@inkeep/agents-core 0.0.0-dev-20251125083010 → 0.0.0-dev-20251125085423

package/dist/auth/auth-schema.d.ts

@@ -1,3 +1,4 @@
+import * as drizzle_orm from 'drizzle-orm';
 import * as drizzle_orm_pg_core from 'drizzle-orm/pg-core';
 
 declare const user: drizzle_orm_pg_core.PgTableWithColumns<{
@@ -1073,6 +1074,23 @@ declare const invitation: drizzle_orm_pg_core.PgTableWithColumns<{
             identity: undefined;
             generated: undefined;
         }, {}, {}>;
+        createdAt: drizzle_orm_pg_core.PgColumn<{
+            name: "created_at";
+            tableName: "invitation";
+            dataType: "date";
+            columnType: "PgTimestamp";
+            data: Date;
+            driverParam: string;
+            notNull: true;
+            hasDefault: true;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
         inviterId: drizzle_orm_pg_core.PgColumn<{
             name: "inviter_id";
             tableName: "invitation";
@@ -1093,5 +1111,33 @@ declare const invitation: drizzle_orm_pg_core.PgTableWithColumns<{
     };
     dialect: "pg";
 }>;
+declare const userRelations: drizzle_orm.Relations<"user", {
+    sessions: drizzle_orm.Many<"session">;
+    accounts: drizzle_orm.Many<"account">;
+    ssoProviders: drizzle_orm.Many<"sso_provider">;
+    members: drizzle_orm.Many<"member">;
+    invitations: drizzle_orm.Many<"invitation">;
+}>;
+declare const sessionRelations: drizzle_orm.Relations<"session", {
+    user: drizzle_orm.One<"user", true>;
+}>;
+declare const accountRelations: drizzle_orm.Relations<"account", {
+    user: drizzle_orm.One<"user", true>;
+}>;
+declare const ssoProviderRelations: drizzle_orm.Relations<"sso_provider", {
+    user: drizzle_orm.One<"user", false>;
+}>;
+declare const organizationRelations: drizzle_orm.Relations<"organization", {
+    members: drizzle_orm.Many<"member">;
+    invitations: drizzle_orm.Many<"invitation">;
+}>;
+declare const memberRelations: drizzle_orm.Relations<"member", {
+    organization: drizzle_orm.One<"organization", true>;
+    user: drizzle_orm.One<"user", true>;
+}>;
+declare const invitationRelations: drizzle_orm.Relations<"invitation", {
+    organization: drizzle_orm.One<"organization", true>;
+    user: drizzle_orm.One<"user", true>;
+}>;
 
-export { account, invitation, member, organization, session, ssoProvider, user, verification };
+export { account, accountRelations, invitation, invitationRelations, member, memberRelations, organization, organizationRelations, session, sessionRelations, ssoProvider, ssoProviderRelations, user, userRelations, verification };

package/dist/auth/auth-schema.js

@@ -1 +1 @@
-export { account, invitation, member, organization, session, ssoProvider, user, verification } from '../chunk-NFTJ5JBY.js';
+export { account, accountRelations, invitation, invitationRelations, member, memberRelations, organization, organizationRelations, session, sessionRelations, ssoProvider, ssoProviderRelations, user, userRelations, verification } from '../chunk-GENLXHZ4.js';

