@dereekb/firebase-server 13.4.0 → 13.4.2

package/index.cjs.js

@@ -74,6 +74,8 @@ function _type_of$7(obj) {
 }
 /**
  * Creates an unauthenticated {@link HttpsError} indicating the request context has no auth data.
+ *
+ * @returns A new unauthenticated {@link HttpsError} with the no-auth error code.
  */ function unauthenticatedContextHasNoAuthData() {
     return unauthenticatedError({
         message: 'expected auth',
@@ -82,6 +84,8 @@ function _type_of$7(obj) {
 }
 /**
  * Creates an unauthenticated {@link HttpsError} indicating the request context has no user UID.
+ *
+ * @returns A new unauthenticated {@link HttpsError} with the no-auth error code.
  */ function unauthenticatedContextHasNoUidError() {
     return unauthenticatedError({
         message: 'no user uid',
@@ -95,9 +99,15 @@ function _type_of$7(obj) {
  * Each factory wraps the Firebase `HttpsError` with a consistent shape: an HTTP status code,
  * a string error code, and an optional {@link ServerError} detail object.
  */ var UNAUTHENTICATED_ERROR_CODE = 'UNAUTHENTICATED';
-/** Creates an unauthenticated (401) {@link HttpsError}. */ function unauthenticatedError(messageOrError) {
+/**
+ * Creates an unauthenticated (401) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new unauthenticated (401) {@link HttpsError}.
+ */ function unauthenticatedError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('unauthenticated', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'unauthenticated', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('unauthenticated', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'unauthenticated', _object_spread_props$c(_object_spread$g({
         status: 401,
         code: UNAUTHENTICATED_ERROR_CODE
     }, serverError), {
@@ -105,9 +115,15 @@ function _type_of$7(obj) {
     }));
 }
 var FORBIDDEN_ERROR_CODE = 'FORBIDDEN';
-/** Creates a forbidden (403) {@link HttpsError}. */ function forbiddenError(messageOrError) {
+/**
+ * Creates a forbidden (403) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new forbidden (403) {@link HttpsError}.
+ */ function forbiddenError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('permission-denied', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'forbidden', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('permission-denied', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'forbidden', _object_spread_props$c(_object_spread$g({
         status: 403,
         code: FORBIDDEN_ERROR_CODE
     }, serverError), {
@@ -115,9 +131,15 @@ var FORBIDDEN_ERROR_CODE = 'FORBIDDEN';
     }));
 }
 var PERMISSION_DENIED_ERROR_CODE = 'PERMISSION_DENIED';
-/** Creates a permission-denied (403) {@link HttpsError}. */ function permissionDeniedError(messageOrError) {
+/**
+ * Creates a permission-denied (403) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new permission-denied (403) {@link HttpsError}.
+ */ function permissionDeniedError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('permission-denied', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'permission denied', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('permission-denied', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'permission denied', _object_spread_props$c(_object_spread$g({
         status: 403,
         code: PERMISSION_DENIED_ERROR_CODE
     }, serverError), {
@@ -125,9 +147,15 @@ var PERMISSION_DENIED_ERROR_CODE = 'PERMISSION_DENIED';
     }));
 }
 var NOT_FOUND_ERROR_CODE = 'NOT_FOUND';
-/** Creates a not-found (404) {@link HttpsError}. */ function notFoundError(messageOrError) {
+/**
+ * Creates a not-found (404) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new not-found (404) {@link HttpsError}.
+ */ function notFoundError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('not-found', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'not found', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('not-found', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'not found', _object_spread_props$c(_object_spread$g({
         status: 404,
         code: NOT_FOUND_ERROR_CODE
     }, serverError), {
@@ -135,9 +163,15 @@ var NOT_FOUND_ERROR_CODE = 'NOT_FOUND';
     }));
 }
 var MODEL_NOT_AVAILABLE_ERROR_CODE = 'MODEL_NOT_AVAILABLE';
-/** Creates a model-not-available (404) {@link HttpsError}, used when a Firestore document does not exist. */ function modelNotAvailableError(messageOrError) {
+/**
+ * Creates a model-not-available (404) {@link HttpsError}, used when a Firestore document does not exist.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new model-not-available (404) {@link HttpsError}.
+ */ function modelNotAvailableError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('not-found', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'model was not available', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('not-found', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'model was not available', _object_spread_props$c(_object_spread$g({
         status: 404,
         code: MODEL_NOT_AVAILABLE_ERROR_CODE
     }, serverError), {
@@ -145,9 +179,15 @@ var MODEL_NOT_AVAILABLE_ERROR_CODE = 'MODEL_NOT_AVAILABLE';
     }));
 }
 var BAD_REQUEST_ERROR_CODE = 'BAD_REQUEST';
-/** Creates a bad-request (400) {@link HttpsError}. */ function badRequestError(messageOrError) {
+/**
+ * Creates a bad-request (400) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new bad-request (400) {@link HttpsError}.
+ */ function badRequestError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('invalid-argument', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'bad request', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('invalid-argument', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'bad request', _object_spread_props$c(_object_spread$g({
         status: 400,
         code: BAD_REQUEST_ERROR_CODE
     }, serverError), {
@@ -155,9 +195,15 @@ var BAD_REQUEST_ERROR_CODE = 'BAD_REQUEST';
     }));
 }
 var CONFLICT_ERROR_CODE = 'CONFLICT';
-/** Creates a precondition-conflict (409) {@link HttpsError}. */ function preconditionConflictError(messageOrError) {
+/**
+ * Creates a precondition-conflict (409) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new precondition-conflict (409) {@link HttpsError}.
+ */ function preconditionConflictError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('failed-precondition', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'conflict', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('failed-precondition', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'conflict', _object_spread_props$c(_object_spread$g({
         status: 409,
         code: CONFLICT_ERROR_CODE
     }, serverError), {
@@ -165,9 +211,15 @@ var CONFLICT_ERROR_CODE = 'CONFLICT';
     }));
 }
 var ALREADY_EXISTS_ERROR_CODE = 'ALREADY_EXISTS';
-/** Creates an already-exists (409) {@link HttpsError}. */ function alreadyExistsError(messageOrError) {
+/**
+ * Creates an already-exists (409) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new already-exists (409) {@link HttpsError}.
+ */ function alreadyExistsError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('already-exists', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'already exists', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('already-exists', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'already exists', _object_spread_props$c(_object_spread$g({
         status: 409,
         code: ALREADY_EXISTS_ERROR_CODE
     }, serverError), {
@@ -175,9 +227,15 @@ var ALREADY_EXISTS_ERROR_CODE = 'ALREADY_EXISTS';
     }));
 }
 var UNAVAILABLE_ERROR_CODE = 'UNAVAILABLE';
-/** Creates an unavailable (503) {@link HttpsError}. */ function unavailableError(messageOrError) {
+/**
+ * Creates an unavailable (503) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new unavailable (503) {@link HttpsError}.
+ */ function unavailableError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('unavailable', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'service unavailable', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('unavailable', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'service unavailable', _object_spread_props$c(_object_spread$g({
         status: 503,
         code: UNAVAILABLE_ERROR_CODE
     }, serverError), {
@@ -185,9 +243,15 @@ var UNAVAILABLE_ERROR_CODE = 'UNAVAILABLE';
     }));
 }
 var UNAVAILABLE_OR_DEACTIVATED_FUNCTION_ERROR_CODE = 'UNAVAILABLE_OR_DEACTIVATED_FUNCTION';
-/** Creates an unimplemented (501) {@link HttpsError} for deactivated or unavailable functions. */ function unavailableOrDeactivatedFunctionError(messageOrError) {
+/**
+ * Creates an unimplemented (501) {@link HttpsError} for deactivated or unavailable functions.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new unimplemented (501) {@link HttpsError}.
+ */ function unavailableOrDeactivatedFunctionError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('unimplemented', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'the requested function is not available or has been deactivated for use', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('unimplemented', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'the requested function is not available or has been deactivated for use', _object_spread_props$c(_object_spread$g({
         status: 501,
         code: UNAVAILABLE_OR_DEACTIVATED_FUNCTION_ERROR_CODE
     }, serverError), {
@@ -195,9 +259,15 @@ var UNAVAILABLE_OR_DEACTIVATED_FUNCTION_ERROR_CODE = 'UNAVAILABLE_OR_DEACTIVATED
     }));
 }
 var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
-/** Creates an internal-error (500) {@link HttpsError}. */ function internalServerError(messageOrError) {
+/**
+ * Creates an internal-error (500) {@link HttpsError}.
+ *
+ * @param messageOrError - Optional error message string or partial server error object.
+ * @returns A new internal-error (500) {@link HttpsError}.
+ */ function internalServerError(messageOrError) {
+    var _serverError_message;
     var serverError = util.partialServerError(messageOrError);
-    return new https.HttpsError('internal', (serverError === null || serverError === void 0 ? void 0 : serverError.message) || 'internal error', _object_spread_props$c(_object_spread$g({
+    return new https.HttpsError('internal', (_serverError_message = serverError.message) !== null && _serverError_message !== void 0 ? _serverError_message : 'internal error', _object_spread_props$c(_object_spread$g({
         status: 500,
         code: INTERNAL_SERVER_ERROR_CODE
     }, serverError), {
@@ -206,13 +276,19 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
 }
 /**
  * Type guard for Firebase {@link HttpsError} instances.
+ *
+ * @param input - The value to check.
+ * @returns `true` if the input is a Firebase {@link HttpsError}.
  */ function isFirebaseHttpsError(input) {
-    return (typeof input === "undefined" ? "undefined" : _type_of$7(input)) === 'object' && input.code != null && input.httpErrorCode != null && input.toJSON != null;
+    return (typeof input === "undefined" ? "undefined" : _type_of$7(input)) === 'object' && input != null && 'code' in input && 'httpErrorCode' in input && 'toJSON' in input;
 }
 /**
  * Type guard for Firebase Admin {@link admin.FirebaseError} instances.
+ *
+ * @param input - The value to check.
+ * @returns `true` if the input is a Firebase Admin {@link admin.FirebaseError}.
  */ function isFirebaseError(input) {
-    return (typeof input === "undefined" ? "undefined" : _type_of$7(input)) === 'object' && input.code != null && input.message != null && input.toJSON != null;
+    return (typeof input === "undefined" ? "undefined" : _type_of$7(input)) === 'object' && input != null && 'code' in input && 'message' in input && 'toJSON' in input;
 }
 /**
  * Analyzes a caught error and extracts structured Firebase error information.
@@ -221,6 +297,7 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
  * and extracts any embedded error codes and {@link ServerError} details.
  *
  * @param e - The caught error to analyze.
+ * @returns Structured {@link FirebaseServerErrorInfo} with classified error details.
  *
  * @example
  * ```typescript
@@ -265,6 +342,9 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
 }
 /**
  * Returns a tuple of [firebaseErrorCode, errorInfo] for pattern-matching on Firebase error codes.
