npm - @fuzdev/fuz_app - Versions diffs - 0.1.0 - Mend

@fuzdev/fuz_app 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (457) hide show

package/LICENSE +21 -0
package/README.md +49 -0
package/dist/actions/action_bridge.d.ts +65 -0
package/dist/actions/action_bridge.d.ts.map +1 -0
package/dist/actions/action_bridge.js +76 -0
package/dist/actions/action_codegen.d.ts +97 -0
package/dist/actions/action_codegen.d.ts.map +1 -0
package/dist/actions/action_codegen.js +280 -0
package/dist/actions/action_registry.d.ts +35 -0
package/dist/actions/action_registry.d.ts.map +1 -0
package/dist/actions/action_registry.js +83 -0
package/dist/actions/action_spec.d.ts +169 -0
package/dist/actions/action_spec.d.ts.map +1 -0
package/dist/actions/action_spec.js +76 -0
package/dist/auth/account_queries.d.ts +96 -0
package/dist/auth/account_queries.d.ts.map +1 -0
package/dist/auth/account_queries.js +172 -0
package/dist/auth/account_routes.d.ts +86 -0
package/dist/auth/account_routes.d.ts.map +1 -0
package/dist/auth/account_routes.js +406 -0
package/dist/auth/account_schema.d.ts +192 -0
package/dist/auth/account_schema.d.ts.map +1 -0
package/dist/auth/account_schema.js +105 -0
package/dist/auth/admin_routes.d.ts +29 -0
package/dist/auth/admin_routes.d.ts.map +1 -0
package/dist/auth/admin_routes.js +193 -0
package/dist/auth/api_token.d.ts +33 -0
package/dist/auth/api_token.d.ts.map +1 -0
package/dist/auth/api_token.js +36 -0
package/dist/auth/api_token_queries.d.ts +80 -0
package/dist/auth/api_token_queries.d.ts.map +1 -0
package/dist/auth/api_token_queries.js +116 -0
package/dist/auth/app_settings_queries.d.ts +33 -0
package/dist/auth/app_settings_queries.d.ts.map +1 -0
package/dist/auth/app_settings_queries.js +51 -0
package/dist/auth/app_settings_routes.d.ts +27 -0
package/dist/auth/app_settings_routes.d.ts.map +1 -0
package/dist/auth/app_settings_routes.js +66 -0
package/dist/auth/app_settings_schema.d.ts +35 -0
package/dist/auth/app_settings_schema.d.ts.map +1 -0
package/dist/auth/app_settings_schema.js +22 -0
package/dist/auth/audit_log_queries.d.ts +90 -0
package/dist/auth/audit_log_queries.d.ts.map +1 -0
package/dist/auth/audit_log_queries.js +205 -0
package/dist/auth/audit_log_routes.d.ts +33 -0
package/dist/auth/audit_log_routes.d.ts.map +1 -0
package/dist/auth/audit_log_routes.js +106 -0
package/dist/auth/audit_log_schema.d.ts +259 -0
package/dist/auth/audit_log_schema.d.ts.map +1 -0
package/dist/auth/audit_log_schema.js +123 -0
package/dist/auth/bearer_auth.d.ts +32 -0
package/dist/auth/bearer_auth.d.ts.map +1 -0
package/dist/auth/bearer_auth.js +90 -0
package/dist/auth/bootstrap_account.d.ts +82 -0
package/dist/auth/bootstrap_account.d.ts.map +1 -0
package/dist/auth/bootstrap_account.js +97 -0
package/dist/auth/bootstrap_routes.d.ts +74 -0
package/dist/auth/bootstrap_routes.d.ts.map +1 -0
package/dist/auth/bootstrap_routes.js +154 -0
package/dist/auth/daemon_token.d.ts +49 -0
package/dist/auth/daemon_token.d.ts.map +1 -0
package/dist/auth/daemon_token.js +49 -0
package/dist/auth/daemon_token_middleware.d.ts +93 -0
package/dist/auth/daemon_token_middleware.d.ts.map +1 -0
package/dist/auth/daemon_token_middleware.js +167 -0
package/dist/auth/ddl.d.ts +27 -0
package/dist/auth/ddl.d.ts.map +1 -0
package/dist/auth/ddl.js +111 -0
package/dist/auth/deps.d.ts +52 -0
package/dist/auth/deps.d.ts.map +1 -0
package/dist/auth/deps.js +10 -0
package/dist/auth/invite_queries.d.ts +68 -0
package/dist/auth/invite_queries.d.ts.map +1 -0
package/dist/auth/invite_queries.js +105 -0
package/dist/auth/invite_routes.d.ts +18 -0
package/dist/auth/invite_routes.d.ts.map +1 -0
package/dist/auth/invite_routes.js +129 -0
package/dist/auth/invite_schema.d.ts +51 -0
package/dist/auth/invite_schema.d.ts.map +1 -0
package/dist/auth/invite_schema.js +25 -0
package/dist/auth/keyring.d.ts +87 -0