package/dist/auth/auth-validation-schemas.d.ts

@@ -1485,6 +1485,23 @@ declare const InvitationSelectSchema: drizzle_zod.BuildSchema<"select", {
         identity: undefined;
         generated: undefined;
     }, {}, {}>;
+    createdAt: drizzle_orm_pg_core.PgColumn<{
+        name: "created_at";
+        tableName: "invitation";
+        dataType: "date";
+        columnType: "PgTimestamp";
+        data: Date;
+        driverParam: string;
+        notNull: true;
+        hasDefault: true;
+        isPrimaryKey: false;
+        isAutoincrement: false;
+        hasRuntimeDefault: false;
+        enumValues: undefined;
+        baseColumn: never;
+        identity: undefined;
+        generated: undefined;
+    }, {}, {}>;
     inviterId: drizzle_orm_pg_core.PgColumn<{
         name: "inviter_id";
         tableName: "invitation";
@@ -1606,6 +1623,23 @@ declare const InvitationInsertSchema: drizzle_zod.BuildSchema<"insert", {
         identity: undefined;
         generated: undefined;
     }, {}, {}>;
+    createdAt: drizzle_orm_pg_core.PgColumn<{
+        name: "created_at";
+        tableName: "invitation";
+        dataType: "date";
+        columnType: "PgTimestamp";
+        data: Date;
+        driverParam: string;
+        notNull: true;
+        hasDefault: true;
+        isPrimaryKey: false;
+        isAutoincrement: false;
+        hasRuntimeDefault: false;
+        enumValues: undefined;
+        baseColumn: never;
+        identity: undefined;
+        generated: undefined;
+    }, {}, {}>;
     inviterId: drizzle_orm_pg_core.PgColumn<{
         name: "inviter_id";
         tableName: "invitation";

package/dist/auth/auth-validation-schemas.js

@@ -1,4 +1,4 @@
-import { user, session, account, organization, member, invitation, verification } from '../chunk-NFTJ5JBY.js';
+import { user, session, account, organization, member, invitation, verification } from '../chunk-GENLXHZ4.js';
 import { createSelectSchema, createInsertSchema } from 'drizzle-zod';
 import { z } from 'zod';
 

package/dist/auth/auth.d.ts

@@ -4,13 +4,13 @@ import * as zod from 'zod';
 import * as better_auth from 'better-auth';
 import { BetterAuthAdvancedOptions } from 'better-auth';
 import { GoogleOptions } from 'better-auth/social-providers';
-import { D as DatabaseClient } from '../client-CD-dO-so.js';
+import { D as DatabaseClient } from '../client-B_3j-V4-.js';
 import 'drizzle-orm/node-postgres';
 import 'drizzle-orm/pglite';
-import '../schema-BGPkUUmn.js';
+import '../schema-DKbG39on.js';
 import 'drizzle-orm';
 import 'drizzle-orm/pg-core';
-import '../utility-Cw2pFmu3.js';
+import '../utility-Lo5NoRHK.js';
 import 'drizzle-zod';
 import '@hono/zod-openapi';
 import './auth-schema.js';
@@ -115,7 +115,7 @@ declare function createAuth(config: BetterAuthConfig): better_auth.Auth<{
                 attributes?: better_auth.CookieOptions;
             };
         } | undefined;
-        defaultCookieAttributes?: better_auth.CookieOptions | undefined;
+        defaultCookieAttributes: better_auth.CookieOptions;
         cookiePrefix?: string | undefined;
         database?: {
             defaultFindManyLimit?: number;
@@ -716,25 +716,25 @@ declare function createAuth(config: BetterAuthConfig): better_auth.Auth<{
             ac: better_auth_plugins.AccessControl;
             roles: {
                 member: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
                 admin: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
                 owner: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
             };
             sendInvitationEmail(data: {
@@ -992,25 +992,25 @@ declare function createAuth(config: BetterAuthConfig): better_auth.Auth<{
             ac: better_auth_plugins.AccessControl;
             roles: {
                 member: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
                 admin: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
                 owner: {
-                    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-                        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+                    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+                        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
                         connector: "OR" | "AND";
                     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-                    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+                    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
                 };
             };
             sendInvitationEmail(data: {

