@fuzdev/fuz_app 0.48.0 → 0.50.0

package/dist/auth/admin_actions.d.ts

@@ -11,13 +11,13 @@
  *   when `AdminActionOptions.app_settings` is provided — the mutable ref is
  *   owned by the server context and shared with signup middleware).
  *
- * The action specs themselves live in `./admin_action_specs.js`. Mutations
+ * The action specs themselves live in `auth/admin_action_specs.ts`. Mutations
  * emit matching audit events via `audit_log_fire_and_forget`.
  *
  * Authorization is declared at the spec level (`auth: {role: 'admin'}`) so
  * the RPC dispatcher enforces it before the handler runs and the generated
  * surface accurately reports the requirement. `permit_revoke` in
- * `permit_offer_actions.ts` uses the same spec-level pattern even though its
+ * `auth/permit_offer_actions.ts` uses the same spec-level pattern even though its
  * sibling methods are authenticated-but-not-admin — the dispatcher checks
  * auth per-spec, so mixed-auth endpoints compose cleanly. Handler-level
  * gates are reserved for input-dependent elevation (e.g.

package/dist/auth/admin_actions.js

@@ -11,13 +11,13 @@
  *   when `AdminActionOptions.app_settings` is provided — the mutable ref is
  *   owned by the server context and shared with signup middleware).
  *
- * The action specs themselves live in `./admin_action_specs.js`. Mutations
+ * The action specs themselves live in `auth/admin_action_specs.ts`. Mutations
  * emit matching audit events via `audit_log_fire_and_forget`.
  *
  * Authorization is declared at the spec level (`auth: {role: 'admin'}`) so
  * the RPC dispatcher enforces it before the handler runs and the generated
  * surface accurately reports the requirement. `permit_revoke` in
- * `permit_offer_actions.ts` uses the same spec-level pattern even though its
+ * `auth/permit_offer_actions.ts` uses the same spec-level pattern even though its
  * sibling methods are authenticated-but-not-admin — the dispatcher checks
  * auth per-spec, so mixed-auth endpoints compose cleanly. Handler-level
  * gates are reserved for input-dependent elevation (e.g.

package/dist/auth/permit_offer_action_specs.d.ts

@@ -4,7 +4,7 @@
  *
  * Import this module for the specs, Input/Output schemas, `ERROR_OFFER_*`
  * reason constants, and the `all_permit_offer_action_specs` registry.
- * Handlers live in `./permit_offer_actions.js`.
+ * Handlers live in `auth/permit_offer_actions.ts`.
  *
  * Authorization enforcement: offer-lifecycle specs declare
  * `auth: 'authenticated'` and rely on `query_*` IDOR guards or in-handler

package/dist/auth/permit_offer_action_specs.js

@@ -4,7 +4,7 @@
  *
  * Import this module for the specs, Input/Output schemas, `ERROR_OFFER_*`
  * reason constants, and the `all_permit_offer_action_specs` registry.
- * Handlers live in `./permit_offer_actions.js`.
+ * Handlers live in `auth/permit_offer_actions.ts`.
  *
  * Authorization enforcement: offer-lifecycle specs declare
  * `auth: 'authenticated'` and rely on `query_*` IDOR guards or in-handler

package/dist/auth/permit_offer_actions.d.ts

@@ -4,7 +4,7 @@
  * Seven actions: six offer-lifecycle methods (create / accept / decline /
  * retract / list / history) plus `permit_revoke` (admin-only). All mount
  * on a consumer's JSON-RPC endpoint via `create_rpc_endpoint`. The action
- * specs themselves live in `./permit_offer_action_specs.js`. Mutations
+ * specs themselves live in `auth/permit_offer_action_specs.ts`. Mutations
  * declare `side_effects: true` so the RPC dispatcher wraps the handler in
  * a DB transaction; `permit_offer_list` and `permit_offer_history` declare
  * `side_effects: false` so they are addressable via GET.

package/dist/auth/permit_offer_actions.js

@@ -4,7 +4,7 @@
  * Seven actions: six offer-lifecycle methods (create / accept / decline /
  * retract / list / history) plus `permit_revoke` (admin-only). All mount
  * on a consumer's JSON-RPC endpoint via `create_rpc_endpoint`. The action
- * specs themselves live in `./permit_offer_action_specs.js`. Mutations
+ * specs themselves live in `auth/permit_offer_action_specs.ts`. Mutations
  * declare `side_effects: true` so the RPC dispatcher wraps the handler in
  * a DB transaction; `permit_offer_list` and `permit_offer_history` declare
  * `side_effects: false` so they are addressable via GET.

package/dist/auth/standard_action_specs.d.ts

@@ -1,7 +1,7 @@
 /**
  * Aggregate spec list mirroring `create_standard_rpc_actions` on the backend.
  *
- * `create_standard_rpc_actions` (in `./standard_rpc_actions.js`) bundles three
+ * `create_standard_rpc_actions` (in `auth/standard_rpc_actions.ts`) bundles three
  * action registries into one mounted RPC surface: admin + permit_offer +
  * account. Frontends mounting that surface need the matching spec list to
  * feed `create_rpc_client` so the typed Proxy knows about every standard

package/dist/auth/standard_action_specs.js

@@ -1,7 +1,7 @@
 /**
  * Aggregate spec list mirroring `create_standard_rpc_actions` on the backend.
  *
- * `create_standard_rpc_actions` (in `./standard_rpc_actions.js`) bundles three
+ * `create_standard_rpc_actions` (in `auth/standard_rpc_actions.ts`) bundles three
  * action registries into one mounted RPC surface: admin + permit_offer +
  * account. Frontends mounting that surface need the matching spec list to
  * feed `create_rpc_client` so the typed Proxy knows about every standard

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fuzdev/fuz_app",
-  "version": "0.48.0",
+  "version": "0.50.0",
   "description": "fullstack app library",
   "glyph": "🗝",
   "logo": "logo.svg",