npm - @cosmicdrift/kumiko-bundled-features - Versions diffs - 0.14.0 → 0.16.0 - Mend

@cosmicdrift/kumiko-bundled-features 0.14.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (269) hide show

package/src/auth-email-password/handlers/signup-confirm.write.ts CHANGED Viewed

@@ -19,6 +19,7 @@
 // bei !committed wird der burn released damit ein legitimer Retry
 // nicht durch einen stale Marker geblockt wird (wie reset/verify).
+import { fetchOne } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { DbConnection } from "@cosmicdrift/kumiko-framework/db";
 import {
   defineWriteHandler,
@@ -32,7 +33,6 @@ import {
 } from "@cosmicdrift/kumiko-framework/errors";
 import { generateUniqueName } from "@cosmicdrift/kumiko-framework/random";
 import { generateId } from "@cosmicdrift/kumiko-framework/utils";
-import { eq } from "drizzle-orm";
 import { z } from "zod";
 // kumiko-lint-ignore cross-feature-import signup-confirm reads tenants.key for slug-uniqueness check (TOCTOU + DB-unique-index zusammen)
 import { tenantTable } from "../../tenant/schema/tenant";
@@ -108,12 +108,8 @@ export function createSignupConfirmHandler() {
         const tenantKey = await generateUniqueName({
           isAvailable: async (slug) => {
-            const existing = await dbConn
-              .select({ id: tenantTable.id })
-              .from(tenantTable)
-              .where(eq(tenantTable.key, slug))
-              .limit(1);
-            return existing.length === 0;
+            const existing = await fetchOne<{ id: string }>(dbConn, tenantTable, { key: slug });
+            return existing === undefined;
           },
         });

package/src/auth-email-password/seeding.ts CHANGED Viewed

@@ -78,7 +78,7 @@ export async function seedUserWithPassword(
  *  innerhalb dieses Sprints, weil alle existing tests berührt würden.
  *
  *  Atomicity: läuft inside einer Drizzle-Tx wenn der Caller das angibt
- *  (db.transaction(tx => provisionSignupAccount(tx, ...)) — die seed-
+ *  (db.begin(tx => provisionSignupAccount(tx, ...)) — die seed-
  *  helpers nehmen DbConnection|DbTx strukturell. Bei pure DbConnection
  *  sind die 3 writes nicht atomic; bei Failure zwischen Schritten kann
  *  ein orphan-Tenant zurückbleiben (Tenant ohne User → unused row;

package/src/auth-email-password/web/__tests__/auth-gate.test.tsx CHANGED Viewed

@@ -1,7 +1,6 @@
-// @vitest-environment jsdom
+import { describe, expect, test } from "bun:test";
 import { screen } from "@testing-library/react";
 import type { ReactNode } from "react";
-import { describe, expect, test } from "vitest";
 import { makeAuthGate } from "../auth-gate";
 import { makeSessionApi, renderWithProviders } from "./test-utils";

package/src/auth-email-password/web/__tests__/forgot-password-screen.test.tsx CHANGED Viewed

