npm - @ax-hub/sdk - Versions diffs - 0.0.5 → 0.1.0 - Mend

@ax-hub/sdk 0.0.5 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -305,28 +305,6 @@ declare class HttpClient {
     private logRequest;
 }
-interface ParsedFrame {
-    id?: string;
-    event?: string;
-    data: string;
-}
-type StreamItem<T> = {
-    type: 'item';
-    value: T;
-    id: string | undefined;
-} | {
-    type: 'gap';
-    sinceId: string | undefined;
-    missingCount?: number;
-} | {
-    type: 'decode-skip';
-    frame: ParsedFrame;
-    error: AxHubError;
-};
-interface SSEStream<T> extends AsyncIterable<StreamItem<T>> {
-    dispose(): void;
-}
 interface PaginatedList<T> {
     items: T[];
     nextCursor: string | null;
@@ -408,84 +386,6 @@ interface RequestOptions {
 interface PageRequestOptions extends ListOptions, RequestOptions {
 }
-interface GatewayEngine {
-    name: 'postgres' | 'mysql' | string;
-    capabilities: string[];
-}
-interface GatewayConnector {
-    id: string;
-    engine: string;
-    name: string;
-    [key: string]: unknown;
-}
-interface GatewayResource {
-    id: string;
-    connectorId: string;
-    name: string;
-    [key: string]: unknown;
-}
-interface GatewayQueryInput {
-    resourceId?: string;
-    connectorId?: string;
-    path?: string;
-    sql: string;
-    params?: unknown[];
-    rowLimit?: number;
-}
-interface GatewayQueryColumn {
-    name: string;
-    dataType: string;
-}
-interface GatewayQueryResult<Row = Record<string, unknown>> {
-    allowed: boolean;
-    denyReason?: string;
-    columns: GatewayQueryColumn[];
-    rows: Row[];
-    rowCount: number;
-    matchedPolicies?: string[];
-}
-declare class GatewayClient {
-    private readonly http;
-    constructor(http: HttpClient);
-    scoped(tenantSlug: string): TenantGatewayClient;
-}
-declare class TenantGatewayClient {
-    readonly engines: GatewayEnginesClient;
-    readonly connectors: GatewayConnectorsClient;
-    readonly resources: GatewayResourcesClient;
-    readonly query: GatewayQueryClient;
-    constructor(http: HttpClient, tenantSlug: string);
-}
-declare class GatewayEnginesClient {
-    private readonly http;
-    private readonly base;
-    constructor(http: HttpClient, base: string);
-    list(opts?: RequestOptions): Promise<GatewayEngine[]>;
-}
-declare class GatewayCrud<T extends {
-    id: string;
-}> {
-    protected readonly http: HttpClient;
-    protected readonly base: string;
-    constructor(http: HttpClient, base: string);
-    list(opts?: RequestOptions): Promise<T[]>;
-    get(id: string, opts?: RequestOptions): Promise<T>;
-    create(input: Record<string, unknown>, opts?: RequestOptions): Promise<T>;
-    update(id: string, patch: Record<string, unknown>, opts?: RequestOptions): Promise<T>;
-    delete(id: string, opts?: RequestOptions): Promise<void>;
-}
-declare class GatewayConnectorsClient extends GatewayCrud<GatewayConnector> {
-}
-declare class GatewayResourcesClient extends GatewayCrud<GatewayResource> {
-}
-declare class GatewayQueryClient {
-    private readonly http;
-    private readonly base;
-    constructor(http: HttpClient, base: string);
-    run<Row extends Record<string, unknown> = Record<string, unknown>>(input: GatewayQueryInput, opts?: RequestOptions): Promise<GatewayQueryResult<Row>>;
-    stream<Row extends Record<string, unknown> = Record<string, unknown>>(input: GatewayQueryInput, opts?: RequestOptions): SSEStream<Row>;
-}
 interface AuditEvent {
     id: string;
     type?: string;
@@ -593,8 +493,11 @@ declare class AuthzClient {
     scoped(tenantSlug: string): TenantAuthzClient;
 }
 declare class TenantAuthzClient {
