@budibase/backend-core 2.30.2 → 2.30.4

package/dist/index.js

@@ -4190,7 +4190,7 @@ var require_lib3 = __commonJS({
 var require_utils = __commonJS({
   "../../node_modules/@techpass/passport-openidconnect/lib/utils.js"(exports) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     exports.originalURL = function(req, options2) {
       options2 = options2 || {};
       var app = req.app;
@@ -4210,7 +4210,7 @@ var require_utils = __commonJS({
       return a;
     };
     exports.uid = function(len) {
-      return crypto2.randomBytes(Math.ceil(len * 3 / 4)).toString("base64").slice(0, len);
+      return crypto3.randomBytes(Math.ceil(len * 3 / 4)).toString("base64").slice(0, len);
     };
   }
 });
@@ -4381,7 +4381,7 @@ var require_utils2 = __commonJS({
 var require_oauth = __commonJS({
   "../../node_modules/oauth/lib/oauth.js"(exports) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var sha1 = require_sha1();
     var http = require("http");
     var https = require("https");
@@ -4553,10 +4553,10 @@ var require_oauth = __commonJS({
         hash2 = key;
       } else if (this._signatureMethod == "RSA-SHA1") {
         key = this._privateKey || "";
-        hash2 = crypto2.createSign("RSA-SHA1").update(signatureBase).sign(key, "base64");
+        hash2 = crypto3.createSign("RSA-SHA1").update(signatureBase).sign(key, "base64");
       } else {
-        if (crypto2.Hmac) {
-          hash2 = crypto2.createHmac("sha1", key).update(signatureBase).digest("base64");
+        if (crypto3.Hmac) {
+          hash2 = crypto3.createHmac("sha1", key).update(signatureBase).digest("base64");
         } else {
           hash2 = sha1.HMACSHA1(key, signatureBase);
         }
@@ -4910,7 +4910,7 @@ var require_oauth2 = __commonJS({
   "../../node_modules/oauth/lib/oauth2.js"(exports) {
     "use strict";
     var querystring = require("querystring");
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var https = require("https");
     var http = require("http");
     var URL2 = require("url");
@@ -16326,7 +16326,7 @@ var require_helpers = __commonJS({
   "../../node_modules/request/lib/helpers.js"(exports) {
     "use strict";
     var jsonSafeStringify = require_stringify();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Buffer2 = require_safe_buffer().Buffer;
     var defer = typeof setImmediate === "undefined" ? process.nextTick : setImmediate;
     function paramsHaveRequestBody(params2) {
@@ -16342,7 +16342,7 @@ var require_helpers = __commonJS({
       return ret;
     }
     function md5(str) {
-      return crypto2.createHash("md5").update(str).digest("hex");
+      return crypto3.createHash("md5").update(str).digest("hex");
     }
     function isReadStream(rs) {
       return rs.readable && rs.path && rs.mode;
@@ -16380,7 +16380,7 @@ var require_helpers = __commonJS({
 var require_aws_sign2 = __commonJS({
   "../../node_modules/aws-sign2/index.js"(exports, module2) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var parse = require("url").parse;
     var keys2 = [
       "acl",
@@ -16404,7 +16404,7 @@ var require_aws_sign2 = __commonJS({
     module2.exports = authorization;
     module2.exports.authorization = authorization;
     function hmacSha1(options2) {
-      return crypto2.createHmac("sha1", options2.secret).update(options2.message).digest("base64");
+      return crypto3.createHmac("sha1", options2.secret).update(options2.message).digest("base64");
     }
     module2.exports.hmacSha1 = hmacSha1;
     function sign(options2) {
@@ -16560,14 +16560,14 @@ var require_aws4 = __commonJS({
     var aws4 = exports;
     var url = require("url");
     var querystring = require("querystring");
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var lru = require_lru();
     var credentialsCache = lru(1e3);
     function hmac(key, string, encoding) {
-      return crypto2.createHmac("sha256", key).update(string, "utf8").digest(encoding);
+      return crypto3.createHmac("sha256", key).update(string, "utf8").digest(encoding);
     }
     function hash2(string, encoding) {
-      return crypto2.createHash("sha256").update(string, "utf8").digest(encoding);
+      return crypto3.createHash("sha256").update(string, "utf8").digest(encoding);
     }
     function encodeRfc3986(urlEncodedString) {
       return urlEncodedString.replace(/[!'()*]/g, function(c) {
@@ -19623,11 +19623,11 @@ var require_nacl_fast = __commonJS({
     "use strict";
     (function(nacl) {
       "use strict";
-      var gf = function(init10) {
+      var gf = function(init11) {
         var i, r = new Float64Array(16);
-        if (init10)
-          for (i = 0; i < init10.length; i++)
-            r[i] = init10[i];
+        if (init11)
+          for (i = 0; i < init11.length; i++)
+            r[i] = init11[i];
         return r;
       };
       var randombytes = function() {
@@ -21887,23 +21887,23 @@ var require_nacl_fast = __commonJS({
         randombytes = fn;
       };
       (function() {
-        var crypto2 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
-        if (crypto2 && crypto2.getRandomValues) {
+        var crypto3 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
+        if (crypto3 && crypto3.getRandomValues) {
           var QUOTA = 65536;
           nacl.setPRNG(function(x, n) {
             var i, v = new Uint8Array(n);
             for (i = 0; i < n; i += QUOTA) {
-              crypto2.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
+              crypto3.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
             }
             for (i = 0; i < n; i++)
               x[i] = v[i];
             cleanup3(v);
           });
         } else if (typeof require !== "undefined") {
-          crypto2 = require("crypto");
-          if (crypto2 && crypto2.randomBytes) {
+          crypto3 = require("crypto");
+          if (crypto3 && crypto3.randomBytes) {
             nacl.setPRNG(function(x, n) {
