npm - @noy-db/hub - Versions diffs - 0.2.0-pre.24 → 0.2.0-pre.25 - Mend

@noy-db/hub 0.2.0-pre.24 → 0.2.0-pre.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (264) hide show

package/dist/{chunk-7X4EF35A.js → chunk-JJKXJAH2.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   ensureCollectionDEK
-} from "./chunk-B5CSNGSE.js";
+} from "./chunk-UNBX2HMA.js";
 import {
   envelopePayloadHash
 } from "./chunk-PDVP3C2I.js";
@@ -10,11 +10,11 @@ import {
 import {
   decrypt,
   encrypt
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   DictKeyMissingError,
   PermissionDeniedError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/i18n/dictionary.ts
 var DICT_COLLECTION_PREFIX = "_dict_";
@@ -398,4 +398,4 @@ export {
   isStaticDictDescriptor,
   DictionaryHandle
 };
-//# sourceMappingURL=chunk-7X4EF35A.js.map
+//# sourceMappingURL=chunk-JJKXJAH2.js.map

package/dist/{chunk-HD4QCT2O.js → chunk-KD253AI5.js} RENAMED Viewed

@@ -2,7 +2,7 @@ import {
   LocaleNotSpecifiedError,
   MissingTranslationError,
   ScriptViolationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/i18n/policy.ts
 function resolvePolicy(onMissing, layer) {
@@ -358,4 +358,4 @@ export {
   setAtPathInPlace,
   applyI18nLocale
 };
-//# sourceMappingURL=chunk-HD4QCT2O.js.map
+//# sourceMappingURL=chunk-KD253AI5.js.map

package/dist/{chunk-SGM7CK7R.js → chunk-KJ37E3R5.js} RENAMED Viewed

@@ -13,11 +13,11 @@ import {
   sha256Hex,
   unwrapCek,
   wrapCek
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   ConflictError,
   NotFoundError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/blobs/mime-magic.ts
 function hex(s) {
@@ -1153,7 +1153,7 @@ var BlobSet = class {
       return this.buildResponse(slot, result.blob, { inline: true });
     }
     const aad = chunkAAD(slot.eTag, 0, result.blob.chunkCount);
-    const { decryptBytesWithAAD: decryptAAD } = await import("./crypto-2LU6XUFF.js");
+    const { decryptBytesWithAAD: decryptAAD } = await import("./crypto-YBKBNPVM.js");
     const decrypted = await decryptAAD(envelope._iv, envelope._data, blobDEK, aad);
     const plaintext = result.blob.compression === "gzip" ? await decompressBytes(decrypted) : decrypted;
     const body = new ReadableStream({
@@ -1303,4 +1303,4 @@ export {
   memoryObjectProjection,
   importExternalObjects
 };
-//# sourceMappingURL=chunk-SGM7CK7R.js.map
+//# sourceMappingURL=chunk-KJ37E3R5.js.map

package/dist/{chunk-LMWVNF6X.js → chunk-KNJ7MK4B.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   DerivationCycleError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/derivations/strategy-hash.ts
 async function computeStrategyHash(source, outputKeys, derive, sources) {
@@ -115,4 +115,4 @@ var DerivationRegistry = class {
 export {
   DerivationRegistry
 };
-//# sourceMappingURL=chunk-LMWVNF6X.js.map
+//# sourceMappingURL=chunk-KNJ7MK4B.js.map

package/dist/{chunk-AO3QSMCU.js → chunk-LX4CPLU6.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 import {
   FieldFrozenError,
   InvariantError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/guards/executor.ts
 var GuardExecutor = {
@@ -77,4 +77,4 @@ function deepEqual(a, b) {
 export {
   GuardExecutor
 };
-//# sourceMappingURL=chunk-AO3QSMCU.js.map
+//# sourceMappingURL=chunk-LX4CPLU6.js.map

package/dist/{chunk-4TCMCCC3.js → chunk-N4EXCKWP.js} RENAMED Viewed

@@ -1,11 +1,11 @@
 import {
   pickLocale
-} from "./chunk-P7OL22JP.js";
+} from "./chunk-HUXDQIVU.js";
 import {
   BundleIntegrityError,
   BundleSealMismatchError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/bundle/format.ts
 var NOYDB_BUNDLE_MAGIC = new Uint8Array([78, 68, 66, 49]);
@@ -782,8 +782,6 @@ export {
   COMPRESSION_BROTLI,
   validateBundleHeader,
   encodeBundleHeader,
-  readUint32BE,
-  writeUint32BE,
   hasNoydbBundleMagic,
   buildExtractedPartitionWrapper,
   parseExtractedPartitionBody,
@@ -794,4 +792,4 @@ export {
   readNoydbBundlePublicEnvelope,
   readNoydbBundle
 };
-//# sourceMappingURL=chunk-4TCMCCC3.js.map
+//# sourceMappingURL=chunk-N4EXCKWP.js.map

package/dist/{chunk-JRMOSIH4.js → chunk-OCRDV3NU.js} RENAMED Viewed

@@ -1,16 +1,16 @@
 import {
   ensureCollectionDEK
-} from "./chunk-B5CSNGSE.js";
+} from "./chunk-UNBX2HMA.js";
 import {
   NOYDB_FORMAT_VERSION
 } from "./chunk-LR7CODVN.js";
 import {
   decrypt,
   encrypt
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   PermissionDeniedError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/team/sync-credentials.ts
 var SYNC_CREDENTIALS_COLLECTION = "_sync_credentials";
@@ -76,4 +76,4 @@ export {
   listCredentials,
   credentialStatus
 };
-//# sourceMappingURL=chunk-JRMOSIH4.js.map
+//# sourceMappingURL=chunk-OCRDV3NU.js.map

package/dist/{chunk-DCICHSRS.js → chunk-OMBPGXCL.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/overlay-views/with-overlayed-view.ts
 function withOverlayedView(spec) {
@@ -33,4 +33,4 @@ function withOverlayedView(spec) {
 export {
   withOverlayedView
 };
-//# sourceMappingURL=chunk-DCICHSRS.js.map
+//# sourceMappingURL=chunk-OMBPGXCL.js.map

package/dist/{chunk-3XJU3OHE.js → chunk-PS6PSEZL.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   wrapMoneyReducers
-} from "./chunk-77WF53XY.js";
+} from "./chunk-C7UIT5XY.js";
 import {
   MoneyPrecisionError,
   evaluateClause,
@@ -9,17 +9,17 @@ import {
   moneyFieldClause,
   parseToScaledInt,
   readPath
-} from "./chunk-GEWIFM4J.js";
+} from "./chunk-3BANVNDH.js";
 import {
   applyI18nLocale
-} from "./chunk-HD4QCT2O.js";
+} from "./chunk-KD253AI5.js";
 import {
   CrossJoinSourceUnknownError,
   CrossJoinTooLargeError,
   DanglingReferenceError,
   JoinTooLargeError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/query/join.ts
 var DEFAULT_JOIN_MAX_ROWS = 5e4;
@@ -1977,4 +1977,4 @@ export {
   executePlan,
   ScanBuilder
 };
-//# sourceMappingURL=chunk-3XJU3OHE.js.map
+//# sourceMappingURL=chunk-PS6PSEZL.js.map

