@revealui/core 0.5.2 → 0.5.4

package/README.md

@@ -145,6 +145,20 @@ pnpm test
 pnpm dev
 ```
 
+## When to Use This
+
+- You're building a content-driven app and need collections, admin UI, and CRUD out of the box
+- You need RBAC/ABAC access control, GDPR compliance, or feature gating by license tier
+- You want a rich text editor (Lexical) integrated with your CMS
+- **Not** for standalone UI components — use `@revealui/presentation`
+- **Not** for raw database queries — use `@revealui/db` directly
+
+## JOSHUA Alignment
+
+- **Sovereign**: Self-hosted CMS engine — no SaaS dependency for content management, auth, or storage
+- **Unified**: One `buildConfig()` call wires collections, globals, plugins, security, and feature gates into a single configuration
+- **Adaptive**: Plugin system and tier-based feature gating let the platform evolve without breaking existing deployments
+
 ## Related
 
 - [Contracts Package](../contracts/README.md) — Zod schemas and TypeScript types

package/dist/cache/query-cache.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"query-cache.d.ts","sourceRoot":"","sources":["../../src/cache/query-cache.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,UAAU,YAAY;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,UAAU,UAAU;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB;AAyED;;GAEG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,GAAE,YAAiB,GACzB,OAAO,CAAC,CAAC,CAAC,CA+BZ;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAEjD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAK5D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAIxD;AAED;;GAEG;AACH,wBAAgB,UAAU,IAAI,IAAI,CAEjC;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,UAAU,CAE1C;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,EAAE,CAAC,EAC3B,GAAG,SAAM,GACR,OAAO,CAAC,CAAC,EAAE,CAAC,CASd;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM,GAAG,MAAM,EACnB,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,GAAG,SAAM,GACR,OAAO,CAAC,CAAC,CAAC,CAIZ;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,EAC9B,GAAG,SAAM,GACR,OAAO,CAAC,MAAM,CAAC,CASjB;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAEzD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,SAAM,GAAG,IAAI,CAElE;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI,CASlD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAGhD;AAED;;GAEG;AACH,wBAAgB,OAAO,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,EACxE,EAAE,EAAE,CAAC,EACL,OAAO,GAAE,YAAiB,GACzB,CAAC,CAKH;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,EAC1E,OAAO,EAAE,CAAC,EACV,OAAO,EAAE;IACP,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC;IAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GACA,CAAC,CAQH;AAED;;GAEG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,UAAU,EAAE,KAAK,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,CAAC;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC,GACD,OAAO,CAAC,CAAC,EAAE,CAAC,CAEd;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAAC,CAAC,EAC9B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,GAAE;IACP,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACf,GACL,OAAO,CAAC,CAAC,CAAC,CA0CZ"}
+{"version":3,"file":"query-cache.d.ts","sourceRoot":"","sources":["../../src/cache/query-cache.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,UAAU,YAAY;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,UAAU,UAAU;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB;AAiFD;;GAEG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,GAAE,YAAiB,GACzB,OAAO,CAAC,CAAC,CAAC,CA+BZ;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAEjD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAK5D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAIxD;AAED;;GAEG;AACH,wBAAgB,UAAU,IAAI,IAAI,CAEjC;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,UAAU,CAE1C;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,EAAE,CAAC,EAC3B,GAAG,SAAM,GACR,OAAO,CAAC,CAAC,EAAE,CAAC,CASd;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM,GAAG,MAAM,EACnB,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,GAAG,SAAM,GACR,OAAO,CAAC,CAAC,CAAC,CAIZ;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,EAC9B,GAAG,SAAM,GACR,OAAO,CAAC,MAAM,CAAC,CASjB;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAEzD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,SAAM,GAAG,IAAI,CAElE;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI,CASlD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAGhD;AAED;;GAEG;AACH,wBAAgB,OAAO,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,EACxE,EAAE,EAAE,CAAC,EACL,OAAO,GAAE,YAAiB,GACzB,CAAC,CAKH;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,EAC1E,OAAO,EAAE,CAAC,EACV,OAAO,EAAE;IACP,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC;IAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GACA,CAAC,CAQH;AAED;;GAEG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,UAAU,EAAE,KAAK,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,CAAC;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC,GACD,OAAO,CAAC,CAAC,EAAE,CAAC,CAEd;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAAC,CAAC,EAC9B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,GAAE;IACP,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACf,GACL,OAAO,CAAC,CAAC,CAAC,CA0CZ"}

