npm - @authhero/drizzle - Versions diffs - 0.44.0 → 0.44.1 - Mend

@authhero/drizzle 0.44.0 → 0.44.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/drizzle-adapter.cjs +2 -2
package/dist/drizzle-adapter.mjs +287 -268
package/drizzle/0000_watery_loners.sql +1 -0
package/drizzle/meta/0000_snapshot.json +7 -0
package/package.json +2 -2
package/src/schema/sqlite/tenants.ts +1 -0

package/dist/drizzle-adapter.mjs CHANGED Viewed

@@ -148,9 +148,9 @@ class ba {
   }
 }
 y(ba, Pi, "ColumnBuilder");
-const bt = Symbol.for("drizzle:Name"), Si = Symbol.for("drizzle:isPgEnum");
+const bt = Symbol.for("drizzle:Name"), Ni = Symbol.for("drizzle:isPgEnum");
 function Pr(n) {
-  return !!n && typeof n == "function" && Si in n && n[Si] === !0;
+  return !!n && typeof n == "function" && Ni in n && n[Ni] === !0;
 }
 var Mi;
 Mi = L;
@@ -575,7 +575,7 @@ function Te(n) {
 function on(n) {
   return I`${n} is not null`;
 }
-function Nt(n, e) {
+function St(n, e) {
   return I`${n} like ${e}`;
 }
 function ge(n) {
@@ -759,8 +759,8 @@ class Ra extends (wo = ze, vo = L, wo) {
   }
 }
 y(Ra, vo, "SQLiteBlobBufferBuilder");
-var No, So;
-class Ua extends (So = Fe, No = L, So) {
+var So, No;
+class Ua extends (No = Fe, So = L, No) {
   mapFromDriverValue(e) {
     return Buffer.isBuffer(e) ? e : Buffer.from(e);
   }
@@ -768,7 +768,7 @@ class Ua extends (So = Fe, No = L, So) {
     return "blob";
   }
 }
-y(Ua, No, "SQLiteBlobBuffer");
+y(Ua, So, "SQLiteBlobBuffer");
 function Kr(n, e) {
   const { name: t, config: i } = Qt(n, e);
   return (i == null ? void 0 : i.mode) === "json" ? new Da(t) : (i == null ? void 0 : i.mode) === "bigint" ? new Ia(t) : new Ra(t);
@@ -1175,8 +1175,8 @@ function ht(n) {
 function Ae(...n) {
   return n[0].columns ? new Jn(n[0].columns, n[0].name) : new Jn(n);
 }
-var Na;
-Na = L;
+var Sa;
+Sa = L;
 class Jn {
   constructor(e, t) {
     /** @internal */
@@ -1190,9 +1190,9 @@ class Jn {
     return new or(e, this.columns, this.name);
   }
 }
-y(Jn, Na, "SQLitePrimaryKeyBuilder");
-var Sa;
-Sa = L;
+y(Jn, Sa, "SQLitePrimaryKeyBuilder");
+var Na;
+Na = L;
 class or {
   constructor(e, t, i) {
     y(this, "columns");
@@ -1203,7 +1203,7 @@ class or {
     return this.name ?? `${this.table[Rt.Symbol.Name]}_${this.columns.map((e) => e.name).join("_")}_pk`;
   }
 }
-y(or, Sa, "SQLitePrimaryKey");
+y(or, Na, "SQLitePrimaryKey");
 const B = $("tenants", {
   id: s("id", { length: 191 }).primaryKey(),
   name: s("name", { length: 255 }),
@@ -1224,6 +1224,7 @@ const B = $("tenants", {
   ephemeral_session_lifetime: w("ephemeral_session_lifetime"),
   idle_ephemeral_session_lifetime: w("idle_ephemeral_session_lifetime"),
   default_redirection_uri: s("default_redirection_uri"),
+  default_client_id: s("default_client_id", { length: 255 }),
   enabled_locales: s("enabled_locales"),
   default_directory: s("default_directory", { length: 255 }),
   error_page: s("error_page"),
@@ -2139,7 +2140,7 @@ const B = $("tenants", {
     () => pe.id,
     { onDelete: "cascade" }
   )
-}), Ne = $(
+}), Se = $(
   "custom_text",
   {
     tenant_id: s("tenant_id", { length: 191 }).notNull().references(() => B.id, { onDelete: "cascade" }),
@@ -2266,7 +2267,7 @@ const B = $("tenants", {
   codes: re,
   connections: pe,
   customDomains: Oe,
-  customText: Ne,
+  customText: Se,
   domains: ns,
   emailProviders: ot,
   flows: xe,
@@ -2533,7 +2534,7 @@ function Ve(n, e, t) {
     } else if (p) {
       const te = (p.includes("|") ? [...t, "user_id"] : t).map((ie) => {
         const oe = n[ie];
-        return oe ? ie === "user_id" ? c(oe, p) : Nt(oe, `%${p}%`) : null;
+        return oe ? ie === "user_id" ? c(oe, p) : St(oe, `%${p}%`) : null;
       }).filter(Boolean);
       te.length > 0 && u.push(Ue(...te));
     }
@@ -2946,11 +2947,11 @@ function ms(n) {
     if (gs(this, "ZodObject")) {
       const ut = this.extend;
       We.extend = function(...wn) {
-        var Nn, Sn, bn, En, xn, kn, On;
+        var Sn, Nn, bn, En, xn, kn, On;
         const Tn = ut.apply(this, wn);
         return Tn._def.openapi = {
           _internal: {
-            extendedFrom: !((Sn = (Nn = this._def.openapi) === null || Nn === void 0 ? void 0 : Nn._internal) === null || Sn === void 0) && Sn.refId ? { refId: (En = (bn = this._def.openapi) === null || bn === void 0 ? void 0 : bn._internal) === null || En === void 0 ? void 0 : En.refId, schema: this } : (kn = (xn = this._def.openapi) === null || xn === void 0 ? void 0 : xn._internal) === null || kn === void 0 ? void 0 : kn.extendedFrom
+            extendedFrom: !((Nn = (Sn = this._def.openapi) === null || Sn === void 0 ? void 0 : Sn._internal) === null || Nn === void 0) && Nn.refId ? { refId: (En = (bn = this._def.openapi) === null || bn === void 0 ? void 0 : bn._internal) === null || En === void 0 ? void 0 : En.refId, schema: this } : (kn = (xn = this._def.openapi) === null || xn === void 0 ? void 0 : xn._internal) === null || kn === void 0 ? void 0 : kn.extendedFrom
           },
           metadata: (On = Tn._def.openapi) === null || On === void 0 ? void 0 : On.metadata
         }, Tn;
@@ -3065,7 +3066,7 @@ const O = H.arrayToEnum([
     default:
       return O.unknown;
   }
-}, N = H.arrayToEnum([
+}, S = H.arrayToEnum([
   "invalid_type",
   "invalid_literal",
   "custom",
@@ -3150,52 +3151,52 @@ Ge.create = (n) => new Ge(n);
 const dn = (n, e) => {
   let t;
   switch (n.code) {
-    case N.invalid_type:
+    case S.invalid_type:
       n.received === O.undefined ? t = "Required" : t = `Expected ${n.expected}, received ${n.received}`;
       break;
-    case N.invalid_literal:
+    case S.invalid_literal:
       t = `Invalid literal value, expected ${JSON.stringify(n.expected, H.jsonStringifyReplacer)}`;
       break;
-    case N.unrecognized_keys:
+    case S.unrecognized_keys:
       t = `Unrecognized key(s) in object: ${H.joinValues(n.keys, ", ")}`;
       break;
-    case N.invalid_union:
+    case S.invalid_union:
       t = "Invalid input";
       break;
-    case N.invalid_union_discriminator:
+    case S.invalid_union_discriminator:
       t = `Invalid discriminator value. Expected ${H.joinValues(n.options)}`;
       break;
-    case N.invalid_enum_value:
+    case S.invalid_enum_value:
       t = `Invalid enum value. Expected ${H.joinValues(n.options)}, received '${n.received}'`;
       break;
-    case N.invalid_arguments:
+    case S.invalid_arguments:
       t = "Invalid function arguments";
       break;
-    case N.invalid_return_type:
+    case S.invalid_return_type:
       t = "Invalid function return type";
       break;
-    case N.invalid_date:
+    case S.invalid_date:
       t = "Invalid date";
       break;
-    case N.invalid_string:
+    case S.invalid_string:
       typeof n.validation == "object" ? "includes" in n.validation ? (t = `Invalid input: must include "${n.validation.includes}"`, typeof n.validation.position == "number" && (t = `${t} at one or more positions greater than or equal to ${n.validation.position}`)) : "startsWith" in n.validation ? t = `Invalid input: must start with "${n.validation.startsWith}"` : "endsWith" in n.validation ? t = `Invalid input: must end with "${n.validation.endsWith}"` : H.assertNever(n.validation) : n.validation !== "regex" ? t = `Invalid ${n.validation}` : t = "Invalid";
       break;
-    case N.too_small:
+    case S.too_small:
       n.type === "array" ? t = `Array must contain ${n.exact ? "exactly" : n.inclusive ? "at least" : "more than"} ${n.minimum} element(s)` : n.type === "string" ? t = `String must contain ${n.exact ? "exactly" : n.inclusive ? "at least" : "over"} ${n.minimum} character(s)` : n.type === "number" ? t = `Number must be ${n.exact ? "exactly equal to " : n.inclusive ? "greater than or equal to " : "greater than "}${n.minimum}` : n.type === "bigint" ? t = `Number must be ${n.exact ? "exactly equal to " : n.inclusive ? "greater than or equal to " : "greater than "}${n.minimum}` : n.type === "date" ? t = `Date must be ${n.exact ? "exactly equal to " : n.inclusive ? "greater than or equal to " : "greater than "}${new Date(Number(n.minimum))}` : t = "Invalid input";
       break;
-    case N.too_big:
+    case S.too_big:
