npm - @directus/api - Versions diffs - 21.0.0 → 22.0.0 - Mend

@directus/api 21.0.0 → 22.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (285) hide show

package/dist/utils/get-accountability-for-token.js CHANGED Viewed

@@ -1,41 +1,40 @@
 import { InvalidCredentialsError } from '@directus/errors';
 import getDatabase from '../database/index.js';
+import { fetchRolesTree } from '../permissions/lib/fetch-roles-tree.js';
+import { fetchGlobalAccess } from '../permissions/modules/fetch-global-access/fetch-global-access.js';
+import { createDefaultAccountability } from '../permissions/utils/create-default-accountability.js';
 import { getSecret } from './get-secret.js';
 import isDirectusJWT from './is-directus-jwt.js';
-import { verifySessionJWT } from './verify-session-jwt.js';
 import { verifyAccessJWT } from './jwt.js';
+import { verifySessionJWT } from './verify-session-jwt.js';
 export async function getAccountabilityForToken(token, accountability) {
     if (!accountability) {
-        accountability = {
-            user: null,
-            role: null,
-            admin: false,
-            app: false,
-        };
+        accountability = createDefaultAccountability();
     }
+    // Try finding the user with the provided token
+    const database = getDatabase();
     if (token) {
         if (isDirectusJWT(token)) {
             const payload = verifyAccessJWT(token, getSecret());
             if ('session' in payload) {
                 await verifySessionJWT(payload);
             }
-            accountability.role = payload.role;
-            accountability.admin = payload.admin_access === true || payload.admin_access == 1;
-            accountability.app = payload.app_access === true || payload.app_access == 1;
             if (payload.share)
                 accountability.share = payload.share;
             if (payload.share_scope)
                 accountability.share_scope = payload.share_scope;
             if (payload.id)
                 accountability.user = payload.id;
+            accountability.role = payload.role;
+            accountability.roles = await fetchRolesTree(payload.role, database);
+            const { admin, app } = await fetchGlobalAccess(accountability, database);
+            accountability.admin = admin;
+            accountability.app = app;
         }
         else {
-            // Try finding the user with the provided token
-            const database = getDatabase();
             const user = await database
-                .select('directus_users.id', 'directus_users.role', 'directus_roles.admin_access', 'directus_roles.app_access')
+                .select('directus_users.id', 'directus_users.role')
                 .from('directus_users')
-                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
                 .where({
                 'directus_users.token': token,
                 status: 'active',
@@ -46,8 +45,10 @@ export async function getAccountabilityForToken(token, accountability) {
             }
             accountability.user = user.id;
             accountability.role = user.role;
-            accountability.admin = user.admin_access === true || user.admin_access == 1;
-            accountability.app = user.app_access === true || user.app_access == 1;
+            accountability.roles = await fetchRolesTree(user.role, database);
+            const { admin, app } = await fetchGlobalAccess(accountability, database);
+            accountability.admin = admin;
+            accountability.app = app;
         }
     }
     return accountability;

package/dist/utils/get-cache-key.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
 /// <reference types="cookie-parser" />
 import type { Request } from 'express';
-export declare function getCacheKey(req: Request): string;
+export declare function getCacheKey(req: Request): Promise<string>;

package/dist/utils/get-cache-key.js CHANGED Viewed

@@ -1,15 +1,26 @@
 import hash from 'object-hash';
 import url from 'url';
+import getDatabase from '../database/index.js';
+import { fetchPoliciesIpAccess } from '../permissions/modules/fetch-policies-ip-access/fetch-policies-ip-access.js';
 import { getGraphqlQueryAndVariables } from './get-graphql-query-and-variables.js';
 import { version } from 'directus/version';
-export function getCacheKey(req) {
+import { ipInNetworks } from './ip-in-networks.js';
+export async function getCacheKey(req) {
     const path = url.parse(req.originalUrl).pathname;
     const isGraphQl = path?.startsWith('/graphql');
+    let includeIp = false;
+    if (req.accountability && req.accountability.ip) {
+        // Check if the IP influences the result of the request, that can be the case if some policies have an ip_access
+        // filter and the request IP matches any of those filters
+        const ipFilters = await fetchPoliciesIpAccess(req.accountability, getDatabase());
+        includeIp = ipFilters.length > 0 && ipFilters.some((networks) => ipInNetworks(req.accountability.ip, networks));
+    }
     const info = {
         version,
         user: req.accountability?.user || null,
         path,
         query: isGraphQl ? getGraphqlQueryAndVariables(req) : req.sanitizedQuery,
+        ...(includeIp && { ip: req.accountability.ip }),
     };
     const key = hash(info);
     return key;

