@questpie/admin 3.2.7 → 3.3.0

package/dist/server/modules/admin/collections/verification.d.mts

@@ -1,57 +1,57 @@
-import * as questpie_shared55 from "questpie/shared";
-import * as questpie369 from "questpie";
-import * as questpie_src_server_modules_core_fields_email_js7 from "questpie/src/server/modules/core/fields/email.js";
-import * as questpie_src_server_modules_core_fields_json_js7 from "questpie/src/server/modules/core/fields/json.js";
-import * as drizzle_orm_pg_core122 from "drizzle-orm/pg-core";
-import * as drizzle_orm61 from "drizzle-orm";
+import * as questpie_shared67 from "questpie/shared";
+import * as questpie428 from "questpie";
+import * as questpie_src_server_modules_core_fields_email_js9 from "questpie/src/server/modules/core/fields/email.js";
+import * as questpie_src_server_modules_core_fields_json_js9 from "questpie/src/server/modules/core/fields/json.js";
+import * as drizzle_orm_pg_core141 from "drizzle-orm/pg-core";
+import * as drizzle_orm79 from "drizzle-orm";
 
 //#region src/server/modules/admin/collections/verification.d.ts
-declare const _default: questpie369.CollectionBuilder<questpie_shared55.Override<questpie369.EmptyCollectionState<"verification", undefined, {
-  readonly text: typeof questpie369.text;
-  readonly textarea: typeof questpie369.textarea;
-  readonly email: typeof questpie_src_server_modules_core_fields_email_js7.email;
-  readonly url: typeof questpie369.url;
-  readonly number: typeof questpie369.number;
-  readonly boolean: typeof questpie369.boolean;
-  readonly date: typeof questpie369.date;
-  readonly datetime: typeof questpie369.datetime;
-  readonly time: typeof questpie369.time;
-  readonly select: typeof questpie369.select;
-  readonly upload: typeof questpie369.upload;
-  readonly relation: typeof questpie369.relation;
-  readonly object: typeof questpie369.object;
-  readonly json: typeof questpie_src_server_modules_core_fields_json_js7.json;
-  readonly from: typeof questpie369.from;
+declare const _default: questpie428.CollectionBuilder<questpie_shared67.Override<questpie428.EmptyCollectionState<"verification", undefined, {
+  readonly text: typeof questpie428.text;
+  readonly textarea: typeof questpie428.textarea;
+  readonly email: typeof questpie_src_server_modules_core_fields_email_js9.email;
+  readonly url: typeof questpie428.url;
+  readonly number: typeof questpie428.number;
+  readonly boolean: typeof questpie428.boolean;
+  readonly date: typeof questpie428.date;
+  readonly datetime: typeof questpie428.datetime;
+  readonly time: typeof questpie428.time;
+  readonly select: typeof questpie428.select;
+  readonly upload: typeof questpie428.upload;
+  readonly relation: typeof questpie428.relation;
+  readonly object: typeof questpie428.object;
+  readonly json: typeof questpie_src_server_modules_core_fields_json_js9.json;
+  readonly from: typeof questpie428.from;
 }>, {
   name: "verification";
   fields: Record<string, any> & {
-    readonly identifier: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgVarcharBuilder<[string, ...string[]]>>;
-    readonly value: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgVarcharBuilder<[string, ...string[]]>>;
-    readonly expiresAt: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgTimestampBuilder>;
+    readonly identifier: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgVarcharBuilder<[string, ...string[]]>>;
+    readonly value: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgVarcharBuilder<[string, ...string[]]>>;
+    readonly expiresAt: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgTimestampBuilder>;
   };
   virtuals: undefined;
-  relations: Record<string, questpie369.RelationConfig>;
