@cosmicdrift/kumiko-bundled-features 0.14.0 → 0.16.0

package/src/custom-fields/run-retention.ts

@@ -17,10 +17,22 @@
 
 import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
 import { getTemporal } from "@cosmicdrift/kumiko-framework/time";
-import { getTableName, sql } from "drizzle-orm";
-import type { PgTable } from "drizzle-orm/pg-core";
+import {
+  selectFieldDefinitionsWithSerialized,
+  selectHostRowsWithCustomFields,
+  updateHostRowCustomFields,
+} from "./db/queries/retention";
 import { parseSerializedField } from "./lib/parse-serialized-field";
 
+const KUMIKO_NAME_SYMBOL = Symbol.for("kumiko:schema:Name");
+function getTableName(table: unknown): string {
+  if (typeof table === "object" && table !== null) {
+    const sym = (table as Record<symbol, unknown>)[KUMIKO_NAME_SYMBOL];
+    if (typeof sym === "string") return sym;
+  }
+  throw new Error("custom-fields/run-retention: table missing kumiko:schema:Name symbol");
+}
+
 type Instant = InstanceType<ReturnType<typeof getTemporal>["Instant"]>;
 
 // Lifted from data-retention/keep-for.ts because the helper isn't re-exported
@@ -48,7 +60,7 @@ export interface RunCustomFieldsRetentionOptions {
   readonly db: DbRunner;
   readonly tenantId: string;
   readonly entityName: string;
-  readonly entityTable: PgTable;
+  readonly entityTable: unknown;
   /** Current time, injected for time-travel-tests. */
   readonly now: Instant;
 }
@@ -75,18 +87,13 @@ export async function runCustomFieldsRetention(
     return { rowsScanned: 0, rowsUpdated: 0, removalsByFieldKey: {} };
   }
 
-  const tableName = sql.identifier(getTableName(opts.entityTable));
-  const rowsResult = await opts.db.execute(sql`
-    SELECT id, modified_at, custom_fields
-    FROM ${tableName}
-    WHERE tenant_id = ${opts.tenantId} AND custom_fields IS NOT NULL
-  `);
+  const tableName = getTableName(opts.entityTable);
+  const rows = await selectHostRowsWithCustomFields(opts.db, tableName, opts.tenantId);
 
   const removalsByFieldKey: Record<string, number> = {};
   let rowsUpdated = 0;
   let rowsScanned = 0;
 
-  const rows: ReadonlyArray<unknown> = Array.isArray(rowsResult) ? rowsResult : [];
   for (const raw of rows) {
     rowsScanned++;
     const row = asHostRow(raw);
@@ -125,11 +132,7 @@ export async function runCustomFieldsRetention(
       removalsByFieldKey[key] = (removalsByFieldKey[key] ?? 0) + 1;
     }
 
-    await opts.db.execute(sql`
-      UPDATE ${tableName}
-      SET custom_fields = ${JSON.stringify(mutated)}::jsonb
-      WHERE id = ${row.id}
-    `);
+    await updateHostRowCustomFields(opts.db, tableName, JSON.stringify(mutated), row.id);
     rowsUpdated++;
   }
 
@@ -171,12 +174,7 @@ async function loadRetentionPolicies(
   tenantId: string,
   entityName: string,
 ): Promise<Map<string, RetentionPolicy>> {
-  const rowsResult = await db.execute(sql`
-    SELECT field_key, serialized_field
-    FROM read_custom_field_definitions
-    WHERE entity_name = ${entityName} AND tenant_id = ${tenantId}
-  `);
-  const rows: ReadonlyArray<unknown> = Array.isArray(rowsResult) ? rowsResult : [];
+  const rows = await selectFieldDefinitionsWithSerialized(db, entityName, tenantId);
   const out = new Map<string, RetentionPolicy>();
   for (const raw of rows) {
     // skip: see asHostRow rationale.

