npm - @fuzdev/fuz_app - Versions diffs - 0.55.0 → 0.57.0 - Mend

@fuzdev/fuz_app 0.55.0 → 0.57.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (333) hide show

package/dist/actions/CLAUDE.md +211 -155
package/dist/actions/action_bridge.d.ts +8 -5
package/dist/actions/action_bridge.d.ts.map +1 -1
package/dist/actions/action_bridge.js +1 -11
package/dist/actions/action_codegen.d.ts +19 -0
package/dist/actions/action_codegen.d.ts.map +1 -1
package/dist/actions/action_codegen.js +20 -14
package/dist/actions/action_registry.d.ts.map +1 -1
package/dist/actions/action_registry.js +5 -2
package/dist/actions/action_rpc.d.ts +110 -44
package/dist/actions/action_rpc.d.ts.map +1 -1
package/dist/actions/action_rpc.js +92 -287
package/dist/actions/action_spec.d.ts +55 -16
package/dist/actions/action_spec.d.ts.map +1 -1
package/dist/actions/action_spec.js +16 -11
package/dist/actions/action_types.d.ts +28 -60
package/dist/actions/action_types.d.ts.map +1 -1
package/dist/actions/action_types.js +13 -5
package/dist/actions/broadcast_api.d.ts +2 -2
package/dist/actions/broadcast_api.js +2 -2
package/dist/actions/compile_action_registry.d.ts +50 -0
package/dist/actions/compile_action_registry.d.ts.map +1 -0
package/dist/actions/compile_action_registry.js +69 -0
package/dist/actions/heartbeat.d.ts +8 -4
package/dist/actions/heartbeat.d.ts.map +1 -1
package/dist/actions/heartbeat.js +5 -4
package/dist/actions/perform_action.d.ts +145 -0
package/dist/actions/perform_action.d.ts.map +1 -0
package/dist/actions/perform_action.js +258 -0
package/dist/actions/register_action_ws.d.ts +44 -38
package/dist/actions/register_action_ws.d.ts.map +1 -1
package/dist/actions/register_action_ws.js +101 -159
package/dist/actions/register_ws_endpoint.d.ts +2 -10
package/dist/actions/register_ws_endpoint.d.ts.map +1 -1
package/dist/actions/register_ws_endpoint.js +32 -10
package/dist/actions/transports_ws_auth_guard.d.ts +1 -1
package/dist/actions/transports_ws_auth_guard.js +1 -1
package/dist/actions/transports_ws_backend.d.ts +1 -1
package/dist/actions/transports_ws_backend.js +1 -1
package/dist/auth/CLAUDE.md +673 -442
package/dist/auth/account_action_specs.d.ts +28 -7
package/dist/auth/account_action_specs.d.ts.map +1 -1
package/dist/auth/account_action_specs.js +7 -7
package/dist/auth/account_actions.d.ts +8 -14
package/dist/auth/account_actions.d.ts.map +1 -1
package/dist/auth/account_actions.js +26 -32
package/dist/auth/account_queries.d.ts +46 -13
package/dist/auth/account_queries.d.ts.map +1 -1
package/dist/auth/account_queries.js +73 -33
package/dist/auth/account_routes.d.ts +4 -3
package/dist/auth/account_routes.d.ts.map +1 -1
package/dist/auth/account_routes.js +58 -33
package/dist/auth/account_schema.d.ts +46 -54
package/dist/auth/account_schema.d.ts.map +1 -1
package/dist/auth/account_schema.js +21 -48
package/dist/auth/admin_action_specs.d.ts +55 -21
package/dist/auth/admin_action_specs.d.ts.map +1 -1
package/dist/auth/admin_action_specs.js +42 -26
package/dist/auth/admin_actions.d.ts +14 -21
package/dist/auth/admin_actions.d.ts.map +1 -1
package/dist/auth/admin_actions.js +47 -44
package/dist/auth/audit_emitter.d.ts +160 -0
package/dist/auth/audit_emitter.d.ts.map +1 -0
package/dist/auth/audit_emitter.js +83 -0
package/dist/auth/audit_log_queries.d.ts +17 -87
package/dist/auth/audit_log_queries.d.ts.map +1 -1
package/dist/auth/audit_log_queries.js +17 -96
package/dist/auth/audit_log_routes.d.ts +1 -1
package/dist/auth/audit_log_routes.d.ts.map +1 -1
package/dist/auth/audit_log_routes.js +7 -3
package/dist/auth/audit_log_schema.d.ts +48 -42
package/dist/auth/audit_log_schema.d.ts.map +1 -1
package/dist/auth/audit_log_schema.js +56 -43
package/dist/auth/auth_guard_resolver.d.ts +44 -0
package/dist/auth/auth_guard_resolver.d.ts.map +1 -0
package/dist/auth/auth_guard_resolver.js +56 -0
package/dist/auth/bootstrap_account.d.ts +7 -7
package/dist/auth/bootstrap_account.d.ts.map +1 -1
package/dist/auth/bootstrap_account.js +7 -7
package/dist/auth/bootstrap_routes.d.ts.map +1 -1
package/dist/auth/bootstrap_routes.js +11 -10
package/dist/auth/cleanup.d.ts +20 -26
package/dist/auth/cleanup.d.ts.map +1 -1
package/dist/auth/cleanup.js +33 -47
package/dist/auth/credential_type_schema.d.ts +115 -0
package/dist/auth/credential_type_schema.d.ts.map +1 -0
package/dist/auth/credential_type_schema.js +127 -0
package/dist/auth/daemon_token_middleware.d.ts +1 -1
package/dist/auth/daemon_token_middleware.js +3 -3
package/dist/auth/ddl.d.ts +2 -2
package/dist/auth/ddl.d.ts.map +1 -1
package/dist/auth/ddl.js +6 -6
package/dist/auth/deps.d.ts +7 -32
package/dist/auth/deps.d.ts.map +1 -1
package/dist/auth/grant_path_schema.d.ts +117 -0
package/dist/auth/grant_path_schema.d.ts.map +1 -0
package/dist/auth/grant_path_schema.js +137 -0
package/dist/auth/invite_queries.d.ts +12 -1
package/dist/auth/invite_queries.d.ts.map +1 -1
package/dist/auth/invite_queries.js +12 -1
package/dist/auth/invite_schema.d.ts +1 -1
package/dist/auth/invite_schema.d.ts.map +1 -1
package/dist/auth/invite_schema.js +1 -1
package/dist/auth/middleware.d.ts.map +1 -1
package/dist/auth/middleware.js +5 -2
package/dist/auth/migrations.d.ts +22 -7
package/dist/auth/migrations.d.ts.map +1 -1
package/dist/auth/migrations.js +64 -25
package/dist/auth/request_context.d.ts +157 -170
package/dist/auth/request_context.d.ts.map +1 -1
package/dist/auth/request_context.js +224 -268
package/dist/auth/{permit_offer_action_specs.d.ts → role_grant_offer_action_specs.d.ts} +130 -100
