@noy-db/hub 0.1.0-pre.8 → 0.1.0-pre.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/blobs/index.cjs.map +1 -1
- package/dist/blobs/index.d.cts +2 -2
- package/dist/blobs/index.d.ts +2 -2
- package/dist/blobs/index.js +2 -2
- package/dist/bundle/index.d.cts +2 -2
- package/dist/bundle/index.d.ts +2 -2
- package/dist/bundle/index.js +3 -3
- package/dist/{chunk-R2ZTGEVP.js → chunk-2CSJGFCB.js} +2 -2
- package/dist/{chunk-TOQK4KAN.js → chunk-4PWAI7Q4.js} +3 -3
- package/dist/{chunk-HC7Z5EQZ.js → chunk-AVVPZ4BC.js} +2 -2
- package/dist/{chunk-WN6UK7PM.js → chunk-EXHNQEV4.js} +2 -2
- package/dist/{chunk-2WGMYBYS.js → chunk-MDDTIZUO.js} +3 -3
- package/dist/{chunk-RSPLI376.js → chunk-PTVMYYON.js} +2 -2
- package/dist/{chunk-Y4CMTMUW.js → chunk-QAVUREFT.js} +2 -2
- package/dist/{chunk-7XBQS42M.js → chunk-QGZRWRSL.js} +2 -2
- package/dist/{chunk-PJK6IOBC.js → chunk-RKJ6OL7K.js} +1 -1
- package/dist/{chunk-PJK6IOBC.js.map → chunk-RKJ6OL7K.js.map} +1 -1
- package/dist/{chunk-YVFTBQHL.js → chunk-WDM5XGGS.js} +39 -2
- package/dist/chunk-WDM5XGGS.js.map +1 -0
- package/dist/consent/index.d.cts +2 -2
- package/dist/consent/index.d.ts +2 -2
- package/dist/{dev-unlock-BygpnIWe.d.ts → dev-unlock-BdPp68qn.d.ts} +1 -1
- package/dist/{dev-unlock-BZKx666y.d.cts → dev-unlock-Da1B0TIK.d.cts} +1 -1
- package/dist/{hash-CIyfmKsg.d.cts → hash-BEfzPKwo.d.cts} +1 -1
- package/dist/{hash-B0eU2Qv9.d.ts → hash-lsoL3eEW.d.ts} +1 -1
- package/dist/history/index.cjs.map +1 -1
- package/dist/history/index.d.cts +3 -3
- package/dist/history/index.d.ts +3 -3
- package/dist/history/index.js +2 -2
- package/dist/i18n/index.cjs.map +1 -1
- package/dist/i18n/index.d.cts +2 -2
- package/dist/i18n/index.d.ts +2 -2
- package/dist/i18n/index.js +3 -3
- package/dist/{index-Dp4tKCjX.d.ts → index-8QDuznDr.d.ts} +1 -1
- package/dist/{index-DsVbTDZI.d.cts → index-CywCC1qZ.d.cts} +1 -1
- package/dist/index.cjs +206 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +5 -5
- package/dist/index.d.ts +5 -5
- package/dist/index.js +182 -13
- package/dist/index.js.map +1 -1
- package/dist/{ledger-UQIMMKO5.js → ledger-QZTTHQAQ.js} +3 -3
- package/dist/periods/index.cjs.map +1 -1
- package/dist/periods/index.d.cts +2 -2
- package/dist/periods/index.d.ts +2 -2
- package/dist/periods/index.js +3 -3
- package/dist/{public-envelope-3QTQADDW.js → public-envelope-6JTACYJV.js} +3 -3
- package/dist/session/index.d.cts +3 -3
- package/dist/session/index.d.ts +3 -3
- package/dist/shadow/index.d.cts +2 -2
- package/dist/shadow/index.d.ts +2 -2
- package/dist/store/index.d.cts +2 -2
- package/dist/store/index.d.ts +2 -2
- package/dist/sync/index.cjs.map +1 -1
- package/dist/sync/index.d.cts +1 -1
- package/dist/sync/index.d.ts +1 -1
- package/dist/sync/index.js +2 -2
- package/dist/team/index.cjs.map +1 -1
- package/dist/team/index.d.cts +2 -2
- package/dist/team/index.d.ts +2 -2
- package/dist/team/index.js +4 -4
- package/dist/tx/index.d.cts +2 -2
- package/dist/tx/index.d.ts +2 -2
- package/dist/{types-arFMsCtn.d.cts → types-Bnb82f5R.d.cts} +176 -4
- package/dist/{types-DD9eKKNc.d.ts → types-Bo7NSXJr.d.ts} +176 -4
- package/package.json +1 -1
- package/dist/chunk-YVFTBQHL.js.map +0 -1
- /package/dist/{chunk-R2ZTGEVP.js.map → chunk-2CSJGFCB.js.map} +0 -0
- /package/dist/{chunk-TOQK4KAN.js.map → chunk-4PWAI7Q4.js.map} +0 -0
- /package/dist/{chunk-HC7Z5EQZ.js.map → chunk-AVVPZ4BC.js.map} +0 -0
- /package/dist/{chunk-WN6UK7PM.js.map → chunk-EXHNQEV4.js.map} +0 -0
- /package/dist/{chunk-2WGMYBYS.js.map → chunk-MDDTIZUO.js.map} +0 -0
- /package/dist/{chunk-RSPLI376.js.map → chunk-PTVMYYON.js.map} +0 -0
- /package/dist/{chunk-Y4CMTMUW.js.map → chunk-QAVUREFT.js.map} +0 -0
- /package/dist/{chunk-7XBQS42M.js.map → chunk-QGZRWRSL.js.map} +0 -0
- /package/dist/{ledger-UQIMMKO5.js.map → ledger-QZTTHQAQ.js.map} +0 -0
- /package/dist/{public-envelope-3QTQADDW.js.map → public-envelope-6JTACYJV.js.map} +0 -0
package/dist/index.d.cts
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
import { at as NoydbStore, aR as UserEnvelope, aS as PublicEnvelope, aT as GateName, aU as GatePolicy, aV as VaultPolicy, aW as ActiveTier, aX as FactorProof, ar as UnlockedKeyring, aY as Vault, aA as DiffEntry } from './types-
|
|
2
|
-
export { aZ as AccessibleVault, ax as AppendInput, p as BLOB_CHUNKS_COLLECTION, q as BLOB_COLLECTION, t as BLOB_INDEX_COLLECTION, u as BLOB_SLOTS_PREFIX, w as BLOB_VERSIONS_PREFIX, a_ as BUNDLE_STORE_POLICY, A as BlobObject, C as BlobPutOptions, E as BlobResponseOptions, F as BlobSet, a$ as BuiltInGateName, b0 as BundleRecipient, _ as CONSENT_AUDIT_COLLECTION, b1 as CacheOptions, b2 as CacheStats, b3 as ChangeEvent, ay as ChangeType, a7 as ClosePeriodOptions, b4 as Collection, b5 as CollectionChangeEvent, b6 as CollectionConflictResolver, ai as CollectionFrame, az as CollectionInstant, b7 as Conflict, b8 as ConflictPolicy, b9 as ConflictStrategy, $ as ConsentAuditEntry, a0 as ConsentAuditFilter, a1 as ConsentContext, a2 as ConsentOp, ba as CrossTierAccessEvent, L as DEFAULT_CHUNK_SIZE, bb as DEFAULT_PUBLIC_ENVELOPE_SCHEMA, bc as DELEGATIONS_COLLECTION, D as DICT_COLLECTION_PREFIX, bd as DeepPartial, be as
|
|
1
|
+
import { at as NoydbStore, aR as UserEnvelope, aS as PublicEnvelope, aT as GateName, aU as GatePolicy, aV as VaultPolicy, aW as ActiveTier, aX as FactorProof, ar as UnlockedKeyring, aY as Vault, aA as DiffEntry } from './types-Bnb82f5R.cjs';
|
|
2
|
+
