@tailor-platform/sdk 2.0.0-next.0 → 2.0.0-next.2

package/dist/configure/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["t","platform","_t"],"sources":["../../src/types/user.ts","../../src/configure/services/auth/index.ts","../../src/configure/services/tailordb/permission.ts","../../src/configure/services/resolver/resolver.ts","../../src/configure/services/executor/executor.ts","../../src/configure/services/executor/trigger/event.ts","../../src/configure/services/executor/trigger/schedule.ts","../../src/configure/services/executor/trigger/webhook.ts","../../src/configure/services/workflow/wait-point.ts","../../src/configure/services/workflow/workflow.ts","../../src/configure/services/staticwebsite/index.ts","../../src/configure/services/idp/permission.ts","../../src/configure/services/idp/index.ts","../../src/configure/services/secrets/index.ts","../../src/configure/services/http-adapter/http-adapter.ts","../../src/configure/config.ts","../../src/configure/index.ts"],"sourcesContent":["// Interfaces for module augmentation\n// Users can extend these via: declare module \"@tailor-platform/sdk\" { interface AttributeMap { ... } }\n// eslint-disable-next-line @typescript-eslint/no-empty-object-type\nexport interface AttributeMap {}\nexport interface AttributeList {\n  __tuple?: []; // Marker for tuple type\n}\n\nexport type InferredAttributeMap = keyof AttributeMap extends never\n  ? Record<string, string | string[] | boolean | boolean[] | undefined>\n  : AttributeMap;\n\nexport type InferredAttributeList = AttributeList[\"__tuple\"] extends []\n  ? string[]\n  : AttributeList[\"__tuple\"];\n\n/** Represents a user in the Tailor platform. */\nexport type TailorUser = {\n  /**\n   * The ID of the user.\n   * For unauthenticated users, this will be a nil UUID.\n   */\n  id: string;\n  /**\n   * The type of the user.\n   * For unauthenticated users, this will be an empty string.\n   */\n  type: \"user\" | \"machine_user\" | \"\";\n  /** The ID of the workspace the user belongs to. */\n  workspaceId: string;\n  /**\n   * A map of the user's attributes.\n   * For unauthenticated users, this will be null.\n   */\n  attributes: InferredAttributeMap | null;\n  /**\n   * A list of the user's attributes.\n   * For unauthenticated users, this will be an empty array.\n   */\n  attributeList: InferredAttributeList;\n};\n\n/** Represents an unauthenticated user in the Tailor platform. */\nexport const unauthenticatedTailorUser: TailorUser = {\n  id: \"00000000-0000-0000-0000-000000000000\",\n  type: \"\",\n  workspaceId: \"00000000-0000-0000-0000-000000000000\",\n  attributes: null,\n  attributeList: [],\n};\n\n/**\n * The invoker of the current function execution.\n *\n * Reflects `authInvoker` delegation: when `authInvoker` is specified, this is\n * the machine user; otherwise it is the calling user.\n * Distinct from resolver's `user` (the authenticated caller) and executor's\n * `actor` (the subject of the event).\n *\n * `null` for anonymous requests.\n *\n * TODO(v2): unify with `TailorUser` — same underlying principal shape.\n */\nexport type TailorInvoker = {\n  /** The ID of the invoker (user ID or machine user ID). */\n  id: string;\n  /** The type of the invoker. */\n  type: \"user\" | \"machine_user\";\n  /** The ID of the workspace the invoker belongs to. */\n  workspaceId: string;\n  /** A map of the invoker's attributes. */\n  attributes: InferredAttributeMap;\n  /** A list of the invoker's attribute IDs. */\n  attributeList: InferredAttributeList;\n} | null;\n","import { type TailorDBInstance } from \"../tailordb/schema\";\nimport type {\n  AuthConnectionTokenResult,\n  AuthDefinitionBrand,\n  AuthServiceInput,\n  DefinedAuth,\n  UserAttributeListKey,\n  UserAttributeMap,\n} from \"@/types/auth\";\nimport type { AuthInvoker as ParserAuthInvoker } from \"@/types/auth.generated\";\nimport type { DefinedFieldMetadata, FieldMetadata, TailorFieldType } from \"@/types/field-types\";\nimport type { TailorField } from \"@/types/tailor-field\";\n\ntype MachineUserAttributeFields = Record<\n  string,\n  TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>\n>;\n\ntype PlaceholderUser = TailorDBInstance<Record<string, never>, Record<string, never>>;\ntype PlaceholderAttributeMap = UserAttributeMap<PlaceholderUser>;\ntype PlaceholderAttributeList = UserAttributeListKey<PlaceholderUser>[];\n\ntype UserProfileAuthInput<\n  User extends TailorDBInstance,\n  AttributeMap extends UserAttributeMap<User>,\n  AttributeList extends UserAttributeListKey<User>[],\n  MachineUserNames extends string,\n  ConnectionNames extends string = string,\n> = Omit<\n  AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames, undefined, ConnectionNames>,\n  \"userProfile\" | \"machineUserAttributes\"\n> & {\n  userProfile: NonNullable<\n    AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames, undefined>[\"userProfile\"]\n  >;\n  machineUserAttributes?: never;\n};\n\ntype MachineUserOnlyAuthInput<\n  MachineUserNames extends string,\n  MachineUserAttributes extends MachineUserAttributeFields,\n  ConnectionNames extends string = string,\n> = Omit<\n  AuthServiceInput<\n    PlaceholderUser,\n    PlaceholderAttributeMap,\n    PlaceholderAttributeList,\n    MachineUserNames,\n    MachineUserAttributes,\n    ConnectionNames\n  >,\n  \"userProfile\" | \"machineUserAttributes\"\n> & {\n  userProfile?: never;\n  machineUserAttributes: MachineUserAttributes;\n};\n\nexport type {\n  OIDC,\n  SAML,\n  IDToken,\n  BuiltinIdP,\n  IdProvider as IdProviderConfig,\n  OAuth2ClientInput as OAuth2Client,\n  SCIMAuthorization,\n  SCIMAttribute,\n  SCIMAttributeMapping,\n  SCIMResource,\n  SCIMConfig,\n  TenantProvider as TenantProviderConfig,\n} from \"@/types/auth.generated\";\nexport type { OAuth2ClientGrantType, SCIMAttributeType, BeforeLoginHookArgs } from \"@/types/auth\";\nexport type {\n  AuthConnectionOAuth2Config,\n  AuthConnectionConfig,\n} from \"@/types/auth-connection.generated\";\nexport type {\n  ValueOperand,\n  UsernameFieldKey,\n  UserAttributeKey,\n  UserAttributeListKey,\n  UserAttributeMap,\n  AuthConnectionTokenResult,\n  AuthServiceInput,\n  AuthConfig,\n  AuthExternalConfig,\n  AuthOwnConfig,\n  DefinedAuth,\n} from \"@/types/auth\";\n\n/**\n * Invoker type compatible with tailor.v1.AuthInvoker\n * - namespace: auth service name\n * - machineUserName: machine user name\n */\nexport type AuthInvoker<M extends string> = Omit<ParserAuthInvoker, \"machineUserName\"> & {\n  machineUserName: M;\n};\n\n/**\n * Define an auth service for the Tailor SDK.\n * @template Name\n * @template User\n * @template AttributeMap\n * @template AttributeList\n * @template MachineUserNames\n * @template M\n * @param name - Auth service name\n * @param config - Auth service configuration\n * @returns Defined auth service\n */\nexport function defineAuth<\n  const Name extends string,\n  const User extends TailorDBInstance,\n  const AttributeMap extends UserAttributeMap<User>,\n  const AttributeList extends UserAttributeListKey<User>[],\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config: UserProfileAuthInput<\n    User,\n    AttributeMap,\n    AttributeList,\n    MachineUserNames,\n    ConnectionNames\n  >,\n): DefinedAuth<\n  Name,\n  UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames, ConnectionNames>,\n  MachineUserNames\n>;\nexport function defineAuth<\n  const Name extends string,\n  const MachineUserAttributes extends MachineUserAttributeFields,\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config: MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>,\n): DefinedAuth<\n  Name,\n  MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>,\n  MachineUserNames\n>;\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineAuth<\n  const Name extends string,\n  const User extends TailorDBInstance,\n  const AttributeMap extends UserAttributeMap<User>,\n  const AttributeList extends UserAttributeListKey<User>[],\n  const MachineUserAttributes extends MachineUserAttributeFields,\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config:\n    | UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames, ConnectionNames>\n    | MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>,\n) {\n  const result = {\n    ...config,\n    name,\n    invoker<M extends MachineUserNames>(machineUser: M) {\n      return { namespace: name, machineUserName: machineUser } as const;\n    },\n    getConnectionToken<C extends string>(connectionName: C): Promise<AuthConnectionTokenResult> {\n      return tailor.authconnection.getConnectionToken(connectionName);\n    },\n  } as const satisfies (\n    | UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames>\n    | MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes>\n  ) & {\n    name: string;\n    invoker<M extends MachineUserNames>(machineUser: M): AuthInvoker<M>;\n    getConnectionToken<C extends string>(connectionName: C): Promise<AuthConnectionTokenResult>;\n  };\n\n  return result as typeof result & AuthDefinitionBrand;\n}\n","import type { InferredAttributeMap } from \"@/types/user\";\n\n// --- Permission types (UX-focused, for configure layer) ---\n\n/**\n * Record-level permission configuration for a TailorDB type.\n * Defines create, read, update, and delete permissions.\n *\n * Prefer object format with explicit `conditions` and `permit` for readability.\n * Shorthand array format is supported for compatibility, but less readable.\n *\n * For update operations, use `newRecord`/`oldRecord` operands instead of `record`.\n * @example\n * const permission: TailorTypePermission = {\n *   create: [{ conditions: [[{ user: \"_loggedIn\" }, \"=\", true]], permit: true }],\n *   read: [{ conditions: [[{ record: \"isPublic\" }, \"=\", true]], permit: true }],\n *   update: [{ conditions: [[{ newRecord: \"ownerId\" }, \"=\", { user: \"id\" }]], permit: true }],\n *   delete: [{ conditions: [[{ record: \"ownerId\" }, \"=\", { user: \"id\" }]], permit: true }],\n * };\n */\nexport type TailorTypePermission<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = {\n  create: readonly ActionPermission<\"record\", User, Type, false>[];\n  read: readonly ActionPermission<\"record\", User, Type, false>[];\n  update: readonly ActionPermission<\"record\", User, Type, true>[];\n  delete: readonly ActionPermission<\"record\", User, Type, false>[];\n};\n\ntype ActionPermission<\n  Level extends \"record\" | \"gql\" = \"record\" | \"gql\",\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n  Update extends boolean = boolean,\n> =\n  | {\n      conditions:\n        | PermissionCondition<Level, User, Update, Type>\n        | readonly PermissionCondition<Level, User, Update, Type>[];\n      description?: string | undefined;\n      /**\n       * Whether matching records are granted (`true`) or denied (`false`).\n       * Omitting `permit` in this object form defaults to `deny` and emits a\n       * warning; set it explicitly. (The array shorthand defaults to `allow`.)\n       */\n      permit?: boolean;\n    }\n  | readonly [...PermissionCondition<Level, User, Update, Type>, ...([] | [boolean])] // single array condition\n  | readonly [...PermissionCondition<Level, User, Update, Type>[], ...([] | [boolean])]; // multiple array condition\n\nexport type TailorTypeGqlPermission<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = readonly GqlPermissionPolicy<User, Type>[];\n\ntype GqlPermissionPolicy<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = {\n  conditions: readonly PermissionCondition<\"gql\", User, boolean, Type>[];\n  actions: \"all\" | readonly GqlPermissionAction[];\n  /**\n   * Whether matching requests are granted (`true`) or denied (`false`).\n   * Omitting `permit` defaults to `deny` and emits a warning; set it explicitly.\n   */\n  permit?: boolean;\n  description?: string;\n};\n\ntype GqlPermissionAction = \"read\" | \"create\" | \"update\" | \"delete\" | \"aggregate\" | \"bulkUpsert\";\n\ntype EqualityOperator = \"=\" | \"!=\";\ntype ContainsOperator = \"in\" | \"not in\";\ntype HasAnyOperator = \"hasAny\" | \"not hasAny\";\n\n// Helper types for User field extraction\ntype StringFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string ? K : never;\n}[keyof User];\n\ntype StringArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string[] ? K : never;\n}[keyof User];\n\ntype BooleanFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean ? K : never;\n}[keyof User];\n\ntype BooleanArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean[] ? K : never;\n}[keyof User];\n\ntype UserStringOperand<User extends object = InferredAttributeMap> = {\n  user: StringFieldKeys<User> | \"id\";\n};\n\ntype UserStringArrayOperand<User extends object = InferredAttributeMap> = {\n  user: StringArrayFieldKeys<User>;\n};\n\ntype UserBooleanOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanFieldKeys<User> | \"_loggedIn\";\n};\n\ntype UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanArrayFieldKeys<User>;\n};\n\ntype RecordOperand<Type extends object, Update extends boolean = false> = Update extends true\n  ? { oldRecord: (keyof Type & string) | \"id\" } | { newRecord: (keyof Type & string) | \"id\" }\n  : { record: (keyof Type & string) | \"id\" };\n\ntype StringEqualityCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | (Level extends \"gql\" ? readonly [string, EqualityOperator, boolean] : never)\n  | readonly [string, EqualityOperator, string]\n  | readonly [UserStringOperand<User>, EqualityOperator, string]\n  | readonly [string, EqualityOperator, UserStringOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              EqualityOperator,\n              string | UserStringOperand<User>,\n            ]\n          | readonly [\n              string | UserStringOperand<User>,\n              EqualityOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype BooleanEqualityCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [boolean, EqualityOperator, boolean]\n  | readonly [UserBooleanOperand<User>, EqualityOperator, boolean]\n  | readonly [boolean, EqualityOperator, UserBooleanOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              EqualityOperator,\n              boolean | UserBooleanOperand<User>,\n            ]\n          | readonly [\n              boolean | UserBooleanOperand<User>,\n              EqualityOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype EqualityCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | StringEqualityCondition<Level, User, Update, Type>\n  | BooleanEqualityCondition<Level, User, Update, Type>;\n\ntype StringContainsCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [string, ContainsOperator, string[]]\n  | readonly [UserStringOperand<User>, ContainsOperator, string[]]\n  | readonly [string, ContainsOperator, UserStringArrayOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              ContainsOperator,\n              string[] | UserStringArrayOperand<User>,\n            ]\n          | readonly [\n              string | UserStringOperand<User>,\n              ContainsOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype BooleanContainsCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | (Level extends \"gql\" ? readonly [string, ContainsOperator, boolean[]] : never)\n  | readonly [boolean, ContainsOperator, boolean[]]\n  | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]]\n  | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              ContainsOperator,\n              boolean[] | UserBooleanArrayOperand<User>,\n            ]\n          | readonly [\n              boolean | UserBooleanOperand<User>,\n              ContainsOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype ContainsCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | StringContainsCondition<Level, User, Update, Type>\n  | BooleanContainsCondition<Level, User, Update, Type>;\n\ntype HasAnyCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [\n      string[] | UserStringArrayOperand<User>,\n      HasAnyOperator,\n      string[] | UserStringArrayOperand<User>,\n    ]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              HasAnyOperator,\n              string[] | UserStringArrayOperand<User>,\n            ]\n          | readonly [\n              string[] | UserStringArrayOperand<User>,\n              HasAnyOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\n/**\n * Type representing a permission condition that combines user attributes, record fields, and literal values using comparison operators.\n *\n * The User type is extended by `tailor.d.ts`, which is automatically generated when running `tailor-sdk generate`.\n * Attributes enabled in the config file's `auth.userProfile.attributes` (or\n * `auth.machineUserAttributes` when userProfile is omitted) become available as types.\n * @example\n * ```ts\n * // tailor.config.ts\n * export const auth = defineAuth(\"my-auth\", {\n *   userProfile: {\n *     type: user,\n *     attributes: {\n *       isAdmin: true,\n *       roles: true,\n *     }\n *   }\n * });\n * ```\n */\nexport type PermissionCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | EqualityCondition<Level, User, Update, Type>\n  | ContainsCondition<Level, User, Update, Type>\n  | HasAnyCondition<Level, User, Update, Type>;\n\n// --- Runtime constants ---\n\n/**\n * Grants full record-level access without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllTypePermission: TailorTypePermission = {\n  create: [{ conditions: [], permit: true }],\n  read: [{ conditions: [], permit: true }],\n  update: [{ conditions: [], permit: true }],\n  delete: [{ conditions: [], permit: true }],\n};\n\n/**\n * Grants full GraphQL access (all actions) without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllGqlPermission: TailorTypeGqlPermission = [\n  { conditions: [], actions: \"all\", permit: true },\n];\n","import { t } from \"@/configure/types/type\";\nimport { brandValue } from \"@/utils/brand\";\nimport type { AuthInvoker } from \"@/configure/services/auth\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { TailorAnyField, TailorField } from \"@/configure/types/type\";\nimport type { TailorEnv } from \"@/types/env\";\nimport type { InferFieldsOutput, output } from \"@/types/helpers\";\nimport type { ResolverInput } from \"@/types/resolver.generated\";\nimport type { TailorInvoker, TailorUser } from \"@/types/user\";\n\ntype Context<Input extends Record<string, TailorAnyField> | undefined> = {\n  input: Input extends Record<string, TailorAnyField> ? InferFieldsOutput<Input> : never;\n  user: TailorUser;\n  invoker?: TailorInvoker;\n  env: TailorEnv;\n};\n\ntype OutputType<O> = O extends TailorAnyField\n  ? output<O>\n  : O extends Record<string, TailorAnyField>\n    ? InferFieldsOutput<O>\n    : never;\n\n/**\n * Normalized output type that preserves generic type information.\n * - If Output is already a TailorField, use it as-is\n * - If Output is a Record of fields, wrap it as a nested TailorField\n */\ntype NormalizedOutput<Output extends TailorAnyField | Record<string, TailorAnyField>> =\n  Output extends TailorAnyField\n    ? Output\n    : TailorField<\n        { type: \"nested\"; array: false },\n        InferFieldsOutput<Extract<Output, Record<string, TailorAnyField>>>\n      >;\n\ntype ResolverReturn<\n  Input extends Record<string, TailorAnyField> | undefined,\n  Output extends TailorAnyField | Record<string, TailorAnyField>,\n> = Omit<ResolverInput, \"input\" | \"output\" | \"body\" | \"authInvoker\"> &\n  Readonly<{\n    input?: Input;\n    output: NormalizedOutput<Output>;\n    body: (context: Context<Input>) => OutputType<Output> | Promise<OutputType<Output>>;\n    authInvoker?: AuthInvoker<string> | MachineUserName;\n  }>;\n\n/**\n * Create a resolver definition for the Tailor SDK.\n *\n * The `body` function receives a context with `input` (typed from `config.input`),\n * `user`, `invoker` (reflects `authInvoker` delegation), and `env`.\n * The return value of `body` must match the `output` type.\n *\n * `output` accepts either a single TailorField (e.g. `t.string()`) or a\n * Record of fields (e.g. `{ name: t.string(), age: t.int() }`).\n *\n * `publishEvents` enables publishing execution events for this resolver.\n * If not specified, this is automatically set to true when an executor uses this resolver\n * with `resolverExecutedTrigger`. If explicitly set to false while an executor uses this\n * resolver, an error will be thrown during apply.\n * @template Input\n * @template Output\n * @param config - Resolver configuration\n * @returns Normalized resolver configuration\n * @example\n * import { createResolver, t } from \"@tailor-platform/sdk\";\n *\n * export default createResolver({\n *   name: \"getUser\",\n *   operation: \"query\",\n *   input: {\n *     id: t.string(),\n *   },\n *   body: async ({ input, user }) => {\n *     const db = getDB(\"tailordb\");\n *     const result = await db.selectFrom(\"User\").selectAll().where(\"id\", \"=\", input.id).executeTakeFirst();\n *     return { name: result?.name ?? \"\", email: result?.email ?? \"\" };\n *   },\n *   output: t.object({\n *     name: t.string(),\n *     email: t.string(),\n *   }),\n * });\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function createResolver<\n  Input extends Record<string, TailorAnyField> | undefined = undefined,\n  Output extends TailorAnyField | Record<string, TailorAnyField> = TailorAnyField,\n>(\n  config: Omit<ResolverInput, \"input\" | \"output\" | \"body\" | \"authInvoker\"> &\n    Readonly<{\n      input?: Input;\n      output: Output;\n      body: (context: Context<Input>) => OutputType<Output> | Promise<OutputType<Output>>;\n      authInvoker?: AuthInvoker<string> | MachineUserName;\n    }>,\n): ResolverReturn<Input, Output> {\n  // Check if output is already a TailorField using duck typing.\n  // TailorField has `type: string` (e.g., \"uuid\", \"string\"), while\n  // Record<string, TailorField> either lacks `type` or has TailorField as value.\n  const isTailorField = (obj: unknown): obj is TailorAnyField =>\n    typeof obj === \"object\" &&\n    obj !