sh3-server 0.19.6 → 0.20.2

package/dist/doc-store/store.js

@@ -6,8 +6,8 @@
  * conflict bucket on Mode B mismatch. Consumed by the docs HTTP router
  * and by the ServerShardContext.documents(tenant) API.
  */
-import { readFile, writeFile, mkdir, rm, readdir, stat, rename as fsRename } from 'node:fs/promises';
-import { readdirSync, existsSync } from 'node:fs';
+import { readFile, writeFile, mkdir, rm, rmdir as fsRmdir, readdir, stat, rename as fsRename } from 'node:fs/promises';
+import { readdirSync, existsSync, statSync } from 'node:fs';
 import { dirname, join, relative } from 'node:path';
 import { resolveSyncMode } from './policy.js';
 import { filterReservedMeta } from './reserved.js';
@@ -18,15 +18,25 @@ export class TenantDocStore {
     #tick;
     roles;
     #conflicts;
+    #mountResolver;
     constructor(deps) {
         this.#dataDir = deps.dataDir;
         this.#policy = deps.policy;
         this.#tick = deps.tick;
         this.roles = deps.roles;
         this.#conflicts = deps.conflicts;
+        this.#mountResolver = deps.mountResolver;
     }
     /** Root filesystem directory this store reads/writes under. */
     get dataDir() { return this.#dataDir; }
+    /** Set the mount resolver after construction (used when the resolver is created after the store). */
+    setMountResolver(resolver) {
+        this.#mountResolver = resolver;
+    }
+    /** Mount resolver wired by setMountResolver, or undefined when running without the mount system. */
+    get mountResolver() {
+        return this.#mountResolver;
+    }
     /** Synchronous tenant enumeration for shard-ctx's `tenants()` entry point. */
     listTenantsSync() {
         const root = join(this.#dataDir, 'docs');
@@ -61,8 +71,27 @@ export class TenantDocStore {
     #contentPath(tenant, shardId, path) {
         return join(this.#dataDir, 'docs', tenant, shardId, path);
     }
+    #isMountPath(shardId) {
+        return shardId === 'mounts' && this.#mountResolver !== undefined;
+    }
+    #resolveMountPath(tenant, path) {
+        const resolved = this.#mountResolver.resolve(tenant, path);
+        if (resolved.kind === 'mount')
+            return resolved.realPath;
+        throw new Error(resolved.kind === 'mount-unresolved' ? resolved.error : 'Invalid mount path');
+    }
     // ---------- reads ----------
     async read(tenant, shardId, path) {
+        if (this.#isMountPath(shardId)) {
+            try {
+                return await readFile(this.#resolveMountPath(tenant, path), 'utf-8');
+            }
+            catch (err) {
+                if (err?.code === 'ENOENT')
+                    return null;
+                throw err;
+            }
+        }
         try {
             return await readFile(this.#contentPath(tenant, shardId, path), 'utf-8');
         }
@@ -76,6 +105,15 @@ export class TenantDocStore {
         return readMeta(this.#dataDir, tenant, shardId, path);
     }
     async exists(tenant, shardId, path) {
+        if (this.#isMountPath(shardId)) {
+            try {
+                await stat(this.#resolveMountPath(tenant, path));
+                return true;
+            }
+            catch {
+                return false;
+            }
+        }
         try {
             await stat(this.#contentPath(tenant, shardId, path));
             return true;
@@ -85,6 +123,29 @@ export class TenantDocStore {
         }
     }
     async list(tenant, shardId) {
+        if (this.#isMountPath(shardId)) {
+            const mountIds = this.#mountResolver.listTenantMountIds(tenant);
+            const result = [];
+            for (const mountId of mountIds) {
+                const mount = this.#mountResolver.getMount(mountId);
+                if (!mount)
+                    continue;
+                try {
+                    const entries = readdirSync(mount.path, { withFileTypes: true });
+                    for (const e of entries) {
+                        const full = join(mount.path, e.name);
+                        const s = statSync(full);
+                        result.push({
+                            path: `mounts/${mountId}/${e.name}`,
+                            size: s.size,
+                            lastModified: s.mtimeMs,
+                        });
+                    }
+                }
+                catch { /* mount path not available, skip */ }
+            }
+            return result;
+        }
         const root = join(this.#dataDir, 'docs', tenant, shardId);
         return this.#enumerate(root, root, tenant, shardId);
     }
@@ -97,7 +158,7 @@ export class TenantDocStore {
         }
         catch (err) {
             if (err?.code === 'ENOENT')
-                return [];
+                entries = [];
             throw err;
         }
         for (const e of entries) {
@@ -110,6 +171,29 @@ export class TenantDocStore {
                 out.push({ ...m, shardId: e.name });
             }
         }
+        // Append mount entries
+        if (this.#mountResolver) {
+            const mountIds = this.#mountResolver.listTenantMountIds(tenant);
+            for (const mountId of mountIds) {
+                const mount = this.#mountResolver.getMount(mountId);
+                if (!mount)
+                    continue;
+                try {
+                    const entries = readdirSync(mount.path, { withFileTypes: true });