export { aZ as AccessibleVault, ax as AppendInput, p as BLOB_CHUNKS_COLLECTION, q as BLOB_COLLECTION, t as BLOB_INDEX_COLLECTION, u as BLOB_SLOTS_PREFIX, w as BLOB_VERSIONS_PREFIX, a_ as BUNDLE_STORE_POLICY, A as BlobObject, C as BlobPutOptions, E as BlobResponseOptions, F as BlobSet, a$ as BuiltInGateName, b0 as BundleRecipient, _ as CONSENT_AUDIT_COLLECTION, b1 as CacheOptions, b2 as CacheStats, b3 as ChangeEvent, ay as ChangeType, a7 as ClosePeriodOptions, b4 as Collection, b5 as CollectionChangeEvent, b6 as CollectionConflictResolver, ai as CollectionFrame, az as CollectionInstant, b7 as Conflict, b8 as ConflictPolicy, b9 as ConflictStrategy, $ as ConsentAuditEntry, a0 as ConsentAuditFilter, a1 as ConsentContext, a2 as ConsentOp, ba as CrossTierAccessEvent, L as DEFAULT_CHUNK_SIZE, bb as DEFAULT_PUBLIC_ENVELOPE_SCHEMA, bc as DELEGATIONS_COLLECTION, D as DICT_COLLECTION_PREFIX, bd as DeepPartial, be as DeepPartialOrNull, bf as DelegationToken, bg as DeleteManyResult, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, bh as DirtyEntry, bi as ELEVATION_AUDIT_COLLECTION, bj as ElevatedHandle, av as EncryptedEnvelope, bk as EnrollAuthenticatorOptions, bl as ExportCapability, bm as ExportChunk, bn as ExportFormat, bo as ExportStreamOptions, bp as FactorKind, bq as FactorRequirement, br as GhostRecord, bs as GrantOptions, bt as HistoryConfig, bu as HistoryEntry, au as HistoryOptions, e as I18nTextDescriptor, f as I18nTextOptions, bv as INDEXED_STORE_POLICY, bw as ImportCapability, bx as InferOutput, by as IssueDelegationOptions, bz as IssueMagicLinkGrantOptions, aB as JsonPatch, aC as JsonPatchOp, bA as KeyringAuthenticator, bB as KeyringFile, aD as LedgerEntry, aE as LedgerStore, bC as ListAccessibleVaultsOptions, bD as ListPageResult, bE as LiveUserEnvelope, bF as LocaleReadOptions, bG as Lru, bH as LruOptions, bI as LruStats, bJ as MAGIC_LINK_CONTENT_INFO_PREFIX, bK as MAGIC_LINK_GRANTS_COLLECTION, bL as MAGIC_LINK_KEK_INFO_PREFIX, bM as MagicLinkGrantPayload, bN as MagicLinkGrantRecord, bO as NOYDB_BACKUP_VERSION, bP as NOYDB_FORMAT_VERSION, bQ as NOYDB_KEYRING_VERSION, bR as NOYDB_SYNC_VERSION, bS as Noydb, bT as NoydbBundleStore, bU as NoydbEventMap, bV as NoydbOptions, a8 as OpenPeriodOptions, a9 as PERIODS_COLLECTION, bW as PUBLIC_ENVELOPE_FIELDS, bX as PaperRecoveryDoc, bY as PaperRecoveryEntry, bZ as PassphrasePolicy, b_ as PassphraseValidationResult, aa as PeriodRecord, b$ as Permission, c0 as Permissions, c1 as PlaintextTranslatorContext, c2 as PlaintextTranslatorFn, P as PolicyEnforcer, c3 as PresenceHandle, c4 as PresencePeer, aw as PruneOptions, c5 as PublicEnvelopeField, c6 as PublicEnvelopeSchema, c7 as PublicEnvelopeText, c8 as PullMode, c9 as PullOptions, ca as PullPolicy, cb as PullResult, cc as PushMode, cd as PushOptions, ce as PushPolicy, cf as PushResult, cg as PutManyItemOptions, ch as PutManyOptions, ci as PutManyResult, cj as QueryAcrossOptions, ck as QueryAcrossResult, cl as QuickUnlockState, cm as QuickUnlockStore, cn as ReAuthOperation, co as RecoverPassphraseInput, cp as RecoverPassphraseResult, cq as RecoverUserOptions, cr as RecoveryProof, cs as ResolvedPublicEnvelopeSchema, ct as RevokeOptions, aq as Role, cu as RotatePassphraseInput, cv as SessionPolicy, cw as SetPublicEnvelopeInput, U as SlotInfo, V as SlotRecord, cx as SlotRewrapCeremony, cy as SlotRewrapContext, cz as StandardSchemaV1, cA as StandardSchemaV1Issue, cB as StandardSchemaV1SyncResult, cC as StoreAuth, cD as StoreAuthKind, cE as StoreCapabilities, cF as SyncEngine, cG as SyncMetadata, cH as SyncPolicy, cI as SyncScheduler, cJ as SyncSchedulerStatus, cK as SyncStatus, cL as SyncTarget, cM as SyncTargetRole, cN as SyncTransaction, cO as SyncTransactionResult, cP as TierMode, cQ as TranslatorAuditEntry, al as TxCollection, am as TxContext, cR as TxOp, an as TxVault, cS as USER_ENVELOPE_COLLECTION, cT as USER_ENVELOPE_MAX_BYTES, cU as Unsubscribe, cV as UpdateAuthenticatorOptions, cW as UpdateUserOptions, cX as UserApi, cY as UserEnvelopeCheckGate, cZ as UserEnvelopeOversizedError, c_ as UserEnvelopePresented, c$ as UserInfo, d0 as VaultBackup, aF as VaultEngine, aj as VaultFrame, aG as VaultInstant, d1 as VaultPolicyOnDisk, d2 as VaultSnapshot, aH as VerifyResult, W as VersionRecord, d3 as WarningRules, d4 as WeakPassphraseError, d5 as WeakPassphraseReason, d6 as WrappedDeksBlob, g as applyI18nLocale, aI as applyPatch, d7 as assertStrongPassphrase, d8 as buildRecipientKeyringFile, d9 as burnPaperRecoveryEntry, aJ as canonicalJson, aK as computePatch, n as createEnforcer, da as createNoydb, db as createStore, dc as deriveMagicLinkContentKey, h as dictCollectionName, i as dictKey, aL as diff, dd as enrollAuthenticator, de as estimateEntropy, df as evaluateExportCapability, dg as evaluateImportCapability, dh as findAuthenticator, aM as formatDiff, di as hasExportCapability, dj as hasImportCapability, dk as hasRecoveryEnrolled, aN as hashEntry, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, dl as isMagicLinkGrantExpired, dm as isPublicEnvelope, dn as issueDelegation, dp as keyringRecoverPassphrase, dq as keyringRotatePassphrase, dr as listMagicLinkGrants, ds as listUsers, dt as listUsersWithEnvelopes, du as loadActiveDelegations, dv as loadPaperRecoveryEntries, dw as magicLinkGrantRecordId, dx as mintPaperRecoveryEntry, dy as mintWrappedDeksBlob, aO as paddedIndex, aP as parseIndex, dz as readMagicLinkGrantRecord, dA as recoverUser, dB as removeAuthenticator, r as resolveI18nText, dC as resolvePublicEnvelopeSchema, dD as revokeDelegation, dE as revokeMagicLinkGrant, ao as runTransaction, dF as savePaperRecoveryEntries, aQ as sha256Hex, dG as unwrapDeksFromBlob, dH as unwrapDeksFromPaperEntry, dI as unwrapMagicLinkGrant, v as validateI18nTextValue, dJ as validatePassphrase, dK as validatePublicEnvelopeInput, dL as validateSchemaInput, dM as validateSchemaOutput, o as validateSessionPolicy, dN as writeMagicLinkGrant } from './types-Bnb82f5R.cjs';
|
|
3
3
|
