@fuzdev/fuz_app 0.62.0 → 0.63.0

package/dist/auth/account_schema.js

@@ -5,9 +5,9 @@
  * `Account`, `Actor`, `RoleGrant`, `AuthSession`, and `ApiToken`.
  *
  * Identifier primitives (`Username`, `UsernameProvided`, `Email`) live
- * in `../primitive_schemas.ts` — they're general validator shapes that
+ * in `primitive_schemas.ts` — they're general validator shapes that
  * don't depend on the auth domain. The auth-shape request-contract
- * primitive `ActingActor` lives in `../http/auth_shape.ts` next to
+ * primitive `ActingActor` lives in `http/auth_shape.ts` next to
  * `RouteAuth` (the two pair: `auth.actor !== 'none'` ⟺ input declares
  * `acting?: ActingActor`).
  *

package/dist/auth/actor_lookup_actions.d.ts

@@ -3,7 +3,7 @@
  *
  * Pure read — no audit, no side effects. Auth (`account: 'required'`) +
  * rate-limit (`account`-grain) enforced at the spec layer; see
- * `./actor_lookup_action_specs.ts` for the info-leak audit.
+ * `auth/actor_lookup_action_specs.ts` for the info-leak audit.
  *
  * `display_name` is omitted (not `null`) when `actor.name` is blank,
  * matching the wire shape `display_name?` so the typed client sees an

package/dist/auth/actor_lookup_actions.js

@@ -3,7 +3,7 @@
  *
  * Pure read — no audit, no side effects. Auth (`account: 'required'`) +
  * rate-limit (`account`-grain) enforced at the spec layer; see
- * `./actor_lookup_action_specs.ts` for the info-leak audit.
+ * `auth/actor_lookup_action_specs.ts` for the info-leak audit.
  *
  * `display_name` is omitted (not `null`) when `actor.name` is blank,
  * matching the wire shape `display_name?` so the typed client sees an

package/dist/auth/actor_lookup_queries.d.ts

@@ -10,7 +10,7 @@
  * The inner join still resolves one row per actor — `actor.account_id`
  * is `NOT NULL` so every actor has exactly one account.
  *
- * Info-leak posture (see `actor_lookup_action_specs.ts` § audit):
+ * Info-leak posture (see `actor_lookup_action_specs.ts` §audit):
  *
  * - Row shape **omits** `account_id` — the join is control-plane,
  *   not wire-visible.

package/dist/auth/actor_lookup_queries.js

@@ -10,7 +10,7 @@
  * The inner join still resolves one row per actor — `actor.account_id`
  * is `NOT NULL` so every actor has exactly one account.
  *
- * Info-leak posture (see `actor_lookup_action_specs.ts` § audit):
+ * Info-leak posture (see `actor_lookup_action_specs.ts` §audit):
  *
  * - Row shape **omits** `account_id` — the join is control-plane,
  *   not wire-visible.

package/dist/auth/actor_search_action_specs.d.ts

@@ -45,7 +45,7 @@
  * ## Wire shape — info-leak audit
  *
  * Output `{actors: [{id, username, display_name?}]}` is identical to
- * `actor_lookup`'s — see `./actor_lookup_action_specs.ts` for the full
+ * `actor_lookup`'s — see `auth/actor_lookup_action_specs.ts` for the full
  * field-by-field audit. Same omissions (`account_id`, email,
  * timestamps, role / role_grants / session state), same `display_name`
  * omitted-not-null contract, same response-order-unspecified rule.

package/dist/auth/actor_search_action_specs.js

@@ -45,7 +45,7 @@
  * ## Wire shape — info-leak audit
  *
  * Output `{actors: [{id, username, display_name?}]}` is identical to
- * `actor_lookup`'s — see `./actor_lookup_action_specs.ts` for the full
+ * `actor_lookup`'s — see `auth/actor_lookup_action_specs.ts` for the full
  * field-by-field audit. Same omissions (`account_id`, email,
  * timestamps, role / role_grants / session state), same `display_name`
  * omitted-not-null contract, same response-order-unspecified rule.

package/dist/auth/actor_search_actions.d.ts

@@ -3,7 +3,7 @@
  *
  * Pure read — no audit, no side effects. Auth (`account: 'required'`,
  * `actor: 'none'`) + rate-limit (`account`-grain) enforced at the spec
- * layer; see `./actor_search_action_specs.ts` for the info-leak audit
+ * layer; see `auth/actor_search_action_specs.ts` for the info-leak audit
  * and threat model.
  *
  * The handler adds two checks the spec layer can't express:

package/dist/auth/actor_search_actions.js

@@ -3,7 +3,7 @@
  *
  * Pure read — no audit, no side effects. Auth (`account: 'required'`,
  * `actor: 'none'`) + rate-limit (`account`-grain) enforced at the spec
- * layer; see `./actor_search_action_specs.ts` for the info-leak audit
+ * layer; see `auth/actor_search_action_specs.ts` for the info-leak audit
  * and threat model.
  *
  * The handler adds two checks the spec layer can't express:

package/dist/auth/actor_search_queries.d.ts

@@ -29,7 +29,7 @@
  * gates), no role_grant join — every actor with a matching prefix is
  * returned.
  *
- * ## Info-leak posture (see `actor_search_action_specs.ts` § audit)
+ * ## Info-leak posture (see `actor_search_action_specs.ts` §audit)
  *
  * - Row shape **omits** `account_id` — the join is control-plane, not
  *   wire-visible. Identical to `actor_lookup_queries.ts`.

