@openclaw/matrix 2026.5.30-beta.1 → 2026.5.31-beta.2

package/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/CHANGELOG.md

@@ -1,6 +1,37 @@
 # Matrix-Rust-SDK Node.js Bindings
 
-## UNRELEASED
+## v0.6.0 - 2026-05-18
+
+-   Update matrix-rust-sdk to 0.17.0
+
+    -   Check the user ID in the `sender_device_keys` property of Olm-encrypted
+        to-device events to prevent sender spoofing by homeserver owners.
+        [#6553](https://github.com/matrix-org/matrix-rust-sdk/pull/6553)
+    -   **BREAKING:** The `only_allow_trusted_devices` and
+        `error_on_verified_user_problem` fields of the `EncryptionSettings` have
+        been replaced with the `CollectStrategy` enum.
+    -   **BREAKING:** The `ShieldStateCode::SentInClear` enum variant has been
+        removed.
+    -   **BREAKING:** A new `ShieldStateCode::MismatchedSender` enum variant has been
+        added.
+
+-   Add support for Node.JS 26, and drop support for Node.JS 25. [#76](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/76)
+-   Support Node-API Version 8. [#77](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/77)
+
+## v0.5.1 - 2026-04-22
+
+-   Try to fix release script. [#72](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/72)
+
+## v0.5.0 - 2026-04-20
+
+-   Support Node.JS 25, drop support for 22. [#68](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/68)
+-   `OlmMachine.bootstrap_cross_signing` now returns the requests required to
+    upload the cross-signing keys to the server. [#67](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/67)
+-   Add new functions `OlmMachine.export_secrets_for_secret_storage` and
+    `OlmMachine.import_secrets_from_secret_storage`, along with associated
+    types, for reading and writing to Secret Storage. [#67](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/67)
+-   Add a new function `OlmMachine.get_device` to get information about a
+    device. [#67](https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs/pull/67)
 
 ## v0.4.0 - 2026-01-08
 

package/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/README.md

@@ -99,10 +99,10 @@ The binding is compatible with, and tested against, the Node.js
 versions that are in “current” or “active” states,
 according to [the Node.js Releases
 Page](https://nodejs.org/en/about/releases/), _and_ which are
-compatible with [NAPI v6 (Node.js
-API)](https://nodejs.org/api/n-api.html#node-api-version-matrix). It
+compatible with [Node-API (formerly N-API)
+v8)](https://nodejs.org/api/n-api.html#node-api-version-matrix). It
 means that this binding will work with the following versions:
-22.0.0 and 24.0.0.
+v24 and v26.
 
 Once the Rust compiler, Node.js and npm are installed, you can run the
 following commands:

