@gencow/core 0.1.29 → 0.1.31

package/dist/auth-config.d.ts

@@ -58,6 +58,19 @@ export interface AuthEvents {
         inviteCode?: string | null;
     }, context?: AuthHookContext) => Promise<void>;
 }
+export type AuthUserFieldType = "text" | "string" | "boolean" | "integer" | "number" | "timestamp";
+export interface AuthUserField {
+    /** Scalar field type. `text` is emitted as Drizzle `text()` and better-auth `string`. */
+    type: AuthUserFieldType;
+    /** Optional database column name. Defaults to snake_case(fieldName). */
+    columnName?: string;
+    /** Whether the DB column may be null. Defaults to false when no default is provided. */
+    nullable?: boolean;
+    /** Default value for DB schema and better-auth runtime metadata. */
+    default?: string | number | boolean;
+    /** Whether signup/update input may set this field. Defaults to false for safety. */
+    input?: boolean;
+}
 export interface SocialProviderConfig {
     clientId: string;
     clientSecret: string;
@@ -107,13 +120,28 @@ export interface AuthOAuthConfig {
     /** Extra allowed frontend callback URLs for local development or multi-frontend apps. */
     allowedCallbackURLs?: string[];
 }
-export interface GencowAuthConfig {
+export interface GencowAuthBaseConfig {
     emailVerification?: AuthEmailVerification;
     socialProviders?: SocialProvidersConfig;
     oauth?: AuthOAuthConfig;
     passwordReset?: AuthPasswordReset;
     events?: AuthEvents;
 }
+export interface GencowBetterAuthConfig extends GencowAuthBaseConfig {
+    provider: "better-auth";
+    user?: {
+        /** App-specific scalar fields stored on the better-auth user table. */
+        additionalFields?: Record<string, AuthUserField>;
+    };
+    /**
+     * Escape hatch for provider-specific better-auth options/plugins.
+     */
+    betterAuth?: (defaults: Record<string, unknown>) => Record<string, unknown>;
+}
+export type GencowAuthConfig = GencowBetterAuthConfig;
+export type GencowAuthConfigInput = Omit<GencowBetterAuthConfig, "provider"> & {
+    provider?: "better-auth";
+};
 /**
  * Auth 설정 정의 헬퍼.
  *
@@ -131,4 +159,4 @@ export interface GencowAuthConfig {
  * });
  * ```
  */
-export declare function defineAuth(config: GencowAuthConfig): GencowAuthConfig;
+export declare function defineAuth(config: GencowAuthConfigInput): GencowAuthConfig;

package/dist/auth-config.js

@@ -26,5 +26,5 @@
  * ```
  */
 export function defineAuth(config) {
-    return config;
+    return { ...config, provider: config.provider ?? "better-auth" };
 }

package/dist/config.d.ts

@@ -40,6 +40,24 @@ export interface GencowDbConfig {
      */
     url?: string;
 }
+/**
+ * Code generation settings for `gencow codegen` and `gencow dev`.
+ */
+export interface GencowCodegenConfig {
+    /**
+     * Output directory for generated frontend codegen artifacts such as `api.ts`
+     * and declaration files.
+     *
+     * Default: `"./src/gencow"`
+     */
+    outDir?: string;
+    /**
+     * Whether codegen should regenerate `gencow/auth-schema.ts` from `gencow/auth.ts`.
+     *
+     * Default: `true`
+     */
+    authSchema?: boolean;
+}
 /**
  * Project configuration for `gencow.config.ts`.
  *
@@ -50,7 +68,10 @@ export interface GencowDbConfig {
  * export default defineConfig({
  *   functionsDir: "./gencow",
  *   schema: ["./gencow/schema.ts", "./gencow/auth-schema.ts"],
- *   codegenOutDir: "./src/gencow",
+ *   codegen: {
+ *     outDir: "./src/gencow",
+ *     authSchema: true,
+ *   },
  *   storage: "./.gencow/uploads",
  *   db: { url: "./.gencow/data" },
  *   port: 5456,
@@ -74,10 +95,11 @@ export interface GencowConfig {
      */
     schema?: string | string[];
     /**
-     * Output directory for generated frontend codegen artifacts such as `api.ts`
-     * and declaration files.
-     *
-     * Default: `"./src/gencow"`
+     * Code generation settings.
+     */
+    codegen?: GencowCodegenConfig;
+    /**
+     * @deprecated Use `codegen.outDir` instead.
      */
     codegenOutDir?: string;
     /**

package/dist/context.d.ts

@@ -69,39 +69,6 @@ export type RealtimeNotifyEvent = {
  * Convex의 ctx 패턴과 동일하게, 이 객체를 통해서만 DB/Storage/Auth에 접근 가능.
  * fs, child_process 등 원시 Node.js API는 노출되지 않음.
  */
-export interface AIMessage {
-    role: "user" | "system" | "assistant";
-    content: string;
-}
-export interface AIResult {
-    text: string;
-    usage: {
-        promptTokens: number;
-        completionTokens: number;
-        totalTokens: number;
-    };
-    creditsCharged: number;
-    model: string;
-}
-export interface AIContext {
-    /** AI 텍스트 생성 */
-    chat: (opts: {
-        model?: string;
-        messages: AIMessage[];
-        /** System prompt — shorthand for adding a system message */
-        system?: string;
-        temperature?: number;
-        maxTokens?: number;
-        /** Response format — e.g. { type: "json_object" } for JSON mode */
-        responseFormat?: {
-            type: string;
-        };
-    }) => Promise<AIResult>;
-    /** 텍스트 임베딩 (단일) */
-    embed: (text: string) => Promise<number[]>;
-    /** 배치 임베딩 */
-    embedMany: (texts: string[]) => Promise<number[][]>;
-}
 export interface GencowCtx {
     /** Drizzle DB 인스턴스 (scoped) — 스키마 filter 자동 적용, execute 차단 */
     db: any;
@@ -119,8 +86,6 @@ export interface GencowCtx {
     retry: <T>(fn: () => Promise<T>, options?: RetryOptions) => Promise<T>;
     /** 프레임워크 서비스 헬퍼 — workflow 전용 service는 별도 ctx에서 노출 */
     services: GencowServicesCtx;
-    /** AI 헬퍼 */
-    ai?: AIContext;
     /** Full-text / hybrid search helper */
     search: (table: string, query: string, options: SearchOptions) => Promise<SearchResponse>;
     /** Vector / semantic search helper */

