@classytic/arc 2.13.1 → 2.14.1

package/dist/factory/index.d.mts

@@ -1,4 +1,4 @@
-import { a as CustomPluginAuthOption, c as RawBodyOptions, d as ResourceLike, f as ResourceModule, i as CustomAuthenticatorOption, l as UnderPressureOptions, n as BetterAuthOption, o as JwtAuthOption, p as loadResources, r as CreateAppOptions, s as MultipartOptions, t as AuthOption, u as LoadResourcesOptions } from "../types-BvqwCCSx.mjs";
+import { a as CustomPluginAuthOption, c as RawBodyOptions, d as ResourceLike, f as ResourceModule, i as CustomAuthenticatorOption, l as UnderPressureOptions, n as BetterAuthOption, o as JwtAuthOption, p as loadResources, r as CreateAppOptions, s as MultipartOptions, t as AuthOption, u as LoadResourcesOptions } from "../types-NGtx3uxV.mjs";
 import { FastifyInstance } from "fastify";
 
 //#region src/factory/createApp.d.ts

package/dist/factory/index.mjs

@@ -1,4 +1,4 @@
-import { a as edgePreset, c as testingPreset, i as developmentPreset, n as createApp, o as getPreset, s as productionPreset, t as ArcFactory } from "../createApp-XX2-N0Yd.mjs";
+import { a as edgePreset, c as testingPreset, i as developmentPreset, n as createApp, o as getPreset, s as productionPreset, t as ArcFactory } from "../createApp-BarYhXCZ.mjs";
 import { t as loadResources } from "../loadResources-DBMQg_Aj.mjs";
 //#region src/factory/edge.ts
 /**

package/dist/hooks/index.d.mts

@@ -1,2 +1,2 @@
-import { An as afterUpdate, Cn as HookOperation, Dn as HookSystemOptions, En as HookSystem, Fn as defineHook, Mn as beforeDelete, Nn as beforeUpdate, On as afterCreate, Pn as createHookSystem, Sn as HookHandler, Tn as HookRegistration, bn as DefineHookOptions, jn as beforeCreate, kn as afterDelete, wn as HookPhase, xn as HookContext } from "../index-BtW7qYwa.mjs";
+import { An as afterUpdate, Cn as HookOperation, Dn as HookSystemOptions, En as HookSystem, Fn as defineHook, Mn as beforeDelete, Nn as beforeUpdate, On as afterCreate, Pn as createHookSystem, Sn as HookHandler, Tn as HookRegistration, bn as DefineHookOptions, jn as beforeCreate, kn as afterDelete, wn as HookPhase, xn as HookContext } from "../index-Dwc0orNd.mjs";
 export { type DefineHookOptions, type HookContext, type HookHandler, type HookOperation, type HookPhase, type HookRegistration, HookSystem, type HookSystemOptions, afterCreate, afterDelete, afterUpdate, beforeCreate, beforeDelete, beforeUpdate, createHookSystem, defineHook };

package/dist/{index-Dz5IKsrE.d.mts → index-Bt0F3nJj.d.mts}

@@ -1,4 +1,4 @@
-import { $ as OpenApiSchemas, S as QueryParserInterface, Wt as AnyRecord, Yt as UserLike, at as ResourceConfig, b as ParsedQuery } from "./index-BtW7qYwa.mjs";
+import { $ as OpenApiSchemas, S as QueryParserInterface, Wt as AnyRecord, Yt as UserLike, at as ResourceConfig, b as ParsedQuery } from "./index-Dwc0orNd.mjs";
 import { n as ErrorMapper } from "./errorHandler-DFr45ZG4.mjs";
 import { HttpError, errorContractSchema as errorContractSchema$1, errorDetailSchema as errorDetailSchema$1 } from "@classytic/repo-core/errors";
 import { FastifyInstance, FastifyReply, FastifyRequest, RouteHandlerMethod } from "fastify";

