@alpic-ai/api 0.0.0-staging.g1c7818f → 0.0.0-staging.g1d699ea

package/dist/index.d.mts

@@ -1,5 +1,4 @@
 import { z } from "zod";
-import * as _$_orpc_contract0 from "@orpc/contract";
 import { InferContractRouterInputs, InferContractRouterOutputs } from "@orpc/contract";
 
 //#region src/api.contract.d.ts
@@ -16,7 +15,7 @@ declare const deploymentStatusSchema: z.ZodEnum<{
   failed: "failed";
   canceled: "canceled";
 }>;
-declare const createEnvironmentContractV1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+declare const createEnvironmentContractV1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
   projectId: z.ZodString;
   name: z.ZodString;
   sourceBranch: z.ZodString;
@@ -29,17 +28,17 @@ declare const createEnvironmentContractV1: _$_orpc_contract0.ContractProcedureBu
   id: z.ZodString;
   name: z.ZodString;
   sourceBranch: z.ZodNullable<z.ZodString>;
-  urls: z.ZodArray<z.ZodString>;
+  urls: z.ZodArray<z.ZodURL>;
   createdAt: z.ZodCoercedDate<unknown>;
   projectId: z.ZodString;
-}, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+}, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
   NOT_FOUND: {};
   BAD_REQUEST: {};
 }>, Record<never, never>>;
 declare const contract: {
   teams: {
     list: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithOutput<_$_orpc_contract0.Schema<unknown, unknown>, z.ZodArray<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithOutput<import("@orpc/contract").Schema<unknown, unknown>, z.ZodArray<z.ZodObject<{
         id: z.ZodString;
         name: z.ZodString;
         createdAt: z.ZodCoercedDate<unknown>;
@@ -49,7 +48,7 @@ declare const contract: {
   };
   analytics: {
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         startTimestamp: z.ZodCoercedNumber<unknown>;
         endTimestamp: z.ZodCoercedNumber<unknown>;
@@ -92,7 +91,7 @@ declare const contract: {
             categories: z.ZodRecord<z.ZodString, z.ZodUnknown>;
           }, z.core.$strip>>;
         }, z.core.$strip>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
@@ -100,7 +99,7 @@ declare const contract: {
   };
   deployments: {
     list: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         status: z.ZodOptional<z.ZodArray<z.ZodEnum<{
           ongoing: "ongoing";
@@ -128,12 +127,12 @@ declare const contract: {
         environmentName: z.ZodString;
         isCurrent: z.ZodBoolean;
         deploymentPageUrl: z.ZodNullable<z.ZodURL>;
-      }, z.core.$strip>>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         deploymentId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         id: z.ZodString;
@@ -154,21 +153,24 @@ declare const contract: {
         environmentName: z.ZodString;
         isCurrent: z.ZodBoolean;
         deploymentPageUrl: z.ZodNullable<z.ZodURL>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     uploadArtifact: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodOptional<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodOptional<z.ZodObject<{
         teamId: z.ZodOptional<z.ZodString>;
       }, z.core.$strip>>, z.ZodObject<{
         uploadUrl: z.ZodURL;
         token: z.ZodString;
         expiresAt: z.ZodCoercedDate<unknown>;
-      }, z.core.$strip>, Record<never, never>, Record<never, never>>;
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
+        NOT_FOUND: {};
+        BAD_REQUEST: {};
+      }>, Record<never, never>>;
     };
     getLogs: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         deploymentId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         logs: z.ZodArray<z.ZodObject<{
@@ -176,14 +178,14 @@ declare const contract: {
           content: z.ZodOptional<z.ZodString>;
         }, z.core.$strip>>;
         hasMoreLogs: z.ZodBoolean;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
   };
   environments: {
     create: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         name: z.ZodString;
         sourceBranch: z.ZodString;
@@ -196,16 +198,16 @@ declare const contract: {
         id: z.ZodString;
         name: z.ZodString;
         sourceBranch: z.ZodNullable<z.ZodString>;
-        urls: z.ZodArray<z.ZodString>;
+        urls: z.ZodArray<z.ZodURL>;
         createdAt: z.ZodCoercedDate<unknown>;
         projectId: z.ZodString;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         id: z.ZodString;
@@ -215,12 +217,12 @@ declare const contract: {
         domains: z.ZodArray<z.ZodCustomStringFormat<"hostname">>;
         createdAt: z.ZodCoercedDate<unknown>;
         projectId: z.ZodString;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     deploy: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
         token: z.ZodOptional<z.ZodString>;
       }, z.core.$strip>, z.ZodObject<{
@@ -242,13 +244,13 @@ declare const contract: {
         environmentName: z.ZodString;
         isCurrent: z.ZodBoolean;
         deploymentPageUrl: z.ZodNullable<z.ZodURL>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     getLogs: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
         since: z.ZodOptional<z.ZodString>;
         until: z.ZodOptional<z.ZodString>;
@@ -278,13 +280,13 @@ declare const contract: {
           durationInMs: z.ZodOptional<z.ZodNumber>;
         }, z.core.$strip>>;
         nextToken: z.ZodNullable<z.ZodString>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     getLatestLogs: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
         limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
         level: z.ZodOptional<z.ZodArray<z.ZodEnum<{
@@ -310,7 +312,7 @@ declare const contract: {
           method: z.ZodOptional<z.ZodString>;
           durationInMs: z.ZodOptional<z.ZodNumber>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
@@ -318,7 +320,7 @@ declare const contract: {
   };
   environmentVariables: {
     list: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
       }, z.core.$strip>, z.ZodArray<z.ZodObject<{
         id: z.ZodString;
@@ -326,12 +328,12 @@ declare const contract: {
         value: z.ZodString;
         isSecret: z.ZodBoolean;
         createdAt: z.ZodCoercedDate<unknown>;
-      }, z.core.$strip>>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     create: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
         environmentVariables: z.ZodArray<z.ZodObject<{
           key: z.ZodString;
@@ -340,37 +342,38 @@ declare const contract: {
         }, z.core.$strip>>;
       }, z.core.$strip>, z.ZodObject<{
         success: z.ZodLiteral<true>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     update: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentVariableId: z.ZodString;
         key: z.ZodString;
         value: z.ZodOptional<z.ZodString>;
         isSecret: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
       }, z.core.$strip>, z.ZodObject<{
