@classytic/arc 2.9.1 → 2.10.8

package/dist/{index-Cibkchnx.d.mts → index-EqQN6p0W.d.mts}

@@ -1,6 +1,6 @@
-import { r as RequestScope } from "./types-BD85MlEK.mjs";
-import { Bt as IController, E as CrudRouterOptions, Ht as IRequestContext, Kt as ResourceDefinition, M as FastifyWithDecorators, Vt as IControllerResponse, at as RequestContext, lt as ResourceConfig, p as AnyRecord, w as CrudController } from "./interface-YrWsmKqE.mjs";
-import { t as PermissionCheck } from "./types-DZi1aYhm.mjs";
+import { B as ResourceDefinition, C as RequestContext, F as FastifyWithDecorators, Mt as IControllerResponse, Nt as IRequestContext, T as CrudRouterOptions, Yt as AnyRecord, bt as ResourceConfig, ct as CrudController, jt as IController } from "./index-BGbpGVyM.mjs";
+import { r as RequestScope } from "./types-tgR4Pt8F.mjs";
+import { c as PermissionCheck } from "./fields-C8Y0XLAu.mjs";
 import { FastifyReply, FastifyRequest, RouteHandlerMethod } from "fastify";
 
 //#region src/constants.d.ts

package/dist/index.d.mts

@@ -1,68 +1,10 @@
-import { $t as DeleteResult, A as FastifyRequestExtras, At as BaseControllerOptions, B as IntrospectionData, Bt as IController, D as CrudSchemas, Dt as envelope, E as CrudRouterOptions, Et as ValidationResult$1, F as HealthCheck, G as MiddlewareConfig, H as JWTPayload, Ht as IRequestContext, I as HealthOptions, Jt as BulkWriteOperation, K as MiddlewareHandler, Kt as ResourceDefinition, L as InferAdapterDoc, M as FastifyWithDecorators, N as FieldRule, O as EventDefinition, P as GracefulShutdownOptions, Q as PresetFunction, Qt as DeleteOptions, R as InferDocType, Rt as ControllerLike, S as ConfigError, St as TypedResourceConfig, T as CrudRouteKey, Tt as ValidateOptions, Ut as RouteHandler, V as IntrospectionPluginOptions, Vt as IControllerResponse, Xt as CrudRepository, Y as OwnershipCheck, Yt as BulkWriteResult, Zt as DeleteManyResult, _ as ArcRequest, _n as PipelineStep, _t as RouteSchemaOptions, a as RelationMetadata, an as PaginationParams, at as RequestContext, bt as TypedController, c as ValidationResult, cn as RepositorySession, dn as Guard, et as PresetResult, fn as Interceptor, ft as ResourceMetadata, g as ArcInternalMetadata, gn as PipelineContext, hn as PipelineConfig, ht as RouteHandlerMethod, i as FieldMetadata, in as PaginatedResult, it as RegistryStats, j as FastifyWithAuth, kt as BaseController, ln as UpdateManyResult, lt as ResourceConfig, m as ApiResponse, mn as OperationFilter, nn as KeysetPaginatedResult, nt as RateLimitConfig, o as RepositoryLike, on as PaginationResult, ot as RequestIdOptions, p as AnyRecord, pn as NextFunction, qt as defineResource, r as DataAdapter, rn as OffsetPaginatedResult, rt as RegistryEntry, s as SchemaMetadata, sn as QueryOptions, st as RequestWithExtras, un as WriteOptions, vn as Transform, vt as ServiceContext, w as CrudController, wt as UserOrganization, xt as TypedRepository, y as AuthPluginOptions, z as InferResourceDoc } from "./interface-YrWsmKqE.mjs";
-import { a as applyFieldWritePermissions, i as applyFieldReadPermissions, n as FieldPermissionMap, o as fields, t as FieldPermission } from "./fields-BC7zcmI9.mjs";
-import { i as UserBase, n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "./types-DZi1aYhm.mjs";
-import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-CtGKT0lf.mjs";
-import { C as MAX_REGEX_LENGTH, D as RESERVED_QUERY_PARAMS, E as MutationOperation, O as SYSTEM_FIELDS, S as MAX_FILTER_DEPTH, T as MUTATION_OPERATIONS, _ as DEFAULT_UPDATE_METHOD, a as getControllerScope, b as HookOperation, d as CrudOperation, f as DEFAULT_ID_FIELD, g as DEFAULT_TENANT_FIELD, h as DEFAULT_SORT, m as DEFAULT_MAX_LIMIT, p as DEFAULT_LIMIT, s as defineResourceVariants, u as CRUD_OPERATIONS, v as HOOK_OPERATIONS, w as MAX_SEARCH_LENGTH, x as HookPhase, y as HOOK_PHASES } from "./index-Cibkchnx.mjs";