+    /** @adminOnly Tag governance. `list()` requires tenant_admin (v0.1, SPEC 307) — member callers get ForbiddenError (no auto-retry; permission, not transient). Members browse the data catalog via `gateway.catalog`. */
     readonly tags: Crud<AuthzTag>;
+    /** @adminOnly Subject governance. `list()` requires tenant_admin (v0.1) — member callers get ForbiddenError. */
     readonly subjects: Crud<AuthzSubject>;
+    /** @adminOnly Grant governance. `list()` requires tenant_admin (v0.1) — member callers get ForbiddenError. */
     readonly grants: Crud<AuthzGrant>;
     readonly evaluator: AuthzEvaluatorClient;
     constructor(http: HttpClient, tenantSlug: string);
@@ -1864,6 +1767,28 @@ declare class AppScopedTablesClient {
     inspect(tableName: string, opts?: RequestOptions): Promise<unknown>;
 }
+interface ParsedFrame {
+    id?: string;
+    event?: string;
+    data: string;
+}
+type StreamItem<T> = {
+    type: 'item';
+    value: T;
+    id: string | undefined;
+} | {
+    type: 'gap';
+    sinceId: string | undefined;
+    missingCount?: number;
+} | {
+    type: 'decode-skip';
+    frame: ParsedFrame;
+    error: AxHubError;
+};
+interface SSEStream<T> extends AsyncIterable<StreamItem<T>> {
+    dispose(): void;
+}
 type DeploymentStatus = 'queued' | 'building' | 'deploying' | 'succeeded' | 'failed' | 'cancelled' | 'rolled_back';
 interface DeploymentResponse {
     id: string;
@@ -2004,6 +1929,258 @@ declare class DeploymentsClient {
     }): SSEStream<PodEventEvent>;
 }
+interface GatewayEngine {
+    name: 'postgres' | 'mysql' | string;
+    capabilities: string[];
+}
+interface GatewayConnector {
+    id: string;
+    engine: string;
+    name: string;
+    [key: string]: unknown;
+}
+interface GatewayResource {
+    id: string;
+    connectorId: string;
+    name: string;
+    [key: string]: unknown;
+}
+interface GatewayQueryInput {
+    resourceId?: string;
+    connectorId?: string;
+    path?: string;
+    sql: string;
+    params?: unknown[];
+    rowLimit?: number;
+}
+interface GatewayQueryColumn {
+    name: string;
+    dataType: string;
+}
+interface GatewayQueryResult<Row = Record<string, unknown>> {
+    allowed: boolean;
+    denyReason?: string;
+    columns: GatewayQueryColumn[];
+    rows: Row[];
+    rowCount: number;
+    matchedPolicies?: string[];
+}
+interface CatalogKindAction {
+    allowedEffects: string[];
+    inputSchema?: unknown;
+    resultSchema?: unknown;
+}
+interface CatalogKind {
+    kind: string;
+    engine: string;
+    displayName: string;
+    invokable: boolean;
+    actions: Record<string, CatalogKindAction>;
+}
+interface CatalogConnector {
+    id: string;
+    name: string;
+    engine: string;
+    description?: string;
+    url: string;
+}
+interface CatalogTag {
+    id: string;
+    name: string;
+}
+/** permissions.read on a catalog list item. `allowedColumns`/`columnMasks` are detail-only. */
+interface CatalogPermissionsReadList {
+    allowed: boolean;
+    denyReason?: string;
+    rowFilter?: string;
+    mask?: string;
+    inputSchema?: unknown;
+    resultSchema?: unknown;
+}
+/** permissions.read on a catalog detail (table) — adds the SQL-authoring reference fields. */
+interface CatalogPermissionsReadDetail extends CatalogPermissionsReadList {
+    /** Columns the caller may SELECT. Present on table detail only — the 1st reference for SQL authoring. */
+    allowedColumns?: string[];
+    /** Per-column mask algorithm (redact/null/hash/partial/last4). */
+    columnMasks?: Record<string, string>;
+}
+interface CatalogResourceView {
+    id: string;
+    connector: string;
+    connectorId: string;
+    path: string;
+    url: string;
+    kind?: string;
+    type: string;
+    name: string;
+    attributes: Record<string, unknown>;