+ *
+ * @param e - The caught error to analyze.
+ * @returns A tuple of the Firebase error code (if present) and the full error info.
  */ function firebaseServerErrorInfoCodePair(e) {
     var info = firebaseServerErrorInfo(e);
     return [
@@ -274,6 +354,9 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
 }
 /**
  * Returns a tuple of [serverError, errorInfo] for pattern-matching on embedded server error details.
+ *
+ * @param e - The caught error to analyze.
+ * @returns A tuple of the server error (if present) and the full error info.
  */ function firebaseServerErrorInfoServerErrorPair(e) {
     var info = firebaseServerErrorInfo(e);
     return [
@@ -283,6 +366,9 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
 }
 /**
  * Returns a tuple of [serverErrorCode, errorInfo] for pattern-matching on server error string codes.
+ *
+ * @param e - The caught error to analyze.
+ * @returns A tuple of the server error code (if present) and the full error info.
  */ function firebaseServerErrorInfoServerErrorCodePair(e) {
     var info = firebaseServerErrorInfo(e);
     return [
@@ -307,6 +393,9 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
 /**
  * Type guard that checks whether the given callable context contains authenticated user data (non-null auth with a uid).
  *
+ * @param context - The callable context to check.
+ * @returns `true` if the context has authenticated user data with a valid UID.
+ *
  * @example
  * ```typescript
  * if (isContextWithAuthData(context)) {
@@ -315,11 +404,12 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
  * ```
  */ function isContextWithAuthData(context) {
     var _context_auth;
-    return Boolean(context.auth !== null && ((_context_auth = context.auth) === null || _context_auth === void 0 ? void 0 : _context_auth.uid));
+    return Boolean((_context_auth = context.auth) === null || _context_auth === void 0 ? void 0 : _context_auth.uid);
 }
 /**
  * Asserts that the callable context contains authenticated user data.
  *
+ * @param context - The callable context to assert on.
  * @throws {HttpsError} Throws an unauthenticated error if auth data is missing.
  *
  * @example
@@ -340,6 +430,7 @@ var INTERNAL_SERVER_ERROR_CODE = 'INTERNAL_ERROR';
  * including email, phone, and sign-in timestamps.
  *
  * @param token - The decoded ID token from Firebase Admin Auth.
+ * @returns A normalized {@link FirebaseAuthToken} with camelCase fields.
  *
  * @example
  * ```typescript
@@ -523,7 +614,7 @@ function _ts_generator$c(thisArg, body) {
                     ];
                 case 2:
                     error = _state.sent();
-                    if ((error === null || error === void 0 ? void 0 : error.code) === firebase.FIREBASE_AUTH_USER_NOT_FOUND_ERROR) {
+                    if (error.code === firebase.FIREBASE_AUTH_USER_NOT_FOUND_ERROR) {
                         return [
                             2,
                             undefined
@@ -612,6 +703,63 @@ function _is_native_reflect_construct$5() {
         return !!result;
     })();
 }
+/**
+ * Thrown by {@link AbstractFirebaseServerNewUserService.createNewUser} when Firebase Auth rejects
+ * user creation because the provided phone number or email is already associated with another account.
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await newUserService.initializeNewUser({ email, phone });
+ * } catch (e) {
+ *   if (e instanceof FirebaseServerAuthUserExistsError && e.identifierType === 'phone') {
+ *     const existingUser = await auth.getUserByPhoneNumber(e.identifierValue);
+ *   }
+ * }
+ * ```
+ */ var FirebaseServerAuthUserExistsError = /*#__PURE__*/ function(BaseError) {
+    _inherits$5(FirebaseServerAuthUserExistsError, BaseError);
+    function FirebaseServerAuthUserExistsError(code, identifierType, identifierValue) {
+        _class_call_check$o(this, FirebaseServerAuthUserExistsError);
+        var _this;
+        _this = _call_super$5(this, FirebaseServerAuthUserExistsError, [
+            "A user with the provided ".concat(identifierType, " already exists.")
+        ]), _define_property$s(_this, "code", void 0), _define_property$s(_this, "identifierType", void 0), _define_property$s(_this, "identifierValue", void 0);
+        _this.code = code;
+        _this.identifierType = identifierType;
+        _this.identifierValue = identifierValue;
+        return _this;
+    }
+    return FirebaseServerAuthUserExistsError;
+}(makeError.BaseError);
+/**
+ * Thrown by {@link AbstractFirebaseServerNewUserService.createNewUser} when Firebase Auth rejects
+ * user creation due to invalid input (e.g., a malformed phone number).
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await newUserService.initializeNewUser({ email, phone: 'not-e164' });
+ * } catch (e) {
+ *   if (e instanceof FirebaseServerAuthUserBadInputError) {
+ *     console.log(`Bad input (${e.code}): ${e.inputValue}`);
+ *   }
+ * }
+ * ```
+ */ var FirebaseServerAuthUserBadInputError = /*#__PURE__*/ function(BaseError) {
+    _inherits$5(FirebaseServerAuthUserBadInputError, BaseError);
+    function FirebaseServerAuthUserBadInputError(code, inputValue, message) {
+        _class_call_check$o(this, FirebaseServerAuthUserBadInputError);
+        var _this;
+        _this = _call_super$5(this, FirebaseServerAuthUserBadInputError, [
+            message !== null && message !== void 0 ? message : "Invalid input for user creation: ".concat(inputValue)
+        ]), _define_property$s(_this, "code", void 0), _define_property$s(_this, "inputValue", void 0);
+        _this.code = code;
+        _this.inputValue = inputValue;
+        return _this;
+    }
+    return FirebaseServerAuthUserBadInputError;
+}(makeError.BaseError);
 /**
  * Thrown by sendSetupDetails() if the user has no setup configuration available, meaning they probably already have accepted their invite or is in an invalid state.
  */ var FirebaseServerAuthNewUserSendSetupDetailsNoSetupConfigError = /*#__PURE__*/ function(BaseError) {
@@ -662,6 +810,9 @@ function _array_like_to_array$a(arr, len) {
 function _array_with_holes$3(arr) {
     if (Array.isArray(arr)) return arr;
 }
+function _array_without_holes$7(arr) {
+    if (Array.isArray(arr)) return _array_like_to_array$a(arr);
+}
 function _assert_this_initialized$4(self) {
     if (self === void 0) {
         throw new ReferenceError("this hasn't been initialised - super() hasn't been called");
@@ -751,6 +902,9 @@ function _inherits$4(subClass, superClass) {
     });
     if (superClass) _set_prototype_of$4(subClass, superClass);
 }
+function _iterable_to_array$7(iter) {
+    if (typeof Symbol !== "undefined" && iter[Symbol.iterator] != null || iter["@@iterator"] != null) return Array.from(iter);
+}
 function _iterable_to_array_limit$3(arr, i) {
     var _i = arr == null ? null : typeof Symbol !== "undefined" && arr[Symbol.iterator] || arr["@@iterator"];
     if (_i == null) return;
@@ -778,6 +932,9 @@ function _iterable_to_array_limit$3(arr, i) {
 function _non_iterable_rest$3() {
     throw new TypeError("Invalid attempt to destructure non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.");
 }
+function _non_iterable_spread$7() {
+    throw new TypeError("Invalid attempt to spread non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.");
+}
 function _object_spread$f(target) {
     for(var i = 1; i < arguments.length; i++){
         var source = arguments[i] != null ? arguments[i] : {};
@@ -809,6 +966,9 @@ function _set_prototype_of$4(o, p) {
 function _sliced_to_array$3(arr, i) {
     return _array_with_holes$3(arr) || _iterable_to_array_limit$3(arr, i) || _unsupported_iterable_to_array$a(arr, i) || _non_iterable_rest$3();
 }
+function _to_consumable_array$7(arr) {
+    return _array_without_holes$7(arr) || _iterable_to_array$7(arr) || _unsupported_iterable_to_array$a(arr) || _non_iterable_spread$7();
+}
 function _type_of$5(obj) {
     "@swc/helpers - typeof";
     return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
@@ -1016,6 +1176,8 @@ function _ts_generator$b(thisArg, body) {
         {
             /**
      * Generates a random numeric string for use as a temporary reset password.
+     *
+     * @returns A random numeric string suitable as a temporary password.
      */ key: "_generateResetPasswordKey",
             value: function _generateResetPasswordKey() {
                 return String(DEFAULT_FIREBASE_PASSWORD_NUMBER_GENERATOR());
@@ -1196,6 +1358,7 @@ function _ts_generator$b(thisArg, body) {
      *
      * @param roles - The complete set of roles to assign.
      * @param claimsToRetain - Additional claims to merge in alongside the role-derived claims.
+     * @returns Resolves when the claims have been replaced.
      *
      * @example
      * ```typescript
@@ -1206,7 +1369,7 @@ function _ts_generator$b(thisArg, body) {
                 return _async_to_generator$b(function() {
                     var claims;
                     return _ts_generator$b(this, function(_state) {
-                        claims = _object_spread$f({}, claimsToRetain, this._claimsForRolesChange(Array.from(roles)));
+                        claims = _object_spread$f({}, claimsToRetain, this._claimsForRolesChange(_to_consumable_array$7(roles)));
                         return [
                             2,
                             this.setClaims(claims)
@@ -1219,6 +1382,9 @@ function _ts_generator$b(thisArg, body) {
             /**
      * Converts roles to their corresponding claim keys, filtering out null/undefined entries
      * that represent unrelated claims in the service's {@link FirebaseServerAuthService.claimsForRoles} output.
+     *
+     * @param roles - The roles to convert to claims.
+     * @returns Filtered claims object with only the relevant role-based entries.
      */ key: "_claimsForRolesChange",
             value: function _claimsForRolesChange(roles) {
                 return util.filterNullAndUndefinedValues(this.service.claimsForRoles(util.asSet(roles)));
@@ -1247,12 +1413,8 @@ function _ts_generator$b(thisArg, body) {
                                 ];
                             case 1:
                                 currentClaims = _state.sent();
-                                if (currentClaims) {
-                                    newClaims = _object_spread$f({}, currentClaims, util.filterUndefinedValues(claims, false));
-                                    newClaims = util.filterNullAndUndefinedValues(newClaims);
-                                } else {
-                                    newClaims = claims;
-                                }
+                                newClaims = _object_spread$f({}, currentClaims, util.filterUndefinedValues(claims, false));
+                                newClaims = util.filterNullAndUndefinedValues(newClaims);
                                 return [
                                     2,
                                     this.setClaims(newClaims)
@@ -1381,6 +1543,7 @@ function _ts_generator$b(thisArg, body) {
  *
  * @param authService - The auth service to create a context from if needed.
  * @param userContextOrUid - A user context or UID string.
+ * @returns The resolved user context instance.
