npm - @directus/api - Versions diffs - 30.0.0 → 32.0.0 - Mend

@directus/api 30.0.0 → 32.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (197) hide show

package/dist/app.js +7 -0
package/dist/auth/auth.d.ts +2 -1
package/dist/auth/auth.js +7 -2
package/dist/auth/drivers/ldap.d.ts +0 -2
package/dist/auth/drivers/ldap.js +9 -7
package/dist/auth/drivers/oauth2.d.ts +0 -2
package/dist/auth/drivers/oauth2.js +28 -11
package/dist/auth/drivers/openid.d.ts +0 -2
package/dist/auth/drivers/openid.js +28 -11
package/dist/auth/drivers/saml.d.ts +0 -2
package/dist/auth/drivers/saml.js +5 -5
package/dist/auth.js +1 -2
package/dist/cli/commands/bootstrap/index.js +12 -33
package/dist/cli/commands/init/index.js +1 -1
package/dist/cli/commands/schema/apply.d.ts +4 -0
package/dist/cli/commands/schema/apply.js +26 -3
package/dist/controllers/collections.js +7 -2
package/dist/controllers/fields.js +31 -8
package/dist/controllers/mcp.d.ts +2 -0
package/dist/controllers/mcp.js +33 -0
package/dist/controllers/server.js +26 -1
package/dist/controllers/settings.js +9 -2
package/dist/controllers/users.js +17 -7
package/dist/controllers/versions.js +3 -2
package/dist/database/errors/dialects/mssql.d.ts +1 -1
package/dist/database/errors/dialects/mssql.js +18 -10
package/dist/database/helpers/fn/types.js +3 -3
package/dist/database/helpers/schema/dialects/cockroachdb.d.ts +2 -1
package/dist/database/helpers/schema/dialects/cockroachdb.js +13 -0
package/dist/database/helpers/schema/dialects/mssql.d.ts +2 -1
package/dist/database/helpers/schema/dialects/mssql.js +23 -0
package/dist/database/helpers/schema/dialects/mysql.d.ts +2 -1
package/dist/database/helpers/schema/dialects/mysql.js +25 -0
package/dist/database/helpers/schema/dialects/oracle.d.ts +2 -1
package/dist/database/helpers/schema/dialects/oracle.js +13 -0
package/dist/database/helpers/schema/dialects/postgres.d.ts +2 -1
package/dist/database/helpers/schema/dialects/postgres.js +13 -0
package/dist/database/helpers/schema/types.d.ts +5 -0
package/dist/database/helpers/schema/types.js +6 -0
package/dist/database/migrations/20250813A-add-mcp.d.ts +3 -0
package/dist/database/migrations/20250813A-add-mcp.js +18 -0
package/dist/database/migrations/20251012A-add-field-searchable.d.ts +3 -0
package/dist/database/migrations/20251012A-add-field-searchable.js +10 -0
package/dist/database/migrations/20251014A-add-project-owner.d.ts +3 -0
package/dist/database/migrations/20251014A-add-project-owner.js +37 -0
package/dist/database/migrations/20251028A-add-retention-indexes.d.ts +3 -0
package/dist/database/migrations/20251028A-add-retention-indexes.js +42 -0
package/dist/database/run-ast/README.md +46 -0
package/dist/database/run-ast/lib/apply-query/add-join.js +2 -2
package/dist/database/run-ast/lib/apply-query/filter/get-filter-type.d.ts +2 -2
package/dist/database/run-ast/lib/apply-query/index.d.ts +0 -1
package/dist/database/run-ast/lib/apply-query/index.js +4 -6
package/dist/database/run-ast/lib/apply-query/search.js +2 -0
package/dist/database/run-ast/lib/get-db-query.js +7 -6
package/dist/database/run-ast/utils/generate-alias.d.ts +6 -0
package/dist/database/run-ast/utils/generate-alias.js +57 -0
package/dist/flows.js +1 -0
package/dist/mcp/define.d.ts +2 -0
package/dist/mcp/define.js +3 -0
package/dist/mcp/index.d.ts +1 -0
package/dist/mcp/index.js +1 -0
package/dist/mcp/schema.d.ts +485 -0
package/dist/mcp/schema.js +219 -0
package/dist/mcp/server.d.ts +103 -0
package/dist/mcp/server.js +310 -0
package/dist/mcp/tools/assets.d.ts +3 -0
package/dist/mcp/tools/assets.js +54 -0
package/dist/mcp/tools/collections.d.ts +84 -0
package/dist/mcp/tools/collections.js +90 -0
package/dist/mcp/tools/fields.d.ts +101 -0
package/dist/mcp/tools/fields.js +157 -0
package/dist/mcp/tools/files.d.ts +235 -0
package/dist/mcp/tools/files.js +103 -0
package/dist/mcp/tools/flows.d.ts +323 -0
package/dist/mcp/tools/flows.js +85 -0
package/dist/mcp/tools/folders.d.ts +95 -0
package/dist/mcp/tools/folders.js +96 -0
package/dist/mcp/tools/index.d.ts +15 -0
package/dist/mcp/tools/index.js +29 -0
package/dist/mcp/tools/items.d.ts +87 -0
package/dist/mcp/tools/items.js +141 -0
package/dist/mcp/tools/operations.d.ts +171 -0
package/dist/mcp/tools/operations.js +77 -0
package/dist/mcp/tools/prompts/assets.md +8 -0
package/dist/mcp/tools/prompts/collections.md +336 -0
package/dist/mcp/tools/prompts/fields.md +521 -0
package/dist/mcp/tools/prompts/files.md +180 -0
package/dist/mcp/tools/prompts/flows.md +495 -0
package/dist/mcp/tools/prompts/folders.md +34 -0
package/dist/mcp/tools/prompts/index.d.ts +16 -0
package/dist/mcp/tools/prompts/index.js +19 -0
package/dist/mcp/tools/prompts/items.md +317 -0
package/dist/mcp/tools/prompts/operations.md +721 -0
package/dist/mcp/tools/prompts/relations.md +386 -0
