@noy-db/create 0.5.0

package/dist/bin/noy-db.js

@@ -0,0 +1,548 @@
+#!/usr/bin/env node
+
+// src/bin/noy-db.ts
+import pc from "picocolors";
+
+// src/commands/add.ts
+import { promises as fs } from "fs";
+import path from "path";
+function validateCollectionName(name) {
+  if (!name) return "Collection name is required";
+  if (!/^[a-z][a-z0-9-]*$/.test(name)) {
+    return "Collection name must start with a lowercase letter and contain only lowercase letters, digits, or hyphens";
+  }
+  return null;
+}
+async function addCollection(options) {
+  const err = validateCollectionName(options.name);
+  if (err) throw new Error(err);
+  const cwd = options.cwd ?? process.cwd();
+  const compartment = options.compartment ?? "default";
+  const name = options.name;
+  const PascalName = name.split("-").map((s) => s.length === 0 ? s : (s[0]?.toUpperCase() ?? "") + s.slice(1)).join("");
+  const useFnName = `use${PascalName}`;
+  const storePath = path.join(cwd, "app", "stores", `${name}.ts`);
+  const pagePath = path.join(cwd, "app", "pages", `${name}.vue`);
+  for (const target of [storePath, pagePath]) {
+    if (await pathExists(target)) {
+      throw new Error(`Refusing to overwrite existing file: ${target}`);
+    }
+  }
+  await fs.mkdir(path.dirname(storePath), { recursive: true });
+  await fs.mkdir(path.dirname(pagePath), { recursive: true });
+  await fs.writeFile(storePath, renderStore(name, PascalName, useFnName, compartment), "utf8");
+  await fs.writeFile(pagePath, renderPage(name, PascalName, useFnName), "utf8");
+  return { files: [storePath, pagePath] };
+}
+async function pathExists(p) {
+  try {
+    await fs.access(p);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function renderStore(name, PascalName, useFnName, compartment) {
+  return `// Generated by \`noy-db add ${name}\`.
+//
+// Edit the ${PascalName} interface to match your domain, then call
+// \`${useFnName}()\` from any component.
+//
+// defineNoydbStore is auto-imported by @noy-db/nuxt. The compartment
+// id is the tenant/company namespace \u2014 change it if you have multiple.
+
+export interface ${PascalName} {
+  id: string
+  name: string
+}
+
+export const ${useFnName} = defineNoydbStore<${PascalName}>('${name}', {
+  compartment: '${compartment}',
+})
+`;
+}
+function renderPage(name, PascalName, useFnName) {
+  return `<!--
+  Generated by \`noy-db add ${name}\`.
+  Visit /${name} in your dev server.
+-->
+<script setup lang="ts">
+const ${name} = ${useFnName}()
+await ${name}.$ready
+
+function addOne() {
+  ${name}.add({
+    id: crypto.randomUUID(),
+    name: 'New ${PascalName}',
+  })
+}
+
+function removeOne(id: string) {
+  ${name}.remove(id)
+}
+</script>
+
+<template>
+  <main>
+    <h1>${PascalName}</h1>
+    <button @click="addOne">Add ${PascalName}</button>
+    <ul>
+      <li v-for="item in ${name}.items" :key="item.id">
+        {{ item.name }}
+        <button @click="removeOne(item.id)">Delete</button>
+      </li>
+    </ul>
+  </main>
+</template>
+`;
+}
+
+// src/commands/verify.ts
+import { createNoydb } from "@noy-db/core";
+import { memory } from "@noy-db/memory";
+async function verifyIntegrity() {
+  const start = performance.now();
+  try {
+    const db = await createNoydb({
+      adapter: memory(),
+      user: "noy-db-verify",
+      // The passphrase here is throwaway — the in-memory adapter never
+      // persists anything, and the KEK is destroyed when we call close()
+      // a few lines down. We use a non-trivial value just to exercise
+      // PBKDF2 properly.
+      secret: "noy-db-verify-passphrase-2026"
+    });
+    const company = await db.openCompartment("verify-co");
+    const collection = company.collection("verify");
+    const original = { id: "verify-1", n: 42 };
+    await collection.put("verify-1", original);
+    const got = await collection.get("verify-1");
+    if (!got || got.id !== original.id || got.n !== original.n) {
+      return fail(start, `Round-trip mismatch: got ${JSON.stringify(got)}`);
+    }
+    const found = collection.query().where("n", "==", 42).toArray();
+    if (found.length !== 1) {
+      return fail(start, `Query DSL mismatch: expected 1 result, got ${found.length}`);
+    }
+    db.close();
+    return {
+      ok: true,
+      message: "noy-db integrity check passed",
+      durationMs: Math.round(performance.now() - start)
+    };
+  } catch (err) {
+    return fail(start, `Integrity check threw: ${err.message}`);
+  }
+}
+function fail(start, message) {
+  return {
+    ok: false,
+    message,
+    durationMs: Math.round(performance.now() - start)
+  };
+}
+
+// src/commands/rotate.ts
+import { createNoydb as createNoydb2 } from "@noy-db/core";
+import { jsonFile } from "@noy-db/file";
+
+// src/commands/shared.ts
+import { password, isCancel, cancel } from "@clack/prompts";
+var VALID_ROLES = ["owner", "admin", "operator", "viewer", "client"];
+var defaultReadPassphrase = async (label) => {
+  const value = await password({
+    message: label,
+    // Basic sanity: reject empty strings up front. We don't enforce
+    // length here because the caller's KEK-derivation step will
+    // reject weak passphrases with its own, richer error.
+    validate: (v) => v.length === 0 ? "Passphrase cannot be empty" : void 0
+  });
+  if (isCancel(value)) {
+    cancel("Cancelled.");
+    process.exit(1);
+  }
+  return value;
+};
+function assertRole(input) {
+  if (!VALID_ROLES.includes(input)) {
+    throw new Error(
+      `Invalid role "${input}" \u2014 must be one of: ${VALID_ROLES.join(", ")}`
+    );
+  }
+  return input;
+}
+function parseCollectionList(input) {
+  if (!input) return null;
+  const parts = input.split(",").map((s) => s.trim()).filter((s) => s.length > 0);
+  return parts.length > 0 ? parts : null;
+}
+
+// src/commands/rotate.ts
+async function rotate(options) {
+  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase;
+  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile({ dir }));
+  const createDb = options.createDb ?? createNoydb2;
+  const secret = await readPassphrase(`Passphrase for ${options.user}`);
+  let db = null;
+  try {
+    db = await createDb({
+      adapter: buildAdapter(options.dir),
+      user: options.user,
+      secret
+    });
+    const compartment = await db.openCompartment(options.compartment);
+    const targets = options.collections && options.collections.length > 0 ? options.collections : await compartment.collections();
+    if (targets.length === 0) {
+      throw new Error(
+        `Compartment "${options.compartment}" has no collections to rotate.`
+      );
+    }
+    await db.rotate(options.compartment, targets);
+    return { rotated: targets };
+  } finally {
+    db?.close();
+  }
+}
+
+// src/commands/add-user.ts
+import { createNoydb as createNoydb3 } from "@noy-db/core";
+import { jsonFile as jsonFile2 } from "@noy-db/file";
+async function addUser(options) {
+  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase;
+  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile2({ dir }));
+  const createDb = options.createDb ?? createNoydb3;
+  if ((options.role === "operator" || options.role === "client") && (!options.permissions || Object.keys(options.permissions).length === 0)) {
+    throw new Error(
+      `Role "${options.role}" requires explicit --collections \u2014 e.g. --collections invoices:rw,clients:ro`
+    );
+  }
+  const callerSecret = await readPassphrase(
+    `Your passphrase (${options.callerUser})`
+  );
+  const newSecret = await readPassphrase(
+    `New passphrase for ${options.newUserId}`
+  );
+  const confirmSecret = await readPassphrase(
+    `Confirm passphrase for ${options.newUserId}`
+  );
+  if (newSecret !== confirmSecret) {
+    throw new Error(`Passphrases do not match \u2014 grant aborted.`);
+  }
+  let db = null;
+  try {
+    db = await createDb({
+      adapter: buildAdapter(options.dir),
+      user: options.callerUser,
+      secret: callerSecret
+    });
+    const grantOpts = {
+      userId: options.newUserId,
+      displayName: options.newUserDisplayName ?? options.newUserId,
+      role: options.role,
+      passphrase: newSecret,
+      ...options.permissions ? { permissions: options.permissions } : {}
+    };
+    await db.grant(options.compartment, grantOpts);
+    return {
+      userId: options.newUserId,
+      role: options.role
+    };
+  } finally {
+    db?.close();
+  }
+}
+
+// src/commands/backup.ts
+import { promises as fs2 } from "fs";
+import path2 from "path";
+import { createNoydb as createNoydb4 } from "@noy-db/core";
+import { jsonFile as jsonFile3 } from "@noy-db/file";
+function resolveBackupTarget(target, cwd = process.cwd()) {
+  let raw = target;
+  if (target.startsWith("file://")) {
+    raw = target.slice("file://".length);
+  } else if (target.includes("://")) {
+    throw new Error(
+      `Unsupported backup target scheme: "${target.split("://")[0]}://". Only file:// and plain filesystem paths are supported in v0.5. S3 backups will land in a follow-up.`
+    );
+  }
+  return path2.resolve(cwd, raw);
+}
+async function backup(options) {
+  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase;
+  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile3({ dir }));
+  const createDb = options.createDb ?? createNoydb4;
+  const absolutePath = resolveBackupTarget(options.target);
+  const secret = await readPassphrase(`Passphrase for ${options.user}`);
+  let db = null;
+  try {
+    db = await createDb({
+      adapter: buildAdapter(options.dir),
+      user: options.user,
+      secret
+    });
+    const compartment = await db.openCompartment(options.compartment);
+    const serialized = await compartment.dump();
+    await fs2.mkdir(path2.dirname(absolutePath), { recursive: true });
+    await fs2.writeFile(absolutePath, serialized, "utf8");
+    return {
+      path: absolutePath,
+      bytes: Buffer.byteLength(serialized, "utf8")
+    };
+  } finally {
+    db?.close();
+  }
+}
+
+// src/bin/noy-db.ts
+var HELP = `Usage: noy-db <command> [args]
+
+Commands:
+  add <collection>                             Scaffold a new collection store + page
+  add user <userId> <role> [options]           Grant a new user access to a compartment
+  verify                                       In-memory crypto integrity check
+  rotate [options]                             Rotate DEKs for a compartment
+  backup <target> [options]                    Dump a compartment to a file
+  help                                         Show this message
+
+Common options for rotate / add user / backup:
+  --dir <path>               Data directory (file adapter). Default: ./data
+  --compartment <name>       Compartment (tenant) name. Required.
