dcql 2.0.0-alpha-20250916080434 → 2.0.0

package/dist/index.js

@@ -1,1559 +0,0 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
-// src/index.ts
-var index_exports = {};
-__export(index_exports, {
-  CredentialSetQuery: () => CredentialSetQuery,
-  DcqlClaimsQuery: () => DcqlClaimsQuery,
-  DcqlCredential: () => DcqlCredential,
-  DcqlCredentialPresentation: () => DcqlCredentialPresentation,
-  DcqlCredentialQuery: () => DcqlCredentialQuery,
-  DcqlCredentialSetError: () => DcqlCredentialSetError,
-  DcqlCredentialTrustedAuthority: () => DcqlCredentialTrustedAuthority,
-  DcqlError: () => DcqlError,
-  DcqlInvalidClaimsQueryIdError: () => DcqlInvalidClaimsQueryIdError,
-  DcqlInvalidPresentationRecordError: () => DcqlInvalidPresentationRecordError,
-  DcqlMdocCredential: () => DcqlMdocCredential,
-  DcqlMdocPresentation: () => DcqlMdocPresentation,
-  DcqlMissingClaimSetParseError: () => DcqlMissingClaimSetParseError,
-  DcqlNonUniqueCredentialQueryIdsError: () => DcqlNonUniqueCredentialQueryIdsError,
-  DcqlParseError: () => DcqlParseError,
-  DcqlPresentation: () => DcqlPresentation,
-  DcqlPresentationResult: () => DcqlPresentationResult,
-  DcqlPresentationResultError: () => DcqlPresentationResultError,
-  DcqlQuery: () => DcqlQuery,
-  DcqlQueryResult: () => DcqlQueryResult,
-  DcqlSdJwtVcCredential: () => DcqlSdJwtVcCredential,
-  DcqlSdJwtVcPresentation: () => DcqlSdJwtVcPresentation,
-  DcqlTrustedAuthoritiesQuery: () => DcqlTrustedAuthoritiesQuery,
-  DcqlUndefinedClaimSetIdError: () => DcqlUndefinedClaimSetIdError,
-  DcqlW3cVcCredential: () => DcqlW3cVcCredential,
-  DcqlW3cVcPresentation: () => DcqlW3cVcPresentation,
-  getCauseFromUnknown: () => getCauseFromUnknown,
-  getDcqlErrorFromUnknown: () => getDcqlErrorFromUnknown,
-  runDcqlQuery: () => runDcqlQuery
-});
-module.exports = __toCommonJS(index_exports);
-
-// src/dcql-error/e-base.ts
-function isObject(value) {
-  return !!value && !Array.isArray(value) && typeof value === "object";
-}
-var UnknownCauseError = class extends Error {
-};
-function getCauseFromUnknown(cause) {
-  if (cause instanceof Error) {
-    return cause;
-  }
-  const type = typeof cause;
-  if (type === "undefined" || type === "function" || cause === null) {
-    return void 0;
-  }
-  if (type !== "object") {
-    return new Error(String(cause));
-  }
-  if (isObject(cause)) {
-    const err = new UnknownCauseError();
-    for (const key in cause) {
-      err[key] = cause[key];
-    }
-    return err;
-  }
-  return void 0;
-}
-var isDcqlError = (cause) => {
-  if (cause instanceof DcqlError) {
-    return true;
-  }
-  if (cause instanceof Error && cause.name === "DcqlError") {
-    return true;
-  }
-  return false;
-};
-function getDcqlErrorFromUnknown(cause) {
-  if (isDcqlError(cause)) {
-    return cause;
-  }
-  const dcqlError = new DcqlError({
-    code: "INTERNAL_SERVER_ERROR",
-    cause
-  });
-  if (cause instanceof Error && cause.stack) {
-    dcqlError.stack = cause.stack;
-  }
-  return dcqlError;
-}
-var DcqlError = class extends Error {
-  constructor(opts) {
-    const cause = getCauseFromUnknown(opts.cause);
-    const message = opts.message ?? cause?.message ?? opts.code;
-    super(message, { cause });
-    this.code = opts.code;
-    this.name = "DcqlError";
-    if (!this.cause) {
-      this.cause = cause;
-    }
-  }
-};
-
-// src/dcql-error/e-dcql.ts
-var DcqlCredentialSetError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-var DcqlUndefinedClaimSetIdError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-var DcqlNonUniqueCredentialQueryIdsError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-var DcqlParseError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "PARSE_ERROR", ...opts });
-  }
-};
-var DcqlInvalidClaimsQueryIdError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-var DcqlMissingClaimSetParseError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "PARSE_ERROR", ...opts });
-  }
-};
-var DcqlInvalidPresentationRecordError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-var DcqlPresentationResultError = class extends DcqlError {
-  constructor(opts) {
-    super({ code: "BAD_REQUEST", ...opts });
-  }
-};
-
-// src/dcql-presentation/m-dcql-credential-presentation.ts
-var v5 = __toESM(require("valibot"));
-
-// src/u-dcql-credential.ts
-var v4 = __toESM(require("valibot"));
-
-// src/dcql-query/m-dcql-trusted-authorities.ts
-var v2 = __toESM(require("valibot"));
-
-// src/u-dcql.ts
-var v = __toESM(require("valibot"));
-var idRegex = /^[a-zA-Z0-9_-]+$/;
-function asNonEmptyArrayOrUndefined(array8) {
-  return array8.length > 0 ? array8 : void 0;
-}
-function isNonEmptyArray(array8) {
-  return array8.length > 0;
-}
-var vNonEmptyArray = (item) => {
-  return v.pipe(
-    v.array(item, (i) => `Expected input to be an array, but received '${i.received}'`),
-    v.custom(
-      (input) => input.length > 0,
-      "Array must be non-empty and have length of at least 1"
-    )
-  );
-};
-var vIncludesAll = (subset) => {
-  return v.custom(
-    (value) => {
-      if (!Array.isArray(value)) return false;
-      return subset.every((item) => value.includes(item));
-    },
-    `Value must include all of: ${subset.join(", ")}`
-  );
-};
-var vIdString = v.pipe(v.string(), v.regex(idRegex), v.nonEmpty());
-var vBase64url = v.regex(/^(?:[\w-]{4})*(?:[\w-]{2}(?:==)?|[\w-]{3}=?)?$/iu, "must be base64url");
-function isToJsonable(value) {
-  if (value === null || typeof value !== "object") return false;
-  const toJsonFn = value.toJson;
-  return typeof toJsonFn === "function";
-}
-var vWithJT = (schema) => v.pipe(
-  v.custom(() => true),
-  v.rawTransform(({ dataset, addIssue, NEVER }) => {
-    const result = v.safeParse(schema, dataset.value);
-    if (result.success) return dataset.value;
-    if (!isToJsonable(dataset.value)) {
-      for (const safeParseIssue of result.issues) {
-        addIssue({
-          ...safeParseIssue,
-          expected: safeParseIssue.expected ?? void 0
-        });
-      }
-      return NEVER;
-    }
-    let json;
-    try {
-      json = dataset.value.toJson();
-    } catch (error) {
-      for (const safeParseIssue of result.issues) {
-        addIssue({
-          ...safeParseIssue,
-          expected: safeParseIssue.expected ?? void 0
-        });
-      }
-      addIssue({ message: "Json Transformation failed" });
-      return NEVER;
-    }
-    const safeParseResult = v.safeParse(schema, json);
-    if (safeParseResult.success) return dataset.value;
-    for (const safeParseIssue of safeParseResult.issues) {
-      addIssue({
-        ...safeParseIssue,
-        expected: safeParseIssue.expected ?? void 0
-      });
-    }
-    return NEVER;
-  })
-);
-var vJsonLiteral = v.union([v.string(), v.number(), v.boolean(), v.null()]);
-var vJson = v.lazy(
-  () => v.union([vJsonLiteral, v.array(vJson), v.record(v.string(), vJson)])
-);
-var vJsonWithJT = v.lazy(
-  () => vWithJT(v.union([vJsonLiteral, v.array(vJson), v.record(v.string(), vJson)]))
-);
-var vJsonRecord = v.record(v.string(), vJson);
-var vStringToJson = v.rawTransform(({ dataset, addIssue, NEVER }) => {
-  try {
-    return JSON.parse(dataset.value);
-  } catch (error) {
-    addIssue({ message: "Invalid JSON" });
-    return NEVER;
-  }
-});
-
-// src/dcql-query/m-dcql-trusted-authorities.ts
-var getTrustedAuthorityParser = (trustedAuthority) => v2.pipe(
-  v2.object(
-    {
-      type: v2.literal(
-        trustedAuthority.type,
-        (i) => `Expected trusted authority type to be '${trustedAuthority.type}' but received ${typeof i.input === "string" ? `'${i.input}'` : i.input}`
-      ),
-      // Some trusted authorities support an array as input type
-      values: v2.pipe(
-        vNonEmptyArray(v2.string()),
-        v2.someItem(
-          (item) => trustedAuthority.values.includes(item),
-          (i) => `Expected one of the trusted authority values to be '${trustedAuthority.values.join("' | '")}' but received '${i.input.join("' , '")}'`
-        )
-      )
-    },
-    `Expected trusted authority object with type '${trustedAuthority.type}' to be defined, but received undefined`
-  ),
-  v2.transform(({ values, ...rest }) => ({
-    ...rest,
-    value: values.find((value) => trustedAuthority.values.includes(value))
-  }))
-);
-var vAuthorityKeyIdentifier = v2.object({
-  type: v2.literal("aki"),
-  values: vNonEmptyArray(
-    v2.pipe(
-      v2.string("aki trusted authority value must be a string"),
-      vBase64url,
-      v2.description(
-        "Contains a list of KeyIdentifier entries of the AuthorityKeyIdentifier as defined in Section 4.2.1.1 of [RFC5280], encoded as base64url. The raw byte representation of one of the elements MUST match with the AuthorityKeyIdentifier element of an X.509 certificate in the certificate chain present in the credential (e.g., in the header of an mdoc or SD-JWT). Note that the chain can consist of a single certificate and the credential can include the entire X.509 chain or parts of it."
