@exulu/backend 1.39.0 → 1.39.2

package/CHANGELOG.md

@@ -1,6 +1,6 @@
-# [1.39.0](https://github.com/Qventu/exulu-backend/compare/v1.38.0...v1.39.0) (2025-12-03)
+## [1.39.2](https://github.com/Qventu/exulu-backend/compare/v1.39.1...v1.39.2) (2025-12-03)
 
 
-### Features
+### Bug Fixes
 
-* add project-scoped context retrieval and enhanced personalization ([3c52de5](https://github.com/Qventu/exulu-backend/commit/3c52de58661aa450f3bf1721f366173a894c36bc))
+* image handling in chat api ([62cecf8](https://github.com/Qventu/exulu-backend/commit/62cecf889d917f956768075d02e62dd8a88961df))

package/changelog-backend-10.11.2025_03.12.2025.md

@@ -0,0 +1,316 @@
+
+----
+
+### feat: add project-scoped context retrieval and enhanced personalization
+
+Date: 2025-12-03
+Author: dclaessen-exulu
+
+This commit introduces a comprehensive project-based information retrieval
+system and several enhancements to the agent and context infrastructure:
+
+**Project Context Retrieval:**
+- Add createProjectRetrievalTool for project-specific information search
+  across multiple contexts
+- Implement project caching mechanism to optimize repeated project queries
+- Support hybrid search across project items with filtering and ranking
+- Enable automatic project tool injection when session has associated
+  project
+
+**Enhanced Personalization:**
+- Add firstname/lastname fields to user authentication for API users
+- Include user information in system prompts for better personalization
+- Make personalization configurable via privacy settings
+
+**Field Processor Improvements:**
+- Add generateEmbeddings configuration option to field processors
+- Support onInsert trigger in addition to existing triggers
+- Enable processors to run without user context for system operations
+- Improve processor execution flow with better logging
+
+**Infrastructure Enhancements:**
+- Add database connection pool logging for debugging
+- Improve file parts processing with better error handling
+- Make convertToolsArrayToObject async to support dynamic tool generation
+- Enhance storage utility to support uploads without user context
+- Better handling of tool variable configs vs execution configs
+- Comment out unused project_id from RBAC schema
+
+**Context and Search Improvements:**
+- Add search method directly to ExuluContext class
+- Expose applyFilters and contextToTableDefinition utilities
+- Support context source execution with exuluConfig parameter
+- Improve error messages and reduce excessive logging
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### feat: add document parsing for AI agent file handling with JWT secret fix
+
+Date: 2025-11-30
+Author: dclaessen-exulu
+
+Enhance agent file processing capabilities and fix authentication:
+
+- Add officeparser integration to extract text from document files
+- Implement processFilePartsInMessages to convert file parts to
+  OpenAI Responses API compatible format
+- Convert document files to text parts with extracted content
+- Keep image files as image parts (natively supported by API)
+- Add message deduplication to prevent duplicate message IDs
+- Change saveChat to process messages sequentially for correct
+  timestamp ordering
+- Fix JWT verification in getToken by converting NEXTAUTH_SECRET
+  to base64url format as required by jose library
+
+This enables agents to process uploaded documents by extracting
+their text content and presenting it in a format compatible with
+the OpenAI Responses API.
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### feat: add PDF preview tool and enhance agent API with cookie authentication and message persistence
+
+Date: 2025-11-26
+Author: dclaessen-exulu
+
+Adds a new preview-pdf tool for viewing PDF documents and significantly enhances the agent
+chat API to support public agents with optional authentication. Implements cookie-based session
+management, message ID tracking to prevent duplicates during chat persistence, and allows
