@tailor-platform/sdk 1.39.0 → 1.40.0

package/dist/{plugin-_K3ZfP8B.d.mts → tailor-db-field-CoFKRCYW.d.mts}

@@ -1,33 +1,155 @@
 /// <reference types="@tailor-platform/function-types" />
-import { z } from "zod";
-import { StandardSchemaV1 } from "@standard-schema/spec";
 import { IsAny, JsonObject, NonEmptyObject } from "type-fest";
 
-//#region src/parser/generator-config/index.d.ts
-declare const BaseGeneratorConfigSchema: z.ZodUnion<readonly [z.ZodTuple<[z.ZodLiteral<"@tailor-platform/kysely-type">, z.ZodObject<{
-  distPath: z.ZodString;
-}, z.core.$strip>], null>, z.ZodTuple<[z.ZodLiteral<"@tailor-platform/seed">, z.ZodObject<{
-  distPath: z.ZodString;
-  machineUserName: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>], null>, z.ZodTuple<[z.ZodLiteral<"@tailor-platform/enum-constants">, z.ZodObject<{
-  distPath: z.ZodString;
-}, z.core.$strip>], null>, z.ZodTuple<[z.ZodLiteral<"@tailor-platform/file-utils">, z.ZodObject<{
-  distPath: z.ZodString;
-}, z.core.$strip>], null>, z.ZodObject<{
-  id: z.ZodString;
-  description: z.ZodString;
-  dependencies: z.ZodArray<z.ZodEnum<{
-    executor: "executor";
-    tailordb: "tailordb";
-    resolver: "resolver";
-  }>>;
-  processType: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
-  processResolver: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
-  processExecutor: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
-  processTailorDBNamespace: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
-  processResolverNamespace: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
-  aggregate: z.ZodFunction<z.core.$ZodFunctionArgs, z.ZodAny>;
-}, z.core.$strip>]>;
+//#region src/types/helpers.d.ts
+type Prettify<T> = { [K in keyof T as string extends K ? never : K]: T[K] } & {};
+type DeepWritable<T> = T extends Date | RegExp | Function ? T : T extends object ? { -readonly [P in keyof T]: DeepWritable<T[P]> } & {} : T;
+type output<T> = T extends {
+  _output: infer U;
+} ? DeepWritable<U> : never;
+type NullableToOptional<T> = { [K in keyof T as null extends T[K] ? never : K]: T[K] } & { [K in keyof T as null extends T[K] ? K : never]?: T[K] };
+type InferFieldsOutput<F extends Record<string, {
+  _output: any;
+  [key: string]: any;
+}>> = DeepWritable<Prettify<NullableToOptional<{ [K in keyof F]: output<F[K]> }>>>;
+type JsonValue = string | number | boolean | null | JsonValue[] | {
+  [key: string]: JsonValue;
+};
+/**
+ * A looser version of JsonValue that accepts interfaces.
+ * TypeScript interfaces don't have index signatures by default,
+ * so they can't be assigned to JsonValue's {[Key in string]: JsonValue}.
+ * This type uses a recursive check instead.
+ */
+type JsonCompatible<T> = T extends string | number | boolean | null | undefined ? T : T extends readonly (infer U)[] ? JsonCompatible<U>[] : T extends object ? T extends {
+  toJSON: () => unknown;
+} ? never : { [K in keyof T]: JsonCompatible<T[K]> } : never;
+//#endregion
+//#region src/types/user.d.ts
+interface AttributeMap {}
+interface AttributeList {
+  __tuple?: [];
+}
+type InferredAttributeMap = keyof AttributeMap extends never ? Record<string, string | string[] | boolean | boolean[] | undefined> : AttributeMap;
+type InferredAttributeList = AttributeList["__tuple"] extends [] ? string[] : AttributeList["__tuple"];
+/** Represents a user in the Tailor platform. */
+type TailorUser = {
+  /**
+   * The ID of the user.
+   * For unauthenticated users, this will be a nil UUID.
+   */
+  id: string;
+  /**
+   * The type of the user.
+   * For unauthenticated users, this will be an empty string.
+   */
+  type: "user" | "machine_user" | ""; /** The ID of the workspace the user belongs to. */
+  workspaceId: string;
+  /**
+   * A map of the user's attributes.
+   * For unauthenticated users, this will be null.
+   */
+  attributes: InferredAttributeMap | null;
+  /**
+   * A list of the user's attributes.
+   * For unauthenticated users, this will be an empty array.
+   */
+  attributeList: InferredAttributeList;
+};
+/** Represents an unauthenticated user in the Tailor platform. */
+declare const unauthenticatedTailorUser: TailorUser;
+//#endregion
+//#region src/types/validation.d.ts
+/**
+ * Validation function type
+ */
+type ValidateFn<O, D = unknown> = (args: {
+  value: O;
+  data: D;
+  user: TailorUser;
+}) => boolean;
+/**
+ * Validation configuration with custom error message
+ */
+type ValidateConfig<O, D = unknown> = [ValidateFn<O, D>, string];
+/**
+ * Field-level validation function
+ */
+type FieldValidateFn<O> = ValidateFn<O>;
+/**
+ * Field-level validation configuration
+ */
+type FieldValidateConfig<O> = ValidateConfig<O>;
+/**
+ * Input type for field validation - can be either a function or a tuple of [function, errorMessage]
+ */
+type FieldValidateInput<O> = FieldValidateFn<O> | FieldValidateConfig<O>;
+/**
+ * Base validators type for field collections
+ * @template F - Record of fields
+ * @template ExcludeKeys - Keys to exclude from validation (default: "id" for TailorDB)
+ */
+type ValidatorsBase<F extends Record<string, {
+  _defined: any;
+  _output: any;
+  [key: string]: any;
+}>, ExcludeKeys extends string = "id"> = NonEmptyObject<{ [K in Exclude<keyof F, ExcludeKeys> as F[K]["_defined"] extends {
+  validate: unknown;
+} ? never : K]?: ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>> | (ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>>)[] }>;
+/**
+ * Validators type (by default excludes "id" field for TailorDB compatibility)
+ * Can be used with both TailorField and TailorDBField
+ */
+type Validators<F extends Record<string, {
+  _defined: any;
+  _output: any;
+  [key: string]: any;
+}>> = ValidatorsBase<F, "id">;
+//#endregion
+//#region src/types/field-types.d.ts
+interface EnumValue {
+  value: string;
+  description?: string;
+}
+type TailorFieldType = "uuid" | "string" | "boolean" | "integer" | "float" | "decimal" | "enum" | "date" | "datetime" | "time" | "nested";
+type TailorToTs = {
+  string: string;
+  integer: number;
+  float: number;
+  decimal: string;
+  boolean: boolean;
+  uuid: string;
+  date: string;
+  datetime: string | Date;
+  time: string;
+  enum: string;
+  object: Record<string, unknown>;
+  nested: Record<string, unknown>;
+} & Record<TailorFieldType, unknown>;
+interface FieldMetadata {
+  description?: string;
+  required?: boolean;
+  array?: boolean;
+  allowedValues?: EnumValue[];
+  validate?: FieldValidateInput<any>[];
+  typeName?: string;
+}
+interface DefinedFieldMetadata {
+  type: TailorFieldType;
+  array: boolean;
+  description?: boolean;
+  validate?: boolean;
+  typeName?: boolean;
+}
+type FieldOptions = {
+  optional?: boolean;
+  array?: boolean;
+};
+type FieldOutput$1<T, O extends FieldOptions> = OptionalFieldOutput<ArrayFieldOutput<T, O>, O>;
+type OptionalFieldOutput<T, O extends FieldOptions> = O["optional"] extends true ? T | null : T;
+type ArrayFieldOutput<T, O extends FieldOptions> = [O] extends [{
+  array: true;
+}] ? T[] : T;
 //#endregion
 //#region src/types/auth.generated.d.ts
 type AuthInvokerObject = {
@@ -351,8 +473,31 @@ type Executor = {
   description?: string | undefined;
 };
 //#endregion
+//#region src/types/generator-config.generated.d.ts
+type BaseGeneratorConfig = ["@tailor-platform/kysely-type", {
+  distPath: string;
+}] | ["@tailor-platform/seed", {
+  distPath: string;
+  machineUserName?: string | undefined;
+}] | ["@tailor-platform/enum-constants", {
+  distPath: string;
+}] | ["@tailor-platform/file-utils", {
+  distPath: string;
+}] | {
+  id: string;
+  description: string;
+  dependencies: ("tailordb" | "resolver" | "executor")[];
+  aggregate: Function;
+  processType?: Function | undefined;
+  processResolver?: Function | undefined;
+  processExecutor?: Function | undefined;
+  processTailorDBNamespace?: Function | undefined;
+  processResolverNamespace?: Function | undefined;
+};
+type BaseGeneratorConfigInput = BaseGeneratorConfig;
+//#endregion
 //#region src/types/generator-config.d.ts
-type GeneratorConfig = z.input<typeof BaseGeneratorConfigSchema>;
+type GeneratorConfig = BaseGeneratorConfigInput;
 //#endregion
 //#region src/types/resolver.generated.d.ts
 type Resolver = {
@@ -410,361 +555,153 @@ type AuthConnectionConfig = {
   tokenUrl?: string | undefined;
 };
 //#endregion
-//#region src/configure/types/field.d.ts
-type AllowedValue = EnumValue;
-type AllowedValues = readonly [string | EnumValue, ...(string | EnumValue)[]];
-type AllowedValuesOutput<V extends AllowedValues> = V[number] extends infer T ? T extends string ? T : T extends {
-  value: infer K;
-} ? K : never : never;
-//#endregion
-//#region src/configure/types/user.d.ts
-interface AttributeMap {}
-interface AttributeList {
-  __tuple?: [];
-}
-type InferredAttributeMap = keyof AttributeMap extends never ? Record<string, string | string[] | boolean | boolean[] | undefined> : AttributeMap;
-type InferredAttributeList = AttributeList["__tuple"] extends [] ? string[] : AttributeList["__tuple"];
-/** Represents a user in the Tailor platform. */
-type TailorUser = {
-  /**
-   * The ID of the user.
-   * For unauthenticated users, this will be a nil UUID.
-   */
-  id: string;
-  /**
-   * The type of the user.
-   * For unauthenticated users, this will be an empty string.
-   */
-  type: "user" | "machine_user" | ""; /** The ID of the workspace the user belongs to. */
-  workspaceId: string;
-  /**
-   * A map of the user's attributes.
-   * For unauthenticated users, this will be null.