         success: z.ZodLiteral<true>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     delete: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentVariableId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         success: z.ZodLiteral<true>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
+        BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
   };
   projects: {
     update: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         name: z.ZodOptional<z.ZodString>;
         sourceRepository: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -442,13 +445,13 @@ declare const contract: {
             completedAt: z.ZodNullable<z.ZodCoercedDate<unknown>>;
           }, z.core.$strip>>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         id: z.ZodString;
@@ -518,12 +521,12 @@ declare const contract: {
             completedAt: z.ZodNullable<z.ZodCoercedDate<unknown>>;
           }, z.core.$strip>>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     list: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodOptional<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodOptional<z.ZodObject<{
         teamId: z.ZodOptional<z.ZodString>;
       }, z.core.$strip>>, z.ZodArray<z.ZodObject<{
         id: z.ZodString;
@@ -593,10 +596,13 @@ declare const contract: {
             completedAt: z.ZodNullable<z.ZodCoercedDate<unknown>>;
           }, z.core.$strip>>;
         }, z.core.$strip>>;
-      }, z.core.$strip>>, Record<never, never>, Record<never, never>>;
+      }, z.core.$strip>>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
+        NOT_FOUND: {};
+        BAD_REQUEST: {};
+      }>, Record<never, never>>;
     };
     create: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         teamId: z.ZodOptional<z.ZodString>;
         name: z.ZodString;
         sourceRepository: z.ZodOptional<z.ZodString>;
@@ -654,24 +660,24 @@ declare const contract: {
         installCommand: z.ZodNullable<z.ZodString>;
         startCommand: z.ZodNullable<z.ZodString>;
         createdAt: z.ZodCoercedDate<unknown>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     delete: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         success: z.ZodLiteral<true>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
   };
   playground: {
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         isPlaygroundEnabled: z.ZodBoolean;
@@ -689,12 +695,12 @@ declare const contract: {
             prompt: z.ZodString;
           }, z.core.$strip>>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };
     upsert: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         environmentId: z.ZodString;
         isPlaygroundEnabled: z.ZodOptional<z.ZodBoolean>;
         name: z.ZodOptional<z.ZodString>;
@@ -725,7 +731,7 @@ declare const contract: {
             prompt: z.ZodString;
           }, z.core.$strip>>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
@@ -733,16 +739,18 @@ declare const contract: {
   };
   tunnels: {
     getTicket: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithOutput<_$_orpc_contract0.Schema<unknown, unknown>, z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithOutput<import("@orpc/contract").Schema<unknown, unknown>, z.ZodObject<{
         subdomain: z.ZodString;
         ticket: z.ZodString;
         tunnelHost: z.ZodString;
-      }, z.core.$strip>, Record<never, never>, Record<never, never>>;
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
+        FORBIDDEN: {};
+      }>, Record<never, never>>;
     };
   };
   distribution: {
     publish: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         domain: z.ZodString;
         title: z.ZodString;
@@ -774,13 +782,13 @@ declare const contract: {
             }, z.core.$strip>>>;
           }, z.core.$strip>>>;
         }, z.core.$strip>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
     };
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         projectId: z.ZodString;
         domain: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
@@ -807,7 +815,7 @@ declare const contract: {
             }, z.core.$strip>>>;
           }, z.core.$strip>>>;
         }, z.core.$strip>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
       }>, Record<never, never>>;
@@ -815,7 +823,7 @@ declare const contract: {
   };
   beacon: {
     create: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         targetUrl: z.ZodURL;
         teamId: z.ZodOptional<z.ZodString>;
         projectId: z.ZodOptional<z.ZodString>;
@@ -828,7 +836,7 @@ declare const contract: {
         }>>>;
       }, z.core.$strip>, z.ZodObject<{
         id: z.ZodString;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
         BAD_REQUEST: {};
         DNS_RESOLUTION_FAILED: {
@@ -837,7 +845,7 @@ declare const contract: {
       }>, Record<never, never>>;
     };
     get: {
-      v1: _$_orpc_contract0.ContractProcedureBuilderWithInputOutput<z.ZodObject<{
+      v1: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
         auditId: z.ZodString;
       }, z.core.$strip>, z.ZodObject<{
         id: z.ZodString;
@@ -921,7 +929,7 @@ declare const contract: {
             }, z.core.$strip>>;
           }, z.core.$strip>;
         }, z.core.$strip>>;
-      }, z.core.$strip>, _$_orpc_contract0.MergedErrorMap<Record<never, never>, {
+      }, z.core.$strip>, import("@orpc/contract").MergedErrorMap<Record<never, never>, {
         NOT_FOUND: {};
       }>, Record<never, never>>;
     };

package/dist/index.mjs

@@ -1,6 +1,174 @@
 import { z } from "zod";
+import * as z$1 from "zod/v4";
 import { oc } from "@orpc/contract";
 import ms from "ms";
+//#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_@cfworker+json-schema@4.1.1_zod@4.4.3/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth.js
+/**
+* Reusable URL validation that disallows javascript: scheme
+*/
+const SafeUrlSchema = z$1.url().superRefine((val, ctx) => {
+	if (!URL.canParse(val)) {
+		ctx.addIssue({
+			code: z$1.ZodIssueCode.custom,
+			message: "URL must be parseable",
+			fatal: true
+		});
+		return z$1.NEVER;
+	}
+}).refine((url) => {
+	const u = new URL(url);
+	return u.protocol !== "javascript:" && u.protocol !== "data:" && u.protocol !== "vbscript:";
+}, { message: "URL cannot use javascript:, data:, or vbscript: scheme" });
+/**
+* RFC 9728 OAuth Protected Resource Metadata
+*/
+const OAuthProtectedResourceMetadataSchema = z$1.looseObject({
+	resource: z$1.string().url(),
+	authorization_servers: z$1.array(SafeUrlSchema).optional(),
+	jwks_uri: z$1.string().url().optional(),
+	scopes_supported: z$1.array(z$1.string()).optional(),
+	bearer_methods_supported: z$1.array(z$1.string()).optional(),
+	resource_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	resource_name: z$1.string().optional(),
+	resource_documentation: z$1.string().optional(),
+	resource_policy_uri: z$1.string().url().optional(),
+	resource_tos_uri: z$1.string().url().optional(),
