@checkstack/script-packages-backend 0.2.0

package/CHANGELOG.md

@@ -0,0 +1,273 @@
+# @checkstack/script-packages-backend
+
+## 0.2.0
+
+### Minor Changes
+
+- 270ef29: Fix several correctness defects around distributed coordination and stored-data handling.
+
+  - Dwell `for:` timers now fire via an atomic `DELETE ... RETURNING` claim, so two pods (or the stalled sweeper vs the queue consumer) can no longer both fire the same dwell.
+  - Postgres session-level advisory locks now keep connection affinity. A shared `AdvisoryLockService` (backed by a dedicated pooled client) replaces the previous acquire/release-on-different-connection pattern that leaked locks. Used by the script-packages installer election, the automation run resume + stalled sweeper, and (via a new transaction-scoped `withXactLock`) incident dedup.
+  - A storage migration that crashed mid-flight is now resumed on startup under the installer-election lock, instead of permanently wedging installs.
+  - Distributed script-package blobs carry a `blobSha256` and are verified before extraction (the SRI `integrity` hashes the npm tarball, not the transported archive). Backward-safe: entries without the field skip verification until a re-install regenerates the manifest.
+  - Archive extraction rejects zip-slip paths (absolute or `..` entries) before writing anything.
+  - `incident.create` with `dedupe_open_for_system` serializes its check-then-create per system, so concurrent triggers for the same system can't both open a duplicate incident.
+  - Seeded auto-incident filter expressions JSON-encode interpolated ids so a quote/backslash can't corrupt the expression.
+  - Stored jsonb snapshots (dwell `actorSnapshot`, wait-lock `waitConfig`) are validated with zod on load and degrade safely instead of flowing through as the wrong type.
+
+- 270ef29: Core-side satellite script-package distribution.
+
+  - `satellite-backend`: the WS handler now carries the desired script-package
+    lockfile hash in `authenticated` / `config_updated` payloads (the durable
+    backstop), exposes `pushRefreshScriptPackagesToAll` (wired to the
+    `script-packages.changed` broadcast hook in `mode: "broadcast"`, so each
+    core instance fans the refresh out to its own connected satellites), and
+    persists `script_package_sync_state` reports from satellites.
+  - `script-packages-*`: new `reportSatelliteSyncState` RPC + store method so
+    satellite-backend can record per-satellite reconcile state for the admin
+    UI. Satellites pull blobs from core via the existing `getManifest` /
+    `downloadBlob` endpoints, never the registry.
+
+- 270ef29: Activate npm packages in script execution: thread the managed
+  `resolutionRoot` into every user-script call site so an allowlisted package
+  can actually be `import`ed.
+
+  - `@checkstack/backend-api`: the ESM runner now always writes a per-run
+    `bunfig.toml` with `[install] auto = "disable"` and runs with that dir as
+    CWD. Without this Bun silently auto-installs any imported package from the
+    registry (verified), defeating the allowlist; with it, imports resolve
+    only against the reconciled `current/node_modules` (when a `resolutionRoot`
+    is set) and otherwise fail fast.
+  - `@checkstack/script-packages-backend`: `resolveResolutionRoot` /
+    `resolveResolutionRootFromStore` / `resolveResolutionRootForHost` decide a
+    host's resolution-root status (`none` / `ready` / `notReady`) from the
+    local `<store>/current`.
+  - `run_script` (integration-script-backend), the inline-script collector
+    (healthcheck-script-backend, core + satellite), and the in-UI `testScript`
+    / `testCollectorScript` endpoints all resolve the root per run and pass it
+    to the runner; `run_script` surfaces a clear "npm packages not ready"
+    error when configured-but-unsynced. Shell paths are unaffected (no module
+    resolution).
+
+  An opt-in end-to-end test (`CHECKSTACK_E2E_NETWORK=1`) proves an allowlisted
+  package imports successfully through the real `run_script` action execute
+  path, with non-network degradation tests running always.
+
+  BREAKING CHANGES: `@checkstack/backend-api`'s `defaultEsmScriptRunner` now
+  always disables Bun auto-install for the user subprocess. A script that
+  previously relied on Bun silently fetching an un-vendored package from the
+  registry at import time will now fail to resolve it. This is intentional -
+  package availability is governed by the admin allowlist - but any caller
+  depending on the old implicit auto-install behavior must add the package to
+  the allowlist instead. The new `EsmScriptRunOptions.resolutionRoot` field is
+  optional and additive (defaults to today's `os.tmpdir()` behavior when
+  unset), so the runner API itself is source-compatible.