package/dist/auth/keyring.d.ts.map +1 -0
package/dist/auth/keyring.js +142 -0
package/dist/auth/middleware.d.ts +40 -0
package/dist/auth/middleware.d.ts.map +1 -0
package/dist/auth/middleware.js +64 -0
package/dist/auth/migrations.d.ts +42 -0
package/dist/auth/migrations.d.ts.map +1 -0
package/dist/auth/migrations.js +79 -0
package/dist/auth/password.d.ts +39 -0
package/dist/auth/password.d.ts.map +1 -0
package/dist/auth/password.js +25 -0
package/dist/auth/password_argon2.d.ts +43 -0
package/dist/auth/password_argon2.d.ts.map +1 -0
package/dist/auth/password_argon2.js +76 -0
package/dist/auth/permit_queries.d.ts +72 -0
package/dist/auth/permit_queries.d.ts.map +1 -0
package/dist/auth/permit_queries.js +116 -0
package/dist/auth/request_context.d.ts +114 -0
package/dist/auth/request_context.d.ts.map +1 -0
package/dist/auth/request_context.js +176 -0
package/dist/auth/require_keeper.d.ts +20 -0
package/dist/auth/require_keeper.d.ts.map +1 -0
package/dist/auth/require_keeper.js +35 -0
package/dist/auth/role_schema.d.ts +69 -0
package/dist/auth/role_schema.d.ts.map +1 -0
package/dist/auth/role_schema.js +70 -0
package/dist/auth/route_guards.d.ts +21 -0
package/dist/auth/route_guards.d.ts.map +1 -0
package/dist/auth/route_guards.js +32 -0
package/dist/auth/session_cookie.d.ts +158 -0
package/dist/auth/session_cookie.d.ts.map +1 -0
package/dist/auth/session_cookie.js +135 -0
package/dist/auth/session_lifecycle.d.ts +35 -0
package/dist/auth/session_lifecycle.d.ts.map +1 -0
package/dist/auth/session_lifecycle.js +27 -0
package/dist/auth/session_middleware.d.ts +33 -0
package/dist/auth/session_middleware.d.ts.map +1 -0
package/dist/auth/session_middleware.js +62 -0
package/dist/auth/session_queries.d.ts +135 -0
package/dist/auth/session_queries.d.ts.map +1 -0
package/dist/auth/session_queries.js +186 -0
package/dist/auth/signup_routes.d.ts +32 -0
package/dist/auth/signup_routes.d.ts.map +1 -0
package/dist/auth/signup_routes.js +150 -0
package/dist/cli/args.d.ts +48 -0
package/dist/cli/args.d.ts.map +1 -0
package/dist/cli/args.js +76 -0
package/dist/cli/config.d.ts +48 -0
package/dist/cli/config.d.ts.map +1 -0
package/dist/cli/config.js +77 -0
package/dist/cli/daemon.d.ts +82 -0
package/dist/cli/daemon.d.ts.map +1 -0
package/dist/cli/daemon.js +149 -0
package/dist/cli/help.d.ts +85 -0
package/dist/cli/help.d.ts.map +1 -0
package/dist/cli/help.js +138 -0
package/dist/cli/logger.d.ts +46 -0
package/dist/cli/logger.d.ts.map +1 -0
package/dist/cli/logger.js +48 -0
package/dist/cli/util.d.ts +36 -0
package/dist/cli/util.d.ts.map +1 -0
package/dist/cli/util.js +50 -0
package/dist/crypto.d.ts +13 -0
package/dist/crypto.d.ts.map +1 -0
package/dist/crypto.js +19 -0
package/dist/db/assert_row.d.ts +18 -0
package/dist/db/assert_row.d.ts.map +1 -0
package/dist/db/assert_row.js +24 -0
package/dist/db/create_db.d.ts +38 -0
package/dist/db/create_db.d.ts.map +1 -0
package/dist/db/create_db.js +57 -0
package/dist/db/db.d.ts +97 -0
package/dist/db/db.d.ts.map +1 -0
package/dist/db/db.js +76 -0
package/dist/db/db_pg.d.ts +21 -0
package/dist/db/db_pg.d.ts.map +1 -0
package/dist/db/db_pg.js +45 -0
package/dist/db/db_pglite.d.ts +21 -0
package/dist/db/db_pglite.d.ts.map +1 -0
package/dist/db/db_pglite.js +28 -0
package/dist/db/migrate.d.ts +67 -0
package/dist/db/migrate.d.ts.map +1 -0
package/dist/db/migrate.js +118 -0
package/dist/db/pg_error.d.ts +16 -0
package/dist/db/pg_error.d.ts.map +1 -0
package/dist/db/pg_error.js +15 -0
package/dist/db/query_deps.d.ts +14 -0
package/dist/db/query_deps.d.ts.map +1 -0
package/dist/db/query_deps.js +9 -0
package/dist/db/sql_identifier.d.ts +27 -0
package/dist/db/sql_identifier.d.ts.map +1 -0
package/dist/db/sql_identifier.js +31 -0
package/dist/db/status.d.ts +62 -0
package/dist/db/status.d.ts.map +1 -0
package/dist/db/status.js +116 -0
package/dist/dev/setup.d.ts +159 -0
