@meridianjs/meridian 0.1.34 → 0.1.36

package/dist/api/admin/issues/[id]/comments/route.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/issues/[id]/comments/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAqBvC,eAAO,MAAM,GAAG,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAKhD,CAAA;AAED,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAejD,CAAA"}
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/issues/[id]/comments/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAqBvC,eAAO,MAAM,GAAG,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAKhD,CAAA;AAED,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAkBjD,CAAA"}

package/dist/api/admin/issues/[id]/comments/route.js

@@ -37,7 +37,10 @@ export const POST = async (req, res) => {
         issue_id: req.params.id, body: body.trim(), author_id: req.user?.id ?? "system",
         metadata: metadata ?? null,
     });
-    eventBus.emit({ name: "comment.created", data: { comment_id: comment.id, issue_id: req.params.id, author_id: comment.author_id } }).catch(() => { });
+    const mentionedUserIds = Array.isArray(metadata?.mentioned_user_ids)
+        ? metadata.mentioned_user_ids.filter((id) => typeof id === "string")
+        : [];
+    eventBus.emit({ name: "comment.created", data: { comment_id: comment.id, issue_id: req.params.id, author_id: comment.author_id, mentioned_user_ids: mentionedUserIds } }).catch(() => { });
     res.status(201).json({ comment });
 };
 //# sourceMappingURL=route.js.map

package/dist/api/admin/issues/[id]/comments/route.js.map

@@ -1 +1 @@
-{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/issues/[id]/comments/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AAEtE,KAAK,UAAU,iBAAiB,CAAC,GAAQ,EAAE,GAAa;IACtD,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IAC/E,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAC/D,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,sBAAsB,CAAQ,CAAA;QACvE,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,eAAe,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QACxF,IAAI,OAAO,IAAI,CAAC,MAAM,gBAAgB,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,CAAC,CAAA;YACzD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACnD,IAAI,CAAC,MAAM,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAC9C,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACtE,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAA;AACxB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,IAAI,CAAC,MAAM,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAC9C,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;IACrD,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;IACnC,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAChE,OAAM;IACR,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC;QAC/C,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,QAAQ;QAC/E,QAAQ,EAAE,QAAQ,IAAI,IAAI;KAC3B,CAAC,CAAA;IACF,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACnJ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;AACnC,CAAC,CAAA"}
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/issues/[id]/comments/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AAEtE,KAAK,UAAU,iBAAiB,CAAC,GAAQ,EAAE,GAAa;IACtD,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IAC/E,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAC/D,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,sBAAsB,CAAQ,CAAA;QACvE,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,eAAe,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QACxF,IAAI,OAAO,IAAI,CAAC,MAAM,gBAAgB,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,CAAC,CAAA;YACzD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACnD,IAAI,CAAC,MAAM,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAC9C,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACtE,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAA;AACxB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,IAAI,CAAC,MAAM,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAC9C,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;IACrD,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;IACnC,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAChE,OAAM;IACR,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC;QAC/C,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,QAAQ;QAC/E,QAAQ,EAAE,QAAQ,IAAI,IAAI;KAC3B,CAAC,CAAA;IACF,MAAM,gBAAgB,GAAa,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,kBAAkB,CAAC;QAC5E,CAAC,CAAC,QAAQ,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,EAAW,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,CAAC;QAC7E,CAAC,CAAC,EAAE,CAAA;IACN,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACzL,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;AACnC,CAAC,CAAA"}

package/dist/api/admin/users/me/password/_otp-store.d.ts

@@ -0,0 +1,14 @@
+/**
+ * In-memory OTP store for password create/change flow.
+ *
+ * One active OTP per user. 6-digit numeric code, 10-minute TTL.
+ * Rate-limited: rejects re-sends within 60 seconds.
+ *
+ * Uses globalThis to guarantee a single shared Map even when route files
+ * are loaded via separate dynamic import() calls by the route scanner.
+ */
+/** Generate and store a 6-digit OTP for a user. Throws if rate-limited. */
+export declare function generateAndStoreOtp(userId: string): string;
+/** Consume an OTP. Always deletes the entry (single-use). Returns true if valid. */
+export declare function consumeOtp(userId: string, otp: string): boolean;
+//# sourceMappingURL=_otp-store.d.ts.map

package/dist/api/admin/users/me/password/_otp-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"_otp-store.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/users/me/password/_otp-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAqBH,2EAA2E;AAC3E,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAU1D;AAED,oFAAoF;AACpF,wBAAgB,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAM/D"}

