npm - @naylence/runtime - Versions diffs - 0.3.6 → 0.3.7 - Mend

@naylence/runtime 0.3.6 → 0.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

package/dist/node/node.mjs CHANGED Viewed

@@ -5562,12 +5562,12 @@ for (const [name, config] of Object.entries(SQLITE_PROFILES)) {
 }
 // This file is auto-generated during build - do not edit manually
-// Generated from package.json version: 0.3.6
+// Generated from package.json version: 0.3.7
 /**
  * The package version, injected at build time.
  * @internal
  */
-const VERSION = '0.3.6';
+const VERSION = '0.3.7';
 /**
  * Fame errors module - Fame protocol specific error classes
@@ -9726,9 +9726,6 @@ class DefaultDeliveryTracker extends TaskSpawner {
         this.ackDoneSince = new Map();
         this.replyDoneSince = new Map();
         this.pendingAckDispatches = new Set();
-        this.recentlyHandled = new Map();
-        this.recentlyHandledOrder = [];
-        this.recentlyHandledTtlMs = 60000;
         this.isPreparingToStop = false;
         this.shutdownRequestedAtMs = null;
         this.shutdownRetryGraceMs = 1000;
@@ -9964,22 +9961,6 @@ class DefaultDeliveryTracker extends TaskSpawner {
                 }
             }
             else {
-                const wasRecentlyHandled = await this.lock.runExclusive(async () => this.wasRecentlyHandled(envelope.id));
-                if (wasRecentlyHandled) {
-                    logger$12.debug('tracker_duplicate_envelope_recently_handled', {
-                        envp_id: envelope.id,
-                    });
-                    return new TrackedEnvelope({
-                        timeoutAtMs: 0,
-                        overallTimeoutAtMs: 0,
-                        expectedResponseType: envelope.rtype ?? FameResponseType.NONE,
-                        createdAtMs: Date.now(),
-                        status: EnvelopeStatus.HANDLED,
-                        mailboxType: MailboxType.INBOX,
-                        originalEnvelope: envelope,
-                        serviceName: inboxName,
-                    });
-                }
                 tracked = new TrackedEnvelope({
                     timeoutAtMs: 0,
                     overallTimeoutAtMs: 0,
@@ -10001,12 +9982,8 @@ class DefaultDeliveryTracker extends TaskSpawner {
     async onEnvelopeHandled(envelope) {
         const inbox = this.ensureInbox();
         envelope.status = EnvelopeStatus.HANDLED;
+        // Delete the envelope from inbox to prevent growth
         await inbox.delete(envelope.originalEnvelope.id);
-        await this.lock.runExclusive(async () => {
-            this.markRecentlyHandled(envelope.originalEnvelope.id);
-        });
-        // Preserve handled envelope to prevent duplicate redelivery during shutdown drains.
-        // await inbox.set(envelope.originalEnvelope.id, envelope);
     }
     async onEnvelopeHandleFailed(inboxName, envelope, context, error, isFinalFailure = false) {
         void context;
@@ -10225,9 +10202,9 @@ class DefaultDeliveryTracker extends TaskSpawner {
         });
         await this.markDoneSince(this.replyFutures, trackedEnvelope.originalEnvelope.id, this.replyDoneSince);
         await this.markDoneSince(this.ackFutures, trackedEnvelope.originalEnvelope.id, this.ackDoneSince);
-        if (envelope.rtype && Boolean(envelope.rtype & FameResponseType.ACK)) {
-            await this.sendAck(envelope);
-        }
+        // Note: ACK is already sent in onCorrelatedMessage (lines 655-657)
+        // when the reply envelope is first delivered. No need to send it again here.
+        // Removing this duplicate sendAck call fixes the duplicate DeliveryAck bug.
         for (const handler of this.eventHandlers) {
             await handler.onEnvelopeReplied?.(trackedEnvelope, envelope);
         }
@@ -10377,8 +10354,6 @@ class DefaultDeliveryTracker extends TaskSpawner {
             }
             this.streamDone.clear();
             this.correlationToEnvelope.clear();
-            this.recentlyHandled.clear();
-            this.recentlyHandledOrder.length = 0;
             return values;
         });
         for (const timer of timers) {
@@ -10960,39 +10935,6 @@ class DefaultDeliveryTracker extends TaskSpawner {
             this.pendingAckDispatches.delete(ackDispatch);
         }
     }
-    markRecentlyHandled(envelopeId) {
-        const now = Date.now();
-        this.recentlyHandled.set(envelopeId, now);
-        this.recentlyHandledOrder.push(envelopeId);
-        this.trimRecentlyHandled(now);
-    }
-    wasRecentlyHandled(envelopeId) {
-        const now = Date.now();
-        const timestamp = this.recentlyHandled.get(envelopeId);
-        if (timestamp === undefined) {
-            return false;
-        }
-        if (now - timestamp > this.recentlyHandledTtlMs) {
-            this.recentlyHandled.delete(envelopeId);
-            return false;
-        }
-        return true;
-    }
-    trimRecentlyHandled(now) {
-        while (this.recentlyHandledOrder.length > 0) {
-            const candidate = this.recentlyHandledOrder[0];
-            const timestamp = this.recentlyHandled.get(candidate);
-            if (timestamp === undefined) {
-                this.recentlyHandledOrder.shift();
-                continue;
-            }
-            if (now - timestamp <= this.recentlyHandledTtlMs) {
-                break;
-            }
-            this.recentlyHandled.delete(candidate);
-            this.recentlyHandledOrder.shift();
-        }
-    }
     getShutdownRetryDeferDelay(nowMs) {
         if (!this.isPreparingToStop || this.shutdownRequestedAtMs === null) {
             return null;
@@ -11569,7 +11511,8 @@ const ensureBroadcastEnvironment = () => {
 };
 let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAsyncConnector {
     static generateConnectorId() {
-        const globalCrypto = globalThis.crypto;
+        const globalCrypto = globalThis
+            .crypto;
         if (globalCrypto?.randomUUID) {
             return globalCrypto.randomUUID();
         }
@@ -11624,7 +11567,8 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
         this.listenerRegistered = false;
         this.visibilityChangeListenerRegistered = false;
         this.channelName =
-            typeof config.channelName === 'string' && config.channelName.trim().length > 0
+            typeof config.channelName === 'string' &&
+                config.channelName.trim().length > 0
                 ? config.channelName.trim()
                 : DEFAULT_CHANNEL$7;
         const preferredCapacity = typeof config.inboxCapacity === 'number' &&
@@ -11648,6 +11592,7 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
             local_node_id: this.localNodeId,
             target_node_id: this.targetNodeId ?? null,
             inbox_capacity: preferredCapacity,
+            passive: config.passive ?? false,
             timestamp: new Date().toISOString(),
         });
         this.onMsg = (event) => {
@@ -11665,7 +11610,8 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
                 channel: this.channelName,
                 connector_id: this.connectorId,
                 message_type: message && typeof message === 'object'
-                    ? message.constructor?.name ?? typeof message
+                    ? (message.constructor
+                        ?.name ?? typeof message)
                     : typeof message,
                 has_sender_id: Boolean(message?.senderId),
                 has_sender_node_id: Boolean(message?.senderNodeId),
@@ -11895,7 +11841,9 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
                 timestamp: new Date().toISOString(),
             });
         }
-        if (this.visibilityChangeListenerRegistered && this.visibilityChangeHandler && typeof document !== 'undefined') {
+        if (this.visibilityChangeListenerRegistered &&
+            this.visibilityChangeHandler &&
+            typeof document !== 'undefined') {
             document.removeEventListener('visibilitychange', this.visibilityChangeHandler);
             this.visibilityChangeListenerRegistered = false;
             this.visibilityChangeHandler = undefined;
@@ -11923,7 +11871,7 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
         return rawOrEnvelope;
     }
     _isWildcardTarget() {
-        return this.targetNodeId === '*' || typeof this.targetNodeId === 'undefined';
+        return (this.targetNodeId === '*' || typeof this.targetNodeId === 'undefined');
     }
     _shouldAcceptMessageFromBus(senderNodeId, targetNodeId) {
         if (this._isWildcardTarget()) {
@@ -11943,7 +11891,9 @@ let BroadcastChannelConnector$2 = class BroadcastChannelConnector extends BaseAs
             return true;
         }
         const expectedSender = this.targetNodeId;
-        if (expectedSender && expectedSender !== '*' && senderNodeId !== expectedSender) {
+        if (expectedSender &&
+            expectedSender !== '*' &&
+            senderNodeId !== expectedSender) {
             logger$10.debug('broadcast_channel_message_rejected', {
                 channel: this.channelName,
                 connector_id: this.connectorId,
@@ -12117,14 +12067,16 @@ function normalizeBroadcastChannelConnectionGrant(candidate) {
         type,
         purpose,
     };
-    const channelValue = candidate.channelName ?? candidate['channel_name'];
+    const channelValue = candidate.channelName ??
