npm - @powerhousedao/reactor-api - Versions diffs - 6.2.0-dev.2 → 6.2.0-dev.20 - Mend

@powerhousedao/reactor-api 6.2.0-dev.2 → 6.2.0-dev.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +0 -2
package/dist/index.d.mts +148 -178
package/dist/index.d.mts.map +1 -1
package/dist/index.mjs +536 -524
package/dist/index.mjs.map +1 -1
package/dist/src/packages/vite-loader.mjs +3 -3
package/dist/src/packages/vite-loader.mjs.map +1 -1
package/dist/utils-Dh9tl892.mjs +530 -0
package/dist/utils-Dh9tl892.mjs.map +1 -0
package/package.json +13 -13
package/dist/utils-BFkbSO_H.mjs +0 -296
package/dist/utils-BFkbSO_H.mjs.map +0 -1

package/README.md CHANGED Viewed

@@ -73,8 +73,6 @@ type Options = {
   packages?: string[];
   auth?: {
     enabled: boolean;
-    guests: string[];
-    users: string[];
     admins: string[];
   };
   https?:

package/dist/index.d.mts CHANGED Viewed

@@ -200,35 +200,6 @@ declare class DocumentPermissionService {
    * Delete all permissions for a document (used when deleting a document)
    */
   deleteAllDocumentPermissions(documentId: string): Promise<void>;
-  /**
-   * Check if a user can read a document.
-   * Returns true if user has READ, WRITE, or ADMIN permission (direct or via group)
-   */
-  canReadDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
-  /**
-   * Check if a user can write to a document.
-   * Returns true if user has WRITE or ADMIN permission (direct or via group)
-   */
-  canWriteDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
-  /**
-   * Check if a user can manage a document (change permissions, settings).
-   * Returns true if user has ADMIN permission (direct or via group)
-   */
-  canManageDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
-  /**
-   * Check if a user can read a document, including parent permission inheritance.
-   * Returns true if user has permission on the document OR any parent in the hierarchy.
-   */
-  canRead(documentId: string, userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<boolean>;
-  /**
-   * Check if a user can write to a document, including parent permission inheritance.
-   * Returns true if user has write permission on the document OR any parent in the hierarchy.
-   */
-  canWrite(documentId: string, userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<boolean>;
-  /**
-   * Filter a list of document IDs to only include those the user can read.
-   */
-  filterReadableDocuments(documentIds: string[], userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<string[]>;
   /**
    * Create a new group
    */
@@ -302,10 +273,10 @@ declare class DocumentPermissionService {
    */
   getOperationGroupPermissions(documentId: string, operationType: string): Promise<OperationGroupPermissionEntry[]>;
   /**
-   * Check if a user can execute a specific operation on a document.
-   * Returns true if user has direct permission or is in a group with permission.
+   * Whether an operation-permission row exists for the user on this
+   * operation, either directly or via a group the user belongs to.
    */
-  canExecuteOperation(documentId: string, operationType: string, userAddress: string | undefined): Promise<boolean>;
+  hasOperationGrant(documentId: string, operationType: string, userAddress: string): Promise<boolean>;
   /**
    * Check if an operation has any permissions set (is restricted)
    */
@@ -352,73 +323,80 @@ declare class DocumentPermissionService {
 }
 //#endregion
 //#region src/services/authorization.service.d.ts
+/**
+ * A document id that has been resolved to its canonical form, never a slug.
+ *
+ * Protection and grant rows are written under the canonical id, while the
+ * read/operation data paths accept an id-or-slug identifier. The decision layer
+ * must key on the canonical id, so branding it forces every caller to resolve a
+ * slug to its id before consulting this service, closing the slug-aliasing
+ * bypass (S-C1). The only sanctioned cast from string to CanonicalDocumentId
+ * lives in the BaseSubgraph resolution helpers, immediately after the shared
+ * resolveIdOrSlug lookup returns.
+ */
+type CanonicalDocumentId = string & {
+  readonly __canonicalDocumentId: unique symbol;
+};
+/**
+ * Result of a passed per-document authorization check. `fetchIdentifier` is
+ * always safe for the data fetch: the canonical id when resolved, or the raw
+ * identifier when the check was skipped for a policy-wide caller.
+ */
+declare class AuthorizedDocumentHandle {
+  readonly fetchIdentifier: string;
+  readonly isResolved: boolean;
+  private constructor();
+  static resolved(documentId: CanonicalDocumentId): AuthorizedDocumentHandle;
+  static skipped(identifier: string): AuthorizedDocumentHandle;
+  /** The verified canonical id; throws when resolution was skipped. */
+  canonicalId(): CanonicalDocumentId;
+}
+declare const AuthorizationPolicy: {
+  readonly OPEN: "OPEN";
+  readonly ADMIN_ONLY: "ADMIN_ONLY";
+  readonly DOCUMENT_PERMISSIONS: "DOCUMENT_PERMISSIONS";
+};
+type AuthorizationPolicy = (typeof AuthorizationPolicy)[keyof typeof AuthorizationPolicy];
 interface AuthorizationConfig {
   admins: string[];
   defaultProtection: boolean;
+  policy: AuthorizationPolicy;
 }
 /**
- * Central authorization service — single source of truth for all permission checks.
+ * Single source of truth for every permission decision. Always present (never
+ * null) so callers branch on data, not on the existence of a service.
  *
- * Authorization model:
- * 1. Supreme admin (ADMINS env) → ALLOW ALL
- * 2. Is document protected?
- *    a. NOT protected:
- *       - READ: anyone (even anonymous) → ALLOW
- *       - WRITE: authenticated user → ALLOW
- *    b. PROTECTED:
- *       - READ: requires explicit READ/WRITE/ADMIN grant (direct or via group/parent)
- *       - WRITE: requires explicit WRITE/ADMIN grant (direct or via group/parent)
- * 3. Operation restricted? → Check OperationUserPermission
- * 4. Document owner = implicit ADMIN
- * 5. Drive protected = all children effectively protected
+ * The policy selects an implementation once at boot:
+ * - OPEN: authentication disabled — everyone (incl. anonymous) is allowed.
+ * - ADMIN_ONLY: authentication on, document permissions off — only ADMINS.
