@marianmeres/ownsuite 2.1.0 → 2.2.2

package/dist/domains/owned-collection.d.ts

@@ -16,7 +16,10 @@
 import type { OwnedCollectionAdapter } from "../types/adapter.js";
 import type { OwnedCollectionState } from "../types/state.js";
 import { BaseDomainManager, type BaseDomainOptions } from "./base.js";
+/** Construction-time options for {@link OwnedCollectionManager}. */
 export interface OwnedCollectionManagerOptions<TRow, TCreate, TUpdate> extends BaseDomainOptions {
+    /** Server adapter for this domain. Optional at construction — can be
+     *  installed later with `setAdapter()`. */
     adapter?: OwnedCollectionAdapter<TRow, TCreate, TUpdate>;
     /** Function that extracts the row id from a row. Defaults to `row.model_id`. */
     getRowId?: (row: TRow) => string;
@@ -30,6 +33,8 @@ export interface OwnedCollectionManagerOptions<TRow, TCreate, TUpdate> extends B
  */
 export declare class OwnedCollectionManager<TRow = Record<string, unknown>, TCreate = Partial<TRow>, TUpdate = Partial<TRow>> extends BaseDomainManager<OwnedCollectionState<TRow>, OwnedCollectionAdapter<TRow, TCreate, TUpdate>> {
     #private;
+    /** Build a new manager. Normally called by `Ownsuite.registerDomain`,
+     *  not consumers. */
     constructor(domainName: string, options?: OwnedCollectionManagerOptions<TRow, TCreate, TUpdate>);
     /** Initialize by fetching the list from the server. */
     initialize(): Promise<void>;

package/dist/domains/owned-collection.js

@@ -32,6 +32,8 @@ const defaultGetRowId = (row) => {
  */
 export class OwnedCollectionManager extends BaseDomainManager {
     #getRowId;
+    /** Build a new manager. Normally called by `Ownsuite.registerDomain`,
+     *  not consumers. */
     constructor(domainName, options = {}) {
         super(domainName, options);
         this.#getRowId = options.getRowId ?? defaultGetRowId;

package/dist/domains/profile.d.ts

@@ -20,8 +20,14 @@ import { type StoreLike } from "@marianmeres/store";
 import { type PubSub } from "@marianmeres/pubsub";
 import type { OAuthConnection, OAuthProvider, OwnsuiteContext, ProfileAdapter, ProfileResult } from "../types/mod.js";
 import type { SessionManager } from "./session.js";
+/** Construction-time options for {@link ProfileManager}. Assembled by
+ *  `createOwnsuite` when a profile adapter is supplied. */
 export interface ProfileManagerOptions {
+    /** Profile adapter — talks to `/me`. */
     adapter: ProfileAdapter;
+    /** Session manager — used to patch the subject in place on fetch /
+     *  update so consumers reading the session see updates without a second
+     *  subscription. */
     session: SessionManager;
     /** Shared pubsub for event emission. Private if omitted. */
     pubsub?: PubSub;
@@ -29,6 +35,7 @@ export interface ProfileManagerOptions {
      *  `jwt` and `signal` by the manager. */
     context?: OwnsuiteContext;
 }
+/** Reactive state exposed by {@link ProfileManager.get} / `subscribe`. */
 export interface ProfileState {
     /** Null until the first successful fetch. */
     profile: ProfileResult | null;
@@ -42,10 +49,15 @@ export interface ProfileState {
  */
 export declare class ProfileManager {
     #private;
+    /** Build a new profile manager. Normally called by `createOwnsuite`. */
     constructor(options: ProfileManagerOptions);
+    /** Svelte-compatible subscribe method over {@link ProfileState}. */
     get subscribe(): StoreLike<ProfileState>["subscribe"];
+    /** Current profile state snapshot. */
     get(): ProfileState;
+    /** Merge `ctx` into the adapter context (keys not present are kept). */
     setContext(ctx: OwnsuiteContext): void;
+    /** Replace the adapter context wholesale. */
     replaceContext(ctx: OwnsuiteContext): void;
     /** Fetch `/me`. Supersedes any in-flight fetch. */
     fetch(): Promise<ProfileResult>;
@@ -55,8 +67,14 @@ export declare class ProfileManager {
         email?: string;
         current_password?: string;
     }): Promise<ProfileResult>;
+    /** List OAuth provider connections linked to the authenticated account. */
     listOAuth(): Promise<OAuthConnection[]>;
+    /** Unlink an OAuth provider. Emits `oauth:unlinked` and best-effort
+     *  re-fetches the profile so the connection list reflects the change. */
     unlinkOAuth(provider: OAuthProvider): Promise<void>;
+    /** Abort any in-flight fetch and clear cached profile state. */
     reset(): void;
+    /** Tear down the manager — aborts in-flight fetches and clears state.
+     *  Called by `Ownsuite.destroy()`. */
     destroy(): void;
 }