+        candidate['channel_name'];
     if (channelValue !== undefined) {
         if (typeof channelValue !== 'string' || channelValue.trim().length === 0) {
             throw new TypeError('BroadcastChannelConnectionGrant "channelName" must be a non-empty string when provided');
         }
         result.channelName = channelValue.trim();
     }
-    const inboxValue = candidate.inboxCapacity ?? candidate['inbox_capacity'];
+    const inboxValue = candidate.inboxCapacity ??
+        candidate['inbox_capacity'];
     if (inboxValue !== undefined) {
         if (typeof inboxValue !== 'number' ||
             !Number.isFinite(inboxValue) ||
@@ -12133,7 +12085,8 @@ function normalizeBroadcastChannelConnectionGrant(candidate) {
         }
         result.inboxCapacity = Math.floor(inboxValue);
     }
-    const windowValue = candidate.initialWindow ?? candidate['initial_window'];
+    const windowValue = candidate.initialWindow ??
+        candidate['initial_window'];
     if (windowValue !== undefined) {
         if (typeof windowValue !== 'number' ||
             !Number.isFinite(windowValue) ||
@@ -12470,25 +12423,56 @@ class UpstreamSessionManager extends TaskSpawner {
         await connector.start(this.wrappedHandler);
         this.connector = connector;
         const callbackGrants = this.node.gatherSupportedCallbackGrants();
+        logger$$.debug('callback_grants_before_augmentation', {
+            count: callbackGrants.length,
+            types: callbackGrants.map((g) => g.type),
+        });
+        // Check if we should create a broadcast callback grant before processing connection grants
+        // This prevents adding duplicate broadcast grants
+        const shouldAddBroadcastGrant = this.shouldAdvertiseBroadcastGrant(grant, callbackGrants);
+        const broadcastCallbackGrant = shouldAddBroadcastGrant
+            ? this.createBroadcastCallbackGrant(grant)
+            : null;
+        logger$$.debug('broadcast_callback_grant_check', {
+            should_add: shouldAddBroadcastGrant,
+            grant_created: !!broadcastCallbackGrant,
+        });
         // Include admission client's connection grants as callback grants
         // This ensures DirectAdmissionClient grants are available for grant selection
-        if (welcome.frame.connectionGrants && Array.isArray(welcome.frame.connectionGrants)) {
+        if (welcome.frame.connectionGrants &&
+            Array.isArray(welcome.frame.connectionGrants)) {
             for (const grant of welcome.frame.connectionGrants) {
                 if (grant && typeof grant === 'object') {
                     // Avoid duplicates by checking if grant already exists
-                    const isDuplicate = callbackGrants.some(existing => JSON.stringify(existing) === JSON.stringify(grant));
+                    const isDuplicate = callbackGrants.some((existing) => JSON.stringify(existing) === JSON.stringify(grant));
                     if (!isDuplicate) {
                         callbackGrants.push(grant);
+                        logger$$.debug('added_connection_grant_as_callback', {
+                            type: grant.type,
+                        });
+                    }
+                    else {
+                        logger$$.debug('skipped_duplicate_connection_grant', {
+                            type: grant.type,
+                        });
                     }
                 }
             }
         }
-        if (this.shouldAdvertiseBroadcastGrant(grant, callbackGrants)) {
-            const augmented = this.createBroadcastCallbackGrant(grant);
-            if (augmented) {
-                callbackGrants.push(augmented);
-            }
+        // Add broadcast grant after connection grants to ensure we don't duplicate
+        // any broadcast grants that may have been in connectionGrants
+        if (broadcastCallbackGrant &&
+            this.shouldAdvertiseBroadcastGrant(grant, callbackGrants)) {
+            callbackGrants.push(broadcastCallbackGrant);
+            logger$$.debug('added_broadcast_callback_grant');
         }
+        else if (broadcastCallbackGrant) {
+            logger$$.debug('skipped_duplicate_broadcast_callback_grant');
+        }
+        logger$$.debug('callback_grants_after_augmentation', {
+            count: callbackGrants.length,
+            types: callbackGrants.map((g) => g.type),
+        });
         const attachInfo = await this.attachClient.attach(this.node, this.outboundOriginType, connector, welcome.frame, this.wrappedHandler, this.getKeys() ?? undefined, callbackGrants);
         this.targetSystemId = attachInfo.targetSystemId ?? null;
         if (this.targetSystemId) {
@@ -12729,7 +12713,8 @@ class UpstreamSessionManager extends TaskSpawner {
                 continue;
             }
             // Reset ack time if just resumed from pause (prevents immediate timeout)
-            if (previousState === ConnectorState.PAUSED && currentState === ConnectorState.STARTED) {
+            if (previousState === ConnectorState.PAUSED &&
+                currentState === ConnectorState.STARTED) {
                 logger$$.debug('connector_just_resumed_resetting_ack_time', {
                     previous_state: previousState,
                     current_state: currentState,
@@ -14286,15 +14271,30 @@ class DefaultNodeAttachClient {
     constructor(options = {}) {
         this.buffer = [];
         this.inHandshake = false;
+        this.expectedSystemId = null;
         this.timeoutMs = options.timeoutMs ?? 10000;
         this.attachmentKeyValidator = options.attachmentKeyValidator;
         this.replicaStickinessManager = options.replicaStickinessManager ?? null;
     }
     async attach(node, originType, connector, welcomeFrame, finalHandler, keys, callbackGrants) {
         this.inHandshake = true;
+        this.expectedSystemId = welcomeFrame.systemId;
         const interimHandler = async (envelope, context) => {
             if (this.inHandshake) {
-                this.buffer.push(envelope);
+                // Filter: only buffer frames related to our systemId or frames without systemId info
+                const frameSystemId = envelope.frame
+                    ?.systemId;
+                if (!frameSystemId || frameSystemId === this.expectedSystemId) {
+                    this.buffer.push(envelope);
+                }
+                else {
+                    // Silently ignore frames from other agents during concurrent handshakes
+                    logger$Y.debug('handshake_ignoring_frame_from_different_system', {
+                        frame_type: envelope.frame.type,
+                        frame_system_id: frameSystemId,
+                        expected_system_id: this.expectedSystemId,
+                    });
+                }
                 return null;
             }
             return finalHandler(envelope, context);
@@ -14421,6 +14421,7 @@ class DefaultNodeAttachClient {
             parent_id: ackFrame.targetSystemId,
         });
         this.inHandshake = false;
+        this.expectedSystemId = null;
         await connector.replaceHandler(finalHandler);
         while (this.buffer.length > 0) {
             const bufferedEnvelope = this.buffer.shift();
@@ -14478,7 +14479,8 @@ class DefaultNodeAttachClient {
         const deadline = Date.now() + this.timeoutMs;
         while (Date.now() < deadline) {
             // Allow both STARTED and PAUSED states (PAUSED = tab hidden but connection alive)
-            if (connector.state !== ConnectorState.STARTED && connector.state !== ConnectorState.PAUSED) {
+            if (connector.state !== ConnectorState.STARTED &&
+                connector.state !== ConnectorState.PAUSED) {
                 let errorMessage = 'Connector closed while waiting for NodeAttachAck';
                 if (connector.closeCode !== undefined) {
                     errorMessage += ` (code=${connector.closeCode}`;
@@ -14497,9 +14499,21 @@ class DefaultNodeAttachClient {
                 if (envelope.frame.type === 'NodeAttachAck') {
                     return envelope;
                 }
-                logger$Y.error('unexpected_frame_during_handshake', {
-                    frame_type: envelope.frame.type,
-                });
+                // NodeAttach frames during handshake are expected in multi-agent scenarios
+                // where multiple agents attach concurrently to the same channel
+                if (envelope.frame.type === 'NodeAttach') {
+                    logger$Y.debug('handshake_ignoring_concurrent_attach', {
+                        frame_type: envelope.frame.type,
+                        frame_system_id: envelope.frame?.systemId ??