+  --user <id>                Your user id in the compartment. Required.
+  --collections <list>       Comma-separated collection list. Format:
+                               rotate:  invoices,clients
+                               add user: invoices:rw,clients:ro (operator/client only)
+
+Examples:
+  noy-db add invoices
+  noy-db add user accountant-ann operator --dir ./data --compartment demo-co --user owner-alice --collections invoices:rw,clients:ro
+  noy-db verify
+  noy-db rotate --dir ./data --compartment demo-co --user owner-alice
+  noy-db backup ./backups/demo-co-2026-04-07.json --dir ./data --compartment demo-co --user owner-alice
+
+Run from the root of a project that already has a noy-db file
+adapter directory in place. For new projects, use
+\`npm create @noy-db\` instead.
+`;
+async function main() {
+  const [, , command, ...rest] = process.argv;
+  switch (command) {
+    case void 0:
+    case "help":
+    case "-h":
+    case "--help":
+      process.stdout.write(HELP);
+      return;
+    case "add":
+      await runAdd(rest);
+      return;
+    case "verify":
+      await runVerify();
+      return;
+    case "rotate":
+      await runRotate(rest);
+      return;
+    case "backup":
+      await runBackup(rest);
+      return;
+    default:
+      process.stderr.write(`${pc.red("error:")} unknown command '${command}'
+
+${HELP}`);
+      process.exit(2);
+  }
+}
+async function runAdd(args) {
+  const first = args[0];
+  if (first === "user") {
+    await runAddUser(args.slice(1));
+    return;
+  }
+  if (!first) {
+    process.stderr.write(
+      `${pc.red("error:")} \`noy-db add\` requires either a collection name or the \`user\` subcommand
+
+Examples:
+  noy-db add invoices
+  noy-db add user alice operator ...
+`
+    );
+    process.exit(2);
+  }
+  try {
+    const result = await addCollection({ name: first });
+    process.stdout.write(`${pc.green("\u2714")} Created:
+`);
+    for (const file of result.files) {
+      process.stdout.write(`  ${pc.dim("\u2192")} ${file}
+`);
+    }
+    process.stdout.write(
+      `
+Next: visit ${pc.cyan(`/${first}`)} in your dev server, then edit ${pc.bold(`app/stores/${first}.ts`)} to match your domain.
+`
+    );
+  } catch (err) {
+    process.stderr.write(`${pc.red("error:")} ${err.message}
+`);
+    process.exit(1);
+  }
+}
+async function runVerify() {
+  process.stdout.write(`${pc.dim("\u25B8 Running noy-db integrity check\u2026")}
+`);
+  const result = await verifyIntegrity();
+  if (result.ok) {
+    process.stdout.write(`${pc.green("\u2714")} ${result.message} ${pc.dim(`(${result.durationMs}ms)`)}
+`);
+    return;
+  }
+  process.stderr.write(`${pc.red("\u2718")} ${result.message} ${pc.dim(`(${result.durationMs}ms)`)}
+`);
+  process.exit(1);
+}
+async function runAddUser(args) {
+  const userId = args[0];
+  const roleInput = args[1];
+  if (!userId || !roleInput) {
+    process.stderr.write(
+      `${pc.red("error:")} \`noy-db add user\` requires <userId> <role>
+
+Example: noy-db add user ann operator --dir ./data --compartment demo-co --user owner-alice --collections invoices:rw
+`
+    );
+    process.exit(2);
+  }
+  let role;
+  try {
+    role = assertRole(roleInput);
+  } catch (err) {
+    process.stderr.write(`${pc.red("error:")} ${err.message}
+`);
+    process.exit(2);
+    return;
+  }
+  const flags = parseFlags(args.slice(2));
+  const dir = flags.dir ?? "./data";
+  const compartment = requireFlag(flags, "compartment");
+  const callerUser = requireFlag(flags, "user");
+  const permissions = parsePermissions(flags["collections"]);
+  const opts = {
+    dir,
+    compartment,
+    callerUser,
+    newUserId: userId,
+    role
+  };
+  if (flags["display-name"]) opts.newUserDisplayName = flags["display-name"];
+  if (permissions) opts.permissions = permissions;
+  try {
+    const result = await addUser(opts);
+    process.stdout.write(
+      `${pc.green("\u2714")} Granted ${pc.bold(result.role)} access to ${pc.cyan(result.userId)} in compartment ${pc.cyan(compartment)}.
+`
+    );
+  } catch (err) {
+    process.stderr.write(`${pc.red("error:")} ${err.message}
+`);
+    process.exit(1);
+  }
+}
+async function runRotate(args) {
+  const flags = parseFlags(args);
+  const dir = flags.dir ?? "./data";
+  const compartment = requireFlag(flags, "compartment");
+  const user = requireFlag(flags, "user");
+  const opts = { dir, compartment, user };
+  const collections = parseCollectionList(flags["collections"]);
+  if (collections) opts.collections = collections;
+  try {
+    const result = await rotate(opts);
+    process.stdout.write(
+      `${pc.green("\u2714")} Rotated ${pc.bold(String(result.rotated.length))} collection(s) in ${pc.cyan(compartment)}:
+`
+    );
+    for (const name of result.rotated) {
+      process.stdout.write(`  ${pc.dim("\u2192")} ${name}
+`);
+    }
+  } catch (err) {
+    process.stderr.write(`${pc.red("error:")} ${err.message}
+`);
+    process.exit(1);
+  }
+}
+async function runBackup(args) {
+  const target = args[0];
+  if (!target) {
+    process.stderr.write(
+      `${pc.red("error:")} \`noy-db backup\` requires a target path
+
+Example: noy-db backup ./backups/demo.json --dir ./data --compartment demo-co --user owner-alice
+`
+    );
+    process.exit(2);
+  }
+  const flags = parseFlags(args.slice(1));
+  const dir = flags.dir ?? "./data";
+  const compartment = requireFlag(flags, "compartment");
+  const user = requireFlag(flags, "user");
+  try {
+    const result = await backup({ dir, compartment, user, target });
+    process.stdout.write(
+      `${pc.green("\u2714")} Wrote backup: ${pc.cyan(result.path)} ${pc.dim(`(${result.bytes} bytes)`)}
+`
+    );
+  } catch (err) {
+    process.stderr.write(`${pc.red("error:")} ${err.message}
+`);
+    process.exit(1);
+  }
+}
+function parseFlags(args) {
+  const out = {};
+  for (let i = 0; i < args.length; i++) {
+    const arg = args[i];
+    if (!arg || !arg.startsWith("--")) continue;
+    const key = arg.slice(2);
+    const next = args[i + 1];
+    if (next && !next.startsWith("--")) {
+      out[key] = next;
+      i++;
+    } else {
+      out[key] = "true";
+    }
+  }
+  return out;
+}
+function requireFlag(flags, name) {
+  const value = flags[name];
+  if (!value) {
+    process.stderr.write(
+      `${pc.red("error:")} missing required flag --${name}
+`
+    );
+    process.exit(2);
+  }
+  return value;
+}
+function parsePermissions(input) {
+  if (!input) return null;
+  const out = {};
+  for (const pair of input.split(",").map((s) => s.trim()).filter(Boolean)) {
+    const [name, mode] = pair.split(":");
+    if (!name || !mode || mode !== "rw" && mode !== "ro") {
+      throw new Error(
+        `Invalid --collections entry "${pair}" \u2014 expected "name:rw" or "name:ro"`
+      );
+    }
+    out[name] = mode;
+  }
+  return Object.keys(out).length > 0 ? out : null;
+}
+main().catch((err) => {
+  process.stderr.write(`${pc.red("fatal:")} ${err.message}
+`);
+  process.exit(1);
+});
+//# sourceMappingURL=noy-db.js.map

package/dist/bin/noy-db.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/bin/noy-db.ts","../../src/commands/add.ts","../../src/commands/verify.ts","../../src/commands/rotate.ts","../../src/commands/shared.ts","../../src/commands/add-user.ts","../../src/commands/backup.ts"],"sourcesContent":["#!/usr/bin/env node\n/**\n * The `noy-db` bin. Invoked from inside an existing project by\n * `pnpm exec noy-db <command>`, `npx noy-db <command>`, etc.\n *\n * Subcommands (v0.5.0):\n *\n *   add <collection>                       Scaffold store + page files\n *   add user <id> <role> [--collections…]  Grant a new user access\n *   verify                                 In-memory integrity check\n *   rotate --compartment … --user …        Rotate DEKs for a compartment\n *   backup <target> --compartment … …      Dump a compartment to a file\n *   help                                   Show usage\n *\n * Future subcommands (deferred to a follow-up):\n *   seed                Re-run the project's seeder script (needs\n *                       a design decision on how seed scripts auth)\n *   backup s3://...     