@byline/host-tanstack-start 3.15.1 → 3.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,6 +1,6 @@
1
1
  import type { SystemActivityResponse } from '../../server-fns/admin-activity/index.js';
2
2
  /**
3
- * The system-wide activity report (docs/AUDIT.md — Workstream 4): a paged,
3
+ * The system-wide activity report (docs/06-auth-and-security/02-auditability.md — Workstream 4): a paged,
4
4
  * filterable feed over the union of the version stream (content saves) and the
5
5
  * audit log (status / path / locale changes, deletions, and future admin-realm
6
6
  * events). Read-only; gated by `admin.activity.read`.
@@ -9,7 +9,7 @@
9
9
  * One serialised audit-log entry as it reaches the admin UI. Mirrors
10
10
  * `@byline/client`'s `AuditLogEntry` but with `occurredAt` as an ISO string —
11
11
  * the value crosses the TanStack server-fn boundary through `serialise()`,
12
- * which turns Dates into strings (docs/AUDIT.md — Workstream 3).
12
+ * which turns Dates into strings (docs/06-auth-and-security/02-auditability.md — Workstream 3).
13
13
  */
14
14
  export interface AuditLogEntryView {
15
15
  id: string;
@@ -42,7 +42,7 @@ export interface DocumentHistoryData {
42
42
  }>;
43
43
  }
44
44
  /**
45
- * Document-grain audit log for a single document (docs/AUDIT.md — Workstream
45
+ * Document-grain audit log for a single document (docs/06-auth-and-security/02-auditability.md — Workstream
46
46
  * 3, "Document history" tab): a chronological, newest-first list of the
47
47
  * non-versioned changes the version stream does not record — path /
48
48
  * available-locales writes, in-place status transitions, and the deletion
@@ -15,7 +15,7 @@ export declare const HistoryView: ({ collectionDefinition, adminConfig, data, au
15
15
  data: AnyCollectionSchemaTypes["HistoryType"] & {
16
16
  /**
17
17
  * Audit display labels (the acting user per version), resolved admin-side from each
18
- * version's `createdBy` id (see docs/AUDIT.md — Workstream 1). Ids
18
+ * version's `createdBy` id (see docs/06-auth-and-security/02-auditability.md — Workstream 1). Ids
19
19
  * absent from the map belong to deleted users.
20
20
  */
21
21
  actors?: Record<string, {
@@ -23,7 +23,7 @@ export declare const HistoryView: ({ collectionDefinition, adminConfig, data, au
23
23
  }>;
24
24
  };
25
25
  /**
26
- * Document-grain audit log for the "Document history" tab (docs/AUDIT.md —
26
+ * Document-grain audit log for the "Document history" tab (docs/06-auth-and-security/02-auditability.md —
27
27
  * Workstream 3): the non-versioned path / available-locales / status
28
28
  * changes and the deletion event, with admin-resolved actor labels.
29
29
  */
@@ -7,7 +7,7 @@
7
7
  */
8
8
  /**
9
9
  * Pure projection helpers for the drag-to-reorder / re-parent tree list
10
- * (docs/DOCUMENT-TREE.md, phase 2). Adapted from the dnd-kit "sortable tree"
10
+ * (docs/04-collections/03-document-trees.md, phase 2). Adapted from the dnd-kit "sortable tree"
11
11
  * pattern: a pre-order flattened list where the drag's **horizontal** offset
12
12
  * projects a target depth, clamped to what the neighbouring rows allow, and the
13
13
  * target parent + sibling neighbours are resolved from that depth.
@@ -6,7 +6,7 @@
6
6
  * Copyright (c) Infonomic Company Limited
7
7
  */
8
8
  /**
9
- * Admin-activity server fns (docs/AUDIT.md — Workstream 4) — the
9
+ * Admin-activity server fns (docs/06-auth-and-security/02-auditability.md — Workstream 4) — the
10
10
  * system-wide activity report. Reads the adapter's audit queries directly
11
11
  * (cross-collection, includes admin-realm rows) behind the
12
12
  * `admin.activity.read` gate, rather than routing through a per-document
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "private": false,
4
4
  "type": "module",
5
5
  "license": "MPL-2.0",
6
- "version": "3.15.1",
6
+ "version": "3.16.0",
7
7
  "engines": {
8
8
  "node": ">=20.9.0"
9
9
  },
@@ -119,13 +119,13 @@
119
119
  "react-swipeable": "^7.0.2",
120
120
  "uuid": "^14.0.0",
121
121
  "zod": "^4.4.3",
122
- "@byline/admin": "3.15.1",
123
- "@byline/i18n": "3.15.1",
124
- "@byline/auth": "3.15.1",
125
- "@byline/ai": "3.15.1",
126
- "@byline/ui": "3.15.1",
127
- "@byline/client": "3.15.1",
128
- "@byline/core": "3.15.1"
122
+ "@byline/auth": "3.16.0",
123
+ "@byline/admin": "3.16.0",
124
+ "@byline/ai": "3.16.0",
125
+ "@byline/client": "3.16.0",
126
+ "@byline/i18n": "3.16.0",
127
+ "@byline/ui": "3.16.0",
128
+ "@byline/core": "3.16.0"
129
129
  },
130
130
  "peerDependencies": {
131
131
  "@tanstack/react-router": "^1.167.0",
@@ -53,7 +53,7 @@ function formatAuditValue(value: unknown): string {
53
53
  }
54
54
 
