@dereekb/firebase 13.11.17 → 13.12.0

package/eslint/src/lib/require-firestore-rule-for-service-model.rule.d.ts

@@ -0,0 +1,115 @@
+import type { AstNode } from './util';
+/**
+ * Default file name searched relative to the lint root when `firestoreRulesPath` is omitted.
+ */
+export declare const DEFAULT_FIRESTORE_RULES_FILENAME: string;
+/**
+ * Default call-expression callee name the rule looks for to locate the service.ts
+ * model registry. Files without this call are treated as not-a-service.ts and skipped.
+ */
+export declare const DEFAULT_REGISTRY_FACTORY_CALL_NAME: string;
+/**
+ * Default call-expression callee name used to discover `firestoreModelIdentity(...)`
+ * declarations in the workspace.
+ */
+export declare const DEFAULT_IDENTITY_FACTORY_NAME: string;
+/**
+ * Default glob patterns (relative to ESLint `cwd`) the rule scans to build the workspace
+ * identity registry. Covers shared identities in `@dereekb/firebase` source, local model
+ * identities inside `*-firebase` components, and any app-side model files.
+ */
+export declare const DEFAULT_MODEL_SEARCH_ROOTS: readonly string[];
+/**
+ * Inline identity stub used by the rule's spec to bypass workspace globbing.
+ */
+export interface VirtualModelIdentity {
+    readonly modelName: string;
+    readonly collectionName: string;
+    readonly identityVariableName: string;
+    readonly parentIdentityVariableName?: string;
+}
+/**
+ * Options for the require-firestore-rule-for-service-model rule.
+ */
+export interface FirebaseRequireFirestoreRuleForServiceModelRuleOptions {
+    /**
+     * Path to the `firestore.rules` file. Resolved against the ESLint `cwd` when relative.
+     * Defaults to `<cwd>/firestore.rules`.
+     */
+    readonly firestoreRulesPath?: string;
+    /**
+     * Inline `firestore.rules` source used in tests; bypasses filesystem reads when set.
+     */
+    readonly virtualFirestoreRules?: string;
+    /**
+     * Inline `firestoreModelIdentity` registry used in tests; bypasses workspace globbing.
+     */
+    readonly virtualModelIdentities?: readonly VirtualModelIdentity[];
+    /**
+     * Call-expression callee name that marks a file as the app's service.ts. Defaults to
+     * {@link DEFAULT_REGISTRY_FACTORY_CALL_NAME}.
+     */
+    readonly registryFactoryCallName?: string;
+    /**
+     * Call-expression callee name treated as the model-identity factory. Defaults to
+     * {@link DEFAULT_IDENTITY_FACTORY_NAME}.
+     */
+    readonly identityFactoryName?: string;
+    /**
+     * Glob patterns (relative to ESLint `cwd`) used to discover identity declarations.
+     * Defaults to {@link DEFAULT_MODEL_SEARCH_ROOTS}.
+     */
+    readonly modelSearchRoots?: readonly string[];
+    /**
+     * Model names that are intentionally registered in service.ts without a matching block
+     * in firestore.rules. Suppresses the missing-match warning for each name.
+     */
+    readonly allowedMissingCollectionNames?: readonly string[];
+}
+/**
+ * ESLint rule definition for require-firestore-rule-for-service-model.
+ */
+export interface FirebaseRequireFirestoreRuleForServiceModelRuleDefinition {
+    readonly meta: {
+        readonly type: 'problem';
+        readonly fixable: undefined;
+        readonly docs: {
+            readonly description: string;
+            readonly recommended: boolean;
+        };
+        readonly messages: Readonly<Record<string, string>>;
+        readonly schema: readonly object[];
+    };
+    create(context: RuleContext): Record<string, (node: AstNode) => void>;
+}
+interface RuleContext {
+    readonly options: FirebaseRequireFirestoreRuleForServiceModelRuleOptions[];
+    readonly cwd?: string;
+    readonly report: (descriptor: {
+        node: AstNode;
+        messageId: string;
+        data?: Record<string, string>;
+    }) => void;
+}
+/**
+ * ESLint rule that cross-checks every model registered in an app's `service.ts`
+ * (`firebaseModelsService<...>(REGISTRY)`) against the app's `firestore.rules`. Each
+ * registered model must have a `match /<collection>/...` block at the correct nesting
+ * depth (subcollections nested under their parent collection's match, or matched via a
+ * top-level `match /{path=**}/<collection>/...` collection-group rule).
