npm - @jmruthers/pace-core - Versions diffs - 0.6.5 → 0.6.7 - Mend

@jmruthers/pace-core 0.6.5 → 0.6.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (473) hide show

package/CHANGELOG.md +104 -0
package/README.md +5 -403
package/audit-tool/00-dependencies.cjs +394 -0
package/audit-tool/audits/01-pace-core-compliance.cjs +556 -0
package/audit-tool/audits/02-project-structure.cjs +255 -0
package/audit-tool/audits/03-architecture.cjs +196 -0
package/audit-tool/audits/04-code-quality.cjs +149 -0
package/audit-tool/audits/05-styling.cjs +224 -0
package/audit-tool/audits/06-security-rbac.cjs +544 -0
package/audit-tool/audits/07-api-tech-stack.cjs +301 -0
package/audit-tool/audits/08-testing-documentation.cjs +202 -0
package/audit-tool/audits/09-operations.cjs +208 -0
package/audit-tool/index.cjs +291 -0
package/audit-tool/utils/code-utils.cjs +218 -0
package/audit-tool/utils/file-utils.cjs +230 -0
package/audit-tool/utils/report-utils.cjs +241 -0
package/core-usage-manifest.json +93 -0
package/cursor-rules/00-standards-overview.mdc +156 -0
package/cursor-rules/01-pace-core-compliance.mdc +586 -0
package/cursor-rules/02-project-structure.mdc +42 -4
package/cursor-rules/{03-solid-principles.mdc → 03-architecture.mdc} +126 -10
package/cursor-rules/04-code-quality.mdc +419 -0
package/cursor-rules/{08-markup-quality.mdc → 05-styling.mdc} +104 -34
package/cursor-rules/06-security-rbac.mdc +518 -0
package/cursor-rules/07-api-tech-stack.mdc +377 -0
package/cursor-rules/08-testing-documentation.mdc +324 -0
package/cursor-rules/09-operations.mdc +365 -0
package/dist/{AuthService-Cb34EQs3.d.ts → AuthService-DmfO5rGS.d.ts} +10 -0
package/dist/DataTable-7PMH7XN7.js +15 -0
package/dist/{DataTable-BMRU8a1j.d.ts → DataTable-DRUIgtUH.d.ts} +1 -1
package/dist/{PublicPageProvider-QTFVrL-Z.d.ts → PublicPageProvider-DlsCaR5v.d.ts} +33 -72
package/dist/UnifiedAuthProvider-ZT6TIGM7.js +7 -0
package/dist/api-Y4MQWOFW.js +4 -0
package/dist/audit-MYQXYZFU.js +3 -0
package/dist/{chunk-DGUM43GV.js → chunk-3RG5ZIWI.js} +1 -4
package/dist/{chunk-QXHPKYJV.js → chunk-4SXLQIZO.js} +1 -26
package/dist/{chunk-UPPMRMYG.js → chunk-5X4QLXRG.js} +73 -151
package/dist/chunk-6F3IILHI.js +62 -0
package/dist/{chunk-E66EQZE6.js → chunk-6GLLNA6U.js} +3 -9
package/dist/{chunk-ZSAAAMVR.js → chunk-6QYDGKQY.js} +1 -4
package/dist/{chunk-FMUCXFII.js → chunk-7ILTDCL2.js} +9 -5
package/dist/{chunk-M43Y4SSO.js → chunk-A3W6LW53.js} +15 -13
package/dist/{chunk-63FOKYGO.js → chunk-AHU7G2R5.js} +2 -11
package/dist/{chunk-HU2C6SSC.js → chunk-BM4CQ5P3.js} +606 -559
package/dist/chunk-C7NSAPTL.js +1 -0
package/dist/{chunk-J36DSWQK.js → chunk-FEJLJNWA.js} +7 -41
package/dist/{chunk-IHB5DR3H.js → chunk-FTCRZOG2.js} +188 -387
package/dist/{chunk-G37KK66H.js → chunk-FYHN4DD5.js} +60 -19
package/dist/chunk-GHYHJTYV.js +994 -0
package/dist/{chunk-VBXEHIUJ.js → chunk-HF6O3O37.js} +6 -88
package/dist/{chunk-FFQEQTNW.js → chunk-IUBRCBSY.js} +134 -45
package/dist/{chunk-6COVEUS7.js → chunk-JGWDVX64.js} +983 -1034
package/dist/{chunk-RGAWHO7N.js → chunk-L4XMVJKY.js} +77 -222
package/dist/chunk-MBADTM7L.js +64 -0
package/dist/{chunk-M7MPQISP.js → chunk-OJ4SKRSV.js} +3 -16
package/dist/{chunk-IVOFDYWT.js → chunk-Q7Q7V5NV.js} +2109 -1604
package/dist/{chunk-JGRYX5UX.js → chunk-S7DKJPLT.js} +29 -58
package/dist/{chunk-PWLANIRT.js → chunk-TTRFSOKR.js} +1 -7
package/dist/{chunk-5DRSZLL2.js → chunk-UH3NTO3F.js} +1 -6
package/dist/{chunk-NTM7ZSB6.js → chunk-VBCS3DUA.js} +261 -168
package/dist/{chunk-EFN2EIMK.js → chunk-ZFYPMX46.js} +271 -87
package/dist/{chunk-L4OXEN46.js → chunk-ZKAWKYT4.js} +10 -24
package/dist/components.d.ts +7 -5
package/dist/components.js +46 -257
package/dist/{database.generated-CzIvgcPu.d.ts → database.generated-CcnC_DRc.d.ts} +4795 -3691
package/dist/eslint-rules/index.cjs +35 -0
package/{src/eslint-rules/pace-core-compliance.cjs → dist/eslint-rules/rules/01-pace-core-compliance.cjs} +234 -235
package/dist/eslint-rules/rules/04-code-quality.cjs +290 -0
package/dist/eslint-rules/rules/05-styling.cjs +61 -0
package/dist/eslint-rules/rules/06-security-rbac.cjs +806 -0
package/dist/eslint-rules/rules/07-api-tech-stack.cjs +263 -0
package/dist/eslint-rules/rules/08-testing.cjs +94 -0
package/dist/eslint-rules/utils/helpers.cjs +42 -0
package/dist/eslint-rules/utils/manifest-loader.cjs +75 -0
package/dist/hooks.d.ts +6 -6
package/dist/hooks.js +62 -172
package/dist/icons/index.d.ts +1 -0
package/dist/icons/index.js +1 -0
package/dist/index.d.ts +12 -11
package/dist/index.js +67 -660
package/dist/providers.d.ts +2 -2
package/dist/providers.js +8 -35
package/dist/rbac/eslint-rules.d.ts +46 -44
package/dist/rbac/eslint-rules.js +7 -4
package/dist/rbac/index.d.ts +109 -586
package/dist/rbac/index.js +14 -207
package/dist/styles/index.js +2 -12
package/dist/theming/runtime.d.ts +14 -1
package/dist/theming/runtime.js +3 -19
package/dist/{timezone-CHhWg6b4.d.ts → timezone-BZe_eUxx.d.ts} +175 -1
package/dist/{types-CkbwOr4Y.d.ts → types-DXstZpNI.d.ts} +4 -17
package/dist/types-t9H8qKRw.d.ts +55 -0
package/dist/types.d.ts +1 -1
package/dist/types.js +7 -94
package/dist/{usePublicRouteParams-ClnV4tnv.d.ts → usePublicRouteParams-MamNgwqe.d.ts} +20 -20
package/dist/utils.d.ts +24 -117
package/dist/utils.js +54 -392
