@mastra/server 1.16.0-alpha.0 → 1.16.0-alpha.2

package/dist/chunk-P2ZMGGHF.cjs

@@ -1,19 +0,0 @@
-'use strict';
-
-var zod = require('zod');
-
-// src/server/schemas/system.ts
-var mastraPackageSchema = zod.z.object({
-  name: zod.z.string(),
-  version: zod.z.string()
-});
-var systemPackagesResponseSchema = zod.z.object({
-  packages: zod.z.array(mastraPackageSchema),
-  isDev: zod.z.boolean(),
-  cmsEnabled: zod.z.boolean()
-});
-
-exports.mastraPackageSchema = mastraPackageSchema;
-exports.systemPackagesResponseSchema = systemPackagesResponseSchema;
-//# sourceMappingURL=chunk-P2ZMGGHF.cjs.map
-//# sourceMappingURL=chunk-P2ZMGGHF.cjs.map

package/dist/chunk-P2ZMGGHF.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/system.ts"],"names":["z"],"mappings":";;;;;AAEO,IAAM,mBAAA,GAAsBA,MAAE,MAAA,CAAO;AAAA,EAC1C,IAAA,EAAMA,MAAE,MAAA,EAAO;AAAA,EACf,OAAA,EAASA,MAAE,MAAA;AACb,CAAC;AAEM,IAAM,4BAAA,GAA+BA,MAAE,MAAA,CAAO;AAAA,EACnD,QAAA,EAAUA,KAAA,CAAE,KAAA,CAAM,mBAAmB,CAAA;AAAA,EACrC,KAAA,EAAOA,MAAE,OAAA,EAAQ;AAAA,EACjB,UAAA,EAAYA,MAAE,OAAA;AAChB,CAAC","file":"chunk-P2ZMGGHF.cjs","sourcesContent":["import { z } from 'zod';\n\nexport const mastraPackageSchema = z.object({\n  name: z.string(),\n  version: z.string(),\n});\n\nexport const systemPackagesResponseSchema = z.object({\n  packages: z.array(mastraPackageSchema),\n  isDev: z.boolean(),\n  cmsEnabled: z.boolean(),\n});\n\nexport type MastraPackage = z.infer<typeof mastraPackageSchema>;\nexport type SystemPackagesResponse = z.infer<typeof systemPackagesResponseSchema>;\n"]}

package/dist/chunk-P4GHYEST.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":[],"mappings":";AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;AC5DO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAqBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAMnC,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,IACrF;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAE/B,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,EACrF;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,IAC1E;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,QAC1E;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-P4GHYEST.js","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n  protected: ['/api/*'],\n  public: ['/api', '/api/auth/*'],\n  // Simple rule system\n  rules: [\n    // Admin users can do anything\n    {\n      condition: user => {\n        if (typeof user === 'object' && user !== null) {\n          if ('isAdmin' in user) {\n            return !!user.isAdmin;\n          }\n\n          if ('role' in user) {\n            return user.role === 'admin';\n          }\n        }\n        return false;\n      },\n      allow: true,\n    },\n  ],\n};\n","/**\n * Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n *\n * Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nexport interface ParsedPattern {\n  keys: string[] | false;\n  pattern: RegExp;\n}\n\n/**\n * Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/*\n * - Mixed patterns: /api/:version/users/:id\n */\nexport function parse(input: string | RegExp, loose?: boolean): ParsedPattern {\n  if (input instanceof RegExp) return { keys: false, pattern: input };\n\n  let c: string;\n  let o: number;\n  let tmp: string | undefined;\n  let ext: number;\n  const keys: string[] = [];\n  let pattern = '';\n  const arr = input.split('/');\n\n  arr[0] || arr.shift();\n\n  while ((tmp = arr.shift())) {\n    c = tmp[0]!;\n    if (c === '*') {\n      keys.push(c);\n      pattern += tmp[1] === '?' ? '(?:/(.*))?' : '/(.*)';\n    } else if (c === ':') {\n      o = tmp.indexOf('?', 1);\n      ext = tmp.indexOf('.', 1);\n      keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n      pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n      if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n    } else {\n      pattern += '/' + tmp;\n    }\n  }\n\n  return {\n    keys: keys,\n    pattern: new RegExp('^' + pattern + (loose ? '(?=$|/)' : '/?$'), 'i'),\n  };\n}\n\n/**\n * Test if a path matches a pattern\n */\nexport function matchPath(path: string, pattern: string | RegExp): boolean {\n  const { pattern: regex } = parse(pattern);\n  return regex.test(path);\n}\n","import type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { MastraAuthConfig } from '@mastra/core/server';\n\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/**\n * Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n */\nexport const isProtectedCustomRoute = (\n  path: string,\n  method: string,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  if (!customRouteAuthConfig) {\n    return false;\n  }\n\n  // Check exact match first (fast path for static routes)\n  const exactRouteKey = `${method}:${path}`;\n  if (customRouteAuthConfig.has(exactRouteKey)) {\n    return customRouteAuthConfig.get(exactRouteKey) === true;\n  }\n\n  // Check exact match for ALL method\n  const allRouteKey = `ALL:${path}`;\n  if (customRouteAuthConfig.has(allRouteKey)) {\n    return customRouteAuthConfig.get(allRouteKey) === true;\n  }\n\n  // Check pattern matches for dynamic routes (e.g., '/users/:id')\n  for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n    const colonIndex = routeKey.indexOf(':');\n    if (colonIndex === -1) {\n      continue; // Skip malformed keys\n    }\n\n    const routeMethod = routeKey.substring(0, colonIndex);\n    const routePattern = routeKey.substring(colonIndex + 1);\n\n    // Check if method matches (exact match or ALL)\n    if (routeMethod !== method && routeMethod !== 'ALL') {\n      continue;\n    }\n\n    // Check if path matches the pattern\n    if (pathMatchesPattern(path, routePattern)) {\n      return requiresAuth === true;\n    }\n  }\n\n  return false; // Not in config = not a protected custom route\n};\n\n/**\n * Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n */\nexport const isDevPlaygroundRequest = (\n  path: string,\n  method: string,\n  getHeader: (name: string) => string | undefined,\n  authConfig: MastraAuthConfig,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n  return (\n    process.env.MASTRA_DEV === 'true' &&\n    // Allow if path doesn't match protected patterns AND is not a protected custom route\n    ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) ||\n      // Or if has playground header\n      getHeader('x-mastra-dev-playground') === 'true')\n  );\n};\n\nexport const isCustomRoutePublic = (\n  path: string,\n  method: string,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  if (!customRouteAuthConfig) {\n    return false;\n  }\n\n  // Check exact match first (fast path for static routes)\n  const exactRouteKey = `${method}:${path}`;\n  if (customRouteAuthConfig.has(exactRouteKey)) {\n    return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n  }\n\n  // Check exact match for ALL method\n  const allRouteKey = `ALL:${path}`;\n  if (customRouteAuthConfig.has(allRouteKey)) {\n    return !customRouteAuthConfig.get(allRouteKey);\n  }\n\n  // Check pattern matches for dynamic routes (e.g., '/users/:id')\n  for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n    const colonIndex = routeKey.indexOf(':');\n    if (colonIndex === -1) {\n      continue; // Skip malformed keys\n    }\n\n    const routeMethod = routeKey.substring(0, colonIndex);\n    const routePattern = routeKey.substring(colonIndex + 1);\n\n    // Check if method matches (exact match or ALL)\n    if (routeMethod !== method && routeMethod !== 'ALL') {\n      continue;\n    }\n\n    // Check if path matches the pattern\n    if (pathMatchesPattern(path, routePattern)) {\n      return !requiresAuth; // True when route opts out of auth\n    }\n  }\n\n  return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/*' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n  path: string,\n  method: string,\n  authConfig: MastraAuthConfig,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n  return isAnyMatch(path, method, protectedAccess) || isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n  // Check if this path+method combination is publicly accessible\n  const publicAccess = [...(defaultAuthConfig.public || []), ...(authConfig.public || [])];\n\n  return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n  path: string,\n  method: string,\n  patterns: MastraAuthConfig['protected'] | MastraAuthConfig['public'],\n): boolean => {\n  if (!patterns) {\n    return false;\n  }\n\n  for (const patternPathOrMethod of patterns) {\n    if (patternPathOrMethod instanceof RegExp) {\n      if (patternPathOrMethod.test(path)) {\n        return true;\n      }\n    }\n\n    if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n      return true;\n    }\n\n    if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n      const [pattern, methodOrMethods] = patternPathOrMethod;\n      if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n        return true;\n      }\n    }\n  }\n\n  return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n  // Use regexparam for battle-tested path matching\n  // Supports:\n  // - Exact paths: '/api/users'\n  // - Wildcards: '/api/agents/*' matches '/api/agents/123'\n  // - Path parameters: '/users/:id' matches '/users/123'\n  // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n  // - Mixed patterns: '/api/:version/users/:id/profile'\n  const { pattern: regex } = parse(pattern);\n  return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string | RegExp | string[] | undefined): boolean => {\n  if (!rulePath) return true; // No path specified means all paths\n\n  if (typeof rulePath === 'string') {\n    return pathMatchesPattern(path, rulePath);\n  }\n\n  if (rulePath instanceof RegExp) {\n    return rulePath.test(path);\n  }\n\n  if (Array.isArray(rulePath)) {\n    return rulePath.some(p => pathMatchesPattern(path, p));\n  }\n\n  return false;\n};\n\nexport const matchesOrIncludes = (values: string | string[], value: string): boolean => {\n  if (typeof values === 'string') {\n    return values === value;\n  }\n\n  if (Array.isArray(values)) {\n    return values.includes(value);\n  }\n\n  return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n  path: string;\n  method: string;\n  getHeader: (name: string) => string | undefined;\n  mastra: Mastra;\n  authConfig: MastraAuthConfig;\n  customRouteAuthConfig?: Map<string, boolean>;\n  requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n  rawRequest: unknown;\n  token: string | null;\n  buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult = { action: 'next' } | { action: 'error'; status: number; body: Record<string, unknown> };\n\nconst pass: AuthResult = { action: 'next' };\n\n/**\n * Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n  const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n  // ── Skip checks (evaluated once) ──\n\n  // Only bypass auth for dev playground when no real auth provider is configured.\n  // When auth IS configured (has authenticateToken), we need the full auth flow\n  // so user/roles/permissions are set in requestContext.\n  const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n  if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n    return pass;\n  }\n\n  if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n    return pass;\n  }\n\n  if (canAccessPublicly(path, method, authConfig)) {\n    return pass;\n  }\n\n  // ── Authentication ──\n\n  let user: unknown;\n\n  try {\n    if (typeof authConfig.authenticateToken === 'function') {\n      user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n    } else {\n      throw new Error('No token verification method configured');\n    }\n\n    if (!user) {\n      return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n    }\n\n    requestContext.set('user', user);\n\n    try {\n      const serverConfig = mastra.getServer();\n      const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n\n      if (rbacProvider) {\n        if (!user || typeof user !== 'object' || !('id' in user)) {\n          mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n        } else {\n          const permissions = await rbacProvider.getPermissions(user as EEUser);\n          requestContext.set('userPermissions', permissions);\n\n          const roles = await rbacProvider.getRoles(user as EEUser);\n          requestContext.set('userRoles', roles);\n        }\n      }\n    } catch (rbacError) {\n      mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n        error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n      });\n    }\n  } catch (err) {\n    mastra.getLogger()?.error('Authentication error', {\n      error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n    });\n    return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n  }\n\n  // ── Authorization ──\n\n  if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n    try {\n      const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n      if (!isAuthorized) {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    } catch (err) {\n      mastra.getLogger()?.error('Authorization error in authorizeUser', {\n        error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n      });\n      return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n    }\n  } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n    try {\n      const authorizeCtx = ctx.buildAuthorizeContext();\n      const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n      if (!isAuthorized) {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    } catch (err) {\n      mastra.getLogger()?.error('Authorization error in authorize', {\n        error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n        path,\n        method,\n      });\n      return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n    }\n  } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n    const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n    if (!isAuthorized) {\n      return { action: 'error', status: 403, body: { error: 'Access denied' } };\n    }\n  } else {\n    // No explicit authorization configured (authorizeUser, authorize, or rules)\n    // Check if RBAC is configured - if not, allow authenticated users through\n    // (auth-only mode = authenticated users get full access)\n    const rbacProvider = mastra.getServer()?.rbac;\n    if (rbacProvider) {\n      if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n        const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n        if (!isAuthorized) {\n          return { action: 'error', status: 403, body: { error: 'Access denied' } };\n        }\n      } else {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    }\n  }\n\n  return pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n  rules: MastraAuthConfig['rules'],\n  path: string,\n  method: string,\n  user: unknown,\n): Promise<boolean> => {\n  // Go through rules in order (first match wins)\n  for (const i in rules || []) {\n    const rule = rules?.[i]!;\n    // Check if rule applies to this path\n    if (!pathMatchesRule(path, rule.path)) {\n      continue;\n    }\n\n    // Check if rule applies to this method\n    if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n      continue;\n    }\n\n    // Rule matches, check conditions\n    const condition = rule.condition;\n    if (typeof condition === 'function') {\n      const allowed = await Promise.resolve()\n        .then(() => condition(user))\n        .catch(() => false);\n\n      if (allowed) {\n        return true;\n      }\n    } else if (rule.allow) {\n      return true;\n    }\n  }\n\n  // No matching rules, deny by default\n  return false;\n};\n"]}