package/dist/api/admin/users/me/password/_otp-store.js

@@ -0,0 +1,41 @@
+/**
+ * In-memory OTP store for password create/change flow.
+ *
+ * One active OTP per user. 6-digit numeric code, 10-minute TTL.
+ * Rate-limited: rejects re-sends within 60 seconds.
+ *
+ * Uses globalThis to guarantee a single shared Map even when route files
+ * are loaded via separate dynamic import() calls by the route scanner.
+ */
+import { randomInt } from "crypto";
+const STORE_KEY = "__meridian_password_otp_store__";
+const OTP_TTL_MS = 10 * 60 * 1000; // 10 minutes
+const RESEND_COOLDOWN_MS = 60 * 1000; // 60 seconds
+function getStore() {
+    if (!globalThis[STORE_KEY]) {
+        ;
+        globalThis[STORE_KEY] = new Map();
+    }
+    return globalThis[STORE_KEY];
+}
+/** Generate and store a 6-digit OTP for a user. Throws if rate-limited. */
+export function generateAndStoreOtp(userId) {
+    const store = getStore();
+    const existing = store.get(userId);
+    if (existing && Date.now() - existing.sentAt < RESEND_COOLDOWN_MS) {
+        throw Object.assign(new Error("Please wait before requesting a new code"), { status: 429 });
+    }
+    const otp = String(randomInt(100000, 999999));
+    store.set(userId, { otp, expiresAt: Date.now() + OTP_TTL_MS, sentAt: Date.now() });
+    return otp;
+}
+/** Consume an OTP. Always deletes the entry (single-use). Returns true if valid. */
+export function consumeOtp(userId, otp) {
+    const store = getStore();
+    const entry = store.get(userId);
+    store.delete(userId);
+    if (!entry || entry.expiresAt < Date.now())
+        return false;
+    return entry.otp === otp;
+}
+//# sourceMappingURL=_otp-store.js.map

package/dist/api/admin/users/me/password/_otp-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"_otp-store.js","sourceRoot":"","sources":["../../../../../../src/api/admin/users/me/password/_otp-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AAQlC,MAAM,SAAS,GAAG,iCAAiC,CAAA;AACnD,MAAM,UAAU,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA,CAAE,aAAa;AAChD,MAAM,kBAAkB,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,aAAa;AAElD,SAAS,QAAQ;IACf,IAAI,CAAE,UAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,CAAC;QAAC,UAAkB,CAAC,SAAS,CAAC,GAAG,IAAI,GAAG,EAAoB,CAAA;IAC/D,CAAC;IACD,OAAQ,UAAkB,CAAC,SAAS,CAAC,CAAA;AACvC,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAA;IACxB,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAClC,IAAI,QAAQ,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,MAAM,GAAG,kBAAkB,EAAE,CAAC;QAClE,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IAC7F,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;IAC7C,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IAClF,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,oFAAoF;AACpF,MAAM,UAAU,UAAU,CAAC,MAAc,EAAE,GAAW;IACpD,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAA;IACxB,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAC/B,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IACpB,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,KAAK,CAAA;IACxD,OAAO,KAAK,CAAC,GAAG,KAAK,GAAG,CAAA;AAC1B,CAAC"}

package/dist/api/admin/users/me/password/route.d.ts

@@ -0,0 +1,7 @@
+import type { Response } from "express";
+/**
+ * POST /admin/users/me/password
+ * Set or change the authenticated user's password after OTP verification.
+ */
+export declare const POST: (req: any, res: Response) => Promise<void>;
+//# sourceMappingURL=route.d.ts.map

package/dist/api/admin/users/me/password/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/users/me/password/route.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAQvC;;;GAGG;AACH,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAsBjD,CAAA"}

package/dist/api/admin/users/me/password/route.js

@@ -0,0 +1,31 @@
+import { z } from "zod";
+import { consumeOtp } from "./_otp-store.js";
+const setPasswordSchema = z.object({
+    otp: z.string().length(6, "Verification code must be 6 digits"),
+    new_password: z.string().min(8, "Password must be at least 8 characters"),
+});
+/**
+ * POST /admin/users/me/password
+ * Set or change the authenticated user's password after OTP verification.
+ */
+export const POST = async (req, res) => {
+    const userId = req.user?.id;
+    if (!userId) {
+        res.status(401).json({ error: { message: "Not authenticated" } });
+        return;
+    }
+    const result = setPasswordSchema.safeParse(req.body);
+    if (!result.success) {
+        res.status(400).json({ error: { message: "Validation error", details: result.error.flatten().fieldErrors } });
+        return;
+    }
+    const valid = consumeOtp(userId, result.data.otp);
+    if (!valid) {
+        res.status(400).json({ error: { message: "Invalid or expired verification code" } });
+        return;
+    }
+    const authService = req.scope.resolve("authModuleService");
+    await authService.setPassword(userId, result.data.new_password);
+    res.json({ ok: true });
+};
+//# sourceMappingURL=route.js.map

