@directus/api 9.26.0 → 10.1.0

package/dist/app.js

@@ -1,3 +1,4 @@
+import { handlePressure } from '@directus/pressure';
 import cookieParser from 'cookie-parser';
 import express from 'express';
 import { merge } from 'lodash-es';
@@ -38,6 +39,7 @@ import { isInstalled, validateDatabaseConnection, validateDatabaseExtensions, va
 import emitter from './emitter.js';
 import env from './env.js';
 import { InvalidPayloadException } from './exceptions/invalid-payload.js';
+import { ServiceUnavailableException } from './exceptions/service-unavailable.js';
 import { getExtensionManager } from './extensions.js';
 import { getFlowManager } from './flows.js';
 import logger, { expressLogger } from './logger.js';
@@ -84,6 +86,21 @@ export default async function createApp() {
     app.disable('x-powered-by');
     app.set('trust proxy', env['IP_TRUST_PROXY']);
     app.set('query parser', (str) => qs.parse(str, { depth: 10 }));
+    if (env['PRESSURE_LIMITER_ENABLED']) {
+        const sampleInterval = Number(env['PRESSURE_LIMITER_SAMPLE_INTERVAL']);
+        if (Number.isNaN(sampleInterval) === true || Number.isFinite(sampleInterval) === false) {
+            throw new Error(`Invalid value for PRESSURE_LIMITER_SAMPLE_INTERVAL environment variable`);
+        }
+        app.use(handlePressure({
+            sampleInterval,
+            maxEventLoopUtilization: env['PRESSURE_LIMITER_MAX_EVENT_LOOP_UTILIZATION'],
+            maxEventLoopDelay: env['PRESSURE_LIMITER_MAX_EVENT_LOOP_DELAY'],
+            maxMemoryRss: env['PRESSURE_LIMITER_MAX_MEMORY_RSS'],
+            maxMemoryHeapUsed: env['PRESSURE_LIMITER_MAX_MEMORY_HEAP_USED'],
+            error: new ServiceUnavailableException('Under pressure', { service: 'api' }),
+            retryAfter: env['PRESSURE_LIMITER_RETRY_AFTER'],
+        }));
+    }
     app.use(helmet.contentSecurityPolicy(merge({
         useDefaults: true,
         directives: {

package/dist/auth/drivers/oauth2.js

@@ -117,7 +117,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
         if (userId) {
             // Run hook so the end user has the chance to augment the
             // user that is about to be updated
-            const updatedUserPayload = await emitter.emitFilter(`auth.update`, {}, {
+            const updatedUserPayload = await emitter.emitFilter(`auth.update`, { auth_data: userPayload.auth_data }, {
                 identifier,
                 provider: this.config['provider'],
                 providerPayload: { accessToken: tokenSet.access_token, userInfo },

package/dist/auth/drivers/openid.js

@@ -136,7 +136,7 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
         if (userId) {
             // Run hook so the end user has the chance to augment the
             // user that is about to be updated
-            const updatedUserPayload = await emitter.emitFilter(`auth.update`, {}, {
+            const updatedUserPayload = await emitter.emitFilter(`auth.update`, { auth_data: userPayload.auth_data }, {
                 identifier,
                 provider: this.config['provider'],
                 providerPayload: { accessToken: tokenSet.access_token, userInfo },

package/dist/cli/commands/bootstrap/index.js

@@ -34,6 +34,7 @@ export default async function bootstrap({ skipAdminInit }) {
         logger.info('Running migrations...');
         await runMigrations(database, 'latest');
     }
+    await database.destroy();
     logger.info('Done');
     process.exit(0);
 }