-              var i, v = crypto2.randomBytes(n);
+              var i, v = crypto3.randomBytes(n);
               for (i = 0; i < n; i++)
                 x[i] = v[i];
               cleanup3(v);
@@ -21943,7 +21943,7 @@ var require_utils3 = __commonJS({
     var Buffer2 = require_safer().Buffer;
     var PrivateKey = require_private_key();
     var Key = require_key();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var algs = require_algs();
     var asn1 = require_lib4();
     var ec = require_ec();
@@ -22027,7 +22027,7 @@ var require_utils3 = __commonJS({
         bufs.push(salt);
         D = Buffer2.concat(bufs);
         for (var j = 0; j < count; ++j)
-          D = crypto2.createHash("md5").update(D).digest();
+          D = crypto3.createHash("md5").update(D).digest();
         material = Buffer2.concat([material, D]);
         D_prev = D;
       }
@@ -22049,13 +22049,13 @@ var require_utils3 = __commonJS({
       return Buffer2.concat(ts).slice(0, size);
       function T(I) {
         hkey.writeUInt32BE(I, hkey.length - 4);
-        var hmac = crypto2.createHmac(hashAlg, passphrase);
+        var hmac = crypto3.createHmac(hashAlg, passphrase);
         hmac.update(hkey);
         var Ti = hmac.digest();
         var Uc = Ti;
         var c = 1;
         while (c++ < iterations) {
-          hmac = crypto2.createHmac(hashAlg, passphrase);
+          hmac = crypto3.createHmac(hashAlg, passphrase);
           hmac.update(Uc);
           Uc = hmac.digest();
           for (var x = 0; x < Ti.length; ++x)
@@ -22426,7 +22426,7 @@ var require_signature = __commonJS({
     var assert = require_assert();
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var errs = require_errors();
     var utils = require_utils3();
     var asn1 = require_lib4();
@@ -22806,7 +22806,7 @@ var require_sec = __commonJS({
 var require_ecc_jsbn = __commonJS({
   "../../node_modules/ecc-jsbn/index.js"(exports) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var BigInteger = require_jsbn().BigInteger;
     var ECPointFp = require_ec().ECPointFp;
     var Buffer2 = require_safer().Buffer;
@@ -22830,7 +22830,7 @@ var require_ecc_jsbn = __commonJS({
         }
       } else {
         var n1 = n.subtract(BigInteger.ONE);
-        var r = new BigInteger(crypto2.randomBytes(n.bitLength()));
+        var r = new BigInteger(crypto3.randomBytes(n.bitLength()));
         priv = r.mod(n1).add(BigInteger.ONE);
         this.P = c.getG().multiply(priv);
       }
@@ -22860,14 +22860,14 @@ var require_dhe = __commonJS({
       generateED25519
     };
     var assert = require_assert();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
     var utils = require_utils3();
     var nacl = require_nacl_fast();
     var Key = require_key();
     var PrivateKey = require_private_key();
-    var CRYPTO_HAVE_ECDH = crypto2.createECDH !== void 0;
+    var CRYPTO_HAVE_ECDH = crypto3.createECDH !== void 0;
     var ecdh = require_ecc_jsbn();
     var ec = require_ec();
     var jsbn = require_jsbn().BigInteger;
@@ -22881,7 +22881,7 @@ var require_dhe = __commonJS({
         if (!CRYPTO_HAVE_ECDH) {
           throw new Error("Due to bugs in the node 0.10 crypto API, node 0.12.x or later is required to use DH");
         }
-        this._dh = crypto2.createDiffieHellman(
+        this._dh = crypto3.createDiffieHellman(
           key.part.p.data,
           void 0,
           key.part.g.data,
@@ -22908,7 +22908,7 @@ var require_dhe = __commonJS({
           "nistp384": "secp384r1",
           "nistp521": "secp521r1"
         }[key.curve];
-        this._dh = crypto2.createECDH(curve);
+        this._dh = crypto3.createECDH(curve);
         if (typeof this._dh !== "object" || typeof this._dh.setPrivateKey !== "function") {
           CRYPTO_HAVE_ECDH = false;
           DiffieHellman.call(this, key);
@@ -23060,7 +23060,7 @@ var require_dhe = __commonJS({
           return this._key;
         } else {
           var n = this._ecParams.getN();
-          var r = new jsbn(crypto2.randomBytes(n.bitLength()));
+          var r = new jsbn(crypto3.randomBytes(n.bitLength()));
           var n1 = n.subtract(jsbn.ONE);
           priv = r.mod(n1).add(jsbn.ONE);
           pub = this._ecParams.getG().multiply(priv);
@@ -23166,7 +23166,7 @@ var require_dhe = __commonJS({
           "nistp384": "secp384r1",
           "nistp521": "secp521r1"
         }[curve];
-        var dh = crypto2.createECDH(osCurve);
+        var dh = crypto3.createECDH(osCurve);
         dh.generateKeys();
         parts.push({
           name: "curve",
@@ -23184,7 +23184,7 @@ var require_dhe = __commonJS({
         var ecParams = new X9ECParameters(curve);
         var n = ecParams.getN();
         var cByteLen = Math.ceil((n.bitLength() + 64) / 8);
-        var c = new jsbn(crypto2.randomBytes(cByteLen));
+        var c = new jsbn(crypto3.randomBytes(cByteLen));
         var n1 = n.subtract(jsbn.ONE);
         var priv = c.mod(n1).add(jsbn.ONE);
         var pub = ecParams.getG().multiply(priv);
@@ -25521,7 +25521,7 @@ var require_ssh_private = __commonJS({
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
     var utils = require_utils3();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Key = require_key();
     var PrivateKey = require_private_key();
     var pem = require_pem();
@@ -25595,7 +25595,7 @@ var require_ssh_private = __commonJS({
           out = Buffer2.from(out);
           var ckey = out.slice(0, cinf.keySize);
           var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
-          var cipherStream = crypto2.createDecipheriv(
+          var cipherStream = crypto3.createDecipheriv(
             cinf.opensslName,
             ckey,
             iv
@@ -25660,7 +25660,7 @@ var require_ssh_private = __commonJS({
       var privBuf;
       if (PrivateKey.isPrivateKey(key)) {
         privBuf = new SSHBuffer({});