package/dist/chunk-PNJPBMSY.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/processors.ts"],"names":[],"mappings":";;;AAGO,IAAM,qBAAA,GAAwB,EAAE,MAAA,CAAO;AAAA,EAC5C,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qCAAqC;AACxE,CAAC;AAKM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,OAAA,EAAS,EAAE,MAAA,EAAO;AAAA,EAClB,SAAA,EAAW,EAAE,MAAA,EAAO;AAAA,EACpB,MAAM,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,QAAQ,CAAC;AAClC,CAAC;AAKD,IAAM,gCAAA,GAAmC,EAAE,MAAA,CAAO;AAAA,EAChD,OAAA,EAAS,EAAE,MAAA,EAAO;AAAA,EAClB,MAAM,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,QAAQ,CAAC;AAClC,CAAC,CAAA;AAKM,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,MAAA,EAAQ,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,WAAA,EAAa,cAAA,EAAgB,cAAA,EAAgB,YAAY,CAAC,CAAC,CAAA;AAAA,EAC5F,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA;AAAA,EAC5B,cAAA,EAAgB,CAAA,CAAE,KAAA,CAAM,gCAAgC,CAAA;AAAA,EACxD,UAAA,EAAY,EAAE,OAAA;AAChB,CAAC;AAKM,IAAM,+BAAA,GAAkC,EAAE,MAAA,CAAO;AAAA,EACtD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,MAAA,EAAQ,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,WAAA,EAAa,cAAA,EAAgB,cAAA,EAAgB,YAAY,CAAC,CAAC,CAAA;AAAA,EAC5F,cAAA,EAAgB,CAAA,CAAE,KAAA,CAAM,4BAA4B,CAAA;AAAA,EACpD,UAAA,EAAY,EAAE,OAAA;AAChB,CAAC;AAKM,IAAM,+BAA+B,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,yBAAyB;AAK1F,IAAM,oBAAA,GAAuB,EAC1B,MAAA,CAAO;AAAA,EACN,MAAA,EAAQ,CAAA,CAAE,OAAA,CAAQ,CAAC,EAAE,QAAA,EAAS;AAAA,EAC9B,OAAO,CAAA,CAAE,KAAA,CAAM,EAAE,GAAA,EAAK,EAAE,QAAA,EAAS;AAAA,EACjC,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACtB,CAAC,EACA,WAAA,EAAY;AAKf,IAAM,sBAAA,GAAyB,EAC5B,MAAA,CAAO;AAAA,EACN,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAM,EAAE,IAAA,CAAK,CAAC,QAAQ,WAAA,EAAa,QAAA,EAAU,MAAM,CAAC,CAAA;AAAA,EACpD,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACpC,OAAA,EAAS,EAAE,KAAA,CAAM,CAAC,sBAAsB,CAAA,CAAE,MAAA,EAAQ,CAAC;AACrD,CAAC,EACA,WAAA,EAAY;AAKR,IAAM,0BAAA,GAA6B,EAAE,MAAA,CAAO;AAAA,EACjD,KAAA,EAAO,EAAE,IAAA,CAAK,CAAC,SAAS,WAAA,EAAa,cAAA,EAAgB,cAAA,EAAgB,YAAY,CAAC,CAAA;AAAA,EAClF,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,sBAAsB,CAAA;AAAA,EACxC,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,GAAA,EAAK,CAAA,CAAE,QAAA;AAChD,CAAC;AAKD,IAAM,cAAA,GAAiB,EAAE,MAAA,CAAO;AAAA,EAC9B,SAAA,EAAW,EAAE,OAAA,EAAQ;AAAA,EACrB,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,QAAA,EAAU,CAAA,CAAE,GAAA,EAAI,CAAE,QAAA;AACpB,CAAC,CAAA;AAKM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,OAAA,EAAS,EAAE,OAAA,EAAQ;AAAA,EACnB,KAAA,EAAO,EAAE,MAAA,EAAO;AAAA,EAChB,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,sBAAsB,EAAE,QAAA,EAAS;AAAA,EACnD,WAAA,EAAa,EACV,MAAA,CAAO;AAAA,IACN,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,sBAAsB;AAAA,GACzC,EACA,QAAA,EAAS;AAAA,EACZ,QAAA,EAAU,eAAe,QAAA,EAAS;AAAA,EAClC,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC","file":"chunk-PNJPBMSY.js","sourcesContent":["import z from 'zod';\n\n// Path parameter schemas\nexport const processorIdPathParams = z.object({\n  processorId: z.string().describe('Unique identifier for the processor'),\n});\n\n/**\n * Schema for processor configuration (how it's attached to an agent)\n */\nexport const processorConfigurationSchema = z.object({\n  agentId: z.string(),\n  agentName: z.string(),\n  type: z.enum(['input', 'output']),\n});\n\n/**\n * Schema for processor configuration in list response (simplified)\n */\nconst processorListConfigurationSchema = z.object({\n  agentId: z.string(),\n  type: z.enum(['input', 'output']),\n});\n\n/**\n * Schema for processor in list response\n */\nexport const serializedProcessorSchema = z.object({\n  id: z.string(),\n  name: z.string().optional(),\n  description: z.string().optional(),\n  phases: z.array(z.enum(['input', 'inputStep', 'outputStream', 'outputResult', 'outputStep'])),\n  agentIds: z.array(z.string()),\n  configurations: z.array(processorListConfigurationSchema),\n  isWorkflow: z.boolean(),\n});\n\n/**\n * Schema for detailed processor response\n */\nexport const serializedProcessorDetailSchema = z.object({\n  id: z.string(),\n  name: z.string().optional(),\n  description: z.string().optional(),\n  phases: z.array(z.enum(['input', 'inputStep', 'outputStream', 'outputResult', 'outputStep'])),\n  configurations: z.array(processorConfigurationSchema),\n  isWorkflow: z.boolean(),\n});\n\n/**\n * Schema for list processors endpoint response\n */\nexport const listProcessorsResponseSchema = z.record(z.string(), serializedProcessorSchema);\n\n/**\n * Schema for message content in processor execution\n */\nconst messageContentSchema = z\n  .object({\n    format: z.literal(2).optional(),\n    parts: z.array(z.any()).optional(),\n    content: z.string().optional(),\n  })\n  .passthrough();\n\n/**\n * Schema for a message in processor execution\n */\nconst processorMessageSchema = z\n  .object({\n    id: z.string(),\n    role: z.enum(['user', 'assistant', 'system', 'tool']),\n    createdAt: z.coerce.date().optional(),\n    content: z.union([messageContentSchema, z.string()]),\n  })\n  .passthrough();\n\n/**\n * Body schema for executing a processor\n */\nexport const executeProcessorBodySchema = z.object({\n  phase: z.enum(['input', 'inputStep', 'outputStream', 'outputResult', 'outputStep']),\n  messages: z.array(processorMessageSchema),\n  agentId: z.string().optional(),\n  requestContext: z.record(z.string(), z.any()).optional(),\n});\n\n/**\n * Schema for tripwire result\n */\nconst tripwireSchema = z.object({\n  triggered: z.boolean(),\n  reason: z.string().optional(),\n  metadata: z.any().optional(),\n});\n\n/**\n * Response schema for processor execution\n */\nexport const executeProcessorResponseSchema = z.object({\n  success: z.boolean(),\n  phase: z.string(),\n  messages: z.array(processorMessageSchema).optional(),\n  messageList: z\n    .object({\n      messages: z.array(processorMessageSchema),\n    })\n    .optional(),\n  tripwire: tripwireSchema.optional(),\n  error: z.string().optional(),\n});\n"]}