package/dist/index.d.ts

@@ -4,7 +4,7 @@
  * Provides: query, mutation, storage, scheduler, auth
  * All with Convex-compatible DX patterns.
  */
-export type { GencowCtx, AuthCtx, UserIdentity, RealtimeCtx, RealtimeNotifyEvent, AIContext, AIMessage, AIResult, } from "./context.js";
+export type { GencowCtx, AuthCtx, UserIdentity, RealtimeCtx, RealtimeNotifyEvent, } from "./context.js";
 export { defineApi } from "./context.js";
 export type { QueryDef } from "./reactive-query-types.js";
 export type { MutationDef } from "./reactive-mutation-types.js";
@@ -43,9 +43,9 @@ export { filterTenantRuntimeEnvVars, isReservedTenantRuntimeEnvKey } from "./run
 export { cronJobs } from "./crons.js";
 export type { CronJobsBuilder, CronJobDef, IntervalOptions, DailyOptions, WeeklyOptions } from "./crons.js";
 export { defineAuth } from "./auth-config.js";
-export type { GencowAuthConfig, AuthEmailVerification, AuthPasswordReset, AuthEvents, AuthHookContext, AuthUserLike, AuthOAuthConfig, SocialProviderConfig, SocialProvidersConfig, KakaoConfig, NaverConfig, CustomOAuthProvider, OAuthUserInfo, } from "./auth-config.js";
+export type { AuthEmailVerification, AuthPasswordReset, AuthEvents, AuthHookContext, AuthUserLike, AuthOAuthConfig, AuthUserField, AuthUserFieldType, CustomOAuthProvider, GencowAuthConfig, GencowAuthConfigInput, GencowAuthBaseConfig, GencowBetterAuthConfig, KakaoConfig, NaverConfig, OAuthUserInfo, SocialProviderConfig, SocialProvidersConfig, } from "./auth-config.js";
 export { defineConfig } from "./config.js";
-export type { GencowConfig, GencowDbConfig, GencowDeployConfig } from "./config.js";
+export type { GencowCodegenConfig, GencowConfig, GencowDbConfig, GencowDeployConfig } from "./config.js";
 export { ownerRls, getOwnerRlsMeta, registerOwnerRls } from "./rls.js";
 export type { OwnerRlsMeta } from "./rls.js";
 export { createRlsDb } from "./rls-db.js";

package/dist/procedure-route-maps.d.ts

@@ -0,0 +1,5 @@
+import type { GencowProcedureDef } from "./procedure.js";
+export declare function collectProcedureRouteMaps(appModule: unknown): {
+    queryProcedureMap: Map<string, GencowProcedureDef<"query", any, any, any>>;
+    mutationProcedureMap: Map<string, GencowProcedureDef<"mutation", any, any, any>>;
+};

package/dist/procedure-route-maps.js

@@ -0,0 +1,37 @@
+function asProcedureDef(value) {
+    if (!value || typeof value !== "object")
+        return undefined;
+    const d = value;
+    if (d.kind !== "query" && d.kind !== "mutation")
+        return undefined;
+    if (typeof d.name !== "string" || typeof d.handler !== "function")
+        return undefined;
+    return { ...d, isPublic: d.isPublic === true };
+}
+export function collectProcedureRouteMaps(appModule) {
+    const queryProcedureMap = new Map();
+    const mutationProcedureMap = new Map();
+    if (!appModule || typeof appModule !== "object") {
+        return { queryProcedureMap, mutationProcedureMap };
+    }
+    const mod = appModule;
+    const apiCandidate = mod.default !== undefined && mod.default !== null && typeof mod.default === "object"
+        ? mod.default
+        : appModule;
+    const procedures = apiCandidate.procedures;
+    if (!procedures || typeof procedures !== "object") {
+        return { queryProcedureMap, mutationProcedureMap };
+    }
+    for (const def of Object.values(procedures)) {
+        const proc = asProcedureDef(def);
+        if (!proc)
+            continue;
+        if (proc.kind === "query") {
+            queryProcedureMap.set(proc.name, proc);
+        }
+        else {
+            mutationProcedureMap.set(proc.name, proc);
+        }
+    }
+    return { queryProcedureMap, mutationProcedureMap };
+}

package/dist/rag-schema.js

@@ -1,4 +1,4 @@
-import { bigint, boolean, doublePrecision, integer, jsonb, pgTable, text, timestamp, vector } from "drizzle-orm/pg-core";
+import { bigint, boolean, doublePrecision, integer, jsonb, pgTable, text, timestamp, vector, } from "drizzle-orm/pg-core";
 function buildScopeColumns() {
     return {
         id: text("id").primaryKey(),

package/dist/reactive-realtime.js

@@ -43,7 +43,7 @@ export function buildQuerySubscriptionKey(queryKey, args) {
     return `${queryKey}${SUBSCRIPTION_KEY_SEPARATOR}${JSON.stringify(normalized)}`;
 }
 export function subscriptionKeyMatchesQueryKey(subscriptionKey, queryKey) {
-    return subscriptionKey === queryKey || subscriptionKey.startsWith(`${queryKey}${SUBSCRIPTION_KEY_SEPARATOR}`);
+    return (subscriptionKey === queryKey || subscriptionKey.startsWith(`${queryKey}${SUBSCRIPTION_KEY_SEPARATOR}`));
 }
 export function subscribe(queryKey, ws) {
     connectedClients.add(ws);

