npm - @objectstack/platform-objects - Versions diffs - 7.1.0 → 7.2.1 - Mend

@objectstack/platform-objects 7.1.0 → 7.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/dist/apps/index.d.mts +12 -0
package/dist/apps/index.d.ts +12 -0
package/dist/apps/index.js +48 -16
package/dist/apps/index.js.map +1 -1
package/dist/apps/index.mjs +48 -16
package/dist/apps/index.mjs.map +1 -1
package/dist/audit/index.d.mts +240 -48
package/dist/audit/index.d.ts +240 -48
package/dist/identity/index.d.mts +386 -61
package/dist/identity/index.d.ts +386 -61
package/dist/identity/index.js +135 -1
package/dist/identity/index.js.map +1 -1
package/dist/identity/index.mjs +135 -1
package/dist/identity/index.mjs.map +1 -1
package/dist/index.d.mts +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.js +327 -17
package/dist/index.js.map +1 -1
package/dist/index.mjs +327 -18
package/dist/index.mjs.map +1 -1
package/dist/integration/index.d.mts +15 -3
package/dist/integration/index.d.ts +15 -3
package/dist/metadata/index.d.mts +3264 -7
package/dist/metadata/index.d.ts +3264 -7
package/dist/metadata/index.js +130 -0
package/dist/metadata/index.js.map +1 -1
package/dist/metadata/index.mjs +130 -1
package/dist/metadata/index.mjs.map +1 -1
package/dist/security/index.d.mts +115 -21
package/dist/security/index.d.ts +115 -21
package/dist/security/index.js +14 -0
package/dist/security/index.js.map +1 -1
package/dist/security/index.mjs +14 -0
package/dist/security/index.mjs.map +1 -1
package/dist/system/index.d.mts +45 -9
package/dist/system/index.d.ts +45 -9
package/package.json +2 -2

package/dist/index.mjs CHANGED Viewed

@@ -10,6 +10,12 @@ var SysUser = ObjectSchema.create({
   icon: "user",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — identity table is managed by better-auth; schema must not drift.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "User accounts for authentication",
   displayNameField: "name",
   titleFormat: "{name}",
@@ -422,6 +428,14 @@ var SysSession = ObjectSchema.create({
   icon: "key",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Active user sessions",
   displayNameField: "user_id",
   titleFormat: "Session \u2014 {user_id}",
@@ -577,6 +591,14 @@ var SysAccount = ObjectSchema.create({
   icon: "link",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "OAuth and authentication provider accounts",
   titleFormat: "{provider_id} - {account_id}",
   compactLayout: ["provider_id", "user_id", "account_id"],
@@ -601,7 +623,7 @@ var SysAccount = ObjectSchema.create({
       mode: "create",
       locations: ["list_toolbar"],
       type: "url",
-      target: "/api/v1/auth/sign-in/social?provider=${param.provider}&callbackURL=${ctx.origin}/apps/account/sys_account",
+      target: "/api/v1/auth/sign-in/social?provider=${param.provider}&callbackURL=${ctx.origin}/_console/apps/account/sys_account",
       params: [
         {
           name: "provider",
@@ -750,6 +772,14 @@ var SysVerification = ObjectSchema.create({
   icon: "shield-check",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Email and phone verification tokens",
   titleFormat: "Verification for {identifier}",
   compactLayout: ["identifier", "expires_at", "created_at"],
@@ -805,6 +835,14 @@ var SysOrganization = ObjectSchema.create({
   icon: "building-2",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Organizations for multi-tenant grouping",
   displayNameField: "name",
   titleFormat: "{name}",
@@ -1007,6 +1045,14 @@ var SysMember = ObjectSchema.create({
   icon: "user-check",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Organization membership records",
   titleFormat: "{user_id} in {organization_id}",
   compactLayout: ["user_id", "organization_id", "role"],
@@ -1156,6 +1202,14 @@ var SysInvitation = ObjectSchema.create({
