npm - @friggframework/core - Versions diffs - 2.0.0-next.8 → 2.0.0-next.80 - Mend

@friggframework/core 2.0.0-next.8 → 2.0.0-next.80

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (303) hide show

package/CLAUDE.md +694 -0
package/README.md +959 -50
package/application/commands/README.md +451 -0
package/application/commands/credential-commands.js +245 -0
package/application/commands/entity-commands.js +336 -0
package/application/commands/integration-commands.js +210 -0
package/application/commands/scheduler-commands.js +263 -0
package/application/commands/user-commands.js +283 -0
package/application/index.js +73 -0
package/assertions/index.js +0 -3
package/core/CLAUDE.md +690 -0
package/core/Worker.js +60 -24
package/core/create-handler.js +79 -8
package/credential/repositories/credential-repository-documentdb.js +304 -0
package/credential/repositories/credential-repository-factory.js +54 -0
package/credential/repositories/credential-repository-interface.js +98 -0
package/credential/repositories/credential-repository-mongo.js +269 -0
package/credential/repositories/credential-repository-postgres.js +287 -0
package/credential/repositories/credential-repository.js +300 -0
package/credential/use-cases/get-credential-for-user.js +25 -0
package/credential/use-cases/update-authentication-status.js +15 -0
package/database/MONGODB_TRANSACTION_FIX.md +198 -0
package/database/adapters/lambda-invoker.js +97 -0
package/database/config.js +154 -0
package/database/documentdb-encryption-service.js +330 -0
package/database/documentdb-utils.js +136 -0
package/database/encryption/README.md +839 -0
package/database/encryption/documentdb-encryption-service.md +3575 -0
package/database/encryption/encryption-schema-registry.js +268 -0
package/database/encryption/field-encryption-service.js +226 -0
package/database/encryption/logger.js +79 -0
package/database/encryption/prisma-encryption-extension.js +222 -0
package/database/index.js +21 -21
package/database/prisma.js +182 -0
package/database/repositories/health-check-repository-documentdb.js +138 -0
package/database/repositories/health-check-repository-factory.js +48 -0
package/database/repositories/health-check-repository-interface.js +82 -0
package/database/repositories/health-check-repository-mongodb.js +89 -0
package/database/repositories/health-check-repository-postgres.js +82 -0
package/database/repositories/migration-status-repository-s3.js +137 -0
package/database/use-cases/check-database-health-use-case.js +29 -0
package/database/use-cases/check-database-state-use-case.js +81 -0
package/database/use-cases/check-encryption-health-use-case.js +83 -0
package/database/use-cases/get-database-state-via-worker-use-case.js +61 -0
package/database/use-cases/get-migration-status-use-case.js +93 -0
package/database/use-cases/run-database-migration-use-case.js +139 -0
package/database/use-cases/test-encryption-use-case.js +253 -0
package/database/use-cases/trigger-database-migration-use-case.js +157 -0
package/database/utils/mongodb-collection-utils.js +94 -0
package/database/utils/mongodb-schema-init.js +108 -0
package/database/utils/prisma-runner.js +477 -0
package/database/utils/prisma-schema-parser.js +182 -0
package/docs/PROCESS_MANAGEMENT_QUEUE_SPEC.md +517 -0
package/encrypt/Cryptor.js +34 -168
package/encrypt/index.js +1 -2
package/errors/client-safe-error.js +26 -0
package/errors/fetch-error.js +15 -7
package/errors/index.js +2 -0
package/generated/prisma-mongodb/client.d.ts +1 -0
package/generated/prisma-mongodb/client.js +4 -0
package/generated/prisma-mongodb/default.d.ts +1 -0
package/generated/prisma-mongodb/default.js +4 -0
package/generated/prisma-mongodb/edge.d.ts +1 -0
package/generated/prisma-mongodb/edge.js +335 -0
package/generated/prisma-mongodb/index-browser.js +317 -0
package/generated/prisma-mongodb/index.d.ts +22955 -0
package/generated/prisma-mongodb/index.js +360 -0
package/generated/prisma-mongodb/package.json +183 -0
package/generated/prisma-mongodb/query-engine-debian-openssl-3.0.x +0 -0
package/generated/prisma-mongodb/query-engine-rhel-openssl-3.0.x +0 -0
package/generated/prisma-mongodb/runtime/binary.d.ts +1 -0
package/generated/prisma-mongodb/runtime/binary.js +289 -0
package/generated/prisma-mongodb/runtime/edge-esm.js +34 -0
package/generated/prisma-mongodb/runtime/edge.js +34 -0
package/generated/prisma-mongodb/runtime/index-browser.d.ts +370 -0
package/generated/prisma-mongodb/runtime/index-browser.js +16 -0
package/generated/prisma-mongodb/runtime/library.d.ts +3977 -0
package/generated/prisma-mongodb/runtime/react-native.js +83 -0
package/generated/prisma-mongodb/runtime/wasm-compiler-edge.js +84 -0
package/generated/prisma-mongodb/runtime/wasm-engine-edge.js +36 -0
package/generated/prisma-mongodb/schema.prisma +362 -0
package/generated/prisma-mongodb/wasm-edge-light-loader.mjs +4 -0
package/generated/prisma-mongodb/wasm-worker-loader.mjs +4 -0
package/generated/prisma-mongodb/wasm.d.ts +1 -0
package/generated/prisma-mongodb/wasm.js +342 -0
package/generated/prisma-postgresql/client.d.ts +1 -0
package/generated/prisma-postgresql/client.js +4 -0
package/generated/prisma-postgresql/default.d.ts +1 -0
package/generated/prisma-postgresql/default.js +4 -0
package/generated/prisma-postgresql/edge.d.ts +1 -0
package/generated/prisma-postgresql/edge.js +357 -0
package/generated/prisma-postgresql/index-browser.js +339 -0
package/generated/prisma-postgresql/index.d.ts +25131 -0
package/generated/prisma-postgresql/index.js +382 -0
package/generated/prisma-postgresql/package.json +183 -0
package/generated/prisma-postgresql/query-engine-debian-openssl-3.0.x +0 -0
package/generated/prisma-postgresql/query-engine-rhel-openssl-3.0.x +0 -0
package/generated/prisma-postgresql/query_engine_bg.js +2 -0
package/generated/prisma-postgresql/query_engine_bg.wasm +0 -0