+                            'unknown',
+                    });
+                }
+                else {
+                    // Other unexpected frames are still logged as errors
+                    logger$Y.error('unexpected_frame_during_handshake', {
+                        frame_type: envelope.frame.type,
+                    });
+                }
             }
             await delay(HANDSHAKE_POLL_INTERVAL_MS);
         }
@@ -15218,7 +15232,8 @@ function createFsShim() {
                 else if (options &&
                     typeof options === 'object' &&
                     'encoding' in options &&
-                    typeof options.encoding === 'string') {
+                    typeof options.encoding ===
+                        'string') {
                     encoding = options.encoding;
                 }
                 const data = fsBinding.readFileUtf8(pathOrDescriptor, 0);
@@ -21637,7 +21652,8 @@ class InPageConnector extends BaseAsyncConnector {
         this.listenerRegistered = false;
         this.visibilityChangeListenerRegistered = false;
         this.channelName =
-            typeof config.channelName === 'string' && config.channelName.trim().length > 0
+            typeof config.channelName === 'string' &&
+                config.channelName.trim().length > 0
                 ? config.channelName.trim()
                 : DEFAULT_CHANNEL$6;
         const preferredCapacity = typeof config.inboxCapacity === 'number' &&
@@ -21676,7 +21692,8 @@ class InPageConnector extends BaseAsyncConnector {
                 channel: this.channelName,
                 connector_id: this.connectorId,
                 message_type: message && typeof message === 'object'
-                    ? message.constructor?.name ?? typeof message
+                    ? (message.constructor
+                        ?.name ?? typeof message)
                     : typeof message,
                 has_sender_id: Boolean(message?.senderId),
                 has_sender_node_id: Boolean(message?.senderNodeId),
@@ -21685,7 +21702,8 @@ class InPageConnector extends BaseAsyncConnector {
                 return;
             }
             const busMessage = message;
-            const senderId = typeof busMessage.senderId === 'string' && busMessage.senderId.length > 0
+            const senderId = typeof busMessage.senderId === 'string' &&
+                busMessage.senderId.length > 0
                 ? busMessage.senderId
                 : null;
             const senderNodeId = InPageConnector.normalizeNodeId(busMessage.senderNodeId);
@@ -21936,7 +21954,9 @@ class InPageConnector extends BaseAsyncConnector {
                 timestamp: new Date().toISOString(),
             });
         }
-        if (this.visibilityChangeListenerRegistered && this.visibilityChangeHandler && typeof document !== 'undefined') {
+        if (this.visibilityChangeListenerRegistered &&
+            this.visibilityChangeHandler &&
+            typeof document !== 'undefined') {
             document.removeEventListener('visibilitychange', this.visibilityChangeHandler);
             this.visibilityChangeListenerRegistered = false;
             this.visibilityChangeHandler = undefined;
@@ -21953,7 +21973,7 @@ class InPageConnector extends BaseAsyncConnector {
         return rawOrEnvelope;
     }
     _isWildcardTarget() {
-        return this.targetNodeId === '*' || typeof this.targetNodeId === 'undefined';
+        return (this.targetNodeId === '*' || typeof this.targetNodeId === 'undefined');
     }
     _shouldAcceptMessageFromBus(senderNodeId, targetNodeId) {
         if (this._isWildcardTarget()) {
@@ -21973,7 +21993,9 @@ class InPageConnector extends BaseAsyncConnector {
             return true;
         }
         const expectedSender = this.targetNodeId;
-        if (expectedSender && expectedSender !== '*' && senderNodeId !== expectedSender) {
+        if (expectedSender &&
+            expectedSender !== '*' &&
+            senderNodeId !== expectedSender) {
             logger$J.debug('inpage_message_rejected', {
                 channel: this.channelName,
                 connector_id: this.connectorId,
@@ -22375,8 +22397,8 @@ class CertificateManagerFactory extends AbstractResourceFactory {
     }
 }
-const DEFAULT_UNCONFIGURED_MESSAGE = "Trust store is not configured. Set FAME_CA_CERTS to a PEM value, a file path, a data URI, or an HTTPS bundle URL.";
-const TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE = "TrustStoreProviderFactory";
+const DEFAULT_UNCONFIGURED_MESSAGE = 'Trust store is not configured. Set FAME_CA_CERTS to a PEM value, a file path, a data URI, or an HTTPS bundle URL.';
+const TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE = 'TrustStoreProviderFactory';
 class TrustStoreProviderFactory extends AbstractResourceFactory {
     createUnconfiguredProvider(reason) {
         return new NoopTrustStoreProvider(reason ?? DEFAULT_UNCONFIGURED_MESSAGE);
@@ -26105,7 +26127,8 @@ class DefaultSecurityManager {
             const hasSignature = Boolean(envelope.sec?.sig);
             if (!hasSignature) {
                 const nodeSid = node.sid;
-                const envelopeSid = envelope.sid;
+                const envelopeSid = envelope
+                    .sid;
                 const isLocalUnsignedSelfEnvelope = localContext.originType === DeliveryOriginType.LOCAL &&
                     typeof nodeSid === 'string' &&
                     nodeSid.length > 0 &&
@@ -29349,14 +29372,16 @@ function normalizeInPageConnectionGrant(candidate) {
         type,
         purpose,
     };
-    const channelValue = candidate.channelName ?? candidate['channel_name'];
+    const channelValue = candidate.channelName ??