package/dist/cache/query-cache.js

@@ -50,8 +50,18 @@ class QueryCache {
         return deleted;
     }
     keys(pattern) {
-        const regex = new RegExp(pattern.replace('*', '.*'));
-        return Array.from(this.cache.keys()).filter((key) => regex.test(key));
+        const startsWild = pattern.startsWith('*');
+        const endsWild = pattern.endsWith('*');
+        const core = pattern.slice(startsWild ? 1 : 0, endsWild ? -1 : undefined);
+        return Array.from(this.cache.keys()).filter((key) => {
+            if (startsWild && endsWild)
+                return key.includes(core);
+            if (startsWild)
+                return key.endsWith(core);
+            if (endsWild)
+                return key.startsWith(core);
+            return key === core;
+        });
     }
     clear() {
         this.cache.clear();

package/dist/client/admin/layout.js

@@ -3,5 +3,5 @@ import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
 import Head from 'next/head';
 import { ServerFunctionProvider } from './context/ServerFunctionContext.js';
 export function RootLayout({ children, serverFunction }) {
-    return (_jsxs("html", { lang: "en", children: [_jsxs(Head, { children: [_jsx("meta", { charSet: "utf-8" }), _jsx("meta", { name: "viewport", content: "width=device-width, initial-scale=1" }), _jsx("title", { children: "RevealUI Admin" })] }), _jsx("body", { className: "antialiased", children: _jsx(ServerFunctionProvider, { serverFunction: serverFunction, children: _jsx("div", { id: "revealui-admin", className: "min-h-screen", children: children }) }) })] }));
+    return (_jsxs("html", { lang: "en", children: [_jsxs(Head, { children: [_jsx("meta", { charSet: "utf-8" }), _jsx("meta", { name: "viewport", content: "width=device-width, initial-scale=1" }), _jsx("title", { children: "RevealUI Admin" })] }), _jsx("body", { className: "antialiased", children: _jsx(ServerFunctionProvider, { serverFunction: serverFunction, children: _jsx("main", { id: "revealui-admin", className: "min-h-screen", children: children }) }) })] }));
 }

package/dist/collections/operations/sqlAdapter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sqlAdapter.d.ts","sourceRoot":"","sources":["../../../src/collections/operations/sqlAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D,MAAM,MAAM,qBAAqB,GAAG;IAClC,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;CACvE,CAAC;AAgBF,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAM/C;AAKD,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAMvD;AAED,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE3D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAG1D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CAIpF;AAED,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,MAAM,EACrB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAClB,MAAM,CAER;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAKjF;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE/D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAI1E;AAED;;;;GAIG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAKrF"}
+{"version":3,"file":"sqlAdapter.d.ts","sourceRoot":"","sources":["../../../src/collections/operations/sqlAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D,MAAM,MAAM,qBAAqB,GAAG;IAClC,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;CACvE,CAAC;AA6BF,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAM/C;AAkBD,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAMvD;AAED,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE3D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAG1D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CAIpF;AAED,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,MAAM,EACrB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAClB,MAAM,CAER;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAKjF;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAE/D;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAI1E;AAED;;;;GAIG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAKrF"}

package/dist/collections/operations/sqlAdapter.js

@@ -9,21 +9,53 @@
  * redesign the collection storage layer toward typed tables instead.
