@tailor-platform/sdk 1.4.2 → 1.5.0

package/dist/{types-BWzDv7TK.d.mts → index-D40SiXpf.d.mts}

@@ -1,10 +1,7 @@
 /// <reference path="./user-defined.d.ts" />
-import * as zod0 from "zod";
 import { z } from "zod";
-import * as type_fest0 from "type-fest";
-import { IsAny, NonEmptyObject } from "type-fest";
 import { StandardSchemaV1 } from "@standard-schema/spec";
-import * as zod_v4_core0 from "zod/v4/core";
+import { IsAny, NonEmptyObject } from "type-fest";
 
 //#region src/parser/service/tailordb/relation.d.ts
 declare const relationTypes: {
@@ -17,13 +14,33 @@ declare const relationTypes: {
 };
 type RelationType = keyof typeof relationTypes;
 //#endregion
+//#region src/configure/types/field.d.ts
+type AllowedValue = EnumValue;
+type AllowedValues = [string | EnumValue, ...(string | EnumValue)[]];
+type AllowedValuesOutput<V extends AllowedValues> = V[number] extends infer T ? T extends string ? T : T extends {
+  value: infer K;
+} ? K : never : never;
+//#endregion
+//#region src/configure/types/brand.d.ts
+/**
+ * Symbol brands for type identification.
+ * These symbols are used to reliably identify SDK objects
+ * without relying on instanceof checks or property shape detection.
+ */
+/** Brand symbol for TailorField instances */
+declare const TAILOR_FIELD_BRAND: unique symbol;
+/** Brand symbol for TailorDBField instances */
+declare const TAILOR_DB_FIELD_BRAND: unique symbol;
+/** Brand symbol for TailorDBType instances */
+declare const TAILOR_DB_TYPE_BRAND: unique symbol;
+//#endregion
 //#region src/configure/types/helpers.d.ts
-type Prettify<T$1> = { [K in keyof T$1 as string extends K ? never : K]: T$1[K] } & {};
-type DeepWritable<T$1> = T$1 extends Date | RegExp | Function ? T$1 : T$1 extends object ? { -readonly [P in keyof T$1]: DeepWritable<T$1[P]> } & {} : T$1;
-type output<T$1> = T$1 extends {
+type Prettify<T> = { [K in keyof T as string extends K ? never : K]: T[K] } & {};
+type DeepWritable<T> = T extends Date | RegExp | Function ? T : T extends object ? { -readonly [P in keyof T]: DeepWritable<T[P]> } & {} : T;
+type output<T> = T extends {
   _output: infer U;
 } ? DeepWritable<U> : never;
-type NullableToOptional<T$1> = { [K in keyof T$1 as null extends T$1[K] ? never : K]: T$1[K] } & { [K in keyof T$1 as null extends T$1[K] ? K : never]?: T$1[K] };
+type NullableToOptional<T> = { [K in keyof T as null extends T[K] ? never : K]: T[K] } & { [K in keyof T as null extends T[K] ? K : never]?: T[K] };
 type InferFieldsOutput<F extends Record<string, {
   _output: any;
   [key: string]: any;
@@ -34,96 +51,9 @@ type InferFieldsOutput<F extends Record<string, {
  * so they can't be assigned to JsonValue's {[Key in string]: JsonValue}.
  * This type uses a recursive check instead.
  */
-type JsonCompatible<T$1> = T$1 extends string | number | boolean | null | undefined ? T$1 : T$1 extends readonly (infer U)[] ? JsonCompatible<U>[] : T$1 extends object ? T$1 extends {
+type JsonCompatible<T> = T extends string | number | boolean | null | undefined ? T : T extends readonly (infer U)[] ? JsonCompatible<U>[] : T extends object ? T extends {
   toJSON: () => unknown;
-} ? never : { [K in keyof T$1]: JsonCompatible<T$1[K]> } : never;
-//#endregion
-//#region src/configure/types/validation.d.ts
-/**
- * Validation function type
- */
-type ValidateFn<O, D$1 = unknown> = (args: {
-  value: O;
-  data: D$1;
-  user: TailorUser;
-}) => boolean;
-/**
- * Validation configuration with custom error message
- */
-type ValidateConfig<O, D$1 = unknown> = [ValidateFn<O, D$1>, string];
-/**
- * Field-level validation function
- */
-type FieldValidateFn<O> = ValidateFn<O>;
-/**
- * Field-level validation configuration
- */
-type FieldValidateConfig<O> = ValidateConfig<O>;
-/**
- * Input type for field validation - can be either a function or a tuple of [function, errorMessage]
- */
-type FieldValidateInput<O> = FieldValidateFn<O> | FieldValidateConfig<O>;
-/**
- * Base validators type for field collections
- * @template F - Record of fields
- * @template ExcludeKeys - Keys to exclude from validation (default: "id" for TailorDB)
- */
-type ValidatorsBase<F extends Record<string, {
-  _defined: any;
-  _output: any;
-  [key: string]: any;
-}>, ExcludeKeys extends string = "id"> = NonEmptyObject<{ [K in Exclude<keyof F, ExcludeKeys> as F[K]["_defined"] extends {
-  validate: unknown;
-} ? never : K]?: ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>> | (ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>>)[] }>;
-/**
- * Validators type (by default excludes "id" field for TailorDB compatibility)
- * Can be used with both TailorField and TailorDBField
- */
-type Validators<F extends Record<string, {
-  _defined: any;
-  _output: any;
-  [key: string]: any;
-}>> = ValidatorsBase<F, "id">;
-//#endregion
-//#region src/configure/types/types.d.ts
-type TailorFieldType = "uuid" | "string" | "boolean" | "integer" | "float" | "enum" | "date" | "datetime" | "time" | "nested";
-type TailorToTs = {
-  string: string;
-  integer: number;
-  float: number;
-  boolean: boolean;
-  uuid: string;
-  date: string;
-  datetime: string | Date;
-  time: string;
-  enum: string;
-  object: Record<string, unknown>;
-  nested: Record<string, unknown>;
-} & Record<TailorFieldType, unknown>;
-interface FieldMetadata {
-  description?: string;
-  required?: boolean;
-  array?: boolean;
-  allowedValues?: AllowedValue[];
-  validate?: FieldValidateInput<any>[];
-  typeName?: string;
-}
-interface DefinedFieldMetadata {
-  type: TailorFieldType;
-  array: boolean;
-  description?: boolean;
-  validate?: boolean;
-  typeName?: boolean;
-}
-type FieldOptions = {
-  optional?: boolean;
-  array?: boolean;
-};
-type FieldOutput$1<T$1, O extends FieldOptions> = OptionalFieldOutput<ArrayFieldOutput<T$1, O>, O>;
-type OptionalFieldOutput<T$1, O extends FieldOptions> = O["optional"] extends true ? T$1 | null : T$1;
-type ArrayFieldOutput<T$1, O extends FieldOptions> = [O] extends [{
-  array: true;
-}] ? T$1[] : T$1;
+} ? never : { [K in keyof T]: JsonCompatible<T[K]> } : never;
 //#endregion
 //#region src/parser/service/resolver/schema.d.ts
 declare const QueryTypeSchema: z.ZodUnion<readonly [z.ZodLiteral<"query">, z.ZodLiteral<"mutation">]>;
@@ -234,25 +164,42 @@ type FieldParseArgs = {
   data: unknown;
   user: TailorUser;
 };
-declare class TailorField<const Defined extends DefinedFieldMetadata = DefinedFieldMetadata, const Output = any, M extends FieldMetadata = FieldMetadata, T$1 extends TailorFieldType = TailorFieldType> implements TailorFieldInput {
-  readonly type: T$1;
+type FieldParseInternalArgs = {
+  value: any;
+  data: unknown;
+  user: TailorUser;
+  pathArray: string[];
+};
+/**
+ * TailorField interface representing a field with metadata, type information, and optional nested fields.
+ * This is the base field type used by both resolver types and TailorDB types.
+ * Using interface to allow self-referencing in the fields property.
