@noy-db/hub 0.2.0-pre.3 → 0.2.0-pre.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (384) hide show
  1. package/README.md +126 -0
  2. package/dist/adapter/index.d.ts +9 -0
  3. package/dist/adapter/index.js +14 -0
  4. package/dist/aggregate/index.d.ts +3 -2
  5. package/dist/aggregate/index.js +10 -8
  6. package/dist/aggregate/index.js.map +1 -1
  7. package/dist/attestation/index.d.ts +7 -5
  8. package/dist/attestation/index.js +7 -6
  9. package/dist/attestation/index.js.map +1 -1
  10. package/dist/blobs/index.d.ts +9 -7
  11. package/dist/blobs/index.js +12 -6
  12. package/dist/blobs/index.js.map +1 -1
  13. package/dist/bundle/index.d.ts +29 -18
  14. package/dist/bundle/index.js +53 -192
  15. package/dist/bundle/index.js.map +1 -1
  16. package/dist/{chunk-75QDHSE4.js → chunk-2QDWRK3B.js} +5 -5
  17. package/dist/{chunk-74JEQFMT.js → chunk-2UT7HJJR.js} +5 -5
  18. package/dist/chunk-2UT7HJJR.js.map +1 -0
  19. package/dist/{chunk-FCDO7UAO.js → chunk-2ZYIN3BL.js} +2 -2
  20. package/dist/{chunk-BFI3RS42.js → chunk-33EQCZXE.js} +2 -2
  21. package/dist/chunk-33EQCZXE.js.map +1 -0
  22. package/dist/{chunk-WRLHNG6H.js → chunk-4K4QKYK4.js} +4 -4
  23. package/dist/chunk-4K4QKYK4.js.map +1 -0
  24. package/dist/{chunk-HGZ7DC5H.js → chunk-4L6N56B4.js} +2 -2
  25. package/dist/chunk-4L6N56B4.js.map +1 -0
  26. package/dist/{chunk-YMYK7US4.js → chunk-4YD7VZH4.js} +2 -2
  27. package/dist/chunk-4YD7VZH4.js.map +1 -0
  28. package/dist/{chunk-ZUMGGHRB.js → chunk-5PTX7PKD.js} +4 -4
  29. package/dist/{chunk-QAU5HM6Q.js → chunk-6EKRQ7QF.js} +3 -3
  30. package/dist/{chunk-ZC2AAE6J.js → chunk-7GPQPLGO.js} +19 -4
  31. package/dist/chunk-7GPQPLGO.js.map +1 -0
  32. package/dist/{chunk-EPK6A3WJ.js → chunk-A3JMGXPG.js} +2 -2
  33. package/dist/chunk-A3JMGXPG.js.map +1 -0
  34. package/dist/{chunk-FXQYZNOW.js → chunk-A7DNZVAV.js} +1 -1
  35. package/dist/chunk-A7DNZVAV.js.map +1 -0
  36. package/dist/{chunk-UMLVJTYV.js → chunk-ADB7GPM3.js} +7 -4
  37. package/dist/chunk-ADB7GPM3.js.map +1 -0
  38. package/dist/{chunk-YL2DR3HY.js → chunk-ASIGWYRA.js} +2 -2
  39. package/dist/chunk-ASIGWYRA.js.map +1 -0
  40. package/dist/{chunk-2EYC3WDT.js → chunk-AWU4JF7C.js} +93 -93
  41. package/dist/chunk-AWU4JF7C.js.map +1 -0
  42. package/dist/chunk-BEZ2EV43.js +129 -0
  43. package/dist/chunk-BEZ2EV43.js.map +1 -0
  44. package/dist/{chunk-IS5HWQO7.js → chunk-CIZDUAHI.js} +30 -4
  45. package/dist/chunk-CIZDUAHI.js.map +1 -0
  46. package/dist/{chunk-4OQWR46B.js → chunk-CUPTCF4R.js} +5 -5
  47. package/dist/chunk-CUPTCF4R.js.map +1 -0
  48. package/dist/{chunk-5ZGZ6HIZ.js → chunk-DEE4CRYN.js} +30 -7
  49. package/dist/chunk-DEE4CRYN.js.map +1 -0
  50. package/dist/{chunk-UOF74WQY.js → chunk-E2MDPPOC.js} +37 -2
  51. package/dist/chunk-E2MDPPOC.js.map +1 -0
  52. package/dist/{chunk-SAVQ6E2O.js → chunk-FFKQ65YX.js} +10 -3
  53. package/dist/chunk-FFKQ65YX.js.map +1 -0
  54. package/dist/{chunk-2XLVPKXG.js → chunk-G7ALNCQH.js} +10 -2
  55. package/dist/chunk-G7ALNCQH.js.map +1 -0
  56. package/dist/chunk-GGXN73NM.js +252 -0
  57. package/dist/chunk-GGXN73NM.js.map +1 -0
  58. package/dist/{chunk-UVPGJXVO.js → chunk-JOJPBZSZ.js} +5 -5
  59. package/dist/{chunk-YDLAFP36.js → chunk-JZ5DS4DP.js} +346 -3
  60. package/dist/chunk-JZ5DS4DP.js.map +1 -0
  61. package/dist/{chunk-KMI2NBBF.js → chunk-K4JID2ZE.js} +44 -8
  62. package/dist/chunk-K4JID2ZE.js.map +1 -0
  63. package/dist/{aggregate/index.cjs → chunk-K6NVSHAH.js} +241 -210
  64. package/dist/chunk-K6NVSHAH.js.map +1 -0
  65. package/dist/chunk-KJ3K5VZM.js +524 -0
  66. package/dist/chunk-KJ3K5VZM.js.map +1 -0
  67. package/dist/chunk-L5HHBOMS.js +232 -0
  68. package/dist/chunk-L5HHBOMS.js.map +1 -0
  69. package/dist/{chunk-YK72A4IT.js → chunk-LBILABKZ.js} +4 -4
  70. package/dist/chunk-LXKBG52H.js +151 -0
  71. package/dist/chunk-LXKBG52H.js.map +1 -0
  72. package/dist/{chunk-NGSPBLLE.js → chunk-MPIZQGFA.js} +50 -20
  73. package/dist/chunk-MPIZQGFA.js.map +1 -0
  74. package/dist/{chunk-4X2S7PBF.js → chunk-MRJPSXPE.js} +84 -70
  75. package/dist/chunk-MRJPSXPE.js.map +1 -0
  76. package/dist/{chunk-6S3LLAQ5.js → chunk-MSMDDDDJ.js} +3 -3
  77. package/dist/{chunk-6S3LLAQ5.js.map → chunk-MSMDDDDJ.js.map} +1 -1
  78. package/dist/{chunk-GAUBWHAF.js → chunk-OCYFFBZS.js} +4 -4
  79. package/dist/{chunk-NCO2JGKK.js → chunk-PDVP3C2I.js} +1 -1
  80. package/dist/chunk-PDVP3C2I.js.map +1 -0
  81. package/dist/chunk-PZ5AY32C.js +10 -0
  82. package/dist/{chunk-P6256WTJ.js → chunk-QBLPY44S.js} +3 -3
  83. package/dist/chunk-QBLPY44S.js.map +1 -0
  84. package/dist/{query/index.cjs → chunk-QGBBQKDS.js} +706 -831
  85. package/dist/chunk-QGBBQKDS.js.map +1 -0
  86. package/dist/{chunk-FS7A4XNF.js → chunk-QWJCNXH2.js} +3 -3
  87. package/dist/chunk-QXWJQ7UU.js +380 -0
  88. package/dist/chunk-QXWJQ7UU.js.map +1 -0
  89. package/dist/{chunk-GDTCGIPX.js → chunk-RCB6GWTC.js} +27 -5
  90. package/dist/chunk-RCB6GWTC.js.map +1 -0
  91. package/dist/{chunk-K5PVGKE4.js → chunk-SAAJYSVV.js} +2 -2
  92. package/dist/{chunk-G7PAZ3TD.js → chunk-SHJ3BRTZ.js} +46 -10
  93. package/dist/chunk-SHJ3BRTZ.js.map +1 -0
  94. package/dist/chunk-SQXTKZL7.js +125 -0
  95. package/dist/chunk-SQXTKZL7.js.map +1 -0
