@findatruck/shared-schemas 2.17.0 → 2.18.0

package/dist/browser.cjs

@@ -35,6 +35,8 @@ __export(browser_exports, {
   ConvexDriverSchema: () => ConvexDriverSchema,
   ConvexUpdate: () => ConvexUpdate,
   ConvexUpdateSchema: () => ConvexUpdateSchema,
+  DRIVER_NAME_FORBIDDEN_CHAR_PATTERN: () => DRIVER_NAME_FORBIDDEN_CHAR_PATTERN,
+  DriverNameSchema: () => DriverNameSchema,
   NewLoginRequest: () => NewLoginRequest,
   NewLoginRequestSchema: () => NewLoginRequestSchema,
   NewLoginResponse: () => NewLoginResponse,
@@ -43,7 +45,12 @@ __export(browser_exports, {
   NewLoginResponseSchema: () => NewLoginResponseSchema,
   NewLoginResponseSuccess: () => NewLoginResponseSuccess,
   NewLoginResponseSuccessSchema: () => NewLoginResponseSuccessSchema,
+  PATCH_DRIVER_NAME_MAX_LENGTH: () => PATCH_DRIVER_NAME_MAX_LENGTH,
+  PatchDriverDriverResponseSchema: () => PatchDriverDriverResponseSchema,
+  PatchDriverRequestSchema: () => PatchDriverRequestSchema,
+  PatchDriverResponseSchema: () => PatchDriverResponseSchema,
   ScrapeStatus: () => ScrapeStatus,
+  SharedDriverResponseSchema: () => SharedDriverResponseSchema,
   UpdateScrapeStatusMessage: () => UpdateScrapeStatusMessage,
   ValidatePasswordRequestSchema: () => ValidatePasswordRequestSchema,
   ValidatePasswordResponseSchema: () => ValidatePasswordResponseSchema
@@ -145,8 +152,85 @@ var BatchConvexUpdateSchema = import_zod2.default.object({
 var ConvexUpdate = ConvexUpdateSchema;
 var BatchConvexUpdate = BatchConvexUpdateSchema;
 
