateTag({ teamDid, tag }) {
+  async updateTag({ teamDid, tag }, context = {}) {
     if (!tag.id) {
       throw new Error('Must specify tag.id to update');
     }
 
+    const keys = ['title', 'description', 'color', 'slug', 'type', 'componentDid', 'parentId'];
+    const tagData = Object.fromEntries(keys.map((key) => [key, tag[key] ?? null]));
+    tagData.updatedBy = context.user.did;
+
     const state = await this.getTagState(teamDid);
-    const result = await state.updateById(tag.id, pick(tag, ['title', 'color', 'description']));
+    const result = await state.updateById(tag.id, tagData);
     logger.info('tags updated successfully', { teamDid, tag, result });
     return state.findOne({ id: tag.id });
   }
 
-  async deleteTag({ teamDid, tag }) {
+  async deleteTag({ teamDid, tag, moveTo }) {
     if (!tag.id) {
       throw new Error('Must specify tag.id to delete');
     }
 
     const state = await this.getTagState(teamDid);
+    const taggingState = await this.getTaggingState(teamDid);
+
+    if (moveTo) {
+      const records = await taggingState.find({ tagId: tag.id });
+
+      await Promise.all(
+        records.map(async (record) => {
+          const found = await taggingState.findOne({
+            tagId: moveTo,
+            taggableId: record.taggableId,
+            taggableType: record.taggableType,
+          });
+          if (found) {
+            await taggingState.remove(record);
+            logger.info('tag already at moveTo, deleted record', { teamDid, tag, record });
+          } else {
+            await taggingState.update({ tagId: record.tagId }, { $set: { tagId: moveTo } });
+            logger.info('tag moved successfully', { teamDid, tag, record, moveTo });
+          }
+        })
+      );
+    }
+
     const doc = await state.remove({ id: tag.id });
+    await taggingState.remove({ tagId: tag.id });
     logger.info('tags deleted successfully', { teamDid, tag });
     return doc;
   }
@@ -2042,6 +2129,10 @@ class TeamAPI extends EventEmitter {
     return this.teamManager.getTagState(did);
   }
 
+  getTaggingState(did) {
+    return this.teamManager.getTaggingState(did);
+  }
+
   getSessionState(did) {
     return this.teamManager.getSessionState(did);
   }

package/lib/blocklet/manager/disk.js

@@ -125,7 +125,7 @@ const toBlockletDid = require('@blocklet/meta/lib/did');
 const { updateComponentDid, removeUploadFile } = require('@abtnode/util/lib/upload-component');
 
 const groupBy = require('lodash/groupBy');
-const { isDidDomain, isCustomDomain } = require('@abtnode/util/lib/url-evaluation');
+const { isDidDomain, isCustomDomain, getOriginUrl } = require('@abtnode/util/lib/url-evaluation');
 const { DBCache, getAbtNodeRedisAndSQLiteUrl } = require('@abtnode/db-cache');
 const { isInstanceWorker } = require('@abtnode/util/lib/pm2/is-instence-worker.js');
 const launcher = require('../../util/launcher');
@@ -2065,7 +2065,16 @@ class DiskBlockletManager extends BaseBlockletManager {
       throw new Error(error.message);
     }
 
-    await states.blockletExtras.setSettings(did, { theme: value });
+    const currentSettings = await states.blockletExtras.getSettings(did);
+    const currentTheme = currentSettings.theme || {};
+
+    // 锁定校验
+    if (value.concepts && currentTheme.meta?.locked) {
+      throw new CustomError(403, 'Theme is locked and cannot be modified');
+    }
+
+    const updatedTheme = { ...currentTheme, ...value };
+    await states.blockletExtras.setSettings(did, { theme: updatedTheme });
 
     const newState = await this.getBlocklet(did);
     this.emit(BlockletInternalEvents.appSettingChanged, { appDid: did });
@@ -2325,6 +2334,7 @@ class DiskBlockletManager extends BaseBlockletManager {
 
   async setInitialized({ did, owner, purpose = '' }, context) {
     if (!validateOwner(owner)) {
+      logger.warn('Blocklet owner is invalid for setInitialized', { did, owner });
       throw new Error('Blocklet owner is invalid');
     }
 
