npm - emdash - Versions diffs - 0.18.0 → 0.19.0 - Mend

emdash 0.18.0 → 0.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (408) hide show

package/dist/cron-BJ2ClIlj.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cron-BJ2ClIlj.mjs","names":[],"sources":["../src/plugins/cron.ts"],"sourcesContent":["/**\n * Plugin Cron System\n *\n * Provides scheduled task execution for plugins:\n * - CronExecutor: claims overdue tasks, invokes per-plugin cron hook, updates next run.\n * - CronAccessImpl: per-plugin API for schedule/cancel/list.\n *\n */\n\nimport { Cron } from \"croner\";\nimport type { Kysely } from \"kysely\";\nimport { sql } from \"kysely\";\nimport { ulid } from \"ulidx\";\n\nimport type { Database } from \"../database/types.js\";\nimport type { CronAccess, CronEvent, CronTaskInfo } from \"./types.js\";\n\n/** Stale lock threshold in minutes */\nconst STALE_LOCK_MINUTES = 10;\n\n/**\n * Callback to invoke a plugin's cron hook.\n * Provided by PluginManager so CronExecutor stays decoupled from the hook pipeline.\n */\nexport type InvokeCronHookFn = (pluginId: string, event: CronEvent) => Promise<void>;\n\n/**\n * Callback to notify the scheduler that the next due time may have changed.\n */\nexport type RescheduleFn = () => void;\n\n// ─── CronExecutor ──────────────────────────────────────────────────────────\n\n/**\n * Executes overdue cron tasks.\n *\n * Called by the platform driver: the NodeCronScheduler timer on Node, or the\n * Worker's `scheduled()` handler (via runScheduledTasks) on Cloudflare.\n * Stateless — all state lives in the database.\n */\nexport class CronExecutor {\n\tconstructor(\n\t\tprivate db: Kysely<Database>,\n\t\tprivate invokeCronHook: InvokeCronHookFn,\n\t) {}\n\n\t/**\n\t * Process all overdue tasks.\n\t *\n\t * 1. Atomically claim tasks whose next_run_at <= now, status = idle, enabled = 1.\n\t * 2. For each claimed task, invoke the plugin's cron hook.\n\t * 3. On success: compute next_run_at and reset to idle, or delete one-shots.\n\t * 4. On failure: reset to idle (retry on next tick).\n\t */\n\tasync tick(): Promise<number> {\n\t\tconst now = new Date().toISOString();\n\t\tlet processed = 0;\n\n\t\t// Claim overdue tasks atomically\n\t\tconst claimed = await sql<{\n\t\t\tid: string;\n\t\t\tplugin_id: string;\n\t\t\ttask_name: string;\n\t\t\tschedule: string;\n\t\t\tis_oneshot: number;\n\t\t\tdata: string | null;\n\t\t\tnext_run_at: string;\n\t\t}>`\n\t\t\tUPDATE _emdash_cron_tasks\n\t\t\tSET status = 'running', locked_at = ${now}\n\t\t\tWHERE id IN (\n\t\t\t\tSELECT id FROM _emdash_cron_tasks\n\t\t\t\tWHERE next_run_at <= ${now}\n\t\t\t\t AND status = 'idle'\n\t\t\t\t AND enabled = 1\n\t\t\t\tORDER BY next_run_at ASC\n\t\t\t\tLIMIT 10\n\t\t\t)\n\t\t\tRETURNING id, plugin_id, task_name, schedule, is_oneshot, data, next_run_at\n\t\t`.execute(this.db);\n\n\t\tfor (const task of claimed.rows) {\n\t\t\t// Parse task data safely �� malformed JSON must not crash the entire batch\n\t\t\tlet parsedData: Record<string, unknown> | undefined;\n\t\t\tif (task.data) {\n\t\t\t\ttry {\n\t\t\t\t\tparsedData = JSON.parse(task.data) as Record<string, unknown>;\n\t\t\t\t} catch {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[cron] Invalid JSON data for ${task.plugin_id}:${task.task_name}, skipping`,\n\t\t\t\t\t);\n\t\t\t\t\tawait sql`\n\t\t\t\t\t\tUPDATE _emdash_cron_tasks\n\t\t\t\t\t\tSET status = 'idle', locked_at = NULL\n\t\t\t\t\t\tWHERE id = ${task.id}\n\t\t\t\t\t`.execute(this.db);\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst event: CronEvent = {\n\t\t\t\tname: task.task_name,\n\t\t\t\tdata: parsedData,\n\t\t\t\tscheduledAt: task.next_run_at,\n\t\t\t};\n\n\t\t\tlet hookFailed = false;\n\t\t\ttry {\n\t\t\t\tawait this.invokeCronHook(task.plugin_id, event);\n\t\t\t} catch (error) {\n\t\t\t\thookFailed = true;\n\t\t\t\tconsole.error(`[cron] Hook failed for ${task.plugin_id}:${task.task_name}:`, error);\n\t\t\t}\n\n\t\t\tif (task.is_oneshot) {\n\t\t\t\tif (hookFailed) {\n\t\t\t\t\t// Retry metadata is namespaced under __emdash to avoid collisions\n\t\t\t\t\t// with plugin-controlled data fields.\n\t\t\t\t\tconst meta =\n\t\t\t\t\t\tparsedData?.__emdash != null && typeof parsedData.__emdash === \"object\"\n\t\t\t\t\t\t\t? (parsedData.__emdash as Record<string, unknown>)\n\t\t\t\t\t\t\t: undefined;\n\t\t\t\t\tconst raw = meta?.retryCount;\n\t\t\t\t\tconst retryCount =\n\t\t\t\t\t\ttypeof raw === \"number\" && Number.isFinite(raw) && raw > 0 ? Math.floor(raw) : 0;\n\t\t\t\t\tconst MAX_ONESHOT_RETRIES = 5;\n\n\t\t\t\t\tif (retryCount >= MAX_ONESHOT_RETRIES) {\n\t\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t\t`[cron] One-shot task ${task.plugin_id}:${task.task_name} exceeded ${MAX_ONESHOT_RETRIES} retries, removing`,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tawait sql`\n\t\t\t\t\t\tDELETE FROM _emdash_cron_tasks WHERE id = ${task.id}\n\t\t\t\t\t`.execute(this.db);\n\t\t\t\t\t} else {\n\t\t\t\t\t\t// Retry with exponential backoff: 1m, 2m, 4m, 8m, 16m\n\t\t\t\t\t\tconst backoffMs = 60_000 * Math.pow(2, retryCount);\n\t\t\t\t\t\tconst retryAt = new Date(Date.now() + backoffMs).toISOString();\n\t\t\t\t\t\tconst updatedData = JSON.stringify({\n\t\t\t\t\t\t\t...parsedData,\n\t\t\t\t\t\t\t__emdash: { ...meta, retryCount: retryCount + 1 },\n\t\t\t\t\t\t});\n\t\t\t\t\t\tawait sql`\n\t\t\t\t\t\tUPDATE _emdash_cron_tasks\n\t\t\t\t\t\tSET status = 'idle', locked_at = NULL, next_run_at = ${retryAt}, data = ${updatedData}\n\t\t\t\t\t\tWHERE id = ${task.id}\n\t\t\t\t\t`.execute(this.db);\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\t// Success: delete the one-shot task\n\t\t\t\t\tawait sql`\n\t\t\t\t\t\tDELETE FROM _emdash_cron_tasks WHERE id = ${task.id}\n\t\t\t\t\t`.execute(this.db);\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\t// Recurring: compute next run and reset\n\t\t\t\tconst nextRun = nextCronTime(task.schedule);\n\t\t\t\tawait sql`\n\t\t\t\t\tUPDATE _emdash_cron_tasks\n\t\t\t\t\tSET status = 'idle',\n\t\t\t\t\t\tlocked_at = NULL,\n\t\t\t\t\t\tlast_run_at = ${now},\n\t\t\t\t\t\tnext_run_at = ${nextRun}\n\t\t\t\t\tWHERE id = ${task.id}\n\t\t\t\t`.execute(this.db);\n\t\t\t}\n\n\t\t\tprocessed++;\n\t\t}\n\n\t\treturn processed;\n\t}\n\n\t/**\n\t * Recover tasks stuck in 'running' for more than STALE_LOCK_MINUTES.\n\t * These likely crashed mid-execution.\n\t */\n\tasync recoverStaleLocks(): Promise<number> {\n\t\tconst cutoff = new Date(Date.now() - STALE_LOCK_MINUTES * 60 * 1000).toISOString();\n\n\t\tconst result = await sql`\n\t\t\tUPDATE _emdash_cron_tasks\n\t\t\tSET status = 'idle', locked_at = NULL\n\t\t\tWHERE status = 'running'\n\t\t\t AND locked_at < ${cutoff}\n\t\t`.execute(this.db);\n\n\t\treturn Number(result.numAffectedRows ?? 0);\n\t}\n\n\t/**\n\t * Get the next due time across all enabled tasks.\n\t * Returns null if no tasks are scheduled.\n\t */\n\tasync getNextDueTime(): Promise<string | null> {\n\t\tconst result = await sql<{ next: string | null }>`\n\t\t\tSELECT MIN(next_run_at) as next\n\t\t\tFROM _emdash_cron_tasks\n\t\t\tWHERE status = 'idle' AND enabled = 1\n\t\t`.execute(this.db);\n\n\t\treturn result.rows[0]?.next ?? null;\n\t}\n}\n\n// ─── CronAccessImpl ────────────────────────────────────────────────────────\n\n/**\n * Per-plugin cron API implementation.\n * Scoped to a single plugin ID — plugins cannot see or modify other plugins' tasks.\n */\nexport class CronAccessImpl implements CronAccess {\n\tconstructor(\n\t\tprivate db: Kysely<Database>,\n\t\tprivate pluginId: string,\n\t\tprivate reschedule: RescheduleFn,\n\t) {}\n\n\tasync schedule(\n\t\tname: string,\n\t\topts: { schedule: string; data?: Record<string, unknown> },\n\t): Promise<void> {\n\t\tvalidateTaskName(name);\n\t\tvalidateSchedule(opts.schedule);\n\n\t\tconst oneshot = isOneShot(opts.schedule);\n\t\tconst nextRun = oneshot ? opts.schedule : nextCronTime(opts.schedule);\n\t\tconst dataJson = opts.data ? JSON.stringify(opts.data) : null;\n\t\tconst id = ulid();\n\n\t\t// Upsert: if task already exists for this plugin+name, update it.\n\t\t// Guard: don't clobber a task that is currently executing.\n\t\tawait sql`\n\t\t\tINSERT INTO _emdash_cron_tasks (id, plugin_id, task_name, schedule, is_oneshot, data, next_run_at, status, enabled)\n\t\t\tVALUES (${id}, ${this.pluginId}, ${name}, ${opts.schedule}, ${oneshot ? 1 : 0}, ${dataJson}, ${nextRun}, 'idle', 1)\n\t\t\tON CONFLICT (plugin_id, task_name) DO UPDATE SET\n\t\t\t\tschedule = ${opts.schedule},\n\t\t\t\tis_oneshot = ${oneshot ? 1 : 0},\n\t\t\t\tdata = ${dataJson},\n\t\t\t\tnext_run_at = ${nextRun},\n\t\t\t\tstatus = CASE WHEN _emdash_cron_tasks.status = 'running' THEN 'running' ELSE 'idle' END,\n\t\t\t\tlocked_at = CASE WHEN _emdash_cron_tasks.status = 'running' THEN _emdash_cron_tasks.locked_at ELSE NULL END,\n\t\t\t\tenabled = 1\n\t\t`.execute(this.db);\n\n\t\tthis.reschedule();\n\t}\n\n\tasync cancel(name: string): Promise<void> {\n\t\tawait sql`\n\t\t\tDELETE FROM _emdash_cron_tasks\n\t\t\tWHERE plugin_id = ${this.pluginId} AND task_name = ${name}\n\t\t`.execute(this.db);\n\n\t\tthis.reschedule();\n\t}\n\n\tasync list(): Promise<CronTaskInfo[]> {\n\t\tconst rows = await sql<{\n\t\t\ttask_name: string;\n\t\t\tschedule: string;\n\t\t\tnext_run_at: string;\n\t\t\tlast_run_at: string | null;\n\t\t}>`\n\t\t\tSELECT task_name, schedule, next_run_at, last_run_at\n\t\t\tFROM _emdash_cron_tasks\n\t\t\tWHERE plugin_id = ${this.pluginId} AND enabled = 1\n\t\t\tORDER BY next_run_at ASC\n\t\t`.execute(this.db);\n\n\t\treturn rows.rows.map((row) => ({\n\t\t\tname: row.task_name,\n\t\t\tschedule: row.schedule,\n\t\t\tnextRunAt: row.next_run_at,\n\t\t\tlastRunAt: row.last_run_at,\n\t\t}));\n\t}\n}\n\n// ─── Cron task lifecycle helpers ────────────────────────────────────────────\n\n/**\n * Enable or disable all cron tasks for a plugin.\n * Called by admin disable/enable endpoints and PluginManager lifecycle.\n * Gracefully handles the cron table not existing yet (pre-migration).\n */\nexport async function setCronTasksEnabled(\n\tdb: Kysely<Database>,\n\tpluginId: string,\n\tenabled: boolean,\n): Promise<void> {\n\ttry {\n\t\tawait sql`\n\t\t\tUPDATE _emdash_cron_tasks\n\t\t\tSET enabled = ${enabled ? 1 : 0}\n\t\t\tWHERE plugin_id = ${pluginId}\n\t\t`.execute(db);\n\t} catch {\n\t\t// Cron table may not exist yet (pre-migration). Non-fatal.\n\t}\n}\n\n// ─── Cron utilities ────────────────────────────────────────────────────────\n\n/**\n * Compute the next fire time for a cron expression.\n * Supports standard cron (5-field), extended (6-field with seconds), and\n * aliases like @daily, @weekly, @hourly, @monthly, @yearly.\n */\nexport function nextCronTime(expression: string): string {\n\tconst job = new Cron(expression);\n\tconst next = job.nextRun();\n\tif (!next) {\n\t\tthrow new Error(`Invalid cron expression or no future run: \"${expression}\"`);\n\t}\n\treturn next.toISOString();\n}\n\n/**\n * Check whether a string is a valid cron expression.\n */\nfunction isCronExpression(schedule: string): boolean {\n\ttry {\n\t\t// Cron constructor validates; we discard the instance immediately.\n\t\tconst _cron = new Cron(schedule);\n\t\tvoid _cron;\n\t\treturn true;\n\t} catch {\n\t\treturn false;\n\t}\n}\n\n/**\n * Check if a schedule string is a one-shot (ISO 8601 datetime) rather than\n * a recurring cron expression.\n *\n * Tries to parse as a cron expression first. Only if that fails does it\n * attempt Date.parse. This avoids misclassifying cron range expressions\n * like \"1-5 * * * *\" which Date.parse accepts as valid dates.\n */\nexport function isOneShot(schedule: string): boolean {\n\tif (schedule.startsWith(\"@\")) return false;\n\tif (isCronExpression(schedule)) return false;\n\treturn !isNaN(Date.parse(schedule));\n}\n\n/** Max length for a task name */\nconst MAX_TASK_NAME_LENGTH = 128;\n/** Task name pattern: alphanumeric, dashes, underscores */\nconst TASK_NAME_RE = /^[a-zA-Z][a-zA-Z0-9_-]*$/;\n\n/**\n * Validate a cron task name.\n * Must be non-empty, ≤128 chars, alphanumeric with dashes/underscores.\n */\nexport function validateTaskName(name: string): void {\n\tif (!name || name.length > MAX_TASK_NAME_LENGTH) {\n\t\tthrow new Error(\n\t\t\t`Invalid task name: must be 1-${MAX_TASK_NAME_LENGTH} characters, got ${name.length}`,\n\t\t);\n\t}\n\tif (!TASK_NAME_RE.test(name)) {\n\t\tthrow new Error(\n\t\t\t`Invalid task name \"${name}\": must start with a letter and contain only letters, numbers, dashes, or underscores`,\n\t\t);\n\t}\n}\n\n/**\n * Validate a schedule string at registration time.\n * Must be a valid cron expression or a parseable ISO 8601 datetime.\n */\nexport function validateSchedule(schedule: string): void {\n\tif (!schedule || schedule.length > 256) {\n\t\tthrow new Error(`Invalid schedule: must be 1-256 characters, got ${schedule.length}`);\n\t}\n\n\t// Try cron first\n\tif (isCronExpression(schedule)) return;\n\n\tconst parsed = Date.parse(schedule);\n\tif (isNaN(parsed)) {\n\t\tthrow new Error(\n\t\t\t`Invalid schedule \"${schedule}\": must be a valid cron expression or ISO 8601 datetime`,\n\t\t);\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;AAkBA,MAAM,qBAAqB;;;;;;;;AAsB3B,IAAa,eAAb,MAA0B;CACzB,YACC,AAAQ,IACR,AAAQ,gBACP;EAFO;EACA;;;;;;;;;;CAWT,MAAM,OAAwB;EAC7B,MAAM,uBAAM,IAAI,MAAM,EAAC,aAAa;EACpC,IAAI,YAAY;EAGhB,MAAM,UAAU,MAAM,GAQpB;;yCAEqC,IAAI;;;2BAGlB,IAAI;;;;;;;IAO3B,QAAQ,KAAK,GAAG;AAElB,OAAK,MAAM,QAAQ,QAAQ,MAAM;GAEhC,IAAI;AACJ,OAAI,KAAK,KACR,KAAI;AACH,iBAAa,KAAK,MAAM,KAAK,KAAK;WAC3B;AACP,YAAQ,MACP,gCAAgC,KAAK,UAAU,GAAG,KAAK,UAAU,YACjE;AACD,UAAM,GAAG;;;mBAGK,KAAK,GAAG;OACpB,QAAQ,KAAK,GAAG;AAClB;;GAIF,MAAM,QAAmB;IACxB,MAAM,KAAK;IACX,MAAM;IACN,aAAa,KAAK;IAClB;GAED,IAAI,aAAa;AACjB,OAAI;AACH,UAAM,KAAK,eAAe,KAAK,WAAW,MAAM;YACxC,OAAO;AACf,iBAAa;AACb,YAAQ,MAAM,0BAA0B,KAAK,UAAU,GAAG,KAAK,UAAU,IAAI,MAAM;;AAGpF,OAAI,KAAK,WACR,KAAI,YAAY;IAGf,MAAM,OACL,YAAY,YAAY,QAAQ,OAAO,WAAW,aAAa,WAC3D,WAAW,WACZ;IACJ,MAAM,MAAM,MAAM;IAClB,MAAM,aACL,OAAO,QAAQ,YAAY,OAAO,SAAS,IAAI,IAAI,MAAM,IAAI,KAAK,MAAM,IAAI,GAAG;IAChF,MAAM,sBAAsB;AAE5B,QAAI,cAAc,qBAAqB;AACtC,aAAQ,MACP,wBAAwB,KAAK,UAAU,GAAG,KAAK,UAAU,YAAY,oBAAoB,oBACzF;AACD,WAAM,GAAG;kDACmC,KAAK,GAAG;OACnD,QAAQ,KAAK,GAAG;WACX;KAEN,MAAM,YAAY,MAAS,KAAK,IAAI,GAAG,WAAW;AAMlD,WAAM,GAAG;;6DALO,IAAI,KAAK,KAAK,KAAK,GAAG,UAAU,CAAC,aAAa,CAOC,WAN3C,KAAK,UAAU;MAClC,GAAG;MACH,UAAU;OAAE,GAAG;OAAM,YAAY,aAAa;OAAG;MACjD,CAAC,CAGoF;mBACzE,KAAK,GAAG;OACpB,QAAQ,KAAK,GAAG;;SAIlB,OAAM,GAAG;kDACoC,KAAK,GAAG;OACnD,QAAQ,KAAK,GAAG;OAKnB,OAAM,GAAG;;;;sBAIS,IAAI;sBALN,aAAa,KAAK,SAAS,CAMjB;kBACZ,KAAK,GAAG;MACpB,QAAQ,KAAK,GAAG;AAGnB;;AAGD,SAAO;;;;;;CAOR,MAAM,oBAAqC;EAG1C,MAAM,SAAS,MAAM,GAAG;;;;wCAFT,IAAI,KAAK,KAAK,KAAK,GAAG,qBAAqB,KAAK,IAAK,EAAC,aAAa,CAMtD;IAC1B,QAAQ,KAAK,GAAG;AAElB,SAAO,OAAO,OAAO,mBAAmB,EAAE;;;;;;CAO3C,MAAM,iBAAyC;AAO9C,UANe,MAAM,GAA4B;;;;IAI/C,QAAQ,KAAK,GAAG,EAEJ,KAAK,IAAI,QAAQ;;;;;;;AAUjC,IAAa,iBAAb,MAAkD;CACjD,YACC,AAAQ,IACR,AAAQ,UACR,AAAQ,YACP;EAHO;EACA;EACA;;CAGT,MAAM,SACL,MACA,MACgB;AAChB,mBAAiB,KAAK;AACtB,mBAAiB,KAAK,SAAS;EAE/B,MAAM,UAAU,UAAU,KAAK,SAAS;EACxC,MAAM,UAAU,UAAU,KAAK,WAAW,aAAa,KAAK,SAAS;EACrE,MAAM,WAAW,KAAK,OAAO,KAAK,UAAU,KAAK,KAAK,GAAG;AAKzD,QAAM,GAAG;;aAJE,MAAM,CAMH,IAAI,KAAK,SAAS,IAAI,KAAK,IAAI,KAAK,SAAS,IAAI,UAAU,IAAI,EAAE,IAAI,SAAS,IAAI,QAAQ;;iBAEzF,KAAK,SAAS;mBACZ,UAAU,IAAI,EAAE;aACtB,SAAS;oBACF,QAAQ;;;;IAIxB,QAAQ,KAAK,GAAG;AAElB,OAAK,YAAY;;CAGlB,MAAM,OAAO,MAA6B;AACzC,QAAM,GAAG;;uBAEY,KAAK,SAAS,mBAAmB,KAAK;IACzD,QAAQ,KAAK,GAAG;AAElB,OAAK,YAAY;;CAGlB,MAAM,OAAgC;AAarC,UAZa,MAAM,GAKjB;;;uBAGmB,KAAK,SAAS;;IAEjC,QAAQ,KAAK,GAAG,EAEN,KAAK,KAAK,SAAS;GAC9B,MAAM,IAAI;GACV,UAAU,IAAI;GACd,WAAW,IAAI;GACf,WAAW,IAAI;GACf,EAAE;;;;;;;;AAWL,eAAsB,oBACrB,IACA,UACA,SACgB;AAChB,KAAI;AACH,QAAM,GAAG;;mBAEQ,UAAU,IAAI,EAAE;uBACZ,SAAS;IAC5B,QAAQ,GAAG;SACN;;;;;;;AAYT,SAAgB,aAAa,YAA4B;CAExD,MAAM,OADM,IAAI,KAAK,WAAW,CACf,SAAS;AAC1B,KAAI,CAAC,KACJ,OAAM,IAAI,MAAM,8CAA8C,WAAW,GAAG;AAE7E,QAAO,KAAK,aAAa;;;;;AAM1B,SAAS,iBAAiB,UAA2B;AACpD,KAAI;AAEW,MAAI,KAAK,SAAS;AAEhC,SAAO;SACA;AACP,SAAO;;;;;;;;;;;AAYT,SAAgB,UAAU,UAA2B;AACpD,KAAI,SAAS,WAAW,IAAI,CAAE,QAAO;AACrC,KAAI,iBAAiB,SAAS,CAAE,QAAO;AACvC,QAAO,CAAC,MAAM,KAAK,MAAM,SAAS,CAAC;;;AAIpC,MAAM,uBAAuB;;AAE7B,MAAM,eAAe;;;;;AAMrB,SAAgB,iBAAiB,MAAoB;AACpD,KAAI,CAAC,QAAQ,KAAK,SAAS,qBAC1B,OAAM,IAAI,MACT,gCAAgC,qBAAqB,mBAAmB,KAAK,SAC7E;AAEF,KAAI,CAAC,aAAa,KAAK,KAAK,CAC3B,OAAM,IAAI,MACT,sBAAsB,KAAK,uFAC3B;;;;;;AAQH,SAAgB,iBAAiB,UAAwB;AACxD,KAAI,CAAC,YAAY,SAAS,SAAS,IAClC,OAAM,IAAI,MAAM,mDAAmD,SAAS,SAAS;AAItF,KAAI,iBAAiB,SAAS,CAAE;CAEhC,MAAM,SAAS,KAAK,MAAM,SAAS;AACnC,KAAI,MAAM,OAAO,CAChB,OAAM,IAAI,MACT,qBAAqB,SAAS,yDAC9B"}

package/dist/{dashboard-B5WQpNTP.mjs → dashboard-2JgAMWxK.mjs} RENAMED Viewed

@@ -1,7 +1,7 @@
 import { t as validateIdentifier } from "./validate-VPnKoIzW.mjs";
-import { t as ContentRepository } from "./content-CyqOmOzm.mjs";
-import { t as MediaRepository } from "./media-C-oovGCG.mjs";
-import { t as UserRepository } from "./user-DzEUl5zA.mjs";
+import { t as ContentRepository } from "./content-BIlVx-RX.mjs";
+import { t as MediaRepository } from "./media-JOf3pNkw.mjs";
+import { t as UserRepository } from "./user-C0um7wrg.mjs";
 import { sql } from "kysely";
 //#region src/api/handlers/dashboard.ts
@@ -102,4 +102,4 @@ async function fetchRecentItems(db, collections) {
 //#endregion
 export { handleDashboardStats as t };
-//# sourceMappingURL=dashboard-B5WQpNTP.mjs.map
+//# sourceMappingURL=dashboard-2JgAMWxK.mjs.map

package/dist/{dashboard-B5WQpNTP.mjs.map → dashboard-2JgAMWxK.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"dashboard-~~B5WQpNTP~~.mjs","names":[],"sources":["../src/api/handlers/dashboard.ts"],"sourcesContent":["/*\n Dashboard stats handler\n \n Returns summary data for the admin dashboard in a single request:\n * collection content counts, media count, user count, and recent\n * content across all collections.\n /\n\nimport { sql, type Kysely } from \"kysely\";\n\nimport { ContentRepository } from \"../../database/repositories/content.js\";\nimport { MediaRepository } from \"../../database/repositories/media.js\";\nimport { UserRepository } from \"../../database/repositories/user.js\";\nimport type { Database } from \"../../database/types.js\";\nimport { validateIdentifier } from \"../../database/validate.js\";\nimport type { ApiResult } from \"../types.js\";\n\nexport interface CollectionStats {\n\tslug: string;\n\tlabel: string;\n\ttotal: number;\n\tpublished: number;\n\tdraft: number;\n}\n\nexport interface RecentItem {\n\tid: string;\n\tcollection: string;\n\tcollectionLabel: string;\n\ttitle: string;\n\tslug: string \| null;\n\tstatus: string;\n\tupdatedAt: string;\n\tauthorId: string \| null;\n}\n\nexport interface DashboardStats {\n\tcollections: CollectionStats[];\n\tmediaCount: number;\n\tuserCount: number;\n\trecentItems: RecentItem[];\n}\n\n/\n Fetch dashboard statistics.\n \n Queries are intentionally lightweight — counts use indexed columns,\n * and recent items are capped at 10.\n /\nexport async function handleDashboardStats(\n\tdb: Kysely<Database>,\n): Promise<ApiResult<DashboardStats>> {\n\ttry {\n\t\t// Discover collections from the system table\n\t\tconst collections = await db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select([\"slug\", \"label\"])\n\t\t\t.orderBy(\"slug\", \"asc\")\n\t\t\t.execute();\n\n\t\t// Gather per-collection counts in parallel\n\t\tconst contentRepo = new ContentRepository(db);\n\t\tconst collectionStats: CollectionStats[] = await Promise.all(\n\t\t\tcollections.map(async (col) => {\n\t\t\t\tconst stats = await contentRepo.getStats(col.slug);\n\t\t\t\treturn {\n\t\t\t\t\tslug: col.slug,\n\t\t\t\t\tlabel: col.label,\n\t\t\t\t\ttotal: stats.total,\n\t\t\t\t\tpublished: stats.published,\n\t\t\t\t\tdraft: stats.draft,\n\t\t\t\t};\n\t\t\t}),\n\t\t);\n\n\t\t// Media and user counts\n\t\tconst mediaRepo = new MediaRepository(db);\n\t\tconst userRepo = new UserRepository(db);\n\t\tconst [mediaCount, userCount] = await Promise.all([mediaRepo.count(), userRepo.count()]);\n\n\t\t// Recent items across all collections (last 10 updated, any status)\n\t\tconst recentItems = await fetchRecentItems(db, collections);\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\tcollections: collectionStats,\n\t\t\t\tmediaCount,\n\t\t\t\tuserCount,\n\t\t\t\trecentItems,\n\t\t\t},\n\t\t};\n\t} catch (error) {\n\t\tconsole.error(\"Dashboard stats error:\", error);\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"DASHBOARD_STATS_ERROR\",\n\t\t\t\tmessage: \"Failed to load dashboard statistics\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/* Raw row shape from the UNION ALL query — all snake_case. /\ninterface RecentItemRow {\n\tid: string;\n\tcollection: string;\n\tcollection_label: string;\n\ttitle: string;\n\tslug: string \| null;\n\tstatus: string;\n\tupdated_at: string;\n\tauthor_id: string \| null;\n}\n\n/\n Fetch the 10 most recently updated items across all collections.\n \n Uses UNION ALL over each ec_* table. The query is safe because\n * collection slugs come from the system table and are validated.\n \n `title` is not a standard column — it's a user-defined field. We query\n * `_emdash_fields` to discover which collections have one and fall back\n * to `slug` (which is always present) otherwise.\n /\nasync function fetchRecentItems(\n\tdb: Kysely<Database>,\n\tcollections: Array<{ slug: string; label: string }>,\n): Promise<RecentItem[]> {\n\tif (collections.length === 0) return [];\n\n\t// Discover which collections have a \"title\" column\n\tconst titleFields = await db\n\t\t.selectFrom(\"_emdash_fields as f\")\n\t\t.innerJoin(\"_emdash_collections as c\", \"c.id\", \"f.collection_id\")\n\t\t.select([\"c.slug as collection_slug\"])\n\t\t.where(\"f.slug\", \"=\", \"title\")\n\t\t.execute();\n\n\tconst collectionsWithTitle = new Set(titleFields.map((r) => r.collection_slug));\n\n\t// Issue one query per collection in parallel, then merge in JS.\n\t// A single UNION ALL across N collections trips D1's\n\t// SQLITE_LIMIT_COMPOUND_SELECT cap when N is large enough (#895);\n\t// per-collection queries side-step that. Each query fetches at most\n\t// 10 rows, so the merge handles at most N 10 rows before slicing.\n\tconst perCollection = await Promise.all(\n\t\tcollections.map(async (col) => {\n\t\t\tvalidateIdentifier(col.slug);\n\t\t\tconst table = `ec_${col.slug}`;\n\t\t\tconst hasTitle = collectionsWithTitle.has(col.slug);\n\n\t\t\t// Use title column if it exists, otherwise fall back to slug, id.\n\t\t\t// All output uses snake_case to avoid SQLite quoting issues on D1.\n\t\t\tconst titleExpr = hasTitle ? sql`COALESCE(title, slug, id)` : sql`COALESCE(slug, id)`;\n\n\t\t\tconst result = await sql<RecentItemRow>`\n\t\t\t\tSELECT\n\t\t\t\t\tid,\n\t\t\t\t\t${sql.lit(col.slug)} AS collection,\n\t\t\t\t\t${sql.lit(col.label)} AS collection_label,\n\t\t\t\t\t${titleExpr} AS title,\n\t\t\t\t\tslug,\n\t\t\t\t\tstatus,\n\t\t\t\t\tupdated_at,\n\t\t\t\t\tauthor_id\n\t\t\t\tFROM ${sql.ref(table)}\n\t\t\t\tWHERE deleted_at IS NULL\n\t\t\t\tORDER BY updated_at DESC\n\t\t\t\tLIMIT 10\n\t\t\t`.execute(db);\n\t\t\treturn result.rows;\n\t\t}),\n\t);\n\n\t// Merge across collections, sort by updated_at desc, take top 10.\n\tconst merged = perCollection\n\t\t.flat()\n\t\t.toSorted((a, b) => (a.updated_at < b.updated_at ? 1 : a.updated_at > b.updated_at ? -1 : 0))\n\t\t.slice(0, 10);\n\n\t// Map snake_case DB rows to camelCase API shape\n\treturn merged.map((row) => ({\n\t\tid: row.id,\n\t\tcollection: row.collection,\n\t\tcollectionLabel: row.collection_label,\n\t\ttitle: row.title,\n\t\tslug: row.slug,\n\t\tstatus: row.status,\n\t\tupdatedAt: row.updated_at,\n\t\tauthorId: row.author_id,\n\t}));\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAiDA,eAAsB,qBACrB,IACqC;AACrC,KAAI;EAEH,MAAM,cAAc,MAAM,GACxB,WAAW,sBAAsB,CACjC,OAAO,CAAC,QAAQ,QAAQ,CAAC,CACzB,QAAQ,QAAQ,MAAM,CACtB,SAAS;EAGX,MAAM,cAAc,IAAI,kBAAkB,GAAG;EAC7C,MAAM,kBAAqC,MAAM,QAAQ,IACxD,YAAY,IAAI,OAAO,QAAQ;GAC9B,MAAM,QAAQ,MAAM,YAAY,SAAS,IAAI,KAAK;AAClD,UAAO;IACN,MAAM,IAAI;IACV,OAAO,IAAI;IACX,OAAO,MAAM;IACb,WAAW,MAAM;IACjB,OAAO,MAAM;IACb;IACA,CACF;EAGD,MAAM,YAAY,IAAI,gBAAgB,GAAG;EACzC,MAAM,WAAW,IAAI,eAAe,GAAG;EACvC,MAAM,CAAC,YAAY,aAAa,MAAM,QAAQ,IAAI,CAAC,UAAU,OAAO,EAAE,SAAS,OAAO,CAAC,CAAC;AAKxF,SAAO;GACN,SAAS;GACT,MAAM;IACL,aAAa;IACb;IACA;IACA,aARkB,MAAM,iBAAiB,IAAI,YAAY;IASzD;GACD;UACO,OAAO;AACf,UAAQ,MAAM,0BAA0B,MAAM;AAC9C,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AA0BH,eAAe,iBACd,IACA,aACwB;AACxB,KAAI,YAAY,WAAW,EAAG,QAAO,EAAE;CAGvC,MAAM,cAAc,MAAM,GACxB,WAAW,sBAAsB,CACjC,UAAU,4BAA4B,QAAQ,kBAAkB,CAChE,OAAO,CAAC,4BAA4B,CAAC,CACrC,MAAM,UAAU,KAAK,QAAQ,CAC7B,SAAS;CAEX,MAAM,uBAAuB,IAAI,IAAI,YAAY,KAAK,MAAM,EAAE,gBAAgB,CAAC;AA2C/E,SApCsB,MAAM,QAAQ,IACnC,YAAY,IAAI,OAAO,QAAQ;AAC9B,qBAAmB,IAAI,KAAK;EAC5B,MAAM,QAAQ,MAAM,IAAI;EAKxB,MAAM,YAJW,qBAAqB,IAAI,IAAI,KAAK,GAItB,GAAG,8BAA8B,GAAG;AAiBjE,UAfe,MAAM,GAAkB;;;OAGnC,IAAI,IAAI,IAAI,KAAK,CAAC;OAClB,IAAI,IAAI,IAAI,MAAM,CAAC;OACnB,UAAU;;;;;WAKN,IAAI,IAAI,MAAM,CAAC;;;;KAIrB,QAAQ,GAAG,EACC;GACb,CACF,EAIC,MAAM,CACN,UAAU,GAAG,MAAO,EAAE,aAAa,EAAE,aAAa,IAAI,EAAE,aAAa,EAAE,aAAa,KAAK,EAAG,CAC5F,MAAM,GAAG,GAAG,CAGA,KAAK,SAAS;EAC3B,IAAI,IAAI;EACR,YAAY,IAAI;EAChB,iBAAiB,IAAI;EACrB,OAAO,IAAI;EACX,MAAM,IAAI;EACV,QAAQ,IAAI;EACZ,WAAW,IAAI;EACf,UAAU,IAAI;EACd,EAAE"}