package/dist/auth/auth.js

@@ -1,7 +1,7 @@
 import { generateId } from '../chunk-XSKQ54TS.js';
 import { env } from '../chunk-LL6F3EAR.js';
-import { ssoProvider } from '../chunk-NFTJ5JBY.js';
-import { ownerRole, adminRole, memberRole, ac } from '../chunk-VMSYBWFH.js';
+import { ssoProvider } from '../chunk-GENLXHZ4.js';
+import { ownerRole, adminRole, memberRole, ac } from '../chunk-JNBVHWXX.js';
 import { sso } from '@better-auth/sso';
 import { betterAuth } from 'better-auth';
 import { drizzleAdapter } from 'better-auth/adapters/drizzle';
@@ -82,6 +82,13 @@ function createAuth(config) {
         enabled: true,
         ...cookieDomain && { domain: cookieDomain }
       },
+      defaultCookieAttributes: {
+        sameSite: "none",
+        secure: true,
+        httpOnly: true,
+        partitioned: true,
+        ...cookieDomain && { domain: cookieDomain }
+      },
       ...config.advanced
     },
     trustedOrigins: [

package/dist/auth/permissions.d.ts

@@ -3,25 +3,25 @@ import { AccessControl } from 'better-auth/plugins/access';
 
 declare const ac: AccessControl;
 declare const memberRole: {
-    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
         connector: "OR" | "AND";
     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
 };
 declare const adminRole: {
-    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
         connector: "OR" | "AND";
     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
 };
 declare const ownerRole: {
-    authorize<K_1 extends "function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key] | {
-        actions: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>[key];
+    authorize<K_1 extends "function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key] | {
+        actions: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>[key];
         connector: "OR" | "AND";
     } | undefined; } : never, connector?: "OR" | "AND"): better_auth_plugins.AuthorizeResponse;
-    statements: better_auth_plugins.Subset<"function" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config", better_auth_plugins.Statements>;
+    statements: better_auth_plugins.Subset<"function" | "organization" | "ac" | "member" | "project" | "agent" | "sub_agent" | "tool" | "api_key" | "credential" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "invitation" | "team", better_auth_plugins.Statements>;
 };
 
 export { ac, adminRole, memberRole, ownerRole };

package/dist/auth/permissions.js

@@ -1 +1 @@
-export { ac, adminRole, memberRole, ownerRole } from '../chunk-VMSYBWFH.js';
+export { ac, adminRole, memberRole, ownerRole } from '../chunk-JNBVHWXX.js';

package/dist/{chunk-W3QDM7WH.js → chunk-4FHCJ65J.js}

@@ -1,4 +1,4 @@
-import { AgentWithinContextOfProjectSchema, resourceIdSchema, MAX_ID_LENGTH } from './chunk-K6GMXJPW.js';
+import { AgentWithinContextOfProjectSchema, resourceIdSchema, MAX_ID_LENGTH } from './chunk-XHODTX4H.js';
 import { z } from 'zod';
 
 // src/validation/cycleDetection.ts

package/dist/{chunk-PVRIMF6N.js → chunk-DEYPSEXR.js}

@@ -1,4 +1,4 @@
-import { verification, user, ssoProvider, session, organization, member, invitation, account } from './chunk-NFTJ5JBY.js';
+import { verification, user, ssoProvider, session, organization, member, invitation, account } from './chunk-GENLXHZ4.js';
 import { __export } from './chunk-SIAA4J6H.js';
 import { relations } from 'drizzle-orm';
 import { pgTable, varchar, text, timestamp, jsonb, primaryKey, foreignKey, integer, index, unique } from 'drizzle-orm/pg-core';