+  relations: Record<string, questpie428.RelationConfig>;
   indexes: Record<string, any>;
   title: "identifier";
-  options: questpie369.CollectionOptions & {
+  options: questpie428.CollectionOptions & {
     timestamps: true;
   };
   hooks: Record<string, any>;
   access: Record<string, any>;
   searchable: undefined;
   fieldDefinitions: {
-    readonly identifier: questpie369.FieldWithMethods<Omit<questpie369.TextFieldState, "notNull" | "column"> & {
+    readonly identifier: questpie428.FieldWithMethods<Omit<questpie428.TextFieldState, "notNull" | "column"> & {
       notNull: true;
-      column: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgVarcharBuilder<[string, ...string[]]>>;
-    }, questpie369.TextFieldMethods>;
-    readonly value: questpie369.FieldWithMethods<Omit<questpie369.TextFieldState, "notNull" | "column"> & {
+      column: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgVarcharBuilder<[string, ...string[]]>>;
+    }, questpie428.TextFieldMethods>;
+    readonly value: questpie428.FieldWithMethods<Omit<questpie428.TextFieldState, "notNull" | "column"> & {
       notNull: true;
-      column: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgVarcharBuilder<[string, ...string[]]>>;
-    }, questpie369.TextFieldMethods>;
-    readonly expiresAt: questpie369.FieldWithMethods<Omit<questpie369.DatetimeFieldState, "notNull" | "column"> & {
+      column: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgVarcharBuilder<[string, ...string[]]>>;
+    }, questpie428.TextFieldMethods>;
+    readonly expiresAt: questpie428.FieldWithMethods<Omit<questpie428.DatetimeFieldState, "notNull" | "column"> & {
       notNull: true;
-      column: drizzle_orm61.NotNull<drizzle_orm_pg_core122.PgTimestampBuilder>;
-    }, questpie369.DatetimeFieldMethods>;
+      column: drizzle_orm79.NotNull<drizzle_orm_pg_core141.PgTimestampBuilder>;
+    }, questpie428.DatetimeFieldMethods>;
   };
   upload: undefined;
   output: {};

package/dist/server/modules/admin/routes/admin-config.d.mts

@@ -1,4 +1,4 @@
-import * as questpie367 from "questpie";
+import * as questpie454 from "questpie";
 
 //#region src/server/modules/admin/routes/admin-config.d.ts
 
@@ -22,7 +22,7 @@ import * as questpie367 from "questpie";
  * Registered via module routes and exposed through the fetch handler.
  */
 declare const adminConfigFunctions: {
-  readonly getAdminConfig: questpie367.JsonRouteDefinition<Record<string, never> | undefined, any, questpie367.JsonRouteParams>;
+  readonly getAdminConfig: questpie454.JsonRouteDefinition<Record<string, never> | undefined, any, questpie454.JsonRouteParams>;
 };
 //#endregion
 export { adminConfigFunctions };

package/dist/server/modules/admin/routes/execute-action.d.mts

@@ -1,7 +1,7 @@
 import { ServerActionDefinition, ServerActionResult } from "../../../augmentation/actions.mjs";
 import "../../../augmentation.mjs";
 import { App } from "./route-helpers.mjs";
-import * as questpie64 from "questpie";
+import * as questpie121 from "questpie";
 
 //#region src/server/modules/admin/routes/execute-action.d.ts
 
@@ -56,37 +56,37 @@ declare function executeAction(app: App, request: ExecuteActionRequest, session?
  * });
  * ```
  */
-declare const executeActionFn: questpie64.JsonRouteDefinition<{
+declare const executeActionFn: questpie121.JsonRouteDefinition<{
   collection: string;
   actionId: string;
   itemId?: string | undefined;
   itemIds?: string[] | undefined;
   data?: Record<string, unknown> | undefined;
   locale?: string | undefined;
-}, any, questpie64.JsonRouteParams>;
+}, any, questpie121.JsonRouteParams>;
 /**
  * Get actions configuration for a collection.
  * Returns action definitions without handlers for client rendering.
