@edge-base/server 0.2.3 → 0.2.4

package/src/lib/d1-handler.ts

@@ -36,10 +36,11 @@ import { summarizeValidationErrors, validateInsert, validateUpdate } from './val
 import { buildEffectiveSchema } from './schema.js';
 import { generateId } from './uuid.js';
 import { parseUpdateBody } from './op-parser.js';
-import { emitDbLiveEvent, emitDbLiveBatchEvent, sendToDatabaseLiveDO } from './database-live-emitter.js';
+import { emitDbLiveEvent, emitDbLiveBatchEvent } from './database-live-emitter.js';
 import { isTrustedInternalContext } from './internal-request.js';
 import { executeDbTriggers } from './functions.js';
 import { forbiddenError, hookRejectedError, normalizeDatabaseError } from './errors.js';
+import { buildTableHookRuntimeServices } from './table-hook-runtime.js';
 
 // ─── Types ───
 
@@ -227,10 +228,11 @@ async function evalInsertRule(
 
 function buildHookCtx(
   db: D1Database,
-  tables: Record<string, TableConfig>,
   env: Env,
   executionCtx?: ExecutionContext,
 ): HookCtx {
+  const runtimeServices = buildTableHookRuntimeServices(parseConfig(env), env);
+
   return {
     db: {
       async get(table: string, id: string): Promise<Record<string, unknown> | null> {
@@ -266,20 +268,7 @@ function buildHookCtx(
         return result.rows.length > 0;
       },
     },
-    databaseLive: {
-      async broadcast(channel: string, event: string, data: unknown): Promise<void> {
-        await sendToDatabaseLiveDO(
-          env,
-          { channel, event, payload: data ?? {} },
-          '/internal/broadcast',
-        );
-      },
-    },
-    push: {
-      async send(_userId: string, _payload: { title?: string; body: string }): Promise<void> {
-        // Push notifications — same mechanism as DO (via Worker env)
-      },
-    },
+    ...runtimeServices,
     waitUntil(promise: Promise<unknown>): void {
       if (executionCtx) {
         executionCtx.waitUntil(promise);
@@ -448,7 +437,7 @@ async function handleList(
 
   // Apply onEnrich hook
   if (tableHooks?.onEnrich) {
-    const hookCtx = buildHookCtx(resolved.db, resolved.dbBlock.tables ?? {}, c.env, c.executionCtx);
+    const hookCtx = buildHookCtx(resolved.db, c.env, c.executionCtx);
     for (let i = 0; i < items.length; i++) {
       try {
         const enriched = await tableHooks.onEnrich(auth, items[i], hookCtx);
@@ -612,7 +601,7 @@ async function handleGet(
 
   // Apply onEnrich hook
   if (tableHooks?.onEnrich) {
-    const hookCtx = buildHookCtx(resolved.db, resolved.dbBlock.tables ?? {}, c.env, c.executionCtx);
+    const hookCtx = buildHookCtx(resolved.db, c.env, c.executionCtx);
     try {
       const enriched = await tableHooks.onEnrich(auth, row, hookCtx);
       if (enriched && typeof enriched === 'object') return c.json({ ...row, ...enriched });
@@ -678,7 +667,7 @@ async function handleInsert(
   }
 
   // Run beforeInsert hook
-  const hookCtx = buildHookCtx(resolved.db, resolved.dbBlock.tables ?? {}, c.env, c.executionCtx);
+  const hookCtx = buildHookCtx(resolved.db, c.env, c.executionCtx);
   if (tableHooks?.beforeInsert) {
     try {
       const transformed = await tableHooks.beforeInsert(auth, body, hookCtx);
@@ -845,7 +834,7 @@ async function handleUpdate(
   }
 
   // Run beforeUpdate hook
-  const hookCtx = buildHookCtx(resolved.db, resolved.dbBlock.tables ?? {}, c.env, c.executionCtx);
+  const hookCtx = buildHookCtx(resolved.db, c.env, c.executionCtx);
   if (tableHooks?.beforeUpdate) {
     try {
       const transformed = await tableHooks.beforeUpdate(auth, existingRow, body, hookCtx);
@@ -962,7 +951,7 @@ async function handleDelete(
   }
 