package/dist/mcp/tools/prompts/schema.md +130 -0
package/dist/mcp/tools/prompts/system-prompt-description.md +1 -0
package/dist/mcp/tools/prompts/system-prompt.md +44 -0
package/dist/mcp/tools/prompts/trigger-flow.md +214 -0
package/dist/mcp/tools/relations.d.ts +73 -0
package/dist/mcp/tools/relations.js +93 -0
package/dist/mcp/tools/schema.d.ts +54 -0
package/dist/mcp/tools/schema.js +317 -0
package/dist/mcp/tools/system.d.ts +3 -0
package/dist/mcp/tools/system.js +22 -0
package/dist/mcp/tools/trigger-flow.d.ts +8 -0
package/dist/mcp/tools/trigger-flow.js +48 -0
package/dist/mcp/transport.d.ts +13 -0
package/dist/mcp/transport.js +18 -0
package/dist/mcp/types.d.ts +56 -0
package/dist/mcp/types.js +1 -0
package/dist/metrics/lib/create-metrics.js +16 -25
package/dist/middleware/collection-exists.js +2 -2
package/dist/operations/mail/index.js +3 -1
package/dist/operations/mail/rate-limiter.d.ts +1 -0
package/dist/operations/mail/rate-limiter.js +29 -0
package/dist/permissions/modules/process-payload/process-payload.js +3 -10
package/dist/permissions/modules/validate-access/validate-access.js +2 -3
package/dist/schedules/metrics.js +6 -2
package/dist/schedules/project.d.ts +4 -0
package/dist/schedules/project.js +27 -0
package/dist/services/authentication.js +36 -0
package/dist/services/collections.d.ts +3 -3
package/dist/services/collections.js +16 -1
package/dist/services/fields.d.ts +21 -5
package/dist/services/fields.js +109 -32
package/dist/services/graphql/resolvers/query.js +1 -1
package/dist/services/graphql/resolvers/system-admin.js +49 -5
package/dist/services/graphql/schema/parse-query.js +8 -8
package/dist/services/graphql/utils/aggregate-query.d.ts +1 -1
package/dist/services/graphql/utils/aggregate-query.js +5 -1
package/dist/services/graphql/utils/filter-replace-m2a.js +2 -1
package/dist/services/import-export.d.ts +9 -1
package/dist/services/import-export.js +287 -101
package/dist/services/items.d.ts +1 -1
package/dist/services/items.js +50 -24
package/dist/services/mail/index.js +2 -0
package/dist/services/mail/rate-limiter.d.ts +1 -0
package/dist/services/mail/rate-limiter.js +29 -0
package/dist/services/meta.js +28 -24
package/dist/services/payload.d.ts +7 -3
package/dist/services/payload.js +26 -12
package/dist/services/schema.js +4 -1
package/dist/services/server.d.ts +1 -0
package/dist/services/server.js +15 -18
package/dist/services/settings.d.ts +2 -1
package/dist/services/settings.js +15 -0
package/dist/services/tfa.d.ts +1 -1
package/dist/services/tfa.js +20 -5
package/dist/services/tus/server.js +14 -9
package/dist/services/versions.d.ts +6 -4
package/dist/services/versions.js +84 -25
package/dist/telemetry/lib/get-report.js +4 -4
package/dist/telemetry/lib/send-report.d.ts +6 -1
package/dist/telemetry/lib/send-report.js +3 -1
package/dist/telemetry/types/report.d.ts +17 -1
package/dist/telemetry/utils/get-settings.d.ts +9 -0
package/dist/telemetry/utils/get-settings.js +14 -0
package/dist/test-utils/README.md +760 -0
package/dist/test-utils/cache.d.ts +51 -0
package/dist/test-utils/cache.js +59 -0
package/dist/test-utils/database.d.ts +48 -0
package/dist/test-utils/database.js +52 -0
package/dist/test-utils/emitter.d.ts +35 -0
package/dist/test-utils/emitter.js +38 -0
package/dist/test-utils/fields-service.d.ts +28 -0
package/dist/test-utils/fields-service.js +36 -0
package/dist/test-utils/items-service.d.ts +23 -0
package/dist/test-utils/items-service.js +37 -0
package/dist/test-utils/knex.d.ts +164 -0
package/dist/test-utils/knex.js +268 -0
package/dist/test-utils/schema.d.ts +26 -0
package/dist/test-utils/schema.js +35 -0
package/dist/types/auth.d.ts +2 -3
package/dist/utils/apply-diff.js +15 -0
package/dist/utils/create-admin.d.ts +11 -0
package/dist/utils/create-admin.js +50 -0
package/dist/utils/get-schema.js +5 -3
package/dist/utils/get-snapshot-diff.js +49 -5
package/dist/utils/get-snapshot.js +13 -7
package/dist/utils/sanitize-schema.d.ts +11 -4
package/dist/utils/sanitize-schema.js +9 -6
package/dist/utils/schedule.js +15 -19
package/dist/utils/validate-diff.js +31 -0
package/dist/utils/validate-snapshot.js +7 -0
package/dist/utils/versioning/deep-map-with-schema.d.ts +23 -0
package/dist/utils/versioning/deep-map-with-schema.js +81 -0
package/dist/utils/versioning/handle-version.d.ts +2 -2
package/dist/utils/versioning/handle-version.js +47 -43
package/dist/utils/versioning/split-recursive.d.ts +4 -0
package/dist/utils/versioning/split-recursive.js +27 -0
package/dist/websocket/controllers/hooks.js +12 -20
package/dist/websocket/messages.d.ts +3 -3
package/package.json +65 -66
package/dist/cli/utils/defaults.d.ts +0 -4
package/dist/cli/utils/defaults.js +0 -17
package/dist/telemetry/utils/get-project-id.d.ts +0 -2
package/dist/telemetry/utils/get-project-id.js +0 -4