-import { C as authenticated, D as publicRead, E as presets_d_exports, O as publicReadAdminWrite, S as adminOnly, T as ownerWithAdminBypass, _ as requireScopeContext, a as allOf, c as createDynamicPermissionMatrix, d as requireAuth, f as requireOrgInScope, g as requireRoles, h as requireOwnership, k as readOnly, l as createOrgPermissions, m as requireOrgRole, n as DynamicPermissionMatrix, o as allowPublic, p as requireOrgMembership, r as DynamicPermissionMatrixConfig, s as anyOf, u as denyAll, v as requireServiceScope, w as fullPublic, x as when, y as requireTeamMembership } from "./index-C-xjcA6F.mjs";
+import { A as RequestIdOptions, B as ResourceDefinition, C as RequestContext, D as HealthCheck, Dt as RouteSchemaOptions, E as GracefulShutdownOptions, F as FastifyWithDecorators, L as RequestWithExtras, Mt as IControllerResponse, N as FastifyRequestExtras, Nt as IRequestContext, O as HealthOptions, P as FastifyWithAuth, Pt as RouteHandler, Qt as JWTPayload, T as CrudRouterOptions, V as defineResource, Wt as AuthPluginOptions, Xt as ApiResponse, Yt as AnyRecord, Zt as ArcRequest, _n as RepositoryLike, _t as PresetResult, a as InferAdapterDoc, an as BaseControllerOptions, bt as ResourceConfig, c as TypedController, ct as CrudController, d as PaginationResult, dt as EventDefinition, f as IntrospectionData, ft as FieldRule, g as ArcInternalMetadata, gn as RelationMetadata, h as ResourceMetadata, hn as FieldMetadata, ht as PresetFunction, i as ValidationResult$1, in as BaseController, jt as IController, k as IntrospectionPluginOptions, kt as ControllerLike, l as TypedRepository, lt as CrudRouteKey, m as RegistryStats, mn as DataAdapter, n as ConfigError, nn as envelope, o as InferDocType, p as RegistryEntry, pt as MiddlewareConfig, r as ValidateOptions, s as InferResourceDoc, t as RouteHandlerMethod, tn as UserOrganization, u as TypedResourceConfig, ut as CrudSchemas, vn as SchemaMetadata, vt as RateLimitConfig, w as ServiceContext, y as OwnershipCheck, yn as ValidationResult } from "./index-BGbpGVyM.mjs";
+import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, t as FieldPermission, u as PermissionResult } from "./fields-C8Y0XLAu.mjs";
+import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-BziRPS4H.mjs";
+import { C as MAX_REGEX_LENGTH, D as RESERVED_QUERY_PARAMS, E as MutationOperation, O as SYSTEM_FIELDS, S as MAX_FILTER_DEPTH, T as MUTATION_OPERATIONS, _ as DEFAULT_UPDATE_METHOD, a as getControllerScope, b as HookOperation, d as CrudOperation, f as DEFAULT_ID_FIELD, g as DEFAULT_TENANT_FIELD, h as DEFAULT_SORT, m as DEFAULT_MAX_LIMIT, p as DEFAULT_LIMIT, s as defineResourceVariants, u as CRUD_OPERATIONS, v as HOOK_OPERATIONS, w as MAX_SEARCH_LENGTH, x as HookPhase, y as HOOK_PHASES } from "./index-EqQN6p0W.mjs";
+import { A as requireRoles, C as allOf, E as denyAll, M as when, O as requireAuth, S as createOrgPermissions, T as anyOf, a as presets_d_exports, c as readOnly, d as requireOrgRole, f as requireScopeContext, i as ownerWithAdminBypass, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "./index-C_Noptz-.mjs";
 import { a as NotFoundError, d as ValidationError, f as createDomainError, i as ForbiddenError, t as ArcError, u as UnauthorizedError } from "./errors-BI8kEKsO.mjs";
-import { AsyncLocalStorage } from "node:async_hooks";
-import { RouteHandlerMethod as RouteHandlerMethod$1 } from "fastify";
 
