@terreno/api 0.11.7 → 0.11.8

package/dist/openApiValidator.d.ts

@@ -83,7 +83,7 @@ export interface OpenApiValidatorConfig {
  * Check whether `configureOpenApiValidator()` has been called.
  * Validation middleware is a no-op when this returns false.
  */
-export declare function isOpenApiValidatorConfigured(): boolean;
+export declare const isOpenApiValidatorConfigured: () => boolean;
 /**
  * Configure the global OpenAPI validator settings.
  * Calling this function activates validation — middleware that was previously
@@ -101,17 +101,17 @@ export declare function isOpenApiValidatorConfigured(): boolean;
  * });
  * ```
  */
-export declare function configureOpenApiValidator(config?: Partial<OpenApiValidatorConfig>): void;
+export declare const configureOpenApiValidator: (config?: Partial<OpenApiValidatorConfig>) => void;
 /**
  * Get the current global validator configuration.
  */
-export declare function getOpenApiValidatorConfig(): OpenApiValidatorConfig;
+export declare const getOpenApiValidatorConfig: () => OpenApiValidatorConfig;
 /**
  * Reset the global validator configuration to defaults.
  * Also resets `isConfigured` to false.
  * Useful for testing.
  */
-export declare function resetOpenApiValidatorConfig(): void;
+export declare const resetOpenApiValidatorConfig: () => void;
 /**
  * Options for the request body validator middleware.
  */
@@ -149,7 +149,7 @@ export interface RequestBodyValidatorOptions {
  * @param options - Optional configuration for this validator
  * @returns Express middleware function
  */
-export declare function validateRequestBody(schema: Record<string, OpenApiSchemaProperty>, options?: RequestBodyValidatorOptions): (req: Request, res: Response, next: NextFunction) => void;
+export declare const validateRequestBody: (schema: Record<string, OpenApiSchemaProperty>, options?: RequestBodyValidatorOptions) => ((req: Request, res: Response, next: NextFunction) => void);
 /**
  * Options for the query parameter validator middleware.
  */
@@ -170,7 +170,7 @@ export interface QueryValidatorOptions {
  * @param options - Optional configuration for this validator
  * @returns Express middleware function
  */
-export declare function validateQueryParams(schema: Record<string, OpenApiSchemaProperty>, options?: QueryValidatorOptions): (req: Request, res: Response, next: NextFunction) => void;
+export declare const validateQueryParams: (schema: Record<string, OpenApiSchemaProperty>, options?: QueryValidatorOptions) => ((req: Request, res: Response, next: NextFunction) => void);
 /**
  * Options for creating a combined validation middleware.
  */
@@ -205,7 +205,7 @@ export interface CreateValidatorOptions {
  * ], handler);
  * ```
  */
-export declare function createValidator(options: CreateValidatorOptions): (req: Request, res: Response, next: NextFunction) => void;
+export declare const createValidator: (options: CreateValidatorOptions) => ((req: Request, res: Response, next: NextFunction) => void);
 /**
  * Validates response data against a schema.
  * This is primarily for development/testing to ensure responses match documentation.
@@ -214,7 +214,7 @@ export declare function createValidator(options: CreateValidatorOptions): (req:
  * @param schema - The expected schema
  * @returns Object with valid flag and any errors
  */
-export declare function validateResponseData(data: unknown, schema: Record<string, OpenApiSchemaProperty>): {
+export declare const validateResponseData: (data: unknown, schema: Record<string, OpenApiSchemaProperty>) => {
     valid: boolean;
     errors?: ErrorObject[];
 };
@@ -226,7 +226,7 @@ export declare function validateResponseData(data: unknown, schema: Record<strin
  * @param model - A Mongoose model
  * @returns Schema properties suitable for validation
  */
-export declare function getSchemaFromModel<T>(model: Model<T>): Record<string, OpenApiSchemaProperty>;
+export declare const getSchemaFromModel: <T>(model: Model<T>) => Record<string, OpenApiSchemaProperty>;
 /**
  * Creates a request body validator middleware from a Mongoose model.
  * This is a convenience function that combines getSchemaFromModel and validateRequestBody.
@@ -235,7 +235,7 @@ export declare function getSchemaFromModel<T>(model: Model<T>): Record<string, O
  * @param options - Optional configuration for the validator
  * @returns Express middleware function
  */
-export declare function validateModelRequestBody<T>(model: Model<T>, options?: RequestBodyValidatorOptions): (req: Request, res: Response, next: NextFunction) => void;
+export declare const validateModelRequestBody: <T>(model: Model<T>, options?: RequestBodyValidatorOptions) => ((req: Request, res: Response, next: NextFunction) => void);
 /**
  * Options for creating validation middleware for a modelRouter.
  */
@@ -281,7 +281,7 @@ export interface ModelRouterValidationOptions {
  * @param options - Configuration options
  * @returns Object with create and update validation middleware
  */
-export declare function createModelValidators<T>(model: Model<T>, options?: ModelRouterValidationOptions): {
+export declare const createModelValidators: <T>(model: Model<T>, options?: ModelRouterValidationOptions) => {
     create: (req: Request, res: Response, next: NextFunction) => void;
     update: (req: Request, res: Response, next: NextFunction) => void;
 };
@@ -293,4 +293,4 @@ export declare function createModelValidators<T>(model: Model<T>, options?: Mode
  * @param queryFields - Array of field names allowed for querying
  * @returns Schema properties suitable for query validation
  */
-export declare function buildQuerySchemaFromFields<T>(model: Model<T>, queryFields?: string[]): Record<string, OpenApiSchemaProperty>;
+export declare const buildQuerySchemaFromFields: <T>(model: Model<T>, queryFields?: string[]) => Record<string, OpenApiSchemaProperty>;