export { d as detectMagic, a as detectMimeType, i as isPreCompressed } from './mime-magic-CBBSOkjm.cjs';
|
|
4
4
|
export { AgeRoute, BlobLifecyclePolicy, BlobStoreRoute, CircuitBreakerOptions, HealthCheckOptions, LogLevel, LoggingOptions, MetricsOptions, OverrideOptions, OverrideTarget, RetryOptions, RouteStatus, RouteStoreOptions, RoutedNoydbStore, StoreCacheOptions, StoreMiddleware, StoreOperation, SuspendOptions, WrapBundleStoreOptions, WrappedBundleNoydbStore, createBundleStore, routeStore, withCache, withCircuitBreaker, withHealthCheck, withLogging, withMetrics, withRetry, wrapBundleStore, wrapStore } from './store/index.cjs';
|
|
5
5
|
import { N as NoydbError } from './index-6xNpPsxR.cjs';
|
|
6
6
|
export { A as AlreadyElevatedError, B as BackupCorruptedError, a as BackupLedgerError, b as BundleIntegrityError, c as BundleVersionConflictError, C as ConflictError, D as DEFAULT_JOIN_MAX_ROWS, d as DanglingReferenceError, e as DecryptionError, f as DelegationTargetMissingError, g as DictKeyInUseError, h as DictKeyMissingError, E as ElevationExpiredError, i as ExportCapabilityError, F as FilenameSanitizationError, G as GroupCardinalityError, I as ImportCapabilityError, j as IndexRequiredError, k as IndexWriteFailureError, l as InvalidKeyError, J as JoinContext, m as JoinLeg, n as JoinStrategy, o as JoinTooLargeError, p as JoinableSource, K as KeyringExpiredError, L as LedgerContentionError, q as LiveQuery, r as LiveUpstream, s as LocaleNotSpecifiedError, M as MissingTranslationError, t as NetworkError, u as NoAccessError, v as NotFoundError, O as OrderBy, P as PathEscapeError, w as PeriodClosedError, x as PermissionDeniedError, y as PrivilegeEscalationError, Q as Query, z as QueryPlan, H as QuerySource, R as ReadOnlyAtInstantError, S as ReadOnlyError, T as ReadOnlyFrameError, U as RefDescriptor, V as RefIntegrityError, W as RefMode, X as RefRegistry, Y as RefScopeError, Z as RefViolation, _ as ReservedCollectionNameError, $ as ScanBuilder, a0 as ScanPageProvider, a1 as SchemaValidationError, a2 as SessionExpiredError, a3 as SessionNotFoundError, a4 as SessionPolicyError, a5 as StoreCapabilityError, a6 as TamperedError, a7 as TierDemoteDeniedError, a8 as TierNotGrantedError, a9 as TranslatorNotConfiguredError, aa as ValidationError, ab as applyJoins, ac as buildLiveQuery, ad as executePlan, ae as ref, af as resetJoinWarnings } from './index-6xNpPsxR.cjs';
|
|
7
|
-
export { C as CompressionAlgo, N as NOYDB_BUNDLE_FORMAT_VERSION, a as NOYDB_BUNDLE_MAGIC, b as NOYDB_BUNDLE_PREFIX_BYTES, c as NoydbBundleHeader, d as NoydbBundleReadResult, W as WriteNoydbBundleOptions, g as generateULID, h as hasNoydbBundleMagic, i as isULID, r as readNoydbBundle, e as readNoydbBundleHeader, f as readNoydbBundlePublicEnvelope, j as resetBrotliSupportCache, w as writeNoydbBundle } from './index-
|
|
7
|
+
export { C as CompressionAlgo, N as NOYDB_BUNDLE_FORMAT_VERSION, a as NOYDB_BUNDLE_MAGIC, b as NOYDB_BUNDLE_PREFIX_BYTES, c as NoydbBundleHeader, d as NoydbBundleReadResult, W as WriteNoydbBundleOptions, g as generateULID, h as hasNoydbBundleMagic, i as isULID, r as readNoydbBundle, e as readNoydbBundleHeader, f as readNoydbBundlePublicEnvelope, j as resetBrotliSupportCache, w as writeNoydbBundle } from './index-CywCC1qZ.cjs';
|
|
8
8
|
export { a as CrdtMode, b as CrdtState, L as LwwMapState, R as RgaState, Y as YjsState, m as mergeCrdtStates, r as resolveCrdtSnapshot } from './strategy-BSxFXGzb.cjs';
|
|
9
9
|
export { SYNC_CREDENTIALS_COLLECTION, SyncCredential, credentialStatus, deleteCredential, getCredential, listCredentials, putCredential } from './team/index.cjs';
|
|
10
|
-
export { C as CreateSessionOptions, a as CreateSessionResult, D as DevUnlockOptions, S as SessionToken, b as activeSessionCount, c as clearDevUnlock, d as createSession, e as enableDevUnlock, i as isDevUnlockActive, f as isSessionAlive, l as loadDevUnlock, r as resolveSession, g as revokeAllSessions, h as revokeSession } from './dev-unlock-
|
|
10
|
+
export { C as CreateSessionOptions, a as CreateSessionResult, D as DevUnlockOptions, S as SessionToken, b as activeSessionCount, c as clearDevUnlock, d as createSession, e as enableDevUnlock, i as isDevUnlockActive, f as isSessionAlive, l as loadDevUnlock, r as resolveSession, g as revokeAllSessions, h as revokeSession } from './dev-unlock-Da1B0TIK.cjs';
|
|
11
11
|
export { a as Clause, C as CollectionIndexes, F as FieldClause, b as FilterClause, G as GroupClause, H as HashIndex, I as IndexDef, O as Operator, e as evaluateClause, c as evaluateFieldClause, r as readPath } from './predicate-SBHmi6D0.cjs';
|
|
12
12
|
export { a as AggregateResult, b as AggregateSpec, c as Aggregation, d as AggregationUpstream, G as GROUPBY_MAX_CARDINALITY, e as GROUPBY_WARN_CARDINALITY, f as GroupedAggregation, g as GroupedQuery, h as GroupedRow, L as LiveAggregation, R as Reducer, i as ReducerOptions, j as avg, l as count, m as groupAndReduce, n as max, o as min, r as reduceRecords, s as sum } from './strategy-D-SrOLCl.cjs';
|
|
13
|
-
export { L as LEDGER_COLLECTION, a as LEDGER_DELTAS_COLLECTION, e as envelopePayloadHash } from './hash-
|
|
13
|
+
export { L as LEDGER_COLLECTION, a as LEDGER_DELTAS_COLLECTION, e as envelopePayloadHash } from './hash-BEfzPKwo.cjs';
|
|
14
14
|
import './lazy-builder-CZVLKh0Z.cjs';
|
|
15
15
|
|
|
16
16
|
/**
|
package/dist/index.d.ts
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
import { at as NoydbStore, aR as UserEnvelope, aS as PublicEnvelope, aT as GateName, aU as GatePolicy, aV as VaultPolicy, aW as ActiveTier, aX as FactorProof, ar as UnlockedKeyring, aY as Vault, aA as DiffEntry } from './types-
|
|
2
|
-