+        candidate['channel_name'];
     if (channelValue !== undefined) {
         if (typeof channelValue !== 'string' || channelValue.trim().length === 0) {
             throw new TypeError('InPageConnectionGrant "channelName" must be a non-empty string when provided');
         }
         result.channelName = channelValue.trim();
     }
-    const inboxValue = candidate.inboxCapacity ?? candidate['inbox_capacity'];
+    const inboxValue = candidate.inboxCapacity ??
+        candidate['inbox_capacity'];
     if (inboxValue !== undefined) {
         if (typeof inboxValue !== 'number' ||
             !Number.isFinite(inboxValue) ||
@@ -30162,7 +30187,9 @@ function normalizeConfig$p(config) {
         : DEFAULT_CHANNEL$5;
     const rawInbox = record.inboxCapacity ?? record['inbox_capacity'];
     let inboxCapacity = DEFAULT_INBOX_CAPACITY$5;
-    if (typeof rawInbox === 'number' && Number.isFinite(rawInbox) && rawInbox > 0) {
+    if (typeof rawInbox === 'number' &&
+        Number.isFinite(rawInbox) &&
+        rawInbox > 0) {
         inboxCapacity = Math.floor(rawInbox);
     }
     else if (typeof rawInbox === 'string') {
@@ -30190,9 +30217,7 @@ class InPageListenerFactory extends TransportListenerFactory {
     }
     async create(config, ...factoryArgs) {
         const normalized = normalizeConfig$p(config);
-        const [{ InPageListener }] = await Promise.all([
-            getInPageListenerModule(),
-        ]);
+        const [{ InPageListener }] = await Promise.all([getInPageListenerModule()]);
         void factoryArgs;
         return new InPageListener({
             channelName: normalized.channelName,
@@ -30225,7 +30250,9 @@ function normalizeConfig$o(config) {
         : DEFAULT_CHANNEL$4;
     const rawInbox = record.inboxCapacity ?? record['inbox_capacity'];
     let inboxCapacity = DEFAULT_INBOX_CAPACITY$4;
-    if (typeof rawInbox === 'number' && Number.isFinite(rawInbox) && rawInbox > 0) {
+    if (typeof rawInbox === 'number' &&
+        Number.isFinite(rawInbox) &&
+        rawInbox > 0) {
         inboxCapacity = Math.floor(rawInbox);
     }
     else if (typeof rawInbox === 'string') {
@@ -30630,7 +30657,8 @@ class InPageConnectorFactory extends ConnectorFactory {
         const normalized = this._normalizeConfig(config);
         const options = (factoryArgs[0] ?? {});
         const normalizedLocalNodeFromConfig = this._normalizeNodeId(normalized.localNodeId);
-        const localNodeId = this._normalizeNodeId(options.localNodeId) ?? normalizedLocalNodeFromConfig;
+        const localNodeId = this._normalizeNodeId(options.localNodeId) ??
+            normalizedLocalNodeFromConfig;
         if (!localNodeId) {
             throw new Error('InPageConnectorFactory requires a localNodeId from config or create() options');
         }
@@ -30806,10 +30834,12 @@ class BroadcastChannelConnectorFactory extends ConnectorFactory {
             type: BROADCAST_CHANNEL_CONNECTOR_TYPE$1,
         };
         const channelCandidate = record.channelName ?? record['channel_name'];
-        if (typeof channelCandidate === 'string' && channelCandidate.trim().length > 0) {
+        if (typeof channelCandidate === 'string' &&
+            channelCandidate.trim().length > 0) {
             config.channelName = channelCandidate.trim();
         }
-        const inboxCandidate = record.inboxCapacity ?? record['inbox_capacity'];
+        const inboxCandidate = record.inboxCapacity ??
+            record['inbox_capacity'];
         if (typeof inboxCandidate === 'number' &&
             Number.isFinite(inboxCandidate) &&
             inboxCandidate > 0) {
@@ -30833,9 +30863,11 @@ class BroadcastChannelConnectorFactory extends ConnectorFactory {
             throw new Error('BroadcastChannelConnectorFactory requires a configuration');
         }
         const normalized = this._normalizeConfig(config);
-        const options = (factoryArgs[0] ?? {});
+        const options = (factoryArgs[0] ??
+            {});
         const normalizedLocalNodeFromConfig = this._normalizeNodeId(normalized.localNodeId);
-        const localNodeId = this._normalizeNodeId(options.localNodeId) ?? normalizedLocalNodeFromConfig;
+        const localNodeId = this._normalizeNodeId(options.localNodeId) ??
+            normalizedLocalNodeFromConfig;
         if (!localNodeId) {
             throw new Error('BroadcastChannelConnectorFactory requires a localNodeId from config or create() options');
         }
@@ -30860,6 +30892,7 @@ class BroadcastChannelConnectorFactory extends ConnectorFactory {
             inboxCapacity,
             localNodeId,
             initialTargetNodeId: resolvedTarget,
+            passive: normalized.passive,
         };
         const connector = new BroadcastChannelConnector(connectorConfig, baseConfig);
         if (options.authorization) {
@@ -30898,6 +30931,9 @@ class BroadcastChannelConnectorFactory extends ConnectorFactory {
         if (normalizedLocalNodeId) {
             normalized.localNodeId = normalizedLocalNodeId;
         }
+        if (typeof candidate.passive === 'boolean') {
+            normalized.passive = candidate.passive;
+        }
         if (typeof candidate.flowControl === 'boolean') {
             normalized.flowControl = candidate.flowControl;
         }
@@ -32439,7 +32475,9 @@ class InPageListener extends TransportListener {
             typeof channelCandidate === 'string' && channelCandidate.trim().length > 0
                 ? channelCandidate.trim()
                 : DEFAULT_CHANNEL$1;
-        const normalizedCapacity = typeof inboxCandidate === 'number' && Number.isFinite(inboxCandidate) && inboxCandidate > 0
+        const normalizedCapacity = typeof inboxCandidate === 'number' &&
+            Number.isFinite(inboxCandidate) &&
+            inboxCandidate > 0
             ? Math.floor(inboxCandidate)
             : DEFAULT_INBOX_CAPACITY$1;
         this._inboxCapacity = normalizedCapacity;
@@ -32714,7 +32752,8 @@ class InPageListener extends TransportListener {
         if (grant.type === INPAGE_CONNECTION_GRANT_TYPE) {
             return inPageGrantToConnectorConfig(grant);
         }
-        if (typeof grant?.toConnectorConfig === 'function') {
+        if (typeof grant
+            ?.toConnectorConfig === 'function') {
             return grant.toConnectorConfig();
         }
         throw new Error(`Unsupported grant type: ${grant.type}`);
@@ -32854,9 +32893,7 @@ var inpageListener = /*#__PURE__*/Object.freeze({
 const logger$n = getLogger('naylence.fame.connector.broadcast_channel_listener');
 const DEFAULT_CHANNEL = 'naylence-fabric';
 const DEFAULT_INBOX_CAPACITY = 2048;
-const RESPONSE_TYPE_MASK = FameResponseType.ACK |
-    FameResponseType.REPLY |
-    FameResponseType.STREAM;
+const RESPONSE_TYPE_MASK = FameResponseType.ACK | FameResponseType.REPLY | FameResponseType.STREAM;