package/dist/{index-Ds61mrJE.d.mts → index-D1-Kp_dP.d.mts}

@@ -1,4 +1,4 @@
-import { C as RequestContext, Ct as AggregationConfig, F as FastifyWithDecorators, T as CrudRouterOptions, V as ResourceDefinition, Wt as AnyRecord, _t as IControllerResponse, at as ResourceConfig, gt as IController, q as CrudController, vt as IRequestContext } from "./index-BtW7qYwa.mjs";
+import { C as RequestContext, Ct as AggregationConfig, F as FastifyWithDecorators, K as ArcFieldRule, L as RequestWithExtras, T as CrudRouterOptions, V as ResourceDefinition, Wt as AnyRecord, _t as IControllerResponse, at as ResourceConfig, ft as RouteSchemaOptions, gt as IController, q as CrudController, vt as IRequestContext } from "./index-Dwc0orNd.mjs";
 import { i as RequestScope } from "./types-CTYvcwHe.mjs";
 import { c as PermissionCheck } from "./fields-COhcH3fk.mjs";
 import { FastifyReply, FastifyRequest, RouteHandlerMethod } from "fastify";
@@ -159,6 +159,34 @@ type VariantsResult<TDoc, V extends VariantsMap<TDoc>> = { [K in keyof V]: Resou
  */
 declare function defineResourceVariants<TDoc extends AnyRecord = AnyRecord, V extends VariantsMap<TDoc> = VariantsMap<TDoc>>(base: Omit<ResourceConfig<TDoc>, "name" | "prefix">, variants: V): VariantsResult<TDoc, V>;
 //#endregion
+//#region src/core/entityHelpers.d.ts
+/**
+ * Read the resource's configured `idField` for the current request.
+ * Falls back to the framework default (`_id`) when the route hasn't
+ * bound an idField — keeps handlers safe to author without checking
+ * the resource config.
+ */
+declare function getEntityIdField(req: RequestWithExtras): string;
+/**
+ * Read the URL `:id` path param value as the resource handle.
+ * Returns `undefined` when the route has no `:id` segment (collection
+ * routes) — handlers that need the entity must be on row routes.
+ */
+declare function getEntityId(req: RequestWithExtras): string | undefined;
+/**
+ * Compose a `findOne` filter that resolves the current request's
+ * entity, regardless of whether the resource binds `_id` or a custom
+ * field. Idiomatic shape for arc action handlers.
+ *
+ * ```ts
+ * const doc = await Model.findOne(getEntityQuery(req));
+ * ```
+ *
+ * Returns `{}` when the route has no entity context (collection routes
+ * or tests bypassing the router) — caller decides what that means.
+ */
+declare function getEntityQuery(req: RequestWithExtras): Record<string, string>;
+//#endregion
 //#region src/core/fastifyAdapter.d.ts
 /**
  * Create IRequestContext from Fastify request
@@ -227,4 +255,22 @@ declare function createCrudHandlers<TDoc>(controller: IController<TDoc>): {
   delete: (req: FastifyRequest, reply: FastifyReply) => Promise<void>;
 };
 //#endregion
-export { MAX_FILTER_DEPTH as C, MutationOperation as D, MUTATION_OPERATIONS as E, RESERVED_QUERY_PARAMS as O, HookPhase as S, MAX_SEARCH_LENGTH as T, DEFAULT_TENANT_FIELD as _, getControllerScope as a, HOOK_PHASES as b, createCrudRouter as c, CRUD_OPERATIONS as d, CrudOperation as f, DEFAULT_SORT as g, DEFAULT_MAX_LIMIT as h, getControllerContext as i, SYSTEM_FIELDS as k, createPermissionMiddleware as l, DEFAULT_LIMIT as m, createFastifyHandler as n, sendControllerResponse as o, DEFAULT_ID_FIELD as p, createRequestContext as r, defineResourceVariants as s, createCrudHandlers as t, defineAggregation as u, DEFAULT_UPDATE_METHOD as v, MAX_REGEX_LENGTH as w, HookOperation as x, HOOK_OPERATIONS as y };
+//#region src/core/fieldRulePredicates.d.ts
+/**
+ * True when the field is allowed to appear in client-readable surfaces
+ * (response payloads, `select=` whitelists, `_distinct` queries).
+ *
+ * Mirror of every read-side gate. Don't reach for `rules.systemManaged`
+ * here — that's a write rule.
+ */
+declare function isFieldReadable(rule: ArcFieldRule | undefined): boolean;
+/**
+ * The set of field names blocked from read-side surfaces (used by
+ * `QueryResolver.sanitizeSelectAny` and `BaseCrudController._distinct`).
+ *
+ * Returns `null` (not an empty array) when there are no rules to apply,
+ * so call-sites can early-out without creating empty allocations.
+ */
+declare function collectReadBlockedFields(schemaOptions: RouteSchemaOptions | undefined): Set<string> | null;
+//#endregion
+export { MAX_SEARCH_LENGTH as A, DEFAULT_UPDATE_METHOD as C, HookPhase as D, HookOperation as E, MutationOperation as M, RESERVED_QUERY_PARAMS as N, MAX_FILTER_DEPTH as O, SYSTEM_FIELDS as P, DEFAULT_TENANT_FIELD as S, HOOK_PHASES as T, CrudOperation as _, createRequestContext as a, DEFAULT_MAX_LIMIT as b, sendControllerResponse as c, getEntityQuery as d, defineResourceVariants as f, CRUD_OPERATIONS as g, defineAggregation as h, createFastifyHandler as i, MUTATION_OPERATIONS as j, MAX_REGEX_LENGTH as k, getEntityId as l, createPermissionMiddleware as m, isFieldReadable as n, getControllerContext as o, createCrudRouter as p, createCrudHandlers as r, getControllerScope as s, collectReadBlockedFields as t, getEntityIdField as u, DEFAULT_ID_FIELD as v, HOOK_OPERATIONS as w, DEFAULT_SORT as x, DEFAULT_LIMIT as y };