package/dist/utils/get-column.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import type { Query, SchemaOverview } from '@directus/types';
+import type { Filter, Query, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';
 type GetColumnOptions = {
     query?: Query | undefined;
+    cases?: Filter[];
     originalCollectionName?: string | undefined;
 };
 /**

package/dist/utils/get-column.js CHANGED Viewed

@@ -30,6 +30,7 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
             const result = fn[functionName](table, columnName, {
                 type,
                 query: options?.query,
+                cases: options?.cases,
                 originalCollectionName: options?.originalCollectionName,
             });
             if (alias) {

package/dist/utils/get-service.js CHANGED Viewed

@@ -1,11 +1,13 @@
 import { ForbiddenError } from '@directus/errors';
-import { ActivityService, DashboardsService, FilesService, FlowsService, FoldersService, ItemsService, NotificationsService, OperationsService, PanelsService, PermissionsService, PresetsService, RevisionsService, RolesService, SettingsService, SharesService, TranslationsService, UsersService, VersionsService, WebhooksService, } from '../services/index.js';
+import { AccessService, ActivityService, DashboardsService, FilesService, FlowsService, FoldersService, ItemsService, NotificationsService, OperationsService, PanelsService, PermissionsService, PoliciesService, PresetsService, RevisionsService, RolesService, SettingsService, SharesService, TranslationsService, UsersService, VersionsService, WebhooksService, } from '../services/index.js';
 /**
  * Select the correct service for the given collection. This allows the individual services to run
  * their custom checks (f.e. it allows `UsersService` to prevent updating TFA secret from outside).
  */
 export function getService(collection, opts) {
     switch (collection) {
+        case 'directus_access':
+            return new AccessService(opts);
         case 'directus_activity':
             return new ActivityService(opts);
         case 'directus_dashboards':
@@ -26,6 +28,8 @@ export function getService(collection, opts) {
             return new PermissionsService(opts);
         case 'directus_presets':
             return new PresetsService(opts);
+        case 'directus_policies':
+            return new PoliciesService(opts);
         case 'directus_revisions':
             return new RevisionsService(opts);
         case 'directus_roles':

package/dist/utils/reduce-schema.d.ts CHANGED Viewed

@@ -1,9 +1,7 @@
-import type { Permission, PermissionsAction, SchemaOverview } from '@directus/types';
+import type { SchemaOverview } from '@directus/types';
+import type { FieldMap } from '../permissions/modules/fetch-allowed-field-map/fetch-allowed-field-map.js';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
- * the allowed collections/fields/relations included based on the permissions.
- * @param schema The full project schema
- * @param actions Array of permissions actions (crud)
- * @returns Reduced schema
+ * the allowed collections/fields/relations included based on the passed field map.
  */
-export declare function reduceSchema(schema: SchemaOverview, permissions: Permission[] | null, actions?: PermissionsAction[]): SchemaOverview;
+export declare function reduceSchema(schema: SchemaOverview, fieldMap: FieldMap): SchemaOverview;

