npm - @tailor-platform/sdk - Versions diffs - 1.22.0 → 1.24.0 - Mend

@tailor-platform/sdk 1.22.0 → 1.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (69) hide show

package/CHANGELOG.md +74 -0
package/dist/app-config-BNKHurwr.d.mts +174 -0
package/dist/{application-CTQe2HSB.mjs → application-DThE2HW7.mjs} +200 -215
package/dist/application-DThE2HW7.mjs.map +1 -0
package/dist/application-P1by1htu.mjs +8 -0
package/dist/{brand-DyPrAzpM.mjs → brand-64NrPh_e.mjs} +1 -1
package/dist/{brand-DyPrAzpM.mjs.map → brand-64NrPh_e.mjs.map} +1 -1
package/dist/cli/index.d.mts +0 -1
package/dist/cli/index.mjs +7 -7
package/dist/cli/index.mjs.map +1 -1
package/dist/cli/lib.d.mts +8 -9
package/dist/cli/lib.mjs +7 -7
package/dist/cli/lib.mjs.map +1 -1
package/dist/cli/skills.d.mts +0 -1
package/dist/configure/index.d.mts +5 -5
package/dist/configure/index.mjs +3 -3
package/dist/configure/index.mjs.map +1 -1
package/dist/enum-constants-B5Nl-yzx.mjs.map +1 -1
package/dist/env-CHwmMyfF.d.mts +32 -0
package/dist/file-utils-sEOwAdJ4.mjs.map +1 -1
package/dist/{index-Cwi86SUR.d.mts → index-BrIZ1rm2.d.mts} +2 -3
package/dist/{index-BiutQT7m.d.mts → index-Df0aH5zp.d.mts} +55 -5
package/dist/{index-DPN_P0w3.d.mts → index-DhtKJmgi.d.mts} +2 -3
package/dist/{index-ClS0NClx.d.mts → index-DkRJwNw2.d.mts} +2 -3
package/dist/{index-BGPX26_D.d.mts → index-zZUL7_2B.d.mts} +2 -3
package/dist/{interceptor-DiARwPfw.mjs → interceptor-B-0OmiDZ.mjs} +1 -1
package/dist/{interceptor-DiARwPfw.mjs.map → interceptor-B-0OmiDZ.mjs.map} +1 -1
package/dist/{job-CRavYLLk.mjs → job-CnqcfVTI.mjs} +2 -2
package/dist/{job-CRavYLLk.mjs.map → job-CnqcfVTI.mjs.map} +1 -1
package/dist/kysely/index.d.mts +0 -1
package/dist/kysely-type-CSlcwNFH.mjs.map +1 -1
package/dist/{package-json-iVBhE5Ef.mjs → package-json-4G3gLWMd.mjs} +1 -1
package/dist/{package-json-iVBhE5Ef.mjs.map → package-json-4G3gLWMd.mjs.map} +1 -1
package/dist/package-json-BqvUKPBM.mjs +3 -0
package/dist/plugin/builtin/enum-constants/index.d.mts +2 -3
package/dist/plugin/builtin/file-utils/index.d.mts +2 -3
package/dist/plugin/builtin/kysely-type/index.d.mts +2 -3
package/dist/plugin/builtin/seed/index.d.mts +2 -3
package/dist/plugin/builtin/seed/index.mjs +1 -1
package/dist/plugin/index.d.mts +2 -2
package/dist/plugin/index.mjs.map +1 -1
package/dist/{types-bcuNRo1Y.d.mts → plugin-CE-BZZgX.d.mts} +1069 -1763
package/dist/{query-Bz2oDGhw.mjs → query-CV5n7DRd.mjs} +496 -115
package/dist/query-CV5n7DRd.mjs.map +1 -0
package/dist/{schema-Cjm-OvPF.mjs → schema-0ByCZ2Ym.mjs} +2 -2
package/dist/schema-0ByCZ2Ym.mjs.map +1 -0
package/dist/{seed-CXvCW3Xc.mjs → seed-Cl5QXYsL.mjs} +13 -3
package/dist/seed-Cl5QXYsL.mjs.map +1 -0
package/dist/{telemetry-C46fds1l.mjs → telemetry-BPviAbME.mjs} +2 -2
package/dist/{telemetry-C46fds1l.mjs.map → telemetry-BPviAbME.mjs.map} +1 -1
package/dist/telemetry-Dq5FZUH0.mjs +3 -0
package/dist/utils/test/index.d.mts +3 -4
package/dist/utils/test/index.mjs +2 -2
package/docs/cli/tailordb.md +1 -1
package/docs/cli-reference.md +8 -8
package/docs/services/auth.md +2 -2
package/package.json +27 -25
package/postinstall.mjs +4 -14
package/dist/application-CTQe2HSB.mjs.map +0 -1
package/dist/application-DdSu3baZ.mjs +0 -8
package/dist/package-json-BI0ng3_5.mjs +0 -3
package/dist/query-Bz2oDGhw.mjs.map +0 -1
package/dist/schema-Cjm-OvPF.mjs.map +0 -1
package/dist/seed-CXvCW3Xc.mjs.map +0 -1
package/dist/telemetry-BAxP8-PR.mjs +0 -3
package/dist/types-CBTSg-LK.mjs +0 -13
package/dist/types-CBTSg-LK.mjs.map +0 -1
package/dist/types-DVMQNdTs.d.mts +0 -246
package/dist/user-defined.d.ts +0 -13

package/dist/{application-CTQe2HSB.mjs → application-DThE2HW7.mjs} RENAMED Viewed

@@ -1,10 +1,9 @@
-import { t as isPluginGeneratedType } from "./types-CBTSg-LK.mjs";
-import { n as isSdkBranded } from "./brand-DyPrAzpM.mjs";
-import { t as readPackageJson } from "./package-json-iVBhE5Ef.mjs";
+import { n as isSdkBranded } from "./brand-64NrPh_e.mjs";
+import { t as readPackageJson } from "./package-json-4G3gLWMd.mjs";
+import { n as seedPlugin, r as isPluginGeneratedType, t as SeedGeneratorID } from "./seed-Cl5QXYsL.mjs";
 import { n as enumConstantsPlugin, t as EnumConstantsGeneratorID } from "./enum-constants-B5Nl-yzx.mjs";
 import { n as fileUtilsPlugin, t as FileUtilsGeneratorID } from "./file-utils-sEOwAdJ4.mjs";
 import { n as kyselyTypePlugin, t as KyselyGeneratorID } from "./kysely-type-CSlcwNFH.mjs";
-import { n as seedPlugin, t as SeedGeneratorID } from "./seed-CXvCW3Xc.mjs";
 import { createRequire } from "node:module";
 import { z } from "zod";
 import * as fs$1 from "node:fs";
@@ -914,7 +913,7 @@ function initOAuth2Client() {
 * @returns Configured Operator client
 */
 async function initOperatorClient(accessToken) {
-	const { createTracingInterceptor } = await import("./interceptor-DiARwPfw.mjs");
+	const { createTracingInterceptor } = await import("./interceptor-B-0OmiDZ.mjs");
 	return createClient(OperatorService, createConnectTransport({
 		httpVersion: "2",
 		baseUrl: platformBaseUrl,
@@ -1573,11 +1572,11 @@ function resolveRelativePluginImportPath(pluginImportPath, baseDirs) {
 }
 //#endregion
-//#region src/parser/plugin-config/types.ts
+//#region src/types/plugin.ts
 /**
-* Type guard to check if executor uses the new dynamic import format.
