@noy-db/hub 0.1.0-pre.14 → 0.1.0-pre.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (232) hide show
  1. package/dist/aggregate/index.cjs +91 -36
  2. package/dist/aggregate/index.cjs.map +1 -1
  3. package/dist/aggregate/index.d.cts +2 -2
  4. package/dist/aggregate/index.d.ts +2 -2
  5. package/dist/aggregate/index.js +15 -8
  6. package/dist/aggregate/index.js.map +1 -1
  7. package/dist/blobs/index.cjs.map +1 -1
  8. package/dist/blobs/index.d.cts +5 -4
  9. package/dist/blobs/index.d.ts +5 -4
  10. package/dist/blobs/index.js +4 -4
  11. package/dist/bundle/index.cjs +214 -7
  12. package/dist/bundle/index.cjs.map +1 -1
  13. package/dist/bundle/index.d.cts +5 -4
  14. package/dist/bundle/index.d.ts +5 -4
  15. package/dist/bundle/index.js +6 -4
  16. package/dist/{chunk-CX2S2IBB.js → chunk-23TTQXVO.js} +53 -79
  17. package/dist/chunk-23TTQXVO.js.map +1 -0
  18. package/dist/{chunk-WLZWITX3.js → chunk-2AXFIYHT.js} +1 -1
  19. package/dist/chunk-2AXFIYHT.js.map +1 -0
  20. package/dist/{chunk-SBOSKCXD.js → chunk-2R6G2WST.js} +209 -13
  21. package/dist/chunk-2R6G2WST.js.map +1 -0
  22. package/dist/{chunk-HENWE2QQ.js → chunk-34YSDCDP.js} +2 -2
  23. package/dist/{chunk-3J5PYYUL.js → chunk-5DWL3JBF.js} +2 -2
  24. package/dist/{chunk-562AT3V6.js → chunk-5NGHX6ME.js} +5 -5
  25. package/dist/chunk-5ZGZ6HIZ.js +100 -0
  26. package/dist/chunk-5ZGZ6HIZ.js.map +1 -0
  27. package/dist/{chunk-ZJICDHNH.js → chunk-6HPZY4ON.js} +5 -4
  28. package/dist/chunk-6HPZY4ON.js.map +1 -0
  29. package/dist/{chunk-LTKFPLTW.js → chunk-A3K2ECAM.js} +192 -11
  30. package/dist/chunk-A3K2ECAM.js.map +1 -0
  31. package/dist/{chunk-W7M3E5M5.js → chunk-ADQ5MQ54.js} +48 -1
  32. package/dist/{chunk-W7M3E5M5.js.map → chunk-ADQ5MQ54.js.map} +1 -1
  33. package/dist/{chunk-Q3OWJPJI.js → chunk-DPMFBCV6.js} +32 -19
  34. package/dist/chunk-DPMFBCV6.js.map +1 -0
  35. package/dist/{chunk-AD4FMCXZ.js → chunk-DYBQG5PQ.js} +2 -2
  36. package/dist/{chunk-PNTWORBA.js → chunk-DYECX3IX.js} +2 -2
  37. package/dist/chunk-EGQYGYIU.js +51 -0
  38. package/dist/chunk-EGQYGYIU.js.map +1 -0
  39. package/dist/{chunk-RGHN6WV7.js → chunk-FCXOFQAJ.js} +2 -2
  40. package/dist/{chunk-PMMNH7VZ.js → chunk-H7XROQJM.js} +1 -1
  41. package/dist/chunk-H7XROQJM.js.map +1 -0
  42. package/dist/chunk-HB3Z2GCR.js +124 -0
  43. package/dist/chunk-HB3Z2GCR.js.map +1 -0
  44. package/dist/{chunk-CRNMA2FB.js → chunk-I6MX32UC.js} +4 -4
  45. package/dist/{chunk-PHSGPPV7.js → chunk-KESP7GOK.js} +3 -3
  46. package/dist/{chunk-FB34MDSJ.js → chunk-KJJKHKFP.js} +4 -4
  47. package/dist/{chunk-J3E2UMET.js → chunk-MIQHZESA.js} +3 -3
  48. package/dist/{chunk-TNYWH7Z2.js → chunk-MKSA2V7A.js} +2 -2
  49. package/dist/{chunk-E4ZSYZSN.js → chunk-NVBUGT76.js} +4 -4
  50. package/dist/{chunk-XFVOTOYQ.js → chunk-O4RHR7FV.js} +6 -6
  51. package/dist/{chunk-EEEFQTYN.js → chunk-OMLIZL2P.js} +2 -2
  52. package/dist/{chunk-GVPFL6XF.js → chunk-P7EQ2S5O.js} +2 -2
  53. package/dist/{chunk-E3VAKWJ7.js → chunk-QQUUAXDY.js} +7 -6
  54. package/dist/chunk-QQUUAXDY.js.map +1 -0
  55. package/dist/chunk-RD5LYKD6.js +82 -0
  56. package/dist/chunk-RD5LYKD6.js.map +1 -0
  57. package/dist/{chunk-7QGJ7RTL.js → chunk-RRMDLTIL.js} +4 -4
  58. package/dist/{chunk-432R4RDC.js → chunk-SIZWEV2Y.js} +35 -5
  59. package/dist/chunk-SIZWEV2Y.js.map +1 -0
  60. package/dist/{chunk-U7YDBNFC.js → chunk-UZXLQCHP.js} +2 -2
  61. package/dist/{chunk-PPJA7KL6.js → chunk-V6SGP2KX.js} +3 -3
  62. package/dist/{chunk-7AQKLLI5.js → chunk-WCA2NROQ.js} +2 -2
  63. package/dist/{chunk-ERV4AXVO.js → chunk-XGSOTWYX.js} +90 -131
  64. package/dist/chunk-XGSOTWYX.js.map +1 -0
  65. package/dist/{chunk-5Y4AKEZ6.js → chunk-Z72JH4KG.js} +2 -2
  66. package/dist/{chunk-IXFP66OV.js → chunk-ZNOEIM6Y.js} +2 -2
  67. package/dist/consent/index.cjs.map +1 -1
  68. package/dist/consent/index.d.cts +5 -4
  69. package/dist/consent/index.d.ts +5 -4
  70. package/dist/consent/index.js +3 -3
  71. package/dist/{crypto-VTEMMJK6.js → crypto-A7FRXYHC.js} +3 -3
  72. package/dist/{delegation-HYQULPZR.js → delegation-YBA4X4JN.js} +5 -5
  73. package/dist/derivations/index.cjs +97 -1
  74. package/dist/derivations/index.cjs.map +1 -1
  75. package/dist/derivations/index.d.cts +37 -10
  76. package/dist/derivations/index.d.ts +37 -10
  77. package/dist/derivations/index.js +6 -4
  78. package/dist/{dev-unlock-CpJ9rHW2.d.ts → dev-unlock-C8u6MRfS.d.ts} +1 -1
  79. package/dist/{dev-unlock-DEUUpWoR.d.cts → dev-unlock-gBjwzB6A.d.cts} +1 -1
  80. package/dist/executor-7E3VFGW7.js +11 -0
  81. package/dist/executor-CEWX2FQI.js +8 -0
  82. package/dist/executor-X4SQ3ZLC.js +8 -0
  83. package/dist/fanout-sidecar-ACJNXFU6.js +51 -0
  84. package/dist/fanout-sidecar-ACJNXFU6.js.map +1 -0
  85. package/dist/guards/index.cjs.map +1 -1
  86. package/dist/guards/index.d.cts +6 -5
  87. package/dist/guards/index.d.ts +6 -5
  88. package/dist/guards/index.js +6 -6
  89. package/dist/{hash-_9VyW44M.d.cts → hash-BXy5DuTD.d.cts} +1 -1
  90. package/dist/{hash-CJ9LfuY5.d.ts → hash-C6KOPK9Q.d.ts} +1 -1
  91. package/dist/history/index.cjs +2 -1
  92. package/dist/history/index.cjs.map +1 -1
  93. package/dist/history/index.d.cts +6 -5
  94. package/dist/history/index.d.ts +6 -5
  95. package/dist/history/index.js +6 -6
  96. package/dist/i18n/index.cjs.map +1 -1
  97. package/dist/i18n/index.d.cts +5 -4
  98. package/dist/i18n/index.d.ts +5 -4
  99. package/dist/i18n/index.js +6 -6
  100. package/dist/{index-s31g3m-D.d.cts → index-BA7A-MJs.d.cts} +96 -4
  101. package/dist/{index-BWAXR9tV.d.ts → index-CLK67MZE.d.ts} +96 -4
  102. package/dist/{index-7nd15fgy.d.ts → index-CNwA-B6-.d.ts} +70 -2
  103. package/dist/{index-CFJKJXWa.d.cts → index-CmVgTkqk.d.cts} +70 -2
  104. package/dist/index.cjs +2400 -571
  105. package/dist/index.cjs.map +1 -1
  106. package/dist/index.d.cts +128 -18
  107. package/dist/index.d.ts +128 -18