  96. package/dist/chunk-STNPB3UM.js +9 -0
  97. package/dist/chunk-STNPB3UM.js.map +1 -0
  98. package/dist/{chunk-NSLTPGEN.js → chunk-TMUMMAWV.js} +12 -2
  99. package/dist/{chunk-NSLTPGEN.js.map → chunk-TMUMMAWV.js.map} +1 -1
  100. package/dist/{chunk-LS3JLEIB.js → chunk-TZGWI5AX.js} +4 -4
  101. package/dist/{chunk-GD3BGKAR.js → chunk-UBF5JEOJ.js} +44 -5
  102. package/dist/chunk-UBF5JEOJ.js.map +1 -0
  103. package/dist/{chunk-T6HQMVML.js → chunk-W5NVNJDX.js} +5250 -801
  104. package/dist/chunk-W5NVNJDX.js.map +1 -0
  105. package/dist/chunk-XAYDHD2O.js +123 -0
  106. package/dist/chunk-XAYDHD2O.js.map +1 -0
  107. package/dist/{chunk-LOL725S4.js → chunk-XYW2CSCI.js} +31 -3
  108. package/dist/chunk-XYW2CSCI.js.map +1 -0
  109. package/dist/{chunk-TLFUDXVV.js → chunk-ZCMOS4H2.js} +31 -10
  110. package/dist/chunk-ZCMOS4H2.js.map +1 -0
  111. package/dist/{chunk-FBMXWVGP.js → chunk-ZK66B5EY.js} +450 -30
  112. package/dist/chunk-ZK66B5EY.js.map +1 -0
  113. package/dist/{chunk-GVXBHCZ2.js → chunk-ZPJSQPQH.js} +66 -7
  114. package/dist/chunk-ZPJSQPQH.js.map +1 -0
  115. package/dist/consent/index.d.ts +8 -6
  116. package/dist/consent/index.js +4 -3
  117. package/dist/consent/index.js.map +1 -1
  118. package/dist/crdt/index.js +1 -0
  119. package/dist/crdt/index.js.map +1 -1
  120. package/dist/{crypto-H2Y3DDFW.js → crypto-OSIV2IIW.js} +8 -3
  121. package/dist/{ulid-CiM2OAeM.d.ts → decrypt-partition-CXS5KopB.d.ts} +37 -82
  122. package/dist/{delegation-QSC7G5QC.js → delegation-BQTRJATI.js} +6 -5
  123. package/dist/derivations/index.d.ts +11 -9
  124. package/dist/derivations/index.js +9 -6
  125. package/dist/{dev-unlock-Cf2B7Kih.d.ts → dev-unlock-CnHTTVea.d.ts} +1 -1
  126. package/dist/discriminant-BN9REW3o.d.ts +60 -0
  127. package/dist/errors-BAWO5Z5a.d.ts +1500 -0
  128. package/dist/executor-KYSKFJ2R.js +9 -0
  129. package/dist/executor-M7W3NEKR.js +9 -0
  130. package/dist/executor-VDTDGWO6.js +13 -0
  131. package/dist/{fanout-sidecar-NRBWSLRK.js → fanout-sidecar-AZALISHB.js} +3 -2
  132. package/dist/fanout-sidecar-AZALISHB.js.map +1 -0
  133. package/dist/forget/index.d.ts +1 -0
  134. package/dist/forget/index.js +15 -0
  135. package/dist/guards/index.d.ts +16 -8
  136. package/dist/guards/index.js +12 -5
  137. package/dist/{hash-gVn_uKhp.d.ts → hash-oc5paYl0.d.ts} +1 -1
  138. package/dist/history/index.d.ts +9 -7
  139. package/dist/history/index.js +10 -7
  140. package/dist/history/index.js.map +1 -1
  141. package/dist/i18n/index.d.ts +8 -6
  142. package/dist/i18n/index.js +116 -15
  143. package/dist/i18n/index.js.map +1 -1
  144. package/dist/index-BMmajblo.d.ts +362 -0
  145. package/dist/index-BmhGztUi.d.ts +93 -0
  146. package/dist/{types-D9eB0Rvh.d.ts → index-DHn9lEP0.d.ts} +4305 -1523
  147. package/dist/{index-BF1B2HB9.d.ts → index-Ddm8D3Oo.d.ts} +186 -1151
  148. package/dist/index.d.ts +342 -70
  149. package/dist/index.js +420 -112
  150. package/dist/index.js.map +1 -1
  151. package/dist/indexing/index.d.ts +3 -3
  152. package/dist/indexing/index.js +5 -4
  153. package/dist/indexing/index.js.map +1 -1
  154. package/dist/issue-DPHRF2TI.js +13 -0
  155. package/dist/kernel/index.d.ts +11 -0
  156. package/dist/kernel/index.js +50 -0
  157. package/dist/{lazy-builder-Rpd-V3jP.d.ts → lazy-builder-ChSqcF5t.d.ts} +2 -2
  158. package/dist/{ledger-WOEJUYTP.js → ledger-CI7GSMLB.js} +7 -6
  159. package/dist/materialized-views/index.d.ts +23 -20
  160. package/dist/materialized-views/index.js +9 -7
  161. package/dist/mime-magic-JeLKHRng.d.ts +103 -0
  162. package/dist/noydb-NAU2DTFP.js +40 -0
  163. package/dist/overlay-views/index.d.ts +32 -12
  164. package/dist/overlay-views/index.js +7 -6
  165. package/dist/periods/index.d.ts +8 -6
  166. package/dist/periods/index.js +7 -6
  167. package/dist/{predicate-Dnu81tsS.d.cts → predicate-BmhBSPCH.d.ts} +87 -5
  168. package/dist/{public-envelope-OHQ5UZFM.js → public-envelope-MFMBFJLZ.js} +5 -4
  169. package/dist/query/index.d.ts +4 -3
  170. package/dist/query/index.js +14 -6
  171. package/dist/read-only-facade-3OQRZ3VS.js +8 -0
  172. package/dist/registry-IX5WKK4F.js +8 -0
  173. package/dist/registry-LMHO5265.js +11 -0
  174. package/dist/registry-TXCKWH26.js +9 -0
  175. package/dist/registry-VFEDQSYV.js +9 -0
  176. package/dist/revoke-5PUOZPJJ.js +18 -0
  177. package/dist/revoke-5PUOZPJJ.js.map +1 -0
  178. package/dist/sealed-record/index.d.ts +123 -0
  179. package/dist/sealed-record/index.js +43 -0
  180. package/dist/sealed-record/index.js.map +1 -0
  181. package/dist/session/index.d.ts +9 -7
  182. package/dist/session/index.js +4 -3
  183. package/dist/session/index.js.map +1 -1
  184. package/dist/shadow/index.d.ts +8 -6
  185. package/dist/shadow/index.js +3 -2
  186. package/dist/shadow/index.js.map +1 -1
  187. package/dist/{signer-M4K5HBLD.js → signer-UB5TQOZ6.js} +6 -5
  188. package/dist/signer-UB5TQOZ6.js.map +1 -0
  189. package/dist/snapshots/index.d.ts +30 -0
  190. package/dist/snapshots/index.js +153 -0
  191. package/dist/snapshots/index.js.map +1 -0
  192. package/dist/{stale-PAGCS4K5.js → stale-J3TUF5C5.js} +3 -2
  193. package/dist/stale-J3TUF5C5.js.map +1 -0
  194. package/dist/store/index.d.ts +15 -6
