@agent-team-foundation/first-tree-hub 0.14.4 → 0.14.6

package/dist/getMachineId-bsd-BmasEOJr.mjs

@@ -1,27 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-DUfRkc4a.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-bsd.js
-var require_getMachineId_bsd = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const fs_1 = __require("fs");
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		try {
-			return (await fs_1.promises.readFile("/etc/hostid", { encoding: "utf8" })).trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-		try {
-			return (await (0, execAsync_1.execAsync)("kenv -q smbios.system.uuid")).stdout.trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_bsd();
-export {};

package/dist/getMachineId-bsd-Dh3h0DDE.mjs

@@ -1,27 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-YbEZSOYd.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-bsd.js
-var require_getMachineId_bsd = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const fs_1 = __require("fs");
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		try {
-			return (await fs_1.promises.readFile("/etc/hostid", { encoding: "utf8" })).trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-		try {
-			return (await (0, execAsync_1.execAsync)("kenv -q smbios.system.uuid")).stdout.trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_bsd();
-export {};

package/dist/getMachineId-darwin-CuhM3hfZ.mjs

@@ -1,24 +0,0 @@
-import { a as __toCommonJS, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-DUfRkc4a.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-darwin.js
-var require_getMachineId_darwin = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		try {
-			const idLine = (await (0, execAsync_1.execAsync)("ioreg -rd1 -c \"IOPlatformExpertDevice\"")).stdout.split("\n").find((line) => line.includes("IOPlatformUUID"));
-			if (!idLine) return;
-			const parts = idLine.split("\" = \"");
-			if (parts.length === 2) return parts[1].slice(0, -1);
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_darwin();
-export {};

package/dist/getMachineId-darwin-D9wR0SLj.mjs

@@ -1,24 +0,0 @@
-import { a as __toCommonJS, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-YbEZSOYd.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-darwin.js
-var require_getMachineId_darwin = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		try {
-			const idLine = (await (0, execAsync_1.execAsync)("ioreg -rd1 -c \"IOPlatformExpertDevice\"")).stdout.split("\n").find((line) => line.includes("IOPlatformUUID"));
-			if (!idLine) return;
-			const parts = idLine.split("\" = \"");
-			if (parts.length === 2) return parts[1].slice(0, -1);
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_darwin();
-export {};

package/dist/getMachineId-linux-CYfb0oxZ.mjs

@@ -1,20 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-linux.js
-var require_getMachineId_linux = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const fs_1 = __require("fs");
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		for (const path of ["/etc/machine-id", "/var/lib/dbus/machine-id"]) try {
-			return (await fs_1.promises.readFile(path, { encoding: "utf8" })).trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_linux();
-export {};

package/dist/getMachineId-linux-D8ZaSjAC.mjs

@@ -1,20 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-linux.js
-var require_getMachineId_linux = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const fs_1 = __require("fs");
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		for (const path of ["/etc/machine-id", "/var/lib/dbus/machine-id"]) try {
-			return (await fs_1.promises.readFile(path, { encoding: "utf8" })).trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_linux();
-export {};

package/dist/getMachineId-unsupported-Cu3iisaD.mjs

@@ -1,15 +0,0 @@
-import { a as __toCommonJS, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-unsupported.js
-var require_getMachineId_unsupported = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		api_1.diag.debug("could not read machine-id: unsupported platform");
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_unsupported();
-export {};

package/dist/getMachineId-unsupported-DZqI4ZT5.mjs

@@ -1,15 +0,0 @@
-import { a as __toCommonJS, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-unsupported.js
-var require_getMachineId_unsupported = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		api_1.diag.debug("could not read machine-id: unsupported platform");
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_unsupported();
-export {};