-* @param executor - Executor definition to check
-* @returns True if executor uses dynamic import format
+* Checks if a plugin executor uses file-based resolution.
+* @param executor - The plugin executor to check.
+* @returns True if the executor uses file-based resolution.
 */
 function isPluginExecutorWithFile(executor) {
 	return "resolve" in executor && "context" in executor;
@@ -2591,11 +2590,11 @@ function validatePluralFormUniqueness(types, namespace, typeSourceInfo) {
 const functionSchema = z.custom((val) => typeof val === "function");
 //#endregion
-//#region src/parser/service/tailordb/gql-operations.ts
+//#region src/parser/service/tailordb/schema.ts
 /**
 * Normalize GqlOperationsConfig (alias or object) to GqlOperations object.
 * "query" alias expands to read-only mode: { create: false, update: false, delete: false, read: true }
-* @param config - The GqlOperationsConfig to normalize
+* @param config - The config to normalize
 * @returns The normalized GqlOperations object
 */
 function normalizeGqlOperations(config) {
@@ -2612,14 +2611,11 @@ function normalizeGqlOperations(config) {
 * Accepts "query" alias or detailed object, normalizes to GqlOperations object.
 */
 const GqlOperationsSchema = z.union([z.literal("query"), z.object({
-	create: z.boolean().optional(),
-	update: z.boolean().optional(),
-	delete: z.boolean().optional(),
-	read: z.boolean().optional()
-})]).transform((val) => normalizeGqlOperations(val));
-//#endregion
-//#region src/parser/service/tailordb/schema.ts
+	create: z.boolean().optional().describe("Enable create mutation (default: true)"),
+	update: z.boolean().optional().describe("Enable update mutation (default: true)"),
+	delete: z.boolean().optional().describe("Enable delete mutation (default: true)"),
+	read: z.boolean().optional().describe("Enable read queries - get, list, aggregation (default: true)")
+})]).describe("Configuration for GraphQL operations on a TailorDB type.\nAll operations are enabled by default (undefined or true = enabled, false = disabled).").transform((val) => normalizeGqlOperations(val));
 const TailorFieldTypeSchema$1 = z.enum([
 	"uuid",
 	"string",
@@ -2638,38 +2634,38 @@ const AllowedValueSchema$1 = z.object({
 	description: z.string().optional()
 });
 const DBFieldMetadataSchema = z.object({
-	required: z.boolean().optional(),
-	array: z.boolean().optional(),
-	description: z.string().optional(),
-	typeName: z.string().optional(),
-	allowedValues: z.array(AllowedValueSchema$1).optional(),
-	index: z.boolean().optional(),
-	unique: z.boolean().optional(),
-	vector: z.boolean().optional(),
-	foreignKey: z.boolean().optional(),
-	foreignKeyType: z.string().optional(),
-	foreignKeyField: z.string().optional(),
+	required: z.boolean().optional().describe("Whether the field is required"),
+	array: z.boolean().optional().describe("Whether the field is an array"),
+	description: z.string().optional().describe("Field description"),
+	typeName: z.string().optional().describe("Type name for nested or enum fields"),
+	allowedValues: z.array(AllowedValueSchema$1).optional().describe("Allowed values for enum fields"),
+	index: z.boolean().optional().describe("Whether the field is indexed for faster queries"),
+	unique: z.boolean().optional().describe("Whether the field value must be unique"),
+	vector: z.boolean().optional().describe("Whether the field is a vector field for similarity search"),
+	foreignKey: z.boolean().optional().describe("Whether the field is a foreign key"),
+	foreignKeyType: z.string().optional().describe("Target type name for foreign key relations"),
+	foreignKeyField: z.string().optional().describe("Target field name for foreign key relations"),
 	hooks: z.object({
-		create: functionSchema.optional(),
-		update: functionSchema.optional()
-	}).optional(),
-	validate: z.array(z.union([functionSchema, z.tuple([functionSchema, z.string()])])).optional(),
+		create: functionSchema.optional().describe("Hook function called on record creation"),
+		update: functionSchema.optional().describe("Hook function called on record update")
+	}).optional().describe("Lifecycle hooks for the field"),
+	validate: z.array(z.union([functionSchema, z.tuple([functionSchema, z.string()])])).optional().describe("Validation functions for the field"),
 	serial: z.object({
-		start: z.number(),
-		maxValue: z.number().optional(),
-		format: z.string().optional()
-	}).optional(),
-	scale: z.number().int().min(0).max(12).optional()
+		start: z.number().describe("Starting value for the serial sequence"),
+		maxValue: z.number().optional().describe("Maximum value for the serial sequence"),
+		format: z.string().optional().describe("Format string for serial value (string type only)")
+	}).optional().describe("Serial (auto-increment) configuration"),
+	scale: z.number().int().min(0).max(12).optional().describe("Decimal scale (number of digits after decimal point, 0-12)")
 });
 const RelationTypeSchema = z.enum(relationTypesKeys);
 const RawRelationConfigSchema = z.object({
-	type: RelationTypeSchema,
+	type: RelationTypeSchema.describe("Relation cardinality type"),
 	toward: z.object({
-		type: z.string(),
-		as: z.string().optional(),
-		key: z.string().optional()
+		type: z.string().describe("Target type name, or 'self' for self-relations"),
+		as: z.string().optional().describe("Custom forward relation name"),
+		key: z.string().optional().describe("Target field to join on (default: 'id')")
 	}),
-	backward: z.string().optional()
+	backward: z.string().optional().describe("Backward relation name on the target type")
 });
 const TailorDBFieldSchema = z.lazy(() => z.object({
 	type: TailorFieldTypeSchema$1,
@@ -2682,11 +2678,11 @@ const TailorDBFieldSchema = z.lazy(() => z.object({
 * Normalizes gqlOperations from alias ("query") to object format.