  195. package/dist/store/index.js +3 -2
  196. package/dist/{strategy-DSTrsZ8t.d.ts → strategy-8QGs5KQE.d.ts} +475 -7
  197. package/dist/sync/index.d.ts +7 -5
  198. package/dist/sync/index.js +5 -4
  199. package/dist/sync/index.js.map +1 -1
  200. package/dist/team/index.d.ts +8 -6
  201. package/dist/team/index.js +9 -8
  202. package/dist/transition-guard-Dy3NioQr.d.ts +165 -0
  203. package/dist/tx/index.d.ts +26 -8
  204. package/dist/tx/index.js +10 -5
  205. package/dist/tx/index.js.map +1 -1
  206. package/dist/ulid-DRH25k3y.d.ts +66 -0
  207. package/dist/{ulid-COREQ2RQ.js → ulid-KEPZMD2N.js} +2 -1
  208. package/dist/ulid-KEPZMD2N.js.map +1 -0
  209. package/dist/util/index.d.ts +2 -0
  210. package/dist/util/index.js +6 -1
  211. package/dist/util/index.js.map +1 -1
  212. package/dist/{with-materialized-view-qtoJ3xKJ.d.ts → with-materialized-view-DIVeez0W.d.ts} +2 -2
  213. package/dist/{with-overlayed-view-DFaRfgMr.d.ts → with-overlayed-view-DVZrc5Hb.d.ts} +2 -2
  214. package/dist/with-rollup-CbU-O4wP.d.ts +47 -0
  215. package/dist/zod-HAJM7LMS.js +14763 -0
  216. package/dist/zod-HAJM7LMS.js.map +1 -0
  217. package/package.json +73 -191
  218. package/dist/aggregate/index.cjs.map +0 -1
  219. package/dist/aggregate/index.d.cts +0 -38
  220. package/dist/attestation/index.cjs +0 -305
  221. package/dist/attestation/index.cjs.map +0 -1
  222. package/dist/attestation/index.d.cts +0 -52
  223. package/dist/blobs/index.cjs +0 -1480
  224. package/dist/blobs/index.cjs.map +0 -1
  225. package/dist/blobs/index.d.cts +0 -46
  226. package/dist/bundle/index.cjs +0 -18561
  227. package/dist/bundle/index.cjs.map +0 -1
  228. package/dist/bundle/index.d.cts +0 -176
  229. package/dist/chunk-2EYC3WDT.js.map +0 -1
  230. package/dist/chunk-2XLVPKXG.js.map +0 -1
  231. package/dist/chunk-4OQWR46B.js.map +0 -1
  232. package/dist/chunk-4UBOTYP5.js +0 -1367
  233. package/dist/chunk-4UBOTYP5.js.map +0 -1
  234. package/dist/chunk-4X2S7PBF.js.map +0 -1
  235. package/dist/chunk-5YHWBPOT.js +0 -19
  236. package/dist/chunk-5YHWBPOT.js.map +0 -1
  237. package/dist/chunk-5ZGZ6HIZ.js.map +0 -1
  238. package/dist/chunk-74JEQFMT.js.map +0 -1
  239. package/dist/chunk-A6SWRXUQ.js +0 -118
  240. package/dist/chunk-A6SWRXUQ.js.map +0 -1
  241. package/dist/chunk-BFI3RS42.js.map +0 -1
  242. package/dist/chunk-EMEX37ZN.js +0 -51
  243. package/dist/chunk-EMEX37ZN.js.map +0 -1
  244. package/dist/chunk-EPK6A3WJ.js.map +0 -1
  245. package/dist/chunk-FBMXWVGP.js.map +0 -1
  246. package/dist/chunk-FXQYZNOW.js.map +0 -1
  247. package/dist/chunk-G7PAZ3TD.js.map +0 -1
  248. package/dist/chunk-GD3BGKAR.js.map +0 -1
  249. package/dist/chunk-GDTCGIPX.js.map +0 -1
  250. package/dist/chunk-GVXBHCZ2.js.map +0 -1
  251. package/dist/chunk-HGZ7DC5H.js.map +0 -1
  252. package/dist/chunk-IS5HWQO7.js.map +0 -1
  253. package/dist/chunk-KMI2NBBF.js.map +0 -1
  254. package/dist/chunk-KYKMKLJ6.js +0 -340
  255. package/dist/chunk-KYKMKLJ6.js.map +0 -1
  256. package/dist/chunk-LOL725S4.js.map +0 -1
  257. package/dist/chunk-MRIBLZL3.js +0 -86
  258. package/dist/chunk-MRIBLZL3.js.map +0 -1
  259. package/dist/chunk-NCO2JGKK.js.map +0 -1
  260. package/dist/chunk-NGSPBLLE.js.map +0 -1
  261. package/dist/chunk-P6256WTJ.js.map +0 -1
  262. package/dist/chunk-SAVQ6E2O.js.map +0 -1
  263. package/dist/chunk-T6HQMVML.js.map +0 -1
  264. package/dist/chunk-TLFUDXVV.js.map +0 -1
  265. package/dist/chunk-UMLVJTYV.js.map +0 -1
  266. package/dist/chunk-UOF74WQY.js.map +0 -1
  267. package/dist/chunk-WRLHNG6H.js.map +0 -1
  268. package/dist/chunk-YDLAFP36.js.map +0 -1
  269. package/dist/chunk-YL2DR3HY.js.map +0 -1
  270. package/dist/chunk-YMYK7US4.js.map +0 -1
  271. package/dist/chunk-ZC2AAE6J.js.map +0 -1
  272. package/dist/consent/index.cjs +0 -204
  273. package/dist/consent/index.cjs.map +0 -1
  274. package/dist/consent/index.d.cts +0 -25
  275. package/dist/crdt/index.cjs +0 -152
  276. package/dist/crdt/index.cjs.map +0 -1
  277. package/dist/crdt/index.d.cts +0 -30
  278. package/dist/derivations/index.cjs +0 -351
  279. package/dist/derivations/index.cjs.map +0 -1
  280. package/dist/derivations/index.d.cts +0 -72
  281. package/dist/dev-unlock-De3mjQWv.d.cts +0 -263
  282. package/dist/executor-BZKFZVRC.js +0 -8
  283. package/dist/executor-GFZFDQXV.js +0 -8
  284. package/dist/executor-KT2IOZVP.js +0 -11
  285. package/dist/fanout-sidecar-NRBWSLRK.js.map +0 -1
  286. package/dist/guards/index.cjs +0 -322
  287. package/dist/guards/index.cjs.map +0 -1
  288. package/dist/guards/index.d.cts +0 -31
  289. package/dist/hash-vBCB0-Ps.d.cts +0 -63
  290. package/dist/history/index.cjs +0 -1222
  291. package/dist/history/index.cjs.map +0 -1
  292. package/dist/history/index.d.cts +0 -63
  293. package/dist/i18n/index.cjs +0 -840
  294. package/dist/i18n/index.cjs.map +0 -1
  295. package/dist/i18n/index.d.cts +0 -39
  296. package/dist/index-DVkvrgpm.d.cts +0 -2290
  297. package/dist/index.cjs +0 -23590
  298. package/dist/index.cjs.map +0 -1
  299. package/dist/index.d.cts +0 -778
  300. package/dist/indexing/index.cjs +0 -738
  301. package/dist/indexing/index.cjs.map +0 -1
  302. package/dist/indexing/index.d.cts +0 -36
  303. package/dist/issue-BAJ7ZB4S.js +0 -12