+passing full message arrays for stateless interactions.
+
+Also downgrades AI SDK from v5.0.95 to v5.0.65 for stability, adds cookie-parser dependency,
+and improves context embedding generation with better metadata handling and increased timeout
+limits. Enhances S3 integration with multi-bucket support via key notation [bucket:name],
+improves vector search result limits, and adds better error handling for encrypted variables
+and external ID lookups in context operations.
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### fix: issue with upsert
+
+Date: 2025-11-19
+Author: dclaessen-exulu
+
+
+----
+
+### feat: upgrade AI SDK to v5.0.95 and add Gemini 3 Pro support with parameterized context sources
+
+Date: 2025-11-19
+Author: dclaessen-exulu
+
+This commit introduces several enhancements to the AI capabilities and context system:
+
+- Upgrade AI SDK from v5.0.56 to v5.0.95 with improved provider utilities
+- Add @vercel/oidc dependency for enhanced authentication support
+- Implement Google Vertex Gemini 3 Pro agent with 1M+ token context window
+- Enhance context source configuration with parameterizable inputs
+- Improve Vertex authentication documentation with detailed setup instructions
+- Add support for dynamic parameters in context source definitions via GraphQL schema
+
+The new Gemini 3 Pro agent provides very high intelligence with moderate speed,
+supporting text, images, files, audio, and video inputs. Context sources can now
+define parameters with names, descriptions, and default values for more flexible
+data retrieval configurations.
+
+Changes include:
+- src/index.ts: Export new vertexGemini3ProAgent
+- src/registry/index.ts: Register Gemini 3 Pro agent
+- src/registry/classes.ts: Add params field to ExuluContextSource config
+- src/registry/utils/graphql.ts: Add ContextSourceParam type and params support
+- src/templates/agents/google/vertex/index.ts: Add Gemini 3 Pro agent, refactor auth docs
+- types/models/context.ts: Add params field to Context interface
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### feat: add Google Vertex AI agent support and enhance embedder configuration system
+
+Date: 2025-11-18
+Author: dclaessen-exulu
+
+Add Google Vertex Gemini 2.5 Flash agent integration with support for
+optional authentication. Implement new embedder_settings table for
+context-specific embedder configuration with variable management.
+
+Major changes:
+- Add vertexGemini25FlashAgent to default agents and registry
+- Implement embedder_settings schema for per-context embedder config
+- Add authenticationInformation field to ExuluAgent class
+- Make providerapikey optional across agent and MCP initialization
+- Add config field to ExuluEmbedder with hydrateEmbedderConfig method
+- Pass context ID and settings to embedder chunker and generation ops
+- Update GraphQL schema to expose authenticationInformation and config
+- Enhance error messages with agent name and ID for better debugging
+
+Breaking changes:
+- ChunkerOperation signature now requires config parameter
+- VectorGenerateOperation signature now requires settings parameter
+- convertToolsArrayToObject contexts parameter now optional
+
+This enables agents that don't require API keys (e.g., Vertex AI with
+workload identity) and allows embedders to retrieve configuration from
+variables per context.
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### fix: project tracking anthropic passthrough and timeout for worker
+
+Date: 2025-11-17
+Author: dclaessen-exulu
+
+
+----
+
+### feat: add MCP prompt library integration and JSON filtering enhancements
+
+Date: 2025-11-17
+Author: dclaessen-exulu
+
+Add comprehensive prompt template management via MCP tools and enhanced JSON field filtering:
+
+Prompt Library Features:
+- Add prompt_library and prompt_favorites database schemas
+- Register getListOfPromptTemplates and getPromptTemplateDetails MCP tools
+- Enable agents to discover and retrieve prompt templates with usage/favorite tracking
