@semiont/backend 0.5.6 → 0.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/index.js +309 -31230
  2. package/dist/index.js.map +1 -1
  3. package/dist/openapi.json +144 -116
  4. package/package.json +19 -20
package/dist/openapi.json CHANGED
@@ -1401,7 +1401,7 @@
1401
1401
  },
1402
1402
  "storageUri": {
1403
1403
  "type": "string",
1404
- "description": "Where the content has been / should be placed (file://... for local). If omitted, derived from name + format."
1404
+ "description": "Where the content lives (file://... for local). Required the client names the location; the server does not derive one."
1405
1405
  },
1406
1406
  "language": {
1407
1407
  "type": "string",
@@ -1435,7 +1435,8 @@
1435
1435
  "required": [
1436
1436
  "name",
1437
1437
  "file",
1438
- "format"
1438
+ "format",
1439
+ "storageUri"
1439
1440
  ]
1440
1441
  }
1441
1442
  }
@@ -1453,7 +1454,7 @@
1453
1454
  }
1454
1455
  },
1455
1456
  "400": {
1456
- "description": "Missing required fields (name, file, or format)",
1457
+ "description": "Missing required fields (name, file, format, or storageUri), or the format's base MIME type is not a SupportedMediaType. The error message names the offending type.",
1457
1458
  "content": {
1458
1459
  "application/json": {
1459
1460
  "schema": {
@@ -1477,8 +1478,8 @@
1477
1478
  },
1478
1479
  "/resources/{id}": {
1479
1480
  "get": {
1480
- "summary": "Get a resource (content-negotiated)",
1481
- "description": "Content negotiation via the Accept header:\n- application/ld+json (default) returns JSON-LD metadata including all annotations + inbound entity references\n- text/* or image/* or application/pdf returns the raw representation bytes\n\nBinary payloads flow directly from the content store; metadata payloads go through the bus gateway.",
1481
+ "summary": "Get a resource's stored representation (the pipe)",
1482
+ "description": "Returns the stored representation's bytes, verbatim, with the stored media type in Content-Type (`application/octet-stream` when the stored metadata carries none). The Accept header is never read: there is no content negotiation and no transcoding, so the served bytes always hash to the representation's registered checksum.\n\nThe resource's JSON-LD description (descriptor + annotations + inbound entity references) lives at GET /resources/{id}/jsonld; every content response advertises it via a `Link: rel=\"describedby\"` header.\n\nContent is immutable (checksum-addressed), and this route is bearer-authenticated, so responses carry `Cache-Control: private, max-age=31536000, immutable`.",
1482
1483
  "tags": [
1483
1484
  "Resources"
1484
1485
  ],
@@ -1495,48 +1496,21 @@
1495
1496
  "schema": {
1496
1497
  "type": "string"
1497
1498
  }
1498
- },
1499
- {
1500
- "name": "Accept",
1501
- "in": "header",
1502
- "required": false,
1503
- "schema": {
1504
- "type": "string"
1505
- },
1506
- "description": "application/ld+json for metadata, or a text/image/pdf media type for raw content"
1507
1499
  }
1508
1500
  ],
1509
1501
  "responses": {
1510
1502
  "200": {
1511
- "description": "Resource content or metadata, depending on Accept",
1512
- "content": {
1513
- "application/ld+json": {
1514
- "schema": {
1515
- "$ref": "#/components/schemas/GetResourceResponse"
1516
- }
1517
- },
1518
- "text/plain": {
1519
- "schema": {
1520
- "type": "string"
1521
- }
1522
- },
1523
- "text/markdown": {
1503
+ "description": "The stored representation's bytes, verbatim",
1504
+ "headers": {
1505
+ "Link": {
1524
1506
  "schema": {
1525
1507
  "type": "string"
1526
- }
1527
- },
1528
- "text/html": {
1529
- "schema": {
1530
- "type": "string"
1531
- }
1532
- },
1533
- "image/*": {
1534
- "schema": {
1535
- "type": "string",
1536
