@classytic/arc 2.15.3 → 2.16.0

package/dist/{index-BswOSJCE.d.mts → index-CkW0flkU.d.mts}

@@ -1,12 +1,12 @@
-import { a as QueryCacheConfig } from "./QueryCache-D41bfdBB.mjs";
-import { i as RequestScope } from "./types-CTYvcwHe.mjs";
-import { c as PermissionCheck, d as UserBase, n as FieldPermissionMap } from "./fields-COhcH3fk.mjs";
-import { n as DomainEvent } from "./EventTransport-CT_52aWU.mjs";
+import { a as QueryCacheConfig } from "./QueryCache-SvmT_9ti.mjs";
+import { i as RequestScope } from "./types-DVfpSfx2.mjs";
+import { c as PermissionCheck, d as UserBase, n as FieldPermissionMap } from "./fields-Anj0xdih.mjs";
+import { n as DomainEvent } from "./EventTransport-C-2oAHtw.mjs";
 import { KeysetPaginationResult, OffsetPaginationResult } from "@classytic/repo-core/pagination";
 import { FastifyInstance, FastifyPluginAsync, FastifyReply, FastifyRequest, RouteHandlerMethod, RouteHandlerMethod as RouteHandlerMethod$1 } from "fastify";
 import * as _$_classytic_repo_core_adapter0 from "@classytic/repo-core/adapter";
 import { DataAdapter, RepositoryLike } from "@classytic/repo-core/adapter";
-import { AggDateBucket, AggMeasure, AggTopN, QueryOptions, StandardRepo } from "@classytic/repo-core/repository";
+import { AggDateBucket, AggMeasure, AggTopN, QueryOptions, StandardRepo, TenantPurgeStrategy } from "@classytic/repo-core/repository";
 import { LookupSpec } from "@classytic/repo-core/lookup";
 import { FieldRule, SchemaBuilderOptions } from "@classytic/repo-core/schema";
 
@@ -453,11 +453,11 @@ type CacheStatus = "HIT" | "STALE" | "MISS";
  * `BaseCrudController` / `BaseController` declarations.
  */
 type ArcControllerLike = {
-  list: (...args: any[]) => unknown;
-  get: (...args: any[]) => unknown;
-  create: (...args: any[]) => unknown;
-  update: (...args: any[]) => unknown;
-  delete: (...args: any[]) => unknown;
+  list: (...args: never[]) => unknown;
+  get: (...args: never[]) => unknown;
+  create: (...args: never[]) => unknown;
+  update: (...args: never[]) => unknown;
+  delete: (...args: never[]) => unknown;
 };
 /**
  * Return type of the controller's `list` method.
@@ -1964,6 +1964,62 @@ interface ControllerLike {
 //#region src/types/resource.d.ts
 /** Standard controller type alias for CRUD operations. */
 type CrudController<TDoc> = IController<TDoc>;
+/**
+ * Tenant-cleanup declaration on a resource — compliance-grade strategy
+ * for what happens to this resource's rows when the owning organization
+ * is deleted. Surfaces in arc's org-delete cascade runner and in
+ * registry introspection (audit scripts ask "what happens to this
+ * resource on org delete?").
+ *
+ * Strategy variants:
+ *   - `hard` — permanent removal (GDPR right-to-be-forgotten).
+ *   - `soft` — recoverable; pair with TTL for eventual hard-purge.
+ *   - `anonymize` — keep the row (legal retention) but clear PII
+ *     (HIPAA / PCI / SOX-compatible).
+ *   - `skip` — explicit opt-out with mandatory `reason`.
+ *
+ * See {@link ResourceConfig.onTenantDelete} for the full decision tree.
+ */
+interface OnTenantDeleteConfig {
+  /**
+   * What to do with rows whose `tenantField` matches the deleted org.
+   * Discriminated union from `@classytic/repo-core/repository` — every
+   * kit's `purgeByField` consumes the same shape.
+   */
+  strategy: TenantPurgeStrategy;
+  /**
+   * Resources are processed in ascending `priority` order. Use to land
+   * leaf data (logs, events) before aggregate references. Default `100`.
+   */
+  priority?: number;
+  /**
+   * Rows per chunk for the underlying `purgeByField` call — bounds
+   * lock contention + replication-log pressure on very large tenants.
+   * Default kit-specific (~1000).
+   */
+  batchSize?: number;
+}
+/**
+ * Resolved tenant-purge declaration — what arc actually runs when
+ * `cascadeDeleteForOrganization` fires. Computed once at boot from the
+ * resource's `onTenantDelete` declaration.
+ *
+ * Exposed via `ResourceDefinition.resolvedTenantPurge` and
+ * `getCascadingResourcesWithMetadata(registry)` so audit tooling can
+ * answer "is this resource really going to hard-delete?" without
+ * reading the source.
+ */
+interface ResolvedTenantPurge {
+  readonly strategy: TenantPurgeStrategy;
+  readonly priority: number;
+  readonly batchSize?: number;
+  /**
+   * Where the strategy came from — `'declared'` (host wrote
+   * `onTenantDelete` explicitly) or `'disabled'` (no declaration —
+   * runner skips this resource).
+   */
+  readonly source: "declared" | "disabled";
+}
 /**
  * Per-resource cache configuration for QueryCache. Enables
  * stale-while-revalidate, auto-invalidation on mutations, and
@@ -2285,11 +2341,55 @@ interface RouteDefinition {
   readonly path: string;
   /**
    * Route handler.
-   * - String: controller method name (Arc pipeline)
+   * - String: controller method name (Arc pipeline) — runtime lookup, no TS coverage on typos.
    * - Function without `raw: true`: receives IRequestContext, returns IControllerResponse (Arc pipeline)
    * - Function with `raw: true`: raw Fastify handler `(request, reply)`
+   *
+   * Prefer `controllerMethod` (2.16) over the string form when you want the
+   * compiler to catch typos. `handler` stays optional when `controllerMethod`
+   * is set — exactly one of the two must be declared.
