canopycms 0.0.16 → 0.0.17

package/dist/ai/generate.js

@@ -7,9 +7,9 @@
  */
 import path from 'node:path';
 import { minimatch } from 'minimatch';
-import { extractEntryTypeFromFilename } from '../content-id-index';
-import { getErrorMessage } from '../utils/error';
-import { entryToMarkdown } from './json-to-markdown';
+import { extractEntryTypeFromFilename } from '../content-id-index.js';
+import { getErrorMessage } from '../utils/error.js';
+import { entryToMarkdown } from './json-to-markdown.js';
 /**
  * Generate all AI content from the content store.
  *

package/dist/ai/handler.js

@@ -10,11 +10,11 @@
  * export const GET = createAIContentHandler({ config, entrySchemaRegistry })
  * ```
  */
-import { ContentStore } from '../content-store';
-import { BranchSchemaCache } from '../branch-schema-cache';
-import { getErrorMessage } from '../utils/error';
-import { generateAIContent } from './generate';
-import { resolveBranchRoot } from './resolve-branch';
+import { ContentStore } from '../content-store.js';
+import { BranchSchemaCache } from '../branch-schema-cache.js';
+import { getErrorMessage } from '../utils/error.js';
+import { generateAIContent } from './generate.js';
+import { resolveBranchRoot } from './resolve-branch.js';
 /**
  * Create a Next.js GET handler for serving AI content.
  *

package/dist/ai/index.js

@@ -4,7 +4,7 @@
  * Provides AI-ready content generation: config helpers,
  * route handler for runtime serving, and content types.
  */
-export { defineAIContentConfig } from './types';
-export { createAIContentHandler } from './handler';
-export { generateAIContent } from './generate';
+export { defineAIContentConfig } from './types.js';
+export { createAIContentHandler } from './handler.js';
+export { generateAIContent } from './generate.js';
 //# sourceMappingURL=index.js.map

package/dist/ai/resolve-branch.js

@@ -2,8 +2,8 @@
  * Shared branch root resolution for AI content generation.
  * Used by both the route handler and build utility.
  */
-import { loadOrCreateBranchContext } from '../branch-workspace';
-import { isDeployedStatic } from '../build-mode';
+import { loadOrCreateBranchContext } from '../branch-workspace.js';
+import { isDeployedStatic } from '../build-mode.js';
 /**
  * Resolve the branch root directory for reading content.
  *

package/dist/api/__test__/mock-client.js

@@ -5,7 +5,7 @@
  * Do not edit this file manually - changes will be overwritten.
  */
 import { vi } from 'vitest';
-import { createLogicalPath } from '../../paths';
+import { createLogicalPath } from '../../paths/index.js';
 /**
  * Create a mock API client with all methods as vi.fn().
  */

package/dist/api/assets.js

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { defineEndpoint } from './route-builder';
+import { defineEndpoint } from './route-builder.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/branch-merge.js

@@ -1,7 +1,7 @@
 import { z } from 'zod';
-import { branchNameSchema } from './validators';
-import { getBranchMetadataFileManager } from '../branch-metadata';
-import { defineEndpoint } from './route-builder';
+import { branchNameSchema } from './validators.js';
+import { getBranchMetadataFileManager } from '../branch-metadata.js';
+import { defineEndpoint } from './route-builder.js';
 const markAsMergedParamsSchema = z.object({
     branch: branchNameSchema,
 });

package/dist/api/branch-review.js

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-import { branchNameSchema } from './validators';
-import { getBranchMetadataFileManager } from '../branch-metadata';
-import { defineEndpoint } from './route-builder';
-import { syncConvertToDraft } from './github-sync';
+import { branchNameSchema } from './validators.js';
+import { getBranchMetadataFileManager } from '../branch-metadata.js';
+import { defineEndpoint } from './route-builder.js';
+import { syncConvertToDraft } from './github-sync.js';
