@gencow/core 0.1.21 → 0.1.23

package/dist/scheduler.js

@@ -11,8 +11,9 @@ export function getSchedulerInfo() {
         failedJobs: _failedJobs,
     };
 }
-export function createScheduler() {
+export function createScheduler(options) {
     const timers = new Map();
+    const isDurable = !!(options?.persistJob && options?.removeJob);
     const cronJobs = new Map();
     const actions = new Map();
     let jobCounter = 0;
@@ -42,51 +43,75 @@ export function createScheduler() {
         await handler(args);
         console.log(`[scheduler] Action "${action}" completed`);
     }
+    /** @internal 인메모리 setTimeout 기반 스케줄링 (로컬 dev + durable fallback) */
+    function scheduleInMemory(id, ms, action, args, scheduleOpts, jobEntry) {
+        const timer = setTimeout(async () => {
+            jobEntry.status = "running";
+            try {
+                await executeAction(action, args);
+                jobEntry.status = "completed";
+            }
+            catch (error) {
+                const err = error instanceof Error ? error : new Error(String(error));
+                jobEntry.status = "failed";
+                console.error(`[scheduler] Action "${action}" failed (job: ${id}):`, err.message);
+                // 실패 기록 보관 (dead-letter)
+                recordFailure(id, action, args, err);
+                // onError 콜백 실행 — 다른 action에 에러 정보 전달
+                if (scheduleOpts?.onError) {
+                    try {
+                        await executeAction(scheduleOpts.onError, {
+                            failedAction: action,
+                            failedJobId: id,
+                            error: err.message,
+                            originalArgs: args,
+                        });
+                        console.log(`[scheduler] onError handler "${scheduleOpts.onError}" completed for "${action}"`);
+                    }
+                    catch (onErrorErr) {
+                        console.error(`[scheduler] onError handler "${scheduleOpts.onError}" also failed:`, onErrorErr);
+                    }
+                }
+            }
+            finally {
+                timers.delete(id);
+                // completed/failed 기록은 잠시 유지 후 정리 (status 조회 가능하도록)
+                setTimeout(() => {
+                    const idx = _pendingJobs.findIndex((j) => j.id === id);
+                    if (idx >= 0)
+                        _pendingJobs.splice(idx, 1);
+                }, 60_000); // 1분 후 정리
+            }
+        }, ms);
+        timers.set(id, timer);
+        console.log(`[scheduler] Scheduled "${action}" to run after ${ms}ms (id: ${id})${scheduleOpts?.onError ? ` [onError: ${scheduleOpts.onError}]` : ""}`);
+    }
     return {
-        runAfter(ms, action, args, options) {
+        runAfter(ms, action, args, scheduleOpts) {
             const id = generateId();
             const jobEntry = { id, action, scheduledAt: new Date().toISOString(), status: "pending" };
             _pendingJobs.push(jobEntry);
-            const timer = setTimeout(async () => {
-                jobEntry.status = "running";
-                try {
-                    await executeAction(action, args);
-                    jobEntry.status = "completed";
-                }
-                catch (error) {
-                    const err = error instanceof Error ? error : new Error(String(error));
-                    jobEntry.status = "failed";
-                    console.error(`[scheduler] Action "${action}" failed (job: ${id}):`, err.message);
-                    // 실패 기록 보관 (dead-letter)
-                    recordFailure(id, action, args, err);
-                    // onError 콜백 실행 — 다른 action에 에러 정보 전달
-                    if (options?.onError) {
-                        try {
-                            await executeAction(options.onError, {
-                                failedAction: action,
-                                failedJobId: id,
-                                error: err.message,
-                                originalArgs: args,
-                            });
-                            console.log(`[scheduler] onError handler "${options.onError}" completed for "${action}"`);
-                        }
-                        catch (onErrorErr) {
-                            console.error(`[scheduler] onError handler "${options.onError}" also failed:`, onErrorErr);
-                        }
-                    }
-                }
-                finally {
-                    timers.delete(id);
-                    // completed/failed 기록은 잠시 유지 후 정리 (status 조회 가능하도록)
-                    setTimeout(() => {
-                        const idx = _pendingJobs.findIndex((j) => j.id === id);
-                        if (idx >= 0)
-                            _pendingJobs.splice(idx, 1);
-                    }, 60_000); // 1분 후 정리
-                }
-            }, ms);
-            timers.set(id, timer);
-            console.log(`[scheduler] Scheduled "${action}" to run after ${ms}ms (id: ${id})${options?.onError ? ` [onError: ${options.onError}]` : ""}`);
+            // ── Durable mode: DB에 영속화, 실행은 외부 폴러에 위임 ──
+            if (isDurable) {
+                const runAt = new Date(Date.now() + ms);
+                options.persistJob({
+                    id,
+                    action,
+                    args: args ?? {},
+                    runAt,
+                    onErrorAction: scheduleOpts?.onError,
+                }).then(() => {
+                    console.log(`[scheduler] Persisted "${action}" to run at ${runAt.toISOString()} (id: ${id}, durable)` +
+                        `${scheduleOpts?.onError ? ` [onError: ${scheduleOpts.onError}]` : ""}`);
+                }).catch((err) => {
+                    console.error(`[scheduler] Failed to persist job ${id}:`, err instanceof Error ? err.message : err);
+                    // DB persist 실패 → 인메모리 fallback
+                    scheduleInMemory(id, ms, action, args, scheduleOpts, jobEntry);
+                });
+                return id;
+            }
+            // ── 인메모리 mode: 기존 setTimeout 동작 ──
+            scheduleInMemory(id, ms, action, args, scheduleOpts, jobEntry);
             return id;
         },
         runAt(timestamp, action, args, options) {
@@ -95,6 +120,22 @@ export function createScheduler() {
             return this.runAfter(ms, action, args, options);
         },
         cancel(jobId) {
+            // ── Durable mode: DB에서도 제거 ──
+            if (isDurable) {
+                const idx = _pendingJobs.findIndex((j) => j.id === jobId);
+                if (idx >= 0) {
+                    _pendingJobs.splice(idx, 1);
+                    options.removeJob(jobId).catch((err) => {
+                        console.error(`[scheduler] Failed to remove persisted job ${jobId}:`, err instanceof Error ? err.message : err);
+                    });
+                    console.log(`[scheduler] Cancelled job ${jobId} (durable)`);
+                    return true;
+                }
+                // pendingJobs에 없어도 DB에는 있을 수 있으므로 삭제 시도
+                options.removeJob(jobId).catch(() => { });
+                return false;
+            }
+            // ── 인메모리 mode ──
             const timer = timers.get(jobId);
             if (timer) {
                 clearTimeout(timer);

