@noy-db/hub 0.2.0-pre.9 → 0.3.0-pre.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (541) hide show
  1. package/README.md +129 -3
  2. package/dist/adapter/index.d.ts +5 -0
  3. package/dist/adapter/index.js +15 -0
  4. package/dist/aggregate/index.d.ts +6 -2
  5. package/dist/aggregate/index.js +24 -16
  6. package/dist/aggregate/index.js.map +1 -1
  7. package/dist/api-RW3KP7WU.js +14 -0
  8. package/dist/as/index.d.ts +7 -0
  9. package/dist/as/index.js +24 -0
  10. package/dist/at/index.d.ts +5 -0
  11. package/dist/at/index.js +1 -0
  12. package/dist/attestation/index.d.ts +15 -47
  13. package/dist/attestation/index.js +54 -10
  14. package/dist/attestation/index.js.map +1 -1
  15. package/dist/backup-KMJQ66MF.js +219 -0
  16. package/dist/backup-KMJQ66MF.js.map +1 -0
  17. package/dist/blobs/index.d.ts +6 -8
  18. package/dist/blobs/index.js +19 -12
  19. package/dist/blobs/index.js.map +1 -1
  20. package/dist/bundle/index.d.ts +16 -70
  21. package/dist/bundle/index.js +39 -476
  22. package/dist/bundle/index.js.map +1 -1
  23. package/dist/{ulid-CJ8RzRrm.d.ts → bundle-PwBGkhpe.d.ts} +31 -86
  24. package/dist/by/index.d.ts +1 -0
  25. package/dist/by/index.js +11 -0
  26. package/dist/cargo/index.d.ts +9 -0
  27. package/dist/cargo/index.js +89 -0
  28. package/dist/chunk-26LGBE4T.js +42 -0
  29. package/dist/chunk-26LGBE4T.js.map +1 -0
  30. package/dist/{chunk-K3DK3NU5.js → chunk-3YFXJ3ZP.js} +20 -5
  31. package/dist/chunk-3YFXJ3ZP.js.map +1 -0
  32. package/dist/chunk-4Q6HSHHL.js +90 -0
  33. package/dist/chunk-4Q6HSHHL.js.map +1 -0
  34. package/dist/chunk-5LUY7UTV.js +380 -0
  35. package/dist/chunk-5LUY7UTV.js.map +1 -0
  36. package/dist/chunk-5N6CZTCY.js +367 -0
  37. package/dist/chunk-5N6CZTCY.js.map +1 -0
  38. package/dist/chunk-5O3AOPDT.js +992 -0
  39. package/dist/chunk-5O3AOPDT.js.map +1 -0
  40. package/dist/chunk-5R3ERCDH.js +239 -0
  41. package/dist/chunk-5R3ERCDH.js.map +1 -0
  42. package/dist/chunk-5TDJ56JE.js +32 -0
  43. package/dist/chunk-5TDJ56JE.js.map +1 -0
  44. package/dist/{chunk-T7JEBOGN.js → chunk-62QYRORB.js} +18 -11
  45. package/dist/chunk-62QYRORB.js.map +1 -0
  46. package/dist/{chunk-J66GRPNH.js → chunk-6S7T6WC4.js} +2 -2
  47. package/dist/chunk-6S7T6WC4.js.map +1 -0
  48. package/dist/chunk-76722EBH.js +451 -0
  49. package/dist/chunk-76722EBH.js.map +1 -0
  50. package/dist/{chunk-Z6FNBOTC.js → chunk-AIWULCUO.js} +13 -17
  51. package/dist/chunk-AIWULCUO.js.map +1 -0
  52. package/dist/{chunk-O3VZPBZG.js → chunk-AQTBSL7R.js} +47 -11
  53. package/dist/chunk-AQTBSL7R.js.map +1 -0
  54. package/dist/chunk-AURFOK3D.js +35 -0
  55. package/dist/chunk-AURFOK3D.js.map +1 -0
  56. package/dist/{chunk-53XBRIRT.js → chunk-AXRXJTE2.js} +9 -9
  57. package/dist/chunk-AXRXJTE2.js.map +1 -0
  58. package/dist/chunk-AZAOEIKW.js +155 -0
  59. package/dist/chunk-AZAOEIKW.js.map +1 -0
  60. package/dist/{chunk-HNRHLRDC.js → chunk-BG3SPSR4.js} +3 -3
  61. package/dist/chunk-BG3SPSR4.js.map +1 -0
  62. package/dist/chunk-BGIZAFY7.js +1 -0
  63. package/dist/chunk-CHFZDSE4.js +1 -0
  64. package/dist/{chunk-DJHHA6XH.js → chunk-CMGR4ZEW.js} +50 -20
  65. package/dist/chunk-CMGR4ZEW.js.map +1 -0
  66. package/dist/chunk-CWPPNPOH.js +23 -0
  67. package/dist/chunk-CWPPNPOH.js.map +1 -0
  68. package/dist/{chunk-QODLLGQ7.js → chunk-DFEMTNPJ.js} +371 -38
  69. package/dist/chunk-DFEMTNPJ.js.map +1 -0
  70. package/dist/{chunk-ZYWZWG6G.js → chunk-DGDI2D4M.js} +10 -10
  71. package/dist/chunk-DGDI2D4M.js.map +1 -0
  72. package/dist/{chunk-SYMWGEET.js → chunk-EIZUR2XW.js} +3 -3
  73. package/dist/chunk-EIZUR2XW.js.map +1 -0
  74. package/dist/{chunk-BVRYKATC.js → chunk-FISN7WE4.js} +36 -33
  75. package/dist/chunk-FISN7WE4.js.map +1 -0
  76. package/dist/chunk-GHVIKOHT.js +1 -0
  77. package/dist/chunk-GYGWYIOZ.js +200 -0
  78. package/dist/chunk-GYGWYIOZ.js.map +1 -0
  79. package/dist/chunk-HCIPRAGS.js +45 -0
  80. package/dist/chunk-HCIPRAGS.js.map +1 -0
  81. package/dist/{chunk-PX35GA7L.js → chunk-I2NOIW44.js} +10 -10
  82. package/dist/chunk-I2NOIW44.js.map +1 -0
  83. package/dist/{chunk-OIF6LZUR.js → chunk-I3TIKTJO.js} +3 -3
  84. package/dist/chunk-I3TIKTJO.js.map +1 -0
  85. package/dist/chunk-I7FD46FF.js +9 -0
  86. package/dist/chunk-I7FD46FF.js.map +1 -0
  87. package/dist/chunk-IAGBDSCS.js +40 -0
  88. package/dist/chunk-IAGBDSCS.js.map +1 -0
  89. package/dist/{chunk-JWRVQKRZ.js → chunk-IELYAOGG.js} +6 -18
  90. package/dist/chunk-IELYAOGG.js.map +1 -0
  91. package/dist/chunk-IGUYVGGI.js +205 -0
  92. package/dist/chunk-IGUYVGGI.js.map +1 -0
  93. package/dist/{chunk-U26HQ6KJ.js → chunk-IO6GRPT6.js} +4 -4
  94. package/dist/chunk-IO6GRPT6.js.map +1 -0
  95. package/dist/chunk-IPB7FTQX.js +273 -0
  96. package/dist/chunk-IPB7FTQX.js.map +1 -0
  97. package/dist/chunk-ITNUCOXM.js +148 -0
  98. package/dist/chunk-ITNUCOXM.js.map +1 -0
  99. package/dist/{chunk-WPLVTJ5D.js → chunk-IUEN57TV.js} +10 -10
  100. package/dist/chunk-IUEN57TV.js.map +1 -0
  101. package/dist/{chunk-DL3HWOQ5.js → chunk-JNUWZ6D3.js} +9 -9
  102. package/dist/chunk-JNUWZ6D3.js.map +1 -0
  103. package/dist/chunk-K2WCO3NX.js +1 -0
  104. package/dist/chunk-KVOXU4T5.js +30 -0
  105. package/dist/chunk-KVOXU4T5.js.map +1 -0
  106. package/dist/chunk-KXGNJJXB.js +135 -0
  107. package/dist/chunk-KXGNJJXB.js.map +1 -0
  108. package/dist/chunk-LB7FD65R.js +163 -0
  109. package/dist/chunk-LB7FD65R.js.map +1 -0
  110. package/dist/{chunk-22DWZL57.js → chunk-LFLXAY2W.js} +43 -218
  111. package/dist/chunk-LFLXAY2W.js.map +1 -0
  112. package/dist/chunk-LMTH2RM6.js +129 -0
  113. package/dist/chunk-LMTH2RM6.js.map +1 -0
  114. package/dist/{aggregate/index.cjs → chunk-LV7M27WM.js} +390 -219
  115. package/dist/chunk-LV7M27WM.js.map +1 -0
  116. package/dist/{chunk-PE2FR4J3.js → chunk-LXQT4WMP.js} +16 -18
  117. package/dist/chunk-LXQT4WMP.js.map +1 -0
  118. package/dist/chunk-M2YKN37S.js +524 -0
  119. package/dist/chunk-M2YKN37S.js.map +1 -0
  120. package/dist/chunk-M6OST55S.js +14 -0
  121. package/dist/chunk-M6OST55S.js.map +1 -0
  122. package/dist/{chunk-F3GDRNUT.js → chunk-MD3Y6J3L.js} +35 -69
  123. package/dist/chunk-MD3Y6J3L.js.map +1 -0
  124. package/dist/{chunk-XJFLDA7A.js → chunk-MTMJVJ5W.js} +8 -7
  125. package/dist/chunk-MTMJVJ5W.js.map +1 -0
  126. package/dist/{chunk-DFMLEQZB.js → chunk-NF5JWERG.js} +5 -10
  127. package/dist/chunk-NF5JWERG.js.map +1 -0
  128. package/dist/{chunk-DO7C2TOG.js → chunk-PKHL44ER.js} +3 -3
  129. package/dist/{chunk-DO7C2TOG.js.map → chunk-PKHL44ER.js.map} +1 -1
  130. package/dist/{chunk-6CME4UEK.js → chunk-PSHOXR6C.js} +7008 -4827
  131. package/dist/chunk-PSHOXR6C.js.map +1 -0
  132. package/dist/chunk-PSMV73A5.js +117 -0
  133. package/dist/chunk-PSMV73A5.js.map +1 -0
  134. package/dist/chunk-PY4KJPYU.js +9 -0
  135. package/dist/chunk-PY4KJPYU.js.map +1 -0
  136. package/dist/chunk-PZ5AY32C.js +10 -0
  137. package/dist/{chunk-DE6GKS6G.js → chunk-Q7SS3IME.js} +50 -9
  138. package/dist/chunk-Q7SS3IME.js.map +1 -0
  139. package/dist/chunk-QHJW5EXU.js +54 -0
  140. package/dist/chunk-QHJW5EXU.js.map +1 -0
  141. package/dist/chunk-QZISFCVG.js +233 -0
  142. package/dist/chunk-QZISFCVG.js.map +1 -0
  143. package/dist/{chunk-NONAAENK.js → chunk-RUEKROOS.js} +11 -4
  144. package/dist/chunk-RUEKROOS.js.map +1 -0
  145. package/dist/chunk-RUIMKQTA.js +23 -0
  146. package/dist/chunk-RUIMKQTA.js.map +1 -0
  147. package/dist/{chunk-TFBP23BX.js → chunk-SKF73JOP.js} +66 -7
  148. package/dist/chunk-SKF73JOP.js.map +1 -0
  149. package/dist/chunk-SM3AVUHC.js +42 -0
  150. package/dist/chunk-SM3AVUHC.js.map +1 -0
  151. package/dist/{chunk-ML236QKC.js → chunk-SMXWYP24.js} +5 -5
  152. package/dist/chunk-SMXWYP24.js.map +1 -0
  153. package/dist/chunk-SRB2XEWB.js +148 -0
  154. package/dist/chunk-SRB2XEWB.js.map +1 -0
  155. package/dist/chunk-SVLR4POP.js +64 -0
  156. package/dist/chunk-SVLR4POP.js.map +1 -0
  157. package/dist/chunk-TA66UMI4.js +123 -0
  158. package/dist/chunk-TA66UMI4.js.map +1 -0
  159. package/dist/chunk-TEILUWOI.js +664 -0
  160. package/dist/chunk-TEILUWOI.js.map +1 -0
  161. package/dist/chunk-TJYQIGAP.js +82 -0
  162. package/dist/chunk-TJYQIGAP.js.map +1 -0
  163. package/dist/{chunk-H2X3ISXG.js → chunk-UAG5KWVA.js} +7 -7
  164. package/dist/chunk-UAG5KWVA.js.map +1 -0
  165. package/dist/chunk-UDRIWL7A.js +382 -0
  166. package/dist/chunk-UDRIWL7A.js.map +1 -0
  167. package/dist/{chunk-2GLDA55J.js → chunk-UIU2THRG.js} +498 -133
  168. package/dist/chunk-UIU2THRG.js.map +1 -0
  169. package/dist/{chunk-3YPCK6JX.js → chunk-UPJNJGGA.js} +165 -423
  170. package/dist/chunk-UPJNJGGA.js.map +1 -0
  171. package/dist/chunk-UV5MFVO3.js +21 -0
  172. package/dist/chunk-UV5MFVO3.js.map +1 -0
  173. package/dist/{chunk-2WUSG3IT.js → chunk-V7RWQRG7.js} +5 -5
  174. package/dist/chunk-V7RWQRG7.js.map +1 -0
