@aouda/client 0.0.2 → 0.1.0

package/dist/{client-otKeBYQG.d.cts → client-Dttx8D7c.d.cts}

@@ -923,6 +923,23 @@ interface DatabaseInfo {
     state: string;
     createdAt: string;
     options: DatabaseOptionsInfo;
+    /**
+     * True if this is an Aouda-owned infrastructure database (e.g. `_serverauth`, `_settings`).
+     * Internal databases are hidden from the default catalog list.
+     * Clients should not use internal databases as data-explorer targets.
+     */
+    isInternal: boolean;
+    /**
+     * True if this database contains auth system tables (_users, _roles, etc.).
+     * Application auth databases have isInternal=false and remain in the default list.
+     */
+    isAuthDatabase: boolean;
+    /**
+     * Auth database classification: "none" | "server" | "application".
+     * "server" databases are managed via /api/auth/admin/... (never in data explorer).
+     * "application" databases are end-user auth stores browsable via the data explorer.
+     */
+    authDatabaseKind: "none" | "server" | "application";
 }
 /**
  * Options when creating a database (camelCase, matches server request).
@@ -2008,7 +2025,7 @@ declare class AdminApi {
  * Two-layer auth model: clients connect via API key (Layer 1); user sign-in is performed
  * explicitly via AuthClient.signIn() (Layer 2). There is no auto-authentication on first request.
  *
- * All auth endpoint calls use direct globalThis.fetch to avoid
+ * All auth endpoint calls use direct fetch (with LNA hints) to avoid
  * circular refresh through the transport pipeline.
  *
  * @internal
@@ -2927,12 +2944,19 @@ declare class DatabasesApi {
     private readonly transport;
     constructor(transport: Transport);
     /**
-     * Lists all databases on the server.
+     * Lists databases on the server.
      * GET /api/databases
      *
-     * @returns Array of database info (name, state, createdAt, options).
+     * By default only operator-facing databases (isInternal === false) are returned.
+     * Pass `{ includeInternal: true }` to receive the full catalog including internal
+     * infrastructure databases such as `_serverauth` and `_settings`.
+     *
+     * @param options.includeInternal - When true, appends `?include=internal` to the request.
+     * @returns Array of database info.
      */
-    list(): Promise<DatabaseInfo[]>;
+    list(options?: {
+        includeInternal?: boolean;
+    }): Promise<DatabaseInfo[]>;
     /**
      * Creates a new database.
      * POST /api/databases

package/dist/{client-otKeBYQG.d.ts → client-Dttx8D7c.d.ts}

@@ -923,6 +923,23 @@ interface DatabaseInfo {
     state: string;
     createdAt: string;
     options: DatabaseOptionsInfo;
+    /**
+     * True if this is an Aouda-owned infrastructure database (e.g. `_serverauth`, `_settings`).
+     * Internal databases are hidden from the default catalog list.
+     * Clients should not use internal databases as data-explorer targets.
+     */
+    isInternal: boolean;
+    /**
+     * True if this database contains auth system tables (_users, _roles, etc.).
+     * Application auth databases have isInternal=false and remain in the default list.
+     */
+    isAuthDatabase: boolean;
+    /**
+     * Auth database classification: "none" | "server" | "application".
+     * "server" databases are managed via /api/auth/admin/... (never in data explorer).
+     * "application" databases are end-user auth stores browsable via the data explorer.
+     */
+    authDatabaseKind: "none" | "server" | "application";
 }
 /**
  * Options when creating a database (camelCase, matches server request).
@@ -2008,7 +2025,7 @@ declare class AdminApi {
  * Two-layer auth model: clients connect via API key (Layer 1); user sign-in is performed
  * explicitly via AuthClient.signIn() (Layer 2). There is no auto-authentication on first request.
  *
- * All auth endpoint calls use direct globalThis.fetch to avoid
+ * All auth endpoint calls use direct fetch (with LNA hints) to avoid
  * circular refresh through the transport pipeline.
  *
  * @internal
@@ -2927,12 +2944,19 @@ declare class DatabasesApi {
     private readonly transport;
     constructor(transport: Transport);
     /**
-     * Lists all databases on the server.
+     * Lists databases on the server.
      * GET /api/databases
      *
-     * @returns Array of database info (name, state, createdAt, options).
+     * By default only operator-facing databases (isInternal === false) are returned.
+     * Pass `{ includeInternal: true }` to receive the full catalog including internal
+     * infrastructure databases such as `_serverauth` and `_settings`.
+     *
+     * @param options.includeInternal - When true, appends `?include=internal` to the request.
+     * @returns Array of database info.
      */
-    list(): Promise<DatabaseInfo[]>;
+    list(options?: {
+        includeInternal?: boolean;
+    }): Promise<DatabaseInfo[]>;
     /**
      * Creates a new database.
      * POST /api/databases