package/dist/cli/commands/schema/apply.js CHANGED Viewed

@@ -11,7 +11,7 @@ import { isNestedMetaUpdate } from '../../../utils/apply-diff.js';
 import { applySnapshot } from '../../../utils/apply-snapshot.js';
 import { getSnapshotDiff } from '../../../utils/get-snapshot-diff.js';
 import { getSnapshot } from '../../../utils/get-snapshot.js';
-function filterSnapshotDiff(snapshot, filters) {
+export function filterSnapshotDiff(snapshot, filters) {
     const filterSet = new Set(filters);
     function shouldKeep(item) {
         if (filterSet.has(item.collection))
@@ -23,6 +23,7 @@ function filterSnapshotDiff(snapshot, filters) {
     const filteredDiff = {
         collections: snapshot.collections.filter((item) => shouldKeep(item)),
         fields: snapshot.fields.filter((item) => shouldKeep(item)),
+        systemFields: snapshot.systemFields.filter((item) => shouldKeep(item)),
         relations: snapshot.relations.filter((item) => shouldKeep(item)),
     };
     return filteredDiff;
@@ -53,6 +54,7 @@ export async function apply(snapshotPath, options) {
         }
         if (snapshotDiff.collections.length === 0 &&
             snapshotDiff.fields.length === 0 &&
+            snapshotDiff.systemFields.length === 0 &&
             snapshotDiff.relations.length === 0) {
             logger.info('No changes to apply.');
             database.destroy();
@@ -116,6 +118,27 @@ export async function apply(snapshotPath, options) {
                 }
                 sections.push(lines.join('\n'));
             }
+            if (snapshotDiff.systemFields.length > 0) {
+                const lines = [chalk.underline.bold('System Fields:')];
+                for (const { collection, field, diff } of snapshotDiff.systemFields) {
+                    if (diff[0]?.kind === DiffKind.EDIT) {
+                        lines.push(`  - ${chalk.magenta('Update')} ${collection}.${field}`);
+                        for (const change of diff) {
+                            const path = formatPath(change.path);
+                            if (change.kind === DiffKind.EDIT) {
+                                lines.push(`    - Set ${path} to ${change.rhs}`);
+                            }
+                            else if (change.kind === DiffKind.DELETE) {
+                                lines.push(`    - Remove ${path}`);
+                            }
+                            else if (change.kind === DiffKind.NEW) {
+                                lines.push(`    - Add ${path} and set it to ${change.rhs}`);
+                            }
+                        }
+                    }
+                }
+                sections.push(lines.join('\n'));
+            }
             if (snapshotDiff.relations.length > 0) {
                 const lines = [chalk.underline.bold('Relations:')];
                 for (const { collection, field, related_collection, diff } of snapshotDiff.relations) {
@@ -169,13 +192,13 @@ export async function apply(snapshotPath, options) {
         process.exit(1);
     }
 }
-function formatPath(path) {
+export function formatPath(path) {
     if (path.length === 1) {
         return path.toString();
     }
     return path.slice(1).join('.');
 }
-function formatRelatedCollection(relatedCollection) {
+export function formatRelatedCollection(relatedCollection) {
     // Related collection doesn't exist for a2o relationship types
     if (relatedCollection) {
         return ` → ${relatedCollection}`;

package/dist/controllers/collections.js CHANGED Viewed

@@ -11,13 +11,18 @@ router.post('/', asyncHandler(async (req, res, next) => {
         accountability: req.accountability,
         schema: req.schema,
     });
+    const attemptConcurrentIndex = 'concurrentIndexCreation' in req.query && req.query['concurrentIndexCreation'] !== 'false';
     if (Array.isArray(req.body)) {
-        const collectionKey = await collectionsService.createMany(req.body);
+        const collectionKey = await collectionsService.createMany(req.body, {
+            attemptConcurrentIndex,
+        });
         const records = await collectionsService.readMany(collectionKey);
         res.locals['payload'] = { data: records || null };
     }
     else {
-        const collectionKey = await collectionsService.createOne(req.body);
+        const collectionKey = await collectionsService.createOne(req.body, {
+            attemptConcurrentIndex,
+        });
         const record = await collectionsService.readOne(collectionKey);
         res.locals['payload'] = { data: record || null };
     }