+ */
+interface TailorField<Defined extends DefinedFieldMetadata = DefinedFieldMetadata, Output = any, M extends FieldMetadata = FieldMetadata, T extends TailorFieldType = TailorFieldType> extends TailorFieldInput {
+  /** Brand symbol for type identification */
+  readonly [TAILOR_FIELD_BRAND]: true;
+  readonly type: T;
   readonly fields: Record<string, TailorAnyField>;
-  protected _metadata: M;
   readonly _defined: Defined;
   readonly _output: Output;
-  get metadata(): M;
-  protected constructor(type: T$1, options?: FieldOptions, fields?: Record<string, TailorAnyField>, values?: AllowedValues);
-  static create<const TType extends TailorFieldType, const TOptions extends FieldOptions, const OutputBase = TailorToTs[TType]>(type: TType, options?: TOptions, fields?: Record<string, TailorAnyField>, values?: AllowedValues): TailorField<{
-    type: TType;
-    array: TOptions extends {
-      array: true;
-    } ? true : false;
-  }, FieldOutput$1<OutputBase, TOptions>, FieldMetadata, TailorFieldType>;
+  _metadata: M;
+  /** Returns a shallow copy of the metadata */
+  readonly metadata: M;
+  /**
+   * Set a description for the field
+   * @param description - The description text
+   * @returns The field with updated metadata
+   */
   description<CurrentDefined extends Defined>(this: CurrentDefined extends {
     description: unknown;
   } ? never : TailorField<CurrentDefined, Output>, description: string): TailorField<Prettify<CurrentDefined & {
     description: true;
   }>, Output>;
+  /**
+   * Set a custom type name for enum or nested types
+   * @param typeName - The custom type name
+   * @returns The field with updated metadata
+   */
   typeName<CurrentDefined extends Defined>(this: CurrentDefined extends {
     typeName: unknown;
   } ? never : CurrentDefined extends {
@@ -260,6 +207,11 @@ declare class TailorField<const Defined extends DefinedFieldMetadata = DefinedFi
   } ? TailorField<CurrentDefined, Output> : never, typeName: string): TailorField<Prettify<CurrentDefined & {
     typeName: true;
   }>, Output>;
+  /**
+   * Add validation functions to the field
+   * @param validate - One or more validation functions
+   * @returns The field with updated metadata
+   */
   validate<CurrentDefined extends Defined>(this: CurrentDefined extends {
     validate: unknown;
   } ? never : TailorField<CurrentDefined, Output>, ...validate: FieldValidateInput<Output>[]): TailorField<Prettify<CurrentDefined & {
@@ -272,21 +224,13 @@ declare class TailorField<const Defined extends DefinedFieldMetadata = DefinedFi
    * @returns Validation result
    */
   parse(args: FieldParseArgs): StandardSchemaV1.Result<Output>;
-  /**
-   * Validate a single value (not an array element)
-   * Used internally for array element validation
-   * @private
-   * @param args - Validation arguments
-   * @returns Validation issues
-   */
-  private _validateValue;
   /**
    * Internal parse method that tracks field path for nested validation
    * @private
    * @param args - Parse arguments
    * @returns Validation result
    */
-  private _parseInternal;
+  _parseInternal(args: FieldParseInternalArgs): StandardSchemaV1.Result<Output>;
 }
 //#endregion
 //#region src/configure/types/user.d.ts
@@ -324,6 +268,93 @@ type TailorUser = {
 /** Represents an unauthenticated user in the Tailor platform. */
 declare const unauthenticatedTailorUser: TailorUser;
 //#endregion
+//#region src/configure/types/validation.d.ts
+/**
+ * Validation function type
+ */
+type ValidateFn<O, D$1 = unknown> = (args: {
+  value: O;
+  data: D$1;
+  user: TailorUser;
+}) => boolean;
+/**
+ * Validation configuration with custom error message
+ */
+type ValidateConfig<O, D$1 = unknown> = [ValidateFn<O, D$1>, string];
+/**
+ * Field-level validation function
+ */
+type FieldValidateFn<O> = ValidateFn<O>;
+/**
+ * Field-level validation configuration
+ */
+type FieldValidateConfig<O> = ValidateConfig<O>;
+/**
+ * Input type for field validation - can be either a function or a tuple of [function, errorMessage]
+ */
+type FieldValidateInput<O> = FieldValidateFn<O> | FieldValidateConfig<O>;
+/**
+ * Base validators type for field collections
+ * @template F - Record of fields
+ * @template ExcludeKeys - Keys to exclude from validation (default: "id" for TailorDB)
+ */
+type ValidatorsBase<F extends Record<string, {
+  _defined: any;
+  _output: any;
+  [key: string]: any;
+}>, ExcludeKeys extends string = "id"> = NonEmptyObject<{ [K in Exclude<keyof F, ExcludeKeys> as F[K]["_defined"] extends {
+  validate: unknown;
+} ? never : K]?: ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>> | (ValidateFn<output<F[K]>, InferFieldsOutput<F>> | ValidateConfig<output<F[K]>, InferFieldsOutput<F>>)[] }>;
+/**
+ * Validators type (by default excludes "id" field for TailorDB compatibility)
+ * Can be used with both TailorField and TailorDBField
+ */
+type Validators<F extends Record<string, {
+  _defined: any;
+  _output: any;
+  [key: string]: any;
+}>> = ValidatorsBase<F, "id">;
+//#endregion
+//#region src/configure/types/types.d.ts
+type TailorFieldType = "uuid" | "string" | "boolean" | "integer" | "float" | "enum" | "date" | "datetime" | "time" | "nested";
+type TailorToTs = {
+  string: string;
+  integer: number;
+  float: number;
+  boolean: boolean;
+  uuid: string;
+  date: string;
+  datetime: string | Date;
+  time: string;
+  enum: string;
+  object: Record<string, unknown>;
+  nested: Record<string, unknown>;
+} & Record<TailorFieldType, unknown>;
+interface FieldMetadata {
+  description?: string;
+  required?: boolean;
+  array?: boolean;
+  allowedValues?: AllowedValue[];
+  validate?: FieldValidateInput<any>[];
+  typeName?: string;
+}
+interface DefinedFieldMetadata {
+  type: TailorFieldType;
+  array: boolean;
+  description?: boolean;
+  validate?: boolean;
+  typeName?: boolean;
+}
+type FieldOptions = {
+  optional?: boolean;
+  array?: boolean;
+};
+type FieldOutput$1<T, O extends FieldOptions> = OptionalFieldOutput<ArrayFieldOutput<T, O>, O>;
+type OptionalFieldOutput<T, O extends FieldOptions> = O["optional"] extends true ? T | null : T;
+type ArrayFieldOutput<T, O extends FieldOptions> = [O] extends [{
+  array: true;
+}] ? T[] : T;
+//#endregion
 //#region src/configure/services/tailordb/permission.d.ts
 type TailorTypePermission<User extends object = InferredAttributeMap, Type extends object = object> = {
   create: readonly ActionPermission<"record", User, Type, false>[];
@@ -379,7 +410,8 @@ type ContainsCondition<Level extends "record" | "gql" = "record", User extends o
  * Type representing a permission condition that combines user attributes, record fields, and literal values using comparison operators.
  *
  * The User type is extended by `user-defined.d.ts`, which is automatically generated when running `tailor-sdk generate`.
- * Attributes enabled in the config file's `auth.userProfile.attributes` become available as types.
+ * Attributes enabled in the config file's `auth.userProfile.attributes` (or
+ * `auth.machineUserAttributes` when userProfile is omitted) become available as types.
  * @example
  * ```ts
  * // tailor.config.ts
@@ -413,10 +445,10 @@ declare const unsafeAllowAllTypePermission: TailorTypePermission;
 declare const unsafeAllowAllGqlPermission: TailorTypeGqlPermission;
 //#endregion
 //#region src/configure/services/tailordb/types.d.ts
-type SerialConfig<T$1 extends "string" | "integer" = "string" | "integer"> = Prettify<{
+type SerialConfig<T extends "string" | "integer" = "string" | "integer"> = Prettify<{
   start: number;
   maxValue?: number;
-} & (T$1 extends "string" ? {
+} & (T extends "string" ? {
   format?: string;
 } : object)>;
 interface DBFieldMetadata extends FieldMetadata {
@@ -444,10 +476,10 @@ interface DefinedDBFieldMetadata extends DefinedFieldMetadata {
   serial?: boolean;
   relation?: boolean;
 }
-type ExcludeNestedDBFields<T$1 extends Record<string, TailorAnyDBField>> = { [K in keyof T$1]: T$1[K] extends TailorDBField<{
+type ExcludeNestedDBFields<T extends Record<string, TailorAnyDBField>> = { [K in keyof T]: T[K] extends TailorDBField<{
   type: "nested";
   array: boolean;
-}, any> ? never : T$1[K] };
+}, any> ? never : T[K] };
 type HookFn<TValue, TData, TReturn> = (args: {
   value: TValue;
   data: TData extends Record<string, unknown> ? { readonly [K in keyof TData]?: TData[K] | null | undefined } : unknown;
@@ -473,10 +505,10 @@ type TailorDBExternalConfig = {
 type TailorDBServiceInput = {
   [namespace: string]: TailorDBServiceConfig | TailorDBExternalConfig;
 };
-type IndexDef<T$1 extends {
+type IndexDef<T extends {
   fields: Record<PropertyKey, unknown>;
 }> = {
-  fields: [keyof T$1["fields"], keyof T$1["fields"], ...(keyof T$1["fields"])[]];
+  fields: [keyof T["fields"], keyof T["fields"], ...(keyof T["fields"])[]];
   unique?: boolean;
   name?: string;
 };
@@ -486,69 +518,404 @@ interface TypeFeatures {
   bulkUpsert?: true;
 }
 //#endregion
-//#region src/parser/service/auth/schema.d.ts
-declare const AuthInvokerSchema: z.ZodObject<{
-  namespace: z.ZodString;
-  machineUserName: z.ZodString;
-}, z.core.$strip>;
-declare const OIDCSchema: z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"OIDC">;
-  clientID: z.ZodString;
-  clientSecret: z.ZodObject<{
-    vaultName: z.ZodString;
-    secretKey: z.ZodString;
-  }, z.core.$strip>;
-  providerURL: z.ZodString;
-  issuerURL: z.ZodOptional<z.ZodString>;
-  usernameClaim: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>;
-declare const SAMLSchema: z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"SAML">;
-  enableSignRequest: z.ZodDefault<z.ZodBoolean>;
-  metadataURL: z.ZodOptional<z.ZodString>;
-  rawMetadata: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>;
-declare const IDTokenSchema: z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"IDToken">;
-  providerURL: z.ZodString;
-  issuerURL: z.ZodOptional<z.ZodString>;
-  clientID: z.ZodString;
-  usernameClaim: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>;
-declare const BuiltinIdPSchema: z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"BuiltInIdP">;
-  namespace: z.ZodString;
-  clientName: z.ZodString;
-}, z.core.$strip>;
-declare const IdProviderSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"OIDC">;
-  clientID: z.ZodString;
-  clientSecret: z.ZodObject<{
-    vaultName: z.ZodString;
-    secretKey: z.ZodString;
-  }, z.core.$strip>;
-  providerURL: z.ZodString;
-  issuerURL: z.ZodOptional<z.ZodString>;
-  usernameClaim: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>, z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"SAML">;
-  enableSignRequest: z.ZodDefault<z.ZodBoolean>;
-  metadataURL: z.ZodOptional<z.ZodString>;
-  rawMetadata: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>, z.ZodObject<{
-  name: z.ZodString;
-  kind: z.ZodLiteral<"IDToken">;
-  providerURL: z.ZodString;
-  issuerURL: z.ZodOptional<z.ZodString>;
-  clientID: z.ZodString;
-  usernameClaim: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>, z.ZodObject<{
+//#region src/configure/services/tailordb/schema.d.ts
+interface RelationConfig<S extends RelationType, T extends TailorDBType> {
+  type: S;
+  toward: {
+    type: T;
+    as?: string;
+    key?: keyof T["fields"] & string;
+  };
+  backward?: string;
+}
+type RelationSelfConfig = {
+  type: RelationType;
+  toward: {
+    type: "self";
+    as?: string;
+    key?: string;
+  };
+  backward?: string;
+};
+type TailorAnyDBField = TailorDBField<any, any>;
+/**
+ * TailorDBField interface representing a database field with extended metadata.
+ * Extends TailorField with database-specific features like relations, indexes, and hooks.