package/dist/{index-BtW7qYwa.d.mts → index-Dwc0orNd.d.mts}

@@ -541,7 +541,12 @@ declare class QueryResolver {
    * Validates lookup structure to prevent injection.
    */
   private sanitizeLookups;
-  /** Get blocked fields from schema options */
+  /**
+   * Read-side allowlist gate for `select=` / `populate=`.
+   *
+   * Only `hidden: true` blocks. `systemManaged` is a *write* rule and
+   * doesn't gate visibility — see `core/fieldRulePredicates.ts`.
+   */
   private getBlockedFields;
 }
 //#endregion
@@ -817,10 +822,13 @@ declare class BaseCrudController<TDoc = AnyRecord, TRepository extends Repositor
     exists: boolean;
   }>>;
   /**
-   * True when `field` is safe to expose via `_distinct`. Mirrors the
-   * `select` allowlist — fields marked `hidden` or `systemManaged` in
-   * `schemaOptions.fieldRules` are NOT exposed (would leak password
-   * hashes, internal flags, etc).
+   * True when `field` is safe to expose via `_distinct`.
+   *
+   * Read-side gate only — only `hidden: true` blocks. `systemManaged`
+   * is a *write* rule (clients can't PATCH the value); the field is
+   * still in every list response, so blocking `_distinct` adds nothing
+   * but inconvenience. See `core/fieldRulePredicates.ts` for the
+   * canonical predicate shared with `QueryResolver`.
    */
   protected isFieldExposedForRead(field: string): boolean;
   /** Execute list query through hooks (extracted for cache revalidation) */
@@ -1947,6 +1955,32 @@ interface ArcFieldRule extends FieldRule {
    */
   preserveForElevated?: boolean;
   hidden?: boolean;
+  /**
+   * Aggregation visibility override. By default, only `hidden: true`
+   * blocks a field from `groupBy` / `measures.field` / `sort` / `dateBuckets`
+   * — that's the genuine cardinality-leak guard (the value is omitted from
+   * list/get responses, so exposing it via aggregation would reveal data
+   * the client can't otherwise see).
+   *
+   * `systemManaged: true` does **not** block aggregation — it's a write
+   * rule, not a visibility rule. Server-stamped fields like `createdAt`,
+   * `status`, or plugin-generated handles are visible in every list
+   * response and should aggregate freely.
+   *
+   * Use this flag to override the default:
+   *
+   * - `aggregable: false` — explicit deny, even on visible fields. Useful
+   *   when a value is exposed per-row but the cardinality across rows is
+   *   itself sensitive (e.g. `email` is visible in `get/:id` to admins
+   *   but you don't want a public-readable agg of email distributions).
+   * - `aggregable: true` — escape hatch on `hidden` fields. Lets you
+   *   aggregate a hidden column when you're sure cardinality leakage
+   *   isn't a concern (e.g. `internalScore` hidden from list, but a
+   *   committee-only `byScore` agg is fine).
+   *
+   * Defaults to `undefined` (use the `hidden`-only rule).
+   */
+  aggregable?: boolean;
   /** String minimum length — auto-maps to OpenAPI `minLength` and MCP tool schema */
   minLength?: number;
   /** String maximum length — auto-maps to OpenAPI `maxLength` and MCP tool schema */
@@ -2837,13 +2871,33 @@ interface FastifyRequestExtras {
 }
 interface RequestWithExtras extends FastifyRequest {
   /**
-   * Arc metadata — set by createCrudRouter. Contains resource configuration
-   * and schema options.
+   * Arc metadata — set by createCrudRouter / createActionRouter / etc.
+   * Contains resource configuration and runtime resolution of the URL
+   * `:id` path param into the resource's `idField`.
    */
   arc?: {
     resourceName?: string;
     schemaOptions?: RouteSchemaOptions;
     permissions?: ResourcePermissions;
+    /**
+     * The configured `idField` for this resource (e.g. `_id`, `slug`,
+     * `reportId`). Set by routers that bind a path `:id` segment so
+     * handlers can compose the right query without remembering the
+     * resource-config detail.
+     *
+     * Use `getEntityQuery(req)` for the canonical
+     * `{ [idField]: entityId }` filter shape — saves the action handler
+     * from a typo class where `Model.findById(id)` silently fails when
+     * `idField !== "_id"`.
+     */
+    idField?: string;
+    /**
+     * The current request's `:id` path-param value, surfaced verbatim.
+     * For most resources this equals `req.params.id`; we mirror it on
+     * `req.arc` so middleware that doesn't have a typed `params` shape
+     * can still read the entity handle.
+     */
+    entityId?: string;
   };
   context?: Record<string, unknown>;
   _policyFilters?: Record<string, unknown>;
@@ -2958,6 +3012,13 @@ interface CrudRouterOptions {
   rateLimit?: RateLimitConfig | false;
   /** PreHandler guards applied to every route (CRUD + custom + preset). */
   routeGuards?: RouteHandlerMethod[];
+  /**
+   * Resource's bound `idField` (`_id`, `slug`, `reportId`, …). Surfaces on
+   * `req.arc.idField` for every CRUD route so handlers + middleware can
+   * compose `findOne` filters via `getEntityQuery(req)` without
+   * re-reading resource config. Defaults to `_id`.
+   */
+  idField?: string;
 }
 //#endregion
 //#region src/types/query.d.ts