package/dist/auth/role_grant_offer_action_specs.d.ts.map +1 -0
package/dist/auth/role_grant_offer_action_specs.js +262 -0
package/dist/auth/role_grant_offer_actions.d.ts +104 -0
package/dist/auth/role_grant_offer_actions.d.ts.map +1 -0
package/dist/auth/{permit_offer_actions.js → role_grant_offer_actions.js} +153 -140
package/dist/auth/{permit_offer_notifications.d.ts → role_grant_offer_notifications.d.ts} +80 -70
package/dist/auth/role_grant_offer_notifications.d.ts.map +1 -0
package/dist/auth/role_grant_offer_notifications.js +182 -0
package/dist/auth/{permit_offer_queries.d.ts → role_grant_offer_queries.d.ts} +64 -64
package/dist/auth/role_grant_offer_queries.d.ts.map +1 -0
package/dist/auth/{permit_offer_queries.js → role_grant_offer_queries.js} +136 -123
package/dist/auth/role_grant_offer_schema.d.ts +150 -0
package/dist/auth/role_grant_offer_schema.d.ts.map +1 -0
package/dist/auth/{permit_offer_schema.js → role_grant_offer_schema.js} +55 -36
package/dist/auth/role_grant_queries.d.ts +231 -0
package/dist/auth/role_grant_queries.d.ts.map +1 -0
package/dist/auth/role_grant_queries.js +320 -0
package/dist/auth/role_schema.d.ts +150 -40
package/dist/auth/role_schema.d.ts.map +1 -1
package/dist/auth/role_schema.js +144 -45
package/dist/auth/scope_kind_schema.d.ts +96 -0
package/dist/auth/scope_kind_schema.d.ts.map +1 -0
package/dist/auth/scope_kind_schema.js +94 -0
package/dist/auth/self_service_role_action_specs.d.ts +4 -1
package/dist/auth/self_service_role_action_specs.d.ts.map +1 -1
package/dist/auth/self_service_role_action_specs.js +2 -2
package/dist/auth/self_service_role_actions.d.ts +35 -29
package/dist/auth/self_service_role_actions.d.ts.map +1 -1
package/dist/auth/self_service_role_actions.js +58 -48
package/dist/auth/session_cookie.d.ts +43 -6
package/dist/auth/session_cookie.d.ts.map +1 -1
package/dist/auth/session_cookie.js +31 -5
package/dist/auth/session_middleware.d.ts +37 -3
package/dist/auth/session_middleware.d.ts.map +1 -1
package/dist/auth/session_middleware.js +33 -7
package/dist/auth/signup_routes.d.ts.map +1 -1
package/dist/auth/signup_routes.js +48 -19
package/dist/auth/standard_action_specs.d.ts +2 -2
package/dist/auth/standard_action_specs.js +4 -4
package/dist/auth/standard_rpc_actions.d.ts +23 -19
package/dist/auth/standard_rpc_actions.d.ts.map +1 -1
package/dist/auth/standard_rpc_actions.js +12 -12
package/dist/db/migrate.d.ts +1 -1
package/dist/db/migrate.js +1 -1
package/dist/dev/setup.d.ts +2 -2
package/dist/dev/setup.d.ts.map +1 -1
package/dist/dev/setup.js +4 -4
package/dist/env/load.d.ts +1 -1
package/dist/env/load.js +1 -1
package/dist/hono_context.d.ts +27 -45
package/dist/hono_context.d.ts.map +1 -1
package/dist/hono_context.js +14 -28
package/dist/http/CLAUDE.md +235 -121
package/dist/http/auth_shape.d.ts +191 -0
package/dist/http/auth_shape.d.ts.map +1 -0
package/dist/http/auth_shape.js +237 -0
package/dist/http/common_routes.js +3 -3
package/dist/http/db_routes.d.ts +4 -0
package/dist/http/db_routes.d.ts.map +1 -1
package/dist/http/db_routes.js +44 -7
package/dist/http/error_schemas.d.ts +72 -39
package/dist/http/error_schemas.d.ts.map +1 -1
package/dist/http/error_schemas.js +81 -33
package/dist/http/pending_effects.d.ts +71 -18
package/dist/http/pending_effects.d.ts.map +1 -1
package/dist/http/pending_effects.js +87 -18
package/dist/http/proxy.d.ts +52 -5
package/dist/http/proxy.d.ts.map +1 -1
package/dist/http/proxy.js +92 -14
package/dist/http/route_spec.d.ts +89 -75
package/dist/http/route_spec.d.ts.map +1 -1
package/dist/http/route_spec.js +54 -72
package/dist/http/schema_helpers.d.ts +3 -14
package/dist/http/schema_helpers.d.ts.map +1 -1
package/dist/http/schema_helpers.js +2 -14
package/dist/http/surface.d.ts +2 -10
package/dist/http/surface.d.ts.map +1 -1
package/dist/http/surface.js +3 -4
package/dist/http/surface_query.d.ts +39 -35
package/dist/http/surface_query.d.ts.map +1 -1
package/dist/http/surface_query.js +79 -36
package/dist/primitive_schemas.d.ts +39 -0
package/dist/primitive_schemas.d.ts.map +1 -0
package/dist/primitive_schemas.js +40 -0
package/dist/realtime/sse_auth_guard.d.ts +5 -5
package/dist/realtime/sse_auth_guard.js +9 -9
package/dist/runtime/mock.d.ts +1 -1
package/dist/runtime/mock.js +1 -1
package/dist/server/app_backend.d.ts +14 -11
package/dist/server/app_backend.d.ts.map +1 -1
package/dist/server/app_backend.js +12 -8
package/dist/server/app_server.d.ts +7 -7
package/dist/server/app_server.d.ts.map +1 -1
package/dist/server/app_server.js +35 -40
package/dist/server/validate_nginx.d.ts +1 -1
package/dist/server/validate_nginx.js +1 -1
package/dist/testing/CLAUDE.md +50 -38
package/dist/testing/admin_integration.d.ts +5 -6
package/dist/testing/admin_integration.d.ts.map +1 -1
package/dist/testing/admin_integration.js +87 -85
package/dist/testing/app_server.d.ts +11 -14
package/dist/testing/app_server.d.ts.map +1 -1
package/dist/testing/app_server.js +16 -15
package/dist/testing/assertions.d.ts.map +1 -1
package/dist/testing/assertions.js +2 -1
package/dist/testing/attack_surface.d.ts.map +1 -1
package/dist/testing/attack_surface.js +15 -9
package/dist/testing/audit_completeness.d.ts +2 -2
package/dist/testing/audit_completeness.d.ts.map +1 -1
package/dist/testing/audit_completeness.js +36 -36
package/dist/testing/auth_apps.d.ts +5 -4
package/dist/testing/auth_apps.d.ts.map +1 -1
package/dist/testing/auth_apps.js +22 -19
package/dist/testing/data_exposure.d.ts.map +1 -1
package/dist/testing/data_exposure.js +5 -5