  *
  * @example
  * ```typescript
@@ -1564,6 +1727,7 @@ function _ts_generator$b(thisArg, body) {
                                     3,
                                     7
                                 ];
+                                // Cast to string | undefined because claims are cast from raw custom claims which may not have this field at runtime
                                 setupCommunicationAt = setupDetails.claims.setupCommunicationAt;
                                 hasSentCommunication = Boolean(setupCommunicationAt);
                                 if (!((config === null || config === void 0 ? void 0 : config.sendSetupDetailsOnce) && hasSentCommunication)) return [
@@ -1571,7 +1735,7 @@ function _ts_generator$b(thisArg, body) {
                                     2
                                 ];
                                 // do not send.
-                                if (config === null || config === void 0 ? void 0 : config.throwErrors) {
+                                if (config.throwErrors) {
                                     throw new FirebaseServerAuthNewUserSendSetupDetailsSendOnceError();
                                 }
                                 return [
@@ -1701,6 +1865,8 @@ function _ts_generator$b(thisArg, body) {
             key: "updateSetupContentSentTime",
             value: /**
      * Records the current timestamp as the last setup content communication date in the user's claims.
+     *
+     * @param details - The user's setup details containing the user context.
      */ function updateSetupContentSentTime(details) {
                 return _async_to_generator$b(function() {
                     var setupCommunicationAt;
@@ -1767,15 +1933,25 @@ function _ts_generator$b(thisArg, body) {
      *
      * Generates a random setup password if none is provided. Override to customize user creation behavior.
      *
+     * @param input - The initialization configuration for the new user.
+     * @returns The created user record and the setup password used.
      * @throws Throws if the Firebase Admin SDK rejects the user creation.
      */ function createNewUser(input) {
                 return _async_to_generator$b(function() {
-                    var uid, displayName, email, phoneNumber, inputPassword, password, user;
+                    var uid, displayName, email, phoneNumber, inputPassword, password, user, e, firebaseError, errorCode;
                     return _ts_generator$b(this, function(_state) {
                         switch(_state.label){
                             case 0:
                                 uid = input.uid, displayName = input.displayName, email = input.email, phoneNumber = input.phone, inputPassword = input.setupPassword;
                                 password = inputPassword !== null && inputPassword !== void 0 ? inputPassword : this.generateRandomSetupPassword();
+                                _state.label = 1;
+                            case 1:
+                                _state.trys.push([
+                                    1,
+                                    3,
+                                    ,
+                                    4
+                                ]);
                                 return [
                                     4,
                                     this.authService.auth.createUser({
@@ -1786,8 +1962,25 @@ function _ts_generator$b(thisArg, body) {
                                         password: password
                                     })
                                 ];
-                            case 1:
+                            case 2:
                                 user = _state.sent();
+                                return [
+                                    3,
+                                    4
+                                ];
+                            case 3:
+                                e = _state.sent();
+                                firebaseError = e;
+                                errorCode = firebaseError.code;
+                                if (errorCode === firebase.FIREBASE_AUTH_PHONE_NUMBER_ALREADY_EXISTS_ERROR && phoneNumber) {
+                                    throw new FirebaseServerAuthUserExistsError(errorCode, 'phone', phoneNumber);
+                                } else if (errorCode === firebase.FIREBASE_AUTH_EMAIL_ALREADY_EXISTS_ERROR && email) {
+                                    throw new FirebaseServerAuthUserExistsError(errorCode, 'email', email);
+                                } else if (errorCode === firebase.FIREBASE_AUTH_INVALID_PHONE_NUMBER_ERROR && phoneNumber) {
+                                    throw new FirebaseServerAuthUserBadInputError(errorCode, phoneNumber);
+                                }
+                                throw e;
+                            case 4:
                                 return [
                                     2,
                                     {
@@ -1810,6 +2003,8 @@ function _ts_generator$b(thisArg, body) {
             key: "updateClaimsToClearUser",
             value: /**
      * Clears setup-related claims (setup password and last communication date) from the user.
+     *
+     * @param userContext - The user context to clear setup claims from.
      */ function updateClaimsToClearUser(userContext) {
                 return _async_to_generator$b(function() {
                     var _obj;
@@ -2015,6 +2210,7 @@ function _ts_generator$b(thisArg, body) {
  * Creates a NestJS provider that binds the given config to the {@link FIREBASE_SERVER_ENV_TOKEN} injection token.
  *
  * @param env - The Firebase server environment configuration.
+ * @returns A NestJS provider binding the config to the {@link FIREBASE_SERVER_ENV_TOKEN} token.
  *
  * @example
  * ```typescript
@@ -2033,6 +2229,7 @@ function _ts_generator$b(thisArg, body) {
  * Use this when the NestJS app needs the config accessible via either token.
  *
  * @param env - The Firebase server environment configuration.
+ * @returns An array of providers binding the config to both Firebase and base server env tokens.
  *
  * @example
  * ```typescript
@@ -2074,6 +2271,7 @@ function _class_call_check$m(instance, Constructor) {
  * Each field in the input maps to an atomic increment operation. Null/undefined values default to 0.
  *
  * @param input - The increment specification mapping field names to numeric deltas.
+ * @returns Firestore {@link UpdateData} with atomic increment operations.
  *
  * @example
  * ```typescript
@@ -2146,6 +2344,7 @@ function _unsupported_iterable_to_array$9(o, minLen) {
  * Google Cloud Firestore's {@link FieldValue.arrayUnion} and {@link FieldValue.arrayRemove}.
  *
  * @param input - The array update specification with `union` and/or `remove` field maps.
+ * @returns Firestore {@link UpdateData} with array union/remove operations.
  *
  * @example
  * ```typescript
@@ -2155,8 +2354,8 @@ function _unsupported_iterable_to_array$9(o, minLen) {
  * });
  * ```
  */ function firestoreServerArrayUpdateToUpdateData(input) {
-    var union = input === null || input === void 0 ? void 0 : input.union;
-    var remove = input === null || input === void 0 ? void 0 : input.remove;
+    var union = input.union;
+    var remove = input.remove;
     function createUpdatesWithArrayFunction(fieldUpdate, arrayUpdateFunction) {
         var result;
         if (fieldUpdate) {
@@ -2290,7 +2489,7 @@ function _define_property$p(obj, key, value) {
             key: "update",
             value: function update(data, params) {
                 if ((params === null || params === void 0 ? void 0 : params.precondition) != null) {
-                    this.batch.update(this.documentRef, data, params === null || params === void 0 ? void 0 : params.precondition);
+                    this.batch.update(this.documentRef, data, params.precondition);
                 } else {
                     this.batch.update(this.documentRef, data);
                 }
@@ -2307,6 +2506,7 @@ function _define_property$p(obj, key, value) {
  * the batch applies all queued writes atomically.
  *
  * @param writeBatch - The Google Cloud WriteBatch to queue operations into.
+ * @returns A factory that creates batch-backed accessors sharing the given WriteBatch.
  *
  * @example
  * ```typescript
@@ -2349,6 +2549,9 @@ function _define_property$p(obj, key, value) {
 }();
 /**
  * Creates a {@link WriteBatchFirestoreDocumentContext} wrapping the given batch.
+ *
+ * @param batch - The Google Cloud WriteBatch to use.
+ * @returns A new {@link WriteBatchFirestoreDocumentContext} for the given batch.
  */ function writeBatchDocumentContext(batch) {
     return new WriteBatchFirestoreDocumentContext(batch);
 }
@@ -2475,6 +2678,8 @@ function _define_property$o(obj, key, value) {
 /**
  * Creates a {@link FirestoreDocumentDataAccessorFactory} that produces default (non-batched, non-transactional) accessors.
  *
+ * @returns A factory that creates default (non-batched, non-transactional) accessors.
+ *
  * @example
  * ```typescript
  * const factory = defaultFirestoreAccessorFactory<User>();
@@ -2492,6 +2697,8 @@ function _define_property$o(obj, key, value) {
  * Creates a {@link FirestoreDocumentContext} with no special execution context (no batch, no transaction).
  *
  * Operations performed through this context execute immediately against Firestore.
+ *
+ * @returns A {@link FirestoreDocumentContext} for direct Firestore operations.
  */ function defaultFirestoreDocumentContext() {
     return {
         contextType: firebase.FirestoreDocumentContextType.NONE,
@@ -2621,7 +2828,7 @@ function _define_property$n(obj, key, value) {
             key: "update",
             value: function update(data, params) {
                 if (params === null || params === void 0 ? void 0 : params.precondition) {
-                    this.transaction.update(this.documentRef, data, params === null || params === void 0 ? void 0 : params.precondition);
+                    this.transaction.update(this.documentRef, data, params.precondition);
                 } else {
                     this.transaction.update(this.documentRef, data);
                 }
@@ -2638,6 +2845,7 @@ function _define_property$n(obj, key, value) {
  * atomic operation.
  *
  * @param transaction - The Google Cloud Transaction to execute operations within.
+ * @returns A factory that creates transaction-backed accessors sharing the given transaction.
  *
  * @example
  * ```typescript
@@ -2681,6 +2889,9 @@ function _define_property$n(obj, key, value) {
 }();
 /**
  * Creates a {@link TransactionFirestoreDocumentContext} wrapping the given transaction.
+ *
+ * @param transaction - The Google Cloud Transaction to use.
+ * @returns A new {@link TransactionFirestoreDocumentContext} for the given transaction.
  */ function transactionDocumentContext(transaction) {
     return new TransactionFirestoreDocumentContext(transaction);
 }
@@ -2867,6 +3078,7 @@ function _ts_generator$a(thisArg, body) {
  * @param start - A Firestore object that can resolve collection paths (e.g., Firestore instance, DocumentReference).
  * @param path - The initial collection path.
  * @param pathSegments - Optional pairs of [docId, collectionName] for subcollection traversal.
+ * @returns The resolved {@link CollectionReference} at the given path.
  * @throws Error if pathSegments length is odd (segments must come in pairs).
  *
  * @example
@@ -2877,7 +3089,7 @@ function _ts_generator$a(thisArg, body) {
  */ function collectionRefForPath(start, path, pathSegments) {
     var ref = start.collection(path);
     if (pathSegments === null || pathSegments === void 0 ? void 0 : pathSegments.length) {
-        if ((pathSegments === null || pathSegments === void 0 ? void 0 : pathSegments.length) % 2 !== 0) {
+        if (pathSegments.length % 2 !== 0) {
             throw new Error('Invalid number of path segments provided for collection. Path: "'.concat(path, '" + "').concat(pathSegments, '"'));
         }
         var batches = util.batch(pathSegments, 2); // batch to tuple [string, string]
@@ -2897,6 +3109,7 @@ function _ts_generator$a(thisArg, body) {
  * @param start - A Firestore object that can resolve document paths (e.g., CollectionReference).
  * @param path - Optional document ID or path within the collection.
  * @param pathSegments - Optional pairs of [collectionName, docId] for subcollection traversal.
+ * @returns The resolved {@link DocumentReference} at the given path.
  *
  * @example
  * ```typescript
@@ -2921,6 +3134,8 @@ function _ts_generator$a(thisArg, body) {
  * Implements document/collection resolution, transaction/batch factories, and context factories
  * using the `@google-cloud/firestore` library.
