@tailor-platform/sdk 0.23.3 → 0.24.0

package/dist/{types-CgO-wV9v.d.mts → types-CbL5qnOl.d.mts}

@@ -1,10 +1,10 @@
 /// <reference path="./user-defined.d.ts" />
-import * as zod0 from "zod";
+import * as zod34 from "zod";
 import { z } from "zod";
 import * as type_fest0 from "type-fest";
 import { IsAny, NonEmptyObject } from "type-fest";
 import { StandardSchemaV1 } from "@standard-schema/spec";
-import * as zod_v4_core0 from "zod/v4/core";
+import * as zod_v4_core50 from "zod/v4/core";
 
 //#region src/configure/types/helpers.d.ts
 type Prettify<T$1> = { [K in keyof T$1 as string extends K ? never : K]: T$1[K] } & {};
@@ -1394,7 +1394,7 @@ interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[
   name: string;
   env?: Env;
   cors?: string[];
-  allowedIPAddresses?: string[];
+  allowedIpAddresses?: string[];
   disableIntrospection?: boolean;
   db?: TailorDBServiceInput;
   resolver?: ResolverServiceInput;
@@ -1417,12 +1417,12 @@ declare function defineGenerators(...configs: GeneratorConfig[]): (["@tailor-pla
 }] | {
   id: string;
   description: string;
-  processType: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  processResolver: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  processExecutor: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  aggregate: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod0.ZodAny>;
-  processTailorDBNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processResolverNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
+  processType: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  processResolver: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  processExecutor: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  aggregate: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod34.ZodAny>;
+  processTailorDBNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
+  processResolverNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
 })[];
 //#endregion
 //#region src/parser/service/executor/schema.d.ts
@@ -1561,4 +1561,4 @@ type Executor = z.infer<typeof ExecutorSchema>;
 type ExecutorInput = z.input<typeof ExecutorSchema>;
 //#endregion
 export { SCIMAttribute as $, TailorDBType as A, AuthConfig as B, ResolverExternalConfig as C, InferFieldsOutput as Ct, ExecutorServiceInput as D, ExecutorServiceConfig as E, PermissionCondition as F, AuthServiceInput as G, AuthInvoker as H, TailorTypeGqlPermission as I, IdProviderConfig as J, BuiltinIdP as K, TailorTypePermission as L, AllowedValues as M, AllowedValuesOutput as N, TailorDBField as O, ParsedTailorDBType as P, SAML as Q, unsafeAllowAllGqlPermission as R, defineIdp as S, FieldOutput$1 as St, ResolverServiceInput as T, output as Tt, AuthOwnConfig as U, AuthExternalConfig as V, defineAuth as W, OAuth2ClientInput as X, OAuth2ClientGrantType as Y, OIDC as Z, WorkflowServiceInput as _, Resolver as _t, IncomingWebhookTrigger as a, TenantProviderConfig as at, IdPConfig as b, FieldMetadata as bt, ScheduleTriggerInput as c, UserAttributeMap as ct, AppConfig as d, AttributeList as dt, SCIMAttributeMapping as et, defineConfig as f, AttributeMap as ft, WorkflowServiceConfig as g, QueryType as gt, Generator as h, TailorField as ht, GqlOperation as i, SCIMResource as it, db as j, TailorDBInstance as k, WebhookOperation as l, UsernameFieldKey as lt, CodeGeneratorBase as m, unauthenticatedTailorUser as mt, ExecutorInput as n, SCIMAuthorization as nt, RecordTrigger as o, UserAttributeKey as ot, defineGenerators as p, TailorUser as pt, IDToken as q, FunctionOperation as r, SCIMConfig as rt, ResolverExecutedTrigger as s, UserAttributeListKey as st, Executor as t, SCIMAttributeType as tt, WorkflowOperation as u, ValueOperand as ut, StaticWebsiteConfig as v, ResolverInput as vt, ResolverServiceConfig as w, JsonCompatible as wt, IdPExternalConfig as x, FieldOptions as xt, defineStaticWebSite as y, ArrayFieldOutput as yt, unsafeAllowAllTypePermission as z };
-//# sourceMappingURL=types-CgO-wV9v.d.mts.map
+//# sourceMappingURL=types-CbL5qnOl.d.mts.map

package/dist/utils/test/index.d.mts

@@ -1,6 +1,6 @@
 /// <reference path="./../../user-defined.d.ts" />
-import { A as TailorDBType, ht as TailorField } from "../../types-CgO-wV9v.mjs";
-import { n as output } from "../../index-CANeLBB6.mjs";
+import { A as TailorDBType, ht as TailorField } from "../../types-CbL5qnOl.mjs";
+import { n as output } from "../../index-D_6mOKf-.mjs";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 
 //#region src/utils/test/index.d.ts