+	tls_client_certificate_bound_access_tokens: z$1.boolean().optional(),
+	authorization_details_types_supported: z$1.array(z$1.string()).optional(),
+	dpop_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	dpop_bound_access_tokens_required: z$1.boolean().optional()
+});
+/**
+* RFC 8414 OAuth 2.0 Authorization Server Metadata
+*/
+const OAuthMetadataSchema = z$1.looseObject({
+	issuer: z$1.string(),
+	authorization_endpoint: SafeUrlSchema,
+	token_endpoint: SafeUrlSchema,
+	registration_endpoint: SafeUrlSchema.optional(),
+	scopes_supported: z$1.array(z$1.string()).optional(),
+	response_types_supported: z$1.array(z$1.string()),
+	response_modes_supported: z$1.array(z$1.string()).optional(),
+	grant_types_supported: z$1.array(z$1.string()).optional(),
+	token_endpoint_auth_methods_supported: z$1.array(z$1.string()).optional(),
+	token_endpoint_auth_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	service_documentation: SafeUrlSchema.optional(),
+	revocation_endpoint: SafeUrlSchema.optional(),
+	revocation_endpoint_auth_methods_supported: z$1.array(z$1.string()).optional(),
+	revocation_endpoint_auth_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	introspection_endpoint: z$1.string().optional(),
+	introspection_endpoint_auth_methods_supported: z$1.array(z$1.string()).optional(),
+	introspection_endpoint_auth_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	code_challenge_methods_supported: z$1.array(z$1.string()).optional(),
+	client_id_metadata_document_supported: z$1.boolean().optional()
+});
+/**
+* OpenID Connect Discovery 1.0 Provider Metadata
+* see: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
+*/
+const OpenIdProviderMetadataSchema = z$1.looseObject({
+	issuer: z$1.string(),
+	authorization_endpoint: SafeUrlSchema,
+	token_endpoint: SafeUrlSchema,
+	userinfo_endpoint: SafeUrlSchema.optional(),
+	jwks_uri: SafeUrlSchema,
+	registration_endpoint: SafeUrlSchema.optional(),
+	scopes_supported: z$1.array(z$1.string()).optional(),
+	response_types_supported: z$1.array(z$1.string()),
+	response_modes_supported: z$1.array(z$1.string()).optional(),
+	grant_types_supported: z$1.array(z$1.string()).optional(),
+	acr_values_supported: z$1.array(z$1.string()).optional(),
+	subject_types_supported: z$1.array(z$1.string()),
+	id_token_signing_alg_values_supported: z$1.array(z$1.string()),
+	id_token_encryption_alg_values_supported: z$1.array(z$1.string()).optional(),
+	id_token_encryption_enc_values_supported: z$1.array(z$1.string()).optional(),
+	userinfo_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	userinfo_encryption_alg_values_supported: z$1.array(z$1.string()).optional(),
+	userinfo_encryption_enc_values_supported: z$1.array(z$1.string()).optional(),
+	request_object_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	request_object_encryption_alg_values_supported: z$1.array(z$1.string()).optional(),
+	request_object_encryption_enc_values_supported: z$1.array(z$1.string()).optional(),
+	token_endpoint_auth_methods_supported: z$1.array(z$1.string()).optional(),
+	token_endpoint_auth_signing_alg_values_supported: z$1.array(z$1.string()).optional(),
+	display_values_supported: z$1.array(z$1.string()).optional(),
+	claim_types_supported: z$1.array(z$1.string()).optional(),
+	claims_supported: z$1.array(z$1.string()).optional(),
+	service_documentation: z$1.string().optional(),
+	claims_locales_supported: z$1.array(z$1.string()).optional(),
+	ui_locales_supported: z$1.array(z$1.string()).optional(),
+	claims_parameter_supported: z$1.boolean().optional(),
+	request_parameter_supported: z$1.boolean().optional(),
+	request_uri_parameter_supported: z$1.boolean().optional(),
+	require_request_uri_registration: z$1.boolean().optional(),
+	op_policy_uri: SafeUrlSchema.optional(),
+	op_tos_uri: SafeUrlSchema.optional(),
+	client_id_metadata_document_supported: z$1.boolean().optional()
+});
+/**
+* OpenID Connect Discovery metadata that may include OAuth 2.0 fields
+* This schema represents the real-world scenario where OIDC providers
+* return a mix of OpenID Connect and OAuth 2.0 metadata fields
+*/
+const OpenIdProviderDiscoveryMetadataSchema = z$1.object({
+	...OpenIdProviderMetadataSchema.shape,
+	...OAuthMetadataSchema.pick({ code_challenge_methods_supported: true }).shape
+});
+z$1.object({
+	access_token: z$1.string(),
+	id_token: z$1.string().optional(),
+	token_type: z$1.string(),
+	expires_in: z$1.coerce.number().optional(),
+	scope: z$1.string().optional(),
+	refresh_token: z$1.string().optional()
+}).strip();
+z$1.object({
+	error: z$1.string(),
+	error_description: z$1.string().optional(),
+	error_uri: z$1.string().optional()
+});
+/**
+* Optional version of SafeUrlSchema that allows empty string for retrocompatibility on tos_uri and logo_uri
+*/
+const OptionalSafeUrlSchema = SafeUrlSchema.optional().or(z$1.literal("").transform(() => void 0));
+/**
+* RFC 7591 OAuth 2.0 Dynamic Client Registration metadata
+*/
+const OAuthClientMetadataSchema = z$1.object({
+	redirect_uris: z$1.array(SafeUrlSchema),
+	token_endpoint_auth_method: z$1.string().optional(),
+	grant_types: z$1.array(z$1.string()).optional(),
+	response_types: z$1.array(z$1.string()).optional(),
+	client_name: z$1.string().optional(),
+	client_uri: SafeUrlSchema.optional(),
+	logo_uri: OptionalSafeUrlSchema,
+	scope: z$1.string().optional(),
+	contacts: z$1.array(z$1.string()).optional(),
+	tos_uri: OptionalSafeUrlSchema,
+	policy_uri: z$1.string().optional(),
+	jwks_uri: SafeUrlSchema.optional(),
+	jwks: z$1.any().optional(),
+	software_id: z$1.string().optional(),
+	software_version: z$1.string().optional(),
+	software_statement: z$1.string().optional()
+}).strip();
+/**
+* RFC 7591 OAuth 2.0 Dynamic Client Registration client information
+*/
+const OAuthClientInformationSchema = z$1.object({
+	client_id: z$1.string(),
+	client_secret: z$1.string().optional(),
+	client_id_issued_at: z$1.number().optional(),
+	client_secret_expires_at: z$1.number().optional()
+}).strip();
+OAuthClientMetadataSchema.merge(OAuthClientInformationSchema);
+z$1.object({
+	error: z$1.string(),
+	error_description: z$1.string().optional()
+}).strip();
+z$1.object({
+	token: z$1.string(),
+	token_type_hint: z$1.string().optional()
+}).strip();
 const platformSchema = z.enum(["chatgpt", "claudeai"]);
 const PLATFORM_LABELS = {
 	chatgpt: "ChatGPT",
@@ -71,6 +239,13 @@ const auditReportWithScreenshotsSchema = auditReportSchema.extend({ widgetScreen
 	chatgpt: widgetScreenshotSchema.optional(),
 	claudeai: widgetScreenshotSchema.optional()
 }) });
+z.object({
+	id: z.string(),
+	environmentId: z.string(),
+	clientId: z.string(),
+	clientSecret: z.string(),
+	clientScopes: z.array(z.string())
+});
 const deploymentStatusSchema$1 = z.enum([
 	"ongoing",
 	"deployed",
@@ -98,6 +273,74 @@ const deploymentSummarySchema = z.object({
 	createdAt: z.coerce.date(),
 	updatedAt: z.coerce.date()
 });
+/**
+* Public environment
+*
+* No OAuth metadata exposed.