+ */
+interface TailorDBField<Defined extends DefinedDBFieldMetadata, Output> extends Omit<TailorField<Defined, Output, DBFieldMetadata, Defined["type"]>, "description" | "validate"> {
+  /** Brand symbol for type identification */
+  readonly [TAILOR_DB_FIELD_BRAND]: true;
+  /** Returns a shallow copy of the raw relation config if set */
+  readonly rawRelation: Readonly<RawRelationConfig> | undefined;
+  /**
+   * Set a description for the field
+   * @param description - The description text
+   * @returns The field with updated metadata
+   */
+  description<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    description: unknown;
+  } ? never : TailorField<CurrentDefined, Output>, description: string): TailorDBField<Prettify<CurrentDefined & {
+    description: true;
+  }>, Output>;
+  /**
+   * Define a relation to another type
+   */
+  relation<S extends RelationType, T extends TailorAnyDBType, CurrentDefined extends Defined>(this: CurrentDefined extends {
+    relation: unknown;
+  } ? never : TailorDBField<CurrentDefined, Output>, config: RelationConfig<S, T>): TailorDBField<S extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
+    unique: true;
+    index: true;
+    relation: true;
+  }> : Prettify<CurrentDefined & {
+    index: true;
+    relation: true;
+  }>, Output>;
+  /**
+   * Define a self-referencing relation
+   */
+  relation<S extends RelationSelfConfig, CurrentDefined extends Defined>(this: CurrentDefined extends {
+    relation: unknown;
+  } ? never : TailorDBField<CurrentDefined, Output>, config: S): TailorDBField<S["type"] extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
+    unique: true;
+    index: true;
+    relation: true;
+  }> : Prettify<CurrentDefined & {
+    index: true;
+    relation: true;
+  }>, Output>;
+  /**
+   * Add an index to the field
+   */
+  index<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    index: unknown;
+  } ? never : CurrentDefined extends {
+    array: true;
+  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
+    index: true;
+  }>, Output>;
+  /**
+   * Make the field unique (also adds an index)
+   */
+  unique<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    unique: unknown;
+  } ? never : CurrentDefined extends {
+    array: true;
+  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
+    unique: true;
+    index: true;
+  }>, Output>;
+  /**
+   * Enable vector search on the field (string type only)
+   */
+  vector<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    vector: unknown;
+  } ? never : CurrentDefined extends {
+    type: "string";
+    array: false;
+  } ? TailorDBField<CurrentDefined, Output> : never): TailorDBField<Prettify<CurrentDefined & {
+    vector: true;
+  }>, Output>;
+  /**
+   * Add hooks for create/update operations
+   */
+  hooks<CurrentDefined extends Defined, const H extends Hook<unknown, Output>>(this: CurrentDefined extends {
+    hooks: unknown;
+  } ? never : CurrentDefined extends {
+    type: "nested";
+  } ? never : TailorDBField<CurrentDefined, Output>, hooks: H): TailorDBField<Prettify<CurrentDefined & {
+    hooks?: {
+      create: H extends {
+        create: unknown;
+      } ? true : false;
+      update: H extends {
+        update: unknown;
+      } ? true : false;
+    };
+    serial: false;
+  }>, Output>;
+  /**
+   * Add validation functions to the field
+   */
+  validate<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    validate: unknown;
+  } ? never : TailorDBField<CurrentDefined, Output>, ...validate: FieldValidateInput<Output>[]): TailorDBField<Prettify<CurrentDefined & {
+    validate: true;
+  }>, Output>;
+  /**
+   * Configure serial/auto-increment behavior
+   */
+  serial<CurrentDefined extends Defined>(this: CurrentDefined extends {
+    serial: unknown;
+  } ? never : Output extends null ? never : CurrentDefined extends {
+    type: "integer" | "string";
+    array: false;
+  } ? TailorDBField<CurrentDefined, Output> : never, config: SerialConfig<CurrentDefined["type"] & ("integer" | "string")>): TailorDBField<Prettify<CurrentDefined & {
+    serial: true;
+    hooks: {
+      create: false;
+      update: false;
+    };
+  }>, Output>;
+  /**
+   * Clone the field with optional overrides for field options
+   * @param options - Optional field options to override
+   * @returns A new TailorDBField instance with the same configuration
+   */
+  clone<const NewOpt extends FieldOptions>(options?: NewOpt): TailorDBField<Prettify<Omit<Defined, "array"> & {
+    array: NewOpt extends {
+      array: true;
+    } ? true : Defined["array"];
+  }>, FieldOutput$1<TailorToTs[Defined["type"]], NewOpt>>;
+}
+declare function uuid<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "uuid";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
+declare function string<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "string";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
+declare function bool<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "boolean";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<boolean, Opt> | null : ArrayFieldOutput<boolean, Opt>>;
+declare function int<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "integer";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
+declare function float<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "float";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
+declare function date<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "date";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
+declare function datetime<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "datetime";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<string | Date, Opt> | null : ArrayFieldOutput<string | Date, Opt>>;
+declare function time<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
+  type: "time";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
+declare function _enum<const V extends AllowedValues, const Opt extends FieldOptions>(values: V, options?: Opt): TailorDBField<{
+  type: "enum";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, FieldOutput$1<AllowedValuesOutput<V>, Opt>>;
+declare function object<const F extends Record<string, TailorAnyDBField> & ExcludeNestedDBFields<F>, const Opt extends FieldOptions>(fields: F, options?: Opt): TailorDBField<{
+  type: "nested";
+  array: Opt extends {
+    array: true;
+  } ? true : false;
+}, FieldOutput$1<InferFieldsOutput<F>, Opt>>;
+type TailorAnyDBType = TailorDBType<any, any>;
+/**
+ * TailorDBType interface representing a database type definition with fields, permissions, and settings.
+ */
+interface TailorDBType<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> {
+  /** Brand symbol for type identification */
+  readonly [TAILOR_DB_TYPE_BRAND]: true;
+  readonly name: string;
+  readonly fields: Fields;
+  readonly _output: InferFieldsOutput<Fields>;
+  _description?: string;
+  /** Returns metadata for the type */
+  readonly metadata: TailorDBTypeMetadata;
+  /**
+   * Add hooks for fields
+   */
+  hooks(hooks: Hooks<Fields>): TailorDBType<Fields, User>;
+  /**
+   * Add validators for fields
+   */
+  validate(validators: Validators<Fields>): TailorDBType<Fields, User>;
+  /**
+   * Configure type features
+   */
+  features(features: Omit<TypeFeatures, "pluralForm">): TailorDBType<Fields, User>;
+  /**
+   * Define composite indexes
+   */
+  indexes(...indexes: IndexDef<TailorDBType<Fields, User>>[]): TailorDBType<Fields, User>;
+  /**
+   * Define file fields
+   */
+  files<const F extends string>(files: Record<F, string> & Partial<Record<keyof output<TailorDBType<Fields, User>>, never>>): TailorDBType<Fields, User>;
+  /**
+   * Set record-level permissions
+   */
+  permission<U$1 extends object = User, P$1 extends TailorTypePermission<U$1, output<TailorDBType<Fields, User>>> = TailorTypePermission<U$1, output<TailorDBType<Fields, User>>>>(permission: P$1): TailorDBType<Fields, U$1>;
+  /**
+   * Set GraphQL-level permissions
+   */
+  gqlPermission<U$1 extends object = User, P$1 extends TailorTypeGqlPermission<U$1> = TailorTypeGqlPermission<U$1>>(permission: P$1): TailorDBType<Fields, U$1>;
+  /**
+   * Set type description
+   */
+  description(description: string): TailorDBType<Fields, User>;
+  /**
+   * Pick specific fields from the type
+   */
+  pickFields<K$1 extends keyof Fields, const Opt extends FieldOptions>(keys: K$1[], options: Opt): { [P in K$1]: Fields[P$1] extends TailorDBField<infer D, infer _O> ? TailorDBField<Omit<D, "array"> & {
+    array: Opt extends {
+      array: true;
+    } ? true : D["array"];
+  }, FieldOutput$1<TailorToTs[D["type"]], Opt>> : never };
+  /**
+   * Omit specific fields from the type
+   */
+  omitFields<K$1 extends keyof Fields>(keys: K$1[]): Omit<Fields, K$1>;
+}
+type TailorDBInstance<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> = TailorDBType<Fields, User>;
+declare const idField: TailorDBField<{
+  type: "uuid";
+  array: false;
+}, string>;
+type idField = typeof idField;
+type DBType<F extends {
+  id?: never;
+} & Record<string, TailorAnyDBField>> = TailorDBInstance<{
+  id: idField;
+} & F>;
+/**
+ * Creates a new database type with the specified fields
+ * @param name - The name of the type, or a tuple of [name, pluralForm]
+ * @param fields - The field definitions for the type
+ * @returns A new TailorDBType instance
+ */
+declare function dbType<const F extends {
+  id?: never;
+} & Record<string, TailorAnyDBField>>(name: string | [string, string], fields: F): DBType<F>;
+/**
+ * Creates a new database type with the specified fields and description
+ * @param name - The name of the type, or a tuple of [name, pluralForm]
+ * @param description - A description of the type
+ * @param fields - The field definitions for the type
+ * @returns A new TailorDBType instance
+ */
+declare function dbType<const F extends {
+  id?: never;
+} & Record<string, TailorAnyDBField>>(name: string | [string, string], description: string, fields: F): DBType<F>;
+declare const db: {
+  type: typeof dbType;
+  uuid: typeof uuid;
+  string: typeof string;
+  bool: typeof bool;
+  int: typeof int;
+  float: typeof float;
+  date: typeof date;
+  datetime: typeof datetime;
+  time: typeof time;
+  enum: typeof _enum;
+  object: typeof object;
+  fields: {
+    timestamps: () => {
+      createdAt: TailorDBField<{
+        type: "datetime";
+        array: false;
+        hooks?: {
+          create: true;
+          update: false;
+        } | undefined;
+        serial: false;
+        description: true;
+      }, string | Date>;
+      updatedAt: TailorDBField<{
+        type: "datetime";
+        array: false;
+        hooks?: {
+          create: false;
+          update: true;
+        } | undefined;
+        serial: false;
+        description: true;
+      }, string | Date | null>;
+    };
+  };
+};
+//#endregion
+//#region src/parser/service/auth/schema.d.ts
+declare const AuthInvokerSchema: z.ZodObject<{
+  namespace: z.ZodString;
+  machineUserName: z.ZodString;
+}, z.core.$strip>;
+declare const OIDCSchema: z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"OIDC">;