-   */
-  attributes: InferredAttributeMap | null;
-  /**
-   * A list of the user's attributes.
-   * For unauthenticated users, this will be an empty array.
-   */
-  attributeList: InferredAttributeList;
-};
-/** Represents an unauthenticated user in the Tailor platform. */
-declare const unauthenticatedTailorUser: TailorUser;
-//#endregion
-//#region src/configure/types/helpers.d.ts
-type Prettify<T> = { [K in keyof T as string extends K ? never : K]: T[K] } & {};
-type DeepWritable<T> = T extends Date | RegExp | Function ? T : T extends object ? { -readonly [P in keyof T]: DeepWritable<T[P]> } & {} : T;
-type output<T> = T extends {
-  _output: infer U;
-} ? DeepWritable<U> : never;
-type NullableToOptional<T> = { [K in keyof T as null extends T[K] ? never : K]: T[K] } & { [K in keyof T as null extends T[K] ? K : never]?: T[K] };
-type InferFieldsOutput<F extends Record<string, {
-  _output: any;
-  [key: string]: any;
-}>> = DeepWritable<Prettify<NullableToOptional<{ [K in keyof F]: output<F[K]> }>>>;
-type JsonValue = string | number | boolean | null | JsonValue[] | {
-  [key: string]: JsonValue;
-};
-/**
- * A looser version of JsonValue that accepts interfaces.
- * TypeScript interfaces don't have index signatures by default,
- * so they can't be assigned to JsonValue's {[Key in string]: JsonValue}.
- * This type uses a recursive check instead.
- */
-type JsonCompatible<T> = T extends string | number | boolean | null | undefined ? T : T extends readonly (infer U)[] ? JsonCompatible<U>[] : T extends object ? T extends {
-  toJSON: () => unknown;
-} ? never : { [K in keyof T]: JsonCompatible<T[K]> } : never;
-//#endregion
-//#region src/types/field.generated.d.ts
-type TailorFieldInput = {
-  /** Field data type */type: "string" | "boolean" | "uuid" | "integer" | "float" | "decimal" | "enum" | "date" | "datetime" | "time" | "nested"; /** Field metadata configuration */
-  metadata: {
-    required?: boolean | undefined;
-    array?: boolean | undefined;
-    description?: string | undefined;
-    allowedValues?: {
-      value: string;
-      description?: string | undefined;
-    }[] | undefined;
-    hooks?: {
-      create?: Function | undefined;
-      update?: Function | undefined;
-    } | undefined;
-    typeName?: string | undefined;
-  };
-  fields: {
-    [x: string]: TailorFieldInput;
-  };
-};
-//#endregion
-//#region src/configure/types/type.d.ts
-type TailorAnyField = TailorField<any>;
-type FieldParseArgs = {
-  value: unknown;
-  data: unknown;
-  user: TailorUser;
-};
-type FieldParseInternalArgs = {
-  value: any;
-  data: unknown;
-  user: TailorUser;
-  pathArray: string[];
-};
+//#region src/types/tailor-field.d.ts
 /**
- * TailorField interface representing a field with metadata, type information, and optional nested fields.
- * This is the base field type used by both resolver types and TailorDB types.
- * Using interface to allow self-referencing in the fields property.
+ * Minimal structural interface for TailorField.
+ * Defines only the properties needed by parser, plugin, cli, and types layers.
+ * The full interface with builder methods (description, typeName, validate, parse)
+ * is defined in configure/types/type.ts.
  */
-interface TailorField<Defined extends DefinedFieldMetadata = DefinedFieldMetadata, Output = any, M extends FieldMetadata = FieldMetadata, T extends TailorFieldType = TailorFieldType> extends TailorFieldInput {
+interface TailorField<Defined extends DefinedFieldMetadata = DefinedFieldMetadata, Output = any, M extends FieldMetadata = FieldMetadata, T extends TailorFieldType = TailorFieldType> {
   readonly type: T;
   readonly fields: Record<string, TailorAnyField>;
   readonly _defined: Defined;
   readonly _output: Output;
-  _metadata: M;
-  /** Returns a shallow copy of the metadata */
   readonly metadata: M;
-  /**
-   * Set a description for the field
-   * @param description - The description text
-   * @returns The field with updated metadata
-   */
-  description<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    description: unknown;
-  } ? never : TailorField<CurrentDefined, Output>, description: string): TailorField<Prettify<CurrentDefined & {
-    description: true;
-  }>, Output>;
-  /**
-   * Set a custom type name for enum or nested types
-   * @param typeName - The custom type name
-   * @returns The field with updated metadata
-   */
-  typeName<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    typeName: unknown;
-  } ? never : CurrentDefined extends {
-    type: "enum" | "nested";
-  } ? TailorField<CurrentDefined, Output> : never, typeName: string): TailorField<Prettify<CurrentDefined & {
-    typeName: true;
-  }>, Output>;
-  /**
-   * Add validation functions to the field
-   * @param validate - One or more validation functions
-   * @returns The field with updated metadata
-   */
-  validate<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    validate: unknown;
-  } ? never : TailorField<CurrentDefined, Output>, ...validate: FieldValidateInput<Output>[]): TailorField<Prettify<CurrentDefined & {
-    validate: true;
-  }>, Output>;
-  /**
-   * Parse and validate a value against this field's validation rules
-   * Returns StandardSchema Result type with success or failure
-   * @param args - Value, context data, and user
-   * @returns Validation result
-   */
-  parse(args: FieldParseArgs): StandardSchemaV1.Result<Output>;
-  /**
-   * Internal parse method that tracks field path for nested validation
-   * @private
-   * @param args - Parse arguments
-   * @returns Validation result
-   */
-  _parseInternal(args: FieldParseInternalArgs): StandardSchemaV1.Result<Output>;
 }
+type TailorAnyField = TailorField<any>;
 //#endregion
-//#region src/configure/types/validation.d.ts
-/**
- * Validation function type
- */
-type ValidateFn<O, D = unknown> = (args: {
-  value: O;
-  data: D;
-  user: TailorUser;
-}) => boolean;
-/**
- * Validation configuration with custom error message
- */
-type ValidateConfig<O, D = unknown> = [ValidateFn<O, D>, string];
-/**
- * Field-level validation function
- */
-type FieldValidateFn<O> = ValidateFn<O>;
-/**
- * Field-level validation configuration
- */
-type FieldValidateConfig<O> = ValidateConfig<O>;
-/**
- * Input type for field validation - can be either a function or a tuple of [function, errorMessage]
- */
-type FieldValidateInput<O> = FieldValidateFn<O> | FieldValidateConfig<O>;
-/**
- * Base validators type for field collections
- * @template F - Record of fields
- * @template ExcludeKeys - Keys to exclude from validation (default: "id" for TailorDB)
- */
-type ValidatorsBase<F extends Record<string, {
-  _defined: any;
-  _output: any;
-  [key: string]: any;
-}>, ExcludeKeys extends string = "id"> = NonEmptyObject<{ [K in Exclude<keyof F, ExcludeKeys> as F[K]["_defined"] extends {
-  validate: unknown;
-} ? never : K]?: ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>> | (ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>>)[] }>;
-/**
- * Validators type (by default excludes "id" field for TailorDB compatibility)
- * Can be used with both TailorField and TailorDBField
- */
-type Validators<F extends Record<string, {
-  _defined: any;
-  _output: any;
-  [key: string]: any;
-}>> = ValidatorsBase<F, "id">;
-//#endregion
-//#region src/configure/types/types.d.ts
-type TailorFieldType = "uuid" | "string" | "boolean" | "integer" | "float" | "decimal" | "enum" | "date" | "datetime" | "time" | "nested";
-type TailorToTs = {
-  string: string;
-  integer: number;
-  float: number;
-  decimal: string;
-  boolean: boolean;
-  uuid: string;
-  date: string;
-  datetime: string | Date;
-  time: string;
-  enum: string;
-  object: Record<string, unknown>;
-  nested: Record<string, unknown>;
-} & Record<TailorFieldType, unknown>;
-interface FieldMetadata {
-  description?: string;
-  required?: boolean;
-  array?: boolean;
-  allowedValues?: AllowedValue[];
-  validate?: FieldValidateInput<any>[];
-  typeName?: string;
-}
-interface DefinedFieldMetadata {
-  type: TailorFieldType;
-  array: boolean;
-  description?: boolean;
-  validate?: boolean;
-  typeName?: boolean;
-}
-type FieldOptions = {
-  optional?: boolean;
-  array?: boolean;
+//#region src/types/auth.d.ts
+type OAuth2ClientGrantType = OAuth2Client["grantTypes"][number];
+type SCIMAttributeType = SCIMAttribute["type"];
+type AuthInvokerWithName<M extends string> = Omit<AuthInvoker, "machineUserName"> & {
+  machineUserName: M;
 };
-type FieldOutput$1<T, O extends FieldOptions> = OptionalFieldOutput<ArrayFieldOutput<T, O>, O>;
-type OptionalFieldOutput<T, O extends FieldOptions> = O["optional"] extends true ? T | null : T;
-type ArrayFieldOutput<T, O extends FieldOptions> = [O] extends [{
+/** Result of retrieving a connection token at runtime. */
+type AuthConnectionTokenResult = {
+  access_token: string;
+  refresh_token?: string;
+  token_type?: string;
+  expiry?: string;
+};
+type ValueOperand = string | boolean | string[] | boolean[];
+type AuthAttributeValue = ValueOperand | null | undefined;
+type UserFieldKeys<User extends TailorDBInstance> = keyof output<User> & string;
+type FieldDefined<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = User["fields"][Key] extends {
+  _defined: infer Defined;
+} ? Defined : never;
+type FieldOutput<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = output<User>[Key];
+type FieldIsRequired<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = undefined extends FieldOutput<User, Key> ? false : true;
+type FieldIsOfType<User extends TailorDBInstance, Key extends UserFieldKeys<User>, Type extends string> = FieldDefined<User, Key> extends {
+  type: Type;
+} ? true : false;
+type FieldIsArray<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldDefined<User, Key> extends {
   array: true;
-}] ? T[] : T;
-//#endregion
-//#region src/configure/services/tailordb/permission.d.ts
-/**
- * Record-level permission configuration for a TailorDB type.
- * Defines create, read, update, and delete permissions.
- *
- * Prefer object format with explicit `conditions` and `permit` for readability.
- * Shorthand array format is supported for compatibility, but less readable.
- *
- * For update operations, use `newRecord`/`oldRecord` operands instead of `record`.