+ * - DOCUMENT_PERMISSIONS: the full per-document protection + grant model.
+ *
+ * Permission inheritance walks the parent-document hierarchy through a
+ * parent resolver injected at construction; callers never supply one.
  */
-declare class AuthorizationService {
-  private readonly documentPermissionService;
+interface IAuthorizationService {
   readonly config: AuthorizationConfig;
-  constructor(documentPermissionService: DocumentPermissionService, config: AuthorizationConfig);
   /**
-   * Check if a user is a supreme admin (from ADMINS env var).
+   * Whether the user has unrestricted, policy-wide access. Under OPEN this is
+   * true for everyone (including anonymous callers) by design: OPEN means "no
+   * restrictions", and consumers use this check to skip per-document
+   * filtering. It does NOT mean the caller is in the ADMINS list.
    */
   isSupremeAdmin(userAddress?: string): boolean;
   /**
-   * Check if a user can read a document.
-   *
-   * - Supreme admin → yes
-   * - Not protected → anyone can read (even anonymous)
-   * - Protected → requires READ/WRITE/ADMIN grant (direct, group, or parent inheritance)
-   * - Owner → yes (implicit ADMIN)
-   */
-  canRead(documentId: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
-  /**
-   * Check if a user can write to a document.
-   *
-   * - Supreme admin → yes
-   * - Not protected → anyone can write (even anonymous)
-   * - Protected → requires authentication + WRITE/ADMIN grant
-   * - Owner → yes (implicit ADMIN)
-   */
-  canWrite(documentId: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
-  /**
-   * Check if a user can manage a document (change permissions, protection, transfer ownership).
-   *
-   * - Supreme admin → yes
-   * - Owner → yes
-   * - Has ADMIN grant → yes
+   * Whether the user may create new documents under the current policy:
+   * everyone in OPEN, only admins in ADMIN_ONLY, any authenticated user in
+   * DOCUMENT_PERMISSIONS.
    */
-  canManage(documentId: string, userAddress?: string, _getParentIds?: GetParentIdsFn): Promise<boolean>;
+  canCreate(userAddress?: string): boolean;
+  canRead(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
+  canWrite(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
   /**
-   * Check if a user can execute a specific operation.
-   * If the operation is not restricted, falls through to the standard write check.
-   * If the operation is restricted, requires an explicit OperationUserPermission grant.
+   * Whether the user administers the document: supreme admin, document
+   * owner, or holder of an ADMIN grant (direct or via group).
    */
-  canExecuteOperation(documentId: string, operationType: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
-  /**
-   * Combined check for mutations: can the user write + execute the operation?
-   * This enables READ-only users with operation grants to execute specific operations.
-   * For restricted operations, only the operation grant is checked (bypasses write check),
-   * allowing READ-only users with an explicit operation grant to execute that operation.
-   */
-  canMutate(documentId: string, operationType: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
+  canManage(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
+  canMutate(documentId: CanonicalDocumentId, operationType: string, userAddress?: string): Promise<boolean>;
 }
 //#endregion
 //#region src/graphql/types.d.ts
@@ -428,14 +406,11 @@ type Context = {
   document?: PHDocument;
   headers: IncomingHttpHeaders;
   db: unknown;
-  isAdmin?: (address: string) => boolean;
   user?: {
     address: string;
     chainId: number;
     networkId: string;
   };
-  documentPermissionService?: DocumentPermissionService;
-  authorizationService?: AuthorizationService;
 };
 type ISubgraph = {
   name: string;
@@ -454,7 +429,7 @@ type SubgraphArgs = {
   graphqlManager: GraphQLManager$1;
   syncManager: ISyncManager;
   documentPermissionService?: DocumentPermissionService;
-  authorizationService?: AuthorizationService;
+  authorizationService: IAuthorizationService;
   path?: string;
 };
 type GqlSigner = {
@@ -516,6 +491,7 @@ type GqlDriveDocument = GqlDocument & {
 //#endregion
 //#region src/graphql/base-subgraph.d.ts
 declare class BaseSubgraph implements ISubgraph$1 {
+  #private;
   name: string;
   path: string;
   resolvers: Record<string, any>;
@@ -525,15 +501,47 @@ declare class BaseSubgraph implements ISubgraph$1 {
   relationalDb: IRelationalDb;
   syncManager: ISyncManager;
   documentPermissionService?: DocumentPermissionService;
-  authorizationService?: AuthorizationService;
+  authorizationService: IAuthorizationService;
   constructor(args: SubgraphArgs$1);
   onSetup(): Promise<void>;
-  protected getParentIdsFn(): GetParentIdsFn;
-  protected hasGlobalAdminAccess(ctx: Context): boolean;
-  protected canReadDocument(documentId: string, ctx: Context): Promise<boolean>;
-  protected assertCanRead(documentId: string, ctx: Context): Promise<void>;
-  protected assertCanWrite(documentId: string, ctx: Context): Promise<void>;
-  protected assertCanExecuteOperation(documentId: string, operationType: string, ctx: Context): Promise<void>;
+  /**
+   * Resolves a caller-supplied identifier (id or slug) to its canonical
+   * document id, memoized per request. Both the decision layer and the data
+   * layer must agree on the subject, so this runs the same resolveIdOrSlug
+   * lookup the data path uses. A resolution failure (not found, ambiguous, or
+   * transient) surfaces as a generic Forbidden, fail-closed, so a bad
+   * identifier cannot be used as a document-existence oracle.
+   */
+  resolveCanonicalDocumentId(identifier: string, requestKey: object): Promise<CanonicalDocumentId>;
+  /**
+   * Resolves the args' `documentId` to canonical form. Unconditional (unlike the
+   * assertCan* helpers, no admin skip): ACL rows are keyed on the canonical id.
+   */
+  withCanonicalDocumentId<T extends {
+    documentId: string;
+  }>(args: T, requestKey: object): Promise<T & {
+    documentId: CanonicalDocumentId;
+  }>;
+  /**
+   * Read filter for an already-canonical document id (one sourced from the data
+   * layer, such as a fetched document's id). Performs no slug resolution.