package/dist/controllers/flows.js

@@ -13,7 +13,7 @@ const router = express.Router();
 router.use(useCollection('directus_flows'));
 const webhookFlowHandler = asyncHandler(async (req, res, next) => {
     const flowManager = getFlowManager();
-    const result = await flowManager.runWebhookFlow(`${req.method}-${req.params['pk']}`, {
+    const { result, cacheEnabled } = await flowManager.runWebhookFlow(`${req.method}-${req.params['pk']}`, {
         path: req.path,
         query: req.query,
         body: req.body,
@@ -23,6 +23,9 @@ const webhookFlowHandler = asyncHandler(async (req, res, next) => {
         accountability: req.accountability,
         schema: req.schema,
     });
+    if (!cacheEnabled) {
+        res.locals['cache'] = false;
+    }
     res.locals['payload'] = result;
     return next();
 });

package/dist/controllers/schema.js

@@ -15,20 +15,17 @@ router.get('/snapshot', asyncHandler(async (req, res, next) => {
     res.locals['payload'] = { data: currentSnapshot };
     return next();
 }), respond);
-router.post('/apply', asyncHandler(async (req, _res, next) => {
-    const service = new SchemaService({ accountability: req.accountability });
-    await service.apply(req.body);
-    return next();
-}), respond);
 const schemaMultipartHandler = (req, res, next) => {
     if (req.is('application/json')) {
-        if (Object.keys(req.body).length === 0)
+        if (Object.keys(req.body).length === 0) {
             throw new InvalidPayloadException(`No data was included in the body`);
-        res.locals['uploadedSnapshot'] = req.body;
+        }
+        res.locals['upload'] = req.body;
         return next();
     }
-    if (!req.is('multipart/form-data'))
+    if (!req.is('multipart/form-data')) {
         throw new UnsupportedMediaTypeException(`Unsupported Content-Type header`);
+    }
     const headers = req.headers['content-type']
         ? req.headers
         : {
@@ -37,7 +34,7 @@ const schemaMultipartHandler = (req, res, next) => {
         };
     const busboy = Busboy({ headers });
     let isFileIncluded = false;
-    let uploadedSnapshot = null;
+    let upload = null;
     busboy.on('file', async (_, fileStream, { mimeType }) => {
         if (isFileIncluded)
             return next(new InvalidPayloadException(`More than one file was included in the body`));
@@ -47,25 +44,26 @@ const schemaMultipartHandler = (req, res, next) => {
             const uploadedString = await readableStreamToString(fileStream);
             if (mimeType === 'application/json') {
                 try {
-                    uploadedSnapshot = parseJSON(uploadedString);
+                    upload = parseJSON(uploadedString);
                 }
                 catch (err) {
                     logger.warn(err);
-                    throw new InvalidPayloadException('Invalid JSON schema snapshot');
+                    throw new InvalidPayloadException('The provided JSON is invalid.');
                 }
             }
             else {
                 try {
-                    uploadedSnapshot = (await loadYaml(uploadedString));
+                    upload = await loadYaml(uploadedString);
                 }
                 catch (err) {
                     logger.warn(err);
-                    throw new InvalidPayloadException('Invalid YAML schema snapshot');
+                    throw new InvalidPayloadException('The provided YAML is invalid.');
                 }
             }
-            if (!uploadedSnapshot)
+            if (!upload) {
                 throw new InvalidPayloadException(`No file was included in the body`);
-            res.locals['uploadedSnapshot'] = uploadedSnapshot;
+            }
+            res.locals['upload'] = upload;
             return next();
         }
         catch (error) {
@@ -81,7 +79,7 @@ const schemaMultipartHandler = (req, res, next) => {
 };
 router.post('/diff', asyncHandler(schemaMultipartHandler), asyncHandler(async (req, res, next) => {
     const service = new SchemaService({ accountability: req.accountability });
-    const snapshot = res.locals['uploadedSnapshot'];
+    const snapshot = res.locals['upload'];
     const currentSnapshot = await service.snapshot();
     const snapshotDiff = await service.diff(snapshot, { currentSnapshot, force: 'force' in req.query });
     if (!snapshotDiff)
@@ -90,4 +88,10 @@ router.post('/diff', asyncHandler(schemaMultipartHandler), asyncHandler(async (r
     res.locals['payload'] = { data: { hash: currentSnapshotHash, diff: snapshotDiff } };
     return next();
 }), respond);
+router.post('/apply', asyncHandler(schemaMultipartHandler), asyncHandler(async (req, res, next) => {
+    const service = new SchemaService({ accountability: req.accountability });
+    const diff = res.locals['upload'];
+    await service.apply(diff);
+    return next();
+}), respond);
 export default router;

