primitive-admin 1.0.50 → 1.0.51

package/dist/src/lib/generated-allowlist.js

@@ -0,0 +1,181 @@
+/**
+ * GENERATED FILE — DO NOT EDIT BY HAND.
+ *
+ * Source of truth: the server step runners in `src/workflows/steps/*.ts` and
+ * the universal `BaseStepDefinition` shape in
+ * `src/workflows/runner/types.ts`.
+ *
+ * Regenerate with:
+ *   node cli/scripts/gen-allowlist.mjs       (runs automatically at CLI prebuild)
+ *
+ * A CI freshness guard (`cli/scripts/gen-allowlist.mjs --check`, also asserted
+ * by `cli/tests/unit/workflow-toml-validator-drift-guard.test.ts`) fails if this
+ * committed artifact does not match a fresh scan — see issue #998.
+ *
+ * Two exports:
+ *   - `GENERATED_ALLOWLISTED_FIELDS` — the union of universal step fields,
+ *     per-kind fields each runner READS (not what the type declares), and the
+ *     `collect` `step` structural pass-through. The validator accepts these as
+ *     top-level step fields for KNOWN kinds.
+ *   - `GENERATED_KNOWN_KINDS` — the step kinds the server registers. The
+ *     validator skips the per-field check for an UNKNOWN kind (an old CLI
+ *     against a newer server) while still running the kind-agnostic
+ *     misnested-header footgun detector (#685).
+ */
+/** Top-level step fields the validator accepts for a known kind (#998). */
+export const GENERATED_ALLOWLISTED_FIELDS = [
+    "_testSteps",
+    "action",
+    "aliasKey",
+    "appId",
+    "as",
+    "asBase64",
+    "attachments",
+    "blobId",
+    "bodyMode",
+    "bucketId",
+    "bucketKey",
+    "cacheTtlSeconds",
+    "cases",
+    "concurrency",
+    "configId",
+    "content",
+    "contentBase64",
+    "contentType",
+    "context",
+    "continueOnError",
+    "cursor",
+    "cursorField",
+    "data",
+    "databaseId",
+    "default",
+    "description",
+    "direction",
+    "documentAlias",
+    "documentId",
+    "dryRun",
+    "durationMs",
+    "email",
+    "events",
+    "expiresInSeconds",
+    "feature",
+    "filename",
+    "filter",
+    "filters",
+    "forEach",
+    "groupBy",
+    "groupId",
+    "groupType",
+    "htmlBody",
+    "id",
+    "includeUserDetails",
+    "input",
+    "integrationKey",
+    "itemsField",
+    "iterationName",
+    "kind",
+    "limit",
+    "limits",
+    "maxItems",
+    "maxPages",
+    "message",
+    "messages",
+    "metrics",
+    "model",
+    "modelName",
+    "modelOverride",
+    "ms",
+    "multipartFields",
+    "name",
+    "onConflict",
+    "onPartialFailure",
+    "operationName",
+    "options",
+    "output",
+    "page",
+    "pageSize",
+    "params",
+    "payload",
+    "perUser",
+    "plugins",
+    "prompt",
+    "promptKey",
+    "query",
+    "queryType",
+    "recordId",
+    "ref",
+    "request",
+    "route",
+    "runIf",
+    "saveAs",
+    "scope",
+    "selector",
+    "sort",
+    "source",
+    "step",
+    "strict",
+    "subject",
+    "successWhen",
+    "tags",
+    "temperature",
+    "templateType",
+    "textBody",
+    "thinkingLevel",
+    "timeout",
+    "to",
+    "toUserId",
+    "tool_choice",
+    "tools",
+    "top_p",
+    "type",
+    "user",
+    "userId",
+    "userUlid",
+    "variables",
+    "windowDays",
+    "with",
+    "workflowKey",
+];
+/** Step kinds the server registers (`defaultRegistry`). Unknown kinds skip the per-field check (#998). */
+export const GENERATED_KNOWN_KINDS = [
+    "analytics.query",
+    "analytics.write",
+    "blob.download",