   icon: "mail",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Organization invitations for user onboarding",
   titleFormat: "Invitation to {organization_id}",
   compactLayout: ["email", "organization_id", "status"],
@@ -1356,6 +1410,14 @@ var SysTeam = ObjectSchema.create({
   icon: "users",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Teams within organizations for fine-grained grouping",
   displayNameField: "name",
   titleFormat: "{name}",
@@ -1493,6 +1555,14 @@ var SysTeamMember = ObjectSchema.create({
   icon: "user-plus",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Team membership records linking users to teams",
   titleFormat: "{user_id} in {team_id}",
   compactLayout: ["user_id", "team_id", "created_at"],
@@ -1820,6 +1890,14 @@ var SysApiKey = ObjectSchema.create({
   icon: "key-round",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "API keys for programmatic access",
   displayNameField: "name",
   titleFormat: "{name}",
@@ -2002,6 +2080,14 @@ var SysTwoFactor = ObjectSchema.create({
   icon: "smartphone",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Two-factor authentication credentials",
   titleFormat: "Two-factor for {user_id}",
   compactLayout: ["user_id", "created_at"],
@@ -2148,6 +2234,14 @@ var SysDeviceCode = ObjectSchema.create({
   icon: "key-round",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "OAuth 2.0 Device Authorization Grant (RFC 8628) pending requests",
   titleFormat: "{user_code}",
   compactLayout: ["user_code", "status", "client_id", "expires_at"],
@@ -2327,6 +2421,14 @@ var SysOauthApplication = ObjectSchema.create({
   icon: "key-round",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Registered OAuth/OIDC client applications",
   displayNameField: "name",
   titleFormat: "{name}",
@@ -2721,6 +2823,14 @@ var SysOauthAccessToken = ObjectSchema.create({
   icon: "ticket",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Opaque OAuth access tokens issued to client applications",
   compactLayout: ["client_id", "user_id", "expires_at"],
   fields: {
@@ -2799,6 +2909,14 @@ var SysOauthRefreshToken = ObjectSchema.create({
   icon: "refresh-cw",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Opaque OAuth refresh tokens (linked to a session)",
   compactLayout: ["client_id", "user_id", "expires_at"],
   fields: {
@@ -2881,6 +2999,14 @@ var SysOauthConsent = ObjectSchema.create({
   icon: "shield-check",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "User consent records for OAuth client applications",
   compactLayout: ["client_id", "user_id", "scopes"],
   fields: {
@@ -2941,6 +3067,14 @@ var SysJwks = ObjectSchema.create({
   icon: "key",
   isSystem: true,
   managedBy: "better-auth",
+  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
+  // but may add overlay row-level config. Use `no-overlay` if you need to
+  // forbid sys_metadata overlays entirely.
+  protection: {
+    lock: "full",
+    reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Asymmetric key pairs used to sign and verify issued JWTs",
   compactLayout: ["id", "created_at", "expires_at"],
   fields: {
@@ -2988,6 +3122,13 @@ var SysRole = ObjectSchema.create({
   icon: "shield",
   isSystem: true,
   managedBy: "config",
+  // ADR-0010 §3.7 — RBAC primitive; tenants may add custom rows
+  // (created via UI / API) but the schema itself is locked.
+  protection: {
+    lock: "no-overlay",
+    reason: "RBAC schema is platform-defined \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Role definitions for RBAC access control",
   displayNameField: "label",
   titleFormat: "{label}",
@@ -3191,6 +3332,13 @@ var SysPermissionSet = ObjectSchema.create({
   icon: "lock",
   isSystem: true,
   managedBy: "config",
+  // ADR-0010 §3.7 — RBAC primitive; tenants may add custom rows
+  // (created via UI / API) but the schema itself is locked.
