diff --git a/CHANGELOG.md b/CHANGELOG.md index a141f3c..15ee3da 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ ## Unreleased +- Bumped `@objectstack/*` from 12.4.0 to **14.7.0** in `apps/objectos`, so the + runtime image ships the 14.x train (Permission Model v2, enforced object + capability flags, data-lifecycle contract, phone/SMS auth, MCP scope + ceiling). Verified: `objectstack compile`, `tsc --noEmit`, and the runtime + smoke test all pass on 14.7.0. +- Refreshed the docs site for the ObjectStack 13/14 releases: the + Roles page became [Positions](content/docs/configure/permissions/positions.mdx) + (roles/profiles converged per ADR-0090), permissions/record-access/security + pages document private-by-default sharing, audience anchors, delegated + administration and the explain engine, and the changelog page now covers the + 12.x–14.x release trains. English + Simplified Chinese updated; other + locales pending the next translation sync. - Repository re-initialized as the **ObjectOS reference runtime distribution**. - Previous codebase preserved on branch `legacy/v1` and tag `v1-final`. - Adopted pnpm + Turborepo monorepo layout: `apps/objectos`, `apps/docs`, `packages/*`. diff --git a/apps/objectos/README.md b/apps/objectos/README.md index e9ff904..5624722 100644 --- a/apps/objectos/README.md +++ b/apps/objectos/README.md @@ -10,7 +10,7 @@ This package intentionally contains **no protocol code**. All schemas, the kernel, drivers and official plugins come from `@objectstack/*` packages on npm. Enterprise plugins maintained in this monorepo live under `../../packages/` and are composed into the runtime stack returned by -[`createObjectOSStack`](https://www.npmjs.com/package/@objectstack/runtime) +[`createStandaloneStack`](https://www.npmjs.com/package/@objectstack/runtime) in [`objectstack.config.ts`](./objectstack.config.ts). See the repository [README](../../README.md) for positioning and the diff --git a/apps/objectos/objectstack.config.ts b/apps/objectos/objectstack.config.ts index b012015..53e52c0 100644 --- a/apps/objectos/objectstack.config.ts +++ b/apps/objectos/objectstack.config.ts @@ -52,11 +52,12 @@ const stack = await createStandaloneStack({ databaseUrl, }); -// @objectstack 12.1 workaround: createStandaloneStack hard-codes -// `api.projectResolution: 'none'` for the single-tenant standalone case, but the -// 12.1 protocol validator's `api.projectResolution` enum only accepts -// required|optional|auto (the field is optional). Since standalone runs with -// `enableProjectScoping: false`, drop the field so compile/validate passes. +// @objectstack workaround (12.1, still required as of 14.7): +// createStandaloneStack hard-codes `api.projectResolution: 'none'` for the +// single-tenant standalone case, but the protocol validator's +// `api.projectResolution` enum only accepts required|optional|auto (the field +// is optional). Since standalone runs with `enableProjectScoping: false`, +// drop the field so compile/validate passes. const { projectResolution: _drop, ...api } = stack.api as { projectResolution?: string; } & Record; diff --git a/apps/objectos/package.json b/apps/objectos/package.json index 72b78e9..97e9609 100644 --- a/apps/objectos/package.json +++ b/apps/objectos/package.json @@ -13,16 +13,16 @@ "type-check": "tsc --noEmit" }, "dependencies": { - "@objectstack/cli": "12.4.0", - "@objectstack/cloud-connection": "12.4.0", - "@objectstack/console": "12.4.0", - "@objectstack/core": "12.4.0", - "@objectstack/driver-memory": "12.4.0", - "@objectstack/driver-sql": "12.4.0", - "@objectstack/metadata": "12.4.0", - "@objectstack/objectql": "12.4.0", - "@objectstack/runtime": "12.4.0", - "@objectstack/spec": "12.4.0", + "@objectstack/cli": "14.7.0", + "@objectstack/cloud-connection": "14.7.0", + "@objectstack/console": "14.7.0", + "@objectstack/core": "14.7.0", + "@objectstack/driver-memory": "14.7.0", + "@objectstack/driver-sql": "14.7.0", + "@objectstack/metadata": "14.7.0", + "@objectstack/objectql": "14.7.0", + "@objectstack/runtime": "14.7.0", + "@objectstack/spec": "14.7.0", "pg": "^8.0.0" }, "devDependencies": { diff --git a/content/docs/build/data-model.mdx b/content/docs/build/data-model.mdx index a256cbd..c5677e4 100644 --- a/content/docs/build/data-model.mdx +++ b/content/docs/build/data-model.mdx @@ -206,21 +206,54 @@ ObjectSchema.create({ }); ``` -## Lifecycle & ownership +## Capability flags & ownership ```ts ObjectSchema.create({ name: 'task', ownership: 'own', // 'own' | 'shared' | 'system' + sharingModel: 'private', // OWD — custom objects default to private (v13) enable: { apiEnabled: true, // generated REST endpoints - trackHistory: true, // audit log of field changes - feeds: true, // sys_comment / sys_activity / @mentions + trackHistory: true, // History tab + field-level diffs (default true) + feeds: true, // sys_comment / @mentions (default true) + activities: true, // mirror CRUD to sys_activity timeline (default true) + files: true, // Attachments panel (opt-in, default false) softDelete: true, // tombstone instead of hard delete }, }); ``` +Since ObjectStack 14 the `enable.*` flags are **enforced**, not +advisory: `feeds: false` rejects comment creation with 403 +`FEEDS_DISABLED`, `files` must be opted in before `sys_attachment` rows +can be created (403 `FILES_DISABLED` otherwise), and `activities` / +`trackHistory` gate the timeline and History tab. The compliance +`sys_audit_log` row is always written regardless of flags. + +## Data lifecycle (retention) + +High-volume objects can declare a `lifecycle` block so the platform +bounds their growth (ObjectStack 14.4, ADR-0057): + +```ts +ObjectSchema.create({ + name: 'my_event', + lifecycle: { + class: 'event', // 'record' | 'audit' | 'telemetry' | 'transient' | 'event' + retention: '14d', // reaper deletes rows past the window + storage: { rotation: 'weekly' }, // time-sharded tables, O(1) expiry + }, +}); +``` + +The built-in LifecycleService (disable with `OS_LIFECYCLE_DISABLED=1`) +reaps expired rows, rotates time-sharded tables, and archives +audit-class objects. Platform objects such as `sys_activity` (14 days) +and `sys_audit_log` (90 days hot, then archive) ship with lifecycle +declarations you can tune per environment via the +`lifecycle.retention_overrides` setting. + ## System objects (free with every project) You don't have to declare these — they're always there: @@ -230,7 +263,7 @@ You don't have to declare these — they're always there: | `sys_user` | User accounts | | `sys_org` | Organizations / tenants | | `sys_member` | Org membership | -| `sys_role`, `sys_permission_set` | RBAC primitives | +| `sys_position`, `sys_permission_set` | RBAC primitives | | `sys_audit_log` | Audit trail (when audit capability loaded) | | `sys_file`, `sys_attachment` | File metadata (when storage loaded) | | `sys_comment`, `sys_activity` | Feed / chatter (when feed loaded) | diff --git a/content/docs/build/data-model.zh-Hans.mdx b/content/docs/build/data-model.zh-Hans.mdx index 79412e0..13b7a0d 100644 --- a/content/docs/build/data-model.zh-Hans.mdx +++ b/content/docs/build/data-model.zh-Hans.mdx @@ -197,21 +197,50 @@ ObjectSchema.create({ }); ``` -## 生命周期与所有权 +## 能力开关与所有权 ```ts ObjectSchema.create({ name: 'task', ownership: 'own', // 'own' | 'shared' | 'system' + sharingModel: 'private', // OWD——自定义对象默认私有(v13) enable: { apiEnabled: true, // 生成 REST 端点 - trackHistory: true, // 字段变更审计日志 - feeds: true, // sys_comment / sys_activity / @提及 + trackHistory: true, // History 选项卡 + 字段级差异(默认 true) + feeds: true, // sys_comment / @提及(默认 true) + activities: true, // CRUD 镜像到 sys_activity 时间线(默认 true) + files: true, // 附件面板(需显式开启,默认 false) softDelete: true, // 软删除而非硬删除 }, }); ``` +自 ObjectStack 14 起,`enable.*` 开关是**强制执行**的,而不再只是声明: +`feeds: false` 会以 403 `FEEDS_DISABLED` 拒绝评论创建;`files` 必须显式开启 +后才能创建 `sys_attachment` 行(否则返回 403 `FILES_DISABLED`); +`activities` / `trackHistory` 控制时间线和 History 选项卡。无论开关如何, +合规用途的 `sys_audit_log` 行始终会写入。 + +## 数据生命周期(保留策略) + +大数据量对象可以声明 `lifecycle` 块,让平台约束其增长(ObjectStack 14.4,ADR-0057): + +```ts +ObjectSchema.create({ + name: 'my_event', + lifecycle: { + class: 'event', // 'record' | 'audit' | 'telemetry' | 'transient' | 'event' + retention: '14d', // 回收器删除超出窗口的行 + storage: { rotation: 'weekly' }, // 按时间分片表,O(1) 过期 + }, +}); +``` + +内置的 LifecycleService(可用 `OS_LIFECYCLE_DISABLED=1` 关闭)负责回收过期行、 +轮换分片表,并归档 audit 类对象。`sys_activity`(14 天)、`sys_audit_log` +(热存 90 天后归档)等平台对象自带生命周期声明,可通过 +`lifecycle.retention_overrides` 设置按环境调整。 + ## 系统对象(每个项目免费自带) 这些你不必声明 —— 它们一直都在: @@ -221,7 +250,7 @@ ObjectSchema.create({ | `sys_user` | 用户账户 | | `sys_org` | 组织 / 租户 | | `sys_member` | 组织成员关系 | -| `sys_role`、`sys_permission_set` | RBAC 原语 | +| `sys_position`、`sys_permission_set` | RBAC 原语 | | `sys_audit_log` | 审计轨迹(加载审计能力时) | | `sys_file`、`sys_attachment` | 文件元数据(加载存储能力时) | | `sys_comment`、`sys_activity` | Feed / chatter(加载 feed 能力时) | diff --git a/content/docs/configure/api-access.mdx b/content/docs/configure/api-access.mdx index 36528b0..62409c4 100644 --- a/content/docs/configure/api-access.mdx +++ b/content/docs/configure/api-access.mdx @@ -45,13 +45,14 @@ Both are enforced at the REST layer — see ## Authentication options -Callers can authenticate in three ways: +Callers can authenticate in four ways: | Method | Best for | How | |---|---|---| | Session cookie | Browser/UI traffic | Sign in through `/api/v1/auth/*`; cookies are scoped to the project hostname | | Bearer access token | Mobile, SPA, short-lived server jobs | Exchange credentials at `/api/v1/auth/sign-in/email` and pass `Authorization: Bearer ` | | API key | Server-to-server, ETL, long-lived integrations | Create a `sys_api_key`, pass it as a bearer token | +| OAuth 2.1 (MCP) | AI agents / MCP clients acting as a signed-in user | Self-serve authorization-code + PKCE flow against the deployment itself | All three pass through the same `AuthPlugin` and resolve to a `sys_user` context that the `SecurityPlugin` evaluates against permissions and @@ -95,6 +96,28 @@ To revoke a key, run the `revoke_api_key` action on the corresponding `sys_api_key` record (also available in the Console UI). Revocation takes effect immediately on the next request. +## MCP clients & OAuth 2.1 (ObjectStack 13+) + +Any OAuth-capable MCP client — Claude.ai custom connectors, Claude +Desktop, Claude Code — can connect **self-serve**, without an admin +minting API keys: + +- Each deployment acts as its own authorization server (backed by the + embedded auth instance), with RFC 8414 / RFC 9728 discovery, dynamic + client registration (RFC 7591), authorization-code + PKCE, and + resource binding to `/api/v1/mcp`. TLS is required + (localhost exempt). +- Users sign in as themselves; tool calls run under their own + permissions and row-level security. +- OAuth scopes establish a hard permission ceiling + (ObjectStack 14.5): `effective_permission = scope_ceiling ∩ + user_grants`. `data:read` grants read-only data access, `data:write` + full CRUD, and `actions:execute` is required for capability-gated + business actions. Tokens missing a scope fail closed. + +API keys remain a parallel track for CI and headless agents — `x-api-key` +and `Authorization: Bearer osk_…` continue to work unchanged. + ## Pagination, filtering, and sorting Generated list endpoints accept the standard ObjectStack query diff --git a/content/docs/configure/api-access.zh-Hans.mdx b/content/docs/configure/api-access.zh-Hans.mdx index a7daa36..61e2f24 100644 --- a/content/docs/configure/api-access.zh-Hans.mdx +++ b/content/docs/configure/api-access.zh-Hans.mdx @@ -40,15 +40,16 @@ API 暴露在 artifact 中按对象逐个治理,而不是在网关层: ## 身份验证方式 -调用方可以通过三种方式进行身份验证: +调用方可以通过四种方式进行身份验证: | 方式 | 适用场景 | 做法 | |---|---|---| | Session cookie | 浏览器/UI 流量 | 通过 `/api/v1/auth/*` 登录;cookie 的作用域限定在项目主机名 | | Bearer 访问令牌 | 移动端、SPA、短时服务端任务 | 在 `/api/v1/auth/sign-in/email` 用凭据换取令牌,并以 `Authorization: Bearer ` 传递 | | API 密钥 | 服务器到服务器、ETL、长期存续的集成 | 创建一条 `sys_api_key` 记录,作为 bearer 令牌使用 | +| OAuth 2.1(MCP) | 以登录用户身份行事的 AI 代理 / MCP 客户端 | 直接对部署本身执行自助授权码 + PKCE 流程 | -这三种方式都会经过同一个 `AuthPlugin`,并最终解析为 `sys_user` 上下文,由 `SecurityPlugin` 据此评估权限和记录访问。 +这些方式都会经过同一个 `AuthPlugin`,并最终解析为 `sys_user` 上下文,由 `SecurityPlugin` 据此评估权限和记录访问。 ## API 密钥 @@ -80,6 +81,16 @@ curl https://app.example.com/api/v1/data/account \ 要撤销某个密钥,请在对应的 `sys_api_key` 记录上运行 `revoke_api_key` action(Console UI 中也提供)。撤销会在下一次请求时立即生效。 +## MCP 客户端与 OAuth 2.1(ObjectStack 13+) + +任何支持 OAuth 的 MCP 客户端——Claude.ai 自定义连接器、Claude Desktop、Claude Code——都可以**自助**接入,无需管理员签发 API 密钥: + +- 每个部署都充当自己的授权服务器(由内嵌认证实例支撑),支持 RFC 8414 / RFC 9728 发现、动态客户端注册(RFC 7591)、授权码 + PKCE,以及绑定到 `/api/v1/mcp` 的资源约束。要求 TLS(localhost 豁免)。 +- 用户以自己的身份登录;工具调用在其本人的权限和行级安全下运行。 +- OAuth scope 构成硬性权限上限(ObjectStack 14.5):`effective_permission = scope_ceiling ∩ user_grants`。`data:read` 授予只读数据访问,`data:write` 授予完整 CRUD,能力门控的业务动作需要 `actions:execute`。缺少 scope 的令牌将失败关闭。 + +API 密钥仍作为 CI 与无头代理的并行通道——`x-api-key` 和 `Authorization: Bearer osk_…` 继续原样工作。 + ## 分页、过滤与排序 自动生成的列表端点接受标准的 ObjectStack 查询参数: diff --git a/content/docs/configure/authentication.mdx b/content/docs/configure/authentication.mdx index 528817e..c5fcd3c 100644 --- a/content/docs/configure/authentication.mdx +++ b/content/docs/configure/authentication.mdx @@ -22,8 +22,38 @@ support: - two-factor authentication; - passkeys/WebAuthn; - magic links; +- phone number sign-in with SMS OTP (opt-in); - CLI/browser device flow. +## Phone sign-in & SMS (ObjectStack 14.3+) + +Enable phone-number authentication via the `auth.plugins.phoneNumber` +setting. Once on: + +- `POST /sign-in/phone-number` accepts phone + password; +- SMS OTP covers sign-in verification and self-service password reset, + with per-number cooldowns, rolling-hour caps, and per-IP rate limits; +- `sys_user` gains unique `phone_number` and `phone_number_verified` + columns; phone-only accounts get a placeholder email. + +SMS delivery is provided by `@objectstack/plugin-sms` with Aliyun SMS, +Twilio, or a dev log fallback, configured through the `sms` settings +namespace. Message bodies containing OTP codes are never persisted or +logged. Notifications can also target the `sms` channel via +`notify(channels: ['sms'])`. + +## Admin user management (ObjectStack 14.3+) + +Platform admins can provision accounts without the email invite flow: + +- `POST /api/v1/auth/admin/create-user` creates a user directly, with an + optional one-time password (returned once, never persisted). The + `must_change_password` flag forces rotation at first sign-in (403 + `PASSWORD_EXPIRED` until changed). +- `POST /api/v1/auth/admin/import-users` bulk-imports rows / CSV / XLSX + (max 500 rows per request) with dry-run and upsert-by-email-or-phone + modes; existing users never get their passwords reset. + ## Required secret Set: diff --git a/content/docs/configure/authentication.zh-Hans.mdx b/content/docs/configure/authentication.zh-Hans.mdx index f111af4..06c2979 100644 --- a/content/docs/configure/authentication.zh-Hans.mdx +++ b/content/docs/configure/authentication.zh-Hans.mdx @@ -19,8 +19,26 @@ ObjectOS 使用由 Better Auth 驱动的 ObjectStack 认证插件。认证是项 - 双因素认证; - Passkey/WebAuthn; - 魔法链接; +- 手机号登录与短信 OTP(需显式开启); - CLI/浏览器设备流程。 +## 手机号登录与短信(ObjectStack 14.3+) + +通过 `auth.plugins.phoneNumber` 设置开启手机号认证。开启后: + +- `POST /sign-in/phone-number` 接受手机号 + 密码登录; +- 短信 OTP 覆盖登录验证和自助密码重置,并自带按号码冷却、滚动小时上限和按 IP 限流; +- `sys_user` 增加唯一的 `phone_number` 与 `phone_number_verified` 列;仅手机号账户会获得占位邮箱。 + +短信发送由 `@objectstack/plugin-sms` 提供,支持阿里云短信、Twilio 或开发环境日志回退,通过 `sms` 设置命名空间配置。含 OTP 验证码的消息体永不持久化或写入日志。通知也可以通过 `notify(channels: ['sms'])` 走 `sms` 通道。 + +## 管理员用户管理(ObjectStack 14.3+) + +平台管理员可以不经邮件邀请流程直接开通账户: + +- `POST /api/v1/auth/admin/create-user` 直接创建用户,可选生成一次性密码(仅返回一次,不持久化)。`must_change_password` 标志强制首次登录时修改密码(未修改前返回 403 `PASSWORD_EXPIRED`)。 +- `POST /api/v1/auth/admin/import-users` 批量导入行 / CSV / XLSX(每次请求最多 500 行),支持 dry-run 和按邮箱或手机号 upsert;已存在用户的密码永不重置。 + ## 必需的 Secret 设置: diff --git a/content/docs/configure/permissions/index.de.mdx b/content/docs/configure/permissions/index.de.mdx index 3f9be82..836890d 100644 --- a/content/docs/configure/permissions/index.de.mdx +++ b/content/docs/configure/permissions/index.de.mdx @@ -68,7 +68,7 @@ ausdrücken können wie "der Vorgesetzte des Datensatzeigentümers". Verwenden Sie Rollen, wenn Sie hierarchischen Zugriff benötigen; verzichten Sie auf sie bei flachen Teams. -Siehe [Roles](/docs/configure/permissions/roles). +Siehe [Roles](/docs/configure/permissions/positions). ## Schicht 3 — Berechtigungssätze diff --git a/content/docs/configure/permissions/index.es.mdx b/content/docs/configure/permissions/index.es.mdx index 91dcb75..44eeca4 100644 --- a/content/docs/configure/permissions/index.es.mdx +++ b/content/docs/configure/permissions/index.es.mdx @@ -62,7 +62,7 @@ principalmente para que las reglas de uso compartido y los informes puedan decir gerente del propietario del registro". Usa roles cuando necesites acceso jerárquico; omítelos para equipos planos. -Consulta [Roles](/docs/configure/permissions/roles). +Consulta [Roles](/docs/configure/permissions/positions). ## Capa 3 — Conjuntos de permisos diff --git a/content/docs/configure/permissions/index.fr.mdx b/content/docs/configure/permissions/index.fr.mdx index 40ca5b7..021cdfc 100644 --- a/content/docs/configure/permissions/index.fr.mdx +++ b/content/docs/configure/permissions/index.fr.mdx @@ -71,7 +71,7 @@ propriétaire de l'enregistrement ». Utilisez les rôles lorsque vous avez besoin d'un accès hiérarchique ; ignorez-les pour les équipes à structure plate. -Voir [Rôles](/docs/configure/permissions/roles). +Voir [Rôles](/docs/configure/permissions/positions). ## Couche 3 — Ensembles d'autorisations diff --git a/content/docs/configure/permissions/index.ja.mdx b/content/docs/configure/permissions/index.ja.mdx index 7fa0a98..6f483c6 100644 --- a/content/docs/configure/permissions/index.ja.mdx +++ b/content/docs/configure/permissions/index.ja.mdx @@ -52,7 +52,7 @@ Field security For those records, which FIELDS are readable / writable? ロールは組織図(CFO → 財務マネージャー → アナリスト)をモデル化します。これらが存在する主な目的は、シェアルールやレポートで「レコード所有者のマネージャー」といった表現を可能にすることです。階層的なアクセスが必要な場合はロールを使い、フラットなチームでは省略してください。 -[ロール](/docs/configure/permissions/roles)を参照してください。 +[ロール](/docs/configure/permissions/positions)を参照してください。 ## レイヤー 3 — 権限セット diff --git a/content/docs/configure/permissions/index.ko.mdx b/content/docs/configure/permissions/index.ko.mdx index d79d767..2ff3433 100644 --- a/content/docs/configure/permissions/index.ko.mdx +++ b/content/docs/configure/permissions/index.ko.mdx @@ -52,7 +52,7 @@ Field security For those records, which FIELDS are readable / writable? 역할은 조직도(CFO → Finance Manager → Analyst)를 모델링합니다. 역할이 존재하는 주된 이유는 공유 규칙과 보고서가 "레코드 소유자의 관리자"와 같은 표현을 할 수 있게 하기 위함입니다. 계층적 접근이 필요할 때 역할을 사용하고, 평면적인 팀에서는 생략하세요. -[역할](/docs/configure/permissions/roles)을 참조하세요. +[역할](/docs/configure/permissions/positions)을 참조하세요. ## 계층 3 — 권한 집합 diff --git a/content/docs/configure/permissions/index.mdx b/content/docs/configure/permissions/index.mdx index f7b4c71..0783003 100644 --- a/content/docs/configure/permissions/index.mdx +++ b/content/docs/configure/permissions/index.mdx @@ -1,14 +1,16 @@ --- title: Permissions -description: Identity, roles, permission sets, record access, and field security — the whole access model on one page. +description: Identity, positions, permission sets, record access, and field security — the whole access model on one page. --- # Permissions ObjectOS has a layered access model borrowed from the playbook that's -worked in enterprise software for two decades: identity → roles → +worked in enterprise software for two decades: identity → positions → permission sets → record access → field security. Each layer answers a different question, and you can ignore the ones you don't need. +(ObjectStack 13 consolidated the legacy Roles and Profiles concepts into +**positions** — see [Positions](/docs/configure/permissions/positions).) ## The model in one diagram @@ -17,7 +19,7 @@ Authentication Who is the caller? ↓ Identity Which user/org/membership is active? ↓ -Roles Where do they sit in the hierarchy? +Positions Which job functions do they hold? ↓ Permission sets What CAN they do — apps, objects, fields, system? ↓ @@ -27,7 +29,7 @@ Field security For those records, which FIELDS are readable / writable? ``` Each layer is enforced by the security plugin. You can use just -permission sets (no roles, no sharing rules) for simple apps and add +permission sets (no positions, no sharing rules) for simple apps and add the rest as the requirement appears. ## Layer 1 — Identity @@ -38,7 +40,7 @@ Identity objects live in your project database. The most important ones: |---|---| | `sys_user` | A person or service account that can authenticate | | `sys_organization` | Tenant / workspace boundary (multi-tenant apps) | -| `sys_member` | A user's membership in an organization (role assigned per membership) | +| `sys_member` | A user's membership in an organization | | `sys_business_unit`, `sys_team` | Optional org structure for sharing rules | | `sys_invitation` | Pending invite waiting to be accepted | | `sys_session` | Active authenticated session | @@ -55,19 +57,23 @@ In a multi-tenant deployment: You create/manage these from **Console** (`/_console/`) at runtime, or seed them in `objectstack.config.ts` for fresh environments. -## Layer 2 — Roles +## Layer 2 — Positions -Roles model the org chart (CFO → Finance Manager → Analyst). They -exist primarily so sharing rules and reports can say things like "the -record owner's manager." Use roles when you need hierarchical access; -skip them for flat teams. +Positions model job functions ("Sales Manager", "Support Agent"). They +are flat — hierarchy lives on the business-unit tree, so sharing rules +and reports say things like "the record owner's unit and subordinate +units." Two seeded audience anchors, `everyone` (all authenticated +users) and `guest` (anonymous callers), let you bind baseline +permission sets without custom fallback logic. Use positions to +distribute permission sets by function; skip custom positions for flat +teams. -See [Roles](/docs/configure/permissions/roles). +See [Positions](/docs/configure/permissions/positions). ## Layer 3 — Permission sets Permission sets are the primary way to grant capabilities. They attach -to users directly or via roles. +to users directly or via positions. ### What they grant @@ -94,7 +100,7 @@ These are the exact flag names the security plugin checks: `viewAllRecords` and `modifyAllRecords` are tenant-wide super-user grants for that object. Reserve them for explicit administrative -permission sets and keep them out of any user-facing role. +permission sets and keep them out of any user-facing position. See [Permission Sets](/docs/configure/permissions/permission-sets). @@ -106,10 +112,15 @@ The model supports: - Implicit ownership (rows the user created or owns) - Sharing rules (declarative — "team A sees team A's records") -- Explicit shares (`sys_record_share` rows — one-off shares) +- Explicit shares (`sys_record_share` rows — one-off shares, granted to + a user, position, or unit-and-subordinates) - Organization scoping (the row's `organization_id` matches the user's organization) +Since ObjectStack 13, custom objects with an owner field default to a +**private** sharing model — declare `sharingModel` explicitly to open +them up. + See [Record Access](/docs/configure/permissions/record-access). ## Layer 5 — Field security @@ -132,13 +143,19 @@ applies uniformly across REST, ObjectQL, and Console. | If you're building … | Use | |---|---| | A single-team internal tool | Permission sets only | -| A multi-team app with managers seeing reports | Roles + permission sets | +| A multi-team app with managers seeing reports | Business units + positions + permission sets | | A multi-tenant SaaS-shaped app | Org scoping + permission sets | | A regulated app with PII | Add field security on top | | A complex CRM-style app | The full stack | ## Diagnose & audit +- The **explain engine** (`explain(principal, object, operation)`) + reports the verdict of every layer in order — required permissions, + object CRUD, field security, OWD baseline, sharing, row-level + security — with per-layer attribution. Console surfaces it as the + "Why can this user access?" panel. Explaining another user requires + the `manage_users` capability. - `/_console/` shows the effective permissions of any user as they're evaluated. - Audit log (`sys_audit_log`) records permission-sensitive changes — diff --git a/content/docs/configure/permissions/index.zh-Hans.mdx b/content/docs/configure/permissions/index.zh-Hans.mdx index af84be7..5925509 100644 --- a/content/docs/configure/permissions/index.zh-Hans.mdx +++ b/content/docs/configure/permissions/index.zh-Hans.mdx @@ -1,11 +1,11 @@ --- title: 权限 -description: 身份、角色、权限集、记录访问与字段安全 —— 一页讲完整套访问模型。 +description: 身份、岗位、权限集、记录访问与字段安全 —— 一页讲完整套访问模型。 --- # 权限 -ObjectOS 借鉴企业软件二十年来行之有效的分层访问模型:身份 → 角色 → 权限集 → 记录访问 → 字段安全。每一层回答一个不同的问题,你可以忽略用不到的层。 +ObjectOS 借鉴企业软件二十年来行之有效的分层访问模型:身份 → 岗位 → 权限集 → 记录访问 → 字段安全。每一层回答一个不同的问题,你可以忽略用不到的层。(ObjectStack 13 将旧的角色与简档概念合并为**岗位**——参见[岗位](/docs/configure/permissions/positions)。) ## 一张图说明模型 @@ -14,7 +14,7 @@ Authentication Who is the caller? ↓ Identity Which user/org/membership is active? ↓ -Roles Where do they sit in the hierarchy? +Positions Which job functions do they hold? ↓ Permission sets What CAN they do — apps, objects, fields, system? ↓ @@ -23,7 +23,7 @@ Record access WHICH records can they touch? Field security For those records, which FIELDS are readable / writable? ``` -每一层都由 security 插件强制执行。简单应用可以只使用权限集(不用角色、不用共享规则),等需求出现时再增补其余层。 +每一层都由 security 插件强制执行。简单应用可以只使用权限集(不用岗位、不用共享规则),等需求出现时再增补其余层。 ## 第 1 层 —— 身份 @@ -33,7 +33,7 @@ Field security For those records, which FIELDS are readable / writable? |---|---| | `sys_user` | 一个能认证的人或服务账号 | | `sys_org` | 租户/工作空间边界(多租户应用) | -| `sys_member` | 用户在某组织内的成员资格(按成员资格分配角色) | +| `sys_member` | 用户在某组织内的成员资格 | | `sys_business_unit`、`sys_team` | 可选的组织结构,用于共享规则 | | `sys_invitation` | 待接受的邀请 | | `sys_session` | 已认证的活动会话 | @@ -48,15 +48,15 @@ Field security For those records, which FIELDS are readable / writable? 你可以在运行时通过 **Console**(`/_console/`)创建/管理这些对象,也可以在 `objectstack.config.ts` 中为全新环境种入。 -## 第 2 层 —— 角色 +## 第 2 层 —— 岗位 -角色对组织结构建模(CFO → 财务经理 → 分析师)。它们存在的主要目的是让共享规则和报表能表达诸如"记录所有者的上级"之类的关系。需要层级访问时用角色;扁平团队则跳过。 +岗位对职能建模("销售经理"、"支持坐席")。岗位是扁平的——层级结构位于业务单元树上,因此共享规则和报表表达的是"记录所有者所在单元及下级单元"之类的关系。两个预置的受众锚点 `everyone`(所有已认证用户)和 `guest`(匿名调用者)让你无需自定义回退逻辑即可绑定基线权限集。用岗位按职能分发权限集;扁平团队可以不建自定义岗位。 -参见 [Roles](/docs/configure/permissions/roles)。 +参见[岗位](/docs/configure/permissions/positions)。 ## 第 3 层 —— 权限集 -权限集是授予能力的主要方式。它们直接附加到用户,或通过角色附加。 +权限集是授予能力的主要方式。它们直接附加到用户,或通过岗位附加。 ### 它们授予什么 @@ -81,7 +81,7 @@ Field security For those records, which FIELDS are readable / writable? | `viewAllRecords` | 读取该对象**每一条**记录,忽略记录访问规则 | | `modifyAllRecords` | 更新/删除**每一条**记录;隐含 `viewAllRecords` | -`viewAllRecords` 与 `modifyAllRecords` 是对该对象的租户级超级用户授权。仅在显式的管理权限集中使用,不要放进任何面向普通用户的角色。 +`viewAllRecords` 与 `modifyAllRecords` 是对该对象的租户级超级用户授权。仅在显式的管理权限集中使用,不要放进任何面向普通用户的岗位。 参见 [Permission Sets](/docs/configure/permissions/permission-sets)。 @@ -93,9 +93,11 @@ Field security For those records, which FIELDS are readable / writable? - 隐式所有权(用户创建或拥有的行) - 共享规则(声明式 —— "团队 A 能看到团队 A 的记录") -- 显式共享(`sys_record_share` 行——一次性共享) +- 显式共享(`sys_record_share` 行——一次性共享,可授予用户、岗位或"单元及下级单元") - 组织作用域(行的 `org_id` 与用户所在组织匹配) +自 ObjectStack 13 起,带有所有者字段的自定义对象默认使用**私有**共享模型——需要开放时请显式声明 `sharingModel`。 + 参见 [Record Access](/docs/configure/permissions/record-access)。 ## 第 5 层 —— 字段安全 @@ -117,13 +119,14 @@ Field security For those records, which FIELDS are readable / writable? | 如果你在构建 …… | 使用 | |---|---| | 单团队的内部工具 | 仅权限集 | -| 多团队、经理需要看报表的应用 | 角色 + 权限集 | +| 多团队、经理需要看报表的应用 | 业务单元 + 岗位 + 权限集 | | 多租户 SaaS 形态的应用 | 组织作用域 + 权限集 | | 带 PII 的合规应用 | 在上面叠加字段安全 | | 复杂的 CRM 类应用 | 完整栈 | ## 诊断与审计 +- **解释引擎**(`explain(principal, object, operation)`)按顺序报告每一层的判定结果——所需权限、对象 CRUD、字段安全、OWD 基线、共享、行级安全——并给出逐层归因。Console 将其呈现为"该用户为何能访问?"面板。解释其他用户需要 `manage_users` 能力。 - `/_console/` 显示任一用户当前评估出的有效权限。 -- 审计日志(`sys_audit_log`)记录权限敏感变更——授权、角色分配、权限集编辑。 +- 审计日志(`sys_audit_log`)记录权限敏感变更——授权、岗位分配、权限集编辑。 - 被拒请求记录失败的具体规则(对象权限 vs 记录访问 vs 字段安全),便于支持人员快速回答"为什么我看不到这个?"。 diff --git a/content/docs/configure/permissions/meta.json b/content/docs/configure/permissions/meta.json index 574d8f6..b5af0e9 100644 --- a/content/docs/configure/permissions/meta.json +++ b/content/docs/configure/permissions/meta.json @@ -1,4 +1,4 @@ { "title": "Permissions", - "pages": ["index", "roles", "permission-sets", "record-access"] + "pages": ["index", "positions", "permission-sets", "record-access"] } diff --git a/content/docs/configure/permissions/meta.zh-Hans.json b/content/docs/configure/permissions/meta.zh-Hans.json index 4aaf844..b35f793 100644 --- a/content/docs/configure/permissions/meta.zh-Hans.json +++ b/content/docs/configure/permissions/meta.zh-Hans.json @@ -1,4 +1,4 @@ { "title": "权限", - "pages": ["index", "roles", "permission-sets", "record-access"] + "pages": ["index", "positions", "permission-sets", "record-access"] } diff --git a/content/docs/configure/permissions/permission-sets.de.mdx b/content/docs/configure/permissions/permission-sets.de.mdx index ad6aef9..069262a 100644 --- a/content/docs/configure/permissions/permission-sets.de.mdx +++ b/content/docs/configure/permissions/permission-sets.de.mdx @@ -6,7 +6,7 @@ description: Anwendungs-, Objekt-, Feld- und Systemberechtigungen erteilen. # Berechtigungssätze Berechtigungssätze sind die wichtigste Möglichkeit, um Funktionen zu erteilen. Sie können -Benutzern direkt oder indirekt über [Rollen](/docs/configure/permissions/roles) zugewiesen werden. +Benutzern direkt oder indirekt über [Rollen](/docs/configure/permissions/positions) zugewiesen werden. ## Was Berechtigungssätze steuern diff --git a/content/docs/configure/permissions/permission-sets.es.mdx b/content/docs/configure/permissions/permission-sets.es.mdx index 0b9c04e..652d23e 100644 --- a/content/docs/configure/permissions/permission-sets.es.mdx +++ b/content/docs/configure/permissions/permission-sets.es.mdx @@ -6,7 +6,7 @@ description: Otorga permisos de aplicación, objeto, campo y sistema. # Conjuntos de permisos Los conjuntos de permisos son la forma principal de otorgar capacidades. Pueden -asignarse directamente a los usuarios o indirectamente a través de [roles](/docs/configure/permissions/roles). +asignarse directamente a los usuarios o indirectamente a través de [roles](/docs/configure/permissions/positions). ## Qué controlan los conjuntos de permisos diff --git a/content/docs/configure/permissions/permission-sets.fr.mdx b/content/docs/configure/permissions/permission-sets.fr.mdx index efbeda9..b070219 100644 --- a/content/docs/configure/permissions/permission-sets.fr.mdx +++ b/content/docs/configure/permissions/permission-sets.fr.mdx @@ -6,7 +6,7 @@ description: Accorder des autorisations d'application, d'objet, de champ et syst # Ensembles d'autorisations Les ensembles d'autorisations constituent le principal moyen d'accorder des capacités. Ils peuvent être -attribués directement aux utilisateurs ou indirectement via des [rôles](/docs/configure/permissions/roles). +attribués directement aux utilisateurs ou indirectement via des [rôles](/docs/configure/permissions/positions). ## Ce que contrôlent les ensembles d'autorisations diff --git a/content/docs/configure/permissions/permission-sets.ja.mdx b/content/docs/configure/permissions/permission-sets.ja.mdx index 23271be..25a2d02 100644 --- a/content/docs/configure/permissions/permission-sets.ja.mdx +++ b/content/docs/configure/permissions/permission-sets.ja.mdx @@ -5,7 +5,7 @@ description: アプリケーション、オブジェクト、フィールド、 # 権限セット -権限セットは、機能を付与するための主要な方法です。ユーザーに直接割り当てることも、[ロール](/docs/configure/permissions/roles)を介して間接的に割り当てることもできます。 +権限セットは、機能を付与するための主要な方法です。ユーザーに直接割り当てることも、[ロール](/docs/configure/permissions/positions)を介して間接的に割り当てることもできます。 ## 権限セットが制御するもの diff --git a/content/docs/configure/permissions/permission-sets.ko.mdx b/content/docs/configure/permissions/permission-sets.ko.mdx index 29f5619..95faf41 100644 --- a/content/docs/configure/permissions/permission-sets.ko.mdx +++ b/content/docs/configure/permissions/permission-sets.ko.mdx @@ -6,7 +6,7 @@ description: 애플리케이션, 객체, 필드, 시스템 권한을 부여합 # 권한 집합(Permission Sets) 권한 집합은 기능을 부여하는 기본적인 방법입니다. 