@classytic/arc 2.9.1 → 2.10.8

package/dist/adapters/index.d.mts

@@ -1,3 +1,3 @@
-import { a as RelationMetadata, c as ValidationResult, i as FieldMetadata, o as RepositoryLike, r as DataAdapter, s as SchemaMetadata, t as AdapterFactory } from "../interface-YrWsmKqE.mjs";
-import { a as PrismaQueryParserOptions, c as MongooseAdapterOptions, i as PrismaQueryParser, l as createMongooseAdapter, n as PrismaAdapterOptions, o as createPrismaAdapter, r as PrismaQueryOptions, s as MongooseAdapter, t as PrismaAdapter } from "../index-CtGKT0lf.mjs";
-export { AdapterFactory, DataAdapter, FieldMetadata, MongooseAdapter, MongooseAdapterOptions, PrismaAdapter, PrismaAdapterOptions, PrismaQueryOptions, PrismaQueryParser, PrismaQueryParserOptions, RelationMetadata, RepositoryLike, SchemaMetadata, ValidationResult, createMongooseAdapter, createPrismaAdapter };
+import { _n as RepositoryLike, fn as AdapterFactory, gn as RelationMetadata, hn as FieldMetadata, mn as DataAdapter, vn as SchemaMetadata, yn as ValidationResult } from "../index-BGbpGVyM.mjs";
+import { a as PrismaQueryParserOptions, c as MongooseAdapterOptions, d as DrizzleAdapterOptions, f as createDrizzleAdapter, i as PrismaQueryParser, l as createMongooseAdapter, n as PrismaAdapterOptions, o as createPrismaAdapter, r as PrismaQueryOptions, s as MongooseAdapter, t as PrismaAdapter, u as DrizzleAdapter } from "../index-BziRPS4H.mjs";
+export { AdapterFactory, DataAdapter, DrizzleAdapter, DrizzleAdapterOptions, FieldMetadata, MongooseAdapter, MongooseAdapterOptions, PrismaAdapter, PrismaAdapterOptions, PrismaQueryOptions, PrismaQueryParser, PrismaQueryParserOptions, RelationMetadata, RepositoryLike, SchemaMetadata, ValidationResult, createDrizzleAdapter, createMongooseAdapter, createPrismaAdapter };

package/dist/adapters/index.mjs

@@ -1,2 +1,2 @@
-import { a as createMongooseAdapter, i as MongooseAdapter, n as PrismaQueryParser, r as createPrismaAdapter, t as PrismaAdapter } from "../adapters-BBqAVvPK.mjs";
-export { MongooseAdapter, PrismaAdapter, PrismaQueryParser, createMongooseAdapter, createPrismaAdapter };
+import { a as createMongooseAdapter, i as MongooseAdapter, n as PrismaQueryParser, o as DrizzleAdapter, r as createPrismaAdapter, s as createDrizzleAdapter, t as PrismaAdapter } from "../adapters-BXY4i-hw.mjs";
+export { DrizzleAdapter, MongooseAdapter, PrismaAdapter, PrismaQueryParser, createDrizzleAdapter, createMongooseAdapter, createPrismaAdapter };