+  protection: {
+    lock: "no-overlay",
+    reason: "RBAC schema is platform-defined \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   description: "Named permission groupings for fine-grained access control",
   displayNameField: "label",
   titleFormat: "{label}",
@@ -6922,6 +7070,135 @@ var SysMetadataHistoryObject = ObjectSchema.create({
     trash: false
   }
 });
+var SysMetadataAuditObject = ObjectSchema.create({
+  name: "sys_metadata_audit",
+  label: "Metadata Audit",
+  pluralLabel: "Metadata Audit",
+  icon: "shield-check",
+  isSystem: true,
+  managedBy: "append-only",
+  description: "Append-only audit trail of metadata write decisions (ADR-0010).",
+  fields: {
+    /** Primary Key (UUID) */
+    id: Field.text({
+      label: "ID",
+      required: true,
+      readonly: true
+    }),
+    /** When the decision was made (ISO-8601 UTC). */
+    occurred_at: Field.datetime({
+      label: "Occurred At",
+      required: true,
+      readonly: true
+    }),
+    /** Acting principal (user id, system id, or 'system'). */
+    actor: Field.text({
+      label: "Actor",
+      required: true,
+      readonly: true,
+      maxLength: 255,
+      description: 'Acting principal \u2014 user id, system id, or "system".'
+    }),
+    /** Code path that produced the decision (e.g. `protocol.saveMetaItem`). */
+    source: Field.text({
+      label: "Source",
+      required: false,
+      readonly: true,
+      maxLength: 128
+    }),
+    /** Metadata type (singular, e.g. `app`, `object`, `view`). */
+    type: Field.text({
+      label: "Metadata Type",
+      required: true,
+      readonly: true,
+      searchable: true,
+      maxLength: 100
+    }),
+    /** Item machine name. */
+    name: Field.text({
+      label: "Name",
+      required: true,
+      readonly: true,
+      searchable: true,
+      maxLength: 255
+    }),
+    /** Organization for multi-tenant filtering. NULL for env-wide writes. */
+    organization_id: Field.lookup("sys_organization", {
+      label: "Organization",
+      required: false,
+      readonly: true
+    }),
+    /** Operation kind. */
+    operation: Field.select(["save", "publish", "rollback", "delete", "reset"], {
+      label: "Operation",
+      required: true,
+      readonly: true
+    }),
+    /** Decision outcome — allowed, denied (refused), or forced (bypassed via override). */
+    outcome: Field.select(["allowed", "denied", "forced"], {
+      label: "Outcome",
+      required: true,
+      readonly: true
+    }),
+    /**
+     * Machine-readable code for the decision:
+     *  - on `allowed`: `'ok'`
+     *  - on `denied`: `'not_overridable'` | `'not_creatable'` |
+     *    `'item_locked'` | `'invalid_metadata'` | `'destructive_change'` |
+     *    `'metadata_conflict'`
+     *  - on `forced`: `'lock_override'` (Phase 3)
+     */
+    code: Field.text({
+      label: "Code",
+      required: true,
+      readonly: true,
+      maxLength: 64
+    }),
+    /**
+     * Lock state observed at the time of the decision (`none` if the
+     * item carried no `_lock`). Captured even on `allowed` rows so
+     * later compliance queries can see "what was the lock state when
+     * this write succeeded".
+     */
+    lock_state: Field.select(["none", "no-overlay", "no-delete", "full"], {
+      label: "Lock State",
+      required: false,
+      readonly: true
+    }),
+    /** True when the write succeeded by bypassing a lock (Phase 3). */
+    lock_overridden: Field.boolean({
+      label: "Lock Overridden",
+      required: false,
+      readonly: true
+    }),
+    /** Optional request correlation id for tracing. */
+    request_id: Field.text({
+      label: "Request ID",
+      required: false,
+      readonly: true,
+      maxLength: 128
+    }),
+    /** Optional free-form context (e.g. brief diff summary). */
+    note: Field.textarea({
+      label: "Note",
+      required: false,
+      readonly: true
+    })
+  },
+  indexes: [
+    { fields: ["organization_id", "occurred_at"] },
+    { fields: ["type", "name", "occurred_at"] },
+    { fields: ["actor", "occurred_at"] },
+    { fields: ["outcome"] }
+  ],
+  enable: {
+    trackHistory: false,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list"],
+    trash: false
+  }
+});
 var SysSetting = ObjectSchema.create({
   name: "sys_setting",
   label: "Setting",
@@ -7315,6 +7592,13 @@ var SETUP_APP = {
   icon: "settings",
   active: true,
   isDefault: false,
+  // ADR-0010 §3.7 — author-facing protection block. Loader translates
+  // this into the `_lock` envelope at registration time.
