npm - @fuzdev/fuz_app - Versions diffs - 0.67.1 → 0.69.0 - Mend

@fuzdev/fuz_app 0.67.1 → 0.69.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

package/dist/actions/perform_action.d.ts.map +1 -1
package/dist/actions/perform_action.js +10 -3
package/dist/auth/CLAUDE.md +99 -5
package/dist/auth/account_queries.d.ts +87 -4
package/dist/auth/account_queries.d.ts.map +1 -1
package/dist/auth/account_queries.js +107 -17
package/dist/auth/account_schema.d.ts +19 -0
package/dist/auth/account_schema.d.ts.map +1 -1
package/dist/auth/account_schema.js +8 -0
package/dist/auth/admin_action_specs.d.ts +170 -3
package/dist/auth/admin_action_specs.d.ts.map +1 -1
package/dist/auth/admin_action_specs.js +148 -4
package/dist/auth/admin_actions.d.ts +4 -14
package/dist/auth/admin_actions.d.ts.map +1 -1
package/dist/auth/admin_actions.js +246 -40
package/dist/auth/audit_log_ddl.d.ts +10 -1
package/dist/auth/audit_log_ddl.d.ts.map +1 -1
package/dist/auth/audit_log_ddl.js +13 -4
package/dist/auth/audit_log_schema.d.ts +34 -1
package/dist/auth/audit_log_schema.d.ts.map +1 -1
package/dist/auth/audit_log_schema.js +73 -0
package/dist/auth/auth_ddl.d.ts +2 -2
package/dist/auth/auth_ddl.d.ts.map +1 -1
package/dist/auth/auth_ddl.js +10 -2
package/dist/auth/cell_action_specs.d.ts +1295 -0
package/dist/auth/cell_action_specs.d.ts.map +1 -0
package/dist/auth/cell_action_specs.js +397 -0
package/dist/auth/cell_actions.d.ts +63 -0
package/dist/auth/cell_actions.d.ts.map +1 -0
package/dist/auth/cell_actions.js +546 -0
package/dist/auth/cell_audit_action_specs.d.ts +131 -0
package/dist/auth/cell_audit_action_specs.d.ts.map +1 -0
package/dist/auth/cell_audit_action_specs.js +70 -0
package/dist/auth/cell_audit_actions.d.ts +18 -0
package/dist/auth/cell_audit_actions.d.ts.map +1 -0
package/dist/auth/cell_audit_actions.js +59 -0
package/dist/auth/cell_audit_events.d.ts +28 -0
package/dist/auth/cell_audit_events.d.ts.map +1 -0
package/dist/auth/cell_audit_events.js +42 -0
package/dist/auth/cell_audit_metadata.d.ts +48 -0
package/dist/auth/cell_audit_metadata.d.ts.map +1 -0
package/dist/auth/cell_audit_metadata.js +46 -0
package/dist/auth/cell_authorize.d.ts +88 -0
package/dist/auth/cell_authorize.d.ts.map +1 -0
package/dist/auth/cell_authorize.js +172 -0
package/dist/auth/cell_data_schema.d.ts +44 -0
package/dist/auth/cell_data_schema.d.ts.map +1 -0
package/dist/auth/cell_data_schema.js +42 -0
package/dist/auth/cell_field_action_specs.d.ts +244 -0
package/dist/auth/cell_field_action_specs.d.ts.map +1 -0
package/dist/auth/cell_field_action_specs.js +136 -0
package/dist/auth/cell_field_actions.d.ts +34 -0
package/dist/auth/cell_field_actions.d.ts.map +1 -0
package/dist/auth/cell_field_actions.js +153 -0
package/dist/auth/cell_field_audit_metadata.d.ts +30 -0
package/dist/auth/cell_field_audit_metadata.d.ts.map +1 -0
package/dist/auth/cell_field_audit_metadata.js +28 -0
package/dist/auth/cell_grant_action_specs.d.ts +333 -0
package/dist/auth/cell_grant_action_specs.d.ts.map +1 -0
package/dist/auth/cell_grant_action_specs.js +148 -0
package/dist/auth/cell_grant_actions.d.ts +50 -0
package/dist/auth/cell_grant_actions.d.ts.map +1 -0
package/dist/auth/cell_grant_actions.js +208 -0
package/dist/auth/cell_grant_audit_metadata.d.ts +75 -0
package/dist/auth/cell_grant_audit_metadata.d.ts.map +1 -0
package/dist/auth/cell_grant_audit_metadata.js +54 -0
package/dist/auth/cell_item_action_specs.d.ts +331 -0
package/dist/auth/cell_item_action_specs.d.ts.map +1 -0
package/dist/auth/cell_item_action_specs.js +182 -0
package/dist/auth/cell_item_actions.d.ts +37 -0
package/dist/auth/cell_item_actions.d.ts.map +1 -0
package/dist/auth/cell_item_actions.js +204 -0
package/dist/auth/cell_item_audit_metadata.d.ts +35 -0
package/dist/auth/cell_item_audit_metadata.d.ts.map +1 -0
package/dist/auth/cell_item_audit_metadata.js +32 -0
package/dist/auth/cell_relation_visibility.d.ts +32 -0
package/dist/auth/cell_relation_visibility.d.ts.map +1 -0
package/dist/auth/cell_relation_visibility.js +57 -0
package/dist/auth/deps.d.ts +9 -0
package/dist/auth/deps.d.ts.map +1 -1
package/dist/auth/role_grant_queries.d.ts +30 -0
package/dist/auth/role_grant_queries.d.ts.map +1 -1
package/dist/auth/role_grant_queries.js +54 -0
package/dist/auth/signup_routes.d.ts +0 -3
package/dist/auth/signup_routes.d.ts.map +1 -1
package/dist/auth/signup_routes.js +9 -3
package/dist/auth/standard_rpc_actions.d.ts +5 -5
package/dist/auth/standard_rpc_actions.js +4 -4
package/dist/db/CLAUDE.md +118 -0
package/dist/db/cell_audit_queries.d.ts +26 -0
package/dist/db/cell_audit_queries.d.ts.map +1 -0
package/dist/db/cell_audit_queries.js +53 -0
package/dist/db/cell_ddl.d.ts +151 -0
package/dist/db/cell_ddl.d.ts.map +1 -0
package/dist/db/cell_ddl.js +247 -0
package/dist/db/cell_field_queries.d.ts +105 -0
package/dist/db/cell_field_queries.d.ts.map +1 -0
package/dist/db/cell_field_queries.js +113 -0
package/dist/db/cell_grant_queries.d.ts +132 -0
package/dist/db/cell_grant_queries.d.ts.map +1 -0
package/dist/db/cell_grant_queries.js +145 -0
package/dist/db/cell_history_ddl.d.ts +38 -0
package/dist/db/cell_history_ddl.d.ts.map +1 -0
package/dist/db/cell_history_ddl.js +61 -0
package/dist/db/cell_item_queries.d.ts +107 -0
package/dist/db/cell_item_queries.d.ts.map +1 -0
package/dist/db/cell_item_queries.js +119 -0
package/dist/db/cell_queries.d.ts +327 -0
package/dist/db/cell_queries.d.ts.map +1 -0
package/dist/db/cell_queries.js +431 -0
package/dist/db/fact_ddl.d.ts +38 -0
package/dist/db/fact_ddl.d.ts.map +1 -0
package/dist/db/fact_ddl.js +71 -0
package/dist/db/fact_queries.d.ts +140 -0
package/dist/db/fact_queries.d.ts.map +1 -0
package/dist/db/fact_queries.js +161 -0
package/dist/db/fact_store.d.ts +112 -0
package/dist/db/fact_store.d.ts.map +1 -0
package/dist/db/fact_store.js +225 -0
package/dist/server/app_server.d.ts +1 -7
package/dist/server/app_server.d.ts.map +1 -1
package/dist/server/app_server.js +1 -5
package/dist/server/env.d.ts +2 -0
package/dist/server/env.d.ts.map +1 -1