package/dist/domains/profile.js

@@ -34,6 +34,7 @@ export class ProfileManager {
     #context;
     /** Currently-active read controller, for abort-supersede semantics. */
     #readController = null;
+    /** Build a new profile manager. Normally called by `createOwnsuite`. */
     constructor(options) {
         this.#adapter = options.adapter;
         this.#session = options.session;
@@ -41,15 +42,19 @@ export class ProfileManager {
         this.#context = options.context ?? {};
         this.#store = createStore({ ...EMPTY });
     }
+    /** Svelte-compatible subscribe method over {@link ProfileState}. */
     get subscribe() {
         return this.#store.subscribe;
     }
+    /** Current profile state snapshot. */
     get() {
         return this.#store.get();
     }
+    /** Merge `ctx` into the adapter context (keys not present are kept). */
     setContext(ctx) {
         this.#context = { ...this.#context, ...ctx };
     }
+    /** Replace the adapter context wholesale. */
     replaceContext(ctx) {
         this.#context = { ...ctx };
     }
@@ -139,10 +144,13 @@ export class ProfileManager {
             throw e;
         }
     }
+    /** List OAuth provider connections linked to the authenticated account. */
     async listOAuth() {
         const ctrl = new AbortController();
         return await this.#adapter.listOAuth(this.#ctxFor(ctrl.signal));
     }
+    /** Unlink an OAuth provider. Emits `oauth:unlinked` and best-effort
+     *  re-fetches the profile so the connection list reflects the change. */
     async unlinkOAuth(provider) {
         const ctrl = new AbortController();
         await this.#adapter.unlinkOAuth(provider, this.#ctxFor(ctrl.signal));
@@ -159,10 +167,13 @@ export class ProfileManager {
             // swallow — caller already got a successful unlink
         }
     }
+    /** Abort any in-flight fetch and clear cached profile state. */
     reset() {
         this.#abortActiveRead("reset");
         this.#store.set({ ...EMPTY });
     }
+    /** Tear down the manager — aborts in-flight fetches and clears state.
+     *  Called by `Ownsuite.destroy()`. */
     destroy() {
         this.#abortActiveRead("destroyed");
         this.#store.set({ ...EMPTY });

