@agent-native/core 0.23.0 → 0.24.1

package/dist/extensions/schema.js

@@ -15,7 +15,7 @@
  * renamed to `extensions`/`extension*`; the DB-side names stay so existing
  * deployed rows remain readable.
  */
-import { table, text, now } from "../db/schema.js";
+import { table, text, integer, now } from "../db/schema.js";
 import { ownableColumns, createSharesTable } from "../sharing/schema.js";
 export const extensions = table("tools", {
     id: text("id").primaryKey(),
@@ -34,6 +34,22 @@ export const extensionHides = table("tool_hidden_extensions", {
     ownerEmail: text("owner_email").notNull(),
     createdAt: text("created_at").notNull().default(now()),
 });
+export const extensionHistory = table("tool_history", {
+    id: text("id").primaryKey(),
+    extensionId: text("tool_id").notNull(),
+    version: integer("version").notNull(),
+    operation: text("operation").notNull(),
+    summary: text("summary").notNull().default(""),
+    name: text("name").notNull(),
+    description: text("description").notNull().default(""),
+    content: text("content").notNull().default(""),
+    icon: text("icon"),
+    actorEmail: text("actor_email"),
+    ownerEmail: text("owner_email").notNull().default("local@localhost"),
+    orgId: text("org_id"),
+    visibility: text("visibility").notNull().default("private"),
+    createdAt: text("created_at").notNull().default(now()),
+});
 export const EXTENSIONS_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tools (
   id TEXT PRIMARY KEY,
   name TEXT NOT NULL,
@@ -141,6 +157,42 @@ export const EXTENSION_HIDES_UNIQUE_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXIS
   ON tool_hidden_extensions (owner_email, tool_id)`;
 export const EXTENSION_HIDES_OWNER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_hidden_extensions_owner_idx
   ON tool_hidden_extensions (owner_email)`;
+export const EXTENSION_HISTORY_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_history (
+  id TEXT PRIMARY KEY,
+  tool_id TEXT NOT NULL,
+  version INTEGER NOT NULL,
+  operation TEXT NOT NULL,
+  summary TEXT NOT NULL DEFAULT '',
+  name TEXT NOT NULL,
+  description TEXT NOT NULL DEFAULT '',
+  content TEXT NOT NULL DEFAULT '',
+  icon TEXT,
+  actor_email TEXT,
+  owner_email TEXT NOT NULL DEFAULT 'local@localhost',
+  org_id TEXT,
+  visibility TEXT NOT NULL DEFAULT 'private',
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
+)`;
+export const EXTENSION_HISTORY_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_history (
+  id TEXT PRIMARY KEY,
+  tool_id TEXT NOT NULL,
+  version INTEGER NOT NULL,
+  operation TEXT NOT NULL,
+  summary TEXT NOT NULL DEFAULT '',
+  name TEXT NOT NULL,
+  description TEXT NOT NULL DEFAULT '',
+  content TEXT NOT NULL DEFAULT '',
+  icon TEXT,
+  actor_email TEXT,
+  owner_email TEXT NOT NULL DEFAULT 'local@localhost',
+  org_id TEXT,
+  visibility TEXT NOT NULL DEFAULT 'private',
+  created_at TEXT NOT NULL DEFAULT now()
+)`;
+export const EXTENSION_HISTORY_VERSION_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_history_tool_version_idx
+  ON tool_history (tool_id, version)`;
+export const EXTENSION_HISTORY_CREATED_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_history_tool_created_idx
+  ON tool_history (tool_id, created_at)`;
 // ---------------------------------------------------------------------------
 // extension_consents — vestigial, kept for additive-schema compliance
 // ---------------------------------------------------------------------------

package/dist/extensions/schema.js.map

@@ -1 +1 @@
-{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/extensions/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAEzE,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,EAAE;IACvC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE;IAC5B,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACtD,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,GAAG,cAAc,EAAE;CACpB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,eAAe,GAAG,iBAAiB,CAAC,aAAa,CAAC,CAAC;AAEhE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,CAAC,wBAAwB,EAAE;IAC5D,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE;IACzC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG;;;;;;;;;;;EAWnC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG;;;;;;;;;;;EAWtC,CAAC;AAEH,MAAM,CAAC,MAAM,2BAA2B,GAAG;;;;;;;;EAQzC,CAAC;AAEH,MAAM,CAAC,MAAM,8BAA8B,GAAG;;;;;;;;EAQ5C,CAAC;AAEH,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,CAAC,WAAW,EAAE;IAC9C,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE;IACxC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC;IACvB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE;IAC5B,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACpE,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;IAC9C,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC;IACrB,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IAChE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,yBAAyB,GAAG;;;;;;;;;;;;EAYvC,CAAC;AAEH,MAAM,CAAC,MAAM,4BAA4B,GAAG;;;;;;;;;;;;EAY1C,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;yDACY,CAAC;AAE1D,MAAM,CAAC,MAAM,gCAAgC,GAAG;yDACS,CAAC;AAE1D,MAAM,CAAC,MAAM,iCAAiC,GAAG,+CAA+C,CAAC;AACjG,MAAM,CAAC,MAAM,oCAAoC,GAAG,+CAA+C,CAAC;AAEpG,MAAM,CAAC,MAAM,0BAA0B,GAAG,mEAAmE,CAAC;AAC9G,MAAM,CAAC,MAAM,wBAAwB,GAAG,4DAA4D,CAAC;AACrG,MAAM,CAAC,MAAM,4BAA4B,GAAG,uEAAuE,CAAC;AACpH,MAAM,CAAC,MAAM,mCAAmC,GAAG,kFAAkF,CAAC;AAEtI,MAAM,CAAC,MAAM,0BAA0B,GAAG;;;;;EAKxC,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;;;;;EAK3C,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG;mDACG,CAAC;AAEpD,MAAM,CAAC,MAAM,+BAA+B,GAAG;0CACL,CAAC;AAE3C,8EAA8E;AAC9E,sEAAsE;AACtE,8EAA8E;AAC9E,EAAE;AACF,yEAAyE;AACzE,uEAAuE;AACvE,0EAA0E;AAC1E,wEAAwE;AACxE,uEAAuE;AACvE,6EAA6E;AAC7E,mEAAmE;AAEnE,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,CAAC,eAAe,EAAE;IACtD,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE;IAC3C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE;IAC3C,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;;;;;;EAM3C,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG;;;;;;EAM9C,CAAC;AAEH,MAAM,CAAC,MAAM,mCAAmC,GAAG,8FAA8F,CAAC","sourcesContent":["/**\n * Drizzle schema for the framework extensions system.\n *\n * Extensions are mini Alpine.js apps that run inside sandboxed iframes. They\n * can call external APIs via a server-side proxy that resolves `${keys.NAME}`\n * secret references. Extensions use the standard sharing model (private by\n * default, shareable with org/others).\n *\n * The tables are auto-created at server boot via `ensureTable()` in store.ts,\n * following the same pattern as `app_secrets`.\n *\n * NOTE: physical SQL table/column names stay as `tools`, `tool_data`,\n * `tool_shares`, `tool_consents`, `tool_id`, etc. — additive-only schema\n * policy means we never rename DB-level identifiers. The JS/TS surface is\n * renamed to `extensions`/`extension*`; the DB-side names stay so existing\n * deployed rows remain readable.