node-type-registry 0.18.1 → 0.20.0

package/esm/authz/authz-temporal.js

@@ -1,46 +1,48 @@
 export const AuthzTemporal = {
-    "name": "AuthzTemporal",
-    "slug": "authz_temporal",
-    "category": "authz",
-    "display_name": "Temporal Access",
-    "description": "Time-window based access control. Restricts access based on valid_from and/or valid_until timestamps. At least one of valid_from_field or valid_until_field must be provided.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "valid_from_field": {
-                "type": "string",
-                "description": "Column for start time (at least one of valid_from_field or valid_until_field required)"
+    name: 'AuthzTemporal',
+    slug: 'authz_temporal',
+    category: 'authz',
+    display_name: 'Temporal Access',
+    description: 'Time-window based access control. Restricts access based on valid_from and/or valid_until timestamps. At least one of valid_from_field or valid_until_field must be provided.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            valid_from_field: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Column for start time (at least one of valid_from_field or valid_until_field required)'
             },
-            "valid_until_field": {
-                "type": "string",
-                "description": "Column for end time (at least one of valid_from_field or valid_until_field required)"
+            valid_until_field: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Column for end time (at least one of valid_from_field or valid_until_field required)'
             },
-            "valid_from_inclusive": {
-                "type": "boolean",
-                "description": "Include start boundary",
-                "default": true
+            valid_from_inclusive: {
+                type: 'boolean',
+                description: 'Include start boundary',
+                default: true
             },
-            "valid_until_inclusive": {
-                "type": "boolean",
-                "description": "Include end boundary",
-                "default": false
+            valid_until_inclusive: {
+                type: 'boolean',
+                description: 'Include end boundary',
+                default: false
             }
         },
-        "anyOf": [
+        anyOf: [
             {
-                "required": [
-                    "valid_from_field"
+                required: [
+                    'valid_from_field'
                 ]
             },
             {
-                "required": [
-                    "valid_until_field"
+                required: [
+                    'valid_until_field'
                 ]
             }
         ]
     },
-    "tags": [
-        "temporal",
-        "authz"
+    tags: [
+        'temporal',
+        'authz'
     ]
 };

package/esm/authz/index.d.ts

@@ -1,16 +1,16 @@
+export { AuthzAllowAll } from './authz-allow-all';
+export { AuthzComposite } from './authz-composite';
+export { AuthzDenyAll } from './authz-deny-all';
 export { AuthzDirectOwner } from './authz-direct-owner';
 export { AuthzDirectOwnerAny } from './authz-direct-owner-any';
-export { AuthzMembership } from './authz-membership-check';
 export { AuthzEntityMembership } from './authz-entity-membership';
-export { AuthzRelatedEntityMembership } from './authz-related-entity-membership';
-export { AuthzOrgHierarchy } from './authz-org-hierarchy';
-export { AuthzTemporal } from './authz-temporal';
-export { AuthzPublishable } from './authz-publishable';
 export { AuthzMemberList } from './authz-member-list';
-export { AuthzRelatedMemberList } from './authz-related-member-list';
-export { AuthzAllowAll } from './authz-allow-all';
-export { AuthzDenyAll } from './authz-deny-all';
-export { AuthzComposite } from './authz-composite';
+export { AuthzMembership } from './authz-membership-check';
 export { AuthzNotReadOnly } from './authz-not-read-only';
+export { AuthzOrgHierarchy } from './authz-org-hierarchy';
 export { AuthzPeerOwnership } from './authz-peer-ownership';
+export { AuthzPublishable } from './authz-publishable';
+export { AuthzRelatedEntityMembership } from './authz-related-entity-membership';
+export { AuthzRelatedMemberList } from './authz-related-member-list';
 export { AuthzRelatedPeerOwnership } from './authz-related-peer-ownership';
+export { AuthzTemporal } from './authz-temporal';