 const isBrowserEnvironment$1 = () => typeof window !== 'undefined' &&
     typeof BroadcastChannel !== 'undefined' &&
     typeof MessageEvent !== 'undefined';
@@ -33070,9 +33107,7 @@ class BroadcastChannelListener extends TransportListener {
                     return null;
                 }
             })();
-            if (error instanceof ZodError &&
-                decoded &&
-                decoded.length > 0) {
+            if (error instanceof ZodError && decoded && decoded.length > 0) {
                 try {
                     const reparsed = JSON.parse(decoded);
                     const candidate = reparsed.rtype;
@@ -33295,11 +33330,19 @@ class BroadcastChannelListener extends TransportListener {
             ? Math.floor(initialWindowCandidate)
             : undefined;
         const initialTargetNodeId = this._normalizeNodeId(targetCandidate) ?? targetSystemId;
+        const passive = typeof passiveCandidate === 'boolean' ? passiveCandidate : true;
+        logger$n.debug('broadcast_channel_listener_building_connector_config', {
+            system_id: systemId,
+            channel_name: channelName,
+            passive,
+            has_base_config: !!baseConfig,
+            passive_candidate: passiveCandidate,
+        });
         return {
             type: BROADCAST_CHANNEL_CONNECTOR_TYPE$1,
             channelName,
             inboxCapacity,
-            passive: typeof passiveCandidate === 'boolean' ? passiveCandidate : true,
+            passive,
             initialWindow,
             localNodeId,
             initialTargetNodeId,
@@ -34169,7 +34212,9 @@ function parseCookies(cookieHeader) {
     if (!cookieHeader) {
         return {};
     }
-    return cookieHeader.split(';').reduce((acc, entry) => {
+    return cookieHeader
+        .split(';')
+        .reduce((acc, entry) => {
         const [rawName, ...rawValueParts] = entry.split('=');
         const name = rawName?.trim();
         if (!name) {
@@ -34317,10 +34362,7 @@ function setNoCacheHeaders(res) {
     res.set('Pragma', 'no-cache');
 }
 function respondInvalidClient(res) {
-    res
-        .status(401)
-        .set('WWW-Authenticate', 'Basic')
-        .json({
+    res.status(401).set('WWW-Authenticate', 'Basic').json({
         error: 'invalid_client',
         error_description: 'Invalid client credentials',
     });
@@ -34357,10 +34399,10 @@ function createOAuth2TokenRouter(options) {
         DEFAULT_JWT_ALGORITHM$1;
     const allowedScopes = getAllowedScopes$1(configAllowedScopes);
     const resolvedTokenTtlSec = tokenTtlSec ?? 3600;
-    const enablePkce = coerceBoolean(process.env[ENV_VAR_ENABLE_PKCE]) ??
-        (configEnablePkce ?? true);
+    const enablePkce = coerceBoolean(process.env[ENV_VAR_ENABLE_PKCE]) ?? configEnablePkce ?? true;
     const allowPublicClients = coerceBoolean(process.env[ENV_VAR_ALLOW_PUBLIC_CLIENTS]) ??
-        (configAllowPublicClients ?? true);
+        configAllowPublicClients ??
+        true;
     const authorizationCodeTtlSec = ensurePositiveInteger(coerceNumber$1(process.env[ENV_VAR_AUTHORIZATION_CODE_TTL]) ??
         configAuthorizationCodeTtlSec) ?? DEFAULT_AUTHORIZATION_CODE_TTL_SEC;
     const devLoginExplicitlyEnabled = coerceBoolean(process.env[ENV_VAR_ENABLE_DEV_LOGIN]) ??
@@ -34375,7 +34417,8 @@ function createOAuth2TokenRouter(options) {
         configDevLoginCookieName ??
         DEFAULT_SESSION_COOKIE_NAME;
     const devLoginSecureCookie = coerceBoolean(process.env[ENV_VAR_SESSION_SECURE_COOKIE]) ??
-        (configDevLoginSecureCookie ?? false);
+        configDevLoginSecureCookie ??
+        false;
     const devLoginTitle = coerceString$2(process.env[ENV_VAR_LOGIN_TITLE]) ??
         configDevLoginTitle ??
         DEFAULT_LOGIN_TITLE;
@@ -37442,19 +37485,23 @@ function normalizeConfig$a(config) {
         normalized.clientSecretConfig = normalizeSecretSource(clientSecretSource);
     }
     const audienceCandidate = candidate.audience ?? candidate.aud;
-    if (typeof audienceCandidate === 'string' && audienceCandidate.trim().length > 0) {
+    if (typeof audienceCandidate === 'string' &&
+        audienceCandidate.trim().length > 0) {
         normalized.audience = audienceCandidate.trim();
     }
     const codeChallengeMethod = candidate.codeChallengeMethod ?? candidate.code_challenge_method;
-    if (typeof codeChallengeMethod === 'string' && codeChallengeMethod.trim().length > 0) {
+    if (typeof codeChallengeMethod === 'string' &&
+        codeChallengeMethod.trim().length > 0) {
         normalized.codeChallengeMethod = codeChallengeMethod.trim();
     }
     const codeVerifierLength = candidate.codeVerifierLength ?? candidate.code_verifier_length;
-    if (typeof codeVerifierLength === 'number' && Number.isFinite(codeVerifierLength)) {
+    if (typeof codeVerifierLength === 'number' &&
+        Number.isFinite(codeVerifierLength)) {
         normalized.codeVerifierLength = codeVerifierLength;
     }
     const clockSkewSeconds = candidate.clockSkewSeconds ?? candidate.clock_skew_seconds;
-    if (typeof clockSkewSeconds === 'number' && Number.isFinite(clockSkewSeconds)) {
+    if (typeof clockSkewSeconds === 'number' &&
+        Number.isFinite(clockSkewSeconds)) {
         normalized.clockSkewSeconds = clockSkewSeconds;
     }
     const loginHintParam = candidate.loginHintParam ?? candidate.login_hint_param;
@@ -37499,8 +37546,8 @@ class OAuth2PkceTokenProviderFactory extends TokenProviderFactory {
             options.audience = normalized.audience;
         }
         if (normalized.codeChallengeMethod) {
-            options.codeChallengeMethod = normalized.codeChallengeMethod
-                .toUpperCase();
+            options.codeChallengeMethod =
+                normalized.codeChallengeMethod.toUpperCase();
         }
         if (normalized.codeVerifierLength) {
             options.codeVerifierLength = normalized.codeVerifierLength;
@@ -39258,14 +39305,14 @@ var eddsaEnvelopeVerifierFactory = /*#__PURE__*/Object.freeze({
 const FACTORY_META$d = {
     base: TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE,
-    key: "NoopTrustStoreProvider",
+    key: 'NoopTrustStoreProvider',
     isDefault: true,
     priority: 10,
 };
 class NoopTrustStoreProviderFactory extends TrustStoreProviderFactory {
     constructor() {
         super(...arguments);
-        this.type = "NoopTrustStoreProvider";
+        this.type = 'NoopTrustStoreProvider';
         this.isDefault = true;
         this.priority = 10;
     }
@@ -41503,8 +41550,7 @@ function normalizeOptions$2(raw) {
     const scopes = normalizeScopes(camel.scopes) ??
         normalizeScopes(snake.scopes ?? snake.scope) ??
         DEFAULT_SCOPES.slice();
-    const audience = coerceString(camel.audience) ??
