graphvault-studio 0.1.2 → 0.1.4

package/dist/admin-types.d.ts

@@ -5,17 +5,71 @@ export interface StorageAdminClientOptions {
     storageTarget?: StorageTarget;
     channelCount?: number;
     allowMutations?: boolean;
+    lockTimeoutMs?: number;
+    staleLockTimeoutMs?: number;
+    transactionLog?: "full" | "off";
+}
+export interface AdminStorageHardening {
+    mutationsAllowed: boolean;
+    transactionLog: "full" | "off";
+    writerLock: "enabled";
+    fencingTokens: "used-when-supported";
+    staleLockRecovery: boolean;
 }
 export interface AdminSummary {
     storageDirectory: string;
     transactionId: number;
     currentSnapshot?: string;
     objectCount: number;
+    library: AdminLibraryCompatibility;
     latestTransaction?: TransactionRecord;
     typeDictionary?: TypeDictionary;
+    hardening: AdminStorageHardening;
+    operations: AdminOperationalStatus;
+    productionSafety: AdminProductionSafety;
     verification?: VerificationResult;
     verificationSkipped?: boolean;
 }
+export interface AdminOperationalStatus {
+    transactionLog: "full" | "off";
+    mutationsAllowed: boolean;
+    lockTimeoutMs: number;
+    staleLockTimeoutMs?: number;
+    walPrepareFiles: number;
+    walCommitFiles: number;
+    latestWalTransactionId: number;
+    latestJournalTransactionId: number;
+    publishedTransactionId: number;
+    pendingWalCommits: number;
+    checkedIntegrityHashes?: number;
+    status: "healthy" | "recovery-pending";
+}
+export interface AdminLibraryCompatibility {
+    packageName: "@sprengmeister/graphvault";
+    installedVersion?: string;
+    recommendedVersion: string;
+    status: "ok" | "warning";
+    warnings: string[];
+}
+export type AdminProductionSafetyStatus = "production-ready" | "warning" | "unsafe";
+export type AdminProductionSafetySeverity = "info" | "warning" | "critical";
+export interface AdminProductionSafetyIssue {
+    code: string;
+    severity: AdminProductionSafetySeverity;
+    message: string;
+    recommendation: string;
+}
+export interface AdminProductionSafety {
+    status: AdminProductionSafetyStatus;
+    score: number;
+    summary: string;
+    transactionLog: "full" | "off";
+    mutationsAllowed: boolean;
+    staleLockRecovery: boolean;
+    pendingRecovery: boolean;
+    hashChain: "present" | "missing";
+    issues: AdminProductionSafetyIssue[];
+}
 export interface AdminObjectListItem {
     objectId: string;
     kind: EncodedNode["kind"];
@@ -70,8 +124,12 @@ export interface AdminSearchResult {
 }
 export interface AdminGraph {
     root: EncodedValue;
+    depth?: number;
+    complete?: boolean;
+    rootObjectId?: string;
     nodes: AdminGraphNode[];
     edges: AdminGraphEdge[];
+    truncatedReferences?: AdminSubtreeReference[];
 }
 export interface AdminGraphNode {
     objectId: string;
@@ -83,10 +141,43 @@ export interface AdminGraphEdge {
     to: string;
     path: string;
 }
+export interface AdminSubtreeReference {
+    fromObjectId: string;
+    toObjectId: string;
+    path: string;
+    depth: number;
+}
+export interface AdminSubtree {
+    root: EncodedValue;
+    rootObjectId?: string;
+    transactionId: number;
+    depth: number;
+    complete: boolean;
+    objectIds: string[];
+    nodes: AdminGraphNode[];
+    edges: AdminGraphEdge[];
+    truncatedReferences: AdminSubtreeReference[];
+    envelope: {
+        format: "graphvault";
+        version: 1;
+        createdAt: string;
+        root: EncodedValue;
+        nodes: Record<string, EncodedNode>;
+    };
+}
 export interface AdminMutation {
     objectId: string;
     path: string;
     value: unknown;
+    metadata?: AdminTransactionMetadata;
+}
+export interface AdminTransactionMetadata {
+    actor?: string;
+    reason?: string;
+    source?: string;
+    traceId?: string;
+    tags?: string[];
+    attributes?: Record<string, string | number | boolean | null>;
 }
 export interface AdminMutationPreview {