+                    for (const e of entries) {
+                        const full = join(mount.path, e.name);
+                        const s = statSync(full);
+                        out.push({
+                            shardId: 'mounts',
+                            path: `mounts/${mountId}/${e.name}`,
+                            size: s.size,
+                            lastModified: s.mtimeMs,
+                        });
+                    }
+                }
+                catch { /* skip unavailable mount */ }
+            }
+        }
         return out;
     }
     async #enumerate(current, base, tenant, shardId) {
@@ -153,6 +237,12 @@ export class TenantDocStore {
     }
     // ---------- Mode A write ----------
     async write(tenant, shardId, path, content, metadata) {
+        if (this.#isMountPath(shardId)) {
+            const realPath = this.#resolveMountPath(tenant, path);
+            await mkdir(dirname(realPath), { recursive: true });
+            await writeFile(realPath, content);
+            return { version: 1, syncState: 'synced' };
+        }
         const role = this.roles.get(tenant);
         const policy = await this.#policy.get(tenant);
         const syncMode = resolveSyncMode(policy, path);
@@ -192,6 +282,16 @@ export class TenantDocStore {
     }
     // ---------- Mode A delete ----------
     async delete(tenant, shardId, path) {
+        if (this.#isMountPath(shardId)) {
+            try {
+                await rm(this.#resolveMountPath(tenant, path));
+            }
+            catch (err) {
+                if (err?.code !== 'ENOENT')
+                    throw err;
+            }
+            return;
+        }
         const role = this.roles.get(tenant);
         const prev = await readMeta(this.#dataDir, tenant, shardId, path);
         const prevKnown = typeof prev?.lastKnownVersion === 'number' ? prev.lastKnownVersion : 0;
@@ -227,6 +327,13 @@ export class TenantDocStore {
     }
     // ---------- Mode A rename ----------
     async rename(tenant, shardId, oldPath, newPath) {
+        if (this.#isMountPath(shardId)) {
+            const oldReal = this.#resolveMountPath(tenant, oldPath);
+            const newReal = this.#resolveMountPath(tenant, newPath);
+            await mkdir(dirname(newReal), { recursive: true });
+            await fsRename(oldReal, newReal);
+            return;
+        }
         const oldCp = this.#contentPath(tenant, shardId, oldPath);
         const newCp = this.#contentPath(tenant, shardId, newPath);
         if (!(await this.exists(tenant, shardId, oldPath))) {
@@ -269,6 +376,68 @@ export class TenantDocStore {
         if (role === 'primary')
             await this.#tick.bump(tenant);
     }
+    // ---------- Folder ops ----------
+    async mkdir(tenant, shardId, path) {
+        const abs = this.#contentPath(tenant, shardId, path);
+        if (existsSync(abs)) {
+            const st = statSync(abs);
+            if (st.isFile()) {
+                throw new Error(`Cannot mkdir ${path}: a document occupies this path`);
+            }
+            return;
+        }
+        await mkdir(abs, { recursive: true });
+    }
+    async rmdir(tenant, shardId, path, opts) {
+        const abs = this.#contentPath(tenant, shardId, path);
+        if (!existsSync(abs))
+            return;
+        if (!opts.recursive) {
+            const entries = await readdir(abs);
+            if (entries.length > 0) {
+                throw new Error(`Cannot rmdir ${path}: folder is not empty`);
+            }
+        }
+        if (opts.recursive) {
+            await rm(abs, { recursive: true, force: true });
+        }
+        else {
+            await fsRmdir(abs);
+        }
+    }
+    async renameFolder(tenant, shardId, oldPath, newPath) {
+        const oldAbs = this.#contentPath(tenant, shardId, oldPath);
+        const newAbs = this.#contentPath(tenant, shardId, newPath);
+        if (!existsSync(oldAbs)) {
+            throw new Error(`Cannot rename folder ${oldPath}: does not exist`);
+        }
+        if (existsSync(newAbs)) {
+            throw new Error(`Cannot rename folder to ${newPath}: already exists`);
+        }
+        await mkdir(dirname(newAbs), { recursive: true });
+        await fsRename(oldAbs, newAbs);
+        // Migrate meta sidecars: they live at {dataDir}/docs/{tenant}/__meta__/{shardId}/{docPath}.meta.json
+        // which is outside the content folder, so fs.rename above doesn't move them.
+        const metaRoot = join(this.#dataDir, 'docs', tenant, '__meta__', shardId);
+        const oldMetaDir = join(metaRoot, oldPath);
+        if (existsSync(oldMetaDir)) {
+            const newMetaDir = join(metaRoot, newPath);
+            await mkdir(dirname(newMetaDir), { recursive: true });
+            await fsRename(oldMetaDir, newMetaDir);
+        }
+    }
+    async listFolders(tenant, shardId, prefix) {
+        const abs = prefix
+            ? this.#contentPath(tenant, shardId, prefix)
+            : join(this.#dataDir, 'docs', tenant, shardId);
+        if (!existsSync(abs))
+            return [];
+        const entries = await readdir(abs, { withFileTypes: true });
+        return entries
+            .filter((e) => e.isDirectory())
+            .map((e) => e.name)
+            .sort();
+    }
     // ---------- Mode B — applyFromPeer ----------
     /**
      * Apply a document version received from a peer.