package/docs/README.md +17 -7
package/docs/api/README.md +4 -402
package/docs/api/modules.md +301 -871
package/docs/api-reference/components.md +21 -21
package/docs/api-reference/deprecated.md +31 -6
package/docs/api-reference/hooks.md +80 -80
package/docs/api-reference/rpc-functions.md +78 -3
package/docs/api-reference/types.md +1 -1
package/docs/api-reference/utilities.md +1 -1
package/docs/architecture/README.md +1 -1
package/docs/core-concepts/events.md +3 -3
package/docs/core-concepts/organisations.md +6 -6
package/docs/core-concepts/permissions.md +6 -6
package/docs/documentation-index.md +12 -18
package/docs/getting-started/cursor-rules.md +3 -23
package/docs/getting-started/dependencies.md +650 -0
package/docs/getting-started/documentation-index.md +1 -1
package/docs/getting-started/examples/README.md +4 -4
package/docs/getting-started/examples/full-featured-app.md +1 -1
package/docs/getting-started/faq.md +2 -2
package/docs/getting-started/installation-guide.md +20 -7
package/docs/getting-started/quick-reference.md +4 -4
package/docs/getting-started/quick-start.md +23 -12
package/docs/implementation-guides/authentication.md +15 -15
package/docs/implementation-guides/component-styling.md +1 -1
package/docs/implementation-guides/data-tables.md +126 -33
package/docs/implementation-guides/datatable-rbac-usage.md +1 -1
package/docs/implementation-guides/dynamic-colors.md +3 -3
package/docs/implementation-guides/file-upload-storage.md +2 -2
package/docs/implementation-guides/hierarchical-datatable.md +40 -60
package/docs/implementation-guides/inactivity-tracking.md +3 -3
package/docs/implementation-guides/large-datasets.md +3 -2
package/docs/implementation-guides/organisation-security.md +2 -2
package/docs/implementation-guides/performance.md +2 -2
package/docs/implementation-guides/permission-enforcement.md +5 -1
package/docs/migration/V0.3.44_organisation-context-timing-fix.md +1 -1
package/docs/migration/V0.4.0_rbac-migration.md +6 -6
package/docs/rbac/MIGRATION_GUIDE.md +819 -0
package/docs/rbac/RBAC_CONTRACT.md +724 -0
package/docs/rbac/README.md +17 -8
package/docs/rbac/advanced-patterns.md +6 -6
package/docs/rbac/api-reference.md +20 -20
package/docs/rbac/edge-functions-guide.md +376 -0
package/docs/rbac/event-based-apps.md +3 -3
package/docs/rbac/examples.md +41 -41
package/docs/rbac/getting-started.md +37 -37
package/docs/rbac/performance.md +1 -1
package/docs/rbac/quick-start.md +52 -52
package/docs/rbac/secure-client-protection.md +1 -35
package/docs/rbac/troubleshooting.md +1 -1
package/docs/security/README.md +5 -5
package/docs/standards/0-standards-overview.md +220 -0
package/docs/standards/1-pace-core-compliance-standards.md +986 -0
package/docs/standards/2-project-structure-standards.md +949 -0
package/docs/standards/3-architecture-standards.md +606 -0
package/docs/standards/4-code-quality-standards.md +728 -0
package/docs/standards/5-styling-standards.md +348 -0
package/docs/standards/{07-rbac-and-rls-standard.md → 6-security-rbac-standards.md} +269 -66
package/docs/standards/7-api-tech-stack-standards.md +662 -0
package/docs/standards/8-testing-documentation-standards.md +401 -0
package/docs/standards/9-operations-standards.md +1102 -0
package/docs/standards/README.md +185 -57
package/docs/troubleshooting/README.md +4 -4
package/docs/troubleshooting/common-issues.md +2 -2
package/docs/troubleshooting/debugging.md +9 -9
package/docs/troubleshooting/migration.md +4 -4
package/docs/troubleshooting/organisation-context-setup.md +42 -19
package/eslint-config-pace-core.cjs +33 -6
package/package.json +35 -23
package/scripts/install-cursor-rules.cjs +25 -6
package/scripts/install-eslint-config.cjs +284 -0
package/src/__tests__/fixtures/supabase.ts +1 -1
package/src/__tests__/helpers/__tests__/component-test-utils.test.tsx +3 -3
package/src/__tests__/helpers/__tests__/optimized-test-setup.test.ts +1 -1
package/src/__tests__/helpers/__tests__/supabaseMock.test.ts +1 -1
package/src/__tests__/helpers/__tests__/test-providers.test.tsx +2 -2
package/src/__tests__/helpers/__tests__/test-utils.test.tsx +13 -13
package/src/__tests__/helpers/component-test-utils.tsx +1 -1
package/src/__tests__/helpers/supabaseMock.ts +2 -2
package/src/__tests__/integration/UserProfile.test.tsx +14 -14
package/src/__tests__/public-recipe-view.test.ts +38 -9
package/src/__tests__/rbac/PagePermissionGuard.test.tsx +6 -6
package/src/__tests__/templates/accessibility.test.template.tsx +9 -9
package/src/__tests__/templates/component.test.template.tsx +18 -15
package/src/components/Button/Button.tsx +5 -1
package/src/components/Calendar/Calendar.tsx +201 -47
package/src/components/ContextSelector/ContextSelector.tsx +106 -119
package/src/components/DataTable/AUDIT_REPORT.md +293 -0
package/src/components/DataTable/__tests__/DataTableCore.test.tsx +10 -2
package/src/components/DataTable/__tests__/a11y.basic.test.tsx +10 -4
package/src/components/DataTable/__tests__/test-utils/sharedTestUtils.tsx +9 -9
package/src/components/DataTable/components/ColumnFilter.tsx +63 -74
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +43 -41
package/src/components/DataTable/components/DataTableCore.tsx +186 -13
package/src/components/DataTable/components/DataTableErrorBoundary.tsx +9 -11