package/dist/{adapters-BBqAVvPK.mjs → adapters-BXY4i-hw.mjs}

@@ -1,4 +1,44 @@
-import { h as SYSTEM_FIELDS, m as RESERVED_QUERY_PARAMS } from "./constants-Cxde4rpC.mjs";
+import { h as SYSTEM_FIELDS, m as RESERVED_QUERY_PARAMS } from "./constants-BhY1OHoH.mjs";
+//#region src/adapters/field-rule-helpers.ts
+/**
+* Merge constraint-style `fieldRules` into an `OpenApiSchemas` bag in place.
+*
+* Operates on the three schema slots that carry property maps — `createBody`,
+* `updateBody`, `response`. `listQuery` and `params` are skipped (their
+* constraint vocabulary is owned by the kit's query parser).
+*
+* Existing constraints on a property always win — the merge only fills in
+* gaps. Adapters that already walk `fieldRules` during base-schema assembly
+* can call this helper for free (the checks are no-ops when constraints
+* already exist).
+*/
+function mergeFieldRuleConstraints(schemas, schemaOptions) {
+	if (!schemas || typeof schemas !== "object") return;
+	const rules = schemaOptions?.fieldRules;
+	if (!rules || Object.keys(rules).length === 0) return;
+	for (const slot of [
+		"createBody",
+		"updateBody",
+		"response"
+	]) {
+		const slotSchema = schemas[slot];
+		if (!slotSchema || typeof slotSchema !== "object") continue;
+		const properties = slotSchema.properties;
+		if (!properties) continue;
+		for (const [field, rule] of Object.entries(rules)) {
+			const prop = properties[field];
+			if (!prop || typeof prop !== "object") continue;
+			if (rule.minLength != null && prop.minLength == null) prop.minLength = rule.minLength;
+			if (rule.maxLength != null && prop.maxLength == null) prop.maxLength = rule.maxLength;
+			if (rule.min != null && prop.minimum == null) prop.minimum = rule.min;
+			if (rule.max != null && prop.maximum == null) prop.maximum = rule.max;
+			if (rule.pattern != null && prop.pattern == null) prop.pattern = rule.pattern;
+			if (rule.enum != null && prop.enum == null) prop.enum = rule.enum;
+			if (rule.description != null && prop.description == null) prop.description = rule.description;
+		}
+	}
+}
+//#endregion
 //#region src/adapters/types.ts
 /**
 * Check if value is a Mongoose model
@@ -13,6 +53,168 @@ function isRepository(value) {
 	return typeof value === "object" && value !== null && "getAll" in value && "getById" in value && "create" in value && "update" in value && "delete" in value;
 }
 //#endregion
+//#region src/adapters/drizzle.ts
+const DRIZZLE_COLUMNS_SYMBOL = Symbol.for("drizzle:Columns");
+function getColumns(table) {
+	const cols = table[DRIZZLE_COLUMNS_SYMBOL];
+	if (!cols || typeof cols !== "object") return {};
+	return cols;
+}
+function columnToJsonSchema(column) {
+	const { dataType, columnType, enumValues, length } = column;
+	if (dataType === "date") return {
+		type: "string",
+		format: "date-time"
+	};
+	if (dataType === "boolean") return { type: "boolean" };
+	if (dataType === "json") return {
+		type: "object",
+		additionalProperties: true
+	};
+	if (dataType === "buffer") return {
+		type: "string",
+		contentEncoding: "base64"
+	};
+	if (dataType === "number" || dataType === "bigint") return { type: columnType === "SQLiteInteger" ? "integer" : "number" };
+	if (dataType === "string") {
+		const result = { type: "string" };
+		if (Array.isArray(enumValues) && enumValues.length > 0) result.enum = [...enumValues];
+		if (typeof length === "number" && length > 0) result.maxLength = length;
+		return result;
+	}
+	return {};
+}
+function columnToFieldMetadata(column) {
+	const { dataType, enumValues } = column;
+	const meta = {
+		type: (dataType && {
+			number: "number",
+			bigint: "number",
+			string: "string",
+			date: "date",
+			boolean: "boolean",
+			json: "object",
+			buffer: "object"
+		}[dataType]) ?? (enumValues?.length ? "enum" : "object"),