S3 targets (would bundle @aws-sdk; lives in\n *                       an optional companion package instead)\n *   restore <file>      Load a dumped backup into a compartment\n *\n * ## Dispatcher design\n *\n * The dispatcher is intentionally dead simple: read argv[2], pick\n * a handler, pass the remaining args. No flag DSL, no auto-help\n * generation. Each subcommand's argv parser lives next to the\n * subcommand itself so the wiring is obvious and the pure\n * subcommand functions stay testable in isolation.\n *\n * ## Passphrase handling invariants\n *\n * Every subcommand that unlocks a compartment goes through the\n * shared `defaultReadPassphrase` helper (see `commands/shared.ts`).\n * That helper:\n *\n *   - Uses @clack/prompts `password()` so nothing echoes to stdout\n *   - Never logs the returned value\n *   - Validates \"not empty\" up front; the real strength check\n *     happens inside the core's KEK derivation\n *   - Aborts the process on Ctrl-C before any I/O happens\n *\n * The passphrase never leaves the closure in which it was read —\n * every subcommand closes the Noydb instance in a `finally` block\n * so the KEK is cleared from memory on the way out.\n */\n\nimport pc from 'picocolors'\nimport { addCollection } from '../commands/add.js'\nimport { verifyIntegrity } from '../commands/verify.js'\nimport { rotate, type RotateOptions } from '../commands/rotate.js'\nimport { addUser, type AddUserOptions } from '../commands/add-user.js'\nimport { backup } from '../commands/backup.js'\nimport { assertRole, parseCollectionList } from '../commands/shared.js'\n\nconst HELP = `Usage: noy-db <command> [args]\n\nCommands:\n  add <collection>                             Scaffold a new collection store + page\n  add user <userId> <role> [options]           Grant a new user access to a compartment\n  verify                                       In-memory crypto integrity check\n  rotate [options]                             Rotate DEKs for a compartment\n  backup <target> [options]                    Dump a compartment to a file\n  help                                         Show this message\n\nCommon options for rotate / add user / backup:\n  --dir <path>               Data directory (file adapter). Default: ./data\n  --compartment <name>       Compartment (tenant) name. Required.\n  --user <id>                Your user id in the compartment. Required.\n  --collections <list>       Comma-separated collection list. Format:\n                               rotate:  invoices,clients\n                               add user: invoices:rw,clients:ro (operator/client only)\n\nExamples:\n  noy-db add invoices\n  noy-db add user accountant-ann operator --dir ./data --compartment demo-co --user owner-alice --collections invoices:rw,clients:ro\n  noy-db verify\n  noy-db rotate --dir ./data --compartment demo-co --user owner-alice\n  noy-db backup ./backups/demo-co-2026-04-07.json --dir ./data --compartment demo-co --user owner-alice\n\nRun from the root of a project that already has a noy-db file\nadapter directory in place. For new projects, use\n\\`npm create @noy-db\\` instead.\n`\n\nasync function main(): Promise<void> {\n  const [, , command, ...rest] = process.argv\n\n  switch (command) {\n    case undefined:\n    case 'help':\n    case '-h':\n    case '--help':\n      process.stdout.write(HELP)\n      return\n\n    case 'add':\n      await runAdd(rest)\n      return\n\n    case 'verify':\n      await runVerify()\n      return\n\n    case 'rotate':\n      await runRotate(rest)\n      return\n\n    case 'backup':\n      await runBackup(rest)\n      return\n\n    default:\n      process.stderr.write(`${pc.red('error:')} unknown command '${command}'\\n\\n${HELP}`)\n      process.exit(2)\n  }\n}\n\n// ─── `add` dispatcher — branches between `add <collection>` and `add user …` ─\n\nasync function runAdd(args: string[]): Promise<void> {\n  const first = args[0]\n  if (first === 'user') {\n    await runAddUser(args.slice(1))\n    return\n  }\n  // Legacy path: `noy-db add <collection>` scaffolds store + page files.\n  if (!first) {\n    process.stderr.write(\n      `${pc.red('error:')} \\`noy-db add\\` requires either a collection name or the \\`user\\` subcommand\\n\\n` +\n        `Examples:\\n  noy-db add invoices\\n  noy-db add user alice operator ...\\n`,\n    )\n    process.exit(2)\n  }\n  try {\n    const result = await addCollection({ name: first })\n    process.stdout.write(`${pc.green('✔')} Created:\\n`)\n    for (const file of result.files) {\n      process.stdout.write(`  ${pc.dim('→')} ${file}\\n`)\n    }\n    process.stdout.write(\n      `\\nNext: visit ${pc.cyan(`/${first}`)} in your dev server, then edit ${pc.bold(`app/stores/${first}.ts`)} to match your domain.\\n`,\n    )\n  } catch (err) {\n    process.stderr.write(`${pc.red('error:')} ${(err as Error).message}\\n`)\n    process.exit(1)\n  }\n}\n\n// ─── `verify` ──────────────────────────────────────────────────────────\n\nasync function runVerify(): Promise<void> {\n  process.stdout.write(`${pc.dim('▸ Running noy-db integrity check…')}\\n`)\n  const result = await verifyIntegrity()\n  if (result.ok) {\n    process.stdout.write(`${pc.green('✔')} ${result.message} ${pc.dim(`(${result.durationMs}ms)`)}\\n`)\n    return\n  }\n  process.stderr.write(`${pc.red('✘')} ${result.message} ${pc.dim(`(${result.durationMs}ms)`)}\\n`)\n  process.exit(1)\n}\n\n// ─── `add user` ────────────────────────────────────────────────────────\n\nasync function runAddUser(args: string[]): Promise<void> {\n  // Positional: userId, role. Then flag bag.\n  const userId = args[0]\n  const roleInput = args[1]\n  if (!userId || !roleInput) {\n    process.stderr.write(\n      `${pc.red('error:')} \\`noy-db add user\\` requires <userId> <role>\\n\\n` +\n        `Example: noy-db add user ann operator --dir ./data --compartment demo-co --user owner-alice --collections invoices:rw\\n`,\n    )\n    process.exit(2)\n  }\n\n  let role\n  try {\n    role = assertRole(roleInput)\n  } catch (err) {\n    process.stderr.write(`${pc.red('error:')} ${(err as Error).message}\\n`)\n    process.exit(2)\n    return\n  }\n\n  const flags = parseFlags(args.slice(2))\n  const dir = flags.dir ?? './data'\n  const compartment = requireFlag(flags, 'compartment')\n  const callerUser = requireFlag(flags, 'user')\n\n  const permissions = parsePermissions(flags['collections'])\n\n  const opts: AddUserOptions = {\n    dir,\n    compartment,\n    callerUser,\n    newUserId: userId,\n    role,\n  }\n  if (flags['display-name']) opts.newUserDisplayName = flags['display-name']\n  if (permissions) opts.permissions = permissions\n\n  try {\n    const result = await addUser(opts)\n    process.stdout.write(\n      `${pc.green('✔')} Granted ${pc.bold(result.role)} access to ${pc.cyan(result.userId)} in compartment ${pc.cyan(compartment)}.\\n`,\n    )\n  } catch (err) {\n    process.stderr.write(`${pc.red('error:')} ${(err as Error).message}\\n`)\n    process.exit(1)\n  }\n}\n\n// ─── `rotate` ──────────────────────────────────────────────────────────\n\nasync function runRotate(args: string[]): Promise<void> {\n  const flags = parseFlags(args)\n  const dir = flags.dir ?? './data'\n  const compartment = requireFlag(flags, 'compartment')\n  const user = requireFlag(flags, 'user')\n\n  const opts: RotateOptions = { dir, compartment, user }\n  const collections = parseCollectionList(flags['collections'])\n  if (collections) opts.collections = collections\n\n  try {\n    const result = await rotate(opts)\n    process.stdout.write(\n      `${pc.green('✔')} Rotated ${pc.bold(String(result.rotated.length))} collection(s) in ${pc.cyan(compartment)}:\\n`,\n    )\n    for (const name of result.rotated) {\n      process.stdout.write(`  ${pc.dim('→')} ${name}\\n`)\n    }\n  } catch (err) {\n    process.stderr.write(`${pc.red('error:')} ${(err as Error).message}\\n`)\n    process.exit(1)\n  }\n}\n\n// ─── `backup` ──────────────────────────────────────────────────────────\n\nasync function runBackup(args: string[]): Promise<void> {\n  const target = args[0]\n  if (!target) {\n    process.stderr.write(\n      `${pc.red('error:')} \\`noy-db backup\\` requires a target path\\n\\n` +\n        `Example: noy-db backup ./backups/demo.json --dir ./data --compartment demo-co --user owner-alice\\n`,\n    )\n    process.exit(2)\n  }\n\n  const flags = parseFlags(args.slice(1))\n  const dir = flags.dir ?? './data'\n  const compartment = requireFlag(flags, 'compartment')\n  const user = requireFlag(flags, 'user')\n\n  try {\n    const result = await backup({ dir, compartment, user, target })\n    process.stdout.write(\n      `${pc.green('✔')} Wrote backup: ${pc.cyan(result.path)} ${pc.dim(`(${result.bytes} bytes)`)}\\n`,\n    )\n  } catch (err) {\n    process.stderr.write(`${pc.red('error:')} ${(err as Error).message}\\n`)\n    process.exit(1)\n  }\n}\n\n// ─── Shared argv helpers ───────────────────────────────────────────────\n\n/**\n * Parse a sequence of `--key value` flag pairs into a record.