 */
 const TailorDBTypeSettingsSchema = z.object({
-	pluralForm: z.string().optional(),
-	aggregation: z.boolean().optional(),
-	bulkUpsert: z.boolean().optional(),
-	gqlOperations: GqlOperationsSchema.optional(),
-	publishEvents: z.boolean().optional()
+	pluralForm: z.string().optional().describe("Custom plural form of the type name for GraphQL"),
+	aggregation: z.boolean().optional().describe("Enable aggregation queries for this type"),
+	bulkUpsert: z.boolean().optional().describe("Enable bulk upsert mutation for this type"),
+	gqlOperations: GqlOperationsSchema.optional().describe("Configure GraphQL operations for this type. Use \"query\" for read-only mode, or an object for granular control."),
+	publishEvents: z.boolean().optional().describe("Enable publishing events for this type.\nWhen enabled, record creation/update/deletion events are published.\nIf not specified, this is automatically set to true when an executor uses this type\nwith recordCreated/recordUpdated/recordDeleted triggers. If explicitly set to false\nwhile an executor uses this type, an error will be thrown during apply.")
 });
 const GQL_PERMISSION_INVALID_OPERAND_MESSAGE = "operand is not supported in gqlPermission. Use permission() for record-level conditions.";
 const GqlPermissionOperandSchema = z.union([
@@ -2788,19 +2784,19 @@ const TailorDBTypeSchema = z.object({
 	})
 });
 const TailorDBMigrationConfigSchema = z.object({
-	directory: z.string(),
-	machineUser: z.string().optional()
+	directory: z.string().describe("Directory containing migration files"),
+	machineUser: z.string().optional().describe("Machine user name for migration execution")
 });
 /**
 * Schema for TailorDB service configuration.
 * Normalizes gqlOperations from alias ("query") to object format.
 */
 const TailorDBServiceConfigSchema = z.object({
-	files: z.array(z.string()),
-	ignores: z.array(z.string()).optional(),
-	erdSite: z.string().optional(),
-	migration: TailorDBMigrationConfigSchema.optional(),
-	gqlOperations: GqlOperationsSchema.optional()
+	files: z.array(z.string()).describe("Glob patterns for TailorDB type definition files"),
+	ignores: z.array(z.string()).optional().describe("Glob patterns to exclude from type discovery"),
+	erdSite: z.string().optional().describe("URL for the ERD (Entity Relationship Diagram) site"),
+	migration: TailorDBMigrationConfigSchema.optional().describe("Migration configuration"),
+	gqlOperations: GqlOperationsSchema.optional().describe("Default GraphQL operations for all types in this service")
 });
 //#endregion
@@ -3351,80 +3347,80 @@ const TailorFieldTypeSchema = z.enum([
 	"time",
 	"nested"
 ]);
-const QueryTypeSchema = z.union([z.literal("query"), z.literal("mutation")]);
+const QueryTypeSchema = z.union([z.literal("query"), z.literal("mutation")]).describe("GraphQL operation type");
 const AllowedValueSchema = z.object({
-	value: z.string(),
-	description: z.string().optional()
+	value: z.string().describe("The allowed value"),
+	description: z.string().optional().describe("Description of the allowed value")
 });
 const FieldMetadataSchema = z.object({
-	required: z.boolean().optional(),
-	array: z.boolean().optional(),
-	description: z.string().optional(),
-	allowedValues: z.array(AllowedValueSchema).optional(),
+	required: z.boolean().optional().describe("Whether the field is required"),
+	array: z.boolean().optional().describe("Whether the field is an array"),
+	description: z.string().optional().describe("Field description"),
+	allowedValues: z.array(AllowedValueSchema).optional().describe("Allowed values for enum fields"),
 	hooks: z.object({
-		create: functionSchema.optional(),
-		update: functionSchema.optional()
-	}).optional(),
-	typeName: z.string().optional()
+		create: functionSchema.optional().describe("Hook function called on creation"),
+		update: functionSchema.optional().describe("Hook function called on update")
+	}).optional().describe("Lifecycle hooks"),
+	typeName: z.string().optional().describe("Type name for nested or enum fields")
 });
 const TailorFieldSchema = z.object({
-	type: TailorFieldTypeSchema,
-	metadata: FieldMetadataSchema,
+	type: TailorFieldTypeSchema.describe("Field data type"),
+	metadata: FieldMetadataSchema.describe("Field metadata configuration"),
 	get fields() {
 		return z.record(z.string(), TailorFieldSchema);
 	}
 });
 const ResolverSchema = z.object({
-	operation: QueryTypeSchema,
-	name: z.string(),
-	description: z.string().optional(),
-	input: z.record(z.string(), TailorFieldSchema).optional(),
-	body: functionSchema,
-	output: TailorFieldSchema,
-	publishEvents: z.boolean().optional()
+	operation: QueryTypeSchema.describe("GraphQL operation type (query or mutation)"),
+	name: z.string().describe("Resolver name"),
+	description: z.string().optional().describe("Resolver description"),
+	input: z.record(z.string(), TailorFieldSchema).optional().describe("Input field definitions"),
+	body: functionSchema.describe("Resolver implementation function"),
+	output: TailorFieldSchema.describe("Output field definition"),