package/dist/server/env.js +6 -0
package/dist/server/fact_write.d.ts +32 -0
package/dist/server/fact_write.d.ts.map +1 -0
package/dist/server/fact_write.js +56 -0
package/dist/server/file_fact_fetcher.d.ts +42 -0
package/dist/server/file_fact_fetcher.d.ts.map +1 -0
package/dist/server/file_fact_fetcher.js +60 -0
package/dist/server/file_fact_url.d.ts +53 -0
package/dist/server/file_fact_url.d.ts.map +1 -0
package/dist/server/file_fact_url.js +52 -0
package/dist/server/serve_fact_route.d.ts +78 -0
package/dist/server/serve_fact_route.d.ts.map +1 -0
package/dist/server/serve_fact_route.js +205 -0
package/dist/testing/CLAUDE.md +142 -6
package/dist/testing/app_server.d.ts +46 -0
package/dist/testing/app_server.d.ts.map +1 -1
package/dist/testing/app_server.js +67 -8
package/dist/testing/audit_completeness.d.ts.map +1 -1
package/dist/testing/audit_completeness.js +67 -1
package/dist/testing/cross_backend/account_lifecycle.d.ts +10 -0
package/dist/testing/cross_backend/account_lifecycle.d.ts.map +1 -0
package/dist/testing/cross_backend/account_lifecycle.js +144 -0
package/dist/testing/cross_backend/actor_lookup.d.ts +10 -0
package/dist/testing/cross_backend/actor_lookup.d.ts.map +1 -0
package/dist/testing/cross_backend/actor_lookup.js +83 -0
package/dist/testing/cross_backend/actor_search.d.ts +6 -0
package/dist/testing/cross_backend/actor_search.d.ts.map +1 -0
package/dist/testing/cross_backend/actor_search.js +92 -0
package/dist/testing/cross_backend/app_settings.d.ts +6 -0
package/dist/testing/cross_backend/app_settings.d.ts.map +1 -0
package/dist/testing/cross_backend/app_settings.js +95 -0
package/dist/testing/cross_backend/backend_config.d.ts +1 -1
package/dist/testing/cross_backend/capabilities.d.ts +29 -7
package/dist/testing/cross_backend/capabilities.d.ts.map +1 -1
package/dist/testing/cross_backend/capabilities.js +3 -1
package/dist/testing/cross_backend/cell_cross_helpers.d.ts +39 -0
package/dist/testing/cross_backend/cell_cross_helpers.d.ts.map +1 -0
package/dist/testing/cross_backend/cell_cross_helpers.js +45 -0
package/dist/testing/cross_backend/cell_crud.d.ts +4 -0
package/dist/testing/cross_backend/cell_crud.d.ts.map +1 -0
package/dist/testing/cross_backend/cell_crud.js +168 -0
package/dist/testing/cross_backend/cell_grant_role.d.ts +8 -0
package/dist/testing/cross_backend/cell_grant_role.d.ts.map +1 -0
package/dist/testing/cross_backend/cell_grant_role.js +102 -0
package/dist/testing/cross_backend/cell_relations.d.ts +4 -0
package/dist/testing/cross_backend/cell_relations.d.ts.map +1 -0
package/dist/testing/cross_backend/cell_relations.js +229 -0
package/dist/testing/cross_backend/conformance_case.d.ts +144 -0
package/dist/testing/cross_backend/conformance_case.d.ts.map +1 -0
package/dist/testing/cross_backend/conformance_case.js +132 -0
package/dist/testing/cross_backend/conformance_table.d.ts +46 -0
package/dist/testing/cross_backend/conformance_table.d.ts.map +1 -0
package/dist/testing/cross_backend/conformance_table.js +199 -0
package/dist/testing/cross_backend/default_backend_configs.d.ts.map +1 -1
package/dist/testing/cross_backend/default_backend_configs.js +6 -2
package/dist/testing/cross_backend/default_spine_surface.d.ts +17 -9
package/dist/testing/cross_backend/default_spine_surface.d.ts.map +1 -1
package/dist/testing/cross_backend/default_spine_surface.js +20 -12
package/dist/testing/cross_backend/origin.d.ts +10 -0
package/dist/testing/cross_backend/origin.d.ts.map +1 -0
package/dist/testing/cross_backend/origin.js +73 -0
package/dist/testing/cross_backend/setup.d.ts +22 -40
package/dist/testing/cross_backend/setup.d.ts.map +1 -1
package/dist/testing/cross_backend/setup.js +39 -5
package/dist/testing/cross_backend/testing_reset_actions.d.ts +90 -2
package/dist/testing/cross_backend/testing_reset_actions.d.ts.map +1 -1
package/dist/testing/cross_backend/testing_reset_actions.js +91 -3
package/dist/testing/cross_backend/xfail.d.ts +15 -0
package/dist/testing/cross_backend/xfail.d.ts.map +1 -0
package/dist/testing/cross_backend/xfail.js +37 -0
package/dist/testing/entities.d.ts.map +1 -1
package/dist/testing/entities.js +4 -0
package/dist/testing/integration.d.ts +2 -3
package/dist/testing/integration.d.ts.map +1 -1
package/dist/testing/integration.js +20 -85
package/dist/testing/rate_limiting.d.ts +1 -1
package/dist/testing/rpc_helpers.d.ts +3 -3
package/dist/testing/sse_round_trip.d.ts +1 -1
package/dist/testing/stubs.d.ts.map +1 -1
package/dist/testing/stubs.js +0 -1
package/dist/testing/ws_round_trip.d.ts.map +1 -1
package/dist/testing/ws_round_trip.js +4 -0
package/dist/ui/AdminAccounts.svelte +84 -35
package/dist/ui/AdminAccounts.svelte.d.ts.map +1 -1
package/dist/ui/AdminSessions.svelte +21 -23
package/dist/ui/AdminSessions.svelte.d.ts.map +1 -1
package/dist/ui/CLAUDE.md +17 -26
package/dist/ui/OpenSignupToggle.svelte +2 -5
package/dist/ui/OpenSignupToggle.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.d.ts +9 -10
package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.js +7 -17
package/dist/ui/admin_accounts_state.svelte.d.ts +41 -20
package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -1
package/dist/ui/admin_accounts_state.svelte.js +52 -22
package/dist/ui/admin_invites_state.svelte.d.ts +8 -11
package/dist/ui/admin_invites_state.svelte.d.ts.map +1 -1
package/dist/ui/admin_invites_state.svelte.js +7 -16
package/dist/ui/admin_rpc_adapters.d.ts +6 -2
package/dist/ui/admin_rpc_adapters.d.ts.map +1 -1
package/dist/ui/admin_rpc_adapters.js +5 -1
package/dist/ui/admin_sessions_state.svelte.d.ts +6 -10
package/dist/ui/admin_sessions_state.svelte.d.ts.map +1 -1
package/dist/ui/admin_sessions_state.svelte.js +4 -14
package/dist/ui/app_settings_state.svelte.d.ts +8 -12
package/dist/ui/app_settings_state.svelte.d.ts.map +1 -1
package/dist/ui/app_settings_state.svelte.js +6 -16
package/dist/ui/audit_log_state.svelte.d.ts +9 -8
package/dist/ui/audit_log_state.svelte.d.ts.map +1 -1
package/dist/ui/audit_log_state.svelte.js +8 -20
package/package.json +2 -2