사용자에게 직접 할당하거나 -[역할](/docs/configure/permissions/roles)을 통해 간접적으로 할당할 수 있습니다. +[역할](/docs/configure/permissions/positions)을 통해 간접적으로 할당할 수 있습니다. ## 권한 집합이 제어하는 항목 diff --git a/content/docs/configure/permissions/permission-sets.mdx b/content/docs/configure/permissions/permission-sets.mdx index 0d1c631..dbe4118 100644 --- a/content/docs/configure/permissions/permission-sets.mdx +++ b/content/docs/configure/permissions/permission-sets.mdx @@ -6,7 +6,10 @@ description: Grant application, object, field, and system permissions. # Permission Sets Permission sets are the primary way to grant capabilities. They can be -assigned directly to users or indirectly through [roles](/docs/configure/permissions/roles). +assigned directly to users or indirectly through +[positions](/docs/configure/permissions/positions). Assignments may +carry `valid_from` / `valid_until` windows — expired grants stop +resolving immediately. ## What permission sets control @@ -50,7 +53,7 @@ System permissions are for platform actions such as: - Console access; - manage users; -- manage roles and permission sets; +- manage positions and permission sets; - run reports; - export reports; - manage integrations; @@ -73,6 +76,26 @@ Start with a few named permission sets: Then add domain-specific sets for the customer's application. +Marking a set `isDefault` suggests it for assignment when the owning +package is installed (this replaces the pre-13 `isProfile` flag). + +## Delegated administration + +A permission set can carry an `adminScope` that turns its holders into +scoped administrators. The scope declares: + +- **where** delegates may act — a business-unit subtree; +- **what** they may do — `manageAssignments`, `manageBindings`, + `authorEnvironmentSets`; +- **which** permission sets they may distribute + (`assignablePermissionSets`). + +Delegates write single rows against allowlisted sets only, and every +grant is stamped with `granted_by` for audit. Granting or authoring a +set that itself has an `adminScope` requires the grantor to hold a +strictly containing scope. Tenant-level admins bypass the gate +entirely. + ## Field security (appendix) Permission sets also carry field-level grants. Even when a user can @@ -105,8 +128,12 @@ is no "back door" through a lower-level API. - Default to **hide** rather than read-only when the field carries sensitive data — read-only still leaks the value into responses and logs. -- Bundle field rules into permission sets that match a real role - (`HR Manager`, `Finance Read-only`) instead of inventing one set per - field — easier to audit. +- Always write field-permission keys **object-qualified** + (`crm_lead.budget`, not `budget`) — since ObjectStack 14.4 the + `security-fls-unqualified-key` lint rejects bare keys at compile + time, because they silently matched nothing. +- Bundle field rules into permission sets that match a real job + function (`HR Manager`, `Finance Read-only`) instead of inventing one + set per field — easier to audit. - For compliance use cases, pair field security with audit log retention so you can answer "who saw this row?" after the fact. diff --git a/content/docs/configure/permissions/permission-sets.zh-Hans.mdx b/content/docs/configure/permissions/permission-sets.zh-Hans.mdx index 5f98b12..c9e5e3a 100644 --- a/content/docs/configure/permissions/permission-sets.zh-Hans.mdx +++ b/content/docs/configure/permissions/permission-sets.zh-Hans.mdx @@ -5,7 +5,7 @@ description: 授予应用、对象、字段以及系统权限。 # 权限集 -权限集是授予能力的主要方式。它们可以直接分配给用户,或通过角色间接分配。 +权限集是授予能力的主要方式。它们可以直接分配给用户,或通过[岗位](/docs/configure/permissions/positions)间接分配。分配可以带有 `valid_from` / `valid_until` 时间窗口——过期的授权会立即失效。 ## 权限集控制什么 @@ -44,7 +44,7 @@ Can this user perform this operation on this object at all? - 访问 Console; - 管理用户; -- 管理角色和权限集; +- 管理岗位和权限集; - 运行报表; - 导出报表; - 管理集成; @@ -59,13 +59,25 @@ Can this user perform this operation on this object at all? | 权限集 | 用途 | |---|---| | Basic User | 登录并访问主应用 | -| Setup Administrator | 管理用户、角色、设置和诊断 | +| Setup Administrator | 管理用户、岗位、设置和诊断 | | Report Viewer | 查看报表和仪表盘 | | Integration Operator | 管理 Webhook/API Key | | Support User | 读取/更新支持类对象 | 再为客户的应用添加领域特定的权限集。 +将权限集标记为 `isDefault` 会在其所属软件包安装时建议分配(替代 13 之前的 `isProfile` 标志)。 + +## 委托管理(Delegated Administration) + +权限集可以携带 `adminScope`,使其持有者成为限定范围的管理员。该范围声明: + +- **在哪里**可以操作——某个业务单元子树; +- **能做什么**——`manageAssignments`、`manageBindings`、`authorEnvironmentSets`; +- **可以分发哪些**权限集(`assignablePermissionSets`)。 + +被委托者只能针对白名单内的权限集逐行写入,且每条授权都会记录 `granted_by` 供审计。授予或编写本身带有 `adminScope` 的权限集,要求授予者持有严格包含的范围。租户级管理员完全绕过此闸门。 + ## 字段安全(附录) 权限集也承载字段级授权。即使用户能读取一条记录,单独的字段也可以被隐藏或设为只读。 @@ -88,10 +100,11 @@ Can this user perform this operation on this object at all? | `sys_user` 上的 HR 数据(薪资、SSN) | 对除 `HR` 权限集外的所有人隐藏 | | 外部系统标识符 | 对支持只读,对集成运维可写 | | `product` 的内部成本 vs 客户价格 | 对销售隐藏 `cost`,对财务呈现 | -| 含 PHI 的备注字段 | 除包含相关临床角色的权限集外一律隐藏 | +| 含 PHI 的备注字段 | 除包含相关临床职能的权限集外一律隐藏 | ### 编写建议 - 当字段承载敏感数据时,默认选择**隐藏**而非只读 —— 只读仍然会把值泄漏到响应和日志中。 -- 把字段规则打包到匹配真实角色的权限集(`HR Manager`、`Finance Read-only`),而不是为每个字段单独建一套——更易审计。 +- 字段权限键必须**带对象限定**(写 `crm_lead.budget`,不要写 `budget`)——自 ObjectStack 14.4 起,`security-fls-unqualified-key` 校验会在编译期拒绝裸键,因为裸键会静默匹配不到任何字段。 +- 把字段规则打包到匹配真实职能的权限集(`HR Manager`、`Finance Read-only`),而不是为每个字段单独建一套——更易审计。 - 合规场景下,把字段安全与审计日志保留期搭配使用,事后才能回答"谁看过这条记录?"。 diff --git a/content/docs/configure/permissions/roles.de.mdx b/content/docs/configure/permissions/positions.de.mdx similarity index 100% rename from content/docs/configure/permissions/roles.de.mdx rename to content/docs/configure/permissions/positions.de.mdx diff --git a/content/docs/configure/permissions/roles.es.mdx b/content/docs/configure/permissions/positions.es.mdx similarity index 100% rename from content/docs/configure/permissions/roles.es.mdx rename to content/docs/configure/permissions/positions.es.mdx diff --git a/content/docs/configure/permissions/roles.fr.mdx b/content/docs/configure/permissions/positions.fr.mdx similarity index 100% rename from content/docs/configure/permissions/roles.fr.mdx rename to content/docs/configure/permissions/positions.fr.mdx diff --git a/content/docs/configure/permissions/roles.ja.mdx b/content/docs/configure/permissions/positions.ja.mdx similarity index 100% rename from content/docs/configure/permissions/roles.ja.mdx rename to content/docs/configure/permissions/positions.ja.mdx diff --git a/content/docs/configure/permissions/roles.ko.mdx b/content/docs/configure/permissions/positions.ko.mdx similarity index 100% rename from content/docs/configure/permissions/roles.ko.mdx rename to content/docs/configure/permissions/positions.ko.mdx diff --git a/content/docs/configure/permissions/positions.mdx b/content/docs/configure/permissions/positions.mdx new file mode 100644 index 0000000..2a0063b --- /dev/null +++ b/content/docs/configure/permissions/positions.mdx @@ -0,0 +1,140 @@ +--- +title: Positions +description: Model job functions and audience anchors with positions. +--- + +# Positions + +Positions describe the job function a user holds — "Sales Manager", +"Support Agent", "Auditor". Since ObjectStack 13 (Permission Model v2, +ADR-0090), positions are the **single** people-grouping concept: the +legacy Role and Profile frameworks were consolidated into positions and +removed from the protocol. + +Positions are intentionally **flat**. There is no `parent` field and no +position hierarchy — reporting structure and subtree-based visibility +live on the [business-unit tree](/docs/configure/permissions/record-access) +instead. + +## Position responsibilities + +Use positions to model: + +- job functions ("Sales Manager", "Recruiter", "Auditor"); +- audience targeting for apps, tabs, and books; +- approval responsibility (approvers of type `position` expand to the + current holders automatically); +- distribution of [permission sets](/docs/configure/permissions/permission-sets) + to everyone holding the same function. + +Use **business units** to model the org chart (departments, regions, +manager/subordinate structure) and **permission sets** to grant concrete +object, field, and system capabilities. + +## System objects + +| Object | Purpose | +|---|---| +| `sys_position` | Position definition (flat — no hierarchy) | +| `sys_user_position` | A user's assignment to a position | +| `sys_position_permission_set` | Permission sets distributed through a position | +| `sys_business_unit` | Org-chart tree used for hierarchy and subtree sharing | +| `sys_business_unit_member` | A user's membership in a business unit (`function_in_business_unit`) | + +Writes to the RBAC link tables (`sys_user_position`, +`sys_position_permission_set`, `sys_user_permission_set`, +`sys_permission_set`) require tenant-level admin rights or a +[delegated-admin scope](/docs/configure/permissions/permission-sets#delegated-administration) — +plain CRUD grants on those tables are not sufficient. + +## Audience anchors: `everyone` and `guest` + +Two system-managed positions are seeded in every deployment: + +| Anchor | Held by | +|---|---| +| `everyone` | Every authenticated principal, implicitly | +| `guest` | Sessionless (anonymous) HTTP principals only | + +Bind a permission set to `everyone` to grant a baseline to all signed-in +users; bind to `guest` to open something to anonymous visitors. Bindings +are additive, and the platform refuses to bind high-privilege sets +(View All / Modify All, delete/purge/transfer, system permissions, +wildcards) to these anchors. + +The configured baseline permission set (`fallbackPermissionSet`, default +`member_default`) applies through the same `everyone` binding path. Note +that since ObjectStack 14.2 the member baseline no longer includes +**delete** — record deletion must be granted explicitly per object +through position-distributed permission sets. + +## Effective-dated assignments + +Position and permission-set assignments carry optional `valid_from` / +`valid_until` windows (half-open, UTC; null means unbounded). Expired +grants stop resolving immediately — useful for temporary coverage, +contractors, and certification-bound access. Each grant can record a +`reason` and, for delegations, `delegated_from`. + +A position marked `delegatable: true` allows its current holders to +self-delegate it to another user for a bounded window (a future +`valid_until` capped at 30 days, mandatory reason). Positions that +distribute admin-scoped permission sets can never be delegatable. + +## Recommended pattern + +Keep a small, stable set of function-shaped positions: + +```text +Sales Manager +Sales Representative +Support Manager +Support Agent +``` + +Model the org chart as business units: + +```text +Sales + ├─ EMEA + └─ AMER +Support +``` + +Then attach permission sets to positions for capabilities: + +```text +Sales Manager position + -> CRM User + -> Sales Manager Access + -> Report Viewer +``` + +This keeps positions stable while permissions evolve independently. + +## Avoid + +- one position per individual user; +- duplicating every permission inside every position; +- using position names as business-logic checks; +- rebuilding hierarchy on positions — subtree visibility belongs to + business units and + [record sharing](/docs/configure/permissions/record-access); +- granting broad access through manager positions when record sharing + would be more precise. + +## Migrating from roles (pre-13) + +If you are upgrading metadata authored against ObjectStack 12 or +earlier: + +| Legacy | Current | +|---|---| +| `sys_role` / `sys_user_role` / `sys_role_permission_set` | `sys_position` / `sys_user_position` / `sys_position_permission_set` | +| `defineRole` / `RoleSchema` (with `parent`) | `definePosition` / `PositionSchema` (flat) | +| Metadata kind `role` or `profile` | `position` | +| Sharing recipient `role` / `role_and_subordinates` | `position` / `unit_and_subordinates` | +| `PermissionSetSchema.isProfile` | Removed — `isDefault` marks install-time suggestions | + +Role hierarchies must be re-modeled as business-unit trees. `os lint` +flags leftover role vocabulary via the `security-role-word` rule. diff --git a/content/docs/configure/permissions/positions.zh-Hans.mdx b/content/docs/configure/permissions/positions.zh-Hans.mdx new file mode 100644 index 0000000..fe2ce7f --- /dev/null +++ b/content/docs/configure/permissions/positions.zh-Hans.mdx @@ -0,0 +1,121 @@ +--- +title: 岗位 +description: 使用岗位对职能和受众锚点进行建模。 +--- + +# 岗位(Positions) + +岗位描述用户所承担的职能——"销售经理"、"支持坐席"、"审计员"。 +自 ObjectStack 13(权限模型 v2,ADR-0090)起,岗位是**唯一**的人员分组概念: +旧的角色(Role)和简档(Profile)框架已合并为岗位,并从协议中移除。 + +岗位刻意保持**扁平**。岗位没有 `parent` 字段,也没有岗位层级—— +汇报结构和基于子树的可见性由[业务单元树](/docs/configure/permissions/record-access)承载。 + +## 岗位职责 + +使用岗位来建模: + +- 职能("销售经理"、"招聘专员"、"审计员"); +- 应用、选项卡和知识库(Book)的受众定向; +- 审批职责(类型为 `position` 的审批人会自动展开为当前岗位持有者); +- 向持有相同职能的所有用户分发[权限集](/docs/configure/permissions/permission-sets)。 + +使用**业务单元**来建模组织架构(部门、区域、上下级结构),使用**权限集**来授予具体的对象、字段和系统能力。 + +## 系统对象 + +| 对象 | 用途 | +|---|---| +| `sys_position` | 岗位定义(扁平——无层级) | +| `sys_user_position` | 用户的岗位分配 | +| `sys_position_permission_set` | 通过岗位分发的权限集 | +| `sys_business_unit` | 用于层级和子树共享的组织架构树 | +| `sys_business_unit_member` | 用户在业务单元中的成员身份(`function_in_business_unit`) | + +对 RBAC 关联表(`sys_user_position`、`sys_position_permission_set`、 +`sys_user_permission_set`、`sys_permission_set`)的写入需要租户级管理员权限或 +[委托管理范围](/docs/configure/permissions/permission-sets#委托管理delegated-administration)—— +仅对这些表授予普通 CRUD 权限是不够的。 + +## 受众锚点:`everyone` 与 `guest` + +每个部署都会预置两个系统管理的岗位: + +| 锚点 | 持有者 | +|---|---| +| `everyone` | 所有已认证的主体(隐式持有) | +| `guest` | 仅无会话(匿名)HTTP 主体 | + +将权限集绑定到 `everyone` 可为所有已登录用户授予基线权限;绑定到 `guest` +可向匿名访问者开放内容。绑定是叠加式的,并且平台会拒绝将高权限集 +(View All / Modify All、删除/清除/转移、系统权限、通配符)绑定到这些锚点。 + +配置的基线权限集(`fallbackPermissionSet`,默认 `member_default`)通过同一条 +`everyone` 绑定路径生效。注意:自 ObjectStack 14.2 起,成员基线不再包含**删除**权限—— +记录删除必须按对象通过岗位分发的权限集显式授予。 + +## 带生效期的分配 + +岗位与权限集分配支持可选的 `valid_from` / `valid_until` 时间窗口 +(半开区间,UTC;null 表示无界)。过期的授权会立即失效——适用于临时代班、 +外包人员和与认证绑定的访问。每条授权可以记录 `reason`,委托授权还会记录 +`delegated_from`。 + +标记为 `delegatable: true` 的岗位允许其当前持有者在有限时间窗口内将岗位自助 +委托给其他用户(必须设置未来的 `valid_until`,上限 30 天,且必须填写原因)。 +分发了管理范围(adminScope)权限集的岗位永远不能被委托。 + +## 推荐模式 + +保持一组精简、稳定、以职能为单位的岗位: + +```text +Sales Manager +Sales Representative +Support Manager +Support Agent +``` + +用业务单元建模组织架构: + +```text +Sales + ├─ EMEA + └─ AMER +Support +``` + +然后为岗位附加权限集: + +```text +Sales Manager 岗位 + -> CRM User + -> Sales Manager Access + -> Report Viewer +``` + +这样可以保持岗位稳定,同时允许权限独立演进。 + +## 应避免 + +- 为每个用户单独创建一个岗位; +- 在每个岗位中重复定义所有权限; +- 将岗位名称用作业务逻辑判断条件; +- 在岗位上重建层级结构——子树可见性属于业务单元和[记录共享](/docs/configure/permissions/record-access); +- 在记录共享能更精确实现需求时,却通过管理岗位授予宽泛的访问权限。 + +## 从角色迁移(13 之前) + +如果你要升级针对 ObjectStack 12 或更早版本编写的元数据: + +| 旧版 | 现行 | +|---|---| +| `sys_role` / `sys_user_role` / `sys_role_permission_set` | `sys_position` / `sys_user_position` / `sys_position_permission_set` | +| `defineRole` / `RoleSchema`(含 `parent`) | `definePosition` / `PositionSchema`(扁平) | +| 元数据类型 `role` 或 `profile` | `position` | +| 共享接收者 `role` / `role_and_subordinates` | `position` / `unit_and_subordinates` | +| `PermissionSetSchema.isProfile` | 已移除——`isDefault` 用于标记安装时的建议分配范围 | + +角色层级必须重新建模为业务单元树。`os lint` 会通过 `security-role-word` +规则标记遗留的角色词汇。 diff --git a/content/docs/configure/permissions/record-access.mdx b/content/docs/configure/permissions/record-access.mdx index 360883a..05d702a 100644 --- a/content/docs/configure/permissions/record-access.mdx +++ b/content/docs/configure/permissions/record-access.mdx @@ -14,8 +14,32 @@ permissions allow the operation. |---|---| | Row-level security | Enforce tenant or organization isolation | | Sharing rules | Grant access based on declarative criteria | -| Record shares | Grant access to a specific user, role, or group | -| Ownership/hierarchy | Grant access through owner or manager structure | +| Record shares | Grant access to a specific user, position, or unit (with subordinates) | +| Ownership/hierarchy | Grant access through the owner and the business-unit tree | + +## Sharing model defaults + +Every object declares (or inherits) a `sharingModel` that sets the +organization-wide default: `private`, `public_read`, +`public_read_write`, or `controlled_by_parent`. + +Since ObjectStack 13, custom objects that carry an owner field and do +not declare a `sharingModel` default to **private** — records are +visible to their owner (and admins) until a sharing rule, record share, +or wider default opens them up. Declare the model explicitly to restore +open behavior: + +```ts +defineObject({ + name: 'crm_lead', + sharingModel: 'public_read_write', + // … +}); +``` + +The pre-13 aliases `read`, `read_write`, and `full` were removed; +`os compile` flags unset or aliased models via the `security-owd-unset` +and `security-owd-alias` lints. ## Default tenant isolation @@ -53,8 +77,14 @@ When a user cannot see a record, check in this order: 1. Is the user authenticated and in the expected organization? 2. Does the user have object `read` permission? -3. Does row-level security allow the record? -4. Is there a sharing rule that should apply? -5. Is there a direct record share? -6. Is the record owned by a user or role in the expected hierarchy? -7. Is the user looking at the correct project/hostname? +3. What is the object's `sharingModel` (custom objects default to + `private` since ObjectStack 13)? +4. Does row-level security allow the record? +5. Is there a sharing rule that should apply? +6. Is there a direct record share? +7. Is the record owned by a user in the expected business-unit subtree? +8. Is the user looking at the correct project/hostname? + +The [explain engine](/docs/configure/permissions#diagnose--audit) +answers all of these in one call — it reports each layer's verdict and +which grant (or missing grant) decided the outcome. diff --git a/content/docs/configure/permissions/record-access.zh-Hans.mdx b/content/docs/configure/permissions/record-access.zh-Hans.mdx index 87f4e99..f2316e9 100644 --- a/content/docs/configure/permissions/record-access.zh-Hans.mdx +++ b/content/docs/configure/permissions/record-access.zh-Hans.mdx @@ -13,8 +13,24 @@ description: 控制用户可以看到或修改哪些记录。 |---|---| | 行级安全 | 强制租户或组织隔离 | | 共享规则 | 按声明式条件授予访问 | -| 记录共享 | 授予某用户、角色或组对特定记录的访问 | -| 所有权/层级 | 通过所有者或上级结构授予访问 | +| 记录共享 | 授予某用户、岗位或"单元及下级单元"对特定记录的访问 | +| 所有权/层级 | 通过所有者和业务单元树授予访问 | + +## 共享模型默认值 + +每个对象都声明(或继承)一个 `sharingModel`,用于设定组织级默认值:`private`、`public_read`、`public_read_write` 或 `controlled_by_parent`。 + +自 ObjectStack 13 起,带有所有者字段但未声明 `sharingModel` 的自定义对象默认使用**私有**模型——记录仅对其所有者(和管理员)可见,直到共享规则、记录共享或更宽的默认值将其开放。需要开放行为时请显式声明: + +```ts +defineObject({ + name: 'crm_lead', + sharingModel: 'public_read_write', + // … +}); +``` + +13 之前的别名 `read`、`read_write`、`full` 已被移除;`os compile` 会通过 `security-owd-unset` 与 `security-owd-alias` 校验规则标记未设置或使用别名的模型。 ## 默认租户隔离 @@ -50,8 +66,11 @@ explicitly shared with them. 1. 用户是否已认证并处于预期组织? 2. 用户是否拥有对象 `read` 权限? -3. 行级安全是否允许该记录? -4. 是否有共享规则应当生效? -5. 是否存在直接的记录共享? -6. 该记录是否归属于预期层级中的用户或角色? -7. 用户是否在正确的项目/主机名下? +3. 该对象的 `sharingModel` 是什么(自 ObjectStack 13 起自定义对象默认 `private`)? +4. 行级安全是否允许该记录? +5. 是否有共享规则应当生效? +6. 是否存在直接的记录共享? +7. 该记录是否归属于预期业务单元子树中的用户? +8. 用户是否在正确的项目/主机名下? + +[解释引擎](/docs/configure/permissions#诊断与审计)可以一次性回答上述所有问题——它报告每一层的判定结果,以及是哪条授权(或缺失的授权)决定了最终结果。 diff --git a/content/docs/configure/permissions/roles.mdx b/content/docs/configure/permissions/roles.mdx deleted file mode 100644 index cf92dfb..0000000 --- a/content/docs/configure/permissions/roles.mdx +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Roles -description: Model hierarchy and management responsibility with roles. ---- - -# Roles - -Roles describe a user's position in the organization. They are useful for -hierarchy and management responsibility, but they should not become the -only way to grant permissions. - -## Role responsibilities - -Use roles to model: - -- manager/subordinate relationships; -- department or team hierarchy; -- record visibility based on ownership hierarchy; -- approval responsibility; -- reporting structure. - -Use [permission sets](/docs/configure/permissions/permission-sets) to grant -concrete object, field, and system capabilities. - -## System objects - -| Object | Purpose | -|---|---| -| `sys_role` | Role definition and hierarchy | -| `sys_role_permission_set` | Permission sets assigned through a role | -| `sys_member` | User's organization membership and role context | - -## Recommended pattern - -Start with a small role hierarchy: - -```text -System Administrator -Sales Director -Sales Manager -Sales Representative -Support Manager -Support Agent -``` - -Then attach permission sets for capabilities: - -```text -Sales Manager role - -> CRM User - -> Sales Manager Access - -> Report Viewer -``` - -This keeps the role tree stable while allowing permissions to evolve. - -## Avoid - -- one role per individual user; -- duplicating every permission inside every role; -- using role names as business logic checks; -- granting broad access through manager roles when - [record sharing](/docs/configure/permissions/record-access) would be more - precise. diff --git a/content/docs/configure/permissions/roles.zh-Hans.mdx b/content/docs/configure/permissions/roles.zh-Hans.mdx deleted file mode 100644 index f0f7311..0000000 --- a/content/docs/configure/permissions/roles.zh-Hans.mdx +++ /dev/null @@ -1,59 +0,0 @@ ---- -title: 角色 -description: 使用角色对层级结构和管理职责进行建模。 ---- - -# 角色 - -角色描述用户在组织中的位置。它们对于表达层级结构和管理职责很有用,但不应成为授予权限的唯一方式。 - -## 角色职责 - -使用角色来建模: - -- 上下级(经理/下属)关系; -- 部门或团队层级结构; -- 基于所有权层级的记录可见性; -- 审批职责; -- 汇报结构。 - -使用[权限集](/docs/configure/permissions/permission-sets)来授予具体的对象、字段和系统能力。 - -## 系统对象 - -| 对象 | 用途 | -|---|---| -| `sys_role` | 角色定义与层级结构 | -| `sys_role_permission_set` | 通过角色分配的权限集 | -| `sys_member` | 用户的组织成员身份与角色上下文 | - -## 推荐模式 - -从一个精简的角色层级开始: - -```text -System Administrator -Sales Director -Sales Manager -Sales Representative -Support Manager -Support Agent -``` - -然后为各项能力附加权限集: - -```text -Sales Manager role - -> CRM User - -> Sales Manager Access - -> Report Viewer -``` - -这样可以保持角色树的稳定,同时允许权限不断演进。 - -## 应避免 - -- 为每个用户单独创建一个角色; -- 在每个角色中重复定义所有权限; -- 将角色名称用作业务逻辑判断条件; -- 在[记录共享](/docs/configure/permissions/record-access)能更精确实现需求时,却通过经理角色授予宽泛的访问权限。 diff --git a/content/docs/reference/cli.mdx b/content/docs/reference/cli.mdx index 7e27225..92ead69 100644 --- a/content/docs/reference/cli.mdx +++ b/content/docs/reference/cli.mdx @@ -107,11 +107,21 @@ os create example my-example | `os explain ` | Human-readable explanation of an object schema | | `os doctor` | Health check: detects circular deps, broken refs, env issues | | `os generate` (`os g`) | Generate TypeScript types / metadata files | +| `os db clean` | One-time SQLite `VACUUM` + enable incremental auto-vacuum; reports reclaimed bytes (14.5+) | `os doctor` is the **first thing to run when something feels off** — it catches misconfigurations the runtime would only surface as a runtime warning. +Since ObjectStack 13, `os compile` also gates the build on +**security posture**: `validateSecurityPosture` errors (unset/aliased +sharing models, high-privilege anchor bindings, leftover role +vocabulary, unqualified field-permission keys, …) fail the build, and +`os lint` reports them earlier in the loop. If you commit an +`access-matrix.json` snapshot, any permission-capability drift fails +`os compile` until re-snapshotted with `--update-access-matrix` — +every capability change becomes reviewable. + ## Data commands Operate on records from the terminal — useful for seeding, migrations, diff --git a/content/docs/reference/cli.zh-Hans.mdx b/content/docs/reference/cli.zh-Hans.mdx index e6b854d..1cbcc26 100644 --- a/content/docs/reference/cli.zh-Hans.mdx +++ b/content/docs/reference/cli.zh-Hans.mdx @@ -100,9 +100,12 @@ os create example my-example | `os explain ` | 对象 schema 的可读说明 | | `os doctor` | 健康检查:检测循环依赖、断裂引用、环境问题 | | `os generate` (`os g`) | 生成 TypeScript 类型/元数据文件 | +| `os db clean` | 一次性 SQLite `VACUUM` + 开启增量 auto-vacuum;报告回收字节数(14.5+) | `os doctor` 是**感觉不对劲时首先要运行的命令** —— 它能捕获运行时只会以警告呈现的配置错误。 +自 ObjectStack 13 起,`os compile` 还会以**安全态势**闸门构建:`validateSecurityPosture` 错误(未设置/使用别名的共享模型、高权限锚点绑定、遗留角色词汇、未带对象限定的字段权限键等)会导致构建失败,`os lint` 则在更早阶段报告它们。如果提交了 `access-matrix.json` 快照,任何权限能力漂移都会让 `os compile` 失败,直到用 `--update-access-matrix` 重新生成快照——每次能力变更都变得可审查。 + ## 数据命令 从终端操作记录 —— 用于种子数据、迁移和 CI 冒烟测试。 diff --git a/content/docs/reference/environment-variables.mdx b/content/docs/reference/environment-variables.mdx index ecd6ee8..a680b90 100644 --- a/content/docs/reference/environment-variables.mdx +++ b/content/docs/reference/environment-variables.mdx @@ -72,6 +72,13 @@ artifact. As a last resort the framework also honours: | `OS_BUSINESS_DB_URL` | ObjectOS wrapper convention for the per-project business database URL. Resolve it to `OS_DATABASE_URL` or a runtime datasource override in your deployment. | | `OS_CACHE_DIR` | Local artifact and runtime cache directory (default `/var/cache/objectos`). | | `OS_SKIP_SCHEMA_SYNC` | Set to `1` to skip ObjectQL DDL sync at boot. Use when schema is managed out-of-band. | +| `OS_TELEMETRY_DB` | Dedicated datasource for lifecycle-classed system data (14.5+). `objectstack dev` auto-provisions `.telemetry.db`; set to `0` to opt out, or to a path/URL to opt in anywhere. | + +## Data lifecycle + +| Variable | Default | Description | +|---|---:|---| +| `OS_LIFECYCLE_DISABLED` | unset (service on) | Set to `1` to disable the LifecycleService (retention reaper, table rotation, audit archiver — 14.4+). Retention windows themselves are tuned via the `lifecycle.retention_overrides` setting, not env vars. | For ObjectOS customer deployments, prefer explicit control-plane runtime configuration or artifact datasource configuration over relying on diff --git a/content/docs/reference/environment-variables.zh-Hans.mdx b/content/docs/reference/environment-variables.zh-Hans.mdx index db82b14..288a0ee 100644 --- a/content/docs/reference/environment-variables.zh-Hans.mdx +++ b/content/docs/reference/environment-variables.zh-Hans.mdx @@ -65,6 +65,13 @@ description: ObjectOS 运行时环境变量参考。 | `OS_BUSINESS_DB_URL` | ObjectOS wrapper 对每个项目业务数据库 URL 的约定。在部署中将其解析到 `OS_DATABASE_URL` 或运行时数据源覆盖。 | | `OS_CACHE_DIR` | 本地 artifact 与运行时缓存目录(默认 `/var/cache/objectos`)。 | | `OS_SKIP_SCHEMA_SYNC` | 设为 `1` 时在启动时跳过 ObjectQL DDL 同步。schema 由外部管理时使用。 | +| `OS_TELEMETRY_DB` | 生命周期类系统数据的专用数据源(14.5+)。`objectstack dev` 自动预置 `.telemetry.db`;设为 `0` 可关闭,设为路径/URL 可在任意环境开启。 | + +## 数据生命周期 + +| 变量 | 默认 | 说明 | +|---|---:|---| +| `OS_LIFECYCLE_DISABLED` | 未设置(服务开启) | 设为 `1` 可禁用 LifecycleService(保留期回收器、表轮换、审计归档器——14.4+)。保留期窗口本身通过 `lifecycle.retention_overrides` 设置调整,而非环境变量。 | 对 ObjectOS 客户部署,优先使用显式控制平面运行时配置或 artifact 数据源配置,而非依赖容器本地默认值。 diff --git a/content/docs/reference/security.mdx b/content/docs/reference/security.mdx index da63c11..6cd6632 100644 --- a/content/docs/reference/security.mdx +++ b/content/docs/reference/security.mdx @@ -54,26 +54,53 @@ Built-in (via `@objectstack/plugin-auth`, powered by Better Auth): - two-factor (TOTP) - passkeys / WebAuthn - magic links +- phone number + SMS OTP sign-in and password reset (opt-in via + `auth.plugins.phoneNumber`; Aliyun / Twilio transports, rate-limited) - CLI/browser device flow - API keys (hashed, expirable, revocable, bound to a user) +- self-serve OAuth 2.1 for MCP clients (authorization-code + PKCE, + dynamic client registration, scope-derived permission ceiling) +- admin-driven user creation and bulk import (one-time passwords with + forced rotation via `must_change_password`) See [Authentication](/docs/configure/authentication). ## Authorization -Layered enforcement (via `@objectstack/plugin-security`): +Layered enforcement (via `@objectstack/plugin-security`), following +Permission Model v2 (ObjectStack 13, ADR-0090): -1. **Object permissions** — CRUD per object per permission set -2. **Row-level security** — declarative policy expressions injected into +1. **Object permissions** — CRUD per object per permission set, + distributed to users directly or through flat **positions** +2. **Org-wide defaults** — custom objects with an owner default to a + `private` sharing model; anonymous data access is denied by default +3. **Row-level security** — declarative policy expressions injected into queries; not optional -3. **Field-level security** — fields stripped from responses / - rejected on write -4. **Organization scoping** — multi-tenant isolation; bypass requires +4. **Field-level security** — fields stripped from responses / + rejected on write (keys are object-qualified, lint-enforced) +5. **Organization scoping** — multi-tenant isolation; bypass requires explicit `viewAllRecords` System-context operations bypass checks so internal jobs / migrations can run — these paths are auditable. +Supporting machinery: + +- **Explain engine** — `explain(principal, object, operation)` reports + every layer's verdict with per-layer attribution, using the same + evaluators as enforcement (no drift by construction). +- **Author-time lints** — `os compile` gates the build on security + posture (`security-owd-unset`, `security-anchor-high-privilege`, + `security-fls-unqualified-key`, …), and an optional committed + `access-matrix.json` snapshot makes any capability drift fail CI + until explicitly re-approved. +- **Delegated administration** — permission sets can carry an + `adminScope` so sub-admins manage assignments only within their + business-unit subtree, from an allowlist, with `granted_by` audit. +- **MCP scope ceiling** — OAuth-connected AI agents run under + `effective_permission = scope_ceiling ∩ user_grants` + (`data:read` / `data:write` / `actions:execute`), failing closed. + See [Permissions](/docs/configure/permissions). ## Audit & evidence @@ -84,7 +111,10 @@ When the audit capability is loaded (`@objectstack/plugin-audit`): - Before/after values for field changes. - Authentication, permission grants, session revocation events. - Audit rows are **immutable**: cannot be modified, only archived. -- Retention is configurable; pair with your DB's archive policy. +- Retention is declared on the object's `lifecycle` block + (`sys_audit_log` ships with 90 days hot, then archive) and tuned per + environment via `lifecycle.retention_overrides`; pair with your DB's + archive policy. This is the evidence base for SOC 2 CC6/CC7, ISO 27001 A.12.4, HIPAA §164.312(b), and GDPR Article 30. diff --git a/content/docs/reference/security.zh-Hans.mdx b/content/docs/reference/security.zh-Hans.mdx index 7db199a..c07704b 100644 --- a/content/docs/reference/security.zh-Hans.mdx +++ b/content/docs/reference/security.zh-Hans.mdx @@ -47,22 +47,33 @@ ObjectOS **零外发调用**,除非你显式配置(OIDC discovery、邮件提 - 双因素(TOTP) - Passkey / WebAuthn - 魔法链接 +- 手机号 + 短信 OTP 登录与密码重置(通过 `auth.plugins.phoneNumber` 显式开启;支持阿里云 / Twilio 通道,自带限流) - CLI/浏览器设备流 - API key(哈希、可过期、可撤销、绑定到用户) +- 面向 MCP 客户端的自助 OAuth 2.1(授权码 + PKCE、动态客户端注册、按 scope 推导权限上限) +- 管理员直接创建用户与批量导入(一次性密码 + `must_change_password` 强制轮换) 见[认证](/docs/configure/authentication)。 ## 授权 -分层强制(通过 `@objectstack/plugin-security`): +分层强制(通过 `@objectstack/plugin-security`),遵循权限模型 v2(ObjectStack 13,ADR-0090): -1. **对象权限** —— 每个权限集对每个对象的 CRUD -2. **行级安全** —— 注入查询的声明式策略表达式;不可选 -3. **字段级安全** —— 响应中剥离字段 / 写入时拒绝 -4. **组织作用域** —— 多租户隔离;绕过需要显式 `viewAllRecords` +1. **对象权限** —— 每个权限集对每个对象的 CRUD,直接分配给用户或通过扁平的**岗位**分发 +2. **组织级默认值(OWD)** —— 带所有者的自定义对象默认 `private` 共享模型;匿名数据访问默认拒绝 +3. **行级安全** —— 注入查询的声明式策略表达式;不可选 +4. **字段级安全** —— 响应中剥离字段 / 写入时拒绝(键带对象限定,由校验规则强制) +5. **组织作用域** —— 多租户隔离;绕过需要显式 `viewAllRecords` 系统上下文操作绕过检查以便内部作业 / 迁移可运行 —— 这些路径可审计。 +配套机制: + +- **解释引擎** —— `explain(principal, object, operation)` 按层报告判定结果并逐层归因,与强制执行使用相同的求值器(构造上不漂移)。 +- **编写期校验** —— `os compile` 以安全态势闸门构建(`security-owd-unset`、`security-anchor-high-privilege`、`security-fls-unqualified-key` 等);可选提交 `access-matrix.json` 快照,任何能力漂移都会让 CI 失败,直到显式重新批准。 +- **委托管理** —— 权限集可携带 `adminScope`,子管理员只能在其业务单元子树内、按白名单管理分配,且记录 `granted_by` 审计。 +- **MCP 权限上限** —— 通过 OAuth 接入的 AI 代理在 `effective_permission = scope_ceiling ∩ user_grants` 下运行(`data:read` / `data:write` / `actions:execute`),失败即关闭。 + 见[权限](/docs/configure/permissions)。 ## 审计与证据 @@ -73,7 +84,7 @@ ObjectOS **零外发调用**,除非你显式配置(OIDC discovery、邮件提 - 字段变更的前后值。 - 认证、权限授予、会话撤销事件。 - 审计行**不可变**:不能修改,只能归档。 -- 保留期可配置;与你的 DB 归档策略配合。 +- 保留期在对象的 `lifecycle` 块上声明(`sys_audit_log` 出厂为热存 90 天后归档),可通过 `lifecycle.retention_overrides` 按环境调整;与你的 DB 归档策略配合。 这是 SOC 2 CC6/CC7、ISO 27001 A.12.4、HIPAA §164.312(b) 和 GDPR Article 30 的证据基础。 diff --git a/content/docs/resources/changelog.mdx b/content/docs/resources/changelog.mdx index 1d9cc0e..8fc836a 100644 --- a/content/docs/resources/changelog.mdx +++ b/content/docs/resources/changelog.mdx @@ -11,9 +11,9 @@ ObjectOS follows **[Semantic Versioning](https://semver.org/)**: `MAJOR.MINOR.PA | Version bump | What it means | What to do | |---|---|---| -| **Patch** (`10.0.0 → 10.0.1`) | Bug fixes, no behavior change | Roll forward, no app changes needed | -| **Minor** (`10.0 → 10.1`) | New features, backward-compatible | Roll forward, optionally adopt new features | -| **Major** (`9 → 10`) | Breaking changes documented in release notes | Read the migration guide before upgrading | +| **Patch** (`14.7.0 → 14.7.1`) | Bug fixes, no behavior change | Roll forward, no app changes needed | +| **Minor** (`14.6 → 14.7`) | New features, backward-compatible | Roll forward, optionally adopt new features | +| **Major** (`13 → 14`) | Breaking changes documented in release notes | Read the migration guide before upgrading | All `@objectstack/*` packages release together with a synchronized version number — they're tested as a matrix, not independently. @@ -22,7 +22,7 @@ version number — they're tested as a matrix, not independently. | Component | Compatibility rule | |---|---| -| ObjectOS image ↔ compiled artifact | Same minor version. A 10.2.x image runs a 10.2.x artifact; a 10.2 artifact may use features unavailable in a 10.0 image. | +| ObjectOS image ↔ compiled artifact | Same minor version. A 14.7.x image runs a 14.7.x artifact; a 14.7 artifact may use features unavailable in a 14.0 image. The protocol handshake (`PROTOCOL_VERSION`, 12.0+) rejects incompatible packages at install time. | | ObjectOS ↔ CLI | Same minor version recommended. The CLI in `npm i -g` writes scaffolds pinned to its own version. | | ObjectOS ↔ database driver | Driver pinned by image build; verify Postgres ≥ 13 / MongoDB ≥ 5 / Turso (any current). | | Node.js | **20 LTS or newer**. 