- "format": "binary"
1537
- }
1538
- },
1539
- "application/pdf": {
1508
+ },
1509
+ "description": "`</resources/{id}/jsonld>; rel=\"describedby\"; type=\"application/ld+json\"` — where to dereference the resource's JSON-LD description"
1510
+ }
1511
+ },
1512
+ "content": {
1513
+ "*/*": {
1540
1514
  "schema": {
1541
1515
  "type": "string",
1542
1516
  "format": "binary"
@@ -1545,7 +1519,7 @@
1545
1519
  }
1546
1520
  },
1547
1521
  "404": {
1548
- "description": "Resource not found",
1522
+ "description": "Resource or representation not found",
1549
1523
  "content": {
1550
1524
  "application/json": {
1551
1525
  "schema": {
@@ -1563,6 +1537,52 @@
1563
1537
  }
1564
1538
  }
1565
1539
  }
1540
+ }
1541
+ }
1542
+ }
1543
+ },
1544
+ "/resources/{id}/jsonld": {
1545
+ "get": {
1546
+ "summary": "Get a resource's JSON-LD description",
1547
+ "description": "The dereferenceable linked-data description of the resource: its descriptor plus all annotations and inbound entity references, assembled via the bus gateway. This is the target of the `Link: rel=\"describedby\"` header that GET /resources/{id} sends with every content response.\n\nLive data — annotations and references change — so responses carry `Cache-Control: no-cache`, in contrast to the immutable content at GET /resources/{id}.",
1548
+ "tags": [
1549
+ "Resources"
1550
+ ],
1551
+ "security": [
1552
+ {
1553
+ "bearerAuth": []
1554
+ }
1555
+ ],
1556
+ "parameters": [
1557
+ {
1558
+ "name": "id",
1559
+ "in": "path",
1560
+ "required": true,
1561
+ "schema": {
1562
+ "type": "string"
1563
+ }
1564
+ }
1565
+ ],
1566
+ "responses": {
1567
+ "200": {
1568
+ "description": "The resource's JSON-LD description",
1569
+ "content": {
1570
+ "application/ld+json": {
1571
+ "schema": {
1572
+ "$ref": "#/components/schemas/GetResourceResponse"
1573
+ }
1574
+ }
1575
+ }
1576
+ },
1577
+ "404": {
1578
+ "description": "Resource not found",
1579
+ "content": {
1580
+ "application/json": {
1581
+ "schema": {
1582
+ "$ref": "#/components/schemas/ErrorResponse"
1583
+ }
1584
+ }
1585
+ }
1566
1586
  },
1567
1587
  "504": {
1568
1588
  "description": "Request timed out (bus gateway)",
@@ -1579,8 +1599,8 @@
1579
1599
  },
1580
1600
  "/api/resources/{id}": {
1581
1601
  "get": {
1582
- "summary": "Get raw resource content (browser-friendly alias)",
1583
- "description": "Browser-friendly alternative to GET /resources/{id} that always returns the raw representation, never JSON-LD. Used by `<img>` / PDF.js / `<video>` tags and anywhere an httpOnly cookie is the only feasible auth vector. Behaves like GET /resources/{id} with JSON-LD stripped from the Accept header before content negotiation.\n\nSets long-lived immutable Cache-Control (content is addressed by checksum upstream, so bytes never change for a given resource id).",
1602
+ "summary": "Get a resource's stored representation (browser-friendly alias)",
1603
+ "description": "Identical pipe to GET /resources/{id} verbatim bytes, stored media type in Content-Type, Accept never read. Exists only as the auth affordance for `<img>` / PDF.js / download links, which cannot carry Authorization headers: the `?token=` media token or the httpOnly semiont-token cookie ride along automatically.\n\nResponses carry `Cache-Control: public, max-age=31536000, immutable` — `public` is safe here, unlike the bearer-authenticated main route, because the `?token=` is part of the cache key.",
1584
1604
  "tags": [
1585
1605
  "Resources"
1586
1606
  ],
@@ -1601,30 +1621,17 @@
1601
1621
  ],
1602
1622
  "responses": {
1603
1623
  "200": {
1604
- "description": "Raw representation bytes with appropriate Content-Type",
1605
- "content": {
1606
- "text/plain": {
1607
- "schema": {
1608
- "type": "string"