+	publishEvents: z.boolean().optional().describe("Enable publishing events from this resolver")
 });
 //#endregion
 //#region src/parser/service/auth/schema.ts
 const AuthInvokerSchema = z.object({
-	namespace: z.string(),
-	machineUserName: z.string()
+	namespace: z.string().describe("Auth namespace"),
+	machineUserName: z.string().describe("Machine user name for authentication")
 });
 const secretValueSchema = z.object({
-	vaultName: z.string(),
-	secretKey: z.string()
+	vaultName: z.string().describe("Vault name containing the secret"),
+	secretKey: z.string().describe("Key of the secret in the vault")
 });
 const OIDCSchema = z.object({
-	name: z.string(),
+	name: z.string().describe("Identity provider name"),
 	kind: z.literal("OIDC"),
-	clientID: z.string(),
-	clientSecret: secretValueSchema,
-	providerURL: z.string(),
-	issuerURL: z.string().optional(),
-	usernameClaim: z.string().optional()
+	clientID: z.string().describe("OAuth2 client ID"),
+	clientSecret: secretValueSchema.describe("OAuth2 client secret"),
+	providerURL: z.string().describe("OIDC provider URL"),
+	issuerURL: z.string().optional().describe("OIDC issuer URL (defaults to providerURL)"),
+	usernameClaim: z.string().optional().describe("JWT claim to use as username")
 });
 const SAMLSchema = z.object({
-	name: z.string(),
+	name: z.string().describe("Identity provider name"),
 	kind: z.literal("SAML"),
-	enableSignRequest: z.boolean().default(false),
-	metadataURL: z.string().optional(),
-	rawMetadata: z.string().optional()
+	enableSignRequest: z.boolean().default(false).describe("Enable signing of SAML requests"),
+	metadataURL: z.string().optional().describe("URL to fetch SAML metadata (mutually exclusive with rawMetadata)"),
+	rawMetadata: z.string().optional().describe("Raw SAML metadata XML (mutually exclusive with metadataURL)")
 }).refine((value) => {
 	return value.metadataURL !== void 0 !== (value.rawMetadata !== void 0);
 }, "Provide either metadataURL or rawMetadata");
 const IDTokenSchema = z.object({
-	name: z.string(),
+	name: z.string().describe("Identity provider name"),
 	kind: z.literal("IDToken"),
-	providerURL: z.string(),
-	issuerURL: z.string().optional(),
-	clientID: z.string(),
-	usernameClaim: z.string().optional()
+	providerURL: z.string().describe("ID token provider URL"),
+	issuerURL: z.string().optional().describe("ID token issuer URL"),
+	clientID: z.string().describe("Client ID for ID token validation"),
+	usernameClaim: z.string().optional().describe("JWT claim to use as username")
 });
 const BuiltinIdPSchema = z.object({
-	name: z.string(),
+	name: z.string().describe("Identity provider name"),
 	kind: z.literal("BuiltInIdP"),
-	namespace: z.string(),
-	clientName: z.string()
+	namespace: z.string().describe("IdP namespace"),
+	clientName: z.string().describe("OAuth2 client name in the IdP")
 });
 const IdProviderSchema = z.discriminatedUnion("kind", [
 	OIDCSchema,
@@ -3432,10 +3428,10 @@ const IdProviderSchema = z.discriminatedUnion("kind", [
 	IDTokenSchema,
 	BuiltinIdPSchema
 ]);
-const OAuth2ClientGrantTypeSchema = z.union([z.literal("authorization_code"), z.literal("refresh_token")]);
+const OAuth2ClientGrantTypeSchema = z.union([z.literal("authorization_code"), z.literal("refresh_token")]).describe("OAuth2 grant type");
 const OAuth2ClientSchema = z.object({
-	description: z.string().optional(),
-	grantTypes: z.array(OAuth2ClientGrantTypeSchema).default(["authorization_code", "refresh_token"]),
+	description: z.string().optional().describe("Client description"),
+	grantTypes: z.array(OAuth2ClientGrantTypeSchema).default(["authorization_code", "refresh_token"]).describe("Allowed OAuth2 grant types"),
 	redirectURIs: z.array(z.union([
 		z.templateLiteral(["https://", z.string()]),
 		z.templateLiteral(["http://", z.string()]),
@@ -3445,28 +3441,28 @@ const OAuth2ClientSchema = z.object({
 			":url/",
 			z.string()
 		])
-	])),
+	])).describe("Allowed redirect URIs"),
 	clientType: z.union([
 		z.literal("confidential"),
 		z.literal("public"),
 		z.literal("browser")
-	]).optional(),
-	accessTokenLifetimeSeconds: z.number().int().min(60, "Minimum access token lifetime is 60 seconds").max(86400, "Maximum access token lifetime is 1 day (86400 seconds)").optional().transform((val) => val ? {
+	]).optional().describe("OAuth2 client type"),
+	accessTokenLifetimeSeconds: z.number().int().min(60, "Minimum access token lifetime is 60 seconds").max(86400, "Maximum access token lifetime is 1 day (86400 seconds)").optional().describe("Access token lifetime in seconds (60-86400)").transform((val) => val ? {
 		seconds: BigInt(val),
 		nanos: 0
 	} : void 0),
-	refreshTokenLifetimeSeconds: z.number().int().min(60, "Minimum refresh token lifetime is 60 seconds").max(604800, "Maximum refresh token lifetime is 7 days (604800 seconds)").optional().transform((val) => val ? {
+	refreshTokenLifetimeSeconds: z.number().int().min(60, "Minimum refresh token lifetime is 60 seconds").max(604800, "Maximum refresh token lifetime is 7 days (604800 seconds)").optional().describe("Refresh token lifetime in seconds (60-604800)").transform((val) => val ? {
