@pikku/inspector 0.12.14 → 0.12.17

package/CHANGELOG.md

@@ -1,3 +1,36 @@
+## 0.12.17
+
+### Patch Changes
+
+- 2cf67be: Add inline option to pikkuFunc/pikkuSessionlessFunc for workflow step dispatch
+
+  By default, workflow steps now run inline (no queue hop). Set inline: false on a function to force dispatch through the queue for that step.
+
+- Updated dependencies [2cf67be]
+  - @pikku/core@0.12.28
+
+## 0.12.16
+
+### Patch Changes
+
+- 646c5a8: Fix inspector failing to extract descriptions written as string concatenation (`+`). Descriptions like `'line one ' + 'line two'` are now correctly resolved to their full value. The `checker` parameter is also threaded through `getCommonWireMetaData` so all wiring types benefit from static string evaluation.
+
+## 0.12.15
+
+### Patch Changes
+
+- 0db854e: Fix workflow DSL extractor treating `x = await workflow.do(...)` as a set-step when `x` was previously declared as `null`. The referenced function is now correctly registered in `invokedFunctions` and `internalFiles`, so it appears in the generated `pikku-functions.gen.ts`.
+- 8249f6f: Fix `isStringLike` to unwrap type assertion expressions (`as T` / `<T>expr`) so that `workflow.do('step', 'rpcName' as any, data)` is correctly parsed as an RPC step rather than silently dropped as an inline step. Also removes the `as any` cast from the `Emails` step in `all.workflow.ts` now that the inspector handles it, and ensures `pikku all` generates email template artifacts.
+- f373a87: Fix PKU910 classification semantics and Postgres annotation propagation.
+
+  **Inspector (`@pikku/inspector`):**
+  - `findPiiPaths()` now returns `ClassifiedField[]` (path + classification level) so `private`/`pii` and `secret` brands are distinguished
+  - `Secret<T>` fields are blocked in the output of all exposed functions (sessioned or not)
+  - `Private<T>` / `Pii<T>` fields are only blocked in sessionless functions — authenticated (sessioned) functions may return private-classified data to their callers
+
+  **CLI (`@pikku/cli`):**
+  - Fix missing `rootDir` in the Postgres `generateSchemaTypes` call — the annotations sidecar file (`db/annotations.gen.json`) was silently ignored during Postgres migrations, causing columns annotated `@public` to remain branded as `Private<T>` in the generated schema
+
 ## 0.12.14
 
 ### Patch Changes

package/dist/add/add-ai-agent.js

@@ -159,7 +159,7 @@ export const addAIAgent = (logger, node, checker, state, options) => {
     if (ts.isObjectLiteralExpression(firstArg)) {
         const obj = firstArg;
         const nameValue = getPropertyValue(obj, 'name');
-        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'AI agent', nameValue, logger);
+        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'AI agent', nameValue, logger, checker);
         if (disabled)
             return;
         const modelValue = getPropertyValue(obj, 'model');