package/dist/openApiValidator.js

@@ -96,18 +96,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isOpenApiValidatorConfigured = isOpenApiValidatorConfigured;
-exports.configureOpenApiValidator = configureOpenApiValidator;
-exports.getOpenApiValidatorConfig = getOpenApiValidatorConfig;
-exports.resetOpenApiValidatorConfig = resetOpenApiValidatorConfig;
-exports.validateRequestBody = validateRequestBody;
-exports.validateQueryParams = validateQueryParams;
-exports.createValidator = createValidator;
-exports.validateResponseData = validateResponseData;
-exports.getSchemaFromModel = getSchemaFromModel;
-exports.validateModelRequestBody = validateModelRequestBody;
-exports.createModelValidators = createModelValidators;
-exports.buildQuerySchemaFromFields = buildQuerySchemaFromFields;
+exports.buildQuerySchemaFromFields = exports.createModelValidators = exports.validateModelRequestBody = exports.getSchemaFromModel = exports.validateResponseData = exports.createValidator = exports.validateQueryParams = exports.validateRequestBody = exports.resetOpenApiValidatorConfig = exports.getOpenApiValidatorConfig = exports.configureOpenApiValidator = exports.isOpenApiValidatorConfigured = void 0;
 var ajv_1 = __importDefault(require("ajv"));
 var ajv_formats_1 = __importDefault(require("ajv-formats"));
 var mongoose_to_swagger_1 = __importDefault(require("mongoose-to-swagger"));
@@ -128,9 +117,10 @@ var globalConfig = {
  * Check whether `configureOpenApiValidator()` has been called.
  * Validation middleware is a no-op when this returns false.
  */
-function isOpenApiValidatorConfigured() {
+var isOpenApiValidatorConfigured = function () {
     return isConfigured;
-}
+};
+exports.isOpenApiValidatorConfigured = isOpenApiValidatorConfigured;
 /**
  * Configure the global OpenAPI validator settings.
  * Calling this function activates validation — middleware that was previously
@@ -148,7 +138,7 @@ function isOpenApiValidatorConfigured() {
  * });
  * ```
  */
-function configureOpenApiValidator(config) {
+var configureOpenApiValidator = function (config) {
     if (config === void 0) { config = {}; }
     isConfigured = true;
     globalConfig = __assign(__assign({}, globalConfig), config);
@@ -156,19 +146,21 @@ function configureOpenApiValidator(config) {
     ajvCache.clear();
     validatorCache.clear();
     logger_1.logger.debug("OpenAPI validator configured: ".concat(JSON.stringify(globalConfig)));
-}
+};
+exports.configureOpenApiValidator = configureOpenApiValidator;
 /**
  * Get the current global validator configuration.
  */
-function getOpenApiValidatorConfig() {
+var getOpenApiValidatorConfig = function () {
     return __assign({}, globalConfig);
-}
+};
+exports.getOpenApiValidatorConfig = getOpenApiValidatorConfig;
 /**
  * Reset the global validator configuration to defaults.
  * Also resets `isConfigured` to false.
  * Useful for testing.
  */
-function resetOpenApiValidatorConfig() {
+var resetOpenApiValidatorConfig = function () {
     isConfigured = false;
     globalConfig = {
         coerceTypes: true,
@@ -179,13 +171,14 @@ function resetOpenApiValidatorConfig() {
     };
     ajvCache.clear();
     validatorCache.clear();
-}
+};
+exports.resetOpenApiValidatorConfig = resetOpenApiValidatorConfig;
 // Lazy AJV instance cache keyed by coerceTypes + removeAdditional
 var ajvCache = new Map();
 /**
  * Get or create an AJV instance with the current config settings.
  */
-function getAjvInstance() {
+var getAjvInstance = function () {
     var _a, _b, _c, _d;
     var key = "coerce:".concat((_a = globalConfig.coerceTypes) !== null && _a !== void 0 ? _a : true, ",remove:").concat((_b = globalConfig.removeAdditional) !== null && _b !== void 0 ? _b : true);