     objectId: string;

package/dist/admin-ui.js

@@ -45,6 +45,8 @@ export const ADMIN_HTML = `<!doctype html>
     .sidebar-card { display: grid; align-content: start; gap: 8px; padding: 10px; border-radius: 8px; background: rgba(255, 255, 255, 0.06); }
     nav .hint { align-self: end; }
     .row { display: grid; grid-template-columns: minmax(0, 1fr) auto; gap: 8px; }
+    .row-split { grid-template-columns: minmax(0, 1fr) 82px; }
+    .mini-labels { color: #9fb1b9; font-size: 12px; padding: 2px 2px 0; }
     .topbar { min-height: 74px; padding: 16px 24px; display: grid; grid-template-columns: 1fr auto auto; gap: 14px; align-items: center; background: linear-gradient(180deg, #ffffff 0%, #fbfdfd 100%); border-bottom: 1px solid var(--line); }
     .topbar h1 { margin: 0; font-family: "Avenir Next", "SF Pro Display", "Aptos Display", "Inter", ui-sans-serif, system-ui, sans-serif; font-size: 24px; letter-spacing: 0; font-weight: 600; }
     .auth { display: none; grid-template-columns: minmax(160px, 280px) auto; gap: 8px; }
@@ -62,6 +64,7 @@ export const ADMIN_HTML = `<!doctype html>
     .mutation summary { cursor: pointer; font-weight: 600; }
     .mutation[open] { display: grid; gap: 8px; }
     .mutation-grid { display: grid; grid-template-columns: 90px 1fr 1fr 1fr; gap: 8px; }
+    .audit-grid { display: grid; grid-template-columns: repeat(3, minmax(0, 1fr)); gap: 8px; }
     .gvql-box { display: none; padding: 12px 14px; border-bottom: 1px solid var(--line); background: #f8fafb; gap: 8px; }
     .gvql-box.active { display: grid; }
     .gvql-examples { display: flex; flex-wrap: wrap; gap: 6px; }
@@ -115,7 +118,7 @@ export const ADMIN_HTML = `<!doctype html>
       .field-actions { grid-area: actions; justify-content: flex-start; }
     }
     @media (max-width: 980px) {
-      .shell, .kpis, .mutation-grid, .topbar, .fields-head { grid-template-columns: 1fr; }
+      .shell, .kpis, .mutation-grid, .audit-grid, .topbar, .fields-head { grid-template-columns: 1fr; }
       .gvql-actions, .gvql-parameter-row { grid-template-columns: 1fr; }
       nav { grid-template-rows: auto; gap: 10px; padding: 12px; }
       .brand { grid-template-columns: 42px 1fr; padding-bottom: 2px; }
@@ -141,6 +144,7 @@ export const ADMIN_HTML = `<!doctype html>
         <button class="nav-btn" data-view="objects" onclick="showObjects()">Objects</button>
         <button class="nav-btn" data-view="graph" onclick="showGraph()">Graph</button>
         <button class="nav-btn" data-view="gvql" onclick="showGvql()">GVQL</button>
+        <button class="nav-btn" data-view="operations" onclick="showOperations()">Operations</button>
         <button class="nav-btn" data-view="types" onclick="showTypes()">Type Dictionary</button>
         <button class="nav-btn" data-view="transactions" onclick="showTransactions()">Transactions</button>
         <button class="nav-btn" data-view="journal" onclick="showJournal()">Journal</button>
@@ -148,6 +152,9 @@ export const ADMIN_HTML = `<!doctype html>
       </div>
       <div class="sidebar-card">
         <div class="row"><input id="q" placeholder="Search paths, values, types, IDs" /><button onclick="showSearch()">Search</button></div>
+        <div class="row row-split mini-labels"><span>Graph root ID</span><span>Depth</span></div>
+        <div class="row row-split"><input id="graphRoot" placeholder="Graph root object ID" /><input id="graphDepth" type="number" min="0" max="12" value="2" /></div>
+        <button onclick="showGraph()">Load Graph Slice</button>
         <div class="row"><input id="backupPath" placeholder="Backup destination" /><button onclick="runBackup()">Backup</button></div>
         <button onclick="runMaintenance()">Run Maintenance</button>
       </div>
@@ -172,6 +179,11 @@ export const ADMIN_HTML = `<!doctype html>
                 <input id="mvalue" placeholder='New JSON value, e.g. "active"' />