 const branchParamSchema = z.object({
     branch: branchNameSchema,
 });

package/dist/api/branch-status.js

@@ -1,12 +1,12 @@
 import { z } from 'zod';
-import { branchNameSchema } from './validators';
-import { getBranchMetadataFileManager } from '../branch-metadata';
-import { withdrawBranch } from './branch-withdraw';
-import { requestChanges, approveBranch } from './branch-review';
-import { markAsMerged } from './branch-merge';
-import { defineEndpoint } from './route-builder';
-import { canPerformWorkflowAction } from '../authorization';
-import { syncSubmitPr } from './github-sync';
+import { branchNameSchema } from './validators.js';
+import { getBranchMetadataFileManager } from '../branch-metadata.js';
+import { withdrawBranch } from './branch-withdraw.js';
+import { requestChanges, approveBranch } from './branch-review.js';
+import { markAsMerged } from './branch-merge.js';
+import { defineEndpoint } from './route-builder.js';
+import { canPerformWorkflowAction } from '../authorization/index.js';
+import { syncSubmitPr } from './github-sync.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/branch-withdraw.js

@@ -1,9 +1,9 @@
 import { z } from 'zod';
-import { branchNameSchema } from './validators';
-import { getBranchMetadataFileManager } from '../branch-metadata';
-import { defineEndpoint } from './route-builder';
-import { canPerformWorkflowAction } from '../authorization';
-import { syncConvertToDraft } from './github-sync';
+import { branchNameSchema } from './validators.js';
+import { getBranchMetadataFileManager } from '../branch-metadata.js';
+import { defineEndpoint } from './route-builder.js';
+import { canPerformWorkflowAction } from '../authorization/index.js';
+import { syncConvertToDraft } from './github-sync.js';
 const branchParamSchema = z.object({
     branch: branchNameSchema,
 });

package/dist/api/branch.js

@@ -1,13 +1,13 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { z } from 'zod';
-import { BranchWorkspaceManager } from '../branch-workspace';
-import { getBranchMetadataFileManager } from '../branch-metadata';
-import { defineEndpoint } from './route-builder';
-import { createDebugLogger } from '../utils/debug';
-import { clientOperatingStrategy } from '../operating-mode';
-import { isNotFoundError, getErrorMessage } from '../utils/error';
-import { branchNameSchema } from './validators';
+import { BranchWorkspaceManager } from '../branch-workspace.js';
+import { getBranchMetadataFileManager } from '../branch-metadata.js';
+import { defineEndpoint } from './route-builder.js';
+import { createDebugLogger } from '../utils/debug.js';
+import { clientOperatingStrategy } from '../operating-mode/index.js';
+import { isNotFoundError, getErrorMessage } from '../utils/error.js';
+import { branchNameSchema } from './validators.js';
 const log = createDebugLogger({ prefix: 'BranchAPI' });
 // ============================================================================
 // Zod Schemas for Validation
@@ -30,8 +30,8 @@ const updateBranchAccessBodySchema = z.object({
     allowedUsers: z.array(z.string()).optional(),
     allowedGroups: z.array(z.string()).optional(),
 });
-import { isPrivileged, isAdmin, loadPathPermissions } from '../authorization';
-import { operatingStrategy } from '../operating-mode';
+import { isPrivileged, isAdmin, loadPathPermissions } from '../authorization/index.js';
+import { operatingStrategy } from '../operating-mode/index.js';
 /**
  * Check if a user can create branches.
  * Returns true if:

package/dist/api/comments.js

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-import { CommentStore } from '../comment-store';
-import { isReviewer } from '../authorization';
-import { defineEndpoint } from './route-builder';
-import { branchNameSchema, logicalPathSchema } from './validators';
+import { CommentStore } from '../comment-store.js';
