backlex 0.1.0 → 0.1.2

package/dist/index.d.ts

@@ -1,83 +1,7 @@
-import { L as ListQuery, k as ListResponse, C as Condition, f as DurationParts, R as RelativeNow, A as AggregateQuery, a as AggregateRow, S as SearchQuery, m as SearchResponse, I as ImportSummary, h as ItemQuery, i as ItemResponse, d as BatchResponse, c as BatchOperation, g as ItemEvent, l as ResumableUploadResult, D as DeviceToken, P as PhoneNumber, j as JobStatus, J as Job, F as FlagState } from './types-CbcbXGiA.js';
-export { B as BacklexError, U as Upload, n as UploadStatus } from './types-CbcbXGiA.js';
+import { L as ListQuery, m as ListResponse, C as Condition, h as DurationParts, R as RelativeNow, A as AggregateQuery, a as AggregateRow, S as SearchQuery, o as SearchResponse, I as ImportSummary, j as ItemQuery, k as ItemResponse, d as BatchResponse, f as BulkUpdateResponse, c as BatchOperation, i as ItemEvent, n as ResumableUploadResult, D as DeviceToken, P as PhoneNumber, l as JobStatus, J as Job, F as FlagState } from './types-DiJCXOy-.js';
+export { B as BacklexError, U as Upload, p as UploadStatus } from './types-DiJCXOy-.js';
 export { VerifyWebhookOptions, verifyWebhook } from './webhook.js';
 
-/**
- * Offline-first sync for a single collection.
- *
- * Pulls the server changefeed (`GET /api/items/:slug/changes`) into a local
- * store, keeps it live over SSE, and lets the app read/write while offline:
- * writes apply optimistically to the local store and queue, then flush through
- * the batch endpoint on reconnect. Conflicts resolve last-write-wins by
- * `updated_at`, with locally-queued (not-yet-flushed) writes held until they
- * land.
- *
- * The store is pluggable — `memoryStore()` works anywhere; `indexedDbStore()`
- * persists across reloads in the browser.
- */
-type QueuedOp = {
-    kind: "create";
-    tempId: string;
-    data: Record<string, unknown>;
-} | {
-    kind: "update";
-    id: string;
-    data: Record<string, unknown>;
-} | {
-    kind: "delete";
-    id: string;
-};
-interface SyncStore {
-    get(id: string): Promise<Record<string, unknown> | undefined>;
-    set(id: string, row: Record<string, unknown>): Promise<void>;
-    remove(id: string): Promise<void>;
-    all(): Promise<Record<string, unknown>[]>;
-    getMeta(key: string): Promise<string | null>;
-    setMeta(key: string, value: string): Promise<void>;
-    queueGet(): Promise<QueuedOp[]>;
-    queueSet(ops: QueuedOp[]): Promise<void>;
-}
-/** In-memory store — non-persistent; the default and the testing baseline. */
-declare const memoryStore: () => SyncStore;
-/** IndexedDB-backed store (browser). One object store for rows + one for meta;
- *  the write queue lives under a meta key. Falls back to throwing if IndexedDB
- *  is unavailable — use `memoryStore()` outside the browser. */
-declare const indexedDbStore: (opts: {
-    collection: string;
-    dbName?: string;
-}) => SyncStore;
-/** The subset of the backlex client `createSync` needs. The full client satisfies it. */
-interface SyncClientLike {
-    request: <T>(method: string, path: string, body?: unknown) => Promise<T>;
-    subscribe: (channel: string, onEvent: (e: {
-        event: "created" | "updated" | "deleted";
-        data: Record<string, unknown>;
-    }) => void, onError?: (err: unknown) => void) => () => void;
-}
-interface SyncOptions {
-    collection: string;
-    store?: SyncStore;
-    /** Primary-key field. Default `id`. */
-    pk?: string;
-    /** Rows per changefeed page. Default 200. */
-    pageSize?: number;
-    /** Called after the local store changes (pull / live / local write). */
-    onChange?: () => void;
-}
-declare const createSync: (client: SyncClientLike, options: SyncOptions) => {
-    pull: () => Promise<number>;
-    flush: () => Promise<void>;
-    live: () => (() => void);
-    start: () => Promise<void>;
-    stop: () => void;
-    getAll: () => Promise<Record<string, unknown>[]>;
-    get: (id: string) => Promise<Record<string, unknown> | undefined>;
-    create: (data: Record<string, unknown>) => Promise<string>;
-    update: (id: string, data: Record<string, unknown>) => Promise<void>;
-    remove: (id: string) => Promise<void>;
-    store: SyncStore;
-};
-
 /**
  * Type-safe fluent query builder — a Drizzle/Supabase-style ergonomics layer
  * that COMPILES to the canonical JSON `Condition` / `ListQuery` the REST API
@@ -104,25 +28,46 @@ declare const createSync: (client: SyncClientLike, options: SyncOptions) => {
 type FieldKey<T> = (keyof T & string) | (string & {});
 /** `field` ascending, or `-field` descending. */
 type SortKey<T> = FieldKey<T> | `-${string}`;
+/** Fluent condition factory passed to `QueryBuilder.where(...)`. Each method
+ *  returns a canonical {@link Condition}; multiple are combined with `and`/`or`. */
 interface FilterBuilder<T> {
+    /** `field = value`. */
     eq(field: FieldKey<T>, value: unknown): Condition;
+    /** `field != value`. */
     neq(field: FieldKey<T>, value: unknown): Condition;
+    /** `field > value`. */
     gt(field: FieldKey<T>, value: unknown): Condition;
+    /** `field >= value`. */
     gte(field: FieldKey<T>, value: unknown): Condition;
+    /** `field < value`. */
     lt(field: FieldKey<T>, value: unknown): Condition;
+    /** `field <= value`. */
     lte(field: FieldKey<T>, value: unknown): Condition;
+    /** `field IN (values)`. */
     in(field: FieldKey<T>, values: unknown[]): Condition;
+    /** `field NOT IN (values)`. */
     nin(field: FieldKey<T>, values: unknown[]): Condition;
+    /** `field BETWEEN lo AND hi` (inclusive). */
     between(field: FieldKey<T>, lo: unknown, hi: unknown): Condition;
+    /** `field IS NULL` (or `IS NOT NULL` when `isNull` is false). */
     isNull(field: FieldKey<T>, isNull?: boolean): Condition;
+    /** `field` is NULL or empty string. */
     empty(field: FieldKey<T>): Condition;
+    /** `field` is neither NULL nor empty string. */
     nempty(field: FieldKey<T>): Condition;
+    /** `field` contains the substring `value`. */
     contains(field: FieldKey<T>, value: string): Condition;
+    /** Case-insensitive {@link contains}. */
     icontains(field: FieldKey<T>, value: string): Condition;
+    /** `field` starts with `value`. */
     startsWith(field: FieldKey<T>, value: string): Condition;
+    /** `field` ends with `value`. */
     endsWith(field: FieldKey<T>, value: string): Condition;
+    /** Logical AND of the given conditions. */
     and(...conds: Condition[]): Condition;
+    /** Logical OR of the given conditions. */
     or(...conds: Condition[]): Condition;
+    /** Logical NOT of a condition. */
     not(cond: Condition): Condition;
     /** Traverse a relation: keys produced by `build` are prefixed with `head.`. */
     rel<R = Record<string, unknown>>(head: FieldKey<T>, build: (f: FilterBuilder<R>) => Condition): Condition;
@@ -132,6 +77,8 @@ interface FilterBuilder<T> {
         sub?: DurationParts;
     }): RelativeNow;
 }
+/** Fluent, type-safe query builder returned by `from(slug).query()`. Chain
+ *  `.where`/`.select`/`.orderBy`/… and finish with `.list()` (or `.toQuery()`). */
 declare class QueryBuilder<T extends Record<string, unknown>> {
     private readonly listFn;
     private _filter?;
@@ -144,10 +91,13 @@ declare class QueryBuilder<T extends Record<string, unknown>> {
     private _locale?;
     private _q?;
     constructor(listFn: (q: ListQuery) => Promise<ListResponse<T>>);
+    /** Build the filter fluently with a {@link FilterBuilder}. */
     where(build: (f: FilterBuilder<T>) => Condition): this;
     /** Replace the filter with a raw canonical condition (escape hatch). */
     filter(cond: Condition): this;
+    /** Project only these fields (column allow-list). */
     select(...fields: FieldKey<T>[]): this;
+    /** Sort by one or more keys (`"-field"` for descending). */
     orderBy(...sorts: SortKey<T>[]): this;
     /** Inline single-hop relations (replaces each FK with the related object). */
     expand(...rels: FieldKey<T>[]): this;
@@ -155,14 +105,128 @@ declare class QueryBuilder<T extends Record<string, unknown>> {
     locale(loc: string): this;
     /** Free-text search across readable text fields. */
     search(text: string): this;
+    /** Max rows to return. */
     limit(n: number): this;
+    /** Number of rows to skip (paging). */
     offset(n: number): this;
+    /** Ask the server for a count alongside the page (`filter_count` / `total_count`). */
     withMeta(m: "filter_count" | "total_count" | "*"): this;
     /** Assemble the plain `ListQuery` — the canonical JSON the REST API takes. */
     toQuery(): ListQuery;
+    /** Run the query and return the page of rows. */
     list(): Promise<ListResponse<T>>;
 }
 