+*/
+const publicEnvironmentSchema = z.object({
+	isPublic: z.literal(true),
+	oAuthMetadata: z.undefined().optional()
+});
+/**
+* Protected environment with an external resource metadata URL
+*
+* An external resource metadata URL is returned in the WWW-Authenticate header during the first 401 response.
+* Everything that follows is handled outside of the MCP server scope.
+*/
+const externalResourceMetadataEnvironmentSchema = z.object({
+	isPublic: z.literal(false),
+	oAuthMetadata: z.object({ externalResourceMetadataUrl: z.url() }),
+	scope: z.string().optional()
+});
+/**
+* Protected environment with an external authorization server URL
+*
+* The server itself exposes the /.well-known/oauth-protected-resource endpoint.
+* An external authorization server URL is returned when requesting the endpoint.
+* Everything that follows is handled outside of the MCP server scope.
+*/
+const externalAuthorizationServerEnvironmentSchema = z.object({
+	isPublic: z.literal(false),
+	oAuthMetadata: z.object({
+		externalAuthorizationServerUrl: z.url(),
+		resourceMetadata: OAuthProtectedResourceMetadataSchema.optional()
+	}),
+	scope: z.string().optional()
+});
+/**
+* Standalone protected environment
+*
+* The server itself exposes the /.well-known/oauth-protected-resource endpoint.
+* The server itself exposes the /.well-known/oauth-authorization-server endpoint.
+*/
+const standaloneEnvironmentSchema = z.object({
+	isPublic: z.literal(false),
+	oAuthMetadata: z.object({
+		authorizationServerMetadata: z.union([OAuthMetadataSchema, OpenIdProviderDiscoveryMetadataSchema]),
+		resourceMetadata: OAuthProtectedResourceMetadataSchema.optional()
+	}),
+	scope: z.string().optional()
+});
+/**
+* Protected environment without OAuth discovery
+*
+* The server enforces authentication but exposes no OAuth discovery metadata.
+* Neither /.well-known/oauth-protected-resource nor /.well-known/oauth-authorization-server
+* are advertised. Clients must obtain credentials out-of-band.
+*/
+const protectedWithoutDiscoveryEnvironmentSchema = z.object({
+	isPublic: z.literal(false),
+	oAuthMetadata: z.strictObject({}),
+	scope: z.string().optional()
+});
+z.union([
+	publicEnvironmentSchema,
+	externalResourceMetadataEnvironmentSchema,
+	externalAuthorizationServerEnvironmentSchema,
+	standaloneEnvironmentSchema,
+	protectedWithoutDiscoveryEnvironmentSchema
+]);
 const allowedPlatformSchema = platformSchema;
 const environmentDomainSchema = z.object({
 	domain: z.string(),
@@ -296,6 +539,22 @@ z.object({
 	serverFields: serverFieldsSchema$1,
 	source: z.enum(["registry", "defaults"])
 });
+/**
+* Returns a variant of a `maxLength`-constrained string that clamps (truncates) instead of
+* rejecting on overflow — used for AI-generated copy where the model routinely overshoots.
+*
+* NOTE: this rebuilds the schema from scratch, carrying over only `maxLength` (as a clamp),
+* `minLength`, and the description. Any other validators on the source field (`.regex()`,
+* `.email()`, custom refinements) are intentionally dropped — this helper is meant for plain
+* free-text length caps only. A field with `null` `maxLength` is returned unchanged.
+*/
+const clampStringField = (field) => {
+	const max = field.maxLength;
+	if (max === null) return field;
+	const clamped = z.string().overwrite((value) => value.slice(0, max)).max(max);
+	const withMin = field.minLength === null ? clamped : clamped.min(field.minLength);
+	return field.description ? withMin.describe(field.description) : withMin;
+};
 const toolDefinitionSchema = z.object({
 	name: z.string(),
 	title: z.string().optional().describe("Human-friendly name for the tool, used in the UI. If not provided, `name` will be used."),
@@ -308,14 +567,14 @@ const toolDefinitionSchema = z.object({
 	}).optional()
 });
 const positiveTestCaseSchema = z.object({
-	scenario: z.string(),
-	userPrompt: z.string(),
-	toolTriggered: z.string().optional(),
-	expectedOutput: z.string().optional()
+	scenario: z.string().describe("Short label for what this case demonstrates."),
+	userPrompt: z.string().describe("A realistic, standalone user message a reviewer can paste and run with no prior state or multi-turn setup. Vary phrasing and tone across cases."),
+	toolTriggered: z.string().optional().describe("The tool this prompt should invoke."),
+	expectedOutput: z.string().optional().describe("What the user should see, including post-interaction behaviour where relevant.")
