@classytic/arc 2.10.8 → 2.11.0

package/dist/{index-EqQN6p0W.d.mts → index-t8pLpPFW.d.mts}

@@ -1,4 +1,4 @@
-import { B as ResourceDefinition, C as RequestContext, F as FastifyWithDecorators, Mt as IControllerResponse, Nt as IRequestContext, T as CrudRouterOptions, Yt as AnyRecord, bt as ResourceConfig, ct as CrudController, jt as IController } from "./index-BGbpGVyM.mjs";
+import { B as ResourceDefinition, C as RequestContext, F as FastifyWithDecorators, Pt as AnyRecord, T as CrudRouterOptions, _t as IControllerResponse, at as ResourceConfig, gt as IController, q as CrudController, vt as IRequestContext } from "./index-Cm0vUrr_.mjs";
 import { r as RequestScope } from "./types-tgR4Pt8F.mjs";
 import { c as PermissionCheck } from "./fields-C8Y0XLAu.mjs";
 import { FastifyReply, FastifyRequest, RouteHandlerMethod } from "fastify";
@@ -54,16 +54,19 @@ declare const RESERVED_QUERY_PARAMS: Readonly<Set<string>>;
 //#endregion
 //#region src/core/createCrudRouter.d.ts
 /**
- * Create CRUD routes for a controller
+ * Create CRUD routes for a controller.
  *
- * @param fastify - Fastify instance with Arc decorators
- * @param controller - CRUD controller with handler methods
- * @param options - Router configuration
+ * @param fastify    - Fastify instance with Arc decorators
+ * @param controller - CRUD controller with handler methods (optional when
+ *                     `disableDefaultRoutes: true` and only custom `routes`
+ *                     are being registered)
+ * @param options    - Router configuration
  */
 declare function createCrudRouter<TDoc = unknown>(fastify: FastifyWithDecorators, controller: CrudController<TDoc> | undefined, options?: CrudRouterOptions): void;
 /**
- * Create permission middleware from PermissionCheck
- * Useful for custom route registration
+ * Build a permission middleware from a PermissionCheck — useful when hosts
+ * register their own routes outside the resource system but still want to
+ * evaluate permissions through the shared applicator.
  */
 declare function createPermissionMiddleware(permission: PermissionCheck, resourceName: string, action: string): RouteHandlerMethod | null;
 //#endregion
@@ -108,7 +111,7 @@ type VariantsResult<TDoc, V extends VariantsMap<TDoc>> = { [K in keyof V]: Resou
  * @returns A record where each key from `variants` maps to a real
  *          `ResourceDefinition` ready for `.toPlugin()` registration.
  */
-declare function defineResourceVariants<TDoc = AnyRecord, V extends VariantsMap<TDoc> = VariantsMap<TDoc>>(base: Omit<ResourceConfig<TDoc>, "name" | "prefix">, variants: V): VariantsResult<TDoc, V>;
+declare function defineResourceVariants<TDoc extends AnyRecord = AnyRecord, V extends VariantsMap<TDoc> = VariantsMap<TDoc>>(base: Omit<ResourceConfig<TDoc>, "name" | "prefix">, variants: V): VariantsResult<TDoc, V>;
 //#endregion
 //#region src/core/fastifyAdapter.d.ts
 /**