+		required: !!column.notNull && !column.hasDefault
+	};
+	if (enumValues?.length) meta.enum = [...enumValues];
+	if (typeof column.length === "number") meta.maxLength = column.length;
+	return meta;
+}
+var DrizzleAdapter = class {
+	type = "drizzle";
+	name;
+	table;
+	repository;
+	schemaGenerator;
+	constructor(options) {
+		if (!options.table || typeof options.table !== "object") throw new TypeError("DrizzleAdapter: Invalid table. Expected a Drizzle table created with sqliteTable / pgTable / mysqlTable.");
+		if (!isRepository(options.repository)) throw new TypeError("DrizzleAdapter: Invalid repository. Expected an object implementing MinimalRepo (getAll / getById / create / update / delete).");
+		this.table = options.table;
+		this.repository = options.repository;
+		this.schemaGenerator = options.schemaGenerator;
+		this.name = options.name ?? "DrizzleAdapter";
+	}
+	/**
+	* Introspect Drizzle columns into arc's schema metadata shape.
+	*/
+	getSchemaMetadata() {
+		const columns = getColumns(this.table);
+		const fields = {};
+		const indexes = [];
+		for (const [name, column] of Object.entries(columns)) {
+			fields[name] = columnToFieldMetadata(column);
+			if (column.primary) indexes.push({
+				fields: [name],
+				unique: true
+			});
+		}
+		return {
+			name: this.name,
+			fields,
+			...indexes.length > 0 ? { indexes } : {}
+		};
+	}
+	/**
+	* Generate OpenAPI schemas. Delegates to the user-provided
+	* `schemaGenerator` when available (strongly recommended — that's where
+	* field rules, omit lists, and param-type narrowing live). The built-in
+	* fallback emits a permissive entity + CRUD body shape so routes still
+	* register when no generator is provided.
+	*
+	* After the kit generator runs, arc merges constraint-style field rules
+	* (`minLength`, `maxLength`, `min`, `max`, `pattern`, `enum`, `description`)
+	* into the resulting property schemas so sqlitekit / pgkit behave
+	* identically to mongoose here — rule-driven AJV constraints apply
+	* regardless of backend.
+	*/
+	generateSchemas(schemaOptions, context) {
+		try {
+			if (this.schemaGenerator) {
+				const generated = this.schemaGenerator(this.table, schemaOptions, context);
+				mergeFieldRuleConstraints(generated, schemaOptions);
+				return generated;
+			}
+			const columns = getColumns(this.table);
+			if (Object.keys(columns).length === 0) return null;
+			const entityProperties = {};
+			const inputProperties = {};
+			const inputRequired = [];
+			const updateProperties = {};
+			const fieldRules = schemaOptions?.fieldRules ?? {};
+			const readonlySet = new Set(schemaOptions?.readonlyFields ?? []);
+			const optionalSet = new Set(schemaOptions?.optionalFields ?? []);
+			const blocked = new Set([
+				...Object.entries(fieldRules).filter(([, rules]) => rules.systemManaged || rules.hidden).map(([field]) => field),
+				...schemaOptions?.excludeFields ?? [],
+				...schemaOptions?.hiddenFields ?? []
+			]);
+			for (const [fieldName, column] of Object.entries(columns)) {
+				const schema = columnToJsonSchema(column);
+				entityProperties[fieldName] = schema;
+				if (blocked.has(fieldName)) continue;
+				if (column.primary && column.columnType === "SQLiteInteger") continue;
+				if (!readonlySet.has(fieldName)) {
+					inputProperties[fieldName] = schema;
+					if (!!column.notNull && !column.hasDefault && !optionalSet.has(fieldName)) inputRequired.push(fieldName);
+					updateProperties[fieldName] = schema;
+				}
+			}
+			return {
+				createBody: {
+					type: "object",
+					properties: inputProperties,
+					required: inputRequired.length > 0 ? inputRequired : void 0,
+					additionalProperties: true
+				},
+				updateBody: {
+					type: "object",
+					properties: updateProperties,
+					additionalProperties: true
+				},
+				response: {
+					type: "object",