+ *
+ * Models whose model name appears in `allowedMissingCollectionNames` are exempt — used to
+ * document intentional gaps in the rules file.
+ *
+ * @example
+ * ```ts
+ * // OK — firestore.rules has `match /gb/{guestbook} { match /gbe/{guestbookEntry} { ... } }`
+ * export const DEMO_FIREBASE_MODEL_SERVICE_FACTORIES = {
+ *   guestbook: guestbookFirebaseModelServiceFactory,
+ *   guestbookEntry: guestbookEntryFirebaseModelServiceFactory
+ * };
+ * export const demoFirebaseModelServices = firebaseModelsService(DEMO_FIREBASE_MODEL_SERVICE_FACTORIES);
+ * ```
+ */
+export declare const FIREBASE_REQUIRE_FIRESTORE_RULE_FOR_SERVICE_MODEL_RULE: FirebaseRequireFirestoreRuleForServiceModelRuleDefinition;
+export {};

package/eslint/src/lib/require-service-factory-for-dbx-model.rule.d.ts

@@ -0,0 +1,80 @@
+import type { AstNode } from './util';
+/**
+ * Default glob patterns (relative to ESLint `cwd`) used to locate model + factory source files.
+ * Mirrors {@link require-firestore-rule-for-service-model}'s search roots so the orphan rule
+ * picks up factories declared anywhere a model interface might also live.
+ */
+export declare const DEFAULT_FACTORY_SEARCH_ROOTS: readonly string[];
+/**
+ * Default name of the `@dbxModel` marker tag that triggers the orphan check.
+ */
+export declare const DEFAULT_MODEL_MARKER_TAG: string;
+/**
+ * Default name of the `@dbxModelServiceFactory <modelType>` tag the rule cross-references.
+ */
+export declare const DEFAULT_FACTORY_TAG: string;
+/**
+ * Options for the require-service-factory-for-dbx-model rule.
+ */
+export interface FirebaseRequireServiceFactoryForDbxModelRuleOptions {
+    /**
+     * Glob patterns (relative to ESLint `cwd`) the rule scans to discover
+     * `@dbxModelServiceFactory <modelType>` declarations. Defaults to
+     * {@link DEFAULT_FACTORY_SEARCH_ROOTS}.
+     */
+    readonly factorySearchRoots?: readonly string[];
+    /**
+     * Inline factory set used in tests; bypasses filesystem globbing.
+     */
+    readonly virtualFactoryModelTypes?: readonly string[];
+    /**
+     * Override the `@dbxModel` marker tag name. Defaults to {@link DEFAULT_MODEL_MARKER_TAG}.
+     */
+    readonly modelMarkerTag?: string;
+    /**
+     * Override the `@dbxModelServiceFactory` tag name. Defaults to {@link DEFAULT_FACTORY_TAG}.
+     */
+    readonly factoryTag?: string;
+    /**
+     * Model interface names that are intentionally declared without a matching service factory.
+     * Suppresses the warning for each name.
+     */
+    readonly ignoreModels?: readonly string[];
+}
+/**
+ * ESLint rule definition for require-service-factory-for-dbx-model.
+ */
+export interface FirebaseRequireServiceFactoryForDbxModelRuleDefinition {
+    readonly meta: {
+        readonly type: 'suggestion';
+        readonly fixable: undefined;
+        readonly docs: {
+            readonly description: string;
+            readonly recommended: boolean;
+        };
+        readonly messages: Readonly<Record<string, string>>;
+        readonly schema: readonly object[];
+    };
+    create(context: RuleContext): Record<string, (node: AstNode) => void>;
+}
+interface RuleContext {
+    readonly options: FirebaseRequireServiceFactoryForDbxModelRuleOptions[];
+    readonly cwd?: string;
+    readonly sourceCode: AstNode;
+    readonly report: (descriptor: {
+        node: AstNode;
+        messageId: string;
+        data?: Record<string, string>;
+    }) => void;
+}
+/**
+ * ESLint rule that flags every `@dbxModel`-marked interface that has no matching
+ * `@dbxModelServiceFactory <modelType>` declaration elsewhere in the workspace.
