studiograph 1.3.48-next.2 → 1.3.48-next.201
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -16
- package/dist/agent/agent-pool.d.ts +117 -0
- package/dist/agent/agent-pool.js +287 -0
- package/dist/agent/agent-pool.js.map +1 -0
- package/dist/agent/followups.d.ts +34 -0
- package/dist/agent/followups.js +52 -0
- package/dist/agent/followups.js.map +1 -0
- package/dist/agent/orchestrator.d.ts +113 -22
- package/dist/agent/orchestrator.js +574 -181
- package/dist/agent/orchestrator.js.map +1 -1
- package/dist/agent/prompts/entity-types-section.d.ts +34 -0
- package/dist/agent/prompts/entity-types-section.js +76 -0
- package/dist/agent/prompts/entity-types-section.js.map +1 -0
- package/dist/agent/prompts/system.md +147 -69
- package/dist/agent/skill-loader.d.ts +30 -17
- package/dist/agent/skill-loader.js +63 -30
- package/dist/agent/skill-loader.js.map +1 -1
- package/dist/agent/skills/entity-schema.md +77 -433
- package/dist/agent/skills/interview/entity-templates.md +193 -0
- package/dist/agent/skills/interview/question-domains.md +391 -0
- package/dist/agent/skills/interview/skill.md +204 -0
- package/dist/agent/skills/schema-rules.md +54 -0
- package/dist/agent/tools/capture-tools.d.ts +31 -0
- package/dist/agent/tools/capture-tools.js +40 -0
- package/dist/agent/tools/capture-tools.js.map +1 -0
- package/dist/agent/tools/folder-tools.d.ts +47 -0
- package/dist/agent/tools/folder-tools.js +249 -0
- package/dist/agent/tools/folder-tools.js.map +1 -0
- package/dist/agent/tools/fs-tools.d.ts +7 -6
- package/dist/agent/tools/fs-tools.js +5 -4
- package/dist/agent/tools/fs-tools.js.map +1 -1
- package/dist/agent/tools/graph-tools.d.ts +21 -58
- package/dist/agent/tools/graph-tools.js +664 -333
- package/dist/agent/tools/graph-tools.js.map +1 -1
- package/dist/agent/tools/history-tools.d.ts +95 -0
- package/dist/agent/tools/history-tools.js +461 -0
- package/dist/agent/tools/history-tools.js.map +1 -0
- package/dist/agent/tools/load-skill.d.ts +6 -5
- package/dist/agent/tools/load-skill.js +3 -3
- package/dist/agent/tools/load-skill.js.map +1 -1
- package/dist/agent/tools/ops-tools.d.ts +5 -4
- package/dist/agent/tools/ops-tools.js +130 -236
- package/dist/agent/tools/ops-tools.js.map +1 -1
- package/dist/agent/tools/permission-tools.d.ts +87 -17
- package/dist/agent/tools/permission-tools.js +233 -38
- package/dist/agent/tools/permission-tools.js.map +1 -1
- package/dist/agent/tools/tool-loader.js +5 -4
- package/dist/agent/tools/tool-loader.js.map +1 -1
- package/dist/agent/tools/web-tools.js +58 -9
- package/dist/agent/tools/web-tools.js.map +1 -1
- package/dist/cli/commands/about.d.ts +1 -0
- package/dist/cli/commands/about.js +55 -3
- package/dist/cli/commands/about.js.map +1 -1
- package/dist/cli/commands/admin/audit-workspace.d.ts +23 -0
- package/dist/cli/commands/admin/audit-workspace.js +133 -0
- package/dist/cli/commands/admin/audit-workspace.js.map +1 -0
- package/dist/cli/commands/admin/audit.d.ts +21 -0
- package/dist/cli/commands/admin/audit.js +174 -0
- package/dist/cli/commands/admin/audit.js.map +1 -0
- package/dist/cli/commands/admin/backup.d.ts +54 -0
- package/dist/cli/commands/admin/backup.js +207 -0
- package/dist/cli/commands/admin/backup.js.map +1 -0
- package/dist/cli/commands/admin/folder.d.ts +11 -0
- package/dist/cli/commands/admin/folder.js +186 -0
- package/dist/cli/commands/admin/folder.js.map +1 -0
- package/dist/cli/commands/admin/index.d.ts +16 -0
- package/dist/cli/commands/admin/index.js +46 -0
- package/dist/cli/commands/admin/index.js.map +1 -0
- package/dist/cli/commands/admin/migrate-assets.d.ts +53 -0
- package/dist/cli/commands/admin/migrate-assets.js +184 -0
- package/dist/cli/commands/admin/migrate-assets.js.map +1 -0
- package/dist/cli/commands/admin/migrate.d.ts +56 -0
- package/dist/cli/commands/admin/migrate.js +263 -0
- package/dist/cli/commands/admin/migrate.js.map +1 -0
- package/dist/cli/commands/admin/restore.d.ts +24 -0
- package/dist/cli/commands/admin/restore.js +228 -0
- package/dist/cli/commands/admin/restore.js.map +1 -0
- package/dist/cli/commands/admin/secrets.d.ts +23 -0
- package/dist/cli/commands/admin/secrets.js +256 -0
- package/dist/cli/commands/admin/secrets.js.map +1 -0
- package/dist/cli/commands/admin/settings.d.ts +28 -0
- package/dist/cli/commands/admin/settings.js +284 -0
- package/dist/cli/commands/admin/settings.js.map +1 -0
- package/dist/cli/commands/admin/token.d.ts +42 -0
- package/dist/cli/commands/admin/token.js +126 -0
- package/dist/cli/commands/admin/token.js.map +1 -0
- package/dist/cli/commands/admin/transfer-ownership.d.ts +15 -0
- package/dist/cli/commands/admin/transfer-ownership.js +106 -0
- package/dist/cli/commands/admin/transfer-ownership.js.map +1 -0
- package/dist/cli/commands/admin/user.d.ts +11 -0
- package/dist/cli/commands/admin/user.js +187 -0
- package/dist/cli/commands/admin/user.js.map +1 -0
- package/dist/cli/commands/clone.d.ts +25 -3
- package/dist/cli/commands/clone.js +142 -36
- package/dist/cli/commands/clone.js.map +1 -1
- package/dist/cli/commands/commit.d.ts +1 -1
- package/dist/cli/commands/commit.js +24 -11
- package/dist/cli/commands/commit.js.map +1 -1
- package/dist/cli/commands/config.d.ts +23 -107
- package/dist/cli/commands/config.js +52 -260
- package/dist/cli/commands/config.js.map +1 -1
- package/dist/cli/commands/connector.d.ts +10 -13
- package/dist/cli/commands/connector.js +16 -58
- package/dist/cli/commands/connector.js.map +1 -1
- package/dist/cli/commands/deploy.js +215 -68
- package/dist/cli/commands/deploy.js.map +1 -1
- package/dist/cli/commands/index.js +2 -2
- package/dist/cli/commands/index.js.map +1 -1
- package/dist/cli/commands/init.js +10 -30
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/mcp.js +12 -4
- package/dist/cli/commands/mcp.js.map +1 -1
- package/dist/cli/commands/orphans.js +14 -30
- package/dist/cli/commands/orphans.js.map +1 -1
- package/dist/cli/commands/r2.d.ts +3 -0
- package/dist/cli/commands/r2.js +223 -204
- package/dist/cli/commands/r2.js.map +1 -1
- package/dist/cli/commands/redeploy.js +65 -12
- package/dist/cli/commands/redeploy.js.map +1 -1
- package/dist/cli/commands/reset.d.ts +22 -6
- package/dist/cli/commands/reset.js +142 -63
- package/dist/cli/commands/reset.js.map +1 -1
- package/dist/cli/commands/serve.js +218 -24
- package/dist/cli/commands/serve.js.map +1 -1
- package/dist/cli/commands/sync.d.ts +1 -1
- package/dist/cli/commands/sync.js +372 -202
- package/dist/cli/commands/sync.js.map +1 -1
- package/dist/cli/crypto-bundle.d.ts +39 -0
- package/dist/cli/crypto-bundle.js +94 -0
- package/dist/cli/crypto-bundle.js.map +1 -0
- package/dist/cli/index.js +24 -35
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/railway-pin.d.ts +68 -0
- package/dist/cli/railway-pin.js +96 -0
- package/dist/cli/railway-pin.js.map +1 -0
- package/dist/cli/railway-provisioning.d.ts +53 -0
- package/dist/cli/railway-provisioning.js +85 -0
- package/dist/cli/railway-provisioning.js.map +1 -0
- package/dist/cli/setup-wizard.d.ts +33 -52
- package/dist/cli/setup-wizard.js +43 -68
- package/dist/cli/setup-wizard.js.map +1 -1
- package/dist/core/accent-palette.d.ts +22 -0
- package/dist/core/accent-palette.js +47 -0
- package/dist/core/accent-palette.js.map +1 -0
- package/dist/core/cell-anchor.d.ts +29 -0
- package/dist/core/cell-anchor.js +53 -0
- package/dist/core/cell-anchor.js.map +1 -0
- package/dist/core/comment-anchor.d.ts +41 -0
- package/dist/core/comment-anchor.js +147 -0
- package/dist/core/comment-anchor.js.map +1 -0
- package/dist/core/commit-messages.d.ts +57 -0
- package/dist/core/commit-messages.js +85 -0
- package/dist/core/commit-messages.js.map +1 -0
- package/dist/core/embeds.d.ts +77 -0
- package/dist/core/embeds.js +147 -0
- package/dist/core/embeds.js.map +1 -0
- package/dist/core/entity-body-templates.d.ts +21 -0
- package/dist/core/entity-body-templates.js +53 -0
- package/dist/core/entity-body-templates.js.map +1 -0
- package/dist/core/entity-types-catalog.d.ts +65 -0
- package/dist/core/entity-types-catalog.js +140 -0
- package/dist/core/entity-types-catalog.js.map +1 -0
- package/dist/core/folder-paths.d.ts +41 -0
- package/dist/core/folder-paths.js +95 -0
- package/dist/core/folder-paths.js.map +1 -0
- package/dist/core/folder-sidecar.d.ts +36 -0
- package/dist/core/folder-sidecar.js +91 -0
- package/dist/core/folder-sidecar.js.map +1 -0
- package/dist/core/format-registry.d.ts +170 -0
- package/dist/core/format-registry.js +404 -0
- package/dist/core/format-registry.js.map +1 -0
- package/dist/core/graph.d.ts +731 -14
- package/dist/core/graph.js +2202 -315
- package/dist/core/graph.js.map +1 -1
- package/dist/core/history-diff.d.ts +35 -0
- package/dist/core/history-diff.js +114 -0
- package/dist/core/history-diff.js.map +1 -0
- package/dist/core/refs.d.ts +41 -0
- package/dist/core/refs.js +80 -0
- package/dist/core/refs.js.map +1 -0
- package/dist/core/schema-registry.d.ts +82 -0
- package/dist/core/schema-registry.js +238 -0
- package/dist/core/schema-registry.js.map +1 -1
- package/dist/core/schemas/connector.d.ts +67 -0
- package/dist/core/schemas/connector.js +100 -0
- package/dist/core/schemas/connector.js.map +1 -0
- package/dist/core/schemas/workspace.d.ts +122 -0
- package/dist/core/schemas/workspace.js +211 -0
- package/dist/core/schemas/workspace.js.map +1 -0
- package/dist/core/secrets/SecretStore.d.ts +77 -0
- package/dist/core/secrets/SecretStore.js +13 -0
- package/dist/core/secrets/SecretStore.js.map +1 -0
- package/dist/core/secrets/SettingsResolver.d.ts +54 -0
- package/dist/core/secrets/SettingsResolver.js +80 -0
- package/dist/core/secrets/SettingsResolver.js.map +1 -0
- package/dist/core/secrets/SettingsStore.d.ts +30 -0
- package/dist/core/secrets/SettingsStore.js +9 -0
- package/dist/core/secrets/SettingsStore.js.map +1 -0
- package/dist/core/secrets/SqliteEncryptedStore.d.ts +90 -0
- package/dist/core/secrets/SqliteEncryptedStore.js +598 -0
- package/dist/core/secrets/SqliteEncryptedStore.js.map +1 -0
- package/dist/core/secrets/audit.d.ts +36 -0
- package/dist/core/secrets/audit.js +60 -0
- package/dist/core/secrets/audit.js.map +1 -0
- package/dist/core/secrets/auth-db-migration.d.ts +129 -0
- package/dist/core/secrets/auth-db-migration.js +653 -0
- package/dist/core/secrets/auth-db-migration.js.map +1 -0
- package/dist/core/secrets/bundle.d.ts +141 -0
- package/dist/core/secrets/bundle.js +435 -0
- package/dist/core/secrets/bundle.js.map +1 -0
- package/dist/core/secrets/dual-write.d.ts +81 -0
- package/dist/core/secrets/dual-write.js +247 -0
- package/dist/core/secrets/dual-write.js.map +1 -0
- package/dist/core/secrets/encryption.d.ts +44 -0
- package/dist/core/secrets/encryption.js +97 -0
- package/dist/core/secrets/encryption.js.map +1 -0
- package/dist/core/secrets/index.d.ts +49 -0
- package/dist/core/secrets/index.js +74 -0
- package/dist/core/secrets/index.js.map +1 -0
- package/dist/core/secrets/master-key.d.ts +38 -0
- package/dist/core/secrets/master-key.js +122 -0
- package/dist/core/secrets/master-key.js.map +1 -0
- package/dist/core/secrets/probes/anthropic.d.ts +98 -0
- package/dist/core/secrets/probes/anthropic.js +300 -0
- package/dist/core/secrets/probes/anthropic.js.map +1 -0
- package/dist/core/secrets/probes/brave.d.ts +9 -0
- package/dist/core/secrets/probes/brave.js +15 -0
- package/dist/core/secrets/probes/brave.js.map +1 -0
- package/dist/core/secrets/probes/r2.d.ts +15 -0
- package/dist/core/secrets/probes/r2.js +14 -0
- package/dist/core/secrets/probes/r2.js.map +1 -0
- package/dist/core/secrets/probes/tavily.d.ts +18 -0
- package/dist/core/secrets/probes/tavily.js +58 -0
- package/dist/core/secrets/probes/tavily.js.map +1 -0
- package/dist/core/secrets/probes/voyage.d.ts +13 -0
- package/dist/core/secrets/probes/voyage.js +52 -0
- package/dist/core/secrets/probes/voyage.js.map +1 -0
- package/dist/core/secrets/r2-structural-migration.d.ts +39 -0
- package/dist/core/secrets/r2-structural-migration.js +109 -0
- package/dist/core/secrets/r2-structural-migration.js.map +1 -0
- package/dist/core/secrets/read-flip.d.ts +59 -0
- package/dist/core/secrets/read-flip.js +87 -0
- package/dist/core/secrets/read-flip.js.map +1 -0
- package/dist/core/secrets/registry.d.ts +188 -0
- package/dist/core/secrets/registry.js +616 -0
- package/dist/core/secrets/registry.js.map +1 -0
- package/dist/core/types.d.ts +80 -475
- package/dist/core/types.js +27 -3