package/dist/controllers/utils.js

@@ -15,8 +15,9 @@ import { sanitizeQuery } from '../utils/sanitize-query.js';
 const router = Router();
 router.get('/random/string', asyncHandler(async (req, res) => {
     const { nanoid } = await import('nanoid');
-    if (req.query && req.query['length'] && Number(req.query['length']) > 500)
+    if (req.query && req.query['length'] && Number(req.query['length']) > 500) {
         throw new InvalidQueryException(`"length" can't be more than 500 characters`);
+    }
     const string = nanoid(req.query?.['length'] ? Number(req.query['length']) : 32);
     return res.json({ data: string });
 }));
@@ -61,8 +62,9 @@ router.post('/revert/:revision', asyncHandler(async (req, _res, next) => {
     next();
 }), respond);
 router.post('/import/:collection', collectionExists, asyncHandler(async (req, res, next) => {
-    if (req.is('multipart/form-data') === false)
+    if (req.is('multipart/form-data') === false) {
         throw new UnsupportedMediaTypeException(`Unsupported Content-Type header`);
+    }
     const service = new ImportService({
         accountability: req.accountability,
         schema: req.schema,

package/dist/database/migrations/run.js

@@ -7,13 +7,14 @@ import path from 'path';
 import { flushCaches } from '../../cache.js';
 import env from '../../env.js';
 import logger from '../../logger.js';
+import getModuleDefault from '../../utils/get-module-default.js';
 const __dirname = dirname(fileURLToPath(import.meta.url));
 export default async function run(database, direction, log = true) {
     let migrationFiles = await fse.readdir(__dirname);
     const customMigrationsPath = path.resolve(env['EXTENSIONS_PATH'], 'migrations');
     let customMigrationFiles = ((await fse.pathExists(customMigrationsPath)) && (await fse.readdir(customMigrationsPath))) || [];
     migrationFiles = migrationFiles.filter((file) => /^[0-9]+[A-Z]-[^.]+\.(?:js|ts)$/.test(file));
-    customMigrationFiles = customMigrationFiles.filter((file) => file.endsWith('.js'));
+    customMigrationFiles = customMigrationFiles.filter((file) => /\.(c|m)?js$/.test(file));
     const completedMigrations = await database.select('*').from('directus_migrations').orderBy('version');
     const migrations = [
         ...migrationFiles.map((path) => parseFilePath(path)),
@@ -84,7 +85,7 @@ export default async function run(database, direction, log = true) {
         for (const migration of migrations) {
             if (migration.completed === false) {
                 needsCacheFlush = true;
-                const { up } = await import(`file://${migration.file}`);
+                const { up } = getModuleDefault(await import(`file://${migration.file}`));
                 if (log) {
                     logger.info(`Applying ${migration.name}...`);
                 }

package/dist/env.js

@@ -262,6 +262,13 @@ const defaults = {
     GRAPHQL_INTROSPECTION: true,
     FLOWS_EXEC_ALLOWED_MODULES: false,
     FLOWS_ENV_ALLOW_LIST: false,
+    PRESSURE_LIMITER_ENABLED: true,
+    PRESSURE_LIMITER_SAMPLE_INTERVAL: 250,
+    PRESSURE_LIMITER_MAX_EVENT_LOOP_UTILIZATION: 0.99,
+    PRESSURE_LIMITER_MAX_EVENT_LOOP_DELAY: 500,
+    PRESSURE_LIMITER_MAX_MEMORY_RSS: false,
+    PRESSURE_LIMITER_MAX_MEMORY_HEAP_USED: false,
+    PRESSURE_LIMITER_RETRY_AFTER: false,
 };
 // Allows us to force certain environment variable into a type, instead of relying
 // on the auto-parsed type in processValues. ref #3705