package/dist/index.d.mts

@@ -1,43 +1,11 @@
-import { A as RequestIdOptions, B as ResourceDefinition, C as RequestContext, D as HealthCheck, Dt as RouteSchemaOptions, E as GracefulShutdownOptions, F as FastifyWithDecorators, L as RequestWithExtras, Mt as IControllerResponse, N as FastifyRequestExtras, Nt as IRequestContext, O as HealthOptions, P as FastifyWithAuth, Pt as RouteHandler, Qt as JWTPayload, T as CrudRouterOptions, V as defineResource, Wt as AuthPluginOptions, Xt as ApiResponse, Yt as AnyRecord, Zt as ArcRequest, _n as RepositoryLike, _t as PresetResult, a as InferAdapterDoc, an as BaseControllerOptions, bt as ResourceConfig, c as TypedController, ct as CrudController, d as PaginationResult, dt as EventDefinition, f as IntrospectionData, ft as FieldRule, g as ArcInternalMetadata, gn as RelationMetadata, h as ResourceMetadata, hn as FieldMetadata, ht as PresetFunction, i as ValidationResult$1, in as BaseController, jt as IController, k as IntrospectionPluginOptions, kt as ControllerLike, l as TypedRepository, lt as CrudRouteKey, m as RegistryStats, mn as DataAdapter, n as ConfigError, nn as envelope, o as InferDocType, p as RegistryEntry, pt as MiddlewareConfig, r as ValidateOptions, s as InferResourceDoc, t as RouteHandlerMethod, tn as UserOrganization, u as TypedResourceConfig, ut as CrudSchemas, vn as SchemaMetadata, vt as RateLimitConfig, w as ServiceContext, y as OwnershipCheck, yn as ValidationResult } from "./index-BGbpGVyM.mjs";
+import { $t as ArcListResult, A as RequestIdOptions, An as RelationMetadata, B as ResourceDefinition, Bt as UserOrganization, C as RequestContext, D as HealthCheck, E as GracefulShutdownOptions, F as FastifyWithDecorators, Ft as ApiResponse, Gt as TreeMixin, Ht as SoftDeleteExt, It as ArcRequest, J as CrudRouteKey, Jt as BulkExt, Kt as SlugExt, L as RequestWithExtras, Lt as JWTPayload, Mn as SchemaMetadata, N as FastifyRequestExtras, Nn as ValidationResult, O as HealthOptions, On as DataAdapter, P as FastifyWithAuth, Pt as AnyRecord, Q as MiddlewareConfig, Qt as ArcGetResult, S as QueryParserInterface, T as CrudRouterOptions, Ut as SoftDeleteMixin, V as defineResource, Vt as BaseController, Wt as TreeExt, X as EventDefinition, Xt as ArcCreateResult, Y as CrudSchemas, Yt as BulkMixin, Z as FieldRule, Zt as ArcDeleteResult, _t as IControllerResponse, a as InferAdapterDoc, at as ResourceConfig, c as TypedController, d as PaginationResult, en as ArcUpdateResult, et as PresetFunction, f as IntrospectionData, ft as RouteSchemaOptions, g as ArcInternalMetadata, gt as IController, h as ResourceMetadata, i as ValidationResult$1, jn as RepositoryLike, k as IntrospectionPluginOptions, kn as FieldMetadata, kt as AuthPluginOptions, l as TypedRepository, m as RegistryStats, mt as ControllerLike, n as ConfigError, nn as BaseCrudController, nt as PresetResult, o as InferDocType, p as RegistryEntry, q as CrudController, qt as SlugMixin, r as ValidateOptions, rn as ListResult, rt as RateLimitConfig, s as InferResourceDoc, t as RouteHandlerMethod, tn as BaseControllerOptions, u as TypedResourceConfig, vt as IRequestContext, w as ServiceContext, y as OwnershipCheck, yt as RouteHandler } from "./index-Cm0vUrr_.mjs";
 import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, t as FieldPermission, u as PermissionResult } from "./fields-C8Y0XLAu.mjs";
-import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-BziRPS4H.mjs";
-import { C as MAX_REGEX_LENGTH, D as RESERVED_QUERY_PARAMS, E as MutationOperation, O as SYSTEM_FIELDS, S as MAX_FILTER_DEPTH, T as MUTATION_OPERATIONS, _ as DEFAULT_UPDATE_METHOD, a as getControllerScope, b as HookOperation, d as CrudOperation, f as DEFAULT_ID_FIELD, g as DEFAULT_TENANT_FIELD, h as DEFAULT_SORT, m as DEFAULT_MAX_LIMIT, p as DEFAULT_LIMIT, s as defineResourceVariants, u as CRUD_OPERATIONS, v as HOOK_OPERATIONS, w as MAX_SEARCH_LENGTH, x as HookPhase, y as HOOK_PHASES } from "./index-EqQN6p0W.mjs";
-import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-C_Noptz-.mjs";
-import { a as NotFoundError, d as ValidationError, f as createDomainError, i as ForbiddenError, t as ArcError, u as UnauthorizedError } from "./errors-BI8kEKsO.mjs";
+import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-DAushRTt.mjs";
+import { C as MAX_REGEX_LENGTH, D as RESERVED_QUERY_PARAMS, E as MutationOperation, O as SYSTEM_FIELDS, S as MAX_FILTER_DEPTH, T as MUTATION_OPERATIONS, _ as DEFAULT_UPDATE_METHOD, a as getControllerScope, b as HookOperation, d as CrudOperation, f as DEFAULT_ID_FIELD, g as DEFAULT_TENANT_FIELD, h as DEFAULT_SORT, m as DEFAULT_MAX_LIMIT, p as DEFAULT_LIMIT, s as defineResourceVariants, u as CRUD_OPERATIONS, v as HOOK_OPERATIONS, w as MAX_SEARCH_LENGTH, x as HookPhase, y as HOOK_PHASES } from "./index-t8pLpPFW.mjs";
+import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-BYCqHCVu.mjs";
+import { ft as UnauthorizedError, j as envelope, mt as createDomainError, ot as ForbiddenError, pt as ValidationError, rt as ArcError, st as NotFoundError, t as getUserId } from "./index-DsJ1MNfC.mjs";
 