-      )
-    )
-  )
-});
-var vEtsiTrustedList = v2.object({
-  type: v2.literal("etsi_tl"),
-  values: vNonEmptyArray(
-    v2.pipe(
-      v2.string("etsi_tl trusted authority value must be a string"),
-      v2.url("etsi_tl trusted authority value must be a valid https url"),
-      v2.check(
-        (url2) => url2.startsWith("http://") || url2.startsWith("https://"),
-        "etsi_tl trusted authority value must be a valid https url"
-      ),
-      v2.description(
-        "The identifier of a Trusted List as specified in ETSI TS 119 612 [ETSI.TL]. An ETSI Trusted List contains references to other Trusted Lists, creating a list of trusted lists, or entries for Trust Service Providers with corresponding service description and X.509 Certificates. The trust chain of a matching Credential MUST contain at least one X.509 Certificate that matches one of the entries of the Trusted List or its cascading Trusted Lists."
-      )
-    )
-  )
-});
-var vOpenidFederation = v2.object({
-  type: v2.literal("openid_federation"),
-  values: vNonEmptyArray(
-    v2.pipe(
-      v2.string("openid_federation trusted authority value must be a string"),
-      v2.url("openid_federation trusted authority value must be a valid https url"),
-      // TODO: should we have a config similar to oid4vc-ts to support http for development?
-      v2.check(
-        (url2) => url2.startsWith("http://") || url2.startsWith("https://"),
-        "openid_federation trusted authority value must be a valid https url"
-      ),
-      v2.description(
-        "The Entity Identifier as defined in Section 1 of [OpenID.Federation] that is bound to an entity in a federation. While this Entity Identifier could be any entity in that ecosystem, this entity would usually have the Entity Configuration of a Trust Anchor. A valid trust path, including the given Entity Identifier, must be constructible from a matching credential."
-      )
-    )
-  )
-});
-var vTrustedAuthorities = [vAuthorityKeyIdentifier, vEtsiTrustedList, vOpenidFederation];
-var DcqlTrustedAuthoritiesQuery;
-((DcqlTrustedAuthoritiesQuery2) => {
-  const vTrustedAuthoritiesQuery = vTrustedAuthorities.map(
-    (authority) => v2.object({
-      type: v2.pipe(
-        authority.entries.type,
-        v2.description(
-          "REQUIRED. A string uniquely identifying the type of information about the issuer trust framework."
-        )
-      ),
-      values: v2.pipe(
-        vNonEmptyArray(authority.entries.values.item),
-        v2.description(
-          "REQUIRED. An array of strings, where each string (value) contains information specific to the used Trusted Authorities Query type that allows to identify an issuer, trust framework, or a federation that an issuer belongs to."
-        )
-      )
-    })
-  );
-  DcqlTrustedAuthoritiesQuery2.vModel = v2.variant("type", vTrustedAuthoritiesQuery);
-})(DcqlTrustedAuthoritiesQuery || (DcqlTrustedAuthoritiesQuery = {}));
-var DcqlCredentialTrustedAuthority;
-((DcqlCredentialTrustedAuthority2) => {
-  DcqlCredentialTrustedAuthority2.vModel = v2.variant("type", vTrustedAuthorities);
-})(DcqlCredentialTrustedAuthority || (DcqlCredentialTrustedAuthority = {}));
-
-// src/u-model.ts
-var v3 = __toESM(require("valibot"));
-var ModelDefinition = class {
-  constructor(input) {
-    this.input = input;
-  }
-  get v() {
-    return this.input.vModel;
-  }
-  parse(input) {
-    const result = this.safeParse(input);
-    if (result.success) {
-      return result.output;
-    }
-    return new DcqlParseError({
-      message: JSON.stringify(result.flattened),
-      cause: result.error
-    });
-  }
-  safeParse(input) {
-    const res = v3.safeParse(this.input.vModel, input);
-    if (res.success) {
-      return { success: true, output: res.output };
-    }
-    return {
-      success: false,
-      error: new v3.ValiError(res.issues),
-      flattened: v3.flatten(res.issues)
-    };
-  }
-  is(input) {
-    return v3.is(this.v, input);
-  }
-};
-
-// src/u-dcql-credential.ts
-var vCredentialModelBase = v4.object({
-  authority: v4.optional(DcqlCredentialTrustedAuthority.vModel),
-  /**
-   * Indicates support/inclusion of cryptographic holder binding. This will be checked against
-   * the `require_cryptographic_holder_binding` property from the query.
-   *
-   * In the context of a presentation this value means whether the presentation is created
-   * with cryptographic holder binding. In the context of a credential query this means whether
-   * the credential supports cryptographic holder binding.
-   */
-  cryptographic_holder_binding: v4.pipe(
-    v4.boolean(),
-    v4.description(
-      "Indicates support/inclusion of cryptographic holder binding. This will be checked against the `require_cryptographic_holder_binding` property from the query."