package/dist/db/fact_queries.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"fact_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/db/fact_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,iBAAiB,CAAC;AAE/C,OAAO,KAAK,EAAC,QAAQ,EAAC,MAAM,+BAA+B,CAAC;AAE5D,2CAA2C;AAC3C,MAAM,WAAW,OAAO;IACvB,IAAI,EAAE,QAAQ,CAAC;IACf,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IACzB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IACtB,UAAU,EAAE,IAAI,CAAC;CACjB;AAED,qEAAqE;AACrE,MAAM,WAAW,WAAW;IAC3B,IAAI,EAAE,QAAQ,CAAC;IACf,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IACtB,UAAU,EAAE,IAAI,CAAC;CACjB;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,GAC1B,MAAM,SAAS,EACf,OAAO;IACN,IAAI,EAAE,QAAQ,CAAC;IACf,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IACzB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;CACb,KACC,OAAO,CAAC,OAAO,CASjB,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,GAC/B,MAAM,SAAS,EACf,aAAa,QAAQ,EACrB,eAAe,KAAK,CAAC,QAAQ,CAAC,KAC5B,OAAO,CAAC,IAAI,CAQd,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,cAAc,GAAU,MAAM,SAAS,EAAE,MAAM,QAAQ,KAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAO5F,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,mBAAmB,GAC/B,MAAM,SAAS,EACf,MAAM,QAAQ,KACZ,OAAO,CAAC,WAAW,GAAG,IAAI,CAO5B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,GAAU,MAAM,SAAS,EAAE,MAAM,QAAQ,KAAG,OAAO,CAAC,OAAO,CAMrF,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mBAAmB,GAC/B,MAAM,SAAS,EACf,aAAa,QAAQ,KACnB,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAMzB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,iBAAiB,GAC7B,MAAM,SAAS,EACf,MAAM,QAAQ,KACZ,OAAO,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;CAAC,GAAG,IAAI,CAQ5D,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,WAAW,qBAAqB;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,QAAQ,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;KAC5B,CAAC,CAAC;CACH;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,uBAAuB,GACnC,MAAM,SAAS,EACf,YAAY,IAAI,GAAG,IAAI,EACvB,cAAc,MAAM,KAClB,OAAO,CAAC,qBAAqB,CAwC/B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oCAAoC,GAChD,MAAM,SAAS,EACf,YAAY,IAAI,KACd,OAAO,CAAC,KAAK,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;CAAC,CAAC,CAiB5E,CAAC"}

package/dist/db/fact_queries.js ADDED Viewed

@@ -0,0 +1,161 @@
+/**
+ * Raw queries against the `facts` and `fact_refs` tables.
+ *
+ * Convention: `deps: QueryDeps` first, no audit side effects, mutations are
+ * idempotent (`ON CONFLICT DO NOTHING`) so the same hash can be written by
+ * two callers without the second observing an error.
+ *
+ * Higher-level lifecycle (verify-on-read, JSON ref auto-extraction,
+ * embedded-vs-referenced selection) lives in `db/fact_store.ts`. Queries
+ * here are deliberately mechanical.
+ *
+ * @module
+ */
+/**
+ * Idempotently insert a fact row.
+ *
+ * `bytes` xor `external_url` per the `facts_storage_present` CHECK
+ * constraint; the caller is responsible for satisfying it (the queries
+ * layer does not second-guess). Returns `true` when a new row was
+ * inserted, `false` when a row already existed (caller can use this to
+ * decide whether to also write `fact_refs`).
+ */
+export const query_put_fact = async (deps, input) => {
+    const row = await deps.db.query_one(`INSERT INTO facts (hash, bytes, external_url, content_type, size)
+		 VALUES ($1, $2, $3, $4, $5)
+		 ON CONFLICT (hash) DO NOTHING
+		 RETURNING hash`, [input.hash, input.bytes, input.external_url, input.content_type, input.size]);
+    return row !== undefined;
+};
+/**
+ * Idempotently insert declared refs for a fact. No-ops on `(source_hash,
+ * target_hash)` collisions and skips the round trip entirely when
+ * `target_hashes` is empty.
+ */
+export const query_put_fact_refs = async (deps, source_hash, target_hashes) => {
+    if (target_hashes.length === 0)
+        return;
+    await deps.db.query(`INSERT INTO fact_refs (source_hash, target_hash)
+		 SELECT $1::text, unnest($2::text[])
+		 ON CONFLICT (source_hash, target_hash) DO NOTHING`, [source_hash, target_hashes]);
+};
+/**
+ * Fetch a fact's full row (including embedded `bytes`). Use this from
+ * `FactStore.get`; cheaper accessors live below.
+ */
+export const query_get_fact = async (deps, hash) => {
+    const row = await deps.db.query_one(`SELECT hash, bytes, external_url, content_type, size, created_at
+		 FROM facts WHERE hash = $1`, [hash]);
+    return row ?? null;
+};
+/**
+ * Fetch metadata only — skips the (potentially large) `bytes` column.
+ */
+export const query_get_fact_meta = async (deps, hash) => {
+    const row = await deps.db.query_one(`SELECT hash, external_url, content_type, size, created_at
+		 FROM facts WHERE hash = $1`, [hash]);
+    return row ?? null;
+};
+/**
+ * Cheap existence check. Backed by the `facts` PK index.
+ */
+export const query_has_fact = async (deps, hash) => {
+    const row = await deps.db.query_one(`SELECT EXISTS(SELECT 1 FROM facts WHERE hash = $1) AS exists`, [hash]);
+    return row?.exists ?? false;
+};
+/**
+ * List declared targets for a source fact. Order is unspecified; callers
+ * that need stable ordering should sort.
+ */
+export const query_get_fact_refs = async (deps, source_hash) => {
+    const rows = await deps.db.query(`SELECT target_hash FROM fact_refs WHERE source_hash = $1`, [source_hash]);
+    return rows.map((r) => r.target_hash);
+};
+/**
+ * Drop a fact row. Cascades `fact_refs` rows via the `ON DELETE CASCADE`
+ * FK on `source_hash`. Returns the deleted row's `(size, external_url)`
+ * so the caller can unlink the disk file (if any) and tally freed bytes,
+ * or `null` when no row matched (idempotent: deleting an absent fact is
+ * not an error).
+ *
+ * NOTE: this is a low-level primitive — callers MUST verify the fact is
+ * truly orphan (no referencing cell) before calling. The orphan check
+ * lives in `query_orphan_facts_*` below; the lifecycle wrapper in
+ * `PgFactStore.delete` handles the disk-file unlink.
+ */
+export const query_delete_fact = async (deps, hash) => {
+    const row = await deps.db.query_one(`DELETE FROM facts WHERE hash = $1
+		 RETURNING size, external_url`, [hash]);
+    if (!row)
+        return null;
+    return { size: Number(row.size), external_url: row.external_url };
+};
+/**
+ * Compute the "orphan facts" set: rows in `facts` where no active
+ * (non-tombstone) `cell.refs` array contains the hash.
+ *
+ * The `cell` join is deliberately app-coupled — `facts` lives in the
+ * `fuz_facts` namespace and `cell.refs` lives in `fuz_cell`, but the
+ * orphan predicate only makes sense in apps that route content through
+ * cells. When a non-cell fact consumer ever appears (signed memo
+ * outputs? external fact mirrors?) the predicate moves to a generic
+ * `fact_consumers` registry; today the cell layer is the only consumer.
+ *
+ * The `older_than` filter applies to `facts.created_at`. Pass `null`
+ * to skip the filter (used by the list-summary preview); the delete
+ * handler always passes a non-null cutoff (default 0, meaning "any
+ * orphan").
+ *
+ * @param deps - query deps
+ * @param older_than - filter to facts created before this Date (or null
+ *   to skip)
+ * @param sample_limit - row cap for the returned `sample`
+ */
+export const query_orphan_facts_list = async (deps, older_than, sample_limit) => {
+    const summary = await deps.db.query_one(`SELECT COUNT(*)::bigint AS count, COALESCE(SUM(size), 0)::bigint AS total
+		 FROM facts f
+		 WHERE NOT EXISTS (
+		   SELECT 1 FROM cell c
+		   WHERE c.refs @> ARRAY[f.hash]::text[]
+		     AND c.deleted_at IS NULL
+		 )
+		 AND ($1::timestamptz IS NULL OR f.created_at < $1::timestamptz)`, [older_than]);
+    const sample_rows = await deps.db.query(`SELECT hash, size, created_at, external_url
+		 FROM facts f
+		 WHERE NOT EXISTS (
+		   SELECT 1 FROM cell c
+		   WHERE c.refs @> ARRAY[f.hash]::text[]
+		     AND c.deleted_at IS NULL
+		 )
+		 AND ($1::timestamptz IS NULL OR f.created_at < $1::timestamptz)
+		 ORDER BY f.created_at ASC
+		 LIMIT $2`, [older_than, sample_limit]);
+    return {
+        count: Number(summary?.count ?? 0),
+        total_size_bytes: Number(summary?.total ?? 0),
+        sample: sample_rows.map((r) => ({
+            hash: r.hash,
+            size: Number(r.size),
+            created_at: typeof r.created_at === 'string' ? r.created_at : r.created_at.toISOString(),
+            external_url: r.external_url,
+        })),
+    };
+};
+/**
+ * Select the orphan-fact hashes for deletion. Returns the rows directly
+ * (no row-count limit) — callers iterate to unlink disk files. The
+ * `older_than` cutoff is required (non-null) here: bulk delete should
+ * always be operator-scoped to a time window. A "delete all" sweep
+ * passes a far-future cutoff, not `null`.
+ */
+export const query_orphan_facts_select_for_delete = async (deps, older_than) => {
+    const rows = await deps.db.query(`SELECT hash, size, external_url
+		 FROM facts f
+		 WHERE NOT EXISTS (
+		   SELECT 1 FROM cell c
+		   WHERE c.refs @> ARRAY[f.hash]::text[]
+		     AND c.deleted_at IS NULL
+		 )
+		 AND f.created_at < $1::timestamptz`, [older_than]);
+    return rows.map((r) => ({ hash: r.hash, size: Number(r.size), external_url: r.external_url }));
+};