export { aZ as AccessibleVault, ax as AppendInput, p as BLOB_CHUNKS_COLLECTION, q as BLOB_COLLECTION, t as BLOB_INDEX_COLLECTION, u as BLOB_SLOTS_PREFIX, w as BLOB_VERSIONS_PREFIX, a_ as BUNDLE_STORE_POLICY, A as BlobObject, C as BlobPutOptions, E as BlobResponseOptions, F as BlobSet, a$ as BuiltInGateName, b0 as BundleRecipient, _ as CONSENT_AUDIT_COLLECTION, b1 as CacheOptions, b2 as CacheStats, b3 as ChangeEvent, ay as ChangeType, a7 as ClosePeriodOptions, b4 as Collection, b5 as CollectionChangeEvent, b6 as CollectionConflictResolver, ai as CollectionFrame, az as CollectionInstant, b7 as Conflict, b8 as ConflictPolicy, b9 as ConflictStrategy, $ as ConsentAuditEntry, a0 as ConsentAuditFilter, a1 as ConsentContext, a2 as ConsentOp, ba as CrossTierAccessEvent, L as DEFAULT_CHUNK_SIZE, bb as DEFAULT_PUBLIC_ENVELOPE_SCHEMA, bc as DELEGATIONS_COLLECTION, D as DICT_COLLECTION_PREFIX, bd as DeepPartial, be as
|
|
1
|
+
import { at as NoydbStore, aR as UserEnvelope, aS as PublicEnvelope, aT as GateName, aU as GatePolicy, aV as VaultPolicy, aW as ActiveTier, aX as FactorProof, ar as UnlockedKeyring, aY as Vault, aA as DiffEntry } from './types-Bo7NSXJr.js';
|
|
2
|
+
export { aZ as AccessibleVault, ax as AppendInput, p as BLOB_CHUNKS_COLLECTION, q as BLOB_COLLECTION, t as BLOB_INDEX_COLLECTION, u as BLOB_SLOTS_PREFIX, w as BLOB_VERSIONS_PREFIX, a_ as BUNDLE_STORE_POLICY, A as BlobObject, C as BlobPutOptions, E as BlobResponseOptions, F as BlobSet, a$ as BuiltInGateName, b0 as BundleRecipient, _ as CONSENT_AUDIT_COLLECTION, b1 as CacheOptions, b2 as CacheStats, b3 as ChangeEvent, ay as ChangeType, a7 as ClosePeriodOptions, b4 as Collection, b5 as CollectionChangeEvent, b6 as CollectionConflictResolver, ai as CollectionFrame, az as CollectionInstant, b7 as Conflict, b8 as ConflictPolicy, b9 as ConflictStrategy, $ as ConsentAuditEntry, a0 as ConsentAuditFilter, a1 as ConsentContext, a2 as ConsentOp, ba as CrossTierAccessEvent, L as DEFAULT_CHUNK_SIZE, bb as DEFAULT_PUBLIC_ENVELOPE_SCHEMA, bc as DELEGATIONS_COLLECTION, D as DICT_COLLECTION_PREFIX, bd as DeepPartial, be as DeepPartialOrNull, bf as DelegationToken, bg as DeleteManyResult, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, bh as DirtyEntry, bi as ELEVATION_AUDIT_COLLECTION, bj as ElevatedHandle, av as EncryptedEnvelope, bk as EnrollAuthenticatorOptions, bl as ExportCapability, bm as ExportChunk, bn as ExportFormat, bo as ExportStreamOptions, bp as FactorKind, bq as FactorRequirement, br as GhostRecord, bs as GrantOptions, bt as HistoryConfig, bu as HistoryEntry, au as HistoryOptions, e as I18nTextDescriptor, f as I18nTextOptions, bv as INDEXED_STORE_POLICY, bw as ImportCapability, bx as InferOutput, by as IssueDelegationOptions, bz as IssueMagicLinkGrantOptions, aB as JsonPatch, aC as JsonPatchOp, bA as KeyringAuthenticator, bB as KeyringFile, aD as LedgerEntry, aE as LedgerStore, bC as ListAccessibleVaultsOptions, bD as ListPageResult, bE as LiveUserEnvelope, bF as LocaleReadOptions, bG as Lru, bH as LruOptions, bI as LruStats, bJ as MAGIC_LINK_CONTENT_INFO_PREFIX, bK as MAGIC_LINK_GRANTS_COLLECTION, bL as MAGIC_LINK_KEK_INFO_PREFIX, bM as MagicLinkGrantPayload, bN as MagicLinkGrantRecord, bO as NOYDB_BACKUP_VERSION, bP as NOYDB_FORMAT_VERSION, bQ as NOYDB_KEYRING_VERSION, bR as NOYDB_SYNC_VERSION, bS as Noydb, bT as NoydbBundleStore, bU as NoydbEventMap, bV as NoydbOptions, a8 as OpenPeriodOptions, a9 as PERIODS_COLLECTION, bW as PUBLIC_ENVELOPE_FIELDS, bX as PaperRecoveryDoc, bY as PaperRecoveryEntry, bZ as PassphrasePolicy, b_ as PassphraseValidationResult, aa as PeriodRecord, b$ as Permission, c0 as Permissions, c1 as PlaintextTranslatorContext, c2 as PlaintextTranslatorFn, P as PolicyEnforcer, c3 as PresenceHandle, c4 as PresencePeer, aw as PruneOptions, c5 as PublicEnvelopeField, c6 as PublicEnvelopeSchema, c7 as PublicEnvelopeText, c8 as PullMode, c9 as PullOptions, ca as PullPolicy, cb as PullResult, cc as PushMode, cd as PushOptions, ce as PushPolicy, cf as PushResult, cg as PutManyItemOptions, ch as PutManyOptions, ci as PutManyResult, cj as QueryAcrossOptions, ck as QueryAcrossResult, cl as QuickUnlockState, cm as QuickUnlockStore, cn as ReAuthOperation, co as RecoverPassphraseInput, cp as RecoverPassphraseResult, cq as RecoverUserOptions, cr as RecoveryProof, cs as ResolvedPublicEnvelopeSchema, ct as RevokeOptions, aq as Role, cu as RotatePassphraseInput, cv as SessionPolicy, cw as SetPublicEnvelopeInput, U as SlotInfo, V as SlotRecord, cx as SlotRewrapCeremony, cy as SlotRewrapContext, cz as StandardSchemaV1, cA as StandardSchemaV1Issue, cB as StandardSchemaV1SyncResult, cC as StoreAuth, cD as StoreAuthKind, cE as StoreCapabilities, cF as SyncEngine, cG as SyncMetadata, cH as SyncPolicy, cI as SyncScheduler, cJ as SyncSchedulerStatus, cK as SyncStatus, cL as SyncTarget, cM as SyncTargetRole, cN as SyncTransaction, cO as SyncTransactionResult, cP as TierMode, cQ as TranslatorAuditEntry, al as TxCollection, am as TxContext, cR as TxOp, an as TxVault, cS as USER_ENVELOPE_COLLECTION, cT as USER_ENVELOPE_MAX_BYTES, cU as Unsubscribe, cV as UpdateAuthenticatorOptions, cW as UpdateUserOptions, cX as UserApi, cY as UserEnvelopeCheckGate, cZ as UserEnvelopeOversizedError, c_ as UserEnvelopePresented, c$ as UserInfo, d0 as VaultBackup, aF as VaultEngine, aj as VaultFrame, aG as VaultInstant, d1 as VaultPolicyOnDisk, d2 as VaultSnapshot, aH as VerifyResult, W as VersionRecord, d3 as WarningRules, d4 as WeakPassphraseError, d5 as WeakPassphraseReason, d6 as WrappedDeksBlob, g as applyI18nLocale, aI as applyPatch, d7 as assertStrongPassphrase, d8 as buildRecipientKeyringFile, d9 as burnPaperRecoveryEntry, aJ as canonicalJson, aK as computePatch, n as createEnforcer, da as createNoydb, db as createStore, dc as