package/dist/add/add-channel.js

@@ -165,7 +165,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
                                         if (fnMeta) {
                                             // Resolve middleware for this route
                                             const routeTags = ts.isObjectLiteralExpression(init)
-                                                ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                                                ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                                                 : undefined;
                                             const routeMiddleware = ts.isObjectLiteralExpression(init)
                                                 ? resolveMiddleware(state, init, routeTags, checker)
@@ -187,7 +187,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
                                     if (fnMeta) {
                                         // Resolve middleware for this route
                                         const routeTags = ts.isObjectLiteralExpression(init)
-                                            ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                                            ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                                             : undefined;
                                         const routeMiddleware = ts.isObjectLiteralExpression(init)
                                             ? resolveMiddleware(state, init, routeTags, checker)
@@ -220,7 +220,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
                                                 if (fnMeta) {
                                                     // Resolve middleware for this route
                                                     const routeTags = ts.isObjectLiteralExpression(init)
-                                                        ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                                                        ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                                                         : undefined;
                                                     const routeMiddleware = ts.isObjectLiteralExpression(init)
                                                         ? resolveMiddleware(state, init, routeTags, checker)
@@ -239,7 +239,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
                                                 if (fnMeta) {
                                                     // Resolve middleware for this route
                                                     const routeTags = ts.isObjectLiteralExpression(init)
-                                                        ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                                                        ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                                                         : undefined;
                                                     const routeMiddleware = ts.isObjectLiteralExpression(init)
                                                         ? resolveMiddleware(state, init, routeTags, checker)
@@ -303,7 +303,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
                             if (fnMeta) {
                                 // Resolve middleware for this route
                                 const routeTags = ts.isObjectLiteralExpression(init)
-                                    ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                                    ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                                     : undefined;
                                 const routeMiddleware = ts.isObjectLiteralExpression(init)
                                     ? resolveMiddleware(state, init, routeTags, checker)
@@ -332,7 +332,7 @@ export function addMessagesRoutes(logger, obj, state, checker) {
             // Resolve middleware and permissions for this route
             // Check if the route config is an object literal with middleware/permissions
             const routeTags = ts.isObjectLiteralExpression(init)
-                ? getCommonWireMetaData(init, 'Channel message', routeKey, logger).tags
+                ? getCommonWireMetaData(init, 'Channel message', routeKey, logger, checker).tags
                 : undefined;
             const routeMiddleware = ts.isObjectLiteralExpression(init)
                 ? resolveMiddleware(state, init, routeTags, checker)
@@ -378,7 +378,7 @@ export const addChannel = (logger, node, checker, state, options) => {
             .keys.filter((k) => k.type === 'param')
             .map((k) => k.name)
         : [];
-    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Channel', name, logger);
+    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Channel', name, logger, checker);
     if (disabled)
         return;
     const query = getPropertyValue(obj, 'query');
@@ -437,6 +437,24 @@ export const addChannel = (logger, node, checker, state, options) => {
             : null;
         state.serviceAggregation.usedFunctions.add(disconnectFuncId);
     }
+    // Synthesize function meta for connect/disconnect handlers that are defined
+    // with pikkuChannelConnectionFunc/pikkuChannelDisconnectionFunc (not pikkuFunc/
+    // pikkuSessionlessFunc), so the runtime has correct sessionless info without
+    // needing to inject it at runtime.
+    {
+        const routeAuth = getPropertyValue(obj, 'auth');
+        const sessionless = routeAuth === false ? true : undefined;
+        for (const funcId of [connectFuncId, disconnectFuncId]) {
+            if (funcId && !state.functions.meta[funcId]) {
+                state.functions.meta[funcId] = {
+                    pikkuFuncId: funcId,
+                    sessionless,
+                    inputSchemaName: null,
+                    outputSchemaName: null,
+                };
+            }
+        }
+    }
     if (message) {
         state.serviceAggregation.usedFunctions.add(message.pikkuFuncId);
     }