package/src/custom-fields/wire-for-entity.ts

@@ -3,10 +3,22 @@ import {
   type FeatureRegistrar,
   type JsonbFieldDef,
 } from "@cosmicdrift/kumiko-framework/engine";
-import type { AnyColumn } from "drizzle-orm";
-import { eq, sql } from "drizzle-orm";
-import type { PgTable } from "drizzle-orm/pg-core";
 import { CUSTOM_FIELDS_EXTENSION } from "./constants";
+import {
+  clearCustomFieldKey,
+  removeCustomFieldKeyFromAllRows,
+  setCustomFieldValue,
+} from "./db/queries/projection";
+
+const KUMIKO_NAME_SYMBOL = Symbol.for("kumiko:schema:Name");
+function getTableName(table: unknown): string {
+  if (typeof table === "object" && table !== null) {
+    const sym = (table as Record<symbol, unknown>)[KUMIKO_NAME_SYMBOL];
+    if (typeof sym === "string") return sym;
+  }
+  throw new Error("wire-for-entity: table missing kumiko:schema:Name symbol");
+}
+
 import type { CustomFieldClearedPayload, CustomFieldSetPayload } from "./events";
 import { customFieldsFeature } from "./feature";
 
@@ -40,7 +52,7 @@ export function customFieldsField(): JsonbFieldDef {
 //   });
 //
 // Der `entityTable`-Parameter ist die Drizzle-Table-Instance (typically
-// `buildDrizzleTable(name, entity)`-Output). Die Closure über `entityTable`
+// `buildEntityTable(name, entity)`-Output). Die Closure über `entityTable`
 // erspart der MSP-apply-fn einen runtime-table-lookup über die Registry.
 //
 // **Was registriert wird**:
@@ -67,7 +79,7 @@ export function customFieldsField(): JsonbFieldDef {
 export function wireCustomFieldsFor<TReg extends FeatureRegistrar<string>>(
   r: TReg,
   entityName: string,
-  entityTable: PgTable,
+  entityTable: unknown,
 ): void {
   // biome-ignore lint/correctness/useHookAtTopLevel: r.useExtension is a registrar-API method, not a React hook — false positive on the "use"-prefix heuristic.
   r.useExtension(CUSTOM_FIELDS_EXTENSION, entityName);
@@ -91,14 +103,15 @@ export function wireCustomFieldsFor<TReg extends FeatureRegistrar<string>>(
 
         // jsonb_set: setze key auf value. Wenn key noch nicht existiert →
         // wird angelegt (create_missing=true ist default). value muss als
-        // jsonb-literal kommen — Drizzle sql-template stringifiziert für uns.
-        const idCol = (entityTable as unknown as Record<string, AnyColumn>)["id"] as AnyColumn; // @cast-boundary db-row
-        await tx
-          .update(entityTable)
-          .set({
-            customFields: sql`jsonb_set(${sql.identifier("custom_fields")}, ${sql.raw(`'{${payload.fieldKey.replace(/'/g, "''")}}'`)}, ${JSON.stringify(payload.value)}::jsonb, true)`,
-          })
-          .where(eq(idCol, event.aggregateId));
+        // jsonb-literal kommen.
+        const tableName = getTableName(entityTable);
+        await setCustomFieldValue(
+          tx,
+          tableName,
+          payload.fieldKey,
+          JSON.stringify(payload.value),
+          event.aggregateId,
+        );
       },
       [clearedEventType]: async (event, tx) => {
         // skip: MSP feuert für alle aggregate-types — nur unsere host-entity
@@ -107,13 +120,8 @@ export function wireCustomFieldsFor<TReg extends FeatureRegistrar<string>>(
         const payload = event.payload as CustomFieldClearedPayload; // @cast-boundary engine-payload
 