- * @example
- * const permission: TailorTypePermission = {
- *   create: [{ conditions: [[{ user: "_loggedIn" }, "=", true]], permit: true }],
- *   read: [{ conditions: [[{ record: "isPublic" }, "=", true]], permit: true }],
- *   update: [{ conditions: [[{ newRecord: "ownerId" }, "=", { user: "id" }]], permit: true }],
- *   delete: [{ conditions: [[{ record: "ownerId" }, "=", { user: "id" }]], permit: true }],
- * };
- */
-type TailorTypePermission<User extends object = InferredAttributeMap, Type extends object = object> = {
-  create: readonly ActionPermission<"record", User, Type, false>[];
-  read: readonly ActionPermission<"record", User, Type, false>[];
-  update: readonly ActionPermission<"record", User, Type, true>[];
-  delete: readonly ActionPermission<"record", User, Type, false>[];
+} ? true : false;
+type FieldIsUnique<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldDefined<User, Key> extends {
+  unique: true;
+} ? true : false;
+type FieldSupportsValueOperand<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldOutput<User, Key> extends ValueOperand | null | undefined ? true : false;
+type UsernameFieldKey<User extends TailorDBInstance> = IsAny<User> extends true ? string : { [K in UserFieldKeys<User>]: FieldIsRequired<User, K> extends true ? FieldIsOfType<User, K, "string"> extends true ? FieldIsArray<User, K> extends true ? never : FieldIsUnique<User, K> extends true ? K : never : never : never }[UserFieldKeys<User>];
+type UserAttributeKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldSupportsValueOperand<User, K> extends true ? FieldIsOfType<User, K, "datetime" | "date" | "time"> extends true ? never : K : never }[UserFieldKeys<User>];
+type UserAttributeListKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldIsOfType<User, K, "uuid"> extends true ? FieldIsArray<User, K> extends true ? never : K : never }[UserFieldKeys<User>];
+type UserAttributeMap<User extends TailorDBInstance> = { [K in UserAttributeKey<User>]?: true };
+type DisallowExtraKeys<T, Allowed extends PropertyKey> = T & { [K in Exclude<keyof T, Allowed>]: never };
+type AttributeListValue<User extends TailorDBInstance, Key extends UserAttributeListKey<User>> = Key extends keyof output<User> ? output<User>[Key] : never;
+type AttributeListToTuple<User extends TailorDBInstance, AttributeList extends readonly UserAttributeListKey<User>[]> = { [Index in keyof AttributeList]: AttributeList[Index] extends UserAttributeListKey<User> ? AttributeListValue<User, AttributeList[Index]> : never };
+type AttributeMapSelectedKeys<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>> = Extract<{ [K in keyof AttributeMap]-?: undefined extends AttributeMap[K] ? never : K }[keyof AttributeMap], UserAttributeKey<User>>;
+type UserProfile<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[]> = {
+  /**
+   * TailorDB namespace where the user type is defined.
+   *
+   * Usually auto-resolved, so you don't need to specify this.
+   * Required only when multiple TailorDBs exist and the type is in an external TailorDB.
+   */
+  namespace?: string;
+  type: User;
+  usernameField: UsernameFieldKey<User>;
+  attributes?: DisallowExtraKeys<AttributeMap, UserAttributeKey<User>>;
+  attributeList?: AttributeList;
 };
-type ActionPermission<Level extends "record" | "gql" = "record" | "gql", User extends object = InferredAttributeMap, Type extends object = object, Update extends boolean = boolean> = {
-  conditions: PermissionCondition<Level, User, Update, Type> | readonly PermissionCondition<Level, User, Update, Type>[];
-  description?: string | undefined;
-  permit?: boolean;
-} | readonly [...PermissionCondition<Level, User, Update, Type>, ...([] | [boolean])] | readonly [...PermissionCondition<Level, User, Update, Type>[], ...([] | [boolean])];
-type TailorTypeGqlPermission<User extends object = InferredAttributeMap, Type extends object = object> = readonly GqlPermissionPolicy<User, Type>[];
-type GqlPermissionPolicy<User extends object = InferredAttributeMap, Type extends object = object> = {
-  conditions: readonly PermissionCondition<"gql", User, boolean, Type>[];
-  actions: "all" | readonly GqlPermissionAction$1[];
-  permit?: boolean;
-  description?: string;
+type MachineUserAttributeFields = Record<string, TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>>;
+type TailorFieldOutputValue<Field> = Field extends TailorField<DefinedFieldMetadata, infer Output, FieldMetadata, TailorFieldType> ? Output : never;
+type MachineUserAttributeValues<Fields extends MachineUserAttributeFields> = { [K in keyof Fields]: TailorFieldOutputValue<Fields[K]> extends ValueOperand | null | undefined ? TailorFieldOutputValue<Fields[K]> : never };
+type MachineUserFromAttributes<Fields extends MachineUserAttributeFields> = (keyof Fields extends never ? {
+  attributes?: never;
+} : {
+  attributes: DisallowExtraKeys<MachineUserAttributeValues<Fields>, keyof Fields>;
+}) & {
+  attributeList?: string[];
+};
+type MachineUser<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User> = UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[] = [], MachineUserAttributes extends MachineUserAttributeFields | undefined = undefined> = IsAny<MachineUserAttributes> extends true ? IsAny<User> extends true ? {
+  attributes: Record<string, AuthAttributeValue>;
+  attributeList?: string[];
+} : (AttributeMapSelectedKeys<User, AttributeMap> extends never ? {
+  attributes?: never;
+} : {
+  attributes: { [K in AttributeMapSelectedKeys<User, AttributeMap>]: K extends keyof output<User> ? output<User>[K] : never } & { [K in Exclude<keyof output<User>, AttributeMapSelectedKeys<User, AttributeMap>>]?: never };
+}) & ([] extends AttributeList ? {
+  attributeList?: never;
+} : {
+  attributeList: AttributeListToTuple<User, AttributeList>;
+}) : [MachineUserAttributes] extends [MachineUserAttributeFields] ? MachineUserFromAttributes<MachineUserAttributes> : IsAny<User> extends true ? {
+  attributes: Record<string, AuthAttributeValue>;
+  attributeList?: string[];
+} : (AttributeMapSelectedKeys<User, AttributeMap> extends never ? {
+  attributes?: never;
+} : {
+  attributes: { [K in AttributeMapSelectedKeys<User, AttributeMap>]: K extends keyof output<User> ? output<User>[K] : never } & { [K in Exclude<keyof output<User>, AttributeMapSelectedKeys<User, AttributeMap>>]?: never };
+}) & ([] extends AttributeList ? {
+  attributeList?: never;
+} : {
+  attributeList: AttributeListToTuple<User, AttributeList>;
+});
+type BeforeLoginHookArgs = {
+  claims: JsonObject;
+  idpConfigName: string;
 };
-type GqlPermissionAction$1 = "read" | "create" | "update" | "delete" | "aggregate" | "bulkUpsert";
-type EqualityOperator = "=" | "!=";
-type ContainsOperator = "in" | "not in";
-type HasAnyOperator = "hasAny" | "not hasAny";
-type StringFieldKeys<User extends object> = { [K in keyof User]: User[K] extends string ? K : never }[keyof User];
-type StringArrayFieldKeys<User extends object> = { [K in keyof User]: User[K] extends string[] ? K : never }[keyof User];
-type BooleanFieldKeys<User extends object> = { [K in keyof User]: User[K] extends boolean ? K : never }[keyof User];
-type BooleanArrayFieldKeys<User extends object> = { [K in keyof User]: User[K] extends boolean[] ? K : never }[keyof User];
-type UserStringOperand<User extends object = InferredAttributeMap> = {
-  user: StringFieldKeys<User> | "id";
+type BeforeLoginHook<MachineUserNames extends string> = {
+  handler(args: BeforeLoginHookArgs): Promise<void>;
+  invoker: NoInfer<MachineUserNames>;
 };
-type UserStringArrayOperand<User extends object = InferredAttributeMap> = {
-  user: StringArrayFieldKeys<User>;
+type AuthHooks<MachineUserNames extends string> = {
+  beforeLogin?: BeforeLoginHook<MachineUserNames>;
 };
-type UserBooleanOperand<User extends object = InferredAttributeMap> = {
-  user: BooleanFieldKeys<User> | "_loggedIn";
+type AuthServiceInput<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[], MachineUserNames extends string, MachineUserAttributes extends MachineUserAttributeFields | undefined = MachineUserAttributeFields | undefined, ConnectionNames extends string = string> = {
+  hooks?: AuthHooks<MachineUserNames>;
+  userProfile?: UserProfile<User, AttributeMap, AttributeList>;
+  machineUserAttributes?: MachineUserAttributes;
+  machineUsers?: Record<MachineUserNames, MachineUser<User, AttributeMap, AttributeList, MachineUserAttributes>>;
+  oauth2Clients?: Record<string, OAuth2ClientInput>;
+  idProvider?: IdProvider;
+  scim?: SCIMConfig;
+  tenantProvider?: TenantProvider;
+  connections?: Record<ConnectionNames, AuthConnectionConfig>;
+  publishSessionEvents?: boolean;
 };
-type UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {
-  user: BooleanArrayFieldKeys<User>;
+declare const authDefinitionBrand: unique symbol;
+type AuthDefinitionBrand = {
+  readonly [authDefinitionBrand]: true;
 };
-type RecordOperand$1<Type extends object, Update extends boolean = false> = Update extends true ? {
-  oldRecord: (keyof Type & string) | "id";
-} | {
-  newRecord: (keyof Type & string) | "id";
-} : {
-  record: (keyof Type & string) | "id";
+type ConnectionNames<Config> = Config extends {
+  connections?: Record<infer K, unknown>;
+} ? K & string : string;
+type DefinedAuth<Name extends string, Config, MachineUserNames extends string> = Config & {
+  name: Name;
+  /**
+   * @deprecated Pass the machine user name directly as a string instead, e.g. `authInvoker: "machine-user-name"`.
+   * Using this function pulls config-layer (Node-only) dependencies into runtime bundles.