  304. package/dist/lazy-builder-C-rPfWG0.d.cts +0 -304
  305. package/dist/materialized-views/index.cjs +0 -837
  306. package/dist/materialized-views/index.cjs.map +0 -1
  307. package/dist/materialized-views/index.d.cts +0 -184
  308. package/dist/mime-magic-CBBSOkjm.d.cts +0 -50
  309. package/dist/mime-magic-CBBSOkjm.d.ts +0 -50
  310. package/dist/noydb-XNQSKXGO.js +0 -34
  311. package/dist/overlay-views/index.cjs +0 -359
  312. package/dist/overlay-views/index.cjs.map +0 -1
  313. package/dist/overlay-views/index.d.cts +0 -82
  314. package/dist/periods/index.cjs +0 -1041
  315. package/dist/periods/index.cjs.map +0 -1
  316. package/dist/periods/index.d.cts +0 -22
  317. package/dist/predicate-Dnu81tsS.d.ts +0 -185
  318. package/dist/query/index.cjs.map +0 -1
  319. package/dist/query/index.d.cts +0 -3
  320. package/dist/read-only-facade-ITU6L7BL.js +0 -7
  321. package/dist/registry-2IEARCGT.js +0 -7
  322. package/dist/registry-CDHASH73.js +0 -10
  323. package/dist/registry-EMGLZGR6.js +0 -8
  324. package/dist/registry-NQALYR77.js +0 -8
  325. package/dist/revoke-7JOVLZFD.js +0 -17
  326. package/dist/session/index.cjs +0 -495
  327. package/dist/session/index.cjs.map +0 -1
  328. package/dist/session/index.d.cts +0 -46
  329. package/dist/shadow/index.cjs +0 -133
  330. package/dist/shadow/index.cjs.map +0 -1
  331. package/dist/shadow/index.d.cts +0 -17
  332. package/dist/store/index.cjs +0 -1083
  333. package/dist/store/index.cjs.map +0 -1
  334. package/dist/store/index.d.cts +0 -492
  335. package/dist/strategy-BSxFXGzb.d.cts +0 -110
  336. package/dist/strategy-DSTrsZ8t.d.cts +0 -601
  337. package/dist/sync/index.cjs +0 -1062
  338. package/dist/sync/index.cjs.map +0 -1
  339. package/dist/sync/index.d.cts +0 -43
  340. package/dist/team/index.cjs +0 -2798
  341. package/dist/team/index.cjs.map +0 -1
  342. package/dist/team/index.d.cts +0 -118
  343. package/dist/tx/index.cjs +0 -544
  344. package/dist/tx/index.cjs.map +0 -1
  345. package/dist/tx/index.d.cts +0 -21
  346. package/dist/types-CSLcfytP.d.cts +0 -12493
  347. package/dist/ulid-CG2YvAbg.d.cts +0 -603
  348. package/dist/util/index.cjs +0 -230
  349. package/dist/util/index.cjs.map +0 -1
  350. package/dist/util/index.d.cts +0 -77
  351. package/dist/with-derivation-Bzpj6UTv.d.ts +0 -13
  352. package/dist/with-derivation-DWajFh4K.d.cts +0 -13
  353. package/dist/with-guard-DF_Ul3DT.d.cts +0 -18
  354. package/dist/with-guard-DR7U-l4v.d.ts +0 -18
  355. package/dist/with-materialized-view-_piodoIz.d.cts +0 -27
  356. package/dist/with-overlayed-view-DwzCKxn2.d.cts +0 -13
  357. /package/dist/{crypto-H2Y3DDFW.js.map → adapter/index.js.map} +0 -0
  358. /package/dist/{chunk-75QDHSE4.js.map → chunk-2QDWRK3B.js.map} +0 -0
  359. /package/dist/{chunk-FCDO7UAO.js.map → chunk-2ZYIN3BL.js.map} +0 -0
  360. /package/dist/{chunk-ZUMGGHRB.js.map → chunk-5PTX7PKD.js.map} +0 -0
  361. /package/dist/{chunk-QAU5HM6Q.js.map → chunk-6EKRQ7QF.js.map} +0 -0
  362. /package/dist/{chunk-UVPGJXVO.js.map → chunk-JOJPBZSZ.js.map} +0 -0
  363. /package/dist/{chunk-YK72A4IT.js.map → chunk-LBILABKZ.js.map} +0 -0
  364. /package/dist/{chunk-GAUBWHAF.js.map → chunk-OCYFFBZS.js.map} +0 -0
  365. /package/dist/{delegation-QSC7G5QC.js.map → chunk-PZ5AY32C.js.map} +0 -0
  366. /package/dist/{chunk-FS7A4XNF.js.map → chunk-QWJCNXH2.js.map} +0 -0
  367. /package/dist/{chunk-K5PVGKE4.js.map → chunk-SAAJYSVV.js.map} +0 -0
  368. /package/dist/{chunk-LS3JLEIB.js.map → chunk-TZGWI5AX.js.map} +0 -0
  369. /package/dist/{executor-BZKFZVRC.js.map → crypto-OSIV2IIW.js.map} +0 -0
  370. /package/dist/{executor-GFZFDQXV.js.map → delegation-BQTRJATI.js.map} +0 -0
  371. /package/dist/{executor-KT2IOZVP.js.map → executor-KYSKFJ2R.js.map} +0 -0
  372. /package/dist/{issue-BAJ7ZB4S.js.map → executor-M7W3NEKR.js.map} +0 -0
  373. /package/dist/{ledger-WOEJUYTP.js.map → executor-VDTDGWO6.js.map} +0 -0
  374. /package/dist/{noydb-XNQSKXGO.js.map → forget/index.js.map} +0 -0
  375. /package/dist/{public-envelope-OHQ5UZFM.js.map → issue-DPHRF2TI.js.map} +0 -0
  376. /package/dist/{read-only-facade-ITU6L7BL.js.map → kernel/index.js.map} +0 -0
  377. /package/dist/{registry-2IEARCGT.js.map → ledger-CI7GSMLB.js.map} +0 -0
  378. /package/dist/{registry-CDHASH73.js.map → noydb-NAU2DTFP.js.map} +0 -0
  379. /package/dist/{registry-EMGLZGR6.js.map → public-envelope-MFMBFJLZ.js.map} +0 -0
  380. /package/dist/{registry-NQALYR77.js.map → read-only-facade-3OQRZ3VS.js.map} +0 -0
  381. /package/dist/{revoke-7JOVLZFD.js.map → registry-IX5WKK4F.js.map} +0 -0
  382. /package/dist/{signer-M4K5HBLD.js.map → registry-LMHO5265.js.map} +0 -0
  383. /package/dist/{stale-PAGCS4K5.js.map → registry-TXCKWH26.js.map} +0 -0
  384. /package/dist/{ulid-COREQ2RQ.js.map → registry-VFEDQSYV.js.map} +0 -0
@@ -1,118 +0,0 @@
1
- import { aO as NoydbStore, aM as UnlockedKeyring } from '../types-CSLcfytP.cjs';
2