+import { isReviewer } from '../authorization/index.js';
+import { defineEndpoint } from './route-builder.js';
+import { branchNameSchema, logicalPathSchema } from './validators.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/content.js

@@ -1,9 +1,9 @@
 import { z } from 'zod';
-import { ContentStore, ContentStoreError } from '../content-store';
-import { defineEndpoint } from './route-builder';
-import { ReferenceValidator } from '../validation/reference-validator';
-import { branchNameSchema, logicalPathSchema, slugSchema } from './validators';
-import { isNotFoundError } from '../utils/error';
+import { ContentStore, ContentStoreError } from '../content-store.js';
+import { defineEndpoint } from './route-builder.js';
+import { ReferenceValidator } from '../validation/reference-validator.js';
+import { branchNameSchema, logicalPathSchema, slugSchema } from './validators.js';
+import { isNotFoundError } from '../utils/error.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/entries.js

@@ -1,12 +1,12 @@
 import { z } from 'zod';
-import { ContentStore, ContentStoreError } from '../content-store';
-import { defineEndpoint } from './route-builder';
-import { normalizeFilesystemPath, parseSlug, parseLogicalPath } from '../paths';
-import { isNotFoundError } from '../utils/error';
-import { resolveEntryTitle } from '../utils/title-field';
-import { branchNameSchema, logicalPathSchema } from './validators';
-import { SchemaOps } from '../schema/schema-store';
-import { listCollectionEntries as listCollectionEntriesShared, sortByOrder, } from '../content-listing';
+import { ContentStore, ContentStoreError } from '../content-store.js';
+import { defineEndpoint } from './route-builder.js';
+import { normalizeFilesystemPath, parseSlug, parseLogicalPath } from '../paths/index.js';
+import { isNotFoundError } from '../utils/error.js';
+import { resolveEntryTitle } from '../utils/title-field.js';
+import { branchNameSchema, logicalPathSchema } from './validators.js';
+import { SchemaOps } from '../schema/schema-store.js';
+import { listCollectionEntries as listCollectionEntriesShared, sortByOrder, } from '../content-listing.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/github-sync.js

@@ -1,6 +1,6 @@
-import { enqueueTask } from '../worker/task-queue';
-import { getTaskQueueDir } from '../worker/task-queue-config';
-import { clientOperatingStrategy } from '../operating-mode';
+import { enqueueTask } from '../worker/task-queue.js';
+import { getTaskQueueDir } from '../worker/task-queue-config.js';
+import { clientOperatingStrategy } from '../operating-mode/index.js';
 /**
  * Submit a branch: create or update a PR.
  * Uses githubService directly if available, otherwise queues a task for the worker.

package/dist/api/groups.js

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-import { loadInternalGroups, saveInternalGroups, loadGroupsFile, RESERVED_GROUPS, isReservedGroup, } from '../authorization';
-import { defineEndpoint } from './route-builder';
-import { getSettingsBranchContext, commitSettings } from './settings-helpers';
-import { generateId } from '../id';
+import { loadInternalGroups, saveInternalGroups, loadGroupsFile, RESERVED_GROUPS, isReservedGroup, } from '../authorization/index.js';
+import { defineEndpoint } from './route-builder.js';
+import { getSettingsBranchContext, commitSettings } from './settings-helpers.js';
+import { generateId } from '../id.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/guards.js

@@ -15,7 +15,7 @@
  * })
  * ```
  */
-import { isAdmin, isReviewer, isPrivileged } from '../authorization/helpers';
+import { isAdmin, isReviewer, isPrivileged } from '../authorization/helpers.js';
 // ============================================================================
 // Guard runner implementations
 // ============================================================================