+ *
+ * The expected `modelType` is derived from the interface name by lowercasing the first
+ * character (matching the `FirestoreModelIdentity.modelType` convention). Models that are
+ * intentionally factory-less (e.g. sub-objects mis-marked as `@dbxModel`) can be silenced via
+ * the `ignoreModels` option.
+ */
+export declare const FIREBASE_REQUIRE_SERVICE_FACTORY_FOR_DBX_MODEL_RULE: FirebaseRequireServiceFactoryForDbxModelRuleDefinition;
+export {};

package/eslint/src/lib/require-storagefile-policy-matches-rules.rule.d.ts

@@ -0,0 +1,79 @@
+import { type AstNode } from './util';
+/**
+ * Default type name the rule looks for on top-level declarators. Variables whose type
+ * annotation resolves to this identifier are treated as upload policies and validated
+ * against `storage.rules`.
+ */
+export declare const DEFAULT_STORAGE_FILE_UPLOAD_POLICY_TYPE_NAME: string;
+/**
+ * Default file name searched relative to the lint root when `storageRulesPath` is omitted.
+ */
+export declare const DEFAULT_STORAGE_RULES_FILENAME: string;
+/**
+ * Options for the require-storagefile-policy-matches-rules rule.
+ */
+export interface FirebaseRequireStorageFilePolicyMatchesRulesRuleOptions {
+    /**
+     * Path to the `storage.rules` file. Resolved against the ESLint `cwd` when relative.
+     * Defaults to `<cwd>/storage.rules`.
+     */
+    readonly storageRulesPath?: string;
+    /**
+     * Inline `storage.rules` source used in tests; bypasses filesystem reads when set.
+     */
+    readonly virtualStorageRules?: string;
+    /**
+     * Type-annotation identifier the rule treats as the upload-policy marker. Defaults to
+     * {@link DEFAULT_STORAGE_FILE_UPLOAD_POLICY_TYPE_NAME}.
+     */
+    readonly policyTypeName?: string;
+}
+/**
+ * ESLint rule definition for require-storagefile-policy-matches-rules.
+ */
+export interface FirebaseRequireStorageFilePolicyMatchesRulesRuleDefinition {
+    readonly meta: {
+        readonly type: 'problem';
+        readonly fixable: undefined;
+        readonly docs: {
+            readonly description: string;
+            readonly recommended: boolean;
+        };
+        readonly messages: Readonly<Record<string, string>>;
+        readonly schema: readonly object[];
+    };
+    create(context: RuleContext): Record<string, (node: AstNode) => void>;
+}
+interface RuleContext {
+    readonly options: FirebaseRequireStorageFilePolicyMatchesRulesRuleOptions[];
+    readonly cwd?: string;
+    readonly report: (descriptor: {
+        node: AstNode;
+        messageId: string;
+        data?: Record<string, string>;
+    }) => void;
+}
+/**
+ * ESLint rule that cross-checks every `StorageFilePurposeUploadPolicy`-typed declaration in
+ * a `*-firebase` component against the workspace's `storage.rules`. Each policy must have a
+ * paired `// Mirrors STORAGE_FILE_PURPOSE_UPLOAD_POLICIES[<KEY>]` match block whose
+ * `request.resource.size` cap and `request.resource.contentType` predicate are at least as
+ * permissive as the TypeScript policy's `maxFileSizeBytes` and `allowedMimeTypes`.
+ *
+ * Reports on the TS side so drift surfaces in the normal lint pipeline; mismatches almost
+ * always originate from editing one side and forgetting the other.