-// src/schemas/providerAccounts/update-status.ts
+// src/schemas/drivers/driver.ts
 var import_zod3 = __toESM(require("zod"), 1);
+var SharedDriverResponseSchema = import_zod3.default.object({
+  // The `drivers.id` column is a Postgres UUID (migration 0001), and every
+  // input-side schema (`IdParamsSchema`, `PatchDriverRequestSchema.driver_id`)
+  // is already `z.uuid()`. Tightening the response side keeps the contract
+  // symmetric — a client that statically relies on `id` being UUID-shaped on
+  // input can rely on the same on output. `eld_external_id` stays loose
+  // because providers emit non-UUID identifiers there.
+  id: import_zod3.default.uuid(),
+  name: import_zod3.default.string(),
+  eld_external_id: import_zod3.default.string(),
+  license_number: import_zod3.default.string().nullable(),
+  license_state: import_zod3.default.string().nullable(),
+  license_expiration_date: import_zod3.default.string().nullable(),
+  license_class: import_zod3.default.string().nullable(),
+  is_placeholder: import_zod3.default.boolean(),
+  created_at: import_zod3.default.union([import_zod3.default.string(), import_zod3.default.date()]),
+  updated_at: import_zod3.default.union([import_zod3.default.string(), import_zod3.default.date()]),
+  last_location_latitude: import_zod3.default.number().nullable(),
+  last_location_longitude: import_zod3.default.number().nullable()
+});
+
+// src/schemas/drivers/patch-driver.ts
+var import_zod4 = __toESM(require("zod"), 1);
+var PATCH_DRIVER_NAME_MAX_LENGTH = 255;
+var DRIVER_NAME_FORBIDDEN_RANGES = [
+  [0, 31],
+  // C0 controls (includes NUL, CR, LF, TAB)
+  [127, 159],
+  // DEL + C1 controls
+  [8203, 8205],
+  // ZWSP, ZWNJ, ZWJ
+  [65279, 65279],
+  // BOM / ZWNBSP
+  [8234, 8238],
+  // bidi overrides
+  [8294, 8297]
+  // bidi isolates
+];
+var buildForbiddenCharPattern = () => {
+  const cls = DRIVER_NAME_FORBIDDEN_RANGES.map(([lo, hi]) => {
+    const loEsc = "\\u" + lo.toString(16).padStart(4, "0");
+    if (lo === hi) return loEsc;
+    const hiEsc = "\\u" + hi.toString(16).padStart(4, "0");
+    return `${loEsc}-${hiEsc}`;
+  }).join("");
+  return new RegExp(`[${cls}]`);
+};
+var DRIVER_NAME_FORBIDDEN_CHAR_PATTERN = buildForbiddenCharPattern();
+var DriverNameSchema = import_zod4.default.string().trim().min(1).max(PATCH_DRIVER_NAME_MAX_LENGTH).refine(
+  (s) => !DRIVER_NAME_FORBIDDEN_CHAR_PATTERN.test(s),
+  {
+    message: "name contains disallowed control, zero-width, or bidirectional-override characters"
+  }
+);
+var PatchDriverRequestSchema = import_zod4.default.object({
+  driver_id: import_zod4.default.uuid(),
+  // Tenant scoping: the caller MUST identify which provider account owns the
+  // driver. The aggregator verifies (provider_account_id, driver_id) exists in
+  // `provider_account_to_driver` before mutating, preventing cross-tenant IDOR.
+  provider_account_id: import_zod4.default.uuid(),
+  name: DriverNameSchema
+});
+var PatchDriverDriverResponseSchema = SharedDriverResponseSchema.pick({
+  id: true,
+  name: true,
+  eld_external_id: true,
+  is_placeholder: true,
+  created_at: true,
+  updated_at: true
+}).strict();
+var PatchDriverResponseSchema = import_zod4.default.object({
+  message: import_zod4.default.string(),
+  driver: PatchDriverDriverResponseSchema
+});
+
+// src/schemas/providerAccounts/update-status.ts
+var import_zod5 = __toESM(require("zod"), 1);
 var ScrapeStatus = /* @__PURE__ */ ((ScrapeStatus2) => {
   ScrapeStatus2["NEW_LOGIN_RECEIVED"] = "NEW_LOGIN_RECEIVED";
   ScrapeStatus2["LOGIN_IN_PROGRESS"] = "LOGIN_IN_PROGRESS";
@@ -159,25 +243,25 @@ var ScrapeStatus = /* @__PURE__ */ ((ScrapeStatus2) => {
   ScrapeStatus2["DATA_FETCH_FAILED"] = "DATA_FETCH_FAILED";
   return ScrapeStatus2;
 })(ScrapeStatus || {});
-var UpdateScrapeStatusMessage = import_zod3.default.object({
-  status: import_zod3.default.nativeEnum(ScrapeStatus).describe("The current status of the scrape process"),
-  correctPassword: import_zod3.default.boolean().optional().describe("Indicates if the provided password was correct, if applicable"),
-  externalProviderAccountId: import_zod3.default.string().describe("The external identifier for the provider account (convex ID or similar)"),
-  username: import_zod3.default.string().describe("The username of the provider account whose status is being updated"),
-  provider_url: import_zod3.default.string().describe("The URL of the ELD provider"),
-  driverCount: import_zod3.default.number().optional().describe("The number of drivers associated with the account, if applicable"),
-  providerSlug: import_zod3.default.string().optional().describe("The slug identifier for the provider")
+var UpdateScrapeStatusMessage = import_zod5.default.object({
+  status: import_zod5.default.nativeEnum(ScrapeStatus).describe("The current status of the scrape process"),
+  correctPassword: import_zod5.default.boolean().optional().describe("Indicates if the provided password was correct, if applicable"),
+  externalProviderAccountId: import_zod5.default.string().describe("The external identifier for the provider account (convex ID or similar)"),
+  username: import_zod5.default.string().describe("The username of the provider account whose status is being updated"),
+  provider_url: import_zod5.default.string().describe("The URL of the ELD provider"),
+  driverCount: import_zod5.default.number().optional().describe("The number of drivers associated with the account, if applicable"),
+  providerSlug: import_zod5.default.string().optional().describe("The slug identifier for the provider")
 }).describe("Schema for update status messages");
 