-//#region src/context/requestContext.d.ts
-/**
- * Shape of the request-scoped context store.
- * Populated by Arc's onRequest hook in arcCorePlugin.
- */
-interface RequestStore {
-  /** Unique request identifier */
-  requestId?: string;
-  /** Authenticated user (if any) */
-  user?: {
-    id?: string;
-    _id?: string;
-    roles?: string[];
-    [key: string]: unknown;
-  } | null;
-  /** Active organization ID (multi-tenant) */
-  organizationId?: string;
-  /** Active team ID (team-scoped resources) */
-  teamId?: string;
-  /** Current resource name (set by arcDecorator in CRUD routes) */
-  resourceName?: string;
-  /** Request start time (for timing) */
-  startTime: number;
-  /** Additional context — extensible by app */
-  [key: string]: unknown;
-}
-/**
- * Request context API.
- *
- * - `get()` — returns current store or undefined if outside request scope
- * - `run(store, fn)` — run a function with a specific store (used by Arc internals)
- * - `getStore()` — alias for get() (matches Node.js API naming)
- */
-declare const requestContext: {
-  /**
-   * Get the current request context.
-   * Returns undefined if called outside a request lifecycle.
-   */
-  get(): RequestStore | undefined;
-  /**
-   * Alias for get() — matches Node.js AsyncLocalStorage API naming.
-   */
-  getStore(): RequestStore | undefined;
-  /**
-   * Run a function within a specific request context.
-   * Used internally by Arc's onRequest hook.
-   */
-  run<T>(store: RequestStore, fn: () => T): T;
-  /**
-   * The underlying AsyncLocalStorage instance.
-   * Exposed for advanced use cases (testing, custom integrations).
-   */
-  storage: AsyncLocalStorage<RequestStore>;
-};
-//#endregion
 //#region src/core/validateResourceConfig.d.ts
 interface ConfigError$1 {
   field: string;
@@ -95,162 +37,7 @@ declare function formatValidationErrors(resourceName: string, result: Validation
  */
 declare function assertValidConfig(config: ResourceConfig, options?: ValidateOptions$1): void;
 //#endregion
-//#region src/middleware/middleware.d.ts
-interface NamedMiddleware {
-  /** Unique name for debugging/introspection */
-  readonly name: string;
-  /** Operations this middleware applies to (default: all) */
-  readonly operations?: Array<"list" | "get" | "create" | "update" | "delete" | string>;
-  /** Priority — lower numbers run first (default: 10) */
-  readonly priority: number;
-  /** Conditional execution — return true to run, false to skip */
-  readonly when?: (request: RequestWithExtras) => boolean | Promise<boolean>;
-  /** The middleware handler */
-  readonly handler: MiddlewareHandler;
-}
-interface MiddlewareOptions {
-  operations?: NamedMiddleware["operations"];
-  priority?: number;
-  when?: NamedMiddleware["when"];
-  handler: MiddlewareHandler;
-}
-/**
- * Create a named middleware with priority and conditions.
- */
-declare function middleware(name: string, options: MiddlewareOptions): NamedMiddleware;
-/**
- * Sort named middlewares by priority (ascending — lower runs first).
- * Returns a MiddlewareConfig map keyed by operation, ready to pass to `defineResource()`.
- */
-declare function sortMiddlewares(middlewares: NamedMiddleware[]): MiddlewareConfig;
-//#endregion
-//#region src/pipeline/guard.d.ts
-interface GuardOptions {
-  operations?: OperationFilter;
-  handler: (ctx: PipelineContext) => boolean | Promise<boolean>;
-}
-/**
- * Create a named guard.
- *
- * @param name - Guard name (for debugging/introspection)
- * @param handlerOrOptions - Handler function or options object
- */
-declare function guard(name: string, handlerOrOptions: ((ctx: PipelineContext) => boolean | Promise<boolean>) | GuardOptions): Guard;
-//#endregion
-//#region src/pipeline/intercept.d.ts
-interface InterceptOptions {
-  operations?: OperationFilter;
-  handler: (ctx: PipelineContext, next: NextFunction) => Promise<IControllerResponse<unknown>>;
-}
-/**
- * Create a named interceptor.
- *
- * @param name - Interceptor name (for debugging/introspection)
- * @param handlerOrOptions - Handler function or options object
- */
-declare function intercept(name: string, handlerOrOptions: ((ctx: PipelineContext, next: NextFunction) => Promise<IControllerResponse<unknown>>) | InterceptOptions): Interceptor;
-//#endregion
-//#region src/pipeline/pipe.d.ts
-/**
- * Compose pipeline steps into an ordered array.
- * Accepts guards, transforms, and interceptors in any order.
- */
-declare function pipe(...steps: PipelineStep[]): PipelineStep[];
-//#endregion
-//#region src/pipeline/transform.d.ts
-interface TransformOptions {
-  operations?: OperationFilter;
-  handler: (ctx: PipelineContext) => PipelineContext | undefined | Promise<PipelineContext | undefined>;
-}
-/**
- * Create a named transform.
- *
- * @param name - Transform name (for debugging/introspection)
- * @param handlerOrOptions - Handler function or options object
- */
-declare function transform(name: string, handlerOrOptions: ((ctx: PipelineContext) => PipelineContext | undefined | Promise<PipelineContext | undefined>) | TransformOptions): Transform;
-//#endregion
-//#region src/logger/index.d.ts
-/**
- * Arc Logger — Centralized debug & warning system
- *
- * Lightweight, zero-dependency logger for Arc framework internals.
- * Inspired by the `debug` npm package — disabled by default, opt-in via
- * environment variable or `createApp({ debug })` option.
- *
- * @example
- * ```typescript
- * // Enable via env var
- * ARC_DEBUG=1 node server.js        // all modules
- * ARC_DEBUG=scope,elevation node server.js // specific modules
- *
- * // Enable via createApp
- * const app = await createApp({ debug: true });
- * const app = await createApp({ debug: 'scope,elevation' });
- *
- * // Suppress warnings (not recommended)
- * ARC_SUPPRESS_WARNINGS=1 node server.js
- *
- * // Framework internals use:
- * import { arcLog } from '../logger/index.js';
- * const log = arcLog('elevation');
- * log.debug('Elevation applied', { userId });
- * log.warn('Something unexpected');
- * ```
- */