+  clientID: z.ZodString;
+  clientSecret: z.ZodObject<{
+    vaultName: z.ZodString;
+    secretKey: z.ZodString;
+  }, z.core.$strip>;
+  providerURL: z.ZodString;
+  issuerURL: z.ZodOptional<z.ZodString>;
+  usernameClaim: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+declare const SAMLSchema: z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"SAML">;
+  enableSignRequest: z.ZodDefault<z.ZodBoolean>;
+  metadataURL: z.ZodOptional<z.ZodString>;
+  rawMetadata: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+declare const IDTokenSchema: z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"IDToken">;
+  providerURL: z.ZodString;
+  issuerURL: z.ZodOptional<z.ZodString>;
+  clientID: z.ZodString;
+  usernameClaim: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+declare const BuiltinIdPSchema: z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"BuiltInIdP">;
+  namespace: z.ZodString;
+  clientName: z.ZodString;
+}, z.core.$strip>;
+declare const IdProviderSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"OIDC">;
+  clientID: z.ZodString;
+  clientSecret: z.ZodObject<{
+    vaultName: z.ZodString;
+    secretKey: z.ZodString;
+  }, z.core.$strip>;
+  providerURL: z.ZodString;
+  issuerURL: z.ZodOptional<z.ZodString>;
+  usernameClaim: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>, z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"SAML">;
+  enableSignRequest: z.ZodDefault<z.ZodBoolean>;
+  metadataURL: z.ZodOptional<z.ZodString>;
+  rawMetadata: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>, z.ZodObject<{
+  name: z.ZodString;
+  kind: z.ZodLiteral<"IDToken">;
+  providerURL: z.ZodString;
+  issuerURL: z.ZodOptional<z.ZodString>;
+  clientID: z.ZodString;
+  usernameClaim: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>, z.ZodObject<{
   name: z.ZodString;
   kind: z.ZodLiteral<"BuiltInIdP">;
   namespace: z.ZodString;
@@ -693,7 +1060,7 @@ type UsernameFieldKey<User extends TailorDBInstance> = IsAny<User> extends true
 type UserAttributeKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldSupportsValueOperand<User, K> extends true ? FieldIsOfType<User, K, "datetime" | "date" | "time"> extends true ? never : K : never }[UserFieldKeys<User>];
 type UserAttributeListKey<User extends TailorDBInstance> = { [K in UserFieldKeys<User>]: K extends "id" ? never : FieldIsOfType<User, K, "uuid"> extends true ? FieldIsArray<User, K> extends true ? never : K : never }[UserFieldKeys<User>];
 type UserAttributeMap<User extends TailorDBInstance> = { [K in UserAttributeKey<User>]?: true };
-type DisallowExtraKeys<T$1, Allowed extends PropertyKey> = T$1 & { [K in Exclude<keyof T$1, Allowed>]: never };
+type DisallowExtraKeys<T, Allowed extends PropertyKey> = T & { [K in Exclude<keyof T, Allowed>]: never };
 type AttributeListValue<User extends TailorDBInstance, Key extends UserAttributeListKey<User>> = Key extends keyof output<User> ? output<User>[Key] : never;
 type AttributeListToTuple<User extends TailorDBInstance, AttributeList$1 extends readonly UserAttributeListKey<User>[]> = { [Index in keyof AttributeList$1]: AttributeList$1[Index] extends UserAttributeListKey<User> ? AttributeListValue<User, AttributeList$1[Index]> : never };
 type AttributeMapSelectedKeys<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User>> = Extract<{ [K in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K] ? never : K }[keyof AttributeMap$1], UserAttributeKey<User>>;
@@ -710,7 +1077,28 @@ type UserProfile<User extends TailorDBInstance, AttributeMap$1 extends UserAttri
   attributes?: DisallowExtraKeys<AttributeMap$1, UserAttributeKey<User>>;
   attributeList?: AttributeList$1;
 };
-type MachineUser<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User> = UserAttributeMap<User>, AttributeList$1 extends UserAttributeListKey<User>[] = []> = IsAny<User> extends true ? {
+type MachineUserAttributeFields$1 = Record<string, TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>>;
+type TailorFieldOutputValue<Field> = Field extends TailorField<DefinedFieldMetadata, infer Output, FieldMetadata, TailorFieldType> ? Output : never;
+type MachineUserAttributeValues<Fields extends MachineUserAttributeFields$1> = { [K in keyof Fields]: TailorFieldOutputValue<Fields[K]> extends ValueOperand | null | undefined ? TailorFieldOutputValue<Fields[K]> : never };
+type MachineUserFromAttributes<Fields extends MachineUserAttributeFields$1> = (keyof Fields extends never ? {
+  attributes?: never;
+} : {
+  attributes: DisallowExtraKeys<MachineUserAttributeValues<Fields>, keyof Fields>;
+}) & {
+  attributeList?: string[];
+};
+type MachineUser<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User> = UserAttributeMap<User>, AttributeList$1 extends UserAttributeListKey<User>[] = [], MachineUserAttributes extends MachineUserAttributeFields$1 | undefined = undefined> = IsAny<MachineUserAttributes> extends true ? IsAny<User> extends true ? {
+  attributes: Record<string, AuthAttributeValue>;
+  attributeList?: string[];
+} : (AttributeMapSelectedKeys<User, AttributeMap$1> extends never ? {
+  attributes?: never;
+} : {
+  attributes: { [K in AttributeMapSelectedKeys<User, AttributeMap$1>]: K extends keyof output<User> ? output<User>[K] : never } & { [K in Exclude<keyof output<User>, AttributeMapSelectedKeys<User, AttributeMap$1>>]?: never };
+}) & ([] extends AttributeList$1 ? {
+  attributeList?: never;
+} : {
+  attributeList: AttributeListToTuple<User, AttributeList$1>;
+}) : [MachineUserAttributes] extends [MachineUserAttributeFields$1] ? MachineUserFromAttributes<MachineUserAttributes> : IsAny<User> extends true ? {
   attributes: Record<string, AuthAttributeValue>;
   attributeList?: string[];
 } : (AttributeMapSelectedKeys<User, AttributeMap$1> extends never ? {
@@ -722,9 +1110,10 @@ type MachineUser<User extends TailorDBInstance, AttributeMap$1 extends UserAttri
 } : {
   attributeList: AttributeListToTuple<User, AttributeList$1>;
 });
-type AuthServiceInput<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User>, AttributeList$1 extends UserAttributeListKey<User>[], MachineUserNames extends string> = {
+type AuthServiceInput<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User>, AttributeList$1 extends UserAttributeListKey<User>[], MachineUserNames extends string, MachineUserAttributes extends MachineUserAttributeFields$1 | undefined = MachineUserAttributeFields$1 | undefined> = {
   userProfile?: UserProfile<User, AttributeMap$1, AttributeList$1>;
-  machineUsers?: Record<MachineUserNames, MachineUser<User, AttributeMap$1, AttributeList$1>>;
+  machineUserAttributes?: MachineUserAttributes;
+  machineUsers?: Record<MachineUserNames, MachineUser<User, AttributeMap$1, AttributeList$1, MachineUserAttributes>>;
   oauth2Clients?: Record<string, OAuth2ClientInput>;
   idProvider?: IdProviderConfig;
   scim?: SCIMConfig;
@@ -737,469 +1126,170 @@ interface Script {
   expr: string;
 }
 interface EnumValue {
-  value: string;
-  description?: string;
-}
-interface OperatorValidateConfig {
-  script: Script;
-  errorMessage: string;
-}
-interface OperatorFieldHook {
-  create?: Script;
-  update?: Script;
-}
-/**
- * Raw relation config stored in configure layer, processed in parser layer.
- * This is the serialized form of RelationConfig from schema.ts where
- * the TailorDBType reference is replaced with the type name string.
- */
-interface RawRelationConfig {
-  type: RelationType;
-  toward: {
-    type: string;
-    as?: string;
-    key?: string;
-  };
-  backward?: string;
-}
-interface OperatorFieldConfig {
-  type: string;
-  required?: boolean;
-  description?: string;
-  allowedValues?: EnumValue[];
-  array?: boolean;
-  index?: boolean;
-  unique?: boolean;
-  vector?: boolean;
-  foreignKey?: boolean;
-  foreignKeyType?: string;
-  foreignKeyField?: string;
-  rawRelation?: RawRelationConfig;
-  validate?: OperatorValidateConfig[];
-  hooks?: OperatorFieldHook;
-  serial?: {
-    start: number;
-    maxValue?: number;
-    format?: string;
-  };
-  fields?: Record<string, OperatorFieldConfig>;
-}
-type GqlPermissionAction = "read" | "create" | "update" | "delete" | "aggregate" | "bulkUpsert";
-type StandardPermissionOperator = "eq" | "ne" | "in" | "nin";
-type UserOperand = {
-  user: string;
-};
-type RecordOperand<Update extends boolean = false> = Update extends true ? {
-  oldRecord: string;
-} | {
-  newRecord: string;
-} : {
-  record: string;
-};
-type PermissionOperand<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = UserOperand | ValueOperand | (Level extends "record" ? RecordOperand<Update> : never);
-type StandardPermissionCondition<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = readonly [PermissionOperand<Level, Update>, StandardPermissionOperator, PermissionOperand<Level, Update>];
-type StandardActionPermission<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = {
-  conditions: readonly StandardPermissionCondition<Level, Update>[];
-  description?: string;
-  permit: "allow" | "deny";
-};
-type StandardTailorTypePermission = {
-  create: readonly StandardActionPermission<"record", false>[];
-  read: readonly StandardActionPermission<"record", false>[];
-  update: readonly StandardActionPermission<"record", true>[];
-  delete: readonly StandardActionPermission<"record", false>[];
-};
-type StandardGqlPermissionPolicy = {
-  conditions: readonly StandardPermissionCondition<"gql">[];
-  actions: readonly ["all"] | readonly GqlPermissionAction[];
-  permit: "allow" | "deny";
-  description?: string;
-};
-type StandardTailorTypeGqlPermission = readonly StandardGqlPermissionPolicy[];
-interface Permissions {
-  record?: StandardTailorTypePermission;
-  gql?: StandardTailorTypeGqlPermission;
-}
-interface RawPermissions {
-  record?: TailorTypePermission<any, any>;
-  gql?: TailorTypeGqlPermission<any, any>;
-}
-interface TailorDBTypeMetadata {
-  name: string;
-  description?: string;
-  settings?: {
-    pluralForm?: string;
-    aggregation?: boolean;
-    bulkUpsert?: boolean;
-  };
-  permissions: RawPermissions;
-  files: Record<string, string>;
-  indexes?: Record<string, {
-    fields: string[];
-    unique?: boolean;
-  }>;
+  value: string;
+  description?: string;
 }
-/**
- * Parsed and normalized TailorDB field information
- */
-interface ParsedField {
-  name: string;
-  config: OperatorFieldConfig;
-  relation?: {
-    targetType: string;
-    forwardName: string;
-    backwardName: string;
-    key: string;
-    unique: boolean;
-  };
+interface OperatorValidateConfig {
+  script: Script;
+  errorMessage: string;
 }
-/**
- * Parsed and normalized TailorDB relationship information
- */
-interface ParsedRelationship {
-  name: string;
-  targetType: string;
-  targetField: string;
-  sourceField: string;
-  isArray: boolean;
-  description: string;
+interface OperatorFieldHook {
+  create?: Script;
+  update?: Script;
 }
 /**
- * Parsed and normalized TailorDB type information
+ * Raw relation config stored in configure layer, processed in parser layer.
+ * This is the serialized form of RelationConfig from schema.ts where
+ * the TailorDBType reference is replaced with the type name string.