package/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/index.d.ts

@@ -13,6 +13,76 @@ export const enum EncryptionAlgorithm {
   /** Megolm version 1 using AES-256 and SHA-256. */
   MegolmV1AesSha2 = 1
 }
+/**
+ * Strategy to collect the devices that should receive room keys for the
+ * current discussion.
+ */
+export const enum CollectStrategy {
+  /**
+   * Share with all (unblacklisted) devices.
+   *
+   * Not recommended, per the guidance of [MSC4153].
+   *
+   * (Used by Element X and Element Web in the legacy, non-"exclude insecure
+   * devices" mode.)
+   *
+   * [MSC4153]: https://github.com/matrix-org/matrix-doc/pull/4153
+   */
+  AllDevices = 0,
+  /**
+   * Share with all devices, except errors for *verified* users cause sharing
+   * to fail with an error.
+   *
+   * In this strategy, if a verified user has an unsigned device,
+   * key sharing will fail with a
+   * [`SessionRecipientCollectionError::VerifiedUserHasUnsignedDevice`].
+   * If a verified user has replaced their identity, key
+   * sharing will fail with a
+   * [`SessionRecipientCollectionError::VerifiedUserChangedIdentity`].
+   *
+   * Otherwise, keys are shared with unsigned devices as normal.
+   *
+   * Once the problematic devices are blacklisted or whitelisted the
+   * caller can retry to share a second time.
+   *
+   * Not recommended, per the guidance of [MSC4153].
+   *
+   * [MSC4153]: https://github.com/matrix-org/matrix-doc/pull/4153
+   */
+  ErrorOnVerifiedUserProblem = 1,
+  /**
+   * Share based on identity. Only distribute to devices signed by their
+   * owner. If a user has no published identity he will not receive
+   * any room keys.
+   *
+   * This is the recommended strategy: it is compliant with the guidance of
+   * [MSC4153].
+   *
+   * (Used by Element Web and Element X in the "exclude insecure devices"
+   * mode.)
+   *
+   * [MSC4153]: https://github.com/matrix-org/matrix-doc/pull/4153
+   */
+  IdentityBasedStrategy = 2,
+  /**
+   * Only share keys with devices that we "trust". A device is trusted if any
+   * of the following is true:
+   *     - It was manually marked as trusted.
+   *     - It was marked as verified via interactive verification.
+   *     - It is signed by its owner identity, and this identity has been
+   *       trusted via interactive verification.
+   *     - It is the current own device of the user.
+   *
+   * This strategy is compliant with [MSC4153], but is probably too strict
+   * for normal use.
+   *
+   * (Used by Element Web when "only send messages to verified users" is
+   * enabled.)
+   *
+   * [MSC4153]: https://github.com/matrix-org/matrix-doc/pull/4153
+   */
+  OnlyTrustedDevices = 3
+}
 /**
  * Take a look at [`matrix_sdk_common::deserialized_responses::ShieldState`]
  * for more info.
@@ -36,8 +106,11 @@ export const enum ShieldStateCode {
   UnsignedDevice = 2,
   /** The sender hasn't been verified by the Client's user. */
   UnverifiedIdentity = 3,
-  /** An unencrypted event in an encrypted room. */
-  SentInClear = 4,
+  /**
+   * The `sender` field on the event does not match the owner of the device
+   * that established the Megolm session.
+   */
+  MismatchedSender = 4,
   /** The sender was previously verified but changed their identity. */
   VerificationViolation = 5,
   None = 6
@@ -221,6 +294,21 @@ export declare class BackupKeys {
   /** The version that we are using for backups. */
   backupVersion?: string
 }
+/** A device represents a E2EE capable client of an user. */
+export declare class Device {
+  /**
+   * Is this device considered to be verified.
+   *
+   * This method returns true if either the `is_locally_trusted`
+   * method returns `true` or if the `is_cross_signing_trusted`
+   * method returns `true`.
+   */
+  isVerified(): boolean
+  /** Is this device considered to be verified using cross signing. */
+  isCrossSigningTrusted(): boolean
+  /** Is this device cross-signed by its owner? */
+  isCrossSignedByOwner(): boolean
+}
 /**
  * Settings for an encrypted room.
  *
@@ -243,16 +331,10 @@ export declare class EncryptionSettings {
    */
   historyVisibility: HistoryVisibility
   /**
-   * Should untrusted devices receive the room key, or should they be
-   * excluded from the conversation.
+   * The strategy used to distribute the room keys to participant.
+   * Default will send to all devices.
    */
-  onlyAllowTrustedDevices: boolean
-  /**
-   * Should keys be shared with a verified user with an unverified device
-   * or when a verified user has replaced their identity. Otherwise
-   * keys are shared with unsigned devices as normal.
-   */
-  errorOnVerifiedUserProblem: boolean
+  sharingStrategy: CollectStrategy
   /** Create a new `EncryptionSettings` with default values. */
   constructor()
 }
@@ -401,10 +483,15 @@ export declare class OlmMachine {
   /** Get the public parts of our Olm identity keys. */
   get identityKeys(): IdentityKeys
   /**
-   * Handle a to-device and one-time key counts from a sync response.
+   * Handle to-device events and one-time key counts from a sync response.
+   *
+   * This will decrypt and handle to-device events, returning a two-element
+   * array where:
    *
-   * This will decrypt and handle to-device events returning the
-   * decrypted versions of them, as a JSON-encoded string.
+   * * The first element is an array containing the decrypted to-device
+   *   events as JSON-encoded strings.
+   * * The second element is an array containing information about room keys
+   *   received as part of those decrypted to-device events.
    *