package/dist/testing/db.d.ts +1 -1
package/dist/testing/db.d.ts.map +1 -1
package/dist/testing/db.js +4 -4
package/dist/testing/db_entities.d.ts +22 -0
package/dist/testing/db_entities.d.ts.map +1 -0
package/dist/testing/db_entities.js +28 -0
package/dist/testing/entities.d.ts +8 -7
package/dist/testing/entities.d.ts.map +1 -1
package/dist/testing/entities.js +21 -18
package/dist/testing/integration.d.ts.map +1 -1
package/dist/testing/integration.js +13 -14
package/dist/testing/integration_helpers.d.ts +4 -4
package/dist/testing/integration_helpers.d.ts.map +1 -1
package/dist/testing/integration_helpers.js +20 -18
package/dist/testing/middleware.d.ts +4 -4
package/dist/testing/middleware.d.ts.map +1 -1
package/dist/testing/middleware.js +12 -11
package/dist/testing/rpc_attack_surface.d.ts.map +1 -1
package/dist/testing/rpc_attack_surface.js +40 -24
package/dist/testing/rpc_round_trip.d.ts +1 -1
package/dist/testing/rpc_round_trip.d.ts.map +1 -1
package/dist/testing/rpc_round_trip.js +14 -13
package/dist/testing/sse_round_trip.d.ts +3 -4
package/dist/testing/sse_round_trip.d.ts.map +1 -1
package/dist/testing/sse_round_trip.js +7 -11
package/dist/testing/standard.d.ts +1 -1
package/dist/testing/stubs.d.ts +25 -0
package/dist/testing/stubs.d.ts.map +1 -1
package/dist/testing/stubs.js +43 -2
package/dist/testing/surface_invariants.d.ts +14 -6
package/dist/testing/surface_invariants.d.ts.map +1 -1
package/dist/testing/surface_invariants.js +119 -43
package/dist/testing/ws_round_trip.d.ts +12 -13
package/dist/testing/ws_round_trip.d.ts.map +1 -1
package/dist/testing/ws_round_trip.js +19 -11
package/dist/ui/AdminAccounts.svelte +23 -20
package/dist/ui/AdminOverview.svelte +15 -13
package/dist/ui/AdminOverview.svelte.d.ts.map +1 -1
package/dist/ui/{AdminPermitHistory.svelte → AdminRoleGrantHistory.svelte} +12 -12
package/dist/ui/AdminRoleGrantHistory.svelte.d.ts +4 -0
package/dist/ui/AdminRoleGrantHistory.svelte.d.ts.map +1 -0
package/dist/ui/BootstrapForm.svelte +1 -1
package/dist/ui/CLAUDE.md +60 -60
package/dist/ui/{PermitOfferForm.svelte → RoleGrantOfferForm.svelte} +27 -26
package/dist/ui/{PermitOfferForm.svelte.d.ts → RoleGrantOfferForm.svelte.d.ts} +7 -7
package/dist/ui/RoleGrantOfferForm.svelte.d.ts.map +1 -0
package/dist/ui/{PermitOfferHistory.svelte → RoleGrantOfferHistory.svelte} +12 -12
package/dist/ui/{PermitOfferHistory.svelte.d.ts → RoleGrantOfferHistory.svelte.d.ts} +4 -4
package/dist/ui/RoleGrantOfferHistory.svelte.d.ts.map +1 -0
package/dist/ui/{PermitOfferInbox.svelte → RoleGrantOfferInbox.svelte} +14 -14
package/dist/ui/{PermitOfferInbox.svelte.d.ts → RoleGrantOfferInbox.svelte.d.ts} +4 -4
package/dist/ui/RoleGrantOfferInbox.svelte.d.ts.map +1 -0
package/dist/ui/SignupForm.svelte +1 -1
package/dist/ui/SurfaceExplorer.svelte +35 -15
package/dist/ui/SurfaceExplorer.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.d.ts +2 -3
package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.js +2 -3
package/dist/ui/admin_accounts_state.svelte.d.ts +18 -18
package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -1
package/dist/ui/admin_accounts_state.svelte.js +16 -16
package/dist/ui/admin_rpc_adapters.d.ts +20 -20
package/dist/ui/admin_rpc_adapters.d.ts.map +1 -1
package/dist/ui/admin_rpc_adapters.js +17 -17
package/dist/ui/admin_sessions_state.svelte.d.ts +2 -2
package/dist/ui/admin_sessions_state.svelte.js +2 -2
package/dist/ui/audit_log_state.svelte.d.ts +7 -7
package/dist/ui/audit_log_state.svelte.d.ts.map +1 -1
package/dist/ui/audit_log_state.svelte.js +6 -6
package/dist/ui/auth_state.svelte.d.ts +3 -3
package/dist/ui/auth_state.svelte.d.ts.map +1 -1
package/dist/ui/auth_state.svelte.js +6 -6
package/dist/ui/format_scope.d.ts +2 -2
package/dist/ui/format_scope.js +2 -2
package/dist/ui/{permit_offers_state.svelte.d.ts → role_grant_offers_state.svelte.d.ts} +30 -30
package/dist/ui/role_grant_offers_state.svelte.d.ts.map +1 -0
package/dist/ui/{permit_offers_state.svelte.js → role_grant_offers_state.svelte.js} +18 -18
package/dist/ui/ui_format.js +2 -2
package/package.json +3 -3
package/dist/auth/permit_offer_action_specs.d.ts.map +0 -1
package/dist/auth/permit_offer_action_specs.js +0 -258
package/dist/auth/permit_offer_actions.d.ts +0 -110
package/dist/auth/permit_offer_actions.d.ts.map +0 -1
package/dist/auth/permit_offer_notifications.d.ts.map +0 -1
package/dist/auth/permit_offer_notifications.js +0 -182
package/dist/auth/permit_offer_queries.d.ts.map +0 -1
package/dist/auth/permit_offer_schema.d.ts +0 -125
package/dist/auth/permit_offer_schema.d.ts.map +0 -1
package/dist/auth/permit_queries.d.ts +0 -222
package/dist/auth/permit_queries.d.ts.map +0 -1
package/dist/auth/permit_queries.js +0 -305
package/dist/auth/require_keeper.d.ts +0 -20
package/dist/auth/require_keeper.d.ts.map +0 -1
package/dist/auth/require_keeper.js +0 -35
package/dist/auth/route_guards.d.ts +0 -27
package/dist/auth/route_guards.d.ts.map +0 -1
package/dist/auth/route_guards.js +0 -38
package/dist/auth/session_lifecycle.d.ts +0 -37
package/dist/auth/session_lifecycle.d.ts.map +0 -1
package/dist/auth/session_lifecycle.js +0 -29
package/dist/ui/AdminPermitHistory.svelte.d.ts +0 -4
package/dist/ui/AdminPermitHistory.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferForm.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferHistory.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferInbox.svelte.d.ts.map +0 -1
package/dist/ui/permit_offers_state.svelte.d.ts.map +0 -1