  */
-declare const getActionsConfigFn: questpie64.JsonRouteDefinition<{
+declare const getActionsConfigFn: questpie121.JsonRouteDefinition<{
   collection: string;
-}, any, questpie64.JsonRouteParams>;
+}, any, questpie121.JsonRouteParams>;
 /**
  * QUESTPIE functions for action execution.
  * These are registered on the `adminModule`.
  */
 declare const actionFunctions: {
-  executeAction: questpie64.JsonRouteDefinition<{
+  executeAction: questpie121.JsonRouteDefinition<{
     collection: string;
     actionId: string;
     itemId?: string | undefined;
     itemIds?: string[] | undefined;
     data?: Record<string, unknown> | undefined;
     locale?: string | undefined;
-  }, any, questpie64.JsonRouteParams>;
-  getActionsConfig: questpie64.JsonRouteDefinition<{
+  }, any, questpie121.JsonRouteParams>;
+  getActionsConfig: questpie121.JsonRouteDefinition<{
     collection: string;
-  }, any, questpie64.JsonRouteParams>;
+  }, any, questpie121.JsonRouteParams>;
 };
 //#endregion
 export { ExecuteActionRequest, ExecuteActionResponse, actionFunctions, executeAction, executeActionFn, getActionsConfig, getActionsConfigFn };

package/dist/server/modules/admin/routes/locales.d.mts

@@ -1,4 +1,4 @@
-import * as questpie395 from "questpie";
+import * as questpie456 from "questpie";
 
 //#region src/server/modules/admin/routes/locales.d.ts
 
@@ -12,7 +12,7 @@ import * as questpie395 from "questpie";
  * Bundle of locale-related functions.
  */
 declare const localeFunctions: {
-  readonly getContentLocales: questpie395.JsonRouteDefinition<Record<string, never> | undefined, any, questpie395.JsonRouteParams>;
+  readonly getContentLocales: questpie456.JsonRouteDefinition<Record<string, never> | undefined, any, questpie456.JsonRouteParams>;
 };
 //#endregion
 export { localeFunctions };

package/dist/server/modules/admin/routes/preview.d.mts

@@ -1,4 +1,4 @@
-import * as questpie88 from "questpie";
+import * as questpie141 from "questpie";
 
 //#region src/server/modules/admin/routes/preview.d.ts
 
@@ -10,6 +10,9 @@ import * as questpie88 from "questpie";
  *
  * Browser-safe utilities (isDraftMode, createDraftModeCookie, etc.) are in @questpie/admin/shared
  */
+type PreviewSecretResolverContext = Record<string, any>;
+type PreviewSecretResolver = (ctx: PreviewSecretResolverContext) => string | Promise<string>;
+type PreviewSecretSource = string | PreviewSecretResolver;
 interface PreviewTokenPayload {
   path: string;
   exp: number;
@@ -17,17 +20,18 @@ interface PreviewTokenPayload {
 /**
  * Create preview-related RPC functions.
  *
- * @param secret - Secret key for signing tokens
+ * @param secret - Secret key or resolver for signing tokens. Defaults to
+ *   `app.config.secret` from the current route context.
  * @returns Object with preview functions
  */
-declare function createPreviewFunctions(secret: string): {
-  mintPreviewToken: questpie88.JsonRouteDefinition<{
+declare function createPreviewFunctions(secret?: PreviewSecretSource): {
+  mintPreviewToken: questpie141.JsonRouteDefinition<{
     path: string;
     ttlMs?: number | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  verifyPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie141.JsonRouteParams>;
+  verifyPreviewToken: questpie141.JsonRouteDefinition<{
     token: string;
-  }, any, questpie88.JsonRouteParams>;
+  }, any, questpie141.JsonRouteParams>;
 };
 /**
  * Verify a preview token without RPC.