+   */
+  readonly handler?: string | ControllerHandler | RouteHandlerMethod | ((request: FastifyRequest<Record<string, unknown>>, reply: FastifyReply) => unknown);
+  /**
+   * Typed function-reference handler (2.16). Receives the live controller
+   * instance and returns the method to invoke — TypeScript catches typos
+   * and surfaces autocomplete on the controller's method names. Prefer
+   * this over the string `handler` form for any host that uses a typed
+   * controller subclass.
+   *
+   * Resolved ONCE at route-registration time (the same path string
+   * handlers go through), so there's no per-request lookup overhead.
+   * The returned method is bound to the controller before dispatch.
+   *
+   * Mutually exclusive with `handler` — passing both throws at boot
+   * with a clear "pick one" message. The runtime contract on what the
+   * returned function accepts mirrors the `handler` rules: a plain
+   * `ControllerHandler` for pipeline routes, a raw Fastify handler when
+   * the route is `raw: true`.
+   *
+   * Typed loosely (`(controller: unknown) => …`) at the type-system
+   * boundary because `RouteDefinition` is not generic over the
+   * controller shape — host code annotates the parameter to opt in:
+   *
+   * @example
+   * ```ts
+   * class PostController extends BaseController<Post> {
+   *   async getStats(ctx: IRequestContext) { … }
+   * }
+   *
+   * defineResource({
+   *   controller: new PostController(repo),
+   *   routes: [{
+   *     method: 'GET',
+   *     path: '/stats',
+   *     controllerMethod: (c: PostController) => c.getStats,
+   *     //                       ^^^^^^^^^^^^^^ TS catches typos here
+   *     permissions: requireAuth(),
+   *   }],
+   * });
+   * ```
    */
-  readonly handler: string | ControllerHandler | RouteHandlerMethod | ((request: FastifyRequest<Record<string, unknown>>, reply: FastifyReply) => unknown);
+  readonly controllerMethod?: (controller: unknown) => ControllerHandler | RouteHandlerMethod;
   /** Permission check — REQUIRED */
   readonly permissions: PermissionCheck;
   /**
@@ -2309,6 +2409,24 @@ interface RouteDefinition {
   readonly preHandler?: RouteHandlerMethod[] | ((fastify: FastifyInstance) => RouteHandlerMethod[]);
   /** Pre-auth handlers (run before authentication) */
   readonly preAuth?: RouteHandlerMethod[];
+  /**
+   * Opt this custom route into the multiTenant preset's tenant scoping.
+   *
+   * When `true` AND the resource declares `multiTenantPreset` (or
+   * `flexibleMultiTenantPreset`), arc prepends the preset's tenant
+   * filter + injection middleware to this route's chain — the same
+   * pair `update` gets. The handler can then read the resolved tenant
+   * via `getOrgId(req.scope)` / `req._tenantFields` (or, for write
+   * routes, off `req.body` after injection) without re-implementing
+   * the scope read + header fallback + 400 boilerplate.
+   *
+   * Throws at boot if set when no multiTenant preset is wired — the
+   * misconfiguration would otherwise be silently insecure (read routes
+   * returning every tenant's rows).
+   *
+   * @default false
+   */
+  readonly tenantScope?: boolean;
   /** SSE streaming mode */
   readonly streamResponse?: boolean;
   /**
@@ -2364,6 +2482,25 @@ interface ActionDefinition {
   readonly schema?: unknown;
   /** Description for OpenAPI docs and MCP tool */
   readonly description?: string;
+  /**
+   * Whether this action needs an entity id from the URL.
+   *
+   * - `true` (default) — mounts under `POST /<prefix>/:id/action`. The `id`
+   *   path param is required; handler receives it as the first argument.
+   *   Use for actions that operate on an existing entity: `approve`,
+   *   `dispatch`, `cancel`, `archive`.
+   * - `false` — mounts under `POST /<prefix>/action` (no `:id` segment).
+   *   Handler receives an empty-string first argument. Use for
+   *   collection-level actions that create / search / bulk-mutate:
+   *   `propose` (creates a new entity), `search` (returns rows), `bulk`.
+   *
+   * 2.15.5: previously every action had to live under `:id/action`, forcing
+   * `propose`-style actions to swallow a meaningless URL parameter and
+   * making the auto-generated MCP tool advertise an `id` field agents
+   * had no value for. Setting `id: false` mounts the action at the
+   * resource root and drops `id` from the MCP tool's input shape.
+   */
+  readonly id?: boolean;
   /**
    * MCP tool generation:
    * - omitted/true: auto-generate
@@ -2630,13 +2767,84 @@ interface ResourceConfig<TDoc = AnyRecord> {
   aggregations?: AggregationsMap;
   disableCrud?: boolean;
   disableDefaultRoutes?: boolean;
-  /** Specific routes to disable */
+  /** Specific routes to disable (negative-form opt-out). */
   disabledRoutes?: CrudRouteKey[];
+  /**
+   * Declarative CRUD allow-list — what's ENABLED is explicit (positive form).
+   *
+   * Mutually exclusive with `disabledRoutes` — passing both is a config
+   * error and throws at boot. Use this when you want least-privilege
+   * defaults: a new CRUD op added in a future arc release won't silently
+   * leak through your `disabledRoutes` list because every op is opt-in.
+   *
+   * - `crud: { list: true, get: true }` — only `list` + `get` mount;
+   *   `create` / `update` / `delete` are NOT mounted.
+   * - `crud: false` — equivalent to `disableDefaultRoutes: true` (no CRUD at all).
+   * - `crud: undefined` (default) — every op mounts (legacy behaviour).
+   *
+   * 2.16: prefer this over `disabledRoutes` for new resources. The
+   * negative form stays for back-compat but won't be the documented
+   * default going forward.
+   *
+   * @example
+   * ```ts
+   * defineResource({
+   *   name: 'audit-log',
+   *   crud: { list: true, get: true },  // read-only — no create/update/delete
+   *   permissions: { list: requireRoles(['admin']), get: requireRoles(['admin']) },
+   * });
+   * ```
+   */
+  crud?: false | { [K in CrudRouteKey]?: boolean };
   /**
    * Field name used for multi-tenant scoping (default: 'organizationId').