package/dist/index.d.mts

@@ -1,8 +1,8 @@
-import { $t as SoftDeleteMixin, A as RequestIdOptions, B as defineResource, C as RequestContext, Ct as AggregationConfig, D as HealthCheck, Dt as AggregationMaterializedResult, E as GracefulShutdownOptions, Et as AggregationMaterializedContext, F as FastifyWithDecorators, Gt as ApiResponse, J as CrudRouteKey, Kt as ArcRequest, L as RequestWithExtras, N as FastifyRequestExtras, O as HealthOptions, Ot as AggregationRateLimit, P as FastifyWithAuth, Q as MiddlewareConfig, Qt as SoftDeleteExt, S as QueryParserInterface, St as AggregationCacheConfig, T as CrudRouterOptions, Tt as AggregationIndexHint, V as ResourceDefinition, Wt as AnyRecord, X as EventDefinition, Xt as UserOrganization, Y as CrudSchemas, Z as FieldRule, Zt as BaseController, _t as IControllerResponse, a as InferAdapterDoc, an as BulkMixin, at as ResourceConfig, bt as AggMeasureInput, c as TypedController, d as PaginationResult, dn as ArcDeleteResult, en as TreeExt, et as PresetFunction, f as IntrospectionData, fn as ArcGetResult, ft as RouteSchemaOptions, g as ArcInternalMetadata, gt as IController, h as ResourceMetadata, hn as ListResult, i as ValidationResult, in as BulkExt, k as IntrospectionPluginOptions, kt as AggregationsMap, l as TypedRepository, m as RegistryStats, mn as ArcUpdateResult, mt as ControllerLike, n as ConfigError, nn as SlugExt, nt as PresetResult, o as InferDocType, on as BaseControllerOptions, p as RegistryEntry, pn as ArcListResult, q as CrudController, qt as JWTPayload, r as ValidateOptions, rn as SlugMixin, rt as RateLimitConfig, s as InferResourceDoc, sn as BaseCrudController, t as RouteHandlerMethod, tn as TreeMixin, u as TypedResourceConfig, un as ArcCreateResult, vt as IRequestContext, w as ServiceContext, wt as AggregationDateRangeRequirement, xt as AggMeasureShorthand, y as OwnershipCheck, yt as RouteHandler, zt as AuthPluginOptions } from "./index-BtW7qYwa.mjs";
+import { $t as SoftDeleteMixin, A as RequestIdOptions, B as defineResource, C as RequestContext, Ct as AggregationConfig, D as HealthCheck, Dt as AggregationMaterializedResult, E as GracefulShutdownOptions, Et as AggregationMaterializedContext, F as FastifyWithDecorators, Gt as ApiResponse, J as CrudRouteKey, Kt as ArcRequest, L as RequestWithExtras, N as FastifyRequestExtras, O as HealthOptions, Ot as AggregationRateLimit, P as FastifyWithAuth, Q as MiddlewareConfig, Qt as SoftDeleteExt, S as QueryParserInterface, St as AggregationCacheConfig, T as CrudRouterOptions, Tt as AggregationIndexHint, V as ResourceDefinition, Wt as AnyRecord, X as EventDefinition, Xt as UserOrganization, Y as CrudSchemas, Z as FieldRule, Zt as BaseController, _t as IControllerResponse, a as InferAdapterDoc, an as BulkMixin, at as