@classytic/arc 2.8.5 → 2.10.3

package/skills/arc/references/events.md

@@ -116,22 +116,73 @@ const unsub = await fastify.events.subscribe('order.created', handler);
 unsub();
 ```
 
-## Event Structure
+## Event Structure (v2.9)
 
 ```typescript
+interface EventMeta {
+  id: string;              // UUID v4 (fresh per emit; a retry gets a new id)
+  timestamp: Date;
+  schemaVersion?: number;  // bump on payload breaking change
+  correlationId?: string;  // stable across causal chain
+  causationId?: string;    // direct parent event id
+  partitionKey?: string;   // ordering hint (Kafka/Kinesis/Streams)
+  source?: string;         // originating service/package ('commerce', 'billing')
+  idempotencyKey?: string; // cross-transport dedupe hint — stable per operation
+  resource?: string;
+  resourceId?: string;
+  userId?: string;
+  organizationId?: string;
+  aggregate?: { type: string; id: string }; // DDD aggregate marker
+}
+
 interface DomainEvent<T> {
-  type: string;          // e.g., 'order.created'
+  type: string;            // e.g., 'order.created'
   payload: T;
-  meta: {
-    id: string;          // Unique event ID
-    timestamp: Date;
-    source?: string;
-    resource?: string;
-    resourceId?: string;
-    userId?: string;
-    organizationId?: string;
-    correlationId?: string;
-  };
+  meta: EventMeta;
+}
+```
+
+**Arc is source of truth** — `@classytic/primitives/events` mirrors these shapes. Downstream packages import from primitives; arc owns evolution.
+
+### DDD aggregate narrowing
+
+`aggregate.type` is `string` in arc's base contract so it stays framework-neutral. Domain packages narrow it to a closed union via interface extension:
+
+```typescript
+// @classytic/cart
+type CartAggregateType = 'cart' | 'cart-item';
+
+interface CartEventMeta extends EventMeta {
+  aggregate?: { type: CartAggregateType; id: string };
+}
+```
+
+Unlike `correlationId` / `causationId`, `aggregate` is **not inherited** by `createChildEvent`. Child events usually belong to a different aggregate (e.g. an `order.placed` event emitted by the order aggregate spawns `inventory.reserved` owned by the inventory aggregate). Each event names its own aggregate explicitly.
+
+### Causation chains
+
+```typescript
+import { createEvent, createChildEvent } from '@classytic/arc/events';
+
+const placed = createEvent('order.placed', { orderId: 'o1' }, {
+  correlationId: req.id, userId: user.id,
+});
+
+// Downstream handler emits child — causation linked, correlation inherited:
+const reserved = createChildEvent(placed, 'inventory.reserved', { sku: 'a' });
+// reserved.meta.causationId   === placed.meta.id
+// reserved.meta.correlationId === placed.meta.correlationId
+```
+
+### Dead-letter contract
+
+```typescript
+import type { DeadLetteredEvent, EventTransport } from '@classytic/arc/events';
+
+class KafkaTransport implements EventTransport {
+  async deadLetter(dlq: DeadLetteredEvent) {
+    await producer.send({ topic: `${dlq.event.type}.DLQ`, messages: [{ value: JSON.stringify(dlq) }] });
+  }
 }
 ```
 
@@ -299,3 +350,140 @@ const retriedHandler = withRetry(async (event) => {
 
 await fastify.events.subscribe('order.created', retriedHandler);
 ```
+
+### Auto-route exhausted events to transport.deadLetter() (v2.9)
+
+For transports with a native DLQ (Kafka DLQ topic, SQS DLQ queue, etc.), pass
+`transport` to skip custom `$deadLetter` plumbing:
+
+```typescript
+await fastify.events.subscribe(
+  'order.created',
+  withRetry(handler, {
+    maxRetries: 3,
+    transport: fastify.events.transport,  // any EventTransport with deadLetter()
+    name: 'emailProcessor',                // populates DeadLetteredEvent.handlerName
+  }),
+);
+```
+
+On exhaustion, a typed `DeadLetteredEvent` envelope (original event + error +
+attempts + first/last failure timestamps) is handed to `transport.deadLetter()`.
+`onDead` still works — both fire when both are configured.
+
+## Transactional Outbox (v2.9)
+
+**Why the outbox exists:** you write a row + publish an event in the same user
+request. If the transport (Redis/Kafka) is down at that moment, the row
+commits but the event vanishes — silent data divergence. The outbox persists
+the event in the **same DB transaction** as the row, then a background relayer
+guarantees at-least-once delivery to the transport. Multi-worker claim +