    * To decrypt an event from the room timeline, please use
    * `decrypt_room_event`.
@@ -416,6 +503,8 @@ export declare class OlmMachine {
    *   response.
    * * `one_time_keys_count`, the current one-time keys counts that the sync
    *   response returned.
+   * * `unused_fallback_keys`, the list of unused fallback keys the
+   *   homeserver knows about.
    */
   receiveSyncChanges(toDeviceEvents: string, changedDevices: DeviceLists, oneTimeKeyCounts: Record<string, number>, unusedFallbackKeys: Array<string>): Promise<string>
   /**
@@ -527,6 +616,9 @@ export declare class OlmMachine {
    * Create a new cross signing identity and get the upload request
    * to push the new public keys to the server.
    *
+   * Returns the requests that need to be sent to the server to upload the
+   * required keys and signatures.
+   *
    * Warning: This will delete any existing cross signing keys that
    * might exist on the server and thus will reset the trust
    * between all the devices.
@@ -543,7 +635,7 @@ export declare class OlmMachine {
    *   the same request multiple times, setting this argument to false
    *   enables you to reuse the same request.
    */
-  bootstrapCrossSigning(reset: boolean): Promise<void>
+  bootstrapCrossSigning(reset: boolean): Promise<CrossSigningBootstrapRequests>
   /**
    * Sign the given message using our device key and if available
    * cross-signing master key.
@@ -627,6 +719,25 @@ export declare class OlmMachine {
    * `OlmMachine` after this `close` method has been called.
    */
   close(): void
+  /**
+   * Export the client's secrets to store in Secret Storage, encrypted using
+   * the given secret storage key.
+   *
+   * Returns the items to store in account data.
+   *
+   * Currently only exports the cross-signing keys.
+   */
+  exportSecretsForSecretStorage(secretStorageKey: SecretStorageKey): Promise<SecretStorageItems>
+  /**
+   * Import secrets from Secret Storage, and sign the device's key with the
+   * user's self-signing key.
+   *
+   * Returns a signature upload request to upload the signature to the
+   * server.
+   */
+  importSecretsFromSecretStorage(secretStorageKey: SecretStorageKey, items: SecretStorageItems): Promise<SignatureUploadRequest>
+  /** Get information about a device. */
+  getDevice(userId: UserId, deviceId: DeviceId, timeout?: number | undefined | null): Promise<Device | null>
 }
 /**
  * Struct representing the state of our private cross signing keys,
@@ -803,6 +914,25 @@ export declare class KeysBackupRequest {
   /** Get its request type. */
   get type(): RequestType
 }
+/** The requests needed to upload the cross-signing data to the server */
+export declare class CrossSigningBootstrapRequests {
+  /**
+   * The request to upload the device's keys.
+   *
+   * Could be `None` if the device keys have already been uploaded.
+   */
+  readonly uploadKeysReq?: KeysUploadRequest
+  /**
+   * The request to upload the cross-signing keys, as a JSON-encoded string.
+   *
+   * This request does not have a request ID, and `mark_request_as_sent` does
+   * not need to be called for this request, so only the request body is
+   * provided.
+   */
+  readonly uploadSigningKeysReq: string
+  /** The request to upload the cross-signing signatures. */
+  readonly uploadSignaturesReq: SignatureUploadRequest
+}
 /** A decrypted room event. */
 export declare class DecryptedRoomEvent {
   /** The JSON-encoded decrypted event. */
@@ -841,6 +971,56 @@ export declare class DecryptedRoomEvent {
    */
   shieldState(strict: boolean): ShieldState | null
 }
+/** A key for encrypting/decrypting data in secret storage */
+export declare class SecretStorageKey {
+  /** Create a new random [`SecretStorageKey`]. */
+  static createRandomKey(): SecretStorageKey
+  /** Create a new passphrase-based [`SecretStorageKey`]. */
+  static createFromPassphrase(passphrase: string): SecretStorageKey
+  /**
+   * Restore a [`SecretStorageKey`] from the given input and the description
+   * of the key.
+   *
+   * The [`SecretStorageKeyEventContent`] will contain the description of the
+   * [`SecretStorageKey`]. The constructor will check if the provided input
+   * string matches to the description.
+   *
+   * The input can be a passphrase or a Base58 export of the
+   * [`SecretStorageKey`].
+   */
+  static fromAccountData(input: string, eventType: string, content: string): SecretStorageKey
+  /** Export the [`SecretStorageKey`] as a base58-encoded string. */
+  toBase58(): string
+  /**
+   * Encrypt a secret string as a Secret Storage secret.
+   *
+   * Returns the JSON-encoded contents to store in Account Data.
+   */
+  encrypt(plaintext: string, secretName: string): string
+  /**
+   * Decrypt the given Secret Storage item, given as the JSON-encoded
+   * contents.
+   */
+  decrypt(accountDataContentJson: string, secretName: string): string
+  /**
+   * The info about the [`SecretStorageKey`], as an item for storing in
+   * account data.
+   *
+   * Returns a JSON-encoded object.
+   */
+  accountDataContent(): string
+  /** The unique ID of this [`SecretStorageKey`]. */
+  keyId(): string
+  /** The event type of this [`SecretStorageKey`] for storing in account data. */
+  eventType(): string
+}
+/** The account data items containing the secrets, encoded as JSON */
+export declare class SecretStorageItems {
+  masterKey: string
+  userSigningKey: string
+  selfSigningKey: string
+  constructor(items: Record<string, string>)
+}
 /** Information on E2E device updates. */
 export declare class DeviceLists {
   /** Create an empty `DeviceLists`. */