package/dist/auth/actor_search_queries.js

@@ -29,7 +29,7 @@
  * gates), no role_grant join — every actor with a matching prefix is
  * returned.
  *
- * ## Info-leak posture (see `actor_search_action_specs.ts` § audit)
+ * ## Info-leak posture (see `actor_search_action_specs.ts` §audit)
  *
  * - Row shape **omits** `account_id` — the join is control-plane, not
  *   wire-visible. Identical to `actor_lookup_queries.ts`.

package/dist/auth/all_action_spec_registries.d.ts

@@ -22,14 +22,14 @@
  * - Codegen that needs to see every fuz_auth surface at once
  *   (typed-client filters, attack-surface reports). For typed-client
  *   wiring of the standard surface, prefer `all_standard_action_specs`
- *   in `./standard_action_specs.ts` — it mirrors the
+ *   in `auth/standard_action_specs.ts` — it mirrors the
  *   `create_standard_rpc_actions` mount and stays narrower than this
  *   registry-of-registries (no opt-in bundles).
  *
  * `protocol_action_specs` (heartbeat / cancel) is **not** included —
  * those are transport-level wire-protocol concerns shipped by fuz_app
  * and spread by every consumer at registration via `protocol_actions`
- * from `../actions/protocol.ts`. Walker tests that need protocol
+ * from `actions/protocol.ts`. Walker tests that need protocol
  * coverage spread `protocol_action_specs` separately.
  *
  * @module

package/dist/auth/all_action_spec_registries.js

@@ -22,14 +22,14 @@
  * - Codegen that needs to see every fuz_auth surface at once
  *   (typed-client filters, attack-surface reports). For typed-client
  *   wiring of the standard surface, prefer `all_standard_action_specs`
- *   in `./standard_action_specs.ts` — it mirrors the
+ *   in `auth/standard_action_specs.ts` — it mirrors the
  *   `create_standard_rpc_actions` mount and stays narrower than this
  *   registry-of-registries (no opt-in bundles).
  *
  * `protocol_action_specs` (heartbeat / cancel) is **not** included —
  * those are transport-level wire-protocol concerns shipped by fuz_app
  * and spread by every consumer at registration via `protocol_actions`
- * from `../actions/protocol.ts`. Walker tests that need protocol
+ * from `actions/protocol.ts`. Walker tests that need protocol
  * coverage spread `protocol_action_specs` separately.
  *
  * @module

package/dist/auth/audit_log_routes.d.ts

@@ -7,7 +7,7 @@
  * `GET /audit/stream` SSE route — streams aren't an action-kind, so they
  * stay on REST. The event payload broadcast on the stream surfaces via
  * `audit_log_event_specs` (one `EventSpec` per audit event type) declared
- * alongside the broadcaster in `../realtime/sse_auth_guard.ts`.
+ * alongside the broadcaster in `realtime/sse_auth_guard.ts`.
  *
  * @module
  */

package/dist/auth/audit_log_routes.js

@@ -7,7 +7,7 @@
  * `GET /audit/stream` SSE route — streams aren't an action-kind, so they
  * stay on REST. The event payload broadcast on the stream surfaces via
  * `audit_log_event_specs` (one `EventSpec` per audit event type) declared
- * alongside the broadcaster in `../realtime/sse_auth_guard.ts`.
+ * alongside the broadcaster in `realtime/sse_auth_guard.ts`.
  *
  * @module
  */