+retry/DLQ policy + dedupe make it scale.
+
+`EventOutbox` now offers centralised retry/DLQ and typed DLQ query:
+
+```typescript
+import { EventOutbox, MemoryOutboxStore, exponentialBackoff } from '@classytic/arc/events';
+
+const outbox = new EventOutbox({
+  store: new MemoryOutboxStore(),   // swap for durable store in prod
+  transport: fastify.events.transport,
+
+  // Centralised retry/DLQ — no more hand-rolled exponentialBackoff at every fail site
+  failurePolicy: ({ attempts, error }) => {
+    if (attempts >= 5) return { deadLetter: true };
+    return { retryAt: exponentialBackoff({ attempt: attempts }) };
+  },
+});
+
+// meta.idempotencyKey auto-maps to OutboxWriteOptions.dedupeKey — duplicate
+// saves with the same key are silently absorbed.
+await outbox.store(
+  createEvent('order.placed', payload, { idempotencyKey: `order:${id}:placed` }),
+);
+
+// Rich per-batch outcome — deadLettered is new in v2.9
+const result = await outbox.relayBatch();
+// { relayed, attempted, publishFailed, ackFailed, ownershipMismatches,
+//   malformed, failHookErrors, deadLettered, usedPublishMany }
+
+// Read DLQ state as typed DeadLetteredEvent[]
+const dlq = await outbox.getDeadLettered(100);
+for (const envelope of dlq) {
+  await alertOps(envelope);  // event, error, attempts, firstFailedAt, lastFailedAt
+}
+```
+
+**Store capability tiers:**
+
+| Method | Required | What you lose without it |
+|---|---|---|
+| `save`, `getPending`, `acknowledge` | ✅ | — |
+| `claimPending` | — | Multi-worker relay safety |
+| `fail` | — | Retry / DLQ / per-event failure reporting |
+| `getDeadLettered` | — | `outbox.getDeadLettered()` returns `[]` |
+| `purge` | — | App owns retention (TTL index, cron DELETE, etc.) |
+
+`MemoryOutboxStore` implements all capabilities — use it as a reference when
+writing a durable store for Postgres / DynamoDB / your DB of choice.
+
+### Durable store — pass a `RepositoryLike`
+
+Arc adapts any `Repository` (mongokit / prismakit / your own kit) to the
+`OutboxStore` contract — no dedicated subpath, no store class to
+instantiate:
+
+```typescript
+import mongoose from 'mongoose';
+import { Repository } from '@classytic/mongokit';
+import { EventOutbox, exponentialBackoff, createEvent } from '@classytic/arc/events';
+
+const OutboxModel = mongoose.model('ArcOutbox', OutboxSchema, 'arc_outbox_events');
+
+const outbox = new EventOutbox({
+  repository: new Repository(OutboxModel),
+  transport: redisTransport,
+  failurePolicy: ({ attempts }) =>
+    attempts >= 5 ? { deadLetter: true } : { retryAt: exponentialBackoff({ attempt: attempts }) },
+});
+
+// Persist event in the same DB transaction as the row
+await mongoose.connection.transaction(async (session) => {
+  await Order.create([orderDoc], { session });
+  await outbox.store(
+    createEvent('order.placed', { orderId }, { idempotencyKey: `order:${orderId}:placed` }),
+    { session },
+  );
+});
+
+// Background relayer
+setInterval(async () => {
+  const r = await outbox.relayBatch();
+  metrics.gauge('outbox.deadLettered', r.deadLettered);
+}, 1000);
+
+// Ops: read dead-letter envelopes for alerting / replay
+const dlq = await outbox.getDeadLettered(100);
+```
+
+**What you get:**
+
+- **Atomic multi-worker claim** — arc's adapter uses `findOneAndUpdate`
+  on `{ status: 'pending', visibleAt ≤ now, lease free }`. Two racing
+  relayers never see the same event; expired leases auto-recover.
+- **Session threading** — `outbox.store(event, { session })` flows
+  through `Repository.create(doc, { session })` so the event commits
+  with your business write.
+- **Dedupe** — `meta.idempotencyKey` maps to `dedupeKey`; your kit's
+  unique index (or equivalent) enforces idempotency.
+- **DLQ** — `getDeadLettered(limit)` returns typed `DeadLetteredEvent[]`.
+  `RelayResult.deadLettered` counts per-batch transitions.
+- **Purge** — `outbox.purge(olderThanMs)` deletes delivered rows; define
+  retention via a TTL index (`deliveredAt`), a cron, or a scheduler —
+  your kit's choice.
+
+You own the schema and indexes. Recommended shape:
+`{ eventId (unique), type, payload, meta, status, attempts, leaseOwner,
+leaseExpiresAt, visibleAt, dedupeKey (unique sparse), lastError,
+createdAt, deliveredAt }` with indexes on `{ status, visibleAt }` and
+`{ deliveredAt }` (TTL).