@@ -1,19 +1,14 @@
-// @vitest-environment jsdom
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
 import { fireEvent, screen, waitFor } from "@testing-library/react";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { ForgotPasswordScreen } from "../forgot-password-screen";
 import { renderWithProviders } from "./test-utils";
 beforeEach(() => {
-  // global fetch wird von auth-client.ts gerufen — wir mocken pro Test.
-  vi.stubGlobal(
-    "fetch",
-    vi.fn(async () => new Response(null, { status: 200 })),
-  );
-});
-afterEach(() => {
-  vi.unstubAllGlobals();
+  globalThis.fetch = mock(
+    async () => new Response(null, { status: 200 }),
+  ) as unknown as typeof fetch;
 });
+afterEach(() => {});
 describe("ForgotPasswordScreen", () => {
   test("rendert title + email-input + submit-button (de)", () => {
@@ -24,8 +19,8 @@ describe("ForgotPasswordScreen", () => {
   });
   test("submit ruft /api/auth/request-password-reset mit der Email", async () => {
-    const fetchMock = vi.fn(async () => new Response(null, { status: 200 }));
-    vi.stubGlobal("fetch", fetchMock);
+    const fetchMock = mock(async () => new Response(null, { status: 200 }));
+    globalThis.fetch = fetchMock as unknown as typeof fetch;
     renderWithProviders(<ForgotPasswordScreen />);
     fireEvent.change(screen.getByLabelText(/^E-Mail/), {
@@ -54,15 +49,13 @@ describe("ForgotPasswordScreen", () => {
     await waitFor(() => {
       expect(screen.getByText("Mail gesendet")).toBeTruthy();
     });
-    // Link zurück zum Login muss im Success-State da sein.
     expect(screen.getByRole("link", { name: /Zurück zum Login/i })).toBeTruthy();
   });
   test("server 5xx → error-banner statt Success-State", async () => {
-    vi.stubGlobal(
-      "fetch",
-      vi.fn(async () => new Response(null, { status: 500 })),
-    );
+    globalThis.fetch = mock(
+      async () => new Response(null, { status: 500 }),
+    ) as unknown as typeof fetch;
     renderWithProviders(<ForgotPasswordScreen />);
     fireEvent.change(screen.getByLabelText(/^E-Mail/), {
@@ -71,10 +64,8 @@ describe("ForgotPasswordScreen", () => {
     fireEvent.click(screen.getByRole("button", { name: "Link anfordern" }));
     await waitFor(() => {
-      // unknownError-Bundle-key → "Etwas ist schief gegangen..."
       expect(screen.getByRole("alert").textContent).toContain("schief");
     });
-    // Kein success-state.
     expect(screen.queryByText("Mail gesendet")).toBeNull();
   });
 });

package/src/auth-email-password/web/__tests__/login-screen.test.tsx CHANGED Viewed

@@ -1,22 +1,16 @@
-// @vitest-environment jsdom
+import { beforeEach, describe, expect, mock, test } from "bun:test";
 import { fireEvent, screen, waitFor } from "@testing-library/react";
-import { beforeEach, describe, expect, test, vi } from "vitest";
-// Mock-Bridge für den resend-Flow: LoginScreen ruft requestEmailVerification
-// aus ../auth-client auf, wir stubben das hier um die Server-Antwort pro
-// Test-Case zu kontrollieren. vi.hoisted weil vi.mock() vor allen anderen
-// Statements gehoisted wird und sonst die Variable nicht sehen kann.
-const { requestEmailVerificationMock } = vi.hoisted(() => ({
-  requestEmailVerificationMock: vi.fn(),
-}));
-vi.mock("../auth-client", async () => {
-  const actual = await vi.importActual<typeof import("../auth-client")>("../auth-client");
-  return { ...actual, requestEmailVerification: requestEmailVerificationMock };
-});
 import { LoginScreen } from "../login-screen";
 import { makeSessionApi, renderWithProviders } from "./test-utils";
+const requestEmailVerificationMock = mock<() => Promise<unknown>>(() => Promise.resolve());
+const actual_authClient = await import("../auth-client");
+mock.module("../auth-client", () => ({
+  ...actual_authClient,
+  requestEmailVerification: requestEmailVerificationMock,
+}));
 describe("LoginScreen", () => {
   beforeEach(() => {
     requestEmailVerificationMock.mockReset();
@@ -54,7 +48,7 @@ describe("LoginScreen", () => {
     const session = makeSessionApi({
       status: "unauthenticated",
       user: null,
-      login: vi.fn(async () => ({ ok: false, error: { reason: "invalid_credentials" } })),
+      login: mock(async () => ({ ok: false, error: { reason: "invalid_credentials" } })),
     });
     renderWithProviders(<LoginScreen />, { session });
@@ -76,7 +70,7 @@ describe("LoginScreen", () => {
     const session = makeSessionApi({
       status: "unauthenticated",
       user: null,
-      login: vi.fn(async () => ({
+      login: mock(async () => ({
         ok: false,
         error: { reason: "account_locked", retryAfterSeconds: 540 },
       })),
@@ -129,7 +123,7 @@ describe("LoginScreen", () => {
       return makeSessionApi({
         status: "unauthenticated",
         user: null,
-        login: vi.fn(async () => ({ ok: false, error: { reason: "email_not_verified" } })),
+        login: mock(async () => ({ ok: false, error: { reason: "email_not_verified" } })),
       });
     }
@@ -211,7 +205,7 @@ describe("LoginScreen", () => {
       const session = makeSessionApi({
         status: "unauthenticated",
         user: null,
-        login: vi.fn(async () => ({ ok: false, error: { reason: "invalid_credentials" } })),
+        login: mock(async () => ({ ok: false, error: { reason: "invalid_credentials" } })),
       });
       renderWithProviders(<LoginScreen />, { session });
       await loginUntilEmailNotVerified();