\n * Boolean flags (`--flag` with no value) become `\"true\"`. Unknown\n * shapes (positional args after the known set) are ignored — the\n * caller has already peeled positionals before passing in.\n */\nfunction parseFlags(args: string[]): Record<string, string> {\n  const out: Record<string, string> = {}\n  for (let i = 0; i < args.length; i++) {\n    const arg = args[i]\n    if (!arg || !arg.startsWith('--')) continue\n    const key = arg.slice(2)\n    const next = args[i + 1]\n    if (next && !next.startsWith('--')) {\n      out[key] = next\n      i++\n    } else {\n      out[key] = 'true'\n    }\n  }\n  return out\n}\n\nfunction requireFlag(flags: Record<string, string>, name: string): string {\n  const value = flags[name]\n  if (!value) {\n    process.stderr.write(\n      `${pc.red('error:')} missing required flag --${name}\\n`,\n    )\n    process.exit(2)\n  }\n  return value\n}\n\n/**\n * Parse `--collections invoices:rw,clients:ro` into a\n * `{ invoices: 'rw', clients: 'ro' }` record. Returns `null` when\n * the input is empty or undefined.\n */\nfunction parsePermissions(\n  input: string | undefined,\n): Record<string, 'rw' | 'ro'> | null {\n  if (!input) return null\n  const out: Record<string, 'rw' | 'ro'> = {}\n  for (const pair of input.split(',').map((s) => s.trim()).filter(Boolean)) {\n    const [name, mode] = pair.split(':')\n    if (!name || !mode || (mode !== 'rw' && mode !== 'ro')) {\n      throw new Error(\n        `Invalid --collections entry \"${pair}\" — expected \"name:rw\" or \"name:ro\"`,\n      )\n    }\n    out[name] = mode\n  }\n  return Object.keys(out).length > 0 ? out : null\n}\n\nmain().catch((err: unknown) => {\n  process.stderr.write(`${pc.red('fatal:')} ${(err as Error).message}\\n`)\n  process.exit(1)\n})\n","/**\n * `noy-db add <collection>` — scaffold a new collection inside an existing\n * Nuxt 4 project that already has `@noy-db/nuxt` configured.\n *\n * The command writes two files:\n *\n *   1. `app/stores/<collection>.ts` — a `defineNoydbStore<T>()` call with\n *      a placeholder `T` interface and one example field. The user fills\n *      in the real shape after the file is created.\n *\n *   2. `app/pages/<collection>.vue` — a minimal CRUD page that lists,\n *      adds, and deletes records. The store ID and collection name are\n *      derived from the argument; everything else is boilerplate.\n *\n * The command refuses to overwrite existing files. If either target\n * already exists it logs which one and exits non-zero — the user has to\n * delete or move the file first. There's no `--force` because forcing an\n * overwrite of generated UI code is almost always a footgun in disguise.\n */\n\nimport { promises as fs } from 'node:fs'\nimport path from 'node:path'\n\nexport interface AddCollectionOptions {\n  /** The collection name. Must be a lowercase identifier. */\n  name: string\n  /** Project root. Defaults to `process.cwd()`. */\n  cwd?: string\n  /** Compartment id to embed in the generated store. Defaults to `default`. */\n  compartment?: string\n}\n\n/**\n * Result returned to callers (the bin entry uses this to format output;\n * tests assert on the file paths).\n */\nexport interface AddCollectionResult {\n  /** Files written, in the order they were created. */\n  files: string[]\n}\n\n/**\n * Lowercase identifier check, narrower than the project-name check —\n * collection names become Vue component names, Pinia store IDs, AND TS\n * symbols, so we keep them simple: letters, digits, hyphens, must start\n * with a letter.\n */\nexport function validateCollectionName(name: string): string | null {\n  if (!name) return 'Collection name is required'\n  if (!/^[a-z][a-z0-9-]*$/.test(name)) {\n    return 'Collection name must start with a lowercase letter and contain only lowercase letters, digits, or hyphens'\n  }\n  return null\n}\n\nexport async function addCollection(\n  options: AddCollectionOptions,\n): Promise<AddCollectionResult> {\n  const err = validateCollectionName(options.name)\n  if (err) throw new Error(err)\n\n  const cwd = options.cwd ?? process.cwd()\n  const compartment = options.compartment ?? 'default'\n  const name = options.name\n\n  // Convert kebab-case to PascalCase for the TS interface name and the\n  // Vue helper variable.\n  const PascalName = name\n    .split('-')\n    .map((s) => (s.length === 0 ? s : (s[0]?.toUpperCase() ?? '') + s.slice(1)))\n    .join('')\n  const useFnName = `use${PascalName}`\n\n  const storePath = path.join(cwd, 'app', 'stores', `${name}.ts`)\n  const pagePath = path.join(cwd, 'app', 'pages', `${name}.vue`)\n\n  // Refuse to overwrite. Doing both checks before writing either file\n  // means a partial write is impossible — either both files land or\n  // neither does.\n  for (const target of [storePath, pagePath]) {\n    if (await pathExists(target)) {\n      throw new Error(`Refusing to overwrite existing file: ${target}`)\n    }\n  }\n\n  await fs.mkdir(path.dirname(storePath), { recursive: true })\n  await fs.mkdir(path.dirname(pagePath), { recursive: true })\n\n  await fs.writeFile(storePath, renderStore(name, PascalName, useFnName, compartment), 'utf8')\n  await fs.writeFile(pagePath, renderPage(name, PascalName, useFnName), 'utf8')\n\n  return { files: [storePath, pagePath] }\n}\n\nasync function pathExists(p: string): Promise<boolean> {\n  try {\n    await fs.access(p)\n    return true\n  } catch {\n    return false\n  }\n}\n\n/**\n * Renders the `app/stores/<name>.ts` file. The interface is intentionally\n * minimal — `id` and `name` are the only fields. The user is expected to\n * extend it after generation; we'd rather not lock them into a domain\n * shape we guessed.\n */\nfunction renderStore(\n  name: string,\n  PascalName: string,\n  useFnName: string,\n  compartment: string,\n): string {\n  return `// Generated by \\`noy-db add ${name}\\`.\n//\n// Edit the ${PascalName} interface to match your domain, then call\n// \\`${useFnName}()\\` from any component.\n//\n// defineNoydbStore is auto-imported by @noy-db/nuxt. The compartment\n// id is the tenant/company namespace — change it if you have multiple.\n\nexport interface ${PascalName} {\n  id: string\n  name: string\n}\n\nexport const ${useFnName} = defineNoydbStore<${PascalName}>('${name}', {\n  compartment: '${compartment}',\n})\n`\n}\n\n/**\n * Renders the `app/pages/<name>.vue` page — list + add + delete. Picks\n * the simplest possible template-renderer pattern (`v-for`, no fancy\n * components) so the generated file is easy to read and modify.\n */\nfunction renderPage(name: string, PascalName: string, useFnName: string): string {\n  return `<!--\n  Generated by \\`noy-db add ${name}\\`.\n  Visit /${name} in your dev server.\n-->\n<script setup lang=\"ts\">\nconst ${name} = ${useFnName}()\nawait ${name}.$ready\n\nfunction addOne() {\n  ${name}.add({\n    id: crypto.randomUUID(),\n    name: 'New ${PascalName}',\n  })\n}\n\nfunction removeOne(id: string) {\n  ${name}.remove(id)\n}\n</script>\n\n<template>\n  <main>\n    <h1>${PascalName}</h1>\n    <button @click=\"addOne\">Add ${PascalName}</button>\n    <ul>\n      <li v-for=\"item in ${name}.items\" :key=\"item.id\">\n        {{ item.name }}\n        <button @click=\"removeOne(item.id)\">Delete</button>\n      </li>\n    </ul>\n  </main>\n</template>\n`\n}\n","/**\n * `noy-db verify` — end-to-end integrity check.\n *\n * Opens an in-memory NOYDB instance, writes a record, reads it back,\n * decrypts it, and asserts the round-trip is byte-identical. The check\n * exercises the full crypto path (PBKDF2 → KEK → DEK → AES-GCM) without\n * touching any user data on disk.\n *\n * Why an in-memory check is the right scope:\n *   - It validates that @noy-db/core, @noy-db/memory, and the user's\n *     installed Node version all agree on Web Crypto. That's the most\n *     common silent failure for first-time installers.