  */
 /** Only lowercase alphanumeric, hyphens, and underscores (1-63 chars, PostgreSQL identifier limit). */
-const VALID_SLUG = /^[a-z][a-z0-9_-]{0,62}$/;
+function isValidSlug(s) {
+    if (s.length < 1 || s.length > 63)
+        return false;
+    // First char must be lowercase letter
+    const first = s.charCodeAt(0);
+    if (first < 97 || first > 122)
+        return false;
+    for (let i = 1; i < s.length; i++) {
+        const c = s.charCodeAt(i);
+        const isLower = c >= 97 && c <= 122;
+        const isDigit = c >= 48 && c <= 57;
+        // underscore = 95, hyphen = 45
+        if (!(isLower || isDigit || c === 95 || c === 45))
+            return false;
+    }
+    return true;
+}
 export function validateSlug(slug) {
-    if (!VALID_SLUG.test(slug)) {
+    if (!isValidSlug(slug)) {
         throw new Error(`Invalid collection slug: "${slug}". Slugs must start with a lowercase letter and contain only lowercase alphanumeric characters, hyphens, and underscores (max 63 chars).`);
     }
 }
 /** Only lowercase alphanumeric and underscores (PostgreSQL column name safe). */
-const VALID_COLUMN = /^[a-z_][a-z0-9_]{0,62}$/;
+function isValidColumnName(s) {
+    if (s.length < 1 || s.length > 63)
+        return false;
+    // First char must be lowercase letter or underscore
+    const first = s.charCodeAt(0);
+    const firstIsLower = first >= 97 && first <= 122;
+    if (!(firstIsLower || first === 95))
+        return false;
+    for (let i = 1; i < s.length; i++) {
+        const c = s.charCodeAt(i);
+        const isLower = c >= 97 && c <= 122;
+        const isDigit = c >= 48 && c <= 57;
+        if (!(isLower || isDigit || c === 95))
+            return false;
+    }
+    return true;
+}
 export function validateColumnName(column) {
-    if (!VALID_COLUMN.test(column)) {
+    if (!isValidColumnName(column)) {
         throw new Error(`Invalid column name: "${column}". Column names must start with a lowercase letter or underscore and contain only lowercase alphanumeric characters and underscores.`);
     }
 }
 export function escapeIdentifier(identifier) {
-    return identifier.replace(/"/g, '""');
+    return identifier.split('"').join('""');
 }
 export function collectionTable(configSlug) {
     validateSlug(configSlug);

package/dist/features.d.ts

@@ -11,9 +11,9 @@
 import { type LicenseTier } from './license.js';
 /** All gated features in RevealUI */
 export interface FeatureFlags {
-    /** Local AI inference via BitNet — available at all tiers (no API key needed) */
+    /** Local AI inference via Inference Snaps or BitNet — available at all tiers (no API key needed) */
     aiLocal: boolean;
-    /** Cloud AI agent system (Pro: 1 provider, Enterprise: all providers) */
+    /** AI agent system — local + cloud via RevealUI harness (Pro+) */
     ai: boolean;
     /** AI memory system — working + episodic + vector (Max: basic, Enterprise: full) */
     aiMemory: boolean;
@@ -27,14 +27,10 @@ export interface FeatureFlags {
     whiteLabel: boolean;
     /** SSO/SAML authentication (planned — not yet implemented) */
     sso: boolean;
-    /** BYOK server-side key storage (Max+) */
-    byokServerSide: boolean;
-    /** Multi-provider AI (Max+: 2 providers, Enterprise: all providers) */
-    aiMultiProvider: boolean;
+    /** Open-model inference configuration — snaps, BitNet, harness (Max+) */
+    aiInference: boolean;
     /** Audit logging and compliance trail */
     auditLog: boolean;
-    /** AI sampling for free users — limited cloud tasks via platform key */
-    aiSampling: boolean;
     /** Full real-time sync with conflict resolution */
     advancedSync: boolean;