     var instance = ajvCache.get(key);
@@ -202,15 +195,15 @@ function getAjvInstance() {
         ajvCache.set(key, instance);
     }
     return instance;
-}
+};
 // Cache compiled validators by schema hash + config key
 var validatorCache = new Map();
 /**
  * Generate a simple hash for a schema to use as a cache key.
  */
-function hashSchema(schema) {
+var hashSchema = function (schema) {
     return JSON.stringify(schema);
-}
+};
 var VALID_JSON_SCHEMA_TYPES = new Set([
     "string",
     "number",
@@ -229,7 +222,7 @@ var MONGOOSE_TYPE_MAP = {
  * Recursively replace non-standard mongoose-to-swagger types with valid JSON Schema types
  * so AJV can compile the schema.
  */
-function sanitizeSchemaForAjv(schema) {
+var sanitizeSchemaForAjv = function (schema) {
     var e_1, _a;
     if (!schema || typeof schema !== "object") {
         return schema;
@@ -274,14 +267,14 @@ function sanitizeSchemaForAjv(schema) {
         result.additionalProperties = sanitizeSchemaForAjv(result.additionalProperties);
     }
     return result;
-}
+};
 /**
  * Get or create a compiled validator for a schema.
  * Uses the current config so changes take effect on next call.
  * Sanitizes non-standard mongoose-to-swagger types before compilation.
  * Returns null if the schema still cannot be compiled after sanitization.
  */
-function getValidator(schema) {
+var getValidator = function (schema) {
     var _a, _b;
     var ajv = getAjvInstance();
     var configKey = "coerce:".concat((_a = globalConfig.coerceTypes) !== null && _a !== void 0 ? _a : true, ",remove:").concat((_b = globalConfig.removeAdditional) !== null && _b !== void 0 ? _b : true);
@@ -301,11 +294,11 @@ function getValidator(schema) {
         validatorCache.set(hash, null);
         return null;
     }
-}
+};
 /**
  * Format AJV errors into a human-readable string.
  */
-function formatValidationErrors(errors) {
+var formatValidationErrors = function (errors) {
     return errors
         .map(function (err) {
         var path = err.instancePath || "/";
@@ -313,13 +306,13 @@ function formatValidationErrors(errors) {
         return "".concat(path, ": ").concat(message);
     })
         .join("; ");
-}
+};
 /**
  * Convert OpenApiSchemaProperty to a full OpenApiSchema suitable for AJV.
  * Strips `required` from individual properties (OpenAPI-style) and moves it
  * to the schema-level `required` array (JSON Schema-style) for AJV compatibility.
  */
-function propertiesToSchema(properties, requiredFields) {
+var propertiesToSchema = function (properties, requiredFields) {
     var e_2, _a;
     // Extract required fields from properties that have required: true
     var autoRequired = Object.entries(properties)
@@ -359,7 +352,7 @@ function propertiesToSchema(properties, requiredFields) {
         schema.additionalProperties = false;
     }
     return schema;
-}
+};
 /**
  * Creates middleware that validates the request body against an OpenAPI schema.
  *
@@ -370,7 +363,7 @@ function propertiesToSchema(properties, requiredFields) {
  * @param options - Optional configuration for this validator
  * @returns Express middleware function
  */
-function validateRequestBody(schema, options) {
+var validateRequestBody = function (schema, options) {
     var fullSchema = propertiesToSchema(schema, options === null || options === void 0 ? void 0 : options.required);
     return function (req, _res, next) {
         var _a, _b, _c;
@@ -447,7 +440,8 @@ function validateRequestBody(schema, options) {
         }
         next();
     };
-}
+};
+exports.validateRequestBody = validateRequestBody;
 /**