ResourceConfig, bt as AggMeasureInput, c as TypedController, d as PaginationResult, dn as ArcDeleteResult, en as TreeExt, et as PresetFunction, f as IntrospectionData, fn as ArcGetResult, ft as RouteSchemaOptions, g as ArcInternalMetadata, gt as IController, h as ResourceMetadata, hn as ListResult, i as ValidationResult, in as BulkExt, k as IntrospectionPluginOptions, kt as AggregationsMap, l as TypedRepository, m as RegistryStats, mn as ArcUpdateResult, mt as ControllerLike, n as ConfigError, nn as SlugExt, nt as PresetResult, o as InferDocType, on as BaseControllerOptions, p as RegistryEntry, pn as ArcListResult, q as CrudController, qt as JWTPayload, r as ValidateOptions, rn as SlugMixin, rt as RateLimitConfig, s as InferResourceDoc, sn as BaseCrudController, t as RouteHandlerMethod, tn as TreeMixin, u as TypedResourceConfig, un as ArcCreateResult, vt as IRequestContext, w as ServiceContext, wt as AggregationDateRangeRequirement, xt as AggMeasureShorthand, y as OwnershipCheck, yt as RouteHandler, zt as AuthPluginOptions } from "./index-Dwc0orNd.mjs";
 import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, t as FieldPermission, u as PermissionResult } from "./fields-COhcH3fk.mjs";
-import { C as MAX_FILTER_DEPTH, D as MutationOperation, E as MUTATION_OPERATIONS, O as RESERVED_QUERY_PARAMS, S as HookPhase, T as MAX_SEARCH_LENGTH, _ as DEFAULT_TENANT_FIELD, a as getControllerScope, b as HOOK_PHASES, d as CRUD_OPERATIONS, f as CrudOperation, g as DEFAULT_SORT, h as DEFAULT_MAX_LIMIT, k as SYSTEM_FIELDS, m as DEFAULT_LIMIT, p as DEFAULT_ID_FIELD, s as defineResourceVariants, u as defineAggregation, v as DEFAULT_UPDATE_METHOD, w as MAX_REGEX_LENGTH, x as HookOperation, y as HOOK_OPERATIONS } from "./index-Ds61mrJE.mjs";
+import { A as MAX_SEARCH_LENGTH, C as DEFAULT_UPDATE_METHOD, D as HookPhase, E as HookOperation, M as MutationOperation, N as RESERVED_QUERY_PARAMS, O as MAX_FILTER_DEPTH, P as SYSTEM_FIELDS, S as DEFAULT_TENANT_FIELD, T as HOOK_PHASES, _ as CrudOperation, b as DEFAULT_MAX_LIMIT, f as defineResourceVariants, g as CRUD_OPERATIONS, h as defineAggregation, j as MUTATION_OPERATIONS, k as MAX_REGEX_LENGTH, s as getControllerScope, v as DEFAULT_ID_FIELD, w as HOOK_OPERATIONS, x as DEFAULT_SORT, y as DEFAULT_LIMIT } from "./index-D1-Kp_dP.mjs";
 import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-BTqLEvhu.mjs";
-import { ct as NotFoundError, ht as createDomainError, it as ArcError, mt as ValidationError, pt as UnauthorizedError, st as ForbiddenError, t as getUserId } from "./index-Dz5IKsrE.mjs";
+import { ct as NotFoundError, ht as createDomainError, it as ArcError, mt as ValidationError, pt as UnauthorizedError, st as ForbiddenError, t as getUserId } from "./index-Bt0F3nJj.mjs";
 