package/dist/extensions.js

@@ -1,4 +1,4 @@
-import { APP_EXTENSION_TYPES, APP_SHARED_DEPS, HYBRID_EXTENSION_TYPES, NESTED_EXTENSION_TYPES, } from '@directus/constants';
+import { APP_EXTENSION_TYPES, APP_SHARED_DEPS, HYBRID_EXTENSION_TYPES, JAVASCRIPT_FILE_EXTS, NESTED_EXTENSION_TYPES, } from '@directus/constants';
 import * as sharedExceptions from '@directus/exceptions';
 import { isIn, isTypeIn, pluralize } from '@directus/utils';
 import { ensureExtensionDirs, generateExtensionsEntrypoint, getLocalExtensions, getPackageExtensions, pathToRelativeUrl, resolvePackage, resolvePackageExtensions, } from '@directus/utils/node';
@@ -201,15 +201,14 @@ class ExtensionManager {
         const extensionDirUrl = pathToRelativeUrl(env['EXTENSIONS_PATH']);
         const localExtensionUrls = NESTED_EXTENSION_TYPES.flatMap((type) => {
             const typeDir = path.posix.join(extensionDirUrl, pluralize(type));
-            const fileExts = ['js', 'mjs', 'cjs'];
             if (isIn(type, HYBRID_EXTENSION_TYPES)) {
                 return [
-                    path.posix.join(typeDir, '*', `app.{${fileExts.join()}}`),
-                    path.posix.join(typeDir, '*', `api.{${fileExts.join()}}`),
+                    path.posix.join(typeDir, '*', `app.{${JAVASCRIPT_FILE_EXTS.join()}}`),
+                    path.posix.join(typeDir, '*', `api.{${JAVASCRIPT_FILE_EXTS.join()}}`),
                 ];
             }
             else {
-                return path.posix.join(typeDir, '*', `index.{${fileExts.join()}}`);
+                return path.posix.join(typeDir, '*', `index.{${JAVASCRIPT_FILE_EXTS.join()}}`);
             }
         });
         this.watcher = chokidar.watch([path.resolve('package.json'), path.posix.join(extensionDirUrl, '*', 'package.json'), ...localExtensionUrls], {

package/dist/flows.d.ts

@@ -13,7 +13,10 @@ declare class FlowManager {
     addOperation(id: string, operation: OperationHandler): void;
     clearOperations(): void;
     runOperationFlow(id: string, data: unknown, context: Record<string, unknown>): Promise<unknown>;
-    runWebhookFlow(id: string, data: unknown, context: Record<string, unknown>): Promise<unknown>;
+    runWebhookFlow(id: string, data: unknown, context: Record<string, unknown>): Promise<{
+        result: unknown;
+        cacheEnabled: boolean;
+    }>;
     private load;
     private unload;
     private executeFlow;