- package/dist/core/types.js.map +1 -1
- package/dist/core/user-config.d.ts +75 -7
- package/dist/core/user-config.js +155 -7
- package/dist/core/user-config.js.map +1 -1
- package/dist/core/validation.d.ts +731 -1790
- package/dist/core/validation.js +442 -228
- package/dist/core/validation.js.map +1 -1
- package/dist/core/workspace-manager.d.ts +89 -12
- package/dist/core/workspace-manager.js +225 -73
- package/dist/core/workspace-manager.js.map +1 -1
- package/dist/core/workspace.d.ts +19 -5
- package/dist/core/workspace.js +69 -35
- package/dist/core/workspace.js.map +1 -1
- package/dist/mcp/comment-virtual-entity.d.ts +36 -0
- package/dist/mcp/comment-virtual-entity.js +71 -0
- package/dist/mcp/comment-virtual-entity.js.map +1 -0
- package/dist/mcp/connector-manager.d.ts +94 -13
- package/dist/mcp/connector-manager.js +283 -62
- package/dist/mcp/connector-manager.js.map +1 -1
- package/dist/mcp/oauth-provider.d.ts +27 -33
- package/dist/mcp/oauth-provider.js +65 -134
- package/dist/mcp/oauth-provider.js.map +1 -1
- package/dist/mcp/oauth-registry.d.ts +62 -0
- package/dist/mcp/oauth-registry.js +85 -0
- package/dist/mcp/oauth-registry.js.map +1 -0
- package/dist/mcp/server.d.ts +11 -3
- package/dist/mcp/server.js +30 -5
- package/dist/mcp/server.js.map +1 -1
- package/dist/mcp/state-signer.d.ts +62 -0
- package/dist/mcp/state-signer.js +205 -0
- package/dist/mcp/state-signer.js.map +1 -0
- package/dist/mcp/tools.d.ts +35 -2
- package/dist/mcp/tools.js +1361 -112
- package/dist/mcp/tools.js.map +1 -1
- package/dist/server/__tests__/helpers/graph-api.d.ts +16 -0
- package/dist/server/__tests__/helpers/graph-api.js +16 -0
- package/dist/server/__tests__/helpers/graph-api.js.map +1 -0
- package/dist/server/asset-index-queue.d.ts +96 -0
- package/dist/server/asset-index-queue.js +191 -0
- package/dist/server/asset-index-queue.js.map +1 -0
- package/dist/server/body-write-coordinator.d.ts +151 -0
- package/dist/server/body-write-coordinator.js +161 -0
- package/dist/server/body-write-coordinator.js.map +1 -0
- package/dist/server/cloud-billing-flow.d.ts +32 -0
- package/dist/server/cloud-billing-flow.js +75 -0
- package/dist/server/cloud-billing-flow.js.map +1 -0
- package/dist/server/commit-audit.d.ts +26 -0
- package/dist/server/commit-audit.js +30 -0
- package/dist/server/commit-audit.js.map +1 -0
- package/dist/server/index.d.ts +22 -3
- package/dist/server/index.js +622 -198
- package/dist/server/index.js.map +1 -1
- package/dist/server/middleware/sanitize.d.ts +46 -0
- package/dist/server/middleware/sanitize.js +171 -0
- package/dist/server/middleware/sanitize.js.map +1 -0
- package/dist/server/routes/asset-api.d.ts +31 -0
- package/dist/server/routes/asset-api.js +593 -0
- package/dist/server/routes/asset-api.js.map +1 -0
- package/dist/server/routes/audit-api.d.ts +24 -0
- package/dist/server/routes/audit-api.js +117 -0
- package/dist/server/routes/audit-api.js.map +1 -0
- package/dist/server/routes/auth-api.d.ts +3 -2
- package/dist/server/routes/auth-api.js +573 -39
- package/dist/server/routes/auth-api.js.map +1 -1
- package/dist/server/routes/capture-api.d.ts +18 -0
- package/dist/server/routes/capture-api.js +257 -0
- package/dist/server/routes/capture-api.js.map +1 -0
- package/dist/server/routes/chat-sessions-api.d.ts +9 -0
- package/dist/server/routes/chat-sessions-api.js +121 -0
- package/dist/server/routes/chat-sessions-api.js.map +1 -0
- package/dist/server/routes/chat.d.ts +12 -1
- package/dist/server/routes/chat.js +318 -88
- package/dist/server/routes/chat.js.map +1 -1
- package/dist/server/routes/comments-api.d.ts +15 -0
- package/dist/server/routes/comments-api.js +444 -0
- package/dist/server/routes/comments-api.js.map +1 -0
- package/dist/server/routes/config-api.d.ts +21 -0
- package/dist/server/routes/config-api.js +256 -0
- package/dist/server/routes/config-api.js.map +1 -0
- package/dist/server/routes/connectors-api.d.ts +17 -0
- package/dist/server/routes/connectors-api.js +410 -0
- package/dist/server/routes/connectors-api.js.map +1 -0
- package/dist/server/routes/event-ingest-api.d.ts +15 -0
- package/dist/server/routes/event-ingest-api.js +125 -0
- package/dist/server/routes/event-ingest-api.js.map +1 -0
- package/dist/server/routes/git-http.d.ts +3 -3
- package/dist/server/routes/git-http.js +86 -38
- package/dist/server/routes/git-http.js.map +1 -1
- package/dist/server/routes/graph-api-access.d.ts +57 -0
- package/dist/server/routes/graph-api-access.js +112 -0
- package/dist/server/routes/graph-api-access.js.map +1 -0
- package/dist/server/routes/graph-api.d.ts +1 -1
- package/dist/server/routes/graph-api.js +1529 -263
- package/dist/server/routes/graph-api.js.map +1 -1
- package/dist/server/routes/health.d.ts +18 -0
- package/dist/server/routes/health.js +74 -0
- package/dist/server/routes/health.js.map +1 -0
- package/dist/server/routes/import-batch.d.ts +24 -0
- package/dist/server/routes/import-batch.js +33 -0
- package/dist/server/routes/import-batch.js.map +1 -0
- package/dist/server/routes/insights-api.d.ts +9 -2
- package/dist/server/routes/insights-api.js +384 -38
- package/dist/server/routes/insights-api.js.map +1 -1
- package/dist/server/routes/mcp.d.ts +7 -3
- package/dist/server/routes/mcp.js +22 -6
- package/dist/server/routes/mcp.js.map +1 -1
- package/dist/server/routes/oauth-api.d.ts +67 -0
- package/dist/server/routes/oauth-api.js +421 -0
- package/dist/server/routes/oauth-api.js.map +1 -0
- package/dist/server/routes/permissions-api.d.ts +9 -2
- package/dist/server/routes/permissions-api.js +87 -30
- package/dist/server/routes/permissions-api.js.map +1 -1
- package/dist/server/routes/r2-api.d.ts +25 -0
- package/dist/server/routes/r2-api.js +276 -0
- package/dist/server/routes/r2-api.js.map +1 -0
- package/dist/server/routes/secrets-api.d.ts +36 -0
- package/dist/server/routes/secrets-api.js +308 -0
- package/dist/server/routes/secrets-api.js.map +1 -0
- package/dist/server/routes/settings-api.d.ts +29 -0
- package/dist/server/routes/settings-api.js +180 -0
- package/dist/server/routes/settings-api.js.map +1 -0
- package/dist/server/routes/share-api.d.ts +32 -0
- package/dist/server/routes/share-api.js +234 -0
- package/dist/server/routes/share-api.js.map +1 -0
- package/dist/server/routes/url-api.d.ts +7 -0
- package/dist/server/routes/url-api.js +74 -0
- package/dist/server/routes/url-api.js.map +1 -0
- package/dist/server/routes/views-api.js +75 -7
- package/dist/server/routes/views-api.js.map +1 -1
- package/dist/server/routes/workspace-api.d.ts +2 -1
- package/dist/server/routes/workspace-api.js +129 -35
- package/dist/server/routes/workspace-api.js.map +1 -1
- package/dist/server/routes/ws.d.ts +2 -1
- package/dist/server/routes/ws.js +68 -16
- package/dist/server/routes/ws.js.map +1 -1
- package/dist/server/session-manager.d.ts +48 -5
- package/dist/server/session-manager.js +182 -15
- package/dist/server/session-manager.js.map +1 -1
- package/dist/server/ws-hub.d.ts +138 -14
- package/dist/server/ws-hub.js +0 -0
- package/dist/server/ws-hub.js.map +1 -1
- package/dist/server/yjs-manager.d.ts +285 -7
- package/dist/server/yjs-manager.js +907 -36
- package/dist/server/yjs-manager.js.map +1 -1
- package/dist/server/yjs-persistence.d.ts +165 -0
- package/dist/server/yjs-persistence.js +557 -0
- package/dist/server/yjs-persistence.js.map +1 -0
- package/dist/server/yjs-text-diff.d.ts +32 -0
- package/dist/server/yjs-text-diff.js +61 -0
- package/dist/server/yjs-text-diff.js.map +1 -0
- package/dist/services/access-control.d.ts +73 -0
- package/dist/services/access-control.js +165 -0
- package/dist/services/access-control.js.map +1 -0
- package/dist/services/asset-caption-service.d.ts +102 -0
- package/dist/services/asset-caption-service.js +184 -0
- package/dist/services/asset-caption-service.js.map +1 -0
- package/dist/services/asset-delete-authz.d.ts +31 -0
- package/dist/services/asset-delete-authz.js +61 -0
- package/dist/services/asset-delete-authz.js.map +1 -0
- package/dist/services/asset-finalize-service.d.ts +58 -0
- package/dist/services/asset-finalize-service.js +207 -0
- package/dist/services/asset-finalize-service.js.map +1 -0
- package/dist/services/asset-import-service.d.ts +111 -0
- package/dist/services/asset-import-service.js +394 -0
- package/dist/services/asset-import-service.js.map +1 -0
- package/dist/services/asset-index-sweep.d.ts +92 -0
- package/dist/services/asset-index-sweep.js +258 -0
- package/dist/services/asset-index-sweep.js.map +1 -0
- package/dist/services/asset-lifecycle-check.d.ts +22 -0
- package/dist/services/asset-lifecycle-check.js +80 -0
- package/dist/services/asset-lifecycle-check.js.map +1 -0
- package/dist/services/asset-listing.d.ts +72 -0
- package/dist/services/asset-listing.js +321 -0
- package/dist/services/asset-listing.js.map +1 -0
- package/dist/services/asset-presign-service.d.ts +68 -0
- package/dist/services/asset-presign-service.js +124 -0
- package/dist/services/asset-presign-service.js.map +1 -0
- package/dist/services/asset-sidecar-service.d.ts +30 -0
- package/dist/services/asset-sidecar-service.js +96 -0
- package/dist/services/asset-sidecar-service.js.map +1 -0
- package/dist/services/asset-upload-errors.d.ts +41 -0
- package/dist/services/asset-upload-errors.js +45 -0
- package/dist/services/asset-upload-errors.js.map +1 -0
- package/dist/services/asset-upload-service.d.ts +74 -0
- package/dist/services/asset-upload-service.js +244 -0
- package/dist/services/asset-upload-service.js.map +1 -0
- package/dist/services/asset-upload-token.d.ts +58 -0
- package/dist/services/asset-upload-token.js +75 -0
- package/dist/services/asset-upload-token.js.map +1 -0
- package/dist/services/assets/asset-index-service.d.ts +127 -0
- package/dist/services/assets/asset-index-service.js +227 -0
- package/dist/services/assets/asset-index-service.js.map +1 -0
- package/dist/services/assets/base.d.ts +118 -1
- package/dist/services/assets/base.js +77 -1
- package/dist/services/assets/base.js.map +1 -1
- package/dist/services/assets/index.d.ts +103 -1
- package/dist/services/assets/index.js +192 -0
- package/dist/services/assets/index.js.map +1 -1
- package/dist/services/assets/local.d.ts +16 -1
- package/dist/services/assets/local.js +110 -1
- package/dist/services/assets/local.js.map +1 -1
- package/dist/services/assets/r2-sync.d.ts +88 -0
- package/dist/services/assets/r2-sync.js +412 -0
- package/dist/services/assets/r2-sync.js.map +1 -0
- package/dist/services/assets/r2.d.ts +87 -1
- package/dist/services/assets/r2.js +203 -1
- package/dist/services/assets/r2.js.map +1 -1
- package/dist/services/auth-service.d.ts +350 -36
- package/dist/services/auth-service.js +1179 -140
- package/dist/services/auth-service.js.map +1 -1
- package/dist/services/bookmark-import-service.d.ts +49 -0
- package/dist/services/bookmark-import-service.js +250 -0
- package/dist/services/bookmark-import-service.js.map +1 -0
- package/dist/services/chat-session-service.d.ts +96 -0
- package/dist/services/chat-session-service.js +316 -0
- package/dist/services/chat-session-service.js.map +1 -0
- package/dist/services/cloud-inference-billing.d.ts +64 -0
- package/dist/services/cloud-inference-billing.js +313 -0
- package/dist/services/cloud-inference-billing.js.map +1 -0
- package/dist/services/comment-service.d.ts +97 -0
- package/dist/services/comment-service.js +341 -0
- package/dist/services/comment-service.js.map +1 -0
- package/dist/services/convert-service.d.ts +64 -0
- package/dist/services/convert-service.js +68 -0
- package/dist/services/convert-service.js.map +1 -0
- package/dist/services/csv-service.d.ts +22 -17
- package/dist/services/csv-service.js +55 -92
- package/dist/services/csv-service.js.map +1 -1
- package/dist/services/entity-mutations.d.ts +210 -0
- package/dist/services/entity-mutations.js +377 -0
- package/dist/services/entity-mutations.js.map +1 -0
- package/dist/services/event-processor.d.ts +104 -0
- package/dist/services/event-processor.js +441 -0
- package/dist/services/event-processor.js.map +1 -0
- package/dist/services/extract/docx.d.ts +1 -0
- package/dist/services/extract/docx.js +233 -0
- package/dist/services/extract/docx.js.map +1 -0
- package/dist/services/extract/index.d.ts +9 -0
- package/dist/services/extract/index.js +10 -0
- package/dist/services/extract/index.js.map +1 -0
- package/dist/services/extract/pdf.d.ts +13 -0