+   */
+  invoker<M extends MachineUserNames>(machineUser: M): AuthInvokerWithName<M>;
+  getConnectionToken<C extends ConnectionNames<Config>>(connectionName: C): Promise<AuthConnectionTokenResult>;
+} & AuthDefinitionBrand;
+type AuthExternalConfig = {
+  name: string;
+  external: true;
 };
-type StringEqualityCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = (Level extends "gql" ? readonly [string, EqualityOperator, boolean] : never) | readonly [string, EqualityOperator, string] | readonly [UserStringOperand<User>, EqualityOperator, string] | readonly [string, EqualityOperator, UserStringOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, EqualityOperator, string | UserStringOperand<User>] | readonly [string | UserStringOperand<User>, EqualityOperator, RecordOperand$1<Type, Update>] : never);
-type BooleanEqualityCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = readonly [boolean, EqualityOperator, boolean] | readonly [UserBooleanOperand<User>, EqualityOperator, boolean] | readonly [boolean, EqualityOperator, UserBooleanOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, EqualityOperator, boolean | UserBooleanOperand<User>] | readonly [boolean | UserBooleanOperand<User>, EqualityOperator, RecordOperand$1<Type, Update>] : never);
-type EqualityCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = StringEqualityCondition<Level, User, Update, Type> | BooleanEqualityCondition<Level, User, Update, Type>;
-type StringContainsCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = readonly [string, ContainsOperator, string[]] | readonly [UserStringOperand<User>, ContainsOperator, string[]] | readonly [string, ContainsOperator, UserStringArrayOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, ContainsOperator, string[] | UserStringArrayOperand<User>] | readonly [string | UserStringOperand<User>, ContainsOperator, RecordOperand$1<Type, Update>] : never);
-type BooleanContainsCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = (Level extends "gql" ? readonly [string, ContainsOperator, boolean[]] : never) | readonly [boolean, ContainsOperator, boolean[]] | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]] | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, ContainsOperator, boolean[] | UserBooleanArrayOperand<User>] | readonly [boolean | UserBooleanOperand<User>, ContainsOperator, RecordOperand$1<Type, Update>] : never);
-type ContainsCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = StringContainsCondition<Level, User, Update, Type> | BooleanContainsCondition<Level, User, Update, Type>;
-type HasAnyCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = readonly [string[] | UserStringArrayOperand<User>, HasAnyOperator, string[] | UserStringArrayOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, HasAnyOperator, string[] | UserStringArrayOperand<User>] | readonly [string[] | UserStringArrayOperand<User>, HasAnyOperator, RecordOperand$1<Type, Update>] : never);
-/**
- * Type representing a permission condition that combines user attributes, record fields, and literal values using comparison operators.
- *
- * The User type is extended by `tailor.d.ts`, which is automatically generated when running `tailor-sdk generate`.
- * Attributes enabled in the config file's `auth.userProfile.attributes` (or
- * `auth.machineUserAttributes` when userProfile is omitted) become available as types.
- * @example
- * ```ts
- * // tailor.config.ts
- * export const auth = defineAuth("my-auth", {
- *   userProfile: {
- *     type: user,
- *     attributes: {
- *       isAdmin: true,
- *       roles: true,
- *     }
- *   }
- * });
- * ```
- */
-type PermissionCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = EqualityCondition<Level, User, Update, Type> | ContainsCondition<Level, User, Update, Type> | HasAnyCondition<Level, User, Update, Type>;
-/**
- * Grants full record-level access without any conditions.
- *
- * Unsafe and intended only for local development, prototyping, or tests.
- * Do not use this in production environments, as it effectively disables
- * authorization checks.
- */
-declare const unsafeAllowAllTypePermission: TailorTypePermission;
-/**
- * Grants full GraphQL access (all actions) without any conditions.
- *
- * Unsafe and intended only for local development, prototyping, or tests.
- * Do not use this in production environments, as it effectively disables
- * authorization checks.
- */
-declare const unsafeAllowAllGqlPermission: TailorTypeGqlPermission;
+type AuthServiceInputLoose = AuthServiceInput<any, any, any, string, any>;
+type AuthOwnConfig = DefinedAuth<string, AuthServiceInputLoose, string>;
+type AuthConfig = AuthOwnConfig | AuthExternalConfig;
 //#endregion
 //#region src/types/tailordb.generated.d.ts
 /**
@@ -777,6 +714,33 @@ type GqlOperationsInput = "query" | {
   delete?: boolean | undefined;
   read?: boolean | undefined;
 };
+type DBFieldMetadata$1 = {
+  /** Whether the field is required */required?: boolean | undefined; /** Whether the field is an array */
+  array?: boolean | undefined; /** Field description */
+  description?: string | undefined; /** Type name for nested or enum fields */
+  typeName?: string | undefined; /** Allowed values for enum fields */
+  allowedValues?: {
+    value: string; /** Field description */
+    description?: string | undefined;
+  }[] | undefined; /** Whether the field is indexed for faster queries */
+  index?: boolean | undefined; /** Whether the field value must be unique */
+  unique?: boolean | undefined; /** Whether the field is a vector field for similarity search */
+  vector?: boolean | undefined; /** Whether the field is a foreign key */
+  foreignKey?: boolean | undefined; /** Target type name for foreign key relations */
+  foreignKeyType?: string | undefined; /** Target field name for foreign key relations */
+  foreignKeyField?: string | undefined; /** Lifecycle hooks for the field */
+  hooks?: {
+    create?: Function | undefined;
+    update?: Function | undefined;
+  } | undefined; /** Validation functions for the field */
+  validate?: (Function | [Function, string])[] | undefined; /** Serial (auto-increment) configuration */
+  serial?: {
+    start: number;
+    maxValue?: number | undefined;
+    format?: string | undefined;
+  } | undefined; /** Decimal scale (number of digits after decimal point, 0-12) */
+  scale?: number | undefined;
+};
 type TailorDBTypeParsedSettings = {
   /** Custom plural form of the type name for GraphQL */pluralForm?: string | undefined; /** Enable aggregation queries for this type */
   aggregation?: boolean | undefined; /** Enable bulk upsert mutation for this type */
@@ -798,7 +762,7 @@ type TailorDBTypeParsedSettings = {
 };
 type RawPermissions = {
   record?: {
-    create: readonly (readonly (string | boolean | string[] | boolean[] | {
+    create: readonly (readonly [(string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -806,7 +770,7 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[] | readonly (boolean | readonly (string | boolean | string[] | boolean[] | {
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -814,28 +778,7 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[])[] | {
-      conditions: readonly (string | boolean | string[] | boolean[] | {
-        user: string;
-      } | {
-        record: string;
-      } | {
-        oldRecord: string;
-      } | {
-        newRecord: string;
-      })[] | readonly (readonly (string | boolean | string[] | boolean[] | {
-        user: string;
-      } | {
-        record: string;
-      } | {
-        oldRecord: string;
-      } | {
-        newRecord: string;
-      })[])[];
-      description?: string | undefined;
-      permit?: boolean | undefined;
-    })[];
-    read: readonly (readonly (string | boolean | string[] | boolean[] | {
+    })] | readonly [(string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -843,7 +786,7 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[] | readonly (boolean | readonly (string | boolean | string[] | boolean[] | {
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -851,28 +794,7 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[])[] | {
-      conditions: readonly (string | boolean | string[] | boolean[] | {
-        user: string;
-      } | {
-        record: string;
-      } | {
-        oldRecord: string;
-      } | {
-        newRecord: string;
-      })[] | readonly (readonly (string | boolean | string[] | boolean[] | {
-        user: string;
-      } | {
-        record: string;
-      } | {
-        oldRecord: string;
-      } | {
-        newRecord: string;
-      })[])[];
-      description?: string | undefined;
-      permit?: boolean | undefined;
-    })[];
-    update: readonly (readonly (string | boolean | string[] | boolean[] | {
+    }), boolean] | readonly (boolean | readonly [(string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -880,7 +802,7 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[] | readonly (boolean | readonly (string | boolean | string[] | boolean[] | {
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
       user: string;
     } | {
       record: string;
@@ -888,8 +810,8 @@ type RawPermissions = {
       oldRecord: string;
     } | {
       newRecord: string;
-    })[])[] | {
-      conditions: readonly (string | boolean | string[] | boolean[] | {
+    })])[] | {
+      conditions: readonly [(string | boolean | string[] | boolean[] | {
         user: string;
       } | {
         record: string;
@@ -897,7 +819,7 @@ type RawPermissions = {
         oldRecord: string;
       } | {
         newRecord: string;
-      })[] | readonly (readonly (string | boolean | string[] | boolean[] | {
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
         user: string;
       } | {
         record: string;
@@ -905,28 +827,7 @@ type RawPermissions = {
         oldRecord: string;
       } | {
         newRecord: string;
-      })[])[];
-      description?: string | undefined;
-      permit?: boolean | undefined;
-    })[];
-    delete: readonly (readonly (string | boolean | string[] | boolean[] | {
-      user: string;
-    } | {
-      record: string;
-    } | {
-      oldRecord: string;
-    } | {
-      newRecord: string;
-    })[] | readonly (boolean | readonly (string | boolean | string[] | boolean[] | {
-      user: string;
-    } | {
-      record: string;
-    } | {
-      oldRecord: string;
-    } | {
-      newRecord: string;
-    })[])[] | {
-      conditions: readonly (string | boolean | string[] | boolean[] | {
+      })] | readonly (readonly [(string | boolean | string[] | boolean[] | {
         user: string;
       } | {
         record: string;
@@ -934,7 +835,7 @@ type RawPermissions = {
         oldRecord: string;
       } | {
         newRecord: string;
-      })[] | readonly (readonly (string | boolean | string[] | boolean[] | {
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
         user: string;
       } | {
         record: string;
@@ -942,752 +843,335 @@ type RawPermissions = {
         oldRecord: string;
       } | {
         newRecord: string;
-      })[])[];
+      })])[];
       description?: string | undefined;
       permit?: boolean | undefined;
     })[];
-  } | undefined;
-  gql?: readonly {
-    conditions: readonly (readonly (string | boolean | string[] | boolean[] | {
+    read: readonly (readonly [(string | boolean | string[] | boolean[] | {
       user: string;
-    })[])[];
-    actions: "all" | readonly ("create" | "read" | "update" | "delete" | "aggregate" | "bulkUpsert")[];
-    permit?: boolean | undefined;
-    description?: string | undefined;
-  }[] | undefined;
-};
-type TailorDBServiceConfigInput = {
-  /** Glob patterns for TailorDB type definition files */files: string[]; /** Glob patterns to exclude from type discovery */
-  ignores?: string[] | undefined; /** URL for the ERD (Entity Relationship Diagram) site */
-  erdSite?: string | undefined; /** Migration configuration */
-  migration?: {
-    directory: string;
-    machineUser?: string | undefined;
-  } | undefined; /** Default GraphQL operations for all types in this service */
-  gqlOperations?: "query" | {
-    create?: boolean | undefined;
-    update?: boolean | undefined;
-    delete?: boolean | undefined;
-    read?: boolean | undefined;
-  } | undefined;
-};
-//#endregion
-//#region src/configure/services/tailordb/types.d.ts
-type SerialConfig<T extends "string" | "integer" = "string" | "integer"> = Prettify<{
-  start: number;
-  maxValue?: number;
-} & (T extends "string" ? {
-  format?: string;
-} : object)>;
-interface DBFieldMetadata extends FieldMetadata {
-  index?: boolean;
-  unique?: boolean;
-  vector?: boolean;
-  foreignKey?: boolean;
-  foreignKeyType?: string;
-  foreignKeyField?: string;
-  hooks?: Hook<any, any>;
-  serial?: SerialConfig;
-  relation?: boolean;
-  scale?: number;
-}
-interface DefinedDBFieldMetadata extends DefinedFieldMetadata {
-  index?: boolean;
-  unique?: boolean;
-  vector?: boolean;
-  foreignKey?: boolean;
-  foreignKeyType?: boolean;
-  validate?: boolean;
-  hooks?: {
-    create: boolean;
-    update: boolean;
-  };
-  serial?: boolean;
-  relation?: boolean;
-}
-type ExcludeNestedDBFields<T extends Record<string, TailorAnyDBField>> = { [K in keyof T]: T[K] extends TailorDBField<{
-  type: "nested";
-  array: boolean;
-}, any> ? never : T[K] };
-type HookFn<TValue, TData, TReturn> = (args: {
-  value: TValue;
-  data: TData extends Record<string, unknown> ? { readonly [K in keyof TData]?: TData[K] | null | undefined } : unknown;
-  user: TailorUser;
-}) => TReturn;
-type Hook<TData, TReturn> = {
-  create?: HookFn<TReturn | null, TData, TReturn>;
-  update?: HookFn<TReturn | null, TData, TReturn>;
-};
-type Hooks<F extends Record<string, TailorAnyDBField>, TData = { [K in keyof F]: output<F[K]> }> = NonEmptyObject<{ [K in Exclude<keyof F, "id"> as F[K]["_defined"] extends {
-  hooks: unknown;
-} ? never : F[K]["_defined"] extends {
-  type: "nested";
-} ? never : K]?: Hook<TData, output<F[K]>> }>;
-type IndexDef<T extends {
-  fields: Record<PropertyKey, unknown>;
-}> = {
-  fields: [keyof T["fields"], keyof T["fields"], ...(keyof T["fields"])[]];
-  unique?: boolean;
-  name?: string;
-};
-type GqlOperationsConfig = GqlOperationsInput;
-interface TypeFeatures {
-  pluralForm?: string;
-  aggregation?: true;
-  bulkUpsert?: true;
-  /** Configure GraphQL operations for this type. Use "query" for read-only mode, or an object for granular control. */
-  gqlOperations?: GqlOperationsConfig;
-  /**
-   * Enable publishing events for this type.