package/generated/prisma-postgresql/runtime/binary.d.ts +1 -0
package/generated/prisma-postgresql/runtime/binary.js +289 -0
package/generated/prisma-postgresql/runtime/edge-esm.js +34 -0
package/generated/prisma-postgresql/runtime/edge.js +34 -0
package/generated/prisma-postgresql/runtime/index-browser.d.ts +370 -0
package/generated/prisma-postgresql/runtime/index-browser.js +16 -0
package/generated/prisma-postgresql/runtime/library.d.ts +3977 -0
package/generated/prisma-postgresql/runtime/react-native.js +83 -0
package/generated/prisma-postgresql/runtime/wasm-compiler-edge.js +84 -0
package/generated/prisma-postgresql/runtime/wasm-engine-edge.js +36 -0
package/generated/prisma-postgresql/schema.prisma +345 -0
package/generated/prisma-postgresql/wasm-edge-light-loader.mjs +4 -0
package/generated/prisma-postgresql/wasm-worker-loader.mjs +4 -0
package/generated/prisma-postgresql/wasm.d.ts +1 -0
package/generated/prisma-postgresql/wasm.js +364 -0
package/handlers/WEBHOOKS.md +653 -0
package/handlers/app-definition-loader.js +38 -0
package/handlers/app-handler-helpers.js +57 -0
package/handlers/backend-utils.js +262 -0
package/handlers/database-migration-handler.js +227 -0
package/handlers/integration-event-dispatcher.js +54 -0
package/handlers/routers/HEALTHCHECK.md +342 -0
package/handlers/routers/auth.js +15 -0
package/handlers/routers/db-migration.handler.js +29 -0
package/handlers/routers/db-migration.js +326 -0
package/handlers/routers/health.js +516 -0
package/handlers/routers/integration-defined-routers.js +45 -0
package/handlers/routers/integration-webhook-routers.js +67 -0
package/handlers/routers/user.js +63 -0
package/handlers/routers/websocket.js +57 -0
package/handlers/use-cases/check-external-apis-health-use-case.js +81 -0
package/handlers/use-cases/check-integrations-health-use-case.js +44 -0
package/handlers/workers/db-migration.js +352 -0
package/handlers/workers/dlq-processor.js +63 -0
package/handlers/workers/integration-defined-workers.js +23 -0
package/index.js +82 -46
package/infrastructure/scheduler/eventbridge-scheduler-adapter.js +184 -0
package/infrastructure/scheduler/index.js +33 -0
package/infrastructure/scheduler/mock-scheduler-adapter.js +143 -0
package/infrastructure/scheduler/scheduler-service-factory.js +73 -0
package/infrastructure/scheduler/scheduler-service-interface.js +47 -0
package/integrations/WEBHOOK-QUICKSTART.md +151 -0
package/integrations/index.js +12 -10
package/integrations/integration-base.js +364 -55
package/integrations/integration-router.js +375 -179
package/integrations/options.js +1 -1
package/integrations/repositories/integration-mapping-repository-documentdb.js +280 -0
package/integrations/repositories/integration-mapping-repository-factory.js +57 -0
package/integrations/repositories/integration-mapping-repository-interface.js +106 -0
package/integrations/repositories/integration-mapping-repository-mongo.js +161 -0
package/integrations/repositories/integration-mapping-repository-postgres.js +227 -0
package/integrations/repositories/integration-mapping-repository.js +156 -0
package/integrations/repositories/integration-repository-documentdb.js +219 -0
package/integrations/repositories/integration-repository-factory.js +51 -0
package/integrations/repositories/integration-repository-interface.js +144 -0
package/integrations/repositories/integration-repository-mongo.js +330 -0
package/integrations/repositories/integration-repository-postgres.js +385 -0
package/integrations/repositories/process-repository-documentdb.js +243 -0
package/integrations/repositories/process-repository-factory.js +53 -0
package/integrations/repositories/process-repository-interface.js +90 -0
package/integrations/repositories/process-repository-mongo.js +190 -0
package/integrations/repositories/process-repository-postgres.js +217 -0
package/integrations/tests/doubles/config-capturing-integration.js +81 -0
package/integrations/tests/doubles/dummy-integration-class.js +105 -0
package/integrations/tests/doubles/test-integration-repository.js +112 -0
package/integrations/use-cases/create-integration.js +83 -0
package/integrations/use-cases/create-process.js +128 -0
package/integrations/use-cases/delete-integration-for-user.js +101 -0
package/integrations/use-cases/find-integration-context-by-external-entity-id.js +72 -0
package/integrations/use-cases/get-integration-for-user.js +78 -0
package/integrations/use-cases/get-integration-instance-by-definition.js +67 -0
package/integrations/use-cases/get-integration-instance.js +83 -0
package/integrations/use-cases/get-integrations-for-user.js +88 -0
package/integrations/use-cases/get-possible-integrations.js +27 -0
package/integrations/use-cases/get-process.js +87 -0
package/integrations/use-cases/index.js +19 -0
package/integrations/use-cases/load-integration-context.js +71 -0
package/integrations/use-cases/update-integration-messages.js +44 -0
package/integrations/use-cases/update-integration-status.js +32 -0
package/integrations/use-cases/update-integration.js +92 -0
package/integrations/use-cases/update-process-metrics.js +201 -0
package/integrations/use-cases/update-process-state.js +119 -0
package/integrations/utils/map-integration-dto.js +37 -0
package/jest-global-setup-noop.js +3 -0
package/jest-global-teardown-noop.js +3 -0
package/logs/logger.js +0 -4
package/{module-plugin → modules}/index.js +0 -10
package/modules/module-factory.js +56 -0
package/modules/module.js +256 -0
package/modules/repositories/module-repository-documentdb.js +335 -0
package/modules/repositories/module-repository-factory.js +40 -0
package/modules/repositories/module-repository-interface.js +129 -0
package/modules/repositories/module-repository-mongo.js +408 -0
package/modules/repositories/module-repository-postgres.js +453 -0
package/modules/repositories/module-repository.js +345 -0