+ *
+ * @example
+ * ```ts
+ * // OK — storage.rules has `Mirrors ...[USER_AVATAR_PURPOSE]` block with matching constraints
+ * export const USER_AVATAR_UPLOAD_POLICY: StorageFilePurposeUploadPolicy = {
+ *   purpose: USER_AVATAR_PURPOSE,
+ *   allowedMimeTypes: ['image/jpeg', 'image/png'],
+ *   maxFileSizeBytes: 16 * 1024 * 1024,
+ *   buildUploadPath: ({ uid }) => userAvatarUploadsFilePath(uid),
+ *   requiresFilenameInput: false
+ * };
+ * ```
+ */
+export declare const FIREBASE_REQUIRE_STORAGEFILE_POLICY_MATCHES_RULES_RULE: FirebaseRequireStorageFilePolicyMatchesRulesRuleDefinition;
+export {};

package/eslint/src/lib/storage-rules-parser.d.ts

@@ -0,0 +1,38 @@
+import { type PredicateBranch } from './predicate-evaluator';
+/**
+ * Marker comment that pairs a `storage.rules` match block with a TypeScript policy key
+ * in `STORAGE_FILE_PURPOSE_UPLOAD_POLICIES`. The capture group is the policy key constant
+ * name, e.g. `USER_AVATAR_PURPOSE`.
+ */
+export declare const MIRRORS_POLICY_KEY_MARKER_REGEX: RegExp;
+/**
+ * One disjunct of an `allow write: if ...` predicate after helper-function expansion.
+ * Always carries a numeric byte cap plus at least one MIME constraint (literal or regex).
+ *
+ * Structurally identical to the evaluator's {@link PredicateBranch}; the alias keeps the
+ * existing public type name stable for downstream consumers.
+ */
+export type ParsedRuleBranch = PredicateBranch;
+/**
+ * One `match /<path>` block in `storage.rules` paired with a `// Mirrors ...` marker.
+ * `branches` carries the disjunction of (size, MIME) tuples extracted from the block's
+ * `allow write` predicate; `unsupported` is set when the parser cannot reduce the
+ * predicate to >=1 valid branch.
+ */
+export interface ParsedStorageRulesBlock {
+    readonly mirrorsPolicyKey: string;
+    readonly matchPath: string;
+    readonly branches: readonly ParsedRuleBranch[];
+    readonly sourceLine: number;
+    readonly sourceColumn: number;
+    readonly unsupported?: string;
+}
+/**
+ * Parses a `storage.rules` source string and returns every match block paired with a
+ * `// Mirrors STORAGE_FILE_PURPOSE_UPLOAD_POLICIES[<KEY>]` marker. Catch-all deny blocks
+ * are skipped; the rest of the tree is walked normally.
+ *
+ * @param source - The raw rules source text.
+ * @returns Parsed mirrored blocks in source order.
+ */
+export declare function parseStorageRules(source: string): ParsedStorageRulesBlock[];

package/index.cjs.js

@@ -11479,6 +11479,9 @@ function mapHttpsCallable(callable, wrap) {
 /**
  * Pre-configured OnCallTypedModelParamsFunctions for 'query'
  */ var onCallQueryModelParams = onCallTypedModelParamsFunction('query');
+/**
+ * Pre-configured OnCallTypedModelParamsFunctions for 'invoke'
+ */ var onCallInvokeModelParams = onCallTypedModelParamsFunction('invoke');
 /**
  * Key used on the front-end and backend that refers to the call function.
  */ var CALL_MODEL_APP_FUNCTION_KEY = 'callModel';
@@ -11893,8 +11896,9 @@ var READ_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "read");
 var UPDATE_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "update");
 var DELETE_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "delete");
 var QUERY_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "query");
+var INVOKE_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "invoke");
 /**
- * Canonical CRUD scopes enforced on the `callModel` API.
+ * Canonical CRUD + invoke scopes enforced on the `callModel` API.
  *
  * Each scope corresponds 1:1 to a {@link KnownOnCallFunctionType}; see
  * {@link CALL_MODEL_OIDC_SCOPE_FOR_CALL_TYPE}.
