@hachej/boring-core 0.1.0

package/dist/server/db/index.d.ts

@@ -0,0 +1,209 @@
+import { U as UserStore, W as WorkspaceStore } from '../../connection-CE7z-wBp.js';
+export { D as Database, c as createDatabase } from '../../connection-CE7z-wBp.js';
+export { R as RunMigrationsOptions, r as runMigrations } from '../../migrate-D49JsATX.js';
+import { U as User, W as Workspace, E as ERROR_CODES, M as MemberRole, a as WorkspaceMember, b as WorkspaceInvite, c as WorkspaceRuntime, d as WorkspaceRuntimeResourceSelector, e as WorkspaceRuntimeResource, f as WorkspaceRuntimeResourceInput } from '../../index-COZa03RP.js';
+import { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import 'postgres';
+
+interface UserSettings {
+    displayName: string;
+    email: string;
+    settings: Record<string, unknown>;
+}
+declare class LocalUserStore implements UserStore {
+    private users;
+    private usersByEmail;
+    private settings;
+    seed(user: Omit<User, 'createdAt' | 'updatedAt'>): void;
+    getById(id: string): Promise<User | null>;
+    getByEmail(email: string): Promise<User | null>;
+    upsert(userId: string, data: {
+        email: string;
+        name?: string;
+    }): Promise<User>;
+    getUserSettings(userId: string, appId: string): Promise<UserSettings>;
+    putUserSettings(userId: string, appId: string, updates: {
+        displayName?: string;
+        email?: string;
+        settings?: Record<string, unknown>;
+    }): Promise<UserSettings>;
+}
+
+declare class LocalWorkspaceStore implements WorkspaceStore {
+    private userStore;
+    private workspaces;
+    private members;
+    private invites;
+    private runtimes;
+    private runtimeResources;
+    private wsSettings;
+    private uiStates;
+    constructor(userStore: LocalUserStore);
+    create(userId: string, name: string, appId: string, opts?: {
+        isDefault?: boolean;
+    }): Promise<Workspace>;
+    list(userId: string, appId: string): Promise<Workspace[]>;
+    get(id: string): Promise<Workspace | null>;
+    update(id: string, updates: Partial<Pick<Workspace, 'name'>>): Promise<Workspace | null>;
+    delete(id: string): Promise<{
+        removed: boolean;
+        code?: typeof ERROR_CODES.NOT_FOUND;
+    }>;
+    getWorkspacesWhereSoleOwner(userId: string): Promise<Workspace[]>;
+    isMember(workspaceId: string, userId: string): Promise<boolean>;
+    getMemberRole(workspaceId: string, userId: string): Promise<MemberRole | null>;
+    listMembers(workspaceId: string): Promise<Array<WorkspaceMember & {
+        user: Pick<User, 'id' | 'email' | 'name' | 'image'>;
+    }>>;
+    upsertMember(workspaceId: string, userId: string, role: MemberRole): Promise<WorkspaceMember>;
+    updateMemberRole(workspaceId: string, userId: string, role: MemberRole): Promise<{
+        member?: WorkspaceMember;
+        code?: typeof ERROR_CODES.LAST_OWNER | typeof ERROR_CODES.NOT_MEMBER;
+    }>;
+    removeMember(workspaceId: string, userId: string): Promise<{
+        removed: boolean;
+        code?: typeof ERROR_CODES.LAST_OWNER | typeof ERROR_CODES.NOT_MEMBER;
+    }>;
+    listInvites(workspaceId: string): Promise<WorkspaceInvite[]>;
+    createInvite(workspaceId: string, email: string, role: MemberRole, invitedBy: string | null, opts?: {
+        ttlDays?: number;
+    }): Promise<{
+        invite: WorkspaceInvite;
+        rawToken: string;
+    }>;
+    getInvite(workspaceId: string, inviteId: string): Promise<WorkspaceInvite | null>;
+    getInviteByTokenHash(tokenHash: string): Promise<WorkspaceInvite | null>;