package/modules/requester/api-key.js +52 -0
package/modules/requester/oauth-2.js +396 -0
package/{module-plugin → modules}/requester/requester.js +4 -2
package/{module-plugin → modules}/test/mock-api/api.js +8 -3
package/{module-plugin → modules}/test/mock-api/definition.js +14 -10
package/modules/tests/doubles/test-module-factory.js +16 -0
package/modules/tests/doubles/test-module-repository.js +39 -0
package/modules/use-cases/get-entities-for-user.js +32 -0
package/modules/use-cases/get-entity-options-by-id.js +71 -0
package/modules/use-cases/get-entity-options-by-type.js +34 -0
package/modules/use-cases/get-module-instance-from-type.js +31 -0
package/modules/use-cases/get-module.js +74 -0
package/modules/use-cases/process-authorization-callback.js +177 -0
package/modules/use-cases/refresh-entity-options.js +72 -0
package/modules/use-cases/test-module-auth.js +72 -0
package/modules/utils/map-module-dto.js +18 -0
package/package.json +82 -50
package/prisma-mongodb/schema.prisma +362 -0
package/prisma-postgresql/migrations/20250930193005_init/migration.sql +315 -0
package/prisma-postgresql/migrations/20251006135218_init/migration.sql +9 -0
package/prisma-postgresql/migrations/20251010000000_remove_unused_entity_reference_map/migration.sql +3 -0
package/prisma-postgresql/migrations/20251112195422_update_user_unique_constraints/migration.sql +25 -0
package/prisma-postgresql/migrations/migration_lock.toml +3 -0
package/prisma-postgresql/schema.prisma +345 -0
package/queues/queuer-util.js +103 -21
package/syncs/manager.js +468 -443
package/syncs/repositories/sync-repository-documentdb.js +240 -0
package/syncs/repositories/sync-repository-factory.js +43 -0
package/syncs/repositories/sync-repository-interface.js +109 -0
package/syncs/repositories/sync-repository-mongo.js +239 -0
package/syncs/repositories/sync-repository-postgres.js +319 -0
package/syncs/sync.js +0 -1
package/token/repositories/token-repository-documentdb.js +137 -0
package/token/repositories/token-repository-factory.js +40 -0
package/token/repositories/token-repository-interface.js +131 -0
package/token/repositories/token-repository-mongo.js +219 -0
package/token/repositories/token-repository-postgres.js +264 -0
package/token/repositories/token-repository.js +219 -0
package/types/associations/index.d.ts +0 -17
package/types/core/index.d.ts +12 -4
package/types/database/index.d.ts +10 -2
package/types/encrypt/index.d.ts +5 -3
package/types/integrations/index.d.ts +3 -8
package/types/module-plugin/index.d.ts +17 -69
package/types/syncs/index.d.ts +0 -17
package/user/repositories/user-repository-documentdb.js +441 -0
package/user/repositories/user-repository-factory.js +52 -0
package/user/repositories/user-repository-interface.js +201 -0
package/user/repositories/user-repository-mongo.js +308 -0
package/user/repositories/user-repository-postgres.js +360 -0
package/user/tests/doubles/test-user-repository.js +72 -0
package/user/use-cases/authenticate-user.js +127 -0
package/user/use-cases/authenticate-with-shared-secret.js +48 -0
package/user/use-cases/create-individual-user.js +61 -0
package/user/use-cases/create-organization-user.js +47 -0
package/user/use-cases/create-token-for-user-id.js +30 -0
package/user/use-cases/get-user-from-adopter-jwt.js +149 -0
package/user/use-cases/get-user-from-bearer-token.js +77 -0
package/user/use-cases/get-user-from-x-frigg-headers.js +132 -0
package/user/use-cases/login-user.js +122 -0
package/user/user.js +125 -0
package/utils/backend-path.js +38 -0
package/utils/index.js +6 -0
package/websocket/repositories/websocket-connection-repository-documentdb.js +119 -0
package/websocket/repositories/websocket-connection-repository-factory.js +44 -0
package/websocket/repositories/websocket-connection-repository-interface.js +106 -0
package/websocket/repositories/websocket-connection-repository-mongo.js +156 -0
package/websocket/repositories/websocket-connection-repository-postgres.js +196 -0
package/websocket/repositories/websocket-connection-repository.js +161 -0
package/assertions/is-equal.js +0 -17
package/associations/model.js +0 -54
package/database/models/IndividualUser.js +0 -76
package/database/models/OrganizationUser.js +0 -29
package/database/models/State.js +0 -9
package/database/models/Token.js +0 -70
package/database/models/UserModel.js +0 -7
package/database/models/WebsocketConnection.js +0 -49
package/database/mongo.js +0 -45
package/database/mongoose.js +0 -5
package/encrypt/Cryptor.test.js +0 -32
package/encrypt/encrypt.js +0 -132
package/encrypt/encrypt.test.js +0 -1069
package/encrypt/test-encrypt.js +0 -107
package/errors/base-error.test.js +0 -32
package/errors/fetch-error.test.js +0 -79
package/errors/halt-error.test.js +0 -11
package/errors/validation-errors.test.js +0 -120
package/integrations/create-frigg-backend.js +0 -31
package/integrations/integration-factory.js +0 -251
package/integrations/integration-mapping.js +0 -43
package/integrations/integration-model.js +0 -46
package/integrations/integration-user.js +0 -144
package/integrations/test/integration-base.test.js +0 -144
package/lambda/TimeoutCatcher.test.js +0 -68
package/logs/logger.test.js +0 -76
package/module-plugin/auther.js +0 -393
package/module-plugin/credential.js +0 -22
package/module-plugin/entity-manager.js +0 -70
package/module-plugin/entity.js +0 -46
package/module-plugin/manager.js +0 -169
package/module-plugin/module-factory.js +0 -61
package/module-plugin/requester/api-key.js +0 -36
package/module-plugin/requester/oauth-2.js +0 -219
package/module-plugin/requester/requester.test.js +0 -28
package/module-plugin/test/auther.test.js +0 -97
package/syncs/model.js +0 -62
/package/{module-plugin → modules}/ModuleConstants.js +0 -0
/package/{module-plugin → modules}/requester/basic.js +0 -0
/package/{module-plugin → modules}/test/mock-api/mocks/hubspot.js +0 -0

