npm - @rocicorp/zero - Versions diffs - 0.22.2025071100 → 0.22.2025071900 - Mend

@rocicorp/zero 0.22.2025071100 → 0.22.2025071900

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (148) hide show

package/out/{chunk-ZVMEFHVU.js → chunk-A6LHZQIK.js} RENAMED Viewed

@@ -1,6 +1,7 @@
 import {
-  clientToServer
-} from "./chunk-ZRSXCDPE.js";
+  clientToServer,
+  mapEntries
+} from "./chunk-IQCMHXK7.js";
 import {
   AbstractQuery,
   ExpressionBuilder,
@@ -15,7 +16,7 @@ import {
   staticParam,
   toStaticParam,
   valita_exports
-} from "./chunk-INLOZBST.js";
+} from "./chunk-P5M53J4D.js";
 // ../zero-protocol/src/custom-queries.ts
 var transformRequestBodySchema = valita_exports.array(
@@ -300,12 +301,29 @@ function escapeLike(val) {
 }
 // ../zql/src/query/named.ts
-function querify(s) {
+function createBuilder(s) {
   return makeQueryBuilders(s);
 }
 function namedQuery(name, fn) {
   return (...args) => fn(...args).nameAndArgs(name, args);
 }
+function contextualizedNamedQuery(name, fn) {
+  const ret = (context, ...args) => fn(context, ...args).nameAndArgs(name, args);
+  ret.contextualized = true;
+  return ret;
+}
+function named(queries) {
+  return mapEntries(queries, (name, query) => [
+    name,
+    namedQuery(name, query)
+  ]);
+}
+function namedWithContext(queries) {
+  return mapEntries(queries, (name, query) => [
+    name,
+    contextualizedNamedQuery(name, query)
+  ]);
+}
 function makeQueryBuilders(schema) {
   return new Proxy(
     {},
@@ -334,7 +352,8 @@ export {
   NOBODY_CAN,
   definePermissions,
   escapeLike,
-  querify,
-  namedQuery
+  createBuilder,
+  named,
+  namedWithContext
 };
-//# sourceMappingURL=chunk-ZVMEFHVU.js.map
+//# sourceMappingURL=chunk-A6LHZQIK.js.map

package/out/{chunk-ZVMEFHVU.js.map → chunk-A6LHZQIK.js.map} RENAMED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../zero-protocol/src/custom-queries.ts", "../../zero-schema/src/builder/relationship-builder.ts", "../../zql/src/query/static-query.ts", "../../zero-schema/src/permissions.ts", "../../zql/src/query/escape-like.ts", "../../zql/src/query/named.ts"],
-  "sourcesContent": ["import {jsonSchema} from '../../shared/src/json-schema.ts';\nimport * as v from '../../shared/src/valita.ts';\nimport {astSchema} from './ast.ts';\n\nexport const transformRequestBodySchema = v.array(\n  v.object({\n    id: v.string(),\n    name: v.string(),\n    args: v.readonly(v.array(jsonSchema)),\n  }),\n);\nexport type TransformRequestBody = v.Infer<typeof transformRequestBodySchema>;\n\nexport const transformedQuerySchema = v.object({\n  id: v.string(),\n  name: v.string(),\n  ast: astSchema,\n});\n\nexport const erroredQuerySchema = v.object({\n  error: v.literal('app'),\n  id: v.string(),\n  name: v.string(),\n  details: jsonSchema,\n});\nexport type ErroredQuery = v.Infer<typeof erroredQuerySchema>;\n\nexport const transformResponseBodySchema = v.array(\n  v.union(transformedQuerySchema, erroredQuerySchema),\n);\nexport type TransformResponseBody = v.Infer<typeof transformResponseBodySchema>;\n\nexport const transformRequestMessageSchema = v.tuple([\n  v.literal('transform'),\n  transformRequestBodySchema,\n]);\nexport type TransformRequestMessage = v.Infer<\n  typeof transformRequestMessageSchema\n>;\n\nexport const transformResponseMessageSchema = v.tuple([\n  v.literal('transformed'),\n  transformResponseBodySchema,\n]);\nexport type TransformResponseMessage = v.Infer<\n  typeof transformResponseMessageSchema\n>;\n", "/* eslint-disable @typescript-eslint/no-explicit-any */\nimport type {Relationship, TableSchema} from '../table-schema.ts';\nimport type {TableBuilderWithColumns} from './table-builder.ts';\n\ntype ConnectArg<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TableBuilderWithColumns<TDest>;\n};\n\ntype ManyConnection<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TDest['name'];\n  readonly cardinality: 'many';\n};\n\ntype OneConnection<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TDest['name'];\n  readonly cardinality: 'one';\n};\n\ntype Prev = [-1, 0, 1, 2, 3, 4, 5, 6];\n\nexport type PreviousSchema<\n  TSource extends TableSchema,\n  K extends number,\n  TDests extends TableSchema[],\n> = K extends 0 ? TSource : TDests[Prev[K]];\n\nexport type Relationships = {\n  name: string; // table name\n  relationships: Record<string, Relationship>; // relationships for that table\n};\n\nexport function relationships<\n  TSource extends TableSchema,\n  TRelationships extends Record<string, Relationship>,\n>(\n  table: TableBuilderWithColumns<TSource>,\n  cb: (connects: {\n    many: <\n      TDests extends TableSchema[],\n      TSourceFields extends {\n        [K in keyof TDests]: (keyof PreviousSchema<\n          TSource,\n          K & number,\n          TDests\n        >['columns'] &\n          string)[];\n      },\n      TDestFields extends {\n        [K in keyof TDests]: (keyof TDests[K]['columns'] & string)[];\n      },\n    >(\n      ...args: {\n        [K in keyof TDests]: ConnectArg<\n          TSourceFields[K],\n          TDestFields[K],\n          TDests[K]\n        >;\n      }\n    ) => {\n      [K in keyof TDests]: ManyConnection<\n        TSourceFields[K],\n        TDestFields[K],\n        TDests[K]\n      >;\n    };\n    one: <\n      TDests extends TableSchema[],\n      TSourceFields extends {\n        [K in keyof TDests]: (keyof PreviousSchema<\n          TSource,\n          K & number,\n          TDests\n        >['columns'] &\n          string)[];\n      },\n      TDestFields extends {\n        [K in keyof TDests]: (keyof TDests[K]['columns'] & string)[];\n      },\n    >(\n      ...args: {\n        [K in keyof TDests]: ConnectArg<\n          TSourceFields[K],\n          TDestFields[K],\n          TDests[K]\n        >;\n      }\n    ) => {\n      [K in keyof TDests]: OneConnection<\n        TSourceFields[K],\n        TDestFields[K],\n        TDests[K]\n      >;\n    };\n  }) => TRelationships,\n): {name: TSource['name']; relationships: TRelationships} {\n  const relationships = cb({many, one} as any);\n\n  return {\n    name: table.schema.name,\n    relationships,\n  };\n}\n\nfunction many(\n  ...args: readonly ConnectArg<any, any, TableSchema>[]\n): ManyConnection<any, any, any>[] {\n  return args.map(arg => ({\n    sourceField: arg.sourceField,\n    destField: arg.destField,\n    destSchema: arg.destSchema.schema.name,\n    cardinality: 'many',\n  }));\n}\n\nfunction one(\n  ...args: readonly ConnectArg<any, any, TableSchema>[]\n): OneConnection<any, any, any>[] {\n  return args.map(arg => ({\n    sourceField: arg.sourceField,\n    destField: arg.destField,\n    destSchema: arg.destSchema.schema.name,\n    cardinality: 'one',\n  }));\n}\n", "import type {AST, System} from '../../../zero-protocol/src/ast.ts';\nimport type {Schema} from '../../../zero-schema/src/builder/schema-builder.ts';\nimport type {Format} from '../ivm/view.ts';\nimport {ExpressionBuilder} from './expression.ts';\nimport type {CustomQueryID} from './named.ts';\nimport type {QueryDelegate} from './query-delegate.ts';\nimport {AbstractQuery, defaultFormat, newQuerySymbol} from './query-impl.ts';\nimport type {HumanReadable, PullRow, Query} from './query.ts';\nimport type {TypedView} from './typed-view.ts';\n\nexport function staticQuery<\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(schema: TSchema, tableName: TTable): Query<TSchema, TTable> {\n  return new StaticQuery<TSchema, TTable>(\n    schema,\n    tableName,\n    {table: tableName},\n    defaultFormat,\n  );\n}\n\n/**\n * A query that cannot be run.\n * Only serves to generate ASTs.