 //#region src/index.d.ts
 declare const version: string;

package/dist/index.mjs

@@ -1,11 +1,11 @@
 import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-Cxde4rpC.mjs";
 import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-j4aJm1Wg.mjs";
 import { t as getUserId } from "./utils-_h9B3c57.mjs";
-import { a as BulkMixin, i as SlugMixin, n as TreeMixin, o as BaseCrudController, r as SoftDeleteMixin, t as BaseController } from "./BaseController-DX_T-bDB.mjs";
+import { a as BulkMixin, i as SlugMixin, n as TreeMixin, o as BaseCrudController, r as SoftDeleteMixin, t as BaseController } from "./BaseController-Dv60tU83.mjs";
 import { C as allowPublic, D as requireAuth, O as requireOwnership, S as allOf, T as denyAll, _ as requireOrgMembership, a as presets_exports, b as requireServiceScope, c as readOnly, d as applyFieldWritePermissions, f as fields, g as requireOrgInScope, h as createOrgPermissions, i as ownerWithAdminBypass, j as when, k as requireRoles, m as createDynamicPermissionMatrix, n as authenticated, o as publicRead, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as applyFieldReadPermissions, v as requireOrgRole, w as anyOf, x as requireTeamMembership, y as requireScopeContext } from "./permissions-ohQyv50e.mjs";
-import { v as getControllerScope } from "./routerShared-D6_fEGHh.mjs";
-import { n as defineResource, o as defineAggregation, r as ResourceDefinition, t as defineResourceVariants } from "./core-D72ia0EH.mjs";
+import { v as getControllerScope } from "./routerShared-DrOa-26E.mjs";
+import { a as defineResource, i as defineResourceVariants, l as defineAggregation, o as ResourceDefinition } from "./core-DEdN6zKD.mjs";
 //#region src/index.ts
-const version = "2.13.1";
+const version = "2.14.1";
 //#endregion
 export { ArcError, BaseController, BaseCrudController, BulkMixin, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, NotFoundError, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, SlugMixin, SoftDeleteMixin, TreeMixin, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createOrgPermissions, defineAggregation, defineResource, defineResourceVariants, denyAll, fields, fullPublic, getControllerScope, getUserId, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };

package/dist/integrations/index.d.mts

@@ -1,7 +1,7 @@
 import { a as WebSocketMessage, i as WebSocketClient, o as WebSocketPluginOptions } from "../websocket-ChC2rqe1.mjs";
 import { EventGatewayOptions } from "./event-gateway.mjs";
 import { JobDefinition, JobDispatchOptions, JobDispatcher, JobMeta, JobsPluginOptions, QueueStats } from "./jobs.mjs";
-import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-DQHFc8PM.mjs";
+import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-C6ONJ_Z2.mjs";
 import { StreamlinePluginOptions, WorkflowLike, WorkflowRunLike } from "./streamline.mjs";
 import { WebhookDeliveryRecord, WebhookManager, WebhookPluginOptions, WebhookStore, WebhookSubscription } from "./webhooks.mjs";
 export { type BetterAuthHandler, type CallToolResult, type CreateMcpServerConfig, type CrudOperation, type EventGatewayOptions, type JobDefinition, type JobDispatchOptions, type JobDispatcher, type JobMeta, type JobsPluginOptions, type McpAuthResult, type McpPluginOptions, type McpResourceConfig, type PromptDefinition, type QueueStats, type StreamlinePluginOptions, type ToolAnnotations, type ToolContext, type ToolDefinition, type WebSocketClient, type WebSocketMessage, type WebSocketPluginOptions, type WebhookDeliveryRecord, type WebhookManager, type WebhookPluginOptions, type WebhookStore, type WebhookSubscription, type WorkflowLike, type WorkflowRunLike };

package/dist/integrations/mcp/index.d.mts

@@ -1,5 +1,5 @@
-import { V as ResourceDefinition } from "../../index-BtW7qYwa.mjs";
-import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-DQHFc8PM.mjs";
+import { V as ResourceDefinition } from "../../index-Dwc0orNd.mjs";
+import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-C6ONJ_Z2.mjs";
 import { FastifyPluginAsync } from "fastify";
 import { z } from "zod";
 

package/dist/integrations/mcp/index.mjs

@@ -1,4 +1,4 @@
-import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools-C5coh64w.mjs";
+import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools-CZ-ZhS7v.mjs";
 import { createHash, randomUUID } from "node:crypto";
 import fp from "fastify-plugin";
 //#region src/integrations/mcp/defineTool.ts

package/dist/integrations/mcp/testing.d.mts

@@ -1,4 +1,4 @@
-import { o as McpAuthResult, s as McpPluginOptions } from "../../types-DQHFc8PM.mjs";
+import { o as McpAuthResult, s as McpPluginOptions } from "../../types-C6ONJ_Z2.mjs";
 
 //#region src/integrations/mcp/testing.d.ts
 interface TestMcpClientOptions {

package/dist/integrations/mcp/testing.mjs

@@ -1,4 +1,4 @@
-import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools-C5coh64w.mjs";
+import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools-CZ-ZhS7v.mjs";
 //#region src/integrations/mcp/testing.ts
 /**
 * @classytic/arc/mcp/testing — MCP Test Utilities

package/dist/middleware/index.d.mts

@@ -1,4 +1,4 @@
-import { I as MiddlewareHandler, L as RequestWithExtras, Q as MiddlewareConfig } from "../index-BtW7qYwa.mjs";
+import { I as MiddlewareHandler, L as RequestWithExtras, Q as MiddlewareConfig } from "../index-Dwc0orNd.mjs";
 import { RouteHandlerMethod } from "fastify";
 
 //#region src/middleware/middleware.d.ts