package/database/repositories/health-check-repository-interface.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * Health Check Repository Interface
+ * Abstract base class defining the contract for health check persistence adapters
+ *
+ * This follows the Port in Hexagonal Architecture:
+ * - Domain layer depends on this abstraction
+ * - Concrete adapters implement this interface
+ * - Use cases receive repositories via dependency injection
+ *
+ * Note: Currently, HealthCheckRepository has identical structure across MongoDB and PostgreSQL,
+ * so HealthCheckRepository serves both. This interface exists for consistency and
+ * future-proofing if database-specific implementations become needed.
+ *
+ * @abstract
+ */
+class HealthCheckRepositoryInterface {
+    /**
+     * @returns {Promise<{readyState: number, stateName: string, isConnected: boolean}>}
+     * @abstract
+     */
+    async getDatabaseConnectionState() {
+        throw new Error('Method getDatabaseConnectionState must be implemented by subclass');
+    }
+    /**
+     * Ping database to verify connectivity
+     *
+     * @param {number} maxTimeMS - Maximum time in milliseconds
+     * @returns {Promise<number>} Response time in milliseconds
+     * @abstract
+     */
+    async pingDatabase(maxTimeMS) {
+        throw new Error('Method pingDatabase must be implemented by subclass');
+    }
+    /**
+     * Persist an encrypted credential for health verification.
+     * Implementations should rely on Prisma so encryption middleware runs.
+     *
+     * @param {Object} credentialData
+     * @returns {Promise<Object>} Persisted credential
+     * @abstract
+     */
+    async createCredential(credentialData) {
+        throw new Error('Method createCredential must be implemented by subclass');
+    }
+    /**
+     * Retrieve credential by ID using Prisma (decrypted).
+     *
+     * @param {string} id
+     * @returns {Promise<Object|null>}
+     * @abstract
+     */
+    async findCredentialById(id) {
+        throw new Error('Method findCredentialById must be implemented by subclass');
+    }
+    /**
+     * Fetch raw credential document from the database (without decryption).
+     *
+     * @param {string} id
+     * @returns {Promise<Object|null>}
+     * @abstract
+     */
+    async getRawCredentialById(id) {
+        throw new Error('Method getRawCredentialById must be implemented by subclass');
+    }
+    /**
+     * Delete credential by ID.
+     *
+     * @param {string} id
+     * @returns {Promise<void>}
+     * @abstract
+     */
+    async deleteCredential(id) {
+        throw new Error('Method deleteCredential must be implemented by subclass');
+    }
+}
+module.exports = { HealthCheckRepositoryInterface };