  */
-interface ParsedTailorDBType {
-  name: string;
-  pluralForm: string;
-  description?: string;
-  fields: Record<string, ParsedField>;
-  forwardRelationships: Record<string, ParsedRelationship>;
-  backwardRelationships: Record<string, ParsedRelationship>;
-  settings: TailorDBTypeMetadata["settings"];
-  permissions: Permissions;
-  indexes?: TailorDBTypeMetadata["indexes"];
-  files?: TailorDBTypeMetadata["files"];
-}
-//#endregion
-//#region src/configure/types/field.d.ts
-type AllowedValue = EnumValue;
-type AllowedValues = [string | EnumValue, ...(string | EnumValue)[]];
-type AllowedValuesOutput<V extends AllowedValues> = V[number] extends infer T ? T extends string ? T : T extends {
-  value: infer K;
-} ? K : never : never;
-//#endregion
-//#region src/configure/services/tailordb/schema.d.ts
-interface RelationConfig<S extends RelationType, T$1 extends TailorDBType> {
-  type: S;
-  toward: {
-    type: T$1;
-    as?: string;
-    key?: keyof T$1["fields"] & string;
-  };
-  backward?: string;
-}
-type RelationSelfConfig = {
+interface RawRelationConfig {
   type: RelationType;
   toward: {
-    type: "self";
+    type: string;
     as?: string;
     key?: string;
   };
   backward?: string;
-};
-type TailorAnyDBField = TailorDBField<any, any>;
-declare class TailorDBField<const Defined extends DefinedDBFieldMetadata, const Output> extends TailorField<Defined, Output, DBFieldMetadata> {
-  private _rawRelation;
-  get rawRelation(): Readonly<RawRelationConfig> | undefined;
-  get metadata(): {
-    index?: boolean;
-    unique?: boolean;
-    vector?: boolean;
-    foreignKey?: boolean;
-    foreignKeyType?: string;
-    foreignKeyField?: string;
-    hooks?: Hook<any, any>;
-    serial?: SerialConfig;
-    relation?: boolean;
-    description?: string;
-    required?: boolean;
-    array?: boolean;
-    allowedValues?: AllowedValue[];
-    validate?: FieldValidateInput<any>[];
-    typeName?: string;
+}
+interface OperatorFieldConfig {
+  type: string;
+  required?: boolean;
+  description?: string;
+  allowedValues?: EnumValue[];
+  array?: boolean;
+  index?: boolean;
+  unique?: boolean;
+  vector?: boolean;
+  foreignKey?: boolean;
+  foreignKeyType?: string;
+  foreignKeyField?: string;
+  rawRelation?: RawRelationConfig;
+  validate?: OperatorValidateConfig[];
+  hooks?: OperatorFieldHook;
+  serial?: {
+    start: number;
+    maxValue?: number;
+    format?: string;
   };
-  private constructor();
-  static create<const T$1 extends TailorFieldType, const TOptions extends FieldOptions, const OutputBase = TailorToTs[T$1]>(type: T$1, options?: TOptions, fields?: Record<string, TailorAnyDBField>, values?: AllowedValues): TailorDBField<{
-    type: T$1;
-    array: TOptions extends {
-      array: true;
-    } ? true : false;
-  }, FieldOutput$1<OutputBase, TOptions>>;
-  description<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    description: unknown;
-  } ? never : TailorField<CurrentDefined, Output>, description: string): TailorDBField<Prettify<CurrentDefined & {
-    description: true;
-  }>, Output>;
-  relation<S extends RelationType, T$1 extends TailorAnyDBType, CurrentDefined extends Defined>(this: CurrentDefined extends {
-    relation: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, config: RelationConfig<S, T$1>): TailorDBField<S extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-    relation: true;
-  }> : Prettify<CurrentDefined & {
-    index: true;
-    relation: true;
-  }>, Output>;
-  relation<S extends RelationSelfConfig, CurrentDefined extends Defined>(this: CurrentDefined extends {
-    relation: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, config: S): TailorDBField<S["type"] extends "oneToOne" | "1-1" ? Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-    relation: true;
-  }> : Prettify<CurrentDefined & {
-    index: true;
-    relation: true;
-  }>, Output>;
-  index<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    index: unknown;
-  } ? never : CurrentDefined extends {
-    array: true;
-  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
-    index: true;
-  }>, Output>;
-  unique<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    unique: unknown;
-  } ? never : CurrentDefined extends {
-    array: true;
-  } ? never : TailorDBField<CurrentDefined, Output>): TailorDBField<Prettify<CurrentDefined & {
-    unique: true;
-    index: true;
-  }>, Output>;
-  vector<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    vector: unknown;
-  } ? never : CurrentDefined extends {
-    type: "string";
-    array: false;
-  } ? TailorDBField<CurrentDefined, Output> : never): TailorDBField<Prettify<CurrentDefined & {
-    vector: true;
-  }>, Output>;
-  hooks<CurrentDefined extends Defined, const H extends Hook<unknown, Output>>(this: CurrentDefined extends {
-    hooks: unknown;
-  } ? never : CurrentDefined extends {
-    type: "nested";
-  } ? never : TailorDBField<CurrentDefined, Output>, hooks: H): TailorDBField<Prettify<CurrentDefined & {
-    hooks?: {
-      create: H extends {
-        create: unknown;
-      } ? true : false;
-      update: H extends {
-        update: unknown;
-      } ? true : false;
-    };
-    serial: false;
-  }>, Output>;
-  validate<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    validate: unknown;
-  } ? never : TailorDBField<CurrentDefined, Output>, ...validate: FieldValidateInput<Output>[]): TailorDBField<Prettify<CurrentDefined & {
-    validate: true;
-  }>, Output>;
-  serial<CurrentDefined extends Defined>(this: CurrentDefined extends {
-    serial: unknown;
-  } ? never : Output extends null ? never : CurrentDefined extends {
-    type: "integer" | "string";
-    array: false;
-  } ? TailorDBField<CurrentDefined, Output> : never, config: SerialConfig<CurrentDefined["type"] & ("integer" | "string")>): TailorDBField<Prettify<CurrentDefined & {
-    serial: true;
-    hooks: {
-      create: false;
-      update: false;
-    };
-  }>, Output>;
-  /**
-   * Clone the field with optional overrides for field options
-   * @param options - Optional field options to override
-   * @returns A new TailorDBField instance with the same configuration
-   */
-  clone<const NewOpt extends FieldOptions>(options?: NewOpt): TailorDBField<Prettify<Omit<Defined, "array"> & {
-    array: NewOpt extends {
-      array: true;
-    } ? true : Defined["array"];
-  }>, FieldOutput$1<TailorToTs[Defined["type"]], NewOpt>>;
+  fields?: Record<string, OperatorFieldConfig>;
 }
-declare function uuid<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "uuid";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-declare function string<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "string";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-declare function bool<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "boolean";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<boolean, Opt> | null : ArrayFieldOutput<boolean, Opt>>;
-declare function int<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "integer";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
-declare function float<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "float";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<number, Opt> | null : ArrayFieldOutput<number, Opt>>;
-declare function date<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "date";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-declare function datetime<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "datetime";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string | Date, Opt> | null : ArrayFieldOutput<string | Date, Opt>>;
-declare function time<const Opt extends FieldOptions>(options?: Opt): TailorDBField<{
-  type: "time";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, Opt["optional"] extends true ? ArrayFieldOutput<string, Opt> | null : ArrayFieldOutput<string, Opt>>;
-declare function _enum<const V extends AllowedValues, const Opt extends FieldOptions>(values: V, options?: Opt): TailorDBField<{
-  type: "enum";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, FieldOutput$1<AllowedValuesOutput<V>, Opt>>;
-declare function object<const F extends Record<string, TailorAnyDBField> & ExcludeNestedDBFields<F>, const Opt extends FieldOptions>(fields: F, options?: Opt): TailorDBField<{
-  type: "nested";
-  array: Opt extends {
-    array: true;
-  } ? true : false;
-}, FieldOutput$1<InferFieldsOutput<F>, Opt>>;
-type TailorAnyDBType = TailorDBType<any, any>;
-declare class TailorDBType<const Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> {
-  readonly name: string;
-  readonly fields: Fields;
-  readonly _output: InferFieldsOutput<Fields>;
-  _description?: string;
-  private _settings;
-  private _indexes;
-  private _permissions;
-  private _files;
-  constructor(name: string, fields: Fields, options: {
+type GqlPermissionAction = "read" | "create" | "update" | "delete" | "aggregate" | "bulkUpsert";
+type StandardPermissionOperator = "eq" | "ne" | "in" | "nin";
+type UserOperand = {
+  user: string;
+};
+type RecordOperand<Update extends boolean = false> = Update extends true ? {
+  oldRecord: string;
+} | {
+  newRecord: string;
+} : {
+  record: string;
+};
+type PermissionOperand<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = UserOperand | ValueOperand | (Level extends "record" ? RecordOperand<Update> : never);
+type StandardPermissionCondition<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = readonly [PermissionOperand<Level, Update>, StandardPermissionOperator, PermissionOperand<Level, Update>];
+type StandardActionPermission<Level extends "record" | "gql" = "record" | "gql", Update extends boolean = boolean> = {
+  conditions: readonly StandardPermissionCondition<Level, Update>[];
+  description?: string;
+  permit: "allow" | "deny";
+};
+type StandardTailorTypePermission = {
+  create: readonly StandardActionPermission<"record", false>[];
+  read: readonly StandardActionPermission<"record", false>[];
+  update: readonly StandardActionPermission<"record", true>[];
+  delete: readonly StandardActionPermission<"record", false>[];
+};
+type StandardGqlPermissionPolicy = {
+  conditions: readonly StandardPermissionCondition<"gql">[];
+  actions: readonly ["all"] | readonly GqlPermissionAction[];