+/**
+ * Offline-first sync for a single collection.
+ *
+ * Pulls the server changefeed (`GET /api/items/:slug/changes`) into a local
+ * store, keeps it live over SSE, and lets the app read/write while offline:
+ * writes apply optimistically to the local store and queue, then flush through
+ * the batch endpoint on reconnect. Conflicts resolve last-write-wins by
+ * `updated_at`, with locally-queued (not-yet-flushed) writes held until they
+ * land.
+ *
+ * The store is pluggable — `memoryStore()` works anywhere; `indexedDbStore()`
+ * persists across reloads in the browser.
+ */
+/** A locally-queued offline write awaiting flush to the server. */
+type QueuedOp = {
+    kind: "create";
+    tempId: string;
+    data: Record<string, unknown>;
+} | {
+    kind: "update";
+    id: string;
+    data: Record<string, unknown>;
+} | {
+    kind: "delete";
+    id: string;
+};
+/** Pluggable persistence for the local sync store (rows + meta + write queue). */
+interface SyncStore {
+    get(id: string): Promise<Record<string, unknown> | undefined>;
+    set(id: string, row: Record<string, unknown>): Promise<void>;
+    remove(id: string): Promise<void>;
+    all(): Promise<Record<string, unknown>[]>;
+    getMeta(key: string): Promise<string | null>;
+    setMeta(key: string, value: string): Promise<void>;
+    queueGet(): Promise<QueuedOp[]>;
+    queueSet(ops: QueuedOp[]): Promise<void>;
+}
+/** In-memory store — non-persistent; the default and the testing baseline. */
+declare const memoryStore: () => SyncStore;
+/** IndexedDB-backed store (browser). One object store for rows + one for meta;
+ *  the write queue lives under a meta key. Falls back to throwing if IndexedDB
+ *  is unavailable — use `memoryStore()` outside the browser. */
+declare const indexedDbStore: (opts: {
+    collection: string;
+    dbName?: string;
+}) => SyncStore;
+/** The subset of the backlex client `createSync` needs. The full client satisfies it. */
+interface SyncClientLike {
+    request: <T>(method: string, path: string, body?: unknown) => Promise<T>;
+    subscribe: (channel: string, onEvent: (e: {
+        event: "created" | "updated" | "deleted";
+        data: Record<string, unknown>;
+    }) => void, onError?: (err: unknown) => void) => () => void;
+}
+/** Options for `client.sync(...)` / `createSync(...)`. */
+interface SyncOptions {
+    collection: string;
+    store?: SyncStore;
+    /** Primary-key field. Default `id`. */
+    pk?: string;
+    /** Rows per changefeed page. Default 200. */
+    pageSize?: number;
+    /** Called after the local store changes (pull / live / local write). */
+    onChange?: () => void;
+}
+/** Live, offline-first controller for one collection, returned by `createSync`. */
+interface SyncController {
+    /** Drain the changefeed from the saved cursor to head; returns rows applied. */
+    pull(): Promise<number>;
+    /** Flush queued offline writes through the batch endpoint. */
+    flush(): Promise<void>;
+    /** Subscribe to live SSE updates; returns an unsubscribe function. */
+    live(): () => void;
+    /** Pull, go live, and re-sync whenever connectivity returns. */
+    start(): Promise<void>;
+    /** Stop live updates and remove the online listener. */
+    stop(): void;
+    /** Every row currently in the local store. */
+    getAll(): Promise<Record<string, unknown>[]>;
+    /** One row by id from the local store. */
+    get(id: string): Promise<Record<string, unknown> | undefined>;
+    /** Optimistically create a row locally + queue the write; returns the temp id. */
+    create(data: Record<string, unknown>): Promise<string>;
+    /** Optimistically update a row locally + queue the write. */
+    update(id: string, data: Record<string, unknown>): Promise<void>;
+    /** Optimistically remove a row locally + queue the delete. */
+    remove(id: string): Promise<void>;
+    /** The underlying pluggable local store. */
+    store: SyncStore;
+}
+declare const createSync: (client: SyncClientLike, options: SyncOptions) => SyncController;
+
+/**
+ * @module
+ *
+ * The backlex client — a typed `fetch` wrapper over the backlex API. Create one
+ * with {@link createClient}, then use `.from(slug)` for typed collection CRUD,
+ * `.auth` for sign-in/up, `.subscribe` for realtime (SSE), plus `.storage`,
+ * `.jobs`, `.flags`, and offline-first `.sync`.
+ *
+ * ```ts
+ * import { createClient } from "backlex";
+ *
+ * const backlex = createClient({ url: "https://api.your.app", workspace: "acme" });
+ * await backlex.auth.signIn({ email, password });
+ * const { data } = await backlex.from("todos").list({ sort: ["-created_at"] });
+ * const off = backlex.subscribe("items:todos", (e) => console.log(e.event, e.data));
+ * ```
+ */
+
 interface ClientOptions {
     url: string;
     /** Static API key (`pak_...`) for server-to-server calls. Browser apps
@@ -191,16 +255,19 @@ interface ClientOptions {
     /** Optional fetch override (testing / Node polyfill). */
     fetch?: typeof fetch;
 }
+/** A signed-in user as returned by the auth surface. */
 interface AuthUser {
     id: string;
     email: string;
     name?: string | null;
     image?: string | null;
 }
+/** Result of a sign-in / sign-up — the user and (app mode) the session token. */
 interface AuthResult {
     user: AuthUser;
     token?: string;
 }
+/** One active session (device/login) of the signed-in user. */
 interface AuthSession {
     id: string;
     token: string;
@@ -211,12 +278,14 @@ interface AuthSession {
     createdAt: string;
     updatedAt: string;
 }
+/** A public sign-in provider as advertised by `auth.providers()`. */
 interface PublicProvider {
     id: string;
     kind: "credential" | "magic-link" | "email-otp" | "passkey" | "social";
     label: string;
     enabled: boolean;
 }
+/** Public description of a workspace's auth surface (provider list + policy). */
 interface AuthSurface {
     tenantId: string | null;
     providers: PublicProvider[];
@@ -261,6 +330,7 @@ interface CollectionClient<T extends Record<string, unknown>> {
     deleteMany(ids: string[], opts?: {
         atomic?: boolean;
     }): Promise<BatchResponse<T>>;
+    bulkUpdate(keys: string[], data: Partial<T>): Promise<BulkUpdateResponse>;
     batch(operations: BatchOperation<T>[], opts?: {
         atomic?: boolean;
     }): Promise<BatchResponse<T>>;
@@ -268,278 +338,317 @@ interface CollectionClient<T extends Record<string, unknown>> {
     unpublish(id: string): Promise<ItemResponse<T>>;
     schedulePublish(id: string, at: Date | string | null): Promise<ItemResponse<T>>;
 }
-declare const createClient: (opts: ClientOptions) => {
-    from: <T extends Record<string, unknown>>(slug: string) => CollectionClient<T>;
-    subscribe: <T = Record<string, unknown>>(channel: string, onEvent: (e: ItemEvent<T>) => void, onError?: (err: unknown) => void) => (() => void);
-    auth: {
-        /** Email + password sign-up. In app mode this creates a *workspace* end-
-         *  user (in `app_users`), not a control-plane account. */
-        signUp: (input: {
-            email: string;
-            password: string;
-            name?: string;
-        }) => Promise<AuthResult>;
-        /** Email + password sign-in. */
-        signIn: (input: {
-            email: string;
-            password: string;
-        }) => Promise<AuthResult>;
-        /**