   // Run beforeDelete hook
-  const hookCtx = buildHookCtx(resolved.db, resolved.dbBlock.tables ?? {}, c.env, c.executionCtx);
+  const hookCtx = buildHookCtx(resolved.db, c.env, c.executionCtx);
   if (tableHooks?.beforeDelete) {
     try {
       await tableHooks.beforeDelete(auth, existingRow, hookCtx);

package/src/lib/do-router.ts

@@ -8,11 +8,36 @@
  *
  * Constraint: `id` must NOT contain `:` character.
  */
-import { materializeConfig, type EdgeBaseConfig } from '@edge-base/shared';
+import { materializeConfig, type EdgeBaseConfig, type DbBlock } from '@edge-base/shared';
 import { counter } from '../middleware/rate-limit.js';
 
 const RUNTIME_CONFIG_GLOBAL_KEY = '__EDGEBASE_RUNTIME_CONFIG__';
 
+export type DbTargetValidationIssue =
+  | 'namespace_not_found'
+  | 'instance_id_empty'
+  | 'instance_id_invalid'
+  | 'instance_id_required'
+  | 'instance_id_not_allowed';
+
+export type DbTargetResolutionResult =
+  | {
+      ok: true;
+      value: {
+        namespace: string;
+        instanceId?: string;
+        dbBlock: DbBlock;
+        dynamic: boolean;
+      };
+    }
+  | {
+      ok: false;
+      issue: DbTargetValidationIssue;
+      status: 400 | 404;
+      namespace: string;
+      instanceId?: string;
+    };
+
 // ─── DO Instance ID Generation (§2) ───
 
 /**
@@ -53,6 +78,105 @@ export function parseDbDoName(doName: string): { namespace: string; id?: string
   };
 }
 
+export function normalizeDbInstanceId(instanceId: string | null | undefined): string | undefined {
+  return typeof instanceId === 'string' ? instanceId : undefined;
+}
+
+export function formatDbTargetValidationIssue(
+  issue: DbTargetValidationIssue,
+  namespace: string,
+  options: {
+    namespaceLabel?: string;
+    instanceIdLabel?: string;
+    includeSectionRef?: boolean;
+  } = {},
+): string {
+  const namespaceLabel = options.namespaceLabel ?? 'Database';
+  const instanceIdLabel = options.instanceIdLabel ?? 'instanceId';
+  switch (issue) {
+    case 'namespace_not_found':
+      return `${namespaceLabel} '${namespace}' not found in config`;
+    case 'instance_id_empty':
+      return `${instanceIdLabel} must not be empty`;
+    case 'instance_id_invalid':
+      return options.includeSectionRef
+        ? `${instanceIdLabel} must not contain ':' (§2)`
+        : `${instanceIdLabel} must not contain ':'`;
+    case 'instance_id_required':
+      return `${instanceIdLabel} is required for dynamic namespace '${namespace}'`;
+    case 'instance_id_not_allowed':
+      return `${instanceIdLabel} is not allowed for single-instance namespace '${namespace}'`;
+  }
+}
+
+export function resolveDbTarget(
+  config: EdgeBaseConfig,
+  namespace: string,
+  instanceId?: string | null,
+): DbTargetResolutionResult {
+  const normalizedInstanceId = normalizeDbInstanceId(instanceId);
+  const dbBlock = config.databases?.[namespace];
+  if (!dbBlock) {
+    return {
+      ok: false,
+      issue: 'namespace_not_found',
+      status: 404,
+      namespace,
+      instanceId: normalizedInstanceId,
+    };
+  }
+
+  if (normalizedInstanceId !== undefined && normalizedInstanceId.trim().length === 0) {
+    return {
+      ok: false,
+      issue: 'instance_id_empty',
+      status: 400,
+      namespace,
+      instanceId: normalizedInstanceId,
+    };
+  }
+
+  if (normalizedInstanceId?.includes(':')) {
+    return {
+      ok: false,
+      issue: 'instance_id_invalid',
+      status: 400,
+      namespace,
+      instanceId: normalizedInstanceId,
+    };
+  }
+
+  const dynamic = isDynamicDbBlock(dbBlock);
+  if (dynamic && normalizedInstanceId === undefined) {
+    return {
+      ok: false,
+      issue: 'instance_id_required',
+      status: 400,
+      namespace,
+      instanceId: normalizedInstanceId,
+    };
+  }
+  if (!dynamic && normalizedInstanceId !== undefined) {
+    return {
+      ok: false,
+      issue: 'instance_id_not_allowed',
+      status: 400,
+      namespace,
+      instanceId: normalizedInstanceId,
+    };
+  }
+
+  return {
+    ok: true,
+    value: {
+      namespace,
+      instanceId: normalizedInstanceId,
+      dbBlock,
+      dynamic,
+    },
+  };
+}
+
 // ─── DO Stub Call Helper ───
 
