studiograph 1.3.48-next.21 → 1.3.48-next.210
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -16
- package/dist/agent/agent-pool.d.ts +87 -3
- package/dist/agent/agent-pool.js +188 -15
- package/dist/agent/agent-pool.js.map +1 -1
- package/dist/agent/followups.d.ts +34 -0
- package/dist/agent/followups.js +52 -0
- package/dist/agent/followups.js.map +1 -0
- package/dist/agent/orchestrator.d.ts +101 -4
- package/dist/agent/orchestrator.js +464 -66
- package/dist/agent/orchestrator.js.map +1 -1
- package/dist/agent/prompts/entity-types-section.d.ts +34 -0
- package/dist/agent/prompts/entity-types-section.js +76 -0
- package/dist/agent/prompts/entity-types-section.js.map +1 -0
- package/dist/agent/prompts/system.md +112 -54
- package/dist/agent/skill-loader.d.ts +30 -17
- package/dist/agent/skill-loader.js +63 -30
- package/dist/agent/skill-loader.js.map +1 -1
- package/dist/agent/skills/artifact-canvas/skill.md +152 -0
- package/dist/agent/skills/entity-schema.md +75 -431
- package/dist/agent/skills/interview/entity-templates.md +38 -37
- package/dist/agent/skills/interview/question-domains.md +54 -49
- package/dist/agent/skills/interview/skill.md +84 -16
- package/dist/agent/skills/schema-rules.md +28 -28
- package/dist/agent/tools/artifact-tools.d.ts +124 -0
- package/dist/agent/tools/artifact-tools.js +207 -0
- package/dist/agent/tools/artifact-tools.js.map +1 -0
- package/dist/agent/tools/capture-tools.d.ts +31 -0
- package/dist/agent/tools/capture-tools.js +40 -0
- package/dist/agent/tools/capture-tools.js.map +1 -0
- package/dist/agent/tools/folder-tools.d.ts +47 -0
- package/dist/agent/tools/folder-tools.js +249 -0
- package/dist/agent/tools/folder-tools.js.map +1 -0
- package/dist/agent/tools/fs-tools.d.ts +6 -5
- package/dist/agent/tools/fs-tools.js +5 -5
- package/dist/agent/tools/fs-tools.js.map +1 -1
- package/dist/agent/tools/graph-tools.d.ts +48 -72
- package/dist/agent/tools/graph-tools.js +852 -329
- package/dist/agent/tools/graph-tools.js.map +1 -1
- package/dist/agent/tools/history-tools.d.ts +95 -0
- package/dist/agent/tools/history-tools.js +461 -0
- package/dist/agent/tools/history-tools.js.map +1 -0
- package/dist/agent/tools/load-skill.d.ts +6 -5
- package/dist/agent/tools/load-skill.js +3 -3
- package/dist/agent/tools/load-skill.js.map +1 -1
- package/dist/agent/tools/ops-tools.d.ts +5 -4
- package/dist/agent/tools/ops-tools.js +130 -236
- package/dist/agent/tools/ops-tools.js.map +1 -1
- package/dist/agent/tools/permission-tools.d.ts +87 -17
- package/dist/agent/tools/permission-tools.js +233 -43
- package/dist/agent/tools/permission-tools.js.map +1 -1
- package/dist/agent/tools/tool-loader.js +5 -4
- package/dist/agent/tools/tool-loader.js.map +1 -1
- package/dist/agent/tools/web-tools.js +58 -9
- package/dist/agent/tools/web-tools.js.map +1 -1
- package/dist/cli/commands/about.d.ts +1 -0
- package/dist/cli/commands/about.js +55 -3
- package/dist/cli/commands/about.js.map +1 -1
- package/dist/cli/commands/admin/audit-workspace.d.ts +23 -0
- package/dist/cli/commands/admin/audit-workspace.js +133 -0
- package/dist/cli/commands/admin/audit-workspace.js.map +1 -0
- package/dist/cli/commands/admin/audit.d.ts +21 -0
- package/dist/cli/commands/admin/audit.js +174 -0
- package/dist/cli/commands/admin/audit.js.map +1 -0
- package/dist/cli/commands/admin/backup.d.ts +54 -0
- package/dist/cli/commands/admin/backup.js +207 -0
- package/dist/cli/commands/admin/backup.js.map +1 -0
- package/dist/cli/commands/admin/folder.d.ts +11 -0
- package/dist/cli/commands/{collection.js → admin/folder.js} +33 -32
- package/dist/cli/commands/admin/folder.js.map +1 -0
- package/dist/cli/commands/admin/index.d.ts +16 -0
- package/dist/cli/commands/admin/index.js +46 -0
- package/dist/cli/commands/admin/index.js.map +1 -0
- package/dist/cli/commands/admin/migrate-assets.d.ts +53 -0
- package/dist/cli/commands/admin/migrate-assets.js +184 -0
- package/dist/cli/commands/admin/migrate-assets.js.map +1 -0
- package/dist/cli/commands/admin/migrate.d.ts +56 -0
- package/dist/cli/commands/admin/migrate.js +263 -0
- package/dist/cli/commands/admin/migrate.js.map +1 -0
- package/dist/cli/commands/admin/restore.d.ts +24 -0
- package/dist/cli/commands/admin/restore.js +228 -0
- package/dist/cli/commands/admin/restore.js.map +1 -0
- package/dist/cli/commands/admin/secrets.d.ts +23 -0
- package/dist/cli/commands/admin/secrets.js +256 -0
- package/dist/cli/commands/admin/secrets.js.map +1 -0
- package/dist/cli/commands/admin/settings.d.ts +28 -0
- package/dist/cli/commands/admin/settings.js +284 -0
- package/dist/cli/commands/admin/settings.js.map +1 -0
- package/dist/cli/commands/admin/token.d.ts +42 -0
- package/dist/cli/commands/admin/token.js +126 -0
- package/dist/cli/commands/admin/token.js.map +1 -0
- package/dist/cli/commands/admin/transfer-ownership.d.ts +15 -0
- package/dist/cli/commands/admin/transfer-ownership.js +106 -0
- package/dist/cli/commands/admin/transfer-ownership.js.map +1 -0
- package/dist/cli/commands/admin/user.d.ts +11 -0
- package/dist/cli/commands/admin/user.js +187 -0
- package/dist/cli/commands/admin/user.js.map +1 -0
- package/dist/cli/commands/clone.d.ts +25 -3
- package/dist/cli/commands/clone.js +142 -36
- package/dist/cli/commands/clone.js.map +1 -1
- package/dist/cli/commands/config.d.ts +23 -107
- package/dist/cli/commands/config.js +52 -260
- package/dist/cli/commands/config.js.map +1 -1
- package/dist/cli/commands/connector.d.ts +10 -13
- package/dist/cli/commands/connector.js +16 -58
- package/dist/cli/commands/connector.js.map +1 -1
- package/dist/cli/commands/deploy.js +215 -68
- package/dist/cli/commands/deploy.js.map +1 -1
- package/dist/cli/commands/index.js +5 -1
- package/dist/cli/commands/index.js.map +1 -1
- package/dist/cli/commands/init.js +10 -30
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/mcp.js +54 -6
- package/dist/cli/commands/mcp.js.map +1 -1
- package/dist/cli/commands/r2.d.ts +3 -0
- package/dist/cli/commands/r2.js +223 -204
- package/dist/cli/commands/r2.js.map +1 -1
- package/dist/cli/commands/redeploy.js +65 -12
- package/dist/cli/commands/redeploy.js.map +1 -1
- package/dist/cli/commands/reset.d.ts +22 -6
- package/dist/cli/commands/reset.js +132 -34
- package/dist/cli/commands/reset.js.map +1 -1
- package/dist/cli/commands/serve.js +231 -26
- package/dist/cli/commands/serve.js.map +1 -1
- package/dist/cli/commands/sync.d.ts +1 -1
- package/dist/cli/commands/sync.js +237 -227
- package/dist/cli/commands/sync.js.map +1 -1
- package/dist/cli/crypto-bundle.d.ts +39 -0
- package/dist/cli/crypto-bundle.js +94 -0
- package/dist/cli/crypto-bundle.js.map +1 -0
- package/dist/cli/index.js +24 -26
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/railway-pin.d.ts +68 -0
- package/dist/cli/railway-pin.js +96 -0
- package/dist/cli/railway-pin.js.map +1 -0
- package/dist/cli/railway-provisioning.d.ts +53 -0
- package/dist/cli/railway-provisioning.js +85 -0
- package/dist/cli/railway-provisioning.js.map +1 -0
- package/dist/cli/setup-wizard.d.ts +30 -49
- package/dist/cli/setup-wizard.js +39 -40
- package/dist/cli/setup-wizard.js.map +1 -1
- package/dist/core/accent-palette.d.ts +22 -0
- package/dist/core/accent-palette.js +47 -0
- package/dist/core/accent-palette.js.map +1 -0
- package/dist/core/artifact-asset-urls.d.ts +51 -0
- package/dist/core/artifact-asset-urls.js +79 -0
- package/dist/core/artifact-asset-urls.js.map +1 -0
- package/dist/core/artifact-bundle.d.ts +69 -0
- package/dist/core/artifact-bundle.js +305 -0
- package/dist/core/artifact-bundle.js.map +1 -0
- package/dist/core/artifact-escape.d.ts +5 -0
- package/dist/core/artifact-escape.js +26 -0
- package/dist/core/artifact-escape.js.map +1 -0
- package/dist/core/artifact-export.d.ts +17 -0
- package/dist/core/artifact-export.js +529 -0
- package/dist/core/artifact-export.js.map +1 -0
- package/dist/core/cell-anchor.d.ts +29 -0
- package/dist/core/cell-anchor.js +53 -0
- package/dist/core/cell-anchor.js.map +1 -0
- package/dist/core/comment-anchor.d.ts +41 -0
- package/dist/core/comment-anchor.js +147 -0
- package/dist/core/comment-anchor.js.map +1 -0
- package/dist/core/commit-messages.d.ts +57 -0
- package/dist/core/commit-messages.js +85 -0
- package/dist/core/commit-messages.js.map +1 -0
- package/dist/core/embeds.d.ts +96 -0
- package/dist/core/embeds.js +187 -0
- package/dist/core/embeds.js.map +1 -0
- package/dist/core/entity-body-templates.d.ts +21 -0
- package/dist/core/entity-body-templates.js +67 -0
- package/dist/core/entity-body-templates.js.map +1 -0
- package/dist/core/entity-types-catalog.d.ts +65 -0
- package/dist/core/entity-types-catalog.js +142 -0
- package/dist/core/entity-types-catalog.js.map +1 -0
- package/dist/core/field-library.d.ts +62 -0
- package/dist/core/field-library.js +129 -0
- package/dist/core/field-library.js.map +1 -0
- package/dist/core/folder-paths.d.ts +41 -0
- package/dist/core/folder-paths.js +95 -0
- package/dist/core/folder-paths.js.map +1 -0
- package/dist/core/folder-sidecar.d.ts +36 -0
- package/dist/core/folder-sidecar.js +91 -0
- package/dist/core/folder-sidecar.js.map +1 -0
- package/dist/core/format-registry.d.ts +170 -0
- package/dist/core/format-registry.js +412 -0
- package/dist/core/format-registry.js.map +1 -0
- package/dist/core/graph.d.ts +773 -14
- package/dist/core/graph.js +2269 -308
- package/dist/core/graph.js.map +1 -1
- package/dist/core/history-diff.d.ts +35 -0
- package/dist/core/history-diff.js +114 -0