package/dist/db/fact_store.d.ts ADDED Viewed

@@ -0,0 +1,112 @@
+/**
+ * PG-backed `FactStore` implementation.
+ *
+ * Wraps the raw queries in `db/fact_queries.ts` with the lifecycle the
+ * `FactStore` interface promises:
+ *
+ * - sync hash on `put`, stream hash on `put_ref` (counting bytes against
+ *   the caller-supplied `size`)
+ * - idempotent insert (`ON CONFLICT DO NOTHING` in the queries layer)
+ * - JSON ref auto-extraction when `content_type` signals JSON and the
+ *   caller didn't pass an explicit `refs` array
+ * - verify-on-read for external content; embedded reads skip verify
+ *   because PG storage IS the hash table
+ * - mismatched external bytes return `null` + log warning (treat as
+ *   unavailable; GC / repair is a separate concern)
+ *
+ * Embedded vs referenced split: callers route by size. `put` rejects
+ * `bytes.length > embedded_threshold` so oversized content takes the
+ * `put_ref` path explicitly. Auto-split inside `put` is a future option.
+ *
+ * Wired with a filesystem `file:`-URL fetcher (`create_file_fact_fetcher`)
+ * at server assembly: bytes ≤ threshold embed via `put`, larger bytes go
+ * through atomic temp+rename onto disk then `put_ref('file:<shard>/<rest>',
+ * size)` for verified registration.
+ *
+ * @module
+ */
+import type { QueryDeps } from './query_deps.js';
+import type { Logger } from '@fuzdev/fuz_util/log.js';
+import { type FactHash } from '@fuzdev/fuz_util/fact_hash.js';
+import type { FactMeta, FactPutOptions, FactStore } from '@fuzdev/fuz_util/fact_store.js';
+/** Default embedded-vs-referenced cutoff (1 MiB). */
+export declare const FACT_EMBEDDED_THRESHOLD_DEFAULT: number;
+/** Fetcher abstraction so tests can stub external URL retrieval. */
+export interface FactExternalFetcher {
+    fetch_stream: (url: string) => Promise<ReadableStream<Uint8Array>>;
+    fetch_bytes: (url: string) => Promise<Uint8Array>;
+}
+/** Default fetcher backed by `globalThis.fetch`. */
+export declare const create_default_fetcher: () => FactExternalFetcher;
+/**
+ * Construction-time deps for `PgFactStore`.
+ *
+ * `embedded_threshold` (bytes) is the inline-vs-external cutoff: payloads
+ * at or under it store embedded in the `facts` row, larger ones route to
+ * the external fetcher. Defaults to `FACT_EMBEDDED_THRESHOLD_DEFAULT`
+ * (1 MiB). Consumers tune it per workload — e.g. a much lower bound
+ * (~16 KiB) keeps only small JSON inline and routes image originals +
+ * thumbnails external. `fetcher` defaults to a `globalThis.fetch`-backed
+ * implementation; tests inject a stub. `log` is optional — the only call
+ * site is the verify-mismatch warning path.
+ */
+export interface PgFactStoreDeps {
+    deps: QueryDeps;
+    embedded_threshold?: number;
+    fetcher?: FactExternalFetcher;
+    log?: Logger;
+}
+/**
+ * PG-backed `FactStore`. Delegates to `db/fact_queries.ts` for I/O and adds
+ * the lifecycle layer described in the module doc.
+ */
+export declare class PgFactStore implements FactStore {
+    #private;
+    constructor(options: PgFactStoreDeps);
+    /**
+     * Store small bytes embedded in PG. Rejects oversized content so the
+     * caller routes it through `put_ref` explicitly — implicit splitting
+     * hides the size decision from the caller.
+     */
+    put(bytes: Uint8Array, options?: FactPutOptions): Promise<FactHash>;
+    /**
+     * Stream-hash external content and record `(hash, external_url, size)`.
+     * Throws when the streamed byte count disagrees with the caller's
+     * declared `size` — a size mismatch usually means the upload was
+     * truncated or the URL points at the wrong content.
+     */
+    put_ref(url: string, size: number, options?: FactPutOptions): Promise<FactHash>;
+    /**
+     * Retrieve bytes. Embedded reads return PG bytes directly; external
+     * reads fetch + verify and return `null` (with a warning log) when
+     * the bytes don't match the stored hash.
+     */
+    get(hash: FactHash): Promise<Uint8Array | null>;
+    has(hash: FactHash): Promise<boolean>;
+    get_meta(hash: FactHash): Promise<FactMeta | null>;
+    get_refs(hash: FactHash): Promise<Array<FactHash>>;
+    /**
+     * Drop a fact row. `fact_refs` rows referencing this hash as a source
+     * cascade via the FK; `fact_refs` targeting this hash do **not** —
+     * they remain as dangling pointers, consistent with the federation
+     * model where `target_hash` is intentionally not a FK.
+     *
+     * Idempotent: deleting an absent fact returns `null`. The store does
+     * NOT verify the fact is unreferenced — that policy lives one layer
+     * up (the orphan-fact admin surface in the consumer; a future GC walker).
+     *
+     * External-URL unlink is the caller's responsibility — the store
+     * doesn't know how to resolve `file:` / `s3:` / etc. URLs to a
+     * deletable handle. Caller iterates the returned `external_url`
+     * (when non-null) and dispatches to the appropriate cleanup
+     * routine. Mirrors the read-side `FactExternalFetcher` split.
+     *
+     * @returns `{size, external_url}` for the deleted row, or `null` if
+     *   no row matched the hash.
+     */
+    delete(hash: FactHash): Promise<{
+        size: number;
+        external_url: string | null;
+    } | null>;
+}
+//# sourceMappingURL=fact_store.d.ts.map