-   * When enabled, record creation/update/deletion events are published.
-   * If not specified, this is automatically set to true when an executor uses this type
-   * with recordCreated/recordUpdated/recordDeleted triggers. If explicitly set to false
-   * while an executor uses this type, an error will be thrown during apply.
-   */
-  publishEvents?: boolean;
-}
-//#endregion
-//#region src/configure/services/tailordb/schema.d.ts
-interface RelationConfig<S extends RelationType, T extends TailorDBType$1> {
-  type: S;
-  toward: {
-    type: T;
-    as?: string;
-    key?: keyof T["fields"] & string;
-  };
-  backward?: string;
-}
-type RelationSelfConfig = {
-  type: RelationType;
-  toward: {
-    type: "self";
-    as?: string;
-    key?: string;
-  };
-  backward?: string;
-};
-type TailorAnyDBField = TailorDBField<any, any>;
-type TailorAnyDBType = TailorDBType$1<any, any>;
-/**
- * TailorDBField interface representing a database field with extended metadata.
- * Extends TailorField with database-specific features like relations, indexes, and hooks.
- */
-interface TailorDBField<Defined extends DefinedDBFieldMetadata, Output> extends Omit<TailorField<Defined, Output, DBFieldMetadata, Defined["type"]>, "description" | "validate"> {
-  /**
-   * typeName is not available on TailorDB fields.
-   * Use typeName on pipeline fields (t.enum / t.object) instead.
-   */
-  typeName(this: never, typeName: string): never;
-  /** Returns a shallow copy of the raw relation config if set */
-  readonly rawRelation: Readonly<RawRelationConfig> | undefined;
-  /**
-   * Set a description for the field
-   * @param description - The description text
-   * @returns The field with updated metadata
-   */
-  description<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    description: unknown;
-  } ? never : TailorField<CurrentDefined, Output>, description: string): TailorDBField<Prettify<CurrentDefined & {
-    description: true;
-  }>, Output>;
-  /**
-   * Define a relation to another type.
-   * Relation types: "n-1" (many-to-one), "1-1" (one-to-one), "keyOnly" (key only).
-   * Aliases "manyToOne", "oneToOne", and "N-1" are also accepted.
-   * @example db.uuid().relation({ type: "n-1", toward: { type: otherModel } })
-   * @example db.uuid().relation({ type: "1-1", toward: { type: profile } })
-   */
-  relation<S extends RelationType, T extends TailorAnyDBType, CurrentDefined extends Defined>(this: CurrentDefined extends {
-    relation: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, config: RelationConfig<S, T>): TailorDBField<S extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-    relation: true;
-  }> : Prettify<CurrentDefined & {
-    index: true;
-    relation: true;
-  }>, Output>;
-  /**
-   * Define a self-referencing relation
-   */
-  relation<S extends RelationSelfConfig, CurrentDefined extends Defined>(this: CurrentDefined extends {
-    relation: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, config: S): TailorDBField<S["type"] extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-    relation: true;
-  }> : Prettify<CurrentDefined & {
-    index: true;
-    relation: true;
-  }>, Output>;
-  /**
-   * Add an index to the field
-   */
-  index<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    index: unknown;
-  } ? never : CurrentDefined extends {
-    array: true;
-  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
-    index: true;
-  }>, Output>;
-  /**
-   * Make the field unique (also adds an index)
-   */
-  unique<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    unique: unknown;
-  } ? never : CurrentDefined extends {
-    array: true;
-  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-  }>, Output>;
-  /**
-   * Enable vector search on the field (string type only)
-   */
-  vector<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    vector: unknown;
-  } ? never : CurrentDefined extends {
-    type: "string";
-    array: false;
-  } ? TailorDBField<CurrentDefined, Output> : never): TailorDBField<Prettify<CurrentDefined & {
-    vector: true;
-  }>, Output>;
-  /**
-   * Add hooks for create/update operations on this field.
-   * The hook function receives `{ value, data, user }` and returns the computed value.
-   * @example db.string().hooks({ create: ({ data }) => data.firstName + " " + data.lastName })
-   * @example db.datetime().hooks({ create: () => new Date(), update: () => new Date() })
-   */
-  hooks<CurrentDefined extends Defined, const H extends Hook<unknown, Output>>(this: CurrentDefined extends {
-    hooks: unknown;
-  } ? never : CurrentDefined extends {
-    type: "nested";
-  } ? never : TailorDBField<CurrentDefined, Output>, hooks: H): TailorDBField<Prettify<CurrentDefined & {
-    hooks?: {
-      create: H extends {
-        create: unknown;
-      } ? true : false;
-      update: H extends {
-        update: unknown;
-      } ? true : false;
-    };
-    serial: false;
-  }>, Output>;
-  /**
-   * Add validation functions to the field.
-   * Accepts a function or a tuple of [function, errorMessage].
-   * Prefer the tuple form for diagnosable errors.
-   * @example
-   * // Function form (default error message):
-   * db.int().validate(({ value }) => value >= 0)
-   * @example
-   * // Tuple form with custom error message (recommended):
-   * db.string().validate([({ value }) => value.length >= 8, "Must be at least 8 characters"])
-   */
-  validate<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    validate: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, ...validate: FieldValidateInput<Output>[]): TailorDBField<Prettify<CurrentDefined & {
-    validate: true;
-  }>, Output>;
-  /**
-   * Configure serial/auto-increment behavior
-   */
-  serial<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    serial: unknown;
-  } ? never : Output extends null ? never : CurrentDefined extends {
-    type: "integer" | "string";
-    array: false;
-  } ? TailorDBField<CurrentDefined, Output> : never, config: SerialConfig<CurrentDefined["type"] & ("integer" | "string")>): TailorDBField<Prettify<CurrentDefined & {
-    serial: true;
-    hooks: {
-      create: false;
-      update: false;
-    };
-  }>, Output>;
-  /**
-   * Clone the field with optional overrides for field options
-   * @param options - Optional field options to override
-   * @returns A new TailorDBField instance with the same configuration
-   */
-  clone<const NewOpt extends FieldOptions>(options?: NewOpt): TailorDBField<Prettify<Omit<Defined, "array"> & {
-    array: NewOpt extends {
-      array: true;
-    } ? true : Defined["array"];
-  }>, FieldOutput$1<TailorToTs[Defined["type"]], NewOpt>>;
-}
-/**
- * Create a UUID field.
- * @param options - Field configuration options
- * @returns A UUID field
- * @example db.uuid()
- * @example db.uuid({ optional: true })
- */
-declare function uuid<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "uuid";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-/**
- * Create a string field.
- * @param options - Field configuration options
- * @returns A string field
- * @example db.string()
- * @example db.string({ optional: true })
- */
-declare function string<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "string";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-/**
- * Create a boolean field.
- * Note: The method name is `bool` but creates a `boolean` type field.
- * @param options - Field configuration options
- * @returns A boolean field
- * @example db.bool()
- * @example db.bool({ optional: true })
- */
-declare function bool<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "boolean";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<boolean, Opt> | null : ArrayFieldOutput<boolean, Opt>>;
-/**
- * Create an integer field.
- * @param options - Field configuration options
- * @returns An integer field
- * @example db.int()
- * @example db.int({ optional: true })
- */
-declare function int<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "integer";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
-/**
- * Create a float (decimal number) field.
- * @param options - Field configuration options
- * @returns A float field
- * @example db.float()
- * @example db.float({ optional: true })
- */
-declare function float<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "float";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
-interface DecimalFieldOptions extends FieldOptions {
-  scale?: number;
-}
-/**
- * Create a decimal field (stored as string for precision).