 // src/schemas/providerAccounts/validate-password.ts
-var import_zod4 = require("zod");
-var ValidatePasswordRequestSchema = import_zod4.z.object({
-  providerAccountId: import_zod4.z.string().min(1).describe("The unique identifier of the provider account in postgres to validate the password for"),
-  encryptedPassword: import_zod4.z.string().min(1).describe("The encrypted password to validate against the stored password")
+var import_zod6 = require("zod");
+var ValidatePasswordRequestSchema = import_zod6.z.object({
+  providerAccountId: import_zod6.z.string().min(1).describe("The unique identifier of the provider account in postgres to validate the password for"),
+  encryptedPassword: import_zod6.z.string().min(1).describe("The encrypted password to validate against the stored password")
 }).describe("Request schema for validating a provider account password");
-var ValidatePasswordResponseSchema = import_zod4.z.object({
-  isValid: import_zod4.z.boolean().describe("Indicates if the provided password is valid"),
-  driverIds: import_zod4.z.array(import_zod4.z.string()).describe("List of driver IDs associated with the provider account")
+var ValidatePasswordResponseSchema = import_zod6.z.object({
+  isValid: import_zod6.z.boolean().describe("Indicates if the provided password is valid"),
+  driverIds: import_zod6.z.array(import_zod6.z.string()).describe("List of driver IDs associated with the provider account")
 }).describe("Response schema for password validation");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
@@ -186,6 +270,8 @@ var ValidatePasswordResponseSchema = import_zod4.z.object({
   ConvexDriverSchema,
   ConvexUpdate,
   ConvexUpdateSchema,
+  DRIVER_NAME_FORBIDDEN_CHAR_PATTERN,
+  DriverNameSchema,
   NewLoginRequest,
   NewLoginRequestSchema,
   NewLoginResponse,
@@ -194,7 +280,12 @@ var ValidatePasswordResponseSchema = import_zod4.z.object({
   NewLoginResponseSchema,
   NewLoginResponseSuccess,
   NewLoginResponseSuccessSchema,
+  PATCH_DRIVER_NAME_MAX_LENGTH,
+  PatchDriverDriverResponseSchema,
+  PatchDriverRequestSchema,
+  PatchDriverResponseSchema,
   ScrapeStatus,
+  SharedDriverResponseSchema,
   UpdateScrapeStatusMessage,
   ValidatePasswordRequestSchema,
   ValidatePasswordResponseSchema

package/dist/browser.d.cts

@@ -291,6 +291,87 @@ declare const BatchConvexUpdate: z$1.ZodObject<{
 }, z$1.core.$strip>;
 type BatchConvexUpdate = BatchConvexUpdateData;
 