 /**
@@ -258,13 +382,21 @@ export function shouldRouteToD1(namespace: string, config: EdgeBaseConfig): bool
   if (dbBlock.provider === 'neon' || dbBlock.provider === 'postgres' || dbBlock.provider === 'do') return false;
 
   // Auto-detect: multi-tenant namespaces stay in DO
-  if (dbBlock.instance) return false;
-  if (dbBlock.access?.canCreate || dbBlock.access?.access) return false;
+  if (isDynamicDbBlock(dbBlock)) return false;
 
   // Default: single-instance → D1
   return true;
 }
 
+/**
+ * Dynamic DB blocks represent per-instance / multi-tenant storage and therefore
+ * require create/access authorization semantics that single-instance DB blocks do not.
+ */
+export function isDynamicDbBlock(dbBlock?: DbBlock): boolean {
+  if (!dbBlock) return false;
+  return Boolean(dbBlock.instance || dbBlock.access?.canCreate || dbBlock.access?.access);
+}
+
 /**
  * Get the D1 binding name for a single-instance namespace.
  * Convention: DB_D1_{NAMESPACE_UPPER}

package/src/lib/functions.ts

@@ -25,7 +25,7 @@ import type {
   ScheduleTrigger,
   HttpTrigger,
 } from '@edge-base/shared';
-import { getD1BindingName } from './do-router.js';
+import { getD1BindingName, normalizeDbInstanceId } from './do-router.js';
 import { D1AuthDb, type AuthDb } from './auth-db-adapter.js';
 import { ensureAuthSchema } from './auth-d1.js';
 import type { Env } from '../types.js';
@@ -822,6 +822,7 @@ export function buildAdminDbProxy(options: BuildAdminDbProxyOptions): FunctionAd
     );
 
   return (namespace: string, id?: string): DbRef => {
+    const normalizedId = normalizeDbInstanceId(id);
     // Create a per-DbRef transport with explicit dbContext so that
     // path parsing is unambiguous even when instanceId === 'tables'.
     const transport = new InternalHttpTransport({
@@ -832,13 +833,13 @@ export function buildAdminDbProxy(options: BuildAdminDbProxyOptions): FunctionAd
       env: options.env,
       executionCtx: options.executionCtx,
       preferDirectDo: options.preferDirectDo,
-      dbContext: { namespace, instanceId: id },
+      dbContext: { namespace, instanceId: normalizedId },
     });
     const dbApi = new DefaultDbApi(transport);
     return new DbRef(
       dbApi,
       namespace,
-      id,
+      normalizedId,
       undefined, // databaseLiveClient — not available server-side
       undefined, // filterMatchFn
       httpClient, // enables table().sql`...` tagged template