- * @param options - Field configuration options including optional scale (0-12)
- * @returns A decimal field
- * @example db.decimal()
- * @example db.decimal({ scale: 2 })
- * @example db.decimal({ scale: 2, optional: true })
- */
-declare function decimal<const Opt extends DecimalFieldOptions>(options?: Opt): TailorDBField<{
-  type: "decimal";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-/**
- * Create a date field (date only, no time component).
- * Format: "yyyy-MM-dd"
- * @param options - Field configuration options
- * @returns A date field
- * @example db.date()
- */
-declare function date<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "date";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-/**
- * Create a datetime field (date and time).
- * Format: ISO 8601 "yyyy-MM-ddTHH:mm:ssZ"
- * @param options - Field configuration options
- * @returns A datetime field
- * @example db.datetime()
- */
-declare function datetime<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "datetime";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string | Date, Opt> | null : ArrayFieldOutput<string | Date, Opt>>;
-/**
- * Create a time field (time only, no date component).
- * Format: "HH:mm"
- * @param options - Field configuration options
- * @returns A time field
- * @example db.time()
- */
-declare function time<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "time";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-/**
- * Create an enum field with a fixed set of allowed string values.
- * @param values - Array of allowed string values, or array of `{ value, description }` objects
- * @param options - Field configuration options
- * @returns An enum field
- * @example db.enum(["active", "inactive", "suspended"])
- * @example db.enum(["small", "medium", "large"], { optional: true })
- */
-declare function _enum<const V extends AllowedValues, const Opt extends FieldOptions>(values: V, options?: Opt): TailorDBField<{
-  type: "enum";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, FieldOutput$1<AllowedValuesOutput<V>, Opt>>;
-/**
- * Create a nested object field with sub-fields.
- * @param fields - Record of nested field definitions
- * @param options - Field configuration options
- * @returns A nested object field
- * @example db.object({ street: db.string(), city: db.string(), zip: db.string() })
- * @example db.object({ name: db.string() }, { optional: true })
- */
-declare function object<const F extends Record<string, TailorAnyDBField> & ExcludeNestedDBFields<F>, const Opt extends FieldOptions>(fields: F, options?: Opt): TailorDBField<{
-  type: "nested";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, FieldOutput$1<InferFieldsOutput<F>, Opt>>;
-/**
- * TailorDBType interface representing a database type definition with fields, permissions, and settings.
- */
-interface TailorDBType$1<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> {
-  readonly name: string;
-  readonly fields: Fields;
-  readonly _output: InferFieldsOutput<Fields>;
-  _description?: string;
-  /** Returns metadata for the type */
-  readonly metadata: TailorDBTypeMetadata;
-  /**
-   * Add hooks for fields at the type level.
-   * Each key is a field name, and the value defines create/update hooks.
-   * @example
-   * db.type("Order", {
-   *   total: db.float(),
-   *   tax: db.float(),
-   *   ...db.fields.timestamps(),
-   * }).hooks({
-   *   tax: { create: ({ data }) => data.total * 0.1, update: ({ data }) => data.total * 0.1 },
-   * })
-   */
-  hooks(hooks: Hooks<Fields>): TailorDBType$1<Fields, User>;
-  /**
-   * Add validators for fields at the type level.
-   * Each key is a field name, and the value is a validator or array of validators.
-   * Prefer the tuple form [function, message] for diagnosable errors.
-   * @example
-   * db.type("User", { email: db.string() }).validate({
-   *   email: [({ value }) => value.includes("@"), "Email must contain @"],
-   * })
-   */
-  validate(validators: Validators<Fields>): TailorDBType$1<Fields, User>;
-  /**
-   * Configure type features
-   */
-  features(features: Omit<TypeFeatures, "pluralForm">): TailorDBType$1<Fields, User>;
-  /**
-   * Define composite indexes
-   */
-  indexes(...indexes: IndexDef<TailorDBType$1<Fields, User>>[]): TailorDBType$1<Fields, User>;
-  /**
-   * Define file fields
-   */
-  files<const F extends string>(files: Record<F, string> & Partial<Record<keyof output<TailorDBType$1<Fields, User>>, never>>): TailorDBType$1<Fields, User>;
-  /**
-   * Set record-level permissions for create, read, update, and delete operations.
-   * Prefer object format with explicit `conditions` and `permit` for readability.
-   * For update operations, use `newRecord` and `oldRecord` operands.
-   * @example
-   * .permission({
-   *   create: [{ conditions: [[{ user: "_loggedIn" }, "=", true]], permit: true }],
-   *   read: [{ conditions: [[{ record: "isPublic" }, "=", true]], permit: true }],
-   *   update: [{ conditions: [[{ newRecord: "ownerId" }, "=", { user: "id" }]], permit: true }],
-   *   delete: [{ conditions: [[{ record: "ownerId" }, "=", { user: "id" }]], permit: true }],
-   * })
-   */
-  permission<U extends object = User, P extends TailorTypePermission<U, output<TailorDBType$1<Fields, User>>> = TailorTypePermission<U, output<TailorDBType$1<Fields, User>>>>(permission: P): TailorDBType$1<Fields, U>;
-  /**
-   * Set GraphQL-level permissions controlling access to GraphQL operations.
-   * @example
-   * .gqlPermission([
-   *   {
-   *     conditions: [[{ user: "_loggedIn" }, "=", true]],
-   *     actions: "all",
-   *     permit: true,
-   *   },
-   * ])
-   */
-  gqlPermission<U extends object = User, P extends TailorTypeGqlPermission<U> = TailorTypeGqlPermission<U>>(permission: P): TailorDBType$1<Fields, U>;
-  /**
-   * Set type description
-   */
-  description(description: string): TailorDBType$1<Fields, User>;
-  /**
-   * Pick specific fields from the type
-   */
-  pickFields<K extends keyof Fields>(keys: K[]): Pick<Fields, K>;
-  pickFields<K extends keyof Fields, const Opt extends FieldOptions>(keys: K[], options: Opt): { [P in K]: Fields[P] extends TailorDBField<infer D, infer _O> ? TailorDBField<Omit<D, "array"> & {
-    array: Opt extends {
-      array: true;
-    } ? true : D["array"];
-  }, FieldOutput$1<TailorToTs[D["type"]], Opt>> : never };
-  /**
-   * Omit specific fields from the type
-   */
-  omitFields<K extends keyof Fields>(keys: K[]): Omit<Fields, K>;
-  /**
-   * Plugin attachments for this type
-   */
-  readonly plugins: PluginAttachment[];
-  /**
-   * Attach a plugin to this type
-   * @param config - Plugin configuration in the format { pluginId: config }
-   * @returns The type with the plugin attached
-   */
-  plugin<P extends keyof PluginConfigs<keyof Fields & string>>(config: { [K in P]: PluginConfigs<keyof Fields & string>[K] }): TailorDBType$1<Fields, User>;
-}
-type TailorDBInstance<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> = TailorDBType$1<Fields, User>;
-declare const idField: TailorDBField<{
-  type: "uuid";
-  array: false;
-}, string>;
-type idField = typeof idField;
-type DBType<F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>> = TailorDBInstance<{
-  id: idField;
-} & F>;
-/**
- * Creates a new database type with the specified fields.
- * An `id` field (UUID) is automatically added to every type.
- * @param name - The name of the type, or a tuple of [name, pluralForm]
- * @param fields - The field definitions for the type
- * @returns A new TailorDBType instance
- * @example
- * export const user = db.type("User", {
- *   name: db.string(),
- *   email: db.string(),
- *   age: db.int({ optional: true }),
- *   role: db.enum(["admin", "member"]),
- *   ...db.fields.timestamps(),
- * });
- * // Always export both the value and type:
- * export type user = typeof user;
- */
-declare function dbType<const F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>>(name: string | [string, string], fields: F): DBType<F>;
-/**
- * Creates a new database type with the specified fields and description.
- * An `id` field (UUID) is automatically added to every type.
- * @param name - The name of the type, or a tuple of [name, pluralForm]
- * @param description - A description of the type
- * @param fields - The field definitions for the type
- * @returns A new TailorDBType instance
- */
-declare function dbType<const F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>>(name: string | [string, string], description: string, fields: F): DBType<F>;
-/** TailorDB schema builder utilities for defining types and fields. */
-declare const db: {
-  type: typeof dbType;
-  uuid: typeof uuid;
-  string: typeof string;
-  bool: typeof bool;
-  int: typeof int;
-  float: typeof float;
-  decimal: typeof decimal;
-  date: typeof date;
-  datetime: typeof datetime;
-  time: typeof time;
-  enum: typeof _enum;
-  object: typeof object;
-  fields: {
-    /**
-     * Creates standard timestamp fields (createdAt, updatedAt) with auto-hooks.
-     * createdAt is set on create, updatedAt is set on update.