package/dist/auth/audit_log_schema.d.ts

@@ -85,21 +85,46 @@ export declare const audit_metadata_schemas: Readonly<{
         reason: z.ZodOptional<z.ZodEnum<{
             concurrent_change: "concurrent_change";
         }>>;
+        credential_type: z.ZodOptional<z.ZodEnum<{
+            daemon_token: "daemon_token";
+            session: "session";
+            api_token: "api_token";
+        }>>;
     }, z.core.$loose>>;
     session_revoke: z.ZodObject<{
         session_id: z.ZodString;
+        credential_type: z.ZodOptional<z.ZodEnum<{
+            daemon_token: "daemon_token";
+            session: "session";
+            api_token: "api_token";
+        }>>;
     }, z.core.$loose>;
     session_revoke_all: z.ZodObject<{
         count: z.ZodOptional<z.ZodNumber>;
         reason: z.ZodOptional<z.ZodString>;
         attempted_account_id: z.ZodOptional<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
+        credential_type: z.ZodOptional<z.ZodEnum<{
+            daemon_token: "daemon_token";
+            session: "session";
+            api_token: "api_token";
+        }>>;
     }, z.core.$loose>;
     token_create: z.ZodObject<{
         token_id: z.ZodString;
         name: z.ZodString;
+        credential_type: z.ZodOptional<z.ZodEnum<{
+            daemon_token: "daemon_token";
+            session: "session";
+            api_token: "api_token";
+        }>>;
     }, z.core.$loose>;
     token_revoke: z.ZodObject<{
         token_id: z.ZodString;
+        credential_type: z.ZodOptional<z.ZodEnum<{
+            daemon_token: "daemon_token";
+            session: "session";
+            api_token: "api_token";
+        }>>;
     }, z.core.$loose>;
     token_revoke_all: z.ZodObject<{
         count: z.ZodOptional<z.ZodNumber>;

package/dist/auth/audit_log_schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_log_schema.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAO5C;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,8aAsBnB,CAAC;AAEZ,wCAAwC;AACxC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;EAA4B,CAAC;AACxD,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAE5D;;;;GAIG;AACH,eAAO,MAAM,2BAA2B,QAA+B,CAAC;AAExE,0DAA0D;AAC1D,eAAO,MAAM,kBAAkB,aAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,2CAA2C;AAC3C,eAAO,MAAM,YAAY;;;EAAiC,CAAC;AAC3D,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAExD;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6MW,CAAC;AAE/C,+EAA+E;AAC/E,MAAM,MAAM,gBAAgB,GAAG;KAC7B,CAAC,IAAI,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC;CAClE,CAAC;AAEF,oGAAoG;AACpG,MAAM,WAAW,aAAa;IAC7B,EAAE,EAAE,IAAI,CAAC;IACT,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,YAAY,CAAC;IACtB;;;;;;;;;;;;;OAaG;IACH,QAAQ,EAAE,IAAI,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,iBAAiB,EAAE,IAAI,GAAG,IAAI,CAAC;IAC/B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAkCG;IACH,eAAe,EAAE,IAAI,GAAG,IAAI,CAAC;IAC7B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACzC;AAED;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAI,CAAC,SAAS,cAAc,EAC1D,OAAO,aAAa,GAAG;IAAC,UAAU,EAAE,CAAC,CAAA;CAAC,KACpC,gBAAgB,CAAC,CAAC,CAAC,GAAG,IAExB,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,MAAM,GAAG,cAAc;IAC/D,UAAU,EAAE,CAAC,CAAC;IACd,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAChC,eAAe,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC9B,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,CAAC,SAAS,cAAc,GAChC,CAAC,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,GACtD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CAClC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,cAAc;IAC9B,iFAAiF;IACjF,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC5C;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CAC/D;AAED,4FAA4F;AAC5F,eAAO,MAAM,wBAAwB,EAAE,cAGrC,CAAC;AAEH,6CAA6C;AAC7C,MAAM,WAAW,2BAA2B;IAC3C;;;;;;;;OAQG;IACH,YAAY,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC;CAC1D;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB,GAAI,UAAU,2BAA2B,KAAG,cA2B/E,CAAC;AAEF,gDAAgD;AAChD,eAAO,MAAM,uBAAuB,KAAK,CAAC;AAE1C,6CAA6C;AAC7C,MAAM,WAAW,mBAAmB;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,0GAA0G;IAC1G,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;kBAY5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,+DAA+D;AAC/D,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;kBAGzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,wEAAwE;AACxE,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;kBAGpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF,iEAAiE;AACjE,eAAO,MAAM,gBAAgB;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC"}
+{"version":3,"file":"audit_log_schema.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAoB5C;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,8aAsBnB,CAAC;AAEZ,wCAAwC;AACxC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;EAA4B,CAAC;AACxD,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAE5D;;;;GAIG;AACH,eAAO,MAAM,2BAA2B,QAA+B,CAAC;AAExE,0DAA0D;AAC1D,eAAO,MAAM,kBAAkB,aAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,2CAA2C;AAC3C,eAAO,MAAM,YAAY;;;EAAiC,CAAC;AAC3D,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAExD;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkNW,CAAC;AAE/C,+EAA+E;AAC/E,MAAM,MAAM,gBAAgB,GAAG;KAC7B,CAAC,IAAI,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC;CAClE,CAAC;AAEF,oGAAoG;AACpG,MAAM,WAAW,aAAa;IAC7B,EAAE,EAAE,IAAI,CAAC;IACT,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,YAAY,CAAC;IACtB;;;;;;;;;;;;;OAaG;IACH,QAAQ,EAAE,IAAI,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,iBAAiB,EAAE,IAAI,GAAG,IAAI,CAAC;IAC/B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAkCG;IACH,eAAe,EAAE,IAAI,GAAG,IAAI,CAAC;IAC7B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACzC;AAED;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAI,CAAC,SAAS,cAAc,EAC1D,OAAO,aAAa,GAAG;IAAC,UAAU,EAAE,CAAC,CAAA;CAAC,KACpC,gBAAgB,CAAC,CAAC,CAAC,GAAG,IAExB,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,MAAM,GAAG,cAAc;IAC/D,UAAU,EAAE,CAAC,CAAC;IACd,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAChC,eAAe,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC9B,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,CAAC,SAAS,cAAc,GAChC,CAAC,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,GACtD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CAClC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,cAAc;IAC9B,iFAAiF;IACjF,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC5C;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CAC/D;AAED,4FAA4F;AAC5F,eAAO,MAAM,wBAAwB,EAAE,cAGrC,CAAC;AAEH,6CAA6C;AAC7C,MAAM,WAAW,2BAA2B;IAC3C;;;;;;;;OAQG;IACH,YAAY,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC;CAC1D;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB,GAAI,UAAU,2BAA2B,KAAG,cA2B/E,CAAC;AAEF,gDAAgD;AAChD,eAAO,MAAM,uBAAuB,KAAK,CAAC;AAE1C,6CAA6C;AAC7C,MAAM,WAAW,mBAAmB;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,0GAA0G;IAC1G,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;kBAY5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,+DAA+D;AAC/D,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;kBAGzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,wEAAwE;AACxE,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;kBAGpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF,iEAAiE;AACjE,eAAO,MAAM,gBAAgB;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC"}