+    tags: CatalogTag[];
+    permissions: {
+        read: CatalogPermissionsReadList;
+    };
+}
+interface CatalogAncestor {
+    id: string;
+    name: string;
+    type: string;
+    path: string;
+}
+interface CatalogResourceDetail {
+    id: string;
+    connector: string;
+    connectorId: string;
+    path: string;
+    url: string;
+    kind?: string;
+    type: string;
+    name: string;
+    attributes: Record<string, unknown>;
+    tags: CatalogTag[];
+    ancestors: CatalogAncestor[];
+    children: CatalogResourceView[];
+    permissions: {
+        read: CatalogPermissionsReadDetail;
+    };
+}
+interface CatalogResourceFilter {
+    search?: string;
+    kind?: string;
+    connector?: string;
+    connectorId?: string;
+    limit?: number;
+}
+interface InvokeInput {
+    sql: string;
+    params?: unknown[];
+    rowLimit?: number;
+}
+/** invoke(...) result. Mirrors GatewayQueryResult + the resolved `action`. Rows are zipped to objects. */
+interface InvokeResult<Row = Record<string, unknown>> {
+    allowed: boolean;
+    action: string;
+    denyReason?: string;
+    columns: GatewayQueryColumn[];
+    rows: Row[];
+    rowCount: number;
+    matchedPolicies?: string[];
+}
+declare class GatewayClient {
+    private readonly http;
+    constructor(http: HttpClient);
+    scoped(tenantSlug: string): TenantGatewayClient;
+}
+declare class TenantGatewayClient {
+    /** @adminOnly Global engine catalog. Governance read — requires tenant_admin (v0.1, SPEC 307). */
+    readonly engines: GatewayEnginesClient;
+    /** @adminOnly Connector governance (list/create/update/...). Member callers get ForbiddenError (v0.1). Members use `catalog.listConnectors()`. */
+    readonly connectors: GatewayConnectorsClient;
+    /** @adminOnly Raw resource governance. Member callers get ForbiddenError (v0.1). Members use `catalog.listResources()`. */
+    readonly resources: GatewayResourcesClient;
+    /** Run a parameterized read query. Member OK. See also `catalog.invoke()`. */
+    readonly query: GatewayQueryClient;
+    /** Member-facing catalog: discover connectors/resources you can read + invoke. */
+    readonly catalog: GatewayCatalogClient;
+    constructor(http: HttpClient, tenantSlug: string);
+}
+declare class GatewayEnginesClient {
+    private readonly http;
+    private readonly base;
+    constructor(http: HttpClient, base: string);
+    list(opts?: RequestOptions): Promise<GatewayEngine[]>;
+}
+declare class GatewayCrud<T extends {
+    id: string;
+}> {
+    protected readonly http: HttpClient;
+    protected readonly base: string;
+    constructor(http: HttpClient, base: string);
+    list(opts?: RequestOptions): Promise<T[]>;
+    get(id: string, opts?: RequestOptions): Promise<T>;
+    create(input: Record<string, unknown>, opts?: RequestOptions): Promise<T>;
+    update(id: string, patch: Record<string, unknown>, opts?: RequestOptions): Promise<T>;
+    delete(id: string, opts?: RequestOptions): Promise<void>;
+}
+declare class GatewayConnectorsClient extends GatewayCrud<GatewayConnector> {
+}
+declare class GatewayResourcesClient extends GatewayCrud<GatewayResource> {
+}
+declare class GatewayQueryClient {
+    private readonly http;
+    private readonly base;
+    constructor(http: HttpClient, base: string);
+    /**
+     * Run a parameterized read query against a connector resource.
+     *
+     * Policy deny is a normal HTTP 200 response, NOT a throw: branch on `result.allowed`.
+     * When denied, `matchedPolicies` is empty/absent and `denyReason` is generic
+     * ("policy deny") or a `safesql:`-prefixed SQL-format message — use `isPolicyDeny()` /
+     * `isSqlFormatError()` to tell them apart.