+					properties: entityProperties,
+					additionalProperties: true
+				}
+			};
+		} catch {
+			return null;
+		}
+	}
+	async healthCheck() {
+		return typeof this.repository.getAll === "function";
+	}
+};
+/**
+* Factory — preferred construction style for symmetry with
+* `createMongooseAdapter` / `createPrismaAdapter`.
+*/
+function createDrizzleAdapter(options) {
+	return new DrizzleAdapter(options);
+}
+//#endregion
 //#region src/adapters/mongoose.ts
 /**
 * Mongoose data adapter with proper type safety
@@ -27,7 +229,7 @@ var MongooseAdapter = class {
 	schemaGenerator;
 	constructor(options) {
 		if (!isMongooseModel(options.model)) throw new TypeError("MongooseAdapter: Invalid model. Expected Mongoose Model instance.\nUsage: createMongooseAdapter({ model: YourModel, repository: yourRepo })");
-		if (!isRepository(options.repository)) throw new TypeError("MongooseAdapter: Invalid repository. Expected CrudRepository instance.\nUsage: createMongooseAdapter({ model: YourModel, repository: yourRepo })");
+		if (!isRepository(options.repository)) throw new TypeError("MongooseAdapter: Invalid repository. Expected StandardRepo instance.\nUsage: createMongooseAdapter({ model: YourModel, repository: yourRepo })");
 		this.model = options.model;
 		this.repository = options.repository;
 		this.schemaGenerator = options.schemaGenerator;
@@ -73,7 +275,11 @@ var MongooseAdapter = class {
 	*/
 	generateSchemas(schemaOptions, context) {
 		try {
-			if (this.schemaGenerator) return this.schemaGenerator(this.model, schemaOptions, context);
+			if (this.schemaGenerator) {
+				const generated = this.schemaGenerator(this.model, schemaOptions, context);
+				mergeFieldRuleConstraints(generated, schemaOptions);
+				return generated;
+			}
 			const paths = this.model.schema.paths;
 			const properties = {};
 			const required = [];
@@ -242,43 +448,6 @@ function createMongooseAdapter(modelOrOptions, repository) {
 //#endregion
 //#region src/adapters/prisma.ts
 /**
-* Prisma Adapter - PostgreSQL/MySQL/SQLite Implementation
-*
-* @experimental This adapter is implemented but has no integration tests yet.
-* Use in production at your own risk. The Mongoose adapter is the recommended
-* and battle-tested path.
-*
-* Bridges Prisma Client with Arc's DataAdapter interface.
-* Supports Prisma 5+ with all database providers.
-*
-* Implemented features:
-* - Schema generation (OpenAPI docs from DMMF)
-* - Health checks (database connectivity)
-* - Query parsing (URL params → Prisma where/orderBy)
-* - Policy filter translation
-* - Soft delete preset support
-*
-* Known gaps:
-* - No integration test coverage
-* - Multi-tenant isolation relies on caller-provided policyFilters (no auto-enforcement)
-*
-* @example
-* ```typescript
-* import { PrismaClient, Prisma } from '@prisma/client';
-* import { createPrismaAdapter, PrismaQueryParser } from '@classytic/arc/adapters';
-*
-* const prisma = new PrismaClient();
-*
-* const userAdapter = createPrismaAdapter({
-*   client: prisma,
-*   modelName: 'user',
-*   repository: new UserRepository(prisma),
-*   dmmf: Prisma.dmmf, // For schema generation
-*   queryParser: new PrismaQueryParser(), // Optional: custom parser
-* });
-* ```
-*/
-/**
 * Prisma Query Parser - Converts URL parameters to Prisma query format
 *
 * Translates Arc's query format to Prisma's where/orderBy/take/skip structure.
@@ -723,4 +892,4 @@ function createPrismaAdapter(options) {
 	return new PrismaAdapter(options);
 }
 //#endregion
-export { createMongooseAdapter as a, MongooseAdapter as i, PrismaQueryParser as n, createPrismaAdapter as r, PrismaAdapter as t };
+export { createMongooseAdapter as a, MongooseAdapter as i, PrismaQueryParser as n, DrizzleAdapter as o, createPrismaAdapter as r, createDrizzleAdapter as s, PrismaAdapter as t };