package/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/index.js

@@ -310,7 +310,7 @@ if (!nativeBinding) {
   throw new Error(`Failed to load native binding`)
 }
 
-const { Attachment, EncryptedAttachment, BackupDecryptionKey, MegolmV1BackupKey, RoomKeyCounts, BackupKeys, EncryptionAlgorithm, EncryptionSettings, ShieldColor, ShieldStateCode, ShieldState, HistoryVisibility, UserId, DeviceId, DeviceKeyId, DeviceKeyAlgorithm, DeviceKeyAlgorithmName, RoomId, ServerName, StoreType, OlmMachine, CrossSigningStatus, KeysUploadRequest, KeysQueryRequest, KeysClaimRequest, ToDeviceRequest, SignatureUploadRequest, RoomMessageRequest, KeysBackupRequest, RequestType, DecryptedRoomEvent, DeviceLists, Signatures, Signature, MaybeSignature, SignatureVerification, SignatureState, Ed25519PublicKey, Ed25519Signature, Curve25519PublicKey, IdentityKeys, Versions, getVersions } = nativeBinding
+const { Attachment, EncryptedAttachment, BackupDecryptionKey, MegolmV1BackupKey, RoomKeyCounts, BackupKeys, Device, EncryptionAlgorithm, EncryptionSettings, CollectStrategy, ShieldColor, ShieldStateCode, ShieldState, HistoryVisibility, UserId, DeviceId, DeviceKeyId, DeviceKeyAlgorithm, DeviceKeyAlgorithmName, RoomId, ServerName, StoreType, OlmMachine, CrossSigningStatus, KeysUploadRequest, KeysQueryRequest, KeysClaimRequest, ToDeviceRequest, SignatureUploadRequest, RoomMessageRequest, KeysBackupRequest, RequestType, CrossSigningBootstrapRequests, DecryptedRoomEvent, SecretStorageKey, SecretStorageItems, DeviceLists, Signatures, Signature, MaybeSignature, SignatureVerification, SignatureState, Ed25519PublicKey, Ed25519Signature, Curve25519PublicKey, IdentityKeys, Versions, getVersions } = nativeBinding
 
 module.exports.Attachment = Attachment
 module.exports.EncryptedAttachment = EncryptedAttachment
@@ -318,8 +318,10 @@ module.exports.BackupDecryptionKey = BackupDecryptionKey
 module.exports.MegolmV1BackupKey = MegolmV1BackupKey
 module.exports.RoomKeyCounts = RoomKeyCounts
 module.exports.BackupKeys = BackupKeys
+module.exports.Device = Device
 module.exports.EncryptionAlgorithm = EncryptionAlgorithm
 module.exports.EncryptionSettings = EncryptionSettings
+module.exports.CollectStrategy = CollectStrategy
 module.exports.ShieldColor = ShieldColor
 module.exports.ShieldStateCode = ShieldStateCode
 module.exports.ShieldState = ShieldState
@@ -342,7 +344,10 @@ module.exports.SignatureUploadRequest = SignatureUploadRequest
 module.exports.RoomMessageRequest = RoomMessageRequest
 module.exports.KeysBackupRequest = KeysBackupRequest
 module.exports.RequestType = RequestType
+module.exports.CrossSigningBootstrapRequests = CrossSigningBootstrapRequests
 module.exports.DecryptedRoomEvent = DecryptedRoomEvent
+module.exports.SecretStorageKey = SecretStorageKey
+module.exports.SecretStorageItems = SecretStorageItems
 module.exports.DeviceLists = DeviceLists
 module.exports.Signatures = Signatures
 module.exports.Signature = Signature

package/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@matrix-org/matrix-sdk-crypto-nodejs",
-    "version": "0.4.0",
+    "version": "0.6.0",
     "main": "index.js",
     "types": "index.d.ts",
     "repository": {
@@ -19,13 +19,13 @@
     "devDependencies": {
         "@napi-rs/cli": "^2.18.4",
         "jest": "^29.7.0",
-        "prettier": "^3.3.3",
+        "prettier": "~3.3.3",
         "typedoc": "^0.26.11",
         "typescript": "^5.6.3",
         "yargs-parser": "~21.1.1"
     },
     "engines": {
-        "node": ">= 22"
+        "node": ">= 24"
     },
     "scripts": {
         "lint": "prettier --check .",