== null &&\n    \"type\" in obj &&\n    typeof (obj as { type: unknown }).type === \"string\";\n\n  const normalizedOutput = isTailorField(config.output) ? config.output : t.object(config.output);\n\n  return brandValue(\n    {\n      ...config,\n      output: normalizedOutput,\n    } as ResolverReturn<Input, Output>,\n    \"resolver\",\n  );\n}\n\n// A loose config alias for userland use-cases\n// oxlint-disable-next-line no-explicit-any\nexport type ResolverConfig = ReturnType<typeof createResolver<any, any>>;\n","import { brandValue } from \"@/utils/brand\";\nimport type { Operation } from \"./operation\";\nimport type { Trigger } from \"./trigger\";\nimport type { AuthInvoker } from \"@/configure/services/auth\";\nimport type { Workflow } from \"@/configure/services/workflow/workflow\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { ExecutorInput } from \"@/types/executor.generated\";\n\n/**\n * Extract mainJob's Input type from Workflow.\n */\ntype WorkflowInput<W extends Workflow> = Parameters<W[\"trigger\"]>[0];\n\ntype TriggerArgs<T extends Trigger<unknown>> = T extends { __args: infer Args } ? Args : never;\n\ntype ExecutorBase<T extends Trigger<unknown>> = Omit<ExecutorInput, \"trigger\" | \"operation\"> & {\n  trigger: T;\n};\n\n/**\n * Executor type with conditional inference for workflow operations.\n * When operation.kind is \"workflow\", infers W from the workflow property\n * to ensure args type matches the workflow's mainJob input type.\n */\ntype Executor<T extends Trigger<unknown>, O> = O extends {\n  kind: \"workflow\";\n  workflow: infer W extends Workflow;\n}\n  ? ExecutorBase<T> & {\n      operation: {\n        kind: \"workflow\";\n        workflow: W;\n        args?: WorkflowInput<W> | ((args: TriggerArgs<T>) => WorkflowInput<W>);\n        authInvoker?: AuthInvoker<string> | MachineUserName;\n      };\n    }\n  : ExecutorBase<T> & {\n      operation: O;\n    };\n\n/**\n * Create an executor configuration for the Tailor SDK.\n *\n * Executors are event-driven handlers that respond to record changes,\n * resolver executions, or other events.\n *\n * Operation kinds: \"function\", \"graphql\", \"webhook\", \"workflow\".\n * @template T\n * @template O\n * @param config - Executor configuration\n * @returns The same executor configuration\n * @example\n * import { createExecutor, recordCreatedTrigger } from \"@tailor-platform/sdk\";\n * import { order } from \"../tailordb/order\";\n *\n * export default createExecutor({\n *   name: \"order-created\",\n *   description: \"Handles new order creation\",\n *   trigger: recordCreatedTrigger({ type: order }),\n *   operation: {\n *     kind: \"function\",\n *     body: async ({ newRecord }) => {\n *       console.log(\"New order:\", newRecord.id);\n *     },\n *   },\n * });\n */\nexport function createExecutor<\n  T extends Trigger<unknown>,\n  O extends Operation<TriggerArgs<T>> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<T, O>): Executor<T, O>;\n\n/**\n * Create an executor configuration for the Tailor SDK.\n * This overload preserves source compatibility for legacy explicit generic calls,\n * where the first generic argument represents trigger args.\n * @template Args\n * @template O\n * @param config - Executor configuration\n * @returns The same executor configuration\n */\nexport function createExecutor<\n  Args,\n  O extends Operation<Args> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<Trigger<Args>, O>): Executor<Trigger<Args>, O>;\n\n/* @__NO_SIDE_EFFECTS__ */\nexport function createExecutor<\n  T extends Trigger<unknown>,\n  O extends Operation<TriggerArgs<T>> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<T, O>) {\n  return brandValue(config, \"executor\");\n}\n","import type { ResolverConfig } from \"@/configure/services/resolver/resolver\";\nimport type { TailorDBType } from \"@/configure/services/tailordb/schema\";\nimport type { IdpName } from \"@/configure/types/idp-name\";\nimport type { TailorActor } from \"@/types/actor\";\nimport type { TailorEnv } from \"@/types/env\";\nimport type {\n  TailorDBTrigger as ParserTailorDBTrigger,\n  ResolverExecutedTrigger as ParserResolverExecutedTrigger,\n  IdpUserTrigger as ParserIdpUserTrigger,\n  AuthAccessTokenTrigger as ParserAuthAccessTokenTrigger,\n} from \"@/types/executor.generated\";\nimport type { output } from \"@/types/helpers\";\n\ninterface EventArgs {\n  workspaceId: string;\n  appNamespace: string;\n  env: TailorEnv;\n  actor: TailorActor | null;\n}\n\ninterface RecordArgs extends EventArgs {\n  typeName: string;\n}\n\nexport interface RecordCreatedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"created\";\n  rawEvent: \"tailordb.type_record.created\";\n  newRecord: output<T>;\n}\n\nexport interface RecordUpdatedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"updated\";\n  rawEvent: \"tailordb.type_record.updated\";\n  newRecord: output<T>;\n  oldRecord: output<T>;\n}\n\nexport interface RecordDeletedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"deleted\";\n  rawEvent: \"tailordb.type_record.deleted\";\n  oldRecord: output<T>;\n}\n\n/**\n * Args for resolverExecutedTrigger. This is a discriminated union on `success`.\n *\n * When `success` is true, `result` contains the resolver output and `error` is never.\n * When `success` is false, `error` contains the error message and `result` is never.\n *\n * Narrow on `success` to safely access either `result` or `error`.\n * @example\n * body: async (args) => {\n *   if (args.success) {\n *     console.log(args.result);\n *   } else {\n *     console.error(args.error);\n *   }\n * }\n */\nexport type ResolverExecutedArgs<R extends ResolverConfig> = EventArgs & {\n  resolverName: string;\n} & (\n    | {\n        success: true;\n        result: output<R[\"output\"]>;\n        error?: never;\n      }\n    | {\n        success: false;\n        result?: never;\n        error: string;\n      }\n  );\n\n// IdP User Event Args\nexport interface IdpUserCreatedArgs extends EventArgs {\n  event: \"created\";\n  rawEvent: \"idp.user.created\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface IdpUserUpdatedArgs extends EventArgs {\n  event: \"updated\";\n  rawEvent: \"idp.user.updated\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface IdpUserDeletedArgs extends EventArgs {\n  event: \"deleted\";\n  rawEvent: \"idp.user.deleted\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport type IdpUserArgs = IdpUserCreatedArgs | IdpUserUpdatedArgs | IdpUserDeletedArgs;\n\n// Auth Access Token Event Args\nexport interface AuthAccessTokenIssuedArgs extends EventArgs {\n  event: \"issued\";\n  rawEvent: \"auth.access_token.issued\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface AuthAccessTokenRefreshedArgs extends EventArgs {\n  event: \"refreshed\";\n  rawEvent: \"auth.access_token.refreshed\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface AuthAccessTokenRevokedArgs extends EventArgs {\n  event: \"revoked\";\n  rawEvent: \"auth.access_token.revoked\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport type AuthAccessTokenArgs =\n  | AuthAccessTokenIssuedArgs\n  | AuthAccessTokenRefreshedArgs\n  | AuthAccessTokenRevokedArgs;\n\n// ---------------------------------------------------------------------------\n// TailorDB trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst recordEventMap = {\n  created: \"tailordb.type_record.created\",\n  updated: \"tailordb.type_record.updated\",\n  deleted: \"tailordb.type_record.deleted\",\n} as const;\ntype RecordEventMap = typeof recordEventMap;\ntype RecordEventKind = keyof RecordEventMap;\n\ntype RecordArgsMap<T extends TailorDBType> = {\n  created: RecordCreatedArgs<T>;\n  updated: RecordUpdatedArgs<T>;\n  deleted: RecordDeletedArgs<T>;\n};\n\ntype RecordMultiArgs<\n  T extends TailorDBType,\n  K extends RecordEventKind[],\n> = RecordArgsMap<T>[K[number]];\n\nexport type TailorDBTrigger<Args> = ParserTailorDBTrigger & {\n  __args: Args;\n};\n\ntype RecordTriggerOptions<T extends TailorDBType, Args> = {\n  type: T;\n  condition?: (args: Args) => boolean;\n};\n\n/**\n * Create a trigger that fires when a TailorDB record is created.\n * @template T\n * @param options - Trigger options\n * @returns Record created trigger\n */\nexport function recordCreatedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordCreatedArgs<T>>,\n): TailorDBTrigger<RecordCreatedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.created\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordCreatedArgs<T>,\n  };\n}\n\n/**\n * Create a trigger that fires when a TailorDB record is updated.\n * @template T\n * @param options - Trigger options\n * @returns Record updated trigger\n */\nexport function recordUpdatedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordUpdatedArgs<T>>,\n): TailorDBTrigger<RecordUpdatedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.updated\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordUpdatedArgs<T>,\n  };\n}\n\n/**\n * Create a trigger that fires when a TailorDB record is deleted.\n * @template T\n * @param options - Trigger options\n * @returns Record deleted trigger\n */\nexport function recordDeletedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordDeletedArgs<T>>,\n): TailorDBTrigger<RecordDeletedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.deleted\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordDeletedArgs<T>,\n  };\n}\n\ntype RecordTriggerMultiOptions<T extends TailorDBType, K extends RecordEventKind[]> = {\n  type: T;\n  events: K;\n  condition?: (args: RecordMultiArgs<T, K>) => boolean;\n};\n\n/**\n * Create a trigger that fires on multiple TailorDB record event types.\n * @template T\n * @template K\n * @param options - Trigger options with events array\n * @returns TailorDB record trigger\n */\nexport function recordTrigger<\n  T extends TailorDBType,\n  const K extends [RecordEventKind, ...RecordEventKind[]],\n>(options: RecordTriggerMultiOptions<T, K>): TailorDBTrigger<RecordMultiArgs<T, K>> {\n  const { type, events, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: events.map((k) => recordEventMap[k]),\n    typeName: type.name,\n    condition,\n    __args: {} as RecordMultiArgs<T, K>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Resolver trigger\n// ---------------------------------------------------------------------------\n\nexport type ResolverExecutedTrigger<Args> = ParserResolverExecutedTrigger & {\n  __args: Args;\n};\n\ntype ResolverExecutedTriggerOptions<R extends ResolverConfig> = {\n  resolver: R;\n  condition?: (args: ResolverExecutedArgs<R>) => boolean;\n};\n\n/**\n * Create a trigger that fires when a resolver is executed.\n * @template R\n * @param options - Trigger options\n * @returns Resolver executed trigger\n */\nexport function resolverExecutedTrigger<R extends ResolverConfig>(\n  options: ResolverExecutedTriggerOptions<R>,\n): ResolverExecutedTrigger<ResolverExecutedArgs<R>> {\n  const { resolver, condition } = options;\n  return {\n    kind: \"resolverExecuted\",\n    resolverName: resolver.name,\n    condition,\n    __args: {} as ResolverExecutedArgs<R>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// IdP User trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst idpUserEventMap = {\n  created: \"idp.user.created\",\n  updated: \"idp.user.updated\",\n  deleted: \"idp.user.deleted\",\n} as const;\ntype IdpUserEventMap = typeof idpUserEventMap;\ntype IdpUserEventKind = keyof IdpUserEventMap;\n\ntype IdpUserArgsMap = {\n  created: IdpUserCreatedArgs;\n  updated: IdpUserUpdatedArgs;\n  deleted: IdpUserDeletedArgs;\n};\n\ntype IdpUserMultiArgs<K extends IdpUserEventKind[]> = IdpUserArgsMap[K[number]];\n\nexport type IdpUserTrigger<Args> = ParserIdpUserTrigger & {\n  __args: Args;\n};\n\ntype IdpUserSingleTriggerOptions = {\n  /**\n   * IdP namespace name to subscribe to. Required when the project defines\n   * multiple IdPs; optional when a single IdP exists. Must match an IdP name\n   * declared in `defineConfig({ idp: [...] })`.\n   */\n  idp?: IdpName;\n};\n\n/**\n * Create a trigger that fires when an IdP user is created.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user created trigger\n */\nexport function idpUserCreatedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserCreatedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.created\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserCreatedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an IdP user is updated.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user updated trigger\n */\nexport function idpUserUpdatedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserUpdatedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.updated\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserUpdatedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an IdP user is deleted.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user deleted trigger\n */\nexport function idpUserDeletedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserDeletedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.deleted\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserDeletedArgs,\n  };\n}\n\ntype IdpUserTriggerOptions<K extends IdpUserEventKind[]> = {\n  events: K;\n  /**\n   * IdP namespace name to subscribe to. Required when the project defines\n   * multiple IdPs; optional when a single IdP exists. Must match an IdP name\n   * declared in `defineConfig({ idp: [...] })`.\n   */\n  idp?: IdpName;\n};\n\n/**\n * Create a trigger that fires on multiple IdP user event types.\n * @template K\n * @param options - Trigger options with events array\n * @param options.events - IdP user event kinds to subscribe to\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user trigger\n */\nexport function idpUserTrigger<const K extends [IdpUserEventKind, ...IdpUserEventKind[]]>(\n  options: IdpUserTriggerOptions<K>,\n): IdpUserTrigger<IdpUserMultiArgs<K>> {\n  const { events, idp } = options;\n  return {\n    kind: \"idpUser\",\n    events: events.map((k) => idpUserEventMap[k]),\n    ...(idp != null ? { idp } : {}),\n    __args: {} as IdpUserMultiArgs<K>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Auth Access Token trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst authAccessTokenEventMap = {\n  issued: \"auth.access_token.issued\",\n  refreshed: \"auth.access_token.refreshed\",\n  revoked: \"auth.access_token.revoked\",\n} as const;\ntype AuthAccessTokenEventMap = typeof authAccessTokenEventMap;\ntype AuthAccessTokenEventKind = keyof AuthAccessTokenEventMap;\n\ntype AuthAccessTokenArgsMap = {\n  issued: AuthAccessTokenIssuedArgs;\n  refreshed: AuthAccessTokenRefreshedArgs;\n  revoked: AuthAccessTokenRevokedArgs;\n};\n\ntype AuthAccessTokenMultiArgs<K extends AuthAccessTokenEventKind[]> =\n  AuthAccessTokenArgsMap[K[number]];\n\nexport type AuthAccessTokenTrigger<Args> = ParserAuthAccessTokenTrigger & {\n  __args: Args;\n};\n\n/**\n * Create a trigger that fires when an access token is issued.\n * @returns Auth access token issued trigger\n */\nexport function authAccessTokenIssuedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenIssuedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.issued\"],\n    __args: {} as AuthAccessTokenIssuedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an access token is refreshed.\n * @returns Auth access token refreshed trigger\n */\nexport function authAccessTokenRefreshedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenRefreshedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.refreshed\"],\n    __args: {} as AuthAccessTokenRefreshedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an access token is revoked.\n * @returns Auth access token revoked trigger\n */\nexport function authAccessTokenRevokedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenRevokedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.revoked\"],\n    __args: {} as AuthAccessTokenRevokedArgs,\n  };\n}\n\ntype AuthAccessTokenTriggerOptions<K extends AuthAccessTokenEventKind[]> = {\n  events: K;\n};\n\n/**\n * Create a trigger that fires on multiple auth access token event types.\n * @template K\n * @param options - Trigger options with events array\n * @returns Auth access token trigger\n */\nexport function authAccessTokenTrigger<\n  const K extends [AuthAccessTokenEventKind, ...AuthAccessTokenEventKind[]],\n>(options: AuthAccessTokenTriggerOptions<K>): AuthAccessTokenTrigger<AuthAccessTokenMultiArgs<K>> {\n  const { events } = options;\n  return {\n    kind: \"authAccessToken\",\n    events: events.map((k) => authAccessTokenEventMap[k]),\n    __args: {} as AuthAccessTokenMultiArgs<K>,\n  };\n}\n","import type { TailorEnv } from \"@/types/env\";\nimport type { ScheduleTriggerInput as ParserScheduleTriggerInput } from \"@/types/executor.generated\";\nimport type { StandardCRON } from \"ts-cron-validator\";\n\ntype Timezone =\n  | \"UTC\"\n  | \"Pacific/Midway\"\n  | \"Pacific/Niue\"\n  | \"Pacific/Pago_Pago\"\n  | \"America/Adak\"\n  | \"Pacific/Honolulu\"\n  | \"Pacific/Rarotonga\"\n  | \"Pacific/Tahiti\"\n  | \"Pacific/Marquesas\"\n  | \"America/Anchorage\"\n  | \"America/Juneau\"\n  | \"America/Metlakatla\"\n  | \"America/Nome\"\n  | \"America/Sitka\"\n  | \"America/Yakutat\"\n  | \"Pacific/Gambier\"\n  | \"America/Los_Angeles\"\n  | \"America/Tijuana\"\n  | \"America/Vancouver\"\n  | \"Pacific/Pitcairn\"\n  | \"America/Boise\"\n  | \"America/Cambridge_Bay\"\n  | \"America/Chihuahua\"\n  | \"America/Creston\"\n  | \"America/Dawson\"\n  | \"America/Dawson_Creek\"\n  | \"America/Denver\"\n  | \"America/Edmonton\"\n  | \"America/Fort_Nelson\"\n  | \"America/Hermosillo\"\n  | \"America/Inuvik\"\n  | \"America/Mazatlan\"\n  | \"America/Ojinaga\"\n  | \"America/Phoenix\"\n  | \"America/Whitehorse\"\n  | \"America/Yellowknife\"\n  | \"America/Bahia_Banderas\"\n  | \"America/Belize\"\n  | \"America/Chicago\"\n  | \"America/Costa_Rica\"\n  | \"America/El_Salvador\"\n  | \"America/Guatemala\"\n  | \"America/Indiana/Knox\"\n  | \"America/Indiana/Tell_City\"\n  | \"America/Managua\"\n  | \"America/Matamoros\"\n  | \"America/Menominee\"\n  | \"America/Merida\"\n  | \"America/Mexico_City\"\n  | \"America/Monterrey\"\n  | \"America/North_Dakota/Beulah\"\n  | \"America/North_Dakota/Center\"\n  | \"America/North_Dakota/New_Salem\"\n  | \"America/Rainy_River\"\n  | \"America/Rankin_Inlet\"\n  | \"America/Regina\"\n  | \"America/Resolute\"\n  | \"America/Swift_Current\"\n  | \"America/Tegucigalpa\"\n  | \"America/Winnipeg\"\n  | \"Pacific/Easter\"\n  | \"Pacific/Galapagos\"\n  | \"America/Atikokan\"\n  | \"America/Bogota\"\n  | \"America/Cancun\"\n  | \"America/Cayman\"\n  | \"America/Detroit\"\n  | \"America/Eirunepe\"\n  | \"America/Grand_Turk\"\n  | \"America/Guayaquil\"\n  | \"America/Havana\"\n  | \"America/Indiana/Indianapolis\"\n  | \"America/Indiana/Marengo\"\n  | \"America/Indiana/Petersburg\"\n  | \"America/Indiana/Vevay\"\n  | \"America/Indiana/Vincennes\"\n  | \"America/Indiana/Winamac\"\n  | \"America/Iqaluit\"\n  | \"America/Jamaica\"\n  | \"America/Kentucky/Louisville\"\n  | \"America/Kentucky/Monticello\"\n  | \"America/Lima\"\n  | \"America/Nassau\"\n  | \"America/New_York\"\n  | \"America/Nipigon\"\n  | \"America/Panama\"\n  | \"America/Pangnirtung\"\n  | \"America/Port-au-Prince\"\n  | \"America/Rio_Branco\"\n  | \"America/Thunder_Bay\"\n  | \"America/Toronto\"\n  | \"America/Anguilla\"\n  | \"America/Antigua\"\n  | \"America/Aruba\"\n  | \"America/Asuncion\"\n  | \"America/Barbados\"\n  | \"America/Blanc-Sablon\"\n  | \"America/Boa_Vista\"\n  | \"America/Campo_Grande\"\n  | \"America/Caracas\"\n  | \"America/Cuiaba\"\n  | \"America/Curacao\"\n  | \"America/Dominica\"\n  | \"America/Glace_Bay\"\n  | \"America/Goose_Bay\"\n  | \"America/Grenada\"\n  | \"America/Guadeloupe\"\n  | \"America/Guyana\"\n  | \"America/Halifax\"\n  | \"America/Kralendijk\"\n  | \"America/La_Paz\"\n  | \"America/Lower_Princes\"\n  | \"America/Manaus\"\n  | \"America/Marigot\"\n  | \"America/Martinique\"\n  | \"America/Moncton\"\n  | \"America/Montserrat\"\n  | \"America/Porto_Velho\"\n  | \"America/Port_of_Spain\"\n  | \"America/Puerto_Rico\"\n  | \"America/Santiago\"\n  | \"America/Santo_Domingo\"\n  | \"America/St_Barthelemy\"\n  | \"America/St_Kitts\"\n  | \"America/St_Lucia\"\n  | \"America/St_Thomas\"\n  | \"America/St_Vincent\"\n  | \"America/Thule\"\n  | \"America/Tortola\"\n  | \"Atlantic/Bermuda\"\n  | \"America/St_Johns\"\n  | \"America/Araguaina\"\n  | \"America/Argentina/Buenos_Aires\"\n  | \"America/Argentina/Catamarca\"\n  | \"America/Argentina/Cordoba\"\n  | \"America/Argentina/Jujuy\"\n  | \"America/Argentina/La_Rioja\"\n  | \"America/Argentina/Mendoza\"\n  | \"America/Argentina/Rio_Gallegos\"\n  | \"America/Argentina/Salta\"\n  | \"America/Argentina/San_Juan\"\n  | \"America/Argentina/San_Luis\"\n  | \"America/Argentina/Tucuman\"\n  | \"America/Argentina/Ushuaia\"\n  | \"America/Bahia\"\n  | \"America/Belem\"\n  | \"America/Cayenne\"\n  | \"America/Fortaleza\"\n  | \"America/Godthab\"\n  | \"America/Maceio\"\n  | \"America/Miquelon\"\n  | \"America/Montevideo\"\n  | \"America/Paramaribo\"\n  | \"America/Punta_Arenas\"\n  | \"America/Recife\"\n  | \"America/Santarem\"\n  | \"America/Sao_Paulo\"\n  | \"Antarctica/Palmer\"\n  | \"Antarctica/Rothera\"\n  | \"Atlantic/Stanley\"\n  | \"America/Noronha\"\n  | \"Atlantic/South_Georgia\"\n  | \"America/Scoresbysund\"\n  | \"Atlantic/Azores\"\n  | \"Atlantic/Cape_Verde\"\n  | \"Africa/Abidjan\"\n  | \"Africa/Accra\"\n  | \"Africa/Bamako\"\n  | \"Africa/Banjul\"\n  | \"Africa/Bissau\"\n  | \"Africa/Casablanca\"\n  | \"Africa/Conakry\"\n  | \"Africa/Dakar\"\n  | \"Africa/El_Aaiun\"\n  | \"Africa/Freetown\"\n  | \"Africa/Lome\"\n  | \"Africa/Monrovia\"\n  | \"Africa/Nouakchott\"\n  | \"Africa/Ouagadougou\"\n  | \"Africa/Sao_Tome\"\n  | \"America/Danmarkshavn\"\n  | \"Antarctica/Troll\"\n  | \"Atlantic/Canary\"\n  | \"Atlantic/Faroe\"\n  | \"Atlantic/Madeira\"\n  | \"Atlantic/Reykjavik\"\n  | \"Atlantic/St_Helena\"\n  | \"Europe/Dublin\"\n  | \"Europe/Guernsey\"\n  | \"Europe/Isle_of_Man\"\n  | \"Europe/Jersey\"\n  | \"Europe/Lisbon\"\n  | \"Europe/London\"\n  | \"Africa/Algiers\"\n  | \"Africa/Bangui\"\n  | \"Africa/Brazzaville\"\n  | \"Africa/Ceuta\"\n  | \"Africa/Douala\"\n  | \"Africa/Kinshasa\"\n  | \"Africa/Lagos\"\n  | \"Africa/Libreville\"\n  | \"Africa/Luanda\"\n  | \"Africa/Malabo\"\n  | \"Africa/Ndjamena\"\n  | \"Africa/Niamey\"\n  | \"Africa/Porto-Novo\"\n  | \"Africa/Tunis\"\n  | \"Africa/Windhoek\"\n  | \"Arctic/Longyearbyen\"\n  | \"Europe/Amsterdam\"\n  | \"Europe/Andorra\"\n  | \"Europe/Belgrade\"\n  | \"Europe/Berlin\"\n  | \"Europe/Bratislava\"\n  | \"Europe/Brussels\"\n  | \"Europe/Budapest\"\n  | \"Europe/Copenhagen\"\n  | \"Europe/Gibraltar\"\n  | \"Europe/Ljubljana\"\n  | \"Europe/Luxembourg\"\n  | \"Europe/Madrid\"\n  | \"Europe/Malta\"\n  | \"Europe/Monaco\"\n  | \"Europe/Oslo\"\n  | \"Europe/Paris\"\n  | \"Europe/Podgorica\"\n  | \"Europe/Prague\"\n  | \"Europe/Rome\"\n  | \"Europe/San_Marino\"\n  | \"Europe/Sarajevo\"\n  | \"Europe/Skopje\"\n  | \"Europe/Stockholm\"\n  | \"Europe/Tirane\"\n  | \"Europe/Vaduz\"\n  | \"Europe/Vatican\"\n  | \"Europe/Vienna\"\n  | \"Europe/Warsaw\"\n  | \"Europe/Zagreb\"\n  | \"Europe/Zurich\"\n  | \"Africa/Blantyre\"\n  | \"Africa/Bujumbura\"\n  | \"Africa/Cairo\"\n  | \"Africa/Gaborone\"\n  | \"Africa/Harare\"\n  | \"Africa/Johannesburg\"\n  | \"Africa/Juba\"\n  | \"Africa/Khartoum\"\n  | \"Africa/Kigali\"\n  | \"Africa/Lubumbashi\"\n  | \"Africa/Lusaka\"\n  | \"Africa/Maputo\"\n  | \"Africa/Maseru\"\n  | \"Africa/Mbabane\"\n  | \"Africa/Tripoli\"\n  | \"Asia/Amman\"\n  | \"Asia/Beirut\"\n  | \"Asia/Damascus\"\n  | \"Asia/Famagusta\"\n  | \"Asia/Gaza\"\n  | \"Asia/Hebron\"\n  | \"Asia/Jerusalem\"\n  | \"Asia/Nicosia\"\n  | \"Europe/Athens\"\n  | \"Europe/Bucharest\"\n  | \"Europe/Chisinau\"\n  | \"Europe/Helsinki\"\n  | \"Europe/Kaliningrad\"\n  | \"Europe/Kyiv\"\n  | \"Europe/Mariehamn\"\n  | \"Europe/Riga\"\n  | \"Europe/Sofia\"\n  | \"Europe/Tallinn\"\n  | \"Europe/Uzhgorod\"\n  | \"Europe/Vilnius\"\n  | \"Europe/Zaporizhzhia\"\n  | \"Africa/Addis_Ababa\"\n  | \"Africa/Asmara\"\n  | \"Africa/Dar_es_Salaam\"\n  | \"Africa/Djibouti\"\n  | \"Africa/Kampala\"\n  | \"Africa/Mogadishu\"\n  | \"Africa/Nairobi\"\n  | \"Antarctica/Syowa\"\n  | \"Asia/Aden\"\n  | \"Asia/Baghdad\"\n  | \"Asia/Bahrain\"\n  | \"Asia/Kuwait\"\n  | \"Asia/Qatar\"\n  | \"Asia/Riyadh\"\n  | \"Europe/Istanbul\"\n  | \"Europe/Kirov\"\n  | \"Europe/Minsk\"\n  | \"Europe/Moscow\"\n  | \"Europe/Simferopol\"\n  | \"Europe/Volgograd\"\n  | \"Indian/Antananarivo\"\n  | \"Indian/Comoro\"\n  | \"Indian/Mayotte\"\n  | \"Asia/Tehran\"\n  | \"Asia/Baku\"\n  | \"Asia/Dubai\"\n  | \"Asia/Muscat\"\n  | \"Asia/Tbilisi\"\n  | \"Asia/Yerevan\"\n  | \"Europe/Astrakhan\"\n  | \"Europe/Samara\"\n  | \"Europe/Saratov\"\n  | \"Europe/Ulyanovsk\"\n  | \"Indian/Mahe\"\n  | \"Indian/Mauritius\"\n  | \"Indian/Reunion\"\n  | \"Asia/Kabul\"\n  | \"Antarctica/Mawson\"\n  | \"Asia/Aqtau\"\n  | \"Asia/Aqtobe\"\n  | \"Asia/Ashgabat\"\n  | \"Asia/Atyrau\"\n  | \"Asia/Dushanbe\"\n  | \"Asia/Karachi\"\n  | \"Asia/Oral\"\n  | \"Asia/Qyzylorda\"\n  | \"Asia/Samarkand\"\n  | \"Asia/Tashkent\"\n  | \"Asia/Yekaterinburg\"\n  | \"Indian/Kerguelen\"\n  | \"Indian/Maldives\"\n  | \"Asia/Colombo\"\n  | \"Asia/Kolkata\"\n  | \"Asia/Kathmandu\"\n  | \"Antarctica/Vostok\"\n  | \"Asia/Almaty\"\n  | \"Asia/Bishkek\"\n  | \"Asia/Dhaka\"\n  | \"Asia/Omsk\"\n  | \"Asia/Qostanay\"\n  | \"Asia/Thimphu\"\n  | \"Asia/Urumqi\"\n  | \"Indian/Chagos\"\n  | \"Asia/Yangon\"\n  | \"Indian/Cocos\"\n  | \"Antarctica/Davis\"\n  | \"Asia/Bangkok\"\n  | \"Asia/Barnaul\"\n  | \"Asia/Hovd\"\n  | \"Asia/Ho_Chi_Minh\"\n  | \"Asia/Jakarta\"\n  | \"Asia/Krasnoyarsk\"\n  | \"Asia/Novokuznetsk\"\n  | \"Asia/Novosibirsk\"\n  | \"Asia/Phnom_Penh\"\n  | \"Asia/Pontianak\"\n  | \"Asia/Tomsk\"\n  | \"Asia/Vientiane\"\n  | \"Indian/Christmas\"\n  | \"Asia/Brunei\"\n  | \"Asia/Choibalsan\"\n  | \"Asia/Hong_Kong\"\n  | \"Asia/Irkutsk\"\n  | \"Asia/Kuala_Lumpur\"\n  | \"Asia/Kuching\"\n  | \"Asia/Macau\"\n  | \"Asia/Makassar\"\n  | \"Asia/Manila\"\n  | \"Asia/Shanghai\"\n  | \"Asia/Singapore\"\n  | \"Asia/Taipei\"\n  | \"Asia/Ulaanbaatar\"\n  | \"Australia/Perth\"\n  | \"Australia/Eucla\"\n  | \"Asia/Chita\"\n  | \"Asia/Dili\"\n  | \"Asia/Jayapura\"\n  | \"Asia/Khandyga\"\n  | \"Asia/Pyongyang\"\n  | \"Asia/Seoul\"\n  | \"Asia/Tokyo\"\n  | \"Asia/Yakutsk\"\n  | \"Pacific/Palau\"\n  | \"Australia/Adelaide\"\n  | \"Australia/Broken_Hill\"\n  | \"Australia/Darwin\"\n  | \"Antarctica/DumontDUrville\"\n  | \"Antarctica/Macquarie\"\n  | \"Asia/Ust-Nera\"\n  | \"Asia/Vladivostok\"\n  | \"Australia/Brisbane\"\n  | \"Australia/Currie\"\n  | \"Australia/Hobart\"\n  | \"Australia/Lindeman\"\n  | \"Australia/Melbourne\"\n  | \"Australia/Sydney\"\n  | \"Pacific/Chuuk\"\n  | \"Pacific/Guam\"\n  | \"Pacific/Port_Moresby\"\n  | \"Pacific/Saipan\"\n  | \"Australia/Lord_Howe\"\n  | \"Antarctica/Casey\"\n  | \"Asia/Magadan\"\n  | \"Asia/Sakhalin\"\n  | \"Asia/Srednekolymsk\"\n  | \"Pacific/Bougainville\"\n  | \"Pacific/Efate\"\n  | \"Pacific/Guadalcanal\"\n  | \"Pacific/Kosrae\"\n  | \"Pacific/Norfolk\"\n  | \"Pacific/Noumea\"\n  | \"Pacific/Pohnpei\"\n  | \"Antarctica/McMurdo\"\n  | \"Asia/Anadyr\"\n  | \"Asia/Kamchatka\"\n  | \"Pacific/Auckland\"\n  | \"Pacific/Fiji\"\n  | \"Pacific/Funafuti\"\n  | \"Pacific/Kwajalein\"\n  | \"Pacific/Majuro\"\n  | \"Pacific/Nauru\"\n  | \"Pacific/Tarawa\"\n  | \"Pacific/Wake\"\n  | \"Pacific/Wallis\"\n  | \"Pacific/Chatham\"\n  | \"Pacific/Apia\"\n  | \"Pacific/Enderbury\"\n  | \"Pacific/Fakaofo\"\n  | \"Pacific/Tongatapu\"\n  | \"Pacific/Kiritimati\";\n\nexport type ScheduleTrigger<Args> = ParserScheduleTriggerInput & {\n  __args: Args;\n};\n\nexport interface ScheduleArgs {\n  env: TailorEnv;\n}\n\ninterface ScheduleTriggerOptions<T extends string> {\n  cron: StandardCRON<T> extends never ? never : T;\n  timezone?: Timezone;\n}\n\n/**\n * Create a schedule-based trigger using a CRON expression and optional timezone.\n * @template T\n * @param options - Schedule options\n * @returns Schedule trigger\n */\nexport function scheduleTrigger<T extends string>(\n  options: ScheduleTriggerOptions<T>,\n): ScheduleTrigger<ScheduleArgs> {\n  const { cron, timezone } = options;\n  return {\n    kind: \"schedule\",\n    cron,\n    timezone,\n    __args: {} as ScheduleArgs,\n  };\n}\n","import type { TailorEnv } from \"@/types/env\";\nimport type { IncomingWebhookTrigger as ParserIncomingWebhookTrigger } from \"@/types/executor.generated\";\nimport type { JsonValue } from \"@/types/helpers\";\n\nexport interface IncomingWebhookArgs<T extends IncomingWebhookRequest> {\n  body: T[\"body\"];\n  headers: T[\"headers\"];\n  method: \"POST\" | \"GET\" | \"PUT\" | \"DELETE\";\n  rawBody: string;\n  env: TailorEnv;\n}\n\nexport interface IncomingWebhookRequest {\n  body: Record<string, unknown>;\n  headers: Record<string, string>;\n}\n\nexport interface IncomingWebhookResponseConfig<Args> {\n  /**\n   * Expression that returns the webhook HTTP response body.\n   * Receives the same args as the executor operation.\n   */\n  body?: (args: Args) => JsonValue;\n  /**\n   * HTTP status code for the response.\n   * If omitted and `body` is set, the platform uses 200.\n   */\n  statusCode?: number;\n}\n\nexport type IncomingWebhookResponse<Args> =\n  | ((args: Args) => JsonValue)\n  | IncomingWebhookResponseConfig<Args>;\n\nexport interface IncomingWebhookTriggerOptions<Args> {\n  response?: IncomingWebhookResponse<Args>;\n}\n\nexport type IncomingWebhookTrigger<Args> = ParserIncomingWebhookTrigger & {\n  __args: Args;\n};\n\n/**\n * Create a trigger for incoming webhook requests.\n * @template T\n * @param options - Optional trigger options including response configuration\n * @returns Incoming webhook trigger\n */\nexport function incomingWebhookTrigger<T extends IncomingWebhookRequest>(\n  options?: IncomingWebhookTriggerOptions<IncomingWebhookArgs<T>>,\n): IncomingWebhookTrigger<IncomingWebhookArgs<T>> {\n  const response =\n    typeof options?.response === \"function\" ? { body: options.response } : options?.response;\n  return {\n    kind: \"incomingWebhook\",\n    ...(response ? { response } : {}),\n    __args: {} as IncomingWebhookArgs<T>,\n  };\n}\n","import { brandValue } from \"@/utils/brand\";\nimport type { TailorWorkflowAPI } from \"@/runtime/workflow\";\nimport type { JsonCompatible } from \"@/types/helpers\";\n\n/**\n * A single wait point instance with typed `.wait()` and `.resolve()` methods.\n *\n * - `.wait(payload?)` suspends execution until resolved. Returns the result from `.resolve()`.\n * - `.resolve(executionId, callback)` resumes a suspended execution.\n *\n * Both `Payload` and `Result` must be JsonValue-compatible (primitives, plain objects, arrays).\n * Functions and objects with a `toJSON` method are rejected at the type level.\n */\nexport interface WaitPointInstance<Payload = undefined, Result = undefined> {\n  wait: [Payload] extends [undefined]\n    ? () => Promise<Result>\n    : (payload: Payload) => Promise<Result>;\n  resolve: (\n    executionId: string,\n    callback: (\n      payload: [Payload] extends [undefined] ? undefined : Payload,\n    ) => Result | Promise<Result>,\n  ) => Promise<void>;\n}\n\ninterface InternalWaitPointInstance {\n  wait: (payload?: unknown) => Promise<unknown>;\n  resolve: (\n    executionId: string,\n    callback: (payload: unknown) => unknown | Promise<unknown>,\n  ) => Promise<void>;\n}\n\ninterface WaitPointWithSetter {\n  instance: InternalWaitPointInstance;\n  setKey: (key: string) => void;\n}\n\nfunction getPlatformWorkflow() {\n  const platform = globalThis as { tailor?: { workflow?: TailorWorkflowAPI } };\n  const workflow = platform.tailor?.workflow;\n  if (!workflow) {\n    throw new Error(\n      \"tailor.workflow is not available. Run tests in the `tailor-runtime` Vitest environment, \" +\n        \"or acquire mockWorkflow() from @tailor-platform/sdk/vitest and set a wait/resolve handler.\",\n    );\n  }\n  return workflow;\n}\n\n/**\n * Create a WaitPointInstance that delegates to the platform runtime.\n * Use `mockWorkflow` from `@tailor-platform/sdk/vitest` to mock\n * `globalThis.tailor.workflow.wait/resolve` in tests.\n * @param initialKey - Initial key (can be updated via the returned setter)\n * @returns The instance and a setter to update the key after construction\n */\nfunction createWaitPointInstance(initialKey: string): WaitPointWithSetter {\n  let key = initialKey;\n\n  const instance = brandValue(\n    {\n      wait(payload?: unknown) {\n        return Promise.resolve(getPlatformWorkflow().wait(key, payload));\n      },\n      async resolve(executionId: string, callback: (p: unknown) => unknown | Promise<unknown>) {\n        await getPlatformWorkflow().resolve(executionId, key, callback);\n      },\n    },\n    \"wait-point\",\n  ) as InternalWaitPointInstance;\n\n  return {\n    instance,\n    setKey: (k: string) => {\n      key = k;\n    },\n  };\n}\n\n/**\n * The type produced by `define<Payload, Result>()` / `defineWaitPoint<Payload, Result>(key)`.\n * Resolves to `WaitPointInstance<Payload, Result>` when both types are JsonValue-compatible,\n * or to a template-literal error string that surfaces at the call site.\n */\ntype WaitPointDef<Payload, Result> = [null] extends [Payload]\n  ? \"ERROR: Payload cannot be null at the top level\"\n  : [undefined] extends [Result]\n    ? \"ERROR: Result cannot be (or include) undefined (resolve callback must return a value)\"\n    : [Payload] extends [undefined]\n      ? [Result] extends [JsonCompatible<Result>]\n        ? WaitPointInstance<Payload, Result>\n        : \"ERROR: Result must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n      : [undefined] extends [Payload]\n        ? \"ERROR: Payload cannot include undefined at the top level\"\n        : [Payload] extends [JsonCompatible<Payload>]\n          ? [Result] extends [JsonCompatible<Result>]\n            ? WaitPointInstance<Payload, Result>\n            : \"ERROR: Result must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n          : \"ERROR: Payload must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\";\n\n/**\n * The `define` function passed to the `defineWaitPoints` builder callback.\n * Returns an actual WaitPointInstance (not a phantom marker) so that the\n * builder's return type can flow through as-is, preserving JSDoc comments\n * on each property for IDE autocompletion.\n *\n * JSON validation is encoded in the return type rather than in type-parameter\n * constraints, because tsgo rejects self-referential constraints like\n * `Payload extends JsonCompatible<Payload>` as circular.\n */\ntype DefineFn = <Payload = undefined, Result = undefined>() => WaitPointDef<Payload, Result>;\n\n/**\n * Define a single typed wait point with an explicit key.\n *\n * `Payload` and `Result` must be JsonValue-compatible.\n * Functions and objects with a `toJSON` method are rejected at the type level;\n * class instances exposing methods are rejected via the property walk.\n * @param key - The wait point key used to match wait and resolve calls\n * @returns A WaitPointInstance with typed `.wait()` and `.resolve()` methods\n * @example\n * export const approval = defineWaitPoint<{ message: string }, { approved: boolean }>(\"approval\");\n *\n * await approval.wait({ message: \"Please approve\" });\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineWaitPoint<Payload = undefined, Result = undefined>(\n  key: string,\n): WaitPointDef<Payload, Result> {\n  return createWaitPointInstance(key).instance as unknown as WaitPointDef<Payload, Result>;\n}\n\n/**\n * Define a group of typed wait points for human-in-the-loop workflows.\n * Property names become the wait point keys.\n *\n * The return type is the same as the builder's return type, so JSDoc on each\n * property is preserved and visible in IDE autocompletion.\n *\n * `Payload` and `Result` must be JsonValue-compatible.\n * Functions and objects with a `toJSON` method are rejected at the type level;\n * class instances exposing methods are rejected via the property walk.\n * @param builder - Callback that receives a `define` factory and returns an object of wait points\n * @returns The same object returned by the builder (with correct keys set on each instance)\n * @example\n * export const waitPoints = defineWaitPoints(define => ({\n *   // Preceding JSDoc on this property is shown in IDE autocompletion\n *   approval: define<{ message: string }, { approved: boolean }>(),\n * }));\n *\n * // IDE shows the JSDoc when typing `waitPoints.`\n * await waitPoints.approval.wait({ message: \"Please approve\" });\n *\n * // For 2-level access, use destructured export with JSDoc attached to the export itself.\n */\n/* @__NO_SIDE_EFFECTS__ */\n// oxlint-disable-next-line no-explicit-any\nexport function defineWaitPoints<T extends Record<string, WaitPointInstance<any, any>>>(\n  builder: (define: DefineFn) => T,\n): T {\n  const setters = new Map<InternalWaitPointInstance, (key: string) => void>();\n\n  const define = (<Payload, Result>() => {\n    const { instance, setKey } = createWaitPointInstance(\"__pending__\");\n    setters.set(instance, setKey);\n    return instance as unknown as WaitPointDef<Payload, Result>;\n  }) as DefineFn;\n\n  const result = builder(define);\n\n  // Set the correct key on each instance based on the property name\n  for (const key of Object.keys(result)) {\n    const setter = setters.get(result[key] as unknown as InternalWaitPointInstance);\n    setter?.(key);\n  }\n\n  return result;\n}\n","/* oxlint-disable typescript/no-explicit-any */\nimport { brandValue } from \"@/utils/brand\";\nimport { dispatchTriggerWorkflow, registerWorkflow } from \"./registry\";\nimport type { AuthInvoker } from \"../auth\";\nimport type { WorkflowJob } from \"./job\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { ConcurrencyPolicy, RetryPolicy } from \"@/types/workflow.generated\";\n\nexport type { ConcurrencyPolicy, RetryPolicy };\n\nexport interface WorkflowConfig<\n  Job extends WorkflowJob<any, any, any> = WorkflowJob<any, any, any>,\n> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n}\n\nexport interface Workflow<Job extends WorkflowJob<any, any, any> = WorkflowJob<any, any, any>> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n  trigger: (\n    args: Parameters<Job[\"trigger\"]>[0],\n    options?: { authInvoker: AuthInvoker<string> | MachineUserName },\n  ) => Promise<string>;\n}\n\ninterface WorkflowDefinition<Job extends WorkflowJob<any, any, any>> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n}\n\n/**\n * Create a workflow definition that can be triggered via the Tailor SDK.\n * In production, bundler transforms .trigger() calls to tailor.workflow.triggerWorkflow().\n *\n * The workflow MUST be the default export of the file.\n * All jobs referenced by the workflow MUST be named exports.\n * @template Job\n * @param config - Workflow configuration\n * @returns Defined workflow\n * @example\n * export const fetchData = createWorkflowJob({ name: \"fetch-data\", body: async (input: { id: string }) => ({ id: input.id }) });\n * export const processData = createWorkflowJob({\n *   name: \"process-data\",\n *   body: async (input: { id: string }) => {\n *     const data = await fetchData.trigger({ id: input.id });\n *     return { data };\n *   },\n * });\n *\n * // Workflow must be default export; mainJob is the entry point\n * export default createWorkflow({\n *   name: \"data-processing\",\n *   mainJob: processData,\n * });\n */\nexport function createWorkflow<Job extends WorkflowJob<any, any, any>>(\n  config: WorkflowDefinition<Job>,\n): Workflow<Job> {\n  // Test-only registry/trigger shim; the platform bundle sets the flag so it is DCE'd.\n  if (!process.env.TAILOR_PLATFORM_BUNDLE) {\n    registerWorkflow(config.name, config.mainJob.name);\n  }\n\n  return brandValue(\n    {\n      ...config,\n      trigger: process.env.TAILOR_PLATFORM_BUNDLE\n        ? async () => {\n            throw new Error(\n              \"workflow.trigger() is rewritten at build time and unavailable in the bundle\",\n            );\n          }\n        : async (args, options) => await dispatchTriggerWorkflow(config.name, args, options),\n    } as Workflow<Job>,\n    \"workflow\",\n  );\n}\n","import type { StaticWebsiteDefinitionBrand } from \"@/types/staticwebsite-config\";\nimport type { StaticWebsiteInput } from \"@/types/staticwebsite.generated\";\nexport type { StaticWebsiteConfig } from \"@/types/staticwebsite-config\";\n\n/**\n * Define a static website configuration for the Tailor SDK.\n * @param name - Static website name\n * @param config - Static website configuration\n * @returns Defined static website\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineStaticWebSite(name: string, config: Omit<StaticWebsiteInput, \"name\">) {\n  const result = {\n    ...config,\n    name,\n    get url() {\n      return `${name}:url` as const;\n    },\n  } as const satisfies StaticWebsiteInput & { readonly url: string };\n\n  return result as typeof result & StaticWebsiteDefinitionBrand;\n}\n","import type { IdPUserField } from \"@/types/idp\";\nimport type { InferredAttributeMap } from \"@/types/user\";\n\ntype EqualityOperator = \"=\" | \"!=\";\ntype ContainsOperator = \"in\" | \"not in\";\n\ntype StringFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string ? K : never;\n}[keyof User];\n\ntype StringArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string[] ? K : never;\n}[keyof User];\n\ntype BooleanFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean ? K : never;\n}[keyof User];\n\ntype BooleanArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean[] ? K : never;\n}[keyof User];\n\ntype UserStringOperand<User extends object = InferredAttributeMap> = {\n  user: StringFieldKeys<User> | \"id\";\n};\n\ntype UserStringArrayOperand<User extends object = InferredAttributeMap> = {\n  user: StringArrayFieldKeys<User>;\n};\n\ntype UserBooleanOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanFieldKeys<User> | \"_loggedIn\";\n};\n\ntype UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanArrayFieldKeys<User>;\n};\n\ntype IdPUserOperand<Update extends boolean = false> = Update extends true\n  ? { oldIdpUser: IdPUserField } | { newIdpUser: IdPUserField }\n  : { idpUser: IdPUserField };\n\ntype StringEqualityCondition<User extends object, Update extends boolean> =\n  | readonly [string, EqualityOperator, string]\n  | readonly [UserStringOperand<User>, EqualityOperator, string]\n  | readonly [string, EqualityOperator, UserStringOperand<User>]\n  | readonly [\n      IdPUserOperand<Update>,\n      EqualityOperator,\n      string | UserStringOperand<User> | IdPUserOperand<Update>,\n    ]\n  | readonly [string | UserStringOperand<User>, EqualityOperator, IdPUserOperand<Update>];\n\ntype BooleanEqualityCondition<User extends object, Update extends boolean> =\n  | readonly [boolean, EqualityOperator, boolean]\n  | readonly [UserBooleanOperand<User>, EqualityOperator, boolean]\n  | readonly [boolean, EqualityOperator, UserBooleanOperand<User>]\n  | readonly [\n      IdPUserOperand<Update>,\n      EqualityOperator,\n      boolean | UserBooleanOperand<User> | IdPUserOperand<Update>,\n    ]\n  | readonly [boolean | UserBooleanOperand<User>, EqualityOperator, IdPUserOperand<Update>];\n\ntype EqualityCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = StringEqualityCondition<User, Update> | BooleanEqualityCondition<User, Update>;\n\ntype StringContainsCondition<User extends object, Update extends boolean> =\n  | readonly [string, ContainsOperator, string[]]\n  | readonly [UserStringOperand<User>, ContainsOperator, string[]]\n  | readonly [string, ContainsOperator, UserStringArrayOperand<User>]\n  | readonly [IdPUserOperand<Update>, ContainsOperator, string[] | UserStringArrayOperand<User>];\n\ntype BooleanContainsCondition<User extends object, Update extends boolean> =\n  | readonly [boolean, ContainsOperator, boolean[]]\n  | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]]\n  | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>]\n  | readonly [IdPUserOperand<Update>, ContainsOperator, boolean[] | UserBooleanArrayOperand<User>];\n\ntype ContainsCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = StringContainsCondition<User, Update> | BooleanContainsCondition<User, Update>;\n\nexport type IdPPermissionCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = EqualityCondition<User, Update> | ContainsCondition<User, Update>;\n\ntype IdPActionPermission<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> =\n  | {\n      conditions:\n        | IdPPermissionCondition<User, Update>\n        | readonly IdPPermissionCondition<User, Update>[];\n      description?: string | undefined;\n      /**\n       * Whether matching users are granted (`true`) or denied (`false`).\n       * Omitting `permit` in this object form defaults to `deny` and emits a\n       * warning; set it explicitly. (The array shorthand defaults to `allow`.)\n       */\n      permit?: boolean;\n    }\n  | readonly [...IdPPermissionCondition<User, Update>, ...