package/dist/add/add-functions.js

@@ -277,6 +277,7 @@ export const addFunctions = (logger, node, checker, state, options) => {
     let deploy;
     let approvalRequired;
     let approvalDescription;
+    let inline;
     let version;
     let objectNode;
     let nodeDisplayName = null;
@@ -330,7 +331,7 @@ export const addFunctions = (logger, node, checker, state, options) => {
     // Extract config properties if using object form
     if (ts.isObjectLiteralExpression(firstArg)) {
         objectNode = firstArg;
-        const metadata = getCommonWireMetaData(firstArg, 'Function', name, logger);
+        const metadata = getCommonWireMetaData(firstArg, 'Function', name, logger, checker);
         if (metadata.disabled)
             return;
         title = metadata.title;
@@ -344,6 +345,7 @@ export const addFunctions = (logger, node, checker, state, options) => {
         readonly_ = getPropertyValue(firstArg, 'readonly');
         deploy = getPropertyValue(firstArg, 'deploy');
         approvalRequired = getPropertyValue(firstArg, 'approvalRequired');
+        inline = getPropertyValue(firstArg, 'inline');
         // Extract approvalDescription identifier reference
         for (const prop of firstArg.properties) {
             if (ts.isPropertyAssignment(prop) &&
@@ -627,22 +629,38 @@ export const addFunctions = (logger, node, checker, state, options) => {
             }
         }
     }
-    // ── PII brand check ───────────────────────────────────────────────────────
-    // Walk the function body's ACTUAL inferred return type looking for Private<T>
-    // / Pii<T> / Secret<T> brands (__classification__ property).  This runs for every function,
-    // including those with a Zod output schema, because the TS return type
-    // reflects what the body actually returns before any Zod coercion.
+    const sessionless = expression.text !== 'pikkuFunc';
+    // ── Classification brand check ─────────────────────────────────────────────
+    // Walk the function body's ACTUAL inferred return type looking for classification
+    // brands (__classification__ property on Private<T>, Pii<T>, Secret<T>).
+    //
+    // Semantics:
+    //   secret  → never returned by any exposed function (sessioned or not)
+    //   private → only visible to authenticated (sessioned) users; ok for pikkuFunc
+    //   public  → safe for sessionless functions
     {
         const sig = checker.getSignatureFromDeclaration(handler);
         if (sig) {
             const rawRet = checker.getReturnTypeOfSignature(sig);
             const unwrapped = unwrapPromise(checker, rawRet);
-            const piiPaths = findPiiPaths(checker, unwrapped);
-            if (piiPaths.length > 0) {
-                logger.critical(ErrorCode.PII_IN_OUTPUT, `Function '${name}' exposes PII-classified field(s) in its return type: ` +
-                    piiPaths.map((p) => `'${p}'`).join(', ') +
-                    `.\n  Either strip these fields before returning or mark the column ` +
-                    `@public in the migration if it is safe to expose.`);
+            const classifiedFields = findPiiPaths(checker, unwrapped);
+            const secretPaths = classifiedFields
+                .filter((f) => f.classification === 'secret')
+                .map((f) => f.path);
+            const privatePaths = classifiedFields
+                .filter((f) => f.classification === 'private' || f.classification === 'pii')
+                .map((f) => f.path);
+            if (secretPaths.length > 0) {
+                logger.critical(ErrorCode.PII_IN_OUTPUT, `Function '${name}' exposes secret-classified field(s) in its return type: ` +
+                    secretPaths.map((p) => `'${p}'`).join(', ') +
+                    `.\n  Secret fields must never appear in function output. ` +
+                    `Strip these fields before returning or change the column classification.`);
+            }
+            if (sessionless && privatePaths.length > 0) {
+                logger.critical(ErrorCode.PII_IN_OUTPUT, `Sessionless function '${name}' exposes private-classified field(s) in its return type: ` +
+                    privatePaths.map((p) => `'${p}'`).join(', ') +
+                    `.\n  Private fields are only safe to return from authenticated (sessioned) functions. ` +
+                    `Either require a session (use pikkuFunc) or mark the column @public if it is safe to expose publicly.`);
             }
         }
     }
@@ -675,7 +693,6 @@ export const addFunctions = (logger, node, checker, state, options) => {
             permissions = [...(permissions || []), ...newPermissions];
         }
     }
-    const sessionless = expression.text !== 'pikkuFunc';
     const implementationHash = computeImplementationHash({
         wrapper: expression.text,
         handler,
@@ -701,6 +718,7 @@ export const addFunctions = (logger, node, checker, state, options) => {
         deploy: deploy || undefined,
         approvalRequired: approvalRequired || undefined,
         approvalDescription: approvalDescription || undefined,
+        inline: inline === false ? false : undefined,
         implementationHash,
         version,
         title,

package/dist/add/add-gateway.js

@@ -23,7 +23,7 @@ export const addGateway = (logger, node, checker, state, _options) => {
     const nameValue = getPropertyValue(obj, 'name');
     const typeValue = getPropertyValue(obj, 'type');
     const routeValue = getPropertyValue(obj, 'route');
-    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Gateway', nameValue, logger);
+    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Gateway', nameValue, logger, checker);
     if (disabled)
         return;
     const funcInitializer = getPropertyAssignmentInitializer(obj, 'func', true, checker);