\n */\n\nimport { table, text, now } from \"../db/schema.js\";\nimport { ownableColumns, createSharesTable } from \"../sharing/schema.js\";\n\nexport const extensions = table(\"tools\", {\n  id: text(\"id\").primaryKey(),\n  name: text(\"name\").notNull(),\n  description: text(\"description\").notNull().default(\"\"),\n  content: text(\"content\").notNull().default(\"\"),\n  icon: text(\"icon\"),\n  createdAt: text(\"created_at\").notNull().default(now()),\n  updatedAt: text(\"updated_at\").notNull().default(now()),\n  ...ownableColumns(),\n});\n\nexport const extensionShares = createSharesTable(\"tool_shares\");\n\nexport const extensionHides = table(\"tool_hidden_extensions\", {\n  id: text(\"id\").primaryKey(),\n  extensionId: text(\"tool_id\").notNull(),\n  ownerEmail: text(\"owner_email\").notNull(),\n  createdAt: text(\"created_at\").notNull().default(now()),\n});\n\nexport const EXTENSIONS_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tools (\n  id TEXT PRIMARY KEY,\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  created_at TEXT NOT NULL DEFAULT (datetime('now')),\n  updated_at TEXT NOT NULL DEFAULT (datetime('now')),\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private'\n)`;\n\nexport const EXTENSIONS_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tools (\n  id TEXT PRIMARY KEY,\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  created_at TEXT NOT NULL DEFAULT now(),\n  updated_at TEXT NOT NULL DEFAULT now(),\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private'\n)`;\n\nexport const EXTENSION_SHARES_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_shares (\n  id TEXT PRIMARY KEY,\n  resource_id TEXT NOT NULL,\n  principal_type TEXT NOT NULL,\n  principal_id TEXT NOT NULL,\n  role TEXT NOT NULL DEFAULT 'viewer',\n  created_by TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_SHARES_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_shares (\n  id TEXT PRIMARY KEY,\n  resource_id TEXT NOT NULL,\n  principal_type TEXT NOT NULL,\n  principal_id TEXT NOT NULL,\n  role TEXT NOT NULL DEFAULT 'viewer',\n  created_by TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const extensionData = table(\"tool_data\", {\n  id: text(\"id\").primaryKey(),\n  extensionId: text(\"tool_id\").notNull(),\n  collection: text(\"collection\").notNull(),\n  itemId: text(\"item_id\"),\n  data: text(\"data\").notNull(),\n  ownerEmail: text(\"owner_email\").notNull().default(\"local@localhost\"),\n  scope: text(\"scope\").notNull().default(\"user\"),\n  orgId: text(\"org_id\"),\n  scopeKey: text(\"scope_key\").notNull().default(\"local@localhost\"),\n  createdAt: text(\"created_at\").notNull().default(now()),\n  updatedAt: text(\"updated_at\").notNull().default(now()),\n});\n\nexport const EXTENSION_DATA_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_data (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  collection TEXT NOT NULL,\n  item_id TEXT,\n  data TEXT NOT NULL,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  scope TEXT NOT NULL DEFAULT 'user',\n  org_id TEXT,\n  scope_key TEXT NOT NULL DEFAULT 'local@localhost',\n  created_at TEXT NOT NULL DEFAULT (datetime('now')),\n  updated_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_DATA_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_data (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  collection TEXT NOT NULL,\n  item_id TEXT,\n  data TEXT NOT NULL,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  scope TEXT NOT NULL DEFAULT 'user',\n  org_id TEXT,\n  scope_key TEXT NOT NULL DEFAULT 'local@localhost',\n  created_at TEXT NOT NULL DEFAULT now(),\n  updated_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const EXTENSION_DATA_ITEM_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_data_scoped_item_idx\n  ON tool_data (tool_id, collection, scope_key, item_id)`;\n\nexport const EXTENSION_DATA_ITEM_INDEX_SQL_PG = `CREATE UNIQUE INDEX IF NOT EXISTS tool_data_scoped_item_idx\n  ON tool_data (tool_id, collection, scope_key, item_id)`;\n\nexport const EXTENSION_DATA_DROP_OLD_INDEX_SQL = `DROP INDEX IF EXISTS tool_data_scope_item_idx`;\nexport const EXTENSION_DATA_DROP_OLD_INDEX_SQL_PG = `DROP INDEX IF EXISTS tool_data_scope_item_idx`;\n\nexport const EXTENSIONS_OWNER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_owner_idx ON tools (owner_email)`;\nexport const EXTENSIONS_ORG_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_org_idx ON tools (org_id)`;\nexport const EXTENSIONS_UPDATED_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_updated_at_idx ON tools (updated_at)`;\nexport const EXTENSION_SHARES_RESOURCE_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_shares_resource_idx ON tool_shares (resource_id)`;\n\nexport const EXTENSION_HIDES_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_hidden_extensions (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  owner_email TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_HIDES_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_hidden_extensions (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  owner_email TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const EXTENSION_HIDES_UNIQUE_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_hidden_extensions_user_tool_idx\n  ON tool_hidden_extensions (owner_email, tool_id)`;\n\nexport const EXTENSION_HIDES_OWNER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_hidden_extensions_owner_idx\n  ON tool_hidden_extensions (owner_email)`;\n\n// ---------------------------------------------------------------------------\n// extension_consents — vestigial, kept for additive-schema compliance\n// ---------------------------------------------------------------------------\n//\n// Originally added for an audit-C1 per-(viewer, extension, content_hash)\n// consent gate that prompted viewers to \"Run anyway\" before non-author\n// extensions could execute. We removed the runtime gate after settling on\n// intra-org trust (extensions are shared between trusted teammates; the\n// org-level access controls are sufficient). The table is kept here so\n// deploys that already ran the migration stay healthy — additive-only schema\n// policy means we never drop. Physical name stays `tool_consents`.\n\nexport const extensionConsents = table(\"tool_consents\", {\n  viewerEmail: text(\"viewer_email\").notNull(),\n  extensionId: text(\"tool_id\").notNull(),\n  contentHash: text(\"content_hash\").notNull(),\n  grantedAt: text(\"granted_at\").notNull().default(now()),\n});\n\nexport const EXTENSION_CONSENTS_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_consents (\n  viewer_email TEXT NOT NULL,\n  tool_id TEXT NOT NULL,\n  content_hash TEXT NOT NULL,\n  granted_at TEXT NOT NULL DEFAULT (datetime('now')),\n  PRIMARY KEY (viewer_email, tool_id, content_hash)\n)`;\n\nexport const EXTENSION_CONSENTS_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_consents (\n  viewer_email TEXT NOT NULL,\n  tool_id TEXT NOT NULL,\n  content_hash TEXT NOT NULL,\n  granted_at TEXT NOT NULL DEFAULT now(),\n  PRIMARY KEY (viewer_email, tool_id, content_hash)\n)`;\n\nexport const EXTENSION_CONSENTS_VIEWER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_consents_viewer_idx ON tool_consents (viewer_email, tool_id)`;\n"]}