package/esm/authz/index.js

@@ -1,16 +1,16 @@
+export { AuthzAllowAll } from './authz-allow-all';
+export { AuthzComposite } from './authz-composite';
+export { AuthzDenyAll } from './authz-deny-all';
 export { AuthzDirectOwner } from './authz-direct-owner';
 export { AuthzDirectOwnerAny } from './authz-direct-owner-any';
-export { AuthzMembership } from './authz-membership-check';
 export { AuthzEntityMembership } from './authz-entity-membership';
-export { AuthzRelatedEntityMembership } from './authz-related-entity-membership';
-export { AuthzOrgHierarchy } from './authz-org-hierarchy';
-export { AuthzTemporal } from './authz-temporal';
-export { AuthzPublishable } from './authz-publishable';
 export { AuthzMemberList } from './authz-member-list';
-export { AuthzRelatedMemberList } from './authz-related-member-list';
-export { AuthzAllowAll } from './authz-allow-all';
-export { AuthzDenyAll } from './authz-deny-all';
-export { AuthzComposite } from './authz-composite';
+export { AuthzMembership } from './authz-membership-check';
 export { AuthzNotReadOnly } from './authz-not-read-only';
+export { AuthzOrgHierarchy } from './authz-org-hierarchy';
 export { AuthzPeerOwnership } from './authz-peer-ownership';
+export { AuthzPublishable } from './authz-publishable';
+export { AuthzRelatedEntityMembership } from './authz-related-entity-membership';
+export { AuthzRelatedMemberList } from './authz-related-member-list';
 export { AuthzRelatedPeerOwnership } from './authz-related-peer-ownership';
+export { AuthzTemporal } from './authz-temporal';

package/esm/blueprint-types.generated.d.ts

@@ -574,19 +574,6 @@ export interface BlueprintTableUniqueConstraint {
     /** Optional schema name override. */
     schema_name?: string;
 }
-/** A storage-specific RLS policy object for apply_storage_security(). Each entry defines an Authz* policy with explicit privileges, scoped to specific storage tables. */
-export interface BlueprintStoragePolicy {
-    /** Authz* policy generator type (e.g., "AuthzPublishable", "AuthzDirectOwner", "AuthzEntityMembership"). */
-    $type: string;
-    /** Privilege array (e.g., ["select", "insert", "update", "delete"]). Intersected with each storage table's supported operations. */
-    privileges: string[];
-    /** Policy data config. Auto-derived from $type when omitted (e.g., AuthzPublishable defaults to {"is_published_field": "is_public", "require_published_at": false}). */
-    data?: Record<string, unknown>;
-    /** Which storage tables to apply this policy to. Defaults to all three when omitted. Uses logical names (not prefixed). */
-    tables?: ('buckets' | 'files' | 'upload_requests')[];
-    /** Custom RLS policy name suffix. Auto-derived from $type when omitted (pub/own/mem). */
-    policy_name?: string;
-}
 /** A bucket seed entry for storage_config.buckets[]. Creates an initial bucket row in the {prefix}_buckets table during entity type provisioning. Only used for app-level storage (not entity-scoped). */
 export interface BlueprintBucketSeed {
     /** Bucket key name (e.g., "avatars", "documents"). Becomes the key column value. */
@@ -602,10 +589,8 @@ export interface BlueprintBucketSeed {
     /** CORS allowed origins for this bucket. */
     allowed_origins?: string[];
 }
-/** Storage configuration for an entity type. Controls RLS policies on storage tables, seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS). */
+/** Storage configuration for an entity type. Seeds initial buckets, overrides module-level settings (expiry times, file size limits, CORS), and provides per-table provisioning overrides via provisions. */