package/dist/ui/admin_rpc_adapters.d.ts CHANGED Viewed

@@ -7,11 +7,11 @@
  * admin shell layout wire everything.
  *
  * Intentionally admin-only despite the backend-side
- * `create_standard_rpc_actions` rename (admin + permit-offer + account).
+ * `create_standard_rpc_actions` rename (admin + role-grant-offer + account).
  * Account-surface methods flow through `account_sessions_rpc_context`
- * (wired at the self-service layout), and permit-offer methods that
- * surface in the admin UI (`permit_offer_create`, `permit_revoke`,
- * `permit_offer_retract`) live inside the `AdminAccountsRpc` interface —
+ * (wired at the self-service layout), and role-grant-offer methods that
+ * surface in the admin UI (`role_grant_offer_create`, `role_grant_revoke`,
+ * `role_grant_offer_retract`) live inside the `AdminAccountsRpc` interface —
  * they belong to the admin UX, not a separate wire pairing. The UI side
  * and backend factory names diverge by design.
  *
@@ -21,8 +21,8 @@
  * ```
  *
  * The throwing Proxy spreads the JSON-RPC `{code, message, data?}` onto
- * the thrown `Error` so form components (e.g. `ui/PermitOfferForm.svelte`)
- * can match on `error.data?.reason` via `ERROR_OFFER_*` constants —
+ * the thrown `Error` so form components (e.g. `ui/RoleGrantOfferForm.svelte`)
+ * can match on `error.data?.reason` via `ERROR_ROLE_GRANT_OFFER_*` constants —
  * optional chaining is required because JSON-RPC `data` is spec-level
  * optional. Consumers that need a custom unwrap strategy can construct
  * their own object satisfying `AdminRpcApi` and pass it directly.
@@ -32,8 +32,8 @@
  *
  * @module
  */
-import type { AdminAccountListOutput, AdminSessionListOutput, AdminSessionRevokeAllInput, AdminSessionRevokeAllOutput, AdminTokenRevokeAllInput, AdminTokenRevokeAllOutput, AuditLogListInput, AuditLogListOutput, AuditLogPermitHistoryInput, AuditLogPermitHistoryOutput, InviteCreateInput, InviteCreateOutput, InviteDeleteInput, InviteDeleteOutput, InviteListOutput, AppSettingsGetOutput, AppSettingsUpdateInput, AppSettingsUpdateOutput } from '../auth/admin_action_specs.js';
-import type { PermitOfferCreateInput, PermitOfferCreateOutput, PermitOfferRetractInput, PermitOfferOkOutput, PermitRevokeInput, PermitRevokeOutput } from '../auth/permit_offer_action_specs.js';
+import type { AdminAccountListOutput, AdminSessionListOutput, AdminSessionRevokeAllInput, AdminSessionRevokeAllOutput, AdminTokenRevokeAllInput, AdminTokenRevokeAllOutput, AuditLogListInput, AuditLogListOutput, AuditLogRoleGrantHistoryInput, AuditLogRoleGrantHistoryOutput, InviteCreateInput, InviteCreateOutput, InviteDeleteInput, InviteDeleteOutput, InviteListOutput, AppSettingsGetOutput, AppSettingsUpdateInput, AppSettingsUpdateOutput } from '../auth/admin_action_specs.js';
+import type { RoleGrantOfferCreateInput, RoleGrantOfferCreateOutput, RoleGrantOfferRetractInput, RoleGrantOfferOkOutput, RoleGrantRevokeInput, RoleGrantRevokeOutput } from '../auth/role_grant_offer_action_specs.js';
 import { type AdminAccountsRpc } from './admin_accounts_state.svelte.js';
 import { type AdminInvitesRpc } from './admin_invites_state.svelte.js';
 import { type AuditLogRpc } from './audit_log_state.svelte.js';
@@ -56,15 +56,15 @@ export interface AdminRpcApi {
     admin_session_revoke_all: (input: AdminSessionRevokeAllInput) => Promise<AdminSessionRevokeAllOutput>;
     admin_token_revoke_all: (input: AdminTokenRevokeAllInput) => Promise<AdminTokenRevokeAllOutput>;
     audit_log_list: (input: AuditLogListInput) => Promise<AuditLogListOutput>;
-    audit_log_permit_history: (input: AuditLogPermitHistoryInput) => Promise<AuditLogPermitHistoryOutput>;
+    audit_log_role_grant_history: (input: AuditLogRoleGrantHistoryInput) => Promise<AuditLogRoleGrantHistoryOutput>;
     invite_list: () => Promise<InviteListOutput>;
     invite_create: (input: InviteCreateInput) => Promise<InviteCreateOutput>;
     invite_delete: (input: InviteDeleteInput) => Promise<InviteDeleteOutput>;
     app_settings_get: () => Promise<AppSettingsGetOutput>;
     app_settings_update: (input: AppSettingsUpdateInput) => Promise<AppSettingsUpdateOutput>;
-    permit_offer_create: (input: PermitOfferCreateInput) => Promise<PermitOfferCreateOutput>;
-    permit_offer_retract: (input: PermitOfferRetractInput) => Promise<PermitOfferOkOutput>;
-    permit_revoke: (input: PermitRevokeInput) => Promise<PermitRevokeOutput>;
+    role_grant_offer_create: (input: RoleGrantOfferCreateInput) => Promise<RoleGrantOfferCreateOutput>;
+    role_grant_offer_retract: (input: RoleGrantOfferRetractInput) => Promise<RoleGrantOfferOkOutput>;
+    role_grant_revoke: (input: RoleGrantRevokeInput) => Promise<RoleGrantRevokeOutput>;
 }
 /** The four admin RPC adapters assembled from a shared `api`. */
 export interface AdminRpcAdapters {
@@ -82,16 +82,16 @@ export interface AdminRpcAdapters {
  * | ----------------------------------- | ---------------------------- |
  * | `admin_accounts.list_accounts`      | `admin_account_list`         |
  * | `admin_accounts.list_sessions`      | `admin_session_list`         |
- * | `admin_accounts.grant_permit`       | `permit_offer_create`        |
- * | `admin_accounts.revoke_permit`      | `permit_revoke`              |
- * | `admin_accounts.retract_offer`      | `permit_offer_retract`       |
+ * | `admin_accounts.create_role_grant`       | `role_grant_offer_create`        |
+ * | `admin_accounts.revoke_role_grant`      | `role_grant_revoke`              |
+ * | `admin_accounts.retract_offer`      | `role_grant_offer_retract`       |
  * | `admin_accounts.session_revoke_all` | `admin_session_revoke_all`   |
  * | `admin_accounts.token_revoke_all`   | `admin_token_revoke_all`     |
  * | `admin_invites.list`                | `invite_list`                |
  * | `admin_invites.create`              | `invite_create`              |
  * | `admin_invites.delete`              | `invite_delete`              |
  * | `audit_log.list`                    | `audit_log_list`             |
- * | `audit_log.permit_history`          | `audit_log_permit_history`   |
+ * | `audit_log.role_grant_history`          | `audit_log_role_grant_history`   |
  * | `app_settings.get`                  | `app_settings_get`           |
  * | `app_settings.update`               | `app_settings_update`        |
  *
@@ -103,7 +103,7 @@ export declare const create_admin_rpc_adapters: (api: AdminRpcApi) => AdminRpcAd
 /** Optional knobs alongside the adapters when wiring admin contexts. */
 export interface ProvideAdminRpcContextsOptions {
     /**
-     * Render `{scope_id, role}` as a human label across permit-display
+     * Render `{scope_id, role}` as a human label across role-grant-display
      * components. Omit (or return `null`) to fall back to the raw uuid.
      */
     format_scope?: FormatScope;
@@ -120,9 +120,9 @@ export interface ProvideAdminRpcContextsOptions {
  * whole adapter set requires calling `provide_admin_rpc_contexts` again
  * during init — in practice this is one-shot at layout mount.
  *
- * Pass `options.format_scope` to render permit/offer `scope_id` values as
- * human labels across `AdminAccounts`, `AdminPermitHistory`,
- * `PermitOfferInbox`, `PermitOfferForm`, and `PermitOfferHistory`.
+ * Pass `options.format_scope` to render role_grant/offer `scope_id` values as
+ * human labels across `AdminAccounts`, `AdminRoleGrantHistory`,
+ * `RoleGrantOfferInbox`, `RoleGrantOfferForm`, and `RoleGrantOfferHistory`.
  * Components that accept a `format_scope` prop honor the prop first; the
  * context is the fallback.
  */