package/dist/add/add-http-route.js

@@ -97,7 +97,7 @@ export function registerHTTPRoute({ obj, state, checker, logger, sourceFile, bas
         return;
     }
     // Get common metadata
-    const { disabled, title, tags: routeTags, summary, description, errors, } = getCommonWireMetaData(obj, 'HTTP route', fullRoute, logger);
+    const { disabled, title, tags: routeTags, summary, description, errors, } = getCommonWireMetaData(obj, 'HTTP route', fullRoute, logger, checker);
     if (disabled)
         return;
     // Merge inherited tags with route tags
@@ -136,6 +136,28 @@ export function registerHTTPRoute({ obj, state, checker, logger, sourceFile, bas
         }
     }
     ensureFunctionMetadata(state, funcName, fullRoute, funcInitializer, checker, extracted.isHelper);
+    // Propagate sessionless from the addon target so the runtime can correctly
+    // determine whether a session is required for ref()-based routes.
+    if (refAddonTarget) {
+        const targetMeta = resolveFunctionMeta(state, refAddonTarget);
+        const inlineMeta = state.functions.meta[funcName];
+        if (targetMeta && inlineMeta && targetMeta.sessionless !== undefined) {
+            inlineMeta.sessionless = targetMeta.sessionless;
+        }
+    }
+    // For inline functions (e.g. oauth2 handlers), propagate sessionless: true
+    // when auth is explicitly disabled at the route or group level — the
+    // developer opted out of auth so no session is required.
+    {
+        const inlineMeta = state.functions.meta[funcName];
+        if (inlineMeta && inlineMeta.sessionless === undefined) {
+            const routeAuth = getPropertyValue(obj, 'auth');
+            const resolvedAuth = routeAuth === true || routeAuth === false ? routeAuth : inheritedAuth;
+            if (resolvedAuth === false) {
+                inlineMeta.sessionless = true;
+            }
+        }
+    }
     // Lookup existing function metadata
     const fnMeta = resolveFunctionMeta(state, funcName);
     if (!fnMeta) {

package/dist/add/add-mcp-prompt.js

@@ -25,7 +25,7 @@ export const addMCPPrompt = (logger, node, checker, state, options) => {
     if (ts.isObjectLiteralExpression(firstArg)) {
         const obj = firstArg;
         const nameValue = getPropertyValue(obj, 'name');
-        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'MCP prompt', nameValue, logger);
+        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'MCP prompt', nameValue, logger, checker);
         if (disabled)
             return;
         const funcInitializer = getPropertyAssignmentInitializer(obj, 'func', true, checker);

package/dist/add/add-mcp-resource.js

@@ -26,7 +26,7 @@ export const addMCPResource = (logger, node, checker, state, options) => {
         const obj = firstArg;
         const uriValue = getPropertyValue(obj, 'uri');
         const titleValue = getPropertyValue(obj, 'title');
-        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'MCP resource', uriValue, logger);
+        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'MCP resource', uriValue, logger, checker);
         if (disabled)
             return;
         const streamingValue = getPropertyValue(obj, 'streaming');

package/dist/add/add-queue-worker.js

@@ -23,7 +23,7 @@ export const addQueueWorker = (logger, node, checker, state) => {
     if (ts.isObjectLiteralExpression(firstArg)) {
         const obj = firstArg;
         const name = getPropertyValue(obj, 'name');
-        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Queue worker', name, logger);
+        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Queue worker', name, logger, checker);
         if (disabled)
             return;
         // --- find the referenced function ---

package/dist/add/add-schedule.js

@@ -24,7 +24,7 @@ export const addSchedule = (logger, node, checker, state, options) => {
         const obj = firstArg;
         const nameValue = getPropertyValue(obj, 'name');
         const scheduleValue = getPropertyValue(obj, 'schedule');
-        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Scheduler', nameValue, logger);
+        const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Scheduler', nameValue, logger, checker);
         if (disabled)
             return;
         const funcInitializer = getPropertyAssignmentInitializer(obj, 'func', true, checker);

package/dist/add/add-trigger.js

@@ -29,7 +29,7 @@ const addWireTrigger = (logger, node, checker, state, firstArg) => {
     }
     const obj = firstArg;
     const nameValue = getPropertyValue(obj, 'name');
-    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Trigger', nameValue, logger);
+    const { disabled, tags, summary, description, errors } = getCommonWireMetaData(obj, 'Trigger', nameValue, logger, checker);
     if (disabled)
         return;
     const funcInitializer = getPropertyAssignmentInitializer(obj, 'func', true, checker);

package/dist/add/add-workflow.js

@@ -185,7 +185,7 @@ export const addWorkflow = (logger, node, checker, state) => {
     let inline;
     let expose;
     if (ts.isObjectLiteralExpression(firstArg)) {
-        const metadata = getCommonWireMetaData(firstArg, 'Workflow', workflowName, logger);
+        const metadata = getCommonWireMetaData(firstArg, 'Workflow', workflowName, logger, checker);
         if (metadata.disabled)
             return;
         tags = metadata.tags;