\n *   - It cannot accidentally corrupt user data because there isn't any.\n *   - It runs in well under one second, so users actually run it.\n *\n * What this command does NOT do (intentionally):\n *   - Open the user's actual compartment file/dynamo/s3/browser store.\n *     That requires the user's passphrase — not something we want a CLI\n *     `verify` command to prompt for. The full passphrase-driven verify\n *     belongs in `nuxi noydb verify` once the auth story for CLIs lands\n *     in v0.4. For now `noy-db verify` is the dependency-graph smoke test.\n */\n\nimport { createNoydb } from '@noy-db/core'\nimport { memory } from '@noy-db/memory'\n\nexport interface VerifyResult {\n  /** `true` if the round-trip succeeded; `false` if anything diverged. */\n  ok: boolean\n  /** Human-readable status. Always set, even on success. */\n  message: string\n  /** Wall-clock time the integrity check took, in ms. */\n  durationMs: number\n}\n\n/**\n * Runs the end-to-end check. Pure function — no console output, no\n * `process.exit`. The bin wrapper handles formatting and exit codes so\n * the function is trivial to call from tests.\n */\nexport async function verifyIntegrity(): Promise<VerifyResult> {\n  const start = performance.now()\n  try {\n    const db = await createNoydb({\n      adapter: memory(),\n      user: 'noy-db-verify',\n      // The passphrase here is throwaway — the in-memory adapter never\n      // persists anything, and the KEK is destroyed when we call close()\n      // a few lines down. We use a non-trivial value just to exercise\n      // PBKDF2 properly.\n      secret: 'noy-db-verify-passphrase-2026',\n    })\n    const company = await db.openCompartment('verify-co')\n    const collection = company.collection<{ id: string; n: number }>('verify')\n\n    // Round-trip a single record. We pick a value that's small enough\n    // to print on failure but large enough to ensure encryption isn't\n    // accidentally a no-op.\n    const original = { id: 'verify-1', n: 42 }\n    await collection.put('verify-1', original)\n    const got = await collection.get('verify-1')\n    if (!got || got.id !== original.id || got.n !== original.n) {\n      return fail(start, `Round-trip mismatch: got ${JSON.stringify(got)}`)\n    }\n\n    // Make sure the query DSL works too — this catches the case where\n    // the user's @noy-db/core install is at v0.2 (no query DSL) but the\n    // CLI was updated to v0.3.\n    const found = collection.query().where('n', '==', 42).toArray()\n    if (found.length !== 1) {\n      return fail(start, `Query DSL mismatch: expected 1 result, got ${found.length}`)\n    }\n\n    db.close()\n\n    return {\n      ok: true,\n      message: 'noy-db integrity check passed',\n      durationMs: Math.round(performance.now() - start),\n    }\n  } catch (err) {\n    return fail(start, `Integrity check threw: ${(err as Error).message}`)\n  }\n}\n\nfunction fail(start: number, message: string): VerifyResult {\n  return {\n    ok: false,\n    message,\n    durationMs: Math.round(performance.now() - start),\n  }\n}\n","/**\n * `noy-db rotate` — rotate the DEKs for one or more collections in\n * a compartment.\n *\n * What it does\n * ------------\n * For each target collection:\n *\n *   1. Generate a fresh DEK\n *   2. Decrypt every record with the old DEK\n *   3. Re-encrypt every record with the new DEK\n *   4. Re-wrap the new DEK into every remaining user's keyring\n *\n * The old DEKs become unreachable as soon as the keyring files are\n * updated. This is the \"just rotate\" path — nobody is revoked,\n * everybody keeps their current permissions, but the key material\n * is replaced.\n *\n * Why expose this as a CLI command\n * --------------------------------\n * Two real-world scenarios:\n *\n *   1. **Suspected key leak.** An operator lost a laptop, a\n *      developer accidentally pasted a passphrase into a Slack\n *      channel, a USB stick went missing. Even if you think the\n *      passphrase is safe, rotating is cheap insurance.\n *\n *   2. **Scheduled rotation.** Some compliance regimes require\n *      periodic key rotation regardless of exposure. A CLI makes\n *      this scriptable from cron or a CI job.\n *\n * This module is test-first: all inputs are plain options, the\n * passphrase reader is injected, and the Noydb factory is\n * injectable. The production bin is a thin wrapper that defaults\n * those injections to their real implementations.\n */\n\nimport { createNoydb, type Noydb, type NoydbAdapter } from '@noy-db/core'\nimport { jsonFile } from '@noy-db/file'\nimport type { ReadPassphrase } from './shared.js'\nimport { defaultReadPassphrase } from './shared.js'\n\nexport interface RotateOptions {\n  /** Directory containing the compartment data (file adapter only). */\n  dir: string\n  /** Compartment (tenant) name to rotate keys in. */\n  compartment: string\n  /** The user id of the operator running the rotate. */\n  user: string\n  /**\n   * Explicit list of collections to rotate. When undefined, the\n   * rotation targets every collection the user has a DEK for —\n   * resolved at run time by reading the compartment snapshot.\n   */\n  collections?: string[]\n  /** Injected passphrase reader. Defaults to the clack implementation. */\n  readPassphrase?: ReadPassphrase\n  /**\n   * Injected Noydb factory. Production code leaves this undefined\n   * and gets `createNoydb`; tests pass a constructor that builds\n   * against an in-memory adapter.\n   */\n  createDb?: typeof createNoydb\n  /**\n   * Injected adapter factory. Production code leaves this undefined\n   * and gets `jsonFile`; tests pass one that returns the shared\n   * in-memory adapter their fixture used.\n   */\n  buildAdapter?: (dir: string) => NoydbAdapter\n}\n\nexport interface RotateResult {\n  /** The collections that were actually rotated. */\n  rotated: string[]\n}\n\n/**\n * Run the rotate flow against a file-adapter compartment. Returns\n * the list of collections that were rotated so callers can display\n * it to the user.\n *\n * Throws `Error` on any auth/adapter/rotate failure. The bin\n * catches these and prints a friendly message; direct callers\n * (tests) can inspect the error message to assert specific\n * failure modes.\n */\nexport async function rotate(options: RotateOptions): Promise<RotateResult> {\n  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase\n  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile({ dir }))\n  const createDb = options.createDb ?? createNoydb\n\n  // Read the passphrase BEFORE opening the database. This way a\n  // cancelled prompt (Ctrl-C at the password entry) leaves the\n  // adapter completely untouched — no files opened, no locks held.\n  const secret = await readPassphrase(`Passphrase for ${options.user}`)\n\n  let db: Noydb | null = null\n  try {\n    db = await createDb({\n      adapter: buildAdapter(options.dir),\n      user: options.user,\n      secret,\n    })\n\n    // Resolve \"all collections\" by asking the compartment. This\n    // happens BEFORE rotate() is called, so the list is stable\n    // across the operation — adding a new collection mid-rotate\n    // would be a race we're not guarding against (single-writer\n    // assumption applies).\n    const compartment = await db.openCompartment(options.compartment)\n    const targets = options.collections && options.collections.length > 0\n      ? options.collections\n      : await compartment.collections()\n\n    if (targets.length === 0) {\n      throw new Error(\n        `Compartment \"${options.compartment}\" has no collections to rotate.`,\n      )\n    }\n\n    await db.rotate(options.compartment, targets)\n    return { rotated: targets }\n  } finally {\n    // Always close the DB on exit — success or failure. Close()\n    // clears the KEK and DEKs from process memory, which is the\n    // final line of defense if the passphrase somehow leaked\n    // into a log line above this block.\n    db?.close()\n  }\n}\n","/**\n * Shared primitives for the interactive `noy-db` subcommands that\n * need to unlock a real compartment.\n *\n * Three things live here:\n *\n *   1. `ReadPassphrase` — a tiny interface for \"prompt the user for\n *      a passphrase\", with a test-friendly default. Subcommands take\n *      this as an injected dependency so tests can short-circuit\n *      the prompt without spawning a pty.