+   */
+  canReadDocument(documentId: CanonicalDocumentId, ctx: Context): Promise<boolean>;
+  /**
+   * Asserts read access, resolving a slug first. Returns a handle whose
+   * `fetchIdentifier` the caller reuses for the data fetch; a denial throws.
+   */
+  assertCanRead(identifier: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
+  assertCanWrite(identifier: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
+  assertCanExecuteOperation(identifier: string, operationType: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
+  /**
+   * Read assertion for an already-canonical document id. No slug resolution;
+   * use only with ids sourced from the data layer or already resolved.
+   */
+  assertCanReadCanonical(documentId: CanonicalDocumentId, ctx: Context): Promise<void>;
+  assertCanWriteCanonical(documentId: CanonicalDocumentId, ctx: Context): Promise<void>;
+  assertCanExecuteOperationCanonical(documentId: CanonicalDocumentId, operationType: string, ctx: Context): Promise<void>;
+  assertCanCreate(ctx: Context): void;
 }
 //#endregion
 //#region src/graphql/analytics-subgraph.d.ts
@@ -676,7 +684,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<DocumentProtectionInfo>;
       transferDocumentOwnership: (_parent: unknown, args: {
         documentId: string;
@@ -685,7 +692,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<DocumentProtectionInfo>;
       grantDocumentPermission: (_parent: unknown, args: {
         documentId: string;
@@ -695,7 +701,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<{
         documentId: string;
         userAddress: string;
@@ -711,7 +716,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<boolean>;
       createGroup: (_parent: unknown, args: {
         name: string;
@@ -736,7 +740,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<DocumentGroupPermission>;
       revokeGroupPermission: (_parent: unknown, args: {
         documentId: string;
@@ -745,7 +748,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<boolean>;
       grantOperationPermission: (_parent: unknown, args: {
         documentId: string;
@@ -755,7 +757,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<OperationUserPermission>;
       revokeOperationPermission: (_parent: unknown, args: {
         documentId: string;
@@ -765,7 +766,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<boolean>;
       grantGroupOperationPermission: (_parent: unknown, args: {
         documentId: string;
@@ -775,7 +775,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<OperationGroupPermission>;
       revokeGroupOperationPermission: (_parent: unknown, args: {
         documentId: string;
@@ -785,7 +784,6 @@ declare class AuthSubgraph extends BaseSubgraph {
         user?: {
           address: string;
         };
-        isAdmin?: (address: string) => boolean;
       }) => Promise<boolean>;
     };
     Group: {
@@ -811,8 +809,8 @@ declare class AuthSubgraph extends BaseSubgraph {
 interface AuthConfig {
   enabled: boolean;
   admins: string[];
-  cacheTtl?: number;
   skipCredentialVerification?: boolean;
+  credentialVerificationCacheTtlMs?: number;
 }
 interface User {
   address: string;
@@ -826,6 +824,7 @@ interface AuthContext {
 }
 declare class AuthService {
   private readonly config;
+  private readonly credentialCache;
   constructor(config: AuthConfig);
   authenticateRequest(request: globalThis.Request): Promise<AuthContext | globalThis.Response>;
   /**
@@ -843,27 +842,28 @@ declare class AuthService {
    */
   private extractUserFromVerification;
   /**
-   * Get additional context fields for GraphQL
+   * Verify that the credential still exists on the Renown API.
+   *
+   * Results are cached per (address, chainId, issuer) for a short TTL so the
+   * blocking external round-trip is not paid on every request. Concurrent
+   * checks for the same key share a single in-flight request, and entries
+   * that resolve to false are evicted immediately so failed or revoked
+   * credentials are re-checked on the next request.
    */
-  getAdditionalContextFields(): {
-    isAdmin: (address: string) => boolean;
-  };
+  private verifyCredentialExists;
   /**
-   * Get user context for GraphQL
+   * Enforce the cache size cap before inserting a new entry: drop expired
+   * entries first, then evict oldest-inserted entries (insertion order
+   * matches expiry order since the TTL is constant) until under the cap, so
+   * a flood of distinct keys cannot grow the map without bound.
    */
-  getUserContext(user?: User): {
-    user?: undefined;
-  } | {
-    user: {
-      address: string;
-      chainId: number;
-      networkId: string;
-    };
-  };
+  private pruneCredentialCache;
   /**
-   * Verify that the credential still exists on the Renown API
+   * Fetch the credential from the Renown API and validate it against the
+   * expected address, chainId and issuer. Never throws; returns false on any
+   * network or validation failure.
    */
-  private verifyCredentialExists;
+  private fetchCredentialExists;
 }
 //#endregion
 //#region src/graphql/gateway/types.d.ts
@@ -1016,16 +1016,14 @@ declare class GraphQLManager {
   private readonly logger;
   private readonly httpAdapter;
   private readonly gatewayAdapter;
-  private readonly authConfig?;
+  private readonly authService?;
   private readonly documentPermissionService?;
   private readonly featureFlags;
   private readonly port;
-  private readonly authorizationService?;
   private initialized;
   private coreSubgraphsMap;
   private contextFields;
   private readonly subgraphs;
-  private authService;
   private readonly subgraphWsDisposers;
   readonly driveOwnershipCache: DriveOwnershipCache;
   /** Cached document models for schema generation - updated on init and regenerate */
@@ -1037,7 +1035,8 @@ declare class GraphQLManager {
    * it for reactor-drive parents.
    */
   readonly reactorDriveClient?: IDriveClient;
-  constructor(path: string, httpServer: http.Server, wsServer: WebSocketServer, reactorClient: IReactorClient, relationalDb: IRelationalDb, analyticsStore: IAnalyticsStore, syncManager: ISyncManager, logger: ILogger, httpAdapter: IHttpAdapter, gatewayAdapter: IGatewayAdapter<Context$1>, authConfig?: AuthConfig | undefined, documentPermissionService?: DocumentPermissionService | undefined, featureFlags?: GraphqlManagerFeatureFlags, port?: number, authorizationService?: AuthorizationService | undefined, reactorDriveClient?: IDriveClient);
+  private readonly authorizationService;
+  constructor(path: string, httpServer: http.Server, wsServer: WebSocketServer, reactorClient: IReactorClient, relationalDb: IRelationalDb, analyticsStore: IAnalyticsStore, syncManager: ISyncManager, logger: ILogger, httpAdapter: IHttpAdapter, gatewayAdapter: IGatewayAdapter<Context$1>, authService?: AuthService | undefined, documentPermissionService?: DocumentPermissionService | undefined, featureFlags?: GraphqlManagerFeatureFlags, port?: number, authorizationService?: IAuthorizationService, reactorDriveClient?: IDriveClient);
   init(coreSubgraphs: SubgraphClass$1[], authMiddleware?: AuthFetchMiddleware): Promise<void>;
   /**
    * Regenerate document model subgraphs when models are dynamically loaded.