  175. package/dist/{chunk-VTKGMEPP.js → chunk-VCTFO5CO.js} +13 -3
  176. package/dist/chunk-VCTFO5CO.js.map +1 -0
  177. package/dist/{chunk-5T22KDPN.js → chunk-VFQGRQIH.js} +8 -8
  178. package/dist/chunk-VFQGRQIH.js.map +1 -0
  179. package/dist/{chunk-2QR2PQTT.js → chunk-VQNJ7UZL.js} +5 -3
  180. package/dist/chunk-VQNJ7UZL.js.map +1 -0
  181. package/dist/{chunk-DONMZAD2.js → chunk-WWGT2MDV.js} +43 -165
  182. package/dist/chunk-WWGT2MDV.js.map +1 -0
  183. package/dist/{chunk-EMIGCR7X.js → chunk-WXSYDNBT.js} +2 -2
  184. package/dist/chunk-WXSYDNBT.js.map +1 -0
  185. package/dist/chunk-WYSO2NIH.js +30 -0
  186. package/dist/chunk-WYSO2NIH.js.map +1 -0
  187. package/dist/chunk-XXYIOFUB.js +164 -0
  188. package/dist/chunk-XXYIOFUB.js.map +1 -0
  189. package/dist/{chunk-3BFJOWSU.js → chunk-Y22T3KQE.js} +35 -7
  190. package/dist/chunk-Y22T3KQE.js.map +1 -0
  191. package/dist/{chunk-A3JMGXPG.js → chunk-YMUGBZN2.js} +2 -2
  192. package/dist/chunk-YMUGBZN2.js.map +1 -0
  193. package/dist/{chunk-I5FOWO4J.js → chunk-ZCGAHGUS.js} +52 -73
  194. package/dist/chunk-ZCGAHGUS.js.map +1 -0
  195. package/dist/{chunk-FZU343FL.js → chunk-ZJADGNYF.js} +2 -2
  196. package/dist/chunk-ZJADGNYF.js.map +1 -0
  197. package/dist/{chunk-B6PB7JLN.js → chunk-ZYUC53LT.js} +427 -6
  198. package/dist/chunk-ZYUC53LT.js.map +1 -0
  199. package/dist/collection-facade-GQAOGJP2.js +33 -0
  200. package/dist/consent/index.d.ts +5 -7
  201. package/dist/consent/index.js +7 -5
  202. package/dist/consent/index.js.map +1 -1
  203. package/dist/crdt/index.d.ts +6 -2
  204. package/dist/crdt/index.js +3 -2
  205. package/dist/crdt/index.js.map +1 -1
  206. package/dist/decrypt-partition-IHtxEnTi.d.ts +21 -0
  207. package/dist/delegation-UL5HKLER.js +19 -0
  208. package/dist/derivations/index.d.ts +7 -9
  209. package/dist/derivations/index.js +11 -6
  210. package/dist/describe/index.d.ts +1 -0
  211. package/dist/describe/index.js +1 -0
  212. package/dist/describe-Ccd1hS7a.d.ts +143 -0
  213. package/dist/{dev-unlock-B4kDxep_.d.ts → dev-unlock-h0K-UZTk.d.ts} +1 -1
  214. package/dist/discriminant-BN9REW3o.d.ts +60 -0
  215. package/dist/enclave-UL5LW66V.js +88 -0
  216. package/dist/executor-2FWQRLMG.js +15 -0
  217. package/dist/executor-QZ7BXICW.js +9 -0
  218. package/dist/executor-Z5ZLJVTV.js +9 -0
  219. package/dist/export-accessible-KRV5W4GH.js +17 -0
  220. package/dist/extract-partition-GLKBOXFQ.js +30 -0
  221. package/dist/{fanout-sidecar-OKPMMPLG.js → fanout-sidecar-GF3DJ6KR.js} +34 -14
  222. package/dist/fanout-sidecar-GF3DJ6KR.js.map +1 -0
  223. package/dist/forget/index.d.ts +36 -0
  224. package/dist/forget/index.js +19 -0
  225. package/dist/forget/index.js.map +1 -0
  226. package/dist/guards/index.d.ts +13 -9
  227. package/dist/guards/index.js +12 -5
  228. package/dist/{hash-DdpVypUp.d.cts → hash-CdSr06sm.d.ts} +5 -1
  229. package/dist/history/index.d.ts +6 -8
  230. package/dist/history/index.js +19 -12
  231. package/dist/history/index.js.map +1 -1
  232. package/dist/i18n/index.d.ts +5 -7
  233. package/dist/i18n/index.js +104 -15
  234. package/dist/i18n/index.js.map +1 -1
  235. package/dist/in/index.d.ts +5 -0
  236. package/dist/in/index.js +1 -0
  237. package/dist/in/index.js.map +1 -0
  238. package/dist/index-B9QdHytu.d.ts +123 -0
  239. package/dist/index-CGLLRtFc.d.ts +123 -0
  240. package/dist/{types-Df28QFKb.d.ts → index-_6At2_9_.d.ts} +16270 -8358
  241. package/dist/index.d.ts +1088 -450
  242. package/dist/index.js +1165 -293
  243. package/dist/index.js.map +1 -1
  244. package/dist/indexing/index.d.ts +6 -3
  245. package/dist/indexing/index.js +6 -5
  246. package/dist/indexing/index.js.map +1 -1
  247. package/dist/issue-Y6UVIR43.js +13 -0
  248. package/dist/issue-Y6UVIR43.js.map +1 -0
  249. package/dist/kernel/index.d.ts +32 -0
  250. package/dist/kernel/index.js +53 -0
  251. package/dist/kernel/index.js.map +1 -0
  252. package/dist/{ledger-TMRZYNVJ.js → ledger-RYI35CDS.js} +12 -9
  253. package/dist/ledger-RYI35CDS.js.map +1 -0
  254. package/dist/liberate-CRPZEV7O.js +18 -0
  255. package/dist/liberate-CRPZEV7O.js.map +1 -0
  256. package/dist/materialized-views/index.d.ts +6 -19
  257. package/dist/materialized-views/index.js +16 -12
  258. package/dist/mime-magic-B4RoFj3B.d.ts +103 -0
  259. package/dist/noydb-LDEBLNHY.js +50 -0
  260. package/dist/noydb-LDEBLNHY.js.map +1 -0
  261. package/dist/on/index.d.ts +5 -0
  262. package/dist/on/index.js +11 -0
  263. package/dist/on/index.js.map +1 -0
  264. package/dist/overlay-views/index.d.ts +27 -11
  265. package/dist/overlay-views/index.js +7 -6
  266. package/dist/periods/index.d.ts +5 -7
  267. package/dist/periods/index.js +13 -9
  268. package/dist/pod/index.d.ts +63 -0
  269. package/dist/pod/index.js +61 -0
  270. package/dist/pod/index.js.map +1 -0
  271. package/dist/policy-IXK4FVXP.js +41 -0
  272. package/dist/policy-IXK4FVXP.js.map +1 -0
  273. package/dist/portability/index.d.ts +20 -0
  274. package/dist/portability/index.js +43 -0
  275. package/dist/portability/index.js.map +1 -0
  276. package/dist/{public-envelope-BW6OXORV.js → public-envelope-JHDQCPSX.js} +6 -5
  277. package/dist/public-envelope-JHDQCPSX.js.map +1 -0
  278. package/dist/query/index.d.ts +5 -3
  279. package/dist/query/index.js +21 -13
  280. package/dist/read-only-facade-5ADRJVTM.js +8 -0
  281. package/dist/read-only-facade-5ADRJVTM.js.map +1 -0
  282. package/dist/registry-45RJNWGU.js +9 -0
  283. package/dist/registry-45RJNWGU.js.map +1 -0
  284. package/dist/registry-5GRV5VXI.js +13 -0
  285. package/dist/registry-5GRV5VXI.js.map +1 -0
  286. package/dist/registry-VW6P6A3J.js +8 -0
  287. package/dist/registry-VW6P6A3J.js.map +1 -0
  288. package/dist/registry-WEUCHBO4.js +11 -0
  289. package/dist/registry-WEUCHBO4.js.map +1 -0
  290. package/dist/request-withdrawal-GBPH2FDY.js +25 -0
  291. package/dist/request-withdrawal-GBPH2FDY.js.map +1 -0
  292. package/dist/revoke-TUFRGI6S.js +18 -0
  293. package/dist/revoke-TUFRGI6S.js.map +1 -0
  294. package/dist/sealed-record/index.d.ts +69 -0
  295. package/dist/sealed-record/index.js +65 -0
  296. package/dist/sealed-record/index.js.map +1 -0
  297. package/dist/session/index.d.ts +6 -8
  298. package/dist/session/index.js +7 -5
  299. package/dist/session/index.js.map +1 -1
  300. package/dist/shadow/index.d.ts +5 -7
  301. package/dist/shadow/index.js +4 -3
  302. package/dist/shadow/index.js.map +1 -1
  303. package/dist/{signer-72QAUSVW.js → signer-PNKTBVF7.js} +6 -5
  304. package/dist/signer-PNKTBVF7.js.map +1 -0
  305. package/dist/snapshots/index.d.ts +6 -8
  306. package/dist/snapshots/index.js +13 -11
  307. package/dist/snapshots/index.js.map +1 -1
  308. package/dist/{stale-6ZDBTQT7.js → stale-3JWHNDIY.js} +3 -2
  309. package/dist/stale-3JWHNDIY.js.map +1 -0
  310. package/dist/store-coordination-provider-3I7XWZZK.js +142 -0
  311. package/dist/store-coordination-provider-3I7XWZZK.js.map +1 -0
  312. package/dist/subject-index-O75wKshW.d.ts +362 -0
  313. package/dist/sync/index.d.ts +4 -6
  314. package/dist/sync/index.js +7 -6
  315. package/dist/sync/index.js.map +1 -1
  316. package/dist/team/index.d.ts +5 -7
  317. package/dist/team/index.js +20 -16
  318. package/dist/tiers/index.d.ts +5 -0
  319. package/dist/tiers/index.js +33 -0
  320. package/dist/tiers/index.js.map +1 -0
  321. package/dist/to/index.d.ts +5 -0
  322. package/dist/to/index.js +17 -0
  323. package/dist/to/index.js.map +1 -0
  324. package/dist/transition-guard-DqodPNKw.d.ts +165 -0
  325. package/dist/tx/index.d.ts +23 -9
  326. package/dist/tx/index.js +13 -8
  327. package/dist/tx/index.js.map +1 -1
  328. package/dist/ui/index.d.ts +1 -0
  329. package/dist/ui/index.js +1 -0
  330. package/dist/ui/index.js.map +1 -0
  331. package/dist/ulid-DRH25k3y.d.ts +66 -0
  332. package/dist/ulid-PTAIMDG4.js +10 -0
  333. package/dist/ulid-PTAIMDG4.js.map +1 -0
  334. package/dist/util/index.d.ts +2 -0
  335. package/dist/util/index.js +7 -2
  336. package/dist/util/index.js.map +1 -1
  337. package/dist/vault-diff-BtpiBvic.d.ts +147 -0
  338. package/dist/with/index.d.ts +38 -0
  339. package/dist/with/index.js +25 -0
  340. package/dist/with/index.js.map +1 -0
  341. package/dist/{with-materialized-view-BLkQxoQN.d.ts → with-materialized-view-DMmWtYfJ.d.ts} +1 -1
  342. package/dist/{with-overlayed-view-CRsSEwHR.d.ts → with-overlayed-view-D_IB2nkM.d.ts} +2 -3
  343. package/dist/with-rollup-em2wxoHP.d.ts +47 -0
  344. package/dist/withdraw-accessible-FFS46EOD.js +22 -0
  345. package/dist/withdraw-accessible-FFS46EOD.js.map +1 -0
  346. package/dist/zod-HAJM7LMS.js +14763 -0
  347. package/dist/zod-HAJM7LMS.js.map +1 -0
  348. package/package.json +121 -201
  349. package/dist/aggregate/index.cjs.map +0 -1
  350. package/dist/aggregate/index.d.cts +0 -38