([] | [boolean])]\n  | readonly [...IdPPermissionCondition<User, Update>[], ...([] | [boolean])];\n\n/**\n * Per-operation permission policies for an IdP service.\n * Defines create, read, update, delete, and sendPasswordResetEmail permissions.\n *\n * For update operations, use `newIdpUser`/`oldIdpUser` operands instead of `idpUser`.\n * @example\n * const permission: IdPPermission = {\n *   create: [{ conditions: [[{ user: \"role\" }, \"=\", \"ADMIN\"]], permit: true }],\n *   read: [{ conditions: [[{ user: \"_loggedIn\" }, \"=\", true]], permit: true }],\n *   update: [{ conditions: [[{ newIdpUser: \"name\" }, \"=\", { user: \"id\" }]], permit: true }],\n *   delete: [{ conditions: [[{ user: \"role\" }, \"=\", \"ADMIN\"]], permit: true }],\n *   sendPasswordResetEmail: [{ conditions: [], permit: true }],\n * };\n */\nexport type IdPPermission<User extends object = InferredAttributeMap> = {\n  create: readonly IdPActionPermission<User, false>[];\n  read: readonly IdPActionPermission<User, false>[];\n  update: readonly IdPActionPermission<User, true>[];\n  delete: readonly IdPActionPermission<User, false>[];\n  sendPasswordResetEmail: readonly IdPActionPermission<User, false>[];\n};\n\n/**\n * Grants full IdP permission access without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllIdPPermission: IdPPermission = {\n  create: [{ conditions: [], permit: true }],\n  read: [{ conditions: [], permit: true }],\n  update: [{ conditions: [], permit: true }],\n  delete: [{ conditions: [], permit: true }],\n  sendPasswordResetEmail: [{ conditions: [], permit: true }],\n};\n","import type { IdPPermission } from \"./permission\";\nimport type { BuiltinIdP } from \"@/types/auth.generated\";\nimport type { IdpDefinitionBrand } from \"@/types/idp\";\nimport type { IdPInput } from \"@/types/idp.generated\";\n\nexport type {\n  IdPEmailConfig,\n  IdPGqlOperations,\n  IdPGqlOperationsInput as IdPGqlOperationsConfig,\n} from \"@/types/idp.generated\";\n\n/**\n * Define an IdP service configuration for the Tailor SDK.\n * @template TClients\n * @param name - IdP service name\n * @param config - IdP configuration\n * @returns Defined IdP service\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineIdp<const TClients extends string[]>(\n  name: string,\n  config: Omit<IdPInput, \"name\" | \"clients\" | \"permission\"> & {\n    clients: TClients;\n    permission?: IdPPermission;\n  },\n) {\n  const result = {\n    ...config,\n    name,\n    provider(providerName: string, clientName: TClients[number]) {\n      return {\n        name: providerName,\n        kind: \"BuiltInIdP\",\n        namespace: name,\n        clientName,\n      } as const satisfies BuiltinIdP;\n    },\n  } as const satisfies IdPInput & {\n    provider: (providerName: string, clientName: TClients[number]) => BuiltinIdP;\n  };\n\n  return result as typeof result & IdpDefinitionBrand;\n}\n\nexport type { IdPConfig, IdPExternalConfig } from \"@/types/idp\";\n\nexport type { IdPPermission, IdPPermissionCondition } from \"./permission\";\nexport { unsafeAllowAllIdPPermission } from \"./permission\";\n","import type { SecretsDefinitionBrand } from \"@/types/secrets-config\";\nexport type { SecretsConfig } from \"@/types/secrets-config\";\n\ntype SecretsVaultInput = Record<string, string>;\ntype SecretsVaultInputNullish = Record<string, string | undefined | null>;\ntype SecretsInput = Record<string, SecretsVaultInput>;\ntype SecretsInputNullish = Record<string, SecretsVaultInputNullish>;\n\ntype SecretsOptions = {\n  readonly ignoreNullishValues: boolean;\n};\n\ntype DefinedSecrets<T extends SecretsInputNullish> = {\n  readonly vaults: T;\n  readonly options: SecretsOptions;\n  get<V extends Extract<keyof T, string>, S extends Extract<keyof T[V], string>>(\n    vault: V,\n    secret: S,\n  ): Promise<string | undefined>;\n  getAll<V extends Extract<keyof T, string>, S extends Extract<keyof T[V], string>>(\n    vault: V,\n    secrets: readonly S[],\n  ): Promise<(string | undefined)[]>;\n} & SecretsDefinitionBrand;\n\n/**\n * Define secrets configuration for the Tailor SDK.\n * Each key is a vault name, and its value is a record of secret name to secret value.\n * @param config - Secrets configuration mapping vault names to their secrets\n * @returns Defined secrets with typed runtime access methods\n */\nexport function defineSecretManager<const T extends SecretsInput>(config: T): DefinedSecrets<T>;\n/**\n * Define secrets configuration for the Tailor SDK with ignoreNullishValues option.\n * When `ignoreNullishValues` is true, secrets with nullish values are skipped during deploy\n * instead of causing an error. This is useful for CI environments where not all\n * secret values are available.\n * @param config - Secrets configuration mapping vault names to their secrets\n * @param options - Options for secret management behavior\n * @param options.ignoreNullishValues - When true, secrets with nullish values are skipped during deploy\n * @returns Defined secrets with typed runtime access methods\n */\nexport function defineSecretManager<const T extends SecretsInputNullish>(\n  config: T,\n  options: { ignoreNullishValues: true },\n): DefinedSecrets<T>;\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineSecretManager<const T extends SecretsInputNullish>(\n  config: T,\n  options?: { ignoreNullishValues?: boolean },\n): DefinedSecrets<T> {\n  const result: Record<string, unknown> = {\n    vaults: config,\n    options: { ignoreNullishValues: options?.ignoreNullishValues ?? false },\n  };\n\n  // Non-enumerable so Zod's z.object validation ignores them\n  Object.defineProperty(result, \"get\", {\n    value: async (vault: string, secret: string) => {\n      return tailor.secretmanager.getSecret(vault, secret);\n    },\n    enumerable: false,\n  });\n  Object.defineProperty(result, \"getAll\", {\n    value: async (vault: string, secrets: readonly string[]) => {\n      const record = await tailor.secretmanager.getSecrets(vault, secrets);\n      return secrets.map((s) => record[s]);\n    },\n    enumerable: false,\n  });\n\n  return result as DefinedSecrets<T>;\n}\n","import { brandValue } from \"@/utils/brand\";\nimport type { HttpAdapterConfigInput } from \"@/types/http-adapter.generated\";\n\n/**\n * Lowercase HTTP method keys accepted in `input`, derived from the config\n * schema via the generated type so they cannot drift.\n */\ntype HttpMethodKey = keyof Required<HttpAdapterConfigInput[\"input\"]>;\n\n/** Incoming HTTP request passed to an `input` handler. */\nexport type HttpAdapterRequest = {\n  method: Uppercase<HttpMethodKey>;\n  path: string;\n  headers: Record<string, string>;\n  query: Record<string, string>;\n  body: string;\n};\n\n/** GraphQL request returned by an `input` handler. */\nexport type HttpAdapterGraphQLRequest = {\n  query: string;\n  variables?: Record<string, unknown>;\n  operationName?: string;\n};\n\n/** Converts an incoming HTTP request into a GraphQL request. */\nexport type HttpAdapterInputFn = (req: HttpAdapterRequest) => HttpAdapterGraphQLRequest;\n\n/** GraphQL execution result passed to the `output` handler. */\nexport type HttpAdapterGraphQLResponse = {\n  data?: unknown;\n  errors?: unknown;\n  extensions?: unknown;\n};\n\n/** HTTP response returned by the `output` handler. */\nexport type HttpAdapterResponse = {\n  statusCode?: number;\n  headers?: Record<string, string>;\n  body: string;\n};\n\n/** Converts a GraphQL response into an HTTP response. */\nexport type HttpAdapterOutputFn = (resp: HttpAdapterGraphQLResponse) => HttpAdapterResponse;\n\n/**\n * Per-method input handlers. At least one method must be provided.\n * Each handler transforms an HTTP request into a GraphQL request.\n */\nexport type HttpAdapterInput = Partial<Record<HttpMethodKey, HttpAdapterInputFn>>;\n\n/**\n * HTTP adapter configuration accepted by `createHttpAdapter` with typed\n * `input` and `output` signatures.\n */\n// Internally, the parser-side representation is the looser `HttpAdapterConfig`\n// from `@/types/http-adapter.generated`, where the function fields are typed\n// as `Function`.\nexport type HttpAdapter = Omit<HttpAdapterConfigInput, \"input\" | \"output\"> & {\n  input: HttpAdapterInput;\n  output?: HttpAdapterOutputFn;\n};\n\n/**\n * Defines an HTTP adapter that translates HTTP requests to GraphQL queries\n * and shapes the GraphQL response back into an HTTP response.\n *\n * The adapter MUST be the default export of its file.\n * Files are discovered via the `httpAdapter.files` glob in `defineConfig()`.\n *\n * `input` is an object keyed by lowercase HTTP method (`get`, `post`, `put`,\n * `patch`, `delete`). At least one method must be declared; the methods the\n * adapter serves are derived from these keys.\n *\n * `output` is optional and shared across all methods. If you need different\n * response shapes per method, discriminate inside `output` based on the\n * GraphQL response shape.\n *\n * Each handler runs server-side and must be synchronous: Node APIs, `fetch`,\n * `async`/`await`, Promises, and top-level `await` are not available.\n *\n * Optional fields: `enabled` (default `true`; set `false` to deploy the adapter\n * without serving it) and `priority` (non-negative integer, default `0`; when\n * multiple adapters match the same request path, the lowest value wins).\n * @param config - HTTP adapter configuration\n * @returns Branded HTTP adapter definition\n * @example\n * export default createHttpAdapter({\n *   name: \"get-user\",\n *   pathPattern: \"/users/*\",\n *   input: {\n *     get: (req) => ({\n *       query: `query($id: ID!) { user(id: $id) { id name } }`,\n *       variables: { id: req.path.split(\"/\")[2] },\n *     }),\n *   },\n *   output: (resp) => ({\n *     statusCode: 200,\n *     headers: { \"content-type\": \"application/json\" },\n *     body: JSON.stringify(resp.data),\n *   }),\n * });\n */\nexport function createHttpAdapter(config: HttpAdapter): HttpAdapter {\n  return brandValue({ ...config }, \"http-adapter\");\n}\n","import type { AppConfig } from \"@/types/app-config\";\nimport type { GeneratorConfig } from \"@/types/generator-config\";\nimport type { Plugin } from \"@/types/plugin\";\n\n/**\n * Define a Tailor SDK application configuration with shallow exactness.\n * @template Config\n * @param config - Application configuration\n * @returns The same configuration object\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineConfig<\n  const Config extends AppConfig &\n    // type-fest's Exact works recursively and causes type errors, so we use a shallow version here.\n    Record<Exclude<keyof Config, keyof AppConfig>, never>,\n>(config: Config) {\n  return config;\n}\n\n/**\n * Define generators to be used with the Tailor SDK.\n * @deprecated Use definePlugins() with generation hooks (onTypeLoaded, generate, etc.) instead.\n * @param configs - Generator configurations\n * @returns Generator configurations as given\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineGenerators(...configs: GeneratorConfig[]) {\n  return configs;\n}\n\n/**\n * Define plugins to be used with the Tailor SDK.\n * Plugins can generate additional types, resolvers, and executors\n * based on existing TailorDB types.\n * @param configs - Plugin configurations\n * @returns Plugin configurations as given\n */\n/* @__NO_SIDE_EFFECTS__ */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function definePlugins(...configs: Plugin<any, any>[]) {\n  return configs;\n}\n","import { t as _t } from \"@/configure/types\";\nimport type * as helperTypes from \"@/types/helpers\";\n\ntype TailorOutput<T> = helperTypes.output<T>;\n\nexport type infer<T> = TailorOutput<T>;\nexport type output<T> = TailorOutput<T>;\n\n/** TailorDB field type builders. */\n// eslint-disable-next-line import-x/export\nexport const t = _t;\n// eslint-disable-next-line @typescript-eslint/no-namespace, import-x/export\nexport namespace t {\n  export type output<T> = TailorOutput<T>;\n  export type infer<T> = TailorOutput<T>;\n}\n\nexport { type TailorField } from \"@/configure/types/type\";\nexport {\n  type TailorUser,\n  type TailorInvoker,\n  unauthenticatedTailorUser,\n  type AttributeMap,\n  type AttributeList,\n} from \"@/types/user\";\nexport { type Env } from \"@/types/env\";\nexport { type MachineUserNameRegistry, type MachineUserName } from \"@/configure/types/machine-user\";\nexport { type IdpNameRegistry, type IdpName } from \"@/configure/types/idp-name\";\n\nexport * from \"@/configure/services\";\n\nexport { defineConfig, defineGenerators, definePlugins } from \"@/configure/config\";\n\n// Plugin types for custom plugin development\nexport type {\n  Plugin,\n  PluginConfigs,\n  PluginOutput,\n  TypePluginOutput,\n  NamespacePluginOutput,\n  PluginProcessContext,\n  PluginNamespaceProcessContext,\n  PluginAttachment,\n  PluginGeneratedType,\n  PluginGeneratedResolver,\n  PluginGeneratedExecutor,\n  PluginGeneratedExecutorWithFile,\n  PluginExecutorContext,\n  PluginExecutorContextBase,\n  TailorDBTypeForPlugin,\n} from \"@/types/plugin\";\n\n// Generation-time hook context types for plugin development\nexport type {\n  TailorDBReadyContext,\n  ResolverReadyContext,\n  ExecutorReadyContext,\n  TailorDBNamespaceData,\n  ResolverNamespaceData,\n  GeneratorResult,\n} from \"@/types/plugin-generation\";\n"],"mappings":";;;;;;;;;AA2CA,MAAa,4BAAwC;CACnD,IAAI;CACJ,MAAM;CACN,aAAa;CACb,YAAY;CACZ,eAAe,CAAC;AAClB;;;;;ACiGA,SAAgB,WASd,MACA,QAGA;CAmBA,OAAO;EAjBL,GAAG;EACH;EACA,QAAoC,aAAgB;GAClD,OAAO;IAAE,WAAW;IAAM,iBAAiB;GAAY;EACzD;EACA,mBAAqC,gBAAuD;GAC1F,OAAO,OAAO,eAAe,mBAAmB,cAAc;EAChE;CAUU;AACd;;;;;;;;;;;AC8GA,MAAa,+BAAqD;CAChE,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,MAAM,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACvC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;AAC3C;;;;;;;;AASA,MAAa,8BAAuD,CAClE;CAAE,YAAY,CAAC;CAAG,SAAS;CAAO,QAAQ;AAAK,CACjD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC3NA,SAAgB,eAId,QAO+B;CAI/B,MAAM,iBAAiB,QACrB,OAAO,QAAQ,YACf,QAAQ,QACR,UAAU,OACV,OAAQ,IAA0B,SAAS;CAE7C,MAAM,mBAAmB,cAAc,OAAO,MAAM,IAAI,OAAO,SAASA,IAAE,OAAO,OAAO,MAAM;CAE9F,OAAO,WACL;EACE,GAAG;EACH,QAAQ;CACV,GACA,UACF;AACF;;;;;AC7BA,SAAgB,eAGd,QAAwB;CACxB,OAAO,WAAW,QAAQ,UAAU;AACtC;;;;ACqCA,MAAM,iBAAiB;CACrB,SAAS;CACT,SAAS;CACT,SAAS;AACX;;;;;;;AA8BA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;;AAeA,SAAgB,cAGd,SAAkF;CAClF,MAAM,EAAE,MAAM,QAAQ,cAAc;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,eAAe,EAAE;EAC3C,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAqBA,SAAgB,wBACd,SACkD;CAClD,MAAM,EAAE,UAAU,cAAc;CAChC,OAAO;EACL,MAAM;EACN,cAAc,SAAS;EACvB;EACA,QAAQ,CAAC;CACX;AACF;AAMA,MAAM,kBAAkB;CACtB,SAAS;CACT,SAAS;CACT,SAAS;AACX;;;;;;;AA+BA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;;;AAoBA,SAAgB,eACd,SACqC;CACrC,MAAM,EAAE,QAAQ,QAAQ;CACxB,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,gBAAgB,EAAE;EAC5C,GAAI,OAAO,OAAO,EAAE,IAAI,IAAI,CAAC;EAC7B,QAAQ,CAAC;CACX;AACF;AAMA,MAAM,0BAA0B;CAC9B,QAAQ;CACR,WAAW;CACX,SAAS;AACX;;;;;AAqBA,SAAgB,+BAAkF;CAChG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,0BAA0B;EACnC,QAAQ,CAAC;CACX;AACF;;;;;AAMA,SAAgB,kCAAwF;CACtG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,6BAA6B;EACtC,QAAQ,CAAC;CACX;AACF;;;;;AAMA,SAAgB,gCAAoF;CAClG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,2BAA2B;EACpC,QAAQ,CAAC;CACX;AACF;;;;;;;AAYA,SAAgB,uBAEd,SAAgG;CAChG,MAAM,EAAE,WAAW;CACnB,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,wBAAwB,EAAE;EACpD,QAAQ,CAAC;CACX;AACF;;;;;;;;;;AChBA,SAAgB,gBACd,SAC+B;CAC/B,MAAM,EAAE,MAAM,aAAa;CAC3B,OAAO;EACL,MAAM;EACN;EACA;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;;;;AC5ZA,SAAgB,uBACd,SACgD;CAChD,MAAM,WACJ,OAAO,SAAS,aAAa,aAAa,EAAE,MAAM,QAAQ,SAAS,IAAI,SAAS;CAClF,OAAO;EACL,MAAM;EACN,GAAI,WAAW,EAAE,SAAS,IAAI,CAAC;EAC/B,QAAQ,CAAC;CACX;AACF;;;;ACpBA,SAAS,sBAAsB;CAE7B,MAAM,WAAWC,WAAS,QAAQ;CAClC,IAAI,CAAC,UACH,MAAM,IAAI,MACR,oLAEF;CAEF,OAAO;AACT;;;;;;;;AASA,SAAS,wBAAwB,YAAyC;CACxE,IAAI,MAAM;CAcV,OAAO;EACL,UAbe,WACf;GACE,KAAK,SAAmB;IACtB,OAAO,QAAQ,QAAQ,oBAAoB,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC;GACjE;GACA,MAAM,QAAQ,aAAqB,UAAsD;IACvF,MAAM,oBAAoB,CAAC,CAAC,QAAQ,aAAa,KAAK,QAAQ;GAChE;EACF,GACA,YAIO;EACP,SAAS,MAAc;GACrB,MAAM;EACR;CACF;AACF;;;;;;;;;;;;;;;AAiDA,SAAgB,gBACd,KAC+B;CAC/B,OAAO,wBAAwB,GAAG,CAAC,CAAC;AACtC;;;;;;;;;;;;;;;;;;;;;;;;;AA2BA,SAAgB,iBACd,SACG;CACH,MAAM,0BAAU,IAAI,IAAsD;CAE1E,MAAM,gBAAiC;EACrC,MAAM,EAAE,UAAU,WAAW,wBAAwB,aAAa;EAClE,QAAQ,IAAI,UAAU,MAAM;EAC5B,OAAO;CACT;CAEA,MAAM,SAAS,QAAQ,MAAM;CAG7B,KAAK,MAAM,OAAO,OAAO,KAAK,MAAM,GAElC,AADe,QAAQ,IAAI,OAAO,IAC7B,CAAC,GAAG,GAAG;CAGd,OAAO;AACT;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHA,SAAgB,eACd,QACe;CAEf,IAAI,CAAC,QAAQ,IAAI,wBACf,iBAAiB,OAAO,MAAM,OAAO,QAAQ,IAAI;CAGnD,OAAO,WACL;EACE,GAAG;EACH,SAAS,QAAQ,IAAI,yBACjB,YAAY;GACV,MAAM,IAAI,MACR,6EACF;EACF,IACA,OAAO,MAAM,YAAY,MAAM,wBAAwB,OAAO,MAAM,MAAM,OAAO;CACvF,GACA,UACF;AACF;;;;;;;;;;;ACxEA,SAAgB,oBAAoB,MAAc,QAA0C;CAS1F,OAAO;EAPL,GAAG;EACH;EACA,IAAI,MAAM;GACR,OAAO,GAAG,KAAK;EACjB;CAGU;AACd;;;;;;;;;;;ACsHA,MAAa,8BAA6C;CACxD,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,MAAM,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACvC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,wBAAwB,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;AAC3D;;;;;;;;;;;;AC9HA,SAAgB,UACd,MACA,QAIA;CAgBA,OAAO;EAdL,GAAG;EACH;EACA,SAAS,cAAsB,YAA8B;GAC3D,OAAO;IACL,MAAM;IACN,MAAM;IACN,WAAW;IACX;GACF;EACF;CAKU;AACd;;;;;ACKA,SAAgB,oBACd,QACA,SACmB;CACnB,MAAM,SAAkC;EACtC,QAAQ;EACR,SAAS,EAAE,qBAAqB,SAAS,uBAAuB,MAAM;CACxE;CAGA,OAAO,eAAe,QAAQ,OAAO;EACnC,OAAO,OAAO,OAAe,WAAmB;GAC9C,OAAO,OAAO,cAAc,UAAU,OAAO,MAAM;EACrD;EACA,YAAY;CACd,CAAC;CACD,OAAO,eAAe,QAAQ,UAAU;EACtC,OAAO,OAAO,OAAe,YAA+B;GAC1D,MAAM,SAAS,MAAM,OAAO,cAAc,WAAW,OAAO,OAAO;GACnE,OAAO,QAAQ,KAAK,MAAM,OAAO,EAAE;EACrC;EACA,YAAY;CACd,CAAC;CAED,OAAO;AACT;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC+BA,SAAgB,kBAAkB,QAAkC;CAClE,OAAO,WAAW,EAAE,GAAG,OAAO,GAAG,cAAc;AACjD;;;;;;;;;;;AC9FA,SAAgB,aAId,QAAgB;CAChB,OAAO;AACT;;;;;;;;AASA,SAAgB,iBAAiB,GAAG,SAA4B;CAC9D,OAAO;AACT;;;;;;;;;AAWA,SAAgB,cAAc,GAAG,SAA6B;CAC5D,OAAO;AACT;;;;;AC/BA,MAAa,IAAIC"}
+{"version":3,"file":"index.mjs","names":["t","platform","_t"],"sources":["../../src/configure/services/auth/index.ts","../../src/configure/services/tailordb/permission.ts","../../src/configure/services/resolver/resolver.ts","../../src/configure/services/executor/executor.ts","../../src/configure/services/executor/trigger/event.ts","../../src/configure/services/executor/trigger/schedule.ts","../../src/configure/services/executor/trigger/webhook.ts","../../src/configure/services/workflow/job.ts","../../src/configure/services/workflow/wait-point.ts","../../src/configure/services/workflow/workflow.ts","../../src/configure/services/staticwebsite/index.ts","../../src/configure/services/aigateway/index.ts","../../src/configure/services/idp/permission.ts","../../src/configure/services/idp/index.ts","../../src/configure/services/secrets/index.ts","../../src/configure/services/http-adapter/http-adapter.ts","../../src/configure/config/index.ts","../../src/configure/index.ts"],"sourcesContent":["import { type TailorDBInstance } from \"../tailordb/schema\";\nimport type {\n  AuthConnectionTokenResult,\n  AuthDefinitionBrand,\n  AuthServiceInput,\n  DefinedAuth,\n  UserAttributeListKey,\n  UserAttributeMap,\n} from \"@/configure/services/auth/types\";\nimport type {\n  DefinedFieldMetadata,\n  FieldMetadata,\n  TailorFieldType,\n  TailorField,\n} from \"@/configure/types/field.types\";\n\ntype MachineUserAttributeFields = Record<\n  string,\n  TailorField<DefinedFieldMetadata, unknown, FieldMetadata, TailorFieldType>\n>;\n\ntype PlaceholderUser = TailorDBInstance<Record<string, never>, Record<string, never>>;\ntype PlaceholderAttributeMap = UserAttributeMap<PlaceholderUser>;\ntype PlaceholderAttributeList = UserAttributeListKey<PlaceholderUser>[];\n\ntype UserProfileAuthInput<\n  User extends TailorDBInstance,\n  AttributeMap extends UserAttributeMap<User>,\n  AttributeList extends UserAttributeListKey<User>[],\n  MachineUserNames extends string,\n  ConnectionNames extends string = string,\n> = Omit<\n  AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames, undefined, ConnectionNames>,\n  \"userProfile\" | \"machineUserAttributes\"\n> & {\n  userProfile: NonNullable<\n    AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames, undefined>[\"userProfile\"]\n  >;\n  machineUserAttributes?: never;\n};\n\ntype MachineUserOnlyAuthInput<\n  MachineUserNames extends string,\n  MachineUserAttributes extends MachineUserAttributeFields,\n  ConnectionNames extends string = string,\n> = Omit<\n  AuthServiceInput<\n    PlaceholderUser,\n    PlaceholderAttributeMap,\n    PlaceholderAttributeList,\n    MachineUserNames,\n    MachineUserAttributes,\n    ConnectionNames\n  >,\n  \"userProfile\" | \"machineUserAttributes\"\n> & {\n  userProfile?: never;\n  machineUserAttributes: MachineUserAttributes;\n};\n\nexport type {\n  OIDC,\n  SAML,\n  IDToken,\n  BuiltinIdP,\n  IdProvider as IdProviderConfig,\n  OAuth2ClientInput as OAuth2Client,\n  SCIMAuthorization,\n  SCIMAttribute,\n  SCIMAttributeMapping,\n  SCIMResource,\n  SCIMConfig,\n  TenantProvider as TenantProviderConfig,\n} from \"@/types/auth.generated\";\nexport type {\n  OAuth2ClientGrantType,\n  SCIMAttributeType,\n  BeforeLoginHookArgs,\n  BeforeLoginClaims,\n  FederatedIdentity,\n  FederatedIdentityClaims,\n  FederatedIdentityProvider,\n} from \"@/configure/services/auth/types\";\nexport type {\n  AuthConnectionOAuth2Config,\n  AuthConnectionConfig,\n} from \"@/types/auth-connection.generated\";\nexport type {\n  ValueOperand,\n  UsernameFieldKey,\n  UserAttributeKey,\n  UserAttributeListKey,\n  UserAttributeMap,\n  AuthConnectionTokenResult,\n  AuthServiceInput,\n  AuthConfig,\n  AuthExternalConfig,\n  AuthOwnConfig,\n  DefinedAuth,\n} from \"@/configure/services/auth/types\";\n\n/**\n * Define an auth service for the Tailor SDK.