@camstack/server 0.1.6 → 0.1.8

package/src/main.ts

@@ -46,12 +46,15 @@ import { registerHealthRoutes } from "./api/health/health.routes";
 import { registerOauth2Routes } from "./api/oauth2/oauth2-routes.js";
 import {
   AddonRouteRegistry,
+  DataPlaneRegistry,
+  proxyToUpstream,
 } from "@camstack/core";
 import type { FastifyRequest, FastifyReply } from "fastify";
 import { loadBootstrapConfig, setupInfra } from "./boot/boot-config";
 import { bootManual } from "./manual-boot";
 
 import { PostBootService } from "./boot/post-boot.service";
+import { runIntegrationIdBackfill } from "./boot/integration-id-backfill";
 
 // ---- Process-level error handlers ----
 
@@ -201,6 +204,7 @@ async function bootstrap() {
     const uploadAddonBridge = app.get(AddonBridgeService);
     const uploadMoleculer = app.get(MoleculerService);
     const uploadAddonRegistry = app.get(AddonRegistryService);
+    const uploadAddonPackage = app.get(AddonPackageService);
     const uploadLogger = app.get(LoggingService).createLogger("addon-upload");
     await registerAddonUploadRoute(
       fastify,
@@ -208,6 +212,7 @@ async function bootstrap() {
       uploadAuthService,
       uploadMoleculer,
       uploadAddonRegistry,
+      uploadAddonPackage,
       uploadLogger,
     );
     console.log(
@@ -234,6 +239,7 @@ async function bootstrap() {
   // Instantiate new core services
   const loggingService = app.get(LoggingService);
   const addonRouteRegistry = new AddonRouteRegistry();
+  const dataPlaneRegistry = new DataPlaneRegistry();
 
   // Use Fastify-managed notification/toast wrappers (globally provided by NotificationModule)
   const { NotificationServiceWrapper } =
@@ -249,6 +255,7 @@ async function bootstrap() {
   // Wire AddonRouteRegistry and NotificationService
   const addonRegistry = app.get(AddonRegistryService);
   addonRegistry.setAddonRouteRegistry(addonRouteRegistry);
+  addonRegistry.setDataPlaneRegistry(dataPlaneRegistry);
 
   // ── Configure the CapabilityRegistry (created in AddonRegistryService constructor) ──
   const capabilityRegistry = addonRegistry.getCapabilityRegistry();
@@ -701,6 +708,59 @@ async function bootstrap() {
         else if (Array.isArray(v)) headers[k] = v.join(",");
       }
 
+      // ── HTTP data-plane: reverse-proxy to the addon's own listener ───────
+      // Checked BEFORE control routes. A hit means the addon serves this prefix
+      // via `ctx.dataPlane` (it streams the bytes with real req/res); the hub
+      // authenticates here, then pipes. Same origin/cert as the admin-ui.
+      const dpMatch = dataPlaneRegistry.match(addonId, subPath);
+      if (dpMatch) {
+        const access = dpMatch.endpoint.access;
+        if (access !== "public") {
+          const authHeader = request.headers.authorization;
+          const cookieToken = request.cookies?.[SESSION_COOKIE];
+          if (!authHeader && !cookieToken) {
+            return reply.status(401).send({ error: "Unauthorized" });
+          }
+          const token = authHeader ? authHeader.replace("Bearer ", "") : cookieToken!;