package/dist/{chunk-ZDITTESU.js → chunk-Q7P4WHTL.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 import {
   MaterializedViewConfigError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/materialized-views/with-materialized-view.ts
 function withMaterializedView(spec) {
@@ -94,4 +94,4 @@ function withMaterializedView(spec) {
 export {
   withMaterializedView
 };
-//# sourceMappingURL=chunk-ZDITTESU.js.map
+//# sourceMappingURL=chunk-Q7P4WHTL.js.map

package/dist/{chunk-OKV7S356.js → chunk-QYQRAOEF.js} RENAMED Viewed

@@ -4,10 +4,10 @@ import {
 import {
   decrypt,
   encrypt
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   ConflictError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/attestation/signer.ts
 import { generateDocSigningKeyPair } from "@noy-db/attestation";
@@ -54,4 +54,4 @@ export {
   loadSigner,
   loadOrCreateSigner
 };
-//# sourceMappingURL=chunk-OKV7S356.js.map
+//# sourceMappingURL=chunk-QYQRAOEF.js.map

package/dist/{chunk-IEIADIPM.js → chunk-RHVYFAVQ.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 import {
   DerivationCapExceededError,
   DerivationOutputShapeError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/derivations/executor.ts
 var DerivationExecutor = {
@@ -121,4 +121,4 @@ var DerivationExecutor = {
 export {
   DerivationExecutor
 };
-//# sourceMappingURL=chunk-IEIADIPM.js.map
+//# sourceMappingURL=chunk-RHVYFAVQ.js.map

