@nocobase/plugin-flow-engine 2.1.0-beta.44 → 2.1.0-beta.45

package/dist/client/index.js

@@ -7,4 +7,4 @@
  * For more information, please refer to: https://www.nocobase.com/agreement.
  */
 
-!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("@nocobase/client")):"function"==typeof define&&define.amd?define("@nocobase/plugin-flow-engine",["@nocobase/client"],t):"object"==typeof exports?exports["@nocobase/plugin-flow-engine"]=t(require("@nocobase/client")):e["@nocobase/plugin-flow-engine"]=t(e["@nocobase/client"])}(self,function(e){return function(){"use strict";var t={342:function(t){t.exports=e}},n={};function r(e){var o=n[e];if(void 0!==o)return o.exports;var i=n[e]={exports:{}};return t[e](i,i.exports,r),i.exports}r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,{a:t}),t},r.d=function(e,t){for(var n in t)r.o(t,n)&&!r.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.r=function(e){"u">typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.g.importScripts&&(o=r.g.location+"");var o,i=r.g.document;if(!o&&i&&(i.currentScript&&"SCRIPT"===i.currentScript.tagName.toUpperCase()&&(o=i.currentScript.src),!o)){var u=i.getElementsByTagName("script");if(u.length)for(var c=u.length-1;c>-1&&(!o||!/^http(s?):/.test(o));)o=u[c--].src}if(!o)throw Error("Automatic publicPath is not supported in this browser");r.p=o.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/");var a={};return!function(){var e="",t="u">typeof document?document.currentScript:null;if(t&&t.src&&(e=t.src.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/")),!e){var n=window.__webpack_public_path__||"";n&&("/"!==n.charAt(n.length-1)&&(n+="/"),e=n+"static/plugins/@nocobase/plugin-flow-engine/dist/client/")}if(!e){if(!(e=window.__nocobase_public_path__||"")&&window.location&&window.location.pathname){var o=window.location.pathname||"/",i=o.indexOf("/v2/");e=i>=0?o.slice(0,i+1):"/"}e&&(e=e.replace(/\/v2\/?$/,"/")),e||(e="/"),"/"!==e.charAt(e.length-1)&&(e+="/"),e+="static/plugins/@nocobase/plugin-flow-engine/dist/client/"}r.p=e}(),!function(){r.r(a),r.d(a,{PluginFlowEngineClient:function(){return p}});var e=r(342);function t(e,t,n,r,o,i,u){try{var c=e[i](u),a=c.value}catch(e){n(e);return}c.done?t(a):Promise.resolve(a).then(r,o)}function n(e){return function(){var n=this,r=arguments;return new Promise(function(o,i){var u=e.apply(n,r);function c(e){t(u,o,i,c,a,"next",e)}function a(e){t(u,o,i,c,a,"throw",e)}c(void 0)})}}function o(e,t,n){return(o=l()?Reflect.construct:function(e,t,n){var r=[null];r.push.apply(r,t);var o=new(Function.bind.apply(e,r));return n&&u(o,n.prototype),o}).apply(null,arguments)}function i(e){return(i=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)})(e)}function u(e,t){return(u=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function c(e){var t="function"==typeof Map?new Map:void 0;return(c=function(e){if(null===e||-1===Function.toString.call(e).indexOf("[native code]"))return e;if("function"!=typeof e)throw TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,n)}function n(){return o(e,arguments,i(this).constructor)}return n.prototype=Object.create(e.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}}),u(n,e)})(e)}function l(){try{var e=!Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){}))}catch(e){}return(l=function(){return!!e})()}function f(e,t){var n,r,o,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]},u=Object.create(("function"==typeof Iterator?Iterator:Object).prototype),c=Object.defineProperty;return c(u,"next",{value:a(0)}),c(u,"throw",{value:a(1)}),c(u,"return",{value:a(2)}),"function"==typeof Symbol&&c(u,Symbol.iterator,{value:function(){return this}}),u;function a(c){return function(a){var l=[c,a];if(n)throw TypeError("Generator is already executing.");for(;u&&(u=0,l[0]&&(i=0)),i;)try{if(n=1,r&&(o=2&l[0]?r.return:l[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,l[1])).done)return o;switch(r=0,o&&(l=[2&l[0],o.value]),l[0]){case 0:case 1:o=l;break;case 4:return i.label++,{value:l[1],done:!1};case 5:i.label++,r=l[1],l=[0];continue;case 7:l=i.ops.pop(),i.trys.pop();continue;default:if(!(o=(o=i.trys).length>0&&o[o.length-1])&&(6===l[0]||2===l[0])){i=0;continue}if(3===l[0]&&(!o||l[1]>o[0]&&l[1]<o[3])){i.label=l[1];break}if(6===l[0]&&i.label<o[1]){i.label=o[1],o=l;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(l);break}o[2]&&i.ops.pop(),i.trys.pop();continue}l=t.call(e,i)}catch(e){l=[6,e],r=0}finally{n=o=0}if(5&l[0])throw l[1];return{value:l[0]?l[1]:void 0,done:!0}}}}var p=function(e){var t;if("function"!=typeof e&&null!==e)throw TypeError("Super expression must either be null or a function");function r(){var e,t;if(!(this instanceof r))throw TypeError("Cannot call a class as a function");return e=r,t=arguments,e=i(e),function(e,t){var n;if(t&&("object"==((n=t)&&"u">typeof Symbol&&n.constructor===Symbol?"symbol":typeof n)||"function"==typeof t))return t;if(void 0===e)throw ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(this,l()?Reflect.construct(e,t||[],i(this).constructor):e.apply(this,t))}return r.prototype=Object.create(e&&e.prototype,{constructor:{value:r,writable:!0,configurable:!0}}),e&&u(r,e),t=[{key:"afterAdd",value:function(){return n(function(){return f(this,function(e){return[2]})})()}},{key:"beforeLoad",value:function(){return n(function(){return f(this,function(e){return[2]})})()}},{key:"load",value:function(){return n(function(){return f(this,function(e){return[2]})})()}}],function(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}(r.prototype,t),r}(c(e.Plugin));a.default=p}(),a}()});
+!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("@nocobase/client")):"function"==typeof define&&define.amd?define("@nocobase/plugin-flow-engine",["@nocobase/client"],t):"object"==typeof exports?exports["@nocobase/plugin-flow-engine"]=t(require("@nocobase/client")):e["@nocobase/plugin-flow-engine"]=t(e["@nocobase/client"])}(self,function(e){return function(){"use strict";var t={342:function(t){t.exports=e}},n={};function r(e){var o=n[e];if(void 0!==o)return o.exports;var i=n[e]={exports:{}};return t[e](i,i.exports,r),i.exports}r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,{a:t}),t},r.d=function(e,t){for(var n in t)r.o(t,n)&&!r.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.r=function(e){"u">typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.g.importScripts&&(o=r.g.location+"");var o,i=r.g.document;if(!o&&i&&(i.currentScript&&"SCRIPT"===i.currentScript.tagName.toUpperCase()&&(o=i.currentScript.src),!o)){var u=i.getElementsByTagName("script");if(u.length)for(var c=u.length-1;c>-1&&(!o||!/^http(s?):/.test(o));)o=u[c--].src}if(!o)throw Error("Automatic publicPath is not supported in this browser");r.p=o.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/");var a={};return!function(){var e="",t="u">typeof document?document.currentScript:null;if(t&&t.src&&(e=t.src.replace(/^blob:/,"").replace(/#.*$/,"").replace(/\?.*$/,"").replace(/\/[^\/]+$/,"/")),!e){var n=window.__webpack_public_path__||"";n&&("/"!==n.charAt(n.length-1)&&(n+="/"),e=n+"static/plugins/@nocobase/plugin-flow-engine/dist/client/")}if(!e){var o=window.__nocobase_modern_client_prefix__||"v",i="/"+(o=String(o).replace(/^\/+|\/+$/g,"")||"v")+"/";if(!(e=window.__nocobase_public_path__||"")&&window.location&&window.location.pathname){var u=window.location.pathname||"/",c=u.indexOf(i);e=c>=0?u.slice(0,c+1):"/"}e&&(e=e.replace(RegExp("/"+o+"/?$"),"/")),e||(e="/"),"/"!==e.charAt(e.length-1)&&(e+="/"),e+="static/plugins/@nocobase/plugin-flow-engine/dist/client/"}r.p=e}(),!function(){r.r(a),r.d(a,{PluginFlowEngineClient:function(){return p}});var e=r(342);function t(e,t,n,r,o,i,u){try{var c=e[i](u),a=c.value}catch(e){n(e);return}c.done?t(a):Promise.resolve(a).then(r,o)}function n(e){return function(){var n=this,r=arguments;return new Promise(function(o,i){var u=e.apply(n,r);function c(e){t(u,o,i,c,a,"next",e)}function a(e){t(u,o,i,c,a,"throw",e)}c(void 0)})}}function o(e,t,n){return(o=l()?Reflect.construct:function(e,t,n){var r=[null];r.push.apply(r,t);var o=new(Function.bind.apply(e,r));return n&&u(o,n.prototype),o}).apply(null,arguments)}function i(e){return(i=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)})(e)}function u(e,t){return(u=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function c(e){var t="function"==typeof Map?new Map:void 0;return(c=function(e){if(null===e||-1===Function.toString.call(e).indexOf("[native code]"))return e;if("function"!=typeof e)throw TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,n)}function n(){return o(e,arguments,i(this).constructor)}return n.prototype=Object.create(e.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}}),u(n,e)})(e)}function l(){try{var e=!Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){}))}catch(e){}return(l=function(){return!!e})()}function f(e,t){var n,r,o,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]},u=Object.create(("function"==typeof Iterator?Iterator:Object).prototype),c=Object.defineProperty;return c(u,"next",{value:a(0)}),c(u,"throw",{value:a(1)}),c(u,"return",{value:a(2)}),"function"==typeof Symbol&&c(u,Symbol.iterator,{value:function(){return this}}),u;function a(c){return function(a){var l=[c,a];if(n)throw TypeError("Generator is already executing.");for(;u&&(u=0,l[0]&&(i=0)),i;)try{if(n=1,r&&(o=2&l[0]?r.return:l[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,l[1])).done)return o;switch(r=0,o&&(l=[2&l[0],o.value]),l[0]){case 0:case 1:o=l;break;case 4:return i.label++,{value:l[1],done:!1};case 5:i.label++,r=l[1],l=[0];continue;case 7:l=i.ops.pop(),i.trys.pop();continue;default:if(!(o=(o=i.trys).length>0&&o[o.length-1])&&(6===l[0]||2===l[0])){i=0;continue}if(3===l[0]&&(!o||l[1]>o[0]&&l[1]<o[3])){i.label=l[1];break}if(6===l[0]&&i.label<o[1]){i.label=o[1],o=l;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(l);break}o[2]&&i.ops.pop(),i.trys.pop();continue}l=t.call(e,i)}catch(e){l=[6,e],r=0}finally{n=o=0}if(5&l[0])throw l[1];return{value:l[0]?l[1]:void 0,done:!0}}}}var p=function(e){var t;if("function"!=typeof e&&null!==e)throw TypeError("Super expression must either be null or a function");function r(){var e,t;if(!(this instanceof r))throw TypeError("Cannot call a class as a function");return e=r,t=arguments,e=i(e),function(e,t){var n;if(t&&("object"==((n=t)&&"u">typeof Symbol&&n.constructor===Symbol?"symbol":typeof n)||"function"==typeof t))return t;if(void 0===e)throw ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(this,l()?Reflect.construct(e,t||[],i(this).constructor):e.apply(this,t))}return r.prototype=Object.create(e&&e.prototype,{constructor:{value:r,writable:!0,configurable:!0}}),e&&u(r,e),t=[{key:"afterAdd",value:function(){return n(function(){return f(this,function(e){return[2]})})()}},{key:"beforeLoad",value:function(){return n(function(){return f(this,function(e){return[2]})})()}},{key:"load",value:function(){return n(function(){return f(this,function(e){return[2]})})()}}],function(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}(r.prototype,t),r}(c(e.Plugin));a.default=p}(),a}()});