@@ -1053,6 +1052,12 @@ declare class GraphQLManager {
    * Get the base path used for subgraph registration.
    */
   getBasePath(): string;
+  /**
+   * Get the authorization service shared with subgraphs. Use this when
+   * constructing a subgraph instance externally for
+   * {@link registerSubgraphInstance}.
+   */
+  getAuthorizationService(): IAuthorizationService;
   registerSubgraph(subgraph: SubgraphClass$1, supergraph?: string, core?: boolean): Promise<ISubgraph$1>;
   updateRouter: (immediate?: boolean) => Promise<void>;
   private _updateRouter;
@@ -1091,6 +1096,10 @@ interface IReactorProcessorHostModule extends IProcessorHostModule {
   client: IReactorClient;
   attachments: IAttachmentClient;
 }
+type ReadinessGate = {
+  isReady: () => boolean;
+  markReady: () => void;
+};
 type API = {
   httpAdapter: IHttpAdapter;
   graphqlManager: GraphQLManager$1;
@@ -1323,7 +1332,6 @@ type Scalars = {
   };
 };
 type Action = {
-  readonly attachments?: Maybe<ReadonlyArray<Attachment>>;
   readonly context?: Maybe<ActionContext>;
   readonly id: Scalars["String"]["output"];
   readonly input: Scalars["JSONObject"]["output"];
@@ -1338,7 +1346,6 @@ type ActionContextInput = {
   readonly signer?: InputMaybe<ReactorSignerInput>;
 };
 type ActionInput = {
-  readonly attachments?: InputMaybe<ReadonlyArray<AttachmentInput>>;
   readonly context?: InputMaybe<ActionContextInput>;
   readonly id: Scalars["String"]["input"];
   readonly input: Scalars["JSONObject"]["input"];
@@ -1346,20 +1353,6 @@ type ActionInput = {
   readonly timestampUtcMs: Scalars["String"]["input"];
   readonly type: Scalars["String"]["input"];
 };
-type Attachment = {
-  readonly data: Scalars["String"]["output"];
-  readonly extension?: Maybe<Scalars["String"]["output"]>;
-  readonly fileName?: Maybe<Scalars["String"]["output"]>;
-  readonly hash: Scalars["String"]["output"];
-  readonly mimeType: Scalars["String"]["output"];
-};
-type AttachmentInput = {
-  readonly data: Scalars["String"]["input"];
-  readonly extension?: InputMaybe<Scalars["String"]["input"]>;
-  readonly fileName?: InputMaybe<Scalars["String"]["input"]>;
-  readonly hash: Scalars["String"]["input"];
-  readonly mimeType: Scalars["String"]["input"];
-};
 type ChannelMeta = {
   readonly id: Scalars["String"]["output"];
 };
@@ -1840,13 +1833,6 @@ type GetDocumentWithOperationsQuery = {
             readonly timestampUtcMs: string;
             readonly input: NonNullable<unknown>;
             readonly scope: string;
-            readonly attachments?: ReadonlyArray<{
-              readonly data: string;
-              readonly mimeType: string;
-              readonly hash: string;
-              readonly extension?: string | null | undefined;
-              readonly fileName?: string | null | undefined;
-            }> | null | undefined;
             readonly context?: {
               readonly signer?: {
                 readonly signatures: ReadonlyArray<string>;
@@ -1974,13 +1960,6 @@ type GetDocumentOperationsQuery = {
         readonly timestampUtcMs: string;
         readonly input: NonNullable<unknown>;
         readonly scope: string;
-        readonly attachments?: ReadonlyArray<{
-          readonly data: string;
-          readonly mimeType: string;
-          readonly hash: string;
-          readonly extension?: string | null | undefined;
-          readonly fileName?: string | null | undefined;
-        }> | null | undefined;
         readonly context?: {
           readonly signer?: {
             readonly signatures: ReadonlyArray<string>;
@@ -2278,13 +2257,6 @@ type PollSyncEnvelopesQuery = {
             readonly timestampUtcMs: string;
             readonly input: NonNullable<unknown>;
             readonly scope: string;
-            readonly attachments?: ReadonlyArray<{
-              readonly data: string;
-              readonly mimeType: string;
-              readonly hash: string;
-              readonly extension?: string | null | undefined;
-              readonly fileName?: string | null | undefined;
-            }> | null | undefined;
             readonly context?: {
               readonly signer?: {
                 readonly signatures: ReadonlyArray<string>;
@@ -2365,8 +2337,6 @@ type ResolversTypes = ResolversObject<{
   ActionContext: ResolverTypeWrapper<ActionContext>;
   ActionContextInput: ActionContextInput;
   ActionInput: ActionInput;