+  permit: "allow" | "deny";
+  description?: string;
+};
+type StandardTailorTypeGqlPermission = readonly StandardGqlPermissionPolicy[];
+interface Permissions {
+  record?: StandardTailorTypePermission;
+  gql?: StandardTailorTypeGqlPermission;
+}
+interface RawPermissions {
+  record?: TailorTypePermission<any, any>;
+  gql?: TailorTypeGqlPermission<any, any>;
+}
+interface TailorDBTypeMetadata {
+  name: string;
+  description?: string;
+  settings?: {
     pluralForm?: string;
-    description?: string;
-  });
-  get metadata(): TailorDBTypeMetadata;
-  hooks(hooks: Hooks<Fields>): this;
-  validate(validators: Validators<Fields>): this;
-  features(features: Omit<TypeFeatures, "pluralForm">): this;
-  indexes(...indexes: IndexDef<this>[]): this;
-  files<const F extends string>(files: Record<F, string> & Partial<Record<keyof output<this>, never>>): this;
-  permission<U$1 extends object = User, P$1 extends TailorTypePermission<U$1, output<this>> = TailorTypePermission<U$1, output<this>>>(permission: P$1): TailorDBType<Fields, U$1>;
-  gqlPermission<U$1 extends object = User, P$1 extends TailorTypeGqlPermission<U$1> = TailorTypeGqlPermission<U$1>>(permission: P$1): TailorDBType<Fields, U$1>;
-  description(description: string): this;
-  /**
-   * Pick specific fields from the type
-   * @param keys - Array of field keys to pick
-   * @param options - Optional field options to apply to picked fields
-   * @returns An object containing only the specified fields
-   */
-  pickFields<K$1 extends keyof Fields, const Opt extends FieldOptions>(keys: K$1[], options: Opt): { [P in K$1]: Fields[P$1] extends TailorDBField<infer D, infer _O> ? TailorDBField<Omit<D, "array"> & {
-    array: Opt extends {
-      array: true;
-    } ? true : D["array"];
-  }, FieldOutput$1<TailorToTs[D["type"]], Opt>> : never };
-  /**
-   * Omit specific fields from the type
-   * @template K
-   * @param keys - Array of field keys to omit
-   * @returns An object containing all fields except the specified ones
-   */
-  omitFields<K$1 extends keyof Fields>(keys: K$1[]): Omit<Fields, K$1>;
+    aggregation?: boolean;
+    bulkUpsert?: boolean;
+  };
+  permissions: RawPermissions;
+  files: Record<string, string>;
+  indexes?: Record<string, {
+    fields: string[];
+    unique?: boolean;
+  }>;
 }
-type TailorDBInstance<Fields extends Record<string, TailorAnyDBField> = any, User extends object = InferredAttributeMap> = InstanceType<typeof TailorDBType<Fields, User>>;
-declare const idField: TailorDBField<{
-  type: "uuid";
-  array: false;
-}, string>;
-type idField = typeof idField;
-type DBType<F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>> = TailorDBInstance<{
-  id: idField;
-} & F>;
 /**
- * Creates a new database type with the specified fields
- * @param name - The name of the type, or a tuple of [name, pluralForm]
- * @param fields - The field definitions for the type
- * @returns A new TailorDBType instance
+ * Parsed and normalized TailorDB field information
  */
-declare function dbType<const F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>>(name: string | [string, string], fields: F): DBType<F>;
+interface ParsedField {
+  name: string;
+  config: OperatorFieldConfig;
+  relation?: {
+    targetType: string;
+    forwardName: string;
+    backwardName: string;
+    key: string;
+    unique: boolean;
+  };
+}
 /**
- * Creates a new database type with the specified fields and description
- * @param name - The name of the type, or a tuple of [name, pluralForm]
- * @param description - A description of the type
- * @param fields - The field definitions for the type
- * @returns A new TailorDBType instance
+ * Parsed and normalized TailorDB relationship information
  */
-declare function dbType<const F extends {
-  id?: never;
-} & Record<string, TailorAnyDBField>>(name: string | [string, string], description: string, fields: F): DBType<F>;
-declare const db: {
-  type: typeof dbType;
-  uuid: typeof uuid;
-  string: typeof string;
-  bool: typeof bool;
-  int: typeof int;
-  float: typeof float;
-  date: typeof date;
-  datetime: typeof datetime;
-  time: typeof time;
-  enum: typeof _enum;
-  object: typeof object;
-  fields: {
-    timestamps: () => {
-      createdAt: TailorDBField<{
-        type: "datetime";
-        array: false;
-        hooks?: {
-          create: true;
-          update: false;
-        } | undefined;
-        serial: false;
-        description: true;
-      }, string | Date>;
-      updatedAt: TailorDBField<{
-        type: "datetime";
-        array: false;
-        hooks?: {
-          create: false;
-          update: true;
-        } | undefined;
-        serial: false;
-        description: true;
-      }, string | Date | null>;
-    };
-  };
-};
+interface ParsedRelationship {
+  name: string;
+  targetType: string;
+  targetField: string;
+  sourceField: string;
+  isArray: boolean;
+  description: string;
+}
+/**
+ * Parsed and normalized TailorDB type information
+ */
+interface ParsedTailorDBType {
+  name: string;
+  pluralForm: string;
+  description?: string;
+  fields: Record<string, ParsedField>;
+  forwardRelationships: Record<string, ParsedRelationship>;
+  backwardRelationships: Record<string, ParsedRelationship>;
+  settings: TailorDBTypeMetadata["settings"];
+  permissions: Permissions;
+  indexes?: TailorDBTypeMetadata["indexes"];
+  files?: TailorDBTypeMetadata["files"];
+}
 //#endregion
 //#region src/configure/services/auth/index.d.ts
 declare const authDefinitionBrand: unique symbol;
 type AuthDefinitionBrand = {
   readonly [authDefinitionBrand]: true;
 };
+type MachineUserAttributeFields = Record<string, TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>>;
+type PlaceholderUser = TailorDBInstance<Record<string, never>, Record<string, never>>;
+type PlaceholderAttributeMap = UserAttributeMap<PlaceholderUser>;
+type PlaceholderAttributeList = UserAttributeListKey<PlaceholderUser>[];
+type UserProfileAuthInput<User extends TailorDBInstance, AttributeMap$1 extends UserAttributeMap<User>, AttributeList$1 extends UserAttributeListKey<User>[], MachineUserNames extends string> = Omit<AuthServiceInput<User, AttributeMap$1, AttributeList$1, MachineUserNames, undefined>, "userProfile" | "machineUserAttributes"> & {
+  userProfile: NonNullable<AuthServiceInput<User, AttributeMap$1, AttributeList$1, MachineUserNames, undefined>["userProfile"]>;
+  machineUserAttributes?: never;
+};
+type MachineUserOnlyAuthInput<MachineUserNames extends string, MachineUserAttributes extends MachineUserAttributeFields> = Omit<AuthServiceInput<PlaceholderUser, PlaceholderAttributeMap, PlaceholderAttributeList, MachineUserNames, MachineUserAttributes>, "userProfile" | "machineUserAttributes"> & {
+  userProfile?: never;
+  machineUserAttributes: MachineUserAttributes;
+};
+type DefinedAuth<Name extends string, Config, MachineUserNames extends string> = Config & {
+  name: Name;
+  invoker<M extends MachineUserNames>(machineUser: M): AuthInvoker<M>;
+} & AuthDefinitionBrand;
 /**
  * Invoker type compatible with tailor.v1.AuthInvoker
  * - namespace: auth service name
@@ -1220,50 +1310,157 @@ type AuthInvoker<M extends string> = Omit<AuthInvoker$1, "machineUserName"> & {
  * @param config - Auth service configuration
  * @returns Defined auth service
  */
-declare function defineAuth<const Name extends string, const User extends TailorDBInstance, const AttributeMap$1 extends UserAttributeMap<User>, const AttributeList$1 extends UserAttributeListKey<User>[], const MachineUserNames extends string>(name: Name, config: AuthServiceInput<User, AttributeMap$1, AttributeList$1, MachineUserNames>): {
-  readonly name: Name;
-  readonly invoker: <M extends MachineUserNames>(machineUser: M) => {
-    readonly namespace: Name;
-    readonly machineUserName: M;
-  };
-  readonly userProfile?: {
-    namespace?: string;
-    type: User;
-    usernameField: UsernameFieldKey<User>;
-    attributes?: (AttributeMap$1 & { [K in Exclude<keyof AttributeMap$1, UserAttributeKey<User>>]: never }) | undefined;
-    attributeList?: AttributeList$1 | undefined;
-  } | undefined;
-  readonly machineUsers?: Record<MachineUserNames, type_fest0.IsAny<User> extends true ? {
-    attributes: Record<string, AuthAttributeValue>;
-    attributeList?: string[];
-  } : (Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>> extends never ? {
-    attributes?: never;
-  } : {
-    attributes: { [K_2 in Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>]: K_2 extends keyof output<User> ? output<User>[K_2] : never } & { [K_3 in Exclude<keyof output<User>, Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>>]?: undefined };
-  }) & ([] extends AttributeList$1 ? {
-    attributeList?: never;
-  } : {
-    attributeList: { [Index in keyof AttributeList$1]: AttributeList$1[Index] extends UserAttributeListKey<User> ? AttributeList$1[Index] extends infer T ? T extends AttributeList$1[Index] ? T extends keyof output<User> ? output<User>[T] : never : never : never : never };
-  })> | undefined;
-  readonly oauth2Clients?: Record<string, OAuth2ClientInput>;
-  readonly idProvider?: IdProviderConfig;
-  readonly scim?: SCIMConfig;
-  readonly tenantProvider?: TenantProviderConfig;
-  readonly publishSessionEvents?: boolean;
-} & AuthDefinitionBrand;
+declare function defineAuth<const Name extends string, const User extends TailorDBInstance, const AttributeMap$1 extends UserAttributeMap<User>, const AttributeList$1 extends UserAttributeListKey<User>[], const MachineUserNames extends string>(name: Name, config: UserProfileAuthInput<User, AttributeMap$1, AttributeList$1, MachineUserNames>): DefinedAuth<Name, UserProfileAuthInput<User, AttributeMap$1, AttributeList$1, MachineUserNames>, MachineUserNames>;
+declare function defineAuth<const Name extends string, const MachineUserAttributes extends MachineUserAttributeFields, const MachineUserNames extends string>(name: Name, config: MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes>): DefinedAuth<Name, MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes>, MachineUserNames>;
 type AuthExternalConfig = {
   name: string;
   external: true;
 };
-type AuthOwnConfig = ReturnType<typeof defineAuth<string, any, any, any, string>>;