package/dist/{chunk-R43KS34V.js → chunk-RZOGD7IF.js} RENAMED Viewed

@@ -1,38 +1,29 @@
 import {
   resolveManagedSecret
-} from "./chunk-XC32SZPW.js";
+} from "./chunk-YP2AYE5W.js";
 import {
-  hasNoydbBundleMagic,
   parseExtractedPartitionBody,
   readNoydbBundle,
-  readNoydbBundleHeader,
-  readNoydbBundlePublicEnvelope,
-  readUint32BE,
-  writeNoydbBundle,
-  writeUint32BE
-} from "./chunk-4TCMCCC3.js";
+  readNoydbBundleHeader
+} from "./chunk-N4EXCKWP.js";
 import {
   createOwnerKeyring
-} from "./chunk-B5CSNGSE.js";
-import {
-  generateULID
-} from "./chunk-FZU343FL.js";
+} from "./chunk-UNBX2HMA.js";
 import {
   LEDGER_COLLECTION,
   LedgerStore
-} from "./chunk-AONK5GCC.js";
+} from "./chunk-EYZJULEN.js";
 import {
   base64ToBuffer,
   decrypt,
-  sha256Hex,
   unwrapCek,
   wrapKey
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   AdoptionStateError,
   TransferSealError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/bundle/adopt-partition.ts
 async function unsealDeks(seal, transferKey) {
@@ -185,7 +176,7 @@ async function createOwnerOnAdoptedPartition(store, vaultName, opts) {
     }
   }
   if (isManaged(opts)) {
-    const { createNoydb } = await import("./noydb-2PI2ZBX6.js");
+    const { createNoydb } = await import("./noydb-6FA46A4M.js");
     const db = await createNoydb({
       store,
       user: userId,
@@ -232,168 +223,10 @@ async function decryptExtractedPartition(bundleBytes, transferKey) {
   return out;
 }
-// src/bundle/multi-bundle.ts
-var NOYDB_MULTI_BUNDLE_MAGIC = new Uint8Array([78, 68, 66, 77]);
-var NOYDB_MULTI_BUNDLE_PREFIX_BYTES = 10;
-var NOYDB_MULTI_BUNDLE_VERSION = 1;
-function encodeMultiBundle(manifest, inner) {
-  validateManifest(manifest);
-  if (manifest.compartments.length !== inner.length) {
-    throw new Error(`multi-bundle: manifest has ${manifest.compartments.length} compartments but ${inner.length} inner bundles were provided.`);
-  }
-  for (let i = 0; i < inner.length; i++) {
-    if (manifest.compartments[i].innerBytes !== inner[i].length) {
-      throw new Error(`multi-bundle: compartment ${i} declares innerBytes ${manifest.compartments[i].innerBytes} but ${inner[i].length} bytes were provided.`);
-    }
-  }
-  const manifestBytes = new TextEncoder().encode(JSON.stringify(manifest));
-  const bodyLen = inner.reduce((n, b) => n + b.length, 0);
-  const out = new Uint8Array(NOYDB_MULTI_BUNDLE_PREFIX_BYTES + manifestBytes.length + bodyLen);
-  out.set(NOYDB_MULTI_BUNDLE_MAGIC, 0);
-  out[4] = NOYDB_MULTI_BUNDLE_VERSION;
-  out[5] = 0;
-  writeUint32BE(out, 6, manifestBytes.length);
-  out.set(manifestBytes, NOYDB_MULTI_BUNDLE_PREFIX_BYTES);
-  let off = NOYDB_MULTI_BUNDLE_PREFIX_BYTES + manifestBytes.length;
-  for (const b of inner) {
-    out.set(b, off);
-    off += b.length;
-  }
-  return out;
-}
-function hasMultiMagic(bytes) {
-  if (bytes.length < NOYDB_MULTI_BUNDLE_MAGIC.length) return false;
-  for (let i = 0; i < NOYDB_MULTI_BUNDLE_MAGIC.length; i++) if (bytes[i] !== NOYDB_MULTI_BUNDLE_MAGIC[i]) return false;
-  return true;
-}
-function validateManifest(parsed) {
-  if (parsed === null || typeof parsed !== "object") throw new Error("multi-bundle manifest must be a JSON object.");
-  const m = parsed;
-  if (m["multiFormatVersion"] !== NOYDB_MULTI_BUNDLE_VERSION) throw new Error(`multi-bundle manifest.multiFormatVersion must be ${NOYDB_MULTI_BUNDLE_VERSION}, got ${String(m["multiFormatVersion"])}.`);
-  if (typeof m["handle"] !== "string" || m["handle"].length === 0) throw new Error("multi-bundle manifest.handle must be a non-empty string.");
-  if (!Array.isArray(m["compartments"])) throw new Error("multi-bundle manifest.compartments must be an array.");
-  const seenHandles = /* @__PURE__ */ new Set();
-  for (const c of m["compartments"]) {
-    if (c === null || typeof c !== "object") throw new Error("multi-bundle compartment must be an object.");
-    const e = c;
-    if (typeof e["handle"] !== "string" || e["handle"].length === 0) throw new Error("multi-bundle compartment.handle must be a non-empty string.");
-    if (seenHandles.has(e["handle"])) {
-      throw new Error(`multi-bundle manifest has a duplicate compartment handle "${e["handle"]}".`);
-    }
-    seenHandles.add(e["handle"]);
-    if (typeof e["innerBytes"] !== "number" || !Number.isInteger(e["innerBytes"]) || e["innerBytes"] < 0) throw new Error("multi-bundle compartment.innerBytes must be a non-negative integer.");
-    if (typeof e["innerSha256"] !== "string" || !/^[0-9a-f]{64}$/.test(e["innerSha256"])) throw new Error("multi-bundle compartment.innerSha256 must be 64-char lowercase hex.");
-  }
-}
-function decodeMultiBundle(bytes) {
-  if (!hasMultiMagic(bytes)) throw new Error("not a NOYDB multi-bundle: missing NDBM magic.");
-  if (bytes.length < NOYDB_MULTI_BUNDLE_PREFIX_BYTES) throw new Error("multi-bundle truncated: shorter than the fixed prefix.");
-  if (bytes[4] !== NOYDB_MULTI_BUNDLE_VERSION) throw new Error(`unsupported multi-bundle version ${String(bytes[4])}.`);
-  const manifestLen = readUint32BE(bytes, 6);
-  const manifestEnd = NOYDB_MULTI_BUNDLE_PREFIX_BYTES + manifestLen;
-  if (manifestEnd > bytes.length) throw new Error("multi-bundle truncated: manifest length overruns the buffer.");
-  const manifestJson = new TextDecoder("utf-8", { fatal: true }).decode(bytes.subarray(NOYDB_MULTI_BUNDLE_PREFIX_BYTES, manifestEnd));
-  let parsed;
-  try {
-    parsed = JSON.parse(manifestJson);
-  } catch (err) {
-    throw new Error(`multi-bundle manifest is not valid JSON: ${err.message}`);
-  }
-  validateManifest(parsed);
-  const inner = [];
-  let off = manifestEnd;
-  for (const c of parsed.compartments) {
-    const end = off + c.innerBytes;
-    if (end > bytes.length) throw new Error(`multi-bundle truncated: compartment "${c.handle}" innerBytes overruns the buffer.`);
-    inner.push(bytes.subarray(off, end));
-    off = end;
-  }
-  if (off !== bytes.length) {
-    throw new Error(`multi-bundle: ${bytes.length - off} trailing byte(s) after the last compartment \u2014 buffer may be corrupt.`);
-  }
-  return { manifest: parsed, inner };
-}
-async function writeMultiVaultBundle(compartments, opts = {}) {
-  if (compartments.length === 0) throw new Error("writeMultiVaultBundle: at least one compartment is required.");
-  const inner = [];
-  const entries = [];
-  for (const c of compartments) {
-    const innerBytes = await writeNoydbBundle(c.vault, c.bundleOptions ?? {});
-    const header = readNoydbBundleHeader(innerBytes);
-    const entry = {
-      handle: header.handle,
-      exportedAt: c.exportedAt ?? (/* @__PURE__ */ new Date()).toISOString(),
-      innerBytes: innerBytes.length,
-      innerSha256: await sha256Hex(innerBytes)
-    };
-    if (c.roleTag !== void 0) entry.roleTag = c.roleTag;
-    if (c.disclose?.name !== void 0 && c.disclose.name !== false) {
-      entry.name = c.disclose.name === true ? c.vault.name : c.disclose.name;
-    }
-    if (c.disclose?.collections === true) {
-      const names = await c.vault.collections();
-      entry.collections = await Promise.all(
-        names.map(async (n) => ({ name: n, count: await c.vault.collection(n).count() }))
-      );
-    }
-    if (c.disclose?.publicEnvelope === true) {
-      const env = readNoydbBundlePublicEnvelope(innerBytes);
-      if (env !== void 0) entry.publicEnvelope = env;
-    }
-    const fence = await c.vault.schemaFenceState();
-    entry.schemaVersion = fence.currentSchemaVersion;
-    inner.push(innerBytes);
-    entries.push(entry);
-  }
-  const manifest = {
-    multiFormatVersion: NOYDB_MULTI_BUNDLE_VERSION,
-    handle: opts.handle ?? generateULID(),
-    compartments: entries
-  };
-  return encodeMultiBundle(manifest, inner);
-}
-async function readNoydbBundleManifest(bytes) {
-  if (hasMultiMagic(bytes)) return [...decodeMultiBundle(bytes).manifest.compartments];
-  if (hasNoydbBundleMagic(bytes)) {
-    const header = readNoydbBundleHeader(bytes);
-    const env = readNoydbBundlePublicEnvelope(bytes);
-    const entry = {
-      handle: header.handle,
-      innerBytes: bytes.length,
-      innerSha256: await sha256Hex(bytes)
-    };
-    if (env !== void 0) entry.publicEnvelope = env;
-    return [entry];
-  }
-  throw new Error("readNoydbBundleManifest: not a NOYDB bundle (no NDB1 or NDBM magic).");
-}
-function readMultiVaultBundleCompartment(bytes, selector) {
-  if (typeof selector === "number" && !Number.isInteger(selector)) {
-    throw new Error(`readMultiVaultBundleCompartment: numeric selector must be an integer, got ${selector}.`);
-  }
-  if (hasNoydbBundleMagic(bytes) && !hasMultiMagic(bytes)) {
-    const header = readNoydbBundleHeader(bytes);
-    if (selector === 0 || selector === header.handle) return bytes;
-    throw new Error(`readMultiVaultBundleCompartment: single v1 bundle has only compartment "${header.handle}".`);
-  }
-  const { manifest, inner } = decodeMultiBundle(bytes);
-  const idx = typeof selector === "number" ? selector : manifest.compartments.findIndex((c) => c.handle === selector);
-  if (idx < 0 || idx >= inner.length) throw new Error(`readMultiVaultBundleCompartment: no compartment ${typeof selector === "number" ? `at index ${selector}` : `"${selector}"`}.`);
-  return inner[idx];
-}
 export {
   unsealDeks,
   adoptPartition,
   createOwnerOnAdoptedPartition,
-  decryptExtractedPartition,
-  NOYDB_MULTI_BUNDLE_MAGIC,
-  NOYDB_MULTI_BUNDLE_PREFIX_BYTES,
-  NOYDB_MULTI_BUNDLE_VERSION,
-  encodeMultiBundle,
-  decodeMultiBundle,
-  writeMultiVaultBundle,
-  readNoydbBundleManifest,
-  readMultiVaultBundleCompartment
+  decryptExtractedPartition
 };
-//# sourceMappingURL=chunk-R43KS34V.js.map
+//# sourceMappingURL=chunk-RZOGD7IF.js.map