                 <input id="confirmToken" placeholder="Confirm token" />
               </div>
+              <div class="audit-grid">
+                <input id="auditActor" placeholder="Actor, e.g. ops@example.com" />
+                <input id="auditReason" placeholder="Reason for change" />
+                <input id="auditTraceId" placeholder="Trace ID" />
+              </div>
               <div class="actions"><button onclick="preview()">Preview</button><button class="danger" onclick="mutate()">Commit Change</button></div>
             </details>
             <div class="gvql-box" id="gvqlPanel">
@@ -185,6 +197,8 @@ OFFSET 0</textarea>
               <input id="gvqlParams" type="hidden" />
               <div class="gvql-actions">
                 <input id="gvqlConfirmToken" placeholder="Confirm token" />
+                <input id="gvqlAuditActor" placeholder="Actor" />
+                <input id="gvqlAuditReason" placeholder="Reason" />
                 <button onclick="runGvql(true)">Run / Preview</button>
                 <button class="danger" onclick="runGvql(false)">Commit GVQL</button>
               </div>
@@ -223,8 +237,9 @@ OFFSET 0</textarea>
       hierarchy: ['Object Hierarchy', 'Root-first graph view with references you can follow.'],
       overview: ['Storage Overview', 'Health, object count, latest transaction, and current snapshot.'],
       objects: ['Objects', 'Browse graph records with type, preview, and transaction metadata.'],
-      graph: ['Object Graph', 'Click nodes or edges to inspect referenced records.'],
+      graph: ['Object Graph', 'Depth-limited graph slice for large stores and API-style inspection.'],
       gvql: ['GVQL Query', 'Run graph pattern queries and preview batch updates.'],
+      operations: ['Operations', 'Storage hardening, WAL state, and recovery readiness.'],
       types: ['Type Dictionary', 'Registered runtime types and schema metadata.'],
       transactions: ['Transactions', 'Newest commits first.'],
       journal: ['Journal', 'Append-only storage activity log.'],
@@ -308,7 +323,14 @@ OFFSET 0</textarea>
     }
     async function refreshKpis() {
       const summary = await requestJson('/api/summary?verify=false');
-      kpis.innerHTML = kpi('Objects', summary.objectCount) + kpi('Transaction', summary.transactionId) + kpi('Verify', summary.verification ? (summary.verification.ok ? 'OK' : 'FAIL') : 'manual') + kpi('Snapshot', summary.currentSnapshot || '-');
+      const hardening = summary.hardening || {};
+      const ops = summary.operations || {};
+      const library = summary.library || {};
+      const safety = summary.productionSafety || {};
+      const walLabel = (hardening.transactionLog || '-') + (typeof ops.pendingWalCommits === 'number' ? ' / ' + ops.pendingWalCommits + ' pending' : '');
+      const libraryLabel = (library.installedVersion || '-') + (library.status === 'warning' ? ' warning' : '');
+      const safetyLabel = (safety.status || '-') + (typeof safety.score === 'number' ? ' / ' + safety.score : '');
+      kpis.innerHTML = kpi('Objects', summary.objectCount) + kpi('Transaction', summary.transactionId) + kpi('Safety', safetyLabel) + kpi('Library', libraryLabel) + kpi('WAL', walLabel) + kpi('Lock', hardening.writerLock || '-') + kpi('Ops', ops.status || '-') + kpi('Snapshot', summary.currentSnapshot || '-');
       return summary;
     }
     async function showHierarchy() {
@@ -326,6 +348,7 @@ OFFSET 0</textarea>
       show({ root: root.rootObjectId, note: 'Only the visible branch is loaded. Click a row to drill into its children.' });
     }
     async function showObjectWithChildren(id, label, parentPath) {
+      document.getElementById('graphRoot').value = id;
       const record = await apiJson('/api/objects/' + encodeURIComponent(id));
       hierarchyPath = parentPath.concat([{ id, label, record }]);
       renderEditableFields(record);
@@ -345,6 +368,7 @@ OFFSET 0</textarea>