package/dist/api/admin/users/me/password/route.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/users/me/password/route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAE5C,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,oCAAoC,CAAC;IAC/D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wCAAwC,CAAC;CAC1E,CAAC,CAAA;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,EAAY,CAAA;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,CAAC,CAAA;QACjE,OAAM;IACR,CAAC;IAED,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;QAC7G,OAAM;IACR,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACjD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,EAAE,CAAC,CAAA;QACpF,OAAM;IACR,CAAC;IAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;IACjE,MAAM,WAAW,CAAC,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAC/D,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AACxB,CAAC,CAAA"}

package/dist/api/admin/users/me/password/send-otp/route.d.ts

@@ -0,0 +1,7 @@
+import type { Response } from "express";
+/**
+ * POST /admin/users/me/password/send-otp
+ * Send a 6-digit OTP to the authenticated user's email for password create/change.
+ */
+export declare const POST: (req: any, res: Response) => Promise<void>;
+//# sourceMappingURL=route.d.ts.map

package/dist/api/admin/users/me/password/send-otp/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../src/api/admin/users/me/password/send-otp/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGvC;;;GAGG;AACH,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBA0BjD,CAAA"}

package/dist/api/admin/users/me/password/send-otp/route.js

@@ -0,0 +1,30 @@
+import { generateAndStoreOtp } from "../_otp-store.js";
+/**
+ * POST /admin/users/me/password/send-otp
+ * Send a 6-digit OTP to the authenticated user's email for password create/change.
+ */
+export const POST = async (req, res) => {
+    const userId = req.user?.id;
+    if (!userId) {
+        res.status(401).json({ error: { message: "Not authenticated" } });
+        return;
+    }
+    let otp;
+    try {
+        otp = generateAndStoreOtp(userId);
+    }
+    catch (err) {
+        // Rate-limited — still return 200 to avoid leaking timing info
+        res.json({ ok: true });
+        return;
+    }
+    const userService = req.scope.resolve("userModuleService");
+    const user = await userService.retrieveUser(userId);
+    const eventBus = req.scope.resolve("eventBus");
+    await eventBus.emit({
+        name: "password.otp_requested",
+        data: { user_id: userId, email: user.email, otp },
+    });
+    res.json({ ok: true });
+};
+//# sourceMappingURL=route.js.map

package/dist/api/admin/users/me/password/send-otp/route.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../../src/api/admin/users/me/password/send-otp/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAA;AAEtD;;;GAGG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,EAAY,CAAA;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,CAAC,CAAA;QACjE,OAAM;IACR,CAAC;IAED,IAAI,GAAW,CAAA;IACf,IAAI,CAAC;QACH,GAAG,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,+DAA+D;QAC/D,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;QACtB,OAAM;IACR,CAAC;IAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;IACjE,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;IAEnD,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;IACrD,MAAM,QAAQ,CAAC,IAAI,CAAC;QAClB,IAAI,EAAE,wBAAwB;QAC9B,IAAI,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE;KAClD,CAAC,CAAA;IAEF,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AACxB,CAAC,CAAA"}

package/dist/api/auth/forgot-password/route.d.ts

@@ -0,0 +1,7 @@
+import type { Response } from "express";
+/**
+ * POST /auth/forgot-password
+ * Request a password reset link. Always returns 200 to prevent email enumeration.
+ */
+export declare const POST: (req: any, res: Response) => Promise<void>;
+//# sourceMappingURL=route.d.ts.map

package/dist/api/auth/forgot-password/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../src/api/auth/forgot-password/route.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAMvC;;;GAGG;AACH,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBA4BjD,CAAA"}