package/dist/externalVersion.js

@@ -8,16 +8,16 @@
  */
 
 module.exports = {
-  "@nocobase/client": "2.1.0-beta.44",
+  "@nocobase/client": "2.1.0-beta.45",
   "lodash": "4.18.1",
-  "@nocobase/database": "2.1.0-beta.44",
-  "@nocobase/data-source-manager": "2.1.0-beta.44",
-  "@nocobase/resourcer": "2.1.0-beta.44",
-  "@nocobase/utils": "2.1.0-beta.44",
-  "@nocobase/cache": "2.1.0-beta.44",
-  "@nocobase/server": "2.1.0-beta.44",
-  "@nocobase/actions": "2.1.0-beta.44",
+  "@nocobase/database": "2.1.0-beta.45",
+  "@nocobase/data-source-manager": "2.1.0-beta.45",
+  "@nocobase/resourcer": "2.1.0-beta.45",
+  "@nocobase/utils": "2.1.0-beta.45",
+  "@nocobase/cache": "2.1.0-beta.45",
+  "@nocobase/server": "2.1.0-beta.45",
+  "@nocobase/actions": "2.1.0-beta.45",
   "sequelize": "6.35.2",
   "@formily/json-schema": "2.3.7",
-  "@nocobase/ai": "2.1.0-beta.44"
+  "@nocobase/ai": "2.1.0-beta.45"
 };