package/dist/utils/reduce-schema.js CHANGED Viewed

@@ -1,40 +1,24 @@
-import { uniq } from 'lodash-es';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
- * the allowed collections/fields/relations included based on the permissions.
- * @param schema The full project schema
- * @param actions Array of permissions actions (crud)
- * @returns Reduced schema
+ * the allowed collections/fields/relations included based on the passed field map.
  */
-export function reduceSchema(schema, permissions, actions = ['create', 'read', 'update', 'delete']) {
+export function reduceSchema(schema, fieldMap) {
     const reduced = {
         collections: {},
         relations: [],
     };
-    const allowedFieldsInCollection = permissions
-        ?.filter((permission) => actions.includes(permission.action))
-        .reduce((acc, permission) => {
-        if (!acc[permission.collection]) {
-            acc[permission.collection] = [];
-        }
-        if (permission.fields) {
-            acc[permission.collection] = uniq([...acc[permission.collection], ...permission.fields]);
-        }
-        return acc;
-    }, {}) ?? {};
     for (const [collectionName, collection] of Object.entries(schema.collections)) {
-        if (!permissions?.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
+        if (!fieldMap[collectionName]) {
+            // Collection is not allowed at all
             continue;
         }
         const fields = {};
         for (const [fieldName, field] of Object.entries(schema.collections[collectionName].fields)) {
-            if (!allowedFieldsInCollection[collectionName]?.includes('*') &&
-                !allowedFieldsInCollection[collectionName]?.includes(fieldName)) {
+            if (!fieldMap[collectionName]?.includes('*') && !fieldMap[collectionName]?.includes(fieldName)) {
                 continue;
             }
             const o2mRelation = schema.relations.find((relation) => relation.related_collection === collectionName && relation.meta?.one_field === fieldName);
-            if (o2mRelation &&
-                !permissions?.some((permission) => permission.collection === o2mRelation.collection && actions.includes(permission.action))) {
+            if (o2mRelation && !fieldMap[collectionName]) {
                 continue;
             }
             fields[fieldName] = field;
@@ -47,29 +31,29 @@ export function reduceSchema(schema, permissions, actions = ['create', 'read', '
     reduced.relations = schema.relations.filter((relation) => {
         let collectionsAllowed = true;
         let fieldsAllowed = true;
-        if (Object.keys(allowedFieldsInCollection).includes(relation.collection) === false) {
+        if (Object.keys(fieldMap).includes(relation.collection) === false) {
             collectionsAllowed = false;
         }
         if (relation.related_collection &&
-            (Object.keys(allowedFieldsInCollection).includes(relation.related_collection) === false ||
+            (Object.keys(fieldMap).includes(relation.related_collection) === false ||
                 // Ignore legacy permissions with an empty fields array
-                allowedFieldsInCollection[relation.related_collection]?.length === 0)) {
+                fieldMap[relation.related_collection]?.length === 0)) {
             collectionsAllowed = false;
         }
         if (relation.meta?.one_allowed_collections &&
-            relation.meta.one_allowed_collections.every((collection) => Object.keys(allowedFieldsInCollection).includes(collection)) === false) {
+            relation.meta.one_allowed_collections.every((collection) => Object.keys(fieldMap).includes(collection)) === false) {
             collectionsAllowed = false;
         }
-        if (!allowedFieldsInCollection[relation.collection] ||
-            (allowedFieldsInCollection[relation.collection]?.includes('*') === false &&
-                allowedFieldsInCollection[relation.collection]?.includes(relation.field) === false)) {
+        if (!fieldMap[relation.collection] ||
+            (fieldMap[relation.collection]?.includes('*') === false &&
+                fieldMap[relation.collection]?.includes(relation.field) === false)) {
             fieldsAllowed = false;
         }
         if (relation.related_collection &&
             relation.meta?.one_field &&
-            (!allowedFieldsInCollection[relation.related_collection] ||
-                (allowedFieldsInCollection[relation.related_collection]?.includes('*') === false &&
-                    allowedFieldsInCollection[relation.related_collection]?.includes(relation.meta?.one_field) === false))) {
+            (!fieldMap[relation.related_collection] ||
+                (fieldMap[relation.related_collection]?.includes('*') === false &&
+                    fieldMap[relation.related_collection]?.includes(relation.meta?.one_field) === false))) {
             fieldsAllowed = false;
         }
         return collectionsAllowed && fieldsAllowed;

package/dist/utils/sanitize-schema.d.ts CHANGED Viewed

@@ -16,7 +16,7 @@ export declare function sanitizeCollection(collection: Collection | undefined):
  * @returns sanitized field
  */
 export declare function sanitizeField(field: Field | undefined, sanitizeAllSchema?: boolean): Partial<Field> | undefined;
-export declare function sanitizeColumn(column: Column): Pick<Column, "name" | "table" | "numeric_precision" | "numeric_scale" | "data_type" | "default_value" | "max_length" | "is_nullable" | "is_unique" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
+export declare function sanitizeColumn(column: Column): Pick<Column, "table" | "name" | "numeric_precision" | "numeric_scale" | "data_type" | "default_value" | "max_length" | "is_nullable" | "is_unique" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
 /**
  * Pick certain database vendor specific relation properties that should be compared when performing diff
  *