package/dist/domains/session.d.ts

@@ -22,6 +22,7 @@ export declare function createMemorySessionStorage(): SessionStorage;
  *  Gracefully falls back to memory storage when running in an environment
  *  without Web Storage (SSR, worker without storage, etc). */
 export declare function resolveSessionStorage(type?: SessionStorageType): SessionStorage;
+/** Construction-time options for {@link SessionManager}. */
 export interface SessionManagerOptions {
     /** Storage backend for session persistence. Default: "local". */
     storage?: SessionStorageType;
@@ -34,40 +35,67 @@ export interface SessionManagerOptions {
 /**
  * Session manager — pure reactive state + persistence, no HTTP.
  *
- * Writes are driven by the AuthManager. On construction it hydrates from
- * storage; if the stored JWT has expired, it transitions to anonymous and
- * clears the storage.
+ * Writes are driven by the AuthManager. On construction it hydrates by
+ * probing the built-in backends in order `local → session → memory` and
+ * adopting whichever holds a non-expired payload as the active backend for
+ * the rest of the instance's lifetime (until `clear()`). Stale blobs on the
+ * other built-in backends are wiped on adoption.
+ *
+ * When constructed with a custom `SessionStorage` object, there is a single
+ * backend and per-login `remember` choices are silently ignored.
  */
 export declare class SessionManager {
     #private;
+    /** Build a new session manager. Hydrates synchronously from storage
+     *  (probing `local → session → memory` in the built-in case) before the
+     *  constructor returns, so consumers can read `get()` immediately. */
     constructor(options?: SessionManagerOptions);
     /** Svelte-compatible subscribe. */
     get subscribe(): StoreLike<SessionState>["subscribe"];
     /** Current session state snapshot. */
     get(): SessionState;
+    /** True when `status === "authenticated"`. Shorthand for `get().status`
+     *  checks in consumer code. */
     get isAuthenticated(): boolean;
+    /** True when `status === "unverified"` — account exists but the server
+     *  gates login behind email verification. */
     get isUnverified(): boolean;
+    /** True when `status === "anonymous"` — no session. */
     get isAnonymous(): boolean;
     /** JWT for adapter `Authorization` headers, or null when anonymous. */
     getJwt(): string | null;
     /** Transition to authenticated. Called after login/register/OAuth succeed
-     *  and the subject has been loaded. */
+     *  and the subject has been loaded.
+     *
+     *  When `opts.storage` is one of `"local"` / `"session"` / `"memory"`,
+     *  pins this session to that built-in backend; subsequent
+     *  `patchSubject` / `setUnverified` writes land on the same backend.
+     *  The previously-active backend's blob is wiped as part of the switch
+     *  so "Remember me" toggles don't leave stale data behind.
+     *
+     *  Ignored when the manager was constructed with a custom `SessionStorage`
+     *  object (single backend) or when `opts.storage` is itself an object
+     *  (no multi-backend custom storage by design). */
     setAuthenticated(opts: {
         jwt: string;
         subject: SessionSubject;
         expiresAt?: number | null;
+        storage?: SessionStorageType;
     }): void;
     /** Server confirmed credentials but refuses login until email is
      *  verified. Expose the email so the UI can prompt "check your inbox"
      *  without a second server call. No JWT in this state. */
     setUnverified(email: string): void;
-    /** Drop the session. Storage is cleared; downstream domains should be
-     *  reset by the suite orchestrator. */
+    /** Drop the session. Every built-in backend (local + session + memory)
+     *  is wiped — not just the active one — so stale blobs from a previous
+     *  "Remember me" toggle can't leak back in on the next construction.
+     *  Resets the active backend to the manager's configured default.
+     *  Downstream domains should be reset by the suite orchestrator. */
     clear(): void;
     /** Patch the subject in place without touching the JWT. Used when the
      *  profile manager changes email / linked providers / etc. */
     patchSubject(patch: Partial<SessionSubject>): void;
-    /** Test / reset hook — clears storage AND in-memory state without
+    /** Test / reset hook — clears every backend AND in-memory state without
      *  emitting. Used by teardown. */
     destroy(): void;
 }