- package/dist/services/extract/pdf.js +69 -0
- package/dist/services/extract/pdf.js.map +1 -0
- package/dist/services/folder-creation.d.ts +33 -0
- package/dist/services/folder-creation.js +103 -0
- package/dist/services/folder-creation.js.map +1 -0
- package/dist/services/git.d.ts +54 -0
- package/dist/services/git.js +188 -54
- package/dist/services/git.js.map +1 -1
- package/dist/services/graph-maintenance.d.ts +42 -0
- package/dist/services/graph-maintenance.js +143 -0
- package/dist/services/graph-maintenance.js.map +1 -0
- package/dist/services/import-service.d.ts +58 -3
- package/dist/services/import-service.js +316 -100
- package/dist/services/import-service.js.map +1 -1
- package/dist/services/lint-service.js +10 -17
- package/dist/services/lint-service.js.map +1 -1
- package/dist/services/markdown.d.ts +12 -1
- package/dist/services/markdown.js +77 -9
- package/dist/services/markdown.js.map +1 -1
- package/dist/services/memory-service.d.ts +22 -14
- package/dist/services/memory-service.js +53 -35
- package/dist/services/memory-service.js.map +1 -1
- package/dist/services/mention-detector.d.ts +23 -0
- package/dist/services/mention-detector.js +47 -0
- package/dist/services/mention-detector.js.map +1 -0
- package/dist/services/model-capabilities.d.ts +41 -0
- package/dist/services/model-capabilities.js +107 -0
- package/dist/services/model-capabilities.js.map +1 -0
- package/dist/services/notification-broadcast.d.ts +32 -0
- package/dist/services/notification-broadcast.js +38 -0
- package/dist/services/notification-broadcast.js.map +1 -0
- package/dist/services/notification-service.d.ts +41 -0
- package/dist/services/notification-service.js +100 -0
- package/dist/services/notification-service.js.map +1 -0
- package/dist/services/oauth-server-store.d.ts +147 -0
- package/dist/services/oauth-server-store.js +319 -0
- package/dist/services/oauth-server-store.js.map +1 -0
- package/dist/services/orphan-service.js +2 -2
- package/dist/services/orphan-service.js.map +1 -1
- package/dist/services/personal-folder.d.ts +40 -0
- package/dist/services/personal-folder.js +101 -0
- package/dist/services/personal-folder.js.map +1 -0
- package/dist/services/share-link-service.d.ts +57 -0
- package/dist/services/share-link-service.js +142 -0
- package/dist/services/share-link-service.js.map +1 -0
- package/dist/services/user-person-bridge.d.ts +136 -0
- package/dist/services/user-person-bridge.js +340 -0
- package/dist/services/user-person-bridge.js.map +1 -0
- package/dist/services/vector-service.d.ts +260 -6
- package/dist/services/vector-service.js +574 -31
- package/dist/services/vector-service.js.map +1 -1
- package/dist/services/workspace-access.d.ts +108 -0
- package/dist/services/workspace-access.js +149 -0
- package/dist/services/workspace-access.js.map +1 -0
- package/dist/services/workspace-assets-folder.d.ts +46 -0
- package/dist/services/workspace-assets-folder.js +75 -0
- package/dist/services/workspace-assets-folder.js.map +1 -0
- package/dist/utils/git.d.ts +17 -2
- package/dist/utils/git.js +23 -7
- package/dist/utils/git.js.map +1 -1
- package/dist/utils/log.d.ts +42 -0
- package/dist/utils/log.js +137 -0
- package/dist/utils/log.js.map +1 -0
- package/dist/utils/preflight.js +2 -2
- package/dist/utils/preflight.js.map +1 -1
- package/dist/utils/version-checker.d.ts +12 -19
- package/dist/utils/version-checker.js +14 -104
- package/dist/utils/version-checker.js.map +1 -1
- package/dist/web/_app/immutable/assets/0.BZHoBJEc.css +2 -0
- package/dist/web/_app/immutable/assets/12.DlIf1mKh.css +1 -0
- package/dist/web/_app/immutable/assets/13.7d-Q37wc.css +1 -0
- package/dist/web/_app/immutable/assets/14.BwBFdc1D.css +1 -0
- package/dist/web/_app/immutable/assets/15.CmLrbzZp.css +1 -0
- package/dist/web/_app/immutable/assets/16.B0GwXar3.css +1 -0
- package/dist/web/_app/immutable/assets/2.C9Vt4JHy.css +1 -0
- package/dist/web/_app/immutable/assets/3.BFvgCYSk.css +1 -0
- package/dist/web/_app/immutable/assets/4.OmdYF47-.css +1 -0
- package/dist/web/_app/immutable/assets/5.C6MySjPq.css +1 -0
- package/dist/web/_app/immutable/assets/BulkActionsBar.Bx7nxMjH.css +1 -0
- package/dist/web/_app/immutable/assets/CalendarView.lBCvS3X5.css +1 -0
- package/dist/web/_app/immutable/assets/CodeMirrorEditor.D6hf2pNJ.css +1 -0
- package/dist/web/_app/immutable/assets/CopyField.DVGZtw4U.css +1 -0
- package/dist/web/_app/immutable/assets/FolderMembersPanel.DX1oBeF_.css +1 -0
- package/dist/web/_app/immutable/assets/FolderMutationDialogs.D2B7KrRn.css +1 -0
- package/dist/web/_app/immutable/assets/FolderPicker.B5KdvRYl.css +1 -0
- package/dist/web/_app/immutable/assets/GalleryView.CF48FWYQ.css +1 -0
- package/dist/web/_app/immutable/assets/GraphView.BJtGL9py.css +1 -0
- package/dist/web/_app/immutable/assets/KanbanView.BOaI5KFL.css +1 -0
- package/dist/web/_app/immutable/assets/Link.vV0ne105.css +1 -0
- package/dist/web/_app/immutable/assets/Markdown.BqgpZCv5.css +1 -0
- package/dist/web/_app/immutable/assets/Rail.f8lsriOT.css +1 -0
- package/dist/web/_app/immutable/assets/SettingsDialog.DwMus2u2.css +1 -0
- package/dist/web/_app/immutable/assets/Spinner.UBfl0pab.css +1 -0
- package/dist/web/_app/immutable/assets/StopFilledAlt.fNlDN65D.css +1 -0
- package/dist/web/_app/immutable/assets/TimelineView.DriOGAKB.css +1 -0
- package/dist/web/_app/immutable/assets/WorkspaceView.u5VdwRR6.css +1 -0
- package/dist/web/_app/immutable/assets/button.BlLm4Dg1.css +1 -0
- package/dist/web/_app/immutable/assets/checkbox.DK0MgYgb.css +1 -0
- package/dist/web/_app/immutable/assets/dist.DDCWxn3B.css +1 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.CvHOgSBP.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.DMJ8VG8y.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.CB9ihrfo.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.DSY6xOcd.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CZTNEAuW.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CsGl1sm0.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CDDApCn2.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CYLoc0-x.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.BNK2_mGO.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.DpEwFAQM.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.6ng42L7E.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.BgVn5rGT.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.Cu4Hd6ag.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.CuJfVYMP.woff2 +0 -0
- package/dist/web/_app/immutable/assets/inline-list.cqga56xT.css +1 -0
- package/dist/web/_app/immutable/assets/list-columns.DiLB0G5L.css +1 -0
- package/dist/web/_app/immutable/assets/select.BFL238eD.css +1 -0
- package/dist/web/_app/immutable/assets/sheet.4rY4hpfJ.css +1 -0
- package/dist/web/_app/immutable/chunks/2oYV6q4R.js +2 -0
- package/dist/web/_app/immutable/chunks/4XSri7g0.js +1 -0
- package/dist/web/_app/immutable/chunks/4iaT0dG72.js +1 -0
- package/dist/web/_app/immutable/chunks/5_TKU9QS2.js +1 -0
- package/dist/web/_app/immutable/chunks/8Yh26Z9_2.js +1 -0
- package/dist/web/_app/immutable/chunks/Atl8xKOm.js +2 -0
- package/dist/web/_app/immutable/chunks/B-Z_xZy_.js +4 -0
- package/dist/web/_app/immutable/chunks/B0pk0Lyx.js +1 -0
- package/dist/web/_app/immutable/chunks/B1RnjnNt.js +1 -0
- package/dist/web/_app/immutable/chunks/B2n86UNJ.js +1 -0
- package/dist/web/_app/immutable/chunks/B318GEUB2.js +1 -0
- package/dist/web/_app/immutable/chunks/B6Lt-qaJ.js +1 -0
- package/dist/web/_app/immutable/chunks/B8yrQWxT2.js +1 -0
- package/dist/web/_app/immutable/chunks/BADt8daH.js +2 -0
- package/dist/web/_app/immutable/chunks/BBGt-XQo.js +3 -0
- package/dist/web/_app/immutable/chunks/BDIUHcEz.js +1 -0
- package/dist/web/_app/immutable/chunks/BDSuq3KH.js +1 -0
- package/dist/web/_app/immutable/chunks/BGiLU5VN.js +1 -0
- package/dist/web/_app/immutable/chunks/BJgOZTHR.js +1 -0
- package/dist/web/_app/immutable/chunks/BOSiTh-42.js +1 -0
- package/dist/web/_app/immutable/chunks/BPxcCdjn.js +1 -0
- package/dist/web/_app/immutable/chunks/BVPNAzAK.js +1 -0
- package/dist/web/_app/immutable/chunks/BcOvJgjM.js +1 -0
- package/dist/web/_app/immutable/chunks/BdYQewoD.js +1 -0
- package/dist/web/_app/immutable/chunks/BfCWIy8t.js +8 -0
- package/dist/web/_app/immutable/chunks/BgRT-K6w.js +5 -0
- package/dist/web/_app/immutable/chunks/BibveGGd.js +1 -0
- package/dist/web/_app/immutable/chunks/BmM5VZ4W.js +1 -0
- package/dist/web/_app/immutable/chunks/BnIYzuS1.js +66 -0
- package/dist/web/_app/immutable/chunks/BoDmwOTJ.js +1 -0
- package/dist/web/_app/immutable/chunks/BoglwbZW.js +1 -0
- package/dist/web/_app/immutable/chunks/Bqm_YrIg2.js +23 -0
- package/dist/web/_app/immutable/chunks/BtMRrdc4.js +2 -0
- package/dist/web/_app/immutable/chunks/C-AnzvKr.js +7 -0
- package/dist/web/_app/immutable/chunks/C1Y3tUpz.js +1 -0
- package/dist/web/_app/immutable/chunks/C6VZhhwF.js +1 -0
- package/dist/web/_app/immutable/chunks/C8IMrD4G2.js +3 -0
- package/dist/web/_app/immutable/chunks/CAXXrbj52.js +1 -0
- package/dist/web/_app/immutable/chunks/CB-0u-Pc2.js +1 -0
- package/dist/web/_app/immutable/chunks/CEniyZ1Z2.js +6 -0
- package/dist/web/_app/immutable/chunks/CJhElIkU2.js +1 -0
- package/dist/web/_app/immutable/chunks/CK8tIaYT.js +1 -0
- package/dist/web/_app/immutable/chunks/CM8uYli8.js +1 -0
- package/dist/web/_app/immutable/chunks/CTzjJm_m2.js +1 -0
- package/dist/web/_app/immutable/chunks/CUXqa1nn2.js +1 -0
- package/dist/web/_app/immutable/chunks/CY0iY_WO.js +1 -0
- package/dist/web/_app/immutable/chunks/CbCfNNV_2.js +2692 -0
- package/dist/web/_app/immutable/chunks/CbuGIyDu2.js +22 -0
- package/dist/web/_app/immutable/chunks/CcRGXA-t.js +1 -0
- package/dist/web/_app/immutable/chunks/CcXmQaYs2.js +1 -0
- package/dist/web/_app/immutable/chunks/CcaQuaSt2.js +1 -0
- package/dist/web/_app/immutable/chunks/CoHaBDpN2.js +2 -0
- package/dist/web/_app/immutable/chunks/Cvbd3myc2.js +14 -0
- package/dist/web/_app/immutable/chunks/D20C1thX2.js +1 -0
- package/dist/web/_app/immutable/chunks/D3JoMtWC.js +7 -0
- package/dist/web/_app/immutable/chunks/D3ch71s_.js +1 -0
- package/dist/web/_app/immutable/chunks/D4xXlMEU.js +2 -0
- package/dist/web/_app/immutable/chunks/D5GipQqN2.js +1 -0
- package/dist/web/_app/immutable/chunks/D9TyJuu_.js +1 -0
- package/dist/web/_app/immutable/chunks/DBFijAmG.js +1 -0
- package/dist/web/_app/immutable/chunks/DHLjkH7T.js +1 -0
- package/dist/web/_app/immutable/chunks/DIfdPIt_2.js +1 -0
- package/dist/web/_app/immutable/chunks/DO_sw49q2.js +1 -0
- package/dist/web/_app/immutable/chunks/DP69PpIj.js +1 -0
- package/dist/web/_app/immutable/chunks/DQ3HSZMs.js +2 -0
- package/dist/web/_app/immutable/chunks/DQMWa2t7.js +1 -0
- package/dist/web/_app/immutable/chunks/DT0wzK622.js +1 -0
- package/dist/web/_app/immutable/chunks/DTnEJArL.js +1 -0
- package/dist/web/_app/immutable/chunks/DToS-G202.js +1 -0
- package/dist/web/_app/immutable/chunks/DZcU6mGe2.js +1 -0
- package/dist/web/_app/immutable/chunks/DbslMybD.js +1 -0
- package/dist/web/_app/immutable/chunks/DcGThsSF.js +1 -0
- package/dist/web/_app/immutable/chunks/DcPrzUMJ.js +1 -0
- package/dist/web/_app/immutable/chunks/De0g5qop2.js +1 -0
- package/dist/web/_app/immutable/chunks/DimS8dbZ2.js +1 -0
- package/dist/web/_app/immutable/chunks/DjuqhOjF.js +1 -0
- package/dist/web/_app/immutable/chunks/Dk6sAhpo.js +3 -0
- package/dist/web/_app/immutable/chunks/Dl6cnwyk.js +1 -0
- package/dist/web/_app/immutable/chunks/DnIQzIOz.js +1 -0
- package/dist/web/_app/immutable/chunks/DnXYAo60.js +1 -0
- package/dist/web/_app/immutable/chunks/DnrImJan.js +1 -0
- package/dist/web/_app/immutable/chunks/Dpuq25vu2.js +1 -0
- package/dist/web/_app/immutable/chunks/DrMZDWru.js +1 -0
- package/dist/web/_app/immutable/chunks/DsVOtl0N.js +1 -0
- package/dist/web/_app/immutable/chunks/DuTXsWdP.js +2 -0
- package/dist/web/_app/immutable/chunks/Dw-frCfE.js +1 -0
- package/dist/web/_app/immutable/chunks/Dz34u8Ie2.js +185 -0
- package/dist/web/_app/immutable/chunks/DzcFeQZU2.js +2 -0
- package/dist/web/_app/immutable/chunks/DzrRTvug.js +1 -0
- package/dist/web/_app/immutable/chunks/G5oUVQa92.js +1 -0
- package/dist/web/_app/immutable/chunks/HyhOhoeq2.js +2 -0
- package/dist/web/_app/immutable/chunks/J5nb9xxj.js +1 -0
- package/dist/web/_app/immutable/chunks/JCjEwqH9.js +1 -0
- package/dist/web/_app/immutable/chunks/JN_nsXUm2.js +1 -0
- package/dist/web/_app/immutable/chunks/JS2_GaB1.js +1 -0
- package/dist/web/_app/immutable/chunks/MtI6dyxu.js +1 -0