@@ -2340,7 +2350,8 @@ class DiskBlockletManager extends BaseBlockletManager {
 
   async updateOwner({ did, owner }, context) {
     if (!validateOwner(owner)) {
-      throw new Error('owner is invalid');
+      logger.warn('Blocklet owner is invalid for updateOwner', { did, owner });
+      throw new Error('Blocklet owner is invalid');
     }
 
     const blocklet = await states.blocklet.getBlocklet(did);
@@ -2923,7 +2934,10 @@ class DiskBlockletManager extends BaseBlockletManager {
       if (key && !decryptedKey) {
         throw new CustomError(400, 'Save failed, the API key is not encrypted');
       }
-      params.aigne = aigne;
+      params.aigne = {
+        ...aigne,
+        url: getOriginUrl(aigne.url),
+      };
     }
     const keys = Object.keys(params);
     if (!keys.length) {
@@ -3023,7 +3037,9 @@ class DiskBlockletManager extends BaseBlockletManager {
         throw new CustomError(400, 'blocklet did invalid, no blocklet found');
       }
       const aigneSetting = get(blocklet, 'settings.aigne', {});
-      if (aigneSetting.key !== key && url !== aigneSetting.url) {
+      const _url = getOriginUrl(url);
+      const settingUrl = getOriginUrl(aigneSetting.url);
+      if (aigneSetting.key !== key && _url !== settingUrl) {
         throw new CustomError(400, 'Invalid key or url provided');
       }
       await states.blockletExtras.setSettings(did, {

package/lib/blocklet/migration-dist/migration.cjs

@@ -38946,7 +38946,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.16.51","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib","test":"node tools/jest.js","test:disk":"node tools/jest.js tests/blocklet/manager/disk.spec.js","coverage":"npm run test -- --coverage"},"keywords":[],"author":"wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)","license":"Apache-2.0","dependencies":{"@abtnode/analytics":"1.16.51","@abtnode/auth":"1.16.51","@abtnode/certificate-manager":"1.16.51","@abtnode/constant":"1.16.51","@abtnode/cron":"1.16.51","@abtnode/db-cache":"1.16.51","@abtnode/docker-utils":"1.16.51","@abtnode/logger":"1.16.51","@abtnode/models":"1.16.51","@abtnode/queue":"1.16.51","@abtnode/rbac":"1.16.51","@abtnode/router-provider":"1.16.51","@abtnode/static-server":"1.16.51","@abtnode/timemachine":"1.16.51","@abtnode/util":"1.16.51","@aigne/aigne-hub":"^0.8.10","@arcblock/did":"1.24.0","@arcblock/did-connect-js":"1.24.0","@arcblock/did-ext":"1.24.0","@arcblock/did-motif":"^1.1.14","@arcblock/did-util":"1.24.0","@arcblock/event-hub":"1.24.0","@arcblock/jwt":"1.24.0","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"1.24.0","@arcblock/vc":"1.24.0","@blocklet/constant":"1.16.51","@blocklet/did-space-js":"^1.1.24","@blocklet/env":"1.16.51","@blocklet/error":"^0.2.5","@blocklet/meta":"1.16.51","@blocklet/resolver":"1.16.51","@blocklet/sdk":"1.16.51","@blocklet/server-js":"1.16.51","@blocklet/store":"1.16.51","@blocklet/theme":"^3.1.41","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.24.0","@ocap/util":"1.24.0","@ocap/wallet":"1.24.0","@slack/webhook":"^5.0.4","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","dayjs":"^1.11.13","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","p-wait-for":"^3.2.0","private-ip":"^2.3.4","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","slugify":"^1.6.6","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^6.1.11","transliteration":"^2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^11.1.0","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"expand-tilde":"^2.0.2","express":"^4.18.2","jest":"^29.7.0","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.16.51","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib","test":"node tools/jest.js","test:disk":"node tools/jest.js tests/blocklet/manager/disk.spec.js","coverage":"npm run test -- --coverage"},"keywords":[],"author":"wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)","license":"Apache-2.0","dependencies":{"@abtnode/analytics":"1.16.51","@abtnode/auth":"1.16.51","@abtnode/certificate-manager":"1.16.51","@abtnode/constant":"1.16.51","@abtnode/cron":"1.16.51","@abtnode/db-cache":"1.16.51","@abtnode/docker-utils":"1.16.51","@abtnode/logger":"1.16.51","@abtnode/models":"1.16.51","@abtnode/queue":"1.16.51","@abtnode/rbac":"1.16.51","@abtnode/router-provider":"1.16.51","@abtnode/static-server":"1.16.51","@abtnode/timemachine":"1.16.51","@abtnode/util":"1.16.51","@aigne/aigne-hub":"^0.8.10","@arcblock/did":"1.24.0","@arcblock/did-connect-js":"1.24.0","@arcblock/did-ext":"1.24.0","@arcblock/did-motif":"^1.1.14","@arcblock/did-util":"1.24.0","@arcblock/event-hub":"1.24.0","@arcblock/jwt":"1.24.0","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"1.24.0","@arcblock/vc":"1.24.0","@blocklet/constant":"1.16.51","@blocklet/did-space-js":"^1.1.28","@blocklet/env":"1.16.51","@blocklet/error":"^0.2.5","@blocklet/meta":"1.16.51","@blocklet/resolver":"1.16.51","@blocklet/sdk":"1.16.51","@blocklet/server-js":"1.16.51","@blocklet/store":"1.16.51","@blocklet/theme":"^3.1.44","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.24.0","@ocap/util":"1.24.0","@ocap/wallet":"1.24.0","@slack/webhook":"^5.0.4","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","dayjs":"^1.11.13","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","p-wait-for":"^3.2.0","private-ip":"^2.3.4","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","slugify":"^1.6.6","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^6.1.11","transliteration":"^2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^11.1.0","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"expand-tilde":"^2.0.2","express":"^4.18.2","jest":"^29.7.0","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
 