     /** Monitoring dashboard */
@@ -43,7 +39,7 @@ export interface FeatureFlags {
     customDomain: boolean;
     /** Analytics and conversion tracking */
     analytics: boolean;
-    /** RevVault desktop app — Tauri companion for encrypted secret management (Pro+) */
+    /** RevVault desktop app — Tauri native AI experience for encrypted secret management (Pro+) */
     vaultDesktop: boolean;
     /** RevVault rotation engine — automated credential lifecycle (Pro+) */
     vaultRotation: boolean;

package/dist/features.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"features.d.ts","sourceRoot":"","sources":["../src/features.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAc,KAAK,WAAW,EAAE,MAAM,cAAc,CAAC;AAE5D,qCAAqC;AACrC,MAAM,WAAW,YAAY;IAC3B,iFAAiF;IACjF,OAAO,EAAE,OAAO,CAAC;IACjB,yEAAyE;IACzE,EAAE,EAAE,OAAO,CAAC;IACZ,oFAAoF;IACpF,QAAQ,EAAE,OAAO,CAAC;IAClB,6BAA6B;IAC7B,GAAG,EAAE,OAAO,CAAC;IACb,yCAAyC;IACzC,QAAQ,EAAE,OAAO,CAAC;IAClB,mCAAmC;IACnC,WAAW,EAAE,OAAO,CAAC;IACrB,kEAAkE;IAClE,UAAU,EAAE,OAAO,CAAC;IACpB,8DAA8D;IAC9D,GAAG,EAAE,OAAO,CAAC;IACb,0CAA0C;IAC1C,cAAc,EAAE,OAAO,CAAC;IACxB,uEAAuE;IACvE,eAAe,EAAE,OAAO,CAAC;IACzB,yCAAyC;IACzC,QAAQ,EAAE,OAAO,CAAC;IAClB,wEAAwE;IACxE,UAAU,EAAE,OAAO,CAAC;IACpB,mDAAmD;IACnD,YAAY,EAAE,OAAO,CAAC;IACtB,2BAA2B;IAC3B,SAAS,EAAE,OAAO,CAAC;IACnB,4BAA4B;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,wCAAwC;IACxC,SAAS,EAAE,OAAO,CAAC;IACnB,oFAAoF;IACpF,YAAY,EAAE,OAAO,CAAC;IACtB,uEAAuE;IACvE,aAAa,EAAE,OAAO,CAAC;IACvB,mEAAmE;IACnE,cAAc,EAAE,OAAO,CAAC;CACzB;AA4BD;;;;;;;;;;;;GAYG;AACH,wBAAgB,WAAW,IAAI,YAAY,CAY1C;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,YAAY,GAAG,OAAO,CAMrE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,WAAW,GAAG,YAAY,CAmBlE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,YAAY,GAAG,WAAW,CAExE;AAED;;GAEG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}
+{"version":3,"file":"features.d.ts","sourceRoot":"","sources":["../src/features.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAc,KAAK,WAAW,EAAE,MAAM,cAAc,CAAC;AAE5D,qCAAqC;AACrC,MAAM,WAAW,YAAY;IAC3B,oGAAoG;IACpG,OAAO,EAAE,OAAO,CAAC;IACjB,kEAAkE;IAClE,EAAE,EAAE,OAAO,CAAC;IACZ,oFAAoF;IACpF,QAAQ,EAAE,OAAO,CAAC;IAClB,6BAA6B;IAC7B,GAAG,EAAE,OAAO,CAAC;IACb,yCAAyC;IACzC,QAAQ,EAAE,OAAO,CAAC;IAClB,mCAAmC;IACnC,WAAW,EAAE,OAAO,CAAC;IACrB,kEAAkE;IAClE,UAAU,EAAE,OAAO,CAAC;IACpB,8DAA8D;IAC9D,GAAG,EAAE,OAAO,CAAC;IACb,yEAAyE;IACzE,WAAW,EAAE,OAAO,CAAC;IACrB,yCAAyC;IACzC,QAAQ,EAAE,OAAO,CAAC;IAClB,mDAAmD;IACnD,YAAY,EAAE,OAAO,CAAC;IACtB,2BAA2B;IAC3B,SAAS,EAAE,OAAO,CAAC;IACnB,4BAA4B;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,wCAAwC;IACxC,SAAS,EAAE,OAAO,CAAC;IACnB,+FAA+F;IAC/F,YAAY,EAAE,OAAO,CAAC;IACtB,uEAAuE;IACvE,aAAa,EAAE,OAAO,CAAC;IACvB,mEAAmE;IACnE,cAAc,EAAE,OAAO,CAAC;CACzB;AA0BD;;;;;;;;;;;;GAYG;AACH,wBAAgB,WAAW,IAAI,YAAY,CAY1C;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,YAAY,GAAG,OAAO,CAMrE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,WAAW,GAAG,YAAY,CAmBlE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,YAAY,GAAG,WAAW,CAExE;AAED;;GAEG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}

package/dist/features.js

@@ -13,7 +13,6 @@ import { isLicensed } from './license.js';
 const featureTierMap = {
     aiLocal: 'free',
     ai: 'pro',
-    aiSampling: 'free',
     mcp: 'pro',
     payments: 'pro',
     advancedSync: 'pro',
@@ -21,8 +20,7 @@ const featureTierMap = {
     customDomain: 'pro',
     analytics: 'pro',
     aiMemory: 'max',
-    byokServerSide: 'max',
-    aiMultiProvider: 'max',
+    aiInference: 'max',
     auditLog: 'max',
     multiTenant: 'enterprise',
     // NOTE: whiteLabel and sso are planned but not yet implemented.