 export interface BlueprintStorageConfig {
-    /** Custom RLS policies for storage tables. When provided, replaces the default policy set (AuthzPublishable + membership + AuthzDirectOwner). Each entry is a policy object with $type, privileges, and optional data/tables/policy_name. */
-    policies?: BlueprintStoragePolicy[];
     /** Initial bucket seed entries. Each creates a row in {prefix}_buckets during provisioning. Only used for app-level storage (not entity-scoped). */
     buckets?: BlueprintBucketSeed[];
     /** Override for presigned upload URL expiry time in seconds. */
@@ -616,6 +601,12 @@ export interface BlueprintStorageConfig {
     default_max_file_size?: number;
     /** CORS allowed origins for the storage module. */
     allowed_origins?: string[];
+    /** Per-table overrides for storage tables. Each key targets a specific storage table (files, buckets, upload_requests) and uses the same shape as table_provision: { nodes, fields, grants, use_rls, policies }. Fanned out to secure_table_provision targeting the corresponding table. When a key includes policies[], those REPLACE the default storage policies for that table; tables without a key still get defaults. */
+    provisions?: {
+        files?: BlueprintEntityTableProvision;
+        buckets?: BlueprintEntityTableProvision;
+        upload_requests?: BlueprintEntityTableProvision;
+    };
 }
 /** Override object for the entity table created by a BlueprintEntityType. Shape mirrors BlueprintTable / secure_table_provision vocabulary. When supplied, policies[] replaces the default entity-table policies entirely. */
 export interface BlueprintEntityTableProvision {
@@ -655,6 +646,8 @@ export interface BlueprintEntityType {
     has_levels?: boolean;
     /** Whether to provision a storage module (buckets, files, upload_requests tables) for this entity type. Defaults to false. */
     has_storage?: boolean;
+    /** Whether to provision entity-scoped invite tables ({prefix}_invites, {prefix}_claimed_invites) and a submit_{prefix}_invite_code() function. Defaults to false. */
+    has_invites?: boolean;
     /** Escape hatch: when true AND table_provision is NULL, zero policies are provisioned on the entity table. Defaults to false. */
     skip_entity_policies?: boolean;
     /** Override for the entity table. Shape mirrors BlueprintTable / secure_table_provision vocabulary. When supplied, its policies[] replaces the five default entity-table policies; is_visible becomes a no-op. When NULL (default), the five default policies are applied (gated by is_visible). */
@@ -877,6 +870,6 @@ export interface BlueprintDefinition {
     unique_constraints?: BlueprintUniqueConstraint[];
     /** Entity types to provision in Phase 0 (before tables). Each entry creates an entity table with membership modules and security. */
     entity_types?: BlueprintEntityType[];
-    /** App-level storage configuration. Creates a storage_module (membership_type = NULL) with the specified policies, seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS). For entity-scoped storage, use entity_types[].has_storage + entity_types[].storage instead. */
+    /** App-level storage configuration. Creates a storage_module (membership_type = NULL), seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS). Use provisions for per-table policy overrides. For entity-scoped storage, use entity_types[].has_storage + entity_types[].storage instead. */
     storage?: BlueprintStorageConfig;
 }

