npm - @checkstack/backend-api - Versions diffs - 0.4.1 → 0.5.1 - Mend

@checkstack/backend-api 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,32 @@
 # @checkstack/backend-api
+## 0.5.1
+### Patch Changes
+- Updated dependencies [db1f56f]
+  - @checkstack/common@0.6.0
+  - @checkstack/signal-common@0.1.4
+  - @checkstack/queue-api@0.2.1
+## 0.5.0
+### Minor Changes
+- 66a3963: Add `SafeDatabase` type to prevent Drizzle relational query API usage at compile-time
+  - Added `SafeDatabase<S>` type that omits the `query` field from Drizzle's `NodePgDatabase`
+  - Updated `DatabaseDeps` to use `SafeDatabase` for all plugin database injection
+  - Updated `RpcContext.db` and `coreServices.database` to use the safe type
+  - Updated test utilities to use `SafeDatabase`
+  This change prevents accidental usage of the relational query API (`db.query`) which is blocked at runtime by the scoped database proxy.
+### Patch Changes
+- Updated dependencies [2c0822d]
+  - @checkstack/queue-api@0.2.0
 ## 0.4.1
 ### Patch Changes

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/backend-api",
-  "version": "0.4.1",
+  "version": "0.5.1",
   "type": "module",
   "main": "./src/index.ts",
   "scripts": {

package/src/core-services.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import type { CollectorRegistry } from "./collector-registry";
 import type { QueuePluginRegistry, QueueManager } from "@checkstack/queue-api";
 import type { ConfigService } from "./config-service";
 import type { SignalService } from "@checkstack/signal-common";
-import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { SafeDatabase } from "./plugin-system";
 import {
   Logger,
   Fetch,
@@ -18,26 +18,26 @@ import type { EventBus } from "./event-bus-types";
 export * from "./types";
 export const authenticationStrategyServiceRef = createServiceRef<unknown>(
-  "internal.authenticationStrategy"
+  "internal.authenticationStrategy",
 );
 export const coreServices = {
   database:
-    createServiceRef<NodePgDatabase<Record<string, unknown>>>("core.database"),
+    createServiceRef<SafeDatabase<Record<string, unknown>>>("core.database"),
   logger: createServiceRef<Logger>("core.logger"),
   fetch: createServiceRef<Fetch>("core.fetch"),
   auth: createServiceRef<AuthService>("core.auth"),
   healthCheckRegistry: createServiceRef<HealthCheckRegistry>(
-    "core.healthCheckRegistry"
+    "core.healthCheckRegistry",
   ),
   collectorRegistry: createServiceRef<CollectorRegistry>(
-    "core.collectorRegistry"
+    "core.collectorRegistry",
   ),
   pluginInstaller: createServiceRef<PluginInstaller>("core.pluginInstaller"),
   rpc: createServiceRef<RpcService>("core.rpc"),
   rpcClient: createServiceRef<RpcClient>("core.rpcClient"),
   queuePluginRegistry: createServiceRef<QueuePluginRegistry>(
-    "core.queuePluginRegistry"
+    "core.queuePluginRegistry",
   ),
   queueManager: createServiceRef<QueueManager>("core.queueManager"),
   config: createServiceRef<ConfigService>("core.config"),