package/dist/chunk-RZOGD7IF.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/bundle/adopt-partition.ts","../src/bundle/decrypt-partition.ts"],"sourcesContent":["/**\n * Partition adoption. Recipient side: verify an extracted bundle,\n * validate the transfer key, import the re-keyed collections into a\n * destination store, and record an `_meta/adoption` marker. The bundle\n * stays UNOWNED after adoption — `createOwnerOnAdoptedPartition`\n * mints the owner; the transfer seal is then destroyed.\n *\n * @module\n */\nimport { base64ToBuffer, wrapKey } from '../crypto.js'\nimport { TransferSealError, AdoptionStateError, ValidationError } from '../errors.js'\nimport type { NoydbStore, VaultSnapshot, KeyringFile } from '../types.js'\nimport { createOwnerKeyring } from '../team/keyring.js'\nimport { resolveManagedSecret } from '../team/managed-passphrase.js'\nimport type { SealingKeyProvider } from '../team/managed-passphrase.js'\nimport type { ShamirRecoveryProvider } from '../team/shamir-recovery-provider.js'\nimport type { RecoveryEnrollmentInput } from '../team/rotate-recover.js'\nimport { LedgerStore } from '../history/ledger/store.js'\nimport { LEDGER_COLLECTION } from '../history/ledger/constants.js'\nimport type { TransferSealPayload } from './bundle.js'\nimport { readNoydbBundleHeader, readNoydbBundle, parseExtractedPartitionBody } from './bundle.js'\n\n/**\n * Reverse of `sealDeks`. Imports the transfer key, decrypts the\n * sealed `{ collection: base64(rawDEK) }` map (layout iv(12)‖ct‖tag), and\n * re-imports each DEK as an AES-GCM key. Throws `TransferSealError` on a\n * wrong key (AES-GCM auth-tag failure) or malformed payload.\n */\nexport async function unsealDeks(\n seal: TransferSealPayload,\n transferKey: Uint8Array,\n): Promise<Map<string, CryptoKey>> {\n if (transferKey.byteLength !== 32) {\n throw new TransferSealError(\n `transfer key must be 32 bytes, got ${transferKey.byteLength}.`,\n )\n }\n const key = await crypto.subtle.importKey('raw', transferKey as BufferSource, 'AES-GCM', false, ['decrypt'])\n const raw = base64ToBuffer(seal.payload)\n let plaintext: ArrayBuffer\n try {\n plaintext = await crypto.subtle.decrypt(\n { name: 'AES-GCM', iv: raw.slice(0, 12) as BufferSource },\n key,\n raw.slice(12) as BufferSource,\n )\n } catch {\n throw new TransferSealError(\n 'transfer seal could not be opened — wrong transfer key (AES-GCM authentication failed).',\n )\n }\n let dekMap: Record<string, string>\n try {\n dekMap = JSON.parse(new TextDecoder().decode(plaintext)) as Record<string, string>\n } catch {\n throw new TransferSealError('transfer seal payload is not valid JSON after decryption.')\n }\n const deks = new Map<string, CryptoKey>()\n for (const [collection, b64] of Object.entries(dekMap)) {\n // Extractable: the recipient must be able to re-wrap these under their\n // own KEK (AES-KW) at owner-creation. Matches generateDEK.\n const dek = await crypto.subtle.importKey('raw', base64ToBuffer(b64) as BufferSource, 'AES-GCM', true, ['encrypt', 'decrypt'])\n deks.set(collection, dek)\n }\n return deks\n}\n\nexport interface AdoptPartitionOptions {\n readonly transferKey: Uint8Array\n readonly destinationStore: NoydbStore\n readonly vaultName: string\n}\n\nexport interface AdoptPartitionResult {\n readonly vaultName: string\n readonly needsOwner: true\n readonly sealId: string\n}\n\nexport async function adoptPartition(\n bundleBytes: Uint8Array,\n opts: AdoptPartitionOptions,\n): Promise<AdoptPartitionResult> {\n const { transferKey, destinationStore, vaultName } = opts\n\n const header = readNoydbBundleHeader(bundleBytes)\n if (header.bundleKind !== 'extracted-partition' || header.transferSeal === undefined) {\n throw new ValidationError(\n 'adoptPartition requires an extracted-partition bundle with a transfer seal. '\n + 'For ordinary backups use readNoydbBundle + vault.load.',\n )\n }\n\n const { dumpJson } = await readNoydbBundle(bundleBytes)\n const { dump, seal } = parseExtractedPartitionBody(dumpJson)\n\n // Validate the transfer key by unsealing in memory; throws\n // TransferSealError on mismatch. DEKs are discarded here — they stay\n // sealed at rest (in _meta/adoption) until owner-creation wraps them under the\n // recipient's KEK.\n await unsealDeks(seal, transferKey)\n\n // Single-occupancy per vaultName: an `_meta/adoption` marker already present\n // means this slot holds a partition (adopted-and-unowned, or already owned).\n // saveAll below would overwrite its data and replace the marker, stranding the\n // prior adoption's transfer seal. Refuse regardless of sealId — re-adopting the\n // SAME bundle is a redundant call, and adopting a DIFFERENT bundle here would\n // clobber the existing partition. Either way, pick a fresh vaultName.\n const existing = await destinationStore.get(vaultName, '_meta', 'adoption')\n if (existing) {\n const prior = JSON.parse(existing._data) as { sealId?: string }\n if (prior.sealId === seal.sealId) {\n throw new AdoptionStateError(\n `partition (sealId ${seal.sealId}) is already adopted into vault \"${vaultName}\".`,\n )\n }\n throw new AdoptionStateError(\n `vault \"${vaultName}\" already holds an adopted partition (sealId ${prior.sealId}); `\n + `adopting a different partition (sealId ${seal.sealId}) here would overwrite it. `\n + `Adopt into a fresh vaultName instead.`,\n )\n }\n\n // The marker-only check above misses a worse case: a vaultName already in use\n // by an ORDINARY vault (createNoydb + openVault) carries no `_meta/adoption`,\n // yet `saveAll` below is destructive on SQL adapters (`DELETE FROM ... WHERE\n // vault = ?` followed by upsert) and would wipe the legitimate keyring +\n // data. Refuse adoption into ANY occupied slot — a fresh vaultName is the\n // documented precondition.\n const existingKeyring = await destinationStore.list(vaultName, '_keyring')\n if (existingKeyring.length > 0) {\n throw new AdoptionStateError(\n `vault \"${vaultName}\" already holds a keyring (an unrelated owner exists at this slot); `\n + `adoptPartition requires a fresh vaultName to avoid destructive saveAll on SQL adapters.`,\n )\n }\n\n const backup = JSON.parse(dump) as { collections: VaultSnapshot; _internal?: VaultSnapshot }\n await destinationStore.saveAll(vaultName, backup.collections)\n\n // Import carried internal collections (e.g. _schemas from carrySchemas).