+          if (token.startsWith("cst_")) {
+            const userMgmt = capabilityRegistry?.getSingleton("user-management");
+            if (!userMgmt) return reply.status(503).send({ error: "User management not available" });
+            const scopedToken = await userMgmt.validateScopedToken({ token });
+            const scopeOk = scopedToken?.scopes.some(
+              (scope: { type: string; target?: string }) => scope.type === "addon" && scope.target === addonId,
+            );
+            if (!scopedToken || !scopeOk) {
+              return reply.status(403).send({ error: "Token scope mismatch" });
+            }
+          } else {
+            try {
+              const payload = authService.verifyToken(token);
+              if (access === "admin" && !payload.isAdmin) {
+                return reply.status(403).send({ error: "Admin required" });
+              }
+            } catch {
+              return reply.status(401).send({ error: "Invalid token" });
+            }
+          }
+        }
+        const qIdx = request.url.indexOf("?");
+        const query = qIdx >= 0 ? request.url.slice(qIdx) : "";
+        // Forward the FULL sub-path INCLUDING the prefix — the addon's facility
+        // multiplexes by prefix, so it strips the prefix itself. (`dpMatch.rest`
+        // is only used to pick the endpoint, not to rewrite the path.)
+        const upstreamPath = `/${subPath}${query}`;
+        // Take over the socket — `proxyToUpstream` drives the raw response.
+        reply.hijack();
+        proxyToUpstream({
+          baseUrl: dpMatch.endpoint.baseUrl,
+          secret: dpMatch.endpoint.secret,
+          upstreamPath,
+          clientReq: request.raw,
+          clientRes: reply.raw,
+        });
+        return;
+      }
+
       const match = addonRouteRegistry.matchRoute(method, fullPath);
       if (!match) {
         if (method === "GET" && spaIndexHtml) {
@@ -907,11 +967,16 @@ async function bootstrap() {
       const indexPath = path.join(staticDir, "index.html");
       if (fs.existsSync(staticDir) && fs.existsSync(indexPath)) {
         spaIndexHtml = indexPath;
+        // `serve: false` registers no route — it only decorates
+        // `reply.sendFile`, so the single SPA `/*` handler below owns all
+        // routing and serves each asset LIVE from the current `staticDir`.
+        // The old `wildcard: false` registered one route per file enumerated
+        // AT BOOT, so a redeployed admin-ui's new content-hashed assets had no
+        // route and 404'd until a hub restart. Live `sendFile` removes that.
         await fastify.register(fastifyStatic, {
           root: staticDir,
-          prefix: "/",
-          wildcard: false,
-          decorateReply: false,
+          serve: false,
+          decorateReply: true,
         });
         // Dev diagnostic: serve webrtc-test.html from dataPath if it exists.
         const webrtcTestPath = path.join(dataPath, "webrtc-test.html");
@@ -921,8 +986,9 @@ async function bootstrap() {
           });
         }
 