 /***/ }),
 

package/lib/index.js

@@ -552,6 +552,9 @@ function ABTNode(options) {
     deleteTag: teamAPI.deleteTag.bind(teamAPI),
     getTags: teamAPI.getTags.bind(teamAPI),
 
+    createTagging: teamAPI.createTagging.bind(teamAPI),
+    deleteTagging: teamAPI.deleteTagging.bind(teamAPI),
+
     // Access Control
     getRBAC: (did = options.nodeDid) => teamManager.getRBAC(did),
 

package/lib/locales/en.js

@@ -1,19 +1,19 @@
 /* eslint-disable prettier/prettier */
 module.exports = {
   registry: {
-    getListError: 'Get Blocklet list from registry "{registryUrl}" failed.',
+    getListError: 'Failed to get blocklet list from registry "{registryUrl}"',
   },
   backup: {
     space: {
       error: {
-        title: 'Backup to DID Spaces encountered error',
+        title: 'Backup to DID Spaces Failed',
         forbidden:
-          'You do not have permission to perform the backup, try restoring the application license on DID Spaces or reconnect to DID Spaces and try again',
+          'You don\'t have permission to back up. Try restoring the license on DID Spaces or reconnect.',
       },
-      isFull: 'The current DID Space storage space is full, please expand the space and back up again',
+      isFull: 'Your DID Spaces storage is full. Expand storage and try again.',
       lackOfSpace:
-        'The current available space in the storage is insufficient, Please expand the space and perform the backup again',
-      unableEnableAutoBackup: 'unable to enable auto backup, please connect to DID Spaces first',
+        'Not enough storage space. Expand storage and try again.',
+      unableEnableAutoBackup: 'Connect to DID Spaces before enabling auto backup.',
     },
   },
 };

package/lib/monitor/get-history-list.js

@@ -2,7 +2,7 @@ const maxBy = require('lodash/maxBy');
 
 const getHistoryList = ({ history, hours, recordIntervalSec, props = [] }) => {
   if (hours < 1 || hours > 24) {
-    throw new Error('hours should between 1 to 24');
+    throw new Error('hours should be between 1 and 24');
   }
   const intHours = Math.floor(hours);
 

package/lib/router/helper.js

@@ -798,11 +798,11 @@ module.exports = function getRouterHelpers({
       const privateKeyFilePath = path.join(destFolder, 'privkey.pem');
 
       if (!fs.existsSync(certificateFilePath)) {
-        throw new Error('dashboard certificate invalid: cert.pem not exists');
+        throw new Error('dashboard certificate invalid: cert.pem does not exist');
       }
 
       if (!fs.existsSync(privateKeyFilePath)) {
-        throw new Error('dashboard certificate invalid: privkey.pem not exists');
+        throw new Error('dashboard certificate invalid: privkey.pem does not exist');
       }
 
       const certificate = fs.readFileSync(certificateFilePath).toString();

package/lib/router/manager.js

@@ -179,8 +179,7 @@ class RouterManager extends EventEmitter {
   async deleteRoutingSite({ id }, context = {}) {
     const site = await states.site.findOne({ id });
     if ([DOMAIN_FOR_IP_SITE, DOMAIN_FOR_DEFAULT_SITE].includes(site.domain)) {
-      // eslint-disable-next-line quotes
-      throw new Error("Can not delete this site because it's protected");
+      throw new Error('Cannot delete this site because it is protected');
     }
 