package/node_modules/typebox/build/type/script/mapping.d.mts

@@ -164,10 +164,13 @@ export type TExtendsMapping<Input extends [unknown, unknown, unknown, unknown, u
 export declare function ExtendsMapping(input: [unknown, unknown, unknown, unknown, unknown, unknown] | []): unknown;
 export type TBaseMapping<Input extends [unknown, unknown, unknown] | unknown> = (Input extends ['(', infer Type extends T.TSchema, ')'] ? Type : Input extends infer Type extends T.TSchema ? Type : never);
 export declare function BaseMapping(input: [unknown, unknown, unknown] | unknown): unknown;
+export type TWithMapping<Input extends [unknown, unknown] | []> = (Input extends ['with', infer Options extends Record<PropertyKey, unknown>] ? Options : []);
+export declare function WithMapping(input: [unknown, unknown] | []): unknown;
 type TFactorIndexArray<Type extends T.TSchema, IndexArray extends unknown[]> = (IndexArray extends [infer Left extends T.TSchema[], ...infer Right extends unknown[]] ? (Left extends [infer Indexer extends T.TSchema] ? TFactorIndexArray<C.TIndexDeferred<Type, Indexer>, Right> : Left extends [] ? TFactorIndexArray<T.TArray<Type>, Right> : T.TNever) : Type);
 type TFactorExtends<Type extends T.TSchema, Extends extends unknown[]> = (Extends extends [infer Right extends T.TSchema, infer True extends T.TSchema, infer False extends T.TSchema] ? C.TConditionalDeferred<Type, Right, True, False> : Type);
-export type TFactorMapping<Input extends [unknown, unknown, unknown, unknown]> = (Input extends [infer KeyOf extends boolean, infer Type extends T.TSchema, infer IndexArray extends unknown[], infer Extend extends unknown[]] ? KeyOf extends true ? TFactorExtends<C.TKeyOfDeferred<TFactorIndexArray<Type, IndexArray>>, Extend> : TFactorExtends<TFactorIndexArray<Type, IndexArray>, Extend> : never);
-export declare function FactorMapping(input: [unknown, unknown, unknown, unknown]): unknown;
+type TFactorWith<Type extends T.TSchema, With extends unknown> = (With extends Record<PropertyKey, unknown> ? C.TOptionsDeferred<Type, With> : Type);
+export type TFactorMapping<Input extends [unknown, unknown, unknown, unknown, unknown]> = (Input extends [infer KeyOf extends boolean, infer Type extends T.TSchema, infer IndexArray extends unknown[], infer Extend extends unknown[], infer WithClause extends unknown] ? TFactorWith<KeyOf extends true ? TFactorExtends<C.TKeyOfDeferred<TFactorIndexArray<Type, IndexArray>>, Extend> : TFactorExtends<TFactorIndexArray<Type, IndexArray>, Extend>, WithClause> : never);
+export declare function FactorMapping(input: [unknown, unknown, unknown, unknown, unknown]): unknown;
 type TExprBinaryMapping<Left extends T.TSchema, Rest extends unknown[]> = (Rest extends [infer Operator extends unknown, infer Right extends T.TSchema, infer Next extends unknown[]] ? (TExprBinaryMapping<Right, Next> extends infer Schema extends T.TSchema ? (Operator extends '&' ? (Schema extends T.TIntersect<infer Types extends T.TSchema[]> ? T.TIntersect<[Left, ...Types]> : T.TIntersect<[Left, Schema]>) : Operator extends '|' ? (Schema extends T.TUnion<infer Types extends T.TSchema[]> ? T.TUnion<[Left, ...Types]> : T.TUnion<[Left, Schema]>) : never) : never) : Left);
 export type TExprTermTailMapping<Input extends [unknown, unknown, unknown] | []> = (Input);
 export declare function ExprTermTailMapping(input: [unknown, unknown, unknown] | []): unknown;