package/src/components/DataTable/components/DataTableLayout.tsx +35 -21
package/src/components/DataTable/components/EditFields.tsx +23 -3
package/src/components/DataTable/components/EditableRow.tsx +12 -9
package/src/components/DataTable/components/EmptyState.tsx +10 -9
package/src/components/DataTable/components/FilterRow.tsx +2 -4
package/src/components/DataTable/components/ImportModal.tsx +124 -126
package/src/components/DataTable/components/LoadingState.tsx +5 -6
package/src/components/DataTable/components/RowComponent.tsx +12 -0
package/src/components/DataTable/components/SortIndicator.tsx +50 -0
package/src/components/DataTable/components/__tests__/COVERAGE_NOTE.md +4 -4
package/src/components/DataTable/components/__tests__/ColumnFilter.test.tsx +23 -82
package/src/components/DataTable/components/__tests__/DataTableErrorBoundary.test.tsx +37 -9
package/src/components/DataTable/components/__tests__/EmptyState.test.tsx +7 -4
package/src/components/DataTable/components/__tests__/FilterRow.test.tsx +12 -4
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +41 -27
package/src/components/DataTable/components/hooks/usePermissionTracking.ts +0 -4
package/src/components/DataTable/components/index.ts +2 -1
package/src/components/DataTable/hooks/__tests__/useDataTableState.test.ts +51 -47
package/src/components/DataTable/hooks/useDataTablePermissions.ts +24 -21
package/src/components/DataTable/hooks/useDataTableState.ts +125 -9
package/src/components/DataTable/hooks/useTableColumns.ts +40 -2
package/src/components/DataTable/hooks/useTableHandlers.ts +11 -0
package/src/components/DataTable/types.ts +5 -18
package/src/components/DataTable/utils/a11yUtils.ts +17 -0
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +2 -1
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +11 -15
package/src/components/DateTimeField/DateTimeField.tsx +10 -9
package/src/components/Dialog/Dialog.test.tsx +128 -104
package/src/components/Dialog/Dialog.tsx +742 -24
package/src/components/ErrorBoundary/ErrorBoundary.tsx +77 -79
package/src/components/FileDisplay/FileDisplay.test.tsx +4 -2
package/src/components/FileDisplay/FileDisplay.tsx +23 -17
package/src/components/FileUpload/FileUpload.test.tsx +52 -14
package/src/components/FileUpload/FileUpload.tsx +112 -130
package/src/components/Form/Form.test.tsx +6 -8
package/src/components/Form/Form.tsx +365 -4
package/src/components/NavigationMenu/NavigationMenu.test.tsx +14 -13
package/src/components/NavigationMenu/useNavigationFiltering.ts +11 -21
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +6 -4
package/src/components/PaceAppLayout/PaceAppLayout.tsx +11 -15
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +108 -61
package/src/components/PaceLoginPage/PaceLoginPage.tsx +27 -3
package/src/components/Progress/Progress.tsx +2 -4
package/src/components/ProtectedRoute/ProtectedRoute.tsx +8 -8
package/src/components/Select/Select.tsx +109 -98
package/src/components/Select/types.ts +4 -1
package/src/components/UserMenu/UserMenu.tsx +9 -6
package/src/hooks/__tests__/ServiceHooks.test.tsx +16 -16
package/src/hooks/__tests__/hooks.integration.test.tsx +55 -57
package/src/hooks/__tests__/useAppConfig.unit.test.ts +129 -67
package/src/hooks/__tests__/useFocusTrap.unit.test.tsx +97 -97
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +149 -67
package/src/hooks/__tests__/usePublicEvent.test.ts +149 -79
package/src/hooks/__tests__/usePublicEvent.unit.test.ts +158 -109
package/src/hooks/__tests__/useSessionDraft.test.ts +163 -0
package/src/hooks/__tests__/useSessionRestoration.unit.test.tsx +10 -5
package/src/hooks/public/usePublicEvent.ts +67 -195
package/src/hooks/public/usePublicEventLogo.test.ts +70 -17
package/src/hooks/public/usePublicEventLogo.ts +24 -14
package/src/hooks/public/usePublicFileDisplay.ts +2 -2
package/src/hooks/public/usePublicRouteParams.ts +5 -5
package/src/hooks/useAppConfig.ts +28 -26
package/src/hooks/useEventTheme.test.ts +217 -239
package/src/hooks/useEventTheme.ts +16 -28
package/src/hooks/useFileDisplay.ts +2 -2
package/src/hooks/useOrganisationPermissions.ts +5 -7
package/src/hooks/useQueryCache.ts +0 -1
package/src/hooks/useSessionDraft.ts +380 -0
package/src/hooks/useSessionRestoration.ts +3 -1
package/src/icons/index.ts +27 -0
package/src/index.ts +5 -0
package/src/providers/OrganisationProvider.tsx +23 -14
package/src/providers/UnifiedAuthProvider.smoke.test.tsx +21 -21
package/src/providers/__tests__/AuthProvider.test.tsx +21 -21
package/src/providers/__tests__/EventProvider.test.tsx +61 -61
package/src/providers/__tests__/InactivityProvider.test.tsx +56 -56
package/src/providers/__tests__/OrganisationProvider.test.tsx +75 -75
package/src/providers/__tests__/ProviderLifecycle.test.tsx +37 -37
package/src/providers/__tests__/UnifiedAuthProvider.test.tsx +103 -103
package/src/providers/services/EventServiceProvider.tsx +1 -24
package/src/providers/services/UnifiedAuthProvider.tsx +5 -48
package/src/providers/services/__tests__/AuthServiceProvider.integration.test.tsx +7 -7
package/src/providers/services/__tests__/UnifiedAuthProvider.integration.test.tsx +13 -10
package/src/rbac/__tests__/adapters.comprehensive.test.tsx +7 -457
