npm - @balena/pinejs - Versions diffs - 19.7.2-build-renovate-postgres-17-x-38c77839796930404f59a924e2e4573ffdc6405d-1 → 19.7.2-build-esm-ce2a147ed7533c40f456b27f17ac4e559a0f9da8-1 - Mend

@balena/pinejs 19.7.2-build-renovate-postgres-17-x-38c77839796930404f59a924e2e4573ffdc6405d-1 → 19.7.2-build-esm-ce2a147ed7533c40f456b27f17ac4e559a0f9da8-1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/.versionbot/CHANGELOG.yml +5 -6
package/CHANGELOG.md +1 -1
package/{Gruntfile.ts → Gruntfile.cts} +9 -22
package/bin/abstract-sql-compiler.js +1 -1
package/bin/odata-compiler.js +1 -1
package/bin/sbvr-compiler.js +1 -1
package/build/{browser.ts → browser.cts} +1 -1
package/build/{config.ts → config.cts} +5 -1
package/build/{module.ts → module.cts} +1 -1
package/build/{server.ts → server.cts} +1 -1
package/docker-compose.npm-test.yml +1 -1
package/out/bin/abstract-sql-compiler.js +17 -19
package/out/bin/abstract-sql-compiler.js.map +1 -1
package/out/bin/odata-compiler.js +19 -21
package/out/bin/odata-compiler.js.map +1 -1
package/out/bin/sbvr-compiler.js +19 -54
package/out/bin/sbvr-compiler.js.map +1 -1
package/out/bin/utils.d.ts +3 -3
package/out/bin/utils.js +16 -53
package/out/bin/utils.js.map +1 -1
package/out/config-loader/config-loader.d.ts +6 -6
package/out/config-loader/config-loader.js +23 -63
package/out/config-loader/config-loader.js.map +1 -1
package/out/config-loader/env.d.ts +1 -1
package/out/config-loader/env.js +24 -66
package/out/config-loader/env.js.map +1 -1
package/out/data-server/sbvr-server.d.ts +3 -3
package/out/data-server/sbvr-server.js +5 -42
package/out/data-server/sbvr-server.js.map +1 -1
package/out/database-layer/db.d.ts +3 -3
package/out/database-layer/db.js +37 -83
package/out/database-layer/db.js.map +1 -1
package/out/express-emulator/express.js.map +1 -1
package/out/extended-sbvr-parser/extended-sbvr-parser.js +8 -11
package/out/extended-sbvr-parser/extended-sbvr-parser.js.map +1 -1
package/out/http-transactions/transactions.d.ts +2 -2
package/out/http-transactions/transactions.js +4 -4
package/out/http-transactions/transactions.js.map +1 -1
package/out/migrator/async.d.ts +2 -2
package/out/migrator/async.js +20 -60
package/out/migrator/async.js.map +1 -1
package/out/migrator/migrations.js +1 -2
package/out/migrator/sync.d.ts +6 -6
package/out/migrator/sync.js +20 -61
package/out/migrator/sync.js.map +1 -1
package/out/migrator/utils.d.ts +4 -4
package/out/migrator/utils.js +42 -97
package/out/migrator/utils.js.map +1 -1
package/out/odata-metadata/odata-metadata-generator.js +7 -14
package/out/odata-metadata/odata-metadata-generator.js.map +1 -1
package/out/passport-pinejs/mount-login-router.d.ts +1 -1
package/out/passport-pinejs/mount-login-router.js +4 -41
package/out/passport-pinejs/mount-login-router.js.map +1 -1
package/out/passport-pinejs/passport-pinejs.d.ts +1 -1
package/out/passport-pinejs/passport-pinejs.js +11 -46
package/out/passport-pinejs/passport-pinejs.js.map +1 -1
package/out/pinejs-session-store/pinejs-session-store.d.ts +1 -1
package/out/pinejs-session-store/pinejs-session-store.js +11 -48
package/out/pinejs-session-store/pinejs-session-store.js.map +1 -1
package/out/sbvr-api/abstract-sql.d.ts +2 -2
package/out/sbvr-api/abstract-sql.js +22 -65
package/out/sbvr-api/abstract-sql.js.map +1 -1
package/out/sbvr-api/cached-compile.js +8 -15
package/out/sbvr-api/cached-compile.js.map +1 -1
package/out/sbvr-api/common-types.js +1 -2
package/out/sbvr-api/control-flow.d.ts +1 -1
package/out/sbvr-api/control-flow.js +12 -25
package/out/sbvr-api/control-flow.js.map +1 -1
package/out/sbvr-api/dev.js +1 -2
package/out/sbvr-api/errors.d.ts +1 -1
package/out/sbvr-api/errors.js +47 -95
package/out/sbvr-api/errors.js.map +1 -1
package/out/sbvr-api/express-extension.d.ts +2 -2
package/out/sbvr-api/express-extension.js +1 -2
package/out/sbvr-api/hooks.d.ts +4 -4
package/out/sbvr-api/hooks.js +23 -35
package/out/sbvr-api/hooks.js.map +1 -1
package/out/sbvr-api/odata-response.d.ts +2 -2
package/out/sbvr-api/odata-response.js +19 -29
package/out/sbvr-api/odata-response.js.map +1 -1
package/out/sbvr-api/permissions.d.ts +8 -8
package/out/sbvr-api/permissions.js +106 -159
package/out/sbvr-api/permissions.js.map +1 -1
package/out/sbvr-api/sbvr-utils.d.ts +38 -16
package/out/sbvr-api/sbvr-utils.js +222 -285
package/out/sbvr-api/sbvr-utils.js.map +1 -1
package/out/sbvr-api/translations.d.ts +1 -1
package/out/sbvr-api/translations.js +10 -17
package/out/sbvr-api/translations.js.map +1 -1
package/out/sbvr-api/uri-parser.d.ts +6 -6
package/out/sbvr-api/uri-parser.js +39 -84
package/out/sbvr-api/uri-parser.js.map +1 -1
package/out/sbvr-api/user.js +1 -2
package/out/server-glue/global-ext.d.ts +0 -3
package/out/server-glue/module.d.ts +15 -15
package/out/server-glue/module.js +20 -59
package/out/server-glue/module.js.map +1 -1
package/out/server-glue/sbvr-loader.d.ts +2 -1
package/out/server-glue/sbvr-loader.js +4 -11
package/out/server-glue/sbvr-loader.js.map +1 -1
package/out/server-glue/server.d.ts +2 -2
package/out/server-glue/server.js +17 -59
package/out/server-glue/server.js.map +1 -1
package/out/tasks/common.d.ts +1 -1
package/out/tasks/common.js +3 -9
package/out/tasks/common.js.map +1 -1