  351. package/dist/attestation/index.cjs +0 -305
  352. package/dist/attestation/index.cjs.map +0 -1
  353. package/dist/attestation/index.d.cts +0 -52
  354. package/dist/blobs/index.cjs +0 -1480
  355. package/dist/blobs/index.cjs.map +0 -1
  356. package/dist/blobs/index.d.cts +0 -46
  357. package/dist/bundle/index.cjs +0 -19264
  358. package/dist/bundle/index.cjs.map +0 -1
  359. package/dist/bundle/index.d.cts +0 -176
  360. package/dist/chunk-22DWZL57.js.map +0 -1
  361. package/dist/chunk-2GLDA55J.js.map +0 -1
  362. package/dist/chunk-2QR2PQTT.js.map +0 -1
  363. package/dist/chunk-2WUSG3IT.js.map +0 -1
  364. package/dist/chunk-3BFJOWSU.js.map +0 -1
  365. package/dist/chunk-3YPCK6JX.js.map +0 -1
  366. package/dist/chunk-53XBRIRT.js.map +0 -1
  367. package/dist/chunk-5T22KDPN.js.map +0 -1
  368. package/dist/chunk-5XHKQ56N.js +0 -340
  369. package/dist/chunk-5XHKQ56N.js.map +0 -1
  370. package/dist/chunk-6CME4UEK.js.map +0 -1
  371. package/dist/chunk-6STK5TQP.js +0 -139
  372. package/dist/chunk-6STK5TQP.js.map +0 -1
  373. package/dist/chunk-A3JMGXPG.js.map +0 -1
  374. package/dist/chunk-B6PB7JLN.js.map +0 -1
  375. package/dist/chunk-BVRYKATC.js.map +0 -1
  376. package/dist/chunk-DE6GKS6G.js.map +0 -1
  377. package/dist/chunk-DFMLEQZB.js.map +0 -1
  378. package/dist/chunk-DJHHA6XH.js.map +0 -1
  379. package/dist/chunk-DL3HWOQ5.js.map +0 -1
  380. package/dist/chunk-DONMZAD2.js.map +0 -1
  381. package/dist/chunk-EMIGCR7X.js.map +0 -1
  382. package/dist/chunk-F3GDRNUT.js.map +0 -1
  383. package/dist/chunk-FZU343FL.js.map +0 -1
  384. package/dist/chunk-H2X3ISXG.js.map +0 -1
  385. package/dist/chunk-HNRHLRDC.js.map +0 -1
  386. package/dist/chunk-I5FOWO4J.js.map +0 -1
  387. package/dist/chunk-J66GRPNH.js.map +0 -1
  388. package/dist/chunk-JWRVQKRZ.js.map +0 -1
  389. package/dist/chunk-K3DK3NU5.js.map +0 -1
  390. package/dist/chunk-ML236QKC.js.map +0 -1
  391. package/dist/chunk-NONAAENK.js.map +0 -1
  392. package/dist/chunk-O3VZPBZG.js.map +0 -1
  393. package/dist/chunk-OIF6LZUR.js.map +0 -1
  394. package/dist/chunk-OQ6PIGHA.js +0 -19
  395. package/dist/chunk-OQ6PIGHA.js.map +0 -1
  396. package/dist/chunk-PE2FR4J3.js.map +0 -1
  397. package/dist/chunk-PP6W64Y3.js +0 -275
  398. package/dist/chunk-PP6W64Y3.js.map +0 -1
  399. package/dist/chunk-PX35GA7L.js.map +0 -1
  400. package/dist/chunk-QEILDE6R.js +0 -793
  401. package/dist/chunk-QEILDE6R.js.map +0 -1
  402. package/dist/chunk-QODLLGQ7.js.map +0 -1
  403. package/dist/chunk-RAZ4OVLL.js +0 -51
  404. package/dist/chunk-RAZ4OVLL.js.map +0 -1
  405. package/dist/chunk-SYMWGEET.js.map +0 -1
  406. package/dist/chunk-T7JEBOGN.js.map +0 -1
  407. package/dist/chunk-TFBP23BX.js.map +0 -1
  408. package/dist/chunk-TV3YZ35S.js +0 -90
  409. package/dist/chunk-TV3YZ35S.js.map +0 -1
  410. package/dist/chunk-U26HQ6KJ.js.map +0 -1
  411. package/dist/chunk-UF3BUNQZ.js +0 -1
  412. package/dist/chunk-UMLVJTYV.js +0 -20
  413. package/dist/chunk-UMLVJTYV.js.map +0 -1
  414. package/dist/chunk-VTKGMEPP.js.map +0 -1
  415. package/dist/chunk-W6EQLGMB.js +0 -100
  416. package/dist/chunk-W6EQLGMB.js.map +0 -1
  417. package/dist/chunk-WIRRPTFH.js +0 -17
  418. package/dist/chunk-WIRRPTFH.js.map +0 -1
  419. package/dist/chunk-WPLVTJ5D.js.map +0 -1
  420. package/dist/chunk-XJFLDA7A.js.map +0 -1
  421. package/dist/chunk-Z6FNBOTC.js.map +0 -1
  422. package/dist/chunk-ZYWZWG6G.js.map +0 -1
  423. package/dist/consent/index.cjs +0 -204
  424. package/dist/consent/index.cjs.map +0 -1
  425. package/dist/consent/index.d.cts +0 -25
  426. package/dist/crdt/index.cjs +0 -152
  427. package/dist/crdt/index.cjs.map +0 -1
  428. package/dist/crdt/index.d.cts +0 -30
  429. package/dist/crypto-HTZ4FJOP.js +0 -44
  430. package/dist/delegation-RI54P6I5.js +0 -17
  431. package/dist/derivations/index.cjs +0 -351
  432. package/dist/derivations/index.cjs.map +0 -1
  433. package/dist/derivations/index.d.cts +0 -72
  434. package/dist/dev-unlock-BIoEFbwm.d.cts +0 -263
  435. package/dist/executor-5PNY7LGW.js +0 -8
  436. package/dist/executor-B4QIYGZX.js +0 -8
  437. package/dist/executor-BWXXDQ7K.js +0 -11
  438. package/dist/fanout-sidecar-OKPMMPLG.js.map +0 -1
  439. package/dist/guards/index.cjs +0 -322
  440. package/dist/guards/index.cjs.map +0 -1
  441. package/dist/guards/index.d.cts +0 -31
  442. package/dist/hash-HJqD14vS.d.ts +0 -63
  443. package/dist/history/index.cjs +0 -1222
  444. package/dist/history/index.cjs.map +0 -1
  445. package/dist/history/index.d.cts +0 -63
  446. package/dist/i18n/index.cjs +0 -1100
  447. package/dist/i18n/index.cjs.map +0 -1
  448. package/dist/i18n/index.d.cts +0 -39
  449. package/dist/index-4fBVt8j9.d.cts +0 -2387
  450. package/dist/index-D8I_pyJD.d.ts +0 -2387
  451. package/dist/index.cjs +0 -24487
  452. package/dist/index.cjs.map +0 -1
  453. package/dist/index.d.cts +0 -776
  454. package/dist/indexing/index.cjs +0 -742
  455. package/dist/indexing/index.cjs.map +0 -1
  456. package/dist/indexing/index.d.cts +0 -36
  457. package/dist/issue-VGDPP4B5.js +0 -12
  458. package/dist/lazy-builder-7tIpFyWN.d.ts +0 -304
  459. package/dist/lazy-builder-wY4pMCEe.d.cts +0 -304
  460. package/dist/materialized-views/index.cjs +0 -854
  461. package/dist/materialized-views/index.cjs.map +0 -1
  462. package/dist/materialized-views/index.d.cts +0 -186
  463. package/dist/mime-magic-CBBSOkjm.d.cts +0 -50
  464. package/dist/mime-magic-CBBSOkjm.d.ts +0 -50
  465. package/dist/noydb-G725ZSZG.js +0 -34
  466. package/dist/overlay-views/index.cjs +0 -359
  467. package/dist/overlay-views/index.cjs.map +0 -1
  468. package/dist/overlay-views/index.d.cts +0 -82
  469. package/dist/periods/index.cjs +0 -1041
  470. package/dist/periods/index.cjs.map +0 -1
  471. package/dist/periods/index.d.cts +0 -22
  472. package/dist/predicate-BSAGEyu5.d.cts +0 -209
  473. package/dist/predicate-BSAGEyu5.d.ts +0 -209
  474. package/dist/query/index.cjs +0 -2375
  475. package/dist/query/index.cjs.map +0 -1
  476. package/dist/query/index.d.cts +0 -3
  477. package/dist/read-only-facade-ITU6L7BL.js +0 -7
  478. package/dist/registry-3QP3YKQS.js +0 -8
  479. package/dist/registry-DKEXOJVO.js +0 -7
  480. package/dist/registry-OJIOSBV6.js +0 -10
  481. package/dist/registry-USRVT6YF.js +0 -8
  482. package/dist/revoke-JCC7N56X.js +0 -17
  483. package/dist/session/index.cjs +0 -495
  484. package/dist/session/index.cjs.map +0 -1
  485. package/dist/session/index.d.cts +0 -46
  486. package/dist/shadow/index.cjs +0 -133
  487. package/dist/shadow/index.cjs.map +0 -1
  488. package/dist/shadow/index.d.cts +0 -17
  489. package/dist/snapshots/index.cjs +0 -937
  490. package/dist/snapshots/index.cjs.map +0 -1
  491. package/dist/snapshots/index.d.cts +0 -28
  492. package/dist/store/index.cjs +0 -1083
  493. package/dist/store/index.cjs.map +0 -1
  494. package/dist/store/index.d.cts +0 -492
  495. package/dist/store/index.d.ts +0 -492
  496. package/dist/store/index.js +0 -37
  497. package/dist/strategy-BSxFXGzb.d.cts +0 -110
  498. package/dist/strategy-BSxFXGzb.d.ts +0 -110
  499. package/dist/strategy-DSTrsZ8t.d.cts +0 -601
  500. package/dist/strategy-DSTrsZ8t.d.ts +0 -601
  501. package/dist/sync/index.cjs +0 -1062
  502. package/dist/sync/index.cjs.map +0 -1
  503. package/dist/sync/index.d.cts +0 -43
  504. package/dist/team/index.cjs +0 -2798
  505. package/dist/team/index.cjs.map +0 -1
  506. package/dist/team/index.d.cts +0 -118
  507. package/dist/tx/index.cjs +0 -544
  508. package/dist/tx/index.cjs.map +0 -1
  509. package/dist/tx/index.d.cts +0 -21
  510. package/dist/types-DyXYr8rE.d.cts +0 -12818
  511. package/dist/ulid-COREQ2RQ.js +0 -9
  512. package/dist/ulid-Drr7ykr6.d.cts +0 -603
  513. package/dist/util/index.cjs +0 -230
  514. package/dist/util/index.cjs.map +0 -1
  515. package/dist/util/index.d.cts +0 -77
  516. package/dist/with-derivation-DFnFByiQ.d.ts +0 -13
  517. package/dist/with-derivation-DU3Sjazm.d.cts +0 -13
  518. package/dist/with-guard-ByyxmEe7.d.cts +0 -18
  519. package/dist/with-guard-qube6BMI.d.ts +0 -18
  520. package/dist/with-materialized-view-BmEToIR1.d.cts +0 -27
  521. package/dist/with-overlayed-view-BMsQQbWm.d.cts +0 -13
  522. /package/dist/{store → adapter}/index.js.map +0 -0
  523. /package/dist/{chunk-UF3BUNQZ.js.map → api-RW3KP7WU.js.map} +0 -0
  524. /package/dist/{crypto-HTZ4FJOP.js.map → as/index.js.map} +0 -0
  525. /package/dist/{delegation-RI54P6I5.js.map → at/index.js.map} +0 -0
  526. /package/dist/{executor-5PNY7LGW.js.map → by/index.js.map} +0 -0
  527. /package/dist/{executor-B4QIYGZX.js.map → cargo/index.js.map} +0 -0
  528. /package/dist/{executor-BWXXDQ7K.js.map → chunk-BGIZAFY7.js.map} +0 -0
  529. /package/dist/{issue-VGDPP4B5.js.map → chunk-CHFZDSE4.js.map} +0 -0
  530. /package/dist/{ledger-TMRZYNVJ.js.map → chunk-GHVIKOHT.js.map} +0 -0