- package/dist/core/history-diff.js.map +1 -0
- package/dist/core/refs.d.ts +41 -0
- package/dist/core/refs.js +80 -0
- package/dist/core/refs.js.map +1 -0
- package/dist/core/schema-registry.d.ts +66 -0
- package/dist/core/schema-registry.js +198 -37
- package/dist/core/schema-registry.js.map +1 -1
- package/dist/core/schemas/connector.d.ts +67 -0
- package/dist/core/schemas/connector.js +100 -0
- package/dist/core/schemas/connector.js.map +1 -0
- package/dist/core/schemas/workspace.d.ts +122 -0
- package/dist/core/schemas/workspace.js +211 -0
- package/dist/core/schemas/workspace.js.map +1 -0
- package/dist/core/secrets/SecretStore.d.ts +77 -0
- package/dist/core/secrets/SecretStore.js +13 -0
- package/dist/core/secrets/SecretStore.js.map +1 -0
- package/dist/core/secrets/SettingsResolver.d.ts +54 -0
- package/dist/core/secrets/SettingsResolver.js +80 -0
- package/dist/core/secrets/SettingsResolver.js.map +1 -0
- package/dist/core/secrets/SettingsStore.d.ts +30 -0
- package/dist/core/secrets/SettingsStore.js +9 -0
- package/dist/core/secrets/SettingsStore.js.map +1 -0
- package/dist/core/secrets/SqliteEncryptedStore.d.ts +90 -0
- package/dist/core/secrets/SqliteEncryptedStore.js +598 -0
- package/dist/core/secrets/SqliteEncryptedStore.js.map +1 -0
- package/dist/core/secrets/audit.d.ts +36 -0
- package/dist/core/secrets/audit.js +60 -0
- package/dist/core/secrets/audit.js.map +1 -0
- package/dist/core/secrets/auth-db-migration.d.ts +129 -0
- package/dist/core/secrets/auth-db-migration.js +653 -0
- package/dist/core/secrets/auth-db-migration.js.map +1 -0
- package/dist/core/secrets/bundle.d.ts +141 -0
- package/dist/core/secrets/bundle.js +435 -0
- package/dist/core/secrets/bundle.js.map +1 -0
- package/dist/core/secrets/dual-write.d.ts +81 -0
- package/dist/core/secrets/dual-write.js +247 -0
- package/dist/core/secrets/dual-write.js.map +1 -0
- package/dist/core/secrets/encryption.d.ts +44 -0
- package/dist/core/secrets/encryption.js +97 -0
- package/dist/core/secrets/encryption.js.map +1 -0
- package/dist/core/secrets/index.d.ts +49 -0
- package/dist/core/secrets/index.js +74 -0
- package/dist/core/secrets/index.js.map +1 -0
- package/dist/core/secrets/master-key.d.ts +38 -0
- package/dist/core/secrets/master-key.js +122 -0
- package/dist/core/secrets/master-key.js.map +1 -0
- package/dist/core/secrets/probes/anthropic.d.ts +98 -0
- package/dist/core/secrets/probes/anthropic.js +300 -0
- package/dist/core/secrets/probes/anthropic.js.map +1 -0
- package/dist/core/secrets/probes/brave.d.ts +9 -0
- package/dist/core/secrets/probes/brave.js +15 -0
- package/dist/core/secrets/probes/brave.js.map +1 -0
- package/dist/core/secrets/probes/r2.d.ts +15 -0
- package/dist/core/secrets/probes/r2.js +14 -0
- package/dist/core/secrets/probes/r2.js.map +1 -0
- package/dist/core/secrets/probes/tavily.d.ts +18 -0
- package/dist/core/secrets/probes/tavily.js +58 -0
- package/dist/core/secrets/probes/tavily.js.map +1 -0
- package/dist/core/secrets/probes/voyage.d.ts +13 -0
- package/dist/core/secrets/probes/voyage.js +52 -0
- package/dist/core/secrets/probes/voyage.js.map +1 -0
- package/dist/core/secrets/r2-structural-migration.d.ts +39 -0
- package/dist/core/secrets/r2-structural-migration.js +109 -0
- package/dist/core/secrets/r2-structural-migration.js.map +1 -0
- package/dist/core/secrets/read-flip.d.ts +59 -0
- package/dist/core/secrets/read-flip.js +87 -0
- package/dist/core/secrets/read-flip.js.map +1 -0
- package/dist/core/secrets/registry.d.ts +188 -0
- package/dist/core/secrets/registry.js +616 -0
- package/dist/core/secrets/registry.js.map +1 -0
- package/dist/core/types.d.ts +77 -483
- package/dist/core/types.js +25 -3
- package/dist/core/types.js.map +1 -1
- package/dist/core/user-config.d.ts +75 -12
- package/dist/core/user-config.js +155 -14
- package/dist/core/user-config.js.map +1 -1
- package/dist/core/validation.d.ts +786 -1373
- package/dist/core/validation.js +458 -147
- package/dist/core/validation.js.map +1 -1
- package/dist/core/workspace-manager.d.ts +87 -14
- package/dist/core/workspace-manager.js +222 -94
- package/dist/core/workspace-manager.js.map +1 -1
- package/dist/core/workspace.d.ts +19 -5
- package/dist/core/workspace.js +67 -39
- package/dist/core/workspace.js.map +1 -1
- package/dist/mcp/comment-virtual-entity.d.ts +36 -0
- package/dist/mcp/comment-virtual-entity.js +71 -0
- package/dist/mcp/comment-virtual-entity.js.map +1 -0
- package/dist/mcp/connector-manager.d.ts +72 -2
- package/dist/mcp/connector-manager.js +211 -32
- package/dist/mcp/connector-manager.js.map +1 -1
- package/dist/mcp/oauth-provider.d.ts +0 -5
- package/dist/mcp/oauth-provider.js +10 -22
- package/dist/mcp/oauth-provider.js.map +1 -1
- package/dist/mcp/oauth-registry.d.ts +46 -8
- package/dist/mcp/oauth-registry.js +52 -13
- package/dist/mcp/oauth-registry.js.map +1 -1
- package/dist/mcp/server-discovery.d.ts +73 -0
- package/dist/mcp/server-discovery.js +164 -0
- package/dist/mcp/server-discovery.js.map +1 -0
- package/dist/mcp/server.d.ts +24 -3
- package/dist/mcp/server.js +53 -10
- package/dist/mcp/server.js.map +1 -1
- package/dist/mcp/state-signer.d.ts +62 -0
- package/dist/mcp/state-signer.js +205 -0
- package/dist/mcp/state-signer.js.map +1 -0
- package/dist/mcp/stdio-proxy.d.ts +67 -0
- package/dist/mcp/stdio-proxy.js +149 -0
- package/dist/mcp/stdio-proxy.js.map +1 -0
- package/dist/mcp/tools.d.ts +65 -2
- package/dist/mcp/tools.js +1772 -124
- package/dist/mcp/tools.js.map +1 -1
- package/dist/server/__tests__/helpers/graph-api.d.ts +16 -0
- package/dist/server/__tests__/helpers/graph-api.js +16 -0
- package/dist/server/__tests__/helpers/graph-api.js.map +1 -0
- package/dist/server/artifact-asset-mint.d.ts +41 -0
- package/dist/server/artifact-asset-mint.js +59 -0
- package/dist/server/artifact-asset-mint.js.map +1 -0
- package/dist/server/asset-index-queue.d.ts +98 -0
- package/dist/server/asset-index-queue.js +193 -0
- package/dist/server/asset-index-queue.js.map +1 -0
- package/dist/server/body-write-coordinator.d.ts +161 -0
- package/dist/server/body-write-coordinator.js +182 -0
- package/dist/server/body-write-coordinator.js.map +1 -0
- package/dist/server/cloud-billing-flow.d.ts +32 -0
- package/dist/server/cloud-billing-flow.js +75 -0
- package/dist/server/cloud-billing-flow.js.map +1 -0
- package/dist/server/commit-audit.d.ts +26 -0
- package/dist/server/commit-audit.js +30 -0
- package/dist/server/commit-audit.js.map +1 -0
- package/dist/server/index.d.ts +29 -3
- package/dist/server/index.js +657 -269
- package/dist/server/index.js.map +1 -1
- package/dist/server/middleware/sanitize.d.ts +46 -0
- package/dist/server/middleware/sanitize.js +182 -0
- package/dist/server/middleware/sanitize.js.map +1 -0
- package/dist/server/routes/artifact-export-api.d.ts +11 -0
- package/dist/server/routes/artifact-export-api.js +159 -0
- package/dist/server/routes/artifact-export-api.js.map +1 -0
- package/dist/server/routes/asset-api.d.ts +76 -1
- package/dist/server/routes/asset-api.js +761 -61
- package/dist/server/routes/asset-api.js.map +1 -1
- package/dist/server/routes/audit-api.d.ts +24 -0
- package/dist/server/routes/audit-api.js +117 -0
- package/dist/server/routes/audit-api.js.map +1 -0
- package/dist/server/routes/auth-api.js +532 -63
- package/dist/server/routes/auth-api.js.map +1 -1
- package/dist/server/routes/capture-api.d.ts +10 -3
- package/dist/server/routes/capture-api.js +213 -25
- package/dist/server/routes/capture-api.js.map +1 -1
- package/dist/server/routes/chat-sessions-api.d.ts +13 -0
- package/dist/server/routes/chat-sessions-api.js +455 -0
- package/dist/server/routes/chat-sessions-api.js.map +1 -0
- package/dist/server/routes/chat.d.ts +35 -1
- package/dist/server/routes/chat.js +699 -54
- package/dist/server/routes/chat.js.map +1 -1
- package/dist/server/routes/comments-api.d.ts +15 -0
- package/dist/server/routes/comments-api.js +444 -0
- package/dist/server/routes/comments-api.js.map +1 -0
- package/dist/server/routes/config-api.d.ts +3 -2
- package/dist/server/routes/config-api.js +179 -49
- package/dist/server/routes/config-api.js.map +1 -1
- package/dist/server/routes/connectors-api.js +177 -42
- package/dist/server/routes/connectors-api.js.map +1 -1
- package/dist/server/routes/event-ingest-api.d.ts +15 -0
- package/dist/server/routes/{meeting-ingest-api.js → event-ingest-api.js} +35 -20
- package/dist/server/routes/event-ingest-api.js.map +1 -0
- package/dist/server/routes/field-library-api.d.ts +28 -0
- package/dist/server/routes/field-library-api.js +126 -0
- package/dist/server/routes/field-library-api.js.map +1 -0
- package/dist/server/routes/git-http.d.ts +2 -2
- package/dist/server/routes/git-http.js +86 -39
- package/dist/server/routes/git-http.js.map +1 -1
- package/dist/server/routes/graph-api-access.d.ts +57 -0
- package/dist/server/routes/graph-api-access.js +112 -0
- package/dist/server/routes/graph-api-access.js.map +1 -0
- package/dist/server/routes/graph-api.d.ts +1 -1
- package/dist/server/routes/graph-api.js +1455 -325
- package/dist/server/routes/graph-api.js.map +1 -1
- package/dist/server/routes/health.d.ts +18 -0
- package/dist/server/routes/health.js +74 -0
- package/dist/server/routes/health.js.map +1 -0
- package/dist/server/routes/import-batch.d.ts +24 -0
- package/dist/server/routes/import-batch.js +33 -0
- package/dist/server/routes/import-batch.js.map +1 -0
- package/dist/server/routes/insights-api.d.ts +9 -2
- package/dist/server/routes/insights-api.js +355 -61