+  protection: {
+    lock: "full",
+    reason: "Core admin UI shipped by @objectstack/platform-objects \u2014 see ADR-0010.",
+    docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
+  },
   branding: {
     primaryColor: "#475569"
     // Slate-600 — neutral admin palette
@@ -7546,6 +7830,31 @@ var STUDIO_APP = {
     // Indigo-500 — distinct from Setup's slate
   },
   requiredPermissions: ["studio.access"],
+  contextSelectors: [
+    {
+      // Package scope — pinned to the sidebar header. Selecting a package
+      // injects `{active_package}` into every `metadata:resource` nav
+      // item below, so the whole workbench filters to that package in
+      // one click. Options come from the installed-packages REST surface,
+      // narrowed to project-scoped packages: this dropdown exists so
+      // third-party developers can scope to *their* custom package, so we
+      // deliberately hide the platform's own system/cloud kernel packages
+      // (auth, security, audit, queue, …) which are not user-authored.
+      id: "active_package",
+      label: "Package",
+      icon: "package",
+      optionsSource: {
+        endpoint: "/api/v1/packages",
+        valueKey: "manifest.id",
+        labelKey: "manifest.name",
+        filter: [{ key: "manifest.scope", op: "nin", value: ["system", "cloud"] }]
+      },
+      includeAll: true,
+      allValue: "",
+      persist: "query",
+      placement: "sidebar_header"
+    }
+  ],
   navigation: [
     {
       id: "group_overview",
@@ -7576,7 +7885,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Objects",
           componentRef: "metadata:resource",
-          params: { type: "object" },
+          params: { type: "object", package: "{active_package}" },
           icon: "box"
         },
         {
@@ -7584,7 +7893,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Validations",
           componentRef: "metadata:resource",
-          params: { type: "validation" },
+          params: { type: "validation", package: "{active_package}" },
           icon: "check-square"
         }
       ]
@@ -7601,7 +7910,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Apps",
           componentRef: "metadata:resource",
-          params: { type: "app" },
+          params: { type: "app", package: "{active_package}" },
           icon: "app-window"
         },
         {
@@ -7609,7 +7918,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Views",
           componentRef: "metadata:resource",
-          params: { type: "view" },
+          params: { type: "view", package: "{active_package}" },
           icon: "table"
         },
         {
@@ -7617,7 +7926,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Pages",
           componentRef: "metadata:resource",
-          params: { type: "page" },
+          params: { type: "page", package: "{active_package}" },
           icon: "file-text"
         },
         {
@@ -7625,7 +7934,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Dashboards",
           componentRef: "metadata:resource",
-          params: { type: "dashboard" },
+          params: { type: "dashboard", package: "{active_package}" },
           icon: "layout-dashboard"
         },
         {
@@ -7633,7 +7942,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Reports",
           componentRef: "metadata:resource",
-          params: { type: "report" },
+          params: { type: "report", package: "{active_package}" },
           icon: "bar-chart-3"
         }
       ]
@@ -7650,7 +7959,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Actions",
           componentRef: "metadata:resource",
-          params: { type: "action" },
+          params: { type: "action", package: "{active_package}" },
           icon: "mouse-pointer-click"
         },
         {
@@ -7658,7 +7967,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Hooks",
           componentRef: "metadata:resource",
-          params: { type: "hook" },
+          params: { type: "hook", package: "{active_package}" },
           icon: "webhook"
         }
       ]
@@ -7675,7 +7984,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Flows",
           componentRef: "metadata:resource",
