@hachej/boring-core 0.1.82 → 0.1.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,5 +1,5 @@
1
1
  import postgres from 'postgres';
2
- import { C as CoreConfig } from './types-Di-eoc58.js';
2
+ import { C as CoreConfig } from './types-DKCtYltp.js';
3
3
  import { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
4
4
 
5
5
  type CoreMigrationSql = postgres.Sql;
@@ -9,12 +9,12 @@ import {
9
9
  useSignIn,
10
10
  useSignUp,
11
11
  useWorkspaceRouteStatus
12
- } from "../../chunk-DGBJFPUK.js";
12
+ } from "../../chunk-6G6Z52VQ.js";
13
13
  import "../../chunk-HYNKZSTF.js";
14
14
  import {
15
15
  isRuntimeEmailVerificationEnabled
16
16
  } from "../../chunk-I4PGL4ZD.js";
17
- import "../../chunk-H7EYII35.js";
17
+ import "../../chunk-VWE46RW4.js";
18
18
  import "../../chunk-MLKGABMK.js";
19
19
 
20
20
  // src/app/front/CoreWorkspaceAgentFront.tsx
@@ -2,11 +2,11 @@ import { RuntimeProvisioningContribution, RegisterAgentRoutesOptions } from '@ha
2
2
  import { DirPluginEntry, CreateWorkspaceAgentServerOptions, WorkspaceAgentServerPluginContext } from '@hachej/boring-workspace/app/server';
3
3
  import { WorkspaceServerPlugin, WorkspaceBridgeOperationDefinition, WorkspaceBridgeHandler, WorkspaceBridgeRuntimeEnvOptions, WorkspaceBridgeCallRequest, WorkspaceBridgeCallResponse } from '@hachej/boring-workspace/server';
4
4
  import { FastifyRequest, FastifyReply, FastifyInstance } from 'fastify';
5
- import { C as CoreConfig } from '../../types-Di-eoc58.js';
5
+ import { C as CoreConfig } from '../../types-DKCtYltp.js';
6
6
  import { T as TelemetrySink } from '../../telemetry-DR18MeI0.js';
7
- import { B as BetterAuthInstance, L as LoadConfigOptions } from '../../loadConfig-CuRGCFmt.js';
8
- import { D as Database, U as UserStore, W as WorkspaceStore, C as CoreRequestScopeResolver } from '../../types-CHdS89JJ.js';
9
- export { a as CoreRequestScope } from '../../types-CHdS89JJ.js';
7
+ import { B as BetterAuthInstance, L as LoadConfigOptions } from '../../loadConfig-DEG0Tu5n.js';
8
+ import { D as Database, U as UserStore, W as WorkspaceStore, C as CoreRequestScopeResolver } from '../../types-uK6CFlxr.js';
9
+ export { a as CoreRequestScope } from '../../types-uK6CFlxr.js';
10
10
  import { IncomingMessage, ServerResponse } from 'node:http';
11
11
  import 'better-auth';
12
12
  import 'drizzle-orm/postgres-js';
@@ -10,13 +10,13 @@ import {
10
10
  registerRoutes,
11
11
  registerSettingsRoutes,
12
12
  registerWorkspaceRoutes
13
- } from "../../chunk-YFCR6SAS.js";
13
+ } from "../../chunk-MWOZRTRG.js";
14
14
  import {
15
15
  PostgresUserStore,
16
16
  PostgresWorkspaceStore,
17
17
  createDatabase,
18
18
  telemetryEvents
19
- } from "../../chunk-RVVE5WOB.js";
19
+ } from "../../chunk-C4YTZAZC.js";
20
20
  import {
21
21
  noopTelemetry,
22
22
  safeCapture
@@ -25,7 +25,7 @@ import "../../chunk-I4PGL4ZD.js";
25
25
  import {
26
26
  ERROR_CODES,
27
27
  HttpError
28
- } from "../../chunk-H7EYII35.js";
28
+ } from "../../chunk-VWE46RW4.js";
29
29
  import "../../chunk-MLKGABMK.js";
30
30
 