  * Creates middleware that validates query parameters against an OpenAPI schema.
  *
@@ -455,7 +449,7 @@ function validateRequestBody(schema, options) {
  * @param options - Optional configuration for this validator
  * @returns Express middleware function
  */
-function validateQueryParams(schema, options) {
+var validateQueryParams = function (schema, options) {
     var fullSchema = propertiesToSchema(schema);
     return function (req, _res, next) {
         var _a, _b, _c, _d;
@@ -513,7 +507,8 @@ function validateQueryParams(schema, options) {
         }
         next();
     };
-}
+};
+exports.validateQueryParams = validateQueryParams;
 /**
  * Creates a combined validation middleware for both body and query parameters.
  *
@@ -531,12 +526,12 @@ function validateQueryParams(schema, options) {
  * ], handler);
  * ```
  */
-function createValidator(options) {
+var createValidator = function (options) {
     var bodyValidator = options.body
-        ? validateRequestBody(options.body, { enabled: options.enabled })
+        ? (0, exports.validateRequestBody)(options.body, { enabled: options.enabled })
         : null;
     var queryValidator = options.query
-        ? validateQueryParams(options.query, { enabled: options.enabled })
+        ? (0, exports.validateQueryParams)(options.query, { enabled: options.enabled })
         : null;
     return function (req, res, next) {
         // Run body validation first
@@ -562,7 +557,8 @@ function createValidator(options) {
             next();
         }
     };
-}
+};
+exports.createValidator = createValidator;
 /**
  * Validates response data against a schema.
  * This is primarily for development/testing to ensure responses match documentation.
@@ -571,7 +567,7 @@ function createValidator(options) {
  * @param schema - The expected schema
  * @returns Object with valid flag and any errors
  */
-function validateResponseData(data, schema) {
+var validateResponseData = function (data, schema) {
     if (!globalConfig.validateResponses) {
         return { valid: true };
     }
@@ -588,7 +584,8 @@ function validateResponseData(data, schema) {
         return { errors: validator.errors, valid: false };
     }
     return { valid: true };
-}
+};
+exports.validateResponseData = validateResponseData;
 var m2sOptions = {
     props: ["readOnly", "required", "enum", "default"],
 };
@@ -600,19 +597,20 @@ var m2sOptions = {
  * @param model - A Mongoose model
  * @returns Schema properties suitable for validation
  */
-function getSchemaFromModel(model) {
+var getSchemaFromModel = function (model) {
     var modelSwagger = (0, mongoose_to_swagger_1.default)(model, m2sOptions);
     (0, populate_1.fixMixedFields)(model.schema, modelSwagger.properties);
     return modelSwagger.properties;
-}
+};
+exports.getSchemaFromModel = getSchemaFromModel;
 /**
  * Extract required field names from a Mongoose model's swagger schema.
  */
-function getRequiredFieldsFromModel(model) {
+var getRequiredFieldsFromModel = function (model) {
     var _a;
     var modelSwagger = (0, mongoose_to_swagger_1.default)(model, m2sOptions);
     return (_a = modelSwagger.required) !== null && _a !== void 0 ? _a : [];
-}
+};
 /**
  * Creates a request body validator middleware from a Mongoose model.
  * This is a convenience function that combines getSchemaFromModel and validateRequestBody.
@@ -621,9 +619,9 @@ function getRequiredFieldsFromModel(model) {
  * @param options - Optional configuration for the validator
  * @returns Express middleware function
  */
-function validateModelRequestBody(model, options) {
+var validateModelRequestBody = function (model, options) {
     var _a, _b;
