@authhero/multi-tenancy 14.23.0 → 14.24.0

package/dist/types/index.d.ts

@@ -3,11 +3,13 @@ import { MultiTenancyConfig, MultiTenancyHooks, MultiTenancyBindings, MultiTenan
 export * from "./types";
 export { initMultiTenant } from "./init";
 export type { MultiTenantConfig, MultiTenantResult, ControlPlaneConfig, } from "./init";
+export { createDirectRolloutAdapter, projectControlPlaneDefaults, } from "./rollout";
+export type { ControlPlaneRolloutAdapter, DefaultsProjectionConfig, DefaultsProjectionEntities, DefaultsProjectionResult, EntityProjectionOutcome, } from "./rollout";
 export { createSyncHooks } from "./hooks/sync";
 export type { EntitySyncConfig, SyncHooksResult } from "./hooks/sync";
 export { createTenantsOpenAPIRouter } from "./routes";
 export { createMultiTenancyMiddleware, createAccessControlMiddleware, createControlPlaneTenantMiddleware, createSubdomainMiddleware, createDatabaseMiddleware, createProtectSyncedMiddleware, createRuntimeFallbackAdapter, withRuntimeFallback, withSystemResourceServerInheritance, mergeClientWithFallback, } from "./middleware";
-export type { RuntimeFallbackConfig, ControlPlaneResolver, } from "./middleware";
+export type { RuntimeFallbackConfig, ControlPlaneResolver } from "./middleware";
 export { createMultiTenancyPlugin } from "./plugin";
 export type { AuthHeroPlugin } from "./plugin";
 export { createAccessControlHooks, createDatabaseHooks, createProvisioningHooks, } from "./hooks";

package/dist/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,qBAAqB,EACtB,MAAM,SAAS,CAAC;AAajB,cAAc,SAAS,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AACzC,YAAY,EACV,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAEtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,UAAU,CAAC;AAEtD,OAAO,EACL,4BAA4B,EAC5B,6BAA6B,EAC7B,kCAAkC,EAClC,yBAAyB,EACzB,wBAAwB,EACxB,6BAA6B,EAC7B,4BAA4B,EAC5B,mBAAmB,EACnB,mCAAmC,EACnC,uBAAuB,GACxB,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,YAAY,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG/C,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,kBAAkB,GACzB,iBAAiB,CAgBnB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,kBAAkB;cAE/C,oBAAoB;eACnB,qBAAqB;0CASnC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,kBAAkB;;;;;;;kBAnD9C,oBAAoB;mBACnB,qBAAqB;;;IAwDhC;;;;;;;OAOG;6BAES,OAAO,UAAU,EAAE,YAAY,qBACtB;QAAE,oBAAoB,CAAC,EAAE,MAAM,CAAA;KAAE;EAOzD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,qBAAqB,EACtB,MAAM,SAAS,CAAC;AAajB,cAAc,SAAS,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AACzC,YAAY,EACV,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,QAAQ,CAAC;AAKhB,OAAO,EACL,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,WAAW,CAAC;AACnB,YAAY,EACV,0BAA0B,EAC1B,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,WAAW,CAAC;AAGnB,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAEtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,UAAU,CAAC;AAEtD,OAAO,EACL,4BAA4B,EAC5B,6BAA6B,EAC7B,kCAAkC,EAClC,yBAAyB,EACzB,wBAAwB,EACxB,6BAA6B,EAC7B,4BAA4B,EAC5B,mBAAmB,EACnB,mCAAmC,EACnC,uBAAuB,GACxB,MAAM,cAAc,CAAC;AACtB,YAAY,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEhF,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,YAAY,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG/C,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,kBAAkB,GACzB,iBAAiB,CAgBnB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,kBAAkB;cAE/C,oBAAoB;eACnB,qBAAqB;0CASnC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,kBAAkB;;;;;;;kBAnD9C,oBAAoB;mBACnB,qBAAqB;;;IAwDhC;;;;;;;OAOG;6BAES,OAAO,UAAU,EAAE,YAAY,qBACtB;QAAE,oBAAoB,CAAC,EAAE,MAAM,CAAA;KAAE;EAOzD"}