       setRows(rows, 'No children');
     }
     async function showObjectInHierarchyPath(id) {
+      document.getElementById('graphRoot').value = id;
       setView('hierarchy');
       listTitle.textContent = 'Object hierarchy';
       listHint.textContent = 'Search context';
@@ -396,7 +420,20 @@ OFFSET 0</textarea>
       listHint.textContent = 'Overview';
       const summary = await refreshKpis();
       show(summary);
-      setRows(summary.latestTransaction ? [{ columns: ['#' + summary.latestTransaction.transactionId, summary.latestTransaction.mode, summary.latestTransaction.snapshotFile, summary.latestTransaction.objectIds.length + ' ids'], onclick: () => show(summary.latestTransaction) }] : [], 'No transactions yet');
+      const rows = [];
+      if (summary.operations) {
+        rows.push({ columns: [summary.operations.status, 'operations', summary.operations.pendingWalCommits + ' pending WAL commits', summary.operations.walCommitFiles + ' WAL commits'], onclick: () => show(summary.operations) });
+      }
+      if (summary.productionSafety) {
+        rows.push({ columns: [summary.productionSafety.status, 'production safety', summary.productionSafety.score + ' score', summary.productionSafety.issues.length + ' issues'], onclick: () => show(summary.productionSafety) });
+      }
+      if (summary.library) {
+        rows.push({ columns: [summary.library.installedVersion || '-', 'library', 'recommended ' + summary.library.recommendedVersion, summary.library.status], onclick: () => show(summary.library) });
+      }
+      if (summary.latestTransaction) {
+        rows.push({ columns: ['#' + summary.latestTransaction.transactionId, summary.latestTransaction.mode, summary.latestTransaction.snapshotFile, summary.latestTransaction.objectIds.length + ' ids'], onclick: () => show(summary.latestTransaction) });
+      }
+      setRows(rows, 'No transactions yet');
     }
     async function showObjects() {
       setView('objects');
@@ -427,6 +464,7 @@ OFFSET 0</textarea>
       list.appendChild(pager);
     }
     async function showObject(id) {
+      document.getElementById('graphRoot').value = id;
       document.getElementById('mid').value = id;
       document.getElementById('detailHint').textContent = 'Object #' + id;
       const record = await requestJson('/api/objects/' + encodeURIComponent(id));
@@ -565,11 +603,39 @@ OFFSET 0</textarea>
     }
     async function showGraph() {
       setView('graph');
-      listTitle.textContent = 'Graph edges';
-      listHint.textContent = 'Follow references';
-      const graph = await requestJson('/api/graph');
+      listTitle.textContent = 'Graph slice';
+      const depth = graphDepth();
+      const rootObjectId = document.getElementById('graphRoot').value.trim();
+      listHint.textContent = (rootObjectId ? 'Root #' + rootObjectId : 'Store root') + ', depth ' + depth;
+      const graph = await requestJson(graphSubtreeUrl(rootObjectId, depth));
       renderGraph(graph);
-      setRows(graph.edges.map(e => ({ columns: [e.from + ' -> ' + e.to, 'edge', e.path, 'ref'], onclick: () => showObject(e.to) })), 'No edges found');
+      const rows = [
+        {
+          columns: [graph.complete ? 'complete' : 'partial', 'subtree', graph.objectIds.length + ' objects', graph.truncatedReferences.length + ' boundary refs'],
+          onclick: () => show(graph)
+        },
+        ...graph.nodes.map(node => ({
+          columns: ['#' + node.objectId, node.type || node.kind, node.objectId === graph.rootObjectId ? 'subtree root' : 'loaded node', 'node'],
+          onclick: () => showObject(node.objectId)
+        })),
+        ...graph.edges.map(e => ({
+          columns: [e.from + ' -> ' + e.to, 'edge', e.path, 'loaded'],
+          onclick: () => showObject(e.to)
+        })),
+        ...(graph.truncatedReferences || []).map(ref => ({
+          columns: [ref.fromObjectId + ' -> ' + ref.toObjectId, 'boundary', ref.path, 'depth ' + ref.depth],