package/dist/node_modules/@ant-design/icons-svg/package.json

@@ -1 +1 @@
-{"name":"@ant-design/icons-svg","version":"4.3.1","sideEffects":false,"description":"Abstract nodes for ant design icons.","contributors":["HeskeyBaozi <hezhiyu233@foxmail.com>"],"homepage":"https://github.com/ant-design/ant-design-icons/","license":"MIT","main":"lib/index.js","module":"es/index.js","files":["lib","es","inline-svg","inline-namespaced-svg"],"repository":{"type":"git","url":"git+https://github.com/ant-design/ant-design-icons.git"},"scripts":{"g":"npm run generate","generate":"cross-env NODE_ENV=production gulp --require ts-node/register/transpile-only","type-check":"tsc --noEmit","build:es":"tsc --project tsconfig.build.json --module esnext --outDir es","build:lib":"tsc --project tsconfig.build.json --module commonjs --outDir lib","build":"cross-env NODE_ENV=production && npm run build:es && npm run build:lib","test":"cross-env NODE_ENV=test && npm run test:unit","test:unit":"jest","prepublishOnly":"npm run test && npm run g && npm run build && npm run type-check && npm run digest","digest":"node scripts/digest.js"},"bugs":{"url":"https://github.com/ant-design/ant-design-icons/issues"},"devDependencies":{"@babel/core":"^7.8.6","@babel/preset-env":"^7.8.6","@babel/preset-typescript":"^7.8.3","@rgrove/parse-xml":"^2.0.2","@types/gulp":"^4.0.6","@types/gulp-concat":"^0.0.32","@types/gulp-rename":"^0.0.33","@types/jest":"^25.1.3","@types/lodash.camelcase":"^4.3.6","@types/lodash.template":"^4.4.6","@types/lodash.upperfirst":"^4.3.6","@types/node":"^13.9.3","@types/ramda":"^0.26.43","@types/rgrove__parse-xml":"^1.1.0","@types/svgo":"^1.3.1","@types/through2":"^2.0.34","@typescript-eslint/eslint-plugin":"^2.21.0","@typescript-eslint/parser":"^2.21.0","babel-jest":"^25.1.0","cross-env":"^7.0.0","del":"^5.1.0","eslint":"^7.16.0","globby":"^11.0.0","gulp":"^4.0.2","gulp-clone":"^2.0.1","gulp-concat":"^2.6.1","gulp-header":"^2.0.9","gulp-rename":"^2.0.0","jest":"^25.1.0","lodash.camelcase":"^4.3.0","lodash.template":"^4.5.0","lodash.upperfirst":"^4.3.1","ramda":"^0.27.0","svgo":"^1.3.2","through2":"^3.0.1","ts-node":"^8.6.2","typescript":"^4.0.0","vinyl":"^2.2.0"},"publishConfig":{"access":"public","registry":"https://registry.npmjs.org"},"_lastModified":"2026-06-03T13:56:24.978Z"}
+{"name":"@ant-design/icons-svg","version":"4.3.1","sideEffects":false,"description":"Abstract nodes for ant design icons.","contributors":["HeskeyBaozi <hezhiyu233@foxmail.com>"],"homepage":"https://github.com/ant-design/ant-design-icons/","license":"MIT","main":"lib/index.js","module":"es/index.js","files":["lib","es","inline-svg","inline-namespaced-svg"],"repository":{"type":"git","url":"git+https://github.com/ant-design/ant-design-icons.git"},"scripts":{"g":"npm run generate","generate":"cross-env NODE_ENV=production gulp --require ts-node/register/transpile-only","type-check":"tsc --noEmit","build:es":"tsc --project tsconfig.build.json --module esnext --outDir es","build:lib":"tsc --project tsconfig.build.json --module commonjs --outDir lib","build":"cross-env NODE_ENV=production && npm run build:es && npm run build:lib","test":"cross-env NODE_ENV=test && npm run test:unit","test:unit":"jest","prepublishOnly":"npm run test && npm run g && npm run build && npm run type-check && npm run digest","digest":"node scripts/digest.js"},"bugs":{"url":"https://github.com/ant-design/ant-design-icons/issues"},"devDependencies":{"@babel/core":"^7.8.6","@babel/preset-env":"^7.8.6","@babel/preset-typescript":"^7.8.3","@rgrove/parse-xml":"^2.0.2","@types/gulp":"^4.0.6","@types/gulp-concat":"^0.0.32","@types/gulp-rename":"^0.0.33","@types/jest":"^25.1.3","@types/lodash.camelcase":"^4.3.6","@types/lodash.template":"^4.4.6","@types/lodash.upperfirst":"^4.3.6","@types/node":"^13.9.3","@types/ramda":"^0.26.43","@types/rgrove__parse-xml":"^1.1.0","@types/svgo":"^1.3.1","@types/through2":"^2.0.34","@typescript-eslint/eslint-plugin":"^2.21.0","@typescript-eslint/parser":"^2.21.0","babel-jest":"^25.1.0","cross-env":"^7.0.0","del":"^5.1.0","eslint":"^7.16.0","globby":"^11.0.0","gulp":"^4.0.2","gulp-clone":"^2.0.1","gulp-concat":"^2.6.1","gulp-header":"^2.0.9","gulp-rename":"^2.0.0","jest":"^25.1.0","lodash.camelcase":"^4.3.0","lodash.template":"^4.5.0","lodash.upperfirst":"^4.3.1","ramda":"^0.27.0","svgo":"^1.3.2","through2":"^3.0.1","ts-node":"^8.6.2","typescript":"^4.0.0","vinyl":"^2.2.0"},"publishConfig":{"access":"public","registry":"https://registry.npmjs.org"},"_lastModified":"2026-06-08T04:32:04.197Z"}

package/dist/node_modules/acorn/package.json

@@ -1 +1 @@
-{"name":"acorn","description":"ECMAScript parser","homepage":"https://github.com/acornjs/acorn","main":"dist/acorn.js","types":"dist/acorn.d.ts","module":"dist/acorn.mjs","exports":{".":[{"import":"./dist/acorn.mjs","require":"./dist/acorn.js","default":"./dist/acorn.js"},"./dist/acorn.js"],"./package.json":"./package.json"},"version":"8.11.2","engines":{"node":">=0.4.0"},"maintainers":[{"name":"Marijn Haverbeke","email":"marijnh@gmail.com","web":"https://marijnhaverbeke.nl"},{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"https://rreverser.com/"},{"name":"Adrian Heine","web":"http://adrianheine.de"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn.git"},"license":"MIT","scripts":{"prepare":"cd ..; npm run build:main"},"bin":{"acorn":"./bin/acorn"},"_lastModified":"2026-06-03T13:56:25.874Z"}
+{"name":"acorn","description":"ECMAScript parser","homepage":"https://github.com/acornjs/acorn","main":"dist/acorn.js","types":"dist/acorn.d.ts","module":"dist/acorn.mjs","exports":{".":[{"import":"./dist/acorn.mjs","require":"./dist/acorn.js","default":"./dist/acorn.js"},"./dist/acorn.js"],"./package.json":"./package.json"},"version":"8.11.2","engines":{"node":">=0.4.0"},"maintainers":[{"name":"Marijn Haverbeke","email":"marijnh@gmail.com","web":"https://marijnhaverbeke.nl"},{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"https://rreverser.com/"},{"name":"Adrian Heine","web":"http://adrianheine.de"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn.git"},"license":"MIT","scripts":{"prepare":"cd ..; npm run build:main"},"bin":{"acorn":"./bin/acorn"},"_lastModified":"2026-06-08T04:32:05.094Z"}

package/dist/node_modules/acorn-jsx/package.json

@@ -1 +1 @@
-{"name":"acorn-jsx","description":"Modern, fast React.js JSX parser","homepage":"https://github.com/acornjs/acorn-jsx","version":"5.3.2","maintainers":[{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"http://rreverser.com/"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn-jsx"},"license":"MIT","scripts":{"test":"node test/run.js"},"peerDependencies":{"acorn":"^6.0.0 || ^7.0.0 || ^8.0.0"},"devDependencies":{"acorn":"^8.0.1"},"_lastModified":"2026-06-03T13:56:26.298Z"}
+{"name":"acorn-jsx","description":"Modern, fast React.js JSX parser","homepage":"https://github.com/acornjs/acorn-jsx","version":"5.3.2","maintainers":[{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"http://rreverser.com/"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn-jsx"},"license":"MIT","scripts":{"test":"node test/run.js"},"peerDependencies":{"acorn":"^6.0.0 || ^7.0.0 || ^8.0.0"},"devDependencies":{"acorn":"^8.0.1"},"_lastModified":"2026-06-08T04:32:05.515Z"}

package/dist/node_modules/acorn-walk/package.json

@@ -1 +1 @@
-{"name":"acorn-walk","description":"ECMAScript (ESTree) AST walker","homepage":"https://github.com/acornjs/acorn","main":"dist/walk.js","types":"dist/walk.d.ts","module":"dist/walk.mjs","exports":{".":[{"import":"./dist/walk.mjs","require":"./dist/walk.js","default":"./dist/walk.js"},"./dist/walk.js"],"./package.json":"./package.json"},"version":"8.3.4","engines":{"node":">=0.4.0"},"dependencies":{"acorn":"^8.11.0"},"maintainers":[{"name":"Marijn Haverbeke","email":"marijnh@gmail.com","web":"https://marijnhaverbeke.nl"},{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"https://rreverser.com/"},{"name":"Adrian Heine","web":"http://adrianheine.de"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn.git"},"scripts":{"prepare":"cd ..; npm run build:walk"},"license":"MIT","_lastModified":"2026-06-03T13:56:26.413Z"}
+{"name":"acorn-walk","description":"ECMAScript (ESTree) AST walker","homepage":"https://github.com/acornjs/acorn","main":"dist/walk.js","types":"dist/walk.d.ts","module":"dist/walk.mjs","exports":{".":[{"import":"./dist/walk.mjs","require":"./dist/walk.js","default":"./dist/walk.js"},"./dist/walk.js"],"./package.json":"./package.json"},"version":"8.3.4","engines":{"node":">=0.4.0"},"dependencies":{"acorn":"^8.11.0"},"maintainers":[{"name":"Marijn Haverbeke","email":"marijnh@gmail.com","web":"https://marijnhaverbeke.nl"},{"name":"Ingvar Stepanyan","email":"me@rreverser.com","web":"https://rreverser.com/"},{"name":"Adrian Heine","web":"http://adrianheine.de"}],"repository":{"type":"git","url":"https://github.com/acornjs/acorn.git"},"scripts":{"prepare":"cd ..; npm run build:walk"},"license":"MIT","_lastModified":"2026-06-08T04:32:05.627Z"}