-interface ArcLoggerOptions {
-  /**
-   * Enable debug output.
-   * - `true` or `'*'` — all modules
-   * - `string` — comma-separated module names (e.g., `'scope,elevation'`)
-   * - `false` — disabled (default)
-   */
-  debug?: boolean | string;
-  /**
-   * Custom log writer. Defaults to `console`.
-   * Useful for routing Arc logs into Fastify's pino logger or test fixtures.
-   */
-  writer?: ArcLogWriter;
-}
-interface ArcLogWriter {
-  debug: (...args: unknown[]) => void;
-  info: (...args: unknown[]) => void;
-  warn: (...args: unknown[]) => void;
-  error: (...args: unknown[]) => void;
-}
-interface ArcLogger {
-  debug: (...args: unknown[]) => void;
-  info: (...args: unknown[]) => void;
-  warn: (...args: unknown[]) => void;
-  error: (...args: unknown[]) => void;
-}
-/**
- * Configure the Arc logger globally.
- *
- * Called automatically by `createApp({ debug })`, but can also be
- * called manually for standalone usage outside of `createApp`.
- */
-declare function configureArcLogger(options: ArcLoggerOptions): void;
-/**
- * Create a module-scoped logger.
- *
- * Debug and info messages are gated by the `ARC_DEBUG` env var or
- * `createApp({ debug })` option. Warnings always show (unless
- * `ARC_SUPPRESS_WARNINGS=1`). Errors always show.
- *
- * @param module - Module name (e.g., 'scope', 'elevation', 'sse', 'preset')
- * @returns Logger instance for that module
- *
- * @example
- * ```typescript
- * const log = arcLog('elevation');
- * log.debug('Checking elevation header');
- * log.warn('No authenticate decorator found');
- * ```
- */
-declare function arcLog(module: string): ArcLogger;
-//#endregion
 //#region src/index.d.ts
 declare const version: string;
 //#endregion
-export { type ValidationResult as AdapterValidationResult, type AnyRecord, type ApiResponse, ArcError, type ArcInternalMetadata, type ArcLogWriter, type ArcLogger, type ArcLoggerOptions, type ArcRequest, type AuthPluginOptions, BaseController, type BaseControllerOptions, type BulkWriteOperation, type BulkWriteResult, CRUD_OPERATIONS, type ConfigError, type ControllerLike, type CrudController, CrudOperation, type CrudRepository, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DataAdapter, type DeleteManyResult, type DeleteOptions, type DeleteResult, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldMetadata, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, type Guard, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, HookOperation, HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type Interceptor, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, type KeysetPaginatedResult, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, MongooseAdapter, MutationOperation, type NamedMiddleware, NotFoundError, type OffsetPaginatedResult, type OwnershipCheck, type PaginatedResult, type PaginationParams, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PipelineConfig, type PipelineContext, type PipelineStep, type PresetFunction, type PresetResult, PrismaAdapter, type QueryOptions, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RelationMetadata, type RepositoryLike, type RepositorySession, type RequestContext, type RequestIdOptions, type RequestStore, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type SchemaMetadata, type ServiceContext, type Transform, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UpdateManyResult, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult$1 as ValidationResult, type WriteOptions, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, arcLog, assertValidConfig, authenticated, configureArcLogger, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, guard, intercept, middleware, ownerWithAdminBypass, presets_d_exports as permissions, pipe, publicRead, publicReadAdminWrite, readOnly, requestContext, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, sortMiddlewares, transform, validateResourceConfig, version, when };
+export { type ValidationResult as AdapterValidationResult, type AnyRecord, type ApiResponse, ArcError, type ArcInternalMetadata, type ArcRequest, type AuthPluginOptions, BaseController, type BaseControllerOptions, CRUD_OPERATIONS, type ConfigError, type ControllerLike, type CrudController, CrudOperation, type CrudRouteKey, type CrudRouterOptions, type CrudSchemas, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, type DataAdapter, type DynamicPermissionMatrix, type DynamicPermissionMatrixConfig, type EventDefinition, type FastifyRequestExtras, type FastifyWithAuth, type FastifyWithDecorators, type FieldMetadata, type FieldPermission, type FieldPermissionMap, type FieldRule, ForbiddenError, type GracefulShutdownOptions, HOOK_OPERATIONS, HOOK_PHASES, type HealthCheck, type HealthOptions, HookOperation, HookPhase, type IController, type IControllerResponse, type IRequestContext, type InferAdapterDoc, type InferDocType, type InferResourceDoc, type IntrospectionData, type IntrospectionPluginOptions, type JWTPayload, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, type MiddlewareConfig, MongooseAdapter, MutationOperation, NotFoundError, type OwnershipCheck, type PaginationResult, type PermissionCheck, type PermissionContext, type PermissionResult, type PresetFunction, type PresetResult, PrismaAdapter, RESERVED_QUERY_PARAMS, type RateLimitConfig, type RegistryEntry, type RegistryStats, type RelationMetadata, type RepositoryLike, type RequestContext, type RequestIdOptions, type RequestWithExtras, type ResourceConfig, ResourceDefinition, type ResourceMetadata, type RouteHandler, type RouteHandlerMethod, type RouteSchemaOptions, SYSTEM_FIELDS, type SchemaMetadata, type ServiceContext, type TypedController, type TypedRepository, type TypedResourceConfig, UnauthorizedError, type UserBase, type UserOrganization, type ValidateOptions, ValidationError, type ValidationResult$1 as ValidationResult, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, assertValidConfig, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, validateResourceConfig, version, when };