package/out/tasks/index.d.ts +8 -8
package/out/tasks/index.js +25 -63
package/out/tasks/index.js.map +1 -1
package/out/tasks/tasks.js +1 -2
package/out/tasks/worker.d.ts +3 -3
package/out/tasks/worker.js +14 -51
package/out/tasks/worker.js.map +1 -1
package/out/webresource-handler/handlers/NoopHandler.d.ts +1 -1
package/out/webresource-handler/handlers/NoopHandler.js +1 -5
package/out/webresource-handler/handlers/NoopHandler.js.map +1 -1
package/out/webresource-handler/handlers/S3Handler.d.ts +1 -1
package/out/webresource-handler/handlers/S3Handler.js +17 -24
package/out/webresource-handler/handlers/S3Handler.js.map +1 -1
package/out/webresource-handler/handlers/index.d.ts +2 -2
package/out/webresource-handler/handlers/index.js +2 -18
package/out/webresource-handler/handlers/index.js.map +1 -1
package/out/webresource-handler/index.d.ts +1 -1
package/out/webresource-handler/index.js +35 -85
package/out/webresource-handler/index.js.map +1 -1
package/package.json +10 -10
package/src/bin/abstract-sql-compiler.ts +3 -3
package/src/bin/odata-compiler.ts +3 -3
package/src/bin/sbvr-compiler.ts +2 -2
package/src/bin/utils.ts +20 -15
package/src/config-loader/config-loader.ts +11 -11
package/src/config-loader/env.ts +3 -3
package/src/data-server/sbvr-server.ts +4 -4
package/src/database-layer/db.ts +18 -11
package/src/extended-sbvr-parser/extended-sbvr-parser.ts +5 -5
package/src/http-transactions/transactions.js +4 -4
package/src/migrator/async.ts +5 -5
package/src/migrator/sync.ts +8 -8
package/src/migrator/utils.ts +7 -7
package/src/odata-metadata/odata-metadata-generator.ts +3 -2
package/src/passport-pinejs/mount-login-router.ts +3 -3
package/src/passport-pinejs/passport-pinejs.ts +3 -3
package/src/pinejs-session-store/pinejs-session-store.ts +4 -4
package/src/sbvr-api/abstract-sql.ts +5 -5
package/src/sbvr-api/cached-compile.ts +1 -1
package/src/sbvr-api/control-flow.ts +1 -1
package/src/sbvr-api/errors.ts +1 -1
package/src/sbvr-api/express-extension.ts +2 -2
package/src/sbvr-api/hooks.ts +5 -5
package/src/sbvr-api/odata-response.ts +8 -4
package/src/sbvr-api/permissions.ts +17 -17
package/src/sbvr-api/sbvr-utils.ts +37 -31
package/src/sbvr-api/translations.ts +1 -1
package/src/sbvr-api/uri-parser.ts +9 -9
package/src/server-glue/global-ext.d.ts +0 -3
package/src/server-glue/module.ts +19 -19
package/src/server-glue/sbvr-loader.ts +15 -27
package/src/server-glue/server.ts +13 -24
package/src/tasks/common.ts +1 -1
package/src/tasks/index.ts +14 -14
package/src/tasks/worker.ts +8 -8
package/src/webresource-handler/handlers/NoopHandler.ts +5 -1
package/src/webresource-handler/handlers/S3Handler.ts +1 -1
package/src/webresource-handler/handlers/index.ts +2 -2
package/src/webresource-handler/index.ts +8 -8
package/tsconfig.dev.json +4 -2
package/tsconfig.json +1 -1
package/typings/lf-to-abstract-sql.d.ts +2 -2
package/typings/memoizee.d.ts +1 -1

package/out/sbvr-api/permissions.js CHANGED Viewed

@@ -1,70 +1,28 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.config = exports.addPermissions = exports.checkPermissionsMiddleware = exports.checkPermissions = exports.apiKeyMiddleware = exports.customApiKeyMiddleware = exports.resolveApiKey = exports.authorizationMiddleware = exports.customAuthorizationMiddleware = exports.canAccess = exports.resolveAuthHeader = exports.checkApiKey = exports.getApiKeyPermissions = exports.getUserPermissions = exports.checkPassword = exports.rootRead = exports.root = exports.PermissionParsingError = exports.PermissionError = void 0;
-exports.nestedCheck = nestedCheck;
-exports.setup = setup;
-require("./express-extension");
-const odata_to_abstract_sql_1 = require("@balena/odata-to-abstract-sql");
-const ODataParser = __importStar(require("@balena/odata-parser"));
-const lodash_1 = __importDefault(require("lodash"));
-const memoizee_1 = __importDefault(require("memoizee"));
-const randomstring = __importStar(require("randomstring"));
-const env = __importStar(require("../config-loader/env"));
-const sbvrUtils = __importStar(require("../sbvr-api/sbvr-utils"));
-const hooks_1 = require("./hooks");
-const errors_1 = require("./errors");
-Object.defineProperty(exports, "PermissionError", { enumerable: true, get: function () { return errors_1.PermissionError; } });
-Object.defineProperty(exports, "PermissionParsingError", { enumerable: true, get: function () { return errors_1.PermissionParsingError; } });
-const uri_parser_1 = require("./uri-parser");
-const weak_1 = __importDefault(require("memoizee/weak"));
-const sbvr_loader_1 = require("../server-glue/sbvr-loader");
-const userModel = (0, sbvr_loader_1.requireSBVR)('./user.sbvr', require);
+import './express-extension.js';
+import { isBindReference, odataNameToSqlName, sqlNameToODataName, } from '@balena/odata-to-abstract-sql';
+import * as ODataParser from '@balena/odata-parser';
+import _ from 'lodash';
+import memoize from 'memoizee';
+import randomstring from 'randomstring';
+import * as env from '../config-loader/env.js';
+import * as sbvrUtils from '../sbvr-api/sbvr-utils.js';
+import { addPureHook, addHook } from './hooks.js';
+import { BadRequestError, PermissionError, PermissionParsingError, } from './errors.js';