package/dist/getMachineId-win-8ZJbtrdf.mjs

@@ -1,26 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-DUfRkc4a.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-win.js
-var require_getMachineId_win = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const process = __require("process");
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		const args = "QUERY HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography /v MachineGuid";
-		let command = "%windir%\\System32\\REG.exe";
-		if (process.arch === "ia32" && "PROCESSOR_ARCHITEW6432" in process.env) command = "%windir%\\sysnative\\cmd.exe /c " + command;
-		try {
-			const parts = (await (0, execAsync_1.execAsync)(`${command} ${args}`)).stdout.split("REG_SZ");
-			if (parts.length === 2) return parts[1].trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_win();
-export {};

package/dist/getMachineId-win-DT-hqwVp.mjs

@@ -1,26 +0,0 @@
-import { a as __toCommonJS, i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { n as init_esm, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { t as require_execAsync } from "./execAsync-YbEZSOYd.mjs";
-//#region ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/src/detectors/platform/node/machine-id/getMachineId-win.js
-var require_getMachineId_win = /* @__PURE__ */ __commonJSMin(((exports) => {
-	Object.defineProperty(exports, "__esModule", { value: true });
-	exports.getMachineId = void 0;
-	const process = __require("process");
-	const execAsync_1 = require_execAsync();
-	const api_1 = (init_esm(), __toCommonJS(esm_exports));
-	async function getMachineId() {
-		const args = "QUERY HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography /v MachineGuid";
-		let command = "%windir%\\System32\\REG.exe";
-		if (process.arch === "ia32" && "PROCESSOR_ARCHITEW6432" in process.env) command = "%windir%\\sysnative\\cmd.exe /c " + command;
-		try {
-			const parts = (await (0, execAsync_1.execAsync)(`${command} ${args}`)).stdout.split("REG_SZ");
-			if (parts.length === 2) return parts[1].trim();
-		} catch (e) {
-			api_1.diag.debug(`error reading machine id: ${e}`);
-		}
-	}
-	exports.getMachineId = getMachineId;
-}));
-//#endregion
-export default require_getMachineId_win();
-export {};

package/dist/invitation-C9m2gQx4-C_4f5VTs.mjs

@@ -1,4 +0,0 @@
-import "./dist-CrdnqZjv.mjs";
-import "./uuid-DbS_4vFh-iFghv4zA.mjs";
-import { s as previewInvitation } from "./invitation-D_ENPHyj-5ETiae5r.mjs";
-export { previewInvitation };