package/dist/index.mjs

@@ -1,133 +1,12 @@
-import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-Cxde4rpC.mjs";
-import { a as createMongooseAdapter, i as MongooseAdapter, r as createPrismaAdapter, t as PrismaAdapter } from "./adapters-BBqAVvPK.mjs";
-import { t as BaseController } from "./BaseController-Vu2yc56T.mjs";
-import { envelope } from "./types/index.mjs";
-import { n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "./fields-CU6FlaDV.mjs";
-import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-CqWnSqM-.mjs";
-import { t as requestContext } from "./requestContext-DYtmNpm5.mjs";
-import { a as validateResourceConfig, f as getControllerScope, i as formatValidationErrors, m as pipe, n as defineResource, r as assertValidConfig, t as ResourceDefinition } from "./defineResource-C__jkwvs.mjs";
-import { C as publicRead, S as presets_exports, T as readOnly, _ as when, a as createOrgPermissions, b as fullPublic, c as requireOrgInScope, d as requireOwnership, f as requireRoles, h as requireTeamMembership, i as createDynamicPermissionMatrix, l as requireOrgMembership, m as requireServiceScope, n as allowPublic, o as denyAll, p as requireScopeContext, r as anyOf, s as requireAuth, t as allOf, u as requireOrgRole, v as adminOnly, w as publicReadAdminWrite, x as ownerWithAdminBypass, y as authenticated } from "./permissions-oNZawnkR.mjs";
-import { t as defineResourceVariants } from "./core-DNncu0xF.mjs";
-import { n as configureArcLogger, t as arcLog } from "./logger-CDjpjySd.mjs";
-//#region src/middleware/middleware.ts
-/**
-* Named Middleware — Priority-based, conditional middleware execution.
-*
-* Named middleware replaces flat arrays with structured, inspectable middleware
-* that runs in priority order and supports conditional execution.
-*
-* @example
-* ```typescript
-* import { middleware } from '@classytic/arc';
-*
-* const verifyEmail = middleware('verifyEmail', {
-*   operations: ['create', 'update'],
-*   priority: 5,
-*   when: (req) => !req.user?.emailVerified,
-*   handler: async (req, reply) => {
-*     reply.code(403).send({ error: 'Email verification required' });
-*   },
-* });
-*
-* const rateLimit = middleware('rateLimit', {
-*   priority: 1,
-*   handler: async (req, reply) => {
-*     // rate limit logic
-*   },
-* });
-*
-* const productResource = defineResource({
-*   name: 'product',
-*   adapter,
-*   middlewares: sortMiddlewares([verifyEmail, rateLimit]),
-* });
-* ```
-*/
-/**
-* Create a named middleware with priority and conditions.
-*/
-function middleware(name, options) {
-	return {
-		name,
-		operations: options.operations,
-		priority: options.priority ?? 10,
-		when: options.when,
-		handler: options.handler
-	};
-}
-/**
-* Sort named middlewares by priority (ascending — lower runs first).
-* Returns a MiddlewareConfig map keyed by operation, ready to pass to `defineResource()`.
-*/
-function sortMiddlewares(middlewares) {
-	const sorted = [...middlewares].sort((a, b) => a.priority - b.priority);
-	const operations = CRUD_OPERATIONS;
-	const result = {};
-	for (const op of operations) {
-		const applicable = sorted.filter((m) => !m.operations || m.operations.length === 0 || m.operations.includes(op));
-		if (applicable.length > 0) result[op] = applicable.map((m) => {
-			if (!m.when) return m.handler;
-			const wrapped = async (request, reply) => {
-				if (await m.when?.(request)) return m.handler(request, reply);
-			};
-			return wrapped;
-		});
-	}
-	return result;
-}
-//#endregion
-//#region src/pipeline/guard.ts
-/**
-* Create a named guard.
-*
-* @param name - Guard name (for debugging/introspection)
-* @param handlerOrOptions - Handler function or options object
-*/
-function guard(name, handlerOrOptions) {
-	const opts = typeof handlerOrOptions === "function" ? { handler: handlerOrOptions } : handlerOrOptions;
-	return {
-		_type: "guard",
-		name,
-		operations: opts.operations,
-		handler: opts.handler
-	};
-}
-//#endregion
-//#region src/pipeline/intercept.ts
-/**
-* Create a named interceptor.
-*
-* @param name - Interceptor name (for debugging/introspection)
-* @param handlerOrOptions - Handler function or options object
-*/
-function intercept(name, handlerOrOptions) {
-	const opts = typeof handlerOrOptions === "function" ? { handler: handlerOrOptions } : handlerOrOptions;
-	return {
-		_type: "interceptor",
-		name,
-		operations: opts.operations,
-		handler: opts.handler
-	};
-}
-//#endregion
-//#region src/pipeline/transform.ts
-/**
-* Create a named transform.
-*
-* @param name - Transform name (for debugging/introspection)
-* @param handlerOrOptions - Handler function or options object
-*/
-function transform(name, handlerOrOptions) {
-	const opts = typeof handlerOrOptions === "function" ? { handler: handlerOrOptions } : handlerOrOptions;
-	return {
-		_type: "transform",
-		name,
-		operations: opts.operations,
-		handler: opts.handler
-	};
-}
-//#endregion
+import { a as createMongooseAdapter, i as MongooseAdapter, r as createPrismaAdapter, t as PrismaAdapter } from "./adapters-BXY4i-hw.mjs";
+import { a as DEFAULT_SORT, c as HOOK_OPERATIONS, d as MAX_REGEX_LENGTH, f as MAX_SEARCH_LENGTH, h as SYSTEM_FIELDS, i as DEFAULT_MAX_LIMIT, l as HOOK_PHASES, m as RESERVED_QUERY_PARAMS, n as DEFAULT_ID_FIELD, o as DEFAULT_TENANT_FIELD, p as MUTATION_OPERATIONS, r as DEFAULT_LIMIT, s as DEFAULT_UPDATE_METHOD, t as CRUD_OPERATIONS, u as MAX_FILTER_DEPTH } from "./constants-BhY1OHoH.mjs";
+import { t as BaseController } from "./BaseController-DVNKvoX4.mjs";
+import { t as envelope } from "./types-CDnTEpga.mjs";
+import { n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "./fields-CTMWOUDt.mjs";
+import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-BqdUDja_.mjs";
+import { a as formatValidationErrors, i as assertValidConfig, n as ResourceDefinition, o as validateResourceConfig, p as getControllerScope, r as defineResource, t as defineResourceVariants } from "./core-3MWJosCH.mjs";
+import { C as requireAuth, D as when, T as requireRoles, _ as requireTeamMembership, a as presets_exports, b as anyOf, c as readOnly, d as createOrgPermissions, f as requireOrgInScope, g as requireServiceScope, h as requireScopeContext, i as ownerWithAdminBypass, m as requireOrgRole, n as authenticated, o as publicRead, p as requireOrgMembership, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as createDynamicPermissionMatrix, v as allOf, w as requireOwnership, x as denyAll, y as allowPublic } from "./permissions-wkqRwicB.mjs";
 //#region src/index.ts
-const version = "2.9.1";
+const version = "2.10.8";
 //#endregion
-export { ArcError, BaseController, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, MongooseAdapter, NotFoundError, PrismaAdapter, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, arcLog, assertValidConfig, authenticated, configureArcLogger, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, guard, intercept, middleware, ownerWithAdminBypass, presets_exports as permissions, pipe, publicRead, publicReadAdminWrite, readOnly, requestContext, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, sortMiddlewares, transform, validateResourceConfig, version, when };
+export { ArcError, BaseController, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, MongooseAdapter, NotFoundError, PrismaAdapter, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, assertValidConfig, authenticated, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, validateResourceConfig, version, when };