\n */\nexport class StaticQuery<\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n  TReturn = PullRow<TTable, TSchema>,\n> extends AbstractQuery<TSchema, TTable, TReturn> {\n  constructor(\n    schema: TSchema,\n    tableName: TTable,\n    ast: AST,\n    format: Format,\n    system: System = 'permissions',\n    customQueryID?: CustomQueryID | undefined,\n    currentJunction?: string | undefined,\n  ) {\n    super(\n      undefined,\n      schema,\n      tableName,\n      ast,\n      format,\n      system,\n      customQueryID,\n      currentJunction,\n    );\n  }\n\n  expressionBuilder() {\n    return new ExpressionBuilder(this._exists);\n  }\n\n  protected [newQuerySymbol]<\n    TSchema extends Schema,\n    TTable extends keyof TSchema['tables'] & string,\n    TReturn,\n  >(\n    _delegate: QueryDelegate | undefined,\n    schema: TSchema,\n    tableName: TTable,\n    ast: AST,\n    format: Format,\n    customQueryID: CustomQueryID | undefined,\n    currentJunction: string | undefined,\n  ): StaticQuery<TSchema, TTable, TReturn> {\n    return new StaticQuery(\n      schema,\n      tableName,\n      ast,\n      format,\n      'permissions',\n      customQueryID,\n      currentJunction,\n    );\n  }\n\n  get ast() {\n    return this._completeAst();\n  }\n\n  materialize(): TypedView<HumanReadable<TReturn>> {\n    throw new Error('StaticQuery cannot be materialized');\n  }\n\n  run(): Promise<HumanReadable<TReturn>> {\n    return Promise.reject(new Error('StaticQuery cannot be run'));\n  }\n\n  preload(): {\n    cleanup: () => void;\n    complete: Promise<void>;\n  } {\n    throw new Error('StaticQuery cannot be preloaded');\n  }\n}\n", "import {assert} from '../../shared/src/asserts.ts';\nimport {\n  mapCondition,\n  toStaticParam,\n  type Condition,\n  type Parameter,\n} from '../../zero-protocol/src/ast.ts';\nimport type {ExpressionBuilder} from '../../zql/src/query/expression.ts';\nimport {defaultFormat, staticParam} from '../../zql/src/query/query-impl.ts';\nimport type {Query} from '../../zql/src/query/query.ts';\nimport {StaticQuery} from '../../zql/src/query/static-query.ts';\nimport type {Schema} from './builder/schema-builder.ts';\nimport type {\n  AssetPermissions as CompiledAssetPermissions,\n  PermissionsConfig as CompiledPermissionsConfig,\n} from './compiled-permissions.ts';\nimport {clientToServer, NameMapper} from './name-mapper.ts';\n\nexport const ANYONE_CAN = [\n  (_: unknown, eb: ExpressionBuilder<Schema, never>) => eb.and(),\n];\nexport const ANYONE_CAN_DO_ANYTHING = {\n  row: {\n    select: ANYONE_CAN,\n    insert: ANYONE_CAN,\n    update: {\n      preMutation: ANYONE_CAN,\n      postMutation: ANYONE_CAN,\n    },\n    delete: ANYONE_CAN,\n  },\n};\nexport const NOBODY_CAN = [];\n\nexport type Anchor = 'authData' | 'preMutationRow';\n\nexport type Queries<TSchema extends Schema> = {\n  [K in keyof TSchema['tables']]: Query<Schema, K & string>;\n};\n\nexport type PermissionRule<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n> = (\n  authData: TAuthDataShape,\n  eb: ExpressionBuilder<TSchema, TTable>,\n) => Condition;\n\nexport type AssetPermissions<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n> = {\n  // Why an array of rules?: https://github.com/rocicorp/mono/pull/3184/files#r1869680716\n  select?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n  insert?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n  update?:\n    | {\n        preMutation?: PermissionRule<TAuthDataShape, TSchema, TTable>[];\n        postMutation?: PermissionRule<TAuthDataShape, TSchema, TTable>[];\n      }\n    | undefined;\n  delete?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n};\n\nexport type PermissionsConfig<TAuthDataShape, TSchema extends Schema> = {\n  [K in keyof TSchema['tables']]?: {\n    row?: AssetPermissions<TAuthDataShape, TSchema, K & string> | undefined;\n    cell?:\n      | {\n          [C in keyof TSchema['tables'][K]['columns']]?: Omit<\n            AssetPermissions<TAuthDataShape, TSchema, K & string>,\n            'cell'\n          >;\n        }\n      | undefined;\n  };\n};\n\nexport async function definePermissions<TAuthDataShape, TSchema extends Schema>(\n  schema: TSchema,\n  definer: () =>\n    | Promise<PermissionsConfig<TAuthDataShape, TSchema>>\n    | PermissionsConfig<TAuthDataShape, TSchema>,\n): Promise<CompiledPermissionsConfig | undefined> {\n  const expressionBuilders = {} as Record<\n    string,\n    ExpressionBuilder<Schema, string>\n  >;\n  for (const name of Object.keys(schema.tables)) {\n    expressionBuilders[name] = new StaticQuery(\n      schema,\n      name,\n      {table: name},\n      defaultFormat,\n    ).expressionBuilder();\n  }\n\n  const config = await definer();\n  return compilePermissions(schema, config, expressionBuilders);\n}\n\nfunction compilePermissions<TAuthDataShape, TSchema extends Schema>(\n  schema: TSchema,\n  authz: PermissionsConfig<TAuthDataShape, TSchema> | undefined,\n  expressionBuilders: Record<string, ExpressionBuilder<Schema, string>>,\n): CompiledPermissionsConfig | undefined {\n  if (!authz) {\n    return undefined;\n  }\n  const nameMapper = clientToServer(schema.tables);\n  const ret: CompiledPermissionsConfig = {tables: {}};\n  for (const [tableName, tableConfig] of Object.entries(authz)) {\n    const serverName = schema.tables[tableName].serverName ?? tableName;\n    ret.tables[serverName] = {\n      row: compileRowConfig(\n        nameMapper,\n        tableName,\n        tableConfig.row,\n        expressionBuilders[tableName],\n      ),\n      cell: compileCellConfig(\n        nameMapper,\n        tableName,\n        tableConfig.cell,\n        expressionBuilders[tableName],\n      ),\n    };\n  }\n\n  return ret;\n}\n\nfunction compileRowConfig<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  rowRules: AssetPermissions<TAuthDataShape, TSchema, TTable> | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): CompiledAssetPermissions | undefined {\n  if (!rowRules) {\n    return undefined;\n  }\n  return {\n    select: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.select,\n      expressionBuilder,\n    ),\n    insert: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.insert,\n      expressionBuilder,\n    ),\n    update: {\n      preMutation: compileRules(\n        clientToServer,\n        tableName,\n        rowRules.update?.preMutation,\n        expressionBuilder,\n      ),\n      postMutation: compileRules(\n        clientToServer,\n        tableName,\n        rowRules.update?.postMutation,\n        expressionBuilder,\n      ),\n    },\n    delete: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.delete,\n      expressionBuilder,\n    ),\n  };\n}\n\n/**\n * What is this \"allow\" and why are permissions policies an array of rules?\n *\n * Please read: https://github.com/rocicorp/mono/pull/3184/files#r1869680716\n */\nfunction compileRules<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  rules: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): ['allow', Condition][] | undefined {\n  if (!rules) {\n    return undefined;\n  }\n\n  return rules.map(rule => {\n    const cond = rule(authDataRef as TAuthDataShape, expressionBuilder);\n    return ['allow', mapCondition(cond, tableName, clientToServer)] as const;\n  });\n}\n\nfunction compileCellConfig<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  cellRules:\n    | Record<string, AssetPermissions<TAuthDataShape, TSchema, TTable>>\n    | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): Record<string, CompiledAssetPermissions> | undefined {\n  if (!cellRules) {\n    return undefined;\n  }\n  const ret: Record<string, CompiledAssetPermissions> = {};\n  for (const [columnName, rules] of Object.entries(cellRules)) {\n    ret[columnName] = {\n      select: compileRules(\n        clientToServer,\n        tableName,\n        rules.select,\n        expressionBuilder,\n      ),\n      insert: compileRules(\n        clientToServer,\n        tableName,\n        rules.insert,\n        expressionBuilder,\n      ),\n      update: {\n        preMutation: compileRules(\n          clientToServer,\n          tableName,\n          rules.update?.preMutation,\n          expressionBuilder,\n        ),\n        postMutation: compileRules(\n          clientToServer,\n          tableName,\n          rules.update?.postMutation,\n          expressionBuilder,\n        ),\n      },\n      delete: compileRules(\n        clientToServer,\n        tableName,\n        rules.delete,\n        expressionBuilder,\n      ),\n    };\n  }\n  return ret;\n}\n\nclass CallTracker {\n  readonly #anchor: Anchor;\n  readonly #path: string[];\n  constructor(anchor: Anchor, path: string[]) {\n    this.