-  Attachment: ResolverTypeWrapper<Attachment>;
-  AttachmentInput: AttachmentInput;
   Boolean: ResolverTypeWrapper<Scalars["Boolean"]["output"]>;
   ChannelMeta: ResolverTypeWrapper<ChannelMeta>;
   ChannelMetaInput: ChannelMetaInput;
@@ -2425,8 +2395,6 @@ type ResolversParentTypes = ResolversObject<{
   ActionContext: ActionContext;
   ActionContextInput: ActionContextInput;
   ActionInput: ActionInput;
-  Attachment: Attachment;
-  AttachmentInput: AttachmentInput;
   Boolean: Scalars["Boolean"]["output"];
   ChannelMeta: ChannelMeta;
   ChannelMetaInput: ChannelMetaInput;
@@ -2477,7 +2445,6 @@ type ResolversParentTypes = ResolversObject<{
   ViewFilterInput: ViewFilterInput;
 }>;
 type ActionResolvers<ContextType = Context, ParentType extends ResolversParentTypes["Action"] = ResolversParentTypes["Action"]> = ResolversObject<{
-  attachments?: Resolver<Maybe<ReadonlyArray<ResolversTypes["Attachment"]>>, ParentType, ContextType>;
   context?: Resolver<Maybe<ResolversTypes["ActionContext"]>, ParentType, ContextType>;
   id?: Resolver<ResolversTypes["String"], ParentType, ContextType>;
   input?: Resolver<ResolversTypes["JSONObject"], ParentType, ContextType>;
@@ -2488,13 +2455,6 @@ type ActionResolvers<ContextType = Context, ParentType extends ResolversParentTy
 type ActionContextResolvers<ContextType = Context, ParentType extends ResolversParentTypes["ActionContext"] = ResolversParentTypes["ActionContext"]> = ResolversObject<{
   signer?: Resolver<Maybe<ResolversTypes["ReactorSigner"]>, ParentType, ContextType>;
 }>;
-type AttachmentResolvers<ContextType = Context, ParentType extends ResolversParentTypes["Attachment"] = ResolversParentTypes["Attachment"]> = ResolversObject<{
-  data?: Resolver<ResolversTypes["String"], ParentType, ContextType>;
-  extension?: Resolver<Maybe<ResolversTypes["String"]>, ParentType, ContextType>;
-  fileName?: Resolver<Maybe<ResolversTypes["String"]>, ParentType, ContextType>;
-  hash?: Resolver<ResolversTypes["String"], ParentType, ContextType>;
-  mimeType?: Resolver<ResolversTypes["String"], ParentType, ContextType>;
-}>;
 type ChannelMetaResolvers<ContextType = Context, ParentType extends ResolversParentTypes["ChannelMeta"] = ResolversParentTypes["ChannelMeta"]> = ResolversObject<{
   id?: Resolver<ResolversTypes["String"], ParentType, ContextType>;
 }>;
@@ -2676,7 +2636,6 @@ type TouchChannelResultResolvers<ContextType = Context, ParentType extends Resol
 type Resolvers<ContextType = Context> = ResolversObject<{
   Action?: ActionResolvers<ContextType>;
   ActionContext?: ActionContextResolvers<ContextType>;
-  Attachment?: AttachmentResolvers<ContextType>;
   ChannelMeta?: ChannelMetaResolvers<ContextType>;
   DateTime?: GraphQLScalarType;
   DeadLetterInfo?: DeadLetterInfoResolvers<ContextType>;
@@ -2716,7 +2675,6 @@ declare const PropagationModeSchema: z$1.ZodEnum<typeof PropagationMode>;
 declare const SyncEnvelopeTypeSchema: z$1.ZodEnum<typeof SyncEnvelopeType>;
 declare function ActionContextInputSchema(): z$1.ZodObject<Properties<ActionContextInput>>;
 declare function ActionInputSchema(): z$1.ZodObject<Properties<ActionInput>>;
-declare function AttachmentInputSchema(): z$1.ZodObject<Properties<AttachmentInput>>;
 declare function ChannelMetaInputSchema(): z$1.ZodObject<Properties<ChannelMetaInput>>;
 declare function DocumentOperationsFilterInputSchema(): z$1.ZodObject<Properties<DocumentOperationsFilterInput>>;
 declare function OperationContextInputSchema(): z$1.ZodObject<Properties<OperationContextInput>>;
@@ -3054,6 +3012,17 @@ type Options = {
   attachmentStoragePath?: string;
 };
 type ProcessorInitializer = ProcessorFactoryBuilder;
+/**
+ * Doc-perms require auth: with auth off no `user` is ever resolved, so every
+ * authorization check fails closed. Refuse to boot rather than run broken.
+ */
+declare function assertAuthRequiredForDocumentPermissions(authEnabled: boolean, documentPermissionsRequested: boolean): void;
+/**
+ * Refuses SKIP_CREDENTIAL_VERIFICATION at boot outside tests or an explicit
+ * opt-in: it removes the only binding between a token's claimed address and its
+ * signing key. Fail-closed — unset NODE_ENV counts as production.
+ */
+declare function assertSkipCredentialVerificationAllowed(authEnabled: boolean, skipCredentialVerification: boolean, env: NodeJS.ProcessEnv): void;
 /**
  * Initializes and starts the API server using an initializer function.