-    )
-  )
-});
-var DcqlMdocCredential;
-((DcqlMdocCredential2) => {
-  DcqlMdocCredential2.vNamespaces = v4.record(v4.string(), v4.record(v4.string(), v4.unknown()));
-  DcqlMdocCredential2.vModel = v4.object({
-    ...vCredentialModelBase.entries,
-    credential_format: v4.literal("mso_mdoc"),
-    doctype: v4.string(),
-    namespaces: DcqlMdocCredential2.vNamespaces
-  });
-  DcqlMdocCredential2.model = new ModelDefinition({ vModel: DcqlMdocCredential2.vModel });
-})(DcqlMdocCredential || (DcqlMdocCredential = {}));
-var DcqlSdJwtVcCredential;
-((DcqlSdJwtVcCredential2) => {
-  DcqlSdJwtVcCredential2.vClaims = vJsonRecord;
-  DcqlSdJwtVcCredential2.vModel = v4.object({
-    ...vCredentialModelBase.entries,
-    credential_format: v4.picklist(["vc+sd-jwt", "dc+sd-jwt"]),
-    vct: v4.string(),
-    claims: DcqlSdJwtVcCredential2.vClaims
-  });
-  DcqlSdJwtVcCredential2.model = new ModelDefinition({ vModel: DcqlSdJwtVcCredential2.vModel });
-})(DcqlSdJwtVcCredential || (DcqlSdJwtVcCredential = {}));
-var DcqlW3cVcCredential;
-((DcqlW3cVcCredential2) => {
-  DcqlW3cVcCredential2.vClaims = vJsonRecord;
-  DcqlW3cVcCredential2.vModel = v4.object({
-    ...vCredentialModelBase.entries,
-    credential_format: v4.picklist(["ldp_vc", "jwt_vc_json", "vc+sd-jwt"]),
-    claims: DcqlW3cVcCredential2.vClaims,
-    type: v4.array(v4.string())
-  });
-  DcqlW3cVcCredential2.model = new ModelDefinition({ vModel: DcqlW3cVcCredential2.vModel });
-})(DcqlW3cVcCredential || (DcqlW3cVcCredential = {}));
-var DcqlCredential;
-((DcqlCredential2) => {
-  DcqlCredential2.vModel = v4.variant("credential_format", [
-    DcqlMdocCredential.vModel,
-    DcqlSdJwtVcCredential.vModel,
-    DcqlW3cVcCredential.vModel
-  ]);
-  DcqlCredential2.model = new ModelDefinition({ vModel: DcqlCredential2.vModel });
-})(DcqlCredential || (DcqlCredential = {}));
-
-// src/dcql-presentation/m-dcql-credential-presentation.ts
-var DcqlMdocPresentation;
-((DcqlMdocPresentation2) => {
-  DcqlMdocPresentation2.vModel = DcqlMdocCredential.vModel;
-  DcqlMdocPresentation2.model = new ModelDefinition({ vModel: DcqlMdocPresentation2.vModel });
-})(DcqlMdocPresentation || (DcqlMdocPresentation = {}));
-var DcqlSdJwtVcPresentation;
-((DcqlSdJwtVcPresentation2) => {
-  DcqlSdJwtVcPresentation2.vModel = DcqlSdJwtVcCredential.vModel;
-  DcqlSdJwtVcPresentation2.model = new ModelDefinition({ vModel: DcqlSdJwtVcPresentation2.vModel });
-})(DcqlSdJwtVcPresentation || (DcqlSdJwtVcPresentation = {}));
-var DcqlW3cVcPresentation;
-((DcqlW3cVcPresentation2) => {
-  DcqlW3cVcPresentation2.vModel = DcqlW3cVcCredential.vModel;
-  DcqlW3cVcPresentation2.model = new ModelDefinition({ vModel: DcqlW3cVcPresentation2.vModel });
-})(DcqlW3cVcPresentation || (DcqlW3cVcPresentation = {}));
-var DcqlCredentialPresentation;
-((DcqlCredentialPresentation2) => {
-  DcqlCredentialPresentation2.model = new ModelDefinition({
-    vModel: v5.variant("credential_format", [
-      DcqlMdocPresentation.vModel,
-      DcqlSdJwtVcPresentation.vModel,
-      DcqlW3cVcPresentation.vModel
-    ])
-  });
-})(DcqlCredentialPresentation || (DcqlCredentialPresentation = {}));
-
-// src/dcql-presentation/m-dcql-presentation-result.ts
-var v16 = __toESM(require("valibot"));
-
-// src/dcql-parser/dcql-claims-query-result.ts
-var v7 = __toESM(require("valibot"));
-
-// src/dcql-query/m-dcql-claims-query.ts
-var v6 = __toESM(require("valibot"));
-var DcqlClaimsQuery;
-((DcqlClaimsQuery2) => {
-  DcqlClaimsQuery2.vValue = v6.union([v6.string(), v6.pipe(v6.number(), v6.integer()), v6.boolean()]);
-  DcqlClaimsQuery2.vPath = v6.union([v6.string(), v6.pipe(v6.number(), v6.integer(), v6.minValue(0)), v6.null()]);
-  DcqlClaimsQuery2.vW3cSdJwtVc = v6.object({
-    id: v6.pipe(
-      v6.optional(vIdString),
-      v6.description(
-        "A string identifying the particular claim. The value MUST be a non-empty string consisting of alphanumeric, underscore (_) or hyphen (-) characters. Within the particular claims array, the same id MUST NOT be present more than once."
-      )
-    ),
-    path: v6.pipe(
-      vNonEmptyArray(DcqlClaimsQuery2.vPath),
-      v6.description(
-        "A non-empty array representing a claims path pointer that specifies the path to a claim within the Verifiable Credential."
-      )
-    ),
-    values: v6.pipe(
-      v6.optional(v6.array(DcqlClaimsQuery2.vValue)),
-      v6.description(
-        "An array of strings, integers or boolean values that specifies the expected values of the claim. If the values property is present, the Wallet SHOULD return the claim only if the type and value of the claim both match for at least one of the elements in the array."
-      )
-    )
-  });
-  const vMdocBase = v6.object({
-    id: v6.pipe(
-      v6.optional(vIdString),
-      v6.description(
-        "A string identifying the particular claim. The value MUST be a non-empty string consisting of alphanumeric, underscore (_) or hyphen (-) characters. Within the particular claims array, the same id MUST NOT be present more than once."
-      )
-    ),
-    values: v6.pipe(
-      v6.optional(v6.array(DcqlClaimsQuery2.vValue)),
-      v6.description(
-        "An array of strings, integers or boolean values that specifies the expected values of the claim. If the values property is present, the Wallet SHOULD return the claim only if the type and value of the claim both match for at least one of the elements in the array."
-      )
-    )
-  });
-  DcqlClaimsQuery2.vMdocNamespace = v6.object({
-    ...vMdocBase.entries,
-    namespace: v6.pipe(
-      v6.string(),
-      v6.description(
-        "A string that specifies the namespace of the data element within the mdoc, e.g., org.iso.18013.5.1."
-      )
-    ),
-    claim_name: v6.pipe(
-      v6.string(),
-      v6.description(
-        "A string that specifies the data element identifier of the data element within the provided namespace in the mdoc, e.g., first_name."
-      )
-    )
-  });
-  DcqlClaimsQuery2.vMdocPath = v6.object({
-    ...vMdocBase.entries,
-    intent_to_retain: v6.pipe(
-      v6.optional(v6.boolean()),
-      v6.description(
-        "A boolean that is equivalent to `IntentToRetain` variable defined in Section 8.3.2.1.2.1 of [@ISO.18013-5]."
-      )
-    ),
-    path: v6.pipe(
-      v6.tuple([
-        v6.pipe(
-          v6.string(),
-          v6.description(
-            "A string that specifies the namespace of the data element within the mdoc, e.g., org.iso.18013.5.1."
-          )
-        ),
-        v6.pipe(
-          v6.string(),
-          v6.description(
-            "A string that specifies the data element identifier of the data element within the provided namespace in the mdoc, e.g., first_name."
-          )
-        )
-      ]),
-      v6.description(
-        "An array defining a claims path pointer into an mdoc. It must contain two elements of type string. The first element refers to a namespace and the second element refers to a data element identifier."