- export { bc as BundleRecipient, b$ as EnrollAuthenticatorOptions, c0 as EnrollAuthenticatorWrappingDEKsOptions, c1 as EnrollAuthenticatorWrappingKEKOptions, cw as ListUsersOptions, cV as PaperRecoveryEntry, d1 as PresenceHandle, dm as RecoverPassphraseInput, dn as RecoverPassphraseResult, dp as RecoverUserOptions, dq as RecoveryProof, dt as RotatePassphraseInput, dF as SlotRewrapCeremony, dG as SlotRewrapContext, dN as SyncEngine, dV as SyncTransaction, e6 as UpdateAuthenticatorOptions, el as WrappedDeksBlob, er as buildRecipientKeyringFile, es as burnPaperRecoveryEntry, fb as changeSecret, fc as createOwnerKeyring, ev as deriveMagicLinkContentKey, ew as enrollAuthenticator, fd as ensureCollectionDEK, ey as evaluateExportCapability, ez as evaluateImportCapability, eA as findAuthenticator, fe as grant, eB as hasExportCapability, eC as hasImportCapability, eE as isMagicLinkGrantExpired, eJ as listMagicLinkGrants, eK as listUsers, eL as listUsersWithEnvelopes, ff as loadKeyring, eN as loadPaperRecoveryEntries, eQ as magicLinkGrantRecordId, eR as mintPaperRecoveryEntry, eT as mintWrappedDeksBlob, fg as persistKeyring, eV as readMagicLinkGrantRecord, eH as recoverPassphrase, eW as recoverUser, eX as removeAuthenticator, fh as revoke, e_ as revokeMagicLinkGrant, eI as rotatePassphrase, e$ as savePaperRecoveryEntries, f2 as unwrapDeksFromBlob, f3 as unwrapDeksFromPaperEntry, f5 as unwrapMagicLinkGrant, fi as updateAuthenticator, fj as updateKeyringIdentity, fa as writeMagicLinkGrant } from '../types-CSLcfytP.cjs';
3
- import '../lazy-builder-C-rPfWG0.cjs';
4
- import '../predicate-Dnu81tsS.cjs';
5
- import '../strategy-DSTrsZ8t.cjs';
6
- import '../strategy-BSxFXGzb.cjs';
7
- import '../index-DVkvrgpm.cjs';
8
- import '@noy-db/attestation';
9
-
10
- /**
11
- * _sync_credentials reserved collection —
12
- *
13
- * Stores per-adapter OAuth tokens (and any other long-lived sync secrets) as
14
- * encrypted records inside the vault itself. Tokens are wrapped with the
15
- * compartment's own DEK, live on disk as ciphertext like any other record, and
16
- * are accessed only through the dedicated API in this module — never via
17
- * `vault.collection('_sync_credentials')`.
18
- *
19
- * Design decisions
20
- * ────────────────
21
- *
22
- * **Why a reserved collection, not a separate store?**
23
- * The compartment's existing encryption stack (AES-256-GCM + collection DEK)
24
- * is exactly the right primitive for protecting OAuth tokens at rest. Using a
25
- * separate store would require a new encryption surface, new adapter calls,
26
- * and a new backup/restore path — all of which already exist for collections.
27
- *
28
- * **Why not exposed as a regular collection?**
29
- * The same reason `_keyring` and `_ledger` aren't: they have invariants that
30
- * must be enforced (naming scheme, no cross-user leakage, no schema
31
- * validation, no history/ledger writes for privacy). Routing through a
32
- * dedicated API enforces those invariants.
33
- *
34
- * **Token lifecycle:**
35
- * - `putCredential(vault, adapterId, token)` — store or overwrite
36
- * - `getCredential(vault, adapterId)` — load and decrypt
37
- * - `deleteCredential(vault, adapterId)` — remove
38
- * - `listCredentials(vault)` — enumerate adapter IDs (not tokens)
39
- *
40
- * The `adapterId` is the record ID within the `_sync_credentials` collection.
41
- * It should be a stable, human-readable identifier for the adapter instance
42
- * (e.g. `'google-drive'`, `'dropbox'`, `'s3-prod'`).
43
- *
44
- * **ACL:** only `owner` and `admin` roles can read/write sync credentials.
45
- * Operators, viewers, and clients cannot call this API. The check is made
46
- * against the caller's keyring role at call time.
47
- */
48
-
49
- /** The reserved collection name. Never collides with user collections. */
50
- declare const SYNC_CREDENTIALS_COLLECTION = "_sync_credentials";
51
- /**
52
- * An OAuth/auth token stored in `_sync_credentials`.
53
- *
54
- * Fields mirror the OAuth2 token response shape. `customData` is an escape
55
- * hatch for adapter-specific secrets (API keys, connection strings, etc.)
56
- * that don't fit the OAuth2 shape.
57
- */
58
- interface SyncCredential {
59
- /** Stable identifier for the adapter instance (e.g. 'google-drive'). */
60
- readonly adapterId: string;
61
- /** OAuth token type, usually 'Bearer'. */
62
- readonly tokenType: string;
63
- /** The access token. Expires at `expiresAt` if set. */
64
- readonly accessToken: string;
65
- /** Long-lived refresh token for renewing the access token. */
66
- readonly refreshToken?: string;
67
- /** ISO timestamp when `accessToken` expires. Absent means "no expiry". */
68
- readonly expiresAt?: string;
69
- /** Space-separated OAuth scopes. */
70
- readonly scopes?: string;
71
- /** Adapter-specific opaque data (API keys, endpoints, etc.). */
72
- readonly customData?: Record<string, string>;
73
- }
74
- /**
75
- * Store or overwrite a sync credential for the given adapter.
76
- *
77
- * The credential is encrypted with the `_sync_credentials` collection DEK
78
- * (auto-generated on first use). The record ID is the `adapterId`.
79
- *
80
- * Requires owner or admin role.
81
- */
82
- declare function putCredential(adapter: NoydbStore, vault: string, keyring: UnlockedKeyring, credential: SyncCredential): Promise<void>;
83
- /**
84
- * Load and decrypt a sync credential for the given adapter ID.
85
- *
86
- * Returns `null` if no credential exists for this adapter.
87
- * Requires owner or admin role.