package/dist/integrations/event-gateway.d.mts

@@ -1,4 +1,4 @@
-import { n as DomainEvent } from "../EventTransport-CqZ8FyM_.mjs";
+import { n as DomainEvent } from "../EventTransport-CfVEGaEl.mjs";
 import { WebSocketClient, WebSocketMessage } from "./websocket.mjs";
 import { FastifyPluginAsync, FastifyRequest } from "fastify";
 

package/dist/integrations/event-gateway.mjs

@@ -4,7 +4,7 @@ const eventGatewayPluginImpl = async (fastify, opts = {}) => {
 	const { auth = true, orgScoped = false, roomPolicy, maxMessageBytes, maxSubscriptionsPerClient, authenticate } = opts;
 	if (auth && !authenticate && !fastify.hasDecorator("authenticate")) throw new Error("[arc-event-gateway] auth is true but fastify.authenticate is not registered. Register an auth plugin first, provide a custom authenticate function, or set auth: false.");
 	if (opts.sse !== false) {
-		const { default: ssePlugin } = await import("../sse-CJpt7LGI.mjs").then((n) => n.r);
+		const { default: ssePlugin } = await import("../sse-D8UeDwis.mjs").then((n) => n.r);
 		await fastify.register(ssePlugin, {
 			path: opts.sse?.path ?? "/events/stream",
 			requireAuth: auth,