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +33 -7
package/src/rbac/adapters.tsx +7 -295
package/src/rbac/api.test.ts +44 -56
package/src/rbac/api.ts +10 -17
package/src/rbac/cache-invalidation.ts +0 -1
package/src/rbac/compliance/index.ts +10 -0
package/src/rbac/compliance/pattern-detector.ts +553 -0
package/src/rbac/compliance/runtime-compliance.ts +22 -0
package/src/rbac/components/AccessDenied.tsx +150 -0
package/src/rbac/components/NavigationGuard.tsx +12 -20
package/src/rbac/components/PagePermissionGuard.tsx +4 -24
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +21 -8
package/src/rbac/components/index.ts +3 -41
package/src/rbac/eslint-rules.js +1 -1
package/src/rbac/hooks/index.ts +0 -3
package/src/rbac/hooks/permissions/index.ts +0 -3
package/src/rbac/hooks/permissions/useAccessLevel.ts +4 -8
package/src/rbac/hooks/usePermissions.ts +0 -3
package/src/rbac/hooks/useResolvedScope.test.ts +57 -47
package/src/rbac/hooks/useResolvedScope.ts +58 -140
package/src/rbac/hooks/useResourcePermissions.test.ts +124 -38
package/src/rbac/hooks/useResourcePermissions.ts +139 -48
package/src/rbac/hooks/useRoleManagement.test.ts +65 -22
package/src/rbac/hooks/useRoleManagement.ts +147 -19
package/src/rbac/hooks/useSecureSupabase.ts +4 -8
package/src/rbac/index.ts +7 -9
package/src/rbac/utils/contextValidator.ts +9 -7
package/src/services/AuthService.ts +130 -18
package/src/services/EventService.ts +4 -97
package/src/services/InactivityService.ts +16 -0
package/src/services/OrganisationService.ts +7 -44
package/src/services/__tests__/OrganisationService.test.ts +26 -8
package/src/services/base/BaseService.ts +0 -3
package/src/styles/core.css +7 -0
package/src/theming/__tests__/parseEventColours.test.ts +9 -3
package/src/theming/parseEventColours.ts +22 -10
package/src/types/database.generated.ts +4733 -3809
package/src/utils/__tests__/lazyLoad.unit.test.tsx +42 -39
package/src/utils/__tests__/organisationContext.unit.test.ts +9 -10
package/src/utils/context/organisationContext.test.ts +13 -28
package/src/utils/context/organisationContext.ts +21 -52
package/src/utils/dynamic/dynamicUtils.ts +1 -1
package/src/utils/file-reference/index.ts +39 -15
package/src/utils/formatting/formatDateTime.test.ts +3 -2
package/src/utils/google-places/loadGoogleMapsScript.ts +29 -4
package/src/utils/index.ts +4 -1
package/src/utils/persistence/__tests__/keyDerivation.test.ts +135 -0
package/src/utils/persistence/__tests__/sensitiveFieldDetection.test.ts +123 -0
package/src/utils/persistence/keyDerivation.ts +304 -0
package/src/utils/persistence/sensitiveFieldDetection.ts +212 -0
package/src/utils/security/secureStorage.ts +5 -5
package/src/utils/storage/README.md +1 -1
package/src/utils/storage/helpers.ts +3 -3
package/src/utils/supabase/createBaseClient.ts +147 -0
package/src/utils/timezone/timezone.test.ts +1 -2
package/src/utils/timezone/timezone.ts +1 -1
package/src/utils/validation/csrf.ts +4 -4
package/cursor-rules/00-pace-core-compliance.mdc +0 -331
package/cursor-rules/01-standards-compliance.mdc +0 -244
package/cursor-rules/04-testing-standards.mdc +0 -268
package/cursor-rules/05-bug-reports-and-features.mdc +0 -246
package/cursor-rules/06-code-quality.mdc +0 -309
package/cursor-rules/07-tech-stack-compliance.mdc +0 -214
package/cursor-rules/CHANGELOG.md +0 -119
package/cursor-rules/README.md +0 -192
package/dist/DataTable-AOVNCPTX.js +0 -175
package/dist/DataTable-AOVNCPTX.js.map +0 -1
package/dist/UnifiedAuthProvider-4SBX4LU5.js +0 -18
package/dist/UnifiedAuthProvider-4SBX4LU5.js.map +0 -1
package/dist/api-O6HTBX5Y.js +0 -52
package/dist/api-O6HTBX5Y.js.map +0 -1
package/dist/audit-V53FV5AG.js +0 -17
package/dist/audit-V53FV5AG.js.map +0 -1
package/dist/chunk-5DRSZLL2.js.map +0 -1
package/dist/chunk-63FOKYGO.js.map +0 -1
package/dist/chunk-6COVEUS7.js.map +0 -1
package/dist/chunk-AFVQODI2.js +0 -263
package/dist/chunk-AFVQODI2.js.map +0 -1
package/dist/chunk-DGUM43GV.js.map +0 -1
package/dist/chunk-E66EQZE6.js.map +0 -1
package/dist/chunk-EFN2EIMK.js.map +0 -1
package/dist/chunk-FFQEQTNW.js.map +0 -1
package/dist/chunk-FMUCXFII.js.map +0 -1
package/dist/chunk-G37KK66H.js.map +0 -1
package/dist/chunk-G7QEZTYQ.js +0 -2053
package/dist/chunk-G7QEZTYQ.js.map +0 -1
package/dist/chunk-HU2C6SSC.js.map +0 -1
package/dist/chunk-IHB5DR3H.js.map +0 -1
package/dist/chunk-IVOFDYWT.js.map +0 -1
package/dist/chunk-J36DSWQK.js.map +0 -1
package/dist/chunk-JGRYX5UX.js.map +0 -1
package/dist/chunk-KQCRWDSA.js +0 -1
package/dist/chunk-KQCRWDSA.js.map +0 -1
package/dist/chunk-L4OXEN46.js.map +0 -1
package/dist/chunk-LMC26NLJ.js +0 -84
package/dist/chunk-LMC26NLJ.js.map +0 -1
package/dist/chunk-M43Y4SSO.js.map +0 -1
package/dist/chunk-M7MPQISP.js.map +0 -1
package/dist/chunk-NTM7ZSB6.js.map +0 -1
package/dist/chunk-PWLANIRT.js.map +0 -1
package/dist/chunk-QXHPKYJV.js.map +0 -1
package/dist/chunk-RGAWHO7N.js.map +0 -1
package/dist/chunk-UPPMRMYG.js.map +0 -1
package/dist/chunk-VBXEHIUJ.js.map +0 -1
package/dist/chunk-ZSAAAMVR.js.map +0 -1
package/dist/components.js.map +0 -1
package/dist/contextValidator-5OGXSPKS.js +0 -9
package/dist/contextValidator-5OGXSPKS.js.map +0 -1
package/dist/eslint-rules/pace-core-compliance.cjs +0 -510
package/dist/hooks.js.map +0 -1