-         * Begin an OAuth sign-in. Returns `{ url }` — the provider's authorize
-         * page — which a browser app should navigate to (`location.href = url`).
-         * `provider` must be one of the ids returned by `auth.providers()`.
-         */
-        signInSocial: (provider: string, input?: {
-            callbackURL?: string;
-            errorCallbackURL?: string;
-        }) => Promise<{
-            url: string;
-            redirect: boolean;
-        }>;
-        /** Send a one-time sign-in link by email (requires the `magic` provider
-         *  to be enabled for the workspace). */
-        signInMagicLink: (input: {
-            email: string;
-            callbackURL?: string;
-        }) => Promise<{
-            status: boolean;
-        }>;
-        /** Email a one-time numeric code (requires the `email-otp` provider). `type`
-         *  defaults to `"sign-in"`; use `"email-verification"` / `"forget-password"`
-         *  for those flows. Complete a sign-in with `signInEmailOTP`. */
-        sendVerificationOTP: (input: {
-            email: string;
-            type?: "sign-in" | "email-verification" | "forget-password";
-        }) => Promise<{
-            success: boolean;
-        }>;
-        /** Complete an email-OTP sign-in with the code from `sendVerificationOTP`. In
-         *  app mode the returned session token is captured and replayed as a bearer. */
-        signInEmailOTP: (input: {
-            email: string;
-            otp: string;
-        }) => Promise<AuthResult>;
-        /** Send a password-reset email. `redirectTo` is the link the email points at. */
-        requestPasswordReset: (input: {
-            email: string;
-            redirectTo?: string;
-        }) => Promise<{
-            status: boolean;
-        }>;
-        /** Complete a reset with the token from the email and a new password. */
-        resetPassword: (input: {
-            newPassword: string;
-            token: string;
-        }) => Promise<{
-            status: boolean;
-        }>;
-        /** Mint a fresh short-lived access JWT from the stored session token (app
-         *  mode). The SDK's own requests keep using the session token; use this when a
-         *  downstream service needs a proper access token. */
-        refresh: () => Promise<{
-            accessToken: string;
-            refreshToken: string;
-            expiresIn: number;
-            tokenType: string;
-        }>;
-        /** Change the signed-in user's password (requires the current password). */
-        changePassword: (input: {
-            newPassword: string;
-            currentPassword: string;
-            revokeOtherSessions?: boolean;
-        }) => Promise<Record<string, unknown>>;
-        /** Update the signed-in user's profile (e.g. `{ name, image }`). */
-        updateUser: (attributes: Record<string, unknown>) => Promise<Record<string, unknown>>;
-        /** Send an email-verification link to the signed-in (or named) user. */
-        sendVerificationEmail: (input: {
-            email: string;
-            callbackURL?: string;
-        }) => Promise<{
-            status: boolean;
-        }>;
-        signOut: () => Promise<{
-            success: boolean;
-        }>;
-        /** Current session, or `{ user: null }`. */
-        getSession: () => Promise<{
-            user: AuthUser | null;
-        } & Record<string, unknown>>;
-        /** List the signed-in user's active sessions (one row per device/login). */
-        listSessions: () => Promise<AuthSession[]>;
-        /** Revoke one session by its `token` (from `listSessions`). */
-        revokeSession: (input: {
-            token: string;
-        }) => Promise<{
-            status: boolean;
-        }>;
-        /** Revoke every session **except** the current one (sign out other devices). */
-        revokeOtherSessions: () => Promise<{
-            status: boolean;
-        }>;
-        /** Revoke **all** sessions, including the current one. */
-        revokeSessions: () => Promise<{
-            status: boolean;
-        }>;
-        /** Public description of this workspace's auth surface (provider list +
-         *  policy flags) — what a sign-in screen needs to render. No secrets. */
-        providers: () => Promise<AuthSurface>;
-        /** The current workspace session token (app mode) — persist this across
-         *  reloads and pass it back via `createClient({ token })`. */
-        getToken: () => string | null;
-        /** Restore a workspace session token (app mode). */
-        setToken: (token: string | null) => void;
-    };
-    storage: {
-        list: (prefix?: string) => Promise<{
-            data: {
-                key: string;
-                size: number;
-                contentType?: string;
-                ownerId: string | null;
-                uploadedAt: string;
-            }[];
-        }>;
-        put: (key: string, body: BodyInit, contentType?: string, folderId?: string) => Promise<any>;
-        download: (key: string) => Promise<Response>;
-        delete: (key: string) => Promise<{
-            ok: boolean;
-        }>;
-        /**
-         * Resumable upload (TUS 1.0.0). Splits `data` into chunks and PATCHes them
-         * to `/api/uploads`, resuming from the server's committed offset after a
-         * transient failure. `data` may be a `Blob`/`File`, `ArrayBuffer`, or
-         * `Uint8Array`. Returns the final key + the TUS session `location` (persist
-         * it to resume across page reloads via `resumeUpload`). The standard TUS
-         * protocol means Uppy / tus-js-client can also target `/api/uploads`.
-         */
-        uploadResumable: (input: {
+/** Auth surface for a workspace's end-users (and the admin pool). See `createClient`. */
+interface AuthClient {
+    /** Email + password sign-up (app mode → a workspace end-user). */
+    signUp(input: {
+        email: string;
+        password: string;
+        name?: string;
+    }): Promise<AuthResult>;
+    /** Email + password sign-in. */
+    signIn(input: {
+        email: string;
+        password: string;
+    }): Promise<AuthResult>;
+    /** Begin an OAuth sign-in; returns the provider authorize `url` to navigate to. */
+    signInSocial(provider: string, input?: {
+        callbackURL?: string;
+        errorCallbackURL?: string;
+    }): Promise<{
+        url: string;
+        redirect: boolean;
+    }>;
+    /** Send a one-time sign-in link by email (magic-link provider). */
+    signInMagicLink(input: {
+        email: string;
+        callbackURL?: string;
+    }): Promise<{
+        status: boolean;
+    }>;
+    /** Email a one-time numeric code (email-otp provider). */
+    sendVerificationOTP(input: {
+        email: string;
+        type?: "sign-in" | "email-verification" | "forget-password";
+    }): Promise<{
+        success: boolean;
+    }>;
+    /** Complete an email-OTP sign-in with the emailed code. */
+    signInEmailOTP(input: {
+        email: string;
+        otp: string;
+    }): Promise<AuthResult>;
+    /** Send a password-reset email. */
+    requestPasswordReset(input: {
+        email: string;
+        redirectTo?: string;
+    }): Promise<{
+        status: boolean;
+    }>;
+    /** Complete a reset with the emailed token and a new password. */
+    resetPassword(input: {
+        newPassword: string;