\n // saveAll only writes data collections; _internal is written per-record.\n if (backup._internal) {\n for (const [collection, records] of Object.entries(backup._internal)) {\n for (const [id, envelope] of Object.entries(records)) {\n await destinationStore.put(vaultName, collection, id, envelope)\n }\n }\n }\n\n const adoptedAt = new Date().toISOString()\n const adoption = { sealId: seal.sealId, adoptedAt, needsOwner: true as const, transferSeal: seal }\n await destinationStore.put(vaultName, '_meta', 'adoption', {\n _noydb: 1, _v: 1, _ts: adoptedAt, _iv: '', _data: JSON.stringify(adoption),\n })\n\n return { vaultName, needsOwner: true, sealId: seal.sealId }\n}\n\nexport interface CreateOwnerResult {\n readonly vaultName: string\n readonly userId: string\n}\n\n/** Standard-mode owner: recipient supplies the passphrase. */\nexport interface CreateOwnerStandardOptions {\n readonly userId: string\n readonly passphrase: string\n readonly transferKey: Uint8Array\n}\n\n/**\n * Managed-mode owner: the passphrase is minted + sealed under\n * a `SealingKeyProvider` (e.g. an `at-*` OS keychain) so the partition\n * auto-unlocks on the recipient's device. Managed mode mandates a strong\n * (Shamir) recovery profile at creation, which needs the\n * `shamirRecovery` provider injected.\n */\nexport interface CreateOwnerManagedOptions {\n readonly userId: string\n readonly passphraseMode: 'managed'\n readonly sealingKey: SealingKeyProvider\n readonly recovery: ReadonlyArray<RecoveryEnrollmentInput>\n readonly shamirRecovery: ShamirRecoveryProvider\n readonly transferKey: Uint8Array\n}\n\nexport type CreateOwnerOptions = CreateOwnerStandardOptions | CreateOwnerManagedOptions\n\nfunction isManaged(o: CreateOwnerOptions): o is CreateOwnerManagedOptions {\n return 'passphraseMode' in o && o.passphraseMode === 'managed'\n}\n\n/**\n * Mint the first owner keyring on an adopted-but-unowned partition,\n * then destroy the transfer seal.\n *\n * Standard mode: the recipient supplies a passphrase. Managed mode: the\n * passphrase is minted + sealed under a `SealingKeyProvider` and a strong\n * (Shamir) recovery profile is enrolled — orchestrated via the existing\n * `openVaultAndEnrollRecovery` ceremony.\n *\n * Either way, reuses `createOwnerKeyring` to derive the KEK + write the base\n * keyring, then wraps the partition's DEKs (recovered from the seal) under that\n * KEK and re-persists the merged keyring file.\n *\n * Idempotent under retry: the seal is destroyed LAST (Stage D), after the\n * keyring (Stage A), the ledger transition (Stage B), and — in managed mode —\n * strong-recovery enrollment (Stage C). A failure in the fallible enrollment\n * step leaves the seal intact, and re-running with the same `userId` +\n * `transferKey` resumes from the first incomplete stage. (Multi-profile recovery\n * arrays may re-enroll an already-enrolled profile on retry; managed mode's\n * mandated single Shamir profile does not.)\n */\nexport async function createOwnerOnAdoptedPartition(\n store: NoydbStore,\n vaultName: string,\n opts: CreateOwnerOptions,\n): Promise<CreateOwnerResult> {\n const { userId, transferKey } = opts\n\n // Managed mode requires a strong (Shamir) recovery profile, validated BEFORE\n // any disk write — same gate as createNoydb.\n if (isManaged(opts) && !opts.recovery.some((r) => r.profile === 'shamir')) {\n throw new AdoptionStateError(\n 'managed-mode adoption requires at least one strong (shamir) recovery profile in '\n + '`recovery` — paper alone is not strong when there is no user passphrase to fall back on.',\n )\n }\n\n // 1. Verify adopted-unowned state.\n const adoptionEnv = await store.get(vaultName, '_meta', 'adoption')\n if (!adoptionEnv) {\n throw new AdoptionStateError(\n `vault \"${vaultName}\" is not an adopted partition (no _meta/adoption). `\n + `createOwnerOnAdoptedPartition only applies to vaults created via adoptPartition.`,\n )\n }\n const adoption = JSON.parse(adoptionEnv._data) as {\n sealId: string; adoptedAt: string; needsOwner?: boolean\n consumedAt?: string; transferSeal?: TransferSealPayload\n }\n if (adoption.consumedAt !== undefined || adoption.transferSeal === undefined) {\n throw new AdoptionStateError(\n `vault \"${vaultName}\" already has an owner (transfer seal consumed at ${adoption.consumedAt}).`,\n )\n }\n\n // 2. Recover the partition DEKs from the seal (throws on wrong key) BEFORE\n // writing any keyring, so a bad transfer key leaves no trace. Always\n // validated, including when resuming a partial prior call.\n const partitionDeks = await unsealDeks(adoption.transferSeal, transferKey)\n\n // The ceremony below is split into stages so a failure in the fallible\n // managed-enrollment step (network/provider outage) leaves the call RETRYABLE\n // — the seal is destroyed only once everything durable is in place. Each stage\n // detects its own prior completion rather than relying on a single resume bit.\n\n // A keyring present for a DIFFERENT user (with the seal still unconsumed) is a\n // genuine second-owner attempt — refuse it. A same-user keyring is a resumed\n // partial call and is handled by the stage checks below.\n const existingKeyring = await store.get(vaultName, '_keyring', userId)\n const otherOwners = (await store.list(vaultName, '_keyring')).filter((u) => u !== userId)\n if (otherOwners.length > 0) {\n throw new AdoptionStateError(\n `vault \"${vaultName}\" already has a keyring for a different owner; cannot create owner \"${userId}\".`,\n )\n }\n\n // Stage A — mint the owner keyring + merge the partition DEKs. Considered done\n // only when the keyring already holds every partition DEK. createOwnerKeyring\n // overwrites (fresh KEK + fresh _users DEK), so re-running is safe ONLY while\n // no recovery has been enrolled yet — guaranteed here because enrollment\n // (Stage C) runs strictly after Stage A completes.\n const partitionCollections = [...partitionDeks.keys()]\n const priorDeks = existingKeyring ? (JSON.parse(existingKeyring._data) as KeyringFile).deks : {}\n const ownerMinted = existingKeyring !== null && partitionCollections.every((c) => c in priorDeks)\n if (!ownerMinted) {\n // Resolve the owner passphrase. Managed mode mints a random passphrase, seals\n // it under the provider, and persists _meta/sealed-passphrase (so the\n // partition auto-unlocks on the recipient's device); standard mode uses the\n // caller's passphrase. Idempotent under retry — resolveManagedSecret's reopen\n // arm reuses an already-sealed passphrase.