package/skills/arc/references/mcp.md

@@ -537,7 +537,7 @@ Use to verify the MCP server is alive before configuring Claude CLI.
 
 ### ArcRequest — Typed Fastify Request
 
-For `wrapHandler: false` routes, use `ArcRequest` instead of `(req as any).user`:
+For `raw: true` routes, use `ArcRequest` instead of `(req as any).user`:
 
 ```typescript
 import type { ArcRequest } from '@classytic/arc';
@@ -589,28 +589,15 @@ throw createDomainError('INSUFFICIENT_BALANCE', 'Not enough credits', 402, { bal
 // Arc's error handler auto-maps statusCode to HTTP response
 ```
 
-### onRegister — Resource Lifecycle Hook
-
-Called during plugin registration with the scoped Fastify instance:
-
-```typescript
-defineResource({
-  name: 'notification',
-  onRegister: (fastify) => {
-    setSseManager(fastify.sseManager);
-  },
-})
-```
-
 ### preAuth — Pre-Auth Handlers for SSE/WebSocket
 
 Run before auth middleware. Use for promoting `?token=` to `Authorization` header (EventSource can't set headers):
 
 ```typescript
-additionalRoutes: [{
+routes: [{
   method: 'GET',
   path: '/stream',
-  wrapHandler: false,
+  raw: true,
   permissions: requireAuth(),
   preAuth: [(req) => {
     const token = req.query?.token;
@@ -625,7 +612,7 @@ additionalRoutes: [{
 Auto-sets SSE headers and bypasses Arc's response wrapper:
 
 ```typescript
-additionalRoutes: [{
+routes: [{
   method: 'POST',
   path: '/stream',
   streamResponse: true,        // SSE headers + no { success, data } wrapper