package/src/lib/internal-transport.ts

@@ -8,7 +8,13 @@
  */
 import type { HttpTransport } from '@edge-base/core';
 import type { EdgeBaseConfig } from '@edge-base/shared';
-import { getDbDoName, callDO, shouldRouteToD1 } from './do-router.js';
+import {
+  callDO,
+  formatDbTargetValidationIssue,
+  getDbDoName,
+  resolveDbTarget,
+  shouldRouteToD1,
+} from './do-router.js';
 import { handleD1Request } from './d1-handler.js';
 import { handlePgRequest } from './postgres-handler.js';
 import { buildInternalHandlerContext } from './internal-request.js';
@@ -115,7 +121,12 @@ export class InternalHttpTransport implements HttpTransport {
     options?: { query?: Record<string, string>; body?: unknown },
   ): Promise<T> {
     const { namespace, instanceId, tableName, directPath } = parsePath(path, this.dbContext);
-    const doName = getDbDoName(namespace, instanceId);
+    const target = resolveDbTarget(this.config, namespace, instanceId);
+    if (!target.ok) {
+      throw new Error(formatDbTargetValidationIssue(target.issue, namespace));
+    }
+    const { instanceId: normalizedInstanceId } = target.value;
+    const doName = getDbDoName(namespace, normalizedInstanceId);
 
     // Build internal headers
     const headers: Record<string, string> = {
@@ -141,7 +152,7 @@ export class InternalHttpTransport implements HttpTransport {
     const res = await this.routeRequest(
       method as 'GET' | 'POST' | 'PATCH' | 'DELETE' | 'PUT',
       namespace,
-      instanceId,
+      normalizedInstanceId,
       tableName,
       directPath,
       doName,
@@ -174,36 +185,41 @@ export class InternalHttpTransport implements HttpTransport {
     query: URLSearchParams,
     body?: Record<string, unknown>,
   ): Promise<Response> {
+    const target = resolveDbTarget(this.config, namespace, instanceId);
+    if (!target.ok) {
+      throw new Error(formatDbTargetValidationIssue(target.issue, namespace));
+    }
+    const { dbBlock, dynamic, instanceId: normalizedInstanceId } = target.value;
     const queryString = Array.from(query.keys()).length > 0 ? `?${query.toString()}` : '';
     const directPathWithQuery = `${directPath}${queryString}`;
-    const provider = this.config.databases?.[namespace]?.provider;
+    const provider = dbBlock.provider;
     const httpMethod = method === 'PUT' ? 'PATCH' : method; // normalize PUT → PATCH
 
     // 1. D1 route
-    if (!this.preferDirectDo && shouldRouteToD1(namespace, this.config) && this.env) {
-      return this.requestViaD1Handler(httpMethod, namespace, instanceId, tableName, directPath, headers, query, body);
+    if (!this.preferDirectDo && !dynamic && shouldRouteToD1(namespace, this.config) && this.env) {
+      return this.requestViaD1Handler(httpMethod, namespace, normalizedInstanceId, tableName, directPath, headers, query, body);
     }
 
     // 2. PostgreSQL route
-    if ((provider === 'neon' || provider === 'postgres') && this.env) {
-      return this.requestViaPgHandler(httpMethod, namespace, instanceId, tableName, directPath, headers, query, body);
+    if (!dynamic && (provider === 'neon' || provider === 'postgres') && this.env) {
+      return this.requestViaPgHandler(httpMethod, namespace, normalizedInstanceId, tableName, directPath, headers, query, body);
     }
 
     // 3. Direct DO route
     if (this.env) {
-      return this.requestViaDirectDo(httpMethod, doName, directPathWithQuery, headers, body, !!instanceId);
+      return this.requestViaDirectDo(httpMethod, doName, directPathWithQuery, headers, body, dynamic);
     }
 
     // 4. Worker HTTP fallback
     if (this.workerUrl) {
-      const apiPath = instanceId
-        ? `/api/db/${namespace}/${instanceId}${directPathWithQuery}`
+      const apiPath = normalizedInstanceId
+        ? `/api/db/${namespace}/${normalizedInstanceId}${directPathWithQuery}`
         : `/api/db/${namespace}${directPathWithQuery}`;
       return this.requestViaWorker(httpMethod, apiPath, headers, body);
     }
 