       n.type === "array" ? t = `Array must contain ${n.exact ? "exactly" : n.inclusive ? "at most" : "less than"} ${n.maximum} element(s)` : n.type === "string" ? t = `String must contain ${n.exact ? "exactly" : n.inclusive ? "at most" : "under"} ${n.maximum} character(s)` : n.type === "number" ? t = `Number must be ${n.exact ? "exactly" : n.inclusive ? "less than or equal to" : "less than"} ${n.maximum}` : n.type === "bigint" ? t = `BigInt must be ${n.exact ? "exactly" : n.inclusive ? "less than or equal to" : "less than"} ${n.maximum}` : n.type === "date" ? t = `Date must be ${n.exact ? "exactly" : n.inclusive ? "smaller than or equal to" : "smaller than"} ${new Date(Number(n.maximum))}` : t = "Invalid input";
       break;
-    case N.custom:
+    case S.custom:
       t = "Invalid input";
       break;
-    case N.invalid_intersection_types:
+    case S.invalid_intersection_types:
       t = "Intersection results could not be merged";
       break;
-    case N.not_multiple_of:
+    case S.not_multiple_of:
       t = `Number must be a multiple of ${n.multipleOf}`;
       break;
-    case N.not_finite:
+    case S.not_finite:
       t = "Number must be finite";
       break;
     default:
@@ -3289,7 +3290,7 @@ class ke {
 }
 const R = Object.freeze({
   status: "aborted"
-}), St = (n) => ({ status: "dirty", value: n }), De = (n) => ({ status: "valid", value: n }), Yn = (n) => n.status === "aborted", ei = (n) => n.status === "dirty", mt = (n) => n.status === "valid", Ut = (n) => typeof Promise < "u" && n instanceof Promise;
+}), Nt = (n) => ({ status: "dirty", value: n }), De = (n) => ({ status: "valid", value: n }), Yn = (n) => n.status === "aborted", ei = (n) => n.status === "dirty", mt = (n) => n.status === "valid", Ut = (n) => typeof Promise < "u" && n instanceof Promise;
 var C;
 (function(n) {
   n.errToObj = (e) => typeof e == "string" ? { message: e } : e || {}, n.toString = (e) => typeof e == "string" ? e : e == null ? void 0 : e.message;
@@ -3447,7 +3448,7 @@ class q {
     const i = (o) => typeof t == "string" || typeof t > "u" ? { message: t } : typeof t == "function" ? t(o) : t;
     return this._refinement((o, r) => {
       const l = e(o), d = () => r.addIssue({
-        code: N.custom,
+        code: S.custom,
         ...i(o)
       });
       return typeof Promise < "u" && l instanceof Promise ? l.then((u) => u ? !0 : (d(), !1)) : l ? !0 : (d(), !1);
@@ -3547,7 +3548,7 @@ class q {
     return this.safeParse(null).success;
   }
 }
-const vs = /^c[^\s-]{8,}$/i, ws = /^[0-9a-z]+$/, Ns = /^[0-9A-HJKMNP-TV-Z]{26}$/i, Ss = /^[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}$/i, bs = /^[a-z0-9_-]{21}$/i, Es = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/, xs = /^[-+]?P(?!$)(?:(?:[-+]?\d+Y)|(?:[-+]?\d+[.,]\d+Y$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:(?:[-+]?\d+W)|(?:[-+]?\d+[.,]\d+W$))?(?:(?:[-+]?\d+D)|(?:[-+]?\d+[.,]\d+D$))?(?:T(?=[\d+-])(?:(?:[-+]?\d+H)|(?:[-+]?\d+[.,]\d+H$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:[-+]?\d+(?:[.,]\d+)?S)?)??$/, ks = /^(?!\.)(?!.*\.\.)([A-Z0-9_'+\-\.]*)[A-Z0-9_+-]@([A-Z0-9][A-Z0-9\-]*\.)+[A-Z]{2,}$/i, Os = "^(\\p{Extended_Pictographic}|\\p{Emoji_Component})+$";
+const vs = /^c[^\s-]{8,}$/i, ws = /^[0-9a-z]+$/, Ss = /^[0-9A-HJKMNP-TV-Z]{26}$/i, Ns = /^[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}$/i, bs = /^[a-z0-9_-]{21}$/i, Es = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/, xs = /^[-+]?P(?!$)(?:(?:[-+]?\d+Y)|(?:[-+]?\d+[.,]\d+Y$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:(?:[-+]?\d+W)|(?:[-+]?\d+[.,]\d+W$))?(?:(?:[-+]?\d+D)|(?:[-+]?\d+[.,]\d+D$))?(?:T(?=[\d+-])(?:(?:[-+]?\d+H)|(?:[-+]?\d+[.,]\d+H$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:[-+]?\d+(?:[.,]\d+)?S)?)??$/, ks = /^(?!\.)(?!.*\.\.)([A-Z0-9_'+\-\.]*)[A-Z0-9_+-]@([A-Z0-9][A-Z0-9\-]*\.)+[A-Z]{2,}$/i, Os = "^(\\p{Extended_Pictographic}|\\p{Emoji_Component})+$";
 let Ln;
 const Ts = /^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])$/, As = /^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\/(3[0-2]|[12]?[0-9])$/, Is = /^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/, Cs = /^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/, Ds = /^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==)|([0-9a-zA-Z+/]{3}=))?$/, Ls = /^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/, dr = "((\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-((0[13578]|1[02])-(0[1-9]|[12]\\d|3[01])|(0[469]|11)-(0[1-9]|[12]\\d|30)|(02)-(0[1-9]|1\\d|2[0-8])))", Rs = new RegExp(`^${dr}$`);
 function cr(n) {
@@ -3588,7 +3589,7 @@ class He extends q {
     if (this._def.coerce && (e.data = String(e.data)), this._getType(e) !== O.string) {
       const r = this._getOrReturnCtx(e);
       return E(r, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.string,
         received: r.parsedType
       }), R;
@@ -3598,7 +3599,7 @@ class He extends q {
     for (const r of this._def.checks)
       if (r.kind === "min")
         e.data.length < r.value && (o = this._getOrReturnCtx(e, o), E(o, {
-          code: N.too_small,
+          code: S.too_small,
           minimum: r.value,
           type: "string",
           inclusive: !0,
@@ -3607,7 +3608,7 @@ class He extends q {
         }), i.dirty());
       else if (r.kind === "max")
         e.data.length > r.value && (o = this._getOrReturnCtx(e, o), E(o, {
-          code: N.too_big,
+          code: S.too_big,
           maximum: r.value,
           type: "string",
           inclusive: !0,
@@ -3617,14 +3618,14 @@ class He extends q {
       else if (r.kind === "length") {
         const l = e.data.length > r.value, d = e.data.length < r.value;
         (l || d) && (o = this._getOrReturnCtx(e, o), l ? E(o, {
-          code: N.too_big,
+          code: S.too_big,
           maximum: r.value,
           type: "string",
           inclusive: !0,
           exact: !0,
           message: r.message
         }) : d && E(o, {
-          code: N.too_small,
+          code: S.too_small,
           minimum: r.value,
           type: "string",
           inclusive: !0,
@@ -3634,43 +3635,43 @@ class He extends q {
       } else if (r.kind === "email")
         ks.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "email",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "emoji")
         Ln || (Ln = new RegExp(Os, "u")), Ln.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "emoji",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "uuid")
-        Ss.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
+        Ns.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "uuid",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "nanoid")
         bs.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "nanoid",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "cuid")
         vs.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "cuid",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "cuid2")
         ws.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "cuid2",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "ulid")
-        Ns.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
+        Ss.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
           validation: "ulid",
-          code: N.invalid_string,
+          code: S.invalid_string,
           message: r.message
         }), i.dirty());
       else if (r.kind === "url")
@@ -3679,61 +3680,61 @@ class He extends q {
         } catch {
           o = this._getOrReturnCtx(e, o), E(o, {
             validation: "url",
-            code: N.invalid_string,
+            code: S.invalid_string,
             message: r.message
           }), i.dirty();
         }
       else r.kind === "regex" ? (r.regex.lastIndex = 0, r.regex.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "regex",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty())) : r.kind === "trim" ? e.data = e.data.trim() : r.kind === "includes" ? e.data.includes(r.value, r.position) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: { includes: r.value, position: r.position },
         message: r.message
       }), i.dirty()) : r.kind === "toLowerCase" ? e.data = e.data.toLowerCase() : r.kind === "toUpperCase" ? e.data = e.data.toUpperCase() : r.kind === "startsWith" ? e.data.startsWith(r.value) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: { startsWith: r.value },
         message: r.message
       }), i.dirty()) : r.kind === "endsWith" ? e.data.endsWith(r.value) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: { endsWith: r.value },
         message: r.message