55
55
  /**
56
- * The system-wide activity report (docs/AUDIT.md — Workstream 4): a paged,
56
+ * The system-wide activity report (docs/06-auth-and-security/02-auditability.md — Workstream 4): a paged,
57
57
  * filterable feed over the union of the version stream (content saves) and the
58
58
  * audit log (status / path / locale changes, deletions, and future admin-realm
59
59
  * events). Read-only; gated by `admin.activity.read`.
@@ -16,7 +16,7 @@ import styles from './document-history.module.css'
16
16
  * One serialised audit-log entry as it reaches the admin UI. Mirrors
17
17
  * `@byline/client`'s `AuditLogEntry` but with `occurredAt` as an ISO string —
18
18
  * the value crosses the TanStack server-fn boundary through `serialise()`,
19
- * which turns Dates into strings (docs/AUDIT.md — Workstream 3).
19
+ * which turns Dates into strings (docs/06-auth-and-security/02-auditability.md — Workstream 3).
20
20
  */
21
21
  export interface AuditLogEntryView {
22
22
  id: string
@@ -62,7 +62,7 @@ function formatAuditValue(value: unknown): string {
62
62
  }
63
63
 
64
64
  /**
65
- * Document-grain audit log for a single document (docs/AUDIT.md — Workstream
65
+ * Document-grain audit log for a single document (docs/06-auth-and-security/02-auditability.md — Workstream
66
66
  * 3, "Document history" tab): a chronological, newest-first list of the
67
67
  * non-versioned changes the version stream does not record — path /
68
68
  * available-locales writes, in-place status transitions, and the deletion
@@ -410,7 +410,7 @@ export const EditView = ({
410
410
  // Document-grain system fields write first via their own non-versioned
411
411
  // path — so a path conflict surfaces before we mint a content version,
412
412
  // and these immediate writes never reset workflow status. See
413
- // docs/I18N.md.
413
+ // docs/07-internationalization/index.md.
414
414
  if (pathDirty || availableLocalesDirty) {
415
415
  await updateCollectionDocumentSystemFields({
416
416
  data: {
@@ -122,13 +122,13 @@ export const HistoryView = ({
122
122
  data: AnyCollectionSchemaTypes['HistoryType'] & {
123
123
  /**
124
124
  * Audit display labels (the acting user per version), resolved admin-side from each
125
- * version's `createdBy` id (see docs/AUDIT.md — Workstream 1). Ids
125
+ * version's `createdBy` id (see docs/06-auth-and-security/02-auditability.md — Workstream 1). Ids
126
126
  * absent from the map belong to deleted users.
127
127
  */
128
128
  actors?: Record<string, { label: string }>
129
129
  }
130
130
  /**
131
- * Document-grain audit log for the "Document history" tab (docs/AUDIT.md —
131
+ * Document-grain audit log for the "Document history" tab (docs/06-auth-and-security/02-auditability.md —
132
132
  * Workstream 3): the non-versioned path / available-locales / status
133
133
  * changes and the deletion event, with admin-resolved actor labels.
134
134
  */
@@ -152,7 +152,7 @@ export const HistoryView = ({
152
152
  const titleFieldName = collectionDefinition.useAsTitle
153
153
  const location = useRouterState({ select: (s) => s.location })
154
154