- package/dist/server/routes/insights-api.js.map +1 -1
- package/dist/server/routes/mcp.d.ts +7 -3
- package/dist/server/routes/mcp.js +24 -8
- package/dist/server/routes/mcp.js.map +1 -1
- package/dist/server/routes/oauth-api.d.ts +67 -0
- package/dist/server/routes/oauth-api.js +421 -0
- package/dist/server/routes/oauth-api.js.map +1 -0
- package/dist/server/routes/permissions-api.d.ts +9 -2
- package/dist/server/routes/permissions-api.js +87 -31
- package/dist/server/routes/permissions-api.js.map +1 -1
- package/dist/server/routes/r2-api.d.ts +25 -0
- package/dist/server/routes/r2-api.js +276 -0
- package/dist/server/routes/r2-api.js.map +1 -0
- package/dist/server/routes/secrets-api.d.ts +36 -0
- package/dist/server/routes/secrets-api.js +308 -0
- package/dist/server/routes/secrets-api.js.map +1 -0
- package/dist/server/routes/settings-api.d.ts +29 -0
- package/dist/server/routes/settings-api.js +180 -0
- package/dist/server/routes/settings-api.js.map +1 -0
- package/dist/server/routes/share-api.d.ts +32 -0
- package/dist/server/routes/share-api.js +234 -0
- package/dist/server/routes/share-api.js.map +1 -0
- package/dist/server/routes/views-api.js +51 -0
- package/dist/server/routes/views-api.js.map +1 -1
- package/dist/server/routes/workspace-api.d.ts +2 -1
- package/dist/server/routes/workspace-api.js +142 -23
- package/dist/server/routes/workspace-api.js.map +1 -1
- package/dist/server/routes/ws.d.ts +3 -2
- package/dist/server/routes/ws.js +68 -17
- package/dist/server/routes/ws.js.map +1 -1
- package/dist/server/session-manager.d.ts +48 -5
- package/dist/server/session-manager.js +182 -14
- package/dist/server/session-manager.js.map +1 -1
- package/dist/server/ws-hub.d.ts +124 -37
- package/dist/server/ws-hub.js +0 -0
- package/dist/server/ws-hub.js.map +1 -1
- package/dist/server/yjs-manager.d.ts +278 -7
- package/dist/server/yjs-manager.js +830 -38
- package/dist/server/yjs-manager.js.map +1 -1
- package/dist/server/yjs-persistence.d.ts +165 -0
- package/dist/server/yjs-persistence.js +557 -0
- package/dist/server/yjs-persistence.js.map +1 -0
- package/dist/server/yjs-text-diff.d.ts +32 -0
- package/dist/server/yjs-text-diff.js +61 -0
- package/dist/server/yjs-text-diff.js.map +1 -0
- package/dist/services/access-control.d.ts +73 -0
- package/dist/services/access-control.js +165 -0
- package/dist/services/access-control.js.map +1 -0
- package/dist/services/artifact-asset-token.d.ts +69 -0
- package/dist/services/artifact-asset-token.js +94 -0
- package/dist/services/artifact-asset-token.js.map +1 -0
- package/dist/services/artifact-library-sources.d.ts +3 -0
- package/dist/services/artifact-library-sources.js +44 -0
- package/dist/services/artifact-library-sources.js.map +1 -0
- package/dist/services/artifact-render-export.d.ts +97 -0
- package/dist/services/artifact-render-export.js +467 -0
- package/dist/services/artifact-render-export.js.map +1 -0
- package/dist/services/asset-caption-service.d.ts +103 -0
- package/dist/services/asset-caption-service.js +186 -0
- package/dist/services/asset-caption-service.js.map +1 -0
- package/dist/services/asset-delete-authz.d.ts +31 -0
- package/dist/services/asset-delete-authz.js +61 -0
- package/dist/services/asset-delete-authz.js.map +1 -0
- package/dist/services/asset-finalize-service.d.ts +58 -0
- package/dist/services/asset-finalize-service.js +216 -0
- package/dist/services/asset-finalize-service.js.map +1 -0
- package/dist/services/asset-import-service.d.ts +111 -0
- package/dist/services/asset-import-service.js +394 -0
- package/dist/services/asset-import-service.js.map +1 -0
- package/dist/services/asset-index-sweep.d.ts +95 -0
- package/dist/services/asset-index-sweep.js +249 -0
- package/dist/services/asset-index-sweep.js.map +1 -0
- package/dist/services/asset-lifecycle-check.d.ts +22 -0
- package/dist/services/asset-lifecycle-check.js +80 -0
- package/dist/services/asset-lifecycle-check.js.map +1 -0
- package/dist/services/asset-listing.d.ts +72 -0
- package/dist/services/asset-listing.js +321 -0
- package/dist/services/asset-listing.js.map +1 -0
- package/dist/services/asset-presign-service.d.ts +68 -0
- package/dist/services/asset-presign-service.js +124 -0
- package/dist/services/asset-presign-service.js.map +1 -0
- package/dist/services/asset-sidecar-service.d.ts +28 -0
- package/dist/services/asset-sidecar-service.js +79 -0
- package/dist/services/asset-sidecar-service.js.map +1 -0
- package/dist/services/asset-upload-errors.d.ts +41 -0
- package/dist/services/asset-upload-errors.js +45 -0
- package/dist/services/asset-upload-errors.js.map +1 -0
- package/dist/services/asset-upload-service.d.ts +56 -0
- package/dist/services/asset-upload-service.js +200 -0
- package/dist/services/asset-upload-service.js.map +1 -0
- package/dist/services/asset-upload-token.d.ts +58 -0
- package/dist/services/asset-upload-token.js +75 -0
- package/dist/services/asset-upload-token.js.map +1 -0
- package/dist/services/assets/asset-index-service.d.ts +127 -0
- package/dist/services/assets/asset-index-service.js +227 -0
- package/dist/services/assets/asset-index-service.js.map +1 -0
- package/dist/services/assets/base.d.ts +128 -2
- package/dist/services/assets/base.js +98 -1
- package/dist/services/assets/base.js.map +1 -1
- package/dist/services/assets/index.d.ts +114 -1
- package/dist/services/assets/index.js +221 -0
- package/dist/services/assets/index.js.map +1 -1
- package/dist/services/assets/local.d.ts +16 -1
- package/dist/services/assets/local.js +110 -1
- package/dist/services/assets/local.js.map +1 -1
- package/dist/services/assets/r2-sync.d.ts +88 -0
- package/dist/services/assets/r2-sync.js +412 -0
- package/dist/services/assets/r2-sync.js.map +1 -0
- package/dist/services/assets/r2.d.ts +87 -1
- package/dist/services/assets/r2.js +203 -1
- package/dist/services/assets/r2.js.map +1 -1
- package/dist/services/auth-service.d.ts +312 -45
- package/dist/services/auth-service.js +1011 -195
- package/dist/services/auth-service.js.map +1 -1
- package/dist/services/chat-session-service.d.ts +188 -0
- package/dist/services/chat-session-service.js +512 -0
- package/dist/services/chat-session-service.js.map +1 -0
- package/dist/services/cloud-inference-billing.d.ts +64 -0
- package/dist/services/cloud-inference-billing.js +313 -0
- package/dist/services/cloud-inference-billing.js.map +1 -0
- package/dist/services/comment-service.d.ts +97 -0
- package/dist/services/comment-service.js +341 -0
- package/dist/services/comment-service.js.map +1 -0
- package/dist/services/comment-virtual-entity.d.ts +36 -0
- package/dist/services/comment-virtual-entity.js +71 -0
- package/dist/services/comment-virtual-entity.js.map +1 -0
- package/dist/services/convert-service.d.ts +64 -0
- package/dist/services/convert-service.js +68 -0
- package/dist/services/convert-service.js.map +1 -0
- package/dist/services/csv-service.d.ts +22 -17
- package/dist/services/csv-service.js +55 -92
- package/dist/services/csv-service.js.map +1 -1
- package/dist/services/entity-mutations.d.ts +213 -0
- package/dist/services/entity-mutations.js +380 -0
- package/dist/services/entity-mutations.js.map +1 -0
- package/dist/services/{meeting-processor.d.ts → event-processor.d.ts} +15 -8
- package/dist/services/{meeting-processor.js → event-processor.js} +124 -65
- package/dist/services/event-processor.js.map +1 -0
- package/dist/services/extract/docx.d.ts +1 -0
- package/dist/services/extract/docx.js +233 -0
- package/dist/services/extract/docx.js.map +1 -0
- package/dist/services/extract/index.d.ts +9 -0
- package/dist/services/extract/index.js +10 -0
- package/dist/services/extract/index.js.map +1 -0
- package/dist/services/extract/pdf.d.ts +13 -0
- package/dist/services/extract/pdf.js +69 -0
- package/dist/services/extract/pdf.js.map +1 -0
- package/dist/services/folder-creation.d.ts +33 -0
- package/dist/services/folder-creation.js +103 -0
- package/dist/services/folder-creation.js.map +1 -0
- package/dist/services/git.d.ts +58 -0
- package/dist/services/git.js +194 -55
- package/dist/services/git.js.map +1 -1
- package/dist/services/graph-maintenance.js +4 -4
- package/dist/services/graph-maintenance.js.map +1 -1
- package/dist/services/import-service.d.ts +51 -2
- package/dist/services/import-service.js +254 -107
- package/dist/services/import-service.js.map +1 -1
- package/dist/services/lint-service.js +10 -17
- package/dist/services/lint-service.js.map +1 -1
- package/dist/services/markdown.d.ts +12 -1
- package/dist/services/markdown.js +77 -9
- package/dist/services/markdown.js.map +1 -1
- package/dist/services/mention-detector.d.ts +23 -0
- package/dist/services/mention-detector.js +47 -0
- package/dist/services/mention-detector.js.map +1 -0
- package/dist/services/model-capabilities.d.ts +41 -0
- package/dist/services/model-capabilities.js +107 -0
- package/dist/services/model-capabilities.js.map +1 -0
- package/dist/services/notification-broadcast.d.ts +32 -0
- package/dist/services/notification-broadcast.js +38 -0
- package/dist/services/notification-broadcast.js.map +1 -0
- package/dist/services/notification-service.d.ts +41 -0
- package/dist/services/notification-service.js +100 -0
- package/dist/services/notification-service.js.map +1 -0
- package/dist/services/oauth-server-store.d.ts +147 -0
- package/dist/services/oauth-server-store.js +319 -0
- package/dist/services/oauth-server-store.js.map +1 -0
- package/dist/services/orphan-service.js +2 -2