       }), i.dirty()) : r.kind === "datetime" ? _r(r).test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: "datetime",
         message: r.message
       }), i.dirty()) : r.kind === "date" ? Rs.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: "date",
         message: r.message
       }), i.dirty()) : r.kind === "time" ? Us(r).test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.invalid_string,
+        code: S.invalid_string,
         validation: "time",
         message: r.message
       }), i.dirty()) : r.kind === "duration" ? xs.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "duration",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : r.kind === "ip" ? zs(e.data, r.version) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "ip",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : r.kind === "jwt" ? Fs(e.data, r.alg) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "jwt",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : r.kind === "cidr" ? Ps(e.data, r.version) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "cidr",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : r.kind === "base64" ? Ds.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "base64",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : r.kind === "base64url" ? Ls.test(e.data) || (o = this._getOrReturnCtx(e, o), E(o, {
         validation: "base64url",
-        code: N.invalid_string,
+        code: S.invalid_string,
         message: r.message
       }), i.dirty()) : H.assertNever(r);
     return { status: i.value, value: e.data };
@@ -3741,7 +3742,7 @@ class He extends q {
   _regex(e, t, i) {
     return this.refinement((o) => e.test(o), {
       validation: t,
-      code: N.invalid_string,
+      code: S.invalid_string,
       ...C.errToObj(i)
     });
   }
@@ -3978,7 +3979,7 @@ class yt extends q {
     if (this._def.coerce && (e.data = Number(e.data)), this._getType(e) !== O.number) {
       const r = this._getOrReturnCtx(e);
       return E(r, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.number,
         received: r.parsedType
       }), R;
@@ -3987,30 +3988,30 @@ class yt extends q {
     const o = new ke();
     for (const r of this._def.checks)
       r.kind === "int" ? H.isInteger(e.data) || (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: "integer",
         received: "float",
         message: r.message
       }), o.dirty()) : r.kind === "min" ? (r.inclusive ? e.data < r.value : e.data <= r.value) && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.too_small,
+        code: S.too_small,
         minimum: r.value,
         type: "number",
         inclusive: r.inclusive,
         exact: !1,
         message: r.message
       }), o.dirty()) : r.kind === "max" ? (r.inclusive ? e.data > r.value : e.data >= r.value) && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.too_big,
+        code: S.too_big,
         maximum: r.value,
         type: "number",
         inclusive: r.inclusive,
         exact: !1,
         message: r.message
       }), o.dirty()) : r.kind === "multipleOf" ? Ms(e.data, r.value) !== 0 && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.not_multiple_of,
+        code: S.not_multiple_of,
         multipleOf: r.value,
         message: r.message
       }), o.dirty()) : r.kind === "finite" ? Number.isFinite(e.data) || (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.not_finite,
+        code: S.not_finite,
         message: r.message
       }), o.dirty()) : H.assertNever(r);
     return { status: o.value, value: e.data };
@@ -4159,19 +4160,19 @@ class Et extends q {
     const o = new ke();
     for (const r of this._def.checks)
       r.kind === "min" ? (r.inclusive ? e.data < r.value : e.data <= r.value) && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.too_small,
+        code: S.too_small,
         type: "bigint",
         minimum: r.value,
         inclusive: r.inclusive,
         message: r.message
       }), o.dirty()) : r.kind === "max" ? (r.inclusive ? e.data > r.value : e.data >= r.value) && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.too_big,
+        code: S.too_big,
         type: "bigint",
         maximum: r.value,
         inclusive: r.inclusive,
         message: r.message
       }), o.dirty()) : r.kind === "multipleOf" ? e.data % r.value !== BigInt(0) && (i = this._getOrReturnCtx(e, i), E(i, {
-        code: N.not_multiple_of,
+        code: S.not_multiple_of,
         multipleOf: r.value,
         message: r.message
       }), o.dirty()) : H.assertNever(r);
@@ -4180,7 +4181,7 @@ class Et extends q {
   _getInvalidInput(e) {
     const t = this._getOrReturnCtx(e);
     return E(t, {
-      code: N.invalid_type,
+      code: S.invalid_type,
       expected: O.bigint,
       received: t.parsedType
     }), R;
@@ -4280,7 +4281,7 @@ class cn extends q {
     if (this._def.coerce && (e.data = !!e.data), this._getType(e) !== O.boolean) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.boolean,
         received: i.parsedType
       }), R;
@@ -4298,7 +4299,7 @@ class zt extends q {
     if (this._def.coerce && (e.data = new Date(e.data)), this._getType(e) !== O.date) {
       const r = this._getOrReturnCtx(e);
       return E(r, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.date,
         received: r.parsedType
       }), R;
@@ -4306,21 +4307,21 @@ class zt extends q {
     if (Number.isNaN(e.data.getTime())) {
       const r = this._getOrReturnCtx(e);
       return E(r, {
-        code: N.invalid_date
+        code: S.invalid_date
       }), R;
     }
     const i = new ke();
     let o;
     for (const r of this._def.checks)
       r.kind === "min" ? e.data.getTime() < r.value && (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.too_small,
+        code: S.too_small,
         message: r.message,
         inclusive: !0,
         exact: !1,
         minimum: r.value,
         type: "date"
       }), i.dirty()) : r.kind === "max" ? e.data.getTime() > r.value && (o = this._getOrReturnCtx(e, o), E(o, {
-        code: N.too_big,
+        code: S.too_big,
         message: r.message,
         inclusive: !0,
         exact: !1,
@@ -4376,7 +4377,7 @@ class ti extends q {
     if (this._getType(e) !== O.symbol) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.symbol,
         received: i.parsedType
       }), R;
@@ -4393,7 +4394,7 @@ class _n extends q {
     if (this._getType(e) !== O.undefined) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.undefined,
         received: i.parsedType
       }), R;
@@ -4410,7 +4411,7 @@ class un extends q {
     if (this._getType(e) !== O.null) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.null,
         received: i.parsedType
       }), R;
@@ -4450,7 +4451,7 @@ class nt extends q {
   _parse(e) {
     const t = this._getOrReturnCtx(e);
     return E(t, {
-      code: N.invalid_type,
+      code: S.invalid_type,
       expected: O.never,
       received: t.parsedType
     }), R;
@@ -4465,7 +4466,7 @@ class ni extends q {
     if (this._getType(e) !== O.undefined) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.void,
         received: i.parsedType
       }), R;
@@ -4482,14 +4483,14 @@ class je extends q {
     const { ctx: t, status: i } = this._processInputParams(e), o = this._def;
     if (t.parsedType !== O.array)
       return E(t, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.array,
         received: t.parsedType
       }), R;
     if (o.exactLength !== null) {
       const l = t.data.length > o.exactLength.value, d = t.data.length < o.exactLength.value;
       (l || d) && (E(t, {
-        code: l ? N.too_big : N.too_small,
+        code: l ? S.too_big : S.too_small,
         minimum: d ? o.exactLength.value : void 0,
         maximum: l ? o.exactLength.value : void 0,
         type: "array",
@@ -4499,14 +4500,14 @@ class je extends q {
       }), i.dirty());
     }
     if (o.minLength !== null && t.data.length < o.minLength.value && (E(t, {
-      code: N.too_small,
+      code: S.too_small,
       minimum: o.minLength.value,
       type: "array",
       inclusive: !0,
       exact: !1,
       message: o.minLength.message
     }), i.dirty()), o.maxLength !== null && t.data.length > o.maxLength.value && (E(t, {
-      code: N.too_big,
+      code: S.too_big,
       maximum: o.maxLength.value,
       type: "array",
       inclusive: !0,