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/extensions/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAEzE,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,EAAE;IACvC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE;IAC5B,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACtD,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,GAAG,cAAc,EAAE;CACpB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,eAAe,GAAG,iBAAiB,CAAC,aAAa,CAAC,CAAC;AAEhE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,CAAC,wBAAwB,EAAE;IAC5D,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE;IACzC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC,cAAc,EAAE;IACpD,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACrC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE;IACtC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE;IAC5B,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACtD,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC;IAClB,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC;IAC/B,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACpE,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC;IACrB,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IAC3D,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG;;;;;;;;;;;EAWnC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG;;;;;;;;;;;EAWtC,CAAC;AAEH,MAAM,CAAC,MAAM,2BAA2B,GAAG;;;;;;;;EAQzC,CAAC;AAEH,MAAM,CAAC,MAAM,8BAA8B,GAAG;;;;;;;;EAQ5C,CAAC;AAEH,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,CAAC,WAAW,EAAE;IAC9C,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE;IACxC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC;IACvB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE;IAC5B,UAAU,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACpE,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;IAC9C,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC;IACrB,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IAChE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACtD,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,yBAAyB,GAAG;;;;;;;;;;;;EAYvC,CAAC;AAEH,MAAM,CAAC,MAAM,4BAA4B,GAAG;;;;;;;;;;;;EAY1C,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;yDACY,CAAC;AAE1D,MAAM,CAAC,MAAM,gCAAgC,GAAG;yDACS,CAAC;AAE1D,MAAM,CAAC,MAAM,iCAAiC,GAAG,+CAA+C,CAAC;AACjG,MAAM,CAAC,MAAM,oCAAoC,GAAG,+CAA+C,CAAC;AAEpG,MAAM,CAAC,MAAM,0BAA0B,GAAG,mEAAmE,CAAC;AAC9G,MAAM,CAAC,MAAM,wBAAwB,GAAG,4DAA4D,CAAC;AACrG,MAAM,CAAC,MAAM,4BAA4B,GAAG,uEAAuE,CAAC;AACpH,MAAM,CAAC,MAAM,mCAAmC,GAAG,kFAAkF,CAAC;AAEtI,MAAM,CAAC,MAAM,0BAA0B,GAAG;;;;;EAKxC,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;;;;;EAK3C,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG;mDACG,CAAC;AAEpD,MAAM,CAAC,MAAM,+BAA+B,GAAG;0CACL,CAAC;AAE3C,MAAM,CAAC,MAAM,4BAA4B,GAAG;;;;;;;;;;;;;;;EAe1C,CAAC;AAEH,MAAM,CAAC,MAAM,+BAA+B,GAAG;;;;;;;;;;;;;;;EAe7C,CAAC;AAEH,MAAM,CAAC,MAAM,mCAAmC,GAAG;qCACd,CAAC;AAEtC,MAAM,CAAC,MAAM,mCAAmC,GAAG;wCACX,CAAC;AAEzC,8EAA8E;AAC9E,sEAAsE;AACtE,8EAA8E;AAC9E,EAAE;AACF,yEAAyE;AACzE,uEAAuE;AACvE,0EAA0E;AAC1E,wEAAwE;AACxE,uEAAuE;AACvE,6EAA6E;AAC7E,mEAAmE;AAEnE,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,CAAC,eAAe,EAAE;IACtD,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE;IAC3C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;IACtC,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE;IAC3C,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;CACvD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,6BAA6B,GAAG;;;;;;EAM3C,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG;;;;;;EAM9C,CAAC;AAEH,MAAM,CAAC,MAAM,mCAAmC,GAAG,8FAA8F,CAAC","sourcesContent":["/**\n * Drizzle schema for the framework extensions system.\n *\n * Extensions are mini Alpine.js apps that run inside sandboxed iframes. They\n * can call external APIs via a server-side proxy that resolves `${keys.NAME}`\n * secret references. Extensions use the standard sharing model (private by\n * default, shareable with org/others).\n *\n * The tables are auto-created at server boot via `ensureTable()` in store.ts,\n * following the same pattern as `app_secrets`.\n *\n * NOTE: physical SQL table/column names stay as `tools`, `tool_data`,\n * `tool_shares`, `tool_consents`, `tool_id`, etc. — additive-only schema\n * policy means we never rename DB-level identifiers. The JS/TS surface is\n * renamed to `extensions`/`extension*`; the DB-side names stay so existing\n * deployed rows remain readable.\n */\n\nimport { table, text, integer, now } from \"../db/schema.js\";\nimport { ownableColumns, createSharesTable } from \"../sharing/schema.js\";\n\nexport const extensions = table(\"tools\", {\n  id: text(\"id\").primaryKey(),\n  name: text(\"name\").notNull(),\n  description: text(\"description\").notNull().default(\"\"),\n  content: text(\"content\").notNull().default(\"\"),\n  icon: text(\"icon\"),\n  createdAt: text(\"created_at\").notNull().default(now()),\n  updatedAt: text(\"updated_at\").notNull().default(now()),\n  ...ownableColumns(),\n});\n\nexport const extensionShares = createSharesTable(\"tool_shares\");\n\nexport const extensionHides = table(\"tool_hidden_extensions\", {\n  id: text(\"id\").primaryKey(),\n  extensionId: text(\"tool_id\").notNull(),\n  ownerEmail: text(\"owner_email\").notNull(),\n  createdAt: text(\"created_at\").notNull().default(now()),\n});\n\nexport const extensionHistory = table(\"tool_history\", {\n  id: text(\"id\").primaryKey(),\n  extensionId: text(\"tool_id\").notNull(),\n  version: integer(\"version\").notNull(),\n  operation: text(\"operation\").notNull(),\n  summary: text(\"summary\").notNull().default(\"\"),\n  name: text(\"name\").notNull(),\n  description: text(\"description\").notNull().default(\"\"),\n  content: text(\"content\").notNull().default(\"\"),\n  icon: text(\"icon\"),\n  actorEmail: text(\"actor_email\"),\n  ownerEmail: text(\"owner_email\").notNull().default(\"local@localhost\"),\n  orgId: text(\"org_id\"),\n  visibility: text(\"visibility\").notNull().default(\"private\"),\n  createdAt: text(\"created_at\").notNull().default(now()),\n});\n\nexport const EXTENSIONS_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tools (\n  id TEXT PRIMARY KEY,\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  created_at TEXT NOT NULL DEFAULT (datetime('now')),\n  