\n * @template Name\n * @template User\n * @template AttributeMap\n * @template AttributeList\n * @template MachineUserNames\n * @param name - Auth service name\n * @param config - Auth service configuration\n * @returns Defined auth service\n */\nexport function defineAuth<\n  const Name extends string,\n  const User extends TailorDBInstance,\n  const AttributeMap extends UserAttributeMap<User>,\n  const AttributeList extends UserAttributeListKey<User>[],\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config: UserProfileAuthInput<\n    User,\n    AttributeMap,\n    AttributeList,\n    MachineUserNames,\n    ConnectionNames\n  >,\n): DefinedAuth<\n  Name,\n  UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames, ConnectionNames>\n>;\nexport function defineAuth<\n  const Name extends string,\n  const MachineUserAttributes extends MachineUserAttributeFields,\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config: MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>,\n): DefinedAuth<\n  Name,\n  MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>\n>;\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineAuth<\n  const Name extends string,\n  const User extends TailorDBInstance,\n  const AttributeMap extends UserAttributeMap<User>,\n  const AttributeList extends UserAttributeListKey<User>[],\n  const MachineUserAttributes extends MachineUserAttributeFields,\n  const MachineUserNames extends string,\n  const ConnectionNames extends string = string,\n>(\n  name: Name,\n  config:\n    | UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames, ConnectionNames>\n    | MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes, ConnectionNames>,\n) {\n  const result = {\n    ...config,\n    name,\n    getConnectionToken<C extends string>(connectionName: C): Promise<AuthConnectionTokenResult> {\n      return tailor.authconnection.getConnectionToken(connectionName);\n    },\n  } as const satisfies (\n    | UserProfileAuthInput<User, AttributeMap, AttributeList, MachineUserNames>\n    | MachineUserOnlyAuthInput<MachineUserNames, MachineUserAttributes>\n  ) & {\n    name: string;\n    getConnectionToken<C extends string>(connectionName: C): Promise<AuthConnectionTokenResult>;\n  };\n\n  return result as typeof result & AuthDefinitionBrand;\n}\n","import type { InferredAttributeMap } from \"@/runtime/types\";\n\n// --- Permission types (UX-focused, for configure layer) ---\n\n/**\n * Record-level permission configuration for a TailorDB type.\n * Defines create, read, update, and delete permissions.\n *\n * Prefer object format with explicit `conditions` and `permit` for readability.\n * Shorthand array format is supported for compatibility, but less readable.\n *\n * For update operations, use `newRecord`/`oldRecord` operands instead of `record`.\n * @example\n * const permission: TailorTypePermission = {\n *   create: [{ conditions: [[{ user: \"_loggedIn\" }, \"=\", true]], permit: true }],\n *   read: [{ conditions: [[{ record: \"isPublic\" }, \"=\", true]], permit: true }],\n *   update: [{ conditions: [[{ newRecord: \"ownerId\" }, \"=\", { user: \"id\" }]], permit: true }],\n *   delete: [{ conditions: [[{ record: \"ownerId\" }, \"=\", { user: \"id\" }]], permit: true }],\n * };\n */\nexport type TailorTypePermission<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = {\n  create: readonly ActionPermission<\"record\", User, Type, false>[];\n  read: readonly ActionPermission<\"record\", User, Type, false>[];\n  update: readonly ActionPermission<\"record\", User, Type, true>[];\n  delete: readonly ActionPermission<\"record\", User, Type, false>[];\n};\n\ntype ActionPermission<\n  Level extends \"record\" | \"gql\" = \"record\" | \"gql\",\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n  Update extends boolean = boolean,\n> =\n  | {\n      conditions:\n        | PermissionCondition<Level, User, Update, Type>\n        | readonly PermissionCondition<Level, User, Update, Type>[];\n      description?: string | undefined;\n      /**\n       * Whether matching records are granted (`true`) or denied (`false`).\n       * Omitting `permit` in this object form defaults to `deny` and emits a\n       * warning; set it explicitly. (The array shorthand defaults to `allow`.)\n       */\n      permit?: boolean;\n    }\n  | readonly [...PermissionCondition<Level, User, Update, Type>, ...([] | [boolean])] // single array condition\n  | readonly [...PermissionCondition<Level, User, Update, Type>[], ...([] | [boolean])]; // multiple array condition\n\nexport type TailorTypeGqlPermission<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = readonly GqlPermissionPolicy<User, Type>[];\n\ntype GqlPermissionPolicy<\n  User extends object = InferredAttributeMap,\n  Type extends object = object,\n> = {\n  conditions: readonly PermissionCondition<\"gql\", User, boolean, Type>[];\n  actions: \"all\" | readonly GqlPermissionAction[];\n  /**\n   * Whether matching requests are granted (`true`) or denied (`false`).\n   * Omitting `permit` defaults to `deny` and emits a warning; set it explicitly.\n   */\n  permit?: boolean;\n  description?: string;\n};\n\ntype GqlPermissionAction = \"read\" | \"create\" | \"update\" | \"delete\" | \"aggregate\" | \"bulkUpsert\";\n\ntype EqualityOperator = \"=\" | \"!=\";\ntype ContainsOperator = \"in\" | \"not in\";\ntype HasAnyOperator = \"hasAny\" | \"not hasAny\";\n\n// Helper types for User field extraction\ntype StringFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string ? K : never;\n}[keyof User];\n\ntype StringArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string[] ? K : never;\n}[keyof User];\n\ntype BooleanFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean ? K : never;\n}[keyof User];\n\ntype BooleanArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean[] ? K : never;\n}[keyof User];\n\ntype UserStringOperand<User extends object = InferredAttributeMap> = {\n  user: StringFieldKeys<User> | \"id\";\n};\n\ntype UserStringArrayOperand<User extends object = InferredAttributeMap> = {\n  user: StringArrayFieldKeys<User>;\n};\n\ntype UserBooleanOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanFieldKeys<User> | \"_loggedIn\";\n};\n\ntype UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanArrayFieldKeys<User>;\n};\n\ntype RecordOperand<Type extends object, Update extends boolean = false> = Update extends true\n  ? { oldRecord: (keyof Type & string) | \"id\" } | { newRecord: (keyof Type & string) | \"id\" }\n  : { record: (keyof Type & string) | \"id\" };\n\ntype StringEqualityCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | (Level extends \"gql\" ? readonly [string, EqualityOperator, boolean] : never)\n  | readonly [string, EqualityOperator, string]\n  | readonly [UserStringOperand<User>, EqualityOperator, string]\n  | readonly [string, EqualityOperator, UserStringOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              EqualityOperator,\n              string | UserStringOperand<User>,\n            ]\n          | readonly [\n              string | UserStringOperand<User>,\n              EqualityOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype BooleanEqualityCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [boolean, EqualityOperator, boolean]\n  | readonly [UserBooleanOperand<User>, EqualityOperator, boolean]\n  | readonly [boolean, EqualityOperator, UserBooleanOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              EqualityOperator,\n              boolean | UserBooleanOperand<User>,\n            ]\n          | readonly [\n              boolean | UserBooleanOperand<User>,\n              EqualityOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype EqualityCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | StringEqualityCondition<Level, User, Update, Type>\n  | BooleanEqualityCondition<Level, User, Update, Type>;\n\ntype StringContainsCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [string, ContainsOperator, string[]]\n  | readonly [UserStringOperand<User>, ContainsOperator, string[]]\n  | readonly [string, ContainsOperator, UserStringArrayOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              ContainsOperator,\n              string[] | UserStringArrayOperand<User>,\n            ]\n          | readonly [\n              string | UserStringOperand<User>,\n              ContainsOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype BooleanContainsCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | (Level extends \"gql\" ? readonly [string, ContainsOperator, boolean[]] : never)\n  | readonly [boolean, ContainsOperator, boolean[]]\n  | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]]\n  | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              ContainsOperator,\n              boolean[] | UserBooleanArrayOperand<User>,\n            ]\n          | readonly [\n              boolean | UserBooleanOperand<User>,\n              ContainsOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\ntype ContainsCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | StringContainsCondition<Level, User, Update, Type>\n  | BooleanContainsCondition<Level, User, Update, Type>;\n\ntype HasAnyCondition<\n  Level extends \"record\" | \"gql\",\n  User extends object,\n  Update extends boolean,\n  Type extends object,\n> =\n  | readonly [\n      string[] | UserStringArrayOperand<User>,\n      HasAnyOperator,\n      string[] | UserStringArrayOperand<User>,\n    ]\n  | (Level extends \"record\"\n      ?\n          | readonly [\n              RecordOperand<Type, Update>,\n              HasAnyOperator,\n              string[] | UserStringArrayOperand<User>,\n            ]\n          | readonly [\n              string[] | UserStringArrayOperand<User>,\n              HasAnyOperator,\n              RecordOperand<Type, Update>,\n            ]\n      : never);\n\n/**\n * Type representing a permission condition that combines user attributes, record fields, and literal values using comparison operators.\n *\n * The User type is extended by `tailor.d.ts`, which is automatically generated when running `tailor-sdk generate`.\n * Attributes enabled in the config file's `auth.userProfile.attributes` (or\n * `auth.machineUserAttributes` when userProfile is omitted) become available as types.\n * @example\n * ```ts\n * // tailor.config.ts\n * export const auth = defineAuth(\"my-auth\", {\n *   userProfile: {\n *     type: user,\n *     attributes: {\n *       isAdmin: true,\n *       roles: true,\n *     }\n *   }\n * });\n * ```\n */\nexport type PermissionCondition<\n  Level extends \"record\" | \"gql\" = \"record\",\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n  Type extends object = object,\n> =\n  | EqualityCondition<Level, User, Update, Type>\n  | ContainsCondition<Level, User, Update, Type>\n  | HasAnyCondition<Level, User, Update, Type>;\n\n// --- Runtime constants ---\n\n/**\n * Grants full record-level access without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllTypePermission: TailorTypePermission = {\n  create: [{ conditions: [], permit: true }],\n  read: [{ conditions: [], permit: true }],\n  update: [{ conditions: [], permit: true }],\n  delete: [{ conditions: [], permit: true }],\n};\n\n/**\n * Grants full GraphQL access (all actions) without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllGqlPermission: TailorTypeGqlPermission = [\n  { conditions: [], actions: \"all\", permit: true },\n];\n","import { t, type TailorAnyField, type TailorField } from \"@/configure/types/type\";\nimport { brandValue } from \"@/utils/brand\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { TailorEnv, TailorPrincipal } from \"@/runtime/types\";\nimport type { InferFieldsOutput, output } from \"@/types/helpers\";\nimport type { ResolverInput } from \"@/types/resolver.generated\";\n\ntype Context<Input extends Record<string, TailorAnyField> | undefined> = {\n  input: Input extends Record<string, TailorAnyField> ? InferFieldsOutput<Input> : never;\n  caller: TailorPrincipal | null;\n  invoker: TailorPrincipal | null;\n  env: TailorEnv;\n};\n\ntype OutputType<O> = O extends TailorAnyField\n  ? output<O>\n  : O extends Record<string, TailorAnyField>\n    ? InferFieldsOutput<O>\n    : never;\n\n/**\n * Normalized output type that preserves generic type information.\n * - If Output is already a TailorField, use it as-is\n * - If Output is a Record of fields, wrap it as a nested TailorField\n */\ntype NormalizedOutput<Output extends TailorAnyField | Record<string, TailorAnyField>> =\n  Output extends TailorAnyField\n    ? Output\n    : TailorField<\n        { type: \"nested\"; array: false },\n        InferFieldsOutput<Extract<Output, Record<string, TailorAnyField>>>\n      >;\n\ntype ResolverReturn<\n  Input extends Record<string, TailorAnyField> | undefined,\n  Output extends TailorAnyField | Record<string, TailorAnyField>,\n> = Omit<ResolverInput, \"input\" | \"output\" | \"body\" | \"invoker\"> &\n  Readonly<{\n    input?: Input;\n    output: NormalizedOutput<Output>;\n    body: (context: Context<Input>) => OutputType<Output> | Promise<OutputType<Output>>;\n    invoker?: MachineUserName;\n  }>;\n\n/**\n * Create a resolver definition for the Tailor SDK.\n *\n * The `body` function receives a context with `input` (typed from `config.input`),\n * `caller`, `invoker` (reflects configured machine-user delegation), and `env`.\n * The return value of `body` must match the `output` type.\n *\n * `output` accepts either a single TailorField (e.g. `t.string()`) or a\n * Record of fields (e.g. `{ name: t.string(), age: t.int() }`).\n *\n * `publishEvents` enables publishing execution events for this resolver.\n * If not specified, this is automatically set to true when an executor uses this resolver\n * with `resolverExecutedTrigger`. If explicitly set to false while an executor uses this\n * resolver, an error will be thrown during apply.\n * @template Input\n * @template Output\n * @param config - Resolver configuration\n * @returns Normalized resolver configuration\n * @example\n * import { createResolver, t } from \"@tailor-platform/sdk\";\n *\n * export default createResolver({\n *   name: \"getUser\",\n *   operation: \"query\",\n *   input: {\n *     id: t.string(),\n *   },\n *   body: async ({ input, caller }) => {\n *     const db = getDB(\"tailordb\");\n *     const result = await db.selectFrom(\"User\").selectAll().where(\"id\", \"=\", input.id).executeTakeFirst();\n *     return { name: result?.name ?? \"\", email: result?.email ?? \"\" };\n *   },\n *   output: t.object({\n *     name: t.string(),\n *     email: t.string(),\n *   }),\n * });\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function createResolver<\n  Input extends Record<string, TailorAnyField> | undefined = undefined,\n  Output extends TailorAnyField | Record<string, TailorAnyField> = TailorAnyField,\n>(\n  config: Omit<ResolverInput, \"input\" | \"output\" | \"body\" | \"invoker\"> &\n    Readonly<{\n      input?: Input;\n      output: Output;\n      body: (context: Context<Input>) => OutputType<Output> | Promise<OutputType<Output>>;\n      invoker?: MachineUserName;\n    }>,\n): ResolverReturn<Input, Output> {\n  // Check if output is already a TailorField using duck typing.\n  // TailorField has `type: string` (e.g., \"uuid\", \"string\"), while\n  // Record<string, TailorField> either lacks `type` or has TailorField as value.\n  const isTailorField = (obj: unknown): obj is TailorAnyField =>\n    typeof obj === \"object\" &&\n    obj !== null &&\n    \"type\" in obj &&\n    typeof (obj as { type: unknown }).type === \"string\";\n\n  const normalizedOutput = isTailorField(config.output) ? config.output : t.object(config.output);\n\n  return brandValue(\n    {\n      ...config,\n      output: normalizedOutput,\n    } as ResolverReturn<Input, Output>,\n    \"resolver\",\n  );\n}\n\n// A loose config alias for userland use-cases\n// oxlint-disable-next-line no-explicit-any\nexport type ResolverConfig = ReturnType<typeof createResolver<any, any>>;\n","import { brandValue } from \"@/utils/brand\";\nimport type { Operation } from \"./operation\";\nimport type { Trigger } from \"./trigger\";\nimport type { Workflow } from \"@/configure/services/workflow/workflow\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { ExecutorInput } from \"@/types/executor.generated\";\n\n/**\n * Extract mainJob's Input type from Workflow.\n */\ntype WorkflowInput<W extends Workflow> = Parameters<W[\"trigger\"]>[0];\n\ntype TriggerArgs<T extends Trigger<unknown>> = T extends { __args: infer Args } ? Args : never;\n\ntype ExecutorBase<T extends Trigger<unknown>> = Omit<ExecutorInput, \"trigger\" | \"operation\"> & {\n  trigger: T;\n};\n\n/**\n * Executor type with conditional inference for workflow operations.\n * When operation.kind is \"workflow\", infers W from the workflow property\n * to ensure args type matches the workflow's mainJob input type.\n */\ntype Executor<T extends Trigger<unknown>, O> = O extends {\n  kind: \"workflow\";\n  workflow: infer W extends Workflow;\n}\n  ? ExecutorBase<T> & {\n      operation: {\n        kind: \"workflow\";\n        workflow: W;\n        args?: WorkflowInput<W> | ((args: TriggerArgs<T>) => WorkflowInput<W>);\n        invoker?: MachineUserName;\n      };\n    }\n  : ExecutorBase<T> & {\n      operation: O;\n    };\n\n/**\n * Create an executor configuration for the Tailor SDK.\n *\n * Executors are event-driven handlers that respond to record changes,\n * resolver executions, or other events.\n *\n * Operation kinds: \"function\", \"graphql\", \"webhook\", \"workflow\".\n * @template T\n * @template O\n * @param config - Executor configuration\n * @returns The same executor configuration\n * @example\n * import { createExecutor, recordCreatedTrigger } from \"@tailor-platform/sdk\";\n * import { order } from \"../tailordb/order\";\n *\n * export default createExecutor({\n *   name: \"order-created\",\n *   description: \"Handles new order creation\",\n *   trigger: recordCreatedTrigger({ type: order }),\n *   operation: {\n *     kind: \"function\",\n *     body: async ({ newRecord }) => {\n *       console.log(\"New order:\", newRecord.id);\n *     },\n *   },\n * });\n */\nexport function createExecutor<\n  T extends Trigger<unknown>,\n  O extends Operation<TriggerArgs<T>> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<T, O>): Executor<T, O>;\n\n/**\n * Create an executor configuration for the Tailor SDK.\n * This overload preserves source compatibility for legacy explicit generic calls,\n * where the first generic argument represents trigger args.\n * @template Args\n * @template O\n * @param config - Executor configuration\n * @returns The same executor configuration\n */\nexport function createExecutor<\n  Args,\n  O extends Operation<Args> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<Trigger<Args>, O>): Executor<Trigger<Args>, O>;\n\n/* @__NO_SIDE_EFFECTS__ */\nexport function createExecutor<\n  T extends Trigger<unknown>,\n  O extends Operation<TriggerArgs<T>> | { kind: \"workflow\"; workflow: Workflow },\n>(config: Executor<T, O>) {\n  return brandValue(config, \"executor\");\n}\n","import type { ResolverConfig } from \"@/configure/services/resolver/resolver\";\nimport type { TailorDBType } from \"@/configure/services/tailordb/schema\";\nimport type { IdpName } from \"@/configure/types/idp-name\";\nimport type { TailorEnv, TailorPrincipal } from \"@/runtime/types\";\nimport type {\n  TailorDBTrigger as ParserTailorDBTrigger,\n  ResolverExecutedTrigger as ParserResolverExecutedTrigger,\n  IdpUserTrigger as ParserIdpUserTrigger,\n  AuthAccessTokenTrigger as ParserAuthAccessTokenTrigger,\n} from \"@/types/executor.generated\";\nimport type { output } from \"@/types/helpers\";\n\ninterface EventArgs {\n  workspaceId: string;\n  appNamespace: string;\n  env: TailorEnv;\n  actor: TailorPrincipal | null;\n}\n\ninterface RecordArgs extends EventArgs {\n  typeName: string;\n}\n\nexport interface RecordCreatedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"created\";\n  rawEvent: \"tailordb.type_record.created\";\n  newRecord: output<T>;\n}\n\nexport interface RecordUpdatedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"updated\";\n  rawEvent: \"tailordb.type_record.updated\";\n  newRecord: output<T>;\n  oldRecord: output<T>;\n}\n\nexport interface RecordDeletedArgs<T extends TailorDBType> extends RecordArgs {\n  event: \"deleted\";\n  rawEvent: \"tailordb.type_record.deleted\";\n  oldRecord: output<T>;\n}\n\n/**\n * Args for resolverExecutedTrigger. This is a discriminated union on `success`.\n *\n * When `success` is true, `result` contains the resolver output and `error` is never.\n * When `success` is false, `error` contains the error message and `result` is never.\n *\n * Narrow on `success` to safely access either `result` or `error`.\n * @example\n * body: async (args) => {\n *   if (args.success) {\n *     console.log(args.result);\n *   } else {\n *     console.error(args.error);\n *   }\n * }\n */\nexport type ResolverExecutedArgs<R extends ResolverConfig> = EventArgs & {\n  resolverName: string;\n} & (\n    | {\n        success: true;\n        result: output<R[\"output\"]>;\n        error?: never;\n      }\n    | {\n        success: false;\n        result?: never;\n        error: string;\n      }\n  );\n\n// IdP User Event Args\nexport interface IdpUserCreatedArgs extends EventArgs {\n  event: \"created\";\n  rawEvent: \"idp.user.created\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface IdpUserUpdatedArgs extends EventArgs {\n  event: \"updated\";\n  rawEvent: \"idp.user.updated\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface IdpUserDeletedArgs extends EventArgs {\n  event: \"deleted\";\n  rawEvent: \"idp.user.deleted\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport type IdpUserArgs = IdpUserCreatedArgs | IdpUserUpdatedArgs | IdpUserDeletedArgs;\n\n// Auth Access Token Event Args\nexport interface AuthAccessTokenIssuedArgs extends EventArgs {\n  event: \"issued\";\n  rawEvent: \"auth.access_token.issued\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface AuthAccessTokenRefreshedArgs extends EventArgs {\n  event: \"refreshed\";\n  rawEvent: \"auth.access_token.refreshed\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport interface AuthAccessTokenRevokedArgs extends EventArgs {\n  event: \"revoked\";\n  rawEvent: \"auth.access_token.revoked\";\n  namespaceName: string;\n  userId: string;\n}\n\nexport type AuthAccessTokenArgs =\n  | AuthAccessTokenIssuedArgs\n  | AuthAccessTokenRefreshedArgs\n  | AuthAccessTokenRevokedArgs;\n\n// ---------------------------------------------------------------------------\n// TailorDB trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst recordEventMap = {\n  created: \"tailordb.type_record.created\",\n  updated: \"tailordb.type_record.updated\",\n  deleted: \"tailordb.type_record.deleted\",\n} as const;\ntype RecordEventMap = typeof recordEventMap;\ntype RecordEventKind = keyof RecordEventMap;\n\ntype RecordArgsMap<T extends TailorDBType> = {\n  created: RecordCreatedArgs<T>;\n  updated: RecordUpdatedArgs<T>;\n  deleted: RecordDeletedArgs<T>;\n};\n\ntype RecordMultiArgs<\n  T extends TailorDBType,\n  K extends RecordEventKind[],\n> = RecordArgsMap<T>[K[number]];\n\nexport type TailorDBTrigger<Args> = ParserTailorDBTrigger & {\n  __args: Args;\n};\n\ntype RecordTriggerOptions<T extends TailorDBType, Args> = {\n  type: T;\n  condition?: (args: Args) => boolean;\n};\n\n/**\n * Create a trigger that fires when a TailorDB record is created.