+import { memoizedGetOData2AbstractSQL, memoizedParseOdata, metadataEndpoints, } from './uri-parser.js';
+import memoizeWeak from 'memoizee/weak.js';
+import { importSBVR } from '../server-glue/sbvr-loader.js';
+const userModel = await importSBVR('./user.sbvr', import.meta);
 const DEFAULT_ACTOR_BIND = '@__ACTOR_ID';
-const DEFAULT_ACTOR_BIND_REGEX = new RegExp(lodash_1.default.escapeRegExp(DEFAULT_ACTOR_BIND), 'g');
-exports.root = {
+const DEFAULT_ACTOR_BIND_REGEX = new RegExp(_.escapeRegExp(DEFAULT_ACTOR_BIND), 'g');
+export { PermissionError, PermissionParsingError };
+export const root = {
     user: {
         id: 0,
         actor: 0,
         permissions: ['resource.all'],
     },
 };
-exports.rootRead = {
+export const rootRead = {
     user: {
         id: 0,
         actor: 0,
@@ -99,7 +57,7 @@ const $parsePermissions = env.createCache('parsePermissions', (filter) => {
 const rewriteODataBinds = ({ tree, extraBinds }, odataBinds) => {
     const bindsLength = odataBinds.length;
     odataBinds.push(...extraBinds);
-    return lodash_1.default.cloneDeepWith(tree, (value) => {
+    return _.cloneDeepWith(tree, (value) => {
         if (value != null) {
             const bind = value.bind;
             if (Number.isInteger(bind)) {
@@ -114,7 +72,7 @@ const parsePermissions = (filter, odataBinds) => {
 };
 const isAnd = (x) => typeof x === 'object' && 'and' in x;
 const isOr = (x) => typeof x === 'object' && 'or' in x;
-function nestedCheck(check, stringCallback) {
+export function nestedCheck(check, stringCallback) {
     if (typeof check === 'string') {
         return stringCallback(check);
     }
@@ -142,7 +100,7 @@ function nestedCheck(check, stringCallback) {
         }
         if (results.length > 1) {
             return {
-                and: lodash_1.default.uniq(results),
+                and: _.uniq(results),
             };
         }
         return true;
@@ -180,7 +138,7 @@ function nestedCheck(check, stringCallback) {
                 }
                 if (results.length > 1) {
                     return {
-                        or: lodash_1.default.uniq(results),
+                        or: _.uniq(results),
                     };
                 }
                 return false;
@@ -210,13 +168,13 @@ const collapsePermissionFilters = (v) => {
     return v;
 };
 const namespaceRelationships = (relationships, alias) => {
-    lodash_1.default.forEach(relationships, (relationship, key) => {
+    _.forEach(relationships, (relationship, key) => {
         if (key === '$') {
             return;
         }
         let mapping = relationship.$;
         if (mapping != null && mapping.length === 2) {
-            mapping = lodash_1.default.cloneDeep(mapping);
+            mapping = _.cloneDeep(mapping);
             mapping[1][0] = `${mapping[1][0]}$${alias}`;
             relationships[`${key}$${alias}`] = {
                 $: mapping,
@@ -243,7 +201,7 @@ const getPermissionsLookup = env.createCache('permissionsLookup', (permissions,
     for (const target of Object.keys(permissionsLookup)) {
         const conditions = permissionsLookup[target];
         if (conditions !== true) {
-            permissionsLookup[target] = lodash_1.default.uniq(conditions);
+            permissionsLookup[target] = _.uniq(conditions);
         }
     }
     return permissionsLookup;
@@ -275,7 +233,7 @@ const $checkPermissions = (permissionsLookup, actionList, vocabulary, resourceNa
                 vocabularyResourcePermission = maybeVocabularyResourcePermission;
             }
         }
-        const conditionalPermissions = lodash_1.default.union(resourcePermission, vocabularyPermission, vocabularyResourcePermission);
+        const conditionalPermissions = _.union(resourcePermission, vocabularyPermission, vocabularyResourcePermission);
         if (conditionalPermissions.length === 1) {
             return conditionalPermissions[0];
         }
@@ -314,7 +272,7 @@ const rewriteSubPermissionBindings = (filter, counter) => {
             object.bind = counter + object.bind;
         }
         if (Array.isArray(object) || typeof object === 'object') {
-            lodash_1.default.forEach(object, (v) => {
+            _.forEach(object, (v) => {
                 rewrite(v);
             });
         }
@@ -337,28 +295,28 @@ const buildODataPermission = (permissionsLookup, actionList, vocabulary, resourc
         }
         catch (e) {
             console.warn('Failed to parse conditional permissions: ', permissionCheck);
-            throw new errors_1.PermissionParsingError(e);
+            throw new PermissionParsingError(e);
         }
     });
     const collapsedPermissionFilters = collapsePermissionFilters(permissionFilters);
     return collapsedPermissionFilters;
 };
-const constrainedPermissionError = new errors_1.PermissionError();
+const constrainedPermissionError = new PermissionError();
 const generateConstrainedAbstractSql = (permissionsLookup, actionList, vocabulary, resourceName) => {
     const abstractSQLModel = sbvrUtils.getAbstractSqlModel({
         vocabulary,
     });
-    const odata = (0, uri_parser_1.memoizedParseOdata)(`/${resourceName}`);