updated_at TEXT NOT NULL DEFAULT (datetime('now')),\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private'\n)`;\n\nexport const EXTENSIONS_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tools (\n  id TEXT PRIMARY KEY,\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  created_at TEXT NOT NULL DEFAULT now(),\n  updated_at TEXT NOT NULL DEFAULT now(),\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private'\n)`;\n\nexport const EXTENSION_SHARES_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_shares (\n  id TEXT PRIMARY KEY,\n  resource_id TEXT NOT NULL,\n  principal_type TEXT NOT NULL,\n  principal_id TEXT NOT NULL,\n  role TEXT NOT NULL DEFAULT 'viewer',\n  created_by TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_SHARES_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_shares (\n  id TEXT PRIMARY KEY,\n  resource_id TEXT NOT NULL,\n  principal_type TEXT NOT NULL,\n  principal_id TEXT NOT NULL,\n  role TEXT NOT NULL DEFAULT 'viewer',\n  created_by TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const extensionData = table(\"tool_data\", {\n  id: text(\"id\").primaryKey(),\n  extensionId: text(\"tool_id\").notNull(),\n  collection: text(\"collection\").notNull(),\n  itemId: text(\"item_id\"),\n  data: text(\"data\").notNull(),\n  ownerEmail: text(\"owner_email\").notNull().default(\"local@localhost\"),\n  scope: text(\"scope\").notNull().default(\"user\"),\n  orgId: text(\"org_id\"),\n  scopeKey: text(\"scope_key\").notNull().default(\"local@localhost\"),\n  createdAt: text(\"created_at\").notNull().default(now()),\n  updatedAt: text(\"updated_at\").notNull().default(now()),\n});\n\nexport const EXTENSION_DATA_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_data (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  collection TEXT NOT NULL,\n  item_id TEXT,\n  data TEXT NOT NULL,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  scope TEXT NOT NULL DEFAULT 'user',\n  org_id TEXT,\n  scope_key TEXT NOT NULL DEFAULT 'local@localhost',\n  created_at TEXT NOT NULL DEFAULT (datetime('now')),\n  updated_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_DATA_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_data (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  collection TEXT NOT NULL,\n  item_id TEXT,\n  data TEXT NOT NULL,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  scope TEXT NOT NULL DEFAULT 'user',\n  org_id TEXT,\n  scope_key TEXT NOT NULL DEFAULT 'local@localhost',\n  created_at TEXT NOT NULL DEFAULT now(),\n  updated_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const EXTENSION_DATA_ITEM_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_data_scoped_item_idx\n  ON tool_data (tool_id, collection, scope_key, item_id)`;\n\nexport const EXTENSION_DATA_ITEM_INDEX_SQL_PG = `CREATE UNIQUE INDEX IF NOT EXISTS tool_data_scoped_item_idx\n  ON tool_data (tool_id, collection, scope_key, item_id)`;\n\nexport const EXTENSION_DATA_DROP_OLD_INDEX_SQL = `DROP INDEX IF EXISTS tool_data_scope_item_idx`;\nexport const EXTENSION_DATA_DROP_OLD_INDEX_SQL_PG = `DROP INDEX IF EXISTS tool_data_scope_item_idx`;\n\nexport const EXTENSIONS_OWNER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_owner_idx ON tools (owner_email)`;\nexport const EXTENSIONS_ORG_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_org_idx ON tools (org_id)`;\nexport const EXTENSIONS_UPDATED_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tools_updated_at_idx ON tools (updated_at)`;\nexport const EXTENSION_SHARES_RESOURCE_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_shares_resource_idx ON tool_shares (resource_id)`;\n\nexport const EXTENSION_HIDES_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_hidden_extensions (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  owner_email TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_HIDES_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_hidden_extensions (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  owner_email TEXT NOT NULL,\n  created_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const EXTENSION_HIDES_UNIQUE_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_hidden_extensions_user_tool_idx\n  ON tool_hidden_extensions (owner_email, tool_id)`;\n\nexport const EXTENSION_HIDES_OWNER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_hidden_extensions_owner_idx\n  ON tool_hidden_extensions (owner_email)`;\n\nexport const EXTENSION_HISTORY_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_history (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  version INTEGER NOT NULL,\n  operation TEXT NOT NULL,\n  summary TEXT NOT NULL DEFAULT '',\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  actor_email TEXT,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private',\n  created_at TEXT NOT NULL DEFAULT (datetime('now'))\n)`;\n\nexport const EXTENSION_HISTORY_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_history (\n  id TEXT PRIMARY KEY,\n  tool_id TEXT NOT NULL,\n  version INTEGER NOT NULL,\n  operation TEXT NOT NULL,\n  summary TEXT NOT NULL DEFAULT '',\n  name TEXT NOT NULL,\n  description TEXT NOT NULL DEFAULT '',\n  content TEXT NOT NULL DEFAULT '',\n  icon TEXT,\n  actor_email TEXT,\n  owner_email TEXT NOT NULL DEFAULT 'local@localhost',\n  org_id TEXT,\n  visibility TEXT NOT NULL DEFAULT 'private',\n  created_at TEXT NOT NULL DEFAULT now()\n)`;\n\nexport const EXTENSION_HISTORY_VERSION_INDEX_SQL = `CREATE UNIQUE INDEX IF NOT EXISTS tool_history_tool_version_idx\n  ON tool_history (tool_id, version)`;\n\nexport const EXTENSION_HISTORY_CREATED_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_history_tool_created_idx\n  ON tool_history (tool_id, created_at)`;\n\n// ---------------------------------------------------------------------------\n// extension_consents — vestigial, kept for additive-schema compliance\n// ---------------------------------------------------------------------------\n//\n// Originally added for an audit-C1 per-(viewer, extension, content_hash)\n// consent gate that prompted viewers to \"Run anyway\" before non-author\n// extensions could execute. We removed the runtime gate after settling on\n// intra-org trust (extensions are shared between trusted teammates; the\n// org-level access controls are sufficient). The table is kept here so\n// deploys that already ran the migration stay healthy — additive-only schema\n// policy means we never drop. Physical name stays `tool_consents`.\n\nexport const extensionConsents = table(\"tool_consents\", {\n  viewerEmail: text(\"viewer_email\").notNull(),\n  extensionId: text(\"tool_id\").notNull(),\n  contentHash: text(\"content_hash\").notNull(),\n  grantedAt: text(\"granted_at\").notNull().default(now()),\n});\n\nexport const EXTENSION_CONSENTS_CREATE_SQL = `CREATE TABLE IF NOT EXISTS tool_consents (\n  viewer_email TEXT NOT NULL,\n  tool_id TEXT NOT NULL,\n  content_hash TEXT NOT NULL,\n  granted_at TEXT NOT NULL DEFAULT (datetime('now')),\n  PRIMARY KEY (viewer_email, tool_id, content_hash)\n)`;\n\nexport const EXTENSION_CONSENTS_CREATE_SQL_PG = `CREATE TABLE IF NOT EXISTS tool_consents (\n  viewer_email TEXT NOT NULL,\n  tool_id TEXT NOT NULL,\n  content_hash TEXT NOT NULL,\n  granted_at TEXT NOT NULL DEFAULT now(),\n  PRIMARY KEY (viewer_email, tool_id, content_hash)\n)`;\n\nexport const EXTENSION_CONSENTS_VIEWER_INDEX_SQL = `CREATE INDEX IF NOT EXISTS tool_consents_viewer_idx ON tool_consents (viewer_email, tool_id)`;\n"]}