package/dist/node_modules/ses/package.json

@@ -1 +1 @@
-{"name":"ses","version":"1.14.0","description":"Hardened JavaScript for Fearless Cooperation","keywords":["lockdown","harden","Compartment","assert","security","confinement","isolation","object capabilities","ocaps","secure execution","third-party code","prototype pollution","supply-chain attack","plugin"],"author":"Agoric","license":"Apache-2.0","homepage":"https://github.com/Agoric/SES-shim/tree/master/packages/ses#readme","repository":{"type":"git","url":"git+https://github.com/endojs/endo.git","directory":"packages/ses"},"bugs":{"url":"https://github.com/endojs/endo/issues"},"type":"module","main":"./dist/ses.cjs","module":"./index.js","unpkg":"./dist/ses.umd.js","types":"./types.d.ts","exports":{".":{"import":{"types":"./types.d.ts","xs":"./src-xs/index.js","default":"./index.js"},"require":{"types":"./dist/types.d.cts","default":"./dist/ses.cjs"}},"./lockdown":{"import":{"types":"./types.d.ts","default":"./index.js"},"require":{"types":"./dist/types.d.cts","default":"./dist/ses.cjs"}},"./hermes":{"require":{"types":"./dist/types.d.cts","default":"./dist/ses-hermes.cjs"}},"./tools.js":"./tools.js","./assert-shim.js":"./assert-shim.js","./lockdown-shim.js":{"xs":"./src-xs/lockdown-shim.js","default":"./lockdown-shim.js"},"./compartment-shim.js":{"xs":"./src-xs/compartment-shim.js","default":"./compartment-shim.js"},"./console-shim.js":"./console-shim.js","./package.json":"./package.json"},"scripts":{"build:vanilla":"node scripts/bundle.js","build:hermes":"node scripts/bundle.js hermes","build":"yarn build:vanilla && yarn build:hermes","clean":"rm -rf dist","cover":"c8 ava","demo":"python3 -m http.server","lint":"yarn lint:types && yarn lint:eslint","lint-fix":"eslint --fix .","lint:eslint":"eslint .","lint:types":"tsc","prepare":"npm run clean && npm run build","qt":"ava","test":"tsd && ava","test:hermes":"./scripts/hermes-test.sh","test:xs":"xst dist/ses.umd.js test/_lockdown-safe.js && node scripts/generate-test-xs.js && xst tmp/test-xs.js && rm -rf tmp","postpack":"git clean -fX \"*.d.ts*\" \"*.d.cts*\" \"*.d.mts*\" \"*.tsbuildinfo\""},"dependencies":{"@endo/cache-map":"^1.1.0","@endo/env-options":"^1.1.11","@endo/immutable-arraybuffer":"^1.1.2"},"devDependencies":{"@babel/generator":"^7.26.3","@babel/parser":"~7.26.2","@babel/traverse":"~7.25.9","@babel/types":"~7.26.0","@endo/compartment-mapper":"^1.6.3","@endo/module-source":"^1.3.3","@endo/test262-runner":"^0.1.48","@types/babel__traverse":"^7.20.5","ava":"^6.1.3","babel-eslint":"^10.1.0","c8":"^7.14.0","core-js":"^3.31.0","eslint":"^8.57.1","eslint-config-airbnb-base":"^15.0.0","eslint-config-prettier":"^9.1.0","eslint-plugin-eslint-comments":"^3.2.0","eslint-plugin-import":"^2.31.0","hermes-engine-cli":"^0.12.0","prettier":"^3.5.3","terser":"^5.16.6","tsd":"^0.31.2","typescript":"~5.8.3"},"files":["./*.d.ts","./*.js","./*.map","LICENSE*","SECURITY*","dist","lib","src","tools"],"publishConfig":{"access":"public"},"eslintConfig":{"extends":["plugin:@endo/ses"]},"ava":{"files":["test/**/*.test.*"],"timeout":"2m"},"typeCoverage":{"atLeast":81.17},"gitHead":"9815aea9541f241389d2135c6097a7442bdffa17","_lastModified":"2026-06-03T13:56:25.473Z"}
+{"name":"ses","version":"1.14.0","description":"Hardened JavaScript for Fearless Cooperation","keywords":["lockdown","harden","Compartment","assert","security","confinement","isolation","object capabilities","ocaps","secure execution","third-party code","prototype pollution","supply-chain attack","plugin"],"author":"Agoric","license":"Apache-2.0","homepage":"https://github.com/Agoric/SES-shim/tree/master/packages/ses#readme","repository":{"type":"git","url":"git+https://github.com/endojs/endo.git","directory":"packages/ses"},"bugs":{"url":"https://github.com/endojs/endo/issues"},"type":"module","main":"./dist/ses.cjs","module":"./index.js","unpkg":"./dist/ses.umd.js","types":"./types.d.ts","exports":{".":{"import":{"types":"./types.d.ts","xs":"./src-xs/index.js","default":"./index.js"},"require":{"types":"./dist/types.d.cts","default":"./dist/ses.cjs"}},"./lockdown":{"import":{"types":"./types.d.ts","default":"./index.js"},"require":{"types":"./dist/types.d.cts","default":"./dist/ses.cjs"}},"./hermes":{"require":{"types":"./dist/types.d.cts","default":"./dist/ses-hermes.cjs"}},"./tools.js":"./tools.js","./assert-shim.js":"./assert-shim.js","./lockdown-shim.js":{"xs":"./src-xs/lockdown-shim.js","default":"./lockdown-shim.js"},"./compartment-shim.js":{"xs":"./src-xs/compartment-shim.js","default":"./compartment-shim.js"},"./console-shim.js":"./console-shim.js","./package.json":"./package.json"},"scripts":{"build:vanilla":"node scripts/bundle.js","build:hermes":"node scripts/bundle.js hermes","build":"yarn build:vanilla && yarn build:hermes","clean":"rm -rf dist","cover":"c8 ava","demo":"python3 -m http.server","lint":"yarn lint:types && yarn lint:eslint","lint-fix":"eslint --fix .","lint:eslint":"eslint .","lint:types":"tsc","prepare":"npm run clean && npm run build","qt":"ava","test":"tsd && ava","test:hermes":"./scripts/hermes-test.sh","test:xs":"xst dist/ses.umd.js test/_lockdown-safe.js && node scripts/generate-test-xs.js && xst tmp/test-xs.js && rm -rf tmp","postpack":"git clean -fX \"*.d.ts*\" \"*.d.cts*\" \"*.d.mts*\" \"*.tsbuildinfo\""},"dependencies":{"@endo/cache-map":"^1.1.0","@endo/env-options":"^1.1.11","@endo/immutable-arraybuffer":"^1.1.2"},"devDependencies":{"@babel/generator":"^7.26.3","@babel/parser":"~7.26.2","@babel/traverse":"~7.25.9","@babel/types":"~7.26.0","@endo/compartment-mapper":"^1.6.3","@endo/module-source":"^1.3.3","@endo/test262-runner":"^0.1.48","@types/babel__traverse":"^7.20.5","ava":"^6.1.3","babel-eslint":"^10.1.0","c8":"^7.14.0","core-js":"^3.31.0","eslint":"^8.57.1","eslint-config-airbnb-base":"^15.0.0","eslint-config-prettier":"^9.1.0","eslint-plugin-eslint-comments":"^3.2.0","eslint-plugin-import":"^2.31.0","hermes-engine-cli":"^0.12.0","prettier":"^3.5.3","terser":"^5.16.6","tsd":"^0.31.2","typescript":"~5.8.3"},"files":["./*.d.ts","./*.js","./*.map","LICENSE*","SECURITY*","dist","lib","src","tools"],"publishConfig":{"access":"public"},"eslintConfig":{"extends":["plugin:@endo/ses"]},"ava":{"files":["test/**/*.test.*"],"timeout":"2m"},"typeCoverage":{"atLeast":81.17},"gitHead":"9815aea9541f241389d2135c6097a7442bdffa17","_lastModified":"2026-06-08T04:32:04.705Z"}