+    revokeInvite(workspaceId: string, inviteId: string): Promise<boolean>;
+    acceptInvite(workspaceId: string, inviteId: string, userId: string): Promise<{
+        invite: WorkspaceInvite;
+        member: WorkspaceMember;
+    }>;
+    incrementInviteFailedAttempts(inviteId: string): Promise<{
+        failedAttempts: number;
+        lockedUntil: string | null;
+    }>;
+    resetInviteFailedAttempts(inviteId: string): Promise<void>;
+    getWorkspaceSettings(workspaceId: string): Promise<Array<{
+        key: string;
+        configured: boolean;
+        updated_at: string;
+    }>>;
+    putWorkspaceSettings(workspaceId: string, settings: Record<string, string>): Promise<Array<{
+        key: string;
+        configured: boolean;
+        updated_at: string;
+    }>>;
+    getWorkspaceRuntime(workspaceId: string): Promise<WorkspaceRuntime | null>;
+    putWorkspaceRuntime(workspaceId: string, state: Partial<WorkspaceRuntime>): Promise<WorkspaceRuntime>;
+    listWorkspaceRuntimes(): Promise<WorkspaceRuntime[]>;
+    private runtimeResourceKey;
+    getWorkspaceRuntimeResource(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<WorkspaceRuntimeResource | null>;
+    putWorkspaceRuntimeResource(workspaceId: string, resource: WorkspaceRuntimeResourceInput): Promise<WorkspaceRuntimeResource>;
+    deleteWorkspaceRuntimeResource(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<void>;
+    listWorkspaceRuntimeResources(workspaceId?: string): Promise<WorkspaceRuntimeResource[]>;
+    retryWorkspaceRuntime(workspaceId: string): Promise<WorkspaceRuntime | null>;
+    getUiState(userId: string, workspaceId: string): Promise<Record<string, unknown> | null>;
+    putUiState(userId: string, workspaceId: string, state: Record<string, unknown>): Promise<void>;
+}
+
+type DbLike = Pick<PostgresJsDatabase, 'select' | 'insert' | 'update' | 'execute'>;
+declare class PostgresWorkspaceStore implements WorkspaceStore {
+    private readonly db;
+    private readonly workspaceSettingsKey;
+    constructor(db: PostgresJsDatabase, workspaceSettingsKey?: string);
+    private uiStateKey;
+    private getWorkspaceAppId;
+    create(userId: string, name: string, appId: string, opts?: {
+        isDefault?: boolean;
+    }): Promise<Workspace>;
+    list(userId: string, appId: string): Promise<Workspace[]>;
+    get(id: string): Promise<Workspace | null>;
+    update(id: string, updates: Partial<Pick<Workspace, 'name'>>): Promise<Workspace | null>;
+    delete(id: string): Promise<{
+        removed: boolean;
+        code?: typeof ERROR_CODES.NOT_FOUND;
+    }>;
+    getWorkspacesWhereSoleOwner(userId: string): Promise<Workspace[]>;
+    isMember(workspaceId: string, userId: string): Promise<boolean>;
+    getMemberRole(workspaceId: string, userId: string): Promise<MemberRole | null>;
+    listMembers(workspaceId: string): Promise<Array<WorkspaceMember & {
+        user: Pick<User, 'id' | 'email' | 'name' | 'image'>;
+    }>>;
+    upsertMember(workspaceId: string, userId: string, role: MemberRole): Promise<WorkspaceMember>;
+    updateMemberRole(workspaceId: string, userId: string, role: MemberRole): Promise<{
+        member?: WorkspaceMember;
+        code?: typeof ERROR_CODES.LAST_OWNER | typeof ERROR_CODES.NOT_MEMBER;
+    }>;
+    removeMember(workspaceId: string, userId: string): Promise<{
+        removed: boolean;
+        code?: typeof ERROR_CODES.LAST_OWNER | typeof ERROR_CODES.NOT_MEMBER;
+    }>;