 }).partial().describe("Each case: Scenario, User prompt, Tool triggered, Expected output.");
 const screenshotEntrySchema = z.object({
 	prompt: z.string(),
-	url: z.url()
+	url: z.url().or(z.literal(""))
 }).describe("Each screenshot: the user prompt that produced it + the image URL.");
 /** Accepts either a valid email or URL. */
 const supportChannelSchema = z.string().refine((value) => z.email().safeParse(value).success || z.url().safeParse(value).success, { error: "Must be a valid email or URL" });
@@ -335,22 +594,315 @@ const chatgptCategorySchema = z.enum([
 	"TRAVEL"
 ]);
 const chatgptAuthenticationSchema = z.enum(["No auth needed", "OAuth 2.0"]);
-const chatgptAllowedCountriesSchema = z.enum(["Allow all", "Restrict to specific countries"]);
+const chatgptCountryCodeSchema = z.enum([
+	"AD",
+	"AE",
+	"AF",
+	"AG",
+	"AL",
+	"AM",
+	"AO",
+	"AR",
+	"AT",
+	"AU",
+	"AW",
+	"AX",
+	"AZ",
+	"BA",
+	"BB",
+	"BD",
+	"BE",
+	"BF",
+	"BG",
+	"BH",
+	"BI",
+	"BJ",
+	"BL",
+	"BM",
+	"BN",
+	"BO",
+	"BR",
+	"BS",
+	"BT",
+	"BW",
+	"BZ",
+	"CA",
+	"CD",
+	"CF",
+	"CG",
+	"CH",
+	"CI",
+	"CL",
+	"CM",
+	"CO",
+	"CR",
+	"CV",
+	"CY",
+	"CZ",
+	"DE",
+	"DJ",
+	"DK",
+	"DM",
+	"DO",
+	"DZ",
+	"EC",
+	"EE",
+	"EG",
+	"ER",
+	"ES",
+	"ET",
+	"FI",
+	"FJ",
+	"FM",
+	"FO",
+	"FR",
+	"GA",
+	"GB",
+	"GD",
+	"GE",
+	"GF",
+	"GH",
+	"GL",
+	"GM",
+	"GN",
+	"GP",
+	"GQ",
+	"GR",
+	"GT",
+	"GW",
+	"GY",
+	"HN",
+	"HR",
+	"HT",
+	"HU",
+	"ID",
+	"IE",
+	"IL",
+	"IN",
+	"IQ",
+	"IS",
+	"IT",
+	"JM",
+	"JO",
+	"JP",
+	"KE",
+	"KG",
+	"KH",
+	"KI",
+	"KM",
+	"KN",
+	"KR",
+	"KW",
+	"KY",
+	"KZ",
+	"LA",
+	"LB",
+	"LC",
+	"LI",
+	"LK",
+	"LR",
+	"LS",
+	"LT",
+	"LU",
+	"LV",
+	"LY",
+	"MA",
+	"MC",
+	"MD",
+	"ME",
+	"MF",
+	"MG",
+	"MH",
+	"MK",
+	"ML",
+	"MM",
+	"MN",
+	"MQ",
+	"MR",
+	"MT",
+	"MU",
+	"MV",
+	"MW",
+	"MX",
+	"MY",
+	"MZ",
+	"NA",
+	"NC",
+	"NE",
+	"NG",
+	"NI",
+	"NL",
+	"NO",
+	"NP",
+	"NR",
+	"NZ",
+	"OM",
+	"PA",
+	"PE",
+	"PF",
+	"PG",
+	"PH",
+	"PK",
+	"PL",
+	"PM",
+	"PS",
+	"PT",
+	"PW",
+	"PY",
+	"QA",
+	"RE",
+	"RO",
+	"RS",
+	"RW",
+	"SA",
+	"SB",
+	"SC",
+	"SD",
+	"SE",
+	"SG",
+	"SH",
+	"SI",
+	"SJ",
+	"SK",
+	"SL",
+	"SM",
+	"SN",
+	"SO",
+	"SR",
+	"SS",
+	"ST",
+	"SV",
+	"SZ",
+	"TD",
+	"TF",
+	"TG",
+	"TH",
+	"TJ",
+	"TL",
+	"TM",
+	"TN",
+	"TO",
+	"TR",
+	"TT",
+	"TV",
+	"TW",
+	"TZ",
+	"UA",
+	"UG",
+	"US",
+	"UY",
+	"UZ",
+	"VA",
+	"VC",
+	"VN",
+	"VU",
+	"WF",
+	"WS",
+	"YE",
+	"YT",
+	"ZA",
+	"ZM",
+	"ZW"
+]);
+const chatgptAllowedCountriesSchema = z.discriminatedUnion("mode", [
+	z.object({ mode: z.literal("all") }),
+	z.object({
+		mode: z.literal("allow"),
+		countries: z.array(chatgptCountryCodeSchema)
+	}),
+	z.object({
+		mode: z.literal("block"),
+		countries: z.array(chatgptCountryCodeSchema)
+	})
+]);
+const chatgptTranslationLocaleSchema = z.enum([
+	"am",
+	"ar",
+	"bg-BG",
+	"bn-BD",
+	"bs-BA",
+	"ca-ES",
+	"cs-CZ",
+	"da-DK",
+	"de-DE",
+	"el-GR",
+	"es-419",
+	"es-ES",
+	"et-EE",
+	"fi-FI",
+	"fr-CA",
+	"fr-FR",
+	"gu-IN",
+	"hi-IN",
+	"hr-HR",
+	"hu-HU",
+	"hy-AM",
+	"id-ID",
+	"is-IS",
+	"it-IT",
+	"ja-JP",
+	"ka-GE",
+	"kk",
+	"kn-IN",
+	"ko-KR",
+	"lt",
+	"lv-LV",
+	"mk-MK",
+	"ml",
+	"mn",
+	"mr-IN",
+	"ms-MY",
+	"my-MM",
+	"nb-NO",
+	"nl-NL",
+	"pa",
+	"pl-PL",
+	"pt-BR",
+	"pt-PT",
+	"ro-RO",
+	"ru-RU",
+	"sk-SK",
+	"sl-SI",
+	"so-SO",
+	"sq-AL",
+	"sr-RS",
+	"sv-SE",
+	"sw-TZ",
+	"ta-IN",
+	"te-IN",
+	"th-TH",
+	"tl",
+	"tr-TR",
+	"uk-UA",
+	"ur",
+	"vi-VN",
+	"zh-CN",
+	"zh-HK",
+	"zh-TW"
+]);
 const negativeTestCaseSchema = z.object({
 	scenario: z.string(),
 	userPrompt: z.string()
 }).partial().describe("Each case: Scenario + User prompt (the app should NOT trigger).");
 const chatgptToolJustificationSchema = z.object({
 	toolName: z.string(),
-	readOnlyJustification: z.string(),
-	openWorldJustification: z.string(),
-	destructiveJustification: z.string()
-}).describe("Per-tool justification of each MCP annotation value (one sentence per hint).");
+	readOnlyJustification: z.string().describe("One sentence on what the tool reads and returns."),
+	openWorldJustification: z.string().describe("One sentence on whether the tool reaches external systems beyond your own service."),
+	destructiveJustification: z.string().describe("One sentence on whether the tool changes data. For a read-only tool, state the full triad: \"No data is created, modified, or deleted.\"")
+}).describe("Per-tool justification of each MCP annotation value (one specific sentence per hint).");
+/**
+* Base copy fields, defined once and reused by both the submission form and per-locale
+* translations so the constraints (tagline ≤ 30 chars) never drift. The translation generation
+* path wraps these in {@link clampStringField} since the LLM tends to overshoot the limit.