-    var schema = getSchemaFromModel(model);
+    var schema = (0, exports.getSchemaFromModel)(model);
     var requiredFields = getRequiredFieldsFromModel(model);
     if ((_a = options === null || options === void 0 ? void 0 : options.excludeFields) === null || _a === void 0 ? void 0 : _a.length) {
         var excluded_1 = new Set(options.excludeFields);
@@ -633,8 +631,9 @@ function validateModelRequestBody(model, options) {
         }));
         requiredFields = requiredFields.filter(function (f) { return !excluded_1.has(f); });
     }
-    return validateRequestBody(schema, __assign(__assign({}, options), { required: __spreadArray(__spreadArray([], __read(((_b = options === null || options === void 0 ? void 0 : options.required) !== null && _b !== void 0 ? _b : [])), false), __read(requiredFields), false) }));
-}
+    return (0, exports.validateRequestBody)(schema, __assign(__assign({}, options), { required: __spreadArray(__spreadArray([], __read(((_b = options === null || options === void 0 ? void 0 : options.required) !== null && _b !== void 0 ? _b : [])), false), __read(requiredFields), false) }));
+};
+exports.validateModelRequestBody = validateModelRequestBody;
 /**
  * Creates validation middleware for use with modelRouter.
  * Returns an object with middleware for each operation type.
@@ -643,21 +642,22 @@ function validateModelRequestBody(model, options) {
  * @param options - Configuration options
  * @returns Object with create and update validation middleware
  */
-function createModelValidators(model, options) {
-    var schema = getSchemaFromModel(model);
+var createModelValidators = function (model, options) {
+    var schema = (0, exports.getSchemaFromModel)(model);
     return {
-        create: validateRequestBody(schema, {
+        create: (0, exports.validateRequestBody)(schema, {
             enabled: options === null || options === void 0 ? void 0 : options.validateCreate,
             onAdditionalPropertiesRemoved: options === null || options === void 0 ? void 0 : options.onAdditionalPropertiesRemoved,
             onError: options === null || options === void 0 ? void 0 : options.onError,
         }),
-        update: validateRequestBody(schema, {
+        update: (0, exports.validateRequestBody)(schema, {
             enabled: options === null || options === void 0 ? void 0 : options.validateUpdate,
             onAdditionalPropertiesRemoved: options === null || options === void 0 ? void 0 : options.onAdditionalPropertiesRemoved,
             onError: options === null || options === void 0 ? void 0 : options.onError,
         }),
     };
-}
+};
+exports.createModelValidators = createModelValidators;
 /**
  * Build a query parameter schema from a model's Mongoose schema and queryFields array.
  * Always includes pagination parameters (limit, page, sort).
@@ -666,10 +666,10 @@ function createModelValidators(model, options) {
  * @param queryFields - Array of field names allowed for querying
  * @returns Schema properties suitable for query validation
  */
-function buildQuerySchemaFromFields(model, queryFields) {
+var buildQuerySchemaFromFields = function (model, queryFields) {
     var e_3, _a;
     if (queryFields === void 0) { queryFields = []; }
-    var modelSchema = getSchemaFromModel(model);
+    var modelSchema = (0, exports.getSchemaFromModel)(model);
     var querySchema = {
         limit: { type: "number" },
         page: { type: "number" },
@@ -697,4 +697,5 @@ function buildQuerySchemaFromFields(model, queryFields) {
         finally { if (e_3) throw e_3.error; }
     }
     return querySchema;
-}
+};
+exports.buildQuerySchemaFromFields = buildQuerySchemaFromFields;