1609
- }
1610
- },
1611
- "text/markdown": {
1612
- "schema": {
1613
- "type": "string"
1614
- }
1615
- },
1616
- "text/html": {
1624
+ "description": "The stored representation's bytes, verbatim",
1625
+ "headers": {
1626
+ "Link": {
1617
1627
  "schema": {
1618
1628
  "type": "string"
1619
- }
1620
- },
1621
- "image/*": {
1622
- "schema": {
1623
- "type": "string",
1624
- "format": "binary"
1625
- }
1626
- },
1627
- "application/pdf": {
1629
+ },
1630
+ "description": "`</resources/{id}/jsonld>; rel=\"describedby\"; type=\"application/ld+json\"` — where to dereference the resource's JSON-LD description"
1631
+ }
1632
+ },
1633
+ "content": {
1634
+ "*/*": {
1628
1635
  "schema": {
1629
1636
  "type": "string",
1630
1637
  "format": "binary"
@@ -2158,26 +2165,6 @@
2158
2165
  "$ref": "#/components/schemas/GatheredContext",
2159
2166
  "description": "Gathered context for this annotation"
2160
2167
  },
2161
- "sourceContext": {
2162
- "type": "object",
2163
- "description": "DEPRECATED: Use 'context' instead. Legacy source context format.",
2164
- "properties": {
2165
- "before": {
2166
- "type": "string"
2167
- },
2168
- "selected": {
2169
- "type": "string"
2170
- },
2171
- "after": {
2172
- "type": "string"
2173
- }
2174
- },
2175
- "required": [
2176
- "before",
2177
- "selected",
2178
- "after"
2179
- ]
2180
- },
2181
2168
  "targetContext": {
2182
2169
  "type": "object",
2183
2170
  "properties": {
@@ -2191,29 +2178,6 @@
2191
2178
  "required": [
2192
2179
  "content"
2193
2180
  ]
2194
- },
2195
- "suggestedResolution": {
2196
- "type": "object",
2197
- "properties": {
2198
- "resourceId": {
2199
- "type": "string"
2200
- },
2201
- "resourceName": {
2202
- "type": "string"
2203
- },
2204
- "confidence": {
2205
- "type": "number"
2206
- },
2207
- "reasoning": {
2208
- "type": "string"
2209
- }
2210
- },
2211
- "required": [
2212
- "resourceId",
2213
- "resourceName",
2214
- "confidence",
2215
- "reasoning"
2216
- ]
2217
2181
  }
2218
2182
  },
2219
2183
  "required": [
@@ -2722,9 +2686,78 @@
2722
2686
  },
2723
2687
  "ContentFormat": {
2724
2688
  "type": "string",
2725
- "description": "Content format as MIME type, optionally with charset parameter. Values include: text/plain, text/plain; charset=utf-8, text/plain; charset=iso-8859-1, text/markdown, text/markdown; charset=windows-1252, image/png, image/jpeg, application/pdf",
2689
+ "description": "Content format as a MIME type, optionally with parameters. The base type (everything before the first ';') MUST be a SupportedMediaType; parameters such as charset are preserved as metadata. Semantic validation happens in code at the create/yield boundary — there is deliberately no pattern here, the vocabulary lives in SupportedMediaType. Examples: text/plain, text/plain; charset=iso-8859-1, text/markdown; charset=windows-1252, image/png, application/pdf",
2726
2690
  "example": "text/plain; charset=utf-8"
2727
2691
  },
2692
+ "SupportedMediaType": {
2693
+ "type": "string",
2694
+ "description": "Base MIME types (no parameters) admitted by Semiont. Membership is the create/yield gate — every member is storable, nameable, and uploadable. What more the system can do with a type (render, annotate, extract text, author) is curated per type in @semiont/core's media-type registry, which is keyed by this enum.",
2695
+ "enum": [
2696
+ "text/plain",
2697
+ "text/markdown",
2698
+ "text/html",
2699
+ "text/css",
2700
+ "text/csv",
2701
+ "text/xml",
2702
+ "application/json",
2703
+ "application/xml",
2704
+ "application/yaml",
2705
+ "application/x-yaml",
2706
+ "application/pdf",
2707
+ "application/msword",
2708
+ "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
2709
+ "application/vnd.ms-excel",
2710