package/dist/server.d.ts

@@ -5,8 +5,8 @@
  * executing server. Excluded from client-side core (`index.ts`) so they aren't
  * bundled into user functions which run in Firecracker.
  */
-export { createDb } from "./db";
-export { createStorage, storageRoutes } from "./storage";
-export type { StorageImageTierConfig } from "./storage";
-export { createScheduler, getSchedulerInfo } from "./scheduler";
-export { authMiddleware, authRoutes, getUsers } from "./auth";
+export { createDb } from "./db.js";
+export { createStorage, storageRoutes } from "./storage.js";
+export type { StorageImageTierConfig } from "./storage.js";
+export { createScheduler, getSchedulerInfo } from "./scheduler.js";
+export { authMiddleware, authRoutes, getUsers } from "./auth.js";

package/dist/server.js

@@ -5,7 +5,7 @@
  * executing server. Excluded from client-side core (`index.ts`) so they aren't
  * bundled into user functions which run in Firecracker.
  */
-export { createDb } from "./db";
-export { createStorage, storageRoutes } from "./storage";
-export { createScheduler, getSchedulerInfo } from "./scheduler";
-export { authMiddleware, authRoutes, getUsers } from "./auth";
+export { createDb } from "./db.js";
+export { createStorage, storageRoutes } from "./storage.js";
+export { createScheduler, getSchedulerInfo } from "./scheduler.js";
+export { authMiddleware, authRoutes, getUsers } from "./auth.js";

