latticesql 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +9 -3
  2. package/dist/cli.js +1600 -610
  3. package/dist/index.cjs +262 -87
  4. package/dist/index.d.cts +92 -11
  5. package/dist/index.d.ts +92 -11
  6. package/dist/index.js +262 -87
  7. package/package.json +1 -1
package/README.md CHANGED
@@ -2119,7 +2119,11 @@ Postgres URL with no root.
2119
2119
  ### Assistant sidebar (v2.0+)
2120
2120
 
2121
2121
  The GUI has a fixed right sidebar with a live **activity feed** — every change
2122
- (yours, the assistant's, or an ingest) streams in as it happens.
2122
+ (yours, the assistant's, or an ingest) streams in as it happens, collapsed by
2123
+ type so a bulk run shows a single card ("Deleted 19 tables", "Removed 49 rows
2124
+ across 9 tables") instead of a wall of near-identical rows. The feed is scoped to
2125
+ the open conversation: the assistant's data changes are saved with each turn and
2126
+ replayed as those cards when you reopen the chat. When the assistant references a record, it emits an inline object-link pill — a clickable chip that opens that row in the mode-aware navigator.
2123
2127
 
2124
2128
  Add a Claude API token in **User Settings → Assistant** (or set
2125
2129
  `ANTHROPIC_API_KEY`) to enable the **AI assistant**: ask questions about your
@@ -2357,6 +2361,8 @@ lattice teams dlq purge --team <name> [--id <id>] # discard without applying
2357
2361
 
2358
2362
  **Per-table ownership + opt-in sharing (v1.14+).** Team members share one physical Postgres, so visibility is enforced at the app layer via a `__lattice_object_owners` table: each table records its creator, and a user sees only the tables they own plus tables explicitly shared to the team. The native `files`/`secrets` objects are owned by the database creator and private by default. Sharing is an explicit, owner-only action (not a side effect of creating a table). The filter gates API access, not just the display.
2359
2363
 
2364
+ **Row-level permissions (v2.2+).** Within a shared table, each row carries an owner (its creator) and a visibility — `private`, `everyone`, or `custom` (an explicit grant list) — enforced for the REST API, the AI assistant, and the cloud sync, so a member never receives the bytes of a row they can't read. Existing shared tables default to `everyone` on upgrade. The hosted Teams server filters the change-log pull per recipient; direct `postgres://` connections (which can't enforce this) are deprecated in favour of a hosted server. See `docs/teams.md`.
2365
+
2360
2366
  **Same flows from the GUI (v1.14+).** The local `lattice gui` drives the entire cloud-workspace lifecycle from **Workspace Settings**: rename (owner-only), invite by email (owner-only), the inline Members list with pending invitees (the owner is always shown as `creator`; your own row offers Leave/Destroy; non-owners can't kick), share/unshare from the Data Model, and sync status. Member admin is resolved from `GET /api/dbconfig` against the active cloud DB, so it works even when the cloud workspace itself is the active database. Identity (display name + email) comes from `~/.lattice/identity.json` and is locked in the Join modal. Leaving a workspace removes the local config + credential and switches you to another database.
2361
2367
 
2362
2368
  **Joining via the GUI is one click (v1.13.7+).** When you click "Join via invite" and the redeem succeeds, the team's cloud URL is automatically saved as a switchable database credential and a sibling YAML config is written to your project directory. The new entry shows up in the database dropdown as `<team-name>.config`. Clicking it opens the SPA with the team's shared tables already populated — no YAML editing, no `db.define()` calls.
@@ -2372,7 +2378,7 @@ The full architecture, schema, and HTTP surface live in [docs/teams.md](./docs/t
2372
2378
  Lattice Teams + the GUI's Database panel now flow through a state machine:
2373
2379
 
2374
2380
  ```
2375
- LOCAL → CLOUD WORKSPACE (owner | member | needs-invite)
2381
+ LOCAL → CLOUD WORKSPACE (owner | member)
2376
2382
  (migrate / connect)
2377
2383
  ```
2378
2384
 
@@ -2438,7 +2444,7 @@ HTTP surface (all under `/api/dbconfig/*`, localhost-only, same auth model as th
2438
2444
  | POST | `/api/dbconfig/connect-existing` | `TeamsClient.connectToExistingCloud` |
2439
2445
  | POST | `/api/dbconfig/save` / `connect` / `test` | unchanged from v1.12 |
2440
2446
 
2441
- The `state` field on `GET /api/dbconfig` is one of: `local`, `team-cloud-creator`, `team-cloud-member`, `team-cloud-needs-invite` (the `cloud-connected` state was removed in 1.16.3). The SPA badge color-codes them (labeled "CLOUD · OWNER / MEMBER / NEEDS INVITE"); the routes use them only for response shape.
2447
+ The `state` field on `GET /api/dbconfig` is one of: `local`, `team-cloud-creator`, `team-cloud-member` (the `cloud-connected` state was removed in 1.16.3; the `team-cloud-needs-invite` state was removed in 2.1.1 — a connected cloud is always a member workspace). The SPA badge color-codes them (labeled "CLOUD · OWNER / MEMBER"); the routes use them only for response shape.
2442
2448
 
2443
2449
  ---
2444
2450