package/dist/auth/audit_log_schema.js

@@ -14,6 +14,17 @@ import { Blake3Hash } from '@fuzdev/fuz_util/hash_blake3.js';
 import { AuthSessionJson } from './account_schema.js';
 import { Email } from '../primitive_schemas.js';
 import { ApiTokenId } from './api_token.js';
+import { BuiltinCredentialType } from './credential_type_schema.js';
+/**
+ * Defense-in-depth audit field — records the credential channel
+ * (`session` / `api_token` / `daemon_token`) the request arrived on.
+ * Present on events whose specs declare `credential_types: ['session']`
+ * so forensics survive a future loosening or bypass of the spec gate.
+ * See `docs/security.md` §Credential-channel gating.
+ */
+const credential_type_meta = BuiltinCredentialType.optional().meta({
+    description: 'Credential channel the request arrived on. Defense in depth — the spec gate restricts to `session`, but the row preserves what actually authenticated the request in case the gate is loosened or bypassed in a future refactor.',
+});
 /**
  * All tracked auth event types. Frozen to convert accidental in-process
  * mutation (test cross-contamination, cast escapes) into loud TypeErrors.
@@ -102,10 +113,12 @@ export const audit_metadata_schemas = Object.freeze({
         reason: z.enum(['concurrent_change']).optional().meta({
             description: 'Failure category. `concurrent_change` indicates another password change committed first against the same starting hash (verify-write race loser). Absent for typed-wrong-password failures.',
         }),
+        credential_type: credential_type_meta,
     })
         .nullable(),
     session_revoke: z.looseObject({
         session_id: Blake3Hash.meta({ description: 'Blake3 hash identifying the revoked session row.' }),
+        credential_type: credential_type_meta,
     }),
     session_revoke_all: z.looseObject({
         // Omitted on `outcome='failure'` (no revocation attempted — e.g. target
@@ -122,13 +135,16 @@ export const audit_metadata_schemas = Object.freeze({
         attempted_account_id: Uuid.optional().meta({
             description: 'Probed account id when the target lookup missed (FK constraint forces `target_account_id` to null).',
         }),
+        credential_type: credential_type_meta,
     }),
     token_create: z.looseObject({
         token_id: ApiTokenId.meta({ description: 'Public id of the created API token (`tok_…`).' }),
         name: z.string().meta({ description: 'Operator-supplied label for the token.' }),
+        credential_type: credential_type_meta,
     }),
     token_revoke: z.looseObject({
         token_id: ApiTokenId.meta({ description: 'Public id of the revoked API token (`tok_…`).' }),
+        credential_type: credential_type_meta,
     }),
     token_revoke_all: z.looseObject({
         // Same shape as `session_revoke_all` for failures.