package/dist/api/auth/forgot-password/route.js

@@ -0,0 +1,36 @@
+import { z } from "zod";
+const forgotPasswordSchema = z.object({
+    email: z.string().email(),
+});
+/**
+ * POST /auth/forgot-password
+ * Request a password reset link. Always returns 200 to prevent email enumeration.
+ */
+export const POST = async (req, res) => {
+    const result = forgotPasswordSchema.safeParse(req.body);
+    if (!result.success) {
+        res.status(400).json({ error: { message: "Validation error", details: result.error.flatten().fieldErrors } });
+        return;
+    }
+    const authService = req.scope.resolve("authModuleService");
+    const resetInfo = await authService.requestPasswordReset(result.data.email);
+    // Emit event for email subscriber — but always return 200
+    if (resetInfo) {
+        try {
+            const eventBus = req.scope.resolve("eventBus");
+            await eventBus.emit({
+                name: "password.reset_requested",
+                data: {
+                    user_id: resetInfo.userId,
+                    email: resetInfo.email,
+                    token: resetInfo.token,
+                },
+            });
+        }
+        catch {
+            // Non-fatal — reset was generated, email delivery is best-effort
+        }
+    }
+    res.json({ ok: true, message: "If an account exists with that email, a reset link has been sent." });
+};
+//# sourceMappingURL=route.js.map

package/dist/api/auth/forgot-password/route.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../src/api/auth/forgot-password/route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;CAC1B,CAAC,CAAA;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,MAAM,MAAM,GAAG,oBAAoB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACvD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;QAC7G,OAAM;IACR,CAAC;IAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;IACjE,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAE3E,0DAA0D;IAC1D,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;YACrD,MAAM,QAAQ,CAAC,IAAI,CAAC;gBAClB,IAAI,EAAE,0BAA0B;gBAChC,IAAI,EAAE;oBACJ,OAAO,EAAE,SAAS,CAAC,MAAM;oBACzB,KAAK,EAAE,SAAS,CAAC,KAAK;oBACtB,KAAK,EAAE,SAAS,CAAC,KAAK;iBACvB;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,iEAAiE;QACnE,CAAC;IACH,CAAC;IAED,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mEAAmE,EAAE,CAAC,CAAA;AACtG,CAAC,CAAA"}

package/dist/api/auth/reset-password/route.d.ts

@@ -0,0 +1,7 @@
+import type { Response } from "express";
+/**
+ * POST /auth/reset-password
+ * Reset password using a valid reset token.
+ */
+export declare const POST: (req: any, res: Response) => Promise<void>;
+//# sourceMappingURL=route.d.ts.map

package/dist/api/auth/reset-password/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../src/api/auth/reset-password/route.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAOvC;;;GAGG;AACH,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAUjD,CAAA"}

package/dist/api/auth/reset-password/route.js

@@ -0,0 +1,20 @@
+import { z } from "zod";
+const resetPasswordSchema = z.object({
+    token: z.string().min(1, "Reset token is required"),
+    password: z.string().min(8, "Password must be at least 8 characters"),
+});
+/**
+ * POST /auth/reset-password
+ * Reset password using a valid reset token.
+ */
+export const POST = async (req, res) => {
+    const result = resetPasswordSchema.safeParse(req.body);
+    if (!result.success) {
+        res.status(400).json({ error: { message: "Validation error", details: result.error.flatten().fieldErrors } });
+        return;
+    }
+    const authService = req.scope.resolve("authModuleService");
+    await authService.resetPassword(result.data.token, result.data.password);
+    res.json({ ok: true, message: "Password has been reset. You can now sign in." });
+};
+//# sourceMappingURL=route.js.map

package/dist/api/auth/reset-password/route.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../src/api/auth/reset-password/route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,yBAAyB,CAAC;IACnD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wCAAwC,CAAC;CACtE,CAAC,CAAA;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACtD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;QAC7G,OAAM;IACR,CAAC;IAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;IACjE,MAAM,WAAW,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,+CAA+C,EAAE,CAAC,CAAA;AAClF,CAAC,CAAA"}

package/dist/subscribers/comment-created.d.ts

@@ -3,6 +3,7 @@ interface CommentCreatedData {
     comment_id: string;
     issue_id: string;
     author_id: string;
+    mentioned_user_ids?: string[];
 }
 export default function handler({ event, container }: SubscriberArgs<CommentCreatedData>): Promise<void>;
 export declare const config: SubscriberConfig;

package/dist/subscribers/comment-created.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"comment-created.d.ts","sourceRoot":"","sources":["../../src/subscribers/comment-created.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AAIzE,UAAU,kBAAkB;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,wBAA8B,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,cAAc,CAAC,kBAAkB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAkD7G;AAED,eAAO,MAAM,MAAM,EAAE,gBAA+C,CAAA"}
+{"version":3,"file":"comment-created.d.ts","sourceRoot":"","sources":["../../src/subscribers/comment-created.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AAIzE,UAAU,kBAAkB;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC9B;AAED,wBAA8B,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,cAAc,CAAC,kBAAkB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAoG7G;AAED,eAAO,MAAM,MAAM,EAAE,gBAA+C,CAAA"}