package/dist/chunk-PONEV4T5.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/prompt-block-versions.ts"],"names":[],"mappings":";;;;AAcO,IAAM,kCAAA,GAAqC;AAC3C,IAAM,qCAAA,GAAwC;AAC9C,IAAM,kCAAA,GAAqC;AAM3C,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,+CAA+C;AACpF,CAAC;AAEM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,+CAA+C,CAAA;AAAA,EAClF,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C;AAC3E,CAAC;AAMM,IAAM,wBAAA,GAA2B,EAAE,MAAA,CAAO;AAAA,EAC/C,EAAA,EAAI,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA,EAClE,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,gDAAgD,CAAA;AAAA,EAC7E,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA;AAAA,EAE7E,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kCAAkC,CAAA;AAAA,EAC5D,aAAa,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACjE,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kDAAkD,CAAA;AAAA,EAC/E,KAAA,EAAO,eAAA,CAAgB,QAAA,EAAS,CAAE,SAAS,iCAAiC,CAAA;AAAA,EAC5E,oBAAA,EAAsB,CAAA,CACnB,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAC9B,QAAA,EAAS,CACT,SAAS,4FAA4F,CAAA;AAAA;AAAA,EAExG,aAAA,EAAe,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,6DAA6D,CAAA;AAAA,EACpH,eAAe,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,yCAAyC,CAAA;AAAA,EACvF,WAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK,CAAE,SAAS,+BAA+B;AACrE,CAAC;AAEM,IAAM,qCAAA,GAAwC,iCAAiC,wBAAwB;AAEvG,IAAM,mCAAA,GAAsC;AAE5C,IAAM,sCAAA,GAAyC,wBAAA,CAAyB,OAAA,EAAQ,CAAE,KAAA;AAAA,EACvF,EAAE,MAAA,CAAO;AAAA,IACP,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,IACb,OAAA,EAAS,EAAE,MAAA,EAAO;AAAA,IAClB,aAAA,EAAe,EAAE,MAAA,EAAO;AAAA,IACxB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AAAK,GAC1B;AACH;AAEO,IAAM,wCAAA,GAA2C;AAEjD,IAAM,uCAAA,GAA0C;AAEhD,IAAM,sCAAA,GAAyC;AAE/C,IAAM,wCAAA,GAA2C,oCAAoC,wBAAwB","file":"chunk-PONEV4T5.js","sourcesContent":["import z from 'zod';\nimport { ruleGroupSchema } from './rule-group';\nimport {\n  listVersionsQuerySchema,\n  compareVersionsQuerySchema,\n  createVersionBodySchema,\n  activateVersionResponseSchema,\n  deleteVersionResponseSchema,\n  versionDiffEntrySchema,\n  createListVersionsResponseSchema,\n  createCompareVersionsResponseSchema,\n} from './version-common';\n\n// Re-export shared schemas under domain-specific names\nexport const listPromptBlockVersionsQuerySchema = listVersionsQuerySchema;\nexport const comparePromptBlockVersionsQuerySchema = compareVersionsQuerySchema;\nexport const createPromptBlockVersionBodySchema = createVersionBodySchema;\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const promptBlockVersionPathParams = z.object({\n  promptBlockId: z.string().describe('Unique identifier for the stored prompt block'),\n});\n\nexport const promptBlockVersionIdPathParams = z.object({\n  promptBlockId: z.string().describe('Unique identifier for the stored prompt block'),\n  versionId: z.string().describe('Unique identifier for the version (UUID)'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\nexport const promptBlockVersionSchema = z.object({\n  id: z.string().describe('Unique identifier for the version (UUID)'),\n  blockId: z.string().describe('ID of the prompt block this version belongs to'),\n  versionNumber: z.number().describe('Sequential version number (1, 2, 3, ...)'),\n  // Snapshot config fields\n  name: z.string().describe('Display name of the prompt block'),\n  description: z.string().optional().describe('Purpose description'),\n  content: z.string().describe('Template content with {{variable}} interpolation'),\n  rules: ruleGroupSchema.optional().describe('Rules for conditional inclusion'),\n  requestContextSchema: z\n    .record(z.string(), z.unknown())\n    .optional()\n    .describe('JSON Schema defining available variables for {{variableName}} interpolation and conditions'),\n  // Version metadata\n  changedFields: z.array(z.string()).optional().describe('Array of field names that changed from the previous version'),\n  changeMessage: z.string().optional().describe('Optional message describing the changes'),\n  createdAt: z.coerce.date().describe('When this version was created'),\n});\n\nexport const listPromptBlockVersionsResponseSchema = createListVersionsResponseSchema(promptBlockVersionSchema);\n\nexport const getPromptBlockVersionResponseSchema = promptBlockVersionSchema;\n\nexport const createPromptBlockVersionResponseSchema = promptBlockVersionSchema.partial().merge(\n  z.object({\n    id: z.string(),\n    blockId: z.string(),\n    versionNumber: z.number(),\n    createdAt: z.coerce.date(),\n  }),\n);\n\nexport const activatePromptBlockVersionResponseSchema = activateVersionResponseSchema;\n\nexport const restorePromptBlockVersionResponseSchema = promptBlockVersionSchema;\n\nexport const deletePromptBlockVersionResponseSchema = deleteVersionResponseSchema;\n\nexport const comparePromptBlockVersionsResponseSchema = createCompareVersionsResponseSchema(promptBlockVersionSchema);\n\nexport { versionDiffEntrySchema };\n"]}