+*/
+const chatgptTaglineSchema = z.string().max(30);
+const chatgptDescriptionSchema = z.string();
 const chatgptTranslationSchema = z.object({
-	locale: z.string(),
-	tagline: z.string().optional(),
-	description: z.string().optional()
+	locale: chatgptTranslationLocaleSchema,
+	tagline: chatgptTaglineSchema,
+	description: chatgptDescriptionSchema
 }).describe("Locale-scoped override for tagline + description. English (US) is the default.");
+chatgptTranslationSchema.extend({ tagline: clampStringField(chatgptTaglineSchema) });
 /**
 * Field order mirrors the ChatGPT (OpenAI) submission spreadsheet, grouped by section.
 * When adding/removing/reordering fields, keep this in sync with the sheet.
@@ -359,8 +911,8 @@ const chatgptSubmissionFormDataSchema = z.object({
 	logoLight: z.string().describe("Logo icon for light mode. Square PNG, no borders or rounded corners (clients apply circular cropping)."),
 	logoDark: z.string().optional().describe("Optional dark-mode logo icon. Square PNG, same specs as the light icon. Leave empty if the light icon also works on dark backgrounds."),
 	appName: z.string().describe("The name users will see in ChatGPT and in the Apps Directory."),
-	tagline: z.string().max(30).describe("Plain-language phrase focused on function and user value. 30 chars max."),
-	description: z.string().describe("Clear, engaging description highlighting what the app does and why people will love it. Appears publicly on the directory page."),
+	tagline: chatgptTaglineSchema.describe("Plain-language phrase focused on function and user value, 30 chars max. Avoid generic superlatives like \"the best …\"."),
+	description: chatgptDescriptionSchema.describe("Clear, engaging description highlighting what the app does and why people will love it. Appears publicly on the directory page. End it by naming the product categories or intents the app does NOT cover, so ChatGPT learns when not to route to it (define exclusions by absent categories or wrong intents, never by naming other brands)."),
 	category: chatgptCategorySchema.describe("Category from the OpenAI taxonomy."),
 	developerName: z.string().describe("Developer name shown publicly on the app's directory page."),
 	companyUrl: z.url().describe("Your company's main website URL."),
@@ -372,12 +924,12 @@ const chatgptSubmissionFormDataSchema = z.object({
 	serverUrl: z.url().describe("URL of the MCP server."),
 	authentication: chatgptAuthenticationSchema.describe("OAuth 2.0 or No auth. OAuth configuration is auto-discovered from the MCP server's metadata."),
 	tools: z.array(toolDefinitionSchema).describe("List of tools exposed by the MCP server (auto-populated from the production server's manifest)."),
-	toolJustifications: z.array(chatgptToolJustificationSchema).describe("Per-tool justification of `readOnlyHint`, `openWorldHint`, and `destructiveHint` annotation values."),
-	testCases: z.array(positiveTestCaseSchema).describe("At least 5 positive test cases. Each: Scenario, User prompt, Tool triggered, Expected output. Coverage over all major use cases."),
-	negativeTestCases: z.array(negativeTestCaseSchema).describe("3 negative test cases — prompts where the app should NOT trigger but the model might think it's relevant."),
-	screenshots: z.array(screenshotEntrySchema).describe("In-app screenshots paired with the user prompt that produced them. Widget apps must show the widget UI; non-widget apps show the model response. Min 1, max 4 entries. First three are public. Images: 706px wide, 400–860px tall, PNG."),
+	toolJustifications: z.array(chatgptToolJustificationSchema).describe("Per-tool justification of `readOnlyHint`, `openWorldHint`, and `destructiveHint` annotation values. One short, specific sentence per hint describing what the tool actually does."),
+	testCases: z.array(positiveTestCaseSchema).describe("At least 5 positive test cases. Each: Scenario, User prompt, Tool triggered, Expected output. Collectively cover the full capability across different flow stages (initial search or browse, market or locale handling, post-interaction detail, an action ChatGPT performs on the user's behalf, and a conversion or secondary tool) rather than five variations of the same first step."),
+	negativeTestCases: z.array(negativeTestCaseSchema).describe("3 negative test cases: prompts where the app should NOT trigger but the model might think it is relevant. These become production routing metadata that teaches ChatGPT when to stay silent, so pick tight near-misses: a product category the app does not carry, the right brand or domain but an intent the app does not serve, or a boundary with a sibling app."),
+	screenshots: z.array(screenshotEntrySchema).max(3).describe("In-app screenshots paired with the user prompt that produced them. Widget apps must show the widget UI; non-widget apps show the model response. Min 1, max 3 entries, all public. Images: 706px wide, 400–860px tall, PNG."),
 	translations: z.array(chatgptTranslationSchema).describe("Per-locale translation of tagline + description. English (US) is the default."),
-	allowedCountries: chatgptAllowedCountriesSchema.describe("'Allow all' or restrict to a specific list. See OpenAI's supported countries list."),
+	allowedCountries: chatgptAllowedCountriesSchema.describe("Availability: all supported countries, or an allow-list / block-list of specific ones (ISO alpha-2)."),
 	releaseNotes: z.string().describe("Publicly displayed on the app details page.")