package/dist/dev/setup.d.ts.map +1 -0
package/dist/dev/setup.js +265 -0
package/dist/env/dotenv.d.ts +25 -0
package/dist/env/dotenv.d.ts.map +1 -0
package/dist/env/dotenv.js +52 -0
package/dist/env/load.d.ts +52 -0
package/dist/env/load.d.ts.map +1 -0
package/dist/env/load.js +79 -0
package/dist/env/mask.d.ts +19 -0
package/dist/env/mask.d.ts.map +1 -0
package/dist/env/mask.js +26 -0
package/dist/env/resolve.d.ts +126 -0
package/dist/env/resolve.d.ts.map +1 -0
package/dist/env/resolve.js +200 -0
package/dist/hono_context.d.ts +48 -0
package/dist/hono_context.d.ts.map +1 -0
package/dist/hono_context.js +22 -0
package/dist/http/common_routes.d.ts +52 -0
package/dist/http/common_routes.d.ts.map +1 -0
package/dist/http/common_routes.js +65 -0
package/dist/http/db_routes.d.ts +57 -0
package/dist/http/db_routes.d.ts.map +1 -0
package/dist/http/db_routes.js +176 -0
package/dist/http/error_schemas.d.ts +169 -0
package/dist/http/error_schemas.d.ts.map +1 -0
package/dist/http/error_schemas.js +178 -0
package/dist/http/middleware_spec.d.ts +19 -0
package/dist/http/middleware_spec.d.ts.map +1 -0
package/dist/http/middleware_spec.js +9 -0
package/dist/http/origin.d.ts +57 -0
package/dist/http/origin.d.ts.map +1 -0
package/dist/http/origin.js +207 -0
package/dist/http/proxy.d.ts +112 -0
package/dist/http/proxy.d.ts.map +1 -0
package/dist/http/proxy.js +240 -0
package/dist/http/route_spec.d.ts +197 -0
package/dist/http/route_spec.d.ts.map +1 -0
package/dist/http/route_spec.js +243 -0
package/dist/http/schema_helpers.d.ts +64 -0
package/dist/http/schema_helpers.d.ts.map +1 -0
package/dist/http/schema_helpers.js +90 -0
package/dist/http/surface.d.ts +132 -0
package/dist/http/surface.d.ts.map +1 -0
package/dist/http/surface.js +156 -0
package/dist/http/surface_query.d.ts +77 -0
package/dist/http/surface_query.d.ts.map +1 -0
package/dist/http/surface_query.js +86 -0
package/dist/rate_limiter.d.ts +94 -0
package/dist/rate_limiter.d.ts.map +1 -0
package/dist/rate_limiter.js +156 -0
package/dist/realtime/sse.d.ts +80 -0
package/dist/realtime/sse.d.ts.map +1 -0
package/dist/realtime/sse.js +109 -0
package/dist/realtime/sse_auth_guard.d.ts +93 -0
package/dist/realtime/sse_auth_guard.d.ts.map +1 -0
package/dist/realtime/sse_auth_guard.js +111 -0
package/dist/realtime/subscriber_registry.d.ts +85 -0
package/dist/realtime/subscriber_registry.d.ts.map +1 -0
package/dist/realtime/subscriber_registry.js +108 -0
package/dist/runtime/deno.d.ts +21 -0
package/dist/runtime/deno.d.ts.map +1 -0
package/dist/runtime/deno.js +83 -0
package/dist/runtime/deps.d.ts +113 -0
package/dist/runtime/deps.d.ts.map +1 -0
package/dist/runtime/deps.js +10 -0
package/dist/runtime/fs.d.ts +15 -0
package/dist/runtime/fs.d.ts.map +1 -0
package/dist/runtime/fs.js +17 -0
package/dist/runtime/mock.d.ts +81 -0
package/dist/runtime/mock.d.ts.map +1 -0
package/dist/runtime/mock.js +195 -0
package/dist/runtime/node.d.ts +17 -0
package/dist/runtime/node.d.ts.map +1 -0
package/dist/runtime/node.js +117 -0
package/dist/schema_meta.d.ts +16 -0
package/dist/schema_meta.d.ts.map +1 -0
package/dist/schema_meta.js +9 -0
package/dist/sensitivity.d.ts +15 -0
package/dist/sensitivity.d.ts.map +1 -0
package/dist/sensitivity.js +9 -0
package/dist/server/app_backend.d.ts +74 -0
package/dist/server/app_backend.d.ts.map +1 -0
package/dist/server/app_backend.js +39 -0
package/dist/server/app_server.d.ts +201 -0
package/dist/server/app_server.d.ts.map +1 -0
package/dist/server/app_server.js +266 -0
package/dist/server/env.d.ts +68 -0
package/dist/server/env.d.ts.map +1 -0
package/dist/server/env.js +95 -0
package/dist/server/startup.d.ts +22 -0
package/dist/server/startup.d.ts.map +1 -0
package/dist/server/startup.js +48 -0
package/dist/server/static.d.ts +39 -0
package/dist/server/static.d.ts.map +1 -0
package/dist/server/static.js +38 -0