package/docs/configuration.md

@@ -16,17 +16,19 @@ For service-specific documentation, see:
 ### Application Settings
 
 ```typescript
+import { defineConfig } from "@tailor-platform/sdk";
+
 export default defineConfig({
   name: "my-app",
-  cors: ["https://example.com", website.url],
-  allowedIPAddresses: ["192.168.1.0/24"],
+  cors: ["https://example.com"],
+  allowedIpAddresses: ["192.168.1.0/24"],
   disableIntrospection: false,
 });
 ```
 
 **Name**: Set the application name.
 
-**CORS**: Specify CORS settings as an array.
+**CORS**: Specify CORS settings as an array. You can also include Static Website URL references (e.g. `website.url`) in this array; see [Static Website](./services/staticwebsite.md).
 
 **Allowed IP Addresses**: Specify IP addresses allowed to access the application in CIDR format.
 

package/docs/services/executor.md

@@ -74,7 +74,12 @@ scheduleTrigger({ cron: "0 * * * *", timezone: "Asia/Tokyo" });
 Fires when an external webhook is received:
 
 ```typescript
-incomingWebhookTrigger<WebhookPayload>();
+type WebhookRequest = {
+  body: WebhookPayload;
+  headers: Record<string, string>;
+};
+
+incomingWebhookTrigger<WebhookRequest>();
 ```
 
 ### Resolver Executed Trigger
@@ -113,8 +118,7 @@ Call external webhooks with dynamic data:
 createExecutor({
   operation: {
     kind: "webhook",
-    url: ({ newRecord }) =>
-      `https://api.example.com/webhooks/${newRecord.type}`,
+    url: ({ typeName }) => `https://api.example.com/webhooks/${typeName}`,
     headers: {
       "Content-Type": "application/json",
       "X-API-Key": { vault: "api-keys", key: "external-api" },
@@ -133,13 +137,11 @@ createExecutor({
 Execute GraphQL queries and mutations:
 
 ```typescript
-import { gql } from "@tailor-platform/sdk";
-
 createExecutor({
   operation: {
     kind: "graphql",
     appName: "my-app",
-    query: gql`
+    query: `
       mutation UpdateUserStatus($id: ID!, $status: String!) {
         updateUser(id: $id, input: { status: $status }) {
           id
@@ -169,7 +171,7 @@ Record triggers receive context based on the operation type:
 ```typescript
 interface RecordCreatedContext<T> {
   workspaceId: string; // Workspace identifier
-  namespaceName: string; // Application/namespace name
+  appNamespace: string; // Application/namespace name
   typeName: string; // TailorDB type name
   newRecord: T; // The newly created record
 }
@@ -180,7 +182,7 @@ interface RecordCreatedContext<T> {
 ```typescript
 interface RecordUpdatedContext<T> {
   workspaceId: string;
-  namespaceName: string;
+  appNamespace: string;
   typeName: string;
   oldRecord: T; // Previous record state
   newRecord: T; // Current record state
@@ -192,7 +194,7 @@ interface RecordUpdatedContext<T> {
 ```typescript
 interface RecordDeletedContext<T> {
   workspaceId: string;
-  namespaceName: string;
+  appNamespace: string;
   typeName: string;
   oldRecord: T; // The deleted record
 }
@@ -240,7 +242,7 @@ Webhook triggers receive HTTP request data:
 interface WebhookContext<T = unknown> {
   body: T; // Parsed request body
   headers: Record<string, string>; // Request headers
-  method: string; // HTTP method (POST, etc.)
+  method: "POST" | "GET" | "PUT" | "DELETE"; // HTTP method
   rawBody: string; // Raw request body as string
 }
 ```
@@ -257,7 +259,10 @@ interface StripeWebhook {
 
 export default createExecutor({
   name: "stripe-webhook",
-  trigger: incomingWebhookTrigger<StripeWebhook>(),
+  trigger: incomingWebhookTrigger<{
+    body: StripeWebhook;
+    headers: { "stripe-signature": string };
+  }>(),
   operation: {
     kind: "function",
     body: async ({ body, headers }) => {
@@ -275,9 +280,11 @@ Resolver triggers receive the resolver's result or error:
 