     // 5. Fallback: direct DO
-    return this.requestViaDirectDo(httpMethod, doName, directPathWithQuery, headers, body, !!instanceId);
+    return this.requestViaDirectDo(httpMethod, doName, directPathWithQuery, headers, body, dynamic);
   }
 
   private async requestViaWorker(

package/src/lib/plugin-migration-routing.ts

@@ -0,0 +1,28 @@
+const PLUGIN_MIGRATION_PATH_PREFIXES = [
+  '/api/auth',
+  '/api/db',
+  '/api/functions',
+  '/api/sql',
+  '/api/storage',
+  '/admin/api',
+] as const;
+
+export function shouldRunPluginMigrationsForRequestPath(path: string): boolean {
+  if (!path.startsWith('/')) {
+    path = `/${path}`;
+  }
+
+  if (
+    path === '/admin/api/backup'
+    || path.startsWith('/admin/api/backup/')
+    || path.startsWith('/admin/api/data/backup/')
+    || path === '/internal/backup'
+    || path.startsWith('/internal/backup/')
+  ) {
+    return false;
+  }
+
+  return PLUGIN_MIGRATION_PATH_PREFIXES.some(
+    (prefix) => path === prefix || path.startsWith(`${prefix}/`),
+  );
+}

package/src/lib/postgres-handler.ts

@@ -51,6 +51,7 @@ import {
 import { isTrustedInternalContext } from './internal-request.js';
 import { executeDbTriggers } from './functions.js';
 import { parseUpdateBody } from './op-parser.js';
+import { buildTableHookRuntimeServices } from './table-hook-runtime.js';
 
 // ─── Types ───
 
@@ -232,13 +233,14 @@ async function evalInsertRule(
 
 function buildHookCtx(
   connectionString: string,
-  tables: Record<string, TableConfig>,
+  env: Env,
   executionCtx?: ExecutionContext,
   queryExecutor?: PostgresExecutor,
 ): HookCtx {
   const query =
     queryExecutor ??
     ((sql: string, params: unknown[] = []) => executePostgresQuery(connectionString, sql, params));
+  const runtimeServices = buildTableHookRuntimeServices(parseConfig(env), env);
 
   return {
     db: {
@@ -279,17 +281,7 @@ function buildHookCtx(
         return result.rows.length > 0;
       },
     },
-    databaseLive: {
-      async broadcast(_channel: string, _event: string, _data: unknown): Promise<void> {
-        // HookCtx broadcast — not implemented for PostgreSQL provider (no direct env access)
-        // Use database-live subscription from client SDK instead
-      },
-    },
-    push: {
-      async send(_userId: string, _payload: { title?: string; body: string }): Promise<void> {
-        // Push notifications — same mechanism as DO (via Worker env)
-      },
-    },
+    ...runtimeServices,
     waitUntil(promise: Promise<unknown>): void {
       if (executionCtx) {
         executionCtx.waitUntil(promise);
@@ -358,7 +350,7 @@ async function handleList(
 
   // Apply onEnrich hook
   if (tableHooks?.onEnrich) {
-    const hookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx, query);
+    const hookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx, query);
     for (let i = 0; i < items.length; i++) {
       try {
         const enriched = await tableHooks.onEnrich(auth, items[i], hookCtx);
@@ -507,7 +499,7 @@ async function handleGet(
 
   // Apply onEnrich hook
   if (tableHooks?.onEnrich) {
-    const hookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx, query);
+    const hookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx, query);
     try {
       const enriched = await tableHooks.onEnrich(auth, row, hookCtx);
       if (enriched && typeof enriched === 'object') return c.json({ ...row, ...enriched });
@@ -558,7 +550,7 @@ async function handleInsert(
   }
 