-        var checkInt = crypto2.randomBytes(4).readUInt32BE(0);
+        var checkInt = crypto3.randomBytes(4).readUInt32BE(0);
         privBuf.writeInt(checkInt);
         privBuf.writeInt(checkInt);
         privBuf.write(key.toBuffer("rfc4253"));
@@ -25674,7 +25674,7 @@ var require_ssh_private = __commonJS({
         case "none":
           break;
         case "bcrypt":
-          var salt = crypto2.randomBytes(16);
+          var salt = crypto3.randomBytes(16);
           var rounds = 16;
           var kdfssh = new SSHBuffer({});
           kdfssh.writeBuffer(salt);
@@ -25701,7 +25701,7 @@ var require_ssh_private = __commonJS({
           out = Buffer2.from(out);
           var ckey = out.slice(0, cinf.keySize);
           var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
-          var cipherStream = crypto2.createCipheriv(
+          var cipherStream = crypto3.createCipheriv(
             cinf.opensslName,
             ckey,
             iv
@@ -25764,7 +25764,7 @@ var require_pem = __commonJS({
     };
     var assert = require_assert();
     var asn1 = require_lib4();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
     var utils = require_utils3();
@@ -25932,7 +25932,7 @@ var require_pem = __commonJS({
         alg = void 0;
       }
       if (cipher && key && iv) {
-        var cipherStream = crypto2.createDecipheriv(cipher, key, iv);
+        var cipherStream = crypto3.createDecipheriv(cipher, key, iv);
         var chunk, chunks = [];
         cipherStream.once("error", function(e) {
           if (e.toString().indexOf("bad decrypt") !== -1) {
@@ -26360,7 +26360,7 @@ var require_putty = __commonJS({
     var rfc4253 = require_rfc4253();
     var Key = require_key();
     var SSHBuffer = require_ssh_buffer();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var PrivateKey = require_private_key();
     var errors = require_errors();
     function read(buf, options2) {
@@ -26430,7 +26430,7 @@ var require_putty = __commonJS({
             );
           }
           var iv = Buffer2.alloc(16, 0);
-          var decipher = crypto2.createDecipheriv(
+          var decipher = crypto3.createDecipheriv(
             "aes-256-cbc",
             derivePPK2EncryptionKey(options2.passphrase),
             iv
@@ -26481,11 +26481,11 @@ var require_putty = __commonJS({
       return key;
     }
     function derivePPK2EncryptionKey(passphrase) {
-      var hash1 = crypto2.createHash("sha1").update(Buffer2.concat([
+      var hash1 = crypto3.createHash("sha1").update(Buffer2.concat([
         Buffer2.from([0, 0, 0, 0]),
         Buffer2.from(passphrase)
       ])).digest();
-      var hash2 = crypto2.createHash("sha1").update(Buffer2.concat([
+      var hash2 = crypto3.createHash("sha1").update(Buffer2.concat([
         Buffer2.from([0, 0, 0, 1]),
         Buffer2.from(passphrase)
       ])).digest();
@@ -26641,7 +26641,7 @@ var require_private_key = __commonJS({
     var assert = require_assert();
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Fingerprint = require_fingerprint();
     var Signature = require_signature();
     var errs = require_errors();
@@ -26752,14 +26752,14 @@ var require_private_key = __commonJS({
       var v, nm, err;
       try {
         nm = hashAlgo.toUpperCase();
-        v = crypto2.createSign(nm);
+        v = crypto3.createSign(nm);
       } catch (e) {
         err = e;
       }
       if (v === void 0 || err instanceof Error && err.message.match(/Unknown message digest/)) {
         nm = "RSA-";
         nm += hashAlgo.toUpperCase();
-        v = crypto2.createSign(nm);
+        v = crypto3.createSign(nm);
       }
       assert.ok(v, "failed to create verifier");
       var oldSign = v.sign.bind(v);
@@ -26845,7 +26845,7 @@ var require_identity = __commonJS({
     module2.exports = Identity6;
     var assert = require_assert();
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Fingerprint = require_fingerprint();
     var Signature = require_signature();
     var errs = require_errors();
@@ -27163,7 +27163,7 @@ var require_openssh_cert = __commonJS({
     };
     var assert = require_assert();
     var SSHBuffer = require_ssh_buffer();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
     var Key = require_key();
@@ -27352,7 +27352,7 @@ var require_openssh_cert = __commonJS({
       assert.object(cert.signatures.openssh, "signature for openssh format");
       var sig = cert.signatures.openssh;
       if (sig.nonce === void 0)
-        sig.nonce = crypto2.randomBytes(16);
+        sig.nonce = crypto3.randomBytes(16);
       var buf = new SSHBuffer({});
       buf.writeString(getCertType(cert.subjectKey));
       buf.writeBuffer(sig.nonce);
@@ -28158,7 +28158,7 @@ var require_certificate = __commonJS({
     var assert = require_assert();
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Fingerprint = require_fingerprint();
     var Signature = require_signature();
     var errs = require_errors();
@@ -28245,7 +28245,7 @@ var require_certificate = __commonJS({
         throw new InvalidAlgorithmError(algo);
       if (this._hashCache[algo])
         return this._hashCache[algo];
-      var hash2 = crypto2.createHash(algo).update(this.toBuffer("x509")).digest();
+      var hash2 = crypto3.createHash(algo).update(this.toBuffer("x509")).digest();
       this._hashCache[algo] = hash2;
       return hash2;
     };
@@ -28516,7 +28516,7 @@ var require_fingerprint = __commonJS({
     var assert = require_assert();
     var Buffer2 = require_safer().Buffer;
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var errs = require_errors();
     var Key = require_key();
     var PrivateKey = require_private_key();
@@ -28583,9 +28583,9 @@ var require_fingerprint = __commonJS({
         );
       }
       var theirHash = other.hash(this.algorithm, this.hashType);
-      var theirHash2 = crypto2.createHash(this.algorithm).update(theirHash).digest("base64");