package/src/auth-email-password/web/__tests__/reset-password-screen.test.tsx CHANGED Viewed

@@ -1,18 +1,14 @@
-// @vitest-environment jsdom
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
 import { fireEvent, screen, waitFor } from "@testing-library/react";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { ResetPasswordScreen } from "../reset-password-screen";
 import { renderWithProviders } from "./test-utils";
 beforeEach(() => {
-  vi.stubGlobal(
-    "fetch",
-    vi.fn(async () => new Response(null, { status: 200 })),
-  );
-});
-afterEach(() => {
-  vi.unstubAllGlobals();
+  globalThis.fetch = mock(
+    async () => new Response(null, { status: 200 }),
+  ) as unknown as typeof fetch;
 });
+afterEach(() => {});
 describe("ResetPasswordScreen", () => {
   test("ohne Token in URL UND ohne token-Prop → missing-token-Page", () => {
@@ -29,8 +25,8 @@ describe("ResetPasswordScreen", () => {
   });
   test("Passwort < 8 Zeichen → client-side error, kein fetch-Call", async () => {
-    const fetchMock = vi.fn(async () => new Response(null, { status: 200 }));
-    vi.stubGlobal("fetch", fetchMock);
+    const fetchMock = mock(async () => new Response(null, { status: 200 }));
+    globalThis.fetch = fetchMock as unknown as typeof fetch;
     renderWithProviders(<ResetPasswordScreen token="abc" />);
     fireEvent.change(screen.getByLabelText(/^Neues Passwort/), { target: { value: "short" } });
@@ -59,8 +55,8 @@ describe("ResetPasswordScreen", () => {
   });
   test("happy path: gültiges Passwort → fetch-Call + success-State", async () => {
-    const fetchMock = vi.fn(async () => new Response(null, { status: 200 }));
-    vi.stubGlobal("fetch", fetchMock);
+    const fetchMock = mock(async () => new Response(null, { status: 200 }));
+    globalThis.fetch = fetchMock as unknown as typeof fetch;
     renderWithProviders(<ResetPasswordScreen token="abc-token" />);
     fireEvent.change(screen.getByLabelText(/^Neues Passwort/), {
@@ -87,10 +83,9 @@ describe("ResetPasswordScreen", () => {
     const errBody = JSON.stringify({
       error: { code: "invalid_reset_token", details: { reason: "invalid_reset_token" } },
     });
-    vi.stubGlobal(
-      "fetch",
-      vi.fn(async () => new Response(errBody, { status: 422 })),
-    );
+    globalThis.fetch = mock(
+      async () => new Response(errBody, { status: 422 }),
+    ) as unknown as typeof fetch;
     renderWithProviders(<ResetPasswordScreen token="bad" />);
     fireEvent.change(screen.getByLabelText(/^Neues Passwort/), {

package/src/auth-email-password/web/__tests__/session-roles.test.ts CHANGED Viewed

@@ -3,7 +3,7 @@
 // Sonst sieht client andere roles als server → role-gating divergiert
 // (entweder UI zeigt was nicht erlaubt ist, oder umgekehrt).
-import { describe, expect, test } from "vitest";
+import { describe, expect, test } from "bun:test";
 import type { CurrentUserProfile, TenantSummary } from "../auth-client";
 import { computeActiveRoles } from "../session";

package/src/auth-email-password/web/__tests__/tenant-switcher.test.tsx CHANGED Viewed