  * This function first loads packages to get document models, then calls the initializer function
@@ -3077,6 +3046,7 @@ declare function initializeAndStartAPI(clientInitializer: (documentModels: Docum
   client: IReactorClient;
   syncManager: ISyncManager;
   documentModelRegistry: IDocumentModelRegistry;
+  readiness: ReadinessGate;
 }>;
 //#endregion
 //#region src/utils/create-schema.d.ts
@@ -3112,5 +3082,5 @@ interface DocumentModelSchemaOptions {
  */
 declare function generateDocumentModelSchema(documentModel: DocumentModelGlobalState$1, options?: DocumentModelSchemaOptions): DocumentNode;
 //#endregion
-export { ADMIN_USERS, API, Action, ActionContext, ActionContextInput, ActionContextInputSchema, ActionContextResolvers, ActionInput, ActionInputSchema, ActionResolvers, AddRelationshipDocument, AddRelationshipMutation, AddRelationshipMutationVariables, AnalyticsSubgraph, Attachment, AttachmentInput, AttachmentInputSchema, AttachmentResolvers, AuthConfig, AuthContext, AuthFetchMiddleware, AuthService, AuthSubgraph, BaseSubgraph, ChannelMeta, ChannelMetaInput, ChannelMetaInputSchema, ChannelMetaResolvers, ClientInitializerResult, Context, CreateDocumentDocument, CreateDocumentMutation, CreateDocumentMutationVariables, CreateEmptyDocumentDocument, CreateEmptyDocumentMutation, CreateEmptyDocumentMutationVariables, DateTimeScalarConfig, DbClient, DeadLetterInfo, DeadLetterInfoResolvers, DeleteDocumentDocument, DeleteDocumentMutation, DeleteDocumentMutationVariables, DeleteDocumentsDocument, DeleteDocumentsMutation, DeleteDocumentsMutationVariables, DirectiveResolverFn, DocumentChangeContext, DocumentChangeContextResolvers, DocumentChangeEvent, DocumentChangeEventResolvers, DocumentChangeType, DocumentChangeTypeSchema, DocumentChangesDocument, DocumentChangesSubscription, DocumentChangesSubscriptionVariables, DocumentGroupPermissionEntry, DocumentGroupPermissionTable, DocumentModelGlobalState, DocumentModelGlobalStateResolvers, DocumentModelResultPage, DocumentModelResultPageResolvers, DocumentModelSchemaOptions, DocumentOperationsFilterInput, DocumentOperationsFilterInputSchema, DocumentPermissionConfig, DocumentPermissionDatabase, DocumentPermissionEntry, DocumentPermissionLevel, DocumentPermissionService, DocumentPermissionTable, DocumentProtectionTable, DocumentWithChildren, DocumentWithChildrenResolvers, Exact, FetchHandler, FindDocumentsDocument, FindDocumentsQuery, FindDocumentsQueryVariables, GatewayAdapterType, GatewayContextFactory, GetDocumentDocument, GetDocumentIncomingRelationshipsDocument, GetDocumentIncomingRelationshipsQuery, GetDocumentIncomingRelationshipsQueryVariables, GetDocumentModelsDocument, GetDocumentModelsQuery, GetDocumentModelsQueryVariables, GetDocumentOperationsDocument, GetDocumentOperationsQuery, GetDocumentOperationsQueryVariables, GetDocumentOutgoingRelationshipsDocument, GetDocumentOutgoingRelationshipsQuery, GetDocumentOutgoingRelationshipsQueryVariables, GetDocumentQuery, GetDocumentQueryVariables, GetDocumentWithOperationsDocument, GetDocumentWithOperationsQuery, GetDocumentWithOperationsQueryVariables, GetJobStatusDocument, GetJobStatusQuery, GetJobStatusQueryVariables, GetParentIdsFn, GqlDocument, GqlDriveDocument, GqlOperation, GqlOperationContext, GqlSigner, GqlSignerApp, GqlSignerUser, GraphQLManager, GraphqlManagerFeatureFlags, Group, GroupTable, HttpAdapterSetup, HttpAdapterType, HttpDocumentModelLoader, HttpPackageLoader, HttpPackageLoaderLogger, HttpPackageLoaderOptions, IGatewayAdapter, IHttpAdapter, type IPackageLoader, type IPackageLoaderOptions, IPackageStorage, IReactorProcessorHostModule, ISubgraph, ImportPackageLoader, InMemoryPackageStorage, Incremental, InputMaybe, InstallPackageResult, InstalledPackageInfo, IsTypeOfResolverFn, JobChangeEvent, JobChangeEventResolvers, JobChangesDocument, JobChangesSubscription, JobChangesSubscriptionVariables, JobInfo, JobInfoResolvers, JsonObjectScalarConfig, MakeEmpty, MakeMaybe, MakeOptional, Maybe, MoveRelationshipDocument, MoveRelationshipMutation, MoveRelationshipMutationVariables, MoveRelationshipResult, MoveRelationshipResultResolvers, MutateDocumentAsyncDocument, MutateDocumentAsyncMutation, MutateDocumentAsyncMutationVariables, MutateDocumentDocument, MutateDocumentMutation, MutateDocumentMutationVariables, Mutation, MutationAddRelationshipArgs, MutationCreateDocumentArgs, MutationCreateEmptyDocumentArgs, MutationDeleteDocumentArgs, MutationDeleteDocumentsArgs, MutationMoveRelationshipArgs, MutationMutateDocumentArgs, MutationMutateDocumentAsyncArgs, MutationPushSyncEnvelopesArgs, MutationRemoveRelationshipArgs, MutationRenameDocumentArgs, MutationResolvers, MutationSetPreferredEditorArgs, MutationTouchChannelArgs, NextResolverFn, OperationContext, OperationContextInput, OperationContextInputSchema, OperationContextResolvers, OperationGroupPermissionEntry, OperationGroupPermissionTable, OperationInput, OperationInputSchema, OperationUserPermissionEntry, OperationUserPermissionTable, OperationWithContext, OperationWithContextInput, OperationWithContextInputSchema, OperationWithContextResolvers, OperationsFilterInput, OperationsFilterInputSchema, PackageManagementService, PackageManagementServiceOptions, PackageManager, PackagesSubgraph, type PackagesSubgraphArgs, PagingInput, PagingInputSchema, type