package/dist/node_modules/zod/package.json

@@ -1 +1 @@
-{"name":"zod","version":"4.3.5","type":"module","license":"MIT","author":"Colin McDonnell <zod@colinhacks.com>","description":"TypeScript-first schema declaration and validation library with static type inference","homepage":"https://zod.dev","llms":"https://zod.dev/llms.txt","llmsFull":"https://zod.dev/llms-full.txt","mcpServer":"https://mcp.inkeep.com/zod/mcp","funding":"https://github.com/sponsors/colinhacks","sideEffects":false,"files":["src","**/*.js","**/*.mjs","**/*.cjs","**/*.d.ts","**/*.d.mts","**/*.d.cts","**/package.json"],"keywords":["typescript","schema","validation","type","inference"],"main":"./index.cjs","types":"./index.d.cts","module":"./index.js","zshy":{"exports":{"./package.json":"./package.json",".":"./src/index.ts","./mini":"./src/mini/index.ts","./locales":"./src/locales/index.ts","./v3":"./src/v3/index.ts","./v4":"./src/v4/index.ts","./v4-mini":"./src/v4-mini/index.ts","./v4/mini":"./src/v4/mini/index.ts","./v4/core":"./src/v4/core/index.ts","./v4/locales":"./src/v4/locales/index.ts","./v4/locales/*":"./src/v4/locales/*"},"conditions":{"@zod/source":"src"}},"exports":{"./package.json":"./package.json",".":{"@zod/source":"./src/index.ts","types":"./index.d.cts","import":"./index.js","require":"./index.cjs"},"./mini":{"@zod/source":"./src/mini/index.ts","types":"./mini/index.d.cts","import":"./mini/index.js","require":"./mini/index.cjs"},"./locales":{"@zod/source":"./src/locales/index.ts","types":"./locales/index.d.cts","import":"./locales/index.js","require":"./locales/index.cjs"},"./v3":{"@zod/source":"./src/v3/index.ts","types":"./v3/index.d.cts","import":"./v3/index.js","require":"./v3/index.cjs"},"./v4":{"@zod/source":"./src/v4/index.ts","types":"./v4/index.d.cts","import":"./v4/index.js","require":"./v4/index.cjs"},"./v4-mini":{"@zod/source":"./src/v4-mini/index.ts","types":"./v4-mini/index.d.cts","import":"./v4-mini/index.js","require":"./v4-mini/index.cjs"},"./v4/mini":{"@zod/source":"./src/v4/mini/index.ts","types":"./v4/mini/index.d.cts","import":"./v4/mini/index.js","require":"./v4/mini/index.cjs"},"./v4/core":{"@zod/source":"./src/v4/core/index.ts","types":"./v4/core/index.d.cts","import":"./v4/core/index.js","require":"./v4/core/index.cjs"},"./v4/locales":{"@zod/source":"./src/v4/locales/index.ts","types":"./v4/locales/index.d.cts","import":"./v4/locales/index.js","require":"./v4/locales/index.cjs"},"./v4/locales/*":{"@zod/source":"./src/v4/locales/*","types":"./v4/locales/*","import":"./v4/locales/*","require":"./v4/locales/*"}},"repository":{"type":"git","url":"git+https://github.com/colinhacks/zod.git"},"bugs":{"url":"https://github.com/colinhacks/zod/issues"},"support":{"backing":{"npm-funding":true}},"scripts":{"clean":"git clean -xdf . -e node_modules","build":"zshy --project tsconfig.build.json","postbuild":"tsx ../../scripts/write-stub-package-jsons.ts && pnpm biome check --write .","test:watch":"pnpm vitest","test":"pnpm vitest run","prepublishOnly":"tsx ../../scripts/check-versions.ts"},"_lastModified":"2026-06-03T13:56:27.523Z"}
+{"name":"zod","version":"4.3.5","type":"module","license":"MIT","author":"Colin McDonnell <zod@colinhacks.com>","description":"TypeScript-first schema declaration and validation library with static type inference","homepage":"https://zod.dev","llms":"https://zod.dev/llms.txt","llmsFull":"https://zod.dev/llms-full.txt","mcpServer":"https://mcp.inkeep.com/zod/mcp","funding":"https://github.com/sponsors/colinhacks","sideEffects":false,"files":["src","**/*.js","**/*.mjs","**/*.cjs","**/*.d.ts","**/*.d.mts","**/*.d.cts","**/package.json"],"keywords":["typescript","schema","validation","type","inference"],"main":"./index.cjs","types":"./index.d.cts","module":"./index.js","zshy":{"exports":{"./package.json":"./package.json",".":"./src/index.ts","./mini":"./src/mini/index.ts","./locales":"./src/locales/index.ts","./v3":"./src/v3/index.ts","./v4":"./src/v4/index.ts","./v4-mini":"./src/v4-mini/index.ts","./v4/mini":"./src/v4/mini/index.ts","./v4/core":"./src/v4/core/index.ts","./v4/locales":"./src/v4/locales/index.ts","./v4/locales/*":"./src/v4/locales/*"},"conditions":{"@zod/source":"src"}},"exports":{"./package.json":"./package.json",".":{"@zod/source":"./src/index.ts","types":"./index.d.cts","import":"./index.js","require":"./index.cjs"},"./mini":{"@zod/source":"./src/mini/index.ts","types":"./mini/index.d.cts","import":"./mini/index.js","require":"./mini/index.cjs"},"./locales":{"@zod/source":"./src/locales/index.ts","types":"./locales/index.d.cts","import":"./locales/index.js","require":"./locales/index.cjs"},"./v3":{"@zod/source":"./src/v3/index.ts","types":"./v3/index.d.cts","import":"./v3/index.js","require":"./v3/index.cjs"},"./v4":{"@zod/source":"./src/v4/index.ts","types":"./v4/index.d.cts","import":"./v4/index.js","require":"./v4/index.cjs"},"./v4-mini":{"@zod/source":"./src/v4-mini/index.ts","types":"./v4-mini/index.d.cts","import":"./v4-mini/index.js","require":"./v4-mini/index.cjs"},"./v4/mini":{"@zod/source":"./src/v4/mini/index.ts","types":"./v4/mini/index.d.cts","import":"./v4/mini/index.js","require":"./v4/mini/index.cjs"},"./v4/core":{"@zod/source":"./src/v4/core/index.ts","types":"./v4/core/index.d.cts","import":"./v4/core/index.js","require":"./v4/core/index.cjs"},"./v4/locales":{"@zod/source":"./src/v4/locales/index.ts","types":"./v4/locales/index.d.cts","import":"./v4/locales/index.js","require":"./v4/locales/index.cjs"},"./v4/locales/*":{"@zod/source":"./src/v4/locales/*","types":"./v4/locales/*","import":"./v4/locales/*","require":"./v4/locales/*"}},"repository":{"type":"git","url":"git+https://github.com/colinhacks/zod.git"},"bugs":{"url":"https://github.com/colinhacks/zod/issues"},"support":{"backing":{"npm-funding":true}},"scripts":{"clean":"git clean -xdf . -e node_modules","build":"zshy --project tsconfig.build.json","postbuild":"tsx ../../scripts/write-stub-package-jsons.ts && pnpm biome check --write .","test:watch":"pnpm vitest","test":"pnpm vitest run","prepublishOnly":"tsx ../../scripts/check-versions.ts"},"_lastModified":"2026-06-08T04:32:06.743Z"}

package/dist/server/repository.d.ts

@@ -101,6 +101,9 @@ export declare class FlowModelRepository extends Repository {
     private findSiblingInfo;
     private findSiblingSortRows;
     private writeSiblingSorts;
+    private normalizeSiblingSorts;
+    private isAncestorOf;
+    private updateModelParentOptions;
     protected findNodeSchemaWithParent(uid: any, transaction: any): Promise<{
         parentUid: string;
         schema: any;