\n * @template T\n * @param options - Trigger options\n * @returns Record created trigger\n */\nexport function recordCreatedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordCreatedArgs<T>>,\n): TailorDBTrigger<RecordCreatedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.created\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordCreatedArgs<T>,\n  };\n}\n\n/**\n * Create a trigger that fires when a TailorDB record is updated.\n * @template T\n * @param options - Trigger options\n * @returns Record updated trigger\n */\nexport function recordUpdatedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordUpdatedArgs<T>>,\n): TailorDBTrigger<RecordUpdatedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.updated\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordUpdatedArgs<T>,\n  };\n}\n\n/**\n * Create a trigger that fires when a TailorDB record is deleted.\n * @template T\n * @param options - Trigger options\n * @returns Record deleted trigger\n */\nexport function recordDeletedTrigger<T extends TailorDBType>(\n  options: RecordTriggerOptions<T, RecordDeletedArgs<T>>,\n): TailorDBTrigger<RecordDeletedArgs<T>> {\n  const { type, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: [\"tailordb.type_record.deleted\"],\n    typeName: type.name,\n    condition,\n    __args: {} as RecordDeletedArgs<T>,\n  };\n}\n\ntype RecordTriggerMultiOptions<T extends TailorDBType, K extends RecordEventKind[]> = {\n  type: T;\n  events: K;\n  condition?: (args: RecordMultiArgs<T, K>) => boolean;\n};\n\n/**\n * Create a trigger that fires on multiple TailorDB record event types.\n * @template T\n * @template K\n * @param options - Trigger options with events array\n * @returns TailorDB record trigger\n */\nexport function recordTrigger<\n  T extends TailorDBType,\n  const K extends [RecordEventKind, ...RecordEventKind[]],\n>(options: RecordTriggerMultiOptions<T, K>): TailorDBTrigger<RecordMultiArgs<T, K>> {\n  const { type, events, condition } = options;\n  return {\n    kind: \"tailordb\",\n    events: events.map((k) => recordEventMap[k]),\n    typeName: type.name,\n    condition,\n    __args: {} as RecordMultiArgs<T, K>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Resolver trigger\n// ---------------------------------------------------------------------------\n\nexport type ResolverExecutedTrigger<Args> = ParserResolverExecutedTrigger & {\n  __args: Args;\n};\n\ntype ResolverExecutedTriggerOptions<R extends ResolverConfig> = {\n  resolver: R;\n  condition?: (args: ResolverExecutedArgs<R>) => boolean;\n};\n\n/**\n * Create a trigger that fires when a resolver is executed.\n * @template R\n * @param options - Trigger options\n * @returns Resolver executed trigger\n */\nexport function resolverExecutedTrigger<R extends ResolverConfig>(\n  options: ResolverExecutedTriggerOptions<R>,\n): ResolverExecutedTrigger<ResolverExecutedArgs<R>> {\n  const { resolver, condition } = options;\n  return {\n    kind: \"resolverExecuted\",\n    resolverName: resolver.name,\n    condition,\n    __args: {} as ResolverExecutedArgs<R>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// IdP User trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst idpUserEventMap = {\n  created: \"idp.user.created\",\n  updated: \"idp.user.updated\",\n  deleted: \"idp.user.deleted\",\n} as const;\ntype IdpUserEventMap = typeof idpUserEventMap;\ntype IdpUserEventKind = keyof IdpUserEventMap;\n\ntype IdpUserArgsMap = {\n  created: IdpUserCreatedArgs;\n  updated: IdpUserUpdatedArgs;\n  deleted: IdpUserDeletedArgs;\n};\n\ntype IdpUserMultiArgs<K extends IdpUserEventKind[]> = IdpUserArgsMap[K[number]];\n\nexport type IdpUserTrigger<Args> = ParserIdpUserTrigger & {\n  __args: Args;\n};\n\ntype IdpUserSingleTriggerOptions = {\n  /**\n   * IdP namespace name to subscribe to. Required when the project defines\n   * multiple IdPs; optional when a single IdP exists. Must match an IdP name\n   * declared in `defineConfig({ idp: [...] })`.\n   */\n  idp?: IdpName;\n};\n\n/**\n * Create a trigger that fires when an IdP user is created.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user created trigger\n */\nexport function idpUserCreatedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserCreatedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.created\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserCreatedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an IdP user is updated.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user updated trigger\n */\nexport function idpUserUpdatedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserUpdatedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.updated\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserUpdatedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an IdP user is deleted.\n * @param options - Trigger options\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user deleted trigger\n */\nexport function idpUserDeletedTrigger(\n  options?: IdpUserSingleTriggerOptions,\n): IdpUserTrigger<IdpUserDeletedArgs> {\n  return {\n    kind: \"idpUser\",\n    events: [\"idp.user.deleted\"],\n    ...(options?.idp != null ? { idp: options.idp } : {}),\n    __args: {} as IdpUserDeletedArgs,\n  };\n}\n\ntype IdpUserTriggerOptions<K extends IdpUserEventKind[]> = {\n  events: K;\n  /**\n   * IdP namespace name to subscribe to. Required when the project defines\n   * multiple IdPs; optional when a single IdP exists. Must match an IdP name\n   * declared in `defineConfig({ idp: [...] })`.\n   */\n  idp?: IdpName;\n};\n\n/**\n * Create a trigger that fires on multiple IdP user event types.\n * @template K\n * @param options - Trigger options with events array\n * @param options.events - IdP user event kinds to subscribe to\n * @param options.idp - IdP namespace name to subscribe to\n * @returns IdP user trigger\n */\nexport function idpUserTrigger<const K extends [IdpUserEventKind, ...IdpUserEventKind[]]>(\n  options: IdpUserTriggerOptions<K>,\n): IdpUserTrigger<IdpUserMultiArgs<K>> {\n  const { events, idp } = options;\n  return {\n    kind: \"idpUser\",\n    events: events.map((k) => idpUserEventMap[k]),\n    ...(idp != null ? { idp } : {}),\n    __args: {} as IdpUserMultiArgs<K>,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Auth Access Token trigger types and factories\n// ---------------------------------------------------------------------------\n\nconst authAccessTokenEventMap = {\n  issued: \"auth.access_token.issued\",\n  refreshed: \"auth.access_token.refreshed\",\n  revoked: \"auth.access_token.revoked\",\n} as const;\ntype AuthAccessTokenEventMap = typeof authAccessTokenEventMap;\ntype AuthAccessTokenEventKind = keyof AuthAccessTokenEventMap;\n\ntype AuthAccessTokenArgsMap = {\n  issued: AuthAccessTokenIssuedArgs;\n  refreshed: AuthAccessTokenRefreshedArgs;\n  revoked: AuthAccessTokenRevokedArgs;\n};\n\ntype AuthAccessTokenMultiArgs<K extends AuthAccessTokenEventKind[]> =\n  AuthAccessTokenArgsMap[K[number]];\n\nexport type AuthAccessTokenTrigger<Args> = ParserAuthAccessTokenTrigger & {\n  __args: Args;\n};\n\n/**\n * Create a trigger that fires when an access token is issued.\n * @returns Auth access token issued trigger\n */\nexport function authAccessTokenIssuedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenIssuedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.issued\"],\n    __args: {} as AuthAccessTokenIssuedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an access token is refreshed.\n * @returns Auth access token refreshed trigger\n */\nexport function authAccessTokenRefreshedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenRefreshedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.refreshed\"],\n    __args: {} as AuthAccessTokenRefreshedArgs,\n  };\n}\n\n/**\n * Create a trigger that fires when an access token is revoked.\n * @returns Auth access token revoked trigger\n */\nexport function authAccessTokenRevokedTrigger(): AuthAccessTokenTrigger<AuthAccessTokenRevokedArgs> {\n  return {\n    kind: \"authAccessToken\",\n    events: [\"auth.access_token.revoked\"],\n    __args: {} as AuthAccessTokenRevokedArgs,\n  };\n}\n\ntype AuthAccessTokenTriggerOptions<K extends AuthAccessTokenEventKind[]> = {\n  events: K;\n};\n\n/**\n * Create a trigger that fires on multiple auth access token event types.\n * @template K\n * @param options - Trigger options with events array\n * @returns Auth access token trigger\n */\nexport function authAccessTokenTrigger<\n  const K extends [AuthAccessTokenEventKind, ...AuthAccessTokenEventKind[]],\n>(options: AuthAccessTokenTriggerOptions<K>): AuthAccessTokenTrigger<AuthAccessTokenMultiArgs<K>> {\n  const { events } = options;\n  return {\n    kind: \"authAccessToken\",\n    events: events.map((k) => authAccessTokenEventMap[k]),\n    __args: {} as AuthAccessTokenMultiArgs<K>,\n  };\n}\n","import type { TailorEnv } from \"@/runtime/types\";\nimport type { ScheduleTriggerInput as ParserScheduleTriggerInput } from \"@/types/executor.generated\";\nimport type { StandardCRON } from \"ts-cron-validator\";\n\ntype Timezone =\n  | \"UTC\"\n  | \"Pacific/Midway\"\n  | \"Pacific/Niue\"\n  | \"Pacific/Pago_Pago\"\n  | \"America/Adak\"\n  | \"Pacific/Honolulu\"\n  | \"Pacific/Rarotonga\"\n  | \"Pacific/Tahiti\"\n  | \"Pacific/Marquesas\"\n  | \"America/Anchorage\"\n  | \"America/Juneau\"\n  | \"America/Metlakatla\"\n  | \"America/Nome\"\n  | \"America/Sitka\"\n  | \"America/Yakutat\"\n  | \"Pacific/Gambier\"\n  | \"America/Los_Angeles\"\n  | \"America/Tijuana\"\n  | \"America/Vancouver\"\n  | \"Pacific/Pitcairn\"\n  | \"America/Boise\"\n  | \"America/Cambridge_Bay\"\n  | \"America/Chihuahua\"\n  | \"America/Creston\"\n  | \"America/Dawson\"\n  | \"America/Dawson_Creek\"\n  | \"America/Denver\"\n  | \"America/Edmonton\"\n  | \"America/Fort_Nelson\"\n  | \"America/Hermosillo\"\n  | \"America/Inuvik\"\n  | \"America/Mazatlan\"\n  | \"America/Ojinaga\"\n  | \"America/Phoenix\"\n  | \"America/Whitehorse\"\n  | \"America/Yellowknife\"\n  | \"America/Bahia_Banderas\"\n  | \"America/Belize\"\n  | \"America/Chicago\"\n  | \"America/Costa_Rica\"\n  | \"America/El_Salvador\"\n  | \"America/Guatemala\"\n  | \"America/Indiana/Knox\"\n  | \"America/Indiana/Tell_City\"\n  | \"America/Managua\"\n  | \"America/Matamoros\"\n  | \"America/Menominee\"\n  | \"America/Merida\"\n  | \"America/Mexico_City\"\n  | \"America/Monterrey\"\n  | \"America/North_Dakota/Beulah\"\n  | \"America/North_Dakota/Center\"\n  | \"America/North_Dakota/New_Salem\"\n  | \"America/Rainy_River\"\n  | \"America/Rankin_Inlet\"\n  | \"America/Regina\"\n  | \"America/Resolute\"\n  | \"America/Swift_Current\"\n  | \"America/Tegucigalpa\"\n  | \"America/Winnipeg\"\n  | \"Pacific/Easter\"\n  | \"Pacific/Galapagos\"\n  | \"America/Atikokan\"\n  | \"America/Bogota\"\n  | \"America/Cancun\"\n  | \"America/Cayman\"\n  | \"America/Detroit\"\n  | \"America/Eirunepe\"\n  | \"America/Grand_Turk\"\n  | \"America/Guayaquil\"\n  | \"America/Havana\"\n  | \"America/Indiana/Indianapolis\"\n  | \"America/Indiana/Marengo\"\n  | \"America/Indiana/Petersburg\"\n  | \"America/Indiana/Vevay\"\n  | \"America/Indiana/Vincennes\"\n  | \"America/Indiana/Winamac\"\n  | \"America/Iqaluit\"\n  | \"America/Jamaica\"\n  | \"America/Kentucky/Louisville\"\n  | \"America/Kentucky/Monticello\"\n  | \"America/Lima\"\n  | \"America/Nassau\"\n  | \"America/New_York\"\n  | \"America/Nipigon\"\n  | \"America/Panama\"\n  | \"America/Pangnirtung\"\n  | \"America/Port-au-Prince\"\n  | \"America/Rio_Branco\"\n  | \"America/Thunder_Bay\"\n  | \"America/Toronto\"\n  | \"America/Anguilla\"\n  | \"America/Antigua\"\n  | \"America/Aruba\"\n  | \"America/Asuncion\"\n  | \"America/Barbados\"\n  | \"America/Blanc-Sablon\"\n  | \"America/Boa_Vista\"\n  | \"America/Campo_Grande\"\n  | \"America/Caracas\"\n  | \"America/Cuiaba\"\n  | \"America/Curacao\"\n  | \"America/Dominica\"\n  | \"America/Glace_Bay\"\n  | \"America/Goose_Bay\"\n  | \"America/Grenada\"\n  | \"America/Guadeloupe\"\n  | \"America/Guyana\"\n  | \"America/Halifax\"\n  | \"America/Kralendijk\"\n  | \"America/La_Paz\"\n  | \"America/Lower_Princes\"\n  | \"America/Manaus\"\n  | \"America/Marigot\"\n  | \"America/Martinique\"\n  | \"America/Moncton\"\n  | \"America/Montserrat\"\n  | \"America/Porto_Velho\"\n  | \"America/Port_of_Spain\"\n  | \"America/Puerto_Rico\"\n  | \"America/Santiago\"\n  | \"America/Santo_Domingo\"\n  | \"America/St_Barthelemy\"\n  | \"America/St_Kitts\"\n  | \"America/St_Lucia\"\n  | \"America/St_Thomas\"\n  | \"America/St_Vincent\"\n  | \"America/Thule\"\n  | \"America/Tortola\"\n  | \"Atlantic/Bermuda\"\n  | \"America/St_Johns\"\n  | \"America/Araguaina\"\n  | \"America/Argentina/Buenos_Aires\"\n  | \"America/Argentina/Catamarca\"\n  | \"America/Argentina/Cordoba\"\n  | \"America/Argentina/Jujuy\"\n  | \"America/Argentina/La_Rioja\"\n  | \"America/Argentina/Mendoza\"\n  | \"America/Argentina/Rio_Gallegos\"\n  | \"America/Argentina/Salta\"\n  | \"America/Argentina/San_Juan\"\n  | \"America/Argentina/San_Luis\"\n  | \"America/Argentina/Tucuman\"\n  | \"America/Argentina/Ushuaia\"\n  | \"America/Bahia\"\n  | \"America/Belem\"\n  | \"America/Cayenne\"\n  | \"America/Fortaleza\"\n  | \"America/Godthab\"\n  | \"America/Maceio\"\n  | \"America/Miquelon\"\n  | \"America/Montevideo\"\n  | \"America/Paramaribo\"\n  | \"America/Punta_Arenas\"\n  | \"America/Recife\"\n  | \"America/Santarem\"\n  | \"America/Sao_Paulo\"\n  | \"Antarctica/Palmer\"\n  | \"Antarctica/Rothera\"\n  | \"Atlantic/Stanley\"\n  | \"America/Noronha\"\n  | \"Atlantic/South_Georgia\"\n  | \"America/Scoresbysund\"\n  | \"Atlantic/Azores\"\n  | \"Atlantic/Cape_Verde\"\n  | \"Africa/Abidjan\"\n  | \"Africa/Accra\"\n  | \"Africa/Bamako\"\n  | \"Africa/Banjul\"\n  | \"Africa/Bissau\"\n  | \"Africa/Casablanca\"\n  | \"Africa/Conakry\"\n  | \"Africa/Dakar\"\n  | \"Africa/El_Aaiun\"\n  | \"Africa/Freetown\"\n  | \"Africa/Lome\"\n  | \"Africa/Monrovia\"\n  | \"Africa/Nouakchott\"\n  | \"Africa/Ouagadougou\"\n  | \"Africa/Sao_Tome\"\n  | \"America/Danmarkshavn\"\n  | \"Antarctica/Troll\"\n  | \"Atlantic/Canary\"\n  | \"Atlantic/Faroe\"\n  | \"Atlantic/Madeira\"\n  | \"Atlantic/Reykjavik\"\n  | \"Atlantic/St_Helena\"\n  | \"Europe/Dublin\"\n  | \"Europe/Guernsey\"\n  | \"Europe/Isle_of_Man\"\n  | \"Europe/Jersey\"\n  | \"Europe/Lisbon\"\n  | \"Europe/London\"\n  | \"Africa/Algiers\"\n  | \"Africa/Bangui\"\n  | \"Africa/Brazzaville\"\n  | \"Africa/Ceuta\"\n  | \"Africa/Douala\"\n  | \"Africa/Kinshasa\"\n  | \"Africa/Lagos\"\n  | \"Africa/Libreville\"\n  | \"Africa/Luanda\"\n  | \"Africa/Malabo\"\n  | \"Africa/Ndjamena\"\n  | \"Africa/Niamey\"\n  | \"Africa/Porto-Novo\"\n  | \"Africa/Tunis\"\n  | \"Africa/Windhoek\"\n  | \"Arctic/Longyearbyen\"\n  | \"Europe/Amsterdam\"\n  | \"Europe/Andorra\"\n  | \"Europe/Belgrade\"\n  | \"Europe/Berlin\"\n  | \"Europe/Bratislava\"\n  | \"Europe/Brussels\"\n  | \"Europe/Budapest\"\n  | \"Europe/Copenhagen\"\n  | \"Europe/Gibraltar\"\n  | \"Europe/Ljubljana\"\n  | \"Europe/Luxembourg\"\n  | \"Europe/Madrid\"\n  | \"Europe/Malta\"\n  | \"Europe/Monaco\"\n  | \"Europe/Oslo\"\n  | \"Europe/Paris\"\n  | \"Europe/Podgorica\"\n  | \"Europe/Prague\"\n  | \"Europe/Rome\"\n  | \"Europe/San_Marino\"\n  | \"Europe/Sarajevo\"\n  | \"Europe/Skopje\"\n  | \"Europe/Stockholm\"\n  | \"Europe/Tirane\"\n  | \"Europe/Vaduz\"\n  | \"Europe/Vatican\"\n  | \"Europe/Vienna\"\n  | \"Europe/Warsaw\"\n  | \"Europe/Zagreb\"\n  | \"Europe/Zurich\"\n  | \"Africa/Blantyre\"\n  | \"Africa/Bujumbura\"\n  | \"Africa/Cairo\"\n  | \"Africa/Gaborone\"\n  | \"Africa/Harare\"\n  | \"Africa/Johannesburg\"\n  | \"Africa/Juba\"\n  | \"Africa/Khartoum\"\n  | \"Africa/Kigali\"\n  | \"Africa/Lubumbashi\"\n  | \"Africa/Lusaka\"\n  | \"Africa/Maputo\"\n  | \"Africa/Maseru\"\n  | \"Africa/Mbabane\"\n  | \"Africa/Tripoli\"\n  | \"Asia/Amman\"\n  | \"Asia/Beirut\"\n  | \"Asia/Damascus\"\n  | \"Asia/Famagusta\"\n  | \"Asia/Gaza\"\n  | \"Asia/Hebron\"\n  | \"Asia/Jerusalem\"\n  | \"Asia/Nicosia\"\n  | \"Europe/Athens\"\n  | \"Europe/Bucharest\"\n  | \"Europe/Chisinau\"\n  | \"Europe/Helsinki\"\n  | \"Europe/Kaliningrad\"\n  | \"Europe/Kyiv\"\n  | \"Europe/Mariehamn\"\n  | \"Europe/Riga\"\n  | \"Europe/Sofia\"\n  | \"Europe/Tallinn\"\n  | \"Europe/Uzhgorod\"\n  | \"Europe/Vilnius\"\n  | \"Europe/Zaporizhzhia\"\n  | \"Africa/Addis_Ababa\"\n  | \"Africa/Asmara\"\n  | \"Africa/Dar_es_Salaam\"\n  | \"Africa/Djibouti\"\n  | \"Africa/Kampala\"\n  | \"Africa/Mogadishu\"\n  | \"Africa/Nairobi\"\n  | \"Antarctica/Syowa\"\n  | \"Asia/Aden\"\n  | \"Asia/Baghdad\"\n  | \"Asia/Bahrain\"\n  | \"Asia/Kuwait\"\n  | \"Asia/Qatar\"\n  | \"Asia/Riyadh\"\n  | \"Europe/Istanbul\"\n  | \"Europe/Kirov\"\n  | \"Europe/Minsk\"\n  | \"Europe/Moscow\"\n  | \"Europe/Simferopol\"\n  | \"Europe/Volgograd\"\n  | \"Indian/Antananarivo\"\n  | \"Indian/Comoro\"\n  | \"Indian/Mayotte\"\n  | \"Asia/Tehran\"\n  | \"Asia/Baku\"\n  | \"Asia/Dubai\"\n  | \"Asia/Muscat\"\n  | \"Asia/Tbilisi\"\n  | \"Asia/Yerevan\"\n  | \"Europe/Astrakhan\"\n  | \"Europe/Samara\"\n  | \"Europe/Saratov\"\n  | \"Europe/Ulyanovsk\"\n  | \"Indian/Mahe\"\n  | \"Indian/Mauritius\"\n  | \"Indian/Reunion\"\n  | \"Asia/Kabul\"\n  | \"Antarctica/Mawson\"\n  | \"Asia/Aqtau\"\n  | \"Asia/Aqtobe\"\n  | \"Asia/Ashgabat\"\n  | \"Asia/Atyrau\"\n  | \"Asia/Dushanbe\"\n  | \"Asia/Karachi\"\n  | \"Asia/Oral\"\n  | \"Asia/Qyzylorda\"\n  | \"Asia/Samarkand\"\n  | \"Asia/Tashkent\"\n  | \"Asia/Yekaterinburg\"\n  | \"Indian/Kerguelen\"\n  | \"Indian/Maldives\"\n  | \"Asia/Colombo\"\n  | \"Asia/Kolkata\"\n  | \"Asia/Kathmandu\"\n  | \"Antarctica/Vostok\"\n  | \"Asia/Almaty\"\n  | \"Asia/Bishkek\"\n  | \"Asia/Dhaka\"\n  | \"Asia/Omsk\"\n  | \"Asia/Qostanay\"\n  | \"Asia/Thimphu\"\n  | \"Asia/Urumqi\"\n  | \"Indian/Chagos\"\n  | \"Asia/Yangon\"\n  | \"Indian/Cocos\"\n  | \"Antarctica/Davis\"\n  | \"Asia/Bangkok\"\n  | \"Asia/Barnaul\"\n  | \"Asia/Hovd\"\n  | \"Asia/Ho_Chi_Minh\"\n  | \"Asia/Jakarta\"\n  | \"Asia/Krasnoyarsk\"\n  | \"Asia/Novokuznetsk\"\n  | \"Asia/Novosibirsk\"\n  | \"Asia/Phnom_Penh\"\n  | \"Asia/Pontianak\"\n  | \"Asia/Tomsk\"\n  | \"Asia/Vientiane\"\n  | \"Indian/Christmas\"\n  | \"Asia/Brunei\"\n  | \"Asia/Choibalsan\"\n  | \"Asia/Hong_Kong\"\n  | \"Asia/Irkutsk\"\n  | \"Asia/Kuala_Lumpur\"\n  | \"Asia/Kuching\"\n  | \"Asia/Macau\"\n  | \"Asia/Makassar\"\n  | \"Asia/Manila\"\n  | \"Asia/Shanghai\"\n  | \"Asia/Singapore\"\n  | \"Asia/Taipei\"\n  | \"Asia/Ulaanbaatar\"\n  | \"Australia/Perth\"\n  | \"Australia/Eucla\"\n  | \"Asia/Chita\"\n  | \"Asia/Dili\"\n  | \"Asia/Jayapura\"\n  | \"Asia/Khandyga\"\n  | \"Asia/Pyongyang\"\n  | \"Asia/Seoul\"\n  | \"Asia/Tokyo\"\n  | \"Asia/Yakutsk\"\n  | \"Pacific/Palau\"\n  | \"Australia/Adelaide\"\n  | \"Australia/Broken_Hill\"\n  | \"Australia/Darwin\"\n  | \"Antarctica/DumontDUrville\"\n  | \"Antarctica/Macquarie\"\n  | \"Asia/Ust-Nera\"\n  | \"Asia/Vladivostok\"\n  | \"Australia/Brisbane\"\n  | \"Australia/Currie\"\n  | \"Australia/Hobart\"\n  | \"Australia/Lindeman\"\n  | \"Australia/Melbourne\"\n  | \"Australia/Sydney\"\n  | \"Pacific/Chuuk\"\n  | \"Pacific/Guam\"\n  | \"Pacific/Port_Moresby\"\n  | \"Pacific/Saipan\"\n  | \"Australia/Lord_Howe\"\n  | \"Antarctica/Casey\"\n  | \"Asia/Magadan\"\n  | \"Asia/Sakhalin\"\n  | \"Asia/Srednekolymsk\"\n  | \"Pacific/Bougainville\"\n  | \"Pacific/Efate\"\n  | \"Pacific/Guadalcanal\"\n  | \"Pacific/Kosrae\"\n  | \"Pacific/Norfolk\"\n  | \"Pacific/Noumea\"\n  | \"Pacific/Pohnpei\"\n  | \"Antarctica/McMurdo\"\n  | \"Asia/Anadyr\"\n  | \"Asia/Kamchatka\"\n  | \"Pacific/Auckland\"\n  | \"Pacific/Fiji\"\n  | \"Pacific/Funafuti\"\n  | \"Pacific/Kwajalein\"\n  | \"Pacific/Majuro\"\n  | \"Pacific/Nauru\"\n  | \"Pacific/Tarawa\"\n  | \"Pacific/Wake\"\n  | \"Pacific/Wallis\"\n  | \"Pacific/Chatham\"\n  | \"Pacific/Apia\"\n  | \"Pacific/Enderbury\"\n  | \"Pacific/Fakaofo\"\n  | \"Pacific/Tongatapu\"\n  | \"Pacific/Kiritimati\";\n\nexport type ScheduleTrigger<Args> = ParserScheduleTriggerInput & {\n  __args: Args;\n};\n\nexport interface ScheduleArgs {\n  env: TailorEnv;\n}\n\ninterface ScheduleTriggerOptions<T extends string> {\n  cron: StandardCRON<T> extends never ? never : T;\n  timezone?: Timezone;\n}\n\n/**\n * Create a schedule-based trigger using a CRON expression and optional timezone.\n * @template T\n * @param options - Schedule options\n * @returns Schedule trigger\n */\nexport function scheduleTrigger<T extends string>(\n  options: ScheduleTriggerOptions<T>,\n): ScheduleTrigger<ScheduleArgs> {\n  const { cron, timezone } = options;\n  return {\n    kind: \"schedule\",\n    cron,\n    timezone,\n    __args: {} as ScheduleArgs,\n  };\n}\n","import type { TailorEnv } from \"@/runtime/types\";\nimport type { IncomingWebhookTrigger as ParserIncomingWebhookTrigger } from \"@/types/executor.generated\";\nimport type { JsonValue } from \"@/types/helpers\";\n\nexport interface IncomingWebhookArgs<T extends IncomingWebhookRequest> {\n  body: T[\"body\"];\n  headers: T[\"headers\"];\n  method: \"POST\" | \"GET\" | \"PUT\" | \"DELETE\";\n  rawBody: string;\n  env: TailorEnv;\n}\n\nexport interface IncomingWebhookRequest {\n  body: Record<string, unknown>;\n  headers: Record<string, string>;\n}\n\nexport interface IncomingWebhookResponseConfig<Args> {\n  /**\n   * Expression that returns the webhook HTTP response body.\n   * Receives the same args as the executor operation.\n   */\n  body?: (args: Args) => JsonValue;\n  /**\n   * HTTP status code for the response.\n   * If omitted and `body` is set, the platform uses 200.\n   */\n  statusCode?: number;\n}\n\nexport type IncomingWebhookResponse<Args> =\n  | ((args: Args) => JsonValue)\n  | IncomingWebhookResponseConfig<Args>;\n\nexport interface IncomingWebhookTriggerOptions<Args> {\n  response?: IncomingWebhookResponse<Args>;\n}\n\nexport type IncomingWebhookTrigger<Args> = ParserIncomingWebhookTrigger & {\n  __args: Args;\n};\n\n/**\n * Create a trigger for incoming webhook requests.