package/dist/audit/index.d.mts

@@ -1,5 +1,5 @@
-import { o as RepositoryLike } from "../interface-YrWsmKqE.mjs";
-import { i as UserBase } from "../types-DZi1aYhm.mjs";
+import { _n as RepositoryLike } from "../index-BGbpGVyM.mjs";
+import { d as UserBase } from "../fields-C8Y0XLAu.mjs";
 import { FastifyPluginAsync } from "fastify";
 
 //#region src/audit/stores/interface.d.ts
@@ -59,6 +59,15 @@ interface AuditStore {
   log(entry: AuditEntry): Promise<void>;
   /** Query audit logs (optional - not all stores support querying) */
   query?(options: AuditQueryOptions): Promise<AuditEntry[]>;
+  /**
+   * Purge entries older than `cutoff`, return count deleted. Optional —
+   * stores that don't support deletion (append-only emitters like Kafka,
+   * S3 archivers) simply omit this method and are skipped by
+   * `fastify.audit.purge(...)`. Mongo-backed repositories can also rely
+   * on a server-side TTL index instead of calling this; the method is
+   * the DB-agnostic escape hatch.
+   */
+  purgeOlderThan?(cutoff: Date): Promise<number>;
   /** Close/cleanup (optional) */
   close?(): Promise<void>;
 }
@@ -104,6 +113,22 @@ interface AuditPluginOptions {
    * to every store.
    */
   customStores?: AuditStore[];
+  /**
+   * Retention policy — optional. Entries older than `maxAgeMs` are purged
+   * on a timer (`purgeIntervalMs`, default 24h). Stores that implement
+   * `purgeOlderThan` participate; append-only stores are skipped.
+   *
+   * Apps on MongoDB can instead declare a TTL index on the audit
+   * collection's `timestamp` field — server-side TTL is cheaper than a
+   * periodic delete. Both approaches coexist: `fastify.audit.purge(...)`
+   * is always available for manual / cron-driven purges.
+   *
+   * Set `purgeIntervalMs: 0` to skip the timer (manual purge only).
+   */
+  retention?: {
+    /** Max entry age in ms. Entries with `timestamp < now - maxAgeMs` are purged. */maxAgeMs: number; /** Interval between purges in ms. Default 86_400_000 (24h). 0 disables the timer. */
+    purgeIntervalMs?: number;
+  };
   /**
    * Automatically audit CRUD operations via the hook system (default: true when enabled).
    * When enabled, create/update/delete operations are auto-logged without manual calls.
@@ -167,10 +192,19 @@ interface AuditLogger {
   custom: (resource: string, documentId: string, action: string, data?: Record<string, unknown>, context?: AuditContext) => Promise<void>;
   /** Query audit logs (if stores support it) */
   query: (options: AuditQueryOptions) => Promise<AuditEntry[]>;
+  /**
+   * Purge audit entries older than `cutoff` across every registered store.
+   * Returns the total number of entries deleted. Stores that don't support
+   * deletion (append-only emitters) are skipped silently.
+   */
+  purge: (cutoff: Date) => Promise<number>;
 }
 declare const auditPlugin: FastifyPluginAsync<AuditPluginOptions>;
 declare const _default: FastifyPluginAsync<AuditPluginOptions>;
 //#endregion
+//#region src/audit/repository-audit-adapter.d.ts
+declare function repositoryAsAuditStore(repository: RepositoryLike): AuditStore;
+//#endregion
 //#region src/audit/stores/memory.d.ts
 interface MemoryAuditStoreOptions {
   /** Maximum entries to keep (default: 1000) */
@@ -183,6 +217,7 @@ declare class MemoryAuditStore implements AuditStore {
   constructor(options?: MemoryAuditStoreOptions);
   log(entry: AuditEntry): Promise<void>;
   query(options?: AuditQueryOptions): Promise<AuditEntry[]>;
+  purgeOlderThan(cutoff: Date): Promise<number>;
   close(): Promise<void>;
   /** Get all entries (for testing) */
   getAll(): AuditEntry[];
@@ -190,4 +225,4 @@ declare class MemoryAuditStore implements AuditStore {
   clear(): void;
 }
 //#endregion
-export { type AuditAction, type AuditContext, type AuditEntry, type AuditLogger, type AuditPluginOptions, type AuditQueryOptions, type AuditStore, type AuditStoreOptions, MemoryAuditStore, type MemoryAuditStoreOptions, _default as auditPlugin, auditPlugin as auditPluginFn, createAuditEntry };
+export { type AuditAction, type AuditContext, type AuditEntry, type AuditLogger, type AuditPluginOptions, type AuditQueryOptions, type AuditStore, type AuditStoreOptions, MemoryAuditStore, type MemoryAuditStoreOptions, _default as auditPlugin, auditPlugin as auditPluginFn, createAuditEntry, repositoryAsAuditStore };