#anchor = anchor;\n    this.#path = path;\n  }\n\n  get(target: {[toStaticParam]: () => Parameter}, prop: string | symbol) {\n    if (prop === toStaticParam) {\n      return target[toStaticParam];\n    }\n    assert(typeof prop === 'string');\n    const path = [...this.#path, prop];\n    return new Proxy(\n      {\n        [toStaticParam]: () => staticParam(this.#anchor, path),\n      },\n      new CallTracker(this.#anchor, path),\n    );\n  }\n}\n\nfunction baseTracker(anchor: Anchor) {\n  return new Proxy(\n    {\n      [toStaticParam]: () => {\n        throw new Error('no JWT field specified');\n      },\n    },\n    new CallTracker(anchor, []),\n  );\n}\n\nexport const authDataRef = baseTracker('authData');\nexport const preMutationRowRef = baseTracker('preMutationRow');\n", "export function escapeLike(val: string) {\n  return val.replace(/[%_]/g, '\\\\$&');\n}\n", "/* eslint-disable @typescript-eslint/no-explicit-any */\nimport type {ReadonlyJSONValue} from '../../../shared/src/json.ts';\nimport type {Schema} from '../../../zero-schema/src/builder/schema-builder.ts';\nimport type {SchemaQuery} from '../mutate/custom.ts';\nimport {newQuery} from './query-impl.ts';\nimport type {Query} from './query.ts';\n\nexport type NamedQuery<\n  TArg extends\n    ReadonlyArray<ReadonlyJSONValue> = ReadonlyArray<ReadonlyJSONValue>,\n  TReturnQuery extends Query<any, any, any> = Query<any, any, any>,\n> = (...args: TArg) => TReturnQuery;\n\nexport type CustomQueryID = {\n  name: string;\n  args: ReadonlyArray<ReadonlyJSONValue>;\n};\n\n/**\n * Returns a set of query builders for the given schema.\n */\nexport function querify<S extends Schema>(s: S): SchemaQuery<S> {\n  return makeQueryBuilders(s) as SchemaQuery<S>;\n}\n\n/**\n * Tags a query with a name and arguments.\n * Named queries are run on both the client and server.\n * The server will receive the name and arguments for a named query and can\n * either run the same query the client did or a completely different one.\n *\n * The main use case here is to apply permissions to the requested query or\n * to expand the scope of the query to include additional data. E.g., for preloading.\n */\nexport function namedQuery<\n  TArg extends ReadonlyArray<ReadonlyJSONValue>,\n  TReturnQuery extends Query<any, any, any>,\n>(\n  name: string,\n  fn: NamedQuery<TArg, TReturnQuery>,\n): NamedQuery<TArg, TReturnQuery> {\n  return ((...args: TArg) => fn(...args).nameAndArgs(name, args)) as NamedQuery<\n    TArg,\n    TReturnQuery\n  >;\n}\n\n/**\n * This produces the query builders for a given schema.\n * For use in Zero on the server to process custom queries.\n */\nfunction makeQueryBuilders<S extends Schema>(schema: S): SchemaQuery<S> {\n  return new Proxy(\n    {},\n    {\n      get: (\n        target: Record<\n          string,\n          Omit<Query<S, string, any>, 'materialize' | 'preload'>\n        >,\n        prop: string,\n      ) => {\n        if (prop in target) {\n          return target[prop];\n        }\n\n        if (!(prop in schema.tables)) {\n          throw new Error(`Table ${prop} does not exist in schema`);\n        }\n\n        const q = newQuery(undefined, schema, prop);\n        target[prop] = q;\n        return q;\n      },\n    },\n  ) as SchemaQuery<S>;\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;;;AAIO,IAAM,6BAA+B;AAAA,EACxC,sBAAO;AAAA,IACP,IAAM,sBAAO;AAAA,IACb,MAAQ,sBAAO;AAAA,IACf,MAAQ,SAAW,qBAAM,UAAU,CAAC;AAAA,EACtC,CAAC;AACH;AAGO,IAAM,yBAA2B,sBAAO;AAAA,EAC7C,IAAM,sBAAO;AAAA,EACb,MAAQ,sBAAO;AAAA,EACf,KAAK;AACP,CAAC;AAEM,IAAM,qBAAuB,sBAAO;AAAA,EACzC,OAAS,uBAAQ,KAAK;AAAA,EACtB,IAAM,sBAAO;AAAA,EACb,MAAQ,sBAAO;AAAA,EACf,SAAS;AACX,CAAC;AAGM,IAAM,8BAAgC;AAAA,EACzC,qBAAM,wBAAwB,kBAAkB;AACpD;AAGO,IAAM,gCAAkC,qBAAM;AAAA,EACjD,uBAAQ,WAAW;AAAA,EACrB;AACF,CAAC;AAKM,IAAM,iCAAmC,qBAAM;AAAA,EAClD,uBAAQ,aAAa;AAAA,EACvB;AACF,CAAC;;;ACNM,SAAS,cAIdA,QACA,IA0DwD;AACxD,QAAMC,iBAAgB,GAAG,EAAC,MAAM,IAAG,CAAQ;AAE3C,SAAO;AAAA,IACL,MAAMD,OAAM,OAAO;AAAA,IACnB,eAAAC;AAAA,EACF;AACF;AAEA,SAAS,QACJ,MAC8B;AACjC,SAAO,KAAK,IAAI,UAAQ;AAAA,IACtB,aAAa,IAAI;AAAA,IACjB,WAAW,IAAI;AAAA,IACf,YAAY,IAAI,WAAW,OAAO;AAAA,IAClC,aAAa;AAAA,EACf,EAAE;AACJ;AAEA,SAAS,OACJ,MAC6B;AAChC,SAAO,KAAK,IAAI,UAAQ;AAAA,IACtB,aAAa,IAAI;AAAA,IACjB,WAAW,IAAI;AAAA,IACf,YAAY,IAAI,WAAW,OAAO;AAAA,IAClC,aAAa;AAAA,EACf,EAAE;AACJ;;;ACvGO,IAAM,cAAN,MAAM,qBAIH,cAAwC;AAAA,EAChD,YACE,QACA,WACA,KACA,QACA,SAAiB,eACjB,eACA,iBACA;AACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,oBAAoB;AAClB,WAAO,IAAI,kBAAkB,KAAK,OAAO;AAAA,EAC3C;AAAA,EAEA,CAAW,cAAc,EAKvB,WACA,QACA,WACA,KACA,QACA,eACA,iBACuC;AACvC,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,IAAI,MAAM;AACR,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,cAAiD;AAC/C,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACtD;AAAA,EAEA,MAAuC;AACrC,WAAO,QAAQ,OAAO,IAAI,MAAM,2BAA2B,CAAC;AAAA,EAC9D;AAAA,EAEA,UAGE;AACA,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACnD;AACF;;;AChFO,IAAM,aAAa;AAAA,EACxB,CAAC,GAAY,OAAyC,GAAG,IAAI;AAC/D;AACO,IAAM,yBAAyB;AAAA,EACpC,KAAK;AAAA,IACH,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,IAChB;AAAA,IACA,QAAQ;AAAA,EACV;AACF;AACO,IAAM,aAAa,CAAC;AAgD3B,eAAsB,kBACpB,QACA,SAGgD;AAChD,QAAM,qBAAqB,CAAC;AAI5B,aAAW,QAAQ,OAAO,KAAK,OAAO,MAAM,GAAG;AAC7C,uBAAmB,IAAI,IAAI,IAAI;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,EAAC,OAAO,KAAI;AAAA,MACZ;AAAA,IACF,EAAE,kBAAkB;AAAA,EACtB;AAEA,QAAM,SAAS,MAAM,QAAQ;AAC7B,SAAO,mBAAmB,QAAQ,QAAQ,kBAAkB;AAC9D;AAEA,SAAS,mBACP,QACA,OACA,oBACuC;AACvC,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AACA,QAAM,aAAa,eAAe,OAAO,MAAM;AAC/C,QAAM,MAAiC,EAAC,QAAQ,CAAC,EAAC;AAClD,aAAW,CAAC,WAAW,WAAW,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC5D,UAAM,aAAa,OAAO,OAAO,SAAS,EAAE,cAAc;AAC1D,QAAI,OAAO,UAAU,IAAI;AAAA,MACvB,KAAK;AAAA,QACH;AAAA,QACA;AAAA,QACA,YAAY;AAAA,QACZ,mBAAmB,SAAS;AAAA,MAC9B;AAAA,MACA,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,YAAY;AAAA,QACZ,mBAAmB,SAAS;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,iBAKPC,iBACA,WACA,UACA,mBACsC;AACtC,MAAI,CAAC,UAAU;AACb,WAAO;AAAA,EACT;AACA,SAAO;AAAA,IACL,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,aAAa;AAAA,QACXA;AAAA,QACA;AAAA,QACA,SAAS,QAAQ;AAAA,QACjB;AAAA,MACF;AAAA,MACA,cAAc;AAAA,QACZA;AAAA,QACA;AAAA,QACA,SAAS,QAAQ;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACF;AAOA,SAAS,aAKPA,iBACA,WACA,OACA,mBACoC;AACpC,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO,MAAM,IAAI,UAAQ;AACvB,UAAM,OAAO,KAAK,aAA+B,iBAAiB;AAClE,WAAO,CAAC,SAAS,aAAa,MAAM,WAAWA,eAAc,CAAC;AAAA,EAChE,CAAC;AACH;AAEA,SAAS,kBAKPA,iBACA,WACA,WAGA,mBACsD;AACtD,MAAI,CAAC,WAAW;AACd,WAAO;AAAA,EACT;AACA,QAAM,MAAgD,CAAC;AACvD,aAAW,CAAC,YAAY,KAAK,KAAK,OAAO,QAAQ,SAAS,GAAG;AAC3D,QAAI,UAAU,IAAI;AAAA,MAChB,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,aAAa;AAAA,UACXA;AAAA,UACA;AAAA,UACA,MAAM,QAAQ;AAAA,UACd;AAAA,QACF;AAAA,QACA,cAAc;AAAA,UACZA;AAAA,UACA;AAAA,UACA,MAAM,QAAQ;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,IAAM,cAAN,MAAM,aAAY;AAAA,EACP;AAAA,EACA;AAAA,EACT,YAAY,QAAgB,MAAgB;AAC1C,SAAK,UAAU;AACf,SAAK,QAAQ;AAAA,EACf;AAAA,EAEA,IAAI,QAA4C,MAAuB;AACrE,QAAI,SAAS,eAAe;AAC1B,aAAO,OAAO,aAAa;AAAA,IAC7B;AACA,WAAO,OAAO,SAAS,QAAQ;AAC/B,UAAM,OAAO,CAAC,GAAG,KAAK,OAAO,IAAI;AACjC,WAAO,IAAI;AAAA,MACT;AAAA,QACE,CAAC,aAAa,GAAG,MAAM,YAAY,KAAK,SAAS,IAAI;AAAA,MACvD;AAAA,MACA,IAAI,aAAY,KAAK,SAAS,IAAI;AAAA,IACpC;AAAA,EACF;AACF;AAEA,SAAS,YAAY,QAAgB;AACnC,SAAO,IAAI;AAAA,IACT;AAAA,MACE,CAAC,aAAa,GAAG,MAAM;AACrB,cAAM,IAAI,MAAM,wBAAwB;AAAA,MAC1C;AAAA,IACF;AAAA,IACA,IAAI,YAAY,QAAQ,CAAC,CAAC;AAAA,EAC5B;AACF;AAEO,IAAM,cAAc,YAAY,UAAU;AAC1C,IAAM,oBAAoB,YAAY,gBAAgB;;;AC1StD,SAAS,WAAW,KAAa;AACtC,SAAO,IAAI,QAAQ,SAAS,MAAM;AACpC;;;ACmBO,SAAS,QAA0B,GAAsB;AAC9D,SAAO,kBAAkB,CAAC;AAC5B;AAWO,SAAS,WAId,MACA,IACgC;AAChC,SAAQ,IAAI,SAAe,GAAG,GAAG,IAAI,EAAE,YAAY,MAAM,IAAI;AAI/D;AAMA,SAAS,kBAAoC,QAA2B;AACtE,SAAO,IAAI;AAAA,IACT,CAAC;AAAA,IACD;AAAA,MACE,KAAK,CACH,QAIA,SACG;AACH,YAAI,QAAQ,QAAQ;AAClB,iBAAO,OAAO,IAAI;AAAA,QACpB;AAEA,YAAI,EAAE,QAAQ,OAAO,SAAS;AAC5B,gBAAM,IAAI,MAAM,SAAS,IAAI,2BAA2B;AAAA,QAC1D;AAEA,cAAM,IAAI,SAAS,QAAW,QAAQ,IAAI;AAC1C,eAAO,IAAI,IAAI;AACf,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import {jsonSchema} from '../../shared/src/json-schema.ts';\nimport * as v from '../../shared/src/valita.ts';\nimport {astSchema} from './ast.ts';\n\nexport const transformRequestBodySchema = v.array(\n  v.object({\n    id: v.string(),\n    name: v.string(),\n    args: v.readonly(v.array(jsonSchema)),\n  }),\n);\nexport type TransformRequestBody = v.Infer<typeof transformRequestBodySchema>;\n\nexport const transformedQuerySchema = v.object({\n  id: v.string(),\n  name: v.string(),\n  ast: astSchema,\n});\n\nexport const erroredQuerySchema = v.object({\n  error: v.literal('app'),\n  id: v.string(),\n  name: v.string(),\n  details: jsonSchema,\n});\nexport type ErroredQuery = v.Infer<typeof erroredQuerySchema>;\n\nexport const transformResponseBodySchema = v.array(\n  v.union(transformedQuerySchema, erroredQuerySchema),\n);\nexport type TransformResponseBody = v.Infer<typeof transformResponseBodySchema>;\n\nexport const transformRequestMessageSchema = v.tuple([\n  v.literal('transform'),\n  transformRequestBodySchema,\n]);\nexport type TransformRequestMessage = v.Infer<\n  typeof transformRequestMessageSchema\n>;\n\nexport const transformResponseMessageSchema = v.tuple([\n  v.literal('transformed'),\n  transformResponseBodySchema,\n]);\nexport type TransformResponseMessage = v.Infer<\n  typeof transformResponseMessageSchema\n>;\n", "/* eslint-disable @typescript-eslint/no-explicit-any */\nimport type {Relationship, TableSchema} from '../table-schema.ts';\nimport type {TableBuilderWithColumns} from './table-builder.ts';\n\ntype ConnectArg<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TableBuilderWithColumns<TDest>;\n};\n\ntype ManyConnection<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TDest['name'];\n  readonly cardinality: 'many';\n};\n\ntype OneConnection<TSourceField, TDestField, TDest extends TableSchema> = {\n  readonly sourceField: TSourceField;\n  readonly destField: TDestField;\n  readonly destSchema: TDest['name'];\n  readonly cardinality: 'one';\n};\n\ntype Prev = [-1, 0, 1, 2, 3, 4, 5, 6];\n\nexport type PreviousSchema<\n  TSource extends TableSchema,\n  K extends number,\n  TDests extends TableSchema[],\n> = K extends 0 ? TSource : TDests[Prev[K]];\n\nexport type Relationships = {\n  name: string; // table name\n  relationships: Record<string, Relationship>; // relationships for that table\n};\n\nexport function relationships<\n  TSource extends TableSchema,\n  TRelationships extends Record<string, Relationship>,\n>(\n  table: TableBuilderWithColumns<TSource>,\n  cb: (connects: {\n    many: <\n      TDests extends TableSchema[],\n      TSourceFields extends {\n        [K in keyof TDests]: (keyof PreviousSchema<\n          TSource,\n          K & number,\n          TDests\n        >['columns'] &\n          string)[];\n      },\n      TDestFields extends {\n        [K in keyof TDests]: (keyof TDests[K]['columns'] & string)[];\n      },\n    >(\n      ...args: {\n        [K in keyof TDests]: ConnectArg<\n          TSourceFields[K],\n          TDestFields[K],\n          TDests[K]\n        >;\n      }\n    ) => {\n      [K in keyof TDests]: ManyConnection<\n        TSourceFields[K],\n        TDestFields[K],\n        TDests[K]\n      >;\n    };\n    one: <\n      TDests extends TableSchema[],\n      TSourceFields extends {\n        [K in keyof TDests]: (keyof PreviousSchema<\n          TSource,\n          K & number,\n          TDests\n        >['columns'] &\n          string)[];\n      },\n      TDestFields extends {\n        [K in keyof TDests]: (keyof TDests[K]['columns'] & string)[];\n      },\n    >(\n      ...args: {\n        [K in keyof TDests]: ConnectArg<\n          TSourceFields[K],\n          TDestFields[K],\n          TDests[K]\n        >;\n      }\n    ) => {\n      [K in keyof TDests]: OneConnection<\n        TSourceFields[K],\n        TDestFields[K],\n        TDests[K]\n      >;\n    };\n  }) => TRelationships,\n): {name: TSource['name']; relationships: TRelationships} {\n  const relationships = cb({many, one} as any);\n\n  return {\n    name: table.schema.name,\n    relationships,\n  };\n}\n\nfunction many(\n  ...args: readonly ConnectArg<any, any, TableSchema>[]\n): ManyConnection<any, any, any>[] {\n  return args.map(arg => ({\n    sourceField: arg.sourceField,\n    destField: arg.destField,\n    destSchema: arg.destSchema.schema.name,\n    cardinality: 'many',\n  }));\n}\n\nfunction one(\n  ...args: readonly ConnectArg<any, any, TableSchema>[]\n): OneConnection<any, any, any>[] {\n  return args.map(arg => ({\n    sourceField: arg.sourceField,\n    destField: arg.destField,\n    destSchema: arg.destSchema.schema.name,\n    cardinality: 'one',\n  }));\n}\n", "import type {AST, System} from '../../../zero-protocol/src/ast.ts';\nimport type {Schema} from '../../../zero-schema/src/builder/schema-builder.ts';\nimport type {Format} from '../ivm/view.ts';\nimport {ExpressionBuilder} from './expression.ts';\nimport type {CustomQueryID} from './named.ts';\nimport type {QueryDelegate} from './query-delegate.ts';\nimport {AbstractQuery, defaultFormat, newQuerySymbol} from './query-impl.ts';\nimport type {HumanReadable, PullRow, Query} from './query.ts';\nimport type {TypedView} from './typed-view.ts';\n\nexport function staticQuery<\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(schema: TSchema, tableName: TTable): Query<TSchema, TTable> {\n  return new StaticQuery<TSchema, TTable>(\n    schema,\n    tableName,\n    {table: tableName},\n    defaultFormat,\n  );\n}\n\n/**\n * A query that cannot be run.\n * Only serves to generate ASTs.\n */\nexport class StaticQuery<\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n  TReturn = PullRow<TTable, TSchema>,\n> extends AbstractQuery<TSchema, TTable, TReturn> {\n  constructor(\n    schema: TSchema,\n    tableName: TTable,\n    ast: AST,\n    format: Format,\n    system: System = 'permissions',\n    customQueryID?: CustomQueryID | undefined,\n    currentJunction?: string | undefined,\n  ) {\n    super(\n      undefined,\n      schema,\n      tableName,\n      ast,\n      format,\n      system,\n      customQueryID,\n      currentJunction,\n    );\n  }\n\n  expressionBuilder() {\n    return new ExpressionBuilder(this._exists);\n  }\n\n  protected [newQuerySymbol]<\n    TSchema extends Schema,\n    TTable extends keyof TSchema['tables'] & string,\n    TReturn,\n  >(\n    _delegate: QueryDelegate | undefined,\n    schema: TSchema,\n    tableName: TTable,\n    ast: AST,\n    format: Format,\n    customQueryID: CustomQueryID | undefined,\n    currentJunction: string | undefined,\n  ): StaticQuery<TSchema, TTable, TReturn> {\n    return new StaticQuery(\n      schema,\n      tableName,\n      ast,\n      format,\n      'permissions',\n      customQueryID,\n      currentJunction,\n    );\n  }\n\n  get ast() {\n    return this._completeAst();\n  }\n\n  materialize(): TypedView<HumanReadable<TReturn>> {\n    throw new Error('StaticQuery cannot be materialized');\n  }\n\n  run(): Promise<HumanReadable<TReturn>> {\n    return Promise.reject(new Error('StaticQuery cannot be run'));\n  }\n\n  preload(): {\n    cleanup: () => void;\n    complete: Promise<void>;\n  } {\n    throw new Error('StaticQuery cannot be preloaded');\n  }\n}\n", "import {assert} from '../../shared/src/asserts.ts';\nimport {\n  mapCondition,\n  toStaticParam,\n  type Condition,\n  type Parameter,\n} from '../../zero-protocol/src/ast.ts';\nimport type {ExpressionBuilder} from '../../zql/src/query/expression.ts';\nimport {defaultFormat, staticParam} from '../../zql/src/query/query-impl.ts';\nimport type {Query} from '../../zql/src/query/query.ts';\nimport {StaticQuery} from '../../zql/src/query/static-query.ts';\nimport type {Schema} from './builder/schema-builder.ts';\nimport type {\n  AssetPermissions as CompiledAssetPermissions,\n  PermissionsConfig as CompiledPermissionsConfig,\n} from './compiled-permissions.ts';\nimport {clientToServer, NameMapper} from './name-mapper.ts';\n\nexport const ANYONE_CAN = [\n  (_: unknown, eb: ExpressionBuilder<Schema, never>) => eb.and(),\n];\nexport const ANYONE_CAN_DO_ANYTHING = {\n  row: {\n    select: ANYONE_CAN,\n    insert: ANYONE_CAN,\n    update: {\n      preMutation: ANYONE_CAN,\n      postMutation: ANYONE_CAN,\n    },\n    delete: ANYONE_CAN,\n  },\n};\nexport const NOBODY_CAN = [];\n\nexport type Anchor = 'authData' | 'preMutationRow';\n\nexport type Queries<TSchema extends Schema> = {\n  [K in keyof TSchema['tables']]: Query<Schema, K & string>;\n};\n\nexport type PermissionRule<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n> = (\n  authData: TAuthDataShape,\n  eb: ExpressionBuilder<TSchema, TTable>,\n) => Condition;\n\nexport type AssetPermissions<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n> = {\n  // Why an array of rules?: https://github.com/rocicorp/mono/pull/3184/files#r1869680716\n  select?