-          params: { type: "flow" },
+          params: { type: "flow", package: "{active_package}" },
           icon: "git-branch"
         },
         {
@@ -7683,7 +7992,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Workflow Rules",
           componentRef: "metadata:resource",
-          params: { type: "workflow" },
+          params: { type: "workflow", package: "{active_package}" },
           icon: "zap"
         },
         {
@@ -7691,7 +8000,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Approval Processes",
           componentRef: "metadata:resource",
-          params: { type: "approval" },
+          params: { type: "approval", package: "{active_package}" },
           icon: "check-circle"
         }
       ]
@@ -7710,7 +8019,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Agents",
           componentRef: "metadata:resource",
-          params: { type: "agent" },
+          params: { type: "agent", package: "{active_package}" },
           icon: "bot"
         },
         {
@@ -7718,7 +8027,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Tools",
           componentRef: "metadata:resource",
-          params: { type: "tool" },
+          params: { type: "tool", package: "{active_package}" },
           icon: "wrench"
         },
         {
@@ -7726,7 +8035,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Skills",
           componentRef: "metadata:resource",
-          params: { type: "skill" },
+          params: { type: "skill", package: "{active_package}" },
           icon: "brain"
         }
       ]
@@ -7779,7 +8088,7 @@ var STUDIO_APP = {
           type: "component",
           label: "Email Templates",
           componentRef: "metadata:resource",
-          params: { type: "email_template" },
+          params: { type: "email_template", package: "{active_package}" },
           icon: "mail"
         }
       ]
@@ -26000,6 +26309,6 @@ function createPlatformObjectsPlugin() {
   return new PlatformObjectsPlugin();
 }
-export { ACCOUNT_APP, MetadataFormsTranslations, PlatformObjectsPlugin, SETUP_APP, STUDIO_APP, SetupAppTranslations, SysAccount, SysActivity, SysApiKey, SysApprovalAction, SysApprovalProcess, SysApprovalRequest, SysAttachment, SysAuditLog, SysComment, SysDepartment, SysDepartmentMember, SysDeviceCode, SysEmail, SysEmailTemplate, SysInvitation, SysJob, SysJobQueue, SysJobRun, SysJwks, SysMember, SysMetadataObject as SysMetadata, SysMetadataHistoryObject, SysMetadataObject, SysNotification, SysOauthAccessToken, SysOauthApplication, SysOauthConsent, SysOauthRefreshToken, SysOrganization, SysOrganizationDetailPage, SysPermissionSet, SysPresence, SysRecordShare, SysReportSchedule, SysRole, SysRolePermissionSet, SysSavedReport, SysSecret, SysSession, SysSetting, SysSettingAudit, SysShareLink, SysSharingRule, SysTeam, SysTeamMember, SysTwoFactor, SysUser, SysUserDetailPage, SysUserPermissionSet, SysUserPreference, SysVerification, SysWebhook, SystemOverviewDashboard, createPlatformObjectsPlugin, defaultPermissionSets, en, esES, jaJP, zhCN };
+export { ACCOUNT_APP, MetadataFormsTranslations, PlatformObjectsPlugin, SETUP_APP, STUDIO_APP, SetupAppTranslations, SysAccount, SysActivity, SysApiKey, SysApprovalAction, SysApprovalProcess, SysApprovalRequest, SysAttachment, SysAuditLog, SysComment, SysDepartment, SysDepartmentMember, SysDeviceCode, SysEmail, SysEmailTemplate, SysInvitation, SysJob, SysJobQueue, SysJobRun, SysJwks, SysMember, SysMetadataObject as SysMetadata, SysMetadataAuditObject, SysMetadataHistoryObject, SysMetadataObject, SysNotification, SysOauthAccessToken, SysOauthApplication, SysOauthConsent, SysOauthRefreshToken, SysOrganization, SysOrganizationDetailPage, SysPermissionSet, SysPresence, SysRecordShare, SysReportSchedule, SysRole, SysRolePermissionSet, SysSavedReport, SysSecret, SysSession, SysSetting, SysSettingAudit, SysShareLink, SysSharingRule, SysTeam, SysTeamMember, SysTwoFactor, SysUser, SysUserDetailPage, SysUserPermissionSet, SysUserPreference, SysVerification, SysWebhook, SystemOverviewDashboard, createPlatformObjectsPlugin, defaultPermissionSets, en, esES, jaJP, zhCN };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map