     const removedSiteCount = await states.site.remove({ id });
@@ -198,7 +197,7 @@ class RouterManager extends EventEmitter {
     const site = await validateUpdateSite(params, context);
     const existed = await states.site.findOne({ id: site.id });
     if (!existed) {
-      throw new Error('Can not update non-existing site');
+      throw new Error('Cannot update non-existing site');
     }
 
     const updateSet = {};

package/lib/states/access-key.js

@@ -101,7 +101,7 @@ class AccessKeyState extends BaseState {
     };
   }
 
-  findPaginated({ remark, componentDid, resourceId, resourceType, paging } = {}, context) {
+  findPaginated({ remark: keywords, componentDid, resourceId, resourceType, paging } = {}, context) {
     validateOperator(context);
     const conditions = {
       where: {},
@@ -115,8 +115,12 @@ class AccessKeyState extends BaseState {
     if (resourceType) {
       conditions.where.resourceType = resourceType;
     }
-    if (remark) {
-      conditions.where.remark = { [Op.like]: `%${remark}%` };
+    // 模糊搜索
+    if (keywords) {
+      conditions.where[Op.or] = [
+        { remark: { [Op.like]: `%${keywords}%` } },
+        { accessKeyId: { [Op.like]: `%${keywords}%` } },
+      ];
     }
     const pathname = getEndpoint(context);
     const queryCreatedById = isUserCenterPath(pathname) ? context.user.did : '';

package/lib/states/audit-log.js

@@ -499,6 +499,10 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `deleted tag ${args.tag.id}`;
     case 'destroySelf':
       return `user ${result.did} initiated account deletion`;
+    case 'createTagging':
+      return `created tagging ${args.tagging.tagId} for ${args.tagging.taggableIds.join(', ')}`;
+    case 'deleteTagging':
+      return `deleted tagging ${args.tagging.tagId} for ${args.tagging.taggableIds.join(', ')}`;
 
     // accessKeys
     case 'createAccessKey':

package/lib/states/tagging.js

@@ -0,0 +1,8 @@
+const BaseState = require('./base');
+
+/**
+ * @extends BaseState<import('@abtnode/models').TaggingState>
+ */
+class Tagging extends BaseState {}
+
+module.exports = Tagging;

package/lib/team/manager.js

@@ -41,6 +41,7 @@ const States = {
   ConnectedAccount: require('../states/connect-account'),
   Session: require('../states/session'),
   Tag: require('../states/tag'),
+  Tagging: require('../states/tagging'),
   Project: require('../states/project'),
   Release: require('../states/release'),
   Notification: require('../states/notification'),
@@ -67,6 +68,7 @@ const getDefaultTeamState = () => ({
   connectedAccount: null,
   session: null,
   tag: null,
+  tagging: null,
   project: null,
   release: null,
   notification: null,
@@ -140,6 +142,7 @@ class TeamManager extends EventEmitter {
       user: await this.createState(this.nodeDid, 'User'),
       userSession: await this.createState(this.nodeDid, 'UserSession'),
       tag: await this.createState(this.nodeDid, 'Tag'),
+      tagging: await this.createState(this.nodeDid, 'Tagging'),
       passport: await this.createState(this.nodeDid, 'Passport'),
       passportLog: await this.createState(this.nodeDid, 'PassportLog'),
       connectedAccount: await this.createState(this.nodeDid, 'ConnectedAccount'),
@@ -170,6 +173,10 @@ class TeamManager extends EventEmitter {
     return this.getState(teamDid, 'tag');
   }
 
+  getTaggingState(teamDid) {
+    return this.getState(teamDid, 'tagging');
+  }
+
   getPassportState(teamDid) {
     return this.getState(teamDid, 'passport');
   }
@@ -817,6 +824,7 @@ class TeamManager extends EventEmitter {
     const rbac = await this.getRBAC(did);
     const user = await this.createState(did, 'User');
     const tag = await this.createState(did, 'Tag');
+    const tagging = await this.createState(did, 'Tagging');
     const passport = await this.createState(did, 'Passport');
     const passportLog = await this.createState(did, 'PassportLog');
     const connectedAccount = await this.createState(did, 'ConnectedAccount');
@@ -828,6 +836,7 @@ class TeamManager extends EventEmitter {
       user,
       userSession,
       tag,
+      tagging,
       session,
       passport,
       passportLog,

package/lib/util/launcher.js

@@ -329,7 +329,6 @@ const setupAppOwner = async ({
     },
     node
   );
-  logger.info('Create owner for blocklet', { appDid, ownerDid, sessionId });
 
   if (passport) {
     await node.createPassportLog(appDid, {
@@ -358,8 +357,10 @@ const setupAppOwner = async ({
   });
 
   if (justCreate || autoStart) {
+    logger.info('Create owner for blocklet: setBlockletInitialized', { appDid, ownerDid, sessionId });
     await node.setBlockletInitialized({ did: appDid, owner: { did: ownerDid, pk: ownerPk } });
   } else {
+    logger.info('Create owner for blocklet: setBlockletOwner', { appDid, ownerDid, sessionId });
     await node.setBlockletOwner({ did: appDid, owner: { did: ownerDid, pk: ownerPk } });
   }
 