@@ -1,20 +1,17 @@
-// @vitest-environment jsdom
+import { describe, expect, test } from "bun:test";
 import { screen } from "@testing-library/react";
 import userEvent from "@testing-library/user-event";
-import { describe, expect, test } from "vitest";
 import { TenantSwitcher } from "../tenant-switcher";
 import { makeSessionApi, renderWithProviders } from "./test-utils";
 // Radix-DropdownMenu reagiert auf pointerdown, nicht auf click — daher
 // userEvent statt fireEvent.
 describe("TenantSwitcher", () => {
   test("renders nothing when user is null", () => {
     const session = makeSessionApi({ status: "unauthenticated", user: null });
     const { container } = renderWithProviders(<TenantSwitcher />, { session });
     expect(container.firstChild).toBeNull();
   });
   test("renders nothing when user has only one tenant", () => {
     const session = makeSessionApi({
       tenants: [{ tenantId: "t1", roles: ["Admin"] }],
@@ -22,7 +19,6 @@ describe("TenantSwitcher", () => {
     const { container } = renderWithProviders(<TenantSwitcher />, { session });
     expect(container.firstChild).toBeNull();
   });
   test("renders trigger when user has multiple tenants", () => {
     const session = makeSessionApi({
       activeTenantId: "tenant-a",
@@ -35,7 +31,6 @@ describe("TenantSwitcher", () => {
     // tenantName-Resolver liefert "Tenant tenant-a" als Trigger-Label
     expect(screen.getByText("Tenant tenant-a")).toBeTruthy();
   });
   test("opens dropdown showing all memberships with roles", async () => {
     const user = userEvent.setup();
     const session = makeSessionApi({
@@ -57,7 +52,6 @@ describe("TenantSwitcher", () => {
     expect(screen.getByText("Admin")).toBeTruthy();
     expect(screen.getByText("User, Billing")).toBeTruthy();
   });
   test("clicking a tenant triggers switchTenant", async () => {
     const user = userEvent.setup();
     const session = makeSessionApi({
@@ -74,7 +68,6 @@ describe("TenantSwitcher", () => {
     await user.click(screen.getByText("Tenant tenant-b"));
     expect(session.switchTenant).toHaveBeenCalledWith("tenant-b");
   });
   test("clicking the active tenant is a no-op (closes menu, no switch call)", async () => {
     const user = userEvent.setup();
     const session = makeSessionApi({

package/src/auth-email-password/web/__tests__/test-utils.tsx CHANGED Viewed

@@ -1,9 +1,9 @@
-// @vitest-environment jsdom
 //
 // Shared test setup für die Web-UI-Components. Mountet das Minimum
 // an Provider-Tree den die Components zur Laufzeit voraussetzen
 // (LocaleProvider mit Bundle, SessionContext mit injizierbarem Wert).
+import { mock } from "bun:test";
 import type { LocaleResolver } from "@cosmicdrift/kumiko-headless";
 import {
   createStaticLocaleResolver,
@@ -13,7 +13,6 @@ import {
 import { defaultPrimitives } from "@cosmicdrift/kumiko-renderer-web";
 import { render as _render, type RenderResult } from "@testing-library/react";
 import type { ReactElement } from "react";
-import { vi } from "vitest";
 import { defaultTranslations } from "../../i18n";
 import type { SessionApi, SessionState } from "../session";
 import { SessionContext } from "../session";
@@ -23,13 +22,11 @@ import { SessionContext } from "../session";
 // einen *anderen* Locale brauchen, übergeben ihren eigenen Resolver
 // über options.resolver.
 const sharedDeResolver = createStaticLocaleResolver({ locale: "de" });
 export type MakeSessionApiOptions = Partial<SessionState> & {
   readonly login?: SessionApi["login"];
   readonly logout?: SessionApi["logout"];
   readonly switchTenant?: SessionApi["switchTenant"];
 };
 export function makeSessionApi(overrides: MakeSessionApiOptions = {}): SessionApi {
   const { login, logout, switchTenant, ...stateOverrides } = overrides;
   const base: SessionState = {
@@ -47,12 +44,11 @@ export function makeSessionApi(overrides: MakeSessionApiOptions = {}): SessionAp
   };
   return {
     ...base,
-    login: login ?? vi.fn<SessionApi["login"]>(async () => ({ ok: true })),
-    logout: logout ?? vi.fn<SessionApi["logout"]>(async () => {}),
-    switchTenant: switchTenant ?? vi.fn<SessionApi["switchTenant"]>(async () => {}),
+    login: login ?? mock<SessionApi["login"]>(async () => ({ ok: true })),
+    logout: logout ?? mock<SessionApi["logout"]>(async () => {}),
+    switchTenant: switchTenant ?? mock<SessionApi["switchTenant"]>(async () => {}),
   };
 }
 export function renderWithProviders(
   ui: ReactElement,
   options: {