  108. package/dist/index.js +1217 -107
  109. package/dist/index.js.map +1 -1
  110. package/dist/indexing/index.cjs.map +1 -1
  111. package/dist/indexing/index.js +2 -2
  112. package/dist/{ledger-LHLIVPJ3.js → ledger-GHIZQLKR.js} +6 -6
  113. package/dist/materialized-views/index.cjs +255 -21
  114. package/dist/materialized-views/index.cjs.map +1 -1
  115. package/dist/materialized-views/index.d.cts +7 -6
  116. package/dist/materialized-views/index.d.ts +7 -6
  117. package/dist/materialized-views/index.js +9 -5
  118. package/dist/overlay-views/index.cjs.map +1 -1
  119. package/dist/overlay-views/index.d.cts +6 -5
  120. package/dist/overlay-views/index.d.ts +6 -5
  121. package/dist/overlay-views/index.js +3 -3
  122. package/dist/periods/index.cjs +2 -1
  123. package/dist/periods/index.cjs.map +1 -1
  124. package/dist/periods/index.d.cts +5 -4
  125. package/dist/periods/index.d.ts +5 -4
  126. package/dist/periods/index.js +6 -6
  127. package/dist/{public-envelope-66ZBXVXK.js → public-envelope-CRJAVW3E.js} +4 -4
  128. package/dist/query/index.cjs +139 -113
  129. package/dist/query/index.cjs.map +1 -1
  130. package/dist/query/index.d.cts +2 -2
  131. package/dist/query/index.d.ts +2 -2
  132. package/dist/query/index.js +13 -9
  133. package/dist/{registry-JYALMHGM.js → registry-3L3N3PTG.js} +3 -3
  134. package/dist/registry-O47PUPSY.js +8 -0
  135. package/dist/registry-WLLMODKN.js +8 -0
  136. package/dist/session/index.cjs.map +1 -1
  137. package/dist/session/index.d.cts +6 -5
  138. package/dist/session/index.d.ts +6 -5
  139. package/dist/session/index.js +3 -3
  140. package/dist/shadow/index.cjs.map +1 -1
  141. package/dist/shadow/index.d.cts +5 -4
  142. package/dist/shadow/index.d.ts +5 -4
  143. package/dist/shadow/index.js +2 -2
  144. package/dist/{stale-EET5YFYL.js → stale-HSC5YO2O.js} +2 -2
  145. package/dist/store/index.cjs.map +1 -1
  146. package/dist/store/index.d.cts +5 -4
  147. package/dist/store/index.d.ts +5 -4
  148. package/dist/store/index.js +2 -2
  149. package/dist/{strategy-D-SrOLCl.d.cts → strategy-DSTrsZ8t.d.cts} +72 -19
  150. package/dist/{strategy-D-SrOLCl.d.ts → strategy-DSTrsZ8t.d.ts} +72 -19
  151. package/dist/sync/index.cjs.map +1 -1
  152. package/dist/sync/index.d.cts +4 -3
  153. package/dist/sync/index.d.ts +4 -3
  154. package/dist/sync/index.js +4 -4
  155. package/dist/team/index.cjs +136 -6
  156. package/dist/team/index.cjs.map +1 -1
  157. package/dist/team/index.d.cts +5 -4
  158. package/dist/team/index.d.ts +5 -4
  159. package/dist/team/index.js +7 -7
  160. package/dist/tx/index.cjs +2 -1
  161. package/dist/tx/index.cjs.map +1 -1
  162. package/dist/tx/index.d.cts +5 -4
  163. package/dist/tx/index.d.ts +5 -4
  164. package/dist/tx/index.js +2 -2
  165. package/dist/{types-2JGVRzO2.d.cts → types-DDy02bWN.d.cts} +1159 -257
  166. package/dist/{types-DIOLYPUq.d.ts → types-DImsOlJe.d.ts} +1159 -257
  167. package/dist/util/index.cjs.map +1 -1
  168. package/dist/util/index.js +1 -1
  169. package/dist/{with-derivation-ClhfQvRa.d.ts → with-derivation-3AdLeSw8.d.ts} +1 -1
  170. package/dist/{with-derivation-3JX8SMxY.d.cts → with-derivation-CkCHx_J8.d.cts} +1 -1
  171. package/dist/{with-guard-Br3YPxRW.d.ts → with-guard-Br9zLEdi.d.ts} +1 -1
  172. package/dist/{with-guard-fJVfWBLs.d.cts → with-guard-DtKsFExw.d.cts} +1 -1
  173. package/dist/with-materialized-view-CMhEX4FK.d.cts +27 -0
  174. package/dist/with-materialized-view-Zal2bE1T.d.ts +27 -0
  175. package/dist/{with-overlayed-view-BLUKxdiJ.d.cts → with-overlayed-view-CA6zHrBt.d.cts} +1 -1
  176. package/dist/{with-overlayed-view-CtvJxhU3.d.ts → with-overlayed-view-R4BNG9OB.d.ts} +1 -1
  177. package/package.json +14 -2
  178. package/dist/chunk-432R4RDC.js.map +0 -1
  179. package/dist/chunk-CX2S2IBB.js.map +0 -1
  180. package/dist/chunk-E3VAKWJ7.js.map +0 -1
  181. package/dist/chunk-ERV4AXVO.js.map +0 -1
  182. package/dist/chunk-GV47JHIF.js +0 -29
  183. package/dist/chunk-GV47JHIF.js.map +0 -1
  184. package/dist/chunk-LTKFPLTW.js.map +0 -1
  185. package/dist/chunk-PMMNH7VZ.js.map +0 -1
  186. package/dist/chunk-Q2L5ZYX7.js +0 -66
  187. package/dist/chunk-Q2L5ZYX7.js.map +0 -1
  188. package/dist/chunk-Q3OWJPJI.js.map +0 -1
  189. package/dist/chunk-SBK6CETA.js +0 -30
  190. package/dist/chunk-SBK6CETA.js.map +0 -1
  191. package/dist/chunk-SBOSKCXD.js.map +0 -1
  192. package/dist/chunk-WLZWITX3.js.map +0 -1
  193. package/dist/chunk-ZJICDHNH.js.map +0 -1
  194. package/dist/executor-3H3NSIVZ.js +0 -8
  195. package/dist/executor-7ZOXGY7P.js +0 -8
  196. package/dist/executor-A5LTUAG2.js +0 -9
  197. package/dist/registry-J2UI37XJ.js +0 -8
  198. package/dist/registry-UMAL72WL.js +0 -8
  199. package/dist/with-materialized-view-CHho83hN.d.cts +0 -15
  200. package/dist/with-materialized-view-CgPphnza.d.ts +0 -15
  201. /package/dist/{chunk-HENWE2QQ.js.map → chunk-34YSDCDP.js.map} +0 -0
  202. /package/dist/{chunk-3J5PYYUL.js.map → chunk-5DWL3JBF.js.map} +0 -0
  203. /package/dist/{chunk-562AT3V6.js.map → chunk-5NGHX6ME.js.map} +0 -0
  204. /package/dist/{chunk-AD4FMCXZ.js.map → chunk-DYBQG5PQ.js.map} +0 -0
  205. /package/dist/{chunk-PNTWORBA.js.map → chunk-DYECX3IX.js.map} +0 -0
  206. /package/dist/{chunk-RGHN6WV7.js.map → chunk-FCXOFQAJ.js.map} +0 -0
  207. /package/dist/{chunk-CRNMA2FB.js.map → chunk-I6MX32UC.js.map} +0 -0
  208. /package/dist/{chunk-PHSGPPV7.js.map → chunk-KESP7GOK.js.map} +0 -0
  209. /package/dist/{chunk-FB34MDSJ.js.map → chunk-KJJKHKFP.js.map} +0 -0
  210. /package/dist/{chunk-J3E2UMET.js.map → chunk-MIQHZESA.js.map} +0 -0
  211. /package/dist/{chunk-TNYWH7Z2.js.map → chunk-MKSA2V7A.js.map} +0 -0
  212. /package/dist/{chunk-E4ZSYZSN.js.map → chunk-NVBUGT76.js.map} +0 -0
  213. /package/dist/{chunk-XFVOTOYQ.js.map → chunk-O4RHR7FV.js.map} +0 -0
  214. /package/dist/{chunk-EEEFQTYN.js.map → chunk-OMLIZL2P.js.map} +0 -0