ParsedDriveUrl, PgliteFactory, PhDocument, PhDocumentFieldsFragment, PhDocumentFieldsFragmentDoc, PhDocumentOperationsArgs, PhDocumentResolvers, PhDocumentResultPage, PhDocumentResultPageResolvers, PollSyncEnvelopesDocument, PollSyncEnvelopesQuery, PollSyncEnvelopesQueryVariables, PollSyncEnvelopesResult, PollSyncEnvelopesResultResolvers, Processor, ProcessorDriveFactory, ProcessorFactoryBuilder, PropagationMode, PropagationModeSchema, PushSyncEnvelopesDocument, PushSyncEnvelopesMutation, PushSyncEnvelopesMutationVariables, Query, QueryDocumentArgs, QueryDocumentIncomingRelationshipsArgs, QueryDocumentModelsArgs, QueryDocumentOperationsArgs, QueryDocumentOutgoingRelationshipsArgs, QueryFindDocumentsArgs, QueryJobStatusArgs, QueryPollSyncEnvelopesArgs, QueryResolvers, ReactorModule, ReactorOperation, ReactorOperationResolvers, ReactorOperationResultPage, ReactorOperationResultPageResolvers, ReactorSigner, ReactorSignerApp, ReactorSignerAppInput, ReactorSignerAppInputSchema, ReactorSignerAppResolvers, ReactorSignerInput, ReactorSignerInputSchema, ReactorSignerResolvers, ReactorSignerUser, ReactorSignerUserInput, ReactorSignerUserInputSchema, ReactorSignerUserResolvers, ReactorSubgraph, RemoteCursor, RemoteCursorInput, RemoteCursorInputSchema, RemoteCursorResolvers, RemoteFilterInput, RemoteFilterInputSchema, RemoveRelationshipDocument, RemoveRelationshipMutation, RemoveRelationshipMutationVariables, RenameDocumentDocument, RenameDocumentMutation, RenameDocumentMutationVariables, Requester, RequireFields, Resolver, ResolverFn, ResolverTypeWrapper, ResolverWithResolve, Resolvers, ResolversObject, ResolversParentTypes, ResolversTypes, Revision, RevisionResolvers, Scalars, Sdk, SearchFilterInput, SearchFilterInputSchema, SetPreferredEditorDocument, SetPreferredEditorMutation, SetPreferredEditorMutationVariables, SubgraphArgs, SubgraphClass, SubgraphDefinition, Subscription, SubscriptionDocumentChangesArgs, SubscriptionJobChangesArgs, SubscriptionObject, SubscriptionResolveFn, SubscriptionResolver, SubscriptionResolverObject, SubscriptionResolvers, SubscriptionSubscribeFn, SubscriptionSubscriberObject, SyncEnvelope, SyncEnvelopeInput, SyncEnvelopeInputSchema, SyncEnvelopeResolvers, SyncEnvelopeType, SyncEnvelopeTypeSchema, SystemSubgraph, TlsOptions, TouchChannelDocument, TouchChannelInput, TouchChannelInputSchema, TouchChannelMutation, TouchChannelMutationVariables, TouchChannelResult, TouchChannelResultResolvers, TypeResolveFn, User, UserGroupTable, ViewFilterInput, ViewFilterInputSchema, WithIndex, WsContextFactory, WsDisposer, buildGraphQlDocument, buildGraphQlDriveDocument, buildGraphqlOperation, buildGraphqlOperations, buildSubgraphSchemaModule, createAuthFetchMiddleware, createGatewayAdapter, createHttpAdapter, createMergedSchema, createReactorGraphQLClient, createSchema, definedNonNullAnySchema, driveIdFromUrl, extractSubgraphsFromModule, generateDocumentModelSchema, getAuthContext, getDbClient, getDocumentModelSchemaName, getDocumentModelTypeDefs, getGitHash, getGitUrl, getSdk, getUniqueDocumentModels, getVersion, initAnalyticsStoreSql, initializeAndStartAPI, isDefinedNonNullAny, isExpectedLoaderMiss, isSubgraphClass, parseDriveUrl, renderGraphqlPlayground };
+export { ADMIN_USERS, API, Action, ActionContext, ActionContextInput, ActionContextInputSchema, ActionContextResolvers, ActionInput, ActionInputSchema, ActionResolvers, AddRelationshipDocument, AddRelationshipMutation, AddRelationshipMutationVariables, AnalyticsSubgraph, AuthConfig, AuthContext, AuthFetchMiddleware, AuthService, AuthSubgraph, type AuthorizationConfig, AuthorizationPolicy, AuthorizedDocumentHandle, BaseSubgraph, type CanonicalDocumentId, ChannelMeta, ChannelMetaInput, ChannelMetaInputSchema, ChannelMetaResolvers, ClientInitializerResult, Context, CreateDocumentDocument, CreateDocumentMutation, CreateDocumentMutationVariables, CreateEmptyDocumentDocument, CreateEmptyDocumentMutation, CreateEmptyDocumentMutationVariables, DateTimeScalarConfig, DbClient, DeadLetterInfo, DeadLetterInfoResolvers, DeleteDocumentDocument, DeleteDocumentMutation, DeleteDocumentMutationVariables, DeleteDocumentsDocument, DeleteDocumentsMutation, DeleteDocumentsMutationVariables, DirectiveResolverFn, DocumentChangeContext, DocumentChangeContextResolvers, DocumentChangeEvent, DocumentChangeEventResolvers, DocumentChangeType, DocumentChangeTypeSchema, DocumentChangesDocument, DocumentChangesSubscription, DocumentChangesSubscriptionVariables, DocumentGroupPermissionEntry, DocumentGroupPermissionTable, DocumentModelGlobalState, DocumentModelGlobalStateResolvers, DocumentModelResultPage, DocumentModelResultPageResolvers, DocumentModelSchemaOptions, DocumentOperationsFilterInput, DocumentOperationsFilterInputSchema, DocumentPermissionConfig, DocumentPermissionDatabase, DocumentPermissionEntry, DocumentPermissionLevel, DocumentPermissionService, DocumentPermissionTable, DocumentProtectionTable, DocumentWithChildren, DocumentWithChildrenResolvers, Exact, FetchHandler, FindDocumentsDocument, FindDocumentsQuery, FindDocumentsQueryVariables, GatewayAdapterType, GatewayContextFactory, GetDocumentDocument, GetDocumentIncomingRelationshipsDocument, GetDocumentIncomingRelationshipsQuery, GetDocumentIncomingRelationshipsQueryVariables, GetDocumentModelsDocument, GetDocumentModelsQuery, GetDocumentModelsQueryVariables, GetDocumentOperationsDocument, GetDocumentOperationsQuery, GetDocumentOperationsQueryVariables, GetDocumentOutgoingRelationshipsDocument, GetDocumentOutgoingRelationshipsQuery, GetDocumentOutgoingRelationshipsQueryVariables, GetDocumentQuery, GetDocumentQueryVariables, GetDocumentWithOperationsDocument, GetDocumentWithOperationsQuery, GetDocumentWithOperationsQueryVariables, GetJobStatusDocument, GetJobStatusQuery, GetJobStatusQueryVariables, GetParentIdsFn, GqlDocument, GqlDriveDocument, GqlOperation, GqlOperationContext, GqlSigner, GqlSignerApp, GqlSignerUser, GraphQLManager, GraphqlManagerFeatureFlags, Group, GroupTable, HttpAdapterSetup, HttpAdapterType, HttpDocumentModelLoader, HttpPackageLoader, HttpPackageLoaderLogger, HttpPackageLoaderOptions, type