  *
+ * @returns A {@link FirestoreAccessorDriver} for the Google Cloud Admin SDK.
+ *
  * @example
  * ```typescript
  * const accessorDriver = googleCloudFirestoreAccessorDriver();
@@ -2955,18 +3170,10 @@ function _ts_generator$a(thisArg, body) {
             return function(fn) {
                 return _async_to_generator$a(function() {
                     return _ts_generator$a(this, function(_state) {
-                        switch(_state.label){
-                            case 0:
-                                return [
-                                    4,
-                                    firestore.runTransaction(fn)
-                                ];
-                            case 1:
-                                return [
-                                    2,
-                                    _state.sent()
-                                ];
-                        }
+                        return [
+                            2,
+                            firestore.runTransaction(fn)
+                        ];
                     });
                 })();
             };
@@ -3091,6 +3298,8 @@ var _obj;
  * Creates a {@link FirestoreQueryConstraintFunctionsDriver} for the Google Cloud Firestore server SDK.
  *
  * Translates abstract query constraints into Google Cloud Firestore query builder calls.
+ *
+ * @returns A {@link FirestoreQueryConstraintFunctionsDriver} for the server SDK.
  */ function firestoreClientQueryConstraintFunctionsDriver() {
     return firebase.makeFirestoreQueryConstraintFunctionsDriver({
         mapping: FIRESTORE_CLIENT_QUERY_CONSTRAINT_HANDLER_MAPPING,
@@ -3112,6 +3321,8 @@ var _obj;
  * streaming (streamDocs) via `onSnapshot`. Transaction-aware reads are supported
  * through the optional transaction parameter in `getDocs`.
  *
+ * @returns A complete {@link FirestoreQueryDriver} for the Google Cloud Admin SDK.
+ *
  * @example
  * ```typescript
  * const queryDriver = googleCloudFirestoreQueryDriver();
@@ -3146,6 +3357,8 @@ var _obj;
  *
  * Bundles the server-side accessor driver and query driver, identified as `@google-cloud/firestore`.
  *
+ * @returns A complete set of {@link FirestoreDrivers} for the Google Cloud Admin SDK.
+ *
  * @example
  * ```typescript
  * const drivers = googleCloudFirestoreDrivers();
@@ -3356,6 +3569,7 @@ function _ts_generator$9(thisArg, body) {
 /**
  * Asserts that the callable context contains auth data with a valid UID.
  *
+ * @param context - The callable context to check for auth data.
  * @throws {HttpsError} Throws unauthenticated error if no auth data is present.
  *
  * @example
@@ -3373,13 +3587,15 @@ function _ts_generator$9(thisArg, body) {
  *
  * @param document - The Firestore document to load data from.
  * @param message - Optional custom error message.
+ * @returns The document's snapshot data.
  * @throws {HttpsError} Throws a {@link modelNotAvailableError} (404) if the document has no data.
  *
  * @example
  * ```typescript
  * const userData = await assertSnapshotData(userDocument);
  * ```
- */ function assertSnapshotData(document, message) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- FirestoreDocument generic requires any for proper type inference
+function assertSnapshotData(document, message) {
     return _async_to_generator$9(function() {
         var data;
         return _ts_generator$9(this, function(_state) {
@@ -3411,8 +3627,10 @@ function _ts_generator$9(thisArg, body) {
  *
  * @param document - The Firestore document to load data from.
  * @param message - Optional custom error message.
+ * @returns The document's snapshot data with `id` and `key` attached.
  * @throws {HttpsError} Throws a {@link modelNotAvailableError} (404) if the document has no data.
- */ function assertSnapshotDataWithKey(document, message) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- FirestoreDocument generic requires any for proper type inference
+function assertSnapshotDataWithKey(document, message) {
     return _async_to_generator$9(function() {
         var data;
         return _ts_generator$9(this, function(_state) {
@@ -3438,7 +3656,8 @@ function _ts_generator$9(thisArg, body) {
  * @param document - The Firestore document to check.
  * @param message - Optional custom error message.
  * @throws {HttpsError} Throws a {@link modelNotAvailableError} (404) if the document does not exist.
- */ function assertDocumentExists(document, message) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- FirestoreDocument generic requires any for proper type inference
+function assertDocumentExists(document, message) {
     return _async_to_generator$9(function() {
         var exists;
         return _ts_generator$9(this, function(_state) {
@@ -3464,7 +3683,12 @@ function _ts_generator$9(thisArg, body) {
  * Creates a {@link modelNotAvailableError} for the given document's model type.
  *
  * Used by {@link assertDocumentExists} and other assertion functions.
- */ function documentModelNotAvailableError(document, message) {
+ *
+ * @param document - The document (or object with `modelType`) to generate the error for.
+ * @param message - Optional custom error message.
+ * @returns A {@link modelNotAvailableError} with the document's model type in the message.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- FirestoreDocument generic requires any for proper type inference
+function documentModelNotAvailableError(document, message) {
     return modelNotAvailableError({
         message: message !== null && message !== void 0 ? message : "The ".concat(document.modelType, " was unavailable.")
     });
@@ -3475,6 +3699,8 @@ function _ts_generator$9(thisArg, body) {
  */ var PHONE_NUMBER_ALREADY_EXISTS_ERROR_CODE = 'PHONE_NUMBER_ALREADY_EXISTS';
 /**
  * Creates a precondition conflict (409) error indicating the phone number already exists.
+ *
+ * @returns A new precondition-conflict (409) {@link HttpsError} with the phone-number-exists code.
  */ function phoneNumberAlreadyExistsError() {
     return preconditionConflictError({
         code: PHONE_NUMBER_ALREADY_EXISTS_ERROR_CODE,
@@ -3492,7 +3718,7 @@ function _ts_generator$9(thisArg, body) {
  */ function handleFirebaseAuthError(e, handleUnknownCode) {
     handleFirebaseError(e, function(firebaseError) {
         switch(firebaseError.code){
-            case 'auth/phone-number-already-exists':
+            case firebase.FIREBASE_AUTH_PHONE_NUMBER_ALREADY_EXISTS_ERROR:
                 throw phoneNumberAlreadyExistsError();
             default:
                 handleUnknownCode === null || handleUnknownCode === void 0 ? void 0 : handleUnknownCode(firebaseError);
@@ -3558,7 +3784,10 @@ function _class_call_check$h(instance, Constructor) {
  * Creates a default no-op {@link FirebaseServerAnalyticsServiceListener}.
  *
  * Used when no analytics provider is configured. All methods are no-ops.
+ *
+ * @returns A no-op listener that silently discards all analytics events.
  */ function noopFirebaseServerAnalyticsServiceListener() {
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
     var noop = function noop() {};
     return {
         handleOnCallAnalyticsEvent: noop,
@@ -3866,6 +4095,9 @@ function _ts_generator$8(thisArg, body) {
  * emitter('triggered').sendEventType('Handler Starting');
  * emitter('success').sendEvent('Widget Created', { id: result.id });
  * ```
+ *
+ * @param config - The service and context to bind to the emitter factory.
+ * @returns A factory function that creates lifecycle-stage-specific emitters.
  */ function onCallAnalyticsEmitterInstance(config) {
     var service = config.service, context = config.context;
     return function(lifecycle) {
@@ -3873,6 +4105,7 @@ function _ts_generator$8(thisArg, body) {
             service: service,
             context: context,
             lifecycle: lifecycle,
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any
             sendEvent: function sendEvent(event, properties) {
                 service.handleOnCallAnalyticsEvent({
                     event: event,
@@ -4072,22 +4305,34 @@ function _unsupported_iterable_to_array$6(o, minLen) {
 // MARK: Type Guards
 /**
  * Whether the details are specifier-level (has specifiers map).
+ *
+ * @param details - The API details to check.
+ * @returns True if the details contain a specifiers map.
  */ function isOnCallModelTypeApiDetails(details) {
     return details != null && 'specifiers' in details;
 }
 /**
  * Whether the details are CRUD-model-level (has modelTypes map).
+ *
+ * @param details - The API details to check.
+ * @returns True if the details contain a modelTypes map.
  */ function isOnCallCrudModelApiDetails(details) {
     return details != null && 'modelTypes' in details;
 }
 /**
  * Whether the details are handler-level (leaf node — no specifiers or modelTypes).
+ *
+ * @param details - The API details to check.
+ * @returns True if the details are handler-level (no specifiers or modelTypes).
  */ function isOnCallHandlerApiDetails(details) {
     return details != null && !('specifiers' in details) && !('modelTypes' in details);
 }
 /**
  * Whether the specifier-level details represent a true specifier (multiple sub-operations)
  * vs a wrapped direct handler (`isSpecifier: false`, details under `_`).
+ *
+ * @param details - The specifier-level API details to check.
+ * @returns True if the details represent a true specifier with multiple sub-operations.
  */ function isActualSpecifier(details) {
     return details.isSpecifier;
 }
@@ -4120,7 +4365,11 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  *   fn: async (request) => { ... }
  * });
  * ```
- */ function withApiDetails(config) {
+ *
+ * @param config - The API details configuration including the handler function.
+ * @returns The handler function with _apiDetails attached.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function withApiDetails(config) {
     var optionalAuth = config.optionalAuth, fn = config.fn, apiDetails = _object_without_properties(config, [
         "optionalAuth",
         "fn"
@@ -4134,6 +4383,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
 // MARK: Aggregation Utilities
 /**
  * Reads _apiDetails from a function if present.
+ *
+ * @param fn - The function or object that may carry _apiDetails.
+ * @returns The API details if present, otherwise undefined.
  */ function readApiDetails(fn) {
     return fn === null || fn === void 0 ? void 0 : fn._apiDetails;
 }
@@ -4141,6 +4393,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  * Aggregates _apiDetails from a specifier handler config object.
  *
  * Returns OnCallModelTypeApiDetails if any handlers have _apiDetails, otherwise undefined.
+ *
+ * @param config - Map of specifier keys to handler functions.
+ * @returns Aggregated specifier-level API details, or undefined if no handlers have _apiDetails.
  */ function aggregateSpecifierApiDetails(config) {
     var specifiers = {};
     var hasAny = false;
@@ -4178,6 +4433,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  * Aggregates _apiDetails from a model type map (used by onCallCreateModel, etc.).
  *
  * Returns OnCallCrudModelApiDetails if any handlers have _apiDetails, otherwise undefined.
+ *
+ * @param map - Map of model type strings to handler functions.
+ * @returns Aggregated CRUD-model-level API details, or undefined if no handlers have _apiDetails.
  */ function aggregateCrudModelApiDetails(map) {
     var modelTypes = {};
     var hasAny = false;
@@ -4224,6 +4482,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  * Aggregates _apiDetails from the top-level call model map.
  *
  * Returns OnCallModelApiDetails if any CRUD handlers have _apiDetails, otherwise undefined.