  215. /package/dist/{chunk-GVPFL6XF.js.map → chunk-P7EQ2S5O.js.map} +0 -0
  216. /package/dist/{chunk-7QGJ7RTL.js.map → chunk-RRMDLTIL.js.map} +0 -0
  217. /package/dist/{chunk-U7YDBNFC.js.map → chunk-UZXLQCHP.js.map} +0 -0
  218. /package/dist/{chunk-PPJA7KL6.js.map → chunk-V6SGP2KX.js.map} +0 -0
  219. /package/dist/{chunk-7AQKLLI5.js.map → chunk-WCA2NROQ.js.map} +0 -0
  220. /package/dist/{chunk-5Y4AKEZ6.js.map → chunk-Z72JH4KG.js.map} +0 -0
  221. /package/dist/{chunk-IXFP66OV.js.map → chunk-ZNOEIM6Y.js.map} +0 -0
  222. /package/dist/{crypto-VTEMMJK6.js.map → crypto-A7FRXYHC.js.map} +0 -0
  223. /package/dist/{delegation-HYQULPZR.js.map → delegation-YBA4X4JN.js.map} +0 -0
  224. /package/dist/{executor-3H3NSIVZ.js.map → executor-7E3VFGW7.js.map} +0 -0
  225. /package/dist/{executor-7ZOXGY7P.js.map → executor-CEWX2FQI.js.map} +0 -0
  226. /package/dist/{executor-A5LTUAG2.js.map → executor-X4SQ3ZLC.js.map} +0 -0
  227. /package/dist/{ledger-LHLIVPJ3.js.map → ledger-GHIZQLKR.js.map} +0 -0
  228. /package/dist/{public-envelope-66ZBXVXK.js.map → public-envelope-CRJAVW3E.js.map} +0 -0
  229. /package/dist/{registry-J2UI37XJ.js.map → registry-3L3N3PTG.js.map} +0 -0
  230. /package/dist/{registry-JYALMHGM.js.map → registry-O47PUPSY.js.map} +0 -0
  231. /package/dist/{registry-UMAL72WL.js.map → registry-WLLMODKN.js.map} +0 -0
  232. /package/dist/{stale-EET5YFYL.js.map → stale-HSC5YO2O.js.map} +0 -0
@@ -1,10 +1,11 @@
1
- import { I as I18nStrategy } from '../types-2JGVRzO2.cjs';
2
- export { D as DICT_COLLECTION_PREFIX, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, e as I18nTextDescriptor, f as I18nTextOptions, g as applyI18nLocale, h as dictCollectionName, i as dictKey, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, r as resolveI18nText, v as validateI18nTextValue } from '../types-2JGVRzO2.cjs';
3
- export { D as DictKeyInUseError, a as DictKeyMissingError, L as LocaleNotSpecifiedError, M as MissingTranslationError, R as ReservedCollectionNameError, T as TranslatorNotConfiguredError } from '../index-CFJKJXWa.cjs';
1
+ import { I as I18nStrategy } from '../types-DDy02bWN.cjs';
2
+ export { D as DICT_COLLECTION_PREFIX, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, e as I18nTextDescriptor, f as I18nTextOptions, g as applyI18nLocale, h as dictCollectionName, i as dictKey, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, r as resolveI18nText, v as validateI18nTextValue } from '../types-DDy02bWN.cjs';
3
+ export { D as DictKeyInUseError, a as DictKeyMissingError, L as LocaleNotSpecifiedError, M as MissingTranslationError, R as ReservedCollectionNameError, T as TranslatorNotConfiguredError } from '../index-CmVgTkqk.cjs';
4
4
  import '../lazy-builder-C-rPfWG0.cjs';
5
5
  import '../predicate-Dnu81tsS.cjs';
6
- import '../strategy-D-SrOLCl.cjs';
6
+ import '../strategy-DSTrsZ8t.cjs';
7
7
  import '../strategy-BSxFXGzb.cjs';
8
+ import '@noy-db/on-shamir';
8
9
 
9
10
  /**
10
11
  * Active i18n strategy — `withI18n()` returns the real implementation
@@ -1,10 +1,11 @@
1
- import { I as I18nStrategy } from '../types-DIOLYPUq.js';
2
- export { D as DICT_COLLECTION_PREFIX, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, e as I18nTextDescriptor, f as I18nTextOptions, g as applyI18nLocale, h as dictCollectionName, i as dictKey, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, r as resolveI18nText, v as validateI18nTextValue } from '../types-DIOLYPUq.js';
3
- export { D as DictKeyInUseError, a as DictKeyMissingError, L as LocaleNotSpecifiedError, M as MissingTranslationError, R as ReservedCollectionNameError, T as TranslatorNotConfiguredError } from '../index-7nd15fgy.js';
1
+ import { I as I18nStrategy } from '../types-DImsOlJe.js';
2
+ export { D as DICT_COLLECTION_PREFIX, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, e as I18nTextDescriptor, f as I18nTextOptions, g as applyI18nLocale, h as dictCollectionName, i as dictKey, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, r as resolveI18nText, v as validateI18nTextValue } from '../types-DImsOlJe.js';
3
+ export { D as DictKeyInUseError, a as DictKeyMissingError, L as LocaleNotSpecifiedError, M as MissingTranslationError, R as ReservedCollectionNameError, T as TranslatorNotConfiguredError } from '../index-CNwA-B6-.js';
4
4
  import '../lazy-builder-Rpd-V3jP.js';
5
5
  import '../predicate-Dnu81tsS.js';
6
- import '../strategy-D-SrOLCl.js';
6
+ import '../strategy-DSTrsZ8t.js';
7
7
  import '../strategy-BSxFXGzb.js';
8
+ import '@noy-db/on-shamir';
8
9
 
9
10
  /**
10
11
  * Active i18n strategy — `withI18n()` returns the real implementation
@@ -10,11 +10,11 @@ import {
10
10
  isI18nTextDescriptor,
11
11
  resolveI18nText,
12
12
  validateI18nTextValue
13
- } from "../chunk-XFVOTOYQ.js";
14
- import "../chunk-7QGJ7RTL.js";
15
- import "../chunk-WLZWITX3.js";
16
- import "../chunk-PMMNH7VZ.js";
17
- import "../chunk-7AQKLLI5.js";
13
+ } from "../chunk-O4RHR7FV.js";
14
+ import "../chunk-RRMDLTIL.js";
15
+ import "../chunk-2AXFIYHT.js";
16
+ import "../chunk-H7XROQJM.js";
17
+ import "../chunk-WCA2NROQ.js";
18
18
  import {
19
19
  DictKeyInUseError,
20
20
  DictKeyMissingError,
@@ -22,7 +22,7 @@ import {
22
22
  MissingTranslationError,
23
23
  ReservedCollectionNameError,
24
24
  TranslatorNotConfiguredError
25
- } from "../chunk-W7M3E5M5.js";
25
+ } from "../chunk-ADQ5MQ54.js";
26
26
 
27
27
  // src/i18n/active.ts
28
28
  function withI18n() {
@@ -1,5 +1,5 @@
1
- import { be as PublicEnvelope, bq as BundleRecipient, bm as Vault } from './types-2JGVRzO2.cjs';
2
- import './index-CFJKJXWa.cjs';
1
+ import { bh as PublicEnvelope, dj as SealingKeyProvider, bu as BundleRecipient, bq as Vault } from './types-DDy02bWN.cjs';
2
+ import './index-CmVgTkqk.cjs';
3
3
 
4
4
  /**
5
5
  * `.noydb` container format — byte layout, header schema, validators.