-     * @returns An object with createdAt and updatedAt fields
-     * @example
-     * const model = db.type("Model", {
-     *   name: db.string(),
-     *   ...db.fields.timestamps(),
-     * });
-     */
-    timestamps: () => {
-      createdAt: TailorDBField<{
-        type: "datetime";
-        array: false;
-        hooks?: {
-          create: true;
-          update: false;
-        } | undefined;
-        serial: false;
-        description: true;
-      }, string | Date>;
-      updatedAt: TailorDBField<{
-        type: "datetime";
-        array: false;
-        hooks?: {
-          create: false;
-          update: true;
-        } | undefined;
-        serial: false;
-        description: true;
-      }, string | Date | null>;
-    };
-  };
-};
-//#endregion
-//#region src/types/auth.d.ts
-type OAuth2ClientGrantType = OAuth2Client["grantTypes"][number];
-type SCIMAttributeType = SCIMAttribute["type"];
-type AuthInvokerWithName<M extends string> = Omit<AuthInvoker, "machineUserName"> & {
-  machineUserName: M;
-};
-/** Result of retrieving a connection token at runtime. */
-type AuthConnectionTokenResult = {
-  access_token: string;
-  refresh_token?: string;
-  token_type?: string;
-  expiry?: string;
-};
-type ValueOperand = string | boolean | string[] | boolean[];
-type AuthAttributeValue = ValueOperand | null | undefined;
-type UserFieldKeys<User extends TailorDBInstance> = keyof output<User> & string;
-type FieldDefined<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = User["fields"][Key] extends {
-  _defined: infer Defined;
-} ? Defined : never;
-type FieldOutput<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = output<User>[Key];
-type FieldIsRequired<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = undefined extends FieldOutput<User, Key> ? false : true;
-type FieldIsOfType<User extends TailorDBInstance, Key extends UserFieldKeys<User>, Type extends string> = FieldDefined<User, Key> extends {
-  type: Type;
-} ? true : false;
-type FieldIsArray<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldDefined<User, Key> extends {
-  array: true;
-} ? true : false;
-type FieldIsUnique<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldDefined<User, Key> extends {
-  unique: true;
-} ? true : false;
-type FieldSupportsValueOperand<User extends TailorDBInstance, Key extends UserFieldKeys<User>> = FieldOutput<User, Key> extends ValueOperand | null | undefined ? true : false;
-type UsernameFieldKey<User extends TailorDBInstance> = IsAny<User> extends true ? string : { [K in UserFieldKeys<User>]: FieldIsRequired<User, K> extends true ? FieldIsOfType<User, K, "string"> extends true ? FieldIsArray<User, K> extends true ? never : FieldIsUnique<User, K> extends true ? K : never : never : never }[UserFieldKeys<User>];
-type UserAttributeKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldSupportsValueOperand<User, K> extends true ? FieldIsOfType<User, K, "datetime" | "date" | "time"> extends true ? never : K : never }[UserFieldKeys<User>];
-type UserAttributeListKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldIsOfType<User, K, "uuid"> extends true ? FieldIsArray<User, K> extends true ? never : K : never }[UserFieldKeys<User>];
-type UserAttributeMap<User extends TailorDBInstance> = { [K in UserAttributeKey<User>]?: true };
-type DisallowExtraKeys<T, Allowed extends PropertyKey> = T & { [K in Exclude<keyof T, Allowed>]: never };
-type AttributeListValue<User extends TailorDBInstance, Key extends UserAttributeListKey<User>> = Key extends keyof output<User> ? output<User>[Key] : never;
-type AttributeListToTuple<User extends TailorDBInstance, AttributeList extends readonly UserAttributeListKey<User>[]> = { [Index in keyof AttributeList]: AttributeList[Index] extends UserAttributeListKey<User> ? AttributeListValue<User, AttributeList[Index]> : never };
-type AttributeMapSelectedKeys<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>> = Extract<{ [K in keyof AttributeMap]-?: undefined extends AttributeMap[K] ? never : K }[keyof AttributeMap], UserAttributeKey<User>>;
-type UserProfile<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[]> = {
-  /**
-   * TailorDB namespace where the user type is defined.
-   *
-   * Usually auto-resolved, so you don't need to specify this.
-   * Required only when multiple TailorDBs exist and the type is in an external TailorDB.
-   */
-  namespace?: string;
-  type: User;
-  usernameField: UsernameFieldKey<User>;
-  attributes?: DisallowExtraKeys<AttributeMap, UserAttributeKey<User>>;
-  attributeList?: AttributeList;
-};
-type MachineUserAttributeFields = Record<string, TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>>;
-type TailorFieldOutputValue<Field> = Field extends TailorField<DefinedFieldMetadata, infer Output, FieldMetadata, TailorFieldType> ? Output : never;
-type MachineUserAttributeValues<Fields extends MachineUserAttributeFields> = { [K in keyof Fields]: TailorFieldOutputValue<Fields[K]> extends ValueOperand | null | undefined ? TailorFieldOutputValue<Fields[K]> : never };
-type MachineUserFromAttributes<Fields extends MachineUserAttributeFields> = (keyof Fields extends never ? {
-  attributes?: never;
-} : {
-  attributes: DisallowExtraKeys<MachineUserAttributeValues<Fields>, keyof Fields>;
-}) & {
-  attributeList?: string[];
-};
-type MachineUser<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User> = UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[] = [], MachineUserAttributes extends MachineUserAttributeFields | undefined = undefined> = IsAny<MachineUserAttributes> extends true ? IsAny<User> extends true ? {
-  attributes: Record<string, AuthAttributeValue>;
-  attributeList?: string[];
-} : (AttributeMapSelectedKeys<User, AttributeMap> extends never ? {
-  attributes?: never;
-} : {
-  attributes: { [K in AttributeMapSelectedKeys<User, AttributeMap>]: K extends keyof output<User> ? output<User>[K] : never } & { [K in Exclude<keyof output<User>, AttributeMapSelectedKeys<User, AttributeMap>>]?: never };
-}) & ([] extends AttributeList ? {
-  attributeList?: never;
-} : {
-  attributeList: AttributeListToTuple<User, AttributeList>;
-}) : [MachineUserAttributes] extends [MachineUserAttributeFields] ? MachineUserFromAttributes<MachineUserAttributes> : IsAny<User> extends true ? {
-  attributes: Record<string, AuthAttributeValue>;
-  attributeList?: string[];
-} : (AttributeMapSelectedKeys<User, AttributeMap> extends never ? {
-  attributes?: never;
-} : {
-  attributes: { [K in AttributeMapSelectedKeys<User, AttributeMap>]: K extends keyof output<User> ? output<User>[K] : never } & { [K in Exclude<keyof output<User>, AttributeMapSelectedKeys<User, AttributeMap>>]?: never };
-}) & ([] extends AttributeList ? {
-  attributeList?: never;
-} : {
-  attributeList: AttributeListToTuple<User, AttributeList>;
-});
-type BeforeLoginHookArgs = {
-  claims: JsonObject;
-  idpConfigName: string;
-};
-type BeforeLoginHook<MachineUserNames extends string> = {
-  handler(args: BeforeLoginHookArgs): Promise<void>;
-  invoker: NoInfer<MachineUserNames>;
-};
-type AuthHooks<MachineUserNames extends string> = {
-  beforeLogin?: BeforeLoginHook<MachineUserNames>;
-};
-type AuthServiceInput<User extends TailorDBInstance, AttributeMap extends UserAttributeMap<User>, AttributeList extends UserAttributeListKey<User>[], MachineUserNames extends string, MachineUserAttributes extends MachineUserAttributeFields | undefined = MachineUserAttributeFields | undefined, ConnectionNames extends string = string> = {
-  hooks?: AuthHooks<MachineUserNames>;
-  userProfile?: UserProfile<User, AttributeMap, AttributeList>;
-  machineUserAttributes?: MachineUserAttributes;
-  machineUsers?: Record<MachineUserNames, MachineUser<User, AttributeMap, AttributeList, MachineUserAttributes>>;
-  oauth2Clients?: Record<string, OAuth2ClientInput>;
-  idProvider?: IdProvider;
-  scim?: SCIMConfig;
-  tenantProvider?: TenantProvider;
-  connections?: Record<ConnectionNames, AuthConnectionConfig>;
-  publishSessionEvents?: boolean;
-};
-declare const authDefinitionBrand: unique symbol;
-type AuthDefinitionBrand = {
-  readonly [authDefinitionBrand]: true;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })] | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), boolean] | readonly (boolean | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })])[] | {
+      conditions: readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })] | readonly (readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })])[];
+      description?: string | undefined;
+      permit?: boolean | undefined;
+    })[];
+    update: readonly (readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })] | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), boolean] | readonly (boolean | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })])[] | {
+      conditions: readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })] | readonly (readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })])[];
+      description?: string | undefined;
+      permit?: boolean | undefined;
+    })[];
+    delete: readonly (readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })] | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), boolean] | readonly (boolean | readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    } | {
+      record: string;
+    } | {
+      oldRecord: string;
+    } | {
+      newRecord: string;
+    })])[] | {
+      conditions: readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })] | readonly (readonly [(string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+        user: string;
+      } | {
+        record: string;
+      } | {
+        oldRecord: string;
+      } | {
+        newRecord: string;
+      })])[];
+      description?: string | undefined;
+      permit?: boolean | undefined;
+    })[];
+  } | undefined;
+  gql?: readonly {
+    conditions: readonly (readonly [(string | boolean | string[] | boolean[] | {
+      user: string;
+    }), "=" | "!=" | "in" | "not in" | "hasAny" | "not hasAny", (string | boolean | string[] | boolean[] | {
+      user: string;
+    })])[];
+    actions: "all" | readonly ("create" | "read" | "update" | "delete" | "aggregate" | "bulkUpsert")[];
+    permit?: boolean | undefined;
+    description?: string | undefined;
+  }[] | undefined;
 };
-type ConnectionNames<Config> = Config extends {
-  connections?: Record<infer K, unknown>;
-} ? K & string : string;
-type DefinedAuth<Name extends string, Config, MachineUserNames extends string> = Config & {
-  name: Name;
-  /**
-   * @deprecated Pass the machine user name directly as a string instead, e.g. `authInvoker: "machine-user-name"`.
-   * Using this function pulls config-layer (Node-only) dependencies into runtime bundles.