+          onclick: () => showObjectInHierarchyPath(ref.toObjectId)
+        }))
+      ];
+      setRows(rows, 'No graph objects found');
+    }
+    function graphDepth() {
+      const value = Number.parseInt(document.getElementById('graphDepth').value || '2', 10);
+      return Number.isInteger(value) && value >= 0 ? Math.min(value, 12) : 2;
+    }
+    function graphSubtreeUrl(rootObjectId, depth) {
+      const query = '?depth=' + encodeURIComponent(String(depth));
+      return rootObjectId ? '/api/objects/' + encodeURIComponent(rootObjectId) + '/subtree' + query : '/api/subtree' + query;
     }
     function renderGraph(graph) {
       const width = 900;
@@ -607,8 +673,8 @@ OFFSET 0</textarea>
         circle.setAttribute('cx', pos.x);
         circle.setAttribute('cy', pos.y);
         circle.setAttribute('r', '26');
-        circle.setAttribute('fill', node.objectId === 'root' ? '#f3c969' : '#d9f1ef');
-        circle.setAttribute('stroke', node.objectId === 'root' ? '#ab7622' : '#0f8b8d');
+        circle.setAttribute('fill', node.objectId === graph.rootObjectId ? '#f3c969' : '#d9f1ef');
+        circle.setAttribute('stroke', node.objectId === graph.rootObjectId ? '#ab7622' : '#0f8b8d');
         circle.setAttribute('stroke-width', '2');
         const label = document.createElementNS(ns, 'text');
         label.setAttribute('x', pos.x);
@@ -624,6 +690,23 @@ OFFSET 0</textarea>
     }
     const showTypes = async () => { setView('types'); listTitle.textContent = 'Types'; listHint.textContent = 'Dictionary'; const value = await requestJson('/api/types'); setRows((value && value.entries || []).map(e => ({ columns: [String(e.id || '-'), e.name || 'type', e.handler || e.name || '-', 'type'], onclick: () => show(e) })), 'No type dictionary found'); };
     const showTransactions = async () => { setView('transactions'); listTitle.textContent = 'Transactions'; listHint.textContent = 'Newest first'; const rows = await requestJson('/api/transactions'); setRows(rows.map(t => ({ columns: ['#' + t.transactionId, t.mode, t.snapshotFile, t.objectIds.length + ' ids'], onclick: () => show(t) })), 'No transactions found'); };
+    const showOperations = async () => {
+      setView('operations');
+      listTitle.textContent = 'Storage operations';
+      listHint.textContent = 'WAL, hardening, and production safety';
+      const summary = await requestJson('/api/summary?verify=false');
+      const ops = summary.operations || {};
+      const safety = summary.productionSafety || {};
+      setRows([
+        { columns: [safety.status || '-', 'production safety', typeof safety.score === 'number' ? safety.score + ' score' : '-', (safety.issues || []).length + ' issues'], onclick: () => show(safety) },
+        { columns: [ops.status, 'health', ops.pendingWalCommits + ' pending WAL commits', ops.latestWalTransactionId ? 'wal tx ' + ops.latestWalTransactionId : 'no wal'], onclick: () => show(ops) },
+        { columns: [ops.transactionLog, 'wal', ops.walPrepareFiles + ' prepares', ops.walCommitFiles + ' commits'], onclick: () => show(ops) },
+        { columns: [String(ops.checkedIntegrityHashes || 0), 'integrity hashes', 'transaction chain', ops.checkedIntegrityHashes ? 'present' : 'not recorded'], onclick: () => show(ops) },
+        { columns: [ops.mutationsAllowed ? 'enabled' : 'disabled', 'mutations', 'lock timeout ' + ops.lockTimeoutMs + 'ms', ops.staleLockTimeoutMs ? 'stale ' + ops.staleLockTimeoutMs + 'ms' : 'no stale recovery'], onclick: () => show(ops) },
+        { columns: ['#' + ops.publishedTransactionId, 'published', ops.latestJournalTransactionId ? 'journal tx ' + ops.latestJournalTransactionId : 'no journal', 'manifest'], onclick: () => show(ops) }
+      ], 'No operations status');
+      return ops;
+    };
     const showJournal = async () => {
       setView('journal');
       listTitle.textContent = 'Journal';
@@ -637,7 +720,8 @@ OFFSET 0</textarea>