+- Support agent-specific prompt assignment via assigned_agents JSON field
+
+GraphQL & Filtering Improvements:
+- Add JSON field containment support using PostgreSQL @> operator
+- Enhance filter operators to handle JSON equality and IN operations with jsonb casting
+- Pass table schema context to applyFilters for type-aware query building
+
+Bug Fixes & Refinements:
+- Fix upsert validation to require id or external_id
+- Add source update statistics tracking for API and job triggers
+- Improve eval function result metadata structure with function_results array
+- Add default scoring method fallback to average for eval runs
+- Fix typo: rename eval to evaluation in bullmq decorator
+
+Configuration:
+- Add .mcp.json for exulu-mcp-server-default-coding-agent integration
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### feat: add todo system, enhanced roles, session metadata, and scheduling support
+
+Date: 2025-11-14
+Author: dclaessen-exulu
+
+This commit introduces several significant features and improvements to the Exulu backend:
+
+- Implement TodoWrite and TodoRead tools for session-based task tracking
+- Store todos in agent_sessions.metadata JSON field
+- Add access control checks for todo operations
+- Tools require authenticated session context
+
+- Create default "admin" role with full write permissions
+- Create "default" role with agent write + read-only for other resources
+- Add support for "evals" and "api" permissions in role structure
+- Automatically provision both roles during database initialization
+
+- Add metadata JSON column to agent_sessions table
+- Pass sessionID throughout tool execution pipeline
+- Implement getSession helper for consistent session retrieval
+- Enable session-aware tool execution with user context
+
+- Add cron-like scheduling support for context data sources
+- Implement queue configuration options
+- Add retry logic with exponential/linear backoff strategies
+- Enable automated data ingestion workflows
+
+- Fix Redis URL construction when using authentication
+- Improve handling of username/password credentials
+- Better fallback values for missing environment variables
+
+- Support config-based tool description overrides
+- Pass sessionID to all tool executions
+- Enable tools to access session metadata
+- Improve tool configuration hydration
+
+- Add better-auth (v1.3.34) with WebAuthn support
+- Include cryptography libraries (@noble/ciphers, @noble/hashes)
+- Add @simplewebauthn packages for authentication flows
+- Include kysely for type-safe database queries
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### fix: add ExuluItem as export
+
+Date: 2025-11-11
+Author: dclaessen-exulu
+
+
+----
+
+### feat: implement scheduled data sources for contexts
+
+Date: 2025-11-11
+Author: dclaessen-exulu
+
+Add support for scheduled data sources within ExuluContext that automatically
+fetch and ingest items at regular intervals.
+
+Key changes:
+- Introduce ExuluContextSource type with configurable cron schedules, retry
+  logic, and backoff strategies
+- Add source execution handler in BullMQ workers to process scheduled jobs
+- Create automatic job schedulers for each context source with configurable
+  retry attempts (default: 3) and exponential backoff (default: 2000ms)
+- Rename Context.process() to processField() for clarity
+- Add executeSource() method to handle source execution and item creation
+- Track source metadata in BullMQ job data for job identification
+
+Sources enable automated data ingestion workflows where external data can be
+pulled into contexts on a schedule without manual intervention. Each source
+execution creates items in the context and optionally schedules follow-up
+processing jobs for embeddings and chunking.
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+
+----
+
+### fix: minor exulu upgrade for redis connection
+
+Date: 2025-11-10
+Author: dclaessen-exulu
+
+
+----
+
+### fix: redis auth url
+
+Date: 2025-11-10
+Author: dclaessen-exulu
+
+
+----