 });
 chatgptSubmissionFormDataSchema.pick({
@@ -394,7 +946,7 @@ chatgptSubmissionFormDataSchema.pick({
 	testCases: true,
 	negativeTestCases: true,
 	toolJustifications: true
-});
+}).extend({ tagline: clampStringField(chatgptSubmissionFormDataSchema.shape.tagline) });
 const claudeCategorySchema = z.enum([
 	"Business & Productivity",
 	"Communication",
@@ -406,7 +958,7 @@ const claudeCategorySchema = z.enum([
 	"Media & Entertainment",
 	"Commerce & Shopping"
 ]);
-z.enum([
+const claudeAuthenticationSchema = z.enum([
 	"No auth needed",
 	"OAuth 2.0",
 	"Custom URL"
@@ -414,28 +966,34 @@ z.enum([
 const claudeMcpUrlTypeSchema = z.enum(["Universal URL", "Custom MCP URLs"]);
 z.enum(["Static OAuth Client", "Dynamic OAuth Client (DCR / CIMD)"]);
 const claudeReadWriteCapabilitiesSchema = z.enum([
-	"Read only",
-	"Write only",
-	"Read + write"
+	"Read Only",
+	"Write Only",
+	"Read + Write"
 ]);
 const claudeTransportSchema = z.enum(["Streamable HTTP", "SSE"]);
+const claudeTestedSurfaceSchema = z.enum([
+	"Claude.ai (web)",
+	"Claude Desktop",
+	"Claude Code",
+	"Cowork"
+]);
 const claudeThirdPartySchema = z.enum([
-	"Web access (open web fetch / scraping / arbitrary URLs)",
-	"Third-party AI model integration",
-	"Third-party data retrieval (via workflow / aggregator)",
-	"Third-party data modification (via workflow / aggregator)",
+	"Web access: Fetches information from the open web (e.g., web scraping, search engines, or browsing arbitrary URLs, not just connecting to a specific API)",
+	"Third-party AI model integration: Sends data to or receives data from a generative AI model other than Claude",
+	"Third-party data retrieval: Connects to external services that themselves retrieve data from other sources (e.g., workflow automation platforms or other services that aggregate or relay data from multiple third-party sources)",
+	"Third-party data modification: Can connect to external services that themselves create, update, or delete data in other sources (e.g., workflow automation platforms or other services that write to multiple third-party sources)",
 	"N/A"
 ]);
 const claudeDataHandlingSchema = z.enum([
 	"Server only accesses data explicitly requested by user",
 	"No data is stored beyond session requirements",
-	"Data transmission is encrypted (HTTPS / TLS)",
+	"Data transmission is encrypted (HTTPS/TLS)",
 	"GDPR compliant (if applicable)"
 ]);
 const claudeSponsoredContentSchema = z.enum([
 	"No, there is no sponsored content or advertisements",
 	"Yes, there are banner ads or other paid visual elements",
-	"Yes, returned content or ranking is impacted by sponsorship or ad placement"
+	"Yes, the returned content or ranking of returned content is impacted by sponsorship or ad placement"
 ]);
 /**
 * Field order mirrors the Claude (Anthropic) submission spreadsheet, grouped by section.
@@ -500,7 +1058,7 @@ If 'Yes', you will also be required to provide screenshots of your UI (see Promo
 Note: These are attestations — you are legally agreeing to these practices by submitting the form.`),
 	personalDataHealthAccess: z.boolean().describe(`Select 'Yes' ONLY if your connector gives users access to their own personal health information — such as medical records, lab results, diagnoses, prescriptions, wearable health metrics (heart rate, sleep data, etc.), or mental health data.
 Select 'No' for the vast majority of business/productivity/dev tools. When in doubt, select 'No'. This field triggers additional compliance review if 'Yes'.`),
-	categories: z.array(claudeCategorySchema).describe(`Select the category or categories that best describe your connector. This determines where it appears in the directory's browse experience. Choose the most specific fit:
+	category: claudeCategorySchema.describe(`Select the category that best describes your connector. This determines where it appears in the directory's browse experience. Choose the most specific fit:
 • Business & Productivity — project management, CRM, HR, office tools
 • Communication — email, chat, messaging, notifications
 • Data & Analytics — dashboards, reporting, databases, BI tools
@@ -510,12 +1068,13 @@ Select 'No' for the vast majority of business/productivity/dev tools. When in do
 • Health & Life Sciences — clinical, pharma, medical professional tools
 • Media & Entertainment — content, publishing, streaming
 • Commerce & Shopping — e-commerce, inventory, orders
-Multiple categories are allowed if genuinely applicable.`),
+Anthropic's submission form only accepts a single category.`),
 	sponsoredContentsOrAdvertisement: claudeSponsoredContentSchema.describe(`Be honest here — advertising is not permitted in the Connectors Directory per Anthropic's policy. Select the option that accurately describes your server:
 • 'No, there is no sponsored content or advertisements' — the results your server returns are not influenced by paid placement or sponsorship. This is what almost all connectors should select.
 • 'Yes, there are banner ads or other paid visual elements' — your UI includes visual ads. NOTE: this will likely lead to rejection, as Anthropic prohibits advertising in Claude.
 • 'Yes, the returned content or ranking of returned content is impacted by sponsorship or ad placement' — paid results affect what you return. NOTE: this also likely leads to rejection.
 If your server returns organic results from a platform that has ads in its own UI (but your API results are not affected by ads), select 'No'.`),
+	authentication: claudeAuthenticationSchema.describe("How users authenticate with the server. No auth / OAuth 2.0 / Custom URL (not supported)."),
 	transportSupport: z.array(claudeTransportSchema).describe(`Select all transport protocols your server supports:
 • 'Streamable HTTP' — the modern, recommended transport. Anthropic strongly recommends implementing this. This is the future-proof option and should be your default.
 • 'SSE (Server-Sent Events)' — the older transport. SSE may be deprecated by Anthropic later in 2025/2026. If you currently only support SSE, you should plan to migrate to Streamable HTTP.
@@ -555,6 +1114,7 @@ Reviewers test every single tool you list here — don't list tools that don't w
 • 'I've specified user-friendly titles for all tools' — every tool has a 'title' annotation (a human-readable label, different from the tool name).
 • 'I've specified accurate tool annotations for all tools' — every tool has the correct annotation: readOnlyHint: true for read operations (search, get, list, fetch), OR destructiveHint: true for write operations (create, update, delete, send).