package/dist/index.js.map +0 -1
package/dist/providers.js.map +0 -1
package/dist/rbac/eslint-rules.js.map +0 -1
package/dist/rbac/index.js.map +0 -1
package/dist/styles/index.js.map +0 -1
package/dist/theming/runtime.js.map +0 -1
package/dist/types.js.map +0 -1
package/dist/utils.js.map +0 -1
package/docs/best-practices/README.md +0 -472
package/docs/best-practices/accessibility.md +0 -601
package/docs/best-practices/common-patterns.md +0 -516
package/docs/best-practices/deployment.md +0 -1103
package/docs/best-practices/performance.md +0 -1328
package/docs/best-practices/security.md +0 -940
package/docs/best-practices/testing.md +0 -1034
package/docs/rbac/compliance/compliance-guide.md +0 -544
package/docs/standards/01-architecture-standard.md +0 -44
package/docs/standards/02-api-and-rpc-standard.md +0 -39
package/docs/standards/03-component-standard.md +0 -32
package/docs/standards/04-code-style-standard.md +0 -32
package/docs/standards/05-security-standard.md +0 -44
package/docs/standards/06-testing-and-docs-standard.md +0 -29
package/docs/standards/pace-core-compliance.md +0 -432
package/scripts/audit/core/checks/accessibility.cjs +0 -197
package/scripts/audit/core/checks/api-usage.cjs +0 -191
package/scripts/audit/core/checks/bundle.cjs +0 -142
package/scripts/audit/core/checks/compliance.cjs +0 -2706
package/scripts/audit/core/checks/config.cjs +0 -54
package/scripts/audit/core/checks/coverage.cjs +0 -84
package/scripts/audit/core/checks/dependencies.cjs +0 -994
package/scripts/audit/core/checks/documentation.cjs +0 -268
package/scripts/audit/core/checks/environment.cjs +0 -116
package/scripts/audit/core/checks/error-handling.cjs +0 -340
package/scripts/audit/core/checks/forms.cjs +0 -172
package/scripts/audit/core/checks/heuristics.cjs +0 -68
package/scripts/audit/core/checks/hooks.cjs +0 -334
package/scripts/audit/core/checks/imports.cjs +0 -244
package/scripts/audit/core/checks/performance.cjs +0 -325
package/scripts/audit/core/checks/routes.cjs +0 -117
package/scripts/audit/core/checks/state.cjs +0 -130
package/scripts/audit/core/checks/structure.cjs +0 -65
package/scripts/audit/core/checks/style.cjs +0 -584
package/scripts/audit/core/checks/testing.cjs +0 -122
package/scripts/audit/core/checks/typescript.cjs +0 -61
package/scripts/audit/core/scanner.cjs +0 -199
package/scripts/audit/core/utils.cjs +0 -137
package/scripts/audit/index.cjs +0 -223
package/scripts/audit/reporters/console.cjs +0 -151
package/scripts/audit/reporters/json.cjs +0 -54
package/scripts/audit/reporters/markdown.cjs +0 -124
package/scripts/audit-consuming-app.cjs +0 -86
package/src/components/DataTable/components/DataTableBody.tsx +0 -454
package/src/components/DataTable/components/DraggableColumnHeader.tsx +0 -156
package/src/components/DataTable/components/ExpandButton.tsx +0 -113
package/src/components/DataTable/components/GroupHeader.tsx +0 -54
package/src/components/DataTable/components/ViewRowModal.tsx +0 -68
package/src/components/DataTable/components/VirtualizedDataTable.tsx +0 -525
package/src/components/DataTable/components/__tests__/ExpandButton.test.tsx +0 -462
package/src/components/DataTable/components/__tests__/GroupHeader.test.tsx +0 -393
package/src/components/DataTable/components/__tests__/ViewRowModal.test.tsx +0 -476
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +0 -128
package/src/components/DataTable/core/DataTableContext.tsx +0 -216
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +0 -136
package/src/components/DataTable/hooks/__tests__/useColumnReordering.test.ts +0 -570
package/src/components/DataTable/hooks/useColumnReordering.ts +0 -123
package/src/components/DataTable/utils/debugTools.ts +0 -514
package/src/eslint-rules/pace-core-compliance.js +0 -638
package/src/rbac/components/EnhancedNavigationMenu.test.tsx +0 -555
package/src/rbac/components/EnhancedNavigationMenu.tsx +0 -293
package/src/rbac/components/NavigationProvider.test.tsx +0 -481
package/src/rbac/components/NavigationProvider.tsx +0 -345
package/src/rbac/components/PagePermissionProvider.test.tsx +0 -476
package/src/rbac/components/PagePermissionProvider.tsx +0 -279
package/src/rbac/components/PermissionEnforcer.tsx +0 -312
package/src/rbac/components/RoleBasedRouter.tsx +0 -440
package/src/rbac/components/SecureDataProvider.test.tsx +0 -543
package/src/rbac/components/SecureDataProvider.tsx +0 -339
package/src/rbac/components/__tests__/EnhancedNavigationMenu.test.tsx +0 -620
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +0 -726
package/src/rbac/components/__tests__/PagePermissionProvider.test.tsx +0 -661
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +0 -881
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +0 -783
package/src/rbac/components/__tests__/SecureDataProvider.fixed.test.tsx +0 -645
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +0 -659
package/src/rbac/hooks/permissions/useCachedPermissions.ts +0 -79
package/src/rbac/hooks/permissions/useHasAllPermissions.ts +0 -90
package/src/rbac/hooks/permissions/useHasAnyPermission.ts +0 -90

package/src/rbac/adapters.tsx CHANGED Viewed

@@ -4,254 +4,17 @@
  * @module RBAC/Adapters
  * @since 1.0.0
  *
- * This module provides adapters for different frameworks and server runtimes.