package/node_modules/typebox/build/type/script/mapping.mjs

@@ -185,27 +185,34 @@ export function BaseMapping(input) {
         ? input[1]
         : input;
 }
+export function WithMapping(input) {
+    return Guard.IsEqual(input.length, 2) ? input[1] : [];
+}
 // deno-coverage-ignore-start
-// ...
-const FactorIndexArray = (Type, indexArray) => {
+function FactorIndexArray(Type, indexArray) {
     return indexArray.reduce((result, left) => {
         const _left = left;
         return (Guard.IsEqual(_left.length, 1) ? C.IndexDeferred(result, _left[0]) :
             Guard.IsEqual(_left.length, 0) ? T.Array(result) :
                 Unreachable());
     }, Type);
-};
+}
 // deno-coverage-ignore-stop
-const FactorExtends = (type, extend) => {
+function FactorExtends(type, extend) {
     return Guard.IsEqual(extend.length, 3)
         ? C.ConditionalDeferred(type, extend[0], extend[1], extend[2])
         : type;
-};
+}
+function FactorWith(type, withClause) {
+    return Guard.IsArray(withClause) && Guard.IsEqual(withClause.length, 0)
+        ? type
+        : C.OptionsDeferred(type, withClause);
+}
 export function FactorMapping(input) {
-    const [keyOf, type, indexArray, extend] = input;
-    return keyOf
+    const [keyOf, type, indexArray, extend, withClause] = input;
+    return FactorWith(keyOf
         ? FactorExtends(C.KeyOfDeferred(FactorIndexArray(type, indexArray)), extend)
-        : FactorExtends(FactorIndexArray(type, indexArray), extend);
+        : FactorExtends(FactorIndexArray(type, indexArray), extend), withClause);
 }
 // deno-coverage-ignore-start
 function ExprBinaryMapping(left, rest) {

package/node_modules/typebox/build/type/script/parser.d.mts

@@ -43,7 +43,8 @@ export type TIndexArray_0<Input extends string, Result extends unknown[] = []> =
 export type TIndexArray<Input extends string> = TIndexArray_0<Input> extends [infer _0 extends ([unknown, unknown, unknown] | [unknown, unknown])[], infer Input extends string] ? [S.TIndexArrayMapping<_0>, Input] : [];
 export type TExtends<Input extends string> = ((Token.TConst<'extends', Input> extends [infer _0, infer Input extends string] ? (TType<Input> extends [infer _1, infer Input extends string] ? (Token.TConst<'?', Input> extends [infer _2, infer Input extends string] ? (TType<Input> extends [infer _3, infer Input extends string] ? (Token.TConst<':', Input> extends [infer _4, infer Input extends string] ? (TType<Input> extends [infer _5, infer Input extends string] ? [[_0, _1, _2, _3, _4, _5], Input] : []) : []) : []) : []) : []) : []) extends [infer _0, infer Input extends string] ? [_0, Input] : [[], Input] extends [infer _0, infer Input extends string] ? [_0, Input] : []) extends [infer _0 extends [unknown, unknown, unknown, unknown, unknown, unknown] | [], infer Input extends string] ? [S.TExtendsMapping<_0>, Input] : [];
 export type TBase<Input extends string> = ((Token.TConst<'(', Input> extends [infer _0, infer Input extends string] ? (TType<Input> extends [infer _1, infer Input extends string] ? (Token.TConst<')', Input> extends [infer _2, infer Input extends string] ? [[_0, _1, _2], Input] : []) : []) : []) extends [infer _0, infer Input extends string] ? [_0, Input] : TKeyword<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : T_Object_<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TTuple<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TTemplateLiteral<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TLiteral<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TConstructor<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : T_Function_<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TMapped<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TOptions<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TGenericCall<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : TReference<Input> extends [infer _0, infer Input extends string] ? [_0, Input] : []) extends [infer _0 extends [unknown, unknown, unknown] | unknown, infer Input extends string] ? [S.TBaseMapping<_0>, Input] : [];
-export type TFactor<Input extends string> = (TKeyOf<Input> extends [infer _0, infer Input extends string] ? (TBase<Input> extends [infer _1, infer Input extends string] ? (TIndexArray<Input> extends [infer _2, infer Input extends string] ? (TExtends<Input> extends [infer _3, infer Input extends string] ? [[_0, _1, _2, _3], Input] : []) : []) : []) : []) extends [infer _0 extends [unknown, unknown, unknown, unknown], infer Input extends string] ? [S.TFactorMapping<_0>, Input] : [];
+export type TWith<Input extends string> = ((Token.TConst<'with', Input> extends [infer _0, infer Input extends string] ? (TJsonObject<Input> extends [infer _1, infer Input extends string] ? [[_0, _1], Input] : []) : []) extends [infer _0, infer Input extends string] ? [_0, Input] : [[], Input] extends [infer _0, infer Input extends string] ? [_0, Input] : []) extends [infer _0 extends [unknown, unknown] | [], infer Input extends string] ? [S.TWithMapping<_0>, Input] : [];
+export type TFactor<Input extends string> = (TKeyOf<Input> extends [infer _0, infer Input extends string] ? (TBase<Input> extends [infer _1, infer Input extends string] ? (TIndexArray<Input> extends [infer _2, infer Input extends string] ? (TExtends<Input> extends [infer _3, infer Input extends string] ? (TWith<Input> extends [infer _4, infer Input extends string] ? [[_0, _1, _2, _3, _4], Input] : []) : []) : []) : []) : []) extends [infer _0 extends [unknown, unknown, unknown, unknown, unknown], infer Input extends string] ? [S.TFactorMapping<_0>, Input] : [];
 export type TExprTermTail<Input extends string> = ((Token.TConst<'&', Input> extends [infer _0, infer Input extends string] ? (TFactor<Input> extends [infer _1, infer Input extends string] ? (TExprTermTail<Input> extends [infer _2, infer Input extends string] ? [[_0, _1, _2], Input] : []) : []) : []) extends [infer _0, infer Input extends string] ? [_0, Input] : [[], Input] extends [infer _0, infer Input extends string] ? [_0, Input] : []) extends [infer _0 extends [unknown, unknown, unknown] | [], infer Input extends string] ? [S.TExprTermTailMapping<_0>, Input] : [];
 export type TExprTerm<Input extends string> = (TFactor<Input> extends [infer _0, infer Input extends string] ? (TExprTermTail<Input> extends [infer _1, infer Input extends string] ? [[_0, _1], Input] : []) : []) extends [infer _0 extends [unknown, unknown], infer Input extends string] ? [S.TExprTermMapping<_0>, Input] : [];
 export type TExprTail<Input extends string> = ((Token.TConst<'|', Input> extends [infer _0, infer Input extends string] ? (TExprTerm<Input> extends [infer _1, infer Input extends string] ? (TExprTail<Input> extends [infer _2, infer Input extends string] ? [[_0, _1, _2], Input] : []) : []) : []) extends [infer _0, infer Input extends string] ? [_0, Input] : [[], Input] extends [infer _0, infer Input extends string] ? [_0, Input] : []) extends [infer _0 extends [unknown, unknown, unknown] | [], infer Input extends string] ? [S.TExprTailMapping<_0>, Input] : [];
@@ -172,6 +173,7 @@ export declare const IndexArray_0: (input: string, result?: unknown[]) => [unkno
 export declare const IndexArray: (input: string) => [unknown, string] | [];
 export declare const Extends: (input: string) => [unknown, string] | [];
 export declare const Base: (input: string) => [unknown, string] | [];
+export declare const With: (input: string) => [unknown, string] | [];
 export declare const Factor: (input: string) => [unknown, string] | [];
 export declare const ExprTermTail: (input: string) => [unknown, string] | [];
 export declare const ExprTerm: (input: string) => [unknown, string] | [];