package/dist/ui/admin_rpc_adapters.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"admin_rpc_adapters.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_rpc_adapters.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,OAAO,KAAK,EACX,sBAAsB,EACtB,sBAAsB,EACtB,0BAA0B,EAC1B,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,iBAAiB,EACjB,kBAAkB,EAClB,~~0BAA0B~~,~~EAC1B~~,~~2BAA2B~~,~~EAC3B~~,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EACX,~~sBAAsB~~,~~EACtB~~,~~uBAAuB~~,~~EACvB~~,~~uBAAuB~~,~~EACvB~~,~~mBAAmB~~,~~EACnB~~,~~iBAAiB~~,~~EACjB~~,~~kBAAkB~~,~~EAClB~~,MAAM,~~sCAAsC~~,CAAC;~~AAC9C~~,OAAO,EAA6B,KAAK,gBAAgB,EAAC,MAAM,kCAAkC,CAAC;AACnG,OAAO,EAA4B,KAAK,eAAe,EAAC,MAAM,iCAAiC,CAAC;AAChG,OAAO,EAAwB,KAAK,WAAW,EAAC,MAAM,6BAA6B,CAAC;AACpF,OAAO,EAA2B,KAAK,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAC7F,OAAO,EAAuB,KAAK,WAAW,EAAC,MAAM,mBAAmB,CAAC;AAEzE;;;;;;;;;;GAUG;AACH,MAAM,WAAW,WAAW;IAC3B,kBAAkB,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC1D,kBAAkB,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC1D,wBAAwB,EAAE,CACzB,KAAK,EAAE,0BAA0B,KAC7B,OAAO,CAAC,2BAA2B,CAAC,CAAC;IAC1C,sBAAsB,EAAE,CAAC,KAAK,EAAE,wBAAwB,KAAK,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAChG,cAAc,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC1E,~~wBAAwB~~,EAAE,~~CACzB~~,KAAK,EAAE,~~0BAA0B~~,~~KAC7B~~,OAAO,CAAC,~~2BAA2B~~,CAAC,CAAC;~~IAC1C~~,WAAW,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC7C,aAAa,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACzE,gBAAgB,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACtD,mBAAmB,EAAE,CAAC,KAAK,EAAE,sBAAsB,KAAK,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACzF,~~mBAAmB~~,EAAE,~~CAAC~~,KAAK,EAAE,~~sBAAsB~~,~~KAAK~~,OAAO,CAAC,~~uBAAuB~~,CAAC,CAAC;~~IACzF~~,~~oBAAoB~~,EAAE,CAAC,KAAK,EAAE,~~uBAAuB~~,KAAK,OAAO,CAAC,~~mBAAmB~~,CAAC,CAAC;~~IACvF~~,~~aAAa~~,EAAE,CAAC,KAAK,EAAE,~~iBAAiB~~,KAAK,OAAO,CAAC,~~kBAAkB~~,CAAC,CAAC;~~CACzE~~;AAED,iEAAiE;AACjE,MAAM,WAAW,gBAAgB;IAChC,cAAc,EAAE,gBAAgB,CAAC;IACjC,aAAa,EAAE,eAAe,CAAC;IAC/B,SAAS,EAAE,WAAW,CAAC;IACvB,YAAY,EAAE,cAAc,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,yBAAyB,GAAI,KAAK,WAAW,KAAG,gBAuB3D,CAAC;AAEH,wEAAwE;AACxE,MAAM,WAAW,8BAA8B;IAC9C;;;OAGG;IACH,YAAY,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,0BAA0B,GACtC,UAAU,gBAAgB,EAC1B,UAAU,8BAA8B,KACtC,IASF,CAAC"}
1	+ {"version":3,"file":"admin_rpc_adapters.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_rpc_adapters.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,OAAO,KAAK,EACX,sBAAsB,EACtB,sBAAsB,EACtB,0BAA0B,EAC1B,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,iBAAiB,EACjB,kBAAkB,EAClB,6BAA6B,EAC7B,8BAA8B,EAC9B,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EACX,yBAAyB,EACzB,0BAA0B,EAC1B,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,qBAAqB,EACrB,MAAM,0CAA0C,CAAC;AAClD,OAAO,EAA6B,KAAK,gBAAgB,EAAC,MAAM,kCAAkC,CAAC;AACnG,OAAO,EAA4B,KAAK,eAAe,EAAC,MAAM,iCAAiC,CAAC;AAChG,OAAO,EAAwB,KAAK,WAAW,EAAC,MAAM,6BAA6B,CAAC;AACpF,OAAO,EAA2B,KAAK,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAC7F,OAAO,EAAuB,KAAK,WAAW,EAAC,MAAM,mBAAmB,CAAC;AAEzE;;;;;;;;;;GAUG;AACH,MAAM,WAAW,WAAW;IAC3B,kBAAkB,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC1D,kBAAkB,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC1D,wBAAwB,EAAE,CACzB,KAAK,EAAE,0BAA0B,KAC7B,OAAO,CAAC,2BAA2B,CAAC,CAAC;IAC1C,sBAAsB,EAAE,CAAC,KAAK,EAAE,wBAAwB,KAAK,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAChG,cAAc,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC1E,4BAA4B,EAAE,CAC7B,KAAK,EAAE,6BAA6B,KAChC,OAAO,CAAC,8BAA8B,CAAC,CAAC;IAC7C,WAAW,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC7C,aAAa,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACzE,gBAAgB,EAAE,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACtD,mBAAmB,EAAE,CAAC,KAAK,EAAE,sBAAsB,KAAK,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACzF,uBAAuB,EAAE,CACxB,KAAK,EAAE,yBAAyB,KAC5B,OAAO,CAAC,0BAA0B,CAAC,CAAC;IACzC,wBAAwB,EAAE,CAAC,KAAK,EAAE,0BAA0B,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACjG,iBAAiB,EAAE,CAAC,KAAK,EAAE,oBAAoB,KAAK,OAAO,CAAC,qBAAqB,CAAC,CAAC;CACnF;AAED,iEAAiE;AACjE,MAAM,WAAW,gBAAgB;IAChC,cAAc,EAAE,gBAAgB,CAAC;IACjC,aAAa,EAAE,eAAe,CAAC;IAC/B,SAAS,EAAE,WAAW,CAAC;IACvB,YAAY,EAAE,cAAc,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,yBAAyB,GAAI,KAAK,WAAW,KAAG,gBAuB3D,CAAC;AAEH,wEAAwE;AACxE,MAAM,WAAW,8BAA8B;IAC9C;;;OAGG;IACH,YAAY,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,0BAA0B,GACtC,UAAU,gBAAgB,EAC1B,UAAU,8BAA8B,KACtC,IASF,CAAC"}

package/dist/ui/admin_rpc_adapters.js CHANGED Viewed

@@ -7,11 +7,11 @@
  * admin shell layout wire everything.
  *
  * Intentionally admin-only despite the backend-side
- * `create_standard_rpc_actions` rename (admin + permit-offer + account).
+ * `create_standard_rpc_actions` rename (admin + role-grant-offer + account).
  * Account-surface methods flow through `account_sessions_rpc_context`
- * (wired at the self-service layout), and permit-offer methods that
- * surface in the admin UI (`permit_offer_create`, `permit_revoke`,
- * `permit_offer_retract`) live inside the `AdminAccountsRpc` interface —
+ * (wired at the self-service layout), and role-grant-offer methods that
+ * surface in the admin UI (`role_grant_offer_create`, `role_grant_revoke`,
+ * `role_grant_offer_retract`) live inside the `AdminAccountsRpc` interface —
  * they belong to the admin UX, not a separate wire pairing. The UI side
  * and backend factory names diverge by design.
  *
@@ -21,8 +21,8 @@
  * ```
  *
  * The throwing Proxy spreads the JSON-RPC `{code, message, data?}` onto
- * the thrown `Error` so form components (e.g. `ui/PermitOfferForm.svelte`)
- * can match on `error.data?.reason` via `ERROR_OFFER_*` constants —
+ * the thrown `Error` so form components (e.g. `ui/RoleGrantOfferForm.svelte`)
+ * can match on `error.data?.reason` via `ERROR_ROLE_GRANT_OFFER_*` constants —
  * optional chaining is required because JSON-RPC `data` is spec-level
  * optional. Consumers that need a custom unwrap strategy can construct
  * their own object satisfying `AdminRpcApi` and pass it directly.
@@ -46,16 +46,16 @@ import { format_scope_context } from './format_scope.js';
  * | ----------------------------------- | ---------------------------- |
  * | `admin_accounts.list_accounts`      | `admin_account_list`         |
  * | `admin_accounts.list_sessions`      | `admin_session_list`         |
- * | `admin_accounts.grant_permit`       | `permit_offer_create`        |
- * | `admin_accounts.revoke_permit`      | `permit_revoke`              |
- * | `admin_accounts.retract_offer`      | `permit_offer_retract`       |
+ * | `admin_accounts.create_role_grant`       | `role_grant_offer_create`        |
+ * | `admin_accounts.revoke_role_grant`      | `role_grant_revoke`              |
+ * | `admin_accounts.retract_offer`      | `role_grant_offer_retract`       |
  * | `admin_accounts.session_revoke_all` | `admin_session_revoke_all`   |
  * | `admin_accounts.token_revoke_all`   | `admin_token_revoke_all`     |
  * | `admin_invites.list`                | `invite_list`                |
  * | `admin_invites.create`              | `invite_create`              |
  * | `admin_invites.delete`              | `invite_delete`              |
  * | `audit_log.list`                    | `audit_log_list`             |
- * | `audit_log.permit_history`          | `audit_log_permit_history`   |
+ * | `audit_log.role_grant_history`          | `audit_log_role_grant_history`   |
  * | `app_settings.get`                  | `app_settings_get`           |
  * | `app_settings.update`               | `app_settings_update`        |
  *
@@ -67,9 +67,9 @@ export const create_admin_rpc_adapters = (api) => ({
     admin_accounts: {
         list_accounts: () => api.admin_account_list(),
         list_sessions: () => api.admin_session_list(),
-        grant_permit: (params) => api.permit_offer_create(params),
-        revoke_permit: (params) => api.permit_revoke(params),
-        retract_offer: (offer_id) => api.permit_offer_retract({ offer_id }),
+        create_role_grant: (params) => api.role_grant_offer_create(params),
+        revoke_role_grant: (params) => api.role_grant_revoke(params),
+        retract_offer: (offer_id) => api.role_grant_offer_retract({ offer_id }),
         session_revoke_all: (params) => api.admin_session_revoke_all(params),
         token_revoke_all: (params) => api.admin_token_revoke_all(params),
     },
@@ -80,7 +80,7 @@ export const create_admin_rpc_adapters = (api) => ({
     },
     audit_log: {
         list: (options) => api.audit_log_list(options ?? {}),
-        permit_history: (params) => api.audit_log_permit_history(params ?? {}),
+        role_grant_history: (params) => api.audit_log_role_grant_history(params ?? {}),
     },
     app_settings: {
         get: () => api.app_settings_get(),
@@ -99,9 +99,9 @@ export const create_admin_rpc_adapters = (api) => ({
  * whole adapter set requires calling `provide_admin_rpc_contexts` again
  * during init — in practice this is one-shot at layout mount.
  *
- * Pass `options.format_scope` to render permit/offer `scope_id` values as
- * human labels across `AdminAccounts`, `AdminPermitHistory`,
- * `PermitOfferInbox`, `PermitOfferForm`, and `PermitOfferHistory`.
+ * Pass `options.format_scope` to render role_grant/offer `scope_id` values as
+ * human labels across `AdminAccounts`, `AdminRoleGrantHistory`,
+ * `RoleGrantOfferInbox`, `RoleGrantOfferForm`, and `RoleGrantOfferHistory`.
  * Components that accept a `format_scope` prop honor the prop first; the
  * context is the fallback.
  */