package/dist/domains/session.js

@@ -16,6 +16,11 @@
 import { createStore } from "@marianmeres/store";
 import { createPubSub } from "@marianmeres/pubsub";
 const DEFAULT_STORAGE_KEY = "ownsuite:session";
+const BUILT_IN_ORDER = [
+    "local",
+    "session",
+    "memory",
+];
 const EMPTY = {
     status: "anonymous",
     subject: null,
@@ -82,56 +87,117 @@ export function resolveSessionStorage(type = "local") {
 /**
  * Session manager — pure reactive state + persistence, no HTTP.
  *
- * Writes are driven by the AuthManager. On construction it hydrates from
- * storage; if the stored JWT has expired, it transitions to anonymous and
- * clears the storage.
+ * Writes are driven by the AuthManager. On construction it hydrates by
+ * probing the built-in backends in order `local → session → memory` and
+ * adopting whichever holds a non-expired payload as the active backend for
+ * the rest of the instance's lifetime (until `clear()`). Stale blobs on the
+ * other built-in backends are wiped on adoption.
+ *
+ * When constructed with a custom `SessionStorage` object, there is a single
+ * backend and per-login `remember` choices are silently ignored.
  */
 export class SessionManager {
     #store;
     #pubsub;
-    #storage;
     #storageKey;
+    /** Set only when the consumer passed a `SessionStorage` object at
+     *  construction — then there is one backend and no toggling. */
+    #customStorage;
+    /** Resolved eagerly in the string-storage case so `clear()` can wipe
+     *  every backend and per-login overrides can switch between them. */
+    #builtIn;
+    #defaultStorageType;
+    #activeStorage;
+    #activeStorageType;
+    /** Build a new session manager. Hydrates synchronously from storage
+     *  (probing `local → session → memory` in the built-in case) before the
+     *  constructor returns, so consumers can read `get()` immediately. */
     constructor(options = {}) {
         this.#pubsub = options.pubsub ?? createPubSub();
-        this.#storage = resolveSessionStorage(options.storage ?? "local");
         this.#storageKey = options.storageKey ?? DEFAULT_STORAGE_KEY;
         this.#store = createStore({ ...EMPTY });
+        const configured = options.storage ?? "local";
+        if (typeof configured === "string") {
+            this.#customStorage = null;
+            this.#builtIn = {
+                local: resolveSessionStorage("local"),
+                session: resolveSessionStorage("session"),
+                memory: createMemorySessionStorage(),
+            };
+            this.#defaultStorageType = configured;
+            this.#activeStorage = this.#builtIn[configured];
+            this.#activeStorageType = configured;
+        }
+        else {
+            this.#customStorage = configured;
+            this.#builtIn = null;
+            this.#defaultStorageType = "local";
+            this.#activeStorage = configured;
+            this.#activeStorageType = "custom";
+        }
         this.#hydrate();
     }
-    /** Read from storage and populate the store. Expired sessions are wiped. */
-    #hydrate() {
-        const raw = this.#storage.get(this.#storageKey);
+    /** Try to parse a payload and validate shape + expiry. Returns the state
+     *  on success, or `null` (and deletes the stored blob) on any failure. */
+    #readCandidate(storage) {
+        const raw = storage.get(this.#storageKey);
         if (!raw)
-            return;
+            return null;
         try {
             const parsed = JSON.parse(raw);
-            // Basic shape check.
             if (typeof parsed !== "object" ||
                 parsed === null ||
                 typeof parsed.status !== "string") {
-                this.#storage.del(this.#storageKey);
-                return;
+                storage.del(this.#storageKey);
+                return null;
             }
-            // Expiry check (only meaningful when expiresAt is set).
             if (parsed.expiresAt !== null &&
                 parsed.expiresAt !== undefined &&
                 parsed.expiresAt * 1000 <= Date.now()) {
-                this.#storage.del(this.#storageKey);
-                return;
+                storage.del(this.#storageKey);
+                return null;
             }
-            this.#store.set(parsed);
+            return parsed;
         }
         catch {
-            this.#storage.del(this.#storageKey);
+            storage.del(this.#storageKey);
+            return null;
+        }
+    }
+    /** Read from storage and populate the store. Expired sessions are wiped.
+     *  In the built-in case, probes `local → session → memory` and wipes
+     *  the losing backends so stale blobs can't leak back in. */
+    #hydrate() {
+        if (this.#customStorage) {
+            const parsed = this.#readCandidate(this.#customStorage);
+            if (parsed)
+                this.#store.set(parsed);
+            return;
+        }
+        const builtIn = this.#builtIn;
+        for (const type of BUILT_IN_ORDER) {