package/dist/plugins.test.js

@@ -74,6 +74,28 @@ stuffSchema.plugin(plugins_1.findExactlyOne);
 stuffSchema.plugin(plugins_1.upsertPlugin);
 stuffSchema.plugin(plugins_1.createdUpdatedPlugin);
 var StuffModel = (0, mongoose_1.model)("Stuff", stuffSchema);
+(0, bun_test_1.describe)("baseUserPlugin", function () {
+    (0, bun_test_1.it)("adds admin and email fields to the schema", function () {
+        var testSchema = new mongoose_1.Schema({});
+        // biome-ignore lint/suspicious/noExplicitAny: test schema
+        (0, plugins_1.baseUserPlugin)(testSchema);
+        var adminPath = testSchema.path("admin");
+        (0, bun_test_1.expect)(adminPath).toBeDefined();
+        (0, bun_test_1.expect)(adminPath.options.default).toBe(false);
+        var emailPath = testSchema.path("email");
+        (0, bun_test_1.expect)(emailPath).toBeDefined();
+        (0, bun_test_1.expect)(emailPath.options.index).toBe(true);
+    });
+});
+(0, bun_test_1.describe)("firebaseJWTPlugin", function () {
+    (0, bun_test_1.it)("adds firebaseId field to the schema", function () {
+        var testSchema = new mongoose_1.Schema({});
+        (0, plugins_1.firebaseJWTPlugin)(testSchema);
+        var firebaseIdPath = testSchema.path("firebaseId");
+        (0, bun_test_1.expect)(firebaseIdPath).toBeDefined();
+        (0, bun_test_1.expect)(firebaseIdPath.options.index).toBe(true);
+    });
+});
 (0, bun_test_1.describe)("createdUpdate", function () {
     (0, bun_test_1.it)("sets created and updated on save", function () { return __awaiter(void 0, void 0, void 0, function () {
         var stuff;

package/dist/scriptRunner.d.ts

@@ -25,11 +25,11 @@ interface BackgroundTaskLog {
     level: "info" | "warn" | "error";
     message: string;
 }
-export type BackgroundTaskMethods = {
+export interface BackgroundTaskMethods {
     addLog: (this: BackgroundTaskDocument, level: "info" | "warn" | "error", message: string) => Promise<void>;
     updateProgress: (this: BackgroundTaskDocument, percentage: number, stage?: string, message?: string) => Promise<void>;
-};
-export type BackgroundTaskDocument = Document & BackgroundTaskMethods & {
+}
+export interface BackgroundTaskDocument extends Document, BackgroundTaskMethods {
     taskType: string;
     status: "pending" | "running" | "completed" | "failed" | "cancelled";
     progress?: BackgroundTaskProgress;
@@ -43,10 +43,11 @@ export type BackgroundTaskDocument = Document & BackgroundTaskMethods & {
     created: Date;
     updated: Date;
     deleted: boolean;
-};
-export type BackgroundTaskStatics = {
+}
+export interface BackgroundTaskStatics {
     checkCancellation: (taskId: string) => Promise<void>;
-};
-export type BackgroundTaskModel = Model<BackgroundTaskDocument, Record<string, never>, BackgroundTaskMethods> & BackgroundTaskStatics;
+}
+export interface BackgroundTaskModel extends Model<BackgroundTaskDocument, Record<string, never>, BackgroundTaskMethods>, BackgroundTaskStatics {
+}
 export declare const BackgroundTask: BackgroundTaskModel;
 export {};