package/esm/blueprint-types.generated.js

@@ -2,7 +2,7 @@
 /* eslint-disable @typescript-eslint/no-empty-object-type */
 //
 // Regenerate with:
-//   cd graphql/node-type-registry && pnpm generate:types
+//   cd packages/node-type-registry && pnpm generate:types
 //
 // These types match the JSONB shape expected by construct_blueprint().
 // All field names are snake_case to match the SQL convention.

package/esm/codegen/generate-types.js

@@ -359,21 +359,6 @@ function buildBlueprintTableUniqueConstraint() {
         addJSDoc(optionalProp('schema_name', t.tsStringKeyword()), 'Optional schema name override.')
     ]), 'A unique constraint nested inside a table definition (table_name not required).');
 }
-/**
- * Build the BlueprintStoragePolicy interface.
- *
- * Matches the jsonb policy objects accepted by apply_storage_security():
- *   { "$type": "AuthzPublishable", "privileges": ["select"], "data": {...}, "tables": [...], "policy_name": "pub" }
- */
-function buildBlueprintStoragePolicy() {
-    return addJSDoc(exportInterface('BlueprintStoragePolicy', [
-        addJSDoc(requiredProp('$type', t.tsStringKeyword()), 'Authz* policy generator type (e.g., "AuthzPublishable", "AuthzDirectOwner", "AuthzEntityMembership").'),
-        addJSDoc(requiredProp('privileges', t.tsArrayType(t.tsStringKeyword())), 'Privilege array (e.g., ["select", "insert", "update", "delete"]). Intersected with each storage table\'s supported operations.'),
-        addJSDoc(optionalProp('data', recordType(t.tsStringKeyword(), t.tsUnknownKeyword())), 'Policy data config. Auto-derived from $type when omitted (e.g., AuthzPublishable defaults to {"is_published_field": "is_public", "require_published_at": false}).'),
-        addJSDoc(optionalProp('tables', t.tsArrayType(strUnion(['buckets', 'files', 'upload_requests']))), 'Which storage tables to apply this policy to. Defaults to all three when omitted. Uses logical names (not prefixed).'),
-        addJSDoc(optionalProp('policy_name', t.tsStringKeyword()), 'Custom RLS policy name suffix. Auto-derived from $type when omitted (pub/own/mem).')
-    ]), 'A storage-specific RLS policy object for apply_storage_security(). Each entry defines an Authz* policy with explicit privileges, scoped to specific storage tables.');
-}
 /**
  * Build the BlueprintBucketSeed interface.
  *
@@ -396,13 +381,17 @@ function buildBlueprintBucketSeed() {
  */
 function buildBlueprintStorageConfig() {
     return addJSDoc(exportInterface('BlueprintStorageConfig', [
-        addJSDoc(optionalProp('policies', t.tsArrayType(t.tsTypeReference(t.identifier('BlueprintStoragePolicy')))), 'Custom RLS policies for storage tables. When provided, replaces the default policy set (AuthzPublishable + membership + AuthzDirectOwner). Each entry is a policy object with $type, privileges, and optional data/tables/policy_name.'),
         addJSDoc(optionalProp('buckets', t.tsArrayType(t.tsTypeReference(t.identifier('BlueprintBucketSeed')))), 'Initial bucket seed entries. Each creates a row in {prefix}_buckets during provisioning. Only used for app-level storage (not entity-scoped).'),
         addJSDoc(optionalProp('upload_url_expiry_seconds', t.tsNumberKeyword()), 'Override for presigned upload URL expiry time in seconds.'),
         addJSDoc(optionalProp('download_url_expiry_seconds', t.tsNumberKeyword()), 'Override for presigned download URL expiry time in seconds.'),
         addJSDoc(optionalProp('default_max_file_size', t.tsNumberKeyword()), 'Default maximum file size in bytes for the storage module.'),
-        addJSDoc(optionalProp('allowed_origins', t.tsArrayType(t.tsStringKeyword())), 'CORS allowed origins for the storage module.')
-    ]), 'Storage configuration for an entity type. Controls RLS policies on storage tables, seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS).');
+        addJSDoc(optionalProp('allowed_origins', t.tsArrayType(t.tsStringKeyword())), 'CORS allowed origins for the storage module.'),
+        addJSDoc(optionalProp('provisions', t.tsTypeLiteral([
+            optionalProp('files', t.tsTypeReference(t.identifier('BlueprintEntityTableProvision'))),
+            optionalProp('buckets', t.tsTypeReference(t.identifier('BlueprintEntityTableProvision'))),
+            optionalProp('upload_requests', t.tsTypeReference(t.identifier('BlueprintEntityTableProvision')))
+        ])), 'Per-table overrides for storage tables. Each key targets a specific storage table (files, buckets, upload_requests) and uses the same shape as table_provision: { nodes, fields, grants, use_rls, policies }. Fanned out to secure_table_provision targeting the corresponding table. When a key includes policies[], those REPLACE the default storage policies for that table; tables without a key still get defaults.')