+    "blob.signedUrl",
+    "blob.upload",
+    "collect",
+    "database.aggregate",
+    "database.applyToQuery",
+    "database.count",
+    "database.mutate",
+    "database.pipeline",
+    "database.query",
+    "delay",
+    "document.count",
+    "document.delete",
+    "document.patch",
+    "document.query",
+    "document.queryOne",
+    "document.resolveAlias",
+    "document.save",
+    "email.send",
+    "event.wait",
+    "gemini.countTokens",
+    "gemini.generate",
+    "gemini.generateRaw",
+    "group.addMember",
+    "group.checkMembership",
+    "group.listMembers",
+    "group.listUserMemberships",
+    "group.removeMember",
+    "integration.call",
+    "iterate-users",
+    "llm.chat",
+    "noop",
+    "prompt.execute",
+    "script",
+    "switch",
+    "transform",
+    "workflow.call",
+];
+//# sourceMappingURL=generated-allowlist.js.map

package/dist/src/lib/generated-allowlist.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generated-allowlist.js","sourceRoot":"","sources":["../../../src/lib/generated-allowlist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,2EAA2E;AAC3E,MAAM,CAAC,MAAM,4BAA4B,GAAsB;IAC7D,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,OAAO;IACP,IAAI;IACJ,UAAU;IACV,aAAa;IACb,QAAQ;IACR,UAAU;IACV,UAAU;IACV,WAAW;IACX,iBAAiB;IACjB,OAAO;IACP,aAAa;IACb,UAAU;IACV,SAAS;IACT,eAAe;IACf,aAAa;IACb,SAAS;IACT,iBAAiB;IACjB,QAAQ;IACR,aAAa;IACb,MAAM;IACN,YAAY;IACZ,SAAS;IACT,aAAa;IACb,WAAW;IACX,eAAe;IACf,YAAY;IACZ,QAAQ;IACR,YAAY;IACZ,OAAO;IACP,QAAQ;IACR,kBAAkB;IAClB,SAAS;IACT,UAAU;IACV,QAAQ;IACR,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,UAAU;IACV,IAAI;IACJ,oBAAoB;IACpB,OAAO;IACP,gBAAgB;IAChB,YAAY;IACZ,eAAe;IACf,MAAM;IACN,OAAO;IACP,QAAQ;IACR,UAAU;IACV,UAAU;IACV,SAAS;IACT,UAAU;IACV,SAAS;IACT,OAAO;IACP,WAAW;IACX,eAAe;IACf,IAAI;IACJ,iBAAiB;IACjB,MAAM;IACN,YAAY;IACZ,kBAAkB;IAClB,eAAe;IACf,SAAS;IACT,QAAQ;IACR,MAAM;IACN,UAAU;IACV,QAAQ;IACR,SAAS;IACT,SAAS;IACT,SAAS;IACT,QAAQ;IACR,WAAW;IACX,OAAO;IACP,WAAW;IACX,UAAU;IACV,KAAK;IACL,SAAS;IACT,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;IACP,UAAU;IACV,MAAM;IACN,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,SAAS;IACT,aAAa;IACb,MAAM;IACN,aAAa;IACb,cAAc;IACd,UAAU;IACV,eAAe;IACf,SAAS;IACT,IAAI;IACJ,UAAU;IACV,aAAa;IACb,OAAO;IACP,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,WAAW;IACX,YAAY;IACZ,MAAM;IACN,aAAa;CACd,CAAC;AAEF,0GAA0G;AAC1G,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,iBAAiB;IACjB,iBAAiB;IACjB,eAAe;IACf,gBAAgB;IAChB,aAAa;IACb,SAAS;IACT,oBAAoB;IACpB,uBAAuB;IACvB,gBAAgB;IAChB,iBAAiB;IACjB,mBAAmB;IACnB,gBAAgB;IAChB,OAAO;IACP,gBAAgB;IAChB,iBAAiB;IACjB,gBAAgB;IAChB,gBAAgB;IAChB,mBAAmB;IACnB,uBAAuB;IACvB,eAAe;IACf,YAAY;IACZ,YAAY;IACZ,oBAAoB;IACpB,iBAAiB;IACjB,oBAAoB;IACpB,iBAAiB;IACjB,uBAAuB;IACvB,mBAAmB;IACnB,2BAA2B;IAC3B,oBAAoB;IACpB,kBAAkB;IAClB,eAAe;IACf,UAAU;IACV,MAAM;IACN,gBAAgB;IAChB,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,eAAe;CAChB,CAAC"}

package/dist/src/lib/workflow-toml-validator.d.ts

@@ -1,5 +1,5 @@
 /**
- * Push-time validator for workflow TOML files (issue #685).
+ * Push-time validator for workflow TOML files (issue #685, #998).
  *
  * Detects the common footgun where a user writes `[steps.<id>.<field>]` under
  * an open `[[steps]]` array. TOML parses that as a sub-table on the
@@ -8,23 +8,27 @@
  * unrecognized top-level field — the runtime silently ignores it, and the
  * step then runs with an empty `request` block.