    * Override to match your schema: 'workspaceId', 'tenantId', etc.
    */
   tenantField?: string | false;
+  /**
+   * Tenant-cleanup declaration — what `cascadeDeleteForOrganization`
+   * does with this resource's rows when an organization is deleted.
+   * Required for the resource to participate in the cascade; unflagged
+   * resources are never touched.
+   *
+   *   - `{ strategy: { type: 'hard' } }` — permanent delete (GDPR).
+   *   - `{ strategy: { type: 'soft' } }` — set `deleted: true` + `deletedAt`
+   *     (recoverable; pair with TTL for eventual hard-purge).
+   *   - `{ strategy: { type: 'anonymize', fields: { name: '[REDACTED]', email: null } } }`
+   *     — keep the row (legal retention) but clear PII linkage. HIPAA /
+   *     PCI / SOX-compatible. Field values can be static or `(doc) =>
+   *     value` for derived patches (hashes, etc.).
+   *   - `{ strategy: { type: 'skip', reason: 'audit-retained-per-SOX' } }`
+   *     — explicit opt-out with **mandatory** reason. Surfaces in audit reports.
+   *
+   * **Priority** — lower runs first. Default `100`. Use to land leaf data
+   * before aggregate references:
+   *   - `10`  : bulk leaf data (events, logs)
+   *   - `50`  : business entities (orders, invoices)
+   *   - `100` : default
+   *
+   * Priority groups are barriers even under concurrency — all
+   * priority-10 resources finish before any priority-50 starts.
+   *
+   * **Batch size** — rows per chunk for the underlying `purgeByField`
+   * call. Default kit-specific (~1000). Tune for very large tenants.
+   *
+   * @example Compliance-retained financial ledger
+   * ```ts
+   * defineResource({
+   *   name: 'invoice',
+   *   tenantField: 'organizationId',
+   *   onTenantDelete: {
+   *     strategy: {
+   *       type: 'anonymize',
+   *       fields: { customerName: '[REDACTED]', customerEmail: null },
+   *     },
+   *     priority: 50,
+   *   },
+   * });
+   * ```
+   */
+  onTenantDelete?: OnTenantDeleteConfig;
   /**
    * Default sort applied to `list` responses when the request doesn't
    * specify one. Arc's built-in default is `-createdAt` (Mongo convention).
@@ -2678,6 +2886,28 @@ interface ResourceConfig<TDoc = AnyRecord> {
   skipValidation?: boolean;
   /** Don't register in introspection */
   skipRegistry?: boolean;
+  /**
+   * Per-resource MCP opt-out.
+   *
+   * - omitted / `true` (default) — resource may be surfaced by `mcpPlugin`,
+   *   subject to the plugin's `expose` / `include` / `exclude` selection.
+   * - `false` — opt this resource OUT of MCP tool generation entirely.
+   *   Always wins over the plugin's `expose` / `include` allowlist;
+   *   keeps the opt-out colocated with the resource definition instead
+   *   of in a host-side blocklist that drifts as resources are added.
+   *
+   * Use the local opt-out for resources that should never expose tools
+   * (internal back-office, audit-trail readers, system-managed entities).
+   * Use the plugin-level `expose`/`include` allowlist when the cut is
+   * cross-cutting (only a handful of resources should be agent-callable
+   * across the whole app).
+   *
+   * @example
+   * ```ts
+   * defineResource({ name: 'internal-job-log', mcp: false, ... });
+   * ```
+   */
+  mcp?: boolean;
   /** Internal: track applied presets */
   _appliedPresets?: string[];
   /** HTTP method for update routes. Default: 'PATCH' */
@@ -2718,6 +2948,39 @@ interface ResourceConfig<TDoc = AnyRecord> {
   };
 }
 //#endregion
+//#region src/core/defineResource/diagnostics.d.ts
+/**
+ * Boot-time diagnostics produced by the `defineResource()` validation pipeline.
+ *
+ * `defineResource()` runs at module load — long before any Fastify instance
+ * exists — so non-fatal warnings (redundant field-rule flags, ambiguous
+ * preset combinations, etc.) cannot be emitted through a logger at the
+ * point they are detected. Instead we COLLECT them into a structured
+ * `ResourceDiagnostic[]`, attach the array to `ResourceDefinition._diagnostics`,
+ * and flush each entry through `fastify.log.warn` on first mount inside
+ * `buildResourcePlugin`. Hosts thus retain full control over framework
+ * output (silencing, redirecting, structured logging) — the framework
+ * never reaches for `console.*` directly outside of `src/cli/`.
+ *
+ * Hard errors continue to `throw` inside the validation pipeline — those
+ * surface synchronously at define-time, which is the right UX for
+ * "this resource will never work" failures.
+ */
+/**
+ * One non-fatal diagnostic produced during resource validation.
+ *
+ * - `severity`: log level the host logger uses (`warn` for misconfigurations
+ *   the host should clean up, `info` for deprecation hints).
+ * - `code`: stable identifier for the diagnostic — hosts and tests can match
+ *   on this without parsing the human-readable message.
+ * - `message`: pre-formatted line, resource name already interpolated.
+ */
+interface ResourceDiagnostic {
+  severity: "warn" | "info";
+  code: string;
+  message: string;
+}
+//#endregion
 //#region src/core/defineResource/ResourceDefinition.d.ts
 /**
  * Constructor input shape — `ResourceConfig` plus the metadata
@@ -2767,7 +3030,23 @@ declare class ResourceDefinition<TDoc = AnyRecord> {
   readonly pipe?: PipelineConfig;
   readonly fields?: FieldPermissionMap;
   readonly cache?: ResourceCacheConfig;
+  /**
+   * Per-resource MCP opt-out. `false` keeps the resource out of every
+   * `mcpPlugin` registration regardless of the plugin's `expose` /
+   * `include` allowlist — local opt-out is authoritative. See
+   * `ResourceConfig.mcp` for the host-facing surface.