- package/dist/services/orphan-service.js.map +1 -1
- package/dist/services/personal-folder.d.ts +40 -0
- package/dist/services/personal-folder.js +101 -0
- package/dist/services/personal-folder.js.map +1 -0
- package/dist/services/scratch-asset-promote.d.ts +57 -0
- package/dist/services/scratch-asset-promote.js +95 -0
- package/dist/services/scratch-asset-promote.js.map +1 -0
- package/dist/services/scratch-attachment-service.d.ts +196 -0
- package/dist/services/scratch-attachment-service.js +347 -0
- package/dist/services/scratch-attachment-service.js.map +1 -0
- package/dist/services/share-link-service.d.ts +57 -0
- package/dist/services/share-link-service.js +142 -0
- package/dist/services/share-link-service.js.map +1 -0
- package/dist/services/user-person-bridge.d.ts +136 -0
- package/dist/services/user-person-bridge.js +340 -0
- package/dist/services/user-person-bridge.js.map +1 -0
- package/dist/services/vector-service.d.ts +282 -5
- package/dist/services/vector-service.js +585 -29
- package/dist/services/vector-service.js.map +1 -1
- package/dist/services/workspace-access.d.ts +108 -0
- package/dist/services/workspace-access.js +149 -0
- package/dist/services/workspace-access.js.map +1 -0
- package/dist/services/workspace-assets-folder.d.ts +46 -0
- package/dist/services/workspace-assets-folder.js +75 -0
- package/dist/services/workspace-assets-folder.js.map +1 -0
- package/dist/utils/git.d.ts +17 -2
- package/dist/utils/git.js +23 -7
- package/dist/utils/git.js.map +1 -1
- package/dist/utils/log.d.ts +42 -0
- package/dist/utils/log.js +137 -0
- package/dist/utils/log.js.map +1 -0
- package/dist/utils/preflight.js +2 -2
- package/dist/utils/preflight.js.map +1 -1
- package/dist/utils/version-checker.d.ts +12 -19
- package/dist/utils/version-checker.js +14 -104
- package/dist/utils/version-checker.js.map +1 -1
- package/dist/web/_app/immutable/assets/0.Bs_z3Z86.css +2 -0
- package/dist/web/_app/immutable/assets/12.DlIf1mKh.css +1 -0
- package/dist/web/_app/immutable/assets/14.7d-Q37wc.css +1 -0
- package/dist/web/_app/immutable/assets/15.BwBFdc1D.css +1 -0
- package/dist/web/_app/immutable/assets/16.CmLrbzZp.css +1 -0
- package/dist/web/_app/immutable/assets/17.DcuK5ZVm.css +1 -0
- package/dist/web/_app/immutable/assets/2.DATnR31c.css +1 -0
- package/dist/web/_app/immutable/assets/3.Cz4H8n_O.css +1 -0
- package/dist/web/_app/immutable/assets/4.aDHteTDy.css +1 -0
- package/dist/web/_app/immutable/assets/6.CF1i5Bon.css +1 -0
- package/dist/web/_app/immutable/assets/ArtifactEntityView.C4ooklFD.css +1 -0
- package/dist/web/_app/immutable/assets/AssetLibraryPicker.BOFW0MvF.css +1 -0
- package/dist/web/_app/immutable/assets/BulkActionsBar.cmKvHzRK.css +1 -0
- package/dist/web/_app/immutable/assets/CalendarView.lBCvS3X5.css +1 -0
- package/dist/web/_app/immutable/assets/CodeMirrorEditor.D6hf2pNJ.css +1 -0
- package/dist/web/_app/immutable/assets/CopyField.DVGZtw4U.css +1 -0
- package/dist/web/_app/immutable/assets/FolderMembersPanel.kiYnDFHu.css +1 -0
- package/dist/web/_app/immutable/assets/FolderMutationDialogs.BMRF6Z3z.css +1 -0
- package/dist/web/_app/immutable/assets/FolderPicker.Cp46GHe2.css +1 -0
- package/dist/web/_app/immutable/assets/GalleryView.WBGxxUQc.css +1 -0
- package/dist/web/_app/immutable/assets/GraphView.BJtGL9py.css +1 -0
- package/dist/web/_app/immutable/assets/KanbanView.BOaI5KFL.css +1 -0
- package/dist/web/_app/immutable/assets/Link.vV0ne105.css +1 -0
- package/dist/web/_app/immutable/assets/Markdown.BZnsSOSf.css +1 -0
- package/dist/web/_app/immutable/assets/Rail.ilusFgD4.css +1 -0
- package/dist/web/_app/immutable/assets/SettingsDialog.D7-BO6S_.css +1 -0
- package/dist/web/_app/immutable/assets/Spinner.UBfl0pab.css +1 -0
- package/dist/web/_app/immutable/assets/StopFilledAlt.fNlDN65D.css +1 -0
- package/dist/web/_app/immutable/assets/TimelineView.xAZBJhHw.css +1 -0
- package/dist/web/_app/immutable/assets/WorkspaceView.C8ErUJAY.css +1 -0
- package/dist/web/_app/immutable/assets/button.BlLm4Dg1.css +1 -0
- package/dist/web/_app/immutable/assets/history-summary.LpmHXasl.css +1 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.CvHOgSBP.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.DMJ8VG8y.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.CB9ihrfo.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.DSY6xOcd.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CZTNEAuW.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CsGl1sm0.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CDDApCn2.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CYLoc0-x.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.BNK2_mGO.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.DpEwFAQM.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.6ng42L7E.woff2 +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.BgVn5rGT.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.Cu4Hd6ag.woff +0 -0
- package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.CuJfVYMP.woff2 +0 -0
- package/dist/web/_app/immutable/assets/inline-list.cqga56xT.css +1 -0
- package/dist/web/_app/immutable/assets/list-columns.BgnafZ4K.css +1 -0
- package/dist/web/_app/immutable/assets/realtime.DDCWxn3B.css +1 -0
- package/dist/web/_app/immutable/assets/select.B90KUqR4.css +1 -0
- package/dist/web/_app/immutable/assets/sheet.RF9RBmml.css +1 -0
- package/dist/web/_app/immutable/chunks/22qYtvr82.js +1 -0
- package/dist/web/_app/immutable/chunks/3anKjXOb.js +1 -0
- package/dist/web/_app/immutable/chunks/6S9WOky52.js +1 -0
- package/dist/web/_app/immutable/chunks/7xJ91z7d.js +2 -0
- package/dist/web/_app/immutable/chunks/9K8VREGP.js +1 -0
- package/dist/web/_app/immutable/chunks/B-TGZnCt2.js +1 -0
- package/dist/web/_app/immutable/chunks/B-n5q6ku.js +1 -0
- package/dist/web/_app/immutable/chunks/B0p2fSEV2.js +1 -0
- package/dist/web/_app/immutable/chunks/B2oi87jG.js +2 -0
- package/dist/web/_app/immutable/chunks/B4DG5QOL.js +1 -0
- package/dist/web/_app/immutable/chunks/B6Lt-qaJ.js +1 -0
- package/dist/web/_app/immutable/chunks/B6qeIQZz.js +2 -0
- package/dist/web/_app/immutable/chunks/B9KfEsQw2.js +1 -0
- package/dist/web/_app/immutable/chunks/B9VRF5aH2.js +1 -0
- package/dist/web/_app/immutable/chunks/BCQQzpbj.js +1 -0
- package/dist/web/_app/immutable/chunks/BF0vIqH9.js +1 -0
- package/dist/web/_app/immutable/chunks/BFp1K70l.js +8 -0
- package/dist/web/_app/immutable/chunks/BFr7Funh.js +1 -0
- package/dist/web/_app/immutable/chunks/BFx32D20.js +2 -0
- package/dist/web/_app/immutable/chunks/BLs1h0Rh2.js +1 -0
- package/dist/web/_app/immutable/chunks/BPzV_xOS2.js +1 -0
- package/dist/web/_app/immutable/chunks/BRvMjAzW.js +2 -0
- package/dist/web/_app/immutable/chunks/BV-iCKqa.js +1 -0
- package/dist/web/_app/immutable/chunks/BZi3uKF4.js +1 -0
- package/dist/web/_app/immutable/chunks/B_PyL87x.js +2 -0
- package/dist/web/_app/immutable/chunks/BbfHGU9n2.js +1 -0
- package/dist/web/_app/immutable/chunks/Bbqu2-5G2.js +1 -0
- package/dist/web/_app/immutable/chunks/BdWZJpmv.js +2 -0
- package/dist/web/_app/immutable/chunks/BfnFtsiY.js +1 -0
- package/dist/web/_app/immutable/chunks/BlgjVmFM2.js +14 -0
- package/dist/web/_app/immutable/chunks/BmgXvmIG.js +5 -0
- package/dist/web/_app/immutable/chunks/BpCG9m962.js +1 -0
- package/dist/web/_app/immutable/chunks/BrveeylZ.js +1 -0
- package/dist/web/_app/immutable/chunks/BsW72fyR2.js +1 -0
- package/dist/web/_app/immutable/chunks/Bti_XKwx.js +2692 -0
- package/dist/web/_app/immutable/chunks/BuhW5Fr0.js +689 -0
- package/dist/web/_app/immutable/chunks/Bx74EEyn2.js +1 -0
- package/dist/web/_app/immutable/chunks/BxPN0T61.js +1 -0
- package/dist/web/_app/immutable/chunks/Bxk27YWG.js +1 -0
- package/dist/web/_app/immutable/chunks/Bz9lrgGs.js +1 -0
- package/dist/web/_app/immutable/chunks/BzaxZ6j12.js +1 -0
- package/dist/web/_app/immutable/chunks/C1B4xDs0.js +1 -0
- package/dist/web/_app/immutable/chunks/C1trcC8M.js +7 -0
- package/dist/web/_app/immutable/chunks/C3F_NMTk.js +3 -0
- package/dist/web/_app/immutable/chunks/C4PZmGUQ.js +2 -0
- package/dist/web/_app/immutable/chunks/C6wYiSz8.js +1 -0
- package/dist/web/_app/immutable/chunks/C70saxIl.js +1 -0
- package/dist/web/_app/immutable/chunks/C9tvkk7Y2.js +22 -0
- package/dist/web/_app/immutable/chunks/CE1XZ5DE.js +1 -0
- package/dist/web/_app/immutable/chunks/CEahbtnP.js +1 -0
- package/dist/web/_app/immutable/chunks/CGkd0a-c2.js +2 -0
- package/dist/web/_app/immutable/chunks/CIoNEHQ82.js +184 -0
- package/dist/web/_app/immutable/chunks/CK4z74w5.js +1 -0
- package/dist/web/_app/immutable/chunks/COo3HgCZ.js +1 -0
- package/dist/web/_app/immutable/chunks/CP8_U450.js +1 -0
- package/dist/web/_app/immutable/chunks/CQ1eQ93t2.js +6 -0
- package/dist/web/_app/immutable/chunks/CQyBDccA.js +1 -0
- package/dist/web/_app/immutable/chunks/CUFQMEBn2.js +1 -0
- package/dist/web/_app/immutable/chunks/CV5OSCJc.js +1 -0
- package/dist/web/_app/immutable/chunks/CYEYDNwO2.js +1 -0
- package/dist/web/_app/immutable/chunks/CZgFaimi2.js +83 -0
- package/dist/web/_app/immutable/chunks/CZqvCTCv.js +1 -0
- package/dist/web/_app/immutable/chunks/CcWaWbrI2.js +1 -0
- package/dist/web/_app/immutable/chunks/CdtzRVZK.js +1 -0
- package/dist/web/_app/immutable/chunks/CfYG72Hc.js +1 -0
- package/dist/web/_app/immutable/chunks/Cg-ND0cl.js +1 -0
- package/dist/web/_app/immutable/chunks/Ch1kmm3J2.js +1 -0
- package/dist/web/_app/immutable/chunks/CjiMLTwX2.js +1 -0
- package/dist/web/_app/immutable/chunks/CkoeSJ8K.js +6 -0