@@ -124,6 +124,22 @@ interface NoydbBundleHeader {
124
124
  * other unknown header key still rejects at parse time.
125
125
  */
126
126
  readonly publicEnvelope?: PublicEnvelope;
127
+ /**
128
+ * Auto-unlock material indicator (#197). When present, the bundle
129
+ * body wraps the dump JSON in a structure carrying per-user
130
+ * passphrases — either plaintext (`'unsealed'`, public-by-design)
131
+ * or sealed under a `SealingKeyProvider` (`'sealed'`, requires
132
+ * matching provider on the recipient side).
133
+ *
134
+ * Visible pre-decompression so cloud listing UIs can warn before
135
+ * download: "this bundle opens itself for anyone holding the file"
136
+ * (unsealed) or "this bundle is sealed for a specific provider"
137
+ * (sealed).
138
+ *
139
+ * Absent → the body is a raw `vault.dump()` JSON string (the
140
+ * pre-#197 shape; back-compatible).
141
+ */
142
+ readonly autoUnlock?: 'unsealed' | 'sealed';
127
143
  }
128
144
  /**
129
145
  * Validate a parsed bundle header. Throws on any deviation from
@@ -259,6 +275,45 @@ interface WriteNoydbBundleOptions {
259
275
  * suited to personal backup-and-restore).
260
276
  */
261
277
  readonly recipients?: readonly BundleRecipient[];
278
+ /**
279
+ * Auto-unlock — unsealed per-user passphrases (#197 slice 1).
280
+ *
281
+ * Public-by-design: anyone holding the bundle bytes can read these
282
+ * plaintext credentials. Use for demo data, sample vaults,
283
+ * prospect onboarding.
284
+ *
285
+ * The `policy: 'public-by-design'` discriminant is mandatory. A
286
+ * bare `{ perUser }` without it is rejected at write time — the
287
+ * safety net against a careless call against a production vault.
288
+ *
289
+ * Mutually exclusive with `sealedPassphrases`.
290
+ */
291
+ readonly autoPassphrases?: {
292
+ readonly policy: 'public-by-design';
293
+ readonly perUser: Record<string, string>;
294
+ };
295
+ /**
296
+ * Auto-unlock — per-user passphrases sealed under a
297
+ * {@link SealingKeyProvider} (#197 slice 1, self-target only).
298
+ *
299
+ * The hub seals each user's plaintext passphrase under `provider`
300
+ * and embeds the resulting sealed envelopes in the bundle. The
301
+ * recipient must hold a provider with a matching `pid` (i.e.,
302
+ * `provider.id`) to auto-unseal on import.
303
+ *
304
+ * `mode: 'self-target'` is the only mode in slice 1 — sender and
305
+ * recipient share the same provider identity (same iCloud Keychain
306
+ * entry, same MDM-provisioned bundle id, same KMS account, etc.).
307
+ * Recipient-target sealing via the `RecipientSealer` interface
308
+ * (foundation §11.4) is deferred to a follow-up slice.
309
+ *
310
+ * Mutually exclusive with `autoPassphrases`.
311
+ */
312
+ readonly sealedPassphrases?: {
313
+ readonly mode: 'self-target';
314
+ readonly provider: SealingKeyProvider;
315
+ readonly perUser: Record<string, string>;
316
+ };
262
317
  }
263
318
  /**
264
319
  * Result returned by `readNoydbBundle`. The caller is expected to
@@ -269,6 +324,43 @@ interface WriteNoydbBundleOptions {
269
324
  interface NoydbBundleReadResult {
270
325
  readonly header: NoydbBundleHeader;
271
326
  readonly dumpJson: string;
327
+ /**
328
+ * Auto-unlock material (#197). Present only when the header's
329
+ * `autoUnlock` flag is set AND the body's wrapped structure
330
+ * survived parsing. Values are **plaintext** passphrases ready to
331
+ * pass to `createNoydb({ secret })` — either delivered plain
332
+ * (`kind: 'unsealed'`) or unsealed at read time using one of the
333
+ * supplied `sealingProviders` (`kind: 'sealed'`).
334
+ */
335
+ readonly autoUnlock?: {
336
+ readonly kind: 'unsealed' | 'sealed';
337
+ readonly perUser: Record<string, string>;
338
+ };
339
+ }
340
+ /**
341
+ * Options accepted by {@link readNoydbBundle} for the #197
342
+ * auto-unlock paths. Without these the reader behaves exactly as
343
+ * pre-#197 (header parsed; body returned as `dumpJson`).
344
+ */
345
+ interface ReadNoydbBundleOptions {
346
+ /**
347
+ * Recipient-side sealing providers used to unseal entries from
348
+ * `sealedPassphrases`. The reader picks the one whose `.id`
349
+ * matches each entry's `pid`. Multiple providers may be supplied
350
+ * (different users may seal under different identities).
351
+ *
352
+ * When unset and the bundle carries sealed envelopes, the
353
+ * `autoUnlock.perUser` map remains the SEALED entries unmodified
354
+ * — callers can inspect them or unseal elsewhere.
355
+ */
356
+ readonly sealingProviders?: readonly SealingKeyProvider[];
357
+ /**
358
+ * Opt-in trial mode for unsealing — when an entry's `pid` doesn't
359
+ * match a registered provider, try each provider whose alg
360
+ * matches. Default `false` (strict-pid dispatch per foundation
361
+ * §11.9.2). Surfaces extra credential prompts; use deliberately.
362
+ */
363
+ readonly attemptUnsealAcrossProviders?: boolean;
272
364
  }
273
365
  /** Test-only: reset the brotli detection cache between tests. */
274
366
  declare function resetBrotliSupportCache(): void;
@@ -345,7 +437,7 @@ declare function readNoydbBundlePublicEnvelope(bytes: Uint8Array, opts?: {
345
437
  * free of crypto concerns and lets the same code feed format
346
438
  * inspectors that never decrypt anything.
347
439
  */
348
- declare function readNoydbBundle(bytes: Uint8Array): Promise<NoydbBundleReadResult>;
440
+ declare function readNoydbBundle(bytes: Uint8Array, opts?: ReadNoydbBundleOptions): Promise<NoydbBundleReadResult>;
349
441
 
350
442
  /**
351
443
  * Minimal ULID generator — zero dependencies, Web Crypto API only.
