fix: resolve CI test failures in spec and objectql packages

content/docs/references/api/auth-endpoints.mdx

@@ -24,8 +24,8 @@ the canonical API contract.
 ## TypeScript Usage
 
 ```typescript
-import { AuthEndpoint } from '@objectstack/spec/api';
-import type { AuthEndpoint } from '@objectstack/spec/api';
+import { AuthEndpoint, AuthFeaturesConfig, AuthProviderInfo, EmailPasswordConfigPublic, GetAuthConfigResponse } from '@objectstack/spec/api';
+import type { AuthEndpoint, AuthFeaturesConfig, AuthProviderInfo, EmailPasswordConfigPublic, GetAuthConfigResponse } from '@objectstack/spec/api';
 
 // Validate data
 const result = AuthEndpoint.parse(data);
@@ -51,3 +51,56 @@ const result = AuthEndpoint.parse(data);
 
 ---
 
+## AuthFeaturesConfig
+
+### Properties
+
+| Property | Type | Required | Description |
+| :--- | :--- | :--- | :--- |
+| **twoFactor** | `boolean` | ✅ | Two-factor authentication enabled |
+| **passkeys** | `boolean` | ✅ | Passkey/WebAuthn support enabled |
+| **magicLink** | `boolean` | ✅ | Magic link login enabled |
+| **organization** | `boolean` | ✅ | Multi-tenant organization support enabled |
+
+
+---
+
+## AuthProviderInfo
+
+### Properties
+
+| Property | Type | Required | Description |
+| :--- | :--- | :--- | :--- |
+| **id** | `string` | ✅ | Provider ID (e.g., google, github, microsoft) |
+| **name** | `string` | ✅ | Display name (e.g., Google, GitHub) |
+| **enabled** | `boolean` | ✅ | Whether this provider is enabled |
+
+
+---
+
+## EmailPasswordConfigPublic
+
+### Properties
+
+| Property | Type | Required | Description |
+| :--- | :--- | :--- | :--- |
+| **enabled** | `boolean` | ✅ | Whether email/password auth is enabled |
+| **disableSignUp** | `boolean` | optional | Whether new user registration is disabled |
+| **requireEmailVerification** | `boolean` | optional | Whether email verification is required |
+
+
+---
+
+## GetAuthConfigResponse
+
+### Properties
+
+| Property | Type | Required | Description |
+| :--- | :--- | :--- | :--- |
+| **emailPassword** | `Object` | ✅ | Email/password authentication config |
+| **socialProviders** | `Object[]` | ✅ | Available social/OAuth providers |
+| **features** | `Object` | ✅ | Enabled authentication features |
+
+
+---
+

content/docs/references/kernel/manifest.mdx

@@ -61,6 +61,7 @@ const result = Manifest.parse(data);
 | :--- | :--- | :--- | :--- |
 | **id** | `string` | ✅ | Unique package identifier (reverse domain style) |
 | **namespace** | `string` | optional | Short namespace identifier for metadata scoping (e.g. "crm", "todo") |
+| **defaultDatasource** | `string` | ✅ | Default datasource for all objects in this package |
 | **version** | `string` | ✅ | Package version (semantic versioning) |
 | **type** | `Enum<'plugin' \| 'ui' \| 'driver' \| 'server' \| 'app' \| 'theme' \| 'agent' \| 'objectql' \| 'module' \| 'gateway' \| 'adapter'>` | ✅ | Type of package |
 | **name** | `string` | ✅ | Human-readable package name |

packages/objectql/src/datasource-mapping.test.ts

@@ -35,7 +35,7 @@ describe('DatasourceMapping', () => {
 
   beforeEach(() => {
     engine = new ObjectQL();
-    SchemaRegistry.clear();
+    SchemaRegistry.reset();
   });
 
   it('should route objects by namespace', async () => {
@@ -62,7 +62,7 @@ describe('DatasourceMapping', () => {
     );
 
     // Test that it uses memory driver
-    const result = await engine.create('account', { name: 'Test Account' });
+    const result = await engine.insert('account', { name: 'Test Account' });
     expect(result).toBeDefined();
     expect(result.name).toBe('Test Account');
   });
@@ -91,7 +91,7 @@ describe('DatasourceMapping', () => {
       'own'
     );
 
-    const result = await engine.create('sys_user', { username: 'admin' });
+    const result = await engine.insert('sys_user', { username: 'admin' });
     expect(result).toBeDefined();
   });
 