-      )
-    )
-  });
-  DcqlClaimsQuery2.vMdoc = v6.union([DcqlClaimsQuery2.vMdocNamespace, DcqlClaimsQuery2.vMdocPath]);
-  DcqlClaimsQuery2.vModel = v6.union([DcqlClaimsQuery2.vMdoc, DcqlClaimsQuery2.vW3cSdJwtVc]);
-})(DcqlClaimsQuery || (DcqlClaimsQuery = {}));
-
-// src/util/deep-merge.ts
-function deepMerge(source, target) {
-  let newTarget = target;
-  if (Object.getPrototypeOf(source) !== Object.prototype && !Array.isArray(source)) {
-    throw new DcqlError({
-      message: "source value provided to deepMerge is neither an array or object.",
-      code: "PARSE_ERROR"
-    });
-  }
-  if (Object.getPrototypeOf(target) !== Object.prototype && !Array.isArray(target)) {
-    throw new DcqlError({
-      message: "target value provided to deepMerge is neither an array or object.",
-      code: "PARSE_ERROR"
-    });
-  }
-  for (const [key, val] of Object.entries(source)) {
-    if (val !== null && typeof val === "object" && (Object.getPrototypeOf(val) === Object.prototype || Array.isArray(val))) {
-      const newValue = deepMerge(
-        val,
-        newTarget[key] ?? new (Object.getPrototypeOf(val)).constructor()
-      );
-      newTarget = setValue(newTarget, key, newValue);
-    } else if (val != null) {
-      newTarget = setValue(newTarget, key, val);
-    }
-  }
-  return newTarget;
-}
-function setValue(target, key, value) {
-  let newTarget = target;
-  if (Array.isArray(newTarget)) {
-    newTarget = [...newTarget];
-    newTarget[key] = value;
-  } else if (Object.getPrototypeOf(newTarget) === Object.prototype) {
-    newTarget = { ...newTarget, [key]: value };
-  } else {
-    throw new DcqlError({
-      message: "Unsupported type for deep merge. Only primitive types or Array and Object are supported",
-      code: "INTERNAL_SERVER_ERROR"
-    });
-  }
-  return newTarget;
-}
-
-// src/dcql-parser/dcql-claims-query-result.ts
-var pathToString = (path) => path.map((item) => typeof item === "string" ? `'${item}'` : `${item}`).join(".");
-var getClaimParser = (path, values) => {
-  if (values) {
-    return v7.union(
-      values.map(
-        (val) => v7.literal(
-          val,
-          (i) => `Expected claim ${pathToString(path)} to be ${typeof val === "string" ? `'${val}'` : val} but received ${typeof i.input === "string" ? `'${i.input}'` : i.input}`
-        )
-      ),
-      (i) => `Expected claim ${pathToString(path)} to be ${values.map((v19) => typeof v19 === "string" ? `'${v19}'` : v19).join(" | ")} but received ${typeof i.input === "string" ? `'${i.input}'` : i.input}`
-    );
-  }
-  return v7.pipe(
-    v7.unknown(),
-    v7.check((value) => value !== null && value !== void 0, `Expected claim '${path.join("'.'")}' to be defined`)
-  );
-};
-var getMdocClaimParser = (claimQuery) => {
-  const mdocPathQuery = v7.is(DcqlClaimsQuery.vMdocNamespace, claimQuery) ? {
-    id: claimQuery.id,
-    path: [claimQuery.namespace, claimQuery.claim_name],
-    values: claimQuery.values
-  } : claimQuery;
-  const namespace = mdocPathQuery.path[0];
-  const field = mdocPathQuery.path[1];
-  return v7.object(
-    {
-      [namespace]: v7.object(
-        {
-          [field]: getClaimParser(mdocPathQuery.path, claimQuery.values)
-        },
-        `Expected claim ${pathToString(mdocPathQuery.path)} to be defined`
-      )
-    },
-    `Expected claim ${pathToString(mdocPathQuery.path)} to be defined`
-  );
-};
-var getJsonClaimParser = (claimQuery, ctx) => {
-  const { index, presentation } = ctx;
-  const pathElement = claimQuery.path[index];
-  const isLast = index === claimQuery.path.length - 1;
-  const vClaimParser = getClaimParser(claimQuery.path, claimQuery.values);
-  if (typeof pathElement === "number") {
-    const elementParser = isLast ? vClaimParser : getJsonClaimParser(claimQuery, { ...ctx, index: index + 1 });
-    if (presentation) {
-      return v7.pipe(
-        v7.array(v7.any(), `Expected path ${pathToString(claimQuery.path.slice(0, index + 1))} to be an array`),
-        v7.rawTransform(({ dataset, addIssue }) => {
-          const issues = [];
-          for (const item of dataset.value) {
-            const itemResult = v7.safeParse(elementParser, item);
-            if (itemResult.success) {
-              return dataset.value;
-            }
-            issues.push(itemResult.issues[0]);
-          }
-          addIssue({
-            ...issues[0],
-            message: isLast ? issues[0].message : `Expected any element in array ${pathToString(claimQuery.path.slice(0, index + 1))} to match sub requirement but none matched: ${issues[0].message}`
-          });
-          return dataset.value;
-        })
-      );
-    }
-    return v7.pipe(
-      v7.array(v7.any(), `Expected path ${pathToString(claimQuery.path.slice(0, index + 1))} to be an array`),
-      v7.rawTransform(({ addIssue, dataset, NEVER }) => {
-        const result = v7.safeParse(elementParser, dataset.value[pathElement]);
-        if (!result.success) {
-          addIssue(result.issues[0]);
-          return NEVER;
-        }
-        return [...dataset.value.slice(0, pathElement).map(() => null), result.output];
-      })
-    );
-  }
-  if (typeof pathElement === "string") {
-    return v7.object(
-      {
-        [pathElement]: isLast ? vClaimParser : getJsonClaimParser(claimQuery, { ...ctx, index: index + 1 })
-      },
-      `Expected claim ${pathToString(claimQuery.path)} to be defined`
-    );
-  }
-  return v7.pipe(
-    v7.array(v7.any(), `Expected path ${pathToString(claimQuery.path.slice(0, index + 1))} to be an array`),
-    v7.rawTransform(({ addIssue, dataset, NEVER }) => {
-      const mapped = dataset.value.map((item) => {
-        const parsed = v7.safeParse(
-          isLast ? vClaimParser : getJsonClaimParser(claimQuery, { ...ctx, index: index + 1 }),
-          item
-        );
-        return parsed;
-      });
-      if (mapped.every((parsed) => !parsed.success)) {
-        for (const parsed of mapped) {
-          for (const issue of parsed.issues) {
-            addIssue(issue);
-          }
-        }
-        return NEVER;
-      }
-      return mapped.map((parsed) => parsed.success ? parsed.output : null);
-    })
-  );
-};
-var runClaimsQuery = (credentialQuery, ctx) => {
-  if (!credentialQuery.claims) {
-    return {
-      success: true,
-      valid_claims: void 0,
-      failed_claims: void 0,
-      valid_claim_sets: [
-        {
-          claim_set_index: void 0,
-          output: {},
-          success: true,
-          valid_claim_indexes: void 0
-        }
-      ],
-      failed_claim_sets: void 0
-    };
-  }
-  const failedClaims = [];
-  const validClaims = [];
-  for (const [claimIndex, claimQuery] of credentialQuery.claims.entries()) {
-    const parser = credentialQuery.format === "mso_mdoc" ? getMdocClaimParser(claimQuery) : getJsonClaimParser(claimQuery, {
-      index: 0,
-      presentation: ctx.presentation
-    });
-    const parseResult = v7.safeParse(
-      parser,
-      ctx.credential.credential_format === "mso_mdoc" ? ctx.credential.namespaces : ctx.credential.claims
-    );
-    if (parseResult.success) {
-      validClaims.push({
-        success: true,
-        claim_index: claimIndex,
-        claim_id: claimQuery.id,
-        output: parseResult.output,
-        parser
-      });
-    } else {
-      const flattened = v7.flatten(parseResult.issues);
-      failedClaims.push({
-        success: false,
-        issues: flattened.nested ?? flattened,
-        claim_index: claimIndex,
-        claim_id: claimQuery.id,
-        output: parseResult.output,
-        parser
-      });
-    }
-  }
-  const failedClaimSets = [];
-  const validClaimSets = [];
-  for (const [claimSetIndex, claimSet] of credentialQuery.claim_sets?.entries() ?? [[void 0, void 0]]) {
-    const claims = claimSet?.map((id) => {
-      const claim = validClaims.find((claim2) => claim2.claim_id === id) ?? failedClaims.find((claim2) => claim2.claim_id === id);
-      if (!claim) {
-        throw new DcqlParseError({
-          message: `Claim with id '${id}' in query '${credentialQuery.id}' from claim set with index '${claimSetIndex}' not found in claims of claim`
-        });
-      }
-      return claim;
-    }) ?? [...validClaims, ...failedClaims];
-    if (claims.every((claim) => claim.success)) {
-      const output = claims.reduce((merged, claim) => deepMerge(claim.output, merged), {});
-      validClaimSets.push({
-        success: true,
-        claim_set_index: claimSetIndex,
-        output,
-        valid_claim_indexes: asNonEmptyArrayOrUndefined(claims.map((claim) => claim.claim_index))
-      });
-    } else {
-      const issues = failedClaims.reduce((merged, claim) => deepMerge(claim.issues, merged), {});
-      failedClaimSets.push({
-        success: false,
-        issues,
-        claim_set_index: claimSetIndex,
-        failed_claim_indexes: claims.filter((claim) => !claim.success).map((claim) => claim.claim_index),
-        valid_claim_indexes: asNonEmptyArrayOrUndefined(
-          claims.filter((claim) => claim.success).map((claim) => claim.claim_index)
-        )
-      });
-    }
-  }