1	+ {"version":3,"file":"dashboard-2JgAMWxK.mjs","names":[],"sources":["../src/api/handlers/dashboard.ts"],"sourcesContent":["/*\n Dashboard stats handler\n \n Returns summary data for the admin dashboard in a single request:\n * collection content counts, media count, user count, and recent\n * content across all collections.\n /\n\nimport { sql, type Kysely } from \"kysely\";\n\nimport { ContentRepository } from \"../../database/repositories/content.js\";\nimport { MediaRepository } from \"../../database/repositories/media.js\";\nimport { UserRepository } from \"../../database/repositories/user.js\";\nimport type { Database } from \"../../database/types.js\";\nimport { validateIdentifier } from \"../../database/validate.js\";\nimport type { ApiResult } from \"../types.js\";\n\nexport interface CollectionStats {\n\tslug: string;\n\tlabel: string;\n\ttotal: number;\n\tpublished: number;\n\tdraft: number;\n}\n\nexport interface RecentItem {\n\tid: string;\n\tcollection: string;\n\tcollectionLabel: string;\n\ttitle: string;\n\tslug: string \| null;\n\tstatus: string;\n\tupdatedAt: string;\n\tauthorId: string \| null;\n}\n\nexport interface DashboardStats {\n\tcollections: CollectionStats[];\n\tmediaCount: number;\n\tuserCount: number;\n\trecentItems: RecentItem[];\n}\n\n/\n Fetch dashboard statistics.\n \n Queries are intentionally lightweight — counts use indexed columns,\n * and recent items are capped at 10.\n /\nexport async function handleDashboardStats(\n\tdb: Kysely<Database>,\n): Promise<ApiResult<DashboardStats>> {\n\ttry {\n\t\t// Discover collections from the system table\n\t\tconst collections = await db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select([\"slug\", \"label\"])\n\t\t\t.orderBy(\"slug\", \"asc\")\n\t\t\t.execute();\n\n\t\t// Gather per-collection counts in parallel\n\t\tconst contentRepo = new ContentRepository(db);\n\t\tconst collectionStats: CollectionStats[] = await Promise.all(\n\t\t\tcollections.map(async (col) => {\n\t\t\t\tconst stats = await contentRepo.getStats(col.slug);\n\t\t\t\treturn {\n\t\t\t\t\tslug: col.slug,\n\t\t\t\t\tlabel: col.label,\n\t\t\t\t\ttotal: stats.total,\n\t\t\t\t\tpublished: stats.published,\n\t\t\t\t\tdraft: stats.draft,\n\t\t\t\t};\n\t\t\t}),\n\t\t);\n\n\t\t// Media and user counts\n\t\tconst mediaRepo = new MediaRepository(db);\n\t\tconst userRepo = new UserRepository(db);\n\t\tconst [mediaCount, userCount] = await Promise.all([mediaRepo.count(), userRepo.count()]);\n\n\t\t// Recent items across all collections (last 10 updated, any status)\n\t\tconst recentItems = await fetchRecentItems(db, collections);\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\tcollections: collectionStats,\n\t\t\t\tmediaCount,\n\t\t\t\tuserCount,\n\t\t\t\trecentItems,\n\t\t\t},\n\t\t};\n\t} catch (error) {\n\t\tconsole.error(\"Dashboard stats error:\", error);\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"DASHBOARD_STATS_ERROR\",\n\t\t\t\tmessage: \"Failed to load dashboard statistics\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/* Raw row shape from the UNION ALL query — all snake_case. /\ninterface RecentItemRow {\n\tid: string;\n\tcollection: string;\n\tcollection_label: string;\n\ttitle: string;\n\tslug: string \| null;\n\tstatus: string;\n\tupdated_at: string;\n\tauthor_id: string \| null;\n}\n\n/\n Fetch the 10 most recently updated items across all collections.\n \n Uses UNION ALL over each ec_* table. The query is safe because\n * collection slugs come from the system table and are validated.\n \n `title` is not a standard column — it's a user-defined field. We query\n * `_emdash_fields` to discover which collections have one and fall back\n * to `slug` (which is always present) otherwise.\n /\nasync function fetchRecentItems(\n\tdb: Kysely<Database>,\n\tcollections: Array<{ slug: string; label: string }>,\n): Promise<RecentItem[]> {\n\tif (collections.length === 0) return [];\n\n\t// Discover which collections have a \"title\" column\n\tconst titleFields = await db\n\t\t.selectFrom(\"_emdash_fields as f\")\n\t\t.innerJoin(\"_emdash_collections as c\", \"c.id\", \"f.collection_id\")\n\t\t.select([\"c.slug as collection_slug\"])\n\t\t.where(\"f.slug\", \"=\", \"title\")\n\t\t.execute();\n\n\tconst collectionsWithTitle = new Set(titleFields.map((r) => r.collection_slug));\n\n\t// Issue one query per collection in parallel, then merge in JS.\n\t// A single UNION ALL across N collections trips D1's\n\t// SQLITE_LIMIT_COMPOUND_SELECT cap when N is large enough (#895);\n\t// per-collection queries side-step that. Each query fetches at most\n\t// 10 rows, so the merge handles at most N 10 rows before slicing.\n\tconst perCollection = await Promise.all(\n\t\tcollections.map(async (col) => {\n\t\t\tvalidateIdentifier(col.slug);\n\t\t\tconst table = `ec_${col.slug}`;\n\t\t\tconst hasTitle = collectionsWithTitle.has(col.slug);\n\n\t\t\t// Use title column if it exists, otherwise fall back to slug, id.\n\t\t\t// All output uses snake_case to avoid SQLite quoting issues on D1.\n\t\t\tconst titleExpr = hasTitle ? sql`COALESCE(title, slug, id)` : sql`COALESCE(slug, id)`;\n\n\t\t\tconst result = await sql<RecentItemRow>`\n\t\t\t\tSELECT\n\t\t\t\t\tid,\n\t\t\t\t\t${sql.lit(col.slug)} AS collection,\n\t\t\t\t\t${sql.lit(col.label)} AS collection_label,\n\t\t\t\t\t${titleExpr} AS title,\n\t\t\t\t\tslug,\n\t\t\t\t\tstatus,\n\t\t\t\t\tupdated_at,\n\t\t\t\t\tauthor_id\n\t\t\t\tFROM ${sql.ref(table)}\n\t\t\t\tWHERE deleted_at IS NULL\n\t\t\t\tORDER BY updated_at DESC\n\t\t\t\tLIMIT 10\n\t\t\t`.execute(db);\n\t\t\treturn result.rows;\n\t\t}),\n\t);\n\n\t// Merge across collections, sort by updated_at desc, take top 10.\n\tconst merged = perCollection\n\t\t.flat()\n\t\t.toSorted((a, b) => (a.updated_at < b.updated_at ? 1 : a.updated_at > b.updated_at ? -1 : 0))\n\t\t.slice(0, 10);\n\n\t// Map snake_case DB rows to camelCase API shape\n\treturn merged.map((row) => ({\n\t\tid: row.id,\n\t\tcollection: row.collection,\n\t\tcollectionLabel: row.collection_label,\n\t\ttitle: row.title,\n\t\tslug: row.slug,\n\t\tstatus: row.status,\n\t\tupdatedAt: row.updated_at,\n\t\tauthorId: row.author_id,\n\t}));\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAiDA,eAAsB,qBACrB,IACqC;AACrC,KAAI;EAEH,MAAM,cAAc,MAAM,GACxB,WAAW,sBAAsB,CACjC,OAAO,CAAC,QAAQ,QAAQ,CAAC,CACzB,QAAQ,QAAQ,MAAM,CACtB,SAAS;EAGX,MAAM,cAAc,IAAI,kBAAkB,GAAG;EAC7C,MAAM,kBAAqC,MAAM,QAAQ,IACxD,YAAY,IAAI,OAAO,QAAQ;GAC9B,MAAM,QAAQ,MAAM,YAAY,SAAS,IAAI,KAAK;AAClD,UAAO;IACN,MAAM,IAAI;IACV,OAAO,IAAI;IACX,OAAO,MAAM;IACb,WAAW,MAAM;IACjB,OAAO,MAAM;IACb;IACA,CACF;EAGD,MAAM,YAAY,IAAI,gBAAgB,GAAG;EACzC,MAAM,WAAW,IAAI,eAAe,GAAG;EACvC,MAAM,CAAC,YAAY,aAAa,MAAM,QAAQ,IAAI,CAAC,UAAU,OAAO,EAAE,SAAS,OAAO,CAAC,CAAC;AAKxF,SAAO;GACN,SAAS;GACT,MAAM;IACL,aAAa;IACb;IACA;IACA,aARkB,MAAM,iBAAiB,IAAI,YAAY;IASzD;GACD;UACO,OAAO;AACf,UAAQ,MAAM,0BAA0B,MAAM;AAC9C,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AA0BH,eAAe,iBACd,IACA,aACwB;AACxB,KAAI,YAAY,WAAW,EAAG,QAAO,EAAE;CAGvC,MAAM,cAAc,MAAM,GACxB,WAAW,sBAAsB,CACjC,UAAU,4BAA4B,QAAQ,kBAAkB,CAChE,OAAO,CAAC,4BAA4B,CAAC,CACrC,MAAM,UAAU,KAAK,QAAQ,CAC7B,SAAS;CAEX,MAAM,uBAAuB,IAAI,IAAI,YAAY,KAAK,MAAM,EAAE,gBAAgB,CAAC;AA2C/E,SApCsB,MAAM,QAAQ,IACnC,YAAY,IAAI,OAAO,QAAQ;AAC9B,qBAAmB,IAAI,KAAK;EAC5B,MAAM,QAAQ,MAAM,IAAI;EAKxB,MAAM,YAJW,qBAAqB,IAAI,IAAI,KAAK,GAItB,GAAG,8BAA8B,GAAG;AAiBjE,UAfe,MAAM,GAAkB;;;OAGnC,IAAI,IAAI,IAAI,KAAK,CAAC;OAClB,IAAI,IAAI,IAAI,MAAM,CAAC;OACnB,UAAU;;;;;WAKN,IAAI,IAAI,MAAM,CAAC;;;;KAIrB,QAAQ,GAAG,EACC;GACb,CACF,EAIC,MAAM,CACN,UAAU,GAAG,MAAO,EAAE,aAAa,EAAE,aAAa,IAAI,EAAE,aAAa,EAAE,aAAa,KAAK,EAAG,CAC5F,MAAM,GAAG,GAAG,CAGA,KAAK,SAAS;EAC3B,IAAI,IAAI;EACR,YAAY,IAAI;EAChB,iBAAiB,IAAI;EACrB,OAAO,IAAI;EACX,MAAM,IAAI;EACV,QAAQ,IAAI;EACZ,WAAW,IAAI;EACf,UAAU,IAAI;EACd,EAAE"}

package/dist/db/index.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import "../types-DawhLFwy.mjs";
-import { i as runMigrations, n as getMigrationStatus, r as rollbackMigration, t as MigrationStatus } from "../runner-DM1yR5qd.mjs";
+import "../types-OT_Es5mp.mjs";
+import { i as runMigrations, n as getMigrationStatus, r as rollbackMigration, t as MigrationStatus } from "../runner-BcRuXq_h.mjs";
 import { a as SqliteConfig, c as sqlite, i as PostgresConfig, n as DatabaseDialectType, o as libsql, r as LibsqlConfig, s as postgres, t as DatabaseDescriptor } from "../adapters-C5AWLJSD.mjs";
 export { type DatabaseDescriptor, type DatabaseDialectType, type LibsqlConfig, type MigrationStatus, type PostgresConfig, type SqliteConfig, getMigrationStatus, libsql, postgres, rollbackMigration, runMigrations, sqlite };

package/dist/db/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { i as runMigrations, n as getMigrationStatus, r as rollbackMigration } from "../runner-pt6Wl-l-.mjs";
+import { i as runMigrations, n as getMigrationStatus, r as rollbackMigration } from "../runner--4wMWwKM.mjs";
 import "../dialect-helpers-DRI5pyY3.mjs";
 //#region src/db/adapters.ts

package/dist/{device-flow-ptLrVINd.mjs → device-flow-s6_q3T7A.mjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { t as withTransaction } from "./transaction-NQj4VJ7Z.mjs";
+import { t as withTransaction } from "./transaction-x2tJQ-A1.mjs";
 import { a as hashApiToken, n as VALID_SCOPES, r as generatePrefixedToken, t as TOKEN_PREFIXES } from "./api-tokens-B6VgoE6M.mjs";
 import { o as lookupOAuthClient } from "./oauth-clients-8mPDStMv.mjs";
 import { t as lookupUserRoleAndStatus } from "./oauth-user-lookup-BdDSDvjF.mjs";
@@ -464,4 +464,4 @@ async function handleTokenRevoke(db, input) {
 //#endregion
 export { handleTokenRevoke as a, handleTokenRefresh as i, handleDeviceCodeRequest as n, handleDeviceTokenExchange as r, handleDeviceAuthorize as t };
-//# sourceMappingURL=device-flow-ptLrVINd.mjs.map
+//# sourceMappingURL=device-flow-s6_q3T7A.mjs.map

package/dist/{device-flow-ptLrVINd.mjs.map → device-flow-s6_q3T7A.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"device-flow-ptLrVINd.mjs","names":[],"sources":["../src/api/handlers/device-flow.ts"],"sourcesContent":["/*\n OAuth Device Flow handlers (RFC 8628).\n \n EmDash acts as an OAuth 2.0 authorization server. The CLI requests\n * a device code, displays a URL + user code, and polls for a token.\n * The user opens a browser, logs in, enters the code, and the CLI gets\n * an access + refresh token pair.\n \n Uses arctic for code generation and @emdash-cms/auth for token utilities.\n /\n\nimport { clampScopes } from \"@emdash-cms/auth\";\nimport type { RoleLevel } from \"@emdash-cms/auth\";\nimport { generateCodeVerifier } from \"arctic\";\nimport type { Kysely } from \"kysely\";\n\nimport {\n\tgeneratePrefixedToken,\n\thashApiToken,\n\tTOKEN_PREFIXES,\n\tVALID_SCOPES,\n} from \"../../auth/api-tokens.js\";\nimport { withTransaction } from \"../../database/transaction.js\";\nimport type { Database } from \"../../database/types.js\";\nimport type { ApiResult } from \"../types.js\";\nimport { lookupOAuthClient } from \"./oauth-clients.js\";\nimport { lookupUserRoleAndStatus } from \"./oauth-user-lookup.js\";\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\n/* Device codes expire after 15 minutes /\nconst DEVICE_CODE_TTL_SECONDS = 15 60;\n\n/** Default polling interval in seconds /\nconst DEFAULT_INTERVAL = 5;\n\n/* RFC 8628 §3.5: interval increase on slow_down /\nconst SLOW_DOWN_INCREMENT = 5;\n\n/* Maximum slow_down interval cap (seconds) /\nconst MAX_SLOW_DOWN_INTERVAL = 60;\n\n/* Access token TTL: 1 hour /\nconst ACCESS_TOKEN_TTL_SECONDS = 60 60;\n\n/** Refresh token TTL: 90 days /\nconst REFRESH_TOKEN_TTL_SECONDS = 90 24 * 60 * 60;\n\n/** Default scopes for CLI login /\nconst DEFAULT_SCOPES = [\n\t\"content:read\",\n\t\"content:write\",\n\t\"media:read\",\n\t\"media:write\",\n\t\"schema:read\",\n] as const;\n\n/* Pattern to normalize user codes (strip hyphens) /\nconst HYPHEN_PATTERN = /-/g;\n\n/* Characters for user codes (uppercase, no ambiguous chars like 0/O, 1/I) /\nconst USER_CODE_CHARS = \"ABCDEFGHJKLMNPQRSTUVWXYZ23456789\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport interface DeviceCodeResponse {\n\tdevice_code: string;\n\tuser_code: string;\n\tverification_uri: string;\n\texpires_in: number;\n\tinterval: number;\n}\n\nexport interface TokenResponse {\n\taccess_token: string;\n\trefresh_token: string;\n\ttoken_type: \"Bearer\";\n\texpires_in: number;\n\tscope: string;\n}\n\n// RFC 8628 error codes\nexport type DeviceFlowError =\n\t\| \"authorization_pending\"\n\t\| \"slow_down\"\n\t\| \"expired_token\"\n\t\| \"access_denied\";\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\n/* Generate a short human-readable user code (XXXX-XXXX) /\nfunction generateUserCode(): string {\n\tconst bytes = new Uint8Array(8);\n\tcrypto.getRandomValues(bytes);\n\tconst chars = Array.from(bytes, (b) => USER_CODE_CHARS[b % USER_CODE_CHARS.length]).join(\"\");\n\treturn `${chars.slice(0, 4)}-${chars.slice(4, 8)}`;\n}\n\n/* Get an ISO datetime string offset from now /\nfunction expiresAt(seconds: number): string {\n\treturn new Date(Date.now() + seconds 1000).toISOString();\n}\n\n/** Validate and normalize scopes. Returns validated scope list. /\nfunction normalizeScopes(requested?: string[]): string[] {\n\tif (!requested \|\| requested.length === 0) {\n\t\treturn [...DEFAULT_SCOPES];\n\t}\n\tconst validSet = new Set<string>(VALID_SCOPES);\n\treturn requested.filter((s) => validSet.has(s));\n}\n\n// ---------------------------------------------------------------------------\n// Handlers\n// ---------------------------------------------------------------------------\n\n/\n POST /oauth/device/code\n \n Issue a device code + user code. The CLI displays the user code\n * and tells the user to open the verification URI.\n /\nexport async function handleDeviceCodeRequest(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\tclient_id?: string;\n\t\tscope?: string;\n\t},\n\tverificationUri: string,\n): Promise<ApiResult<DeviceCodeResponse>> {\n\ttry {\n\t\t// Note: client_id is accepted but not validated against _emdash_oauth_clients\n\t\t// because the CLI uses a well-known built-in client ID (\"emdash-cli\") that\n\t\t// isn't stored in the DB. Full client_id validation + scope clamping for the\n\t\t// device flow is tracked as a follow-up.\n\n\t\t// Parse and validate scopes\n\t\tconst requestedScopes = input.scope ? input.scope.split(\" \").filter(Boolean) : [];\n\t\tconst scopes = normalizeScopes(requestedScopes);\n\n\t\tif (scopes.length === 0) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_SCOPE\", message: \"No valid scopes requested\" },\n\t\t\t};\n\t\t}\n\n\t\tconst deviceCode = generateCodeVerifier();\n\t\tconst userCode = generateUserCode();\n\t\tconst expires = expiresAt(DEVICE_CODE_TTL_SECONDS);\n\n\t\tawait db\n\t\t\t.insertInto(\"_emdash_device_codes\")\n\t\t\t.values({\n\t\t\t\tdevice_code: deviceCode,\n\t\t\t\tuser_code: userCode,\n\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\tstatus: \"pending\",\n\t\t\t\texpires_at: expires,\n\t\t\t\tinterval: DEFAULT_INTERVAL,\n\t\t\t})\n\t\t\t.execute();\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\tdevice_code: deviceCode,\n\t\t\t\tuser_code: userCode,\n\t\t\t\tverification_uri: verificationUri,\n\t\t\t\texpires_in: DEVICE_CODE_TTL_SECONDS,\n\t\t\t\tinterval: DEFAULT_INTERVAL,\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"DEVICE_CODE_ERROR\",\n\t\t\t\tmessage: \"Failed to create device code\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/device/token\n \n CLI polls this endpoint with the device_code. Returns:\n * - 200 with tokens if authorized\n * - 400 with error \"authorization_pending\" while waiting\n * - 400 with error \"slow_down\" if polling too fast\n * - 400 with error \"expired_token\" if the code expired\n * - 400 with error \"access_denied\" if the user denied\n /\nexport async function handleDeviceTokenExchange(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\tdevice_code: string;\n\t\tgrant_type: string;\n\t},\n): Promise<\n\tApiResult<TokenResponse> & { deviceFlowError?: DeviceFlowError; deviceFlowInterval?: number }\n> {\n\ttry {\n\t\t// Validate grant_type\n\t\tif (input.grant_type !== \"urn:ietf:params:oauth:grant-type:device_code\") {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"UNSUPPORTED_GRANT_TYPE\", message: \"Invalid grant_type\" },\n\t\t\t};\n\t\t}\n\n\t\t// Look up the device code\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_device_codes\")\n\t\t\t.selectAll()\n\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid device code\" },\n\t\t\t};\n\t\t}\n\n\t\tconst now = new Date();\n\n\t\t// Check expiry\n\t\tif (new Date(row.expires_at) < now) {\n\t\t\t// Clean up expired code\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"expired_token\",\n\t\t\t\terror: { code: \"expired_token\", message: \"The device code has expired\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check status\n\t\tif (row.status === \"denied\") {\n\t\t\t// Clean up denied code\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"access_denied\",\n\t\t\t\terror: { code: \"access_denied\", message: \"The user denied the request\" },\n\t\t\t};\n\t\t}\n\n\t\tif (row.status === \"pending\") {\n\t\t\t// RFC 8628 §3.5: slow_down enforcement during polling phase.\n\t\t\t// Only applies while waiting for authorization — once authorized,\n\t\t\t// the final exchange proceeds without throttling.\n\t\t\tif (row.last_polled_at) {\n\t\t\t\tconst lastPolled = new Date(row.last_polled_at);\n\t\t\t\tconst elapsedSeconds = (now.getTime() - lastPolled.getTime()) / 1000;\n\n\t\t\t\tif (elapsedSeconds < row.interval) {\n\t\t\t\t\t// Too fast — increase interval by 5s per RFC 8628 §3.5, capped at 60s\n\t\t\t\t\tconst newInterval = Math.min(row.interval + SLOW_DOWN_INCREMENT, MAX_SLOW_DOWN_INTERVAL);\n\t\t\t\t\tawait db\n\t\t\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t\t\t.set({\n\t\t\t\t\t\t\tinterval: newInterval,\n\t\t\t\t\t\t\tlast_polled_at: now.toISOString(),\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t\t\t.execute();\n\n\t\t\t\t\treturn {\n\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\tdeviceFlowError: \"slow_down\",\n\t\t\t\t\t\tdeviceFlowInterval: newInterval,\n\t\t\t\t\t\terror: { code: \"slow_down\", message: \"Polling too fast\" },\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t// Update last_polled_at for future slow_down checks\n\t\t\tawait db\n\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t.set({ last_polled_at: now.toISOString() })\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"authorization_pending\",\n\t\t\t\terror: { code: \"authorization_pending\", message: \"Authorization pending\" },\n\t\t\t};\n\t\t}\n\n\t\tif (row.status !== \"authorized\" \|\| !row.user_id) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid device code state\" },\n\t\t\t};\n\t\t}\n\n\t\t// Generate tokens before consuming the device code so that if\n\t\t// generation fails, the code is still available for retry.\n\t\tconst accessToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_ACCESS);\n\t\tconst accessExpires = expiresAt(ACCESS_TOKEN_TTL_SECONDS);\n\t\tconst refreshToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_REFRESH);\n\t\tconst refreshExpires = expiresAt(REFRESH_TOKEN_TTL_SECONDS);\n\n\t\t// Atomically consume the device code and create tokens in a single\n\t\t// transaction. DELETE...RETURNING prevents TOCTOU: two concurrent\n\t\t// requests race on the DELETE, only one gets a row back. Wrapping\n\t\t// in a transaction ensures the code isn't consumed if token storage fails.\n\t\tconst result = await withTransaction(db, async (trx) => {\n\t\t\tconst consumed = await trx\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.where(\"status\", \"=\", \"authorized\")\n\t\t\t\t.returningAll()\n\t\t\t\t.executeTakeFirst();\n\n\t\t\tif (!consumed) return null;\n\n\t\t\tif (!consumed.user_id) return null;\n\n\t\t\tconst scopes = JSON.parse(consumed.scopes) as string[];\n\n\t\t\tawait trx\n\t\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t\t.values({\n\t\t\t\t\ttoken_hash: accessToken.hash,\n\t\t\t\t\ttoken_type: \"access\",\n\t\t\t\t\tuser_id: consumed.user_id,\n\t\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\t\tclient_type: \"cli\",\n\t\t\t\t\texpires_at: accessExpires,\n\t\t\t\t\trefresh_token_hash: refreshToken.hash,\n\t\t\t\t})\n\t\t\t\t.execute();\n\n\t\t\tawait trx\n\t\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t\t.values({\n\t\t\t\t\ttoken_hash: refreshToken.hash,\n\t\t\t\t\ttoken_type: \"refresh\",\n\t\t\t\t\tuser_id: consumed.user_id,\n\t\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\t\tclient_type: \"cli\",\n\t\t\t\t\texpires_at: refreshExpires,\n\t\t\t\t\trefresh_token_hash: null,\n\t\t\t\t})\n\t\t\t\t.execute();\n\n\t\t\treturn { scopes };\n\t\t});\n\n\t\tif (!result) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Device code already consumed\" },\n\t\t\t};\n\t\t}\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\taccess_token: accessToken.raw,\n\t\t\t\trefresh_token: refreshToken.raw,\n\t\t\t\ttoken_type: \"Bearer\",\n\t\t\t\texpires_in: ACCESS_TOKEN_TTL_SECONDS,\n\t\t\t\tscope: result.scopes.join(\" \"),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_EXCHANGE_ERROR\",\n\t\t\t\tmessage: \"Failed to exchange device code\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/device/authorize\n \n The user submits the user_code after logging in via the browser.\n * This authorizes the device code, allowing the CLI to exchange it for tokens.\n \n Scopes are clamped to the user's role at this point. The stored scopes\n * are replaced with the intersection of requested scopes and the scopes\n * the user's role permits. This prevents scope escalation.\n /\nexport async function handleDeviceAuthorize(\n\tdb: Kysely<Database>,\n\tuserId: string,\n\tuserRole: RoleLevel,\n\tinput: {\n\t\tuser_code: string;\n\t\taction?: \"approve\" \| \"deny\";\n\t},\n): Promise<ApiResult<{ authorized: boolean }>> {\n\ttry {\n\t\t// Normalize user code (strip hyphens, uppercase)\n\t\tconst normalizedCode = input.user_code.replace(HYPHEN_PATTERN, \"\").toUpperCase();\n\n\t\t// Look up the device code by user_code\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_device_codes\")\n\t\t\t.selectAll()\n\t\t\t.where(\"status\", \"=\", \"pending\")\n\t\t\t.execute();\n\n\t\t// Find the matching code (strip hyphens for comparison)\n\t\tconst match = row.find(\n\t\t\t(r) => r.user_code.replace(HYPHEN_PATTERN, \"\").toUpperCase() === normalizedCode,\n\t\t);\n\n\t\tif (!match) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_CODE\", message: \"Invalid or expired code\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check expiry\n\t\tif (new Date(match.expires_at) < new Date()) {\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"EXPIRED_CODE\", message: \"This code has expired\" },\n\t\t\t};\n\t\t}\n\n\t\tconst action = input.action ?? \"approve\";\n\n\t\tif (action === \"deny\") {\n\t\t\tawait db\n\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t.set({ status: \"denied\" })\n\t\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn { success: true, data: { authorized: false } };\n\t\t}\n\n\t\t// Clamp requested scopes to those the user's role permits.