deriveMagicLinkContentKey, h as dictCollectionName, i as dictKey, aL as diff, dd as enrollAuthenticator, de as estimateEntropy, df as evaluateExportCapability, dg as evaluateImportCapability, dh as findAuthenticator, aM as formatDiff, di as hasExportCapability, dj as hasImportCapability, dk as hasRecoveryEnrolled, aN as hashEntry, j as i18nText, k as isDictCollectionName, l as isDictKeyDescriptor, m as isI18nTextDescriptor, dl as isMagicLinkGrantExpired, dm as isPublicEnvelope, dn as issueDelegation, dp as keyringRecoverPassphrase, dq as keyringRotatePassphrase, dr as listMagicLinkGrants, ds as listUsers, dt as listUsersWithEnvelopes, du as loadActiveDelegations, dv as loadPaperRecoveryEntries, dw as magicLinkGrantRecordId, dx as mintPaperRecoveryEntry, dy as mintWrappedDeksBlob, aO as paddedIndex, aP as parseIndex, dz as readMagicLinkGrantRecord, dA as recoverUser, dB as removeAuthenticator, r as resolveI18nText, dC as resolvePublicEnvelopeSchema, dD as revokeDelegation, dE as revokeMagicLinkGrant, ao as runTransaction, dF as savePaperRecoveryEntries, aQ as sha256Hex, dG as unwrapDeksFromBlob, dH as unwrapDeksFromPaperEntry, dI as unwrapMagicLinkGrant, v as validateI18nTextValue, dJ as validatePassphrase, dK as validatePublicEnvelopeInput, dL as validateSchemaInput, dM as validateSchemaOutput, o as validateSessionPolicy, dN as writeMagicLinkGrant } from './types-Bo7NSXJr.js';
|
|
3
3
|
export { d as detectMagic, a as detectMimeType, i as isPreCompressed } from './mime-magic-CBBSOkjm.js';
|
|
4
4
|
export { AgeRoute, BlobLifecyclePolicy, BlobStoreRoute, CircuitBreakerOptions, HealthCheckOptions, LogLevel, LoggingOptions, MetricsOptions, OverrideOptions, OverrideTarget, RetryOptions, RouteStatus, RouteStoreOptions, RoutedNoydbStore, StoreCacheOptions, StoreMiddleware, StoreOperation, SuspendOptions, WrapBundleStoreOptions, WrappedBundleNoydbStore, createBundleStore, routeStore, withCache, withCircuitBreaker, withHealthCheck, withLogging, withMetrics, withRetry, wrapBundleStore, wrapStore } from './store/index.js';
|
|
5
5
|
import { N as NoydbError } from './index-DJTf9yxn.js';
|
|
6
6
|
export { A as AlreadyElevatedError, B as BackupCorruptedError, a as BackupLedgerError, b as BundleIntegrityError, c as BundleVersionConflictError, C as ConflictError, D as DEFAULT_JOIN_MAX_ROWS, d as DanglingReferenceError, e as DecryptionError, f as DelegationTargetMissingError, g as DictKeyInUseError, h as DictKeyMissingError, E as ElevationExpiredError, i as ExportCapabilityError, F as FilenameSanitizationError, G as GroupCardinalityError, I as ImportCapabilityError, j as IndexRequiredError, k as IndexWriteFailureError, l as InvalidKeyError, J as JoinContext, m as JoinLeg, n as JoinStrategy, o as JoinTooLargeError, p as JoinableSource, K as KeyringExpiredError, L as LedgerContentionError, q as LiveQuery, r as LiveUpstream, s as LocaleNotSpecifiedError, M as MissingTranslationError, t as NetworkError, u as NoAccessError, v as NotFoundError, O as OrderBy, P as PathEscapeError, w as PeriodClosedError, x as PermissionDeniedError, y as PrivilegeEscalationError, Q as Query, z as QueryPlan, H as QuerySource, R as ReadOnlyAtInstantError, S as ReadOnlyError, T as ReadOnlyFrameError, U as RefDescriptor, V as RefIntegrityError, W as RefMode, X as RefRegistry, Y as RefScopeError, Z as RefViolation, _ as ReservedCollectionNameError, $ as ScanBuilder, a0 as ScanPageProvider, a1 as SchemaValidationError, a2 as SessionExpiredError, a3 as SessionNotFoundError, a4 as SessionPolicyError, a5 as StoreCapabilityError, a6 as TamperedError, a7 as TierDemoteDeniedError, a8 as TierNotGrantedError, a9 as TranslatorNotConfiguredError, aa as ValidationError, ab as applyJoins, ac as buildLiveQuery, ad as executePlan, ae as ref, af as resetJoinWarnings } from './index-DJTf9yxn.js';
|
|
7
|
-
export { C as CompressionAlgo, N as NOYDB_BUNDLE_FORMAT_VERSION, a as NOYDB_BUNDLE_MAGIC, b as NOYDB_BUNDLE_PREFIX_BYTES, c as NoydbBundleHeader, d as NoydbBundleReadResult, W as WriteNoydbBundleOptions, g as generateULID, h as hasNoydbBundleMagic, i as isULID, r as readNoydbBundle, e as readNoydbBundleHeader, f as readNoydbBundlePublicEnvelope, j as resetBrotliSupportCache, w as writeNoydbBundle } from './index-
|
|
7
|
+
export { C as CompressionAlgo, N as NOYDB_BUNDLE_FORMAT_VERSION, a as NOYDB_BUNDLE_MAGIC, b as NOYDB_BUNDLE_PREFIX_BYTES, c as NoydbBundleHeader, d as NoydbBundleReadResult, W as WriteNoydbBundleOptions, g as generateULID, h as hasNoydbBundleMagic, i as isULID, r as readNoydbBundle, e as readNoydbBundleHeader, f as readNoydbBundlePublicEnvelope, j as resetBrotliSupportCache, w as writeNoydbBundle } from './index-8QDuznDr.js';
|
|
8
8
|
export { a as CrdtMode, b as CrdtState, L as LwwMapState, R as RgaState, Y as YjsState, m as mergeCrdtStates, r as resolveCrdtSnapshot } from './strategy-BSxFXGzb.js';
|
|
9
9
|
export { SYNC_CREDENTIALS_COLLECTION, SyncCredential, credentialStatus, deleteCredential, getCredential, listCredentials, putCredential } from './team/index.js';
|
|
10
|
-
export { C as CreateSessionOptions, a as CreateSessionResult, D as DevUnlockOptions, S as SessionToken, b as activeSessionCount, c as clearDevUnlock, d as createSession, e as enableDevUnlock, i as isDevUnlockActive, f as isSessionAlive, l as loadDevUnlock, r as resolveSession, g as revokeAllSessions, h as revokeSession } from './dev-unlock-
|
|
10
|
+
export { C as CreateSessionOptions, a as CreateSessionResult, D as DevUnlockOptions, S as SessionToken, b as activeSessionCount, c as clearDevUnlock, d as createSession, e as enableDevUnlock, i as isDevUnlockActive, f as isSessionAlive, l as loadDevUnlock, r as resolveSession, g as revokeAllSessions, h as revokeSession } from './dev-unlock-BdPp68qn.js';