package/dist/index.d.ts

@@ -17,8 +17,11 @@ export interface ServerOptions {
     dataDir?: string;
     /** Directory containing the built SH3 frontend. Default: './dist' */
     distDir?: string;
-    /** Disable auth enforcement (for Tauri sidecar / local-owner mode). */
-    noAuth?: boolean;
+    /**
+     * Desktop sidecar mode. Persists a synthetic `local` admin user and lets
+     * /api/boot auto-mint sessions for it. Replaces the legacy noAuth flag.
+     */
+    localMode?: boolean;
 }
 export declare function createServer(options?: ServerOptions): Promise<{
     app: Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;

package/dist/index.js

@@ -35,6 +35,8 @@ import { ShardRouter, adminOnly } from './shard-router.js';
 import { scopeRequired, requireCallerScope } from './scope.js';
 import { registerTenantFsRoutes } from './tenant-fs/index.js';
 import shellShardServer from './shell-shard/index.js';
+import { MountStore } from './mounts/store.js';
+import { MountedPathResolver } from './mounts/resolver.js';
 export async function createServer(options = {}) {
     const port = options.port ?? 3000;
     const dataDir = options.dataDir ?? './data';
@@ -53,9 +55,17 @@ export async function createServer(options = {}) {
     const users = new UserStore(dataDir);
     const settings = new SettingsStore(dataDir);
     const projects = new ProjectStore(dataDir);
-    // --no-auth: disable auth enforcement (Tauri sidecar / local-owner mode)
-    if (options.noAuth) {
-        settings.update({ auth: { required: false, guestAllowed: true } });
+    // Mount system
+    const mountStore = new MountStore(dataDir);
+    const mountResolver = new MountedPathResolver(mountStore);
+    // --local: bootstrap the synthetic owner so guards see a real admin session.
+    if (options.localMode) {
+        users.upsertSynthetic({
+            id: 'local',
+            username: 'local',
+            displayName: 'Local Owner',
+            role: 'admin',
+        });
     }
     const sessions = new SessionStore(settings.get().auth.sessionTTL);
     const app = new Hono();
@@ -113,16 +123,16 @@ export async function createServer(options = {}) {
     }
     app.get('/api/version', (c) => c.json({ version: serverVersion }));
     // Boot config
-    app.route('/api/boot', createBootRouter(sessions, users, settings, serverVersion));
+    app.route('/api/boot', createBootRouter(sessions, users, settings, serverVersion, options.localMode ?? false));
     // Auth endpoints (login, logout, register, verify)
     app.route('/api/auth', createAuthRouter(keys, users, sessions, settings));
     // --- Session-gated routes ---
-    app.use('/api/*', sessionAuth(sessions, settings, keys));
+    app.use('/api/*', sessionAuth(sessions, keys));
     app.use('/api/*', resolveCaller(keys, projects));
     // Document backend API — gated by sessionAuth + resolveCaller (mounted above).
     // The router itself enforces scopeAccessMatch and the __-prefix reservation.
-    // Settings is threaded so scopeAccessMatch respects open / no-auth mode.
     const docStore = createScopedDocStore(dataDir);
+    docStore.setMountResolver(mountResolver);
     app.route('/api/docs', createDocsRouter(docStore, {
         settings,
         projectStore: projects,
@@ -183,12 +193,12 @@ export async function createServer(options = {}) {
     });
     // --- Admin-gated routes ---
     // Admin API
-    const adminRouter = createAdminRouter(users, settings, sessions, keys, dataDir);
-    app.use('/api/admin/*', adminAuth(sessions, keys, settings));
+    const adminRouter = createAdminRouter(users, settings, sessions, keys, dataDir, mountStore, mountResolver);
+    app.use('/api/admin/*', adminAuth());
     app.route('/api/admin', adminRouter);
     // Package management (install/uninstall) — admin-gated
-    app.use('/api/packages/install', adminAuth(sessions, keys, settings));
-    app.use('/api/packages/uninstall', adminAuth(sessions, keys, settings));