package/dist/globals/GlobalOperations.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"GlobalOperations.d.ts","sourceRoot":"","sources":["../../src/globals/GlobalOperations.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EACd,kBAAkB,EAClB,aAAa,EAEd,MAAM,mBAAmB,CAAC;AAG3B;;;;GAIG;AACH,qBAAa,cAAc;IACzB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,EAAE,EAAE;QACF,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;KACvE,GAAG,IAAI,CAAC;gBAGP,MAAM,EAAE,kBAAkB,EAC1B,EAAE,EAAE;QACF,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;KACvE,GAAG,IAAI;IAMJ,IAAI,CACR,OAAO,GAAE;QACP,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,OAAO,mBAAmB,EAAE,YAAY,CAAC;QACpD,GAAG,CAAC,EAAE,aAAa,CAAC;KAChB,GACL,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAsG3B,MAAM,CAAC,OAAO,EAAE;QAAE,IAAI,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;CAqElF"}
+{"version":3,"file":"GlobalOperations.d.ts","sourceRoot":"","sources":["../../src/globals/GlobalOperations.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EACd,kBAAkB,EAClB,aAAa,EAEd,MAAM,mBAAmB,CAAC;AAG3B;;;;GAIG;AACH,qBAAa,cAAc;IACzB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,EAAE,EAAE;QACF,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;KACvE,GAAG,IAAI,CAAC;gBAGP,MAAM,EAAE,kBAAkB,EAC1B,EAAE,EAAE;QACF,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;KACvE,GAAG,IAAI;IAMJ,IAAI,CACR,OAAO,GAAE;QACP,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,OAAO,mBAAmB,EAAE,YAAY,CAAC;QACpD,GAAG,CAAC,EAAE,aAAa,CAAC;KAChB,GACL,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAwG3B,MAAM,CAAC,OAAO,EAAE;QAAE,IAAI,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;CAqElF"}

package/dist/globals/GlobalOperations.js

@@ -1,4 +1,4 @@
-import { validateColumnName, validateSlug } from '../collections/operations/sqlAdapter.js';
+import { escapeIdentifier, validateColumnName, validateSlug, } from '../collections/operations/sqlAdapter.js';
 import { afterRead } from '../fields/hooks/afterRead/index.js';
 import { getRelationshipFields } from '../relationships/analyzer.js';
 import { flattenResult } from '../utils/flattenResult.js';
@@ -22,7 +22,10 @@ export class RevealUIGlobal {
         }
         if (this.db?.query) {
             const slug = this.config.slug;
-            if (!/^[a-z][a-z0-9_-]{0,62}$/.test(slug)) {
+            try {
+                validateSlug(slug);
+            }
+            catch {
                 throw new Error(`Invalid global slug: "${slug}". Must be lowercase alphanumeric with hyphens/underscores.`);
             }
             const tableName = `global_${slug}`;
@@ -101,7 +104,10 @@ export class RevealUIGlobal {
         const { data } = options;
         if (this.db?.query) {
             const slug = this.config.slug;
-            if (!/^[a-z][a-z0-9_-]{0,62}$/.test(slug)) {
+            try {
+                validateSlug(slug);
+            }
+            catch {
                 throw new Error(`Invalid global slug: "${slug}". Must be lowercase alphanumeric with hyphens/underscores.`);
             }
             const tableName = `global_${slug}`;
@@ -114,9 +120,7 @@ export class RevealUIGlobal {
                 const keys = Object.keys(data);
                 for (const key of keys)
                     validateColumnName(key);
-                const setClause = keys
-                    .map((key, i) => `"${key.replace(/"/g, '""')}" = $${i + 1}`)
-                    .join(', ');
+                const setClause = keys.map((key, i) => `"${escapeIdentifier(key)}" = $${i + 1}`).join(', ');
                 const values = keys.map((key) => {
                     const value = data[key];
                     // Serialize non-primitive values to JSON strings for SQLite compatibility
@@ -147,7 +151,7 @@ export class RevealUIGlobal {
                     }
                     return value;
                 });
-                const query = `INSERT INTO "${tableName}" (id, ${columns.map((c) => `"${c.replace(/"/g, '""')}"`).join(', ')}) VALUES ($1, ${placeholders})`;
+                const query = `INSERT INTO "${tableName}" (id, ${columns.map((c) => `"${escapeIdentifier(c)}"`).join(', ')}) VALUES ($1, ${placeholders})`;
                 await this.db.query(query, [id, ...values]);
             }
             const updatedDoc = await this.find();

package/dist/license.d.ts

@@ -11,8 +11,8 @@ export type LicenseTier = 'free' | 'pro' | 'max' | 'enterprise';
 /** Decoded license payload schema */
 declare const licensePayloadSchema: z.ZodObject<{
     tier: z.ZodEnum<{
-        max: "max";
         pro: "pro";
+        max: "max";
         enterprise: "enterprise";
     }>;
     customerId: z.ZodString;
@@ -78,12 +78,6 @@ export declare function getMaxUsers(): number;
  * Track B metering: free=1K, pro=10K, max=50K, enterprise=unlimited.