@@ -412,4 +504,4 @@ declare function generateULID(): string;
412
504
  */
413
505
  declare function isULID(value: string): boolean;
414
506
 
415
- export { type CompressionAlgo as C, FLAG_COMPRESSED as F, NOYDB_BUNDLE_FORMAT_VERSION as N, type WriteNoydbBundleOptions as W, NOYDB_BUNDLE_MAGIC as a, NOYDB_BUNDLE_PREFIX_BYTES as b, type NoydbBundleHeader as c, type NoydbBundleReadResult as d, readNoydbBundleHeader as e, readNoydbBundlePublicEnvelope as f, generateULID as g, hasNoydbBundleMagic as h, isULID as i, resetBrotliSupportCache as j, COMPRESSION_BROTLI as k, COMPRESSION_GZIP as l, COMPRESSION_NONE as m, FLAG_HAS_INTEGRITY_HASH as n, encodeBundleHeader as o, readNoydbBundle as r, validateBundleHeader as v, writeNoydbBundle as w };
507
+ export { type CompressionAlgo as C, FLAG_COMPRESSED as F, NOYDB_BUNDLE_FORMAT_VERSION as N, type ReadNoydbBundleOptions as R, type WriteNoydbBundleOptions as W, NOYDB_BUNDLE_MAGIC as a, NOYDB_BUNDLE_PREFIX_BYTES as b, type NoydbBundleHeader as c, type NoydbBundleReadResult as d, readNoydbBundleHeader as e, readNoydbBundlePublicEnvelope as f, generateULID as g, hasNoydbBundleMagic as h, isULID as i, resetBrotliSupportCache as j, COMPRESSION_BROTLI as k, COMPRESSION_GZIP as l, COMPRESSION_NONE as m, FLAG_HAS_INTEGRITY_HASH as n, encodeBundleHeader as o, readNoydbBundle as r, validateBundleHeader as v, writeNoydbBundle as w };
@@ -1,5 +1,5 @@
1
- import { be as PublicEnvelope, bq as BundleRecipient, bm as Vault } from './types-DIOLYPUq.js';
2
- import './index-7nd15fgy.js';
1
+ import { bh as PublicEnvelope, dj as SealingKeyProvider, bu as BundleRecipient, bq as Vault } from './types-DImsOlJe.js';
2
+ import './index-CNwA-B6-.js';
3
3
 
4
4
  /**
5
5
  * `.noydb` container format — byte layout, header schema, validators.
@@ -124,6 +124,22 @@ interface NoydbBundleHeader {
124
124
  * other unknown header key still rejects at parse time.
125
125
  */
126
126
  readonly publicEnvelope?: PublicEnvelope;
127
+ /**
128
+ * Auto-unlock material indicator (#197). When present, the bundle
129
+ * body wraps the dump JSON in a structure carrying per-user
130
+ * passphrases — either plaintext (`'unsealed'`, public-by-design)
131
+ * or sealed under a `SealingKeyProvider` (`'sealed'`, requires
132
+ * matching provider on the recipient side).
133
+ *
134
+ * Visible pre-decompression so cloud listing UIs can warn before
135
+ * download: "this bundle opens itself for anyone holding the file"
136
+ * (unsealed) or "this bundle is sealed for a specific provider"
137
+ * (sealed).
138
+ *
139
+ * Absent → the body is a raw `vault.dump()` JSON string (the
140
+ * pre-#197 shape; back-compatible).
141
+ */
142
+ readonly autoUnlock?: 'unsealed' | 'sealed';
127
143
  }
128
144
  /**
129
145
  * Validate a parsed bundle header. Throws on any deviation from
@@ -259,6 +275,45 @@ interface WriteNoydbBundleOptions {
259
275
  * suited to personal backup-and-restore).
260
276
  */
261
277
  readonly recipients?: readonly BundleRecipient[];
278
+ /**
279
+ * Auto-unlock — unsealed per-user passphrases (#197 slice 1).
280
+ *
281
+ * Public-by-design: anyone holding the bundle bytes can read these
282
+ * plaintext credentials. Use for demo data, sample vaults,
283
+ * prospect onboarding.
284
+ *
285
+ * The `policy: 'public-by-design'` discriminant is mandatory. A
286
+ * bare `{ perUser }` without it is rejected at write time — the
287
+ * safety net against a careless call against a production vault.
288
+ *
289
+ * Mutually exclusive with `sealedPassphrases`.
290
+ */
291
+ readonly autoPassphrases?: {
292
+ readonly policy: 'public-by-design';
293
+ readonly perUser: Record<string, string>;
294
+ };
295
+ /**
296
+ * Auto-unlock — per-user passphrases sealed under a
297
+ * {@link SealingKeyProvider} (#197 slice 1, self-target only).
298
+ *
299
+ * The hub seals each user's plaintext passphrase under `provider`
300
+ * and embeds the resulting sealed envelopes in the bundle. The
301
+ * recipient must hold a provider with a matching `pid` (i.e.,
302
+ * `provider.id`) to auto-unseal on import.
303
+ *
304
+ * `mode: 'self-target'` is the only mode in slice 1 — sender and
305
+ * recipient share the same provider identity (same iCloud Keychain
306
+ * entry, same MDM-provisioned bundle id, same KMS account, etc.).
307
+ * Recipient-target sealing via the `RecipientSealer` interface
308
+ * (foundation §11.4) is deferred to a follow-up slice.
309
+ *
310
+ * Mutually exclusive with `autoPassphrases`.
311
+ */
312
+ readonly sealedPassphrases?: {
313
+ readonly mode: 'self-target';
314
+ readonly provider: SealingKeyProvider;
315
+ readonly perUser: Record<string, string>;
316
+ };
262
317
  }
263
318
  /**
264
319
  * Result returned by `readNoydbBundle`. The caller is expected to
@@ -269,6 +324,43 @@ interface WriteNoydbBundleOptions {
269
324
  interface NoydbBundleReadResult {
270
325
  readonly header: NoydbBundleHeader;
271
326
  readonly dumpJson: string;
327
+ /**
328
+ * Auto-unlock material (#197). Present only when the header's
329
+ * `autoUnlock` flag is set AND the body's wrapped structure
330
+ * survived parsing. Values are **plaintext** passphrases ready to
331
+ * pass to `createNoydb({ secret })` — either delivered plain
332
+ * (`kind: 'unsealed'`) or unsealed at read time using one of the
333
+ * supplied `sealingProviders` (`kind: 'sealed'`).
334
+ */
335
+ readonly autoUnlock?: {
336
+ readonly kind: 'unsealed' | 'sealed';
337
+ readonly perUser: Record<string, string>;
338
+ };
339
+ }
340
+ /**
341
+ * Options accepted by {@link readNoydbBundle} for the #197
342
+ * auto-unlock paths. Without these the reader behaves exactly as
343
+ * pre-#197 (header parsed; body returned as `dumpJson`).
344
+ */
345
+ interface ReadNoydbBundleOptions {
346
+ /**
347
+ * Recipient-side sealing providers used to unseal entries from
348
+ * `sealedPassphrases`. The reader picks the one whose `.id`
349
+ * matches each entry's `pid`. Multiple providers may be supplied
350
+ * (different users may seal under different identities).
351
+ *
352
+ * When unset and the bundle carries sealed envelopes, the
353
+ * `autoUnlock.perUser` map remains the SEALED entries unmodified
354
+ * — callers can inspect them or unseal elsewhere.
355
+ */
356
+ readonly sealingProviders?: readonly SealingKeyProvider[];
357
+ /**
358
+ * Opt-in trial mode for unsealing — when an entry's `pid` doesn't
359
+ * match a registered provider, try each provider whose alg
360
+ * matches. Default `false` (strict-pid dispatch per foundation
361
+ * §11.9.2). Surfaces extra credential prompts; use deliberately.
362
+ */
363
+ readonly attemptUnsealAcrossProviders?: boolean;
272
364
  }
273
365
  /** Test-only: reset the brotli detection cache between tests. */
274
366
  declare function resetBrotliSupportCache(): void;
@@ -345,7 +437,7 @@ declare function readNoydbBundlePublicEnvelope(bytes: Uint8Array, opts?: {
345
437
  * free of crypto concerns and lets the same code feed format
346
438
  * inspectors that never decrypt anything.
347
439
  */
348
- declare function readNoydbBundle(bytes: Uint8Array): Promise<NoydbBundleReadResult>;
440
+ declare function readNoydbBundle(bytes: Uint8Array, opts?: ReadNoydbBundleOptions): Promise<NoydbBundleReadResult>;
349
441
 
350
442
  /**
351
443
  * Minimal ULID generator — zero dependencies, Web Crypto API only.