package/database/repositories/health-check-repository-mongodb.js ADDED Viewed

@@ -0,0 +1,89 @@
+const {
+    HealthCheckRepositoryInterface,
+} = require('./health-check-repository-interface');
+class HealthCheckRepositoryMongoDB extends HealthCheckRepositoryInterface {
+    /**
+     * @param {Object} params
+     * @param {Object} params.prismaClient - Prisma client instance
+     */
+    constructor({ prismaClient }) {
+        super();
+        this.prisma = prismaClient;
+    }
+    /**
+     * @returns {Promise<{readyState: number, stateName: string, isConnected: boolean}>}
+     */
+    async getDatabaseConnectionState() {
+        let isConnected = false;
+        let stateName = 'unknown';
+        try {
+            await this.prisma.$runCommandRaw({ ping: 1 });
+            isConnected = true;
+            stateName = 'connected';
+        } catch (error) {
+            stateName = 'disconnected';
+        }
+        return {
+            readyState: isConnected ? 1 : 0,
+            stateName,
+            isConnected,
+        };
+    }
+    async pingDatabase(maxTimeMS = 2000) {
+        const pingStart = Date.now();
+        let timeoutId;
+        const timeoutPromise = new Promise((_, reject) => {
+            timeoutId = setTimeout(() => reject(new Error('Database ping timeout')), maxTimeMS);
+        });
+        try {
+            await Promise.race([
+                this.prisma.$runCommandRaw({ ping: 1 }),
+                timeoutPromise
+            ]);
+            return Date.now() - pingStart;
+        } finally {
+            clearTimeout(timeoutId);
+        }
+    }
+    async createCredential(credentialData) {
+        return await this.prisma.credential.create({
+            data: credentialData,
+        });
+    }
+    async findCredentialById(id) {
+        return await this.prisma.credential.findUnique({
+            where: { id },
+        });
+    }
+    /**
+     * Get raw credential from database bypassing Prisma encryption extension.
+     * Uses findRaw() to query MongoDB directly.
+     * @param {string} id
+     * @returns {Promise<Object|null>}
+     */
+    async getRawCredentialById(id) {
+        if (!id) return null;
+        const results = await this.prisma.credential.findRaw({
+            filter: { _id: { $oid: id } },
+        });
+        return results[0] || null;
+    }
+    async deleteCredential(id) {
+        await this.prisma.credential.delete({
+            where: { id },
+        });
+    }
+}
+module.exports = { HealthCheckRepositoryMongoDB };

