@directus/api 36.0.0-rc.1 → 36.0.1

package/dist/ai/chat/lib/create-ui-stream.js

@@ -6,6 +6,7 @@ import "../../providers/index.js";
 import { getAITelemetryConfig } from "../../telemetry/index.js";
 import { SYSTEM_PROMPT } from "../constants/system-prompt.js";
 import { formatContextForSystemPrompt } from "../utils/format-context.js";
+import { applyAnthropicConversationCaching, buildCacheAwareSystemPrompt, formatUsageWithCacheTokens, sortToolsByName } from "../utils/prompt-caching.js";
 import { transformFilePartsForProvider } from "./transform-file-parts.js";
 import { ServiceUnavailableError } from "@directus/errors";
 import { convertToModelMessages, stepCountIs, streamText, wrapLanguageModel } from "ai";
@@ -27,35 +28,25 @@ const createUiStream = async (messages, { provider, model, tools, aiSettings, sy
 		model: languageModel,
 		middleware: devToolsMiddleware
 	});
-	const fullSystemPrompt = contextBlock ? baseSystemPrompt + contextBlock : baseSystemPrompt;
-	const finalTools = applyAnthropicToolSearch(provider, model, tools);
+	const streamSystemPrompt = buildCacheAwareSystemPrompt(provider, provider === "anthropic" || !contextBlock ? baseSystemPrompt : baseSystemPrompt + contextBlock);
+	const finalTools = sortToolsByName(applyAnthropicToolSearch(provider, model, tools));
 	const telemetryConfig = getAITelemetryConfig({
 		provider,
 		model,
 		userId,
 		role
 	});
+	const streamMessages = applyAnthropicConversationCaching(provider, await convertToModelMessages(transformFilePartsForProvider(messages)), contextBlock);
 	return streamText({
-		system: baseSystemPrompt,
+		system: streamSystemPrompt,
 		model: languageModel,
-		messages: await convertToModelMessages(transformFilePartsForProvider(messages)),
+		messages: streamMessages,
 		stopWhen: [stepCountIs(10)],
 		providerOptions,
 		tools: finalTools,
 		...telemetryConfig ? { experimental_telemetry: telemetryConfig } : {},
-		prepareStep: () => {
-			if (contextBlock) return { system: fullSystemPrompt };
-			return {};
-		},
-		onFinish({ usage }) {
-			if (onUsage) {
-				const { inputTokens, outputTokens, totalTokens } = usage;
-				onUsage({
-					inputTokens,
-					outputTokens,
-					totalTokens
-				});
-			}
+		onFinish(result) {
+			if (onUsage) onUsage(formatUsageWithCacheTokens(result));
 		}
 	});
 };

package/dist/ai/chat/utils/format-context.js

@@ -70,8 +70,6 @@ ${promptBlocks}
 </custom_instructions>`);
 	}
 	const sections = [];
-	const now = /* @__PURE__ */ new Date();
-	sections.push(`## Current Date\n${now.toISOString().split("T")[0]}`);
 	if (context.page) {
 		const page = context.page;
 		const pageLines = [`Path: ${escapeAngleBrackets(String(page.path))}`];
@@ -89,6 +87,8 @@ Use the items tool to fetch additional fields or update items when asked.
 
 ${itemLines}`);
 	}
+	const now = /* @__PURE__ */ new Date();
+	sections.push(`## Current Date\n${now.toISOString().split("T")[0]}`);
 	if (sections.length > 0) parts.push(`<user_context>\n${sections.join("\n\n")}\n</user_context>`);
 	if (groups.visualElements.length > 0) {
 		const elementLines = groups.visualElements.map(formatVisualElement).join("\n\n");