-  if (isNonEmptyArray(validClaimSets)) {
-    return {
-      success: true,
-      failed_claim_sets: asNonEmptyArrayOrUndefined(failedClaimSets),
-      valid_claim_sets: validClaimSets,
-      valid_claims: asNonEmptyArrayOrUndefined(validClaims.map(({ parser, ...rest }) => rest)),
-      failed_claims: asNonEmptyArrayOrUndefined(failedClaims.map(({ parser, ...rest }) => rest))
-    };
-  }
-  return {
-    success: false,
-    failed_claim_sets: failedClaimSets,
-    failed_claims: failedClaims.map(({ parser, ...rest }) => rest),
-    valid_claims: asNonEmptyArrayOrUndefined(validClaims.map(({ parser, ...rest }) => rest))
-  };
-};
-
-// src/dcql-parser/dcql-meta-query-result.ts
-var v8 = __toESM(require("valibot"));
-var getCryptographicHolderBindingValue = (credentialQuery) => v8.object({
-  cryptographic_holder_binding: credentialQuery.require_cryptographic_holder_binding ? v8.literal(
-    true,
-    (i) => `Expected cryptographic_holder_binding to be true (because credential query '${credentialQuery.id}' requires cryptographic holder binding), but received ${i.input}`
-  ) : v8.boolean()
-});
-var getMdocMetaParser = (credentialQuery) => {
-  const vDoctype = credentialQuery.meta?.doctype_value ? v8.literal(
-    credentialQuery.meta.doctype_value,
-    (i) => `Expected doctype to be '${credentialQuery.meta?.doctype_value}' but received '${i.input}'`
-  ) : v8.string("Expected doctype to be defined");
-  const credentialParser = v8.object({
-    credential_format: v8.literal(
-      "mso_mdoc",
-      (i) => `Expected credential format to be 'mso_mdoc' but received '${i.input}'`
-    ),
-    doctype: vDoctype,
-    ...getCryptographicHolderBindingValue(credentialQuery).entries
-  });
-  return credentialParser;
-};
-var getSdJwtVcMetaParser = (credentialQuery) => {
-  return v8.object({
-    credential_format: v8.literal(
-      credentialQuery.format,
-      (i) => `Expected credential format to be '${credentialQuery.format}' but received '${i.input}'`
-    ),
-    vct: credentialQuery.meta?.vct_values ? v8.picklist(
-      credentialQuery.meta.vct_values,
-      (i) => `Expected vct to be '${credentialQuery.meta?.vct_values?.join("' | '")}' but received '${i.input}'`
-    ) : v8.string("Expected vct to be defined"),
-    ...getCryptographicHolderBindingValue(credentialQuery).entries
-  });
-};
-var getW3cVcMetaParser = (credentialQuery) => {
-  return v8.object({
-    credential_format: v8.literal(
-      credentialQuery.format,
-      (i) => `Expected credential format to be '${credentialQuery.format}' but received '${i.input}'`
-    ),
-    type: credentialQuery.meta?.type_values ? v8.union(
-      credentialQuery.meta.type_values.map((values) => vIncludesAll(values)),
-      `Expected type to include all values from one of the following subsets: ${credentialQuery.meta.type_values.map((values) => `[${values.join(", ")}]`).join(" | ")}`
-    ) : vNonEmptyArray(v8.string()),
-    ...getCryptographicHolderBindingValue(credentialQuery).entries
-  });
-};
-var getMetaParser = (credentialQuery) => {
-  if (credentialQuery.format === "mso_mdoc") {
-    return getMdocMetaParser(credentialQuery);
-  }
-  if (credentialQuery.format === "dc+sd-jwt") {
-    return getSdJwtVcMetaParser(credentialQuery);
-  }
-  if (credentialQuery.format === "vc+sd-jwt") {
-    if (credentialQuery.meta && "type_values" in credentialQuery.meta) {
-      return getW3cVcMetaParser(credentialQuery);
-    }
-    return getSdJwtVcMetaParser(credentialQuery);
-  }
-  if (credentialQuery.format === "ldp_vc" || credentialQuery.format === "jwt_vc_json") {
-    return getW3cVcMetaParser(credentialQuery);
-  }
-  throw new DcqlError({
-    code: "NOT_IMPLEMENTED",
-    message: `Unsupported format '${credentialQuery.format}'`
-  });
-};
-var runMetaQuery = (credentialQuery, credential) => {
-  const metaParser = getMetaParser(credentialQuery);
-  const parseResult = v8.safeParse(metaParser, credential);
-  if (!parseResult.success) {
-    const issues = v8.flatten(parseResult.issues);
-    return {
-      success: false,
-      issues: issues.nested ?? issues,
-      output: parseResult.output
-    };
-  }
-  return {
-    success: true,
-    output: parseResult.output
-  };
-};
-
-// src/dcql-parser/dcql-trusted-authorities-result.ts
-var v9 = __toESM(require("valibot"));
-var runTrustedAuthoritiesQuery = (credentialQuery, credential) => {
-  if (!credentialQuery.trusted_authorities) {
-    return {
-      success: true
-    };
-  }
-  const failedTrustedAuthorities = [];
-  for (const [trustedAuthorityIndex, trustedAuthority] of credentialQuery.trusted_authorities.entries()) {
-    const trustedAuthorityParser = getTrustedAuthorityParser(trustedAuthority);
-    const parseResult = v9.safeParse(trustedAuthorityParser, credential.authority);
-    if (parseResult.success) {
-      return {
-        success: true,
-        valid_trusted_authority: {
-          success: true,
-          trusted_authority_index: trustedAuthorityIndex,
-          output: parseResult.output
-        },
-        failed_trusted_authorities: asNonEmptyArrayOrUndefined(failedTrustedAuthorities)
-      };
-    }
-    const issues = v9.flatten(parseResult.issues);
-    failedTrustedAuthorities.push({
-      success: false,
-      trusted_authority_index: trustedAuthorityIndex,
-      issues: issues.nested ?? issues,
-      output: parseResult.output
-    });
-  }
-  return {
-    success: false,
-    failed_trusted_authorities: failedTrustedAuthorities
-  };
-};
-
-// src/dcql-parser/dcql-credential-query-result.ts
-var runCredentialQuery = (credentialQuery, ctx) => {
-  const { credentials, presentation } = ctx;
-  const validCredentials = [];
-  const failedCredentials = [];
-  for (const [credentialIndex, credential] of credentials.entries()) {
-    const trustedAuthorityResult = runTrustedAuthoritiesQuery(credentialQuery, credential);
-    const claimsResult = runClaimsQuery(credentialQuery, { credential, presentation });
-    const metaResult = runMetaQuery(credentialQuery, credential);
-    if (claimsResult.success && trustedAuthorityResult.success && metaResult.success) {
-      validCredentials.push({
-        success: true,
-        input_credential_index: credentialIndex,
-        trusted_authorities: trustedAuthorityResult,
-        meta: metaResult,
-        claims: claimsResult
-      });
-    } else {
-      failedCredentials.push({
-        success: false,
-        input_credential_index: credentialIndex,
-        trusted_authorities: trustedAuthorityResult,
-        meta: metaResult,
-        claims: claimsResult
-      });
-    }
-  }
-  if (isNonEmptyArray(validCredentials)) {
-    return {
-      success: true,
-      credential_query_id: credentialQuery.id,
-      failed_credentials: asNonEmptyArrayOrUndefined(failedCredentials),
-      valid_credentials: validCredentials
-    };
-  }
-  return {
-    success: false,
-    credential_query_id: credentialQuery.id,
-    // Can be undefined if no credentials were provided to the query
-    failed_credentials: asNonEmptyArrayOrUndefined(failedCredentials),
-    valid_credentials: void 0
-  };
-};
-
-// src/dcql-query-result/m-dcql-query-result.ts
-var v15 = __toESM(require("valibot"));
-
-// src/dcql-query/m-dcql-credential-query.ts
-var v10 = __toESM(require("valibot"));
-var DcqlCredentialQuery;
-((DcqlCredentialQuery2) => {
-  const vBase = v10.object({
-    id: v10.pipe(
-      v10.string(),
-      v10.regex(idRegex),
-      v10.description(
-        `REQUIRED. A string identifying the Credential in the response and, if provided, the constraints in 'credential_sets'.`
-      )
-    ),
-    require_cryptographic_holder_binding: v10.pipe(
-      v10.optional(v10.boolean(), true),
-      v10.description(
-        "OPTIONAL. A boolean which indicates whether the Verifier requires a Cryptographic Holder Binding proof. The default value is true, i.e., a Verifiable Presentation with Cryptographic Holder Binding is required. If set to false, the Verifier accepts a Credential without Cryptographic Holder Binding proof."
-      )
-    ),
-    multiple: v10.pipe(
-      v10.optional(v10.boolean(), false),
-      v10.description(
-        "OPTIONAL. A boolean which indicates whether multiple Credentials can be returned for this Credential Query. If omitted, the default value is false."
-      )
-    ),
-    claim_sets: v10.pipe(
-      v10.optional(vNonEmptyArray(vNonEmptyArray(vIdString))),
-      v10.description(
-        `OPTIONAL. A non-empty array containing arrays of identifiers for elements in 'claims' that specifies which combinations of 'claims' for the Credential are requested.`
-      )
-    ),
-    trusted_authorities: v10.pipe(
-      v10.optional(vNonEmptyArray(DcqlTrustedAuthoritiesQuery.vModel)),
-      v10.description(
-        "OPTIONAL. A non-empty array of objects as defined in Section 6.1.1 that specifies expected authorities or trust frameworks that certify Issuers, that the Verifier will accept. Every Credential returned by the Wallet SHOULD match at least one of the conditions present in the corresponding trusted_authorities array if present."