+     *
+     * @throws InternalServerError v0.1 — referencing a column outside the catalog's
+     *   `allowedColumns` lets the SQL reach the external DB, which answers column-not-found;
+     *   the backend surfaces that as 500. Do NOT auto-retry — guide the user to the
+     *   resource detail's `allowedColumns` (see `getAccessibleColumns`).
+     * @throws PoolStaleError 401 after a credential refresh retry.
+     */
+    run<Row extends Record<string, unknown> = Record<string, unknown>>(input: GatewayQueryInput, opts?: RequestOptions): Promise<GatewayQueryResult<Row>>;
+}
+/**
+ * Member-facing gateway catalog: connectors/resources the caller can read, plus `invoke`.
+ * Distinct from the `@adminOnly` governance clients (`connectors`/`resources`/`engines`).
+ */
+declare class GatewayCatalogClient {
+    private readonly http;
+    private readonly base;
+    constructor(http: HttpClient, tenantBase: string);
+    /** ResourceKind capability catalog (global, tenant-independent). Member OK. */
+    listKinds(opts?: RequestOptions): Promise<CatalogKind[]>;
+    /** Connectors the caller has read access to (1+ readable resource). Member OK. */
+    listConnectors(opts?: RequestOptions): Promise<CatalogConnector[]>;
+    /** Search resources the caller can read (across connectors). Member OK. */
+    listResources(filter?: CatalogResourceFilter, opts?: RequestOptions): Promise<CatalogResourceView[]>;
+    /**
+     * Single resource detail (with `allowedColumns` for SQL authoring). Member OK.
+     *
+     * @throws NotFoundError when the caller has no read access to `path` — denied and
+     *   non-existent are intentionally indistinguishable (strict zero-trust, v0.1).
+     *   Use `hasAccess()` for a boolean check that does not throw.
+     */
+    getResource(connector: string, path: string, opts?: RequestOptions): Promise<CatalogResourceDetail>;
+    /**
+     * Invoke an action on a resource (v1: `read`). Member OK.
+     *
+     * Policy deny is a normal HTTP 200 (`allowed: false`), NOT a throw — branch on the result.
+     * @throws InternalServerError referencing a column outside `allowedColumns` (no auto-retry).
+     */
+    invoke<Row extends Record<string, unknown> = Record<string, unknown>>(connector: string, path: string, input: InvokeInput, opts?: RequestOptions): Promise<InvokeResult<Row>>;
+    /** True if the caller can read `path` (getResource without throwing on denial). Member OK. */
+    hasAccess(connector: string, path: string, opts?: RequestOptions): Promise<boolean>;
+    /**
+     * Catalog list + each resource's detail (with `allowedColumns`) in one call. Member OK.
+     * Issues one detail request per resource (N+1) — avoid over large catalogs / in tight loops.
+     */
+    listResourcesWithDetail(filter?: CatalogResourceFilter, opts?: RequestOptions): Promise<CatalogResourceDetail[]>;
+}
+/** True when the response is allowed (typed narrowing convenience). */
+declare function isAllowed(r: GatewayQueryResult | InvokeResult): boolean;
+/**
+ * True when a deny is an SQL-format rejection the caller can fix by editing the SQL.
+ *
+ * Keys on the backend's `safesql:` deny_reason prefix (e.g. "safesql: only SELECT or WITH
+ * allowed (got \"insert\")"). String-prefix matching is brittle by construction — the
+ * backend wording may change. (The improvement spec's "SQL 형식 오류:" literal was inaccurate;
+ * the real prefix is `safesql:`.)