package/dist/runtime-env-policy.js

@@ -31,12 +31,19 @@ const RESERVED_TENANT_RUNTIME_ENV_KEYS = new Set([
     "GENCOW_SHUTDOWN_MARKER_PATH",
     "GENCOW_SKIP_MIGRATION",
     "GENCOW_DB_MAX_CONNECTIONS",
+    "GENCOW_DB_IDLE_TIMEOUT_SECONDS",
+    "GENCOW_DB_CONNECTION_TIMEOUT_SECONDS",
     "GENCOW_MEMORY_MB",
     "BUN_JSC_forceRAMSize",
     "MIMALLOC_PURGE_DELAY",
     "NODE_PATH",
 ]);
-const RESERVED_TENANT_RUNTIME_ENV_PREFIXES = ["__GENCOW_", "GENCOW_DOCUMENT_", "GENCOW_TEMPLATE_", "GENCOW_WARM_"];
+const RESERVED_TENANT_RUNTIME_ENV_PREFIXES = [
+    "__GENCOW_",
+    "GENCOW_DOCUMENT_",
+    "GENCOW_TEMPLATE_",
+    "GENCOW_WARM_",
+];
 export function isReservedTenantRuntimeEnvKey(key) {
     const normalized = key.trim();
     return (RESERVED_TENANT_RUNTIME_ENV_KEYS.has(normalized) ||

package/dist/scheduler.d.ts

@@ -3,6 +3,8 @@ type ActionHandler = (args: any) => Promise<any>;
 export interface ScheduleOptions {
     /** 실패 시 호출할 action 이름 (dead-letter 패턴) */
     onError?: string;
+    /** Optional deterministic id for idempotent durable scheduling. */
+    id?: string;
 }
 /** scheduled job의 DB 영속화를 위한 콜백 */
 export interface ScheduledJobRecord {

package/dist/scheduler.js

@@ -88,7 +88,7 @@ export function createScheduler(options) {
     }
     return {
         runAfter(ms, action, args, scheduleOpts) {
-            const id = generateId();
+            const id = scheduleOpts?.id ?? generateId();
             const jobEntry = {
                 id,
                 action,

package/dist/storage.js

@@ -2,7 +2,7 @@ import * as fs from "fs/promises";
 import * as fsSync from "fs";
 import * as path from "path";
 import * as crypto from "crypto";
-import { DEFAULT_STORAGE_QUOTA, MAX_FILE_SIZE, formatBytes, loadStorageMeta, } from "./storage-shared.js";
+import { DEFAULT_STORAGE_QUOTA, MAX_FILE_SIZE, formatBytes, loadStorageMeta } from "./storage-shared.js";
 import { recordStorageImageTransform } from "./storage-metering.js";
 // ─── Implementation ─────────────────────────────────────
 const metaStore = new Map();

package/dist/workflow-json.d.ts

@@ -0,0 +1,2 @@
+import { sql } from "drizzle-orm";
+export declare function workflowJsonb(value: unknown): ReturnType<typeof sql>;

package/dist/workflow-json.js

@@ -0,0 +1,5 @@
+import { sql } from "drizzle-orm";
+export function workflowJsonb(value) {
+    const json = JSON.stringify(value ?? {});
+    return sql `${json}::text::jsonb`;
+}

package/dist/workflow.js

@@ -1,5 +1,6 @@
 import { sql } from "drizzle-orm";
 import { mutation } from "./reactive-mutation.js";
+import { workflowJsonb } from "./workflow-json.js";
 import { registerWorkflowsApi } from "./workflows-api.js";
 const workflowRegistry = (globalThis.__gencow_workflowRegistry ??= new Map());
 export const DEFAULT_WORKFLOW_MAX_DURATION_MS = 30 * 60 * 1000;
@@ -90,63 +91,60 @@ function isMissingWorkflowV2SchemaError(error) {
         message.includes('column "retry_count"') ||
         message.includes('column "user_id"'));
 }
-async function tryInsertWorkflowV2WakeOutbox(db, workflowId) {
-    try {
-        await db.execute(sql `
-      INSERT INTO _gencow_workflow_outbox_v2 (
-        id,
-        run_id,
-        kind,
-        available_at,
-        status
-      )
-      VALUES (
-        ${`start:${workflowId}`},
-        ${workflowId},
-        'wake_run',
-        NOW(),
-        'pending'
-      )
-      ON CONFLICT (id) DO NOTHING
-    `);
-    }
-    catch (error) {
-        if (!isMissingWorkflowV2SchemaError(error))
-            throw error;
-    }
-}
 async function tryInsertWorkflowV2Run(options) {
     try {
         await options.db.execute(sql `
-      INSERT INTO _gencow_workflow_runs_v2 (
-        id,
-        workflow_name,
-        workflow_version,
-        args_json,
-        user_id,
-        max_active_duration_ms,
-        lifecycle_deadline_at,
-        retry_count,
-        max_retries,
-        max_attempts
-      )
-      VALUES (
-        ${options.workflowId},
-        ${options.workflowName},
-        ${options.workflowVersion ?? null},
-        ${JSON.stringify(options.args)}::jsonb,
-        ${options.userId},
-        ${options.maxActiveDurationMs},
-        CASE
-          WHEN ${options.lifecycleTimeoutMs}::bigint IS NULL THEN NULL
-          ELSE NOW() + (${options.lifecycleTimeoutMs}::bigint * INTERVAL '1 millisecond')
-        END,
-        0,
-        ${options.maxRetries},
-        ${options.maxRetries + 1}
+      WITH inserted_run AS (
+        INSERT INTO _gencow_workflow_runs_v2 (
+          id,
+          workflow_name,
+          workflow_version,
+          args_json,
+          user_id,
+          max_active_duration_ms,
+          lifecycle_deadline_at,
+          retry_count,
+          max_retries,
+          max_attempts
+        )
+        VALUES (
+          ${options.workflowId},
+          ${options.workflowName},
+          ${options.workflowVersion ?? null},
+          ${workflowJsonb(options.args)},
+          ${options.userId},
+          ${options.maxActiveDurationMs},
+          CASE
+            WHEN ${options.lifecycleTimeoutMs}::bigint IS NULL THEN NULL
+            ELSE NOW() + (${options.lifecycleTimeoutMs}::bigint * INTERVAL '1 millisecond')
+          END,
+          0,
+          ${options.maxRetries},
+          ${options.maxRetries + 1}
+        )
+        RETURNING id
+      ),
+      inserted_outbox AS (
+        INSERT INTO _gencow_workflow_outbox_v2 (
+          id,
+          run_id,
+          kind,
+          available_at,
+          status
+        )
+        SELECT
+          'start:' || inserted_run.id,
+          inserted_run.id,
+          'wake_run',
+          NOW(),
+          'pending'
+        FROM inserted_run
+        ON CONFLICT (id) DO NOTHING
+        RETURNING id
       )
+      SELECT id
+      FROM inserted_run
     `);
-        await tryInsertWorkflowV2WakeOutbox(options.db, options.workflowId);
         return true;
     }
     catch (error) {
@@ -230,7 +228,7 @@ export function workflow(name, options) {
                 VALUES (
                     ${workflowId},
                     ${name},
-                    ${JSON.stringify(persistedArgs)}::jsonb,
+                    ${workflowJsonb(persistedArgs)},
                   ${realtimeToken},
                   'pending',
                   0,
@@ -252,7 +250,9 @@ export function workflow(name, options) {
                     lifecycleTimeoutMs,
                     maxRetries,
                 });
-                const scheduledJobId = ctx.scheduler.runAfter(0, resumeAction, { workflowId });
+                const scheduledJobId = insertedWorkflowV2
+                    ? `start:${workflowId}`
+                    : ctx.scheduler.runAfter(0, resumeAction, { workflowId });
                 return {
                     id: workflowId,
                     name,