package/dist/chunk-QB3ZGAO4.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/tool-providers.ts"],"names":[],"mappings":";;;AAMO,IAAM,wBAAA,GAA2B,EAAE,MAAA,CAAO;AAAA,EAC/C,UAAA,EAAY,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,yCAAyC;AAC3E,CAAC;AAEM,IAAM,kBAAA,GAAqB,yBAAyB,MAAA,CAAO;AAAA,EAChE,QAAA,EAAU,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,8BAA8B;AAC9D,CAAC;AAMM,IAAM,gCAAA,GAAmC,EAAE,MAAA,CAAO;AAAA,EACvD,SAAS,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,8BAA8B,CAAA;AAAA,EACtE,QAAQ,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qCAAqC,CAAA;AAAA,EAC5E,IAAA,EAAM,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EACxE,OAAA,EAAS,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,0BAA0B;AAC3E,CAAC;AAMD,IAAM,gBAAA,GAAmB,EACtB,MAAA,CAAO;AAAA,EACN,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,OAAA,EAAS,EAAE,OAAA;AACb,CAAC,EACA,QAAA,EAAS;AAEL,IAAM,+BAAA,GAAkC,EAAE,MAAA,CAAO;AAAA,EACtD,WAAW,CAAA,CAAE,KAAA;AAAA,IACX,EAAE,MAAA,CAAO;AAAA,MACP,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,MACb,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,MACf,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,KAClC;AAAA;AAEL,CAAC;AAEM,IAAM,sCAAA,GAAyC,EAAE,MAAA,CAAO;AAAA,EAC7D,MAAM,CAAA,CAAE,KAAA;AAAA,IACN,EAAE,MAAA,CAAO;AAAA,MACP,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,MACf,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,MACf,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MACjC,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,KAC3B;AAAA,GACH;AAAA,EACA,UAAA,EAAY;AACd,CAAC;AAEM,IAAM,mCAAA,GAAsC,EAAE,MAAA,CAAO;AAAA,EAC1D,MAAM,CAAA,CAAE,KAAA;AAAA,IACN,EAAE,MAAA,CAAO;AAAA,MACP,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,MACf,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,MACf,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MACjC,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,KAC9B;AAAA,GACH;AAAA,EACA,UAAA,EAAY;AACd,CAAC;AAEM,IAAM,uCAAA,GAA0C,EAAE,MAAA,CAAO,CAAA,CAAE,QAAO,EAAG,CAAA,CAAE,SAAS","file":"chunk-QB3ZGAO4.js","sourcesContent":["import z from 'zod';\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const toolProviderIdPathParams = z.object({\n  providerId: z.string().describe('Unique identifier for the tool provider'),\n});\n\nexport const toolSlugPathParams = toolProviderIdPathParams.extend({\n  toolSlug: z.string().describe('Slug identifier for the tool'),\n});\n\n// ============================================================================\n// Query Parameter Schemas\n// ============================================================================\n\nexport const listToolProviderToolsQuerySchema = z.object({\n  toolkit: z.string().optional().describe('Filter tools by toolkit slug'),\n  search: z.string().optional().describe('Search tools by name or description'),\n  page: z.coerce.number().optional().describe('Page number for pagination'),\n  perPage: z.coerce.number().optional().describe('Number of items per page'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\nconst paginationSchema = z\n  .object({\n    total: z.number().optional(),\n    page: z.number().optional(),\n    perPage: z.number().optional(),\n    hasMore: z.boolean(),\n  })\n  .optional();\n\nexport const listToolProvidersResponseSchema = z.object({\n  providers: z.array(\n    z.object({\n      id: z.string(),\n      name: z.string(),\n      description: z.string().optional(),\n    }),\n  ),\n});\n\nexport const listToolProviderToolkitsResponseSchema = z.object({\n  data: z.array(\n    z.object({\n      slug: z.string(),\n      name: z.string(),\n      description: z.string().optional(),\n      icon: z.string().optional(),\n    }),\n  ),\n  pagination: paginationSchema,\n});\n\nexport const listToolProviderToolsResponseSchema = z.object({\n  data: z.array(\n    z.object({\n      slug: z.string(),\n      name: z.string(),\n      description: z.string().optional(),\n      toolkit: z.string().optional(),\n    }),\n  ),\n  pagination: paginationSchema,\n});\n\nexport const getToolProviderToolSchemaResponseSchema = z.record(z.string(), z.unknown());\n"]}

package/dist/chunk-QIP5UCDX.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/system.ts"],"names":[],"mappings":";;;AAEO,IAAM,mBAAA,GAAsB,EAAE,MAAA,CAAO;AAAA,EAC1C,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,EACf,OAAA,EAAS,EAAE,MAAA;AACb,CAAC;AAEM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,mBAAmB,CAAA;AAAA,EACrC,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,EACjB,UAAA,EAAY,EAAE,OAAA;AAChB,CAAC","file":"chunk-QIP5UCDX.js","sourcesContent":["import { z } from 'zod';\n\nexport const mastraPackageSchema = z.object({\n  name: z.string(),\n  version: z.string(),\n});\n\nexport const systemPackagesResponseSchema = z.object({\n  packages: z.array(mastraPackageSchema),\n  isDev: z.boolean(),\n  cmsEnabled: z.boolean(),\n});\n\nexport type MastraPackage = z.infer<typeof mastraPackageSchema>;\nexport type SystemPackagesResponse = z.infer<typeof systemPackagesResponseSchema>;\n"]}

package/dist/chunk-QTBCX6KF.cjs

@@ -1,84 +0,0 @@
-'use strict';
-
-var chunkZYXDUS6Q_cjs = require('./chunk-ZYXDUS6Q.cjs');
-var zod = require('zod');
-
-var mcpServerIdPathParams = zod.z.object({
-  serverId: zod.z.string().describe("MCP server ID")
-});
-var mcpServerDetailPathParams = zod.z.object({
-  id: zod.z.string().describe("MCP server ID")
-});
-var mcpServerToolPathParams = zod.z.object({
-  serverId: zod.z.string().describe("MCP server ID"),
-  toolId: zod.z.string().describe("Tool ID")
-});
-var executeToolBodySchema = zod.z.object({
-  data: zod.z.unknown().optional()
-});
-var listMcpServersQuerySchema = chunkZYXDUS6Q_cjs.createCombinedPaginationSchema();
-var getMcpServerDetailQuerySchema = zod.z.object({
-  version: zod.z.string().optional()
-});
-var versionDetailSchema = zod.z.object({
-  version: zod.z.string(),
-  release_date: zod.z.string(),
-  is_latest: zod.z.boolean()
-});
-var serverInfoSchema = zod.z.object({
-  id: zod.z.string(),
-  name: zod.z.string(),
-  version_detail: versionDetailSchema
-});
-var listMcpServersResponseSchema = zod.z.object({
-  servers: zod.z.array(serverInfoSchema),
-  total_count: zod.z.number(),
-  next: zod.z.string().nullable()
-});
-var serverDetailSchema = zod.z.object({
-  id: zod.z.string(),
-  name: zod.z.string(),
-  description: zod.z.string().optional(),
-  version_detail: versionDetailSchema,
-  package_canonical: zod.z.string().optional(),
-  packages: zod.z.array(zod.z.unknown()).optional(),
-  remotes: zod.z.array(zod.z.unknown()).optional()
-});
-var mcpToolInfoSchema = zod.z.object({
-  name: zod.z.string(),
-  description: zod.z.string().optional(),
-  inputSchema: zod.z.unknown(),
-  outputSchema: zod.z.unknown().optional(),
-  toolType: zod.z.string().optional()
-});
-var listMcpServerToolsResponseSchema = zod.z.object({
-  tools: zod.z.array(mcpToolInfoSchema)
-});
-var executeToolResponseSchema = zod.z.object({
-  result: zod.z.unknown()
-});
-var jsonRpcErrorSchema = zod.z.object({
-  jsonrpc: zod.z.literal("2.0"),
-  error: zod.z.object({
-    code: zod.z.number(),
-    message: zod.z.string()
-  }),
-  id: zod.z.null()
-});
-
-exports.executeToolBodySchema = executeToolBodySchema;
-exports.executeToolResponseSchema = executeToolResponseSchema;
-exports.getMcpServerDetailQuerySchema = getMcpServerDetailQuerySchema;
-exports.jsonRpcErrorSchema = jsonRpcErrorSchema;
-exports.listMcpServerToolsResponseSchema = listMcpServerToolsResponseSchema;
-exports.listMcpServersQuerySchema = listMcpServersQuerySchema;
-exports.listMcpServersResponseSchema = listMcpServersResponseSchema;
-exports.mcpServerDetailPathParams = mcpServerDetailPathParams;
-exports.mcpServerIdPathParams = mcpServerIdPathParams;
-exports.mcpServerToolPathParams = mcpServerToolPathParams;
-exports.mcpToolInfoSchema = mcpToolInfoSchema;
-exports.serverDetailSchema = serverDetailSchema;
-exports.serverInfoSchema = serverInfoSchema;
-exports.versionDetailSchema = versionDetailSchema;
-//# sourceMappingURL=chunk-QTBCX6KF.cjs.map
-//# sourceMappingURL=chunk-QTBCX6KF.cjs.map