-//#region src/core/validateResourceConfig.d.ts
-interface ConfigError$1 {
-  field: string;
-  message: string;
-  suggestion?: string;
-}
-interface ValidationResult$2 {
-  valid: boolean;
-  errors: ConfigError$1[];
-  warnings: ConfigError$1[];
-}
-interface ValidateOptions$1 {
-  /** Skip controller method validation (for testing) */
-  skipControllerCheck?: boolean;
-  /** Allow unknown preset names */
-  allowUnknownPresets?: boolean;
-  /** Custom valid permission keys beyond CRUD */
-  additionalPermissionKeys?: string[];
-}
-/**
- * Validate a resource configuration
- */
-declare function validateResourceConfig(config: ResourceConfig, options?: ValidateOptions$1): ValidationResult$2;
-/**
- * Format validation errors for display
- */
-declare function formatValidationErrors(resourceName: string, result: ValidationResult$2): string;
-/**
- * Validate and throw if invalid
- */
-declare function assertValidConfig(config: ResourceConfig, options?: ValidateOptions$1): void;
-//#endregion
 //#region src/index.d.ts
 declare const version: string;
 //#endregion
-export { type ValidationResult as AdapterValidationResult, type AnyRecord, type ApiResponse, ArcError, type ArcInternalMetadata, type ArcRequest, type AuthPluginOptions, BaseController, type BaseControllerOptions, CRUD_OPERATIONS, type ConfigError, type ControllerLike, type CrudController, CrudOperation, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DataAdapter, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldMetadata, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, HookOperation, HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, MongooseAdapter, MutationOperation, NotFoundError, type OwnershipCheck, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PresetFunction, type PresetResult, PrismaAdapter, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RelationMetadata, type RepositoryLike, type RequestContext, type RequestIdOptions, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type SchemaMetadata, type ServiceContext, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult$1 as ValidationResult, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, assertValidConfig, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, validateResourceConfig, version, when };
+export { type ValidationResult as AdapterValidationResult, type AnyRecord, type ApiResponse, type ArcCreateResult, type ArcDeleteResult, ArcError, type ArcGetResult, type ArcInternalMetadata, type ArcListResult, type ArcRequest, type ArcUpdateResult, type AuthPluginOptions, BaseController, type BaseControllerOptions, BaseCrudController, type BulkExt, BulkMixin, CRUD_OPERATIONS, type ConfigError, type ControllerLike, type CrudController, type CrudOperation, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DataAdapter, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldMetadata, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, type HookOperation, type HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, type ListResult, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, MongooseAdapter, type MutationOperation, NotFoundError, type OwnershipCheck, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PresetFunction, type PresetResult, PrismaAdapter, type QueryParserInterface, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RelationMetadata, type RepositoryLike, type RequestContext, type RequestIdOptions, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type SchemaMetadata, type ServiceContext, type SlugExt, SlugMixin, type SoftDeleteExt, SoftDeleteMixin, type TreeExt, TreeMixin, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult$1 as ValidationResult, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, fullPublic, getControllerScope, getUserId, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };

package/dist/index.mjs

@@ -1,12 +1,12 @@
-import { a as createMongooseAdapter, i as MongooseAdapter, r as createPrismaAdapter, t as PrismaAdapter } from "./adapters-BXY4i-hw.mjs";
+import { a as createMongooseAdapter, i as MongooseAdapter, r as createPrismaAdapter, t as PrismaAdapter } from "./adapters-D0tT2Tyo.mjs";
 import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-BhY1OHoH.mjs";
-import { t as BaseController } from "./BaseController-DVNKvoX4.mjs";
-import { t as envelope } from "./types-CDnTEpga.mjs";
-import { n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "./fields-CTMWOUDt.mjs";
-import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-BqdUDja_.mjs";
-import { a as formatValidationErrors, i as assertValidConfig, n as ResourceDefinition, o as validateResourceConfig, p as getControllerScope, r as defineResource, t as defineResourceVariants } from "./core-3MWJosCH.mjs";
-import { C as requireAuth, D as when, T as requireRoles, _ as requireTeamMembership, a as presets_exports, b as anyOf, c as readOnly, d as createOrgPermissions, f as requireOrgInScope, g as requireServiceScope, h as requireScopeContext, i as ownerWithAdminBypass, m as requireOrgRole, n as authenticated, o as publicRead, p as requireOrgMembership, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as createDynamicPermissionMatrix, v as allOf, w as requireOwnership, x as denyAll, y as allowPublic } from "./permissions-wkqRwicB.mjs";
+import { j as getUserId, r as envelope } from "./utils-D3Yxnrwr.mjs";
+import { a as BulkMixin, i as SlugMixin, n as TreeMixin, o as BaseCrudController, r as SoftDeleteMixin, t as BaseController } from "./BaseController-JNV08qOT.mjs";
+import { C as requireAuth, D as when, M as applyFieldWritePermissions, N as fields, T as requireRoles, _ as requireTeamMembership, a as presets_exports, b as anyOf, c as readOnly, d as createOrgPermissions, f as requireOrgInScope, g as requireServiceScope, h as requireScopeContext, i as ownerWithAdminBypass, j as applyFieldReadPermissions, m as requireOrgRole, n as authenticated, o as publicRead, p as requireOrgMembership, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as createDynamicPermissionMatrix, v as allOf, w as requireOwnership, x as denyAll, y as allowPublic } from "./permissions-B4vU9L0Q.mjs";
+import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-D5c-5BJL.mjs";
+import { _ as getControllerScope } from "./routerShared-DeESFp4a.mjs";
+import { n as ResourceDefinition, r as defineResource, t as defineResourceVariants } from "./core-DXdSSFW-.mjs";
 //#region src/index.ts
-const version = "2.10.8";
+const version = "2.11.0";
 //#endregion
-export { ArcError, BaseController, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, MongooseAdapter, NotFoundError, PrismaAdapter, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, assertValidConfig, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, validateResourceConfig, version, when };
+export { ArcError, BaseController, BaseCrudController, BulkMixin, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, MongooseAdapter, NotFoundError, PrismaAdapter, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, SlugMixin, SoftDeleteMixin, TreeMixin, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, fullPublic, getControllerScope, getUserId, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };

package/dist/integrations/event-gateway.d.mts

@@ -1,5 +1,5 @@
 import { n as DomainEvent } from "../EventTransport-CfVEGaEl.mjs";
-import { WebSocketClient, WebSocketMessage } from "./websocket.mjs";
+import { a as WebSocketMessage, i as WebSocketClient } from "../websocket-CyJ1VIFI.mjs";
 import { FastifyPluginAsync, FastifyRequest } from "fastify";
 
 //#region src/integrations/event-gateway.d.ts

package/dist/integrations/event-gateway.mjs

@@ -4,7 +4,7 @@ const eventGatewayPluginImpl = async (fastify, opts = {}) => {
 	const { auth = true, orgScoped = false, roomPolicy, maxMessageBytes, maxSubscriptionsPerClient, authenticate } = opts;
 	if (auth && !authenticate && !fastify.hasDecorator("authenticate")) throw new Error("[arc-event-gateway] auth is true but fastify.authenticate is not registered. Register an auth plugin first, provide a custom authenticate function, or set auth: false.");
 	if (opts.sse !== false) {
-		const { default: ssePlugin } = await import("../sse-D8UeDwis.mjs").then((n) => n.r);
+		const { default: ssePlugin } = await import("../sse-V7aXc3bW.mjs").then((n) => n.r);
 		await fastify.register(ssePlugin, {
 			path: opts.sse?.path ?? "/events/stream",
 			requireAuth: auth,

package/dist/integrations/index.d.mts

@@ -1,7 +1,7 @@
-import { WebSocketClient, WebSocketMessage, WebSocketPluginOptions } from "./websocket.mjs";
+import { a as WebSocketMessage, i as WebSocketClient, o as WebSocketPluginOptions } from "../websocket-CyJ1VIFI.mjs";
 import { EventGatewayOptions } from "./event-gateway.mjs";
 import { JobDefinition, JobDispatchOptions, JobDispatcher, JobMeta, JobsPluginOptions, QueueStats } from "./jobs.mjs";
-import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-CVKBssX5.mjs";
+import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-D9NqiYIw.mjs";
 import { StreamlinePluginOptions, WorkflowLike, WorkflowRunLike } from "./streamline.mjs";
 import { WebhookDeliveryRecord, WebhookManager, WebhookPluginOptions, WebhookStore, WebhookSubscription } from "./webhooks.mjs";
 export { type BetterAuthHandler, type CallToolResult, type CreateMcpServerConfig, type CrudOperation, type EventGatewayOptions, type JobDefinition, type JobDispatchOptions, type JobDispatcher, type JobMeta, type JobsPluginOptions, type McpAuthResult, type McpPluginOptions, type McpResourceConfig, type PromptDefinition, type QueueStats, type StreamlinePluginOptions, type ToolAnnotations, type ToolContext, type ToolDefinition, type WebSocketClient, type WebSocketMessage, type WebSocketPluginOptions, type WebhookDeliveryRecord, type WebhookManager, type WebhookPluginOptions, type WebhookStore, type WebhookSubscription, type WorkflowLike, type WorkflowRunLike };