package/dist/workflows-api.js

@@ -2,6 +2,7 @@ import { sql } from "drizzle-orm";
 import { query } from "./reactive-query.js";
 import { mutation } from "./reactive-mutation.js";
 import { createWorkflowRealtimeToken, deserializeWorkflowValue, getWorkflowResumeActionName, getWorkflowRealtimeKey, serializeWorkflowValue, } from "./workflow.js";
+import { workflowJsonb } from "./workflow-json.js";
 import { GencowValidationError, v } from "./v.js";
 import { deriveWorkflowStatus } from "./workflow-types.js";
 const WORKFLOW_STATUSES = new Set(["pending", "running", "completed", "failed"]);
@@ -160,7 +161,7 @@ async function tryRecordWorkflowV2Signal(options) {
           ${crypto.randomUUID()},
           ${options.workflowId},
           ${options.event},
-          ${JSON.stringify(options.payload)}::jsonb,
+          ${workflowJsonb(options.payload)},
           ${crypto.randomUUID()}
         )
         RETURNING run_id
@@ -297,7 +298,7 @@ export function registerWorkflowsApi() {
                     ${crypto.randomUUID()},
                     ${workflow.id},
                     ${normalizedEvent},
-                  ${JSON.stringify(persistedPayload)}::jsonb
+                  ${workflowJsonb(persistedPayload)}
                 )
             `);
             await tryRecordWorkflowV2Signal({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gencow/core",
-  "version": "0.1.29",
+  "version": "0.1.31",
   "description": "Gencow core library — defineQuery, defineMutation, reactive subscriptions",
   "type": "module",
   "main": "dist/index.js",

package/src/auth-config.ts

@@ -32,11 +32,14 @@ export interface AuthEmailVerification {
   /** 인증 완료 후 자동 로그인 (default: true) */
   autoSignInAfterVerification?: boolean;
   /** 인증 메일 발송 함수 — 사용자가 직접 구현 */
-  sendVerificationEmail: (data: {
-    user: AuthUserLike;
-    url: string;
-    token: string;
-  }, context?: AuthHookContext) => Promise<void>;
+  sendVerificationEmail: (
+    data: {
+      user: AuthUserLike;
+      url: string;
+      token: string;
+    },
+    context?: AuthHookContext,
+  ) => Promise<void>;
   /** 인증 직전 훅 — better-auth의 emailVerification.beforeEmailVerification으로 전달 */
   beforeEmailVerification?: (user: AuthUserLike, context?: AuthHookContext) => Promise<void>;
   /** 인증 완료 훅 — 환영 메일 등 idempotent 후처리에 사용 */
@@ -45,11 +48,14 @@ export interface AuthEmailVerification {
 
 export interface AuthPasswordReset {
   /** 비밀번호 재설정 메일 발송 함수 — reset URL은 반드시 사용자에게 전달되어야 한다. */
-  sendResetPassword: (data: {
-    user: AuthUserLike;
-    url: string;
-    token: string;
-  }, context?: AuthHookContext) => Promise<void>;
+  sendResetPassword: (
+    data: {
+      user: AuthUserLike;
+      url: string;
+      token: string;
+    },
+    context?: AuthHookContext,
+  ) => Promise<void>;
   /** 비밀번호 재설정 완료 후 훅 */
   onPasswordReset?: (data: { user: AuthUserLike }, context?: AuthHookContext) => Promise<void>;
   /** reset token 유효 시간(초). default: better-auth 기본값 3600초 */
@@ -58,7 +64,27 @@ export interface AuthPasswordReset {
 
 export interface AuthEvents {
   /** 회원가입 성공 후 실행. 운영 알림처럼 실패해도 가입을 막지 않아야 하는 작업에 사용. */
-  afterSignUp?: (data: { user: AuthUserLike; inviteCode?: string | null }, context?: AuthHookContext) => Promise<void>;
+  afterSignUp?: (
+    data: { user: AuthUserLike; inviteCode?: string | null },
+    context?: AuthHookContext,
+  ) => Promise<void>;
+}
+
+// ─── Custom User Fields ─────────────────────────────────
+
+export type AuthUserFieldType = "text" | "string" | "boolean" | "integer" | "number" | "timestamp";
+
+export interface AuthUserField {
+  /** Scalar field type. `text` is emitted as Drizzle `text()` and better-auth `string`. */
+  type: AuthUserFieldType;
+  /** Optional database column name. Defaults to snake_case(fieldName). */
+  columnName?: string;
+  /** Whether the DB column may be null. Defaults to false when no default is provided. */
+  nullable?: boolean;
+  /** Default value for DB schema and better-auth runtime metadata. */
+  default?: string | number | boolean;
+  /** Whether signup/update input may set this field. Defaults to false for safety. */
+  input?: boolean;
 }
 