+        token: string;
+    }): Promise<{
+        status: boolean;
+    }>;
+    /** Mint a fresh short-lived access JWT from the stored session token (app mode). */
+    refresh(): Promise<{
+        accessToken: string;
+        refreshToken: string;
+        expiresIn: number;
+        tokenType: string;
+    }>;
+    /** Change the signed-in user's password. */
+    changePassword(input: {
+        newPassword: string;
+        currentPassword: string;
+        revokeOtherSessions?: boolean;
+    }): Promise<Record<string, unknown>>;
+    /** Update the signed-in user's profile (e.g. `{ name, image }`). */
+    updateUser(attributes: Record<string, unknown>): Promise<Record<string, unknown>>;
+    /** Send an email-verification link to the signed-in (or named) user. */
+    sendVerificationEmail(input: {
+        email: string;
+        callbackURL?: string;
+    }): Promise<{
+        status: boolean;
+    }>;
+    /** Sign out the current session. */
+    signOut(): Promise<{
+        success: boolean;
+    }>;
+    /** Current session, or `{ user: null }`. */
+    getSession(): Promise<{
+        user: AuthUser | null;
+    } & Record<string, unknown>>;
+    /** List the signed-in user's active sessions. */
+    listSessions(): Promise<AuthSession[]>;
+    /** Revoke one session by its token. */
+    revokeSession(input: {
+        token: string;
+    }): Promise<{
+        status: boolean;
+    }>;
+    /** Revoke every session except the current one. */
+    revokeOtherSessions(): Promise<{
+        status: boolean;
+    }>;
+    /** Revoke all sessions, including the current one. */
+    revokeSessions(): Promise<{
+        status: boolean;
+    }>;
+    /** Public description of this workspace's auth surface (providers + policy). */
+    providers(): Promise<AuthSurface>;
+    /** The current workspace session token (app mode) — persist across reloads. */
+    getToken(): string | null;
+    /** Restore a workspace session token (app mode). */
+    setToken(token: string | null): void;
+}
+/** File storage + resumable (TUS) uploads. See `createClient`. */
+interface StorageClient {
+    /** List stored objects, optionally under a key prefix. */
+    list(prefix?: string): Promise<{
+        data: {
             key: string;
-            data: Blob | ArrayBuffer | Uint8Array;
+            size: number;
             contentType?: string;
-            folderId?: string;
-            /** Bytes per PATCH. Default 8 MiB (object stores need ≥5 MiB non-final parts). */
-            chunkSize?: number;
-            onProgress?: (sent: number, total: number) => void;
-            signal?: AbortSignal;
-        }) => Promise<ResumableUploadResult>;
-        /** Resume a previously-started resumable upload at the server's offset. */
-        resumeUpload: (location: string, data: Blob | ArrayBuffer | Uint8Array, opts2?: {
-            chunkSize?: number;
-            onProgress?: (sent: number, total: number) => void;
-            signal?: AbortSignal;
-        }) => Promise<void>;
-    };
-    messaging: {
-        /** Register (or refresh) the current user's push device. Re-registering the
-         *  same token reactivates it and updates last-seen, so call this on every
-         *  app launch. `web-push` requires `keys` (the VAPID subscription keys). */
-        registerDevice: (input: {
-            platform: "fcm" | "apns" | "web-push";
-            token: string;
-            keys?: {
-                p256dh: string;
-                auth: string;
-            };
-            deviceName?: string;
-        }) => Promise<{
-            data: {
-                id: string;
-            };
-        }>;
-        /** Remove one of the caller's registered devices by id. */
-        unregister: (id: string) => Promise<{
-            ok: boolean;
-        }>;
-        /** List the caller's registered devices. */
-        listDevices: () => Promise<{
-            data: DeviceToken[];
-        }>;
-        /** Register (or refresh) the current user's phone number for SMS. Number
-         *  must be E.164 (e.g. "+14155552671"). Re-registering reactivates it. */
-        registerPhone: (input: {
-            phoneNumber: string;
-        }) => Promise<{
-            data: {
-                id: string;
-            };
-        }>;
-        /** Remove one of the caller's registered phone numbers by id. */
-        unregisterPhone: (id: string) => Promise<{
-            ok: boolean;
-        }>;
-        /** List the caller's registered phone numbers. */
-        listPhones: () => Promise<{
-            data: PhoneNumber[];
-        }>;
-    };
-    jobs: {
-        /** Enqueue a durable background job. `type` is `function` (run a named
-         *  function with `payload.name` + `payload.input`) or `webhook.deliver`.
-         *  Jobs retry with backoff and dead-letter after `maxAttempts`. Pass
-         *  `runAt` (ISO string) to schedule for later. Admin-scoped. */
-        enqueue: (input: {
-            type: "function" | "webhook.deliver";
-            payload?: Record<string, unknown>;
-            queue?: string;
-            runAt?: string;
-            maxAttempts?: number;
-            priority?: number;
-        }) => Promise<{
+            ownerId: string | null;
+            uploadedAt: string;
+        }[];
+    }>;
+    /** Upload an object in one request. */
+    put(key: string, body: BodyInit, contentType?: string, folderId?: string): Promise<unknown>;
+    /** Download an object; returns the raw `Response`. */
+    download(key: string): Promise<Response>;
+    /** Delete an object by key. */
+    delete(key: string): Promise<{
+        ok: boolean;
+    }>;
+    /** Resumable upload (TUS 1.0.0) that resumes after a transient failure. */
+    uploadResumable(input: {
+        key: string;
+        data: Blob | ArrayBuffer | Uint8Array;
+        contentType?: string;
+        folderId?: string;
+        chunkSize?: number;
+        onProgress?: (sent: number, total: number) => void;
+        signal?: AbortSignal;
+    }): Promise<ResumableUploadResult>;
+    /** Resume a previously-started resumable upload at the server's offset. */
+    resumeUpload(location: string, data: Blob | ArrayBuffer | Uint8Array, opts2?: {
+        chunkSize?: number;
+        onProgress?: (sent: number, total: number) => void;
+        signal?: AbortSignal;
+    }): Promise<void>;
+}
+/** Push + SMS device registration for the current user. See `createClient`. */
+interface MessagingClient {
+    /** Register (or refresh) the current user's push device. */
+    registerDevice(input: {
+        platform: "fcm" | "apns" | "web-push";
+        token: string;
+        keys?: {
+            p256dh: string;
+            auth: string;
+        };
+        deviceName?: string;
+    }): Promise<{
+        data: {
+            id: string;
+        };
+    }>;
+    /** Remove one of the caller's registered devices by id. */
+    unregister(id: string): Promise<{
+        ok: boolean;
+    }>;
+    /** List the caller's registered devices. */
+    listDevices(): Promise<{
+        data: DeviceToken[];
+    }>;
+    /** Register (or refresh) the caller's E.164 phone number for SMS. */
+    registerPhone(input: {
+        phoneNumber: string;
+    }): Promise<{
+        data: {
             id: string;
-        }>;
-        /** List jobs (newest first), optionally filtered by queue/status. */