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n  insert?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n  update?:\n    | {\n        preMutation?: PermissionRule<TAuthDataShape, TSchema, TTable>[];\n        postMutation?: PermissionRule<TAuthDataShape, TSchema, TTable>[];\n      }\n    | undefined;\n  delete?: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined;\n};\n\nexport type PermissionsConfig<TAuthDataShape, TSchema extends Schema> = {\n  [K in keyof TSchema['tables']]?: {\n    row?: AssetPermissions<TAuthDataShape, TSchema, K & string> | undefined;\n    cell?:\n      | {\n          [C in keyof TSchema['tables'][K]['columns']]?: Omit<\n            AssetPermissions<TAuthDataShape, TSchema, K & string>,\n            'cell'\n          >;\n        }\n      | undefined;\n  };\n};\n\nexport async function definePermissions<TAuthDataShape, TSchema extends Schema>(\n  schema: TSchema,\n  definer: () =>\n    | Promise<PermissionsConfig<TAuthDataShape, TSchema>>\n    | PermissionsConfig<TAuthDataShape, TSchema>,\n): Promise<CompiledPermissionsConfig | undefined> {\n  const expressionBuilders = {} as Record<\n    string,\n    ExpressionBuilder<Schema, string>\n  >;\n  for (const name of Object.keys(schema.tables)) {\n    expressionBuilders[name] = new StaticQuery(\n      schema,\n      name,\n      {table: name},\n      defaultFormat,\n    ).expressionBuilder();\n  }\n\n  const config = await definer();\n  return compilePermissions(schema, config, expressionBuilders);\n}\n\nfunction compilePermissions<TAuthDataShape, TSchema extends Schema>(\n  schema: TSchema,\n  authz: PermissionsConfig<TAuthDataShape, TSchema> | undefined,\n  expressionBuilders: Record<string, ExpressionBuilder<Schema, string>>,\n): CompiledPermissionsConfig | undefined {\n  if (!authz) {\n    return undefined;\n  }\n  const nameMapper = clientToServer(schema.tables);\n  const ret: CompiledPermissionsConfig = {tables: {}};\n  for (const [tableName, tableConfig] of Object.entries(authz)) {\n    const serverName = schema.tables[tableName].serverName ?? tableName;\n    ret.tables[serverName] = {\n      row: compileRowConfig(\n        nameMapper,\n        tableName,\n        tableConfig.row,\n        expressionBuilders[tableName],\n      ),\n      cell: compileCellConfig(\n        nameMapper,\n        tableName,\n        tableConfig.cell,\n        expressionBuilders[tableName],\n      ),\n    };\n  }\n\n  return ret;\n}\n\nfunction compileRowConfig<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  rowRules: AssetPermissions<TAuthDataShape, TSchema, TTable> | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): CompiledAssetPermissions | undefined {\n  if (!rowRules) {\n    return undefined;\n  }\n  return {\n    select: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.select,\n      expressionBuilder,\n    ),\n    insert: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.insert,\n      expressionBuilder,\n    ),\n    update: {\n      preMutation: compileRules(\n        clientToServer,\n        tableName,\n        rowRules.update?.preMutation,\n        expressionBuilder,\n      ),\n      postMutation: compileRules(\n        clientToServer,\n        tableName,\n        rowRules.update?.postMutation,\n        expressionBuilder,\n      ),\n    },\n    delete: compileRules(\n      clientToServer,\n      tableName,\n      rowRules.delete,\n      expressionBuilder,\n    ),\n  };\n}\n\n/**\n * What is this \"allow\" and why are permissions policies an array of rules?\n *\n * Please read: https://github.com/rocicorp/mono/pull/3184/files#r1869680716\n */\nfunction compileRules<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  rules: PermissionRule<TAuthDataShape, TSchema, TTable>[] | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): ['allow', Condition][] | undefined {\n  if (!rules) {\n    return undefined;\n  }\n\n  return rules.map(rule => {\n    const cond = rule(authDataRef as TAuthDataShape, expressionBuilder);\n    return ['allow', mapCondition(cond, tableName, clientToServer)] as const;\n  });\n}\n\nfunction compileCellConfig<\n  TAuthDataShape,\n  TSchema extends Schema,\n  TTable extends keyof TSchema['tables'] & string,\n>(\n  clientToServer: NameMapper,\n  tableName: TTable,\n  cellRules:\n    | Record<string, AssetPermissions<TAuthDataShape, TSchema, TTable>>\n    | undefined,\n  expressionBuilder: ExpressionBuilder<TSchema, TTable>,\n): Record<string, CompiledAssetPermissions> | undefined {\n  if (!cellRules) {\n    return undefined;\n  }\n  const ret: Record<string, CompiledAssetPermissions> = {};\n  for (const [columnName, rules] of Object.entries(cellRules)) {\n    ret[columnName] = {\n      select: compileRules(\n        clientToServer,\n        tableName,\n        rules.select,\n        expressionBuilder,\n      ),\n      insert: compileRules(\n        clientToServer,\n        tableName,\n        rules.insert,\n        expressionBuilder,\n      ),\n      update: {\n        preMutation: compileRules(\n          clientToServer,\n          tableName,\n          rules.update?.preMutation,\n          expressionBuilder,\n        ),\n        postMutation: compileRules(\n          clientToServer,\n          tableName,\n          rules.update?.postMutation,\n          expressionBuilder,\n        ),\n      },\n      delete: compileRules(\n        clientToServer,\n        tableName,\n        rules.delete,\n        expressionBuilder,\n      ),\n    };\n  }\n  return ret;\n}\n\nclass CallTracker {\n  readonly #anchor: Anchor;\n  readonly #path: string[];\n  constructor(anchor: Anchor, path: string[]) {\n    this.#anchor = anchor;\n    this.#path = path;\n  }\n\n  get(target: {[toStaticParam]: () => Parameter}, prop: string | symbol) {\n    if (prop === toStaticParam) {\n      return target[toStaticParam];\n    }\n    assert(typeof prop === 'string');\n    const path = [...this.#path, prop];\n    return new Proxy(\n      {\n        [toStaticParam]: () => staticParam(this.#anchor, path),\n      },\n      new CallTracker(this.#anchor, path),\n    );\n  }\n}\n\nfunction baseTracker(anchor: Anchor) {\n  return new Proxy(\n    {\n      [toStaticParam]: () => {\n        throw new Error('no JWT field specified');\n      },\n    },\n    new CallTracker(anchor, []),\n  );\n}\n\nexport const authDataRef = baseTracker('authData');\nexport const preMutationRowRef = baseTracker('preMutationRow');\n", "export function escapeLike(val: string) {\n  return val.replace(/[%_]/g, '\\\\$&');\n}\n", "/* eslint-disable @typescript-eslint/no-explicit-any */\nimport type {ReadonlyJSONValue} from '../../../shared/src/json.ts';\nimport {mapEntries} from '../../../shared/src/objects.ts';\nimport type {Schema} from '../../../zero-schema/src/builder/schema-builder.ts';\nimport type {SchemaQuery} from '../mutate/custom.ts';\nimport {newQuery} from './query-impl.ts';\nimport type {Query} from './query.ts';\n\nexport type NamedQuery<\n  TArg extends\n    ReadonlyArray<ReadonlyJSONValue> = ReadonlyArray<ReadonlyJSONValue>,\n  TReturnQuery extends Query<any, any, any> = Query<any, any, any>,\n> = (...args: TArg) => TReturnQuery;\n\nexport type ContextualizedNamedQuery<\n  TContext,\n  TArg extends\n    ReadonlyArray<ReadonlyJSONValue> = ReadonlyArray<ReadonlyJSONValue>,\n  TReturnQuery extends Query<any, any, any> = Query<any, any, any>,\n> = {\n  (context: TContext, ...args: TArg): TReturnQuery;\n  contextualized?: boolean;\n};\n\nexport type CustomQueryID = {\n  name: string;\n  args: ReadonlyArray<ReadonlyJSONValue>;\n};\n\n/**\n * Returns a set of query builders for the given schema.