package/dist/db/fact_store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"fact_store.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/db/fact_store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,iBAAiB,CAAC;AAC/C,OAAO,KAAK,EAAC,MAAM,EAAC,MAAM,yBAAyB,CAAC;AAEpD,OAAO,EAKN,KAAK,QAAQ,EACb,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,EAAC,MAAM,gCAAgC,CAAC;AAYxF,qDAAqD;AACrD,eAAO,MAAM,+BAA+B,QAAc,CAAC;AAE3D,oEAAoE;AACpE,MAAM,WAAW,mBAAmB;IACnC,YAAY,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;IACnE,WAAW,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;CAClD;AAED,oDAAoD;AACpD,eAAO,MAAM,sBAAsB,QAAO,mBAkBxC,CAAC;AAEH;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,eAAe;IAC/B,IAAI,EAAE,SAAS,CAAC;IAChB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,mBAAmB,CAAC;IAC9B,GAAG,CAAC,EAAE,MAAM,CAAC;CACb;AAED;;;GAGG;AACH,qBAAa,WAAY,YAAW,SAAS;;gBAMhC,OAAO,EAAE,eAAe;IAOpC;;;;OAIG;IACG,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;IAoBzE;;;;;OAKG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;IAqBrF;;;;OAIG;IACG,GAAG,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IA4B/C,GAAG,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAIrC,QAAQ,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAWlD,QAAQ,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAIxD;;;;;;;;;;;;;;;;;;OAkBG;IACG,MAAM,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;KAAC,GAAG,IAAI,CAAC;CAGzF"}