package/dist/ai/chat/utils/prompt-caching.js

@@ -0,0 +1,85 @@
+//#region src/ai/chat/utils/prompt-caching.ts
+function buildCacheAwareSystemPrompt(provider, content) {
+	if (provider !== "anthropic") return content;
+	return {
+		role: "system",
+		content,
+		providerOptions: { anthropic: { cacheControl: { type: "ephemeral" } } }
+	};
+}
+/**
+* For Anthropic, place a cache breakpoint on the last existing message so the conversation
+* prefix (tools + system + history) caches as it grows, and append the per-request page
+* context as a new user message after the breakpoint so it stays out of the cached prefix.
+*
+* Context is only appended after a real user turn. On multi-step continuations the last
+* message is an assistant or tool result; appending a user message there would make the
+* model respond to the context instead of synthesizing the tool output. The model still
+* sees context from the originating user turn earlier in the conversation.
+*
+* Other providers either auto-cache (Google/OpenAI) or don't support this, so we keep the
+* context inside the system prompt for them (handled upstream).
+*/
+function applyAnthropicConversationCaching(provider, messages, contextBlock) {
+	if (provider !== "anthropic" || messages.length === 0) return messages;
+	const lastIndex = messages.length - 1;
+	const messagesWithCache = messages.map((message, index) => index === lastIndex ? {
+		...message,
+		providerOptions: {
+			...message.providerOptions,
+			anthropic: {
+				...message.providerOptions?.["anthropic"],
+				cacheControl: { type: "ephemeral" }
+			}
+		}
+	} : message);
+	if (!contextBlock || messages[lastIndex]?.role !== "user") return messagesWithCache;
+	return [...messagesWithCache, {
+		role: "user",
+		content: contextBlock
+	}];
+}
+function sortToolsByName(tools) {
+	return Object.fromEntries(Object.entries(tools).sort(([a], [b]) => {
+		if (a < b) return -1;
+		if (a > b) return 1;
+		return 0;
+	}));
+}
+function formatUsageWithCacheTokens(result) {
+	const usage = result.totalUsage ?? result.usage;
+	const providerMetadata = result.steps?.map((step) => step.providerMetadata) ?? [result.providerMetadata];
+	const { inputTokens, outputTokens, totalTokens } = usage;
+	return {
+		inputTokens,
+		outputTokens,
+		totalTokens,
+		...getCacheTokenUsage(usage, providerMetadata)
+	};
+}
+function getCacheTokenUsage(usage, providerMetadata) {
+	const cacheReadTokens = usage.inputTokenDetails?.cacheReadTokens ?? usage.cachedInputTokens ?? sumNumbers([...providerMetadata.map((metadata) => getProviderMetadataNumber(metadata, "anthropic", "cacheReadInputTokens")), ...providerMetadata.map(getGoogleCachedContentTokenCount)]);
+	const cacheCreationTokens = usage.inputTokenDetails?.cacheWriteTokens ?? sumNumbers(providerMetadata.map((metadata) => getProviderMetadataNumber(metadata, "anthropic", "cacheCreationInputTokens")));
+	return {
+		...cacheReadTokens !== void 0 ? { cacheReadTokens } : {},
+		...cacheCreationTokens !== void 0 ? { cacheCreationTokens } : {}
+	};
+}
+function getProviderMetadataNumber(providerMetadata, providerName, fieldName) {
+	const value = providerMetadata?.[providerName]?.[fieldName];
+	return typeof value === "number" ? value : void 0;
+}
+function getGoogleCachedContentTokenCount(providerMetadata) {
+	const usageMetadata = providerMetadata?.["google"]?.["usageMetadata"];
+	if (!usageMetadata || typeof usageMetadata !== "object" || Array.isArray(usageMetadata)) return;
+	const cachedContentTokenCount = usageMetadata["cachedContentTokenCount"];
+	return typeof cachedContentTokenCount === "number" ? cachedContentTokenCount : void 0;
+}
+function sumNumbers(values) {
+	const definedValues = values.filter((value) => typeof value === "number");
+	if (definedValues.length === 0) return;
+	return definedValues.reduce((sum, value) => sum + value, 0);
+}
+
+//#endregion
+export { applyAnthropicConversationCaching, buildCacheAwareSystemPrompt, formatUsageWithCacheTokens, sortToolsByName };

package/dist/database/errors/dialects/postgres.js

@@ -34,7 +34,8 @@ function extractError(error, data) {
 		const matches = error.message.match(/"(.*?)"/g);
 		if (!matches) return error;
 		const collection = matches[0].slice(1, -1);
-		const field = matches[1]?.slice(1, -1) ?? null;
+		const fields = Object.keys(data);
+		const field = fields.length === 1 ? fields[0] : null;
 		return new ValueOutOfRangeError({
 			collection,
 			field,

package/dist/license/entitlements/lib/custom-permission-rules-enabled.js

@@ -3,7 +3,7 @@ import { ItemsService } from "../../../services/items.js";
 import { getSchema } from "../../../utils/get-schema.js";
 import "../../../services/index.js";
 import { isEqual } from "lodash-es";
-import { appAccessMinimalPermissions, appRecommendedPermissions } from "@directus/system-data";
+import { appRecommendedPermissions } from "@directus/system-data";
 