@@ -412,4 +504,4 @@ declare function generateULID(): string;
412
504
  */
413
505
  declare function isULID(value: string): boolean;
414
506
 
415
- export { type CompressionAlgo as C, FLAG_COMPRESSED as F, NOYDB_BUNDLE_FORMAT_VERSION as N, type WriteNoydbBundleOptions as W, NOYDB_BUNDLE_MAGIC as a, NOYDB_BUNDLE_PREFIX_BYTES as b, type NoydbBundleHeader as c, type NoydbBundleReadResult as d, readNoydbBundleHeader as e, readNoydbBundlePublicEnvelope as f, generateULID as g, hasNoydbBundleMagic as h, isULID as i, resetBrotliSupportCache as j, COMPRESSION_BROTLI as k, COMPRESSION_GZIP as l, COMPRESSION_NONE as m, FLAG_HAS_INTEGRITY_HASH as n, encodeBundleHeader as o, readNoydbBundle as r, validateBundleHeader as v, writeNoydbBundle as w };
507
+ export { type CompressionAlgo as C, FLAG_COMPRESSED as F, NOYDB_BUNDLE_FORMAT_VERSION as N, type ReadNoydbBundleOptions as R, type WriteNoydbBundleOptions as W, NOYDB_BUNDLE_MAGIC as a, NOYDB_BUNDLE_PREFIX_BYTES as b, type NoydbBundleHeader as c, type NoydbBundleReadResult as d, readNoydbBundleHeader as e, readNoydbBundlePublicEnvelope as f, generateULID as g, hasNoydbBundleMagic as h, isULID as i, resetBrotliSupportCache as j, COMPRESSION_BROTLI as k, COMPRESSION_GZIP as l, COMPRESSION_NONE as m, FLAG_HAS_INTEGRITY_HASH as n, encodeBundleHeader as o, readNoydbBundle as r, validateBundleHeader as v, writeNoydbBundle as w };
@@ -1,5 +1,5 @@
1
1
  import { C as CollectionIndexes, a as Clause, O as Operator } from './predicate-Dnu81tsS.js';
2
- import { A as AggregateStrategy, b as AggregateSpec, c as Aggregation, a as AggregateResult, g as GroupedQuery } from './strategy-D-SrOLCl.js';
2
+ import { A as AggregateStrategy, b as AggregateSpec, c as Aggregation, a as AggregateResult, g as GroupedQuery, h as GroupedQueryN } from './strategy-DSTrsZ8t.js';
3
3
 
4
4
  /**
5
5
  * All NOYDB error classes — a single import surface for `catch` blocks and
@@ -662,6 +662,33 @@ declare class IndexWriteFailureError extends NoydbError {
662
662
  declare class BundleIntegrityError extends NoydbError {
663
663
  constructor(message: string);
664
664
  }
665
+ /**
666
+ * Thrown by `readNoydbBundle` (#197) when the bundle carries
667
+ * sealed per-user passphrases but no supplied `SealingKeyProvider`
668
+ * has a `.id` (= `pid`) matching the sealed entry's `pid`.
669
+ *
670
+ * Carries the failing pid + the user id so the recipient can
671
+ * surface an actionable prompt:
672
+ *
673
+ * ```
674
+ * BundleSealMismatchError: bundle carries sealed passphrase for user "alice"
675
+ * under provider "macos-keychain:com.acme.app/alice@acme.example",
676
+ * but no registered provider matches that pid.
677
+ * ```
678
+ *
679
+ * Three resolution paths the message names (per foundation §11.9.4):
680
+ *
681
+ * 1. Configure a provider matching the pid and retry import.
682
+ * 2. Pass `attemptUnsealAcrossProviders: true` to try each
683
+ * registered provider regardless of pid.
684
+ * 3. Inspect without unsealing — pass no `sealingProviders` to
685
+ * receive the sealed entries unmodified for offline analysis.
686
+ */
687
+ declare class BundleSealMismatchError extends NoydbError {
688
+ readonly userId: string;
689
+ readonly pid: string;
690
+ constructor(userId: string, pid: string);
691
+ }
665
692
  /**
666
693
  * Thrown when `vault.collection()` is called with a name that is
667
694
  * reserved for NOYDB internal use (any name starting with `_dict_`).
@@ -942,6 +969,23 @@ declare class DerivationOutputShapeError extends NoydbError {
942
969
  readonly outputKey: string;
943
970
  constructor(outputKey: string, detail: string);
944
971
  }
972
+ /**
973
+ * Thrown by array-shape derivations (#200) when the `derive` function
974
+ * returns more rows than the output's `maxFanout` cap. The cap exists
975
+ * to keep dispatch cost bounded — without it a single source-row
976
+ * update could fan out to thousands of derived rows, dominating the
977
+ * write path.
978
+ *
979
+ * Defaults to `maxFanout: 64`. Raise on the output spec for
980
+ * carry-forward expansion cases (e.g. monthly rows across multi-year
981
+ * contracts).
982
+ */
983
+ declare class DerivationCapExceededError extends NoydbError {
984
+ readonly outputKey: string;
985
+ readonly returned: number;
986
+ readonly maxFanout: number;
987
+ constructor(outputKey: string, returned: number, maxFanout: number);
988
+ }
945
989
  /**
946
990
  * Thrown at vault open if the materialized-view graph contains a
947
991
  * cycle. `path` is the offending chain (e.g. `['a-mv', 'b-mv', 'a-mv']`).
@@ -976,6 +1020,29 @@ declare class MaterializedViewTooLargeError extends NoydbError {
976
1020
  readonly limit: number;
977
1021
  constructor(mvName: string, expected: number, limit: number);
978
1022
  }
1023
+ /**
1024
+ * Thrown by `withMaterializedView()` at registration time when the
1025
+ * strategy is structurally malformed. Distinct from
1026
+ * `MaterializedViewSourceUnknownError` (the source list is well-formed
1027
+ * but names a collection the vault doesn't know) and
1028
+ * `MaterializedViewCycleError` (the source graph has a cycle): this
1029
+ * error fires before either check, at the moment the spec is being
1030
+ * normalized.
1031
+ *
1032
+ * Today the trigger cases are all about the `query` / `unionSources`
1033
+ * dichotomy introduced by #165:
1034
+ * - both `query` and `unionSources` were set (mutually exclusive),
1035
+ * - neither `query` nor `unionSources` was set,
1036
+ * - `unionSources` has fewer than 2 arms,
1037
+ * - two arms in `unionSources` reference the same `collection`.
1038
+ *
1039
+ * The error message is prefixed with `[noy-db] withMaterializedView:`
1040
+ * so it's grep-friendly in logs and looks consistent with the existing
1041
+ * `ValidationError` messages from the same factory.
1042
+ */
1043
+ declare class MaterializedViewConfigError extends NoydbError {
1044
+ constructor(message: string);
1045
+ }
979
1046
  /**
980
1047
  * Thrown at vault open when a `withOverlayedView` declaration uses
981
1048
  * another virtual-overlay name as its `base`. Multi-overlay stacking
@@ -1788,6 +1855,7 @@ declare class Query<T> {
1788
1855
  * per record and can't be index-accelerated.
1789
1856
  */
1790
1857
  groupBy<F extends string>(field: F): GroupedQuery<T, F>;
1858
+ groupBy<F extends readonly [string, string, ...string[]]>(...fields: F): GroupedQueryN<T, F>;
1791
1859
  /**
1792
1860
  * Re-run the query whenever the source notifies of changes.
1793
1861
  * Returns an unsubscribe function. The callback receives the latest result.