  *
- * The validator walks every step in `tomlData.steps[]` and reports any
- * top-level field not in the universal-and-consumed allowlist. The allowlist
- * is the union of:
- *  - Universal step fields declared on `BaseStepDefinition` in
- *    `src/workflows/runner/types.ts`
- *  - The top-level fields each step runner in `src/workflows/steps/`
- *    actually reads
+ * The validator walks every step in `tomlData.steps[]`. For a step whose
+ * `kind` the CLI KNOWS about, it reports any top-level field not in the
+ * generated allowlist. For an UNKNOWN kind (an old CLI run against a newer
+ * server that registered a step kind the CLI doesn't have), it SKIPS the
+ * per-field allowlist check — but still runs the kind-agnostic
+ * misnested-header footgun detector. This is the #998 fix: the recurring
+ * "newer server kind → false-reject of valid fields" failure (#685/#802/#971
+ * were all false rejections) becomes "unvalidated, not rejected."
  *
- * The list is universal-only (not per-kind) by design: the CLI doesn't know
- * which step kinds exist on a given server version, and a per-kind list
- * would couple the CLI tightly to the runtime. A universal allowlist
- * catches the misnested-header footgun cleanly while staying tolerant of
- * future step kinds that consume top-level fields already in the union.
- *
- * Maintenance: when a new step kind starts reading a new top-level field,
- * add the field name to `ALLOWLISTED_FIELDS` below. See `cli/README.md`
- * for the maintenance note.
+ * ── Source of truth (#998) ───────────────────────────────────────────────
+ * The allowlist field union and the known-kind set are GENERATED from the
+ * server step runners (`src/workflows/steps/*.ts`) and the universal
+ * `BaseStepDefinition` shape into the committed
+ * `cli/src/lib/generated-allowlist.ts` artifact (the CLI does NOT import
+ * server `src/` at runtime — only the build-time generator does). The union is
+ * derived from what each runner READS, not what the `*StepDefinition` TYPE
+ * declares — types over-declare and would weaken the footgun detector. A CI
+ * freshness guard (`gen-allowlist.mjs --check`, also asserted by the #985
+ * drift-guard test) keeps the committed artifact in sync with the runners, so
+ * the hand-edit drift class (#685/#802/#971) cannot recur for the same-version
+ * case. Regenerate with `node cli/scripts/gen-allowlist.mjs`.
  */
 /**
  * Read-only view of `ALLOWLISTED_FIELDS` for the drift-guard test (#985).
@@ -36,6 +40,11 @@
  * the public validator API; consumed only by the guard.
  */
 export declare const ALLOWLISTED_FIELDS_FOR_DRIFT_GUARD: ReadonlySet<string>;
+/**
+ * Read-only view of `KNOWN_KINDS` for the drift-guard test (#998). Lets the
+ * guard assert the generated known-kind set matches a fresh scan.
+ */
+export declare const KNOWN_KINDS_FOR_DRIFT_GUARD: ReadonlySet<string>;
 /**
  * A single offending field on a step.
  *

package/dist/src/lib/workflow-toml-validator.js

@@ -1,5 +1,5 @@
 /**
- * Push-time validator for workflow TOML files (issue #685).
+ * Push-time validator for workflow TOML files (issue #685, #998).
  *
  * Detects the common footgun where a user writes `[steps.<id>.<field>]` under
  * an open `[[steps]]` array. TOML parses that as a sub-table on the
@@ -8,149 +8,40 @@
  * unrecognized top-level field — the runtime silently ignores it, and the
  * step then runs with an empty `request` block.
  *
- * The validator walks every step in `tomlData.steps[]` and reports any
- * top-level field not in the universal-and-consumed allowlist. The allowlist
- * is the union of:
- *  - Universal step fields declared on `BaseStepDefinition` in
- *    `src/workflows/runner/types.ts`
- *  - The top-level fields each step runner in `src/workflows/steps/`
- *    actually reads
+ * The validator walks every step in `tomlData.steps[]`. For a step whose
+ * `kind` the CLI KNOWS about, it reports any top-level field not in the
+ * generated allowlist. For an UNKNOWN kind (an old CLI run against a newer
+ * server that registered a step kind the CLI doesn't have), it SKIPS the
+ * per-field allowlist check — but still runs the kind-agnostic
+ * misnested-header footgun detector. This is the #998 fix: the recurring
+ * "newer server kind → false-reject of valid fields" failure (#685/#802/#971
+ * were all false rejections) becomes "unvalidated, not rejected."
  *
- * The list is universal-only (not per-kind) by design: the CLI doesn't know
- * which step kinds exist on a given server version, and a per-kind list
- * would couple the CLI tightly to the runtime. A universal allowlist
- * catches the misnested-header footgun cleanly while staying tolerant of
- * future step kinds that consume top-level fields already in the union.
- *
- * Maintenance: when a new step kind starts reading a new top-level field,
- * add the field name to `ALLOWLISTED_FIELDS` below. See `cli/README.md`
- * for the maintenance note.