package/dist/types/middleware/settings-inheritance.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"settings-inheritance.d.ts","sourceRoot":"","sources":["../../../src/middleware/settings-inheritance.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EAEZ,MAAM,EAKP,MAAM,UAAU,CAAC;AA8FlB;;;;;;;;;;;GAWG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,MAAM,EACd,kBAAkB,EAAE,MAAM,GAAG,IAAI,GAChC,MAAM,CAqBR;AAED;;;GAGG;AACH,KAAK,oBAAoB,GACrB;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GACvC,SAAS,CAAC;AAEd;;;;;;;GAOG;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,MAAM,EAAE;IAAE,SAAS,EAAE,MAAM,CAAA;CAAE,KAC7D,oBAAoB,GACpB,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAyHlC;;;;;;;;GAQG;AACH,wBAAgB,mCAAmC,CACjD,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE;IACN,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;CAC5C,GACA,YAAY,CAYd;AAED;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;;;;;;;;OAWG;IACH,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;CAC5C;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,wBAAgB,4BAA4B,CAC1C,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,qBAAqB,GAC5B,YAAY,CA6Jd;AA2FD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,qBAAqB,GAC5B,YAAY,CAEd"}
+{"version":3,"file":"settings-inheritance.d.ts","sourceRoot":"","sources":["../../../src/middleware/settings-inheritance.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EAEZ,MAAM,EAKP,MAAM,UAAU,CAAC;AA8FlB;;;;;;;;;;;GAWG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,MAAM,EACd,kBAAkB,EAAE,MAAM,GAAG,IAAI,GAChC,MAAM,CAqBR;AAED;;;GAGG;AACH,KAAK,oBAAoB,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC;AAEhF;;;;;;;GAOG;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,MAAM,EAAE;IAC1C,SAAS,EAAE,MAAM,CAAC;CACnB,KAAK,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAyH3D;;;;;;;;GAQG;AACH,wBAAgB,mCAAmC,CACjD,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE;IACN,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;CAC5C,GACA,YAAY,CAYd;AAED;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;;;;;;;;OAWG;IACH,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;CAC5C;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,wBAAgB,4BAA4B,CAC1C,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,qBAAqB,GAC5B,YAAY,CA6Jd;AA2FD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,qBAAqB,GAC5B,YAAY,CAEd"}