 //#region src/license/entitlements/lib/custom-permission-rules-enabled.ts
 function hasCustomRule(permission) {
@@ -16,11 +16,6 @@ function isRecommendedAppPermission(permission) {
 	if (!foundPermission) return false;
 	return isEqual(foundPermission.fields ?? null, permission.fields ?? null) && isEqual(foundPermission.permissions ?? null, permission.permissions ?? null);
 }
-function isMinimumAppPermission(permission) {
-	const foundPermission = appAccessMinimalPermissions.find((p) => p.action === permission.action && p.collection === permission.collection);
-	if (!foundPermission) return false;
-	return isEqual(foundPermission.fields ?? null, permission.fields ?? null) && isEqual(foundPermission.permissions ?? null, permission.permissions ?? null) && isEqual(foundPermission.validation ?? null, permission.validation ?? null) && isEqual(foundPermission.presets ?? null, permission.presets ?? null);
-}
 async function checkCustomPermissionRules(opts) {
 	const knex = opts?.knex ?? database_default();
 	return (await new ItemsService("directus_permissions", {
@@ -38,4 +33,4 @@ async function checkCustomPermissionRules(opts) {
 }
 
 //#endregion
-export { checkCustomPermissionRules, hasCustomRule, isMinimumAppPermission, isRecommendedAppPermission };
+export { checkCustomPermissionRules, hasCustomRule, isRecommendedAppPermission };

package/dist/license/entitlements/lib/seats.js

@@ -8,10 +8,49 @@ import { toBoolean } from "@directus/utils";
 import { USER_INACTIVE_LICENSE_STATUS } from "@directus/constants";
 
 //#region src/license/entitlements/lib/seats.ts
+/**
+* Group access rows to the admin/app users and roles that occupy a seat.
+*/
+function getSeatUsersAndRoles(accessRows) {
+	const adminRoles = /* @__PURE__ */ new Set();
+	const appRoles = /* @__PURE__ */ new Set();
+	const adminUsers = /* @__PURE__ */ new Set();
+	const appUsers = /* @__PURE__ */ new Set();
+	const appUsersByRole = /* @__PURE__ */ new Map();
+	for (const accessRow of accessRows) {
+		const { admin_access, app_access } = accessRow["policy"] || {};
+		const isAdmin = toBoolean(admin_access);
+		const isApp = !isAdmin && toBoolean(app_access);
+		if (!isAdmin && !isApp) continue;
+		if (accessRow["user"] && accessRow["user"].status === "active") {
+			const { id, role } = accessRow["user"];
+			if (isAdmin) {
+				adminUsers.add(id);
+				appUsers.delete(id);
+			} else if (adminUsers.has(id) === false && (!role || adminRoles.has(role) === false)) {
+				appUsers.add(id);
+				if (role) {
+					const roleUsers = appUsersByRole.get(role) ?? /* @__PURE__ */ new Set();
+					appUsersByRole.set(role, roleUsers.add(id));
+				}
+			}
+		}
+		if (accessRow["role"]) if (isAdmin) {
+			adminRoles.add(accessRow["role"]);
+			for (const id of appUsersByRole.get(accessRow["role"]) ?? []) appUsers.delete(id);
+		} else appRoles.add(accessRow["role"]);
+	}
+	return {
+		adminUsers,
+		appUsers,
+		adminRoles,
+		appRoles
+	};
+}
 async function getActiveSeats(opts) {
 	const knex = opts?.knex ?? database_default();
 	const schema = await getSchema({ database: knex });
-	const accessRows = await new AccessService({
+	const { adminUsers, appUsers, adminRoles, appRoles } = getSeatUsersAndRoles(await new AccessService({
 		schema,
 		knex
 	}).readByQuery({
@@ -24,22 +63,7 @@ async function getActiveSeats(opts) {
 			"policy.admin_access"
 		],
 		limit: -1
-	});
-	const adminRoles = /* @__PURE__ */ new Set();
-	const appRoles = /* @__PURE__ */ new Set();
-	const adminUsers = /* @__PURE__ */ new Set();
-	const appUsers = /* @__PURE__ */ new Set();
-	for (const accessRow of accessRows) {
-		const isAdmin = toBoolean(accessRow["policy"]?.["admin_access"]);
-		const isApp = !isAdmin && toBoolean(accessRow["policy"]?.["app_access"]);
-		if (!isAdmin && !isApp) continue;
-		if (accessRow["user"] && accessRow["user"].status === "active") {
-			if (isAdmin) adminUsers.add(accessRow["user"].id);
-			else if (adminUsers.has(accessRow["user"].id) === false && adminRoles.has(accessRow["user"]?.role) === false) appUsers.add(accessRow["user"].id);
-		}
-		if (accessRow["role"]) if (isAdmin) adminRoles.add(accessRow["role"]);
-		else appRoles.add(accessRow["role"]);
-	}
+	}));
 	const { adminRoles: allAdminRoles, appRoles: allAppRoles } = await fetchAccessRoles({
 		adminRoles,
 		appRoles
@@ -100,4 +124,4 @@ async function resolveSeats(seats, ctx) {
 }
 