package/dist/flows.js

@@ -9,7 +9,6 @@ import getDatabase from './database/index.js';
 import emitter from './emitter.js';
 import env from './env.js';
 import * as exceptions from './exceptions/index.js';
-import { BaseException } from '@directus/exceptions';
 import logger from './logger.js';
 import { getMessenger } from './messenger.js';
 import { ActivityService } from './services/activity.js';
@@ -20,6 +19,7 @@ import { constructFlowTree } from './utils/construct-flow-tree.js';
 import { getSchema } from './utils/get-schema.js';
 import { JobQueue } from './utils/job-queue.js';
 import { mapValuesDeep } from './utils/map-values-deep.js';
+import { sanitizeError } from './utils/sanitize-error.js';
 let flowManager;
 const redactLogs = fastRedact({
     censor: '--redacted--',
@@ -167,16 +167,20 @@ class FlowManager {
                 this.operationFlowHandlers[flow.id] = handler;
             }
             else if (flow.trigger === 'webhook') {
-                const handler = (data, context) => {
+                const method = flow.options?.['method'] ?? 'GET';
+                const handler = async (data, context) => {
+                    let cacheEnabled = true;
+                    if (method === 'GET') {
+                        cacheEnabled = flow.options['cacheEnabled'] !== false;
+                    }
                     if (flow.options['async']) {
                         this.executeFlow(flow, data, context);
-                        return undefined;
+                        return { result: undefined, cacheEnabled };
                     }
                     else {
-                        return this.executeFlow(flow, data, context);
+                        return { result: await this.executeFlow(flow, data, context), cacheEnabled };
                     }
                 };
-                const method = flow.options?.['method'] ?? 'GET';
                 // Default return to $last for webhooks
                 flow.options['return'] = flow.options['return'] ?? '$last';
                 this.webhookFlowHandlers[`${method}-${flow.id}`] = handler;
@@ -325,11 +329,9 @@ class FlowManager {
         }
         catch (error) {
             let data;
-            if (error instanceof BaseException) {
-                data = { message: error.message, code: error.code, extensions: error.extensions, status: error.status };
-            }
-            else if (error instanceof Error) {
-                data = { message: error.message };
+            if (error instanceof Error) {
+                // make sure we dont expose the stack trace
+                data = sanitizeError(error);
             }
             else if (typeof error === 'string') {
                 // If the error is a JSON string, parse it and use that as the error data

package/dist/services/collections.js

@@ -60,7 +60,7 @@ export class CollectionsService {
                     // Directus heavily relies on the primary key of a collection, so we have to make sure that
                     // every collection that is created has a primary key. If no primary key field is created
                     // while making the collection, we default to an auto incremented id named `id`
-                    if (!payload.fields)
+                    if (!payload.fields) {
                         payload.fields = [
                             {
                                 field: 'id',
@@ -76,6 +76,7 @@ export class CollectionsService {
                                 },
                             },
                         ];
+                    }
                     // Ensure that every field meta has the field/collection fields filled correctly
                     payload.fields = payload.fields.map((field) => {
                         if (field.meta) {

package/dist/services/graphql/index.js

@@ -98,8 +98,9 @@ export class GraphQLService {
         const formattedResult = {};
         if (result['data'])
             formattedResult.data = result['data'];
-        if (result['errors'])
+        if (result['errors']) {
             formattedResult.errors = result['errors'].map((error) => processError(this.accountability, error));
+        }
         if (result['extensions'])
             formattedResult.extensions = result['extensions'];
         return formattedResult;
@@ -285,8 +286,9 @@ export class GraphQLService {
                             type = new GraphQLNonNull(type);
                         }
                         if (collection.primary === field.field) {
-                            if (!field.defaultValue && !field.special.includes('uuid') && action === 'create')
+                            if (!field.defaultValue && !field.special.includes('uuid') && action === 'create') {
                                 type = new GraphQLNonNull(GraphQLID);
+                            }
                             else if (['create', 'update'].includes(action))
                                 type = GraphQLID;
                             else

package/dist/services/items.js

@@ -144,7 +144,7 @@ export class ItemsService {
                 // to read from it
                 payload[primaryKeyField] = primaryKey;
             }
-            const { revisions: revisionsO2M, nestedActionEvents: nestedActionEventsO2M } = await payloadService.processO2M(payload, primaryKey, opts);
+            const { revisions: revisionsO2M, nestedActionEvents: nestedActionEventsO2M } = await payloadService.processO2M(payloadWithPresets, primaryKey, opts);
             nestedActionEvents.push(...nestedActionEventsM2O);
             nestedActionEvents.push(...nestedActionEventsA2O);
             nestedActionEvents.push(...nestedActionEventsO2M);