  531. /package/dist/{noydb-G725ZSZG.js.map → chunk-K2WCO3NX.js.map} +0 -0
  532. /package/dist/{public-envelope-BW6OXORV.js.map → chunk-PZ5AY32C.js.map} +0 -0
  533. /package/dist/{read-only-facade-ITU6L7BL.js.map → collection-facade-GQAOGJP2.js.map} +0 -0
  534. /package/dist/{registry-3QP3YKQS.js.map → delegation-UL5HKLER.js.map} +0 -0
  535. /package/dist/{registry-DKEXOJVO.js.map → describe/index.js.map} +0 -0
  536. /package/dist/{registry-OJIOSBV6.js.map → enclave-UL5LW66V.js.map} +0 -0
  537. /package/dist/{registry-USRVT6YF.js.map → executor-2FWQRLMG.js.map} +0 -0
  538. /package/dist/{revoke-JCC7N56X.js.map → executor-QZ7BXICW.js.map} +0 -0
  539. /package/dist/{signer-72QAUSVW.js.map → executor-Z5ZLJVTV.js.map} +0 -0
  540. /package/dist/{stale-6ZDBTQT7.js.map → export-accessible-KRV5W4GH.js.map} +0 -0
  541. /package/dist/{ulid-COREQ2RQ.js.map → extract-partition-GLKBOXFQ.js.map} +0 -0
package/dist/index.d.cts DELETED
@@ -1,776 +0,0 @@
1
- import { b3 as NoydbStore, bF as UserEnvelope, br as PublicEnvelope, bG as GateName, bH as GatePolicy, bI as VaultPolicy, bJ as ActiveTier, bK as FactorProof, bL as SchemaUpdateStrategy, bM as TransformFn, bN as PersistedSchemaEnvelope, bO as UpdateDecision, bP as DirectoryConfig, bQ as UserVisibility, b1 as UnlockedKeyring, bw as Vault, ba as DiffEntry } from './types-DyXYr8rE.cjs';
2
- export { bR as AccessibleVault, bS as AffectedDocument, b7 as AppendInput, aP as ArrayOutputSpec, z as BLOB_CHUNKS_COLLECTION, A as BLOB_COLLECTION, E as BLOB_INDEX_COLLECTION, F as BLOB_SLOTS_PREFIX, G as BLOB_VERSIONS_PREFIX, bT as BUNDLE_STORE_POLICY, M as BlobObject, N as BlobPutOptions, Q as BlobResponseOptions, T as BlobSet, bU as BuiltInGateName, bt as BundleRecipient, a9 as CONSENT_AUDIT_COLLECTION, bV as CacheOptions, bW as CacheStats, bX as ChangeEvent, b8 as ChangeType, ai as ClosePeriodOptions, aY as Collection, bY as CollectionChangeEvent, bZ as CollectionConflictResolver, b_ as CollectionDescriptor, az as CollectionFrame, b9 as CollectionInstant, b$ as CollectionStats, c0 as Conflict, c1 as ConflictPolicy, c2 as ConflictStrategy, aa as ConsentAuditEntry, ab as ConsentAuditFilter, ac as ConsentContext, ad as ConsentOp, c3 as CrossTierAccessEvent, Y as DEFAULT_CHUNK_SIZE, c4 as DEFAULT_PUBLIC_ENVELOPE_SCHEMA, c5 as DELEGATIONS_COLLECTION, D as DICT_COLLECTION_PREFIX, c6 as DeepPartial, c7 as DeepPartialOrNull, c8 as DelegationToken, c9 as DeleteManyResult, ca as DerivationDescriptor, aN as DerivationStrategy, aR as DerivationStrategyHandle, aS as DerivedFromMeta, a as DictEntry, b as DictKeyDescriptor, c as DictionaryHandle, d as DictionaryOptions, cb as DirtyEntry, cc as DryRunResult, cd as DumpSchemaOptions, ce as ELEVATION_AUDIT_COLLECTION, cf as ElevatedHandle, b5 as EncryptedEnvelope, cg as EnrollAuthenticatorOptions, ch as EnrollAuthenticatorWrappingDEKsOptions, ci as EnrollAuthenticatorWrappingKEKOptions, cj as EnrollRecoveryResult, ck as ExportCapability, cl as ExportChunk, cm as ExportFormat, cn as ExportStreamOptions, co as FactorKind, cp as FactorProofBundle, cq as FactorRequirement, cr as FenceDoc, cs as FenceState, ct as FieldChange, cu as FieldDescriptor, cv as FieldSource, cw as GhostRecord, cx as GrantOptions, at as GuardChange, au as GuardContext, as as GuardStrategy, aw as GuardStrategyHandle, cy as GuardViolation, cz as HistoryConfig, cA as HistoryEntry, b4 as HistoryOptions, e as I18nMap, f as I18nTextDescriptor, g as I18nTextOptions, cB as INDEXED_STORE_POLICY, cC as ImportCapability, cD as InferOutput, cE as InternalCollectionStats, cF as IssueDelegationOptions, cG as IssueMagicLinkGrantOptions, bb as JsonPatch, bc as JsonPatchOp, cH as KeyringAuthenticator, cI as KeyringAuthenticatorWrappingDEKs, cJ as KeyringAuthenticatorWrappingKEK, cK as KeyringFile, L as Layer, bd as LedgerEntry, be as LedgerStore, cL as ListAccessibleVaultsOptions, cM as ListPageResult, cN as ListUsersOptions, cO as LiveUserEnvelope, cP as LocaleReadOptions, cQ as Lru, cR as LruOptions, cS as LruStats, cT as MAGIC_LINK_CONTENT_INFO_PREFIX, cU as MAGIC_LINK_GRANTS_COLLECTION, cV as MAGIC_LINK_KEK_INFO_PREFIX, cW as MagicLinkGrantPayload, cX as MagicLinkGrantRecord, bC as MaterializedFromMeta, cY as MaterializedViewDescriptor, bD as MaterializedViewOutput, aV as MaterializedViewStrategy, aW as MaterializedViewStrategyHandle, cZ as MemoryRecipientSealer, c_ as MemorySealingKeyProvider, c$ as NOYDB_BACKUP_VERSION, d0 as NOYDB_FORMAT_VERSION, d1 as NOYDB_KEYRING_VERSION, d2 as NOYDB_SYNC_VERSION, d3 as Noydb, aB as NoydbBundleStore, d4 as NoydbEventMap, d5 as NoydbOptions, O as OnMissing, h as OnMissingPolicy, aj as OpenPeriodOptions, aT as OutputSpec, d6 as OverlayViewDescriptor, aX as OverlayedViewStrategy, a_ as OverlayedViewStrategyHandle, ak as PERIODS_COLLECTION, d7 as PUBLIC_ENVELOPE_FIELDS, d8 as PaperRecoveryDoc, d9 as PaperRecoveryEntry, da as PassphrasePolicy, db as PassphraseValidationResult, al as PeriodRecord, dc as Permission, dd as Permissions, de as PersistedSchemaKind, df as PlaintextTranslatorContext, dg as PlaintextTranslatorFn, P as PolicyEnforcer, dh as PresenceHandle, di as PresencePeer, b6 as PruneOptions, dj as PublicEnvelopeField, dk as PublicEnvelopeSchema, dl as PublicEnvelopeText, dm as PullMode, dn as PullOptions, dp as PullPolicy, dq as PullResult, dr as PushMode, ds as PushOptions, dt as PushPolicy, du as PushResult, dv as PutManyItemOptions, dw as PutManyOptions, dx as PutManyResult, dy as QueryAcrossOptions, dz as QueryAcrossResult, dA as QuickUnlockState, dB as QuickUnlockStore, dC as ReAuthOperation, bv as RecipientHint, bu as RecipientSealer, aU as RecordOutputSpec, dD as RecoverPassphraseInput, dE as RecoverPassphraseResult, dF as RecoverUserOptions, dG as RecoveryProof, R as ResolveI18nOptions, dH as ResolvedPublicEnvelopeSchema, aC as RetentionPolicy, dI as RevokeOptions, b0 as Role, dJ as RotatePassphraseInput, dK as RotateRecoveryOptions, dL as RotateRecoveryResult, dM as SEALED_PASSPHRASE_RECORD_ID, dN as SchemaDelta, dO as SchemaIntrospection, S as ScriptWarning, dP as SealedEnvelope, dQ as SealedPassphrase, bs as SealingKeyProvider, dR as SessionPolicy, dS as SetPublicEnvelopeInput, dT as ShamirRecoveryDoc, dU as ShamirRecoveryEntry, by as ShamirRecoveryProvider, a3 as SlotInfo, a4 as SlotRecord, dV as SlotRewrapCeremony, dW as SlotRewrapContext, aF as SnapshotMeta, dX as StandardSchemaV1, dY as StandardSchemaV1Issue, dZ as StandardSchemaV1SyncResult, d_ as StoreAuth, d$ as StoreAuthKind, e0 as StoreCapabilities, e1 as SyncEngine, e2 as SyncMetadata, e3 as SyncPolicy, e4 as SyncScheduler, e5 as SyncSchedulerStatus, e6 as SyncStatus, e7 as SyncTarget, e8 as SyncTargetRole, e9 as SyncTransaction, ea as SyncTransactionResult, eb as TabChannel, ec as TabCoordinationOptions, ed as TabLockManager, ee as TabPresence, ef as TabRole, eg as TierMode, eh as TranslatorAuditEntry, aJ as TxCollection, aK as TxContext, ei as TxOp, aL as TxVault, ej as USER_ENVELOPE_COLLECTION, ek as USER_ENVELOPE_MAX_BYTES, bE as UnionSource, el as Unsubscribe, em as UpdateAuthenticatorOptions, en as UpdateContext, eo as UpdateUserOptions, ep as UserApi, eq as UserEnvelopeCheckGate, er as UserEnvelopeOversizedError, es as UserEnvelopePresented, et as UserInfo, eu as VaultBackup, bf as VaultEngine, aA as VaultFrame, bg as VaultInstant, ev as VaultPolicyOnDisk, ew as VaultSchemaSnapshot, ex as VaultSnapshot, bh as VerifyResult, a5 as VersionRecord, ey as WarningRules, ez as WeakPassphraseError, eA as WeakPassphraseReason, eB as WrappedDeksBlob, eC as WriteConflict, eD as WriteEvent, eE as WriteHook, eF as WriteQueue, i as applyI18nLocale, bi as applyPatch, eG as assertStrongPassphrase, eH as buildRecipientKeyringFile, eI as burnPaperRecoveryEntry, bj as canonicalJson, bk as computePatch, x as createEnforcer, eJ as createNoydb, eK as createStore, eL as deriveMagicLinkContentKey, j as dictCollectionName, k as dictKey, bl as diff, l as enforceScript, eM as enrollAuthenticator, eN as estimateEntropy, eO as evaluateExportCapability, eP as evaluateImportCapability, eQ as findAuthenticator, bm as formatDiff, eR as hasExportCapability, eS as hasImportCapability, eT as hasRecoveryEnrolled, bn as hashEntry, n as i18nText, o as inferScripts, p as isDictCollectionName, q as isDictKeyDescriptor, r as isI18nTextDescriptor, eU as isMagicLinkGrantExpired, eV as isPublicEnvelope, eW as issueDelegation, eX as keyringRecoverPassphrase, eY as keyringRotatePassphrase, eZ as listMagicLinkGrants, e_ as listUsers, e$ as listUsersWithEnvelopes, f0 as loadActiveDelegations, f1 as loadPaperRecoveryEntries, f2 as loadSealedPassphrase, f3 as loadShamirRecoveryEntries, f4 as magicLinkGrantRecordId, f5 as mintPaperRecoveryEntry, f6 as mintShamirRecoveryEntry, f7 as mintWrappedDeksBlob, bo as paddedIndex, bp as parseIndex, f8 as parseSealedEnvelope, f9 as readMagicLinkGrantRecord, fa as recoverUser, fb as removeAuthenticator, s as resolveI18nText, t as resolvePolicy, fc as resolvePublicEnvelopeSchema, fd as revokeDelegation, fe as revokeMagicLinkGrant, aM as runTransaction, ff as savePaperRecoveryEntries, fg as saveSealedPassphrase, fh as saveShamirRecoveryEntries, bq as sha256Hex, fi as unwrapDeksFromBlob, fj as unwrapDeksFromPaperEntry, fk as unwrapDeksFromShamirEntry, fl as unwrapMagicLinkGrant, v as validateI18nTextValue, fm as validatePassphrase, fn as validatePublicEnvelopeInput, fo as validateSchemaInput, fp as validateSchemaOutput, y as validateSessionPolicy, fq as writeMagicLinkGrant } from './types-DyXYr8rE.cjs';