package/database/repositories/health-check-repository-postgres.js ADDED Viewed

@@ -0,0 +1,82 @@
+const {
+    HealthCheckRepositoryInterface,
+} = require('./health-check-repository-interface');
+class HealthCheckRepositoryPostgreSQL extends HealthCheckRepositoryInterface {
+    /**
+     * @param {Object} params
+     * @param {Object} params.prismaClient - Prisma client instance
+     */
+    constructor({ prismaClient }) {
+        super();
+        this.prisma = prismaClient;
+    }
+    /**
+     * @returns {Promise<{readyState: number, stateName: string, isConnected: boolean}>}
+     */
+    async getDatabaseConnectionState() {
+        let isConnected = false;
+        let stateName = 'unknown';
+        try {
+            await this.prisma.$queryRaw`SELECT 1`;
+            isConnected = true;
+            stateName = 'connected';
+        } catch (error) {
+            stateName = 'disconnected';
+        }
+        return {
+            readyState: isConnected ? 1 : 0,
+            stateName,
+            isConnected,
+        };
+    }
+    /**
+     * @param {number} maxTimeMS
+     * @returns {Promise<number>} Response time in milliseconds
+     */
+    async pingDatabase(maxTimeMS = 2000) {
+        const pingStart = Date.now();
+        await this.prisma.$queryRaw`SELECT 1`;
+        return Date.now() - pingStart;
+    }
+    async createCredential(credentialData) {
+        return await this.prisma.credential.create({
+            data: credentialData,
+        });
+    }
+    async findCredentialById(id) {
+        return await this.prisma.credential.findUnique({
+            where: { id },
+        });
+    }
+    /**
+     * @param {string} id
+     * @returns {Promise<Object|null>}
+     */
+    async getRawCredentialById(id) {
+        const results = await this.prisma.$queryRaw`
+            SELECT * FROM "Credential" WHERE id = ${id}
+        `;
+        if (!results || results.length === 0) {
+            return null;
+        }
+        return results[0];
+    }
+    async deleteCredential(id) {
+        await this.prisma.credential.delete({
+            where: { id },
+        });
+    }
+}
+module.exports = { HealthCheckRepositoryPostgreSQL };

package/database/repositories/migration-status-repository-s3.js ADDED Viewed

@@ -0,0 +1,137 @@
+/**
+ * Migration Status Repository - S3 Storage
+ *
+ * Infrastructure Layer - Hexagonal Architecture
+ *
+ * Stores migration status in S3 to avoid chicken-and-egg dependency on User/Process tables.
+ * Initial database migrations can't use Process table (requires User FK which doesn't exist yet).
+ */
+const { S3Client, PutObjectCommand, GetObjectCommand } = require('@aws-sdk/client-s3');
+const { randomUUID } = require('crypto');
+class MigrationStatusRepositoryS3 {
+    /**
+     * @param {string} bucketName - S3 bucket name for migration status storage
+     * @param {S3Client} s3Client - Optional S3 client (for testing)
+     */
+    constructor(bucketName, s3Client = null) {
+        this.bucketName = bucketName;
+        this.s3Client = s3Client || new S3Client({ region: process.env.AWS_REGION || 'us-east-1' });
+    }
+    /**
+     * Build S3 key for migration status
+     * @param {string} migrationId - Migration identifier
+     * @param {string} stage - Deployment stage
+     * @returns {string} S3 key
+     */
+    _buildS3Key(migrationId, stage) {
+        return `migrations/${stage}/${migrationId}.json`;
+    }
+    /**
+     * Create new migration status record
+     * @param {Object} data - Migration data
+     * @param {string} [data.migrationId] - Migration ID (generates UUID if not provided)
+     * @param {string} data.stage - Deployment stage
+     * @param {string} [data.triggeredBy] - User or system that triggered migration
+     * @param {string} [data.triggeredAt] - ISO timestamp
+     * @returns {Promise<Object>} Created migration status
+     */
+    async create(data) {
+        const migrationId = data.migrationId || randomUUID();
+        const timestamp = data.triggeredAt || new Date().toISOString();
+        const status = {
+            migrationId,
+            stage: data.stage,
+            state: 'INITIALIZING',
+            progress: 0,
+            triggeredBy: data.triggeredBy || 'system',
+            triggeredAt: timestamp,
+            createdAt: timestamp,
+            updatedAt: timestamp,
+        };
+        const key = this._buildS3Key(migrationId, data.stage);
+        await this.s3Client.send(
+            new PutObjectCommand({
+                Bucket: this.bucketName,
+                Key: key,
+                Body: JSON.stringify(status, null, 2),
+                ContentType: 'application/json',
+            })
+        );
+        return status;
+    }
+    /**
+     * Update existing migration status
+     * @param {Object} data - Update data
+     * @param {string} data.migrationId - Migration ID
+     * @param {string} data.stage - Deployment stage
+     * @param {string} [data.state] - New state
+     * @param {number} [data.progress] - Progress percentage (0-100)
+     * @param {string} [data.error] - Error message if failed
+     * @param {string} [data.completedAt] - Completion timestamp
+     * @returns {Promise<Object>} Updated migration status
+     */
+    async update(data) {
+        const key = this._buildS3Key(data.migrationId, data.stage);
+        // Get existing status
+        const existing = await this.get(data.migrationId, data.stage);
+        // Merge updates
+        const updated = {
+            ...existing,
+            ...data,
+            updatedAt: new Date().toISOString(),
+        };
+        await this.s3Client.send(
+            new PutObjectCommand({
+                Bucket: this.bucketName,
+                Key: key,
+                Body: JSON.stringify(updated, null, 2),
+                ContentType: 'application/json',
+            })
+        );
+        return updated;
+    }
+    /**
+     * Get migration status by ID
+     * @param {string} migrationId - Migration ID
+     * @param {string} stage - Deployment stage
+     * @returns {Promise<Object>} Migration status
+     * @throws {Error} If migration not found
+     */
+    async get(migrationId, stage) {
+        const key = this._buildS3Key(migrationId, stage);
+        try {
+            const response = await this.s3Client.send(
+                new GetObjectCommand({
+                    Bucket: this.bucketName,
+                    Key: key,
+                })
+            );
+            const body = await response.Body.transformToString();
+            return JSON.parse(body);
+        } catch (error) {
+            if (error.name === 'NoSuchKey') {
+                throw new Error(`Migration not found: ${migrationId}`);
+            }
+            throw error;
+        }
+    }
+}
+module.exports = { MigrationStatusRepositoryS3 };