package/dist/utils/validate-user-count-integrity.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { type FetchUserCountOptions } from './fetch-user-count/fetch-user-count.js';
+export declare enum UserIntegrityCheckFlag {
+    None = 0,
+    /** Check if the number of remaining admin users is greater than 0 */
+    RemainingAdmins = 1,
+    /** Check if the number of users is within the limits */
+    UserLimits = 2,
+    All = 3
+}
+export interface ValidateUserCountIntegrityOptions extends Omit<FetchUserCountOptions, 'adminOnly'> {
+    flags: UserIntegrityCheckFlag;
+}
+export declare function validateUserCountIntegrity(options: ValidateUserCountIntegrityOptions): Promise<void>;

package/dist/utils/validate-user-count-integrity.js ADDED Viewed

@@ -0,0 +1,29 @@
+import { validateRemainingAdminCount } from '../permissions/modules/validate-remaining-admin/validate-remaining-admin-count.js';
+import { checkUserLimits } from '../telemetry/utils/check-user-limits.js';
+import { shouldCheckUserLimits } from '../telemetry/utils/should-check-user-limits.js';
+import { fetchUserCount } from './fetch-user-count/fetch-user-count.js';
+export var UserIntegrityCheckFlag;
+(function (UserIntegrityCheckFlag) {
+    UserIntegrityCheckFlag[UserIntegrityCheckFlag["None"] = 0] = "None";
+    /** Check if the number of remaining admin users is greater than 0 */
+    UserIntegrityCheckFlag[UserIntegrityCheckFlag["RemainingAdmins"] = 1] = "RemainingAdmins";
+    /** Check if the number of users is within the limits */
+    UserIntegrityCheckFlag[UserIntegrityCheckFlag["UserLimits"] = 2] = "UserLimits";
+    UserIntegrityCheckFlag[UserIntegrityCheckFlag["All"] = 3] = "All";
+})(UserIntegrityCheckFlag || (UserIntegrityCheckFlag = {}));
+export async function validateUserCountIntegrity(options) {
+    const validateUserLimits = (options.flags & UserIntegrityCheckFlag.UserLimits) !== 0;
+    const validateRemainingAdminUsers = (options.flags & UserIntegrityCheckFlag.RemainingAdmins) !== 0;
+    const limitCheck = validateUserLimits && shouldCheckUserLimits();
+    if (!validateRemainingAdminUsers && !limitCheck) {
+        return;
+    }
+    const adminOnly = validateRemainingAdminUsers && !limitCheck;
+    const userCounts = await fetchUserCount({ ...options, adminOnly });
+    if (limitCheck) {
+        await checkUserLimits(userCounts);
+    }
+    if (validateRemainingAdminUsers) {
+        validateRemainingAdminCount(userCounts.admin);
+    }
+}

package/dist/websocket/authenticate.d.ts CHANGED Viewed

@@ -1,6 +1,4 @@
-import type { Accountability } from '@directus/types';
 import type { BasicAuthMessage } from './messages.js';
 import type { AuthenticationState } from './types.js';
 export declare function authenticateConnection(message: BasicAuthMessage & Record<string, any>): Promise<AuthenticationState>;
-export declare function refreshAccountability(accountability: Accountability | null | undefined): Promise<Accountability>;
 export declare function authenticationSuccess(uid?: string | number, refresh_token?: string): string;

package/dist/websocket/authenticate.js CHANGED Viewed

@@ -1,7 +1,6 @@
 import { DEFAULT_AUTH_PROVIDER } from '../constants.js';
 import { AuthenticationService } from '../services/index.js';
 import { getAccountabilityForToken } from '../utils/get-accountability-for-token.js';
-import { getPermissions } from '../utils/get-permissions.js';
 import { getSchema } from '../utils/get-schema.js';
 import { WebSocketError } from './errors.js';
 import { getExpiresAtForToken } from './utils/get-expires-at-for-token.js';
@@ -33,17 +32,6 @@ export async function authenticateConnection(message) {
         throw new WebSocketError('auth', 'AUTH_FAILED', 'Authentication failed.', message['uid']);
     }
 }
-export async function refreshAccountability(accountability) {
-    accountability = accountability ?? {
-        role: null,
-        user: null,
-        admin: false,
-        app: false,
-    };
-    const schema = await getSchema();
-    const permissions = await getPermissions(accountability, schema);
-    return { ...accountability, permissions };
-}
 export function authenticationSuccess(uid, refresh_token) {
     const message = {
         type: 'auth',