package/dist/chunk-GENLXHZ4.js

@@ -0,0 +1,159 @@
+import { relations } from 'drizzle-orm';
+import { pgTable, timestamp, text, boolean, index } from 'drizzle-orm/pg-core';
+
+// src/auth/auth-schema.ts
+var user = pgTable("user", {
+  id: text("id").primaryKey(),
+  name: text("name").notNull(),
+  email: text("email").notNull().unique(),
+  emailVerified: boolean("email_verified").default(false).notNull(),
+  image: text("image"),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at").defaultNow().$onUpdate(() => /* @__PURE__ */ new Date()).notNull()
+});
+var session = pgTable(
+  "session",
+  {
+    id: text("id").primaryKey(),
+    expiresAt: timestamp("expires_at").notNull(),
+    token: text("token").notNull().unique(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").$onUpdate(() => /* @__PURE__ */ new Date()).notNull(),
+    ipAddress: text("ip_address"),
+    userAgent: text("user_agent"),
+    userId: text("user_id").notNull().references(() => user.id, { onDelete: "cascade" }),
+    activeOrganizationId: text("active_organization_id")
+  },
+  (table) => [index("session_userId_idx").on(table.userId)]
+);
+var account = pgTable(
+  "account",
+  {
+    id: text("id").primaryKey(),
+    accountId: text("account_id").notNull(),
+    providerId: text("provider_id").notNull(),
+    userId: text("user_id").notNull().references(() => user.id, { onDelete: "cascade" }),
+    accessToken: text("access_token"),
+    refreshToken: text("refresh_token"),
+    idToken: text("id_token"),
+    accessTokenExpiresAt: timestamp("access_token_expires_at"),
+    refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
+    scope: text("scope"),
+    password: text("password"),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").$onUpdate(() => /* @__PURE__ */ new Date()).notNull()
+  },
+  (table) => [index("account_userId_idx").on(table.userId)]
+);
+var verification = pgTable(
+  "verification",
+  {
+    id: text("id").primaryKey(),
+    identifier: text("identifier").notNull(),
+    value: text("value").notNull(),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").defaultNow().$onUpdate(() => /* @__PURE__ */ new Date()).notNull()
+  },
+  (table) => [index("verification_identifier_idx").on(table.identifier)]
+);
+var ssoProvider = pgTable("sso_provider", {
+  id: text("id").primaryKey(),
+  issuer: text("issuer").notNull(),
+  oidcConfig: text("oidc_config"),
+  samlConfig: text("saml_config"),
+  userId: text("user_id").references(() => user.id, { onDelete: "cascade" }),
+  providerId: text("provider_id").notNull().unique(),
+  organizationId: text("organization_id"),
+  domain: text("domain").notNull()
+});
+var organization = pgTable("organization", {
+  id: text("id").primaryKey(),
+  name: text("name").notNull(),
+  slug: text("slug").notNull().unique(),
+  logo: text("logo"),
+  createdAt: timestamp("created_at").notNull(),
+  metadata: text("metadata")
+});
+var member = pgTable(
+  "member",
+  {
+    id: text("id").primaryKey(),
+    organizationId: text("organization_id").notNull().references(() => organization.id, { onDelete: "cascade" }),
+    userId: text("user_id").notNull().references(() => user.id, { onDelete: "cascade" }),
+    role: text("role").default("member").notNull(),
+    createdAt: timestamp("created_at").notNull()
+  },
+  (table) => [
+    index("member_organizationId_idx").on(table.organizationId),
+    index("member_userId_idx").on(table.userId)
+  ]
+);
+var invitation = pgTable(
+  "invitation",
+  {
+    id: text("id").primaryKey(),
+    organizationId: text("organization_id").notNull().references(() => organization.id, { onDelete: "cascade" }),
+    email: text("email").notNull(),
+    role: text("role"),
+    status: text("status").default("pending").notNull(),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    inviterId: text("inviter_id").notNull().references(() => user.id, { onDelete: "cascade" })
+  },
+  (table) => [
+    index("invitation_organizationId_idx").on(table.organizationId),
+    index("invitation_email_idx").on(table.email)
+  ]
+);
+var userRelations = relations(user, ({ many }) => ({
+  sessions: many(session),
+  accounts: many(account),
+  ssoProviders: many(ssoProvider),
+  members: many(member),
+  invitations: many(invitation)
+}));
+var sessionRelations = relations(session, ({ one }) => ({
+  user: one(user, {
+    fields: [session.userId],
+    references: [user.id]
+  })
+}));
+var accountRelations = relations(account, ({ one }) => ({
+  user: one(user, {
+    fields: [account.userId],
+    references: [user.id]
+  })
+}));
+var ssoProviderRelations = relations(ssoProvider, ({ one }) => ({
+  user: one(user, {
+    fields: [ssoProvider.userId],
+    references: [user.id]
+  })
+}));
+var organizationRelations = relations(organization, ({ many }) => ({
+  members: many(member),
+  invitations: many(invitation)
+}));
+var memberRelations = relations(member, ({ one }) => ({
+  organization: one(organization, {
+    fields: [member.organizationId],
+    references: [organization.id]
+  }),
+  user: one(user, {
+    fields: [member.userId],
+    references: [user.id]
+  })
+}));
+var invitationRelations = relations(invitation, ({ one }) => ({
+  organization: one(organization, {
+    fields: [invitation.organizationId],
+    references: [organization.id]
+  }),
+  user: one(user, {
+    fields: [invitation.inviterId],
+    references: [user.id]
+  })
+}));
+
+export { account, accountRelations, invitation, invitationRelations, member, memberRelations, organization, organizationRelations, session, sessionRelations, ssoProvider, ssoProviderRelations, user, userRelations, verification };