+      var theirHash2 = crypto3.createHash(this.algorithm).update(theirHash).digest("base64");
       if (this.hash2 === void 0)
-        this.hash2 = crypto2.createHash(this.algorithm).update(this.hash).digest("base64");
+        this.hash2 = crypto3.createHash(this.algorithm).update(this.hash).digest("base64");
       return this.hash2 === theirHash2;
     };
     var base64RE = /^[A-Za-z0-9+\/=]+$/;
@@ -28711,7 +28711,7 @@ var require_key = __commonJS({
     module2.exports = Key;
     var assert = require_assert();
     var algs = require_algs();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Fingerprint = require_fingerprint();
     var Signature = require_signature();
     var DiffieHellman = require_dhe().DiffieHellman;
@@ -28809,7 +28809,7 @@ var require_key = __commonJS({
       } else {
         throw new Error("Hash type " + type + " not supported");
       }
-      var hash2 = crypto2.createHash(algo).update(buf).digest();
+      var hash2 = crypto3.createHash(algo).update(buf).digest();
       this._hashCache[cacheKey] = hash2;
       return hash2;
     };
@@ -28857,14 +28857,14 @@ var require_key = __commonJS({
       var v, nm, err;
       try {
         nm = hashAlgo.toUpperCase();
-        v = crypto2.createVerify(nm);
+        v = crypto3.createVerify(nm);
       } catch (e) {
         err = e;
       }
       if (v === void 0 || err instanceof Error && err.message.match(/Unknown message digest/)) {
         nm = "RSA-";
         nm += hashAlgo.toUpperCase();
-        v = crypto2.createVerify(nm);
+        v = crypto3.createVerify(nm);
       }
       assert.ok(v, "failed to create verifier");
       var oldVerify = v.verify.bind(v);
@@ -29351,7 +29351,7 @@ var require_extsprintf = __commonJS({
       ].join("");
       var re = new RegExp(regex);
       var args = Array.prototype.slice.call(arguments, 1);
-      var flags, width, precision, conversion2;
+      var flags2, width, precision, conversion2;
       var left, pad, sign, arg, match;
       var ret = "";
       var argn = 1;
@@ -29359,7 +29359,7 @@ var require_extsprintf = __commonJS({
       while ((match = re.exec(fmt)) !== null) {
         ret += match[1];
         fmt = fmt.substring(match[0].length);
-        flags = match[2] || "";
+        flags2 = match[2] || "";
         width = match[3] || 0;
         precision = match[4] || "";
         conversion2 = match[6];
@@ -29374,19 +29374,19 @@ var require_extsprintf = __commonJS({
           throw new Error("too few args to sprintf");
         arg = args.shift();
         argn++;
-        if (flags.match(/[\' #]/))
+        if (flags2.match(/[\' #]/))
           throw new Error(
-            "unsupported flags: " + flags
+            "unsupported flags: " + flags2
           );
         if (precision.length > 0)
           throw new Error(
             "non-zero precision not supported"
           );
-        if (flags.match(/-/))
+        if (flags2.match(/-/))
           left = true;
-        if (flags.match(/0/))
+        if (flags2.match(/0/))
           pad = "0";
-        if (flags.match(/\+/))
+        if (flags2.match(/\+/))
           sign = true;
         switch (conversion2) {
           case "s":
@@ -29487,7 +29487,7 @@ var require_extsprintf2 = __commonJS({
       var re = new RegExp(regex);
       var args = Array.prototype.slice.call(arguments, 1);
       var fmt = ofmt;
-      var flags, width, precision, conversion2;
+      var flags2, width, precision, conversion2;
       var left, pad, sign, arg, match;
       var ret = "";
       var argn = 1;
@@ -29505,7 +29505,7 @@ var require_extsprintf2 = __commonJS({
         curconv = match[0].substring(match[1].length);
         convposn = posn + match[1].length + 1;
         posn += match[0].length;
-        flags = match[2] || "";
+        flags2 = match[2] || "";
         width = match[3] || 0;
         precision = match[4] || "";
         conversion2 = match[6];
@@ -29526,7 +29526,7 @@ var require_extsprintf2 = __commonJS({
         }
         arg = args.shift();
         argn++;
-        if (flags.match(/[\' #]/)) {
+        if (flags2.match(/[\' #]/)) {
           throw jsError(
             ofmt,
             convposn,
@@ -29542,11 +29542,11 @@ var require_extsprintf2 = __commonJS({
             "uses non-zero precision (not supported)"
           );
         }
-        if (flags.match(/-/))
+        if (flags2.match(/-/))
           left = true;
-        if (flags.match(/0/))
+        if (flags2.match(/0/))
           pad = "0";
-        if (flags.match(/\+/))
+        if (flags2.match(/\+/))
           sign = true;
         switch (conversion2) {
           case "s":
@@ -30669,7 +30669,7 @@ var require_signer = __commonJS({
   "../../node_modules/http-signature/lib/signer.js"(exports, module2) {
     "use strict";
     var assert = require_assert();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var http = require("http");
     var util = require("util");
     var sshpk = require_lib5();
@@ -30706,7 +30706,7 @@ var require_signer = __commonJS({
         this.rs_keyId = options2.keyId;
         if (typeof options2.key !== "string" && !Buffer.isBuffer(options2.key))
           throw new TypeError("options.key for HMAC must be a string or Buffer");
-        this.rs_signer = crypto2.createHmac(alg[1].toUpperCase(), options2.key);
+        this.rs_signer = crypto3.createHmac(alg[1].toUpperCase(), options2.key);
         this.rs_signer.sign = function() {
           var digest = this.digest("base64");
           return {
@@ -30924,7 +30924,7 @@ var require_signer = __commonJS({
         if (alg[0] === "hmac") {
           if (typeof options2.key !== "string" && !Buffer.isBuffer(options2.key))
             throw new TypeError("options.key must be a string or Buffer");
-          var hmac = crypto2.createHmac(alg[1].toUpperCase(), options2.key);
+          var hmac = crypto3.createHmac(alg[1].toUpperCase(), options2.key);