         // jsonb minus operator (`-`) entfernt key aus jsonb-object.
-        const idCol = (entityTable as unknown as Record<string, AnyColumn>)["id"] as AnyColumn; // @cast-boundary db-row
-        await tx
-          .update(entityTable)
-          .set({
-            customFields: sql`${sql.identifier("custom_fields")} - ${payload.fieldKey}`,
-          })
-          .where(eq(idCol, event.aggregateId));
+        const tableName = getTableName(entityTable);
+        await clearCustomFieldKey(tx, tableName, payload.fieldKey, event.aggregateId);
       },
       [fieldDefDeletedType]: async (event, tx) => {
         // fieldDefinition.deleted fires nur einmal pro fieldDef-delete
@@ -125,9 +133,8 @@ export function wireCustomFieldsFor<TReg extends FeatureRegistrar<string>>(
         // ihre Rows.
         if (payload.entityName !== entityName) return;
 
-        await tx.update(entityTable).set({
-          customFields: sql`${sql.identifier("custom_fields")} - ${payload.fieldKey}`,
-        });
+        const tableName = getTableName(entityTable);
+        await removeCustomFieldKeyFromAllRows(tx, tableName, payload.fieldKey);
       },
     },
   });

package/src/custom-fields/wire-user-data-rights.ts

@@ -1,53 +1,26 @@
 // T1.5c — user-data-rights wiring for custom-fields.
-//
-// A consumer that wires `customFields` onto a user-owned host entity
-// (e.g. `comment`, `note`, anything with an inserted_by_id column) calls
-// this in addition to `wireCustomFieldsFor`:
-//
-//   wireCustomFieldsFor(r, "comment", commentTable);
-//   wireCustomFieldsUserDataRightsFor(r, {
-//     entityName: "comment",
-//     entityTable: commentTable,
-//     userIdColumn: "inserted_by_id",
-//   });
-//
-// Result: a second `r.useExtension(EXT_USER_DATA, "comment", { export, delete })`
-// registration whose hooks read/write the customFields jsonb column.
-//
-// **Export** — every row owned by the user is included; the full customFields
-// jsonb travels into the user's export bundle so they can see *all* their
-// custom-field data, sensitive or not (DSGVO Art. 15+20 — completeness wins).
-//
-// **Forget (strategy=anonymize)** — only `sensitive=true` customField keys are
-// stripped from the jsonb (`customFields - 'sensitiveKey1' - 'sensitiveKey2'`).
-// Non-sensitive customFields stay so the row remains useful to other tenants
-// / co-authors. Matches the host-entity anonymize-then-keep contract.
-//
-// **Forget (strategy=delete)** — no-op. The host entity's own user-data-rights
-// hook will delete the row entirely; jsonb goes with it.
-//
-// Side-step: this wiring requires `user-data-rights` to be installed in the
-// composed feature set; if it's not, the boot-validator will reject the
-// extension as unknown. That is the consumer's call — it's explicitly opt-in
-// (call this function or don't), exactly because some consumers wire custom-
-// fields onto tenant-owned entities (e.g. `property`) where DSGVO forget
-// doesn't apply per-user.
 
 import type { UserDataDeleteHook, UserDataExportHook } from "@cosmicdrift/kumiko-framework/engine";
 import { EXT_USER_DATA, type FeatureRegistrar } from "@cosmicdrift/kumiko-framework/engine";
-import { getTableName, sql } from "drizzle-orm";
-import type { PgTable } from "drizzle-orm/pg-core";
+import {
+  selectCustomFieldsHostRows,
+  selectFieldDefinitionsForEntity,
+  stripSensitiveCustomFieldKeys,
+} from "./db/queries/user-data-rights";
 import { parseSerializedField } from "./lib/parse-serialized-field";
 
+const KUMIKO_NAME_SYMBOL = Symbol.for("kumiko:schema:Name");
+function getTableName(table: unknown): string {
+  if (typeof table === "object" && table !== null) {
+    const sym = (table as Record<symbol, unknown>)[KUMIKO_NAME_SYMBOL];
+    if (typeof sym === "string") return sym;
+  }
+  throw new Error("wire-user-data-rights: table missing kumiko:schema:Name symbol");
+}
+
 export interface WireCustomFieldsUserDataRightsOptions {
-  /** Host entity name as registered with wireCustomFieldsFor. */
   readonly entityName: string;
-  /** Drizzle table for the host entity. Must have a `customFields` jsonb column. */
-  readonly entityTable: PgTable;
-  /**
-   * Snake-case DB column that holds the owning user's id (e.g. `inserted_by_id`,
-   * `author_id`, `assignee_id`). The hooks filter rows on this + tenant_id.
-   */
+  readonly entityTable: unknown;
   readonly userIdColumn: string;
 }
 