package/dist/audit/index.mjs

@@ -1,12 +1,13 @@
 import fp from "fastify-plugin";
+import { and, anyOf, eq, gte, lt, lte } from "@classytic/repo-core/filter";
 //#region src/audit/repository-audit-adapter.ts
 function repositoryAsAuditStore(repository) {
+	const idField = repository.idField ?? "_id";
 	return {
 		name: "repository",
 		async log(entry) {
 			const doc = {
-				_id: entry.id,
-				id: entry.id,
+				[idField]: entry.id,
 				resource: entry.resource,
 				documentId: entry.documentId,
 				action: entry.action,
@@ -23,29 +24,34 @@ function repositoryAsAuditStore(repository) {
 			};
 			await repository.create(doc);
 		},
+		async purgeOlderThan(cutoff) {
+			if (!repository.deleteMany) return 0;
+			return (await repository.deleteMany(lt("timestamp", cutoff))).deletedCount ?? 0;
+		},
 		async query(opts = {}) {
-			if (!repository.findAll) throw new Error("auditPlugin: repository.findAll is required for query(). mongokit ≥3.6 implements it; other kits should match.");
-			const filter = {};
-			if (opts.resource) filter.resource = opts.resource;
-			if (opts.documentId) filter.documentId = opts.documentId;
-			if (opts.userId) filter.userId = opts.userId;
-			if (opts.organizationId) filter.organizationId = opts.organizationId;
+			if (!repository.getAll) throw new Error("auditPlugin: repository.getAll is required for query(). It's on repo-core's MinimalRepo floor — every kit (mongokit, sqlitekit, custom) implements it.");
+			const clauses = [];
+			if (opts.resource) clauses.push(eq("resource", opts.resource));
+			if (opts.documentId) clauses.push(eq("documentId", opts.documentId));
+			if (opts.userId) clauses.push(eq("userId", opts.userId));
+			if (opts.organizationId) clauses.push(eq("organizationId", opts.organizationId));
 			if (opts.action) {
 				const actions = Array.isArray(opts.action) ? opts.action : [opts.action];
-				filter.action = actions.length === 1 ? actions[0] : { $in: actions };
-			}
-			if (opts.from || opts.to) {
-				const range = {};
-				if (opts.from) range.$gte = opts.from;
-				if (opts.to) range.$lte = opts.to;
-				filter.timestamp = range;
+				clauses.push(actions.length === 1 ? eq("action", actions[0]) : anyOf("action", actions));
 			}
-			return (await repository.findAll(filter, {
+			if (opts.from) clauses.push(gte("timestamp", opts.from));
+			if (opts.to) clauses.push(lte("timestamp", opts.to));
+			const filters = clauses.length > 0 ? and(...clauses) : void 0;
+			const limit = opts.limit ?? 100;
+			const page = Math.floor((opts.offset ?? 0) / limit) + 1;
+			const result = await repository.getAll({
+				...filters ? { filters } : {},
 				sort: { timestamp: -1 },
-				skip: opts.offset ?? 0,
-				limit: opts.limit ?? 100
-			})).map((d) => ({
-				id: String(d._id ?? d.id ?? ""),
+				page,
+				limit
+			});
+			return (Array.isArray(result) ? result : result.docs ?? []).map((d) => ({
+				id: String(d[idField] ?? ""),
 				resource: d.resource ?? "",
 				documentId: d.documentId ?? "",
 				action: d.action ?? "create",
@@ -145,6 +151,11 @@ var MemoryAuditStore = class {
 		results = results.slice(offset, offset + limit);
 		return results;
 	}
+	async purgeOlderThan(cutoff) {
+		const before = this.entries.length;
+		this.entries = this.entries.filter((e) => e.timestamp >= cutoff);
+		return before - this.entries.length;
+	}
 	async close() {
 		this.entries = [];
 	}
@@ -199,6 +210,11 @@ const auditPlugin = async (fastify, opts = {}) => {
 		async query(options) {
 			for (const store of stores) if (store.query) return store.query(options);
 			return [];
+		},
+		async purge(cutoff) {
+			let total = 0;
+			for (const store of stores) if (store.purgeOlderThan) total += await store.purgeOlderThan(cutoff);
+			return total;
 		}
 	};
 	fastify.decorate("audit", audit);
@@ -223,7 +239,22 @@ const auditPlugin = async (fastify, opts = {}) => {
 			request.auditContext.duration = Math.round(reply.elapsedTime);
 		}
 	});
+	const retention = opts.retention;
+	let retentionTimer = null;
+	if (retention) {
+		const interval = retention.purgeIntervalMs ?? 864e5;
+		if (interval > 0) {
+			retentionTimer = setInterval(() => {
+				const cutoff = new Date(Date.now() - retention.maxAgeMs);
+				audit.purge(cutoff).catch((err) => {
+					fastify.log?.warn?.({ err }, "audit retention purge failed");
+				});
+			}, interval);
+			retentionTimer.unref?.();
+		}
+	}
 	fastify.addHook("onClose", async () => {
+		if (retentionTimer) clearInterval(retentionTimer);
 		await Promise.all(stores.map((store) => store.close?.()));
 	});
 	const autoAuditConfig = opts.autoAudit ?? true;
@@ -317,7 +348,8 @@ function createNoopLogger() {
 		delete: noop,
 		restore: noop,
 		custom: noop,
-		query: async () => []
+		query: async () => [],
+		purge: async () => 0
 	};
 }
 var auditPlugin_default = fp(auditPlugin, {
@@ -326,4 +358,4 @@ var auditPlugin_default = fp(auditPlugin, {
 	dependencies: ["arc-core"]
 });
 //#endregion
-export { MemoryAuditStore, auditPlugin_default as auditPlugin, auditPlugin as auditPluginFn, createAuditEntry };
+export { MemoryAuditStore, auditPlugin_default as auditPlugin, auditPlugin as auditPluginFn, createAuditEntry, repositoryAsAuditStore };