-        // SPA fallback: catch-all route that serves index.html for non-API paths.
-        // Uses a wildcard route instead of setNotFoundHandler.
+        // SPA fallback + live static serving: this single catch-all owns every
+        // GET. Core API prefixes fall through to their own routers via
+        // `callNotFound`. Uses a wildcard route instead of setNotFoundHandler.
         fastify.get("/*", async (request, reply) => {
           const url = request.url;
           if (
@@ -933,17 +999,42 @@ async function bootstrap() {
           ) {
             return reply.callNotFound();
           }
-          // A request whose last path segment has a file extension is a
-          // static asset, not a SPA navigation route. If it reached here,
-          // `fastify-static` has no route for it — the file is missing.
-          // Return 404 instead of the SPA `index.html`: serving HTML under
-          // an asset URL makes upstream caches (Cloudflare, the browser)
-          // pin `text/html` for a `.js`/`.css` URL, which then fails the
-          // module MIME check long after the file is actually available.
+          // A request whose last path segment has a file extension is a static
+          // asset: serve it LIVE from the current dist so a redeployed
+          // admin-ui's new content-hashed files are picked up without a hub
+          // restart. When the file is missing, 404 — never the SPA
+          // `index.html`: serving HTML under a `.js`/`.css` URL makes upstream
+          // caches (Cloudflare, the browser) pin `text/html`, which then fails
+          // the module MIME check long after the file is actually available.
           const pathOnly = url.split("?")[0] ?? url;
           if (/\.[a-zA-Z0-9]+$/.test(pathOnly)) {
+            const rel = pathOnly.replace(/^\/+/, "");
+            const abs = path.join(staticDir, rel);
+            if (
+              (abs === staticDir || abs.startsWith(staticDir + path.sep)) &&
+              fs.existsSync(abs)
+            ) {
+              // Cache policy that lets PWA updates actually propagate (the
+              // stale-bundle bug): the service worker + registration + manifest
+              // MUST be revalidated every load or a redeploy never reaches the
+              // client (the SW keeps serving the old precache). Content-hashed
+              // build assets (assets/index-<hash>.js) are immutable. Everything
+              // else gets a short cache.
+              const base = rel.split("/").pop() ?? rel;
+              if (/^(sw\.js|registerSW\.js|workbox-.*\.js|manifest\.webmanifest)$/.test(base)) {
+                reply.header("cache-control", "no-cache, must-revalidate");
+              } else if (rel.startsWith("assets/") && /-[A-Za-z0-9_-]{8,}\./.test(base)) {
+                reply.header("cache-control", "public, max-age=31536000, immutable");
+              } else {
+                reply.header("cache-control", "no-cache");
+              }
+              return reply.sendFile(rel);
+            }
             return reply.callNotFound();
           }
+          // index.html (the SPA shell) must never be cached — it references the
+          // content-hashed bundles, so a stale copy pins the old app forever.
+          reply.header("cache-control", "no-cache, must-revalidate");
           return reply.type("text/html").send(fs.createReadStream(spaIndexHtml!));
         });
         const { version } = await adminUI.getVersion();
@@ -994,6 +1085,40 @@ async function bootstrap() {
   // Post-boot: fork workers, register device streams, emit system.boot
   const postBoot = app.get(PostBootService);
   await postBoot.run({ port, host, dataPath, trpcRegistered });
+
+  // One-time backfill: stamp integrationId on devices created before the
+  // device-manager forwarder started stamping it (legacy camera providers),
+  // so deleting their integration cascades them. Idempotent — only touches
+  // untagged top-level devices of single-instance addons.
+  try {
+    const dmForBackfill = capabilityRegistry.getSingleton('device-manager') as {
+      listAll?: (input: { addonId?: string }) => Promise<readonly {
+        id: number; addonId: string; parentDeviceId: number | null; integrationId?: string
+      }[]>
+      setIntegrationId?: (input: { deviceId: number; integrationId: string }) => Promise<void>
+    } | null
+    const integrationRegistry = addonRegistry.getIntegrationRegistry()
+    if (dmForBackfill?.listAll && dmForBackfill?.setIntegrationId && integrationRegistry) {
+      const listAll = dmForBackfill.listAll
+      const setIntegrationId = dmForBackfill.setIntegrationId
+      const backfillLogger = loggingService.createLogger('integration-backfill')
+      await runIntegrationIdBackfill({
+        listIntegrations: async () =>
+          (await integrationRegistry.listIntegrations()).map((i) => ({ id: i.id, addonId: i.addonId })),
+        listDevices: async () =>
+          (await listAll({})).map((d) => ({
+            id: d.id, addonId: d.addonId, parentDeviceId: d.parentDeviceId, integrationId: d.integrationId,
+          })),
+        setIntegrationId: (deviceId, integrationId) => setIntegrationId({ deviceId, integrationId }),
+        logger: {
+          info: (message, meta) => backfillLogger.info(message, { meta }),
+          warn: (message, meta) => backfillLogger.warn(message, { meta }),
+        },
+      })
+    }
+  } catch (err) {
+    console.warn('[bootstrap] integrationId backfill skipped:', err instanceof Error ? err.message : err)
+  }
 }
 