package/database/use-cases/check-database-health-use-case.js ADDED Viewed

@@ -0,0 +1,29 @@
+class CheckDatabaseHealthUseCase {
+    /**
+     * @param {Object} params
+     * @param {import('../repositories/health-check-repository-interface').HealthCheckRepositoryInterface} params.healthCheckRepository
+     */
+    constructor({ healthCheckRepository }) {
+        this.repository = healthCheckRepository;
+    }
+    /**
+     * @returns {Promise<{status: string, state: string, responseTime?: number}>}
+     */
+    async execute() {
+        const { stateName, isConnected } = await this.repository.getDatabaseConnectionState();
+        const result = {
+            status: isConnected ? 'healthy' : 'unhealthy',
+            state: stateName,
+        };
+        if (isConnected) {
+            result.responseTime = await this.repository.pingDatabase(2000);
+        }
+        return result;
+    }
+}
+module.exports = { CheckDatabaseHealthUseCase };

package/database/use-cases/check-database-state-use-case.js ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * Check Database State Use Case
+ *
+ * Domain logic for checking database state (pending migrations, errors, etc).
+ * Does NOT trigger migrations, just reports current state.
+ *
+ * Architecture: Hexagonal/Clean
+ * - Use Case (Domain Layer)
+ * - Depends on prismaRunner (Infrastructure abstraction)
+ * - Called by Router or other Use Cases (Adapter Layer)
+ */
+class ValidationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ValidationError';
+    }
+}
+class CheckDatabaseStateUseCase {
+    /**
+     * @param {Object} dependencies
+     * @param {Object} dependencies.prismaRunner - Prisma runner utility
+     */
+    constructor({ prismaRunner }) {
+        if (!prismaRunner) {
+            throw new Error('prismaRunner dependency is required');
+        }
+        this.prismaRunner = prismaRunner;
+    }
+    /**
+     * Execute check migration status
+     *
+     * @param {string} dbType - Database type (postgresql, mongodb, or documentdb)
+     * @param {string} stage - Deployment stage (default: 'production')
+     * @returns {Promise<Object>} Migration status
+     */
+    async execute(dbType, stage = 'production') {
+        // Validate inputs
+        if (!dbType) {
+            throw new ValidationError('dbType is required');
+        }
+        if (!['postgresql', 'mongodb', 'documentdb'].includes(dbType)) {
+            throw new ValidationError('dbType must be postgresql, mongodb, or documentdb');
+        }
+        console.log(`Checking migration status for ${dbType} in ${stage}`);
+        // Check database state using Prisma
+        const state = await this.prismaRunner.checkDatabaseState(dbType);
+        // Build response
+        const response = {
+            upToDate: state.upToDate,
+            pendingMigrations: state.pendingMigrations || 0,
+            dbType,
+            stage,
+        };
+        // Add error if present
+        if (state.error) {
+            response.error = state.error;
+            response.recommendation = 'Run POST /db-migrate to initialize database';
+        }
+        // Add recommendation if migrations pending
+        if (!state.upToDate && state.pendingMigrations > 0) {
+            response.recommendation = `Run POST /db-migrate to apply ${state.pendingMigrations} pending migration(s)`;
+        }
+        return response;
+    }
+}
+module.exports = {
+    CheckDatabaseStateUseCase,
+    ValidationError,
+};