88
- */
89
- declare function getCredential(adapter: NoydbStore, vault: string, keyring: UnlockedKeyring, adapterId: string): Promise<SyncCredential | null>;
90
- /**
91
- * Delete a sync credential by adapter ID.
92
- *
93
- * No-op if the credential doesn't exist. Requires owner or admin role.
94
- */
95
- declare function deleteCredential(adapter: NoydbStore, vault: string, keyring: UnlockedKeyring, adapterId: string): Promise<void>;
96
- /**
97
- * List all adapter IDs that have stored credentials.
98
- *
99
- * Returns only the IDs, never the credential payloads. Useful for
100
- * displaying "connected adapters" in UI without decrypting tokens.
101
- * Requires owner or admin role.
102
- */
103
- declare function listCredentials(adapter: NoydbStore, vault: string, keyring: UnlockedKeyring): Promise<string[]>;
104
- /**
105
- * Check whether a credential exists and whether its access token has expired.
106
- *
107
- * Returns `{ exists: false }` if no credential is stored, or
108
- * `{ exists: true, expired: boolean }` based on the `expiresAt` field.
109
- * Requires owner or admin role.
110
- */
111
- declare function credentialStatus(adapter: NoydbStore, vault: string, keyring: UnlockedKeyring, adapterId: string): Promise<{
112
- exists: false;
113
- } | {
114
- exists: true;
115
- expired: boolean;
116
- }>;
117
-
118
- export { SYNC_CREDENTIALS_COLLECTION, type SyncCredential, UnlockedKeyring, credentialStatus, deleteCredential, getCredential, listCredentials, putCredential };
package/dist/tx/index.cjs DELETED
@@ -1,544 +0,0 @@
1
- "use strict";
2
- var __defProp = Object.defineProperty;
3
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
- var __getOwnPropNames = Object.getOwnPropertyNames;
5
- var __hasOwnProp = Object.prototype.hasOwnProperty;
6
- var __esm = (fn, res) => function __init() {
7
- return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
8
- };
9
- var __export = (target, all) => {
10
- for (var name in all)
11
- __defProp(target, name, { get: all[name], enumerable: true });
12
- };
13
- var __copyProps = (to, from, except, desc) => {
14
- if (from && typeof from === "object" || typeof from === "function") {
15
- for (let key of __getOwnPropNames(from))
16
- if (!__hasOwnProp.call(to, key) && key !== except)
17
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
18
- }
19
- return to;
20
- };
21
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
22
-
23
- // src/errors.ts
24
- var NoydbError, FieldFrozenError, InvariantError, AmendmentForbiddenError, ConflictError, ValidationError;
25
- var init_errors = __esm({
26
- "src/errors.ts"() {
27
- "use strict";
28
- NoydbError = class extends Error {
29
- /** Machine-readable error code. Stable across library versions. */
30
- code;
31
- constructor(code, message) {
32
- super(message);
33
- this.name = "NoydbError";
34
- this.code = code;
35
- }
36
- };
37
- FieldFrozenError = class extends NoydbError {
38
- collection;
39
- id;
40
- fields;
41
- constructor(collection, id, fields) {
42
- super(
43
- "FIELD_FROZEN",
44
- `Cannot change frozen field(s) on ${collection}/${id}: ${fields.join(", ")}. Use withTransactions({ amendment: true, reason }) with admin/owner role to override.`
45
- );
46
- this.name = "FieldFrozenError";
47
- this.collection = collection;
48
- this.id = id;
49
- this.fields = fields;
50
- }
51
- };
52
- InvariantError = class extends NoydbError {
53
- constructor(message) {
54
- super("INVARIANT_VIOLATED", message);
55
- this.name = "InvariantError";
56
- }
57
- };
58
- AmendmentForbiddenError = class extends NoydbError {
59
- userId;
60
- role;
61
- constructor(userId, role) {
62
- super(
63
- "AMENDMENT_FORBIDDEN",
64
- `User "${userId}" with role "${role}" cannot open an amendment transaction. Amendments require admin or owner role.`
65
- );
66
- this.name = "AmendmentForbiddenError";
67
- this.userId = userId;
68
- this.role = role;
69
- }
70
- };
71
- ConflictError = class extends NoydbError {
72
- /** The actual stored version at the time of conflict. */
73
- version;
74
- constructor(version, message = "Version conflict") {
75
- super("CONFLICT", message);
76
- this.name = "ConflictError";
77
- this.version = version;
78
- }
79
- };
80
- ValidationError = class extends NoydbError {
81
- constructor(message = "Validation error") {
82
- super("VALIDATION_ERROR", message);
83
- this.name = "ValidationError";
84
- }
85
- };
86
- }
87
- });
88
-
89
- // src/guards/executor.ts
90
- var executor_exports = {};
91
- __export(executor_exports, {
92
- GuardExecutor: () => GuardExecutor
93
- });
94
- function deepEqual(a, b) {
95
- if (a === b) return true;
96
- if (a === null || b === null) return a === b;
97
- if (typeof a !== typeof b) return false;
98
- if (typeof a !== "object") return a === b;
99
- if (Array.isArray(a) !== Array.isArray(b)) return false;
100
- if (Array.isArray(a)) {
101
- const aa = a;
102
- const bb = b;
103
- if (aa.length !== bb.length) return false;
104
- for (let i = 0; i < aa.length; i++) if (!deepEqual(aa[i], bb[i])) return false;
105
- return true;
106
- }
107
- const ao = a;
108
- const bo = b;
109
- const ak = Object.keys(ao);
110
- const bk = Object.keys(bo);
111
- if (ak.length !== bk.length) return false;
112
- for (const k of ak) {
113
- if (!Object.prototype.hasOwnProperty.call(bo, k)) return false;
114
- if (!deepEqual(ao[k], bo[k])) return false;
115
- }
116
- return true;
117
- }
118
- var GuardExecutor;
119
- var init_executor = __esm({
120
- "src/guards/executor.ts"() {
121
- "use strict";
122
- init_errors();
123
- GuardExecutor = {
124
- /**
125
- * Compare existing vs incoming for each `frozenFields.fields` entry
126
- * when `frozenFields.when(existing)` is true. Throws
127
- * `FieldFrozenError` listing every changed frozen field.
128
- */
129
- async checkFrozenFields(guard, id, existing, incoming) {
130
- const ff = guard.frozenFields;
131
- if (!ff) return;
132
- if (existing === null) return;
133
- if (!ff.when(existing)) return;
134
- const changed = [];
135
- for (const f of ff.fields) {
136
- if (existing[f] !== incoming[f]) {
137
- if (!deepEqual(existing[f], incoming[f])) changed.push(String(f));
138
- }
139
- }
140
- if (changed.length > 0) {
141
- throw new FieldFrozenError(guard.collection, id, changed);
142
- }
143
- },
144
- /**
145
- * Run a single guard's invariant over its slice of the change-set.
146
- * Any throw is converted to `InvariantError` unless it already is one.