package/dist/controllers/fields.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { TYPES } from '@directus/constants';
-import { isDirectusError } from '@directus/errors';
+import { ForbiddenError, isDirectusError } from '@directus/errors';
 import { Router } from 'express';
 import Joi from 'joi';
 import { ALIAS_TYPES } from '../constants.js';
@@ -7,8 +7,9 @@ import { ErrorCode, InvalidPayloadError } from '@directus/errors';
 import validateCollection from '../middleware/collection-exists.js';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
-import { FieldsService } from '../services/fields.js';
+import { FieldsService, systemFieldUpdateSchema } from '../services/fields.js';
 import asyncHandler from '../utils/async-handler.js';
+import { isSystemField } from '@directus/system-data';
 const router = Router();
 router.use(useCollection('directus_fields'));
 router.get('/', asyncHandler(async (req, res, next) => {
@@ -64,7 +65,9 @@ router.post('/:collection', validateCollection, asyncHandler(async (req, res, ne
         throw new InvalidPayloadError({ reason: error.message });
     }
     const field = req.body;
-    await service.createField(req.params['collection'], field);
+    await service.createField(req.params['collection'], field, undefined, {
+        attemptConcurrentIndex: 'concurrentIndexCreation' in req.query && req.query['concurrentIndexCreation'] !== 'false',
+    });
     try {
         const createdField = await service.readOne(req.params['collection'], field.field);
         res.locals['payload'] = { data: createdField || null };
@@ -85,7 +88,16 @@ router.patch('/:collection', validateCollection, asyncHandler(async (req, res, n
     if (Array.isArray(req.body) === false) {
         throw new InvalidPayloadError({ reason: 'Submitted body has to be an array' });
     }
-    await service.updateFields(req.params['collection'], req.body);
+    for (const fieldData of req.body) {
+        if (isSystemField(req.params['collection'], fieldData['field'])) {
+            const { error } = systemFieldUpdateSchema.safeParse(fieldData);
+            if (error)
+                throw error.issues.map((details) => new InvalidPayloadError({ reason: details.message }));
+        }
+    }
+    await service.updateFields(req.params['collection'], req.body, {
+        attemptConcurrentIndex: 'concurrentIndexCreation' in req.query && req.query['concurrentIndexCreation'] !== 'false',
+    });
     try {
         const results = [];
         for (const field of req.body) {
@@ -120,14 +132,22 @@ router.patch('/:collection/:field', validateCollection, asyncHandler(async (req,
         accountability: req.accountability,
         schema: req.schema,
     });
-    const { error } = updateSchema.validate(req.body);
-    if (error) {
-        throw new InvalidPayloadError({ reason: error.message });
+    if (isSystemField(req.params['collection'], req.params['field'])) {
+        const { error } = systemFieldUpdateSchema.safeParse(req.body);
+        if (error)
+            throw error.issues.map((details) => new InvalidPayloadError({ reason: details.message }));
+    }
+    else {
+        const { error } = updateSchema.validate(req.body);
+        if (error)
+            throw new InvalidPayloadError({ reason: error.message });
     }
     const fieldData = req.body;
     if (!fieldData.field)
         fieldData.field = req.params['field'];
-    await service.updateField(req.params['collection'], fieldData);
+    await service.updateField(req.params['collection'], fieldData, {
+        attemptConcurrentIndex: 'concurrentIndexCreation' in req.query && req.query['concurrentIndexCreation'] !== 'false',
+    });
     try {
         const updatedField = await service.readOne(req.params['collection'], req.params['field']);
         res.locals['payload'] = { data: updatedField || null };
@@ -145,6 +165,9 @@ router.delete('/:collection/:field', validateCollection, asyncHandler(async (req
         accountability: req.accountability,
         schema: req.schema,
     });
+    if (isSystemField(req.params['collection'], req.params['field'])) {
+        throw new ForbiddenError();
+    }
     await service.deleteField(req.params['collection'], req.params['field']);
     return next();
 }), respond);

package/dist/controllers/mcp.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ declare const router: import("express-serve-static-core").Router;
2	+ export default router;

package/dist/controllers/mcp.js ADDED Viewed

@@ -0,0 +1,33 @@
+import { ForbiddenError } from '@directus/errors';
+import { Router } from 'express';
+import { DirectusMCP } from '../mcp/index.js';
+import { SettingsService } from '../services/settings.js';
+import asyncHandler from '../utils/async-handler.js';
+const router = Router();
+const mcpHandler = asyncHandler(async (req, res) => {
+    const settings = new SettingsService({
+        schema: req.schema,
+    });
+    const { mcp_enabled, mcp_allow_deletes, mcp_prompts_collection, mcp_system_prompt, mcp_system_prompt_enabled } = await settings.readSingleton({
+        fields: [
+            'mcp_enabled',
+            'mcp_allow_deletes',
+            'mcp_prompts_collection',
+            'mcp_system_prompt',
+            'mcp_system_prompt_enabled',
+        ],
+    });
+    if (!mcp_enabled) {
+        throw new ForbiddenError({ reason: 'MCP must be enabled' });
+    }
+    const mcp = new DirectusMCP({
+        promptsCollection: mcp_prompts_collection,
+        allowDeletes: mcp_allow_deletes,
+        systemPromptEnabled: mcp_system_prompt_enabled,
+        systemPrompt: mcp_system_prompt,
+    });
+    mcp.handleRequest(req, res);
+});
+router.get('/', mcpHandler);
+router.post('/', mcpHandler);
+export default router;