22 LTS recommended for new deployments. | @@ -31,9 +31,9 @@ version number — they're tested as a matrix, not independently. | Branch | Status | Until | |---|---|---| -| **10.x** (current) | Active development; new features and fixes | At least 12 months after 11.0 ships | -| **9.x** | Security fixes only | EOL on 11.0 release | -| **≤ 8.x** | Unsupported | Already EOL | +| **14.x** (current) | Active development; new features and fixes | At least 12 months after 15.0 ships | +| **13.x** | Security fixes only | EOL on 15.0 release | +| **≤ 12.x** | Unsupported | Already EOL | Critical security fixes are backported to the current and previous major. Everything else lands on `main`. @@ -51,14 +51,109 @@ Subscribe to releases on GitHub to get notified. ## Recent highlights -### 10.x — current release train - -ObjectOS One and the bundled server now ship on `@objectstack` **10.2.0**. -Despite the major bump, the runtime boot contract is unchanged — -`createStandaloneStack` still takes the same artifact, environment, and -database settings — and every breaking change lands in the multi-org tenancy -layer, so a **single-tenant ObjectOS deployment (the default) rolls forward -from 9.x with no config changes**. What moved: +### 14.x — current release train + +ObjectOS One and the bundled server now ship on `@objectstack` **14.7.0**. +The runtime boot contract is unchanged — `createStandaloneStack` takes the +same artifact, environment, and database settings — but 13.0 and 14.0 both +land breaking changes in the authorization vocabulary, so **review your +permission metadata before rolling forward from ≤ 12.x**. Full notes: +[docs.objectstack.ai/docs/releases](https://docs.objectstack.ai/docs/releases). +What moved in 14.x: + +- **ADR-0090 vocabulary convergence completed** (14.0, breaking) — + `book.audience` gates on `{ permissionSet }` (was `{ profile }`), + `PortalSchema.profiles` → `positions`, `RLSUserContextSchema.role` → + `positions` (string array), `sys_record_share.recipient_type: 'role'` → + `'position'`. +- **Object capability flags are enforced** (14.0, breaking-ish) — the + `enable.*` flags went from parsed-but-unused to real gates. + `activities` and `feeds` are opt-out (default `true`; `feeds: false` + rejects comments with 403 `FEEDS_DISABLED`), `trackHistory` drives the + History tab, and `files` is opt-in (403 `FILES_DISABLED` until + `enable: { files: true }`). +- **Member baseline lost delete** (14.2, breaking) — `member_default` no + longer grants record deletion; re-grant per object through + position-distributed permission sets. +- **Admin user management & phone auth** (14.3) — direct user creation + (`POST /api/v1/auth/admin/create-user`, one-time passwords with forced + rotation), bulk import (rows/CSV/XLSX, dry-run, upsert), opt-in phone + sign-in with SMS OTP via `@objectstack/plugin-sms` (Aliyun / Twilio), + and an `sms` notification channel. +- **Data-lifecycle contract** (14.4, ADR-0057) — objects declare + `lifecycle` (class, retention, rotation, archive); the default-on + LifecycleService reaps, rotates, and archives platform data + (`sys_activity` 14 days, `sys_audit_log` 90 days hot). Disable with + `OS_LIFECYCLE_DISABLED=1`; tune via `lifecycle.retention_overrides`. + 14.5 removed the per-plugin `retentionDays` / `retentionSweepMs` + options (`JobRunRetention`, `NotificationRetention`) in favor of + lifecycle declarations, and split lifecycle-classed system data into a + dedicated telemetry datasource (`OS_TELEMETRY_DB`); `os db clean` + reclaims SQLite space. +- **Effective-dated grants & delegation** (14.4, ADR-0091) — position and + permission-set assignments support `valid_from` / `valid_until` + windows (fail-closed, no background job), and `delegatable` positions + let holders self-delegate for a bounded window (≤ 30 days, reason + required, never admin scopes). +- **MCP scope ceiling** (14.5, ADR-0090 D10) — OAuth-connected agents run + under `effective_permission = scope_ceiling ∩ user_grants` + (`data:read` / `data:write` / `actions:execute`), failing closed. +- **Security fixes** (14.4–14.5) — FLS keys must be object-qualified + (bare keys silently matched nothing; now lint-rejected with autofix); + settings and share-link routes no longer trust spoofable + `x-user-id`-style headers; analytics queries are scoped to the + caller's read filter. + +### 13.x — Permission Model v2 + +`@objectstack` **13.0** restructured authorization (ADR-0090). Breaking: + +- **Roles and Profiles converge on Positions** — `sys_role*` tables, + `RoleSchema` / `defineRole`, metadata kinds `role` / `profile`, and + `ExecutionContext.roles[]` are gone; positions are flat and hierarchy + moved to the business-unit tree. Sharing recipients renamed + (`role` → `position`, `role_and_subordinates` → `unit_and_subordinates`). +- **Custom objects default to private** — an owner-carrying object with + no explicit `sharingModel` is now private; the `read` / `read_write` / + `full` OWD aliases were removed. Declare `sharingModel: + 'public_read_write'` to restore prior behavior. +- **RBAC link-table writes gated** — writes to `sys_user_position`, + `sys_position_permission_set`, `sys_user_permission_set`, and + `sys_permission_set` require tenant admin or a delegated-admin scope. + +And new: `everyone` / `guest` audience anchors, delegated administration +(`PermissionSet.adminScope`), the `explain()` engine with per-layer +attribution, the access-matrix snapshot gate for `os compile`, +self-serve OAuth 2.1 for MCP clients, author-time security lints +(`validateSecurityPosture`), per-operation `Object.requiredPermissions` +maps, and package namespace-prefix enforcement. Never-enforced schemas +(compliance / masking / global-RLS configs) were removed outright. + +### 12.x + +`@objectstack` **12.0** hardened the API default posture: + +- **Anonymous data access denied by default** (breaking) — + `api.requireAuth` now defaults to `true`; anonymous `/data/*` requests + get 401. Public-data deployments must opt out explicitly with + `api: { requireAuth: false }` (boot warning). Share links, public + forms, `/auth`, and `/health` are unaffected. +- **Enforced protocol handshake** — `PROTOCOL_VERSION` + + `checkProtocolCompat()` reject incompatible packages at install time. +- **Adaptive record surfaces** — records derive page vs. modal/drawer + display from field complexity; `FormField.span` goes responsive + (`'auto'` / `'full'`); related lists gain `'primary'` tab promotion. +- **Package-shipped permissions** — packages declare default permission + sets that materialize at boot with provenance tracking. +- **Build-time lints** — `lint-view-refs`, `validateListViewMode`, + `validateFormLayout`, and destructive-operation RBAC mapping gate + compilation. + +### 10.x + +The 10.x train shipped on `@objectstack` **10.0 – 10.2**. Every breaking +change landed in the multi-org tenancy layer, so a single-tenant ObjectOS +deployment rolled forward from 9.x with no config changes. What moved: - **Row-level org scoping split into its own plugin** (10.0, breaking) — the `organization_id` auto-stamp, per-org seed replay, and default-org bootstrap diff --git a/content/docs/resources/changelog.zh-Hans.mdx b/content/docs/resources/changelog.zh-Hans.mdx index 65d6e5d..f8dfae4 100644 --- a/content/docs/resources/changelog.zh-Hans.mdx +++ b/content/docs/resources/changelog.zh-Hans.mdx @@ -11,9 +11,9 @@ ObjectOS 遵循 **[语义化版本](https://semver.org/)**:`MAJOR.MINOR.PATCH` | 版本号变化 | 含义 | 应对方式 | |---|---|---| -| **Patch**(`10.0.0 → 10.0.1`) | 修 bug,不改变行为 | 直接升级,无需改动应用 | -| **Minor**(`10.0 → 10.1`) | 新增功能,向后兼容 | 直接升级,可选采用新功能 | -| **Major**(`9 → 10`) | 破坏性变更,发版说明会列出 | 升级前阅读迁移指南 | +| **Patch**(`14.7.0 → 14.7.1`) | 修 bug,不改变行为 | 直接升级,无需改动应用 | +| **Minor**(`14.6 → 14.7`) | 新增功能,向后兼容 | 直接升级,可选采用新功能 | +| **Major**(`13 → 14`) | 破坏性变更,发版说明会列出 | 升级前阅读迁移指南 | 所有 `@objectstack/*` 包按同步的版本号一起发布 —— 作为矩阵一同测试, 而不是各自独立。 @@ -22,7 +22,7 @@ ObjectOS 遵循 **[语义化版本](https://semver.org/)**:`MAJOR.MINOR.PATCH` | 组件 | 兼容性规则 | |---|---| -| ObjectOS 镜像 ↔ 编译产物 | 同一 minor 版本。10.2.x 镜像运行 10.2.x 产物;10.2 产物可能使用 10.0 镜像不具备的功能。 | +| ObjectOS 镜像 ↔ 编译产物 | 同一 minor 版本。14.7.x 镜像运行 14.7.x 产物;14.7 产物可能使用 14.0 镜像不具备的功能。协议握手(`PROTOCOL_VERSION`,12.0+)会在安装时拒绝不兼容的软件包。 | | ObjectOS ↔ CLI | 建议使用同一 minor 版本。`npm i -g` 安装的 CLI 生成的脚手架会固定为其自身版本。 | | ObjectOS ↔ 数据库驱动 | 驱动版本由镜像构建固定;请确认 Postgres ≥ 13 / MongoDB ≥ 5 / Turso(当前版本)。 | | Node.js | **20 LTS 或更新**。新部署推荐 22 LTS。 | @@ -31,9 +31,9 @@ ObjectOS 遵循 **[语义化版本](https://semver.org/)**:`MAJOR.MINOR.PATCH` | 分支 | 状态 | 截止 | |---|---|---| -| **10.x**(当前) | 活跃开发;新功能与修复 | 至少到 11.0 发布后 12 个月 | -| **9.x** | 仅安全修复 | 11.0 发布时 EOL | -| **≤ 8.x** | 不再支持 | 已 EOL | +| **14.x**(当前) | 活跃开发;新功能与修复 | 至少到 15.0 发布后 12 个月 | +| **13.x** | 仅安全修复 | 15.0 发布时 EOL | +| **≤ 12.x** | 不再支持 | 已 EOL | 关键安全修复会反向移植到当前 major 与上一个 major;其他变更只进 `main`。 @@ -51,12 +51,91 @@ ObjectOS 遵循 **[语义化版本](https://semver.org/)**:`MAJOR.MINOR.PATCH` ## 近期亮点 -### 10.x —— 当前发布列车 - -ObjectOS One 与捆绑的 server 现已基于 `@objectstack` **10.2.0**。尽管是大版本 -跨越,运行时的启动契约并未变化 —— `createStandaloneStack` 仍然接收同样的 -artifact、环境与数据库设置 —— 而所有破坏性变更都落在多组织(multi-org)租户 -层,因此**单租户的 ObjectOS 部署(默认形态)可从 9.x 无配置改动直接升级**。 +### 14.x —— 当前发布列车 + +ObjectOS One 与捆绑的 server 现已基于 `@objectstack` **14.7.0**。运行时的启动 +契约并未变化 —— `createStandaloneStack` 仍然接收同样的 artifact、环境与数据库 +设置 —— 但 13.0 与 14.0 均在授权词汇上有破坏性变更,因此**从 ≤ 12.x 升级前请 +先审查权限元数据**。完整说明见 +[docs.objectstack.ai/docs/releases](https://docs.objectstack.ai/docs/releases)。 +14.x 的变动: + +- **ADR-0090 词汇收敛完成**(14.0,破坏性)—— `book.audience` 改用 + `{ permissionSet }` 门控(原为 `{ profile }`),`PortalSchema.profiles` → + `positions`,`RLSUserContextSchema.role` → `positions`(字符串数组), + `sys_record_share.recipient_type: 'role'` → `'position'`。 +- **对象能力开关强制执行**(14.0,准破坏性)—— `enable.*` 开关从"解析但不生效" + 变为真实闸门。`activities` 与 `feeds` 为默认开启、可显式关闭(`feeds: false` + 会以 403 `FEEDS_DISABLED` 拒绝评论);`trackHistory` 控制 History 选项卡; + `files` 需显式开启(否则 403 `FILES_DISABLED`)。 +- **成员基线移除删除权**(14.2,破坏性)—— `member_default` 不再授予记录删除; + 需按对象通过岗位分发的权限集重新授予。 +- **管理员用户管理与手机号认证**(14.3)—— 直接创建用户 + (`POST /api/v1/auth/admin/create-user`,一次性密码 + 强制轮换)、批量导入 + (行/CSV/XLSX、dry-run、upsert)、通过 `@objectstack/plugin-sms` 的可选手机号 + 登录与短信 OTP(阿里云 / Twilio),以及 `sms` 通知通道。 +- **数据生命周期契约**(14.4,ADR-0057)—— 对象声明 `lifecycle` + (class、retention、rotation、archive);默认开启的 LifecycleService 负责 + 回收、轮换与归档平台数据(`sys_activity` 14 天,`sys_audit_log` 热存 90 天)。 + 可用 `OS_LIFECYCLE_DISABLED=1` 关闭,通过 `lifecycle.retention_overrides` + 调整。14.5 移除了插件级 `retentionDays` / `retentionSweepMs` 选项 + (`JobRunRetention`、`NotificationRetention`),改由生命周期声明接管,并将 + 生命周期类系统数据拆分到专用 telemetry 数据源(`OS_TELEMETRY_DB`); + `os db clean` 可回收 SQLite 空间。 +- **带生效期的授权与委托**(14.4,ADR-0091)—— 岗位与权限集分配支持 + `valid_from` / `valid_until` 时间窗口(失败即关闭,无需后台任务); + `delegatable` 岗位允许持有者在有限窗口内自助委托(≤ 30 天、必须填写原因、 + 管理范围永不可委托)。 +- **MCP 权限上限**(14.5,ADR-0090 D10)—— 通过 OAuth 接入的代理在 + `effective_permission = scope_ceiling ∩ user_grants` 下运行 + (`data:read` / `data:write` / `actions:execute`),失败即关闭。 +- **安全修复**(14.4–14.5)—— 字段权限键必须带对象限定(裸键会静默匹配不到 + 任何字段;现在由校验规则拒绝并支持自动修复);settings 与共享链接路由不再 + 信任可伪造的 `x-user-id` 类请求头;分析查询按调用者的读取过滤器限定范围。 + +### 13.x —— 权限模型 v2 + +`@objectstack` **13.0** 重构了授权模型(ADR-0090)。破坏性变更: + +- **角色与简档合并为岗位** —— `sys_role*` 表、`RoleSchema` / `defineRole`、 + 元数据类型 `role` / `profile`、`ExecutionContext.roles[]` 均已移除;岗位是 + 扁平的,层级迁移到业务单元树。共享接收者重命名(`role` → `position`、 + `role_and_subordinates` → `unit_and_subordinates`)。 +- **自定义对象默认私有** —— 带所有者但未显式声明 `sharingModel` 的对象现在 + 默认私有;OWD 别名 `read` / `read_write` / `full` 已移除。声明 + `sharingModel: 'public_read_write'` 可恢复原行为。 +- **RBAC 关联表写入受门控** —— 写入 `sys_user_position`、 + `sys_position_permission_set`、`sys_user_permission_set`、`sys_permission_set` + 需要租户管理员或委托管理范围。 + +新增能力:`everyone` / `guest` 受众锚点、委托管理 +(`PermissionSet.adminScope`)、带逐层归因的 `explain()` 解释引擎、 +`os compile` 的访问矩阵快照闸门、面向 MCP 客户端的自助 OAuth 2.1、 +编写期安全校验(`validateSecurityPosture`)、按操作粒度的 +`Object.requiredPermissions` 映射,以及软件包命名空间前缀强制。从未生效的 +schema(合规 / 脱敏 / 全局 RLS 配置)被直接移除。 + +### 12.x + +`@objectstack` **12.0** 收紧了 API 默认安全态势: + +- **匿名数据访问默认拒绝**(破坏性)—— `api.requireAuth` 现在默认 `true`; + 匿名 `/data/*` 请求返回 401。公开数据的部署必须显式退出: + `api: { requireAuth: false }`(启动时告警)。共享链接、公开表单、`/auth`、 + `/health` 不受影响。 +- **强制协议握手** —— `PROTOCOL_VERSION` + `checkProtocolCompat()` 在安装时 + 拒绝不兼容的软件包。 +- **自适应记录表面** —— 记录根据字段复杂度推导页面 vs 模态/抽屉展示; + `FormField.span` 改为响应式(`'auto'` / `'full'`);关联列表支持 `'primary'` + 选项卡提升。 +- **软件包自带权限** —— 软件包可声明默认权限集,启动时自动物化并跟踪来源。 +- **构建期校验** —— `lint-view-refs`、`validateListViewMode`、 + `validateFormLayout` 及破坏性操作的 RBAC 映射成为编译闸门。 + +### 10.x + +10.x 列车运行于 `@objectstack` **10.0 – 10.2**。所有破坏性变更都落在多组织 +(multi-org)租户层,因此单租户的 ObjectOS 部署可从 9.x 无配置改动直接升级。 变动内容如下: - **行级组织作用域拆分为独立插件**(10.0,破坏性)—— `organization_id` diff --git a/content/docs/resources/support.mdx b/content/docs/resources/support.mdx index 7276ae7..35c2c5f 100644 --- a/content/docs/resources/support.mdx +++ b/content/docs/resources/support.mdx @@ -22,7 +22,7 @@ description: Where to get help, how to report bugs, response expectations. The 30-second version: ```text -ObjectOS version: 10.2.0 (or sha-abc123) +ObjectOS version: 14.7.0 (or sha-abc123) Node version: 22.4.0 Install method: docker / npm -g / source Database: postgres 16 / sqlite / turso / mongo diff --git a/content/docs/resources/support.zh-Hans.mdx b/content/docs/resources/support.zh-Hans.mdx index 703cc74..fb40158 100644 --- a/content/docs/resources/support.zh-Hans.mdx +++ b/content/docs/resources/support.zh-Hans.mdx @@ -22,7 +22,7 @@ description: 到哪里寻求帮助、如何上报 bug、响应预期。 30 秒版本: ```text -ObjectOS version: 10.2.0 (or sha-abc123) +ObjectOS version: 14.7.0 (or sha-abc123) Node version: 22.4.0 Install method: docker / npm -g / source Database: postgres 16 / sqlite / turso / mongo diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 495733f..abe93cc 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -85,35 +85,35 @@ importers: apps/objectos: dependencies: '@objectstack/cli': - specifier: 12.4.0 - version: 12.4.0(@aws-sdk/client-s3@3.984.0)(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + specifier: 14.7.0 + version: 14.7.0(@aws-sdk/client-s3@3.984.0)(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) '@objectstack/cloud-connection': - specifier: 12.4.0 - version: 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + specifier: 14.7.0 + version: 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) '@objectstack/console': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 '@objectstack/core': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 '@objectstack/driver-memory': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 '@objectstack/driver-sql': - specifier: 12.4.0 - version: 12.4.0(pg@8.22.0) + specifier: 14.7.0 + version: 14.7.0(pg@8.22.0) '@objectstack/metadata': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 '@objectstack/objectql': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 '@objectstack/runtime': - specifier: 12.4.0 - version: 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + specifier: 14.7.0 + version: 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) '@objectstack/spec': - specifier: 12.4.0 - version: 12.4.0 + specifier: 14.7.0 + version: 14.7.0 pg: specifier: ^8.0.0 version: 8.22.0 @@ -468,12 +468,12 @@ packages: prisma: optional: true - '@better-auth/scim@1.6.23': - resolution: {integrity: sha512-I8/m2x/eEcFufNEQMM6nZqwhZrp5OdSMxL9t8EalTVAIfD3hRPz9n1kzbAYy3ArzxXJBkSZ+Os5E+k/yaxoesg==} + '@better-auth/scim@1.7.0-rc.1': + resolution: {integrity: sha512-pcnliU2eewYq2SF4cRDn1XvQ2I7+WhufoDv5lx9yH7fmrfsU6mYQpZX3mu2Fj/AFCHauCI7Ld617pnz5+yTtOw==} peerDependencies: - '@better-auth/core': ^1.6.23 + '@better-auth/core': ^1.7.0-rc.1 '@better-auth/utils': 0.4.2 - better-auth: ^1.6.23 + better-auth: ^1.7.0-rc.1 better-call: 1.3.7 '@better-auth/sso@1.6.23': @@ -1484,8 +1484,8 @@ packages: '@manypkg/get-packages@1.1.3': resolution: {integrity: sha512-fo+QhuU3qE/2TQMQmbVMqaQ6EWbMhi4ABWP+O4AM1NqPBuy0OrApV5LO6BrrgnhtAHS2NH6RrVk9OL181tTi8A==} - '@marcbachmann/cel-js@7.6.1': - resolution: {integrity: sha512-YyY8yiDU07ByKb2rJUoNgMAkYeeDvkdrONBREV2MP9siAW7yNft0KfbIoonWTIMY0fGtv8og0EhzKx3Xsi1Nmg==} + '@marcbachmann/cel-js@8.0.0': + resolution: {integrity: sha512-oaTrAziGr3zDLFiMt/yLU3nZuRMawyWQB5X1a0I7s9eGy3JYzX9l8ZXXHyMd64nzbeVFZTewuUShwsZQdK6UCA==} engines: {node: '>=20.19.0'} hasBin: true @@ -1580,9 +1580,6 @@ packages: resolution: {integrity: sha512-IYqDGiTXab6FniAgnSdZwgWbomxpy9FtYvLKs7wCUs2a8RkITG+DFGO1DM9cr+E3/RgADRpFjrKVaJ1z6sjtEg==} engines: {node: '>= 20.19.0'} - '@nodable/entities@2.1.0': - resolution: {integrity: sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA==} - '@nodable/entities@2.2.0': resolution: {integrity: sha512-9uGyhaQavEUMC8AIddIjau4NsnsXhou+j5sBAGojCM1oxmQpVKTWR/9JxABD6UAv12vpIms55fPZKFQEhG6uBg==} @@ -1610,66 +1607,40 @@ packages: resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} engines: {node: '>= 8'} - '@objectstack/account@12.4.0': - resolution: {integrity: sha512-TyV2EEIh5hjmSo3wNAzCE3uvK2ipKF/4YvO1Ru4nDt3QkDpX+t1vbXef5mW4PjQCFmWhrPOfhNIpGULuTPzjvg==} + '@objectstack/account@14.7.0': + resolution: {integrity: sha512-2ld+QIUpSd7XV41nWy/4GEn6CJ9B0NZyW6083c4fdcTtSos6gdo3yn7FuG0rIj031ifThhMvZZL3VUERbTdurA==} engines: {node: '>=18.0.0'} - '@objectstack/cli@12.4.0': - resolution: {integrity: sha512-E7bt4PKuFwaU67cSdHH0cEQfBCLU3DW5f+gU1lVn3y1fGim3LRScpmlZnT8PIK/Z1rkOJTVwevoi8oSkEb1T/Q==} + '@objectstack/cli@14.7.0': + resolution: {integrity: sha512-r2ialZ0fIwWLNLk617hxWT0cX8qE+QmlmcyCPIVm1CmbZkjiv1KCB7kRVRjkzo2MOtJfhjfou27SpQtB68Xz0A==} engines: {node: '>=18.0.0'} hasBin: true - '@objectstack/client@12.4.0': - resolution: {integrity: sha512-laugpJLVN8rA2rH1g8Cm/GxoD7RCdjhF5Zc0APC82LmgUnfrS97SUT+7zhe0/Sl1LxWO06H8Z8kH49GdminRCw==} - engines: {node: '>=18.0.0'} - - '@objectstack/cloud-connection@12.4.0': - resolution: {integrity: sha512-QjMvO6NGimWr3tsfBe7eZhCSsj0L5ZDC4JH44yCPNlqIWrmoV610R4OeVX2PxSGxWja+riK+HO/nGKsKiQliVw==} - engines: {node: '>=18.0.0'} - - '@objectstack/console@12.4.0': - resolution: {integrity: sha512-63DAEpNa5Vh92UEfr2lKNFW2N/pQCvjX7nwbNMEC//MzyeJncY6nXd73rCzjRcc2v/K6bWIBXhr6jkvIShZe1Q==} - - '@objectstack/core@12.4.0': - resolution: {integrity: sha512-5aF4GG2KTwx4YNLxS2E3ptbQ2yayhlfDwfx+15JxLzQtA10o2ZFdzrYfXE76egZgmOlK+euz+qsI8Ckht8cXfQ==} + '@objectstack/client@14.7.0': + resolution: {integrity: sha512-9PoH0XfFSzaNzWM23KSQqjErJxWCv1QzFL50ni2uIQ3g4TQq0r196RXilbY8VQ1uCSHwZDwBsD4oijX/WiQODw==} engines: {node: '>=18.0.0'} - '@objectstack/core@12.5.0': - resolution: {integrity: sha512-tc7Q17V9nCpu0GTHKzaGFyzCUE+vOveT3lsWJ6UTv0SO+Jjho8V/PyU2cTVUP3xkr58y0idJA9+de5w7umHF0g==} + '@objectstack/cloud-connection@14.7.0': + resolution: {integrity: sha512-ubSNgaM58yDTcUFvg/J5p7bgqh6z7zC1c9JY7bvRVUMxW7jdf7WTpF6MlH6XjtRti/aP4Ry2XJvS+Dwoafwqag==} engines: {node: '>=18.0.0'} - '@objectstack/driver-memory@12.4.0': - resolution: {integrity: sha512-TzM2Vg90RCFcHlXcR09clg/5TuKLD5h9JzP415GZ2V3sl/2TX7u1mhkS6tRbw+Wg0mN6ZyovLImcVbm7vFnqMQ==} - engines: {node: '>=18.0.0'} + '@objectstack/console@14.7.0': + resolution: {integrity: sha512-jq4QFzBDweg36pJIOvTBWCnr33ebH5UqEVcQMr1XsrN7W2u4SVLjrCgEkIkpMKvoNtUsOhaARkm5GasjT8Vl+w==} - '@objectstack/driver-mongodb@12.4.0': - resolution: {integrity: sha512-BWT6QdZxcLqT1ehRuO6YQ+R93dp9vv14OwQsTNJxBGHXX7q+GSD1Yfh5LtemLg+w+Gt3klS8RQe/TMK2saO2KQ==} + '@objectstack/core@14.7.0': + resolution: {integrity: sha512-2PcAS+rbZL2DK95IOBeIiqtysL0j1SrWtJrgDBaVjQETqmZRwdKUB/eZSc/oh/h9KcrcMDc0NCAIRzyCM08Xqg==} engines: {node: '>=18.0.0'} - '@objectstack/driver-mongodb@12.5.0': - resolution: {integrity: sha512-glk5+dvb9gzoYRzzFEhiN0LYjYGO2cq3QmqnQDPsdwReYXM2TBQcBuiUMQ4Pqt2lkeUNEIN2OL4oqkW3BlxLCg==} + '@objectstack/driver-memory@14.7.0': + resolution: {integrity: sha512-xW2M+T1+W7dgkZoyc1Whmpib3AxbOQMpt0MS7dIa6QACL2WQzxSofRv5m9YhPwN2zqm5jBMrLp7HvlBnk9bLjw==} engines: {node: '>=18.0.0'} - '@objectstack/driver-sql@12.4.0': - resolution: {integrity: sha512-YyjgLTDZJkkoQyWAr+JCVJ1AdXlmPI5pyjsiO7o+PngunyrkvW71wZWQcdAfIQvOrMGuMIiJBENIIiZVLwRU7g==} + '@objectstack/driver-mongodb@14.7.0': + resolution: {integrity: sha512-QOMrpaw8LXuKdABbiqgHHAR+qQ0cV/aXT45fUsPrnjxrcAcGgpPYhtrrwA/HkRxvqfJx0Cml6/ofXkgX/fHhCw==} engines: {node: '>=18.0.0'} - peerDependencies: - mysql2: ^3.0.0 - pg: ^8.0.0 - sqlite3: ^5.0.0 - tedious: ^18.0.0 - peerDependenciesMeta: - mysql2: - optional: true - pg: - optional: true - sqlite3: - optional: true - tedious: - optional: true - '@objectstack/driver-sql@12.5.0': - resolution: {integrity: sha512-ivEVXTkgoNq0tPdlnrs1FTf2HP5/PZh1VLxWq4UfgOPjrlslDsDImsDuRaoAR2RuqgFOAt69ic/IGIUc1F+pDg==} + '@objectstack/driver-sql@14.7.0': + resolution: {integrity: sha512-nFJLsAsMPRQbPzbq8HX89MxzPyeIyqzRQKJF120c7U+Ldf88RgL0LblCpY5JKf7cVpm6Dj46WSy1e+lcJH7QnQ==} engines: {node: '>=18.0.0'} peerDependencies: mysql2: ^3.0.0 @@ -1686,27 +1657,23 @@ packages: tedious: optional: true - '@objectstack/driver-sqlite-wasm@12.4.0': - resolution: {integrity: sha512-uOlz5XOz3oGj1OEn0+nvjXJrfxRso0XdfLU0s4NiS3zL8n3E/S8boIQigE8qRCaV0nnGGZHip0crnWqIhBbFfA==} - engines: {node: '>=18.0.0'} - - '@objectstack/driver-sqlite-wasm@12.5.0': - resolution: {integrity: sha512-CW8t5UxPJLhgqZbiy6G9GAuqO3wMqFmAaLTxQvHyamVJJY4ygwh+m6Mfubf0DEivRSXV5IhDtwsKs/GrP8s7Cg==} + '@objectstack/driver-sqlite-wasm@14.7.0': + resolution: {integrity: sha512-hZFNQZGLtPBp/YYOOqScJD4/ZZmtT/Aiat4XoFSciojEtK2VMiwhxICX3Eaxxc3Z1GCa9J90a8O7qQi2f0yPXg==} engines: {node: '>=18.0.0'} - '@objectstack/formula@12.4.0': - resolution: {integrity: sha512-rZZpyUr4gqFHKiOSIqn/CQi5ZI1VIHEc/mgQL8AunYKZitm0Kgy15jpjGXoXGzNFMzeUXBI8EeBBcRZxtV1fhA==} + '@objectstack/formula@14.7.0': + resolution: {integrity: sha512-ZBrQiy+RQUxnC3cDRmUAIknx6+FA0Pb3XM/aYq6hZGRLHpy2qZNN1PDnYLAWXbggeQnCzTlDAI34HpU3ypzSIA==} - '@objectstack/lint@12.4.0': - resolution: {integrity: sha512-v12ATUHiV4QFcX7qZFifi1AXLplz7alaXVxCDKDWkMvjzcttaO66yhiYuYL6VfuOKdk632kktsJ8X26qrMz4Yg==} + '@objectstack/lint@14.7.0': + resolution: {integrity: sha512-i+I8uRS9lYus3V9Nh0mb2wwa60IxuIU3SdnrQrJBXh/6/wAkg2EHM2vMIugcrG8HtNCUQcD3u8eTMp73F0MNEg==} engines: {node: '>=18.0.0'} - '@objectstack/mcp@12.4.0': - resolution: {integrity: sha512-TCLFIW2RpZgjS8LGBaLjHUXQmrnVMYkryMEYRbQZXTECx8aY2ktvci07918SDxGIa3Hbw9L8spDAuL4se7dFcA==} + '@objectstack/mcp@14.7.0': + resolution: {integrity: sha512-jg0NVGaQSK8tDH6NOqUI00NUgz1uImxTXBMzVjhGfjko7ejpasVdxYZujJ8pq6U7EbRzpd/hnDhYNLhEjOVVxA==} engines: {node: '>=18.0.0'} - '@objectstack/metadata-core@12.4.0': - resolution: {integrity: sha512-HQ2JJpjwhHp3M60wOBi22we/5BSXmvKyHqYGsGpgpr7HlbiB8GiNMdzjxCkk/YJ86py0v0yEo1opyEh6+C5gKQ==} + '@objectstack/metadata-core@14.7.0': + resolution: {integrity: sha512-hHhF3S7bgcmPLSumroPlCHz7YGogu6Aw5+r+Gpyg6Dij59rb/VODWyQk2XXPPZnBZoerSo8rD+IOCJ9sjhBIbg==} engines: {node: '>=18.0.0'} peerDependencies: vitest: ^4.0.0 @@ -1714,128 +1681,123 @@ packages: vitest: optional: true - '@objectstack/metadata-fs@12.4.0': - resolution: {integrity: sha512-2pt6SfupQ5oJcWfh6H9+N/kV+8C1q64TjhyCk9f0C+C5A6VDrdo4ITKERG8WNuUkHY0l5KaqSnvEU8lZWw0KvQ==} - engines: {node: '>=18.0.0'} - - '@objectstack/metadata-protocol@12.4.0': - resolution: {integrity: sha512-G6d4SnWmLSleNqFbrzGv/j9SkTjxUzW3W/YOL34ORxruZj9fiApXGghh5Cd/RpCrf9XggGeynzofvgTd0rEE2A==} + '@objectstack/metadata-fs@14.7.0': + resolution: {integrity: sha512-d4VkI0cuez9h9bwqec8P6n+5/bLysdo4Qm28cqwZes445qXdj+riOf/oPd+lrS792W66/Zso/S6gbO/KGMgRDQ==} engines: {node: '>=18.0.0'} - '@objectstack/metadata@12.4.0': - resolution: {integrity: sha512-0/EehDI5o7dM2WmxZ5iEJu+2llOvfmVmM5ecBHJgH/+v+g3UJe/Vgcoibx1I9uCUuNIOISEObccvyN+sjDlAcA==} + '@objectstack/metadata-protocol@14.7.0': + resolution: {integrity: sha512-Pj2hDD9IERvpZ6oT/namEYUWeISJGHaIQJ3A36hP2KpyS5eEu4O2uTWhhpzUoD98M/HDMl7ZmcxkCvLP+JnyVA==} engines: {node: '>=18.0.0'} - '@objectstack/objectql@12.4.0': - resolution: {integrity: sha512-M/G6t1jD+DUWD3cGJvKtYvzTeIG2Ox99Ph//yFUxkHCRx7dVuDpRSp87rGyFh7F7swYggAEW1mtmdYU1LCHvLQ==} + '@objectstack/metadata@14.7.0': + resolution: {integrity: sha512-jPsuOH6KH3D+97l5nQNQLZbaoaHuINXWcVua54ynj8NpHJgvF+ryAecIOmZNq8e6D/oemWWOSfViv046IUK88Q==} engines: {node: '>=18.0.0'} - '@objectstack/observability@12.4.0': - resolution: {integrity: sha512-078RoUlsOnddnV5H1s9Lc2jqCd5fuo/uBMax5DsuCnYGoj5haerJrP7TRF6MuEid6GDd/sliebnQIxPey2G2Uw==} + '@objectstack/objectql@14.7.0': + resolution: {integrity: sha512-el7sKH6XKnCBAcZaz8qMD6sg8gBIABdXOIL8bIPjzXhoema9sanAbDwXVS3YcqCs29xFi3p3W05DwrHGYBGWXg==} engines: {node: '>=18.0.0'} - '@objectstack/observability@12.5.0': - resolution: {integrity: sha512-c12R+UaPXQ/h/EUIXYP8vwu/wQRJHyxS/x3Qlr8h7zZMxlIYmL5LYAcQ1TukDWTfxNhllQKYUppSv/7Etj7fSA==} + '@objectstack/observability@14.7.0': + resolution: {integrity: sha512-VI9IdRmX971Zb1c1wY/rw/5HzHp775TEVAXgTZFkR7anPL9vUchWGnMG7QzVwxqp67DYDDS1Erb9q56xGn0diQ==} engines: {node: '>=18.0.0'} - '@objectstack/platform-objects@12.4.0': - resolution: {integrity: sha512-mhOgpaVFgBTPSeJQxtaKqa7o7AZLE+u0MJtNpUhGMplt0KDCcIGRZBZZZQwcmsL/L4tM6MMVUOEAPUGp0Sj6Hw==} + '@objectstack/platform-objects@14.7.0': + resolution: {integrity: sha512-fXLbvHZkJqcKqVW20HY4Nb0bCKmqoFErnyK+ofnr7it8j2TABHUoOxkTrV3kkG2aSZgv49oohcXuGH9o5NZ/dw==} engines: {node: '>=18.0.0'} - '@objectstack/plugin-approvals@12.4.0': - resolution: {integrity: sha512-nq79Ea/tZNGRnLHudiJ+wJHvezxWNmWbDDY+avP42E2B4KKYd+irEPbAhD1nUOF37ZeaWDFwDuw2+fQtxGPQog==} + '@objectstack/plugin-approvals@14.7.0': + resolution: {integrity: sha512-jk3YlFUHKi0um8bFU8phKDkEjjr9UPV8Te/c5bAWCrnJOVk6Inc+Ub/lewbC+ph2r5Ltp5f6yG6d//IS9Ehtmg==} - '@objectstack/plugin-audit@12.4.0': - resolution: {integrity: sha512-8w8Ivp/gvv5l3AVkmsWTNCAAdRAsR4TaFswO1CCmJit8LUV61A/mB1d+N1Z5rr3M8GJOZvcLfy/+5DNZl+1l8Q==} + '@objectstack/plugin-audit@14.7.0': + resolution: {integrity: sha512-nkkfS5JH2ZWg3Ms4iJOINRJoe08pmWEhvCZheqtiG8XWJEpe7Aowpysc938tCK9ghynY/VZc2aDRsaAPzQdANg==} engines: {node: '>=18.0.0'} - '@objectstack/plugin-auth@12.4.0': - resolution: {integrity: sha512-/ckBmg/CZgA2nCBxuBqRW99fSMfIzp2WDaJKWwp7eHOE6xuKaaFJO9dmd4IxhIHRnyP0TvMd5kJB9Kvc/8cnMA==} + '@objectstack/plugin-auth@14.7.0': + resolution: {integrity: sha512-lxADtGcpNCQunvj4NVXIGl6oGMt2F9QqulSKXeokCd7QpB4vjxlykKnGc28tsJqkAkxeDBlh0kk7+ObN57C/kQ==} engines: {node: '>=18.0.0'} - '@objectstack/plugin-email@12.4.0': - resolution: {integrity: sha512-WjZWb6q7uy/31kUgCS7cD7jKzToZa1nxSDxJG3WbM/5jZn8luSavImvdc00Wk+l78IlDiWXWVpWuLCQx+klPjA==} - - '@objectstack/plugin-hono-server@12.4.0': - resolution: {integrity: sha512-7ffQl+Y2rSUlyFlpJw19mRtHCLUbPjKycwFKYRxMjbSbd/6M1m0vk8FoiLrSCYf/PLDh/Chg11an20BQ9N/BSg==} - engines: {node: '>=18.0.0'} + '@objectstack/plugin-email@14.7.0': + resolution: {integrity: sha512-GneZNutUo0/jxjmSJrEYReKXa8BZdP0pW/8eAi+U2GiEj/jp/Me9eHkMvgJZgHj8Cb9GX8yJCeZeFEOVeE4q8g==} - '@objectstack/plugin-org-scoping@12.4.0': - resolution: {integrity: sha512-rvyg0tZf298bynsM2Nnu/afi8h55fj/onQ50tEkg4ZMYMFjK4KZoQbcVQs3nhHCD8Uj7oKYAnhr1Y2G4s9CyRg==} + '@objectstack/plugin-hono-server@14.7.0': + resolution: {integrity: sha512-7vOFsfd6rDB9sXCfjKoF5yXNADpdiO8lWWeQNBezItkx1DRvJqQTLk3EAFaMSXvFWzoZvpC71DQ8uJd+4AfGNA==} engines: {node: '>=18.0.0'} - '@objectstack/plugin-reports@12.4.0': - resolution: {integrity: sha512-RGeLCiws0Q3KwdJV1qT7t5/QH1j2EWm84f7HCU1OPGZADisS7ULXgK7WNO79nv4l5yQj6NUNfMkQ7TLwBvRkzQ==} + '@objectstack/plugin-reports@14.7.0': + resolution: {integrity: sha512-rjSqC0hb9N3E/6P8H/aBMtR8/zQZ23iXVzWOzR0YBRYSUcWiUxZ3vUi0JDsy3mcOv8c1h9YuZM4XDevCz2YqfQ==} - '@objectstack/plugin-security@12.4.0': - resolution: {integrity: sha512-zWn1LPRADW+IgNwzPJQhKvMjqkPtZ9S3HB0ogZ2eA4VFeTrzB8dPLw3M+/QZSso+X6ATwQxJts9VJG6wJSeiBA==} + '@objectstack/plugin-security@14.7.0': + resolution: {integrity: sha512-fT/ERYAXhD3c3UiAA7hom8JJ3PKRLNpuI9+ZNarQRG9gb5jT0umXwiMSCPmCBBmSgFbj0OhZl63xijlQZ8sfvA==} engines: {node: '>=18.0.0'} - '@objectstack/plugin-sharing@12.4.0': - resolution: {integrity: sha512-mukispN+e/fsJEKvMVJ6Zy75Njt3eH0D2q3oE3Bw80+X1JS72FlKTWLMkKCE/Q+1fZLVps+a6AuI/gJxKQmn6A==} + '@objectstack/plugin-sharing@14.7.0': + resolution: {integrity: sha512-QlFVd6X/Lzbd72xu2iqIAbkMeKG3FgR6RWkgHBGoRltT6GmNOalhNEavoXOBIf5JeUtTc/ro+NX83E6tW3tNbg==} - '@objectstack/plugin-webhooks@12.4.0': - resolution: {integrity: sha512-73zrb4ASm7fuox/lWADm8wCf/c829LDVcN253bKT43V/PwS78vFAnizTA1+emeyQMiSyBvFaqXAH8fM78bQoNw==} + '@objectstack/plugin-webhooks@14.7.0': + resolution: {integrity: sha512-At0bE4fQ454C/RHS3TvWgZ+kPcit6C01S0tAEvT68deZ4aty2e5dNMsEEedqzzYLkR7rpT7hTlPQQb2umB4NOw==} - '@objectstack/rest@12.4.0': - resolution: {integrity: sha512-8V4us/7O1RA16bx5yo+1xCAu1orqHqiKDVhuDbr8MpsxmyzLS2YmiAxW+hiKeW7tzTpf7sGoIFjBUhVgqT7cLQ==} + '@objectstack/rest@14.7.0': + resolution: {integrity: sha512-bIkGaadPdjqyCGyMBX3Gs8H+4d/Hrh4TjPJ0keE1xswxUGqoODNVsYA+qdKqMb9nGMZT7V9XpYHhXDIVqLgA4A==} engines: {node: '>=18.0.0'} - '@objectstack/runtime@12.4.0': - resolution: {integrity: sha512-PiSr4UPj4BwVkKeLR/Hyc6j7WgFi0L36B2u1LM9cvYCPf/cvaCWSLzDKVLAiC7XE89L/G2UqiEiG1rMUOV+hiw==} + '@objectstack/runtime@14.7.0': + resolution: {integrity: sha512-b9wiONYRwEWrYRKBy9uEmg0EGA0FMjGozfpfVzseW52u6JS8FDKnq1NEZMXA7Y/W87peG4eryAthKNgdKIHHfw==} engines: {node: '>=18.0.0'} - '@objectstack/sdui-parser@12.4.0': - resolution: {integrity: sha512-nOnWj3aetoYTEey7e6CsOxNNIm/pQxzBpsXdorA7OMDV6bUbbcD8IHS6G+k+dAtUjP3hdBcr3qyegj8ZL77nPg==} + '@objectstack/sdui-parser@14.7.0': + resolution: {integrity: sha512-/ZdWvO10PXNLJ/zsvIykt2GvZIjjacR+HuzMjXO5mf4Pkm9zSUX1VOlRnWntyx587pTN3M0b0MYeIoasRv6gWQ==} - '@objectstack/service-analytics@12.4.0': - resolution: {integrity: sha512-20mbO4ZnSaPzQ3RwYmjW+sm/t5+5t+bwylkJ88F9ppN3UwNZejRpps2LJ9czwH9+s1Eh/38QLuuGX+mzGFEN8Q==} + '@objectstack/service-analytics@14.7.0': + resolution: {integrity: sha512-nFWFLPTFAdtGBY2ejdIvELzR6SaQ4jg2Z7f0tyzvxlOeqcke9IXis0LDOObTYuKeUknXfa2kLC7CxVWPvQwcSQ==} engines: {node: '>=18.0.0'} - '@objectstack/service-automation@12.4.0': - resolution: {integrity: sha512-LWLa7RS87OhzSHuzza4NuMOP7OTUj6a+xRDDBm6t78DVQZ8FwtSTaBphb0sFSA94BUTFU1hdyjQOYK245YJpOw==} + '@objectstack/service-automation@14.7.0': + resolution: {integrity: sha512-oFL8rllqBGCOJoS3354IUUOOEQt142B6LPawsJEJ03BiEMBFGITsoj6qy0sVZd27vntpf+ZsigAewODYGoOjiw==} engines: {node: '>=18.0.0'} - '@objectstack/service-cache@12.4.0': - resolution: {integrity: sha512-Sws0Jxgk2+DMYyViX2nL9KpFPgn3T3D/1pex3XOh3DK2tKkfJrFFJW9bVVoJJ+E9kh871n6qWZVdKLKYgvQmsg==} + '@objectstack/service-cache@14.7.0': + resolution: {integrity: sha512-A5pkgil4qpG57maD32imitsC6MKM3opkrxvvgWeHNoDAIUqZZlulJHfPnW7iMLTcUuB7E3Yx7sZSGhWxXOe82Q==} engines: {node: '>=18.0.0'} - '@objectstack/service-cluster@12.4.0': - resolution: {integrity: sha512-G1hYFImnUXmuCLahlh3wqJ1zKqP0PHlytx6/CQV7Z1P5QExbeJZe7WO+VR8Tjkzup49hEAnnmxUnmwQ32rnSEg==} + '@objectstack/service-cluster@14.7.0': + resolution: {integrity: sha512-K5dTb5UpQnGymuefWgommt4Zs6ZChq5vScK08OSBC/eINwgPSkjZiw6WEj4MjMCryo9dLBzNA3AsQwnA42e8HQ==} - '@objectstack/service-datasource@12.4.0': - resolution: {integrity: sha512-SGH0Rk1YhV0EYipZzZ+ZUnzvpmiQOFSo46OPqy+s5lcuv4sJMkHdwwixc3PB4SoCAkOqaeP+AhaB5vKQ6RZz3w==} + '@objectstack/service-datasource@14.7.0': + resolution: {integrity: sha512-LXBANrWfkjfFPd838IjblJXlj4NvAUE3U5ob89XM3yZ60LxIKygZbsrhChiKYsSiL/jMGnCyF6VThgki9EWIYA==} - '@objectstack/service-i18n@12.4.0': - resolution: {integrity: sha512-t0scIxQQwlInfpaoZQMzmvMNC3WvWWLceiCM/Rj0kPvLy7Qi/XNanrVOyAaqns+vOP0+Bd+2xnKfeL8gCWfogg==} + '@objectstack/service-i18n@14.7.0': + resolution: {integrity: sha512-2ymG7Gttq7ExhO+12OtQ6hjHeYtTOIpxhXNXhvkiiKGQmM93V/1qRYw0NVkP8UJibXPBavCOf1b6uL1tEtYU8w==} engines: {node: '>=18.0.0'} - '@objectstack/service-job@12.4.0': - resolution: {integrity: sha512-+6LD7Muauv5gQc9wccXlqi6TzHRxEM+zXxgEX00g3VnAxxqiP4BLdYfO5Zfglb7a2TFS/u6tNh97sw2xEdYYZA==} + '@objectstack/service-job@14.7.0': + resolution: {integrity: sha512-JJnrBfD5OyWH+V5+WTcDguSIkx1STitp0fDRY7cqvrZkZ7048Hqq42eMEFZekOnvcw63COAq8cl24VYrX0BlFA==} engines: {node: '>=18.0.0'} - '@objectstack/service-messaging@12.4.0': - resolution: {integrity: sha512-pLRIlgyFREdWPF08kHbz95sRteeK9aEv6aAHSILc/qenPCPfn07EA6C/pmhWCaYXc5iALy9EOID5KsaHwqmrWA==} + '@objectstack/service-messaging@14.7.0': + resolution: {integrity: sha512-yC/9XICMnmhq9sKKPibiRdUiwinip94h/DJoNuv8OUB2FhugSr/+RnJc/jjrAxyDCb2TP4pCklcNqeI9y9/XcQ==} engines: {node: '>=18.0.0'} - '@objectstack/service-package@12.4.0': - resolution: {integrity: sha512-BrYa4GebrVIhn2lTh+nmo3PMd5wv6PiYuaedUVwU065Xgj0VcfrFcERV9oHjC7M+pCnO6wgqE5Ae3JnNOvVp7A==} + '@objectstack/service-package@14.7.0': + resolution: {integrity: sha512-QH2cMaduWjD+de5kKYWwf6+a8SUEoA23tW/9IFlkhub1lDEmBUKTF753w0IGfPVy0xagghSPakPtlchVbl6G/A==} engines: {node: '>=18.0.0'} - '@objectstack/service-queue@12.4.0': - resolution: {integrity: sha512-Y/YTm81OZkZCPl8FtMuq4PUdnuqnYAVZu79OaALgQwWKrk7kZsb4Z/Mhc/3BOwP+Fc7JGa3M7ARkeF9iJilFiA==} + '@objectstack/service-queue@14.7.0': + resolution: {integrity: sha512-CLyJ3k2lZKsRJSTrSL1emkhluwUxXAlN3YmMoSgRtU+zSWX3WNfvl6+89638xsSNG6KUISq0Rn5O1CrJiLwlhA==} engines: {node: '>=18.0.0'} - '@objectstack/service-realtime@12.4.0': - resolution: {integrity: sha512-NfeJpTl9/5quL/pgzItS5nNN+nXsInNl7huKMrFQEuAY492Q/PckSzVI85gt1adqO4DfJyFj/o3fGvMQgDdyxA==} + '@objectstack/service-realtime@14.7.0': + resolution: {integrity: sha512-uBpJ4+toCP0cBRSmD70xg+3pvyZmKrMtXfliNW6wFCvIXxmTUCxr0MFEy6DbRjRRfnLKmzUJt10Nr2wvX8F1yA==} engines: {node: '>=18.0.0'} - '@objectstack/service-settings@12.4.0': - resolution: {integrity: sha512-bsin0E7jYwAnan02q1Suln8BBM6bNjc5djEVMOlJQvCw46aebSi1yIpYdbI88fwdNXMJCn49O3OhD3tEJGUBhQ==} + '@objectstack/service-settings@14.7.0': + resolution: {integrity: sha512-+Tt/VHNQJuSnDp4NApcWJhH77QXDk4Zin6SZ9v90owbYRYp5DacGVN9PZah89CVUF+v3XnHctOD4SkqzOLNjKQ==} engines: {node: '>=18.0.0'} - '@objectstack/service-storage@12.4.0': - resolution: {integrity: sha512-36vJypksoI7FjShYw6RbqYr1QU85f/3vqGmtjISKx5sitF2cls3gLmEoFMQ+TCQjU7hCfDIDzCN2PnVdQhJ22Q==} + '@objectstack/service-sms@14.7.0': + resolution: {integrity: sha512-r5k2rRhW4AE8+neAcs9mhFvrlkQ9qi49rIz129CB7dTHTAticEkoauiEX8F3Mia6toAYZLV9AM86paX7d3vHLw==} + + '@objectstack/service-storage@14.7.0': + resolution: {integrity: sha512-+96l8nGEUyp18deMupHv7zlmlEE0PRiLhrj5JFLJCA7M0fgXZBMIaMgeQLLWxByUqU/XpsC5b4YiiPWt3OFTbQ==} engines: {node: '>=18.0.0'} peerDependencies: '@aws-sdk/client-s3': ^3.0.0 @@ -1846,21 +1808,12 @@ packages: '@aws-sdk/s3-request-presigner': optional: true - '@objectstack/setup@12.4.0': - resolution: {integrity: sha512-C6qyw02nkIwCz9ayJX/Rrzcg0UWm7aTDzaWCkjQBqsM6fG2f6ZIDPdwXLn+bFotldBsbIF84xKak3geGMOqSYA==} - engines: {node: '>=18.0.0'} - - '@objectstack/spec@12.4.0': - resolution: {integrity: sha512-xR+KyomERz4IBwLambMEgb13K3Bz4zNnFLOqNNHUtVppC/GuZGTCrEVJgF6ZtT2O9H/0vjJUDvAzrcckpFyeRg==} + '@objectstack/setup@14.7.0': + resolution: {integrity: sha512-A/S9Jiqstv5zCfKB8UgvDT5ZsN60ulkxrs0cjrfrfizmmWQf0dLceLxpQasK9VrzXTrJ5o/CLZm+Ga8TOpmyTA==} engines: {node: '>=18.0.0'} - peerDependencies: - ai: ^7.0.0 - peerDependenciesMeta: - ai: - optional: true - '@objectstack/spec@12.5.0': - resolution: {integrity: sha512-xMe0pvyNlgGnkXQW2Z6rNZFV9tOqLxR1bIyBTkqq8q3kGsNDbKrMXwe0qW+GhxJe8Lrsvktc99suHtDCSZIwHw==} + '@objectstack/spec@14.7.0': + resolution: {integrity: sha512-ZSn60tK3+wHCsfQVutGiITaB+PUuSqsv3cphsce0+jQe+No5ZItUy86eR4zP5nvY5RwNHokcKpvhvjgYlo+hlA==} engines: {node: '>=18.0.0'} peerDependencies: ai: ^7.0.0 @@ -1868,31 +1821,23 @@ packages: ai: optional: true - '@objectstack/studio@12.4.0': - resolution: {integrity: sha512-RVkyuM3aGO4mEsxotCsSuTgH96pDkfuYfPKLI8aoBPiEFLk7UlzfYzgjeeP9SfCIPunrxZmTqfp2WBGf2tTuFA==} - engines: {node: '>=18.0.0'} - - '@objectstack/trigger-api@12.4.0': - resolution: {integrity: sha512-ub4Oki6xJVJnqN9UahXXCIXexkMeLtsOw57CubYpl5gSkrFuL0nGSgbWyg+LWzzWGQ14UCeiiCaTfu1+61pxUQ==} - - '@objectstack/trigger-record-change@12.4.0': - resolution: {integrity: sha512-L4RDcpRDVkfFUcera8dEItFGtW/6caIOTsMJ/9RcvHuHhmR4Fbe1wEga+66399ahZoRLqrHhzlFt3FKsp06jJQ==} - engines: {node: '>=18.0.0'} + '@objectstack/trigger-api@14.7.0': + resolution: {integrity: sha512-YWn5ZnJcz9cLVBa2S2NIFGPpP37GZk9/f6CChAjKjsZ5l9pXh9CF7hH8x6fIC4SKaZIBFMTT4EchKqdHetfCkQ==} - '@objectstack/trigger-schedule@12.4.0': - resolution: {integrity: sha512-rIW5uvYfPyRk/K16ewZB9UhiN+eqxKd4R7PTSSFr0esMJmc9w96uHl0jkCzPnOUOXiKAllfxXDhWddkH4jRISQ==} + '@objectstack/trigger-record-change@14.7.0': + resolution: {integrity: sha512-WRSUgOzVHFgFO6wPNj53snlH+kekDM6cGlBVEpH25uUMi10KzjjTKzpFtMXaW1otTvH93RkVv6qXeDk0gqwbYQ==} engines: {node: '>=18.0.0'} - '@objectstack/types@12.4.0': - resolution: {integrity: sha512-TmOpYHpmlKjTLsCoTaMVtExHcovdM+Yn0KngorxO11qHa+5zAb1zqcQwwVWgflzowF8yRY62GpBydIWSxKO0JA==} + '@objectstack/trigger-schedule@14.7.0': + resolution: {integrity: sha512-oFt96J+7jZtX/KjkYZbbWvR0LVrRVAo8MP6y87uM+ZShoIVRKZGFi15mkiOGDioqZj9g2INU3OBo0mML1IGZSw==} engines: {node: '>=18.0.0'} - '@objectstack/types@12.5.0': - resolution: {integrity: sha512-1zqgwOL/M8S5yOox3vFa1khDFPSMxyDxyHypOtxGY39OqURJvwpbZeaz3E4CxzNqNBxDTvbJRUUjzgfgx48J0w==} + '@objectstack/types@14.7.0': + resolution: {integrity: sha512-rr0IxpRpEjCweoq2u00ivGixKTI+Yq2sF6ar7h5lIabzwF8MECX6IICysR0ag/skli3ZsYZH2DANPd7ymLK7qg==} engines: {node: '>=18.0.0'} - '@objectstack/verify@12.4.0': - resolution: {integrity: sha512-wvQaZKfZ4qJZHsbBeTjXkH4asFdvlI4gnwQ7bKFKpJfvc1yAfwdml2CHy6XggE6hNHQjYVqwr6ov5Q4kV+5uDQ==} + '@objectstack/verify@14.7.0': + resolution: {integrity: sha512-2nH0Bee4NH+c1wV0E22tKynx1eelx+kMn9YSugCrtm1lc9Kj+UGJkqhhUj0gj9Gxl0zBtQpZARV4GCNHiKqlJA==} engines: {node: '>=18.0.0'} '@oclif/core@4.11.14': @@ -3856,14 +3801,14 @@ packages: hastscript@9.0.1: resolution: {integrity: sha512-g7df9rMFX/SPi34tyGCyUBREQoKkapwdY/T04Qn9TDWfHhAYt4/I0gMVirzK5wEzeUqIjEB+LXC/ypb7Aqno5w==} - hono@4.12.27: - resolution: {integrity: sha512-1yrb/+w6HWQJrUCLkJ2IF5jNIPvvFkblV5RNOYl6bV+OA6p9GLcMpHFFGTosSvHvcAUibuUukRqhlYI4z32C7Q==} - engines: {node: '>=16.9.0'} - hono@4.12.28: resolution: {integrity: sha512-YwUvVpSF7m1yOblFPrU3Hbo8XhPheBoiyfGuII6z19LnOr6JpDnyyp7LFNrfV56wS8tpvtBFGRISHN02pDdLOA==} engines: {node: '>=16.9.0'} + hono@4.12.30: + resolution: {integrity: sha512-emn+JoJjrN9YTpRDS5it/UI2SO9BAE37T6I3d963RxcZ81G9A4pr2SZTEiiaiKbzx+NKRg5BZ89fCL7gCJCUog==} + engines: {node: '>=16.9.0'} + html-void-elements@3.0.0: resolution: {integrity: sha512-bEqo66MRXsUGxWHV5IP0PUiAWwoEjba4VCzg0LjFJBpchPaTfyfCKTG6bc5F8ucKec3q5y6qOdGyYTSBEvhCrg==} @@ -4510,15 +4455,15 @@ packages: resolution: {integrity: sha512-h0AZ9A7IDVwwHyMxmdMXKy+9oNlF0zFoahHiX3vQ8e3KFcSP3VmsmfvtRSuLPxmyv2vjIDxqty8smTgie/SNRQ==} engines: {node: '>=20.19.0'} - mongodb@7.4.0: - resolution: {integrity: sha512-giySkkdYiwoBFo/oCc8nzov3xOYZ/sB8OpAYk5GINRLEjVw0LDsm8xgQL0XMTyU4extQlDZjhdUr1ZEwKFaazw==} + mongodb@7.5.0: + resolution: {integrity: sha512-5FnrEDLnvp6ycUOGLNLLU33BfCx2qmp2mJjGPDwKLruYsVzXVSK5fsGpoDXvsXJwBfBsD7ebMRdawbDxC2814g==} engines: {node: '>=20.19.0'} peerDependencies: '@aws-sdk/credential-providers': ^3.806.0 '@mongodb-js/zstd': ^7.0.0 gcp-metadata: ^7.0.1 kerberos: ^7.0.0 - mongodb-client-encryption: '>=7.0.0 <7.1.0' + mongodb-client-encryption: ^7.2.0 snappy: ^7.3.2 socks: ^2.8.6 peerDependenciesMeta: @@ -4575,9 +4520,9 @@ packages: engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} hasBin: true - nanoid@5.1.16: - resolution: {integrity: sha512-kVrnsrJqMR8+oLJnGEmSWw9BivK5mt7H3FZatVRjrc5wGqFYuBxX1yG7+A7Gi5AefkX6t/oCkizcQgpu0cY1dQ==} - engines: {node: ^18 || >=20} + nanoid@6.0.0: + resolution: {integrity: sha512-mkUH+rPkwU2qPadJ0oJZOjeZ5Mxn8Q1UhevwkTRWNuUZzyia3h4rhzK39hxaHTk0o2OxB8W2SQ6A8k23ZDi1pQ==} + engines: {node: ^22 || ^24 || >=26} hasBin: true nanostores@1.3.0: @@ -5243,9 +5188,6 @@ packages: resolution: {integrity: sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==} engines: {node: '>=0.10.0'} - strnum@2.3.0: - resolution: {integrity: sha512-ums3KNd42PGyx5xaoVTO1mjU1bH3NpY4vsrVlnv9PNGqQj8wd7rJ6nEypLrJ7z5vxK5RP0yMLo6J/Gsm62DI5Q==} - strnum@2.4.1: resolution: {integrity: sha512-M9eUSMT2dCB2cTNPG7UYj6KuK7RJR2SN2+yCV/fTW3xzTCS6EaGZ5pSMgDIjB7r8zSfTGk+dvvn9rTjpVS9Mwg==} @@ -6299,19 +6241,19 @@ snapshots: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 - '@better-auth/mongo-adapter@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(mongodb@7.4.0)': + '@better-auth/mongo-adapter@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(mongodb@7.5.0)': dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 optionalDependencies: - mongodb: 7.4.0 + mongodb: 7.5.0 - '@better-auth/oauth-provider@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': + '@better-auth/oauth-provider@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 '@better-fetch/fetch': 1.3.1 - better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) better-call: 1.3.7(zod@4.4.3) jose: 6.2.3 zod: 4.4.3 @@ -6321,20 +6263,20 @@ snapshots: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 - '@better-auth/scim@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': + '@better-auth/scim@1.7.0-rc.1(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 - better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) better-call: 1.3.7(zod@4.4.3) zod: 4.4.3 - '@better-auth/sso@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': + '@better-auth/sso@1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3))': dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/utils': 0.4.2 '@better-fetch/fetch': 1.3.1 - better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) better-call: 1.3.7(zod@4.4.3) fast-xml-parser: 5.9.3 jose: 6.2.3 @@ -6895,13 +6837,13 @@ snapshots: '@tailwindcss/oxide': 4.3.0 tailwindcss: 4.3.0 - '@hono/node-server@1.19.14(hono@4.12.27)': + '@hono/node-server@1.19.14(hono@4.12.28)': dependencies: - hono: 4.12.27 + hono: 4.12.28 - '@hono/node-server@2.0.8(hono@4.12.28)': + '@hono/node-server@2.0.8(hono@4.12.30)': dependencies: - hono: 4.12.28 + hono: 4.12.30 '@img/colour@1.1.0': {} @@ -7071,7 +7013,7 @@ snapshots: globby: 11.1.0 read-yaml-file: 1.1.0 - '@marcbachmann/cel-js@7.6.1': {} + '@marcbachmann/cel-js@8.0.0': {} '@mdx-js/mdx@3.1.1': dependencies: @@ -7105,7 +7047,7 @@ snapshots: '@modelcontextprotocol/sdk@1.29.0(zod@4.4.3)': dependencies: - '@hono/node-server': 1.19.14(hono@4.12.27) + '@hono/node-server': 1.19.14(hono@4.12.28) ajv: 8.20.0 ajv-formats: 3.0.1(ajv@8.20.0) content-type: 1.0.5 @@ -7115,7 +7057,7 @@ snapshots: eventsource-parser: 3.1.0 express: 5.2.1 express-rate-limit: 8.5.2(express@5.2.1) - hono: 4.12.27 + hono: 4.12.28 jose: 6.2.3 json-schema-typed: 8.0.2 pkce-challenge: 5.0.1 @@ -7167,8 +7109,6 @@ snapshots: '@noble/hashes@2.2.0': {} - '@nodable/entities@2.1.0': {} - '@nodable/entities@2.2.0': {} '@node-minify/core@8.0.6': @@ -7198,62 +7138,62 @@ snapshots: '@nodelib/fs.scandir': 2.1.5 fastq: 1.20.1 - '@objectstack/account@12.4.0': + '@objectstack/account@14.7.0': dependencies: - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/cli@12.4.0(@aws-sdk/client-s3@3.984.0)(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': - dependencies: - '@objectstack/account': 12.4.0 - '@objectstack/client': 12.4.0 - '@objectstack/cloud-connection': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/console': 12.4.0 - '@objectstack/core': 12.4.0 - '@objectstack/driver-memory': 12.4.0 - '@objectstack/driver-mongodb': 12.5.0 - '@objectstack/driver-sql': 12.4.0(pg@8.22.0) - '@objectstack/driver-sqlite-wasm': 12.5.0(better-sqlite3@12.11.1)(pg@8.22.0) - '@objectstack/formula': 12.4.0 - '@objectstack/lint': 12.4.0 - '@objectstack/mcp': 12.4.0 - '@objectstack/objectql': 12.4.0 - '@objectstack/observability': 12.5.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/plugin-approvals': 12.4.0 - '@objectstack/plugin-audit': 12.4.0 - '@objectstack/plugin-auth': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/plugin-email': 12.4.0 - '@objectstack/plugin-hono-server': 12.4.0 - '@objectstack/plugin-org-scoping': 12.4.0 - '@objectstack/plugin-reports': 12.4.0 - '@objectstack/plugin-security': 12.4.0 - '@objectstack/plugin-sharing': 12.4.0 - '@objectstack/plugin-webhooks': 12.4.0 - '@objectstack/rest': 12.4.0 - '@objectstack/runtime': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/service-analytics': 12.4.0 - '@objectstack/service-automation': 12.4.0 - '@objectstack/service-cache': 12.4.0 - '@objectstack/service-datasource': 12.4.0 - '@objectstack/service-job': 12.4.0 - '@objectstack/service-messaging': 12.4.0 - '@objectstack/service-package': 12.4.0 - '@objectstack/service-queue': 12.4.0 - '@objectstack/service-realtime': 12.4.0 - '@objectstack/service-settings': 12.4.0 - '@objectstack/service-storage': 12.4.0(@aws-sdk/client-s3@3.984.0) - '@objectstack/setup': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/studio': 12.4.0 - '@objectstack/trigger-api': 12.4.0 - '@objectstack/trigger-record-change': 12.4.0 - '@objectstack/trigger-schedule': 12.4.0 - '@objectstack/types': 12.4.0 - '@objectstack/verify': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/cli@14.7.0(@aws-sdk/client-s3@3.984.0)(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@objectstack/account': 14.7.0 + '@objectstack/client': 14.7.0 + '@objectstack/cloud-connection': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/console': 14.7.0 + '@objectstack/core': 14.7.0 + '@objectstack/driver-memory': 14.7.0 + '@objectstack/driver-mongodb': 14.7.0 + '@objectstack/driver-sql': 14.7.0(pg@8.22.0) + '@objectstack/driver-sqlite-wasm': 14.7.0(better-sqlite3@12.11.1)(pg@8.22.0) + '@objectstack/formula': 14.7.0 + '@objectstack/lint': 14.7.0 + '@objectstack/mcp': 14.7.0 + '@objectstack/metadata': 14.7.0 + '@objectstack/objectql': 14.7.0 + '@objectstack/observability': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/plugin-approvals': 14.7.0 + '@objectstack/plugin-audit': 14.7.0 + '@objectstack/plugin-auth': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/plugin-email': 14.7.0 + '@objectstack/plugin-hono-server': 14.7.0 + '@objectstack/plugin-reports': 14.7.0 + '@objectstack/plugin-security': 14.7.0 + '@objectstack/plugin-sharing': 14.7.0 + '@objectstack/plugin-webhooks': 14.7.0 + '@objectstack/rest': 14.7.0 + '@objectstack/runtime': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/service-analytics': 14.7.0 + '@objectstack/service-automation': 14.7.0 + '@objectstack/service-cache': 14.7.0 + '@objectstack/service-datasource': 14.7.0 + '@objectstack/service-job': 14.7.0 + '@objectstack/service-messaging': 14.7.0 + '@objectstack/service-package': 14.7.0 + '@objectstack/service-queue': 14.7.0 + '@objectstack/service-realtime': 14.7.0 + '@objectstack/service-settings': 14.7.0 + '@objectstack/service-sms': 14.7.0 + '@objectstack/service-storage': 14.7.0(@aws-sdk/client-s3@3.984.0) + '@objectstack/setup': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/trigger-api': 14.7.0 + '@objectstack/trigger-record-change': 14.7.0 + '@objectstack/trigger-schedule': 14.7.0 + '@objectstack/types': 14.7.0 + '@objectstack/verify': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) '@oclif/core': 4.11.14 bundle-require: 5.1.0(esbuild@0.28.1) chalk: 5.6.2 @@ -7285,7 +7225,6 @@ snapshots: - drizzle-kit - drizzle-orm - gcp-metadata - - jose - kerberos - kysely - mariadb @@ -7311,19 +7250,19 @@ snapshots: - vitest - vue - '@objectstack/client@12.4.0': + '@objectstack/client@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/cloud-connection@12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + '@objectstack/cloud-connection@14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/runtime': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/runtime': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@better-auth/utils' @@ -7342,7 +7281,6 @@ snapshots: - drizzle-kit - drizzle-orm - gcp-metadata - - jose - kerberos - kysely - mariadb @@ -7368,53 +7306,29 @@ snapshots: - vitest - vue - '@objectstack/console@12.4.0': {} - - '@objectstack/core@12.4.0': - dependencies: - '@objectstack/spec': 12.4.0 - zod: 4.4.3 - transitivePeerDependencies: - - ai + '@objectstack/console@14.7.0': {} - '@objectstack/core@12.5.0': + '@objectstack/core@14.7.0': dependencies: - '@objectstack/spec': 12.5.0 + '@objectstack/spec': 14.7.0 zod: 4.4.3 transitivePeerDependencies: - ai - '@objectstack/driver-memory@12.4.0': + '@objectstack/driver-memory@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 mingo: 7.2.2 transitivePeerDependencies: - ai - '@objectstack/driver-mongodb@12.4.0': - dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 - mongodb: 7.4.0 - nanoid: 5.1.16 - transitivePeerDependencies: - - '@aws-sdk/credential-providers' - - '@mongodb-js/zstd' - - ai - - gcp-metadata - - kerberos - - mongodb-client-encryption - - snappy - - socks - optional: true - - '@objectstack/driver-mongodb@12.5.0': + '@objectstack/driver-mongodb@14.7.0': dependencies: - '@objectstack/core': 12.5.0 - '@objectstack/spec': 12.5.0 - mongodb: 7.4.0 - nanoid: 5.1.16 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 + mongodb: 7.5.0 + nanoid: 6.0.0 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@mongodb-js/zstd' @@ -7425,31 +7339,13 @@ snapshots: - snappy - socks - '@objectstack/driver-sql@12.4.0(pg@8.22.0)': - dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 - knex: 3.3.0(better-sqlite3@12.11.1)(pg@8.22.0) - nanoid: 5.1.16 - optionalDependencies: - better-sqlite3: 12.11.1 - pg: 8.22.0 - transitivePeerDependencies: - - ai - - mariadb - - mysql - - pg-native - - pg-query-stream - - supports-color - - '@objectstack/driver-sql@12.5.0(pg@8.22.0)': + '@objectstack/driver-sql@14.7.0(pg@8.22.0)': dependencies: - '@objectstack/core': 12.5.0 - '@objectstack/spec': 12.5.0 - '@objectstack/types': 12.5.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 knex: 3.3.0(better-sqlite3@12.11.1)(pg@8.22.0) - nanoid: 5.1.16 + nanoid: 6.0.0 optionalDependencies: better-sqlite3: 12.11.1 pg: 8.22.0 @@ -7461,34 +7357,13 @@ snapshots: - pg-query-stream - supports-color - '@objectstack/driver-sqlite-wasm@12.4.0(better-sqlite3@12.11.1)(pg@8.22.0)': - dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/driver-sql': 12.4.0(pg@8.22.0) - '@objectstack/spec': 12.4.0 - knex: 3.3.0(better-sqlite3@12.11.1)(pg@8.22.0) - nanoid: 5.1.16 - sql.js: 1.14.1 - transitivePeerDependencies: - - ai - - better-sqlite3 - - mariadb - - mysql - - mysql2 - - pg - - pg-native - - pg-query-stream - - sqlite3 - - supports-color - - tedious - - '@objectstack/driver-sqlite-wasm@12.5.0(better-sqlite3@12.11.1)(pg@8.22.0)': + '@objectstack/driver-sqlite-wasm@14.7.0(better-sqlite3@12.11.1)(pg@8.22.0)': dependencies: - '@objectstack/core': 12.5.0 - '@objectstack/driver-sql': 12.5.0(pg@8.22.0) - '@objectstack/spec': 12.5.0 + '@objectstack/core': 14.7.0 + '@objectstack/driver-sql': 14.7.0(pg@8.22.0) + '@objectstack/spec': 14.7.0 knex: 3.3.0(better-sqlite3@12.11.1)(pg@8.22.0) - nanoid: 5.1.16 + nanoid: 6.0.0 sql.js: 1.14.1 transitivePeerDependencies: - ai @@ -7503,70 +7378,70 @@ snapshots: - supports-color - tedious - '@objectstack/formula@12.4.0': + '@objectstack/formula@14.7.0': dependencies: - '@marcbachmann/cel-js': 7.6.1 - '@objectstack/spec': 12.4.0 + '@marcbachmann/cel-js': 8.0.