package/dist/extensions/store.d.ts

@@ -14,6 +14,39 @@ export interface ExtensionRow {
     orgId: string | null;
     visibility: "private" | "org" | "public";
 }
+export type ExtensionHistoryOperation = "create" | "baseline" | "metadata-update" | "content-update" | "restore";
+export interface ExtensionHistoryEntry {
+    id: string;
+    extensionId: string;
+    version: number;
+    operation: ExtensionHistoryOperation | string;
+    summary: string;
+    name: string;
+    description: string;
+    content?: string;
+    icon: string | null;
+    actorEmail: string | null;
+    ownerEmail: string;
+    orgId: string | null;
+    visibility: "private" | "org" | "public";
+    createdAt: string;
+    persisted: boolean;
+    contentLength: number;
+}
+export interface ExtensionHistoryDiffLine {
+    type: "equal" | "insert" | "delete";
+    text: string;
+}
+export interface ExtensionHistoryDetail {
+    entry: ExtensionHistoryEntry;
+    previous: ExtensionHistoryEntry | null;
+    diff: ExtensionHistoryDiffLine[];
+    stats: {
+        addedLines: number;
+        deletedLines: number;
+        changed: boolean;
+    };
+}
 export declare function getExtensionChangeTargets(id: string): Promise<ExtensionChangeTarget[]>;
 export declare function notifyExtensionChangeForResource(id: string, beforeTargets?: ExtensionChangeTarget[]): Promise<void>;
 export interface ListExtensionsOptions {
@@ -21,6 +54,13 @@ export interface ListExtensionsOptions {
 }
 export declare function listExtensions(options?: ListExtensionsOptions): Promise<ExtensionRow[]>;
 export declare function getExtension(id: string): Promise<ExtensionRow | null>;
+export interface ListExtensionHistoryOptions {
+    limit?: number;
+    includeContent?: boolean;
+}
+export declare function listExtensionHistory(id: string, options?: ListExtensionHistoryOptions): Promise<ExtensionHistoryEntry[]>;
+export declare function getExtensionHistoryVersion(id: string, versionValue: number | string): Promise<ExtensionHistoryDetail | null>;
+export declare function restoreExtensionHistoryVersion(id: string, versionValue: number | string): Promise<ExtensionRow | null>;
 export interface CreateExtensionData {
     name: string;
     description?: string;

package/dist/extensions/store.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/extensions/store.ts"],"names":[],"mappings":"AA2CA,OAAO,EAIL,KAAK,qBAAqB,EAC3B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAEL,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EAC1B,MAAM,oBAAoB,CAAC;AAM5B,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC,CAsE5D;AAwFD,wBAAgB,2BAA2B,SAiB1C;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,CAAC;CAC1C;AAyDD,wBAAsB,yBAAyB,CAC7C,EAAE,EAAE,MAAM,GACT,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAGlC;AA0CD,wBAAsB,gCAAgC,CACpD,EAAE,EAAE,MAAM,EACV,aAAa,GAAE,qBAAqB,EAAO,GAC1C,OAAO,CAAC,IAAI,CAAC,CAMf;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,wBAAsB,cAAc,CAClC,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,YAAY,EAAE,CAAC,CAazB;AAED,wBAAsB,YAAY,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAI3E;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,wBAAsB,eAAe,CACnC,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,YAAY,CAAC,CAuBvB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;;OAIG;IACH,UAAU,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,CAAC;CAC3C;AAED,wBAAsB,eAAe,CACnC,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CA+B9B;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACjC,KAAK,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAC/B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,wBAAsB,sBAAsB,CAC1C,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,0BAA0B,GAC/B,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAoC9B;AAED,wBAAsB,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAmBlE;AAED,wBAAsB,mCAAmC,IAAI,OAAO,CAClE,GAAG,CAAC,MAAM,CAAC,CACZ,CAWA;AAED,wBAAsB,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAehE;AAED,wBAAsB,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAWlE"}
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/extensions/store.ts"],"names":[],"mappings":"AAgDA,OAAO,EAIL,KAAK,qBAAqB,EAC3B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAEL,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EAC1B,MAAM,oBAAoB,CAAC;AAW5B,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC,CAiF5D;AAwFD,wBAAgB,2BAA2B,SAiB1C;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,CAAC;CAC1C;AAED,MAAM,MAAM,yBAAyB,GACjC,QAAQ,GACR,UAAU,GACV,iBAAiB,GACjB,gBAAgB,GAChB,SAAS,CAAC;AAEd,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,yBAAyB,GAAG,MAAM,CAAC;IAC9C,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,CAAC;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;IACpC,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,qBAAqB,CAAC;IAC7B,QAAQ,EAAE,qBAAqB,GAAG,IAAI,CAAC;IACvC,IAAI,EAAE,wBAAwB,EAAE,CAAC;IACjC,KAAK,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC;QACrB,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CACH;AA+ED,wBAAsB,yBAAyB,CAC7C,EAAE,EAAE,MAAM,GACT,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAGlC;AA0CD,wBAAsB,gCAAgC,CACpD,EAAE,EAAE,MAAM,EACV,aAAa,GAAE,qBAAqB,EAAO,GAC1C,OAAO,CAAC,IAAI,CAAC,CAMf;AAoTD,MAAM,WAAW,qBAAqB;IACpC,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,wBAAsB,cAAc,CAClC,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,YAAY,EAAE,CAAC,CAazB;AAED,wBAAsB,YAAY,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAI3E;AAED,MAAM,WAAW,2BAA2B;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,MAAM,EACV,OAAO,GAAE,2BAAgC,GACxC,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAuBlC;AAED,wBAAsB,0BAA0B,CAC9C,EAAE,EAAE,MAAM,EACV,YAAY,EAAE,MAAM,GAAG,MAAM,GAC5B,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC,CA4BxC;AAED,wBAAsB,8BAA8B,CAClD,EAAE,EAAE,MAAM,EACV,YAAY,EAAE,MAAM,GAAG,MAAM,GAC5B,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CA+C9B;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,wBAAsB,eAAe,CACnC,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,YAAY,CAAC,CAwBvB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;;OAIG;IACH,UAAU,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,CAAC;CAC3C;AAED,wBAAsB,eAAe,CACnC,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CA2C9B;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACjC,KAAK,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAC/B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,wBAAsB,sBAAsB,CAC1C,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,0BAA0B,GAC/B,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CA2C9B;AAED,wBAAsB,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAuBlE;AAED,wBAAsB,mCAAmC,IAAI,OAAO,CAClE,GAAG,CAAC,MAAM,CAAC,CACZ,CAWA;AAED,wBAAsB,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAehE;AAED,wBAAsB,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAWlE"}