+    app.use('/api/packages/install', adminAuth());
+    app.use('/api/packages/uninstall', adminAuth());
     const frameworkShardIds = ['__sh3core__', 'shell', 'sh3-store', 'sh3-admin'];
     app.route('/api/packages', createPackageManagementRoutes(shardRouter, dataDir, keys, settings, wsRegister, docStore, frameworkShardIds));
     // Serve client bundles from discovered packages
@@ -213,7 +223,7 @@ export async function createServer(options = {}) {
             shardId: 'shell',
             dataDir: shellDataDir,
             permissions: [],
-            adminOnly: adminOnly(keys, settings),
+            adminOnly: adminOnly(),
             scopeRequired,
             tenantRequired: requireCallerScope,
             wsRegister,
@@ -225,7 +235,6 @@ export async function createServer(options = {}) {
     registerTenantFsRoutes(app, {
         dataDir,
         rootBase: settings.get().tenants?.rootBase ?? '',
-        settings,
         maxReadBytes: 10 * 1024 * 1024,
     });
     // Dynamic shard routes (packages). The catch-all comes after static

package/dist/middleware/project-allowlist.d.ts

@@ -5,6 +5,10 @@
  * only target shards owned by allowlisted apps, plus the framework shards
  * listed in FRAMEWORK_SHARDS. Personal scopes are not subject to allowlists.
  *
+ * An empty appAllowlist means no restrictions — all apps can write to the
+ * project. When at least one app is listed, only that app's required shards
+ * (plus framework shards) are permitted.
+ *
  * Reads (GET / HEAD) are unrestricted; the membership check in
  * scopeAccessMatch already gates access to project data. This middleware
  * is layered on top to scope-down what apps can persist into the

package/dist/middleware/project-allowlist.js

@@ -5,6 +5,10 @@
  * only target shards owned by allowlisted apps, plus the framework shards
  * listed in FRAMEWORK_SHARDS. Personal scopes are not subject to allowlists.
  *
+ * An empty appAllowlist means no restrictions — all apps can write to the
+ * project. When at least one app is listed, only that app's required shards
+ * (plus framework shards) are permitted.
+ *
  * Reads (GET / HEAD) are unrestricted; the membership check in
  * scopeAccessMatch already gates access to project data. This middleware
  * is layered on top to scope-down what apps can persist into the
@@ -32,18 +36,28 @@ export function projectAppAllowlist(opts) {
         if (FRAMEWORK_SHARDS.includes(shard))
             return next();
         const allowed = new Set(FRAMEWORK_SHARDS);
-        for (const appId of project.appAllowlist) {
-            const app = opts.appRegistry.get(appId);
-            if (!app)
-                continue;
-            for (const s of app.manifest.requiredShards)
-                allowed.add(s);
+        // Empty allowlist means no restrictions — all apps can write.
+        if (project.appAllowlist.length > 0) {
+            for (const appId of project.appAllowlist) {
+                const app = opts.appRegistry.get(appId);
+                if (app) {
+                    for (const s of app.manifest.requiredShards)
+                        allowed.add(s);
+                }
+                else {
+                    // App not found in the server manifest registry — fall back to
+                    // allowing the appId itself as a shard id (common convention).
+                    allowed.add(appId);
+                }
+            }
+            if (!allowed.has(shard)) {
+                return c.json({
+                    error: `Shard "${shard}" is not in the project's app allowlist`,
+                    project: project.id,
+                }, 403);
+            }
         }
-        if (allowed.has(shard))
-            return next();
-        return c.json({
-            error: `Shard "${shard}" is not in the project's app allowlist`,
-            project: project.id,
-        }, 403);
+        // Empty allowlist or shard in allowed set → pass.
+        return next();
     };
 }