package/dist/server/validate_nginx.d.ts +34 -0
package/dist/server/validate_nginx.d.ts.map +1 -0
package/dist/server/validate_nginx.js +118 -0
package/dist/testing/CLAUDE.md +3 -0
package/dist/testing/admin_integration.d.ts +45 -0
package/dist/testing/admin_integration.d.ts.map +1 -0
package/dist/testing/admin_integration.js +840 -0
package/dist/testing/adversarial_404.d.ts +15 -0
package/dist/testing/adversarial_404.d.ts.map +1 -0
package/dist/testing/adversarial_404.js +118 -0
package/dist/testing/adversarial_headers.d.ts +36 -0
package/dist/testing/adversarial_headers.d.ts.map +1 -0
package/dist/testing/adversarial_headers.js +128 -0
package/dist/testing/adversarial_input.d.ts +56 -0
package/dist/testing/adversarial_input.d.ts.map +1 -0
package/dist/testing/adversarial_input.js +494 -0
package/dist/testing/app_server.d.ts +169 -0
package/dist/testing/app_server.d.ts.map +1 -0
package/dist/testing/app_server.js +240 -0
package/dist/testing/assert_dev_env.d.ts +10 -0
package/dist/testing/assert_dev_env.d.ts.map +1 -0
package/dist/testing/assert_dev_env.js +13 -0
package/dist/testing/assertions.d.ts +61 -0
package/dist/testing/assertions.d.ts.map +1 -0
package/dist/testing/assertions.js +96 -0
package/dist/testing/attack_surface.d.ts +63 -0
package/dist/testing/attack_surface.d.ts.map +1 -0
package/dist/testing/attack_surface.js +224 -0
package/dist/testing/audit_completeness.d.ts +29 -0
package/dist/testing/audit_completeness.d.ts.map +1 -0
package/dist/testing/audit_completeness.js +410 -0
package/dist/testing/auth_apps.d.ts +55 -0
package/dist/testing/auth_apps.d.ts.map +1 -0
package/dist/testing/auth_apps.js +122 -0
package/dist/testing/data_exposure.d.ts +62 -0
package/dist/testing/data_exposure.d.ts.map +1 -0
package/dist/testing/data_exposure.js +297 -0
package/dist/testing/db.d.ts +111 -0
package/dist/testing/db.d.ts.map +1 -0
package/dist/testing/db.js +258 -0
package/dist/testing/entities.d.ts +21 -0
package/dist/testing/entities.d.ts.map +1 -0
package/dist/testing/entities.js +42 -0
package/dist/testing/error_coverage.d.ts +78 -0
package/dist/testing/error_coverage.d.ts.map +1 -0
package/dist/testing/error_coverage.js +135 -0
package/dist/testing/integration.d.ts +37 -0
package/dist/testing/integration.d.ts.map +1 -0
package/dist/testing/integration.js +1139 -0
package/dist/testing/integration_helpers.d.ts +107 -0
package/dist/testing/integration_helpers.d.ts.map +1 -0
package/dist/testing/integration_helpers.js +246 -0
package/dist/testing/middleware.d.ts +125 -0
package/dist/testing/middleware.d.ts.map +1 -0
package/dist/testing/middleware.js +210 -0
package/dist/testing/rate_limiting.d.ts +43 -0
package/dist/testing/rate_limiting.d.ts.map +1 -0
package/dist/testing/rate_limiting.js +216 -0
package/dist/testing/round_trip.d.ts +37 -0
package/dist/testing/round_trip.d.ts.map +1 -0
package/dist/testing/round_trip.js +128 -0
package/dist/testing/schema_generators.d.ts +33 -0
package/dist/testing/schema_generators.d.ts.map +1 -0
package/dist/testing/schema_generators.js +137 -0
package/dist/testing/standard.d.ts +49 -0
package/dist/testing/standard.d.ts.map +1 -0
package/dist/testing/standard.js +16 -0
package/dist/testing/stubs.d.ts +96 -0
package/dist/testing/stubs.d.ts.map +1 -0
package/dist/testing/stubs.js +192 -0
package/dist/testing/surface_invariants.d.ts +189 -0
package/dist/testing/surface_invariants.d.ts.map +1 -0
package/dist/testing/surface_invariants.js +450 -0
package/dist/ui/AccountSessions.svelte +75 -0
package/dist/ui/AccountSessions.svelte.d.ts +19 -0
package/dist/ui/AccountSessions.svelte.d.ts.map +1 -0
package/dist/ui/AdminAccounts.svelte +107 -0
package/dist/ui/AdminAccounts.svelte.d.ts +19 -0
package/dist/ui/AdminAccounts.svelte.d.ts.map +1 -0
package/dist/ui/AdminAuditLog.svelte +144 -0
package/dist/ui/AdminAuditLog.svelte.d.ts +4 -0