+ */
+declare function isSqlFormatError(r: GatewayQueryResult | InvokeResult): boolean;
+/** True when a deny is a policy denial (not an SQL-format error). Editing SQL will not help. */
+declare function isPolicyDeny(r: GatewayQueryResult | InvokeResult): boolean;
+/** Columns the caller may SELECT from a resource detail (empty if none/denied). */
+declare function getAccessibleColumns(detail: CatalogResourceDetail): string[];
+/** Mask algorithm applied to a column (redact/null/hash/partial/last4), or null if unmasked. */
+declare function getMaskHint(detail: CatalogResourceDetail, columnName: string): string | null;
+/** Last path segment for a SQL `FROM` clause ("axhub-qa-mysql/employees" → "employees"). */
+declare function tableFromPath(path: string): string;
 interface IssuePersonalAccessTokenInput {
     name: string;
     expiresInDays?: number;
@@ -2403,4 +2580,4 @@ interface VerifyWebhookResult {
 declare function signWebhook(rawBody: Buffer | Uint8Array | string, secret: string, timestamp?: string): string;
 declare function verifyWebhook(input: VerifyWebhookInput): VerifyWebhookResult;
-export { AbortError, AccessDeniedError, type AddColumnInput, type AddCommentInput, type AddGrantInput, AlreadyAccessedError, AlreadyActiveError, AlreadyDeletedError, AlreadyInactiveError, AlreadyMemberError, AlreadyRevokedError, AlreadySettledError, type AnonymizeInput, type AppAccess, type AppCategory, type AppID, type AppId, type AppResponse, AppScopedClient, AppScopedDataClient, type AppSlug, type AppTable, type AppTemplate, AppUnavailableError, AppsClient, AuditClient, type AuditEvent, type AuditEventID, type AuthProvider, type AuthRing, AuthorizationPendingError, AuthzClient, type AuthzGrant, type AuthzSubject, type AuthzTag, AxHubClient, type AxHubClientOptions, AxHubError, type AxHubErrorInit, BadRequestError, type Branded, type BuildLogEvent, type BulkInviteResult, type ColumnType, type Comment, ConfigurationError, ConflictError, type ConnectGitInput, type ConnectorID, type CreateAppInput, type CreateCategoryInput, type CreateDeploymentInput, type CreateOAuthClientInput, type CreateTableInput, type CreateTenantInput, type CursorDirection, DEFAULT_BASE_URL, type DataBulkResult, DataClient, type DataCountOptions, type DataGetOptions, type DataListOptions, type DataOrderBy, DataTableClient, type DataTableSchema, type DecideInput, type DecideResult, DecodeError, type DeploymentID, type DeploymentId, type DeploymentResponse, type DeploymentStatus, DeploymentsClient, type DeviceAuthorizationResponse, DeviceFlowDeniedError, DeviceFlowTimeoutError, type DiscoverAppsOptions, type DiscoverOptions, type DispatchContext, DomainTakenError, DuplicateError, type EmailDomain, type EmitAuditEventInput, EmptyError, type EnvVar, ExpiredTokenError, type FetchLike, type FieldError, ForbiddenError, GatewayClient, type GatewayConnector, type GatewayEngine, type GatewayQueryColumn, type GatewayQueryInput, type GatewayQueryResult, type GatewayResource, type GitConnection, type GitConnectionSetup, type GitConnectionStatus, type GithubInstallStart, type GrantID, type GrantPrincipalType, type GrantScope, IdentityClient, IdentityDeviceCodeClient, IdentityMeClient, IdentityOAuthClient, IdentityOIDCClient, IdentityPATClient, type IdentityProvider, IdentityProviderClient, IdentitySystemOAuthClientsClient, type InferRow, type InstallStartInput, type IntegrityCheckResult, InternalServerError, IntrospectFailedError, InvalidCursorError, InvalidGrantError, InvalidPathError, InvalidStateTransitionError, InvalidValueError, InvitationExpiredError, type InviteTenantMemberInput, type IssuePersonalAccessTokenInput, type IssuePersonalAccessTokenResult, type KeysetCursor, LastAdminError, LegacyCursorError, type LikeResult, type LikeStatus, type ListAllItem, type ListAllOptions, type