package/dist/db/fact_store.js ADDED Viewed

@@ -0,0 +1,225 @@
+/**
+ * PG-backed `FactStore` implementation.
+ *
+ * Wraps the raw queries in `db/fact_queries.ts` with the lifecycle the
+ * `FactStore` interface promises:
+ *
+ * - sync hash on `put`, stream hash on `put_ref` (counting bytes against
+ *   the caller-supplied `size`)
+ * - idempotent insert (`ON CONFLICT DO NOTHING` in the queries layer)
+ * - JSON ref auto-extraction when `content_type` signals JSON and the
+ *   caller didn't pass an explicit `refs` array
+ * - verify-on-read for external content; embedded reads skip verify
+ *   because PG storage IS the hash table
+ * - mismatched external bytes return `null` + log warning (treat as
+ *   unavailable; GC / repair is a separate concern)
+ *
+ * Embedded vs referenced split: callers route by size. `put` rejects
+ * `bytes.length > embedded_threshold` so oversized content takes the
+ * `put_ref` path explicitly. Auto-split inside `put` is a future option.
+ *
+ * Wired with a filesystem `file:`-URL fetcher (`create_file_fact_fetcher`)
+ * at server assembly: bytes ≤ threshold embed via `put`, larger bytes go
+ * through atomic temp+rename onto disk then `put_ref('file:<shard>/<rest>',
+ * size)` for verified registration.
+ *
+ * @module
+ */
+import { fact_hash_bytes, fact_hash_stream, fact_hash_verify, fact_hash_extract_refs, } from '@fuzdev/fuz_util/fact_hash.js';
+import { query_delete_fact, query_get_fact, query_get_fact_meta, query_get_fact_refs, query_has_fact, query_put_fact, query_put_fact_refs, } from './fact_queries.js';
+/** Default embedded-vs-referenced cutoff (1 MiB). */
+export const FACT_EMBEDDED_THRESHOLD_DEFAULT = 1024 * 1024;
+/** Default fetcher backed by `globalThis.fetch`. */
+export const create_default_fetcher = () => ({
+    fetch_stream: async (url) => {
+        const response = await fetch(url);
+        if (!response.ok) {
+            throw new Error(`fact fetch failed: ${response.status} ${url}`);
+        }
+        if (!response.body) {
+            throw new Error(`fact fetch returned no body: ${url}`);
+        }
+        return response.body;
+    },
+    fetch_bytes: async (url) => {
+        const response = await fetch(url);
+        if (!response.ok) {
+            throw new Error(`fact fetch failed: ${response.status} ${url}`);
+        }
+        return new Uint8Array(await response.arrayBuffer());
+    },
+});
+/**
+ * PG-backed `FactStore`. Delegates to `db/fact_queries.ts` for I/O and adds
+ * the lifecycle layer described in the module doc.
+ */
+export class PgFactStore {
+    #deps;
+    #embedded_threshold;
+    #fetcher;
+    #log;
+    constructor(options) {
+        this.#deps = options.deps;
+        this.#embedded_threshold = options.embedded_threshold ?? FACT_EMBEDDED_THRESHOLD_DEFAULT;
+        this.#fetcher = options.fetcher ?? create_default_fetcher();
+        this.#log = options.log;
+    }
+    /**
+     * Store small bytes embedded in PG. Rejects oversized content so the
+     * caller routes it through `put_ref` explicitly — implicit splitting
+     * hides the size decision from the caller.
+     */
+    async put(bytes, options) {
+        if (bytes.length > this.#embedded_threshold) {
+            throw new Error(`fact bytes exceed embedded threshold (${bytes.length} > ${this.#embedded_threshold}); use put_ref for external storage`);
+        }
+        const hash = fact_hash_bytes(bytes);
+        const inserted = await query_put_fact(this.#deps, {
+            hash,
+            bytes,
+            external_url: null,
+            content_type: options?.content_type ?? null,
+            size: bytes.length,
+        });
+        if (inserted) {
+            await query_put_fact_refs(this.#deps, hash, resolve_refs(bytes, options));
+        }
+        return hash;
+    }
+    /**
+     * Stream-hash external content and record `(hash, external_url, size)`.
+     * Throws when the streamed byte count disagrees with the caller's
+     * declared `size` — a size mismatch usually means the upload was
+     * truncated or the URL points at the wrong content.
+     */
+    async put_ref(url, size, options) {
+        const stream = await this.#fetcher.fetch_stream(url);
+        const { hash, byte_count } = await hash_counted_stream(stream);
+        if (byte_count !== size) {
+            throw new Error(`fact size mismatch for ${url}: caller declared ${size}, streamed ${byte_count}`);
+        }
+        const inserted = await query_put_fact(this.#deps, {
+            hash,
+            bytes: null,
+            external_url: url,
+            content_type: options?.content_type ?? null,
+            size,
+        });
+        if (inserted && options?.refs && options.refs.length > 0) {
+            await query_put_fact_refs(this.#deps, hash, options.refs);
+        }
+        return hash;
+    }
+    /**
+     * Retrieve bytes. Embedded reads return PG bytes directly; external
+     * reads fetch + verify and return `null` (with a warning log) when
+     * the bytes don't match the stored hash.
+     */
+    async get(hash) {
+        const row = await query_get_fact(this.#deps, hash);
+        if (!row)
+            return null;
+        if (row.bytes !== null) {
+            return to_uint8(row.bytes);
+        }
+        if (row.external_url === null) {
+            return null;
+        }
+        let bytes;
+        try {
+            bytes = await this.#fetcher.fetch_bytes(row.external_url);
+        }
+        catch (err) {
+            this.#log?.warn(`PgFactStore.get fetch failed for ${hash} at ${row.external_url}:`, err instanceof Error ? err.message : String(err));
+            return null;
+        }
+        if (!fact_hash_verify(hash, bytes)) {
+            this.#log?.warn(`PgFactStore.get verify mismatch for ${hash} at ${row.external_url}; treating as not-found`);
+            return null;
+        }
+        return bytes;
+    }
+    async has(hash) {
+        return query_has_fact(this.#deps, hash);
+    }
+    async get_meta(hash) {
+        const row = await query_get_fact_meta(this.#deps, hash);
+        if (!row)
+            return null;
+        return {
+            content_type: row.content_type,
+            size: Number(row.size),
+            created_at: row.created_at,
+            external: row.external_url !== null,
+        };
+    }
+    async get_refs(hash) {
+        return query_get_fact_refs(this.#deps, hash);
+    }
+    /**
+     * Drop a fact row. `fact_refs` rows referencing this hash as a source
+     * cascade via the FK; `fact_refs` targeting this hash do **not** —
+     * they remain as dangling pointers, consistent with the federation
+     * model where `target_hash` is intentionally not a FK.
+     *
+     * Idempotent: deleting an absent fact returns `null`. The store does
+     * NOT verify the fact is unreferenced — that policy lives one layer
+     * up (the orphan-fact admin surface in the consumer; a future GC walker).
+     *
+     * External-URL unlink is the caller's responsibility — the store
+     * doesn't know how to resolve `file:` / `s3:` / etc. URLs to a
+     * deletable handle. Caller iterates the returned `external_url`
+     * (when non-null) and dispatches to the appropriate cleanup
+     * routine. Mirrors the read-side `FactExternalFetcher` split.
+     *
+     * @returns `{size, external_url}` for the deleted row, or `null` if
+     *   no row matched the hash.
+     */
+    async delete(hash) {
+        return query_delete_fact(this.#deps, hash);
+    }
+}
+/**
+ * Resolve refs for a `put` call: explicit `refs` win; otherwise auto-extract
+ * from JSON content; otherwise no refs.
+ */
+const resolve_refs = (bytes, options) => {
+    if (options?.refs !== undefined)
+        return options.refs;
+    if (options?.content_type !== 'application/json')
+        return [];
+    let value;
+    try {
+        value = JSON.parse(new TextDecoder().decode(bytes));
+    }
+    catch {
+        // Malformed JSON — caller mislabeled content_type. Fall back to no refs;
+        // the alternative (throwing) would surprise callers who set
+        // content_type advisorially.
+        return [];
+    }
+    return fact_hash_extract_refs(value);
+};
+/** Hash a stream while counting bytes. Lets `put_ref` verify size in one pass. */
+const hash_counted_stream = async (stream) => {
+    let byte_count = 0;
+    const counting = new TransformStream({
+        transform(chunk, controller) {
+            byte_count += chunk.length;
+            controller.enqueue(chunk);
+        },
+    });
+    const piped = stream.pipeThrough(counting);
+    const hash = await fact_hash_stream(piped);
+    return { hash, byte_count };
+};
+/**
+ * Coerce whatever the driver returns for BYTEA into a `Uint8Array`.
+ *
+ * `pg` returns `Buffer` (a `Uint8Array` subclass), `pglite` already returns
+ * `Uint8Array`. Wrapping `Buffer` in a fresh `Uint8Array` keeps the
+ * downstream type honest without a copy.
+ */
+const to_uint8 = (value) => value instanceof Uint8Array && value.constructor === Uint8Array
+    ? value
+    : new Uint8Array(value.buffer, value.byteOffset, value.byteLength);

package/dist/server/app_server.d.ts CHANGED Viewed

@@ -14,7 +14,6 @@ import { type SessionOptions } from '../auth/session_cookie.js';
 import type { BootstrapAccountSuccess } from '../auth/bootstrap_account.js';
 import type { EventSpec } from '../realtime/sse.js';
 import { type AuditLogSse } from '../realtime/sse_auth_guard.js';
-import type { AppSettings } from '../auth/app_settings_schema.js';
 import { type RateLimiter } from '../rate_limiter.js';
 import type { DaemonTokenState } from '../auth/daemon_token.js';
 import type { MigrationResult } from '../db/migrate.js';
@@ -193,8 +192,7 @@ export interface AppServerOptions {
      * Accepts either an array (evaluated eagerly) or a factory
      * `(ctx: AppServerContext) => Array<RpcEndpointSpec>` (evaluated after the
      * server context is assembled). Use the factory form when action lists
-     * depend on `ctx.deps` / `ctx.app_settings` — e.g.
-     * `create_standard_rpc_actions(ctx.deps, {app_settings: ctx.app_settings})`.
+     * depend on `ctx.deps` — e.g. `create_standard_rpc_actions(ctx.deps)`.
      */
     rpc_endpoints?: Array<RpcEndpointSpec> | ((context: AppServerContext) => Array<RpcEndpointSpec>);
     /**
@@ -294,8 +292,6 @@ export interface AppServerContext {
     action_ip_rate_limiter: RateLimiter | null;
     /** Per-actor action-dispatcher rate limiter — shared across HTTP RPC + WS. `null` when not configured. */
     action_account_rate_limiter: RateLimiter | null;
-    /** Global app settings (mutable ref — mutated by settings admin route). */
-    app_settings: AppSettings;
     /**
      * Factory-managed audit log SSE. Non-null when the `audit_log_sse`
      * option was passed to `create_app_server`, `null` when omitted.
@@ -309,8 +305,6 @@ export interface AppServer {
     /** Surface spec — serializable surface + raw specs that produced it. */
     surface_spec: AppSurfaceSpec;
     bootstrap_status: BootstrapStatus;
-    /** Global app settings (mutable ref — mutated by settings admin route). */
-    app_settings: AppSettings;
     /** Migration results from `create_app_backend` (auth + any `migration_namespaces` passed there). */
     migration_results: ReadonlyArray<MigrationResult>;
     /**