+ "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
2711
+ "application/vnd.ms-powerpoint",
2712
+ "application/vnd.openxmlformats-officedocument.presentationml.presentation",
2713
+ "application/zip",
2714
+ "application/gzip",
2715
+ "application/x-tar",
2716
+ "application/x-7z-compressed",
2717
+ "application/octet-stream",
2718
+ "application/wasm",
2719
+ "image/png",
2720
+ "image/jpeg",
2721
+ "image/gif",
2722
+ "image/webp",
2723
+ "image/svg+xml",
2724
+ "image/bmp",
2725
+ "image/tiff",
2726
+ "image/x-icon",
2727
+ "video/mp4",
2728
+ "video/mpeg",
2729
+ "video/webm",
2730
+ "video/ogg",
2731
+ "video/quicktime",
2732
+ "video/x-msvideo",
2733
+ "audio/mpeg",
2734
+ "audio/wav",
2735
+ "audio/ogg",
2736
+ "audio/webm",
2737
+ "audio/aac",
2738
+ "audio/flac",
2739
+ "text/javascript",
2740
+ "application/javascript",
2741
+ "text/x-typescript",
2742
+ "application/typescript",
2743
+ "text/x-python",
2744
+ "text/x-java",
2745
+ "text/x-c",
2746
+ "text/x-c++",
2747
+ "text/x-csharp",
2748
+ "text/x-go",
2749
+ "text/x-rust",
2750
+ "text/x-ruby",
2751
+ "text/x-php",
2752
+ "text/x-swift",
2753
+ "text/x-kotlin",
2754
+ "text/x-shell",
2755
+ "font/woff",
2756
+ "font/woff2",
2757
+ "font/ttf",
2758
+ "font/otf"
2759
+ ]
2760
+ },
2728
2761
  "ContextualSummaryResponse": {
2729
2762
  "type": "object",
2730
2763
  "properties": {
@@ -3027,18 +3060,13 @@
3027
3060
  "type": "integer",
3028
3061
  "description": "Monotonic position in the event log (ordering authority)"
3029
3062
  },
3030
- "streamPosition": {
3031
- "type": "integer",
3032
- "description": "Byte offset in the JSONL file"
3033
- },
3034
3063
  "correlationId": {
3035
3064
  "type": "string",
3036
3065
  "description": "Optional correlation id propagated from a command. Lets clients match command-result events back to the POST that initiated them. Set by EventStore.appendEvent's options when a route handler passes one through."
3037
3066
  }
3038
3067
  },
3039
3068
  "required": [
3040
- "sequenceNumber",
3041
- "streamPosition"
3069
+ "sequenceNumber"
3042
3070
  ]
3043
3071
  },
3044
3072
  "SelectionData": {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@semiont/backend",
3
- "version": "0.5.6",
3
+ "version": "0.5.8",
4
4
  "type": "module",
5
5
  "description": "Semiont backend server - pre-built for npm consumption",
6
6
  "main": "dist/index.js",
@@ -15,24 +15,6 @@
15
15
  "scripts": {
16
16
  "start": "node dist/index.js"
17
17
  },
18
- "dependencies": {
19
- "@hono/node-server": "^1.17.1",
20
- "@hono/swagger-ui": "^0.6.1",
21
- "@prisma/adapter-pg": "^7.5.0",
22
- "@prisma/client": "^7.5.0",
23
- "@semiont/core": "^0.5.6",
24
- "@semiont/event-sourcing": "^0.5.6",
25
- "@semiont/jobs": "^0.5.6",
26
- "@semiont/make-meaning": "^0.5.6",
27
- "ajv": "^8.17.1",
28
- "ajv-formats": "^3.0.1",
29
- "argon2": "^0.44.0",
30
- "hono": "^4.8.10",
31
- "jsonwebtoken": "^9.0.2",
32
- "prisma": "^7.5.0",
33
- "winston": "^3.19.0",
34
- "zod": "^4.0.0"
35
- },
36
18
  "publishConfig": {
37
19
  "access": "public"
38
20
  },
@@ -41,5 +23,22 @@
41
23
  "url": "https://github.com/The-AI-Alliance/semiont.git",
42
24
  "directory": "apps/backend"
43
25
  },
44
- "license": "Apache-2.0"
26
+ "license": "Apache-2.0",
27
+ "dependencies": {
28
+ "@hono/node-server": "^2.0.4",
29
+ "@hono/swagger-ui": "^0.6.1",
30
+ "@prisma/adapter-pg": "^7.8.0",
31
+ "@prisma/client": "^7.8.0",
32
+ "@semiont/core": "0.5.8",
33
+ "@semiont/make-meaning": "0.5.8",
34
+ "@semiont/observability": "0.5.8",
35
+ "ajv": "^8.20.0",
36
+ "ajv-formats": "^3.0.1",
37
+ "argon2": "^0.44.0",
38
+ "hono": "^4.12.25",
39
+ "jsonwebtoken": "^9.0.2",
40
+ "prisma": "^7.8.0",
41
+ "winston": "^3.19.0",
42
+ "zod": "^4.4.3"
43
+ }
45
44
  }