package/dist/types/rollout/defaults-projection.d.ts

@@ -0,0 +1,74 @@
+import { DataAdapters } from "authhero";
+/**
+ * Which control plane entities to project into a tenant's own database. Every
+ * entity defaults to `true`.
+ *
+ * The projected rows are the same set the runtime fallback
+ * (`withRuntimeFallback`) reads from the control plane tenant: connections,
+ * `is_system` resource servers, `inheritable` hooks and the email provider.
+ * `branding` and `promptSettings` are projected too so a WFP tenant can render
+ * the control plane's defaults; consuming them on read still depends on the
+ * tenant resolving those singletons against the control plane tenant id.
+ */
+export interface DefaultsProjectionEntities {
+    connections?: boolean;
+    resourceServers?: boolean;
+    hooks?: boolean;
+    emailProvider?: boolean;
+    branding?: boolean;
+    promptSettings?: boolean;
+}
+export interface DefaultsProjectionConfig {
+    /**
+     * The control plane tenant id. Projected rows are written into the target
+     * tenant's database under THIS id, so the existing runtime fallback resolves
+     * them exactly as it does in a shared database.
+     */
+    controlPlaneTenantId: string;
+    /**
+     * Adapters for reading the control plane tenant's rows. Secrets are returned
+     * decrypted (this should be the encrypted adapter), and are re-encrypted at
+     * rest by the target adapter on write.
+     */
+    getControlPlaneAdapters: () => Promise<DataAdapters>;
+    /**
+     * Adapters for the target tenant's own database. For a WFP tenant this is the
+     * adapter over the tenant's D1, ideally wrapped with a key ring that tags
+     * control-plane-tenant rows with a control-plane-only key id so the tenant
+     * operator cannot read the inherited secrets.
+     */
+    getAdapters: (tenantId: string) => Promise<DataAdapters>;
+    /** Which entities to project. All default to true. */
+    entities?: DefaultsProjectionEntities;
+    /**
+     * When false (default) the first failing entity throws, so a pilot rollout
+     * fails loudly. When true, every entity is attempted and errors are collected
+     * into the result instead.
+     */
+    continueOnError?: boolean;
+}
+export interface EntityProjectionOutcome {
+    /** Rows created or updated. */
+    upserted: number;
+    /** Non-fatal errors, populated only when `continueOnError` is true. */
+    errors: string[];
+}
+export interface DefaultsProjectionResult {
+    tenantId: string;
+    connections: EntityProjectionOutcome;
+    resourceServers: EntityProjectionOutcome;
+    hooks: EntityProjectionOutcome;
+    emailProvider: EntityProjectionOutcome;
+    branding: EntityProjectionOutcome;
+    promptSettings: EntityProjectionOutcome;
+}
+/**
+ * Projects the control plane tenant's inheritable defaults into a single target
+ * tenant's database, writing the rows under the control plane tenant id so the
+ * existing runtime fallback resolves them with no read-path change.
+ *
+ * Idempotent: every row is upserted by its stable id, so re-running the
+ * projection (a re-sync, or a later rollout) converges rather than duplicating.
+ */
+export declare function projectControlPlaneDefaults(config: DefaultsProjectionConfig, targetTenantId: string): Promise<DefaultsProjectionResult>;
+//# sourceMappingURL=defaults-projection.d.ts.map

package/dist/types/rollout/defaults-projection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaults-projection.d.ts","sourceRoot":"","sources":["../../../src/rollout/defaults-projection.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EAQb,MAAM,UAAU,CAAC;AAElB;;;;;;;;;;GAUG;AACH,MAAM,WAAW,0BAA0B;IACzC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC;;;;OAIG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAE7B;;;;OAIG;IACH,uBAAuB,EAAE,MAAM,OAAO,CAAC,YAAY,CAAC,CAAC;IAErD;;;;;OAKG;IACH,WAAW,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;IAEzD,sDAAsD;IACtD,QAAQ,CAAC,EAAE,0BAA0B,CAAC;IAEtC;;;;OAIG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,uBAAuB;IACtC,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,uEAAuE;IACvE,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,uBAAuB,CAAC;IACrC,eAAe,EAAE,uBAAuB,CAAC;IACzC,KAAK,EAAE,uBAAuB,CAAC;IAC/B,aAAa,EAAE,uBAAuB,CAAC;IACvC,QAAQ,EAAE,uBAAuB,CAAC;IAClC,cAAc,EAAE,uBAAuB,CAAC;CACzC;AAgCD;;;;;;;GAOG;AACH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,wBAAwB,EAChC,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,wBAAwB,CAAC,CAyJnC"}