\n\t\t// effective_scopes = requested_scopes ∩ scopesForRole(user.role)\n\t\tconst requestedScopes = JSON.parse(match.scopes) as string[];\n\t\tconst effectiveScopes = clampScopes(requestedScopes, userRole);\n\n\t\tif (effectiveScopes.length === 0) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: {\n\t\t\t\t\tcode: \"INSUFFICIENT_ROLE\",\n\t\t\t\t\tmessage: \"Your role does not permit any of the requested scopes\",\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\n\t\t// Approve: set user_id, status, and clamped scopes\n\t\tawait db\n\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t.set({\n\t\t\t\tstatus: \"authorized\",\n\t\t\t\tuser_id: userId,\n\t\t\t\tscopes: JSON.stringify(effectiveScopes),\n\t\t\t})\n\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t.execute();\n\n\t\treturn { success: true, data: { authorized: true } };\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"AUTHORIZE_ERROR\",\n\t\t\t\tmessage: \"Failed to authorize device\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/token/refresh\n \n Exchange a refresh token for a new access token.\n * The refresh token itself is not rotated (per spec: optional rotation).\n /\nexport async function handleTokenRefresh(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\trefresh_token: string;\n\t\tgrant_type: string;\n\t},\n): Promise<ApiResult<TokenResponse>> {\n\ttry {\n\t\tif (input.grant_type !== \"refresh_token\") {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"UNSUPPORTED_GRANT_TYPE\", message: \"Invalid grant_type\" },\n\t\t\t};\n\t\t}\n\n\t\tif (!input.refresh_token.startsWith(TOKEN_PREFIXES.OAUTH_REFRESH)) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid refresh token format\" },\n\t\t\t};\n\t\t}\n\n\t\tconst refreshHash = hashApiToken(input.refresh_token);\n\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_oauth_tokens\")\n\t\t\t.selectAll()\n\t\t\t.where(\"token_hash\", \"=\", refreshHash)\n\t\t\t.where(\"token_type\", \"=\", \"refresh\")\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid refresh token\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check expiry\n\t\tif (new Date(row.expires_at) < new Date()) {\n\t\t\t// Clean up expired refresh token and its access tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", refreshHash).execute();\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Refresh token expired\" },\n\t\t\t};\n\t\t}\n\n\t\t// SEC-42: Revalidate user role before issuing new access token.\n\t\t// SEC-43: Reject refresh if user is disabled or deleted.\n\t\tconst userInfo = await lookupUserRoleAndStatus(db, row.user_id);\n\t\tif (!userInfo) {\n\t\t\t// User no longer exists — revoke all their tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"user_id\", \"=\", row.user_id).execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"User not found\" },\n\t\t\t};\n\t\t}\n\n\t\tif (userInfo.disabled) {\n\t\t\t// User is disabled — revoke all their tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"user_id\", \"=\", row.user_id).execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"User account is disabled\" },\n\t\t\t};\n\t\t}\n\n\t\t// Revalidate stored scopes against the user's current role.\n\t\t// A demoted user's refresh token may carry stale elevated scopes.\n\t\tconst storedScopes = JSON.parse(row.scopes) as string[];\n\t\tlet scopes = clampScopes(storedScopes, userInfo.role);\n\n\t\t// SEC-41: Intersect with the client's registered scopes (if any).\n\t\t// Same check as the approval path — a client registered with limited\n\t\t// scopes should never receive elevated scopes on refresh, even if the\n\t\t// user's role would allow them.\n\t\tif (row.client_id) {\n\t\t\tconst client = await lookupOAuthClient(db, row.client_id);\n\t\t\tif (client?.scopes?.length) {\n\t\t\t\tscopes = scopes.filter((s: string) => client.scopes!.includes(s));\n\t\t\t}\n\t\t}\n\n\t\tif (scopes.length === 0) {\n\t\t\t// User's role no longer supports any of the token's scopes — revoke\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", refreshHash).execute();\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t\t.execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: {\n\t\t\t\t\tcode: \"INVALID_GRANT\",\n\t\t\t\t\tmessage: \"User role no longer supports any of the token's scopes\",\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\n\t\t// Delete old access tokens for this refresh token\n\t\tawait db\n\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t.where(\"token_type\", \"=\", \"access\")\n\t\t\t.execute();\n\n\t\t// Generate new access token\n\t\tconst accessToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_ACCESS);\n\t\tconst accessExpires = expiresAt(ACCESS_TOKEN_TTL_SECONDS);\n\n\t\tawait db\n\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t.values({\n\t\t\t\ttoken_hash: accessToken.hash,\n\t\t\t\ttoken_type: \"access\",\n\t\t\t\tuser_id: row.user_id,\n\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\tclient_type: row.client_type,\n\t\t\t\texpires_at: accessExpires,\n\t\t\t\trefresh_token_hash: refreshHash,\n\t\t\t})\n\t\t\t.execute();\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\taccess_token: accessToken.raw,\n\t\t\t\trefresh_token: input.refresh_token, // Return same refresh token\n\t\t\t\ttoken_type: \"Bearer\",\n\t\t\t\texpires_in: ACCESS_TOKEN_TTL_SECONDS,\n\t\t\t\tscope: scopes.join(\" \"),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_REFRESH_ERROR\",\n\t\t\t\tmessage: \"Failed to refresh token\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/token/revoke\n \n Revoke an access or refresh token. If a refresh token is revoked,\n * also revoke all associated access tokens.\n \n Per RFC 7009, this endpoint always returns 200 (even for invalid tokens).\n */\nexport async function handleTokenRevoke(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\ttoken: string;\n\t},\n): Promise<ApiResult<{ revoked: boolean }>> {\n\ttry {\n\t\tconst hash = hashApiToken(input.token);\n\n\t\t// Look up the token\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_oauth_tokens\")\n\t\t\t.select([\"token_hash\", \"token_type\", \"refresh_token_hash\"])\n\t\t\t.where(\"token_hash\", \"=\", hash)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\t// Per RFC 7009: always 200, even for invalid tokens\n\t\t\treturn { success: true, data: { revoked: true } };\n\t\t}\n\n\t\tif (row.token_type === \"refresh\") {\n\t\t\t// Revoke refresh token and all its access tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"refresh_token_hash\", \"=\", hash).execute();\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", hash).execute();\n\t\t} else {\n\t\t\t// Revoke just the access token\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", hash).execute();\n\t\t}\n\n\t\treturn { success: true, data: { revoked: true } };\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_REVOKE_ERROR\",\n\t\t\t\tmessage: \"Failed to revoke token\",\n\t\t\t},\n\t\t};\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAiCA,MAAM,0BAA0B;;AAGhC,MAAM,mBAAmB;;AAGzB,MAAM,sBAAsB;;AAG5B,MAAM,yBAAyB;;AAG/B,MAAM,2BAA2B;;AAGjC,MAAM,4BAA4B,OAAU,KAAK;;AAGjD,MAAM,iBAAiB;CACtB;CACA;CACA;CACA;CACA;CACA;;AAGD,MAAM,iBAAiB;;AAGvB,MAAM,kBAAkB;;AAkCxB,SAAS,mBAA2B;CACnC,MAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,QAAO,gBAAgB,MAAM;CAC7B,MAAM,QAAQ,MAAM,KAAK,QAAQ,MAAM,gBAAgB,IAAI,IAAwB,CAAC,KAAK,GAAG;AAC5F,QAAO,GAAG,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,MAAM,MAAM,GAAG,EAAE;;;AAIjD,SAAS,UAAU,SAAyB;AAC3C,QAAO,IAAI,KAAK,KAAK,KAAK,GAAG,UAAU,IAAK,CAAC,aAAa;;;AAI3D,SAAS,gBAAgB,WAAgC;AACxD,KAAI,CAAC,aAAa,UAAU,WAAW,EACtC,QAAO,CAAC,GAAG,eAAe;CAE3B,MAAM,WAAW,IAAI,IAAY,aAAa;AAC9C,QAAO,UAAU,QAAQ,MAAM,SAAS,IAAI,EAAE,CAAC;;;;;;;;AAahD,eAAsB,wBACrB,IACA,OAIA,iBACyC;AACzC,KAAI;EAQH,MAAM,SAAS,gBADS,MAAM,QAAQ,MAAM,MAAM,MAAM,IAAI,CAAC,OAAO,QAAQ,GAAG,EAAE,CAClC;AAE/C,MAAI,OAAO,WAAW,EACrB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAA6B;GACtE;EAGF,MAAM,aAAa,sBAAsB;EACzC,MAAM,WAAW,kBAAkB;EACnC,MAAM,UAAU,UAAU,wBAAwB;AAElD,QAAM,GACJ,WAAW,uBAAuB,CAClC,OAAO;GACP,aAAa;GACb,WAAW;GACX,QAAQ,KAAK,UAAU,OAAO;GAC9B,QAAQ;GACR,YAAY;GACZ,UAAU;GACV,CAAC,CACD,SAAS;AAEX,SAAO;GACN,SAAS;GACT,MAAM;IACL,aAAa;IACb,WAAW;IACX,kBAAkB;IAClB,YAAY;IACZ,UAAU;IACV;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AAcH,eAAsB,0BACrB,IACA,OAMC;AACD,KAAI;AAEH,MAAI,MAAM,eAAe,+CACxB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAA0B,SAAS;IAAsB;GACxE;EAIF,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,kBAAkB;AAEpB,MAAI,CAAC,IACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAuB;GAChE;EAGF,MAAM,sBAAM,IAAI,MAAM;AAGtB,MAAI,IAAI,KAAK,IAAI,WAAW,GAAG,KAAK;AAEnC,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA+B;IACxE;;AAIF,MAAI,IAAI,WAAW,UAAU;AAE5B,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA+B;IACxE;;AAGF,MAAI,IAAI,WAAW,WAAW;AAI7B,OAAI,IAAI,gBAAgB;IACvB,MAAM,aAAa,IAAI,KAAK,IAAI,eAAe;AAG/C,SAFwB,IAAI,SAAS,GAAG,WAAW,SAAS,IAAI,MAE3C,IAAI,UAAU;KAElC,MAAM,cAAc,KAAK,IAAI,IAAI,WAAW,qBAAqB,uBAAuB;AACxF,WAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI;MACJ,UAAU;MACV,gBAAgB,IAAI,aAAa;MACjC,CAAC,CACD,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,YAAO;MACN,SAAS;MACT,iBAAiB;MACjB,oBAAoB;MACpB,OAAO;OAAE,MAAM;OAAa,SAAS;OAAoB;MACzD;;;AAKH,SAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI,EAAE,gBAAgB,IAAI,aAAa,EAAE,CAAC,CAC1C,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAyB,SAAS;KAAyB;IAC1E;;AAGF,MAAI,IAAI,WAAW,gBAAgB,CAAC,IAAI,QACvC,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAA6B;GACtE;EAKF,MAAM,cAAc,sBAAsB,eAAe,aAAa;EACtE,MAAM,gBAAgB,UAAU,yBAAyB;EACzD,MAAM,eAAe,sBAAsB,eAAe,cAAc;EACxE,MAAM,iBAAiB,UAAU,0BAA0B;EAM3D,MAAM,SAAS,MAAM,gBAAgB,IAAI,OAAO,QAAQ;GACvD,MAAM,WAAW,MAAM,IACrB,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,MAAM,UAAU,KAAK,aAAa,CAClC,cAAc,CACd,kBAAkB;AAEpB,OAAI,CAAC,SAAU,QAAO;AAEtB,OAAI,CAAC,SAAS,QAAS,QAAO;GAE9B,MAAM,SAAS,KAAK,MAAM,SAAS,OAAO;AAE1C,SAAM,IACJ,WAAW,uBAAuB,CAClC,OAAO;IACP,YAAY,YAAY;IACxB,YAAY;IACZ,SAAS,SAAS;IAClB,QAAQ,KAAK,UAAU,OAAO;IAC9B,aAAa;IACb,YAAY;IACZ,oBAAoB,aAAa;IACjC,CAAC,CACD,SAAS;AAEX,SAAM,IACJ,WAAW,uBAAuB,CAClC,OAAO;IACP,YAAY,aAAa;IACzB,YAAY;IACZ,SAAS,SAAS;IAClB,QAAQ,KAAK,UAAU,OAAO;IAC9B,aAAa;IACb,YAAY;IACZ,oBAAoB;IACpB,CAAC,CACD,SAAS;AAEX,UAAO,EAAE,QAAQ;IAChB;AAEF,MAAI,CAAC,OACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAgC;GACzE;AAGF,SAAO;GACN,SAAS;GACT,MAAM;IACL,cAAc,YAAY;IAC1B,eAAe,aAAa;IAC5B,YAAY;IACZ,YAAY;IACZ,OAAO,OAAO,OAAO,KAAK,IAAI;IAC9B;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AAcH,eAAsB,sBACrB,IACA,QACA,UACA,OAI8C;AAC9C,KAAI;EAEH,MAAM,iBAAiB,MAAM,UAAU,QAAQ,gBAAgB,GAAG,CAAC,aAAa;EAUhF,MAAM,SAPM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,UAAU,KAAK,UAAU,CAC/B,SAAS,EAGO,MAChB,MAAM,EAAE,UAAU,QAAQ,gBAAgB,GAAG,CAAC,aAAa,KAAK,eACjE;AAED,MAAI,CAAC,MACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAgB,SAAS;IAA2B;GACnE;AAIF,MAAI,IAAI,KAAK,MAAM,WAAW,mBAAG,IAAI,MAAM,EAAE;AAC5C,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAgB,SAAS;KAAyB;IACjE;;AAKF,OAFe,MAAM,UAAU,eAEhB,QAAQ;AACtB,SAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI,EAAE,QAAQ,UAAU,CAAC,CACzB,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IAAE,SAAS;IAAM,MAAM,EAAE,YAAY,OAAO;IAAE;;EAMtD,MAAM,kBAAkB,YADA,KAAK,MAAM,MAAM,OAAO,EACK,SAAS;AAE9D,MAAI,gBAAgB,WAAW,EAC9B,QAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;AAIF,QAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI;GACJ,QAAQ;GACR,SAAS;GACT,QAAQ,KAAK,UAAU,gBAAgB;GACvC,CAAC,CACD,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,SAAO;GAAE,SAAS;GAAM,MAAM,EAAE,YAAY,MAAM;GAAE;SAC7C;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;AAUH,eAAsB,mBACrB,IACA,OAIoC;AACpC,KAAI;AACH,MAAI,MAAM,eAAe,gBACxB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAA0B,SAAS;IAAsB;GACxE;AAGF,MAAI,CAAC,MAAM,cAAc,WAAW,eAAe,cAAc,CAChE,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAgC;GACzE;EAGF,MAAM,cAAc,aAAa,MAAM,cAAc;EAErD,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,cAAc,KAAK,YAAY,CACrC,MAAM,cAAc,KAAK,UAAU,CACnC,kBAAkB;AAEpB,MAAI,CAAC,IACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAyB;GAClE;AAIF,MAAI,IAAI,KAAK,IAAI,WAAW,mBAAG,IAAI,MAAM,EAAE;AAE1C,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,YAAY,CAAC,SAAS;AAC3F,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAAyB;IAClE;;EAKF,MAAM,WAAW,MAAM,wBAAwB,IAAI,IAAI,QAAQ;AAC/D,MAAI,CAAC,UAAU;AAEd,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,WAAW,KAAK,IAAI,QAAQ,CAAC,SAAS;AACxF,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAAkB;IAC3D;;AAGF,MAAI,SAAS,UAAU;AAEtB,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,WAAW,KAAK,IAAI,QAAQ,CAAC,SAAS;AACxF,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA4B;IACrE;;EAMF,IAAI,SAAS,YADQ,KAAK,MAAM,IAAI,OAAO,EACJ,SAAS,KAAK;AAMrD,MAAI,IAAI,WAAW;GAClB,MAAM,SAAS,MAAM,kBAAkB,IAAI,IAAI,UAAU;AACzD,OAAI,QAAQ,QAAQ,OACnB,UAAS,OAAO,QAAQ,MAAc,OAAO,OAAQ,SAAS,EAAE,CAAC;;AAInE,MAAI,OAAO,WAAW,GAAG;AAExB,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,YAAY,CAAC,SAAS;AAC3F,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,SAAS;AACX,UAAO;IACN,SAAS;IACT,OAAO;KACN,MAAM;KACN,SAAS;KACT;IACD;;AAIF,QAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,MAAM,cAAc,KAAK,SAAS,CAClC,SAAS;EAGX,MAAM,cAAc,sBAAsB,eAAe,aAAa;EACtE,MAAM,gBAAgB,UAAU,yBAAyB;AAEzD,QAAM,GACJ,WAAW,uBAAuB,CAClC,OAAO;GACP,YAAY,YAAY;GACxB,YAAY;GACZ,SAAS,IAAI;GACb,QAAQ,KAAK,UAAU,OAAO;GAC9B,aAAa,IAAI;GACjB,YAAY;GACZ,oBAAoB;GACpB,CAAC,CACD,SAAS;AAEX,SAAO;GACN,SAAS;GACT,MAAM;IACL,cAAc,YAAY;IAC1B,eAAe,MAAM;IACrB,YAAY;IACZ,YAAY;IACZ,OAAO,OAAO,KAAK,IAAI;IACvB;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;AAYH,eAAsB,kBACrB,IACA,OAG2C;AAC3C,KAAI;EACH,MAAM,OAAO,aAAa,MAAM,MAAM;EAGtC,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,OAAO;GAAC;GAAc;GAAc;GAAqB,CAAC,CAC1D,MAAM,cAAc,KAAK,KAAK,CAC9B,kBAAkB;AAEpB,MAAI,CAAC,IAEJ,QAAO;GAAE,SAAS;GAAM,MAAM,EAAE,SAAS,MAAM;GAAE;AAGlD,MAAI,IAAI,eAAe,WAAW;AAEjC,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,sBAAsB,KAAK,KAAK,CAAC,SAAS;AAC5F,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,KAAK,CAAC,SAAS;QAGpF,OAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,KAAK,CAAC,SAAS;AAGrF,SAAO;GAAE,SAAS;GAAM,MAAM,EAAE,SAAS,MAAM;GAAE;SAC1C;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD"}
1	+ {"version":3,"file":"device-flow-s6_q3T7A.mjs","names":[],"sources":["../src/api/handlers/device-flow.ts"],"sourcesContent":["/*\n OAuth Device Flow handlers (RFC 8628).\n \n EmDash acts as an OAuth 2.0 authorization server. The CLI requests\n * a device code, displays a URL + user code, and polls for a token.\n * The user opens a browser, logs in, enters the code, and the CLI gets\n * an access + refresh token pair.\n \n Uses arctic for code generation and @emdash-cms/auth for token utilities.\n /\n\nimport { clampScopes } from \"@emdash-cms/auth\";\nimport type { RoleLevel } from \"@emdash-cms/auth\";\nimport { generateCodeVerifier } from \"arctic\";\nimport type { Kysely } from \"kysely\";\n\nimport {\n\tgeneratePrefixedToken,\n\thashApiToken,\n\tTOKEN_PREFIXES,\n\tVALID_SCOPES,\n} from \"../../auth/api-tokens.js\";\nimport { withTransaction } from \"../../database/transaction.js\";\nimport type { Database } from \"../../database/types.js\";\nimport type { ApiResult } from \"../types.js\";\nimport { lookupOAuthClient } from \"./oauth-clients.js\";\nimport { lookupUserRoleAndStatus } from \"./oauth-user-lookup.js\";\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\n/* Device codes expire after 15 minutes /\nconst DEVICE_CODE_TTL_SECONDS = 15 60;\n\n/** Default polling interval in seconds /\nconst DEFAULT_INTERVAL = 5;\n\n/* RFC 8628 §3.5: interval increase on slow_down /\nconst SLOW_DOWN_INCREMENT = 5;\n\n/* Maximum slow_down interval cap (seconds) /\nconst MAX_SLOW_DOWN_INTERVAL = 60;\n\n/* Access token TTL: 1 hour /\nconst ACCESS_TOKEN_TTL_SECONDS = 60 60;\n\n/** Refresh token TTL: 90 days /\nconst REFRESH_TOKEN_TTL_SECONDS = 90 24 * 60 * 60;\n\n/** Default scopes for CLI login /\nconst DEFAULT_SCOPES = [\n\t\"content:read\",\n\t\"content:write\",\n\t\"media:read\",\n\t\"media:write\",\n\t\"schema:read\",\n] as const;\n\n/* Pattern to normalize user codes (strip hyphens) /\nconst HYPHEN_PATTERN = /-/g;\n\n/* Characters for user codes (uppercase, no ambiguous chars like 0/O, 1/I) /\nconst USER_CODE_CHARS = \"ABCDEFGHJKLMNPQRSTUVWXYZ23456789\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\nexport interface DeviceCodeResponse {\n\tdevice_code: string;\n\tuser_code: string;\n\tverification_uri: string;\n\texpires_in: number;\n\tinterval: number;\n}\n\nexport interface TokenResponse {\n\taccess_token: string;\n\trefresh_token: string;\n\ttoken_type: \"Bearer\";\n\texpires_in: number;\n\tscope: string;\n}\n\n// RFC 8628 error codes\nexport type DeviceFlowError =\n\t\| \"authorization_pending\"\n\t\| \"slow_down\"\n\t\| \"expired_token\"\n\t\| \"access_denied\";\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\n/* Generate a short human-readable user code (XXXX-XXXX) /\nfunction generateUserCode(): string {\n\tconst bytes = new Uint8Array(8);\n\tcrypto.getRandomValues(bytes);\n\tconst chars = Array.from(bytes, (b) => USER_CODE_CHARS[b % USER_CODE_CHARS.length]).join(\"\");\n\treturn `${chars.slice(0, 4)}-${chars.slice(4, 8)}`;\n}\n\n/* Get an ISO datetime string offset from now /\nfunction expiresAt(seconds: number): string {\n\treturn new Date(Date.now() + seconds 1000).toISOString();\n}\n\n/** Validate and normalize scopes. Returns validated scope list. /\nfunction normalizeScopes(requested?: string[]): string[] {\n\tif (!requested \|\| requested.length === 0) {\n\t\treturn [...DEFAULT_SCOPES];\n\t}\n\tconst validSet = new Set<string>(VALID_SCOPES);\n\treturn requested.filter((s) => validSet.has(s));\n}\n\n// ---------------------------------------------------------------------------\n// Handlers\n// ---------------------------------------------------------------------------\n\n/\n POST /oauth/device/code\n \n Issue a device code + user code. The CLI displays the user code\n * and tells the user to open the verification URI.\n /\nexport async function handleDeviceCodeRequest(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\tclient_id?: string;\n\t\tscope?: string;\n\t},\n\tverificationUri: string,\n): Promise<ApiResult<DeviceCodeResponse>> {\n\ttry {\n\t\t// Note: client_id is accepted but not validated against _emdash_oauth_clients\n\t\t// because the CLI uses a well-known built-in client ID (\"emdash-cli\") that\n\t\t// isn't stored in the DB. Full client_id validation + scope clamping for the\n\t\t// device flow is tracked as a follow-up.\n\n\t\t// Parse and validate scopes\n\t\tconst requestedScopes = input.scope ? input.scope.split(\" \").filter(Boolean) : [];\n\t\tconst scopes = normalizeScopes(requestedScopes);\n\n\t\tif (scopes.length === 0) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_SCOPE\", message: \"No valid scopes requested\" },\n\t\t\t};\n\t\t}\n\n\t\tconst deviceCode = generateCodeVerifier();\n\t\tconst userCode = generateUserCode();\n\t\tconst expires = expiresAt(DEVICE_CODE_TTL_SECONDS);\n\n\t\tawait db\n\t\t\t.insertInto(\"_emdash_device_codes\")\n\t\t\t.values({\n\t\t\t\tdevice_code: deviceCode,\n\t\t\t\tuser_code: userCode,\n\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\tstatus: \"pending\",\n\t\t\t\texpires_at: expires,\n\t\t\t\tinterval: DEFAULT_INTERVAL,\n\t\t\t})\n\t\t\t.execute();\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\tdevice_code: deviceCode,\n\t\t\t\tuser_code: userCode,\n\t\t\t\tverification_uri: verificationUri,\n\t\t\t\texpires_in: DEVICE_CODE_TTL_SECONDS,\n\t\t\t\tinterval: DEFAULT_INTERVAL,\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"DEVICE_CODE_ERROR\",\n\t\t\t\tmessage: \"Failed to create device code\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/device/token\n \n CLI polls this endpoint with the device_code. Returns:\n * - 200 with tokens if authorized\n * - 400 with error \"authorization_pending\" while waiting\n * - 400 with error \"slow_down\" if polling too fast\n * - 400 with error \"expired_token\" if the code expired\n * - 400 with error \"access_denied\" if the user denied\n /\nexport async function handleDeviceTokenExchange(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\tdevice_code: string;\n\t\tgrant_type: string;\n\t},\n): Promise<\n\tApiResult<TokenResponse> & { deviceFlowError?: DeviceFlowError; deviceFlowInterval?: number }\n> {\n\ttry {\n\t\t// Validate grant_type\n\t\tif (input.grant_type !== \"urn:ietf:params:oauth:grant-type:device_code\") {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"UNSUPPORTED_GRANT_TYPE\", message: \"Invalid grant_type\" },\n\t\t\t};\n\t\t}\n\n\t\t// Look up the device code\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_device_codes\")\n\t\t\t.selectAll()\n\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid device code\" },\n\t\t\t};\n\t\t}\n\n\t\tconst now = new Date();\n\n\t\t// Check expiry\n\t\tif (new Date(row.expires_at) < now) {\n\t\t\t// Clean up expired code\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"expired_token\",\n\t\t\t\terror: { code: \"expired_token\", message: \"The device code has expired\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check status\n\t\tif (row.status === \"denied\") {\n\t\t\t// Clean up denied code\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"access_denied\",\n\t\t\t\terror: { code: \"access_denied\", message: \"The user denied the request\" },\n\t\t\t};\n\t\t}\n\n\t\tif (row.status === \"pending\") {\n\t\t\t// RFC 8628 §3.5: slow_down enforcement during polling phase.\n\t\t\t// Only applies while waiting for authorization — once authorized,\n\t\t\t// the final exchange proceeds without throttling.\n\t\t\tif (row.last_polled_at) {\n\t\t\t\tconst lastPolled = new Date(row.last_polled_at);\n\t\t\t\tconst elapsedSeconds = (now.getTime() - lastPolled.getTime()) / 1000;\n\n\t\t\t\tif (elapsedSeconds < row.interval) {\n\t\t\t\t\t// Too fast — increase interval by 5s per RFC 8628 §3.5, capped at 60s\n\t\t\t\t\tconst newInterval = Math.min(row.interval + SLOW_DOWN_INCREMENT, MAX_SLOW_DOWN_INTERVAL);\n\t\t\t\t\tawait db\n\t\t\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t\t\t.set({\n\t\t\t\t\t\t\tinterval: newInterval,\n\t\t\t\t\t\t\tlast_polled_at: now.toISOString(),\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t\t\t.execute();\n\n\t\t\t\t\treturn {\n\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\tdeviceFlowError: \"slow_down\",\n\t\t\t\t\t\tdeviceFlowInterval: newInterval,\n\t\t\t\t\t\terror: { code: \"slow_down\", message: \"Polling too fast\" },\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t// Update last_polled_at for future slow_down checks\n\t\t\tawait db\n\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t.set({ last_polled_at: now.toISOString() })\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\tdeviceFlowError: \"authorization_pending\",\n\t\t\t\terror: { code: \"authorization_pending\", message: \"Authorization pending\" },\n\t\t\t};\n\t\t}\n\n\t\tif (row.status !== \"authorized\" \|\| !row.user_id) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid device code state\" },\n\t\t\t};\n\t\t}\n\n\t\t// Generate tokens before consuming the device code so that if\n\t\t// generation fails, the code is still available for retry.\n\t\tconst accessToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_ACCESS);\n\t\tconst accessExpires = expiresAt(ACCESS_TOKEN_TTL_SECONDS);\n\t\tconst refreshToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_REFRESH);\n\t\tconst refreshExpires = expiresAt(REFRESH_TOKEN_TTL_SECONDS);\n\n\t\t// Atomically consume the device code and create tokens in a single\n\t\t// transaction. DELETE...RETURNING prevents TOCTOU: two concurrent\n\t\t// requests race on the DELETE, only one gets a row back. Wrapping\n\t\t// in a transaction ensures the code isn't consumed if token storage fails.