           hmac.update(stringToSign);
           signature = hmac.digest("base64");
         } else {
@@ -30970,7 +30970,7 @@ var require_verify = __commonJS({
   "../../node_modules/http-signature/lib/verify.js"(exports, module2) {
     "use strict";
     var assert = require_assert();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var sshpk = require_lib5();
     var utils = require_utils4();
     var HASH_ALGOS = utils.HASH_ALGOS;
@@ -31018,12 +31018,12 @@ var require_verify = __commonJS({
         if (alg[0] !== "hmac")
           return false;
         var hashAlg = alg[1].toUpperCase();
-        var hmac = crypto2.createHmac(hashAlg, secret);
+        var hmac = crypto3.createHmac(hashAlg, secret);
         hmac.update(parsedSignature.signingString);
-        var h1 = crypto2.createHmac(hashAlg, secret);
+        var h1 = crypto3.createHmac(hashAlg, secret);
         h1.update(hmac.digest());
         h1 = h1.digest();
-        var h2 = crypto2.createHmac(hashAlg, secret);
+        var h2 = crypto3.createHmac(hashAlg, secret);
         h2.update(new Buffer(parsedSignature.params.signature, "base64"));
         h2 = h2.digest();
         if (typeof h1 === "string")
@@ -48976,12 +48976,12 @@ var require_auth = __commonJS({
 var require_oauth_sign = __commonJS({
   "../../node_modules/oauth-sign/index.js"(exports) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     function sha(key, body2, algorithm) {
-      return crypto2.createHmac(algorithm, key).update(body2).digest("base64");
+      return crypto3.createHmac(algorithm, key).update(body2).digest("base64");
     }
     function rsa(key, body2) {
-      return crypto2.createSign("RSA-SHA1").update(body2).sign(key, "base64");
+      return crypto3.createSign("RSA-SHA1").update(body2).sign(key, "base64");
     }
     function rfc3986(str) {
       return encodeURIComponent(str).replace(/!/g, "%21").replace(/\*/g, "%2A").replace(/\(/g, "%28").replace(/\)/g, "%29").replace(/'/g, "%27");
@@ -49088,7 +49088,7 @@ var require_oauth4 = __commonJS({
     var caseless = require_caseless();
     var uuid2 = require("uuid/v4");
     var oauth = require_oauth_sign();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var Buffer2 = require_safe_buffer().Buffer;
     function OAuth(request) {
       this.request = request;
@@ -49140,7 +49140,7 @@ var require_oauth4 = __commonJS({
       if (["HMAC-SHA1", "RSA-SHA1"].indexOf(_oauth.signature_method || "HMAC-SHA1") < 0) {
         this.request.emit("error", new Error("oauth: " + _oauth.signature_method + " signature_method not supported with body_hash signing."));
       }
-      var shasum = crypto2.createHash("sha1");
+      var shasum = crypto3.createHash("sha1");
       shasum.update(body2 || "");
       var sha1 = shasum.digest("hex");
       return Buffer2.from(sha1, "hex").toString("base64");
@@ -49209,15 +49209,15 @@ var require_oauth4 = __commonJS({
 var require_hawk = __commonJS({
   "../../node_modules/request/lib/hawk.js"(exports) {
     "use strict";
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     function randomString(size) {
       var bits = (size + 1) * 6;
-      var buffer = crypto2.randomBytes(Math.ceil(bits / 8));
+      var buffer = crypto3.randomBytes(Math.ceil(bits / 8));
       var string = buffer.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
       return string.slice(0, size);
     }
     function calculatePayloadHash(payload, algorithm, contentType) {
-      var hash2 = crypto2.createHash(algorithm);
+      var hash2 = crypto3.createHash(algorithm);
       hash2.update("hawk.1.payload\n");
       hash2.update((contentType ? contentType.split(";")[0].trim().toLowerCase() : "") + "\n");
       hash2.update(payload || "");
@@ -49233,7 +49233,7 @@ var require_hawk = __commonJS({
       if (opts.app) {
         normalized = normalized + opts.app + "\n" + (opts.dlg || "") + "\n";
       }
-      var hmac = crypto2.createHmac(credentials.algorithm, credentials.key).update(normalized);
+      var hmac = crypto3.createHmac(credentials.algorithm, credentials.key).update(normalized);
       var digest = hmac.digest("base64");
       return digest;
     };
@@ -53654,7 +53654,7 @@ var require_strategy2 = __commonJS({
     var OAuth2 = require_oauth3().OAuth2;
     var SessionStateStore = require_session();
     var InternalOAuthError = require_internaloautherror();
-    var crypto2 = require("crypto");
+    var crypto3 = require("crypto");
     var base64url = require_base64url2();
     var AuthorizationError = require_authorizationerror();
     function Strategy(options2, verify) {
@@ -54043,11 +54043,11 @@ var require_strategy2 = __commonJS({
               delete meta[param];
           }
           if (config.pkce) {
-            var verifier = base64url(crypto2.pseudoRandomBytes(32));
+            var verifier = base64url(crypto3.pseudoRandomBytes(32));
             switch (config.pkce) {
               case "S256":
                 params2.code_challenge = base64url(
-                  crypto2.createHash("sha256").update(verifier).digest()
+                  crypto3.createHash("sha256").update(verifier).digest()
                 );
                 break;
               case "plain":
@@ -54197,7 +54197,7 @@ __export(src_exports, {
   events: () => events_exports,
   features: () => features_exports,
   getPublicError: () => getPublicError,
-  init: () => init9,
+  init: () => init10,
   installation: () => installation_exports,
   locks: () => redlockImpl_exports,
   logging: () => logging_exports,
@@ -54212,12 +54212,14 @@ __export(src_exports, {
   roles: () => roles_exports,
   security: () => security_exports,
   sessions: () => sessions_exports,
+  setEnv: () => setEnv,
   sql: () => sql_exports,
   tenancy: () => tenancy,
   timers: () => timers_exports,
   userUtils: () => utils_exports5,
   users: () => users_exports3,
-  utils: () => utils_exports4