- package/dist/web/_app/immutable/chunks/Cp87MaaW.js +1 -0
- package/dist/web/_app/immutable/chunks/Cqm5wAin.js +1 -0
- package/dist/web/_app/immutable/chunks/Ct1uesdW.js +2 -0
- package/dist/web/_app/immutable/chunks/CuYPXpWU.js +1 -0
- package/dist/web/_app/immutable/chunks/Cuq8J2Td.js +1 -0
- package/dist/web/_app/immutable/chunks/CvSEodTA.js +1 -0
- package/dist/web/_app/immutable/chunks/CvqqrTrj.js +1 -0
- package/dist/web/_app/immutable/chunks/CzXdOgVl2.js +7 -0
- package/dist/web/_app/immutable/chunks/D0W7c6Sg.js +185 -0
- package/dist/web/_app/immutable/chunks/D0rBhnqB2.js +1 -0
- package/dist/web/_app/immutable/chunks/D1-GZSN1.js +1 -0
- package/dist/web/_app/immutable/chunks/D1BLcNJ7.js +1 -0
- package/dist/web/_app/immutable/chunks/D1yvtriI.js +1 -0
- package/dist/web/_app/immutable/chunks/D25NMRpl.js +1 -0
- package/dist/web/_app/immutable/chunks/D3F675fu2.js +2 -0
- package/dist/web/_app/immutable/chunks/D4UrtGC1.js +1 -0
- package/dist/web/_app/immutable/chunks/D8wZ2xul.js +4 -0
- package/dist/web/_app/immutable/chunks/DA3HEX3X.js +1 -0
- package/dist/web/_app/immutable/chunks/DE2TCESD2.js +1 -0
- package/dist/web/_app/immutable/chunks/DN-gIRdd2.js +1 -0
- package/dist/web/_app/immutable/chunks/DPUVu0T0.js +1 -0
- package/dist/web/_app/immutable/chunks/DPcejqKZ.js +1 -0
- package/dist/web/_app/immutable/chunks/DQMWa2t7.js +1 -0
- package/dist/web/_app/immutable/chunks/DRPMJ-3M.js +2 -0
- package/dist/web/_app/immutable/chunks/DRPnwQAm.js +1 -0
- package/dist/web/_app/immutable/chunks/DXmfl4Hq2.js +1 -0
- package/dist/web/_app/immutable/chunks/DXsFrDer2.js +1 -0
- package/dist/web/_app/immutable/chunks/DYc5KW3F.js +1 -0
- package/dist/web/_app/immutable/chunks/DcPrzUMJ.js +1 -0
- package/dist/web/_app/immutable/chunks/DdQVGKgM.js +1 -0
- package/dist/web/_app/immutable/chunks/DiFfW--R2.js +2 -0
- package/dist/web/_app/immutable/chunks/DjIqa1_y.js +2 -0
- package/dist/web/_app/immutable/chunks/Dl63IUnH2.js +224 -0
- package/dist/web/_app/immutable/chunks/DmFdD6zT.js +1 -0
- package/dist/web/_app/immutable/chunks/Dn3R8S-U.js +1 -0
- package/dist/web/_app/immutable/chunks/DpNr1GQ2.js +1 -0
- package/dist/web/_app/immutable/chunks/DsFEd8vL2.js +1 -0
- package/dist/web/_app/immutable/chunks/DuxziNnw.js +1 -0
- package/dist/web/_app/immutable/chunks/FuiJnZG0.js +1 -0
- package/dist/web/_app/immutable/chunks/Izkulod7.js +1 -0
- package/dist/web/_app/immutable/chunks/LYL8znYR2.js +23 -0
- package/dist/web/_app/immutable/chunks/ON7Gta0d.js +1 -0
- package/dist/web/_app/immutable/chunks/PhN6tXuJ2.js +1 -0
- package/dist/web/_app/immutable/chunks/PyLyCpuL.js +1 -0
- package/dist/web/_app/immutable/chunks/RG7IUVLn2.js +2 -0
- package/dist/web/_app/immutable/chunks/RK4gCWN0.js +2 -0
- package/dist/web/_app/immutable/chunks/SnzlL4ZV.js +1 -0
- package/dist/web/_app/immutable/chunks/XcWejFm_.js +5 -0
- package/dist/web/_app/immutable/chunks/Xkp5hSA1.js +1 -0
- package/dist/web/_app/immutable/chunks/al_nidE9.js +1 -0
- package/dist/web/_app/immutable/chunks/e50-izZO2.js +1 -0
- package/dist/web/_app/immutable/chunks/golz20La2.js +2 -0
- package/dist/web/_app/immutable/chunks/hG-QCarB.js +1 -0
- package/dist/web/_app/immutable/chunks/kNaey6uv.js +1 -0
- package/dist/web/_app/immutable/chunks/nXReuy-5.js +3 -0
- package/dist/web/_app/immutable/chunks/o61aZZFZ2.js +66 -0
- package/dist/web/_app/immutable/chunks/qwr5boV8.js +1 -0
- package/dist/web/_app/immutable/chunks/rjjyuGhb.js +1 -0
- package/dist/web/_app/immutable/chunks/uBgoVlsx.js +3 -0
- package/dist/web/_app/immutable/chunks/xY0c-UfG.js +3 -0
- package/dist/web/_app/immutable/chunks/xeNvx4Bl2.js +1 -0
- package/dist/web/_app/immutable/chunks/xihTtKlq.js +1 -0
- package/dist/web/_app/immutable/entry/app.dqA31fjy.js +2 -0
- package/dist/web/_app/immutable/entry/start.BB1XrAea.js +1 -0
- package/dist/web/_app/immutable/nodes/0.dALEQAnu.js +2 -0
- package/dist/web/_app/immutable/nodes/1.aFU32Ukj.js +1 -0
- package/dist/web/_app/immutable/nodes/10.C2wB-OnW.js +1 -0
- package/dist/web/_app/immutable/nodes/11.CI3a8Rj5.js +1 -0
- package/dist/web/_app/immutable/nodes/12.CsTvsKzB.js +1 -0
- package/dist/web/_app/immutable/nodes/13.CYrHXCA8.js +1 -0
- package/dist/web/_app/immutable/nodes/14.B31HrQ26.js +1 -0
- package/dist/web/_app/immutable/nodes/15.DxgnZ61h.js +1 -0
- package/dist/web/_app/immutable/nodes/16.DAP8cwVb.js +1 -0
- package/dist/web/_app/immutable/nodes/17.CmwXtCDY.js +77 -0
- package/dist/web/_app/immutable/nodes/2.BuGXEIlN.js +122 -0
- package/dist/web/_app/immutable/nodes/3.CmhZJWHE.js +6 -0
- package/dist/web/_app/immutable/nodes/4.BRfoPTm-.js +11 -0
- package/dist/web/_app/immutable/nodes/5.C7gPuZM_.js +1 -0
- package/dist/web/_app/immutable/nodes/6.qKODVbya.js +6 -0
- package/dist/web/_app/immutable/nodes/7.BZO37zAJ.js +1 -0
- package/dist/web/_app/immutable/nodes/8.xF_Dd1BO.js +1 -0
- package/dist/web/_app/immutable/nodes/9.Bow4UyKV.js +1 -0
- package/dist/web/_app/version.json +1 -1
- package/dist/web/favicon-16.png +0 -0
- package/dist/web/favicon-180.png +0 -0
- package/dist/web/favicon-32.png +0 -0
- package/dist/web/favicon-48.png +0 -0
- package/dist/web/favicon-512.png +0 -0
- package/dist/web/favicon.ico +0 -0
- package/dist/web/favicon.svg +8 -0
- package/dist/web/index.html +56 -21
- package/dist/web/studiograph-logomark.svg +29 -0
- package/package.json +35 -14
- package/dist/agent/skills/enrich-entities.md +0 -136
- package/dist/agent/skills/sync-configuration.md +0 -119
- package/dist/agent/skills/sync-setup.md +0 -82
- package/dist/agent/tools/message-tools.d.ts +0 -42
- package/dist/agent/tools/message-tools.js +0 -106
- package/dist/agent/tools/message-tools.js.map +0 -1
- package/dist/cli/commands/app.d.ts +0 -7
- package/dist/cli/commands/app.js +0 -268
- package/dist/cli/commands/app.js.map +0 -1
- package/dist/cli/commands/clear.d.ts +0 -5
- package/dist/cli/commands/clear.js +0 -36
- package/dist/cli/commands/clear.js.map +0 -1
- package/dist/cli/commands/collection.d.ts +0 -10
- package/dist/cli/commands/collection.js.map +0 -1
- package/dist/cli/commands/join.d.ts +0 -9
- package/dist/cli/commands/join.js +0 -255
- package/dist/cli/commands/join.js.map +0 -1
- package/dist/cli/commands/start.d.ts +0 -7
- package/dist/cli/commands/start.js +0 -584
- package/dist/cli/commands/start.js.map +0 -1
- package/dist/cli/commands/update.d.ts +0 -8
- package/dist/cli/commands/update.js +0 -155
- package/dist/cli/commands/update.js.map +0 -1
- package/dist/cli/commands/user.d.ts +0 -7
- package/dist/cli/commands/user.js +0 -175
- package/dist/cli/commands/user.js.map +0 -1
- package/dist/cli/scaffolding.d.ts +0 -12
- package/dist/cli/scaffolding.js +0 -397
- package/dist/cli/scaffolding.js.map +0 -1
- package/dist/integrations/registry.d.ts +0 -8
- package/dist/integrations/registry.js +0 -7
- package/dist/integrations/registry.js.map +0 -1
- package/dist/integrations/types.d.ts +0 -43
- package/dist/integrations/types.js +0 -5
- package/dist/integrations/types.js.map +0 -1
- package/dist/lib/lib/utils.d.ts +0 -2
- package/dist/lib/lib/utils.js +0 -6
- package/dist/lib/lib/utils.js.map +0 -1
- package/dist/server/chrome/chrome.css +0 -691
- package/dist/server/chrome/chrome.js +0 -374
- package/dist/server/commit-scheduler.d.ts +0 -39
- package/dist/server/commit-scheduler.js +0 -113
- package/dist/server/commit-scheduler.js.map +0 -1
- package/dist/server/plugin-loader.d.ts +0 -53
- package/dist/server/plugin-loader.js +0 -155
- package/dist/server/plugin-loader.js.map +0 -1
- package/dist/server/routes/meeting-ingest-api.d.ts +0 -14
- package/dist/server/routes/meeting-ingest-api.js.map +0 -1
- package/dist/server/routes/messages-api.d.ts +0 -15
- package/dist/server/routes/messages-api.js +0 -385
- package/dist/server/routes/messages-api.js.map +0 -1
- package/dist/services/batch-processor.d.ts +0 -49
- package/dist/services/batch-processor.js +0 -166
- package/dist/services/batch-processor.js.map +0 -1
- package/dist/services/briefing.d.ts +0 -26
- package/dist/services/briefing.js +0 -230
- package/dist/services/briefing.js.map +0 -1
- package/dist/services/heartbeat.d.ts +0 -28
- package/dist/services/heartbeat.js +0 -183
- package/dist/services/heartbeat.js.map +0 -1
- package/dist/services/image-import-service.d.ts +0 -24
- package/dist/services/image-import-service.js +0 -108
- package/dist/services/image-import-service.js.map +0 -1
- package/dist/services/insights.d.ts +0 -38
- package/dist/services/insights.js +0 -269
- package/dist/services/insights.js.map +0 -1
- package/dist/services/meeting-processor.js.map +0 -1
- package/dist/services/message-service.d.ts +0 -68
- package/dist/services/message-service.js +0 -220
- package/dist/services/message-service.js.map +0 -1
- package/dist/utils/workspace-config.d.ts +0 -8
- package/dist/utils/workspace-config.js +0 -22
- package/dist/utils/workspace-config.js.map +0 -1
- package/dist/web/_app/immutable/assets/0.uPSqtsC5.css +0 -1
- package/dist/web/_app/immutable/assets/11.2jzI3cZY.css +0 -1
- package/dist/web/_app/immutable/assets/12.CT4xL4K3.css +0 -1
- package/dist/web/_app/immutable/assets/13.BUrHkYry.css +0 -1
- package/dist/web/_app/immutable/assets/2.DpQWr6q6.css +0 -1
- package/dist/web/_app/immutable/assets/3.BxdqT7zi.css +0 -1
- package/dist/web/_app/immutable/assets/4.DdNqjd0T.css +0 -1
- package/dist/web/_app/immutable/assets/5.DFeGxLYf.css +0 -1
- package/dist/web/_app/immutable/assets/6.DXZr_rI_.css +0 -1
- package/dist/web/_app/immutable/assets/GraphView.D9ePpZez.css +0 -1