package/node_modules/typebox/build/type/script/parser.mjs

@@ -47,7 +47,8 @@ export const IndexArray_0 = (input, result = []) => If(If(If(Token.Const('[', in
 export const IndexArray = (input) => If(IndexArray_0(input), ([_0, input]) => [S.IndexArrayMapping(_0), input]);
 export const Extends = (input) => If(If(If(Token.Const('extends', input), ([_0, input]) => If(Type(input), ([_1, input]) => If(Token.Const('?', input), ([_2, input]) => If(Type(input), ([_3, input]) => If(Token.Const(':', input), ([_4, input]) => If(Type(input), ([_5, input]) => [[_0, _1, _2, _3, _4, _5], input])))))), ([_0, input]) => [_0, input], () => If([[], input], ([_0, input]) => [_0, input], () => [])), ([_0, input]) => [S.ExtendsMapping(_0), input]);
 export const Base = (input) => If(If(If(Token.Const('(', input), ([_0, input]) => If(Type(input), ([_1, input]) => If(Token.Const(')', input), ([_2, input]) => [[_0, _1, _2], input]))), ([_0, input]) => [_0, input], () => If(Keyword(input), ([_0, input]) => [_0, input], () => If(_Object_(input), ([_0, input]) => [_0, input], () => If(Tuple(input), ([_0, input]) => [_0, input], () => If(TemplateLiteral(input), ([_0, input]) => [_0, input], () => If(Literal(input), ([_0, input]) => [_0, input], () => If(Constructor(input), ([_0, input]) => [_0, input], () => If(_Function_(input), ([_0, input]) => [_0, input], () => If(Mapped(input), ([_0, input]) => [_0, input], () => If(Options(input), ([_0, input]) => [_0, input], () => If(GenericCall(input), ([_0, input]) => [_0, input], () => If(Reference(input), ([_0, input]) => [_0, input], () => [])))))))))))), ([_0, input]) => [S.BaseMapping(_0), input]);
-export const Factor = (input) => If(If(KeyOf(input), ([_0, input]) => If(Base(input), ([_1, input]) => If(IndexArray(input), ([_2, input]) => If(Extends(input), ([_3, input]) => [[_0, _1, _2, _3], input])))), ([_0, input]) => [S.FactorMapping(_0), input]);
+export const With = (input) => If(If(If(Token.Const('with', input), ([_0, input]) => If(JsonObject(input), ([_1, input]) => [[_0, _1], input])), ([_0, input]) => [_0, input], () => If([[], input], ([_0, input]) => [_0, input], () => [])), ([_0, input]) => [S.WithMapping(_0), input]);
+export const Factor = (input) => If(If(KeyOf(input), ([_0, input]) => If(Base(input), ([_1, input]) => If(IndexArray(input), ([_2, input]) => If(Extends(input), ([_3, input]) => If(With(input), ([_4, input]) => [[_0, _1, _2, _3, _4], input]))))), ([_0, input]) => [S.FactorMapping(_0), input]);
 export const ExprTermTail = (input) => If(If(If(Token.Const('&', input), ([_0, input]) => If(Factor(input), ([_1, input]) => If(ExprTermTail(input), ([_2, input]) => [[_0, _1, _2], input]))), ([_0, input]) => [_0, input], () => If([[], input], ([_0, input]) => [_0, input], () => [])), ([_0, input]) => [S.ExprTermTailMapping(_0), input]);
 export const ExprTerm = (input) => If(If(Factor(input), ([_0, input]) => If(ExprTermTail(input), ([_1, input]) => [[_0, _1], input])), ([_0, input]) => [S.ExprTermMapping(_0), input]);
 export const ExprTail = (input) => If(If(If(Token.Const('|', input), ([_0, input]) => If(ExprTerm(input), ([_1, input]) => If(ExprTail(input), ([_2, input]) => [[_0, _1, _2], input]))), ([_0, input]) => [_0, input], () => If([[], input], ([_0, input]) => [_0, input], () => [])), ([_0, input]) => [S.ExprTailMapping(_0), input]);