31
31
  // src/app/server/createCoreWorkspaceAgentServer.ts
@@ -69,6 +69,7 @@ var MAX_SESSION_OWNER_CACHE = 5e3;
69
69
  function createCoreWorkspaceBridge(options) {
70
70
  const { resolveWorkspaceId, workspaceStore, validateWorkspaceId, agentSessionId } = options;
71
71
  const admittedBrowserWorkspaces = /* @__PURE__ */ new WeakMap();
72
+ const admittedRuntimeWorkspaces = /* @__PURE__ */ new WeakMap();
72
73
  const bridges = /* @__PURE__ */ new Map();
73
74
  const getBridge = (workspaceId) => {
74
75
  const safeWorkspaceId = validateWorkspaceId(workspaceId);
@@ -100,6 +101,8 @@ function createCoreWorkspaceBridge(options) {
100
101
  return runtime;
101
102
  };
102
103
  const resolveBridgeWorkspaceId = async (request) => {
104
+ const admittedRuntimeWorkspace = admittedRuntimeWorkspaces.get(request);
105
+ if (admittedRuntimeWorkspace) return admittedRuntimeWorkspace;
103
106
  const authHeader = request.headers.authorization;
104
107
  if (options.workspaceBridge?.runtimeTokenSecret && typeof authHeader === "string" && authHeader.startsWith("Bearer ")) {
105
108
  return verifyWorkspaceBridgeRuntimeToken(authHeader.slice("Bearer ".length), {
@@ -176,6 +179,7 @@ function createCoreWorkspaceBridge(options) {
176
179
  }
177
180
  } : void 0;
178
181
  const registerHttpRoutes = async (app) => {
182
+ const assertRuntimeWorkspaceScope = options.assertRuntimeWorkspaceScope;
179
183
  await app.register(async (bridgeApp) => {
180
184
  bridgeApp.addHook("preHandler", async (request) => {
181
185
  const pathname = request.url.split("?")[0];
@@ -189,6 +193,11 @@ function createCoreWorkspaceBridge(options) {
189
193
  getIdempotencyStore: async (request) => getRuntime(await resolveBridgeWorkspaceId(request)).idempotencyStore,
190
194
  runtimeTokenSecret: options.workspaceBridge?.runtimeTokenSecret,
191
195
  runtimeRefreshTokenSecret: options.workspaceBridge?.runtimeRefreshTokenSecret,
196
+ assertRuntimeWorkspaceScope: assertRuntimeWorkspaceScope ? async (request, claims) => {
197
+ await assertRuntimeWorkspaceScope(request, claims.workspaceId);
198
+ admittedRuntimeWorkspaces.set(request, claims.workspaceId);
199
+ } : void 0,
200
+ admitRuntimeOperation: options.admitRuntimeOperation,
192
201
  getRuntimeRefreshTokenStore: (_request, claims) => getRuntime(claims.workspaceId).refreshTokenStore,
193
202
  getOwnerWorkspaceId: async (request) => await resolveBridgeWorkspaceId(request),
194
203
  browserAuthPolicy: createBrowserBridgeAuthPolicy({
@@ -923,7 +932,21 @@ async function createCoreWorkspaceAgentServer(options = {}) {
923
932
  workspaceStore,
924
933
  corsOrigins: app.config.cors.origins,
925
934
  validateWorkspaceId: validateWorkspaceIdSegment,
926
- agentSessionId: agentSessionIdFromRequest
935
+ agentSessionId: agentSessionIdFromRequest,
936
+ assertRuntimeWorkspaceScope: options.requestScopeResolver ? (request, workspaceId) => {
937
+ if (request.requestScope?.workspaceId !== workspaceId) d1HostScopeViolation(request);
938
+ } : void 0,
939
+ admitRuntimeOperation: options.admitEffect ? async (workspaceId) => {
940
+ try {
941
+ await options.admitEffect({ workspaceId, requestId: "workspace-bridge-runtime" });
942
+ } catch {
943
+ throw new HttpError({
944
+ status: 500,
945
+ code: ERROR_CODES.D1_ADMISSION_RECORD_FAILED,
946
+ message: ERROR_CODES.D1_ADMISSION_RECORD_FAILED
947
+ });
948
+ }
949
+ } : void 0
927
950
  });
928
951
  app.addHook("preHandler", async (request) => {
929
952
  await coreBridge.rememberSessionOwner(request);
@@ -991,6 +1014,7 @@ async function createCoreWorkspaceAgentServer(options = {}) {
991
1014
  externalPlugins: externalPluginsEnabled,
992
1015
  runtimeModeAdapter: remoteWorkerModeAdapter,
993
1016
  version: options.version,
1017
+ admitEffect: options.admitEffect,
994
1018
  extraTools: [
995
1019
  ...options.extraTools ?? [],
996
1020
  ...pluginCollection.agentOptions.extraTools ?? []
@@ -9,7 +9,7 @@ import {
9
9
  ConfigFetchError,
10
10
  ERROR_CODES,
11
11
  HttpError
12
- } from "./chunk-H7EYII35.js";
12
+ } from "./chunk-VWE46RW4.js";
13
13
 