+            const parsed = this.#readCandidate(builtIn[type]);
+            if (!parsed)
+                continue;
+            // Adopt this backend; wipe the others so a later login-with-toggle
+            // can't accidentally re-hydrate a stale blob.
+            for (const other of BUILT_IN_ORDER) {
+                if (other !== type)
+                    builtIn[other].del(this.#storageKey);
+            }
+            this.#activeStorage = builtIn[type];
+            this.#activeStorageType = type;
+            this.#store.set(parsed);
+            return;
         }
     }
     #persist() {
         const s = this.#store.get();
         if (s.status === "anonymous") {
-            this.#storage.del(this.#storageKey);
+            this.#activeStorage.del(this.#storageKey);
         }
         else {
-            this.#storage.set(this.#storageKey, JSON.stringify(s));
+            this.#activeStorage.set(this.#storageKey, JSON.stringify(s));
         }
     }
     #emitChange() {
@@ -149,12 +215,17 @@ export class SessionManager {
     get() {
         return this.#store.get();
     }
+    /** True when `status === "authenticated"`. Shorthand for `get().status`
+     *  checks in consumer code. */
     get isAuthenticated() {
         return this.#store.get().status === "authenticated";
     }
+    /** True when `status === "unverified"` — account exists but the server
+     *  gates login behind email verification. */
     get isUnverified() {
         return this.#store.get().status === "unverified";
     }
+    /** True when `status === "anonymous"` — no session. */
     get isAnonymous() {
         return this.#store.get().status === "anonymous";
     }
@@ -163,9 +234,26 @@ export class SessionManager {
         return this.#store.get().jwt;
     }
     /** Transition to authenticated. Called after login/register/OAuth succeed
-     *  and the subject has been loaded. */
+     *  and the subject has been loaded.
+     *
+     *  When `opts.storage` is one of `"local"` / `"session"` / `"memory"`,
+     *  pins this session to that built-in backend; subsequent
+     *  `patchSubject` / `setUnverified` writes land on the same backend.
+     *  The previously-active backend's blob is wiped as part of the switch
+     *  so "Remember me" toggles don't leave stale data behind.
+     *
+     *  Ignored when the manager was constructed with a custom `SessionStorage`
+     *  object (single backend) or when `opts.storage` is itself an object
+     *  (no multi-backend custom storage by design). */
     setAuthenticated(opts) {
-        const { jwt, subject, expiresAt = null } = opts;
+        const { jwt, subject, expiresAt = null, storage } = opts;
+        if (typeof storage === "string" && this.#builtIn) {
+            if (this.#activeStorage !== this.#builtIn[storage]) {
+                this.#activeStorage.del(this.#storageKey);
+                this.#activeStorage = this.#builtIn[storage];
+                this.#activeStorageType = storage;
+            }
+        }
         this.#store.set({
             status: "authenticated",
             subject,
@@ -194,15 +282,32 @@ export class SessionManager {
         this.#persist();
         this.#emitChange();
     }
-    /** Drop the session. Storage is cleared; downstream domains should be
-     *  reset by the suite orchestrator. */
+    /** Drop the session. Every built-in backend (local + session + memory)
+     *  is wiped — not just the active one — so stale blobs from a previous
+     *  "Remember me" toggle can't leak back in on the next construction.
+     *  Resets the active backend to the manager's configured default.
+     *  Downstream domains should be reset by the suite orchestrator. */
     clear() {
+        this.#wipeAllBackends();
+        if (this.#builtIn) {
+            this.#activeStorage = this.#builtIn[this.#defaultStorageType];
+            this.#activeStorageType = this.#defaultStorageType;
+        }
         if (this.#store.get().status === "anonymous")
             return;
         this.#store.set({ ...EMPTY });
-        this.#persist();
         this.#emitChange();
     }
+    #wipeAllBackends() {
+        if (this.#customStorage) {
+            this.#customStorage.del(this.#storageKey);
+            return;
+        }
+        const builtIn = this.#builtIn;
+        for (const type of BUILT_IN_ORDER) {
+            builtIn[type].del(this.#storageKey);
+        }
+    }
     /** Patch the subject in place without touching the JWT. Used when the
      *  profile manager changes email / linked providers / etc. */
     patchSubject(patch) {
@@ -217,10 +322,10 @@ export class SessionManager {
         this.#persist();
         this.#emitChange();
     }
-    /** Test / reset hook — clears storage AND in-memory state without
+    /** Test / reset hook — clears every backend AND in-memory state without
      *  emitting. Used by teardown. */
     destroy() {
-        this.#storage.del(this.#storageKey);
+        this.#wipeAllBackends();
         this.#store.set({ ...EMPTY });
     }
 }