package/dist/server/repository.js

@@ -996,6 +996,51 @@ WHERE TreeTable.depth = 1 AND  TreeTable.ancestor = :ancestor and TreeTable.sort
     }
     await this.clearXUidPathCache(parentUid, transaction2);
   }
+  async normalizeSiblingSorts(info, transaction2) {
+    if (!info) {
+      return;
+    }
+    const siblingRows = await this.findSiblingSortRows(info.parentUid, info.type, transaction2);
+    await this.writeSiblingSorts(
+      info.parentUid,
+      siblingRows.map((row) => row.uid),
+      transaction2
+    );
+  }
+  async isAncestorOf(ancestorUid, descendantUid, transaction2) {
+    const rows = await this.database.sequelize.query(
+      this.sqlAdapter(`SELECT 1 as v
+        FROM ${this.flowModelTreePathTableName}
+        WHERE ancestor = :ancestorUid
+          AND descendant = :descendantUid
+          AND depth > 0
+        LIMIT 1`),
+      {
+        type: "SELECT",
+        replacements: { ancestorUid, descendantUid },
+        transaction: transaction2
+      }
+    );
+    return rows.length > 0;
+  }
+  async updateModelParentOptions(uid2, parentId, subKey, subType, transaction2) {
+    const modelInstance = await this.model.findByPk(uid2, { transaction: transaction2 });
+    if (!modelInstance) {
+      throw new Error(`flowModels:move sourceId '${uid2}' not found`);
+    }
+    await modelInstance.update(
+      {
+        options: {
+          ...import_lodash.default.omit(_FlowModelRepository.optionsToJson(modelInstance.get("options") || {}), ["uid"]),
+          parentId,
+          parent: parentId,
+          subKey,
+          subType
+        }
+      },
+      { transaction: transaction2, hooks: false }
+    );
+  }
   async findNodeSchemaWithParent(uid2, transaction2) {
     const schema = await this.database.getRepository("flowModels").findOne({
       filter: {
@@ -1538,40 +1583,62 @@ WHERE TreeTable.depth = 1 AND  TreeTable.ancestor = :ancestor and TreeTable.sort
       throw new Error("flowModels:move invalid position");
     }
     const transaction2 = transactionOptions == null ? void 0 : transactionOptions.transaction;
+    const sourceInstance = await this.model.findByPk(sourceUid, { transaction: transaction2 });
+    if (!sourceInstance) {
+      throw new Error(`flowModels:move sourceId '${sourceUid}' not found`);
+    }
     if (sourceUid === targetUid) {
-      const sourceInfo2 = await this.findSiblingInfo(sourceUid, transaction2);
-      if (sourceInfo2) {
-        const siblingRows2 = await this.findSiblingSortRows(sourceInfo2.parentUid, sourceInfo2.type, transaction2);
-        await this.writeSiblingSorts(
-          sourceInfo2.parentUid,
-          siblingRows2.map((row) => row.uid),
-          transaction2
-        );
-      }
+      await this.normalizeSiblingSorts(await this.findSiblingInfo(sourceUid, transaction2), transaction2);
       return null;
     }
     const sourceInfo = await this.findSiblingInfo(sourceUid, transaction2);
     const targetInfo = await this.findSiblingInfo(targetUid, transaction2);
-    if (!sourceInfo || !targetInfo) {
-      throw new Error("flowModels:move source or target is not attached to a parent");
-    }
-    if (sourceInfo.parentUid !== targetInfo.parentUid || sourceInfo.type !== targetInfo.type) {
-      throw new Error("flowModels:move source and target must be sibling nodes under the same parent/subKey");
-    }
-    const siblingRows = await this.findSiblingSortRows(sourceInfo.parentUid, sourceInfo.type, transaction2);
-    const sourceRow = siblingRows.find((row) => row.uid === sourceUid);
-    const targetIndex = siblingRows.findIndex((row) => row.uid === targetUid);
-    if (!sourceRow || targetIndex === -1) {
-      throw new Error("flowModels:move source and target must be sibling nodes under the same parent/subKey");
+    if (!targetInfo) {
+      throw new Error("flowModels:move target is not attached to a parent");
+    }
+    const targetInstance = await this.model.findByPk(targetUid, { transaction: transaction2 });
+    const targetOptions = _FlowModelRepository.optionsToJson((targetInstance == null ? void 0 : targetInstance.get("options")) || {});
+    const targetSubType = targetOptions.subType === "object" ? "object" : "array";
+    if (targetInfo.parentUid === sourceUid || await this.isAncestorOf(sourceUid, targetInfo.parentUid, transaction2)) {
+      throw new Error("flowModels:move cycle detected");
+    }
+    if ((sourceInfo == null ? void 0 : sourceInfo.parentUid) === targetInfo.parentUid && sourceInfo.type === targetInfo.type) {
+      const siblingRows = await this.findSiblingSortRows(sourceInfo.parentUid, sourceInfo.type, transaction2);
+      const sourceRow = siblingRows.find((row) => row.uid === sourceUid);
+      const targetIndex = siblingRows.findIndex((row) => row.uid === targetUid);
+      if (!sourceRow || targetIndex === -1) {
+        throw new Error("flowModels:move source and target must be sibling nodes under the same parent/subKey");
+      }
+      const rowsWithoutSource = siblingRows.filter((row) => row.uid !== sourceUid);
+      const insertIndex = rowsWithoutSource.findIndex((row) => row.uid === targetUid);
+      rowsWithoutSource.splice(position === "after" ? insertIndex + 1 : insertIndex, 0, sourceRow);
+      await this.writeSiblingSorts(
+        sourceInfo.parentUid,
+        rowsWithoutSource.map((row) => row.uid),
+        transaction2
+      );
+      return await this.findModelById(sourceUid, { transaction: transaction2 });
     }
-    const rowsWithoutSource = siblingRows.filter((row) => row.uid !== sourceUid);
-    const insertIndex = rowsWithoutSource.findIndex((row) => row.uid === targetUid);
-    rowsWithoutSource.splice(position === "after" ? insertIndex + 1 : insertIndex, 0, sourceRow);
-    await this.writeSiblingSorts(
-      sourceInfo.parentUid,
-      rowsWithoutSource.map((row) => row.uid),
-      transaction2
+    await this.normalizeSiblingSorts(sourceInfo, transaction2);
+    await this.normalizeSiblingSorts(targetInfo, transaction2);
+    await this.updateModelParentOptions(sourceUid, targetInfo.parentUid, targetInfo.type, targetSubType, transaction2);
+    await this.insertSingleNode(
+      {
+        uid: sourceUid,
+        name: sourceUid,
+        childOptions: {
+          parentUid: targetInfo.parentUid,
+          type: targetInfo.type,
+          position: {
+            type: position,
+            target: targetUid
+          }
+        }
+      },
+      { transaction: transaction2, removeParentsIfNoChildren: false }
     );
+    await this.normalizeSiblingSorts(sourceInfo, transaction2);
+    await this.normalizeSiblingSorts(await this.findSiblingInfo(sourceUid, transaction2), transaction2);
     return await this.findModelById(sourceUid, { transaction: transaction2 });
   }
 };

package/dist/server/template/contexts.d.ts

@@ -50,6 +50,8 @@ export declare class ServerBaseContext {
     delegate(ctx: ServerBaseContext): void;
     /** 清空所有委托 */
     clearDelegates(): void;
+    getSandboxKeys(): string[];
+    getSandboxValue(key: string, current?: ServerBaseContext): any;
     /** 创建并返回代理对象（同一实例下保持稳定引用） */
     createProxy(): any;
 }