+    createInvite(workspaceId: string, email: string, role: MemberRole, invitedBy: string | null, opts?: {
+        ttlDays?: number;
+    }): Promise<{
+        invite: WorkspaceInvite;
+        rawToken: string;
+    }>;
+    listInvites(workspaceId: string): Promise<WorkspaceInvite[]>;
+    getInvite(workspaceId: string, inviteId: string): Promise<WorkspaceInvite | null>;
+    getInviteByTokenHash(tokenHash: string): Promise<WorkspaceInvite | null>;
+    revokeInvite(workspaceId: string, inviteId: string): Promise<boolean>;
+    acceptInvite(workspaceId: string, inviteId: string, userId: string): Promise<{
+        invite: WorkspaceInvite;
+        member: WorkspaceMember;
+    }>;
+    incrementInviteFailedAttempts(inviteId: string): Promise<{
+        failedAttempts: number;
+        lockedUntil: string | null;
+    }>;
+    resetInviteFailedAttempts(inviteId: string): Promise<void>;
+    decryptSetting(workspaceId: string, key: string, db?: DbLike): Promise<string | null>;
+    encryptAndPut(workspaceId: string, key: string, value: string, db?: DbLike): Promise<void>;
+    getWorkspaceSettings(workspaceId: string): Promise<Array<{
+        key: string;
+        configured: boolean;
+        updated_at: string;
+    }>>;
+    putWorkspaceSettings(workspaceId: string, settings: Record<string, string>): Promise<Array<{
+        key: string;
+        configured: boolean;
+        updated_at: string;
+    }>>;
+    getWorkspaceRuntime(workspaceId: string): Promise<WorkspaceRuntime | null>;
+    putWorkspaceRuntime(workspaceId: string, state: Partial<WorkspaceRuntime>): Promise<WorkspaceRuntime>;
+    retryWorkspaceRuntime(workspaceId: string): Promise<WorkspaceRuntime | null>;
+    listWorkspaceRuntimes(): Promise<WorkspaceRuntime[]>;
+    getWorkspaceRuntimeResource(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<WorkspaceRuntimeResource | null>;
+    putWorkspaceRuntimeResource(workspaceId: string, resource: WorkspaceRuntimeResourceInput): Promise<WorkspaceRuntimeResource>;
+    deleteWorkspaceRuntimeResource(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<void>;
+    listWorkspaceRuntimeResources(workspaceId?: string): Promise<WorkspaceRuntimeResource[]>;
+    getUiState(userId: string, workspaceId: string): Promise<Record<string, unknown> | null>;
+    putUiState(userId: string, workspaceId: string, state: Record<string, unknown>): Promise<void>;
+}
+
+declare class PostgresUserStore implements UserStore {
+    private db;
+    constructor(db: PostgresJsDatabase);
+    getById(id: string): Promise<User | null>;
+    getByEmail(email: string): Promise<User | null>;
+    upsert(userId: string, data: {
+        email: string;
+        name?: string;
+    }): Promise<User>;
+    getUserSettings(userId: string, appId: string): Promise<{
+        displayName: string;
+        email: string;
+        settings: Record<string, unknown>;
+    }>;
+    putUserSettings(userId: string, appId: string, updates: {
+        displayName?: string;
+        email?: string;
+        settings?: Record<string, unknown>;
+    }): Promise<{
+        displayName: string;
+        email: string;
+        settings: Record<string, unknown>;
+    }>;
+}
+
+export { LocalUserStore, LocalWorkspaceStore, PostgresUserStore, PostgresWorkspaceStore };

package/dist/server/db/index.js

@@ -0,0 +1,18 @@
+import {
+  LocalUserStore,
+  LocalWorkspaceStore,
+  PostgresUserStore,
+  PostgresWorkspaceStore,
+  createDatabase,
+  runMigrations
+} from "../../chunk-HSRBZLKT.js";
+import "../../chunk-H5KU6R6Y.js";
+import "../../chunk-MLKGABMK.js";
+export {