package/dist/ui/admin_sessions_state.svelte.d.ts CHANGED Viewed

@@ -3,8 +3,8 @@
  *
  * Both the listing and the two revoke-all mutations flow through the shared
  * `AdminAccountsRpc` adapter (`list_sessions`, `session_revoke_all`,
- * `token_revoke_all`). The former REST `GET /api/admin/sessions` route moved
- * to the `admin_session_list` RPC method in the 2026-04-23 migration.
+ * `token_revoke_all`); the listing wraps the `admin_session_list` RPC
+ * method.
  *
  * @module
  */

package/dist/ui/admin_sessions_state.svelte.js CHANGED Viewed

@@ -3,8 +3,8 @@
  *
  * Both the listing and the two revoke-all mutations flow through the shared
  * `AdminAccountsRpc` adapter (`list_sessions`, `session_revoke_all`,
- * `token_revoke_all`). The former REST `GET /api/admin/sessions` route moved
- * to the `admin_session_list` RPC method in the 2026-04-23 migration.
+ * `token_revoke_all`); the listing wraps the `admin_session_list` RPC
+ * method.
  *
  * @module
  */

package/dist/ui/audit_log_state.svelte.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * Reactive state for the audit log viewer.
  *
- * Two fetch primitives (`fetch` for events, `fetch_permit_history` for the
+ * Two fetch primitives (`fetch` for events, `fetch_role_grant_history` for the
  * grant/revoke shortcut) flow through an injected RPC adapter; the SSE
  * stream continues to use `EventSource` directly — streams aren't an RPC
  * concern.
@@ -9,8 +9,8 @@
  * @module
  */
 import { Loadable } from './loadable.svelte.js';
-import type { AuditLogEventWithUsernamesJson, PermitHistoryEventJson } from '../auth/audit_log_schema.js';
-import type { AuditLogListInput, AuditLogListOutput, AuditLogPermitHistoryInput, AuditLogPermitHistoryOutput } from '../auth/admin_action_specs.js';
+import type { AuditLogEventWithUsernamesJson, RoleGrantHistoryEventJson } from '../auth/audit_log_schema.js';
+import type { AuditLogListInput, AuditLogListOutput, AuditLogRoleGrantHistoryInput, AuditLogRoleGrantHistoryOutput } from '../auth/admin_action_specs.js';
 /**
  * Narrow RPC surface consumed by `AuditLogState`. Consumers adapt their typed
  * RPC client to this shape. Mirrors `AdminAccountsRpc` / `AdminInvitesRpc`.
@@ -19,7 +19,7 @@ import type { AuditLogListInput, AuditLogListOutput, AuditLogPermitHistoryInput,
  */
 export interface AuditLogRpc {
     list: (input?: AuditLogListInput) => Promise<AuditLogListOutput>;
-    permit_history: (input?: AuditLogPermitHistoryInput) => Promise<AuditLogPermitHistoryOutput>;
+    role_grant_history: (input?: AuditLogRoleGrantHistoryInput) => Promise<AuditLogRoleGrantHistoryOutput>;
 }
 /**
  * Svelte context carrying the reactive `AuditLogRpc` accessor. Mirrors
@@ -41,15 +41,15 @@ export interface AuditLogStateOptions {
 export declare class AuditLogState extends Loadable {
     #private;
     events: Array<AuditLogEventWithUsernamesJson>;
-    permit_history_events: Array<PermitHistoryEventJson>;
+    role_grant_history_events: Array<RoleGrantHistoryEventJson>;
     readonly count: number;
     /** Whether the SSE stream is currently connected. */
     connected: boolean;
     constructor(options?: AuditLogStateOptions);
-    /** True when an RPC adapter is wired. `fetch`/`fetch_permit_history` no-op without it. */
+    /** True when an RPC adapter is wired. `fetch`/`fetch_role_grant_history` no-op without it. */
     get has_rpc(): boolean;
     fetch(options?: AuditLogListInput): Promise<void>;
-    fetch_permit_history(limit?: number, offset?: number): Promise<void>;
+    fetch_role_grant_history(limit?: number, offset?: number): Promise<void>;
     /**
      * Connect to the SSE stream for realtime audit events.
      *

package/dist/ui/audit_log_state.svelte.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"audit_log_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/audit_log_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAEX,8BAA8B,EAC9B,~~sBAAsB~~,~~EACtB~~,MAAM,6BAA6B,CAAC;AACrC,OAAO,KAAK,EACX,iBAAiB,EACjB,kBAAkB,EAClB,~~0BAA0B~~,~~EAC1B~~,~~2BAA2B~~,~~EAC3B~~,MAAM,+BAA+B,CAAC;AAGvC;;;;;GAKG;AACH,MAAM,WAAW,WAAW;IAC3B,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACjE,~~cAAc~~,EAAE,~~CAAC~~,KAAK,CAAC,EAAE,~~0BAA0B~~,~~KAAK~~,OAAO,CAAC,~~2BAA2B~~,CAAC,CAAC;~~CAC7F~~;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB;qBAAwB,WAAW,GAAG,IAAI;yBAAlB,WAAW,GAAG,IAAI,wBAAlB,WAAW,GAAG,IAAI;CAAmB,CAAC;AAEhG,MAAM,WAAW,oBAAoB;IACpC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,WAAW,GAAG,IAAI,CAAC;IACnC,4EAA4E;IAC5E,UAAU,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,aAAc,SAAQ,QAAQ;;IAG1C,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAkB;IAC/D,~~qBAAqB~~,EAAE,KAAK,CAAC,~~sBAAsB~~,CAAC,CAAkB;~~IAEtE~~,QAAQ,CAAC,KAAK,SAAgC;IAE9C,qDAAqD;IACrD,SAAS,UAAqB;gBAWlB,OAAO,CAAC,EAAE,oBAAoB;IAM1C,~~0FAA0F~~;~~IAC1F~~,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAajD,~~oBAAoB~~,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;~~IAY1E~~;;;;;;;;OAQG;IACH,SAAS,IAAI,MAAM,IAAI;IA0CvB;;;;OAIG;IACH,UAAU,IAAI,IAAI;CAiClB"}
1	+ {"version":3,"file":"audit_log_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/audit_log_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAEX,8BAA8B,EAC9B,yBAAyB,EACzB,MAAM,6BAA6B,CAAC;AACrC,OAAO,KAAK,EACX,iBAAiB,EACjB,kBAAkB,EAClB,6BAA6B,EAC7B,8BAA8B,EAC9B,MAAM,+BAA+B,CAAC;AAGvC;;;;;GAKG;AACH,MAAM,WAAW,WAAW;IAC3B,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACjE,kBAAkB,EAAE,CACnB,KAAK,CAAC,EAAE,6BAA6B,KACjC,OAAO,CAAC,8BAA8B,CAAC,CAAC;CAC7C;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB;qBAAwB,WAAW,GAAG,IAAI;yBAAlB,WAAW,GAAG,IAAI,wBAAlB,WAAW,GAAG,IAAI;CAAmB,CAAC;AAEhG,MAAM,WAAW,oBAAoB;IACpC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,WAAW,GAAG,IAAI,CAAC;IACnC,4EAA4E;IAC5E,UAAU,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,aAAc,SAAQ,QAAQ;;IAG1C,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAkB;IAC/D,yBAAyB,EAAE,KAAK,CAAC,yBAAyB,CAAC,CAAkB;IAE7E,QAAQ,CAAC,KAAK,SAAgC;IAE9C,qDAAqD;IACrD,SAAS,UAAqB;gBAWlB,OAAO,CAAC,EAAE,oBAAoB;IAM1C,8FAA8F;IAC9F,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAajD,wBAAwB,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY9E;;;;;;;;OAQG;IACH,SAAS,IAAI,MAAM,IAAI;IA0CvB;;;;OAIG;IACH,UAAU,IAAI,IAAI;CAiClB"}