+    const odata = memoizedParseOdata(`/${resourceName}`);
     const collapsedPermissionFilters = buildODataPermission(permissionsLookup, actionList, vocabulary, resourceName, odata);
     if (collapsePermissionFilters == null) {
         return;
     }
-    lodash_1.default.set(odata, ['tree', 'options', '$filter'], collapsedPermissionFilters);
+    _.set(odata, ['tree', 'options', '$filter'], collapsedPermissionFilters);
     const lambdaAlias = randomstring.generate(20);
     let inc = 0;
     const canAccessTrace = [resourceName];
     const resolveBind = (maybeBind, extraBinds) => {
-        if ((0, odata_to_abstract_sql_1.isBindReference)(maybeBind)) {
+        if (isBindReference(maybeBind)) {
             const { bind } = maybeBind;
             if (typeof bind === 'string' || bind < odata.binds.length) {
                 return odata.binds[bind];
@@ -375,7 +333,7 @@ const generateConstrainedAbstractSql = (permissionsLookup, actionList, vocabular
         const targetResource = this.NavigateResources(this.defaultResource, resolvedProperty.name);
         const lambdaId = `${lambdaAlias}+${inc}`;
         inc = inc + 1;
-        const targetResourceName = (0, odata_to_abstract_sql_1.sqlNameToODataName)(targetResource.resource.name);
+        const targetResourceName = sqlNameToODataName(targetResource.resource.name);
         const traceIndex = canAccessTrace.findIndex((rName) => rName === targetResourceName);
         if (traceIndex !== -1) {
             if (canAccessTrace[canAccessTrace.length - 1] !== targetResourceName) {
@@ -400,7 +358,7 @@ const generateConstrainedAbstractSql = (permissionsLookup, actionList, vocabular
                 return this.Property(resolvedProperty);
             }
         }
-        const parentOdata = (0, uri_parser_1.memoizedParseOdata)(`/${targetResourceName}`);
+        const parentOdata = memoizedParseOdata(`/${targetResourceName}`);
         const collapsedParentPermissionFilters = buildODataPermission(permissionsLookup, actionList, vocabulary, targetResourceName, parentOdata);
         if (collapsedParentPermissionFilters == null) {
             return ['Equals', ['Boolean', true], ['Boolean', true]];
@@ -421,7 +379,7 @@ const generateConstrainedAbstractSql = (permissionsLookup, actionList, vocabular
             canAccessTrace.pop();
         }
     };
-    const { tree, extraBindVars } = (0, uri_parser_1.memoizedGetOData2AbstractSQL)(abstractSQLModel).match(odata.tree, 'GET', [], odata.binds.length, {
+    const { tree, extraBindVars } = memoizedGetOData2AbstractSQL(abstractSQLModel).match(odata.tree, 'GET', [], odata.binds.length, {
         canAccess: canAccessFunction,
     });
     odata.binds.push(...extraBindVars);
@@ -430,7 +388,7 @@ const generateConstrainedAbstractSql = (permissionsLookup, actionList, vocabular
     const select = abstractSqlQuery.find((v) => v[0] === 'Select');
     select[1] = select[1].map((selectField) => {
         if (selectField[0] === 'Alias') {
-            const sqlName = (0, odata_to_abstract_sql_1.odataNameToSqlName)(selectField[2]);
+            const sqlName = odataNameToSqlName(selectField[2]);
             const maybeField = selectField[1];
             if ((maybeField[0] === 'ReferencedField' && maybeField[2] === sqlName) ||
                 (maybeField[0] === 'Field' && maybeField[1] === sqlName)) {
@@ -478,7 +436,7 @@ const deepFreezeExceptDefinition = (obj) => {
         }
     }
 };
-const createBypassDefinition = (definition) => lodash_1.default.cloneDeepWith(definition, (abstractSql) => {
+const createBypassDefinition = (definition) => _.cloneDeepWith(definition, (abstractSql) => {
     if (Array.isArray(abstractSql) &&
         abstractSql[0] === 'Resource' &&
         !abstractSql[1].endsWith('$bypass')) {
@@ -487,13 +445,13 @@ const createBypassDefinition = (definition) => lodash_1.default.cloneDeepWith(de
 });
 const createVersionSpecificPermissionDefinition = ({ abstractSql, ...restDefinition }, permissionsJSON) => {
     return {
-        ...lodash_1.default.cloneDeep(restDefinition),
-        abstractSql: lodash_1.default.cloneDeepWith(abstractSql, (abstractSqlNode) => {
+        ..._.cloneDeep(restDefinition),
+        abstractSql: _.cloneDeepWith(abstractSql, (abstractSqlNode) => {
             if (!Array.isArray(abstractSqlNode)) {
                 return;
             }
             if (abstractSqlNode[0] === 'Select' || abstractSqlNode[0] === 'Where') {
-                return lodash_1.default.cloneDeep(abstractSqlNode);
+                return _.cloneDeep(abstractSqlNode);
             }
             if (abstractSqlNode[0] === 'Resource' &&
                 typeof abstractSqlNode[1] === 'string' &&
@@ -515,10 +473,10 @@ const getAlias = (name) => {
     }
     return `permissions${permissionsJSON}`;
 };
-const rewriteRelationship = (0, weak_1.default)((value, name, abstractSqlModel, permissionsLookup, vocabulary, odata2AbstractSQL) => {
-    let escapedName = (0, odata_to_abstract_sql_1.sqlNameToODataName)(name);
+const rewriteRelationship = memoizeWeak((value, name, abstractSqlModel, permissionsLookup, vocabulary, odata2AbstractSQL) => {
+    let escapedName = sqlNameToODataName(name);