\n const passphrase = isManaged(opts)\n ? await resolveManagedSecret(store, vaultName, opts.sealingKey)\n : opts.passphrase\n\n // Mint the owner keyring (KEK + _users DEK + canary, written to disk).\n const unlocked = await createOwnerKeyring(store, vaultName, userId, passphrase)\n\n // Merge the partition DEKs (wrapped under the new KEK) into the keyring.\n const env = await store.get(vaultName, '_keyring', userId)\n if (!env) throw new AdoptionStateError(`keyring write for \"${userId}\" did not persist`)\n const keyringFile = JSON.parse(env._data) as KeyringFile\n const kek = unlocked.kek\n if (!kek) throw new AdoptionStateError(`owner keyring for \"${userId}\" has no KEK to wrap partition DEKs under`)\n const mergedDeks: Record<string, string> = { ...keyringFile.deks }\n for (const [collection, dek] of partitionDeks) {\n mergedDeks[collection] = await wrapKey(dek, kek)\n }\n const mergedFile: KeyringFile = { ...keyringFile, deks: mergedDeks }\n await store.put(vaultName, '_keyring', userId, { ...env, _data: JSON.stringify(mergedFile) })\n }\n\n // Stage B — record the ownership transition on the carried\n // audit chain (carryLedger sealed the _ledger DEK). No-op without that DEK.\n // Idempotent: appended only if the closing `transfer-seal-consumed` entry is\n // absent, so a retry does not duplicate the pair.\n const ledgerDek = partitionDeks.get(LEDGER_COLLECTION)\n if (ledgerDek) {\n const ledger = new LedgerStore({\n adapter: store,\n vault: vaultName,\n encrypted: true,\n getDEK: async () => ledgerDek,\n actor: userId,\n })\n const creationReason = `creation-of-new-owner:${userId}`\n const consumedReason = `transfer-seal-consumed:${adoption.sealId}`\n // Gate each append on its own presence — a crash or store error strictly\n // between the two adjacent puts would otherwise re-append the first one\n // on retry. The pair is the audit record, not a single transaction.\n const recordedReasons = new Set((await ledger.loadAllEntries()).map((e) => e.reason))\n if (!recordedReasons.has(creationReason)) {\n await ledger.append({ op: 'lifecycle', collection: '', id: '', version: 0, actor: '', payloadHash: '', reason: creationReason })\n }\n if (!recordedReasons.has(consumedReason)) {\n await ledger.append({ op: 'lifecycle', collection: '', id: '', version: 0, actor: '', payloadHash: '', reason: consumedReason })\n }\n }\n\n // Stage C — Managed mode: enroll the mandatory strong recovery\n // by orchestrating the existing public ceremony. The partition is\n // now a managed-mode vault on disk (sealed passphrase + keyring), so we\n // open it as a normal client and let openVaultAndEnrollRecovery do the\n // gate-bypass + enroll + re-assert. Dynamic import keeps the Noydb class\n // out of the @noy-db/hub/bundle static graph. Runs BEFORE seal destruction\n // so a failure here leaves the seal intact and the call retryable.\n if (isManaged(opts)) {\n const { createNoydb } = await import('../noydb.js')\n const db = await createNoydb({\n store,\n user: userId,\n passphraseMode: 'managed',\n sealingKey: opts.sealingKey,\n shamirRecovery: opts.shamirRecovery,\n })\n await db.openVaultAndEnrollRecovery(vaultName, { recovery: opts.recovery })\n }\n\n // Stage D — Destroy the transfer seal LAST — the commit point. Everything\n // above is either idempotent or resumable, so the seal is only consumed\n // once the owner keyring (and, in managed mode, strong recovery) is\n // durably in place. Retain sealId + consumedAt for audit.\n const consumed = { sealId: adoption.sealId, adoptedAt: adoption.adoptedAt, consumedAt: new Date().toISOString() }\n await store.put(vaultName, '_meta', 'adoption', { ...adoptionEnv, _data: JSON.stringify(consumed) })\n\n return { vaultName, userId }\n}\n","/**\n * Read-side counterpart to `extractPartition`: decrypt an\n * extracted-partition bundle's records to plaintext using its transfer\n * key, WITHOUT adopting it into a vault. Used by an outward\n * orchestration layer's reconcile/merge and field-authority flows to\n * compare incoming records against a receiver. The transfer key validates the bundle\n * (wrong key throws).\n * @module\n */\nimport type { EncryptedEnvelope } from '../types.js'\nimport { decrypt } from '../crypto.js'\nimport { unwrapCek } from '../record-keys/index.js'\nimport { readNoydbBundleHeader, readNoydbBundle, parseExtractedPartitionBody } from './bundle.js'\nimport { unsealDeks } from './adopt-partition.js'\n\n/** One decrypted record from an extracted-partition compartment. */\nexport interface DecryptedRecord {\n readonly id: string\n readonly record: Record<string, unknown>\n /** Source envelope write timestamp (ISO) — for last-write-wins merges. */\n readonly ts: string\n /** Source envelope version. */\n readonly version: number\n /** Provenance source id (FR-5). Present only when the source collection had provenance:true and a source was supplied on put. */\n readonly source?: string\n /** ISO-8601 timestamp the provenance source was recorded (FR-5). */\n readonly sourceTs?: string\n}\n\n/**\n * Decrypt every record of an extracted-partition bundle to plaintext,\n * grouped by collection. Throws if the bundle isn't an\n * extracted-partition or the transfer key is wrong.\n */\nexport async function decryptExtractedPartition(\n bundleBytes: Uint8Array,\n transferKey: Uint8Array,\n): Promise<Record<string, DecryptedRecord[]>> {\n const header = readNoydbBundleHeader(bundleBytes)\n if (header.bundleKind !== 'extracted-partition' || header.transferSeal === undefined) {\n throw new Error('decryptExtractedPartition: bundle is not an extracted-partition.')\n }\n const { dumpJson } = await readNoydbBundle(bundleBytes)\n const { dump, seal } = parseExtractedPartitionBody(dumpJson)\n const deks = await unsealDeks(seal, transferKey) // throws TransferSealError on wrong key\n const backup = JSON.parse(dump) as { collections: Record<string, Record<string, EncryptedEnvelope>> }\n const out: Record<string, DecryptedRecord[]> = {}\n for (const [collection, byId] of Object.entries(backup.collections)) {\n const dek = deks.get(collection)\n if (dek === undefined) continue // no DEK sealed for this collection — skip\n const recs: DecryptedRecord[] = []\n for (const [id, env] of Object.entries(byId)) {\n const plaintext = env._cek !