-        coerceString(snake.audience ?? snake.aud);
+    const audience = coerceString(camel.audience) ?? coerceString(snake.audience ?? snake.aud);
     const fetchImpl = (camel.fetchImpl ?? snake.fetch_impl);
     const clockSkewSeconds = coerceNumber(camel.clockSkewSeconds) ??
         coerceNumber(snake.clock_skew_seconds) ??
@@ -43002,4 +43048,4 @@ var websocketTransportProvisioner = /*#__PURE__*/Object.freeze({
     WebSocketTransportProvisionerFactory: WebSocketTransportProvisionerFactory
 });
-export { ADMISSION_CLIENT_FACTORY_BASE_TYPE, ATTACHMENT_KEY_VALIDATOR_FACTORY_BASE_TYPE, AUTHORIZER_FACTORY_BASE_TYPE, AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE, AnsiColor, AsyncLock, AttachmentKeyValidator, AuthInjectionStrategyFactory, AuthorizerFactory, BROADCAST_CHANNEL_CONNECTION_GRANT_TYPE, BackPressureFull, BaseAsyncConnector, BaseNodeEventListener, BindingManager, BindingStoreEntryRecord, BrowserAutoKeyCredentialProvider, BrowserWrappedKeyCredentialProvider, CERTIFICATE_MANAGER_FACTORY_BASE_TYPE, CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE, CRYPTO_LEVEL_SECURITY_ORDER, CertificateManagerFactory, ConnectorConfigDefaults, ConnectorFactory, ConsoleMetricsEmitter, CryptoLevel, FACTORY_META$_ as DEFAULT_WELCOME_FACTORY_META, DefaultCryptoProvider, DefaultHttpServer, DefaultKeyManager, DefaultSecurityManager, DefaultSecurityPolicy, DefaultWelcomeService, DefaultWelcomeServiceFactory, DevFixedKeyCredentialProvider, ENCRYPTION_MANAGER_FACTORY_BASE_TYPE, ENVELOPE_SIGNER_FACTORY_BASE_TYPE, ENVELOPE_VERIFIER_FACTORY_BASE_TYPE, ENV_VAR_DEFAULT_ENCRYPTION_LEVEL, ENV_VAR_HMAC_SECRET, ENV_VAR_JWKS_URL, ENV_VAR_JWT_ALGORITHM$2 as ENV_VAR_JWT_ALGORITHM, ENV_VAR_JWT_AUDIENCE$2 as ENV_VAR_JWT_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER, ENV_VAR_JWT_TRUSTED_ISSUER, ENV_VAR_SHOW_ENVELOPES$1 as ENV_VAR_SHOW_ENVELOPES, EdDSAEnvelopeSigner, EncryptedKeyValueStore, EncryptedStorageProviderBase, EncryptedValue, EncryptionConfiguration, EncryptionManagerFactory, EncryptionResult, EncryptionStatus, EnvCredentialProvider, EnvelopeContext, EnvelopeListenerManager, EnvelopeSecurityHandler, EnvelopeSignerFactory, EnvelopeVerifierFactory, FACTORY_META$$ as FACTORY_META, FAME_FABRIC_FACTORY_BASE_TYPE, FIXED_PREFIX_LEN, FameAuthorizedDeliveryContextSchema, FameConnectError, FameEnvironmentContext, FameError, FameMessageTooLarge, FameNode, FameNodeAuthorizationContextSchema, FameProtocolError, FameTransportClose, FlowController, GRANT_PURPOSE_NODE_ATTACH, HTTP_CONNECTION_GRANT_TYPE, HTTP_STATELESS_CONNECTOR_TYPE, HttpListener, HttpStatelessConnector, INPAGE_CONNECTION_GRANT_TYPE, INPAGE_CONNECTOR_TYPE, InMemoryBinding, InMemoryFanoutBroker, InMemoryKeyValueStore, InMemoryReadWriteChannel, InMemoryStorageProvider, InPageConnector, InPageListener, InProcessFameFabric, InProcessFameFabricFactory, IndexedDBKeyValueStore, IndexedDBStorageProvider, InvalidPassphraseError, JWKValidationError, KEY_MANAGER_FACTORY_BASE_TYPE, KEY_STORE_FACTORY_BASE_TYPE, KeyInfo, KeyManagementHandler, KeyManagerFactory, KeyStore, KeyStoreFactory, KeyValidationError, LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE, LoadBalancerStickinessManagerFactory, LogLevel, LogLevelNames, MemoryMetricsEmitter, NODE_LIKE_FACTORY_BASE_TYPE, NODE_PLACEMENT_STRATEGY_FACTORY_BASE_TYPE, NoOpMetricsEmitter, NoSecurityPolicy, NodeFactory, NodePlacementStrategyFactory, NoneCredentialProvider, NoopEncryptionManager, NoopKeyValidator, NoopTrustStoreProvider, NotAuthorized, PROFILE_NAME_GATED, PROFILE_NAME_GATED_CALLBACK, PROFILE_NAME_OPEN$1 as PROFILE_NAME_OPEN, PROFILE_NAME_OVERLAY, PROFILE_NAME_OVERLAY_CALLBACK, PROFILE_NAME_STRICT_OVERLAY, PromptCredentialProvider, QueueFullError, REPLICA_STICKINESS_MANAGER_FACTORY_BASE_TYPE, REQUIRED_FIELDS_BY_KTY, ReplicaStickinessManagerFactory, RootSessionManager, RouteManager, RpcMixin, RpcProxy, SEALED_ENVELOPE_NONCE_LENGTH, SEALED_ENVELOPE_OVERHEAD, SEALED_ENVELOPE_PRIVATE_KEY_LENGTH, SEALED_ENVELOPE_PUBLIC_KEY_LENGTH, SEALED_ENVELOPE_TAG_LENGTH, SECURE_CHANNEL_MANAGER_FACTORY_BASE_TYPE, SECURITY_MANAGER_FACTORY_BASE_TYPE, SECURITY_POLICY_FACTORY_BASE_TYPE, SQLiteKeyValueStore, SQLiteStorageProvider, STORAGE_PROVIDER_FACTORY_BASE_TYPE, SecretSource, SecretStoreCredentialProvider, SecureChannelFrameHandler, SecureChannelManagerFactory, SecurityAction, SecurityRequirements, Sentinel, SentinelFactory, SessionKeyCredentialProvider, SignaturePolicy, SigningConfig as SigningConfigClass, SigningConfiguration, SimpleLoadBalancerStickinessManager, SimpleLoadBalancerStickinessManagerFactory, StaticCredentialProvider, StorageAESEncryptionManager, TOKEN_ISSUER_FACTORY_BASE_TYPE, TOKEN_PROVIDER_FACTORY_BASE_TYPE, TOKEN_VERIFIER_FACTORY_BASE_TYPE, TRANSPORT_LISTENER_FACTORY_BASE_TYPE, TRANSPORT_PROVISIONER_FACTORY_BASE_TYPE, TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, TaskSpawner, TokenIssuerFactory, TokenProviderFactory, TokenVerifierFactory, TransportListener, TransportProvisionerFactory, TrustStoreProviderFactory, TtlValidationError, UpstreamSessionManager, VALID_CURVES_BY_KTY, VALID_KEY_USES, VERSION, WEBSOCKET_CONNECTION_GRANT_TYPE, WELCOME_SERVICE_FACTORY_BASE_TYPE, WebSocketCloseCode, WebSocketConnector, WebSocketListener, WebSocketState, WelcomeServiceFactory, _NoopFlowController, __runtimePluginLoader, addEnvelopeFields, addLogLevel, addTimestamp, assertConnectionGrant, assertGrant, basicConfig, broadcastChannelGrantToConnectorConfig, camelToSnakeCase, canonicalJson, capitalizeFirstLetter, color, compareCryptoLevels, compiledPathPattern, consoleTransport, convertWildcardLogicalToDnsConstraint, createConnectorConfig, createEd25519Keypair, createHostLogicalUri, createJwksRouter, createLogicalUri, createNodeDeliveryContext, createApp