       listHint.textContent = 'Integrity';
       const result = await requestJson('/api/verify');
       setRows([
-        { columns: [result.ok ? 'OK' : 'FAIL', 'health', result.errors.length ? result.errors.join('; ') : 'No errors', result.checkedObjects + ' objects'], onclick: () => show(result) }
+        { columns: [result.ok ? 'OK' : 'FAIL', 'health', result.errors.length ? result.errors.join('; ') : 'No errors', result.checkedObjects + ' objects'], onclick: () => show(result) },
+        { columns: [String(result.checkedIntegrityHashes || 0), 'integrity hashes', result.checkedWalRecords + ' WAL checks', result.pendingWalCommits + ' pending WAL'], onclick: () => show(result) }
       ], 'Verification has not run');
       return result;
     };
@@ -821,6 +905,7 @@ OFFSET 0</textarea>
         dryRun
       };
       if (!dryRun && confirmRequired) payload.confirmToken = document.getElementById('gvqlConfirmToken').value;
+      if (!dryRun) payload.metadata = readAuditMetadata('gvql');
       const result = await postJson('/api/gvql', payload);
       const rows = [];
       if (result.plan) {
@@ -872,8 +957,19 @@ OFFSET 0</textarea>
     }
     const confirmRequired = __CONFIRM_REQUIRED__;
     if (!confirmRequired) document.getElementById('confirmToken').style.display = 'none';
+    if (!confirmRequired) document.getElementById('gvqlConfirmToken').style.display = 'none';
+    function readAuditMetadata(prefix) {
+      const actor = document.getElementById(prefix === 'gvql' ? 'gvqlAuditActor' : 'auditActor')?.value.trim();
+      const reason = document.getElementById(prefix === 'gvql' ? 'gvqlAuditReason' : 'auditReason')?.value.trim();
+      const traceId = prefix === 'gvql' ? '' : document.getElementById('auditTraceId')?.value.trim();
+      const metadata = { source: prefix === 'gvql' ? 'graphvault-studio:gvql' : 'graphvault-studio:direct-edit' };
+      if (actor) metadata.actor = actor;
+      if (reason) metadata.reason = reason;
+      if (traceId) metadata.traceId = traceId;
+      return metadata;
+    }
     function mutationPayload(includeConfirm) {
-      const payload = { objectId: document.getElementById('mid').value, path: document.getElementById('mpath').value, value: JSON.parse(document.getElementById('mvalue').value) };
+      const payload = { objectId: document.getElementById('mid').value, path: document.getElementById('mpath').value, value: JSON.parse(document.getElementById('mvalue').value), metadata: readAuditMetadata('direct') };
       if (includeConfirm) payload.confirmToken = document.getElementById('confirmToken').value;
       return payload;
     }

package/dist/admin-ui.js.map

@@ -1 +1 @@
-{"version":3,"file":"admin-ui.js","sourceRoot":"","sources":["../src/admin-ui.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAE1D,MAAM,CAAC,MAAM,UAAU,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2BAqNC,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA8pBvD,CAAC"}
+{"version":3,"file":"admin-ui.js","sourceRoot":"","sources":["../src/admin-ui.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAE1D,MAAM,CAAC,MAAM,UAAU,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2BAmOC,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAgvBvD,CAAC"}

package/docs/PUBLISHING.md

@@ -18,9 +18,12 @@ npm ci
 npm test
 npm run demo:store
 npm run pack:dry-run
+npm run package:smoke
 ```
 
-Inspect the dry-run file list and confirm it contains `README.md`, `LICENSE`, `CHANGELOG.md`, `CONTRIBUTING.md`, `docs`, `dist`, `examples`, logo/screenshot assets, and the `graphvault-studio` CLI entry point.
+`npm test` includes `npm run compat:check`, which verifies that Studio's `@sprengmeister/graphvault` dependency range accepts the runtime version recommended by the current Studio build. If the check warns that the lockfile resolves an older GraphVault Library, publish or install the newer library before a production Studio release.