   // Run beforeInsert hook
-  const requestHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx, query);
+  const requestHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx, query);
   if (tableHooks?.beforeInsert) {
     try {
       const transformed = await tableHooks.beforeInsert(auth, body, requestHookCtx);
@@ -612,7 +604,7 @@ async function handleInsert(
   // Run afterInsert hook (fire-and-forget)
   if (tableHooks?.afterInsert) {
     const hook = tableHooks.afterInsert;
-    const backgroundHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx);
+    const backgroundHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx);
     backgroundHookCtx.waitUntil(Promise.resolve(hook(inserted, backgroundHookCtx)).catch(() => {}));
   }
 
@@ -703,7 +695,7 @@ async function handleUpdate(
   }
 
   // Run beforeUpdate hook
-  const requestHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx, query);
+  const requestHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx, query);
   if (tableHooks?.beforeUpdate) {
     try {
       const transformed = await tableHooks.beforeUpdate(auth, existingRow, body, requestHookCtx);
@@ -740,7 +732,7 @@ async function handleUpdate(
   // Run afterUpdate hook (fire-and-forget)
   if (tableHooks?.afterUpdate) {
     const hook = tableHooks.afterUpdate;
-    const backgroundHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx);
+    const backgroundHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx);
     backgroundHookCtx.waitUntil(
       Promise.resolve(hook(existingRow, updated, backgroundHookCtx)).catch(() => {}),
     );
@@ -805,7 +797,7 @@ async function handleDelete(
   }
 
   // Run beforeDelete hook
-  const requestHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx, query);
+  const requestHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx, query);
   if (tableHooks?.beforeDelete) {
     try {
       await tableHooks.beforeDelete(auth, existingRow, requestHookCtx);
@@ -826,7 +818,7 @@ async function handleDelete(
   // Run afterDelete hook (fire-and-forget)
   if (tableHooks?.afterDelete) {
     const hook = tableHooks.afterDelete;
-    const backgroundHookCtx = buildHookCtx(resolved.connectionString, resolved.dbBlock.tables ?? {}, c.executionCtx);
+    const backgroundHookCtx = buildHookCtx(resolved.connectionString, c.env, c.executionCtx);
     backgroundHookCtx.waitUntil(
       Promise.resolve(hook(existingRow, backgroundHookCtx)).catch(() => {}),
     );

package/src/lib/provider-aware-sql.ts

@@ -1,7 +1,12 @@
 import type { EdgeBaseConfig } from '@edge-base/shared';
 import { executeD1Sql } from './d1-sql.js';
 import { executeDoSql } from './do-sql.js';
-import { getD1BindingName, shouldRouteToD1 } from './do-router.js';
+import {
+  formatDbTargetValidationIssue,
+  getD1BindingName,
+  resolveDbTarget,
+  shouldRouteToD1,
+} from './do-router.js';
 import {
   ensureLocalDevPostgresSchema,
   getLocalDevPostgresExecOptions,
@@ -710,23 +715,17 @@ export async function executeProviderAwareSql(
   query: string,
   params: unknown[] = [],
 ): Promise<ProviderAwareSqlResult> {
-  const dbBlock = opts.config.databases?.[namespace];
   const usesTaggedTemplateMarkers = hasTaggedTemplateSqlMarkers(query);
   const rewriteTaggedTemplateQuery = (style: 'postgres' | 'question') =>
     usesTaggedTemplateMarkers ? replaceTaggedTemplateSqlMarkers(query, style, params.length) : query;
-  const isDynamicNamespace = !!(
-    dbBlock?.instance ||
-    dbBlock?.access?.canCreate ||
-    dbBlock?.access?.access
-  );
-  if (isDynamicNamespace && !id) {
-    throw new Error(
-      `admin.sqlProviderAware() requires an id for dynamic namespace '${namespace}'.`,
-    );
+  const target = resolveDbTarget(opts.config, namespace, id);
+  if (!target.ok) {
+    throw new Error(formatDbTargetValidationIssue(target.issue, namespace));
   }
+  const { dbBlock, instanceId } = target.value;
 
   if (opts.env) {
-    if (!id && (dbBlock?.provider === 'neon' || dbBlock?.provider === 'postgres')) {
+    if (!instanceId && (dbBlock.provider === 'neon' || dbBlock.provider === 'postgres')) {
       const bindingName = getProviderBindingName(namespace);
       const envRecord = opts.env as unknown as Record<string, unknown>;
       const hyperdrive = envRecord[bindingName] as { connectionString?: string } | undefined;
@@ -759,7 +758,7 @@ export async function executeProviderAwareSql(
       );
     }
 