+   */
+  readonly mcp: boolean;
   readonly tenantField?: string | false;
+  /** Tenant-cleanup strategy on org delete — see `OnTenantDeleteConfig`. */
+  readonly onTenantDelete?: OnTenantDeleteConfig;
+  /**
+   * Resolved tenant-purge strategy — what `cascadeDeleteForOrganization`
+   * actually runs. Computed once at boot from `onTenantDelete`. Audit /
+   * introspection tooling reads this instead of re-running the rule at
+   * the call site.
+   */
+  readonly resolvedTenantPurge: ResolvedTenantPurge;
   readonly idField?: string;
   readonly queryParser?: QueryParserInterface;
   readonly _appliedPresets: string[];
@@ -2778,6 +3057,17 @@ declare class ResourceDefinition<TDoc = AnyRecord> {
     priority: number;
   }>;
   _registryMeta?: RegisterOptions;
+  /**
+   * Boot-time validation diagnostics (non-fatal — hard errors throw
+   * synchronously in `validateDefineResourceConfig`). Populated when
+   * the host's config contains redundant / ambiguous flags that
+   * shouldn't crash the boot but the host should clean up. Flushed
+   * through `fastify.log.warn` on first mount inside
+   * `buildResourcePlugin` so the host's configured logger owns the
+   * output — the framework never speaks to `console.*` from `src/`
+   * outside of the CLI.
+   */
+  _diagnostics?: ResourceDiagnostic[];
   /**
    * Per-host idempotency guard used by `buildResourcePlugin` to
    * skip duplicate shared-state writes when the same resource is
@@ -2852,8 +3142,25 @@ interface RouteRow {
 }
 declare class ResourceRegistry {
   private _resources;
+  /**
+   * Parallel map of full `DataAdapter` instances. The public `RegistryEntry.adapter`
+   * field is intentionally narrowed to `{ type, name }` so introspection can be
+   * JSON-serialized — but cascade / cleanup / migration helpers need the live
+   * adapter (and its `.repository`) to do real work. Stored here, behind
+   * `getAdapter(name)`, so the public metadata stays serializable and the
+   * runtime-only handle is still reachable.
+   */
+  private _adapters;
   private _frozen;
   constructor();
+  /**
+   * Get the live `DataAdapter` for a registered resource — the handle whose
+   * `.repository` cascade / cleanup helpers actually call. Returns `undefined`
+   * when the resource is unknown OR was registered without an adapter
+   * (service-only resources). Typed loosely (`unknown`-shaped fields) so
+   * consumers cast to their kit's adapter type at the use site.
+   */
+  getAdapter<T = unknown>(name: string): T | undefined;
   /**
    * Register a resource
    */
@@ -2923,7 +3230,16 @@ declare class ResourceRegistry {
    */
   unfreeze(): void;
   /**
-   * Reset registry — clear all resources and unfreeze
+   * Reset registry — clear all resources, drop their parallel live-adapter
+   * handles, and unfreeze.
+   *
+   * The `_adapters` map (added in 2.15.5 so cascade / cleanup helpers can
+   * reach `adapter.repository` after registration) must clear alongside
+   * `_resources`. Pre-2.16 this method dropped the public entries but
+   * left the live adapters dangling, so a test that called `reset()`
+   * between cases would see ghost adapters and either (a) leak a live
+   * Mongo connection across describe blocks or (b) `cascadeDeleteForOrganization`
+   * iterate over a defunct registry entry. Clear both halves together.
    */
   reset(): void;
   /** @internal Alias for unfreeze() */
@@ -3306,6 +3622,21 @@ interface RegistryEntry extends ResourceMetadata {
   } | null;
   events?: string[];
   disableDefaultRoutes?: boolean;
+  /**
+   * 2.15.5 — multi-tenant scoping field declared on the resource
+   * (defaults to `'organizationId'`; `false` for company-wide tables).
+   * Surfaced so introspection / cascade helpers can scope deletes
+   * without re-reading the resource definition.
+   */
+  tenantField?: string | false;
+  /**
+   * Resolved tenant-purge strategy — what arc actually runs when
+   * `cascadeDeleteForOrganization` fires for this resource. Computed
+   * at boot from the resource's `onTenantDelete` declaration. Surfaced
+   * here so introspection / audit scripts can answer "what happens on
+   * org-delete?" without re-reading the resource definition.
+   */
+  resolvedTenantPurge?: ResolvedTenantPurge;
   openApiSchemas?: OpenApiSchemas;
   registeredAt?: string;
   /** Field-level permissions metadata (for OpenAPI data) */
@@ -3340,7 +3671,15 @@ interface RegistryEntry extends ResourceMetadata {
     readonly name: string;
     readonly description?: string; /** Raw per-action schema (JSON Schema, Zod v4, or legacy field map) */
     readonly schema?: unknown; /** Per-action permission check (if different from resource-level `actionPermissions`) */
-    readonly permissions?: PermissionCheck; /** MCP tool generation flag — `false` to skip, object for overrides */
+    readonly permissions?: PermissionCheck;
+    /**
+     * 2.15.5: mount point — `true` (default) for `POST /:id/action`,
+     * `false` for `POST /action` (resource-root, no `:id` path param).
+     * Consumed by registry enumeration, OpenAPI generation, and FE
+     * resource manifests so callers can pick the right URL without
+     * reading the action definition itself.