+  utils: () => utils_exports4,
+  withEnv: () => withEnv
 });
 module.exports = __toCommonJS(src_exports);
 
@@ -54596,6 +54598,7 @@ var AutomationActionStepId = /* @__PURE__ */ ((AutomationActionStepId2) => {
   AutomationActionStepId2["COLLECT"] = "COLLECT";
   AutomationActionStepId2["OPENAI"] = "OPENAI";
   AutomationActionStepId2["TRIGGER_AUTOMATION_RUN"] = "TRIGGER_AUTOMATION_RUN";
+  AutomationActionStepId2["BRANCH"] = "BRANCH";
   AutomationActionStepId2["discord"] = "discord";
   AutomationActionStepId2["slack"] = "slack";
   AutomationActionStepId2["zapier"] = "zapier";
@@ -55311,7 +55314,7 @@ var search = (docs, query) => {
   }
   return response;
 };
-var runQuery = (docs, query) => {
+var runQuery = (docs, query, findInDoc = deepGet) => {
   if (!docs || !Array.isArray(docs)) {
     return [];
   }
@@ -55325,7 +55328,7 @@ var runQuery = (docs, query) => {
   }
   const match = (type, test) => (doc) => {
     for (const [key, testValue] of Object.entries(query[type] || {})) {
-      const valueToCheck = isLogicalSearchOperator(type) ? doc : deepGet(doc, removeKeyNumbering(key));
+      const valueToCheck = isLogicalSearchOperator(type) ? doc : findInDoc(doc, removeKeyNumbering(key));
       const result = test(valueToCheck, testValue);
       if (query.allOr && result) {
         return true;
@@ -55864,6 +55867,27 @@ var allowSortColumnByType = {
   ["bb_reference" /* BB_REFERENCE */]: false,
   ["bb_reference_single" /* BB_REFERENCE_SINGLE */]: false
 };
+var allowDefaultColumnByType = {
+  ["number" /* NUMBER */]: true,
+  ["json" /* JSON */]: true,
+  ["datetime" /* DATETIME */]: true,
+  ["longform" /* LONGFORM */]: true,
+  ["string" /* STRING */]: true,
+  ["options" /* OPTIONS */]: false,
+  ["auto" /* AUTO */]: false,
+  ["internal" /* INTERNAL */]: false,
+  ["barcodeqr" /* BARCODEQR */]: false,
+  ["bigint" /* BIGINT */]: false,
+  ["boolean" /* BOOLEAN */]: false,
+  ["formula" /* FORMULA */]: false,
+  ["attachment" /* ATTACHMENTS */]: false,
+  ["attachment_single" /* ATTACHMENT_SINGLE */]: false,
+  ["signature_single" /* SIGNATURE_SINGLE */]: false,
+  ["array" /* ARRAY */]: false,
+  ["link" /* LINK */]: false,
+  ["bb_reference" /* BB_REFERENCE */]: false,
+  ["bb_reference_single" /* BB_REFERENCE_SINGLE */]: false
+};
 
 // src/constants/db.ts
 var AutomationViewMode = /* @__PURE__ */ ((AutomationViewMode2) => {
@@ -56017,6 +56041,7 @@ __export(context_exports, {
   getCurrentContext: () => getCurrentContext,
   getDevAppDB: () => getDevAppDB,
   getEnvironmentVariables: () => getEnvironmentVariables,
+  getFeatureFlags: () => getFeatureFlags,
   getGlobalDB: () => getGlobalDB,
   getGlobalDBName: () => getGlobalDBName,
   getIdentity: () => getIdentity,
@@ -56030,7 +56055,8 @@ __export(context_exports, {
   isMultiTenant: () => isMultiTenant,
   isScim: () => isScim,
   isTenancyEnabled: () => isTenancyEnabled,
-  isTenantIdSet: () => isTenantIdSet
+  isTenantIdSet: () => isTenantIdSet,
+  setFeatureFlags: () => setFeatureFlags
 });
 
 // src/context/identity.ts
@@ -56084,6 +56110,7 @@ function getAccountUserId(account) {
 
 // src/environment.ts
 var import_fs = require("fs");
+var import_lodash2 = require("lodash");
 function isTest() {
   return isJest();
 }
@@ -56194,6 +56221,8 @@ var environment = {
   COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
   PLATFORM_URL: process.env.PLATFORM_URL || "",
   POSTHOG_TOKEN: process.env.POSTHOG_TOKEN,
+  POSTHOG_PERSONAL_TOKEN: process.env.POSTHOG_PERSONAL_TOKEN,
+  POSTHOG_API_HOST: process.env.POSTHOG_API_HOST || "https://us.i.posthog.com",
   ENABLE_ANALYTICS: process.env.ENABLE_ANALYTICS,
   TENANT_FEATURE_FLAGS: process.env.TENANT_FEATURE_FLAGS,
   CLOUDFRONT_CDN: process.env.CLOUDFRONT_CDN,
@@ -56249,6 +56278,28 @@ var environment = {
   BB_ADMIN_USER_PASSWORD: process.env.BB_ADMIN_USER_PASSWORD,
   OPENAI_API_KEY: process.env.OPENAI_API_KEY
 };
+function setEnv(newEnvVars) {
+  const oldEnv = (0, import_lodash2.cloneDeep)(environment);
+  let key;
+  for (key in newEnvVars) {
+    environment._set(key, newEnvVars[key]);
+  }
+  return () => {
+    for (const [key2, value] of Object.entries(oldEnv)) {
+      environment._set(key2, value);
+    }
+  };
+}
+function withEnv(envVars, f) {
+  const cleanup3 = setEnv(envVars);
+  const result = f();
+  if (result instanceof Promise) {
+    return result.finally(cleanup3);
+  } else {
+    cleanup3();
+    return result;
+  }
+}
 var SECRETS = [
   "API_ENCRYPTION_KEY",
   "BB_ADMIN_USER_PASSWORD",
@@ -60303,6 +60354,21 @@ function getCurrentContext() {
     return void 0;
   }
 }
+function getFeatureFlags(key) {
+  const context = getCurrentContext();
+  if (!context) {
+    return void 0;
+  }
+  return context.featureFlagCache?.[key];
+}
+function setFeatureFlags(key, value) {
+  const context = getCurrentContext();
+  if (!context) {
+    return;
+  }
+  context.featureFlagCache ??= {};
+  context.featureFlagCache[key] = value;
+}
 
 // src/cache/base/index.ts
 function generateTenantKey(key) {
@@ -62058,7 +62124,7 @@ var enabled = async () => {
 };
 
 // src/events/processors/posthog/PosthogProcessor.ts
-var import_posthog_node = __toESM(require("posthog-node"));
+var import_posthog_node = require("posthog-node");
 
 // src/events/processors/posthog/rateLimiting.ts
 var isRateLimited = (event) => {
@@ -62142,7 +62208,7 @@ var PosthogProcessor = class {
     if (!token) {
       throw new Error("Posthog token is not defined");
     }
-    this.posthog = new import_posthog_node.default(token);
+    this.posthog = new import_posthog_node.PostHog(token);
   }
   async processEvent(event, identity, properties, timestamp) {
     if (EXCLUDED_EVENTS.includes(event)) {
@@ -64667,7 +64733,7 @@ __export(security_exports, {
 });
 
 // src/security/auth.ts
-var PASSWORD_MIN_LENGTH = +(environment_default.PASSWORD_MIN_LENGTH || 8);
+var PASSWORD_MIN_LENGTH = +(environment_default.PASSWORD_MIN_LENGTH || 12);