package/dist/index.cjs

@@ -65,13 +65,85 @@ __export(index_exports, {
   TableQuery: () => TableQuery,
   TablesApi: () => TablesApi,
   WhereGroupBuilder: () => WhereGroupBuilder,
+  applyLocalNetworkAccess: () => applyLocalNetworkAccess,
   coerceColumnarValue: () => coerceColumnarValue,
   createAoudaClient: () => createAoudaClient,
   createAoudaClusterMcpToolSet: () => createAoudaClusterMcpToolSet,
+  installLocalNetworkFetch: () => installLocalNetworkFetch,
+  localNetworkFetch: () => localNetworkFetch,
+  resolveTargetAddressSpace: () => resolveTargetAddressSpace,
   version: () => version
 });
 module.exports = __toCommonJS(index_exports);
 
+// package.json
+var package_default = {
+  name: "@aouda/client",
+  version: "0.1.0",
+  description: "Official TypeScript/JavaScript client library for Aouda",
+  type: "module",
+  main: "./dist/index.cjs",
+  module: "./dist/index.js",
+  types: "./dist/index.d.ts",
+  bin: "./dist/cli/index.js",
+  exports: {
+    ".": {
+      types: "./dist/index.d.ts",
+      import: "./dist/index.js",
+      require: "./dist/index.cjs"
+    }
+  },
+  license: "MIT",
+  repository: {
+    type: "git",
+    url: "https://github.com/aoudadb/aouda-client-ts.git"
+  },
+  publishConfig: {
+    access: "public"
+  },
+  files: [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  scripts: {
+    changeset: "changeset",
+    "version-packages": "changeset version",
+    release: "changeset publish",
+    prepublishOnly: "npm run build",
+    build: "tsup",
+    dev: "tsup --watch",
+    test: "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    lint: "eslint src tests",
+    "lint:fix": "eslint src tests --fix",
+    format: 'prettier --write "src/**/*.ts" "tests/**/*.ts"',
+    typecheck: "tsc --noEmit && tsc -p tsconfig.typecheck.json --noEmit",
+    "generate-types": "node dist/cli/index.js generate --server http://localhost:5000 --output ./types/schema.ts"
+  },
+  engines: {
+    node: ">=20"
+  },
+  devDependencies: {
+    "@changesets/cli": "^2.29.8",
+    "@eslint/js": "^9.15.0",
+    "@types/node": "^25.2.1",
+    "@types/ws": "^8.18.1",
+    eslint: "^9.15.0",
+    "eslint-config-prettier": "^9.1.0",
+    prettier: "^3.3.3",
+    tsup: "^8.3.5",
+    typescript: "^5.6.3",
+    "typescript-eslint": "^8.15.0",
+    vitest: "^2.1.4"
+  },
+  dependencies: {
+    "@msgpack/msgpack": "^3.1.3",
+    ws: "^8.20.0"
+  }
+};
+
 // src/types.ts
 var RetryPolicy;
 ((RetryPolicy2) => {
@@ -188,6 +260,70 @@ var AoudaCircuitBreakerOpenError = class extends AoudaError {
   }
 };
 