 		seconds: BigInt(val),
 		nanos: 0
 	} : void 0),
-	requireDpop: z.boolean().optional()
+	requireDpop: z.boolean().optional().describe("Require DPoP (Demonstrating Proof-of-Possession) for token requests")
 }).refine((data) => !(data.clientType === "browser" && data.requireDpop === true), {
 	message: "requireDpop cannot be set to true for browser clients as they don't support DPoP",
 	path: ["requireDpop"]
 });
 const SCIMAuthorizationSchema = z.object({
-	type: z.union([z.literal("oauth2"), z.literal("bearer")]),
-	bearerSecret: secretValueSchema.optional()
+	type: z.union([z.literal("oauth2"), z.literal("bearer")]).describe("SCIM authorization type"),
+	bearerSecret: secretValueSchema.optional().describe("Bearer token secret (required for bearer type)")
 });
 const SCIMAttributeTypeSchema = z.union([
 	z.literal("string"),
@@ -3474,52 +3470,52 @@ const SCIMAttributeTypeSchema = z.union([
 	z.literal("boolean"),
 	z.literal("datetime"),
 	z.literal("complex")
-]);
+]).describe("SCIM attribute data type");
 const SCIMAttributeSchema = z.object({
-	type: SCIMAttributeTypeSchema,
-	name: z.string(),
-	description: z.string().optional(),
+	type: SCIMAttributeTypeSchema.describe("Attribute data type"),
+	name: z.string().describe("Attribute name"),
+	description: z.string().optional().describe("Attribute description"),
 	mutability: z.union([
 		z.literal("readOnly"),
 		z.literal("readWrite"),
 		z.literal("writeOnly")
-	]).optional(),
-	required: z.boolean().optional(),
-	multiValued: z.boolean().optional(),
+	]).optional().describe("Attribute mutability"),
+	required: z.boolean().optional().describe("Whether the attribute is required"),
+	multiValued: z.boolean().optional().describe("Whether the attribute can have multiple values"),
 	uniqueness: z.union([
 		z.literal("none"),
 		z.literal("server"),
 		z.literal("global")
-	]).optional(),
-	canonicalValues: z.array(z.string()).nullable().optional(),
+	]).optional().describe("Uniqueness constraint"),
+	canonicalValues: z.array(z.string()).nullable().optional().describe("List of canonical values"),
 	get subAttributes() {
 		return z.array(SCIMAttributeSchema).nullable().optional();
 	}
 });
 const SCIMSchemaSchema = z.object({
-	name: z.string(),
-	attributes: z.array(SCIMAttributeSchema)
+	name: z.string().describe("SCIM schema name"),
+	attributes: z.array(SCIMAttributeSchema).describe("Schema attributes")
 });
 const SCIMAttributeMappingSchema = z.object({
-	tailorDBField: z.string(),
-	scimPath: z.string()
+	tailorDBField: z.string().describe("TailorDB field name to map to"),
+	scimPath: z.string().describe("SCIM attribute path")
 });
 const SCIMResourceSchema = z.object({
-	name: z.string(),
-	tailorDBNamespace: z.string(),
-	tailorDBType: z.string(),
-	coreSchema: SCIMSchemaSchema,
-	attributeMapping: z.array(SCIMAttributeMappingSchema)
+	name: z.string().describe("SCIM resource name"),
+	tailorDBNamespace: z.string().describe("TailorDB namespace for the resource"),
+	tailorDBType: z.string().describe("TailorDB type name for the resource"),
+	coreSchema: SCIMSchemaSchema.describe("Core SCIM schema definition"),
+	attributeMapping: z.array(SCIMAttributeMappingSchema).describe("Attribute mapping configuration")
 });
 const SCIMSchema = z.object({
-	machineUserName: z.string(),
-	authorization: SCIMAuthorizationSchema,
-	resources: z.array(SCIMResourceSchema)
+	machineUserName: z.string().describe("Machine user name for SCIM operations"),
+	authorization: SCIMAuthorizationSchema.describe("SCIM authorization configuration"),
+	resources: z.array(SCIMResourceSchema).describe("SCIM resource definitions")
 });
 const TenantProviderSchema = z.object({
-	namespace: z.string(),
-	type: z.string(),
-	signatureField: z.string()
+	namespace: z.string().describe("TailorDB namespace for the tenant type"),
+	type: z.string().describe("TailorDB type name for tenants"),
+	signatureField: z.string().describe("Field used as the tenant signature")
 });
 const UserProfileSchema = z.object({
 	type: z.object({
@@ -3550,13 +3546,13 @@ const MachineUserSchema = z.object({
 	attributeList: z.array(z.uuid()).optional()
 });
 const AuthConfigBaseSchema = z.object({
-	name: z.string(),
-	machineUsers: z.record(z.string(), MachineUserSchema).optional(),
-	oauth2Clients: z.record(z.string(), OAuth2ClientSchema).optional(),
-	idProvider: IdProviderSchema.optional(),
-	scim: SCIMSchema.optional(),
-	tenantProvider: TenantProviderSchema.optional(),
-	publishSessionEvents: z.boolean().optional()
+	name: z.string().describe("Auth service name"),
+	machineUsers: z.record(z.string(), MachineUserSchema).optional().describe("Machine user definitions"),
+	oauth2Clients: z.record(z.string(), OAuth2ClientSchema).optional().describe("OAuth2 client definitions"),
+	idProvider: IdProviderSchema.optional().describe("Identity provider configuration"),
+	scim: SCIMSchema.optional().describe("SCIM provisioning configuration"),
+	tenantProvider: TenantProviderSchema.optional().describe("Multi-tenant provider configuration"),