package/dist/auth/index.d.mts

@@ -1,5 +1,5 @@
-import { v as AuthHelpers, y as AuthPluginOptions } from "../interface-YrWsmKqE.mjs";
-import { t as PermissionCheck } from "../types-DZi1aYhm.mjs";
+import { Ut as AuthHelpers, Wt as AuthPluginOptions } from "../index-BGbpGVyM.mjs";
+import { c as PermissionCheck } from "../fields-C8Y0XLAu.mjs";
 import { t as ExternalOpenApiPaths } from "../externalPaths-Bapitwvd.mjs";
 import { a as SessionManagerOptions, c as createSessionManager, i as SessionData, n as MemorySessionStoreOptions, o as SessionManagerResult, r as SessionCookieOptions, s as SessionStore, t as MemorySessionStore } from "../sessionManager-D-oNWHz3.mjs";
 import { FastifyPluginAsync, FastifyReply as FastifyReply$1, FastifyRequest } from "fastify";

package/dist/auth/index.mjs

@@ -1,6 +1,6 @@
-import { n as normalizeRoles, t as getUserRoles } from "../types-ZUu_h0jp.mjs";
-import { t as ArcError } from "../errors-CqWnSqM-.mjs";
-import { h as requireTeamMembership, l as requireOrgMembership, u as requireOrgRole } from "../permissions-oNZawnkR.mjs";
+import { n as normalizeRoles, t as getUserRoles } from "../types-D57iXYb8.mjs";
+import { t as ArcError } from "../errors-BqdUDja_.mjs";
+import { _ as requireTeamMembership, m as requireOrgRole, p as requireOrgMembership } from "../permissions-wkqRwicB.mjs";
 import { n as extractBetterAuthOpenApi } from "../betterAuthOpenApi--rdY15Ld.mjs";
 import { createHmac, randomUUID, timingSafeEqual } from "node:crypto";
 import fp from "fastify-plugin";

package/dist/cache/index.d.mts

@@ -1,5 +1,5 @@
-import { i as CacheStore, n as CacheSetOptions, r as CacheStats, t as CacheLogger } from "../interface-DplgQO2e.mjs";
-import { a as CacheEnvelope, c as QueryCache, i as queryCachePlugin, l as QueryCacheConfig, n as QueryCacheDefaults, o as CacheResult, r as QueryCachePluginOptions, s as CacheStatus, t as CrossResourceRule } from "../queryCachePlugin-CnTZZTC5.mjs";
+import { n as CacheStats, r as CacheStore, t as CacheLogger } from "../interface-yhyb_pLY.mjs";
+import { a as CacheEnvelope, c as QueryCache, i as queryCachePlugin, l as QueryCacheConfig, n as QueryCacheDefaults, o as CacheResult, r as QueryCachePluginOptions, s as CacheStatus, t as CrossResourceRule } from "../queryCachePlugin-Dumka73q.mjs";
 