+/**
+ * Canonical wire-format schema for a Driver returned by the aggregator over HTTP.
+ *
+ * Uses `z.union([z.string(), z.date()])` for timestamp fields so the same schema can
+ * be used on the server (where pg returns `Date` objects and Fastify serializes them
+ * to ISO strings via `JSON.stringify`) and on the client (where they arrive as ISO
+ * strings).
+ *
+ * Single source of truth for the Driver shape across HTTP response schemas — both
+ * the aggregator's `DriverResponseSchema` and shared `PatchDriverResponseSchema`
+ * should import from here so adding a new column requires only one update.
+ */
+declare const SharedDriverResponseSchema: z$1.ZodObject<{
+    id: z$1.ZodUUID;
+    name: z$1.ZodString;
+    eld_external_id: z$1.ZodString;
+    license_number: z$1.ZodNullable<z$1.ZodString>;
+    license_state: z$1.ZodNullable<z$1.ZodString>;
+    license_expiration_date: z$1.ZodNullable<z$1.ZodString>;
+    license_class: z$1.ZodNullable<z$1.ZodString>;
+    is_placeholder: z$1.ZodBoolean;
+    created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    last_location_latitude: z$1.ZodNullable<z$1.ZodNumber>;
+    last_location_longitude: z$1.ZodNullable<z$1.ZodNumber>;
+}, z$1.core.$strip>;
+type SharedDriverResponse = z$1.infer<typeof SharedDriverResponseSchema>;
+
+declare const PATCH_DRIVER_NAME_MAX_LENGTH = 255;
+declare const DRIVER_NAME_FORBIDDEN_CHAR_PATTERN: RegExp;
+declare const DriverNameSchema: z$1.ZodString;
+declare const PatchDriverRequestSchema: z$1.ZodObject<{
+    driver_id: z$1.ZodUUID;
+    provider_account_id: z$1.ZodUUID;
+    name: z$1.ZodString;
+}, z$1.core.$strip>;
+/**
+ * Slim driver shape returned from PATCH /drivers/:id.
+ *
+ * Intentionally narrower than `SharedDriverResponseSchema` (used by GET) — a
+ * rename should not be a backdoor for harvesting license PII.
+ *
+ * Omitted fields and rationale:
+ *   - `license_number`, `license_state`, `license_expiration_date`,
+ *     `license_class`: PII. A rename has no need to surface these and exposing
+ *     them would turn the endpoint into a license-harvesting oracle.
+ *   - `last_location_latitude`, `last_location_longitude`: also PII (driver
+ *     real-time position) and unrelated to the rename outcome. A caller who
+ *     needs the latest location should call `GET /drivers/:id`, where the full
+ *     shape is intentional.
+ *
+ * `.strict()` makes Zod fail-loud on any extra property — so if a future
+ * server change accidentally re-introduces `license_*` (or any other field)
+ * into the PATCH response, both server-side response serialization (via
+ * `fastify-type-provider-zod`) AND client-side `safeParse` reject it, instead
+ * of Zod's default `strip` mode quietly dropping the extras. Defense in depth
+ * for the PII-omission contract above.
+ */
+declare const PatchDriverDriverResponseSchema: z$1.ZodObject<{
+    id: z$1.ZodUUID;
+    created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    name: z$1.ZodString;
+    eld_external_id: z$1.ZodString;
+    is_placeholder: z$1.ZodBoolean;
+}, z$1.core.$strict>;
+declare const PatchDriverResponseSchema: z$1.ZodObject<{
+    message: z$1.ZodString;
+    driver: z$1.ZodObject<{
+        id: z$1.ZodUUID;
+        created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+        updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+        name: z$1.ZodString;
+        eld_external_id: z$1.ZodString;
+        is_placeholder: z$1.ZodBoolean;
+    }, z$1.core.$strict>;
+}, z$1.core.$strip>;
+type PatchDriverRequest = z$1.infer<typeof PatchDriverRequestSchema>;
+type PatchDriverResponse = z$1.infer<typeof PatchDriverResponseSchema>;
+type PatchDriverDriverResponse = z$1.infer<typeof PatchDriverDriverResponseSchema>;
+
 declare enum ScrapeStatus {
     NEW_LOGIN_RECEIVED = "NEW_LOGIN_RECEIVED",
     LOGIN_IN_PROGRESS = "LOGIN_IN_PROGRESS",
@@ -332,4 +413,4 @@ declare const ValidatePasswordResponseSchema: z.ZodObject<{
 type ValidatePasswordRequest = ValidatePasswordRequestData;
 type ValidatePasswordResponse = ValidatePasswordResponseData;
 
-export { BatchConvexUpdate, type BatchConvexUpdateData, BatchConvexUpdateSchema, type ConvexDriverData, ConvexDriverSchema, ConvexUpdate, type ConvexUpdateData, ConvexUpdateSchema, NewLoginRequest, type NewLoginRequestData, NewLoginRequestSchema, NewLoginResponse, type NewLoginResponseData, NewLoginResponseFailure, type NewLoginResponseFailureData, NewLoginResponseFailureSchema, NewLoginResponseSchema, NewLoginResponseSuccess, type NewLoginResponseSuccessData, NewLoginResponseSuccessSchema, type PublicProviderData, type PublicUserData, ScrapeStatus, UpdateScrapeStatusMessage, type ValidatePasswordRequest, type ValidatePasswordRequestData, ValidatePasswordRequestSchema, type ValidatePasswordResponse, type ValidatePasswordResponseData, ValidatePasswordResponseSchema };
+export { BatchConvexUpdate, type BatchConvexUpdateData, BatchConvexUpdateSchema, type ConvexDriverData, ConvexDriverSchema, ConvexUpdate, type ConvexUpdateData, ConvexUpdateSchema, DRIVER_NAME_FORBIDDEN_CHAR_PATTERN, DriverNameSchema, NewLoginRequest, type NewLoginRequestData, NewLoginRequestSchema, NewLoginResponse, type NewLoginResponseData, NewLoginResponseFailure, type NewLoginResponseFailureData, NewLoginResponseFailureSchema, NewLoginResponseSchema, NewLoginResponseSuccess, type NewLoginResponseSuccessData, NewLoginResponseSuccessSchema, PATCH_DRIVER_NAME_MAX_LENGTH, type PatchDriverDriverResponse, PatchDriverDriverResponseSchema, type PatchDriverRequest, PatchDriverRequestSchema, type PatchDriverResponse, PatchDriverResponseSchema, type PublicProviderData, type PublicUserData, ScrapeStatus, type SharedDriverResponse, SharedDriverResponseSchema, UpdateScrapeStatusMessage, type ValidatePasswordRequest, type ValidatePasswordRequestData, ValidatePasswordRequestSchema, type ValidatePasswordResponse, type ValidatePasswordResponseData, ValidatePasswordResponseSchema };