@@ -56,11 +29,6 @@ interface CustomFieldsHostRow {
   readonly customFields: Record<string, unknown> | null;
 }
 
-// Drizzle's raw `execute(sql\`SELECT id, custom_fields\`)` returns rows
-// keyed in db-column casing (snake_case), not the field-mapping casing.
-// The typeguard normalises into the camel-cased internal shape so the
-// rest of the hook can stay JS-idiomatic. `in` + `instanceof Object` keep
-// the narrowing cast-free.
 function asCustomFieldsHostRow(value: unknown): CustomFieldsHostRow | null {
   if (!value || typeof value !== "object" || Array.isArray(value)) return null;
   if (!("id" in value) || typeof value.id !== "string") return null;
@@ -68,8 +36,6 @@ function asCustomFieldsHostRow(value: unknown): CustomFieldsHostRow | null {
   const cf = value.custom_fields;
   if (cf === null) return { id: value.id, customFields: null };
   if (!cf || typeof cf !== "object" || Array.isArray(cf)) return null;
-  // Object.entries on a narrowed `object` returns `[string, unknown][]` —
-  // fromEntries widens that back into a typed Record without a cast.
   return { id: value.id, customFields: Object.fromEntries(Object.entries(cf)) };
 }
 
@@ -77,22 +43,19 @@ export function wireCustomFieldsUserDataRightsFor<TReg extends FeatureRegistrar<
   r: TReg,
   opts: WireCustomFieldsUserDataRightsOptions,
 ): void {
-  const tableName = sql.identifier(getTableName(opts.entityTable));
-  const userCol = sql.identifier(opts.userIdColumn);
+  const tableName = getTableName(opts.entityTable);
 
   const exportHook: UserDataExportHook = async (ctx) => {
-    const rowsResult = await ctx.db.execute(sql`
-      SELECT id, custom_fields
-      FROM ${tableName}
-      WHERE ${userCol} = ${ctx.userId} AND tenant_id = ${ctx.tenantId}
-    `);
-    const rows: ReadonlyArray<unknown> = Array.isArray(rowsResult) ? rowsResult : [];
+    const rows = await selectCustomFieldsHostRows(
+      ctx.db,
+      tableName,
+      opts.userIdColumn,
+      ctx.userId,
+      ctx.tenantId,
+    );
     const snippetRows: Array<{ id: string; customFields: Record<string, unknown> }> = [];
     for (const raw of rows) {
       const row = asCustomFieldsHostRow(raw);
-      // skip: drizzle-execute can hand back loosely-typed rows from raw
-      // queries; if a row's shape doesn't fit, skip rather than guess.
-      // Real schemas always match — this is defense in depth.
       if (!row) continue;
       const customFields = row.customFields;
       if (customFields && Object.keys(customFields).length > 0) {
@@ -104,30 +67,22 @@ export function wireCustomFieldsUserDataRightsFor<TReg extends FeatureRegistrar<
   };
 
   const deleteHook: UserDataDeleteHook = async (ctx, strategy) => {
-    // skip: strategy=delete is handled by the host entity's own user-
-    // data-rights hook (it removes the row; customFields jsonb travels
-    // with it). Nothing left for this layer to do.
+    // skip: delete strategy removes rows wholesale — custom-field redaction N/A.
     if (strategy === "delete") return;
     const sensitiveKeys = await loadSensitiveFieldKeys(ctx.db, ctx.tenantId, opts.entityName);
-    // skip: no sensitive keys declared for this entity → anonymize is a
-    // no-op. Avoids a useless UPDATE statement.
+    // skip: no sensitive custom fields configured for this entity.
     if (sensitiveKeys.length === 0) return;
 