package/dist/subscribers/comment-created.js

@@ -21,6 +21,16 @@ export default async function handler({ event, container }) {
         user_id: userId, entity_type: "issue", entity_id: data.issue_id,
         action: "commented", message: "Someone commented on an issue you're involved with",
         workspace_id: issue.workspace_id,
+        metadata: { project_id: issue.project_id },
+    })));
+    // Notify mentioned users (skip those already notified above)
+    const mentionedIds = data.mentioned_user_ids ?? [];
+    const newMentions = mentionedIds.filter(id => id !== data.author_id && !recipients.has(id));
+    await Promise.all(newMentions.map(userId => notifService.createNotification({
+        user_id: userId, entity_type: "issue", entity_id: data.issue_id,
+        action: "mentioned", message: `You were mentioned in a comment on [${issue.identifier}]: ${issue.title}`,
+        workspace_id: issue.workspace_id,
+        metadata: { project_id: issue.project_id },
     })));
     sseManager.broadcast(issue.workspace_id, "comment.created", {
         comment_id: data.comment_id,
@@ -30,6 +40,20 @@ export default async function handler({ event, container }) {
     try {
         const emailService = container.resolve("emailService");
         const userService = container.resolve("userModuleService");
+        const config = container.resolve("config");
+        const appUrl = config?.appUrl ?? process.env.APP_URL ?? "http://localhost:9001";
+        const commentLink = `${appUrl}/issues/${data.issue_id}#comment-${data.comment_id}`;
+        // Fetch comment body for inclusion in emails
+        let commentBody = "";
+        let commentBodyText = "";
+        try {
+            const comment = await issueService.retrieveComment(data.comment_id);
+            commentBody = comment?.body ?? "";
+            // Strip HTML tags for plain-text version
+            commentBodyText = commentBody.replace(/<[^>]+>/g, "").trim();
+        }
+        catch { /* comment fetch optional — emails still send */ }
+        // Email existing recipients (assignees / reporter)
         await Promise.allSettled([...recipients].map(async (userId) => {
             const user = await userService.retrieveUser(userId);
             if (!user?.email)
@@ -38,8 +62,25 @@ export default async function handler({ event, container }) {
             await emailService.send({
                 to: user.email,
                 subject: tpl?.subject ?? `New comment on [${issue.identifier}]: ${issue.title}`,
-                text: tpl?.text ?? `A comment was added on issue ${issue.identifier}: "${issue.title}" that you're involved with.`,
-                html: tpl?.html ?? emailHtml(`A comment was added on issue <strong>${issue.identifier}</strong>: "${issue.title}" that you're involved with.`),
+                text: tpl?.text ?? `A comment was added on issue ${issue.identifier}: "${issue.title}" that you're involved with.\n\n${commentBodyText}`,
+                html: tpl?.html ?? emailHtml(`A comment was added on issue <strong>${issue.identifier}</strong>: "${issue.title}" that you're involved with.` +
+                    (commentBody ? `<br><br><div style="border-left:3px solid #e2e8f0;padding:8px 12px;color:#374151;font-size:14px;">${commentBody}</div>` : "")),
+            });
+        }));
+        // Email mentioned users
+        await Promise.allSettled(newMentions.map(async (userId) => {
+            const user = await userService.retrieveUser(userId);
+            if (!user?.email)
+                return;
+            await emailService.send({
+                to: user.email,
+                subject: `You were mentioned in [${issue.identifier}]: ${issue.title}`,
+                text: `You were mentioned in a comment on issue ${issue.identifier}: "${issue.title}".\n\n${commentBodyText}\n\nView it here: ${commentLink}`,
+                html: emailHtml(`You were mentioned in a comment on <strong>${issue.identifier}</strong>: "${issue.title}".<br><br>` +
+                    (commentBody
+                        ? `<div style="border-left:3px solid #4f46e5;padding:8px 12px;color:#374151;font-size:14px;margin-bottom:16px;">${commentBody}</div>`
+                        : "") +
+                    `<a href="${commentLink}" style="color:#4f46e5">View comment →</a>`),
             });
         }));
     }