+
+- 270ef29: Add the script-packages backend package skeleton: Drizzle data model
+  (allowlist, registry config, install state, size cap, content-addressed
+  blob index, storage config, per-satellite sync state) + initial
+  migration, the `blobStoreExtensionPoint` + `BlobStore` interface and a
+  blob-store registry (with dual-backend read fallback for storage
+  migration), the `CHECKSTACK_DATA_DIR` package-store path resolver, and
+  the plugin registration that wires the extension point + access rules.
+- b995afb: Fix two Script Packages bugs: empty-allowlist installs and read-only Advanced settings.
+
+  - Install now: clicking "Install now" with no enabled packages no longer fails with ENOENT and an `error` install state. With an empty dependency set `bun install` writes no `bun.lock`, so the central resolver previously threw reading it. The resolver now short-circuits an empty (or all-disabled) allowlist to an empty resolved set, ending the install in `ready` at 0.0 MB with the deterministic empty-lockfile hash. No subprocess or registry call is made in that case.
+  - Advanced settings: the registry URL, "ignore install scripts" toggle, write-only auth token, size guardrail thresholds, and active storage backend are now editable in the Script Packages settings page (previously read-only displays) and wired to the existing `setRegistryConfig` / `setSizeCapConfig` / `setStorageBackend` mutations. The auth-token field is write-only: a blank field leaves the stored token untouched, and a "Clear token" action removes it. The destructive blob-migration flow is unchanged.
+
+  No schema or RPC contract changes.
+
+- 270ef29: Add garbage collection for script packages, reclaiming both shared blob storage and per-host disk.
+
+  Two things accumulated and were never reclaimed; both are now collected with provably-safe guards (referenced-set + grace + lock / active-run protection - when in doubt, retain).
+
+  - **Blob GC (Postgres / S3 reclamation).** A new `gcBlobs` RPC (manage-gated) plus a daily scheduled job prune content-addressed blobs no longer referenced by any retained lockfile manifest (the current desired hash plus the previous N, default 1, for rollback / in-flight reconciles). Candidates are only deleted after a grace window (default 24h, keyed on `created_at`), each blob's bytes are removed from its recorded backend before its index row, and the pass holds the installer-election advisory lock so it is mutually exclusive with installs and storage migrations. The settings UI surfaces last-run and total-reclaimed figures and a "Run cleanup now" action. The installer now records each successful manifest in a new `script_package_lockfile_history` table so the retained set is computable; GC state lives in `script_package_blob_gc_state`.
+  - **Tree GC (per-host disk).** After a successful symlink flip, each host (core pod or satellite) sweeps its `trees/<lockfileHash>/` dirs, deleting non-current trees older than a grace window (default 1h). `current`'s target is never deleted. Active-run safety uses a conservative mtime-keyed grace window chosen to exceed the longest run timeout, since runs are throwaway subprocesses with no robust cross-process refcount - a tree only becomes eligible once no live run could still be pinned to it.
+
+  Adds the `gcBlobs` / `getBlobGcState` RPCs, the `BlobGcSummary` / `BlobGcState` schemas, and two new Drizzle tables (`script_package_lockfile_history`, `script_package_blob_gc_state`).
+
+- 270ef29: Harden the script-packages store against three confirmed defects:
+
+  - **Tree GC no longer deletes live trees.** The tree garbage collector keyed
+    its grace window on the materialized tree's dir mtime. A tree that had been
+    `current` for days carried an ancient mtime, so it became eligible for
+    deletion the instant it was superseded by a flip - and the post-flip sweep
+    would then delete a tree that an in-flight run (which snapshots its
+    resolution root at run start) was still pinned to. The flip now stamps a
+    `.retired-at` marker into the superseded tree, and the grace window is
+    measured from that retirement timestamp. A non-current tree with no marker
+    is retained (and lazily back-filled) so it ages out instead of leaking, and
+    is never deleted on a missing signal.
+
+    BREAKING CHANGE: the tree-GC grace window is now measured from a tree's
+    retirement time (when it stopped being `current`), not its dir mtime.