== undefined\n ? await decrypt(env._iv, env._data, await unwrapCek(env._cek, dek))\n : await decrypt(env._iv, env._data, dek)\n const body = JSON.parse(plaintext) as Record<string, unknown>\n recs.push({\n id,\n record: { ...body, id },\n ts: env._ts,\n version: env._v,\n ...(env._source !== undefined ? { source: env._source } : {}),\n ...(env._sourceTs !== undefined ? { sourceTs: env._sourceTs } : {}),\n })\n }\n out[collection] = recs\n }\n return out\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,eAAsB,WACpB,MACA,aACiC;AACjC,MAAI,YAAY,eAAe,IAAI;AACjC,UAAM,IAAI;AAAA,MACR,sCAAsC,YAAY,UAAU;AAAA,IAC9D;AAAA,EACF;AACA,QAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,aAA6B,WAAW,OAAO,CAAC,SAAS,CAAC;AAC3G,QAAM,MAAM,eAAe,KAAK,OAAO;AACvC,MAAI;AACJ,MAAI;AACF,gBAAY,MAAM,OAAO,OAAO;AAAA,MAC9B,EAAE,MAAM,WAAW,IAAI,IAAI,MAAM,GAAG,EAAE,EAAkB;AAAA,MACxD;AAAA,MACA,IAAI,MAAM,EAAE;AAAA,IACd;AAAA,EACF,QAAQ;AACN,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI,YAAY,EAAE,OAAO,SAAS,CAAC;AAAA,EACzD,QAAQ;AACN,UAAM,IAAI,kBAAkB,2DAA2D;AAAA,EACzF;AACA,QAAM,OAAO,oBAAI,IAAuB;AACxC,aAAW,CAAC,YAAY,GAAG,KAAK,OAAO,QAAQ,MAAM,GAAG;AAGtD,UAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,eAAe,GAAG,GAAmB,WAAW,MAAM,CAAC,WAAW,SAAS,CAAC;AAC7H,SAAK,IAAI,YAAY,GAAG;AAAA,EAC1B;AACA,SAAO;AACT;AAcA,eAAsB,eACpB,aACA,MAC+B;AAC/B,QAAM,EAAE,aAAa,kBAAkB,UAAU,IAAI;AAErD,QAAM,SAAS,sBAAsB,WAAW;AAChD,MAAI,OAAO,eAAe,yBAAyB,OAAO,iBAAiB,QAAW;AACpF,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,EAAE,SAAS,IAAI,MAAM,gBAAgB,WAAW;AACtD,QAAM,EAAE,MAAM,KAAK,IAAI,4BAA4B,QAAQ;AAM3D,QAAM,WAAW,MAAM,WAAW;AAQlC,QAAM,WAAW,MAAM,iBAAiB,IAAI,WAAW,SAAS,UAAU;AAC1E,MAAI,UAAU;AACZ,UAAM,QAAQ,KAAK,MAAM,SAAS,KAAK;AACvC,QAAI,MAAM,WAAW,KAAK,QAAQ;AAChC,YAAM,IAAI;AAAA,QACR,qBAAqB,KAAK,MAAM,oCAAoC,SAAS;AAAA,MAC/E;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR,UAAU,SAAS,gDAAgD,MAAM,MAAM,6CACnC,KAAK,MAAM;AAAA,IAEzD;AAAA,EACF;AAQA,QAAM,kBAAkB,MAAM,iBAAiB,KAAK,WAAW,UAAU;AACzE,MAAI,gBAAgB,SAAS,GAAG;AAC9B,UAAM,IAAI;AAAA,MACR,UAAU,SAAS;AAAA,IAErB;AAAA,EACF;AAEA,QAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,QAAM,iBAAiB,QAAQ,WAAW,OAAO,WAAW;AAI5D,MAAI,OAAO,WAAW;AACpB,eAAW,CAAC,YAAY,OAAO,KAAK,OAAO,QAAQ,OAAO,SAAS,GAAG;AACpE,iBAAW,CAAC,IAAI,QAAQ,KAAK,OAAO,QAAQ,OAAO,GAAG;AACpD,cAAM,iBAAiB,IAAI,WAAW,YAAY,IAAI,QAAQ;AAAA,MAChE;AAAA,IACF;AAAA,EACF;AAEA,QAAM,aAAY,oBAAI,KAAK,GAAE,YAAY;AACzC,QAAM,WAAW,EAAE,QAAQ,KAAK,QAAQ,WAAW,YAAY,MAAe,cAAc,KAAK;AACjG,QAAM,iBAAiB,IAAI,WAAW,SAAS,YAAY;AAAA,IACzD,QAAQ;AAAA,IAAG,IAAI;AAAA,IAAG,KAAK;AAAA,IAAW,KAAK;AAAA,IAAI,OAAO,KAAK,UAAU,QAAQ;AAAA,EAC3E,CAAC;AAED,SAAO,EAAE,WAAW,YAAY,MAAM,QAAQ,KAAK,OAAO;AAC5D;AAgCA,SAAS,UAAU,GAAuD;AACxE,SAAO,oBAAoB,KAAK,EAAE,mBAAmB;AACvD;AAuBA,eAAsB,8BACpB,OACA,WACA,MAC4B;AAC5B,QAAM,EAAE,QAAQ,YAAY,IAAI;AAIhC,MAAI,UAAU,IAAI,KAAK,CAAC,KAAK,SAAS,KAAK,CAAC,MAAM,EAAE,YAAY,QAAQ,GAAG;AACzE,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAGA,QAAM,cAAc,MAAM,MAAM,IAAI,WAAW,SAAS,UAAU;AAClE,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI;AAAA,MACR,UAAU,SAAS;AAAA,IAErB;AAAA,EACF;AACA,QAAM,WAAW,KAAK,MAAM,YAAY,KAAK;AAI7C,MAAI,SAAS,eAAe,UAAa,SAAS,iBAAiB,QAAW;AAC5E,UAAM,IAAI;AAAA,MACR,UAAU,SAAS,qDAAqD,SAAS,UAAU;AAAA,IAC7F;AAAA,EACF;AAKA,QAAM,gBAAgB,MAAM,WAAW,SAAS,cAAc,WAAW;AAUzE,QAAM,kBAAkB,MAAM,MAAM,IAAI,WAAW,YAAY,MAAM;AACrE,QAAM,eAAe,MAAM,MAAM,KAAK,WAAW,UAAU,GAAG,OAAO,CAAC,MAAM,MAAM,MAAM;AACxF,MAAI,YAAY,SAAS,GAAG;AAC1B,UAAM,IAAI;AAAA,MACR,UAAU,SAAS,uEAAuE,MAAM;AAAA,IAClG;AAAA,EACF;AAOA,QAAM,uBAAuB,CAAC,GAAG,cAAc,KAAK,CAAC;AACrD,QAAM,YAAY,kBAAmB,KAAK,MAAM,gBAAgB,KAAK,EAAkB,OAAO,CAAC;AAC/F,QAAM,cAAc,oBAAoB,QAAQ,qBAAqB,MAAM,CAAC,MAAM,KAAK,SAAS;AAChG,MAAI,CAAC,aAAa;AAMhB,UAAM,aAAa,UAAU,IAAI,IAC7B,MAAM,qBAAqB,OAAO,WAAW,KAAK,UAAU,IAC5D,KAAK;AAGT,UAAM,WAAW,MAAM,mBAAmB,OAAO,WAAW,QAAQ,UAAU;AAG9E,UAAM,MAAM,MAAM,MAAM,IAAI,WAAW,YAAY,MAAM;AACzD,QAAI,CAAC,IAAK,OAAM,IAAI,mBAAmB,sBAAsB,MAAM,mBAAmB;AACtF,UAAM,cAAc,KAAK,MAAM,IAAI,KAAK;AACxC,UAAM,MAAM,SAAS;AACrB,QAAI,CAAC,IAAK,OAAM,IAAI,mBAAmB,sBAAsB,MAAM,2CAA2C;AAC9G,UAAM,aAAqC,EAAE,GAAG,YAAY,KAAK;AACjE,eAAW,CAAC,YAAY,GAAG,KAAK,eAAe;AAC7C,iBAAW,UAAU,IAAI,MAAM,QAAQ,KAAK,GAAG;AAAA,IACjD;AACA,UAAM,aAA0B,EAAE,GAAG,aAAa,MAAM,WAAW;AACnE,UAAM,MAAM,IAAI,WAAW,YAAY,QAAQ,EAAE,GAAG,KAAK,OAAO,KAAK,UAAU,UAAU,EAAE,CAAC;AAAA,EAC9F;AAMA,QAAM,YAAY,cAAc,IAAI,iBAAiB;AACrD,MAAI,WAAW;AACb,UAAM,SAAS,IAAI,YAAY;AAAA,MAC7B,SAAS;AAAA,MACT,OAAO;AAAA,MACP,WAAW;AAAA,MACX,QAAQ,YAAY;AAAA,MACpB,OAAO;AAAA,IACT,CAAC;AACD,UAAM,iBAAiB,yBAAyB,MAAM;AACtD,UAAM,iBAAiB,0BAA0B,SAAS,MAAM;AAIhE,UAAM,kBAAkB,IAAI,KAAK,MAAM,OAAO,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC;AACpF,QAAI,CAAC,gBAAgB,IAAI,cAAc,GAAG;AACxC,YAAM,OAAO,OAAO,EAAE,IAAI,aAAa,YAAY,IAAI,IAAI,IAAI,SAAS,GAAG,OAAO,IAAI,aAAa,IAAI,QAAQ,eAAe,CAAC;AAAA,IACjI;AACA,QAAI,CAAC,gBAAgB,IAAI,cAAc,GAAG;AACxC,YAAM,OAAO,OAAO,EAAE,IAAI,aAAa,YAAY,IAAI,IAAI,IAAI,SAAS,GAAG,OAAO,IAAI,aAAa,IAAI,QAAQ,eAAe,CAAC;AAAA,IACjI;AAAA,EACF;AASA,MAAI,UAAU,IAAI,GAAG;AACnB,UAAM,EAAE,YAAY,IAAI,MAAM,OAAO,qBAAa;AAClD,UAAM,KAAK,MAAM,YAAY;AAAA,MAC3B;AAAA,MACA,MAAM;AAAA,MACN,gBAAgB;AAAA,MAChB,YAAY,KAAK;AAAA,MACjB,gBAAgB,KAAK;AAAA,IACvB,CAAC;AACD,UAAM,GAAG,2BAA2B,WAAW,EAAE,UAAU,KAAK,SAAS,CAAC;AAAA,EAC5E;AAMA,QAAM,WAAW,EAAE,QAAQ,SAAS,QAAQ,WAAW,SAAS,WAAW,aAAY,oBAAI,KAAK,GAAE,YAAY,EAAE;AAChH,QAAM,MAAM,IAAI,WAAW,SAAS,YAAY,EAAE,GAAG,aAAa,OAAO,KAAK,UAAU,QAAQ,EAAE,CAAC;AAEnG,SAAO,EAAE,WAAW,OAAO;AAC7B;;;ACpUA,eAAsB,0BACpB,aACA,aAC4C;AAC5C,QAAM,SAAS,sBAAsB,WAAW;AAChD,MAAI,OAAO,eAAe,yBAAyB,OAAO,iBAAiB,QAAW;AACpF,UAAM,IAAI,MAAM,kEAAkE;AAAA,EACpF;AACA,QAAM,EAAE,SAAS,IAAI,MAAM,gBAAgB,WAAW;AACtD,QAAM,EAAE,MAAM,KAAK,IAAI,4BAA4B,QAAQ;AAC3D,QAAM,OAAO,MAAM,WAAW,MAAM,WAAW;AAC/C,QAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,QAAM,MAAyC,CAAC;AAChD,aAAW,CAAC,YAAY,IAAI,KAAK,OAAO,QAAQ,OAAO,WAAW,GAAG;AACnE,UAAM,MAAM,KAAK,IAAI,UAAU;AAC/B,QAAI,QAAQ,OAAW;AACvB,UAAM,OAA0B,CAAC;AACjC,eAAW,CAAC,IAAI,GAAG,KAAK,OAAO,QAAQ,IAAI,GAAG;AAC5C,YAAM,YAAY,IAAI,SAAS,SAC3B,MAAM,QAAQ,IAAI,KAAK,IAAI,OAAO,MAAM,UAAU,IAAI,MAAM,GAAG,CAAC,IAChE,MAAM,QAAQ,IAAI,KAAK,IAAI,OAAO,GAAG;AACzC,YAAM,OAAO,KAAK,MAAM,SAAS;AACjC,WAAK,KAAK;AAAA,QACR;AAAA,QACA,QAAQ,EAAE,GAAG,MAAM,GAAG;AAAA,QACtB,IAAI,IAAI;AAAA,QACR,SAAS,IAAI;AAAA,QACb,GAAI,IAAI,YAAY,SAAY,EAAE,QAAQ,IAAI,QAAQ,IAAI,CAAC;AAAA,QAC3D,GAAI,IAAI,cAAc,SAAY,EAAE,UAAU,IAAI,UAAU,IAAI,CAAC;AAAA,MACnE,CAAC;AAAA,IACH;AACA,QAAI,UAAU,IAAI;AAAA,EACpB;AACA,SAAO;AACT;","names":[]}