package/database/use-cases/check-encryption-health-use-case.js ADDED Viewed

@@ -0,0 +1,83 @@
+class CheckEncryptionHealthUseCase {
+    constructor({ testEncryptionUseCase }) {
+        this.testEncryptionUseCase = testEncryptionUseCase;
+    }
+    async execute() {
+        const config = this._getEncryptionConfiguration();
+        if (config.isBypassed || config.mode === 'none') {
+            const testResult = config.isBypassed
+                ? 'Encryption bypassed for this stage'
+                : 'No encryption keys configured';
+            return {
+                status: 'disabled',
+                mode: config.mode,
+                bypassed: config.isBypassed,
+                stage: config.stage,
+                testResult,
+                encryptionWorks: false,
+                debug: {
+                    hasKMS: config.hasKMS,
+                    hasAES: config.hasAES,
+                },
+            };
+        }
+        try {
+            const testResults = await this.testEncryptionUseCase.execute();
+            return {
+                ...testResults,
+                mode: config.mode,
+                bypassed: config.isBypassed,
+                stage: config.stage,
+                debug: {
+                    hasKMS: config.hasKMS,
+                    hasAES: config.hasAES,
+                },
+            };
+        } catch (error) {
+            return {
+                status: 'unhealthy',
+                mode: config.mode,
+                bypassed: config.isBypassed,
+                stage: config.stage,
+                testResult: `Encryption test failed: ${error.message}`,
+                encryptionWorks: false,
+                debug: {
+                    hasKMS: config.hasKMS,
+                    hasAES: config.hasAES,
+                },
+            };
+        }
+    }
+    _getEncryptionConfiguration() {
+        const { STAGE, BYPASS_ENCRYPTION_STAGE, KMS_KEY_ARN, AES_KEY_ID } =
+            process.env;
+        const defaultBypassStages = ['dev', 'test', 'local'];
+        const useEnv = BYPASS_ENCRYPTION_STAGE !== undefined;
+        const bypassStages = useEnv
+            ? BYPASS_ENCRYPTION_STAGE.split(',').map((s) => s.trim())
+            : defaultBypassStages;
+        const isBypassed = bypassStages.includes(STAGE);
+        const hasAES = AES_KEY_ID && AES_KEY_ID.trim() !== '';
+        const hasKMS = KMS_KEY_ARN && KMS_KEY_ARN.trim() !== '';
+        // Prefer KMS over AES when both are configured (KMS is more secure)
+        const mode = hasKMS ? 'kms' : hasAES ? 'aes' : 'none';
+        return {
+            stage: STAGE || null,
+            isBypassed,
+            hasAES,
+            hasKMS,
+            mode,
+        };
+    }
+}
+module.exports = { CheckEncryptionHealthUseCase };

package/database/use-cases/get-database-state-via-worker-use-case.js ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * Get Database State Via Worker Use Case
+ *
+ * Domain logic for getting database state by invoking the worker Lambda.
+ * This use case delegates to the worker Lambda which has Prisma CLI installed,
+ * keeping the router Lambda lightweight.
+ *
+ * Architecture: Hexagonal/Clean
+ * - Use Case (Domain Layer)
+ * - Depends on LambdaInvoker (Infrastructure abstraction)
+ * - Called by Router (Adapter Layer)
+ */
+/**
+ * Domain Use Case: Get database state by invoking worker Lambda
+ *
+ * This use case delegates database state checking to the worker Lambda,
+ * which has Prisma CLI installed. Keeps the router Lambda lightweight.
+ */
+class GetDatabaseStateViaWorkerUseCase {
+    /**
+     * @param {Object} dependencies
+     * @param {LambdaInvoker} dependencies.lambdaInvoker - Lambda invocation adapter
+     * @param {string} dependencies.workerFunctionName - Worker Lambda function name
+     */
+    constructor({ lambdaInvoker, workerFunctionName }) {
+        if (!lambdaInvoker) {
+            throw new Error('lambdaInvoker dependency is required');
+        }
+        if (!workerFunctionName) {
+            throw new Error('workerFunctionName is required');
+        }
+        this.lambdaInvoker = lambdaInvoker;
+        this.workerFunctionName = workerFunctionName;
+    }
+    /**
+     * Execute database state check via worker Lambda
+     *
+     * @param {string} stage - Deployment stage (prod, dev, etc)
+     * @returns {Promise<Object>} Database state result
+     */
+    async execute(stage = 'production') {
+        const dbType = process.env.DB_TYPE || 'postgresql';
+        console.log(`Invoking worker Lambda to check database state: ${this.workerFunctionName}`);
+        // Invoke worker Lambda with checkStatus action
+        const result = await this.lambdaInvoker.invoke(this.workerFunctionName, {
+            action: 'checkStatus',
+            dbType,
+            stage,
+        });
+        return result;
+    }
+}
+module.exports = { GetDatabaseStateViaWorkerUseCase };