  const locale = (location.search as { locale?: string }).locale
155
- // Which sub-view is active (docs/AUDIT.md — W3). Absent / anything but
155
+ // Which sub-view is active (docs/06-auth-and-security/02-auditability.md — W3). Absent / anything but
156
156
  // 'document' → the content version stream.
157
157
  const activeTab =
158
158
  (location.search as { tab?: string }).tab === 'document' ? 'document' : 'versions'
@@ -293,7 +293,7 @@ export const HistoryView = ({
293
293
  const versionNumber = desc
294
294
  ? total - (page - 1) * pageSize - rowIndex
295
295
  : (page - 1) * pageSize + rowIndex + 1
296
- // Audit strip (docs/AUDIT.md — W1): who created this
296
+ // Audit strip (docs/06-auth-and-security/02-auditability.md — W1): who created this
297
297
  // version, via which action. A present-but-unresolved id
298
298
  // is a deleted user; an absent id is a row written before
299
299
  // audit wiring or an internal-tooling write.
@@ -8,7 +8,7 @@
8
8
 
9
9
  /**
10
10
  * Pure projection helpers for the drag-to-reorder / re-parent tree list
11
- * (docs/DOCUMENT-TREE.md, phase 2). Adapted from the dnd-kit "sortable tree"
11
+ * (docs/04-collections/03-document-trees.md, phase 2). Adapted from the dnd-kit "sortable tree"
12
12
  * pattern: a pre-order flattened list where the drag's **horizontal** offset
13
13
  * projects a target depth, clamped to what the neighbouring rows allow, and the
14
14
  * target parent + sibling neighbours are resolved from that depth.
@@ -32,7 +32,7 @@ const searchSchema = z.object({
32
32
  order: z.string().optional(),
33
33
  desc: z.coerce.boolean().optional(),
34
34
  locale: z.string().optional(),
35
- // Which sub-view of the history page is active (docs/AUDIT.md — Workstream
35
+ // Which sub-view of the history page is active (docs/06-auth-and-security/02-auditability.md — Workstream
36
36
  // 3). 'versions' is the content version stream; 'document' is the
37
37
  // document-grain audit log. Absent → 'versions'.
38
38
  tab: z.enum(['versions', 'document']).optional(),
@@ -17,7 +17,7 @@ import { type ActorLabelMap, resolveActorLabels } from '../collections/actors.js
17
17
  import type { AuditLogEntryDto } from '../collections/audit.js'
18
18
 
19
19
  // ---------------------------------------------------------------------------
20
- // System-wide activity report (docs/AUDIT.md — Workstream 4)
20
+ // System-wide activity report (docs/06-auth-and-security/02-auditability.md — Workstream 4)
21
21
  // ---------------------------------------------------------------------------
22
22
 
23
23
  /** Filters for the activity feed. `from` / `to` are ISO strings over the wire. */
@@ -7,7 +7,7 @@
7
7
  */
8
8
 
9
9
  /**
10
- * Admin-activity server fns (docs/AUDIT.md — Workstream 4) — the
10
+ * Admin-activity server fns (docs/06-auth-and-security/02-auditability.md — Workstream 4) — the
11
11
  * system-wide activity report. Reads the adapter's audit queries directly
12
12
  * (cross-collection, includes admin-realm rows) behind the
13
13
  * `admin.activity.read` gate, rather than routing through a per-document
@@ -7,7 +7,7 @@
7
7
  */
8
8
 