package/dist/services/permissions.js

@@ -50,31 +50,49 @@ export class PermissionsService extends ItemsService {
     async createOne(data, opts) {
         const res = await super.createOne(data, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
     async createMany(data, opts) {
         const res = await super.createMany(data, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
     async updateBatch(data, opts) {
         const res = await super.updateBatch(data, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
     async updateMany(keys, data, opts) {
         const res = await super.updateMany(keys, data, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
     async upsertMany(payloads, opts) {
         const res = await super.upsertMany(payloads, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
     async deleteMany(keys, opts) {
         const res = await super.deleteMany(keys, opts);
         await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
         return res;
     }
 }

package/dist/utils/apply-query.js

@@ -188,8 +188,9 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
             if (key === '_or' || key === '_and') {
                 // If the _or array contains an empty object (full permissions), we should short-circuit and ignore all other
                 // permission checks, as {} already matches full permissions.
-                if (key === '_or' && value.some((subFilter) => Object.keys(subFilter).length === 0))
+                if (key === '_or' && value.some((subFilter) => Object.keys(subFilter).length === 0)) {
                     continue;
+                }
                 value.forEach((subFilter) => {
                     addJoins(dbQuery, subFilter, collection);
                 });
@@ -484,8 +485,10 @@ export async function applySearch(schema, dbQuery, searchQuery, collection) {
             }
             else if (['bigInteger', 'integer', 'decimal', 'float'].includes(field.type)) {
                 const number = Number(searchQuery);
-                if (!isNaN(number))
+                // only cast finite base10 numeric values
+                if (validateNumber(searchQuery, number)) {
                     this.orWhere({ [`${collection}.${name}`]: number });
+                }
             }
             else if (field.type === 'uuid' && validate(searchQuery)) {
                 this.orWhere({ [`${collection}.${name}`]: searchQuery });
@@ -493,6 +496,13 @@ export async function applySearch(schema, dbQuery, searchQuery, collection) {
         });
     });
 }
+function validateNumber(value, parsed) {
+    if (isNaN(parsed) || !Number.isFinite(parsed))
+        return false;
+    // casting parsed value back to string should be equal the original value
+    // (prevent unintended number parsing, e.g. String(7) !== "ob111")
+    return String(parsed) === value;
+}
 export function applyAggregate(dbQuery, aggregate, collection) {
     for (const [operation, fields] of Object.entries(aggregate)) {
         if (!fields)

package/dist/utils/sanitize-error.d.ts

@@ -0,0 +1 @@
+export declare function sanitizeError<T extends Error>(error: T): T;

package/dist/utils/sanitize-error.js

@@ -0,0 +1,7 @@
+export function sanitizeError(error) {
+    // clear the stack
+    if (error.stack !== undefined) {
+        delete error.stack;
+    }
+    return error;
+}

package/dist/utils/sanitize-query.js

@@ -25,7 +25,7 @@ export function sanitizeQuery(rawQuery, accountability) {
     if (rawQuery['filter']) {
         query.filter = sanitizeFilter(rawQuery['filter'], accountability || null);
     }
-    if (rawQuery['offset']) {
+    if (rawQuery['offset'] !== undefined) {
         query.offset = sanitizeOffset(rawQuery['offset']);
     }
     if (rawQuery['page']) {

package/dist/utils/transformations.js

@@ -1,6 +1,6 @@
 export function resolvePreset(input, file) {
-    const transforms = input.transforms ?? [];
-    if (input.format || input.quality)
+    const transforms = input.transforms ? [...input.transforms] : [];
+    if (input.format || input.quality) {
         transforms.push([
             'toFormat',
             input.format || file.type.split('/')[1],
@@ -8,7 +8,8 @@ export function resolvePreset(input, file) {
                 quality: input.quality ? Number(input.quality) : undefined,
             },
         ]);
-    if (input.width || input.height)
+    }
+    if (input.width || input.height) {
         transforms.push([
             'resize',
             {
@@ -18,6 +19,7 @@ export function resolvePreset(input, file) {
                 withoutEnlargement: input.withoutEnlargement ? Boolean(input.withoutEnlargement) : undefined,
             },
         ]);
+    }
     return transforms;
 }
 /**