14
14
  // src/front/AppErrorBoundary.tsx
15
15
  import { Component } from "react";
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  ERROR_CODES,
3
3
  HttpError
4
- } from "./chunk-H7EYII35.js";
4
+ } from "./chunk-VWE46RW4.js";
5
5
  import {
6
6
  __export
7
7
  } from "./chunk-MLKGABMK.js";
@@ -565,6 +565,7 @@ __export(schema_exports, {
565
565
  budgetReservations: () => budgetReservations,
566
566
  creditGrants: () => creditGrants,
567
567
  creditPurchases: () => creditPurchases,
568
+ d1BindingAdmissions: () => d1BindingAdmissions,
568
569
  idempotencyKeys: () => idempotencyKeys,
569
570
  modelBudgetReservations: () => modelBudgetReservations,
570
571
  sessions: () => sessions,
@@ -1061,6 +1062,21 @@ var telemetryEvents = pgTable2(
1061
1062
  index2("telemetry_events_event_name_idx").on(table.eventName)
1062
1063
  ]
1063
1064
  );
1065
+ var d1BindingAdmissions = pgTable2(
1066
+ "d1_binding_admissions",
1067
+ {
1068
+ sequence: bigint("sequence", { mode: "bigint" }).generatedAlwaysAsIdentity(),
1069
+ hostId: text2("host_id").notNull(),
1070
+ bindingId: text2("binding_id").notNull(),
1071
+ activeRevision: text2("active_revision").notNull(),
1072
+ admittedAt: timestamp2("admitted_at", { withTimezone: true }).defaultNow().notNull()
1073
+ },
1074
+ (table) => [
1075
+ primaryKey({ name: "d1_binding_admissions_pk", columns: [table.hostId, table.bindingId] }),
1076
+ uniqueIndex("d1_binding_admissions_sequence_unique").on(table.sequence),
1077
+ check("d1_binding_admissions_revision_check", sql3`${table.activeRevision} ~ '^r[0-9]{10}$'`)
1078
+ ]
1079
+ );
1064
1080
 
1065
1081
  // src/server/db/stores/PostgresWorkspaceStore.ts
1066
1082
  var UI_STATE_KEY_PREFIX = "workspace_ui_state:";
@@ -13,7 +13,7 @@ import {
13
13
  workspaceRuntimes,
14
14
  workspaceSettings,
15
15
  workspaces
16
- } from "./chunk-RVVE5WOB.js";
16
+ } from "./chunk-C4YTZAZC.js";
17
17
  import {
18
18
  noopTelemetry,
19
19
  safeCapture
@@ -25,7 +25,7 @@ import {
25
25
  ConfigValidationError,
26
26
  ERROR_CODES,
27
27
  HttpError
28
- } from "./chunk-H7EYII35.js";
28
+ } from "./chunk-VWE46RW4.js";
29
29
 