@@ -2167,4 +2235,4 @@ declare class ScanBuilder<T> implements AsyncIterable<T> {
2167
2235
  private recordMatches;
2168
2236
  }
2169
2237
 
2170
- export { type LiveQuery as $, AmendmentForbiddenError as A, BackupCorruptedError as B, ConflictError as C, DictKeyInUseError as D, ElevationExpiredError as E, FieldFrozenError as F, GroupCardinalityError as G, IndexRequiredError as H, InvariantError as I, IndexWriteFailureError as J, InvalidKeyError as K, LocaleNotSpecifiedError as L, MissingTranslationError as M, NoydbError as N, OverlayBaseIsVirtualError as O, type JoinContext as P, Query as Q, ReservedCollectionNameError as R, SessionExpiredError as S, TranslatorNotConfiguredError as T, type JoinLeg as U, type JoinStrategy as V, JoinTooLargeError as W, type JoinableSource as X, KeyringCorruptError as Y, KeyringExpiredError as Z, LedgerContentionError as _, DictKeyMissingError as a, type LiveUpstream as a0, NetworkError as a1, NoAccessError as a2, NotFoundError as a3, type OrderBy as a4, PathEscapeError as a5, PeriodClosedError as a6, PermissionDeniedError as a7, PrivilegeEscalationError as a8, type QueryPlan as a9, type QuerySource as aa, ReadOnlyAtInstantError as ab, ReadOnlyError as ac, ReadOnlyFrameError as ad, type RefDescriptor as ae, RefIntegrityError as af, type RefMode as ag, RefRegistry as ah, RefScopeError as ai, type RefViolation as aj, ScanBuilder as ak, type ScanPageProvider as al, SchemaValidationError as am, StoreCapabilityError as an, TamperedError as ao, TierDemoteDeniedError as ap, TierNotGrantedError as aq, ValidationError as ar, applyJoins as as, buildLiveQuery as at, executePlan as au, ref as av, resetJoinWarnings as aw, SessionNotFoundError as b, SessionPolicyError as c, RecordLockedError as d, DerivationCycleError as e, DerivationDepthError as f, DerivationOutputShapeError as g, DerivationOutputUnknownError as h, OverlayCollectionUnavailableError as i, OverlayIdMismatchError as j, OverlayNameCollisionError as k, MaterializedViewCycleError as l, MaterializedViewSourceUnknownError as m, MaterializedViewTooLargeError as n, AlreadyElevatedError as o, BackupLedgerError as p, BundleIntegrityError as q, BundleVersionConflictError as r, DEFAULT_JOIN_MAX_ROWS as s, DanglingReferenceError as t, DecryptionError as u, DelegationTargetMissingError as v, DirectoryDisabledError as w, ExportCapabilityError as x, FilenameSanitizationError as y, ImportCapabilityError as z };
2238
+ export { KeyringCorruptError as $, AmendmentForbiddenError as A, BackupCorruptedError as B, ConflictError as C, DictKeyInUseError as D, ElevationExpiredError as E, FieldFrozenError as F, ExportCapabilityError as G, FilenameSanitizationError as H, InvariantError as I, GroupCardinalityError as J, ImportCapabilityError as K, LocaleNotSpecifiedError as L, MissingTranslationError as M, NoydbError as N, OverlayBaseIsVirtualError as O, IndexRequiredError as P, Query as Q, ReservedCollectionNameError as R, SessionExpiredError as S, TranslatorNotConfiguredError as T, IndexWriteFailureError as U, InvalidKeyError as V, type JoinContext as W, type JoinLeg as X, type JoinStrategy as Y, JoinTooLargeError as Z, type JoinableSource as _, DictKeyMissingError as a, KeyringExpiredError as a0, LedgerContentionError as a1, type LiveQuery as a2, type LiveUpstream as a3, NetworkError as a4, NoAccessError as a5, NotFoundError as a6, type OrderBy as a7, PathEscapeError as a8, PeriodClosedError as a9, PermissionDeniedError as aa, PrivilegeEscalationError as ab, type QueryPlan as ac, type QuerySource as ad, ReadOnlyAtInstantError as ae, ReadOnlyError as af, ReadOnlyFrameError as ag, type RefDescriptor as ah, RefIntegrityError as ai, type RefMode as aj, RefRegistry as ak, RefScopeError as al, type RefViolation as am, ScanBuilder as an, type ScanPageProvider as ao, SchemaValidationError as ap, StoreCapabilityError as aq, TamperedError as ar, TierDemoteDeniedError as as, TierNotGrantedError as at, ValidationError as au, applyJoins as av, buildLiveQuery as aw, executePlan as ax, ref as ay, resetJoinWarnings as az, SessionNotFoundError as b, SessionPolicyError as c, RecordLockedError as d, DerivationCapExceededError as e, DerivationCycleError as f, DerivationDepthError as g, DerivationOutputShapeError as h, DerivationOutputUnknownError as i, OverlayCollectionUnavailableError as j, OverlayIdMismatchError as k, OverlayNameCollisionError as l, MaterializedViewConfigError as m, MaterializedViewCycleError as n, MaterializedViewSourceUnknownError as o, MaterializedViewTooLargeError as p, AlreadyElevatedError as q, BackupLedgerError as r, BundleIntegrityError as s, BundleSealMismatchError as t, BundleVersionConflictError as u, DEFAULT_JOIN_MAX_ROWS as v, DanglingReferenceError as w, DecryptionError as x, DelegationTargetMissingError as y, DirectoryDisabledError as z };
@@ -1,5 +1,5 @@
1
1
  import { C as CollectionIndexes, a as Clause, O as Operator } from './predicate-Dnu81tsS.cjs';
2
- import { A as AggregateStrategy, b as AggregateSpec, c as Aggregation, a as AggregateResult, g as GroupedQuery } from './strategy-D-SrOLCl.cjs';
2
+ import { A as AggregateStrategy, b as AggregateSpec, c as Aggregation, a as AggregateResult, g as GroupedQuery, h as GroupedQueryN } from './strategy-DSTrsZ8t.cjs';
3
3
 
4
4
  /**
5
5
  * All NOYDB error classes — a single import surface for `catch` blocks and
@@ -662,6 +662,33 @@ declare class IndexWriteFailureError extends NoydbError {
662
662
  declare class BundleIntegrityError extends NoydbError {
663
663
  constructor(message: string);
664
664
  }
665
+ /**
666
+ * Thrown by `readNoydbBundle` (#197) when the bundle carries
667
+ * sealed per-user passphrases but no supplied `SealingKeyProvider`
668
+ * has a `.id` (= `pid`) matching the sealed entry's `pid`.
669
+ *
670
+ * Carries the failing pid + the user id so the recipient can
671
+ * surface an actionable prompt:
672
+ *
673
+ * ```
674
+ * BundleSealMismatchError: bundle carries sealed passphrase for user "alice"
675
+ * under provider "macos-keychain:com.acme.app/alice@acme.example",
676
+ * but no registered provider matches that pid.
677
+ * ```
678
+ *
679
+ * Three resolution paths the message names (per foundation §11.9.4):
680
+ *
681
+ * 1. Configure a provider matching the pid and retry import.
682
+ * 2. Pass `attemptUnsealAcrossProviders: true` to try each
683
+ * registered provider regardless of pid.
684
+ * 3. Inspect without unsealing — pass no `sealingProviders` to
685
+ * receive the sealed entries unmodified for offline analysis.
686
+ */
687
+ declare class BundleSealMismatchError extends NoydbError {
688
+ readonly userId: string;
689
+ readonly pid: string;
690
+ constructor(userId: string, pid: string);
691
+ }
665
692
  /**
666
693
  * Thrown when `vault.collection()` is called with a name that is
667
694
  * reserved for NOYDB internal use (any name starting with `_dict_`).
@@ -942,6 +969,23 @@ declare class DerivationOutputShapeError extends NoydbError {
942
969
  readonly outputKey: string;
943
970
  constructor(outputKey: string, detail: string);
944
971
  }
972
+ /**
973
+ * Thrown by array-shape derivations (#200) when the `derive` function
974
+ * returns more rows than the output's `maxFanout` cap. The cap exists
975
+ * to keep dispatch cost bounded — without it a single source-row
976
+ * update could fan out to thousands of derived rows, dominating the
977
+ * write path.
978
+ *
979
+ * Defaults to `maxFanout: 64`. Raise on the output spec for
980
+ * carry-forward expansion cases (e.g. monthly rows across multi-year
981
+ * contracts).