package/dist/browser.d.ts

@@ -291,6 +291,87 @@ declare const BatchConvexUpdate: z$1.ZodObject<{
 }, z$1.core.$strip>;
 type BatchConvexUpdate = BatchConvexUpdateData;
 
+/**
+ * Canonical wire-format schema for a Driver returned by the aggregator over HTTP.
+ *
+ * Uses `z.union([z.string(), z.date()])` for timestamp fields so the same schema can
+ * be used on the server (where pg returns `Date` objects and Fastify serializes them
+ * to ISO strings via `JSON.stringify`) and on the client (where they arrive as ISO
+ * strings).
+ *
+ * Single source of truth for the Driver shape across HTTP response schemas — both
+ * the aggregator's `DriverResponseSchema` and shared `PatchDriverResponseSchema`
+ * should import from here so adding a new column requires only one update.
+ */
+declare const SharedDriverResponseSchema: z$1.ZodObject<{
+    id: z$1.ZodUUID;
+    name: z$1.ZodString;
+    eld_external_id: z$1.ZodString;
+    license_number: z$1.ZodNullable<z$1.ZodString>;
+    license_state: z$1.ZodNullable<z$1.ZodString>;
+    license_expiration_date: z$1.ZodNullable<z$1.ZodString>;
+    license_class: z$1.ZodNullable<z$1.ZodString>;
+    is_placeholder: z$1.ZodBoolean;
+    created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    last_location_latitude: z$1.ZodNullable<z$1.ZodNumber>;
+    last_location_longitude: z$1.ZodNullable<z$1.ZodNumber>;
+}, z$1.core.$strip>;
+type SharedDriverResponse = z$1.infer<typeof SharedDriverResponseSchema>;
+
+declare const PATCH_DRIVER_NAME_MAX_LENGTH = 255;
+declare const DRIVER_NAME_FORBIDDEN_CHAR_PATTERN: RegExp;
+declare const DriverNameSchema: z$1.ZodString;
+declare const PatchDriverRequestSchema: z$1.ZodObject<{
+    driver_id: z$1.ZodUUID;
+    provider_account_id: z$1.ZodUUID;
+    name: z$1.ZodString;
+}, z$1.core.$strip>;
+/**
+ * Slim driver shape returned from PATCH /drivers/:id.
+ *
+ * Intentionally narrower than `SharedDriverResponseSchema` (used by GET) — a
+ * rename should not be a backdoor for harvesting license PII.
+ *
+ * Omitted fields and rationale:
+ *   - `license_number`, `license_state`, `license_expiration_date`,
+ *     `license_class`: PII. A rename has no need to surface these and exposing
+ *     them would turn the endpoint into a license-harvesting oracle.
+ *   - `last_location_latitude`, `last_location_longitude`: also PII (driver
+ *     real-time position) and unrelated to the rename outcome. A caller who
+ *     needs the latest location should call `GET /drivers/:id`, where the full
+ *     shape is intentional.
+ *
+ * `.strict()` makes Zod fail-loud on any extra property — so if a future
+ * server change accidentally re-introduces `license_*` (or any other field)
+ * into the PATCH response, both server-side response serialization (via
+ * `fastify-type-provider-zod`) AND client-side `safeParse` reject it, instead
+ * of Zod's default `strip` mode quietly dropping the extras. Defense in depth
+ * for the PII-omission contract above.
+ */
+declare const PatchDriverDriverResponseSchema: z$1.ZodObject<{
+    id: z$1.ZodUUID;
+    created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+    name: z$1.ZodString;
+    eld_external_id: z$1.ZodString;
+    is_placeholder: z$1.ZodBoolean;
+}, z$1.core.$strict>;
+declare const PatchDriverResponseSchema: z$1.ZodObject<{
+    message: z$1.ZodString;
+    driver: z$1.ZodObject<{
+        id: z$1.ZodUUID;
+        created_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+        updated_at: z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodDate]>;
+        name: z$1.ZodString;
+        eld_external_id: z$1.ZodString;
+        is_placeholder: z$1.ZodBoolean;
+    }, z$1.core.$strict>;
+}, z$1.core.$strip>;
+type PatchDriverRequest = z$1.infer<typeof PatchDriverRequestSchema>;
+type PatchDriverResponse = z$1.infer<typeof PatchDriverResponseSchema>;
+type PatchDriverDriverResponse = z$1.infer<typeof PatchDriverDriverResponseSchema>;
+
 declare enum ScrapeStatus {
     NEW_LOGIN_RECEIVED = "NEW_LOGIN_RECEIVED",
     LOGIN_IN_PROGRESS = "LOGIN_IN_PROGRESS",
@@ -332,4 +413,4 @@ declare const ValidatePasswordResponseSchema: z.ZodObject<{
 type ValidatePasswordRequest = ValidatePasswordRequestData;
 type ValidatePasswordResponse = ValidatePasswordResponseData;
 