package/dist/subscribers/comment-created.js.map

@@ -1 +1 @@
-{"version":3,"file":"comment-created.js","sourceRoot":"","sources":["../../src/subscribers/comment-created.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAClD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAQ/D,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAsC;IAC5F,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;IACvB,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,2BAA2B,CAAQ,CAAA;IAE1E,IAAI,KAAU,CAAA;IACd,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAM;IACR,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAA;IACpC,IAAI,KAAK,CAAC,YAAY;QAAE,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IACtF,IAAI,KAAK,CAAC,WAAW;QAAE,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;IACxD,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAEjC,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAC7C,YAAY,CAAC,kBAAkB,CAAC;QAC9B,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,QAAQ;QAC/D,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,oDAAoD;QAClF,YAAY,EAAE,KAAK,CAAC,YAAY;KACjC,CAAC,CACH,CAAC,CAAA;IAEF,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,iBAAiB,EAAE;QAC1D,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAA;IAEF,8EAA8E;IAC9E,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,CAAQ,CAAA;QAC7D,MAAM,WAAW,GAAI,SAAS,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;QAElE,MAAM,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAC5D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YACnD,IAAI,CAAC,IAAI,EAAE,KAAK;gBAAE,OAAM;YACxB,MAAM,GAAG,GAAG,eAAe,CAAC,SAAS,EAAE,iBAAiB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;YAC1E,MAAM,YAAY,CAAC,IAAI,CAAC;gBACtB,EAAE,EAAE,IAAI,CAAC,KAAK;gBACd,OAAO,EAAE,GAAG,EAAE,OAAO,IAAI,mBAAmB,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,EAAE;gBAC/E,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,gCAAgC,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,8BAA8B;gBAClH,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,SAAS,CAAC,wCAAwC,KAAK,CAAC,UAAU,eAAe,KAAK,CAAC,KAAK,8BAA8B,CAAC;aAC/I,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,CAAA;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAQ,CAAA;QACjD,MAAM,CAAC,KAAK,CAAC,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAC9F,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,MAAM,GAAqB,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAA"}
+{"version":3,"file":"comment-created.js","sourceRoot":"","sources":["../../src/subscribers/comment-created.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAClD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAS/D,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAsC;IAC5F,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;IACvB,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,oBAAoB,CAAQ,CAAA;IACnE,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,2BAA2B,CAAQ,CAAA;IAE1E,IAAI,KAAU,CAAA;IACd,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAM;IACR,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAA;IACpC,IAAI,KAAK,CAAC,YAAY;QAAE,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IACtF,IAAI,KAAK,CAAC,WAAW;QAAE,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;IACxD,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAEjC,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAC7C,YAAY,CAAC,kBAAkB,CAAC;QAC9B,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,QAAQ;QAC/D,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,oDAAoD;QAClF,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,QAAQ,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE;KAC3C,CAAC,CACH,CAAC,CAAA;IAEF,6DAA6D;IAC7D,MAAM,YAAY,GAAG,IAAI,CAAC,kBAAkB,IAAI,EAAE,CAAA;IAClD,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IAE3F,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CACzC,YAAY,CAAC,kBAAkB,CAAC;QAC9B,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,QAAQ;QAC/D,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,uCAAuC,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,EAAE;QACxG,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,QAAQ,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE;KAC3C,CAAC,CACH,CAAC,CAAA;IAEF,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,iBAAiB,EAAE;QAC1D,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAA;IAEF,8EAA8E;IAC9E,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,CAAQ,CAAA;QAC7D,MAAM,WAAW,GAAI,SAAS,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;QAClE,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAQ,CAAA;QACjD,MAAM,MAAM,GAAW,MAAM,EAAE,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAuB,CAAA;QAEvF,MAAM,WAAW,GAAG,GAAG,MAAM,WAAW,IAAI,CAAC,QAAQ,YAAY,IAAI,CAAC,UAAU,EAAE,CAAA;QAElF,6CAA6C;QAC7C,IAAI,WAAW,GAAG,EAAE,CAAA;QACpB,IAAI,eAAe,GAAG,EAAE,CAAA;QACxB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YACnE,WAAW,GAAG,OAAO,EAAE,IAAI,IAAI,EAAE,CAAA;YACjC,yCAAyC;YACzC,eAAe,GAAG,WAAW,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAA;QAC9D,CAAC;QAAC,MAAM,CAAC,CAAC,gDAAgD,CAAC,CAAC;QAE5D,mDAAmD;QACnD,MAAM,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAC5D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YACnD,IAAI,CAAC,IAAI,EAAE,KAAK;gBAAE,OAAM;YACxB,MAAM,GAAG,GAAG,eAAe,CAAC,SAAS,EAAE,iBAAiB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;YAC1E,MAAM,YAAY,CAAC,IAAI,CAAC;gBACtB,EAAE,EAAE,IAAI,CAAC,KAAK;gBACd,OAAO,EAAE,GAAG,EAAE,OAAO,IAAI,mBAAmB,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,EAAE;gBAC/E,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,gCAAgC,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,mCAAmC,eAAe,EAAE;gBACxI,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,SAAS,CAC1B,wCAAwC,KAAK,CAAC,UAAU,eAAe,KAAK,CAAC,KAAK,8BAA8B;oBAChH,CAAC,WAAW,CAAC,CAAC,CAAC,qGAAqG,WAAW,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAC9I;aACF,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,CAAA;QAEH,wBAAwB;QACxB,MAAM,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YACxD,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YACnD,IAAI,CAAC,IAAI,EAAE,KAAK;gBAAE,OAAM;YACxB,MAAM,YAAY,CAAC,IAAI,CAAC;gBACtB,EAAE,EAAE,IAAI,CAAC,KAAK;gBACd,OAAO,EAAE,0BAA0B,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,EAAE;gBACtE,IAAI,EAAE,4CAA4C,KAAK,CAAC,UAAU,MAAM,KAAK,CAAC,KAAK,SAAS,eAAe,qBAAqB,WAAW,EAAE;gBAC7I,IAAI,EAAE,SAAS,CACb,8CAA8C,KAAK,CAAC,UAAU,eAAe,KAAK,CAAC,KAAK,YAAY;oBACpG,CAAC,WAAW;wBACV,CAAC,CAAC,gHAAgH,WAAW,QAAQ;wBACrI,CAAC,CAAC,EAAE,CAAC;oBACP,YAAY,WAAW,4CAA4C,CACpE;aACF,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,CAAA;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAQ,CAAA;QACjD,MAAM,CAAC,KAAK,CAAC,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAC9F,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,MAAM,GAAqB,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAA"}