package/skills/arc/references/multi-tenancy.md

@@ -178,6 +178,49 @@ Arc does NOT auto-derive scope from `request.user.organizationId` — that's a f
 2. **`elevated` with no `organizationId` bypasses tenant filtering.** This is intentional (admin sees everything), but it means you can't use `kind: 'elevated'` for normal per-org access.
 3. **`systemManaged` is your seatbelt for create/update.** Mark tenant fields (`companyId`, `organizationId`) as `systemManaged` in `fieldRules` so `BodySanitizer` strips any client-supplied value. The tenant field is then injected from the scope at write time — not from the request body.
 4. **Rate-limit keys respect all 5 scope kinds.** The built-in `createTenantKeyGenerator` uses `organizationId` for member/service/elevated and falls back to `userId`/IP for authenticated/public.
+5. **multiTenant preset injects org on UPDATE (v2.9).** Body-supplied `organizationId` is overwritten with the caller's scope — closes the tenant-hop vector where a member could PATCH their own doc into another tenant. Elevated scope with no org still bypasses (admin cross-tenant).
+
+## Mongokit tenant-context helper (optional)
+
+If your adapter is mongokit ≥3.7, you can wire mongokit's `createTenantContext()` to propagate the org id through `AsyncLocalStorage` — useful when domain code outside arc routes needs the current tenant without threading `req` everywhere:
+
+```ts
+import { createTenantContext, multiTenantPlugin, Repository } from '@classytic/mongokit';
+import { getOrgId } from '@classytic/arc/scope';
+
+const tenantContext = createTenantContext();
+const repo = new Repository(Model, [
+  multiTenantPlugin({ tenantField: 'organizationId', context: tenantContext }),
+]);
+
+// Install scope → ALS bridge once in your app:
+fastify.addHook('preHandler', (req, _reply, done) => {
+  const scope = (req.metadata as { _scope?: unknown } | undefined)?._scope;
+  const orgId = scope ? getOrgId(scope as never) : undefined;
+  if (orgId) tenantContext.run(orgId, done);
+  else done();
+});
+
+// Now any domain code can read it:
+import { getTenantId } from './tenantContext.js';
+await someService.doThing({ orgId: getTenantId() });
+```
+
+Arc doesn't bundle this — it's mongokit-specific. Arc's scope helpers (`getOrgId`, `getOrgContext`) remain the source of truth inside the request cycle; `createTenantContext()` is a complement for code that lives outside it.
+
+## Plugin-order safety (mongokit ≥3.7)
+
+Mongokit's `Repository` constructor accepts `pluginOrderChecks: 'warn' | 'throw' | 'off'` (default `'warn'`). Pass `'throw'` in production to catch foot-guns — e.g. installing `softDeletePlugin` AFTER `batchOperationsPlugin` silently bypasses soft-delete on `deleteMany`:
+
+```ts
+new Repository(Model, [
+  multiTenantPlugin({...}),       // must precede cache + batch-ops
+  softDeletePlugin(),             // must precede batch-ops
+  batchOperationsPlugin(),
+], {}, { pluginOrderChecks: 'throw' });
+```
+
+Arc doesn't surface this option — configure it directly on the mongokit `Repository` you hand to `defineResource({ adapter: createMongooseAdapter({ repository }) })`.
 
 ## Helpers reference
 

package/skills/arc/references/production.md

@@ -2,6 +2,15 @@
 
 Health checks, audit trail, idempotency, tracing, SSE, caching, graceful shutdown.
 
+## v2.9 Security Defaults
+
+- **Field-write perms reject by default** — `defineResource({ fields, onFieldWriteDenied })`. Default `'reject'` → 403 with denied field list. Legacy silent-strip: `onFieldWriteDenied: 'strip'`.
+- **Elevation always emits `arc.scope.elevated`** — subscribe via `fastify.events.subscribe('arc.scope.elevated', handler)` for audit. `onElevation` callback still supported.
+- **multiTenant injects org on UPDATE** — closes cross-tenant hop vector. Body-supplied `organizationId` overwritten with caller's scope.
+- **`verifySignature(body, secret, sig)` throws TypeError** if body isn't string/Buffer — register `@fastify/raw-body` before webhook routes; pass `req.rawBody`.
+- **Upload `sanitizeFilename` (preset)** — strict by default; `false` / `'*'` / custom fn to relax per adapter needs.
+- **Idempotency `namespace`** — fold an env key into the fingerprint when multiple deployments share a Redis (prod + canary, api + jobs).
+
 ## Health Plugin
 