package/dist/websocket/controllers/graphql.js CHANGED Viewed

@@ -4,7 +4,7 @@ import { useLogger } from '../../logger/index.js';
 import { bindPubSub } from '../../services/graphql/subscription.js';
 import { GraphQLService } from '../../services/index.js';
 import { getSchema } from '../../utils/get-schema.js';
-import { authenticateConnection, refreshAccountability } from '../authenticate.js';
+import { authenticateConnection } from '../authenticate.js';
 import { handleWebSocketError } from '../errors.js';
 import { ConnectionParams, WebSocketMessage } from '../messages.js';
 import { getMessageType } from '../utils/message.js';
@@ -64,9 +64,6 @@ export class GraphQLSubscriptionController extends SocketController {
                             client.close(CloseCode.Forbidden, 'Forbidden');
                             return;
                         }
-                        else {
-                            client.accountability = await refreshAccountability(client.accountability);
-                        }
                         await cb(JSON.stringify(message));
                     }
                     catch (error) {

package/dist/websocket/controllers/hooks.js CHANGED Viewed

@@ -7,19 +7,23 @@ export function registerWebSocketEvents() {
     actionsRegistered = true;
     registerActionHooks([
         'items',
+        'access',
         'activity',
         'collections',
         'dashboards',
+        'flows',
         'folders',
         'notifications',
         'operations',
         'panels',
         'permissions',
+        'policies',
         'presets',
         'revisions',
         'roles',
         'settings',
         'shares',
+        'translations',
         'users',
         'versions',
         'webhooks',

package/dist/websocket/controllers/rest.js CHANGED Viewed

@@ -2,7 +2,6 @@ import { useEnv } from '@directus/env';
 import { parseJSON } from '@directus/utils';
 import emitter from '../../emitter.js';
 import { useLogger } from '../../logger/index.js';
-import { refreshAccountability } from '../authenticate.js';
 import { WebSocketError, handleWebSocketError } from '../errors.js';
 import { WebSocketMessage } from '../messages.js';
 import SocketController from './base.js';
@@ -20,7 +19,6 @@ export class WebSocketController extends SocketController {
         client.on('parsed-message', async (message) => {
             try {
                 message = WebSocketMessage.parse(await emitter.emitFilter('websocket.message', message, { client }));
-                client.accountability = await refreshAccountability(client.accountability);
                 emitter.emitAction('websocket.message', { message, client });
             }
             catch (error) {

package/dist/websocket/handlers/subscribe.js CHANGED Viewed

@@ -4,7 +4,6 @@ import { useBus } from '../../bus/index.js';
 import emitter from '../../emitter.js';
 import { getSchema } from '../../utils/get-schema.js';
 import { sanitizeQuery } from '../../utils/sanitize-query.js';
-import { refreshAccountability } from '../authenticate.js';
 import { WebSocketError, handleWebSocketError } from '../errors.js';
 import { WebSocketSubscribeMessage } from '../messages.js';
 import { getPayload } from '../utils/items.js';
@@ -112,7 +111,6 @@ export class SubscribeHandler {
                     continue;
             }
             try {
-                client.accountability = await refreshAccountability(client.accountability);
                 const result = await getPayload(subscription, client.accountability, schema, event);
                 if (Array.isArray(result?.['data']) && result?.['data']?.length === 0)
                     continue;