package/dist/chunk-QTBCX6KF.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/mcp.ts"],"names":["z","createCombinedPaginationSchema"],"mappings":";;;;;AAIO,IAAM,qBAAA,GAAwBA,MAAE,MAAA,CAAO;AAAA,EAC5C,QAAA,EAAUA,KAAA,CAAE,MAAA,EAAO,CAAE,SAAS,eAAe;AAC/C,CAAC;AAEM,IAAM,yBAAA,GAA4BA,MAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAIA,KAAA,CAAE,MAAA,EAAO,CAAE,SAAS,eAAe;AACzC,CAAC;AAEM,IAAM,uBAAA,GAA0BA,MAAE,MAAA,CAAO;AAAA,EAC9C,QAAA,EAAUA,KAAA,CAAE,MAAA,EAAO,CAAE,SAAS,eAAe,CAAA;AAAA,EAC7C,MAAA,EAAQA,KAAA,CAAE,MAAA,EAAO,CAAE,SAAS,SAAS;AACvC,CAAC;AAEM,IAAM,qBAAA,GAAwBA,MAAE,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAMA,KAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACpB,CAAC;AAIM,IAAM,4BAA4BC,gDAAA;AAElC,IAAM,6BAAA,GAAgCD,MAAE,MAAA,CAAO;AAAA,EACpD,OAAA,EAASA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACtB,CAAC;AAGM,IAAM,mBAAA,GAAsBA,MAAE,MAAA,CAAO;AAAA,EAC1C,OAAA,EAASA,MAAE,MAAA,EAAO;AAAA,EAClB,YAAA,EAAcA,MAAE,MAAA,EAAO;AAAA,EACvB,SAAA,EAAWA,MAAE,OAAA;AACf,CAAC;AAEM,IAAM,gBAAA,GAAmBA,MAAE,MAAA,CAAO;AAAA,EACvC,EAAA,EAAIA,MAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAMA,MAAE,MAAA,EAAO;AAAA,EACf,cAAA,EAAgB;AAClB,CAAC;AAEM,IAAM,4BAAA,GAA+BA,MAAE,MAAA,CAAO;AAAA,EACnD,OAAA,EAASA,KAAA,CAAE,KAAA,CAAM,gBAAgB,CAAA;AAAA,EACjC,WAAA,EAAaA,MAAE,MAAA,EAAO;AAAA,EACtB,IAAA,EAAMA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC;AAEM,IAAM,kBAAA,GAAqBA,MAAE,MAAA,CAAO;AAAA,EACzC,EAAA,EAAIA,MAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAMA,MAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,cAAA,EAAgB,mBAAA;AAAA,EAChB,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,UAAUA,KAAA,CAAE,KAAA,CAAMA,MAAE,OAAA,EAAS,EAAE,QAAA,EAAS;AAAA,EACxC,SAASA,KAAA,CAAE,KAAA,CAAMA,MAAE,OAAA,EAAS,EAAE,QAAA;AAChC,CAAC;AAGM,IAAM,iBAAA,GAAoBA,MAAE,MAAA,CAAO;AAAA,EACxC,IAAA,EAAMA,MAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,WAAA,EAAaA,MAAE,OAAA,EAAQ;AAAA,EACvB,YAAA,EAAcA,KAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACnC,QAAA,EAAUA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACvB,CAAC;AAEM,IAAM,gCAAA,GAAmCA,MAAE,MAAA,CAAO;AAAA,EACvD,KAAA,EAAOA,KAAA,CAAE,KAAA,CAAM,iBAAiB;AAClC,CAAC;AAEM,IAAM,yBAAA,GAA4BA,MAAE,MAAA,CAAO;AAAA,EAChD,MAAA,EAAQA,MAAE,OAAA;AACZ,CAAC;AAGM,IAAM,kBAAA,GAAqBA,MAAE,MAAA,CAAO;AAAA,EACzC,OAAA,EAASA,KAAA,CAAE,OAAA,CAAQ,KAAK,CAAA;AAAA,EACxB,KAAA,EAAOA,MAAE,MAAA,CAAO;AAAA,IACd,IAAA,EAAMA,MAAE,MAAA,EAAO;AAAA,IACf,OAAA,EAASA,MAAE,MAAA;AAAO,GACnB,CAAA;AAAA,EACD,EAAA,EAAIA,MAAE,IAAA;AACR,CAAC","file":"chunk-QTBCX6KF.cjs","sourcesContent":["import { z } from 'zod';\nimport { createCombinedPaginationSchema } from './common';\n\n// Path parameters\nexport const mcpServerIdPathParams = z.object({\n  serverId: z.string().describe('MCP server ID'),\n});\n\nexport const mcpServerDetailPathParams = z.object({\n  id: z.string().describe('MCP server ID'),\n});\n\nexport const mcpServerToolPathParams = z.object({\n  serverId: z.string().describe('MCP server ID'),\n  toolId: z.string().describe('Tool ID'),\n});\n\nexport const executeToolBodySchema = z.object({\n  data: z.unknown().optional(),\n});\n\n// Query parameters\n// Supports both page/perPage and limit/offset for backwards compatibility\nexport const listMcpServersQuerySchema = createCombinedPaginationSchema();\n\nexport const getMcpServerDetailQuerySchema = z.object({\n  version: z.string().optional(),\n});\n\n// Response schemas\nexport const versionDetailSchema = z.object({\n  version: z.string(),\n  release_date: z.string(),\n  is_latest: z.boolean(),\n});\n\nexport const serverInfoSchema = z.object({\n  id: z.string(),\n  name: z.string(),\n  version_detail: versionDetailSchema,\n});\n\nexport const listMcpServersResponseSchema = z.object({\n  servers: z.array(serverInfoSchema),\n  total_count: z.number(),\n  next: z.string().nullable(),\n});\n\nexport const serverDetailSchema = z.object({\n  id: z.string(),\n  name: z.string(),\n  description: z.string().optional(),\n  version_detail: versionDetailSchema,\n  package_canonical: z.string().optional(),\n  packages: z.array(z.unknown()).optional(),\n  remotes: z.array(z.unknown()).optional(),\n});\n\n// Tool schemas\nexport const mcpToolInfoSchema = z.object({\n  name: z.string(),\n  description: z.string().optional(),\n  inputSchema: z.unknown(),\n  outputSchema: z.unknown().optional(),\n  toolType: z.string().optional(),\n});\n\nexport const listMcpServerToolsResponseSchema = z.object({\n  tools: z.array(mcpToolInfoSchema),\n});\n\nexport const executeToolResponseSchema = z.object({\n  result: z.unknown(),\n});\n\n// JSON-RPC error response schema\nexport const jsonRpcErrorSchema = z.object({\n  jsonrpc: z.literal('2.0'),\n  error: z.object({\n    code: z.number(),\n    message: z.string(),\n  }),\n  id: z.null(),\n});\n"]}