package/dist/integrations/mcp/index.d.mts

@@ -1,5 +1,5 @@
-import { B as ResourceDefinition } from "../../index-BGbpGVyM.mjs";
-import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-CVKBssX5.mjs";
+import { B as ResourceDefinition } from "../../index-Cm0vUrr_.mjs";
+import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-D9NqiYIw.mjs";
 import { FastifyPluginAsync } from "fastify";
 import { z } from "zod";
 

package/dist/integrations/mcp/index.mjs

@@ -1,4 +1,4 @@
-import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools-BhF3JV5p.mjs";
+import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools--okX6QBr.mjs";
 import { createHash, randomUUID } from "node:crypto";
 import fp from "fastify-plugin";
 //#region src/integrations/mcp/defineTool.ts

package/dist/integrations/mcp/testing.d.mts

@@ -1,4 +1,4 @@
-import { o as McpAuthResult, s as McpPluginOptions } from "../../types-CVKBssX5.mjs";
+import { o as McpAuthResult, s as McpPluginOptions } from "../../types-D9NqiYIw.mjs";
 
 //#region src/integrations/mcp/testing.d.ts
 interface TestMcpClientOptions {

package/dist/integrations/mcp/testing.mjs

@@ -1,4 +1,4 @@
-import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools-BhF3JV5p.mjs";
+import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools--okX6QBr.mjs";
 //#region src/integrations/mcp/testing.ts
 /**
 * @classytic/arc/mcp/testing — MCP Test Utilities

package/dist/integrations/streamline.d.mts

@@ -1,7 +1,7 @@
 import { FastifyPluginAsync } from "fastify";
 
 //#region src/integrations/streamline.d.ts
-/** Start options — matches @classytic/streamline v2.1 StartOptions */
+/** Start options — matches @classytic/streamline v2.1+ StartOptions */
 interface WorkflowStartOptions {
   meta?: Record<string, unknown>;
   idempotencyKey?: string;
@@ -65,15 +65,38 @@ interface StreamlinePluginOptions {
   /** Connect workflow lifecycle events to Arc's event bus (default: true) */
   bridgeEvents?: boolean;
   /**
-   * Bridge step-level events (step:started, step:completed, step:failed) to Arc's event bus.
+   * Bridge the workflow's internal event bus (step + workflow lifecycle +
+   * engine telemetry) to Arc's event bus, topic-scoped as
+   * `workflow.${workflowId}.${eventName}`.
+   *
+   * Covers the full streamline 2.2 event surface:
+   *   - Step events: started, completed, failed, waiting, skipped,
+   *     retry-scheduled, compensated
+   *   - Workflow lifecycle: started, completed, failed, waiting, resumed,
+   *     cancelled, recovered, retry, compensating
+   *   - Engine telemetry: engine:error, scheduler:error,
+   *     scheduler:circuit-open
+   *
+   * Subscriptions use structural `container.eventBus.on(...)` — future
+   * streamline releases can add events without breaking arc; missing
+   * events are simply never handled (no crash). Requires the workflow
+   * to expose `container.eventBus`.
+   *
    * Disabled by default — enable for dashboards or monitoring.
-   * Requires the workflow to expose `container.eventBus` (streamline >=2.1).
    * @default false
    */
+  bridgeBusEvents?: boolean;
+  /**
+   * @deprecated v2.11.0 — renamed to `bridgeBusEvents` which now covers
+   * step + workflow + engine events (not just step-level). Still accepted
+   * as an alias; will be removed in v3. Prefer `bridgeBusEvents`.
+   */
   bridgeStepEvents?: boolean;
   /**
    * Enable SSE streaming endpoint: GET /:workflowId/runs/:runId/stream
-   * Streams step-level events as Server-Sent Events for live UI updates.
+   * Streams step-level + lifecycle events as Server-Sent Events for live
+   * UI updates. Auto-closes the stream on terminal workflow events
+   * (completed / failed / cancelled).
    * @default false
    */
   enableStreaming?: boolean;
@@ -86,7 +109,25 @@ interface StreamlinePluginOptions {
     get?: (request: unknown) => boolean | Promise<boolean>;
   };
 }
+/**
+ * Full event list published on a streamline workflow's internal `eventBus`
+ * (tracks streamline 2.2's `EventPayloadMap` in
+ * `@classytic/streamline/src/core/events.ts`).
+ *
+ * Hardcoded here by design — arc subscribes via structural
+ * `eventBus.on(name, handler)`, which is a no-op for events the running
+ * streamline version doesn't emit. New events a future streamline release
+ * adds can be bridged by updating this list; arc never breaks just
+ * because streamline extended its bus.
+ */
+declare const STREAMLINE_BUS_EVENTS: readonly ["step:started", "step:completed", "step:failed", "step:waiting", "step:skipped", "step:retry-scheduled", "step:compensated", "workflow:started", "workflow:completed", "workflow:failed", "workflow:waiting", "workflow:resumed", "workflow:cancelled", "workflow:recovered", "workflow:retry", "workflow:compensating", "engine:error", "scheduler:error", "scheduler:circuit-open"];
+/**
+ * Workflow events that should auto-close an SSE stream when observed.
+ * Recovered / waiting / resumed / retry / compensating are NOT terminal —
+ * the run is still active after them.
+ */
+declare const STREAMLINE_TERMINAL_EVENTS: readonly ["workflow:completed", "workflow:failed", "workflow:cancelled"];
 /** Pluggable streamline integration for Arc */
 declare const streamlinePlugin: FastifyPluginAsync<StreamlinePluginOptions>;
 //#endregion
-export { StreamlinePluginOptions, WorkflowLike, WorkflowRunLike, WorkflowStartOptions, streamlinePlugin };
+export { STREAMLINE_BUS_EVENTS, STREAMLINE_TERMINAL_EVENTS, StreamlinePluginOptions, WorkflowLike, WorkflowRunLike, WorkflowStartOptions, streamlinePlugin };