\n */\nexport function createBuilder<S extends Schema>(s: S): SchemaQuery<S> {\n  return makeQueryBuilders(s) as SchemaQuery<S>;\n}\n\n/**\n * Tags a query with a name and arguments.\n * Named queries are run on both the client and server.\n * The server will receive the name and arguments for a named query and can\n * either run the same query the client did or a completely different one.\n *\n * The main use case here is to apply permissions to the requested query or\n * to expand the scope of the query to include additional data. E.g., for preloading.\n */\nfunction namedQuery(\n  name: string,\n  fn: NamedQuery<ReadonlyArray<ReadonlyJSONValue>, Query<any, any, any>>,\n): NamedQuery<ReadonlyArray<ReadonlyJSONValue>, Query<any, any, any>> {\n  return ((...args: ReadonlyArray<ReadonlyJSONValue>) =>\n    fn(...args).nameAndArgs(name, args)) as NamedQuery<\n    ReadonlyArray<ReadonlyJSONValue>,\n    Query<any, any, any>\n  >;\n}\n\nfunction contextualizedNamedQuery<TContext>(\n  name: string,\n  fn: ContextualizedNamedQuery<\n    TContext,\n    ReadonlyArray<ReadonlyJSONValue>,\n    Query<any, any, any>\n  >,\n): ContextualizedNamedQuery<\n  TContext,\n  ReadonlyArray<ReadonlyJSONValue>,\n  Query<any, any, any>\n> {\n  const ret = ((context: TContext, ...args: ReadonlyArray<ReadonlyJSONValue>) =>\n    fn(context, ...args).nameAndArgs(name, args)) as ContextualizedNamedQuery<\n    TContext,\n    ReadonlyArray<ReadonlyJSONValue>,\n    Query<any, any, any>\n  >;\n  ret.contextualized = true;\n\n  return ret;\n}\n\nexport function named<\n  TQueries extends {\n    [K in keyof TQueries]: TQueries[K] extends NamedQuery<\n      infer TArgs,\n      Query<any, any, any>\n    >\n      ? TArgs extends ReadonlyArray<ReadonlyJSONValue>\n        ? NamedQuery<TArgs, Query<any, any, any>>\n        : never\n      : never;\n  },\n>(queries: TQueries): TQueries {\n  return mapEntries(queries, (name, query) => [\n    name,\n    namedQuery(name, query as any),\n  ]) as TQueries;\n}\n\nexport function namedWithContext<\n  TContext,\n  TQueries extends {\n    [K in keyof TQueries]: TQueries[K] extends ContextualizedNamedQuery<\n      TContext,\n      infer TArgs,\n      Query<any, any, any>\n    >\n      ? TArgs extends ReadonlyArray<ReadonlyJSONValue>\n        ? ContextualizedNamedQuery<TContext, TArgs, Query<any, any, any>>\n        : never\n      : never;\n  },\n>(queries: TQueries): TQueries {\n  return mapEntries(queries, (name, query) => [\n    name,\n    contextualizedNamedQuery(name, query as any),\n  ]) as TQueries;\n}\n\n/**\n * This produces the query builders for a given schema.\n * For use in Zero on the server to process custom queries.\n */\nfunction makeQueryBuilders<S extends Schema>(schema: S): SchemaQuery<S> {\n  return new Proxy(\n    {},\n    {\n      get: (\n        target: Record<\n          string,\n          Omit<Query<S, string, any>, 'materialize' | 'preload'>\n        >,\n        prop: string,\n      ) => {\n        if (prop in target) {\n          return target[prop];\n        }\n\n        if (!(prop in schema.tables)) {\n          throw new Error(`Table ${prop} does not exist in schema`);\n        }\n\n        const q = newQuery(undefined, schema, prop);\n        target[prop] = q;\n        return q;\n      },\n    },\n  ) as SchemaQuery<S>;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;AAIO,IAAM,6BAA+B;AAAA,EACxC,sBAAO;AAAA,IACP,IAAM,sBAAO;AAAA,IACb,MAAQ,sBAAO;AAAA,IACf,MAAQ,SAAW,qBAAM,UAAU,CAAC;AAAA,EACtC,CAAC;AACH;AAGO,IAAM,yBAA2B,sBAAO;AAAA,EAC7C,IAAM,sBAAO;AAAA,EACb,MAAQ,sBAAO;AAAA,EACf,KAAK;AACP,CAAC;AAEM,IAAM,qBAAuB,sBAAO;AAAA,EACzC,OAAS,uBAAQ,KAAK;AAAA,EACtB,IAAM,sBAAO;AAAA,EACb,MAAQ,sBAAO;AAAA,EACf,SAAS;AACX,CAAC;AAGM,IAAM,8BAAgC;AAAA,EACzC,qBAAM,wBAAwB,kBAAkB;AACpD;AAGO,IAAM,gCAAkC,qBAAM;AAAA,EACjD,uBAAQ,WAAW;AAAA,EACrB;AACF,CAAC;AAKM,IAAM,iCAAmC,qBAAM;AAAA,EAClD,uBAAQ,aAAa;AAAA,EACvB;AACF,CAAC;;;ACNM,SAAS,cAIdA,QACA,IA0DwD;AACxD,QAAMC,iBAAgB,GAAG,EAAC,MAAM,IAAG,CAAQ;AAE3C,SAAO;AAAA,IACL,MAAMD,OAAM,OAAO;AAAA,IACnB,eAAAC;AAAA,EACF;AACF;AAEA,SAAS,QACJ,MAC8B;AACjC,SAAO,KAAK,IAAI,UAAQ;AAAA,IACtB,aAAa,IAAI;AAAA,IACjB,WAAW,IAAI;AAAA,IACf,YAAY,IAAI,WAAW,OAAO;AAAA,IAClC,aAAa;AAAA,EACf,EAAE;AACJ;AAEA,SAAS,OACJ,MAC6B;AAChC,SAAO,KAAK,IAAI,UAAQ;AAAA,IACtB,aAAa,IAAI;AAAA,IACjB,WAAW,IAAI;AAAA,IACf,YAAY,IAAI,WAAW,OAAO;AAAA,IAClC,aAAa;AAAA,EACf,EAAE;AACJ;;;ACvGO,IAAM,cAAN,MAAM,qBAIH,cAAwC;AAAA,EAChD,YACE,QACA,WACA,KACA,QACA,SAAiB,eACjB,eACA,iBACA;AACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,oBAAoB;AAClB,WAAO,IAAI,kBAAkB,KAAK,OAAO;AAAA,EAC3C;AAAA,EAEA,CAAW,cAAc,EAKvB,WACA,QACA,WACA,KACA,QACA,eACA,iBACuC;AACvC,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,IAAI,MAAM;AACR,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,cAAiD;AAC/C,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACtD;AAAA,EAEA,MAAuC;AACrC,WAAO,QAAQ,OAAO,IAAI,MAAM,2BAA2B,CAAC;AAAA,EAC9D;AAAA,EAEA,UAGE;AACA,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACnD;AACF;;;AChFO,IAAM,aAAa;AAAA,EACxB,CAAC,GAAY,OAAyC,GAAG,IAAI;AAC/D;AACO,IAAM,yBAAyB;AAAA,EACpC,KAAK;AAAA,IACH,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,IAChB;AAAA,IACA,QAAQ;AAAA,EACV;AACF;AACO,IAAM,aAAa,CAAC;AAgD3B,eAAsB,kBACpB,QACA,SAGgD;AAChD,QAAM,qBAAqB,CAAC;AAI5B,aAAW,QAAQ,OAAO,KAAK,OAAO,MAAM,GAAG;AAC7C,uBAAmB,IAAI,IAAI,IAAI;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,EAAC,OAAO,KAAI;AAAA,MACZ;AAAA,IACF,EAAE,kBAAkB;AAAA,EACtB;AAEA,QAAM,SAAS,MAAM,QAAQ;AAC7B,SAAO,mBAAmB,QAAQ,QAAQ,kBAAkB;AAC9D;AAEA,SAAS,mBACP,QACA,OACA,oBACuC;AACvC,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AACA,QAAM,aAAa,eAAe,OAAO,MAAM;AAC/C,QAAM,MAAiC,EAAC,QAAQ,CAAC,EAAC;AAClD,aAAW,CAAC,WAAW,WAAW,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC5D,UAAM,aAAa,OAAO,OAAO,SAAS,EAAE,cAAc;AAC1D,QAAI,OAAO,UAAU,IAAI;AAAA,MACvB,KAAK;AAAA,QACH;AAAA,QACA;AAAA,QACA,YAAY;AAAA,QACZ,mBAAmB,SAAS;AAAA,MAC9B;AAAA,MACA,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,YAAY;AAAA,QACZ,mBAAmB,SAAS;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,iBAKPC,iBACA,WACA,UACA,mBACsC;AACtC,MAAI,CAAC,UAAU;AACb,WAAO;AAAA,EACT;AACA,SAAO;AAAA,IACL,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,aAAa;AAAA,QACXA;AAAA,QACA;AAAA,QACA,SAAS,QAAQ;AAAA,QACjB;AAAA,MACF;AAAA,MACA,cAAc;AAAA,QACZA;AAAA,QACA;AAAA,QACA,SAAS,QAAQ;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACNA;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACF;AAOA,SAAS,aAKPA,iBACA,WACA,OACA,mBACoC;AACpC,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO,MAAM,IAAI,UAAQ;AACvB,UAAM,OAAO,KAAK,aAA+B,iBAAiB;AAClE,WAAO,CAAC,SAAS,aAAa,MAAM,WAAWA,eAAc,CAAC;AAAA,EAChE,CAAC;AACH;AAEA,SAAS,kBAKPA,iBACA,WACA,WAGA,mBACsD;AACtD,MAAI,CAAC,WAAW;AACd,WAAO;AAAA,EACT;AACA,QAAM,MAAgD,CAAC;AACvD,aAAW,CAAC,YAAY,KAAK,KAAK,OAAO,QAAQ,SAAS,GAAG;AAC3D,QAAI,UAAU,IAAI;AAAA,MAChB,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,aAAa;AAAA,UACXA;AAAA,UACA;AAAA,UACA,MAAM,QAAQ;AAAA,UACd;AAAA,QACF;AAAA,QACA,cAAc;AAAA,UACZA;AAAA,UACA;AAAA,UACA,MAAM,QAAQ;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACNA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,IAAM,cAAN,MAAM,aAAY;AAAA,EACP;AAAA,EACA;AAAA,EACT,YAAY,QAAgB,MAAgB;AAC1C,SAAK,UAAU;AACf,SAAK,QAAQ;AAAA,EACf;AAAA,EAEA,IAAI,QAA4C,MAAuB;AACrE,QAAI,SAAS,eAAe;AAC1B,aAAO,OAAO,aAAa;AAAA,IAC7B;AACA,WAAO,OAAO,SAAS,QAAQ;AAC/B,UAAM,OAAO,CAAC,GAAG,KAAK,OAAO,IAAI;AACjC,WAAO,IAAI;AAAA,MACT;AAAA,QACE,CAAC,aAAa,GAAG,MAAM,YAAY,KAAK,SAAS,IAAI;AAAA,MACvD;AAAA,MACA,IAAI,aAAY,KAAK,SAAS,IAAI;AAAA,IACpC;AAAA,EACF;AACF;AAEA,SAAS,YAAY,QAAgB;AACnC,SAAO,IAAI;AAAA,IACT;AAAA,MACE,CAAC,aAAa,GAAG,MAAM;AACrB,cAAM,IAAI,MAAM,wBAAwB;AAAA,MAC1C;AAAA,IACF;AAAA,IACA,IAAI,YAAY,QAAQ,CAAC,CAAC;AAAA,EAC5B;AACF;AAEO,IAAM,cAAc,YAAY,UAAU;AAC1C,IAAM,oBAAoB,YAAY,gBAAgB;;;AC1StD,SAAS,WAAW,KAAa;AACtC,SAAO,IAAI,QAAQ,SAAS,MAAM;AACpC;;;AC8BO,SAAS,cAAgC,GAAsB;AACpE,SAAO,kBAAkB,CAAC;AAC5B;AAWA,SAAS,WACP,MACA,IACoE;AACpE,SAAQ,IAAI,SACV,GAAG,GAAG,IAAI,EAAE,YAAY,MAAM,IAAI;AAItC;AAEA,SAAS,yBACP,MACA,IASA;AACA,QAAM,MAAO,CAAC,YAAsB,SAClC,GAAG,SAAS,GAAG,IAAI,EAAE,YAAY,MAAM,IAAI;AAK7C,MAAI,iBAAiB;AAErB,SAAO;AACT;AAEO,SAAS,MAWd,SAA6B;AAC7B,SAAO,WAAW,SAAS,CAAC,MAAM,UAAU;AAAA,IAC1C;AAAA,IACA,WAAW,MAAM,KAAY;AAAA,EAC/B,CAAC;AACH;AAEO,SAAS,iBAad,SAA6B;AAC7B,SAAO,WAAW,SAAS,CAAC,MAAM,UAAU;AAAA,IAC1C;AAAA,IACA,yBAAyB,MAAM,KAAY;AAAA,EAC7C,CAAC;AACH;AAMA,SAAS,kBAAoC,QAA2B;AACtE,SAAO,IAAI;AAAA,IACT,CAAC;AAAA,IACD;AAAA,MACE,KAAK,CACH,QAIA,SACG;AACH,YAAI,QAAQ,QAAQ;AAClB,iBAAO,OAAO,IAAI;AAAA,QACpB;AAEA,YAAI,EAAE,QAAQ,OAAO,SAAS;AAC5B,gBAAM,IAAI,MAAM,SAAS,IAAI,2BAA2B;AAAA,QAC1D;AAEA,cAAM,IAAI,SAAS,QAAW,QAAQ,IAAI;AAC1C,eAAO,IAAI,IAAI;AACf,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACF;",