package/dist/chunk-QVMLEJ63.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":[],"mappings":";;;AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;AC5DO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAqBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAMnC,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,IACrF;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAE/B,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,EACrF;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,IAC1E;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,QAC1E;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-QVMLEJ63.cjs","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n  protected: ['/api/*'],\n  public: ['/api', '/api/auth/*'],\n  // Simple rule system\n  rules: [\n    // Admin users can do anything\n    {\n      condition: user => {\n        if (typeof user === 'object' && user !== null) {\n          if ('isAdmin' in user) {\n            return !!user.isAdmin;\n          }\n\n          if ('role' in user) {\n            return user.role === 'admin';\n          }\n        }\n        return false;\n      },\n      allow: true,\n    },\n  ],\n};\n","/**\n * Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n *\n * Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nexport interface ParsedPattern {\n  keys: string[] | false;\n  pattern: RegExp;\n}\n\n/**\n * Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/*\n * - Mixed patterns: /api/:version/users/:id\n */\nexport function parse(input: string | RegExp, loose?: boolean): ParsedPattern {\n  if (input instanceof RegExp) return { keys: false, pattern: input };\n\n  let c: string;\n  let o: number;\n  let tmp: string | undefined;\n  let ext: number;\n  const keys: string[] = [];\n  let pattern = '';\n  const arr = input.split('/');\n\n  arr[0] || arr.shift();\n\n  while ((tmp = arr.shift())) {\n    c = tmp[0]!;\n    if (c === '*') {\n      keys.push(c);\n      pattern += tmp[1] === '?' ? '(?:/(.*))?' : '/(.*)';\n    } else if (c === ':') {\n      o = tmp.indexOf('?', 1);\n      ext = tmp.indexOf('.', 1);\n      keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n      pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n      if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n    } else {\n      pattern += '/' + tmp;\n    }\n  }\n\n  return {\n    keys: keys,\n    pattern: new RegExp('^' + pattern + (loose ? '(?=$|/)' : '/?$'), 'i'),\n  };\n}\n\n/**\n * Test if a path matches a pattern\n */\nexport function matchPath(path: string, pattern: string | RegExp): boolean {\n  const { pattern: regex } = parse(pattern);\n  return regex.test(path);\n}\n","import type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { MastraAuthConfig } from '@mastra/core/server';\n\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/**\n * Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n */\nexport const isProtectedCustomRoute = (\n  path: string,\n  method: string,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  if (!customRouteAuthConfig) {\n    return false;\n  }\n\n  // Check exact match first (fast path for static routes)\n  const exactRouteKey = `${method}:${path}`;\n  if (customRouteAuthConfig.has(exactRouteKey)) {\n    return customRouteAuthConfig.get(exactRouteKey) === true;\n  }\n\n  // Check exact match for ALL method\n  const allRouteKey = `ALL:${path}`;\n  if (customRouteAuthConfig.has(allRouteKey)) {\n    return customRouteAuthConfig.get(allRouteKey) === true;\n  }\n\n  // Check pattern matches for dynamic routes (e.g., '/users/:id')\n  for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n    const colonIndex = routeKey.indexOf(':');\n    if (colonIndex === -1) {\n      continue; // Skip malformed keys\n    }\n\n    const routeMethod = routeKey.substring(0, colonIndex);\n    const routePattern = routeKey.substring(colonIndex + 1);\n\n    // Check if method matches (exact match or ALL)\n    if (routeMethod !== method && routeMethod !== 'ALL') {\n      continue;\n    }\n\n    // Check if path matches the pattern\n    if (pathMatchesPattern(path, routePattern)) {\n      return requiresAuth === true;\n    }\n  }\n\n  return false; // Not in config = not a protected custom route\n};\n\n/**\n * Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n */\nexport const isDevPlaygroundRequest = (\n  path: string,\n  method: string,\n  getHeader: (name: string) => string | undefined,\n  authConfig: MastraAuthConfig,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n  return (\n    process.env.MASTRA_DEV === 'true' &&\n    // Allow if path doesn't match protected patterns AND is not a protected custom route\n    ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) ||\n      // Or if has playground header\n      getHeader('x-mastra-dev-playground') === 'true')\n  );\n};\n\nexport const isCustomRoutePublic = (\n  path: string,\n  method: string,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  if (!customRouteAuthConfig) {\n    return false;\n  }\n\n  // Check exact match first (fast path for static routes)\n  const exactRouteKey = `${method}:${path}`;\n  if (customRouteAuthConfig.has(exactRouteKey)) {\n    return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n  }\n\n  // Check exact match for ALL method\n  const allRouteKey = `ALL:${path}`;\n  if (customRouteAuthConfig.has(allRouteKey)) {\n    return !customRouteAuthConfig.get(allRouteKey);\n  }\n\n  // Check pattern matches for dynamic routes (e.g., '/users/:id')\n  for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n    const colonIndex = routeKey.indexOf(':');\n    if (colonIndex === -1) {\n      continue; // Skip malformed keys\n    }\n\n    const routeMethod = routeKey.substring(0, colonIndex);\n    const routePattern = routeKey.substring(colonIndex + 1);\n\n    // Check if method matches (exact match or ALL)\n    if (routeMethod !== method && routeMethod !== 'ALL') {\n      continue;\n    }\n\n    // Check if path matches the pattern\n    if (pathMatchesPattern(path, routePattern)) {\n      return !requiresAuth; // True when route opts out of auth\n    }\n  }\n\n  return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/*' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n  path: string,\n  method: string,\n  authConfig: MastraAuthConfig,\n  customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n  const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n  return isAnyMatch(path, method, protectedAccess) || isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n  // Check if this path+method combination is publicly accessible\n  const publicAccess = [...(defaultAuthConfig.public || []), ...(authConfig.public || [])];\n\n  return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n  path: string,\n  method: string,\n  patterns: MastraAuthConfig['protected'] | MastraAuthConfig['public'],\n): boolean => {\n  if (!patterns) {\n    return false;\n  }\n\n  for (const patternPathOrMethod of patterns) {\n    if (patternPathOrMethod instanceof RegExp) {\n      if (patternPathOrMethod.test(path)) {\n        return true;\n      }\n    }\n\n    if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n      return true;\n    }\n\n    if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n      const [pattern, methodOrMethods] = patternPathOrMethod;\n      if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n        return true;\n      }\n    }\n  }\n\n  return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n  // Use regexparam for battle-tested path matching\n  // Supports:\n  // - Exact paths: '/api/users'\n  // - Wildcards: '/api/agents/*' matches '/api/agents/123'\n  // - Path parameters: '/users/:id' matches '/users/123'\n  // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n  // - Mixed patterns: '/api/:version/users/:id/profile'\n  const { pattern: regex } = parse(pattern);\n  return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string | RegExp | string[] | undefined): boolean => {\n  if (!rulePath) return true; // No path specified means all paths\n\n  if (typeof rulePath === 'string') {\n    return pathMatchesPattern(path, rulePath);\n  }\n\n  if (rulePath instanceof RegExp) {\n    return rulePath.test(path);\n  }\n\n  if (Array.isArray(rulePath)) {\n    return rulePath.some(p => pathMatchesPattern(path, p));\n  }\n\n  return false;\n};\n\nexport const matchesOrIncludes = (values: string | string[], value: string): boolean => {\n  if (typeof values === 'string') {\n    return values === value;\n  }\n\n  if (Array.isArray(values)) {\n    return values.includes(value);\n  }\n\n  return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n  path: string;\n  method: string;\n  getHeader: (name: string) => string | undefined;\n  mastra: Mastra;\n  authConfig: MastraAuthConfig;\n  customRouteAuthConfig?: Map<string, boolean>;\n  requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n  rawRequest: unknown;\n  token: string | null;\n  buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult = { action: 'next' } | { action: 'error'; status: number; body: Record<string, unknown> };\n\nconst pass: AuthResult = { action: 'next' };\n\n/**\n * Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n  const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n  // ── Skip checks (evaluated once) ──\n\n  // Only bypass auth for dev playground when no real auth provider is configured.\n  // When auth IS configured (has authenticateToken), we need the full auth flow\n  // so user/roles/permissions are set in requestContext.\n  const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n  if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n    return pass;\n  }\n\n  if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n    return pass;\n  }\n\n  if (canAccessPublicly(path, method, authConfig)) {\n    return pass;\n  }\n\n  // ── Authentication ──\n\n  let user: unknown;\n\n  try {\n    if (typeof authConfig.authenticateToken === 'function') {\n      user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n    } else {\n      throw new Error('No token verification method configured');\n    }\n\n    if (!user) {\n      return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n    }\n\n    requestContext.set('user', user);\n\n    try {\n      const serverConfig = mastra.getServer();\n      const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n\n      if (rbacProvider) {\n        if (!user || typeof user !== 'object' || !('id' in user)) {\n          mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n        } else {\n          const permissions = await rbacProvider.getPermissions(user as EEUser);\n          requestContext.set('userPermissions', permissions);\n\n          const roles = await rbacProvider.getRoles(user as EEUser);\n          requestContext.set('userRoles', roles);\n        }\n      }\n    } catch (rbacError) {\n      mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n        error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n      });\n    }\n  } catch (err) {\n    mastra.getLogger()?.error('Authentication error', {\n      error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n    });\n    return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n  }\n\n  // ── Authorization ──\n\n  if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n    try {\n      const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n      if (!isAuthorized) {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    } catch (err) {\n      mastra.getLogger()?.error('Authorization error in authorizeUser', {\n        error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n      });\n      return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n    }\n  } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n    try {\n      const authorizeCtx = ctx.buildAuthorizeContext();\n      const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n      if (!isAuthorized) {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    } catch (err) {\n      mastra.getLogger()?.error('Authorization error in authorize', {\n        error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n        path,\n        method,\n      });\n      return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n    }\n  } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n    const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n    if (!isAuthorized) {\n      return { action: 'error', status: 403, body: { error: 'Access denied' } };\n    }\n  } else {\n    // No explicit authorization configured (authorizeUser, authorize, or rules)\n    // Check if RBAC is configured - if not, allow authenticated users through\n    // (auth-only mode = authenticated users get full access)\n    const rbacProvider = mastra.getServer()?.rbac;\n    if (rbacProvider) {\n      if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n        const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n        if (!isAuthorized) {\n          return { action: 'error', status: 403, body: { error: 'Access denied' } };\n        }\n      } else {\n        return { action: 'error', status: 403, body: { error: 'Access denied' } };\n      }\n    }\n  }\n\n  return pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n  rules: MastraAuthConfig['rules'],\n  path: string,\n  method: string,\n  user: unknown,\n): Promise<boolean> => {\n  // Go through rules in order (first match wins)\n  for (const i in rules || []) {\n    const rule = rules?.[i]!;\n    // Check if rule applies to this path\n    if (!pathMatchesRule(path, rule.path)) {\n      continue;\n    }\n\n    // Check if rule applies to this method\n    if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n      continue;\n    }\n\n    // Rule matches, check conditions\n    const condition = rule.condition;\n    if (typeof condition === 'function') {\n      const allowed = await Promise.resolve()\n        .then(() => condition(user))\n        .catch(() => false);\n\n      if (allowed) {\n        return true;\n      }\n    } else if (rule.allow) {\n      return true;\n    }\n  }\n\n  // No matching rules, deny by default\n  return false;\n};\n"]}

package/dist/chunk-RCSPGNEZ.cjs

@@ -1,44 +0,0 @@
-'use strict';
-
-var z = require('zod');
-
-function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
-
-var z__default = /*#__PURE__*/_interopDefault(z);
-
-// src/server/schemas/rule-group.ts
-var ruleSchema = z__default.default.object({
-  field: z__default.default.string(),
-  operator: z__default.default.enum([
-    "equals",
-    "not_equals",
-    "contains",
-    "not_contains",
-    "greater_than",
-    "less_than",
-    "greater_than_or_equal",
-    "less_than_or_equal",
-    "in",
-    "not_in",
-    "exists",
-    "not_exists"
-  ]),
-  value: z__default.default.unknown().optional()
-});
-var ruleGroupDepth2 = z__default.default.object({
-  operator: z__default.default.enum(["AND", "OR"]),
-  conditions: z__default.default.array(ruleSchema)
-});
-var ruleGroupDepth1 = z__default.default.object({
-  operator: z__default.default.enum(["AND", "OR"]),
-  conditions: z__default.default.array(z__default.default.union([ruleSchema, ruleGroupDepth2]))
-});
-var ruleGroupSchema = z__default.default.object({
-  operator: z__default.default.enum(["AND", "OR"]),
-  conditions: z__default.default.array(z__default.default.union([ruleSchema, ruleGroupDepth1]))
-});
-
-exports.ruleGroupSchema = ruleGroupSchema;
-exports.ruleSchema = ruleSchema;
-//# sourceMappingURL=chunk-RCSPGNEZ.cjs.map
-//# sourceMappingURL=chunk-RCSPGNEZ.cjs.map