-export { BatchConvexUpdate, type BatchConvexUpdateData, BatchConvexUpdateSchema, type ConvexDriverData, ConvexDriverSchema, ConvexUpdate, type ConvexUpdateData, ConvexUpdateSchema, NewLoginRequest, type NewLoginRequestData, NewLoginRequestSchema, NewLoginResponse, type NewLoginResponseData, NewLoginResponseFailure, type NewLoginResponseFailureData, NewLoginResponseFailureSchema, NewLoginResponseSchema, NewLoginResponseSuccess, type NewLoginResponseSuccessData, NewLoginResponseSuccessSchema, type PublicProviderData, type PublicUserData, ScrapeStatus, UpdateScrapeStatusMessage, type ValidatePasswordRequest, type ValidatePasswordRequestData, ValidatePasswordRequestSchema, type ValidatePasswordResponse, type ValidatePasswordResponseData, ValidatePasswordResponseSchema };
+export { BatchConvexUpdate, type BatchConvexUpdateData, BatchConvexUpdateSchema, type ConvexDriverData, ConvexDriverSchema, ConvexUpdate, type ConvexUpdateData, ConvexUpdateSchema, DRIVER_NAME_FORBIDDEN_CHAR_PATTERN, DriverNameSchema, NewLoginRequest, type NewLoginRequestData, NewLoginRequestSchema, NewLoginResponse, type NewLoginResponseData, NewLoginResponseFailure, type NewLoginResponseFailureData, NewLoginResponseFailureSchema, NewLoginResponseSchema, NewLoginResponseSuccess, type NewLoginResponseSuccessData, NewLoginResponseSuccessSchema, PATCH_DRIVER_NAME_MAX_LENGTH, type PatchDriverDriverResponse, PatchDriverDriverResponseSchema, type PatchDriverRequest, PatchDriverRequestSchema, type PatchDriverResponse, PatchDriverResponseSchema, type PublicProviderData, type PublicUserData, ScrapeStatus, type SharedDriverResponse, SharedDriverResponseSchema, UpdateScrapeStatusMessage, type ValidatePasswordRequest, type ValidatePasswordRequestData, ValidatePasswordRequestSchema, type ValidatePasswordResponse, type ValidatePasswordResponseData, ValidatePasswordResponseSchema };

package/dist/browser.js

@@ -4,6 +4,8 @@ import {
   ConvexDriverSchema,
   ConvexUpdate,
   ConvexUpdateSchema,
+  DRIVER_NAME_FORBIDDEN_CHAR_PATTERN,
+  DriverNameSchema,
   NewLoginRequest,
   NewLoginRequestSchema,
   NewLoginResponse,
@@ -12,17 +14,24 @@ import {
   NewLoginResponseSchema,
   NewLoginResponseSuccess,
   NewLoginResponseSuccessSchema,
+  PATCH_DRIVER_NAME_MAX_LENGTH,
+  PatchDriverDriverResponseSchema,
+  PatchDriverRequestSchema,
+  PatchDriverResponseSchema,
   ScrapeStatus,
+  SharedDriverResponseSchema,
   UpdateScrapeStatusMessage,
   ValidatePasswordRequestSchema,
   ValidatePasswordResponseSchema
-} from "./chunk-S53TIE72.js";
+} from "./chunk-BXCWZMK7.js";
 export {
   BatchConvexUpdate,
   BatchConvexUpdateSchema,
   ConvexDriverSchema,
   ConvexUpdate,
   ConvexUpdateSchema,
+  DRIVER_NAME_FORBIDDEN_CHAR_PATTERN,
+  DriverNameSchema,
   NewLoginRequest,
   NewLoginRequestSchema,
   NewLoginResponse,
@@ -31,7 +40,12 @@ export {
   NewLoginResponseSchema,
   NewLoginResponseSuccess,
   NewLoginResponseSuccessSchema,
+  PATCH_DRIVER_NAME_MAX_LENGTH,
+  PatchDriverDriverResponseSchema,
+  PatchDriverRequestSchema,
+  PatchDriverResponseSchema,
   ScrapeStatus,
+  SharedDriverResponseSchema,
   UpdateScrapeStatusMessage,
   ValidatePasswordRequestSchema,
   ValidatePasswordResponseSchema