- package/dist/web/_app/immutable/chunks/N6vnY5Si2.js +1 -0
- package/dist/web/_app/immutable/chunks/PcEbaKam.js +2 -0
- package/dist/web/_app/immutable/chunks/VTYhCLh9.js +2 -0
- package/dist/web/_app/immutable/chunks/Wowi_89k.js +5 -0
- package/dist/web/_app/immutable/chunks/Y_asqJqs2.js +83 -0
- package/dist/web/_app/immutable/chunks/Yhg5Q4MT.js +1 -0
- package/dist/web/_app/immutable/chunks/f_eYccPf2.js +1 -0
- package/dist/web/_app/immutable/chunks/hm_8RsuL.js +1 -0
- package/dist/web/_app/immutable/chunks/iPCkjliu.js +3 -0
- package/dist/web/_app/immutable/chunks/j2AvgZGz.js +1 -0
- package/dist/web/_app/immutable/chunks/kNaey6uv.js +1 -0
- package/dist/web/_app/immutable/chunks/l1761xxj.js +1 -0
- package/dist/web/_app/immutable/chunks/liGRFQqV2.js +184 -0
- package/dist/web/_app/immutable/chunks/lq1kR86d.js +1 -0
- package/dist/web/_app/immutable/chunks/mIykYR4F2.js +1 -0
- package/dist/web/_app/immutable/chunks/rbhlO_t8.js +1 -0
- package/dist/web/_app/immutable/chunks/tJpAwaTl.js +1 -0
- package/dist/web/_app/immutable/chunks/tcegdii0.js +2 -0
- package/dist/web/_app/immutable/chunks/u8G2EUvz2.js +224 -0
- package/dist/web/_app/immutable/chunks/vgsM0KTm2.js +1 -0
- package/dist/web/_app/immutable/chunks/xcGI4fuV.js +1 -0
- package/dist/web/_app/immutable/chunks/xihTtKlq.js +1 -0
- package/dist/web/_app/immutable/chunks/yEYlhV9G2.js +1 -0
- package/dist/web/_app/immutable/entry/app.DSf_XGp8.js +2 -0
- package/dist/web/_app/immutable/entry/start.B7ScfxPc.js +1 -0
- package/dist/web/_app/immutable/nodes/0.BMSOOETY.js +2 -0
- package/dist/web/_app/immutable/nodes/1.B0lBUpHt.js +1 -0
- package/dist/web/_app/immutable/nodes/10.DmDbUH1j.js +1 -0
- package/dist/web/_app/immutable/nodes/11.gwY7gZdR.js +1 -0
- package/dist/web/_app/immutable/nodes/12.BpGHSr2y.js +1 -0
- package/dist/web/_app/immutable/nodes/13.Bf178QF_.js +1 -0
- package/dist/web/_app/immutable/nodes/14.D_x8-nk9.js +1 -0
- package/dist/web/_app/immutable/nodes/15.DY4XeagL.js +1 -0
- package/dist/web/_app/immutable/nodes/16.DPqftx8x.js +77 -0
- package/dist/web/_app/immutable/nodes/2.OM2LGRpi.js +109 -0
- package/dist/web/_app/immutable/nodes/3.e8ZoPCmC.js +6 -0
- package/dist/web/_app/immutable/nodes/4.BdYR1hNQ.js +11 -0
- package/dist/web/_app/immutable/nodes/5.B8sOFna9.js +5 -0
- package/dist/web/_app/immutable/nodes/6.L1BbYsmo.js +1 -0
- package/dist/web/_app/immutable/nodes/7.B7zoemJD.js +1 -0
- package/dist/web/_app/immutable/nodes/8.B1VtnfMK.js +1 -0
- package/dist/web/_app/immutable/nodes/9.BE3VCQzk.js +1 -0
- package/dist/web/_app/version.json +1 -1
- package/dist/web/favicon-16.png +0 -0
- package/dist/web/favicon-180.png +0 -0
- package/dist/web/favicon-32.png +0 -0
- package/dist/web/favicon-48.png +0 -0
- package/dist/web/favicon-512.png +0 -0
- package/dist/web/favicon.ico +0 -0
- package/dist/web/favicon.svg +8 -0
- package/dist/web/index.html +58 -19
- package/dist/web/studiograph-logomark.svg +29 -0
- package/package.json +38 -14
- package/dist/agent/skills/enrich-entities.md +0 -136
- package/dist/agent/skills/obsidian-source-setup.md +0 -246
- package/dist/agent/skills/skill-loader.d.ts +0 -48
- package/dist/agent/skills/skill-loader.js +0 -166
- package/dist/agent/skills/skill-loader.js.map +0 -1
- package/dist/agent/skills/sync-configuration.md +0 -119
- package/dist/agent/skills/sync-setup.md +0 -82
- package/dist/agent/tools/sync-tools.d.ts +0 -35
- package/dist/agent/tools/sync-tools.js +0 -992
- package/dist/agent/tools/sync-tools.js.map +0 -1
- package/dist/auth/github.d.ts +0 -56
- package/dist/auth/github.js +0 -169
- package/dist/auth/github.js.map +0 -1
- package/dist/cli/commands/access.d.ts +0 -11
- package/dist/cli/commands/access.js +0 -156
- package/dist/cli/commands/access.js.map +0 -1
- package/dist/cli/commands/app.d.ts +0 -7
- package/dist/cli/commands/app.js +0 -268
- package/dist/cli/commands/app.js.map +0 -1
- package/dist/cli/commands/auth.d.ts +0 -10
- package/dist/cli/commands/auth.js +0 -79
- package/dist/cli/commands/auth.js.map +0 -1
- package/dist/cli/commands/clear.d.ts +0 -5
- package/dist/cli/commands/clear.js +0 -36
- package/dist/cli/commands/clear.js.map +0 -1
- package/dist/cli/commands/collection.d.ts +0 -10
- package/dist/cli/commands/collection.js +0 -187
- package/dist/cli/commands/collection.js.map +0 -1
- package/dist/cli/commands/enrich.d.ts +0 -11
- package/dist/cli/commands/enrich.js +0 -135
- package/dist/cli/commands/enrich.js.map +0 -1
- package/dist/cli/commands/graphrag.d.ts +0 -12
- package/dist/cli/commands/graphrag.js +0 -122
- package/dist/cli/commands/graphrag.js.map +0 -1
- package/dist/cli/commands/join.d.ts +0 -9
- package/dist/cli/commands/join.js +0 -255
- package/dist/cli/commands/join.js.map +0 -1
- package/dist/cli/commands/members.d.ts +0 -11
- package/dist/cli/commands/members.js +0 -230
- package/dist/cli/commands/members.js.map +0 -1
- package/dist/cli/commands/org.d.ts +0 -10
- package/dist/cli/commands/org.js +0 -132
- package/dist/cli/commands/org.js.map +0 -1
- package/dist/cli/commands/provision.d.ts +0 -8
- package/dist/cli/commands/provision.js +0 -116
- package/dist/cli/commands/provision.js.map +0 -1
- package/dist/cli/commands/resolve.d.ts +0 -8
- package/dist/cli/commands/resolve.js +0 -85
- package/dist/cli/commands/resolve.js.map +0 -1
- package/dist/cli/commands/review.d.ts +0 -19
- package/dist/cli/commands/review.js +0 -128
- package/dist/cli/commands/review.js.map +0 -1
- package/dist/cli/commands/source.d.ts +0 -16
- package/dist/cli/commands/source.js +0 -159
- package/dist/cli/commands/source.js.map +0 -1
- package/dist/cli/commands/start.d.ts +0 -7
- package/dist/cli/commands/start.js +0 -589
- package/dist/cli/commands/start.js.map +0 -1
- package/dist/cli/commands/sync-collection.d.ts +0 -14
- package/dist/cli/commands/sync-collection.js +0 -355
- package/dist/cli/commands/sync-collection.js.map +0 -1
- package/dist/cli/commands/sync-entities.d.ts +0 -13
- package/dist/cli/commands/sync-entities.js +0 -242
- package/dist/cli/commands/sync-entities.js.map +0 -1
- package/dist/cli/commands/team.d.ts +0 -12
- package/dist/cli/commands/team.js +0 -185
- package/dist/cli/commands/team.js.map +0 -1
- package/dist/cli/commands/update.d.ts +0 -8
- package/dist/cli/commands/update.js +0 -155
- package/dist/cli/commands/update.js.map +0 -1
- package/dist/cli/commands/user.d.ts +0 -7
- package/dist/cli/commands/user.js +0 -153
- package/dist/cli/commands/user.js.map +0 -1
- package/dist/cli/scaffolding.d.ts +0 -12
- package/dist/cli/scaffolding.js +0 -397
- package/dist/cli/scaffolding.js.map +0 -1
- package/dist/cli/sync-review-interactive.d.ts +0 -31
- package/dist/cli/sync-review-interactive.js +0 -393
- package/dist/cli/sync-review-interactive.js.map +0 -1
- package/dist/core/migration-runner.d.ts +0 -42
- package/dist/core/migration-runner.js +0 -232
- package/dist/core/migration-runner.js.map +0 -1
- package/dist/core/migration-types.d.ts +0 -101
- package/dist/core/migration-types.js +0 -21
- package/dist/core/migration-types.js.map +0 -1
- package/dist/core/migrations/20260219-formalize-memory-location.d.ts +0 -2
- package/dist/core/migrations/20260219-formalize-memory-location.js +0 -35
- package/dist/core/migrations/20260219-formalize-memory-location.js.map +0 -1
- package/dist/core/migrations/20260220-add-workspace-metadata.d.ts +0 -12
- package/dist/core/migrations/20260220-add-workspace-metadata.js +0 -65
- package/dist/core/migrations/20260220-add-workspace-metadata.js.map +0 -1
- package/dist/core/migrations/20260220-add-workspace-readme.d.ts +0 -11
- package/dist/core/migrations/20260220-add-workspace-readme.js +0 -82
- package/dist/core/migrations/20260220-add-workspace-readme.js.map +0 -1
- package/dist/core/migrations/20260220-migrate-yaml-to-json.d.ts +0 -9
- package/dist/core/migrations/20260220-migrate-yaml-to-json.js +0 -64
- package/dist/core/migrations/20260220-migrate-yaml-to-json.js.map +0 -1
- package/dist/core/migrations/index.d.ts +0 -11
- package/dist/core/migrations/index.js +0 -23
- package/dist/core/migrations/index.js.map +0 -1
- package/dist/integrations/asana.d.ts +0 -26
- package/dist/integrations/asana.js +0 -78
- package/dist/integrations/asana.js.map +0 -1
- package/dist/integrations/figma-local.d.ts +0 -16
- package/dist/integrations/figma-local.js +0 -10
- package/dist/integrations/figma-local.js.map +0 -1
- package/dist/integrations/figma.d.ts +0 -17
- package/dist/integrations/figma.js +0 -17
- package/dist/integrations/figma.js.map +0 -1
- package/dist/integrations/granola.d.ts +0 -24
- package/dist/integrations/granola.js +0 -60
- package/dist/integrations/granola.js.map +0 -1
- package/dist/integrations/linear.d.ts +0 -14
- package/dist/integrations/linear.js +0 -80
- package/dist/integrations/linear.js.map +0 -1
- package/dist/integrations/paper-local.d.ts +0 -14
- package/dist/integrations/paper-local.js +0 -10
- package/dist/integrations/paper-local.js.map +0 -1
- package/dist/integrations/paper.d.ts +0 -2
- package/dist/integrations/paper.js +0 -10
- package/dist/integrations/paper.js.map +0 -1
- package/dist/integrations/pipedrive.d.ts +0 -26
- package/dist/integrations/pipedrive.js +0 -97
- package/dist/integrations/pipedrive.js.map +0 -1
- package/dist/integrations/registry.d.ts +0 -15
- package/dist/integrations/registry.js +0 -27
- package/dist/integrations/registry.js.map +0 -1
- package/dist/integrations/types.d.ts +0 -38
- package/dist/integrations/types.js +0 -9
- package/dist/integrations/types.js.map +0 -1
- package/dist/lib/lib/utils.d.ts +0 -2
- package/dist/lib/lib/utils.js +0 -6
- package/dist/lib/lib/utils.js.map +0 -1
- package/dist/mcp/connectors/asana.d.ts +0 -2
- package/dist/mcp/connectors/asana.js +0 -20
- package/dist/mcp/connectors/asana.js.map +0 -1
- package/dist/mcp/connectors/definitions.d.ts +0 -45
- package/dist/mcp/connectors/definitions.js +0 -32
- package/dist/mcp/connectors/definitions.js.map +0 -1
- package/dist/mcp/connectors/figma.d.ts +0 -5
- package/dist/mcp/connectors/figma.js +0 -21
- package/dist/mcp/connectors/figma.js.map +0 -1
- package/dist/mcp/connectors/gdrive.d.ts +0 -2
- package/dist/mcp/connectors/gdrive.js +0 -20
- package/dist/mcp/connectors/gdrive.js.map +0 -1
- package/dist/mcp/connectors/granola.d.ts +0 -2
- package/dist/mcp/connectors/granola.js +0 -12
- package/dist/mcp/connectors/granola.js.map +0 -1
- package/dist/mcp/connectors/linear.d.ts +0 -2
- package/dist/mcp/connectors/linear.js +0 -19
- package/dist/mcp/connectors/linear.js.map +0 -1
- package/dist/mcp/connectors/obsidian.d.ts +0 -2
- package/dist/mcp/connectors/obsidian.js +0 -19
- package/dist/mcp/connectors/obsidian.js.map +0 -1
- package/dist/mcp/connectors/pipedrive.d.ts +0 -2
- package/dist/mcp/connectors/pipedrive.js +0 -20
- package/dist/mcp/connectors/pipedrive.js.map +0 -1
- package/dist/mcp/connectors/slack.d.ts +0 -2
- package/dist/mcp/connectors/slack.js +0 -21
- package/dist/mcp/connectors/slack.js.map +0 -1
- package/dist/mcp/server-oauth-provider.d.ts +0 -56
- package/dist/mcp/server-oauth-provider.js +0 -142
- package/dist/mcp/server-oauth-provider.js.map +0 -1
- package/dist/server/chrome/chrome.css +0 -691
- package/dist/server/chrome/chrome.js +0 -374
- package/dist/server/collab-authority.d.ts +0 -70
- package/dist/server/collab-authority.js +0 -218
- package/dist/server/collab-authority.js.map +0 -1
- package/dist/server/collab.d.ts +0 -29
- package/dist/server/collab.js +0 -195
- package/dist/server/collab.js.map +0 -1
- package/dist/server/commit-scheduler.d.ts +0 -39
- package/dist/server/commit-scheduler.js +0 -113
- package/dist/server/commit-scheduler.js.map +0 -1
- package/dist/server/plugin-loader.d.ts +0 -53
- package/dist/server/plugin-loader.js +0 -155
- package/dist/server/plugin-loader.js.map +0 -1
- package/dist/server/routes/collab.d.ts +0 -6
- package/dist/server/routes/collab.js +0 -10
- package/dist/server/routes/collab.js.map +0 -1
- package/dist/server/routes/git-api.d.ts +0 -9
- package/dist/server/routes/git-api.js +0 -82
- package/dist/server/routes/git-api.js.map +0 -1
- package/dist/server/routes/meeting-ingest-api.d.ts +0 -15
- package/dist/server/routes/meeting-ingest-api.js +0 -323
- package/dist/server/routes/meeting-ingest-api.js.map +0 -1
- package/dist/server/routes/sync-api.d.ts +0 -26
- package/dist/server/routes/sync-api.js +0 -814
- package/dist/server/routes/sync-api.js.map +0 -1