+ *
+ * @param map - Map of call type strings to CRUD handler functions.
+ * @returns Aggregated model-level API details, or undefined if no handlers have _apiDetails.
  */ function aggregateModelApiDetails(map) {
     var result = {};
     var hasAny = false;
@@ -4290,7 +4551,7 @@ function _unsupported_iterable_to_array$6(o, minLen) {
                     if (modelDetails == null) {
                         continue;
                     }
-                    if (!models[modelType]) {
+                    if (!(modelType in models)) {
                         models[modelType] = {
                             calls: {}
                         };
@@ -4334,9 +4595,16 @@ function _unsupported_iterable_to_array$6(o, minLen) {
 /**
  * Resolves leaf-level analytics details from the aggregated _apiDetails tree.
  *
- * Walks: call → modelType → specifier (if specifier-level), then reads the `analytics`
+ * Walks: call -> modelType -> specifier (if specifier-level), then reads the `analytics`
  * field from the handler-level {@link OnCallModelFunctionApiDetails}.
- */ function resolveAnalyticsFromApiDetails(apiDetails, call, modelType, specifier) {
+ *
+ * @param apiDetails - The top-level aggregated API details.
+ * @param call - The CRUD operation type to look up.
+ * @param modelType - The Firestore model type to look up.
+ * @param specifier - Optional specifier key for variant handlers.
+ * @returns The analytics details for the resolved handler, or undefined.
+ */ // eslint-disable-next-line @typescript-eslint/max-params
+function resolveAnalyticsFromApiDetails(apiDetails, call, modelType, specifier) {
     var _apiDetails_call;
     var modelDetails = (_apiDetails_call = apiDetails[call]) === null || _apiDetails_call === void 0 ? void 0 : _apiDetails_call.modelTypes[modelType];
     if (modelDetails) {
@@ -4359,6 +4627,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  * which the client can use to display a meaningful "not found" message. Intended to be
  * passed to Firebase permission/existence checking utilities as the
  * {@link FirebaseDoesNotExistErrorContextErrorFunction} callback.
+ *
+ * @param firebaseContextGrantedModelRoles - The granted model roles context containing the document reference.
+ * @returns A model-not-available HTTP error.
  */ var nestFirebaseDoesNotExistError = function nestFirebaseDoesNotExistError(firebaseContextGrantedModelRoles) {
     var _firebaseContextGrantedModelRoles_data, _firebaseContextGrantedModelRoles_data1;
     return modelNotAvailableError({
@@ -4374,6 +4645,10 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  * Returns a "forbidden" HTTP error including the document key, model type, and the roles
  * that were required but not granted. Intended to be passed to Firebase permission checking
  * utilities as the {@link FirebasePermissionErrorContextErrorFunction} callback.
+ *
+ * @param firebaseContextGrantedModelRoles - The granted model roles context containing the document reference.
+ * @param roles - The roles that were required but not granted.
+ * @returns A forbidden HTTP error.
  */ var nestFirebaseForbiddenPermissionError = function nestFirebaseForbiddenPermissionError(firebaseContextGrantedModelRoles, roles) {
     var _firebaseContextGrantedModelRoles_data, _firebaseContextGrantedModelRoles_data1;
     return forbiddenError({
@@ -4426,7 +4701,8 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  *
  * @param fn
  * @param request
- */ function assertRequestRequiresAuthForFunction(fn, request) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- accepts any nest context and input type for generic auth assertion
+function assertRequestRequiresAuthForFunction(fn, request) {
     if (fn._requireAuth !== false) {
         assertIsContextWithAuthData(request);
     }
@@ -4476,13 +4752,15 @@ function _unsupported_iterable_to_array$6(o, minLen) {
  *   fromUpload: updateProfileFromUpload
  * });
  * ```
- */ function onCallSpecifierHandler(config) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function onCallSpecifierHandler(config) {
     var map = util.objectToMap(config);
     var fn = function fn(request) {
         var _request_specifier = request.specifier, specifier = _request_specifier === void 0 ? firebase.MODEL_FUNCTION_FIREBASE_CRUD_FUNCTION_SPECIFIER_DEFAULT : _request_specifier;
         var handler = map.get(specifier);
         if (handler != null) {
             assertRequestRequiresAuthForFunction(handler, request);
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any
             return handler(request);
         } else {
             throw unknownModelCrudFunctionSpecifierError(specifier);
@@ -4499,6 +4777,9 @@ function _unsupported_iterable_to_array$6(o, minLen) {
 /**
  * Creates a bad-request error indicating the provided specifier is not recognized
  * by the current model CRUD handler.
+ *
+ * @param specifier - The unrecognized specifier string.
+ * @returns A bad-request error with UNKNOWN_SPECIFIER_ERROR code.
  */ function unknownModelCrudFunctionSpecifierError(specifier) {
     return badRequestError(util.serverError({
         status: 400,
@@ -4601,8 +4882,7 @@ function _object_spread_props$a(target, source) {
         }
     }
     var fn = function fn(request) {
-        var _request_data, _request_data1;
-        var call = (_request_data = request.data) === null || _request_data === void 0 ? void 0 : _request_data.call;
+        var call = request.data.call;
         if (!call) {
             throw onCallModelMissingCallTypeError();
         }
@@ -4610,18 +4890,21 @@ function _object_spread_props$a(target, source) {
         if (!callFn) {
             throw onCallModelUnknownCallTypeError(call);
         }
-        var _request_data2 = request.data, specifier = _request_data2.specifier, modelType = _request_data2.modelType;
+        var _request_data = request.data, specifier = _request_data.specifier, modelType = _request_data.modelType;
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
         var auth = request.auth;
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
         var context = {
             call: call,
             modelType: modelType,
             specifier: specifier,
             uid: auth === null || auth === void 0 ? void 0 : auth.uid,
             auth: auth,
-            data: (_request_data1 = request.data) === null || _request_data1 === void 0 ? void 0 : _request_data1.data,
+            data: request.data.data,
             request: request
         };
         preAssert(context);
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
         var result;
         // Resolve analytics from _apiDetails tree — callWithAnalytics handles undefined details
         var analyticsService = getAnalyticsService(request);
@@ -4647,6 +4930,8 @@ function _object_spread_props$a(target, source) {
 }
 /**
  * Creates a bad-request error indicating the `call` field was missing from the request payload.
+ *
+ * @returns A bad-request error with CALL_TYPE_MISSING_ERROR code.
  */ function onCallModelMissingCallTypeError() {
     return badRequestError(util.serverError({
         status: 400,
@@ -4656,6 +4941,9 @@ function _object_spread_props$a(target, source) {
 }
 /**
  * Creates a bad-request error indicating the provided `call` type is not recognized.
+ *
+ * @param call - The unrecognized call type string.
+ * @returns A bad-request error with UNKNOWN_CALL_TYPE_ERROR code.
  */ function onCallModelUnknownCallTypeError(call) {
     return badRequestError(util.serverError({
         status: 400,
@@ -4672,14 +4960,16 @@ function _object_spread_props$a(target, source) {
  * Dispatches to the correct model-type handler from the map, enforces auth requirements,
  * runs pre-assertions, and aggregates API details from all handlers for MCP introspection.
  *
+ * @param map - Maps model type strings to their handler functions.
+ * @param config - Configuration including call type, crud type, and error factory.
+ * @returns A callable function that dispatches to the correct model-type handler.
  * @internal Not intended for direct use outside the model CRUD module.
  */ function _onCallWithCallTypeFunction(map, config) {
-    var callType = config.callType; config.crudType; var _config_preAssert = config.preAssert, preAssert = _config_preAssert === void 0 ? function() {
+    var callType = config.callType, _config_preAssert = config.preAssert, preAssert = _config_preAssert === void 0 ? function() {
         return undefined;
     } : _config_preAssert, throwOnUnknownModelType = config.throwOnUnknownModelType;
     var fn = function fn(request) {
-        var _request_data;
-        var modelType = (_request_data = request.data) === null || _request_data === void 0 ? void 0 : _request_data.modelType;
+        var modelType = request.data.modelType;
         var crudFn = map[modelType];
         if (crudFn) {
             var specifier = request.data.specifier;
@@ -4726,15 +5016,18 @@ function _object_spread_props$a(target, source) {
  */ function onCallCreateModel(map) {
     var config = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {};
     var preAssert = config.preAssert;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     return _onCallWithCallTypeFunction(map, {
         callType: 'create',
-        crudType: 'create',
         preAssert: preAssert,
         throwOnUnknownModelType: createModelUnknownModelTypeError
     });
 }
 /**
  * Creates a bad-request error indicating the requested model type is not valid for creation.
+ *
+ * @param modelType - The unrecognized model type string.
+ * @returns A bad-request error with UNKNOWN_TYPE_ERROR code.
  */ function createModelUnknownModelTypeError(modelType) {
     return badRequestError(util.serverError({
         status: 400,
@@ -4766,15 +5059,18 @@ function _object_spread_props$a(target, source) {
  */ function onCallReadModel(map) {
     var config = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {};
     var preAssert = config.preAssert;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     return _onCallWithCallTypeFunction(map, {
         callType: 'read',
-        crudType: 'read',
         preAssert: preAssert,
         throwOnUnknownModelType: readModelUnknownModelTypeError
     });
 }
 /**
  * Creates a bad-request error indicating the requested model type is not valid for reading.
+ *
+ * @param modelType - The unrecognized model type string.
+ * @returns A bad-request error with UNKNOWN_TYPE_ERROR code.
  */ function readModelUnknownModelTypeError(modelType) {
     return badRequestError(util.serverError({
         status: 400,
@@ -4809,15 +5105,18 @@ function _object_spread_props$a(target, source) {
  */ function onCallUpdateModel(map) {
     var config = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {};
     var preAssert = config.preAssert;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     return _onCallWithCallTypeFunction(map, {
         callType: 'update',
-        crudType: 'update',
         preAssert: preAssert,
         throwOnUnknownModelType: updateModelUnknownModelTypeError
     });
 }
 /**
  * Creates a bad-request error indicating the requested model type is not valid for updating.
+ *
+ * @param modelType - The unrecognized model type string.
+ * @returns A bad-request error with UNKNOWN_TYPE_ERROR code.
  */ function updateModelUnknownModelTypeError(modelType) {
     return badRequestError(util.serverError({
         status: 400,
@@ -4849,15 +5148,18 @@ function _object_spread_props$a(target, source) {
  */ function onCallDeleteModel(map) {
     var config = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {};
     var preAssert = config.preAssert;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     return _onCallWithCallTypeFunction(map, {
         callType: 'delete',
-        crudType: 'delete',
         preAssert: preAssert,
         throwOnUnknownModelType: deleteModelUnknownModelTypeError
     });
 }
 /**
  * Creates a bad-request error indicating the requested model type is not valid for deletion.
+ *
+ * @param modelType - The unrecognized model type string.
+ * @returns A bad-request error with UNKNOWN_TYPE_ERROR code.