   "names": ["table", "relationships", "clientToServer"]
 }

package/out/{chunk-ZRSXCDPE.js → chunk-IQCMHXK7.js} RENAMED Viewed

@@ -98,7 +98,6 @@ import {
   normalizeAST,
   once,
   parse,
-  parseTTL,
   primaryKeySchema,
   primaryKeyValueRecordSchema,
   readFromDefaultHead,
@@ -127,7 +126,7 @@ import {
   withWrite,
   withWriteNoImplicitCommit,
   wrapIterable
-} from "./chunk-INLOZBST.js";
+} from "./chunk-P5M53J4D.js";
 import {
   __export
 } from "./chunk-424PT5DM.js";
@@ -405,7 +404,11 @@ var IDBStore = class {
         assertNotNull(tx);
         tx.abort();
         this.#idbDeleted = true;
-        reject(new IDBNotFoundError(`Replicache IndexedDB not found: ${name}`));
+        reject(
+          new IDBNotFoundError(
+            `Expected IndexedDB not found: ${name}. This likely means that the user deleted IndexedDB instances while the app was running. This is non-fatal. The app will continue running in memory until reload.`
+          )
+        );
       };
       req.onsuccess = () => resolve(req.result);
       req.onerror = () => reject(req.error);
@@ -426,7 +429,7 @@ var IDBStore = class {
           this.#idbDeleted = true;
           mustGetBrowserGlobal("indexedDB").deleteDatabase(db.name);
           throw new IDBNotFoundError(
-            `Replicache IndexedDB ${db.name} missing object store. Deleting db.`
+            `Expected IndexedDB ${db.name} missing object store. Deleting db. This is non-fatal, the app will continue working in memory until it is reloaded.`
           );
         }
       }
@@ -5891,14 +5894,29 @@ var connectedMessageSchema = valita_exports.tuple([
   valita_exports.literal("connected"),
   connectedBodySchema
 ]);
-var userPushParamsSchema = valita_exports.object({
+var userQueryMutateParamsSchema = valita_exports.object({
+  /**
+   * A client driven URL to send queries or mutations to.
+   * This URL must match one of the URLs set in the zero config.
+   *
+   * E.g., Given the following environment variable:
+   * ZERO_QUERY_URL=[https://*.example.com/query]
+   *
+   * Then this URL could be:
+   * https://myapp.example.com/query
+   */
+  url: valita_exports.string().optional(),
+  // The query string to use for query or mutation calls.
   queryParams: valita_exports.record(valita_exports.string()).optional()
 });
 var initConnectionBodySchema = valita_exports.object({
   desiredQueriesPatch: upQueriesPatchSchema,
   clientSchema: clientSchemaSchema.optional(),
   deleted: deleteClientsBodySchema.optional(),
-  userPushParams: userPushParamsSchema.optional(),
+  // parameters to configure the mutate endpoint
+  userPushParams: userQueryMutateParamsSchema.optional(),
+  // parameters to configure the query endpoint
+  userQueryParams: userQueryMutateParamsSchema.optional(),
   /**
    * `activeClients` is an optional array of client IDs that are currently active
    * in the client group. This is used to inform the server about the clients
@@ -5916,7 +5934,8 @@ function encodeSecProtocols(initConnectionMessage, authToken) {
     initConnectionMessage,
     authToken
   };
-  return encodeURIComponent(btoa(JSON.stringify(protocols)));
+  const bytes = new TextEncoder().encode(JSON.stringify(protocols));
+  return encodeURIComponent(btoa(String.fromCharCode(...bytes)));
 }
 // ../zero-protocol/src/error.ts
@@ -6246,7 +6265,7 @@ var downstreamSchema = valita_exports.union(
 );
 // ../zero-protocol/src/protocol-version.ts
-var PROTOCOL_VERSION = 21;
+var PROTOCOL_VERSION = 22;
 var MIN_SERVER_SUPPORTED_SYNC_PROTOCOL = 18;
 assert(MIN_SERVER_SUPPORTED_SYNC_PROTOCOL < PROTOCOL_VERSION);
@@ -6395,7 +6414,7 @@ var ActiveClientsManager = class _ActiveClientsManager {
    */
   static async create(clientGroupID, clientID, signal) {
     const instance = new _ActiveClientsManager(clientGroupID, clientID, signal);
-    await instance.#init(clientGroupID, clientID, signal);
+    await instance.#init(signal);
     return instance;
   }
   constructor(clientGroupID, clientID, signal) {
@@ -6404,7 +6423,8 @@ var ActiveClientsManager = class _ActiveClientsManager {
     this.#lockManager = getClientLockManager(signal);
     this.#activeClients.add(clientID);
   }
-  async #init(clientGroupID, clientID, signal) {
+  async #init(signal) {
+    const { clientGroupID, clientID } = this;
     const name = toLockName(clientGroupID, clientID);
     const channel = new bc(toBroadcastChannelName(clientGroupID));
     channel.addEventListener(
@@ -8537,7 +8557,7 @@ function makeMessage(message, context, logLevel) {
 }
 // ../zero-client/src/client/version.ts
-var version2 = "0.22.2025071100";
+var version2 = "0.22.2025071900";
 // ../zero-client/src/client/log-options.ts
 var LevelFilterLogSink = class {
@@ -8833,9 +8853,7 @@ var State = class {
 // ../zero-client/src/client/mutation-tracker.ts
 import { resolver as resolver8 } from "@rocicorp/resolver";
-var transientPushErrorTypes = [
-  "zeroPusher",
-  "http",
+var completeFailureTypes = [
   // These should never actually be received as they cause the websocket
   // connection to be closed.
   "unsupportedPushVersion",
@@ -8848,14 +8866,20 @@ function nextEphemeralID() {
 var MutationTracker = class {
   #outstandingMutations;
   #ephemeralIDsByMutationID;
-  #allMutationsConfirmedListeners;
+  #allMutationsAppliedListeners;
   #lc;
+  #limboMutations;
   #clientID;
+  #largestOutstandingMutationID;
+  #currentMutationID;
   constructor(lc) {
     this.#lc = lc.withContext("MutationTracker");
     this.#outstandingMutations = /* @__PURE__ */ new Map();
     this.#ephemeralIDsByMutationID = /* @__PURE__ */ new Map();
-    this.#allMutationsConfirmedListeners = /* @__PURE__ */ new Set();
+    this.#allMutationsAppliedListeners = /* @__PURE__ */ new Set();
+    this.#limboMutations = /* @__PURE__ */ new Set();
+    this.#largestOutstandingMutationID = 0;
+    this.#currentMutationID = 0;
   }
   set clientID(clientID) {
     this.#clientID = clientID;
@@ -8873,6 +8897,10 @@ var MutationTracker = class {
     if (entry) {
       entry.mutationID = mutationID;
       this.#ephemeralIDsByMutationID.set(mutationID, id);
+      this.#largestOutstandingMutationID = Math.max(
+        this.#largestOutstandingMutationID,
+        mutationID
+      );
     }
   }
   /**
@@ -8904,7 +8932,7 @@ var MutationTracker = class {
    * to those mutations have been lost.
    *
    * An example case: the API server responds while the connection
-   * is down. Those responses are dropped.
+   * is down. Those responses are lost.
    *
    * Mutations whose LMID is > the lastMutationID are not resolved
    * since they will be retried by the client, giving us another chance
@@ -8913,9 +8941,6 @@ var MutationTracker = class {
    * The only way to ensure that all API server responses are
    * received would be to have the API server write them
    * to the DB while writing the LMID.