package/dist/invitation-D_ENPHyj-5ETiae5r.mjs

@@ -1,167 +0,0 @@
-import { c as NotFoundError, d as users, f as uuidv7, u as organizations } from "./uuid-DbS_4vFh-iFghv4zA.mjs";
-import { randomBytes } from "node:crypto";
-import { and, desc, eq, gt, isNull, or } from "drizzle-orm";
-import { index, pgTable, text, timestamp } from "drizzle-orm/pg-core";
-//#region ../server/dist/invitation-D_ENPHyj.mjs
-/**
-* Org-level invitation links. v1 enforces "one active link per org" via a
-* partial UNIQUE index added in the SQL migration (Drizzle's TS DSL does not
-* yet model partial uniques). Rotating a link sets `revoked_at` on the prior
-* row and inserts a new one in the same transaction; revoked rows stay for
-* audit but no longer satisfy the partial uniqueness predicate.
-*
-* `role` is fixed to `'member'` by the v1 API but stored on the row so a
-* future "invite as admin" feature is a route change, not a schema change.
-*
-* `expires_at` is left unset by the v1 rotate flow — invite links don't
-* auto-expire. The column exists so an admin can opt into expiry later (and
-* the partial unique predicate already filters on it).
-*/
-const invitations = pgTable("invitations", {
-	id: text("id").primaryKey(),
-	organizationId: text("organization_id").notNull().references(() => organizations.id, { onDelete: "cascade" }),
-	token: text("token").notNull().unique(),
-	role: text("role").notNull().default("member"),
-	expiresAt: timestamp("expires_at", { withTimezone: true }),
-	revokedAt: timestamp("revoked_at", { withTimezone: true }),
-	createdBy: text("created_by").notNull().references(() => users.id),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [index("idx_invitations_token").on(table.token), index("idx_invitations_org").on(table.organizationId)]);
-/** Audit row for every successful redemption — v1 admins inspect via DB. */
-const invitationRedemptions = pgTable("invitation_redemptions", {
-	id: text("id").primaryKey(),
-	invitationId: text("invitation_id").notNull().references(() => invitations.id, { onDelete: "cascade" }),
-	userId: text("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
-	redeemedAt: timestamp("redeemed_at", { withTimezone: true }).notNull().defaultNow(),
-	ip: text("ip"),
-	userAgent: text("user_agent")
-}, (table) => [index("idx_invitation_redemptions_invitation").on(table.invitationId), index("idx_invitation_redemptions_user").on(table.userId)]);
-const TOKEN_BYTES = 32;
-/**
-* Default invite-link TTL — authoritative server-side value. Tightening
-* "anyone with this link can join" to a bounded window is the primary
-* mitigation for accidental link leakage (admin pasting into a public
-* Slack channel, forwarded email chains, screen-share captures, etc).
-* 7 days mirrors what GitHub and Vercel default to; longer windows put
-* more leak surface on the same token. Admins extend by clicking Rotate
-* (which mints a fresh 7-day link in one transaction).
-*
-* The mirror constant in `@…shared/schemas/invitation.ts` exists so the
-* web UI can render "expires in 7 days" copy without an extra round-trip.
-*/
-const INVITATION_DEFAULT_TTL_MS = 10080 * 60 * 1e3;
-function generateInvitationToken() {
-	return randomBytes(TOKEN_BYTES).toString("base64url");
-}
-function defaultExpiry() {
-	return new Date(Date.now() + INVITATION_DEFAULT_TTL_MS);
-}
-/**
-* Return the *active* invitation for `orgId`, or null if none exists.
-* "Active" = not revoked AND not expired.
-*
-* Mirrors the predicate of the partial UNIQUE index `uq_invitations_active_per_org`,
-* so a successful `getActiveInvitation` is the same row the index protects.
-*/
-async function getActiveInvitation(db, orgId) {
-	const now = /* @__PURE__ */ new Date();
-	const [row] = await db.select().from(invitations).where(and(eq(invitations.organizationId, orgId), isNull(invitations.revokedAt), or(isNull(invitations.expiresAt), gt(invitations.expiresAt, now)))).orderBy(desc(invitations.createdAt)).limit(1);
-	return row ?? null;
-}
-/**
-* Get-or-create the active invitation for `orgId`. Idempotent so the admin