-   */
-  invoker<M extends MachineUserNames>(machineUser: M): AuthInvokerWithName<M>;
-  getConnectionToken<C extends ConnectionNames<Config>>(connectionName: C): Promise<AuthConnectionTokenResult>;
-} & AuthDefinitionBrand;
-type AuthExternalConfig = {
-  name: string;
-  external: true;
+type TailorDBServiceConfigInput = {
+  /** Glob patterns for TailorDB type definition files */files: string[]; /** Glob patterns to exclude from type discovery */
+  ignores?: string[] | undefined; /** URL for the ERD (Entity Relationship Diagram) site */
+  erdSite?: string | undefined; /** Migration configuration */
+  migration?: {
+    directory: string;
+    machineUser?: string | undefined;
+  } | undefined; /** Default GraphQL operations for all types in this service */
+  gqlOperations?: "query" | {
+    create?: boolean | undefined;
+    update?: boolean | undefined;
+    delete?: boolean | undefined;
+    read?: boolean | undefined;
+  } | undefined;
 };
-type AuthServiceInputLoose = AuthServiceInput<any, any, any, string, any>;
-type AuthOwnConfig = DefinedAuth<string, AuthServiceInputLoose, string>;
-type AuthConfig = AuthOwnConfig | AuthExternalConfig;
 //#endregion
 //#region src/types/tailordb.d.ts
+type SerialConfig<T extends "string" | "integer" = "string" | "integer"> = Prettify<{
+  start: number;
+  maxValue?: number;
+} & (T extends "string" ? {
+  format?: string;
+} : object)>;
+interface DBFieldMetadata extends FieldMetadata {
+  index?: boolean;
+  unique?: boolean;
+  vector?: boolean;
+  foreignKey?: boolean;
+  foreignKeyType?: string;
+  foreignKeyField?: string;
+  /** Lifecycle hooks for the field */
+  hooks?: DBFieldMetadata$1["hooks"];
+  serial?: SerialConfig;
+  relation?: boolean;
+  scale?: number;
+}
+interface DefinedDBFieldMetadata extends DefinedFieldMetadata {
+  index?: boolean;
+  unique?: boolean;
+  vector?: boolean;
+  foreignKey?: boolean;
+  foreignKeyType?: boolean;
+  validate?: boolean;
+  hooks?: {
+    create: boolean;
+    update: boolean;
+  };
+  serial?: boolean;
+  relation?: boolean;
+}
+type IndexDef<T extends {
+  fields: Record<PropertyKey, unknown>;
+}> = {
+  fields: [keyof T["fields"], keyof T["fields"], ...(keyof T["fields"])[]];
+  unique?: boolean;
+  name?: string;
+};
+type GqlOperationsConfig = GqlOperationsInput;
 type RelationType = "1-1" | "oneToOne" | "n-1" | "manyToOne" | "N-1" | "keyOnly";
 type TailorDBExternalConfig = {
   external: true;
@@ -1715,10 +1199,6 @@ type TypeSourceInfoEntry = UserDefinedTypeSource | PluginGeneratedTypeSource;
 interface Script {
   expr: string;
 }
-interface EnumValue {
-  value: string;
-  description?: string;
-}
 interface OperatorValidateConfig {
   script: Script;
   errorMessage: string;
@@ -1764,14 +1244,14 @@ type StandardPermissionOperator = "eq" | "ne" | "in" | "nin" | "hasAny" | "nhasA
 type UserOperand = {
   user: string;
 };
-type RecordOperand<Update extends boolean = false> = Update extends true ? {
+type StandardRecordOperand<Update extends boolean = false> = Update extends true ? {
   oldRecord: string;
 } | {
   newRecord: string;
 } : {
   record: string;
 };
-type PermissionOperand<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = UserOperand | ValueOperand | (Level extends "record" ? RecordOperand<Update> : never);
+type PermissionOperand<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = UserOperand | ValueOperand | (Level extends "record" ? StandardRecordOperand<Update> : never);
 type StandardPermissionCondition<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = readonly [PermissionOperand<Level, Update>, StandardPermissionOperator, PermissionOperand<Level, Update>];
 type StandardActionPermission<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = {
   conditions: readonly StandardPermissionCondition<Level, Update>[];
@@ -1831,7 +1311,7 @@ interface ParsedRelationship {
   isArray: boolean;
   description: string;
 }
-interface TailorDBType {
+interface TailorDBType$1 {
   name: string;
   pluralForm: string;
   description?: string;
@@ -1884,7 +1364,7 @@ interface TailorDBNamespaceData {
   /** Namespace name */
   namespace: string;
   /** All TailorDB types in this namespace, keyed by type name */
-  types: Record<string, TailorDBType>;
+  types: Record<string, TailorDBType$1>;
   /** Source info for each type (file path, export name, plugin info) */
   sourceInfo: ReadonlyMap<string, TypeSourceInfoEntry>;
   /** Plugin attachments configured on each type via .plugin() method */
@@ -2089,5 +1569,33 @@ interface Plugin<TypeConfig = unknown, PluginConfig = unknown> {
   onExecutorReady?(context: ExecutorReadyContext<PluginConfig>): GeneratorResult | Promise<GeneratorResult>;
 }
 //#endregion
-export { FieldOptions as $, BeforeLoginHookArgs as A, TailorDBTrigger as At, TailorAnyDBType as B, SCIMAttribute as Bt, TailorDBType as C, ExecutorInput as Ct, AuthExternalConfig as D, IncomingWebhookTrigger as Dt, AuthConnectionTokenResult as E, IdpUserTrigger as Et, UserAttributeListKey as F, IDToken as Ft, PermissionCondition as G, TenantProvider as Gt, TailorDBInstance as H, SCIMAuthorization as Ht, UserAttributeMap as I, IdProvider as It, unsafeAllowAllGqlPermission as J, TailorTypeGqlPermission as K, UsernameFieldKey as L, OAuth2ClientInput as Lt, OAuth2ClientGrantType as M, WorkflowOperation as Mt, SCIMAttributeType as N, AuthInvoker as Nt, AuthOwnConfig as O, ResolverExecutedTrigger as Ot, UserAttributeKey as P, BuiltinIdP as Pt, FieldMetadata as Q, ValueOperand as R, OIDC as Rt, TailorDBServiceInput as S, Executor as St, AuthConfig as T, GqlOperation as Tt, TailorDBType$1 as U, SCIMConfig as Ut, TailorDBField as V, SCIMAttributeMapping as Vt, db as W, SCIMResource as Wt, ArrayFieldOutput as X, unsafeAllowAllTypePermission as Y, DefinedFieldMetadata as Z, GeneratorResult as _, AuthConnectionOAuth2Config as _t, PluginExecutorContext as a, JsonCompatible as at, TailorDBNamespaceData as b, GeneratorConfig as bt, PluginGeneratedExecutorWithFile as c, AttributeList as ct, PluginNamespaceProcessContext as d, InferredAttributeMap as dt, FieldOutput$1 as et, PluginOutput as f, TailorUser as ft, ExecutorReadyContext as g, AuthConnectionConfig as gt, TypePluginOutput as h, AllowedValuesOutput as ht, PluginConfigs as i, InferFieldsOutput as it, DefinedAuth as j, WebhookOperation as jt, AuthServiceInput as k, ScheduleTriggerInput as kt, PluginGeneratedResolver as l, AttributeMap as lt, TailorDBTypeForPlugin as m, AllowedValues as mt, Plugin as n, TailorAnyField as nt, PluginExecutorContextBase as o, JsonValue as ot, PluginProcessContext as p, unauthenticatedTailorUser as pt, TailorTypePermission as q, PluginAttachment as r, TailorField as rt, PluginGeneratedExecutor as s, output as st, NamespacePluginOutput as t, TailorFieldType as tt, PluginGeneratedType as u, InferredAttributeList as ut, ResolverNamespaceData as v, Resolver as vt, TypeSourceInfoEntry as w, FunctionOperation as wt, TailorDBReadyContext as x, AuthAccessTokenTrigger as xt, ResolverReadyContext as y, ResolverInput as yt, TailorAnyDBField as z, SAML as zt };
-//# sourceMappingURL=plugin-_K3ZfP8B.d.mts.map
+//#region src/types/tailor-db-field.d.ts
+/**
+ * Minimal structural interface for TailorDBField.
+ * Defines only the properties needed by parser, plugin, cli, and types layers.
+ * The full interface with builder methods (relation, index, unique, hooks, validate, etc.)
+ * is defined in configure/services/tailordb/schema.ts.
+ */
+interface TailorDBField<Defined extends DefinedDBFieldMetadata = DefinedDBFieldMetadata, Output = any> extends Omit<TailorField<Defined, Output, DBFieldMetadata, Defined["type"]>, "fields"> {
+  readonly fields: Record<string, TailorAnyDBField>;
+  readonly rawRelation: Readonly<RawRelationConfig> | undefined;
+}
+type TailorAnyDBField = TailorDBField<any, any>;
+/**
+ * Minimal structural interface for TailorDBType.
+ * Defines only the properties needed by parser, plugin, cli, and types layers.
+ * The full interface with builder methods (hooks, validate, features, permission, etc.)
+ * is defined in configure/services/tailordb/schema.ts.
+ */
+interface TailorDBType<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> {
+  readonly name: string;
+  readonly fields: Fields;
+  readonly _output: InferFieldsOutput<Fields>;
+  readonly metadata: TailorDBTypeMetadata;
+  readonly plugins: PluginAttachment[];
+}
+type TailorAnyDBType = TailorDBType<any, any>;
+type TailorDBInstance<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> = TailorDBType<Fields, User>;
+//#endregion
+export { ResolverInput as $, RelationType as A, FieldMetadata as At, BeforeLoginHookArgs as B, InferredAttributeMap as Bt, ResolverReadyContext as C, SCIMAuthorization as Ct, DefinedDBFieldMetadata as D, ArrayFieldOutput as Dt, DBFieldMetadata as E, TenantProvider as Et, AuthConfig as F, FieldValidateInput as Ft, UserAttributeListKey as G, JsonValue as Gt, OAuth2ClientGrantType as H, unauthenticatedTailorUser as Ht, AuthConnectionTokenResult as I, Validators as It, ValueOperand as J, UserAttributeMap as K, Prettify as Kt, AuthExternalConfig as L, AttributeList as Lt, TailorDBServiceInput as M, FieldOutput$1 as Mt, TailorDBType$1 as N, TailorFieldType as Nt, GqlOperationsConfig as O, DefinedFieldMetadata as Ot, TypeSourceInfoEntry as P, TailorToTs as Pt, Resolver as Q, AuthOwnConfig as R, AttributeMap as Rt, ResolverNamespaceData as S, SCIMAttributeMapping as St, TailorDBReadyContext as T, SCIMResource as Tt, SCIMAttributeType as U, InferFieldsOutput as Ut, DefinedAuth as V, TailorUser as Vt, UserAttributeKey as W, JsonCompatible as Wt, AuthConnectionConfig as X, TailorField as Y, AuthConnectionOAuth2Config as Z, PluginProcessContext as _, IdProvider as _t, NamespacePluginOutput as a, FunctionOperation as at, ExecutorReadyContext as b, SAML as bt, PluginConfigs as c, IncomingWebhookTrigger as ct, PluginGeneratedExecutor as d, TailorDBTrigger as dt, GeneratorConfig as et, PluginGeneratedExecutorWithFile as f, WebhookOperation as ft, PluginOutput as g, IDToken as gt, PluginNamespaceProcessContext as h, BuiltinIdP as ht, TailorDBType as i, ExecutorInput as it, SerialConfig as j, FieldOptions as jt, IndexDef as k, EnumValue as kt, PluginExecutorContext as l, ResolverExecutedTrigger as lt, PluginGeneratedType as m, AuthInvoker as mt, TailorAnyDBType as n, AuthAccessTokenTrigger as nt, Plugin as o, GqlOperation as ot, PluginGeneratedResolver as p, WorkflowOperation as pt, UsernameFieldKey as q, output as qt, TailorDBField as r, Executor as rt, PluginAttachment as s, IdpUserTrigger as st, TailorAnyDBField as t, BaseGeneratorConfig as tt, PluginExecutorContextBase as u, ScheduleTriggerInput as ut, TailorDBTypeForPlugin as v, OAuth2ClientInput as vt, TailorDBNamespaceData as w, SCIMConfig as wt, GeneratorResult as x, SCIMAttribute as xt, TypePluginOutput as y, OIDC as yt, AuthServiceInput as z, InferredAttributeList as zt };
+//# sourceMappingURL=tailor-db-field-CoFKRCYW.d.mts.map