as createOAuth2ServerApp, createOAuth2TokenRouter, createOpenIDConfigurationRouter, createResource, createRpcProxy, createRsaKeypair, createTransportCloseError, createX25519Keypair, credentialToString, currentTraceId$1 as currentTraceId, debounce, decodeBase64Url, decodeFameDataPayload, deepMerge, defaultJsonEncoder, delay, dropEmpty, enableLogging, encodeUtf8, ensureRuntimeFactoriesRegistered, extractId, extractPoolAddressBase, extractPoolBase, filterKeysByUse, formatTimestamp, formatTimestampForConsole$1 as formatTimestampForConsole, frameDigest, getCurrentEnvelope, getFameRoot, getHttpListenerInstance, getInPageListenerInstance, getKeyProvider, getKeyStore, getLogger, getWebsocketListenerInstance, hasCryptoSupport, hostnameToLogical, hostnamesToLogicals, httpGrantToConnectorConfig, immutableHeaders, inPageGrantToConnectorConfig, isAuthInjectionStrategy, isBroadcastChannelConnectionGrant, isConnectionGrant, isConnectorConfig, isEnvelopeLoggingEnabled, isFameError, isFameErrorType, isGrant, isHttpConnectionGrant, isInPageConnectionGrant, isNodeLike, isPlainObject$3 as isPlainObject, isPoolAddress, isPoolLogical, isRegisterable, isTokenExpired, isTokenProvider, isTokenValid, isWebSocketConnectionGrant, jsonDumps, logicalPatternsToDnsConstraints, logicalToHostname, logicalsToHostnames, matchesPoolAddress, matchesPoolLogical, maybeAwait, nodeWelcomeRouter, nodeWelcomeRouterPlugin, normalizeBroadcastChannelConnectionGrant, normalizeEncryptionConfig, normalizeEnvelopeSnapshot, normalizeExtendedFameConfig, normalizeHttpConnectionGrant, normalizeInPageConnectionGrant, normalizeInboundCryptoRules, normalizeInboundSigningRules, normalizeOutboundCryptoRules, normalizeOutboundSigningRules, normalizePath, normalizeResponseCryptoRules, normalizeResponseSigningRules, normalizeSecretSource, normalizeSecurityRequirements, normalizeSigningConfig, normalizeWebSocketConnectionGrant, objectToBytes, operation, parseSealedEnvelope, pinoTransport, prettyModel$1 as prettyModel, registerDefaultFactories, registerDefaultKeyStoreFactory, registerNodePlacementStrategyFactory, registerRuntimeFactories, requireCryptoSupport, retryWithBackoff, main as runOAuth2Server, safeColor, sealedDecrypt, sealedEncrypt, secureDigest, setKeyStore, showEnvelopes$1 as showEnvelopes, sleep, snakeToCamelCase, stringifyNonPrimitives, supportsColor, throttle, urlsafeBase64Decode, urlsafeBase64Encode, validateCacheTtlSec, validateEncryptionKey, validateHostLogical, validateHostLogicals, validateJwkComplete, validateJwkStructure, validateJwkUseField, validateJwtTokenTtlSec, validateKeyCorrelationTtlSec, validateLogical, validateLogicalSegment, validateOAuth2TtlSec, validateSigningKey, validateTtlSec, waitForAll, waitForAllSettled, waitForAny, websocketGrantToConnectorConfig, withEnvelopeContext, withEnvelopeContextAsync, withLegacySnakeCaseKeys, withLock, withTimeout };
+export { ADMISSION_CLIENT_FACTORY_BASE_TYPE, ATTACHMENT_KEY_VALIDATOR_FACTORY_BASE_TYPE, AUTHORIZER_FACTORY_BASE_TYPE, AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE, AnsiColor, AsyncLock, AttachmentKeyValidator, AuthInjectionStrategyFactory, AuthorizerFactory, BROADCAST_CHANNEL_CONNECTION_GRANT_TYPE, BackPressureFull, BaseAsyncConnector, BaseNodeEventListener, BindingManager, BindingStoreEntryRecord, BrowserAutoKeyCredentialProvider, BrowserWrappedKeyCredentialProvider, CERTIFICATE_MANAGER_FACTORY_BASE_TYPE, CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE, CRYPTO_LEVEL_SECURITY_ORDER, CertificateManagerFactory, ConnectorConfigDefaults, ConnectorFactory, ConsoleMetricsEmitter, CryptoLevel, FACTORY_META$_ as DEFAULT_WELCOME_FACTORY_META, DefaultCryptoProvider, DefaultHttpServer, DefaultKeyManager, DefaultSecurityManager, DefaultSecurityPolicy, DefaultWelcomeService, DefaultWelcomeServiceFactory, DevFixedKeyCredentialProvider, ENCRYPTION_MANAGER_FACTORY_BASE_TYPE, ENVELOPE_SIGNER_FACTORY_BASE_TYPE, ENVELOPE_VERIFIER_FACTORY_BASE_TYPE, ENV_VAR_DEFAULT_ENCRYPTION_LEVEL, ENV_VAR_HMAC_SECRET, ENV_VAR_JWKS_URL, ENV_VAR_JWT_ALGORITHM$2 as ENV_VAR_JWT_ALGORITHM, ENV_VAR_JWT_AUDIENCE$2 as ENV_VAR_JWT_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER, ENV_VAR_JWT_TRUSTED_ISSUER, ENV_VAR_SHOW_ENVELOPES$1 as ENV_VAR_SHOW_ENVELOPES, EdDSAEnvelopeSigner, EncryptedKeyValueStore, EncryptedStorageProviderBase, EncryptedValue, EncryptionConfiguration, EncryptionManagerFactory, EncryptionResult, EncryptionStatus, EnvCredentialProvider, EnvelopeContext, EnvelopeListenerManager, EnvelopeSecurityHandler, EnvelopeSignerFactory, EnvelopeVerifierFactory, FACTORY_META$$ as FACTORY_META, FAME_FABRIC_FACTORY_BASE_TYPE, FIXED_PREFIX_LEN, FameAuthorizedDeliveryContextSchema, FameConnectError, FameEnvironmentContext, FameError, FameMessageTooLarge, FameNode, FameNodeAuthorizationContextSchema, FameProtocolError, FameTransportClose, FlowController, GRANT_PURPOSE_NODE_ATTACH, HTTP_CONNECTION_GRANT_TYPE, HTTP_STATELESS_CONNECTOR_TYPE, HttpListener, HttpStatelessConnector, INPAGE_CONNECTION_GRANT_TYPE, INPAGE_CONNECTOR_TYPE, InMemoryBinding, InMemoryFanoutBroker, InMemoryKeyValueStore, InMemoryReadWriteChannel, InMemoryStorageProvider, InPageConnector, InPageListener, InProcessFameFabric, InProcessFameFabricFactory, IndexedDBKeyValueStore, IndexedDBStorageProvider, InvalidPassphraseError, JWKValidationError, KEY_MANAGER_FACTORY_BASE_TYPE, KEY_STORE_FACTORY_BASE_TYPE, KeyInfo, KeyManagementHandler, KeyManagerFactory, KeyStore, KeyStoreFactory, KeyValidationError, LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE, LoadBalancerStickinessManagerFactory, LogLevel, LogLevelNames, MemoryMetricsEmitter, NODE_LIKE_FACTORY_BASE_TYPE, NODE_PLACEMENT_STRATEGY_FACTORY_BASE_TYPE, NoOpMetricsEmitter, NoSecurityPolicy, NodeFactory, NodePlacementStrategyFactory, NoneCredentialProvider, NoopEncryptionManager, NoopKeyValidator, NoopTrustStoreProvider, NotAuthorized, PROFILE_NAME_GATED, PROFILE_NAME_GATED_CALLBACK, PROFILE_NAME_OPEN$1 