@@ -119,7 +119,7 @@ describe('DatasourceMapping', () => {
     );
 
     // Should use turso (priority 50) not memory (priority 100)
-    const result = await engine.create('account', { name: 'Test' });
+    const result = await engine.insert('account', { name: 'Test' });
     expect(result).toBeDefined();
   });
 
@@ -147,7 +147,7 @@ describe('DatasourceMapping', () => {
     );
 
     // Should use memory (default)
-    const result = await engine.create('task', { title: 'Do something' });
+    const result = await engine.insert('task', { title: 'Do something' });
     expect(result).toBeDefined();
   });
 
@@ -175,7 +175,7 @@ describe('DatasourceMapping', () => {
     );
 
     // Should use turso (explicit) not memory (mapping)
-    const result = await engine.create('account', { name: 'Test' });
+    const result = await engine.insert('account', { name: 'Test' });
     expect(result).toBeDefined();
   });
 });

packages/objectql/src/engine.test.ts

@@ -6,15 +6,26 @@ import type { IDataDriver } from '@objectstack/spec/contracts';
 // Mock the SchemaRegistry to avoid side effects between tests
 vi.mock('./registry', () => {
   const mockObjects = new Map();
+  const mockContributors = new Map();
   return {
     SchemaRegistry: {
       getObject: vi.fn((name) => mockObjects.get(name)),
       resolveObject: vi.fn((name) => mockObjects.get(name)),
       registerObject: vi.fn((obj, packageId, namespace, ownership, priority) => {
         const fqn = namespace ? `${namespace}__${obj.name}` : obj.name;
         mockObjects.set(fqn, { ...obj, name: fqn });
+        // Also track contributors for getObjectOwner
+        if (!mockContributors.has(fqn)) {
+          mockContributors.set(fqn, []);
+        }
+        const contributors = mockContributors.get(fqn);
+        contributors.push({ packageId, namespace, ownership, priority, definition: obj });
         return fqn;
       }),
+      getObjectOwner: vi.fn((fqn) => {
+        const contributors = mockContributors.get(fqn);
+        return contributors?.find(c => c.ownership === 'own');
+      }),
       registerNamespace: vi.fn(),
       registerKind: vi.fn(),
       registerItem: vi.fn(),
@@ -25,7 +36,10 @@ vi.mock('./registry', () => {
         enabled: true,
         installedAt: new Date().toISOString(),
       })),
-      reset: vi.fn(() => mockObjects.clear()),
+      reset: vi.fn(() => {
+        mockObjects.clear();
+        mockContributors.clear();
+      }),
       metadata: {
         get: vi.fn(() => mockObjects) // Expose for verification if needed
       }

packages/objectql/src/engine.ts

@@ -618,7 +618,9 @@ export class ObjectQL implements IDataEngine {
     }
 
     // 3. Check package's defaultDatasource
-    const owner = SchemaRegistry.getObjectOwner(objectName);
+    // Use the object's FQN name (from getObject) for ownership lookup
+    const fqn = object?.name || objectName;
+    const owner = SchemaRegistry.getObjectOwner(fqn);
     if (owner?.packageId) {
       const manifest = this.manifests.get(owner.packageId);
       if (manifest?.defaultDatasource && manifest.defaultDatasource !== 'default') {

packages/spec/src/stack.test.ts

@@ -430,8 +430,12 @@ describe('defineStack', () => {
     const result = defineStack(config);
     // Default is now strict=true, so result is validated and is a different object reference
     expect(result).not.toBe(config);  // Validation creates new object
-    expect(result).toEqual(config);   // But content is the same
+    // Validation may add defaults like defaultDatasource
     expect(result.manifest).toBeDefined();
+    expect(result.manifest.id).toBe(baseManifest.id);
+    expect(result.manifest.name).toBe(baseManifest.name);
+    expect(result.manifest.version).toBe(baseManifest.version);
+    expect(result.manifest.type).toBe(baseManifest.type);
   });
 
   it('should return config as-is when strict is false', () => {