-      )
-    )
-  });
-  DcqlCredentialQuery2.vMdoc = v10.object({
-    ...vBase.entries,
-    format: v10.pipe(
-      v10.literal("mso_mdoc"),
-      v10.description("REQUIRED. A string that specifies the format of the requested Verifiable Credential.")
-    ),
-    claims: v10.pipe(
-      v10.optional(vNonEmptyArray(DcqlClaimsQuery.vMdoc)),
-      v10.description("OPTIONAL. A non-empty array of objects as that specifies claims in the requested Credential.")
-    ),
-    meta: v10.pipe(
-      v10.optional(
-        v10.object({
-          doctype_value: v10.pipe(
-            v10.optional(v10.string()),
-            v10.description(
-              "OPTIONAL. String that specifies an allowed value for the doctype of the requested Verifiable Credential."
-            )
-          )
-        })
-      ),
-      v10.description(
-        "OPTIONAL. An object defining additional properties requested by the Verifier that apply to the metadata and validity data of the Credential."
-      )
-    )
-  });
-  DcqlCredentialQuery2.vSdJwtVc = v10.object({
-    ...vBase.entries,
-    format: v10.pipe(
-      v10.picklist(["vc+sd-jwt", "dc+sd-jwt"]),
-      v10.description("REQUIRED. A string that specifies the format of the requested Verifiable Credential.")
-    ),
-    claims: v10.pipe(
-      v10.optional(vNonEmptyArray(DcqlClaimsQuery.vW3cSdJwtVc)),
-      v10.description("OPTIONAL. A non-empty array of objects as that specifies claims in the requested Credential.")
-    ),
-    meta: v10.pipe(
-      v10.optional(
-        v10.pipe(
-          v10.object({
-            vct_values: v10.optional(v10.array(v10.string()))
-          }),
-          v10.description(
-            "OPTIONAL. An array of strings that specifies allowed values for the type of the requested Verifiable Credential."
-          )
-        )
-      ),
-      v10.description(
-        "OPTIONAL. An object defining additional properties requested by the Verifier that apply to the metadata and validity data of the Credential."
-      )
-    )
-  });
-  DcqlCredentialQuery2.vW3cVc = v10.object({
-    ...vBase.entries,
-    format: v10.pipe(
-      v10.picklist(["jwt_vc_json", "ldp_vc", "vc+sd-jwt"]),
-      v10.description("REQUIRED. A string that specifies the format of the requested Verifiable Credential.")
-    ),
-    claims: v10.pipe(
-      v10.optional(vNonEmptyArray(DcqlClaimsQuery.vW3cSdJwtVc)),
-      v10.description("OPTIONAL. A non-empty array of objects as that specifies claims in the requested Credential.")
-    ),
-    meta: v10.pipe(
-      v10.pipe(
-        v10.object({
-          type_values: v10.pipe(
-            vNonEmptyArray(vNonEmptyArray(v10.string())),
-            v10.description(
-              "REQUIRED. An array of string arrays that specifies the fully expanded types (IRIs) after the @context was applied that the Verifier accepts to be presented in the Presentation. Each of the top-level arrays specifies one alternative to match the type values of the Verifiable Credential against. Each inner array specifies a set of fully expanded types that MUST be present in the type property of the Verifiable Credential, regardless of order or the presence of additional types."
-            )
-          )
-        })
-      ),
-      v10.description(
-        "REQUIRED. An object defining additional properties requested by the Verifier that apply to the metadata and validity data of the Credential."
-      )
-    )
-  });
-  DcqlCredentialQuery2.vModel = v10.variant("format", [DcqlCredentialQuery2.vMdoc, DcqlCredentialQuery2.vW3cVc, DcqlCredentialQuery2.vSdJwtVc]);
-  DcqlCredentialQuery2.validate = (credentialQuery) => {
-    claimSetIdsAreDefined(credentialQuery);
-  };
-})(DcqlCredentialQuery || (DcqlCredentialQuery = {}));
-var claimSetIdsAreDefined = (credentialQuery) => {
-  if (!credentialQuery.claim_sets) return;
-  const claimIds = new Set(credentialQuery.claims?.map((claim) => claim.id));
-  const undefinedClaims = [];
-  for (const claim_set of credentialQuery.claim_sets) {
-    for (const claim_id of claim_set) {
-      if (!claimIds.has(claim_id)) {
-        undefinedClaims.push(claim_id);
-      }
-    }
-  }
-  if (undefinedClaims.length > 0) {
-    throw new DcqlUndefinedClaimSetIdError({
-      message: `Credential set contains undefined credential id${undefinedClaims.length === 0 ? "" : "`s"} '${undefinedClaims.join(", ")}'`
-    });
-  }
-};
-
-// src/dcql-query/m-dcql-credential-set-query.ts
-var v11 = __toESM(require("valibot"));
-var CredentialSetQuery;
-((CredentialSetQuery2) => {
-  CredentialSetQuery2.vModel = v11.object({
-    options: v11.pipe(
-      vNonEmptyArray(v11.array(vIdString)),
-      v11.description(
-        "REQUIRED. A non-empty array, where each value in the array is a list of Credential Query identifiers representing one set of Credentials that satisfies the use case."
-      )
-    ),
-    required: v11.pipe(
-      v11.optional(v11.boolean(), true),
-      v11.description(
-        `OPTIONAL. Boolean which indicates whether this set of Credentials is required to satisfy the particular use case at the Verifier. If omitted, the default value is 'true'.`
-      )
-    ),
-    purpose: v11.pipe(
-      v11.optional(v11.union([v11.string(), v11.number(), v11.record(v11.string(), v11.unknown())])),
-      v11.description("OPTIONAL. A string, number or object specifying the purpose of the query.")
-    )
-  });
-})(CredentialSetQuery || (CredentialSetQuery = {}));
-
-// src/dcql-query-result/m-claims-result.ts
-var v12 = __toESM(require("valibot"));
-var DcqlClaimsResult;
-((DcqlClaimsResult2) => {
-  const vClaimsOutput = v12.union([
-    DcqlMdocCredential.vModel.entries.namespaces,
-    DcqlSdJwtVcCredential.vModel.entries.claims,
-    DcqlW3cVcCredential.vModel.entries.claims
-  ]);
-  DcqlClaimsResult2.vClaimsEntrySuccessResult = v12.object({
-    success: v12.literal(true),
-    claim_index: v12.number(),
-    claim_id: v12.optional(vIdString),
-    output: vClaimsOutput
-  });
-  DcqlClaimsResult2.vClaimsEntryFailureResult = v12.object({
-    success: v12.literal(false),
-    claim_index: v12.number(),
-    claim_id: v12.optional(vIdString),
-    issues: v12.record(v12.string(), v12.unknown()),
-    output: v12.unknown()
-  });
-  DcqlClaimsResult2.vClaimSetSuccessResult = v12.object({
-    success: v12.literal(true),
-    // Undefined in case of no claim set
-    claim_set_index: v12.union([v12.number(), v12.undefined()]),
-    // We use indexes because if there are no claim sets, the ids can be undefined
-    // Can be empty array in case there are no claims
-    valid_claim_indexes: v12.optional(vNonEmptyArray(v12.number())),
-    failed_claim_indexes: v12.optional(v12.undefined()),
-    output: vClaimsOutput
-  });
-  DcqlClaimsResult2.vClaimSetFailureResult = v12.object({
-    success: v12.literal(false),