+	publishSessionEvents: z.boolean().optional().describe("Enable publishing session events")
 });
 const AuthConfigSchema = z.union([AuthConfigBaseSchema.extend({
 	userProfile: z.undefined().optional(),
@@ -4287,31 +4283,31 @@ const RecordTriggerSchema = z.object({
 		"recordCreated",
 		"recordUpdated",
 		"recordDeleted"
-	]),
-	typeName: z.string(),
-	condition: functionSchema.optional()
+	]).describe("Record event type"),
+	typeName: z.string().describe("TailorDB type name to watch for events"),
+	condition: functionSchema.optional().describe("Condition function to filter events")
 });
 const ResolverExecutedTriggerSchema = z.object({
 	kind: z.literal("resolverExecuted"),
-	resolverName: z.string(),
-	condition: functionSchema.optional()
+	resolverName: z.string().describe("Name of the resolver to trigger on"),
+	condition: functionSchema.optional().describe("Condition function to filter events")
 });
 const ScheduleTriggerSchema = z.object({
 	kind: z.literal("schedule"),
-	cron: z.string(),
-	timezone: z.string().optional().default("UTC")
+	cron: z.string().describe("CRON expression for the schedule"),
+	timezone: z.string().optional().default("UTC").describe("Timezone for the CRON schedule (default: UTC)")
 });
 const IncomingWebhookTriggerSchema = z.object({ kind: z.literal("incomingWebhook") });
 const IdpUserTriggerSchema = z.object({ kind: z.enum([
 	"idpUserCreated",
 	"idpUserUpdated",
 	"idpUserDeleted"
-]) });
+]).describe("IdP user event type") });
 const AuthAccessTokenTriggerSchema = z.object({ kind: z.enum([
 	"authAccessTokenIssued",
 	"authAccessTokenRefreshed",
 	"authAccessTokenRevoked"
-]) });
+]).describe("Auth access token event type") });
 const TriggerSchema = z.discriminatedUnion("kind", [
 	RecordTriggerSchema,
 	ResolverExecutedTriggerSchema,
@@ -4322,24 +4318,24 @@ const TriggerSchema = z.discriminatedUnion("kind", [
 ]);
 const FunctionOperationSchema = z.object({
 	kind: z.enum(["function", "jobFunction"]),
-	body: functionSchema,
-	authInvoker: AuthInvokerSchema.optional()
+	body: functionSchema.describe("Function implementation"),
+	authInvoker: AuthInvokerSchema.optional().describe("Auth invoker for the function execution")
 });
 const GqlOperationSchema = z.object({
 	kind: z.literal("graphql"),
-	appName: z.string().optional(),
-	query: z.preprocess((val) => String(val), z.string()),
-	variables: functionSchema.optional(),
-	authInvoker: AuthInvokerSchema.optional()
+	appName: z.string().optional().describe("Target application name for the GraphQL query"),
+	query: z.preprocess((val) => String(val), z.string().describe("GraphQL query string")),
+	variables: functionSchema.optional().describe("Function to compute GraphQL variables"),
+	authInvoker: AuthInvokerSchema.optional().describe("Auth invoker for the GraphQL execution")
 });
 const WebhookOperationSchema = z.object({
 	kind: z.literal("webhook"),
-	url: functionSchema,
-	requestBody: functionSchema.optional(),
+	url: functionSchema.describe("Function returning the webhook URL"),
+	requestBody: functionSchema.optional().describe("Function to compute the request body"),
 	headers: z.record(z.string(), z.union([z.string(), z.object({
 		vault: z.string(),
 		key: z.string()
-	})])).optional()
+	})])).optional().describe("HTTP headers for the webhook request")
 });
 const WorkflowOperationSchema = z.preprocess((val) => {
 	if (val == null || typeof val !== "object" || !("workflow" in val) || typeof val.workflow !== "object" || val.workflow === null) return val;
@@ -4350,9 +4346,9 @@ const WorkflowOperationSchema = z.preprocess((val) => {
 	};
 }, z.object({
 	kind: z.literal("workflow"),
-	workflowName: z.string(),
-	args: z.union([z.record(z.string(), z.unknown()), functionSchema]).optional(),
-	authInvoker: AuthInvokerSchema.optional()
+	workflowName: z.string().describe("Name of the workflow to execute"),
+	args: z.union([z.record(z.string(), z.unknown()), functionSchema]).optional().describe("Arguments to pass to the workflow"),
+	authInvoker: AuthInvokerSchema.optional().describe("Auth invoker for the workflow execution")
 }));
 const OperationSchema = z.union([
 	FunctionOperationSchema,
@@ -4361,11 +4357,11 @@ const OperationSchema = z.union([
 	WorkflowOperationSchema
 ]);
 const ExecutorSchema = z.object({
-	name: z.string(),
-	description: z.string().optional(),
-	disabled: z.boolean().optional().default(false),
-	trigger: TriggerSchema,
-	operation: OperationSchema
+	name: z.string().describe("Executor name"),
+	description: z.string().optional().describe("Executor description"),
+	disabled: z.boolean().optional().default(false).describe("Whether the executor is disabled"),
+	trigger: TriggerSchema.describe("Event trigger configuration"),
+	operation: OperationSchema.describe("Operation to execute when triggered")
 });
 //#endregion
@@ -5065,13 +5061,13 @@ async function bundleSingleJob(job, allJobs, outputDir, tsconfig, env, triggerCo
 //#endregion
 //#region src/parser/service/workflow/schema.ts
 const WorkflowJobSchema = z.object({
-	name: z.string(),
-	trigger: functionSchema,