@@ -389,20 +390,6 @@ const setupAppOwner = async ({
 
   logger.info('created user session', { appDid, ownerDid, userSession });
 
-  // FIXME: this always throw error
-  // if (autoStart) {
-  //   node
-  //     .startBlocklet({
-  //       did: appDid,
-  //       checkHealthImmediately: false,
-  //       throwOnError: true,
-  //       atomic: false,
-  //     })
-  //     .catch((error) => {
-  //       logger.error('blocklet auto start failed', { error, appDid });
-  //     });
-  // }
-
   return {
     session,
     blocklet,

package/lib/validators/theme.js

@@ -187,12 +187,30 @@ const conceptSchema = Joi.object({
   editor: editorStateSchema.required(),
 }).options({ allowUnknown: true, stripUnknown: true });
 
-const blockletThemeSchema = Joi.object({
+// Theme data schema (concepts and currentConceptId)
+const themeDataSchema = Joi.object({
   concepts: Joi.array().items(conceptSchema).required(),
   currentConceptId: Joi.string().required(),
 }).options({ allowUnknown: true, stripUnknown: true });
 
+// Theme meta schema for storing metadata like locked status
+const themeMetaSchema = Joi.object({
+  meta: Joi.object({
+    locked: Joi.boolean().required(),
+  }).required(),
+}).options({ allowUnknown: true, stripUnknown: true });
+
+// Top-level blocklet theme schema - either theme data OR meta, not both
+const blockletThemeSchema = Joi.alternatives().try(
+  // Theme data schema
+  themeDataSchema,
+  // Meta-only schema
+  themeMetaSchema
+);
+
 module.exports = {
   muiThemeSchema,
   blockletThemeSchema,
+  themeDataSchema,
+  themeMetaSchema,
 };

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.52-beta-20250928-042319-ff3f0e04",
+  "version": "1.16.52-beta-20250930-134044-9b691563",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -20,21 +20,21 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/auth": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/certificate-manager": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/constant": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/cron": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/db-cache": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/docker-utils": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/logger": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/models": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/queue": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/rbac": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/router-provider": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/static-server": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/timemachine": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@abtnode/util": "1.16.52-beta-20250928-042319-ff3f0e04",
+    "@abtnode/analytics": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/auth": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/certificate-manager": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/constant": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/cron": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/db-cache": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/docker-utils": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/logger": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/models": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/queue": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/rbac": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/router-provider": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/static-server": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/timemachine": "1.16.52-beta-20250930-134044-9b691563",
+    "@abtnode/util": "1.16.52-beta-20250930-134044-9b691563",
     "@aigne/aigne-hub": "^0.8.10",
     "@arcblock/did": "1.24.0",
     "@arcblock/did-connect-js": "1.24.0",
@@ -46,16 +46,16 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "1.24.0",
     "@arcblock/vc": "1.24.0",
-    "@blocklet/constant": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/did-space-js": "^1.1.24",
-    "@blocklet/env": "1.16.52-beta-20250928-042319-ff3f0e04",
+    "@blocklet/constant": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/did-space-js": "^1.1.28",
+    "@blocklet/env": "1.16.52-beta-20250930-134044-9b691563",
     "@blocklet/error": "^0.2.5",
-    "@blocklet/meta": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/resolver": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/sdk": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/server-js": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/store": "1.16.52-beta-20250928-042319-ff3f0e04",
-    "@blocklet/theme": "^3.1.41",
+    "@blocklet/meta": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/resolver": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/sdk": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/server-js": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/store": "1.16.52-beta-20250930-134044-9b691563",
+    "@blocklet/theme": "^3.1.44",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "1.24.0",
     "@ocap/util": "1.24.0",
@@ -119,5 +119,5 @@
     "jest": "^29.7.0",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "2390501ff6e05cbf356f751ced062803e3562465"
+  "gitHead": "922d7f11acfdfafe4494f59add4884fe73954a0b"
 }