package/dist/api/index.js

@@ -1,8 +1,8 @@
 // Content API uses path-based routing now - no separate params/body types exported
 // Export route definitions
-export { USER_ROUTES } from './user';
+export { USER_ROUTES } from './user.js';
 // Note: SCHEMA_ROUTES is not exported here because it imports server-only code (fs module).
-// Import it directly from './schema' in server-side code when needed.
+// Import it directly from './schema.js' in server-side code when needed.
 // Export client
-export { CanopyApiClient, createApiClient } from './client';
+export { CanopyApiClient, createApiClient } from './client.js';
 //# sourceMappingURL=index.js.map

package/dist/api/permissions.js

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-import { loadPathPermissions, savePathPermissions, loadPermissionsFile } from '../authorization';
-import { permissionPathSchema } from './validators';
-import { defineEndpoint } from './route-builder';
-import { getSettingsBranchContext, commitSettings } from './settings-helpers';
+import { loadPathPermissions, savePathPermissions, loadPermissionsFile } from '../authorization/index.js';
+import { permissionPathSchema } from './validators.js';
+import { defineEndpoint } from './route-builder.js';
+import { getSettingsBranchContext, commitSettings } from './settings-helpers.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/reference-options.js

@@ -1,9 +1,9 @@
 import { z } from 'zod';
-import { ContentStore } from '../content-store';
-import { defineEndpoint } from './route-builder';
-import { ReferenceResolver } from '../reference-resolver';
-import { parseLogicalPath } from '../paths';
-import { branchNameSchema } from './validators';
+import { ContentStore } from '../content-store.js';
+import { defineEndpoint } from './route-builder.js';
+import { ReferenceResolver } from '../reference-resolver.js';
+import { parseLogicalPath } from '../paths/index.js';
+import { branchNameSchema } from './validators.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/resolve-references.js

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-import { ContentStore } from '../content-store';
-import { defineEndpoint } from './route-builder';
-import { ReferenceResolver } from '../reference-resolver';
-import { branchNameSchema, contentIdSchema } from './validators';
+import { ContentStore } from '../content-store.js';
+import { defineEndpoint } from './route-builder.js';
+import { ReferenceResolver } from '../reference-resolver.js';
+import { branchNameSchema, contentIdSchema } from './validators.js';
 // ============================================================================
 // Zod Schemas for Validation
 // ============================================================================

package/dist/api/route-builder.js

@@ -8,7 +8,7 @@
  * - Makes code generation trivial (no regex parsing needed)
  * - Self-documents the API surface
  */
-import { executeGuards } from './guards';
+import { executeGuards } from './guards.js';
 /**
  * Global registry - generator reads this
  */

package/dist/api/schema.js

@@ -11,11 +11,11 @@
  */
 import { z } from 'zod';
 import path from 'node:path';
-import { defineEndpoint } from './route-builder';
-import { getErrorMessage } from '../utils/error';
-import { branchNameSchema, logicalPathSchema } from './validators';
-import { SchemaOps, createCollectionInputSchema, updateCollectionInputSchema, entryTypeInputSchema, updateEntryTypeInputSchema, } from '../schema/schema-store';
-import { parseLogicalPath } from '../paths';
+import { defineEndpoint } from './route-builder.js';
+import { getErrorMessage } from '../utils/error.js';
+import { branchNameSchema, logicalPathSchema } from './validators.js';
+import { SchemaOps, createCollectionInputSchema, updateCollectionInputSchema, entryTypeInputSchema, updateEntryTypeInputSchema, } from '../schema/schema-store.js';
+import { parseLogicalPath } from '../paths/index.js';
 /**
  * Resolve the schemaRef for an entry type. Uses the explicit schemaRef if set,
  * otherwise does a reverse lookup in the registry by matching the schema array.

package/dist/api/settings-helpers.js

@@ -1,4 +1,4 @@
-import { operatingStrategy } from '../operating-mode';
+import { operatingStrategy } from '../operating-mode/index.js';
 /**
  * Get the appropriate root path for settings (permissions/groups).
  * Returns the settings root managed by the settings workspace.