- package/dist/web/_app/immutable/assets/Toaster.rN8r_Hzv.css +0 -1
- package/dist/web/_app/immutable/assets/ViewToolbar.BWE03S64.css +0 -1
- package/dist/web/_app/immutable/assets/WorkspaceView.CgGDi_Zb.css +0 -1
- package/dist/web/_app/immutable/assets/wikilinks.CzMBkUMB.css +0 -1
- package/dist/web/_app/immutable/chunks/-jG4Obyh.js +0 -4
- package/dist/web/_app/immutable/chunks/2nrc8f_O.js +0 -1
- package/dist/web/_app/immutable/chunks/7S2LGqoP.js +0 -2
- package/dist/web/_app/immutable/chunks/8Q3ZJIYu.js +0 -1
- package/dist/web/_app/immutable/chunks/B8ydT5xX.js +0 -2
- package/dist/web/_app/immutable/chunks/BB_5th5W.js +0 -3383
- package/dist/web/_app/immutable/chunks/BEn6N5c2.js +0 -1
- package/dist/web/_app/immutable/chunks/BFNNbCAM.js +0 -1
- package/dist/web/_app/immutable/chunks/BFZZEUd5.js +0 -1
- package/dist/web/_app/immutable/chunks/BGk8kfOE.js +0 -2
- package/dist/web/_app/immutable/chunks/BIBCr278.js +0 -1
- package/dist/web/_app/immutable/chunks/BPCkkwqe.js +0 -1
- package/dist/web/_app/immutable/chunks/BhlvzGQx.js +0 -1
- package/dist/web/_app/immutable/chunks/BlMknQeF.js +0 -1
- package/dist/web/_app/immutable/chunks/BpjqrlCg.js +0 -1
- package/dist/web/_app/immutable/chunks/BrebtJNG.js +0 -18
- package/dist/web/_app/immutable/chunks/ByBZ7JIT.js +0 -1
- package/dist/web/_app/immutable/chunks/Bz0ZjVQE.js +0 -2
- package/dist/web/_app/immutable/chunks/BzJTZOK2.js +0 -1
- package/dist/web/_app/immutable/chunks/C0LVZhvn.js +0 -1
- package/dist/web/_app/immutable/chunks/C3uBrOS5.js +0 -1
- package/dist/web/_app/immutable/chunks/C8R1sDpW.js +0 -1
- package/dist/web/_app/immutable/chunks/CDRHrs0g.js +0 -1
- package/dist/web/_app/immutable/chunks/CN5_py1I.js +0 -1
- package/dist/web/_app/immutable/chunks/CPne482a.js +0 -1
- package/dist/web/_app/immutable/chunks/CSVbGg_b.js +0 -5
- package/dist/web/_app/immutable/chunks/CWyU-seV.js +0 -1
- package/dist/web/_app/immutable/chunks/CX_61fY8.js +0 -5
- package/dist/web/_app/immutable/chunks/CYrVHOHA.js +0 -1
- package/dist/web/_app/immutable/chunks/ChsiIm-E.js +0 -1
- package/dist/web/_app/immutable/chunks/CojKppbh.js +0 -1
- package/dist/web/_app/immutable/chunks/CqkleIqs.js +0 -1
- package/dist/web/_app/immutable/chunks/CtYLtD7K.js +0 -1
- package/dist/web/_app/immutable/chunks/D-HDy5qS.js +0 -1
- package/dist/web/_app/immutable/chunks/D5aIYSkd.js +0 -1
- package/dist/web/_app/immutable/chunks/DBBXARVf.js +0 -1
- package/dist/web/_app/immutable/chunks/DFYOFE3o.js +0 -1
- package/dist/web/_app/immutable/chunks/DKaafS50.js +0 -1
- package/dist/web/_app/immutable/chunks/DUMOo1Pn.js +0 -1
- package/dist/web/_app/immutable/chunks/DWX9f6AF.js +0 -1
- package/dist/web/_app/immutable/chunks/DY8-EONP.js +0 -1
- package/dist/web/_app/immutable/chunks/DkoHPElM.js +0 -1
- package/dist/web/_app/immutable/chunks/DnL9f0lc.js +0 -7
- package/dist/web/_app/immutable/chunks/DsnmJJEf.js +0 -1
- package/dist/web/_app/immutable/chunks/DujahU3W.js +0 -1
- package/dist/web/_app/immutable/chunks/FBn-ES5k.js +0 -1
- package/dist/web/_app/immutable/chunks/HQpwSOb3.js +0 -1
- package/dist/web/_app/immutable/chunks/KyjzlWRN.js +0 -2
- package/dist/web/_app/immutable/chunks/PPVm8Dsz.js +0 -1
- package/dist/web/_app/immutable/chunks/UwYfmrPx.js +0 -2
- package/dist/web/_app/immutable/chunks/W25ZVI8L.js +0 -2
- package/dist/web/_app/immutable/chunks/WSUKABI_.js +0 -1
- package/dist/web/_app/immutable/chunks/XjsuEnNE.js +0 -5
- package/dist/web/_app/immutable/chunks/ZD6ARAtb.js +0 -1
- package/dist/web/_app/immutable/chunks/pBTf4stg.js +0 -2
- package/dist/web/_app/immutable/chunks/rGIarcnp.js +0 -1
- package/dist/web/_app/immutable/chunks/vxEtkL8z.js +0 -1
- package/dist/web/_app/immutable/chunks/wDIGUaoU.js +0 -3
- package/dist/web/_app/immutable/entry/app.ZHiTM8WS.js +0 -2
- package/dist/web/_app/immutable/entry/start.C9-FfAVc.js +0 -1
- package/dist/web/_app/immutable/nodes/0.D92Orz8k.js +0 -2
- package/dist/web/_app/immutable/nodes/1.BMdyglM_.js +0 -1
- package/dist/web/_app/immutable/nodes/10.BilVDHSL.js +0 -1
- package/dist/web/_app/immutable/nodes/11.CS9E0Hic.js +0 -1
- package/dist/web/_app/immutable/nodes/12.D3BOxYzG.js +0 -1
- package/dist/web/_app/immutable/nodes/13.CClMKYtN.js +0 -1
- package/dist/web/_app/immutable/nodes/2.C8KKElPL.js +0 -267
- package/dist/web/_app/immutable/nodes/3.C5n5uiWU.js +0 -5
- package/dist/web/_app/immutable/nodes/4.DcGVvgiL.js +0 -11
- package/dist/web/_app/immutable/nodes/5.DxIjnFQO.js +0 -4
- package/dist/web/_app/immutable/nodes/6.lkh6kKLj.js +0 -1
- package/dist/web/_app/immutable/nodes/7.Bg7SbfhA.js +0 -1
- package/dist/web/_app/immutable/nodes/8.DcXWCNBE.js +0 -1
- package/dist/web/_app/immutable/nodes/9.Cefi8Jfm.js +0 -1
|
@@ -5,20 +5,53 @@
|
|
|
5
5
|
* Database lives at .studiograph/auth.db inside the workspace.
|
|
6
6
|
*
|
|
7
7
|
* Auth state is portable via .studiograph/auth-seed.json — a JSON export of
|
|
8
|
-
* all users (with bcrypt hashes) and the JWT secret. The seed file
|
|
9
|
-
* committed to the config repo so it syncs between local and Railway:
|
|
8
|
+
* all users (with bcrypt hashes) and the JWT signing secret. The seed file
|
|
9
|
+
* is committed to the config repo so it syncs between local and Railway:
|
|
10
10
|
* local setup → commit → push → Railway redeploy → users restored from seed
|
|
11
|
+
*
|
|
12
|
+
* ─────────────────────────────────────────────────────────────────────────
|
|
13
|
+
* SECURITY — config repo is a secret store
|
|
14
|
+
* ─────────────────────────────────────────────────────────────────────────
|
|
15
|
+
* `auth-seed.json` carries:
|
|
16
|
+
* • the JWT signing secret (anyone holding this can mint sessions for any
|
|
17
|
+
* user in the workspace, bypassing password auth entirely)
|
|
18
|
+
* • bcrypt password hashes for every user (offline-crackable; bcrypt cost
|
|
19
|
+
* 12 buys time but not invulnerability against weak passwords)
|
|
20
|
+
*
|
|
21
|
+
* Treat the .studiograph/ config repo with the same operational care as any
|
|
22
|
+
* other secret store: private remote, restricted contributors, never made
|
|
23
|
+
* public. The audit (2026-05) flagged this surface specifically — `getSeedData`
|
|
24
|
+
* returns these fields by design (they're how the seed-restore flow works on
|
|
25
|
+
* Railway redeploys) but every caller needs to understand they are exporting
|
|
26
|
+
* raw secrets.
|
|
27
|
+
*
|
|
28
|
+
* To override the file-based JWT secret in production (e.g. Railway), set
|
|
29
|
+
* the STUDIOGRAPH_JWT_SECRET environment variable. The env var wins over the
|
|
30
|
+
* `auth-secret` file and the seed file: a leaked seed file alone won't let
|
|
31
|
+
* an attacker mint tokens for an environment with a different in-process
|
|
32
|
+
* secret. Rotation: change the env var and restart — all extant tokens
|
|
33
|
+
* invalidate together.
|
|
11
34
|
*/
|
|
12
|
-
|
|
35
|
+
import { type OAuthStateClaims } from '../mcp/state-signer.js';
|
|
36
|
+
import { OAuthServerStore } from './oauth-server-store.js';
|
|
37
|
+
export type UserRole = 'owner' | 'member';
|
|
38
|
+
export type FolderRole = 'admin' | 'editor';
|
|
13
39
|
export interface AuthUser {
|
|
14
40
|
id: number;
|
|
15
41
|
email: string;
|
|
42
|
+
/**
|
|
43
|
+
* Stable, human-readable identifier used for `created_by` / `updated_by`
|
|
44
|
+
* audit fields in entity frontmatter and as the git author identity on
|
|
45
|
+
* workspace commits. Email-free so the workspace git history doesn't carry
|
|
46
|
+
* PII. Generated at user creation, immutable thereafter.
|
|
47
|
+
*/
|
|
48
|
+
handle: string;
|
|
16
49
|
displayName: string;
|
|
17
50
|
role: UserRole;
|
|
18
51
|
createdAt: string;
|
|
19
52
|
}
|
|
20
|
-
/** Check if a
|
|
21
|
-
export declare function
|
|
53
|
+
/** Check if a user has workspace-owner privileges. */
|
|
54
|
+
export declare function isWorkspaceOwner(role: string): boolean;
|
|
22
55
|
export interface UserView {
|
|
23
56
|
id: number;
|
|
24
57
|
name: string;
|
|
@@ -30,36 +63,163 @@ export interface UserView {
|
|
|
30
63
|
createdAt: string;
|
|
31
64
|
updatedAt: string;
|
|
32
65
|
}
|
|
66
|
+
/**
|
|
67
|
+
* A workspace-shared view, scoped to a folder / type / `recent` (the
|
|
68
|
+
* folder-views redesign). Unlike UserView these are NOT per-user — they belong
|
|
69
|
+
* to the workspace and everyone sees the same set. One per (scope, viewType).
|
|
70
|
+
*/
|
|
71
|
+
export interface WorkspaceView {
|
|
72
|
+
id: number;
|
|
73
|
+
scope: string;
|
|
74
|
+
viewType: string;
|
|
75
|
+
config: Record<string, any>;
|
|
76
|
+
position: number;
|
|
77
|
+
name: string | null;
|
|
78
|
+
createdBy: string | null;
|
|
79
|
+
createdAt: string;
|
|
80
|
+
updatedAt: string;
|
|
81
|
+
}
|
|
33
82
|
export interface AuthSeed {
|
|
34
83
|
jwtSecret: string;
|
|
84
|
+
/** @deprecated removed in favor of per-user tokens (api_tokens table). Retained so pre-existing seeds don't fail to parse. */
|
|
35
85
|
apiKey?: string;
|
|
36
86
|
users: Array<{
|
|
37
87
|
email: string;
|
|
88
|
+
handle: string;
|
|
38
89
|
password_hash: string;
|
|
39
90
|
display_name: string;
|
|
40
91
|
role: string;
|
|
41
92
|
created_at: string;
|
|
42
93
|
}>;
|
|
43
|
-
|
|
94
|
+
folder_access?: Array<{
|
|
44
95
|
user_email: string;
|
|
45
|
-
|
|
96
|
+
folder_name: string;
|
|
97
|
+
role?: FolderRole;
|
|
46
98
|
}>;
|
|
47
99
|
}
|
|
100
|
+
/**
|
|
101
|
+
* Optional encryption hookup for per-user secrets stored in auth.db.