-    // Undefined in case of no claim set
-    claim_set_index: v12.union([v12.number(), v12.undefined()]),
-    // We use indexes because if there are no claim sets, the ids can be undefined
-    valid_claim_indexes: v12.optional(vNonEmptyArray(v12.number())),
-    failed_claim_indexes: vNonEmptyArray(v12.number()),
-    issues: v12.record(v12.string(), v12.unknown())
-  });
-  DcqlClaimsResult2.vClaimsSuccessResult = v12.object({
-    success: v12.literal(true),
-    valid_claims: v12.optional(vNonEmptyArray(DcqlClaimsResult2.vClaimsEntrySuccessResult)),
-    failed_claims: v12.optional(vNonEmptyArray(DcqlClaimsResult2.vClaimsEntryFailureResult)),
-    valid_claim_sets: vNonEmptyArray(DcqlClaimsResult2.vClaimSetSuccessResult),
-    failed_claim_sets: v12.optional(vNonEmptyArray(DcqlClaimsResult2.vClaimSetFailureResult))
-  });
-  DcqlClaimsResult2.vClaimsFailureResult = v12.object({
-    success: v12.literal(false),
-    valid_claims: v12.optional(vNonEmptyArray(DcqlClaimsResult2.vClaimsEntrySuccessResult)),
-    failed_claims: vNonEmptyArray(DcqlClaimsResult2.vClaimsEntryFailureResult),
-    valid_claim_sets: v12.optional(v12.undefined()),
-    failed_claim_sets: vNonEmptyArray(DcqlClaimsResult2.vClaimSetFailureResult)
-  });
-  DcqlClaimsResult2.vModel = v12.union([DcqlClaimsResult2.vClaimsSuccessResult, DcqlClaimsResult2.vClaimsFailureResult]);
-})(DcqlClaimsResult || (DcqlClaimsResult = {}));
-
-// src/dcql-query-result/m-meta-result.ts
-var v13 = __toESM(require("valibot"));
-var DcqlMetaResult;
-((DcqlMetaResult2) => {
-  DcqlMetaResult2.vMetaSuccessResult = v13.object({
-    success: v13.literal(true),
-    output: v13.variant("credential_format", [
-      v13.pick(DcqlSdJwtVcCredential.vModel, ["credential_format", "cryptographic_holder_binding", "vct"]),
-      v13.pick(DcqlMdocCredential.vModel, ["credential_format", "cryptographic_holder_binding", "doctype"]),
-      v13.pick(DcqlW3cVcCredential.vModel, ["credential_format", "cryptographic_holder_binding", "type"])
-    ])
-  });
-  DcqlMetaResult2.vMetaFailureResult = v13.object({
-    success: v13.literal(false),
-    issues: v13.record(v13.string(), v13.unknown()),
-    output: v13.unknown()
-  });
-  DcqlMetaResult2.vModel = v13.union([DcqlMetaResult2.vMetaSuccessResult, DcqlMetaResult2.vMetaFailureResult]);
-})(DcqlMetaResult || (DcqlMetaResult = {}));
-
-// src/dcql-query-result/m-trusted-authorities-result.ts
-var v14 = __toESM(require("valibot"));
-var DcqlTrustedAuthoritiesResult;
-((DcqlTrustedAuthoritiesResult2) => {
-  DcqlTrustedAuthoritiesResult2.vTrustedAuthorityEntrySuccessResult = v14.object({
-    success: v14.literal(true),
-    trusted_authority_index: v14.number(),
-    // We map from values (multiple options for a credential/query) to value (the matching option)
-    output: v14.variant(
-      "type",
-      DcqlCredentialTrustedAuthority.vModel.options.map(
-        (o) => v14.object({
-          type: o.entries.type,
-          value: o.entries.values.item
-        })
-      )
-    )
-  });
-  DcqlTrustedAuthoritiesResult2.vTrustedAuthorityEntryFailureResult = v14.object({
-    success: v14.literal(false),
-    trusted_authority_index: v14.number(),
-    issues: v14.record(v14.string(), v14.unknown()),
-    output: v14.unknown()
-  });
-  DcqlTrustedAuthoritiesResult2.vTrustedAuthoritySuccessResult = v14.union([
-    // In this case there is no trusted authority on the query
-    v14.object({
-      success: v14.literal(true),
-      valid_trusted_authority: v14.optional(v14.undefined()),
-      failed_trusted_authorities: v14.optional(v14.undefined())
-    }),
-    v14.object({
-      success: v14.literal(true),
-      valid_trusted_authority: DcqlTrustedAuthoritiesResult2.vTrustedAuthorityEntrySuccessResult,
-      failed_trusted_authorities: v14.optional(vNonEmptyArray(DcqlTrustedAuthoritiesResult2.vTrustedAuthorityEntryFailureResult))
-    })
-  ]);
-  DcqlTrustedAuthoritiesResult2.vTrustedAuthorityFailureResult = v14.object({
-    success: v14.literal(false),
-    valid_trusted_authority: v14.optional(v14.undefined()),
-    failed_trusted_authorities: vNonEmptyArray(DcqlTrustedAuthoritiesResult2.vTrustedAuthorityEntryFailureResult)
-  });
-  DcqlTrustedAuthoritiesResult2.vModel = v14.union([...DcqlTrustedAuthoritiesResult2.vTrustedAuthoritySuccessResult.options, DcqlTrustedAuthoritiesResult2.vTrustedAuthorityFailureResult]);
-})(DcqlTrustedAuthoritiesResult || (DcqlTrustedAuthoritiesResult = {}));
-
-// src/dcql-query-result/m-dcql-query-result.ts
-var DcqlQueryResult;
-((DcqlQueryResult2) => {
-  DcqlQueryResult2.vCredentialQueryItemCredentialSuccessResult = v15.object({
-    success: v15.literal(true),
-    input_credential_index: v15.number(),
-    trusted_authorities: DcqlTrustedAuthoritiesResult.vTrustedAuthoritySuccessResult,
-    // TODO: format specific (we should probably add format to this object, to differentiate?)
-    claims: DcqlClaimsResult.vClaimsSuccessResult,
-    meta: DcqlMetaResult.vMetaSuccessResult
-  });
-  DcqlQueryResult2.vCredentialQueryItemCredentialFailureResult = v15.object({
-    success: v15.literal(false),
-    input_credential_index: v15.number(),
-    trusted_authorities: DcqlTrustedAuthoritiesResult.vModel,
-    claims: DcqlClaimsResult.vModel,
-    meta: DcqlMetaResult.vModel
-  });
-  DcqlQueryResult2.vCredentialQueryItemResult = v15.union([
-    v15.object({
-      success: v15.literal(true),
-      credential_query_id: vIdString,
-      valid_credentials: vNonEmptyArray(DcqlQueryResult2.vCredentialQueryItemCredentialSuccessResult),
-      failed_credentials: v15.optional(vNonEmptyArray(DcqlQueryResult2.vCredentialQueryItemCredentialFailureResult))
-    }),
-    v15.object({
-      success: v15.literal(false),
-      credential_query_id: vIdString,
-      valid_credentials: v15.optional(v15.undefined()),
-      failed_credentials: v15.optional(vNonEmptyArray(DcqlQueryResult2.vCredentialQueryItemCredentialFailureResult))
-    })
-  ]);
-  DcqlQueryResult2.vCredentialQueryResult = v15.record(vIdString, DcqlQueryResult2.vCredentialQueryItemResult);
-  DcqlQueryResult2.vModel = v15.object({
-    credentials: v15.pipe(
-      vNonEmptyArray(DcqlCredentialQuery.vModel),
-      v15.description(
-        "REQUIRED. A non-empty array of Credential Queries that specify the requested Verifiable Credentials."
-      )
-    ),
-    credential_matches: DcqlQueryResult2.vCredentialQueryResult,
-    credential_sets: v15.optional(
-      v15.pipe(
-        vNonEmptyArray(
-          v15.object({
-            ...CredentialSetQuery.vModel.entries,
-            matching_options: v15.union([v15.undefined(), vNonEmptyArray(v15.array(v15.string()))])
-          })
-        ),
-        v15.description(
-          "OPTIONAL. A non-empty array of credential set queries that specifies additional constraints on which of the requested Verifiable Credentials to return."