package/dist/integrations/streamline.mjs

@@ -1,6 +1,49 @@
 //#region src/integrations/streamline.ts
+/**
+* Full event list published on a streamline workflow's internal `eventBus`
+* (tracks streamline 2.2's `EventPayloadMap` in
+* `@classytic/streamline/src/core/events.ts`).
+*
+* Hardcoded here by design — arc subscribes via structural
+* `eventBus.on(name, handler)`, which is a no-op for events the running
+* streamline version doesn't emit. New events a future streamline release
+* adds can be bridged by updating this list; arc never breaks just
+* because streamline extended its bus.
+*/
+const STREAMLINE_BUS_EVENTS = [
+	"step:started",
+	"step:completed",
+	"step:failed",
+	"step:waiting",
+	"step:skipped",
+	"step:retry-scheduled",
+	"step:compensated",
+	"workflow:started",
+	"workflow:completed",
+	"workflow:failed",
+	"workflow:waiting",
+	"workflow:resumed",
+	"workflow:cancelled",
+	"workflow:recovered",
+	"workflow:retry",
+	"workflow:compensating",
+	"engine:error",
+	"scheduler:error",
+	"scheduler:circuit-open"
+];
+/**
+* Workflow events that should auto-close an SSE stream when observed.
+* Recovered / waiting / resumed / retry / compensating are NOT terminal —
+* the run is still active after them.
+*/
+const STREAMLINE_TERMINAL_EVENTS = [
+	"workflow:completed",
+	"workflow:failed",
+	"workflow:cancelled"
+];
 const streamlinePluginImpl = async (fastify, options) => {
-	const { workflows, prefix = "/workflows", auth = true, bridgeEvents = true, bridgeStepEvents = false, enableStreaming = false, permissions: perms } = options;
+	const { workflows, prefix = "/workflows", auth = true, bridgeEvents = true, enableStreaming = false, permissions: perms } = options;
+	const bridgeBus = options.bridgeBusEvents ?? options.bridgeStepEvents ?? false;
 	const registry = /* @__PURE__ */ new Map();
 	for (const wf of workflows) {
 		const id = wf.definition.id;
@@ -148,13 +191,7 @@ const streamlinePluginImpl = async (fastify, options) => {
 				data: await wf.engine.rewindTo?.(runId, stepId)
 			};
 		});
-		if (bridgeStepEvents && wf.container?.eventBus && fastify.events?.publish) for (const eventName of [
-			"step:started",
-			"step:completed",
-			"step:failed",
-			"step:skipped",
-			"step:retry-scheduled"
-		]) wf.container.eventBus.on(eventName, (payload) => {
+		if (bridgeBus && wf.container?.eventBus && fastify.events?.publish) for (const eventName of STREAMLINE_BUS_EVENTS) wf.container.eventBus.on(eventName, (payload) => {
 			const p = payload;
 			fastify.events.publish(`workflow.${id}.${eventName}`, {
 				runId: p?.runId,
@@ -183,15 +220,7 @@ const streamlinePluginImpl = async (fastify, options) => {
 				"Cache-Control": "no-cache",
 				Connection: "keep-alive"
 			});
-			const events = [
-				"step:started",
-				"step:completed",
-				"step:failed",
-				"step:skipped",
-				"workflow:completed",
-				"workflow:failed",
-				"workflow:cancelled"
-			];
+			const terminalEvents = new Set(STREAMLINE_TERMINAL_EVENTS);
 			const listeners = [];
 			let closed = false;
 			const send = (event, data) => {
@@ -211,12 +240,12 @@ const streamlinePluginImpl = async (fastify, options) => {
 					reply.raw.end();
 				} catch {}
 			};
-			for (const eventName of events) {
+			for (const eventName of STREAMLINE_BUS_EVENTS) {
 				const fn = (payload) => {
 					const p = payload;
-					if (p?.runId !== runId) return;
+					if (typeof p?.runId === "string" && p.runId !== runId) return;
 					send(eventName, p);
-					if (eventName === "workflow:completed" || eventName === "workflow:failed" || eventName === "workflow:cancelled") cleanup();
+					if (terminalEvents.has(eventName) && p?.runId === runId) cleanup();
 				};
 				wf.container.eventBus.on(eventName, fn);
 				listeners.push({
@@ -244,4 +273,4 @@ const streamlinePluginImpl = async (fastify, options) => {
 /** Pluggable streamline integration for Arc */
 const streamlinePlugin = streamlinePluginImpl;
 //#endregion
-export { streamlinePlugin };
+export { STREAMLINE_BUS_EVENTS, STREAMLINE_TERMINAL_EVENTS, streamlinePlugin };