-	body: functionSchema
+	name: z.string().describe("Job name (must be unique across the project)"),
+	trigger: functionSchema.describe("Trigger function that initiates the job"),
+	body: functionSchema.describe("Job implementation function")
 });
 const WorkflowSchema = z.object({
-	name: z.string(),
-	mainJob: WorkflowJobSchema
+	name: z.string().describe("Workflow name"),
+	mainJob: WorkflowJobSchema.describe("Main job that starts the workflow")
 });
 //#endregion
@@ -5243,7 +5239,7 @@ const BaseGeneratorConfigSchema = z.union([
 //#endregion
 //#region src/parser/plugin-config/schema.ts
-const CustomPluginSchema = z.object({
+const PluginConfigSchema = z.object({
 	id: z.string(),
 	description: z.string(),
 	importPath: z.string().optional(),
@@ -5256,14 +5252,7 @@ const CustomPluginSchema = z.object({
 	onExecutorReady: functionSchema.optional()
 }).passthrough().refine((p) => {
 	return !(p.onTypeLoaded || p.onNamespaceLoaded) || !!p.importPath;
-}, { message: "importPath is required when plugin has definition-time hooks (onTypeLoaded/onNamespaceLoaded)" });
-/**
-* Creates a PluginConfigSchema for custom plugins
-* @returns Plugin config schema that validates and transforms Plugin instances
-*/
-function createPluginConfigSchema() {
-	return CustomPluginSchema.transform((plugin) => plugin);
-}
+}, { message: "importPath is required when plugin has definition-time hooks (onTypeLoaded/onNamespaceLoaded)" }).transform((plugin) => plugin);
 //#endregion
 //#region src/plugin/builtin/registry.ts
@@ -5288,7 +5277,6 @@ globalThis.tailordb = { Client: class {
 //#endregion
 //#region src/cli/shared/config-loader.ts
 const GeneratorConfigSchema = CodeGeneratorSchema.brand("CodeGenerator");
-const PluginConfigSchema = createPluginConfigSchema();
 /**
 * Load Tailor configuration file and associated generators and plugins.
 * @param configPath - Optional explicit config path
@@ -5370,11 +5358,11 @@ function resolveInlineSourcemap(configValue) {
 }
 //#endregion
-//#region src/parser/service/idp/gql-operations.ts
+//#region src/parser/service/idp/schema.ts
 /**
 * Normalize IdPGqlOperationsConfig (alias or object) to IdPGqlOperations object.
 * "query" alias expands to read-only mode: { create: false, update: false, delete: false, read: true, sendPasswordResetEmail: false }
-* @param config - The IdPGqlOperationsConfig to normalize
+* @param config - The config to normalize
 * @returns The normalized IdPGqlOperations object
 */
 function normalizeIdPGqlOperations(config) {
@@ -5392,29 +5380,26 @@ function normalizeIdPGqlOperations(config) {
 * Accepts "query" alias or detailed object, normalizes to IdPGqlOperations object.
 */
 const IdPGqlOperationsSchema = z.union([z.literal("query"), z.object({
-	create: z.boolean().optional(),
-	update: z.boolean().optional(),
-	delete: z.boolean().optional(),
-	read: z.boolean().optional(),
-	sendPasswordResetEmail: z.boolean().optional()
-})]).transform((val) => normalizeIdPGqlOperations(val));
-//#endregion
-//#region src/parser/service/idp/schema.ts
-const IdPLangSchema = z.enum(["en", "ja"]);
+	create: z.boolean().optional().describe("Enable _createUser mutation (default: true)"),
+	update: z.boolean().optional().describe("Enable _updateUser mutation (default: true)"),
+	delete: z.boolean().optional().describe("Enable _deleteUser mutation (default: true)"),
+	read: z.boolean().optional().describe("Enable _users and _user queries (default: true)"),
+	sendPasswordResetEmail: z.boolean().optional().describe("Enable _sendPasswordResetEmail mutation (default: true)")
+})]).describe("Configuration for GraphQL operations on IdP users.\nAll operations are enabled by default (undefined or true = enabled, false = disabled).").transform((val) => normalizeIdPGqlOperations(val));
+const IdPLangSchema = z.enum(["en", "ja"]).describe("IdP UI language");
 const IdPUserAuthPolicySchema = z.object({
-	useNonEmailIdentifier: z.boolean().optional(),
-	allowSelfPasswordReset: z.boolean().optional(),
-	passwordRequireUppercase: z.boolean().optional(),
-	passwordRequireLowercase: z.boolean().optional(),
-	passwordRequireNonAlphanumeric: z.boolean().optional(),
-	passwordRequireNumeric: z.boolean().optional(),
-	passwordMinLength: z.number().int().refine((val) => val >= 6 && val <= 30, { message: "passwordMinLength must be between 6 and 30" }).optional(),
-	passwordMaxLength: z.number().int().refine((val) => val >= 6 && val <= 4096, { message: "passwordMaxLength must be between 6 and 4096" }).optional(),
-	allowedEmailDomains: z.array(z.string()).optional(),
-	allowGoogleOauth: z.boolean().optional(),
-	allowMicrosoftOauth: z.boolean().optional(),
-	disablePasswordAuth: z.boolean().optional()
+	useNonEmailIdentifier: z.boolean().optional().describe("Use non-email identifier for usernames"),
+	allowSelfPasswordReset: z.boolean().optional().describe("Allow users to reset their own passwords"),
+	passwordRequireUppercase: z.boolean().optional().describe("Require uppercase letters in passwords"),
+	passwordRequireLowercase: z.boolean().optional().describe("Require lowercase letters in passwords"),