- package/dist/server/routes/webhook.d.ts +0 -14
- package/dist/server/routes/webhook.js +0 -102
- package/dist/server/routes/webhook.js.map +0 -1
- package/dist/services/github-provisioner.d.ts +0 -36
- package/dist/services/github-provisioner.js +0 -126
- package/dist/services/github-provisioner.js.map +0 -1
- package/dist/services/github-service.d.ts +0 -99
- package/dist/services/github-service.js +0 -310
- package/dist/services/github-service.js.map +0 -1
- package/dist/services/insights.d.ts +0 -38
- package/dist/services/insights.js +0 -246
- package/dist/services/insights.js.map +0 -1
- package/dist/services/sync/collection-sync.d.ts +0 -60
- package/dist/services/sync/collection-sync.js +0 -509
- package/dist/services/sync/collection-sync.js.map +0 -1
- package/dist/services/sync/commit.d.ts +0 -60
- package/dist/services/sync/commit.js +0 -354
- package/dist/services/sync/commit.js.map +0 -1
- package/dist/services/sync/context-index.d.ts +0 -69
- package/dist/services/sync/context-index.js +0 -280
- package/dist/services/sync/context-index.js.map +0 -1
- package/dist/services/sync/data-fetcher.d.ts +0 -31
- package/dist/services/sync/data-fetcher.js +0 -12
- package/dist/services/sync/data-fetcher.js.map +0 -1
- package/dist/services/sync/derive.d.ts +0 -34
- package/dist/services/sync/derive.js +0 -164
- package/dist/services/sync/derive.js.map +0 -1
- package/dist/services/sync/enrichment-state.d.ts +0 -31
- package/dist/services/sync/enrichment-state.js +0 -63
- package/dist/services/sync/enrichment-state.js.map +0 -1
- package/dist/services/sync/enrichment.d.ts +0 -25
- package/dist/services/sync/enrichment.js +0 -121
- package/dist/services/sync/enrichment.js.map +0 -1
- package/dist/services/sync/entity-refresh.d.ts +0 -30
- package/dist/services/sync/entity-refresh.js +0 -275
- package/dist/services/sync/entity-refresh.js.map +0 -1
- package/dist/services/sync/frontmatter-extractor.d.ts +0 -40
- package/dist/services/sync/frontmatter-extractor.js +0 -279
- package/dist/services/sync/frontmatter-extractor.js.map +0 -1
- package/dist/services/sync/graph-match-state.d.ts +0 -33
- package/dist/services/sync/graph-match-state.js +0 -61
- package/dist/services/sync/graph-match-state.js.map +0 -1
- package/dist/services/sync/graph-match.d.ts +0 -53
- package/dist/services/sync/graph-match.js +0 -316
- package/dist/services/sync/graph-match.js.map +0 -1
- package/dist/services/sync/graphrag-client.d.ts +0 -43
- package/dist/services/sync/graphrag-client.js +0 -94
- package/dist/services/sync/graphrag-client.js.map +0 -1
- package/dist/services/sync/graphrag-config.d.ts +0 -16
- package/dist/services/sync/graphrag-config.js +0 -39
- package/dist/services/sync/graphrag-config.js.map +0 -1
- package/dist/services/sync/graphrag-context.d.ts +0 -14
- package/dist/services/sync/graphrag-context.js +0 -109
- package/dist/services/sync/graphrag-context.js.map +0 -1
- package/dist/services/sync/graphrag-indexer.d.ts +0 -30
- package/dist/services/sync/graphrag-indexer.js +0 -358
- package/dist/services/sync/graphrag-indexer.js.map +0 -1
- package/dist/services/sync/llm.d.ts +0 -32
- package/dist/services/sync/llm.js +0 -115
- package/dist/services/sync/llm.js.map +0 -1
- package/dist/services/sync/mcp-client.d.ts +0 -71
- package/dist/services/sync/mcp-client.js +0 -299
- package/dist/services/sync/mcp-client.js.map +0 -1
- package/dist/services/sync/model-factory.d.ts +0 -13
- package/dist/services/sync/model-factory.js +0 -38
- package/dist/services/sync/model-factory.js.map +0 -1
- package/dist/services/sync/name-quality.d.ts +0 -31
- package/dist/services/sync/name-quality.js +0 -60
- package/dist/services/sync/name-quality.js.map +0 -1
- package/dist/services/sync/output-schemas.d.ts +0 -92
- package/dist/services/sync/output-schemas.js +0 -43
- package/dist/services/sync/output-schemas.js.map +0 -1
- package/dist/services/sync/prompts.d.ts +0 -19
- package/dist/services/sync/prompts.js +0 -128
- package/dist/services/sync/prompts.js.map +0 -1
- package/dist/services/sync/reconciler.d.ts +0 -48
- package/dist/services/sync/reconciler.js +0 -294
- package/dist/services/sync/reconciler.js.map +0 -1
- package/dist/services/sync/rest-client.d.ts +0 -40
- package/dist/services/sync/rest-client.js +0 -100
- package/dist/services/sync/rest-client.js.map +0 -1
- package/dist/services/sync/source-config.d.ts +0 -67
- package/dist/services/sync/source-config.js +0 -304
- package/dist/services/sync/source-config.js.map +0 -1
- package/dist/services/sync/source-definitions/asana.d.ts +0 -14
- package/dist/services/sync/source-definitions/asana.js +0 -42
- package/dist/services/sync/source-definitions/asana.js.map +0 -1
- package/dist/services/sync/source-definitions/definitions.d.ts +0 -8
- package/dist/services/sync/source-definitions/definitions.js +0 -8
- package/dist/services/sync/source-definitions/definitions.js.map +0 -1
- package/dist/services/sync/source-definitions/gdrive.d.ts +0 -16
- package/dist/services/sync/source-definitions/gdrive.js +0 -68
- package/dist/services/sync/source-definitions/gdrive.js.map +0 -1
- package/dist/services/sync/source-definitions/granola.d.ts +0 -2
- package/dist/services/sync/source-definitions/granola.js +0 -21
- package/dist/services/sync/source-definitions/granola.js.map +0 -1
- package/dist/services/sync/source-definitions/linear.d.ts +0 -2
- package/dist/services/sync/source-definitions/linear.js +0 -62
- package/dist/services/sync/source-definitions/linear.js.map +0 -1
- package/dist/services/sync/source-definitions/obsidian.d.ts +0 -2
- package/dist/services/sync/source-definitions/obsidian.js +0 -55
- package/dist/services/sync/source-definitions/obsidian.js.map +0 -1
- package/dist/services/sync/source-definitions/pipedrive.d.ts +0 -2
- package/dist/services/sync/source-definitions/pipedrive.js +0 -43
- package/dist/services/sync/source-definitions/pipedrive.js.map +0 -1
- package/dist/services/sync/staging.d.ts +0 -53
- package/dist/services/sync/staging.js +0 -130
- package/dist/services/sync/staging.js.map +0 -1
- package/dist/services/sync/structured-extractor.d.ts +0 -57
- package/dist/services/sync/structured-extractor.js +0 -584
- package/dist/services/sync/structured-extractor.js.map +0 -1
- package/dist/services/sync/sync-runner.d.ts +0 -32
- package/dist/services/sync/sync-runner.js +0 -195
- package/dist/services/sync/sync-runner.js.map +0 -1
- package/dist/services/sync/sync-state.d.ts +0 -43
- package/dist/services/sync/sync-state.js +0 -154
- package/dist/services/sync/sync-state.js.map +0 -1
- package/dist/services/sync/types.d.ts +0 -381
- package/dist/services/sync/types.js +0 -8
- package/dist/services/sync/types.js.map +0 -1
- package/dist/services/sync/unstructured-extractor.d.ts +0 -27
- package/dist/services/sync/unstructured-extractor.js +0 -185
- package/dist/services/sync/unstructured-extractor.js.map +0 -1
- package/dist/utils/merge-resolver.d.ts +0 -59
- package/dist/utils/merge-resolver.js +0 -303
- package/dist/utils/merge-resolver.js.map +0 -1
- package/dist/utils/workspace-config.d.ts +0 -8
- package/dist/utils/workspace-config.js +0 -22
- package/dist/utils/workspace-config.js.map +0 -1
- package/dist/web/_app/immutable/assets/0.DdizXOKi.css +0 -1
- package/dist/web/_app/immutable/assets/10.BUrHkYry.css +0 -1
- package/dist/web/_app/immutable/assets/2.n7-yW_Fs.css +0 -1
- package/dist/web/_app/immutable/assets/3.BtaZagnv.css +0 -1
- package/dist/web/_app/immutable/assets/4.DT7X0x5S.css +0 -1
- package/dist/web/_app/immutable/assets/5.DFeGxLYf.css +0 -1
- package/dist/web/_app/immutable/assets/6.CquhUpOu.css +0 -1
- package/dist/web/_app/immutable/assets/7.CjbDRbuG.css +0 -1
- package/dist/web/_app/immutable/assets/8.S1QdUGNM.css +0 -1
- package/dist/web/_app/immutable/assets/9.CT4xL4K3.css +0 -1
- package/dist/web/_app/immutable/assets/Copy.FS8bdfxr.css +0 -1
- package/dist/web/_app/immutable/assets/Toaster.rN8r_Hzv.css +0 -1
- package/dist/web/_app/immutable/assets/ViewToolbar.D-QW2oKe.css +0 -1
- package/dist/web/_app/immutable/assets/index.D6tMDJWk.css +0 -1
- package/dist/web/_app/immutable/chunks/-iaeBIWN.js +0 -1
- package/dist/web/_app/immutable/chunks/37NdyH6G.js +0 -32
- package/dist/web/_app/immutable/chunks/4Hhzb6pv.js +0 -1
- package/dist/web/_app/immutable/chunks/72bZS3G9.js +0 -1
- package/dist/web/_app/immutable/chunks/7S2LGqoP.js +0 -2
- package/dist/web/_app/immutable/chunks/B340SUKR.js +0 -1
- package/dist/web/_app/immutable/chunks/B3Z4_Sps.js +0 -1
- package/dist/web/_app/immutable/chunks/BB_5th5W.js +0 -3383
- package/dist/web/_app/immutable/chunks/BPWYOQXG.js +0 -1
- package/dist/web/_app/immutable/chunks/BR77jbfR.js +0 -1
- package/dist/web/_app/immutable/chunks/BS2rFAVq.js +0 -1
- package/dist/web/_app/immutable/chunks/BSsDC_p4.js +0 -1
- package/dist/web/_app/immutable/chunks/BTX2Jr8_.js +0 -1
- package/dist/web/_app/immutable/chunks/Bq_KShUL.js +0 -4
- package/dist/web/_app/immutable/chunks/Bsacq2UX.js +0 -1
- package/dist/web/_app/immutable/chunks/ByunV8un.js +0 -1
- package/dist/web/_app/immutable/chunks/BzPu-Eht.js +0 -1
- package/dist/web/_app/immutable/chunks/C7VoTosa.js +0 -2
- package/dist/web/_app/immutable/chunks/CDV5Q7RN.js +0 -1
- package/dist/web/_app/immutable/chunks/CGc1sIb_.js +0 -1
- package/dist/web/_app/immutable/chunks/CJ8__CWt.js +0 -1
- package/dist/web/_app/immutable/chunks/CJUKmosC.js +0 -5
- package/dist/web/_app/immutable/chunks/CSVbGg_b.js +0 -5
- package/dist/web/_app/immutable/chunks/CT6oIU-C.js +0 -1
- package/dist/web/_app/immutable/chunks/CTRxNfZk.js +0 -1
- package/dist/web/_app/immutable/chunks/CWQRQXxy.js +0 -1
- package/dist/web/_app/immutable/chunks/CX87mIM8.js +0 -1
- package/dist/web/_app/immutable/chunks/CXH6iFbA.js +0 -1
- package/dist/web/_app/immutable/chunks/CX_61fY8.js +0 -5
- package/dist/web/_app/immutable/chunks/CYrVHOHA.js +0 -1
- package/dist/web/_app/immutable/chunks/CdeYcEuU.js +0 -1
- package/dist/web/_app/immutable/chunks/CmCtpZ1Y.js +0 -1
- package/dist/web/_app/immutable/chunks/Cpsr8-Xy.js +0 -1
- package/dist/web/_app/immutable/chunks/CqkleIqs.js +0 -1
- package/dist/web/_app/immutable/chunks/CrdV0ttd.js +0 -1
- package/dist/web/_app/immutable/chunks/CscoF-YL.js +0 -18
- package/dist/web/_app/immutable/chunks/Cx4YdFMk.js +0 -1
- package/dist/web/_app/immutable/chunks/D7ZqAKi9.js +0 -3
- package/dist/web/_app/immutable/chunks/DGbA7IXh.js +0 -2
- package/dist/web/_app/immutable/chunks/DTZE-yoq.js +0 -2
- package/dist/web/_app/immutable/chunks/DbbB6Up5.js +0 -1
- package/dist/web/_app/immutable/chunks/DnL9f0lc.js +0 -7
- package/dist/web/_app/immutable/chunks/DtM5cEDu.js +0 -1
- package/dist/web/_app/immutable/chunks/Eqahi7_S.js +0 -2
- package/dist/web/_app/immutable/chunks/O9Eb9k00.js +0 -1
- package/dist/web/_app/immutable/chunks/PPVm8Dsz.js +0 -1
- package/dist/web/_app/immutable/chunks/QF8MAmnc.js +0 -1
- package/dist/web/_app/immutable/chunks/UjzxCpxn.js +0 -1
- package/dist/web/_app/immutable/chunks/WSUKABI_.js +0 -1
- package/dist/web/_app/immutable/chunks/Y90OgS-9.js +0 -1
- package/dist/web/_app/immutable/chunks/cLyZlkXv.js +0 -1
- package/dist/web/_app/immutable/chunks/iDtAARVW.js +0 -2
- package/dist/web/_app/immutable/chunks/oC_W7W7p.js +0 -1
- package/dist/web/_app/immutable/chunks/rJdWIgh-.js +0 -1
- package/dist/web/_app/immutable/chunks/tvOsokaa.js +0 -1
- package/dist/web/_app/immutable/chunks/uLEXaPwE.js +0 -1
- package/dist/web/_app/immutable/chunks/vSaooFHB.js +0 -1
- package/dist/web/_app/immutable/entry/app.BeUKh4sD.js +0 -2
- package/dist/web/_app/immutable/entry/start.CZJnFuQn.js +0 -1
- package/dist/web/_app/immutable/nodes/0.DyF_RsLg.js +0 -2
- package/dist/web/_app/immutable/nodes/1.7iDQmMPh.js +0 -1
- package/dist/web/_app/immutable/nodes/10.Btl8d8HT.js +0 -1
- package/dist/web/_app/immutable/nodes/2.LDRE62jN.js +0 -168
- package/dist/web/_app/immutable/nodes/3.BaW1XB1x.js +0 -1
- package/dist/web/_app/immutable/nodes/4.D0Q8kpkI.js +0 -12
- package/dist/web/_app/immutable/nodes/5.n7j2UG9h.js +0 -4
- package/dist/web/_app/immutable/nodes/6.DQYxR0iy.js +0 -2
- package/dist/web/_app/immutable/nodes/7.BsURvFAp.js +0 -2
- package/dist/web/_app/immutable/nodes/8.CsiErG0p.js +0 -1
- package/dist/web/_app/immutable/nodes/9.CnN6OZgC.js +0 -1
|
@@ -3,6 +3,14 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Login, logout, session verification, and auth status endpoints.