package/dist/utils/check-pii-output.d.ts

@@ -1,14 +1,19 @@
 import * as ts from 'typescript';
+export type ClassifiedField = {
+    path: string;
+    classification: 'private' | 'pii' | 'secret' | string;
+};
 /**
  * Recursively walks a resolved TypeScript type looking for `__classification__` brands —
- * the structural marker emitted by `Private<T>` and `Secret<T>`.
+ * the structural marker emitted by `Private<T>`, `Pii<T>`, and `Secret<T>`.
  *
  * `Private<T> = T & { readonly __classification__: 'private' }` shows up in the TS type
  * system as an intersection whose constituents include a type with a `__classification__`
  * property.  We detect that by checking whether any constituent of an
  * intersection exposes a property named `__classification__`.
  *
- * Returns the list of dotted field paths where a brand was found
- * (e.g. `['email', 'address.phone']`).  An empty array means clean.
+ * Returns the list of classified fields found, each with its dotted path and
+ * classification level (e.g. `[{ path: 'email', classification: 'private' }]`).
+ * An empty array means clean.
  */
-export declare function findPiiPaths(checker: ts.TypeChecker, type: ts.Type, path?: string, depth?: number, seen?: Set<ts.Type>): string[];
+export declare function findPiiPaths(checker: ts.TypeChecker, type: ts.Type, path?: string, depth?: number, seen?: Set<ts.Type>): ClassifiedField[];

package/dist/utils/check-pii-output.js

@@ -1,15 +1,16 @@
 import * as ts from 'typescript';
 /**
  * Recursively walks a resolved TypeScript type looking for `__classification__` brands —
- * the structural marker emitted by `Private<T>` and `Secret<T>`.
+ * the structural marker emitted by `Private<T>`, `Pii<T>`, and `Secret<T>`.
  *
  * `Private<T> = T & { readonly __classification__: 'private' }` shows up in the TS type
  * system as an intersection whose constituents include a type with a `__classification__`
  * property.  We detect that by checking whether any constituent of an
  * intersection exposes a property named `__classification__`.
  *
- * Returns the list of dotted field paths where a brand was found
- * (e.g. `['email', 'address.phone']`).  An empty array means clean.
+ * Returns the list of classified fields found, each with its dotted path and
+ * classification level (e.g. `[{ path: 'email', classification: 'private' }]`).
+ * An empty array means clean.
  */
 export function findPiiPaths(checker, type, path = '', depth = 0, seen = new Set()) {
     if (depth > 8 || seen.has(type))
@@ -17,11 +18,20 @@ export function findPiiPaths(checker, type, path = '', depth = 0, seen = new Set
     seen.add(type);
     // ── Is this type itself branded? ─────────────────────────────────────────
     // Private<T> = T & { readonly __classification__: 'private' }  →  isIntersection()
-    // where one constituent has a `__classification__` property.
+    // where one constituent has a `__classification__` property whose type is a string literal.
     if (type.isIntersection()) {
-        const branded = type.types.some((t) => t.getProperties().some((p) => p.name === '__classification__'));
-        if (branded) {
-            return [path || '<return value>'];
+        for (const t of type.types) {
+            const classificationProp = t
+                .getProperties()
+                .find((p) => p.name === '__classification__');
+            if (classificationProp) {
+                const decl = classificationProp.valueDeclaration ??
+                    classificationProp.declarations?.[0];
+                const classification = decl
+                    ? (checker.getTypeOfSymbolAtLocation(classificationProp, decl)?.value ?? 'private')
+                    : 'private';
+                return [{ path: path || '<return value>', classification }];
+            }
         }
     }
     const violations = [];