@@ -11903,16 +11907,18 @@ var QUERY_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "query");
     READ_MODEL_OIDC_SCOPE,
     UPDATE_MODEL_OIDC_SCOPE,
     DELETE_MODEL_OIDC_SCOPE,
-    QUERY_MODEL_OIDC_SCOPE
+    QUERY_MODEL_OIDC_SCOPE,
+    INVOKE_MODEL_OIDC_SCOPE
 ];
 /**
- * Maps each known CRUD call type to the scope an OIDC token must carry to invoke it.
+ * Maps each known call type to the scope an OIDC token must carry to invoke it.
  */ var CALL_MODEL_OIDC_SCOPE_FOR_CALL_TYPE = {
     create: 'model.create',
     read: 'model.read',
     update: 'model.update',
     delete: 'model.delete',
-    query: 'model.query'
+    query: 'model.query',
+    invoke: 'model.invoke'
 };
 /**
  * Resolves the OIDC scope that an OIDC-authenticated caller must hold to invoke
@@ -11957,6 +11963,11 @@ var QUERY_MODEL_OIDC_SCOPE = "".concat(CALL_MODEL_OIDC_SCOPE_PREFIX, "query");
         label: 'Query models',
         value: 'model.query',
         description: 'Query model records via the callModel API'
+    },
+    {
+        label: 'Invoke model operations',
+        value: 'model.invoke',
+        description: 'Invoke RPC-style operations on model records via the callModel API'
     }
 ];
 // MARK: Standard OIDC Scopes
@@ -12036,6 +12047,7 @@ var FIREBASE_SERVER_AUTH_CLAIMS_SETUP_PASSWORD_KEY = 'setupPassword';
 var FIREBASE_SERVER_AUTH_CLAIMS_SETUP_LAST_COM_DATE_KEY = 'setupCommunicationAt';
 var FIREBASE_SERVER_AUTH_CLAIMS_RESET_PASSWORD_KEY = 'resetPassword';
 var FIREBASE_SERVER_AUTH_CLAIMS_RESET_LAST_COM_DATE_KEY = 'resetCommunicationAt';
+var FIREBASE_SERVER_AUTH_CLAIMS_RESET_EXPIRES_AT_KEY = 'resetExpiresAt';
 
 /**
  * Extracts the {@link FirebaseAuthContextInfo} from a {@link FirebaseAuthContext}.
@@ -18820,6 +18832,34 @@ var downloadMultipleStorageFilesParamsType = /* @__PURE__ */ arktype.type({
     'asAdmin?': model.clearable('boolean'),
     'throwOnFirstError?': model.clearable('boolean')
 });
+// MARK: Create Signed Upload URL
+/**
+ * Lower bound for caller-supplied `expiresInMs` on signed-upload-url generation.
+ *
+ * Anything shorter than 30 seconds is unrealistic for a caller to pick up a
+ * URL, perform the PUT, and acknowledge before the URL expires.
+ */ var CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MIN_EXPIRES_IN_MS = 30 * 1000;
+/**
+ * Upper bound for caller-supplied `expiresInMs` on signed-upload-url generation.
+ *
+ * 10 minutes is the longest acceptable window for a one-shot upload URL. Any
+ * legitimate caller should be uploading within this window; longer windows
+ * increase the blast radius if the URL leaks.
+ */ var CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_EXPIRES_IN_MS = 10 * 60 * 1000;
+/**
+ * Default `expiresInMs` applied when the caller does not supply one.
+ */ var DEFAULT_CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_EXPIRES_IN_MS = 5 * 60 * 1000;
+/**
+ * Maximum length of a caller-supplied filename. Enforced both at the ArkType
+ * layer and again by the handler's sanitizer.