package/dist/server/app_server.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"app_server.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/app_server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,IAAI,EAAE,KAAK,OAAO,EAAC,MAAM,MAAM,CAAC;AAGxC,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAEN,KAAK,cAAc,EAEnB,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AAC1E,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAGN,KAAK,WAAW,EAChB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,~~KAAK,EAAC,WAAW,EAAC,MAAM,gCAAgC,CAAC;AAEhE,OAAO,~~EAKN,KAAK,WAAW,EAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,iBAAiB,CAAC;AAC7C,OAAO,KAAK,EAAC,UAAU,EAAC,MAAM,kBAAkB,CAAC;AAGjD,OAAO,oBAAoB,CAAC;AAE5B,OAAO,EAA2B,KAAK,kBAAkB,EAAC,MAAM,aAAa,CAAC;AAE9E,OAAO,EAEN,KAAK,cAAc,EAEnB,KAAK,eAAe,EACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,4BAA4B,CAAC;AAC/D,OAAO,EAGN,KAAK,eAAe,EACpB,MAAM,6BAA6B,CAAC;AASrC,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAKnE,OAAO,EAAC,yBAAyB,EAAC,MAAM,qCAAqC,CAAC;AAE9E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAClC,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IACf,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;CACb;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,sBAAsB,GAC/B,wBAAwB,GACxB,2BAA2B,GAC3B,oBAAoB,CAAC;AAExB,MAAM,WAAW,wBAAwB;IACxC,IAAI,EAAE,UAAU,CAAC;CACjB;AAED,MAAM,WAAW,2BAA2B;IAC3C,IAAI,EAAE,cAAc,CAAC;IACrB,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,uBAAuB,EAAE,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E;AAED;;;;;GAKG;AACH,MAAM,WAAW,gBAAgB;IAChC,2DAA2D;IAC3D,OAAO,EAAE,UAAU,CAAC;IACpB,6CAA6C;IAC7C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,sCAAsC;IACtC,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAE/B,6BAA6B;IAC7B,KAAK,EAAE;QACN,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,iBAAiB,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,CAAC;KACtD,CAAC;IAEF;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACrC;;;;;OAKG;IACH,0BAA0B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;;OAKG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,2DAA2D;IAC3D,kBAAkB,CAAC,EAAE,gBAAgB,CAAC;IAEtC,yEAAyE;IACzE,SAAS,CAAC,EAAE,sBAAsB,CAAC;IAEnC;;;OAGG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC;IAEtB;;;OAGG;IACH,kBAAkB,EAAE,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAEpE,4DAA4D;IAC5D,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,KAAK,CAAC,cAAc,CAAC,CAAC;IAE/E;;;;;;;;;;;;;;OAcG;IACH,aAAa,CAAC,EAAE,IAAI,GAAG;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAC,CAAC;IAEvC,gFAAgF;IAChF,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAE/B~~;;;;;;;;;;;OAWG~~;IACH,aAAa,CAAC,EAAE,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;IAEjG;;;;;;;;;;;OAWG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IAEpC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,YAAY,CAAC,EACV,aAAa,CAAC,cAAc,CAAC,GAC7B,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAElE;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IAEzB,mFAAmF;IACnF,qBAAqB,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAE9C,6DAA6D;IAC7D,cAAc,CAAC,EAAE;QAChB,YAAY,EAAE,kBAAkB,CAAC;QACjC,4DAA4D;QAC5D,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,gEAAgE;QAChE,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB;;;;WAIG;QACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;KACzC,CAAC;IAEF;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAEhC;;;;OAIG;IACH,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,kBAAkB,KAAK,IAAI,CAAC;IAExE,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,8CAA8C;AAC9C,MAAM,WAAW,gBAAgB;IAChC,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,UAAU,CAAC;IACpB,gBAAgB,EAAE,eAAe,CAAC;IAClC,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,yEAAyE;IACzE,eAAe,EAAE,WAAW,GAAG,IAAI,CAAC;IACpC,iFAAiF;IACjF,0BAA0B,EAAE,WAAW,GAAG,IAAI,CAAC;IAC/C,kFAAkF;IAClF,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD,uGAAuG;IACvG,sBAAsB,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,0GAA0G;IAC1G,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD~~,2EAA2E;IAC3E,YAAY,EAAE,WAAW,CAAC;IAC1B~~;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;CAC9B;AAED,uCAAuC;AACvC,MAAM,WAAW,SAAS;IACzB,GAAG,EAAE,IAAI,CAAC;IACV,wEAAwE;IACxE,YAAY,EAAE,cAAc,CAAC;IAC7B,gBAAgB,EAAE,eAAe,CAAC;IAClC,~~2EAA2E;IAC3E,YAAY,EAAE,WAAW,CAAC;IAC1B,~~oGAAoG;IACpG,iBAAiB,EAAE,aAAa,CAAC,eAAe,CAAC,CAAC;IAClD;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;IAC9B;;;;;;;;;;;OAWG;IACH,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,yBAAyB,CAAC,CAAC,CAAC;IAClE,mEAAmE;IACnE,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAI,QAAQ;IAAC,SAAS,EAAE,WAAW,GAAG,IAAI,CAAA;CAAC,KAAG,WAO3E,CAAC;AAEF,gDAAgD;AAChD,eAAO,MAAM,qBAAqB,QAAc,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAU,SAAS,gBAAgB,KAAG,OAAO,CAAC,SAAS,~~CA4XpF~~,CAAC"}
1	+ {"version":3,"file":"app_server.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/app_server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,IAAI,EAAE,KAAK,OAAO,EAAC,MAAM,MAAM,CAAC;AAGxC,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAEN,KAAK,cAAc,EAEnB,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AAC1E,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAGN,KAAK,WAAW,EAChB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAKN,KAAK,WAAW,EAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,iBAAiB,CAAC;AAC7C,OAAO,KAAK,EAAC,UAAU,EAAC,MAAM,kBAAkB,CAAC;AAGjD,OAAO,oBAAoB,CAAC;AAE5B,OAAO,EAA2B,KAAK,kBAAkB,EAAC,MAAM,aAAa,CAAC;AAE9E,OAAO,EAEN,KAAK,cAAc,EAEnB,KAAK,eAAe,EACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,4BAA4B,CAAC;AAC/D,OAAO,EAGN,KAAK,eAAe,EACpB,MAAM,6BAA6B,CAAC;AASrC,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAKnE,OAAO,EAAC,yBAAyB,EAAC,MAAM,qCAAqC,CAAC;AAE9E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAClC,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IACf,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;CACb;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,sBAAsB,GAC/B,wBAAwB,GACxB,2BAA2B,GAC3B,oBAAoB,CAAC;AAExB,MAAM,WAAW,wBAAwB;IACxC,IAAI,EAAE,UAAU,CAAC;CACjB;AAED,MAAM,WAAW,2BAA2B;IAC3C,IAAI,EAAE,cAAc,CAAC;IACrB,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,uBAAuB,EAAE,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E;AAED;;;;;GAKG;AACH,MAAM,WAAW,gBAAgB;IAChC,2DAA2D;IAC3D,OAAO,EAAE,UAAU,CAAC;IACpB,6CAA6C;IAC7C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,sCAAsC;IACtC,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAE/B,6BAA6B;IAC7B,KAAK,EAAE;QACN,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,iBAAiB,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,CAAC;KACtD,CAAC;IAEF;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACrC;;;;;OAKG;IACH,0BAA0B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;;OAKG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,2DAA2D;IAC3D,kBAAkB,CAAC,EAAE,gBAAgB,CAAC;IAEtC,yEAAyE;IACzE,SAAS,CAAC,EAAE,sBAAsB,CAAC;IAEnC;;;OAGG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC;IAEtB;;;OAGG;IACH,kBAAkB,EAAE,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAEpE,4DAA4D;IAC5D,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,KAAK,CAAC,cAAc,CAAC,CAAC;IAE/E;;;;;;;;;;;;;;OAcG;IACH,aAAa,CAAC,EAAE,IAAI,GAAG;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAC,CAAC;IAEvC,gFAAgF;IAChF,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAE/B;;;;;;;;;;OAUG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;IAEjG;;;;;;;;;;;OAWG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IAEpC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,YAAY,CAAC,EACV,aAAa,CAAC,cAAc,CAAC,GAC7B,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAElE;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IAEzB,mFAAmF;IACnF,qBAAqB,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAE9C,6DAA6D;IAC7D,cAAc,CAAC,EAAE;QAChB,YAAY,EAAE,kBAAkB,CAAC;QACjC,4DAA4D;QAC5D,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,gEAAgE;QAChE,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB;;;;WAIG;QACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;KACzC,CAAC;IAEF;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAEhC;;;;OAIG;IACH,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,kBAAkB,KAAK,IAAI,CAAC;IAExE,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,8CAA8C;AAC9C,MAAM,WAAW,gBAAgB;IAChC,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,UAAU,CAAC;IACpB,gBAAgB,EAAE,eAAe,CAAC;IAClC,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,yEAAyE;IACzE,eAAe,EAAE,WAAW,GAAG,IAAI,CAAC;IACpC,iFAAiF;IACjF,0BAA0B,EAAE,WAAW,GAAG,IAAI,CAAC;IAC/C,kFAAkF;IAClF,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD,uGAAuG;IACvG,sBAAsB,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,0GAA0G;IAC1G,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;CAC9B;AAED,uCAAuC;AACvC,MAAM,WAAW,SAAS;IACzB,GAAG,EAAE,IAAI,CAAC;IACV,wEAAwE;IACxE,YAAY,EAAE,cAAc,CAAC;IAC7B,gBAAgB,EAAE,eAAe,CAAC;IAClC,oGAAoG;IACpG,iBAAiB,EAAE,aAAa,CAAC,eAAe,CAAC,CAAC;IAClD;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;IAC9B;;;;;;;;;;;OAWG;IACH,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,yBAAyB,CAAC,CAAC,CAAC;IAClE,mEAAmE;IACnE,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAI,QAAQ;IAAC,SAAS,EAAE,WAAW,GAAG,IAAI,CAAA;CAAC,KAAG,WAO3E,CAAC;AAEF,gDAAgD;AAChD,eAAO,MAAM,qBAAqB,QAAc,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAU,SAAS,gBAAgB,KAAG,OAAO,CAAC,SAAS,CAwXpF,CAAC"}