982
+ */
983
+ declare class DerivationCapExceededError extends NoydbError {
984
+ readonly outputKey: string;
985
+ readonly returned: number;
986
+ readonly maxFanout: number;
987
+ constructor(outputKey: string, returned: number, maxFanout: number);
988
+ }
945
989
  /**
946
990
  * Thrown at vault open if the materialized-view graph contains a
947
991
  * cycle. `path` is the offending chain (e.g. `['a-mv', 'b-mv', 'a-mv']`).
@@ -976,6 +1020,29 @@ declare class MaterializedViewTooLargeError extends NoydbError {
976
1020
  readonly limit: number;
977
1021
  constructor(mvName: string, expected: number, limit: number);
978
1022
  }
1023
+ /**
1024
+ * Thrown by `withMaterializedView()` at registration time when the
1025
+ * strategy is structurally malformed. Distinct from
1026
+ * `MaterializedViewSourceUnknownError` (the source list is well-formed
1027
+ * but names a collection the vault doesn't know) and
1028
+ * `MaterializedViewCycleError` (the source graph has a cycle): this
1029
+ * error fires before either check, at the moment the spec is being
1030
+ * normalized.
1031
+ *
1032
+ * Today the trigger cases are all about the `query` / `unionSources`
1033
+ * dichotomy introduced by #165:
1034
+ * - both `query` and `unionSources` were set (mutually exclusive),
1035
+ * - neither `query` nor `unionSources` was set,
1036
+ * - `unionSources` has fewer than 2 arms,
1037
+ * - two arms in `unionSources` reference the same `collection`.
1038
+ *
1039
+ * The error message is prefixed with `[noy-db] withMaterializedView:`
1040
+ * so it's grep-friendly in logs and looks consistent with the existing
1041
+ * `ValidationError` messages from the same factory.
1042
+ */
1043
+ declare class MaterializedViewConfigError extends NoydbError {
1044
+ constructor(message: string);
1045
+ }
979
1046
  /**
980
1047
  * Thrown at vault open when a `withOverlayedView` declaration uses
981
1048
  * another virtual-overlay name as its `base`. Multi-overlay stacking
@@ -1788,6 +1855,7 @@ declare class Query<T> {
1788
1855
  * per record and can't be index-accelerated.
1789
1856
  */
1790
1857
  groupBy<F extends string>(field: F): GroupedQuery<T, F>;
1858
+ groupBy<F extends readonly [string, string, ...string[]]>(...fields: F): GroupedQueryN<T, F>;
1791
1859
  /**
1792
1860
  * Re-run the query whenever the source notifies of changes.
1793
1861
  * Returns an unsubscribe function. The callback receives the latest result.
@@ -2167,4 +2235,4 @@ declare class ScanBuilder<T> implements AsyncIterable<T> {
2167
2235
  private recordMatches;
2168
2236
  }
2169
2237
 
2170
- export { type LiveQuery as $, AmendmentForbiddenError as A, BackupCorruptedError as B, ConflictError as C, DictKeyInUseError as D, ElevationExpiredError as E, FieldFrozenError as F, GroupCardinalityError as G, IndexRequiredError as H, InvariantError as I, IndexWriteFailureError as J, InvalidKeyError as K, LocaleNotSpecifiedError as L, MissingTranslationError as M, NoydbError as N, OverlayBaseIsVirtualError as O, type JoinContext as P, Query as Q, ReservedCollectionNameError as R, SessionExpiredError as S, TranslatorNotConfiguredError as T, type JoinLeg as U, type JoinStrategy as V, JoinTooLargeError as W, type JoinableSource as X, KeyringCorruptError as Y, KeyringExpiredError as Z, LedgerContentionError as _, DictKeyMissingError as a, type LiveUpstream as a0, NetworkError as a1, NoAccessError as a2, NotFoundError as a3, type OrderBy as a4, PathEscapeError as a5, PeriodClosedError as a6, PermissionDeniedError as a7, PrivilegeEscalationError as a8, type QueryPlan as a9, type QuerySource as aa, ReadOnlyAtInstantError as ab, ReadOnlyError as ac, ReadOnlyFrameError as ad, type RefDescriptor as ae, RefIntegrityError as af, type RefMode as ag, RefRegistry as ah, RefScopeError as ai, type RefViolation as aj, ScanBuilder as ak, type ScanPageProvider as al, SchemaValidationError as am, StoreCapabilityError as an, TamperedError as ao, TierDemoteDeniedError as ap, TierNotGrantedError as aq, ValidationError as ar, applyJoins as as, buildLiveQuery as at, executePlan as au, ref as av, resetJoinWarnings as aw, SessionNotFoundError as b, SessionPolicyError as c, RecordLockedError as d, DerivationCycleError as e, DerivationDepthError as f, DerivationOutputShapeError as g, DerivationOutputUnknownError as h, OverlayCollectionUnavailableError as i, OverlayIdMismatchError as j, OverlayNameCollisionError as k, MaterializedViewCycleError as l, MaterializedViewSourceUnknownError as m, MaterializedViewTooLargeError as n, AlreadyElevatedError as o, BackupLedgerError as p, BundleIntegrityError as q, BundleVersionConflictError as r, DEFAULT_JOIN_MAX_ROWS as s, DanglingReferenceError as t, DecryptionError as u, DelegationTargetMissingError as v, DirectoryDisabledError as w, ExportCapabilityError as x, FilenameSanitizationError as y, ImportCapabilityError as z };
2238
+ export { KeyringCorruptError as $, AmendmentForbiddenError as A, BackupCorruptedError as B, ConflictError as C, DictKeyInUseError as D, ElevationExpiredError as E, FieldFrozenError as F, ExportCapabilityError as G, FilenameSanitizationError as H, InvariantError as I, GroupCardinalityError as J, ImportCapabilityError as K, LocaleNotSpecifiedError as L, MissingTranslationError as M, NoydbError as N, OverlayBaseIsVirtualError as O, IndexRequiredError as P, Query as Q, ReservedCollectionNameError as R, SessionExpiredError as S, TranslatorNotConfiguredError as T, IndexWriteFailureError as U, InvalidKeyError as V, type JoinContext as W, type JoinLeg as X, type JoinStrategy as Y, JoinTooLargeError as Z, type JoinableSource as _, DictKeyMissingError as a, KeyringExpiredError as a0, LedgerContentionError as a1, type LiveQuery as a2, type LiveUpstream as a3, NetworkError as a4, NoAccessError as a5, NotFoundError as a6, type OrderBy as a7, PathEscapeError as a8, PeriodClosedError as a9, PermissionDeniedError as aa, PrivilegeEscalationError as ab, type QueryPlan as ac, type QuerySource as ad, ReadOnlyAtInstantError as ae, ReadOnlyError as af, ReadOnlyFrameError as ag, type RefDescriptor as ah, RefIntegrityError as ai, type RefMode as aj, RefRegistry as ak, RefScopeError as al, type RefViolation as am, ScanBuilder as an, type ScanPageProvider as ao, SchemaValidationError as ap, StoreCapabilityError as aq, TamperedError as ar, TierDemoteDeniedError as as, TierNotGrantedError as at, ValidationError as au, applyJoins as av, buildLiveQuery as aw, executePlan as ax, ref as ay, resetJoinWarnings as az, SessionNotFoundError as b, SessionPolicyError as c, RecordLockedError as d, DerivationCapExceededError as e, DerivationCycleError as f, DerivationDepthError as g, DerivationOutputShapeError as h, DerivationOutputUnknownError as i, OverlayCollectionUnavailableError as j, OverlayIdMismatchError as k, OverlayNameCollisionError as l, MaterializedViewConfigError as m, MaterializedViewCycleError as n, MaterializedViewSourceUnknownError as o, MaterializedViewTooLargeError as p, AlreadyElevatedError as q, BackupLedgerError as r, BundleIntegrityError as s, BundleSealMismatchError as t, BundleVersionConflictError as u, DEFAULT_JOIN_MAX_ROWS as v, DanglingReferenceError as w, DecryptionError as x, DelegationTargetMissingError as y, DirectoryDisabledError as z };