-        )
-      )
-    ),
-    can_be_satisfied: v15.boolean()
-  });
-})(DcqlQueryResult || (DcqlQueryResult = {}));
-
-// src/dcql-presentation/m-dcql-presentation-result.ts
-var DcqlPresentationResult;
-((DcqlPresentationResult2) => {
-  DcqlPresentationResult2.vModel = v16.omit(DcqlQueryResult.vModel, ["credentials"]);
-  DcqlPresentationResult2.parse = (input) => {
-    return v16.parse(DcqlPresentationResult2.vModel, input);
-  };
-  DcqlPresentationResult2.fromDcqlPresentation = (dcqlPresentation, ctx) => {
-    const { dcqlQuery } = ctx;
-    const queriesResults = Object.entries(dcqlPresentation).map(([credentialQueryId, presentations]) => {
-      const credentialQuery = dcqlQuery.credentials.find((c) => c.id === credentialQueryId);
-      if (!credentialQuery) {
-        throw new DcqlPresentationResultError({
-          message: `Query ${credentialQueryId} not found in the dcql query. Cannot validate presentation.`
-        });
-      }
-      if (Array.isArray(presentations)) {
-        if (presentations.length === 0) {
-          throw new DcqlPresentationResultError({
-            message: `Query credential '${credentialQueryId}' is present in the presentations but the value is an empty array. Each entry must at least provide one presentation.`
-          });
-        }
-        if (!credentialQuery.multiple && presentations.length > 1) {
-          throw new DcqlPresentationResultError({
-            message: `Query credential '${credentialQueryId}' has not enabled 'multiple', but multiple presentations were provided. Only a single presentation is allowed for each query credential when 'multiple' is not enabled on the query.`
-          });
-        }
-      }
-      return runCredentialQuery(credentialQuery, {
-        presentation: true,
-        credentials: presentations ? Array.isArray(presentations) ? presentations : [presentations] : []
-      });
-    });
-    const credentialSetResults = dcqlQuery.credential_sets?.map((set) => {
-      const matchingOptions = set.options.filter(
-        (option) => option.every(
-          (credentialQueryId) => queriesResults.find((result) => result.credential_query_id === credentialQueryId)?.success
-        )
-      );
-      return {
-        ...set,
-        matching_options: matchingOptions.length > 0 ? matchingOptions : void 0
-      };
-    });
-    const dqclQueryMatched = (
-      // We require that all the submitted presentations match with the queries
-      // So we must have success for all queries, and we don't allow failed_credentials
-      queriesResults.every((result) => result.success && !result.failed_credentials) && (credentialSetResults ? credentialSetResults.every((set) => !set.required || set.matching_options) : (
-        // If not credential_sets are used, we require that at least every credential has a match
-        dcqlQuery.credentials.every(
-          (credentialQuery) => queriesResults.find((result) => result.credential_query_id === credentialQuery.id)?.success
-        )
-      ))
-    );
-    return {
-      // NOTE: can_be_satisfied is maybe not the best term, because we return false if it can be
-      // satisfied, but one of the provided presentations did not match
-      can_be_satisfied: dqclQueryMatched,
-      credential_sets: credentialSetResults,
-      credential_matches: Object.fromEntries(queriesResults.map((result) => [result.credential_query_id, result]))
-    };
-  };
-  DcqlPresentationResult2.validate = (dcqlQueryResult) => {
-    if (!dcqlQueryResult.can_be_satisfied) {
-      throw new DcqlInvalidPresentationRecordError({
-        message: "Invalid Presentation record",
-        cause: dcqlQueryResult
-      });
-    }
-    return dcqlQueryResult;
-  };
-})(DcqlPresentationResult || (DcqlPresentationResult = {}));
-
-// src/dcql-presentation/m-dcql-presentation.ts
-var v17 = __toESM(require("valibot"));
-var DcqlPresentation;
-((DcqlPresentation2) => {
-  const vPresentationEntry = v17.union([v17.string(), vJsonRecord]);
-  DcqlPresentation2.vModel = v17.pipe(
-    v17.union([
-      v17.record(vIdString, vNonEmptyArray(vPresentationEntry)),
-      v17.record(
-        vIdString,
-        // We support presentation entry directly (not as array) to support older draft of DCQL
-        vPresentationEntry
-      )
-    ]),
-    v17.description(
-      "REQUIRED. This is a JSON-encoded object containing entries where the key is the id value used for a Credential Query in the DCQL query and the value is an array of one or more Presentations that match the respective Credential Query. When multiple is omitted, or set to false, the array MUST contain only one Presentation. There MUST NOT be any entry in the JSON-encoded object for optional Credential Queries when there are no matching Credentials for the respective Credential Query. Each Presentation is represented as a string or object, depending on the format as defined in Appendix B. The same rules as above apply for encoding the Presentations."
-    )
-  );
-  DcqlPresentation2.parse = (input) => {
-    if (typeof input === "string") {
-      return v17.parse(v17.pipe(v17.string(), vStringToJson, DcqlPresentation2.vModel), input);
-    }
-    return v17.parse(DcqlPresentation2.vModel, input);
-  };
-  DcqlPresentation2.encode = (input) => {
-    return JSON.stringify(input);
-  };
-})(DcqlPresentation || (DcqlPresentation = {}));
-
-// src/dcql-query-result/run-dcql-query.ts
-var runDcqlQuery = (dcqlQuery, ctx) => {
-  const credentialQueriesResults = Object.fromEntries(
-    dcqlQuery.credentials.map((credentialQuery) => [credentialQuery.id, runCredentialQuery(credentialQuery, ctx)])
-  );
-  const credentialSetResults = dcqlQuery.credential_sets?.map((set) => {
-    const matchingOptions = set.options.filter(
-      (option) => option.every((credentialQueryId) => credentialQueriesResults[credentialQueryId].success)
-    );
-    return {
-      ...set,
-      matching_options: matchingOptions.length > 0 ? matchingOptions : void 0
-    };
-  });
-  const dqclQueryMatched = credentialSetResults ? credentialSetResults.every((set) => !set.required || set.matching_options) : (
-    // If not credential_sets are used, we require that at least every credential has a match
-    dcqlQuery.credentials.every(({ id }) => credentialQueriesResults[id].success === true)
-  );
-  return {
-    ...dcqlQuery,
-    can_be_satisfied: dqclQueryMatched,
-    credential_matches: credentialQueriesResults,
-    credential_sets: credentialSetResults
-  };
-};
-
-// src/dcql-query/m-dcql-query.ts
-var v18 = __toESM(require("valibot"));
-var DcqlQuery;
-((DcqlQuery2) => {
-  DcqlQuery2.vModel = v18.object({
-    credentials: v18.pipe(
-      vNonEmptyArray(DcqlCredentialQuery.vModel),
-      v18.description(
-        "REQUIRED. A non-empty array of Credential Queries that specify the requested Verifiable Credentials."
-      )
-    ),
-    credential_sets: v18.pipe(
-      v18.optional(vNonEmptyArray(CredentialSetQuery.vModel)),
-      v18.description(
-        "OPTIONAL. A non-empty array of credential set queries that specifies additional constraints on which of the requested Verifiable Credentials to return."
-      )
-    )
-  });
-  DcqlQuery2.validate = (dcqlQuery) => {
-    validateUniqueCredentialQueryIds(dcqlQuery);
-    validateCredentialSets(dcqlQuery);
-    dcqlQuery.credentials.forEach(DcqlCredentialQuery.validate);
-  };
-  DcqlQuery2.query = (dcqlQuery, credentials) => {
-    return runDcqlQuery(dcqlQuery, { credentials, presentation: false });
-  };
-  DcqlQuery2.parse = (input) => {
-    return v18.parse(DcqlQuery2.vModel, input);
-  };
-})(DcqlQuery || (DcqlQuery = {}));
-var validateUniqueCredentialQueryIds = (query) => {
-  const ids = query.credentials.map((c) => c.id);
-  const duplicates = ids.filter((id, index) => ids.indexOf(id) !== index);
-  if (duplicates.length > 0) {
-    throw new DcqlNonUniqueCredentialQueryIdsError({
-      message: `Duplicate credential query ids found: ${duplicates.join(", ")}`
-    });
-  }
-};
-var validateCredentialSets = (query) => {
-  if (!query.credential_sets) return;
-  const credentialQueryIds = new Set(query.credentials.map((c) => c.id));
-  const undefinedCredentialQueryIds = [];
-  for (const credential_set of query.credential_sets) {
-    for (const credentialSetOption of credential_set.options) {
-      for (const credentialQueryId of credentialSetOption) {
-        if (!credentialQueryIds.has(credentialQueryId)) {
-          undefinedCredentialQueryIds.push(credentialQueryId);
-        }
-      }
-    }
-  }
-  if (undefinedCredentialQueryIds.length > 0) {
-    throw new DcqlCredentialSetError({
-      message: `Credential set contains undefined credential id${undefinedCredentialQueryIds.length === 1 ? "" : "`s"} '${undefinedCredentialQueryIds.join(", ")}'`
-    });
-  }
-};
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  CredentialSetQuery,
-  DcqlClaimsQuery,
-  DcqlCredential,
-  DcqlCredentialPresentation,
-  DcqlCredentialQuery,
-  DcqlCredentialSetError,
-  DcqlCredentialTrustedAuthority,
-  DcqlError,
-  DcqlInvalidClaimsQueryIdError,
-  DcqlInvalidPresentationRecordError,
-  DcqlMdocCredential,
-  DcqlMdocPresentation,
-  DcqlMissingClaimSetParseError,
-  DcqlNonUniqueCredentialQueryIdsError,
-  DcqlParseError,
-  DcqlPresentation,
-  DcqlPresentationResult,
-  DcqlPresentationResultError,
-  DcqlQuery,
-  DcqlQueryResult,
-  DcqlSdJwtVcCredential,
-  DcqlSdJwtVcPresentation,
-  DcqlTrustedAuthoritiesQuery,
-  DcqlUndefinedClaimSetIdError,
-  DcqlW3cVcCredential,
-  DcqlW3cVcPresentation,
-  getCauseFromUnknown,
-  getDcqlErrorFromUnknown,
-  runDcqlQuery
-});
-//# sourceMappingURL=index.js.map