ListOptions, type Logger, type MeResponse, type MockClientOptions, type MockFixtures, MockInProductionError, type MockRow, type MockSchemas, MockStore, NetworkError, NoAuth, NotAdminError, NotAllowedError, NotDeletedError, NotFoundError, NotMemberError, type OAuthClient, type OAuthClientWithSecret, OAuthError, type OAuthErrorInit, type OAuthTokenResponse, type OrderByField, type PATID, type PATSummary, type PaginatedList, type ParsedFrame, type PatId, PendingExistsError, PermanentlyDeletedError, PermissionDeniedError, type PodEventEvent, type PodLogEvent, PoolStaleError, PreconditionFailedError, type PublicationRequest, type PublicationRequestStatus, PublicationRequestsClient, type QueryExpr, type RateLimitStrategy, RateLimitedError, type RequestId, RequiredError, type ResourceID, type RetryInfo, type SSEStream, ScanLimitExceededError, SchemaCache, type SchemaCacheOptions, SchemaNameTakenError, type SchemaShapeFromRow, type SelectColumns, type SettlePublicationInput, type SignIconUploadInput, type SignIconUploadResult, SlowDownError, SlugTakenError, StaticTokenAuth, StreamConsumedError, type StreamItem, type SubjectID, type SubmitPublicationInput, type SystemOAuthClient, type TableColumn, type TableConstraint, type TableGrant, type TableID, type TableIndex, TableNotFoundError, type TableSchema, type TagID, type Tenant, type TenantID, type TenantId, type TenantInvitation, type TenantMember, TenantScopedAppsClient, TenantScopedClient, type TenantSlug, TenantSlugRequiredError, TenantsClient, TimeoutError, TokenExpiredError, TokenInvalidError, TokenMissingError, type TokenType, UnauthenticatedError, UnavailableError, type UnlikeResult, type UnpublishInput, type UpdateAppInput, type UpdateGitConnectionInput, type UpdateTenantInput, type UserID, type UserId, ValidationError, type VerifyWebhookInput, type VerifyWebhookResult, WebhookVerificationError, type WebhookVerifyReason, and, asAppId, asAppSlug, asDeploymentId, asPatId, asRequestId, asTenantId, asTenantSlug, asUserId, assertMockModeAllowed, createMockStore, cursorFromRow, decodeCursor, defineSchema, dispatch, encodeCursor, escapeLike, formatErrorMessage, id, isOAuthPath, not, or, orderByFingerprint, parseRetryAfter, raw, schemaCacheKey, signWebhook, verifyWebhook, where };
+export { AbortError, AccessDeniedError, type AddColumnInput, type AddCommentInput, type AddGrantInput, AlreadyAccessedError, AlreadyActiveError, AlreadyDeletedError, AlreadyInactiveError, AlreadyMemberError, AlreadyRevokedError, AlreadySettledError, type AnonymizeInput, type AppAccess, type AppCategory, type AppID, type AppId, type AppResponse, AppScopedClient, AppScopedDataClient, type AppSlug, type AppTable, type AppTemplate, AppUnavailableError, AppsClient, AuditClient, type AuditEvent, type AuditEventID, type AuthProvider, type AuthRing, AuthorizationPendingError, AuthzClient, type AuthzGrant, type AuthzSubject, type AuthzTag, AxHubClient, type AxHubClientOptions, AxHubError, type AxHubErrorInit, BadRequestError, type Branded, type BuildLogEvent, type BulkInviteResult, type CatalogAncestor, type CatalogConnector, type CatalogKind, type CatalogKindAction, type CatalogPermissionsReadDetail, type CatalogPermissionsReadList, type CatalogResourceDetail, type CatalogResourceFilter, type CatalogResourceView, type CatalogTag, type ColumnType, type Comment, ConfigurationError, ConflictError, type ConnectGitInput, type ConnectorID, type CreateAppInput, type CreateCategoryInput, type CreateDeploymentInput, type CreateOAuthClientInput, type CreateTableInput, type CreateTenantInput, type CursorDirection, DEFAULT_BASE_URL, type DataBulkResult, DataClient, type DataCountOptions, type DataGetOptions, type DataListOptions, type DataOrderBy, DataTableClient, type DataTableSchema, type DecideInput, type DecideResult, DecodeError, type DeploymentID, type