package/dist/ui/AdminAuditLog.svelte.d.ts.map +1 -0
package/dist/ui/AdminInvites.svelte +142 -0
package/dist/ui/AdminInvites.svelte.d.ts +4 -0
package/dist/ui/AdminInvites.svelte.d.ts.map +1 -0
package/dist/ui/AdminOverview.svelte +337 -0
package/dist/ui/AdminOverview.svelte.d.ts +4 -0
package/dist/ui/AdminOverview.svelte.d.ts.map +1 -0
package/dist/ui/AdminPermitHistory.svelte +61 -0
package/dist/ui/AdminPermitHistory.svelte.d.ts +19 -0
package/dist/ui/AdminPermitHistory.svelte.d.ts.map +1 -0
package/dist/ui/AdminSessions.svelte +85 -0
package/dist/ui/AdminSessions.svelte.d.ts +19 -0
package/dist/ui/AdminSessions.svelte.d.ts.map +1 -0
package/dist/ui/AdminSettings.svelte +32 -0
package/dist/ui/AdminSettings.svelte.d.ts +19 -0
package/dist/ui/AdminSettings.svelte.d.ts.map +1 -0
package/dist/ui/AdminSurface.svelte +42 -0
package/dist/ui/AdminSurface.svelte.d.ts +4 -0
package/dist/ui/AdminSurface.svelte.d.ts.map +1 -0
package/dist/ui/AppShell.svelte +93 -0
package/dist/ui/AppShell.svelte.d.ts +20 -0
package/dist/ui/AppShell.svelte.d.ts.map +1 -0
package/dist/ui/BootstrapForm.svelte +105 -0
package/dist/ui/BootstrapForm.svelte.d.ts +4 -0
package/dist/ui/BootstrapForm.svelte.d.ts.map +1 -0
package/dist/ui/ColumnLayout.svelte +46 -0
package/dist/ui/ColumnLayout.svelte.d.ts +11 -0
package/dist/ui/ColumnLayout.svelte.d.ts.map +1 -0
package/dist/ui/ConfirmButton.svelte +125 -0
package/dist/ui/ConfirmButton.svelte.d.ts +54 -0
package/dist/ui/ConfirmButton.svelte.d.ts.map +1 -0
package/dist/ui/Datatable.svelte +185 -0
package/dist/ui/Datatable.svelte.d.ts +35 -0
package/dist/ui/Datatable.svelte.d.ts.map +1 -0
package/dist/ui/LoginForm.svelte +82 -0
package/dist/ui/LoginForm.svelte.d.ts +8 -0
package/dist/ui/LoginForm.svelte.d.ts.map +1 -0
package/dist/ui/LogoutButton.svelte +36 -0
package/dist/ui/LogoutButton.svelte.d.ts +10 -0
package/dist/ui/LogoutButton.svelte.d.ts.map +1 -0
package/dist/ui/MenuLink.svelte +35 -0
package/dist/ui/MenuLink.svelte.d.ts +12 -0
package/dist/ui/MenuLink.svelte.d.ts.map +1 -0
package/dist/ui/OpenSignupToggle.svelte +36 -0
package/dist/ui/OpenSignupToggle.svelte.d.ts +19 -0
package/dist/ui/OpenSignupToggle.svelte.d.ts.map +1 -0
package/dist/ui/PopoverButton.svelte +136 -0
package/dist/ui/PopoverButton.svelte.d.ts +63 -0
package/dist/ui/PopoverButton.svelte.d.ts.map +1 -0
package/dist/ui/SignupForm.svelte +117 -0
package/dist/ui/SignupForm.svelte.d.ts +7 -0
package/dist/ui/SignupForm.svelte.d.ts.map +1 -0
package/dist/ui/SurfaceExplorer.svelte +287 -0
package/dist/ui/SurfaceExplorer.svelte.d.ts +8 -0
package/dist/ui/SurfaceExplorer.svelte.d.ts.map +1 -0
package/dist/ui/account_sessions_state.svelte.d.ts +15 -0
package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -0
package/dist/ui/account_sessions_state.svelte.js +45 -0
package/dist/ui/admin_accounts_state.svelte.d.ts +19 -0
package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -0
package/dist/ui/admin_accounts_state.svelte.js +65 -0
package/dist/ui/admin_invites_state.svelte.d.ts +19 -0
package/dist/ui/admin_invites_state.svelte.d.ts.map +1 -0
package/dist/ui/admin_invites_state.svelte.js +71 -0
package/dist/ui/admin_sessions_state.svelte.d.ts +18 -0
package/dist/ui/admin_sessions_state.svelte.d.ts.map +1 -0
package/dist/ui/admin_sessions_state.svelte.js +62 -0
package/dist/ui/app_settings_state.svelte.d.ts +14 -0
package/dist/ui/app_settings_state.svelte.d.ts.map +1 -0
package/dist/ui/app_settings_state.svelte.js +44 -0
package/dist/ui/audit_log_state.svelte.d.ts +40 -0
package/dist/ui/audit_log_state.svelte.d.ts.map +1 -0
package/dist/ui/audit_log_state.svelte.js +153 -0
package/dist/ui/auth_state.svelte.d.ts +85 -0
package/dist/ui/auth_state.svelte.d.ts.map +1 -0
package/dist/ui/auth_state.svelte.js +238 -0
package/dist/ui/datatable.d.ts +25 -0
package/dist/ui/datatable.d.ts.map +1 -0