package/license

@@ -0,0 +1,107 @@
+Licensor:             Monospace, Inc.
+
+Licensed Work:        Directus
+                      The Licensed Work is Copyright © 2023 Monospace, Inc.
+
+Additional Use Grant: You may use the Licensed Work in production as long as
+                      your Total Finances do not exceed US $5,000,000 for the
+                      most recent 12-month period, provided that Monospace, Inc.
+                      will not be liable to you in any way, including for any
+                      damages, including general, special, incidental or
+                      consequential damages, arising out of such use.
+
+                      References to: “Total Finances” mean the largest of your
+                      aggregate gross revenues, entire budget, and/or funding
+                      (no matter the source); “you” and “your” include (without
+                      limitation) any individual or entity agreeing to these
+                      terms and any affiliates of such individual or entity; and
+                      “production” mean any use other than (i) development of
+                      (including evaluation of the Licensed Work), debugging, or
+                      testing your offerings, or (ii) making the Licensed Work
+                      available standalone in unmodified object code form.
+
+Change Date:          Three years from release date
+
+Change License:       GNU General Public License (GPL) v3
+
+For information about alternative licensing arrangements, please visit
+https://directus.io/pricing.
+
+--------------------------------------------------------------------------------
+
+Business Source License 1.1
+
+Terms
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work. The
+Licensor may make an Additional Use Grant, above, permitting limited production
+use.
+
+Effective on the Change Date, or the fourth anniversary of the first publicly
+available distribution of a specific version of the Licensed Work under this
+License, whichever comes first, the Licensor hereby grants you rights under the
+terms of the Change License, and the rights granted in the paragraph above
+terminate.
+
+If your use of the Licensed Work does not comply with the requirements currently
+in effect as described in this License, you must purchase a commercial license
+from the Licensor, its affiliated entities, or authorized resellers, or you must
+refrain from using the Licensed Work.
+
+All copies of the original and modified Licensed Work, and derivative works of
+the Licensed Work, are subject to this License. This License applies separately
+for each version of the Licensed Work and the Change Date may vary for each
+version of the Licensed Work released by Licensor.
+
+You must conspicuously display this License on each original or modified copy of
+the Licensed Work. If you receive the Licensed Work in original or modified form
+from a third party, the terms and conditions set forth in this License apply to
+your use of that work.
+
+Any use of the Licensed Work in violation of this License will automatically
+terminate your rights under this License for the current and all other versions
+of the Licensed Work.
+
+This License does not grant you any right in any trademark or logo of Licensor
+or its affiliates (provided that you may use a trademark or logo of Licensor as
+expressly required by this License).
+
+TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON AN
+“AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, EXPRESS
+OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND TITLE.
+
+MariaDB hereby grants you permission to use this License’s text to license your
+works, and to refer to it using the trademark “Business Source License”, as long
+as you comply with the Covenants of Licensor below.
+
+Covenants of Licensor
+
+In consideration of the right to use this License’s text and the “Business
+Source License” name and trademark, Licensor covenants to MariaDB, and to all
+other recipients of the licensed work to be provided by Licensor:
+
+1. To specify as the Change License the GPL Version 2.0 or any later version,
+   or a license that is compatible with GPL Version 2.0 or a later version,
+   where “compatible” means that software provided under the Change License can
+   be included in a program with software provided under GPL Version 2.0 or a
+   later version. Licensor may specify additional Change Licenses without
+   limitation.
+
+2. To either: (a) specify an additional grant of rights to use that does not
+   impose any additional restriction on the right granted in this License, as
+   the Additional Use Grant; or (b) insert the text “None”.
+
+3. To specify a Change Date.
+
+4. Not to modify this License in any other way.
+
+Notice
+
+The Business Source License (this document, or the "License") is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.
+
+License text copyright © 2023 MariaDB plc, All Rights Reserved.
+“Business Source License” is a trademark of MariaDB plc.