package/src/auth-email-password/web/__tests__/user-menu.test.tsx CHANGED Viewed

@@ -1,21 +1,18 @@
-// @vitest-environment jsdom
+import { describe, expect, test } from "bun:test";
 import { screen } from "@testing-library/react";
 import userEvent from "@testing-library/user-event";
-import { describe, expect, test } from "vitest";
 import { UserMenu } from "../user-menu";
 import { makeSessionApi, renderWithProviders } from "./test-utils";
 // Radix-DropdownMenu reagiert auf pointerdown — fireEvent.click greift
 // dort nicht. userEvent simuliert die volle Pointer-Sequenz und Radix
 // öffnet sauber.
 describe("UserMenu", () => {
   test("renders nothing when user is null", () => {
     const session = makeSessionApi({ status: "unauthenticated", user: null });
     const { container } = renderWithProviders(<UserMenu />, { session });
     expect(container.firstChild).toBeNull();
   });
   test("shows displayName + initials when authenticated", () => {
     const session = makeSessionApi({
       user: { id: "u1", email: "alice@example.com", displayName: "Alice Wonder", globalRoles: [] },
@@ -25,7 +22,6 @@ describe("UserMenu", () => {
     expect(screen.getByText("AW")).toBeTruthy();
     expect(screen.getByText("Alice Wonder")).toBeTruthy();
   });
   test("falls back to email-based initials when displayName empty", () => {
     const session = makeSessionApi({
       user: { id: "u1", email: "bob@example.com", displayName: "", globalRoles: [] },
@@ -34,7 +30,6 @@ describe("UserMenu", () => {
     // Trim "" → leerer displayName → fallback auf email → erste 2 Chars
     expect(screen.getByText("BO")).toBeTruthy();
   });
   test("opens dropdown on click and shows logout button", async () => {
     const user = userEvent.setup();
     const session = makeSessionApi();
@@ -43,13 +38,12 @@ describe("UserMenu", () => {
     expect(screen.getByText("Abmelden")).toBeTruthy();
     expect(screen.getByText("user@example.com")).toBeTruthy();
   });
   test("logout-click triggers session.logout", async () => {
     const user = userEvent.setup();
     const session = makeSessionApi();
     renderWithProviders(<UserMenu />, { session });
     await user.click(screen.getByRole("button", { name: /Test User/ }));
     await user.click(screen.getByText("Abmelden"));
-    expect(session.logout).toHaveBeenCalledOnce();
+    expect(session.logout).toHaveBeenCalledTimes(1);
   });
 });

package/src/auth-email-password/web/__tests__/verify-email-screen.test.tsx CHANGED Viewed

@@ -1,18 +1,14 @@
-// @vitest-environment jsdom
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
 import { screen, waitFor } from "@testing-library/react";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { VerifyEmailScreen } from "../verify-email-screen";
 import { renderWithProviders } from "./test-utils";
 beforeEach(() => {
-  vi.stubGlobal(
-    "fetch",
-    vi.fn(async () => new Response(null, { status: 200 })),
-  );
-});
-afterEach(() => {
-  vi.unstubAllGlobals();
+  globalThis.fetch = mock(
+    async () => new Response(null, { status: 200 }),
+  ) as unknown as typeof fetch;
 });
+afterEach(() => {});
 describe("VerifyEmailScreen", () => {
   test("ohne Token → missing-token-Page", () => {
@@ -21,8 +17,8 @@ describe("VerifyEmailScreen", () => {
   });
   test("mit Token + 200 → success-state nach auto-submit", async () => {
-    const fetchMock = vi.fn(async () => new Response(null, { status: 200 }));
-    vi.stubGlobal("fetch", fetchMock);
+    const fetchMock = mock(async () => new Response(null, { status: 200 }));
+    globalThis.fetch = fetchMock as unknown as typeof fetch;
     renderWithProviders(<VerifyEmailScreen token="t-abc" />);
@@ -45,10 +41,9 @@ describe("VerifyEmailScreen", () => {
         details: { reason: "invalid_verification_token" },
       },
     });
-    vi.stubGlobal(
-      "fetch",
-      vi.fn(async () => new Response(errBody, { status: 422 })),
-    );
+    globalThis.fetch = mock(
+      async () => new Response(errBody, { status: 422 }),
+    ) as unknown as typeof fetch;
     renderWithProviders(<VerifyEmailScreen token="bad" />);