\n *\n *   2. `defaultReadPassphrase` — the production implementation,\n *      built on `@clack/prompts` `password()`. Never echoes the\n *      value to the terminal, never logs it, clears it from the\n *      returned promise after the caller consumes it.\n *\n *   3. `assertRole` — narrow unknown string input to the Role type\n *      with a consistent error message.\n *\n * ## Why pull this out\n *\n * `rotate`, `addUser`, and `backup` all need the same \"prompt for\n * a passphrase\" shape and the same \"open a file adapter and get\n * back a Noydb instance\" shape. Duplicating it in three files would\n * drift over time; centralizing means one place to audit the\n * passphrase-handling contract (never log, never persist, clear\n * local variables after use).\n */\n\nimport { password, isCancel, cancel } from '@clack/prompts'\nimport type { Role } from '@noy-db/core'\n\nconst VALID_ROLES = ['owner', 'admin', 'operator', 'viewer', 'client'] as const\n\n/**\n * Asynchronous passphrase reader. Production code passes\n * `defaultReadPassphrase`; tests pass a stub that returns a fixed\n * string without touching stdin.\n *\n * The `label` is shown to the user as the prompt message. It\n * should never contain the expected passphrase or any secret.\n */\nexport type ReadPassphrase = (label: string) => Promise<string>\n\n/**\n * Clack-based passphrase prompt. Cancellation (Ctrl-C) aborts the\n * process with exit code 1 — prompts are always the first thing to\n * fire in a subcommand, so aborting here doesn't leave the system\n * in a half-mutated state.\n */\nexport const defaultReadPassphrase: ReadPassphrase = async (label) => {\n  const value = await password({\n    message: label,\n    // Basic sanity: reject empty strings up front. We don't enforce\n    // length here because the caller's KEK-derivation step will\n    // reject weak passphrases with its own, richer error.\n    validate: (v) => (v.length === 0 ? 'Passphrase cannot be empty' : undefined),\n  })\n  if (isCancel(value)) {\n    cancel('Cancelled.')\n    process.exit(1)\n  }\n  return value\n}\n\n/**\n * Narrow an unknown string to the `Role` type from @noy-db/core.\n * Used by the `add user` subcommand to validate the role argument\n * before passing it to `noydb.grant()`.\n */\nexport function assertRole(input: string): Role {\n  if (!(VALID_ROLES as readonly string[]).includes(input)) {\n    throw new Error(\n      `Invalid role \"${input}\" — must be one of: ${VALID_ROLES.join(', ')}`,\n    )\n  }\n  return input as Role\n}\n\n/**\n * Split a comma-separated collection list into an array of names,\n * trimming whitespace and dropping empties. Returns null if the\n * input itself is empty or undefined — the caller decides whether\n * that means \"all collections\" or \"error\".\n */\nexport function parseCollectionList(input: string | undefined): string[] | null {\n  if (!input) return null\n  const parts = input\n    .split(',')\n    .map((s) => s.trim())\n    .filter((s) => s.length > 0)\n  return parts.length > 0 ? parts : null\n}\n","/**\n * `noy-db add user <id> <role>` — grant a new user access to a\n * compartment.\n *\n * What it does\n * ------------\n * Wraps `noydb.grant()` in the CLI's auth-prompt ritual:\n *\n *   1. Prompt the caller for their own passphrase (to unlock the\n *      caller's keyring and derive the wrapping key).\n *   2. Prompt for the new user's passphrase.\n *   3. Prompt for confirmation of the new passphrase.\n *   4. Reject on mismatch.\n *   5. Call `noydb.grant(compartment, { userId, role, passphrase, permissions })`.\n *\n * For owner/admin/viewer roles, every collection is granted\n * automatically (the core keyring.ts grant logic handles that via\n * the `permissions` field). For operator/client, the caller must\n * pass a `--collections` list because those roles need explicit\n * per-collection permissions.\n *\n * ## What this does NOT do\n *\n * - No email/invite flow — v0.5 is about local-CLI key management,\n *   not out-of-band user enrollment.\n * - No rollback on partial failure — `grant()` is atomic at the\n *   core level (keyring file writes last, after DEK wrapping), so\n *   partial-state-on-crash is already handled.\n */\n\nimport { createNoydb, type Noydb, type NoydbAdapter, type Role } from '@noy-db/core'\nimport { jsonFile } from '@noy-db/file'\nimport type { ReadPassphrase } from './shared.js'\nimport { defaultReadPassphrase } from './shared.js'\n\nexport interface AddUserOptions {\n  /** Directory containing the compartment data (file adapter only). */\n  dir: string\n  /** Compartment (tenant) name to grant access to. */\n  compartment: string\n  /** The user id of the caller running the grant. */\n  callerUser: string\n  /** The new user's id (must not already exist in the compartment keyring). */\n  newUserId: string\n  /** The new user's display name — shown in UI and audit logs. Defaults to `newUserId`. */\n  newUserDisplayName?: string\n  /** The new user's role. */\n  role: Role\n  /**\n   * Per-collection permissions. Required when `role` is operator or\n   * client; ignored for owner/admin/viewer (they get everything\n   * via the core's resolvePermissions logic).\n   *\n   * Shape: `{ invoices: 'rw', clients: 'ro' }`. CLI callers pass\n   * `--collections invoices:rw,clients:ro` and the argv parser\n   * converts it to this shape.\n   */\n  permissions?: Record<string, 'rw' | 'ro'>\n  /** Injected passphrase reader. Defaults to the clack implementation. */\n  readPassphrase?: ReadPassphrase\n  /** Injected Noydb factory. */\n  createDb?: typeof createNoydb\n  /** Injected adapter factory. */\n  buildAdapter?: (dir: string) => NoydbAdapter\n}\n\nexport interface AddUserResult {\n  /** The userId that was granted access. */\n  userId: string\n  /** The role they were granted. */\n  role: Role\n}\n\n/**\n * Run the grant flow. Two passphrase prompts: caller's, then new\n * user's (twice for confirmation). Calls `noydb.grant()` with the\n * collected values.\n */\nexport async function addUser(options: AddUserOptions): Promise<AddUserResult> {\n  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase\n  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile({ dir }))\n  const createDb = options.createDb ?? createNoydb\n\n  // Operator/client roles NEED explicit permissions. Reject here\n  // rather than in the middle of the grant, so the caller sees the\n  // problem before any I/O happens.\n  if (\n    (options.role === 'operator' || options.role === 'client') &&\n    (!options.permissions || Object.keys(options.permissions).length === 0)\n  ) {\n    throw new Error(\n      `Role \"${options.role}\" requires explicit --collections — e.g. --collections invoices:rw,clients:ro`,\n    )\n  }\n\n  const callerSecret = await readPassphrase(\n    `Your passphrase (${options.callerUser})`,\n  )\n  const newSecret = await readPassphrase(\n    `New passphrase for ${options.newUserId}`,\n  )\n  const confirmSecret = await readPassphrase(\n    `Confirm passphrase for ${options.newUserId}`,\n  )\n\n  if (newSecret !== confirmSecret) {\n    throw new Error(`Passphrases do not match — grant aborted.`)\n  }\n\n  let db: Noydb | null = null\n  try {\n    db = await createDb({\n      adapter: buildAdapter(options.dir),\n      user: options.callerUser,\n      secret: callerSecret,\n    })\n\n    // Build the grant options. Only include `permissions` when the\n    // caller actually supplied them — otherwise the core's\n    // resolvePermissions fills in the role defaults. The spread\n    // (rather than post-assignment) keeps the object literal\n    // compatible with `GrantOptions`'s readonly `permissions`.\n    const grantOpts: Parameters<Noydb['grant']>[1] = {\n      userId: options.newUserId,\n      displayName: options.newUserDisplayName ?? options.newUserId,\n      role: options.role,\n      passphrase: newSecret,\n      ...(options.permissions ? { permissions: options.permissions } : {}),\n    }\n\n    await db.grant(options.compartment, grantOpts)\n\n    return {\n      userId: options.newUserId,\n      role: options.role,\n    }\n  } finally {\n    db?.close()\n  }\n}\n","/**\n * `noy-db backup <target>` — dump a compartment to a local file.