-        list: (q?: {
-            queue?: string;
-            status?: JobStatus;
-            limit?: number;
-        }) => Promise<{
-            jobs: Job[];
-        }>;
-        /** Fetch a single job by id. */
-        get: (id: string) => Promise<Job>;
-        /** Requeue a failed / dead-lettered / cancelled job to run again. */
-        retry: (id: string) => Promise<{
-            ok: boolean;
-        }>;
-        /** Cancel a pending job. */
-        cancel: (id: string) => Promise<{
-            ok: boolean;
-        }>;
-        /** Delete a job row. */
-        remove: (id: string) => Promise<{
-            ok: boolean;
-        }>;
-    };
-    flags: {
-        /** Fetch + cache the evaluated flag map. */
-        all: () => Promise<Record<string, FlagState>>;
-        /** Resolved value for a flag (remote config payload), or `undefined`. Uses
-         *  the cache if `all()` was already called this session; pass
-         *  `{ refresh: true }` to force a re-fetch. */
-        get: (key: string, opts?: {
-            refresh?: boolean;
-        }) => Promise<unknown>;
-        /** Whether a flag is on for the caller. */
-        isEnabled: (key: string, opts?: {
-            refresh?: boolean;
-        }) => Promise<boolean>;
-    };
-    sync: (options: SyncOptions) => {
-        pull: () => Promise<number>;
-        flush: () => Promise<void>;
-        live: () => (() => void);
-        start: () => Promise<void>;
-        stop: () => void;
-        getAll: () => Promise<Record<string, unknown>[]>;
-        get: (id: string) => Promise<Record<string, unknown> | undefined>;
-        create: (data: Record<string, unknown>) => Promise<string>;
-        update: (id: string, data: Record<string, unknown>) => Promise<void>;
-        remove: (id: string) => Promise<void>;
-        store: SyncStore;
-    };
+        };
+    }>;
+    /** Remove one of the caller's registered phone numbers by id. */
+    unregisterPhone(id: string): Promise<{
+        ok: boolean;
+    }>;
+    /** List the caller's registered phone numbers. */
+    listPhones(): Promise<{
+        data: PhoneNumber[];
+    }>;
+}
+/** Durable background job queue (admin-scoped). See `createClient`. */
+interface JobsClient {
+    /** Enqueue a durable background job. */
+    enqueue(input: {
+        type: "function" | "webhook.deliver";
+        payload?: Record<string, unknown>;
+        queue?: string;
+        runAt?: string;
+        maxAttempts?: number;
+        priority?: number;
+    }): Promise<{
+        id: string;
+    }>;
+    /** List jobs (newest first), optionally filtered by queue/status. */
+    list(q?: {
+        queue?: string;
+        status?: JobStatus;
+        limit?: number;
+    }): Promise<{
+        jobs: Job[];
+    }>;
+    /** Fetch a single job by id. */
+    get(id: string): Promise<Job>;
+    /** Requeue a failed / dead-lettered / cancelled job. */
+    retry(id: string): Promise<{
+        ok: boolean;
+    }>;
+    /** Cancel a pending job. */
+    cancel(id: string): Promise<{
+        ok: boolean;
+    }>;
+    /** Delete a job row. */
+    remove(id: string): Promise<{
+        ok: boolean;
+    }>;
+}
+/** Feature flags / remote config evaluated for the current caller. See `createClient`. */
+interface FlagsClient {
+    /** Fetch + cache the evaluated flag map. */
+    all(): Promise<Record<string, FlagState>>;
+    /** Resolved value (remote config payload) for a flag, or `undefined`. */
+    get(key: string, opts?: {
+        refresh?: boolean;
+    }): Promise<unknown>;
+    /** Whether a flag is on for the caller. */
+    isEnabled(key: string, opts?: {
+        refresh?: boolean;
+    }): Promise<boolean>;
+}
+/** A visual workflow (flow) row. `operations` is the serialized op DSL the
+ *  builder compiles; `layout` is a purely-presentational graph snapshot. */
+interface Flow {
+    id: string;
+    tenantId?: string | null;
+    name: string;
+    trigger: string;
+    operations: unknown[];
+    layout?: unknown;
+    active: boolean;
+}
+/** Create/update payload for a flow. `operations` must be non-empty on create;
+ *  `update` accepts any subset. */
+interface FlowInput {
+    name: string;
+    trigger: string;
+    operations: unknown[];
+    layout?: unknown;
+    active?: boolean;
+}
+/** Outcome of a manual flow run. `ok: false` means the run halted on an
+ *  unhandled op error; `error` carries the first failure message. */
+interface FlowRunResult {
+    ok: boolean;
+    error?: string;
+}
+/** Visual workflows (admin-scoped). Mirrors `/api/flows`. See `createClient`. */
+interface FlowsClient {
+    /** List every flow in the active workspace. */
+    list(): Promise<{
+        data: Flow[];
+    }>;
+    /** Fetch a single flow's full definition by id. */
+    get(id: string): Promise<{
+        data: Flow;
+    }>;
+    /** Create a flow scoped to the active workspace. */
+    create(input: FlowInput): Promise<{
+        data: Flow;
+    }>;
+    /** Partial update of a flow by id. */
+    update(id: string, patch: Partial<FlowInput>): Promise<{
+        ok: boolean;
+    }>;
+    /** Delete a flow by id. */
+    delete(id: string): Promise<{
+        ok: boolean;
+    }>;
+    /** Synchronously run a flow with an arbitrary `input` trigger payload. */
+    run(id: string, input?: Record<string, unknown>): Promise<FlowRunResult>;
+}
+/** The backlex client returned by `createClient` — data, auth, storage, realtime, and more. */
+interface BacklexClient {
+    /** Typed data API for one collection by slug. */
+    from<T extends Record<string, unknown>>(slug: string): CollectionClient<T>;
+    /** Subscribe to a realtime channel (SSE); returns an unsubscribe function. */
+    subscribe<T = Record<string, unknown>>(channel: string, onEvent: (e: ItemEvent<T>) => void, onError?: (err: unknown) => void): () => void;
+    /** Auth surface (sign-in/up, sessions, tokens). */
+    auth: AuthClient;
+    /** File storage + resumable uploads. */
+    storage: StorageClient;
+    /** Push + SMS device registration. */
+    messaging: MessagingClient;
+    /** Durable background job queue. */
+    jobs: JobsClient;
+    /** Visual workflows (flows). */
+    flows: FlowsClient;
+    /** Feature flags / remote config. */
+    flags: FlagsClient;
+    /** Offline-first sync controller for one collection. */
+    sync(options: SyncOptions): SyncController;
     /** Raw escape hatch — issues a request with auth headers applied. */
-    request: <T>(method: string, path: string, body?: unknown, extraHeaders?: Record<string, string>) => Promise<T>;
-};
+    request<T>(method: string, path: string, body?: unknown, extraHeaders?: Record<string, string>): Promise<T>;
+}
+/** Create a backlex client. In app mode (`workspace` set) auth + data scope to
+ *  one workspace and the session token is captured + replayed as a bearer. */
+declare const createClient: (opts: ClientOptions) => BacklexClient;
 /** A registry mapping each collection slug to its row type — the shape
  *  `backlex gen-types --sdk` emits as `Collections`. */
 type CollectionsMap = Record<string, Record<string, unknown>>;
@@ -564,6 +673,4 @@ type TypedClient<R extends CollectionsMap> = BacklexClient & {
  */
 declare const typedCollections: <R extends CollectionsMap>(client: BacklexClient) => TypedClient<R>;
 