package/dist/secretProviders.js

@@ -86,6 +86,7 @@ var __read = (this && this.__read) || function (o, n) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GcpSecretProvider = exports.EnvSecretProvider = void 0;
+var errors_1 = require("./errors");
 var logger_1 = require("./logger");
 /**
  * Secret provider that reads secrets from environment variables.
@@ -143,12 +144,13 @@ var GcpSecretProvider = /** @class */ (function () {
     }
     GcpSecretProvider.prototype.getClient = function () {
         return __awaiter(this, void 0, void 0, function () {
-            var moduleName, mod, SecretManagerServiceClient, _a;
+            var mod, moduleName, _a, SecretManagerServiceClient;
             var _b, _c;
             return __generator(this, function (_d) {
                 switch (_d.label) {
                     case 0:
-                        if (!!this.client) return [3 /*break*/, 4];
+                        if (!!this.client) return [3 /*break*/, 5];
+                        mod = void 0;
                         _d.label = 1;
                     case 1:
                         _d.trys.push([1, 3, , 4]);
@@ -156,13 +158,21 @@ var GcpSecretProvider = /** @class */ (function () {
                         return [4 /*yield*/, Promise.resolve("".concat(/* webpackIgnore: true */ moduleName)).then(function (s) { return __importStar(require(s)); })];
                     case 2:
                         mod = _d.sent();
-                        SecretManagerServiceClient = (_b = mod.SecretManagerServiceClient) !== null && _b !== void 0 ? _b : (_c = mod.default) === null || _c === void 0 ? void 0 : _c.SecretManagerServiceClient;
-                        this.client = new SecretManagerServiceClient();
                         return [3 /*break*/, 4];
                     case 3:
                         _a = _d.sent();
-                        throw new Error("GcpSecretProvider requires @google-cloud/secret-manager. Install it with: bun add @google-cloud/secret-manager");
-                    case 4: return [2 /*return*/, this.client];
+                        throw new errors_1.APIError({
+                            status: 500,
+                            title: "GcpSecretProvider requires @google-cloud/secret-manager. Install it with: bun add @google-cloud/secret-manager",
+                        });
+                    case 4:
+                        SecretManagerServiceClient = (_b = mod.SecretManagerServiceClient) !== null && _b !== void 0 ? _b : (_c = mod.default) === null || _c === void 0 ? void 0 : _c.SecretManagerServiceClient;
+                        if (!SecretManagerServiceClient) {
+                            throw new Error("SecretManagerServiceClient not found in @google-cloud/secret-manager module");
+                        }
+                        this.client = new SecretManagerServiceClient();
+                        _d.label = 5;
+                    case 5: return [2 /*return*/, this.client];
                 }
             });
         });
@@ -198,7 +208,7 @@ var GcpSecretProvider = /** @class */ (function () {
                         return [2 /*return*/, typeof payload === "string" ? payload : new TextDecoder().decode(payload)];
                     case 4:
                         error_1 = _c.sent();
-                        if ((error_1 === null || error_1 === void 0 ? void 0 : error_1.code) === 5) {
+                        if (error_1 instanceof Error && "code" in error_1 && error_1.code === 5) {
                             // NOT_FOUND
                             logger_1.logger.warn("GcpSecretProvider: secret ".concat(secretName, " not found"));
                             return [2 /*return*/, null];