 ```typescript
 interface ResolverExecutedContext<TResult> {
+  workspaceId: string; // Workspace identifier
+  appNamespace: string; // Application/namespace name
   resolverName: string; // Name of the executed resolver
   result?: TResult; // Return value (on success)
-  error?: Error; // Error object (on failure)
+  error?: string; // Error message (on failure)
 }
 ```
 

package/docs/services/staticwebsite.md

@@ -40,13 +40,13 @@ defineStaticWebSite("my-website", {
 });
 ```
 
-### allowedIPAddresses
+### allowedIpAddresses
 
 Restrict access to specific IP addresses in CIDR format:
 
 ```typescript
 defineStaticWebSite("my-website", {
-  allowedIPAddresses: ["192.168.0.0/24", "10.0.0.0/8"],
+  allowedIpAddresses: ["192.168.0.0/24", "10.0.0.0/8"],
 });
 ```
 

package/docs/services/workflow.md

@@ -10,7 +10,7 @@ Workflows provide:
 - Durable execution with automatic state management
 - Resume capabilities from failure points
 - Access to TailorDB via Kysely query builder
-- Job triggering for parallel or sequential execution
+- Job triggering to compose multi-step logic
 
 For the official Tailor Platform documentation, see [Workflow Guide](https://docs.tailor.tech/guides/workflow).
 
@@ -18,13 +18,12 @@ For the official Tailor Platform documentation, see [Workflow Guide](https://doc
 
 All workflow components must follow these rules:
 
-| Rule                                           | Description                                         |
-| ---------------------------------------------- | --------------------------------------------------- |
-| `createWorkflow` result must be default export | Workflow files must export the workflow as default  |
-| All jobs must be named exports                 | Every job used in a workflow must be a named export |
-| Job names must be unique                       | Job names must be unique across the entire project  |
-| `mainJob` is required                          | Every workflow must specify a `mainJob`             |
-| Jobs in `deps` must be job objects             | Pass job objects, not strings                       |
+| Rule                                           | Description                                                                                              |
+| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------- |
+| `createWorkflow` result must be default export | Workflow files must export the workflow as default                                                       |
+| All jobs must be named exports                 | Includes `mainJob` and any job triggered via `.trigger()` (even if referenced only within the same file) |
+| Job `name` values must be unique               | Job names must be unique across the entire project                                                       |
+| `mainJob` is required                          | Every workflow must specify a `mainJob`                                                                  |
 
 ## Creating a Workflow Job
 
@@ -49,56 +48,27 @@ export const fetchCustomer = createWorkflowJob({
 });
 ```
 
-## Job Dependencies
+## Triggering Jobs
+
+Use `.trigger()` to start other jobs from within a job.
 
-Jobs can depend on other jobs using the `deps` array. Dependent jobs are accessible via the second argument of `body` function with hyphens replaced by underscores:
+Jobs are triggered by calling `.trigger()` on the other job object (no `deps` and no `jobs` object in the context).
 
 ```typescript
 import { createWorkflowJob } from "@tailor-platform/sdk";
 import { fetchCustomer } from "./jobs/fetch-customer";
 import { sendNotification } from "./jobs/send-notification";
 