- */
-import React, { ReactNode } from 'react';
-import { UUID, Permission } from './types';
-import { useCan } from './hooks';
-import { rbacCache, RBACCache } from './cache';
-import { getRBACLogger } from './config';
-import { useUnifiedAuth } from '../providers/services/UnifiedAuthProvider';
-// ============================================================================
-// REACT COMPONENTS
-// ============================================================================
-/**
- * Permission Guard Component
- *
- * A React component that conditionally renders children based on permissions.
- * Can auto-infer userId from context if not provided.
+ * This module provides server-side adapters for different frameworks and server runtimes.
  *
- * @example
- * ```tsx
- * // With explicit userId and scope
- * <PermissionGuard
- *   userId="user-123"
- *   scope={{ organisationId: 'org-456' }}
- *   permission="update:events"
- *   pageId="page-789"
- *   fallback={<AccessDenied />}
- * >
- *   <AdminPanel />
- * </PermissionGuard>
+ * NOTE: React components (PermissionGuard, AccessLevelGuard) have been removed.
+ * Use PagePermissionGuard from @jmruthers/pace-core/rbac for all client-side permission enforcement.
+ * Use useAccessLevel hook + conditional rendering for access level checks.
  *
- * // With context inference (requires auth context)
- * <PermissionGuard
- *   permission="update:events"
- *   scope={{ organisationId: 'org-456' }}
- *   fallback={<AccessDenied />}
- * >
- *   <AdminPanel />
- * </PermissionGuard>
- * ```
+ * Server adapters are provided for server-side route protection (Next.js, Express, etc.).
+ * These are optional utilities for server-side applications.
  */
-export function PermissionGuard({
-  userId,
-  scope,
-  permission,
-  pageId,
-  children,
-  fallback = null,
-  onDenied,
-  loading = null,
-  // NEW: Phase 1 - Enhanced Security Features
-  strictMode = true,
-  auditLog = true,
-  enforceAudit = true,
-}: {
-  userId?: UUID;
-  scope: { organisationId: UUID; eventId?: string; appId?: UUID };
-  permission: Permission;
-  pageId?: UUID;
-  children: ReactNode;
-  fallback?: ReactNode;
-  onDenied?: () => void;
-  loading?: ReactNode;
-  // NEW: Phase 1 - Enhanced Security Features
-  strictMode?: boolean;
-  auditLog?: boolean;
-  enforceAudit?: boolean;
-}): React.ReactNode {
-  const logger = getRBACLogger();
-  let authContext: ReturnType<typeof useUnifiedAuth> | null = null;
-  try {
-    authContext = useUnifiedAuth();
-  } catch (error) {
-    if (error instanceof Error && error.message.includes('must be used within')) {
-      authContext = null;
-    } else {
-      throw error;
-    }
-  }
-  const effectiveUserId = userId ?? authContext?.user?.id ?? null;
-  // Always call useCan hook, but handle the case where userId might be undefined
-  // Pass null for super admin status (not checked yet - hook will check if needed)
-  const { can, isLoading, error } = useCan(
-    effectiveUserId || '',
-    scope,
-    permission,
-    pageId,
-    true, // useCache
-    null, // precomputedSuperAdmin - not checked yet
-    undefined // appName
-  );
-  // If still no userId, show helpful error
-  if (!effectiveUserId) {
-    logger.error('PermissionGuard: No userId provided and could not infer from context');
-    return fallback ?? null;
-  }
-  // Handle loading state
-  if (isLoading) {
-    return loading || (
-      <div className="rbac-loading" role="status" aria-live="polite">
-        <span className="sr-only">Checking permissions...</span>
-      </div>
-    );
-  }
-  // Handle error state
-  if (error) {
-    logger.error('Permission check failed:', error);
-    // NEW: Phase 1 - Record failed permission check for audit
-    if (auditLog) {
-      // Permission check failed logged
-    }
-    return fallback;
-  }
-  // Handle permission denied
-  if (!can) {
-    // NEW: Phase 1 - Record denied permission check for audit
-    if (auditLog) {
-      // Permission denied logged
-    }
-    // NEW: Phase 1 - Handle strict mode violations
-    if (strictMode) {
-      logger.error(`[PermissionGuard] STRICT MODE VIOLATION: User attempted to access protected resource without permission`, {
-        userId: effectiveUserId,
-        scope,
-        permission,
-        pageId,
-        timestamp: new Date().toISOString()
-      });
-    }
-    if (onDenied) {
-      onDenied();
-    }
-    return <>{fallback}</>;
-  }
-  // NEW: Phase 1 - Record successful permission check for audit
-  if (auditLog) {
-    // Permission granted logged
-  }
-  // Render children if permission granted
-  return <>{children}</>;
-}
-/**
- * Access Level Guard Component
- *
- * A React component that conditionally renders children based on access level.