@@ -37,44 +41,45 @@ declare function createPreviewFunctions(secret: string): {
  * @param secret - The secret used to sign the token
  * @returns The payload if valid, null otherwise
  */
-declare function verifyPreviewTokenDirect(token: string, secret: string): PreviewTokenPayload | null;
+declare function verifyPreviewTokenDirect(token: string, secret: string): Promise<PreviewTokenPayload | null>;
 /**
  * Create a preview token verifier with bound secret.
  * Use this in route handlers to avoid passing secret repeatedly.
  *
- * @param secret - The secret used to sign tokens (optional, uses env if not provided)
+ * @param secret - The secret used to sign tokens.
  * @returns A verify function that only needs the token
  *
  * @example
  * ```ts
  * // Create once at module level
- * const verifyPreviewToken = createPreviewTokenVerifier();
+ * const verifyPreviewToken = createPreviewTokenVerifier(secret);
  *
  * // Use in route handler
- * const payload = verifyPreviewToken(token);
+ * const payload = await verifyPreviewToken(token);
  * if (!payload) {
  *   return new Response("Invalid token", { status: 401 });
  * }
  * ```
  */
-declare function createPreviewTokenVerifier(secret?: string): (token: string) => PreviewTokenPayload | null;
+declare function createPreviewTokenVerifier(secret: string): (token: string) => Promise<PreviewTokenPayload | null>;
 /**
- * Default preview functions bundle with env-based secret.
+ * Default preview functions bundle. The route handlers resolve the token
+ * secret from `app.config.secret` at request time.
  * Used by the `adminModule` to register preview RPC functions.
  */
 declare const previewFunctions: {
-  getPreviewUrl: questpie88.JsonRouteDefinition<{
+  getPreviewUrl: questpie141.JsonRouteDefinition<{
     collection: string;
     record: Record<string, unknown>;
     locale?: string | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  mintPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie141.JsonRouteParams>;
+  mintPreviewToken: questpie141.JsonRouteDefinition<{
     path: string;
     ttlMs?: number | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  verifyPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie141.JsonRouteParams>;
+  verifyPreviewToken: questpie141.JsonRouteDefinition<{
     token: string;
-  }, any, questpie88.JsonRouteParams>;
+  }, any, questpie141.JsonRouteParams>;
 };
 //#endregion
 export { PreviewTokenPayload, createPreviewFunctions, createPreviewTokenVerifier, previewFunctions, verifyPreviewTokenDirect };

package/dist/server/modules/admin/routes/preview.mjs

@@ -1,9 +1,7 @@
-import { getPreviewSecret } from "../../../../shared/preview-utils.mjs";
 import { getApp, getCollectionState, getLocale, getSession } from "./route-helpers.mjs";
 import { translateAdminMessage } from "./i18n-helpers.mjs";
 import { z } from "zod";
 import { ApiError, route } from "questpie";
-import { createHmac, timingSafeEqual } from "node:crypto";
 
 //#region src/server/modules/admin/routes/preview.ts
 /**
@@ -14,14 +12,72 @@ import { createHmac, timingSafeEqual } from "node:crypto";
 *
 * Browser-safe utilities (isDraftMode, createDraftModeCookie, etc.) are in @questpie/admin/shared
 */
+const textEncoder = new TextEncoder();