\n\t\tconst result = await withTransaction(db, async (trx) => {\n\t\t\tconst consumed = await trx\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", input.device_code)\n\t\t\t\t.where(\"status\", \"=\", \"authorized\")\n\t\t\t\t.returningAll()\n\t\t\t\t.executeTakeFirst();\n\n\t\t\tif (!consumed) return null;\n\n\t\t\tif (!consumed.user_id) return null;\n\n\t\t\tconst scopes = JSON.parse(consumed.scopes) as string[];\n\n\t\t\tawait trx\n\t\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t\t.values({\n\t\t\t\t\ttoken_hash: accessToken.hash,\n\t\t\t\t\ttoken_type: \"access\",\n\t\t\t\t\tuser_id: consumed.user_id,\n\t\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\t\tclient_type: \"cli\",\n\t\t\t\t\texpires_at: accessExpires,\n\t\t\t\t\trefresh_token_hash: refreshToken.hash,\n\t\t\t\t})\n\t\t\t\t.execute();\n\n\t\t\tawait trx\n\t\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t\t.values({\n\t\t\t\t\ttoken_hash: refreshToken.hash,\n\t\t\t\t\ttoken_type: \"refresh\",\n\t\t\t\t\tuser_id: consumed.user_id,\n\t\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\t\tclient_type: \"cli\",\n\t\t\t\t\texpires_at: refreshExpires,\n\t\t\t\t\trefresh_token_hash: null,\n\t\t\t\t})\n\t\t\t\t.execute();\n\n\t\t\treturn { scopes };\n\t\t});\n\n\t\tif (!result) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Device code already consumed\" },\n\t\t\t};\n\t\t}\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\taccess_token: accessToken.raw,\n\t\t\t\trefresh_token: refreshToken.raw,\n\t\t\t\ttoken_type: \"Bearer\",\n\t\t\t\texpires_in: ACCESS_TOKEN_TTL_SECONDS,\n\t\t\t\tscope: result.scopes.join(\" \"),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_EXCHANGE_ERROR\",\n\t\t\t\tmessage: \"Failed to exchange device code\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/device/authorize\n \n The user submits the user_code after logging in via the browser.\n * This authorizes the device code, allowing the CLI to exchange it for tokens.\n \n Scopes are clamped to the user's role at this point. The stored scopes\n * are replaced with the intersection of requested scopes and the scopes\n * the user's role permits. This prevents scope escalation.\n /\nexport async function handleDeviceAuthorize(\n\tdb: Kysely<Database>,\n\tuserId: string,\n\tuserRole: RoleLevel,\n\tinput: {\n\t\tuser_code: string;\n\t\taction?: \"approve\" \| \"deny\";\n\t},\n): Promise<ApiResult<{ authorized: boolean }>> {\n\ttry {\n\t\t// Normalize user code (strip hyphens, uppercase)\n\t\tconst normalizedCode = input.user_code.replace(HYPHEN_PATTERN, \"\").toUpperCase();\n\n\t\t// Look up the device code by user_code\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_device_codes\")\n\t\t\t.selectAll()\n\t\t\t.where(\"status\", \"=\", \"pending\")\n\t\t\t.execute();\n\n\t\t// Find the matching code (strip hyphens for comparison)\n\t\tconst match = row.find(\n\t\t\t(r) => r.user_code.replace(HYPHEN_PATTERN, \"\").toUpperCase() === normalizedCode,\n\t\t);\n\n\t\tif (!match) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_CODE\", message: \"Invalid or expired code\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check expiry\n\t\tif (new Date(match.expires_at) < new Date()) {\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_device_codes\")\n\t\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"EXPIRED_CODE\", message: \"This code has expired\" },\n\t\t\t};\n\t\t}\n\n\t\tconst action = input.action ?? \"approve\";\n\n\t\tif (action === \"deny\") {\n\t\t\tawait db\n\t\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t\t.set({ status: \"denied\" })\n\t\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t\t.execute();\n\n\t\t\treturn { success: true, data: { authorized: false } };\n\t\t}\n\n\t\t// Clamp requested scopes to those the user's role permits.\n\t\t// effective_scopes = requested_scopes ∩ scopesForRole(user.role)\n\t\tconst requestedScopes = JSON.parse(match.scopes) as string[];\n\t\tconst effectiveScopes = clampScopes(requestedScopes, userRole);\n\n\t\tif (effectiveScopes.length === 0) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: {\n\t\t\t\t\tcode: \"INSUFFICIENT_ROLE\",\n\t\t\t\t\tmessage: \"Your role does not permit any of the requested scopes\",\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\n\t\t// Approve: set user_id, status, and clamped scopes\n\t\tawait db\n\t\t\t.updateTable(\"_emdash_device_codes\")\n\t\t\t.set({\n\t\t\t\tstatus: \"authorized\",\n\t\t\t\tuser_id: userId,\n\t\t\t\tscopes: JSON.stringify(effectiveScopes),\n\t\t\t})\n\t\t\t.where(\"device_code\", \"=\", match.device_code)\n\t\t\t.execute();\n\n\t\treturn { success: true, data: { authorized: true } };\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"AUTHORIZE_ERROR\",\n\t\t\t\tmessage: \"Failed to authorize device\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/token/refresh\n \n Exchange a refresh token for a new access token.\n * The refresh token itself is not rotated (per spec: optional rotation).\n /\nexport async function handleTokenRefresh(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\trefresh_token: string;\n\t\tgrant_type: string;\n\t},\n): Promise<ApiResult<TokenResponse>> {\n\ttry {\n\t\tif (input.grant_type !== \"refresh_token\") {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"UNSUPPORTED_GRANT_TYPE\", message: \"Invalid grant_type\" },\n\t\t\t};\n\t\t}\n\n\t\tif (!input.refresh_token.startsWith(TOKEN_PREFIXES.OAUTH_REFRESH)) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid refresh token format\" },\n\t\t\t};\n\t\t}\n\n\t\tconst refreshHash = hashApiToken(input.refresh_token);\n\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_oauth_tokens\")\n\t\t\t.selectAll()\n\t\t\t.where(\"token_hash\", \"=\", refreshHash)\n\t\t\t.where(\"token_type\", \"=\", \"refresh\")\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Invalid refresh token\" },\n\t\t\t};\n\t\t}\n\n\t\t// Check expiry\n\t\tif (new Date(row.expires_at) < new Date()) {\n\t\t\t// Clean up expired refresh token and its access tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", refreshHash).execute();\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t\t.execute();\n\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"Refresh token expired\" },\n\t\t\t};\n\t\t}\n\n\t\t// SEC-42: Revalidate user role before issuing new access token.\n\t\t// SEC-43: Reject refresh if user is disabled or deleted.\n\t\tconst userInfo = await lookupUserRoleAndStatus(db, row.user_id);\n\t\tif (!userInfo) {\n\t\t\t// User no longer exists — revoke all their tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"user_id\", \"=\", row.user_id).execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"User not found\" },\n\t\t\t};\n\t\t}\n\n\t\tif (userInfo.disabled) {\n\t\t\t// User is disabled — revoke all their tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"user_id\", \"=\", row.user_id).execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: { code: \"INVALID_GRANT\", message: \"User account is disabled\" },\n\t\t\t};\n\t\t}\n\n\t\t// Revalidate stored scopes against the user's current role.\n\t\t// A demoted user's refresh token may carry stale elevated scopes.\n\t\tconst storedScopes = JSON.parse(row.scopes) as string[];\n\t\tlet scopes = clampScopes(storedScopes, userInfo.role);\n\n\t\t// SEC-41: Intersect with the client's registered scopes (if any).\n\t\t// Same check as the approval path — a client registered with limited\n\t\t// scopes should never receive elevated scopes on refresh, even if the\n\t\t// user's role would allow them.\n\t\tif (row.client_id) {\n\t\t\tconst client = await lookupOAuthClient(db, row.client_id);\n\t\t\tif (client?.scopes?.length) {\n\t\t\t\tscopes = scopes.filter((s: string) => client.scopes!.includes(s));\n\t\t\t}\n\t\t}\n\n\t\tif (scopes.length === 0) {\n\t\t\t// User's role no longer supports any of the token's scopes — revoke\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", refreshHash).execute();\n\t\t\tawait db\n\t\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t\t.execute();\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: {\n\t\t\t\t\tcode: \"INVALID_GRANT\",\n\t\t\t\t\tmessage: \"User role no longer supports any of the token's scopes\",\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\n\t\t// Delete old access tokens for this refresh token\n\t\tawait db\n\t\t\t.deleteFrom(\"_emdash_oauth_tokens\")\n\t\t\t.where(\"refresh_token_hash\", \"=\", refreshHash)\n\t\t\t.where(\"token_type\", \"=\", \"access\")\n\t\t\t.execute();\n\n\t\t// Generate new access token\n\t\tconst accessToken = generatePrefixedToken(TOKEN_PREFIXES.OAUTH_ACCESS);\n\t\tconst accessExpires = expiresAt(ACCESS_TOKEN_TTL_SECONDS);\n\n\t\tawait db\n\t\t\t.insertInto(\"_emdash_oauth_tokens\")\n\t\t\t.values({\n\t\t\t\ttoken_hash: accessToken.hash,\n\t\t\t\ttoken_type: \"access\",\n\t\t\t\tuser_id: row.user_id,\n\t\t\t\tscopes: JSON.stringify(scopes),\n\t\t\t\tclient_type: row.client_type,\n\t\t\t\texpires_at: accessExpires,\n\t\t\t\trefresh_token_hash: refreshHash,\n\t\t\t})\n\t\t\t.execute();\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\tdata: {\n\t\t\t\taccess_token: accessToken.raw,\n\t\t\t\trefresh_token: input.refresh_token, // Return same refresh token\n\t\t\t\ttoken_type: \"Bearer\",\n\t\t\t\texpires_in: ACCESS_TOKEN_TTL_SECONDS,\n\t\t\t\tscope: scopes.join(\" \"),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_REFRESH_ERROR\",\n\t\t\t\tmessage: \"Failed to refresh token\",\n\t\t\t},\n\t\t};\n\t}\n}\n\n/\n POST /oauth/token/revoke\n \n Revoke an access or refresh token. If a refresh token is revoked,\n * also revoke all associated access tokens.\n \n Per RFC 7009, this endpoint always returns 200 (even for invalid tokens).\n */\nexport async function handleTokenRevoke(\n\tdb: Kysely<Database>,\n\tinput: {\n\t\ttoken: string;\n\t},\n): Promise<ApiResult<{ revoked: boolean }>> {\n\ttry {\n\t\tconst hash = hashApiToken(input.token);\n\n\t\t// Look up the token\n\t\tconst row = await db\n\t\t\t.selectFrom(\"_emdash_oauth_tokens\")\n\t\t\t.select([\"token_hash\", \"token_type\", \"refresh_token_hash\"])\n\t\t\t.where(\"token_hash\", \"=\", hash)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!row) {\n\t\t\t// Per RFC 7009: always 200, even for invalid tokens\n\t\t\treturn { success: true, data: { revoked: true } };\n\t\t}\n\n\t\tif (row.token_type === \"refresh\") {\n\t\t\t// Revoke refresh token and all its access tokens\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"refresh_token_hash\", \"=\", hash).execute();\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", hash).execute();\n\t\t} else {\n\t\t\t// Revoke just the access token\n\t\t\tawait db.deleteFrom(\"_emdash_oauth_tokens\").where(\"token_hash\", \"=\", hash).execute();\n\t\t}\n\n\t\treturn { success: true, data: { revoked: true } };\n\t} catch {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: {\n\t\t\t\tcode: \"TOKEN_REVOKE_ERROR\",\n\t\t\t\tmessage: \"Failed to revoke token\",\n\t\t\t},\n\t\t};\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAiCA,MAAM,0BAA0B;;AAGhC,MAAM,mBAAmB;;AAGzB,MAAM,sBAAsB;;AAG5B,MAAM,yBAAyB;;AAG/B,MAAM,2BAA2B;;AAGjC,MAAM,4BAA4B,OAAU,KAAK;;AAGjD,MAAM,iBAAiB;CACtB;CACA;CACA;CACA;CACA;CACA;;AAGD,MAAM,iBAAiB;;AAGvB,MAAM,kBAAkB;;AAkCxB,SAAS,mBAA2B;CACnC,MAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,QAAO,gBAAgB,MAAM;CAC7B,MAAM,QAAQ,MAAM,KAAK,QAAQ,MAAM,gBAAgB,IAAI,IAAwB,CAAC,KAAK,GAAG;AAC5F,QAAO,GAAG,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,MAAM,MAAM,GAAG,EAAE;;;AAIjD,SAAS,UAAU,SAAyB;AAC3C,QAAO,IAAI,KAAK,KAAK,KAAK,GAAG,UAAU,IAAK,CAAC,aAAa;;;AAI3D,SAAS,gBAAgB,WAAgC;AACxD,KAAI,CAAC,aAAa,UAAU,WAAW,EACtC,QAAO,CAAC,GAAG,eAAe;CAE3B,MAAM,WAAW,IAAI,IAAY,aAAa;AAC9C,QAAO,UAAU,QAAQ,MAAM,SAAS,IAAI,EAAE,CAAC;;;;;;;;AAahD,eAAsB,wBACrB,IACA,OAIA,iBACyC;AACzC,KAAI;EAQH,MAAM,SAAS,gBADS,MAAM,QAAQ,MAAM,MAAM,MAAM,IAAI,CAAC,OAAO,QAAQ,GAAG,EAAE,CAClC;AAE/C,MAAI,OAAO,WAAW,EACrB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAA6B;GACtE;EAGF,MAAM,aAAa,sBAAsB;EACzC,MAAM,WAAW,kBAAkB;EACnC,MAAM,UAAU,UAAU,wBAAwB;AAElD,QAAM,GACJ,WAAW,uBAAuB,CAClC,OAAO;GACP,aAAa;GACb,WAAW;GACX,QAAQ,KAAK,UAAU,OAAO;GAC9B,QAAQ;GACR,YAAY;GACZ,UAAU;GACV,CAAC,CACD,SAAS;AAEX,SAAO;GACN,SAAS;GACT,MAAM;IACL,aAAa;IACb,WAAW;IACX,kBAAkB;IAClB,YAAY;IACZ,UAAU;IACV;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AAcH,eAAsB,0BACrB,IACA,OAMC;AACD,KAAI;AAEH,MAAI,MAAM,eAAe,+CACxB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAA0B,SAAS;IAAsB;GACxE;EAIF,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,kBAAkB;AAEpB,MAAI,CAAC,IACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAuB;GAChE;EAGF,MAAM,sBAAM,IAAI,MAAM;AAGtB,MAAI,IAAI,KAAK,IAAI,WAAW,GAAG,KAAK;AAEnC,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA+B;IACxE;;AAIF,MAAI,IAAI,WAAW,UAAU;AAE5B,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA+B;IACxE;;AAGF,MAAI,IAAI,WAAW,WAAW;AAI7B,OAAI,IAAI,gBAAgB;IACvB,MAAM,aAAa,IAAI,KAAK,IAAI,eAAe;AAG/C,SAFwB,IAAI,SAAS,GAAG,WAAW,SAAS,IAAI,MAE3C,IAAI,UAAU;KAElC,MAAM,cAAc,KAAK,IAAI,IAAI,WAAW,qBAAqB,uBAAuB;AACxF,WAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI;MACJ,UAAU;MACV,gBAAgB,IAAI,aAAa;MACjC,CAAC,CACD,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,YAAO;MACN,SAAS;MACT,iBAAiB;MACjB,oBAAoB;MACpB,OAAO;OAAE,MAAM;OAAa,SAAS;OAAoB;MACzD;;;AAKH,SAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI,EAAE,gBAAgB,IAAI,aAAa,EAAE,CAAC,CAC1C,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,iBAAiB;IACjB,OAAO;KAAE,MAAM;KAAyB,SAAS;KAAyB;IAC1E;;AAGF,MAAI,IAAI,WAAW,gBAAgB,CAAC,IAAI,QACvC,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAA6B;GACtE;EAKF,MAAM,cAAc,sBAAsB,eAAe,aAAa;EACtE,MAAM,gBAAgB,UAAU,yBAAyB;EACzD,MAAM,eAAe,sBAAsB,eAAe,cAAc;EACxE,MAAM,iBAAiB,UAAU,0BAA0B;EAM3D,MAAM,SAAS,MAAM,gBAAgB,IAAI,OAAO,QAAQ;GACvD,MAAM,WAAW,MAAM,IACrB,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,MAAM,UAAU,KAAK,aAAa,CAClC,cAAc,CACd,kBAAkB;AAEpB,OAAI,CAAC,SAAU,QAAO;AAEtB,OAAI,CAAC,SAAS,QAAS,QAAO;GAE9B,MAAM,SAAS,KAAK,MAAM,SAAS,OAAO;AAE1C,SAAM,IACJ,WAAW,uBAAuB,CAClC,OAAO;IACP,YAAY,YAAY;IACxB,YAAY;IACZ,SAAS,SAAS;IAClB,QAAQ,KAAK,UAAU,OAAO;IAC9B,aAAa;IACb,YAAY;IACZ,oBAAoB,aAAa;IACjC,CAAC,CACD,SAAS;AAEX,SAAM,IACJ,WAAW,uBAAuB,CAClC,OAAO;IACP,YAAY,aAAa;IACzB,YAAY;IACZ,SAAS,SAAS;IAClB,QAAQ,KAAK,UAAU,OAAO;IAC9B,aAAa;IACb,YAAY;IACZ,oBAAoB;IACpB,CAAC,CACD,SAAS;AAEX,UAAO,EAAE,QAAQ;IAChB;AAEF,MAAI,CAAC,OACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAgC;GACzE;AAGF,SAAO;GACN,SAAS;GACT,MAAM;IACL,cAAc,YAAY;IAC1B,eAAe,aAAa;IAC5B,YAAY;IACZ,YAAY;IACZ,OAAO,OAAO,OAAO,KAAK,IAAI;IAC9B;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;;;AAcH,eAAsB,sBACrB,IACA,QACA,UACA,OAI8C;AAC9C,KAAI;EAEH,MAAM,iBAAiB,MAAM,UAAU,QAAQ,gBAAgB,GAAG,CAAC,aAAa;EAUhF,MAAM,SAPM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,UAAU,KAAK,UAAU,CAC/B,SAAS,EAGO,MAChB,MAAM,EAAE,UAAU,QAAQ,gBAAgB,GAAG,CAAC,aAAa,KAAK,eACjE;AAED,MAAI,CAAC,MACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAgB,SAAS;IAA2B;GACnE;AAIF,MAAI,IAAI,KAAK,MAAM,WAAW,mBAAG,IAAI,MAAM,EAAE;AAC5C,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAgB,SAAS;KAAyB;IACjE;;AAKF,OAFe,MAAM,UAAU,eAEhB,QAAQ;AACtB,SAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI,EAAE,QAAQ,UAAU,CAAC,CACzB,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,UAAO;IAAE,SAAS;IAAM,MAAM,EAAE,YAAY,OAAO;IAAE;;EAMtD,MAAM,kBAAkB,YADA,KAAK,MAAM,MAAM,OAAO,EACK,SAAS;AAE9D,MAAI,gBAAgB,WAAW,EAC9B,QAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;AAIF,QAAM,GACJ,YAAY,uBAAuB,CACnC,IAAI;GACJ,QAAQ;GACR,SAAS;GACT,QAAQ,KAAK,UAAU,gBAAgB;GACvC,CAAC,CACD,MAAM,eAAe,KAAK,MAAM,YAAY,CAC5C,SAAS;AAEX,SAAO;GAAE,SAAS;GAAM,MAAM,EAAE,YAAY,MAAM;GAAE;SAC7C;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;AAUH,eAAsB,mBACrB,IACA,OAIoC;AACpC,KAAI;AACH,MAAI,MAAM,eAAe,gBACxB,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAA0B,SAAS;IAAsB;GACxE;AAGF,MAAI,CAAC,MAAM,cAAc,WAAW,eAAe,cAAc,CAChE,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAgC;GACzE;EAGF,MAAM,cAAc,aAAa,MAAM,cAAc;EAErD,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,WAAW,CACX,MAAM,cAAc,KAAK,YAAY,CACrC,MAAM,cAAc,KAAK,UAAU,CACnC,kBAAkB;AAEpB,MAAI,CAAC,IACJ,QAAO;GACN,SAAS;GACT,OAAO;IAAE,MAAM;IAAiB,SAAS;IAAyB;GAClE;AAIF,MAAI,IAAI,KAAK,IAAI,WAAW,mBAAG,IAAI,MAAM,EAAE;AAE1C,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,YAAY,CAAC,SAAS;AAC3F,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,SAAS;AAEX,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAAyB;IAClE;;EAKF,MAAM,WAAW,MAAM,wBAAwB,IAAI,IAAI,QAAQ;AAC/D,MAAI,CAAC,UAAU;AAEd,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,WAAW,KAAK,IAAI,QAAQ,CAAC,SAAS;AACxF,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAAkB;IAC3D;;AAGF,MAAI,SAAS,UAAU;AAEtB,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,WAAW,KAAK,IAAI,QAAQ,CAAC,SAAS;AACxF,UAAO;IACN,SAAS;IACT,OAAO;KAAE,MAAM;KAAiB,SAAS;KAA4B;IACrE;;EAMF,IAAI,SAAS,YADQ,KAAK,MAAM,IAAI,OAAO,EACJ,SAAS,KAAK;AAMrD,MAAI,IAAI,WAAW;GAClB,MAAM,SAAS,MAAM,kBAAkB,IAAI,IAAI,UAAU;AACzD,OAAI,QAAQ,QAAQ,OACnB,UAAS,OAAO,QAAQ,MAAc,OAAO,OAAQ,SAAS,EAAE,CAAC;;AAInE,MAAI,OAAO,WAAW,GAAG;AAExB,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,YAAY,CAAC,SAAS;AAC3F,SAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,SAAS;AACX,UAAO;IACN,SAAS;IACT,OAAO;KACN,MAAM;KACN,SAAS;KACT;IACD;;AAIF,QAAM,GACJ,WAAW,uBAAuB,CAClC,MAAM,sBAAsB,KAAK,YAAY,CAC7C,MAAM,cAAc,KAAK,SAAS,CAClC,SAAS;EAGX,MAAM,cAAc,sBAAsB,eAAe,aAAa;EACtE,MAAM,gBAAgB,UAAU,yBAAyB;AAEzD,QAAM,GACJ,WAAW,uBAAuB,CAClC,OAAO;GACP,YAAY,YAAY;GACxB,YAAY;GACZ,SAAS,IAAI;GACb,QAAQ,KAAK,UAAU,OAAO;GAC9B,aAAa,IAAI;GACjB,YAAY;GACZ,oBAAoB;GACpB,CAAC,CACD,SAAS;AAEX,SAAO;GACN,SAAS;GACT,MAAM;IACL,cAAc,YAAY;IAC1B,eAAe,MAAM;IACrB,YAAY;IACZ,YAAY;IACZ,OAAO,OAAO,KAAK,IAAI;IACvB;GACD;SACM;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD;;;;;;;;;;;AAYH,eAAsB,kBACrB,IACA,OAG2C;AAC3C,KAAI;EACH,MAAM,OAAO,aAAa,MAAM,MAAM;EAGtC,MAAM,MAAM,MAAM,GAChB,WAAW,uBAAuB,CAClC,OAAO;GAAC;GAAc;GAAc;GAAqB,CAAC,CAC1D,MAAM,cAAc,KAAK,KAAK,CAC9B,kBAAkB;AAEpB,MAAI,CAAC,IAEJ,QAAO;GAAE,SAAS;GAAM,MAAM,EAAE,SAAS,MAAM;GAAE;AAGlD,MAAI,IAAI,eAAe,WAAW;AAEjC,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,sBAAsB,KAAK,KAAK,CAAC,SAAS;AAC5F,SAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,KAAK,CAAC,SAAS;QAGpF,OAAM,GAAG,WAAW,uBAAuB,CAAC,MAAM,cAAc,KAAK,KAAK,CAAC,SAAS;AAGrF,SAAO;GAAE,SAAS;GAAM,MAAM,EAAE,SAAS,MAAM;GAAE;SAC1C;AACP,SAAO;GACN,SAAS;GACT,OAAO;IACN,MAAM;IACN,SAAS;IACT;GACD"}

package/dist/{error-DJOsMVSt.mjs → error-RwM4dD35.mjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { n as InvalidCursorError } from "./types-K3MDsxpy.mjs";
+import { n as InvalidCursorError } from "./types-BXSUSAjt.mjs";
 //#region src/api/errors.ts
 /**
@@ -448,4 +448,4 @@ function unwrapResult(result, successStatus = 200) {
 //#endregion
 export { unwrapResult as a, requireDb as i, apiSuccess as n, mapErrorStatus as o, handleError as r, apiError as t };
-//# sourceMappingURL=error-DJOsMVSt.mjs.map
+//# sourceMappingURL=error-RwM4dD35.mjs.map

package/dist/{error-DJOsMVSt.mjs.map → error-RwM4dD35.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"error-DJOsMVSt.mjs","names":[],"sources":["../src/api/errors.ts","../src/api/error.ts"],"sourcesContent":["/*\n Typed error codes and status mapping for the EmDash REST API.\n \n All handler-level and route-level error codes are defined here.\n * Routes and handlers should import error codes from this module\n * instead of using ad-hoc strings.\n /\n\nexport const ErrorCode = {\n\t// Shared (used across domains)\n\tNOT_FOUND: \"NOT_FOUND\",\n\tVALIDATION_ERROR: \"VALIDATION_ERROR\",\n\tINVALID_INPUT: \"INVALID_INPUT\",\n\tINVALID_JSON: \"INVALID_JSON\",\n\tINVALID_CURSOR: \"INVALID_CURSOR\",\n\tCONFLICT: \"CONFLICT\",\n\tSLUG_CONFLICT: \"SLUG_CONFLICT\",\n\tNOT_CONFIGURED: \"NOT_CONFIGURED\",\n\tUNAUTHORIZED: \"UNAUTHORIZED\",\n\tFORBIDDEN: \"FORBIDDEN\",\n\tRATE_LIMITED: \"RATE_LIMITED\",\n\tNOT_AUTHENTICATED: \"NOT_AUTHENTICATED\",\n\tNOT_IMPLEMENTED: \"NOT_IMPLEMENTED\",\n\tNOT_SUPPORTED: \"NOT_SUPPORTED\",\n\tMISSING_PARAM: \"MISSING_PARAM\",\n\tCSRF_REJECTED: \"CSRF_REJECTED\",\n\n\t// Content\n\tCONTENT_CREATE_ERROR: \"CONTENT_CREATE_ERROR\",\n\tCONTENT_UPDATE_ERROR: \"CONTENT_UPDATE_ERROR\",\n\tCONTENT_DELETE_ERROR: \"CONTENT_DELETE_ERROR\",\n\tCONTENT_LIST_ERROR: \"CONTENT_LIST_ERROR\",\n\tCONTENT_GET_ERROR: \"CONTENT_GET_ERROR\",\n\tCONTENT_DUPLICATE_ERROR: \"CONTENT_DUPLICATE_ERROR\",\n\tCONTENT_RESTORE_ERROR: \"CONTENT_RESTORE_ERROR\",\n\tCONTENT_PUBLISH_ERROR: \"CONTENT_PUBLISH_ERROR\",\n\tCONTENT_UNPUBLISH_ERROR: \"CONTENT_UNPUBLISH_ERROR\",\n\tCONTENT_SCHEDULE_ERROR: \"CONTENT_SCHEDULE_ERROR\",\n\tCONTENT_UNSCHEDULE_ERROR: \"CONTENT_UNSCHEDULE_ERROR\",\n\tCONTENT_DISCARD_DRAFT_ERROR: \"CONTENT_DISCARD_DRAFT_ERROR\",\n\tCONTENT_COMPARE_ERROR: \"CONTENT_COMPARE_ERROR\",\n\tCONTENT_TRANSLATIONS_ERROR: \"CONTENT_TRANSLATIONS_ERROR\",\n\tCONTENT_COUNT_ERROR: \"CONTENT_COUNT_ERROR\",\n\n\t// Revisions\n\tREVISION_LIST_ERROR: \"REVISION_LIST_ERROR\",\n\tREVISION_GET_ERROR: \"REVISION_GET_ERROR\",\n\tREVISION_RESTORE_ERROR: \"REVISION_RESTORE_ERROR\",\n\tINVALID_REVISION: \"INVALID_REVISION\",\n\n\t// Schema\n\tSCHEMA_LIST_ERROR: \"SCHEMA_LIST_ERROR\",\n\tSCHEMA_GET_ERROR: \"SCHEMA_GET_ERROR\",\n\tSCHEMA_CREATE_ERROR: \"SCHEMA_CREATE_ERROR\",\n\tSCHEMA_UPDATE_ERROR: \"SCHEMA_UPDATE_ERROR\",\n\tSCHEMA_DELETE_ERROR: \"SCHEMA_DELETE_ERROR\",\n\tSCHEMA_EXPORT_ERROR: \"SCHEMA_EXPORT_ERROR\",\n\tSCHEMA_FIELD_LIST_ERROR: \"SCHEMA_FIELD_LIST_ERROR\",\n\tSCHEMA_FIELD_GET_ERROR: \"SCHEMA_FIELD_GET_ERROR\",\n\tSCHEMA_FIELD_CREATE_ERROR: \"SCHEMA_FIELD_CREATE_ERROR\",\n\tSCHEMA_FIELD_UPDATE_ERROR: \"SCHEMA_FIELD_UPDATE_ERROR\",\n\tSCHEMA_FIELD_DELETE_ERROR: \"SCHEMA_FIELD_DELETE_ERROR\",\n\tSCHEMA_FIELD_REORDER_ERROR: \"SCHEMA_FIELD_REORDER_ERROR\",\n\t// Byline schema (Discussion #1174). Reuses RESERVED_SLUG, INVALID_SLUG,\n\t// INVALID_TYPE, FIELD_EXISTS, NOT_FOUND, VALIDATION_ERROR where the\n\t// semantics match; the two below are byline-domain specific:\n\tTRANSLATABLE_LOCKED: \"TRANSLATABLE_LOCKED\",\n\tREORDER_MISMATCH: \"REORDER_MISMATCH\",\n\tORPHAN_LIST_ERROR: \"ORPHAN_LIST_ERROR\",\n\tORPHAN_REGISTER_ERROR: \"ORPHAN_REGISTER_ERROR\",\n\tCOLLECTION_EXISTS: \"COLLECTION_EXISTS\",\n\tCOLLECTION_NOT_FOUND: \"COLLECTION_NOT_FOUND\",\n\tTABLE_NOT_FOUND: \"TABLE_NOT_FOUND\",\n\tFIELD_EXISTS: \"FIELD_EXISTS\",\n\tRESERVED_SLUG: \"RESERVED_SLUG\",\n\tINVALID_SLUG: \"INVALID_SLUG\",\n\tCREATE_FAILED: \"CREATE_FAILED\",\n\tUPDATE_FAILED: \"UPDATE_FAILED\",\n\tREGISTER_FAILED: \"REGISTER_FAILED\",\n\n\t// Media\n\tMEDIA_LIST_ERROR: \"MEDIA_LIST_ERROR\",\n\tMEDIA_GET_ERROR: \"MEDIA_GET_ERROR\",\n\tMEDIA_CREATE_ERROR: \"MEDIA_CREATE_ERROR\",\n\tMEDIA_UPDATE_ERROR: \"MEDIA_UPDATE_ERROR\",\n\tMEDIA_DELETE_ERROR: \"MEDIA_DELETE_ERROR\",\n\tNO_STORAGE: \"NO_STORAGE\",\n\tNO_FILE: \"NO_FILE\",\n\tINVALID_TYPE: \"INVALID_TYPE\",\n\tUPLOAD_ERROR: \"UPLOAD_ERROR\",\n\tUPLOAD_URL_ERROR: \"UPLOAD_URL_ERROR\",\n\tCONFIRM_ERROR: \"CONFIRM_ERROR\",\n\tCONFIRM_FAILED: \"CONFIRM_FAILED\",\n\tFILE_NOT_FOUND: \"FILE_NOT_FOUND\",\n\tINVALID_STATE: \"INVALID_STATE\",\n\tFILE_SERVE_ERROR: \"FILE_SERVE_ERROR\",\n\tSTORAGE_NOT_CONFIGURED: \"STORAGE_NOT_CONFIGURED\",\n\tPROVIDER_LIST_ERROR: \"PROVIDER_LIST_ERROR\",\n\tPROVIDER_UPLOAD_ERROR: \"PROVIDER_UPLOAD_ERROR\",\n\tPROVIDER_GET_ERROR: \"PROVIDER_GET_ERROR\",\n\tPROVIDER_DELETE_ERROR: \"PROVIDER_DELETE_ERROR\",\n\n\t// Comments\n\tCOMMENT_LIST_ERROR: \"COMMENT_LIST_ERROR\",\n\tCOMMENT_GET_ERROR: \"COMMENT_GET_ERROR\",\n\tCOMMENT_STATUS_ERROR: \"COMMENT_STATUS_ERROR\",\n\tCOMMENT_DELETE_ERROR: \"COMMENT_DELETE_ERROR\",\n\tCOMMENT_BULK_ERROR: \"COMMENT_BULK_ERROR\",\n\tCOMMENT_INBOX_ERROR: \"COMMENT_INBOX_ERROR\",\n\tCOMMENT_COUNTS_ERROR: \"COMMENT_COUNTS_ERROR\",\n\tCOMMENT_CREATE_ERROR: \"COMMENT_CREATE_ERROR\",\n\tCOMMENTS_DISABLED: \"COMMENTS_DISABLED\",\n\tCOMMENTS_CLOSED: \"COMMENTS_CLOSED\",\n\tCOMMENT_REJECTED: \"COMMENT_REJECTED\",\n\n\t// Auth\n\tACCOUNT_DISABLED: \"ACCOUNT_DISABLED\",\n\tADMIN_EXISTS: \"ADMIN_EXISTS\",\n\tSETUP_COMPLETE: \"SETUP_COMPLETE\",\n\tCREDENTIAL_EXISTS: \"CREDENTIAL_EXISTS\",\n\tCHALLENGE_EXPIRED: \"CHALLENGE_EXPIRED\",\n\tPASSKEY_REGISTER_ERROR: \"PASSKEY_REGISTER_ERROR\",\n\tPASSKEY_REGISTER_OPTIONS_ERROR: \"PASSKEY_REGISTER_OPTIONS_ERROR\",\n\tPASSKEY_OPTIONS_ERROR: \"PASSKEY_OPTIONS_ERROR\",\n\tPASSKEY_VERIFY_ERROR: \"PASSKEY_VERIFY_ERROR\",\n\tPASSKEY_LIST_ERROR: \"PASSKEY_LIST_ERROR\",\n\tPASSKEY_RENAME_ERROR: \"PASSKEY_RENAME_ERROR\",\n\tPASSKEY_DELETE_ERROR: \"PASSKEY_DELETE_ERROR\",\n\tPASSKEY_LIMIT: \"PASSKEY_LIMIT\",\n\tLAST_PASSKEY: \"LAST_PASSKEY\",\n\tLOGOUT_ERROR: \"LOGOUT_ERROR\",\n\tSELF_ROLE_CHANGE: \"SELF_ROLE_CHANGE\",\n\tEMAIL_IN_USE: \"EMAIL_IN_USE\",\n\tEMAIL_NOT_CONFIGURED: \"EMAIL_NOT_CONFIGURED\",\n\tUSER_EXISTS: \"USER_EXISTS\",\n\tINVALID_TOKEN: \"INVALID_TOKEN\",\n\tTOKEN_EXPIRED: \"TOKEN_EXPIRED\",\n\tDOMAIN_NOT_ALLOWED: \"DOMAIN_NOT_ALLOWED\",\n\tINVITE_CREATE_ERROR: \"INVITE_CREATE_ERROR\",\n\tINVITE_VALIDATE_ERROR: \"INVITE_VALIDATE_ERROR\",\n\tINVITE_COMPLETE_ERROR: \"INVITE_COMPLETE_ERROR\",\n\tSIGNUP_VERIFY_ERROR: \"SIGNUP_VERIFY_ERROR\",\n\tSIGNUP_COMPLETE_ERROR: \"SIGNUP_COMPLETE_ERROR\",\n\tRECOVERY_SEND_ERROR: \"RECOVERY_SEND_ERROR\",\n\tUSER_LIST_ERROR: \"USER_LIST_ERROR\",\n\tUSER_DETAIL_ERROR: \"USER_DETAIL_ERROR\",\n\tUSER_UPDATE_ERROR: \"USER_UPDATE_ERROR\",\n\tUSER_DISABLE_ERROR: \"USER_DISABLE_ERROR\",\n\tUSER_ENABLE_ERROR: \"USER_ENABLE_ERROR\",\n\n\t// OAuth (internal codes -- distinct from RFC OAuthErrorCode)\n\tUNSUPPORTED_RESPONSE_TYPE: \"UNSUPPORTED_RESPONSE_TYPE\",\n\tINVALID_REDIRECT_URI: \"INVALID_REDIRECT_URI\",\n\tINVALID_CLIENT: \"INVALID_CLIENT\",\n\tINVALID_SCOPE: \"INVALID_SCOPE\",\n\tAUTHORIZATION_ERROR: \"AUTHORIZATION_ERROR\",\n\tINVALID_GRANT: \"INVALID_GRANT\",\n\tUNSUPPORTED_GRANT_TYPE: \"UNSUPPORTED_GRANT_TYPE\",\n\tINVALID_CODE: \"INVALID_CODE\",\n\tEXPIRED_CODE: \"EXPIRED_CODE\",\n\tINSUFFICIENT_ROLE: \"INSUFFICIENT_ROLE\",\n\tINSUFFICIENT_SCOPE: \"INSUFFICIENT_SCOPE\",\n\tINSUFFICIENT_PERMISSIONS: \"INSUFFICIENT_PERMISSIONS\",\n\tTOKEN_EXCHANGE_ERROR: \"TOKEN_EXCHANGE_ERROR\",\n\tTOKEN_REFRESH_ERROR: \"TOKEN_REFRESH_ERROR\",\n\tTOKEN_REVOKE_ERROR: \"TOKEN_REVOKE_ERROR\",\n\tTOKEN_CREATE_ERROR: \"TOKEN_CREATE_ERROR\",\n\tTOKEN_LIST_ERROR: \"TOKEN_LIST_ERROR\",\n\tTOKEN_ERROR: \"TOKEN_ERROR\",\n\tDEVICE_CODE_ERROR: \"DEVICE_CODE_ERROR\",\n\tAUTHORIZE_ERROR: \"AUTHORIZE_ERROR\",\n\tCLIENT_LIST_ERROR: \"CLIENT_LIST_ERROR\",\n\tCLIENT_GET_ERROR: \"CLIENT_GET_ERROR\",\n\tCLIENT_CREATE_ERROR: \"CLIENT_CREATE_ERROR\",\n\tCLIENT_UPDATE_ERROR: \"CLIENT_UPDATE_ERROR\",\n\tCLIENT_DELETE_ERROR: \"CLIENT_DELETE_ERROR\",\n\n\t// Allowed domains\n\tDOMAIN_LIST_ERROR: \"DOMAIN_LIST_ERROR\",\n\tDOMAIN_CREATE_ERROR: \"DOMAIN_CREATE_ERROR\",\n\tDOMAIN_UPDATE_ERROR: \"DOMAIN_UPDATE_ERROR\",\n\tDOMAIN_DELETE_ERROR: \"DOMAIN_DELETE_ERROR\",\n\n\t// Plugins / Marketplace\n\tPLUGIN_LIST_ERROR: \"PLUGIN_LIST_ERROR\",\n\tPLUGIN_GET_ERROR: \"PLUGIN_GET_ERROR\",\n\tPLUGIN_ENABLE_ERROR: \"PLUGIN_ENABLE_ERROR\",\n\tPLUGIN_DISABLE_ERROR: \"PLUGIN_DISABLE_ERROR\",\n\tPLUGIN_ID_CONFLICT: \"PLUGIN_ID_CONFLICT\",\n\tMARKETPLACE_NOT_CONFIGURED: \"MARKETPLACE_NOT_CONFIGURED\",\n\tMARKETPLACE_UNAVAILABLE: \"MARKETPLACE_UNAVAILABLE\",\n\tMARKETPLACE_ERROR: \"MARKETPLACE_ERROR\",\n\tSANDBOX_NOT_AVAILABLE: \"SANDBOX_NOT_AVAILABLE\",\n\tALREADY_INSTALLED: \"ALREADY_INSTALLED\",\n\tALREADY_UP_TO_DATE: \"ALREADY_UP_TO_DATE\",\n\tNO_VERSION: \"NO_VERSION\",\n\tMANIFEST_MISMATCH: \"MANIFEST_MISMATCH\",\n\tMANIFEST_VERSION_MISMATCH: \"MANIFEST_VERSION_MISMATCH\",\n\tAUDIT_FAILED: \"AUDIT_FAILED\",\n\tCHECKSUM_MISMATCH: \"CHECKSUM_MISMATCH\",\n\tINVALID_BUNDLE: \"INVALID_BUNDLE\",\n\tBUNDLE_EXTRACT_FAILED: \"BUNDLE_EXTRACT_FAILED\",\n\tBUNDLE_DOWNLOAD_FAILED: \"BUNDLE_DOWNLOAD_FAILED\",\n\tAGGREGATOR_RESPONSE_INVALID: \"AGGREGATOR_RESPONSE_INVALID\",\n\tAGGREGATOR_HTTP_ERROR: \"AGGREGATOR_HTTP_ERROR\",\n\tAGGREGATOR_NOT_FOUND: \"AGGREGATOR_NOT_FOUND\",\n\tCAPABILITY_ESCALATION: \"CAPABILITY_ESCALATION\",\n\tROUTE_VISIBILITY_ESCALATION: \"ROUTE_VISIBILITY_ESCALATION\",\n\tENV_INCOMPATIBLE: \"ENV_INCOMPATIBLE\",\n\tINSTALL_FAILED: \"INSTALL_FAILED\",\n\tUNINSTALL_FAILED: \"UNINSTALL_FAILED\",\n\tSEARCH_FAILED: \"SEARCH_FAILED\",\n\tGET_PLUGIN_FAILED: \"GET_PLUGIN_FAILED\",\n\tGET_THEME_FAILED: \"GET_THEME_FAILED\",\n\tTHEME_SEARCH_FAILED: \"THEME_SEARCH_FAILED\",\n\tUPDATE_CHECK_FAILED: \"UPDATE_CHECK_FAILED\",\n\tEXCLUSIVE_HOOKS_LIST_ERROR: \"EXCLUSIVE_HOOKS_LIST_ERROR\",\n\tEXCLUSIVE_HOOK_SET_ERROR: \"EXCLUSIVE_HOOK_SET_ERROR\",\n\n\t// Menus\n\tMENU_LIST_ERROR: \"MENU_LIST_ERROR\",\n\tMENU_CREATE_ERROR: \"MENU_CREATE_ERROR\",\n\tMENU_GET_ERROR: \"MENU_GET_ERROR\",\n\tMENU_UPDATE_ERROR: \"MENU_UPDATE_ERROR\",\n\tMENU_DELETE_ERROR: \"MENU_DELETE_ERROR\",\n\tMENU_ITEM_CREATE_ERROR: \"MENU_ITEM_CREATE_ERROR\",\n\tMENU_ITEM_UPDATE_ERROR: \"MENU_ITEM_UPDATE_ERROR\",\n\tMENU_ITEM_DELETE_ERROR: \"MENU_ITEM_DELETE_ERROR\",\n\tMENU_REORDER_ERROR: \"MENU_REORDER_ERROR\",\n\t// Returned when a menu name resolves to multiple locale variants and\n\t// the caller did not pass `locale` to disambiguate. (name, locale) is\n\t// unique, so this only fires for omitted-locale lookups.\n\tAMBIGUOUS_LOCALE: \"AMBIGUOUS_LOCALE\",\n\n\t// Taxonomies\n\tTAXONOMY_LIST_ERROR: \"TAXONOMY_LIST_ERROR\",\n\tTAXONOMY_CREATE_ERROR: \"TAXONOMY_CREATE_ERROR\",\n\tTERM_LIST_ERROR: \"TERM_LIST_ERROR\",\n\tTERM_CREATE_ERROR: \"TERM_CREATE_ERROR\",\n\tTERM_GET_ERROR: \"TERM_GET_ERROR\",\n\tTERM_UPDATE_ERROR: \"TERM_UPDATE_ERROR\",\n\tTERM_DELETE_ERROR: \"TERM_DELETE_ERROR\",\n\tTERMS_GET_ERROR: \"TERMS_GET_ERROR\",\n\tTERMS_SET_ERROR: \"TERMS_SET_ERROR\",\n\n\t// Sections\n\tSECTION_LIST_ERROR: \"SECTION_LIST_ERROR\",\n\tSECTION_CREATE_ERROR: \"SECTION_CREATE_ERROR\",\n\tSECTION_GET_ERROR: \"SECTION_GET_ERROR\",\n\tSECTION_UPDATE_ERROR: \"SECTION_UPDATE_ERROR\",\n\tSECTION_DELETE_ERROR: \"SECTION_DELETE_ERROR\",\n\n\t// Redirects\n\tREDIRECT_LIST_ERROR: \"REDIRECT_LIST_ERROR\",\n\tREDIRECT_CREATE_ERROR: \"REDIRECT_CREATE_ERROR\",\n\tREDIRECT_GET_ERROR: \"REDIRECT_GET_ERROR\",\n\tREDIRECT_UPDATE_ERROR: \"REDIRECT_UPDATE_ERROR\",\n\tREDIRECT_DELETE_ERROR: \"REDIRECT_DELETE_ERROR\",\n\tNOT_FOUND_LIST_ERROR: \"NOT_FOUND_LIST_ERROR\",\n\tNOT_FOUND_SUMMARY_ERROR: \"NOT_FOUND_SUMMARY_ERROR\",\n\tNOT_FOUND_CLEAR_ERROR: \"NOT_FOUND_CLEAR_ERROR\",\n\tNOT_FOUND_PRUNE_ERROR: \"NOT_FOUND_PRUNE_ERROR\",\n\n\t// Widgets\n\tWIDGET_AREA_LIST_ERROR: \"WIDGET_AREA_LIST_ERROR\",\n\tWIDGET_AREA_CREATE_ERROR: \"WIDGET_AREA_CREATE_ERROR\",\n\tWIDGET_AREA_GET_ERROR: \"WIDGET_AREA_GET_ERROR\",\n\tWIDGET_AREA_DELETE_ERROR: \"WIDGET_AREA_DELETE_ERROR\",\n\tWIDGET_CREATE_ERROR: \"WIDGET_CREATE_ERROR\",\n\tWIDGET_UPDATE_ERROR: \"WIDGET_UPDATE_ERROR\",\n\tWIDGET_DELETE_ERROR: \"WIDGET_DELETE_ERROR\",\n\tWIDGET_REORDER_ERROR: \"WIDGET_REORDER_ERROR\",\n\tWIDGET_COMPONENTS_ERROR: \"WIDGET_COMPONENTS_ERROR\",\n\n\t// Setup\n\tALREADY_CONFIGURED: \"ALREADY_CONFIGURED\",\n\tINVALID_SEED: \"INVALID_SEED\",\n\tINVALID_REDIRECT: \"INVALID_REDIRECT\",\n\tSETUP_ERROR: \"SETUP_ERROR\",\n\tSETUP_STATUS_ERROR: \"SETUP_STATUS_ERROR\",\n\tSETUP_ADMIN_ERROR: \"SETUP_ADMIN_ERROR\",\n\tSETUP_VERIFY_ERROR: \"SETUP_VERIFY_ERROR\",\n\tDEV_BYPASS_ERROR: \"DEV_BYPASS_ERROR\",\n\tDEV_RESET_ERROR: \"DEV_RESET_ERROR\",\n\tMIGRATION_ERROR: \"MIGRATION_ERROR\",\n\tSEED_ERROR: \"SEED_ERROR\",\n\n\t// Settings\n\tSETTINGS_READ_ERROR: \"SETTINGS_READ_ERROR\",\n\tSETTINGS_UPDATE_ERROR: \"SETTINGS_UPDATE_ERROR\",\n\tEMAIL_SETTINGS_READ_ERROR: \"EMAIL_SETTINGS_READ_ERROR\",\n\tEMAIL_TEST_ERROR: \"EMAIL_TEST_ERROR\",\n\n\t// Search\n\tSEARCH_ERROR: \"SEARCH_ERROR\",\n\tSTATS_ERROR: \"STATS_ERROR\",\n\tSUGGESTION_ERROR: \"SUGGESTION_ERROR\",\n\tREBUILD_ERROR: \"REBUILD_ERROR\",\n\n\t// Import\n\tWXR_ANALYZE_ERROR: \"WXR_ANALYZE_ERROR\",\n\tWXR_PREPARE_ERROR: \"WXR_PREPARE_ERROR\",\n\tWXR_IMPORT_ERROR: \"WXR_IMPORT_ERROR\",\n\tIMPORT_ERROR: \"IMPORT_ERROR\",\n\tREWRITE_ERROR: \"REWRITE_ERROR\",\n\tWP_PLUGIN_ANALYZE_ERROR: \"WP_PLUGIN_ANALYZE_ERROR\",\n\tWP_PLUGIN_IMPORT_ERROR: \"WP_PLUGIN_IMPORT_ERROR\",\n\tSSRF_BLOCKED: \"SSRF_BLOCKED\",\n\tPROBE_ERROR: \"PROBE_ERROR\",\n\n\t// Dashboard\n\tDASHBOARD_ERROR: \"DASHBOARD_ERROR\",\n\tDASHBOARD_STATS_ERROR: \"DASHBOARD_STATS_ERROR\",\n\n\t// Misc\n\tSNAPSHOT_ERROR: \"SNAPSHOT_ERROR\",\n\tTYPEGEN_ERROR: \"TYPEGEN_ERROR\",\n\tSITEMAP_ERROR: \"SITEMAP_ERROR\",\n\tNO_DB: \"NO_DB\",\n\tINVALID_REQUEST: \"INVALID_REQUEST\",\n\tUNKNOWN_ACTION: \"UNKNOWN_ACTION\",\n} as const;\n\nexport type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];\n\n/\n OAuth RFC 6749 error codes.\n \n These MUST be lowercase per the RFC spec. Used only by OAuth token endpoints.\n * Separate from ErrorCode to prevent mixing conventions.\n /\nexport const OAuthErrorCode = {\n\tINVALID_GRANT: \"invalid_grant\",\n\tUNSUPPORTED_GRANT_TYPE: \"unsupported_grant_type\",\n\tEXPIRED_TOKEN: \"expired_token\",\n\tACCESS_DENIED: \"access_denied\",\n\tAUTHORIZATION_PENDING: \"authorization_pending\",\n} as const;\n\nexport type OAuthErrorCode = (typeof OAuthErrorCode)[keyof typeof OAuthErrorCode];\n\n/\n Map a handler error code to an HTTP status code.\n \n Shared codes have explicit mappings. Domain-specific `_ERROR` codes\n (used in catch blocks via handleError) default to 500. Everything else\n * defaults to 400 (client error).\n /\nexport function mapErrorStatus(code: string \| undefined): number {\n\tswitch (code) {\n\t\t// 400 Bad Request\n\t\tcase ErrorCode.VALIDATION_ERROR:\n\t\tcase ErrorCode.INVALID_INPUT:\n\t\tcase ErrorCode.INVALID_JSON:\n\t\tcase ErrorCode.INVALID_CURSOR:\n\t\tcase ErrorCode.MISSING_PARAM:\n\t\tcase ErrorCode.INVALID_REQUEST:\n\t\tcase ErrorCode.NOT_SUPPORTED:\n\t\tcase ErrorCode.INVALID_SLUG:\n\t\tcase ErrorCode.RESERVED_SLUG:\n\t\tcase ErrorCode.INVALID_TYPE:\n\t\tcase ErrorCode.NO_FILE:\n\t\tcase ErrorCode.INVALID_STATE:\n\t\tcase ErrorCode.INVALID_SEED:\n\t\tcase ErrorCode.INVALID_REDIRECT:\n\t\tcase ErrorCode.INVALID_TOKEN:\n\t\tcase ErrorCode.INVALID_REVISION:\n\t\tcase ErrorCode.INVALID_CODE:\n\t\tcase ErrorCode.CHALLENGE_EXPIRED:\n\t\tcase ErrorCode.EXPIRED_CODE:\n\t\tcase ErrorCode.LAST_PASSKEY:\n\t\tcase ErrorCode.PASSKEY_LIMIT:\n\t\tcase ErrorCode.ADMIN_EXISTS:\n\t\tcase ErrorCode.SETUP_COMPLETE:\n\t\tcase ErrorCode.SELF_ROLE_CHANGE:\n\t\tcase ErrorCode.SSRF_BLOCKED:\n\t\tcase ErrorCode.UNKNOWN_ACTION:\n\t\tcase ErrorCode.AMBIGUOUS_LOCALE:\n\t\tcase ErrorCode.REORDER_MISMATCH:\n\t\t\treturn 400;\n\n\t\t// 401 Unauthorized\n\t\tcase ErrorCode.UNAUTHORIZED:\n\t\tcase ErrorCode.NOT_AUTHENTICATED:\n\t\t\treturn 401;\n\n\t\t// 403 Forbidden\n\t\tcase ErrorCode.FORBIDDEN:\n\t\tcase ErrorCode.CSRF_REJECTED:\n\t\tcase ErrorCode.ACCOUNT_DISABLED:\n\t\tcase ErrorCode.COMMENTS_DISABLED:\n\t\tcase ErrorCode.COMMENTS_CLOSED:\n\t\tcase ErrorCode.COMMENT_REJECTED:\n\t\tcase ErrorCode.DOMAIN_NOT_ALLOWED:\n\t\tcase ErrorCode.INSUFFICIENT_ROLE:\n\t\tcase ErrorCode.INSUFFICIENT_SCOPE:\n\t\tcase ErrorCode.INSUFFICIENT_PERMISSIONS:\n\t\tcase ErrorCode.CAPABILITY_ESCALATION:\n\t\tcase ErrorCode.ROUTE_VISIBILITY_ESCALATION:\n\t\tcase ErrorCode.AUDIT_FAILED:\n\t\t\treturn 403;\n\n\t\t// 404 Not Found\n\t\tcase ErrorCode.NOT_FOUND:\n\t\tcase ErrorCode.TABLE_NOT_FOUND:\n\t\tcase ErrorCode.COLLECTION_NOT_FOUND:\n\t\tcase ErrorCode.FILE_NOT_FOUND:\n\t\tcase ErrorCode.NO_VERSION:\n\t\tcase ErrorCode.AGGREGATOR_NOT_FOUND:\n\t\t\treturn 404;\n\n\t\t// 409 Conflict\n\t\tcase ErrorCode.CONFLICT:\n\t\tcase ErrorCode.SLUG_CONFLICT:\n\t\tcase ErrorCode.COLLECTION_EXISTS:\n\t\tcase ErrorCode.FIELD_EXISTS:\n\t\tcase ErrorCode.CREDENTIAL_EXISTS:\n\t\tcase ErrorCode.EMAIL_IN_USE:\n\t\tcase ErrorCode.USER_EXISTS:\n\t\tcase ErrorCode.PLUGIN_ID_CONFLICT:\n\t\tcase ErrorCode.ALREADY_INSTALLED:\n\t\tcase ErrorCode.ALREADY_CONFIGURED:\n\t\tcase ErrorCode.ALREADY_UP_TO_DATE:\n\t\tcase ErrorCode.TRANSLATABLE_LOCKED:\n\t\tcase ErrorCode.ENV_INCOMPATIBLE:\n\t\t\treturn 409;\n\n\t\t// 410 Gone\n\t\tcase ErrorCode.TOKEN_EXPIRED:\n\t\t\treturn 410;\n\n\t\t// 422 Unprocessable Entity\n\t\tcase ErrorCode.CHECKSUM_MISMATCH:\n\t\tcase ErrorCode.INVALID_BUNDLE:\n\t\tcase ErrorCode.BUNDLE_EXTRACT_FAILED:\n\t\t\treturn 422;\n\n\t\t// 429 Too Many Requests\n\t\tcase ErrorCode.RATE_LIMITED:\n\t\t\treturn 429;\n\n\t\t// 500 Internal Server Error\n\t\tcase ErrorCode.NOT_CONFIGURED:\n\t\tcase ErrorCode.NO_STORAGE:\n\t\tcase ErrorCode.NO_DB:\n\t\tcase ErrorCode.STORAGE_NOT_CONFIGURED:\n\t\tcase ErrorCode.EMAIL_NOT_CONFIGURED:\n\t\t\treturn 500;\n\n\t\t// 501 Not Implemented\n\t\tcase ErrorCode.NOT_IMPLEMENTED:\n\t\t\treturn 501;\n\n\t\t// 502 Bad Gateway\n\t\tcase ErrorCode.BUNDLE_DOWNLOAD_FAILED:\n\t\tcase ErrorCode.AGGREGATOR_RESPONSE_INVALID:\n\t\tcase ErrorCode.AGGREGATOR_HTTP_ERROR:\n\t\t\treturn 502;\n\n\t\t// 503 Service Unavailable\n\t\tcase ErrorCode.MARKETPLACE_UNAVAILABLE:\n\t\tcase ErrorCode.MARKETPLACE_NOT_CONFIGURED:\n\t\tcase ErrorCode.SANDBOX_NOT_AVAILABLE:\n\t\t\treturn 503;\n\n\t\t// Domain-specific _ERROR codes are catch-block codes -- always 500.\n\t\t// WARNING: If adding a new code that ends in _ERROR but represents a\n\t\t// client error (4xx), add it to an explicit case above or it will\n\t\t// be incorrectly mapped to 500.\n\t\tdefault:\n\t\t\treturn code?.endsWith(\"_ERROR\") ? 500 : 400;\n\t}\n}\n","/*\n Standardized API error responses.\n \n All API routes should use these utilities instead of inline\n * `new Response(JSON.stringify({ error: ... }), ...)` patterns.\n /\n\nimport { InvalidCursorError } from \"../database/repositories/types.js\";\nimport { mapErrorStatus } from \"./errors.js\";\nimport type { ApiResult } from \"./types.js\";\n\n// Re-export everything from errors.ts so existing `import { mapErrorStatus } from \"./error.js\"` still works\nexport from \"./errors.js\";\n\n/*\n Standard cache headers for all API responses.\n \n Cache-Control: private, no-store -- prevents CDN/proxy caching of authenticated data.\n * no-store already tells caches not to store the response, so Vary is unnecessary.\n /\nconst API_CACHE_HEADERS: HeadersInit = {\n\t\"Cache-Control\": \"private, no-store\",\n};\n\n/\n Create a standardized error response.\n \n Always returns `{ error: { code, message } }` with correct Content-Type.\n * Use this for all error responses in API routes.\n /\nexport function apiError(\n\tcode: string,\n\tmessage: string,\n\tstatus: number,\n\tdetails?: Record<string, unknown>,\n): Response {\n\tconst error: { code: string; message: string; details?: Record<string, unknown> } = {\n\t\tcode,\n\t\tmessage,\n\t};\n\tif (details !== undefined) error.details = details;\n\treturn Response.json({ error }, { status, headers: API_CACHE_HEADERS });\n}\n\n/\n Create a standardized success response.\n \n Always returns `{ data: T }` with correct status code.\n * Use this for all success responses in API routes.\n /\nexport function apiSuccess<T>(data: T, status = 200): Response {\n\treturn Response.json({ data }, { status, headers: API_CACHE_HEADERS });\n}\n\n/\n Handle an unknown error in a catch block.\n \n - Logs the full error server-side\n * - Returns a generic message to the client (never leaks error.message)\n * - Use `fallbackMessage` for the public-facing message\n * - Use `fallbackCode` for the error code\n /\nexport function handleError(\n\terror: unknown,\n\tfallbackMessage: string,\n\tfallbackCode: string,\n): Response {\n\t// Bubble malformed-cursor errors as a structured 400 instead of a\n\t// generic 500.\n\tif (error instanceof InvalidCursorError) {\n\t\treturn apiError(\"INVALID_CURSOR\", error.message, 400);\n\t}\n\tconsole.error(`[${fallbackCode}]`, error);\n\treturn apiError(fallbackCode, fallbackMessage, 500);\n}\n\n/\n Standard initialization check.\n \n Returns an error response if EmDash is not initialized, or null if OK.\n * Usage: `const err = requireInit(emdash); if (err) return err;`\n /\nexport function requireInit(emdash: unknown): Response \| null {\n\tif (!emdash \|\| typeof emdash !== \"object\") {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\treturn null;\n}\n\n/\n Standard database check.\n \n Returns an error response if the database is not available, or null if OK.\n * Usage: `const err = requireDb(emdash?.db); if (err) return err;`\n /\nexport function requireDb(db: unknown): Response \| null {\n\tif (!db) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\treturn null;\n}\n\n/\n Convert an ApiResult into an HTTP Response.\n \n Collapses the handler-to-response boilerplate:\n * - Success: returns `apiSuccess(result.data, successStatus)`\n * - Error: returns `apiError(code, message, mapErrorStatus(code))`\n */\nexport function unwrapResult<T>(result: ApiResult<T>, successStatus = 200): Response {\n\tif (!result.success) {\n\t\treturn apiError(\n\t\t\tresult.error.code,\n\t\t\tresult.error.message,\n\t\t\tmapErrorStatus(result.error.code),\n\t\t\tresult.error.details,\n\t\t);\n\t}\n\treturn apiSuccess(result.data, successStatus);\n}\n"],"mappings":";;;;;;;;;;AAQA,MAAa,YAAY;CAExB,WAAW;CACX,kBAAkB;CAClB,eAAe;CACf,cAAc;CACd,gBAAgB;CAChB,UAAU;CACV,eAAe;CACf,gBAAgB;CAChB,cAAc;CACd,WAAW;CACX,cAAc;CACd,mBAAmB;CACnB,iBAAiB;CACjB,eAAe;CACf,eAAe;CACf,eAAe;CAGf,sBAAsB;CACtB,sBAAsB;CACtB,sBAAsB;CACtB,oBAAoB;CACpB,mBAAmB;CACnB,yBAAyB;CACzB,uBAAuB;CACvB,uBAAuB;CACvB,yBAAyB;CACzB,wBAAwB;CACxB,0BAA0B;CAC1B,6BAA6B;CAC7B,uBAAuB;CACvB,4BAA4B;CAC5B,qBAAqB;CAGrB,qBAAqB;CACrB,oBAAoB;CACpB,wBAAwB;CACxB,kBAAkB;CAGlB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,yBAAyB;CACzB,wBAAwB;CACxB,2BAA2B;CAC3B,2BAA2B;CAC3B,2BAA2B;CAC3B,4BAA4B;CAI5B,qBAAqB;CACrB,kBAAkB;CAClB,mBAAmB;CACnB,uBAAuB;CACvB,mBAAmB;CACnB,sBAAsB;CACtB,iBAAiB;CACjB,cAAc;CACd,eAAe;CACf,cAAc;CACd,eAAe;CACf,eAAe;CACf,iBAAiB;CAGjB,kBAAkB;CAClB,iBAAiB;CACjB,oBAAoB;CACpB,oBAAoB;CACpB,oBAAoB;CACpB,YAAY;CACZ,SAAS;CACT,cAAc;CACd,cAAc;CACd,kBAAkB;CAClB,eAAe;CACf,gBAAgB;CAChB,gBAAgB;CAChB,eAAe;CACf,kBAAkB;CAClB,wBAAwB;CACxB,qBAAqB;CACrB,uBAAuB;CACvB,oBAAoB;CACpB,uBAAuB;CAGvB,oBAAoB;CACpB,mBAAmB;CACnB,sBAAsB;CACtB,sBAAsB;CACtB,oBAAoB;CACpB,qBAAqB;CACrB,sBAAsB;CACtB,sBAAsB;CACtB,mBAAmB;CACnB,iBAAiB;CACjB,kBAAkB;CAGlB,kBAAkB;CAClB,cAAc;CACd,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,wBAAwB;CACxB,gCAAgC;CAChC,uBAAuB;CACvB,sBAAsB;CACtB,oBAAoB;CACpB,sBAAsB;CACtB,sBAAsB;CACtB,eAAe;CACf,cAAc;CACd,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,sBAAsB;CACtB,aAAa;CACb,eAAe;CACf,eAAe;CACf,oBAAoB;CACpB,qBAAqB;CACrB,uBAAuB;CACvB,uBAAuB;CACvB,qBAAqB;CACrB,uBAAuB;CACvB,qBAAqB;CACrB,iBAAiB;CACjB,mBAAmB;CACnB,mBAAmB;CACnB,oBAAoB;CACpB,mBAAmB;CAGnB,2BAA2B;CAC3B,sBAAsB;CACtB,gBAAgB;CAChB,eAAe;CACf,qBAAqB;CACrB,eAAe;CACf,wBAAwB;CACxB,cAAc;CACd,cAAc;CACd,mBAAmB;CACnB,oBAAoB;CACpB,0BAA0B;CAC1B,sBAAsB;CACtB,qBAAqB;CACrB,oBAAoB;CACpB,oBAAoB;CACpB,kBAAkB;CAClB,aAAa;CACb,mBAAmB;CACnB,iBAAiB;CACjB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CAGrB,mBAAmB;CACnB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CAGrB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,sBAAsB;CACtB,oBAAoB;CACpB,4BAA4B;CAC5B,yBAAyB;CACzB,mBAAmB;CACnB,uBAAuB;CACvB,mBAAmB;CACnB,oBAAoB;CACpB,YAAY;CACZ,mBAAmB;CACnB,2BAA2B;CAC3B,cAAc;CACd,mBAAmB;CACnB,gBAAgB;CAChB,uBAAuB;CACvB,wBAAwB;CACxB,6BAA6B;CAC7B,uBAAuB;CACvB,sBAAsB;CACtB,uBAAuB;CACvB,6BAA6B;CAC7B,kBAAkB;CAClB,gBAAgB;CAChB,kBAAkB;CAClB,eAAe;CACf,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,4BAA4B;CAC5B,0BAA0B;CAG1B,iBAAiB;CACjB,mBAAmB;CACnB,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,wBAAwB;CACxB,wBAAwB;CACxB,wBAAwB;CACxB,oBAAoB;CAIpB,kBAAkB;CAGlB,qBAAqB;CACrB,uBAAuB;CACvB,iBAAiB;CACjB,mBAAmB;CACnB,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,iBAAiB;CACjB,iBAAiB;CAGjB,oBAAoB;CACpB,sBAAsB;CACtB,mBAAmB;CACnB,sBAAsB;CACtB,sBAAsB;CAGtB,qBAAqB;CACrB,uBAAuB;CACvB,oBAAoB;CACpB,uBAAuB;CACvB,uBAAuB;CACvB,sBAAsB;CACtB,yBAAyB;CACzB,uBAAuB;CACvB,uBAAuB;CAGvB,wBAAwB;CACxB,0BAA0B;CAC1B,uBAAuB;CACvB,0BAA0B;CAC1B,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,sBAAsB;CACtB,yBAAyB;CAGzB,oBAAoB;CACpB,cAAc;CACd,kBAAkB;CAClB,aAAa;CACb,oBAAoB;CACpB,mBAAmB;CACnB,oBAAoB;CACpB,kBAAkB;CAClB,iBAAiB;CACjB,iBAAiB;CACjB,YAAY;CAGZ,qBAAqB;CACrB,uBAAuB;CACvB,2BAA2B;CAC3B,kBAAkB;CAGlB,cAAc;CACd,aAAa;CACb,kBAAkB;CAClB,eAAe;CAGf,mBAAmB;CACnB,mBAAmB;CACnB,kBAAkB;CAClB,cAAc;CACd,eAAe;CACf,yBAAyB;CACzB,wBAAwB;CACxB,cAAc;CACd,aAAa;CAGb,iBAAiB;CACjB,uBAAuB;CAGvB,gBAAgB;CAChB,eAAe;CACf,eAAe;CACf,OAAO;CACP,iBAAiB;CACjB,gBAAgB;CAChB;;;;;;;;AA2BD,SAAgB,eAAe,MAAkC;AAChE,SAAQ,MAAR;EAEC,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,iBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU,kBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,aACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,qBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,iBACd,QAAO;EAGR,KAAK,UAAU,cACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAGR,KAAK,UAAU,aACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,qBACd,QAAO;EAGR,KAAK,UAAU,gBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAMR,QACC,QAAO,MAAM,SAAS,SAAS,GAAG,MAAM;;;;;;;;;;;;;;;;;;AClc3C,MAAM,oBAAiC,EACtC,iBAAiB,qBACjB;;;;;;;AAQD,SAAgB,SACf,MACA,SACA,QACA,SACW;CACX,MAAM,QAA8E;EACnF;EACA;EACA;AACD,KAAI,YAAY,OAAW,OAAM,UAAU;AAC3C,QAAO,SAAS,KAAK,EAAE,OAAO,EAAE;EAAE;EAAQ,SAAS;EAAmB,CAAC;;;;;;;;AASxE,SAAgB,WAAc,MAAS,SAAS,KAAe;AAC9D,QAAO,SAAS,KAAK,EAAE,MAAM,EAAE;EAAE;EAAQ,SAAS;EAAmB,CAAC;;;;;;;;;;AAWvE,SAAgB,YACf,OACA,iBACA,cACW;AAGX,KAAI,iBAAiB,mBACpB,QAAO,SAAS,kBAAkB,MAAM,SAAS,IAAI;AAEtD,SAAQ,MAAM,IAAI,aAAa,IAAI,MAAM;AACzC,QAAO,SAAS,cAAc,iBAAiB,IAAI;;;;;;;;AAsBpD,SAAgB,UAAU,IAA8B;AACvD,KAAI,CAAC,GACJ,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;AAEpE,QAAO;;;;;;;;;AAUR,SAAgB,aAAgB,QAAsB,gBAAgB,KAAe;AACpF,KAAI,CAAC,OAAO,QACX,QAAO,SACN,OAAO,MAAM,MACb,OAAO,MAAM,SACb,eAAe,OAAO,MAAM,KAAK,EACjC,OAAO,MAAM,QACb;AAEF,QAAO,WAAW,OAAO,MAAM,cAAc"}