+// src/local-network-fetch.ts
+function resolveTargetAddressSpace(url) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    return void 0;
+  }
+  const hostname = parsed.hostname.replace(/^\[|\]$/g, "").toLowerCase();
+  if (hostname === "localhost" || hostname === "::1") {
+    return "loopback";
+  }
+  const ipv4 = hostname.match(/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
+  if (ipv4) {
+    const [first, second] = [Number(ipv4[1]), Number(ipv4[2])];
+    if (first === 127) return "loopback";
+    if (first === 10) return "local";
+    if (first === 172 && second >= 16 && second <= 31) return "local";
+    if (first === 192 && second === 168) return "local";
+    if (first === 169 && second === 254) return "local";
+  }
+  if (hostname.endsWith(".local")) {
+    return "local";
+  }
+  return void 0;
+}
+function applyLocalNetworkAccess(url, init) {
+  const space = resolveTargetAddressSpace(url);
+  if (!space) {
+    return init ?? {};
+  }
+  return { ...init, targetAddressSpace: space };
+}
+function resolveFetchUrl(input) {
+  if (typeof input === "string") {
+    return input;
+  }
+  if (input instanceof URL) {
+    return input.href;
+  }
+  return input.url;
+}
+function localNetworkFetch(input, init) {
+  const url = resolveFetchUrl(input);
+  const merged = applyLocalNetworkAccess(url, init);
+  return globalThis.fetch(input, merged);
+}
+var installed = false;
+function installLocalNetworkFetch() {
+  if (installed || typeof globalThis.window === "undefined") {
+    return;
+  }
+  installed = true;
+  const nativeFetch = globalThis.fetch.bind(globalThis);
+  globalThis.fetch = (input, init) => {
+    const url = resolveFetchUrl(input);
+    const space = resolveTargetAddressSpace(url);
+    if (!space) {
+      return nativeFetch(input, init);
+    }
+    return nativeFetch(input, applyLocalNetworkAccess(url, init));
+  };
+}
+
 // src/auth/auth-handler.ts
 var DEFAULT_REFRESH_THRESHOLD_MS = 12e4;
 var CONTENT_TYPE_JSON = "application/json";
@@ -378,7 +514,7 @@ var AuthHandler = class {
       headers["Authorization"] = `Bearer ${this._accessToken}`;
     }
     try {
-      await globalThis.fetch(url, {
+      await localNetworkFetch(url, {
         method: "POST",
         headers,
         signal: AbortSignal.timeout(this._timeout)
@@ -411,7 +547,7 @@ var AuthHandler = class {
     if (token) {
       headers["Authorization"] = `Bearer ${token}`;
     }
-    const response = await globalThis.fetch(url, {
+    const response = await localNetworkFetch(url, {
       method: "GET",
       headers,
       signal: AbortSignal.timeout(this._timeout)
@@ -438,7 +574,7 @@ var AuthHandler = class {
     if (token) {
       headers["Authorization"] = `Bearer ${token}`;
     }
-    const response = await globalThis.fetch(url, {
+    const response = await localNetworkFetch(url, {
       method: "PUT",
       headers,
       body: JSON.stringify({ currentPassword, newPassword }),
@@ -478,7 +614,7 @@ var AuthHandler = class {
     if (this._accessToken) {
       headers["Authorization"] = `Bearer ${this._accessToken}`;
     }
-    return globalThis.fetch(url, {
+    return localNetworkFetch(url, {
       method,
       headers,
       body: JSON.stringify(body),
@@ -831,7 +967,7 @@ var AuthClient = class {
     if (token) {
       headers["Authorization"] = `Bearer ${token}`;
     }
-    const response = await globalThis.fetch(endpoint, {
+    const response = await localNetworkFetch(endpoint, {
       method,
       headers,
       body: body !== void 0 && method !== "GET" && method !== "DELETE" ? JSON.stringify(body) : void 0,
@@ -1154,7 +1290,7 @@ var HttpTransport = class {
       init.body = JSON.stringify(config.body);
     }
     try {
-      const response = await fetch(url, init);
+      const response = await localNetworkFetch(url, init);
       if (!response.ok) {
         const text = await response.text();
         if (config.allowStatuses?.includes(response.status) && text) {
@@ -1268,7 +1404,7 @@ var HttpTransport = class {
       init.body = JSON.stringify(config.body);
     }
     try {
-      const response = await fetch(url, init);
+      const response = await localNetworkFetch(url, init);
       if (response.ok || config.allowStatuses?.includes(response.status)) {
         return response;
       }
@@ -3505,13 +3641,19 @@ var DatabasesApi = class {
     this.transport = transport;
   }
   /**
-   * Lists all databases on the server.
+   * Lists databases on the server.
    * GET /api/databases
    *
-   * @returns Array of database info (name, state, createdAt, options).
+   * By default only operator-facing databases (isInternal === false) are returned.
+   * Pass `{ includeInternal: true }` to receive the full catalog including internal
+   * infrastructure databases such as `_serverauth` and `_settings`.
+   *
+   * @param options.includeInternal - When true, appends `?include=internal` to the request.
+   * @returns Array of database info.
    */
-  async list() {
-    const response = await this.transport.get("/api/databases");
+  async list(options) {
+    const path = options?.includeInternal ? "/api/databases?include=internal" : "/api/databases";
+    const response = await this.transport.get(path);
     return response.databases;
   }
   /**
@@ -4670,7 +4812,7 @@ var LongPollTransport = class {
     this._authHandler = options.authHandler;
     this._onReconnected = options.onReconnected;
     this._waitMs = Math.max(1, options.waitMs ?? DEFAULT_WAIT_MS);
-    this._fetch = options.fetchImpl ?? fetch;
+    this._fetch = options.fetchImpl ?? localNetworkFetch;
   }
   get lastVersion() {
     return this._lastVersion;
@@ -5563,7 +5705,7 @@ function createAoudaClusterMcpToolSet(client) {
 }
 
 // src/index.ts
-var version = "0.0.2";
+var version = package_default.version;
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AOUDA_DATA_TYPES,
@@ -5601,9 +5743,13 @@ var version = "0.0.2";
   TableQuery,
   TablesApi,
   WhereGroupBuilder,
+  applyLocalNetworkAccess,
   coerceColumnarValue,
   createAoudaClient,
   createAoudaClusterMcpToolSet,
+  installLocalNetworkFetch,
+  localNetworkFetch,
+  resolveTargetAddressSpace,
   version
 });
 //# sourceMappingURL=index.cjs.map