|
|
5
5
|
*/
|
|
6
|
+
import { createHmac, timingSafeEqual } from 'node:crypto';
|
|
7
|
+
import { isWorkspaceOwner } from '../../services/auth-service.js';
|
|
8
|
+
import { Workspace } from '../../core/workspace.js';
|
|
9
|
+
import { ensurePersonalFolder, archivePersonalFolder } from '../../services/personal-folder.js';
|
|
10
|
+
import { ensureWorkspaceAssetsFolder } from '../../services/workspace-assets-folder.js';
|
|
11
|
+
import { authUserToGitUser, ensurePersonForUser, findPersonRefForUser, linkChosenPersonToUser, BridgeError } from '../../services/user-person-bridge.js';
|
|
12
|
+
import * as access from '../../services/access-control.js';
|
|
13
|
+
import { safeReturnTo } from './oauth-api.js';
|
|
6
14
|
// ── Login rate limiting ──
|
|
7
15
|
const MAX_ATTEMPTS = 5;
|
|
8
16
|
const LOCKOUT_MS = 15 * 60 * 1000; // 15 minutes
|
|
@@ -35,35 +43,237 @@ export function recordFailedAttempt(email) {
|
|
|
35
43
|
export function clearAttempts(email) {
|
|
36
44
|
loginAttempts.delete(email.toLowerCase());
|
|
37
45
|
}
|
|
38
|
-
function
|
|
46
|
+
function requireOwner(req, authService) {
|
|
39
47
|
const token = req.cookies?.['__sg_token'];
|
|
40
48
|
if (!token)
|
|
41
49
|
return null;
|
|
42
50
|
const user = authService.verifyToken(token);
|
|
43
|
-
if (!user || user.role
|
|
51
|
+
if (!user || !isWorkspaceOwner(user.role))
|
|
44
52
|
return null;
|
|
45
53
|
return user;
|
|
46
54
|
}
|
|
47
|
-
|
|
55
|
+
/**
|
|
56
|
+
* Resolve the caller to an AuthUser. The global auth hook skips /api/auth/*
|
|
57
|
+
* so endpoints that need identity (like the token CRUD routes below) must
|
|
58
|
+
* look up credentials themselves.
|
|
59
|
+
*
|
|
60
|
+
* Accepted forms:
|
|
61
|
+
* - Cookie `__sg_token=<jwt>` (web UI)
|
|
62
|
+
* - `Authorization: Bearer <jwt>` (CLI with stored JWT)
|
|
63
|
+
* - `Authorization: Bearer <sg_…>` (CLI with API token)
|
|
64
|
+
*
|
|
65
|
+
* Mirrors the precedence the main API middleware uses elsewhere
|
|
66
|
+
* (src/server/index.ts) — needed so CLI commands like
|
|
67
|
+
* `studiograph admin transfer-ownership` can call /api/auth/* endpoints
|
|
68
|
+
* using the same Bearer sg_ token they use everywhere else.
|
|
69
|
+
*/
|
|
70
|
+
function requireUser(req, authService) {
|
|
71
|
+
const cookieToken = req.cookies?.['__sg_token'];
|
|
72
|
+
if (cookieToken) {
|
|
73
|
+
const user = authService.verifyToken(cookieToken);
|
|
74
|
+
if (user)
|
|
75
|
+
return user;
|
|
76
|
+
}
|
|
77
|
+
const authHeader = req.headers?.authorization;
|
|
78
|
+
if (authHeader?.startsWith('Bearer ')) {
|
|
79
|
+
const bearer = authHeader.slice('Bearer '.length).trim();
|
|
80
|
+
if (bearer.startsWith('sg_')) {
|
|
81
|
+
return authService.verifyApiToken(bearer);
|
|
82
|
+
}
|
|
83
|
+
// Treat anything else as a JWT — verifyToken returns null on invalid input.
|
|
84
|
+
return authService.verifyToken(bearer);
|
|
85
|
+
}
|
|
86
|
+
return null;
|
|
87
|
+
}
|
|
88
|
+
function managedCloudAuthConfig() {
|
|
89
|
+
return {
|
|
90
|
+
enabled: parseBoolean(process.env.STUDIOGRAPH_MANAGED_AUTH),
|
|
91
|
+
cloudUrl: process.env.STUDIOGRAPH_CLOUD_URL?.trim() ?? '',
|
|
92
|
+
orgId: process.env.STUDIOGRAPH_CLOUD_ORG_ID?.trim() ?? '',
|
|
93
|
+
workspaceId: process.env.STUDIOGRAPH_CLOUD_WORKSPACE_ID?.trim() ?? '',
|
|
94
|
+
token: process.env.STUDIOGRAPH_CLOUD_TOKEN?.trim() ?? '',
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
function managedCloudLoginUrl(config) {
|
|
98
|
+
if (!config.cloudUrl || !config.orgId || !config.workspaceId)
|
|
99
|
+
return null;
|
|
100
|
+
const url = new URL('/auth/workspace', config.cloudUrl);
|
|
101
|
+
url.searchParams.set('orgId', config.orgId);
|
|
102
|
+
url.searchParams.set('workspaceId', config.workspaceId);
|
|
103
|
+
return url.toString();
|
|
104
|
+
}
|
|
105
|
+
function managedCloudLogoutUrl(config, returnTo) {
|
|
106
|
+
if (!config.cloudUrl)
|
|
107
|
+
return null;
|
|
108
|
+
const url = new URL('/auth/logout', config.cloudUrl);
|
|
109
|
+
if (returnTo)
|
|
110
|
+
url.searchParams.set('returnTo', returnTo);
|
|
111
|
+
return url.toString();
|
|
112
|
+
}
|
|
113
|
+
function requestOrigin(req) {
|
|
114
|
+
const rawHost = req.headers?.['x-forwarded-host'] ?? req.headers?.host;
|
|
115
|
+
const host = Array.isArray(rawHost) ? rawHost[0] : rawHost;
|
|
116
|
+
if (!host)
|
|
117
|
+
return null;
|
|
118
|
+
const rawProto = req.headers?.['x-forwarded-proto'];
|
|
119
|
+
const forwardedProto = Array.isArray(rawProto) ? rawProto[0] : rawProto;
|
|
120
|
+
const proto = typeof forwardedProto === 'string' && forwardedProto.trim()
|
|
121
|
+
? forwardedProto.split(',')[0].trim()
|
|
122
|
+
: 'http';
|
|
123
|
+
return `${proto}://${host}`;
|
|
124
|
+
}
|
|
125
|
+
function managedLogoutReturnTo(req) {
|
|
126
|
+
const origin = requestOrigin(req);
|
|
127
|
+
if (!origin)
|
|
128
|
+
return null;
|
|
129
|
+
const url = new URL('/login', origin);
|
|
130
|
+
url.searchParams.set('managedLogout', '1');
|
|
131
|
+
return url.toString();
|
|
132
|
+
}
|
|
133
|
+
function verifyCloudLoginToken(token, secret) {
|
|
134
|
+
const [payloadPart, signaturePart] = token.split('.');
|
|
135
|
+
if (!payloadPart || !signaturePart || token.split('.').length !== 2) {
|
|
136
|
+
throw new Error('Malformed login token');
|
|
137
|
+
}
|
|
138
|
+
const expected = hmacBase64Url(payloadPart, secret);
|
|
139
|
+
if (!constantTimeEqual(signaturePart, expected)) {
|
|
140
|
+
throw new Error('Invalid login token signature');
|
|
141
|
+
}
|
|
142
|
+
const claims = JSON.parse(Buffer.from(payloadPart, 'base64url').toString('utf8'));
|
|
143
|
+
if (claims.iss !== 'studiograph-cloud' || claims.aud !== 'studiograph-runtime') {
|
|
144
|
+
throw new Error('Invalid login token audience');
|
|
145
|
+
}
|
|
146
|
+
if (!claims.orgId || !claims.workspaceId || !claims.userId || !claims.email || !claims.displayName || !claims.role) {
|
|
147
|
+
throw new Error('Incomplete login token');
|
|
148
|
+
}
|
|
149
|
+
if (!['owner', 'admin', 'member'].includes(claims.role)) {
|
|
150
|
+
throw new Error('Invalid login token role');
|
|
151
|
+
}
|
|
152
|
+
const now = Math.floor(Date.now() / 1000);
|
|
153
|
+
if (typeof claims.exp !== 'number' || claims.exp < now) {
|
|
154
|
+
throw new Error('Login token has expired');
|
|
155
|
+
}
|
|
156
|
+
if (typeof claims.iat !== 'number' || claims.iat > now + 60) {
|
|
157
|
+
throw new Error('Login token was issued in the future');
|
|
158
|
+
}
|
|
159
|
+
return claims;
|
|
160
|
+
}
|
|
161
|
+
function runtimeRoleForCloudRole(cloudRole, existing, authService) {
|
|
162
|
+
if (existing?.role === 'owner')
|
|
163
|
+
return 'owner';
|
|
164
|
+
if (cloudRole === 'owner')
|
|
165
|
+
return 'owner';
|
|
166
|
+
if (!authService.getOwner() && cloudRole === 'admin')
|
|
167
|
+
return 'owner';
|
|
168
|
+
return 'member';
|
|
169
|
+
}
|
|
170
|
+
function grantManagedWorkspaceAccess(authService, workspaceManager, user, cloudRole) {
|
|
171
|
+
const folderRole = cloudRole === 'owner' || cloudRole === 'admin' ? 'admin' : 'editor';
|
|
172
|
+
for (const repo of workspaceManager.getAllRepoConfigs()) {
|
|
173
|
+
if (repo.personal)
|
|
174
|
+
continue;
|
|
175
|
+
const currentRole = authService.getFolderRole(user.id, repo.name);
|
|
176
|
+
if (currentRole === 'admin')
|
|
177
|
+
continue;
|
|
178
|
+
if (currentRole !== folderRole)
|
|
179
|
+
authService.grantFolderAccess(user.id, repo.name, folderRole);
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
function hmacBase64Url(value, secret) {
|
|
183
|
+
return createHmac('sha256', secret).update(value).digest('base64url');
|
|
184
|
+
}
|
|
185
|
+
function constantTimeEqual(a, b) {
|
|
186
|
+
const left = Buffer.from(a);
|
|
187
|
+
const right = Buffer.from(b);
|
|
188
|
+
return left.length === right.length && timingSafeEqual(left, right);
|
|
189
|
+
}
|
|
190
|
+
function parseBoolean(value) {
|
|
191
|
+
if (!value)
|
|
192
|
+
return false;
|
|
193
|
+
return ['1', 'true', 'yes', 'on'].includes(value.trim().toLowerCase());
|
|
194
|
+
}
|
|
195
|
+
export async function registerAuthApiRoutes(fastify, authService, workspacePath, workspaceManager, workspaceName) {
|
|
196
|
+
fastify.get('/api/cloud/auth/callback', async (req, reply) => {
|
|
197
|
+
const config = managedCloudAuthConfig();
|
|
198
|
+
if (!config.enabled)
|
|
199
|
+
return reply.status(404).send({ error: 'Managed cloud auth is not enabled' });
|
|
200
|
+
if (!config.token || !config.workspaceId) {
|
|
201
|
+
return reply.status(503).send({ error: 'Managed cloud auth is not configured' });
|
|
202
|
+
}
|
|
203
|
+
const { token } = req.query;
|
|
204
|
+
if (!token)
|
|
205
|
+
return reply.status(400).send({ error: 'Missing login token' });
|
|
206
|
+
try {
|
|
207
|
+
const claims = verifyCloudLoginToken(token, config.token);
|
|
208
|
+
if (claims.workspaceId !== config.workspaceId) {
|
|
209
|
+
return reply.status(403).send({ error: 'Login token was issued for a different workspace' });
|
|
210
|
+
}
|
|
211
|
+
if (config.orgId && claims.orgId !== config.orgId) {
|
|
212
|
+
return reply.status(403).send({ error: 'Login token was issued for a different organization' });
|
|
213
|
+
}
|
|
214
|
+
const existing = authService.findUserByEmail(claims.email);
|
|
215
|
+
const runtimeRole = runtimeRoleForCloudRole(claims.role, existing, authService);
|
|
216
|
+
const user = authService.upsertCloudManagedUser({
|
|
217
|
+
email: claims.email,
|
|
218
|
+
displayName: claims.displayName,
|
|
219
|
+
role: runtimeRole,
|
|
220
|
+
});
|
|
221
|
+
await ensurePersonalFolder(new Workspace(workspacePath), authService, user);
|
|
222
|
+
grantManagedWorkspaceAccess(authService, workspaceManager, user, claims.role);
|
|
223
|
+
workspaceManager.reloadConfig();
|
|
224
|
+
// No person auto-provisioning here: task assignment + "My Tasks" key on the
|
|
225
|
+
// account identity (`[[user:<id>]]`), so a person entity is optional and
|
|
226
|
+
// never a precondition. Users add a profile explicitly from Settings → Profile.
|
|
227
|
+
const secure = req.headers['x-forwarded-proto'] === 'https';
|
|
228
|
+
reply.setCookie('__sg_token', authService.createSessionToken(user), {
|
|
229
|
+
path: '/',
|
|
230
|
+
httpOnly: true,
|
|
231
|
+
sameSite: 'lax',
|
|
232
|
+
secure,
|
|
233
|
+
maxAge: 7 * 24 * 60 * 60,
|
|
234
|
+
});
|
|
235
|
+
// Honor a returnTo echoed back through the cloud round-trip (used by the
|
|
236
|
+
// OAuth authorize → /login bounce so consent resumes after cloud auth).
|
|
237
|
+
// safeReturnTo enforces same-origin: root-relative path only, rejecting
|
|
238
|
+
// absolute/protocol-relative URLs, backslash-normalized off-origin, and
|
|
239
|
+
// control chars.
|
|
240
|
+
const returnTo = safeReturnTo(req.query.returnTo);
|
|
241
|
+
return reply.redirect(returnTo);
|
|
242
|
+
}
|
|
243
|
+
catch (err) {
|
|
244
|
+
return reply.status(401).send({ error: err?.message || 'Invalid login token' });
|
|
245
|
+
}
|
|
246
|
+
});
|
|
48
247
|
// ── Admin user management ──
|
|
49
|
-
// GET /api/auth/users — list all users
|
|
248
|
+
// GET /api/auth/users — list all users. Any authenticated caller: folder
|
|
249
|
+
// admins need this to populate the share-dialog "Add members" candidates,
|
|
250
|
+
// and the comment @-mention surface needs the same shape.
|
|
251
|
+
// Mutating endpoints below (POST/DELETE/PATCH) stay owner-only.
|
|
50
252
|
fastify.get('/api/auth/users', async (req, reply) => {
|
|
51
|
-
const
|
|
52
|
-
if (!
|
|
53
|
-
return reply.status(
|
|
253
|
+
const user = requireUser(req, authService);
|
|
254
|
+
if (!user)
|
|
255
|
+
return reply.status(401).send({ error: 'Authentication required' });
|
|
54
256
|
return reply.send({ users: authService.listUsers() });
|
|
55
257
|
});
|
|
56
258
|
// POST /api/auth/users — create a new user (admin only)
|
|
57
259
|
fastify.post('/api/auth/users', async (req, reply) => {
|
|
58
|
-
const admin =
|
|
260
|
+
const admin = requireOwner(req, authService);
|
|
59
261
|
if (!admin)
|
|
60
|
-
return reply.status(403).send({ error: '
|
|
262
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
61
263
|
const { email, password, displayName, role } = req.body;
|
|
62
264
|
if (!email || !password) {
|
|
63
265
|
return reply.status(400).send({ error: 'Email and password are required' });
|
|
64
266
|
}
|
|
267
|
+
if (role && role !== 'owner' && role !== 'member') {
|
|
268
|
+
return reply.status(400).send({ error: `Invalid role "${role}" — must be "owner" or "member"` });
|
|
269
|
+
}
|
|
65
270
|
try {
|
|
66
271
|
const user = authService.createUser(email, password, displayName || email.split('@')[0], role || 'member');
|
|
272
|
+
await ensurePersonalFolder(new Workspace(workspacePath), authService, user);
|
|
273
|
+
workspaceManager.reloadConfig();
|
|
274
|
+
// No person auto-provisioning: assignment + "My Tasks" key on the account
|
|
275
|
+
// identity (`[[user:<id>]]`), so a person entity is optional. Users add a
|
|
276
|
+
// profile to the graph explicitly from Settings → Profile.