 //#region src/cache/keys.d.ts
 /**
@@ -24,8 +24,8 @@ declare function hashParams(params: Record<string, unknown>): string;
 //#endregion
 //#region src/cache/memory.d.ts
 interface MemoryCacheStoreOptions {
-  /** Default TTL in milliseconds (default: 60_000) */
-  defaultTtlMs?: number;
+  /** Default TTL in seconds (default: 60) */
+  defaultTtlSeconds?: number;
   /** Hard upper bound for entries (default: 1000) */
   maxEntries?: number;
   /** Background cleanup interval in milliseconds (default: 30_000) */
@@ -59,7 +59,7 @@ interface MemoryCacheStoreOptions {
 declare class MemoryCacheStore<TValue = unknown> implements CacheStore<TValue> {
   readonly name = "memory-cache";
   private readonly cache;
-  private readonly defaultTtlMs;
+  private readonly defaultTtlSeconds;
   private readonly maxEntries;
   private readonly maxEntryBytes;
   private readonly maxMemoryBytes;
@@ -72,9 +72,9 @@ declare class MemoryCacheStore<TValue = unknown> implements CacheStore<TValue> {
   private _evictions;
   constructor(options?: MemoryCacheStoreOptions);
   get(key: string): Promise<TValue | undefined>;
-  set(key: string, value: TValue, options?: CacheSetOptions): Promise<void>;
+  set(key: string, value: TValue, ttlSeconds?: number): Promise<void>;
   delete(key: string): Promise<void>;
-  clear(): Promise<void>;
+  clear(pattern?: string): Promise<void>;
   close(): Promise<void>;
   stats(): CacheStats;
   private removeEntry;
@@ -112,8 +112,8 @@ interface RedisCacheStoreOptions {
   client: RedisCacheClient;
   /** Key prefix for namespacing (default: 'arc:cache:') */
   prefix?: string;
-  /** Default TTL in milliseconds (default: 60_000) */
-  defaultTtlMs?: number;
+  /** Default TTL in seconds (default: 60) */
+  defaultTtlSeconds?: number;
   /** Maximum serialized entry size in bytes. Oversized entries are skipped. */
   maxEntryBytes?: number;
 }
@@ -126,17 +126,19 @@ declare class RedisCacheStore<TValue = unknown> implements CacheStore<TValue> {
   readonly name = "redis-cache";
   private readonly client;
   private readonly prefix;
-  private readonly defaultTtlMs;
+  private readonly defaultTtlSeconds;
   private readonly maxEntryBytes;
   private _hits;
   private _misses;
   constructor(options: RedisCacheStoreOptions);
   get(key: string): Promise<TValue | undefined>;
-  set(key: string, value: TValue, options?: CacheSetOptions): Promise<void>;
+  set(key: string, value: TValue, ttlSeconds?: number): Promise<void>;
   delete(key: string): Promise<void>;
-  clear(): Promise<void>;
-  /** Delete all keys matching `this.prefix + prefix + *`. Returns count deleted. */
-  deleteByPrefix(prefix: string): Promise<number>;
+  /**
+   * Invalidate keys. Pass a glob pattern to delete a subset (`user:*:v2`);
+   * omit to clear every key under this store's prefix.
+   */
+  clear(pattern?: string): Promise<void>;
   stats(): CacheStats;
   private scanAndDelete;
   private withPrefix;
@@ -212,4 +214,4 @@ interface UpstashRedisLike {
  */
 declare function upstashAsCacheClient(client: UpstashRedisLike): RedisCacheClient;
 //#endregion
-export { type CacheEnvelope, type CacheLogger, type CacheResult, type CacheSetOptions, type CacheStats, type CacheStatus, type CacheStore, type CrossResourceRule, type IoredisLike, MemoryCacheStore, type MemoryCacheStoreOptions, QueryCache, type QueryCacheConfig, type QueryCacheDefaults, type QueryCachePluginOptions, type RedisCacheClient, RedisCacheStore, type RedisCacheStoreOptions, type RedisPipeline, type UpstashRedisLike, buildQueryKey, hashParams, ioredisAsCacheClient, queryCachePlugin, tagVersionKey, upstashAsCacheClient, versionKey };
+export { type CacheEnvelope, type CacheLogger, type CacheResult, type CacheStats, type CacheStatus, type CacheStore, type CrossResourceRule, type IoredisLike, MemoryCacheStore, type MemoryCacheStoreOptions, QueryCache, type QueryCacheConfig, type QueryCacheDefaults, type QueryCachePluginOptions, type RedisCacheClient, RedisCacheStore, type RedisCacheStoreOptions, type RedisPipeline, type UpstashRedisLike, buildQueryKey, hashParams, ioredisAsCacheClient, queryCachePlugin, tagVersionKey, upstashAsCacheClient, versionKey };