 var PASSWORD_MAX_LENGTH = +(environment_default.PASSWORD_MAX_LENGTH || 512);
 function validatePassword(password) {
   if (!password || password.length < PASSWORD_MIN_LENGTH) {
@@ -65977,70 +66043,194 @@ var DEFINITIONS = [
 // src/features/index.ts
 var features_exports = {};
 __export(features_exports, {
-  defaultFlags: () => defaultFlags,
-  fetch: () => fetch6,
-  get: () => get4,
-  isEnabled: () => isEnabled
+  Flag: () => Flag,
+  FlagSet: () => FlagSet,
+  flags: () => flags,
+  init: () => init8,
+  shutdown: () => shutdown5
 });
-var import_lodash2 = require("lodash");
-var Flag = class _Flag {
+var import_posthog_node2 = require("posthog-node");
+var import_dd_trace3 = __toESM(require("dd-trace"));
+var posthog;
+function init8(opts) {
+  if (environment_default.POSTHOG_TOKEN && environment_default.POSTHOG_API_HOST) {
+    console.log("initializing posthog client...");
+    posthog = new import_posthog_node2.PostHog(environment_default.POSTHOG_TOKEN, {
+      host: environment_default.POSTHOG_API_HOST,
+      personalApiKey: environment_default.POSTHOG_PERSONAL_TOKEN,
+      ...opts
+    });
+  } else {
+    console.log("posthog disabled");
+  }
+}
+function shutdown5() {
+  posthog?.shutdown();
+}
+var Flag = class {
   constructor(defaultValue) {
     this.defaultValue = defaultValue;
   }
-  static withDefault(value) {
-    return new _Flag(value);
+  static boolean(defaultValue) {
+    return new BooleanFlag(defaultValue);
+  }
+  static string(defaultValue) {
+    return new StringFlag(defaultValue);
+  }
+  static number(defaultValue) {
+    return new NumberFlag(defaultValue);
   }
 };
-var FLAGS = {
-  LICENSING: Flag.withDefault(false),
-  GOOGLE_SHEETS: Flag.withDefault(false),
-  USER_GROUPS: Flag.withDefault(false),
-  ONBOARDING_TOUR: Flag.withDefault(false)
+var BooleanFlag = class extends Flag {
+  parse(value) {
+    if (typeof value === "string") {
+      return ["true", "t", "1"].includes(value.toLowerCase());
+    }
+    if (typeof value === "boolean") {
+      return value;
+    }
+    throw new Error(`could not parse value "${value}" as boolean`);
+  }
 };
-var DEFAULTS = Object.keys(FLAGS).reduce((acc, key) => {
-  const typedKey = key;
-  acc[typedKey] = FLAGS[typedKey].defaultValue;
-  return acc;
-}, {});
-function defaultFlags() {
-  return (0, import_lodash2.cloneDeep)(DEFAULTS);
-}
-function isFlagName(name) {
-  return FLAGS[name] !== void 0;
-}
-async function fetch6() {
-  const currentTenantId = getTenantId();
-  const flags = defaultFlags();
-  const split = (environment_default.TENANT_FEATURE_FLAGS || "").split(",").map((x) => x.split(":"));
-  for (const [tenantId, ...features] of split) {
-    if (!tenantId || tenantId !== "*" && tenantId !== currentTenantId) {
-      continue;
+var StringFlag = class extends Flag {
+  parse(value) {
+    if (typeof value === "string") {
+      return value;
     }
-    for (let feature of features) {
-      let value = true;
-      if (feature.startsWith("!")) {
-        feature = feature.slice(1);
-        value = false;
+    throw new Error(`could not parse value "${value}" as string`);
+  }
+};
+var NumberFlag = class extends Flag {
+  parse(value) {
+    if (typeof value === "number") {
+      return value;
+    }
+    if (typeof value === "string") {
+      const parsed = parseFloat(value);
+      if (!isNaN(parsed)) {
+        return parsed;
       }
-      if (!isFlagName(feature)) {
-        throw new Error(`Feature: ${feature} is not an allowed option`);
+    }
+    throw new Error(`could not parse value "${value}" as number`);
+  }
+};
+var FlagSet = class {
+  constructor(flagSchema) {
+    this.flagSchema = flagSchema;
+    this.setId = crypto.randomUUID();
+  }
+  defaults() {
+    return Object.keys(this.flagSchema).reduce((acc, key) => {
+      const typedKey = key;
+      acc[typedKey] = this.flagSchema[key].defaultValue;
+      return acc;
+    }, {});
+  }
+  isFlagName(name) {
+    return this.flagSchema[name] !== void 0;
+  }
+  async get(key, ctx) {
+    const flags2 = await this.fetch(ctx);
+    return flags2[key];
+  }
+  async isEnabled(key, ctx) {
+    const flags2 = await this.fetch(ctx);
+    return flags2[key];
+  }
+  async fetch(ctx) {
+    return await import_dd_trace3.default.trace("features.fetch", async (span) => {
+      const cachedFlags = getFeatureFlags(this.setId);
+      if (cachedFlags) {
+        span?.addTags({ fromCache: true });
+        return cachedFlags;
+      }
+      const tags = {};
+      const flagValues = this.defaults();
+      const currentTenantId = getTenantId();
+      const specificallySetFalse = /* @__PURE__ */ new Set();
+      const split = (environment_default.TENANT_FEATURE_FLAGS || "").split(",").map((x) => x.split(":"));
+      for (const [tenantId, ...features] of split) {
+        if (!tenantId || tenantId !== "*" && tenantId !== currentTenantId) {
+          continue;
+        }
+        tags[`readFromEnvironmentVars`] = true;
+        for (let feature of features) {
+          let value = true;
+          if (feature.startsWith("!")) {
+            feature = feature.slice(1);
+            value = false;
+            specificallySetFalse.add(feature);
+          }
+          if (!this.isFlagName(feature)) {
+            continue;
+          }
+          if (typeof flagValues[feature] !== "boolean") {
+            throw new Error(`Feature: ${feature} is not a boolean`);
+          }
+          flagValues[feature] = value;
+          tags[`flags.${feature}.source`] = "environment";
+        }
       }
-      if (typeof flags[feature] !== "boolean") {
-        throw new Error(`Feature: ${feature} is not a boolean`);
+      const license = ctx?.user?.license;
+      if (license) {
+        tags[`readFromLicense`] = true;
+        for (const feature of license.features) {
+          if (!this.isFlagName(feature)) {