+  LocalUserStore,
+  LocalWorkspaceStore,
+  PostgresUserStore,
+  PostgresWorkspaceStore,
+  createDatabase,
+  runMigrations
+};

package/dist/server/index.d.ts

@@ -0,0 +1,395 @@
+import { L as LoadConfigOptions } from '../authHook-vsRhOvnh.js';
+export { A as AuthHookOptions, B as BetterAuthInstance, C as CreateAuthOptions, a as authHook, b as buildRuntimeConfigPayload, c as createAuth, l as loadConfig, v as validateConfig, d as validatePasswordStrength } from '../authHook-vsRhOvnh.js';
+import { z } from 'zod';
+import { C as CoreConfig, M as MemberRole, c as WorkspaceRuntime, d as WorkspaceRuntimeResourceSelector, e as WorkspaceRuntimeResource, f as WorkspaceRuntimeResourceInput } from '../index-COZa03RP.js';
+import * as fastify from 'fastify';
+import { FastifyInstance, FastifyPluginAsync, preHandlerHookHandler, FastifyRequest, FastifyReply } from 'fastify';
+import * as http from 'http';
+import { IncomingMessage } from 'node:http';
+import { C as CreateCoreAppOptions, D as Database, U as UserStore, W as WorkspaceStore, a as WorkspaceProvisioner } from '../connection-CE7z-wBp.js';
+export { A as AuthProvider, b as CapabilitiesContributor, P as ProvisionContext, d as ProvisionResult, c as createDatabase } from '../connection-CE7z-wBp.js';
+import postgres from 'postgres';
+export { r as runMigrations } from '../migrate-D49JsATX.js';
+import 'better-auth';
+import 'drizzle-orm/postgres-js';
+
+declare const coreConfigSchema: z.ZodObject<{
+    appId: z.ZodString;
+    appName: z.ZodString;
+    appLogo: z.ZodNullable<z.ZodString>;
+    port: z.ZodNumber;
+    host: z.ZodString;
+    staticDir: z.ZodNullable<z.ZodString>;
+    databaseUrl: z.ZodNullable<z.ZodString>;
+    stores: z.ZodEnum<["postgres", "local"]>;
+    cors: z.ZodObject<{
+        origins: z.ZodArray<z.ZodString, "many">;
+        credentials: z.ZodLiteral<true>;
+    }, "strip", z.ZodTypeAny, {
+        origins: string[];
+        credentials: true;
+    }, {
+        origins: string[];
+        credentials: true;
+    }>;
+    bodyLimit: z.ZodNumber;
+    logLevel: z.ZodEnum<["fatal", "error", "warn", "info", "debug", "trace"]>;
+    rateLimit: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
+        max: z.ZodNumber;
+        window: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        max: number;
+        window: string;
+    }, {
+        max: number;
+        window: string;
+    }>>>;
+    security: z.ZodOptional<z.ZodObject<{
+        csp: z.ZodObject<{
+            enabled: z.ZodBoolean;
+            upgradeInsecureRequests: z.ZodOptional<z.ZodBoolean>;
+        }, "strip", z.ZodTypeAny, {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        }, {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        }>;
+    }, "strip", z.ZodTypeAny, {
+        csp: {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        };
+    }, {
+        csp: {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        };
+    }>>;
+    encryption: z.ZodObject<{
+        workspaceSettingsKey: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        workspaceSettingsKey: string;
+    }, {
+        workspaceSettingsKey: string;
+    }>;
+    auth: z.ZodObject<{
+        secret: z.ZodString;
+        url: z.ZodString;
+        github: z.ZodOptional<z.ZodObject<{
+            clientId: z.ZodString;
+            clientSecret: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            clientId: string;
+            clientSecret: string;
+        }, {
+            clientId: string;