package/dist/{chunk-S53TIE72.js → chunk-BXCWZMK7.js}

@@ -93,8 +93,85 @@ var BatchConvexUpdateSchema = z2.object({
 var ConvexUpdate = ConvexUpdateSchema;
 var BatchConvexUpdate = BatchConvexUpdateSchema;
 
-// src/schemas/providerAccounts/update-status.ts
+// src/schemas/drivers/driver.ts
 import z3 from "zod";
+var SharedDriverResponseSchema = z3.object({
+  // The `drivers.id` column is a Postgres UUID (migration 0001), and every
+  // input-side schema (`IdParamsSchema`, `PatchDriverRequestSchema.driver_id`)
+  // is already `z.uuid()`. Tightening the response side keeps the contract
+  // symmetric — a client that statically relies on `id` being UUID-shaped on
+  // input can rely on the same on output. `eld_external_id` stays loose
+  // because providers emit non-UUID identifiers there.
+  id: z3.uuid(),
+  name: z3.string(),
+  eld_external_id: z3.string(),
+  license_number: z3.string().nullable(),
+  license_state: z3.string().nullable(),
+  license_expiration_date: z3.string().nullable(),
+  license_class: z3.string().nullable(),
+  is_placeholder: z3.boolean(),
+  created_at: z3.union([z3.string(), z3.date()]),
+  updated_at: z3.union([z3.string(), z3.date()]),
+  last_location_latitude: z3.number().nullable(),
+  last_location_longitude: z3.number().nullable()
+});
+
+// src/schemas/drivers/patch-driver.ts
+import z4 from "zod";
+var PATCH_DRIVER_NAME_MAX_LENGTH = 255;
+var DRIVER_NAME_FORBIDDEN_RANGES = [
+  [0, 31],
+  // C0 controls (includes NUL, CR, LF, TAB)
+  [127, 159],
+  // DEL + C1 controls
+  [8203, 8205],
+  // ZWSP, ZWNJ, ZWJ
+  [65279, 65279],
+  // BOM / ZWNBSP
+  [8234, 8238],
+  // bidi overrides
+  [8294, 8297]
+  // bidi isolates
+];
+var buildForbiddenCharPattern = () => {
+  const cls = DRIVER_NAME_FORBIDDEN_RANGES.map(([lo, hi]) => {
+    const loEsc = "\\u" + lo.toString(16).padStart(4, "0");
+    if (lo === hi) return loEsc;
+    const hiEsc = "\\u" + hi.toString(16).padStart(4, "0");
+    return `${loEsc}-${hiEsc}`;
+  }).join("");
+  return new RegExp(`[${cls}]`);
+};
+var DRIVER_NAME_FORBIDDEN_CHAR_PATTERN = buildForbiddenCharPattern();
+var DriverNameSchema = z4.string().trim().min(1).max(PATCH_DRIVER_NAME_MAX_LENGTH).refine(
+  (s) => !DRIVER_NAME_FORBIDDEN_CHAR_PATTERN.test(s),
+  {
+    message: "name contains disallowed control, zero-width, or bidirectional-override characters"
+  }
+);
+var PatchDriverRequestSchema = z4.object({
+  driver_id: z4.uuid(),
+  // Tenant scoping: the caller MUST identify which provider account owns the
+  // driver. The aggregator verifies (provider_account_id, driver_id) exists in
+  // `provider_account_to_driver` before mutating, preventing cross-tenant IDOR.
+  provider_account_id: z4.uuid(),
+  name: DriverNameSchema
+});
+var PatchDriverDriverResponseSchema = SharedDriverResponseSchema.pick({
+  id: true,
+  name: true,
+  eld_external_id: true,
+  is_placeholder: true,
+  created_at: true,
+  updated_at: true
+}).strict();
+var PatchDriverResponseSchema = z4.object({
+  message: z4.string(),
+  driver: PatchDriverDriverResponseSchema
+});
+
+// src/schemas/providerAccounts/update-status.ts
+import z5 from "zod";
 var ScrapeStatus = /* @__PURE__ */ ((ScrapeStatus2) => {
   ScrapeStatus2["NEW_LOGIN_RECEIVED"] = "NEW_LOGIN_RECEIVED";
   ScrapeStatus2["LOGIN_IN_PROGRESS"] = "LOGIN_IN_PROGRESS";
@@ -107,25 +184,25 @@ var ScrapeStatus = /* @__PURE__ */ ((ScrapeStatus2) => {
   ScrapeStatus2["DATA_FETCH_FAILED"] = "DATA_FETCH_FAILED";
   return ScrapeStatus2;
 })(ScrapeStatus || {});
-var UpdateScrapeStatusMessage = z3.object({
-  status: z3.nativeEnum(ScrapeStatus).describe("The current status of the scrape process"),
-  correctPassword: z3.boolean().optional().describe("Indicates if the provided password was correct, if applicable"),
-  externalProviderAccountId: z3.string().describe("The external identifier for the provider account (convex ID or similar)"),
-  username: z3.string().describe("The username of the provider account whose status is being updated"),
-  provider_url: z3.string().describe("The URL of the ELD provider"),
-  driverCount: z3.number().optional().describe("The number of drivers associated with the account, if applicable"),
-  providerSlug: z3.string().optional().describe("The slug identifier for the provider")
+var UpdateScrapeStatusMessage = z5.object({
+  status: z5.nativeEnum(ScrapeStatus).describe("The current status of the scrape process"),
+  correctPassword: z5.boolean().optional().describe("Indicates if the provided password was correct, if applicable"),
+  externalProviderAccountId: z5.string().describe("The external identifier for the provider account (convex ID or similar)"),
+  username: z5.string().describe("The username of the provider account whose status is being updated"),
+  provider_url: z5.string().describe("The URL of the ELD provider"),
+  driverCount: z5.number().optional().describe("The number of drivers associated with the account, if applicable"),
+  providerSlug: z5.string().optional().describe("The slug identifier for the provider")
 }).describe("Schema for update status messages");
 