-    if (!id && shouldRouteToD1(namespace, opts.config)) {
+    if (!instanceId && shouldRouteToD1(namespace, opts.config)) {
       const bindingName = getD1BindingName(namespace);
       const d1 = (opts.env as unknown as Record<string, unknown>)[bindingName] as
         | D1Database
@@ -780,7 +779,7 @@ export async function executeProviderAwareSql(
       const rows = await executeDoSql({
         databaseNamespace: opts.databaseNamespace,
         namespace,
-        id,
+        id: instanceId,
         query: rewriteTaggedTemplateQuery('question'),
         params,
         internal: true,
@@ -800,7 +799,12 @@ export async function executeProviderAwareSql(
         'Content-Type': 'application/json',
         'X-EdgeBase-Service-Key': opts.serviceKey,
       },
-      body: JSON.stringify({ namespace, id, sql: rewriteTaggedTemplateQuery('question'), params }),
+      body: JSON.stringify({
+        namespace,
+        id: instanceId,
+        sql: rewriteTaggedTemplateQuery('question'),
+        params,
+      }),
     });
     if (!res.ok) {
       const err = (await res.json().catch(() => ({ message: 'SQL execution failed' }))) as {

package/src/lib/table-hook-runtime.ts

@@ -0,0 +1,62 @@
+import type { EdgeBaseConfig, HookCtx } from '@edge-base/shared';
+import { ensureAuthSchema } from './auth-d1.js';
+import { resolveAuthDb, type AuthDb } from './auth-db-adapter.js';
+import { sendToDatabaseLiveDO } from './database-live-emitter.js';
+import { createPushProvider } from './push-provider.js';
+import { getDevicesForUser } from './push-token.js';
+import type { Env } from '../types.js';
+
+type PushTokenStore = KVNamespace | { kv: KVNamespace; authDb?: AuthDb | null };
+
+async function resolvePushTokenStore(env: Env): Promise<PushTokenStore | null> {
+  if (!env.KV) {
+    return null;
+  }
+
+  try {
+    const authDb = resolveAuthDb(env as unknown as Record<string, unknown>);
+    await ensureAuthSchema(authDb);
+    return { kv: env.KV, authDb };
+  } catch {
+    return env.KV;
+  }
+}
+
+export function buildTableHookRuntimeServices(
+  config: EdgeBaseConfig,
+  env: Env,
+): Pick<HookCtx, 'databaseLive' | 'push'> {
+  return {
+    databaseLive: {
+      async broadcast(channel: string, event: string, data: unknown): Promise<void> {
+        await sendToDatabaseLiveDO(
+          env,
+          { channel, event, payload: data ?? {} },
+          '/internal/broadcast',
+        );
+      },
+    },
+    push: {
+      async send(userId: string, payload: { title?: string; body: string }): Promise<void> {
+        try {
+          const tokenStore = await resolvePushTokenStore(env);
+          if (!tokenStore) return;
+
+          const provider = createPushProvider(config.push, env);
+          if (!provider) return;
+
+          const devices = await getDevicesForUser(tokenStore, userId);
+          if (devices.length === 0) return;
+
+          await Promise.allSettled(
+            devices.map((device) =>
+              provider.send({ token: device.token, platform: device.platform, payload }),
+            ),
+          );
+        } catch (error) {
+          console.warn('[EdgeBase] table hook push.send failed:', error);
+        }
+      },
+    },
+  };
+}