  */ function deleteModelUnknownModelTypeError(modelType) {
     return badRequestError(util.serverError({
         status: 400,
@@ -5171,6 +5473,7 @@ exports.FirebaseServerAnalyticsSegmentModule = __decorate([
  * Creates a NestJS {@link FactoryProvider} that binds a Firebase Admin app getter to {@link FIREBASE_APP_TOKEN}.
  *
  * @param useFactory - Factory function returning the Firebase Admin app instance.
+ * @returns A NestJS factory provider for the Firebase Admin app.
  *
  * @example
  * ```typescript
@@ -5268,6 +5571,9 @@ exports.FirebaseServerAuthModule = __decorate([
  * Returns two providers: the concrete service and an alias that maps
  * `FirebaseServerAuthService` to the concrete token, enabling injection by the abstract type.
  *
+ * @param provider - The factory provider configuration for the auth service.
+ * @returns A tuple containing the configured provider and an alias provider.
+ *
  * @example
  * ```typescript
  * const providers = provideFirebaseServerAuthService({
@@ -5293,6 +5599,9 @@ exports.FirebaseServerAuthModule = __decorate([
  * Generates NestJS {@link ModuleMetadata} for an app's auth module, including the {@link FirebaseServerAuthModule}
  * import and the custom {@link FirebaseServerAuthService} provider.
  *
+ * @param config - The module metadata configuration including the service provider.
+ * @returns The merged NestJS module metadata.
+ *
  * @example
  * ```typescript
  * @Module(firebaseServerAuthModuleMetadata({
@@ -5316,15 +5625,21 @@ exports.FirebaseServerAuthModule = __decorate([
 /**
  * Asserts that the caller has admin privileges in the request.
  *
+ * @param request - The callable request to check for admin privileges.
  * @throws {HttpsError} Throws forbidden (403) if the caller is not an admin.
- */ function assertIsAdminInRequest(request) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function assertIsAdminInRequest(request) {
     if (!isAdminInRequest(request)) {
         throw forbiddenError();
     }
 }
 /**
  * Checks whether the caller has admin privileges in the request.
- */ function isAdminInRequest(request) {
+ *
+ * @param request - The callable request to check for admin privileges.
+ * @returns True if the caller has admin privileges.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function isAdminInRequest(request) {
     return request.nest.authService.context(request).isAdmin;
 }
 /**
@@ -5332,9 +5647,12 @@ exports.FirebaseServerAuthModule = __decorate([
  *
  * If the request data contains a `uid` that differs from the caller's auth UID, admin status is required.
  *
+ * @param request - The callable request containing the target UID.
+ * @param requireUid - If true, a UID must be present in the request data.
  * @returns The resolved target UID (from request data or auth).
  * @throws {HttpsError} Throws forbidden (403) if the caller is not authorized.
- */ function assertIsAdminOrTargetUserInRequestData(request, requireUid) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function assertIsAdminOrTargetUserInRequestData(request, requireUid) {
     var _request_data_uid;
     var _request_auth;
     if (!isAdminOrTargetUserInRequestData(request, requireUid)) {
@@ -5345,8 +5663,11 @@ exports.FirebaseServerAuthModule = __decorate([
 /**
  * Checks whether the caller is an admin or is targeting their own user record in the request data.
  *
+ * @param request - The callable request containing the target UID.
  * @param requireUid - If true, a UID must be present in the request data.
- */ function isAdminOrTargetUserInRequestData(request) {
+ * @returns True if the caller is an admin or is targeting their own user record.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function isAdminOrTargetUserInRequestData(request) {
     var requireUid = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : false;
     var _request_auth;
     var uid = request.data.uid;
@@ -5360,8 +5681,10 @@ exports.FirebaseServerAuthModule = __decorate([
 /**
  * Asserts that the caller has signed the Terms of Service.
  *
+ * @param request - The callable request to check for ToS status.
  * @throws {HttpsError} Throws forbidden (403) if ToS has not been signed.
- */ function assertHasSignedTosInRequest(request) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function assertHasSignedTosInRequest(request) {
     if (!hasSignedTosInRequest(request)) {
         throw forbiddenError({
             message: 'ToS has not been signed.'
@@ -5370,15 +5693,21 @@ exports.FirebaseServerAuthModule = __decorate([
 }
 /**
  * Checks whether the caller has signed the Terms of Service.
- */ function hasSignedTosInRequest(request) {
+ *
+ * @param request - The callable request to check for ToS status.
+ * @returns True if the caller has signed the Terms of Service.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function hasSignedTosInRequest(request) {
     return request.nest.authService.context(request).hasSignedTos;
 }
 /**
  * Asserts that the caller has all of the specified auth roles.
  *
+ * @param request - The callable request to check for auth roles.
  * @param authRoles - One or more roles that must all be present.
  * @throws {HttpsError} Throws forbidden (403) if any required role is missing.
- */ function assertHasRolesInRequest(request, authRoles) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function assertHasRolesInRequest(request, authRoles) {
     if (!hasAuthRolesInRequest(request, authRoles)) {
         throw forbiddenError({
             message: 'Missing required auth roles.',
@@ -5390,7 +5719,12 @@ exports.FirebaseServerAuthModule = __decorate([
 }
 /**
  * Checks whether the caller has all of the specified auth roles.
- */ function hasAuthRolesInRequest(request, authRoles) {
+ *
+ * @param request - The callable request to check for auth roles.
+ * @param authRoles - One or more roles that must all be present.
+ * @returns True if the caller has all of the specified auth roles.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function hasAuthRolesInRequest(request, authRoles) {
     return util.containsAllValues(request.nest.authService.context(request).authRoles, authRoles);
 }
 /**
@@ -5398,8 +5732,10 @@ exports.FirebaseServerAuthModule = __decorate([
  *
  * This may be used to filter out new users that were not invited from finishing their onboarding.
  *
- * @param request
- */ function hasNewUserSetupPasswordInRequest(request) {
+ * @param request - The callable request to check for setup password claims.
+ * @returns True if the claims contain a setup password key.
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any
+function hasNewUserSetupPasswordInRequest(request) {
     var claims = request.nest.authService.context(request).claims;
     return claims[firebase.FIREBASE_SERVER_AUTH_CLAIMS_SETUP_PASSWORD_KEY] != null;
 }
@@ -5492,6 +5828,9 @@ function _object_spread_props$7(target, source) {
 }
 /**
  * Creates a bad-request error indicating the provided development function specifier is not recognized.
+ *
+ * @param specifier - the unrecognized specifier string from the client request.
+ * @returns A bad-request error with the unknown specifier details.
  */ function developmentUnknownSpecifierError(specifier) {
     return badRequestError(util.serverError({
         status: 400,
@@ -5509,6 +5848,8 @@ function _object_spread_props$7(target, source) {
 /**
  * Creates a bad-request error for when the caller sends a 'run' command
  * without specifying which scheduled function to execute.
+ *
+ * @returns A bad-request error indicating the missing run name.
  */ function noRunNameSpecifiedForScheduledFunctionDevelopmentFunction() {
     return badRequestError({
         code: NO_RUN_NAME_SPECIFIED_FOR_SCHEDULED_FUNCTION_DEVELOPMENT_FUNCTION_CODE,
@@ -5521,6 +5862,9 @@ function _object_spread_props$7(target, source) {
 /**
  * Creates a bad-request error for when the requested scheduled function name
  * is not found in the registered function map.
+ *
+ * @param name - the unrecognized function name from the client request.
+ * @returns A bad-request error with the unknown function name details.
  */ function unknownScheduledFunctionDevelopmentFunctionName(name) {
     return badRequestError({
         code: UNKNOWN_SCHEDULED_FUNCTION_DEVELOPMENT_FUNCTION_NAME_CODE,
@@ -5536,6 +5880,9 @@ function _object_spread_props$7(target, source) {
 /**
  * Creates a bad-request error for when the request `type` field does not match
  * any supported operation ('run' or 'list').
+ *
+ * @param type - the unrecognized type value from the client request.
+ * @returns A bad-request error with the unknown type details.
  */ function unknownScheduledFunctionDevelopmentFunctionType(type) {
     return badRequestError({
         code: UNKNOWN_SCHEDULED_FUNCTION_DEVELOPMENT_FUNCTION_TYPE_CODE,
@@ -5750,7 +6097,7 @@ function _ts_generator$7(thisArg, body) {
         var result = [];
         util.forEachKeyValue(allScheduledFunctions, {
             forEach: function forEach(x) {
-                var _x = _sliced_to_array(x, 2), functionName = _x[0]; _x[1];
+                var _x = _sliced_to_array(x, 1), functionName = _x[0];
                 result.push({
                     name: functionName.toString()
                 });
@@ -5767,12 +6114,12 @@ function _ts_generator$7(thisArg, body) {
                         data = request.data;
                         type = data.type;
                         switch(type){
-                            case 'run':
+                            case firebase.ScheduledFunctionDevelopmentFunctionTypeEnum.RUN:
                                 return [
                                     3,
                                     1
                                 ];
-                            case 'list':
+                            case firebase.ScheduledFunctionDevelopmentFunctionTypeEnum.LIST:
                                 return [
                                     3,
                                     6
@@ -5830,8 +6177,6 @@ function _ts_generator$7(thisArg, body) {
                             }
                         ];
                     case 7:
-                        throw unknownScheduledFunctionDevelopmentFunctionType(type);
-                    case 8:
                         return [
                             2
                         ];
@@ -6019,8 +6364,10 @@ function _ts_generator$6(thisArg, body) {
  *
  * export const { dev } = devFunctions;
  * ```
- */ function firebaseServerDevFunctions(config) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- generic type parameters require `any` for Firebase SDK compatibility
+function firebaseServerDevFunctions(config) {
     var enabled = config.enabled, secure = config.secure, nest = config.nest, developerFunctionsMap = config.developerFunctionsMap, onCallFactory = config.onCallFactory, allScheduledFunctions = config.allScheduledFunctions, disableDevelopmentScheduleFunction = config.disableDevelopmentScheduleFunction;
+    // eslint-disable-next-line @typescript-eslint/no-deprecated -- RunnableHttpFunction supports legacy gen 1 deployments
     var dev;
     if (enabled) {
         var fullFunctionsMap = _object_spread$8({}, developerFunctionsMap);
@@ -6035,7 +6382,7 @@ function _ts_generator$6(thisArg, body) {
         }
         dev = onCallFactory(onCallFunction)(nest);
     } else {
-        dev = onCallFactory(function(x) {
+        dev = onCallFactory(function() {
             return _async_to_generator$6(function() {
                 return _ts_generator$6(this, function(_state) {
                     throw unavailableError({
@@ -6155,6 +6502,8 @@ function _is_native_reflect_construct$1() {
             key: "developmentSchedulerEnabled",
             get: /**
      * Enabled when not in production and not in a testing environment.
+     *
+     * @returns True if the development scheduler should be enabled.