|
|
11
11
|
export { a as Clause, C as CollectionIndexes, F as FieldClause, b as FilterClause, G as GroupClause, H as HashIndex, I as IndexDef, O as Operator, e as evaluateClause, c as evaluateFieldClause, r as readPath } from './predicate-SBHmi6D0.js';
|
|
12
12
|
export { a as AggregateResult, b as AggregateSpec, c as Aggregation, d as AggregationUpstream, G as GROUPBY_MAX_CARDINALITY, e as GROUPBY_WARN_CARDINALITY, f as GroupedAggregation, g as GroupedQuery, h as GroupedRow, L as LiveAggregation, R as Reducer, i as ReducerOptions, j as avg, l as count, m as groupAndReduce, n as max, o as min, r as reduceRecords, s as sum } from './strategy-D-SrOLCl.js';
|
|
13
|
-
export { L as LEDGER_COLLECTION, a as LEDGER_DELTAS_COLLECTION, e as envelopePayloadHash } from './hash-
|
|
13
|
+
export { L as LEDGER_COLLECTION, a as LEDGER_DELTAS_COLLECTION, e as envelopePayloadHash } from './hash-lsoL3eEW.js';
|
|
14
14
|
import './lazy-builder-BwEoBQZ9.js';
|
|
15
15
|
|
|
16
16
|
/**
|
package/dist/index.js
CHANGED
|
@@ -31,7 +31,7 @@ import {
|
|
|
31
31
|
readNoydbBundlePublicEnvelope,
|
|
32
32
|
resetBrotliSupportCache,
|
|
33
33
|
writeNoydbBundle
|
|
34
|
-
} from "./chunk-
|
|
34
|
+
} from "./chunk-EXHNQEV4.js";
|
|
35
35
|
import {
|
|
36
36
|
PUBLIC_ENVELOPE_RECORD_ID,
|
|
37
37
|
isPublicEnvelope,
|
|
@@ -39,13 +39,13 @@ import {
|
|
|
39
39
|
readPublicEnvelope,
|
|
40
40
|
savePublicEnvelope,
|
|
41
41
|
validatePublicEnvelopeInput
|
|
42
|
-
} from "./chunk-
|
|
42
|
+
} from "./chunk-PTVMYYON.js";
|
|
43
43
|
import {
|
|
44
44
|
CONSENT_AUDIT_COLLECTION
|
|
45
45
|
} from "./chunk-M62XNWRA.js";
|
|
46
46
|
import {
|
|
47
47
|
PERIODS_COLLECTION
|
|
48
|
-
} from "./chunk-
|
|
48
|
+
} from "./chunk-QGZRWRSL.js";
|
|
49
49
|
import "./chunk-UF3BUNQZ.js";
|
|
50
50
|
import {
|
|
51
51
|
CollectionFrame,
|
|
@@ -69,7 +69,7 @@ import {
|
|
|
69
69
|
isI18nTextDescriptor,
|
|
70
70
|
resolveI18nText,
|
|
71
71
|
validateI18nTextValue
|
|
72
|
-
} from "./chunk-
|
|
72
|
+
} from "./chunk-MDDTIZUO.js";
|
|
73
73
|
import {
|
|
74
74
|
createBundleStore,
|
|
75
75
|
routeStore,
|
|
@@ -89,12 +89,12 @@ import {
|
|
|
89
89
|
getCredential,
|
|
90
90
|
listCredentials,
|
|
91
91
|
putCredential
|
|
92
|
-
} from "./chunk-
|
|
92
|
+
} from "./chunk-4PWAI7Q4.js";
|
|
93
93
|
import {
|
|
94
94
|
PresenceHandle,
|
|
95
95
|
SyncEngine,
|
|
96
96
|
SyncTransaction
|
|
97
|
-
} from "./chunk-
|
|
97
|
+
} from "./chunk-AVVPZ4BC.js";
|
|
98
98
|
import {
|
|
99
99
|
USER_ENVELOPE_COLLECTION,
|
|
100
100
|
USER_ENVELOPE_MAX_BYTES,
|
|
@@ -123,8 +123,9 @@ import {
|
|
|
123
123
|
revoke,
|
|
124
124
|
rotateKeys,
|
|
125
125
|
saveUserEnvelope,
|
|
126
|
+
updateKeyringIdentity,
|
|
126
127
|
validatePassphrase
|
|
127
|
-
} from "./chunk-
|
|
128
|
+
} from "./chunk-WDM5XGGS.js";
|
|
128
129
|
import {
|
|
129
130
|
BUNDLE_STORE_POLICY,
|
|
130
131
|
INDEXED_STORE_POLICY,
|
|
@@ -161,7 +162,7 @@ import {
|
|
|
161
162
|
LedgerStore,
|
|
162
163
|
applyPatch,
|
|
163
164
|
computePatch
|
|
164
|
-
} from "./chunk-
|
|
165
|
+
} from "./chunk-QAVUREFT.js";
|
|
165
166
|
import {
|
|
166
167
|
canonicalJson,
|
|
167
168
|
envelopePayloadHash,
|
|
@@ -216,14 +217,14 @@ import {
|
|
|
216
217
|
detectMimeType,
|
|
217
218
|
isPreCompressed,
|
|
218
219
|
runCompaction
|
|
219
|
-
} from "./chunk-
|
|
220
|
+
} from "./chunk-2CSJGFCB.js";
|
|
220
221
|
import {
|
|
221
222
|
NOYDB_BACKUP_VERSION,
|
|
222
223
|
NOYDB_FORMAT_VERSION,
|
|
223
224
|
NOYDB_KEYRING_VERSION,
|
|
224
225
|
NOYDB_SYNC_VERSION,
|
|
225
226
|
createStore
|
|
226
|
-
} from "./chunk-
|
|
227
|
+
} from "./chunk-RKJ6OL7K.js";
|
|
227
228
|
import {
|
|
228
229
|
base64ToBuffer,
|
|
229
230
|
bufferToBase64,
|
|
@@ -454,6 +455,38 @@ async function enrollAuthenticator(store, vault, keyring, options) {
|
|
|
454
455
|
await persistKeyring(store, vault, next);
|
|
455
456
|
return next;
|
|
456
457
|
}
|
|
458
|
+
async function updateAuthenticator(store, vault, keyring, slotId, options) {
|
|
459
|
+
if (options.meta === void 0) {
|
|
460
|
+
throw new ValidationError(
|
|
461
|
+
`updateAuthenticator: at least one of meta must be provided (slotId: "${slotId}").`
|
|
462
|
+
);
|
|
463
|
+
}
|
|
464
|
+
const idx = keyring.authenticators.findIndex((a) => a.id === slotId);
|
|
465
|
+
if (idx === -1) {
|
|
466
|
+
throw new NoAccessError(
|
|
467
|
+
`updateAuthenticator: slot "${slotId}" not found in vault "${vault}".`
|
|
468
|
+
);
|
|
469
|
+
}
|
|
470
|
+
const existing = keyring.authenticators[idx];
|
|
471
|
+
const mergedMeta = { ...existing.meta };
|
|
472
|
+
for (const [k, v] of Object.entries(options.meta)) {
|
|
473
|
+
if (v === void 0) continue;
|
|
474
|
+
if (v === null) {
|
|
475
|
+
delete mergedMeta[k];
|
|
476
|
+
continue;
|
|
477
|
+
}
|
|
478
|
+
mergedMeta[k] = v;
|
|
479
|
+
}
|
|
480
|
+
const next = { ...existing, meta: mergedMeta };
|
|
481
|
+
const nextSlots = [...keyring.authenticators];
|
|
482
|
+
nextSlots[idx] = next;
|
|
483
|
+
const nextKeyring = {
|
|
484
|
+
...keyring,
|
|
485
|
+
authenticators: nextSlots
|
|
486
|
+
};
|
|
487
|
+
await persistKeyring(store, vault, nextKeyring);
|
|
488
|
+
return nextKeyring;
|
|
489
|
+
}
|
|
457
490
|
async function removeAuthenticator(store, vault, keyring, slotId) {
|
|
458
491
|
const filtered = keyring.authenticators.filter((a) => a.id !== slotId);
|
|
459
492
|
if (filtered.length === keyring.authenticators.length) {
|
|
@@ -895,6 +928,17 @@ var UserApi = class {
|
|
|
895
928
|
* the envelope on first call. Optimistic-concurrency safe — a stale
|
|
896
929
|
* `_v` (parallel writer on another device) throws `ConflictError`.