+ * ── Source of truth (#998) ───────────────────────────────────────────────
+ * The allowlist field union and the known-kind set are GENERATED from the
+ * server step runners (`src/workflows/steps/*.ts`) and the universal
+ * `BaseStepDefinition` shape into the committed
+ * `cli/src/lib/generated-allowlist.ts` artifact (the CLI does NOT import
+ * server `src/` at runtime — only the build-time generator does). The union is
+ * derived from what each runner READS, not what the `*StepDefinition` TYPE
+ * declares — types over-declare and would weaken the footgun detector. A CI
+ * freshness guard (`gen-allowlist.mjs --check`, also asserted by the #985
+ * drift-guard test) keeps the committed artifact in sync with the runners, so
+ * the hand-edit drift class (#685/#802/#971) cannot recur for the same-version
+ * case. Regenerate with `node cli/scripts/gen-allowlist.mjs`.
  */
+import { GENERATED_ALLOWLISTED_FIELDS, GENERATED_KNOWN_KINDS, } from "./generated-allowlist.js";
 /**
- * Universal-only allowlist of top-level fields permitted on a step.
- *
- * Membership combines:
- *  1) Universal fields on `BaseStepDefinition` in
- *     `src/workflows/runner/types.ts` and the runner engine's reads of
- *     `stepDef.*`.
- *  2) The union of top-level fields actually consumed by step runners in
- *     `src/workflows/steps/` (audited 2026-05-15).
- *
- * Keep this sorted to make diffs reviewable.
+ * Universal-and-consumed allowlist of top-level fields permitted on a step
+ * (known kinds). Generated from the runners; see header.
  */
-const ALLOWLISTED_FIELDS = new Set([
-    // Universal (BaseStepDefinition + engine).
-    "as",
-    "concurrency",
-    "continueOnError",
-    "description",
-    "forEach",
-    "id",
-    "kind",
-    "maxItems",
-    "name",
-    "runIf",
-    "saveAs",
-    "selector",
-    "strict",
-    "successWhen",
-    "timeout",
-    // Per-kind, union across runners.
-    "_testSteps", // workflow.call test-mode override
-    "action",
-    "appId",
-    "asBase64",
-    "attachments",
-    "blobId",
-    "bodyMode",
-    "bucketId",
-    "bucketKey",
-    "cacheTtlSeconds",
-    "cases", // switch: array of { when, output } (#802)
-    "configId",
-    "content",
-    "contentBase64",
-    "contentType",
-    "context",
-    "cursor",
-    "cursorField",
-    "data", // document.save/patch: record fields to write (#948 / #985)
-    "databaseId",
-    "default", // switch: { output } fallback branch (#802)
-    "direction",
-    "documentId", // document.*: target document id (#948 / #985)
-    "dryRun",
-    "durationMs",
-    "email",
-    "events",
-    "expiresInSeconds",
-    "feature",
-    "filename",
-    "filter", // document.query/queryOne/count: record filter (#948 / #985)
-    "filters",
-    "groupBy",
-    "groupId",
-    "groupType",
-    "htmlBody",
-    "includeUserDetails",
-    "input",
-    "integrationKey",
-    "iterationName", // iterate-users: required iteration name (#971)
-    "itemsField",
-    "limit",
-    "limits", // script: per-step runtime caps (lower-only-clamp; #783)
-    "maxPages",
-    "message",
-    "messages",
-    "metrics",
-    "model",
-    "modelName", // document.*: document model name to operate on (#948 / #985)
-    "modelOverride",
-    "ms",
-    "multipartFields",
-    "onConflict", // iterate-users: "skip" | "refuse" on singleton lock conflict (#971)
-    "onPartialFailure",
-    "operationName",
-    "options", // document.query/queryOne: query options (limit/sort/etc.) (#948 / #985)
-    "output",
-    "page",
-    "pageSize", // iterate-users: user-page size (#971)
-    "params",
-    "payload",
-    "perUser", // iterate-users: per-user child workflow descriptor (#971)
-    "plugins",
-    "prompt",
-    "promptKey",
-    "query",
-    "queryType",
-    "recordId", // document.save/patch/delete: target record id (#948 / #985)
-    "ref", // script: named reference to a Script (resolved at publish time; #783)
-    "request",
-    "route",
-    "runs",
-    "sort",
-    "source", // iterate-users: user-source descriptor ({ mode }) (#971)
-    "step", // collect: nested inner step definition
-    "subject",
-    "tags",
-    "temperature",
-    "templateType",
-    "textBody",
-    "thinkingLevel",
-    "to",
-    "tools",
-    "tool_choice",
-    "top_p",
-    "toUserId",
-    "type",
-    "user",
-    "userId",
-    "userUlid",
-    "variables",
-    "windowDays",
-    "with", // script: input context for the script (whole `with:` block; #783)
-    "workflowKey",
-]);
+const ALLOWLISTED_FIELDS = new Set(GENERATED_ALLOWLISTED_FIELDS);
+/**
+ * The set of step kinds the CLI knows about (the server's registered kinds at
+ * generation time). A step whose `kind` is NOT in this set has its per-field
+ * allowlist check skipped — the kind-agnostic footgun detector still runs.