package/dist/controllers/server.js CHANGED Viewed

@@ -1,10 +1,12 @@
-import { RouteNotFoundError } from '@directus/errors';
+import { ErrorCode, ForbiddenError, isDirectusError, RouteNotFoundError } from '@directus/errors';
 import { format } from 'date-fns';
 import { Router } from 'express';
 import { respond } from '../middleware/respond.js';
+import { SettingsService } from '../services/index.js';
 import { ServerService } from '../services/server.js';
 import { SpecificationService } from '../services/specifications.js';
 import asyncHandler from '../utils/async-handler.js';
+import { createAdmin } from '../utils/create-admin.js';
 const router = Router();
 router.get('/specs/oas', asyncHandler(async (req, res, next) => {
     const service = new SpecificationService({
@@ -54,4 +56,27 @@ router.get('/health', asyncHandler(async (req, res, next) => {
     res.locals['cache'] = false;
     return next();
 }), respond);
+router.post('/setup', asyncHandler(async (req, _res, next) => {
+    const serverService = new ServerService({ schema: req.schema });
+    if (await serverService.isSetupCompleted()) {
+        throw new ForbiddenError();
+    }
+    try {
+        await createAdmin(req.schema, {
+            email: req.body.project_owner,
+            password: req.body.password,
+            first_name: req.body.first_name,
+            last_name: req.body.last_name,
+        });
+        const settingsService = new SettingsService({ schema: req.schema });
+        settingsService.setOwner(req.body);
+    }
+    catch (error) {
+        if (isDirectusError(error, ErrorCode.Forbidden)) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond);
 export default router;

package/dist/controllers/settings.js CHANGED Viewed

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { SettingsService } from '../services/settings.js';
@@ -16,6 +15,14 @@ router.get('/', asyncHandler(async (req, res, next) => {
     res.locals['payload'] = { data: records || null };
     return next();
 }), respond);
+router.post('/owner', asyncHandler(async (req, _res, next) => {
+    const service = new SettingsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.setOwner(req.body);
+    return next();
+}), respond);
 router.patch('/', asyncHandler(async (req, res, next) => {
     const service = new SettingsService({
         accountability: req.accountability,

package/dist/controllers/users.js CHANGED Viewed

@@ -1,6 +1,8 @@
 import { ErrorCode, ForbiddenError, InvalidCredentialsError, InvalidPayloadError, isDirectusError, } from '@directus/errors';
 import express from 'express';
 import Joi from 'joi';
+import { DEFAULT_AUTH_PROVIDER } from '../constants.js';
+import { getDatabase } from '../database/index.js';
 import checkRateLimit from '../middleware/rate-limiter-registration.js';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
@@ -231,19 +233,27 @@ router.post('/me/tfa/generate/', asyncHandler(async (req, res, next) => {
     if (!req.accountability?.user) {
         throw new InvalidCredentialsError();
     }
-    if (!req.body.password) {
+    const currentUser = await getDatabase()
+        .select('provider')
+        .from('directus_users')
+        .where({ id: req.accountability.user })
+        .first();
+    const requiresPassword = currentUser?.['provider'] === DEFAULT_AUTH_PROVIDER;
+    if (requiresPassword && !req.body.password) {
         throw new InvalidPayloadError({ reason: `"password" is required` });
     }
     const service = new TFAService({
         accountability: req.accountability,
         schema: req.schema,
     });
-    const authService = new AuthenticationService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    await authService.verifyPassword(req.accountability.user, req.body.password);
-    const { url, secret } = await service.generateTFA(req.accountability.user);
+    if (requiresPassword) {
+        const authService = new AuthenticationService({
+            accountability: req.accountability,
+            schema: req.schema,
+        });
+        await authService.verifyPassword(req.accountability.user, req.body.password);
+    }
+    const { url, secret } = await service.generateTFA(req.accountability.user, requiresPassword);
     res.locals['payload'] = { data: { secret, otpauth_url: url } };
     return next();
 }), respond);

package/dist/controllers/versions.js CHANGED Viewed

@@ -154,9 +154,10 @@ router.get('/:pk/compare', asyncHandler(async (req, res, next) => {
     });
     const version = await service.readOne(req.params['pk']);
     const { outdated, mainHash } = await service.verifyHash(version['collection'], version['item'], version['hash']);
-    const current = assign({}, version['delta']);
+    const delta = version.delta ?? {};
+    delta[req.schema.collections[version.collection].primary] = version.item;
     const main = await service.getMainItem(version['collection'], version['item']);
-    res.locals['payload'] = { data: { outdated, mainHash, current, main } };
+    res.locals['payload'] = { data: { outdated, mainHash, current: delta, main } };
     return next();
 }), respond);
 router.post('/:pk/save', asyncHandler(async (req, res, next) => {