+type AuthServiceInputLoose = AuthServiceInput<any, any, any, string, any>;
+type AuthOwnConfig = DefinedAuth<string, AuthServiceInputLoose, string>;
 type AuthConfig = AuthOwnConfig | AuthExternalConfig;
 //#endregion
-//#region src/configure/services/executor/types.d.ts
-type ExecutorServiceConfig = {
-  files: string[];
-  ignores?: string[];
-};
-type ExecutorServiceInput = ExecutorServiceConfig;
+//#region src/configure/services/executor/types.d.ts
+type ExecutorServiceConfig = {
+  files: string[];
+  ignores?: string[];
+};
+type ExecutorServiceInput = ExecutorServiceConfig;
+//#endregion
+//#region src/parser/service/executor/schema.d.ts
+declare const RecordTriggerSchema: z.ZodObject<{
+  kind: z.ZodEnum<{
+    recordCreated: "recordCreated";
+    recordUpdated: "recordUpdated";
+    recordDeleted: "recordDeleted";
+  }>;
+  typeName: z.ZodString;
+  condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
+}, z.core.$strip>;
+declare const ResolverExecutedTriggerSchema: z.ZodObject<{
+  kind: z.ZodLiteral<"resolverExecuted">;
+  resolverName: z.ZodString;
+  condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
+}, z.core.$strip>;
+declare const ScheduleTriggerSchema: z.ZodObject<{
+  kind: z.ZodLiteral<"schedule">;
+  cron: z.ZodString;
+  timezone: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+}, z.core.$strip>;
+declare const IncomingWebhookTriggerSchema: z.ZodObject<{
+  kind: z.ZodLiteral<"incomingWebhook">;
+}, z.core.$strip>;
+declare const FunctionOperationSchema: z.ZodObject<{
+  kind: z.ZodEnum<{
+    function: "function";
+    jobFunction: "jobFunction";
+  }>;
+  body: z.ZodCustom<Function, Function>;
+  authInvoker: z.ZodOptional<z.ZodObject<{
+    namespace: z.ZodString;
+    machineUserName: z.ZodString;
+  }, z.core.$strip>>;
+}, z.core.$strip>;
+declare const GqlOperationSchema: z.ZodObject<{
+  kind: z.ZodLiteral<"graphql">;
+  appName: z.ZodOptional<z.ZodString>;
+  query: z.ZodPipe<z.ZodTransform<string, unknown>, z.ZodString>;
+  variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
+  authInvoker: z.ZodOptional<z.ZodObject<{
+    namespace: z.ZodString;
+    machineUserName: z.ZodString;
+  }, z.core.$strip>>;
+}, z.core.$strip>;
+declare const WebhookOperationSchema: z.ZodObject<{
+  kind: z.ZodLiteral<"webhook">;
+  url: z.ZodCustom<Function, Function>;
+  requestBody: z.ZodOptional<z.ZodCustom<Function, Function>>;
+  headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodObject<{
+    vault: z.ZodString;
+    key: z.ZodString;
+  }, z.core.$strip>]>>>;
+}, z.core.$strip>;
+declare const WorkflowOperationSchema: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodObject<{
+  kind: z.ZodLiteral<"workflow">;
+  workflowName: z.ZodString;
+  args: z.ZodOptional<z.ZodUnion<readonly [z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodCustom<Function, Function>]>>;
+  authInvoker: z.ZodOptional<z.ZodObject<{
+    namespace: z.ZodString;
+    machineUserName: z.ZodString;
+  }, z.core.$strip>>;
+}, z.core.$strip>>;
+declare const ExecutorSchema: z.ZodObject<{
+  name: z.ZodString;
+  description: z.ZodOptional<z.ZodString>;
+  disabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+  trigger: z.ZodDiscriminatedUnion<[z.ZodObject<{
+    kind: z.ZodEnum<{
+      recordCreated: "recordCreated";
+      recordUpdated: "recordUpdated";
+      recordDeleted: "recordDeleted";
+    }>;
+    typeName: z.ZodString;
+    condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
+  }, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"resolverExecuted">;
+    resolverName: z.ZodString;
+    condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
+  }, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"schedule">;
+    cron: z.ZodString;
+    timezone: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+  }, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"incomingWebhook">;
+  }, z.core.$strip>], "kind">;
+  operation: z.ZodUnion<readonly [z.ZodObject<{
+    kind: z.ZodEnum<{
+      function: "function";
+      jobFunction: "jobFunction";
+    }>;
+    body: z.ZodCustom<Function, Function>;
+    authInvoker: z.ZodOptional<z.ZodObject<{
+      namespace: z.ZodString;
+      machineUserName: z.ZodString;
+    }, z.core.$strip>>;
+  }, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"graphql">;
+    appName: z.ZodOptional<z.ZodString>;
+    query: z.ZodPipe<z.ZodTransform<string, unknown>, z.ZodString>;
+    variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
+    authInvoker: z.ZodOptional<z.ZodObject<{
+      namespace: z.ZodString;
+      machineUserName: z.ZodString;
+    }, z.core.$strip>>;
+  }, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"webhook">;
+    url: z.ZodCustom<Function, Function>;
+    requestBody: z.ZodOptional<z.ZodCustom<Function, Function>>;
+    headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodObject<{
+      vault: z.ZodString;
+      key: z.ZodString;
+    }, z.core.$strip>]>>>;
+  }, z.core.$strip>, z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodObject<{
+    kind: z.ZodLiteral<"workflow">;
+    workflowName: z.ZodString;
+    args: z.ZodOptional<z.ZodUnion<readonly [z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodCustom<Function, Function>]>>;
+    authInvoker: z.ZodOptional<z.ZodObject<{
+      namespace: z.ZodString;
+      machineUserName: z.ZodString;
+    }, z.core.$strip>>;
+  }, z.core.$strip>>]>;
+}, z.core.$strip>;
+//#endregion
+//#region src/parser/service/executor/types.d.ts
+type RecordTrigger = z.infer<typeof RecordTriggerSchema>;
+type ResolverExecutedTrigger = z.infer<typeof ResolverExecutedTriggerSchema>;
+type ScheduleTriggerInput = z.input<typeof ScheduleTriggerSchema>;
+type IncomingWebhookTrigger = z.infer<typeof IncomingWebhookTriggerSchema>;
+type FunctionOperation = z.infer<typeof FunctionOperationSchema>;
+type GqlOperation = z.infer<typeof GqlOperationSchema>;
+type WebhookOperation = z.infer<typeof WebhookOperationSchema>;
+type WorkflowOperation = z.infer<typeof WorkflowOperationSchema>;
+type Executor = z.infer<typeof ExecutorSchema>;
+type ExecutorInput = z.input<typeof ExecutorSchema>;
 //#endregion
 //#region src/configure/services/resolver/types.d.ts
 type ResolverServiceConfig = {
@@ -1277,6 +1474,15 @@ type ResolverServiceInput = {
   [namespace: string]: ResolverServiceConfig | ResolverExternalConfig;
 };
 //#endregion
+//#region src/configure/services/workflow/types.d.ts
+type WorkflowServiceConfig = {
+  files: string[];
+  job_files?: string[];
+  ignores?: string[];
+  job_ignores?: string[];
+};
+type WorkflowServiceInput = WorkflowServiceConfig;
+//#endregion
 //#region src/parser/service/idp/schema.d.ts
 declare const IdPSchema: z.core.$ZodBranded<z.ZodObject<{
   name: z.ZodString;
@@ -1316,6 +1522,7 @@ declare const IdPSchema: z.core.$ZodBranded<z.ZodObject<{
     passwordMinLength?: number | undefined;
     passwordMaxLength?: number | undefined;
   }>>>;
+  publishUserEvents: z.ZodOptional<z.ZodBoolean>;
 }, z.core.$strip>, "IdPConfig", "out">;
 //#endregion
 //#region src/parser/service/idp/types.d.ts
@@ -1357,6 +1564,7 @@ declare function defineIdp<const TClients extends string[]>(name: string, config
     passwordMinLength?: number | undefined;
     passwordMaxLength?: number | undefined;
   } | undefined;
+  readonly publishUserEvents?: boolean | undefined;
   readonly clients: TClients;
 } & IdpDefinitionBrand;
 type IdPExternalConfig = {
@@ -1394,14 +1602,27 @@ declare function defineStaticWebSite(name: string, config: Omit<StaticWebsiteInp
 } & StaticWebsiteDefinitionBrand;
 type StaticWebsiteConfig = Omit<ReturnType<typeof defineStaticWebSite>, "url">;
 //#endregion
-//#region src/configure/services/workflow/types.d.ts
-type WorkflowServiceConfig = {
-  files: string[];
-  job_files?: string[];
-  ignores?: string[];
-  job_ignores?: string[];
+//#region src/parser/app-config/types.d.ts
+interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[], Env extends Record<string, string | number | boolean> = Record<string, string | number | boolean>> {
+  name: string;
+  env?: Env;
+  cors?: string[];
+  allowedIpAddresses?: string[];
+  disableIntrospection?: boolean;
+  db?: TailorDBServiceInput;
+  resolver?: ResolverServiceInput;
+  idp?: Idp;
+  auth?: Auth;
+  executor?: ExecutorServiceInput;
+  workflow?: WorkflowServiceInput;
+  staticWebsites?: StaticWebsites;
+}
+//#endregion
+//#region src/parser/generator-config/types.d.ts
+type GeneratorConfig = z.input<typeof BaseGeneratorConfigSchema>;
+type CodeGeneratorBase = Omit<z.output<typeof CodeGeneratorSchema>, "dependencies"> & {
+  dependencies: readonly DependencyKind[];
 };
-type WorkflowServiceInput = WorkflowServiceConfig;
 //#endregion
 //#region src/parser/generator-config/index.d.ts
 declare const DependencyKindSchema: z.ZodEnum<{
@@ -1500,194 +1721,5 @@ declare function createGeneratorConfigSchema(builtinGenerators: Map<string, (opt
 type GeneratorConfigSchemaType = ReturnType<typeof createGeneratorConfigSchema>;
 type Generator = z.output<GeneratorConfigSchemaType>;
 //#endregion
-//#region src/parser/generator-config/types.d.ts
-type GeneratorConfig = z.input<typeof BaseGeneratorConfigSchema>;
-type CodeGeneratorBase = Omit<z.output<typeof CodeGeneratorSchema>, "dependencies"> & {
-  dependencies: readonly DependencyKind[];
-};
-//#endregion
-//#region src/configure/config.d.ts
-interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[], Env extends Record<string, string | number | boolean> = Record<string, string | number | boolean>> {
-  name: string;
-  env?: Env;
-  cors?: string[];
-  allowedIpAddresses?: string[];
-  disableIntrospection?: boolean;
-  db?: TailorDBServiceInput;
-  resolver?: ResolverServiceInput;
-  idp?: Idp;
-  auth?: Auth;
-  executor?: ExecutorServiceInput;
-  workflow?: WorkflowServiceInput;
-  staticWebsites?: StaticWebsites;
-}
-/**
- * Define a Tailor SDK application configuration with shallow exactness.
- * @template Config
- * @param config - Application configuration
- * @returns The same configuration object
- */
-declare function defineConfig<const Config extends AppConfig & Record<Exclude<keyof Config, keyof AppConfig>, never>>(config: Config): Config;
-/**
- * Define generators to be used with the Tailor SDK.