3
- export { d as detectMagic, a as detectMimeType, i as isPreCompressed } from './mime-magic-CBBSOkjm.cjs';
4
- export { AgeRoute, BlobLifecyclePolicy, BlobStoreRoute, CircuitBreakerOptions, HealthCheckOptions, LogLevel, LoggingOptions, MetricsOptions, OverrideOptions, OverrideTarget, RetryOptions, RouteStatus, RouteStoreOptions, RoutedNoydbStore, StoreCacheOptions, StoreMiddleware, StoreOperation, SuspendOptions, WrapBundleStoreOptions, WrappedBundleNoydbStore, createBundleStore, routeStore, withCache, withCircuitBreaker, withHealthCheck, withLogging, withMetrics, withRetry, wrapBundleStore, wrapStore } from './store/index.cjs';
5
- import { N as NoydbError } from './index-4fBVt8j9.cjs';
6
- export { z as AlreadyElevatedError, A as AmendmentForbiddenError, o as AttestationError, B as BackupCorruptedError, q as BackupLedgerError, r as BundleIntegrityError, s as BundleSealMismatchError, t as BundleVersionConflictError, C as ConflictError, E as CrossJoinSourceUnknownError, G as CrossJoinTooLargeError, H as DEFAULT_CROSS_JOIN_MAX_ROWS, J as DEFAULT_JOIN_MAX_ROWS, K as DanglingReferenceError, U as DecryptionError, V as DelegationTargetMissingError, g as DerivationCapExceededError, h as DerivationCycleError, i as DerivationDepthError, j as DerivationOutputShapeError, k as DerivationOutputUnknownError, D as DictKeyInUseError, a as DictKeyMissingError, W as DirectoryDisabledError, X as ElevationExpiredError, Y as ExportCapabilityError, F as FieldFrozenError, Z as FilenameSanitizationError, _ as GroupCardinalityError, $ as ImportCapabilityError, a0 as IndexRequiredError, a1 as IndexWriteFailureError, a2 as InvalidKeyError, I as InvariantError, a3 as JoinContext, a4 as JoinLeg, a5 as JoinStrategy, a6 as JoinTooLargeError, a7 as JoinableSource, a8 as KeyringCorruptError, a9 as KeyringExpiredError, aa as LedgerContentionError, ab as LiveQuery, ac as LiveUpstream, L as LocaleNotSpecifiedError, v as MaterializedViewConfigError, w as MaterializedViewCycleError, x as MaterializedViewSourceUnknownError, y as MaterializedViewTooLargeError, ad as MigrationRequiredError, M as MissingTranslationError, ae as NetworkError, af as NoAccessError, ag as NonAdditiveSchemaChangeError, ah as NotFoundError, ai as OrderBy, O as OverlayBaseIsVirtualError, l as OverlayCollectionUnavailableError, m as OverlayIdMismatchError, n as OverlayNameCollisionError, aj as PathEscapeError, ak as PeriodClosedError, al as PermissionDeniedError, am as PrivilegeEscalationError, Q as Query, an as QueryPlan, ao as QuerySource, ap as QuiesceTimeoutError, aq as ReadOnlyAtInstantError, ar as ReadOnlyError, as as ReadOnlyFrameError, e as RecordLockedError, at as RefDescriptor, au as RefIntegrityError, av as RefMode, aw as RefRegistry, ax as RefScopeError, ay as RefViolation, R as ReservedCollectionNameError, az as ScanBuilder, aA as ScanPageProvider, aB as SchemaFenceError, aC as SchemaLockedError, aD as SchemaUpdateError, aE as SchemaValidationError, S as ScriptViolationError, b as SessionExpiredError, c as SessionNotFoundError, d as SessionPolicyError, f as SnapshotNotFoundError, aF as StoreCapabilityError, aG as TamperedError, aH as TierDemoteDeniedError, aI as TierNotGrantedError, T as TranslatorNotConfiguredError, aJ as ValidationError, aK as applyJoins, aL as buildLiveQuery, aM as executePlan, aN as ref, aO as resetJoinWarnings } from './index-4fBVt8j9.cjs';
7
- export { A as AutoCredential, n as AutoCredentialKind, c as CompressionAlgo, N as NOYDB_BUNDLE_FORMAT_VERSION, e as NOYDB_BUNDLE_MAGIC, f as NOYDB_BUNDLE_PREFIX_BYTES, g as NoydbBundleHeader, h as NoydbBundleReadResult, R as ReadNoydbBundleOptions, W as WriteNoydbBundleOptions, j as generateULID, o as hasNoydbBundleMagic, k as isULID, r as readNoydbBundle, l as readNoydbBundleHeader, p as readNoydbBundlePublicEnvelope, m as resetBrotliSupportCache, w as writeNoydbBundle } from './ulid-Drr7ykr6.cjs';
8
- export { a as CrdtMode, b as CrdtState, L as LwwMapState, R as RgaState, Y as YjsState, m as mergeCrdtStates, r as resolveCrdtSnapshot } from './strategy-BSxFXGzb.cjs';
9
- export { w as withGuard } from './with-guard-ByyxmEe7.cjs';
10
- export { w as withDerivation } from './with-derivation-DU3Sjazm.cjs';
11
- export { w as withMaterializedView } from './with-materialized-view-BmEToIR1.cjs';
12
- export { a as Clause, C as CollectionIndexes, F as FieldClause, b as FilterClause, G as GroupClause, H as HashIndex, I as IndexDef, O as Operator, e as evaluateClause, c as evaluateFieldClause, r as readPath } from './predicate-BSAGEyu5.cjs';
13
- export { w as withOverlayedView } from './with-overlayed-view-BMsQQbWm.cjs';
14
- export { SYNC_CREDENTIALS_COLLECTION, SyncCredential, credentialStatus, deleteCredential, getCredential, listCredentials, putCredential } from './team/index.cjs';
15
- export { C as CreateSessionOptions, a as CreateSessionResult, D as DevUnlockOptions, S as SessionToken, b as activeSessionCount, c as clearDevUnlock, d as createSession, e as enableDevUnlock, i as isDevUnlockActive, f as isSessionAlive, l as loadDevUnlock, r as resolveSession, g as revokeAllSessions, h as revokeSession } from './dev-unlock-BIoEFbwm.cjs';
16
- export { a as AggregateResult, b as AggregateSpec, c as Aggregation, d as AggregationUpstream, G as GROUPBY_MAX_CARDINALITY, e as GROUPBY_WARN_CARDINALITY, f as GroupedAggregation, g as GroupedQuery, h as GroupedQueryN, i as GroupedRow, j as GroupedRowN, L as LiveAggregation, R as Reducer, k as ReducerOptions, l as avg, n as count, o as groupAndReduce, p as max, q as min, r as reduceRecords, t as sum } from './strategy-DSTrsZ8t.cjs';
17
- export { L as LEDGER_COLLECTION, a as LEDGER_DELTAS_COLLECTION, e as envelopePayloadHash } from './hash-DdpVypUp.cjs';
18
- import './lazy-builder-wY4pMCEe.cjs';
19
- import '@noy-db/attestation';
20
-
21
- /**
22
- * Persistence helpers for per-principal user envelopes stored at
23
- * `_users/<keyringId>` (logically: `_meta/user/<keyringId>`).
24
- *
25
- * Unlike `_meta/policy` and `_meta/handle` which are plaintext, user
26
- * envelopes carry user data and are encrypted with a dedicated
27
- * {@link USER_ENVELOPE_COLLECTION} DEK (provisioned at vault open and
28
- * propagated to every keyring via the system-collection DEK path in
29
- * `team/keyring.ts`).
30
- *
31
- * This module is the **storage primitive** layer. The public API
32
- * (`vault.user.*`) sits on top of this; permission gates, own-only
33
- * write enforcement, and presence-channel propagation live there.
34
- *
35
- * @see docs/superpowers/specs/2026-05-05-user-envelope-design.md
36
- *
37
- * @module
38
- */
39
-
40
- /**
41
- * Read and decrypt the user envelope for `keyringId`. Returns `null`
42
- * when no envelope has been persisted (either the principal has never
43
- * called `updateMe`, or the keyring predates this feature).
44
- *
45
- * Decryption errors propagate — a tampered or wrong-keyed envelope
46
- * surfaces as the underlying crypto error rather than masquerading as
47
- * "not found".
48
- */
49
- declare function loadUserEnvelope<T = unknown>(store: NoydbStore, vault: string, keyringId: string, dek: CryptoKey): Promise<UserEnvelope<T> | null>;
50
- /**
51
- * Encrypt and persist the user envelope for `keyringId`. The new
52
- * version is `(prior._v ?? 0) + 1`. Pass `expectedVersion` to enable
53
- * optimistic-concurrency checks: a mismatch with the stored version
54
- * throws {@link ConflictError} with the actual stored version.
55
- *
56
- * `expectedVersion: 0` means "expect no prior envelope"; the write
57
- * succeeds only if no envelope exists yet.
58
- *
59
- * Soft-caps the JSON-serialized payload at {@link USER_ENVELOPE_MAX_BYTES};
60
- * larger payloads throw {@link UserEnvelopeOversizedError}.
61
- */
62
- declare function saveUserEnvelope<T>(store: NoydbStore, vault: string, keyringId: string, payload: T, dek: CryptoKey, expectedVersion?: number): Promise<UserEnvelope<T>>;
63
- /**
64
- * Delete the user envelope for `keyringId`. Idempotent — no error if
65
- * the envelope is already absent. Called from the keyring revoke path
66
- * (cascade-delete) and is a no-op for keyrings that never wrote.