1	+ {"version":3,"file":"error-RwM4dD35.mjs","names":[],"sources":["../src/api/errors.ts","../src/api/error.ts"],"sourcesContent":["/*\n Typed error codes and status mapping for the EmDash REST API.\n \n All handler-level and route-level error codes are defined here.\n * Routes and handlers should import error codes from this module\n * instead of using ad-hoc strings.\n /\n\nexport const ErrorCode = {\n\t// Shared (used across domains)\n\tNOT_FOUND: \"NOT_FOUND\",\n\tVALIDATION_ERROR: \"VALIDATION_ERROR\",\n\tINVALID_INPUT: \"INVALID_INPUT\",\n\tINVALID_JSON: \"INVALID_JSON\",\n\tINVALID_CURSOR: \"INVALID_CURSOR\",\n\tCONFLICT: \"CONFLICT\",\n\tSLUG_CONFLICT: \"SLUG_CONFLICT\",\n\tNOT_CONFIGURED: \"NOT_CONFIGURED\",\n\tUNAUTHORIZED: \"UNAUTHORIZED\",\n\tFORBIDDEN: \"FORBIDDEN\",\n\tRATE_LIMITED: \"RATE_LIMITED\",\n\tNOT_AUTHENTICATED: \"NOT_AUTHENTICATED\",\n\tNOT_IMPLEMENTED: \"NOT_IMPLEMENTED\",\n\tNOT_SUPPORTED: \"NOT_SUPPORTED\",\n\tMISSING_PARAM: \"MISSING_PARAM\",\n\tCSRF_REJECTED: \"CSRF_REJECTED\",\n\n\t// Content\n\tCONTENT_CREATE_ERROR: \"CONTENT_CREATE_ERROR\",\n\tCONTENT_UPDATE_ERROR: \"CONTENT_UPDATE_ERROR\",\n\tCONTENT_DELETE_ERROR: \"CONTENT_DELETE_ERROR\",\n\tCONTENT_LIST_ERROR: \"CONTENT_LIST_ERROR\",\n\tCONTENT_GET_ERROR: \"CONTENT_GET_ERROR\",\n\tCONTENT_DUPLICATE_ERROR: \"CONTENT_DUPLICATE_ERROR\",\n\tCONTENT_RESTORE_ERROR: \"CONTENT_RESTORE_ERROR\",\n\tCONTENT_PUBLISH_ERROR: \"CONTENT_PUBLISH_ERROR\",\n\tCONTENT_UNPUBLISH_ERROR: \"CONTENT_UNPUBLISH_ERROR\",\n\tCONTENT_SCHEDULE_ERROR: \"CONTENT_SCHEDULE_ERROR\",\n\tCONTENT_UNSCHEDULE_ERROR: \"CONTENT_UNSCHEDULE_ERROR\",\n\tCONTENT_DISCARD_DRAFT_ERROR: \"CONTENT_DISCARD_DRAFT_ERROR\",\n\tCONTENT_COMPARE_ERROR: \"CONTENT_COMPARE_ERROR\",\n\tCONTENT_TRANSLATIONS_ERROR: \"CONTENT_TRANSLATIONS_ERROR\",\n\tCONTENT_COUNT_ERROR: \"CONTENT_COUNT_ERROR\",\n\n\t// Revisions\n\tREVISION_LIST_ERROR: \"REVISION_LIST_ERROR\",\n\tREVISION_GET_ERROR: \"REVISION_GET_ERROR\",\n\tREVISION_RESTORE_ERROR: \"REVISION_RESTORE_ERROR\",\n\tINVALID_REVISION: \"INVALID_REVISION\",\n\n\t// Schema\n\tSCHEMA_LIST_ERROR: \"SCHEMA_LIST_ERROR\",\n\tSCHEMA_GET_ERROR: \"SCHEMA_GET_ERROR\",\n\tSCHEMA_CREATE_ERROR: \"SCHEMA_CREATE_ERROR\",\n\tSCHEMA_UPDATE_ERROR: \"SCHEMA_UPDATE_ERROR\",\n\tSCHEMA_DELETE_ERROR: \"SCHEMA_DELETE_ERROR\",\n\tSCHEMA_EXPORT_ERROR: \"SCHEMA_EXPORT_ERROR\",\n\tSCHEMA_FIELD_LIST_ERROR: \"SCHEMA_FIELD_LIST_ERROR\",\n\tSCHEMA_FIELD_GET_ERROR: \"SCHEMA_FIELD_GET_ERROR\",\n\tSCHEMA_FIELD_CREATE_ERROR: \"SCHEMA_FIELD_CREATE_ERROR\",\n\tSCHEMA_FIELD_UPDATE_ERROR: \"SCHEMA_FIELD_UPDATE_ERROR\",\n\tSCHEMA_FIELD_DELETE_ERROR: \"SCHEMA_FIELD_DELETE_ERROR\",\n\tSCHEMA_FIELD_REORDER_ERROR: \"SCHEMA_FIELD_REORDER_ERROR\",\n\t// Byline schema (Discussion #1174). Reuses RESERVED_SLUG, INVALID_SLUG,\n\t// INVALID_TYPE, FIELD_EXISTS, NOT_FOUND, VALIDATION_ERROR where the\n\t// semantics match; the two below are byline-domain specific:\n\tTRANSLATABLE_LOCKED: \"TRANSLATABLE_LOCKED\",\n\tREORDER_MISMATCH: \"REORDER_MISMATCH\",\n\tORPHAN_LIST_ERROR: \"ORPHAN_LIST_ERROR\",\n\tORPHAN_REGISTER_ERROR: \"ORPHAN_REGISTER_ERROR\",\n\tCOLLECTION_EXISTS: \"COLLECTION_EXISTS\",\n\tCOLLECTION_NOT_FOUND: \"COLLECTION_NOT_FOUND\",\n\tTABLE_NOT_FOUND: \"TABLE_NOT_FOUND\",\n\tFIELD_EXISTS: \"FIELD_EXISTS\",\n\tRESERVED_SLUG: \"RESERVED_SLUG\",\n\tINVALID_SLUG: \"INVALID_SLUG\",\n\tCREATE_FAILED: \"CREATE_FAILED\",\n\tUPDATE_FAILED: \"UPDATE_FAILED\",\n\tREGISTER_FAILED: \"REGISTER_FAILED\",\n\n\t// Media\n\tMEDIA_LIST_ERROR: \"MEDIA_LIST_ERROR\",\n\tMEDIA_GET_ERROR: \"MEDIA_GET_ERROR\",\n\tMEDIA_CREATE_ERROR: \"MEDIA_CREATE_ERROR\",\n\tMEDIA_UPDATE_ERROR: \"MEDIA_UPDATE_ERROR\",\n\tMEDIA_DELETE_ERROR: \"MEDIA_DELETE_ERROR\",\n\tNO_STORAGE: \"NO_STORAGE\",\n\tNO_FILE: \"NO_FILE\",\n\tINVALID_TYPE: \"INVALID_TYPE\",\n\tUPLOAD_ERROR: \"UPLOAD_ERROR\",\n\tUPLOAD_URL_ERROR: \"UPLOAD_URL_ERROR\",\n\tCONFIRM_ERROR: \"CONFIRM_ERROR\",\n\tCONFIRM_FAILED: \"CONFIRM_FAILED\",\n\tFILE_NOT_FOUND: \"FILE_NOT_FOUND\",\n\tINVALID_STATE: \"INVALID_STATE\",\n\tFILE_SERVE_ERROR: \"FILE_SERVE_ERROR\",\n\tSTORAGE_NOT_CONFIGURED: \"STORAGE_NOT_CONFIGURED\",\n\tPROVIDER_LIST_ERROR: \"PROVIDER_LIST_ERROR\",\n\tPROVIDER_UPLOAD_ERROR: \"PROVIDER_UPLOAD_ERROR\",\n\tPROVIDER_GET_ERROR: \"PROVIDER_GET_ERROR\",\n\tPROVIDER_DELETE_ERROR: \"PROVIDER_DELETE_ERROR\",\n\n\t// Comments\n\tCOMMENT_LIST_ERROR: \"COMMENT_LIST_ERROR\",\n\tCOMMENT_GET_ERROR: \"COMMENT_GET_ERROR\",\n\tCOMMENT_STATUS_ERROR: \"COMMENT_STATUS_ERROR\",\n\tCOMMENT_DELETE_ERROR: \"COMMENT_DELETE_ERROR\",\n\tCOMMENT_BULK_ERROR: \"COMMENT_BULK_ERROR\",\n\tCOMMENT_INBOX_ERROR: \"COMMENT_INBOX_ERROR\",\n\tCOMMENT_COUNTS_ERROR: \"COMMENT_COUNTS_ERROR\",\n\tCOMMENT_CREATE_ERROR: \"COMMENT_CREATE_ERROR\",\n\tCOMMENTS_DISABLED: \"COMMENTS_DISABLED\",\n\tCOMMENTS_CLOSED: \"COMMENTS_CLOSED\",\n\tCOMMENT_REJECTED: \"COMMENT_REJECTED\",\n\n\t// Auth\n\tACCOUNT_DISABLED: \"ACCOUNT_DISABLED\",\n\tADMIN_EXISTS: \"ADMIN_EXISTS\",\n\tSETUP_COMPLETE: \"SETUP_COMPLETE\",\n\tCREDENTIAL_EXISTS: \"CREDENTIAL_EXISTS\",\n\tCHALLENGE_EXPIRED: \"CHALLENGE_EXPIRED\",\n\tPASSKEY_REGISTER_ERROR: \"PASSKEY_REGISTER_ERROR\",\n\tPASSKEY_REGISTER_OPTIONS_ERROR: \"PASSKEY_REGISTER_OPTIONS_ERROR\",\n\tPASSKEY_OPTIONS_ERROR: \"PASSKEY_OPTIONS_ERROR\",\n\tPASSKEY_VERIFY_ERROR: \"PASSKEY_VERIFY_ERROR\",\n\tPASSKEY_LIST_ERROR: \"PASSKEY_LIST_ERROR\",\n\tPASSKEY_RENAME_ERROR: \"PASSKEY_RENAME_ERROR\",\n\tPASSKEY_DELETE_ERROR: \"PASSKEY_DELETE_ERROR\",\n\tPASSKEY_LIMIT: \"PASSKEY_LIMIT\",\n\tLAST_PASSKEY: \"LAST_PASSKEY\",\n\tLOGOUT_ERROR: \"LOGOUT_ERROR\",\n\tSELF_ROLE_CHANGE: \"SELF_ROLE_CHANGE\",\n\tEMAIL_IN_USE: \"EMAIL_IN_USE\",\n\tEMAIL_NOT_CONFIGURED: \"EMAIL_NOT_CONFIGURED\",\n\tUSER_EXISTS: \"USER_EXISTS\",\n\tINVALID_TOKEN: \"INVALID_TOKEN\",\n\tTOKEN_EXPIRED: \"TOKEN_EXPIRED\",\n\tDOMAIN_NOT_ALLOWED: \"DOMAIN_NOT_ALLOWED\",\n\tINVITE_CREATE_ERROR: \"INVITE_CREATE_ERROR\",\n\tINVITE_VALIDATE_ERROR: \"INVITE_VALIDATE_ERROR\",\n\tINVITE_COMPLETE_ERROR: \"INVITE_COMPLETE_ERROR\",\n\tSIGNUP_VERIFY_ERROR: \"SIGNUP_VERIFY_ERROR\",\n\tSIGNUP_COMPLETE_ERROR: \"SIGNUP_COMPLETE_ERROR\",\n\tRECOVERY_SEND_ERROR: \"RECOVERY_SEND_ERROR\",\n\tUSER_LIST_ERROR: \"USER_LIST_ERROR\",\n\tUSER_DETAIL_ERROR: \"USER_DETAIL_ERROR\",\n\tUSER_UPDATE_ERROR: \"USER_UPDATE_ERROR\",\n\tUSER_DISABLE_ERROR: \"USER_DISABLE_ERROR\",\n\tUSER_ENABLE_ERROR: \"USER_ENABLE_ERROR\",\n\n\t// OAuth (internal codes -- distinct from RFC OAuthErrorCode)\n\tUNSUPPORTED_RESPONSE_TYPE: \"UNSUPPORTED_RESPONSE_TYPE\",\n\tINVALID_REDIRECT_URI: \"INVALID_REDIRECT_URI\",\n\tINVALID_CLIENT: \"INVALID_CLIENT\",\n\tINVALID_SCOPE: \"INVALID_SCOPE\",\n\tAUTHORIZATION_ERROR: \"AUTHORIZATION_ERROR\",\n\tINVALID_GRANT: \"INVALID_GRANT\",\n\tUNSUPPORTED_GRANT_TYPE: \"UNSUPPORTED_GRANT_TYPE\",\n\tINVALID_CODE: \"INVALID_CODE\",\n\tEXPIRED_CODE: \"EXPIRED_CODE\",\n\tINSUFFICIENT_ROLE: \"INSUFFICIENT_ROLE\",\n\tINSUFFICIENT_SCOPE: \"INSUFFICIENT_SCOPE\",\n\tINSUFFICIENT_PERMISSIONS: \"INSUFFICIENT_PERMISSIONS\",\n\tTOKEN_EXCHANGE_ERROR: \"TOKEN_EXCHANGE_ERROR\",\n\tTOKEN_REFRESH_ERROR: \"TOKEN_REFRESH_ERROR\",\n\tTOKEN_REVOKE_ERROR: \"TOKEN_REVOKE_ERROR\",\n\tTOKEN_CREATE_ERROR: \"TOKEN_CREATE_ERROR\",\n\tTOKEN_LIST_ERROR: \"TOKEN_LIST_ERROR\",\n\tTOKEN_ERROR: \"TOKEN_ERROR\",\n\tDEVICE_CODE_ERROR: \"DEVICE_CODE_ERROR\",\n\tAUTHORIZE_ERROR: \"AUTHORIZE_ERROR\",\n\tCLIENT_LIST_ERROR: \"CLIENT_LIST_ERROR\",\n\tCLIENT_GET_ERROR: \"CLIENT_GET_ERROR\",\n\tCLIENT_CREATE_ERROR: \"CLIENT_CREATE_ERROR\",\n\tCLIENT_UPDATE_ERROR: \"CLIENT_UPDATE_ERROR\",\n\tCLIENT_DELETE_ERROR: \"CLIENT_DELETE_ERROR\",\n\n\t// Allowed domains\n\tDOMAIN_LIST_ERROR: \"DOMAIN_LIST_ERROR\",\n\tDOMAIN_CREATE_ERROR: \"DOMAIN_CREATE_ERROR\",\n\tDOMAIN_UPDATE_ERROR: \"DOMAIN_UPDATE_ERROR\",\n\tDOMAIN_DELETE_ERROR: \"DOMAIN_DELETE_ERROR\",\n\n\t// Plugins / Marketplace\n\tPLUGIN_LIST_ERROR: \"PLUGIN_LIST_ERROR\",\n\tPLUGIN_GET_ERROR: \"PLUGIN_GET_ERROR\",\n\tPLUGIN_ENABLE_ERROR: \"PLUGIN_ENABLE_ERROR\",\n\tPLUGIN_DISABLE_ERROR: \"PLUGIN_DISABLE_ERROR\",\n\tPLUGIN_ID_CONFLICT: \"PLUGIN_ID_CONFLICT\",\n\tMARKETPLACE_NOT_CONFIGURED: \"MARKETPLACE_NOT_CONFIGURED\",\n\tMARKETPLACE_UNAVAILABLE: \"MARKETPLACE_UNAVAILABLE\",\n\tMARKETPLACE_ERROR: \"MARKETPLACE_ERROR\",\n\tSANDBOX_NOT_AVAILABLE: \"SANDBOX_NOT_AVAILABLE\",\n\tALREADY_INSTALLED: \"ALREADY_INSTALLED\",\n\tALREADY_UP_TO_DATE: \"ALREADY_UP_TO_DATE\",\n\tNO_VERSION: \"NO_VERSION\",\n\tMANIFEST_MISMATCH: \"MANIFEST_MISMATCH\",\n\tMANIFEST_VERSION_MISMATCH: \"MANIFEST_VERSION_MISMATCH\",\n\tAUDIT_FAILED: \"AUDIT_FAILED\",\n\tCHECKSUM_MISMATCH: \"CHECKSUM_MISMATCH\",\n\tINVALID_BUNDLE: \"INVALID_BUNDLE\",\n\tBUNDLE_EXTRACT_FAILED: \"BUNDLE_EXTRACT_FAILED\",\n\tBUNDLE_DOWNLOAD_FAILED: \"BUNDLE_DOWNLOAD_FAILED\",\n\tAGGREGATOR_RESPONSE_INVALID: \"AGGREGATOR_RESPONSE_INVALID\",\n\tAGGREGATOR_HTTP_ERROR: \"AGGREGATOR_HTTP_ERROR\",\n\tAGGREGATOR_NOT_FOUND: \"AGGREGATOR_NOT_FOUND\",\n\tCAPABILITY_ESCALATION: \"CAPABILITY_ESCALATION\",\n\tROUTE_VISIBILITY_ESCALATION: \"ROUTE_VISIBILITY_ESCALATION\",\n\tENV_INCOMPATIBLE: \"ENV_INCOMPATIBLE\",\n\tINSTALL_FAILED: \"INSTALL_FAILED\",\n\tUNINSTALL_FAILED: \"UNINSTALL_FAILED\",\n\tSEARCH_FAILED: \"SEARCH_FAILED\",\n\tGET_PLUGIN_FAILED: \"GET_PLUGIN_FAILED\",\n\tGET_THEME_FAILED: \"GET_THEME_FAILED\",\n\tTHEME_SEARCH_FAILED: \"THEME_SEARCH_FAILED\",\n\tUPDATE_CHECK_FAILED: \"UPDATE_CHECK_FAILED\",\n\tEXCLUSIVE_HOOKS_LIST_ERROR: \"EXCLUSIVE_HOOKS_LIST_ERROR\",\n\tEXCLUSIVE_HOOK_SET_ERROR: \"EXCLUSIVE_HOOK_SET_ERROR\",\n\n\t// Menus\n\tMENU_LIST_ERROR: \"MENU_LIST_ERROR\",\n\tMENU_CREATE_ERROR: \"MENU_CREATE_ERROR\",\n\tMENU_GET_ERROR: \"MENU_GET_ERROR\",\n\tMENU_UPDATE_ERROR: \"MENU_UPDATE_ERROR\",\n\tMENU_DELETE_ERROR: \"MENU_DELETE_ERROR\",\n\tMENU_ITEM_CREATE_ERROR: \"MENU_ITEM_CREATE_ERROR\",\n\tMENU_ITEM_UPDATE_ERROR: \"MENU_ITEM_UPDATE_ERROR\",\n\tMENU_ITEM_DELETE_ERROR: \"MENU_ITEM_DELETE_ERROR\",\n\tMENU_REORDER_ERROR: \"MENU_REORDER_ERROR\",\n\t// Returned when a menu name resolves to multiple locale variants and\n\t// the caller did not pass `locale` to disambiguate. (name, locale) is\n\t// unique, so this only fires for omitted-locale lookups.\n\tAMBIGUOUS_LOCALE: \"AMBIGUOUS_LOCALE\",\n\n\t// Taxonomies\n\tTAXONOMY_LIST_ERROR: \"TAXONOMY_LIST_ERROR\",\n\tTAXONOMY_CREATE_ERROR: \"TAXONOMY_CREATE_ERROR\",\n\tTERM_LIST_ERROR: \"TERM_LIST_ERROR\",\n\tTERM_CREATE_ERROR: \"TERM_CREATE_ERROR\",\n\tTERM_GET_ERROR: \"TERM_GET_ERROR\",\n\tTERM_UPDATE_ERROR: \"TERM_UPDATE_ERROR\",\n\tTERM_DELETE_ERROR: \"TERM_DELETE_ERROR\",\n\tTERMS_GET_ERROR: \"TERMS_GET_ERROR\",\n\tTERMS_SET_ERROR: \"TERMS_SET_ERROR\",\n\n\t// Sections\n\tSECTION_LIST_ERROR: \"SECTION_LIST_ERROR\",\n\tSECTION_CREATE_ERROR: \"SECTION_CREATE_ERROR\",\n\tSECTION_GET_ERROR: \"SECTION_GET_ERROR\",\n\tSECTION_UPDATE_ERROR: \"SECTION_UPDATE_ERROR\",\n\tSECTION_DELETE_ERROR: \"SECTION_DELETE_ERROR\",\n\n\t// Redirects\n\tREDIRECT_LIST_ERROR: \"REDIRECT_LIST_ERROR\",\n\tREDIRECT_CREATE_ERROR: \"REDIRECT_CREATE_ERROR\",\n\tREDIRECT_GET_ERROR: \"REDIRECT_GET_ERROR\",\n\tREDIRECT_UPDATE_ERROR: \"REDIRECT_UPDATE_ERROR\",\n\tREDIRECT_DELETE_ERROR: \"REDIRECT_DELETE_ERROR\",\n\tNOT_FOUND_LIST_ERROR: \"NOT_FOUND_LIST_ERROR\",\n\tNOT_FOUND_SUMMARY_ERROR: \"NOT_FOUND_SUMMARY_ERROR\",\n\tNOT_FOUND_CLEAR_ERROR: \"NOT_FOUND_CLEAR_ERROR\",\n\tNOT_FOUND_PRUNE_ERROR: \"NOT_FOUND_PRUNE_ERROR\",\n\n\t// Widgets\n\tWIDGET_AREA_LIST_ERROR: \"WIDGET_AREA_LIST_ERROR\",\n\tWIDGET_AREA_CREATE_ERROR: \"WIDGET_AREA_CREATE_ERROR\",\n\tWIDGET_AREA_GET_ERROR: \"WIDGET_AREA_GET_ERROR\",\n\tWIDGET_AREA_DELETE_ERROR: \"WIDGET_AREA_DELETE_ERROR\",\n\tWIDGET_CREATE_ERROR: \"WIDGET_CREATE_ERROR\",\n\tWIDGET_UPDATE_ERROR: \"WIDGET_UPDATE_ERROR\",\n\tWIDGET_DELETE_ERROR: \"WIDGET_DELETE_ERROR\",\n\tWIDGET_REORDER_ERROR: \"WIDGET_REORDER_ERROR\",\n\tWIDGET_COMPONENTS_ERROR: \"WIDGET_COMPONENTS_ERROR\",\n\n\t// Setup\n\tALREADY_CONFIGURED: \"ALREADY_CONFIGURED\",\n\tINVALID_SEED: \"INVALID_SEED\",\n\tINVALID_REDIRECT: \"INVALID_REDIRECT\",\n\tSETUP_ERROR: \"SETUP_ERROR\",\n\tSETUP_STATUS_ERROR: \"SETUP_STATUS_ERROR\",\n\tSETUP_ADMIN_ERROR: \"SETUP_ADMIN_ERROR\",\n\tSETUP_VERIFY_ERROR: \"SETUP_VERIFY_ERROR\",\n\tDEV_BYPASS_ERROR: \"DEV_BYPASS_ERROR\",\n\tDEV_RESET_ERROR: \"DEV_RESET_ERROR\",\n\tMIGRATION_ERROR: \"MIGRATION_ERROR\",\n\tSEED_ERROR: \"SEED_ERROR\",\n\n\t// Settings\n\tSETTINGS_READ_ERROR: \"SETTINGS_READ_ERROR\",\n\tSETTINGS_UPDATE_ERROR: \"SETTINGS_UPDATE_ERROR\",\n\tEMAIL_SETTINGS_READ_ERROR: \"EMAIL_SETTINGS_READ_ERROR\",\n\tEMAIL_TEST_ERROR: \"EMAIL_TEST_ERROR\",\n\n\t// Search\n\tSEARCH_ERROR: \"SEARCH_ERROR\",\n\tSTATS_ERROR: \"STATS_ERROR\",\n\tSUGGESTION_ERROR: \"SUGGESTION_ERROR\",\n\tREBUILD_ERROR: \"REBUILD_ERROR\",\n\n\t// Import\n\tWXR_ANALYZE_ERROR: \"WXR_ANALYZE_ERROR\",\n\tWXR_PREPARE_ERROR: \"WXR_PREPARE_ERROR\",\n\tWXR_IMPORT_ERROR: \"WXR_IMPORT_ERROR\",\n\tIMPORT_ERROR: \"IMPORT_ERROR\",\n\tREWRITE_ERROR: \"REWRITE_ERROR\",\n\tWP_PLUGIN_ANALYZE_ERROR: \"WP_PLUGIN_ANALYZE_ERROR\",\n\tWP_PLUGIN_IMPORT_ERROR: \"WP_PLUGIN_IMPORT_ERROR\",\n\tSSRF_BLOCKED: \"SSRF_BLOCKED\",\n\tPROBE_ERROR: \"PROBE_ERROR\",\n\n\t// Dashboard\n\tDASHBOARD_ERROR: \"DASHBOARD_ERROR\",\n\tDASHBOARD_STATS_ERROR: \"DASHBOARD_STATS_ERROR\",\n\n\t// Misc\n\tSNAPSHOT_ERROR: \"SNAPSHOT_ERROR\",\n\tTYPEGEN_ERROR: \"TYPEGEN_ERROR\",\n\tSITEMAP_ERROR: \"SITEMAP_ERROR\",\n\tNO_DB: \"NO_DB\",\n\tINVALID_REQUEST: \"INVALID_REQUEST\",\n\tUNKNOWN_ACTION: \"UNKNOWN_ACTION\",\n} as const;\n\nexport type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];\n\n/\n OAuth RFC 6749 error codes.\n \n These MUST be lowercase per the RFC spec. Used only by OAuth token endpoints.\n * Separate from ErrorCode to prevent mixing conventions.\n /\nexport const OAuthErrorCode = {\n\tINVALID_GRANT: \"invalid_grant\",\n\tUNSUPPORTED_GRANT_TYPE: \"unsupported_grant_type\",\n\tEXPIRED_TOKEN: \"expired_token\",\n\tACCESS_DENIED: \"access_denied\",\n\tAUTHORIZATION_PENDING: \"authorization_pending\",\n} as const;\n\nexport type OAuthErrorCode = (typeof OAuthErrorCode)[keyof typeof OAuthErrorCode];\n\n/\n Map a handler error code to an HTTP status code.\n \n Shared codes have explicit mappings. Domain-specific `_ERROR` codes\n (used in catch blocks via handleError) default to 500. Everything else\n * defaults to 400 (client error).\n /\nexport function mapErrorStatus(code: string \| undefined): number {\n\tswitch (code) {\n\t\t// 400 Bad Request\n\t\tcase ErrorCode.VALIDATION_ERROR:\n\t\tcase ErrorCode.INVALID_INPUT:\n\t\tcase ErrorCode.INVALID_JSON:\n\t\tcase ErrorCode.INVALID_CURSOR:\n\t\tcase ErrorCode.MISSING_PARAM:\n\t\tcase ErrorCode.INVALID_REQUEST:\n\t\tcase ErrorCode.NOT_SUPPORTED:\n\t\tcase ErrorCode.INVALID_SLUG:\n\t\tcase ErrorCode.RESERVED_SLUG:\n\t\tcase ErrorCode.INVALID_TYPE:\n\t\tcase ErrorCode.NO_FILE:\n\t\tcase ErrorCode.INVALID_STATE:\n\t\tcase ErrorCode.INVALID_SEED:\n\t\tcase ErrorCode.INVALID_REDIRECT:\n\t\tcase ErrorCode.INVALID_TOKEN:\n\t\tcase ErrorCode.INVALID_REVISION:\n\t\tcase ErrorCode.INVALID_CODE:\n\t\tcase ErrorCode.CHALLENGE_EXPIRED:\n\t\tcase ErrorCode.EXPIRED_CODE:\n\t\tcase ErrorCode.LAST_PASSKEY:\n\t\tcase ErrorCode.PASSKEY_LIMIT:\n\t\tcase ErrorCode.ADMIN_EXISTS:\n\t\tcase ErrorCode.SETUP_COMPLETE:\n\t\tcase ErrorCode.SELF_ROLE_CHANGE:\n\t\tcase ErrorCode.SSRF_BLOCKED:\n\t\tcase ErrorCode.UNKNOWN_ACTION:\n\t\tcase ErrorCode.AMBIGUOUS_LOCALE:\n\t\tcase ErrorCode.REORDER_MISMATCH:\n\t\t\treturn 400;\n\n\t\t// 401 Unauthorized\n\t\tcase ErrorCode.UNAUTHORIZED:\n\t\tcase ErrorCode.NOT_AUTHENTICATED:\n\t\t\treturn 401;\n\n\t\t// 403 Forbidden\n\t\tcase ErrorCode.FORBIDDEN:\n\t\tcase ErrorCode.CSRF_REJECTED:\n\t\tcase ErrorCode.ACCOUNT_DISABLED:\n\t\tcase ErrorCode.COMMENTS_DISABLED:\n\t\tcase ErrorCode.COMMENTS_CLOSED:\n\t\tcase ErrorCode.COMMENT_REJECTED:\n\t\tcase ErrorCode.DOMAIN_NOT_ALLOWED:\n\t\tcase ErrorCode.INSUFFICIENT_ROLE:\n\t\tcase ErrorCode.INSUFFICIENT_SCOPE:\n\t\tcase ErrorCode.INSUFFICIENT_PERMISSIONS:\n\t\tcase ErrorCode.CAPABILITY_ESCALATION:\n\t\tcase ErrorCode.ROUTE_VISIBILITY_ESCALATION:\n\t\tcase ErrorCode.AUDIT_FAILED:\n\t\t\treturn 403;\n\n\t\t// 404 Not Found\n\t\tcase ErrorCode.NOT_FOUND:\n\t\tcase ErrorCode.TABLE_NOT_FOUND:\n\t\tcase ErrorCode.COLLECTION_NOT_FOUND:\n\t\tcase ErrorCode.FILE_NOT_FOUND:\n\t\tcase ErrorCode.NO_VERSION:\n\t\tcase ErrorCode.AGGREGATOR_NOT_FOUND:\n\t\t\treturn 404;\n\n\t\t// 409 Conflict\n\t\tcase ErrorCode.CONFLICT:\n\t\tcase ErrorCode.SLUG_CONFLICT:\n\t\tcase ErrorCode.COLLECTION_EXISTS:\n\t\tcase ErrorCode.FIELD_EXISTS:\n\t\tcase ErrorCode.CREDENTIAL_EXISTS:\n\t\tcase ErrorCode.EMAIL_IN_USE:\n\t\tcase ErrorCode.USER_EXISTS:\n\t\tcase ErrorCode.PLUGIN_ID_CONFLICT:\n\t\tcase ErrorCode.ALREADY_INSTALLED:\n\t\tcase ErrorCode.ALREADY_CONFIGURED:\n\t\tcase ErrorCode.ALREADY_UP_TO_DATE:\n\t\tcase ErrorCode.TRANSLATABLE_LOCKED:\n\t\tcase ErrorCode.ENV_INCOMPATIBLE:\n\t\t\treturn 409;\n\n\t\t// 410 Gone\n\t\tcase ErrorCode.TOKEN_EXPIRED:\n\t\t\treturn 410;\n\n\t\t// 422 Unprocessable Entity\n\t\tcase ErrorCode.CHECKSUM_MISMATCH:\n\t\tcase ErrorCode.INVALID_BUNDLE:\n\t\tcase ErrorCode.BUNDLE_EXTRACT_FAILED:\n\t\t\treturn 422;\n\n\t\t// 429 Too Many Requests\n\t\tcase ErrorCode.RATE_LIMITED:\n\t\t\treturn 429;\n\n\t\t// 500 Internal Server Error\n\t\tcase ErrorCode.NOT_CONFIGURED:\n\t\tcase ErrorCode.NO_STORAGE:\n\t\tcase ErrorCode.NO_DB:\n\t\tcase ErrorCode.STORAGE_NOT_CONFIGURED:\n\t\tcase ErrorCode.EMAIL_NOT_CONFIGURED:\n\t\t\treturn 500;\n\n\t\t// 501 Not Implemented\n\t\tcase ErrorCode.NOT_IMPLEMENTED:\n\t\t\treturn 501;\n\n\t\t// 502 Bad Gateway\n\t\tcase ErrorCode.BUNDLE_DOWNLOAD_FAILED:\n\t\tcase ErrorCode.AGGREGATOR_RESPONSE_INVALID:\n\t\tcase ErrorCode.AGGREGATOR_HTTP_ERROR:\n\t\t\treturn 502;\n\n\t\t// 503 Service Unavailable\n\t\tcase ErrorCode.MARKETPLACE_UNAVAILABLE:\n\t\tcase ErrorCode.MARKETPLACE_NOT_CONFIGURED:\n\t\tcase ErrorCode.SANDBOX_NOT_AVAILABLE:\n\t\t\treturn 503;\n\n\t\t// Domain-specific _ERROR codes are catch-block codes -- always 500.\n\t\t// WARNING: If adding a new code that ends in _ERROR but represents a\n\t\t// client error (4xx), add it to an explicit case above or it will\n\t\t// be incorrectly mapped to 500.\n\t\tdefault:\n\t\t\treturn code?.endsWith(\"_ERROR\") ? 500 : 400;\n\t}\n}\n","/*\n Standardized API error responses.\n \n All API routes should use these utilities instead of inline\n * `new Response(JSON.stringify({ error: ... }), ...)` patterns.\n /\n\nimport { InvalidCursorError } from \"../database/repositories/types.js\";\nimport { mapErrorStatus } from \"./errors.js\";\nimport type { ApiResult } from \"./types.js\";\n\n// Re-export everything from errors.ts so existing `import { mapErrorStatus } from \"./error.js\"` still works\nexport from \"./errors.js\";\n\n/*\n Standard cache headers for all API responses.\n \n Cache-Control: private, no-store -- prevents CDN/proxy caching of authenticated data.\n * no-store already tells caches not to store the response, so Vary is unnecessary.\n /\nconst API_CACHE_HEADERS: HeadersInit = {\n\t\"Cache-Control\": \"private, no-store\",\n};\n\n/\n Create a standardized error response.\n \n Always returns `{ error: { code, message } }` with correct Content-Type.\n * Use this for all error responses in API routes.\n /\nexport function apiError(\n\tcode: string,\n\tmessage: string,\n\tstatus: number,\n\tdetails?: Record<string, unknown>,\n): Response {\n\tconst error: { code: string; message: string; details?: Record<string, unknown> } = {\n\t\tcode,\n\t\tmessage,\n\t};\n\tif (details !== undefined) error.details = details;\n\treturn Response.json({ error }, { status, headers: API_CACHE_HEADERS });\n}\n\n/\n Create a standardized success response.\n \n Always returns `{ data: T }` with correct status code.\n * Use this for all success responses in API routes.\n /\nexport function apiSuccess<T>(data: T, status = 200): Response {\n\treturn Response.json({ data }, { status, headers: API_CACHE_HEADERS });\n}\n\n/\n Handle an unknown error in a catch block.\n \n - Logs the full error server-side\n * - Returns a generic message to the client (never leaks error.message)\n * - Use `fallbackMessage` for the public-facing message\n * - Use `fallbackCode` for the error code\n /\nexport function handleError(\n\terror: unknown,\n\tfallbackMessage: string,\n\tfallbackCode: string,\n): Response {\n\t// Bubble malformed-cursor errors as a structured 400 instead of a\n\t// generic 500.\n\tif (error instanceof InvalidCursorError) {\n\t\treturn apiError(\"INVALID_CURSOR\", error.message, 400);\n\t}\n\tconsole.error(`[${fallbackCode}]`, error);\n\treturn apiError(fallbackCode, fallbackMessage, 500);\n}\n\n/\n Standard initialization check.\n \n Returns an error response if EmDash is not initialized, or null if OK.\n * Usage: `const err = requireInit(emdash); if (err) return err;`\n /\nexport function requireInit(emdash: unknown): Response \| null {\n\tif (!emdash \|\| typeof emdash !== \"object\") {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\treturn null;\n}\n\n/\n Standard database check.\n \n Returns an error response if the database is not available, or null if OK.\n * Usage: `const err = requireDb(emdash?.db); if (err) return err;`\n /\nexport function requireDb(db: unknown): Response \| null {\n\tif (!db) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\treturn null;\n}\n\n/\n Convert an ApiResult into an HTTP Response.\n \n Collapses the handler-to-response boilerplate:\n * - Success: returns `apiSuccess(result.data, successStatus)`\n * - Error: returns `apiError(code, message, mapErrorStatus(code))`\n */\nexport function unwrapResult<T>(result: ApiResult<T>, successStatus = 200): Response {\n\tif (!result.success) {\n\t\treturn apiError(\n\t\t\tresult.error.code,\n\t\t\tresult.error.message,\n\t\t\tmapErrorStatus(result.error.code),\n\t\t\tresult.error.details,\n\t\t);\n\t}\n\treturn apiSuccess(result.data, successStatus);\n}\n"],"mappings":";;;;;;;;;;AAQA,MAAa,YAAY;CAExB,WAAW;CACX,kBAAkB;CAClB,eAAe;CACf,cAAc;CACd,gBAAgB;CAChB,UAAU;CACV,eAAe;CACf,gBAAgB;CAChB,cAAc;CACd,WAAW;CACX,cAAc;CACd,mBAAmB;CACnB,iBAAiB;CACjB,eAAe;CACf,eAAe;CACf,eAAe;CAGf,sBAAsB;CACtB,sBAAsB;CACtB,sBAAsB;CACtB,oBAAoB;CACpB,mBAAmB;CACnB,yBAAyB;CACzB,uBAAuB;CACvB,uBAAuB;CACvB,yBAAyB;CACzB,wBAAwB;CACxB,0BAA0B;CAC1B,6BAA6B;CAC7B,uBAAuB;CACvB,4BAA4B;CAC5B,qBAAqB;CAGrB,qBAAqB;CACrB,oBAAoB;CACpB,wBAAwB;CACxB,kBAAkB;CAGlB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,yBAAyB;CACzB,wBAAwB;CACxB,2BAA2B;CAC3B,2BAA2B;CAC3B,2BAA2B;CAC3B,4BAA4B;CAI5B,qBAAqB;CACrB,kBAAkB;CAClB,mBAAmB;CACnB,uBAAuB;CACvB,mBAAmB;CACnB,sBAAsB;CACtB,iBAAiB;CACjB,cAAc;CACd,eAAe;CACf,cAAc;CACd,eAAe;CACf,eAAe;CACf,iBAAiB;CAGjB,kBAAkB;CAClB,iBAAiB;CACjB,oBAAoB;CACpB,oBAAoB;CACpB,oBAAoB;CACpB,YAAY;CACZ,SAAS;CACT,cAAc;CACd,cAAc;CACd,kBAAkB;CAClB,eAAe;CACf,gBAAgB;CAChB,gBAAgB;CAChB,eAAe;CACf,kBAAkB;CAClB,wBAAwB;CACxB,qBAAqB;CACrB,uBAAuB;CACvB,oBAAoB;CACpB,uBAAuB;CAGvB,oBAAoB;CACpB,mBAAmB;CACnB,sBAAsB;CACtB,sBAAsB;CACtB,oBAAoB;CACpB,qBAAqB;CACrB,sBAAsB;CACtB,sBAAsB;CACtB,mBAAmB;CACnB,iBAAiB;CACjB,kBAAkB;CAGlB,kBAAkB;CAClB,cAAc;CACd,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,wBAAwB;CACxB,gCAAgC;CAChC,uBAAuB;CACvB,sBAAsB;CACtB,oBAAoB;CACpB,sBAAsB;CACtB,sBAAsB;CACtB,eAAe;CACf,cAAc;CACd,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,sBAAsB;CACtB,aAAa;CACb,eAAe;CACf,eAAe;CACf,oBAAoB;CACpB,qBAAqB;CACrB,uBAAuB;CACvB,uBAAuB;CACvB,qBAAqB;CACrB,uBAAuB;CACvB,qBAAqB;CACrB,iBAAiB;CACjB,mBAAmB;CACnB,mBAAmB;CACnB,oBAAoB;CACpB,mBAAmB;CAGnB,2BAA2B;CAC3B,sBAAsB;CACtB,gBAAgB;CAChB,eAAe;CACf,qBAAqB;CACrB,eAAe;CACf,wBAAwB;CACxB,cAAc;CACd,cAAc;CACd,mBAAmB;CACnB,oBAAoB;CACpB,0BAA0B;CAC1B,sBAAsB;CACtB,qBAAqB;CACrB,oBAAoB;CACpB,oBAAoB;CACpB,kBAAkB;CAClB,aAAa;CACb,mBAAmB;CACnB,iBAAiB;CACjB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CAGrB,mBAAmB;CACnB,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CAGrB,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,sBAAsB;CACtB,oBAAoB;CACpB,4BAA4B;CAC5B,yBAAyB;CACzB,mBAAmB;CACnB,uBAAuB;CACvB,mBAAmB;CACnB,oBAAoB;CACpB,YAAY;CACZ,mBAAmB;CACnB,2BAA2B;CAC3B,cAAc;CACd,mBAAmB;CACnB,gBAAgB;CAChB,uBAAuB;CACvB,wBAAwB;CACxB,6BAA6B;CAC7B,uBAAuB;CACvB,sBAAsB;CACtB,uBAAuB;CACvB,6BAA6B;CAC7B,kBAAkB;CAClB,gBAAgB;CAChB,kBAAkB;CAClB,eAAe;CACf,mBAAmB;CACnB,kBAAkB;CAClB,qBAAqB;CACrB,qBAAqB;CACrB,4BAA4B;CAC5B,0BAA0B;CAG1B,iBAAiB;CACjB,mBAAmB;CACnB,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,wBAAwB;CACxB,wBAAwB;CACxB,wBAAwB;CACxB,oBAAoB;CAIpB,kBAAkB;CAGlB,qBAAqB;CACrB,uBAAuB;CACvB,iBAAiB;CACjB,mBAAmB;CACnB,gBAAgB;CAChB,mBAAmB;CACnB,mBAAmB;CACnB,iBAAiB;CACjB,iBAAiB;CAGjB,oBAAoB;CACpB,sBAAsB;CACtB,mBAAmB;CACnB,sBAAsB;CACtB,sBAAsB;CAGtB,qBAAqB;CACrB,uBAAuB;CACvB,oBAAoB;CACpB,uBAAuB;CACvB,uBAAuB;CACvB,sBAAsB;CACtB,yBAAyB;CACzB,uBAAuB;CACvB,uBAAuB;CAGvB,wBAAwB;CACxB,0BAA0B;CAC1B,uBAAuB;CACvB,0BAA0B;CAC1B,qBAAqB;CACrB,qBAAqB;CACrB,qBAAqB;CACrB,sBAAsB;CACtB,yBAAyB;CAGzB,oBAAoB;CACpB,cAAc;CACd,kBAAkB;CAClB,aAAa;CACb,oBAAoB;CACpB,mBAAmB;CACnB,oBAAoB;CACpB,kBAAkB;CAClB,iBAAiB;CACjB,iBAAiB;CACjB,YAAY;CAGZ,qBAAqB;CACrB,uBAAuB;CACvB,2BAA2B;CAC3B,kBAAkB;CAGlB,cAAc;CACd,aAAa;CACb,kBAAkB;CAClB,eAAe;CAGf,mBAAmB;CACnB,mBAAmB;CACnB,kBAAkB;CAClB,cAAc;CACd,eAAe;CACf,yBAAyB;CACzB,wBAAwB;CACxB,cAAc;CACd,aAAa;CAGb,iBAAiB;CACjB,uBAAuB;CAGvB,gBAAgB;CAChB,eAAe;CACf,eAAe;CACf,OAAO;CACP,iBAAiB;CACjB,gBAAgB;CAChB;;;;;;;;AA2BD,SAAgB,eAAe,MAAkC;AAChE,SAAQ,MAAR;EAEC,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,iBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU,kBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,aACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,qBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,iBACd,QAAO;EAGR,KAAK,UAAU,cACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAGR,KAAK,UAAU,aACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,qBACd,QAAO;EAGR,KAAK,UAAU,gBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAGR,KAAK,UAAU;EACf,KAAK,UAAU;EACf,KAAK,UAAU,sBACd,QAAO;EAMR,QACC,QAAO,MAAM,SAAS,SAAS,GAAG,MAAM;;;;;;;;;;;;;;;;;;AClc3C,MAAM,oBAAiC,EACtC,iBAAiB,qBACjB;;;;;;;AAQD,SAAgB,SACf,MACA,SACA,QACA,SACW;CACX,MAAM,QAA8E;EACnF;EACA;EACA;AACD,KAAI,YAAY,OAAW,OAAM,UAAU;AAC3C,QAAO,SAAS,KAAK,EAAE,OAAO,EAAE;EAAE;EAAQ,SAAS;EAAmB,CAAC;;;;;;;;AASxE,SAAgB,WAAc,MAAS,SAAS,KAAe;AAC9D,QAAO,SAAS,KAAK,EAAE,MAAM,EAAE;EAAE;EAAQ,SAAS;EAAmB,CAAC;;;;;;;;;;AAWvE,SAAgB,YACf,OACA,iBACA,cACW;AAGX,KAAI,iBAAiB,mBACpB,QAAO,SAAS,kBAAkB,MAAM,SAAS,IAAI;AAEtD,SAAQ,MAAM,IAAI,aAAa,IAAI,MAAM;AACzC,QAAO,SAAS,cAAc,iBAAiB,IAAI;;;;;;;;AAsBpD,SAAgB,UAAU,IAA8B;AACvD,KAAI,CAAC,GACJ,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;AAEpE,QAAO;;;;;;;;;AAUR,SAAgB,aAAgB,QAAsB,gBAAgB,KAAe;AACpF,KAAI,CAAC,OAAO,QACX,QAAO,SACN,OAAO,MAAM,MACb,OAAO,MAAM,SACb,eAAe,OAAO,MAAM,KAAK,EACjC,OAAO,MAAM,QACb;AAEF,QAAO,WAAW,OAAO,MAAM,cAAc"}