-   *
-   * This would have the downside of not being able to provide responses to a
-   * mutation with data gathered after the transaction.
    */
   onConnected(lastMutationID) {
     for (const [id, entry] of this.#outstandingMutations) {
@@ -8928,12 +8953,78 @@ var MutationTracker = class {
         break;
       }
     }
+    for (const [id, entry] of this.#outstandingMutations) {
+      if (entry.mutationID && entry.mutationID > lastMutationID) {
+        this.#limboMutations.add(id);
+      }
+    }
+    this.lmidAdvanced(lastMutationID);
+  }
+  /**
+   * lmid advance will:
+   * 1. notify "allMutationsApplied" listeners if the lastMutationID
+   *    is greater than or equal to the largest outstanding mutation ID.
+   * 2. resolve all limbo mutations whose mutation ID is less than or equal to
+   *    the lastMutationID.
+   *
+   * We only resolve "limbo mutations" since we want to give the mutation
+   * responses a chance to be received. `poke` and `pushResponse` are non transactional
+   * so they race.
+   *
+   * E.g., a `push` may call the api server which:
+   * writes to PG, replicates to zero-cache, then pokes the lmid down before the
+   * push response is sent.
+   *
+   * The only fix for this would be to have mutation responses be written to the database
+   * and sent down through the poke protocol.
+   *
+   * The artifact the user sees is that promise resolutions for mutations is not transactional
+   * with the update to synced data.
+   *
+   * It was a mistake to not just write the mutation responses to the database
+   * in the first place as this route ends up being more complicated
+   * and less reliable.
+   */
+  lmidAdvanced(lastMutationID) {
+    assert(
+      lastMutationID >= this.#currentMutationID,
+      "lmid must be greater than or equal to current lmid"
+    );
+    if (lastMutationID === this.#currentMutationID) {
+      return;
+    }
+    try {
+      this.#currentMutationID = lastMutationID;
+      this.#resolveLimboMutations(lastMutationID);
+    } finally {
+      if (lastMutationID >= this.#largestOutstandingMutationID) {
+        this.#notifyAllMutationsAppliedListeners();
+      }
+    }
   }
   get size() {
     return this.#outstandingMutations.size;
   }
+  /**
+   * Push errors fall into two categories:
+   * - Those where we know the mutations were not applied
+   * - Those where we do not know the state of the mutations.
+   *
+   * The first category includes errors like "unsupportedPushVersion"
+   * and "unsupportedSchemaVersion". The mutations were never applied in those cases.
+   *
+   * The second category includes errors like "http" errors. E.g., a 500 on the user's
+   * API server or a network error.
+   *
+   * The mutations may have been applied by the API server but we never
+   * received the response.
+   *
+   * In this latter case, we must mark the mutations as being in limbo.
+   * This allows us to resolve them when we receive the next
+   * lmid bump if their lmids are lesser.
+   */
   #processPushError(error) {
-    if (transientPushErrorTypes.includes(error.error)) {
+    if (completeFailureTypes.includes(error.error)) {
       return;
     }
     const mids = error.mutationIDs;
@@ -8941,7 +9032,30 @@ var MutationTracker = class {
       return;
     }
     for (const mid of mids) {
-      this.#processMutationError(mid, error);
+      const ephemeralID = this.#ephemeralIDsByMutationID.get(mid.id);
+      if (ephemeralID) {
+        if (mid.id <= this.#currentMutationID) {
+          const entry = this.#outstandingMutations.get(ephemeralID);
+          if (entry) {
+            this.#settleMutation(ephemeralID, entry, "resolve", emptyObject);
+          }
+          continue;
+        }
+        this.#limboMutations.add(ephemeralID);
+      }
+    }
+  }
+  #resolveLimboMutations(lastMutationID) {
+    for (const id of this.#limboMutations) {
+      const entry = this.#outstandingMutations.get(id);
+      if (!entry || !entry.mutationID) {
+        this.#limboMutations.delete(id);
+        continue;
+      }
+      if (entry.mutationID <= lastMutationID) {
+        this.#limboMutations.delete(id);
+        this.#settleMutation(id, entry, "resolve", emptyObject);
+      }
     }
   }
   #processPushOk(ok) {
@@ -8994,19 +9108,27 @@ var MutationTracker = class {
         entry.resolver.reject(result);
         break;
     }
-    const removed = this.#outstandingMutations.delete(ephemeralID);
+    this.#outstandingMutations.delete(ephemeralID);
     if (entry.mutationID) {
       this.#ephemeralIDsByMutationID.delete(entry.mutationID);
     }
-    if (removed && this.#outstandingMutations.size === 0) {
-      this.#notifyAllMutationsConfirmedListeners();
-    }
+    this.#limboMutations.delete(ephemeralID);
   }
-  onAllMutationsConfirmed(listener) {
-    this.#allMutationsConfirmedListeners.add(listener);
+  /**
+   * Be notified when all mutations have been included in the server snapshot.
+   *
+   * The query manager will not de-register queries from the server until there
+   * are no pending mutations.
+   *
+   * The reason is that a mutation may need to be rebased. We do not want
+   * data that was available the first time it was run to not be available
+   * on a rebase.
+   */
+  onAllMutationsApplied(listener) {
+    this.#allMutationsAppliedListeners.add(listener);
   }
-  #notifyAllMutationsConfirmedListeners() {
-    for (const listener of this.#allMutationsConfirmedListeners) {
+  #notifyAllMutationsAppliedListeners() {
+    for (const listener of this.#allMutationsAppliedListeners) {
       listener();
     }
   }
@@ -9039,7 +9161,7 @@ var QueryManager = class {
     this.#send = send2;
     this.#mutationTracker = mutationTracker;
     this.#queryChangeThrottleMs = queryChangeThrottleMs;
-    this.#mutationTracker.onAllMutationsConfirmed(() => {
+    this.#mutationTracker.onAllMutationsApplied(() => {
       if (this.#pendingRemovals.length === 0) {
         return;
       }
@@ -9112,6 +9234,8 @@ var QueryManager = class {
           ast: normalized,
           name,
           args,
+          // We get TTL out of the DagStore so it is possible that the TTL was written
+          // with a too high TTL.
           ttl: clampTTL(ttl)
           // no lc here since no need to log here
         });
@@ -9224,6 +9348,7 @@ var QueryManager = class {
     this.#updateEntry(entry, astHash, ttl);
   }
   #updateEntry(entry, hash, ttl) {
+    ttl = clampTTL(ttl, this.#lc);
     if (compareTTL(ttl, entry.ttl) > 0) {
       entry.ttl = ttl;
       this.#queueQueryChange({
@@ -9232,7 +9357,7 @@ var QueryManager = class {
         ast: entry.normalized,
         name: entry.name,
         args: entry.args,
-        ttl: parseTTL(ttl)
+        ttl
       });
     }
   }
@@ -10556,7 +10681,8 @@ var Zero = class _Zero {
           // The clientSchema only needs to be sent for the very first request.
           // Henceforth it is stored with the CVR and verified automatically.
           ...this.#connectCookie === null ? { clientSchema } : {},
-          userPushParams: this.#options.push
+          userPushParams: this.#options.mutate ?? this.#options.push,
+          userQueryParams: this.#options.query
         }
       ]);
       this.#deletedClients = void 0;
@@ -10631,7 +10757,8 @@ var Zero = class _Zero {
       wsid,
       this.#options.logLevel === "debug",
       lc,
-      this.#options.push,
+      this.#options.mutate ?? this.#options.push,
+      this.#options.query,
       this.#options.maxHeaderLength,
       additionalConnectParams,
       await this.#activeClientsManager
@@ -10735,6 +10862,7 @@ var Zero = class _Zero {
   #handlePokeEnd(_lc, pokeMessage) {
     this.#abortPingTimeout();
     this.#pokeHandler.handlePokeEnd(pokeMessage[1]);
+    this.#mutationTracker.lmidAdvanced(this.#lastMutationIDReceived);
   }
   #onPokeError() {
     const lc = this.#lc;
@@ -11103,7 +11231,7 @@ var Zero = class _Zero {
    */
   async inspect() {
     BUNDLE_SIZE: {
-      const m = await import("./inspector-HDOYOVMS.js");
+      const m = await import("./inspector-TFZBDN6K.js");
       return m.newInspector(this.#rep, this.#schema, async () => {
         await this.#connectResolver.promise;
         return this.#socket;
@@ -11111,7 +11239,7 @@ var Zero = class _Zero {
     }
   }
 };
-async function createSocket(rep, queryManager, deleteClientsManager, socketOrigin, baseCookie, clientID, clientGroupID, clientSchema, userID, auth, lmid, wsid, debugPerf, lc, userPushParams, maxHeaderLength = 1024 * 8, additionalConnectParams, activeClientsManager) {
+async function createSocket(rep, queryManager, deleteClientsManager, socketOrigin, baseCookie, clientID, clientGroupID, clientSchema, userID, auth, lmid, wsid, debugPerf, lc, userPushParams, userQueryParams, maxHeaderLength = 1024 * 8, additionalConnectParams, activeClientsManager) {
   const url = new URL(
     appendPath(socketOrigin, `/sync/v${PROTOCOL_VERSION}/connect`)
   );
@@ -11151,6 +11279,7 @@ async function createSocket(rep, queryManager, deleteClientsManager, socketOrigi
         // Henceforth it is stored with the CVR and verified automatically.
         ...baseCookie === null ? { clientSchema } : {},
         userPushParams,
+        userQueryParams,
         activeClients: [...activeClients]
       }
     ],
@@ -11230,6 +11359,7 @@ export {
   dropDatabase,
   dropAllDatabases,
   error_kind_enum_exports,
+  mapEntries,
   table,
   string3 as string,
   number2 as number,
@@ -11241,4 +11371,4 @@ export {
   update_needed_reason_type_enum_exports,
   Zero
 };
-//# sourceMappingURL=chunk-ZRSXCDPE.js.map
+//# sourceMappingURL=chunk-IQCMHXK7.js.map