-    // Build the chain of jsonb minus operators: customFields - 'k1' - 'k2' - ...
-    const minusChain = sensitiveKeys.reduce<ReturnType<typeof sql>>(
-      (acc, key) => sql`${acc} - ${key}`,
-      sql`custom_fields`,
+    await stripSensitiveCustomFieldKeys(
+      ctx.db,
+      tableName,
+      opts.userIdColumn,
+      sensitiveKeys,
+      ctx.userId,
+      ctx.tenantId,
     );
-    await ctx.db.execute(sql`
-      UPDATE ${tableName}
-      SET custom_fields = ${minusChain}
-      WHERE ${userCol} = ${ctx.userId} AND tenant_id = ${ctx.tenantId}
-    `);
   };
 
-  // r.useExtension's options-bag accepts a structural object — pass the
-  // hooks inline so TS sees the literal-typed shape and Drizzle's strict
-  // mode doesn't reject the nominal UserDataExtensionHooks branding.
   // biome-ignore lint/correctness/useHookAtTopLevel: r.useExtension is a registrar API, not a React hook.
   r.useExtension(EXT_USER_DATA, opts.entityName, {
     export: exportHook,
@@ -151,16 +106,9 @@ async function loadSensitiveFieldKeys(
   tenantId: string,
   entityName: string,
 ): Promise<string[]> {
-  const rowsResult = await db.execute(sql`
-    SELECT field_key, serialized_field
-    FROM read_custom_field_definitions
-    WHERE entity_name = ${entityName} AND tenant_id = ${tenantId}
-  `);
-  const rows: ReadonlyArray<unknown> = Array.isArray(rowsResult) ? rowsResult : [];
+  const rows = await selectFieldDefinitionsForEntity(db, entityName, tenantId);
   const keys: string[] = [];
   for (const raw of rows) {
-    // skip: see isCustomFieldsHostRow rationale — defense in depth against
-    // driver shape drift.
     if (!isFieldDefinitionRow(raw)) continue;
     const parsed = parseSerializedField(raw.serialized_field);
     if (parsed?.sensitive === true) keys.push(raw.field_key);

package/src/data-retention/__tests__/data-retention.integration.ts

@@ -6,12 +6,12 @@
 // ob Boot-Validation oder Entity-Definition gebrochen ist — pre-S2.D2b
 // Sicherheitsnetz.
 
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
 import {
   setupTestStack,
   type TestStack,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { afterAll, beforeAll, describe, expect, test } from "vitest";
 import { createDataRetentionFeature, tenantRetentionOverrideEntity } from "../feature";
 
 let stack: TestStack;

package/src/data-retention/__tests__/keep-for.test.ts

@@ -1,5 +1,5 @@
+import { beforeAll, describe, expect, test } from "bun:test";
 import { ensureTemporalPolyfill, getTemporal } from "@cosmicdrift/kumiko-framework/time";
-import { beforeAll, describe, expect, test } from "vitest";
 import { computeCutoff, InvalidKeepForError, isPastCutoff } from "../keep-for";
 
 beforeAll(async () => {

package/src/data-retention/__tests__/override-schema.test.ts

@@ -1,7 +1,7 @@
 // Tests fuer retentionOverrideSchema (S2.D2.5 M2+M3) — strict-Zod
 // faengt Sub-Level-Tippfehler + Strategy-Enum-Drift + keepFor-Format-Drift.
 
-import { describe, expect, test } from "vitest";
+import { describe, expect, test } from "bun:test";
 import { retentionOverrideSchema } from "../override-schema";
 
 describe("retentionOverrideSchema — accept-Faelle", () => {

package/src/data-retention/__tests__/policy-for.integration.ts

@@ -2,6 +2,7 @@
 // API für Forget-Flow + Cleanup-Job. Round-trip: Override in DB seeden,
 // Query rufen, verify dass resolver Override greift.
 