package/dist/database/errors/dialects/mssql.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
-import type { MSSQLError } from './types.js';
 import type { Item } from '@directus/types';
+import type { MSSQLError } from './types.js';
 export declare function extractError(error: MSSQLError, data: Partial<Item>): Promise<MSSQLError | Error>;

package/dist/database/errors/dialects/mssql.js CHANGED Viewed

@@ -5,14 +5,15 @@ var MSSQLErrorCodes;
     MSSQLErrorCodes[MSSQLErrorCodes["FOREIGN_KEY_VIOLATION"] = 547] = "FOREIGN_KEY_VIOLATION";
     MSSQLErrorCodes[MSSQLErrorCodes["NOT_NULL_VIOLATION"] = 515] = "NOT_NULL_VIOLATION";
     MSSQLErrorCodes[MSSQLErrorCodes["NUMERIC_VALUE_OUT_OF_RANGE"] = 220] = "NUMERIC_VALUE_OUT_OF_RANGE";
-    MSSQLErrorCodes[MSSQLErrorCodes["UNIQUE_VIOLATION"] = 2601] = "UNIQUE_VIOLATION";
+    MSSQLErrorCodes[MSSQLErrorCodes["UNIQUE_VIOLATION_INDEX"] = 2601] = "UNIQUE_VIOLATION_INDEX";
+    MSSQLErrorCodes[MSSQLErrorCodes["UNIQUE_VIOLATION_CONSTRAINT"] = 2627] = "UNIQUE_VIOLATION_CONSTRAINT";
     MSSQLErrorCodes[MSSQLErrorCodes["VALUE_LIMIT_VIOLATION"] = 2628] = "VALUE_LIMIT_VIOLATION";
 })(MSSQLErrorCodes || (MSSQLErrorCodes = {}));
 export async function extractError(error, data) {
     switch (error.number) {
-        case MSSQLErrorCodes.UNIQUE_VIOLATION:
-        case 2627:
-            return await uniqueViolation();
+        case MSSQLErrorCodes.UNIQUE_VIOLATION_CONSTRAINT:
+        case MSSQLErrorCodes.UNIQUE_VIOLATION_INDEX:
+            return await uniqueViolation(error);
         case MSSQLErrorCodes.NUMERIC_VALUE_OUT_OF_RANGE:
             return numericValueOutOfRange();
         case MSSQLErrorCodes.VALUE_LIMIT_VIOLATION:
@@ -23,14 +24,20 @@ export async function extractError(error, data) {
             return foreignKeyViolation();
     }
     return error;
-    async function uniqueViolation() {
+    async function uniqueViolation(error) {
         /**
          * NOTE:
-         * SQL Server doesn't return the name of the offending column when a unique constraint is thrown:
+         * SQL Server doesn't return the name of the offending column when a unique error is thrown:
          *
+         * Constraint:
          * insert into [articles] ([unique]) values (@p0)
-         * - Violation of UNIQUE KEY constraint 'UQ__articles__5A062640242004EB'.
-         * Cannot insert duplicate key in object 'dbo.articles'. The duplicate key value is (rijk).
+         * - Violation of UNIQUE KEY constraint 'unique_contraint_name'. Cannot insert duplicate key in object 'dbo.article'.
+         * The duplicate key value is (rijk).
+         *
+         * Index:
+         * insert into [articles] ([unique]) values (@p0)
+         * - Cannot insert duplicate key row in object 'dbo.articles' with unique index 'unique_index_name'.
+         * The duplicate key value is (rijk).
          *
          * While it's not ideal, the best next thing we can do is extract the column name from
          * information_schema when this happens
@@ -41,8 +48,9 @@ export async function extractError(error, data) {
         const parenMatches = error.message.match(betweenParens);
         if (!quoteMatches || !parenMatches)
             return error;
-        const keyName = quoteMatches[1].slice(1, -1);
-        let collection = quoteMatches[0].slice(1, -1);
+        const [keyNameMatchIndex, collectionNameMatchIndex] = error.number === MSSQLErrorCodes.UNIQUE_VIOLATION_INDEX ? [1, 0] : [0, 1];
+        const keyName = quoteMatches[keyNameMatchIndex].slice(1, -1);
+        let collection = quoteMatches[collectionNameMatchIndex].slice(1, -1);
         let field = null;
         if (keyName) {
             const database = getDatabase();

package/dist/database/helpers/fn/types.js CHANGED Viewed

@@ -1,6 +1,6 @@
-import { DatabaseHelper } from '../types.js';
-import { generateAlias } from '../../run-ast/lib/apply-query/index.js';
 import { applyFilter } from '../../run-ast/lib/apply-query/filter/index.js';
+import { generateRelationalQueryAlias } from '../../run-ast/utils/generate-alias.js';
+import { DatabaseHelper } from '../types.js';
 export class FnHelper extends DatabaseHelper {
     schema;
     constructor(knex, schema) {
@@ -16,7 +16,7 @@ export class FnHelper extends DatabaseHelper {
             throw new Error(`Field ${collectionName}.${column} isn't a nested relational collection`);
         }
         // generate a unique alias for the relation collection, to prevent collisions in self referencing relations
-        const alias = generateAlias();
+        const alias = generateRelationalQueryAlias(table, column, collectionName, options);
         let countQuery = this.knex
             .count('*')
             .from({ [alias]: relation.collection })