+            clientSecret: string;
+        }>>;
+        mail: z.ZodOptional<z.ZodObject<{
+            from: z.ZodString;
+            transportUrl: z.ZodEffects<z.ZodString, string, string>;
+        }, "strip", z.ZodTypeAny, {
+            from: string;
+            transportUrl: string;
+        }, {
+            from: string;
+            transportUrl: string;
+        }>>;
+        sessionTtlSeconds: z.ZodNumber;
+        sessionCookieSecure: z.ZodBoolean;
+    }, "strip", z.ZodTypeAny, {
+        secret: string;
+        url: string;
+        sessionTtlSeconds: number;
+        sessionCookieSecure: boolean;
+        github?: {
+            clientId: string;
+            clientSecret: string;
+        } | undefined;
+        mail?: {
+            from: string;
+            transportUrl: string;
+        } | undefined;
+    }, {
+        secret: string;
+        url: string;
+        sessionTtlSeconds: number;
+        sessionCookieSecure: boolean;
+        github?: {
+            clientId: string;
+            clientSecret: string;
+        } | undefined;
+        mail?: {
+            from: string;
+            transportUrl: string;
+        } | undefined;
+    }>;
+    features: z.ZodObject<{
+        githubOauth: z.ZodBoolean;
+        invitesEnabled: z.ZodBoolean;
+        sendWelcomeEmail: z.ZodBoolean;
+        inviteTtlDays: z.ZodDefault<z.ZodNumber>;
+    }, "strip", z.ZodTypeAny, {
+        githubOauth: boolean;
+        invitesEnabled: boolean;
+        sendWelcomeEmail: boolean;
+        inviteTtlDays: number;
+    }, {
+        githubOauth: boolean;
+        invitesEnabled: boolean;
+        sendWelcomeEmail: boolean;
+        inviteTtlDays?: number | undefined;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    appId: string;
+    appName: string;
+    appLogo: string | null;
+    port: number;
+    host: string;
+    staticDir: string | null;
+    databaseUrl: string | null;
+    stores: "postgres" | "local";
+    cors: {
+        origins: string[];
+        credentials: true;
+    };
+    bodyLimit: number;
+    logLevel: "error" | "fatal" | "warn" | "info" | "debug" | "trace";
+    encryption: {
+        workspaceSettingsKey: string;
+    };
+    auth: {
+        secret: string;
+        url: string;
+        sessionTtlSeconds: number;
+        sessionCookieSecure: boolean;
+        github?: {
+            clientId: string;
+            clientSecret: string;
+        } | undefined;
+        mail?: {
+            from: string;
+            transportUrl: string;
+        } | undefined;
+    };
+    features: {
+        githubOauth: boolean;
+        invitesEnabled: boolean;
+        sendWelcomeEmail: boolean;
+        inviteTtlDays: number;
+    };
+    rateLimit?: Record<string, {
+        max: number;
+        window: string;
+    }> | undefined;
+    security?: {
+        csp: {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        };
+    } | undefined;
+}, {
+    appId: string;
+    appName: string;
+    appLogo: string | null;
+    port: number;
+    host: string;
+    staticDir: string | null;
+    databaseUrl: string | null;
+    stores: "postgres" | "local";
+    cors: {
+        origins: string[];
+        credentials: true;
+    };
+    bodyLimit: number;
+    logLevel: "error" | "fatal" | "warn" | "info" | "debug" | "trace";
+    encryption: {
+        workspaceSettingsKey: string;
+    };
+    auth: {
+        secret: string;
+        url: string;
+        sessionTtlSeconds: number;
+        sessionCookieSecure: boolean;
+        github?: {