     if (abstractSqlModel.tables[name]) {
-        escapedName = (0, odata_to_abstract_sql_1.sqlNameToODataName)(abstractSqlModel.tables[name].name);
+        escapedName = sqlNameToODataName(abstractSqlModel.tables[name].name);
     }
     const rewrite = (object) => {
         if ('$' in object && Array.isArray(object.$)) {
@@ -531,27 +489,27 @@ const rewriteRelationship = (0, weak_1.default)((value, name, abstractSqlModel,
                 if (possibleTargetResourceName.endsWith('$bypass')) {
                     return;
                 }
-                const targetResourceEscaped = (0, odata_to_abstract_sql_1.sqlNameToODataName)(abstractSqlModel.tables[possibleTargetResourceName]?.name ??
+                const targetResourceEscaped = sqlNameToODataName(abstractSqlModel.tables[possibleTargetResourceName]?.name ??
                     possibleTargetResourceName);
                 if (targetResourceEscaped.includes('$')) {
                     return;
                 }
                 let foundCanAccessLink = false;
                 try {
-                    const odata = (0, uri_parser_1.memoizedParseOdata)(`/${targetResourceEscaped}`);
+                    const odata = memoizedParseOdata(`/${targetResourceEscaped}`);
                     const collapsedPermissionFilters = buildODataPermission(permissionsLookup, methodPermissions.GET, vocabulary, targetResourceEscaped, odata);
                     if (collapsedPermissionFilters == null) {
                         return;
                     }
-                    lodash_1.default.set(odata, ['tree', 'options', '$filter'], collapsedPermissionFilters);
+                    _.set(odata, ['tree', 'options', '$filter'], collapsedPermissionFilters);
                     const canAccessFunction = function (property) {
                         delete property.method;
                         if (!this.defaultResource) {
                             throw new Error(`No resource selected in AST.`);
                         }
                         const targetResourceAST = this.NavigateResources(this.defaultResource, property.name);
-                        const targetResourceName = (0, odata_to_abstract_sql_1.sqlNameToODataName)(targetResourceAST.resource.name);
-                        const currentResourceName = (0, odata_to_abstract_sql_1.sqlNameToODataName)(this.defaultResource.name);
+                        const targetResourceName = sqlNameToODataName(targetResourceAST.resource.name);
+                        const currentResourceName = sqlNameToODataName(this.defaultResource.name);
                         if (currentResourceName === targetResourceEscaped &&
                             targetResourceName === escapedName) {
                             foundCanAccessLink = true;
@@ -582,7 +540,7 @@ const rewriteRelationship = (0, weak_1.default)((value, name, abstractSqlModel,
             }
         }
         if (Array.isArray(object) || typeof object === 'object') {
-            lodash_1.default.forEach(object, (v) => {
+            _.forEach(object, (v) => {
                 if (typeof v !== 'string') {
                     rewrite(v);
                 }
@@ -595,15 +553,15 @@ const rewriteRelationships = (abstractSqlModel, relationships, permissionsLookup
     const originalAbstractSQLModel = sbvrUtils.getAbstractSqlModel({
         vocabulary,
     });
-    const odata2AbstractSQL = (0, uri_parser_1.memoizedGetOData2AbstractSQL)(originalAbstractSQLModel);
-    const newRelationships = lodash_1.default.cloneDeep(relationships);
-    lodash_1.default.forOwn(newRelationships, (value, name) => {
+    const odata2AbstractSQL = memoizedGetOData2AbstractSQL(originalAbstractSQLModel);
+    const newRelationships = _.cloneDeep(relationships);
+    _.forOwn(newRelationships, (value, name) => {
         rewriteRelationship(value, name, abstractSqlModel, permissionsLookup, vocabulary, odata2AbstractSQL);
     });
     return newRelationships;
 };
-const getBoundConstrainedMemoizer = (0, weak_1.default)((abstractSqlModel) => (0, weak_1.default)((permissionsLookup, vocabulary) => {
-    const constrainedAbstractSqlModel = lodash_1.default.cloneDeep(abstractSqlModel);
+const getBoundConstrainedMemoizer = memoizeWeak((abstractSqlModel) => memoizeWeak((permissionsLookup, vocabulary) => {
+    const constrainedAbstractSqlModel = _.cloneDeep(abstractSqlModel);
     const origSynonyms = Object.entries(constrainedAbstractSqlModel.synonyms);
     constrainedAbstractSqlModel.synonyms = new Proxy(constrainedAbstractSqlModel.synonyms, {
         get(synonyms, permissionSynonym, receiver) {
@@ -624,7 +582,7 @@ const getBoundConstrainedMemoizer = (0, weak_1.default)((abstractSqlModel) => (0
         },
     });
     const origRelationships = Object.keys(constrainedAbstractSqlModel.relationships);
-    lodash_1.default.forEach(constrainedAbstractSqlModel.tables, (table, resourceName) => {
+    _.forEach(constrainedAbstractSqlModel.tables, (table, resourceName) => {
         const bypassResourceName = `${resourceName}$bypass`;
         constrainedAbstractSqlModel.tables[bypassResourceName] = {
             ...table,