 Kubernetes-ready liveness/readiness probes:
@@ -56,22 +65,21 @@ await fastify.register(gracefulShutdownPlugin, {
 
 ## Audit Plugin
 
-Change tracking with pluggable storage:
+Change tracking. Pass a `RepositoryLike` for persistence, or omit for in-memory dev:
 
 ```typescript
 import { auditPlugin } from '@classytic/arc/audit';
+import { Repository } from '@classytic/mongokit';
 
-// Development
-await fastify.register(auditPlugin, { enabled: true, stores: ['memory'] });
+// Development (in-memory)
+await fastify.register(auditPlugin, { enabled: true });
 
-// Production
+// Production — any kit (mongokit / prismakit / custom)
 await fastify.register(auditPlugin, {
   enabled: true,
-  stores: ['mongodb'],
-  mongoConnection: mongoose.connection,
-  mongoCollection: 'audit_logs',
-  ttlDays: 90,     // Auto-cleanup via TTL index
+  repository: new Repository(AuditModel),
 });
+// TTL / retention owned by your DB (TTL index on `timestamp`, cron DELETE, etc.)
 
 // Usage
 await fastify.audit.create('product', product._id, product, request.auditContext);
@@ -137,16 +145,18 @@ fetch('/api/orders', {
 **Storage backends:**
 
 ```typescript
-// Memory (default, dev)
+// Memory (default, dev) — omit both `repository` and `store`
 import { MemoryIdempotencyStore } from '@classytic/arc/idempotency';
 
 // Redis (production, multi-instance)
 import { RedisIdempotencyStore } from '@classytic/arc/idempotency/redis';
 store: new RedisIdempotencyStore({ client: redis, prefix: 'idem:', ttlMs: 86400000 })
 
-// MongoDB (production, no Redis)
-import { MongoIdempotencyStore } from '@classytic/arc/idempotency/mongodb';
-store: new MongoIdempotencyStore({ connection: mongoose.connection, collection: 'arc_idempotency', createIndex: true })
+// DB-backed via RepositoryLike (mongokit / prismakit / custom)
+import { Repository, methodRegistryPlugin, batchOperationsPlugin, mongoOperationsPlugin } from '@classytic/mongokit';
+repository: new Repository(IdempotencyModel, [
+  methodRegistryPlugin(), batchOperationsPlugin(), mongoOperationsPlugin(),
+])
 ```
 
 **IdempotencyStore interface:**
@@ -356,28 +366,6 @@ const runner = new MigrationRunner(mongoose.connection.db);
 await runner.up([v2]);
 ```
 
-## Policies
-
-Query-level authorization — modify queries based on user:
-
-```typescript
-import { createAccessControlPolicy } from '@classytic/arc/policies';
-
-const editorPolicy = createAccessControlPolicy({
-  statements: [
-    { resource: 'product', action: ['create', 'update'] },
-    { resource: 'order', action: ['read'] },
-  ],
-});
-
-defineResource({
-  permissions: {
-    create: editorPolicy,
-    update: editorPolicy,
-  },
-});
-```
-
 ## OpenAPI & External Paths
 
 Arc auto-generates OpenAPI 3.0 specs from resource definitions. External integrations (auth adapters, custom routes) inject their paths via `ExternalOpenApiPaths`.
@@ -532,39 +520,25 @@ Transactional outbox pattern — at-least-once delivery even if transport is dow
 
 ```typescript
 import { EventOutbox, MemoryOutboxStore } from '@classytic/arc/events';
+import { Repository } from '@classytic/mongokit';
+
+// Dev
+const outbox = new EventOutbox({ store: new MemoryOutboxStore(), transport: redisTransport });
 
+// Production — any RepositoryLike
 const outbox = new EventOutbox({
-  store: new MemoryOutboxStore(),  // or MongoOutboxStore for production
+  repository: new Repository(OutboxModel),
   transport: redisTransport,
 });
 
-// In business logic (same DB transaction)
-await outbox.store(event);
+// In business logic (same DB transaction via `{ session }`)
+await outbox.store(event, { session });
 
 // Relay cron (runs every few seconds)
 const relayed = await outbox.relay();  // publishes pending → transport
 ```
 