-* UI can call this on first render without inadvertently creating a fresh
-* link every time someone visits Settings.
-*
-* "Active" is filtered by `getActiveInvitation` (revoked_at IS NULL AND
-* not expired). When no active row exists we delegate to `rotateInvitation`
-* — that path correctly handles the case where a prior row exists but
-* has expired (`revoked_at IS NULL` but `expires_at < now()`). A naked
-* INSERT here would trip `uq_invitations_active_per_org` (the partial
-* unique index can't filter on `now()`, so it considers expired-but-not-
-* revoked rows as still occupying the slot).
-*/
-async function ensureActiveInvitation(db, orgId, createdBy) {
-	const existing = await getActiveInvitation(db, orgId);
-	if (existing) return existing;
-	return rotateInvitation(db, orgId, createdBy);
-}
-/**
-* Rotate the invitation: revoke every non-revoked row for this org (the
-* current active link AND any expired-but-not-revoked stragglers) and
-* insert a fresh one in a single transaction. Old tokens stop redeeming
-* immediately. The new row carries a default 7-day expiry; admin extends
-* by rotating again.
-*/
-async function rotateInvitation(db, orgId, createdBy) {
-	return db.transaction(async (tx) => {
-		const now = /* @__PURE__ */ new Date();
-		await tx.update(invitations).set({ revokedAt: now }).where(and(eq(invitations.organizationId, orgId), isNull(invitations.revokedAt)));
-		const id = uuidv7();
-		const token = generateInvitationToken();
-		const [row] = await tx.insert(invitations).values({
-			id,
-			organizationId: orgId,
-			token,
-			role: "member",
-			createdBy,
-			expiresAt: defaultExpiry()
-		}).returning();
-		if (!row) throw new Error("Unexpected: INSERT RETURNING produced no row");
-		return row;
-	});
-}
-/**
-* Look up an invitation by its public token. Returns null when the token
-* is unknown OR when the row exists but is no longer active. Conflating
-* "unknown" with "revoked" prevents an attacker from inferring which
-* tokens were once valid.
-*/
-async function findActiveByToken(db, token) {
-	const now = /* @__PURE__ */ new Date();
-	const [row] = await db.select().from(invitations).where(and(eq(invitations.token, token), isNull(invitations.revokedAt), or(isNull(invitations.expiresAt), gt(invitations.expiresAt, now)))).limit(1);
-	return row ?? null;
-}
-/**
-* Public preview surfaced on `/invite/:token` before the recipient signs in.
-*/
-async function previewInvitation(db, token) {
-	const inv = await findActiveByToken(db, token);
-	if (!inv) throw new NotFoundError("Invitation not found or no longer valid");
-	const [org] = await db.select({
-		id: organizations.id,
-		name: organizations.name,
-		displayName: organizations.displayName
-	}).from(organizations).where(eq(organizations.id, inv.organizationId)).limit(1);
-	if (!org) throw new NotFoundError("Invitation organization not found");
-	return {
-		organizationId: org.id,
-		organizationName: org.name,
-		organizationDisplayName: org.displayName,
-		role: inv.role,
-		expiresAt: inv.expiresAt ? inv.expiresAt.toISOString() : null
-	};
-}
-/**
-* Record a redemption row. Caller is responsible for executing the join
-* (members.insert / status='active' flip) — this is the audit trail only.
-*/
-async function recordRedemption(db, data) {
-	await db.insert(invitationRedemptions).values({
-		id: uuidv7(),
-		invitationId: data.invitationId,
-		userId: data.userId,
-		ip: data.ip ?? null,
-		userAgent: data.userAgent ?? null
-	});
-}
-/**
-* Build the invite URL surfaced to admins. `publicUrl` should be the
-* server's `server.publicUrl` config; pass the request host as fallback in
-* dev where publicUrl may be unset.
-*/
-function buildInviteUrl(publicUrl, token) {
-	return `${publicUrl.replace(/\/+$/, "")}/invite/${token}`;
-}
-//#endregion
-export { invitationRedemptions as a, recordRedemption as c, getActiveInvitation as i, rotateInvitation as l, ensureActiveInvitation as n, invitations as o, findActiveByToken as r, previewInvitation as s, buildInviteUrl as t };