@@ -635,7 +593,7 @@ const getBoundConstrainedMemoizer = (0, weak_1.default)((abstractSqlModel) => (0
             constrainedAbstractSqlModel.tables[bypassResourceName].definition =
                 createBypassDefinition(table.definition);
             const tableDefinition = table.definition;
-            for (const stringifiedPermission of lodash_1.default.uniq(Object.values(stringifiedMethodPermissions))) {
+            for (const stringifiedPermission of _.uniq(Object.values(stringifiedMethodPermissions))) {
                 if (stringifiedPermission === stringifiedMethodPermissions.GET) {
                     continue;
                 }
@@ -672,7 +630,7 @@ const getBoundConstrainedMemoizer = (0, weak_1.default)((abstractSqlModel) => (0
                 ...table,
             });
             permissionsTable.resourceName = permissionResourceName;
-            onceGetter(permissionsTable, 'definition', () => generateConstrainedAbstractSql(permissionsLookup, permissions, vocabulary, (0, odata_to_abstract_sql_1.sqlNameToODataName)(permissionsTable.modifyName ?? permissionsTable.name)));
+            onceGetter(permissionsTable, 'definition', () => generateConstrainedAbstractSql(permissionsLookup, permissions, vocabulary, sqlNameToODataName(permissionsTable.modifyName ?? permissionsTable.name)));
             return permissionsTable;
         },
     });
@@ -703,10 +661,10 @@ const getBoundConstrainedMemoizer = (0, weak_1.default)((abstractSqlModel) => (0
     primitive: true,
 }));
 const memoizedGetConstrainedModel = (abstractSqlModel, permissionsLookup, vocabulary) => getBoundConstrainedMemoizer(abstractSqlModel)(permissionsLookup, vocabulary);
-const getCheckPasswordQuery = lodash_1.default.once(() => sbvrUtils.api.Auth.prepare({
+const getCheckPasswordQuery = _.once(() => sbvrUtils.api.Auth.prepare({
     resource: 'user',
     passthrough: {
-        req: exports.rootRead,
+        req: rootRead,
     },
     id: {
         username: { '@': 'username' },
@@ -715,7 +673,7 @@ const getCheckPasswordQuery = lodash_1.default.once(() => sbvrUtils.api.Auth.pre
         $select: ['id', 'actor', 'password'],
     },
 }, { username: ['string'] }));
-const checkPassword = async (username, password) => {
+export const checkPassword = async (username, password) => {
     const user = await getCheckPasswordQuery()({
         username,
     });
@@ -727,7 +685,7 @@ const checkPassword = async (username, password) => {
         throw new Error('Passwords do not match');
     }
     const userId = user.id;
-    const permissions = await (0, exports.getUserPermissions)(userId);
+    const permissions = await getUserPermissions(userId);
     return {
         id: userId,
         actor: user.actor.__id,
@@ -735,12 +693,11 @@ const checkPassword = async (username, password) => {
         permissions,
     };
 };
-exports.checkPassword = checkPassword;
 const $getUserPermissions = (() => {
-    const getUserPermissionsQuery = lodash_1.default.once(() => sbvrUtils.api.Auth.prepare({
+    const getUserPermissionsQuery = _.once(() => sbvrUtils.api.Auth.prepare({
         resource: 'permission',
         passthrough: {
-            req: exports.rootRead,
+            req: rootRead,
         },
         options: {
             $select: 'name',
@@ -818,7 +775,7 @@ const $getUserPermissions = (() => {
         normalizer: ([userId]) => `${userId}`,
     });
 })();
-const getUserPermissions = async (userId, tx) => {
+export const getUserPermissions = async (userId, tx) => {
     if (typeof userId === 'string') {
         userId = parseInt(userId, 10);
     }
@@ -833,12 +790,11 @@ const getUserPermissions = async (userId, tx) => {
         throw err;
     }
 };
-exports.getUserPermissions = getUserPermissions;
 const $getApiKeyPermissions = (() => {
-    const getApiKeyPermissionsQuery = lodash_1.default.once(() => sbvrUtils.api.Auth.prepare({
+    const getApiKeyPermissionsQuery = _.once(() => sbvrUtils.api.Auth.prepare({
         resource: 'permission',
         passthrough: {
-            req: exports.rootRead,
+            req: rootRead,
         },
         options: {
             $select: 'name',
@@ -936,7 +892,7 @@ const $getApiKeyPermissions = (() => {
         normalizer: ([apiKey]) => apiKey,
     });
 })();
-const getApiKeyPermissions = async (apiKey, tx) => {
+export const getApiKeyPermissions = async (apiKey, tx) => {
     if (typeof apiKey !== 'string') {
         throw new Error('API key has to be a string, got: ' + typeof apiKey);
     }
@@ -948,12 +904,11 @@ const getApiKeyPermissions = async (apiKey, tx) => {
         throw err;
     }
 };
-exports.getApiKeyPermissions = getApiKeyPermissions;
 const getApiKeyActorId = (() => {
-    const getApiKeyActorIdQuery = lodash_1.default.once(() => sbvrUtils.api.Auth.prepare({
+    const getApiKeyActorIdQuery = _.once(() => sbvrUtils.api.Auth.prepare({
         resource: 'api_key',
         passthrough: {
-            req: exports.rootRead,
+            req: rootRead,
         },
         id: {
             key: { '@': 'apiKey' },
@@ -968,7 +923,7 @@ const getApiKeyActorId = (() => {
             },
         },
     }, { apiKey: ['string'] }));