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/lint@12.4.0': + '@objectstack/lint@14.7.0': dependencies: - '@objectstack/formula': 12.4.0 - '@objectstack/sdui-parser': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/formula': 14.7.0 + '@objectstack/sdui-parser': 14.7.0 + '@objectstack/spec': 14.7.0 sucrase: 3.35.1 typescript: 6.0.3 transitivePeerDependencies: - ai - '@objectstack/mcp@12.4.0': + '@objectstack/mcp@14.7.0': dependencies: '@modelcontextprotocol/sdk': 1.29.0(zod@4.4.3) - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 zod: 4.4.3 transitivePeerDependencies: - '@cfworker/json-schema' - ai - supports-color - '@objectstack/metadata-core@12.4.0': + '@objectstack/metadata-core@14.7.0': dependencies: - '@objectstack/spec': 12.4.0 + '@objectstack/spec': 14.7.0 zod: 4.4.3 transitivePeerDependencies: - ai - '@objectstack/metadata-fs@12.4.0': + '@objectstack/metadata-fs@14.7.0': dependencies: - '@objectstack/metadata-core': 12.4.0 + '@objectstack/metadata-core': 14.7.0 chokidar: 5.0.0 transitivePeerDependencies: - ai - vitest - '@objectstack/metadata-protocol@12.4.0': + '@objectstack/metadata-protocol@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/metadata-core': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/metadata-core': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 zod: 4.4.3 transitivePeerDependencies: - ai - vitest - '@objectstack/metadata@12.4.0': + '@objectstack/metadata@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/metadata-core': 12.4.0 - '@objectstack/metadata-fs': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/metadata-core': 14.7.0 + '@objectstack/metadata-fs': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 chokidar: 5.0.0 glob: 13.0.6 js-yaml: 5.2.1 @@ -7575,72 +7450,68 @@ snapshots: - ai - vitest - '@objectstack/objectql@12.4.0': + '@objectstack/objectql@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/metadata-core': 12.4.0 - '@objectstack/metadata-protocol': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/metadata-core': 14.7.0 + '@objectstack/metadata-protocol': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 ajv: 8.20.0 zod: 4.4.3 transitivePeerDependencies: - ai - vitest - '@objectstack/observability@12.4.0': + '@objectstack/observability@14.7.0': dependencies: - '@objectstack/spec': 12.4.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/observability@12.5.0': + '@objectstack/platform-objects@14.7.0': dependencies: - '@objectstack/spec': 12.5.0 - transitivePeerDependencies: - - ai - - '@objectstack/platform-objects@12.4.0': - dependencies: - '@objectstack/metadata-core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/metadata-core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-approvals@12.4.0': + '@objectstack/plugin-approvals@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/metadata-core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/metadata-core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-audit@12.4.0': + '@objectstack/plugin-audit@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-auth@12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + '@objectstack/plugin-auth@14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) - '@better-auth/oauth-provider': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) - '@better-auth/scim': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) - '@better-auth/sso': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) + '@better-auth/oauth-provider': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) + '@better-auth/scim': 1.7.0-rc.1(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) + '@better-auth/sso': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(better-call@1.3.7(zod@4.4.3)) '@noble/hashes': 2.2.0 - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 - better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/rest': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 + better-auth: 1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + jose: 6.2.3 transitivePeerDependencies: - '@better-auth/utils' - '@better-fetch/fetch' @@ -7656,7 +7527,6 @@ snapshots: - better-sqlite3 - drizzle-kit - drizzle-orm - - jose - kysely - mongodb - mysql2 @@ -7671,110 +7541,101 @@ snapshots: - vitest - vue - '@objectstack/plugin-email@12.4.0': + '@objectstack/plugin-email@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-hono-server@12.4.0': - dependencies: - '@hono/node-server': 2.0.8(hono@4.12.28) - '@objectstack/core': 12.4.0 - '@objectstack/observability': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 - hono: 4.12.28 - transitivePeerDependencies: - - ai - - '@objectstack/plugin-org-scoping@12.4.0': + '@objectstack/plugin-hono-server@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@hono/node-server': 2.0.8(hono@4.12.30) + '@objectstack/core': 14.7.0 + '@objectstack/observability': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 + hono: 4.12.30 transitivePeerDependencies: - ai - - vitest - '@objectstack/plugin-reports@12.4.0': + '@objectstack/plugin-reports@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 croner: 10.0.1 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-security@12.4.0': + '@objectstack/plugin-security@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-sharing@12.4.0': + '@objectstack/plugin-sharing@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/objectql': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/objectql': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/plugin-webhooks@12.4.0': + '@objectstack/plugin-webhooks@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/service-messaging': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/service-messaging': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/rest@12.4.0': + '@objectstack/rest@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/service-package': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/service-package': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 exceljs: 4.4.0 zod: 4.4.3 transitivePeerDependencies: - ai - vitest - '@objectstack/runtime@12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': - dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/driver-memory': 12.4.0 - '@objectstack/driver-sql': 12.4.0(pg@8.22.0) - '@objectstack/driver-sqlite-wasm': 12.4.0(better-sqlite3@12.11.1)(pg@8.22.0) - '@objectstack/formula': 12.4.0 - '@objectstack/metadata': 12.4.0 - '@objectstack/objectql': 12.4.0 - '@objectstack/observability': 12.4.0 - '@objectstack/plugin-auth': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/plugin-org-scoping': 12.4.0 - '@objectstack/plugin-security': 12.4.0 - '@objectstack/rest': 12.4.0 - '@objectstack/service-cluster': 12.4.0 - '@objectstack/service-datasource': 12.4.0 - '@objectstack/service-i18n': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/runtime@14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@objectstack/core': 14.7.0 + '@objectstack/driver-memory': 14.7.0 + '@objectstack/driver-sql': 14.7.0(pg@8.22.0) + '@objectstack/driver-sqlite-wasm': 14.7.0(better-sqlite3@12.11.1)(pg@8.22.0) + '@objectstack/formula': 14.7.0 + '@objectstack/metadata': 14.7.0 + '@objectstack/objectql': 14.7.0 + '@objectstack/observability': 14.7.0 + '@objectstack/plugin-auth': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/plugin-security': 14.7.0 + '@objectstack/rest': 14.7.0 + '@objectstack/service-cluster': 14.7.0 + '@objectstack/service-datasource': 14.7.0 + '@objectstack/service-i18n': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 quickjs-emscripten: 0.32.0 zod: 4.4.3 optionalDependencies: - '@objectstack/driver-mongodb': 12.4.0 + '@objectstack/driver-mongodb': 14.7.0 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@better-auth/utils' @@ -7793,7 +7654,6 @@ snapshots: - drizzle-kit - drizzle-orm - gcp-metadata - - jose - kerberos - kysely - mariadb @@ -7819,191 +7679,179 @@ snapshots: - vitest - vue - '@objectstack/sdui-parser@12.4.0': {} + '@objectstack/sdui-parser@14.7.0': {} - '@objectstack/service-analytics@12.4.0': + '@objectstack/service-analytics@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-automation@12.4.0': + '@objectstack/service-automation@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/formula': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/formula': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-cache@12.4.0': + '@objectstack/service-cache@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/observability': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/observability': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-cluster@12.4.0': + '@objectstack/service-cluster@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-datasource@12.4.0': + '@objectstack/service-datasource@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-i18n@12.4.0': + '@objectstack/service-i18n@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-job@12.4.0': + '@objectstack/service-job@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 croner: 10.0.1 transitivePeerDependencies: - ai - vitest - '@objectstack/service-messaging@12.4.0': + '@objectstack/service-messaging@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-package@12.4.0': + '@objectstack/service-package@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/service-queue@12.4.0': + '@objectstack/service-queue@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/service-realtime@12.4.0': + '@objectstack/service-realtime@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/service-settings@12.4.0': + '@objectstack/service-settings@14.7.0': dependencies: '@noble/ciphers': 2.2.0 - '@objectstack/core': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 - '@objectstack/types': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 + '@objectstack/types': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/service-storage@12.4.0(@aws-sdk/client-s3@3.984.0)': + '@objectstack/service-sms@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/observability': 12.4.0 - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 - optionalDependencies: - '@aws-sdk/client-s3': 3.984.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - - vitest - '@objectstack/setup@12.4.0': + '@objectstack/service-storage@14.7.0(@aws-sdk/client-s3@3.984.0)': dependencies: - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/observability': 14.7.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 + optionalDependencies: + '@aws-sdk/client-s3': 3.984.0 transitivePeerDependencies: - ai - vitest - '@objectstack/spec@12.4.0': + '@objectstack/setup@14.7.0': dependencies: - zod: 4.4.3 - - '@objectstack/spec@12.5.0': - dependencies: - zod: 4.4.3 - - '@objectstack/studio@12.4.0': - dependencies: - '@objectstack/platform-objects': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/platform-objects': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - vitest - '@objectstack/trigger-api@12.4.0': + '@objectstack/spec@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 - transitivePeerDependencies: - - ai + zod: 4.4.3 - '@objectstack/trigger-record-change@12.4.0': + '@objectstack/trigger-api@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/trigger-schedule@12.4.0': + '@objectstack/trigger-record-change@14.7.0': dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/types@12.4.0': + '@objectstack/trigger-schedule@14.7.0': dependencies: - '@objectstack/spec': 12.4.0 + '@objectstack/core': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/types@12.5.0': + '@objectstack/types@14.7.0': dependencies: - '@objectstack/spec': 12.5.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - ai - '@objectstack/verify@12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': - dependencies: - '@objectstack/core': 12.4.0 - '@objectstack/driver-sqlite-wasm': 12.4.0(better-sqlite3@12.11.1)(pg@8.22.0) - '@objectstack/objectql': 12.4.0 - '@objectstack/plugin-auth': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/plugin-hono-server': 12.4.0 - '@objectstack/plugin-org-scoping': 12.4.0 - '@objectstack/plugin-security': 12.4.0 - '@objectstack/plugin-sharing': 12.4.0 - '@objectstack/rest': 12.4.0 - '@objectstack/runtime': 12.4.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(jose@6.2.3)(kysely@0.29.2)(mongodb@7.4.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) - '@objectstack/service-analytics': 12.4.0 - '@objectstack/service-automation': 12.4.0 - '@objectstack/service-datasource': 12.4.0 - '@objectstack/service-settings': 12.4.0 - '@objectstack/spec': 12.4.0 + '@objectstack/verify@14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@objectstack/core': 14.7.0 + '@objectstack/driver-sqlite-wasm': 14.7.0(better-sqlite3@12.11.1)(pg@8.22.0) + '@objectstack/objectql': 14.7.0 + '@objectstack/plugin-auth': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/plugin-hono-server': 14.7.0 + '@objectstack/plugin-security': 14.7.0 + '@objectstack/plugin-sharing': 14.7.0 + '@objectstack/rest': 14.7.0 + '@objectstack/runtime': 14.7.0(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(better-sqlite3@12.11.1)(kysely@0.29.2)(mongodb@7.5.0)(nanostores@1.3.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@objectstack/service-analytics': 14.7.0 + '@objectstack/service-automation': 14.7.0 + '@objectstack/service-datasource': 14.7.0 + '@objectstack/service-settings': 14.7.0 + '@objectstack/spec': 14.7.0 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@better-auth/utils' @@ -8022,7 +7870,6 @@ snapshots: - drizzle-kit - drizzle-orm - gcp-metadata - - jose - kerberos - kysely - mariadb @@ -9092,13 +8939,13 @@ snapshots: baseline-browser-mapping@2.10.32: {} - better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.4.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6): + better-auth@1.6.23(@opentelemetry/api@1.9.1)(better-sqlite3@12.11.1)(mongodb@7.5.0)(next@16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6))(pg@8.22.0)(react-dom@19.2.6(react@19.2.6))(react@19.2.6): dependencies: '@better-auth/core': 1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0) '@better-auth/drizzle-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2) '@better-auth/kysely-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(kysely@0.29.2) '@better-auth/memory-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2) - '@better-auth/mongo-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(mongodb@7.4.0) + '@better-auth/mongo-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(mongodb@7.5.0) '@better-auth/prisma-adapter': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2) '@better-auth/telemetry': 1.6.23(@better-auth/core@1.6.23(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1)(@opentelemetry/api@1.9.1)(better-call@1.3.7(zod@4.4.3))(jose@6.2.3)(kysely@0.29.2)(nanostores@1.3.0))(@better-auth/utils@0.4.2)(@better-fetch/fetch@1.3.1) '@better-auth/utils': 0.4.2 @@ -9113,7 +8960,7 @@ snapshots: zod: 4.4.3 optionalDependencies: better-sqlite3: 12.11.1 - mongodb: 7.4.0 + mongodb: 7.5.0 next: 16.2.6(@opentelemetry/api@1.9.1)(react-dom@19.2.6(react@19.2.6))(react@19.2.6) pg: 8.22.0 react: 19.2.6 @@ -9767,10 +9614,10 @@ snapshots: fast-xml-parser@5.7.3: dependencies: - '@nodable/entities': 2.1.0 + '@nodable/entities': 2.2.0 fast-xml-builder: 1.2.0 path-expression-matcher: 1.5.0 - strnum: 2.3.0 + strnum: 2.4.1 fast-xml-parser@5.9.3: dependencies: @@ -9989,7 +9836,7 @@ snapshots: get-proto: 1.0.1 gopd: 1.2.0 has-symbols: 1.1.0 - hasown: 2.0.3 + hasown: 2.0.4 math-intrinsics: 1.1.0 get-nonce@1.0.1: {} @@ -10186,10 +10033,10 @@ snapshots: property-information: 7.1.0 space-separated-tokens: 2.0.2 - hono@4.12.27: {} - hono@4.12.28: {} + hono@4.12.30: {} + html-void-elements@3.0.0: {} http-errors@2.0.1: @@ -10992,7 +10839,7 @@ snapshots: '@types/whatwg-url': 13.0.0 whatwg-url: 14.2.0 - mongodb@7.4.0: + mongodb@7.5.0: dependencies: '@mongodb-js/saslprep': 1.4.11 bson: 7.2.0 @@ -11026,7 +10873,7 @@ snapshots: nanoid@3.3.12: {} - nanoid@5.1.16: {} + nanoid@6.0.0: {} nanostores@1.3.0: {} @@ -11776,8 +11623,6 @@ snapshots: strip-json-comments@2.0.1: optional: true - strnum@2.3.0: {} - strnum@2.4.1: dependencies: anynum: 1.0.1