package/dist/api/user.js

@@ -1,4 +1,4 @@
-import { defineEndpoint } from './route-builder';
+import { defineEndpoint } from './route-builder.js';
 /**
  * Get current user info
  * This is a PUBLIC endpoint - no special permissions required

package/dist/api/validators.js

@@ -6,7 +6,7 @@
  *
  * Usage:
  * ```ts
- * import { branchNameSchema, logicalPathSchema } from './validators'
+ * import { branchNameSchema, logicalPathSchema } from './validators.js'
  *
  * const paramsSchema = z.object({
  *   branch: branchNameSchema,
@@ -20,8 +20,8 @@
  * ```
  */
 import { z } from 'zod';
-import { parseBranchName, parseLogicalPath, parseContentId, parseSlug, } from '../paths';
-import { parsePermissionPath } from '../authorization';
+import { parseBranchName, parseLogicalPath, parseContentId, parseSlug, } from '../paths/index.js';
+import { parsePermissionPath } from '../authorization/index.js';
 /**
  * Zod schema for BranchName - validates git branch naming rules and brands.
  *

package/dist/asset-store.js

@@ -1,6 +1,6 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { isNotFoundError } from './utils/error';
+import { isNotFoundError } from './utils/error.js';
 const normalizeKey = (key) => key.replace(/^\/+/, '');
 /**
  * Local filesystem asset store for dev and tests. In production, swap with S3 adapter.

package/dist/auth/cache.js

@@ -3,6 +3,6 @@
  * These use node:fs/promises and must NOT be imported in client bundles.
  * Use 'canopycms/auth/cache' as the import path.
  */
-export { FileBasedAuthCache, writeAuthCacheSnapshot } from './file-based-auth-cache';
-export { CachingAuthPlugin } from './caching-auth-plugin';
+export { FileBasedAuthCache, writeAuthCacheSnapshot } from './file-based-auth-cache.js';
+export { CachingAuthPlugin } from './caching-auth-plugin.js';
 //# sourceMappingURL=cache.js.map

package/dist/auth/caching-auth-plugin.js

@@ -1,4 +1,4 @@
-import { createDebugLogger } from '../utils/debug';
+import { createDebugLogger } from '../utils/debug.js';
 const log = createDebugLogger({ prefix: 'CachingAuthPlugin' });
 /**
  * Auth plugin that wraps a token verifier with cached metadata lookups.

package/dist/auth/file-based-auth-cache.js

@@ -1,6 +1,6 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { createDebugLogger } from '../utils/debug';
+import { createDebugLogger } from '../utils/debug.js';
 const log = createDebugLogger({ prefix: 'FileBasedAuthCache' });
 /**
  * Resolve the active cache directory.

package/dist/auth/index.js

@@ -1,2 +1,2 @@
-export { isCanopyRequest, isHeadersLike, extractHeaders, validateAuthContext, } from './context-helpers';
+export { isCanopyRequest, isHeadersLike, extractHeaders, validateAuthContext, } from './context-helpers.js';
 //# sourceMappingURL=index.js.map

package/dist/authorization/branch.js

@@ -3,7 +3,7 @@
  *
  * Handles checking if a user can access a branch based on ACLs.
  */
-import { isAdmin, isReviewer } from './helpers';
+import { isAdmin, isReviewer } from './helpers.js';
 /**
  * Check if user has access to a branch with explicit default behavior.
  */

package/dist/authorization/content.js

@@ -6,7 +6,7 @@
  *
  * Usage:
  * ```ts
- * import { checkContentAccess } from './authorization'
+ * import { checkContentAccess } from './authorization.js'
  *
  * const result = await checkContentAccess(deps, context, branchRoot, 'content/posts/my-post.mdx', user, 'edit')
  * if (result.allowed) {
@@ -14,8 +14,8 @@
  * }
  * ```
  */
-import { operatingStrategy } from '../operating-mode';
-import { createCheckPathAccess } from './path';
+import { operatingStrategy } from '../operating-mode/index.js';
+import { createCheckPathAccess } from './path.js';
 /**
  * Check content access by evaluating both branch and path permissions.
  * Path permissions are loaded dynamically from the branch root.