package/dist/integrations/index.d.mts

@@ -1,7 +1,7 @@
 import { WebSocketClient, WebSocketMessage, WebSocketPluginOptions } from "./websocket.mjs";
 import { EventGatewayOptions } from "./event-gateway.mjs";
 import { JobDefinition, JobDispatchOptions, JobDispatcher, JobMeta, JobsPluginOptions, QueueStats } from "./jobs.mjs";
-import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-CoSzA-s-.mjs";
+import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-CVKBssX5.mjs";
 import { StreamlinePluginOptions, WorkflowLike, WorkflowRunLike } from "./streamline.mjs";
 import { WebhookDeliveryRecord, WebhookManager, WebhookPluginOptions, WebhookStore, WebhookSubscription } from "./webhooks.mjs";
 export { type BetterAuthHandler, type CallToolResult, type CreateMcpServerConfig, type CrudOperation, type EventGatewayOptions, type JobDefinition, type JobDispatchOptions, type JobDispatcher, type JobMeta, type JobsPluginOptions, type McpAuthResult, type McpPluginOptions, type McpResourceConfig, type PromptDefinition, type QueueStats, type StreamlinePluginOptions, type ToolAnnotations, type ToolContext, type ToolDefinition, type WebSocketClient, type WebSocketMessage, type WebSocketPluginOptions, type WebhookDeliveryRecord, type WebhookManager, type WebhookPluginOptions, type WebhookStore, type WebhookSubscription, type WorkflowLike, type WorkflowRunLike };

package/dist/integrations/mcp/index.d.mts

@@ -1,5 +1,5 @@
-import { Kt as ResourceDefinition } from "../../interface-YrWsmKqE.mjs";
-import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-CoSzA-s-.mjs";
+import { B as ResourceDefinition } from "../../index-BGbpGVyM.mjs";
+import { a as McpAuthResolver, c as McpResourceConfig, d as SessionEntry, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler, u as PromptResult } from "../../types-CVKBssX5.mjs";
 import { FastifyPluginAsync } from "fastify";
 import { z } from "zod";
 

package/dist/integrations/mcp/index.mjs

@@ -1,4 +1,4 @@
-import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools-C3cWymnW.mjs";
+import { n as fieldRulesToZod, r as createMcpServer, t as resourceToTools } from "../../resourceToTools-BhF3JV5p.mjs";
 import { createHash, randomUUID } from "node:crypto";
 import fp from "fastify-plugin";
 //#region src/integrations/mcp/defineTool.ts

package/dist/integrations/mcp/testing.d.mts

@@ -1,4 +1,4 @@
-import { o as McpAuthResult, s as McpPluginOptions } from "../../types-CoSzA-s-.mjs";
+import { o as McpAuthResult, s as McpPluginOptions } from "../../types-CVKBssX5.mjs";
 
 //#region src/integrations/mcp/testing.d.ts
 interface TestMcpClientOptions {

package/dist/integrations/mcp/testing.mjs

@@ -1,4 +1,4 @@
-import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools-C3cWymnW.mjs";
+import { r as createMcpServer, t as resourceToTools } from "../../resourceToTools-BhF3JV5p.mjs";
 //#region src/integrations/mcp/testing.ts
 /**
 * @classytic/arc/mcp/testing — MCP Test Utilities