package/dist/index.cjs

@@ -2148,52 +2148,6 @@ function createMutations(table, agents, contexts, tools, config) {
         }
         throw new Error("Insufficient role permissions to edit this record");
       }
-      if (record.rights_mode === "projects") {
-        const projects = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id,
-          access_type: "Project",
-          rights: "write"
-        });
-        if (projects.length === 0) {
-          throw new Error("Entity ${table.name.singular} has its rights mode set to projects, but is not shared with any projects.");
-        }
-        const checks = await Promise.all(projects.map(async (project) => {
-          if (project.rights_mode === "private" && project.created_by !== user.id) {
-            return false;
-          }
-          if (project.rights_mode === "users") {
-            const rbacRecord = await db3.from("rbac").where({
-              entity: "project",
-              target_resource_id: project.id,
-              access_type: "User",
-              user_id: user.id,
-              rights: "write"
-            }).first();
-            if (rbacRecord) {
-              return true;
-            }
-            return false;
-          }
-          if (record.rights_mode === "roles" && user.role) {
-            const rbacRecord = await db3.from("rbac").where({
-              entity: "project",
-              target_resource_id: project.id,
-              access_type: "Role",
-              role_id: user.role,
-              rights: "write"
-            }).first();
-            if (rbacRecord) {
-              return true;
-            }
-            return false;
-          }
-          return false;
-        }));
-        if (checks.some((check) => check)) {
-          return true;
-        }
-      }
       throw new Error("Insufficient permissions to edit this record");
     } catch (error) {
       console.error("Write access validation error:", error);
@@ -3442,16 +3396,14 @@ var RBACResolver = async (db3, entityName, resourceId, rights_mode) => {
   }).select("*");
   const users = rbacRecords.filter((r) => r.access_type === "User")?.map((r) => ({ id: r.user_id, rights: r.rights }));
   const roles = rbacRecords.filter((r) => r.access_type === "Role")?.map((r) => ({ id: r.role_id, rights: r.rights }));
-  const projects = rbacRecords.filter((r) => r.access_type === "Project")?.map((r) => ({ id: r.project_id, rights: r.rights }));
   let type = rights_mode || "private";
   if (type === "users" && users.length === 0) type = "private";
   if (type === "roles" && roles.length === 0) type = "private";
-  if (type === "projects" && projects.length === 0) type = "private";
   return {
     type,
     users,
-    roles,
-    projects
+    roles
+    // projects
   };
 };
 var contextToTableDefinition = (context) => {
@@ -3555,7 +3507,7 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       type: String!
       users: [RBACUser!]
       roles: [RBACRole!]
-      projects: [RBACProject!]
+      
     }
     
     type RBACUser {
@@ -3568,15 +3520,9 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       rights: String!
     }
     
-    type RBACProject {
-      id: ID!
-      rights: String!
-    }
-    
     input RBACInput {
       users: [RBACUserInput!]
       roles: [RBACRoleInput!]
-      projects: [RBACProjectInput!]
     }
     
     input RBACUserInput {
@@ -3589,11 +3535,6 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       rights: String!
     }
     
-    input RBACProjectInput {
-      id: ID!
-      rights: String!
-    }
-    
     type Query {
     `;
   let mutationDefs = `
@@ -5671,14 +5612,19 @@ var ExuluAgent2 = class {
         if (part.type !== "file") {
           return part;
         }
+        console.log(`[EXULU] Processing part`, part);
         const { mediaType, url, filename } = part;
-        const imageTypes = ["image/png", "image/jpeg", "image/jpg", "image/gif", "image/webp"];
-        if (imageTypes.includes(mediaType)) {
+        console.log(`[EXULU] Media type: ${mediaType}`);
+        console.log(`[EXULU] URL: ${url}`);
+        console.log(`[EXULU] Filename: ${filename}`);
+        const imageTypes = [".png", ".jpeg", ".jpg", ".gif", ".webp"];
+        const imageType = imageTypes.find((type) => filename.toLowerCase().includes(type.toLowerCase()));
+        if (imageType) {
           console.log(`[EXULU] Converting file part to image part: ${filename} `);
           return {
-            type: "image",
-            image: url,
-            mimeType: mediaType
+            type: "file",
+            mediaType: `image/${imageType.replace(".", "")}`,
+            url
           };
         }
         console.log(`[EXULU] Converting file part to text using officeparser: ${filename}`);

package/dist/index.d.cts

@@ -202,7 +202,7 @@ interface Agent {
         audio: audioTypes$1[];
         video: videoTypes$1[];
     };
-    rights_mode?: 'private' | 'users' | 'roles' | 'public' | 'projects';
+    rights_mode?: 'private' | 'users' | 'roles' | 'public';
     created_by?: string;
     RBAC?: {
         type?: string;
@@ -214,10 +214,6 @@ interface Agent {
             id: string;
             rights: 'read' | 'write';
         }>;
-        projects?: Array<{
-            id: string;
-            rights: 'read' | 'write';
-        }>;
     };
     createdAt?: string;
     updatedAt?: string;
@@ -573,7 +569,7 @@ type ExuluContextFieldDefinition = {
     allowedFileTypes?: allFileTypes[];
     processor?: ExuluContextFieldProcessor;
 };
-type ExuluRightsMode = "private" | "users" | "roles" | "public" | "projects";
+type ExuluRightsMode = "private" | "users" | "roles" | "public";
 declare class ExuluStorage {
     private config;
     constructor({ config }: {