package/dist/extensions/store.js

@@ -7,10 +7,15 @@ import { recordChange } from "../server/poll.js";
 import { accessFilter, assertAccess, resolveAccess, ForbiddenError, } from "../sharing/access.js";
 import { getRequestUserEmail, getRequestOrgId, } from "../server/request-context.js";
 import { registerShareableResource } from "../sharing/registry.js";
-import { extensions, extensionHides, extensionShares, EXTENSIONS_CREATE_SQL, EXTENSIONS_CREATE_SQL_PG, EXTENSION_SHARES_CREATE_SQL, EXTENSION_SHARES_CREATE_SQL_PG, EXTENSION_DATA_CREATE_SQL, EXTENSION_DATA_CREATE_SQL_PG, EXTENSION_DATA_ITEM_INDEX_SQL, EXTENSION_DATA_ITEM_INDEX_SQL_PG, EXTENSION_DATA_DROP_OLD_INDEX_SQL, EXTENSION_DATA_DROP_OLD_INDEX_SQL_PG, EXTENSIONS_OWNER_INDEX_SQL, EXTENSIONS_ORG_INDEX_SQL, EXTENSIONS_UPDATED_INDEX_SQL, EXTENSION_SHARES_RESOURCE_INDEX_SQL, EXTENSION_HIDES_CREATE_SQL, EXTENSION_HIDES_CREATE_SQL_PG, EXTENSION_HIDES_UNIQUE_INDEX_SQL, EXTENSION_HIDES_OWNER_INDEX_SQL, EXTENSION_CONSENTS_CREATE_SQL, EXTENSION_CONSENTS_CREATE_SQL_PG, EXTENSION_CONSENTS_VIEWER_INDEX_SQL, } from "./schema.js";
+import { extensions, extensionHides, extensionShares, extensionHistory, EXTENSIONS_CREATE_SQL, EXTENSIONS_CREATE_SQL_PG, EXTENSION_SHARES_CREATE_SQL, EXTENSION_SHARES_CREATE_SQL_PG, EXTENSION_DATA_CREATE_SQL, EXTENSION_DATA_CREATE_SQL_PG, EXTENSION_DATA_ITEM_INDEX_SQL, EXTENSION_DATA_ITEM_INDEX_SQL_PG, EXTENSION_DATA_DROP_OLD_INDEX_SQL, EXTENSION_DATA_DROP_OLD_INDEX_SQL_PG, EXTENSIONS_OWNER_INDEX_SQL, EXTENSIONS_ORG_INDEX_SQL, EXTENSIONS_UPDATED_INDEX_SQL, EXTENSION_SHARES_RESOURCE_INDEX_SQL, EXTENSION_HIDES_CREATE_SQL, EXTENSION_HIDES_CREATE_SQL_PG, EXTENSION_HIDES_UNIQUE_INDEX_SQL, EXTENSION_HIDES_OWNER_INDEX_SQL, EXTENSION_HISTORY_CREATE_SQL, EXTENSION_HISTORY_CREATE_SQL_PG, EXTENSION_HISTORY_VERSION_INDEX_SQL, EXTENSION_HISTORY_CREATED_INDEX_SQL, EXTENSION_CONSENTS_CREATE_SQL, EXTENSION_CONSENTS_CREATE_SQL_PG, EXTENSION_CONSENTS_VIEWER_INDEX_SQL, } from "./schema.js";
 import { EXTENSION_CHANGE_MARKER_KEY, extensionChangeMarkerSession, extensionChangeMarkerValue, } from "./change-marker.js";
 import { applyExtensionContentUpdate, } from "./content-patch.js";
-const getDb = createGetDb({ extensions, extensionShares, extensionHides });
+const getDb = createGetDb({
+    extensions,
+    extensionShares,
+    extensionHides,
+    extensionHistory,
+});
 let _initPromise;
 export async function ensureExtensionsTables() {
     if (!_initPromise) {
@@ -34,6 +39,9 @@ export async function ensureExtensionsTables() {
             await retryOnDdlRace(() => client.execute(pg ? EXTENSION_HIDES_CREATE_SQL_PG : EXTENSION_HIDES_CREATE_SQL));
             await retryOnDdlRace(() => client.execute(EXTENSION_HIDES_UNIQUE_INDEX_SQL));
             await retryOnDdlRace(() => client.execute(EXTENSION_HIDES_OWNER_INDEX_SQL));
+            await retryOnDdlRace(() => client.execute(pg ? EXTENSION_HISTORY_CREATE_SQL_PG : EXTENSION_HISTORY_CREATE_SQL));
+            await retryOnDdlRace(() => client.execute(EXTENSION_HISTORY_VERSION_INDEX_SQL));
+            await retryOnDdlRace(() => client.execute(EXTENSION_HISTORY_CREATED_INDEX_SQL));
             // tool_consents was introduced for an audit-C1 per-viewer consent
             // gate that we removed once we settled on intra-org trust as the
             // baseline. The table is kept (additive — never drop) so deploys
@@ -214,6 +222,256 @@ export async function notifyExtensionChangeForResource(id, beforeTargets = []) {
         ...(await extensionChangeTargetsForId(id)),
     ]);
 }
+function extensionHistoryEntryFromRaw(row, includeContent) {
+    const content = row.content ?? "";
+    const visibility = normalizeVisibility(row.visibility);
+    return {
+        id: row.id,
+        extensionId: String(row.tool_id ?? row.extensionId ?? ""),
+        version: Number(row.version) || 1,
+        operation: row.operation,
+        summary: row.summary ?? "",
+        name: row.name,
+        description: row.description ?? "",
+        ...(includeContent ? { content } : {}),
+        icon: row.icon ?? null,
+        actorEmail: row.actor_email ?? row.actorEmail ?? null,
+        ownerEmail: row.owner_email ?? row.ownerEmail ?? "",
+        orgId: row.org_id ?? row.orgId ?? null,
+        visibility,
+        createdAt: row.created_at ?? row.createdAt ?? new Date(0).toISOString(),
+        persisted: true,
+        contentLength: content.length,
+    };
+}
+function extensionHistoryEntryFromExtension(row, includeContent) {
+    return {
+        id: `current:${row.id}`,
+        extensionId: row.id,
+        version: 1,
+        operation: "baseline",
+        summary: "Current version",
+        name: row.name,
+        description: row.description,
+        ...(includeContent ? { content: row.content } : {}),
+        icon: row.icon,
+        actorEmail: null,
+        ownerEmail: row.ownerEmail,
+        orgId: row.orgId,
+        visibility: row.visibility,
+        createdAt: row.updatedAt,
+        persisted: false,
+        contentLength: row.content.length,
+    };
+}
+function normalizeVisibility(value) {
+    return value === "org" || value === "public" ? value : "private";
+}
+function currentActorEmail() {
+    return getRequestUserEmail() ?? null;
+}
+function clampHistoryLimit(value) {
+    const limit = Number(value ?? 50);
+    if (!Number.isFinite(limit))
+        return 50;
+    return Math.min(Math.max(1, Math.floor(limit)), 100);
+}
+async function historyVersionCount(extensionId) {
+    const result = await getDbExec().execute({
+        sql: `SELECT MAX(version) AS version FROM tool_history WHERE tool_id = ?`,
+        args: [extensionId],
+    });
+    const value = result.rows?.[0]?.version;
+    const version = Number(value ?? 0);
+    return Number.isFinite(version) ? version : 0;
+}
+async function hasExtensionHistory(extensionId) {
+    const result = await getDbExec().execute({
+        sql: `SELECT id FROM tool_history WHERE tool_id = ? LIMIT 1`,
+        args: [extensionId],
+    });
+    return (result.rows?.length ?? 0) > 0;
+}
+async function recordExtensionHistorySnapshot(row, operation, summary) {
+    const version = (await historyVersionCount(row.id)) + 1;