package/dist/utils/custom-types-generator.js

@@ -7,6 +7,53 @@
 export function sanitizeTypeName(name) {
     return name.replace(/[^a-zA-Z0-9_$]/g, '_');
 }
+const CLASSIFICATION_WRAPPERS = new Set(['Private', 'Pii', 'Secret']);
+function findMatchingAngleBracket(type, startIndex) {
+    let depth = 0;
+    for (let i = startIndex; i < type.length; i += 1) {
+        const char = type[i];
+        if (char === '<') {
+            depth += 1;
+            continue;
+        }
+        if (char === '>' && (i === 0 || type[i - 1] !== '=')) {
+            depth -= 1;
+            if (depth === 0) {
+                return i;
+            }
+        }
+    }
+    return -1;
+}
+function stripClassificationWrappers(type) {
+    let output = '';
+    let index = 0;
+    while (index < type.length) {
+        const char = type[index];
+        if (!/[A-Za-z_$]/.test(char)) {
+            output += char;
+            index += 1;
+            continue;
+        }
+        let end = index + 1;
+        while (end < type.length && /[A-Za-z0-9_$]/.test(type[end])) {
+            end += 1;
+        }
+        const identifier = type.slice(index, end);
+        if (CLASSIFICATION_WRAPPERS.has(identifier) && type[end] === '<') {
+            const closingIndex = findMatchingAngleBracket(type, end);
+            if (closingIndex !== -1) {
+                const inner = type.slice(end + 1, closingIndex);
+                output += stripClassificationWrappers(inner);
+                index = closingIndex + 1;
+                continue;
+            }
+        }
+        output += identifier;
+        index = end;
+    }
+    return output;
+}
 export function generateCustomTypes(typesMap, requiredTypes) {
     const typeDeclarations = Array.from(typesMap.customTypes.entries())
         .sort(([a], [b]) => a.localeCompare(b))
@@ -17,11 +64,13 @@ export function generateCustomTypes(typesMap, requiredTypes) {
         .map(([originalName, { type, references }]) => {
         const name = sanitizeTypeName(originalName);
         references.forEach((refName) => {
-            if (refName !== '__object' && !refName.startsWith('__object_')) {
+            if (refName !== '__object' &&
+                !refName.startsWith('__object_') &&
+                !CLASSIFICATION_WRAPPERS.has(refName)) {
                 requiredTypes.add(refName);
             }
         });
-        const typeString = type;
+        const typeString = stripClassificationWrappers(type);
         const typeNameRegex = /\b[A-Z][a-zA-Z0-9]*\b/g;
         const potentialTypes = typeString.match(typeNameRegex) || [];
         potentialTypes.forEach((typeName) => {
@@ -46,12 +95,14 @@ export function generateCustomTypes(typesMap, requiredTypes) {
                 // Type not found in map (ambient/builtin type)
             }
         });
-        if (name === type)
+        if (name === typeString)
             return null;
-        return `export type ${name} = ${type}`;
+        return `export type ${name} = ${typeString}`;
     });
     const importsByPath = new Map();
     for (const typeName of requiredTypes) {
+        if (CLASSIFICATION_WRAPPERS.has(typeName))
+            continue;
         try {
             const typeMeta = typesMap.getTypeMeta(typeName);
             if (typeMeta.path) {

package/dist/utils/ensure-function-metadata.js

@@ -192,7 +192,7 @@ export function ensureFunctionMetadata(state, pikkuFuncId, fallbackName, funcIni
             const firstArg = pikkuFuncCall.arguments[0];
             if (firstArg && ts.isObjectLiteralExpression(firstArg)) {
                 if (!meta.tags) {
-                    const { tags } = getCommonWireMetaData(firstArg, 'Function', fallbackName || pikkuFuncId);
+                    const { tags } = getCommonWireMetaData(firstArg, 'Function', fallbackName || pikkuFuncId, undefined, checker);
                     if (tags) {
                         meta.tags = tags;
                     }

package/dist/utils/extract-node-value.d.ts

@@ -8,7 +8,7 @@ export declare function extractStringLiteral(node: ts.Node, checker: ts.TypeChec
 /**
  * Check if node is string-like (string literal or template expression)
  */
-export declare function isStringLike(node: ts.Node, _checker: ts.TypeChecker): boolean;
+export declare function isStringLike(node: ts.Node, checker: ts.TypeChecker): boolean;
 /**
  * Check if node is function-like (arrow, function expression, or function declaration)
  */