+const textDecoder = new TextDecoder();
+function bytesFromBase64Input(input) {
+	if (typeof input === "string") return textEncoder.encode(input);
+	if (input instanceof Uint8Array) return input;
+	return new Uint8Array(input);
+}
+function bytesToBase64(bytes) {
+	let binary = "";
+	const chunkSize = 32768;
+	for (let i = 0; i < bytes.length; i += chunkSize) binary += String.fromCharCode(...bytes.subarray(i, i + chunkSize));
+	return btoa(binary);
+}
+function base64ToBytes(input) {
+	const binary = atob(input);
+	const bytes = new Uint8Array(binary.length);
+	for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
+	return bytes;
+}
 function base64UrlEncode(input) {
-	return (Buffer.isBuffer(input) ? input : Buffer.from(input)).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+	return bytesToBase64(bytesFromBase64Input(input)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
 }
 function base64UrlDecode(input) {
 	let base64 = input.replace(/-/g, "+").replace(/_/g, "/");
 	const padding = base64.length % 4;
 	if (padding) base64 += "=".repeat(4 - padding);
-	return Buffer.from(base64, "base64").toString("utf8");
+	return textDecoder.decode(base64ToBytes(base64));
+}
+async function signPayload(payload, secret) {
+	const subtle = globalThis.crypto?.subtle;
+	if (!subtle) throw new Error("[preview] Web Crypto API is required to sign preview tokens.");
+	const key = await subtle.importKey("raw", textEncoder.encode(secret), {
+		name: "HMAC",
+		hash: "SHA-256"
+	}, false, ["sign"]);
+	return base64UrlEncode(await subtle.sign("HMAC", key, textEncoder.encode(payload)));
+}
+function timingSafeEqualAscii(a, b) {
+	const aBytes = textEncoder.encode(a);
+	const bBytes = textEncoder.encode(b);
+	let diff = aBytes.length ^ bBytes.length;
+	const maxLength = Math.max(aBytes.length, bBytes.length);
+	for (let i = 0; i < maxLength; i++) diff |= (aBytes[i] ?? 0) ^ (bBytes[i] ?? 0);
+	return diff === 0;
+}
+function defaultPreviewSecret(ctx) {
+	return getApp(ctx).config.secret ?? "dev-preview-secret";
+}
+async function resolvePreviewSecret(source, ctx) {
+	const secret = typeof source === "function" ? await source(ctx) : source;
+	if (!secret) throw new Error("[preview] Preview token secret must not be empty.");
+	return secret;
+}
+function parsePreviewTokenPayload(encodedPayload) {
+	try {
+		const payload = JSON.parse(base64UrlDecode(encodedPayload));
+		if (!payload?.exp || typeof payload.exp !== "number") return { error: "invalidPayload" };
+		if (payload.exp < Date.now()) return { error: "tokenExpired" };
+		if (!payload.path || typeof payload.path !== "string") return { error: "invalidPath" };
+		return { payload };
+	} catch {
+		return { error: "invalidPayload" };
+	}
+}
+async function verifyPreviewSignature(encodedPayload, signature, secret) {
+	return timingSafeEqualAscii(signature, await signPayload(encodedPayload, secret));
 }
 const mintPreviewTokenSchema = z.object({
 	path: z.string().min(1),
@@ -41,13 +97,11 @@ const DEFAULT_TTL_MS = 3600 * 1e3;
 /**
 * Create preview-related RPC functions.
 *
-* @param secret - Secret key for signing tokens
+* @param secret - Secret key or resolver for signing tokens. Defaults to
+*   `app.config.secret` from the current route context.