package/src/billing-foundation/__tests__/billing-foundation.integration.ts CHANGED Viewed

@@ -11,6 +11,7 @@
 // Webhook-Handler-Factory (createSubscriptionWebhookHandler) wird in
 // einem separaten Test mit Hono-mock geprüft.
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
 import type { DbConnection } from "@cosmicdrift/kumiko-framework/db";
 import { defineFeature } from "@cosmicdrift/kumiko-framework/engine";
 import { createEventsTable, loadAggregate } from "@cosmicdrift/kumiko-framework/event-store";
@@ -20,7 +21,6 @@ import {
   type TestStack,
   testTenantId,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { afterAll, beforeAll, describe, expect, test } from "vitest";
 import { subscriptionAggregateId } from "../aggregate-id";
 import {
   SubscriptionEventTypes,

package/src/billing-foundation/__tests__/feature.test.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 // feature.ts contract tests for subscription-foundation.
-import { describe, expect, test } from "vitest";
+import { describe, expect, test } from "bun:test";
 import { subscriptionAggregateId } from "../aggregate-id";
 import {
   BILLING_FOUNDATION_FEATURE,

package/src/billing-foundation/__tests__/webhook-handler.test.ts CHANGED Viewed

@@ -3,8 +3,8 @@
 // ohne setupTestStack, weil der webhook-handler nur über die deps-
 // injection geht und keinen DB-roundtrip braucht.
+import { describe, expect, mock, test } from "bun:test";
 import { Hono } from "hono";
-import { describe, expect, test, vi } from "vitest";
 import { SubscriptionEventTypes, SubscriptionStatuses } from "../constants";
 import type { SubscriptionEvent, SubscriptionProviderPlugin } from "../types";
 import { createSubscriptionWebhookHandler, type SubscriptionWebhookDeps } from "../webhook-handler";
@@ -65,7 +65,7 @@ async function postWebhook(app: Hono, providerName: string, body = '{"id":"evt_t
 describe("webhook-handler — happy path", () => {
   test("verifyAndParseWebhook → SubscriptionEvent → dispatchWrite → 200 processed", async () => {
-    const dispatchWrite = vi.fn(async () => ({
+    const dispatchWrite = mock(async () => ({
       isSuccess: true,
       data: { duplicate: false, eventAggregateId: "evt-id" },
     }));
@@ -77,7 +77,8 @@ describe("webhook-handler — happy path", () => {
     expect(body.processed).toBe(true);
     expect(body.duplicate).toBe(false);
-    expect(dispatchWrite).toHaveBeenCalledExactlyOnceWith(
+    expect(dispatchWrite).toHaveBeenCalledTimes(1);
+    expect(dispatchWrite).toHaveBeenCalledWith(
       expect.objectContaining({
         handlerQn: "billing-foundation:write:process-event",
         tenantId: "tenant-test",
@@ -92,7 +93,7 @@ describe("webhook-handler — happy path", () => {
   });
   test("plugin returns null (= unbekannter event-type) → 200 ignored, kein dispatch", async () => {
-    const dispatchWrite = vi.fn();
+    const dispatchWrite = mock();
     const plugin = buildPlugin({ verifyAndParseWebhook: async () => null });
     const app = buildApp(buildDeps({ dispatchWrite, resolveProvider: () => plugin }));
@@ -137,7 +138,7 @@ describe("webhook-handler — error paths", () => {
   });
   test("dispatchWrite returns isSuccess: false → 500 mit subscription_webhook_processing_failed", async () => {
-    const dispatchWrite = vi.fn(async () => ({
+    const dispatchWrite = mock(async () => ({
       isSuccess: false,
       error: { code: "internal_error", message: "DB unavailable" },
     }));