package/dist/server/app_server.js CHANGED Viewed

@@ -14,7 +14,6 @@ import { z } from 'zod';
 import { session_cookie_options, } from '../auth/session_cookie.js';
 import { create_audit_log_sse, audit_log_event_specs, } from '../realtime/sse_auth_guard.js';
 import { BaseServerEnv } from './env.js';
-import { query_app_settings_load } from '../auth/app_settings_queries.js';
 import { create_rate_limiter, default_login_account_rate_limit, default_action_account_rate_limit, default_action_ip_rate_limit, } from '../rate_limiter.js';
 // Side-effect import: augments Hono's ContextVariableMap so consumers
 // that import app_server get type-safe c.get('auth_session_id') etc.
@@ -123,14 +122,13 @@ export const create_app_server = async (options) => {
     if (options.transform_middleware) {
         middleware_specs = options.transform_middleware(middleware_specs);
     }
-    // Bootstrap status + app settings
+    // Bootstrap status
     // - undefined / 'disabled': no route mounted; placeholder status.
     // - 'surface_only': route mounted but permanently unavailable; status placeholder.
     // - 'live': real disk + lock check via `check_bootstrap_status`.
     const bootstrap_status = options.bootstrap?.mode === 'live'
         ? await check_bootstrap_status(deps, { token_path: options.bootstrap.token_path })
         : { available: false, token_path: null };
-    const app_settings = await query_app_settings_load({ db: deps.db });
     // Surface route ref — factory manages the circular ref
     const surface_ref = {
         surface: {
@@ -154,7 +152,6 @@ export const create_app_server = async (options) => {
         signup_account_rate_limiter,
         action_ip_rate_limiter,
         action_account_rate_limiter,
-        app_settings,
         audit_sse,
     };
     const consumer_routes = options.create_route_specs(context);
@@ -404,7 +401,6 @@ export const create_app_server = async (options) => {
         app,
         surface_spec,
         bootstrap_status,
-        app_settings,
         migration_results: backend.migration_results,
         audit_sse,
         ws_endpoints: mounted_ws_endpoints,

package/dist/server/env.d.ts CHANGED Viewed

@@ -35,6 +35,8 @@ export declare const BaseServerEnv: z.ZodObject<{
     SMTP_HOST: z.ZodOptional<z.ZodString>;
     SMTP_USER: z.ZodOptional<z.ZodUnion<readonly [z.ZodEmail, z.ZodLiteral<"">]>>;
     SMTP_PASSWORD: z.ZodOptional<z.ZodString>;
+    FUZ_FACTS_DIR: z.ZodDefault<z.ZodString>;
+    FUZ_FACTS_X_ACCEL_REDIRECT_PREFIX: z.ZodOptional<z.ZodString>;
 }, z.core.$strict>;
 export type BaseServerEnv = z.infer<typeof BaseServerEnv>;
 /**

package/dist/server/env.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"env.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/env.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAA2B,KAAK,OAAO,EAAC,MAAM,oBAAoB,CAAC;AAG1E;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa~~;;;;;;;;;;;;;;;;;kBAkCxB~~,CAAC;AACH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAChC,EAAE,EAAE,IAAI,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/B,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACrC,EAAE,EAAE,KAAK,CAAC;IACV,KAAK,EAAE,wBAAwB,GAAG,qBAAqB,CAAC;IACxD,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CACtB;AAED,MAAM,MAAM,sBAAsB,GAAG,gBAAgB,GAAG,qBAAqB,CAAC;AAE9E;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,GAAI,KAAK,aAAa,KAAG,sBA4BxD,CAAC"}
1	+ {"version":3,"file":"env.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/env.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAA2B,KAAK,OAAO,EAAC,MAAM,oBAAoB,CAAC;AAG1E;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;kBAwCxB,CAAC;AACH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAChC,EAAE,EAAE,IAAI,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/B,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACrC,EAAE,EAAE,KAAK,CAAC;IACV,KAAK,EAAE,wBAAwB,GAAG,qBAAqB,CAAC;IACxD,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CACtB;AAED,MAAM,MAAM,sBAAsB,GAAG,gBAAgB,GAAG,qBAAqB,CAAC;AAE9E;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,GAAI,KAAK,aAAa,KAAG,sBA4BxD,CAAC"}

package/dist/server/env.js CHANGED Viewed

@@ -53,6 +53,12 @@ export const BaseServerEnv = z.strictObject({
         .string()
         .optional()
         .meta({ description: 'SMTP authentication password', sensitivity: 'secret' }),
+    FUZ_FACTS_DIR: z.string().min(1).default('./.facts').meta({
+        description: 'Directory for referenced (large) fact bytes, sharded <shard>/<rest>',
+    }),
+    FUZ_FACTS_X_ACCEL_REDIRECT_PREFIX: z.string().optional().meta({
+        description: 'Internal nginx prefix for X-Accel-Redirect fact delivery (production only)',
+    }),
 });
 /**
  * Validate a loaded `BaseServerEnv` and produce the artifacts needed for server init.