  */
 export declare function getMaxAgentTasks(): number;
-/**
- * Returns the maximum free-tier AI sampling tasks per billing cycle.
- * Free users get 50 cloud AI tasks/month via platform Groq key.
- * Paid users return 0 (they use full quota via getMaxAgentTasks instead).
- */
-export declare function getMaxFreemiumTasks(): number;
 /**
  * Generates a signed license key JWT.
  * This is a server-only function — requires the private key.

package/dist/license.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,8BAA8B;AAC9B,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,KAAK,GAAG,KAAK,GAAG,YAAY,CAAC;AAEhE,qCAAqC;AACrC,QAAA,MAAM,oBAAoB;;;;;;;;;;;;;iBAqBxB,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAElE,sCAAsC;AACtC,MAAM,WAAW,kBAAkB;IACjC,oDAAoD;IACpD,KAAK,EAAE,MAAM,CAAC;CACf;AASD;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,SAAS,EAAE,OAAO,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAElF;AAoCD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAEzD;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CA0BhC;AAED;;;;;GAKG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,WAAW,CAAC,CAkC9D;AAaD;;;GAGG;AACH,wBAAgB,cAAc,IAAI,WAAW,CAG5C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,cAAc,GAAG,IAAI,CAGzD;AAED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,YAAY,EAAE,WAAW,GAAG,OAAO,CAqB7D;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAMpC;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAMpC;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAMzC;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAI5C;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,kBAAkB,CACtC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,GAAG,KAAK,CAAC,EAC5C,UAAU,EAAE,MAAM,EAClB,gBAAgB,GAAE,MAAM,GAAG,IAAyB,EACpD,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,MAAM,CAAC,CAYjB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,IAAI,CAGxC"}
+{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,8BAA8B;AAC9B,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,KAAK,GAAG,KAAK,GAAG,YAAY,CAAC;AAEhE,qCAAqC;AACrC,QAAA,MAAM,oBAAoB;;;;;;;;;;;;;iBAqBxB,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAElE,sCAAsC;AACtC,MAAM,WAAW,kBAAkB;IACjC,oDAAoD;IACpD,KAAK,EAAE,MAAM,CAAC;CACf;AASD;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,SAAS,EAAE,OAAO,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAElF;AAoCD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAEzD;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CA0BhC;AAED;;;;;GAKG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,WAAW,CAAC,CAkC9D;AAaD;;;GAGG;AACH,wBAAgB,cAAc,IAAI,WAAW,CAG5C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,cAAc,GAAG,IAAI,CAGzD;AAED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,YAAY,EAAE,WAAW,GAAG,OAAO,CAqB7D;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAMpC;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAMpC;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAMzC;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,kBAAkB,CACtC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,GAAG,KAAK,CAAC,EAC5C,UAAU,EAAE,MAAM,EAClB,gBAAgB,GAAE,MAAM,GAAG,IAAyB,EACpD,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,MAAM,CAAC,CAYjB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,IAAI,CAGxC"}

package/dist/license.js

@@ -228,17 +228,6 @@ export function getMaxAgentTasks() {
         return 10_000;
     return 1_000;
 }
-/**
- * Returns the maximum free-tier AI sampling tasks per billing cycle.
- * Free users get 50 cloud AI tasks/month via platform Groq key.
- * Paid users return 0 (they use full quota via getMaxAgentTasks instead).
- */
-export function getMaxFreemiumTasks() {
-    evictStaleCache();
-    if (cachedState.tier === 'free')
-        return 50;
-    return 0;
-}
 /**
  * Generates a signed license key JWT.
  * This is a server-only function — requires the private key.