147
- */
148
- async runInvariant(guard, changes, ctx) {
149
- const amendment = guard.amendment;
150
- if (!amendment) return;
151
- try {
152
- await amendment.invariant(changes, ctx);
153
- } catch (err) {
154
- if (err instanceof InvariantError) throw err;
155
- throw new InvariantError(
156
- err instanceof Error ? err.message : `invariant violated: ${String(err)}`
157
- );
158
- }
159
- }
160
- };
161
- }
162
- });
163
-
164
- // src/tx/index.ts
165
- var tx_exports = {};
166
- __export(tx_exports, {
167
- TxCollection: () => TxCollection,
168
- TxContext: () => TxContext,
169
- TxVault: () => TxVault,
170
- runTransaction: () => runTransaction,
171
- withTransactions: () => withTransactions
172
- });
173
- module.exports = __toCommonJS(tx_exports);
174
-
175
- // src/tx/transaction.ts
176
- init_errors();
177
-
178
- // src/bundle/ulid.ts
179
- var CROCKFORD_ALPHABET = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
180
- function encodeBase32(value, length) {
181
- let out = "";
182
- let v = value;
183
- for (let i = 0; i < length; i++) {
184
- out = CROCKFORD_ALPHABET[v % 32] + out;
185
- v = Math.floor(v / 32);
186
- }
187
- return out;
188
- }
189
- function generateULID() {
190
- const now = Date.now();
191
- const timestampHigh = Math.floor(now / 16777216);
192
- const timestampLow = now & 16777215;
193
- const tsPart = encodeBase32(timestampHigh, 5) + encodeBase32(timestampLow, 5);
194
- const randBytes = new Uint8Array(10);
195
- crypto.getRandomValues(randBytes);
196
- const rand1 = randBytes[0] * 2 ** 32 + (randBytes[1] << 24 >>> 0) + (randBytes[2] << 16) + (randBytes[3] << 8) + randBytes[4];
197
- const rand2 = randBytes[5] * 2 ** 32 + (randBytes[6] << 24 >>> 0) + (randBytes[7] << 16) + (randBytes[8] << 8) + randBytes[9];
198
- const randPart = encodeBase32(rand1, 8) + encodeBase32(rand2, 8);
199
- return tsPart + randPart;
200
- }
201
-
202
- // src/tx/transaction.ts
203
- var TxContext = class {
204
- /** Stable id for this transaction; shared by all writes it performs (#230). */
205
- txId = generateULID();
206
- /** @internal */
207
- _ops = [];
208
- /**
209
- * @internal — write log built up in Phase 2. Each entry records the
210
- * envelope captured BEFORE the write so a mid-batch failure can
211
- * restore prior state via `revertExecuted`. Side-effect writes (e.g.
212
- * recursive derivation outputs fired inside `Collection.put`) are
213
- * appended here in execution order so they roll back alongside the
214
- * main staged ops (#133).
215
- */
216
- _executed = [];
217
- /** @internal */
218
- _db;
219
- /**
220
- * @internal — true when this TxContext was opened in amendment
221
- * mode. Toggles the lazy-`beginAmendment` + role-check path on first
222
- * `tx.vault(name)` and unlocks the post-Phase-2 invariant + audit run.
223
- */
224
- _amendment;
225
- /** @internal — vaults that have already had `beginAmendment` called. */
226
- _amendmentVaults = /* @__PURE__ */ new Map();
227
- /** @internal */
228
- constructor(db, amendment = false) {
229
- this._db = db;
230
- this._amendment = amendment;
231
- }
232
- /** Scope subsequent `collection()` calls to the named vault. */
233
- vault(name) {
234
- const v = this._db.vault(name);
235
- if (this._amendment && !this._amendmentVaults.has(name)) {
236
- const role = v.role;
237
- if (role !== "admin" && role !== "owner") {
238
- throw new AmendmentForbiddenError(v.userId, role);
239
- }
240
- const reg = v._getGuardRegistry();
241
- if (reg === null) {
242
- throw new ValidationError(
243
- `Vault "${name}": amendment mode requires at least one guardStrategy registered via createNoydb({ guardStrategies }). Open the vault with guardStrategies before calling db.transaction({ amendment: true }).`
244
- );
245
- }
246
- reg.beginAmendment();
247
- this._amendmentVaults.set(name, v);
248
- }
249
- return new TxVault(this, v);
250
- }
251
- };
252
- var TxVault = class {
253
- /** @internal */
254
- _ctx;
255
- /** @internal */
256
- _vault;
257
- /** @internal */
258
- constructor(ctx, vault) {
259
- this._ctx = ctx;
260
- this._vault = vault;
261
- }
262
- /** Scope subsequent op calls to the named collection. */
263
- collection(name) {
264
- const c = this._vault.collection(name);
265
- return new TxCollection(this._ctx, this._vault, c, name);
266
- }
267
- };
268
- var TxCollection = class {
269
- /** @internal */
270
- _ctx;
271
- /** @internal */
272
- _vault;
273
- /** @internal */
274
- _coll;
275
- /** @internal */
276
- _name;
277
- /** @internal */
278
- constructor(ctx, vault, coll, name) {
279
- this._ctx = ctx;
280
- this._vault = vault;
281
- this._coll = coll;
282
- this._name = name;
283
- }
284
- /**
285
- * Read the current committed value, or the most-recently-staged
286
- * value from the same transaction if one exists.
287
- */
288
- async get(id) {
289
- for (let i = this._ctx._ops.length - 1; i >= 0; i--) {
290
- const op = this._ctx._ops[i];
291
- if (op.vaultName === this._vault.name && op.collectionName === this._name && op.id === id) {
292
- if (op.type === "delete") return null;
293
- return op.record;
294
- }
295
- }
296
- return this._coll.get(id);
297
- }
298
- /**
299
- * Stage a put. Does not write until the transaction body returns.
300
- * Supply `{ expectedVersion }` to enforce optimistic concurrency
301
- * during the commit pre-flight.
302
- */
303
- put(id, record, options) {
304
- const op = {
305
- type: "put",
306
- vaultName: this._vault.name,
307
- collectionName: this._name,
308
- id,
309
- record
310
- };
311
- if (options?.expectedVersion !== void 0) op.expectedVersion = options.expectedVersion;
312
- if (options?.reason !== void 0) op.reason = options.reason;
313
- this._ctx._ops.push(op);
314
- }
315
- /**
316
- * Stage a delete. Does not write until the transaction body returns.
317
- * Supply `{ expectedVersion }` to enforce optimistic concurrency
318
- * during the commit pre-flight.
319
- */
320
- delete(id, options) {
321
- const op = {
322
- type: "delete",
323
- vaultName: this._vault.name,
324
- collectionName: this._name,
325
- id
326
- };
327
- if (options?.expectedVersion !== void 0) op.expectedVersion = options.expectedVersion;
328
- this._ctx._ops.push(op);
329
- }
330
- };
331
- async function runTransaction(db, fn, options) {
332
- if (options?.amendment) {
333
- if (typeof options.reason !== "string" || options.reason.trim().length === 0) {
334
- throw new ValidationError(
335
- "db.transaction({ amendment: true }) requires a non-empty `reason` string."