@@ -4580,7 +4581,7 @@ class le extends q {
     if (this._getType(e) !== O.object) {
       const f = this._getOrReturnCtx(e);
       return E(f, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.object,
         received: f.parsedType
       }), R;
@@ -4608,7 +4609,7 @@ class le extends q {
           });
       else if (f === "strict")
         d.length > 0 && (E(o, {
-          code: N.unrecognized_keys,
+          code: S.unrecognized_keys,
           keys: d
         }), i.dirty());
       else if (f !== "strip") throw new Error("Internal ZodObject error: invalid unknownKeys value.");
@@ -4866,7 +4867,7 @@ class Pt extends q {
           return t.common.issues.push(...d.ctx.common.issues), d.result;
       const l = r.map((d) => new Ge(d.ctx.common.issues));
       return E(t, {
-        code: N.invalid_union,
+        code: S.invalid_union,
         unionErrors: l
       }), R;
     }
@@ -4913,7 +4914,7 @@ class Pt extends q {
         return t.common.issues.push(...r.ctx.common.issues), r.result;
       const d = l.map((u) => new Ge(u));
       return E(t, {
-        code: N.invalid_union,
+        code: S.invalid_union,
         unionErrors: d
       }), R;
     }
@@ -4933,7 +4934,7 @@ class mn extends q {
     const { ctx: t } = this._processInputParams(e);
     if (t.parsedType !== O.object)
       return E(t, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.object,
         received: t.parsedType
       }), R;
@@ -4947,7 +4948,7 @@ class mn extends q {
       path: t.path,
       parent: t
     }) : (E(t, {
-      code: N.invalid_union_discriminator,
+      code: S.invalid_union_discriminator,
       options: Array.from(this.optionsMap.keys()),
       path: [i]
     }), R);
@@ -5023,7 +5024,7 @@ class Mt extends q {
         return R;
       const d = ii(r.value, l.value);
       return d.valid ? ((ei(r) || ei(l)) && t.dirty(), { status: t.value, value: d.data }) : (E(i, {
-        code: N.invalid_intersection_types
+        code: S.invalid_intersection_types
       }), R);
     };
     return i.common.async ? Promise.all([
@@ -5059,20 +5060,20 @@ class st extends q {
     const { status: t, ctx: i } = this._processInputParams(e);
     if (i.parsedType !== O.array)
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.array,
         received: i.parsedType
       }), R;
     if (i.data.length < this._def.items.length)
       return E(i, {
-        code: N.too_small,
+        code: S.too_small,
         minimum: this._def.items.length,
         inclusive: !0,
         exact: !1,
         type: "array"
       }), R;
     !this._def.rest && i.data.length > this._def.items.length && (E(i, {
-      code: N.too_big,
+      code: S.too_big,
       maximum: this._def.items.length,
       inclusive: !0,
       exact: !1,
@@ -5115,7 +5116,7 @@ class qt extends q {
     const { status: t, ctx: i } = this._processInputParams(e);
     if (i.parsedType !== O.object)
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.object,
         received: i.parsedType
       }), R;
@@ -5156,7 +5157,7 @@ class oi extends q {
     const { status: t, ctx: i } = this._processInputParams(e);
     if (i.parsedType !== O.map)
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.map,
         received: i.parsedType
       }), R;
@@ -5198,20 +5199,20 @@ class xt extends q {
     const { status: t, ctx: i } = this._processInputParams(e);
     if (i.parsedType !== O.set)
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.set,
         received: i.parsedType
       }), R;
     const o = this._def;
     o.minSize !== null && i.data.size < o.minSize.value && (E(i, {
-      code: N.too_small,
+      code: S.too_small,
       minimum: o.minSize.value,
       type: "set",
       inclusive: !0,
       exact: !1,
       message: o.minSize.message
     }), t.dirty()), o.maxSize !== null && i.data.size > o.maxSize.value && (E(i, {
-      code: N.too_big,
+      code: S.too_big,
       maximum: o.maxSize.value,
       type: "set",
       inclusive: !0,
@@ -5277,7 +5278,7 @@ class Bt extends q {
       const t = this._getOrReturnCtx(e);
       return E(t, {
         received: t.data,
-        code: N.invalid_literal,
+        code: S.invalid_literal,
         expected: this._def.value
       }), R;
     }
@@ -5306,14 +5307,14 @@ class lt extends q {
       return E(t, {
         expected: H.joinValues(i),
         received: t.parsedType,
-        code: N.invalid_type
+        code: S.invalid_type
       }), R;
     }
     if (this._cache || (this._cache = new Set(this._def.values)), !this._cache.has(e.data)) {
       const t = this._getOrReturnCtx(e), i = this._def.values;
       return E(t, {
         received: t.data,
-        code: N.invalid_enum_value,
+        code: S.invalid_enum_value,
         options: i
       }), R;
     }
@@ -5362,14 +5363,14 @@ class $t extends q {
       return E(i, {
         expected: H.joinValues(o),
         received: i.parsedType,
-        code: N.invalid_type
+        code: S.invalid_type
       }), R;
     }
     if (this._cache || (this._cache = new Set(H.getValidEnumValues(this._def.values))), !this._cache.has(e.data)) {
       const o = H.objectValues(t);
       return E(i, {
         received: i.data,
-        code: N.invalid_enum_value,
+        code: S.invalid_enum_value,
         options: o
       }), R;
     }
@@ -5392,7 +5393,7 @@ class jt extends q {
     const { ctx: t } = this._processInputParams(e);
     if (t.parsedType !== O.promise && t.common.async === !1)
       return E(t, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.promise,
         received: t.parsedType
       }), R;
@@ -5435,7 +5436,7 @@ class Je extends q {
             path: i.path,
             parent: i
           });
-          return u.status === "aborted" ? R : u.status === "dirty" || t.value === "dirty" ? St(u.value) : u;
+          return u.status === "aborted" ? R : u.status === "dirty" || t.value === "dirty" ? Nt(u.value) : u;
         });
       {
         if (t.value === "aborted")
@@ -5445,7 +5446,7 @@ class Je extends q {
           path: i.path,
           parent: i
         });
-        return d.status === "aborted" ? R : d.status === "dirty" || t.value === "dirty" ? St(d.value) : d;
+        return d.status === "aborted" ? R : d.status === "dirty" || t.value === "dirty" ? Nt(d.value) : d;
       }
     }
     if (o.type === "refinement") {
@@ -5594,7 +5595,7 @@ class ai extends q {
     if (this._getType(e) !== O.nan) {
       const i = this._getOrReturnCtx(e);
       return E(i, {
-        code: N.invalid_type,
+        code: S.invalid_type,
         expected: O.nan,
         received: i.parsedType
       }), R;
@@ -5629,7 +5630,7 @@ class yn extends q {
           path: i.path,
           parent: i
         });
-        return r.status === "aborted" ? R : r.status === "dirty" ? (t.dirty(), St(r.value)) : this._def.out._parseAsync({
+        return r.status === "aborted" ? R : r.status === "dirty" ? (t.dirty(), Nt(r.value)) : this._def.out._parseAsync({
           data: r.value,
           path: i.path,
           parent: i
@@ -5682,7 +5683,7 @@ var U;
 })(U || (U = {}));
 const a = He.create, k = yt.create, h = cn.create, Z = Ft.create, $e = pn.create;
 nt.create;
-const S = je.create, _ = le.create, Pe = Pt.create, kt = mn.create;
+const N = je.create, _ = le.create, Pe = Pt.create, kt = mn.create;
 Mt.create;
 st.create;
 const P = qt.create, T = Bt.create, x = lt.create, gt = $t.create;
@@ -5691,7 +5692,7 @@ Ke.create;
 dt.create;
 const pr = Je.createWithPreprocess, qs = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   __proto__: null,
-  DIRTY: St,
+  DIRTY: Nt,
   INVALID: R,
   OK: De,
   ParseStatus: ke,
@@ -5712,7 +5713,7 @@ const pr = Je.createWithPreprocess, qs = /* @__PURE__ */ Object.freeze(/* @__PUR
     return U;
   },
   ZodIntersection: Mt,
-  ZodIssueCode: N,
+  ZodIssueCode: S,
   ZodLazy: fn,
   ZodLiteral: Bt,
   ZodMap: oi,
@@ -5742,7 +5743,7 @@ const pr = Je.createWithPreprocess, qs = /* @__PURE__ */ Object.freeze(/* @__PUR
   ZodVoid: ni,
   addIssueToContext: E,
   any: Z,
-  array: S,
+  array: N,
   boolean: h,
   custom: ri,
   datetimeRegex: _r,
@@ -5784,14 +5785,16 @@ const Ze = _({
   version: a()
 }), js = _({
   name: a(),
-  value: a()
+  // Optional on writes so PATCH callers can omit the value to preserve the
+  // existing secret. The adapter merges by name when value is missing.