package/dist/{fts-manager-DR1ERA0c.mjs → fts-manager-1RgHmopc.mjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { a as __exportAll } from "./runner-pt6Wl-l-.mjs";
+import { a as __exportAll } from "./runner--4wMWwKM.mjs";
 import { t as validateIdentifier } from "./validate-VPnKoIzW.mjs";
 import { l as tableExists, o as isSqlite } from "./dialect-helpers-DRI5pyY3.mjs";
 import { sql } from "kysely";
@@ -336,4 +336,4 @@ var FTSManager = class {
 //#endregion
 export { fts_manager_exports as n, FTSManager as t };
-//# sourceMappingURL=fts-manager-DR1ERA0c.mjs.map
+//# sourceMappingURL=fts-manager-1RgHmopc.mjs.map

package/dist/{fts-manager-DR1ERA0c.mjs.map → fts-manager-1RgHmopc.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"fts-manager-DR1ERA0c.mjs","names":["dialectTableExists"],"sources":["../src/search/fts-manager.ts"],"sourcesContent":["/*\n FTS5 Manager\n \n Manages FTS5 virtual tables and triggers for search indexing.\n /\n\nimport type { Kysely } from \"kysely\";\nimport { sql } from \"kysely\";\n\nimport { isSqlite, tableExists as dialectTableExists } from \"../database/dialect-helpers.js\";\nimport type { Database } from \"../database/types.js\";\nimport { validateIdentifier } from \"../database/validate.js\";\nimport type { SearchConfig } from \"./types.js\";\n\n/\n FTS5 Manager\n \n Handles creation, deletion, and management of FTS5 virtual tables\n * for full-text search on content collections.\n /\nexport class FTSManager {\n\tconstructor(private db: Kysely<Database>) {}\n\n\t/\n\t Validate a collection slug and its searchable field names.\n\t * Must be called before any raw SQL interpolation.\n\t /\n\tprivate validateInputs(collectionSlug: string, searchableFields?: string[]): void {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\tif (searchableFields) {\n\t\t\tfor (const field of searchableFields) {\n\t\t\t\tvalidateIdentifier(field, \"searchable field name\");\n\t\t\t}\n\t\t}\n\t}\n\n\t/\n\t Get the FTS table name for a collection\n\t * Uses _emdash_ prefix to clearly mark as internal/system table\n\t /\n\tgetFtsTableName(collectionSlug: string): string {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\treturn `_emdash_fts_${collectionSlug}`;\n\t}\n\n\t/\n\t Get the content table name for a collection\n\t /\n\tgetContentTableName(collectionSlug: string): string {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\treturn `ec_${collectionSlug}`;\n\t}\n\n\t/\n\t Check if an FTS table exists for a collection\n\t /\n\tasync ftsTableExists(collectionSlug: string): Promise<boolean> {\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\treturn dialectTableExists(this.db, ftsTable);\n\t}\n\n\t/\n\t Create an FTS5 virtual table for a collection.\n\t * FTS5 is SQLite-only; on other dialects this is a no-op.\n\t \n\t @param collectionSlug - The collection slug\n\t * @param searchableFields - Array of field names to index\n\t * @param weights - Optional field weights for ranking\n\t /\n\tasync createFtsTable(\n\t\tcollectionSlug: string,\n\t\tsearchableFields: string[],\n\t\t_weights?: Record<string, number>,\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\n\t\t// Build the column list for FTS5\n\t\t// id and locale are UNINDEXED (used for joining/filtering, not searched)\n\t\tconst columns = [\"id UNINDEXED\", \"locale UNINDEXED\", ...searchableFields].join(\", \");\n\n\t\t// Create the FTS5 virtual table.\n\t\t// `content='<table>'` makes this an external content* FTS5 table:\n\t\t// the inverted index lives in the FTS shadow tables, but the actual\n\t\t// row data lives in the backing content table. The triggers in\n\t\t// `createTriggers` keep the index in sync; they MUST use the\n\t\t// external-content-safe `'delete'` command (see notes there) to\n\t\t// avoid `SQLITE_CORRUPT_VTAB` on UPDATE/DELETE.\n\t\t// tokenize='porter unicode61' enables stemming (run matches running, ran, etc.)\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE VIRTUAL TABLE IF NOT EXISTS \"${ftsTable}\" USING fts5(\n\t\t\t\t${columns},\n\t\t\t\tcontent='${contentTable}',\n\t\t\t\tcontent_rowid='rowid',\n\t\t\t\ttokenize='porter unicode61'\n\t\t\t)\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Create triggers for automatic sync\n\t\tawait this.createTriggers(collectionSlug, searchableFields);\n\t}\n\n\t/*\n\t Create triggers to keep FTS table in sync with content table.\n\t \n\t The insert and update triggers only add rows to the FTS index when\n\t * `deleted_at IS NULL`. This keeps soft-deleted content out of the\n\t * search index and ensures the FTS row count matches the non-deleted\n\t * content count (which `verifyAndRepairIndex` relies on).\n\t \n\t IMPORTANT: The FTS5 virtual table is created with `content='ec_<slug>'`\n\t * which makes it an external content FTS5 table. For external-content\n\t * tables, removing a row must use the documented `'delete'` command and\n\t * supply the OLD column values explicitly, e.g.:\n\t \n\t INSERT INTO fts(fts, rowid, col1, col2)\n\t * VALUES('delete', OLD.rowid, OLD.col1, OLD.col2);\n\t \n\t Using `DELETE FROM fts WHERE rowid = OLD.rowid` is the correct form\n\t * for contentless tables but is unsafe for external-content tables:\n\t * FTS5 then reads column values from the backing content table, which\n\t * in an AFTER UPDATE trigger already holds the NEW values. The wrong\n\t * tokens get removed and the inverted index drifts out of sync until\n\t * SQLite raises `SQLITE_CORRUPT_VTAB` on the next mutation. See\n\t * https://www.sqlite.org/fts5.html#external_content_tables.\n\t \n\t The UPDATE and DELETE triggers gate the `'delete'` on\n\t * `OLD.deleted_at IS NULL` because the INSERT trigger never indexed\n\t * rows that were already soft-deleted. Issuing `'delete'` for a rowid\n\t * that was never inserted into the FTS index is itself a corruption\n\t * trigger -- FTS5's `'delete'` is not a no-op on missing rowids and\n\t * raises `SQLITE_CORRUPT_VTAB`. Affected paths include restore-from-\n\t * trash (UPDATE where `OLD.deleted_at IS NOT NULL`), permanent-delete\n\t * from trash (DELETE on a soft-deleted row), and any edit on a row\n\t * that's currently in the trash.\n\t /\n\tprivate async createTriggers(collectionSlug: string, searchableFields: string[]): Promise<void> {\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tif (searchableFields.length === 0) {\n\t\t\tthrow new Error(\n\t\t\t\t`Cannot create FTS triggers for collection \"${collectionSlug}\": no searchable fields. ` +\n\t\t\t\t\t`Mark at least one field as searchable before enabling search.`,\n\t\t\t);\n\t\t}\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fieldList = searchableFields.join(\", \");\n\t\tconst newFieldList = searchableFields.map((f) => `NEW.${f}`).join(\", \");\n\t\t// `'delete'` takes the FTS5 virtual table name as the first column,\n\t\t// then the rowid being removed, then the OLD value of every column\n\t\t// declared on the FTS5 table (in declaration order: id, locale,\n\t\t// then each searchable field).\n\t\tconst oldFieldList = searchableFields.map((f) => `OLD.${f}`).join(\", \");\n\n\t\t// Insert trigger - only index non-deleted content\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_insert\" \n\t\t\tAFTER INSERT ON \"${contentTable}\" \n\t\t\tWHEN NEW.deleted_at IS NULL\n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\t\tVALUES (NEW.rowid, NEW.id, NEW.locale, ${newFieldList});\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Update trigger - remove the old row from the FTS index using the\n\t\t// external-content-safe `'delete'` command (which uses OLD column\n\t\t// values, captured before the row was modified), then re-insert\n\t\t// the new values when the row is still visible.\n\t\t//\n\t\t// `'delete'` is gated on `OLD.deleted_at IS NULL` because rows that\n\t\t// were soft-deleted are not in the FTS index (the INSERT trigger\n\t\t// skips them). Issuing `'delete'` for a missing rowid raises\n\t\t// `SQLITE_CORRUPT_VTAB`, which would break restore-from-trash and\n\t\t// edits to soft-deleted rows.\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_update\" \n\t\t\tAFTER UPDATE ON \"${contentTable}\" \n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(\"${ftsTable}\", rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT 'delete', OLD.rowid, OLD.id, OLD.locale, ${oldFieldList}\n\t\t\t\tWHERE OLD.deleted_at IS NULL;\n\t\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT NEW.rowid, NEW.id, NEW.locale, ${newFieldList}\n\t\t\t\tWHERE NEW.deleted_at IS NULL;\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Delete trigger - same external-content-safe `'delete'` form,\n\t\t// gated on `OLD.deleted_at IS NULL` for the same reason as the\n\t\t// UPDATE trigger: permanent-delete from trash hits a row whose\n\t\t// `deleted_at` is already set and which was never indexed.\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_delete\" \n\t\t\tAFTER DELETE ON \"${contentTable}\" \n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(\"${ftsTable}\", rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT 'delete', OLD.rowid, OLD.id, OLD.locale, ${oldFieldList}\n\t\t\t\tWHERE OLD.deleted_at IS NULL;\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\t}\n\n\t/\n\t Drop triggers for a collection\n\t /\n\tprivate async dropTriggers(collectionSlug: string): Promise<void> {\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_insert\"`).execute(this.db);\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_update\"`).execute(this.db);\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_delete\"`).execute(this.db);\n\t}\n\n\t/\n\t Drop the FTS table and triggers for a collection\n\t /\n\tasync dropFtsTable(collectionSlug: string): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\n\t\t// Drop triggers first\n\t\tawait this.dropTriggers(collectionSlug);\n\n\t\t// Drop the FTS table\n\t\tawait sql.raw(`DROP TABLE IF EXISTS \"${ftsTable}\"`).execute(this.db);\n\t}\n\n\t/\n\t Rebuild the FTS index for a collection\n\t \n\t This is useful after bulk imports or if the index gets out of sync.\n\t /\n\tasync rebuildIndex(\n\t\tcollectionSlug: string,\n\t\tsearchableFields: string[],\n\t\tweights?: Record<string, number>,\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\t// Drop existing table and triggers\n\t\tawait this.dropFtsTable(collectionSlug);\n\n\t\t// Recreate table and triggers\n\t\tawait this.createFtsTable(collectionSlug, searchableFields, weights);\n\n\t\t// Populate from existing content\n\t\tawait this.populateFromContent(collectionSlug, searchableFields);\n\t}\n\n\t/\n\t Populate the FTS table from existing content\n\t /\n\tasync populateFromContent(collectionSlug: string, searchableFields: string[]): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fieldList = searchableFields.join(\", \");\n\n\t\t// Insert all existing content into FTS table\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\tSELECT rowid, id, locale, ${fieldList} FROM \"${contentTable}\"\n\t\t\tWHERE deleted_at IS NULL\n\t\t`)\n\t\t\t.execute(this.db);\n\t}\n\n\t/\n\t Get the search configuration for a collection\n\t /\n\tasync getSearchConfig(collectionSlug: string): Promise<SearchConfig \| null> {\n\t\tconst result = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"search_config\")\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!result?.search_config) {\n\t\t\treturn null;\n\t\t}\n\n\t\ttry {\n\t\t\tconst parsed: unknown = JSON.parse(result.search_config);\n\t\t\tif (\n\t\t\t\ttypeof parsed !== \"object\" \|\|\n\t\t\t\tparsed === null \|\|\n\t\t\t\t!(\"enabled\" in parsed) \|\|\n\t\t\t\ttypeof parsed.enabled !== \"boolean\"\n\t\t\t) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst config: SearchConfig = { enabled: parsed.enabled };\n\t\t\tif (\"weights\" in parsed && typeof parsed.weights === \"object\" && parsed.weights !== null) {\n\t\t\t\t// weights is a JSON-parsed object — safe to treat as Record<string, number>\n\t\t\t\tconst weights: Record<string, number> = {};\n\t\t\t\tfor (const [k, v] of Object.entries(parsed.weights)) {\n\t\t\t\t\tif (typeof v === \"number\") {\n\t\t\t\t\t\tweights[k] = v;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tconfig.weights = weights;\n\t\t\t}\n\t\t\treturn config;\n\t\t} catch {\n\t\t\treturn null;\n\t\t}\n\t}\n\n\t/\n\t Update the search configuration for a collection\n\t /\n\tasync setSearchConfig(collectionSlug: string, config: SearchConfig): Promise<void> {\n\t\tawait this.db\n\t\t\t.updateTable(\"_emdash_collections\")\n\t\t\t.set({ search_config: JSON.stringify(config) })\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.execute();\n\t}\n\n\t/\n\t Get searchable fields for a collection\n\t /\n\tasync getSearchableFields(collectionSlug: string): Promise<string[]> {\n\t\tconst collection = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"id\")\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!collection) {\n\t\t\treturn [];\n\t\t}\n\n\t\tconst fields = await this.db\n\t\t\t.selectFrom(\"_emdash_fields\")\n\t\t\t.select(\"slug\")\n\t\t\t.where(\"collection_id\", \"=\", collection.id)\n\t\t\t.where(\"searchable\", \"=\", 1)\n\t\t\t.execute();\n\n\t\treturn fields.map((f) => f.slug);\n\t}\n\n\t/\n\t Enable search for a collection.\n\t \n\t Uses rebuildIndex to ensure a clean state -- drop any existing FTS\n\t * table/triggers, recreate them, and populate from content. This avoids\n\t * duplicate rows when triggers have already populated the index (e.g.\n\t * during seeding where content is inserted before search is enabled).\n\t /\n\tasync enableSearch(\n\t\tcollectionSlug: string,\n\t\toptions?: { weights?: Record<string, number> },\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) {\n\t\t\tthrow new Error(\"Full-text search is only available with SQLite databases\");\n\t\t}\n\t\t// Get searchable fields\n\t\tconst searchableFields = await this.getSearchableFields(collectionSlug);\n\n\t\tif (searchableFields.length === 0) {\n\t\t\tthrow new Error(\n\t\t\t\t`No searchable fields defined for collection \"${collectionSlug}\". ` +\n\t\t\t\t\t`Mark at least one field as searchable before enabling search.`,\n\t\t\t);\n\t\t}\n\n\t\t// Rebuild from scratch to ensure clean state (no duplicate rows)\n\t\tawait this.rebuildIndex(collectionSlug, searchableFields, options?.weights);\n\n\t\t// Update search config\n\t\tawait this.setSearchConfig(collectionSlug, {\n\t\t\tenabled: true,\n\t\t\tweights: options?.weights,\n\t\t});\n\t}\n\n\t/\n\t Disable search for a collection\n\t \n\t Drops the FTS table and triggers.\n\t /\n\tasync disableSearch(collectionSlug: string): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tawait this.dropFtsTable(collectionSlug);\n\t\tconst existing = await this.getSearchConfig(collectionSlug);\n\t\tawait this.setSearchConfig(collectionSlug, { enabled: false, weights: existing?.weights });\n\t}\n\n\t/\n\t Get index statistics for a collection\n\t /\n\tasync getIndexStats(\n\t\tcollectionSlug: string,\n\t): Promise<{ indexed: number; lastRebuilt?: string } \| null> {\n\t\tif (!isSqlite(this.db)) return null;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst ftsDocsizeTable = `${ftsTable}_docsize`;\n\n\t\t// Check if table exists\n\t\tif (!(await this.ftsTableExists(collectionSlug))) {\n\t\t\treturn null;\n\t\t}\n\n\t\t// Count indexed rows\n\t\tconst result = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM \"${sql.raw(ftsDocsizeTable)}\"\n\t\t`.execute(this.db);\n\n\t\treturn {\n\t\t\tindexed: result.rows[0]?.count ?? 0,\n\t\t};\n\t}\n\n\t/*\n\t Verify FTS index integrity and rebuild if drift is detected.\n\t \n\t Cheap belt-and-braces check, run lazily on the first search request\n\t * per isolate. The expensive cases (corrupted indexes from pre-fix\n\t * EmDash versions, broken legacy triggers) are handled at boot time by\n\t * migration `039_fix_fts5_triggers`, not here. This routine sticks to:\n\t \n\t 1. FTS table missing while config says search is enabled -> rebuild.\n\t * 2. Row count mismatch between content table and FTS docsize -> rebuild.\n\t \n\t Returns true if the index was rebuilt, false if it was healthy.\n\t /\n\tasync verifyAndRepairIndex(collectionSlug: string): Promise<boolean> {\n\t\tif (!isSqlite(this.db)) return false;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst ftsDocsizeTable = `${ftsTable}_docsize`;\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fields = await this.getSearchableFields(collectionSlug);\n\t\tconst config = await this.getSearchConfig(collectionSlug);\n\n\t\tif (!(await this.ftsTableExists(collectionSlug))) {\n\t\t\tif (!config?.enabled \|\| fields.length === 0) {\n\t\t\t\treturn false;\n\t\t\t}\n\n\t\t\tconsole.warn(`FTS index for \"${collectionSlug}\" is missing. Rebuilding.`);\n\t\t\tawait this.rebuildIndex(collectionSlug, fields, config.weights);\n\t\t\treturn true;\n\t\t}\n\n\t\t// Row count parity check. For external-content FTS tables, COUNT()\n\t\t// on the virtual table is answered from the backing content table\n\t\t// (including soft-deleted rows), so we use the docsize shadow table\n\t\t// which tracks rows actually present in the full-text index.\n\t\tconst contentCount = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM ${sql.ref(contentTable)}\n\t\t\tWHERE deleted_at IS NULL\n\t\t`.execute(this.db);\n\n\t\tconst ftsCount = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM \"${sql.raw(ftsDocsizeTable)}\"\n\t\t`.execute(this.db);\n\n\t\tconst contentRows = contentCount.rows[0]?.count ?? 0;\n\t\tconst ftsRows = ftsCount.rows[0]?.count ?? 0;\n\n\t\tif (contentRows !== ftsRows) {\n\t\t\tconsole.warn(\n\t\t\t\t`FTS index for \"${collectionSlug}\" has ${ftsRows} rows but content table has ${contentRows}. Rebuilding.`,\n\t\t\t);\n\t\t\tif (fields.length > 0) {\n\t\t\t\tawait this.rebuildIndex(collectionSlug, fields, config?.weights);\n\t\t\t}\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t}\n\n\t/*\n\t Verify and repair FTS indexes for all search-enabled collections.\n\t \n\t Intended to run at startup to auto-heal any corruption from\n\t * previous process crashes.\n\t */\n\tasync verifyAndRepairAll(): Promise<number> {\n\t\tif (!isSqlite(this.db)) return 0;\n\n\t\tconst collections = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"slug\")\n\t\t\t.where(\"search_config\", \"is not\", null)\n\t\t\t.execute();\n\n\t\tlet repaired = 0;\n\t\tfor (const { slug } of collections) {\n\t\t\tconst config = await this.getSearchConfig(slug);\n\t\t\tif (!config?.enabled) continue;\n\n\t\t\ttry {\n\t\t\t\tconst wasRepaired = await this.verifyAndRepairIndex(slug);\n\t\t\t\tif (wasRepaired) repaired++;\n\t\t\t} catch (error) {\n\t\t\t\tconsole.error(`Failed to verify/repair FTS index for \"${slug}\":`, error);\n\t\t\t}\n\t\t}\n\n\t\treturn repaired;\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;AAoBA,IAAa,aAAb,MAAwB;CACvB,YAAY,AAAQ,IAAsB;EAAtB;;;;;;CAMpB,AAAQ,eAAe,gBAAwB,kBAAmC;AACjF,qBAAmB,gBAAgB,kBAAkB;AACrD,MAAI,iBACH,MAAK,MAAM,SAAS,iBACnB,oBAAmB,OAAO,wBAAwB;;;;;;CASrD,gBAAgB,gBAAgC;AAC/C,qBAAmB,gBAAgB,kBAAkB;AACrD,SAAO,eAAe;;;;;CAMvB,oBAAoB,gBAAgC;AACnD,qBAAmB,gBAAgB,kBAAkB;AACrD,SAAO,MAAM;;;;;CAMd,MAAM,eAAe,gBAA0C;EAC9D,MAAM,WAAW,KAAK,gBAAgB,eAAe;AACrD,SAAOA,YAAmB,KAAK,IAAI,SAAS;;;;;;;;;;CAW7C,MAAM,eACL,gBACA,kBACA,UACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,gBAAgB,iBAAiB;EACrD,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAI7D,MAAM,UAAU;GAAC;GAAgB;GAAoB,GAAG;GAAiB,CAAC,KAAK,KAAK;AAUpF,QAAM,IACJ,IAAI;yCACiC,SAAS;MAC5C,QAAQ;eACC,aAAa;;;;IAIxB,CACA,QAAQ,KAAK,GAAG;AAGlB,QAAM,KAAK,eAAe,gBAAgB,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqC5D,MAAc,eAAe,gBAAwB,kBAA2C;AAC/F,OAAK,eAAe,gBAAgB,iBAAiB;AACrD,MAAI,iBAAiB,WAAW,EAC/B,OAAM,IAAI,MACT,8CAA8C,eAAe,wFAE7D;EAEF,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,YAAY,iBAAiB,KAAK,KAAK;EAC7C,MAAM,eAAe,iBAAiB,KAAK,MAAM,OAAO,IAAI,CAAC,KAAK,KAAK;EAKvE,MAAM,eAAe,iBAAiB,KAAK,MAAM,OAAO,IAAI,CAAC,KAAK,KAAK;AAGvE,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;;mBAGhB,SAAS,uBAAuB,UAAU;6CAChB,aAAa;;IAEtD,CACA,QAAQ,KAAK,GAAG;AAYlB,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;mBAEhB,SAAS,KAAK,SAAS,wBAAwB,UAAU;sDACtB,aAAa;;mBAEhD,SAAS,uBAAuB,UAAU;4CACjB,aAAa;;;IAGrD,CACA,QAAQ,KAAK,GAAG;AAMlB,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;mBAEhB,SAAS,KAAK,SAAS,wBAAwB,UAAU;sDACtB,aAAa;;;IAG/D,CACA,QAAQ,KAAK,GAAG;;;;;CAMnB,MAAc,aAAa,gBAAuC;AACjE,OAAK,eAAe,eAAe;EACnC,MAAM,WAAW,KAAK,gBAAgB,eAAe;AAErD,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;AAC7E,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;AAC7E,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;;;;;CAM9E,MAAM,aAAa,gBAAuC;AACzD,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,eAAe;EACnC,MAAM,WAAW,KAAK,gBAAgB,eAAe;AAGrD,QAAM,KAAK,aAAa,eAAe;AAGvC,QAAM,IAAI,IAAI,yBAAyB,SAAS,GAAG,CAAC,QAAQ,KAAK,GAAG;;;;;;;CAQrE,MAAM,aACL,gBACA,kBACA,SACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AAExB,QAAM,KAAK,aAAa,eAAe;AAGvC,QAAM,KAAK,eAAe,gBAAgB,kBAAkB,QAAQ;AAGpE,QAAM,KAAK,oBAAoB,gBAAgB,iBAAiB;;;;;CAMjE,MAAM,oBAAoB,gBAAwB,kBAA2C;AAC5F,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,gBAAgB,iBAAiB;EACrD,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,YAAY,iBAAiB,KAAK,KAAK;AAG7C,QAAM,IACJ,IAAI;kBACU,SAAS,uBAAuB,UAAU;+BAC7B,UAAU,SAAS,aAAa;;IAE3D,CACA,QAAQ,KAAK,GAAG;;;;;CAMnB,MAAM,gBAAgB,gBAAsD;EAC3E,MAAM,SAAS,MAAM,KAAK,GACxB,WAAW,sBAAsB,CACjC,OAAO,gBAAgB,CACvB,MAAM,QAAQ,KAAK,eAAe,CAClC,kBAAkB;AAEpB,MAAI,CAAC,QAAQ,cACZ,QAAO;AAGR,MAAI;GACH,MAAM,SAAkB,KAAK,MAAM,OAAO,cAAc;AACxD,OACC,OAAO,WAAW,YAClB,WAAW,QACX,EAAE,aAAa,WACf,OAAO,OAAO,YAAY,UAE1B,QAAO;GAER,MAAM,SAAuB,EAAE,SAAS,OAAO,SAAS;AACxD,OAAI,aAAa,UAAU,OAAO,OAAO,YAAY,YAAY,OAAO,YAAY,MAAM;IAEzF,MAAM,UAAkC,EAAE;AAC1C,SAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,OAAO,QAAQ,CAClD,KAAI,OAAO,MAAM,SAChB,SAAQ,KAAK;AAGf,WAAO,UAAU;;AAElB,UAAO;UACA;AACP,UAAO;;;;;;CAOT,MAAM,gBAAgB,gBAAwB,QAAqC;AAClF,QAAM,KAAK,GACT,YAAY,sBAAsB,CAClC,IAAI,EAAE,eAAe,KAAK,UAAU,OAAO,EAAE,CAAC,CAC9C,MAAM,QAAQ,KAAK,eAAe,CAClC,SAAS;;;;;CAMZ,MAAM,oBAAoB,gBAA2C;EACpE,MAAM,aAAa,MAAM,KAAK,GAC5B,WAAW,sBAAsB,CACjC,OAAO,KAAK,CACZ,MAAM,QAAQ,KAAK,eAAe,CAClC,kBAAkB;AAEpB,MAAI,CAAC,WACJ,QAAO,EAAE;AAUV,UAPe,MAAM,KAAK,GACxB,WAAW,iBAAiB,CAC5B,OAAO,OAAO,CACd,MAAM,iBAAiB,KAAK,WAAW,GAAG,CAC1C,MAAM,cAAc,KAAK,EAAE,CAC3B,SAAS,EAEG,KAAK,MAAM,EAAE,KAAK;;;;;;;;;;CAWjC,MAAM,aACL,gBACA,SACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CACrB,OAAM,IAAI,MAAM,2DAA2D;EAG5E,MAAM,mBAAmB,MAAM,KAAK,oBAAoB,eAAe;AAEvE,MAAI,iBAAiB,WAAW,EAC/B,OAAM,IAAI,MACT,gDAAgD,eAAe,kEAE/D;AAIF,QAAM,KAAK,aAAa,gBAAgB,kBAAkB,SAAS,QAAQ;AAG3E,QAAM,KAAK,gBAAgB,gBAAgB;GAC1C,SAAS;GACT,SAAS,SAAS;GAClB,CAAC;;;;;;;CAQH,MAAM,cAAc,gBAAuC;AAC1D,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,QAAM,KAAK,aAAa,eAAe;EACvC,MAAM,WAAW,MAAM,KAAK,gBAAgB,eAAe;AAC3D,QAAM,KAAK,gBAAgB,gBAAgB;GAAE,SAAS;GAAO,SAAS,UAAU;GAAS,CAAC;;;;;CAM3F,MAAM,cACL,gBAC4D;AAC5D,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;AAC/B,OAAK,eAAe,eAAe;EAEnC,MAAM,kBAAkB,GADP,KAAK,gBAAgB,eAAe,CACjB;AAGpC,MAAI,CAAE,MAAM,KAAK,eAAe,eAAe,CAC9C,QAAO;AAQR,SAAO,EACN,UALc,MAAM,GAAsB;oCACT,IAAI,IAAI,gBAAgB,CAAC;IACzD,QAAQ,KAAK,GAAG,EAGD,KAAK,IAAI,SAAS,GAClC;;;;;;;;;;;;;;;CAgBF,MAAM,qBAAqB,gBAA0C;AACpE,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;AAC/B,OAAK,eAAe,eAAe;EAEnC,MAAM,kBAAkB,GADP,KAAK,gBAAgB,eAAe,CACjB;EACpC,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,SAAS,MAAM,KAAK,oBAAoB,eAAe;EAC7D,MAAM,SAAS,MAAM,KAAK,gBAAgB,eAAe;AAEzD,MAAI,CAAE,MAAM,KAAK,eAAe,eAAe,EAAG;AACjD,OAAI,CAAC,QAAQ,WAAW,OAAO,WAAW,EACzC,QAAO;AAGR,WAAQ,KAAK,kBAAkB,eAAe,2BAA2B;AACzE,SAAM,KAAK,aAAa,gBAAgB,QAAQ,OAAO,QAAQ;AAC/D,UAAO;;EAOR,MAAM,eAAe,MAAM,GAAsB;mCAChB,IAAI,IAAI,aAAa,CAAC;;IAErD,QAAQ,KAAK,GAAG;EAElB,MAAM,WAAW,MAAM,GAAsB;oCACX,IAAI,IAAI,gBAAgB,CAAC;IACzD,QAAQ,KAAK,GAAG;EAElB,MAAM,cAAc,aAAa,KAAK,IAAI,SAAS;EACnD,MAAM,UAAU,SAAS,KAAK,IAAI,SAAS;AAE3C,MAAI,gBAAgB,SAAS;AAC5B,WAAQ,KACP,kBAAkB,eAAe,QAAQ,QAAQ,8BAA8B,YAAY,eAC3F;AACD,OAAI,OAAO,SAAS,EACnB,OAAM,KAAK,aAAa,gBAAgB,QAAQ,QAAQ,QAAQ;AAEjE,UAAO;;AAGR,SAAO;;;;;;;;CASR,MAAM,qBAAsC;AAC3C,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;EAE/B,MAAM,cAAc,MAAM,KAAK,GAC7B,WAAW,sBAAsB,CACjC,OAAO,OAAO,CACd,MAAM,iBAAiB,UAAU,KAAK,CACtC,SAAS;EAEX,IAAI,WAAW;AACf,OAAK,MAAM,EAAE,UAAU,aAAa;AAEnC,OAAI,EADW,MAAM,KAAK,gBAAgB,KAAK,GAClC,QAAS;AAEtB,OAAI;AAEH,QADoB,MAAM,KAAK,qBAAqB,KAAK,CACxC;YACT,OAAO;AACf,YAAQ,MAAM,0CAA0C,KAAK,KAAK,MAAM;;;AAI1E,SAAO"}