-// All jobs must be named exports - including jobs with dependencies
-export const processOrder = createWorkflowJob({
-  name: "process-order",
-  deps: [fetchCustomer, sendNotification],
-  body: async (input: { orderId: string; customerId: string }, { jobs }) => {
-    // Access dependent jobs with hyphens replaced by underscores
-    // "fetch-customer" -> jobs.fetch_customer()
-    // "send-notification" -> jobs.send_notification()
-    const customer = await jobs.fetch_customer({
-      customerId: input.customerId,
-    });
-
-    const notification = await jobs.send_notification({
-      message: `Order ${input.orderId} is being processed`,
-      recipient: customer.email,
-    });
-
-    return {
-      orderId: input.orderId,
-      customerEmail: customer.email,
-      notificationSent: notification.sent,
-    };
-  },
-});
-```
-
-## Triggering Jobs
-
-Use `.trigger()` to start other jobs from within a job:
-
-```typescript
 export const mainJob = createWorkflowJob({
   name: "main-job",
-  deps: [fetchCustomer, sendNotification],
-  body: (input: { customerId: string }, { jobs }) => {
-    // .trigger() is synchronous on server - do NOT use await
-    // "fetch-customer" -> jobs.fetch_customer
-    const customer = jobs.fetch_customer.trigger({
+  body: async (input: { customerId: string }) => {
+    // You can write `await` for type-safety in your source.
+    // During deployment bundling, job.trigger() calls are transformed to a synchronous
+    // runtime call and `await` is removed.
+    const customer = await fetchCustomer.trigger({
       customerId: input.customerId,
     });
-    const notification = jobs.send_notification.trigger({
+    const notification = await sendNotification.trigger({
       message: "Order processed",
       recipient: customer.email,
     });
@@ -107,7 +77,7 @@ export const mainJob = createWorkflowJob({
 });
 ```
 
-**Important:** `.trigger()` is synchronous on the server. Do NOT use `await` with it.
+**Important:** On the Tailor runtime, job triggers are executed synchronously. This means `Promise.all([jobA.trigger(), jobB.trigger()])` will not run jobs in parallel.
 
 ## Workflow Definition
 
@@ -121,9 +91,17 @@ import { sendNotification } from "./jobs/send-notification";
 // Jobs must be named exports
 export const processOrder = createWorkflowJob({
   name: "process-order",
-  deps: [fetchCustomer, sendNotification],
-  body: async (input, { jobs }) => {
-    // ... job logic
+  body: async (input: { customerId: string }, { env }) => {
+    // `env` contains values from `tailor.config.ts` -> `env`.
+    // Trigger other jobs by calling .trigger() on the job object.
+    const customer = await fetchCustomer.trigger({
+      customerId: input.customerId,
+    });
+    await sendNotification.trigger({
+      message: "Order processed",
+      recipient: customer.email,
+    });
+    return { customerId: input.customerId };
   },
 });
 
@@ -134,6 +112,41 @@ export default createWorkflow({
 });
 ```
 
+## Triggering a Workflow from a Resolver
+
+You can start a workflow execution from a resolver using `workflow.trigger()`.
+
+- `workflow.trigger(args, options?)` returns a workflow run ID (`Promise<string>`).
+- To run with machine-user permissions, pass `{ authInvoker: auth.invoker("<machine-user>") }`.
+
+```typescript
+import { createResolver, t } from "@tailor-platform/sdk";
+import { auth } from "../tailor.config";
+import orderProcessingWorkflow from "../workflows/order-processing";
+
+export default createResolver({
+  name: "triggerOrderProcessing",
+  operation: "mutation",
+  input: {
+    orderId: t.string(),
+    customerId: t.string(),
+  },
+  body: async ({ input }) => {
+    const workflowRunId = await orderProcessingWorkflow.trigger(
+      { orderId: input.orderId, customerId: input.customerId },
+      { authInvoker: auth.invoker("manager-machine-user") },
+    );
+
+    return { workflowRunId };
+  },
+  output: t.object({
+    workflowRunId: t.string(),
+  }),
+});
+```
+
+See the full working example in the repository: [example/resolvers/triggerWorkflow.ts](../../../../example/resolvers/triggerWorkflow.ts).
+
 ## File Organization
 
 Recommended file structure for workflows:

package/docs/testing.md

@@ -189,6 +189,12 @@ E2E tests verify your application works correctly when deployed to Tailor Platfo
 
 ### Setting Up E2E Tests
 
+The examples below use `graphql-request` as a lightweight GraphQL client.
+
+```bash
+pnpm add -D graphql-request
+```
+
 **1. Global Setup**
 
 Create a global setup file that retrieves deployment information before running tests:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tailor-platform/sdk",
-  "version": "0.23.3",
+  "version": "0.24.0",
   "description": "Tailor Platform SDK - The SDK to work with Tailor Platform",
   "license": "MIT",
   "main": "./dist/configure/index.mjs",
@@ -83,18 +83,21 @@
     "eslint-plugin-jsdoc": "61.5.0",
     "globals": "16.5.0",
     "sonda": "0.10.1",
-    "tsdown": "0.18.1",
+    "tsdown": "0.18.2",
     "typescript": "5.9.3",
     "typescript-eslint": "8.50.0",
     "vitest": "4.0.16"
   },
   "scripts": {
     "test": "vitest",
+    "test:unit": "vitest --project=unit",
+    "test:e2e": "vitest --project=e2e",
     "test:coverage": "vitest --coverage",
     "build": "tsdown && cross-env FORCE_CREATE=1 node postinstall.mjs",
     "lint": "eslint --cache .",
     "lint:fix": "eslint --cache . --fix",
     "typecheck": "tsc --noEmit",
+    "perf:typecheck": "bash scripts/perf/exec.sh",
     "prepublish": "pnpm run build",
     "postinstall": "node postinstall.mjs",
     "measure:bundle": "node ../../scripts/measure-bundle-size-sonda.js"