+  value: a().optional()
 }), fr = _({
   name: a().max(255),
   code: a().max(1e5),
-  supported_triggers: S(Bs).optional(),
+  supported_triggers: N(Bs).optional(),
   runtime: a().max(50).optional(),
-  dependencies: S($s).optional(),
-  secrets: S(js).optional()
+  dependencies: N($s).optional(),
+  secrets: N(js).optional()
 });
 fr.partial().extend({
   status: x(["draft", "built"]).optional(),
@@ -5803,7 +5806,7 @@ fr.extend({
   status: x(["draft", "built"]).default("built"),
   deployed_at: a().optional(),
   // Override secrets to return names only (no values) in responses
-  secrets: S(
+  secrets: N(
     _({
       name: a(),
       value: a().optional()
@@ -5822,7 +5825,7 @@ const Vs = x([
   email: a().optional(),
   org_id: a().optional(),
   org_name: a().optional(),
-  scopes: S(a()).optional(),
+  scopes: N(a()).optional(),
   client_id: a().optional()
 }), Hs = _({
   type: a(),
@@ -5890,8 +5893,8 @@ const Xs = _({
   block_aliases: h().optional(),
   block_free_emails: h().optional(),
   block_disposable_emails: h().optional(),
-  blocklist: S(a()).optional(),
-  allowlist: S(a()).optional()
+  blocklist: N(a()).optional(),
+  allowlist: N(a()).optional()
 }), Ys = _({
   id: a(),
   alias: a().max(100).optional(),
@@ -5939,7 +5942,7 @@ const Xs = _({
     description: "The name of the flow"
   }),
   // Actions is an array of action steps (Auth0 stores as JSON blob)
-  actions: S(il).optional().default([]).openapi({
+  actions: N(il).optional().default([]).openapi({
     description: "The list of actions to execute in sequence"
   })
 });
@@ -6073,14 +6076,14 @@ const al = _({
   is_social: h(),
   email: a().optional(),
   login_count: k().default(0),
-  identities: S(rl).optional()
+  identities: N(rl).optional()
 });
 dl.omit({
   registration_completed_at: !0
 });
 hr.extend({
   login_count: k(),
-  multifactor: S(a()).optional(),
+  multifactor: N(a()).optional(),
   last_ip: a().optional(),
   last_login: a().optional(),
   user_id: a()
@@ -6148,25 +6151,25 @@ const ul = _({
   auth0_conformant: h().default(!0).openapi({
     description: "Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."
   }),
-  callbacks: S(a()).default([]).optional().openapi({
+  callbacks: N(a()).default([]).optional().openapi({
     description: "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."
   }),
-  allowed_origins: S(a()).default([]).optional().openapi({
+  allowed_origins: N(a()).default([]).optional().openapi({
     description: "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."
   }),
-  web_origins: S(a()).default([]).optional().openapi({
+  web_origins: N(a()).default([]).optional().openapi({
     description: "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."
   }),
-  client_aliases: S(a()).default([]).optional().openapi({
+  client_aliases: N(a()).default([]).optional().openapi({
     description: "List of audiences/realms for SAML protocol. Used by the wsfed addon."
   }),
-  allowed_clients: S(a()).default([]).optional().openapi({
+  allowed_clients: N(a()).default([]).optional().openapi({
     description: "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."
   }),
-  connections: S(a()).default([]).optional().openapi({
+  connections: N(a()).default([]).optional().openapi({
     description: "List of connection IDs enabled for this client. The order determines the display order on the login page."
   }),
-  allowed_logout_urls: S(a()).default([]).optional().openapi({
+  allowed_logout_urls: N(a()).default([]).optional().openapi({
     description: "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."
   }),
   session_transfer: P(Z()).default({}).optional().openapi({
@@ -6175,13 +6178,13 @@ const ul = _({
   oidc_logout: P(Z()).default({}).optional().openapi({
     description: "Configuration for OIDC backchannel logout"
   }),
-  grant_types: S(a()).default([]).optional().openapi({
+  grant_types: N(a()).default([]).optional().openapi({
     description: "List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."
   }),
   jwt_configuration: P(Z()).default({}).optional().openapi({
     description: "Configuration related to JWTs for the client."
   }),
-  signing_keys: S(P(Z())).default([]).optional().openapi({
+  signing_keys: N(P(Z())).default([]).optional().openapi({
     description: "Signing certificates associated with this client."
   }),
   encryption_key: P(Z()).default({}).optional().openapi({
@@ -6319,7 +6322,7 @@ const pl = _({
   audience: a().min(1).openapi({
     description: "The audience (API identifier) of this client grant."
   }),
-  scope: S(a()).optional().openapi({
+  scope: N(a()).optional().openapi({
     description: "Scopes allowed for this client grant."
   }),
   organization_usage: x(["deny", "allow", "require"]).optional().openapi({
@@ -6334,7 +6337,7 @@ const pl = _({
   subject_type: x(["client", "user"]).optional().openapi({
     description: "The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."
   }),
-  authorization_details_types: S(a()).optional().openapi({
+  authorization_details_types: N(a()).optional().openapi({
     description: "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."
   })
 }), fl = _({
@@ -6345,7 +6348,7 @@ const pl = _({
   created_at: a().optional(),
   updated_at: a().optional()
 });
-S(fl);
+N(fl);
 const gr = x(["iat", "rat"]), hl = _({
   id: a(),
   token_hash: a(),
@@ -6476,13 +6479,13 @@ const vn = _({
   id: a(),
   category: a(),
   type: a()
-}).passthrough(), Nl = Pe([
+}).passthrough(), Sl = Pe([
   gl,
   ml,
   yl,
   vl,
   wl
-]), Sl = _({
+]), Nl = _({
   id: a(),
   type: T(
     "STEP"
@@ -6491,7 +6494,7 @@ const vn = _({
   coordinates: Ot,
   alias: a().optional(),
   config: _({
-    components: S(Nl),
+    components: N(Sl),
     next_node: a()
   }).passthrough()
 }), bl = _({
@@ -6533,7 +6536,7 @@ const vn = _({
   type: a(),
   coordinates: Ot
 }).passthrough(), kl = Pe([
-  Sl,
+  Nl,
   bl,
   El,
   xl
@@ -6549,7 +6552,7 @@ const vn = _({
   languages: _({
     primary: a()
   }).passthrough(),
-  nodes: S(kl),
+  nodes: N(kl),
   start: Ol,
   ending: Tl,
   created_at: a(),
@@ -6564,7 +6567,7 @@ Al.omit({
   created_at: !0,
   updated_at: !0
 });
-var vr = /* @__PURE__ */ ((n) => (n.TOKEN = "token", n.ID_TOKEN = "id_token", n.TOKEN_ID_TOKEN = "token id_token", n.CODE = "code", n))(vr || {}), wr = /* @__PURE__ */ ((n) => (n.QUERY = "query", n.FRAGMENT = "fragment", n.FORM_POST = "form_post", n.WEB_MESSAGE = "web_message", n.SAML_POST = "saml_post", n))(wr || {}), Nr = /* @__PURE__ */ ((n) => (n.S256 = "S256", n.Plain = "plain", n))(Nr || {});
+var vr = /* @__PURE__ */ ((n) => (n.TOKEN = "token", n.ID_TOKEN = "id_token", n.TOKEN_ID_TOKEN = "token id_token", n.CODE = "code", n))(vr || {}), wr = /* @__PURE__ */ ((n) => (n.QUERY = "query", n.FRAGMENT = "fragment", n.FORM_POST = "form_post", n.WEB_MESSAGE = "web_message", n.SAML_POST = "saml_post", n))(wr || {}), Sr = /* @__PURE__ */ ((n) => (n.S256 = "S256", n.Plain = "plain", n))(Sr || {});
 const Il = _({
   client_id: a(),
   act_as: a().optional(),
@@ -6577,7 +6580,7 @@ const Il = _({
   nonce: a().optional(),
   scope: a().optional(),
   prompt: a().optional(),
-  code_challenge_method: gt(Nr).optional(),
+  code_challenge_method: gt(Sr).optional(),
   code_challenge: a().optional(),
   username: a().optional(),
   ui_locales: a().optional(),
@@ -6694,7 +6697,7 @@ const Ll = _({
   }).optional(),
   password_dictionary: _({