+    ]), 'Storage configuration for an entity type. Seeds initial buckets, overrides module-level settings (expiry times, file size limits, CORS), and provides per-table provisioning overrides via provisions.');
 }
 function buildBlueprintEntityTableProvision() {
     return addJSDoc(exportInterface('BlueprintEntityTableProvision', [
@@ -428,6 +417,7 @@ function buildBlueprintEntityType() {
         addJSDoc(optionalProp('has_profiles', t.tsBooleanKeyword()), 'Whether to provision a profiles module for this entity type. Defaults to false.'),
         addJSDoc(optionalProp('has_levels', t.tsBooleanKeyword()), 'Whether to provision a levels module for this entity type. Defaults to false.'),
         addJSDoc(optionalProp('has_storage', t.tsBooleanKeyword()), 'Whether to provision a storage module (buckets, files, upload_requests tables) for this entity type. Defaults to false.'),
+        addJSDoc(optionalProp('has_invites', t.tsBooleanKeyword()), 'Whether to provision entity-scoped invite tables ({prefix}_invites, {prefix}_claimed_invites) and a submit_{prefix}_invite_code() function. Defaults to false.'),
         addJSDoc(optionalProp('skip_entity_policies', t.tsBooleanKeyword()), 'Escape hatch: when true AND table_provision is NULL, zero policies are provisioned on the entity table. Defaults to false.'),
         addJSDoc(optionalProp('table_provision', t.tsTypeReference(t.identifier('BlueprintEntityTableProvision'))), 'Override for the entity table. Shape mirrors BlueprintTable / secure_table_provision vocabulary. When supplied, its policies[] replaces the five default entity-table policies; is_visible becomes a no-op. When NULL (default), the five default policies are applied (gated by is_visible).'),
         addJSDoc(optionalProp('storage', t.tsTypeReference(t.identifier('BlueprintStorageConfig'))), 'Storage configuration. Only used when has_storage is true. Controls RLS policies on storage tables, seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS).')
@@ -458,7 +448,7 @@ function buildBlueprintDefinition() {
         addJSDoc(optionalProp('full_text_searches', t.tsArrayType(t.tsTypeReference(t.identifier('BlueprintFullTextSearch')))), 'Full-text search configurations.'),
         addJSDoc(optionalProp('unique_constraints', t.tsArrayType(t.tsTypeReference(t.identifier('BlueprintUniqueConstraint')))), 'Unique constraints on table columns.'),
         addJSDoc(optionalProp('entity_types', t.tsArrayType(t.tsTypeReference(t.identifier('BlueprintEntityType')))), 'Entity types to provision in Phase 0 (before tables). Each entry creates an entity table with membership modules and security.'),
-        addJSDoc(optionalProp('storage', t.tsTypeReference(t.identifier('BlueprintStorageConfig'))), 'App-level storage configuration. Creates a storage_module (membership_type = NULL) with the specified policies, seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS). For entity-scoped storage, use entity_types[].has_storage + entity_types[].storage instead.')
+        addJSDoc(optionalProp('storage', t.tsTypeReference(t.identifier('BlueprintStorageConfig'))), 'App-level storage configuration. Creates a storage_module (membership_type = NULL), seeds initial buckets, and overrides module-level settings (expiry times, file size limits, CORS). Use provisions for per-table policy overrides. For entity-scoped storage, use entity_types[].has_storage + entity_types[].storage instead.')
     ]), 'The complete blueprint definition -- the JSONB shape accepted by construct_blueprint().');
 }
 // ---------------------------------------------------------------------------
@@ -512,7 +502,6 @@ function buildProgram(meta) {
     statements.push(buildBlueprintTableIndex());
     statements.push(buildBlueprintUniqueConstraint());
     statements.push(buildBlueprintTableUniqueConstraint());
-    statements.push(buildBlueprintStoragePolicy());
     statements.push(buildBlueprintBucketSeed());
     statements.push(buildBlueprintStorageConfig());
     statements.push(buildBlueprintEntityTableProvision());
@@ -535,7 +524,7 @@ function buildProgram(meta) {
         '/* eslint-disable @typescript-eslint/no-empty-object-type */',
         '//',
         '// Regenerate with:',
-        '//   cd graphql/node-type-registry && pnpm generate:types',
+        '//   cd packages/node-type-registry && pnpm generate:types',
         '//',
         '// These types match the JSONB shape expected by construct_blueprint().',
         '// All field names are snake_case to match the SQL convention.',