package/package.json

@@ -1,45 +1,46 @@
 {
-  "name": "@gencow/core",
-  "version": "0.1.21",
-  "description": "Gencow core library — defineQuery, defineMutation, reactive subscriptions",
-  "type": "module",
-  "main": "dist/index.js",
-  "types": "dist/index.d.ts",
-  "exports": {
-    ".": {
-      "import": "./dist/index.js",
-      "require": "./dist/index.js",
-      "types": "./dist/index.d.ts"
+    "name": "@gencow/core",
+    "version": "0.1.23",
+    "description": "Gencow core library — defineQuery, defineMutation, reactive subscriptions",
+    "type": "module",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "exports": {
+        ".": {
+            "import": "./dist/index.js",
+            "require": "./dist/index.js",
+            "types": "./dist/index.d.ts"
+        },
+        "./server": {
+            "import": "./dist/server.js",
+            "require": "./dist/server.js",
+            "types": "./dist/server.d.ts"
+        }
     },
-    "./server": {
-      "import": "./dist/server.js",
-      "require": "./dist/server.js",
-      "types": "./dist/server.d.ts"
+    "files": [
+        "dist/",
+        "src/"
+    ],
+    "scripts": {
+        "db:generate:fixture-basic": "drizzle-kit generate --config ./src/__tests__/fixtures/basic/drizzle.config.ts",
+        "build": "tsc",
+        "typecheck": "tsc --noEmit",
+        "prepublishOnly": "npm run build",
+        "postinstall": "tsc"
+    },
+    "dependencies": {
+        "@electric-sql/pglite": "^0.3.15",
+        "drizzle-orm": "^0.45.1",
+        "hono": "^4.12.0",
+        "node-cron": "^4.2.1"
+    },
+    "devDependencies": {
+        "@types/bun": "^1.3.9",
+        "@types/node": "^25.3.0",
+        "@types/node-cron": "^3.0.11",
+        "drizzle-kit": "^0.31.10",
+        "drizzle-seed": "^0.3.1",
+        "typescript": "^5.9.3",
+        "uuid": "^13.0.0"
     }
-  },
-  "files": [
-    "dist/",
-    "src/"
-  ],
-  "dependencies": {
-    "@electric-sql/pglite": "^0.3.15",
-    "drizzle-orm": "^0.45.1",
-    "hono": "^4.12.0",
-    "node-cron": "^4.2.1"
-  },
-  "devDependencies": {
-    "@types/bun": "^1.3.9",
-    "@types/node": "^25.3.0",
-    "@types/node-cron": "^3.0.11",
-    "drizzle-kit": "^0.31.10",
-    "drizzle-seed": "^0.3.1",
-    "typescript": "^5.9.3",
-    "uuid": "^13.0.0"
-  },
-  "scripts": {
-    "db:generate:fixture-basic": "drizzle-kit generate --config ./src/__tests__/fixtures/basic/drizzle.config.ts",
-    "build": "tsc",
-    "typecheck": "tsc --noEmit",
-    "postinstall": "tsc"
-  }
-}
+}

package/src/__tests__/crud-owner-rls.test.ts

@@ -236,17 +236,17 @@ describe("crud() + ownerRls — 데이터 격리", () => {
         expect(values.userId).toBe("user-A");
     });
 
-    it("create: 사용자가 임의의 userId를 주입 시도해도 강제 덮어씀 (보안)", async () => {
+    it("create: 타인 user_id 주입 시도는 거부되고 insert까지 가지 않음 (보안)", async () => {
         const mutations = getRegisteredMutations();
         const createDef = mutations.find((m: any) => m.name === "rls_tasks.create");
 
         const { ctx, getCapturedValues } = createMockCtx("user-A");
-        // 해커가 user_id를 "hacker-id"로 조작 시도
-        await createDef!.handler(ctx, { title: "Spoofed", user_id: "hacker-id" });
+        // 해커가 user_id를 "hacker-id"로 조작 시도 — Layer 1은 즉시 Forbidden (덮어쓰기 전 차단)
+        await expect(
+            createDef!.handler(ctx, { title: "Spoofed", user_id: "hacker-id" }),
+        ).rejects.toThrow("Forbidden: cannot create resource for another user");
 
-        const values = getCapturedValues();
-        // 인증된 사용자 ID로 강제 덮어씀 (JS 프로퍼티명)
-        expect(values.userId).toBe("user-A");
+        expect(getCapturedValues()).toBeNull();
     });
 
     // ── update 격리 ──

package/src/__tests__/fixtures/basic/migrations/{0000_faithful_silver_sable.sql → 0000_last_warstar.sql}