package/dist/auth/request_context.d.ts

@@ -340,7 +340,7 @@ export declare const build_account_context: (deps: QueryDeps, account_id: string
  *
  * The auth phase deliberately stops short of constructing a `Response` so
  * the same failure flows through every transport without the auth-domain
- * code knowing about JSON-RPC. See `fuz_app/CLAUDE.md` § Cleanest
+ * code knowing about JSON-RPC. See `../../../CLAUDE.md` §Cleanest
  * architecture takes priority for the rationale.
  */
 export type AuthorizationFailureBody = {

package/dist/env/update_env_variable.js

@@ -70,7 +70,7 @@ export const update_env_variable = async (key, value, options) => {
     const updated_content = updated_lines.join('\n') + (has_trailing_newline ? '\n' : '');
     await write_file(file_path, updated_content, 'utf-8');
 };
-// Keep this tokenization aligned with `parse_dotenv` in `./dotenv.ts`:
+// Keep this tokenization aligned with `parse_dotenv` in `env/dotenv.ts`:
 // trim, skip empties/comments, split on the first `=`.
 const find_last_key_line_index = (lines, key) => {
     if (!key)

package/dist/http/CLAUDE.md

@@ -5,12 +5,12 @@ surface introspection, JSON-RPC envelope + error taxonomy, proxy/origin
 middleware primitives, post-commit effect helper, generic admin route specs.
 
 **Nothing in this directory is auth-specific.** Auth middleware, routes, and
-guards live in `../auth/` and consume these primitives. Routes and actions in
+guards live in `auth/` and consume these primitives. Routes and actions in
 other domains should do the same — extend, don't special-case.
 
 For the design rationale behind declarative routes, DEV-only output
 validation, the three-layer error-schema merge, and fire-and-forget effects,
-see `../../docs/architecture.md`.
+see ../../docs/architecture.md.
 
 ## Module Map
 
@@ -42,7 +42,7 @@ by `generate_app_surface`. Same-shaped data, different consumers.
 
 - `method` — `'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH'`
 - `path` — Hono path (supports `:param` segments)
-- `auth: RouteAuth` — flat record `{account, actor, roles?, credential_types?}` from `auth_shape.ts`. Each axis is `'none' | 'optional' | 'required'`. Same shape governs `ActionSpec.auth` (see `../actions/CLAUDE.md`).
+- `auth: RouteAuth` — flat record `{account, actor, roles?, credential_types?}` from `auth_shape.ts`. Each axis is `'none' | 'optional' | 'required'`. Same shape governs `ActionSpec.auth` (see `actions/CLAUDE.md`).
 - `handler: RouteHandler` — `(c: Context, route: RouteContext) => Response | Promise<Response>`
 - `description` — free-text, surfaced in `AppSurface`
 - `params?: z.ZodObject` — strict-object schema for URL path params
@@ -84,7 +84,7 @@ interface RouteContext {
   `db.transaction`.
 
 Pool-level fire-and-forget writes (audit logs, etc.) run through the bound
-`AppDeps.audit` capability — see `../auth/CLAUDE.md` §Deps. Handlers that
+`AppDeps.audit` capability — see `auth/CLAUDE.md` §Deps. Handlers that
 need rollback-resilient writes call `deps.audit.emit(route, input)`, which
 captures the pool inside the bound emitter so the row lands even when
 the handler's transaction rolls back.
@@ -98,7 +98,7 @@ the handler's transaction rolls back.
 
 Override explicitly when a mutation route must manage its own transactions
 (e.g. signup, which does a multi-step flow that can't live inside a single
-wrapper). See `../auth/signup_routes.ts`.
+wrapper). See `auth/signup_routes.ts`.
 
 ### Validation pipeline (per-route middleware order)
 
@@ -114,7 +114,7 @@ wrapper). See `../auth/signup_routes.ts`.
    or `auth.actor === 'required'`. Fires before any body parsing so
    unauthenticated callers never see route-shape information from
    input parse failures. The `AuthGuardResolver` (e.g.
-   `fuz_auth_guard_resolver` from `../auth/auth_guard_resolver.ts`) returns
+   `fuz_auth_guard_resolver` from `auth/auth_guard_resolver.ts`) returns
    this set as `pre_validation: Array<MiddlewareHandler>`.
 4. **Input validation** — JSON body parsed + validated; mismatch returns
    400 `ERROR_INVALID_JSON_BODY` (not JSON) or `ERROR_INVALID_REQUEST_BODY`
@@ -191,7 +191,7 @@ are the contract with external callers.
 
 The production behavior short-circuits to the unwrapped handler — no
 parse work on the hot path. Uniform across all three action-handler
-surfaces (REST, RPC, WS); see `../../docs/architecture.md` §DEV-only
+surfaces (REST, RPC, WS); see ../../docs/architecture.md §DEV-only
 Output Validation.
 
 ### Helpers
@@ -205,8 +205,8 @@ Output Validation.
 
 `error_schemas.ts` is the **declarative** error surface:
 
-- `ERROR_*` snake*case string constants — single source of truth; use
-  `.literal(ERROR*\*)` in Zod schemas and inline checks in handlers
+- `ERROR_*` `snake_case` string constants — single source of truth; use
+  `.literal(ERROR_*)` in Zod schemas and inline checks in handlers
 - `ApiError`, `ValidationError`, `PermissionError`,
   `CredentialTypeRequiredError`, `RateLimitError`, `PayloadTooLargeError`,
   `ForeignKeyError` — standard shapes
@@ -413,7 +413,7 @@ connection is from a configured trusted proxy. Without this middleware,
 `get_client_ip(c)` returns `'unknown'`.
 