 // ─── Social Login / OAuth ───────────────────────────────
@@ -89,7 +115,9 @@ export interface CustomOAuthProvider {
   /** Provider-specific callback override. Most apps should leave this unset. */
   redirectURI?: string;
   /** Map provider profile responses such as Naver/Kakao into better-auth user fields. */
-  mapProfileToUser?: (profile: Record<string, unknown>) => Partial<OAuthUserInfo> | Promise<Partial<OAuthUserInfo>>;
+  mapProfileToUser?: (
+    profile: Record<string, unknown>,
+  ) => Partial<OAuthUserInfo> | Promise<Partial<OAuthUserInfo>>;
 }
 
 export type KakaoConfig = SocialProviderConfig & Partial<CustomOAuthProvider>;
@@ -105,12 +133,7 @@ export type SocialProvidersConfig = {
   kakao?: KakaoConfig;
   naver?: NaverConfig;
   /** Additional OAuth providers can be configured with explicit OAuth endpoints. */
-  [providerId: string]:
-    | SocialProviderConfig
-    | KakaoConfig
-    | NaverConfig
-    | CustomOAuthProvider
-    | undefined;
+  [providerId: string]: SocialProviderConfig | KakaoConfig | NaverConfig | CustomOAuthProvider | undefined;
 };
 
 export interface AuthOAuthConfig {
@@ -125,7 +148,7 @@ export interface AuthOAuthConfig {
 
 // ─── Auth Config ─────────────────────────────────────────
 
-export interface GencowAuthConfig {
+export interface GencowAuthBaseConfig {
   emailVerification?: AuthEmailVerification;
   socialProviders?: SocialProvidersConfig;
   oauth?: AuthOAuthConfig;
@@ -136,6 +159,21 @@ export interface GencowAuthConfig {
   // sessionExpiry?: number
 }
 
+export interface GencowBetterAuthConfig extends GencowAuthBaseConfig {
+  provider: "better-auth";
+  user?: {
+    /** App-specific scalar fields stored on the better-auth user table. */
+    additionalFields?: Record<string, AuthUserField>;
+  };
+  /**
+   * Escape hatch for provider-specific better-auth options/plugins.
+   */
+  betterAuth?: (defaults: Record<string, unknown>) => Record<string, unknown>;
+}
+
+export type GencowAuthConfig = GencowBetterAuthConfig;
+export type GencowAuthConfigInput = Omit<GencowBetterAuthConfig, "provider"> & { provider?: "better-auth" };
+
 // ─── defineAuth() ────────────────────────────────────────
 
 /**
@@ -155,6 +193,6 @@ export interface GencowAuthConfig {
  * });
  * ```
  */
-export function defineAuth(config: GencowAuthConfig): GencowAuthConfig {
-  return config;
+export function defineAuth(config: GencowAuthConfigInput): GencowAuthConfig {
+  return { ...config, provider: config.provider ?? "better-auth" };
 }

package/src/config.ts

@@ -43,6 +43,26 @@ export interface GencowDbConfig {
   url?: string;
 }
 
+/**
+ * Code generation settings for `gencow codegen` and `gencow dev`.
+ */
+export interface GencowCodegenConfig {
+  /**
+   * Output directory for generated frontend codegen artifacts such as `api.ts`
+   * and declaration files.
+   *
+   * Default: `"./src/gencow"`
+   */
+  outDir?: string;
+
+  /**
+   * Whether codegen should regenerate `gencow/auth-schema.ts` from `gencow/auth.ts`.
+   *
+   * Default: `true`
+   */
+  authSchema?: boolean;
+}
+
 /**
  * Project configuration for `gencow.config.ts`.
  *
@@ -53,7 +73,10 @@ export interface GencowDbConfig {
  * export default defineConfig({
  *   functionsDir: "./gencow",
  *   schema: ["./gencow/schema.ts", "./gencow/auth-schema.ts"],
- *   codegenOutDir: "./src/gencow",
+ *   codegen: {
+ *     outDir: "./src/gencow",
+ *     authSchema: true,
+ *   },
  *   storage: "./.gencow/uploads",
  *   db: { url: "./.gencow/data" },
  *   port: 5456,
@@ -79,10 +102,12 @@ export interface GencowConfig {
   schema?: string | string[];
 
   /**
-   * Output directory for generated frontend codegen artifacts such as `api.ts`
-   * and declaration files.
-   *
-   * Default: `"./src/gencow"`
+   * Code generation settings.
+   */
+  codegen?: GencowCodegenConfig;
+
+  /**
+   * @deprecated Use `codegen.outDir` instead.
    */
   codegenOutDir?: string;
 

package/src/context.ts

@@ -78,38 +78,6 @@ export type RealtimeNotifyEvent =
  * Convex의 ctx 패턴과 동일하게, 이 객체를 통해서만 DB/Storage/Auth에 접근 가능.
  * fs, child_process 등 원시 Node.js API는 노출되지 않음.
  */
-// ─── AI Context ─────────────────────────────────────────
-
-export interface AIMessage {
-  role: "user" | "system" | "assistant";
-  content: string;
-}
-
-export interface AIResult {
-  text: string;
-  usage: { promptTokens: number; completionTokens: number; totalTokens: number };
-  creditsCharged: number;
-  model: string;
-}
-
-export interface AIContext {
-  /** AI 텍스트 생성 */
-  chat: (opts: {
-    model?: string;
-    messages: AIMessage[];
-    /** System prompt — shorthand for adding a system message */
-    system?: string;
-    temperature?: number;
-    maxTokens?: number;
-    /** Response format — e.g. { type: "json_object" } for JSON mode */
-    responseFormat?: { type: string };
-  }) => Promise<AIResult>;
-  /** 텍스트 임베딩 (단일) */
-  embed: (text: string) => Promise<number[]>;
-  /** 배치 임베딩 */
-  embedMany: (texts: string[]) => Promise<number[][]>;
-}
-
 export interface GencowCtx {
   /** Drizzle DB 인스턴스 (scoped) — 스키마 filter 자동 적용, execute 차단 */
   db: any; // typed per-app via generic
@@ -127,8 +95,6 @@ export interface GencowCtx {
   retry: <T>(fn: () => Promise<T>, options?: RetryOptions) => Promise<T>;
   /** 프레임워크 서비스 헬퍼 — workflow 전용 service는 별도 ctx에서 노출 */
   services: GencowServicesCtx;
-  /** AI 헬퍼 */
-  ai?: AIContext;
   /** Full-text / hybrid search helper */
   search: (table: string, query: string, options: SearchOptions) => Promise<SearchResponse>;
   /** Vector / semantic search helper */

package/src/index.ts

@@ -11,9 +11,6 @@ export type {
   UserIdentity,
   RealtimeCtx,
   RealtimeNotifyEvent,
-  AIContext,
-  AIMessage,
-  AIResult,
 } from "./context.js";
 export { defineApi } from "./context.js";
 export type { QueryDef } from "./reactive-query-types.js";
@@ -187,22 +184,27 @@ export { cronJobs } from "./crons.js";
 export type { CronJobsBuilder, CronJobDef, IntervalOptions, DailyOptions, WeeklyOptions } from "./crons.js";
 export { defineAuth } from "./auth-config.js";
 export type {
-  GencowAuthConfig,
   AuthEmailVerification,
   AuthPasswordReset,
   AuthEvents,
   AuthHookContext,
   AuthUserLike,
   AuthOAuthConfig,
-  SocialProviderConfig,
-  SocialProvidersConfig,
+  AuthUserField,
+  AuthUserFieldType,
+  CustomOAuthProvider,
+  GencowAuthConfig,
+  GencowAuthConfigInput,
+  GencowAuthBaseConfig,
+  GencowBetterAuthConfig,
   KakaoConfig,
   NaverConfig,
-  CustomOAuthProvider,
   OAuthUserInfo,
+  SocialProviderConfig,
+  SocialProvidersConfig,
 } from "./auth-config.js";
 export { defineConfig } from "./config.js";
-export type { GencowConfig, GencowDbConfig, GencowDeployConfig } from "./config.js";
+export type { GencowCodegenConfig, GencowConfig, GencowDbConfig, GencowDeployConfig } from "./config.js";
 
 // ─── RLS + CRUD Factory ───────────
 export { ownerRls, getOwnerRlsMeta, registerOwnerRls } from "./rls.js";

package/src/platform-capacity-profile.ts

@@ -33,47 +33,48 @@ export const PLATFORM_CAPACITY_ENV_KEYS = [
   "COWBOX_WARM_POOL_PORT_RANGE",
 ] as const;
 
-export const PLATFORM_CAPACITY_PRESETS: Record<PlatformCapacityProfileName, PlatformCapacityPreset> = Object.freeze({
-  prod: Object.freeze({
-    profile: "prod",
-    maxConcurrentRunning: 600,
-    maxConcurrentWake: 20,
-    maxWakeQueueMs: 5000,
-    minAvailableRamMB: 8192,
-    evictionThresholdMB: 16384,
-    sleepTimeoutMinutes: 15,
-    sleepMaxPerCycle: 50,
-    warmPoolMinIdle: 10,
-    warmPoolMax: 650,
-    deployCandidateReserve: 40,
-  }),
-  dev: Object.freeze({
-    profile: "dev",
-    maxConcurrentRunning: 60,
-    maxConcurrentWake: 5,
-    maxWakeQueueMs: 3000,
-    minAvailableRamMB: 2048,
-    evictionThresholdMB: 4096,
-    sleepTimeoutMinutes: 10,
-    sleepMaxPerCycle: 20,
-    warmPoolMinIdle: 3,
-    warmPoolMax: 70,
-    deployCandidateReserve: 5,
-  }),
-  local: Object.freeze({
-    profile: "local",
-    maxConcurrentRunning: null,
-    maxConcurrentWake: null,
-    maxWakeQueueMs: 5000,
-    minAvailableRamMB: null,
-    evictionThresholdMB: null,
-    sleepTimeoutMinutes: 30,
-    sleepMaxPerCycle: 10,
-    warmPoolMinIdle: 3,
-    warmPoolMax: 10,
-    deployCandidateReserve: 0,
-  }),
-});