 * @returns Object with preview functions
 */
-function createPreviewFunctions(secret) {
-	const signPayload = (payload) => {
-		return base64UrlEncode(createHmac("sha256", secret).update(payload).digest());
-	};
+function createPreviewFunctions(secret = defaultPreviewSecret) {
 	return {
 		mintPreviewToken: route().post().schema(mintPreviewTokenSchema).outputSchema(mintPreviewTokenOutputSchema).handler(async (ctx) => {
 			const { input } = ctx;
@@ -62,7 +116,7 @@ function createPreviewFunctions(secret) {
 			};
 			const encodedPayload = base64UrlEncode(JSON.stringify(payload));
 			return {
-				token: `${encodedPayload}.${signPayload(encodedPayload)}`,
+				token: `${encodedPayload}.${await signPayload(encodedPayload, await resolvePreviewSecret(secret, ctx))}`,
 				expiresAt
 			};
 		}),
@@ -76,41 +130,19 @@ function createPreviewFunctions(secret) {
 				valid: false,
 				error: t("preview.invalidTokenFormat")
 			};
-			const expectedSignature = signPayload(encodedPayload);
-			const signatureBuffer = Uint8Array.from(Buffer.from(signature));
-			const expectedBuffer = Uint8Array.from(Buffer.from(expectedSignature));
-			if (signatureBuffer.length !== expectedBuffer.length) return {
+			if (!await verifyPreviewSignature(encodedPayload, signature, await resolvePreviewSecret(secret, ctx))) return {
 				valid: false,
 				error: t("preview.invalidSignature")
 			};
-			if (!timingSafeEqual(signatureBuffer, expectedBuffer)) return {
+			const parsed = parsePreviewTokenPayload(encodedPayload);
+			if ("error" in parsed) return {
 				valid: false,
-				error: t("preview.invalidSignature")
+				error: t(`preview.${parsed.error}`)
+			};
+			return {
+				valid: true,
+				path: parsed.payload.path
 			};
-			try {
-				const payload = JSON.parse(base64UrlDecode(encodedPayload));
-				if (!payload?.exp || typeof payload.exp !== "number") return {
-					valid: false,
-					error: t("preview.invalidPayload")
-				};
-				if (payload.exp < Date.now()) return {
-					valid: false,
-					error: t("preview.tokenExpired")
-				};
-				if (!payload.path || typeof payload.path !== "string") return {
-					valid: false,
-					error: t("preview.invalidPath")
-				};
-				return {
-					valid: true,
-					path: payload.path
-				};
-			} catch {
-				return {
-					valid: false,
-					error: t("preview.invalidPayload")
-				};
-			}
 		})
 	};
 }
@@ -122,47 +154,35 @@ function createPreviewFunctions(secret) {
 * @param secret - The secret used to sign the token
 * @returns The payload if valid, null otherwise
 */
-function verifyPreviewTokenDirect(token, secret) {
+async function verifyPreviewTokenDirect(token, secret) {
 	const [encodedPayload, signature] = token.split(".");
 	if (!encodedPayload || !signature) return null;
-	const expectedSignature = base64UrlEncode(createHmac("sha256", secret).update(encodedPayload).digest());
-	const signatureBuffer = Uint8Array.from(Buffer.from(signature));
-	const expectedBuffer = Uint8Array.from(Buffer.from(expectedSignature));
-	if (signatureBuffer.length !== expectedBuffer.length) return null;
-	if (!timingSafeEqual(signatureBuffer, expectedBuffer)) return null;
-	try {
-		const payload = JSON.parse(base64UrlDecode(encodedPayload));
-		if (!payload?.exp || typeof payload.exp !== "number") return null;
-		if (payload.exp < Date.now()) return null;
-		if (!payload.path || typeof payload.path !== "string") return null;
-		return payload;
-	} catch {
-		return null;
-	}
+	if (!await verifyPreviewSignature(encodedPayload, signature, secret)) return null;
+	const parsed = parsePreviewTokenPayload(encodedPayload);
+	return "payload" in parsed ? parsed.payload : null;
 }
 /**
 * Create a preview token verifier with bound secret.
 * Use this in route handlers to avoid passing secret repeatedly.
 *
-* @param secret - The secret used to sign tokens (optional, uses env if not provided)
+* @param secret - The secret used to sign tokens.
 * @returns A verify function that only needs the token
 *
 * @example
 * ```ts
 * // Create once at module level
-* const verifyPreviewToken = createPreviewTokenVerifier();
+* const verifyPreviewToken = createPreviewTokenVerifier(secret);
 *
 * // Use in route handler
-* const payload = verifyPreviewToken(token);
+* const payload = await verifyPreviewToken(token);
 * if (!payload) {
 *   return new Response("Invalid token", { status: 401 });
 * }
 * ```
 */
 function createPreviewTokenVerifier(secret) {
-	const resolvedSecret = secret ?? getPreviewSecret();
 	return (token) => {
-		return verifyPreviewTokenDirect(token, resolvedSecret);
+		return verifyPreviewTokenDirect(token, secret);
 	};
 }
 const getPreviewUrlSchema = z.object({
@@ -226,11 +246,12 @@ const getPreviewUrl = route().post().schema(getPreviewUrlSchema).outputSchema(ge
 	}
 });
 /**
-* Default preview functions bundle with env-based secret.