|
|
102
|
+
*
|
|
103
|
+
* When `masterKey` is provided, AuthService treats `oauth_tokens.data_ciphertext`
|
|
104
|
+
* and `user_preferences.settings_ciphertext` as the source of truth for
|
|
105
|
+
* encrypted user-secrets, falling back to legacy plaintext columns only on
|
|
106
|
+
* pre-migration databases. Without a master key (tests, flag-off boots),
|
|
107
|
+
* AuthService stays on the legacy plaintext path — but it refuses to run
|
|
108
|
+
* against a database that has already been migrated, since reading
|
|
109
|
+
* post-migration rows without the key would silently return empty data.
|
|
110
|
+
*/
|
|
111
|
+
export interface AuthServiceCryptoOptions {
|
|
112
|
+
masterKey: Uint8Array;
|
|
113
|
+
/** Defaults to 'mk_v1'. Bumped by master-key rotation. */
|
|
114
|
+
keyVersion?: string;
|
|
115
|
+
}
|
|
48
116
|
export declare class AuthService {
|
|
49
117
|
private db;
|
|
50
118
|
private jwtSecret;
|
|
51
|
-
private apiKey;
|
|
52
119
|
private sgDir;
|
|
53
|
-
|
|
120
|
+
private crypto?;
|
|
121
|
+
/**
|
|
122
|
+
* True once we've confirmed `data_ciphertext` exists on `oauth_tokens`
|
|
123
|
+
* (post-migration shape). The encrypted code path keys off this rather
|
|
124
|
+
* than re-running PRAGMA on every call.
|
|
125
|
+
*/
|
|
126
|
+
private oauthTokensEncrypted;
|
|
127
|
+
/** True once `settings_ciphertext` is available on `user_preferences`. */
|
|
128
|
+
private userPrefsEncrypted;
|
|
129
|
+
/**
|
|
130
|
+
* Listeners for OAuth-token mutations. Fires after `saveOAuthData` or
|
|
131
|
+
* `clearOAuthData` lands a row. Used by the agent orchestrator to evict
|
|
132
|
+
* the user's pooled agent so the next chat builds a fresh tool list
|
|
133
|
+
* that reflects the new per-user connector state (otherwise the agent
|
|
134
|
+
* keeps the toolset it had at first session creation, missing any
|
|
135
|
+
* connector the user just OAuthed). Mirrors the `onSecretMutation`
|
|
136
|
+
* pattern in `src/core/secrets/index.ts`.
|
|
137
|
+
*
|
|
138
|
+
* Listener errors are swallowed — never let a stray subscriber take
|
|
139
|
+
* down the OAuth write path.
|
|
140
|
+
*/
|
|
141
|
+
private oauthMutationListeners;
|
|
142
|
+
/**
|
|
143
|
+
* OAuth state signer. Initialized lazily from the master key (HKDF-derived,
|
|
144
|
+
* domain-separated from the AEAD key). When `cryptoOpts` is missing — e.g.
|
|
145
|
+
* tests that don't exercise the OAuth init/callback paths — sign/verify
|
|
146
|
+
* throw on use rather than silently falling back to unsigned state.
|
|
147
|
+
*/
|
|
148
|
+
private oauthStateSigner;
|
|
149
|
+
/** OAuth 2.0 authorization-server store. Initialized at the end of the constructor. */
|
|
150
|
+
private oauthServerStore;
|
|
151
|
+
constructor(workspacePath: string, cryptoOpts?: AuthServiceCryptoOptions);
|
|
152
|
+
/** The OAuth authorization-server store (clients/codes/refresh + minting). */
|
|
153
|
+
get oauthServer(): OAuthServerStore;
|
|
54
154
|
createUser(email: string, password: string, displayName: string, role?: UserRole): AuthUser;
|
|
155
|
+
upsertCloudManagedUser(input: {
|
|
156
|
+
email: string;
|
|
157
|
+
displayName: string;
|
|
158
|
+
role: UserRole;
|
|
159
|
+
}): AuthUser;
|
|
160
|
+
/**
|
|
161
|
+
* Pick a unique handle by slugifying the display name (or email local-part
|
|
162
|
+
* fallback) and appending `-2`, `-3`, … on collision. Handles are immutable
|
|
163
|
+
* once assigned, so we don't have to worry about two parallel inserts
|
|
164
|
+
* racing — SQLite's UNIQUE constraint will reject the loser and the caller
|
|
165
|
+
* can retry.
|
|
166
|
+
*/
|
|
167
|
+
private allocateHandle;
|
|
55
168
|
authenticate(email: string, password: string): {
|
|
56
169
|
user: AuthUser;
|
|
57
170
|
token: string;
|
|
58
171
|
} | null;
|
|
172
|
+
createSessionToken(user: AuthUser): string;
|
|
173
|
+
/** Expose the resolved JWT secret to sibling services that mint their own
|
|
174
|
+
* signed tokens against the same key (e.g. `asset-upload-token` for the
|
|
175
|
+
* MCP presign flow). Reusing one secret keeps "rotate the JWT" a single
|
|
176
|
+
* operational lever instead of N parallel ones. The secret never leaves
|
|
177
|
+
* the server process. */
|
|
178
|
+
getJwtSecret(): string;
|
|
179
|
+
/**
|
|
180
|
+
* Resolve a session JWT to its user. **Rejects OAuth access tokens**
|
|
181
|
+
* (`oauth:true`) — those are authorization-server-issued and confined to the
|
|
182
|
+
* MCP surface, so they must never satisfy a session check. This is the
|
|
183
|
+
* choke point: every hook-bypassing surface that authenticates a JWT
|
|
184
|
+
* (`requireUser` for `/api/auth/*`, Git Basic-auth, the WebSocket route, the
|
|
185
|
+
* cookie branch of the global hook) calls this, so rejecting OAuth tokens
|
|
186
|
+
* here closes all of them at once. The single place that intentionally
|
|
187
|
+
* accepts an OAuth token — the global hook's Bearer→`/mcp` branch — uses
|
|
188
|
+
* `verifyTokenWithClaims` directly and enforces audience scoping there.
|
|
189
|
+
*/
|
|
59
190
|
verifyToken(token: string): AuthUser | null;
|
|
191
|
+
/**
|
|
192
|
+
* Verify a session/OAuth JWT in a single decode and surface the OAuth-specific
|
|
193
|
+
* claims the auth hook needs: `oauth` marks an authorization-server-issued
|
|
194
|
+
* token (which the hook scopes to `/mcp` + `/oauth/*`), `cid` is the issuing
|
|
195
|
+
* client_id (used as the integration label), and `aud` is the bound resource.
|
|
196
|
+
* Returns null for any invalid/expired token or unknown user.
|
|
197
|
+
*/
|
|
198
|
+
verifyTokenWithClaims(token: string): {
|
|
199
|
+
user: AuthUser;
|
|
200
|
+
oauth: boolean;
|
|
201
|
+
cid: string | null;
|
|
202
|
+
aud: string | null;
|
|
203
|
+
} | null;
|
|
60
204
|
findUserById(userId: number): AuthUser | null;
|
|
205
|
+
/** Look up a user by their stable handle (e.g. `christian-marc-schmidt`). */
|
|
206
|
+
findUserByHandle(handle: string): AuthUser | null;
|
|
207
|
+
/** Look up a user by email (case-insensitive). */
|
|
208
|
+
findUserByEmail(email: string): AuthUser | null;
|
|
61
209
|
listUsers(): AuthUser[];
|
|
62
210
|
deleteUser(email: string): boolean;
|
|
211
|
+
/**
|
|
212
|
+
* Before deleting `targetUserId`, transfer folder-admin rights to
|
|
213
|
+
* `actorUserId` for every folder where the target is the sole admin.
|
|
214
|
+
* Inserts an admin folder_access row for the actor (or upgrades an
|
|
215
|
+
* existing editor row). Returns the list of folder names that were
|
|
216
|
+
* transferred so the caller can surface them in UX.
|
|
217
|
+
*
|
|
218
|
+
* This prevents folders from becoming orphaned (no admins) after the
|
|
219
|
+
* target user's folder_access rows cascade-delete. Folders with other
|
|
220
|
+
* admins are left alone — no redundant membership added.
|
|
221
|
+
*/
|
|
222
|
+
transferFoldersOnDelete(targetUserId: number, actorUserId: number): string[];
|
|
63
223
|
updateProfile(userId: number, fields: {
|
|
64
224
|
displayName?: string;
|
|
65
225
|
email?: string;
|
|
@@ -71,17 +231,64 @@ export declare class AuthService {
|
|
|
71
231
|
*/
|
|
72
232
|
getOwner(): AuthUser | null;
|
|
73
233
|
/**
|
|
74
|
-
* Transfer ownership to another user. The current owner becomes
|
|
234
|
+
* Transfer ownership to another user. The current owner becomes a regular member.
|
|
75
235
|
* Both changes happen in a single transaction.
|
|
76
236
|
*/
|
|
77
237
|
transferOwnership(currentOwnerId: number, newOwnerId: number): void;
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
238
|
+
/** Grant folder membership. `role` defaults to 'editor'. Upserts the role if the row exists. */
|
|
239
|
+
grantFolderAccess(userId: number, folder: string, role?: FolderRole): void;
|
|
240
|
+
revokeFolderAccess(userId: number, folder: string): void;
|
|
241
|
+
/** Folder names the user is a member of. */
|
|
242
|
+
getUserFolders(userId: number): string[];
|
|
243
|
+
/** All users with any role on a folder. */
|
|
244
|
+
getFolderUsers(folder: string): AuthUser[];
|
|
245
|
+
/** (user, role) pairs for every member of a folder. */
|
|
246
|
+
getFolderMembers(folder: string): Array<{
|
|
247
|
+
user: AuthUser;
|
|
248
|
+
role: FolderRole;
|
|
249
|
+
}>;
|
|
250
|
+
/** Folder role for a specific user, or null if they aren't a member. */
|
|
251
|
+
getFolderRole(userId: number, folder: string): FolderRole | null;
|
|
252
|
+
/** True if the user is a folder admin on that folder. */
|
|
253
|
+
isFolderAdmin(userId: number, folder: string): boolean;
|
|
254
|
+
/** All users with folder-admin role on a folder. */
|
|
255
|
+
getFolderAdmins(folder: string): AuthUser[];
|
|
256
|
+
/**
|
|
257
|
+
* Transfer folder admin role from one user to another. Used during member
|
|
258
|
+
* removal to pass orphaned folders to the workspace owner.
|
|
259
|
+
*/
|
|
260
|
+
transferFolderAdmin(folder: string, fromUserId: number, toUserId: number): void;
|
|
261
|
+
/** Rename the folder slug across all membership rows. */
|
|
262
|
+
renameFolder(oldName: string, newName: string): void;
|
|
83
263
|
/** Get stored OAuth data (tokens, clientInfo, codeVerifier) for a user+connector. */
|
|
84
264
|
getOAuthData(userId: number, connectorName: string): Record<string, any> | null;
|
|
265
|
+
/**
|
|
266
|
+
* Sign an OAuth state parameter for outbound flows. Throws when the service
|
|
267
|
+
* was constructed without crypto options (the signing key is HKDF-derived
|
|
268
|
+
* from the master key). Callers in OAuth init paths must ensure the
|
|
269
|
+
* AuthService is constructed with crypto options — production always is;
|
|
270
|
+
* tests that exercise OAuth flows should provide a master key.