package/dist/chunk-RCSPGNEZ.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/schemas/rule-group.ts"],"names":["z"],"mappings":";;;;;;;;;AAQO,IAAM,UAAA,GAAaA,mBAAE,MAAA,CAAO;AAAA,EACjC,KAAA,EAAOA,mBAAE,MAAA,EAAO;AAAA,EAChB,QAAA,EAAUA,mBAAE,IAAA,CAAK;AAAA,IACf,QAAA;AAAA,IACA,YAAA;AAAA,IACA,UAAA;AAAA,IACA,cAAA;AAAA,IACA,cAAA;AAAA,IACA,WAAA;AAAA,IACA,uBAAA;AAAA,IACA,oBAAA;AAAA,IACA,IAAA;AAAA,IACA,QAAA;AAAA,IACA,QAAA;AAAA,IACA;AAAA,GACD,CAAA;AAAA,EACD,KAAA,EAAOA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACrB,CAAC;AAED,IAAM,eAAA,GAAkBA,mBAAE,MAAA,CAAO;AAAA,EAC/B,UAAUA,kBAAA,CAAE,IAAA,CAAK,CAAC,KAAA,EAAO,IAAI,CAAC,CAAA;AAAA,EAC9B,UAAA,EAAYA,kBAAA,CAAE,KAAA,CAAM,UAAU;AAChC,CAAC,CAAA;AAED,IAAM,eAAA,GAAkBA,mBAAE,MAAA,CAAO;AAAA,EAC/B,UAAUA,kBAAA,CAAE,IAAA,CAAK,CAAC,KAAA,EAAO,IAAI,CAAC,CAAA;AAAA,EAC9B,UAAA,EAAYA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,MAAM,CAAC,UAAA,EAAY,eAAe,CAAC,CAAC;AAC5D,CAAC,CAAA;AAEM,IAAM,eAAA,GAAkBA,mBAAE,MAAA,CAAO;AAAA,EACtC,UAAUA,kBAAA,CAAE,IAAA,CAAK,CAAC,KAAA,EAAO,IAAI,CAAC,CAAA;AAAA,EAC9B,UAAA,EAAYA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,MAAM,CAAC,UAAA,EAAY,eAAe,CAAC,CAAC;AAC5D,CAAC","file":"chunk-RCSPGNEZ.cjs","sourcesContent":["import z from 'zod';\n\n/**\n * Rule and RuleGroup schemas for conditional prompt block evaluation.\n *\n * Uses a fixed nesting depth (3 levels) to avoid infinite recursion\n * when converting to JSON Schema / OpenAPI.\n */\nexport const ruleSchema = z.object({\n  field: z.string(),\n  operator: z.enum([\n    'equals',\n    'not_equals',\n    'contains',\n    'not_contains',\n    'greater_than',\n    'less_than',\n    'greater_than_or_equal',\n    'less_than_or_equal',\n    'in',\n    'not_in',\n    'exists',\n    'not_exists',\n  ]),\n  value: z.unknown().optional(),\n});\n\nconst ruleGroupDepth2 = z.object({\n  operator: z.enum(['AND', 'OR']),\n  conditions: z.array(ruleSchema),\n});\n\nconst ruleGroupDepth1 = z.object({\n  operator: z.enum(['AND', 'OR']),\n  conditions: z.array(z.union([ruleSchema, ruleGroupDepth2])),\n});\n\nexport const ruleGroupSchema = z.object({\n  operator: z.enum(['AND', 'OR']),\n  conditions: z.array(z.union([ruleSchema, ruleGroupDepth1])),\n});\n"]}