+
+Inspect the dry-run file list and confirm it contains `README.md`, `LICENSE`, `CHANGELOG.md`, `CONTRIBUTING.md`, `docs`, `dist`, `examples`, logo/screenshot assets, and the `graphvault-studio` CLI entry point. `npm run package:smoke` installs the generated tarball into a fresh temporary project, verifies the CLI help output, imports the public programmatic API, creates a real GraphVault store, and exercises search plus bounded subtree loading through the installed package.
 
 ## Tagging
 
@@ -35,7 +38,7 @@ git push origin v0.1.0
 
 Use the GitHub Actions `Release` workflow with the matching tag input, for example `v0.1.0`.
 
-The workflow checks out the tag, installs with `npm ci`, runs tests, creates the demo store, validates the npm tarball with `npm run pack:dry-run`, and publishes with npm provenance.
+The workflow checks out the tag, installs with `npm ci`, runs tests, creates the demo store, validates the npm tarball with `npm run pack:dry-run`, performs the fresh-install package smoke test, and publishes with npm provenance.
 
 ## Repository Visibility
 

package/docs/RELEASE_NOTES_0.1.0.md

@@ -8,8 +8,10 @@ GraphVault Studio 0.1.0 is the first public graphical admin client for GraphVaul
 - Search across paths, values, ids, types, references, and encoded object data.
 - Parent-path lookup from an object back toward the root, including multiple direct parents.
 - Paged object browser for large stores.
+- Depth-limited subtree API and graph slice view for large stores.
 - GVQL console for graph queries and dry-run batch mutation previews.
 - Controlled primitive-field editing with confirmation-token safety.
+- Visible GraphVault Library compatibility status.
 - Verification, maintenance, backup, transaction, journal, graph, type dictionary, and object detail views.
 - CLI and programmatic server startup.
 - Local filesystem, custom, remote, S3-compatible, HTTP, and SQL-backed storage through GraphVault storage targets.

package/docs/REMOTE_STORAGE.md

@@ -53,4 +53,22 @@ await startAdminServer({
 });
 ```
 
-For mutation endpoints, always set `allowMutations: true` and a `mutationConfirmToken`. For exposed or shared environments, also set `authToken`.
+For mutation endpoints, always set `allowMutations: true` and a `mutationConfirmToken`. For exposed or shared environments, also set authentication. The legacy `authToken` option grants admin access. Prefer role tokens when several people or tools use Studio:
+
+```ts
+await startAdminServer({
+  storageDirectory: "main",
+  storageTarget,
+  allowMutations: true,
+  mutationConfirmToken: process.env.GRAPHVAULT_ADMIN_CONFIRM_TOKEN,
+  accessTokens: [
+    { token: process.env.GRAPHVAULT_VIEWER_TOKEN!, role: "viewer" },
+    { token: process.env.GRAPHVAULT_OPERATOR_TOKEN!, role: "operator" },
+    { token: process.env.GRAPHVAULT_ADMIN_ROLE_TOKEN!, role: "admin" },
+  ],
+});
+```
+
+- `viewer`: read-only inspection, search, verification, transactions, journal, and GVQL dry-runs.
+- `operator`: viewer plus maintenance and backup.
+- `admin`: operator plus committed direct edits and GVQL mutations. Admin writes should still use a confirmation token.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "graphvault-studio",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "description": "Graphical admin client for GraphVault object graph stores.",
   "repository": {
     "type": "git",
@@ -37,9 +37,11 @@
   ],
   "scripts": {
     "build": "tsc -p tsconfig.json",
-    "test": "npm run build && node tests/smoke.mjs",
+    "compat:check": "node scripts/check-compatibility.mjs",
+    "test": "npm run compat:check && npm run build && node tests/smoke.mjs",
     "demo:store": "npm run build && node examples/create-demo-store.mjs",
     "pack:dry-run": "npm pack --dry-run --cache ./.npm-cache",
+    "package:smoke": "node scripts/package-smoke.mjs",
     "prepack": "npm run build"
   },
   "keywords": [
@@ -58,7 +60,7 @@
     "node": ">=20"
   },
   "dependencies": {
-    "@sprengmeister/graphvault": "0.1.0"
+    "@sprengmeister/graphvault": ">=0.1.0 <0.3.0"
   },
   "devDependencies": {
     "@types/node": "^22.15.3",