+            clientId: string;
+            clientSecret: string;
+        } | undefined;
+        mail?: {
+            from: string;
+            transportUrl: string;
+        } | undefined;
+    };
+    features: {
+        githubOauth: boolean;
+        invitesEnabled: boolean;
+        sendWelcomeEmail: boolean;
+        inviteTtlDays?: number | undefined;
+    };
+    rateLimit?: Record<string, {
+        max: number;
+        window: string;
+    }> | undefined;
+    security?: {
+        csp: {
+            enabled: boolean;
+            upgradeInsecureRequests?: boolean | undefined;
+        };
+    } | undefined;
+}>;
+
+declare function safeRedirect(url: string, config: CoreConfig): string;
+
+declare function createCoreApp(config: CoreConfig, options?: CreateCoreAppOptions): Promise<FastifyInstance<http.Server<typeof IncomingMessage, typeof http.ServerResponse>, IncomingMessage, http.ServerResponse<IncomingMessage>, fastify.FastifyBaseLogger, fastify.FastifyTypeProviderDefault>>;
+
+interface RoutesOptions {
+    sql?: postgres.Sql;
+    db?: Database;
+    userStore: UserStore;
+    workspaceStore?: WorkspaceStore;
+}
+declare const registerRoutes: FastifyPluginAsync<RoutesOptions>;
+
+interface RenderedEmail {
+    to: string;
+    subject: string;
+    html: string;
+    text: string;
+}
+interface MailTransport {
+    send(email: RenderedEmail): Promise<{
+        id: string;
+    }>;
+}
+declare class MailDeliveryError extends Error {
+    readonly statusCode?: number;
+    constructor(message: string, statusCode?: number);
+}
+type Env = 'production' | 'development' | 'test';
+declare function createMailTransport(url: string, from: string, env?: Env): MailTransport;
+
+interface VerifyEmailData {
+    to: string;
+    verifyUrl: string;
+    appName: string;
+    expiresInHours: number;
+}
+declare function renderVerifyEmail(data: VerifyEmailData): Promise<RenderedEmail>;
+interface ResetPasswordData {
+    to: string;
+    resetUrl: string;
+    appName: string;
+    expiresInHours: number;
+}
+declare function renderResetPassword(data: ResetPasswordData): Promise<RenderedEmail>;
+interface MagicLinkData {
+    to: string;
+    loginUrl: string;
+    appName: string;
+    expiresInMinutes: number;
+}
+declare function renderMagicLink(data: MagicLinkData): Promise<RenderedEmail>;
+interface WorkspaceInviteData {
+    to: string;
+    acceptUrl: string;
+    inviterName: string;
+    workspaceName: string;
+    role: string;
+    expiresInDays: number;
+}
+declare function renderWorkspaceInvite(data: WorkspaceInviteData): Promise<RenderedEmail>;
+interface WelcomeData {
+    to: string;
+    appName: string;
+    getStartedUrl: string;
+}
+declare function renderWelcome(data: WelcomeData): Promise<RenderedEmail>;
+
+interface RunCoreMigrationsFromEnvOptions {
+    loadConfigOptions?: LoadConfigOptions;
+    log?: Pick<Console, 'log'>;
+}
+declare function runCoreMigrationsFromEnv(options?: RunCoreMigrationsFromEnvOptions): Promise<void>;
+
+interface PostSignupUser {
+    id: string;
+    email: string;
+    name: string;
+    [key: string]: unknown;
+}
+interface PostSignupHookDeps {
+    config: CoreConfig;
+    workspaceStore: WorkspaceStore;
+    transport: MailTransport | null;
+    logger?: {
+        warn: (obj: Record<string, unknown>, msg: string) => void;
+    };
+}
+declare function createPostSignupHook(deps: PostSignupHookDeps): (user: PostSignupUser & Record<string, unknown>, rawCtx: unknown) => Promise<void>;
+