|
|
897
930
|
*
|
|
931
|
+
* Patch semantics (#57):
|
|
932
|
+
* - `undefined` (or omitted key) — skip; existing value preserved
|
|
933
|
+
* - `null` — delete the field from the merged result
|
|
934
|
+
* - any other value — overwrite (deep-merge for plain objects,
|
|
935
|
+
* replace for primitives / arrays)
|
|
936
|
+
*
|
|
937
|
+
* To clear a field, pass `null` rather than `undefined`. Callers
|
|
938
|
+
* with shape `T = string | null` where `null` is a meaningful value
|
|
939
|
+
* should use `setMe` for that specific field instead — `null` here
|
|
940
|
+
* always means delete.
|
|
941
|
+
*
|
|
898
942
|
* Gated by the `edit-own-profile` policy gate (default `minTier: 3`).
|
|
899
943
|
* Pass `presented` to satisfy tightened policies that require a
|
|
900
944
|
* factor proof (e.g. STRICT_POLICY's TOTP requirement).
|
|
@@ -1066,9 +1110,17 @@ function deepMerge(source, patch) {
|
|
|
1066
1110
|
}
|
|
1067
1111
|
const out = { ...source };
|
|
1068
1112
|
for (const [key, patchVal] of Object.entries(patch)) {
|
|
1113
|
+
if (patchVal === void 0) {
|
|
1114
|
+
continue;
|
|
1115
|
+
}
|
|
1116
|
+
if (patchVal === null) {
|
|
1117
|
+
delete out[key];
|
|
1118
|
+
continue;
|
|
1119
|
+
}
|
|
1069
1120
|
const sourceVal = source[key];
|
|
1070
|
-
if (isPlainObject(
|
|
1071
|
-
|
|
1121
|
+
if (isPlainObject(patchVal)) {
|
|
1122
|
+
const recurseSource = isPlainObject(sourceVal) ? sourceVal : {};
|
|
1123
|
+
out[key] = deepMerge(recurseSource, patchVal);
|
|
1072
1124
|
} else {
|
|
1073
1125
|
out[key] = patchVal;
|
|
1074
1126
|
}
|
|
@@ -5378,7 +5430,7 @@ var Vault = class {
|
|
|
5378
5430
|
* @see docs/subsystems/public-envelope.md
|
|
5379
5431
|
*/
|
|
5380
5432
|
async getPublicEnvelope(opts = {}) {
|
|
5381
|
-
const { readPublicEnvelope: readPublicEnvelope2 } = await import("./public-envelope-
|
|
5433
|
+
const { readPublicEnvelope: readPublicEnvelope2 } = await import("./public-envelope-6JTACYJV.js");
|
|
5382
5434
|
return readPublicEnvelope2(this.adapter, this.name, opts);
|
|
5383
5435
|
}
|
|
5384
5436
|
/**
|
|
@@ -5976,6 +6028,12 @@ var PERSONAL_POLICY = Object.freeze({
|
|
|
5976
6028
|
},
|
|
5977
6029
|
"enroll-authenticator": { minTier: 1 },
|
|
5978
6030
|
"remove-authenticator": { minTier: 1 },
|
|
6031
|
+
// update-authenticator: meta-only mutation (slot rename, label
|
|
6032
|
+
// changes). Symmetric with enroll/remove under PERSONAL — tier-1
|
|
6033
|
+
// unlock alone. The structural anti-slot-swap guard inside the
|
|
6034
|
+
// implementation enforces wrap-material/id/method immutability
|
|
6035
|
+
// regardless of this gate's settings.
|
|
6036
|
+
"update-authenticator": { minTier: 1 },
|
|
5979
6037
|
"rotate-unlock": { minTier: 2 },
|
|
5980
6038
|
"enroll-user": { minTier: 1 },
|
|
5981
6039
|
"revoke-user": { minTier: 1 },
|
|
@@ -5985,6 +6043,12 @@ var PERSONAL_POLICY = Object.freeze({
|
|
|
5985
6043
|
// virtue of being a co-owner). Tier-1 unlock is the floor; the
|
|
5986
6044
|
// STRICT preset adds a recovery/email-OTP requirement.
|
|
5987
6045
|
"peer-recover-user": { minTier: 1 },
|
|
6046
|
+
// update-user: post-grant identity mutation (role/displayName/
|
|
6047
|
+
// permissions). PERSONAL_POLICY treats this on par with enroll-user
|
|
6048
|
+
// / revoke-user — tier-1 unlock alone. The role-elevation guard
|
|
6049
|
+
// inside the implementation is the structural backstop that this
|
|
6050
|
+
// gate's settings cannot weaken.
|
|
6051
|
+
"update-user": { minTier: 1 },
|
|
5988
6052
|
"export-bundle": { minTier: 1 },
|
|
5989
6053
|
"export-plaintext": {
|
|
5990
6054
|
minTier: 1,
|
|
@@ -6029,6 +6093,15 @@ var STRICT_POLICY = Object.freeze({
|
|
|
6029
6093
|
minTier: 1,
|
|
6030
6094
|
factors: [{ anyOf: ["totp", "email-otp"] }]
|
|
6031
6095
|
},
|
|
6096
|
+
// STRICT update-authenticator: same factor floor as enroll/remove.
|
|
6097
|
+
// Even though meta changes don't touch wrap material, a malicious
|
|
6098
|
+
// rename could mislead the user about which device a slot
|
|
6099
|
+
// corresponds to ("MacBook Touch ID" → "iPhone Touch ID" on a
|
|
6100
|
+
// shared workstation). STRICT requires a fresh factor proof.
|
|
6101
|
+
"update-authenticator": {
|
|
6102
|
+
minTier: 1,
|
|
6103
|
+
factors: [{ anyOf: ["totp", "email-otp"] }]
|
|
6104
|
+
},
|
|
6032
6105
|
"rotate-unlock": { minTier: 1 },
|
|
6033
6106
|
"enroll-user": {
|
|
6034
6107
|
minTier: 1,
|
|
@@ -6051,6 +6124,18 @@ var STRICT_POLICY = Object.freeze({
|
|
|
6051
6124
|
minTier: 1,
|
|
6052
6125
|
factors: [{ anyOf: ["recovery", "totp", "email-otp", "webauthn-roaming"] }]
|
|
6053
6126
|
},
|
|
6127
|
+
// STRICT update-user: matches the enroll-user / revoke-user shape
|
|
6128
|
+
// (off-device factor required). Update-user is admin-shaped — it
|
|
6129
|
+
// mutates someone else's role/permissions; STRICT requires a fresh
|
|
6130
|
+
// off-device factor proof so the operator affirmatively re-asserts
|
|
6131
|
+
// identity at the moment of mutation. Platform-bound factors
|
|
6132
|
+
// (Touch ID / password / PIN) intentionally excluded: same logic as
|
|
6133
|
+
// peer-recover-user — the off-device requirement is the whole
|
|
6134
|
+
// point under STRICT.