IAuthorizationService, IGatewayAdapter, IHttpAdapter, type IPackageLoader, type IPackageLoaderOptions, IPackageStorage, IReactorProcessorHostModule, ISubgraph, ImportPackageLoader, InMemoryPackageStorage, Incremental, InputMaybe, InstallPackageResult, InstalledPackageInfo, IsTypeOfResolverFn, JobChangeEvent, JobChangeEventResolvers, JobChangesDocument, JobChangesSubscription, JobChangesSubscriptionVariables, JobInfo, JobInfoResolvers, JsonObjectScalarConfig, MakeEmpty, MakeMaybe, MakeOptional, Maybe, MoveRelationshipDocument, MoveRelationshipMutation, MoveRelationshipMutationVariables, MoveRelationshipResult, MoveRelationshipResultResolvers, MutateDocumentAsyncDocument, MutateDocumentAsyncMutation, MutateDocumentAsyncMutationVariables, MutateDocumentDocument, MutateDocumentMutation, MutateDocumentMutationVariables, Mutation, MutationAddRelationshipArgs, MutationCreateDocumentArgs, MutationCreateEmptyDocumentArgs, MutationDeleteDocumentArgs, MutationDeleteDocumentsArgs, MutationMoveRelationshipArgs, MutationMutateDocumentArgs, MutationMutateDocumentAsyncArgs, MutationPushSyncEnvelopesArgs, MutationRemoveRelationshipArgs, MutationRenameDocumentArgs, MutationResolvers, MutationSetPreferredEditorArgs, MutationTouchChannelArgs, NextResolverFn, OperationContext, OperationContextInput, OperationContextInputSchema, OperationContextResolvers, OperationGroupPermissionEntry, OperationGroupPermissionTable, OperationInput, OperationInputSchema, OperationUserPermissionEntry, OperationUserPermissionTable, OperationWithContext, OperationWithContextInput, OperationWithContextInputSchema, OperationWithContextResolvers, OperationsFilterInput, OperationsFilterInputSchema, PackageManagementService, PackageManagementServiceOptions, PackageManager, PackagesSubgraph, type PackagesSubgraphArgs, PagingInput, PagingInputSchema, type ParsedDriveUrl, PgliteFactory, PhDocument, PhDocumentFieldsFragment, PhDocumentFieldsFragmentDoc, PhDocumentOperationsArgs, PhDocumentResolvers, PhDocumentResultPage, PhDocumentResultPageResolvers, PollSyncEnvelopesDocument, PollSyncEnvelopesQuery, PollSyncEnvelopesQueryVariables, PollSyncEnvelopesResult, PollSyncEnvelopesResultResolvers, Processor, ProcessorDriveFactory, ProcessorFactoryBuilder, PropagationMode, PropagationModeSchema, PushSyncEnvelopesDocument, PushSyncEnvelopesMutation, PushSyncEnvelopesMutationVariables, Query, QueryDocumentArgs, QueryDocumentIncomingRelationshipsArgs, QueryDocumentModelsArgs, QueryDocumentOperationsArgs, QueryDocumentOutgoingRelationshipsArgs, QueryFindDocumentsArgs, QueryJobStatusArgs, QueryPollSyncEnvelopesArgs, QueryResolvers, ReactorModule, ReactorOperation, ReactorOperationResolvers, ReactorOperationResultPage, ReactorOperationResultPageResolvers, ReactorSigner, ReactorSignerApp, ReactorSignerAppInput, ReactorSignerAppInputSchema, ReactorSignerAppResolvers, ReactorSignerInput, ReactorSignerInputSchema, ReactorSignerResolvers, ReactorSignerUser, ReactorSignerUserInput, ReactorSignerUserInputSchema, ReactorSignerUserResolvers, ReactorSubgraph, ReadinessGate, RemoteCursor, RemoteCursorInput, RemoteCursorInputSchema, RemoteCursorResolvers, RemoteFilterInput, RemoteFilterInputSchema, RemoveRelationshipDocument, RemoveRelationshipMutation, RemoveRelationshipMutationVariables, RenameDocumentDocument, RenameDocumentMutation, RenameDocumentMutationVariables, Requester, RequireFields, Resolver, ResolverFn, ResolverTypeWrapper, ResolverWithResolve, Resolvers, ResolversObject, ResolversParentTypes, ResolversTypes, Revision, RevisionResolvers, Scalars, Sdk, SearchFilterInput, SearchFilterInputSchema, SetPreferredEditorDocument, SetPreferredEditorMutation, SetPreferredEditorMutationVariables, SubgraphArgs, SubgraphClass, SubgraphDefinition, Subscription, SubscriptionDocumentChangesArgs, SubscriptionJobChangesArgs, SubscriptionObject, SubscriptionResolveFn, SubscriptionResolver, SubscriptionResolverObject, SubscriptionResolvers, SubscriptionSubscribeFn, SubscriptionSubscriberObject, SyncEnvelope, SyncEnvelopeInput, SyncEnvelopeInputSchema, SyncEnvelopeResolvers, SyncEnvelopeType, SyncEnvelopeTypeSchema, SystemSubgraph, TlsOptions, TouchChannelDocument, TouchChannelInput, TouchChannelInputSchema, TouchChannelMutation, TouchChannelMutationVariables, TouchChannelResult, TouchChannelResultResolvers, TypeResolveFn, User, UserGroupTable, ViewFilterInput, ViewFilterInputSchema, WithIndex, WsContextFactory, WsDisposer, assertAuthRequiredForDocumentPermissions, assertSkipCredentialVerificationAllowed, buildGraphQlDocument, buildGraphQlDriveDocument, buildGraphqlOperation, buildGraphqlOperations, buildSubgraphSchemaModule, createAuthFetchMiddleware, createGatewayAdapter, createHttpAdapter, createMergedSchema, createReactorGraphQLClient, createSchema, definedNonNullAnySchema, driveIdFromUrl, extractSubgraphsFromModule, generateDocumentModelSchema, getAuthContext, getDbClient, getDocumentModelSchemaName, getDocumentModelTypeDefs, getGitHash, getGitUrl, getSdk, getUniqueDocumentModels, getVersion, initAnalyticsStoreSql, initializeAndStartAPI, isDefinedNonNullAny, isExpectedLoaderMiss, isSubgraphClass, parseDriveUrl, renderGraphqlPlayground };
 //# sourceMappingURL=index.d.mts.map