+* Default preview functions bundle. The route handlers resolve the token
+* secret from `app.config.secret` at request time.
 * Used by the `adminModule` to register preview RPC functions.
 */
 const previewFunctions = {
-	...createPreviewFunctions(getPreviewSecret()),
+	...createPreviewFunctions(),
 	getPreviewUrl
 };
 

package/dist/server/modules/admin/routes/reactive.d.mts

@@ -1,4 +1,4 @@
-import * as questpie80 from "questpie";
+import * as questpie113 from "questpie";
 
 //#region src/server/modules/admin/routes/reactive.d.ts
 
@@ -13,7 +13,7 @@ import * as questpie80 from "questpie";
  * Batch reactive endpoint.
  * Executes multiple reactive handlers in a single request.
  */
-declare const batchReactive: questpie80.JsonRouteDefinition<{
+declare const batchReactive: questpie113.JsonRouteDefinition<{
   collection: string;
   type: "collection" | "global";
   requests: {
@@ -27,12 +27,12 @@ declare const batchReactive: questpie80.JsonRouteDefinition<{
   }[];
   formData?: Record<string, unknown> | undefined;
   prevData?: Record<string, unknown> | null | undefined;
-}, any, questpie80.JsonRouteParams>;
+}, any, questpie113.JsonRouteParams>;
 /**
  * Dynamic options endpoint.
  * Fetches options for select/relation fields with search and pagination.
  */
-declare const fieldOptions: questpie80.JsonRouteDefinition<{
+declare const fieldOptions: questpie113.JsonRouteDefinition<{
   collection: string;
   type: "collection" | "global";
   field: string;
@@ -41,12 +41,12 @@ declare const fieldOptions: questpie80.JsonRouteDefinition<{
   page: number;
   limit: number;
   siblingData?: Record<string, unknown> | null | undefined;
-}, any, questpie80.JsonRouteParams>;
+}, any, questpie113.JsonRouteParams>;
 /**
  * Reactive functions bundle.
  */
 declare const reactiveFunctions: {
-  readonly batchReactive: questpie80.JsonRouteDefinition<{
+  readonly batchReactive: questpie113.JsonRouteDefinition<{
     collection: string;
     type: "collection" | "global";
     requests: {
@@ -60,8 +60,8 @@ declare const reactiveFunctions: {
     }[];
     formData?: Record<string, unknown> | undefined;
     prevData?: Record<string, unknown> | null | undefined;
-  }, any, questpie80.JsonRouteParams>;
-  readonly fieldOptions: questpie80.JsonRouteDefinition<{
+  }, any, questpie113.JsonRouteParams>;
+  readonly fieldOptions: questpie113.JsonRouteDefinition<{
     collection: string;
     type: "collection" | "global";
     field: string;
@@ -70,7 +70,7 @@ declare const reactiveFunctions: {
     page: number;
     limit: number;
     siblingData?: Record<string, unknown> | null | undefined;
-  }, any, questpie80.JsonRouteParams>;
+  }, any, questpie113.JsonRouteParams>;
 };
 //#endregion
 export { batchReactive, fieldOptions, reactiveFunctions };

package/dist/server/modules/admin/routes/setup.d.mts

@@ -1,4 +1,4 @@
-import * as questpie72 from "questpie";
+import * as questpie129 from "questpie";
 
 //#region src/server/modules/admin/routes/setup.d.ts
 
@@ -20,7 +20,7 @@ import * as questpie72 from "questpie";
  * }
  * ```
  */
-declare const isSetupRequired: questpie72.JsonRouteDefinition<Record<string, never>, any, questpie72.JsonRouteParams>;
+declare const isSetupRequired: questpie129.JsonRouteDefinition<Record<string, never>, any, questpie129.JsonRouteParams>;
 /**
  * Create the first admin user in the system.