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
 import {
   createEventStoreExecutor,
   createTenantDb,
@@ -15,7 +16,6 @@ import {
   testTenantId,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { afterAll, beforeAll, describe, expect, test } from "vitest";
 import { createDataRetentionFeature, tenantRetentionOverrideEntity } from "../feature";
 import { tenantRetentionOverrideTable } from "../schema/tenant-retention-override";
 

package/src/data-retention/__tests__/resolver.test.ts

@@ -1,8 +1,8 @@
 // Unit-Tests für resolveRetentionPolicy — pure function, keine
 // Test-Stack-Abhängigkeit.
 
+import { describe, expect, test } from "bun:test";
 import { createEntity, createTextField } from "@cosmicdrift/kumiko-framework/engine";
-import { describe, expect, test } from "vitest";
 import { resolveRetentionPolicy } from "../resolver";
 
 describe("resolveRetentionPolicy — Layer-Resolution", () => {

package/src/data-retention/handlers/policy-for.query.ts

@@ -1,6 +1,5 @@
-import { fetchOne } from "@cosmicdrift/kumiko-framework/db";
+import { fetchOne } from "@cosmicdrift/kumiko-framework/bun-db";
 import { defineQueryHandler } from "@cosmicdrift/kumiko-framework/engine";
-import { eq } from "drizzle-orm";
 import { z } from "zod";
 import { parseRetentionOverrideOrNull } from "../_internal/parse-override";
 import { type EffectiveRetentionPolicy, resolveRetentionPolicy } from "../resolver";
@@ -28,12 +27,10 @@ export const policyForQuery = defineQueryHandler({
     const entityName = query.payload.entityName;
 
     // Layer 3: Tenant-Override aus DB laden (UNIQUE(tenantId, entityName))
-    const overrideRow = (await fetchOne(
-      ctx.db,
-      tenantRetentionOverrideTable,
-      eq(tenantRetentionOverrideTable["tenantId"], query.user.tenantId),
-      eq(tenantRetentionOverrideTable["entityName"], entityName),
-    )) as { config: string | null } | null; // @cast-boundary db-runner
+    const overrideRow = (await fetchOne(ctx.db, tenantRetentionOverrideTable, {
+      tenantId: query.user.tenantId,
+      entityName,
+    })) as { config: string | null } | null; // @cast-boundary db-runner
 
     const tenantOverride = parseRetentionOverrideOrNull(
       overrideRow?.config ?? null,

package/src/data-retention/resolve-for-tenant.ts

@@ -6,9 +6,9 @@
 // HandlerContext. Beide Pfade nutzen denselben `parseRetentionOverrideOrNull`
 // + `resolveRetentionPolicy`, also kein Drift-Risiko.
 
-import { type DbRunner, fetchOne } from "@cosmicdrift/kumiko-framework/db";
+import { fetchOne } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
 import type { Registry, TenantId } from "@cosmicdrift/kumiko-framework/engine";
-import { eq } from "drizzle-orm";
 import { parseRetentionOverrideOrNull } from "./_internal/parse-override";
 import { type EffectiveRetentionPolicy, resolveRetentionPolicy } from "./resolver";
 import { tenantRetentionOverrideTable } from "./schema/tenant-retention-override";
@@ -23,12 +23,10 @@ export interface ResolveForTenantArgs {
 export async function resolveRetentionPolicyForTenant(
   args: ResolveForTenantArgs,
 ): Promise<EffectiveRetentionPolicy> {
-  const overrideRow = (await fetchOne(
-    args.db,
-    tenantRetentionOverrideTable,
-    eq(tenantRetentionOverrideTable["tenantId"], args.tenantId),
-    eq(tenantRetentionOverrideTable["entityName"], args.entityName),
-  )) as { config: string | null } | null; // @cast-boundary db-runner
+  const overrideRow = (await fetchOne(args.db, tenantRetentionOverrideTable, {
+    tenantId: args.tenantId,
+    entityName: args.entityName,
+  })) as { config: string | null } | null; // @cast-boundary db-runner
 
   const tenantOverride = parseRetentionOverrideOrNull(
     overrideRow?.config ?? null,

package/src/data-retention/schema/tenant-retention-override.ts

@@ -1,4 +1,4 @@
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createLongTextField,
@@ -41,7 +41,7 @@ export const tenantRetentionOverrideEntity = createEntity({
   indexes: [{ unique: true, columns: ["tenantId", "entityName"] }],
 });
 