package/dist/ui/datatable.js +9 -0
package/dist/ui/enter_advance.d.ts +13 -0
package/dist/ui/enter_advance.d.ts.map +1 -0
package/dist/ui/enter_advance.js +30 -0
package/dist/ui/loadable.svelte.d.ts +55 -0
package/dist/ui/loadable.svelte.d.ts.map +1 -0
package/dist/ui/loadable.svelte.js +75 -0
package/dist/ui/popover.svelte.d.ts +137 -0
package/dist/ui/popover.svelte.d.ts.map +1 -0
package/dist/ui/popover.svelte.js +288 -0
package/dist/ui/position_helpers.d.ts +27 -0
package/dist/ui/position_helpers.d.ts.map +1 -0
package/dist/ui/position_helpers.js +81 -0
package/dist/ui/sidebar_state.svelte.d.ts +30 -0
package/dist/ui/sidebar_state.svelte.d.ts.map +1 -0
package/dist/ui/sidebar_state.svelte.js +39 -0
package/dist/ui/table_state.svelte.d.ts +63 -0
package/dist/ui/table_state.svelte.d.ts.map +1 -0
package/dist/ui/table_state.svelte.js +117 -0
package/dist/ui/ui_fetch.d.ts +29 -0
package/dist/ui/ui_fetch.d.ts.map +1 -0
package/dist/ui/ui_fetch.js +37 -0
package/dist/ui/ui_format.d.ts +63 -0
package/dist/ui/ui_format.d.ts.map +1 -0
package/dist/ui/ui_format.js +196 -0
package/package.json +121 -0

package/dist/testing/attack_surface.js ADDED Viewed

@@ -0,0 +1,224 @@
+import './assert_dev_env.js';
+/**
+ * Adversarial auth enforcement test runners and the standard attack surface suite.
+ *
+ * The combinatorial test runner (`describe_adversarial_auth`) generates
+ * test suites for routes x auth levels. The standard suite
+ * (`describe_standard_attack_surface_tests`) composes all attack surface
+ * test groups into a single call.
+ *
+ * Stubs, app factories, and assertion helpers live in focused submodules:
+ * - `test_auth_stubs` — stub factories and pre-built dep bundles
+ * - `test_auth_apps` — auth-level test app factories
+ * - `test_auth_assertions` — snapshot, public route, and middleware assertions
+ *
+ * @module
+ */
+import { test, assert, describe } from 'vitest';
+import { assert_surface_invariants, assert_surface_security_policy, audit_error_schema_tightness, assert_error_schema_tightness, } from './surface_invariants.js';
+import { describe_adversarial_input } from './adversarial_input.js';
+import { describe_adversarial_404 } from './adversarial_404.js';
+import { create_test_app_from_specs, create_test_request_context, create_auth_test_apps, select_auth_app, resolve_test_path, } from './auth_apps.js';
+import { assert_surface_matches_snapshot, assert_surface_deterministic, assert_only_expected_public_routes, assert_full_middleware_stack, assert_error_schema_valid, } from './assertions.js';
+import { merge_error_schemas } from '../http/schema_helpers.js';
+import { collect_middleware_errors } from '../http/surface.js';
+import { filter_protected_routes, filter_role_routes, filter_keeper_routes, } from '../http/surface_query.js';
+import { ERROR_AUTHENTICATION_REQUIRED, ERROR_INSUFFICIENT_PERMISSIONS, ERROR_KEEPER_REQUIRES_DAEMON_TOKEN, } from '../http/error_schemas.js';
+// --- Adversarial test runner ---
+/**
+ * Build a lookup from `"METHOD /path"` to merged error schemas (auto-derived + middleware + explicit).
+ *
+ * Uses `merge_error_schemas` to ensure consistency with surface generation —
+ * accounts for auth, input, params, and middleware when auto-deriving error schemas.
+ */
+const build_error_schema_lookup = (route_specs, middleware_specs) => {
+    const lookup = new Map();
+    for (const spec of route_specs) {
+        const key = `${spec.method} ${spec.path}`;
+        const mw_errors = middleware_specs
+            ? collect_middleware_errors(middleware_specs, spec.path)
+            : null;
+        const merged = merge_error_schemas(spec, mw_errors);
+        if (merged && Object.keys(merged).length > 0) {
+            lookup.set(key, merged);
+        }
+    }
+    return lookup;
+};
+/**
+ * Generate adversarial HTTP auth enforcement test suites.