|
|
67
277
|
return reply.send({ user });
|
|
68
278
|
}
|
|
69
279
|
catch (err) {
|
|
@@ -72,9 +282,9 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
72
282
|
});
|
|
73
283
|
// DELETE /api/auth/users/:id — delete a user (admin only, cannot delete self or last admin)
|
|
74
284
|
fastify.delete('/api/auth/users/:id', async (req, reply) => {
|
|
75
|
-
const admin =
|
|
285
|
+
const admin = requireOwner(req, authService);
|
|
76
286
|
if (!admin)
|
|
77
|
-
return reply.status(403).send({ error: '
|
|
287
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
78
288
|
const userId = parseInt(req.params.id, 10);
|
|
79
289
|
if (isNaN(userId))
|
|
80
290
|
return reply.status(400).send({ error: 'Invalid user ID' });
|
|
@@ -84,17 +294,111 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
84
294
|
const target = users.find(u => u.id === userId);
|
|
85
295
|
if (!target)
|
|
86
296
|
return reply.status(404).send({ error: 'User not found' });
|
|
87
|
-
if (target.role === '
|
|
88
|
-
return reply.status(400).send({ error: 'Cannot delete the last
|
|
297
|
+
if (target.role === 'owner' && users.filter(u => u.role === 'owner').length <= 1) {
|
|
298
|
+
return reply.status(400).send({ error: 'Cannot delete the last workspace owner. Transfer ownership first.' });
|
|
299
|
+
}
|
|
300
|
+
// Transfer folders the target solely administers to the actor
|
|
301
|
+
// (the workspace owner performing this deletion) BEFORE the cascade
|
|
302
|
+
// delete — otherwise folder_access rows for those folders disappear
|
|
303
|
+
// and the folder is left with no admins.
|
|
304
|
+
//
|
|
305
|
+
// Personal folders (the target's "My Folder") are a sub-case: they
|
|
306
|
+
// transfer the same way, then get demoted to normal archive folders
|
|
307
|
+
// so the one-personal-folder-per-user invariant holds and the actor
|
|
308
|
+
// ends up with a plainly-named folder they own outright.
|
|
309
|
+
const workspace = new Workspace(workspacePath);
|
|
310
|
+
const preConfig = await workspace.loadConfig();
|
|
311
|
+
const targetPersonalFolders = preConfig.repos.filter(r => r.personal === true && r.owner_id === target.id);
|
|
312
|
+
const personalEntryCounts = new Map();
|
|
313
|
+
for (const p of targetPersonalFolders) {
|
|
314
|
+
try {
|
|
315
|
+
personalEntryCounts.set(p.name, workspaceManager.getGraph(p.name).listEntityIds().length);
|
|
316
|
+
}
|
|
317
|
+
catch {
|
|
318
|
+
personalEntryCounts.set(p.name, 0);
|
|
319
|
+
}
|
|
320
|
+
}
|
|
321
|
+
const transferred = authService.transferFoldersOnDelete(target.id, admin.id);
|
|
322
|
+
// Capture the old name upfront: archivePersonalFolder mutates the
|
|
323
|
+
// RepoConfig in place (name/path change), so reading `p.name` after
|
|
324
|
+
// the await would return the new archive name.
|
|
325
|
+
const archived = [];
|
|
326
|
+
for (const p of targetPersonalFolders) {
|
|
327
|
+
const oldName = p.name;
|
|
328
|
+
if (!transferred.includes(oldName))
|
|
329
|
+
continue;
|
|
330
|
+
const { newName, newDisplayName } = await archivePersonalFolder(workspace, oldName, target.displayName, authService);
|
|
331
|
+
archived.push({
|
|
332
|
+
oldName,
|
|
333
|
+
newName,
|
|
334
|
+
newDisplayName,
|
|
335
|
+
entryCount: personalEntryCounts.get(oldName) ?? 0,
|
|
336
|
+
});
|
|
89
337
|
}
|
|
90
338
|
authService.deleteUser(target.email);
|
|
91
|
-
|
|
339
|
+
if (archived.length > 0)
|
|
340
|
+
workspaceManager.reloadConfig();
|
|
341
|
+
return reply.send({ ok: true, transferred, archived });
|
|
342
|
+
});
|
|
343
|
+
// GET /api/auth/users/:id/deletion-preview — show the actor what
|
|
344
|
+
// will transfer if they delete this user. Owner-gated. Returns entry
|
|
345
|
+
// counts and archive names so the confirmation UI can set expectations
|
|
346
|
+
// WITHOUT exposing the contents of the target's private folder. The
|
|
347
|
+
// preview is advisory; the DELETE endpoint is the source of truth.
|
|
348
|
+
fastify.get('/api/auth/users/:id/deletion-preview', async (req, reply) => {
|
|
349
|
+
const admin = requireOwner(req, authService);
|
|
350
|
+
if (!admin)
|
|
351
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
352
|
+
const userId = parseInt(req.params.id, 10);
|
|
353
|
+
if (isNaN(userId))
|
|
354
|
+
return reply.status(400).send({ error: 'Invalid user ID' });
|
|
355
|
+
if (admin.id === userId)
|
|
356
|
+
return reply.status(400).send({ error: 'Cannot preview deleting yourself' });
|
|
357
|
+
const target = authService.listUsers().find(u => u.id === userId);
|
|
358
|
+
if (!target)
|
|
359
|
+
return reply.status(404).send({ error: 'User not found' });
|
|
360
|
+
const workspace = new Workspace(workspacePath);
|
|
361
|
+
const config = await workspace.loadConfig();
|
|
362
|
+
// Mirror transferFoldersOnDelete's sole-admin rule so the preview
|
|
363
|
+
// matches the real delete. Personal folders are 1-member by nature,
|
|
364
|
+
// so they always qualify.
|
|
365
|
+
const targetAdminFolders = authService.getUserFolders(target.id)
|
|
366
|
+
.filter(f => authService.getFolderRole(target.id, f) === 'admin');
|
|
367
|
+
const soleAdminFolders = targetAdminFolders.filter(f => authService.getFolderAdmins(f).length === 1);
|
|
368
|
+
const date = new Date().toISOString().slice(0, 10);
|
|
369
|
+
const personalFolders = config.repos.filter(r => r.personal === true && r.owner_id === target.id && soleAdminFolders.includes(r.name));
|
|
370
|
+
const sharedSoleAdmin = soleAdminFolders.filter(f => !personalFolders.some(p => p.name === f));
|
|
371
|
+
const personal = personalFolders.map(p => {
|
|
372
|
+
let entryCount = 0;
|
|
373
|
+
try {
|
|
374
|
+
entryCount = workspaceManager.getGraph(p.name).listEntityIds().length;
|
|
375
|
+
}
|
|
376
|
+
catch { /* skip */ }
|
|
377
|
+
return {
|
|
378
|
+
entryCount,
|
|
379
|
+
newDisplayName: `Archive: ${target.displayName} (${date})`,
|
|
380
|
+
};
|
|
381
|
+
});
|
|
382
|
+
const shared = sharedSoleAdmin.map(f => {
|
|
383
|
+
const repo = config.repos.find(r => r.name === f);
|
|
384
|
+
let entryCount = 0;
|
|
385
|
+
try {
|
|
386
|
+
entryCount = workspaceManager.getGraph(f).listEntityIds().length;
|
|
387
|
+
}
|
|
388
|
+
catch { /* skip */ }
|
|
389
|
+
return {
|
|
390
|
+
name: f,
|
|
391
|
+
displayName: repo?.display_name ?? f,
|
|
392
|
+
entryCount,
|
|
393
|
+
};
|
|
394
|
+
});
|
|
395
|
+
return reply.send({ personal, shared });
|
|
92
396
|
});
|
|
93
397
|
// PATCH /api/auth/users/:id/password — reset a user's password (admin only)
|
|
94
398
|
fastify.patch('/api/auth/users/:id/password', async (req, reply) => {
|
|
95
|
-
const admin =
|
|
399
|
+
const admin = requireOwner(req, authService);
|
|
96
400
|
if (!admin)
|
|
97
|
-
return reply.status(403).send({ error: '
|
|
401
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
98
402
|
const userId = parseInt(req.params.id, 10);
|
|
99
403
|
if (isNaN(userId))
|
|
100
404
|
return reply.status(400).send({ error: 'Invalid user ID' });
|
|
@@ -113,23 +417,116 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
113
417
|
return reply.status(400).send({ error: err.message });
|
|
114
418
|
}
|
|
115
419
|
});
|
|
116
|
-
//
|
|
117
|
-
|
|
118
|
-
|
|
420
|
+
// PATCH /api/auth/users/:id — update a member's profile (owner only).
|
|
421
|
+
// Currently accepts `email` and `displayName`; mirrors the existing
|
|
422
|
+
// password-reset pattern (owner-gated, no user notification).
|
|
423
|
+
fastify.patch('/api/auth/users/:id', async (req, reply) => {
|
|
424
|
+
const admin = requireOwner(req, authService);
|
|
119
425
|
if (!admin)
|
|
120
|
-
return reply.status(403).send({ error: '
|
|
121
|
-
const
|
|
122
|
-
|
|
426
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
427
|
+
const userId = parseInt(req.params.id, 10);
|
|
428
|
+
if (isNaN(userId))
|
|
429
|
+
return reply.status(400).send({ error: 'Invalid user ID' });
|
|
430
|
+
const { email, displayName } = req.body;
|
|
431
|
+
if (email === undefined && displayName === undefined) {
|
|
432
|
+
return reply.status(400).send({ error: 'Nothing to update' });
|
|
433
|
+
}
|
|
434
|
+
if (email !== undefined) {
|
|
435
|
+
const normalized = email.toLowerCase().trim();
|
|
436
|
+
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(normalized)) {
|
|
437
|
+
return reply.status(400).send({ error: 'Invalid email address' });
|
|
438
|
+
}
|
|
439
|
+
}
|
|
440
|
+
const target = authService.findUserById(userId);
|
|
441
|
+
if (!target)
|
|
442
|
+
return reply.status(404).send({ error: 'User not found' });
|
|
443
|
+
try {
|
|
444
|
+
const updated = authService.updateProfile(userId, { email, displayName });
|
|
445
|
+
return reply.send({ user: updated });
|
|
446
|
+
}
|
|
447
|
+
catch (err) {
|
|
448
|
+
// SQLite raises a UNIQUE constraint error on duplicate email.
|
|
449
|
+
if (String(err?.message ?? '').includes('UNIQUE')) {
|
|
450
|
+
return reply.status(409).send({ error: 'That email is already in use' });
|
|
451
|
+
}
|
|
452
|
+
return reply.status(400).send({ error: err.message });
|
|
453
|
+
}
|
|
454
|
+
});
|
|
455
|
+
// ── Per-user API tokens (used by MCP clients, CLI, and git HTTP) ──
|
|
456
|
+
// POST /api/auth/tokens — mint a new token for the authenticated user.
|
|
457
|
+
// Body: { name: string }. Returns the raw token once; only its hash is stored.
|
|
458
|
+
fastify.post('/api/auth/tokens', async (req, reply) => {
|
|
459
|
+
const user = requireUser(req, authService);
|
|
460
|
+
if (!user)
|
|
461
|
+
return reply.status(401).send({ error: 'Unauthorized' });
|
|
462
|
+
const { name } = (req.body ?? {});
|
|
463
|
+
if (!name || !name.trim()) {
|
|
464
|
+
return reply.status(400).send({ error: 'name is required' });
|
|
465
|
+
}
|
|
466
|
+
try {
|
|
467
|
+
const minted = authService.createApiToken(user.id, name);
|
|
468
|
+
return reply.status(201).send(minted);
|
|
469
|
+
}
|
|
470
|
+
catch (err) {
|
|
471
|
+
return reply.status(400).send({ error: err.message });
|
|
472
|
+
}
|
|
473
|
+
});
|
|
474
|
+
// GET /api/auth/tokens — list the authenticated user's tokens (metadata only).
|
|
475
|
+
fastify.get('/api/auth/tokens', async (req, reply) => {
|
|
476
|
+
const user = requireUser(req, authService);
|
|
477
|
+
if (!user)
|
|
478
|
+
return reply.status(401).send({ error: 'Unauthorized' });
|
|
479
|
+
return reply.send({ tokens: authService.listApiTokens(user.id) });
|
|
480
|
+
});
|
|
481
|
+
// DELETE /api/auth/tokens/:id — revoke one of the user's own tokens.
|
|
482
|
+
fastify.delete('/api/auth/tokens/:id', async (req, reply) => {
|
|
483
|
+
const user = requireUser(req, authService);
|
|
484
|
+
if (!user)
|
|
485
|
+
return reply.status(401).send({ error: 'Unauthorized' });
|
|
486
|
+
const tokenId = parseInt(req.params.id, 10);
|
|
487
|
+
if (isNaN(tokenId))
|
|
488
|
+
return reply.status(400).send({ error: 'Invalid token id' });
|
|
489
|
+
const ok = authService.revokeApiToken(tokenId, user.id);
|
|
490
|
+
if (!ok)
|
|
491
|
+
return reply.status(404).send({ error: 'Token not found' });
|
|
492
|
+
return reply.send({ ok: true });
|
|
123
493
|
});
|
|
124
494
|
// GET /api/auth/seed — export auth seed data (admin only, for remote pull)
|
|
495
|
+
// Phase 3: sanitized via the same registry-driven helper as
|
|
496
|
+
// /api/config/bundle. jwtSecret + deprecated apiKey are dropped before
|
|
497
|
+
// the response leaves the trust boundary.
|
|
125
498
|
fastify.get('/api/auth/seed', async (req, reply) => {
|
|
126
|
-
const admin =
|
|
499
|
+
const admin = requireOwner(req, authService);
|
|
127
500
|
if (!admin)
|
|
128
|
-
return reply.status(403).send({ error: '
|
|
129
|
-
|
|
501
|
+
return reply.status(403).send({ error: 'Workspace owner access required' });
|
|
502
|
+
const { sanitizeAuthSeed } = await import('../../core/secrets/bundle.js');
|
|
503
|
+
return reply.send(sanitizeAuthSeed(authService.getSeedData()));
|
|
504
|
+
});
|
|
505
|
+
// POST /api/auth/transfer-ownership — transfer ownership to another user (owner only).
|
|
506
|
+
// Accepts cookie OR Bearer sg_ token via requireUser (the CLI calls this
|
|
507
|
+
// through `studiograph admin transfer-ownership`).