- * Can auto-infer userId from context if not provided.
- *
- * @example
- * ```tsx
- * // With explicit userId and scope
- * <AccessLevelGuard
- *   userId="user-123"
- *   scope={{ organisationId: 'org-456' }}
- *   minLevel="admin"
- *   fallback={<AccessDenied />}
- * >
- *   <AdminPanel />
- * </AccessLevelGuard>
- *
- * // With context inference (requires auth context)
- * <AccessLevelGuard
- *   minLevel="admin"
- *   scope={{ organisationId: 'org-456' }}
- *   fallback={<AccessDenied />}
- * >
- *   <AdminPanel />
- * </AccessLevelGuard>
- * ```
- */
-export function AccessLevelGuard({
-  userId,
-  scope,
-  minLevel,
-  children,
-  fallback = null,
-  loading = null,
-}: {
-  userId?: UUID;
-  scope: { organisationId: UUID; eventId?: string; appId?: UUID };
-  minLevel: 'viewer' | 'participant' | 'planner' | 'admin' | 'super';
-  children: ReactNode;
-  fallback?: ReactNode;
-  loading?: ReactNode;
-}): React.ReactNode {
-  const logger = getRBACLogger();
-  let authContext: ReturnType<typeof useUnifiedAuth> | null = null;
-  try {
-    authContext = useUnifiedAuth();
-  } catch (error) {
-    if (error instanceof Error && error.message.includes('must be used within')) {
-      authContext = null;
-    } else {
-      throw error;
-    }
-  }
-  const effectiveUserId = userId ?? authContext?.user?.id ?? null;
-  // Always call useAccessLevel hook, but handle the case where userId might be undefined
-  const { accessLevel, isLoading, error } = useAccessLevel(effectiveUserId || '', scope);
-  // If still no userId, show helpful error
-  if (!effectiveUserId) {
-    logger.error('AccessLevelGuard: No userId provided and could not infer from context');
-    return fallback ?? null;
-  }
-  // Handle loading state
-  if (isLoading) {
-    return loading || (
-      <div className="rbac-loading" role="status" aria-live="polite">
-        <span className="sr-only">Checking access level...</span>
-      </div>
-    );
-  }
-  // Handle error state
-  if (error) {
-    logger.error('Access level check failed:', error);
-    return fallback;
-  }
-  // Check access level
-  const levelHierarchy = ['viewer', 'participant', 'planner', 'admin', 'super'];
-  const userLevelIndex = accessLevel ? levelHierarchy.indexOf(accessLevel) : -1;
-  const requiredLevelIndex = levelHierarchy.indexOf(minLevel);
-  if (userLevelIndex < requiredLevelIndex) {
-    return <>{fallback}</>;
-  }
-  return <>{children}</>;
-}
+import { UUID, Permission } from './types';
 // ============================================================================
 // SERVER ADAPTERS
@@ -620,54 +383,3 @@ export function createRBACExpressMiddleware(config: {
   };
 }
-// ============================================================================
-// UTILITY FUNCTIONS
-// ============================================================================
-/**
- * Check if a user has a permission (synchronous cache check only)
- *
- * @param userId - User ID
- * @param scope - Permission scope
- * @param permission - Permission to check
- * @param pageId - Optional page ID
- * @returns True if permission is cached and granted
- */
-export function hasPermissionCached(
-  userId: UUID,
-  scope: { organisationId: UUID; eventId?: string; appId?: UUID },
-  _permission: Permission,
-  _pageId?: UUID
-): boolean {
-  const cacheKey = RBACCache.generatePermissionKey({
-    userId,
-    organisationId: scope.organisationId,
-    eventId: scope.eventId,
-    appId: scope.appId,
-  });
-  return rbacCache.get<boolean>(cacheKey) || false;
-}
-/**
- * Check if a user has any of the specified permissions (synchronous cache check only)
- *
- * @param userId - User ID
- * @param scope - Permission scope
- * @param permissions - Array of permissions to check
- * @param pageId - Optional page ID
- * @returns True if any permission is cached and granted
- */
-export function hasAnyPermissionCached(
-  userId: UUID,
-  scope: { organisationId: UUID; eventId?: string; appId?: UUID },
-  permissions: Permission[],
-  pageId?: UUID
-): boolean {
-  return permissions.some(permission =>
-    hasPermissionCached(userId, scope, permission, pageId)
-  );
-}
-// Import useAccessLevel for AccessLevelGuard
-import { useAccessLevel } from './hooks';

package/src/rbac/api.test.ts CHANGED Viewed

@@ -471,38 +471,50 @@ describe('RBAC API', () => {
     beforeEach(() => {
       // Create a mock Supabase client that can handle getPageScopeType queries
-      const mockSupabaseForEngine = {
-        from: vi.fn((table: string) => {
-          if (table === 'rbac_apps') {
-            return {
-              select: vi.fn(() => ({
-                eq: vi.fn(() => ({
-                  eq: vi.fn(() => ({
-                    single: vi.fn().mockResolvedValue({ data: { id: 'app-123' }, error: null })
-                  }))
-                }))
-              }))
-            };
-          }
-          if (table === 'rbac_app_pages') {
-            return {
-              select: vi.fn(() => ({
-                eq: vi.fn(() => ({
-                  eq: vi.fn(() => ({
-                    maybeSingle: vi.fn().mockResolvedValue({ data: { id: '123e4567-e89b-12d3-a456-426614174000' }, error: null })
-                  }))
-                }))
-              }))
-            };
+      // This needs to handle multiple query patterns:
+      // 1. from('rbac_apps').select('name').eq('id', ...).eq('is_active', true).single()
+      // 2. from('rbac_apps').select('id').eq('name', ...).eq('is_active', true).single()
+      // 3. from('rbac_app_pages').select('id').eq('app_id', ...).eq('page_name', ...).maybeSingle()
+      // 4. from('rbac_app_pages').select('scope_type').eq('id', ...).single()
+      const createQueryBuilder = (table: string, selectField?: string) => {
+        const builder: any = {
+          select: vi.fn().mockReturnThis(),
+          eq: vi.fn().mockReturnThis(),
+          maybeSingle: vi.fn().mockResolvedValue({ data: null, error: null }),