-**OutboxStore interface**: `save(event)`, `getPending(limit)`, `acknowledge(eventId)`.
-
-## RPC Service Client — Schema Versioning
-
-The service client supports a `schemaVersion` option for contract compatibility between services:
-
-```typescript
-import { createServiceClient } from '@classytic/arc/rpc';
-
-const catalog = createServiceClient({
-  baseUrl: 'http://catalog:3000',
-  schemaVersion: '1.2.0',  // sent as x-arc-schema-version header
-  correlationId: () => request.id,
-  retry: { maxRetries: 2 },
-});
-
-const products = await catalog.resource('product').list();
-```
-
-Receiving services can check `request.headers['x-arc-schema-version']` to detect version mismatches.
+**OutboxStore interface**: `save(event)`, `getPending(limit)`, `acknowledge(eventId)` (+ optional `claimPending`, `fail`, `getDeadLettered`, `purge`). When you pass `repository`, arc adapts it internally.
 
 ## Bulk Operations Preset
 
@@ -655,16 +629,16 @@ await withCompensation('checkout', steps, { orderId }, {
 });
 ```
 
-**In an additionalRoute with Arc auth:**
+**In a custom route with Arc auth:**
 
 ```typescript
 defineResource({
   name: 'order',
-  additionalRoutes: [{
+  routes: [{
     method: 'POST',
     path: '/:id/checkout',
     permissions: requireAuth(),
-    wrapHandler: false,
+    raw: true,
     handler: async (request, reply) => {
       const result = await withCompensation('checkout', steps, { orderId: request.params.id });
       if (!result.success) return reply.code(422).send({ error: result.error });