package/dist/{chunk-IHAISFXP.js → chunk-SKYBEGHB.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/derivations/with-derivation.ts
 function withDerivation(spec) {
@@ -126,4 +126,4 @@ export {
   withDerivation,
   withRollup
 };
-//# sourceMappingURL=chunk-IHAISFXP.js.map
+//# sourceMappingURL=chunk-SKYBEGHB.js.map

package/dist/{chunk-SOQE5DUV.js → chunk-TESFHBOW.js} RENAMED Viewed

@@ -4,13 +4,13 @@ import {
 import {
   base64ToBuffer,
   bufferToBase64
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   SessionExpiredError,
   SessionNotFoundError,
   SessionPolicyError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/session/session.ts
 var subtle = globalThis.crypto.subtle;
@@ -364,4 +364,4 @@ export {
   clearDevUnlock,
   isDevUnlockActive
 };
-//# sourceMappingURL=chunk-SOQE5DUV.js.map
+//# sourceMappingURL=chunk-TESFHBOW.js.map

package/dist/{chunk-35U5YNRR.js → chunk-TSUICI5N.js} RENAMED Viewed

@@ -4,7 +4,7 @@ import {
 import {
   decrypt,
   encrypt
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 // src/forget/strategy.ts
 var NO_FORGET = { subjects: {} };
@@ -122,4 +122,4 @@ export {
   coerceSubjectId,
   readDottedPath
 };
-//# sourceMappingURL=chunk-35U5YNRR.js.map
+//# sourceMappingURL=chunk-TSUICI5N.js.map

package/dist/{chunk-B5CSNGSE.js → chunk-UNBX2HMA.js} RENAMED Viewed

@@ -12,7 +12,7 @@ import {
   generateSalt,
   unwrapKey,
   wrapKey
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   ConflictError,
   DirectoryDisabledError,
@@ -24,7 +24,7 @@ import {
   PermissionDeniedError,
   PrivilegeEscalationError,
   ValidationError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/directory/storage.ts
 var META_COLLECTION = "_meta";
@@ -902,4 +902,4 @@ export {
   hasImportCapability,
   evaluateImportCapability
 };
-//# sourceMappingURL=chunk-B5CSNGSE.js.map
+//# sourceMappingURL=chunk-UNBX2HMA.js.map

package/dist/{chunk-C472BRJ4.js → chunk-VGAN5RLD.js} RENAMED Viewed

@@ -3,10 +3,10 @@ import {
 } from "./chunk-LR7CODVN.js";
 import {
   decrypt
-} from "./chunk-WQ3KAGOV.js";
+} from "./chunk-7JSP3E67.js";
 import {
   ReadOnlyAtInstantError
-} from "./chunk-4BB4T3O7.js";
+} from "./chunk-DDOYOMAD.js";
 // src/history/history.ts
 var HISTORY_COLLECTION = "_history";
@@ -335,4 +335,4 @@ export {
   diff,
   formatDiff
 };
-//# sourceMappingURL=chunk-C472BRJ4.js.map
+//# sourceMappingURL=chunk-VGAN5RLD.js.map