+    Existing non-current trees with no `.retired-at` marker are retained on the
+    first sweep and back-filled, then collected on a later sweep once the grace
+    window elapses from the back-filled time.
+
+  - **Installer no longer leaves a plaintext registry token on disk after a
+    failed resolve.** The central resolver wrote the auth-token-bearing
+    `.npmrc` into its scratch dir but only removed the scratch dir on the
+    success path; any failure between `bun install` and packing the cache
+    entries left the token on disk. Scratch-dir removal now runs in a `finally`
+    so the token is cleaned up on every exit path.
+
+  - **Tar extraction rejects symlink/hardlink entries.** Blob unpacking
+    validated entry names against zip-slip but not link targets, so a symlink
+    with a safe name but an escaping target (for example `-> /etc` or
+    `-> ../../..`) passed; a later regular-file entry could then be written
+    through it and escape the target directory. The listing pass now inspects
+    entry types (`tar -tzvf`) and rejects any non-regular, non-directory entry.
+
+- 270ef29: Add the install/resolve service for script packages: deterministic
+  lockfile-manifest hashing (content-addressed, order-independent),
+  generated store `package.json` builder, `.npmrc` renderer (auth token
+  write-only, never logged), `bun.lock` parser (name/version/integrity
+  extraction), the elected-installer Postgres advisory lock (pattern copied
+  from automation-backend) + singleton install-state store, the
+  `performInstall` orchestration (resolve -> delta-publish blobs to the
+  active store -> record manifest/hash/size), and the admin-configurable
+  size-cap guardrail (warn 150MB / block 300MB).
+
+  Empirically verified: `bun install --offline` reconstructs `node_modules`
+  from a pre-seeded Bun cache with zero network access (the delta-sync model
+  the reconciler builds on). Hardlink-vs-copy is filesystem-dependent and
+  does not affect correctness.
+
+- b995afb: Fix package IntelliSense in script editors: lazy Automatic Type Acquisition (ATA) with proper `@types/*` resolution.
+
+  Script editors (automation "Run Script (TypeScript)" and healthcheck collectors) now provide real autocomplete for installed npm packages. Importing a package whose types live in DefinitelyTyped - e.g. `import { debounce } from "lodash"` (lodash ships no own types; `@types/lodash` does) - now yields member completions. Previously no package completions appeared at all.
+
+  Root cause: the old rollup wrapped each package's raw, multi-file `.d.ts` (with `export =`, `export as namespace`, and triple-slash `/// <reference path>` chains) inside a single `declare module "<name>" { ... }`, which the TypeScript worker silently rejected, and it truncated large type sets (lodash is ~866 KB across ~700 files) at a 256 KB cap.
+
+  The fix registers the REAL declaration files at their `node_modules/...` virtual paths and lets TypeScript's own NodeJs + `@types` resolution do the work:
+
+  - `@checkstack/script-packages-backend`: replaced `rollupPackageTypes` with a tree-driven closure extractor (`resolvePackageTypeClosure`). Given a bare specifier, it resolves against the materialized tree - own types via `package.json` `types`/`typings`/`exports` (bundled-types packages like `zod`/`dayjs`), the `@types/<mangled>` companion when it exists (`lodash` -> `@types/lodash`, scoped `@babel/core` -> `@types/babel__core`), or both, or neither (graceful empty, never a throw). It follows `/// <reference path|types>` and relative imports, includes each package's `package.json`, leaves every file UNWRAPPED, and surfaces a `truncated` flag instead of silently capping. Served from a new raw, HTTP-cacheable route `GET /api/script-packages/types/:lockfileHash/:specifier` (`Cache-Control: private, max-age=1y, immutable`), auth-gated by `script-packages.read`.
+  - `@checkstack/script-packages-common`: **BREAKING** - replaced the `listPackageTypes` RPC procedure and `PackageTypesSchema { name, version, dts }` with `PackageTypeClosureSchema` (a `{ path, content }` file-map plus `hasOwnTypes`/`hasAtTypes`/`notFound`/`truncated`) served over the cacheable HTTP route. Added a shared `buildTypeAcquisitionPath`/`parseTypeAcquisitionPath` path contract.