package/dist/integrations/websocket-redis.d.mts

@@ -1,4 +1,4 @@
-import { WebSocketAdapter } from "./websocket.mjs";
+import { c as WebSocketAdapter } from "../websocket-CyJ1VIFI.mjs";
 
 //#region src/integrations/websocket-redis.d.ts
 interface RedisLike {

package/dist/integrations/websocket.d.mts

@@ -1,154 +1,2 @@
-import { FastifyPluginAsync } from "fastify";
-
-//#region src/integrations/websocket.d.ts
-interface WebSocketClient {
-  id: string;
-  socket: {
-    send(data: string): void;
-    close(): void;
-    readyState: number;
-  };
-  subscriptions: Set<string>;
-  userId?: string;
-  organizationId?: string;
-  /** OAuth client ID — present for service/machine-to-machine connections */
-  clientId?: string;
-  /** OAuth scopes — present for service/machine-to-machine connections */
-  scopes?: readonly string[];
-  metadata?: Record<string, unknown>;
-}
-interface WebSocketMessage {
-  type: string;
-  resource?: string;
-  channel?: string;
-  data?: unknown;
-}
-interface WebSocketPluginOptions {
-  /** WebSocket endpoint path (default: '/ws') */
-  path?: string;
-  /** Require authentication for WebSocket connections (default: true) */
-  auth?: boolean;
-  /** Resources to auto-broadcast CRUD events for */
-  resources?: string[];
-  /** Heartbeat interval in ms (default: 30000). Set 0 to disable. */
-  heartbeatInterval?: number;
-  /** Custom authentication function for WebSocket upgrade */
-  authenticate?: (request: unknown) => Promise<{
-    userId?: string;
-    organizationId?: string; /** Set for machine-to-machine / service account auth */
-    clientId?: string; /** OAuth scopes for service accounts */
-    scopes?: readonly string[];
-  } | null>;
-  /** Max clients per resource subscription (default: 10000) */
-  maxClientsPerRoom?: number;
-  /**
-   * Expose a stats endpoint at `{path}/stats`.
-   * - `false` (default): stats endpoint is not registered
-   * - `true`: registered without auth
-   * - `'authenticated'`: guarded by `fastify.authenticate` if available
-   */
-  exposeStats?: boolean | "authenticated";
-  /**
-   * Authorize room subscriptions. Return true to allow, false to deny.
-   * Called before every subscribe. If not provided, all rooms are allowed.
-   */
-  roomPolicy?: (client: WebSocketClient, room: string) => boolean | Promise<boolean>;
-  /** Maximum message size in bytes from client (default: 16384 = 16KB). Messages exceeding this are dropped. */
-  maxMessageBytes?: number;
-  /** Maximum subscriptions per client (default: 100). Prevents resource exhaustion. */
-  maxSubscriptionsPerClient?: number;
-  /**
-   * Periodic re-authentication interval in ms (default: 0 = disabled).
-   * When set, the server periodically re-validates the client's auth token.
-   * If the token is expired/revoked, the client is disconnected with code 4003.
-   *
-   * Recommended: 300000 (5 minutes) for production.
-   *
-   * @example
-   * ```typescript
-   * websocketPlugin({ reauthInterval: 5 * 60 * 1000 }) // re-check every 5 min
-   * ```
-   */
-  reauthInterval?: number;
-  /** Custom message handler */
-  onMessage?: (client: WebSocketClient, message: WebSocketMessage) => void | Promise<void>;
-  /** Called when a client connects */
-  onConnect?: (client: WebSocketClient) => void | Promise<void>;
-  /** Called when a client disconnects */
-  onDisconnect?: (client: WebSocketClient) => void | Promise<void>;
-  /**