 //#endregion
-export { countActiveSeats, getActiveSeats, resolveSeats };
+export { countActiveSeats, getActiveSeats, getSeatUsersAndRoles, resolveSeats };

package/dist/license/entitlements/lib/sso-enabled.js

@@ -3,6 +3,7 @@ import database_default from "../../../database/index.js";
 import { getSchema } from "../../../utils/get-schema.js";
 import { UsersService } from "../../../services/users.js";
 import "../../../services/index.js";
+import { isObject } from "@directus/utils";
 import { USER_INACTIVE_LICENSE_STATUS } from "@directus/constants";
 
 //#region src/license/entitlements/lib/sso-enabled.ts
@@ -33,7 +34,7 @@ async function resolveSSOUsers(resolution, ctx) {
 		_neq: DEFAULT_AUTH_PROVIDER,
 		_nnull: true
 	} }, { id: { _neq: adminId } }] } }, { status: USER_INACTIVE_LICENSE_STATUS });
-	if (typeof resolution === "object" && Object.keys(resolution.admin).length) {
+	if (isObject(resolution) && Object.keys(resolution.admin ?? {}).length) {
 		const payload = { provider: DEFAULT_AUTH_PROVIDER };
 		if (resolution.admin.email?.length) payload["email"] = resolution.admin.email;
 		if (resolution.admin.password?.length) payload["password"] = resolution.admin.password;

package/dist/services/items.js

@@ -507,17 +507,22 @@ var ItemsService = class ItemsService {
 					});
 					const snapshotFields = difference(fields, getRelationsForCollection(this.schema, this.collection));
 					const snapshots = await itemsService.readMany(keys, { fields: snapshotFields.length > 0 ? snapshotFields : ["*"] });
+					const snapshotsByKey = new Map(snapshots.map((snapshot) => [String(snapshot[primaryKeyField]), snapshot]));
 					const revisionsService = new RevisionsService({
 						knex: trx,
 						schema: this.schema
 					});
-					const revisions = (await Promise.all(activity.map(async (activity$1, index) => ({
-						activity: activity$1,
-						collection: this.collection,
-						item: keys[index],
-						data: Array.isArray(snapshots) && snapshots[index] ? await payloadService.prepareDelta(snapshots[index]) : null,
-						delta: await payloadService.prepareDelta(payloadWithTypeCasting)
-					})))).filter((revision) => revision.delta);
+					const revisions = (await Promise.all(activity.map(async (activity$1, index) => {
+						const key = keys[index];
+						const snapshot = snapshotsByKey.get(String(key));
+						return {
+							activity: activity$1,
+							collection: this.collection,
+							item: key,
+							data: snapshot ? await payloadService.prepareDelta(snapshot) : null,
+							delta: await payloadService.prepareDelta(payloadWithTypeCasting)
+						};
+					}))).filter((revision) => revision.delta);
 					const revisionIDs = await revisionsService.createMany(revisions);
 					for (let i = 0; i < revisionIDs.length; i++) {
 						const revisionID = revisionIDs[i];

package/dist/services/permissions.js

@@ -41,13 +41,13 @@ var PermissionsService = class extends ItemsService {
 		return withAppMinimalPermissions(this.accountability, mappedPermissions, query.filter);
 	}
 	async createOne(data, opts) {
-		if (hasCustomRule(data) && !isRecommendedAppPermission(data)) await getEntitlementManager().assert("custom_permission_rules_enabled", { knex: this.knex });
+		if (!getEntitlementManager().isEntitled("custom_permission_rules_enabled") && hasCustomRule(data) && !isRecommendedAppPermission(data)) throw new ResourceRestrictedError({ category: "custom_permission_rules_enabled" });
 		const res = await super.createOne(data, opts);
 		await this.clearCaches(opts);
 		return res;
 	}
 	async updateMany(keys, data, opts) {
-		if (hasCustomRule(data) && !isRecommendedAppPermission(data)) await getEntitlementManager().assert("custom_permission_rules_enabled", { knex: this.knex });
+		if (!getEntitlementManager().isEntitled("custom_permission_rules_enabled") && hasCustomRule(data) && !isRecommendedAppPermission(data)) throw new ResourceRestrictedError({ category: "custom_permission_rules_enabled" });
 		const res = await super.updateMany(keys, data, opts);
 		await this.clearCaches(opts);
 		return res;