package/dist/utils/extract-node-value.js

@@ -24,6 +24,11 @@ export function extractStringLiteral(node, checker) {
     if (ts.isAsExpression(node) || ts.isTypeAssertionExpression(node)) {
         return extractStringLiteral(node.expression, checker);
     }
+    if (ts.isBinaryExpression(node) &&
+        node.operatorToken.kind === ts.SyntaxKind.PlusToken) {
+        return (extractStringLiteral(node.left, checker) +
+            extractStringLiteral(node.right, checker));
+    }
     // Try to evaluate constant identifiers
     if (ts.isIdentifier(node)) {
         const symbol = checker.getSymbolAtLocation(node);
@@ -40,7 +45,7 @@ export function extractStringLiteral(node, checker) {
 /**
  * Check if node is string-like (string literal or template expression)
  */
-export function isStringLike(node, _checker) {
+export function isStringLike(node, checker) {
     if (ts.isStringLiteral(node) || ts.isNoSubstitutionTemplateLiteral(node)) {
         return true;
     }
@@ -48,6 +53,10 @@ export function isStringLike(node, _checker) {
     if (ts.isTemplateExpression(node)) {
         return true;
     }
+    // Unwrap type assertions: `expr as Type` or `<Type>expr`
+    if (ts.isAsExpression(node) || ts.isTypeAssertionExpression(node)) {
+        return isStringLike(node.expression, checker);
+    }
     return false;
 }
 /**

package/dist/utils/get-property-value.d.ts

@@ -25,7 +25,7 @@ export declare const getPropertyValue: (obj: ts.ObjectLiteralExpression, propert
  */
 export declare const getCommonWireMetaData: (obj: ts.ObjectLiteralExpression, wiringType: string, wiringName: string | null, logger?: {
     critical: (code: ErrorCode, message: string) => void;
-}) => {
+}, checker?: ts.TypeChecker) => {
     disabled?: true;
     title?: string;
     tags?: string[];

package/dist/utils/get-property-value.js

@@ -1,5 +1,6 @@
 import * as ts from 'typescript';
 import { ErrorCode } from '../error-codes.js';
+import { extractStringLiteral } from './extract-node-value.js';
 /**
  * Extracts an array of strings from an object property.
  */
@@ -94,7 +95,7 @@ export const getPropertyValue = (obj, propertyName) => {
  * @param logger - Optional logger instance; if not provided, uses console.error
  * @returns Object containing the common wire metadata fields
  */
-export const getCommonWireMetaData = (obj, wiringType, wiringName, logger) => {
+export const getCommonWireMetaData = (obj, wiringType, wiringName, logger, checker) => {
     const metadata = {};
     assertStringLiteralProperty(obj, 'name', wiringType, logger);
     obj.properties.forEach((prop) => {
@@ -104,16 +105,41 @@ export const getCommonWireMetaData = (obj, wiringType, wiringName, logger) => {
                 prop.initializer.kind === ts.SyntaxKind.TrueKeyword) {
                 metadata.disabled = true;
             }
-            else if (propName === 'title' && ts.isStringLiteral(prop.initializer)) {
-                metadata.title = prop.initializer.text;
+            else if (propName === 'title') {
+                try {
+                    metadata.title = checker
+                        ? extractStringLiteral(prop.initializer, checker)
+                        : ts.isStringLiteral(prop.initializer)
+                            ? prop.initializer.text
+                            : undefined;
+                }
+                catch {
+                    // non-static title — skip
+                }
             }
-            else if (propName === 'summary' &&
-                ts.isStringLiteral(prop.initializer)) {
-                metadata.summary = prop.initializer.text;
+            else if (propName === 'summary') {
+                try {
+                    metadata.summary = checker
+                        ? extractStringLiteral(prop.initializer, checker)
+                        : ts.isStringLiteral(prop.initializer)
+                            ? prop.initializer.text
+                            : undefined;
+                }
+                catch {
+                    // non-static summary — skip
+                }
             }
-            else if (propName === 'description' &&
-                ts.isStringLiteral(prop.initializer)) {
-                metadata.description = prop.initializer.text;
+            else if (propName === 'description') {
+                try {
+                    metadata.description = checker
+                        ? extractStringLiteral(prop.initializer, checker)
+                        : ts.isStringLiteral(prop.initializer)
+                            ? prop.initializer.text
+                            : undefined;
+                }
+                catch {
+                    // non-static description — skip
+                }
             }
             else if (propName === 'tags') {
                 if (ts.isArrayLiteralExpression(prop.initializer)) {