      */ function get() {
                 return !this.isProduction && !this.isTestingEnv;
             }
@@ -6177,6 +6526,9 @@ exports.DefaultFirebaseServerEnvService = __decorate([
  *
  * Useful for conditionally enabling production-only Cloud Functions (e.g., scheduled tasks).
  *
+ * @param nest - getter for the NestJS application context promise.
+ * @returns An async decision function that resolves to `true` in production.
+ *
  * @example
  * ```typescript
  * const isProduction = nestAppIsProductionEnvironment(nestAppGetter);
@@ -6193,6 +6545,9 @@ exports.DefaultFirebaseServerEnvService = __decorate([
  * Creates an async decision function that resolves to `true` if the development scheduler is enabled.
  *
  * The development scheduler is enabled in non-production, non-testing environments.
+ *
+ * @param nest - getter for the NestJS application context promise.
+ * @returns An async decision function that resolves to `true` when the development scheduler is enabled.
  */ function nestAppHasDevelopmentSchedulerEnabled(nest) {
     return function() {
         return nest().then(function(x) {
@@ -6289,6 +6644,11 @@ exports.FirebaseServerFirestoreContextModule = __decorate([
 /**
  * Creates a NestJS provider that initializes a Firestore collections instance from the app's {@link FirestoreContext}.
  *
+ * @param config - The provide token and factory function configuration.
+ * @param config.provide - The class token to provide.
+ * @param config.useFactory - Factory that creates the collections from a FirestoreContext.
+ * @returns A tuple containing the configured NestJS provider.
+ *
  * @example
  * ```typescript
  * const [provider] = provideAppFirestoreCollections({
@@ -6312,6 +6672,9 @@ exports.FirebaseServerFirestoreContextModule = __decorate([
  * Generates NestJS {@link ModuleMetadata} for an app's Firestore module, including the
  * {@link FirebaseServerFirestoreContextModule} import and the app's collections provider.
  *
+ * @param config - The Firestore collections config plus optional additional module metadata.
+ * @returns NestJS module metadata ready to be passed to the `@Module()` decorator.
+ *
  * @example
  * ```typescript
  * @Module(appFirestoreModuleMetadata({
@@ -6621,6 +6984,7 @@ function _object_spread_props$4(target, source) {
  * @param makeNestContext - Factory that creates the typed context from the NestJS application context.
  * @returns A factory for creating nest-context-aware event function handlers.
  */ function cloudEventHandlerWithNestContextFactory(makeNestContext) {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any -- CloudEvent generic requires `any` for SDK compatibility
     return function(fn) {
         return function(nestAppPromiseGetter) {
             var handlerBuilder = function handlerBuilder(handler) {
@@ -6985,6 +7349,8 @@ function _ts_generator$5(thisArg, body) {
 /**
  * Default error logger that writes validation error details to the console.
  * Used when `logError` is `true` or omitted in the factory options.
+ *
+ * @param details - the validation error details to log.
  */ var defaultFirebaseServerActionsTransformFactoryLogErrorFunction = function defaultFirebaseServerActionsTransformFactoryLogErrorFunction(details) {
     console.log('firebaseServerActionsTransformFactory() encountered validation error: ', details);
 };
@@ -7610,7 +7976,8 @@ function _unsupported_iterable_to_array$2(o, minLen) {
                     builder = (_builder1 = builder).exclude.apply(_builder1, _to_consumable_array$2(excludePatterns));
                 }
                 (_builder = builder).forRoutes.apply(_builder, _to_consumable_array$2(forRoutes));
-                this.logger.debug("Configured AppCheck middleware for routes: ".concat(forRoutes.join(', ')).concat(excludePatterns.length > 0 ? " (excluding: ".concat(excludePatterns.join(', '), ")") : ''));
+                var excludeInfo = excludePatterns.length > 0 ? " (excluding: ".concat(excludePatterns.join(', '), ")") : '';
+                this.logger.debug("Configured AppCheck middleware for routes: ".concat(forRoutes.join(', ')).concat(excludeInfo));
             }
         }
     ]);
@@ -8048,16 +8415,28 @@ function _ts_generator$2(thisArg, body) {
 }
 /**
  * Resolves a Google Cloud Storage {@link Bucket} from a {@link StoragePath}.
+ *
+ * @param storage - the Google Cloud Storage client instance.
+ * @param path - the storage path containing the bucket ID.
+ * @returns The resolved Google Cloud Storage bucket.
  */ function googleCloudStorageBucketForStorageFilePath(storage, path) {
     return storage.bucket(path.bucketId);
 }
 /**
  * Resolves a Google Cloud Storage {@link GoogleCloudFile} from a {@link StoragePath}.
+ *
+ * @param storage - the Google Cloud Storage client instance.
+ * @param path - the storage path containing bucket ID and file path.
+ * @returns The resolved Google Cloud Storage file reference.
  */ function googleCloudStorageFileForStorageFilePath(storage, path) {
     return googleCloudStorageBucketForStorageFilePath(storage, path).file(path.pathString);
 }
 /**
  * Converts Google Cloud Storage {@link FileMetadata} into the normalized {@link StorageMetadata} format.
+ *
+ * @param file - the Google Cloud Storage file reference.
+ * @param metadata - the raw file metadata from the Google Cloud SDK.
+ * @returns Normalized storage metadata.
  */ function googleCloudFileMetadataToStorageMetadata(file, metadata) {
     var _metadata_generation;
     var fullPath = file.name;
@@ -8088,6 +8467,10 @@ function _ts_generator$2(thisArg, body) {
  * and ACL operations for a single file in Google Cloud Storage.
  *
  * Handles emulator-specific edge cases (e.g., signing errors, atomic move fallback).
+ *
+ * @param storage - the Google Cloud Storage client instance.
+ * @param storagePath - the storage path identifying the file's bucket and path.
+ * @returns A file accessor with CRUD, streaming, and ACL operations.
  */ function googleCloudStorageAccessorFile(storage$1, storagePath) {
     var file = googleCloudStorageFileForStorageFilePath(storage$1, storagePath);
     function makeDownloadOptions(maxDownloadSizeBytes) {
@@ -8098,7 +8481,7 @@ function _ts_generator$2(thisArg, body) {
     }
     function _configureMetadata(options) {
         var _options_metadata, _options_metadata1, _options_metadata2, _options_metadata3, _options_metadata4, _options_metadata5;
-        var customMetadata = util.filterUndefinedValues(_object_spread$1({}, (_options_metadata = options.metadata) === null || _options_metadata === void 0 ? void 0 : _options_metadata.customMetadata, options === null || options === void 0 ? void 0 : options.customMetadata));
+        var customMetadata = util.filterUndefinedValues(_object_spread$1({}, (_options_metadata = options.metadata) === null || _options_metadata === void 0 ? void 0 : _options_metadata.customMetadata, options.customMetadata));
         return util.filterUndefinedValues({
             cacheControl: (_options_metadata1 = options.metadata) === null || _options_metadata1 === void 0 ? void 0 : _options_metadata1.cacheControl,
             contentDisposition: (_options_metadata2 = options.metadata) === null || _options_metadata2 === void 0 ? void 0 : _options_metadata2.contentDisposition,
@@ -8215,7 +8598,7 @@ function _ts_generator$2(thisArg, body) {
                             return x[0];
                         }).catch(function(e) {
                             var publicUrlBackup;
-                            if (e && e.name === 'SigningError' && (nestjs.isTestNodeEnv() || process.env.FIREBASE_STORAGE_EMULATOR_HOST)) {
+                            if (_instanceof(e, Error) && e.name === 'SigningError' && (nestjs.isTestNodeEnv() || process.env.FIREBASE_STORAGE_EMULATOR_HOST)) {
                                 // NOTE: Signing does not behave properly in the emulator as it is not supported.
                                 // https://github.com/firebase/firebase-tools/issues/3400
                                 // we can return the public url instead.
@@ -8358,7 +8741,7 @@ function _ts_generator$2(thisArg, body) {
         },
         copy: copy,
         delete: function _delete(options) {
-            return file.delete(options).then(function(x) {
+            return file.delete(options).then(function() {
                 return undefined;
             });
         },
@@ -8392,7 +8775,8 @@ function _ts_generator$2(thisArg, body) {
 }
 var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFactory({
     hasItems: function hasItems(result) {
-        return Boolean(result.apiResponse.items || result.apiResponse.prefixes);
+        var _result_apiResponse_items;
+        return Boolean((_result_apiResponse_items = result.apiResponse.items) !== null && _result_apiResponse_items !== void 0 ? _result_apiResponse_items : result.apiResponse.prefixes);
     },
     hasNext: function hasNext(result) {
         return result.nextQuery != null;
@@ -8401,7 +8785,8 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
         var _result_nextQuery;
         return (_result_nextQuery = result.nextQuery) === null || _result_nextQuery === void 0 ? void 0 : _result_nextQuery.pageToken;
     },
-    next: function next(storage, options, folder, result) {
+    next: function next(param, result) {
+        var options = param.options, folder = param.folder;
         return folder.list(_object_spread$1({}, options, result.nextQuery));
     },
     file: function file(storage, fileResult) {
@@ -8411,9 +8796,8 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
         return googleCloudStorageAccessorFolder(storage, folderResult.storagePath);
     },
     filesFromResult: function filesFromResult(result) {
-        var _ref;
-        var _result_apiResponse;
-        var items = (_ref = (_result_apiResponse = result.apiResponse) === null || _result_apiResponse === void 0 ? void 0 : _result_apiResponse.items) !== null && _ref !== void 0 ? _ref : [];
+        var _result_apiResponse_items;
+        var items = (_result_apiResponse_items = result.apiResponse.items) !== null && _result_apiResponse_items !== void 0 ? _result_apiResponse_items : [];
         return items.map(function(x) {
             return {
                 raw: x,
@@ -8426,9 +8810,8 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
         });
     },
     foldersFromResult: function foldersFromResult(result, folder) {
-        var _ref;
-        var _result_apiResponse;
-        var items = (_ref = (_result_apiResponse = result.apiResponse) === null || _result_apiResponse === void 0 ? void 0 : _result_apiResponse.prefixes) !== null && _ref !== void 0 ? _ref : [];
+        var _result_apiResponse_prefixes;
+        var items = (_result_apiResponse_prefixes = result.apiResponse.prefixes) !== null && _result_apiResponse_prefixes !== void 0 ? _result_apiResponse_prefixes : [];
         return items.map(function(prefix) {
             return {
                 raw: prefix,
@@ -8444,6 +8827,10 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
 /**
  * Creates a {@link GoogleCloudStorageAccessorFolder} that supports checking folder existence
  * and listing files/subfolders with pagination.
+ *
+ * @param storage - the Google Cloud Storage client instance.
+ * @param storagePath - the storage path identifying the folder's bucket and prefix.
+ * @returns A folder accessor with existence checking and listing operations.