\n * @template T\n * @param options - Optional trigger options including response configuration\n * @returns Incoming webhook trigger\n */\nexport function incomingWebhookTrigger<T extends IncomingWebhookRequest>(\n  options?: IncomingWebhookTriggerOptions<IncomingWebhookArgs<T>>,\n): IncomingWebhookTrigger<IncomingWebhookArgs<T>> {\n  const response =\n    typeof options?.response === \"function\" ? { body: options.response } : options?.response;\n  return {\n    kind: \"incomingWebhook\",\n    ...(response ? { response } : {}),\n    __args: {} as IncomingWebhookArgs<T>,\n  };\n}\n","import { brandValue } from \"@/utils/brand\";\nimport { dispatchTriggerJob, registerJob, type RegisteredJobBody } from \"./registry\";\nimport { withWorkflowTestInvoker } from \"./test-env-key\";\nimport type { TailorEnv, TailorPrincipal } from \"@/runtime/types\";\nimport type { JsonCompatible } from \"@/types/helpers\";\n\n/**\n * Context object passed as the second argument to workflow job body functions.\n */\nexport type WorkflowJobContext = {\n  env: TailorEnv;\n  invoker: TailorPrincipal | null;\n};\n\n/**\n * The body function type for a workflow job.\n * Resolves to the callable signature when `I` / `O` are JsonValue-compatible,\n * or to a template-literal error string that surfaces at the `body:` property.\n */\ntype JobBody<I, O> = [null] extends [I]\n  ? \"ERROR: Input cannot be null at the top level\"\n  : [I] extends [undefined]\n    ? [O] extends [JsonCompatible<O> | undefined | void]\n      ? (input: I, context: WorkflowJobContext) => O | Promise<O>\n      : \"ERROR: Output must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n    : [undefined] extends [I]\n      ? \"ERROR: Input cannot include undefined at the top level\"\n      : [I] extends [JsonCompatible<I>]\n        ? [O] extends [JsonCompatible<O> | undefined | void]\n          ? (input: I, context: WorkflowJobContext) => O | Promise<O>\n          : \"ERROR: Output must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n        : \"ERROR: Input must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\";\n\n/**\n * WorkflowJob represents a job that can be triggered in a workflow.\n *\n * Type constraints:\n * - Input: Must be JsonValue-compatible (plain objects/arrays; no class instances or functions) or undefined.\n * - Output: Must be JsonValue-compatible (plain objects/arrays; no class instances or functions), undefined, or void.\n * - Trigger returns `Awaited<Output>` as-is (no Promise or Jsonify transformation).\n */\nexport interface WorkflowJob<Name extends string = string, Input = undefined, Output = undefined> {\n  name: Name;\n  /**\n   * Trigger this job with the given input and return the job's output value.\n   * @example\n   * body: async (input) => {\n   *   const a = jobA.trigger({ id: input.id });\n   *   const b = jobB.trigger({ id: input.id });\n   *   return { a, b };\n   * }\n   */\n  trigger: [Input] extends [undefined] ? () => Awaited<Output> : (input: Input) => Awaited<Output>;\n  body: (input: Input, context: WorkflowJobContext) => Output | Promise<Output>;\n}\n\ninterface CreateWorkflowJobConfig<Name extends string, I, O> {\n  readonly name: Name;\n  readonly body: JobBody<I, O>;\n}\n\n/**\n * Create a workflow job definition.\n *\n * All jobs must be named exports from the workflow file.\n * Job names must be unique across the entire project.\n *\n * Input and output must be JsonValue-compatible (primitives, plain objects, arrays).\n * Functions and objects with a `toJSON` method are rejected at the type level;\n * class instances exposing methods are rejected via the property walk.\n * @param config - Job configuration with name and body function.\n * @param config.name - Unique job name across the project.\n * @param config.body - Function that processes the job input.\n * @returns A WorkflowJob that can be triggered from other jobs.\n * @example\n * // Simple job with async body:\n * export const fetchData = createWorkflowJob({\n *   name: \"fetch-data\",\n *   body: async (input: { id: string }) => {\n *     const db = getDB(\"tailordb\");\n *     return await db.selectFrom(\"Table\").selectAll().where(\"id\", \"=\", input.id).executeTakeFirst();\n *   },\n * });\n * @example\n * // Orchestrator job that fans out to other jobs.\n * export const orchestrate = createWorkflowJob({\n *   name: \"orchestrate\",\n *   body: (input: { orderId: string }) => {\n *     const inventory = checkInventory.trigger({ orderId: input.orderId });\n *     const payment = processPayment.trigger({ orderId: input.orderId });\n *     return { inventory, payment };\n *   },\n * });\n */\nexport function createWorkflowJob<const Name extends string, I = undefined, O = undefined>(\n  config: CreateWorkflowJobConfig<Name, I, O>,\n): WorkflowJob<Name, I, Awaited<O>> {\n  const userBody = config.body as (input: I, context: WorkflowJobContext) => O | Promise<O>;\n  const body = process.env.TAILOR_PLATFORM_BUNDLE\n    ? userBody\n    : (input: I, context: WorkflowJobContext): O | Promise<O> =>\n        withWorkflowTestInvoker(context.invoker, () => userBody(input, context));\n\n  // Test-only local runner registry; the platform bundle sets the flag so it is DCE'd.\n  if (!process.env.TAILOR_PLATFORM_BUNDLE) {\n    registerJob(config.name, body as RegisteredJobBody);\n  }\n\n  const trigger = process.env.TAILOR_PLATFORM_BUNDLE\n    ? () => {\n        throw new Error(\n          \"This workflow job's .trigger() is rewritten at build time and is unavailable in the bundle\",\n        );\n      }\n    : (args?: unknown) => dispatchTriggerJob(config.name, args) as Awaited<O>;\n\n  return brandValue(\n    { name: config.name, trigger, body } as WorkflowJob<Name, I, Awaited<O>>,\n    \"workflow-job\",\n  );\n}\n","import { brandValue } from \"@/utils/brand\";\nimport type { TailorWorkflowAPI } from \"@/runtime/workflow\";\nimport type { JsonCompatible } from \"@/types/helpers\";\n\n/**\n * A single wait point instance with typed `.wait()` and `.resolve()` methods.\n *\n * - `.wait(payload?)` suspends execution until resolved. Returns the result from `.resolve()`.\n * - `.resolve(executionId, callback)` resumes a suspended execution.\n *\n * Both `Payload` and `Result` must be JsonValue-compatible (primitives, plain objects, arrays).\n * Functions and objects with a `toJSON` method are rejected at the type level.\n */\nexport interface WaitPointInstance<Payload = undefined, Result = undefined> {\n  wait: [Payload] extends [undefined]\n    ? () => Promise<Result>\n    : (payload: Payload) => Promise<Result>;\n  resolve: (\n    executionId: string,\n    callback: (\n      payload: [Payload] extends [undefined] ? undefined : Payload,\n    ) => Result | Promise<Result>,\n  ) => Promise<void>;\n}\n\ninterface InternalWaitPointInstance {\n  wait: (payload?: unknown) => Promise<unknown>;\n  resolve: (\n    executionId: string,\n    callback: (payload: unknown) => unknown | Promise<unknown>,\n  ) => Promise<void>;\n}\n\ninterface WaitPointWithSetter {\n  instance: InternalWaitPointInstance;\n  setKey: (key: string) => void;\n}\n\nfunction getPlatformWorkflow() {\n  const platform = globalThis as { tailor?: { workflow?: TailorWorkflowAPI } };\n  const workflow = platform.tailor?.workflow;\n  if (!workflow) {\n    throw new Error(\n      \"tailor.workflow is not available. Run tests in the `tailor-runtime` Vitest environment, \" +\n        \"or acquire mockWorkflow() from @tailor-platform/sdk/vitest and set a wait/resolve handler.\",\n    );\n  }\n  return workflow;\n}\n\n/**\n * Create a WaitPointInstance that delegates to the platform runtime.\n * Use `mockWorkflow` from `@tailor-platform/sdk/vitest` to mock\n * `globalThis.tailor.workflow.wait/resolve` in tests.\n * @param initialKey - Initial key (can be updated via the returned setter)\n * @returns The instance and a setter to update the key after construction\n */\nfunction createWaitPointInstance(initialKey: string): WaitPointWithSetter {\n  let key = initialKey;\n\n  const instance = brandValue(\n    {\n      wait(payload?: unknown) {\n        return Promise.resolve(getPlatformWorkflow().wait(key, payload));\n      },\n      async resolve(executionId: string, callback: (p: unknown) => unknown | Promise<unknown>) {\n        await getPlatformWorkflow().resolve(executionId, key, callback);\n      },\n    },\n    \"wait-point\",\n  ) as InternalWaitPointInstance;\n\n  return {\n    instance,\n    setKey: (k: string) => {\n      key = k;\n    },\n  };\n}\n\n/**\n * The type produced by `define<Payload, Result>()` / `defineWaitPoint<Payload, Result>(key)`.\n * Resolves to `WaitPointInstance<Payload, Result>` when both types are JsonValue-compatible,\n * or to a template-literal error string that surfaces at the call site.\n */\ntype WaitPointDef<Payload, Result> = [null] extends [Payload]\n  ? \"ERROR: Payload cannot be null at the top level\"\n  : [undefined] extends [Result]\n    ? \"ERROR: Result cannot be (or include) undefined (resolve callback must return a value)\"\n    : [Payload] extends [undefined]\n      ? [Result] extends [JsonCompatible<Result>]\n        ? WaitPointInstance<Payload, Result>\n        : \"ERROR: Result must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n      : [undefined] extends [Payload]\n        ? \"ERROR: Payload cannot include undefined at the top level\"\n        : [Payload] extends [JsonCompatible<Payload>]\n          ? [Result] extends [JsonCompatible<Result>]\n            ? WaitPointInstance<Payload, Result>\n            : \"ERROR: Result must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\"\n          : \"ERROR: Payload must be JsonValue-compatible (plain objects/arrays; no class instances or functions)\";\n\n/**\n * The `define` function passed to the `defineWaitPoints` builder callback.\n * Returns an actual WaitPointInstance (not a phantom marker) so that the\n * builder's return type can flow through as-is, preserving JSDoc comments\n * on each property for IDE autocompletion.\n *\n * JSON validation is encoded in the return type rather than in type-parameter\n * constraints, because tsgo rejects self-referential constraints like\n * `Payload extends JsonCompatible<Payload>` as circular.\n */\ntype DefineFn = <Payload = undefined, Result = undefined>() => WaitPointDef<Payload, Result>;\n\n/**\n * Define a single typed wait point with an explicit key.\n *\n * `Payload` and `Result` must be JsonValue-compatible.\n * Functions and objects with a `toJSON` method are rejected at the type level;\n * class instances exposing methods are rejected via the property walk.\n * @param key - The wait point key used to match wait and resolve calls\n * @returns A WaitPointInstance with typed `.wait()` and `.resolve()` methods\n * @example\n * export const approval = defineWaitPoint<{ message: string }, { approved: boolean }>(\"approval\");\n *\n * await approval.wait({ message: \"Please approve\" });\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineWaitPoint<Payload = undefined, Result = undefined>(\n  key: string,\n): WaitPointDef<Payload, Result> {\n  return createWaitPointInstance(key).instance as unknown as WaitPointDef<Payload, Result>;\n}\n\n/**\n * Define a group of typed wait points for human-in-the-loop workflows.\n * Property names become the wait point keys.\n *\n * The return type is the same as the builder's return type, so JSDoc on each\n * property is preserved and visible in IDE autocompletion.\n *\n * `Payload` and `Result` must be JsonValue-compatible.\n * Functions and objects with a `toJSON` method are rejected at the type level;\n * class instances exposing methods are rejected via the property walk.\n * @param builder - Callback that receives a `define` factory and returns an object of wait points\n * @returns The same object returned by the builder (with correct keys set on each instance)\n * @example\n * export const waitPoints = defineWaitPoints(define => ({\n *   // Preceding JSDoc on this property is shown in IDE autocompletion\n *   approval: define<{ message: string }, { approved: boolean }>(),\n * }));\n *\n * // IDE shows the JSDoc when typing `waitPoints.`\n * await waitPoints.approval.wait({ message: \"Please approve\" });\n *\n * // For 2-level access, use destructured export with JSDoc attached to the export itself.\n */\n/* @__NO_SIDE_EFFECTS__ */\n// oxlint-disable-next-line no-explicit-any\nexport function defineWaitPoints<T extends Record<string, WaitPointInstance<any, any>>>(\n  builder: (define: DefineFn) => T,\n): T {\n  const setters = new Map<InternalWaitPointInstance, (key: string) => void>();\n\n  const define = (<Payload, Result>() => {\n    const { instance, setKey } = createWaitPointInstance(\"__pending__\");\n    setters.set(instance, setKey);\n    return instance as unknown as WaitPointDef<Payload, Result>;\n  }) as DefineFn;\n\n  const result = builder(define);\n\n  // Set the correct key on each instance based on the property name\n  for (const key of Object.keys(result)) {\n    const setter = setters.get(result[key] as unknown as InternalWaitPointInstance);\n    setter?.(key);\n  }\n\n  return result;\n}\n","/* oxlint-disable typescript/no-explicit-any */\nimport { brandValue } from \"@/utils/brand\";\nimport { dispatchTriggerWorkflow } from \"./registry\";\nimport type { WorkflowJob } from \"./job\";\nimport type { MachineUserName } from \"@/configure/types/machine-user\";\nimport type { ConcurrencyPolicy, RetryPolicy } from \"@/types/workflow.generated\";\n\nexport type { ConcurrencyPolicy, RetryPolicy };\n\nexport interface WorkflowConfig<\n  Job extends WorkflowJob<any, any, any> = WorkflowJob<any, any, any>,\n> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n}\n\nexport interface Workflow<Job extends WorkflowJob<any, any, any> = WorkflowJob<any, any, any>> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n  trigger: (\n    args: Parameters<Job[\"trigger\"]>[0],\n    options?: { invoker: MachineUserName },\n  ) => Promise<string>;\n}\n\ninterface WorkflowDefinition<Job extends WorkflowJob<any, any, any>> {\n  name: string;\n  mainJob: Job;\n  retryPolicy?: RetryPolicy;\n  concurrencyPolicy?: ConcurrencyPolicy;\n}\n\n/**\n * Create a workflow definition that can be triggered via the Tailor SDK.\n * In production, bundler transforms .trigger() calls to tailor.workflow.triggerWorkflow().\n *\n * The workflow MUST be the default export of the file.\n * All jobs referenced by the workflow MUST be named exports.\n * @template Job\n * @param config - Workflow configuration\n * @returns Defined workflow\n * @example\n * export const fetchData = createWorkflowJob({ name: \"fetch-data\", body: async (input: { id: string }) => ({ id: input.id }) });\n * export const processData = createWorkflowJob({\n *   name: \"process-data\",\n *   body: (input: { id: string }) => {\n *     const data = fetchData.trigger({ id: input.id });\n *     return { data };\n *   },\n * });\n *\n * // Workflow must be default export; mainJob is the entry point\n * export default createWorkflow({\n *   name: \"data-processing\",\n *   mainJob: processData,\n * });\n */\nexport function createWorkflow<Job extends WorkflowJob<any, any, any>>(\n  config: WorkflowDefinition<Job>,\n): Workflow<Job> {\n  return brandValue(\n    {\n      ...config,\n      trigger: process.env.TAILOR_PLATFORM_BUNDLE\n        ? async () => {\n            throw new Error(\n              \"workflow.trigger() is rewritten at build time and unavailable in the bundle\",\n            );\n          }\n        : async (args, options) => await dispatchTriggerWorkflow(config.name, args, options),\n    } as Workflow<Job>,\n    \"workflow\",\n  );\n}\n","import type { StaticWebsiteDefinitionBrand } from \"@/configure/services/staticwebsite/types\";\nimport type { StaticWebsiteInput } from \"@/types/staticwebsite.generated\";\nexport type { StaticWebsiteConfig } from \"@/configure/services/staticwebsite/types\";\n\n/**\n * Define a static website configuration for the Tailor SDK.\n * @param name - Static website name\n * @param config - Static website configuration\n * @returns Defined static website\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineStaticWebSite(name: string, config: Omit<StaticWebsiteInput, \"name\">) {\n  const result = {\n    ...config,\n    name,\n    get url() {\n      return `${name}:url` as const;\n    },\n  } as const satisfies StaticWebsiteInput & { readonly url: string };\n\n  return result as typeof result & StaticWebsiteDefinitionBrand;\n}\n","import type { AIGatewayDefinitionBrand } from \"./types\";\nimport type { AIGatewayInput } from \"@/types/aigateway.generated\";\nexport type { AIGatewayConfig } from \"./types\";\n\n/**\n * Define an AI Gateway configuration for the Tailor SDK.\n * @param name - AI Gateway name\n * @param config - AI Gateway configuration\n * @returns Defined AI Gateway\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineAIGateway(name: string, config: Omit<AIGatewayInput, \"name\">) {\n  const result = {\n    ...config,\n    name,\n  } as const satisfies AIGatewayInput;\n\n  return result as typeof result & AIGatewayDefinitionBrand;\n}\n","import type { IdPUserField } from \"@/parser/service/idp/types\";\nimport type { InferredAttributeMap } from \"@/runtime/types\";\n\ntype EqualityOperator = \"=\" | \"!=\";\ntype ContainsOperator = \"in\" | \"not in\";\n\ntype StringFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string ? K : never;\n}[keyof User];\n\ntype StringArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends string[] ? K : never;\n}[keyof User];\n\ntype BooleanFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean ? K : never;\n}[keyof User];\n\ntype BooleanArrayFieldKeys<User extends object> = {\n  [K in keyof User]: User[K] extends boolean[] ? K : never;\n}[keyof User];\n\ntype UserStringOperand<User extends object = InferredAttributeMap> = {\n  user: StringFieldKeys<User> | \"id\";\n};\n\ntype UserStringArrayOperand<User extends object = InferredAttributeMap> = {\n  user: StringArrayFieldKeys<User>;\n};\n\ntype UserBooleanOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanFieldKeys<User> | \"_loggedIn\";\n};\n\ntype UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {\n  user: BooleanArrayFieldKeys<User>;\n};\n\ntype IdPUserOperand<Update extends boolean = false> = Update extends true\n  ? { oldIdpUser: IdPUserField } | { newIdpUser: IdPUserField }\n  : { idpUser: IdPUserField };\n\ntype StringEqualityCondition<User extends object, Update extends boolean> =\n  | readonly [string, EqualityOperator, string]\n  | readonly [UserStringOperand<User>, EqualityOperator, string]\n  | readonly [string, EqualityOperator, UserStringOperand<User>]\n  | readonly [\n      IdPUserOperand<Update>,\n      EqualityOperator,\n      string | UserStringOperand<User> | IdPUserOperand<Update>,\n    ]\n  | readonly [string | UserStringOperand<User>, EqualityOperator, IdPUserOperand<Update>];\n\ntype BooleanEqualityCondition<User extends object, Update extends boolean> =\n  | readonly [boolean, EqualityOperator, boolean]\n  | readonly [UserBooleanOperand<User>, EqualityOperator, boolean]\n  | readonly [boolean, EqualityOperator, UserBooleanOperand<User>]\n  | readonly [\n      IdPUserOperand<Update>,\n      EqualityOperator,\n      boolean | UserBooleanOperand<User> | IdPUserOperand<Update>,\n    ]\n  | readonly [boolean | UserBooleanOperand<User>, EqualityOperator, IdPUserOperand<Update>];\n\ntype EqualityCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = StringEqualityCondition<User, Update> | BooleanEqualityCondition<User, Update>;\n\ntype StringContainsCondition<User extends object, Update extends boolean> =\n  | readonly [string, ContainsOperator, string[]]\n  | readonly [UserStringOperand<User>, ContainsOperator, string[]]\n  | readonly [string, ContainsOperator, UserStringArrayOperand<User>]\n  | readonly [IdPUserOperand<Update>, ContainsOperator, string[] | UserStringArrayOperand<User>];\n\ntype BooleanContainsCondition<User extends object, Update extends boolean> =\n  | readonly [boolean, ContainsOperator, boolean[]]\n  | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]]\n  | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>]\n  | readonly [IdPUserOperand<Update>, ContainsOperator, boolean[] | UserBooleanArrayOperand<User>];\n\ntype ContainsCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = StringContainsCondition<User, Update> | BooleanContainsCondition<User, Update>;\n\nexport type IdPPermissionCondition<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> = EqualityCondition<User, Update> | ContainsCondition<User, Update>;\n\ntype IdPActionPermission<\n  User extends object = InferredAttributeMap,\n  Update extends boolean = boolean,\n> =\n  | {\n      conditions:\n        | IdPPermissionCondition<User, Update>\n        | readonly IdPPermissionCondition<User, Update>[];\n      description?: string | undefined;\n      /**\n       * Whether matching users are granted (`true`) or denied (`false`).\n       * Omitting `permit` in this object form defaults to `deny` and emits a\n       * warning; set it explicitly. (The array shorthand defaults to `allow`.)\n       */\n      permit?: boolean;\n    }\n  | readonly [...IdPPermissionCondition<User, Update>, ...([] | [boolean])]\n  | readonly [...IdPPermissionCondition<User, Update>[], ...([] | [boolean])];\n\n/**\n * Per-operation permission policies for an IdP service.\n * Defines create, read, update, delete, and sendPasswordResetEmail permissions.\n *\n * For update operations, use `newIdpUser`/`oldIdpUser` operands instead of `idpUser`.\n * @example\n * const permission: IdPPermission = {\n *   create: [{ conditions: [[{ user: \"role\" }, \"=\", \"ADMIN\"]], permit: true }],\n *   read: [{ conditions: [[{ user: \"_loggedIn\" }, \"=\", true]], permit: true }],\n *   update: [{ conditions: [[{ newIdpUser: \"name\" }, \"=\", { user: \"id\" }]], permit: true }],\n *   delete: [{ conditions: [[{ user: \"role\" }, \"=\", \"ADMIN\"]], permit: true }],\n *   sendPasswordResetEmail: [{ conditions: [], permit: true }],\n * };\n */\nexport type IdPPermission<User extends object = InferredAttributeMap> = {\n  create: readonly IdPActionPermission<User, false>[];\n  read: readonly IdPActionPermission<User, false>[];\n  update: readonly IdPActionPermission<User, true>[];\n  delete: readonly IdPActionPermission<User, false>[];\n  sendPasswordResetEmail: readonly IdPActionPermission<User, false>[];\n};\n\n/**\n * Grants full IdP permission access without any conditions.