-type BacklexClient = ReturnType<typeof createClient>;
-
-export { AggregateQuery, AggregateRow, type BacklexClient, BatchOperation, BatchResponse, type ClientOptions, type CollectionClient, type CollectionsMap, DeviceToken, type FieldKey, type FilterBuilder, FlagState, ImportSummary, ItemEvent, ItemQuery, ItemResponse, Job, JobStatus, ListQuery, ListResponse, PhoneNumber, QueryBuilder, type QueuedOp, ResumableUploadResult, SearchQuery, SearchResponse, type SortKey, type SyncOptions, type SyncStore, type TypedClient, type TypedCollections, createClient, createSync, indexedDbStore, memoryStore, typedCollections };
+export { AggregateQuery, AggregateRow, type AuthClient, type AuthResult, type AuthSession, type AuthSurface, type AuthUser, type BacklexClient, BatchOperation, BatchResponse, BulkUpdateResponse, type ClientOptions, type CollectionClient, type CollectionsMap, DeviceToken, type FieldKey, type FilterBuilder, FlagState, type FlagsClient, type Flow, type FlowInput, type FlowRunResult, type FlowsClient, ImportSummary, ItemEvent, ItemQuery, ItemResponse, Job, JobStatus, type JobsClient, ListQuery, ListResponse, type MessagingClient, PhoneNumber, type PublicProvider, QueryBuilder, type QueuedOp, ResumableUploadResult, SearchQuery, SearchResponse, type SortKey, type StorageClient, type SyncOptions, type SyncStore, type TypedClient, type TypedCollections, createClient, createSync, indexedDbStore, memoryStore, typedCollections };