+    const now = new Date().toISOString();
+    const historyId = randomUUID();
+    await getDbExec().execute({
+        sql: `INSERT INTO tool_history (
+      id, tool_id, version, operation, summary, name, description, content,
+      icon, actor_email, owner_email, org_id, visibility, created_at
+    ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+        args: [
+            historyId,
+            row.id,
+            version,
+            operation,
+            summary,
+            row.name,
+            row.description,
+            row.content,
+            row.icon,
+            currentActorEmail(),
+            row.ownerEmail,
+            row.orgId,
+            row.visibility,
+            now,
+        ],
+    });
+    return {
+        id: historyId,
+        extensionId: row.id,
+        version,
+        operation,
+        summary,
+        name: row.name,
+        description: row.description,
+        content: row.content,
+        icon: row.icon,
+        actorEmail: currentActorEmail(),
+        ownerEmail: row.ownerEmail,
+        orgId: row.orgId,
+        visibility: row.visibility,
+        createdAt: now,
+        persisted: true,
+        contentLength: row.content.length,
+    };
+}
+async function ensureExtensionHistoryBaseline(row) {
+    if (await hasExtensionHistory(row.id))
+        return;
+    await recordExtensionHistorySnapshot(row, "baseline", "Saved starting version");
+}
+function summarizeMetadataChange(before, after) {
+    const changes = [];
+    if (before.name !== after.name) {
+        changes.push(`Renamed from "${before.name}" to "${after.name}"`);
+    }
+    if (before.description !== after.description) {
+        changes.push("Updated description");
+    }
+    if (before.icon !== after.icon) {
+        changes.push("Updated icon");
+    }
+    if (before.visibility !== after.visibility) {
+        changes.push(`Changed visibility to ${after.visibility}`);
+    }
+    return changes.join("; ") || "Updated details";
+}
+function summarizeContentChange(beforeContent, afterContent) {
+    const stats = diffStats(createLineDiff(beforeContent, afterContent));
+    if (!stats.changed)
+        return "Saved content";
+    return `Updated content (+${stats.addedLines} -${stats.deletedLines} lines)`;
+}
+function parseHistoryVersion(version) {
+    const parsed = Number(version);
+    if (!Number.isInteger(parsed) || parsed < 1)
+        return null;
+    return parsed;
+}
+async function getPersistedHistoryEntry(extensionId, version, includeContent) {
+    const result = await getDbExec().execute({
+        sql: `SELECT id, tool_id, version, operation, summary, name, description,
+      content, icon, actor_email, owner_email, org_id, visibility, created_at
+      FROM tool_history
+      WHERE tool_id = ? AND version = ?
+      LIMIT 1`,
+        args: [extensionId, version],
+    });
+    const row = result.rows?.[0];
+    return row ? extensionHistoryEntryFromRaw(row, includeContent) : null;
+}
+function splitLines(text) {
+    if (!text)
+        return [];
+    const parts = text.split("\n");
+    return parts
+        .map((line, index) => (index < parts.length - 1 ? `${line}\n` : line))
+        .filter((line) => line.length > 0);
+}
+function createLineDiff(beforeText, afterText) {
+    const before = splitLines(beforeText);
+    const after = splitLines(afterText);
+    if (before.length === 0 && after.length === 0)
+        return [];
+    const cells = before.length * after.length;
+    if (cells > 40_000)
+        return createBoundaryDiff(before, after);
+    const dp = Array.from({ length: before.length + 1 }, () => Array(after.length + 1).fill(0));
+    for (let i = before.length - 1; i >= 0; i -= 1) {
+        for (let j = after.length - 1; j >= 0; j -= 1) {
+            dp[i][j] =
+                before[i] === after[j]
+                    ? dp[i + 1][j + 1] + 1
+                    : Math.max(dp[i + 1][j], dp[i][j + 1]);
+        }
+    }
+    const diff = [];
+    let i = 0;
+    let j = 0;
+    while (i < before.length && j < after.length) {
+        if (before[i] === after[j]) {
+            diff.push({ type: "equal", text: before[i] });
+            i += 1;
+            j += 1;
+        }
+        else if (dp[i + 1][j] >= dp[i][j + 1]) {
+            diff.push({ type: "delete", text: before[i] });
+            i += 1;
+        }
+        else {
+            diff.push({ type: "insert", text: after[j] });
+            j += 1;
+        }
+    }
+    while (i < before.length) {
+        diff.push({ type: "delete", text: before[i] });
+        i += 1;
+    }
+    while (j < after.length) {
+        diff.push({ type: "insert", text: after[j] });
+        j += 1;
+    }
+    return diff;
+}
+function createBoundaryDiff(before, after) {
+    let prefix = 0;
+    while (prefix < before.length &&
+        prefix < after.length &&
+        before[prefix] === after[prefix]) {
+        prefix += 1;
+    }
+    let suffix = 0;
+    while (suffix + prefix < before.length &&
+        suffix + prefix < after.length &&
+        before[before.length - 1 - suffix] === after[after.length - 1 - suffix]) {
+        suffix += 1;
+    }
+    return [
+        ...before
+            .slice(0, prefix)
+            .map((text) => ({ type: "equal", text })),
+        ...before
+            .slice(prefix, before.length - suffix)
+            .map((text) => ({ type: "delete", text })),
+        ...after
+            .slice(prefix, after.length - suffix)
+            .map((text) => ({ type: "insert", text })),
+        ...before
+            .slice(before.length - suffix)
+            .map((text) => ({ type: "equal", text })),
+    ];
+}
+function diffStats(diff) {
+    const addedLines = diff.filter((line) => line.type === "insert").length;
+    const deletedLines = diff.filter((line) => line.type === "delete").length;
+    return {
+        addedLines,
+        deletedLines,
+        changed: addedLines > 0 || deletedLines > 0,
+    };
+}
 export async function listExtensions(options = {}) {
     await ensureExtensionsTables();
     const db = getDb();
@@ -233,6 +491,95 @@ export async function getExtension(id) {
     const access = await resolveAccess("extension", id);
     return access?.resource ?? null;
 }
+export async function listExtensionHistory(id, options = {}) {
+    await ensureExtensionsTables();
+    const extension = await getExtension(id);
+    if (!extension)
+        return [];
+    const includeContent = options.includeContent === true;
+    const limit = clampHistoryLimit(options.limit);
+    const result = await getDbExec().execute({
+        sql: `SELECT id, tool_id, version, operation, summary, name, description,
+      content, icon, actor_email, owner_email, org_id, visibility, created_at
+      FROM tool_history
+      WHERE tool_id = ?