1	+ {"version":3,"file":"fts-manager-1RgHmopc.mjs","names":["dialectTableExists"],"sources":["../src/search/fts-manager.ts"],"sourcesContent":["/*\n FTS5 Manager\n \n Manages FTS5 virtual tables and triggers for search indexing.\n /\n\nimport type { Kysely } from \"kysely\";\nimport { sql } from \"kysely\";\n\nimport { isSqlite, tableExists as dialectTableExists } from \"../database/dialect-helpers.js\";\nimport type { Database } from \"../database/types.js\";\nimport { validateIdentifier } from \"../database/validate.js\";\nimport type { SearchConfig } from \"./types.js\";\n\n/\n FTS5 Manager\n \n Handles creation, deletion, and management of FTS5 virtual tables\n * for full-text search on content collections.\n /\nexport class FTSManager {\n\tconstructor(private db: Kysely<Database>) {}\n\n\t/\n\t Validate a collection slug and its searchable field names.\n\t * Must be called before any raw SQL interpolation.\n\t /\n\tprivate validateInputs(collectionSlug: string, searchableFields?: string[]): void {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\tif (searchableFields) {\n\t\t\tfor (const field of searchableFields) {\n\t\t\t\tvalidateIdentifier(field, \"searchable field name\");\n\t\t\t}\n\t\t}\n\t}\n\n\t/\n\t Get the FTS table name for a collection\n\t * Uses _emdash_ prefix to clearly mark as internal/system table\n\t /\n\tgetFtsTableName(collectionSlug: string): string {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\treturn `_emdash_fts_${collectionSlug}`;\n\t}\n\n\t/\n\t Get the content table name for a collection\n\t /\n\tgetContentTableName(collectionSlug: string): string {\n\t\tvalidateIdentifier(collectionSlug, \"collection slug\");\n\t\treturn `ec_${collectionSlug}`;\n\t}\n\n\t/\n\t Check if an FTS table exists for a collection\n\t /\n\tasync ftsTableExists(collectionSlug: string): Promise<boolean> {\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\treturn dialectTableExists(this.db, ftsTable);\n\t}\n\n\t/\n\t Create an FTS5 virtual table for a collection.\n\t * FTS5 is SQLite-only; on other dialects this is a no-op.\n\t \n\t @param collectionSlug - The collection slug\n\t * @param searchableFields - Array of field names to index\n\t * @param weights - Optional field weights for ranking\n\t /\n\tasync createFtsTable(\n\t\tcollectionSlug: string,\n\t\tsearchableFields: string[],\n\t\t_weights?: Record<string, number>,\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\n\t\t// Build the column list for FTS5\n\t\t// id and locale are UNINDEXED (used for joining/filtering, not searched)\n\t\tconst columns = [\"id UNINDEXED\", \"locale UNINDEXED\", ...searchableFields].join(\", \");\n\n\t\t// Create the FTS5 virtual table.\n\t\t// `content='<table>'` makes this an external content* FTS5 table:\n\t\t// the inverted index lives in the FTS shadow tables, but the actual\n\t\t// row data lives in the backing content table. The triggers in\n\t\t// `createTriggers` keep the index in sync; they MUST use the\n\t\t// external-content-safe `'delete'` command (see notes there) to\n\t\t// avoid `SQLITE_CORRUPT_VTAB` on UPDATE/DELETE.\n\t\t// tokenize='porter unicode61' enables stemming (run matches running, ran, etc.)\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE VIRTUAL TABLE IF NOT EXISTS \"${ftsTable}\" USING fts5(\n\t\t\t\t${columns},\n\t\t\t\tcontent='${contentTable}',\n\t\t\t\tcontent_rowid='rowid',\n\t\t\t\ttokenize='porter unicode61'\n\t\t\t)\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Create triggers for automatic sync\n\t\tawait this.createTriggers(collectionSlug, searchableFields);\n\t}\n\n\t/*\n\t Create triggers to keep FTS table in sync with content table.\n\t \n\t The insert and update triggers only add rows to the FTS index when\n\t * `deleted_at IS NULL`. This keeps soft-deleted content out of the\n\t * search index and ensures the FTS row count matches the non-deleted\n\t * content count (which `verifyAndRepairIndex` relies on).\n\t \n\t IMPORTANT: The FTS5 virtual table is created with `content='ec_<slug>'`\n\t * which makes it an external content FTS5 table. For external-content\n\t * tables, removing a row must use the documented `'delete'` command and\n\t * supply the OLD column values explicitly, e.g.:\n\t \n\t INSERT INTO fts(fts, rowid, col1, col2)\n\t * VALUES('delete', OLD.rowid, OLD.col1, OLD.col2);\n\t \n\t Using `DELETE FROM fts WHERE rowid = OLD.rowid` is the correct form\n\t * for contentless tables but is unsafe for external-content tables:\n\t * FTS5 then reads column values from the backing content table, which\n\t * in an AFTER UPDATE trigger already holds the NEW values. The wrong\n\t * tokens get removed and the inverted index drifts out of sync until\n\t * SQLite raises `SQLITE_CORRUPT_VTAB` on the next mutation. See\n\t * https://www.sqlite.org/fts5.html#external_content_tables.\n\t \n\t The UPDATE and DELETE triggers gate the `'delete'` on\n\t * `OLD.deleted_at IS NULL` because the INSERT trigger never indexed\n\t * rows that were already soft-deleted. Issuing `'delete'` for a rowid\n\t * that was never inserted into the FTS index is itself a corruption\n\t * trigger -- FTS5's `'delete'` is not a no-op on missing rowids and\n\t * raises `SQLITE_CORRUPT_VTAB`. Affected paths include restore-from-\n\t * trash (UPDATE where `OLD.deleted_at IS NOT NULL`), permanent-delete\n\t * from trash (DELETE on a soft-deleted row), and any edit on a row\n\t * that's currently in the trash.\n\t /\n\tprivate async createTriggers(collectionSlug: string, searchableFields: string[]): Promise<void> {\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tif (searchableFields.length === 0) {\n\t\t\tthrow new Error(\n\t\t\t\t`Cannot create FTS triggers for collection \"${collectionSlug}\": no searchable fields. ` +\n\t\t\t\t\t`Mark at least one field as searchable before enabling search.`,\n\t\t\t);\n\t\t}\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fieldList = searchableFields.join(\", \");\n\t\tconst newFieldList = searchableFields.map((f) => `NEW.${f}`).join(\", \");\n\t\t// `'delete'` takes the FTS5 virtual table name as the first column,\n\t\t// then the rowid being removed, then the OLD value of every column\n\t\t// declared on the FTS5 table (in declaration order: id, locale,\n\t\t// then each searchable field).\n\t\tconst oldFieldList = searchableFields.map((f) => `OLD.${f}`).join(\", \");\n\n\t\t// Insert trigger - only index non-deleted content\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_insert\" \n\t\t\tAFTER INSERT ON \"${contentTable}\" \n\t\t\tWHEN NEW.deleted_at IS NULL\n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\t\tVALUES (NEW.rowid, NEW.id, NEW.locale, ${newFieldList});\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Update trigger - remove the old row from the FTS index using the\n\t\t// external-content-safe `'delete'` command (which uses OLD column\n\t\t// values, captured before the row was modified), then re-insert\n\t\t// the new values when the row is still visible.\n\t\t//\n\t\t// `'delete'` is gated on `OLD.deleted_at IS NULL` because rows that\n\t\t// were soft-deleted are not in the FTS index (the INSERT trigger\n\t\t// skips them). Issuing `'delete'` for a missing rowid raises\n\t\t// `SQLITE_CORRUPT_VTAB`, which would break restore-from-trash and\n\t\t// edits to soft-deleted rows.\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_update\" \n\t\t\tAFTER UPDATE ON \"${contentTable}\" \n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(\"${ftsTable}\", rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT 'delete', OLD.rowid, OLD.id, OLD.locale, ${oldFieldList}\n\t\t\t\tWHERE OLD.deleted_at IS NULL;\n\t\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT NEW.rowid, NEW.id, NEW.locale, ${newFieldList}\n\t\t\t\tWHERE NEW.deleted_at IS NULL;\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\n\t\t// Delete trigger - same external-content-safe `'delete'` form,\n\t\t// gated on `OLD.deleted_at IS NULL` for the same reason as the\n\t\t// UPDATE trigger: permanent-delete from trash hits a row whose\n\t\t// `deleted_at` is already set and which was never indexed.\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tCREATE TRIGGER IF NOT EXISTS \"${ftsTable}_delete\" \n\t\t\tAFTER DELETE ON \"${contentTable}\" \n\t\t\tBEGIN\n\t\t\t\tINSERT INTO \"${ftsTable}\"(\"${ftsTable}\", rowid, id, locale, ${fieldList})\n\t\t\t\tSELECT 'delete', OLD.rowid, OLD.id, OLD.locale, ${oldFieldList}\n\t\t\t\tWHERE OLD.deleted_at IS NULL;\n\t\t\tEND\n\t\t`)\n\t\t\t.execute(this.db);\n\t}\n\n\t/\n\t Drop triggers for a collection\n\t /\n\tprivate async dropTriggers(collectionSlug: string): Promise<void> {\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_insert\"`).execute(this.db);\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_update\"`).execute(this.db);\n\t\tawait sql.raw(`DROP TRIGGER IF EXISTS \"${ftsTable}_delete\"`).execute(this.db);\n\t}\n\n\t/\n\t Drop the FTS table and triggers for a collection\n\t /\n\tasync dropFtsTable(collectionSlug: string): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\n\t\t// Drop triggers first\n\t\tawait this.dropTriggers(collectionSlug);\n\n\t\t// Drop the FTS table\n\t\tawait sql.raw(`DROP TABLE IF EXISTS \"${ftsTable}\"`).execute(this.db);\n\t}\n\n\t/\n\t Rebuild the FTS index for a collection\n\t \n\t This is useful after bulk imports or if the index gets out of sync.\n\t /\n\tasync rebuildIndex(\n\t\tcollectionSlug: string,\n\t\tsearchableFields: string[],\n\t\tweights?: Record<string, number>,\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\t// Drop existing table and triggers\n\t\tawait this.dropFtsTable(collectionSlug);\n\n\t\t// Recreate table and triggers\n\t\tawait this.createFtsTable(collectionSlug, searchableFields, weights);\n\n\t\t// Populate from existing content\n\t\tawait this.populateFromContent(collectionSlug, searchableFields);\n\t}\n\n\t/\n\t Populate the FTS table from existing content\n\t /\n\tasync populateFromContent(collectionSlug: string, searchableFields: string[]): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tthis.validateInputs(collectionSlug, searchableFields);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fieldList = searchableFields.join(\", \");\n\n\t\t// Insert all existing content into FTS table\n\t\tawait sql\n\t\t\t.raw(`\n\t\t\tINSERT INTO \"${ftsTable}\"(rowid, id, locale, ${fieldList})\n\t\t\tSELECT rowid, id, locale, ${fieldList} FROM \"${contentTable}\"\n\t\t\tWHERE deleted_at IS NULL\n\t\t`)\n\t\t\t.execute(this.db);\n\t}\n\n\t/\n\t Get the search configuration for a collection\n\t /\n\tasync getSearchConfig(collectionSlug: string): Promise<SearchConfig \| null> {\n\t\tconst result = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"search_config\")\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!result?.search_config) {\n\t\t\treturn null;\n\t\t}\n\n\t\ttry {\n\t\t\tconst parsed: unknown = JSON.parse(result.search_config);\n\t\t\tif (\n\t\t\t\ttypeof parsed !== \"object\" \|\|\n\t\t\t\tparsed === null \|\|\n\t\t\t\t!(\"enabled\" in parsed) \|\|\n\t\t\t\ttypeof parsed.enabled !== \"boolean\"\n\t\t\t) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst config: SearchConfig = { enabled: parsed.enabled };\n\t\t\tif (\"weights\" in parsed && typeof parsed.weights === \"object\" && parsed.weights !== null) {\n\t\t\t\t// weights is a JSON-parsed object — safe to treat as Record<string, number>\n\t\t\t\tconst weights: Record<string, number> = {};\n\t\t\t\tfor (const [k, v] of Object.entries(parsed.weights)) {\n\t\t\t\t\tif (typeof v === \"number\") {\n\t\t\t\t\t\tweights[k] = v;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tconfig.weights = weights;\n\t\t\t}\n\t\t\treturn config;\n\t\t} catch {\n\t\t\treturn null;\n\t\t}\n\t}\n\n\t/\n\t Update the search configuration for a collection\n\t /\n\tasync setSearchConfig(collectionSlug: string, config: SearchConfig): Promise<void> {\n\t\tawait this.db\n\t\t\t.updateTable(\"_emdash_collections\")\n\t\t\t.set({ search_config: JSON.stringify(config) })\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.execute();\n\t}\n\n\t/\n\t Get searchable fields for a collection\n\t /\n\tasync getSearchableFields(collectionSlug: string): Promise<string[]> {\n\t\tconst collection = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"id\")\n\t\t\t.where(\"slug\", \"=\", collectionSlug)\n\t\t\t.executeTakeFirst();\n\n\t\tif (!collection) {\n\t\t\treturn [];\n\t\t}\n\n\t\tconst fields = await this.db\n\t\t\t.selectFrom(\"_emdash_fields\")\n\t\t\t.select(\"slug\")\n\t\t\t.where(\"collection_id\", \"=\", collection.id)\n\t\t\t.where(\"searchable\", \"=\", 1)\n\t\t\t.execute();\n\n\t\treturn fields.map((f) => f.slug);\n\t}\n\n\t/\n\t Enable search for a collection.\n\t \n\t Uses rebuildIndex to ensure a clean state -- drop any existing FTS\n\t * table/triggers, recreate them, and populate from content. This avoids\n\t * duplicate rows when triggers have already populated the index (e.g.\n\t * during seeding where content is inserted before search is enabled).\n\t /\n\tasync enableSearch(\n\t\tcollectionSlug: string,\n\t\toptions?: { weights?: Record<string, number> },\n\t): Promise<void> {\n\t\tif (!isSqlite(this.db)) {\n\t\t\tthrow new Error(\"Full-text search is only available with SQLite databases\");\n\t\t}\n\t\t// Get searchable fields\n\t\tconst searchableFields = await this.getSearchableFields(collectionSlug);\n\n\t\tif (searchableFields.length === 0) {\n\t\t\tthrow new Error(\n\t\t\t\t`No searchable fields defined for collection \"${collectionSlug}\". ` +\n\t\t\t\t\t`Mark at least one field as searchable before enabling search.`,\n\t\t\t);\n\t\t}\n\n\t\t// Rebuild from scratch to ensure clean state (no duplicate rows)\n\t\tawait this.rebuildIndex(collectionSlug, searchableFields, options?.weights);\n\n\t\t// Update search config\n\t\tawait this.setSearchConfig(collectionSlug, {\n\t\t\tenabled: true,\n\t\t\tweights: options?.weights,\n\t\t});\n\t}\n\n\t/\n\t Disable search for a collection\n\t \n\t Drops the FTS table and triggers.\n\t /\n\tasync disableSearch(collectionSlug: string): Promise<void> {\n\t\tif (!isSqlite(this.db)) return;\n\t\tawait this.dropFtsTable(collectionSlug);\n\t\tconst existing = await this.getSearchConfig(collectionSlug);\n\t\tawait this.setSearchConfig(collectionSlug, { enabled: false, weights: existing?.weights });\n\t}\n\n\t/\n\t Get index statistics for a collection\n\t /\n\tasync getIndexStats(\n\t\tcollectionSlug: string,\n\t): Promise<{ indexed: number; lastRebuilt?: string } \| null> {\n\t\tif (!isSqlite(this.db)) return null;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst ftsDocsizeTable = `${ftsTable}_docsize`;\n\n\t\t// Check if table exists\n\t\tif (!(await this.ftsTableExists(collectionSlug))) {\n\t\t\treturn null;\n\t\t}\n\n\t\t// Count indexed rows\n\t\tconst result = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM \"${sql.raw(ftsDocsizeTable)}\"\n\t\t`.execute(this.db);\n\n\t\treturn {\n\t\t\tindexed: result.rows[0]?.count ?? 0,\n\t\t};\n\t}\n\n\t/*\n\t Verify FTS index integrity and rebuild if drift is detected.\n\t \n\t Cheap belt-and-braces check, run lazily on the first search request\n\t * per isolate. The expensive cases (corrupted indexes from pre-fix\n\t * EmDash versions, broken legacy triggers) are handled at boot time by\n\t * migration `039_fix_fts5_triggers`, not here. This routine sticks to:\n\t \n\t 1. FTS table missing while config says search is enabled -> rebuild.\n\t * 2. Row count mismatch between content table and FTS docsize -> rebuild.\n\t \n\t Returns true if the index was rebuilt, false if it was healthy.\n\t /\n\tasync verifyAndRepairIndex(collectionSlug: string): Promise<boolean> {\n\t\tif (!isSqlite(this.db)) return false;\n\t\tthis.validateInputs(collectionSlug);\n\t\tconst ftsTable = this.getFtsTableName(collectionSlug);\n\t\tconst ftsDocsizeTable = `${ftsTable}_docsize`;\n\t\tconst contentTable = this.getContentTableName(collectionSlug);\n\t\tconst fields = await this.getSearchableFields(collectionSlug);\n\t\tconst config = await this.getSearchConfig(collectionSlug);\n\n\t\tif (!(await this.ftsTableExists(collectionSlug))) {\n\t\t\tif (!config?.enabled \|\| fields.length === 0) {\n\t\t\t\treturn false;\n\t\t\t}\n\n\t\t\tconsole.warn(`FTS index for \"${collectionSlug}\" is missing. Rebuilding.`);\n\t\t\tawait this.rebuildIndex(collectionSlug, fields, config.weights);\n\t\t\treturn true;\n\t\t}\n\n\t\t// Row count parity check. For external-content FTS tables, COUNT()\n\t\t// on the virtual table is answered from the backing content table\n\t\t// (including soft-deleted rows), so we use the docsize shadow table\n\t\t// which tracks rows actually present in the full-text index.\n\t\tconst contentCount = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM ${sql.ref(contentTable)}\n\t\t\tWHERE deleted_at IS NULL\n\t\t`.execute(this.db);\n\n\t\tconst ftsCount = await sql<{ count: number }>`\n\t\t\tSELECT COUNT() as count FROM \"${sql.raw(ftsDocsizeTable)}\"\n\t\t`.execute(this.db);\n\n\t\tconst contentRows = contentCount.rows[0]?.count ?? 0;\n\t\tconst ftsRows = ftsCount.rows[0]?.count ?? 0;\n\n\t\tif (contentRows !== ftsRows) {\n\t\t\tconsole.warn(\n\t\t\t\t`FTS index for \"${collectionSlug}\" has ${ftsRows} rows but content table has ${contentRows}. Rebuilding.`,\n\t\t\t);\n\t\t\tif (fields.length > 0) {\n\t\t\t\tawait this.rebuildIndex(collectionSlug, fields, config?.weights);\n\t\t\t}\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t}\n\n\t/*\n\t Verify and repair FTS indexes for all search-enabled collections.\n\t \n\t Intended to run at startup to auto-heal any corruption from\n\t * previous process crashes.\n\t */\n\tasync verifyAndRepairAll(): Promise<number> {\n\t\tif (!isSqlite(this.db)) return 0;\n\n\t\tconst collections = await this.db\n\t\t\t.selectFrom(\"_emdash_collections\")\n\t\t\t.select(\"slug\")\n\t\t\t.where(\"search_config\", \"is not\", null)\n\t\t\t.execute();\n\n\t\tlet repaired = 0;\n\t\tfor (const { slug } of collections) {\n\t\t\tconst config = await this.getSearchConfig(slug);\n\t\t\tif (!config?.enabled) continue;\n\n\t\t\ttry {\n\t\t\t\tconst wasRepaired = await this.verifyAndRepairIndex(slug);\n\t\t\t\tif (wasRepaired) repaired++;\n\t\t\t} catch (error) {\n\t\t\t\tconsole.error(`Failed to verify/repair FTS index for \"${slug}\":`, error);\n\t\t\t}\n\t\t}\n\n\t\treturn repaired;\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;AAoBA,IAAa,aAAb,MAAwB;CACvB,YAAY,AAAQ,IAAsB;EAAtB;;;;;;CAMpB,AAAQ,eAAe,gBAAwB,kBAAmC;AACjF,qBAAmB,gBAAgB,kBAAkB;AACrD,MAAI,iBACH,MAAK,MAAM,SAAS,iBACnB,oBAAmB,OAAO,wBAAwB;;;;;;CASrD,gBAAgB,gBAAgC;AAC/C,qBAAmB,gBAAgB,kBAAkB;AACrD,SAAO,eAAe;;;;;CAMvB,oBAAoB,gBAAgC;AACnD,qBAAmB,gBAAgB,kBAAkB;AACrD,SAAO,MAAM;;;;;CAMd,MAAM,eAAe,gBAA0C;EAC9D,MAAM,WAAW,KAAK,gBAAgB,eAAe;AACrD,SAAOA,YAAmB,KAAK,IAAI,SAAS;;;;;;;;;;CAW7C,MAAM,eACL,gBACA,kBACA,UACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,gBAAgB,iBAAiB;EACrD,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAI7D,MAAM,UAAU;GAAC;GAAgB;GAAoB,GAAG;GAAiB,CAAC,KAAK,KAAK;AAUpF,QAAM,IACJ,IAAI;yCACiC,SAAS;MAC5C,QAAQ;eACC,aAAa;;;;IAIxB,CACA,QAAQ,KAAK,GAAG;AAGlB,QAAM,KAAK,eAAe,gBAAgB,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqC5D,MAAc,eAAe,gBAAwB,kBAA2C;AAC/F,OAAK,eAAe,gBAAgB,iBAAiB;AACrD,MAAI,iBAAiB,WAAW,EAC/B,OAAM,IAAI,MACT,8CAA8C,eAAe,wFAE7D;EAEF,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,YAAY,iBAAiB,KAAK,KAAK;EAC7C,MAAM,eAAe,iBAAiB,KAAK,MAAM,OAAO,IAAI,CAAC,KAAK,KAAK;EAKvE,MAAM,eAAe,iBAAiB,KAAK,MAAM,OAAO,IAAI,CAAC,KAAK,KAAK;AAGvE,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;;mBAGhB,SAAS,uBAAuB,UAAU;6CAChB,aAAa;;IAEtD,CACA,QAAQ,KAAK,GAAG;AAYlB,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;mBAEhB,SAAS,KAAK,SAAS,wBAAwB,UAAU;sDACtB,aAAa;;mBAEhD,SAAS,uBAAuB,UAAU;4CACjB,aAAa;;;IAGrD,CACA,QAAQ,KAAK,GAAG;AAMlB,QAAM,IACJ,IAAI;mCAC2B,SAAS;sBACtB,aAAa;;mBAEhB,SAAS,KAAK,SAAS,wBAAwB,UAAU;sDACtB,aAAa;;;IAG/D,CACA,QAAQ,KAAK,GAAG;;;;;CAMnB,MAAc,aAAa,gBAAuC;AACjE,OAAK,eAAe,eAAe;EACnC,MAAM,WAAW,KAAK,gBAAgB,eAAe;AAErD,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;AAC7E,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;AAC7E,QAAM,IAAI,IAAI,2BAA2B,SAAS,UAAU,CAAC,QAAQ,KAAK,GAAG;;;;;CAM9E,MAAM,aAAa,gBAAuC;AACzD,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,eAAe;EACnC,MAAM,WAAW,KAAK,gBAAgB,eAAe;AAGrD,QAAM,KAAK,aAAa,eAAe;AAGvC,QAAM,IAAI,IAAI,yBAAyB,SAAS,GAAG,CAAC,QAAQ,KAAK,GAAG;;;;;;;CAQrE,MAAM,aACL,gBACA,kBACA,SACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AAExB,QAAM,KAAK,aAAa,eAAe;AAGvC,QAAM,KAAK,eAAe,gBAAgB,kBAAkB,QAAQ;AAGpE,QAAM,KAAK,oBAAoB,gBAAgB,iBAAiB;;;;;CAMjE,MAAM,oBAAoB,gBAAwB,kBAA2C;AAC5F,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,OAAK,eAAe,gBAAgB,iBAAiB;EACrD,MAAM,WAAW,KAAK,gBAAgB,eAAe;EACrD,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,YAAY,iBAAiB,KAAK,KAAK;AAG7C,QAAM,IACJ,IAAI;kBACU,SAAS,uBAAuB,UAAU;+BAC7B,UAAU,SAAS,aAAa;;IAE3D,CACA,QAAQ,KAAK,GAAG;;;;;CAMnB,MAAM,gBAAgB,gBAAsD;EAC3E,MAAM,SAAS,MAAM,KAAK,GACxB,WAAW,sBAAsB,CACjC,OAAO,gBAAgB,CACvB,MAAM,QAAQ,KAAK,eAAe,CAClC,kBAAkB;AAEpB,MAAI,CAAC,QAAQ,cACZ,QAAO;AAGR,MAAI;GACH,MAAM,SAAkB,KAAK,MAAM,OAAO,cAAc;AACxD,OACC,OAAO,WAAW,YAClB,WAAW,QACX,EAAE,aAAa,WACf,OAAO,OAAO,YAAY,UAE1B,QAAO;GAER,MAAM,SAAuB,EAAE,SAAS,OAAO,SAAS;AACxD,OAAI,aAAa,UAAU,OAAO,OAAO,YAAY,YAAY,OAAO,YAAY,MAAM;IAEzF,MAAM,UAAkC,EAAE;AAC1C,SAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,OAAO,QAAQ,CAClD,KAAI,OAAO,MAAM,SAChB,SAAQ,KAAK;AAGf,WAAO,UAAU;;AAElB,UAAO;UACA;AACP,UAAO;;;;;;CAOT,MAAM,gBAAgB,gBAAwB,QAAqC;AAClF,QAAM,KAAK,GACT,YAAY,sBAAsB,CAClC,IAAI,EAAE,eAAe,KAAK,UAAU,OAAO,EAAE,CAAC,CAC9C,MAAM,QAAQ,KAAK,eAAe,CAClC,SAAS;;;;;CAMZ,MAAM,oBAAoB,gBAA2C;EACpE,MAAM,aAAa,MAAM,KAAK,GAC5B,WAAW,sBAAsB,CACjC,OAAO,KAAK,CACZ,MAAM,QAAQ,KAAK,eAAe,CAClC,kBAAkB;AAEpB,MAAI,CAAC,WACJ,QAAO,EAAE;AAUV,UAPe,MAAM,KAAK,GACxB,WAAW,iBAAiB,CAC5B,OAAO,OAAO,CACd,MAAM,iBAAiB,KAAK,WAAW,GAAG,CAC1C,MAAM,cAAc,KAAK,EAAE,CAC3B,SAAS,EAEG,KAAK,MAAM,EAAE,KAAK;;;;;;;;;;CAWjC,MAAM,aACL,gBACA,SACgB;AAChB,MAAI,CAAC,SAAS,KAAK,GAAG,CACrB,OAAM,IAAI,MAAM,2DAA2D;EAG5E,MAAM,mBAAmB,MAAM,KAAK,oBAAoB,eAAe;AAEvE,MAAI,iBAAiB,WAAW,EAC/B,OAAM,IAAI,MACT,gDAAgD,eAAe,kEAE/D;AAIF,QAAM,KAAK,aAAa,gBAAgB,kBAAkB,SAAS,QAAQ;AAG3E,QAAM,KAAK,gBAAgB,gBAAgB;GAC1C,SAAS;GACT,SAAS,SAAS;GAClB,CAAC;;;;;;;CAQH,MAAM,cAAc,gBAAuC;AAC1D,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE;AACxB,QAAM,KAAK,aAAa,eAAe;EACvC,MAAM,WAAW,MAAM,KAAK,gBAAgB,eAAe;AAC3D,QAAM,KAAK,gBAAgB,gBAAgB;GAAE,SAAS;GAAO,SAAS,UAAU;GAAS,CAAC;;;;;CAM3F,MAAM,cACL,gBAC4D;AAC5D,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;AAC/B,OAAK,eAAe,eAAe;EAEnC,MAAM,kBAAkB,GADP,KAAK,gBAAgB,eAAe,CACjB;AAGpC,MAAI,CAAE,MAAM,KAAK,eAAe,eAAe,CAC9C,QAAO;AAQR,SAAO,EACN,UALc,MAAM,GAAsB;oCACT,IAAI,IAAI,gBAAgB,CAAC;IACzD,QAAQ,KAAK,GAAG,EAGD,KAAK,IAAI,SAAS,GAClC;;;;;;;;;;;;;;;CAgBF,MAAM,qBAAqB,gBAA0C;AACpE,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;AAC/B,OAAK,eAAe,eAAe;EAEnC,MAAM,kBAAkB,GADP,KAAK,gBAAgB,eAAe,CACjB;EACpC,MAAM,eAAe,KAAK,oBAAoB,eAAe;EAC7D,MAAM,SAAS,MAAM,KAAK,oBAAoB,eAAe;EAC7D,MAAM,SAAS,MAAM,KAAK,gBAAgB,eAAe;AAEzD,MAAI,CAAE,MAAM,KAAK,eAAe,eAAe,EAAG;AACjD,OAAI,CAAC,QAAQ,WAAW,OAAO,WAAW,EACzC,QAAO;AAGR,WAAQ,KAAK,kBAAkB,eAAe,2BAA2B;AACzE,SAAM,KAAK,aAAa,gBAAgB,QAAQ,OAAO,QAAQ;AAC/D,UAAO;;EAOR,MAAM,eAAe,MAAM,GAAsB;mCAChB,IAAI,IAAI,aAAa,CAAC;;IAErD,QAAQ,KAAK,GAAG;EAElB,MAAM,WAAW,MAAM,GAAsB;oCACX,IAAI,IAAI,gBAAgB,CAAC;IACzD,QAAQ,KAAK,GAAG;EAElB,MAAM,cAAc,aAAa,KAAK,IAAI,SAAS;EACnD,MAAM,UAAU,SAAS,KAAK,IAAI,SAAS;AAE3C,MAAI,gBAAgB,SAAS;AAC5B,WAAQ,KACP,kBAAkB,eAAe,QAAQ,QAAQ,8BAA8B,YAAY,eAC3F;AACD,OAAI,OAAO,SAAS,EACnB,OAAM,KAAK,aAAa,gBAAgB,QAAQ,QAAQ,QAAQ;AAEjE,UAAO;;AAGR,SAAO;;;;;;;;CASR,MAAM,qBAAsC;AAC3C,MAAI,CAAC,SAAS,KAAK,GAAG,CAAE,QAAO;EAE/B,MAAM,cAAc,MAAM,KAAK,GAC7B,WAAW,sBAAsB,CACjC,OAAO,OAAO,CACd,MAAM,iBAAiB,UAAU,KAAK,CACtC,SAAS;EAEX,IAAI,WAAW;AACf,OAAK,MAAM,EAAE,UAAU,aAAa;AAEnC,OAAI,EADW,MAAM,KAAK,gBAAgB,KAAK,GAClC,QAAS;AAEtB,OAAI;AAEH,QADoB,MAAM,KAAK,qBAAqB,KAAK,CACxC;YACT,OAAO;AACf,YAAQ,MAAM,0CAA0C,KAAK,KAAK,MAAM;;;AAI1E,SAAO"}