 Must run **before** auth and rate-limiting middleware. See the root
-`../../CLAUDE.md` §Middleware Ordering.
+../../CLAUDE.md §Middleware Ordering.
 
 - `normalize_ip(ip)` — idempotent: lowercase + strip `::ffff:` prefix on
   IPv4-mapped IPv6 addresses; safe on non-IP strings (`'unknown'` → `'unknown'`).
@@ -465,7 +465,7 @@ don't include ports — bounded by operator configuration in practice.
 
 Origin allowlisting for locally-running services — **not** the CSRF
 layer. CSRF is handled by `SameSite: strict` on session cookies (see
-`../auth/session_middleware.ts`).
+`auth/session_middleware.ts`).
 
 - `parse_allowed_origins(env_value)` — comma-separated patterns → `Array<RegExp>`
 - `should_allow_origin(origin, patterns)` — case-insensitive match
@@ -664,7 +664,7 @@ emit_after_commit(ctx, () => notification_sender.send_to_account(account_id, msg
 ```
 
 Used for WS sends (`NotificationSender.send_to_account` for
-role-grant-offer notifications — see `../auth/CLAUDE.md` §WS notifications)
+role-grant-offer notifications — see `auth/CLAUDE.md` §WS notifications)
 and any side effect that must run only after the transaction commits.
 
 ### Key properties
@@ -712,7 +712,7 @@ auth-domain dependencies:
   surface data reveals API structure (schemas, auth, routes)
 
 Auth-aware variants (account status, bootstrap status) live in
-`../auth/` — `common_routes.ts` stays generic.
+`auth/` — `common_routes.ts` stays generic.
 
 ## DB Routes (Generic Browser)
 
@@ -743,7 +743,7 @@ Interfaces exported for consumer use: `TableInfo`, `TableWithCount`,
 ## Cross-Module Notes
 
 - **Middleware ordering** is assembled by `create_app_server` — see the
-  root `../../CLAUDE.md` §Middleware Ordering. The invariants `http/`
+  root ../../CLAUDE.md §Middleware Ordering. The invariants `http/`
   needs consumers to uphold: trusted-proxy runs before auth/rate-limit;
   origin verification runs before session parsing; `client_ip` must be
   set before any handler or rate limiter reads it
@@ -753,7 +753,7 @@ Interfaces exported for consumer use: `TableInfo`, `TableWithCount`,
 - **Input/output schemas align with SAES.** When wiring RPC via
   `actions/action_rpc.ts` or bridging to `RouteSpec` via
   `actions/action_bridge.ts`, the same Zod types flow through unchanged
-  (see `../actions/CLAUDE.md` §Single JSON-RPC 2.0 endpoint and §HTTP bridge)
+  (see `actions/CLAUDE.md` §Single JSON-RPC 2.0 endpoint and §HTTP bridge)
 - **Error modules are complementary, not redundant.** `error_schemas.ts`
   is Zod-first (for routes and surface); `jsonrpc_errors.ts` is
   throw-first (for handlers and the catch layer). A single `ERROR_*`

package/dist/testing/CLAUDE.md

@@ -6,23 +6,17 @@ round-trip harnesses. Consumers import these to assemble their own test suites
 against a fuz_app-derived server.
 
 For narrative wiring examples (how to call these from a consumer's vitest
-setup), see `../../../docs/testing.md`. For fuz_app's own test suite
-conventions (`.db.test.ts` suffix, the `db` vitest project, `assert_rejects`),
-see `../../test/CLAUDE.md`. This file is a reference index for the helpers
-themselves.
+setup), see ../../../docs/testing.md. For fuz_app's own test suite
+conventions, see ../../test/CLAUDE.md. For shared testing conventions
+(`.db.test.ts`, `assert` from vitest, `assert_rejects`, `vi.mock` caveats),
+see Skill(fuz-stack) testing-patterns. This file is a reference index for
+the helpers themselves.
 
 ## Production guard — always the first import
 
-Every module in this directory starts with `import './assert_dev_env.js';`
-as its first line. The side-effect import reads `DEV` from `esm-env` and
-throws if it is false — preventing accidental inclusion in production
-bundles. SvelteKit and Vite set `DEV` correctly for dev + tests; the
-production code path explodes at the first testing-module import.
-
-When adding a new module to this directory, make this import the first
-line. The convention is enforced by grep, not by a linter — break it and
-the production bundle still builds, then crashes at runtime on first
-module load.
+Every module here starts with `import './assert_dev_env.js';` — reads `DEV`
+from `esm-env` and throws if false, preventing production-bundle inclusion.
+Enforced by grep, not a linter; make this the first line in new modules.
 
 ## Stubs, factories, mocks
 
@@ -40,7 +34,7 @@ module load.
 | `create_stub_app_deps()`                              | Factory returning fresh `AppDeps` with no-op FS/keyring/password, a `create_noop_stub` DB, silent `Logger`, no-op `audit`.                                                                                                                                                                                                                                                                                                                                                                                                          |