+ */ var CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_FILENAME_LENGTH = 200;
+var createStorageFileSignedUploadUrlParamsType = /* @__PURE__ */ arktype.type({
+    purpose: 'string > 0',
+    contentType: 'string > 0',
+    'filename?': model.clearable("string > 0 & string <= ".concat(CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_FILENAME_LENGTH)),
+    fileSizeBytes: 'number > 0',
+    'expiresInMs?': model.clearable("number >= ".concat(CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MIN_EXPIRES_IN_MS, " & number <= ").concat(CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_EXPIRES_IN_MS))
+});
 var createStorageFileGroupParamsType = /* @__PURE__ */ arktype.type({
     'model?': model.clearable(firestoreModelKeyType),
     'storageFileId?': model.clearable(firestoreModelIdType)
@@ -18846,7 +18886,7 @@ var initializeAllApplicableStorageFileGroupsParamsType = /* @__PURE__ */ arktype
 var STORAGE_FILE_FUNCTION_TYPE_CONFIG_MAP = {};
 var STORAGE_FILE_MODEL_CRUD_FUNCTIONS_CONFIG = {
     storageFile: [
-        'create:_,fromUpload,allFromUpload',
+        'create:_,fromUpload,allFromUpload,signedUploadUrl',
         'update:_,process,syncWithGroups',
         'delete:_',
         'read:download,downloadMultiple'
@@ -21252,6 +21292,9 @@ exports.CONFLICT_ERROR_CODE = CONFLICT_ERROR_CODE;
 exports.COPY_USER_RELATED_DATA_ACCESSOR_FACTORY_FUNCTION = COPY_USER_RELATED_DATA_ACCESSOR_FACTORY_FUNCTION;
 exports.CREATE_MODEL_OIDC_SCOPE = CREATE_MODEL_OIDC_SCOPE;
 exports.CREATE_NOTIFICATION_ID_REQUIRED_ERROR_CODE = CREATE_NOTIFICATION_ID_REQUIRED_ERROR_CODE;
+exports.CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_EXPIRES_IN_MS = CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_EXPIRES_IN_MS;
+exports.CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_FILENAME_LENGTH = CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MAX_FILENAME_LENGTH;
+exports.CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MIN_EXPIRES_IN_MS = CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_MIN_EXPIRES_IN_MS;
 exports.ContextGrantedModelRolesReaderInstance = ContextGrantedModelRolesReaderInstance;
 exports.DBX_FIREBASE_SERVER_NO_AUTH_ERROR_CODE = DBX_FIREBASE_SERVER_NO_AUTH_ERROR_CODE;
 exports.DBX_FIREBASE_SERVER_NO_UID_ERROR_CODE = DBX_FIREBASE_SERVER_NO_UID_ERROR_CODE;
@@ -21259,6 +21302,7 @@ exports.DBX_FIREBASE_SERVER_PASSWORD_RESET_INVALID_CODE_ERROR_CODE = DBX_FIREBAS
 exports.DBX_FIREBASE_SERVER_PASSWORD_RESET_NO_CONFIG_ERROR_CODE = DBX_FIREBASE_SERVER_PASSWORD_RESET_NO_CONFIG_ERROR_CODE;
 exports.DBX_FIREBASE_SERVER_PASSWORD_RESET_SEND_ONCE_ERROR_CODE = DBX_FIREBASE_SERVER_PASSWORD_RESET_SEND_ONCE_ERROR_CODE;
 exports.DBX_FIREBASE_SERVER_PASSWORD_RESET_THROTTLE_ERROR_CODE = DBX_FIREBASE_SERVER_PASSWORD_RESET_THROTTLE_ERROR_CODE;
+exports.DEFAULT_CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_EXPIRES_IN_MS = DEFAULT_CREATE_STORAGE_FILE_SIGNED_UPLOAD_URL_EXPIRES_IN_MS;