package/dist/authorization/groups/index.js

@@ -1,6 +1,6 @@
 /**
  * Groups module exports
  */
-export { GroupsFileSchema, createDefaultGroupsFile, } from './schema';
-export { loadGroupsFile, loadInternalGroups, saveInternalGroups } from './loader';
+export { GroupsFileSchema, createDefaultGroupsFile, } from './schema.js';
+export { loadGroupsFile, loadInternalGroups, saveInternalGroups } from './loader.js';
 //# sourceMappingURL=index.js.map

package/dist/authorization/groups/loader.js

@@ -4,10 +4,10 @@
  * Handles loading and saving internal groups from the filesystem.
  */
 import { promises as fs } from 'node:fs';
-import { GroupsFileSchema } from './schema';
-import { operatingStrategy } from '../../operating-mode';
-import { RESERVED_GROUPS } from '../helpers';
-import { atomicWriteFile } from '../../utils/atomic-write';
+import { GroupsFileSchema } from './schema.js';
+import { operatingStrategy } from '../../operating-mode/index.js';
+import { RESERVED_GROUPS } from '../helpers.js';
+import { atomicWriteFile } from '../../utils/atomic-write.js';
 /**
  * Get the appropriate groups file path based on mode
  */

package/dist/authorization/index.js

@@ -8,7 +8,7 @@
  * For most use cases, use `checkContentAccess` which handles both branch and path permissions:
  *
  * ```ts
- * import { checkContentAccess } from './authorization'
+ * import { checkContentAccess } from './authorization.js'
  *
  * const result = await checkContentAccess(deps, context, branchRoot, 'content/posts/post.mdx', user, 'edit')
  * if (result.allowed) {
@@ -26,17 +26,17 @@
  * - `groups/` - Groups file schema and loader
  */
 // Validation
-export { parsePermissionPath } from './validation';
+export { parsePermissionPath } from './validation.js';
 // Main content access (recommended for most cases)
-export { checkContentAccess, createCheckContentAccess } from './content';
+export { checkContentAccess, createCheckContentAccess } from './content.js';
 // Branch-level access
-export { checkBranchAccessWithDefault, createCheckBranchAccess, canPerformWorkflowAction, } from './branch';
+export { checkBranchAccessWithDefault, createCheckBranchAccess, canPerformWorkflowAction, } from './branch.js';
 // Path-level access
-export { checkPathAccess, createCheckPathAccess } from './path';
+export { checkPathAccess, createCheckPathAccess } from './path.js';
 // Helper functions
-export { RESERVED_GROUPS, isReservedGroup, isAdmin, isReviewer, isPrivileged, } from './helpers';
+export { RESERVED_GROUPS, isReservedGroup, isAdmin, isReviewer, isPrivileged, } from './helpers.js';
 // Permissions file handling
-export { PermissionsFileSchema, createDefaultPermissionsFile, loadPermissionsFile, loadPathPermissions, savePathPermissions, ensurePermissionsFile, } from './permissions';
+export { PermissionsFileSchema, createDefaultPermissionsFile, loadPermissionsFile, loadPathPermissions, savePathPermissions, ensurePermissionsFile, } from './permissions/index.js';
 // Groups file handling
-export { GroupsFileSchema, createDefaultGroupsFile, loadGroupsFile, loadInternalGroups, saveInternalGroups, } from './groups';
+export { GroupsFileSchema, createDefaultGroupsFile, loadGroupsFile, loadInternalGroups, saveInternalGroups, } from './groups/index.js';
 //# sourceMappingURL=index.js.map

package/dist/authorization/path.js

@@ -5,7 +5,7 @@
  */
 import path from 'node:path';
 import { minimatch } from 'minimatch';
-import { isAdmin } from './helpers';
+import { isAdmin } from './helpers.js';
 /**
  * Normalize a path for consistent matching
  */

package/dist/authorization/permissions/index.js

@@ -1,6 +1,6 @@
 /**
  * Permissions module exports
  */
-export { PermissionsFileSchema, createDefaultPermissionsFile } from './schema';