9
9
  /**
10
- * Audit actor-label resolution (docs/AUDIT.md — Workstream 1).
10
+ * Audit actor-label resolution (docs/06-auth-and-security/02-auditability.md — Workstream 1).
11
11
  *
12
12
  * Shaped documents carry only the raw `createdBy` uuid; turning ids into
13
13
  * display labels is an **admin-realm** concern, so it happens here — in
@@ -45,7 +45,7 @@ export interface AuditLogEntryDto {
45
45
  }
46
46
 
47
47
  // ---------------------------------------------------------------------------
48
- // Get document-grain audit log (docs/AUDIT.md — Workstream 3)
48
+ // Get document-grain audit log (docs/06-auth-and-security/02-auditability.md — Workstream 3)
49
49
  // ---------------------------------------------------------------------------
50
50
 
51
51
  export const getCollectionDocumentAuditLog = createServerFn({ method: 'GET' })
@@ -69,7 +69,7 @@ export const getCollectionDocumentAuditLog = createServerFn({ method: 'GET' })
69
69
  pageSize: params?.page_size,
70
70
  })
71
71
 
72
- // Acting-user labels for the audit list (docs/AUDIT.md — W3). Resolved
72
+ // Acting-user labels for the audit list (docs/06-auth-and-security/02-auditability.md — W3). Resolved
73
73
  // here, in the admin realm, from each entry's raw `actorId`; the UI joins
74
74
  // by id. System/tooling rows (NULL actorId) and deleted users are absent
75
75
  // from the map — the UI renders the corresponding tombstone label.
@@ -157,7 +157,7 @@ const getDocumentFn = createServerFn({ method: 'GET' })
157
157
  // `availableLocales` — the stored editorial set → initialises the
158
158
  // form-context slot / the checked state.
159
159
  // `_availableVersionLocales` — the ledger fact → drives each row's intent.
160
- // See docs/I18N.md.
160
+ // See docs/07-internationalization/index.md.
161
161
  const availableLocales = (serialised as Record<string, any>).availableLocales as
162
162
  | string[]
163
163
  | undefined
@@ -61,7 +61,7 @@ export const getCollectionDocumentHistory = createServerFn({ method: 'GET' })
61
61
  const serialised = serialise(result)
62
62
  const { history } = getCollectionSchemasForPath(path)
63
63
 
64
- // Acting-user labels for the audit strip (docs/AUDIT.md — W1).
64
+ // Acting-user labels for the audit strip (docs/06-auth-and-security/02-auditability.md — W1).
65
65
  // Resolved here, in the admin realm, from the page's raw `createdBy`
66
66
  // ids; the UI joins by id. Deleted users are absent from the map.
67
67
  const actors: ActorLabelMap = await resolveActorLabels(result.docs.map((d) => d.createdBy))
@@ -11,7 +11,7 @@
11
11
  * behind the sidebar tree-placement widget. Thin wrappers over the
12
12
  * `@byline/client` tree API, which asserts the actor ability, enforces the
13
13
  * cycle / same-collection invariants, and fires the `afterTreeChange`
14
- * invalidation hook. See docs/DOCUMENT-TREE.md.
14
+ * invalidation hook. See docs/04-collections/03-document-trees.md.
15
15
  */
16
16
 
17
17
  import { createServerFn } from '@tanstack/react-start'
@@ -22,7 +22,7 @@ import { ensureCollection } from '../../integrations/api-utils.js'
22
22
  // Document-grain system fields (`path`, `availableLocales`) are deliberately
23
23
  // NOT handled here: they are written through their own non-versioned path
24
24
  // (`updateCollectionDocumentSystemFields` below) so that editing them does not
25
- // mint a new version or reset workflow status. See docs/I18N.md.
25
+ // mint a new version or reset workflow status. See docs/07-internationalization/index.md.
26
26
  // ---------------------------------------------------------------------------
27
27
 
28
28
  export const updateCollectionDocumentWithPatches = createServerFn({ method: 'POST' })