67
- */
68
- declare function deleteUserEnvelope(store: NoydbStore, vault: string, keyringId: string): Promise<void>;
69
- /**
70
- * List the keyring ids that have a user envelope persisted in `vault`.
71
- * Order is store-defined — callers that need a stable order should sort.
72
- */
73
- declare function listUserEnvelopeIds(store: NoydbStore, vault: string): Promise<string[]>;
74
-
75
- /**
76
- * Cache policy helpers — parse human-friendly byte budgets into raw numbers.
77
- *
78
- * Accepted shapes (case-insensitive on suffix):
79
- * number — interpreted as raw bytes
80
- * '1024' — string of digits, raw bytes
81
- * '50KB' — kilobytes (×1024)
82
- * '50MB' — megabytes (×1024²)
83
- * '1GB' — gigabytes (×1024³)
84
- *
85
- * Decimals are accepted (`'1.5GB'` → 1610612736 bytes).
86
- *
87
- * Anything else throws — better to fail loud at construction time than
88
- * to silently treat a typo as 0 bytes (which would evict everything).
89
- */
90
- /** Parse a byte budget into a positive integer number of bytes. */
91
- declare function parseBytes(input: number | string): number;
92
- /**
93
- * Estimate the in-memory byte size of a decrypted record.
94
- *
95
- * Uses `JSON.stringify().length` as a stand-in for actual heap usage.
96
- * It's a deliberate approximation: real V8 heap size includes pointer
97
- * overhead, hidden classes, and string interning that we can't measure
98
- * from JavaScript. The JSON length is a stable, monotonic proxy that
99
- * costs O(record size) per insert — fine when records are typically
100
- * < 1 KB and the cache eviction is the slow path anyway.
101
- *
102
- * Returns `0` (and the caller must treat it as 1 for accounting) if
103
- * stringification throws on circular references; this is documented
104
- * but in practice records always come from JSON-decoded envelopes.
105
- */
106
- declare function estimateRecordBytes(record: unknown): number;
107
-
108
- /**
109
- * Persistence helpers for `_meta/public-envelope`. Mirrors the
110
- * bypass-AES pattern used by `_meta/handle` and `_meta/policy` —
111
- * the document is plaintext JSON, the envelope's `_iv` field is
112
- * left empty.
113
- *
114
- * @module
115
- */
116
-
117
- /** Reserved id for the vault-level public envelope record. */
118
- declare const PUBLIC_ENVELOPE_RECORD_ID = "public-envelope";
119
- /**
120
- * Read the public envelope from `_meta/public-envelope`. Returns
121
- * `undefined` when no envelope has been persisted (fresh vault, or
122
- * a vault written before the feature was enabled). Tolerates
123
- * corrupted documents — a JSON parse failure surfaces as `undefined`,
124
- * not a thrown error, mirroring `_meta/handle`'s contract.
125
- */
126
- declare function loadPublicEnvelope(store: NoydbStore, vault: string): Promise<PublicEnvelope | undefined>;
127
- /** Persist the public envelope. Idempotent — overwrites any prior write. */
128
- declare function savePublicEnvelope(store: NoydbStore, vault: string, envelope: PublicEnvelope): Promise<void>;
129
- /**
130
- * Public, no-key reader. Plain function, not a method on `Noydb` —
131
- * the whole point is it works without an authenticated session, so
132
- * a UI can show "Acme 2026 Tax Records" before unlocking.
133
- *
134
- * Resolves any `name` / `description` locale map through the supplied
135
- * `locale` (when provided). Omitting `locale` returns the raw
136
- * envelope, which a multilingual picker can render as it pleases.
137
- */
138
- declare function readPublicEnvelope(store: NoydbStore, vault: string, opts?: {
139
- readonly locale?: string;
140
- }): Promise<PublicEnvelope | undefined>;
141
-
142
- /**
143
- * Why a gate denied a request. Stable across hub versions so consumers
144
- * can switch on the value in error UIs.
145
- */
146
- type PolicyDenyReason = 'insufficient-tier' | 'missing-factor' | 'stale-proof' | 'disabled' | 'shared-device-blocked';
147
- /**
148
- * Thrown by {@link checkGate} when the active session does not meet
149
- * the gate's requirements. Carries the gate name, the reason, and the
150
- * full required {@link GatePolicy} so error UIs can prompt the user
151
- * for the missing factor without re-reading the policy document.
152
- */
153
- declare class PolicyDeniedError extends NoydbError {
154
- readonly gate: GateName;
155
- readonly reason: PolicyDenyReason;
156
- readonly required: GatePolicy;
157
- constructor(gate: GateName, reason: PolicyDenyReason, required: GatePolicy, message?: string);
158
- }
159
- /**
160
- * Raised by `createNoydb({ ... })` when the developer omits a recovery
161
- * profile and `recover-passphrase` is not explicitly disabled. Vaults
162
- * MUST have at least one recovery path enrolled before being
163
- * production-ready (paper, shamir, multi-channel, or admin-mediated).
164
- *
165
- * The error message carries a pointer to the recovery design docs.
166
- */
167
- declare class RecoveryNotEnrolledError extends NoydbError {
168
- constructor(message?: string);
169
- }
170
- /**
171
- * Raised by `openVault` when a managed-passphrase-mode vault has no
172
- * STRONG recovery profile enrolled.
173
- *
174
- * Managed mode means the user never types a passphrase — the unlock
175
- * material lives in a `SealingKeyProvider` (`at-*` package). If that
176
- * provider's key is lost AND no strong recovery is enrolled, the
177
- * vault is irrecoverable. To prevent that footgun, managed-mode vaults
178
- * require at least one strong recovery profile (Shamir today;
179
- * multi-channel / admin-mediated when those ship).
180
- *
181
- * Paper recovery alone is NOT strong under managed mode: the user has
182
- * no memorized passphrase to fall back on, so losing the paper sheet =
183
- * losing every record permanently.
184
- *
185
- * Bootstrap with `db.openVaultAndEnrollRecovery(vault, { recovery: [{ profile: "shamir", k, n }] })`
186
- * to atomically create-and-enroll, or call `db.enrollRecovery(vault, { profile: "shamir", ... })`
187
- * separately before re-attempting `openVault`.
188
- */
189
- declare class ManagedRecoveryNotEnrolledError extends NoydbError {
190
- readonly vault: string;
191
- constructor(vault: string);
192
- }
193
- /**
194
- * Raised by `db.recoverPassphrase` / `db.enrollRecovery` /
195
- * `db.rotateRecovery` when the developer requests a recovery profile
196
- * not yet wired in this hub release.
197
- *
198
- * Implemented: `paper` and `shamir`.
199
- * Pending: `multi-channel` and `admin-mediated` (follow-up slices).
200
- *
201
- * The carried `profile` and `tracking` fields let consumers steer the
202
- * UI ("multi-channel recovery is not yet wired up — open issue #N to follow").
203
- */
204
- declare class RecoveryProfileNotImplementedError extends NoydbError {
205
- readonly profile: string;
206
- readonly tracking: string;
207
- constructor(profile: string, tracking: string);
208
- }
209
-
210
- /**
211
- * Default policy for personal vaults and SMB deployments — the gates
212
- * that need an off-device factor get one (TOTP / email-OTP / paper
213
- * recovery), the rest take a tier-1 unlock alone. Tier-3 (PIN) is the
214
- * floor only for `rotate-unlock` because that's the
215
- * "change my PIN" flow.
216
- *
217
- * The unspecified gates (e.g. `view-user-auth`) inherit the engine
218
- * default of `{ enabled: false, minTier: 1 }` — they fail closed.
219
- *
220
- * @see docs/subsystems/session-tiers.md → Built-in gates
221
- */
222
- declare const PERSONAL_POLICY: VaultPolicy;
223
- /**
224
- * Strict policy for regulated deployments and shared workstations —
225
- * raises the phrase floor to 8 words, demands two distinct factors for
226
- * exports, and blocks export-on-shared-device. Use as a base for
227
- * `policy: { ...STRICT_POLICY, gates: { ...STRICT_POLICY.gates, ... } }`
228
- * tweaks.
229
- */
230
- declare const STRICT_POLICY: VaultPolicy;
231
- /**
232
- * Merge a developer override onto a preset. Unspecified gates inherit;
233
- * specified gates fully replace the preset's entry for that gate.
234
- *
235
- * Example:
236
- *
237
- * ```ts
238
- * mergePolicy(PERSONAL_POLICY, {
239
- * gates: {
240
- * 'app:approve-large-payment': { minTier: 2, factors: [{ anyOf: ['totp'] }] },
241
- * },
242
- * })
243
- * // → PERSONAL_POLICY plus the new app gate; existing gates intact.
244
- * ```
245
- */
246
- declare function mergePolicy(base: VaultPolicy, override?: Partial<VaultPolicy>): VaultPolicy;
247
-
248
- /**
249
- * Policy gate engine — the {@link checkGate} entry point.
250
- *
251
- * Given a configured {@link VaultPolicy}, an active session tier, and
252
- * the factor proofs an actor is presenting, decide whether the gate
253
- * permits the action. On denial, throws {@link PolicyDeniedError} with
254
- * a stable {@link PolicyDenyReason} so consumers can branch in error
255
- * UIs.
256
- *
257
- * @see docs/subsystems/session-tiers.md → checkGate() API
258
- *
259
- * @module
260
- */
261
-
262
- /** Default freshness window — 5 minutes. */
263
- declare const DEFAULT_FRESHNESS_MS: number;
264
- /** Caller-supplied context for one `checkGate` invocation. */
265
- interface CheckGateContext {
266
- /** Tier the active session currently holds. */
267
- readonly activeTier: ActiveTier;
268
- /** Proofs the actor is presenting for this gate. */
269
- readonly factors?: ReadonlyArray<FactorProof>;
270
- /**
271
- * If the host knows the actor is on a shared device, set this to
272
- * `true` so the engine can apply `warn.sharedDevice` rules. Defaults
273
- * to `false`.
274
- */
275
- readonly sharedDevice?: boolean;
276
- /**
277
- * Override `now()` for tests. Defaults to `Date.now()`.
278
- * @internal
279
- */
280
- readonly now?: number;
281
- }
282
- /**
283
- * Decide whether `gate` permits the action under `context`. Throws
284
- * {@link PolicyDeniedError} on denial; resolves with `void` on success.
285
- *
286
- * Lookup rules:
287
- * - **Built-in gates** without a configured policy fail closed
288
- * (`enabled: false`).
289
- * - **App-defined gates** (`app:*`) without a configured policy are
290
- * treated as no-op (allow). The developer registered the policy if
291
- * they wanted enforcement; absence means the gate is informational.
292
- */
293
- declare function checkGate(policy: VaultPolicy, gate: GateName, context: CheckGateContext): Promise<void>;
294
- /**
295
- * Same as {@link checkGate} but returns a structured verdict instead
296
- * of throwing. Useful when an error UI wants to show the user
297
- * "you'll need TOTP plus a recovery code to do that" without first
298
- * triggering the action.
299
- */
300
- declare function describeGate(policy: VaultPolicy, gate: GateName, context: CheckGateContext): Promise<{
301
- ok: true;
302
- } | {
303
- ok: false;
304
- reason: PolicyDenyReason;
305
- required: GatePolicy;
306
- }>;
307
-
308
- /**
309
- * Persistence helpers for the vault-level policy document
310
- * (`_meta/policy`). Mirrors the bypass-AES pattern used by
311
- * `_meta/handle` — the policy document is plain JSON, the envelope's
312
- * `_iv` field is left empty.
313
- *
314
- * @see docs/subsystems/session-tiers.md → Storage location
315
- *
316
- * @module
317
- */
318
-
319
- /** Reserved collection name for vault-level metadata documents. */
320
- declare const META_COLLECTION = "_meta";
321
- /** Reserved id for the vault-level policy document. */
322
- declare const POLICY_RECORD_ID = "policy";
323
- /**
324
- * Read the vault-level policy from `_meta/policy`. Returns `undefined`
325
- * when no policy has been persisted (fresh vault, or a vault written
326
- * before the policy module landed). The caller falls back to the
327
- * default preset.