 /**

package/src/core/storage/settings-store.spec.ts

@@ -1,213 +0,0 @@
- 
-// server/backend/src/core/storage/settings-store.spec.ts
-import { describe, it, expect, beforeEach, afterEach } from 'vitest'
-import { SettingsStore } from './settings-store'
-import { RUNTIME_DEFAULTS } from '../config/config.schema'
-
-// Use an in-memory SQLite DB for tests so no temp files are created.
-function makeStore(): SettingsStore {
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-call -- 
-  return new (SettingsStore as any)(':memory:') as SettingsStore
-}
-
-// Re-open the private constructor with ':memory:' by temporarily patching the
-// constructor argument. SettingsStore accepts a dbPath string; ':memory:' is
-// the special better-sqlite3 in-memory sentinel.
-function createStore(): SettingsStore {
-  return new SettingsStore(':memory:')
-}
-
-describe('SettingsStore — system settings', () => {
-  let store: SettingsStore
-
-  beforeEach(() => { store = createStore() })
-  afterEach(() => { store.close() })
-
-  it('returns undefined for a key that does not exist', () => {
-    expect(store.getSystem('nonexistent')).toBeUndefined()
-  })
-
-  it('stores and retrieves a string value', () => {
-    store.setSystem('logging.level', 'debug')
-    expect(store.getSystem('logging.level')).toBe('debug')
-  })
-
-  it('stores and retrieves a number value', () => {
-    store.setSystem('retention.days', 30)
-    expect(store.getSystem('retention.days')).toBe(30)
-  })
-
-  it('stores and retrieves a boolean value', () => {
-    store.setSystem('features.streaming', true)
-    expect(store.getSystem('features.streaming')).toBe(true)
-  })
-
-  it('stores and retrieves a nested object (JSON serialization)', () => {
-    const obj = { a: 1, b: [1, 2, 3], c: { nested: true } }
-    store.setSystem('complex.key', obj)
-    expect(store.getSystem('complex.key')).toEqual(obj)
-  })
-
-  it('overwrites an existing key', () => {
-    store.setSystem('logging.level', 'info')
-    store.setSystem('logging.level', 'warn')
-    expect(store.getSystem('logging.level')).toBe('warn')
-  })
-
-  it('getAllSystem returns all stored keys', () => {
-    store.setSystem('key.a', 1)
-    store.setSystem('key.b', 2)
-    const all = store.getAllSystem()
-    expect(all['key.a']).toBe(1)
-    expect(all['key.b']).toBe(2)
-  })
-
-  it('getAllSystem returns empty object when no keys are set', () => {
-    expect(store.getAllSystem()).toEqual({})
-  })
-})
-
-describe('SettingsStore — addon settings', () => {
-  let store: SettingsStore
-
-  beforeEach(() => { store = createStore() })
-  afterEach(() => { store.close() })
-
-  it('returns undefined for a missing addon key', () => {
-    expect(store.getAddon('sqlite-storage', 'dbPath')).toBeUndefined()
-  })
-
-  it('stores and retrieves a value scoped by addonId', () => {
-    store.setAddon('sqlite-storage', 'dbPath', '/data/camstack.db')
-    expect(store.getAddon('sqlite-storage', 'dbPath')).toBe('/data/camstack.db')
-  })
-
-  it('scopes values: different addons do not share keys', () => {
-    store.setAddon('addon-a', 'sharedKey', 'value-a')
-    store.setAddon('addon-b', 'sharedKey', 'value-b')
-    expect(store.getAddon('addon-a', 'sharedKey')).toBe('value-a')
-    expect(store.getAddon('addon-b', 'sharedKey')).toBe('value-b')
-  })
-
-  it('getAllAddon returns only keys for the requested addon', () => {
-    store.setAddon('addon-a', 'key1', 10)
-    store.setAddon('addon-a', 'key2', 20)
-    store.setAddon('addon-b', 'key1', 99)
-    const all = store.getAllAddon('addon-a')
-    expect(all).toEqual({ key1: 10, key2: 20 })
-  })
-
-  it('setAllAddon replaces all keys atomically', () => {
-    store.setAddon('my-addon', 'old', 'gone')
-    store.setAllAddon('my-addon', { newKey: 'newVal', another: 42 })
-    const all = store.getAllAddon('my-addon')