package/dist/interface-yhyb_pLY.d.mts

@@ -0,0 +1,77 @@
+//#region src/cache/interface.d.ts
+/**
+ * Cache Store Interface — aligned with `@classytic/repo-core/cache.CacheAdapter`.
+ *
+ * Arc's cache layer speaks the same `get / set(ttlSeconds?) / del / clear(pattern?)`
+ * transport-level contract published by `@classytic/repo-core`. One Redis
+ * implementation drops into Arc's `QueryCache`, mongokit's cache plugin,
+ * sqlitekit's cache plugin, and every future kit without wrapper shims.
+ *
+ * Arc extends the bare adapter with two optional observability fields —
+ * `name` (for diagnostics) and `stats()` (for the response-cache plugin) —
+ * that are opt-in: consumers implementing only `CacheAdapter` still
+ * structurally satisfy `CacheStore`, so a raw repo-core adapter plugs
+ * directly into Arc.
+ *
+ * ## TTL unit
+ *
+ * `ttlSeconds`, not milliseconds. Matches Redis (`SET … EX seconds`) which
+ * is the dominant backend. `0` or `undefined` means no expiry; implementations
+ * may apply their own default.
+ *
+ * ## Not-found semantics
+ *
+ * `get()` returns `undefined` on miss / expired. Matches repo-core.
+ *
+ * ## Sync-or-async
+ *
+ * Method returns are `Promise<T> | T` — in-memory `Map` adapters can be
+ * synchronous; Redis adapters are async. Consumers always `await`, so
+ * sync values just short-circuit the microtask.
+ */
+interface CacheLogger {
+  warn(message: string, ...args: unknown[]): void;
+  error(message: string, ...args: unknown[]): void;
+}
+interface CacheStats {
+  /** Number of entries currently stored */
+  entries: number;
+  /** Estimated memory usage in bytes (-1 if unavailable) */
+  memoryBytes: number;
+  /** Cache hit count since creation */
+  hits: number;
+  /** Cache miss count since creation */
+  misses: number;
+  /** Number of entries evicted since creation */
+  evictions: number;
+}
+interface CacheStore<TValue = unknown> {
+  /** Store name for logs/diagnostics. Optional to match repo-core's bare `CacheAdapter`. */
+  readonly name?: string;
+  /**
+   * Get a value by key. Returns `undefined` when not found or expired.
+   */
+  get(key: string): Promise<TValue | undefined> | TValue | undefined;
+  /**
+   * Store a value with optional TTL (seconds). `0` or `undefined` means
+   * no expiry; implementations may apply a default.
+   */
+  set(key: string, value: TValue, ttlSeconds?: number): Promise<void> | void;
+  /**
+   * Delete a single key. No-op when the key doesn't exist.
+   */
+  delete(key: string): Promise<void> | void;
+  /**
+   * Invalidate keys matching a glob pattern (typically `prefix:*`), or
+   * every key when `pattern` is omitted.
+   *
+   * Optional — simpler adapters that can't enumerate keys (some KV stores)
+   * may omit this and rely on TTL for eventual consistency. Consumers that
+   * need strict invalidation must check for its presence: `store.clear?.(pattern)`.
+   */
+  clear?(pattern?: string): Promise<void> | void;
+  /** Cache statistics for observability. Optional. */
+  stats?(): CacheStats;
+}
+//#endregion
+export { CacheStats as n, CacheStore as r, CacheLogger as t };

package/dist/logger/index.d.mts

@@ -0,0 +1,81 @@
+//#region src/logger/index.d.ts
+/**
+ * Arc Logger — Centralized debug & warning system
+ *
+ * Lightweight, zero-dependency logger for Arc framework internals.
+ * Inspired by the `debug` npm package — disabled by default, opt-in via
+ * environment variable or `createApp({ debug })` option.
+ *
+ * @example
+ * ```typescript
+ * // Enable via env var
+ * ARC_DEBUG=1 node server.js        // all modules
+ * ARC_DEBUG=scope,elevation node server.js // specific modules
+ *
+ * // Enable via createApp
+ * const app = await createApp({ debug: true });
+ * const app = await createApp({ debug: 'scope,elevation' });
+ *
+ * // Suppress warnings (not recommended)
+ * ARC_SUPPRESS_WARNINGS=1 node server.js
+ *
+ * // Framework internals use:
+ * import { arcLog } from '../logger/index.js';
+ * const log = arcLog('elevation');
+ * log.debug('Elevation applied', { userId });
+ * log.warn('Something unexpected');
+ * ```
+ */
+interface ArcLoggerOptions {
+  /**
+   * Enable debug output.
+   * - `true` or `'*'` — all modules
+   * - `string` — comma-separated module names (e.g., `'scope,elevation'`)
+   * - `false` — disabled (default)
+   */
+  debug?: boolean | string;
+  /**
+   * Custom log writer. Defaults to `console`.
+   * Useful for routing Arc logs into Fastify's pino logger or test fixtures.
+   */
+  writer?: ArcLogWriter;
+}
+interface ArcLogWriter {
+  debug: (...args: unknown[]) => void;
+  info: (...args: unknown[]) => void;
+  warn: (...args: unknown[]) => void;
+  error: (...args: unknown[]) => void;
+}
+interface ArcLogger {
+  debug: (...args: unknown[]) => void;
+  info: (...args: unknown[]) => void;
+  warn: (...args: unknown[]) => void;
+  error: (...args: unknown[]) => void;
+}
+/**
+ * Configure the Arc logger globally.
+ *
+ * Called automatically by `createApp({ debug })`, but can also be
+ * called manually for standalone usage outside of `createApp`.
+ */
+declare function configureArcLogger(options: ArcLoggerOptions): void;
+/**
+ * Create a module-scoped logger.
+ *
+ * Debug and info messages are gated by the `ARC_DEBUG` env var or
+ * `createApp({ debug })` option. Warnings always show (unless
+ * `ARC_SUPPRESS_WARNINGS=1`). Errors always show.
+ *
+ * @param module - Module name (e.g., 'scope', 'elevation', 'sse', 'preset')
+ * @returns Logger instance for that module
+ *
+ * @example
+ * ```typescript
+ * const log = arcLog('elevation');
+ * log.debug('Checking elevation header');
+ * log.warn('No authenticate decorator found');
+ * ```
+ */
+declare function arcLog(module: string): ArcLogger;
+//#endregion
+export { ArcLogWriter, ArcLogger, ArcLoggerOptions, arcLog, configureArcLogger };