package/esm/data/data-composite-field.js

@@ -1,35 +1,37 @@
 export const DataCompositeField = {
-    "name": "DataCompositeField",
-    "slug": "data_composite_field",
-    "category": "data",
-    "display_name": "Composite Field",
-    "description": "Creates a derived text field that automatically concatenates multiple source fields via BEFORE INSERT/UPDATE triggers. Used to produce a unified text representation (e.g., embedding_text) from multiple columns on a table. The trigger fires with '_000' prefix to run before Search* triggers alphabetically.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "target": {
-                "type": "string",
-                "description": "Name of the derived text field to create (default: 'embedding_text')"
+    name: 'DataCompositeField',
+    slug: 'data_composite_field',
+    category: 'data',
+    display_name: 'Composite Field',
+    description: "Creates a derived text field that automatically concatenates multiple source fields via BEFORE INSERT/UPDATE triggers. Used to produce a unified text representation (e.g., embedding_text) from multiple columns on a table. The trigger fires with '_000' prefix to run before Search* triggers alphabetically.",
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            target: {
+                type: 'string',
+                format: 'column-ref',
+                description: "Name of the derived text field to create (default: 'embedding_text')"
             },
-            "source_fields": {
-                "type": "array",
-                "items": {
-                    "type": "string"
+            source_fields: {
+                type: 'array',
+                items: {
+                    type: 'string',
+                    format: 'column-ref'
                 },
-                "description": "Array of source field names to concatenate into the target field"
+                description: 'Array of source field names to concatenate into the target field'
             },
-            "format": {
-                "type": "string",
-                "enum": ["labeled", "plain"],
-                "description": "Output format: 'labeled' (field_name: value) or 'plain' (values only). Default: 'labeled'"
+            format: {
+                type: 'string',
+                enum: ['labeled', 'plain'],
+                description: "Output format: 'labeled' (field_name: value) or 'plain' (values only). Default: 'labeled'"
             }
         },
-        "required": [
-            "source_fields"
+        required: [
+            'source_fields'
         ]
     },
-    "tags": [
-        "transform",
-        "behavior"
+    tags: [
+        'transform',
+        'behavior'
     ]
 };

package/esm/data/data-direct-owner.js

@@ -1,31 +1,32 @@
 export const DataDirectOwner = {
-    "name": "DataDirectOwner",
-    "slug": "data_direct_owner",
-    "category": "data",
-    "display_name": "Ownership",
-    "description": "Adds ownership column for direct user ownership. Enables AuthzDirectOwner authorization.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "owner_field_name": {
-                "type": "string",
-                "description": "Column name for owner ID",
-                "default": "owner_id"
+    name: 'DataDirectOwner',
+    slug: 'data_direct_owner',
+    category: 'data',
+    display_name: 'Ownership',
+    description: 'Adds ownership column for direct user ownership. Enables AuthzDirectOwner authorization.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            owner_field_name: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Column name for owner ID',
+                default: 'owner_id'
             },
-            "include_id": {
-                "type": "boolean",
-                "description": "If true, also adds a UUID primary key column with auto-generation",
-                "default": true
+            include_id: {
+                type: 'boolean',
+                description: 'If true, also adds a UUID primary key column with auto-generation',
+                default: true
             },
-            "include_user_fk": {
-                "type": "boolean",
-                "description": "If true, adds a foreign key constraint from owner_id to the users table",
-                "default": true
+            include_user_fk: {
+                type: 'boolean',
+                description: 'If true, adds a foreign key constraint from owner_id to the users table',
+                default: true
             }
         }
     },
-    "tags": [
-        "ownership",
-        "schema"
+    tags: [
+        'ownership',
+        'schema'
     ]
 };

package/esm/data/data-entity-membership.js

@@ -1,31 +1,32 @@
 export const DataEntityMembership = {
-    "name": "DataEntityMembership",
-    "slug": "data_entity_membership",
-    "category": "data",
-    "display_name": "Entity Membership",
-    "description": "Adds entity reference for organization/group scoping. Enables AuthzEntityMembership, AuthzMembership, AuthzOrgHierarchy authorization.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "entity_field_name": {
-                "type": "string",
-                "description": "Column name for entity ID",
-                "default": "entity_id"
+    name: 'DataEntityMembership',
+    slug: 'data_entity_membership',
+    category: 'data',
+    display_name: 'Entity Membership',
+    description: 'Adds entity reference for organization/group scoping. Enables AuthzEntityMembership, AuthzMembership, AuthzOrgHierarchy authorization.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            entity_field_name: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Column name for entity ID',
+                default: 'entity_id'
             },
-            "include_id": {
-                "type": "boolean",
-                "description": "If true, also adds a UUID primary key column with auto-generation",
-                "default": true
+            include_id: {
+                type: 'boolean',
+                description: 'If true, also adds a UUID primary key column with auto-generation',
+                default: true
             },
-            "include_user_fk": {
-                "type": "boolean",
-                "description": "If true, adds a foreign key constraint from entity_id to the users table",
-                "default": true
+            include_user_fk: {
+                type: 'boolean',
+                description: 'If true, adds a foreign key constraint from entity_id to the users table',
+                default: true
             }
         }
     },
-    "tags": [
-        "membership",
-        "schema"
+    tags: [
+        'membership',
+        'schema'
     ]
 };