package/dist/index.js

@@ -111,6 +111,7 @@ var QueryBuilder = class {
   _meta;
   _locale;
   _q;
+  /** Build the filter fluently with a {@link FilterBuilder}. */
   where(build) {
     this._filter = normalizeCondition(build(makeFilterBuilder()));
     return this;
@@ -120,10 +121,12 @@ var QueryBuilder = class {
     this._filter = normalizeCondition(cond);
     return this;
   }
+  /** Project only these fields (column allow-list). */
   select(...fields) {
     this._fields.push(...fields);
     return this;
   }
+  /** Sort by one or more keys (`"-field"` for descending). */
   orderBy(...sorts) {
     this._sort.push(...sorts);
     return this;
@@ -143,14 +146,17 @@ var QueryBuilder = class {
     this._q = text;
     return this;
   }
+  /** Max rows to return. */
   limit(n) {
     this._limit = n;
     return this;
   }
+  /** Number of rows to skip (paging). */
   offset(n) {
     this._offset = n;
     return this;
   }
+  /** Ask the server for a count alongside the page (`filter_count` / `total_count`). */
   withMeta(m) {
     this._meta = m;
     return this;
@@ -169,6 +175,7 @@ var QueryBuilder = class {
     if (this._q) q.q = this._q;
     return q;
   }
+  /** Run the query and return the page of rows. */
   list() {
     return this.listFn(this.toQuery());
   }
@@ -449,7 +456,11 @@ var createClient = (opts) => {
   const tenantHeader = () => opts.tenant ? { "x-backlex-tenant": opts.tenant } : {};
   const request = async (method, path, body, extraHeaders) => {
     const headers = {
-      "content-type": "application/json",
+      // Only advertise a JSON body when we actually send one. A bodyless POST
+      // (publish, unpublish, restore, fts-reindex, …) that still carried
+      // `content-type: application/json` made the server's body validator try to
+      // parse an empty body and fail with "Malformed JSON in request body".
+      ...body !== void 0 ? { "content-type": "application/json" } : {},
       ...authHeader(),
       ...tenantHeader(),
       ...extraHeaders ?? {}
@@ -532,6 +543,14 @@ var createClient = (opts) => {
         operations: ids.map((id) => ({ op: "delete", id })),
         atomic: opts2?.atomic
       }),
+      /** Set the SAME fields on many ids at once (one shared patch). Only the
+       *  named fields change per row; partial-success (a key the caller can't
+       *  write is reported `NOT_FOUND`). Differs from `updateMany`, which sends
+       *  a distinct patch per id. */
+      bulkUpdate: (keys, data) => request("POST", `/api/items/${slug}/bulk-update`, {
+        keys,
+        data
+      }),
       /** Mixed create/update/delete in one request. `atomic` = all-or-nothing. */
       batch: (operations, opts2) => request("POST", `/api/items/${slug}/batch`, {
         operations,
@@ -811,6 +830,20 @@ var createClient = (opts) => {
     /** Delete a job row. */
     remove: (id) => request("DELETE", `/api/jobs/${encodeURIComponent(id)}`)
   };
+  const flows = {
+    /** List every flow in the active workspace. */
+    list: () => request("GET", "/api/flows"),
+    /** Fetch a single flow's full definition by id. */
+    get: (id) => request("GET", `/api/flows/${encodeURIComponent(id)}`),
+    /** Create a flow scoped to the active workspace. */
+    create: (input) => request("POST", "/api/flows", input),
+    /** Partial update of a flow by id. */
+    update: (id, patch) => request("PATCH", `/api/flows/${encodeURIComponent(id)}`, patch),
+    /** Delete a flow by id. */
+    delete: (id) => request("DELETE", `/api/flows/${encodeURIComponent(id)}`),
+    /** Run a flow synchronously with an arbitrary `input` trigger payload. */
+    run: (id, input) => request("POST", `/api/flows/${encodeURIComponent(id)}/run`, input ?? {})
+  };
   let flagsCache = null;
   const fetchFlags = async () => {
     const res = await request("GET", "/api/flags");
@@ -841,6 +874,7 @@ var createClient = (opts) => {
     storage,
     messaging,
     jobs,
+    flows,
     flags,
     sync,
     /** Raw escape hatch — issues a request with auth headers applied. */

package/dist/{types-CbcbXGiA.d.ts → types-DiJCXOy-.d.ts}

@@ -52,6 +52,15 @@ type Condition = {
     [field: string]: ComparisonObj;
 };
 