package/dist/ui/audit_log_state.svelte.js CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * Reactive state for the audit log viewer.
  *
- * Two fetch primitives (`fetch` for events, `fetch_permit_history` for the
+ * Two fetch primitives (`fetch` for events, `fetch_role_grant_history` for the
  * grant/revoke shortcut) flow through an injected RPC adapter; the SSE
  * stream continues to use `EventSource` directly — streams aren't an RPC
  * concern.
@@ -19,7 +19,7 @@ export const audit_log_rpc_context = create_context(() => () => null);
 export class AuditLogState extends Loadable {
     #get_rpc;
     events = $state.raw([]);
-    permit_history_events = $state.raw([]);
+    role_grant_history_events = $state.raw([]);
     count = $derived(this.events.length);
     /** Whether the SSE stream is currently connected. */
     connected = $state.raw(false);
@@ -34,7 +34,7 @@ export class AuditLogState extends Loadable {
         this.#get_rpc = options?.get_rpc ?? (() => null);
         this.#stream_url = options?.stream_url ?? '/api/admin/audit/stream';
     }
-    /** True when an RPC adapter is wired. `fetch`/`fetch_permit_history` no-op without it. */
+    /** True when an RPC adapter is wired. `fetch`/`fetch_role_grant_history` no-op without it. */
     get has_rpc() {
         return this.#get_rpc() !== null;
     }
@@ -50,15 +50,15 @@ export class AuditLogState extends Loadable {
             this.#update_last_seq(this.events);
         });
     }
-    async fetch_permit_history(limit, offset) {
+    async fetch_role_grant_history(limit, offset) {
         const rpc = this.#get_rpc();
         if (!rpc) {
             this.error = 'rpc adapter not wired';
             return;
         }
         await this.run(async () => {
-            const { events } = await rpc.permit_history({ limit, offset });
-            this.permit_history_events = events;
+            const { events } = await rpc.role_grant_history({ limit, offset });
+            this.role_grant_history_events = events;
         });
     }
     /**

package/dist/ui/auth_state.svelte.d.ts CHANGED Viewed

@@ -31,7 +31,7 @@
  *
  * @module
  */
-import { type ActorSummaryJson, type PermitSummaryJson, type SessionAccount } from '../auth/account_schema.js';
+import { type ActorSummaryJson, type RoleGrantSummaryJson, type SessionAccount } from '../auth/account_schema.js';
 /**
  * Svelte context for `AuthState`.
  * Use `auth_state_context.set(state)` in the provider and `auth_state_context.get()` to access.
@@ -47,8 +47,8 @@ export declare class AuthState {
     verify_error: string | null;
     account: SessionAccount | null;
     actor: ActorSummaryJson | null;
-    permits: Array<PermitSummaryJson>;
-    readonly active_permits: Array<PermitSummaryJson>;
+    role_grants: Array<RoleGrantSummaryJson>;
+    readonly active_role_grants: Array<RoleGrantSummaryJson>;
     readonly roles: Array<string>;
     /** True when bootstrap is available (no accounts exist yet). */
     needs_bootstrap: boolean;

package/dist/ui/auth_state.svelte.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/auth_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAKH,OAAO,EACN,KAAK,gBAAgB,EAErB,KAAK,~~iBAAiB~~,~~EACtB~~,KAAK,cAAc,EACnB,MAAM,2BAA2B,CAAC;AAEnC;;;GAGG;AACH,eAAO,MAAM,kBAAkB;;;;CAA8B,CAAC;AAE9D,qBAAa,SAAS;IACrB,SAAS,UAAqB;IAC9B,QAAQ,UAAqB;IAC7B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAoB;IAC/C,OAAO,EAAE,cAAc,GAAG,IAAI,CAAoB;IAClD,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAAoB;IAClD,~~OAAO~~,EAAE,KAAK,CAAC,~~iBAAiB~~,CAAC,CAAkB;~~IACnD~~,QAAQ,CAAC,~~cAAc~~,EAAE,KAAK,CAAC,~~iBAAiB~~,CAAC,~~CAE/C~~;IACF,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,~~CAAoD~~;~~IAEjF~~,gEAAgE;IAChE,eAAe,UAAqB;IAEpC;;;;;;;;OAQG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BpC;;;;;;;OAOG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwCjE;;;;;OAKG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAiCpF;;;;;;;OAOG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4ClF;;;;;OAKG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAW7B"}
1	+ {"version":3,"file":"auth_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/auth_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAKH,OAAO,EACN,KAAK,gBAAgB,EAErB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,MAAM,2BAA2B,CAAC;AAEnC;;;GAGG;AACH,eAAO,MAAM,kBAAkB;;;;CAA8B,CAAC;AAE9D,qBAAa,SAAS;IACrB,SAAS,UAAqB;IAC9B,QAAQ,UAAqB;IAC7B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAoB;IAC/C,OAAO,EAAE,cAAc,GAAG,IAAI,CAAoB;IAClD,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAAoB;IAClD,WAAW,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAkB;IAC1D,QAAQ,CAAC,kBAAkB,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAEtD;IACF,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAwD;IAErF,gEAAgE;IAChE,eAAe,UAAqB;IAEpC;;;;;;;;OAQG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BpC;;;;;;;OAOG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwCjE;;;;;OAKG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAiCpF;;;;;;;OAOG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4ClF;;;;;OAKG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAW7B"}

package/dist/ui/auth_state.svelte.js CHANGED Viewed

@@ -33,7 +33,7 @@
  */
 import { create_context } from '@fuzdev/fuz_ui/context_helpers.js';
 import { ui_fetch } from './ui_fetch.js';
-import { is_permit_active, } from '../auth/account_schema.js';
+import { is_role_grant_active, } from '../auth/account_schema.js';
 /**
  * Svelte context for `AuthState`.
  * Use `auth_state_context.set(state)` in the provider and `auth_state_context.get()` to access.
@@ -45,9 +45,9 @@ export class AuthState {
     verify_error = $state.raw(null);
     account = $state.raw(null);
     actor = $state.raw(null);
-    permits = $state.raw([]);
-    active_permits = $derived(this.permits.filter((p) => is_permit_active(p)));
-    roles = $derived(this.active_permits.map((p) => p.role));
+    role_grants = $state.raw([]);
+    active_role_grants = $derived(this.role_grants.filter((p) => is_role_grant_active(p)));
+    roles = $derived(this.active_role_grants.map((p) => p.role));
     /** True when bootstrap is available (no accounts exist yet). */
     needs_bootstrap = $state.raw(false);
     /**
@@ -68,7 +68,7 @@ export class AuthState {
                 this.verified = true;
                 this.account = data.account ?? null;
                 this.actor = data.actor ?? null;
-                this.permits = data.permits ?? [];
+                this.role_grants = data.role_grants ?? [];
                 this.needs_bootstrap = false;
             }
             else {
@@ -248,6 +248,6 @@ export class AuthState {
         this.verified = false;
         this.account = null;
         this.actor = null;
-        this.permits = [];
+        this.role_grants = [];
     }
 }

package/dist/ui/format_scope.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
- * Shared `format_scope` callback contract for permit-display components.
+ * Shared `format_scope` callback contract for role-grant-display components.
  *
- * Permits and offers carry a `scope_id` that names a consumer-owned resource
+ * Role grants and offers carry a `scope_id` that names a consumer-owned resource
  * (e.g. a classroom uuid). The default render is the raw uuid. Consumers wire
  * a `FormatScope` via context to render a human label without per-page
  * lookup or forking the components.

package/dist/ui/format_scope.js CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
- * Shared `format_scope` callback contract for permit-display components.
+ * Shared `format_scope` callback contract for role-grant-display components.
  *
- * Permits and offers carry a `scope_id` that names a consumer-owned resource
+ * Role grants and offers carry a `scope_id` that names a consumer-owned resource
  * (e.g. a classroom uuid). The default render is the raw uuid. Consumers wire
  * a `FormatScope` via context to render a human label without per-page
  * lookup or forking the components.

package/dist/ui/{permit_offers_state.svelte.d.ts → role_grant_offers_state.svelte.d.ts} RENAMED Viewed