     enable: h().optional(),
-    dictionary: S(a()).optional()
+    dictionary: N(a()).optional()
   }).optional(),
   // Disable signup for this connection
   disable_signup: h().optional(),
@@ -6795,7 +6798,7 @@ const Rl = _({
     (n) => n === null ? {} : si(n),
     Ll
   ).default({}),
-  enabled_clients: S(a()).default([]).optional(),
+  enabled_clients: N(a()).default([]).optional(),
   response_type: ri().optional(),
   response_mode: ri().optional(),
   is_domain_connection: h().optional(),
@@ -6840,7 +6843,7 @@ const Ul = _({
   status: x(["disabled", "pending", "pending_verification", "ready"]),
   origin_domain_name: a().optional(),
   verification: _({
-    methods: S(zl)
+    methods: N(zl)
   }).optional(),
   tls_policy: a().optional()
 });
@@ -6898,32 +6901,32 @@ const wi = _({
   config: _({
     content: a().optional()
   }).optional()
-}), Ni = wi.extend({
+}), Si = wi.extend({
   category: T("WIDGET").optional(),
   label: a().min(1).optional(),
   hint: a().min(1).max(500).optional(),
   required: h().optional(),
   sensitive: h().optional()
-}), Hl = Ni.extend({
+}), Hl = Si.extend({
   type: T("AUTH0_VERIFIABLE_CREDENTIALS"),
   config: _({
     credential_type: a().optional()
   })
-}), Kl = Ni.extend({
+}), Kl = Si.extend({
   type: T("GMAPS_ADDRESS"),
   config: _({
     api_key: a().optional()
   })
-}), Gl = Ni.extend({
+}), Gl = Si.extend({
   type: T("RECAPTCHA"),
   config: _({
     site_key: a().optional()
   })
-}), Se = wi.extend({
+}), Ne = wi.extend({
   category: T("FIELD").optional(),
   label: a().min(1).optional(),
   hint: a().min(1).max(500).optional(),
-  messages: S(
+  messages: N(
     _({
       id: k().optional(),
       text: a(),
@@ -6932,15 +6935,15 @@ const wi = _({
   ).optional(),
   required: h().optional(),
   sensitive: h().optional()
-}), Ql = Se.extend({
+}), Ql = Ne.extend({
   type: T("BOOLEAN"),
   config: _({
     default_value: h().optional()
   }).optional()
-}), Jl = Se.extend({
+}), Jl = Ne.extend({
   type: T("CARDS"),
   config: _({
-    options: S(
+    options: N(
       _({
         value: a(),
         label: a(),
@@ -6950,10 +6953,10 @@ const wi = _({
     ).optional(),
     multi_select: h().optional()
   }).optional()
-}), Wl = Se.extend({
+}), Wl = Ne.extend({
   type: T("CHOICE"),
   config: _({
-    options: S(
+    options: N(
       _({
         value: a(),
         label: a()
@@ -6961,9 +6964,9 @@ const wi = _({
     ).optional(),
     display: x(["radio", "checkbox"]).optional(),
     multiple: h().optional(),
-    default_value: Pe([a(), S(a())]).optional()
+    default_value: Pe([a(), N(a())]).optional()
   }).optional()
-}), Xl = Se.extend({
+}), Xl = Ne.extend({
   type: T("CUSTOM"),
   config: _({
     component: a().optional(),
@@ -6971,7 +6974,7 @@ const wi = _({
     schema: P(Z()).optional(),
     code: a().optional()
   })
-}), Yl = Se.extend({
+}), Yl = Ne.extend({
   type: T("DATE"),
   config: _({
     format: a().optional(),
@@ -6979,10 +6982,10 @@ const wi = _({
     max: a().optional(),
     default_value: a().optional()
   }).optional()
-}), ed = Se.extend({
+}), ed = Ne.extend({
   type: T("DROPDOWN"),
   config: _({
-    options: S(
+    options: N(
       _({
         value: a(),
         label: a()
@@ -6991,28 +6994,28 @@ const wi = _({
     placeholder: a().optional(),
     searchable: h().optional(),
     multiple: h().optional(),
-    default_value: Pe([a(), S(a())]).optional()
+    default_value: Pe([a(), N(a())]).optional()
   }).optional()
-}), td = Se.extend({
+}), td = Ne.extend({
   type: T("EMAIL"),
   config: _({
     placeholder: a().optional(),
     default_value: a().optional()
   }).optional()
-}), nd = Se.extend({
+}), nd = Ne.extend({
   type: T("FILE"),
   config: _({
     accept: a().optional(),
     max_size: k().optional(),
     multiple: h().optional()
   }).optional()
-}), id = Se.extend({
+}), id = Ne.extend({
   type: T("LEGAL"),
   config: _({
     text: a(),
     html: h().optional()
   }).optional()
-}), od = Se.extend({
+}), od = Ne.extend({
   type: T("NUMBER"),
   config: _({
     placeholder: a().optional(),
@@ -7021,7 +7024,7 @@ const wi = _({
     step: k().optional(),
     default_value: a().optional()
   }).optional()
-}), ad = Se.extend({
+}), ad = Ne.extend({
   type: T("PASSWORD"),
   config: _({
     placeholder: a().optional(),
@@ -7030,18 +7033,18 @@ const wi = _({
     forgot_password_link: a().optional(),
     default_value: a().optional()
   }).optional()
-}), rd = Se.extend({
+}), rd = Ne.extend({
   type: T("PAYMENT"),
   config: _({
     provider: a().optional(),
     currency: a().optional()
   }).optional()
-}), sd = Se.extend({
+}), sd = Ne.extend({
   type: T("SOCIAL"),
   config: _({
-    providers: S(a()).optional(),
+    providers: N(a()).optional(),
     // Extended provider info with icons and display names
-    provider_details: S(
+    provider_details: N(
       _({
         name: a(),
         strategy: a().optional(),
@@ -7051,7 +7054,7 @@ const wi = _({
       })
     ).optional()
   }).optional()
-}), ld = Se.extend({
+}), ld = Ne.extend({
   type: T("TEL"),
   config: _({
     placeholder: a().optional(),
@@ -7059,7 +7062,7 @@ const wi = _({
     default_value: a().optional(),
     allow_email: h().optional()
   }).optional()
-}), dd = Se.extend({
+}), dd = Ne.extend({
   type: T("TEXT"),
   config: _({
     placeholder: a().optional(),
@@ -7067,13 +7070,13 @@ const wi = _({
     max_length: k().optional(),
     default_value: a().optional()
   }).optional()
-}), cd = Se.extend({
+}), cd = Ne.extend({
   type: T("COUNTRY"),
   config: _({
     placeholder: a().optional(),
     default_value: a().optional()
   }).optional()
-}), _d = Se.extend({
+}), _d = Ne.extend({
   type: T("URL"),
   config: _({
     placeholder: a().optional(),
@@ -7110,7 +7113,7 @@ const wi = _({
   ld,
   dd,
   _d
-]), Sr = Pe([
+]), Nr = Pe([
   ud,
   pd,
   fd
@@ -7143,7 +7146,7 @@ const Kt = _({
   coordinates: Kt,
   alias: a().min(1).max(150),
   config: _({
-    rules: S(
+    rules: N(
       _({
         id: a(),
         alias: a().min(1).max(150).optional(),
@@ -7159,7 +7162,7 @@ const Kt = _({
   coordinates: Kt,
   alias: a().min(1).max(150).optional(),
   config: _({
-    components: S(Sr),
+    components: N(Nr),
     next_node: a().optional()
   })
 }), yd = kt("type", [
@@ -7179,9 +7182,9 @@ const Kt = _({
     default: a().optional()
   }).optional(),
   translations: P(a(), Z()).optional(),
-  nodes: S(yd).optional(),
+  nodes: N(yd).optional(),
   start: _({
-    hidden_fields: S(_({ key: a(), value: a() })).optional(),
+    hidden_fields: N(_({ key: a(), value: a() })).optional(),
     next_node: a().optional(),
     coordinates: Kt.optional()
   }).optional(),
@@ -7211,7 +7214,7 @@ const wd = _({
   id: k().optional(),
   text: a(),
   type: x(["info", "error", "success", "warning"])
-}), Nd = _({
+}), Sd = _({
   id: a().optional(),
   text: a(),
   href: a(),
@@ -7224,9 +7227,9 @@ _({
   method: x(["POST", "GET"]),
   title: a().optional(),
   description: a().optional(),
-  components: S(Sr),
-  messages: S(wd).optional(),
-  links: S(Nd).optional(),
+  components: N(Nr),
+  messages: N(wd).optional(),
+  links: N(Sd).optional(),
   /** Footer HTML content displayed at the very bottom of the widget (e.g., terms and conditions) */
   footer: a().optional()
 });
@@ -7277,7 +7280,7 @@ const br = x([
    * Everything else is opaque to the runtime. Persisted as JSON.