package/dist/database/helpers/schema/dialects/cockroachdb.d.ts CHANGED Viewed

@@ -1,10 +1,11 @@
 import type { KNEX_TYPES } from '@directus/constants';
 import { type Knex } from 'knex';
-import type { Options, SortRecord } from '../types.js';
+import type { CreateIndexOptions, Options, SortRecord } from '../types.js';
 import { SchemaHelper } from '../types.js';
 export declare class SchemaHelperCockroachDb extends SchemaHelper {
     changeToType(table: string, column: string, type: (typeof KNEX_TYPES)[number], options?: Options): Promise<void>;
     constraintName(existingName: string): string;
     getDatabaseSize(): Promise<number | null>;
     addInnerSortFieldsToGroupBy(groupByFields: (string | Knex.Raw)[], sortRecords: SortRecord[], hasRelationalSort: boolean): void;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/dialects/cockroachdb.js CHANGED Viewed

@@ -44,4 +44,17 @@ export class SchemaHelperCockroachDb extends SchemaHelper {
             groupByFields.push(...sortRecords.map(({ alias }) => alias));
         }
     }
+    async createIndex(collection, field, options = {}) {
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        // https://www.cockroachlabs.com/docs/stable/create-index
+        if (options.attemptConcurrentIndex) {
+            return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX CONCURRENTLY ?? ON ?? (??)`, [
+                constraintName,
+                collection,
+                field,
+            ]);
+        }
+        return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [constraintName, collection, field]);
+    }
 }

package/dist/database/helpers/schema/dialects/mssql.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { Knex } from 'knex';
-import { SchemaHelper, type SortRecord, type Sql } from '../types.js';
+import { SchemaHelper, type CreateIndexOptions, type SortRecord, type Sql } from '../types.js';
 export declare class SchemaHelperMSSQL extends SchemaHelper {
     generateIndexName(type: 'unique' | 'foreign' | 'index', collection: string, fields: string | string[]): string;
     applyLimit(rootQuery: Knex.QueryBuilder, limit: number): void;
@@ -10,4 +10,5 @@ export declare class SchemaHelperMSSQL extends SchemaHelper {
     addInnerSortFieldsToGroupBy(groupByFields: (string | Knex.Raw)[], sortRecords: SortRecord[], _hasRelationalSort: boolean): void;
     getColumnNameMaxLength(): number;
     getTableNameMaxLength(): number;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/dialects/mssql.js CHANGED Viewed

@@ -60,4 +60,27 @@ export class SchemaHelperMSSQL extends SchemaHelper {
     getTableNameMaxLength() {
         return 128;
     }
+    async createIndex(collection, field, options = {}) {
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        /*
+        Online index operations are not available in every edition of Microsoft SQL Server.
+        For a list of features that are supported by the editions of SQL Server, see Editions and supported features of SQL Server 2022.
+        https://learn.microsoft.com/en-us/sql/sql-server/editions-and-components-of-sql-server-2022?view=sql-server-ver16#rdbms-high-availability
+         */
+        const edition = await this.knex
+            .raw(`SELECT SERVERPROPERTY('edition') AS edition`)
+            .then((data) => data?.[0]?.['edition']);
+        if (options.attemptConcurrentIndex && typeof edition === 'string' && edition.startsWith('Enterprise')) {
+            // https://learn.microsoft.com/en-us/sql/t-sql/statements/create-index-transact-sql?view=sql-server-ver16#online---on--off-
+            return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??) WITH (ONLINE = ON)`, [
+                constraintName,
+                collection,
+                field,
+            ]);
+        }
+        // Fall back to blocking index creation for non-enterprise editions
+        return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [constraintName, collection, field]);
+    }
 }

package/dist/database/helpers/schema/dialects/mysql.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
 import type { Knex } from 'knex';
-import { SchemaHelper, type SortRecord } from '../types.js';
+import { SchemaHelper, type CreateIndexOptions, type SortRecord } from '../types.js';
 export declare class SchemaHelperMySQL extends SchemaHelper {
     generateIndexName(type: 'unique' | 'foreign' | 'index', collection: string, fields: string | string[]): string;
     getDatabaseSize(): Promise<number | null>;
     addInnerSortFieldsToGroupBy(groupByFields: (string | Knex.Raw)[], sortRecords: SortRecord[], hasRelationalSort: boolean): void;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/dialects/mysql.js CHANGED Viewed