-    const apiActorPermissionError = new errors_1.PermissionError();
+    const apiActorPermissionError = new PermissionError();
     return env.createCache('apiKeyActorId', async (apiKey, tx) => {
         const apiKeyResult = await getApiKeyActorIdQuery()({
             apiKey,
@@ -987,8 +942,8 @@ const getApiKeyActorId = (() => {
         normalizer: ([apiKey]) => apiKey,
     });
 })();
-const checkApiKey = async (apiKey, tx) => {
-    const permissions = await (0, exports.getApiKeyPermissions)(apiKey, tx);
+export const checkApiKey = async (apiKey, tx) => {
+    const permissions = await getApiKeyPermissions(apiKey, tx);
     const actor = await getApiKeyActorId(apiKey, tx);
     return {
         key: apiKey,
@@ -996,8 +951,7 @@ const checkApiKey = async (apiKey, tx) => {
         actor,
     };
 };
-exports.checkApiKey = checkApiKey;
-const resolveAuthHeader = async (req, expectedScheme = 'Bearer', tx) => {
+export const resolveAuthHeader = async (req, expectedScheme = 'Bearer', tx) => {
     const auth = req.header('Authorization');
     if (!auth) {
         return;
@@ -1010,20 +964,19 @@ const resolveAuthHeader = async (req, expectedScheme = 'Bearer', tx) => {
     if (scheme.toLowerCase() !== expectedScheme.toLowerCase()) {
         return;
     }
-    return await (0, exports.checkApiKey)(apiKey, tx);
+    return await checkApiKey(apiKey, tx);
 };
-exports.resolveAuthHeader = resolveAuthHeader;
-exports.canAccess = {
+export const canAccess = {
     $fn: {
         $scope: 'Auth',
         $method: 'canAccess',
     },
 };
-const customAuthorizationMiddleware = (expectedScheme = 'Bearer') => {
+export const customAuthorizationMiddleware = (expectedScheme = 'Bearer') => {
     expectedScheme = expectedScheme.toLowerCase();
     return async (req, _res, next) => {
         try {
-            const apiKey = await (0, exports.resolveAuthHeader)(req, expectedScheme);
+            const apiKey = await resolveAuthHeader(req, expectedScheme);
             if (apiKey) {
                 req.apiKey = apiKey;
             }
@@ -1033,20 +986,18 @@ const customAuthorizationMiddleware = (expectedScheme = 'Bearer') => {
         }
     };
 };
-exports.customAuthorizationMiddleware = customAuthorizationMiddleware;
-exports.authorizationMiddleware = (0, exports.customAuthorizationMiddleware)();
-const resolveApiKey = async (req, paramName = 'apikey', tx) => {
+export const authorizationMiddleware = customAuthorizationMiddleware();
+export const resolveApiKey = async (req, paramName = 'apikey', tx) => {
     const apiKey = req.params[paramName] ?? req.body[paramName] ?? req.query[paramName];
     if (apiKey == null) {
         return;
     }
-    return await (0, exports.checkApiKey)(apiKey, tx);
+    return await checkApiKey(apiKey, tx);
 };
-exports.resolveApiKey = resolveApiKey;
-const customApiKeyMiddleware = (paramName = 'apikey') => {
+export const customApiKeyMiddleware = (paramName = 'apikey') => {
     return async (req, _res, next) => {
         try {
-            const apiKey = await (0, exports.resolveApiKey)(req, paramName);
+            const apiKey = await resolveApiKey(req, paramName);
             if (apiKey) {
                 req.apiKey = apiKey;
             }
@@ -1056,16 +1007,14 @@ const customApiKeyMiddleware = (paramName = 'apikey') => {
         }
     };
 };
-exports.customApiKeyMiddleware = customApiKeyMiddleware;
-exports.apiKeyMiddleware = (0, exports.customApiKeyMiddleware)();
-const checkPermissions = async (req, actionList, resourceName, vocabulary) => {
+export const apiKeyMiddleware = customApiKeyMiddleware();
+export const checkPermissions = async (req, actionList, resourceName, vocabulary) => {
     const permissionsLookup = await getReqPermissions(req);
     return $checkPermissions(permissionsLookup, actionList, vocabulary, resourceName);
 };
-exports.checkPermissions = checkPermissions;
-const checkPermissionsMiddleware = (action) => async (req, res, next) => {
+export const checkPermissionsMiddleware = (action) => async (req, res, next) => {
     try {
-        const allowed = await (0, exports.checkPermissions)(req, action);
+        const allowed = await checkPermissions(req, action);
         switch (allowed) {
             case false:
                 res.status(401).end();
@@ -1082,13 +1031,12 @@ const checkPermissionsMiddleware = (action) => async (req, res, next) => {
         res.status(503).end();
     }
 };
-exports.checkPermissionsMiddleware = checkPermissionsMiddleware;
 let guestPermissionsInitialized = false;
-const getGuestPermissions = (0, memoizee_1.default)(async () => {
+const getGuestPermissions = memoize(async () => {
     const result = await sbvrUtils.api.Auth.get({
         resource: 'user',
         passthrough: {
-            req: exports.rootRead,
+            req: rootRead,
         },
         id: {
             username: 'guest',
@@ -1100,7 +1048,7 @@ const getGuestPermissions = (0, memoizee_1.default)(async () => {
     if (result == null) {
         throw new Error('No guest user');
     }
-    const guestPermissions = lodash_1.default.uniq(await (0, exports.getUserPermissions)(result.id));
+    const guestPermissions = _.uniq(await getUserPermissions(result.id));