@@ -1,3 +1,11 @@
+CREATE TABLE "news" (
+	"id" text PRIMARY KEY NOT NULL,
+	"title" text NOT NULL,
+	"user_id" text NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"updated_at" timestamp DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
 CREATE TABLE "tasks" (
 	"id" text PRIMARY KEY NOT NULL,
 	"title" text NOT NULL,
@@ -57,6 +65,7 @@ CREATE TABLE "verification" (
 	"updated_at" timestamp DEFAULT now()
 );
 --> statement-breakpoint
+ALTER TABLE "news" ADD CONSTRAINT "news_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "tasks" ADD CONSTRAINT "tasks_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "account" ADD CONSTRAINT "account_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "session" ADD CONSTRAINT "session_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint

package/src/__tests__/fixtures/basic/migrations/meta/0000_snapshot.json

@@ -1,9 +1,68 @@
 {
-  "id": "5dae5382-aa29-4251-9a52-0df4786c5100",
+  "id": "d57dfdaa-8d90-493e-834f-580b33548adc",
   "prevId": "00000000-0000-0000-0000-000000000000",
   "version": "7",
   "dialect": "postgresql",
   "tables": {
+    "public.news": {
+      "name": "news",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "title": {
+          "name": "title",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "news_user_id_user_id_fk": {
+          "name": "news_user_id_user_id_fk",
+          "tableFrom": "news",
+          "tableTo": "user",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
     "public.tasks": {
       "name": "tasks",
       "schema": "",

package/src/__tests__/fixtures/basic/migrations/meta/_journal.json

@@ -5,8 +5,8 @@
     {
       "idx": 0,
       "version": "7",
-      "when": 1776143474320,
-      "tag": "0000_faithful_silver_sable",
+      "when": 1776398037133,
+      "tag": "0000_last_warstar",
       "breakpoints": true
     }
   ]

package/src/__tests__/fixtures/basic/schema.ts

@@ -7,13 +7,13 @@
  *
  * 변경 후: gencow dev가 자동 반영
  */
-import { ownerRls } from "../../../rls";
+import { ownerRls } from "../../../rls.js";
 import { pgTable } from "drizzle-orm/pg-core";
 import { text, boolean, timestamp } from "drizzle-orm/pg-core";
-import { user } from "../common/auth-schema";
+import { user } from "../common/auth-schema.js";
 import { v4 as uuidv4 } from "uuid";
 
-export { user } from "../common/auth-schema";
+export { user } from "../common/auth-schema.js";
 
 export const tasks = pgTable(
   "tasks",
@@ -33,3 +33,19 @@ export const tasks = pgTable(
   },
   (t) => ownerRls(t.userId)
 );
+
+/**
+ * Public-ish content table **without** `ownerRls()` — no PostgreSQL RLS policies; used for
+ * `crud(..., { public: true })` + no-DB-RLS integration tests.
+ */
+export const news = pgTable("news", {
+  id: text("id")
+    .primaryKey()
+    .$defaultFn(() => uuidv4()),
+  title: text("title").notNull(),
+  userId: text("user_id")
+    .notNull()
+    .references(() => user.id, { onDelete: "cascade" }),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at").defaultNow().notNull(),
+});