@@ -54,4 +54,29 @@ export class SchemaHelperMySQL extends SchemaHelper {
             groupByFields.push(...sortRecords.map(({ alias }) => alias));
         }
     }
+    async createIndex(collection, field, options = {}) {
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        const blockingQuery = this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [
+            constraintName,
+            collection,
+            field,
+        ]);
+        if (options.attemptConcurrentIndex) {
+            /*
+            Seems it is not possible to determine whether "ALGORITHM=INPLACE LOCK=NONE" will be supported
+            so we're just going to send it and fall back to blocking index creation on error
+            https://dev.mysql.com/doc/refman/8.4/en/create-index.html#:~:text=engine%20is%20changed.-,Table%20Copying%20and%20Locking%20Options,-ALGORITHM%20and%20LOCK
+            */
+            return this.knex
+                .raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??) ALGORITHM=INPLACE LOCK=NONE`, [
+                constraintName,
+                collection,
+                field,
+            ])
+                .catch(() => blockingQuery);
+        }
+        return blockingQuery;
+    }
 }

package/dist/database/helpers/schema/dialects/oracle.d.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import type { KNEX_TYPES } from '@directus/constants';
 import type { Column } from '@directus/schema';
 import type { Field, RawField, Relation, Type } from '@directus/types';
 import type { Knex } from 'knex';
-import type { Options, SortRecord, Sql } from '../types.js';
+import type { CreateIndexOptions, Options, SortRecord, Sql } from '../types.js';
 import { SchemaHelper } from '../types.js';
 export declare class SchemaHelperOracle extends SchemaHelper {
     generateIndexName(type: 'unique' | 'foreign' | 'index', collection: string, fields: string | string[]): string;
@@ -20,4 +20,5 @@ export declare class SchemaHelperOracle extends SchemaHelper {
     addInnerSortFieldsToGroupBy(groupByFields: (string | Knex.Raw)[], sortRecords: SortRecord[], _hasRelationalSort: boolean): void;
     getColumnNameMaxLength(): number;
     getTableNameMaxLength(): number;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/dialects/oracle.js CHANGED Viewed

@@ -102,4 +102,17 @@ export class SchemaHelperOracle extends SchemaHelper {
     getTableNameMaxLength() {
         return 128;
     }
+    async createIndex(collection, field, options = {}) {
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        if (options.attemptConcurrentIndex) {
+            // https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/CREATE-INDEX.html#GUID-1F89BBC0-825F-4215-AF71-7588E31D8BFE__GUID-041E5429-065B-43D5-AC7F-66810140842C
+            return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??) ONLINE`, [
+                constraintName,
+                collection,
+                field,
+            ]);
+        }
+        return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [constraintName, collection, field]);
+    }
 }

package/dist/database/helpers/schema/dialects/postgres.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
 import type { Knex } from 'knex';
-import { SchemaHelper, type SortRecord } from '../types.js';
+import { SchemaHelper, type CreateIndexOptions, type SortRecord } from '../types.js';
 export declare class SchemaHelperPostgres extends SchemaHelper {
     generateIndexName(type: 'unique' | 'foreign' | 'index', collection: string, fields: string | string[]): string;
     getDatabaseSize(): Promise<number | null>;
     addInnerSortFieldsToGroupBy(groupByFields: (string | Knex.Raw)[], sortRecords: SortRecord[], hasRelationalSort: boolean): void;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/dialects/postgres.js CHANGED Viewed

@@ -38,4 +38,17 @@ export class SchemaHelperPostgres extends SchemaHelper {
             groupByFields.push(...sortRecords.map(({ alias }) => alias));
         }
     }
+    async createIndex(collection, field, options = {}) {
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        // https://www.postgresql.org/docs/current/sql-createindex.html#SQL-CREATEINDEX-CONCURRENTLY
+        if (options.attemptConcurrentIndex) {
+            return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX CONCURRENTLY ?? ON ?? (??)`, [
+                constraintName,
+                collection,
+                field,
+            ]);
+        }
+        return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [constraintName, collection, field]);
+    }
 }

package/dist/database/helpers/schema/types.d.ts CHANGED Viewed

@@ -16,6 +16,10 @@ export type SortRecord = {
     alias: string;
     column: Knex.Raw;
 };
+export type CreateIndexOptions = {
+    attemptConcurrentIndex?: boolean;
+    unique?: boolean;
+};
 export declare abstract class SchemaHelper extends DatabaseHelper {
     isOneOfClients(clients: DatabaseClient[]): boolean;
     changeNullable(table: string, column: string, nullable: boolean): Promise<void>;
@@ -41,4 +45,5 @@ export declare abstract class SchemaHelper extends DatabaseHelper {
     addInnerSortFieldsToGroupBy(_groupByFields: (string | Knex.Raw)[], _sortRecords: SortRecord[], _hasRelationalSort: boolean): void;
     getColumnNameMaxLength(): number;
     getTableNameMaxLength(): number;
+    createIndex(collection: string, field: string, options?: CreateIndexOptions): Promise<Knex.SchemaBuilder>;
 }

package/dist/database/helpers/schema/types.js CHANGED Viewed

@@ -118,4 +118,10 @@ export class SchemaHelper extends DatabaseHelper {
     getTableNameMaxLength() {
         return 64;
     }
+    async createIndex(collection, field, options = {}) {
+        // fall back to concurrent index creation
+        const isUnique = Boolean(options.unique);
+        const constraintName = this.generateIndexName(isUnique ? 'unique' : 'index', collection, field);
+        return this.knex.raw(`CREATE ${isUnique ? 'UNIQUE ' : ''}INDEX ?? ON ?? (??)`, [constraintName, collection, field]);
+    }
 }

package/dist/database/migrations/20250813A-add-mcp.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;