package/dist/chunk-RRQAOK3A.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/server/handlers/stored-agents.ts"],"names":["createRoute","listStoredAgentsQuerySchema","listStoredAgentsResponseSchema","HTTPException","handleError","storedAgentIdPathParams","statusQuerySchema","getStoredAgentResponseSchema","createStoredAgentBodySchema","createStoredAgentResponseSchema","toSlug","updateStoredAgentBodySchema","updateStoredAgentResponseSchema","handleAutoVersioning","deleteStoredAgentResponseSchema","previewInstructionsBodySchema","previewInstructionsResponseSchema"],"mappings":";;;;;;;;;;;AA0BA,IAAM,4BAAA,GAA+B;AAAA,EACnC,MAAA;AAAA,EACA,aAAA;AAAA,EACA,cAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,gBAAA;AAAA,EACA,WAAA;AAAA,EACA,QAAA;AAAA,EACA,kBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,sBAAA;AAAA,EACA,YAAA;AAAA,EACA,QAAA;AAAA,EACA;AACF,CAAA;AASO,IAAM,2BAA2BA,6BAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,6CAAA;AAAA,EAClB,cAAA,EAAgBC,gDAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,IAAA,EAAM,SAAS,OAAA,EAAS,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAS,KAAM;AACjF,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,YAAA,CAAa;AAAA,QAC5C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyBJ,6BAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,8CAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EACE,gMAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,QAAO,KAAM;AACpD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,QAAQ,MAAM,WAAA,CAAY,gBAAgB,aAAA,EAAe,EAAE,QAAQ,CAAA;AAEzE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAOTJ,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYQ,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,gEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,QAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIN,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcO,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIP,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,EAAE,CAAA;AAC7C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAIA,MAAA,MAAM,YAAY,MAAA,CAAO;AAAA,QACvB,KAAA,EAAO;AAAA,UACL,EAAA;AAAA,UACA,QAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,KAAA;AAAA,UACA,KAAA;AAAA,UACA,cAAA;AAAA,UACA,SAAA;AAAA,UACA,MAAA;AAAA,UACA,gBAAA;AAAA,UACA,UAAA;AAAA,UACA,eAAA;AAAA,UACA,gBAAA;AAAA,UACA,MAAA;AAAA,UACA,OAAA;AAAA,UACA,MAAA;AAAA,UACA,SAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAID,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC1E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAYTJ,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,UAAA,EAAYM,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,oBAAA;AAAA;AAAA,IAEA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAKA,MAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,MAAA,CAAO;AAAA,QAC5C,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OAC0B,CAAA;AAG5B,MAAA,MAAM,YAAA,GAAe;AAAA,QACnB,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF;AAGA,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAKhH,MAAA,MAAM,oBAAoB,MAAMU,sCAAA;AAAA,QAC9B,WAAA;AAAA,QACA,aAAA;AAAA,QACA,SAAA;AAAA,QACA,4BAAA;AAAA,QACA,QAAA;AAAA,QACA,YAAA;AAAA,QACA,oBAAA;AAAA,QACA,aAAA,GAAgB,EAAE,aAAA,EAAc,GAAI;AAAA,OACtC;AAEA,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,MAC3D;AAGA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,KAAA,CAAM,WAAW,aAAa,CAAA;AAAA,MACvC;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,eAAe,EAAE,MAAA,EAAQ,SAAS,CAAA;AACrF,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIV,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,cAAA,EAAgBS,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,MAAM,WAAA,CAAY,OAAO,aAAa,CAAA;AAGtC,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,UAAA,CAAW,aAAa,CAAA;AAElD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,CAAA,MAAA,EAAS,aAAa,CAAA,qBAAA,CAAA,EAAwB;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,6BAA6BJ,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYe,+CAAA;AAAA,EACZ,cAAA,EAAgBC,mDAAA;AAAA,EAChB,OAAA,EAAS,+BAAA;AAAA,EACT,WAAA,EACE,6MAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,SAAQ,KAAM;AAC9C,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAIb,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,MACtE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAA,EAAQ,OAAA,IAAW,EAAE,CAAA;AAEhE,MAAA,OAAO,EAAE,MAAA,EAAO;AAAA,IAClB,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-RRQAOK3A.cjs","sourcesContent":["import type { StorageCreateAgentInput, StorageUpdateAgentInput } from '@mastra/core/storage';\nimport type { z } from 'zod';\n\nimport { HTTPException } from '../http-exception';\nimport {\n  storedAgentIdPathParams,\n  statusQuerySchema,\n  listStoredAgentsQuerySchema,\n  createStoredAgentBodySchema,\n  updateStoredAgentBodySchema,\n  listStoredAgentsResponseSchema,\n  getStoredAgentResponseSchema,\n  createStoredAgentResponseSchema,\n  updateStoredAgentResponseSchema,\n  deleteStoredAgentResponseSchema,\n  previewInstructionsBodySchema,\n  previewInstructionsResponseSchema,\n} from '../schemas/stored-agents';\nimport type { ServerRoute, RouteSchemas, InferParams } from '../server-adapter/routes';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\nimport { handleAutoVersioning } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\nconst AGENT_SNAPSHOT_CONFIG_FIELDS = [\n  'name',\n  'description',\n  'instructions',\n  'model',\n  'tools',\n  'defaultOptions',\n  'workflows',\n  'agents',\n  'integrationTools',\n  'inputProcessors',\n  'outputProcessors',\n  'memory',\n  'scorers',\n  'requestContextSchema',\n  'mcpClients',\n  'skills',\n  'workspace',\n] as const;\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/agents - List all stored agents\n */\nexport const LIST_STORED_AGENTS_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/agents',\n  responseType: 'json',\n  queryParamSchema: listStoredAgentsQuerySchema,\n  responseSchema: listStoredAgentsResponseSchema,\n  summary: 'List stored agents',\n  description: 'Returns a paginated list of all agents stored in the database',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({ mastra, page, perPage, orderBy, status, authorId, metadata }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const agentsStore = await storage.getStore('agents');\n      if (!agentsStore) {\n        throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n      }\n\n      const result = await agentsStore.listResolved({\n        page,\n        perPage,\n        orderBy,\n        status,\n        authorId,\n        metadata,\n      });\n\n      return result;\n    } catch (error) {\n      return handleError(error, 'Error listing stored agents');\n    }\n  },\n});\n\n/**\n * GET /stored/agents/:storedAgentId - Get a stored agent by ID\n */\nexport const GET_STORED_AGENT_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/agents/:storedAgentId',\n  responseType: 'json',\n  pathParamSchema: storedAgentIdPathParams,\n  queryParamSchema: statusQuerySchema,\n  responseSchema: getStoredAgentResponseSchema,\n  summary: 'Get stored agent by ID',\n  description:\n    'Returns a specific agent from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedAgentId, status }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const agentsStore = await storage.getStore('agents');\n      if (!agentsStore) {\n        throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n      }\n\n      const agent = await agentsStore.getByIdResolved(storedAgentId, { status });\n\n      if (!agent) {\n        throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n      }\n\n      return agent;\n    } catch (error) {\n      return handleError(error, 'Error getting stored agent');\n    }\n  },\n});\n\n/**\n * POST /stored/agents - Create a new stored agent\n */\nexport const CREATE_STORED_AGENT_ROUTE: ServerRoute<\n  InferParams<undefined, undefined, typeof createStoredAgentBodySchema>,\n  z.infer<typeof createStoredAgentResponseSchema>,\n  'json',\n  RouteSchemas<undefined, undefined, typeof createStoredAgentBodySchema, typeof createStoredAgentResponseSchema>,\n  'POST',\n  '/stored/agents'\n> = createRoute({\n  method: 'POST',\n  path: '/stored/agents',\n  responseType: 'json',\n  bodySchema: createStoredAgentBodySchema,\n  responseSchema: createStoredAgentResponseSchema,\n  summary: 'Create stored agent',\n  description: 'Creates a new agent in storage with the provided configuration',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    id: providedId,\n    authorId,\n    metadata,\n    name,\n    description,\n    instructions,\n    model,\n    tools,\n    defaultOptions,\n    workflows,\n    agents,\n    integrationTools,\n    mcpClients,\n    inputProcessors,\n    outputProcessors,\n    memory,\n    scorers,\n    skills,\n    workspace,\n    requestContextSchema,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const agentsStore = await storage.getStore('agents');\n      if (!agentsStore) {\n        throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n      }\n\n      // Derive ID from name if not explicitly provided\n      const id = providedId || toSlug(name);\n\n      if (!id) {\n        throw new HTTPException(400, {\n          message: 'Could not derive agent ID from name. Please provide an explicit id.',\n        });\n      }\n\n      // Check if agent with this ID already exists\n      const existing = await agentsStore.getById(id);\n      if (existing) {\n        throw new HTTPException(409, { message: `Agent with id ${id} already exists` });\n      }\n\n      // Create agent with flat StorageCreateAgentInput\n      // Cast needed because Zod's passthrough() output types don't exactly match the handwritten TS interfaces\n      await agentsStore.create({\n        agent: {\n          id,\n          authorId,\n          metadata,\n          name,\n          description,\n          instructions,\n          model,\n          tools,\n          defaultOptions,\n          workflows,\n          agents,\n          integrationTools,\n          mcpClients,\n          inputProcessors,\n          outputProcessors,\n          memory,\n          scorers,\n          skills,\n          workspace,\n          requestContextSchema,\n        } as StorageCreateAgentInput,\n      });\n\n      // Return the resolved agent (thin record + version config)\n      // Use draft status since newly created entities start as drafts\n      const resolved = await agentsStore.getByIdResolved(id, { status: 'draft' });\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve created agent' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error creating stored agent');\n    }\n  },\n});\n\n/**\n * PATCH /stored/agents/:storedAgentId - Update a stored agent\n */\nexport const UPDATE_STORED_AGENT_ROUTE: ServerRoute<\n  InferParams<typeof storedAgentIdPathParams, undefined, typeof updateStoredAgentBodySchema>,\n  z.infer<typeof updateStoredAgentResponseSchema>,\n  'json',\n  RouteSchemas<\n    typeof storedAgentIdPathParams,\n    undefined,\n    typeof updateStoredAgentBodySchema,\n    typeof updateStoredAgentResponseSchema\n  >,\n  'PATCH',\n  '/stored/agents/:storedAgentId'\n> = createRoute({\n  method: 'PATCH',\n  path: '/stored/agents/:storedAgentId',\n  responseType: 'json',\n  pathParamSchema: storedAgentIdPathParams,\n  bodySchema: updateStoredAgentBodySchema,\n  responseSchema: updateStoredAgentResponseSchema,\n  summary: 'Update stored agent',\n  description: 'Updates an existing agent in storage with the provided fields',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    storedAgentId,\n    // Metadata-level fields\n    authorId,\n    metadata,\n    // Config fields (snapshot-level)\n    name,\n    description,\n    instructions,\n    model,\n    tools,\n    defaultOptions,\n    workflows,\n    agents,\n    integrationTools,\n    mcpClients,\n    inputProcessors,\n    outputProcessors,\n    memory,\n    scorers,\n    skills,\n    workspace,\n    requestContextSchema,\n    // Version metadata\n    changeMessage,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const agentsStore = await storage.getStore('agents');\n      if (!agentsStore) {\n        throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n      }\n\n      // Check if agent exists\n      const existing = await agentsStore.getById(storedAgentId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n      }\n\n      // Update the agent with both metadata-level and config-level fields\n      // The storage layer handles separating these into agent-record updates vs new-version creation\n      // Cast needed because Zod's passthrough() output types don't exactly match the handwritten TS interfaces\n      const updatedAgent = await agentsStore.update({\n        id: storedAgentId,\n        authorId,\n        metadata,\n        name,\n        description,\n        instructions,\n        model,\n        tools,\n        defaultOptions,\n        workflows,\n        agents,\n        integrationTools,\n        mcpClients,\n        inputProcessors,\n        outputProcessors,\n        memory,\n        scorers,\n        skills,\n        workspace,\n        requestContextSchema,\n      } as StorageUpdateAgentInput);\n\n      // Build the snapshot config for auto-versioning comparison\n      const configFields = {\n        name,\n        description,\n        instructions,\n        model,\n        tools,\n        defaultOptions,\n        workflows,\n        agents,\n        integrationTools,\n        mcpClients,\n        inputProcessors,\n        outputProcessors,\n        memory,\n        scorers,\n        skills,\n        workspace,\n        requestContextSchema,\n      };\n\n      // Filter out undefined values to get only the config fields that were provided\n      const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n      // Handle auto-versioning with retry logic for race conditions\n      // This creates a new version if there are meaningful config changes.\n      // It does NOT update activeVersionId — the version stays as a draft until explicitly published.\n      const autoVersionResult = await handleAutoVersioning(\n        agentsStore as unknown as VersionedStoreInterface,\n        storedAgentId,\n        'agentId',\n        AGENT_SNAPSHOT_CONFIG_FIELDS,\n        existing,\n        updatedAgent,\n        providedConfigFields,\n        changeMessage ? { changeMessage } : undefined,\n      );\n\n      if (!autoVersionResult) {\n        throw new Error('handleAutoVersioning returned undefined');\n      }\n\n      // Clear the cached agent instance so the next request gets the updated config\n      const editor = mastra.getEditor();\n      if (editor) {\n        editor.agent.clearCache(storedAgentId);\n      }\n\n      // Return the resolved agent with the latest (draft) version so the UI sees its edits\n      const resolved = await agentsStore.getByIdResolved(storedAgentId, { status: 'draft' });\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve updated agent' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error updating stored agent');\n    }\n  },\n});\n\n/**\n * DELETE /stored/agents/:storedAgentId - Delete a stored agent\n */\nexport const DELETE_STORED_AGENT_ROUTE = createRoute({\n  method: 'DELETE',\n  path: '/stored/agents/:storedAgentId',\n  responseType: 'json',\n  pathParamSchema: storedAgentIdPathParams,\n  responseSchema: deleteStoredAgentResponseSchema,\n  summary: 'Delete stored agent',\n  description: 'Deletes an agent from storage by its unique identifier',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedAgentId }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const agentsStore = await storage.getStore('agents');\n      if (!agentsStore) {\n        throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n      }\n\n      // Check if agent exists\n      const existing = await agentsStore.getById(storedAgentId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n      }\n\n      await agentsStore.delete(storedAgentId);\n\n      // Clear the cached agent instance\n      mastra.getEditor()?.agent.clearCache(storedAgentId);\n\n      return { success: true, message: `Agent ${storedAgentId} deleted successfully` };\n    } catch (error) {\n      return handleError(error, 'Error deleting stored agent');\n    }\n  },\n});\n\n/**\n * POST /stored/agents/preview-instructions - Preview resolved instructions\n */\nexport const PREVIEW_INSTRUCTIONS_ROUTE = createRoute({\n  method: 'POST',\n  path: '/stored/agents/preview-instructions',\n  responseType: 'json',\n  bodySchema: previewInstructionsBodySchema,\n  responseSchema: previewInstructionsResponseSchema,\n  summary: 'Preview resolved instructions',\n  description:\n    'Resolves an array of instruction blocks against a request context, evaluating rules, fetching prompt block references, and rendering template variables. Returns the final concatenated instruction string.',\n  tags: ['Stored Agents'],\n  requiresAuth: true,\n  handler: async ({ mastra, blocks, context }) => {\n    try {\n      const editor = mastra.getEditor();\n      if (!editor) {\n        throw new HTTPException(500, { message: 'Editor is not configured' });\n      }\n\n      const result = await editor.prompt.preview(blocks, context ?? {});\n\n      return { result };\n    } catch (error) {\n      return handleError(error, 'Error previewing instructions');\n    }\n  },\n});\n"]}