+ *
+ * Describe blocks:
+ * - unauthenticated → 401 — every protected route
+ * - wrong role → 403 — every role route, tested with all non-matching roles
+ * - authenticated without role → 403 — every role route, no-role context
+ * - correct auth passes guard — every protected route, assert not 401/403
+ *
+ * @param options - the test configuration
+ */
+export const describe_adversarial_auth = (options) => {
+    const { build, roles } = options;
+    const { surface, route_specs, middleware_specs } = build();
+    const protected_routes = filter_protected_routes(surface);
+    if (protected_routes.length === 0)
+        return;
+    const role_routes = filter_role_routes(surface);
+    const keeper_routes = filter_keeper_routes(surface);
+    // merged error schemas (auto-derived + middleware + handler-specific) for response validation
+    const error_schema_lookup = build_error_schema_lookup(route_specs, middleware_specs);
+    const apps = create_auth_test_apps(route_specs, roles);
+    describe('adversarial HTTP auth enforcement', () => {
+        describe('unauthenticated → 401', () => {
+            for (const route of protected_routes) {
+                test(`${route.method} ${route.path}`, async () => {
+                    const res = await apps.public.request(resolve_test_path(route.path), {
+                        method: route.method,
+                    });
+                    assert.strictEqual(res.status, 401, `${route.method} ${route.path}`);
+                    const body = await res.json();
+                    assert.strictEqual(body.error, ERROR_AUTHENTICATION_REQUIRED);
+                    assert_error_schema_valid(error_schema_lookup, route, 401, body);
+                });
+            }
+        });
+        if (role_routes.length > 0) {
+            describe('wrong role → 403', () => {
+                for (const route of role_routes) {
+                    const wrong_roles = roles.filter((r) => r !== route.auth.role);
+                    for (const wrong_role of wrong_roles) {
+                        test(`${route.method} ${route.path} (${wrong_role} instead of ${route.auth.role})`, async () => {
+                            const app = apps.by_role.get(wrong_role);
+                            if (!app)
+                                throw new Error(`No test app for role '${wrong_role}'`);
+                            const res = await app.request(resolve_test_path(route.path), {
+                                method: route.method,
+                            });
+                            assert.strictEqual(res.status, 403, `${route.method} ${route.path}`);
+                            const body = await res.json();
+                            assert.strictEqual(body.error, ERROR_INSUFFICIENT_PERMISSIONS);
+                            assert.strictEqual(body.required_role, route.auth.role);
+                            assert_error_schema_valid(error_schema_lookup, route, 403, body);
+                        });
+                    }
+                }
+            });
+            describe('authenticated without role → 403', () => {
+                for (const route of role_routes) {
+                    test(`${route.method} ${route.path}`, async () => {
+                        const res = await apps.authed.request(resolve_test_path(route.path), {
+                            method: route.method,
+                        });
+                        assert.strictEqual(res.status, 403, `${route.method} ${route.path}`);
+                        const body = await res.json();
+                        assert.strictEqual(body.error, ERROR_INSUFFICIENT_PERMISSIONS);
+                        assert.strictEqual(body.required_role, route.auth.role);
+                        assert_error_schema_valid(error_schema_lookup, route, 403, body);
+                    });
+                }
+            });
+        }
+        if (keeper_routes.length > 0) {
+            describe('keeper routes reject session credential → 403', () => {
+                // keeper role via session cookie should fail (wrong credential type)
+                const app_session_keeper = create_test_app_from_specs(route_specs, create_test_request_context('keeper'), 'session');
+                for (const route of keeper_routes) {
+                    test(`${route.method} ${route.path}`, async () => {
+                        const res = await app_session_keeper.request(resolve_test_path(route.path), {
+                            method: route.method,
+                        });
+                        assert.strictEqual(res.status, 403, `${route.method} ${route.path}`);
+                        const body = await res.json();
+                        assert.strictEqual(body.error, ERROR_KEEPER_REQUIRES_DAEMON_TOKEN);
+                        assert_error_schema_valid(error_schema_lookup, route, 403, body);
+                    });
+                }
+            });
+        }
+        describe('correct auth passes guard', () => {
+            for (const route of protected_routes) {
+                test(`${route.method} ${route.path}`, async () => {
+                    const res = await select_auth_app(apps, route.auth).request(resolve_test_path(route.path), { method: route.method });
+                    // handler may error (500) or return 404 (stub deps) — that's fine, we only verify auth passed
+                    assert.notStrictEqual(res.status, 401, 'should not be 401 (auth rejected)');
+                    assert.notStrictEqual(res.status, 403, 'should not be 403 (role rejected)');
+                    // handler-level 404 (resource not found with stub deps) is fine —
+                    // only reject router-level 404 (route not registered)
+                    if (res.status === 404) {
+                        const body = await res.json().catch(() => null);
+                        assert.ok(body?.error, `route not registered: ${route.method} ${route.path}`);
+                    }
+                    // SSE streams need explicit cleanup — the suspended promise keeps the event loop alive.
+                    // Only cancel streaming responses; regular JSON bodies don't need it.
+                    if (res.headers.get('Content-Type')?.includes('text/event-stream')) {
+                        await res.body?.cancel();
+                    }
+                });
+            }
+        });
+    });
+};
+/**
+ * Run the standard attack surface test suite.