  * This function only works when no admin users exist (setup mode).
@@ -43,21 +43,21 @@ declare const isSetupRequired: questpie72.JsonRouteDefinition<Record<string, nev
  * }
  * ```
  */
-declare const createFirstAdmin: questpie72.JsonRouteDefinition<{
+declare const createFirstAdmin: questpie129.JsonRouteDefinition<{
   email: string;
   password: string;
   name: string;
-}, any, questpie72.JsonRouteParams>;
+}, any, questpie129.JsonRouteParams>;
 /**
  * Bundle of setup-related functions.
  */
 declare const setupFunctions: {
-  readonly isSetupRequired: questpie72.JsonRouteDefinition<Record<string, never>, any, questpie72.JsonRouteParams>;
-  readonly createFirstAdmin: questpie72.JsonRouteDefinition<{
+  readonly isSetupRequired: questpie129.JsonRouteDefinition<Record<string, never>, any, questpie129.JsonRouteParams>;
+  readonly createFirstAdmin: questpie129.JsonRouteDefinition<{
     email: string;
     password: string;
     name: string;
-  }, any, questpie72.JsonRouteParams>;
+  }, any, questpie129.JsonRouteParams>;
 };
 //#endregion
 export { createFirstAdmin, isSetupRequired, setupFunctions };

package/dist/server/modules/admin/routes/translations.d.mts

@@ -1,4 +1,4 @@
-import * as questpie397 from "questpie";
+import * as questpie458 from "questpie";
 
 //#region src/server/modules/admin/routes/translations.d.ts
 
@@ -17,10 +17,10 @@ import * as questpie397 from "questpie";
  * Bundle of translation-related functions.
  */
 declare const translationFunctions: {
-  readonly getAdminTranslations: questpie397.JsonRouteDefinition<{
+  readonly getAdminTranslations: questpie458.JsonRouteDefinition<{
     locale: string;
-  }, any, questpie397.JsonRouteParams>;
-  readonly getAdminLocales: questpie397.JsonRouteDefinition<Record<string, never> | undefined, any, questpie397.JsonRouteParams>;
+  }, any, questpie458.JsonRouteParams>;
+  readonly getAdminLocales: questpie458.JsonRouteDefinition<Record<string, never> | undefined, any, questpie458.JsonRouteParams>;
 };
 //#endregion
 export { translationFunctions };

package/dist/server/modules/admin/routes/widget-data.d.mts

@@ -1,4 +1,4 @@
-import * as questpie16 from "questpie";
+import * as questpie137 from "questpie";
 
 //#region src/server/modules/admin/routes/widget-data.d.ts
 
@@ -20,13 +20,13 @@ import * as questpie16 from "questpie";
  * const data = await client.routes.fetchWidgetData({ widgetId: "my-widget" });
  * ```
  */
-declare const fetchWidgetData: questpie16.JsonRouteDefinition<{
+declare const fetchWidgetData: questpie137.JsonRouteDefinition<{
   widgetId: string;
-}, any, questpie16.JsonRouteParams>;
+}, any, questpie137.JsonRouteParams>;
 declare const widgetDataFunctions: {
-  readonly fetchWidgetData: questpie16.JsonRouteDefinition<{
+  readonly fetchWidgetData: questpie137.JsonRouteDefinition<{
     widgetId: string;
-  }, any, questpie16.JsonRouteParams>;
+  }, any, questpie137.JsonRouteParams>;
 };
 //#endregion
 export { fetchWidgetData, widgetDataFunctions };