package/dist/mod.d.ts

@@ -30,3 +30,6 @@ export * from "./domains/mod.js";
 export * from "./types/mod.js";
 export * from "./adapters/mod.js";
 export * from "./oauth/popup.js";
+export type { PubSub, Subscriber, Unsubscriber } from "@marianmeres/pubsub";
+export type { StoreLike } from "@marianmeres/store";
+export type { Clog } from "@marianmeres/clog";

package/dist/oauth/popup.d.ts

@@ -11,37 +11,62 @@
  * For tests, an injectable window-like interface lets us shim `postMessage`
  * via a MessageChannel without a real browser.
  */
+/** `postMessage` shape the server's OAuth callback posts on successful
+ *  login (`action: "login"`). */
 export interface OAuthPopupLoginMessage {
+    /** Discriminator. */
     type: "oauth_login_success";
+    /** Freshly minted JWT. */
     jwt: string;
+    /** Email on the account (after provider-email resolution). */
     email: string;
+    /** Roles assigned to the account. */
     roles?: string[];
+    /** True when the account was created as part of this flow. */
     isNewAccount?: boolean;
+    /** Optional post-login redirect hint the server proposes. */
     redirectUrl?: string;
 }
+/** `postMessage` shape the server posts on successful link
+ *  (`action: "link"`). */
 export interface OAuthPopupLinkMessage {
+    /** Discriminator. */
     type: "oauth_link_success";
+    /** Which provider was just linked. */
     provider: string;
 }
+/** `postMessage` shape the server posts on error. Rejects the promise. */
 export interface OAuthPopupErrorMessage {
+    /** Discriminator. */
     type: "oauth_error";
+    /** Error string suitable for surfacing to the user. */
     error: string;
 }
+/** Union returned by {@link openOAuthPopup}. */
 export type OAuthPopupMessage = OAuthPopupLoginMessage | OAuthPopupLinkMessage;
 /**
  * Minimal window-like surface we need. Real `Window` satisfies this; tests
  * supply a shim.
  */
 export interface PopupWindowHost {
+    /** Open a popup and return a handle, or `null` when blocked. */
     open(url: string, target: string, features?: string): PopupWindowHandle | null;
+    /** Listen for `"message"` events emitted by the popup. */
     addEventListener(type: "message", listener: (event: MessageEvent) => void): void;
+    /** Stop listening for `"message"` events. */
     removeEventListener(type: "message", listener: (event: MessageEvent) => void): void;
 }
+/** Minimal surface of a popup window handle that {@link openOAuthPopup}
+ *  interacts with after `host.open(...)`. */
 export interface PopupWindowHandle {
+    /** Reflects whether the popup has been closed (by the user or server). */
     closed: boolean;
+    /** Bring the popup to the front, when the host supports it. */
     focus?(): void;
+    /** Close the popup programmatically. */
     close?(): void;
 }
+/** Options for {@link openOAuthPopup}. */
 export interface OpenOAuthPopupOptions {
     /** Host window — defaults to `globalThis` when running in the browser. */
     host?: PopupWindowHost;