package/dist/{chunk-VMSYBWFH.js → chunk-JNBVHWXX.js}

@@ -1,5 +1,5 @@
 import { createAccessControl } from 'better-auth/plugins/access';
-import { defaultStatements } from 'better-auth/plugins/organization/access';
+import { defaultStatements, memberAc, adminAc, ownerAc } from 'better-auth/plugins/organization/access';
 
 // src/auth/permissions.ts
 var statement = {
@@ -28,7 +28,8 @@ var memberRole = ac.newRole({
   artifact_component: ["read"],
   external_agent: ["read"],
   function: ["read"],
-  context_config: ["read"]
+  context_config: ["read"],
+  ...memberAc.statements
 });
 var adminRole = ac.newRole({
   project: ["create", "read", "update"],
@@ -41,7 +42,8 @@ var adminRole = ac.newRole({
   artifact_component: ["create", "read", "update"],
   external_agent: ["create", "read", "update"],
   function: ["create", "read", "update"],
-  context_config: ["create", "read", "update"]
+  context_config: ["create", "read", "update"],
+  ...adminAc.statements
 });
 var ownerRole = ac.newRole({
   project: ["create", "read", "update", "delete"],
@@ -54,7 +56,8 @@ var ownerRole = ac.newRole({
   artifact_component: ["create", "read", "update", "delete"],
   external_agent: ["create", "read", "update", "delete"],
   function: ["create", "read", "update", "delete"],
-  context_config: ["create", "read", "update", "delete"]
+  context_config: ["create", "read", "update", "delete"],
+  ...ownerAc.statements
 });
 
 export { ac, adminRole, memberRole, ownerRole };

package/dist/{chunk-K6GMXJPW.js → chunk-XHODTX4H.js}

@@ -1,4 +1,4 @@
-import { subAgents, subAgentRelations, agents, tasks, taskRelations, conversations, messages, contextCache, dataComponents, subAgentDataComponents, artifactComponents, subAgentArtifactComponents, externalAgents, apiKeys, credentialReferences, tools, functionTools, functions, contextConfigs, subAgentToolRelations, subAgentExternalAgentRelations, subAgentTeamAgentRelations, ledgerArtifacts, projects } from './chunk-PVRIMF6N.js';
+import { subAgents, subAgentRelations, agents, tasks, taskRelations, conversations, messages, contextCache, dataComponents, subAgentDataComponents, artifactComponents, subAgentArtifactComponents, externalAgents, apiKeys, credentialReferences, tools, functionTools, functions, contextConfigs, subAgentToolRelations, subAgentExternalAgentRelations, subAgentTeamAgentRelations, ledgerArtifacts, projects } from './chunk-DEYPSEXR.js';
 import { schemaValidationDefaults } from './chunk-Z64UK4CA.js';
 import { VALID_RELATION_TYPES, MCPTransportType, TOOL_STATUS_VALUES, CredentialStoreType, MCPServerType } from './chunk-YFHT5M2R.js';
 import { z } from '@hono/zod-openapi';