package/dist/mounts/resolver.d.ts

@@ -0,0 +1,21 @@
+import type { MountStore, MountRecord } from './store.js';
+export type MountStatus = 'resolved' | 'unresolved' | 'error';
+export type ResolvedPath = {
+    kind: 'mount';
+    mountId: string;
+    realPath: string;
+} | {
+    kind: 'native';
+} | {
+    kind: 'mount-unresolved';
+    mountId: string;
+    error: string;
+};
+export declare class MountedPathResolver {
+    #private;
+    constructor(store: MountStore);
+    resolve(tenantId: string, docPath: string): ResolvedPath;
+    probe(mountId: string): MountStatus;
+    listTenantMountIds(tenantId: string): string[];
+    getMount(mountId: string): MountRecord | null;
+}

package/dist/mounts/resolver.js

@@ -0,0 +1,41 @@
+import { existsSync } from 'node:fs';
+import { join, resolve as pathResolve } from 'node:path';
+export class MountedPathResolver {
+    #store;
+    constructor(store) {
+        this.#store = store;
+    }
+    resolve(tenantId, docPath) {
+        const mountMatch = docPath.match(/^mounts\/([^/]+)(?:\/(.*))?$/);
+        if (!mountMatch)
+            return { kind: 'native' };
+        const mountId = mountMatch[1];
+        const subPath = mountMatch[2] ?? '';
+        const mount = this.#store.get(mountId);
+        if (!mount) {
+            return { kind: 'mount-unresolved', mountId, error: `Mount "${mountId}" not found` };
+        }
+        if (!this.#store.isAttached(mountId, tenantId)) {
+            return { kind: 'mount-unresolved', mountId, error: `Mount "${mountId}" not attached to tenant "${tenantId}"` };
+        }
+        const realPath = subPath ? join(mount.path, subPath) : mount.path;
+        return { kind: 'mount', mountId, realPath: pathResolve(realPath) };
+    }
+    probe(mountId) {
+        const mount = this.#store.get(mountId);
+        if (!mount)
+            return 'error';
+        try {
+            return existsSync(mount.path) ? 'resolved' : 'unresolved';
+        }
+        catch {
+            return 'error';
+        }
+    }
+    listTenantMountIds(tenantId) {
+        return this.#store.listTenantAttachments(tenantId).map(a => a.mountId);
+    }
+    getMount(mountId) {
+        return this.#store.get(mountId);
+    }
+}

package/dist/mounts/routes.d.ts

@@ -0,0 +1,4 @@
+import { Hono } from 'hono';
+import type { MountStore } from './store.js';
+import type { MountedPathResolver } from './resolver.js';
+export declare function createMountsRouter(store: MountStore, resolver: MountedPathResolver): Hono;