- * @param configs - Generator configurations
- * @returns Generator configurations as given
- */
-declare function defineGenerators(...configs: GeneratorConfig[]): (["@tailor-platform/kysely-type", {
-  distPath: string;
-}] | ["@tailor-platform/seed", {
-  distPath: string;
-  machineUserName?: string | undefined;
-}] | ["@tailor-platform/enum-constants", {
-  distPath: string;
-}] | ["@tailor-platform/file-utils", {
-  distPath: string;
-}] | {
-  id: string;
-  description: string;
-  dependencies: ("tailordb" | "resolver" | "executor")[];
-  aggregate: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod0.ZodAny>;
-  processType?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processResolver?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processExecutor?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processTailorDBNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processResolverNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-})[];
-//#endregion
-//#region src/parser/service/executor/schema.d.ts
-declare const RecordTriggerSchema: z.ZodObject<{
-  kind: z.ZodEnum<{
-    recordCreated: "recordCreated";
-    recordUpdated: "recordUpdated";
-    recordDeleted: "recordDeleted";
-  }>;
-  typeName: z.ZodString;
-  condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
-}, z.core.$strip>;
-declare const ResolverExecutedTriggerSchema: z.ZodObject<{
-  kind: z.ZodLiteral<"resolverExecuted">;
-  resolverName: z.ZodString;
-  condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
-}, z.core.$strip>;
-declare const ScheduleTriggerSchema: z.ZodObject<{
-  kind: z.ZodLiteral<"schedule">;
-  cron: z.ZodString;
-  timezone: z.ZodDefault<z.ZodOptional<z.ZodString>>;
-}, z.core.$strip>;
-declare const IncomingWebhookTriggerSchema: z.ZodObject<{
-  kind: z.ZodLiteral<"incomingWebhook">;
-}, z.core.$strip>;
-declare const FunctionOperationSchema: z.ZodObject<{
-  kind: z.ZodEnum<{
-    function: "function";
-    jobFunction: "jobFunction";
-  }>;
-  body: z.ZodCustom<Function, Function>;
-  authInvoker: z.ZodOptional<z.ZodObject<{
-    namespace: z.ZodString;
-    machineUserName: z.ZodString;
-  }, z.core.$strip>>;
-}, z.core.$strip>;
-declare const GqlOperationSchema: z.ZodObject<{
-  kind: z.ZodLiteral<"graphql">;
-  appName: z.ZodOptional<z.ZodString>;
-  query: z.ZodPipe<z.ZodTransform<string, unknown>, z.ZodString>;
-  variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
-  authInvoker: z.ZodOptional<z.ZodObject<{
-    namespace: z.ZodString;
-    machineUserName: z.ZodString;
-  }, z.core.$strip>>;
-}, z.core.$strip>;
-declare const WebhookOperationSchema: z.ZodObject<{
-  kind: z.ZodLiteral<"webhook">;
-  url: z.ZodCustom<Function, Function>;
-  requestBody: z.ZodOptional<z.ZodCustom<Function, Function>>;
-  headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodObject<{
-    vault: z.ZodString;
-    key: z.ZodString;
-  }, z.core.$strip>]>>>;
-}, z.core.$strip>;
-declare const WorkflowOperationSchema: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodObject<{
-  kind: z.ZodLiteral<"workflow">;
-  workflowName: z.ZodString;
-  args: z.ZodOptional<z.ZodUnion<readonly [z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodCustom<Function, Function>]>>;
-  authInvoker: z.ZodOptional<z.ZodObject<{
-    namespace: z.ZodString;
-    machineUserName: z.ZodString;
-  }, z.core.$strip>>;
-}, z.core.$strip>>;
-declare const ExecutorSchema: z.ZodObject<{
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  disabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
-  trigger: z.ZodDiscriminatedUnion<[z.ZodObject<{
-    kind: z.ZodEnum<{
-      recordCreated: "recordCreated";
-      recordUpdated: "recordUpdated";
-      recordDeleted: "recordDeleted";
-    }>;
-    typeName: z.ZodString;
-    condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
-  }, z.core.$strip>, z.ZodObject<{
-    kind: z.ZodLiteral<"resolverExecuted">;
-    resolverName: z.ZodString;
-    condition: z.ZodOptional<z.ZodCustom<Function, Function>>;
-  }, z.core.$strip>, z.ZodObject<{
-    kind: z.ZodLiteral<"schedule">;
-    cron: z.ZodString;
-    timezone: z.ZodDefault<z.ZodOptional<z.ZodString>>;
-  }, z.core.$strip>, z.ZodObject<{
-    kind: z.ZodLiteral<"incomingWebhook">;
-  }, z.core.$strip>], "kind">;
-  operation: z.ZodUnion<readonly [z.ZodObject<{
-    kind: z.ZodEnum<{
-      function: "function";
-      jobFunction: "jobFunction";
-    }>;
-    body: z.ZodCustom<Function, Function>;
-    authInvoker: z.ZodOptional<z.ZodObject<{
-      namespace: z.ZodString;
-      machineUserName: z.ZodString;
-    }, z.core.$strip>>;
-  }, z.core.$strip>, z.ZodObject<{
-    kind: z.ZodLiteral<"graphql">;
-    appName: z.ZodOptional<z.ZodString>;
-    query: z.ZodPipe<z.ZodTransform<string, unknown>, z.ZodString>;
-    variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
-    authInvoker: z.ZodOptional<z.ZodObject<{
-      namespace: z.ZodString;
-      machineUserName: z.ZodString;
-    }, z.core.$strip>>;
-  }, z.core.$strip>, z.ZodObject<{
-    kind: z.ZodLiteral<"webhook">;
-    url: z.ZodCustom<Function, Function>;
-    requestBody: z.ZodOptional<z.ZodCustom<Function, Function>>;
-    headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodObject<{
-      vault: z.ZodString;
-      key: z.ZodString;
-    }, z.core.$strip>]>>>;
-  }, z.core.$strip>, z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodObject<{
-    kind: z.ZodLiteral<"workflow">;
-    workflowName: z.ZodString;
-    args: z.ZodOptional<z.ZodUnion<readonly [z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodCustom<Function, Function>]>>;
-    authInvoker: z.ZodOptional<z.ZodObject<{
-      namespace: z.ZodString;
-      machineUserName: z.ZodString;
-    }, z.core.$strip>>;
-  }, z.core.$strip>>]>;
-}, z.core.$strip>;
-//#endregion
-//#region src/parser/service/executor/types.d.ts
-type RecordTrigger = z.infer<typeof RecordTriggerSchema>;
-type ResolverExecutedTrigger = z.infer<typeof ResolverExecutedTriggerSchema>;
-type ScheduleTriggerInput = z.input<typeof ScheduleTriggerSchema>;
-type IncomingWebhookTrigger = z.infer<typeof IncomingWebhookTriggerSchema>;
-type FunctionOperation = z.infer<typeof FunctionOperationSchema>;
-type GqlOperation = z.infer<typeof GqlOperationSchema>;
-type WebhookOperation = z.infer<typeof WebhookOperationSchema>;
-type WorkflowOperation = z.infer<typeof WorkflowOperationSchema>;
-type Executor = z.infer<typeof ExecutorSchema>;
-type ExecutorInput = z.input<typeof ExecutorSchema>;
-//#endregion
-export { TenantProviderConfig as $, AuthOwnConfig as A, BuiltinIdP as B, ResolverServiceConfig as C, TailorFieldType as Ct, AuthConfig as D, ExecutorServiceInput as E, output as Et, db as F, OIDC as G, IdProviderConfig as H, AllowedValues as I, SCIMAttributeMapping as J, SAML as K, AllowedValuesOutput as L, TailorDBField as M, TailorDBInstance as N, AuthExternalConfig as O, TailorDBType as P, SCIMResource as Q, ParsedTailorDBType as R, ResolverExternalConfig as S, FieldOutput$1 as St, ExecutorServiceConfig as T, JsonCompatible as Tt, OAuth2ClientGrantType as U, IDToken as V, OAuth2ClientInput as W, SCIMAuthorization as X, SCIMAttributeType as Y, SCIMConfig as Z, StaticWebsiteConfig as _, Resolver as _t, IncomingWebhookTrigger as a, PermissionCondition as at, IdPExternalConfig as b, FieldMetadata as bt, ScheduleTriggerInput as c, unsafeAllowAllGqlPermission as ct, AppConfig as d, AttributeMap as dt, UserAttributeKey as et, defineConfig as f, TailorUser as ft, WorkflowServiceInput as g, QueryType as gt, WorkflowServiceConfig as h, TailorField as ht, GqlOperation as i, ValueOperand as it, defineAuth as j, AuthInvoker as k, WebhookOperation as l, unsafeAllowAllTypePermission as lt, Generator as m, TailorAnyField as mt, ExecutorInput as n, UserAttributeMap as nt, RecordTrigger as o, TailorTypeGqlPermission as ot, defineGenerators as p, unauthenticatedTailorUser as pt, SCIMAttribute as q, FunctionOperation as r, UsernameFieldKey as rt, ResolverExecutedTrigger as s, TailorTypePermission as st, Executor as t, UserAttributeListKey as tt, WorkflowOperation as u, AttributeList as ut, defineStaticWebSite as v, ResolverInput as vt, ResolverServiceInput as w, InferFieldsOutput as wt, defineIdp as x, FieldOptions as xt, IdPConfig as y, ArrayFieldOutput as yt, AuthServiceInput as z };
-//# sourceMappingURL=types-BWzDv7TK.d.mts.map
+export { TailorDBInstance as $, defineAuth as A, SCIMAttribute as B, WorkflowOperation as C, output as Ct, AuthExternalConfig as D, AuthConfig as E, IdProviderConfig as F, SCIMResource as G, SCIMAttributeType as H, OAuth2ClientGrantType as I, UserAttributeListKey as J, TenantProviderConfig as K, OAuth2ClientInput as L, AuthServiceInput as M, BuiltinIdP as N, AuthInvoker as O, IDToken as P, TailorDBField as Q, OIDC as R, WebhookOperation as S, JsonCompatible as St, ExecutorServiceInput as T, AllowedValuesOutput as Tt, SCIMAuthorization as U, SCIMAttributeMapping as V, SCIMConfig as W, UsernameFieldKey as X, UserAttributeMap as Y, ValueOperand as Z, GqlOperation as _, TailorField as _t, defineStaticWebSite as a, unsafeAllowAllGqlPermission as at, ResolverExecutedTrigger as b, ResolverInput as bt, defineIdp as c, FieldMetadata as ct, ResolverExternalConfig as d, TailorFieldType as dt, TailorDBType as et, ResolverServiceConfig as f, AttributeList as ft, FunctionOperation as g, TailorAnyField as gt, ExecutorInput as h, unauthenticatedTailorUser as ht, StaticWebsiteConfig as i, TailorTypePermission as it, ParsedTailorDBType as j, AuthOwnConfig as k, WorkflowServiceConfig as l, FieldOptions as lt, Executor as m, TailorUser as mt, GeneratorConfig as n, PermissionCondition as nt, IdPConfig as o, unsafeAllowAllTypePermission as ot, ResolverServiceInput as p, AttributeMap as pt, UserAttributeKey as q, AppConfig as r, TailorTypeGqlPermission as rt, IdPExternalConfig as s, ArrayFieldOutput as st, Generator as t, db as tt, WorkflowServiceInput as u, FieldOutput$1 as ut, IncomingWebhookTrigger as v, QueryType as vt, ExecutorServiceConfig as w, AllowedValues as wt, ScheduleTriggerInput as x, InferFieldsOutput as xt, RecordTrigger as y, Resolver as yt, SAML as z };
+//# sourceMappingURL=index-D40SiXpf.d.mts.map