package/dist/{chunk-I6IF7ZTL.js → chunk-ZSYMSL55.js}

@@ -1,5 +1,5 @@
-import { schema_exports, projects } from './chunk-PVRIMF6N.js';
-import { organization } from './chunk-NFTJ5JBY.js';
+import { schema_exports, projects } from './chunk-DEYPSEXR.js';
+import { organization } from './chunk-GENLXHZ4.js';
 import { dirname, join } from 'path';
 import { fileURLToPath } from 'url';
 import { PGlite } from '@electric-sql/pglite';

package/dist/{client-CD-dO-so.d.ts → client-B_3j-V4-.d.ts}

@@ -1,6 +1,6 @@
 import { NodePgDatabase } from 'drizzle-orm/node-postgres';
 import { PgliteDatabase } from 'drizzle-orm/pglite';
-import { s as schema } from './schema-BGPkUUmn.js';
+import { s as schema } from './schema-DKbG39on.js';
 
 type DatabaseClient = NodePgDatabase<typeof schema> | PgliteDatabase<typeof schema>;
 interface DatabaseConfig {

package/dist/client-exports.d.ts

@@ -1,7 +1,7 @@
 export { i as ACTIVITY_NAMES, g as ACTIVITY_STATUS, f as ACTIVITY_TYPES, h as AGENT_IDS, p as AGGREGATE_OPERATORS, A as AI_OPERATIONS, j as AI_TOOL_TYPES, o as DATA_SOURCES, k as DATA_TYPES, D as DELEGATION_FROM_SUB_AGENT_ID, b as DELEGATION_ID, a as DELEGATION_TO_SUB_AGENT_ID, F as FIELD_TYPES, O as OPERATORS, m as ORDER_DIRECTIONS, P as PANEL_TYPES, q as QUERY_DEFAULTS, l as QUERY_EXPRESSIONS, Q as QUERY_FIELD_CONFIGS, n as QUERY_TYPES, R as REDUCE_OPERATIONS, e as SPAN_KEYS, S as SPAN_NAMES, T as TRANSFER_FROM_SUB_AGENT_ID, c as TRANSFER_TO_SUB_AGENT_ID, U as UNKNOWN_VALUE, d as detectAuthenticationRequired } from './auth-detection-7G0Dxt55.js';
 import { z } from 'zod';
-import { C as ConversationHistoryConfig, F as FunctionApiInsertSchema, A as ApiKeyApiUpdateSchema, a as FullAgentAgentInsertSchema } from './utility-Cw2pFmu3.js';
-export { e as AgentStopWhen, b as AgentStopWhenSchema, h as CredentialStoreType, j as FunctionApiSelectSchema, k as FunctionApiUpdateSchema, i as MCPTransportType, g as ModelSettings, M as ModelSettingsSchema, d as StopWhen, S as StopWhenSchema, f as SubAgentStopWhen, c as SubAgentStopWhenSchema } from './utility-Cw2pFmu3.js';
+import { C as ConversationHistoryConfig, F as FunctionApiInsertSchema, A as ApiKeyApiUpdateSchema, a as FullAgentAgentInsertSchema } from './utility-Lo5NoRHK.js';
+export { e as AgentStopWhen, b as AgentStopWhenSchema, h as CredentialStoreType, j as FunctionApiSelectSchema, k as FunctionApiUpdateSchema, i as MCPTransportType, g as ModelSettings, M as ModelSettingsSchema, d as StopWhen, S as StopWhenSchema, f as SubAgentStopWhen, c as SubAgentStopWhenSchema } from './utility-Lo5NoRHK.js';
 export { v as validatePropsAsJsonSchema } from './props-validation-BMR1qNiy.js';
 import 'pino';
 import 'drizzle-zod';
@@ -134,8 +134,8 @@ declare const DataComponentApiInsertSchema: z.ZodObject<{
     }, z.core.$strip>>>;
 }, z.core.$strip>;
 declare const ArtifactComponentApiInsertSchema: z.ZodObject<{
-    name: z.ZodString;
     id: z.ZodString;
+    name: z.ZodString;
     description: z.ZodString;
     props: z.ZodOptional<z.ZodNullable<z.ZodType<Record<string, unknown>, Record<string, unknown>, z.core.$ZodTypeInternals<Record<string, unknown>, Record<string, unknown>>>>>;
 }, {
@@ -170,11 +170,11 @@ declare const FullAgentDefinitionSchema: z.ZodObject<{
     description: z.ZodOptional<z.ZodString>;
     defaultSubAgentId: z.ZodOptional<z.ZodString>;
     subAgents: z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
-        name: z.ZodString;
         id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodString;
         createdAt: z.ZodOptional<z.ZodString>;
         updatedAt: z.ZodOptional<z.ZodString>;
-        description: z.ZodString;
         models: z.ZodOptional<z.ZodObject<{
             base: z.ZodOptional<z.ZodObject<{
                 model: z.ZodOptional<z.ZodString>;