@@ -1,8 +1,8 @@
 /**
- * Reactive state for the consentful-permits offer flow.
+ * Reactive state for the consentful-role-grants offer flow.
  *
  * Maintains one offer cache keyed by id, seeded by the RPC list/history
- * actions and kept live by the six permit-offer WebSocket notifications.
+ * actions and kept live by the six role-grant-offer WebSocket notifications.
  * `incoming` (recipient-side pending) and `outgoing` (grantor-side pending)
  * are derived views; `history` is the full cache ordered newest-first for
  * the grantor/admin history view.
@@ -16,32 +16,32 @@
  * @module
  */
 import { Loadable } from './loadable.svelte.js';
-import type { PermitOfferJson } from '../auth/permit_offer_schema.js';
+import type { RoleGrantOfferJson } from '../auth/role_grant_offer_schema.js';
 /**
- * Svelte context for `PermitOffersState`.
- * Use `permit_offers_state_context.set(state)` in the provider and
- * `permit_offers_state_context.get()` to access.
+ * Svelte context for `RoleGrantOffersState`.
+ * Use `role_grant_offers_state_context.set(state)` in the provider and
+ * `role_grant_offers_state_context.get()` to access.
  */
-export declare const permit_offers_state_context: {
-    get: (error_message?: string) => PermitOffersState;
-    get_maybe: () => PermitOffersState | undefined;
-    set: (value: PermitOffersState) => PermitOffersState;
+export declare const role_grant_offers_state_context: {
+    get: (error_message?: string) => RoleGrantOffersState;
+    get_maybe: () => RoleGrantOffersState | undefined;
+    set: (value: RoleGrantOffersState) => RoleGrantOffersState;
 };
 /**
- * Narrow RPC surface consumed by `PermitOffersState`. Consumers adapt their
+ * Narrow RPC surface consumed by `RoleGrantOffersState`. Consumers adapt their
  * typed client (e.g. a `create_rpc_client` Proxy) to this shape — the state
  * class stays decoupled from the client's `Result` return type so tests can
  * inject plain-function stubs.
  */
-export interface PermitOffersRpc {
+export interface RoleGrantOffersRpc {
     list: () => Promise<{
-        offers: Array<PermitOfferJson>;
+        offers: Array<RoleGrantOfferJson>;
     }>;
     history: (options?: {
         limit?: number;
         offset?: number;
     }) => Promise<{
-        offers: Array<PermitOfferJson>;
+        offers: Array<RoleGrantOfferJson>;
     }>;
     create: (params: {
         to_account_id: string;
@@ -50,11 +50,11 @@ export interface PermitOffersRpc {
         scope_id?: string | null;
         message?: string | null;
     }) => Promise<{
-        offer: PermitOfferJson;
+        offer: RoleGrantOfferJson;
     }>;
     accept: (offer_id: string) => Promise<{
-        permit_id: string;
-        offer: PermitOfferJson;
+        role_grant_id: string;
+        offer: RoleGrantOfferJson;
         superseded_offer_ids: Array<string>;
     }>;
     decline: (offer_id: string, reason?: string | null) => Promise<{
@@ -65,14 +65,14 @@ export interface PermitOffersRpc {
     }>;
 }
 /** Narrow WS notification envelope — method + params, matching `JsonrpcNotification`. */
-export interface PermitOfferNotification {
+export interface RoleGrantOfferNotification {
     method: string;
     params: unknown;
 }
 /** Subscription primitive — consumer wires their WS receiver; returns a disposer. */
-export type PermitOfferSubscribe = (handler: (notification: PermitOfferNotification) => void) => () => void;
-export interface PermitOffersStateOptions {
-    rpc: PermitOffersRpc;
+export type RoleGrantOfferSubscribe = (handler: (notification: RoleGrantOfferNotification) => void) => () => void;
+export interface RoleGrantOffersStateOptions {
+    rpc: RoleGrantOffersRpc;
     /** Reactive accessor for the current account id; returns `null` when logged out. */
     account_id: () => string | null;
     /**
@@ -81,16 +81,16 @@ export interface PermitOffersStateOptions {
      */
     actor_id: () => string | null;
 }
-export declare class PermitOffersState extends Loadable {
+export declare class RoleGrantOffersState extends Loadable {
     #private;
     /** Pending offers for the current account, soonest-expiring first. */
-    readonly incoming: Array<PermitOfferJson>;
+    readonly incoming: Array<RoleGrantOfferJson>;
     /** Pending offers from the current actor, newest-created first. */
-    readonly outgoing: Array<PermitOfferJson>;
+    readonly outgoing: Array<RoleGrantOfferJson>;
     /** Every offer known to this state, newest-created first. Feeds the history view. */
-    readonly history: Array<PermitOfferJson>;
+    readonly history: Array<RoleGrantOfferJson>;
     readonly incoming_count: number;
-    constructor(options: PermitOffersStateOptions);
+    constructor(options: RoleGrantOffersStateOptions);
     /** Seed the cache with the recipient-side pending inbox. */
     fetch(): Promise<void>;
     /** Seed both-directions history (includes terminal rows). */
@@ -111,7 +111,7 @@ export declare class PermitOffersState extends Loadable {
         role: string;
         scope_id?: string | null;
         message?: string | null;
-    }): Promise<PermitOfferJson | undefined>;
+    }): Promise<RoleGrantOfferJson | undefined>;
     /** Accept an offer; stamps it terminal in the cache and drops any siblings the server superseded. */
     accept(offer_id: string): Promise<void>;
     decline(offer_id: string, reason?: string | null): Promise<void>;
@@ -120,7 +120,7 @@ export declare class PermitOffersState extends Loadable {
      * Wire a notification subscription. The handler dispatches each matching
      * notification into `apply_notification`; the returned disposer unwires.
      */
-    subscribe(subscribe_fn: PermitOfferSubscribe): () => void;
+    subscribe(subscribe_fn: RoleGrantOfferSubscribe): () => void;
     /**
      * Reduce a single WS notification into the cache. Exposed so consumers
      * wiring their WS receiver directly (without `subscribe`) and tests can
@@ -128,8 +128,8 @@ export declare class PermitOffersState extends Loadable {
      *
      * @mutates `this`
      */
-    apply_notification(notification: PermitOfferNotification): void;
+    apply_notification(notification: RoleGrantOfferNotification): void;
     /** Clear the cache and reset loading/error state. */
     reset(): void;
 }
-//# sourceMappingURL=permit_offers_state.svelte.d.ts.map
+//# sourceMappingURL=role_grant_offers_state.svelte.d.ts.map

package/dist/ui/role_grant_offers_state.svelte.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"role_grant_offers_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/role_grant_offers_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,kBAAkB,EAAC,MAAM,oCAAoC,CAAC;AAU3E;;;;GAIG;AACH,eAAO,MAAM,+BAA+B;;;;CAAyC,CAAC;AAEtF;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IAClC,IAAI,EAAE,MAAM,OAAO,CAAC;QAAC,MAAM,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAAA;KAAC,CAAC,CAAC;IACzD,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;QACnB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;KAChB,KAAK,OAAO,CAAC;QAAC,MAAM,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAAA;KAAC,CAAC,CAAC;IACnD,MAAM,EAAE,CAAC,MAAM,EAAE;QAChB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC5B,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KACxB,KAAK,OAAO,CAAC;QAAC,KAAK,EAAE,kBAAkB,CAAA;KAAC,CAAC,CAAC;IAC3C,MAAM,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC;QACrC,aAAa,EAAE,MAAM,CAAC;QACtB,KAAK,EAAE,kBAAkB,CAAC;QAC1B,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;KACpC,CAAC,CAAC;IACH,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,KAAK,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAA;KAAC,CAAC,CAAC;IAC3E,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAA;KAAC,CAAC,CAAC;CACnD;AAED,yFAAyF;AACzF,MAAM,WAAW,0BAA0B;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;CAChB;AAED,qFAAqF;AACrF,MAAM,MAAM,uBAAuB,GAAG,CACrC,OAAO,EAAE,CAAC,YAAY,EAAE,0BAA0B,KAAK,IAAI,KACvD,MAAM,IAAI,CAAC;AAEhB,MAAM,WAAW,2BAA2B;IAC3C,GAAG,EAAE,kBAAkB,CAAC;IACxB,oFAAoF;IACpF,UAAU,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;IAChC;;;OAGG;IACH,QAAQ,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;CAC9B;AAQD,qBAAa,oBAAqB,SAAQ,QAAQ;;IAOjD,sEAAsE;IACtE,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAazC;IAEH,mEAAmE;IACnE,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAazC;IAEH,qFAAqF;IACrF,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAIxC;IAEH,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAkC;gBAErD,OAAO,EAAE,2BAA2B;IAOhD,4DAA4D;IACtD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAO5B,6DAA6D;IACvD,aAAa,CAAC,OAAO,CAAC,EAAE;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/E;;;;;;OAMG;IACG,MAAM,CAAC,MAAM,EAAE;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC5B,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KACxB,GAAG,OAAO,CAAC,kBAAkB,GAAG,SAAS,CAAC;IAQ3C,qGAAqG;IAC/F,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAavC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAOhE,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAO9C;;;OAGG;IACH,SAAS,CAAC,YAAY,EAAE,uBAAuB,GAAG,MAAM,IAAI;IAM5D;;;;;;OAMG;IACH,kBAAkB,CAAC,YAAY,EAAE,0BAA0B,GAAG,IAAI;IAwBlE,qDAAqD;IAC5C,KAAK,IAAI,IAAI;CAmBtB"}