328
- *
329
- * Tolerates corrupted documents the same way `_meta/handle` does: a
330
- * JSON parse failure surfaces as `undefined`, not a thrown error, so
331
- * a bad write never permanently locks a vault.
332
- */
333
- declare function loadVaultPolicy(store: NoydbStore, vault: string): Promise<VaultPolicy | undefined>;
334
- /**
335
- * Persist the vault-level policy at `_meta/policy`. Idempotent — call
336
- * once at vault creation and again on `db.updatePolicy()` invocations.
337
- */
338
- declare function saveVaultPolicy(store: NoydbStore, vault: string, policy: VaultPolicy): Promise<void>;
339
-
340
- /** Allow any schema change. Explicit blind / back-compat. */
341
- declare function blindUpdate(): SchemaUpdateStrategy;
342
- /** Allow additive changes; reject non-additive ones. The safety backstop. */
343
- declare function additiveOnly(): SchemaUpdateStrategy;
344
- /**
345
- * Reject schema changes. With `fields`, reject only when one of those
346
- * fields is added/removed/changed; otherwise reject any non-`none` delta.
347
- */
348
- declare function lockSchema(opts?: {
349
- readonly fields?: readonly string[];
350
- }): SchemaUpdateStrategy;
351
-
352
- /** The coordinatedCutover update strategy (single-step — no from/to). */
353
-
354
- declare function coordinatedCutover(opts: {
355
- readonly transform: TransformFn;
356
- }): SchemaUpdateStrategy;
357
-
358
- /**
359
- * Derive a {@link PersistedSchemaEnvelope} from a Standard Schema v1
360
- * validator. v0 supports Zod via `zod-to-json-schema` (optional peer-dep);
361
- * other families write a stub envelope flagging the kind.
362
- *
363
- * @see docs/superpowers/specs/2026-05-22-schema-dump-design.md
364
- *
365
- * @module
366
- */
367
-
368
- /**
369
- * Heuristic Zod detection — Zod schemas carry a `_def.typeName` property
370
- * starting with `Zod` (e.g. `ZodObject`, `ZodString`). This survives Zod's
371
- * minor-version bumps because the typeName naming is stable across v3.
372
- */
373
- declare function isZodSchema(value: unknown): boolean;
374
- declare function derivePersistedSchema(validator: unknown): Promise<PersistedSchemaEnvelope>;
375
-
376
- /**
377
- * Read / write the per-collection persisted-schema envelope. Mirrors the
378
- * standard noy-db record envelope shape and is **AES-GCM encrypted with
379
- * the collection's DEK** — the schema body (field names, enum values,
380
- * constraints) is sensitive metadata, so it gets the same encryption
381
- * envelope as the records it describes.
382
- *
383
- * Storage layout:
384
- *
385
- * <vault>/_schemas/<collection> → EncryptedEnvelope
386
- *
387
- * The DEK passed to {@link savePersistedSchema} / {@link loadPersistedSchema}
388
- * is the same key the collection uses for its records.
389
- *
390
- * @module
391
- */
392
-
393
- /** Reserved collection name where persisted schemas live. */
394
- declare const SCHEMAS_COLLECTION: "_schemas";
395
- /**
396
- * Read and decrypt the persisted-schema envelope for one collection.
397
- * Returns `undefined` when no envelope has been written or when decryption
398
- * fails (e.g. wrong DEK passed). Tolerates corrupted records — JSON parse
399
- * failures surface as `undefined`, mirroring `_meta/handle`'s contract.
400
- */
401
- declare function loadPersistedSchema(store: NoydbStore, vault: string, collection: string, dek: CryptoKey): Promise<PersistedSchemaEnvelope | undefined>;
402
- /**
403
- * Encrypt and persist a schema envelope for one collection. Always
404
- * overwrites any prior write (callers gate on hash equality before calling
405
- * to avoid no-op writes).
406
- */
407
- declare function savePersistedSchema(store: NoydbStore, vault: string, collection: string, dek: CryptoKey, payload: PersistedSchemaEnvelope): Promise<void>;
408
-
409
- /**
410
- * Orchestrate the derive → hash → skip-or-write cycle for a collection's
411
- * persisted JSON Schema. Called by the Vault at collection-registration
412
- * time when the developer opts in via `collection({ persistJsonSchema:
413
- * true })`.
414
- *
415
- * Skip semantics:
416
- *
417
- * - Zod validators: skip when the new hash equals the stored hash.
418
- * - Non-Zod (stub envelopes have hash=null): skip when the stored
419
- * envelope's `kind` matches the freshly-detected kind (since there's
420
- * no body to compare yet — a kind change is the only signal).
421
- *
422
- * @module
423
- */
424
-
425
- interface PersistSchemaResult {
426
- /** True when a fresh envelope was written to storage. */
427
- readonly written: boolean;
428
- /** True when an existing envelope matched and the write was skipped. */
429
- readonly skipped: boolean;
430
- /** The envelope that was either written or matched. */
431
- readonly envelope: PersistedSchemaEnvelope;
432
- /** The update-strategy decision, present when strategies ran. */
433
- readonly decision?: UpdateDecision;
434
- }
435
- declare function persistSchemaIfNeeded(opts: {
436
- readonly store: NoydbStore;
437
- readonly vault: string;
438
- readonly collectionName: string;
439
- readonly validator: unknown;
440
- readonly dek: CryptoKey;
441
- readonly strategies?: readonly SchemaUpdateStrategy[];
442
- }): Promise<PersistSchemaResult>;
443
-
444
- /**
445
- * Authentication introspection.
446
- *
447
- * Three surfaces over the configured tier model and the actual
448
- * per-user enrollment state:
449
- *
450
- * 1. **Vault-wide English summary** — {@link describeAuthConfig}.
451
- * 2. **Vault-wide Mermaid diagram** — {@link diagramAuthConfig}.
452
- * 3. **Per-user introspection** — {@link describeUserAuth}, gated by
453
- * the `view-user-auth` policy gate (off by default).
454
- *
455
- * The per-user surface is held to a strict allowlist — fields not on
456
- * the allowlist are dropped, never rendered. The negative test in
457
- * `auth-introspection.test.ts` exercises the allowlist by feeding a
458
- * contrived keyring with fake "secret" fields and asserting that none
459
- * of them appear in the output.
460
- *
461
- * @module
462
- */
463
-
464
- /** Vault-wide English summary of the configured authentication graph. */
465
- declare function describeAuthConfig(store: NoydbStore, vault: string): Promise<string>;
466
- /**
467
- * Render the vault's auth graph as Mermaid `flowchart TB` source. The
468
- * caller pipes this through Mermaid (CLI or browser) to get an SVG.
469
- */
470
- declare function diagramAuthConfig(store: NoydbStore, vault: string): Promise<string>;
471
- /**
472
- * Render the per-user enrollment summary. Returns an empty
473
- * (non-throwing) string when the user has no keyring file — never
474
- * confirms or denies the existence of the user from the document
475
- * alone.
476
- *
477
- * Sanitization is strict: only the slot list, enrollment dates, and
478
- * recovery-profile counts are rendered. WebAuthn cred ids, OIDC
479
- * subject ids, password hashes, recovery codes, TOTP secrets — all
480
- * dropped at the allowlist boundary, not redacted.
481
- */
482
- declare function describeUserAuth(store: NoydbStore, vault: string, userId: string): Promise<string>;
483
- /** Bulk variant for owner dashboards. */
484
- declare function describeAllUsersAuth(store: NoydbStore, vault: string): Promise<Array<{
485
- userId: string;
486
- description: string;
487
- }>>;
488
-
489
- /**
490
- * Persistence helpers for the vault-level user-directory toggle
491
- * (`_meta/directory`). Mirrors the bypass-AES pattern used by
492
- * `_meta/policy` — the directory document is plain JSON, the
493
- * envelope's `_iv` field is left empty.
494
- *
495
- * @see docs/subsystems/user-envelope.md → Directory visibility
496
- * @see docs/subsystems/plaintext-bypass.md — every `_iv: ''` write site
497
- *
498
- * @module
499
- */
500
-
501
- /** Reserved id for the vault-level directory document. */
502
- declare const DIRECTORY_RECORD_ID = "directory";
503
- /**
504
- * Read the directory toggle from `_meta/directory`. Returns `undefined`
505
- * when no document has been persisted — callers treat that as the
506
- * default-on case (`{ enabled: true }`).
507
- *
508
- * Tolerates corrupted documents the same way `_meta/policy` does: a
509
- * JSON parse failure surfaces as `undefined`, not a thrown error, so a
510
- * bad write never permanently breaks team enumeration.
511
- */
512
- declare function readDirectoryConfig(store: NoydbStore, vault: string): Promise<DirectoryConfig | undefined>;
513
- /**
514
- * Persist the directory toggle at `_meta/directory`. Idempotent — call
515
- * on every `db.setDirectoryEnabled()` invocation. Owner-only at the
516
- * caller site; this primitive does not check roles.
517
- */
518
- declare function persistDirectoryConfig(store: NoydbStore, vault: string, config: DirectoryConfig): Promise<void>;
519
-
520
- /**
521
- * Persistence helpers for the per-user visibility flag
522
- * (`_meta/visibility/<keyringId>`). Mirrors the bypass-AES pattern used
523
- * by `_meta/policy` — the visibility document is plain JSON, the
524
- * envelope's `_iv` field is left empty.
525
- *
526
- * Stored alongside the keyring file rather than inside the encrypted
527
- * user envelope (`_users/<keyringId>`) because:
528
- *
529
- * - `UserEnvelope<T>.data` is opaque-to-hub by contract — hub does not
530
- * introspect or reserve any keys inside it. Adding `hidden` there
531
- * would violate that contract.
532
- * - `listUsersWithEnvelopes` filters by the flag, and the filter must
533
- * work even when decryption fails (legacy keyrings predating the
534
- * envelope feature, or a corrupted envelope).
535
- *
536
- * @see docs/subsystems/user-envelope.md → Directory visibility
537
- * @see docs/subsystems/plaintext-bypass.md — every `_iv: ''` write site
538
- *
539
- * @module
540
- */
541
-
542
- /** Prefix for per-user visibility records inside `_meta`. */
543
- declare const VISIBILITY_RECORD_PREFIX = "visibility/";
544
- /** Compose the `_meta` record id for a keyring's visibility doc. */
545
- declare function visibilityRecordId(keyringId: string): string;
546
- /**
547
- * Read the visibility flag for `keyringId`. Returns `undefined` when no
548
- * document has been persisted — callers treat that as the default-visible
549
- * case (`{ hidden: false }`).
550
- */
551
- declare function readUserVisibility(store: NoydbStore, vault: string, keyringId: string): Promise<UserVisibility | undefined>;
552
- /**
553
- * Persist the visibility flag for `keyringId` at
554
- * `_meta/visibility/<keyringId>`. Idempotent — call on every
555
- * `vault.user.setMyVisibility()` invocation. Own-only at the caller
556
- * site; this primitive does not enforce keyring ownership.
557
- */
558
- declare function persistUserVisibility(store: NoydbStore, vault: string, keyringId: string, visibility: UserVisibility): Promise<void>;
559
- /**
560
- * Delete the visibility flag for `keyringId`. Called from `revoke()`
561
- * alongside `deleteUserEnvelope` so the sidecar does not leak to a
562
- * re-granted principal with the same `userId`. Idempotent — the store's
563
- * `delete()` is already a no-op when the record is absent.
564
- */
565
- declare function deleteUserVisibility(store: NoydbStore, vault: string, keyringId: string): Promise<void>;
566
-
567
- interface EncryptResult {
568
- iv: string;
569
- data: string;
570
- }
571
- /**
572
- * Encrypt raw bytes with AES-256-GCM using a fresh random IV.