package/dist/server/template/contexts.js

@@ -42,6 +42,10 @@ __export(contexts_exports, {
 });
 module.exports = __toCommonJS(contexts_exports);
 var import_lodash = __toESM(require("lodash"));
+const BLOCKED_SANDBOX_KEYS = /* @__PURE__ */ new Set(["__proto__", "prototype", "constructor", "then"]);
+function isBlockedSandboxKey(key) {
+  return BLOCKED_SANDBOX_KEYS.has(key);
+}
 class ServerBaseContext {
   _props = {};
   _methods = {};
@@ -106,6 +110,36 @@ class ServerBaseContext {
   clearDelegates() {
     this._delegates = [];
   }
+  getSandboxKeys() {
+    const keys = /* @__PURE__ */ new Set();
+    for (const key of Object.keys(this._props)) {
+      if (!isBlockedSandboxKey(key)) keys.add(key);
+    }
+    for (const key of Object.keys(this._methods)) {
+      if (!isBlockedSandboxKey(key)) keys.add(key);
+    }
+    for (const d of this._delegates) {
+      for (const key of d.getSandboxKeys()) {
+        if (!isBlockedSandboxKey(key)) keys.add(key);
+      }
+    }
+    return Array.from(keys);
+  }
+  getSandboxValue(key, current = this.createProxy()) {
+    if (isBlockedSandboxKey(key)) return void 0;
+    if (Object.prototype.hasOwnProperty.call(this._props, key)) {
+      return this._getOwn(key, current);
+    }
+    if (Object.prototype.hasOwnProperty.call(this._methods, key)) {
+      const fn = this._methods[key];
+      return typeof fn === "function" ? fn.bind(this) : fn;
+    }
+    for (const d of this._delegates) {
+      if (!d.getSandboxKeys().includes(key)) continue;
+      return d.getSandboxValue(key, current);
+    }
+    return void 0;
+  }
   /** 创建并返回代理对象（同一实例下保持稳定引用） */
   createProxy() {
     if (this._proxy) return this._proxy;