 exports.DEFAULT_DATE_CELL_RANGE_VALUE = DEFAULT_DATE_CELL_RANGE_VALUE;
 exports.DEFAULT_FIRESTORE_DATE_CELL_SCHEDULE_VALUE = DEFAULT_FIRESTORE_DATE_CELL_SCHEDULE_VALUE;
 exports.DEFAULT_FIRESTORE_ITEM_PAGE_ITERATOR_ITEMS_PER_PAGE = DEFAULT_FIRESTORE_ITEM_PAGE_ITERATOR_ITEMS_PER_PAGE;
@@ -21300,6 +21344,7 @@ exports.FIREBASE_AUTH_QUOTA_EXCEEDED_ERROR = FIREBASE_AUTH_QUOTA_EXCEEDED_ERROR;
 exports.FIREBASE_AUTH_USER_NOT_FOUND_ERROR = FIREBASE_AUTH_USER_NOT_FOUND_ERROR;
 exports.FIREBASE_AUTH_WRONG_PASSWORD = FIREBASE_AUTH_WRONG_PASSWORD;
 exports.FIREBASE_DEVELOPMENT_FUNCTIONS_MAP_KEY = FIREBASE_DEVELOPMENT_FUNCTIONS_MAP_KEY;
+exports.FIREBASE_SERVER_AUTH_CLAIMS_RESET_EXPIRES_AT_KEY = FIREBASE_SERVER_AUTH_CLAIMS_RESET_EXPIRES_AT_KEY;
 exports.FIREBASE_SERVER_AUTH_CLAIMS_RESET_LAST_COM_DATE_KEY = FIREBASE_SERVER_AUTH_CLAIMS_RESET_LAST_COM_DATE_KEY;
 exports.FIREBASE_SERVER_AUTH_CLAIMS_RESET_PASSWORD_KEY = FIREBASE_SERVER_AUTH_CLAIMS_RESET_PASSWORD_KEY;
 exports.FIREBASE_SERVER_AUTH_CLAIMS_SETUP_LAST_COM_DATE_KEY = FIREBASE_SERVER_AUTH_CLAIMS_SETUP_LAST_COM_DATE_KEY;
@@ -21335,6 +21380,7 @@ exports.FirebaseModelPermissionServiceInstance = FirebaseModelPermissionServiceI
 exports.FirebaseServerError = FirebaseServerError;
 exports.HIGH_UPLOADED_FILE_TYPE_DETERMINATION_LEVEL = HIGH_UPLOADED_FILE_TYPE_DETERMINATION_LEVEL;
 exports.INTERNAL_SERVER_ERROR_CODE = INTERNAL_SERVER_ERROR_CODE;
+exports.INVOKE_MODEL_OIDC_SCOPE = INVOKE_MODEL_OIDC_SCOPE;
 exports.LOW_UPLOADED_FILE_TYPE_DETERMINATION_LEVEL = LOW_UPLOADED_FILE_TYPE_DETERMINATION_LEVEL;
 exports.MAX_FIRESTORE_MAP_ZOOM_LEVEL_VALUE = MAX_FIRESTORE_MAP_ZOOM_LEVEL_VALUE;
 exports.MAX_ON_CALL_QUERY_MODEL_LIMIT = MAX_ON_CALL_QUERY_MODEL_LIMIT;
@@ -21498,6 +21544,7 @@ exports.createStorageFileDocumentPair = createStorageFileDocumentPair;
 exports.createStorageFileDocumentPairFactory = createStorageFileDocumentPairFactory;
 exports.createStorageFileGroupParamsType = createStorageFileGroupParamsType;
 exports.createStorageFileParamsType = createStorageFileParamsType;
+exports.createStorageFileSignedUploadUrlParamsType = createStorageFileSignedUploadUrlParamsType;
 exports.dataFromDocumentSnapshots = dataFromDocumentSnapshots;
 exports.dataFromSnapshotStream = dataFromSnapshotStream;
 exports.defaultPagedItemPageDataConverter = defaultPagedItemPageDataConverter;
@@ -21862,6 +21909,7 @@ exports.onCallCreateModelResult = onCallCreateModelResult;
 exports.onCallCreateModelResultWithDocs = onCallCreateModelResultWithDocs;
 exports.onCallDeleteModelParams = onCallDeleteModelParams;
 exports.onCallDevelopmentParams = onCallDevelopmentParams;
+exports.onCallInvokeModelParams = onCallInvokeModelParams;
 exports.onCallQueryModelParams = onCallQueryModelParams;
 exports.onCallReadModelParams = onCallReadModelParams;
 exports.onCallTypedModelParams = onCallTypedModelParams;