package/dist/utils/get-cache-key.js

@@ -34,6 +34,7 @@ async function getCacheKey(req) {
 		path,
 		query: isGraphQl ? getGraphqlQueryAndVariables(req) : req.sanitizedQuery,
 		...flowTriggerQuery && { rawQuery: flowTriggerQuery },
+		...req.accountability?.share && { share: req.accountability.share },
 		...includeIp && { ip: req.accountability.ip }
 	});
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "36.0.0-rc.1",
+  "version": "36.0.1",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -166,30 +166,30 @@
     "ws": "8.18.3",
     "zod": "4.1.12",
     "zod-validation-error": "4.0.2",
-    "@directus/app": "16.0.0-rc.1",
-    "@directus/constants": "14.4.0-rc.1",
-    "@directus/errors": "2.4.0-rc.0",
-    "@directus/ai": "1.3.2-rc.0",
-    "@directus/env": "6.0.0-rc.1",
-    "@directus/extensions": "4.0.0-rc.1",
-    "@directus/format-title": "13.0.0-rc.0",
-    "@directus/extensions-registry": "4.0.0-rc.1",
-    "@directus/memory": "4.0.0-rc.1",
-    "@directus/pressure": "4.0.0-rc.1",
-    "@directus/extensions-sdk": "18.0.0-rc.1",
-    "@directus/schema": "14.0.0-rc.0",
-    "@directus/storage": "13.0.0-rc.0",
-    "@directus/specs": "14.0.0-rc.0",
-    "@directus/storage-driver-azure": "13.0.0-rc.1",
-    "@directus/storage-driver-cloudinary": "13.0.0-rc.1",
-    "@directus/storage-driver-gcs": "13.0.0-rc.1",
-    "@directus/storage-driver-local": "13.0.0-rc.0",
-    "@directus/storage-driver-s3": "13.0.0-rc.1",
-    "@directus/system-data": "4.5.0-rc.1",
-    "@directus/utils": "13.5.0-rc.1",
-    "@directus/storage-driver-supabase": "4.0.0-rc.1",
-    "@directus/validation": "3.0.0-rc.1",
-    "directus": "12.0.0-rc.2"
+    "@directus/ai": "1.3.2",
+    "@directus/app": "16.1.0",
+    "@directus/constants": "14.4.0",
+    "@directus/env": "6.0.0",
+    "@directus/errors": "2.4.0",
+    "@directus/extensions": "4.0.0",
+    "@directus/format-title": "13.0.0",
+    "@directus/memory": "4.0.0",
+    "@directus/extensions-sdk": "18.0.0",
+    "@directus/extensions-registry": "4.0.0",
+    "@directus/schema": "14.0.0",
+    "@directus/specs": "14.0.0",
+    "@directus/pressure": "4.0.0",
+    "@directus/storage-driver-azure": "13.0.0",
+    "@directus/storage-driver-cloudinary": "13.0.0",
+    "@directus/storage-driver-local": "13.0.0",
+    "@directus/storage-driver-gcs": "13.0.0",
+    "@directus/storage-driver-supabase": "4.0.0",
+    "@directus/storage-driver-s3": "13.0.0",
+    "@directus/system-data": "4.5.0",
+    "@directus/storage": "13.0.0",
+    "@directus/utils": "13.5.0",
+    "@directus/validation": "3.0.0",
+    "directus": "12.0.1"
   },
   "devDependencies": {
     "@directus/tsconfig": "4.0.0",
@@ -224,15 +224,15 @@
     "@types/stream-json": "1.7.8",
     "@types/wellknown": "0.5.8",
     "@types/ws": "8.18.1",
-    "@vitest/coverage-v8": "3.2.4",
+    "@vitest/coverage-v8": "3.2.6",
     "copyfiles": "2.4.1",
     "form-data": "4.0.4",
     "get-port": "7.1.0",
     "knex-mock-client": "3.0.2",
     "typescript": "5.9.3",
-    "vitest": "3.2.4",
-    "@directus/schema-builder": "1.0.0-rc.1",
-    "@directus/types": "16.0.0-rc.1"
+    "vitest": "3.2.6",
+    "@directus/schema-builder": "1.0.0",
+    "@directus/types": "16.0.0"
   },
   "optionalDependencies": {
     "@keyv/redis": "3.0.1",