+  - `@checkstack/ui`: `CodeEditor`/`TypefoxEditor` gained an injected `acquireTypes` resolver + `acquireResetKey`. On debounced buffer change it parses bare `import`/`require` specifiers (pure, unit-tested) and lazily fetches + registers each NEW package's closure via `addExtraLib` at `file:///node_modules/...`, deduped by a shared acquired-set that resets when the install hash changes. Compiler options set `moduleResolution: NodeJs`, `baseUrl: "file:///"`, and `typeRoots` so a bare import resolves to its `@types` companion. The `context` ambient global keeps working unchanged.
+  - `@checkstack/script-packages-frontend`: replaced the old `useScriptPackageTypes` (which concatenated the broken `dts`) with `useScriptPackageTypeAcquisition()`, returning the `acquireTypes` resolver (targets the cacheable route, zod-validates the response) and the current `lockfileHash` as `acquireResetKey`.
+  - `@checkstack/automation-frontend` / `@checkstack/healthcheck-frontend`: wired the resolver into the Run Script and collector editors.
+
+  State & scale: the type closure is derived on read from the materialized package tree (no new durable state). The editor's acquired-set is pod-local UI bookkeeping; the route is keyed by the cluster-wide `lockfileHash`, so the browser HTTP cache is correct across pods and only refetches after a new install changes the hash.
+
+- 270ef29: Add the per-host script-package reconciler and the runner resolution root.
+
+  - `@checkstack/backend-api`: `EsmScriptRunOptions.resolutionRoot` - when
+    set, the per-run temp dir is created inside it so module resolution walks
+    up to `<resolutionRoot>/node_modules` and user scripts can `import`
+    managed npm packages. Defaults to today's `os.tmpdir()` behavior when
+    unset (backward-compatible; isolation unchanged - the subprocess still
+    only sees `SAFE_ENV_VARS`).
+  - `@checkstack/script-packages-backend`: content-addressed cache archive
+    (tar+gzip per package), pure delta diff (`computeMissingBlobs`), atomic
+    `current` symlink swap, the host reconciler (`reconcileToHash` -
+    idempotent: pull only missing blobs, materialize a versioned tree via
+    `bun install --offline`, atomically flip `current`), the concrete fs/Bun
+    adapter, the central install resolver, and the `script-packages.changed`
+    broadcast hook. An opt-in end-to-end test
+    (`CHECKSTACK_E2E_NETWORK=1`) proves resolve -> publish -> cold reconcile
+    (no registry) -> offline materialize -> import.
+
+- b995afb: Add live, backend-proxied npm package-name autocomplete and version lookup to the Script Packages "Allowed packages" form.
+
+  The package-name field now searches the configured registry as you type (debounced). The version field suggests the package's published versions newest-first, defaulting to the registry's `latest` dist-tag while staying free-typeable for an exact manual pin. Picking a package now auto-fills its version (from the search hit, then upgraded to `latest`) instead of clearing the field, and the version dropdown stays open so a version is actually selectable.
+
+  This is fully backend-proxied so it reuses the SAME configured registry + auth the install path uses: the registry can be private with a server-side-only auth token (the client only ever sees `hasAuthToken`), and browsers can't reach arbitrary registries due to CORS.
+
+  - `@checkstack/script-packages-common`: two new `manage`-gated query procedures - `searchPackages` (input `{ text }`, output `{ items: [{ name, version?, description? }] }`) and `getPackageVersions` (input `{ name }`, output `{ versions, distTags? }`). Output `version`/`versions` are relaxed to plain strings so valid-but-unusual registry versions surface as suggestions; strict `PackageVersionSchema` validation still applies on `addPackage`.
+  - `@checkstack/script-packages-backend`: new `registry-client` (fetch-based, AbortController timeout, size cap, zod-validated registry responses, scoped-registry selection, tolerant semver-descending sort, a best-effort pod-local read cache that is never a source of truth, and errors that never leak the auth token). Search results use the registry's own relevance ranking from `-/v1/search`. The registry + token resolution used by the install path is factored into a shared `resolveRegistryRequestConfig` helper reused by both the new RPC handlers and the installer.
+  - `@checkstack/script-packages-frontend`: the package and version inputs become live comboboxes (Popover + Input) with inline pinned-version validation before "Add" is enabled. Selecting a suggestion routes through a dedicated `onSelect(hit)` callback (separate from manual-typing `onValueChange`) so a pick auto-fills the version instead of clearing it; the popover dismissable layer ignores interactions originating on the anchor input, fixing the version dropdown that previously opened then immediately closed. The version-autofill decision logic is extracted into a pure, unit-tested helper.