package/dist/mounts/routes.js

@@ -0,0 +1,136 @@
+import { Hono } from 'hono';
+import { readdirSync, statSync } from 'node:fs';
+import { join } from 'node:path';
+export function createMountsRouter(store, resolver) {
+    const router = new Hono();
+    // --- Mounts CRUD ---
+    router.get('/mounts', (c) => {
+        const mounts = store.list().map(m => ({
+            ...m,
+            status: resolver.probe(m.id),
+            attachmentCount: store.listAttachments(m.id).length,
+        }));
+        return c.json(mounts);
+    });
+    router.get('/mounts/:id', (c) => {
+        const id = c.req.param('id');
+        const mount = store.get(id);
+        if (!mount)
+            return c.json({ error: 'Mount not found' }, 404);
+        return c.json({
+            ...mount,
+            status: resolver.probe(id),
+            attachmentCount: store.listAttachments(id).length,
+        });
+    });
+    router.post('/mounts', async (c) => {
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        if (!body.id || !body.path) {
+            return c.json({ error: 'id and path required' }, 400);
+        }
+        try {
+            const mount = store.create({ id: body.id, label: body.label, path: body.path });
+            const status = resolver.probe(mount.id);
+            const response = { ...mount, status };
+            if (status !== 'resolved') {
+                response.warning = `Path "${mount.path}" does not exist on the server. Mount created but will be unavailable until the path exists.`;
+            }
+            return c.json(response, 201);
+        }
+        catch (err) {
+            return c.json({ error: err instanceof Error ? err.message : 'Failed to create mount' }, 409);
+        }
+    });
+    router.put('/mounts/:id', async (c) => {
+        const id = c.req.param('id');
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const updated = store.update(id, body ?? {});
+        if (!updated)
+            return c.json({ error: 'Mount not found' }, 404);
+        return c.json({ ...updated, status: resolver.probe(id) });
+    });
+    router.delete('/mounts/:id', (c) => {
+        const id = c.req.param('id');
+        if (!store.delete(id))
+            return c.json({ error: 'Mount not found' }, 404);
+        return c.body(null, 204);
+    });
+    // --- Browse mount directory ---
+    router.get('/mounts/:id/browse', (c) => {
+        const id = c.req.param('id');
+        const mount = store.get(id);
+        if (!mount)
+            return c.json({ error: 'Mount not found' }, 404);
+        try {
+            const entries = readdirSync(mount.path, { withFileTypes: true });
+            const listing = entries.map(e => ({
+                name: e.name,
+                kind: e.isDirectory() ? 'directory' : 'file',
+                ...(e.isFile() ? { size: statSync(join(mount.path, e.name)).size } : {}),
+            }));
+            return c.json(listing);
+        }
+        catch {
+            return c.json({ error: `Cannot read mount path: ${mount.path}` }, 503);
+        }
+    });
+    // --- Attachments CRUD ---
+    router.get('/mount-attachments', (c) => {
+        const mountId = c.req.query('mountId');
+        const tenantId = c.req.query('tenantId');
+        if (mountId)
+            return c.json(store.listAttachments(mountId));
+        if (tenantId)
+            return c.json(store.listTenantAttachments(tenantId));
+        return c.json({ error: 'Provide mountId or tenantId query param' }, 400);
+    });
+    router.post('/mount-attachments', async (c) => {
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        if (!body.mountId || !body.tenantId) {
+            return c.json({ error: 'mountId and tenantId required' }, 400);
+        }
+        if (!store.get(body.mountId)) {
+            return c.json({ error: `Mount "${body.mountId}" not found` }, 404);
+        }
+        const att = store.attach(body.mountId, body.tenantId);
+        return c.json(att, 201);
+    });
+    router.delete('/mount-attachments', async (c) => {
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        if (!body.mountId || !body.tenantId) {
+            return c.json({ error: 'mountId and tenantId required' }, 400);
+        }
+        store.detach(body.mountId, body.tenantId);
+        return c.body(null, 204);
+    });
+    // --- Per-tenant attachment listing ---
+    router.get('/tenants/:id/attachments', (c) => {
+        const tenantId = c.req.param('id');
+        return c.json(store.listTenantAttachments(tenantId));
+    });
+    return router;
+}

package/dist/mounts/store.d.ts

@@ -0,0 +1,30 @@
+export interface MountRecord {
+    id: string;
+    label?: string;
+    path: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface MountAttachment {
+    mountId: string;
+    tenantId: string;
+    attachedAt: string;
+}
+export declare class MountStore {
+    #private;
+    constructor(dataDir: string);
+    create(input: {
+        id: string;
+        label?: string;
+        path: string;
+    }): MountRecord;
+    get(id: string): MountRecord | null;
+    list(): MountRecord[];
+    update(id: string, patch: Partial<Pick<MountRecord, 'label' | 'path'>>): MountRecord | null;
+    delete(id: string): boolean;
+    attach(mountId: string, tenantId: string): MountAttachment;
+    detach(mountId: string, tenantId: string): void;
+    listAttachments(mountId: string): MountAttachment[];
+    listTenantAttachments(tenantId: string): MountAttachment[];
+    isAttached(mountId: string, tenantId: string): boolean;
+}