package/node_modules/typebox/package.json

@@ -1,7 +1,7 @@
 {
   "name": "typebox",
   "description": "Json Schema Type Builder with Static Type Resolution for TypeScript",
-  "version": "1.1.38",
+  "version": "1.1.39",
   "keywords": [
     "typescript",
     "jsonschema"
@@ -16,22 +16,6 @@
   "types": "./build/index.d.mts",
   "module": "./build/index.mjs",
   "exports": {
-    "./guard": {
-      "import": "./build/guard/index.mjs",
-      "default": "./build/guard/index.mjs"
-    },
-    "./error": {
-      "import": "./build/error/index.mjs",
-      "default": "./build/error/index.mjs"
-    },
-    "./compile": {
-      "import": "./build/compile/index.mjs",
-      "default": "./build/compile/index.mjs"
-    },
-    "./system": {
-      "import": "./build/system/index.mjs",
-      "default": "./build/system/index.mjs"
-    },
     "./format": {
       "import": "./build/format/index.mjs",
       "default": "./build/format/index.mjs"
@@ -44,10 +28,26 @@
       "import": "./build/schema/index.mjs",
       "default": "./build/schema/index.mjs"
     },
+    "./compile": {
+      "import": "./build/compile/index.mjs",
+      "default": "./build/compile/index.mjs"
+    },
     "./value": {
       "import": "./build/value/index.mjs",
       "default": "./build/value/index.mjs"
     },
+    "./guard": {
+      "import": "./build/guard/index.mjs",
+      "default": "./build/guard/index.mjs"
+    },
+    "./system": {
+      "import": "./build/system/index.mjs",
+      "default": "./build/system/index.mjs"
+    },
+    "./error": {
+      "import": "./build/error/index.mjs",
+      "default": "./build/error/index.mjs"
+    },
     ".": {
       "import": "./build/index.mjs",
       "default": "./build/index.mjs"
@@ -55,18 +55,6 @@
   },
   "typesVersions": {
     "*": {
-      "guard": [
-        "./build/guard/index.d.mts"
-      ],
-      "error": [
-        "./build/error/index.d.mts"
-      ],
-      "compile": [
-        "./build/compile/index.d.mts"
-      ],
-      "system": [
-        "./build/system/index.d.mts"
-      ],
       "format": [
         "./build/format/index.d.mts"
       ],
@@ -76,9 +64,21 @@
       "schema": [
         "./build/schema/index.d.mts"
       ],
+      "compile": [
+        "./build/compile/index.d.mts"
+      ],
       "value": [
         "./build/value/index.d.mts"
       ],
+      "guard": [
+        "./build/guard/index.d.mts"
+      ],
+      "system": [
+        "./build/system/index.d.mts"
+      ],
+      "error": [
+        "./build/error/index.d.mts"
+      ],
       ".": [
         "./build/index.d.mts"
       ]