 | `create_test_audit_emitter()`                         | No-op `AuditEmitter` for tests that don't assert on audit fan-out. `emit` / `emit_role_grant_target` are no-ops; `emit_pool` resolves immediately; `notify` is a no-op; `on_event_chain` is empty.                                                                                                                                                                                                                                                                                                                                  |
 | `create_stub_audit_sse()`                             | No-op `AuditLogSse` for surface-test wiring without booting real SSE. `subscribe` returns a no-op cleanup; `on_audit_event` is a no-op; the `registry` is a fresh `SubscriberRegistry` (live `.size` / `.close_*` for tests touching registry state, isolated per call). For real SSE plumbing, build via `create_audit_log_sse` against `create_test_app`.                                                                                                                                                                         |
-| `create_stub_api_middleware({include_daemon_token?})` | Stub `MiddlewareSpec[]` matching `create_auth_middleware_specs`'s output (origin/session/request_context/bearer_auth, optional daemon_token) for surface generation without booting real auth. See `../auth/CLAUDE.md` §Middleware for the real stack.                                                                                                                                                                                                                                                                              |
+| `create_stub_api_middleware({include_daemon_token?})` | Stub `MiddlewareSpec[]` matching `create_auth_middleware_specs`'s output (origin/session/request_context/bearer_auth, optional daemon_token) for surface generation without booting real auth. See `auth/CLAUDE.md` §Middleware for the real stack.                                                                                                                                                                                                                                                                                 |
 | `create_stub_app_server_context(session_options)`     | Stub `AppServerContext` — rate limiters null, `bootstrap_status.available: false`, `app_settings.open_signup: false`.                                                                                                                                                                                                                                                                                                                                                                                                               |
 | `create_test_app_surface_spec(options)`               | Builds an `AppSurfaceSpec` that mirrors `create_app_server`'s route assembly: consumer routes + factory-managed bootstrap routes (prefixed via `bootstrap_route_prefix`, default `'/api/account'`) + stub middleware + surface generation. `CreateTestAppSurfaceSpecOptions` accepts `session_options`, `create_route_specs`, `env_schema?`, `event_specs?`, `rpc_endpoints?`, `transform_middleware?`, `bootstrap_route_prefix?`. Single source of truth for attack-surface tests — track `create_app_server` wiring changes here. |
 
@@ -572,7 +566,7 @@ Options: `{session_options, create_route_specs, app_options?, db_factories?}`.
 
 7 test groups covering admin surface: account listing, role_grant grant
 lifecycle (via `role_grant_offer_create` + `role_grant_revoke` RPC flows —
-**not** REST; see `../auth/CLAUDE.md` for `role_grant_offer_action_specs.ts` + `role_grant_offer_actions.ts`), session / token management, audit log reads (RPC),
+**not** REST; see `auth/CLAUDE.md` for `role_grant_offer_action_specs.ts` + `role_grant_offer_actions.ts`), session / token management, audit log reads (RPC),
 admin-to-admin isolation, error coverage, response schema validation.
 
 Required options: `{session_options, create_route_specs, roles: RoleSchemaResult, rpc_endpoints: RpcEndpointsSuiteOption, admin_prefix?, app_options?, db_factories?}`.
@@ -688,7 +682,7 @@ Registry lookups:
    - unauthenticated → `unauthenticated` (code -32001)
    - wrong role → `forbidden` (-32002)
    - authenticated without role → `forbidden`
-   - **keeper rejects non-daemon credentials** — session and api_token credentials are rejected even when the account has the keeper role (only `daemon_token` passes). The credential-type gate fires before the role gate (see `../auth/CLAUDE.md` §`request_context.ts` for `require_credential_types`).
+   - **keeper rejects non-daemon credentials** — session and api_token credentials are rejected even when the account has the keeper role (only `daemon_token` passes). The credential-type gate fires before the role gate (see `auth/CLAUDE.md` §`request_context.ts` for `require_credential_types`).
    - correct auth passes (not 401/403)
    - GET unauthenticated for `side_effects: false` reads
 2. **RPC adversarial envelopes** — fixed set exercising dispatcher steps 1–2: non-JSON body, wrong `jsonrpc` version, missing `jsonrpc` / `method` / `id`, batch array, unknown method, GET missing `method`/`id`, GET invalid JSON params, GET non-object params, GET mutation method → `invalid_request`.