package/dist/types/rollout/index.d.ts

@@ -0,0 +1,30 @@
+import { DefaultsProjectionConfig, DefaultsProjectionResult } from "./defaults-projection";
+export type { DefaultsProjectionConfig, DefaultsProjectionEntities, DefaultsProjectionResult, EntityProjectionOutcome, } from "./defaults-projection";
+export { projectControlPlaneDefaults } from "./defaults-projection";
+/**
+ * A control plane rollout applies the control plane's state to one or more
+ * tenant databases. `syncDefaults` is the only operation today; schema
+ * migrations and tenant worker code deploys are the same shape (enumerate
+ * tenants, apply per-tenant, retry, resume) and will become sibling methods.
+ *
+ * The interface is the seam for execution strategy. The direct implementation
+ * runs inline — right for a single pilot tenant. A future Cloudflare Workflows
+ * implementation will satisfy the same interface with durable, retryable,
+ * resumable fan-out, with no change to callers.
+ */
+export interface ControlPlaneRolloutAdapter {
+    /** Project the control plane defaults into a single tenant's database. */
+    syncDefaults(targetTenantId: string): Promise<DefaultsProjectionResult>;
+    /**
+     * Project the defaults into several tenants. The direct implementation runs
+     * them sequentially; a Workflows implementation fans out durably.
+     */
+    syncDefaultsToTenants(targetTenantIds: string[]): Promise<DefaultsProjectionResult[]>;
+}
+/**
+ * Creates a rollout adapter that executes projections inline in the current
+ * process. Use this to validate the model with a single tenant before moving to
+ * a durable Cloudflare Workflows implementation.
+ */
+export declare function createDirectRolloutAdapter(config: DefaultsProjectionConfig): ControlPlaneRolloutAdapter;
+//# sourceMappingURL=index.d.ts.map

package/dist/types/rollout/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rollout/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,wBAAwB,EACxB,wBAAwB,EAEzB,MAAM,uBAAuB,CAAC;AAE/B,YAAY,EACV,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,2BAA2B,EAAE,MAAM,uBAAuB,CAAC;AAEpE;;;;;;;;;;GAUG;AACH,MAAM,WAAW,0BAA0B;IACzC,0EAA0E;IAC1E,YAAY,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;IAExE;;;OAGG;IACH,qBAAqB,CACnB,eAAe,EAAE,MAAM,EAAE,GACxB,OAAO,CAAC,wBAAwB,EAAE,CAAC,CAAC;CACxC;AAED;;;;GAIG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,wBAAwB,GAC/B,0BAA0B,CAa5B"}

package/dist/types/routes/tenants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tenants.d.ts","sourceRoot":"","sources":["../../../src/routes/tenants.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAUhE,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,iBAAiB,EAElB,MAAM,UAAU,CAAC;AAElB;;;;;;;;;;GAUG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,kBAAkB,EAC1B,KAAK,EAAE,iBAAiB;cAGZ,oBAAoB;eACnB,qBAAqB;YA4dnC"}
+{"version":3,"file":"tenants.d.ts","sourceRoot":"","sources":["../../../src/routes/tenants.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAUhE,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,iBAAiB,EAElB,MAAM,UAAU,CAAC;AAElB;;;;;;;;;;GAUG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,kBAAkB,EAC1B,KAAK,EAAE,iBAAiB;cAGZ,oBAAoB;eACnB,qBAAqB;YAuenC"}

package/package.json

@@ -11,7 +11,7 @@
     "type": "git",
     "url": "https://github.com/markusahlstrand/authhero"
   },
-  "version": "14.23.0",
+  "version": "14.24.0",
   "description": "Multi-tenancy support for AuthHero with organization-based access control and per-tenant database isolation",
   "files": [
     "dist"
@@ -29,16 +29,16 @@
   "devDependencies": {
     "@hono/zod-openapi": "^1.4.0",
     "@types/better-sqlite3": "^7.6.12",
-    "@types/node": "^22.0.0",
+    "@types/node": "^22.19.19",
     "better-sqlite3": "^11.7.0",
-    "hono": "^4.7.0",
-    "kysely": "^0.27.4",
+    "hono": "^4.12.23",
+    "kysely": "^0.29.2",
     "typescript": "^5.6.0",
-    "vite": "^6.0.0",
-    "vitest": "^2.1.0",
-    "@authhero/kysely-adapter": "11.3.0",
-    "authhero": "5.9.0",
-    "@authhero/adapter-interfaces": "2.6.0"
+    "vite": "^8.0.14",
+    "vitest": "^4.1.7",
+    "@authhero/kysely-adapter": "11.8.9",
+    "@authhero/adapter-interfaces": "3.1.1",
+    "authhero": "8.3.0"
   },
   "dependencies": {
     "zod": "^4.4.3"