package/dist/observability/health-check.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"health-check.d.ts","sourceRoot":"","sources":["../../src/observability/health-check.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAEhE,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACxC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAuC;IACrD,OAAO,CAAC,SAAS,CAAsB;IAEvC;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,IAAI;IAIlC;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAI9B;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,YAAY,CAAC;IAoD1C;;OAEG;YACW,cAAc;IAS5B;;OAEG;IACH,SAAS,IAAI,MAAM;CAGpB;AAED;;GAEG;AACH,eAAO,MAAM,WAAW,mBAA0B,CAAC;AAEnD;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CA4BnF;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,gBAAgB,GAAE,MAAW,GAAG,WAAW,CAwClF;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,gBAAgB,GAAE,MAAW,GAAG,WAAW,CA4ChF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,GAAE,MAAY,GAAG,WAAW,CAuC3F;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,OAAO,CAAC,iBAAiB,CAAC,EACzC,QAAQ,GAAE,OAAe,GACxB,WAAW,CAMb;AAED;;GAEG;AACH,wBAAgB,oBAAoB,UACjB,OAAO,CAAC,QAAQ,CAAC,CAanC;AAED;;GAEG;AACH,wBAAgB,uBAAuB,UACpB,OAAO,CAAC,QAAQ,CAAC,CA2BnC;AAED;;GAEG;AACH,wBAAgB,sBAAsB,UACzB,QAAQ,CAqBpB;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,UAAU,GAAE,MAAc,EAC1B,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,YAAY,KAAK,IAAI,GAC9C,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAsBzB"}
+{"version":3,"file":"health-check.d.ts","sourceRoot":"","sources":["../../src/observability/health-check.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAEhE,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACxC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAuC;IACrD,OAAO,CAAC,SAAS,CAAsB;IAEvC;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,IAAI;IAIlC;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAI9B;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,YAAY,CAAC;IAoD1C;;OAEG;YACW,cAAc;IAS5B;;OAEG;IACH,SAAS,IAAI,MAAM;CAGpB;AAED;;GAEG;AACH,eAAO,MAAM,WAAW,mBAA0B,CAAC;AAEnD;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAmCnF;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,gBAAgB,GAAE,MAAW,GAAG,WAAW,CAwClF;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,gBAAgB,GAAE,MAAW,GAAG,WAAW,CA4ChF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,GAAE,MAAY,GAAG,WAAW,CAuC3F;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,OAAO,CAAC,iBAAiB,CAAC,EACzC,QAAQ,GAAE,OAAe,GACxB,WAAW,CAMb;AAED;;GAEG;AACH,wBAAgB,oBAAoB,UACjB,OAAO,CAAC,QAAQ,CAAC,CAanC;AAED;;GAEG;AACH,wBAAgB,uBAAuB,UACpB,OAAO,CAAC,QAAQ,CAAC,CA2BnC;AAED;;GAEG;AACH,wBAAgB,sBAAsB,UACzB,QAAQ,CAqBpB;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,UAAU,GAAE,MAAc,EAC1B,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,YAAY,KAAK,IAAI,GAC9C,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAsBzB"}

package/dist/observability/health-check.js

@@ -115,9 +115,15 @@ export function createDatabaseHealthCheck(queryFn) {
                 };
             }
             catch (error) {
+                // Surface the root cause — Drizzle wraps Neon errors with "Failed query: ..."
+                // but the actual HTTP/connection error is in .cause
+                let message = error instanceof Error ? error.message : 'Database connection failed';
+                if (error instanceof Error && error.cause instanceof Error) {
+                    message = `${message} | cause: ${error.cause.message}`;
+                }
                 return {
                     status: 'unhealthy',
-                    message: error instanceof Error ? error.message : 'Database connection failed',
+                    message,
                 };
             }
         },

package/dist/queries/queryBuilder.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"queryBuilder.d.ts","sourceRoot":"","sources":["../../src/queries/queryBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAExE;;;;;GAKG;AAEH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,YAAY,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,WAAW,GAAG,iBAAiB,CAAC,OAAO,CAAC,GAAG,SAAS,EAC3D,MAAM,EAAE,OAAO,EAAE,EACjB,OAAO,GAAE,iBAAsB,GAC9B,MAAM,CA0NR;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,CAAC,EAAE,WAAW,GAAG,OAAO,EAAE,CAoEjE"}
+{"version":3,"file":"queryBuilder.d.ts","sourceRoot":"","sources":["../../src/queries/queryBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAExE;;;;;GAKG;AAEH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,YAAY,CAAC;AAevD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,WAAW,GAAG,iBAAiB,CAAC,OAAO,CAAC,GAAG,SAAS,EAC3D,MAAM,EAAE,OAAO,EAAE,EACjB,OAAO,GAAE,iBAAsB,GAC9B,MAAM,CA0NR;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,CAAC,EAAE,WAAW,GAAG,OAAO,EAAE,CAoEjE"}

package/dist/queries/queryBuilder.js

@@ -1,3 +1,16 @@
+/** Escape SQL LIKE wildcards (%, _, \) in user input */
+function escapeLikeWildcards(value) {
+    let result = '';
+    for (const ch of value) {
+        if (ch === '%' || ch === '_' || ch === '\\') {
+            result += `\\${ch}`;
+        }
+        else {
+            result += ch;
+        }
+    }
+    return result;
+}
 /**
  * Builds a WHERE clause from a RevealWhere query object.