573
- * Used by the attachment store so binary blobs avoid double base64 encoding
574
- * (the existing `encrypt()` function calls `TextEncoder` on a string — here
575
- * we pass the `Uint8Array` directly to `subtle.encrypt`).
576
- */
577
- declare function encryptBytes(data: Uint8Array, dek: CryptoKey): Promise<EncryptResult>;
578
- /**
579
- * Decrypt AES-256-GCM ciphertext back to raw bytes.
580
- * Counterpart to `encryptBytes`. Throws `TamperedError` on auth-tag failure.
581
- */
582
- declare function decryptBytes(ivBase64: string, dataBase64: string, dek: CryptoKey): Promise<Uint8Array>;
583
- /**
584
- * Derive an AES-256-GCM presence key from a collection DEK using HKDF-SHA256.
585
- *
586
- * The presence key is domain-separated from the data DEK by the fixed salt
587
- * `'noydb-presence'` and the `info` = collection name. This means:
588
- * - The adapter never sees the presence key.
589
- * - Presence payloads rotate automatically when the collection DEK is rotated.
590
- * - Revoked users cannot derive the new presence key after a DEK rotation.
591
- *
592
- * @param dek The collection's AES-256-GCM DEK (extractable).
593
- * @param collectionName Used as the HKDF `info` parameter for domain separation.
594
- * @returns A non-extractable AES-256-GCM key suitable for presence payload encryption.
595
- */
596
- declare function derivePresenceKey(dek: CryptoKey, collectionName: string): Promise<CryptoKey>;
597
- /**
598
- * Encrypt a plaintext string with AES-256-GCM and a deterministic,
599
- * HKDF-derived IV.
600
- *
601
- * The same `{ dek, context, plaintext }` triple always produces the
602
- * same `{ iv, data }` — call this twice and you can string-compare the
603
- * ciphertexts to check equality of the inputs without decrypting them.
604
- *
605
- * @param context Domain-separation string — by convention
606
- * `'<collection>/<field>'`. Different contexts encrypt
607
- * the same plaintext to different ciphertexts, so
608
- * `email` in collection `users` does not collide with
609
- * `email` in collection `customers`.
610
- */
611
- declare function encryptDeterministic(plaintext: string, dek: CryptoKey, context: string): Promise<EncryptResult>;
612
- /**
613
- * Counterpart to {@link encryptDeterministic}. The IV is stored
614
- * alongside the ciphertext (exactly like the randomized path), so
615
- * decrypt uses the stored IV and verifies the GCM auth tag — a tampered
616
- * ciphertext throws `TamperedError` just like randomized AES-GCM.
617
- */
618
- declare function decryptDeterministic(ivBase64: string, dataBase64: string, dek: CryptoKey): Promise<string>;
619
- declare function bufferToBase64(buffer: ArrayBuffer | Uint8Array): string;
620
- declare function base64ToBuffer(base64: string): Uint8Array<ArrayBuffer>;
621
-
622
- /**
623
- * Hierarchical access — tier-aware keyring helpers.
624
- *
625
- * The keyring's existing `deks: Map<string, CryptoKey>` is keyed by
626
- * collection name. extends the key space:
627
- *
628
- * `'invoices'` — tier-0 DEK (unchanged from v0.x)
629
- * `'invoices#1'` — tier-1 DEK
630
- * `'invoices#2'` — tier-2 DEK
631
- *
632
- * Tier 0 keeps the bare collection name so any keyring written
633
- * before tiers existed loads without migration. Tiers ≥ 1 use `#N`
634
- * suffixes that
635
- * would be invalid as user-supplied collection names (see
636
- * `ReservedCollectionNameError` — `#` is reserved).
637
- *
638
- * @module
639
- */
640
-
641
- /** Canonical DEK key for a given collection + tier. Tier 0 → bare name. */
642
- declare function dekKey(collection: string, tier: number): string;
643
- /**
644
- * Returns the user's effective clearance for a given collection: the
645
- * maximum tier for which their keyring holds a DEK. Falls back to 0
646
- * when the user has only the tier-0 DEK (or none — the getDEK caller
647
- * will raise separately).
648
- */
649
- declare function effectiveClearance(keyring: UnlockedKeyring, collection: string): number;
650
- /**
651
- * Assert the caller is cleared for the requested tier. Owners and
652
- * admins always pass (they can mint any new tier DEK on demand);
653
- * other roles must already hold the tier DEK — via a prior grant or
654
- * an active delegation — otherwise this throws `TierNotGrantedError`.
655
- *
656
- * This gate runs BEFORE `getDEK()` on the mutation path so a
657
- * non-cleared operator never has the opportunity to silently
658
- * auto-create a tier DEK they shouldn't have.
659
- */
660
- declare function assertTierAccess(keyring: UnlockedKeyring, collection: string, tier: number): void;
661
-
662
- /**
663
- * Vault-level diff orchestrator.
664
- *
665
- * Compares a live `Vault`'s plaintext state against a candidate state
666
- * (another vault, a plain `{ collection: records[] }` map, or a vault
667
- * dump JSON) and returns a structured `VaultDiff` plan listing the
668
- * records that would be added, modified, or deleted to bring the live
669
- * vault into the candidate's shape.
670
- *
671
- * Builds on two existing record-level helpers:
672
- *
673
- * 1. `diff(a, b)` from `./history/diff.ts` — emits dot-pathed
674
- * `DiffEntry[]` with `type: 'added' | 'removed' | 'changed'` for
675
- * each changed field of two records. Used here for the
676
- * `fieldDiffs` of every `modified` entry, and (with empty result)
677
- * as the default deep-equal check.
678
- *
679
- * 2. `Vault.exportStream()` from `./vault.ts` — the canonical
680
- * decrypt-and-stream-records iterator. Used to walk both sides
681
- * when the candidate is itself a `Vault`. ACL-scoped: collections
682
- * the caller can't read silently drop out, the same way every
683
- * other plaintext-emitting export pipeline filters them.
684
- *
685
- * The new orchestration is the **vault-level** enumeration: bucket
686
- * each record id into added (only in candidate), deleted (only in
687
- * vault), or modified (in both with field changes); leave the
688
- * field-level granularity to the existing `diff()`.
689
- *
690
- * Use cases:
691
- *
692
- * - Import preview (`@noy-db/as-*` `fromString` returns a plan
693
- * whose body is a `VaultDiff`).
694
- * - Backup verification ("does this `.noydb` bundle from yesterday
695
- * match the current vault?").
696
- * - Two-vault reconciliation ("what's different between Office A
697
- * and Office B before we sync?").
698
- * - Test assertions (golden-file testing with one-liner
699
- * `expect(plan.summary).toEqual(...)`).
700
- *
701
- * @module
702
- */
703
-
704
- /** Per-record entry shape — added and deleted records carry only the record value. */
705
- interface VaultDiffEntry<T = unknown> {
706
- readonly collection: string;
707
- readonly id: string;
708
- readonly record: T;
709
- }
710
- /** Modified records carry both halves of the diff plus the field-level breakdown. */
711
- interface VaultDiffModifiedEntry<T = unknown> extends VaultDiffEntry<T> {
712
- /** The record as it stands in the live vault. */
713
- readonly before: T;
714
- /** Top-level keys whose values differ between `before` and `record`. */
715
- readonly fieldsChanged: readonly string[];
716
- /**
717
- * Field-level diff entries from `diff(before, record)`. Reuses the
718
- * existing per-record diff helper so consumers can render git-style
719
- * `path: from → to` rows without re-walking the records.
720
- */
721
- readonly fieldDiffs: readonly DiffEntry[];
722
- }
723
- interface VaultDiff<T = unknown> {
724
- readonly added: readonly VaultDiffEntry<T>[];
725
- readonly modified: readonly VaultDiffModifiedEntry<T>[];
726
- readonly deleted: readonly VaultDiffEntry<T>[];
727
- /** Only populated when `options.includeUnchanged: true`. */
728
- readonly unchanged: readonly VaultDiffEntry<T>[] | undefined;
729
- readonly summary: {
730
- readonly add: number;
731
- readonly modify: number;
732
- readonly delete: number;
733
- readonly total: number;
734
- };
735
- /**
736
- * Format the diff as a human-readable string.
737
- *
738
- * - `'count'` — one line, just the numbers (`12 added · 3 modified · 0 deleted`)
739
- * - `'one-line'` — count plus a single overview line
740
- * - `'full'` — count + one row per added/modified/deleted record (default)
741
- */
742
- format(opts?: {
743
- detail?: 'count' | 'one-line' | 'full';
744
- }): string;
745
- }
746
- interface DiffOptions {
747
- /** Restrict the diff to a subset of collections. */
748
- readonly collections?: readonly string[];
749
- /** Field on each record that carries its id. Defaults to `'id'`. */
750
- readonly idKey?: string;
751
- /** Override the default deep-equal check for "modified vs unchanged". */
752
- readonly compareFn?: (a: unknown, b: unknown) => boolean;
753
- /** If true, include unchanged records in the diff (off by default to save memory). */
754
- readonly includeUnchanged?: boolean;
755
- }
756
- /**
757
- * Candidate state to diff the vault against:
758
- *
759
- * - A `Vault` instance — both sides are walked via `exportStream()`.
760
- * - A `Record<collection, records[]>` map — same shape `as-json.toObject()`
761
- * produces. Useful for diffing parsed file content against the live vault.
762
- * - A `VaultDump` (output of `vault.dump()`) — a JSON string carrying the
763
- * full vault state. Parsed and reduced to the map shape above.
764
- */
765
- type DiffCandidate<T = unknown> = Vault | Record<string, readonly T[]> | string;
766
- /**
767
- * Compute the diff between a live vault and a candidate state.
768
- *
769
- * Returns a fully buffered `VaultDiff` — no streaming. Memory cost is
770
- * O(n + m) in the row count of vault + candidate. For documented
771
- * 1K-50K-record vaults this is fine; a streaming variant lands as a
772
- * follow-up if a > 100K-record consumer arrives.
773
- */
774
- declare function diffVault<T = unknown>(vault: Vault, candidate: DiffCandidate<T>, options?: DiffOptions): Promise<VaultDiff<T>>;
775
-
776
- export { ActiveTier, type CheckGateContext, DEFAULT_FRESHNESS_MS, DIRECTORY_RECORD_ID, type DiffCandidate, DiffEntry, type DiffOptions, DirectoryConfig, FactorProof, GateName, GatePolicy, META_COLLECTION, ManagedRecoveryNotEnrolledError, NoydbError, NoydbStore, PERSONAL_POLICY, POLICY_RECORD_ID, PUBLIC_ENVELOPE_RECORD_ID, type PersistSchemaResult, PersistedSchemaEnvelope, PolicyDeniedError, type PolicyDenyReason, PublicEnvelope, RecoveryNotEnrolledError, RecoveryProfileNotImplementedError, SCHEMAS_COLLECTION, STRICT_POLICY, SchemaUpdateStrategy, UnlockedKeyring, UpdateDecision, UserEnvelope, UserVisibility, VISIBILITY_RECORD_PREFIX, Vault, type VaultDiff, type VaultDiffEntry, type VaultDiffModifiedEntry, VaultPolicy, additiveOnly, assertTierAccess, base64ToBuffer, blindUpdate, bufferToBase64, checkGate, coordinatedCutover, decryptBytes, decryptDeterministic, dekKey, deleteUserEnvelope, deleteUserVisibility, derivePersistedSchema, derivePresenceKey, describeAllUsersAuth, describeAuthConfig, describeGate, describeUserAuth, diagramAuthConfig, diffVault, effectiveClearance, encryptBytes, encryptDeterministic, estimateRecordBytes, isZodSchema, listUserEnvelopeIds, loadPersistedSchema, loadPublicEnvelope, loadUserEnvelope, loadVaultPolicy, lockSchema, mergePolicy, parseBytes, persistDirectoryConfig, persistSchemaIfNeeded, persistUserVisibility, readDirectoryConfig, readPublicEnvelope, readUserVisibility, savePersistedSchema, savePublicEnvelope, saveUserEnvelope, saveVaultPolicy, visibilityRecordId };