+     */
+    readonly id?: boolean; /** MCP tool generation flag — `false` to skip, object for overrides */
     readonly mcp?: boolean | {
       readonly description?: string;
       readonly annotations?: Record<string, unknown>;
@@ -3463,4 +3802,4 @@ interface ValidateOptions {
   strict?: boolean;
 }
 //#endregion
-export { OpenApiSchemas as $, SoftDeleteMixin as $t, RequestIdOptions as A, afterCreate as An, Guard as At, defineResource as B, Authenticator as Bt, RequestContext as C, HookContext as Cn, AggregationConfig as Ct, HealthCheck as D, HookRegistration as Dn, AggregationMaterializedResult as Dt, GracefulShutdownOptions as E, HookPhase as En, AggregationMaterializedContext as Et, FastifyWithDecorators as F, beforeUpdate as Fn, PipelineContext as Ft, ActionsMap as G, ApiResponse as Gt, ActionDefinition as H, JwtContext as Ht, MiddlewareHandler as I, createHookSystem as In, PipelineStep as It, CrudRouteKey as J, ObjectId as Jt, ArcFieldRule as K, ArcRequest as Kt, RequestWithExtras as L, defineHook as Ln, Transform as Lt, EventsDecorator as M, afterUpdate as Mn, NextFunction as Mt, FastifyRequestExtras as N, beforeCreate as Nn, OperationFilter as Nt, HealthOptions as O, HookSystem as On, AggregationRateLimit as Ot, FastifyWithAuth as P, beforeDelete as Pn, PipelineConfig as Pt, MiddlewareConfig as Q, SoftDeleteExt as Qt, RegisterOptions as R, AuthHelpers as Rt, QueryParserInterface as S, DefineHookOptions as Sn, AggregationCacheConfig as St, CrudRouterOptions as T, HookOperation as Tn, AggregationIndexHint as Tt, ActionEntry as U, TokenPair as Ut, ResourceDefinition as V, AuthenticatorContext as Vt, ActionHandlerFn as W, AnyRecord as Wt, EventDefinition as X, UserOrganization as Xt, CrudSchemas as Y, UserLike as Yt, FieldRule$1 as Z, BaseController as Zt, ControllerQueryOptions as _, ListResult as _n, IControllerResponse as _t, InferAdapterDoc as a, BulkMixin as an, ResourceConfig as at, ParsedQuery as b, AccessControl as bn, AggMeasureInput as bt, TypedController as c, ControllerConfigurableOptions as cn, ResourcePermissions as ct, PaginationResult as d, QueryResolverConfig as dn, RouteMethod as dt, TreeExt as en, PresetFunction as et, IntrospectionData as f, ArcCreateResult as fn, RouteSchemaOptions as ft, ArcInternalMetadata as g, ArcUpdateResult as gn, IController as gt, ResourceMetadata as h, ArcListResult as hn, FastifyHandler as ht, ValidationResult as i, BulkExt as in, ResourceCacheConfig as it, ArcDecorator as j, afterDelete as jn, Interceptor as jt, IntrospectionPluginOptions as k, HookSystemOptions as kn, AggregationsMap as kt, TypedRepository as l, ControllerConstructionOptions as ln, RouteDefinition as lt, RegistryStats as m, ArcGetResult as mn, ControllerLike as mt, ConfigError as n, SlugExt as nn, PresetResult as nt, InferDocType as o, BaseControllerOptions as on, ResourceHookContext as ot, RegistryEntry as p, ArcDeleteResult as pn, ControllerHandler as pt, CrudController as q, JWTPayload as qt, ValidateOptions as r, SlugMixin as rn, RateLimitConfig as rt, InferResourceDoc as s, BaseCrudController as sn, ResourceHooks as st, RouteHandlerMethod$1 as t, TreeMixin as tn, PresetHook as tt, TypedResourceConfig as u, QueryResolver as un, RouteMcpConfig as ut, LookupOption as v, BodySanitizer as vn, IRequestContext as vt, ServiceContext as w, HookHandler as wn, AggregationDateRangeRequirement as wt, PopulateOption as x, AccessControlConfig as xn, AggMeasureShorthand as xt, OwnershipCheck as y, BodySanitizerConfig as yn, RouteHandler as yt, ResourceRegistry as z, AuthPluginOptions as zt };
+export { OnTenantDeleteConfig as $, BaseController as $t, RequestIdOptions as A, HookSystem as An, AggregationRateLimit as At, defineResource as B, AuthHelpers as Bt, RequestContext as C, AccessControlConfig as Cn, AggMeasureShorthand as Ct, HealthCheck as D, HookOperation as Dn, AggregationIndexHint as Dt, GracefulShutdownOptions as E, HookHandler as En, AggregationDateRangeRequirement as Et, FastifyWithDecorators as F, beforeCreate as Fn, OperationFilter as Ft, ActionsMap as G, TokenPair as Gt, ActionDefinition as H, Authenticator as Ht, MiddlewareHandler as I, beforeDelete as In, PipelineConfig as It, CrudRouteKey as J, ArcRequest as Jt, ArcFieldRule as K, AnyRecord as Kt, RequestWithExtras as L, beforeUpdate as Ln, PipelineContext as Lt, EventsDecorator as M, afterCreate as Mn, Guard as Mt, FastifyRequestExtras as N, afterDelete as Nn, Interceptor as Nt, HealthOptions as O, HookPhase as On, AggregationMaterializedContext as Ot, FastifyWithAuth as P, afterUpdate as Pn, NextFunction as Pt, MiddlewareConfig as Q, UserOrganization as Qt, RegisterOptions as R, createHookSystem as Rn, PipelineStep as Rt, QueryParserInterface as S, AccessControl as Sn, AggMeasureInput as St, CrudRouterOptions as T, HookContext as Tn, AggregationConfig as Tt, ActionEntry as U, AuthenticatorContext as Ut, ResourceDefinition as V, AuthPluginOptions as Vt, ActionHandlerFn as W, JwtContext as Wt, EventDefinition as X, ObjectId as Xt, CrudSchemas as Y, JWTPayload as Yt, FieldRule$1 as Z, UserLike as Zt, ControllerQueryOptions as _, ArcListResult as _n, FastifyHandler as _t, InferAdapterDoc as a, SlugMixin as an, ResolvedTenantPurge as at, ParsedQuery as b, BodySanitizer as bn, IRequestContext as bt, TypedController as c, BaseControllerOptions as cn, ResourceHookContext as ct, PaginationResult as d, ControllerConstructionOptions as dn, RouteDefinition as dt, SoftDeleteExt as en, OpenApiSchemas as et, IntrospectionData as f, QueryResolver as fn, RouteMcpConfig as ft, ArcInternalMetadata as g, ArcGetResult