+            continue;
+          }
+          if (flagValues[feature] === true || specificallySetFalse.has(feature)) {
+            continue;
+          }
+          flagValues[feature] = true;
+          tags[`flags.${feature}.source`] = "license";
+        }
       }
-      flags[feature] = value;
-    }
+      const identity = getIdentity();
+      tags[`identity.type`] = identity?.type;
+      tags[`identity.tenantId`] = identity?.tenantId;
+      tags[`identity._id`] = identity?._id;
+      if (posthog && identity?.type === "user" /* USER */) {
+        tags[`readFromPostHog`] = true;
+        const personProperties = {};
+        if (identity.tenantId) {
+          personProperties.tenantId = identity.tenantId;
+        }
+        const posthogFlags = await posthog.getAllFlagsAndPayloads(
+          identity._id,
+          {
+            personProperties
+          }
+        );
+        for (const [name, value] of Object.entries(posthogFlags.featureFlags)) {
+          if (!this.isFlagName(name)) {
+            console.warn(`Unexpected posthog flag "${name}": ${value}`);
+            continue;
+          }
+          if (flagValues[name] === true || specificallySetFalse.has(name)) {
+            continue;
+          }
+          const payload = posthogFlags.featureFlagPayloads?.[name];
+          const flag = this.flagSchema[name];
+          try {
+            flagValues[name] = flag.parse(payload || value);
+            tags[`flags.${name}.source`] = "posthog";
+          } catch (err) {
+            console.warn(`Error parsing posthog flag "${name}": ${value}`, err);
+          }
+        }
+      }
+      setFeatureFlags(this.setId, flagValues);
+      for (const [key, value] of Object.entries(flagValues)) {
+        tags[`flags.${key}.value`] = value;
+      }
+      span?.addTags(tags);
+      return flagValues;
+    });
   }
-  return flags;
-}
-async function get4(name) {
-  const flags = await fetch6();
-  return flags[name];
-}
-async function isEnabled(name) {
-  const flags = await fetch6();
-  return flags[name];
-}
+};
+var flags = new FlagSet({
+  DEFAULT_VALUES: Flag.boolean(false)
+});
 
 // src/auth/index.ts
 var auth_exports = {};
@@ -66657,7 +66847,7 @@ function readBytes(stream3, length) {
 }
 
 // src/middleware/authenticated.ts
-var import_dd_trace3 = __toESM(require("dd-trace"));
+var import_dd_trace4 = __toESM(require("dd-trace"));
 var ONE_MINUTE = environment_default.SESSION_UPDATE_PERIOD ? parseInt(environment_default.SESSION_UPDATE_PERIOD) : 60 * 1e3;
 function timeMinusOneMinute() {
   return new Date(Date.now() - ONE_MINUTE).toISOString();
@@ -66771,7 +66961,7 @@ function authenticated_default(noAuthPatterns = [], opts = {
         return user2 && user2.email;
       };
       if (isUser(user)) {
-        import_dd_trace3.default.setUser({
+        import_dd_trace4.default.setUser({
           id: user._id,
           tenantId: user.tenantId,
           budibaseAccess: user.budibaseAccess,
@@ -67415,7 +67605,7 @@ async function isBlacklisted(address) {
 // src/docUpdates/index.ts
 var docUpdates_exports = {};
 __export(docUpdates_exports, {
-  init: () => init8
+  init: () => init9
 });
 
 // src/events/documentId.ts
@@ -67473,7 +67663,7 @@ var DocumentUpdateProcessor = class {
 // src/docUpdates/index.ts
 var processingPromise;
 var documentProcessor;
-function init8(processors2) {
+function init9(processors2) {
   if (!asyncEventQueue) {
     init5();
   }
@@ -67507,21 +67697,27 @@ function isIgnoredType(type) {
   return ignored.indexOf(type) !== -1;
 }
 function generateSchema(schema, table, tables, oldTable = null, renamed) {
-  let primaryKey = table && table.primary ? table.primary[0] : null;
+  let primaryKeys = table && table.primary ? table.primary : [];
   const columns = Object.values(table.schema);
   let metaCols = columns.filter((col) => col.meta);
   let isJunction = metaCols.length === columns.length;
-  if (primaryKey && !oldTable && !isJunction) {
-    schema.increments(primaryKey).primary();
-  } else if (!oldTable && isJunction) {
-    schema.primary(metaCols.map((col) => col.name));
+  let columnTypeSet = [];
+  if (!oldTable) {
+    if (isJunction) {
+      schema.primary(metaCols.map((col) => col.name));
+    } else if (primaryKeys.length === 1) {
+      schema.increments(primaryKeys[0]).primary();
+      columnTypeSet.push(primaryKeys[0]);
+    } else {
+      schema.primary(primaryKeys);
+    }
   }
   const foreignKeys = Object.values(table.schema).map(
     (col) => col.foreignKey
   );
   for (let [key, column] of Object.entries(table.schema)) {
     const oldColumn = oldTable ? oldTable.schema[key] : null;
-    if (oldColumn && oldColumn.type || primaryKey === key && !isJunction || renamed?.updated === key) {
+    if (oldColumn && oldColumn.type || columnTypeSet.includes(key) || renamed?.updated === key) {
       continue;
     }
     const columnType = column.type;
@@ -67531,7 +67727,11 @@ function generateSchema(schema, table, tables, oldTable = null, renamed) {
       case "longform" /* LONGFORM */:
       case "barcodeqr" /* BARCODEQR */:
       case "bb_reference_single" /* BB_REFERENCE_SINGLE */:
-        schema.text(key);
+        if (primaryKeys.includes(key)) {
+          schema.string(key, 255);
+        } else {
+          schema.text(key);
+        }
         break;
       case "number" /* NUMBER */:
         if (column.meta && column.meta.toKey && column.meta.toTable) {
@@ -68663,7 +68863,7 @@ var tenancy = {
   ...tenancy_exports,
   ...context_exports
 };
-var init9 = (opts = {}) => {
+var init10 = (opts = {}) => {
   init(opts.db);
 };
 // Annotate the CommonJS export names for ESM import in node:
@@ -68738,12 +68938,14 @@ var init9 = (opts = {}) => {
   roles,
   security,
   sessions,
+  setEnv,
   sql,
   tenancy,
   timers,
   userUtils,
   users,
-  utils
+  utils,
+  withEnv
 });
 /*! Bundled license information: