@typicalday/firegraph 0.1.0 → 0.3.0

package/dist/editor/server/index.mjs

@@ -29331,6 +29331,16 @@ import { createHash } from "node:crypto";
 
 // src/internal/constants.ts
 var NODE_RELATION = "is";
+var DEFAULT_QUERY_LIMIT = 500;
+var BUILTIN_FIELDS = /* @__PURE__ */ new Set([
+  "aType",
+  "aUid",
+  "axbType",
+  "bType",
+  "bUid",
+  "createdAt",
+  "updatedAt"
+]);
 var SHARD_SEPARATOR = ":";
 
 // src/docid.ts
@@ -29409,6 +29419,21 @@ var DynamicRegistryError = class extends FiregraphError {
     this.name = "DynamicRegistryError";
   }
 };
+var QuerySafetyError = class extends FiregraphError {
+  constructor(message) {
+    super(message, "QUERY_SAFETY");
+    this.name = "QuerySafetyError";
+  }
+};
+var RegistryScopeError = class extends FiregraphError {
+  constructor(aType, axbType, bType, scopePath, allowedIn) {
+    super(
+      `Type (${aType}) -[${axbType}]-> (${bType}) is not allowed at scope "${scopePath || "root"}". Allowed in: [${allowedIn.join(", ")}]`,
+      "REGISTRY_SCOPE"
+    );
+    this.name = "RegistryScopeError";
+  }
+};
 
 // src/query.ts
 function buildEdgeQueryPlan(params) {
@@ -29422,27 +29447,32 @@ function buildEdgeQueryPlan(params) {
   if (axbType) filters.push({ field: "axbType", op: "==", value: axbType });
   if (bType) filters.push({ field: "bType", op: "==", value: bType });
   if (bUid) filters.push({ field: "bUid", op: "==", value: bUid });
-  const builtinFields = ["aType", "aUid", "axbType", "bType", "bUid", "createdAt", "updatedAt"];
   if (params.where) {
     for (const clause of params.where) {
-      const field = builtinFields.includes(clause.field) ? clause.field : clause.field.startsWith("data.") ? clause.field : `data.${clause.field}`;
+      const field = BUILTIN_FIELDS.has(clause.field) ? clause.field : clause.field.startsWith("data.") ? clause.field : `data.${clause.field}`;
       filters.push({ field, op: clause.op, value: clause.value });
     }
   }
   if (filters.length === 0) {
     throw new InvalidQueryError("findEdges requires at least one filter parameter");
   }
-  const options = limit !== void 0 || orderBy ? { limit, orderBy } : void 0;
-  return { strategy: "query", filters, options };
+  const effectiveLimit = limit === void 0 ? DEFAULT_QUERY_LIMIT : limit || void 0;
+  return { strategy: "query", filters, options: { limit: effectiveLimit, orderBy } };
 }
 function buildNodeQueryPlan(params) {
-  return {
-    strategy: "query",
-    filters: [
-      { field: "aType", op: "==", value: params.aType },
-      { field: "axbType", op: "==", value: NODE_RELATION }
-    ]
-  };
+  const { aType, limit, orderBy } = params;
+  const filters = [
+    { field: "aType", op: "==", value: aType },
+    { field: "axbType", op: "==", value: NODE_RELATION }
+  ];
+  if (params.where) {
+    for (const clause of params.where) {
+      const field = BUILTIN_FIELDS.has(clause.field) ? clause.field : clause.field.startsWith("data.") ? clause.field : `data.${clause.field}`;
+      filters.push({ field, op: clause.op, value: clause.value });
+    }
+  }
+  const effectiveLimit = limit === void 0 ? DEFAULT_QUERY_LIMIT : limit || void 0;
+  return { strategy: "query", filters, options: { limit: effectiveLimit, orderBy } };
 }
 
 // src/internal/firestore-adapter.ts
@@ -29595,10 +29625,62 @@ function createPipelineQueryAdapter(db2, collectionPath) {
 
 // src/transaction.ts
 import { FieldValue as FieldValue2 } from "@google-cloud/firestore";
+
+// src/query-safety.ts
+var SAFE_INDEX_PATTERNS = [
+  /* @__PURE__ */ new Set(["aUid", "axbType"]),
+  /* @__PURE__ */ new Set(["axbType", "bUid"]),
+  /* @__PURE__ */ new Set(["aType", "axbType"]),
+  /* @__PURE__ */ new Set(["axbType", "bType"])
+];
+function analyzeQuerySafety(filters) {
+  const builtinFieldsPresent = /* @__PURE__ */ new Set();
+  let hasDataFilters = false;
+  for (const f of filters) {
+    if (BUILTIN_FIELDS.has(f.field)) {
+      builtinFieldsPresent.add(f.field);
+    } else {
+      hasDataFilters = true;
+    }
+  }
+  for (const pattern of SAFE_INDEX_PATTERNS) {
+    let matched = true;
+    for (const field of pattern) {
+      if (!builtinFieldsPresent.has(field)) {
+        matched = false;
+        break;
+      }
+    }
+    if (matched) {
+      return { safe: true };
+    }
+  }
+  const presentFields = [...builtinFieldsPresent];
+  if (presentFields.length === 0 && hasDataFilters) {
+    return {
+      safe: false,
+      reason: "Query filters only use data.* fields with no builtin field constraints. This requires a full collection scan. Add aType, aUid, axbType, bType, or bUid filters, or set allowCollectionScan: true."
+    };
+  }
+  if (hasDataFilters) {
+    return {
+      safe: false,
+      reason: `Query filters on [${presentFields.join(", ")}] do not match any indexed pattern. data.* filters without an indexed base require a full collection scan. Safe patterns: (aUid + axbType), (axbType + bUid), (aType + axbType), (axbType + bType). Set allowCollectionScan: true to override.`
+    };
+  }
+  return {
+    safe: false,
+    reason: `Query filters on [${presentFields.join(", ")}] do not match any indexed pattern. This may cause a full collection scan on Firestore Enterprise. Safe patterns: (aUid + axbType), (axbType + bUid), (aType + axbType), (axbType + bType). Set allowCollectionScan: true to override.`
+  };
+}
+
+// src/transaction.ts
 var GraphTransactionImpl = class {
-  constructor(adapter, registry2) {
+  constructor(adapter, registry2, scanProtection = "error", scopePath = "") {
     this.adapter = adapter;
     this.registry = registry2;
+    this.scanProtection = scanProtection;
+    this.scopePath = scopePath;
   }
   async getNode(uid) {
     const docId = computeNodeDocId(uid);
@@ -29612,12 +29694,22 @@ var GraphTransactionImpl = class {
     const record2 = await this.getEdge(aUid, axbType, bUid);
     return record2 !== null;
   }
+  checkQuerySafety(filters, allowCollectionScan) {
+    if (allowCollectionScan || this.scanProtection === "off") return;
+    const result = analyzeQuerySafety(filters);
+    if (result.safe) return;
+    if (this.scanProtection === "error") {
+      throw new QuerySafetyError(result.reason);
+    }
+    console.warn(`[firegraph] Query safety warning: ${result.reason}`);
+  }
   async findEdges(params) {
     const plan = buildEdgeQueryPlan(params);
     if (plan.strategy === "get") {
       const record2 = await this.adapter.getDoc(plan.docId);
       return record2 ? [record2] : [];
     }
+    this.checkQuerySafety(plan.filters, params.allowCollectionScan);
     return this.adapter.query(plan.filters, plan.options);
   }
   async findNodes(params) {
@@ -29626,11 +29718,12 @@ var GraphTransactionImpl = class {
       const record2 = await this.adapter.getDoc(plan.docId);
       return record2 ? [record2] : [];
     }
+    this.checkQuerySafety(plan.filters, params.allowCollectionScan);
     return this.adapter.query(plan.filters, plan.options);
   }
   async putNode(aType, uid, data) {
     if (this.registry) {
-      this.registry.validate(aType, NODE_RELATION, aType, data);
+      this.registry.validate(aType, NODE_RELATION, aType, data, this.scopePath);
     }
     const docId = computeNodeDocId(uid);
     const record2 = buildNodeRecord(aType, uid, data);
@@ -29638,7 +29731,7 @@ var GraphTransactionImpl = class {
   }
   async putEdge(aType, aUid, axbType, bType, bUid, data) {
     if (this.registry) {
-      this.registry.validate(aType, axbType, bType, data);
+      this.registry.validate(aType, axbType, bType, data, this.scopePath);
     }
     const docId = computeEdgeDocId(aUid, axbType, bUid);
     const record2 = buildEdgeRecord(aType, aUid, axbType, bType, bUid, data);
@@ -29664,13 +29757,14 @@ var GraphTransactionImpl = class {
 // src/batch.ts
 import { FieldValue as FieldValue3 } from "@google-cloud/firestore";
 var GraphBatchImpl = class {
-  constructor(adapter, registry2) {
+  constructor(adapter, registry2, scopePath = "") {
     this.adapter = adapter;
     this.registry = registry2;
+    this.scopePath = scopePath;
   }
   async putNode(aType, uid, data) {
     if (this.registry) {
-      this.registry.validate(aType, NODE_RELATION, aType, data);
+      this.registry.validate(aType, NODE_RELATION, aType, data, this.scopePath);
     }
     const docId = computeNodeDocId(uid);
     const record2 = buildNodeRecord(aType, uid, data);
@@ -29678,7 +29772,7 @@ var GraphBatchImpl = class {
   }
   async putEdge(aType, aUid, axbType, bType, bUid, data) {
     if (this.registry) {
-      this.registry.validate(aType, axbType, bType, data);
+      this.registry.validate(aType, axbType, bType, data, this.scopePath);
     }
     const docId = computeEdgeDocId(aUid, axbType, bUid);
     const record2 = buildEdgeRecord(aType, aUid, axbType, bType, bUid, data);
@@ -29770,14 +29864,39 @@ async function bulkDeleteDocIds(db2, collectionPath, docIds, options) {
   return { deleted, batches: completedBatches, errors };
 }
 async function bulkRemoveEdges(db2, collectionPath, reader, params, options) {
-  const edges = await reader.findEdges(params);
+  const effectiveParams = params.limit !== void 0 ? { ...params, allowCollectionScan: params.allowCollectionScan ?? true } : { ...params, limit: 0, allowCollectionScan: params.allowCollectionScan ?? true };
+  const edges = await reader.findEdges(effectiveParams);
   const docIds = edges.map((e) => computeEdgeDocId(e.aUid, e.axbType, e.bUid));
   return bulkDeleteDocIds(db2, collectionPath, docIds, options);
 }
+async function deleteSubcollectionsRecursive(db2, collectionPath, docId, options) {
+  const docRef = db2.collection(collectionPath).doc(docId);
+  const subcollections = await docRef.listCollections();
+  if (subcollections.length === 0) return { deleted: 0, errors: [] };
+  let totalDeleted = 0;
+  const allErrors = [];
+  const subOptions = options ? { batchSize: options.batchSize, maxRetries: options.maxRetries } : void 0;
+  for (const subCollRef of subcollections) {
+    const subCollPath = subCollRef.path;
+    const snapshot = await subCollRef.select().get();
+    const subDocIds = snapshot.docs.map((d) => d.id);
+    for (const subDocId of subDocIds) {
+      const subResult = await deleteSubcollectionsRecursive(db2, subCollPath, subDocId, subOptions);
+      totalDeleted += subResult.deleted;
+      allErrors.push(...subResult.errors);
+    }
+    if (subDocIds.length > 0) {
+      const result = await bulkDeleteDocIds(db2, subCollPath, subDocIds, subOptions);
+      totalDeleted += result.deleted;
+      allErrors.push(...result.errors);
+    }
+  }
+  return { deleted: totalDeleted, errors: allErrors };
+}
 async function removeNodeCascade(db2, collectionPath, reader, uid, options) {
   const [outgoingRaw, incomingRaw] = await Promise.all([
-    reader.findEdges({ aUid: uid }),
-    reader.findEdges({ bUid: uid })
+    reader.findEdges({ aUid: uid, allowCollectionScan: true, limit: 0 }),
+    reader.findEdges({ bUid: uid, allowCollectionScan: true, limit: 0 })
   ]);
   const outgoing = outgoingRaw.filter((e) => e.axbType !== NODE_RELATION);
   const incoming = incomingRaw.filter((e) => e.axbType !== NODE_RELATION);
@@ -29790,8 +29909,18 @@ async function removeNodeCascade(db2, collectionPath, reader, uid, options) {
       allEdges.push(edge);
     }
   }
-  const edgeDocIds = allEdges.map((e) => computeEdgeDocId(e.aUid, e.axbType, e.bUid));
+  const shouldDeleteSubcollections = options?.deleteSubcollections !== false;
   const nodeDocId = computeNodeDocId(uid);
+  let subcollectionResult = { deleted: 0, errors: [] };
+  if (shouldDeleteSubcollections) {
+    subcollectionResult = await deleteSubcollectionsRecursive(
+      db2,
+      collectionPath,
+      nodeDocId,
+      options
+    );
+  }
+  const edgeDocIds = allEdges.map((e) => computeEdgeDocId(e.aUid, e.axbType, e.bUid));
   const allDocIds = [...edgeDocIds, nodeDocId];
   const batchSize = Math.min(options?.batchSize ?? MAX_BATCH_SIZE, MAX_BATCH_SIZE);
   const result = await bulkDeleteDocIds(db2, collectionPath, allDocIds, {
@@ -29801,9 +29930,12 @@ async function removeNodeCascade(db2, collectionPath, reader, uid, options) {
   const totalChunks = Math.ceil(allDocIds.length / batchSize);
   const nodeChunkIndex = totalChunks - 1;
   const nodeDeleted = !result.errors.some((e) => e.batchIndex === nodeChunkIndex);
+  const topLevelEdgesDeleted = nodeDeleted ? result.deleted - 1 : result.deleted;
   return {
-    ...result,
-    edgesDeleted: nodeDeleted ? result.deleted - 1 : result.deleted,
+    deleted: result.deleted + subcollectionResult.deleted,
+    batches: result.batches,
+    errors: [...result.errors, ...subcollectionResult.errors],
+    edgesDeleted: topLevelEdgesDeleted,
     nodeDeleted
   };
 }
@@ -29903,6 +30035,39 @@ function propertyToFieldMeta(name, prop, required2) {
   return { name, type: "unknown", required: required2, description: prop.description };
 }
 
+// src/scope.ts
+function matchScope(scopePath, pattern) {
+  if (pattern === "root") return scopePath === "";
+  if (pattern === "**") return true;
+  const pathSegments = scopePath === "" ? [] : scopePath.split("/");
+  const patternSegments = pattern.split("/");
+  return matchSegments(pathSegments, 0, patternSegments, 0);
+}
+function matchScopeAny(scopePath, patterns) {
+  if (!patterns || patterns.length === 0) return true;
+  return patterns.some((p) => matchScope(scopePath, p));
+}
+function matchSegments(path4, pi, pattern, qi) {
+  if (pi === path4.length && qi === pattern.length) return true;
+  if (qi === pattern.length) return false;
+  const seg = pattern[qi];
+  if (seg === "**") {
+    if (qi === pattern.length - 1) return true;
+    for (let skip = 0; skip <= path4.length - pi; skip++) {
+      if (matchSegments(path4, pi + skip, pattern, qi + 1)) return true;
+    }
+    return false;
+  }
+  if (pi === path4.length) return false;
+  if (seg === "*") {
+    return matchSegments(path4, pi + 1, pattern, qi + 1);
+  }
+  if (path4[pi] === seg) {
+    return matchSegments(path4, pi + 1, pattern, qi + 1);
+  }
+  return false;
+}
+
 // src/registry.ts
 function tripleKey(aType, axbType, bType) {
   return `${aType}:${axbType}:${bType}`;
@@ -29917,19 +30082,45 @@ function createRegistry(input) {
   }
   const entryList = Object.freeze([...entries]);
   for (const entry of entries) {
+    if (entry.targetGraph && entry.targetGraph.includes("/")) {
+      throw new ValidationError(
+        `Entry (${entry.aType}) -[${entry.axbType}]-> (${entry.bType}) has invalid targetGraph "${entry.targetGraph}" \u2014 must be a single segment (no "/")`
+      );
+    }
     const key = tripleKey(entry.aType, entry.axbType, entry.bType);
     const validator = entry.jsonSchema ? compileSchema(entry.jsonSchema, `(${entry.aType}) -[${entry.axbType}]-> (${entry.bType})`) : void 0;
     map2.set(key, { entry, validate: validator });
   }
+  const axbIndex = /* @__PURE__ */ new Map();
+  const axbBuild = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    const existing = axbBuild.get(entry.axbType);
+    if (existing) {
+      existing.push(entry);
+    } else {
+      axbBuild.set(entry.axbType, [entry]);
+    }
+  }
+  for (const [key, arr] of axbBuild) {
+    axbIndex.set(key, Object.freeze(arr));
+  }
   return {
     lookup(aType, axbType, bType) {
       return map2.get(tripleKey(aType, axbType, bType))?.entry;
     },
-    validate(aType, axbType, bType, data) {
+    lookupByAxbType(axbType) {
+      return axbIndex.get(axbType) ?? [];
+    },
+    validate(aType, axbType, bType, data, scopePath) {
       const rec = map2.get(tripleKey(aType, axbType, bType));
       if (!rec) {
         throw new RegistryViolationError(aType, axbType, bType);
       }
+      if (scopePath !== void 0 && rec.entry.allowedIn && rec.entry.allowedIn.length > 0) {
+        if (!matchScopeAny(scopePath, rec.entry.allowedIn)) {
+          throw new RegistryScopeError(aType, axbType, bType, scopePath, rec.entry.allowedIn);
+        }
+      }
       if (rec.validate) {
         try {
           rec.validate(data);
@@ -29957,7 +30148,8 @@ function discoveryToEntries(discovery) {
       jsonSchema: entity.schema,
       description: entity.description,
       titleField: entity.titleField,
-      subtitleField: entity.subtitleField
+      subtitleField: entity.subtitleField,
+      allowedIn: entity.allowedIn
     });
   }
   for (const [axbType, entity] of discovery.edges) {
@@ -29965,6 +30157,12 @@ function discoveryToEntries(discovery) {
     if (!topology) continue;
     const fromTypes = Array.isArray(topology.from) ? topology.from : [topology.from];
     const toTypes = Array.isArray(topology.to) ? topology.to : [topology.to];
+    const resolvedTargetGraph = entity.targetGraph ?? topology.targetGraph;
+    if (resolvedTargetGraph && resolvedTargetGraph.includes("/")) {
+      throw new ValidationError(
+        `Edge "${axbType}" has invalid targetGraph "${resolvedTargetGraph}" \u2014 must be a single segment (no "/")`
+      );
+    }
     for (const aType of fromTypes) {
       for (const bType of toTypes) {
         entries.push({
@@ -29975,7 +30173,9 @@ function discoveryToEntries(discovery) {
           description: entity.description,
           inverseLabel: topology.inverseLabel,
           titleField: entity.titleField,
-          subtitleField: entity.subtitleField
+          subtitleField: entity.subtitleField,
+          allowedIn: entity.allowedIn,
+          targetGraph: resolvedTargetGraph