|
|
6135
|
+
"update-user": {
|
|
6136
|
+
minTier: 1,
|
|
6137
|
+
factors: [{ anyOf: ["totp", "email-otp"] }]
|
|
6138
|
+
},
|
|
6054
6139
|
"export-bundle": {
|
|
6055
6140
|
minTier: 1,
|
|
6056
6141
|
factors: [{ anyOf: ["totp", "email-otp"] }],
|
|
@@ -6445,6 +6530,56 @@ var Noydb = class {
|
|
|
6445
6530
|
const keyring = await this.getKeyring(vault);
|
|
6446
6531
|
await revoke(this.options.store, vault, keyring, options);
|
|
6447
6532
|
}
|
|
6533
|
+
/**
|
|
6534
|
+
* Mutate post-grant identity fields on an existing keyring — `role`,
|
|
6535
|
+
* `displayName`, and/or `permissions`. Pure plaintext-header rewrite:
|
|
6536
|
+
* no DEK rewrap, no KEK required, no authenticator slots touched.
|
|
6537
|
+
* Tier-2 enrollments and recovery codes survive.
|
|
6538
|
+
*
|
|
6539
|
+
* Different from `db.revoke + db.grant`:
|
|
6540
|
+
*
|
|
6541
|
+
* - Same `userId`, same DEK wrappings, same `granted_by`, same
|
|
6542
|
+
* `_users/<keyringId>` envelope. Only the specified header
|
|
6543
|
+
* fields move. Last-write-wins via the standard keyring put.
|
|
6544
|
+
* - No cascade on role demotion (admins demoted to operator keep
|
|
6545
|
+
* the keyrings they previously granted; the cascade rules are
|
|
6546
|
+
* a `db.revoke` concern, not `db.updateUser`).
|
|
6547
|
+
* - Tier-2 slots NOT dropped — the wrapping is unaffected.
|
|
6548
|
+
*
|
|
6549
|
+
* Role-elevation guard: BOTH the old and new role must satisfy
|
|
6550
|
+
* `db.grant`'s hierarchy. Owner can do anything; admin manages
|
|
6551
|
+
* admin/operator/viewer/client laterally; admin cannot promote to
|
|
6552
|
+
* owner OR demote from owner. The guard runs regardless of the
|
|
6553
|
+
* `update-user` policy gate's settings — gates can only be more
|
|
6554
|
+
* permissive than the structural floor, never less.
|
|
6555
|
+
*
|
|
6556
|
+
* Gated by `update-user`. `STRICT_POLICY` requires a TOTP/email-OTP
|
|
6557
|
+
* factor proof so the operator affirmatively re-asserts identity at
|
|
6558
|
+
* the moment of mutation; `PERSONAL_POLICY` accepts a tier-1 unlock
|
|
6559
|
+
* alone.
|
|
6560
|
+
*
|
|
6561
|
+
* ```ts
|
|
6562
|
+
* await db.updateUser('acme', {
|
|
6563
|
+
* userId: 'bob',
|
|
6564
|
+
* role: 'operator', // promote
|
|
6565
|
+
* permissions: { invoices: 'rw' },
|
|
6566
|
+
* }, { factors: [{ kind: 'totp' }] })
|
|
6567
|
+
* ```
|
|
6568
|
+
*
|
|
6569
|
+
* @throws `NoAccessError` when no keyring exists for the target.
|
|
6570
|
+
* @throws `PermissionDeniedError` when the role hierarchy rejects.
|
|
6571
|
+
* @throws `ValidationError` when no field is provided.
|
|
6572
|
+
*
|
|
6573
|
+
* @see #54
|
|
6574
|
+
*/
|
|
6575
|
+
async updateUser(vault, options, factors) {
|
|
6576
|
+
await this.checkGate(vault, "update-user", factors);
|
|
6577
|
+
const keyring = await this.getKeyring(vault);
|
|
6578
|
+
await updateKeyringIdentity(this.options.store, vault, keyring, options);
|
|
6579
|
+
if (options.userId === this.options.user) {
|
|
6580
|
+
this.keyringCache.delete(vault);
|
|
6581
|
+
}
|
|
6582
|
+
}
|
|
6448
6583
|
/**
|
|
6449
6584
|
* Rotate the DEKs for the given collections in a vault.
|
|
6450
6585
|
*
|
|
@@ -6988,6 +7123,40 @@ var Noydb = class {
|
|
|
6988
7123
|
const keyring = await this.getKeyring(vault);
|
|
6989
7124
|
return keyring.authenticators;
|
|
6990
7125
|
}
|
|
7126
|
+
/**
|
|
7127
|
+
* Mutate the `meta` blob on an existing authenticator slot — slot
|
|
7128
|
+
* rename, label change, attachment of UI hints. The slot's `id`,
|
|
7129
|
+
* `method`, and wrap material (`wrapped_kek` / `wrapped_deks` + `iv`)
|
|
7130
|
+
* are immutable through this method. Anti-slot-swap is structural,
|
|
7131
|
+
* not gate-driven.
|
|
7132
|
+
*
|
|
7133
|
+
* `meta` patch semantics (#57-aligned):
|
|
7134
|
+
* - Top-level merge — absent keys preserved
|
|
7135
|
+
* - `null` value — delete that meta key
|
|
7136
|
+
* - Other values — replace verbatim
|
|
7137
|
+
*
|
|
7138
|
+
* Use case: per-slot nickname for "iPhone Touch ID" vs "MacBook
|
|
7139
|
+
* Touch ID" disambiguation in admin UIs. The slot id (auto-derived
|
|
7140
|
+
* from credentialId prefix) is not human-friendly; `meta.nickname`
|
|
7141
|
+
* is.
|
|
7142
|
+
*
|
|
7143
|
+
* Gated by `update-authenticator`. PERSONAL_POLICY: tier-1 unlock
|
|
7144
|
+
* alone (matches enroll/remove). STRICT_POLICY: tier-1 +
|
|
7145
|
+
* TOTP/email-OTP factor proof — a malicious rename on a shared
|
|
7146
|
+
* workstation could mislead the user about which device a slot
|
|
7147
|
+
* corresponds to, so STRICT requires fresh factor binding.
|
|
7148
|
+
*
|
|
7149
|
+
* @throws `NoAccessError` when no slot with the given id exists.
|
|
7150
|
+
* @throws `ValidationError` when no patch field is provided.
|
|
7151
|
+
*
|
|
7152
|
+
* @see #55
|
|
7153
|
+
*/
|
|
7154
|
+
async updateAuthenticator(vault, slotId, options, presented) {
|
|
7155
|
+
await this.checkGate(vault, "update-authenticator", presented);
|
|
7156
|
+
const keyring = await this.getKeyring(vault);
|
|
7157
|
+
const next = await updateAuthenticator(this.options.store, vault, keyring, slotId, options);
|
|
7158
|
+
this.keyringCache.set(vault, next);
|
|
7159
|
+
}
|
|
6991
7160
|
/**
|
|
6992
7161
|
* Native WebAuthn enrollment using the **real** internal keyring (#16).
|
|
6993
7162
|
*
|