package/src/__tests__/helpers/basic-rls-fixture.ts

@@ -0,0 +1,133 @@
+/**
+ * Shared PGlite + `fixtures/basic` schema seed + RLS app role for integration tests.
+ */
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+import type { InferSelectModel } from "drizzle-orm";
+import { getTableName, sql } from "drizzle-orm";
+import type { PgTable } from "drizzle-orm/pg-core";
+import { PGlite } from "@electric-sql/pglite";
+import { drizzle } from "drizzle-orm/pglite";
+
+import type { UserIdentity } from "../../reactive.js";
+import { news, tasks, user } from "../fixtures/basic/schema.js";
+import { createPgliteRlsAppRole, DEFAULT_PGLITE_RLS_APP_ROLE, setPgliteSessionRole } from "./pglite-rls-session.js";
+import { loadAndApplyMigrations } from "./pglite-migrations.js";
+import { fillPartialRowsForInsert } from "./seed-like-fill.js";
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+
+export const basicFixtureUsers = [
+    { id: "us_000", name: "User 0", email: "user-0@s.com", emailVerified: true },
+    { id: "us_001", name: "User 1", email: "user-1@s.com", emailVerified: true },
+];
+
+/** Stable ids/titles; overlaps across users for search / RLS tests. */
+export const basicFixtureTasks = [
+    {
+        id: "tk-000",
+        userId: basicFixtureUsers[0].id,
+        done: false,
+        title: "Project Alpha — Q4 review prep",
+    },
+    {
+        id: "tk-001",
+        userId: basicFixtureUsers[1].id,
+        done: true,
+        title: "Project Alpha — teammate handoff",
+    },
+    {
+        id: "tk-002",
+        userId: basicFixtureUsers[0].id,
+        done: false,
+        title: "Project Alpha — backlog grooming",
+    },
+    {
+        id: "tk-003",
+        userId: basicFixtureUsers[0].id,
+        done: false,
+        title: "Quarterly planning — Q4",
+    },
+    {
+        id: "tk-004",
+        userId: basicFixtureUsers[1].id,
+        done: false,
+        title: "Project Beta — API docs",
+    },
+    {
+        id: "tk-005",
+        userId: basicFixtureUsers[1].id,
+        done: false,
+        title: "Project Gamma — research notes",
+    },
+    {
+        id: "tk-006",
+        userId: basicFixtureUsers[0].id,
+        done: false,
+        title: "Project Beta — spike",
+    },
+];
+
+/** No `ownerRls()` — two rows for user0 / user1 (no DB RLS on `news`). */
+export const basicFixtureNews = [
+    { id: "nw-000", userId: basicFixtureUsers[0].id, title: "owned by user0" },
+    { id: "nw-001", userId: basicFixtureUsers[1].id, title: "owned by user1" },
+];
+
+export const basicUser0Identity = {
+    id: basicFixtureUsers[0].id,
+    email: basicFixtureUsers[0].email,
+} satisfies UserIdentity;
+
+export const basicUser1Identity = {
+    id: basicFixtureUsers[1].id,
+    email: basicFixtureUsers[1].email,
+} satisfies UserIdentity;
+
+export type BasicTaskRow = InferSelectModel<typeof tasks>;
+export type BasicNewsRow = InferSelectModel<typeof news>;
+
+/**
+ * Bootstrap user migrations, seed users/tasks as table owner, then `SET ROLE` to non-owner app role
+ * so PostgreSQL RLS policies apply (same as `rls-crud-basic.test.ts`).
+ */
+export async function createBasicRlsEnvironment(): Promise<{
+    client: PGlite;
+    db: ReturnType<typeof drizzle>;
+    taskRows: BasicTaskRow[];
+}> {
+    const client = new PGlite();
+    await client.waitReady;
+    await loadAndApplyMigrations(client, join(__dirname, "../fixtures/basic/migrations"));
+    const db = drizzle(client);
+    await db.insert(user).values(fillPartialRowsForInsert(user, basicFixtureUsers));
+    const taskRows = fillPartialRowsForInsert(tasks, basicFixtureTasks) as BasicTaskRow[];
+    await db.insert(tasks).values(taskRows);
+    const newsRows = fillPartialRowsForInsert(news, basicFixtureNews) as BasicNewsRow[];
+    await db.insert(news).values(newsRows);
+    await createPgliteRlsAppRole(client, {
+        roleName: DEFAULT_PGLITE_RLS_APP_ROLE,
+    });
+    await setPgliteSessionRole(client, DEFAULT_PGLITE_RLS_APP_ROLE);
+    return { client, db, taskRows };
+}
+
+/** Asserts `pg_class.relrowsecurity` is false (table was never `ENABLE ROW LEVEL SECURITY`). */
+export async function assertTableRowLevelSecurityDisabled(
+    db: ReturnType<typeof drizzle>,
+    table: PgTable,
+): Promise<void> {
+    const relname = getTableName(table);
+    const q = await db.execute(sql`
+        select c.relrowsecurity as rls_enabled
+        from pg_class c
+        join pg_namespace n on n.oid = c.relnamespace
+        where n.nspname = 'public' and c.relname = ${relname}
+    `);
+    const row = (q as unknown as { rows: { rls_enabled: boolean }[] }).rows[0];
+    if (row?.rls_enabled !== false) {
+        throw new Error(
+            `expected relrowsecurity = false for public.${relname}, got ${JSON.stringify(row)}`,
+        );
+    }
+}

package/src/__tests__/helpers/test-gencow-ctx-rls.ts

@@ -7,7 +7,7 @@ export function makeTestGencowCtxWithRls(
   db: ReturnType<typeof drizzle>,
   identity: UserIdentity
 ): GencowCtx {
-  const scoped = createRlsDb(db, identity.id);
+  const scoped = createRlsDb(db, { userId: identity.id });
   return {
     db: scoped,
     unsafeDb: db,