  */ function googleCloudStorageAccessorFolder(storage, storagePath) {
     var bucket = googleCloudStorageBucketForStorageFilePath(storage, storagePath);
     var file = bucket.file(storagePath.pathString);
@@ -8487,7 +8874,11 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
                     nextQuery: nextQuery,
                     apiResponse: apiResponse
                 };
-                return googleCloudStorageListFilesResultFactory(storage, folder, options, result);
+                return googleCloudStorageListFilesResultFactory({
+                    storage: storage,
+                    folder: folder,
+                    options: options
+                }, result);
             });
         }
     };
@@ -8496,6 +8887,8 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
 /**
  * Creates a {@link FirebaseStorageAccessorDriver} for Google Cloud Storage (Admin SDK).
  *
+ * @returns A server-side storage accessor driver for Google Cloud Storage.
+ *
  * @example
  * ```typescript
  * const driver = googleCloudStorageFirebaseStorageAccessorDriver();
@@ -8517,6 +8910,8 @@ var googleCloudStorageListFilesResultFactory = firebase.storageListFilesResultFa
  *
  * Bundles the server-side storage accessor driver, identified as `@google-cloud/storage`.
  *
+ * @returns A complete set of storage drivers for server-side usage.
+ *
  * @example
  * ```typescript
  * const drivers = googleCloudFirebaseStorageDrivers();
@@ -8618,6 +9013,7 @@ function _define_property$3(obj, key, value) {
  * Storage wrapper and the raw Google Cloud Storage SDK.
  *
  * @param storage - The Firebase Admin Storage instance.
+ * @returns The underlying Google Cloud Storage client.
  *
  * @example
  * ```typescript
@@ -8768,6 +9164,7 @@ exports.FirebaseServerStorageContextModule = __decorate([
  * Creates a NestJS provider that configures the default storage bucket ID.
  *
  * @param input - A bucket ID string or full factory config object.
+ * @returns A NestJS provider for the storage context factory config token.
  * @throws Error if `defaultBucketId` is empty.
  *
  * @example
@@ -8788,6 +9185,8 @@ exports.FirebaseServerStorageContextModule = __decorate([
 }
 /**
  * Returns the default provider config that creates a standard {@link FirebaseServerStorageService}.
+ *
+ * @returns The default provider configuration for FirebaseServerStorageService.
  */ function defaultProvideFirebaseServerStorageServiceSimple() {
     return {
         provide: FirebaseServerStorageService,
@@ -8801,6 +9200,9 @@ exports.FirebaseServerStorageContextModule = __decorate([
  *
  * If the provider token differs from `FirebaseServerStorageService`, an alias provider is added
  * so the service can also be injected by the abstract type.
+ *
+ * @param provider - The storage service provider configuration.
+ * @returns An array of NestJS providers for the storage service.
  */ function provideFirebaseServerStorageService(provider) {
     var _provider_inject;
     var providers = [
@@ -8822,13 +9224,17 @@ exports.FirebaseServerStorageContextModule = __decorate([
  * Generates NestJS {@link ModuleMetadata} for an app's storage module, including the
  * {@link FirebaseServerStorageContextModule} import and the storage service provider.
  *
+ * @param config - Optional configuration including a custom service provider and additional module metadata.
+ * @returns NestJS module metadata ready to be passed to the `@Module()` decorator.
+ *
  * @example
  * ```typescript
  * @Module(firebaseServerStorageModuleMetadata())
  * export class AppStorageModule {}
  * ```
  */ function firebaseServerStorageModuleMetadata(config) {
-    var serviceProvider = config && config.serviceProvider ? config.serviceProvider : defaultProvideFirebaseServerStorageServiceSimple();
+    var _ref;
+    var serviceProvider = (_ref = config === null || config === void 0 ? void 0 : config.serviceProvider) !== null && _ref !== void 0 ? _ref : defaultProvideFirebaseServerStorageServiceSimple();
     var providers = provideFirebaseServerStorageService(serviceProvider);
     var tokensToExport = nestjs.injectionTokensFromProviders(providers);
     return nestjs.mergeModuleMetadata({
@@ -9086,6 +9492,9 @@ function _ts_generator$1(thisArg, body) {
  * times with the same app reuses the existing server. The factory wires up Firebase Admin,
  * environment config, storage, AppCheck middleware, and webhook routes based on the config.
  *
+ * @param config - Configuration for the NestJS server instance including the root module, providers, and middleware options.
+ * @returns A NestServerInstance that manages server lifecycle for the given module class.
+ *
  * @example
  * ```typescript
  * const instance = nestServerInstance({ moduleClass: AppModule, appCheckEnabled: true });
@@ -9101,7 +9510,7 @@ function _ts_generator$1(thisArg, body) {
             var server = express();
             var createNestServer = function createNestServer(expressInstance) {
                 return _async_to_generator$1(function() {
-                    var _config_defaultStorageBucket, _buildNestServerRootModule, rootModule, globalApiRoutePrefixConfig, options, nestApp;
+                    var _config_defaultStorageBucket, _buildNestServerRootModule, rootModule, globalApiRoutePrefixConfig, options, nestApp, configured;
                     return _ts_generator$1(this, function(_state) {
                         switch(_state.label){
                             case 0:
@@ -9131,7 +9540,10 @@ function _ts_generator$1(thisArg, body) {
                                     nestApp = nestApp.setGlobalPrefix(globalApiRoutePrefixConfig.globalApiRoutePrefix, globalApiRoutePrefixConfig);
                                 }
                                 if (configureNestServerInstance) {
-                                    nestApp = configureNestServerInstance(nestApp) || nestApp;
+                                    configured = configureNestServerInstance(nestApp);
+                                    if (configured) {
+                                        nestApp = configured;
+                                    }
                                 }
                                 return [
                                     2,
@@ -9399,16 +9811,31 @@ function _ts_generator(thisArg, body) {
 /**
  * Abstract class that wraps an INestApplicationContext value.
  */ var AbstractNestContext = /*#__PURE__*/ function() {
-    function AbstractNestContext(nest) {
+    function AbstractNestContext(nestApplication) {
         _class_call_check$1(this, AbstractNestContext);
-        _define_property$1(this, "_nest", void 0);
-        this._nest = nest;
+        _define_property$1(this, "_nestApplication", void 0);
+        this._nestApplication = nestApplication;
     }
     _create_class$1(AbstractNestContext, [
         {
             key: "nest",
-            get: function get() {
-                return this._nest;
+            get: /**
+     * Returns the NestJS application context.
+     *
+     * @deprecated use nestApplication instead.
+     * @returns The NestJS application context.
+     */ function get() {
+                return this._nestApplication;
+            }
+        },
+        {
+            key: "nestApplication",
+            get: /**
+     * Returns the NestJS application context.
+     *
+     * @returns The NestJS application context.
+     */ function get() {
+                return this._nestApplication;
             }
         }
     ]);
@@ -9418,7 +9845,8 @@ function _ts_generator(thisArg, body) {
  * Abstract class used for the top-level NestJS context for Firebase services.
  *
  * Your API implementation of this class is usually <AppPrefix>ApiNestContext (e.g. `DemoApiNestContext`).
- */ var AbstractFirebaseNestContext = /*#__PURE__*/ function(AbstractNestContext) {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- FirebaseModelsService generic requires `any` for SDK compatibility
+var AbstractFirebaseNestContext = /*#__PURE__*/ function(AbstractNestContext) {
     _inherits(AbstractFirebaseNestContext, AbstractNestContext);
     function AbstractFirebaseNestContext() {
         _class_call_check$1(this, AbstractFirebaseNestContext);
@@ -9441,13 +9869,13 @@ function _ts_generator(thisArg, body) {
         {
             key: "envService",
             get: function get() {
-                return this.nest.get(FirebaseServerEnvService);
+                return this.nestApplication.get(FirebaseServerEnvService);
             }
         },
         {
             key: "storageService",
             get: function get() {
-                return this.nest.get(FirebaseServerStorageService);
+                return this.nestApplication.get(FirebaseServerStorageService);
             }
         },
         {
@@ -9458,6 +9886,7 @@ function _ts_generator(thisArg, body) {
      *
      * @param auth - The request's auth data reference.
      * @param buildFn - Optional builder to customize the context.
+     * @returns A model context with auth, app, and error factories.
      */ key: "makeModelContext",
             value: function makeModelContext(auth, buildFn) {
                 var base = {
@@ -9479,6 +9908,7 @@ function _ts_generator(thisArg, body) {
      *
      * @param context - The request's auth data reference.
      * @param buildFn - Optional builder to customize the model context.
+     * @returns An in-context models service scoped to the given auth context.
      */ key: "model",
             value: function model(context, buildFn) {
                 var firebaseModelContext = this.makeModelContext(context, buildFn);
@@ -9487,7 +9917,8 @@ function _ts_generator(thisArg, body) {
         },
         {
             key: "useModel",
-            value: function useModel(type, select) {
+            value: // eslint-disable-next-line @typescript-eslint/no-explicit-any -- implementation signature uses `any` to unify overload return types
+            function useModel(type, select) {
                 return _async_to_generator(function() {
                     var _select_use, context, usePromise, use;
                     return _ts_generator(this, function(_state) {
@@ -9549,7 +9980,8 @@ function _define_property(obj, key, value) {
  * Abstract class used for the top-level server NestJS context for server-only services.
  *
  * Your API implementation of this class is usually <AppPrefix>ApiServerNestContext (e.g. `DemoApiServerNestContext`).
- */ var AbstractServerFirebaseNestContext = /*#__PURE__*/ function() {
+ */ // eslint-disable-next-line @typescript-eslint/no-explicit-any -- generic type parameters require `any` for Firebase SDK compatibility
+var AbstractServerFirebaseNestContext = /*#__PURE__*/ function() {
     function AbstractServerFirebaseNestContext(c) {
         _class_call_check(this, AbstractServerFirebaseNestContext);
         _define_property(this, "_context", void 0);
@@ -9565,7 +9997,7 @@ function _define_property(obj, key, value) {
         {
             key: "nest",
             get: function get() {
-                return this.context.nest;
+                return this.context.nestApplication;
             }
         }
     ]);
@@ -9604,6 +10036,8 @@ exports.FirebaseServerAuthNewUserSendSetupDetailsNoSetupConfigError = FirebaseSe
 exports.FirebaseServerAuthNewUserSendSetupDetailsSendOnceError = FirebaseServerAuthNewUserSendSetupDetailsSendOnceError;
 exports.FirebaseServerAuthNewUserSendSetupDetailsThrottleError = FirebaseServerAuthNewUserSendSetupDetailsThrottleError;
 exports.FirebaseServerAuthService = FirebaseServerAuthService;
+exports.FirebaseServerAuthUserBadInputError = FirebaseServerAuthUserBadInputError;
+exports.FirebaseServerAuthUserExistsError = FirebaseServerAuthUserExistsError;
 exports.FirebaseServerEnvService = FirebaseServerEnvService;
 exports.FirebaseServerStorageService = FirebaseServerStorageService;
 exports.GlobalRoutePrefixConfig = GlobalRoutePrefixConfig;