package/src/plugin-system.ts CHANGED Viewed

@@ -14,12 +14,24 @@ export type ResolvedDeps<T extends Deps> = {
   [K in keyof T]: T[K]["T"];
 };
+/**
+ * Safe database type that omits Drizzle's relational query API.
+ * The relational query API bypasses schema isolation and is blocked
+ * at runtime by the scoped database proxy. This type prevents
+ * accidental usage at compile-time.
+ */
+export type SafeDatabase<S extends Record<string, unknown>> = Omit<
+  NodePgDatabase<S>,
+  "query"
+>;
 /**
  * Helper type for database dependency injection.
  * If schema S is provided, adds typed database; otherwise adds nothing.
+ * Uses SafeDatabase to prevent relational query API usage.
  */
 export type DatabaseDeps<S extends Record<string, unknown> | undefined> =
-  S extends undefined ? unknown : { database: NodePgDatabase<NonNullable<S>> };
+  S extends undefined ? unknown : { database: SafeDatabase<NonNullable<S>> };
 export type PluginContext = {
   pluginId: string;
@@ -37,7 +49,7 @@ export type AfterPluginsReadyContext = {
   onHook: <T>(
     hook: Hook<T>,
     listener: (payload: T) => Promise<void>,
-    options?: HookSubscribeOptions
+    options?: HookSubscribeOptions,
   ) => HookUnsubscribe;
   /**
    * Emit a hook event. Only available in afterPluginsReady phase.
@@ -48,7 +60,7 @@ export type AfterPluginsReadyContext = {
 export type BackendPluginRegistry = {
   registerInit: <
     D extends Deps,
-    S extends Record<string, unknown> | undefined = undefined
+    S extends Record<string, unknown> | undefined = undefined,
   >(args: {
     deps: D;
     schema?: S;
@@ -64,7 +76,7 @@ export type BackendPluginRegistry = {
      * Receives the same deps as init, plus onHook and emitHook.
      */
     afterPluginsReady?: (
-      deps: ResolvedDeps<D> & DatabaseDeps<S> & AfterPluginsReadyContext
+      deps: ResolvedDeps<D> & DatabaseDeps<S> & AfterPluginsReadyContext,
     ) => Promise<void>;
   }) => void;
   registerService: <S>(ref: ServiceRef<S>, impl: S) => void;
@@ -80,7 +92,7 @@ export type BackendPluginRegistry = {
    */
   registerRouter: <C extends AnyContractRouter>(
     router: Router<C, RpcContext>,
-    contract: C
+    contract: C,
   ) => void;
   /**
    * Register cleanup logic to be called when the plugin is deregistered.

package/src/rpc.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import {
   qualifyAccessRuleId,
   qualifyResourceType,
 } from "@checkstack/common";
-import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { SafeDatabase } from "./plugin-system";
 import {
   Logger,
   Fetch,
@@ -36,7 +36,7 @@ export interface RpcContext {
    */
   pluginMetadata: PluginMetadata;
-  db: NodePgDatabase<Record<string, unknown>>;
+  db: SafeDatabase<Record<string, unknown>>;
   logger: Logger;
   fetch: Fetch;
   auth: AuthService;

package/src/test-utils.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { mock } from "bun:test";
 import { RpcContext, EmitHookFn } from "./rpc";
-import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { SafeDatabase } from "./plugin-system";
 import { HealthCheckRegistry } from "./health-check";
 import { CollectorRegistry } from "./collector-registry";
 import { QueuePluginRegistry, QueueManager } from "@checkstack/queue-api";
@@ -10,11 +10,11 @@ import { QueuePluginRegistry, QueueManager } from "@checkstack/queue-api";
  * By default provides an authenticated user with wildcard access.
  */
 export function createMockRpcContext(
-  overrides: Partial<RpcContext> = {}
+  overrides: Partial<RpcContext> = {},
 ): RpcContext {
   return {
     pluginMetadata: { pluginId: "test-plugin" },
-    db: mock() as unknown as NodePgDatabase<Record<string, unknown>>,
+    db: mock() as unknown as SafeDatabase<Record<string, unknown>>,
     logger: {
       info: mock(),
       error: mock(),
@@ -39,7 +39,7 @@ export function createMockRpcContext(
       checkResourceTeamAccess: mock().mockResolvedValue({ hasAccess: true }),
       getAccessibleResourceIds: mock().mockImplementation(
         (params: { resourceIds: string[] }) =>
-          Promise.resolve(params.resourceIds)
+          Promise.resolve(params.resourceIds),
       ),
     },
     healthCheckRegistry: {