+declare function requireWorkspaceMember(minimumRole?: MemberRole): preHandlerHookHandler;
+
+declare const registerWorkspaceRoutes: FastifyPluginAsync;
+
+declare const registerMemberRoutes: FastifyPluginAsync;
+
+interface IdempotencyEntry {
+    responseStatus: number;
+    responseBody: unknown;
+}
+interface IdempotencyKeyStore {
+    sweep(): Promise<void>;
+    find(key: string): Promise<IdempotencyEntry | null>;
+    set(key: string, scope: string, status: number, body: unknown): Promise<void>;
+}
+declare function createDrizzleIdempotencyStore(db: Database): IdempotencyKeyStore;
+declare function createIdempotencyMiddleware(store: IdempotencyKeyStore): {
+    guard: (scope: string) => preHandlerHookHandler;
+    onSendCapture: (request: FastifyRequest, reply: FastifyReply, payload: unknown) => Promise<unknown>;
+};
+
+interface InviteRoutesOptions {
+    idempotencyStore?: IdempotencyKeyStore;
+}
+declare const registerInviteRoutes: FastifyPluginAsync<InviteRoutesOptions>;
+
+declare const registerSettingsRoutes: FastifyPluginAsync;
+
+interface FsProvisionerOptions {
+    rootDir: string;
+}
+declare function createFsProvisioner(opts: FsProvisionerOptions): WorkspaceProvisioner;
+
+interface WorkspaceSandboxHandleRecord {
+    workspaceId: string;
+    sandboxId: string;
+    snapshotId?: string;
+    provider?: string;
+    handleKind?: string;
+    stableKey?: string;
+    persistenceMode?: string;
+    providerMeta?: Record<string, unknown>;
+    createdAt: string;
+    lastUsedAt: string;
+}
+interface WorkspaceRuntimeStoreLike {
+    getWorkspaceRuntime(workspaceId: string): Promise<WorkspaceRuntime | null>;
+    putWorkspaceRuntime(workspaceId: string, state: Partial<WorkspaceRuntime>): Promise<WorkspaceRuntime>;
+    getWorkspaceRuntimeResource?(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<WorkspaceRuntimeResource | null>;
+    putWorkspaceRuntimeResource?(workspaceId: string, resource: WorkspaceRuntimeResourceInput): Promise<WorkspaceRuntimeResource>;
+    deleteWorkspaceRuntimeResource?(workspaceId: string, selector: WorkspaceRuntimeResourceSelector): Promise<void>;
+    listWorkspaceRuntimeResources?(workspaceId?: string): Promise<WorkspaceRuntimeResource[]>;
+    listWorkspaceRuntimes?(): Promise<WorkspaceRuntime[]>;
+}
+declare class WorkspaceRuntimeSandboxHandleStore {
+    private readonly store;
+    constructor(store: WorkspaceRuntimeStoreLike);
+    get(workspaceId: string): Promise<WorkspaceSandboxHandleRecord | null>;
+    put(record: WorkspaceSandboxHandleRecord): Promise<void>;
+    private restoreRuntimeResource;
+    delete(workspaceId: string): Promise<void>;
+    list(): Promise<WorkspaceSandboxHandleRecord[]>;
+}
+
+export { CreateCoreAppOptions, Database, type FsProvisionerOptions, type IdempotencyEntry, type IdempotencyKeyStore, LoadConfigOptions, MailDeliveryError, type MailTransport, type PostSignupHookDeps, type RenderedEmail, type RoutesOptions, type RunCoreMigrationsFromEnvOptions, UserStore, WorkspaceProvisioner, WorkspaceRuntimeSandboxHandleStore, type WorkspaceRuntimeStoreLike, type WorkspaceSandboxHandleRecord, WorkspaceStore, coreConfigSchema, createCoreApp, createDrizzleIdempotencyStore, createFsProvisioner, createIdempotencyMiddleware, createMailTransport, createPostSignupHook, registerInviteRoutes, registerMemberRoutes, registerRoutes, registerSettingsRoutes, registerWorkspaceRoutes, renderMagicLink, renderResetPassword, renderVerifyEmail, renderWelcome, renderWorkspaceInvite, requireWorkspaceMember, runCoreMigrationsFromEnv, safeRedirect };