-    expect(all).toEqual({ newKey: 'newVal', another: 42 })
-    expect(store.getAddon('my-addon', 'old')).toBeUndefined()
-  })
-
-  it('setAllAddon does not affect other addons', () => {
-    store.setAddon('other-addon', 'keep', 'me')
-    store.setAllAddon('my-addon', { x: 1 })
-    expect(store.getAddon('other-addon', 'keep')).toBe('me')
-  })
-})
-
-describe('SettingsStore — provider settings', () => {
-  let store: SettingsStore
-
-  beforeEach(() => { store = createStore() })
-  afterEach(() => { store.close() })
-
-  it('returns undefined for a missing provider key', () => {
-    expect(store.getProvider('prov-1', 'url')).toBeUndefined()
-  })
-
-  it('stores and retrieves a provider value', () => {
-    store.setProvider('prov-1', 'url', 'http://localhost:8554')
-    expect(store.getProvider('prov-1', 'url')).toBe('http://localhost:8554')
-  })
-
-  it('scopes values between providers', () => {
-    store.setProvider('prov-1', 'url', 'http://host-a')
-    store.setProvider('prov-2', 'url', 'http://host-b')
-    expect(store.getProvider('prov-1', 'url')).toBe('http://host-a')
-    expect(store.getProvider('prov-2', 'url')).toBe('http://host-b')
-  })
-
-  it('getAllProvider returns all keys for a provider', () => {
-    store.setProvider('prov-1', 'url', 'http://x')
-    store.setProvider('prov-1', 'port', 8554)
-    expect(store.getAllProvider('prov-1')).toEqual({ url: 'http://x', port: 8554 })
-  })
-})
-
-describe('SettingsStore — device settings', () => {
-  let store: SettingsStore
-
-  beforeEach(() => { store = createStore() })
-  afterEach(() => { store.close() })
-
-  it('returns undefined for a missing device key', () => {
-    expect(store.getDevice('cam-1', 'label')).toBeUndefined()
-  })
-
-  it('stores and retrieves a device value', () => {
-    store.setDevice('cam-1', 'label', 'Front Door')
-    expect(store.getDevice('cam-1', 'label')).toBe('Front Door')
-  })
-
-  it('scopes values between devices', () => {
-    store.setDevice('cam-1', 'label', 'A')
-    store.setDevice('cam-2', 'label', 'B')
-    expect(store.getDevice('cam-1', 'label')).toBe('A')
-    expect(store.getDevice('cam-2', 'label')).toBe('B')
-  })
-
-  it('getAllDevice returns all keys for a device', () => {
-    store.setDevice('cam-1', 'label', 'Cam 1')
-    store.setDevice('cam-1', 'enabled', true)
-    expect(store.getAllDevice('cam-1')).toEqual({ label: 'Cam 1', enabled: true })
-  })
-})
-
-describe('SettingsStore — first boot seeding', () => {
-  let store: SettingsStore
-
-  beforeEach(() => { store = createStore() })
-  afterEach(() => { store.close() })
-
-  it('isSystemSettingsEmpty returns true on a fresh DB', () => {
-    expect(store.isSystemSettingsEmpty()).toBe(true)
-  })
-
-  it('seedDefaults populates system_settings with RUNTIME_DEFAULTS', () => {
-    store.seedDefaults()
-    expect(store.isSystemSettingsEmpty()).toBe(false)
-    for (const [key, expected] of Object.entries(RUNTIME_DEFAULTS)) {
-      expect(store.getSystem(key)).toEqual(expected)
-    }
-  })
-
-  it('seedDefaults does not overwrite existing values (INSERT OR IGNORE)', () => {
-    store.setSystem('logging.level', 'debug')
-    store.seedDefaults()
-    // The manually set value should survive — seedDefaults uses INSERT OR IGNORE
-    expect(store.getSystem('logging.level')).toBe('debug')
-  })
-
-  it('second boot: seedDefaults is skipped when table is not empty', () => {
-    store.seedDefaults()
-    // Simulate a manual override then "re-boot"
-    store.setSystem('logging.level', 'warn')
-
-    // On second boot we would call seedDefaults only when isEmpty — simulate that guard
-    if (!store.isSystemSettingsEmpty()) {
-      // No-op: skip seeding
-    } else {
-      store.seedDefaults()
-    }
-
-    // Value from first seed should remain (not reverted to RUNTIME_DEFAULTS)
-    expect(store.getSystem('logging.level')).toBe('warn')
-  })
-})