     if (guestPermissions.some((p) => DEFAULT_ACTOR_BIND_REGEX.test(p))) {
         throw new Error('Guest permissions cannot reference actors');
     }
@@ -1110,7 +1058,7 @@ const getGuestPermissions = (0, memoizee_1.default)(async () => {
 const getReqPermissions = async (req, odataBinds = []) => {
     const guestPermissions = await (async () => {
         if (guestPermissionsInitialized === false &&
-            (req.user === exports.root.user || req.user === exports.rootRead.user)) {
+            (req.user === root.user || req.user === rootRead.user)) {
             return [];
         }
         return await getGuestPermissions();
@@ -1128,14 +1076,14 @@ const getReqPermissions = async (req, odataBinds = []) => {
     }
     return getPermissionsLookup(actorPermissions, guestPermissions);
 };
-const addPermissions = async (req, request) => {
+export const addPermissions = async (req, request) => {
     const { resourceName, odataQuery, odataBinds } = request;
-    const vocabulary = lodash_1.default.last(request.translateVersions);
+    const vocabulary = _.last(request.translateVersions);
     let abstractSqlModel = sbvrUtils.getAbstractSqlModel(request);
     let { permissionType } = request;
     if (permissionType == null) {
         const method = request.method.toUpperCase();
-        const isMetadataEndpoint = method === 'OPTIONS' || uri_parser_1.metadataEndpoints.includes(resourceName);
+        const isMetadataEndpoint = method === 'OPTIONS' || metadataEndpoints.includes(resourceName);
         if (isMetadataEndpoint) {
             permissionType = 'model';
         }
@@ -1152,12 +1100,11 @@ const addPermissions = async (req, request) => {
     }
     const permissionsLookup = await getReqPermissions(req, odataBinds);
     request.abstractSqlModel = abstractSqlModel = memoizedGetConstrainedModel(abstractSqlModel, permissionsLookup, vocabulary);
-    if (!lodash_1.default.isEqual(permissionType, methodPermissions.GET)) {
+    if (!_.isEqual(permissionType, methodPermissions.GET)) {
         const sqlName = sbvrUtils.resolveSynonym(request);
         odataQuery.resource = `${sqlName}$permissions${JSON.stringify(permissionType)}`;
     }
 };
-exports.addPermissions = addPermissions;
 const authModelConfig = {
     apiRoot: 'Auth',
     modelText: userModel,
@@ -1197,14 +1144,14 @@ const authModelConfig = {
 		`,
     },
 };
-exports.config = {
+export const config = {
     models: [authModelConfig],
 };
-function setup() {
-    (0, hooks_1.addHook)('all', 'all', 'all', {
+export function setup() {
+    addHook('all', 'all', 'all', {
         sideEffects: false,
         readOnlyTx: true,
-        PREPARSE: ({ req }) => (0, exports.apiKeyMiddleware)(req),
+        PREPARSE: ({ req }) => apiKeyMiddleware(req),
         POSTPARSE: async ({ req, request, }) => {
             if (request.abstractSqlQuery != null) {
                 return;
@@ -1212,16 +1159,16 @@ function setup() {
             if (request.method === 'POST' &&
                 request.odataQuery.property?.resource === 'canAccess') {
                 if (request.odataQuery.key == null) {
-                    throw new errors_1.BadRequestError();
+                    throw new BadRequestError();
                 }
                 const { action, method } = request.values;
                 if ((method == null) === (action == null)) {
-                    throw new errors_1.BadRequestError();
+                    throw new BadRequestError();
                 }
                 if (method != null) {
                     const permissions = methodPermissions[method];
                     if (permissions == null) {
-                        throw new errors_1.BadRequestError();
+                        throw new BadRequestError();
                     }
                     request.permissionType = permissions;
                 }
@@ -1246,18 +1193,18 @@ function setup() {
                 request.method = 'GET';
                 request.custom.isAction = 'canAccess';
             }
-            await (0, exports.addPermissions)(req, request);
+            await addPermissions(req, request);
         },
         PRERESPOND: ({ request, response }) => {
             if (request.custom.isAction === 'canAccess' &&
                 (response.body == null ||
                     typeof response.body === 'string' ||
-                    lodash_1.default.isEmpty(response.body?.d))) {
-                throw new errors_1.PermissionError();
+                    _.isEmpty(response.body?.d))) {
+                throw new PermissionError();
             }
         },
     });
-    (0, hooks_1.addPureHook)('POST', 'Auth', 'user', {
+    addPureHook('POST', 'Auth', 'user', {
         POSTPARSE: async ({ request, api }) => {
             const result = await api.post({
                 resource: 'actor',
@@ -1266,7 +1213,7 @@ function setup() {
             request.values.actor = result.id;
         },
     });
-    (0, hooks_1.addPureHook)('DELETE', 'Auth', 'user', {
+    addPureHook('DELETE', 'Auth', 'user', {
         POSTRUN: ({ request, api }) => api.delete({
             resource: 'actor',
             id: request.values.actor,