package/package.json

@@ -104,5 +104,5 @@
     "updateSnapshot": "bun test --update-snapshots"
   },
   "types": "dist/index.d.ts",
-  "version": "0.11.7"
+  "version": "0.11.8"
 }

package/src/configurationPlugin.ts

@@ -2,6 +2,7 @@ import type {Document, Model, Schema} from "mongoose";
 
 import {APIError} from "./errors";
 import {logger} from "./logger";
+import {type FindOneOrNonePlugin, findOneOrNone} from "./plugins";
 
 /**
  * Metadata for a secret field discovered by the configuration plugin.
@@ -100,7 +101,7 @@ export interface ConfigurationStatics<T extends object> {
  * const full = await AppConfig.getConfig(); // typed as AppConfigDocument
  * ```
  */
-export type ConfigurationModel<T extends object> = Model<T> & ConfigurationStatics<T>;
+export interface ConfigurationModel<T extends object> extends Model<T>, ConfigurationStatics<T> {}
 
 // ---------------------------------------------------------------------------
 // Plugin
@@ -132,6 +133,9 @@ export type ConfigurationModel<T extends object> = Model<T> & ConfigurationStati
 export const configurationPlugin = (schema: Schema, options?: ConfigurationPluginOptions): void => {
   const pluginOptions = options ?? {};
 
+  // Apply findOneOrNone so the singleton lookup avoids bare Model.findOne (idempotent).
+  findOneOrNone(schema);
+
   // Add a sentinel field with a unique index to enforce singleton at the DB level.
   // All config documents get _singleton: "config", and the unique index prevents duplicates.
   schema.add({
@@ -142,8 +146,8 @@ export const configurationPlugin = (schema: Schema, options?: ConfigurationPlugi
   // Enforce singleton: only one document allowed (application-level guard)
   schema.pre("save", async function () {
     if (this.isNew) {
-      // Intentional unfiltered findOne — checking if any singleton document exists
-      const existing = await (this.constructor as Model<unknown>).findOne({});
+      // Cheap existence check — no document needs to be returned.
+      const existing = await (this.constructor as Model<unknown>).exists({});
       if (existing) {
         throw new APIError({
           status: 409,
@@ -173,18 +177,23 @@ export const configurationPlugin = (schema: Schema, options?: ConfigurationPlugi
 
   // Static: get the singleton configuration document or a value at a path (race-safe via upsert)
   schema.statics.getConfig = async function (key?: string): Promise<unknown> {
-    let config = await this.findOne({});
+    const findSingleton = (): Promise<Document | null> =>
+      (this as unknown as FindOneOrNonePlugin<unknown>).findOneOrNone(
+        {}
+      ) as Promise<Document | null>;
+    let config: Document | null = await findSingleton();
     if (!config) {
       try {
         // Use `new` + `save` instead of `create({})` so Mongoose initializes
         // nested subdocument defaults (create({}) skips them).
-        config = new this();
-        await config.save();
+        const created = new this();
+        await created.save();
+        config = created;
       } catch (err: unknown) {
-        // If another process created the document between findOne and create,
+        // If another process created the document between the lookup and create,
         // the pre-save hook will throw a 409. Just fetch the existing one.
         if ((err as {status?: number})?.status === 409) {
-          config = await this.findOne({});
+          config = await findSingleton();
         } else {
           throw err;
         }
@@ -197,7 +206,7 @@ export const configurationPlugin = (schema: Schema, options?: ConfigurationPlugi
 
     // Resolve dot-notation key into the document
     const parts = key.split(".");
-    let value: unknown = config.toObject();
+    let value: unknown = config?.toObject();
     for (const part of parts) {
       if (value == null || typeof value !== "object") {
         return undefined;