+      ORDER BY version DESC
+      LIMIT ?`,
+        args: [id, limit],
+    });
+    const entries = (result.rows ?? []).map((row) => extensionHistoryEntryFromRaw(row, includeContent));
+    if (entries.length > 0)
+        return entries;
+    return [extensionHistoryEntryFromExtension(extension, includeContent)];
+}
+export async function getExtensionHistoryVersion(id, versionValue) {
+    await ensureExtensionsTables();
+    const extension = await getExtension(id);
+    if (!extension)
+        return null;
+    const version = parseHistoryVersion(versionValue);
+    if (!version)
+        return null;
+    const persisted = await getPersistedHistoryEntry(id, version, true);
+    const entry = persisted ??
+        (!(await hasExtensionHistory(id)) && version === 1
+            ? extensionHistoryEntryFromExtension(extension, true)
+            : null);
+    if (!entry)
+        return null;
+    const previous = version > 1 ? await getPersistedHistoryEntry(id, version - 1, true) : null;
+    const previousContent = previous?.content ?? "";
+    const currentContent = entry.content ?? "";
+    const diff = createLineDiff(previousContent, currentContent);
+    return {
+        entry,
+        previous,
+        diff,
+        stats: diffStats(diff),
+    };
+}
+export async function restoreExtensionHistoryVersion(id, versionValue) {
+    await ensureExtensionsTables();
+    await assertAccess("extension", id, "editor");
+    const version = parseHistoryVersion(versionValue);
+    if (!version)
+        return null;
+    const existingRows = await getDb()
+        .select()
+        .from(extensions)
+        .where(eq(extensions.id, id));
+    const existing = existingRows[0];
+    if (!existing)
+        return null;
+    await ensureExtensionHistoryBaseline(existing);
+    const target = await getPersistedHistoryEntry(id, version, true);
+    if (!target)
+        return null;
+    const beforeTargets = await extensionChangeTargetsForId(id);
+    await getDb()
+        .update(extensions)
+        .set({
+        name: target.name,
+        description: target.description,
+        content: target.content ?? "",
+        icon: target.icon,
+        updatedAt: new Date().toISOString(),
+    })
+        .where(eq(extensions.id, id));
+    const rows = await getDb()
+        .select()
+        .from(extensions)
+        .where(eq(extensions.id, id));
+    const row = rows[0] ?? null;
+    if (row) {
+        await recordExtensionHistorySnapshot(row, "restore", `Restored version ${version}`);
+        await notifyExtensionChanged([
+            ...beforeTargets,
+            ...(await extensionChangeTargetsForRow(row)),
+        ]);
+    }
+    return row;
+}
 export async function createExtension(data) {
     await ensureExtensionsTables();
     const db = getDb();
@@ -255,6 +602,7 @@ export async function createExtension(data) {
         visibility: "private",
     };
     await db.insert(extensions).values(row);
+    await recordExtensionHistorySnapshot(row, "create", "Created extension");
     await notifyExtensionChanged([{ owner: row.ownerEmail }]);
     return row;
 }
@@ -281,10 +629,19 @@ export async function updateExtension(id, data) {
         updates.icon = data.icon;
     if (data.visibility !== undefined)
         updates.visibility = data.visibility;
+    const existingRows = await db
+        .select()
+        .from(extensions)
+        .where(eq(extensions.id, id));
+    const existing = existingRows[0];
+    if (!existing)
+        return null;
+    await ensureExtensionHistoryBaseline(existing);
     await db.update(extensions).set(updates).where(eq(extensions.id, id));
     const rows = await db.select().from(extensions).where(eq(extensions.id, id));
     const row = rows[0] ?? null;
     if (row) {
+        await recordExtensionHistorySnapshot(row, "metadata-update", summarizeMetadataChange(existing, row));
         await notifyExtensionChanged([
             ...beforeTargets,
             ...(await extensionChangeTargetsForRow(row)),
@@ -308,7 +665,9 @@ export async function updateExtensionContent(id, opts) {
         .where(eq(extensions.id, id));
     if (!existingRows[0])
         return null;
-    const existingContent = existingRows[0].content;
+    const existing = existingRows[0];
+    const existingContent = existing.content;
+    await ensureExtensionHistoryBaseline(existing);
     const update = await applyExtensionContentUpdate(existingContent, opts);
     const beforeTargets = await extensionChangeTargetsForId(id);
     await db
@@ -318,6 +677,7 @@ export async function updateExtensionContent(id, opts) {
     const rows = await db.select().from(extensions).where(eq(extensions.id, id));
     const row = rows[0] ?? null;
     if (row) {
+        await recordExtensionHistorySnapshot(row, "content-update", summarizeContentChange(existingContent, row.content));
         await notifyExtensionChanged([
             ...beforeTargets,
             ...(await extensionChangeTargetsForRow(row)),
@@ -340,6 +700,10 @@ export async function deleteExtension(id) {
         sql: `DELETE FROM tool_data WHERE tool_id = ?`,
         args: [id],
     });
+    await getDbExec().execute({
+        sql: `DELETE FROM tool_history WHERE tool_id = ?`,
+        args: [id],
+    });
     const { cascadeDeleteExtensionSlots } = await import("./slots/store.js");
     await cascadeDeleteExtensionSlots(id);
     await db.delete(extensions).where(eq(extensions.id, id));