package/dist/server/template/resolver.js

@@ -42,6 +42,16 @@ __export(resolver_exports, {
 module.exports = __toCommonJS(resolver_exports);
 var import_ses = require("ses");
 var import_lodash = __toESM(require("lodash"));
+var import_utils = require("@nocobase/utils");
+var import_contexts = require("./contexts");
+const BLOCKED_SANDBOX_KEYS = /* @__PURE__ */ new Set(["__proto__", "prototype", "constructor"]);
+const sandboxProxyCache = /* @__PURE__ */ new WeakMap();
+const sandboxProxyMeta = /* @__PURE__ */ new WeakMap();
+const EMPTY_SANDBOX_CONTEXT = {
+  getSandboxKeys: () => [],
+  getSandboxValue: () => void 0
+};
+let resolverLockdownReady = false;
 async function resolveJsonTemplate(template, ctx) {
   const compile = async (source) => {
     if (typeof source === "string" && /\{\{.*?\}\}/.test(source)) {
@@ -75,6 +85,210 @@ async function replacePlaceholders(input, ctx) {
   }
   return result;
 }
+function isObjectLike(value) {
+  return value !== null && (typeof value === "object" || typeof value === "function");
+}
+function isTrustedPromise(value) {
+  return value instanceof Promise;
+}
+function isBlockedSandboxKey(key) {
+  return typeof key === "string" && BLOCKED_SANDBOX_KEYS.has(key);
+}
+function getSandboxDataDescriptor(source, key) {
+  if (isBlockedSandboxKey(key) || typeof key === "symbol") return void 0;
+  const descriptor = Reflect.getOwnPropertyDescriptor(source, key);
+  if (!descriptor || !("value" in descriptor)) return void 0;
+  if (key === "then" && typeof descriptor.value === "function") return void 0;
+  return descriptor;
+}
+function getPrimitiveDataDescriptor(source, key) {
+  if (source == null || isObjectLike(source)) return void 0;
+  return getSandboxDataDescriptor(Object(source), key);
+}
+function isSandboxContextSource(value) {
+  return value === EMPTY_SANDBOX_CONTEXT || value instanceof import_contexts.ServerBaseContext;
+}
+function wrapSandboxValue(value) {
+  if (isTrustedPromise(value)) {
+    return Promise.prototype.then.call(value, (resolved) => wrapSandboxValue(resolved));
+  }
+  if (!isObjectLike(value)) return value;
+  if (sandboxProxyMeta.has(value)) return value;
+  const cached = sandboxProxyCache.get(value);
+  if (cached) return cached;
+  const kind = isSandboxContextSource(value) ? "context" : typeof value === "function" ? "function" : "data";
+  const proxy = kind === "context" ? createSandboxContextProxy(value) : kind === "function" ? createSandboxFunctionProxy(value) : createSandboxDataProxy(value);
+  sandboxProxyCache.set(value, proxy);
+  sandboxProxyMeta.set(proxy, { kind, source: value });
+  return proxy;
+}
+function wrapRootSandboxContext(ctx) {
+  return wrapSandboxValue(isSandboxContextSource(ctx) ? ctx : EMPTY_SANDBOX_CONTEXT);
+}
+function ensureResolverLockdown() {
+  if (resolverLockdownReady) return;
+  (0, import_utils.lockdownSes)({
+    consoleTaming: "unsafe",
+    errorTaming: "unsafe",
+    overrideTaming: "moderate",
+    stackFiltering: "verbose"
+  });
+  resolverLockdownReady = true;
+}
+function createSandboxContextProxy(source) {
+  return new Proxy(/* @__PURE__ */ Object.create(null), {
+    get: (_target, key) => {
+      if (isBlockedSandboxKey(key) || typeof key !== "string") return void 0;
+      if (!source.getSandboxKeys().includes(key)) return void 0;
+      return wrapSandboxValue(source.getSandboxValue(key));
+    },
+    has: (_target, key) => typeof key === "string" && source.getSandboxKeys().includes(key),
+    ownKeys: () => source.getSandboxKeys(),
+    getOwnPropertyDescriptor: (_target, key) => {
+      if (isBlockedSandboxKey(key) || typeof key !== "string" || !source.getSandboxKeys().includes(key)) {
+        return void 0;
+      }
+      return {
+        configurable: true,
+        enumerable: true,
+        value: wrapSandboxValue(source.getSandboxValue(key))
+      };
+    },
+    getPrototypeOf: () => null,
+    set: () => false,
+    defineProperty: () => false,
+    deleteProperty: () => false
+  });
+}
+function createSandboxFunctionProxy(source) {
+  const callable = (...args) => Reflect.apply(source, void 0, args);
+  return new Proxy(callable, {
+    apply: (_target, _thisArg, argArray) => wrapSandboxValue(Reflect.apply(source, void 0, argArray)),
+    get: (_target, key) => {
+      if (key === "length" || key === "name") return Reflect.get(source, key);
+      return void 0;
+    },
+    has: (_target, key) => key === "length" || key === "name",
+    ownKeys: () => [],
+    getOwnPropertyDescriptor: () => void 0,
+    getPrototypeOf: () => null,
+    set: () => false,
+    defineProperty: () => false,
+    deleteProperty: () => false
+  });
+}
+function createSandboxDataProxy(source) {
+  const target = Array.isArray(source) ? new Array(source.length) : /* @__PURE__ */ Object.create(null);
+  return new Proxy(target, {
+    get: (_target, key) => {
+      const descriptor = getSandboxDataDescriptor(source, key);
+      if (!descriptor) return void 0;
+      const value = descriptor.value;
+      return typeof value === "function" ? wrapSandboxValue(value.bind(source)) : wrapSandboxValue(value);
+    },
+    has: (_target, key) => {
+      if (isBlockedSandboxKey(key) || typeof key !== "string") return false;
+      return !!getSandboxDataDescriptor(source, key);
+    },
+    ownKeys: () => {
+      const keys = Reflect.ownKeys(source).filter((key) => {
+        if (typeof key !== "string" || isBlockedSandboxKey(key)) return false;
+        return !!getSandboxDataDescriptor(source, key);
+      });
+      if (Array.isArray(source) && !keys.includes("length")) keys.push("length");
+      return keys;
+    },
+    getOwnPropertyDescriptor: (proxyTarget, key) => {
+      if (isBlockedSandboxKey(key) || typeof key === "symbol") return void 0;
+      if (Array.isArray(source) && key === "length") {
+        return Reflect.getOwnPropertyDescriptor(proxyTarget, key);
+      }
+      const descriptor = getSandboxDataDescriptor(source, key);
+      if (!descriptor) return void 0;
+      return {
+        configurable: true,
+        enumerable: descriptor.enumerable,
+        writable: false,
+        value: wrapSandboxValue(descriptor.value)
+      };
+    },
+    getPrototypeOf: () => null,
+    set: () => false,
+    defineProperty: () => false,
+    deleteProperty: () => false
+  });
+}
+async function unwrapSandboxValue(value, seen = /* @__PURE__ */ new WeakMap()) {
+  const resolved = isTrustedPromise(value) ? await value : value;
+  if (!isObjectLike(resolved)) return resolved;
+  const meta = sandboxProxyMeta.get(resolved);
+  if ((meta == null ? void 0 : meta.kind) === "function" || typeof resolved === "function") return void 0;
+  const source = (meta == null ? void 0 : meta.source) ?? resolved;
+  if (!isObjectLike(source)) return source;
+  if (seen.has(source)) return seen.get(source);
+  if (isSandboxContextSource(source)) {
+    const out2 = {};
+    seen.set(source, out2);
+    for (const key of source.getSandboxKeys()) {
+      if (BLOCKED_SANDBOX_KEYS.has(key)) continue;
+      out2[key] = await unwrapSandboxValue(wrapSandboxValue(source.getSandboxValue(key)), seen);
+    }
+    return out2;
+  }
+  if (Array.isArray(source)) {
+    const out2 = [];
+    seen.set(source, out2);
+    const lengthDescriptor = Reflect.getOwnPropertyDescriptor(source, "length");
+    const length = typeof (lengthDescriptor == null ? void 0 : lengthDescriptor.value) === "number" ? lengthDescriptor.value : 0;
+    for (let index = 0; index < length; index++) {
+      const descriptor = Reflect.getOwnPropertyDescriptor(source, String(index));
+      if (!descriptor || !("value" in descriptor)) continue;
+      out2.push(await unwrapSandboxValue(descriptor.value, seen));
+    }
+    return out2;
+  }
+  if (source instanceof Date) return source;
+  const out = {};
+  seen.set(source, out);
+  for (const key of Object.keys(source)) {
+    if (BLOCKED_SANDBOX_KEYS.has(key)) continue;
+    const descriptor = getSandboxDataDescriptor(source, key);
+    if (!descriptor) continue;
+    out[key] = await unwrapSandboxValue(descriptor.value, seen);
+  }
+  return out;
+}
+function getRootSandboxValue(ctx, key) {
+  if (BLOCKED_SANDBOX_KEYS.has(key)) return void 0;
+  if (isSandboxContextSource(ctx)) {
+    if (!ctx.getSandboxKeys().includes(key)) return void 0;
+    return wrapSandboxValue(ctx.getSandboxValue(key));
+  }
+  return void 0;
+}
+async function getSandboxProperty(value, key) {
+  if (BLOCKED_SANDBOX_KEYS.has(key)) return void 0;
+  const resolved = isTrustedPromise(value) ? await value : value;
+  if (resolved == null) return void 0;
+  const meta = isObjectLike(resolved) ? sandboxProxyMeta.get(resolved) : void 0;
+  const source = (meta == null ? void 0 : meta.source) ?? resolved;
+  if (isSandboxContextSource(source)) {
+    if (!source.getSandboxKeys().includes(key)) return void 0;
+    return wrapSandboxValue(source.getSandboxValue(key));
+  }
+  if (typeof source === "function") {
+    return key === "length" || key === "name" ? Reflect.get(source, key) : void 0;
+  }
+  if (!isObjectLike(source)) {
+    const descriptor2 = getPrimitiveDataDescriptor(source, key);
+    if (!descriptor2 || typeof descriptor2.value === "function") return void 0;
+    return wrapSandboxValue(descriptor2.value);
+  }
+  const descriptor = getSandboxDataDescriptor(source, key);
+  if (!descriptor) return void 0;
+  const current = descriptor.value;
+  return typeof current === "function" ? wrapSandboxValue(current.bind(source)) : wrapSandboxValue(current);
+}
 async function evaluate(expr, ctx) {
   try {
     const raw = expr.trim();
@@ -84,40 +298,36 @@ async function evaluate(expr, ctx) {
     if (dotOnly) {
       const first = dotOnly[1];
       const rest = dotOnly[2];
-      const base = await ctx[first];
-      if (!rest) return base;
+      const base = getRootSandboxValue(ctx, first);
+      if (!rest) return await unwrapSandboxValue(wrapSandboxValue(base));
       const resolved = await asyncGetValuesByPath(base, rest);
       if (typeof resolved !== "undefined" || !rest.includes("-")) {
-        return resolved;
+        return await unwrapSandboxValue(resolved);
       }
     }
     const transformed = preprocessExpression(raw);
+    ensureResolverLockdown();
     const compartment = new Compartment({
-      ctx,
-      __get: (varName, path) => getAtPath(ctx, varName, path),
-      console
+      ctx: wrapRootSandboxContext(ctx),
+      __get: wrapSandboxValue((varName, path) => getAtPath(ctx, varName, path))
     });
     const wrapped = `(async () => { try { return ${transformed}; } catch (e) { return undefined; } })()`;
-    return await compartment.evaluate(wrapped);
+    return await unwrapSandboxValue(await compartment.evaluate(wrapped));
   } catch (_2) {
     return void 0;
   }
 }
 async function getAtPath(ctx, varName, path) {
   try {
-    let current = await ctx[varName];
+    let current = getRootSandboxValue(ctx, varName);
     if (!path) return current;
     const norm = String(path || "").replace(/^\./, "");
     const segments = import_lodash.default.toPath(norm);
     for (const seg of segments) {
       if (current == null) return void 0;
-      let val = current[seg];
-      if (val && typeof val["then"] === "function") {
-        val = await val;
-      }
-      current = val;
+      current = await getSandboxProperty(current, seg);
     }
-    return current;
+    return wrapSandboxValue(current);
   } catch (_2) {
     return void 0;
   }
@@ -134,18 +344,19 @@ async function asyncGetValuesByPath(obj, path, defaultValue) {
       if (Array.isArray(currentValue)) {
         shouldReturnArray = true;
         const rest = keys.slice(i).join(".");
-        const parts = await Promise.all(currentValue.map((el) => asyncGetValuesByPath(el, rest, defaultValue)));
+        const parts = await Promise.all(
+          Array.prototype.map.call(currentValue, (el) => asyncGetValuesByPath(el, rest, defaultValue))
+        );
         for (const p of parts) {
-          if (Array.isArray(p)) result.push(...p);
-          else if (typeof p !== "undefined") result.push(p);
+          if (Array.isArray(p)) {
+            for (let index = 0; index < p.length; index++) {
+              if (typeof p[index] !== "undefined") result.push(p[index]);
+            }
+          } else if (typeof p !== "undefined") result.push(p);
         }
         break;
       }
-      let val = currentValue == null ? void 0 : currentValue[key];
-      if (val && typeof val.then === "function") {
-        val = await val;
-      }
-      currentValue = val;
+      currentValue = await getSandboxProperty(currentValue, key);
       if (i === keys.length - 1) {
         result.push(currentValue);
       }

package/package.json

@@ -4,7 +4,7 @@
   "displayName.zh-CN": "前端流引擎",
   "description": "",
   "description.zh-CN": "",
-  "version": "2.1.0-beta.44",
+  "version": "2.1.0-beta.45",
   "main": "./dist/server/index.js",
   "license": "Apache-2.0",
   "devDependencies": {
@@ -26,5 +26,5 @@
     "@nocobase/test": "2.x",
     "@nocobase/utils": "2.x"
   },
-  "gitHead": "540d4897b1696cc24c0754521b0b766978b4933c"
+  "gitHead": "42587115fc34c3eb01ef2b2549f1c998e5708318"
 }