\n *\n * What it does\n * ------------\n * Wraps `compartment.dump()` in the CLI's auth-prompt ritual, then\n * writes the serialized backup to the requested path. As of v0.4,\n * `dump()` already produces a verifiable backup (embedded\n * ledgerHead, full `_ledger` / `_ledger_deltas` snapshots) — the\n * CLI just moves bytes; the integrity guarantees come from core.\n *\n * ## Target URI support\n *\n * v0.5.0 ships **`file://` only** (or a plain filesystem path).\n * The issue spec originally called for `s3://` as well, but\n * wiring @aws-sdk into @noy-db/create would defeat the\n * zero-runtime-deps story for the CLI package. S3 backup is\n * deferred to a follow-up that can live in @noy-db/s3-cli or a\n * similar optional companion package.\n *\n * Accepted forms:\n *   - `file:///absolute/path.json`\n *   - `file://./relative/path.json`\n *   - `/absolute/path.json` (treated as `file://`)\n *   - `./relative/path.json` (treated as `file://`)\n *\n * ## What this does NOT do\n *\n * - No encryption of the backup BEYOND what noy-db already does.\n *   The dumped file is a valid noy-db backup, which means\n *   individual records are still encrypted but the keyring is\n *   included (wrapped with each user's KEK). Anyone who loads\n *   the backup still needs the correct passphrase to read.\n * - No restore — that's a separate subcommand tracked as a\n *   follow-up. For now users can restore via\n *   `compartment.load(backupString)` from their own app code.\n */\n\nimport { promises as fs } from 'node:fs'\nimport path from 'node:path'\nimport { createNoydb, type Noydb, type NoydbAdapter } from '@noy-db/core'\nimport { jsonFile } from '@noy-db/file'\nimport type { ReadPassphrase } from './shared.js'\nimport { defaultReadPassphrase } from './shared.js'\n\nexport interface BackupOptions {\n  /** Directory containing the compartment data (file adapter only). */\n  dir: string\n  /** Compartment (tenant) name to back up. */\n  compartment: string\n  /** The user id of the operator running the backup. */\n  user: string\n  /**\n   * Where to write the backup. Accepts a `file://` URI or a plain\n   * filesystem path. Relative paths resolve against `process.cwd()`.\n   */\n  target: string\n  /** Injected passphrase reader. */\n  readPassphrase?: ReadPassphrase\n  /** Injected Noydb factory. */\n  createDb?: typeof createNoydb\n  /** Injected adapter factory. */\n  buildAdapter?: (dir: string) => NoydbAdapter\n}\n\nexport interface BackupResult {\n  /** Absolute filesystem path the backup was written to. */\n  path: string\n  /** Size of the serialized backup in bytes. */\n  bytes: number\n}\n\n/**\n * Parse a backup target into an absolute filesystem path. Rejects\n * unsupported URI schemes (s3://, https://, etc.) early so the\n * caller doesn't silently write to the wrong place.\n */\nexport function resolveBackupTarget(target: string, cwd: string = process.cwd()): string {\n  // Strip the `file://` prefix if present. The rest of the string\n  // is treated as a filesystem path. We accept both `file:///abs`\n  // (three slashes, absolute) and `file://./rel` (two slashes,\n  // relative) because real-world users write both.\n  let raw = target\n  if (target.startsWith('file://')) {\n    raw = target.slice('file://'.length)\n  } else if (target.includes('://')) {\n    // Any other scheme is unsupported.\n    throw new Error(\n      `Unsupported backup target scheme: \"${target.split('://')[0]}://\". ` +\n        `Only file:// and plain filesystem paths are supported in v0.5. ` +\n        `S3 backups will land in a follow-up.`,\n    )\n  }\n  return path.resolve(cwd, raw)\n}\n\nexport async function backup(options: BackupOptions): Promise<BackupResult> {\n  const readPassphrase = options.readPassphrase ?? defaultReadPassphrase\n  const buildAdapter = options.buildAdapter ?? ((dir) => jsonFile({ dir }))\n  const createDb = options.createDb ?? createNoydb\n\n  // Resolve the target FIRST so a bad URI fails before any\n  // passphrase is collected. This keeps the UX clean: a typo in\n  // `s3://bucket/x` rejects without asking for a secret the user\n  // would then have to type again.\n  const absolutePath = resolveBackupTarget(options.target)\n\n  const secret = await readPassphrase(`Passphrase for ${options.user}`)\n\n  let db: Noydb | null = null\n  try {\n    db = await createDb({\n      adapter: buildAdapter(options.dir),\n      user: options.user,\n      secret,\n    })\n    const compartment = await db.openCompartment(options.compartment)\n    const serialized = await compartment.dump()\n\n    // Make sure the parent directory exists. If the user passed\n    // `./backups/2026/demo.json` and `./backups/2026` doesn't\n    // exist yet, we create it. This is the common case for\n    // scripted rotations dropping into a date-based folder.\n    await fs.mkdir(path.dirname(absolutePath), { recursive: true })\n    await fs.writeFile(absolutePath, serialized, 'utf8')\n\n    return {\n      path: absolutePath,\n      bytes: Buffer.byteLength(serialized, 'utf8'),\n    }\n  } finally {\n    db?.close()\n  }\n}\n"],"mappings":";;;AA8CA,OAAO,QAAQ;;;AC1Bf,SAAS,YAAY,UAAU;AAC/B,OAAO,UAAU;AA0BV,SAAS,uBAAuB,MAA6B;AAClE,MAAI,CAAC,KAAM,QAAO;AAClB,MAAI,CAAC,oBAAoB,KAAK,IAAI,GAAG;AACnC,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,eAAsB,cACpB,SAC8B;AAC9B,QAAM,MAAM,uBAAuB,QAAQ,IAAI;AAC/C,MAAI,IAAK,OAAM,IAAI,MAAM,GAAG;AAE5B,QAAM,MAAM,QAAQ,OAAO,QAAQ,IAAI;AACvC,QAAM,cAAc,QAAQ,eAAe;AAC3C,QAAM,OAAO,QAAQ;AAIrB,QAAM,aAAa,KAChB,MAAM,GAAG,EACT,IAAI,CAAC,MAAO,EAAE,WAAW,IAAI,KAAK,EAAE,CAAC,GAAG,YAAY,KAAK,MAAM,EAAE,MAAM,CAAC,CAAE,EAC1E,KAAK,EAAE;AACV,QAAM,YAAY,MAAM,UAAU;AAElC,QAAM,YAAY,KAAK,KAAK,KAAK,OAAO,UAAU,GAAG,IAAI,KAAK;AAC9D,QAAM,WAAW,KAAK,KAAK,KAAK,OAAO,SAAS,GAAG,IAAI,MAAM;AAK7D,aAAW,UAAU,CAAC,WAAW,QAAQ,GAAG;AAC1C,QAAI,MAAM,WAAW,MAAM,GAAG;AAC5B,YAAM,IAAI,MAAM,wCAAwC,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAEA,QAAM,GAAG,MAAM,KAAK,QAAQ,SAAS,GAAG,EAAE,WAAW,KAAK,CAAC;AAC3D,QAAM,GAAG,MAAM,KAAK,QAAQ,QAAQ,GAAG,EAAE,WAAW,KAAK,CAAC;AAE1D,QAAM,GAAG,UAAU,WAAW,YAAY,MAAM,YAAY,WAAW,WAAW,GAAG,MAAM;AAC3F,QAAM,GAAG,UAAU,UAAU,WAAW,MAAM,YAAY,SAAS,GAAG,MAAM;AAE5E,SAAO,EAAE,OAAO,CAAC,WAAW,QAAQ,EAAE;AACxC;AAEA,eAAe,WAAW,GAA6B;AACrD,MAAI;AACF,UAAM,GAAG,OAAO,CAAC;AACjB,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAQA,SAAS,YACP,MACA,YACA,WACA,aACQ;AACR,SAAO,gCAAgC,IAAI;AAAA;AAAA,cAE/B,UAAU;AAAA,OACjB,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA,mBAKG,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA,eAKd,SAAS,uBAAuB,UAAU,MAAM,IAAI;AAAA,kBACjD,WAAW;AAAA;AAAA;AAG7B;AAOA,SAAS,WAAW,MAAc,YAAoB,WAA2B;AAC/E,SAAO;AAAA,8BACqB,IAAI;AAAA,WACvB,IAAI;AAAA;AAAA;AAAA,QAGP,IAAI,MAAM,SAAS;AAAA,QACnB,IAAI;AAAA;AAAA;AAAA,IAGR,IAAI;AAAA;AAAA,iBAES,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA,IAKvB,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,UAME,UAAU;AAAA,kCACc,UAAU;AAAA;AAAA,2BAEjB,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAQ/B;;;ACtJA,SAAS,mBAAmB;AAC5B,SAAS,cAAc;AAgBvB,eAAsB,kBAAyC;AAC7D,QAAM,QAAQ,YAAY,IAAI;AAC9B,MAAI;AACF,UAAM,KAAK,MAAM,YAAY;AAAA,MAC3B,SAAS,OAAO;AAAA,MAChB,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA,MAKN,QAAQ;AAAA,IACV,CAAC;AACD,UAAM,UAAU,MAAM,GAAG,gBAAgB,WAAW;AACpD,UAAM,aAAa,QAAQ,WAAsC,QAAQ;AAKzE,UAAM,WAAW,EAAE,IAAI,YAAY,GAAG,GAAG;AACzC,UAAM,WAAW,IAAI,YAAY,QAAQ;AACzC,UAAM,MAAM,MAAM,WAAW,IAAI,UAAU;AAC3C,QAAI,CAAC,OAAO,IAAI,OAAO,SAAS,MAAM,IAAI,MAAM,SAAS,GAAG;AAC1D,aAAO,KAAK,OAAO,4BAA4B,KAAK,UAAU,GAAG,CAAC,EAAE;AAAA,IACtE;AAKA,UAAM,QAAQ,WAAW,MAAM,EAAE,MAAM,KAAK,MAAM,EAAE,EAAE,QAAQ;AAC9D,QAAI,MAAM,WAAW,GAAG;AACtB,aAAO,KAAK,OAAO,8CAA8C,MAAM,MAAM,EAAE;AAAA,IACjF;AAEA,OAAG,MAAM;AAET,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,SAAS;AAAA,MACT,YAAY,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,IAClD;AAAA,EACF,SAAS,KAAK;AACZ,WAAO,KAAK,OAAO,0BAA2B,IAAc,OAAO,EAAE;AAAA,EACvE;AACF;AAEA,SAAS,KAAK,OAAe,SAA+B;AAC1D,SAAO;AAAA,IACL,IAAI;AAAA,IACJ;AAAA,IACA,YAAY,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,EAClD;AACF;;;ACtDA,SAAS,eAAAA,oBAAkD;AAC3D,SAAS,gBAAgB;;;ACTzB,SAAS,UAAU,UAAU,cAAc;AAG3C,IAAM,cAAc,CAAC,SAAS,SAAS,YAAY,UAAU,QAAQ;AAkB9D,IAAM,wBAAwC,OAAO,UAAU;AACpE,QAAM,QAAQ,MAAM,SAAS;AAAA,IAC3B,SAAS;AAAA;AAAA;AAAA;AAAA,IAIT,UAAU,CAAC,MAAO,EAAE,WAAW,IAAI,+BAA+B;AAAA,EACpE,CAAC;AACD,MAAI,SAAS,KAAK,GAAG;AACnB,WAAO,YAAY;AACnB,YAAQ,KAAK,CAAC;AAAA,EAChB;AACA,SAAO;AACT;AAOO,SAAS