package/dist/EventTransport-BXja8NOc.d.mts

@@ -1,135 +0,0 @@
-//#region src/events/EventTransport.d.ts
-/**
- * Event Transport Interface
- *
- * Defines contract for event delivery backends.
- * Implement for durable transports (Redis, RabbitMQ, Kafka, etc.)
- *
- * @example
- * // Redis Pub/Sub implementation
- * class RedisEventTransport implements EventTransport {
- *   async publish(event) {
- *     await redis.publish(event.type, JSON.stringify(event));
- *   }
- *   async subscribe(pattern, handler) {
- *     redis.psubscribe(pattern);
- *     redis.on('pmessage', (p, channel, msg) => handler(JSON.parse(msg)));
- *   }
- * }
- */
-interface DomainEvent<T = unknown> {
-  /** Event type (e.g., 'product.created', 'order.shipped') */
-  type: string;
-  /** Event payload */
-  payload: T;
-  /** Event metadata */
-  meta: {
-    /** Unique event ID */id: string; /** Event timestamp */
-    timestamp: Date; /** Source resource */
-    resource?: string; /** Resource ID */
-    resourceId?: string; /** User who triggered the event */
-    userId?: string; /** Organization context */
-    organizationId?: string; /** Correlation ID for tracing */
-    correlationId?: string;
-  };
-}
-type EventHandler<T = unknown> = (event: DomainEvent<T>) => void | Promise<void>;
-/**
- * Minimal logger interface for event transports.
- * Compatible with `console`, `pino`, `fastify.log`, and any custom logger.
- *
- * @example
- * ```typescript
- * // Use Fastify's logger
- * new MemoryEventTransport({ logger: fastify.log });
- *
- * // Use a custom logger
- * new MemoryEventTransport({ logger: { warn: myWarn, error: myError } });
- *
- * // Default: console (no logger option needed)
- * new MemoryEventTransport();
- * ```
- */
-interface EventLogger {
-  warn(message: string, ...args: unknown[]): void;
-  error(message: string, ...args: unknown[]): void;
-}
-interface EventTransport {
-  /** Transport name for logging */
-  readonly name: string;
-  /**
-   * Publish an event to the transport
-   */
-  publish(event: DomainEvent): Promise<void>;
-  /**
-   * Publish a batch of events to the transport (optional, v2.8.1+).
-   *
-   * Transports that can efficiently batch (Kafka producer, Redis pipeline,
-   * RabbitMQ publisher confirms, SQS send-message-batch) should implement
-   * this. {@link import('./outbox.js').EventOutbox.relay} auto-detects and
-   * uses it for much higher throughput than per-event publishing.
-   *
-   * **Contract**: the returned `PublishManyResult` must describe the
-   * per-event outcome so the caller can acknowledge successes and fail the
-   * rest. Partial success is allowed — the transport reports it per event.
-   *
-   * If not implemented, `EventOutbox.relay` falls back to calling
-   * {@link publish} once per event.
-   *
-   * @param events - Events to publish (in order)
-   * @returns Per-event outcome map keyed by `event.meta.id`
-   */
-  publishMany?(events: readonly DomainEvent[]): Promise<PublishManyResult>;
-  /**
-   * Subscribe to events matching a pattern
-   * @param pattern - Event type pattern (e.g., 'product.*', '*')
-   * @param handler - Handler function
-   * @returns Unsubscribe function
-   */
-  subscribe(pattern: string, handler: EventHandler): Promise<() => void>;
-  /**
-   * Close transport connections
-   */
-  close?(): Promise<void>;
-}
-/**
- * Per-event outcome returned by {@link EventTransport.publishMany}.
- *
- * The key is `event.meta.id`; the value is `null` for success or an `Error`
- * for per-event failure. Transports MUST include an entry for every event
- * in the input batch.
- */
-type PublishManyResult = ReadonlyMap<string, Error | null>;
-interface MemoryEventTransportOptions {
-  /** Logger for error/warning messages (default: console) */
-  logger?: EventLogger;
-}
-/**
- * In-memory event transport (default)
- * Events are delivered synchronously within the process.
- * Not suitable for multi-instance deployments.
- */
-declare class MemoryEventTransport implements EventTransport {
-  readonly name = "memory";
-  private handlers;
-  private logger;
-  constructor(options?: MemoryEventTransportOptions);
-  publish(event: DomainEvent): Promise<void>;
-  /**
-   * Reference `publishMany` implementation — delegates to `publish()` in order.
-   *
-   * Production transports (Kafka, Redis pipeline, SQS batch) should override
-   * this with a single batched network call. Memory transport has nothing to
-   * batch, so we just loop — the loop still returns a proper result map so
-   * `EventOutbox.relay` can exercise the batched code path in tests.
-   */
-  publishMany(events: readonly DomainEvent[]): Promise<PublishManyResult>;
-  subscribe(pattern: string, handler: EventHandler): Promise<() => void>;
-  close(): Promise<void>;
-}
-/**
- * Create a domain event with auto-generated metadata
- */
-declare function createEvent<T>(type: string, payload: T, meta?: Partial<DomainEvent["meta"]>): DomainEvent<T>;
-//#endregion
-export { MemoryEventTransport as a, createEvent as c, EventTransport as i, EventHandler as n, MemoryEventTransportOptions as o, EventLogger as r, PublishManyResult as s, DomainEvent as t };

package/dist/audit/mongodb.d.mts

@@ -1,2 +0,0 @@
-import { n as MongoAuditStoreOptions, t as MongoAuditStore } from "../mongodb-BsP-WbhN.mjs";
-export { MongoAuditStore, type MongoAuditStoreOptions };

package/dist/audit/mongodb.mjs

@@ -1,2 +0,0 @@
-import { t as MongoAuditStore } from "../mongodb-Utc5k_-0.mjs";
-export { MongoAuditStore };