         });
       }
     }
@@ -29996,7 +30196,8 @@ var NODE_TYPE_SCHEMA = {
     titleField: { type: "string" },
     subtitleField: { type: "string" },
     viewTemplate: { type: "string" },
-    viewCss: { type: "string" }
+    viewCss: { type: "string" },
+    allowedIn: { type: "array", items: { type: "string", minLength: 1 } }
   },
   additionalProperties: false
 };
@@ -30023,7 +30224,9 @@ var EDGE_TYPE_SCHEMA = {
     titleField: { type: "string" },
     subtitleField: { type: "string" },
     viewTemplate: { type: "string" },
-    viewCss: { type: "string" }
+    viewCss: { type: "string" },
+    allowedIn: { type: "array", items: { type: "string", minLength: 1 } },
+    targetGraph: { type: "string", minLength: 1, pattern: "^[^/]+$" }
   },
   additionalProperties: false
 };
@@ -30065,7 +30268,8 @@ async function createRegistryFromGraph(reader) {
       jsonSchema: data.jsonSchema,
       description: data.description,
       titleField: data.titleField,
-      subtitleField: data.subtitleField
+      subtitleField: data.subtitleField,
+      allowedIn: data.allowedIn
     });
   }
   for (const record2 of edgeTypes) {
@@ -30082,7 +30286,9 @@ async function createRegistryFromGraph(reader) {
           description: data.description,
           inverseLabel: data.inverseLabel,
           titleField: data.titleField,
-          subtitleField: data.subtitleField
+          subtitleField: data.subtitleField,
+          allowedIn: data.allowedIn,
+          targetGraph: data.targetGraph
         });
       }
     }
@@ -30093,9 +30299,10 @@ async function createRegistryFromGraph(reader) {
 // src/client.ts
 var _standardModeWarned = false;
 var RESERVED_TYPE_NAMES = /* @__PURE__ */ new Set([META_NODE_TYPE, META_EDGE_TYPE]);
-var GraphClientImpl = class {
-  constructor(db2, collectionPath, options) {
+var GraphClientImpl = class _GraphClientImpl {
+  constructor(db2, collectionPath, options, scopePath = "") {
     this.db = db2;
+    this.scopePath = scopePath;
     this.adapter = createFirestoreAdapter(db2, collectionPath);
     if (options?.registry && options?.registryMode) {
       throw new DynamicRegistryError(
@@ -30125,6 +30332,7 @@ var GraphClientImpl = class {
         "[firegraph] Standard query mode enabled. This is NOT recommended for production:\n  - Enterprise Firestore: data.* filters cause full collection scans (high billing)\n  - Standard Firestore: data.* filters without composite indexes will fail\n  See: https://github.com/typicalday/firegraph#query-modes"
       );
     }
+    this.scanProtection = options?.scanProtection ?? "error";
     if (this.queryMode === "pipeline") {
       this.pipelineAdapter = createPipelineQueryAdapter(db2, collectionPath);
       if (this.metaAdapter) {
@@ -30138,6 +30346,7 @@ var GraphClientImpl = class {
   adapter;
   pipelineAdapter;
   queryMode;
+  scanProtection;
   // Static mode
   staticRegistry;
   // Dynamic mode
@@ -30146,6 +30355,8 @@ var GraphClientImpl = class {
   dynamicRegistry;
   metaAdapter;
   metaPipelineAdapter;
+  // Subgraph scope tracking
+  scopePath;
   // ---------------------------------------------------------------------------
   // Registry routing
   // ---------------------------------------------------------------------------
@@ -30199,6 +30410,19 @@ var GraphClientImpl = class {
     }
     return this.adapter.query(filters, options);
   }
+  /**
+   * Check whether a query's filter set is safe (matches a known index pattern).
+   * Throws QuerySafetyError or logs a warning depending on scanProtection config.
+   */
+  checkQuerySafety(filters, allowCollectionScan) {
+    if (allowCollectionScan || this.scanProtection === "off") return;
+    const result = analyzeQuerySafety(filters);
+    if (result.safe) return;
+    if (this.scanProtection === "error") {
+      throw new QuerySafetyError(result.reason);
+    }
+    console.warn(`[firegraph] Query safety warning: ${result.reason}`);
+  }
   // ---------------------------------------------------------------------------
   // GraphReader
   // ---------------------------------------------------------------------------
@@ -30220,6 +30444,7 @@ var GraphClientImpl = class {
       const record2 = await this.adapter.getDoc(plan.docId);
       return record2 ? [record2] : [];
     }
+    this.checkQuerySafety(plan.filters, params.allowCollectionScan);
     return this.executeQuery(plan.filters, plan.options);
   }
   async findNodes(params) {
@@ -30228,6 +30453,7 @@ var GraphClientImpl = class {
       const record2 = await this.adapter.getDoc(plan.docId);
       return record2 ? [record2] : [];
     }
+    this.checkQuerySafety(plan.filters, params.allowCollectionScan);
     return this.executeQuery(plan.filters, plan.options);
   }
   // ---------------------------------------------------------------------------
@@ -30236,7 +30462,7 @@ var GraphClientImpl = class {
   async putNode(aType, uid, data) {
     const registry2 = this.getRegistryForType(aType);
     if (registry2) {
-      registry2.validate(aType, NODE_RELATION, aType, data);
+      registry2.validate(aType, NODE_RELATION, aType, data, this.scopePath);
     }
     const adapter = this.getAdapterForType(aType);
     const docId = computeNodeDocId(uid);
@@ -30246,7 +30472,7 @@ var GraphClientImpl = class {
   async putEdge(aType, aUid, axbType, bType, bUid, data) {
     const registry2 = this.getRegistryForType(aType);
     if (registry2) {
-      registry2.validate(aType, axbType, bType, data);
+      registry2.validate(aType, axbType, bType, data, this.scopePath);
     }
     const adapter = this.getAdapterForType(aType);
     const docId = computeEdgeDocId(aUid, axbType, bUid);
@@ -30278,13 +30504,69 @@ var GraphClientImpl = class {
         this.adapter.collectionPath,
         firestoreTx
       );
-      const graphTx = new GraphTransactionImpl(adapter, this.getCombinedRegistry());
+      const graphTx = new GraphTransactionImpl(adapter, this.getCombinedRegistry(), this.scanProtection, this.scopePath);
       return fn(graphTx);
     });
   }
   batch() {
     const adapter = createBatchAdapter(this.db, this.adapter.collectionPath);
-    return new GraphBatchImpl(adapter, this.getCombinedRegistry());
+    return new GraphBatchImpl(adapter, this.getCombinedRegistry(), this.scopePath);
+  }
+  // ---------------------------------------------------------------------------
+  // Subgraph
+  // ---------------------------------------------------------------------------
+  subgraph(parentNodeUid, name = "graph") {
+    if (!parentNodeUid || parentNodeUid.includes("/")) {
+      throw new FiregraphError(
+        `Invalid parentNodeUid for subgraph: "${parentNodeUid}". Must be a non-empty string without "/".`,
+        "INVALID_SUBGRAPH"
+      );
+    }
+    if (name.includes("/")) {
+      throw new FiregraphError(
+        `Subgraph name must not contain "/": got "${name}". Use chained .subgraph() calls for nested subgraphs.`,
+        "INVALID_SUBGRAPH"
+      );
+    }
+    const subCollectionPath = `${this.adapter.collectionPath}/${parentNodeUid}/${name}`;
+    const newScopePath = this.scopePath ? `${this.scopePath}/${name}` : name;
+    return new _GraphClientImpl(
+      this.db,
+      subCollectionPath,
+      {
+        registry: this.getCombinedRegistry(),
+        queryMode: this.queryMode === "pipeline" ? "pipeline" : "standard",
+        scanProtection: this.scanProtection
+      },
+      newScopePath
+    );
+  }
+  // ---------------------------------------------------------------------------
+  // Collection group query
+  // ---------------------------------------------------------------------------
+  async findEdgesGlobal(params, collectionName) {
+    const name = collectionName ?? this.adapter.collectionPath.split("/").pop();
+    const plan = buildEdgeQueryPlan(params);
+    if (plan.strategy === "get") {
+      throw new FiregraphError(
+        "findEdgesGlobal() requires a query, not a direct document lookup. Omit one of aUid/axbType/bUid to force a query strategy.",
+        "INVALID_QUERY"
+      );
+    }
+    this.checkQuerySafety(plan.filters, params.allowCollectionScan);
+    const collectionGroupRef = this.db.collectionGroup(name);
+    let q = collectionGroupRef;
+    for (const f of plan.filters) {
+      q = q.where(f.field, f.op, f.value);
+    }
+    if (plan.options?.orderBy) {
+      q = q.orderBy(plan.options.orderBy.field, plan.options.orderBy.direction ?? "asc");
+    }
+    if (plan.options?.limit !== void 0) {
+      q = q.limit(plan.options.limit);
+    }
+    const snap = await q.get();
+    return snap.docs.map((doc) => doc.data());
   }
   // ---------------------------------------------------------------------------
   // Bulk operations
@@ -30316,6 +30598,7 @@ var GraphClientImpl = class {
     if (options?.subtitleField !== void 0) data.subtitleField = options.subtitleField;
     if (options?.viewTemplate !== void 0) data.viewTemplate = options.viewTemplate;
     if (options?.viewCss !== void 0) data.viewCss = options.viewCss;
+    if (options?.allowedIn !== void 0) data.allowedIn = options.allowedIn;
     await this.putNode(META_NODE_TYPE, uid, data);
   }
   async defineEdgeType(name, topology, jsonSchema, description, options) {
@@ -30337,11 +30620,13 @@ var GraphClientImpl = class {
     };
     if (jsonSchema !== void 0) data.jsonSchema = jsonSchema;
     if (topology.inverseLabel !== void 0) data.inverseLabel = topology.inverseLabel;
+    if (topology.targetGraph !== void 0) data.targetGraph = topology.targetGraph;
     if (description !== void 0) data.description = description;
     if (options?.titleField !== void 0) data.titleField = options.titleField;
     if (options?.subtitleField !== void 0) data.subtitleField = options.subtitleField;
     if (options?.viewTemplate !== void 0) data.viewTemplate = options.viewTemplate;
     if (options?.viewCss !== void 0) data.viewCss = options.viewCss;
+    if (options?.allowedIn !== void 0) data.allowedIn = options.allowedIn;
     await this.putNode(META_EDGE_TYPE, uid, data);
   }
   async reloadRegistry() {
@@ -30524,7 +30809,8 @@ function loadNodeEntity(dir, name) {
     subtitleField: meta3?.subtitleField,
     viewDefaults: meta3?.viewDefaults,
     viewsPath,
-    sampleData
+    sampleData,
+    allowedIn: meta3?.allowedIn
   };
 }
 function loadEdgeEntity(dir, name) {
@@ -30559,7 +30845,9 @@ function loadEdgeEntity(dir, name) {
     subtitleField: meta3?.subtitleField,
     viewDefaults: meta3?.viewDefaults,
     viewsPath,
-    sampleData
+    sampleData,
+    allowedIn: meta3?.allowedIn,
+    targetGraph: topology.targetGraph ?? meta3?.targetGraph
   };
 }
 function getSubdirectories(dir) {