DeploymentId, type DeploymentResponse, type DeploymentStatus, DeploymentsClient, type DeviceAuthorizationResponse, DeviceFlowDeniedError, DeviceFlowTimeoutError, type DiscoverAppsOptions, type DiscoverOptions, type DispatchContext, DomainTakenError, DuplicateError, type EmailDomain, type EmitAuditEventInput, EmptyError, type EnvVar, ExpiredTokenError, type FetchLike, type FieldError, ForbiddenError, GatewayCatalogClient, GatewayClient, type GatewayConnector, type GatewayEngine, type GatewayQueryColumn, type GatewayQueryInput, type GatewayQueryResult, type GatewayResource, type GitConnection, type GitConnectionSetup, type GitConnectionStatus, type GithubInstallStart, type GrantID, type GrantPrincipalType, type GrantScope, IdentityClient, IdentityDeviceCodeClient, IdentityMeClient, IdentityOAuthClient, IdentityOIDCClient, IdentityPATClient, type IdentityProvider, IdentityProviderClient, IdentitySystemOAuthClientsClient, type InferRow, type InstallStartInput, type IntegrityCheckResult, InternalServerError, IntrospectFailedError, InvalidCursorError, InvalidGrantError, InvalidPathError, InvalidStateTransitionError, InvalidValueError, InvitationExpiredError, type InviteTenantMemberInput, type InvokeInput, type InvokeResult, type IssuePersonalAccessTokenInput, type IssuePersonalAccessTokenResult, type KeysetCursor, LastAdminError, LegacyCursorError, type LikeResult, type LikeStatus, type ListAllItem, type ListAllOptions, type ListOptions, type Logger, type MeResponse, type MockClientOptions, type MockFixtures, MockInProductionError, type MockRow, type MockSchemas, MockStore, NetworkError, NoAuth, NotAdminError, NotAllowedError, NotDeletedError, NotFoundError, NotMemberError, type OAuthClient, type OAuthClientWithSecret, OAuthError, type OAuthErrorInit, type OAuthTokenResponse, type OrderByField, type PATID, type PATSummary, type PaginatedList, type ParsedFrame, type PatId, PendingExistsError, PermanentlyDeletedError, PermissionDeniedError, type PodEventEvent, type PodLogEvent, PoolStaleError, PreconditionFailedError, type PublicationRequest, type PublicationRequestStatus, PublicationRequestsClient, type QueryExpr, type RateLimitStrategy, RateLimitedError, type RequestId, RequiredError, type ResourceID, type RetryInfo, type SSEStream, ScanLimitExceededError, SchemaCache, type SchemaCacheOptions, SchemaNameTakenError, type SchemaShapeFromRow, type SelectColumns, type SettlePublicationInput, type SignIconUploadInput, type SignIconUploadResult, SlowDownError, SlugTakenError, StaticTokenAuth, StreamConsumedError, type StreamItem, type SubjectID, type SubmitPublicationInput, type SystemOAuthClient, type TableColumn, type TableConstraint, type TableGrant, type TableID, type TableIndex, TableNotFoundError, type TableSchema, type TagID, type Tenant, TenantGatewayClient, type TenantID, type TenantId, type TenantInvitation, type TenantMember, TenantScopedAppsClient, TenantScopedClient, type TenantSlug, TenantSlugRequiredError, TenantsClient, TimeoutError, TokenExpiredError, TokenInvalidError, TokenMissingError, type TokenType, UnauthenticatedError, UnavailableError, type UnlikeResult, type UnpublishInput, type UpdateAppInput, type UpdateGitConnectionInput, type UpdateTenantInput, type UserID, type UserId, ValidationError, type VerifyWebhookInput, type VerifyWebhookResult, WebhookVerificationError, type WebhookVerifyReason, and, asAppId, asAppSlug, asDeploymentId, asPatId, asRequestId, asTenantId, asTenantSlug, asUserId, assertMockModeAllowed, createMockStore, cursorFromRow, decodeCursor, defineSchema, dispatch, encodeCursor, escapeLike, formatErrorMessage, getAccessibleColumns, getMaskHint, id, isAllowed, isOAuthPath, isPolicyDeny, isSqlFormatError, not, or, orderByFingerprint, parseRetryAfter, raw, schemaCacheKey, signWebhook, tableFromPath, verifyWebhook, where };