package/dist/websocket/utils/items.d.ts CHANGED Viewed

@@ -39,5 +39,5 @@ export declare function getFieldsPayload(subscription: PSubscription, accountabi
  * @param event Event data
  * @returns the fetched data
  */
-export declare function getItemsPayload(subscription: PSubscription, accountability: Accountability | null, schema: SchemaOverview, event?: WebSocketEvent): Promise<string | number | import("@directus/types").Item | (string | number)[] | import("@directus/types").Item[]>;
+export declare function getItemsPayload(subscription: PSubscription, accountability: Accountability | null, schema: SchemaOverview, event?: WebSocketEvent): Promise<string | number | (string | number)[] | import("@directus/types").Item | import("@directus/types").Item[]>;
 export {};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "21.0.0",
+  "version": "22.0.0",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -149,29 +149,29 @@
     "ws": "8.18.0",
     "zod": "3.23.8",
     "zod-validation-error": "3.3.0",
-    "@directus/app": "12.2.2",
-    "@directus/errors": "0.4.0",
-    "@directus/constants": "11.0.4",
-    "@directus/env": "1.3.1",
-    "@directus/extensions": "1.0.10",
-    "@directus/extensions-registry": "1.0.10",
-    "@directus/extensions-sdk": "11.0.10",
-    "@directus/format-title": "10.1.2",
-    "@directus/memory": "1.0.11",
-    "@directus/pressure": "1.0.22",
-    "@directus/schema": "11.0.4",
-    "@directus/specs": "10.2.11",
-    "@directus/storage": "10.1.0",
-    "@directus/storage-driver-cloudinary": "10.0.24",
-    "@directus/storage-driver-azure": "10.0.24",
-    "@directus/storage-driver-gcs": "10.0.25",
-    "@directus/storage-driver-local": "10.1.0",
-    "@directus/storage-driver-supabase": "1.0.16",
-    "@directus/storage-driver-s3": "10.1.1",
-    "@directus/utils": "11.0.11",
-    "@directus/validation": "0.0.19",
-    "@directus/system-data": "1.1.1",
-    "directus": "10.13.2"
+    "@directus/constants": "12.0.0",
+    "@directus/app": "13.0.0",
+    "@directus/env": "2.0.0",
+    "@directus/errors": "1.0.0",
+    "@directus/format-title": "11.0.0",
+    "@directus/extensions": "2.0.0",
+    "@directus/extensions-sdk": "12.0.0",
+    "@directus/extensions-registry": "2.0.0",
+    "@directus/pressure": "2.0.0",
+    "@directus/memory": "2.0.0",
+    "@directus/schema": "12.0.0",
+    "@directus/specs": "11.0.0",
+    "@directus/storage": "11.0.0",
+    "@directus/storage-driver-azure": "11.0.0",
+    "@directus/storage-driver-gcs": "11.0.0",
+    "@directus/storage-driver-local": "11.0.0",
+    "@directus/storage-driver-cloudinary": "11.0.0",
+    "@directus/storage-driver-s3": "11.0.0",
+    "@directus/storage-driver-supabase": "2.0.0",
+    "@directus/system-data": "2.0.0",
+    "@directus/validation": "1.0.0",
+    "@directus/utils": "12.0.0",
+    "directus": "11.0.0"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -212,13 +212,13 @@
     "knex-mock-client": "2.0.1",
     "typescript": "5.4.5",
     "vitest": "1.5.3",
-    "@directus/tsconfig": "1.0.1",
-    "@directus/random": "0.2.8",
-    "@directus/types": "11.2.1"
+    "@directus/random": "1.0.0",
+    "@directus/tsconfig": "2.0.0",
+    "@directus/types": "12.0.0"
   },
   "optionalDependencies": {
     "@keyv/redis": "2.8.5",
-    "mysql": "2.18.1",
+    "mysql2": "3.10.0",
     "nodemailer-mailgun-transport": "2.1.5",
     "nodemailer-sendgrid": "1.0.3",
     "oracledb": "6.5.1",
@@ -233,6 +233,7 @@
     "build": "tsc --project tsconfig.prod.json && copyfiles \"src/**/*.{yaml,liquid}\" -u 1 dist",
     "cli": "NODE_ENV=development SERVE_APP=false tsx src/cli/run.ts",
     "dev": "NODE_ENV=development SERVE_APP=true tsx watch --ignore extensions --clear-screen=false src/start.ts",
-    "test": "vitest --watch=false"
+    "test": "vitest run",
+    "test:watch": "vitest"
   }
 }