+export const PLATFORM_CAPACITY_PRESETS: Record<PlatformCapacityProfileName, PlatformCapacityPreset> =
+  Object.freeze({
+    prod: Object.freeze({
+      profile: "prod",
+      maxConcurrentRunning: 600,
+      maxConcurrentWake: 20,
+      maxWakeQueueMs: 5000,
+      minAvailableRamMB: 8192,
+      evictionThresholdMB: 16384,
+      sleepTimeoutMinutes: 15,
+      sleepMaxPerCycle: 50,
+      warmPoolMinIdle: 10,
+      warmPoolMax: 650,
+      deployCandidateReserve: 40,
+    }),
+    dev: Object.freeze({
+      profile: "dev",
+      maxConcurrentRunning: 60,
+      maxConcurrentWake: 5,
+      maxWakeQueueMs: 3000,
+      minAvailableRamMB: 2048,
+      evictionThresholdMB: 4096,
+      sleepTimeoutMinutes: 10,
+      sleepMaxPerCycle: 20,
+      warmPoolMinIdle: 3,
+      warmPoolMax: 70,
+      deployCandidateReserve: 5,
+    }),
+    local: Object.freeze({
+      profile: "local",
+      maxConcurrentRunning: null,
+      maxConcurrentWake: null,
+      maxWakeQueueMs: 5000,
+      minAvailableRamMB: null,
+      evictionThresholdMB: null,
+      sleepTimeoutMinutes: 30,
+      sleepMaxPerCycle: 10,
+      warmPoolMinIdle: 3,
+      warmPoolMax: 10,
+      deployCandidateReserve: 0,
+    }),
+  });
 
 function normalizeDomain(value: string | undefined): string {
   return (value || "")

package/src/procedure.ts

@@ -276,8 +276,12 @@ class GencowProcedureBuilderImpl<
   }
 }
 
-export const procQuery: GencowProcedureBuilder<"query", GencowCtx> =
-  new GencowProcedureBuilderImpl<"query", GencowCtx>("query");
-
-export const procMutation: GencowProcedureBuilder<"mutation", GencowCtx> =
-  new GencowProcedureBuilderImpl<"mutation", GencowCtx>("mutation");
+export const procQuery: GencowProcedureBuilder<"query", GencowCtx> = new GencowProcedureBuilderImpl<
+  "query",
+  GencowCtx
+>("query");
+
+export const procMutation: GencowProcedureBuilder<"mutation", GencowCtx> = new GencowProcedureBuilderImpl<
+  "mutation",
+  GencowCtx
+>("mutation");

package/src/rag-ingest-types.ts

@@ -1,4 +1,9 @@
-import type { DocumentConvertProvider, DocumentConvertMode, DocumentProviderTrace, DocumentVisibility } from "./document-types.js";
+import type {
+  DocumentConvertProvider,
+  DocumentConvertMode,
+  DocumentProviderTrace,
+  DocumentVisibility,
+} from "./document-types.js";
 
 export type RagIngestReindexMode = "if_changed" | "force";
 export type RagIngestJobStatus =

package/src/rag-schema.ts

@@ -1,4 +1,14 @@
-import { bigint, boolean, doublePrecision, integer, jsonb, pgTable, text, timestamp, vector } from "drizzle-orm/pg-core";
+import {
+  bigint,
+  boolean,
+  doublePrecision,
+  integer,
+  jsonb,
+  pgTable,
+  text,
+  timestamp,
+  vector,
+} from "drizzle-orm/pg-core";
 
 function buildScopeColumns() {
   return {

package/src/reactive-realtime.ts

@@ -57,7 +57,9 @@ export function buildQuerySubscriptionKey(queryKey: string, args?: unknown): str
 }
 
 export function subscriptionKeyMatchesQueryKey(subscriptionKey: string, queryKey: string): boolean {
-  return subscriptionKey === queryKey || subscriptionKey.startsWith(`${queryKey}${SUBSCRIPTION_KEY_SEPARATOR}`);
+  return (
+    subscriptionKey === queryKey || subscriptionKey.startsWith(`${queryKey}${SUBSCRIPTION_KEY_SEPARATOR}`)
+  );
 }
 
 export function subscribe(queryKey: string, ws: WSContext) {

package/src/rls-db.ts

@@ -35,7 +35,10 @@ const RESERVED_VARS_KEYS = new Set(["app.current_user_id", "app.current_user_rol
 type RlsDrizzleDatabaseLike = {
   session: unknown;
   _: { session?: unknown };
-  transaction: (callback: (tx: unknown) => unknown | Promise<unknown>, ...rest: unknown[]) => Promise<unknown>;
+  transaction: (
+    callback: (tx: unknown) => unknown | Promise<unknown>,
+    ...rest: unknown[]
+  ) => Promise<unknown>;
 };
 
 function assertSafeGucName(key: string): void {
@@ -249,10 +252,7 @@ function wrapSession(session: any, rls: RlsSessionContext, reuseOuterConnection:
  *
  * `db.transaction()` still injects the same variables at the start of the callback transaction.
  */
-export function createRlsDb<TDb extends RlsDrizzleDatabaseLike>(
-  db: TDb,
-  rls: RlsSessionContext,
-): TDb {
+export function createRlsDb<TDb extends RlsDrizzleDatabaseLike>(db: TDb, rls: RlsSessionContext): TDb {
   const reuseOuterConnection = isDrizzleTransactionDb(db);
   const baseSession = (db as unknown as { session: any }).session;
   const wrappedSession = wrapSession(baseSession, rls, reuseOuterConnection);

package/src/runtime-env-policy.ts

@@ -31,13 +31,20 @@ const RESERVED_TENANT_RUNTIME_ENV_KEYS = new Set([
   "GENCOW_SHUTDOWN_MARKER_PATH",
   "GENCOW_SKIP_MIGRATION",
   "GENCOW_DB_MAX_CONNECTIONS",
+  "GENCOW_DB_IDLE_TIMEOUT_SECONDS",
+  "GENCOW_DB_CONNECTION_TIMEOUT_SECONDS",
   "GENCOW_MEMORY_MB",
   "BUN_JSC_forceRAMSize",
   "MIMALLOC_PURGE_DELAY",
   "NODE_PATH",
 ]);
 
-const RESERVED_TENANT_RUNTIME_ENV_PREFIXES = ["__GENCOW_", "GENCOW_DOCUMENT_", "GENCOW_TEMPLATE_", "GENCOW_WARM_"];
+const RESERVED_TENANT_RUNTIME_ENV_PREFIXES = [
+  "__GENCOW_",
+  "GENCOW_DOCUMENT_",
+  "GENCOW_TEMPLATE_",
+  "GENCOW_WARM_",
+];
 
 export function isReservedTenantRuntimeEnvKey(key: string): boolean {
   const normalized = key.trim();

package/src/scheduler.ts

@@ -8,6 +8,8 @@ type ActionHandler = (args: any) => Promise<any>;
 export interface ScheduleOptions {
   /** 실패 시 호출할 action 이름 (dead-letter 패턴) */
   onError?: string;
+  /** Optional deterministic id for idempotent durable scheduling. */
+  id?: string;
 }
 
 /** scheduled job의 DB 영속화를 위한 콜백 */
@@ -209,7 +211,7 @@ export function createScheduler(options?: CreateSchedulerOptions): Scheduler {
 
   return {
     runAfter(ms: number, action: string, args?: any, scheduleOpts?: ScheduleOptions): string {
-      const id = generateId();
+      const id = scheduleOpts?.id ?? generateId();
       const jobEntry: PendingJobEntry = {
         id,
         action,

package/src/storage.ts

@@ -2,12 +2,7 @@ import * as fs from "fs/promises";
 import * as fsSync from "fs";
 import * as path from "path";
 import * as crypto from "crypto";
-import {
-  DEFAULT_STORAGE_QUOTA,
-  MAX_FILE_SIZE,
-  formatBytes,