+ *
+ * Generates 10 test groups:
+ * 1. Snapshot — live surface matches committed JSON
+ * 2. Determinism — building twice yields identical results
+ * 3. Public routes — bidirectional check (no unexpected, no missing)
+ * 4. Middleware stack — every API route has the full middleware chain
+ * 5. Surface invariants — structural assertions (error schemas, descriptions, duplicates, consistency)
+ * 6. Security policy — rate limiting on sensitive routes, no unexpected public mutations, method conventions
+ * 7. Error schema tightness audit — informational log of generic vs specific error schemas
+ * 8. Adversarial auth — unauthenticated/wrong-role/correct-auth enforcement
+ * 9. Adversarial input — input body and params validation
+ * 10. Adversarial 404 — stub 404 handlers, validate response bodies against declared schemas
+ *
+ * Consumer test files call this with project-specific options, then add
+ * any project-specific assertions in additional `describe` blocks.
+ *
+ * @param options - the test configuration
+ */
+export const describe_standard_attack_surface_tests = (options) => {
+    const { build, snapshot_path, expected_public_routes, expected_api_middleware, roles, api_path_prefix = '/api/', security_policy, error_schema_tightness, } = options;
+    const built = build();
+    const { surface } = built;
+    describe('attack surface snapshot', () => {
+        test('matches committed snapshot', () => {
+            assert_surface_matches_snapshot(surface, snapshot_path);
+        });
+        test('is deterministic', () => {
+            assert_surface_deterministic(() => build().surface);
+        });
+    });
+    describe('attack surface structure', () => {
+        test('only expected public routes', () => {
+            assert_only_expected_public_routes(surface, expected_public_routes);
+        });
+        test('full middleware stack on API routes', () => {
+            assert_full_middleware_stack(surface, api_path_prefix, expected_api_middleware);
+        });
+        test('surface invariants', () => {
+            assert_surface_invariants(surface);
+        });
+        test('security policy', () => {
+            assert_surface_security_policy(surface, security_policy);
+        });
+        test('error schema tightness audit', () => {
+            const entries = audit_error_schema_tightness(surface);
+            const generic = entries.filter((e) => e.specificity === 'generic');
+            const literal = entries.filter((e) => e.specificity === 'literal');
+            const enumerated = entries.filter((e) => e.specificity === 'enum');
+            console.log(`[error schema tightness] ${entries.length} total: ` +
+                `${literal.length} literal, ${enumerated.length} enum, ${generic.length} generic`);
+            if (generic.length > 0) {
+                console.log(`[error schema tightness] generic schemas:\n` +
+                    generic.map((e) => `  ${e.method} ${e.route_path} → ${e.status}`).join('\n'));
+            }
+            if (error_schema_tightness) {
+                assert_error_schema_tightness(surface, error_schema_tightness);
+            }
+        });
+    });
+    describe_adversarial_auth({ build: () => built, roles });
+    describe_adversarial_input({ build: () => built, roles });
+    describe_adversarial_404({ build: () => built, roles });
+};

package/dist/testing/audit_completeness.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import './assert_dev_env.js';
+import type { SessionOptions } from '../auth/session_cookie.js';
+import type { AppServerContext, AppServerOptions } from '../server/app_server.js';
+import type { RouteSpec } from '../http/route_spec.js';
+import { type DbFactory } from './db.js';
+/**
+ * Configuration for `describe_audit_completeness_tests`.
+ */
+export interface AuditCompletenessTestOptions {
+    /** Session config for cookie-based auth. */
+    session_options: SessionOptions<string>;
+    /** Route spec factory — same one used in production. */
+    create_route_specs: (ctx: AppServerContext) => Array<RouteSpec>;
+    /** Optional overrides for `AppServerOptions`. */
+    app_options?: Partial<Omit<AppServerOptions, 'backend' | 'session_options' | 'create_route_specs'>>;
+    /** Database factories to run tests against. Default: pglite only. */
+    db_factories?: Array<DbFactory>;
+}
+/**
+ * Composable audit log completeness test suite.
+ *
+ * Verifies that every auth mutation route produces the correct audit log
+ * event type. Exercises routes via HTTP requests against a real PGlite
+ * database, then queries the `audit_log` table to verify events.
+ *
+ * @param options - session config, route factory, and optional overrides
+ */
+export declare const describe_audit_completeness_tests: (options: AuditCompletenessTestOptions) => void;
+//# sourceMappingURL=audit_completeness.d.ts.map

package/dist/testing/audit_completeness.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit_completeness.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/audit_completeness.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAkB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAE,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAChF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAKrD,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,SAAS,CAAC;AAKjB;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,wDAAwD;IACxD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE,iDAAiD;IACjD,WAAW,CAAC,EAAE,OAAO,CACpB,IAAI,CAAC,gBAAgB,EAAE,SAAS,GAAG,iBAAiB,GAAG,oBAAoB,CAAC,CAC5E,CAAC;IACF,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;CAChC;AAkFD;;;;;;;;GAQG;AACH,eAAO,MAAM,iCAAiC,GAAI,SAAS,4BAA4B,KAAG,IA0azF,CAAC"}