+          single: vi.fn().mockResolvedValue({ data: null, error: null })
+        };
+        // Handle different query patterns based on table and select field
+        if (table === 'rbac_apps') {
+          if (selectField === 'name') {
+            // Pattern: select('name').eq('id', ...).eq('is_active', true).single()
+            builder.single = vi.fn().mockResolvedValue({ data: { name: 'test-app' }, error: null });
+          } else if (selectField === 'id') {
+            // Pattern: select('id').eq('name', ...).eq('is_active', true).single()
+            builder.single = vi.fn().mockResolvedValue({ data: { id: 'app-123' }, error: null });
           }
-          return mockSupabase.from(table);
-        }),
-        rpc: vi.fn((fnName: string, params: any) => {
-          if (fnName === 'get_page_scope_type') {
-            return Promise.resolve({ data: 'organisation', error: null });
+        } else if (table === 'rbac_app_pages') {
+          if (selectField === 'id') {
+            // Pattern: select('id').eq('app_id', ...).eq('page_name', ...).maybeSingle()
+            builder.maybeSingle = vi.fn().mockResolvedValue({ data: { id: '123e4567-e89b-12d3-a456-426614174000' }, error: null });
+          } else if (selectField === 'scope_type') {
+            // Pattern: select('scope_type').eq('id', ...).single()
+            builder.single = vi.fn().mockResolvedValue({ data: { scope_type: 'organisation' }, error: null });
           }
-          return Promise.resolve({ data: null, error: null });
-        }),
+        }
+        // Make select() return builder with the selectField tracked
+        builder.select = vi.fn((fields: string) => {
+          return createQueryBuilder(table, fields);
+        });
+        return builder;
+      };
+      const mockSupabaseForEngine = {
+        from: vi.fn((table: string) => createQueryBuilder(table)),
+        rpc: vi.fn().mockResolvedValue({ data: null, error: null }),
         auth: mockSupabase.auth
       };
@@ -736,32 +748,8 @@ describe('RBAC API', () => {
       });
     });
-    describe('hasPermission', () => {
-      it('calls isPermitted', async () => {
-        const { hasPermission } = await import('./api');
-        mockEngine.isPermitted.mockResolvedValue(true);
-        const result = await hasPermission({
-          userId: 'user-123',
-          scope: { organisationId: 'org-456' },
-          permission: 'read:users'
-        });
-        expect(result).toBe(true);
-        expect(mockEngine.isPermitted).toHaveBeenCalledWith(
-          {
-            userId: 'user-123',
-            scope: { organisationId: 'org-456' },
-            permission: 'read:users'
-          },
-          expect.objectContaining({
-            userId: 'user-123',
-            organisationId: 'org-456'
-          })
-        );
-      });
-    });
+    // hasPermission was removed - use isPermitted directly
+    // Tests for isPermitted are covered in the isPermitted describe block above
     describe('hasAnyPermission', () => {
       it('returns true if user has any permission', async () => {

package/src/rbac/api.ts CHANGED Viewed

@@ -490,16 +490,6 @@ export async function isPermittedCached(
   });
 }
-/**
- * Check if a user has a specific permission (alias for isPermitted)
- *
- * @param input - Permission check parameters
- * @returns Promise<boolean> - True if user has permission
- */
-export async function hasPermission(input: PermissionCheck): Promise<boolean> {
-  return isPermitted(input);
-}
 /**
  * Check if user has any of the specified permissions
  *
@@ -623,22 +613,25 @@ export async function getPageScopeType(
       throw new Error(`Could not resolve pageId ${pageId} to a valid UUID`);
     }
-    // Call the database function to get scope type (always returns a value)
-    const { data, error } = await engine['supabase']
-      .rpc('get_page_scope_type' as any, {
-        p_page_id: resolvedPageId
-      }) as { data: 'event' | 'organisation' | 'both' | null; error: any };
+    // Query scope type directly from rbac_app_pages (removed legacy RPC get_page_scope_type)
+    const { data: pageData, error } = await engine['supabase']
+      .from('rbac_app_pages')
+      .select('scope_type')
+      .eq('id', resolvedPageId)
+      .single();
     if (error) {
       log.error('Error fetching page scope type:', { pageId, appId, error });
       throw new Error(`Failed to get page scope type: ${error.message}`);
     }
-    if (!data) {
+    if (!pageData || !pageData.scope_type) {
       throw new Error(`Page ${resolvedPageId} does not have scope_type set`);
     }
-    return data;
+    // Type assertion to narrow string to the specific union type
+    // The database constraint ensures it's one of these values
+    return pageData.scope_type as 'event' | 'organisation' | 'both';
   } catch (err) {
     log.error('Error fetching page scope type:', err);
     throw err instanceof Error ? err : new Error(`Failed to get page scope type: ${String(err)}`);

package/src/rbac/cache-invalidation.ts CHANGED Viewed

@@ -357,7 +357,6 @@ let globalCacheInvalidationManager: RBACCacheInvalidationManager | null = null;
 export function initializeCacheInvalidation(supabase: SupabaseClient<Database>): RBACCacheInvalidationManager {
   // Clean up existing manager if it exists (e.g., when switching Supabase clients)
   if (globalCacheInvalidationManager) {
-    log.debug('Cleaning up existing cache invalidation manager before creating new one');
     globalCacheInvalidationManager.cleanup();
   }

package/src/rbac/compliance/index.ts CHANGED Viewed

@@ -36,3 +36,13 @@ export {
   type QuickFix,
 } from './quick-fix-suggestions';
+export {
+  detectDirectRpcCalls,
+  detectDirectTableQueries,
+  detectCustomAccessDeniedComponents,
+  detectPatternViolations,
+  logPatternViolations,
+  type PatternViolation,
+  type PatternDetectionResult,
+} from './pattern-detector';