package/dist/client-exports.js

@@ -1,6 +1,6 @@
 export { ACTIVITY_NAMES, ACTIVITY_STATUS, ACTIVITY_TYPES, AGENT_IDS, AGGREGATE_OPERATORS, AI_OPERATIONS, AI_TOOL_TYPES, DATA_SOURCES, DATA_TYPES, DELEGATION_FROM_SUB_AGENT_ID, DELEGATION_ID, DELEGATION_TO_SUB_AGENT_ID, FIELD_TYPES, OPERATORS, ORDER_DIRECTIONS, PANEL_TYPES, QUERY_DEFAULTS, QUERY_EXPRESSIONS, QUERY_FIELD_CONFIGS, QUERY_TYPES, REDUCE_OPERATIONS, SPAN_KEYS, SPAN_NAMES, TRANSFER_FROM_SUB_AGENT_ID, TRANSFER_TO_SUB_AGENT_ID, UNKNOWN_VALUE } from './chunk-MQMMFK2K.js';
-import { ModelSettingsSchema, FullAgentAgentInsertSchema, ArtifactComponentApiInsertSchema } from './chunk-K6GMXJPW.js';
-export { AgentStopWhenSchema, FunctionApiInsertSchema, FunctionApiSelectSchema, FunctionApiUpdateSchema, ModelSettingsSchema, StopWhenSchema, SubAgentStopWhenSchema, validatePropsAsJsonSchema } from './chunk-K6GMXJPW.js';
+import { ModelSettingsSchema, FullAgentAgentInsertSchema, ArtifactComponentApiInsertSchema } from './chunk-XHODTX4H.js';
+export { AgentStopWhenSchema, FunctionApiInsertSchema, FunctionApiSelectSchema, FunctionApiUpdateSchema, ModelSettingsSchema, StopWhenSchema, SubAgentStopWhenSchema, validatePropsAsJsonSchema } from './chunk-XHODTX4H.js';
 import { schemaValidationDefaults } from './chunk-Z64UK4CA.js';
 export { detectAuthenticationRequired } from './chunk-4JZT4QEE.js';
 import { CredentialStoreType } from './chunk-YFHT5M2R.js';

package/dist/credential-stores/index.d.ts

@@ -1,6 +1,6 @@
-import { C as CredentialStore } from '../server-DuzlQdBX.js';
+import { C as CredentialStore } from '../server-BXoUiBMg.js';
 import 'hono';
-import '../utility-Cw2pFmu3.js';
+import '../utility-Lo5NoRHK.js';
 import 'zod';
 import 'drizzle-zod';
 import 'drizzle-orm/pg-core';