package/dist/index.d.ts

@@ -202,7 +202,7 @@ interface Agent {
         audio: audioTypes$1[];
         video: videoTypes$1[];
     };
-    rights_mode?: 'private' | 'users' | 'roles' | 'public' | 'projects';
+    rights_mode?: 'private' | 'users' | 'roles' | 'public';
     created_by?: string;
     RBAC?: {
         type?: string;
@@ -214,10 +214,6 @@ interface Agent {
             id: string;
             rights: 'read' | 'write';
         }>;
-        projects?: Array<{
-            id: string;
-            rights: 'read' | 'write';
-        }>;
     };
     createdAt?: string;
     updatedAt?: string;
@@ -573,7 +569,7 @@ type ExuluContextFieldDefinition = {
     allowedFileTypes?: allFileTypes[];
     processor?: ExuluContextFieldProcessor;
 };
-type ExuluRightsMode = "private" | "users" | "roles" | "public" | "projects";
+type ExuluRightsMode = "private" | "users" | "roles" | "public";
 declare class ExuluStorage {
     private config;
     constructor({ config }: {

package/dist/index.js

@@ -2096,52 +2096,6 @@ function createMutations(table, agents, contexts, tools, config) {
         }
         throw new Error("Insufficient role permissions to edit this record");
       }
-      if (record.rights_mode === "projects") {
-        const projects = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id,
-          access_type: "Project",
-          rights: "write"
-        });
-        if (projects.length === 0) {
-          throw new Error("Entity ${table.name.singular} has its rights mode set to projects, but is not shared with any projects.");
-        }
-        const checks = await Promise.all(projects.map(async (project) => {
-          if (project.rights_mode === "private" && project.created_by !== user.id) {
-            return false;
-          }
-          if (project.rights_mode === "users") {
-            const rbacRecord = await db3.from("rbac").where({
-              entity: "project",
-              target_resource_id: project.id,
-              access_type: "User",
-              user_id: user.id,
-              rights: "write"
-            }).first();
-            if (rbacRecord) {
-              return true;
-            }
-            return false;
-          }
-          if (record.rights_mode === "roles" && user.role) {
-            const rbacRecord = await db3.from("rbac").where({
-              entity: "project",
-              target_resource_id: project.id,
-              access_type: "Role",
-              role_id: user.role,
-              rights: "write"
-            }).first();
-            if (rbacRecord) {
-              return true;
-            }
-            return false;
-          }
-          return false;
-        }));
-        if (checks.some((check) => check)) {
-          return true;
-        }
-      }
       throw new Error("Insufficient permissions to edit this record");
     } catch (error) {
       console.error("Write access validation error:", error);
@@ -3390,16 +3344,14 @@ var RBACResolver = async (db3, entityName, resourceId, rights_mode) => {
   }).select("*");
   const users = rbacRecords.filter((r) => r.access_type === "User")?.map((r) => ({ id: r.user_id, rights: r.rights }));
   const roles = rbacRecords.filter((r) => r.access_type === "Role")?.map((r) => ({ id: r.role_id, rights: r.rights }));
-  const projects = rbacRecords.filter((r) => r.access_type === "Project")?.map((r) => ({ id: r.project_id, rights: r.rights }));
   let type = rights_mode || "private";
   if (type === "users" && users.length === 0) type = "private";
   if (type === "roles" && roles.length === 0) type = "private";
-  if (type === "projects" && projects.length === 0) type = "private";
   return {
     type,
     users,
-    roles,
-    projects
+    roles
+    // projects
   };
 };
 var contextToTableDefinition = (context) => {
@@ -3503,7 +3455,7 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       type: String!
       users: [RBACUser!]
       roles: [RBACRole!]
-      projects: [RBACProject!]
+      
     }
     
     type RBACUser {
@@ -3516,15 +3468,9 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       rights: String!
     }
     