  * Supports nested AND/OR conditions and various operators.
@@ -27,7 +40,7 @@ export function buildWhereClause(where, params, options = {}) {
         if (!quoteFields)
             return field;
         // Escape embedded double quotes to prevent SQL injection via identifier breakout
-        const escaped = field.replace(/"/g, '""');
+        const escaped = field.split('"').join('""');
         return `"${escaped}"`;
     };
     const whereWithGroups = where;
@@ -149,7 +162,7 @@ export function buildWhereClause(where, params, options = {}) {
             if ('contains' in condition && typeof condition.contains === 'string') {
                 const placeholder = getPlaceholder();
                 // Escape LIKE wildcards (% and _) in user input to prevent wildcard injection
-                const escaped = condition.contains.replace(/[%_\\]/g, '\\$&');
+                const escaped = escapeLikeWildcards(condition.contains);
                 params.push(`%${escaped}%`);
                 conditions.push(`${quotedField} LIKE ${placeholder} ESCAPE '\\'`);
             }
@@ -168,7 +181,7 @@ export function buildWhereClause(where, params, options = {}) {
             // like (escape wildcards to prevent blind LIKE probing)
             if ('like' in condition && typeof condition.like === 'string') {
                 const placeholder = getPlaceholder();
-                const escaped = condition.like.replace(/[%_\\]/g, '\\$&');
+                const escaped = escapeLikeWildcards(condition.like);
                 params.push(escaped);
                 conditions.push(`${quotedField} LIKE ${placeholder} ESCAPE '\\'`);
             }
@@ -219,7 +232,7 @@ export function extractWhereValues(where) {
                         break;
                     case 'contains':
                         if (typeof value === 'string') {
-                            const escaped = value.replace(/[%_\\]/g, '\\$&');
+                            const escaped = escapeLikeWildcards(value);
                             values.push(`%${escaped}%`);
                         }
                         break;

package/package.json

@@ -1,6 +1,7 @@
 {
   "name": "@revealui/core",
-  "version": "0.5.2",
+  "version": "0.5.4",
+  "description": "CMS engine, REST API, auth, rich text, admin UI, and plugins for RevealUI",
   "license": "MIT",
   "dependencies": {
     "@electric-sql/pglite": "^0.4.2",
@@ -23,11 +24,11 @@
     "pg": "^8.18.0",
     "yjs": "^13.6.29",
     "zod": "^4.3.6",
-    "@revealui/security": "0.2.3",
-    "@revealui/utils": "0.3.0",
-    "@revealui/contracts": "1.3.3",
-    "@revealui/resilience": "0.2.0",
-    "@revealui/cache": "0.1.0"
+    "@revealui/cache": "0.1.2",
+    "@revealui/contracts": "1.3.5",
+    "@revealui/resilience": "0.2.2",
+    "@revealui/security": "0.2.5",
+    "@revealui/utils": "0.3.2"
   },
   "devDependencies": {
     "@types/json-schema": "^7.0.15",
@@ -212,6 +213,10 @@
       "types": "./dist/observability/logger.d.ts",
       "import": "./dist/observability/logger.js"
     },
+    "./observability/alerts": {
+      "types": "./dist/observability/alerts.d.ts",
+      "import": "./dist/observability/alerts.js"
+    },
     "./utils/cache": {
       "types": "./dist/utils/cache.d.ts",
       "import": "./dist/utils/cache.js"