 // src/schemas/providerAccounts/validate-password.ts
-import { z as z4 } from "zod";
-var ValidatePasswordRequestSchema = z4.object({
-  providerAccountId: z4.string().min(1).describe("The unique identifier of the provider account in postgres to validate the password for"),
-  encryptedPassword: z4.string().min(1).describe("The encrypted password to validate against the stored password")
+import { z as z6 } from "zod";
+var ValidatePasswordRequestSchema = z6.object({
+  providerAccountId: z6.string().min(1).describe("The unique identifier of the provider account in postgres to validate the password for"),
+  encryptedPassword: z6.string().min(1).describe("The encrypted password to validate against the stored password")
 }).describe("Request schema for validating a provider account password");
-var ValidatePasswordResponseSchema = z4.object({
-  isValid: z4.boolean().describe("Indicates if the provided password is valid"),
-  driverIds: z4.array(z4.string()).describe("List of driver IDs associated with the provider account")
+var ValidatePasswordResponseSchema = z6.object({
+  isValid: z6.boolean().describe("Indicates if the provided password is valid"),
+  driverIds: z6.array(z6.string()).describe("List of driver IDs associated with the provider account")
 }).describe("Response schema for password validation");
 
 export {
@@ -142,6 +219,13 @@ export {
   BatchConvexUpdateSchema,
   ConvexUpdate,
   BatchConvexUpdate,
+  SharedDriverResponseSchema,
+  PATCH_DRIVER_NAME_MAX_LENGTH,
+  DRIVER_NAME_FORBIDDEN_CHAR_PATTERN,
+  DriverNameSchema,
+  PatchDriverRequestSchema,
+  PatchDriverDriverResponseSchema,
+  PatchDriverResponseSchema,
   ScrapeStatus,
   UpdateScrapeStatusMessage,
   ValidatePasswordRequestSchema,