-   * Cross-instance broadcast adapter (default: LocalWebSocketAdapter — single-instance only).
-   * Provide a RedisWebSocketAdapter for multi-instance deployments.
-   *
-   * @example
-   * ```typescript
-   * import { RedisWebSocketAdapter } from '@classytic/arc/integrations/websocket';
-   * adapter: new RedisWebSocketAdapter(redis, { channel: 'arc-ws' })
-   * ```
-   */
-  adapter?: WebSocketAdapter;
-}
-/**
- * Adapter interface for cross-instance WebSocket broadcast.
- *
- * - `publish()`: Send a message to all instances (via Redis, NATS, etc.)
- * - `subscribe()`: Receive messages from other instances
- * - `close()`: Clean up connections
- *
- * The adapter is NOT used for local broadcasts — RoomManager handles those.
- * The adapter only handles the cross-instance relay.
- */
-interface WebSocketAdapter {
-  /** Adapter name for logging */
-  readonly name: string;
-  /** Publish a room broadcast to all other instances */
-  publish(room: string, message: string): Promise<void>;
-  /** Subscribe to broadcasts from other instances */
-  subscribe(callback: (room: string, message: string) => void): Promise<void>;
-  /** Close adapter connections */
-  close(): Promise<void>;
-}
-/**
- * Default adapter — no cross-instance broadcast (single-instance only).
- * All methods are no-ops. Used when no adapter is configured.
- */
-declare class LocalWebSocketAdapter implements WebSocketAdapter {
-  readonly name = "local";
-  publish(): Promise<void>;
-  subscribe(): Promise<void>;
-  close(): Promise<void>;
-}
-declare class RoomManager {
-  private rooms;
-  private clients;
-  private maxPerRoom;
-  private adapter?;
-  constructor(maxPerRoom?: number, adapter?: WebSocketAdapter);
-  addClient(client: WebSocketClient): void;
-  removeClient(clientId: string): void;
-  subscribe(clientId: string, room: string): boolean;
-  unsubscribe(clientId: string, room: string): void;
-  broadcast(room: string, message: string, excludeClientId?: string): void;
-  broadcastToOrg(organizationId: string, room: string, message: string): void;
-  /**
-   * Broadcast locally AND through adapter (for cross-instance delivery).
-   * Use this instead of broadcast() when multi-instance is possible.
-   */
-  broadcastWithAdapter(room: string, message: string, excludeClientId?: string): Promise<void>;
-  /**
-   * Org-scoped broadcast locally AND through adapter.
-   * Uses a namespaced room key for the adapter so other instances
-   * can filter by org when delivering locally.
-   */
-  broadcastToOrgWithAdapter(organizationId: string, room: string, message: string): Promise<void>;
-  getClient(clientId: string): WebSocketClient | undefined;
-  getStats(): {
-    clients: number;
-    rooms: number;
-    subscriptions: Record<string, number>;
-  };
-}
-/** Pluggable WebSocket integration for Arc */
-declare const websocketPlugin: FastifyPluginAsync<WebSocketPluginOptions>;
-//#endregion
-export { LocalWebSocketAdapter, RoomManager, WebSocketAdapter, WebSocketClient, WebSocketMessage, WebSocketPluginOptions, websocketPlugin };
+import { a as WebSocketMessage, c as WebSocketAdapter, i as WebSocketClient, n as websocketPlugin, o as WebSocketPluginOptions, r as AuthResult, s as LocalWebSocketAdapter, t as RoomManager } from "../websocket-CyJ1VIFI.mjs";
+export { AuthResult, LocalWebSocketAdapter, RoomManager, WebSocketAdapter, WebSocketClient, WebSocketMessage, WebSocketPluginOptions, websocketPlugin };