+
+  State & scale: the registry-client TTL cache is an explicitly non-authoritative, pod-local best-effort read cache (search/version lookups are non-authoritative reads); a cache miss on another pod simply re-fetches, so pod-local divergence is harmless. No new durable state of record is introduced.
+
+- 270ef29: Wire up the script-packages RPC router, admin UI, and editor IntelliSense.
+
+  - `script-packages-backend`: the oRPC router implementing the full
+    contract (allowlist CRUD, registry config with encrypted write-only auth
+    token, `installNow` via the elected installer, size cap, storage backend
+    selection, install state, `getManifest` / `downloadBlob` for reconcilers,
+    and `listPackageTypes`), the `installNow` controller (election, size-cap
+    enforcement, `script-packages.changed` emit, blocked during migration),
+    the `.d.ts` rollup, the singleton config stores, and the full plugin
+    wiring (broadcast-hook reconcile + startup backstop).
+  - `script-packages-common`: admin route for the settings page.
+  - `script-packages-frontend`: the Settings -> Script Packages admin page
+    (allowlist, install state + size, registry/storage summary, satellite
+    sync) and the `useScriptPackageTypes()` hook.
+  - `automation-frontend` / `healthcheck-frontend`: merge installed-package
+    `.d.ts` into the script-editor `typeDefinitions` so `import` from an
+    allowlisted package autocompletes in every script field.
+
+- 270ef29: Add storage-backend migration for script packages.
+
+  - `migrateStorage({ target })` copies every blob from the active backend to
+    the target, verifies each copy byte-for-byte (read back + SHA-256 compare),
+    flips the per-blob `backend` only after a verified copy, then atomically
+    switches the active backend. Resumable from a partial state (the work set
+    is re-derived from the index), aborts cleanly on an integrity mismatch
+    (active backend untouched), and supports optional source GC. Built on the
+    Phase 2 dual-backend read fallback, so reads keep working mid-migration.
+  - Migration and `installNow` are mutually exclusive via the installer
+    advisory lock; `setStorageBackend` is refused while a migration runs.
+  - New `listStorageBackends` RPC + admin UI: a storage-backend card with a
+    target selector, "Migrate" action, and live progress / completion / error
+    state.
+
+- 270ef29: Secrets platform Phase 5: internal-secret consolidation (registry token) + connection-credential leak hardening.
+
+  - New `internalSecretsRef`: platform-internal secrets (not user-managed
+    named secrets) stored under a reserved `__internal__:` prefix, ALWAYS on
+    the local (always-writable, AES-GCM) backend so internal writes never
+    break when Vault is the active backend. Excluded from the user-facing
+    Secrets list.
+  - The script-package registry auth token is consolidated onto
+    `internalSecretsRef`. The `authSecretRef` column now holds a stable
+    marker; a one-time, idempotent, parity-verified migration moves legacy
+    inline ciphertext into the platform and only rewrites the column once the
+    platform copy reads back identically (legacy value never dropped early).
+    Resolution stays backward-compatible with legacy ciphertext.
+  - Integration: `createConnection` / `updateConnection` now return the
+    redacted connection preview instead of echoing the submitted credential
+    fields back in the response (leak hardening). Non-breaking — the frontend
+    refetches the redacted list and ignores the returned preview.
+
+  NOTE: integration connection-credential STORAGE is intentionally NOT
+  migrated onto the secrets platform. Connection creds are co-mingled
+  secret/non-secret config stored per-provider via `ConfigService` (which
+  already uses the same AES-GCM crypto + per-field redaction); splitting them
+  out would require per-provider schema-walking and a lossy migration across
+  live integrations for no real gain. The `ConnectionStore` API + storage are
+  unchanged.
+
+### Patch Changes
+
+- b995afb: Harden the script-package blob byte boundary against a raw `ArrayBuffer`.