as gn, ControllerLike as gt, ResourceMetadata as h, ArcDeleteResult as hn, ControllerHandler as ht, ValidationResult as i, SlugExt as in, RateLimitConfig as it, ArcDecorator as j, HookSystemOptions as jn, AggregationsMap as jt, IntrospectionPluginOptions as k, HookRegistration as kn, AggregationMaterializedResult as kt, TypedRepository as l, BaseCrudController as ln, ResourceHooks as lt, RegistryStats as m, ArcCreateResult as mn, RouteSchemaOptions as mt, ConfigError as n, TreeExt as nn, PresetHook as nt, InferDocType as o, BulkExt as on, ResourceCacheConfig as ot, RegistryEntry as p, QueryResolverConfig as pn, RouteMethod as pt, CrudController as q, ApiResponse as qt, ValidateOptions as r, TreeMixin as rn, PresetResult as rt, InferResourceDoc as s, BulkMixin as sn, ResourceConfig as st, RouteHandlerMethod$1 as t, SoftDeleteMixin as tn, PresetFunction as tt, TypedResourceConfig as u, ControllerConfigurableOptions as un, ResourcePermissions as ut, LookupOption as v, ArcUpdateResult as vn, IController as vt, ServiceContext as w, DefineHookOptions as wn, AggregationCacheConfig as wt, PopulateOption as x, BodySanitizerConfig as xn, RouteHandler as xt, OwnershipCheck as y, ListResult as yn, IControllerResponse as yt, ResourceRegistry as z, defineHook as zn, Transform as zt };

package/dist/index.d.mts

@@ -1,10 +1,10 @@
-import { $t as SoftDeleteMixin, A as RequestIdOptions, B as defineResource, C as RequestContext, Ct as AggregationConfig, D as HealthCheck, Dt as AggregationMaterializedResult, E as GracefulShutdownOptions, Et as AggregationMaterializedContext, F as FastifyWithDecorators, Gt as ApiResponse, J as CrudRouteKey, Kt as ArcRequest, L as RequestWithExtras, N as FastifyRequestExtras, O as HealthOptions, Ot as AggregationRateLimit, P as FastifyWithAuth, Q as MiddlewareConfig, Qt as SoftDeleteExt, S as QueryParserInterface, St as AggregationCacheConfig, T as CrudRouterOptions, Tt as AggregationIndexHint, V as ResourceDefinition, Wt as AnyRecord, X as EventDefinition, Xt as UserOrganization, Y as CrudSchemas, Z as FieldRule, Zt as BaseController, _n as ListResult, _t as IControllerResponse, a as InferAdapterDoc, an as BulkMixin, at as ResourceConfig, bt as AggMeasureInput, c as TypedController, cn as ControllerConfigurableOptions, d as PaginationResult, en as TreeExt, et as PresetFunction, f as IntrospectionData, fn as ArcCreateResult, ft as RouteSchemaOptions, g as ArcInternalMetadata, gn as ArcUpdateResult, gt as IController, h as ResourceMetadata, hn as ArcListResult, i as ValidationResult, in as BulkExt, k as IntrospectionPluginOptions, kt as AggregationsMap, l as TypedRepository, ln as ControllerConstructionOptions, m as RegistryStats, mn as ArcGetResult, mt as ControllerLike, n as ConfigError, nn as SlugExt, nt as PresetResult, o as InferDocType, on as BaseControllerOptions, p as RegistryEntry, pn as ArcDeleteResult, q as CrudController, qt as JWTPayload, r as ValidateOptions, rn as SlugMixin, rt as RateLimitConfig, s as InferResourceDoc, sn as BaseCrudController, t as RouteHandlerMethod, tn as TreeMixin, u as TypedResourceConfig, vt as IRequestContext, w as ServiceContext, wt as AggregationDateRangeRequirement, xt as AggMeasureShorthand, y as OwnershipCheck, yt as RouteHandler, zt as AuthPluginOptions } from "./index-BswOSJCE.mjs";
-import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, t as FieldPermission, u as PermissionResult } from "./fields-COhcH3fk.mjs";
-import { A as MAX_SEARCH_LENGTH, C as DEFAULT_UPDATE_METHOD, D as HookPhase, E as HookOperation, M as MutationOperation, N as RESERVED_QUERY_PARAMS, O as MAX_FILTER_DEPTH, P as SYSTEM_FIELDS, S as DEFAULT_TENANT_FIELD, T as HOOK_PHASES, _ as CrudOperation, b as DEFAULT_MAX_LIMIT, f as defineResourceVariants, g as CRUD_OPERATIONS, h as defineAggregation, j as MUTATION_OPERATIONS, k as MAX_REGEX_LENGTH, s as getControllerScope, v as DEFAULT_ID_FIELD, w as HOOK_OPERATIONS, x as DEFAULT_SORT, y as DEFAULT_LIMIT } from "./index-BstGxcc3.mjs";
-import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-BTqLEvhu.mjs";
-import { ct as NotFoundError, ht as createDomainError, it as ArcError, mt as ValidationError, pt as UnauthorizedError, st as ForbiddenError, t as getUserId } from "./index-bRjYu21O.mjs";
+import { $t as BaseController, A as RequestIdOptions, At as AggregationRateLimit, B as defineResource, C as RequestContext, Ct as AggMeasureShorthand, D as HealthCheck, Dt as AggregationIndexHint, E as GracefulShutdownOptions, Et as AggregationDateRangeRequirement, F as FastifyWithDecorators, J as CrudRouteKey, Jt as ArcRequest, Kt as AnyRecord, L as RequestWithExtras, N as FastifyRequestExtras, O as HealthOptions, Ot as AggregationMaterializedContext, P as FastifyWithAuth, Q as MiddlewareConfig, Qt as UserOrganization, S as QueryParserInterface, St as AggMeasureInput, T as CrudRouterOptions, Tt as AggregationConfig, V as ResourceDefinition, Vt as AuthPluginOptions, X as EventDefinition, Y as CrudSchemas, Yt as JWTPayload, Z as FieldRule, _n as ArcListResult, a as InferAdapterDoc, an as SlugMixin, bt as IRequestContext, c as TypedController, cn as BaseControllerOptions, d as PaginationResult, dn as ControllerConstructionOptions, en as SoftDeleteExt, f as IntrospectionData, g as ArcInternalMetadata, gn as ArcGetResult, gt as ControllerLike, h as ResourceMetadata, hn as ArcDeleteResult, i as ValidationResult, in as SlugExt, it as RateLimitConfig, jt as AggregationsMap, k as IntrospectionPluginOptions, kt as AggregationMaterializedResult, l as TypedRepository, ln as BaseCrudController, m as RegistryStats, mn as ArcCreateResult, mt as RouteSchemaOptions, n as ConfigError, nn as TreeExt, o as InferDocType, on as BulkExt, p as RegistryEntry, q as CrudController, qt as ApiResponse, r as ValidateOptions, rn as TreeMixin, rt as PresetResult, s as InferResourceDoc, sn as BulkMixin, st as ResourceConfig, t as RouteHandlerMethod, tn as SoftDeleteMixin, tt as PresetFunction, u as TypedResourceConfig, un as ControllerConfigurableOptions, vn as ArcUpdateResult, vt as IController, w as ServiceContext, wt as AggregationCacheConfig, xt as RouteHandler, y as OwnershipCheck, yn as ListResult, yt as IControllerResponse } from "./index-CkW0flkU.mjs";