package/dist/subscribers/password-otp-requested.d.ts

@@ -0,0 +1,10 @@
+import type { SubscriberArgs, SubscriberConfig } from "@meridianjs/types";
+interface PasswordOtpRequestedData {
+    user_id: string;
+    email: string;
+    otp: string;
+}
+export default function handler({ event, container }: SubscriberArgs<PasswordOtpRequestedData>): Promise<void>;
+export declare const config: SubscriberConfig;
+export {};
+//# sourceMappingURL=password-otp-requested.d.ts.map

package/dist/subscribers/password-otp-requested.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-otp-requested.d.ts","sourceRoot":"","sources":["../../src/subscribers/password-otp-requested.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AAGzE,UAAU,wBAAwB;IAChC,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;CACZ;AAED,wBAA8B,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,cAAc,CAAC,wBAAwB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAyBnH;AAED,eAAO,MAAM,MAAM,EAAE,gBAAsD,CAAA"}

package/dist/subscribers/password-otp-requested.js

@@ -0,0 +1,25 @@
+import { emailHtml, resolveTemplate } from "./_email-helper.js";
+export default async function handler({ event, container }) {
+    const data = event.data;
+    try {
+        const emailService = container.resolve("emailService");
+        const tpl = resolveTemplate(container, "password.otp_requested", {
+            user: { email: data.email },
+            otp: data.otp,
+        });
+        await emailService.send({
+            to: data.email,
+            subject: tpl?.subject ?? "Your Meridian verification code",
+            text: tpl?.text ?? `Your verification code is: ${data.otp}\n\nThis code expires in 10 minutes. If you didn't request this, you can safely ignore this email.`,
+            html: tpl?.html ?? emailHtml(`Your verification code is:<br/><br/>` +
+                `<div style="font-size:32px;font-weight:700;letter-spacing:8px;text-align:center;padding:16px 0;font-family:monospace;color:#4f46e5">${data.otp}</div><br/>` +
+                `This code expires in 10 minutes. If you didn't request this, you can safely ignore this email.`),
+        });
+    }
+    catch (err) {
+        const logger = container.resolve("logger");
+        logger.error(`[email] password.otp_requested: ${err instanceof Error ? err.message : String(err)}`);
+    }
+}
+export const config = { event: "password.otp_requested" };
+//# sourceMappingURL=password-otp-requested.js.map

package/dist/subscribers/password-otp-requested.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-otp-requested.js","sourceRoot":"","sources":["../../src/subscribers/password-otp-requested.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAQ/D,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAA4C;IAClG,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;IAEvB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,CAAQ,CAAA;QAE7D,MAAM,GAAG,GAAG,eAAe,CAAC,SAAS,EAAE,wBAAwB,EAAE;YAC/D,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE;YAC3B,GAAG,EAAE,IAAI,CAAC,GAAG;SACd,CAAC,CAAA;QAEF,MAAM,YAAY,CAAC,IAAI,CAAC;YACtB,EAAE,EAAE,IAAI,CAAC,KAAK;YACd,OAAO,EAAE,GAAG,EAAE,OAAO,IAAI,iCAAiC;YAC1D,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,8BAA8B,IAAI,CAAC,GAAG,oGAAoG;YAC7J,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,SAAS,CAC1B,sCAAsC;gBACtC,uIAAuI,IAAI,CAAC,GAAG,aAAa;gBAC5J,gGAAgG,CACjG;SACF,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAQ,CAAA;QACjD,MAAM,CAAC,KAAK,CAAC,mCAAmC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IACrG,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,MAAM,GAAqB,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAA"}