package/esm/data/data-force-current-user.js

@@ -1,22 +1,23 @@
 export const DataForceCurrentUser = {
-    "name": "DataForceCurrentUser",
-    "slug": "data_force_current_user",
-    "category": "data",
-    "display_name": "Force Current User",
-    "description": "BEFORE INSERT trigger that forces a field to the value of jwt_public.current_user_id(). Prevents clients from spoofing the actor/uploader identity. The field value is always overwritten regardless of what the client provides.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "field_name": {
-                "type": "string",
-                "description": "Name of the field to force to current_user_id()",
-                "default": "actor_id"
+    name: 'DataForceCurrentUser',
+    slug: 'data_force_current_user',
+    category: 'data',
+    display_name: 'Force Current User',
+    description: 'BEFORE INSERT trigger that forces a field to the value of jwt_public.current_user_id(). Prevents clients from spoofing the actor/uploader identity. The field value is always overwritten regardless of what the client provides.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            field_name: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Name of the field to force to current_user_id()',
+                default: 'actor_id'
             }
         }
     },
-    "tags": [
-        "trigger",
-        "security",
-        "schema"
+    tags: [
+        'trigger',
+        'security',
+        'schema'
     ]
 };

package/esm/data/data-id.js

@@ -1,21 +1,22 @@
 export const DataId = {
-    "name": "DataId",
-    "slug": "data_id",
-    "category": "data",
-    "display_name": "Primary Key ID",
-    "description": "Adds a UUID primary key column with auto-generation default (uuidv7). This is the standard primary key pattern for all tables.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "field_name": {
-                "type": "string",
-                "description": "Column name for the primary key",
-                "default": "id"
+    name: 'DataId',
+    slug: 'data_id',
+    category: 'data',
+    display_name: 'Primary Key ID',
+    description: 'Adds a UUID primary key column with auto-generation default (uuidv7). This is the standard primary key pattern for all tables.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            field_name: {
+                type: 'string',
+                format: 'column-ref',
+                description: 'Column name for the primary key',
+                default: 'id'
             }
         }
     },
-    "tags": [
-        "primary_key",
-        "schema"
+    tags: [
+        'primary_key',
+        'schema'
     ]
 };

package/esm/data/data-immutable-fields.js

@@ -1,27 +1,28 @@
 export const DataImmutableFields = {
-    "name": "DataImmutableFields",
-    "slug": "data_immutable_fields",
-    "category": "data",
-    "display_name": "Immutable Fields",
-    "description": "BEFORE UPDATE trigger that prevents changes to a list of specified fields after INSERT. Raises an exception if any of the listed fields have changed. Unlike FieldImmutable (single-field), this handles multiple fields in a single trigger for efficiency.",
-    "parameter_schema": {
-        "type": "object",
-        "properties": {
-            "fields": {
-                "type": "array",
-                "items": {
-                    "type": "string"
+    name: 'DataImmutableFields',
+    slug: 'data_immutable_fields',
+    category: 'data',
+    display_name: 'Immutable Fields',
+    description: 'BEFORE UPDATE trigger that prevents changes to a list of specified fields after INSERT. Raises an exception if any of the listed fields have changed. Unlike FieldImmutable (single-field), this handles multiple fields in a single trigger for efficiency.',
+    parameter_schema: {
+        type: 'object',
+        properties: {
+            fields: {
+                type: 'array',
+                items: {
+                    type: 'string',
+                    format: 'column-ref'
                 },
-                "description": "Field names that cannot be modified after INSERT (e.g. [\"key\", \"bucket_id\", \"owner_id\"])"
+                description: 'Field names that cannot be modified after INSERT (e.g. ["key", "bucket_id", "owner_id"])'
             }
         },
-        "required": [
-            "fields"
+        required: [
+            'fields'
         ]
     },
-    "tags": [
-        "trigger",
-        "constraint",
-        "schema"
+    tags: [
+        'trigger',
+        'constraint',
+        'schema'
     ]
 };