+	passwordRequireNonAlphanumeric: z.boolean().optional().describe("Require non-alphanumeric characters in passwords"),
+	passwordRequireNumeric: z.boolean().optional().describe("Require numeric characters in passwords"),
+	passwordMinLength: z.number().int().refine((val) => val >= 6 && val <= 30, { message: "passwordMinLength must be between 6 and 30" }).optional().describe("Minimum password length (6-30)"),
+	passwordMaxLength: z.number().int().refine((val) => val >= 6 && val <= 4096, { message: "passwordMaxLength must be between 6 and 4096" }).optional().describe("Maximum password length (6-4096)"),
+	allowedEmailDomains: z.array(z.string()).optional().describe("Restrict registration to these email domains"),
+	allowGoogleOauth: z.boolean().optional().describe("Enable Google OAuth login"),
+	allowMicrosoftOauth: z.boolean().optional().describe("Enable Microsoft OAuth login"),
+	disablePasswordAuth: z.boolean().optional().describe("Disable password-based authentication")
 }).refine((data) => data.passwordMinLength === void 0 || data.passwordMaxLength === void 0 || data.passwordMinLength <= data.passwordMaxLength, {
 	message: "passwordMinLength must be less than or equal to passwordMaxLength",
 	path: ["passwordMinLength"]
@@ -5444,25 +5429,25 @@ const IdPUserAuthPolicySchema = z.object({
 	path: ["disablePasswordAuth"]
 });
 const IdPSchema = z.object({
-	name: z.string(),
+	name: z.string().describe("IdP service name"),
 	authorization: z.union([
 		z.literal("insecure"),
 		z.literal("loggedIn"),
 		z.object({ cel: z.string() })
-	]),
-	clients: z.array(z.string()),
-	lang: IdPLangSchema.optional(),
-	userAuthPolicy: IdPUserAuthPolicySchema.transform((input) => IdPUserAuthPolicySchema.parse(input ?? {})).optional(),
-	publishUserEvents: z.boolean().optional(),
-	gqlOperations: IdPGqlOperationsSchema.optional()
+	]).describe("Authorization mode for IdP API access"),
+	clients: z.array(z.string()).describe("OAuth2 client names that can use this IdP"),
+	lang: IdPLangSchema.optional().describe("UI language for IdP pages"),
+	userAuthPolicy: IdPUserAuthPolicySchema.transform((input) => IdPUserAuthPolicySchema.parse(input ?? {})).optional().describe("User authentication policy configuration"),
+	publishUserEvents: z.boolean().optional().describe("Enable publishing user lifecycle events"),
+	gqlOperations: IdPGqlOperationsSchema.optional().describe("Configure which GraphQL operations are enabled")
 }).brand("IdPConfig");
 //#endregion
 //#region src/parser/service/staticwebsite/schema.ts
 const StaticWebsiteSchema = z.object({
-	name: z.string(),
-	description: z.string().optional(),
-	allowedIpAddresses: z.array(z.string()).optional()
+	name: z.string().describe("Static website name"),
+	description: z.string().optional().describe("Static website description"),
+	allowedIpAddresses: z.array(z.string()).optional().describe("IP addresses allowed to access the website")
 }).brand("StaticWebsiteConfig");
 //#endregion
@@ -5720,4 +5705,4 @@ async function loadApplication(params) {
 //#endregion
 export { AuthSCIMAttribute_Mutability as $, platformBaseUrl as A, TailorDBType_Permission_Permit as B, readPlatformConfig as C, fetchUserInfo as D, fetchMachineUserToken as E, WorkflowJobExecution_Status as F, FunctionExecution_Type as G, PipelineResolver_OperationType as H, TailorDBGQLPermission_Action as I, ExecutorTriggerType as J, ExecutorJobStatus as K, TailorDBGQLPermission_Operator as L, userAgent as M, WorkspacePlatformUserRole as N, initOAuth2Client as O, WorkflowExecution_Status as P, AuthOAuth2Client_GrantType as Q, TailorDBGQLPermission_Permit as R, loadWorkspaceId as S, fetchAll as T, IdPLang as U, TailorDBType_PermitAction as V, FunctionExecution_Status as W, AuthInvokerSchema$1 as X, AuthIDPConfig_AuthType as Y, AuthOAuth2Client_ClientType as Z, hashFile as _, loadConfig as a, UserProfileProviderConfig_UserProfileProviderType as at, loadFolderId as b, ExecutorSchema as c, Condition_Operator as ct, TailorDBTypeSchema as d, ApplicationSchemaUpdateAttemptStatus as dt, AuthSCIMAttribute_Type as et, stringifyFunction as f, Subgraph_ServiceType as ft, getDistDir as g, createBundleCache as h, symbols as ht, resolveInlineSourcemap as i, TenantProviderConfig_TenantProviderType as it, resolveStaticWebsiteUrls as j, initOperatorClient as k, OAuth2ClientSchema as l, FilterSchema as lt, loadFilesWithIgnores as m, styles as mt, generatePluginFilesIfNeeded as n, AuthSCIMConfig_AuthorizationType as nt, WorkflowJobSchema as o, GetApplicationSchemaHealthResponse_ApplicationSchemaHealthStatus as ot, tailorUserMap as p, logger as pt, ExecutorTargetType as q, loadApplication as r, PATScope as rt, createExecutorService as s, ConditionSchema as st, defineApplication as t, AuthSCIMAttribute_Uniqueness as tt, ResolverSchema as u, PageDirection as ut, fetchLatestToken as v, writePlatformConfig as w, loadOrganizationId as x, loadAccessToken as y, TailorDBType_Permission_Operator as z };
-//# sourceMappingURL=application-CTQe2HSB.mjs.map
+//# sourceMappingURL=application-DThE2HW7.mjs.map