336
- );
337
- }
338
- }
339
- const ctx = new TxContext(db, options?.amendment === true);
340
- const bodyResult = await fn(ctx);
341
- if (ctx._ops.length === 0) {
342
- if (ctx._amendment) {
343
- for (const v of ctx._amendmentVaults.values()) {
344
- const reg = v._getGuardRegistry();
345
- if (reg !== null) {
346
- reg.consumeChanges();
347
- reg.consumeMeta();
348
- }
349
- }
350
- }
351
- return bodyResult;
352
- }
353
- const priorEnvelopes = /* @__PURE__ */ new Map();
354
- const store = db._store;
355
- for (const op of ctx._ops) {
356
- const key = keyOf(op);
357
- if (!priorEnvelopes.has(key)) {
358
- const env = await store.get(op.vaultName, op.collectionName, op.id);
359
- priorEnvelopes.set(key, env);
360
- }
361
- if (op.expectedVersion !== void 0) {
362
- const env = priorEnvelopes.get(key) ?? null;
363
- const actual = env?._v ?? 0;
364
- if (actual !== op.expectedVersion) {
365
- throw new ConflictError(
366
- actual,
367
- `Transaction pre-flight: ${op.vaultName}/${op.collectionName}/${op.id} expected v${op.expectedVersion}, found v${actual}`
368
- );
369
- }
370
- }
371
- }
372
- db._setActiveTxContext(ctx);
373
- try {
374
- try {
375
- for (const op of ctx._ops) {
376
- const coll = db.vault(op.vaultName).collection(op.collectionName);
377
- const key = keyOf(op);
378
- const prior = priorEnvelopes.get(key) ?? null;
379
- ctx._executed.push({ op, priorEnvelope: prior });
380
- if (op.type === "put") {
381
- await coll.put(op.id, op.record, op.reason !== void 0 ? { reason: op.reason } : void 0);
382
- } else {
383
- await coll.delete(op.id);
384
- }
385
- }
386
- } catch (err) {
387
- await revertExecuted(ctx._executed, store, db);
388
- if (ctx._amendment) {
389
- for (const v of ctx._amendmentVaults.values()) {
390
- const reg = v._getGuardRegistry();
391
- if (reg !== null) {
392
- reg.consumeChanges();
393
- reg.consumeMeta();
394
- }
395
- }
396
- }
397
- throw err;
398
- }
399
- } finally {
400
- db._clearActiveTxContext(ctx);
401
- }
402
- if (ctx._amendment) {
403
- const { GuardExecutor: GuardExecutor2 } = await Promise.resolve().then(() => (init_executor(), executor_exports));
404
- try {
405
- for (const [vaultName, v] of ctx._amendmentVaults) {
406
- const registry = v._getGuardRegistry();
407
- if (registry === null) continue;
408
- const changesByCollection = registry.consumeChanges();
409
- const meta = registry.consumeMeta();
410
- if (changesByCollection.size === 0) continue;
411
- const readOnlyVault = v._getReadOnlyFacade();
412
- if (readOnlyVault === null) continue;
413
- const invariantsPassed = [];
414
- for (const [collection, changes] of changesByCollection) {
415
- const guards = registry.guardsFor(collection).filter((g) => g.amendment !== void 0);
416
- for (const guard of guards) {
417
- await GuardExecutor2.runInvariant(guard, changes, {
418
- existing: null,
419
- vault: readOnlyVault,
420
- userId: v.userId,
421
- role: v.role
422
- });
423
- }
424
- if (guards.length > 0) invariantsPassed.push(collection);
425
- }
426
- const ledger = v._getLedgerOrNull();
427
- if (ledger) {
428
- const role = v.role;
429
- const amendment = {
430
- reason: options.reason,
431
- role,
432
- changes: meta,
433
- invariantsPassed
434
- };
435
- await ledger.append({
436
- op: "amendment",
437
- collection: "",
438
- id: "",
439
- version: 0,
440
- actor: v.userId,
441
- // No payload to hash — the per-record entries already
442
- // captured `payloadHash` at their own append time. We use
443
- // a sha256 of the canonical reason string so the field is
444
- // populated with something deterministic and non-empty.
445
- payloadHash: "",
446
- amendment
447
- });
448
- }
449
- void vaultName;
450
- }
451
- } catch (err) {
452
- await revertExecuted(ctx._executed, store, db);
453
- throw err instanceof InvariantError ? err : new InvariantError(
454
- err instanceof Error ? err.message : `invariant violated: ${String(err)}`
455
- );
456
- }
457
- }
458
- return bodyResult;
459
- }
460
- async function revertExecuted(executed, store, db) {
461
- for (const { op, priorEnvelope } of executed.slice().reverse()) {
462
- try {
463
- if (priorEnvelope) {
464
- await store.put(op.vaultName, op.collectionName, op.id, priorEnvelope);
465
- } else {
466
- await store.delete(op.vaultName, op.collectionName, op.id);
467
- }
468
- if (db) {
469
- const coll = db.vault(op.vaultName).collection(op.collectionName);
470
- await coll._invalidateCacheEntry(op.id);
471
- }
472
- } catch {
473
- }
474
- }
475
- }
476
- function keyOf(op) {
477
- return `${op.vaultName}\0${op.collectionName}\0${op.id}`;
478
- }
479
-
480
- // src/tx/dry-run.ts
481
- var SEP = " ";
482
- var keyOf2 = (op) => `${op.vaultName}${SEP}${op.collectionName}${SEP}${op.id}`;
483
- async function runDryRun(db, fn) {
484
- const ctx = new TxContext(db);
485
- await fn(ctx);
486
- const lastOp = /* @__PURE__ */ new Map();
487
- for (const op of ctx._ops) lastOp.set(keyOf2(op), op);
488
- const affected = [];
489
- const guardViolations = [];
490
- for (const op of lastOp.values()) {
491
- const v = db.vault(op.vaultName);
492
- const coll = v.collection(op.collectionName);
493
- const before = await coll.get(op.id);
494
- if (op.type === "delete") {
495
- affected.push({ vault: op.vaultName, op: "delete", collection: op.collectionName, docId: op.id, before, after: null });
496
- continue;
497
- }
498
- const after = op.record ?? null;
499
- affected.push({
500
- vault: op.vaultName,
501
- op: before === null ? "create" : "update",
502
- collection: op.collectionName,
503
- docId: op.id,
504
- before,
505
- after
506
- });
507
- const registry = v._getGuardRegistry();
508
- if (!registry) continue;
509
- const guards = registry.guardsFor(op.collectionName);
510
- if (guards.length === 0) continue;
511
- const facade = v._getReadOnlyFacade();
512
- if (!facade) continue;
513
- const gctx = { existing: before, vault: facade, userId: v.userId, role: v.role };
514
- try {
515
- await registry.runChecks(op.collectionName, after, gctx);
516
- const { GuardExecutor: GuardExecutor2 } = await Promise.resolve().then(() => (init_executor(), executor_exports));
517
- for (const g of guards) {
518
- await GuardExecutor2.checkFrozenFields(g, op.id, before, after);
519
- }
520
- } catch (err) {
521
- guardViolations.push({
522
- vault: op.vaultName,
523
- collection: op.collectionName,
524
- docId: op.id,
525
- message: err instanceof Error ? err.message : String(err)
526
- });
527
- }
528
- }
529
- return { affected, guardViolations };
530
- }
531
-
532
- // src/tx/active.ts
533
- function withTransactions() {
534
- return { runTransaction, runDryRun };
535
- }
536
- // Annotate the CommonJS export names for ESM import in node:
537
- 0 && (module.exports = {
538
- TxCollection,
539
- TxContext,
540
- TxVault,
541
- runTransaction,
542
- withTransactions
543
- });
544
- //# sourceMappingURL=index.cjs.map