package/dist/ownsuite.d.ts

@@ -25,7 +25,10 @@ import { SessionManager } from "./domains/session.js";
  * (defaults to reading `row.model_id` or `row.id`).
  */
 export interface OwnsuiteDomainConfig<TRow = any, TCreate = any, TUpdate = any> {
+    /** Adapter that talks to the server for this domain. */
     adapter: OwnedCollectionAdapter<TRow, TCreate, TUpdate>;
+    /** Row-id extractor — used for optimistic update / delete matching.
+     *  Defaults to reading `row.model_id` or `row.id`. */
     getRowId?: (row: TRow) => string;
 }
 /** Top-level ownsuite configuration. */
@@ -76,11 +79,18 @@ export interface SetContextOptions {
  */
 export declare class Ownsuite {
     #private;
-    /** Optional auth/session/profile managers. Present iff `adapters.auth`
-     *  was supplied at construction. */
+    /** Session manager. Present iff `adapters.auth` was supplied at
+     *  construction; otherwise `null`. */
     readonly session: SessionManager | null;
+    /** Auth manager (register/login/OAuth verbs). Present iff
+     *  `adapters.auth` was supplied; otherwise `null`. */
     readonly auth: AuthManager | null;
+    /** Profile manager for `/me`. Present iff BOTH `adapters.auth` and
+     *  `adapters.profile` were supplied; otherwise `null`. */
     readonly profile: ProfileManager | null;
+    /** Build a new suite. See {@link OwnsuiteConfig} for every knob.
+     *  Account-lifecycle managers are attached only when `adapters.auth`
+     *  is supplied. */
     constructor(config?: OwnsuiteConfig);
     /** True after `destroy()` has been called. */
     get isDestroyed(): boolean;
@@ -109,6 +119,7 @@ export declare class Ownsuite {
      *   linger when, e.g., `subjectId` changes).
      */
     setContext(ctx: OwnsuiteContext, options?: SetContextOptions): void;
+    /** Snapshot of the shared context propagated to every domain adapter. */
     getContext(): OwnsuiteContext;
     /** Subscribe to a specific event type. */
     on(type: OwnsuiteEventType, subscriber: Subscriber): Unsubscriber;

package/dist/ownsuite.js

@@ -41,11 +41,18 @@ export class Ownsuite {
     // deno-lint-ignore no-explicit-any
     #domains = new Map();
     #destroyed = false;
-    /** Optional auth/session/profile managers. Present iff `adapters.auth`
-     *  was supplied at construction. */
+    /** Session manager. Present iff `adapters.auth` was supplied at
+     *  construction; otherwise `null`. */
     session = null;
+    /** Auth manager (register/login/OAuth verbs). Present iff
+     *  `adapters.auth` was supplied; otherwise `null`. */
     auth = null;
+    /** Profile manager for `/me`. Present iff BOTH `adapters.auth` and
+     *  `adapters.profile` were supplied; otherwise `null`. */
     profile = null;
+    /** Build a new suite. See {@link OwnsuiteConfig} for every knob.
+     *  Account-lifecycle managers are attached only when `adapters.auth`
+     *  is supplied. */
     constructor(config = {}) {
         this.#pubsub = createPubSub();
         this.#context = { ...(config.context ?? {}) };
@@ -221,6 +228,7 @@ export class Ownsuite {
             }
         }
     }
+    /** Snapshot of the shared context propagated to every domain adapter. */
     getContext() {
         return { ...this.#context };
     }

package/dist/types/adapter.d.ts

@@ -15,7 +15,9 @@ import type { OwnsuiteContext } from "./state.js";
  * whatever shape their server uses and map it here.
  */
 export interface OwnedListResult<TRow> {
+    /** Rows returned by the list call. */
     data: TRow[];
+    /** Pagination / total-count / any arbitrary server-supplied metadata. */
     meta: Record<string, unknown>;
 }
 /**
@@ -23,7 +25,9 @@ export interface OwnedListResult<TRow> {
  * collection package's REST envelope.
  */
 export interface OwnedRowResult<TRow> {
+    /** The row. */
     data: TRow;
+    /** Optional per-row metadata from the server. */
     meta?: Record<string, unknown>;
 }
 /**