,WAAW,OAAqB;AAC9C,MAAI,CAAE,YAAkC,SAAS,KAAK,GAAG;AACvD,UAAM,IAAI;AAAA,MACR,iBAAiB,KAAK,4BAAuB,YAAY,KAAK,IAAI,CAAC;AAAA,IACrE;AAAA,EACF;AACA,SAAO;AACT;AAQO,SAAS,oBAAoB,OAA4C;AAC9E,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,QAAQ,MACX,MAAM,GAAG,EACT,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EACnB,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC;AAC7B,SAAO,MAAM,SAAS,IAAI,QAAQ;AACpC;;;ADNA,eAAsB,OAAO,SAA+C;AAC1E,QAAM,iBAAiB,QAAQ,kBAAkB;AACjD,QAAM,eAAe,QAAQ,iBAAiB,CAAC,QAAQ,SAAS,EAAE,IAAI,CAAC;AACvE,QAAM,WAAW,QAAQ,YAAYC;AAKrC,QAAM,SAAS,MAAM,eAAe,kBAAkB,QAAQ,IAAI,EAAE;AAEpE,MAAI,KAAmB;AACvB,MAAI;AACF,SAAK,MAAM,SAAS;AAAA,MAClB,SAAS,aAAa,QAAQ,GAAG;AAAA,MACjC,MAAM,QAAQ;AAAA,MACd;AAAA,IACF,CAAC;AAOD,UAAM,cAAc,MAAM,GAAG,gBAAgB,QAAQ,WAAW;AAChE,UAAM,UAAU,QAAQ,eAAe,QAAQ,YAAY,SAAS,IAChE,QAAQ,cACR,MAAM,YAAY,YAAY;AAElC,QAAI,QAAQ,WAAW,GAAG;AACxB,YAAM,IAAI;AAAA,QACR,gBAAgB,QAAQ,WAAW;AAAA,MACrC;AAAA,IACF;AAEA,UAAM,GAAG,OAAO,QAAQ,aAAa,OAAO;AAC5C,WAAO,EAAE,SAAS,QAAQ;AAAA,EAC5B,UAAE;AAKA,QAAI,MAAM;AAAA,EACZ;AACF;;;AEnGA,SAAS,eAAAC,oBAA6D;AACtE,SAAS,YAAAC,iBAAgB;AA+CzB,eAAsB,QAAQ,SAAiD;AAC7E,QAAM,iBAAiB,QAAQ,kBAAkB;AACjD,QAAM,eAAe,QAAQ,iBAAiB,CAAC,QAAQC,UAAS,EAAE,IAAI,CAAC;AACvE,QAAM,WAAW,QAAQ,YAAYC;AAKrC,OACG,QAAQ,SAAS,cAAc,QAAQ,SAAS,cAChD,CAAC,QAAQ,eAAe,OAAO,KAAK,QAAQ,WAAW,EAAE,WAAW,IACrE;AACA,UAAM,IAAI;AAAA,MACR,SAAS,QAAQ,IAAI;AAAA,IACvB;AAAA,EACF;AAEA,QAAM,eAAe,MAAM;AAAA,IACzB,oBAAoB,QAAQ,UAAU;AAAA,EACxC;AACA,QAAM,YAAY,MAAM;AAAA,IACtB,sBAAsB,QAAQ,SAAS;AAAA,EACzC;AACA,QAAM,gBAAgB,MAAM;AAAA,IAC1B,0BAA0B,QAAQ,SAAS;AAAA,EAC7C;AAEA,MAAI,cAAc,eAAe;AAC/B,UAAM,IAAI,MAAM,gDAA2C;AAAA,EAC7D;AAEA,MAAI,KAAmB;AACvB,MAAI;AACF,SAAK,MAAM,SAAS;AAAA,MAClB,SAAS,aAAa,QAAQ,GAAG;AAAA,MACjC,MAAM,QAAQ;AAAA,MACd,QAAQ;AAAA,IACV,CAAC;AAOD,UAAM,YAA2C;AAAA,MAC/C,QAAQ,QAAQ;AAAA,MAChB,aAAa,QAAQ,sBAAsB,QAAQ;AAAA,MACnD,MAAM,QAAQ;AAAA,MACd,YAAY;AAAA,MACZ,GAAI,QAAQ,cAAc,EAAE,aAAa,QAAQ,YAAY,IAAI,CAAC;AAAA,IACpE;AAEA,UAAM,GAAG,MAAM,QAAQ,aAAa,SAAS;AAE7C,WAAO;AAAA,MACL,QAAQ,QAAQ;AAAA,MAChB,MAAM,QAAQ;AAAA,IAChB;AAAA,EACF,UAAE;AACA,QAAI,MAAM;AAAA,EACZ;AACF;;;ACrGA,SAAS,YAAYC,WAAU;AAC/B,OAAOC,WAAU;AACjB,SAAS,eAAAC,oBAAkD;AAC3D,SAAS,YAAAC,iBAAgB;AAoClB,SAAS,oBAAoB,QAAgB,MAAc,QAAQ,IAAI,GAAW;AAKvF,MAAI,MAAM;AACV,MAAI,OAAO,WAAW,SAAS,GAAG;AAChC,UAAM,OAAO,MAAM,UAAU,MAAM;AAAA,EACrC,WAAW,OAAO,SAAS,KAAK,GAAG;AAEjC,UAAM,IAAI;AAAA,MACR,sCAAsC,OAAO,MAAM,KAAK,EAAE,CAAC,CAAC;AAAA,IAG9D;AAAA,EACF;AACA,SAAOC,MAAK,QAAQ,KAAK,GAAG;AAC9B;AAEA,eAAsB,OAAO,SAA+C;AAC1E,QAAM,iBAAiB,QAAQ,kBAAkB;AACjD,QAAM,eAAe,QAAQ,iBAAiB,CAAC,QAAQC,UAAS,EAAE,IAAI,CAAC;AACvE,QAAM,WAAW,QAAQ,YAAYC;AAMrC,QAAM,eAAe,oBAAoB,QAAQ,MAAM;AAEvD,QAAM,SAAS,MAAM,eAAe,kBAAkB,QAAQ,IAAI,EAAE;AAEpE,MAAI,KAAmB;AACvB,MAAI;AACF,SAAK,MAAM,SAAS;AAAA,MAClB,SAAS,aAAa,QAAQ,GAAG;AAAA,MACjC,MAAM,QAAQ;AAAA,MACd;AAAA,IACF,CAAC;AACD,UAAM,cAAc,MAAM,GAAG,gBAAgB,QAAQ,WAAW;AAChE,UAAM,aAAa,MAAM,YAAY,KAAK;AAM1C,UAAMC,IAAG,MAAMH,MAAK,QAAQ,YAAY,GAAG,EAAE,WAAW,KAAK,CAAC;AAC9D,UAAMG,IAAG,UAAU,cAAc,YAAY,MAAM;AAEnD,WAAO;AAAA,MACL,MAAM;AAAA,MACN,OAAO,OAAO,WAAW,YAAY,MAAM;AAAA,IAC7C;AAAA,EACF,UAAE;AACA,QAAI,MAAM;AAAA,EACZ;AACF;;;AN/EA,IAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA8Bb,eAAe,OAAsB;AACnC,QAAM,CAAC,EAAE,EAAE,SAAS,GAAG,IAAI,IAAI,QAAQ;AAEvC,UAAQ,SAAS;AAAA,IACf,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,cAAQ,OAAO,MAAM,IAAI;AACzB;AAAA,IAEF,KAAK;AACH,YAAM,OAAO,IAAI;AACjB;AAAA,IAEF,KAAK;AACH,YAAM,UAAU;AAChB;AAAA,IAEF,KAAK;AACH,YAAM,UAAU,IAAI;AACpB;AAAA,IAEF,KAAK;AACH,YAAM,UAAU,IAAI;AACpB;AAAA,IAEF;AACE,cAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,qBAAqB,OAAO;AAAA;AAAA,EAAQ,IAAI,EAAE;AAClF,cAAQ,KAAK,CAAC;AAAA,EAClB;AACF;AAIA,eAAe,OAAO,MAA+B;AACnD,QAAM,QAAQ,KAAK,CAAC;AACpB,MAAI,UAAU,QAAQ;AACpB,UAAM,WAAW,KAAK,MAAM,CAAC,CAAC;AAC9B;AAAA,EACF;AAEA,MAAI,CAAC,OAAO;AACV,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,IAAI,QAAQ,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAErB;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB;AACA,MAAI;AACF,UAAM,SAAS,MAAM,cAAc,EAAE,MAAM,MAAM,CAAC;AAClD,YAAQ,OAAO,MAAM,GAAG,GAAG,MAAM,QAAG,CAAC;AAAA,CAAa;AAClD,eAAW,QAAQ,OAAO,OAAO;AAC/B,cAAQ,OAAO,MAAM,KAAK,GAAG,IAAI,QAAG,CAAC,IAAI,IAAI;AAAA,CAAI;AAAA,IACnD;AACA,YAAQ,OAAO;AAAA,MACb;AAAA,cAAiB,GAAG,KAAK,IAAI,KAAK,EAAE,CAAC,kCAAkC,GAAG,KAAK,cAAc,KAAK,KAAK,CAAC;AAAA;AAAA,IAC1G;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;AAIA,eAAe,YAA2B;AACxC,UAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,6CAAmC,CAAC;AAAA,CAAI;AACvE,QAAM,SAAS,MAAM,gBAAgB;AACrC,MAAI,OAAO,IAAI;AACb,YAAQ,OAAO,MAAM,GAAG,GAAG,MAAM,QAAG,CAAC,IAAI,OAAO,OAAO,IAAI,GAAG,IAAI,IAAI,OAAO,UAAU,KAAK,CAAC;AAAA,CAAI;AACjG;AAAA,EACF;AACA,UAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAG,CAAC,IAAI,OAAO,OAAO,IAAI,GAAG,IAAI,IAAI,OAAO,UAAU,KAAK,CAAC;AAAA,CAAI;AAC/F,UAAQ,KAAK,CAAC;AAChB;AAIA,eAAe,WAAW,MAA+B;AAEvD,QAAM,SAAS,KAAK,CAAC;AACrB,QAAM,YAAY,KAAK,CAAC;AACxB,MAAI,CAAC,UAAU,CAAC,WAAW;AACzB,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,IAAI,QAAQ,CAAC;AAAA;AAAA;AAAA;AAAA,IAErB;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,MAAI;AACJ,MAAI;AACF,WAAO,WAAW,SAAS;AAAA,EAC7B,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,YAAQ,KAAK,CAAC;AACd;AAAA,EACF;AAEA,QAAM,QAAQ,WAAW,KAAK,MAAM,CAAC,CAAC;AACtC,QAAM,MAAM,MAAM,OAAO;AACzB,QAAM,cAAc,YAAY,OAAO,aAAa;AACpD,QAAM,aAAa,YAAY,OAAO,MAAM;AAE5C,QAAM,cAAc,iBAAiB,MAAM,aAAa,CAAC;AAEzD,QAAM,OAAuB;AAAA,IAC3B;AAAA,IACA;AAAA,IACA;AAAA,IACA,WAAW;AAAA,IACX;AAAA,EACF;AACA,MAAI,MAAM,cAAc,EAAG,MAAK,qBAAqB,MAAM,cAAc;AACzE,MAAI,YAAa,MAAK,cAAc;AAEpC,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ,IAAI;AACjC,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,MAAM,QAAG,CAAC,YAAY,GAAG,KAAK,OAAO,IAAI,CAAC,cAAc,GAAG,KAAK,OAAO,MAAM,CAAC,mBAAmB,GAAG,KAAK,WAAW,CAAC;AAAA;AAAA,IAC7H;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;AAIA,eAAe,UAAU,MAA+B;AACtD,QAAM,QAAQ,WAAW,IAAI;AAC7B,QAAM,MAAM,MAAM,OAAO;AACzB,QAAM,cAAc,YAAY,OAAO,aAAa;AACpD,QAAM,OAAO,YAAY,OAAO,MAAM;AAEtC,QAAM,OAAsB,EAAE,KAAK,aAAa,KAAK;AACrD,QAAM,cAAc,oBAAoB,MAAM,aAAa,CAAC;AAC5D,MAAI,YAAa,MAAK,cAAc;AAEpC,MAAI;AACF,UAAM,SAAS,MAAM,OAAO,IAAI;AAChC,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,MAAM,QAAG,CAAC,YAAY,GAAG,KAAK,OAAO,OAAO,QAAQ,MAAM,CAAC,CAAC,qBAAqB,GAAG,KAAK,WAAW,CAAC;AAAA;AAAA,IAC7G;AACA,eAAW,QAAQ,OAAO,SAAS;AACjC,cAAQ,OAAO,MAAM,KAAK,GAAG,IAAI,QAAG,CAAC,IAAI,IAAI;AAAA,CAAI;AAAA,IACnD;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;AAIA,eAAe,UAAU,MAA+B;AACtD,QAAM,SAAS,KAAK,CAAC;AACrB,MAAI,CAAC,QAAQ;AACX,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,IAAI,QAAQ,CAAC;AAAA;AAAA;AAAA;AAAA,IAErB;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,QAAM,QAAQ,WAAW,KAAK,MAAM,CAAC,CAAC;AACtC,QAAM,MAAM,MAAM,OAAO;AACzB,QAAM,cAAc,YAAY,OAAO,aAAa;AACpD,QAAM,OAAO,YAAY,OAAO,MAAM;AAEtC,MAAI;AACF,UAAM,SAAS,MAAM,OAAO,EAAE,KAAK,aAAa,MAAM,OAAO,CAAC;AAC9D,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,MAAM,QAAG,CAAC,kBAAkB,GAAG,KAAK,OAAO,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,OAAO,KAAK,SAAS,CAAC;AAAA;AAAA,IAC7F;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;AAUA,SAAS,WAAW,MAAwC;AAC1D,QAAM,MAA8B,CAAC;AACrC,WAAS,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;AACpC,UAAM,MAAM,KAAK,CAAC;AAClB,QAAI,CAAC,OAAO,CAAC,IAAI,WAAW,IAAI,EAAG;AACnC,UAAM,MAAM,IAAI,MAAM,CAAC;AACvB,UAAM,OAAO,KAAK,IAAI,CAAC;AACvB,QAAI,QAAQ,CAAC,KAAK,WAAW,IAAI,GAAG;AAClC,UAAI,GAAG,IAAI;AACX;AAAA,IACF,OAAO;AACL,UAAI,GAAG,IAAI;AAAA,IACb;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,YAAY,OAA+B,MAAsB;AACxE,QAAM,QAAQ,MAAM,IAAI;AACxB,MAAI,CAAC,OAAO;AACV,YAAQ,OAAO;AAAA,MACb,GAAG,GAAG,IAAI,QAAQ,CAAC,4BAA4B,IAAI;AAAA;AAAA,IACrD;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB;AACA,SAAO;AACT;AAOA,SAAS,iBACP,OACoC;AACpC,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,MAAmC,CAAC;AAC1C,aAAW,QAAQ,MAAM,MAAM,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO,GAAG;AACxE,UAAM,CAAC,MAAM,IAAI,IAAI,KAAK,MAAM,GAAG;AACnC,QAAI,CAAC,QAAQ,CAAC,QAAS,SAAS,QAAQ,SAAS,MAAO;AACtD,YAAM,IAAI;AAAA,QACR,gCAAgC,IAAI;AAAA,MACtC;AAAA,IACF;AACA,QAAI,IAAI,IAAI;AAAA,EACd;AACA,SAAO,OAAO,KAAK,GAAG,EAAE,SAAS,IAAI,MAAM;AAC7C;AAEA,KAAK,EAAE,MAAM,CAAC,QAAiB;AAC7B,UAAQ,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,IAAK,IAAc,OAAO;AAAA,CAAI;AACtE,UAAQ,KAAK,CAAC;AAChB,CAAC;","names":["createNoydb","createNoydb","createNoydb","jsonFile","jsonFile","createNoydb","fs","path","createNoydb","jsonFile","path","jsonFile","createNoydb","fs"]}