package/src/billing-foundation/db/queries/subscription-projection.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
+export async function upsertSubscriptionProjectionRow(
+  tx: DbRunner,
+  tableName: string,
+  insertCols: Record<string, unknown>,
+  setClauses: readonly string[],
+  params: readonly unknown[],
+): Promise<void> {
+  const insertKeys = Object.keys(insertCols);
+  const insertPlaceholders = insertKeys.map((_, i) => `$${i + 1}`);
+  const sqlText = `INSERT INTO "${tableName}" (${insertKeys.map((k) => `"${k}"`).join(", ")}) VALUES (${insertPlaceholders.join(", ")}) ON CONFLICT ("id") DO UPDATE SET ${setClauses.join(", ")}`;
+  await asRawClient(tx).unsafe(sqlText, params);
+}

package/src/billing-foundation/get-subscription-for-tenant.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 // Resolver-helper: liest die current subscription-row für einen Tenant
 // aus der read_subscriptions-projection.
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { HandlerContext } from "@cosmicdrift/kumiko-framework/engine";
-import { eq } from "drizzle-orm";
 import { subscriptionAggregateId } from "./aggregate-id";
 import { subscriptionsProjectionTable } from "./projection";
@@ -22,11 +22,7 @@ export async function getSubscriptionForTenant(
   tenantId: string,
 ): Promise<SubscriptionView | null> {
   const aggId = subscriptionAggregateId(tenantId);
-  const [row] = await ctx.db
-    .select()
-    .from(subscriptionsProjectionTable)
-    .where(eq(subscriptionsProjectionTable["id"], aggId))
-    .limit(1);
+  const [row] = await selectMany(ctx.db, subscriptionsProjectionTable, { id: aggId }, { limit: 1 });
   if (!row) return null;
   // @cast-boundary db-row — drizzle-row carries column-as-unknown
   return {

package/src/billing-foundation/handlers/create-portal-session.write.ts CHANGED Viewed

@@ -9,8 +9,8 @@
 // kann nicht zum Portal eines OTHER Providers, weil der ihn nicht
 // kennt.
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { WriteHandlerDef } from "@cosmicdrift/kumiko-framework/engine";
-import { eq } from "drizzle-orm";
 import { z } from "zod";
 import { subscriptionAggregateId } from "../aggregate-id";
 import { SUBSCRIPTION_PROVIDER_EXTENSION } from "../constants";
@@ -34,7 +34,7 @@ export const createPortalSessionHandler: WriteHandlerDef = {
     // 1. Hol current subscription-row für den Tenant. Aggregate-id ist
     //    deterministic per tenant — eine row pro tenant.
     const subAggId = subscriptionAggregateId(tenantId);
-    const rows = await ctx.db.select().from(subTable).where(eq(subTable["id"], subAggId)).limit(1);
+    const rows = await selectMany(ctx.db, subTable, { id: subAggId }, { limit: 1 });
     const row = rows[0];
     if (!row) {
       throw new Error(

package/src/billing-foundation/handlers/list-subscriptions.query.ts CHANGED Viewed

@@ -3,6 +3,7 @@
 // subscription via getSubscriptionForTenant-helper (= ctx.db ist
 // tenant-scoped, gibt automatisch nur die row des Callers zurück).
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { QueryHandlerDef } from "@cosmicdrift/kumiko-framework/engine";
 import { z } from "zod";
 import { subscriptionsProjectionTable } from "../projection";
@@ -14,7 +15,9 @@ export const listSubscriptionsQuery: QueryHandlerDef = {
   schema: listSchema,
   access: { roles: ["SystemAdmin", "TenantAdmin"] },
   handler: async (_query, ctx) => {
-    const rows = await ctx.db.select().from(subscriptionsProjectionTable);
+    const rows = await selectMany(ctx.db.raw, subscriptionsProjectionTable, {
+      tenantId: ctx.user.tenantId,
+    });
     return { rows };
   },
 };