|
|
271
|
+
*/
|
|
272
|
+
signOAuthState(claims: OAuthStateClaims): string;
|
|
273
|
+
/**
|
|
274
|
+
* Verify a signed OAuth state. Returns null on:
|
|
275
|
+
* - missing/invalid signing key (defensive — should not happen in
|
|
276
|
+
* production where serve.ts wires the master key)
|
|
277
|
+
* - tampered / forged / unsigned state
|
|
278
|
+
* - state older than 10 minutes (replay window)
|
|
279
|
+
* - state with future-skewed `t` beyond a small tolerance
|
|
280
|
+
* Callers should treat null as "invalid/expired state" and surface a
|
|
281
|
+
* generic error to the browser without echoing details.
|
|
282
|
+
*/
|
|
283
|
+
verifyOAuthState(state: string): OAuthStateClaims | null;
|
|
284
|
+
/**
|
|
285
|
+
* Subscribe to OAuth-token mutations. Returns an unsubscribe fn.
|
|
286
|
+
* Listeners fire AFTER the row write commits. Both connect and disconnect
|
|
287
|
+
* paths emit; subscribers that only care about one should filter
|
|
288
|
+
* themselves.
|
|
289
|
+
*/
|
|
290
|
+
onOAuthMutation(fn: (userId: number, connectorName: string) => void): () => void;
|
|
291
|
+
private notifyOAuthMutation;
|
|
85
292
|
/** Save OAuth data (upsert). */
|
|
86
293
|
saveOAuthData(userId: number, connectorName: string, data: Record<string, any>): void;
|
|
87
294
|
/** List all connected connectors for a user. */
|
|
@@ -94,26 +301,61 @@ export declare class AuthService {
|
|
|
94
301
|
hasOAuthTokens(userId: number, connectorName: string): boolean;
|
|
95
302
|
hasUsers(): boolean;
|
|
96
303
|
getUserCount(): number;
|
|
97
|
-
/** Get the workspace API key (for MCP and programmatic access). */
|
|
98
|
-
getApiKey(): string;
|
|
99
|
-
/** Check whether the given string matches the workspace API key. */
|
|
100
|
-
validateApiKey(key: string): boolean;
|
|
101
304
|
/**
|
|
102
|
-
*
|
|
103
|
-
*
|
|
104
|
-
*
|
|
305
|
+
* Mint a new per-user API token. Returns the raw token once — only its
|
|
306
|
+
* sha256 hash is stored in the database. The raw value cannot be recovered
|
|
307
|
+
* later, matching how GitHub personal access tokens work.
|
|
308
|
+
*/
|
|
309
|
+
createApiToken(userId: number, name: string): {
|
|
310
|
+
id: number;
|
|
311
|
+
token: string;
|
|
312
|
+
name: string;
|
|
313
|
+
};
|
|
314
|
+
/**
|
|
315
|
+
* Resolve a raw API token to its owning user, updating `last_used_at`
|
|
316
|
+
* on success. Returns null if the token is unknown or the owning user
|
|
317
|
+
* has been deleted.
|
|
318
|
+
*/
|
|
319
|
+
verifyApiToken(token: string): AuthUser | null;
|
|
320
|
+
/**
|
|
321
|
+
* Same as verifyApiToken but also returns the token's user-set name (e.g.
|
|
322
|
+
* "Cursor", "Claude Desktop"). Used by surfaces that need to attribute an
|
|
323
|
+
* action to a specific named integration — most importantly the
|
|
324
|
+
* agent-activity feature, which renders "<owner>'s <token name>" chips.
|
|
105
325
|
*/
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
326
|
+
verifyApiTokenWithMeta(token: string): {
|
|
327
|
+
user: AuthUser;
|
|
328
|
+
tokenName: string;
|
|
329
|
+
} | null;
|
|
330
|
+
/** List a user's API tokens. Never returns the raw token — only metadata. */
|
|
331
|
+
listApiTokens(userId: number): Array<{
|
|
332
|
+
id: number;
|
|
333
|
+
name: string;
|
|
334
|
+
created_at: string;
|
|
335
|
+
last_used_at: string | null;
|
|
336
|
+
}>;
|
|
337
|
+
/** Revoke (delete) an API token owned by the given user. No-op if not found. */
|
|
338
|
+
revokeApiToken(tokenId: number, userId: number): boolean;
|
|
109
339
|
/**
|
|
110
340
|
* Ensure auth.db and auth-secret are in .studiograph/.gitignore.
|
|
111
341
|
* Only the seed JSON file should be committed to the config repo.
|
|
112
342
|
*/
|
|
113
343
|
private ensureGitignore;
|
|
114
344
|
/**
|
|
115
|
-
* Build and return the current auth seed data (users + JWT secret +
|
|
345
|
+
* Build and return the current auth seed data (users + JWT secret + folder access).
|
|
116
346
|
* Does not write to disk — use exportSeed() for that.
|
|
347
|
+
*
|
|
348
|
+
* SECURITY: the returned object embeds raw secrets:
|
|
349
|
+
* • `jwtSecret` — signing key for ALL session tokens. Anyone holding this
|
|
350
|
+
* can mint a valid session for any user. Rotate by setting
|
|
351
|
+
* STUDIOGRAPH_JWT_SECRET in production and restarting.
|
|
352
|
+
* • `users[].password_hash` — bcrypt hashes (cost 12). Offline-crackable
|
|
353
|
+
* against weak passwords; treat as compromise of the listed accounts
|
|
354
|
+
* if leaked.
|
|
355
|
+
*
|
|
356
|
+
* Only call this from paths that write to a trusted location (auth-seed.json
|
|
357
|
+
* inside the .studiograph/ config repo). Never expose over HTTP, never log,
|
|
358
|
+
* never include in error messages or telemetry.
|
|
117
359
|
*/
|
|
118
360
|
getSeedData(): AuthSeed;
|
|
119
361
|
/**
|
|
@@ -129,10 +371,20 @@ export declare class AuthService {
|
|
|
129
371
|
private pushSeed;
|
|
130
372
|
/**
|
|
131
373
|
* Import users and JWT secret from .studiograph/auth-seed.json.
|
|
132
|
-
*
|
|
133
|
-
* (
|
|
374
|
+
* Two modes:
|
|
375
|
+
* • `merge` (default) — INSERT OR IGNORE on email. Existing local rows win
|
|
376
|
+
* on conflict. Safe for boot-time recovery when the local DB may carry
|
|
377
|
+
* legitimate state the seed shouldn't clobber.
|
|
378
|
+
* • `overwrite` — UPSERT on email. Seed values win on conflict. Correct
|
|
379
|
+
* for explicit "remote is authoritative" callers (`studiograph pull`,
|
|
380
|
+
* `studiograph clone`, admin bundle import) where any local divergence
|
|
381
|
+
* was almost certainly the post-clone setup-wizard stamping fresh
|
|
382
|
+
* credentials over the real ones. `merge` mode silently shadowed
|
|
383
|
+
* production credentials in that exact scenario — see 2026-05 incident.
|
|
134
384
|
*/
|
|
135
|
-
applySeed(
|
|
385
|
+
applySeed(options?: {
|
|
386
|
+
mode?: 'merge' | 'overwrite';
|
|
387
|
+
}): void;
|
|
136
388
|
getUserViews(userId: number): UserView[];
|
|
137
389
|
createUserView(userId: number, name: string, viewType?: string, config?: Record<string, any>, createdByName?: string): UserView;
|
|
138
390
|
setViewVisibility(viewId: number, userId: number, visibility: 'private' | 'workspace'): void;
|
|
@@ -143,6 +395,30 @@ export declare class AuthService {
|
|
|
143
395
|
sortOrder?: number;
|
|
144
396
|
}): void;
|
|
145
397
|
deleteUserView(viewId: number, userId: number): void;
|
|
398
|
+
private toWorkspaceView;
|
|
399
|
+
/** All views for a scope, in tab order. */
|
|
400
|
+
getViewsForScope(scope: string): WorkspaceView[];
|
|
401
|
+
getWorkspaceView(viewId: number): WorkspaceView | null;
|
|
402
|
+
/**
|
|
403
|
+
* Add a view to a scope. One-of-each is enforced by UNIQUE(scope, view_type):
|
|
404
|
+
* a duplicate is a no-op that returns the existing row, so callers (and the
|
|
405
|
+
* "+" menu) never create dupes.
|
|
406
|
+
*/
|
|
407
|
+
createWorkspaceView(scope: string, viewType: string, config?: Record<string, any>, createdBy?: string): WorkspaceView;
|
|
408
|
+
updateWorkspaceView(viewId: number, fields: {
|
|
409
|
+
config?: Record<string, any>;
|
|
410
|
+
position?: number;
|
|
411
|
+
name?: string | null;
|
|
412
|
+
}): void;
|
|
413
|
+
deleteWorkspaceView(viewId: number): void;
|
|
414
|
+
/**
|
|
415
|
+
* Idempotently seed a scope's default views (called on first GET for a scope).
|
|
416
|
+
* Every scope (folder, type, recent) seeds with just List — the user adds
|
|
417
|
+
* additional views via the manage popover. INSERT OR IGNORE + UNIQUE(scope,
|
|
418
|
+
* view_type) makes this safe to call on every access and race-safe across
|
|
419
|
+
* concurrent loads.
|
|
420
|
+
*/
|
|
421
|
+
ensureViewsForScope(scope: string): WorkspaceView[];
|
|
146
422
|
private _viewMigrationDone;
|
|
147
423
|
/**
|
|
148
424
|
* Create default workspace views based on which entity types have data.
|
|
@@ -160,26 +436,17 @@ export declare class AuthService {
|
|
|
160
436
|
setAccentColor(userId: number, color: string | null): void;
|
|
161
437
|
getOnboarded(userId: number): boolean;
|
|
162
438
|
setOnboarded(userId: number, value: boolean): void;
|
|
163
|
-
|
|
164
|
-
|
|
439
|
+
/**
|
|
440
|
+
* Reset per-user state used by the agent: onboarding flag and meeting-capture
|
|
441
|
+
* settings (Deepgram key, calendar, default folder). Preserves the user
|
|
442
|
+
* account, accent color, and minted API tokens. Used by `POST /api/reset` to
|
|
443
|
+
* put a tester back to a clean slate without a redeploy or DB surgery.
|
|
444
|
+
*/
|
|
445
|
+
resetUserState(userId: number): void;
|
|
165
446
|
getUserSettings(userId: number): Record<string, any>;
|
|
166
447
|
setUserSettings(userId: number, settings: Record<string, any>): void;
|
|
167
448
|
getUserSetting(userId: number, key: string): any;
|
|
168
449
|
setUserSetting(userId: number, key: string, value: any): void;
|
|
169
|
-
getCachedInsights(userId: number): {
|
|
170
|
-
insights: any[];
|
|
171
|
-
generatedAt: string | null;
|
|
172
|
-
};
|
|
173
|
-
setCachedInsights(userId: number, insights: any[]): void;
|
|
174
|
-
/** Returns ms since insights were last generated, or null if never generated. */
|
|
175
|
-
getCachedInsightsAge(userId: number): number | null;
|
|
176
|
-
getCachedBriefing(userId: number): {
|
|
177
|
-
briefingText: string | null;
|
|
178
|
-
previousBriefingText: string | null;
|
|
179
|
-
generatedAt: string | null;
|
|
180
|
-
};
|
|
181
|
-
setCachedBriefing(userId: number, briefingText: string): void;
|
|
182
|
-
getCachedBriefingAge(userId: number): number | null;
|
|
183
450
|
close(): void;
|
|
184
451
|
private toAuthUser;
|
|
185
452
|
}
|