+/**
+ * @module
+ *
+ * Wire types for the backlex client — the request/response shapes for list,
+ * item, query, search, aggregate, batch, device tokens, jobs, uploads, and
+ * feature flags, plus the {@link BacklexError} thrown on a failed request.
+ */
+
+/** Response from `from(slug).list(...)` — a page of rows + paging metadata. */
 interface ListResponse<T> {
     data: T[];
     limit: number;
@@ -61,9 +70,11 @@ interface ListResponse<T> {
         total_count?: number;
     };
 }
+/** Response wrapping a single row (`one` / `create` / `update`). */
 interface ItemResponse<T> {
     data: T;
 }
+/** Query params for `from(slug).list(...)` — filter, sort, projection, paging. */
 interface ListQuery {
     filter?: Condition;
     sort?: string | string[];
@@ -137,10 +148,12 @@ interface ImportSummary {
         error: string;
     }[];
 }
+/** A realtime event delivered to `subscribe(...)`. */
 interface ItemEvent<T = Record<string, unknown>> {
     event: "created" | "updated" | "deleted";
     data: T;
 }
+/** One operation in a `batch(...)` request. */
 type BatchOperation<T = Record<string, unknown>> = {
     op: "create";
     data: Partial<T>;
@@ -152,6 +165,7 @@ type BatchOperation<T = Record<string, unknown>> = {
     op: "delete";
     id: string;
 };
+/** Per-row outcome inside a {@link BatchResponse}. */
 interface BatchRowResult<T = Record<string, unknown>> {
     index: number;
     op: "create" | "update" | "delete";
@@ -163,6 +177,7 @@ interface BatchRowResult<T = Record<string, unknown>> {
         message: string;
     };
 }
+/** Response from a bulk `createMany`/`updateMany`/`deleteMany`/`batch` call. */
 interface BatchResponse<T = Record<string, unknown>> {
     data: {
         atomic: boolean;
@@ -172,6 +187,26 @@ interface BatchResponse<T = Record<string, unknown>> {
         results: BatchRowResult<T>[];
     };
 }
+/** Per-key outcome inside a {@link BulkUpdateResponse}. */
+interface BulkUpdateRowResult {
+    id: string;
+    ok: boolean;
+    error?: {
+        code: string;
+        message: string;
+    };
+}
+/** Response from a `bulkUpdate(keys, data)` call — one shared patch over many
+ *  ids, partial-success (a key the caller can't write is `NOT_FOUND`). */
+interface BulkUpdateResponse {
+    data: {
+        total: number;
+        updated: number;
+        failed: number;
+        results: BulkUpdateRowResult[];
+    };
+}
+/** A registered push device (from `messaging.listDevices()`). */
 interface DeviceToken {
     id: string;
     platform: "fcm" | "apns" | "web-push";
@@ -181,6 +216,7 @@ interface DeviceToken {
     createdAt: string | number;
     lastSeenAt: string | number | null;
 }
+/** A registered SMS phone number (from `messaging.listPhones()`). */
 interface PhoneNumber {
     id: string;
     phoneNumber: string;
@@ -188,7 +224,9 @@ interface PhoneNumber {
     createdAt: string | number;
     lastSeenAt: string | number | null;
 }
+/** Lifecycle state of a durable {@link Job}. */
 type JobStatus = "pending" | "active" | "succeeded" | "failed" | "dead_letter" | "cancelled";
+/** A durable background job row (from `jobs.get`/`jobs.list`). */
 interface Job {
     id: string;
     tenantId: string | null;
@@ -205,6 +243,7 @@ interface Job {
     createdAt: string | number;
     completedAt: string | number | null;
 }
+/** Status of a resumable {@link Upload} session. */
 type UploadStatus = "pending" | "completed" | "aborted";
 /** A resumable (TUS) upload session, as returned by the management API. */
 interface Upload {
@@ -230,11 +269,14 @@ interface FlagState {
     enabled: boolean;
     value: unknown;
 }
+/** The error envelope returned by the API on a failed request. */
 interface ApiError {
     code: string;
     message: string;
     details?: unknown;
 }
+/** Thrown by every client method on a non-2xx response — carries the HTTP
+ *  `status`, the API error `code`, the `message`, and any `details`. */
 declare class BacklexError extends Error {
     readonly code: string;
     readonly status: number;
@@ -244,4 +286,4 @@ declare class BacklexError extends Error {
     } | undefined);
 }
 
-export { type AggregateQuery as A, BacklexError as B, type Condition as C, type DeviceToken as D, type FlagState as F, type ImportSummary as I, type Job as J, type ListQuery as L, type PhoneNumber as P, type RelativeNow as R, type SearchQuery as S, type Upload as U, type AggregateRow as a, type ApiError as b, type BatchOperation as c, type BatchResponse as d, type BatchRowResult as e, type DurationParts as f, type ItemEvent as g, type ItemQuery as h, type ItemResponse as i, type JobStatus as j, type ListResponse as k, type ResumableUploadResult as l, type SearchResponse as m, type UploadStatus as n };
+export { type AggregateQuery as A, BacklexError as B, type Condition as C, type DeviceToken as D, type FlagState as F, type ImportSummary as I, type Job as J, type ListQuery as L, type PhoneNumber as P, type RelativeNow as R, type SearchQuery as S, type Upload as U, type AggregateRow as a, type ApiError as b, type BatchOperation as c, type BatchResponse as d, type BatchRowResult as e, type BulkUpdateResponse as f, type BulkUpdateRowResult as g, type DurationParts as h, type ItemEvent as i, type ItemQuery as j, type ItemResponse as k, type JobStatus as l, type ListResponse as m, type ResumableUploadResult as n, type SearchResponse as o, type UploadStatus as p };

package/dist/types.d.ts

@@ -1 +1 @@
-export { A as AggregateQuery, a as AggregateRow, b as ApiError, B as BacklexError, c as BatchOperation, d as BatchResponse, e as BatchRowResult, D as DeviceToken, F as FlagState, I as ImportSummary, g as ItemEvent, h as ItemQuery, i as ItemResponse, J as Job, j as JobStatus, L as ListQuery, k as ListResponse, P as PhoneNumber, l as ResumableUploadResult, S as SearchQuery, m as SearchResponse, U as Upload, n as UploadStatus } from './types-CbcbXGiA.js';
+export { A as AggregateQuery, a as AggregateRow, b as ApiError, B as BacklexError, c as BatchOperation, d as BatchResponse, e as BatchRowResult, f as BulkUpdateResponse, g as BulkUpdateRowResult, D as DeviceToken, F as FlagState, I as ImportSummary, i as ItemEvent, j as ItemQuery, k as ItemResponse, J as Job, l as JobStatus, L as ListQuery, m as ListResponse, P as PhoneNumber, n as ResumableUploadResult, S as SearchQuery, o as SearchResponse, U as Upload, p as UploadStatus } from './types-DiJCXOy-.js';

package/dist/webhook.d.ts

@@ -1,3 +1,16 @@
+/**
+ * @module
+ *
+ * Receiver-side helper for verifying inbound backlex webhook signatures with
+ * {@link verifyWebhook}. Runs anywhere Web Crypto is available (Workers,
+ * Node 18+, Bun, Deno). Supports the V2 (timestamped, replay-protected) and
+ * legacy signature schemes.
+ *
+ * ```ts
+ * import { verifyWebhook } from "backlex/webhook";
+ * const ok = await verifyWebhook({ secret, body, signature, timestamp });
+ * ```
+ */
 interface VerifyWebhookOptions {
     /** The hook's signing secret (the `secret` you configured on the webhook). */
     secret: string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "backlex",
-  "version": "0.1.0",
-  "description": "Typed TypeScript client for the backlex API — auth, collection CRUD, query builder, realtime, storage, jobs, flags, and offline sync. Zero dependencies. On npm as compiled ESM + types; on JSR (@backlex/backlex) as TypeScript source.",
+  "version": "0.1.2",
+  "description": "Typed TypeScript client for the backlex API — auth, collection CRUD, query builder, realtime, storage, jobs, flows, flags, and offline sync. Zero dependencies. On npm as compiled ESM + types; on JSR (@backlex/backlex) as TypeScript source.",
   "type": "module",
   "license": "Apache-2.0",
   "homepage": "https://backlex.com",