-export { loadPermissionsFile, loadPathPermissions, savePathPermissions, ensurePermissionsFile, } from './loader';
+export { PermissionsFileSchema, createDefaultPermissionsFile } from './schema.js';
+export { loadPermissionsFile, loadPathPermissions, savePathPermissions, ensurePermissionsFile, } from './loader.js';
 //# sourceMappingURL=index.js.map

package/dist/authorization/permissions/loader.js

@@ -4,9 +4,9 @@
  * Handles loading and saving path permissions from the filesystem.
  */
 import fs from 'node:fs/promises';
-import { PermissionsFileSchema } from './schema';
-import { operatingStrategy } from '../../operating-mode';
-import { atomicWriteFile } from '../../utils/atomic-write';
+import { PermissionsFileSchema } from './schema.js';
+import { operatingStrategy } from '../../operating-mode/index.js';
+import { atomicWriteFile } from '../../utils/atomic-write.js';
 /**
  * Get the appropriate permissions file path based on mode
  */

package/dist/authorization/permissions/schema.js

@@ -2,7 +2,7 @@
  * Schema for permissions.json file
  */
 import { z } from 'zod';
-import { parsePermissionPath } from '../validation';
+import { parsePermissionPath } from '../validation.js';
 const permissionTargetSchema = z.object({
     allowedUsers: z.array(z.string()).optional(),
     allowedGroups: z.array(z.string()).optional(),

package/dist/authorization/test-utils.js

@@ -6,7 +6,7 @@
  *
  * @example
  * // In test files only:
- * import { unsafeAsPermissionPath } from '../authorization/test-utils'
+ * import { unsafeAsPermissionPath } from '../authorization/test-utils.js'
  */
 /** Test-only: cast a string to PermissionPath without validation. */
 export const unsafeAsPermissionPath = (path) => path;

package/dist/authorization/validation.js

@@ -4,7 +4,7 @@
  * SECURITY CRITICAL: These functions validate permission paths
  * to prevent path traversal attacks.
  */
-import { hasTraversalSequence } from '../paths/normalize';
+import { hasTraversalSequence } from '../paths/normalize.js';
 /**
  * Parse and validate a PermissionPath.
  *

package/dist/branch-metadata.js

@@ -1,9 +1,9 @@
 import { randomUUID } from 'node:crypto';
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { BranchRegistry } from './branch-registry';
-import { resolveBranchPath } from './paths';
-import { isFileExistsError, isNotFoundError } from './utils/error';
+import { BranchRegistry } from './branch-registry.js';
+import { resolveBranchPath } from './paths/index.js';
+import { isFileExistsError, isNotFoundError } from './utils/error.js';
 const BRANCH_META_DIR = '.canopy-meta';
 const BRANCH_META_FILE = 'branch.json';
 const CURRENT_SCHEMA_VERSION = 1;

package/dist/branch-registry.js

@@ -1,7 +1,7 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { BranchMetadataFileManager } from './branch-metadata';
-import { isNotFoundError } from './utils/error';
+import { BranchMetadataFileManager } from './branch-metadata.js';
+import { isNotFoundError } from './utils/error.js';
 // Registry files are stored directly in the branches root (not in a subdirectory)
 const REGISTRY_FILE = 'branches.json';
 const REGISTRY_STALE_FILE = 'branches.stale.json';

package/dist/branch-schema-cache.js

@@ -1,7 +1,7 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { resolveSchema, isValidSchema } from './schema/resolver';
-import { flattenSchema } from './config/flatten';
+import { resolveSchema, isValidSchema } from './schema/resolver.js';
+import { flattenSchema } from './config/flatten.js';
 /** Bump when BranchSchemaCacheEntry shape changes to auto-invalidate stale caches */
 const SCHEMA_CACHE_VERSION = 2;
 /** Minimum interval between mtime staleness checks (ms) */