-export const tenantRetentionOverrideTable = buildDrizzleTable(
+export const tenantRetentionOverrideTable = buildEntityTable(
   "tenantRetentionOverride",
   tenantRetentionOverrideEntity,
 );

package/src/delivery/__tests__/delivery-events.integration.ts

@@ -6,6 +6,8 @@
 // aggregateType) fails loudly instead of breaking downstream consumers
 // (MSPs, audit-feature, event-replays) who subscribe by name.
 
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { DbConnection } from "@cosmicdrift/kumiko-framework/db";
 import { eventsTable } from "@cosmicdrift/kumiko-framework/event-store";
 import {
@@ -16,8 +18,7 @@ import {
   unsafeCreateEntityTable,
   unsafePushTables,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { eq } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
+import { resetTestTables } from "@cosmicdrift/kumiko-framework/testing";
 import { createChannelInAppFeature } from "../../channel-in-app/feature";
 import { inAppMessagesTable } from "../../channel-in-app/tables";
 import { createConfigFeature, createConfigResolver } from "../../config";
@@ -75,9 +76,7 @@ afterAll(async () => {
 });
 
 beforeEach(async () => {
-  // Fresh state per test so event-count assertions are deterministic.
-  await db.delete(eventsTable);
-  await db.delete(deliveryAttemptsTable);
+  await resetTestTables(db, [eventsTable, deliveryAttemptsTable]);
 });
 
 describe("delivery event shape", () => {
@@ -89,10 +88,7 @@ describe("delivery event shape", () => {
       admin.tenantId,
     );
 
-    const events = await db
-      .select()
-      .from(eventsTable)
-      .where(eq(eventsTable.aggregateType, "deliveryAttempt"));
+    const events = await selectMany(db, eventsTable, { aggregateType: "deliveryAttempt" });
 
     // One channel registered (in-app) → one delivery attempt → one event.
     expect(events).toHaveLength(1);
@@ -121,10 +117,7 @@ describe("delivery event shape", () => {
       admin.tenantId,
     );
 
-    const [event] = await db
-      .select()
-      .from(eventsTable)
-      .where(eq(eventsTable.aggregateType, "deliveryAttempt"));
+    const [event] = await selectMany(db, eventsTable, { aggregateType: "deliveryAttempt" });
     if (!event) throw new Error("expected one event");
 
     // The service schema-parses before append (see logDelivery), but we
@@ -145,10 +138,7 @@ describe("delivery event shape", () => {
       admin.tenantId,
     );
 
-    const [event] = await db
-      .select()
-      .from(eventsTable)
-      .where(eq(eventsTable.aggregateType, "deliveryAttempt"));
+    const [event] = await selectMany(db, eventsTable, { aggregateType: "deliveryAttempt" });
     if (!event) throw new Error("expected one event");
 
     // PK is unique — a matching row on `id === aggregateId` is already the
@@ -156,10 +146,7 @@ describe("delivery event shape", () => {
     // + tenantSecretsTable: projection-row PK IS the event aggregateId, so
     // a replay of the same event conflicts on the PK rather than
     // duplicating the log row.
-    const [row] = await db
-      .select()
-      .from(deliveryAttemptsTable)
-      .where(eq(deliveryAttemptsTable.id, event.aggregateId));
+    const [row] = await selectMany(db, deliveryAttemptsTable, { id: event.aggregateId });
     expect(row).toBeDefined();
     expect(row?.notificationType).toBe("example:notify:pk-link");
   });