package/src/core/storage/settings-store.ts

@@ -1,2 +0,0 @@
-// Re-export from @camstack/core (sqlite-storage builtin)
-export { SettingsStore } from '@camstack/core'

package/src/core/storage/sql-schema.spec.ts

@@ -1,140 +0,0 @@
-// server/backend/src/core/storage/sql-schema.spec.ts
-import { describe, it, expect } from 'vitest'
-import { addonTableToDdl, CORE_TABLE_DDL, type AddonTableSchema } from './sql-schema'
-
-describe('CORE_TABLE_DDL', () => {
-  it('is a non-empty readonly array of strings', () => {
-    expect(CORE_TABLE_DDL.length).toBeGreaterThan(0)
-    for (const stmt of CORE_TABLE_DDL) {
-      expect(typeof stmt).toBe('string')
-      expect(stmt.length).toBeGreaterThan(0)
-    }
-  })
-
-  it('contains CREATE TABLE IF NOT EXISTS for core tables', () => {
-    // `detection_events`, `audio_levels`, `track_trails` were removed
-    // in the P12b sweep — they're now owned by `addon-pipeline-analytics`
-    // via `declareCollection` (pipeline-analytics:motion-events,
-    // :object-events, :audio-events, :tracks, :media). The hub-core
-    // DDL only carries the foundational settings + device registry
-    // tables.
-    const tables = ['system_settings', 'addon_settings', 'provider_settings', 'device_settings', 'devices']
-    for (const table of tables) {
-      const found = CORE_TABLE_DDL.some(stmt => stmt.includes(`CREATE TABLE IF NOT EXISTS ${table}`))
-      expect(found, `Expected DDL for table "${table}"`).toBe(true)
-    }
-  })
-
-  it('contains indexes for the devices table', () => {
-    const found = CORE_TABLE_DDL.some(stmt => stmt.includes('idx_devices_addon'))
-    expect(found).toBe(true)
-  })
-})
-
-describe('addonTableToDdl', () => {
-  it('generates a CREATE TABLE statement with single primary key', () => {
-    const schema: AddonTableSchema = {
-      name: 'my_addon_events',
-      columns: [
-        { name: 'id', type: 'TEXT', primaryKey: true },
-        { name: 'timestamp', type: 'INTEGER', notNull: true },
-        { name: 'payload', type: 'JSON' },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    expect(stmts).toHaveLength(1)
-    const ddl = stmts[0]
-    expect(ddl).toContain('CREATE TABLE IF NOT EXISTS my_addon_events')
-    expect(ddl).toContain('id TEXT')
-    expect(ddl).toContain('timestamp INTEGER NOT NULL')
-    expect(ddl).toContain('payload JSON')
-    expect(ddl).toContain('PRIMARY KEY (id)')
-  })
-
-  it('generates a CREATE TABLE with composite primary key', () => {
-    const schema: AddonTableSchema = {
-      name: 'composite_pk_table',
-      columns: [
-        { name: 'addon_id', type: 'TEXT', primaryKey: true, notNull: true },
-        { name: 'key', type: 'TEXT', primaryKey: true, notNull: true },
-        { name: 'value', type: 'JSON', notNull: true },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    expect(stmts[0]).toContain('PRIMARY KEY (addon_id, key)')
-    expect(stmts[0]).toContain('addon_id TEXT NOT NULL')
-    expect(stmts[0]).toContain('key TEXT NOT NULL')
-  })
-
-  it('generates indexes when provided', () => {
-    const schema: AddonTableSchema = {
-      name: 'indexed_table',
-      columns: [
-        { name: 'id', type: 'TEXT', primaryKey: true },
-        { name: 'device_id', type: 'TEXT', notNull: true },
-        { name: 'ts', type: 'INTEGER', notNull: true },
-      ],
-      indexes: [
-        { name: 'idx_indexed_device_ts', columns: ['device_id', 'ts'] },
-        { name: 'idx_unique_id', columns: ['id'], unique: true },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    expect(stmts).toHaveLength(3)
-    expect(stmts[1]).toContain('CREATE INDEX IF NOT EXISTS idx_indexed_device_ts ON indexed_table(device_id, ts)')
-    expect(stmts[2]).toContain('CREATE UNIQUE INDEX IF NOT EXISTS idx_unique_id ON indexed_table(id)')
-  })
-
-  it('generates no PRIMARY KEY clause when no column is marked primaryKey', () => {
-    const schema: AddonTableSchema = {
-      name: 'no_pk_table',
-      columns: [
-        { name: 'col1', type: 'TEXT' },
-        { name: 'col2', type: 'INTEGER' },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    expect(stmts[0]).not.toContain('PRIMARY KEY')
-  })
-
-  it('produces valid SQL string (no syntax placeholders)', () => {
-    const schema: AddonTableSchema = {
-      name: 'valid_sql_table',
-      columns: [
-        { name: 'id', type: 'TEXT', primaryKey: true },
-        { name: 'data', type: 'JSON' },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    for (const stmt of stmts) {
-      // Should not contain template placeholders or undefined
-      expect(stmt).not.toContain('undefined')
-      expect(stmt).not.toContain('${')
-      expect(stmt.trim().length).toBeGreaterThan(0)
-    }
-  })
-
-  it('handles all column types correctly', () => {
-    const schema: AddonTableSchema = {
-      name: 'all_types',
-      columns: [
-        { name: 'text_col', type: 'TEXT' },
-        { name: 'int_col', type: 'INTEGER' },
-        { name: 'real_col', type: 'REAL' },
-        { name: 'json_col', type: 'JSON' },
-      ],
-    }
-
-    const stmts = addonTableToDdl(schema)
-    const ddl = stmts[0]
-    expect(ddl).toContain('text_col TEXT')
-    expect(ddl).toContain('int_col INTEGER')
-    expect(ddl).toContain('real_col REAL')
-    expect(ddl).toContain('json_col JSON')
-  })
-})

package/src/core/storage/sql-schema.ts

@@ -1,3 +0,0 @@
-// Re-export from @camstack/core (sqlite-storage builtin)
-export { CORE_TABLE_DDL, addonTableToDdl } from '@camstack/core'
-export type { AddonTableSchema } from '@camstack/core'