as PROFILE_NAME_OPEN, PROFILE_NAME_OVERLAY, PROFILE_NAME_OVERLAY_CALLBACK, PROFILE_NAME_STRICT_OVERLAY, PromptCredentialProvider, QueueFullError, REPLICA_STICKINESS_MANAGER_FACTORY_BASE_TYPE, REQUIRED_FIELDS_BY_KTY, ReplicaStickinessManagerFactory, RootSessionManager, RouteManager, RpcMixin, RpcProxy, SEALED_ENVELOPE_NONCE_LENGTH, SEALED_ENVELOPE_OVERHEAD, SEALED_ENVELOPE_PRIVATE_KEY_LENGTH, SEALED_ENVELOPE_PUBLIC_KEY_LENGTH, SEALED_ENVELOPE_TAG_LENGTH, SECURE_CHANNEL_MANAGER_FACTORY_BASE_TYPE, SECURITY_MANAGER_FACTORY_BASE_TYPE, SECURITY_POLICY_FACTORY_BASE_TYPE, SQLiteKeyValueStore, SQLiteStorageProvider, STORAGE_PROVIDER_FACTORY_BASE_TYPE, SecretSource, SecretStoreCredentialProvider, SecureChannelFrameHandler, SecureChannelManagerFactory, SecurityAction, SecurityRequirements, Sentinel, SentinelFactory, SessionKeyCredentialProvider, SignaturePolicy, SigningConfig as SigningConfigClass, SigningConfiguration, SimpleLoadBalancerStickinessManager, SimpleLoadBalancerStickinessManagerFactory, StaticCredentialProvider, StorageAESEncryptionManager, TOKEN_ISSUER_FACTORY_BASE_TYPE, TOKEN_PROVIDER_FACTORY_BASE_TYPE, TOKEN_VERIFIER_FACTORY_BASE_TYPE, TRANSPORT_LISTENER_FACTORY_BASE_TYPE, TRANSPORT_PROVISIONER_FACTORY_BASE_TYPE, TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, TaskSpawner, TokenIssuerFactory, TokenProviderFactory, TokenVerifierFactory, TransportListener, TransportListenerFactory, TransportProvisionerFactory, TrustStoreProviderFactory, TtlValidationError, UpstreamSessionManager, VALID_CURVES_BY_KTY, VALID_KEY_USES, VERSION, WEBSOCKET_CONNECTION_GRANT_TYPE, WELCOME_SERVICE_FACTORY_BASE_TYPE, WebSocketCloseCode, WebSocketConnector, WebSocketListener, WebSocketState, WelcomeServiceFactory, _NoopFlowController, __runtimePluginLoader, addEnvelopeFields, addLogLevel, addTimestamp, assertConnectionGrant, assertGrant, basicConfig, broadcastChannelGrantToConnectorConfig, camelToSnakeCase, canonicalJson, capitalizeFirstLetter, color, compareCryptoLevels, compiledPathPattern, consoleTransport, convertWildcardLogicalToDnsConstraint, createConnectorConfig, createEd25519Keypair, createHostLogicalUri, createJwksRouter, createLogicalUri, createNodeDeliveryContext, createApp as createOAuth2ServerApp, createOAuth2TokenRouter, createOpenIDConfigurationRouter, createResource, createRpcProxy, createRsaKeypair, createTransportCloseError, createX25519Keypair, credentialToString, currentTraceId$1 as currentTraceId, debounce, decodeBase64Url, decodeFameDataPayload, deepMerge, defaultJsonEncoder, delay, dropEmpty, enableLogging, encodeUtf8, ensureRuntimeFactoriesRegistered, extractId, extractPoolAddressBase, extractPoolBase, filterKeysByUse, formatTimestamp, formatTimestampForConsole$1 as formatTimestampForConsole, frameDigest, getCurrentEnvelope, getFameRoot, getHttpListenerInstance, getInPageListenerInstance, getKeyProvider, getKeyStore, getLogger, getWebsocketListenerInstance, hasCryptoSupport, hostnameToLogical, hostnamesToLogicals, httpGrantToConnectorConfig, immutableHeaders, inPageGrantToConnectorConfig, isAuthInjectionStrategy, isBroadcastChannelConnectionGrant, isConnectionGrant, isConnectorConfig, isEnvelopeLoggingEnabled, isFameError, isFameErrorType, isGrant, isHttpConnectionGrant, isInPageConnectionGrant, isNodeLike, isPlainObject$3 as isPlainObject, isPoolAddress, isPoolLogical, isRegisterable, isTokenExpired, isTokenProvider, isTokenValid, isWebSocketConnectionGrant, jsonDumps, logicalPatternsToDnsConstraints, logicalToHostname, logicalsToHostnames, matchesPoolAddress, matchesPoolLogical, maybeAwait, nodeWelcomeRouter, nodeWelcomeRouterPlugin, normalizeBroadcastChannelConnectionGrant, normalizeEncryptionConfig, normalizeEnvelopeSnapshot, normalizeExtendedFameConfig, normalizeHttpConnectionGrant, normalizeInPageConnectionGrant, normalizeInboundCryptoRules, normalizeInboundSigningRules, normalizeOutboundCryptoRules, normalizeOutboundSigningRules, normalizePath, normalizeResponseCryptoRules, normalizeResponseSigningRules, normalizeSecretSource, normalizeSecurityRequirements, normalizeSigningConfig, normalizeWebSocketConnectionGrant, objectToBytes, operation, parseSealedEnvelope, pinoTransport, prettyModel$1 as prettyModel, registerDefaultFactories, registerDefaultKeyStoreFactory, registerNodePlacementStrategyFactory, registerRuntimeFactories, requireCryptoSupport, retryWithBackoff, main as runOAuth2Server, safeColor, safeImport, sealedDecrypt, sealedEncrypt, secureDigest, setKeyStore, showEnvelopes$1 as showEnvelopes, sleep, snakeToCamelCase, stringifyNonPrimitives, supportsColor, throttle, urlsafeBase64Decode, urlsafeBase64Encode, validateCacheTtlSec, validateEncryptionKey, validateHostLogical, validateHostLogicals, validateJwkComplete, validateJwkStructure, validateJwkUseField, validateJwtTokenTtlSec, validateKeyCorrelationTtlSec, validateLogical, validateLogicalSegment, validateOAuth2TtlSec, validateSigningKey, validateTtlSec, waitForAll, waitForAllSettled, waitForAny, websocketGrantToConnectorConfig, withEnvelopeContext, withEnvelopeContextAsync, withLegacySnakeCaseKeys, withLock, withTimeout };