package/dist/subscribers/password-reset-requested.d.ts

@@ -0,0 +1,10 @@
+import type { SubscriberArgs, SubscriberConfig } from "@meridianjs/types";
+interface PasswordResetRequestedData {
+    user_id: string;
+    email: string;
+    token: string;
+}
+export default function handler({ event, container }: SubscriberArgs<PasswordResetRequestedData>): Promise<void>;
+export declare const config: SubscriberConfig;
+export {};
+//# sourceMappingURL=password-reset-requested.d.ts.map

package/dist/subscribers/password-reset-requested.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-reset-requested.d.ts","sourceRoot":"","sources":["../../src/subscribers/password-reset-requested.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AAGzE,UAAU,0BAA0B;IAClC,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;CACd;AAED,wBAA8B,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,cAAc,CAAC,0BAA0B,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CA4BrH;AAED,eAAO,MAAM,MAAM,EAAE,gBAAwD,CAAA"}

package/dist/subscribers/password-reset-requested.js

@@ -0,0 +1,27 @@
+import { emailHtml, resolveTemplate } from "./_email-helper.js";
+export default async function handler({ event, container }) {
+    const data = event.data;
+    try {
+        const emailService = container.resolve("emailService");
+        const appUrl = process.env.APP_URL ?? "http://localhost:9000";
+        const resetLink = `${appUrl}/reset-password?token=${encodeURIComponent(data.token)}`;
+        const tpl = resolveTemplate(container, "password.reset_requested", {
+            user: { email: data.email },
+            reset: { link: resetLink, token: data.token },
+        });
+        await emailService.send({
+            to: data.email,
+            subject: tpl?.subject ?? "Reset your Meridian password",
+            text: tpl?.text ?? `You requested a password reset. Use this link to set a new password (valid for 30 minutes):\n\n${resetLink}\n\nIf you didn't request this, you can safely ignore this email.`,
+            html: tpl?.html ?? emailHtml(`You requested a password reset.<br/><br/>` +
+                `<a href="${resetLink}" style="display:inline-block;padding:10px 20px;background:#4f46e5;color:#fff;text-decoration:none;border-radius:6px;font-weight:600">Reset Password</a><br/><br/>` +
+                `This link is valid for 30 minutes. If you didn't request this, you can safely ignore this email.`),
+        });
+    }
+    catch (err) {
+        const logger = container.resolve("logger");
+        logger.error(`[email] password.reset_requested: ${err instanceof Error ? err.message : String(err)}`);
+    }
+}
+export const config = { event: "password.reset_requested" };
+//# sourceMappingURL=password-reset-requested.js.map

package/dist/subscribers/password-reset-requested.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password-reset-requested.js","sourceRoot":"","sources":["../../src/subscribers/password-reset-requested.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAQ/D,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,EAA8C;IACpG,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;IAEvB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,CAAQ,CAAA;QAE7D,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAuB,CAAA;QAC7D,MAAM,SAAS,GAAG,GAAG,MAAM,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAA;QAEpF,MAAM,GAAG,GAAG,eAAe,CAAC,SAAS,EAAE,0BAA0B,EAAE;YACjE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE;YAC3B,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE;SAC9C,CAAC,CAAA;QAEF,MAAM,YAAY,CAAC,IAAI,CAAC;YACtB,EAAE,EAAE,IAAI,CAAC,KAAK;YACd,OAAO,EAAE,GAAG,EAAE,OAAO,IAAI,8BAA8B;YACvD,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,kGAAkG,SAAS,mEAAmE;YACjM,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,SAAS,CAC1B,2CAA2C;gBAC3C,YAAY,SAAS,oKAAoK;gBACzL,kGAAkG,CACnG;SACF,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAQ,CAAA;QACjD,MAAM,CAAC,KAAK,CAAC,qCAAqC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IACvG,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,MAAM,GAAqB,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meridianjs/meridian",
-  "version": "0.1.34",
+  "version": "0.1.36",
   "description": "Default API routes, workflows, links, and subscribers for Meridian applications",
   "main": "./dist/index.js",
   "module": "./dist/index.js",