-    type RBACProject {
-      id: ID!
-      rights: String!
-    }
-    
     input RBACInput {
       users: [RBACUserInput!]
       roles: [RBACRoleInput!]
-      projects: [RBACProjectInput!]
     }
     
     input RBACUserInput {
@@ -3537,11 +3483,6 @@ function createSDL(tables, contexts, agents, tools, config, evals, queues2) {
       rights: String!
     }
     
-    input RBACProjectInput {
-      id: ID!
-      rights: String!
-    }
-    
     type Query {
     `;
   let mutationDefs = `
@@ -5638,14 +5579,19 @@ var ExuluAgent2 = class {
         if (part.type !== "file") {
           return part;
         }
+        console.log(`[EXULU] Processing part`, part);
         const { mediaType, url, filename } = part;
-        const imageTypes = ["image/png", "image/jpeg", "image/jpg", "image/gif", "image/webp"];
-        if (imageTypes.includes(mediaType)) {
+        console.log(`[EXULU] Media type: ${mediaType}`);
+        console.log(`[EXULU] URL: ${url}`);
+        console.log(`[EXULU] Filename: ${filename}`);
+        const imageTypes = [".png", ".jpeg", ".jpg", ".gif", ".webp"];
+        const imageType = imageTypes.find((type) => filename.toLowerCase().includes(type.toLowerCase()));
+        if (imageType) {
           console.log(`[EXULU] Converting file part to image part: ${filename} `);
           return {
-            type: "image",
-            image: url,
-            mimeType: mediaType
+            type: "file",
+            mediaType: `image/${imageType.replace(".", "")}`,
+            url
           };
         }
         console.log(`[EXULU] Converting file part to text using officeparser: ${filename}`);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@exulu/backend",
   "author": "Qventu Bv.",
-  "version": "1.39.0",
+  "version": "1.39.2",
   "main": "./dist/index.js",
   "private": false,
   "publishConfig": {

package/types/models/agent-session.ts

@@ -8,12 +8,12 @@ export interface AgentSession {
     project: string;
     title: string;
     created_by: string;
-    rights_mode: 'private' | 'users' | 'roles' | 'public' | 'projects'
+    rights_mode: 'private' | 'users' | 'roles' | 'public' /* | 'projects' */
     RBAC?: {
         type?: string;
         users?: Array<{ id: string; rights: 'read' | 'write' }>;
         roles?: Array<{ id: string; rights: 'read' | 'write' }>;
-        projects?: Array<{ id: string; rights: 'read' | 'write' }>;
+        /* projects?: Array<{ id: string; rights: 'read' | 'write' }>; */
     };
 }
 export interface AgentMessage {

package/types/models/agent.ts

@@ -41,13 +41,13 @@ export interface Agent {
         video: videoTypes[];
     }
     // New RBAC fields
-    rights_mode?: 'private' | 'users' | 'roles' | 'public' | 'projects';
+    rights_mode?: 'private' | 'users' | 'roles' | 'public' /* | 'projects' */;
     created_by?: string;
     RBAC?: {
         type?: string;
         users?: Array<{ id: number; rights: 'read' | 'write' }>;
         roles?: Array<{ id: string; rights: 'read' | 'write' }>;
-        projects?: Array<{ id: string; rights: 'read' | 'write' }>;
+        /* projects?: Array<{ id: string; rights: 'read' | 'write' }>; */
     };
     createdAt?: string;
     updatedAt?: string;

package/types/models/eval-run.ts

@@ -17,12 +17,12 @@ export interface EvalRun {
   scoring_method: ScoringMethod
   pass_threshold: number // 0-100 percentage
   test_case_ids: string[] // Subset of test cases from the eval set
-  rights_mode: "private" | "users" | "roles" | "projects" | "public"
+  rights_mode: "private" | "users" | "roles" |/*  "projects" |  */"public"
   RBAC?: {
     type?: string
     users?: Array<{ id: number; rights: "read" | "write" }>
     roles?: Array<{ id: string; rights: "read" | "write" }>
-    projects?: Array<{ id: string; rights: "read" | "write" }>
+    // projects?: Array<{ id: string; rights: "read" | "write" }>
   }
   createdAt: string
   updatedAt: string