    */
   metadata: P($e()).optional()
-}, Sd = _({
+}, Nd = _({
   ..._t,
   trigger_id: br,
   url: a()
@@ -7295,7 +7298,7 @@ const br = x([
   code_id: a()
 });
 Pe([
-  Sd,
+  Nd,
   bd,
   Ed,
   xd
@@ -7354,7 +7357,7 @@ const Cd = _({
   app_metadata: P(Z()).default({}).optional(),
   user_metadata: P(Z()).default({}).optional(),
   ttl_sec: k().int().max(2592e3).default(604800).optional(),
-  roles: S(a()).default([]).optional(),
+  roles: N(a()).default([]).optional(),
   send_invitation_email: h().default(!0).optional()
 });
 _({
@@ -7381,11 +7384,11 @@ const Rd = _({
   kty: x(["RSA", "EC", "oct"]),
   n: a(),
   x5t: a().optional(),
-  x5c: S(a()).optional(),
+  x5c: N(a()).optional(),
   use: x(["sig", "enc"]).optional()
 });
 _({
-  keys: S(Rd)
+  keys: N(Rd)
 });
 _({
   issuer: a(),
@@ -7398,18 +7401,18 @@ _({
   registration_endpoint: a().optional(),
   revocation_endpoint: a(),
   end_session_endpoint: a().optional(),
-  scopes_supported: S(a()),
-  response_types_supported: S(a()),
-  grant_types_supported: S(a()).optional(),
-  code_challenge_methods_supported: S(a()),
-  response_modes_supported: S(a()),
-  subject_types_supported: S(a()),
-  id_token_signing_alg_values_supported: S(a()),
-  token_endpoint_auth_methods_supported: S(a()),
-  claims_supported: S(a()),
+  scopes_supported: N(a()),
+  response_types_supported: N(a()),
+  grant_types_supported: N(a()).optional(),
+  code_challenge_methods_supported: N(a()),
+  response_modes_supported: N(a()),
+  subject_types_supported: N(a()),
+  id_token_signing_alg_values_supported: N(a()),
+  token_endpoint_auth_methods_supported: N(a()),
+  claims_supported: N(a()),
   request_uri_parameter_supported: h(),
   request_parameter_supported: h(),
-  token_endpoint_auth_signing_alg_values_supported: S(a())
+  token_endpoint_auth_signing_alg_values_supported: N(a())
 });
 var Tr = /* @__PURE__ */ ((n) => (n.PENDING = "pending", n.AUTHENTICATED = "authenticated", n.AWAITING_EMAIL_VERIFICATION = "awaiting_email_verification", n.AWAITING_MFA = "awaiting_mfa", n.AWAITING_HOOK = "awaiting_hook", n.AWAITING_CONTINUATION = "awaiting_continuation", n.COMPLETED = "completed", n.FAILED = "failed", n.EXPIRED = "expired", n))(Tr || {});
 const Ud = gt(Tr), zd = _({
@@ -7604,6 +7607,8 @@ const Pd = {
   SUCCESSFULLY_ACCEPTED_USER_INVITE: "si",
   BREACHED_PASSWORD_ON_SIGNUP: "signup_pwd_leak",
   SUCCESS_LOGOUT: "slo",
+  SUCCESS_HOOK: "sh",
+  // Custom AuthHero-specific
   SUCCESS_REVOCATION: "srrt",
   SUCCESS_SIGNUP: "ss",
   FAILED_SS_SSO_OPERATION: "ss_sso_failure",
@@ -7685,7 +7690,7 @@ const jd = x([
   type: jd,
   status: Ar.optional(),
   sink: P(a(), $e()),
-  filters: S(Vd).optional(),
+  filters: N(Vd).optional(),
   isPriority: h().optional()
 });
 Zd.extend({
@@ -7696,27 +7701,27 @@ Zd.extend({
 });
 const Hd = _({
   enabled: h().optional(),
-  shields: S(a()).optional(),
-  admin_notification_frequency: S(a()).optional(),
+  shields: N(a()).optional(),
+  admin_notification_frequency: N(a()).optional(),
   method: a().optional(),
   stage: _({
     "pre-user-registration": _({
-      shields: S(a()).optional()
+      shields: N(a()).optional()
     }).optional(),
     "pre-change-password": _({
-      shields: S(a()).optional()
+      shields: N(a()).optional()
     }).optional()
   }).optional()
 }), Kd = _({
   enabled: h().optional(),
-  shields: S(a()).optional(),
-  allowlist: S(a()).optional(),
+  shields: N(a()).optional(),
+  allowlist: N(a()).optional(),
   mode: a().optional(),
   max_attempts: k().optional()
 }), Gd = _({
   enabled: h().optional(),
-  shields: S(a()).optional(),
-  allowlist: S(a()).optional(),
+  shields: N(a()).optional(),
+  allowlist: N(a()).optional(),
   stage: _({
     "pre-login": _({
       max_attempts: k().optional(),
@@ -7761,7 +7766,7 @@ const Ir = _({
   device: Ir.describe(
     "Metadata related to the device used in the session"
   ),
-  clients: S(a()).describe("List of client details for the session")
+  clients: N(a()).describe("List of client details for the session")
 });
 _({
   created_at: a(),
@@ -7817,11 +7822,16 @@ const Xd = _({
     mode: x(["persistent", "non-persistent"]).optional()
   }).optional(),
   // Logout settings
-  allowed_logout_urls: S(a()).optional(),
+  allowed_logout_urls: N(a()).optional(),
   // Universal Login settings
   default_redirection_uri: a().optional(),
+  // Anchor client used for tenant-level flows that aren't tied to a specific
+  // application (e.g. /connect/start DCR consent). When unset, /connect/start
+  // falls back to the first available client. Roughly analogous to Auth0's
+  // "Default App" / Global Client.
+  default_client_id: a().optional(),
   // Advanced settings
-  enabled_locales: S(a()).optional(),
+  enabled_locales: N(a()).optional(),
   default_directory: a().optional(),
   error_page: _({
     html: a().optional(),
@@ -7851,11 +7861,11 @@ const Xd = _({
     // and relies on tenant ACLs/rate limits; we implement RFC 7591 initial
     // access tokens and a per-tenant grant-type allowlist.
     dcr_require_initial_access_token: h().optional(),
-    dcr_allowed_grant_types: S(a()).optional(),
+    dcr_allowed_grant_types: N(a()).optional(),
     // Per-tenant allowlist of fully-qualified http origins (scheme + host
     // + port, no path) that may be used as `return_to` / `domain` on
     // `/connect/start` despite not being loopback. Off by default.
-    allow_http_return_to: S(
+    allow_http_return_to: N(
       a().refine(
         (n) => {
           try {
@@ -7893,7 +7903,7 @@ const Xd = _({
   // Sandbox settings
   sandbox_version: a().optional(),
   legacy_sandbox_version: a().optional(),
-  sandbox_versions_available: S(a()).optional(),
+  sandbox_versions_available: N(a()).optional(),
   // Change password settings
   change_password: _({
     enabled: h().optional(),
@@ -7935,7 +7945,7 @@ const Xd = _({
   // MFA settings
   customize_mfa_in_postlogin_action: h().optional(),
   // ACR values
-  acr_values_supported: S(a()).optional(),
+  acr_values_supported: N(a()).optional(),
   // mTLS settings
   mtls: _({
     enable_endpoint_aliases: h().optional()
@@ -8042,7 +8052,16 @@ const Yd = _({
 }), nc = _({
   background_color: a(),
   background_image_url: a(),
-  page_layout: x(["center", "left", "right"])
+  page_layout: x(["center", "left", "right"]),
+  /**
+   * Where the tenant logo renders on the page.
+   * - "widget" (default): inside the widget card via the widget's own header.
+   * - "chip": as a floating pill in the top-left page corner. The widget's
+   *   internal logo is suppressed when this is selected.
+   * - "none": no logo on the page or in the widget.
+   * Optional for backwards compatibility; absent values mean "widget".
+   */
+  logo_placement: x(["widget", "chip", "none"]).optional()
 }), ic = _({
   header_text_alignment: x(["center", "left", "right"]),
   logo_height: k(),
@@ -8087,7 +8106,7 @@ const ac = _({
   // When the token was last used.
   last_exchanged_at: a().optional(),
   device: Ir,
-  resource_servers: S(
+  resource_servers: N(
     _({
       audience: a(),
       scopes: a()
@@ -8141,7 +8160,7 @@ const rc = _({
   id: a().optional(),
   name: a(),
   identifier: a(),
-  scopes: S(rc).optional(),
+  scopes: N(rc).optional(),
   signing_alg: a().optional(),
   signing_secret: a().optional(),
   token_lifetime: k().default(86400),
@@ -8157,7 +8176,7 @@ const rc = _({
   created_at: a().optional(),
   updated_at: a().optional()
 });
-S(dc);
+N(dc);
 const cc = _({
   role_id: a(),
   resource_server_identifier: a(),
@@ -8166,7 +8185,7 @@ const cc = _({
   ...cc.shape,
   created_at: a()
 });
-S(_c);
+N(_c);
 const uc = _({
   user_id: a(),
   resource_server_identifier: a(),
@@ -8177,7 +8196,7 @@ const uc = _({
   tenant_id: a(),
   created_at: a().optional()
 });
-S(pc);
+N(pc);
 const fc = _({
   user_id: a(),
   resource_server_identifier: a(),
@@ -8187,7 +8206,7 @@ const fc = _({
   created_at: a().optional(),
   organization_id: a().optional()
 });
-S(
+N(
   fc
 );
 const hc = _({
@@ -8199,7 +8218,7 @@ const hc = _({
   tenant_id: a(),
   created_at: a().optional()
 });
-S(gc);
+N(gc);
 const mc = _({
   id: a().optional().openapi({
     description: "The unique identifier of the role. If not provided, one will be generated."