+ */
+const KNOWN_KINDS = new Set(GENERATED_KNOWN_KINDS);
 /**
  * Read-only view of `ALLOWLISTED_FIELDS` for the drift-guard test (#985).
  *
@@ -161,6 +52,11 @@ const ALLOWLISTED_FIELDS = new Set([
  * the public validator API; consumed only by the guard.
  */
 export const ALLOWLISTED_FIELDS_FOR_DRIFT_GUARD = ALLOWLISTED_FIELDS;
+/**
+ * Read-only view of `KNOWN_KINDS` for the drift-guard test (#998). Lets the
+ * guard assert the generated known-kind set matches a fresh scan.
+ */
+export const KNOWN_KINDS_FOR_DRIFT_GUARD = KNOWN_KINDS;
 /**
  * Walk a parsed workflow TOML document and return all unknown-field errors.
  *
@@ -249,6 +145,17 @@ export function validateWorkflowToml(tomlData) {
  */
 function validateStepObject(step, stepIndex, parentStepId, errors) {
     const stepId = typeof step.id === "string" ? step.id : null;
+    // #998: kind-membership branch. The CLI ships independently and may run
+    // against a NEWER server that registered a step kind the CLI's generated
+    // known-kind set doesn't have. For such an UNKNOWN kind we skip the
+    // per-field allowlist check (so a valid new-kind field is never falsely
+    // rejected — the recurring #685/#802/#971 failure) while STILL running the
+    // kind-agnostic misnested-header footgun detector below. For a KNOWN kind
+    // the full allowlist check applies as before. A missing/non-string `kind`
+    // is treated as known so the legacy strict check still catches obviously
+    // malformed steps (the runtime would reject a kindless step anyway).
+    const kind = typeof step.kind === "string" ? step.kind : null;
+    const isKnownKind = kind === null || KNOWN_KINDS.has(kind);
     for (const key of Object.keys(step)) {
         const value = step[key];
         // Codex finding 1 (PR #762, 2026-05-15): self-id misnesting must be
@@ -279,7 +186,11 @@ function validateStepObject(step, stepIndex, parentStepId, errors) {
             typeof value === "object" &&
             !Array.isArray(value) &&
             !isSwitchFallbackField;
-        if (!isSelfIdMisnest && ALLOWLISTED_FIELDS.has(key))
+        // Known kind → full allowlist check (an allowlisted field passes).
+        // Unknown kind → skip the per-field allowlist check entirely: only the
+        // structural footgun (self-id misnest) below can flag a field. The
+        // footgun check is kind-agnostic, so it fires on every step regardless.
+        if (!isSelfIdMisnest && (!isKnownKind || ALLOWLISTED_FIELDS.has(key)))
             continue;
         // Two failure modes are common enough to call out specifically in
         // the hint:

package/dist/src/lib/workflow-toml-validator.js.map

@@ -1 +1 @@
-{"version":3,"file":"workflow-toml-validator.js","sourceRoot":"","sources":["../../../src/lib/workflow-toml-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH;;;;;;;;;;;GAWG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAS;IACzC,2CAA2C;IAC3C,IAAI;IACJ,aAAa;IACb,iBAAiB;IACjB,aAAa;IACb,SAAS;IACT,IAAI;IACJ,MAAM;IACN,UAAU;IACV,MAAM;IACN,OAAO;IACP,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,aAAa;IACb,SAAS;IACT,kCAAkC;IAClC,YAAY,EAAE,mCAAmC;IACjD,QAAQ;IACR,OAAO;IACP,UAAU;IACV,aAAa;IACb,QAAQ;IACR,UAAU;IACV,UAAU;IACV,WAAW;IACX,iBAAiB;IACjB,OAAO,EAAE,2CAA2C;IACpD,UAAU;IACV,SAAS;IACT,eAAe;IACf,aAAa;IACb,SAAS;IACT,QAAQ;IACR,aAAa;IACb,MAAM,EAAE,4DAA4D;IACpE,YAAY;IACZ,SAAS,EAAE,4CAA4C;IACvD,WAAW;IACX,YAAY,EAAE,+CAA+C;IAC7D,QAAQ;IACR,YAAY;IACZ,OAAO;IACP,QAAQ;IACR,kBAAkB;IAClB,SAAS;IACT,UAAU;IACV,QAAQ,EAAE,6DAA6D;IACvE,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,UAAU;IACV,oBAAoB;IACpB,OAAO;IACP,gBAAgB;IAChB,eAAe,EAAE,gDAAgD;IACjE,YAAY;IACZ,OAAO;IACP,QAAQ,EAAE,yDAAyD;IACnE,UAAU;IACV,SAAS;IACT,UAAU;IACV,SAAS;IACT,OAAO;IACP,WAAW,EAAE,8DAA8D;IAC3E,eAAe;IACf,IAAI;IACJ,iBAAiB;IACjB,YAAY,EAAE,qEAAqE;IACnF,kBAAkB;IAClB,eAAe;IACf,SAAS,EAAE,yEAAyE;IACpF,QAAQ;IACR,MAAM;IACN,UAAU,EAAE,uCAAuC;IACnD,QAAQ;IACR,SAAS;IACT,SAAS,EAAE,2DAA2D;IACtE,SAAS;IACT,QAAQ;IACR,WAAW;IACX,OAAO;IACP,WAAW;IACX,UAAU,EAAE,6DAA6D;IACzE,KAAK,EAAE,uEAAuE;IAC9E,SAAS;IACT,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ,EAAE,0DAA0D;IACpE,MAAM,EAAE,wCAAwC;IAChD,SAAS;IACT,MAAM;IACN,aAAa;IACb,cAAc;IACd,UAAU;IACV,eAAe;IACf,IAAI;IACJ,OAAO;IACP,aAAa;IACb,OAAO;IACP,UAAU;IACV,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,WAAW;IACX,YAAY;IACZ,MAAM,EAAE,mEAAmE;IAC3E,aAAa;CACd,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,kCAAkC,GAC7C,kBAAkB,CAAC;AA4BrB;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAa;IAChD,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,IAAI,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAChD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;IAE7B,kEAAkE;IAClE,kEAAkE;IAClE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAC1C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,wEAAwE;IACxE,qEAAqE;IACrE,wEAAwE;IACxE,oCAAoC;IACpC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC,CAAC;gBACb,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EACF,sJAAsJ;aACzJ,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC,CAAC;gBACb,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EAAE,oEAAoE,OAAO,KAAK,IAAI;aAC3F,CAAC,CAAC;QACL,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,yEAAyE;QACzE,qEAAqE;QACrE,qEAAqE;QACrE,eAAe;QACf,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACrE,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC;gBACZ,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,gBAAgB;gBACvB,IAAI,EAAE,mDACJ,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,IAClE,GAAG;aACJ,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,kBAAkB,CAAC,IAAI,EAAE,CAAC,EAAE,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAE7D,mEAAmE;QACnE,mEAAmE;QACnE,mEAAmE;QACnE,mEAAmE;QACnE,gEAAgE;QAChE,mEAAmE;QACnE,iEAAiE;QACjE,oEAAoE;QACpE,mEAAmE;QACnE,2CAA2C;QAC3C,IACE,IAAI,CAAC,IAAI,KAAK,SAAS;YACvB,IAAI,CAAC,IAAI,KAAK,IAAI;YAClB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EACzB,CAAC;YACD,MAAM,WAAW,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACjE,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,kBAAkB,CACzB,IAAS,EACT,SAAiB,EACjB,YAA2B,EAC3B,MAA2B;IAE3B,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAE5D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QAExB,oEAAoE;QACpE,qEAAqE;QACrE,wDAAwD;QACxD,6DAA6D;QAC7D,sEAAsE;QACtE,qEAAqE;QACrE,sEAAsE;QACtE,gEAAgE;QAChE,kEAAkE;QAClE,iDAAiD;QACjD,EAAE;QACF,wEAAwE;QACxE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,uEAAuE;QACvE,sEAAsE;QACtE,sEAAsE;QACtE,wEAAwE;QACxE,sEAAsE;QACtE,MAAM,qBAAqB,GACzB,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,SAAS,CAAC,CAAC;QACnE,MAAM,eAAe,GACnB,MAAM,KAAK,IAAI;YACf,GAAG,KAAK,MAAM;YACd,KAAK,KAAK,IAAI;YACd,OAAO,KAAK,KAAK,QAAQ;YACzB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YACrB,CAAC,qBAAqB,CAAC;QAEzB,IAAI,CAAC,eAAe,IAAI,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAE9D,kEAAkE;QAClE,YAAY;QACZ,EAAE;QACF,gEAAgE;QAChE,+DAA+D;QAC/D,gEAAgE;QAChE,+DAA+D;QAC/D,gEAAgE;QAChE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,sEAAsE;QACtE,IAAI,IAAY,CAAC;QACjB,IAAI,MAAM,KAAK,IAAI,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACtC,MAAM,MAAM,GACV,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;gBACzD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACvB,CAAC,CAAC,IAAI,CAAC;YACX,MAAM,UAAU,GAAG,MAAM,IAAI,SAAS,CAAC;YACvC,IAAI;gBACF,4CAA4C,MAAM,IAAI,UAAU,uBAAuB,UAAU,KAAK;oBACtG,0DAA0D,UAAU,qCAAqC,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,IAAI;gBACF,KAAK,GAAG,qCAAqC;oBAC7C,wEAAwE,GAAG,mEAAmE,GAAG,IAAI,CAAC;QAC1J,CAAC;QAED,MAAM,CAAC,IAAI,CAAC;YACV,SAAS;YACT,MAAM;YACN,KAAK,EAAE,GAAG;YACV,IAAI;YACJ,YAAY;SACb,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,wBAAwB,CACtC,QAAgB,EAChB,MAA2B;IAE3B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEnC,MAAM,KAAK,GAAa,CAAC,YAAY,QAAQ,GAAG,CAAC,CAAC;IAElD,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,CAAC,KAAK,KAAK,iBAAiB,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QACD,IAAI,GAAG,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,SAAS,mBAAmB,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAClE,SAAS;QACX,CAAC;QAED,wEAAwE;QACxE,uEAAuE;QACvE,mEAAmE;QACnE,qEAAqE;QACrE,uEAAuE;QACvE,EAAE;QACF,2EAA2E;QAC3E,0EAA0E;QAC1E,sEAAsE;QACtE,2EAA2E;QAC3E,0EAA0E;QAC1E,yEAAyE;QACzE,yEAAyE;QACzE,4BAA4B;QAC5B,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC;QAC7C,MAAM,IAAI,GAAG,WAAW;YACtB,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,QAAQ;YAChC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,MAAM,UAAU,GACd,WAAW,IAAI,GAAG,CAAC,YAAY;YAC7B,CAAC,CAAC,6BAA6B,GAAG,CAAC,YAAY,IAAI;YACnD,CAAC,CAAC,WAAW;gBACb,CAAC,CAAC,wBAAwB;gBAC1B,CAAC,CAAC,EAAE,CAAC;QACT,KAAK,CAAC,IAAI,CACR,KAAK,IAAI,GAAG,MAAM,GAAG,UAAU,uBAAuB,GAAG,CAAC,KAAK,IAAI,CACpE,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
+{"version":3,"file":"workflow-toml-validator.js","sourceRoot":"","sources":["../../../src/lib/workflow-toml-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EACL,4BAA4B,EAC5B,qBAAqB,GACtB,MAAM,0BAA0B,CAAC;AAElC;;;GAGG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAS,4BAA4B,CAAC,CAAC;AAEzE;;;;GAIG;AACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAS,qBAAqB,CAAC,CAAC;AAE3D;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,kCAAkC,GAC7C,kBAAkB,CAAC;AAErB;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAwB,WAAW,CAAC;AA4B5E;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAa;IAChD,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,IAAI,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAChD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;IAE7B,kEAAkE;IAClE,kEAAkE;IAClE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAC1C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,wEAAwE;IACxE,qEAAqE;IACrE,wEAAwE;IACxE,oCAAoC;IACpC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC,CAAC;gBACb,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EACF,sJAAsJ;aACzJ,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC,CAAC;gBACb,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EAAE,oEAAoE,OAAO,KAAK,IAAI;aAC3F,CAAC,CAAC;QACL,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,yEAAyE;QACzE,qEAAqE;QACrE,qEAAqE;QACrE,eAAe;QACf,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACrE,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC;gBACZ,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,gBAAgB;gBACvB,IAAI,EAAE,mDACJ,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,IAClE,GAAG;aACJ,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,kBAAkB,CAAC,IAAI,EAAE,CAAC,EAAE,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAE7D,mEAAmE;QACnE,mEAAmE;QACnE,mEAAmE;QACnE,mEAAmE;QACnE,gEAAgE;QAChE,mEAAmE;QACnE,iEAAiE;QACjE,oEAAoE;QACpE,mEAAmE;QACnE,2CAA2C;QAC3C,IACE,IAAI,CAAC,IAAI,KAAK,SAAS;YACvB,IAAI,CAAC,IAAI,KAAK,IAAI;YAClB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC7B,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EACzB,CAAC;YACD,MAAM,WAAW,