package/dist/logger-core-BTmvdflj-DjW8FM4T.mjs

@@ -1,146 +0,0 @@
-import { z } from "zod";
-import { Writable } from "node:stream";
-//#region ../shared/dist/logger-core-BTmvdflj.mjs
-/**
-* Logger core — format / level primitives shared between server and client.
-*
-* This module intentionally has no dependency on `pino` so it can live in
-* `@agent-team-foundation/first-tree-hub-shared`. Consumers construct their
-* own pino instance and pass the output stream built here.
-*/
-const LOG_LEVELS = [
-	"trace",
-	"debug",
-	"info",
-	"warn",
-	"error",
-	"fatal"
-];
-const LOG_FORMATS = ["pretty", "json"];
-const logLevelSchema = z.enum(LOG_LEVELS);
-const logFormatSchema = z.enum(LOG_FORMATS);
-/**
-* Parse an env-var / config string into a LogLevel. Unknown values fall back
-* to `info` so the process never fails to boot on a typo — the caller is
-* responsible for emitting a warning when `fellBack` is true.
-*/
-function parseLogLevel(raw) {
-	if (!raw) return {
-		level: "info",
-		fellBack: false
-	};
-	const parsed = logLevelSchema.safeParse(raw);
-	if (parsed.success) return {
-		level: parsed.data,
-		fellBack: false
-	};
-	return {
-		level: "info",
-		fellBack: true
-	};
-}
-const LEVEL_LABELS = {
-	10: "TRACE",
-	20: "DEBUG",
-	30: "INFO",
-	40: "WARN",
-	50: "ERROR",
-	60: "FATAL"
-};
-const LEVEL_COLORS = {
-	10: "\x1B[90m",
-	20: "\x1B[36m",
-	30: "\x1B[32m",
-	40: "\x1B[33m",
-	50: "\x1B[31m",
-	60: "\x1B[35m"
-};
-const RESET = "\x1B[0m";
-const DIM = "\x1B[2m";
-const SKIP_KEYS = new Set([
-	"level",
-	"time",
-	"msg",
-	"module",
-	"pid",
-	"hostname",
-	"v"
-]);
-/**
-* Pino `redact.paths` entries applied to every root logger in Hub. Keeps the
-* list short on purpose — pino's redact walks each path on every log call, so
-* we target obvious sensitive field names plus a narrow set of nested forms
-* (`*.foo` matches a single nesting level in pino v9).
-*
-* Values matching these paths are replaced with the censor string `[REDACTED]`.
-*/
-const LOG_REDACT_PATHS = [
-	"password",
-	"*.password",
-	"token",
-	"*.token",
-	"accessToken",
-	"*.accessToken",
-	"refreshToken",
-	"*.refreshToken",
-	"jwt",
-	"*.jwt",
-	"secret",
-	"*.secret",
-	"apiKey",
-	"*.apiKey",
-	"api_key",
-	"*.api_key",
-	"credentials",
-	"*.credentials",
-	"authorization",
-	"*.authorization",
-	"*.headers.cookie",
-	"*.headers.authorization"
-];
-const LOG_REDACT_CENSOR = "[REDACTED]";
-function formatPrettyEntry(json) {
-	const obj = JSON.parse(json);
-	const level = obj.level;
-	const label = LEVEL_LABELS[level] ?? "???";
-	const color = LEVEL_COLORS[level] ?? "";
-	const time = obj.time ?? (/* @__PURE__ */ new Date()).toISOString();
-	const module = obj.module ? `[${String(obj.module)}] ` : "";
-	const msg = obj.msg ?? "";
-	const extras = [];
-	let errStack = "";
-	for (const [k, v] of Object.entries(obj)) {
-		if (SKIP_KEYS.has(k)) continue;
-		if (k === "err" && v && typeof v === "object") {
-			const e = v;
-			if (e.message) extras.push(`err.message=${String(e.message)}`);
-			if (typeof e.stack === "string") errStack = `\n${DIM}${e.stack}${RESET}`;
-		} else extras.push(`${k}=${typeof v === "string" ? v : JSON.stringify(v)}`);
-	}
-	const extraStr = extras.length > 0 ? `  ${DIM}${extras.join(" ")}${RESET}` : "";
-	return `${DIM}${time}${RESET} ${color}${label.padEnd(5)}${RESET} ${module}${msg}${extraStr}${errStack}\n`;
-}
-function formatLocalTime() {
-	const d = /* @__PURE__ */ new Date();
-	return `${d.toLocaleDateString("sv-SE")} ${d.toLocaleTimeString("en-GB", { hour12: false })}`;
-}
-function createLoggerOutputStream(options) {
-	const getDest = options.getDestination ?? (() => process.stderr);
-	return new Writable({ write(chunk, _, callback) {
-		const text = chunk.toString();
-		const dest = getDest();
-		try {
-			if (options.getFormat() === "pretty") dest.write(formatPrettyEntry(text));
-			else dest.write(text);
-			if (options.onJsonEntry) try {
-				const obj = JSON.parse(text);
-				options.onJsonEntry(obj);
-			} catch {}
-		} catch {
-			dest.write(text);
-		}
-		callback();
-	} });
-}
-//#endregion
-export { formatLocalTime as a, parseLogLevel as c, createLoggerOutputStream as i, LOG_REDACT_PATHS as n, logFormatSchema as o, SKIP_KEYS as r, logLevelSchema as s, LOG_REDACT_CENSOR as t };