@@ -705,42 +699,32 @@ not folded into `create_standard_rpc_actions` (today `self_service_role_actions`
 / round-trip coverage from `describe_rpc_attack_surface_tests` +
 `describe_rpc_round_trip_tests` unless the consumer ships a
 `<module>.rpc_suites.db.test.ts` mounting the opt-in factory on the RPC
-endpoint and calling both suites. See `../../test/CLAUDE.md` §Composable
+endpoint and calling both suites. See ../../test/CLAUDE.md §Composable
 Test Suites for the obligation note; existing
-`../../test/auth/*.rpc_suites.db.test.ts` files are templates.
+../../test/auth/\*.rpc_suites.db.test.ts files are templates.
 
 ## Cross-cutting conventions
 
-- **`assert` from vitest, not `expect`.** Project-wide convention
-  (mirrored in `src/test/CLAUDE.md`). Use `assert_rejects` from
-  `@fuzdev/fuz_util/testing.js` for async rejection assertions.
-- **`.db.test.ts` suffix** for any test file that instantiates a `Db`
-  (directly or via `create_test_app`, `create_describe_db`,
-  `create_pglite_factory`). The suffix opts the file into the `db`
-  vitest project (`isolate: false`, `fileParallelism: false`) so the
-  PGlite WASM cache is shared across every DB test file.
+Shared conventions (`.db.test.ts` suffix, `isolate: false` semantics,
+`assert` from vitest, `assert_rejects`, `vi.mock` avoidance under
+`isolate: false`) live in Skill(fuz-stack) testing-patterns.
+fuz_app-specific points:
+
 - **`await_pending_effects: true`** is set by `create_test_app`.
   Fire-and-forget effects (audit logs, session touches, WS fan-out via
   `emit_after_commit`) resolve before the response returns, so tests
   can assert on side effects inline without manual flushing.
-- **Avoid `vi.mock()` inside `.db.test.ts`.** With `isolate: false`,
-  module-level mocks leak across files. When a mock is unavoidable
-  (e.g. `middleware.ts` uses them module-level for bearer auth tests),
-  always pair with `vi.restoreAllMocks()` in `afterEach` to contain
-  the blast radius.
-- **Deep-path imports only.** `testing/` follows the package
-  convention — import from the canonical module (`./db.js`,
-  `./rpc_helpers.js`, etc.), never a barrel. fuz_app's `dist/` doesn't
-  ship one.
-- **DI via small `*Deps` interfaces.** Stub factories here accept the
-  same narrow `*Deps` contracts production code uses — never
-  `Pick<GodType, ...>`. New helpers that need env/fs/logger access
-  should take `EnvDeps` / `FsReadDeps` / `Logger` from
-  `runtime/deps.ts` or `@fuzdev/fuz_util/log.js`.
+- **Deep-path imports only.** Import from the canonical module
+  (`testing/db.js`, `testing/rpc_helpers.js`, etc.); fuz_app's `dist/` ships no
+  barrel.
+- **DI via small `*Deps` interfaces.** Stub factories accept the same
+  narrow `*Deps` contracts production code uses — never
+  `Pick<GodType, ...>`. New helpers needing env/fs/logger take
+  `EnvDeps` / `FsReadDeps` / `Logger` from `runtime/deps.ts` or
+  `@fuzdev/fuz_util/log.js`.
 - **Keep the shared echo routes in sync with public surface.** When
   middleware or public API gains a new context variable, header, or
   field, update the echo in `middleware.ts`
   (`create_bearer_auth_test_app`, `create_test_middleware_stack_app`)
-  alongside the assertions in `src/test/auth/*.test.ts`. The two move
-  together — drift between them shows up as a missed assertion, not a
-  test failure.
+  alongside the assertions in `src/test/auth/*.test.ts`. Drift surfaces
+  as a missed assertion, not a test failure.

package/dist/testing/audit_completeness.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_completeness.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/audit_completeness.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAkB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAIrD,OAAO,EAGN,KAAK,eAAe,EAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,SAAS,CAAC;AAKjB,OAAO,EAIN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAqB1B;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,wDAAwD;IACxD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE;;;;;;;;;;;OAWG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,iDAAiD;IACjD,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;CAChC;AAoDD;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,iCAAiC,GAAI,SAAS,4BAA4B,KAAG,IAkgBzF,CAAC"}
+{"version":3,"file":"audit_completeness.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/audit_completeness.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAkB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAIrD,OAAO,EAGN,KAAK,eAAe,EAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,SAAS,CAAC;AAKjB,OAAO,EAIN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAqB1B;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,wDAAwD;IACxD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE;;;;;;;;;;;OAWG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,iDAAiD;IACjD,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;CAChC;AA2ED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,iCAAiC,GAAI,SAAS,4BAA4B,KAAG,IAihBzF,CAAC"}