@@ -8221,7 +8240,7 @@ const mc = _({
   created_at: a().optional(),
   updated_at: a().optional()
 });
-S(yc);
+N(yc);
 const vc = _({
   logo_url: a().optional().openapi({
     description: "URL of the organization's logo"
@@ -8247,7 +8266,7 @@ const vc = _({
   is_signup_enabled: h().default(!0).openapi({
     description: "Whether signup is enabled for this connection"
   })
-}), Nc = _({
+}), Sc = _({
   client_credentials: _({
     enforce: h().default(!1).openapi({
       description: "Whether to enforce token quota limits"
@@ -8259,7 +8278,7 @@ const vc = _({
       description: "Maximum tokens per hour (0 = unlimited)"
     })
   }).optional()
-}).optional(), Sc = _({
+}).optional(), Nc = _({
   id: a().optional(),
   name: a().min(1).regex(/^[a-z0-9_-]+$/, {
     message: "Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"
@@ -8273,13 +8292,13 @@ const vc = _({
   metadata: P(Z()).default({}).optional().openapi({
     description: "Custom metadata for the organization"
   }),
-  enabled_connections: S(wc).default([]).optional().openapi({
+  enabled_connections: N(wc).default([]).optional().openapi({
     description: "List of enabled connections for the organization"
   }),
-  token_quota: Nc
+  token_quota: Sc
 });
 _({
-  ...Sc.shape,
+  ...Nc.shape,
   ...Ze.shape,
   id: a(),
   // Override name to be lenient when reading from database (to support existing uppercase names)
@@ -8304,7 +8323,7 @@ const bc = _({
   created_at: a().optional(),
   updated_at: a().optional()
 });
-S(
+N(
   Ec
 );
 const xc = _({
@@ -8332,7 +8351,7 @@ _({
   // Universal Login settings
   default_redirection_uri: a().optional(),
   // Advanced settings
-  enabled_locales: S(a()).optional(),
+  enabled_locales: N(a()).optional(),
   default_directory: a().optional(),
   error_page: _({
     html: a().optional(),
@@ -8370,7 +8389,7 @@ _({
   support_url: a().optional(),
   // Sandbox settings
   sandbox_version: a().optional(),
-  sandbox_versions_available: S(a()).optional(),
+  sandbox_versions_available: N(a()).optional(),
   // Change password settings
   change_password: _({
     enabled: h(),
@@ -8512,26 +8531,26 @@ const Tc = x([
   public_key: a().optional(),
   sign_count: k().int().nonnegative().optional(),
   credential_backed_up: h().optional(),
-  transports: S(a()).optional(),
+  transports: N(a()).optional(),
   friendly_name: a().optional(),
   // Common
   confirmed: h().default(!1)
 });
 function Dr(n, e) {
   n.type === "phone" && !n.phone_number && e.addIssue({
-    code: N.custom,
+    code: S.custom,
     message: "phone_number is required when type is 'phone'",
     path: ["phone_number"]
   }), n.type === "totp" && !n.totp_secret && e.addIssue({
-    code: N.custom,
+    code: S.custom,
     message: "totp_secret is required when type is 'totp'",
     path: ["totp_secret"]
   }), ["webauthn-roaming", "webauthn-platform", "passkey"].includes(n.type) && (n.credential_id || e.addIssue({
-    code: N.custom,
+    code: S.custom,
     message: `credential_id is required when type is '${n.type}'`,
     path: ["credential_id"]
   }), n.public_key || e.addIssue({
-    code: N.custom,
+    code: S.custom,
     message: `public_key is required when type is '${n.type}'`,
     path: ["public_key"]
   }));
@@ -8902,11 +8921,11 @@ function Uc(n) {
 function zc(n) {
   return {
     async get(e, t, i) {
-      const o = await n.select().from(Ne).where(
+      const o = await n.select().from(Se).where(
         g(
-          c(Ne.tenant_id, e),
-          c(Ne.prompt, t),
-          c(Ne.language, i)
+          c(Se.tenant_id, e),
+          c(Se.prompt, t),
+          c(Se.language, i)
         )
       ).get();
       if (!o) return null;
@@ -8918,7 +8937,7 @@ function zc(n) {
     },
     async set(e, t, i, o) {
       const r = Date.now(), l = JSON.stringify(o);
-      await n.insert(Ne).values({
+      await n.insert(Se).values({
         tenant_id: e,
         prompt: t,
         language: i,
@@ -8927,27 +8946,27 @@ function zc(n) {
         updated_at_ts: r
       }).onConflictDoUpdate({
         target: [
-          Ne.tenant_id,
-          Ne.prompt,
-          Ne.language
+          Se.tenant_id,
+          Se.prompt,
+          Se.language
         ],
         set: { custom_text: l, updated_at_ts: r }
       });
     },
     async delete(e, t, i) {
-      await n.delete(Ne).where(
+      await n.delete(Se).where(
         g(
-          c(Ne.tenant_id, e),
-          c(Ne.prompt, t),
-          c(Ne.language, i)
+          c(Se.tenant_id, e),
+          c(Se.prompt, t),
+          c(Se.language, i)
         )
       );
     },
     async list(e) {
       return await n.select({
-        prompt: Ne.prompt,
-        language: Ne.language
-      }).from(Ne).where(c(Ne.tenant_id, e)).all();
+        prompt: Se.prompt,
+        language: Se.language
+      }).from(Se).where(c(Se.tenant_id, e)).all();
     }
   };
 }
@@ -9810,8 +9829,8 @@ function t_(n) {
       let u = n.select().from(X).where(c(X.tenant_id, e)).$dynamic();
       if (d && (u = u.where(
         Ue(
-          Nt(X.name, `%${d}%`),
-          Nt(X.display_name, `%${d}%`)
+          St(X.name, `%${d}%`),
+          St(X.display_name, `%${d}%`)
         )
       )), l != null && l.sort_by) {
         const b = X[l.sort_by];
@@ -9825,8 +9844,8 @@ function t_(n) {
       const v = [c(X.tenant_id, e)];
       d && v.push(
         Ue(
-          Nt(X.name, `%${d}%`),
-          Nt(X.display_name, `%${d}%`)
+          St(X.name, `%${d}%`),
+          St(X.display_name, `%${d}%`)
         )
       );
       const [m] = await n.select({ count: he() }).from(X).where(g(...v));
@@ -10226,7 +10245,7 @@ function s_(n) {
           const [, ie, oe] = te, We = ie == null ? void 0 : ie.startsWith("-"), ut = We ? ie == null ? void 0 : ie.substring(1) : ie;
           if (ut && Ii.has(ut) && !We) {
             const wn = Y[ut];
-            p.push(Nt(wn, `%${oe}%`));
+            p.push(St(wn, `%${oe}%`));
           }
         }
       }
@@ -11149,8 +11168,8 @@ function w_(n) {
     }
   };
 }
-const Ui = ["s", "seacft", "seccft", "sepft", "sertft", "ssa"], N_ = ["pwd_leak", "signup_pwd_leak", "reset_pwd_leak"];
-function S_(n) {
+const Ui = ["s", "seacft", "seccft", "sepft", "sertft", "ssa"], S_ = ["pwd_leak", "signup_pwd_leak", "reset_pwd_leak"];
+function N_(n) {
   return {
     async getDaily(e, t) {
       const i = /* @__PURE__ */ new Date(), o = (t == null ? void 0 : t.from) || new Date(i.getTime() - 30 * 24 * 60 * 60 * 1e3).toISOString().split("T")[0], r = (t == null ? void 0 : t.to) || i.toISOString().split("T")[0];
@@ -11164,7 +11183,7 @@ function S_(n) {
           "signups"
         ),
         leaked_passwords: I`SUM(CASE WHEN ${Q.type} IN (${I.join(
-          N_.map((d) => I`${d}`),
+          S_.map((d) => I`${d}`),
           I`, `
         )}) THEN 1 ELSE 0 END)`.as("leaked_passwords")
       }).from(Q).where(
@@ -11409,7 +11428,7 @@ function T_(n, e = { useTransactions: !0 }) {
     users: y_(n),
     userRoles: v_(n),
     userOrganizations: w_(n),
-    stats: S_(n),
+    stats: N_(n),
     outbox: b_(n),
     async transaction(i) {
       if (e.useTransactions === !1)