 This is the #1 reason submissions get rejected (30% of all rejections). Do not check these boxes without actually having implemented the annotations. See MCP spec for how to add them.`),
+	testedSurfaces: z.array(claudeTestedSurfaceSchema).describe(`Confirm testing is complete and your server works as intended in these surfaces. Select every surface you've verified. Claude.ai (web) and Claude Desktop are the usual targets for remote MCP servers; Claude Code and Cowork compatibility is not required. Anthropic requires at least two surfaces.`),
 	logoLight: z.string().describe(`Your connector's logo for light backgrounds. Requirements:
 • Format: SVG only
 • Aspect ratio: square (1:1)
@@ -581,14 +1141,20 @@ claudeSubmissionFormDataSchema.pick({
 	isMcpApp: true,
 	transportSupport: true,
 	primaryContactEmail: true,
-	primaryContactName: true
+	primaryContactName: true,
+	authentication: true,
+	personalDataHealthAccess: true,
+	testedSurfaces: true
+}).extend({
+	connectionRequirements: claudeSubmissionFormDataSchema.shape.connectionRequirements.optional(),
+	testingCredentials: claudeSubmissionFormDataSchema.shape.testingCredentials.optional()
 });
 claudeSubmissionFormDataSchema.pick({
 	tagline: true,
 	description: true,
-	categories: true,
+	category: true,
 	testCases: true
-});
+}).extend({ tagline: clampStringField(claudeSubmissionFormDataSchema.shape.tagline) });
 const submissionMetaFieldsSchema = z.object({
 	id: z.string(),
 	environmentId: z.string(),
@@ -767,7 +1333,7 @@ const createEnvironmentContractV1 = oc.route({
 	id: z.string(),
 	name: z.string(),
 	sourceBranch: z.string().nullable().describe("The branch used to build the environment"),
-	urls: z.array(z.string().url()).describe("The URLs of the MCP server"),
+	urls: z.array(z.url()).describe("The URLs of the MCP server"),
 	createdAt: z.coerce.date(),
 	projectId: z.string().describe("The ID of the project the environment belongs to")
 }));
@@ -843,6 +1409,9 @@ const listProjectsContractV1 = oc.route({
 	description: "List all projects for a team",
 	tags: ["projects"],
 	successDescription: "The list of projects"
+}).errors({
+	NOT_FOUND: {},
+	BAD_REQUEST: {}
 }).input(z.object({ teamId: z.string().optional() }).optional()).output(z.array(projectOutputSchema));
 const createProjectContractV1 = oc.route({
 	path: "/v1/projects",
@@ -938,7 +1507,10 @@ const deleteEnvironmentVariableContractV1 = oc.route({
 	description: "Delete an environment variable by ID",
 	tags: ["environments"],
 	successDescription: "The environment variable has been deleted successfully"
-}).errors({ NOT_FOUND: {} }).input(z.object({ environmentVariableId: z.string().describe("The ID of the environment variable") })).output(z.object({ success: z.literal(true) }));
+}).errors({
+	NOT_FOUND: {},
+	BAD_REQUEST: {}
+}).input(z.object({ environmentVariableId: z.string().describe("The ID of the environment variable") })).output(z.object({ success: z.literal(true) }));
 const deleteProjectContractV1 = oc.route({
 	path: "/v1/projects/{projectId}",
 	method: "DELETE",
@@ -983,6 +1555,9 @@ const uploadDeploymentArtifactContractV1 = oc.route({
 	description: "Return a presigned S3 URL to upload a deployment artifact",
 	tags: ["deployments"],
 	successDescription: "The presigned upload URL has been generated successfully"
+}).errors({
+	NOT_FOUND: {},
+	BAD_REQUEST: {}
 }).input(z.object({ teamId: z.string().optional() }).optional()).output(z.object({
 	uploadUrl: z.url().describe("Presigned S3 URL to upload the source archive with HTTP PUT"),
 	token: z.string().describe("Token to identify the source archive"),
@@ -1156,7 +1731,7 @@ const getTunnelTicketContractV1 = oc.route({
 	description: "Get a signed ticket for establishing a tunnel connection. Requires user authentication (API keys are not supported).",
 	tags: ["tunnels"],
 	successDescription: "The tunnel ticket"
-}).output(z.object({
+}).errors({ FORBIDDEN: {} }).output(z.object({
 	subdomain: z.string().describe("The subdomain assigned to the user"),
 	ticket: z.string().describe("The signed tunnel ticket"),
 	tunnelHost: z.string().describe("The tunnel host to connect to")
@@ -1232,7 +1807,7 @@ const upsertPlaygroundContractV1 = oc.route({
 	name: z.string().min(1).max(100).optional(),
 	description: z.string().min(1).max(500).optional(),
 	headers: z.array(playgroundHeaderSchema).optional(),
-	examplePrompts: z.array(playgroundExamplePromptSchema).max(3).optional()
+	examplePrompts: z.array(playgroundExamplePromptSchema).max(5).optional()
 })).output(playgroundOutputSchema);
 const createBeaconContractV1 = oc.route({
 	path: "/v1/beacon/audits",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@alpic-ai/api",
-  "version": "0.0.0-staging.g1c7818f",
+  "version": "0.0.0-staging.g1d699ea",
   "description": "Contract for the Alpic API",
   "type": "module",
   "main": "./dist/index.mjs",
@@ -17,19 +17,19 @@
   "author": "Alpic",
   "license": "ISC",
   "dependencies": {
-    "@orpc/contract": "^1.14.3",
+    "@orpc/contract": "^1.14.4",
     "ms": "^2.1.3",
     "zod": "^4.4.3"
   },
   "devDependencies": {
-    "@orpc/openapi": "^1.14.3",
-    "@orpc/zod": "^1.14.3",
+    "@orpc/openapi": "^1.14.4",
+    "@orpc/zod": "^1.14.4",
     "@total-typescript/tsconfig": "^1.0.4",
     "@types/ms": "^2.1.0",
     "shx": "^0.4.0",
-    "tsdown": "^0.22.0",
+    "tsdown": "^0.22.1",
     "typescript": "^6.0.3",
-    "vitest": "^4.1.6",
+    "vitest": "^4.1.8",
     "@alpic-ai/domains": "0.0.0"
   },
   "scripts": {