+import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, t as FieldPermission, u as PermissionResult } from "./fields-Anj0xdih.mjs";
+import { A as MAX_FILTER_DEPTH, C as DEFAULT_SORT, D as HOOK_PHASES, E as HOOK_OPERATIONS, F as RESERVED_QUERY_PARAMS, I as SYSTEM_FIELDS, M as MAX_SEARCH_LENGTH, N as MUTATION_OPERATIONS, O as HookOperation, P as MutationOperation, S as DEFAULT_MAX_LIMIT, T as DEFAULT_UPDATE_METHOD, _ as defineAggregation, b as DEFAULT_ID_FIELD, f as defineResourceVariants, j as MAX_REGEX_LENGTH, k as HookPhase, m as defineAction, s as getControllerScope, v as CRUD_OPERATIONS, w as DEFAULT_TENANT_FIELD, x as DEFAULT_LIMIT, y as CrudOperation } from "./index-B-ulKx5P.mjs";
+import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-3oIimXQn.mjs";
+import { a as NotFoundError, d as ValidationError, f as createDomainError, i as ForbiddenError, t as ArcError, u as UnauthorizedError } from "./errors-C1lX_jlm.mjs";
 
 //#region src/index.d.ts
 declare const version: string;
 //#endregion
-export { type AggMeasureInput, type AggMeasureShorthand, type AggregationCacheConfig, type AggregationConfig, type AggregationDateRangeRequirement, type AggregationIndexHint, type AggregationMaterializedContext, type AggregationMaterializedResult, type AggregationRateLimit, type AggregationsMap, type AnyRecord, type ApiResponse, type ArcCreateResult, type ArcDeleteResult, ArcError, type ArcGetResult, type ArcInternalMetadata, type ArcListResult, type ArcRequest, type ArcUpdateResult, type AuthPluginOptions, BaseController, type BaseControllerOptions, BaseCrudController, type BulkExt, BulkMixin, CRUD_OPERATIONS, type ConfigError, type ControllerConfigurableOptions, type ControllerConstructionOptions, type ControllerLike, type CrudController, type CrudOperation, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, type HookOperation, type HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, type ListResult, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, type MutationOperation, NotFoundError, type OwnershipCheck, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PresetFunction, type PresetResult, type QueryParserInterface, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RequestContext, type RequestIdOptions, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type ServiceContext, type SlugExt, SlugMixin, type SoftDeleteExt, SoftDeleteMixin, type TreeExt, TreeMixin, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createOrgPermissions, defineAggregation, defineResource, defineResourceVariants, denyAll, fields, fullPublic, getControllerScope, getUserId, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };
+export { type AggMeasureInput, type AggMeasureShorthand, type AggregationCacheConfig, type AggregationConfig, type AggregationDateRangeRequirement, type AggregationIndexHint, type AggregationMaterializedContext, type AggregationMaterializedResult, type AggregationRateLimit, type AggregationsMap, type AnyRecord, type ApiResponse, type ArcCreateResult, type ArcDeleteResult, ArcError, type ArcGetResult, type ArcInternalMetadata, type ArcListResult, type ArcRequest, type ArcUpdateResult, type AuthPluginOptions, BaseController, type BaseControllerOptions, BaseCrudController, type BulkExt, BulkMixin, CRUD_OPERATIONS, type ConfigError, type ControllerConfigurableOptions, type ControllerConstructionOptions, type ControllerLike, type CrudController, type CrudOperation, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, type HookOperation, type HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, type ListResult, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, type MutationOperation, NotFoundError, type OwnershipCheck, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PresetFunction, type PresetResult, type QueryParserInterface, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RequestContext, type RequestIdOptions, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type ServiceContext, type SlugExt, SlugMixin, type SoftDeleteExt, SoftDeleteMixin, type TreeExt, TreeMixin, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createOrgPermissions, defineAction, defineAggregation, defineResource, defineResourceVariants, denyAll, fields, fullPublic, getControllerScope, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };

package/dist/index.mjs

@@ -1,11 +1,10 @@
-import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-Cxde4rpC.mjs";
+import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-TrJVIJl0.mjs";
 import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-j4aJm1Wg.mjs";
-import { t as getUserId } from "./utils-_h9B3c57.mjs";
-import { a as BulkMixin, i as SlugMixin, n as TreeMixin, o as BaseCrudController, r as SoftDeleteMixin, t as BaseController } from "./BaseController-dx3m2J8V.mjs";