\n *\n * Unsafe and intended only for local development, prototyping, or tests.\n * Do not use this in production environments, as it effectively disables\n * authorization checks.\n */\nexport const unsafeAllowAllIdPPermission: IdPPermission = {\n  create: [{ conditions: [], permit: true }],\n  read: [{ conditions: [], permit: true }],\n  update: [{ conditions: [], permit: true }],\n  delete: [{ conditions: [], permit: true }],\n  sendPasswordResetEmail: [{ conditions: [], permit: true }],\n};\n","import type { IdPPermission } from \"./permission\";\nimport type { IdpDefinitionBrand } from \"@/configure/services/idp/types\";\nimport type { BuiltinIdP } from \"@/types/auth.generated\";\nimport type { IdPInput } from \"@/types/idp.generated\";\n\nexport type {\n  IdPEmailConfig,\n  IdPGqlOperations,\n  IdPGqlOperationsInput as IdPGqlOperationsConfig,\n} from \"@/types/idp.generated\";\n\n/**\n * Define an IdP service configuration for the Tailor SDK.\n * @template TClients\n * @param name - IdP service name\n * @param config - IdP configuration\n * @returns Defined IdP service\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineIdp<const TClients extends string[]>(\n  name: string,\n  config: Omit<IdPInput, \"name\" | \"clients\" | \"permission\"> & {\n    clients: TClients;\n    permission?: IdPPermission;\n  },\n) {\n  const result = {\n    ...config,\n    name,\n    provider(providerName: string, clientName: TClients[number]) {\n      return {\n        name: providerName,\n        kind: \"BuiltInIdP\",\n        namespace: name,\n        clientName,\n      } as const satisfies BuiltinIdP;\n    },\n  } as const satisfies IdPInput & {\n    provider: (providerName: string, clientName: TClients[number]) => BuiltinIdP;\n  };\n\n  return result as typeof result & IdpDefinitionBrand;\n}\n\nexport type { IdPConfig, IdPExternalConfig } from \"@/configure/services/idp/types\";\n\nexport type { IdPPermission, IdPPermissionCondition } from \"./permission\";\nexport { unsafeAllowAllIdPPermission } from \"./permission\";\n","import type { SecretsDefinitionBrand } from \"@/configure/services/secrets/types\";\nexport type { SecretsConfig } from \"@/configure/services/secrets/types\";\n\ntype SecretsVaultInput = Record<string, string>;\ntype SecretsVaultInputNullish = Record<string, string | undefined | null>;\ntype SecretsInput = Record<string, SecretsVaultInput>;\ntype SecretsInputNullish = Record<string, SecretsVaultInputNullish>;\n\ntype SecretsOptions = {\n  readonly ignoreNullishValues: boolean;\n};\n\ntype DefinedSecrets<T extends SecretsInputNullish> = {\n  readonly vaults: T;\n  readonly options: SecretsOptions;\n  get<V extends Extract<keyof T, string>, S extends Extract<keyof T[V], string>>(\n    vault: V,\n    secret: S,\n  ): Promise<string | undefined>;\n  getAll<V extends Extract<keyof T, string>, S extends Extract<keyof T[V], string>>(\n    vault: V,\n    secrets: readonly S[],\n  ): Promise<(string | undefined)[]>;\n} & SecretsDefinitionBrand;\n\n/**\n * Define secrets configuration for the Tailor SDK.\n * Each key is a vault name, and its value is a record of secret name to secret value.\n * @param config - Secrets configuration mapping vault names to their secrets\n * @returns Defined secrets with typed runtime access methods\n */\nexport function defineSecretManager<const T extends SecretsInput>(config: T): DefinedSecrets<T>;\n/**\n * Define secrets configuration for the Tailor SDK with ignoreNullishValues option.\n * When `ignoreNullishValues` is true, secrets with nullish values are skipped during deploy\n * instead of causing an error. This is useful for CI environments where not all\n * secret values are available.\n * @param config - Secrets configuration mapping vault names to their secrets\n * @param options - Options for secret management behavior\n * @param options.ignoreNullishValues - When true, secrets with nullish values are skipped during deploy\n * @returns Defined secrets with typed runtime access methods\n */\nexport function defineSecretManager<const T extends SecretsInputNullish>(\n  config: T,\n  options: { ignoreNullishValues: true },\n): DefinedSecrets<T>;\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineSecretManager<const T extends SecretsInputNullish>(\n  config: T,\n  options?: { ignoreNullishValues?: boolean },\n): DefinedSecrets<T> {\n  const result: Record<string, unknown> = {\n    vaults: config,\n    options: { ignoreNullishValues: options?.ignoreNullishValues ?? false },\n  };\n\n  // Non-enumerable so Zod's z.object validation ignores them\n  Object.defineProperty(result, \"get\", {\n    value: async (vault: string, secret: string) => {\n      return tailor.secretmanager.getSecret(vault, secret);\n    },\n    enumerable: false,\n  });\n  Object.defineProperty(result, \"getAll\", {\n    value: async (vault: string, secrets: readonly string[]) => {\n      const record = await tailor.secretmanager.getSecrets(vault, secrets);\n      return secrets.map((s) => record[s]);\n    },\n    enumerable: false,\n  });\n\n  return result as DefinedSecrets<T>;\n}\n","import { brandValue } from \"@/utils/brand\";\nimport type { HttpAdapterConfigInput } from \"@/types/http-adapter.generated\";\n\n/**\n * Lowercase HTTP method keys accepted in `input`, derived from the config\n * schema via the generated type so they cannot drift.\n */\ntype HttpMethodKey = keyof Required<HttpAdapterConfigInput[\"input\"]>;\n\n/** Incoming HTTP request passed to an `input` handler. */\nexport type HttpAdapterRequest = {\n  method: Uppercase<HttpMethodKey>;\n  path: string;\n  headers: Record<string, string>;\n  query: Record<string, string>;\n  body: string;\n};\n\n/** GraphQL request returned by an `input` handler. */\nexport type HttpAdapterGraphQLRequest = {\n  query: string;\n  variables?: Record<string, unknown>;\n  operationName?: string;\n};\n\n/** Converts an incoming HTTP request into a GraphQL request. */\nexport type HttpAdapterInputFn = (req: HttpAdapterRequest) => HttpAdapterGraphQLRequest;\n\n/** GraphQL execution result passed to the `output` handler. */\nexport type HttpAdapterGraphQLResponse = {\n  data?: unknown;\n  errors?: unknown;\n  extensions?: unknown;\n};\n\n/** HTTP response returned by the `output` handler. */\nexport type HttpAdapterResponse = {\n  statusCode?: number;\n  headers?: Record<string, string>;\n  body: string;\n};\n\n/** Converts a GraphQL response into an HTTP response. */\nexport type HttpAdapterOutputFn = (resp: HttpAdapterGraphQLResponse) => HttpAdapterResponse;\n\n/**\n * Per-method input handlers. At least one method must be provided.\n * Each handler transforms an HTTP request into a GraphQL request.\n */\nexport type HttpAdapterInput = Partial<Record<HttpMethodKey, HttpAdapterInputFn>>;\n\n/**\n * HTTP adapter configuration accepted by `createHttpAdapter` with typed\n * `input` and `output` signatures.\n */\n// Internally, the parser-side representation is the looser `HttpAdapterConfig`\n// from `@/types/http-adapter.generated`, where the function fields are typed\n// as `Function`.\nexport type HttpAdapter = Omit<HttpAdapterConfigInput, \"input\" | \"output\"> & {\n  input: HttpAdapterInput;\n  output?: HttpAdapterOutputFn;\n};\n\n/**\n * Defines an HTTP adapter that translates HTTP requests to GraphQL queries\n * and shapes the GraphQL response back into an HTTP response.\n *\n * The adapter MUST be the default export of its file.\n * Files are discovered via the `httpAdapter.files` glob in `defineConfig()`.\n *\n * `input` is an object keyed by lowercase HTTP method (`get`, `post`, `put`,\n * `patch`, `delete`). At least one method must be declared; the methods the\n * adapter serves are derived from these keys.\n *\n * `output` is optional and shared across all methods. If you need different\n * response shapes per method, discriminate inside `output` based on the\n * GraphQL response shape.\n *\n * Each handler runs server-side and must be synchronous: Node APIs, `fetch`,\n * `async`/`await`, Promises, and top-level `await` are not available.\n *\n * Optional fields: `enabled` (default `true`; set `false` to deploy the adapter\n * without serving it) and `priority` (non-negative integer, default `0`; when\n * multiple adapters match the same request path, the lowest value wins).\n * @param config - HTTP adapter configuration\n * @returns Branded HTTP adapter definition\n * @example\n * export default createHttpAdapter({\n *   name: \"get-user\",\n *   pathPattern: \"/users/*\",\n *   input: {\n *     get: (req) => ({\n *       query: `query($id: ID!) { user(id: $id) { id name } }`,\n *       variables: { id: req.path.split(\"/\")[2] },\n *     }),\n *   },\n *   output: (resp) => ({\n *     statusCode: 200,\n *     headers: { \"content-type\": \"application/json\" },\n *     body: JSON.stringify(resp.data),\n *   }),\n * });\n */\nexport function createHttpAdapter(config: HttpAdapter): HttpAdapter {\n  return brandValue({ ...config }, \"http-adapter\");\n}\n","import type { AppConfig } from \"@/configure/config/types\";\nimport type { Plugin } from \"@/plugin/types\";\n\n/**\n * Define a Tailor SDK application configuration with shallow exactness.\n * @template Config\n * @param config - Application configuration\n * @returns The same configuration object\n */\n/* @__NO_SIDE_EFFECTS__ */\nexport function defineConfig<\n  const Config extends AppConfig &\n    // type-fest's Exact works recursively and causes type errors, so we use a shallow version here.\n    Record<Exclude<keyof Config, keyof AppConfig>, never>,\n>(config: Config) {\n  return config;\n}\n\n/**\n * Define plugins to be used with the Tailor SDK.\n * Plugins can generate additional types, resolvers, and executors\n * based on existing TailorDB types.\n * @param configs - Plugin configurations\n * @returns Plugin configurations as given\n */\n/* @__NO_SIDE_EFFECTS__ */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function definePlugins(...configs: Plugin<any, any>[]) {\n  return configs;\n}\n","import { t as _t } from \"@/configure/types\";\nimport type * as helperTypes from \"@/types/helpers\";\n\ntype TailorOutput<T> = helperTypes.output<T>;\n\nexport type infer<T> = TailorOutput<T>;\nexport type output<T> = TailorOutput<T>;\n\n/** TailorDB field type builders. */\n// eslint-disable-next-line import-x/export\nexport const t = _t;\n// eslint-disable-next-line @typescript-eslint/no-namespace, import-x/export\nexport namespace t {\n  export type output<T> = TailorOutput<T>;\n  export type infer<T> = TailorOutput<T>;\n}\n\nexport { type TailorField } from \"@/configure/types/type\";\nexport {\n  type TailorPrincipal,\n  type AttributeMap,\n  type AttributeList,\n  type Env,\n} from \"@/runtime/types\";\nexport { type MachineUserNameRegistry, type MachineUserName } from \"@/configure/types/machine-user\";\nexport { type IdpNameRegistry, type IdpName } from \"@/configure/types/idp-name\";\n\nexport * from \"@/configure/services\";\n\nexport { defineConfig, definePlugins } from \"@/configure/config\";\n\n// Plugin types for custom plugin development\nexport type {\n  Plugin,\n  PluginConfigs,\n  PluginOutput,\n  TypePluginOutput,\n  NamespacePluginOutput,\n  PluginProcessContext,\n  PluginNamespaceProcessContext,\n  PluginAttachment,\n  PluginGeneratedType,\n  PluginGeneratedResolver,\n  PluginGeneratedExecutor,\n  PluginGeneratedExecutorWithFile,\n  PluginExecutorContext,\n  PluginExecutorContextBase,\n  TailorDBTypeForPlugin,\n} from \"@/plugin/types\";\n\n// Generation-time hook context types for plugin development\nexport type {\n  TailorDBReadyContext,\n  ResolverReadyContext,\n  ExecutorReadyContext,\n  TailorDBNamespaceData,\n  ResolverNamespaceData,\n  GeneratorResult,\n} from \"@/plugin/types\";\n"],"mappings":";;;;;;;;AAiJA,SAAgB,WASd,MACA,QAGA;CAeA,OAAO;EAbL,GAAG;EACH;EACA,mBAAqC,gBAAuD;GAC1F,OAAO,OAAO,eAAe,mBAAmB,cAAc;EAChE;CASU;AACd;;;;;;;;;;;ACmHA,MAAa,+BAAqD;CAChE,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,MAAM,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACvC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;AAC3C;;;;;;;;AASA,MAAa,8BAAuD,CAClE;CAAE,YAAY,CAAC;CAAG,SAAS;CAAO,QAAQ;AAAK,CACjD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC9NA,SAAgB,eAId,QAO+B;CAI/B,MAAM,iBAAiB,QACrB,OAAO,QAAQ,YACf,QAAQ,QACR,UAAU,OACV,OAAQ,IAA0B,SAAS;CAE7C,MAAM,mBAAmB,cAAc,OAAO,MAAM,IAAI,OAAO,SAASA,IAAE,OAAO,OAAO,MAAM;CAE9F,OAAO,WACL;EACE,GAAG;EACH,QAAQ;CACV,GACA,UACF;AACF;;;;;AC3BA,SAAgB,eAGd,QAAwB;CACxB,OAAO,WAAW,QAAQ,UAAU;AACtC;;;;ACqCA,MAAM,iBAAiB;CACrB,SAAS;CACT,SAAS;CACT,SAAS;AACX;;;;;;;AA8BA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,qBACd,SACuC;CACvC,MAAM,EAAE,MAAM,cAAc;CAC5B,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,8BAA8B;EACvC,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;;AAeA,SAAgB,cAGd,SAAkF;CAClF,MAAM,EAAE,MAAM,QAAQ,cAAc;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,eAAe,EAAE;EAC3C,UAAU,KAAK;EACf;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;AAqBA,SAAgB,wBACd,SACkD;CAClD,MAAM,EAAE,UAAU,cAAc;CAChC,OAAO;EACL,MAAM;EACN,cAAc,SAAS;EACvB;EACA,QAAQ,CAAC;CACX;AACF;AAMA,MAAM,kBAAkB;CACtB,SAAS;CACT,SAAS;CACT,SAAS;AACX;;;;;;;AA+BA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;AAQA,SAAgB,sBACd,SACoC;CACpC,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,kBAAkB;EAC3B,GAAI,SAAS,OAAO,OAAO,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC;EACnD,QAAQ,CAAC;CACX;AACF;;;;;;;;;AAoBA,SAAgB,eACd,SACqC;CACrC,MAAM,EAAE,QAAQ,QAAQ;CACxB,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,gBAAgB,EAAE;EAC5C,GAAI,OAAO,OAAO,EAAE,IAAI,IAAI,CAAC;EAC7B,QAAQ,CAAC;CACX;AACF;AAMA,MAAM,0BAA0B;CAC9B,QAAQ;CACR,WAAW;CACX,SAAS;AACX;;;;;AAqBA,SAAgB,+BAAkF;CAChG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,0BAA0B;EACnC,QAAQ,CAAC;CACX;AACF;;;;;AAMA,SAAgB,kCAAwF;CACtG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,6BAA6B;EACtC,QAAQ,CAAC;CACX;AACF;;;;;AAMA,SAAgB,gCAAoF;CAClG,OAAO;EACL,MAAM;EACN,QAAQ,CAAC,2BAA2B;EACpC,QAAQ,CAAC;CACX;AACF;;;;;;;AAYA,SAAgB,uBAEd,SAAgG;CAChG,MAAM,EAAE,WAAW;CACnB,OAAO;EACL,MAAM;EACN,QAAQ,OAAO,KAAK,MAAM,wBAAwB,EAAE;EACpD,QAAQ,CAAC;CACX;AACF;;;;;;;;;;ACfA,SAAgB,gBACd,SAC+B;CAC/B,MAAM,EAAE,MAAM,aAAa;CAC3B,OAAO;EACL,MAAM;EACN;EACA;EACA,QAAQ,CAAC;CACX;AACF;;;;;;;;;;AC5ZA,SAAgB,uBACd,SACgD;CAChD,MAAM,WACJ,OAAO,SAAS,aAAa,aAAa,EAAE,MAAM,QAAQ,SAAS,IAAI,SAAS;CAClF,OAAO;EACL,MAAM;EACN,GAAI,WAAW,EAAE,SAAS,IAAI,CAAC;EAC/B,QAAQ,CAAC;CACX;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACoCA,SAAgB,kBACd,QACkC;CAClC,MAAM,WAAW,OAAO;CACxB,MAAM,OAAO,QAAQ,IAAI,yBACrB,YACC,OAAU,YACT,wBAAwB,QAAQ,eAAe,SAAS,OAAO,OAAO,CAAC;CAG7E,IAAI,CAAC,QAAQ,IAAI,wBACf,YAAY,OAAO,MAAM,IAAyB;CAGpD,MAAM,UAAU,QAAQ,IAAI,+BAClB;EACJ,MAAM,IAAI,MACR,4FACF;CACF,KACC,SAAmB,mBAAmB,OAAO,MAAM,IAAI;CAE5D,OAAO,WACL;EAAE,MAAM,OAAO;EAAM;EAAS;CAAK,GACnC,cACF;AACF;;;;AClFA,SAAS,sBAAsB;CAE7B,MAAM,WAAWC,WAAS,QAAQ;CAClC,IAAI,CAAC,UACH,MAAM,IAAI,MACR,oLAEF;CAEF,OAAO;AACT;;;;;;;;AASA,SAAS,wBAAwB,YAAyC;CACxE,IAAI,MAAM;CAcV,OAAO;EACL,UAbe,WACf;GACE,KAAK,SAAmB;IACtB,OAAO,QAAQ,QAAQ,oBAAoB,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC;GACjE;GACA,MAAM,QAAQ,aAAqB,UAAsD;IACvF,MAAM,oBAAoB,CAAC,CAAC,QAAQ,aAAa,KAAK,QAAQ;GAChE;EACF,GACA,YAIO;EACP,SAAS,MAAc;GACrB,MAAM;EACR;CACF;AACF;;;;;;;;;;;;;;;AAiDA,SAAgB,gBACd,KAC+B;CAC/B,OAAO,wBAAwB,GAAG,CAAC,CAAC;AACtC;;;;;;;;;;;;;;;;;;;;;;;;;AA2BA,SAAgB,iBACd,SACG;CACH,MAAM,0BAAU,IAAI,IAAsD;CAE1E,MAAM,gBAAiC;EACrC,MAAM,EAAE,UAAU,WAAW,wBAAwB,aAAa;EAClE,QAAQ,IAAI,UAAU,MAAM;EAC5B,OAAO;CACT;CAEA,MAAM,SAAS,QAAQ,MAAM;CAG7B,KAAK,MAAM,OAAO,OAAO,KAAK,MAAM,GAElC,AADe,QAAQ,IAAI,OAAO,IAC7B,CAAC,GAAG,GAAG;CAGd,OAAO;AACT;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACrHA,SAAgB,eACd,QACe;CACf,OAAO,WACL;EACE,GAAG;EACH,SAAS,QAAQ,IAAI,yBACjB,YAAY;GACV,MAAM,IAAI,MACR,6EACF;EACF,IACA,OAAO,MAAM,YAAY,MAAM,wBAAwB,OAAO,MAAM,MAAM,OAAO;CACvF,GACA,UACF;AACF;;;;;;;;;;;AClEA,SAAgB,oBAAoB,MAAc,QAA0C;CAS1F,OAAO;EAPL,GAAG;EACH;EACA,IAAI,MAAM;GACR,OAAO,GAAG,KAAK;EACjB;CAGU;AACd;;;;;;;;;;;ACVA,SAAgB,gBAAgB,MAAc,QAAsC;CAMlF,OAAO;EAJL,GAAG;EACH;CAGU;AACd;;;;;;;;;;;ACyHA,MAAa,8BAA6C;CACxD,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,MAAM,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACvC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,QAAQ,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;CACzC,wBAAwB,CAAC;EAAE,YAAY,CAAC;EAAG,QAAQ;CAAK,CAAC;AAC3D;;;;;;;;;;;;AC9HA,SAAgB,UACd,MACA,QAIA;CAgBA,OAAO;EAdL,GAAG;EACH;EACA,SAAS,cAAsB,YAA8B;GAC3D,OAAO;IACL,MAAM;IACN,MAAM;IACN,WAAW;IACX;GACF;EACF;CAKU;AACd;;;;;ACKA,SAAgB,oBACd,QACA,SACmB;CACnB,MAAM,SAAkC;EACtC,QAAQ;EACR,SAAS,EAAE,qBAAqB,SAAS,uBAAuB,MAAM;CACxE;CAGA,OAAO,eAAe,QAAQ,OAAO;EACnC,OAAO,OAAO,OAAe,WAAmB;GAC9C,OAAO,OAAO,cAAc,UAAU,OAAO,MAAM;EACrD;EACA,YAAY;CACd,CAAC;CACD,OAAO,eAAe,QAAQ,UAAU;EACtC,OAAO,OAAO,OAAe,YAA+B;GAC1D,MAAM,SAAS,MAAM,OAAO,cAAc,WAAW,OAAO,OAAO;GACnE,OAAO,QAAQ,KAAK,MAAM,OAAO,EAAE;EACrC;EACA,YAAY;CACd,CAAC;CAED,OAAO;AACT;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC+BA,SAAgB,kBAAkB,QAAkC;CAClE,OAAO,WAAW,EAAE,GAAG,OAAO,GAAG,cAAc;AACjD;;;;;;;;;;;AC/FA,SAAgB,aAId,QAAgB;CAChB,OAAO;AACT;;;;;;;;;AAWA,SAAgB,cAAc,GAAG,SAA6B;CAC5D,OAAO;AACT;;;;;ACnBA,MAAa,IAAIC"}

package/dist/{context-s0lxhu8_.mjs → context-Bd266-ru.mjs}

@@ -1,5 +1,4 @@
-
-import { t as __exportAll } from "./chunk-BkoGK1jX.mjs";
+import { t as __exportAll } from "./rolldown-runtime-DXywRVcq.mjs";
 
 //#region src/runtime/context.ts
 var context_exports = /* @__PURE__ */ __exportAll({ getInvoker: () => getInvoker });
@@ -22,4 +21,4 @@ function getInvoker() {
 
 //#endregion
 export { getInvoker as n, context_exports as t };
-//# sourceMappingURL=context-s0lxhu8_.mjs.map
+//# sourceMappingURL=context-Bd266-ru.mjs.map

package/dist/context-Bd266-ru.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"context-Bd266-ru.mjs","names":[],"sources":["../src/runtime/context.ts"],"sourcesContent":["/**\n * Execution context utilities.\n *\n * Thin typed wrapper around the platform-provided `tailor.context` runtime API.\n * At runtime this delegates to `globalThis.tailor.context`.\n * @example\n * import { context } from \"@tailor-platform/sdk/runtime\";\n *\n * const invoker = context.getInvoker();\n * if (invoker) {\n *   console.log(invoker.id, invoker.type, invoker.attributes, invoker.attributeList);\n * }\n */\n\nimport type { TailorPrincipal } from \"@/runtime/types\";\n\n/**\n * Information about the invoker of the current function execution.\n *\n * Matches the public `TailorPrincipal` shape — `attributes` is the attribute\n * map and `attributeList` is the array of attribute IDs.\n */\nexport type Invoker = TailorPrincipal;\n\n/**\n * Raw platform-side invoker payload returned by `tailor.context.getInvoker()`.\n * The wrapper normalizes this into {@link Invoker}.\n * @internal\n */\nexport interface ContextInvoker {\n  /** The invoker's ID */\n  id: string;\n  /** The invoker's type */\n  type: \"user\" | \"machine_user\";\n  /** The workspace ID */\n  workspaceId: string;\n  /** The invoker's attribute IDs */\n  attributes: string[];\n  /** The invoker's attribute map */\n  attributeMap: Record<string, unknown>;\n}\n\n/**\n * Platform API surface for `tailor.context`. Describes the shape the platform\n * runtime injects on `globalThis.tailor.context`.\n * @internal\n */\nexport interface TailorContextAPI {\n  getInvoker(): ContextInvoker | null;\n}\n\n/**\n * Returns information about the invoker of the current function execution,\n * or `null` for anonymous invocations.\n * @returns Invoker details, or `null` when the call is anonymous\n */\nexport function getInvoker(): Invoker | null {\n  const raw = (globalThis as { tailor: { context: TailorContextAPI } }).tailor.context.getInvoker();\n  if (!raw) return null;\n  return {\n    id: raw.id,\n    type: raw.type,\n    workspaceId: raw.workspaceId,\n    attributes: raw.attributeMap as Invoker[\"attributes\"],\n    attributeList: raw.attributes as Invoker[\"attributeList\"],\n  };\n}\n"],"mappings":";;;;;;;;;AAwDA,SAAgB,aAA6B;CAC3C,MAAM,MAAO,WAAyD,OAAO,QAAQ,WAAW;CAChG,IAAI,CAAC,KAAK,OAAO;CACjB,OAAO;EACL,IAAI,IAAI;EACR,MAAM,IAAI;EACV,aAAa,IAAI;EACjB,YAAY,IAAI;EAChB,eAAe,IAAI;CACrB;AACF"}

package/dist/{context-CUBwSBq4.d.mts → context-C2lEi9uw.d.mts}

@@ -1,37 +1,16 @@
+import { o as TailorPrincipal } from "./types-BZ7QKVE8.mjs";
+
+//#region src/runtime/context.d.ts
 declare namespace context_d_exports {
   export { ContextInvoker, Invoker, TailorContextAPI, getInvoker };
 }
-/**
- * Execution context utilities.
- *
- * Thin typed wrapper around the platform-provided `tailor.context` runtime API.
- * At runtime this delegates to `globalThis.tailor.context`.
- * @example
- * import { context } from "@tailor-platform/sdk/runtime";
- *
- * const invoker = context.getInvoker();
- * if (invoker) {
- *   console.log(invoker.id, invoker.type, invoker.attributes, invoker.attributeList);
- * }
- */
 /**
  * Information about the invoker of the current function execution.
  *
- * Matches the shape of `TailorUser` and `TailorActor` — `attributes` is the
- * attribute map and `attributeList` is the array of attribute IDs.
+ * Matches the public `TailorPrincipal` shape — `attributes` is the attribute
+ * map and `attributeList` is the array of attribute IDs.
  */
-interface Invoker {
-  /** The invoker's ID */
-  id: string;
-  /** The invoker's type */
-  type: "user" | "machine_user";
-  /** The workspace ID */
-  workspaceId: string;
-  /** A map of the invoker's attributes */
-  attributes: Record<string, unknown>;
-  /** The list of attribute IDs */
-  attributeList: string[];
-}
+type Invoker = TailorPrincipal;
 /**
  * Raw platform-side invoker payload returned by `tailor.context.getInvoker()`.
  * The wrapper normalizes this into {@link Invoker}.
@@ -65,4 +44,4 @@ interface TailorContextAPI {
 declare function getInvoker(): Invoker | null;
 //#endregion
 export { getInvoker as a, context_d_exports as i, Invoker as n, TailorContextAPI as r, ContextInvoker as t };
-//# sourceMappingURL=context-CUBwSBq4.d.mts.map
+//# sourceMappingURL=context-C2lEi9uw.d.mts.map

package/dist/{crashreport-D1wKBJ8N.mjs → crashreport-BMWcxeSE.mjs}

@@ -1,4 +1,3 @@
-
-import { n as reportCrash, t as initCrashReporting } from "./crashreport-BhD0y14F.mjs";
+import { n as reportCrash, t as initCrashReporting } from "./crashreport-DFq-vsU0.mjs";
 
 export { reportCrash };