-  loadStorageMeta,
-} from "./storage-shared.js";
+import { DEFAULT_STORAGE_QUOTA, MAX_FILE_SIZE, formatBytes, loadStorageMeta } from "./storage-shared.js";
 import type { Storage, StorageFile, StorageOptions, StoredFile } from "./storage-shared.js";
 import { recordStorageImageTransform } from "./storage-metering.js";
 import type { StorageMeteringOptions } from "./storage-metering.js";

package/src/workflow-json.ts

@@ -0,0 +1,6 @@
+import { sql } from "drizzle-orm";
+
+export function workflowJsonb(value: unknown): ReturnType<typeof sql> {
+  const json = JSON.stringify(value ?? {});
+  return sql`${json}::text::jsonb`;
+}

package/src/workflow.ts

@@ -7,6 +7,7 @@ import type {
   WorkflowOptions,
   WorkflowStartResult,
 } from "./workflow-types.js";
+import { workflowJsonb } from "./workflow-json.js";
 import { registerWorkflowsApi } from "./workflows-api.js";
 
 declare global {
@@ -125,33 +126,6 @@ function isMissingWorkflowV2SchemaError(error: unknown): boolean {
   );
 }
 
-async function tryInsertWorkflowV2WakeOutbox(
-  db: { execute: (query: ReturnType<typeof sql>) => Promise<unknown> },
-  workflowId: string,
-): Promise<void> {
-  try {
-    await db.execute(sql`
-      INSERT INTO _gencow_workflow_outbox_v2 (
-        id,
-        run_id,
-        kind,
-        available_at,
-        status
-      )
-      VALUES (
-        ${`start:${workflowId}`},
-        ${workflowId},
-        'wake_run',
-        NOW(),
-        'pending'
-      )
-      ON CONFLICT (id) DO NOTHING
-    `);
-  } catch (error) {
-    if (!isMissingWorkflowV2SchemaError(error)) throw error;
-  }
-}
-
 async function tryInsertWorkflowV2Run(options: {
   db: { execute: (query: ReturnType<typeof sql>) => Promise<unknown> };
   workflowId: string;
@@ -165,35 +139,57 @@ async function tryInsertWorkflowV2Run(options: {
 }): Promise<boolean> {
   try {
     await options.db.execute(sql`
-      INSERT INTO _gencow_workflow_runs_v2 (
-        id,
-        workflow_name,
-        workflow_version,
-        args_json,
-        user_id,
-        max_active_duration_ms,
-        lifecycle_deadline_at,
-        retry_count,
-        max_retries,
-        max_attempts
-      )
-      VALUES (
-        ${options.workflowId},
-        ${options.workflowName},
-        ${options.workflowVersion ?? null},
-        ${JSON.stringify(options.args)}::jsonb,
-        ${options.userId},
-        ${options.maxActiveDurationMs},
-        CASE
-          WHEN ${options.lifecycleTimeoutMs}::bigint IS NULL THEN NULL
-          ELSE NOW() + (${options.lifecycleTimeoutMs}::bigint * INTERVAL '1 millisecond')
-        END,
-        0,
-        ${options.maxRetries},
-        ${options.maxRetries + 1}
+      WITH inserted_run AS (
+        INSERT INTO _gencow_workflow_runs_v2 (
+          id,
+          workflow_name,
+          workflow_version,
+          args_json,
+          user_id,
+          max_active_duration_ms,
+          lifecycle_deadline_at,
+          retry_count,
+          max_retries,
+          max_attempts
+        )
+        VALUES (
+          ${options.workflowId},
+          ${options.workflowName},
+          ${options.workflowVersion ?? null},
+          ${workflowJsonb(options.args)},
+          ${options.userId},
+          ${options.maxActiveDurationMs},
+          CASE
+            WHEN ${options.lifecycleTimeoutMs}::bigint IS NULL THEN NULL
+            ELSE NOW() + (${options.lifecycleTimeoutMs}::bigint * INTERVAL '1 millisecond')
+          END,
+          0,
+          ${options.maxRetries},
+          ${options.maxRetries + 1}
+        )
+        RETURNING id
+      ),
+      inserted_outbox AS (
+        INSERT INTO _gencow_workflow_outbox_v2 (
+          id,
+          run_id,
+          kind,
+          available_at,
+          status
+        )
+        SELECT
+          'start:' || inserted_run.id,
+          inserted_run.id,
+          'wake_run',
+          NOW(),
+          'pending'
+        FROM inserted_run
+        ON CONFLICT (id) DO NOTHING
+        RETURNING id
       )
+      SELECT id
+      FROM inserted_run
     `);
-    await tryInsertWorkflowV2WakeOutbox(options.db, options.workflowId);
     return true;
   } catch (error) {
     if (isMissingWorkflowV2SchemaError(error)) return false;
@@ -297,7 +293,7 @@ export function workflow<TSchema = any, TReturn = any>(
                 VALUES (
                     ${workflowId},
                     ${name},
-                    ${JSON.stringify(persistedArgs)}::jsonb,
+                    ${workflowJsonb(persistedArgs)},
                   ${realtimeToken},
                   'pending',
                   0,
@@ -320,7 +316,9 @@ export function workflow<TSchema = any, TReturn = any>(
           lifecycleTimeoutMs,
           maxRetries,
         });
-        const scheduledJobId = ctx.scheduler.runAfter(0, resumeAction, { workflowId });
+        const scheduledJobId = insertedWorkflowV2
+          ? `start:${workflowId}`
+          : ctx.scheduler.runAfter(0, resumeAction, { workflowId });
         return {
           id: workflowId,
           name,

package/src/workflows-api.ts

@@ -8,6 +8,7 @@ import {
   getWorkflowRealtimeKey,
   serializeWorkflowValue,
 } from "./workflow.js";
+import { workflowJsonb } from "./workflow-json.js";
 import { GencowValidationError, v } from "./v.js";
 import type {
   WorkflowDerivedStatus,
@@ -246,7 +247,7 @@ async function tryRecordWorkflowV2Signal(options: {
           ${crypto.randomUUID()},
           ${options.workflowId},
           ${options.event},
-          ${JSON.stringify(options.payload)}::jsonb,
+          ${workflowJsonb(options.payload)},
           ${crypto.randomUUID()}
         )
         RETURNING run_id
@@ -397,7 +398,7 @@ export function registerWorkflowsApi(): void {
                     ${crypto.randomUUID()},
                     ${workflow.id},
                     ${normalizedEvent},
-                  ${JSON.stringify(persistedPayload)}::jsonb
+                  ${workflowJsonb(persistedPayload)}
                 )
             `);
       await tryRecordWorkflowV2Signal({