-import { C as allowPublic, D as requireAuth, O as requireOwnership, S as allOf, T as denyAll, _ as requireOrgMembership, a as presets_exports, b as requireServiceScope, c as readOnly, d as applyFieldWritePermissions, f as fields, g as requireOrgInScope, h as createOrgPermissions, i as ownerWithAdminBypass, j as when, k as requireRoles, m as createDynamicPermissionMatrix, n as authenticated, o as publicRead, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as applyFieldReadPermissions, v as requireOrgRole, w as anyOf, x as requireTeamMembership, y as requireScopeContext } from "./permissions-ohQyv50e.mjs";
-import { v as getControllerScope } from "./routerShared-DrOa-26E.mjs";
-import { a as defineResource, i as defineResourceVariants, l as defineAggregation, o as ResourceDefinition } from "./core-CvmOqEms.mjs";
+import { a as BulkMixin, i as SlugMixin, n as TreeMixin, o as BaseCrudController, r as SoftDeleteMixin, t as BaseController } from "./BaseController-DlCCTIxJ.mjs";
+import { C as allowPublic, D as requireAuth, O as requireOwnership, S as allOf, T as denyAll, _ as requireOrgMembership, a as presets_exports, b as requireServiceScope, c as readOnly, d as applyFieldWritePermissions, f as fields, g as requireOrgInScope, h as createOrgPermissions, i as ownerWithAdminBypass, j as when, k as requireRoles, m as createDynamicPermissionMatrix, n as authenticated, o as publicRead, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as applyFieldReadPermissions, v as requireOrgRole, w as anyOf, x as requireTeamMembership, y as requireScopeContext } from "./permissions-CTxMrreC.mjs";
+import { v as getControllerScope } from "./routerShared-CZV5aabX.mjs";
+import { a as defineResource, i as defineResourceVariants, o as ResourceDefinition, s as defineAction, u as defineAggregation } from "./core-DBJ_j6rX.mjs";
 //#region src/index.ts
-const version = "2.15.3";
+const version = "2.16.0";
 //#endregion
-export { ArcError, BaseController, BaseCrudController, BulkMixin, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, NotFoundError, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, SlugMixin, SoftDeleteMixin, TreeMixin, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createOrgPermissions, defineAggregation, defineResource, defineResourceVariants, denyAll, fields, fullPublic, getControllerScope, getUserId, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };
+export { ArcError, BaseController, BaseCrudController, BulkMixin, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, NotFoundError, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, SlugMixin, SoftDeleteMixin, TreeMixin, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, authenticated, createDomainError, createDynamicPermissionMatrix, createOrgPermissions, defineAction, defineAggregation, defineResource, defineResourceVariants, denyAll, fields, fullPublic, getControllerScope, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, version, when };

package/dist/init-Dv71MsJr.d.mts

@@ -0,0 +1,71 @@
+//#region src/cli/commands/init/types.d.ts
+/**
+ * Shared types for the `arc init` scaffolder.
+ *
+ * `InitOptions` is the public CLI surface (everything callers can pass);
+ * `ProjectConfig` is the post-prompt resolved shape every template
+ * consumes. Keeping them separate lets the CLI surface evolve (more
+ * optional flags) without forcing every template to inspect optionality.
+ */
+type PackageManager = "npm" | "pnpm" | "yarn" | "bun";
+interface InitOptions {
+  name?: string;
+  adapter?: "mongokit" | "custom";
+  auth?: "jwt" | "better-auth";
+  tenant?: "multi" | "single";
+  /**
+   * Enable Better Auth's `apiKey` plugin (`@better-auth/api-key`) for
+   * machine-to-machine authentication alongside cookie/session auth.
+   * Only used when `auth === 'better-auth'`. Default: false.
+   */
+  apiKey?: boolean;
+  /**
+   * Session strategy when using Better Auth.
+   * - `cookie` (default): browser cookie + DB-backed session (BA's default)
+   * - `bearer`: Authorization: Bearer header (mobile apps, SPA, M2M)
+   * Both can coexist — `bearer: true` adds bearer alongside cookies.
+   */
+  session?: "cookie" | "bearer" | "both";
+  typescript?: boolean;
+  edge?: boolean;
+  /**
+   * Emit Dockerfile / .dockerignore / docker-compose.yml in the scaffold.
+   *
+   * 2.16: defaults to `false`. Docker / deployment topology is an
+   * app-level concern — many hosts ship to Cloud Run / Fly / Vercel /
+   * AWS Lambda / Cloudflare Workers / their own Kubernetes manifests
+   * and don't want arc's opinionated Docker assets cluttering the repo
+   * (the framework rule is "don't dictate deployment"). Opt in with
+   * `--docker` when you genuinely want arc's Compose-based dev setup.
+   *
+   * `edge: true` continues to imply no Docker (Workers don't run in
+   * containers) — the flag is ignored when `edge` is set.
+   */
+  docker?: boolean;
+  skipInstall?: boolean;
+  force?: boolean;
+}
+interface ProjectConfig {
+  name: string;
+  adapter: "mongokit" | "custom";
+  auth: "jwt" | "better-auth";
+  tenant: "multi" | "single";
+  apiKey: boolean;
+  session: "cookie" | "bearer" | "both";
+  typescript: boolean;
+  edge: boolean;
+  /** Resolved opt-in for Docker scaffolding — see `InitOptions.docker`. */
+  docker: boolean;
+}
+interface DependencyManifest {
+  dependencies: Record<string, string>;
+  devDependencies: Record<string, string>;
+}
+//#endregion
+//#region src/cli/commands/init/index.d.ts
+/**
+ * Initialize a new Arc project.
+ */
+declare function init(options?: InitOptions): Promise<void>;
+//#endregion
+export { ProjectConfig as a, PackageManager as i, DependencyManifest as n, InitOptions as r, init as t };