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACjE,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,kBAAkB,CACzB,IAAS,EACT,SAAiB,EACjB,YAA2B,EAC3B,MAA2B;IAE3B,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAE5D,wEAAwE;IACxE,yEAAyE;IACzE,oEAAoE;IACpE,wEAAwE;IACxE,2EAA2E;IAC3E,0EAA0E;IAC1E,0EAA0E;IAC1E,yEAAyE;IACzE,qEAAqE;IACrE,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,MAAM,WAAW,GAAG,IAAI,KAAK,IAAI,IAAI,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAE3D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QAExB,oEAAoE;QACpE,qEAAqE;QACrE,wDAAwD;QACxD,6DAA6D;QAC7D,sEAAsE;QACtE,qEAAqE;QACrE,sEAAsE;QACtE,gEAAgE;QAChE,kEAAkE;QAClE,iDAAiD;QACjD,EAAE;QACF,wEAAwE;QACxE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,uEAAuE;QACvE,sEAAsE;QACtE,sEAAsE;QACtE,wEAAwE;QACxE,sEAAsE;QACtE,MAAM,qBAAqB,GACzB,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,SAAS,CAAC,CAAC;QACnE,MAAM,eAAe,GACnB,MAAM,KAAK,IAAI;YACf,GAAG,KAAK,MAAM;YACd,KAAK,KAAK,IAAI;YACd,OAAO,KAAK,KAAK,QAAQ;YACzB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YACrB,CAAC,qBAAqB,CAAC;QAEzB,mEAAmE;QACnE,uEAAuE;QACvE,mEAAmE;QACnE,wEAAwE;QACxE,IAAI,CAAC,eAAe,IAAI,CAAC,CAAC,WAAW,IAAI,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACnE,SAAS;QAEX,kEAAkE;QAClE,YAAY;QACZ,EAAE;QACF,gEAAgE;QAChE,+DAA+D;QAC/D,gEAAgE;QAChE,+DAA+D;QAC/D,gEAAgE;QAChE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,sEAAsE;QACtE,IAAI,IAAY,CAAC;QACjB,IAAI,MAAM,KAAK,IAAI,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACtC,MAAM,MAAM,GACV,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;gBACzD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACvB,CAAC,CAAC,IAAI,CAAC;YACX,MAAM,UAAU,GAAG,MAAM,IAAI,SAAS,CAAC;YACvC,IAAI;gBACF,4CAA4C,MAAM,IAAI,UAAU,uBAAuB,UAAU,KAAK;oBACtG,0DAA0D,UAAU,qCAAqC,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,IAAI;gBACF,KAAK,GAAG,qCAAqC;oBAC7C,wEAAwE,GAAG,mEAAmE,GAAG,IAAI,CAAC;QAC1J,CAAC;QAED,MAAM,CAAC,IAAI,CAAC;YACV,SAAS;YACT,MAAM;YACN,KAAK,EAAE,GAAG;YACV,IAAI;YACJ,YAAY;SACb,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,wBAAwB,CACtC,QAAgB,EAChB,MAA2B;IAE3B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEnC,MAAM,KAAK,GAAa,CAAC,YAAY,QAAQ,GAAG,CAAC,CAAC;IAElD,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,CAAC,KAAK,KAAK,iBAAiB,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QACD,IAAI,GAAG,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,SAAS,mBAAmB,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAClE,SAAS;QACX,CAAC;QAED,wEAAwE;QACxE,uEAAuE;QACvE,mEAAmE;QACnE,qEAAqE;QACrE,uEAAuE;QACvE,EAAE;QACF,2EAA2E;QAC3E,0EAA0E;QAC1E,sEAAsE;QACtE,2EAA2E;QAC3E,0EAA0E;QAC1E,yEAAyE;QACzE,yEAAyE;QACzE,4BAA4B;QAC5B,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC;QAC7C,MAAM,IAAI,GAAG,WAAW;YACtB,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,QAAQ;YAChC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,MAAM,UAAU,GACd,WAAW,IAAI,GAAG,CAAC,YAAY;YAC7B,CAAC,CAAC,6BAA6B,GAAG,CAAC,YAAY,IAAI;YACnD,CAAC,CAAC,WAAW;gBACb,CAAC,CAAC,wBAAwB;gBAC1B,CAAC,CAAC,EAAE,CAAC;QACT,KAAK,CAAC,IAAI,CACR,KAAK,IAAI,GAAG,MAAM,GAAG,UAAU,uBAAuB,GAAG,CAAC,KAAK,IAAI,CACpE,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "primitive-admin",
-  "version": "1.0.50",
+  "version": "1.0.51",
   "description": "CLI for administering Primitive applications",
   "type": "module",
   "bin": {
@@ -18,6 +18,9 @@
     "README.md"
   ],
   "scripts": {
+    "gen:allowlist": "node scripts/gen-allowlist.mjs",
+    "gen:allowlist:check": "node scripts/gen-allowlist.mjs --check",
+    "prebuild": "node scripts/gen-allowlist.mjs",
     "build": "tsc",
     "typecheck": "tsc --noEmit",
     "prepublishOnly": "pnpm run build",