|
|
508
|
+
fastify.post('/api/auth/transfer-ownership', async (req, reply) => {
|
|
509
|
+
const user = requireUser(req, authService);
|
|
510
|
+
if (!user)
|
|
511
|
+
return reply.status(401).send({ error: 'Unauthorized' });
|
|
512
|
+
if (user.role !== 'owner')
|
|
513
|
+
return reply.status(403).send({ error: 'Only the workspace owner can transfer ownership' });
|
|
514
|
+
const { targetUserId } = req.body;
|
|
515
|
+
if (!targetUserId)
|
|
516
|
+
return reply.status(400).send({ error: 'targetUserId is required' });
|
|
517
|
+
try {
|
|
518
|
+
authService.transferOwnership(user.id, targetUserId);
|
|
519
|
+
return reply.send({ ok: true });
|
|
520
|
+
}
|
|
521
|
+
catch (err) {
|
|
522
|
+
return reply.status(400).send({ error: err.message });
|
|
523
|
+
}
|
|
130
524
|
});
|
|
131
525
|
// POST /api/auth/login — authenticate and set session cookie
|
|
132
526
|
fastify.post('/api/auth/login', async (req, reply) => {
|
|
527
|
+
if (managedCloudAuthConfig().enabled) {
|
|
528
|
+
return reply.status(403).send({ error: 'Use Studiograph Cloud to sign in to this managed workspace' });
|
|
529
|
+
}
|
|
133
530
|
const { email, password } = req.body;
|
|
134
531
|
if (!email || !password) {
|
|
135
532
|
return reply.status(400).send({ error: 'Email and password are required' });
|
|
@@ -150,13 +547,17 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
150
547
|
reply.setCookie('__sg_token', result.token, {
|
|
151
548
|
path: '/',
|
|
152
549
|
httpOnly: true,
|
|
153
|
-
|
|
550
|
+
// Lax (not Strict): sent on top-level GET navigations initiated cross-site
|
|
551
|
+
// — e.g. the OAuth /oauth/authorize redirect from Claude's connector — so an
|
|
552
|
+
// already-logged-in user isn't bounced to a redundant login. Still withheld
|
|
553
|
+
// on cross-site POSTs/subresources (the CSRF-dangerous cases).
|
|
554
|
+
sameSite: 'lax',
|
|
154
555
|
secure,
|
|
155
556
|
maxAge: 7 * 24 * 60 * 60, // 7 days
|
|
156
557
|
});
|
|
157
558
|
// Include the token in the response body when requested via
|
|
158
|
-
// X-Return-Token header
|
|
159
|
-
//
|
|
559
|
+
// X-Return-Token header for API clients that can't use cookies
|
|
560
|
+
// across origins.
|
|
160
561
|
const returnToken = req.headers['x-return-token'] === '1';
|
|
161
562
|
return reply.send({
|
|
162
563
|
user: result.user,
|
|
@@ -164,37 +565,148 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
164
565
|
});
|
|
165
566
|
});
|
|
166
567
|
// POST /api/auth/logout — clear session cookie
|
|
167
|
-
fastify.post('/api/auth/logout', async (
|
|
568
|
+
fastify.post('/api/auth/logout', async (req, reply) => {
|
|
569
|
+
const cloudAuth = managedCloudAuthConfig();
|
|
168
570
|
reply.setCookie('__sg_token', '', {
|
|
169
571
|
path: '/',
|
|
170
572
|
httpOnly: true,
|
|
171
|
-
sameSite: '
|
|
573
|
+
sameSite: 'lax',
|
|
172
574
|
maxAge: 0,
|
|
173
575
|
});
|
|
174
|
-
return reply.send({
|
|
576
|
+
return reply.send({
|
|
577
|
+
ok: true,
|
|
578
|
+
logoutUrl: cloudAuth.enabled
|
|
579
|
+
? managedCloudLogoutUrl(cloudAuth, managedLogoutReturnTo(req))
|
|
580
|
+
: undefined,
|
|
581
|
+
});
|
|
175
582
|
});
|
|
176
|
-
// GET /api/auth/me — verify current session
|
|
583
|
+
// GET /api/auth/me — verify current session. Also resolves the user's
|
|
584
|
+
// linked person entity (the auth↔person bridge) so the client gets both
|
|
585
|
+
// identifiers in one round-trip. `personRef` is null when the user has
|
|
586
|
+
// no linked entity (legacy, unprovisioned, or explicitly unlinked) OR
|
|
587
|
+
// when the linked entity lives in a repo the user no longer has read
|
|
588
|
+
// access to (would leak repo existence otherwise — see access-control).
|
|
177
589
|
fastify.get('/api/auth/me', async (req, reply) => {
|
|
178
|
-
|
|
179
|
-
|
|
590
|
+
// Resolve from the cookie JWT OR Authorization: Bearer (JWT / sg_ API
|
|
591
|
+
// token) via the shared requireUser helper. The global auth hook skips
|
|
592
|
+
// /api/auth/*, so without this the boot session check only honored the
|
|
593
|
+
// web cookie and rejected API-token callers (CLI, automation, the
|
|
594
|
+
// headless browser) even though they authenticate everywhere else.
|
|
595
|
+
const user = requireUser(req, authService);
|
|
596
|
+
if (!user) {
|
|
597
|
+
return reply.status(401).send({ error: 'Not authenticated' });
|
|
598
|
+
}
|
|
599
|
+
const rawRef = findPersonRefForUser(workspaceManager, user.handle);
|
|
600
|
+
const personRef = rawRef && access.hasRepoAccess(user, rawRef.repo, workspaceManager, authService)
|
|
601
|
+
? rawRef
|
|
602
|
+
: null;
|
|
603
|
+
return reply.send({ user, personRef });
|
|
604
|
+
});
|
|
605
|
+
// POST /api/auth/me/person-link — self-service link of the user↔person
|
|
606
|
+
// bridge for the CURRENT user. Two modes:
|
|
607
|
+
// - body `{ entityId }` → link that SPECIFIC person the user picked
|
|
608
|
+
// (the home CTA / Profile "which record is you?" picker).
|
|
609
|
+
// - no body → auto: email-match an existing record, else create one
|
|
610
|
+
// (ensurePersonForUser).
|
|
611
|
+
//
|
|
612
|
+
// Self-scoped — the user can only stamp THEIR OWN handle onto an UNLINKED
|
|
613
|
+
// person they can read — so it safely bypasses the owner-only gate that
|
|
614
|
+
// guards generic user_handle writes (that gate exists to stop a member
|
|
615
|
+
// claiming ANOTHER user's identity; linking yourself isn't that, and it
|
|
616
|
+
// confers no privileges — auth role comes from the account, not the entity).
|
|
617
|
+
fastify.post('/api/auth/me/person-link', async (req, reply) => {
|
|
618
|
+
const user = requireUser(req, authService);
|
|
619
|
+
if (!user)
|
|
180
620
|
return reply.status(401).send({ error: 'Not authenticated' });
|
|
621
|
+
const chosenId = typeof req.body?.entityId === 'string' ? req.body.entityId.trim() : '';
|
|
622
|
+
// Idempotent / conflict: already linked?
|
|
623
|
+
const existing = findPersonRefForUser(workspaceManager, user.handle);
|
|
624
|
+
if (existing) {
|
|
625
|
+
// Same record (or no specific request) → no-op success. A DIFFERENT
|
|
626
|
+
// record → you're already linked; refuse rather than create a 2nd link.
|
|
627
|
+
if (!chosenId || existing.entityId === chosenId) {
|
|
628
|
+
return reply.send({ action: 'already-linked', personRef: existing });
|
|
629
|
+
}
|
|
630
|
+
return reply.status(409).send({
|
|
631
|
+
error: `Your account is already linked to ${existing.repo}/${existing.entityId}. Unlink it first to link a different record.`,
|
|
632
|
+
code: 'ALREADY_LINKED_ELSEWHERE',
|
|
633
|
+
});
|
|
181
634
|
}
|
|
635
|
+
// Mode 1 — link a specific, user-picked person.
|
|
636
|
+
if (chosenId) {
|
|
637
|
+
const target = workspaceManager.findEntityByTypeAndId('person', chosenId);
|
|
638
|
+
// Collapse "not found" and "can't read it" into one 404 so we don't leak
|
|
639
|
+
// the existence of records in folders the caller can't access.
|
|
640
|
+
if (!target || !access.hasRepoAccess(user, target.repoName, workspaceManager, authService)) {
|
|
641
|
+
return reply.status(404).send({ error: `No person entry "${chosenId}" you can link.`, code: 'PERSON_NOT_FOUND' });
|
|
642
|
+
}
|
|
643
|
+
try {
|
|
644
|
+
// Self-scoped link (own handle, unlinked target) — guards live in the
|
|
645
|
+
// bridge helper; it throws BridgeError on conflict.
|
|
646
|
+
await linkChosenPersonToUser(workspaceManager, user, { repo: target.repoName, entityId: chosenId }, authUserToGitUser(user));
|
|
647
|
+
return reply.send({ action: 'linked', personRef: { repo: target.repoName, entityId: chosenId } });
|
|
648
|
+
}
|
|
649
|
+
catch (err) {
|
|
650
|
+
if (err instanceof BridgeError)
|
|
651
|
+
return reply.status(409).send({ error: err.message, code: err.code, ...err.details });
|
|
652
|
+
return reply.status(500).send({ error: err?.message ?? 'Failed to link person record' });
|
|
653
|
+
}
|
|
654
|
+
}
|
|
655
|
+
// Mode 2 — auto (email-match an existing record, else create one).
|
|
656
|
+
try {
|
|
657
|
+
const r = await ensurePersonForUser(workspaceManager, authService, user, authUserToGitUser(user));
|
|
658
|
+
if (r.action === 'skipped') {
|
|
659
|
+
return reply.status(409).send({
|
|
660
|
+
error: `Could not create a person record (${r.reason}). Ask a workspace owner to designate a shared folder.`,
|
|
661
|
+
code: 'BRIDGE_SKIPPED',
|
|
662
|
+
});
|
|
663
|
+
}
|
|
664
|
+
return reply.send({ action: r.action, personRef: r.ref });
|
|
665
|
+
}
|
|
666
|
+
catch (err) {
|
|
667
|
+
return reply.status(500).send({ error: err?.message ?? 'Failed to link person record' });
|
|
668
|
+
}
|
|
669
|
+
});
|
|
670
|
+
// PATCH /api/auth/me — update current user's profile
|
|
671
|
+
fastify.patch('/api/auth/me', async (req, reply) => {
|
|
672
|
+
const token = req.cookies?.['__sg_token'];
|
|
673
|
+
if (!token)
|
|
674
|
+
return reply.status(401).send({ error: 'Not authenticated' });
|
|
182
675
|
const user = authService.verifyToken(token);
|
|
183
|
-
if (!user)
|
|
676
|
+
if (!user)
|
|
184
677
|
return reply.status(401).send({ error: 'Not authenticated' });
|
|
678
|
+
const { displayName, email, newPassword } = req.body;
|
|
679
|
+
if (newPassword) {
|
|
680
|
+
authService.updatePassword(user.email, newPassword);
|
|
185
681
|
}
|
|
186
|
-
|
|
682
|
+
const updated = authService.updateProfile(user.id, {
|
|
683
|
+
displayName: displayName !== undefined ? displayName : undefined,
|
|
684
|
+
email: email !== undefined ? email : undefined,
|
|
685
|
+
});
|
|
686
|
+
return reply.send({ user: updated });
|
|
687
|
+
});
|
|
688
|
+
// GET /api/auth/colors — accent colors for all users (for avatar rendering)
|
|
689
|
+
fastify.get('/api/auth/colors', async (_req, reply) => {
|
|
690
|
+
return reply.send({ colors: authService.getAllAccentColors() });
|
|
187
691
|
});
|
|
188
692
|
// GET /api/auth/status — public endpoint for login page
|
|
189
|
-
fastify.get('/api/auth/status', async (
|
|
693
|
+
fastify.get('/api/auth/status', async (req, reply) => {
|
|
694
|
+
const cloudAuth = managedCloudAuthConfig();
|
|
190
695
|
return reply.send({
|
|
191
696
|
authEnabled: authService.hasUsers(),
|
|
192
697
|
userCount: authService.getUserCount(),
|
|
193
698
|
workspaceName: workspaceName || undefined,
|
|
699
|
+
managedAuth: cloudAuth.enabled,
|
|
700
|
+
cloudUrl: cloudAuth.cloudUrl || undefined,
|
|
701
|
+
managedAuthLoginUrl: managedCloudLoginUrl(cloudAuth) || undefined,
|
|
702
|
+
managedAuthLogoutUrl: managedCloudLogoutUrl(cloudAuth, managedLogoutReturnTo(req)) || undefined,
|
|
194
703
|
});
|
|
195
704
|
});
|
|
196
705
|
// POST /api/auth/setup — create the first admin account (only works when no users exist)
|
|
197
706
|
fastify.post('/api/auth/setup', async (req, reply) => {
|
|
707
|
+
if (managedCloudAuthConfig().enabled) {
|
|
708
|
+
return reply.status(403).send({ error: 'Managed workspaces are set up from Studiograph Cloud' });
|
|
709
|
+
}
|
|
198
710
|
if (authService.hasUsers()) {
|
|
199
711
|
return reply.status(403).send({ error: 'Setup already completed' });
|
|
200
712
|
}
|
|
@@ -203,7 +715,29 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
203
715
|
return reply.status(400).send({ error: 'Email and password are required' });
|
|
204
716
|
}
|
|
205
717
|
try {
|
|
206
|
-
const user = authService.createUser(email, password, displayName || email.split('@')[0], '
|
|
718
|
+
const user = authService.createUser(email, password, displayName || email.split('@')[0], 'owner');
|
|
719
|
+
const setupWorkspace = new Workspace(workspacePath);
|
|
720
|
+
await ensurePersonalFolder(setupWorkspace, authService, user);
|
|
721
|
+
// Provision the reserved workspace-wide "Assets" store once, at first-run
|
|
722
|
+
// setup. Existing workspaces backfill lazily on first asset upload
|
|
723
|
+
// (resolveWorkspaceAssetsRepo) — never via a boot sweep.
|
|
724
|
+
await ensureWorkspaceAssetsFolder(setupWorkspace);
|
|
725
|
+
workspaceManager.reloadConfig();
|
|
726
|
+
// Grant the first owner folder-admin on every existing team folder.
|
|
727
|
+
// Without this, folders scaffolded by `studiograph init` before any
|
|
728
|
+
// user existed end up with zero folder_access rows, and
|
|
729
|
+
// `getAccessibleRepos()` filters them out of the sidebar — the first
|
|
730
|
+
// owner then sees an empty workspace despite the files being on disk.
|
|
731
|
+
// Personal folders are handled by ensurePersonalFolder above; skipping
|
|
732
|
+
// them here avoids granting the owner access to other users' personals.
|
|
733
|
+
for (const repo of workspaceManager.getAllRepoConfigs()) {
|
|
734
|
+
if (repo.personal)
|
|
735
|
+
continue;
|
|
736
|
+
authService.grantFolderAccess(user.id, repo.name, 'admin');
|
|
737
|
+
}
|
|
738
|
+
// No first-owner person auto-provisioning: assignment + "My Tasks" key on
|
|
739
|
+
// the account identity (`[[user:<id>]]`). The owner adds their profile to
|
|
740
|
+
// the graph explicitly from Settings → Profile if they want one.
|
|
207
741
|
const result = authService.authenticate(email, password);
|
|
208
742
|
if (!result) {
|
|
209
743
|
return reply.status(500).send({ error: 'Failed to authenticate after setup' });
|
|
@@ -212,7 +746,7 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
|
|
|
212
746
|
reply.setCookie('__sg_token', result.token, {
|
|
213
747
|
path: '/',
|
|
214
748
|
httpOnly: true,
|
|
215
|
-
sameSite: '
|
|
749
|
+
sameSite: 'lax',
|
|
216
750
|
secure,
|
|
217
751
|
maxAge: 7 * 24 * 60 * 60,
|
|
218
752
|
});
|