+
+  Blob bytes can reach the content-hash and storage codecs as a raw `ArrayBuffer` (e.g. from an S3/HTTP transport's `arrayBuffer()`), and Node/Bun's `crypto.Hash.update()` rejects a bare `ArrayBuffer` ("The 'data' argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received an instance of ArrayBuffer"), which would fail a real-package install with `status=error`. `blobSha256` / `verifyBlobSha256` (script-packages-backend) and `encodeBlob` (script-packages-store-postgres) now normalize `ArrayBuffer` to a `Uint8Array` view at the boundary before hashing/encoding. A view over the same bytes hashes and encodes identically, so existing content hashes and stored blobs are unchanged. Adds regression tests feeding an `ArrayBuffer` through both the hash and the Postgres codec.
+
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [b995afb]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [b995afb]
+- Updated dependencies [270ef29]
+- Updated dependencies [b995afb]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [b995afb]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [270ef29]
+- Updated dependencies [b995afb]
+  - @checkstack/backend-api@0.19.0
+  - @checkstack/secrets-backend@0.1.0
+  - @checkstack/script-packages-common@0.2.0
+  - @checkstack/secrets-common@0.1.0

package/drizzle/0000_flashy_squadron_supreme.sql

@@ -0,0 +1,63 @@
+CREATE TABLE "script_package_blob" (
+	"integrity" text PRIMARY KEY NOT NULL,
+	"name" text NOT NULL,
+	"version" text NOT NULL,
+	"backend" text NOT NULL,
+	"size_bytes" bigint NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_install_state" (
+	"id" text PRIMARY KEY DEFAULT 'singleton' NOT NULL,
+	"status" text DEFAULT 'idle' NOT NULL,
+	"lockfile_hash" text,
+	"manifest" jsonb DEFAULT '[]'::jsonb NOT NULL,
+	"total_size_bytes" bigint DEFAULT 0 NOT NULL,
+	"last_installed_at" timestamp,
+	"error_message" text
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_registry_config" (
+	"id" text PRIMARY KEY DEFAULT 'singleton' NOT NULL,
+	"registry_url" text DEFAULT 'https://registry.npmjs.org/' NOT NULL,
+	"scoped_registries" jsonb DEFAULT '[]'::jsonb NOT NULL,
+	"auth_secret_ref" text,
+	"ignore_scripts" boolean DEFAULT true NOT NULL,
+	"updated_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_satellite_state" (
+	"satellite_id" text PRIMARY KEY NOT NULL,
+	"lockfile_hash" text,
+	"status" text DEFAULT 'pending' NOT NULL,
+	"error_message" text,
+	"synced_at" timestamp
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_size_cap" (
+	"id" text PRIMARY KEY DEFAULT 'singleton' NOT NULL,
+	"warn_bytes" bigint DEFAULT 157286400 NOT NULL,
+	"block_bytes" bigint DEFAULT 314572800 NOT NULL,
+	"updated_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_storage_config" (
+	"id" text PRIMARY KEY DEFAULT 'singleton' NOT NULL,
+	"active_backend" text DEFAULT 'postgres' NOT NULL,
+	"migration_status" text DEFAULT 'idle' NOT NULL,
+	"migration_target" text,
+	"migrated_count" integer DEFAULT 0 NOT NULL,
+	"migration_error" text,
+	"updated_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "script_packages" (
+	"name" text PRIMARY KEY NOT NULL,
+	"version" text NOT NULL,
+	"enabled" boolean DEFAULT true NOT NULL,
+	"added_by" text,
+	"added_at" timestamp DEFAULT now() NOT NULL,
+	"updated_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE INDEX "script_package_blob_backend_idx" ON "script_package_blob" USING btree ("backend");

package/drizzle/0001_flawless_drax.sql

@@ -0,0 +1,15 @@
+CREATE TABLE "script_package_blob_gc_state" (
+	"id" text PRIMARY KEY DEFAULT 'singleton' NOT NULL,
+	"last_run_at" timestamp,
+	"last_deleted" integer DEFAULT 0 NOT NULL,
+	"last_bytes_reclaimed" bigint DEFAULT 0 NOT NULL,
+	"total_bytes_reclaimed" bigint DEFAULT 0 NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "script_package_lockfile_history" (
+	"lockfile_hash" text PRIMARY KEY NOT NULL,
+	"manifest" jsonb DEFAULT '[]'::jsonb NOT NULL,
+	"recorded_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE INDEX "script_package_lockfile_history_recorded_idx" ON "script_package_lockfile_history" USING btree ("recorded_at");