30
30
  // src/server/config/schema.ts
31
31
  import { z } from "zod";
@@ -30,6 +30,7 @@ var ERROR_CODES = {
30
30
  DB_UNAVAILABLE: "db_unavailable",
31
31
  INTERNAL_ERROR: "internal_error",
32
32
  D1_HOST_SCOPE_VIOLATION: "D1_HOST_SCOPE_VIOLATION",
33
+ D1_ADMISSION_RECORD_FAILED: "D1_ADMISSION_RECORD_FAILED",
33
34
  D1_MANAGED_WORKSPACE_MUTATION_FORBIDDEN: "D1_MANAGED_WORKSPACE_MUTATION_FORBIDDEN",
34
35
  // Credits + purchases
35
36
  PAYMENT_REQUIRED: "payment_required",
@@ -1,6 +1,6 @@
1
1
  import * as react from 'react';
2
2
  import { Component, ReactNode, ErrorInfo } from 'react';
3
- import { R as RuntimeConfig, a as CapabilitiesResponse, W as WorkspaceMember, U as User, b as Workspace, M as MemberRole, S as SessionState } from '../types-Di-eoc58.js';
3
+ import { R as RuntimeConfig, a as CapabilitiesResponse, W as WorkspaceMember, U as User, b as Workspace, M as MemberRole, S as SessionState } from '../types-DKCtYltp.js';
4
4
  export { b as CompanyAdminLabels, c as CompanyAdminProvider, d as CompanyAdminProviderProps, e as CompanyAdminStatus, f as CoreFront, C as CoreFrontAuthPagesOverride, a as CoreFrontCompanyAdminOptions, g as CoreFrontProps, L as LoadCompanyAdminStatus, R as RenderCompanyAdminContent, u as useCompanyAdminStatus } from '../CoreFront-DB1OfNJU.js';
5
5
  import * as _tanstack_react_query from '@tanstack/react-query';
6
6
  import * as better_auth_react from 'better-auth/react';
@@ -62,13 +62,13 @@ import {
62
62
  useWorkspaceMembers,
63
63
  useWorkspaceRole,
64
64
  useWorkspaceRouteStatus
65
- } from "../chunk-DGBJFPUK.js";
65
+ } from "../chunk-6G6Z52VQ.js";
66
66
  import {
67
67
  TopBarSlotProvider,
68
68
  useTopBarSlot
69
69
  } from "../chunk-HYNKZSTF.js";
70
70
  import "../chunk-I4PGL4ZD.js";
71
- import "../chunk-H7EYII35.js";
71
+ import "../chunk-VWE46RW4.js";
72
72
  import "../chunk-MLKGABMK.js";
73
73
  export {
74
74
  AppErrorBoundary,
@@ -1,7 +1,7 @@
1
1
  import { FastifyPluginAsync } from 'fastify';
2
2
  import { Auth } from 'better-auth';
3
- import { C as CoreConfig, R as RuntimeConfig } from './types-Di-eoc58.js';
4
- import { W as WorkspaceStore, D as Database } from './types-CHdS89JJ.js';
3
+ import { C as CoreConfig, R as RuntimeConfig } from './types-DKCtYltp.js';
4
+ import { W as WorkspaceStore, D as Database } from './types-uK6CFlxr.js';
5
5
  import { T as TelemetrySink } from './telemetry-DR18MeI0.js';
6
6
 
7
7
  declare function validatePasswordStrength(password: string): {
@@ -1,7 +1,7 @@
1
- import { U as UserStore, W as WorkspaceStore } from '../../types-CHdS89JJ.js';
2
- export { D as Database, c as createDatabase } from '../../types-CHdS89JJ.js';
3
- export { B as BudgetReservationAdmission, a as BudgetReservationAdmissionInput, b as BudgetReservationScope, c as BudgetSpendQuery, d as BudgetSpendSnapshot, F as FinishBudgetReservationInput, e as FinishReservationInput, G as GrantOnceInput, I as InsufficientCreditError, M as MeteringBalance, f as ModelBudgetExceededError, P as PostgresBudgetReservationStore, g as PostgresMeteringStore, h as PostgresModelBudgetStore, R as RecordUsageInput, i as RecordUsageResult, j as ReservationFinalStatus, k as ReserveBudgetInput, l as ReserveBudgetResult, m as ReserveInput, n as ReserveResult, o as RunMigrationsOptions, U as UserBudgetExceededError, r as runMigrations } from '../../PostgresModelBudgetStore-Ulw6ijJG.js';
4
- import { U as User, b as Workspace, E as ERROR_CODES, M as MemberRole, W as WorkspaceMember, c as WorkspaceInvite, d as WorkspaceRuntime, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput } from '../../types-Di-eoc58.js';
1
+ import { U as UserStore, W as WorkspaceStore } from '../../types-uK6CFlxr.js';
2
+ export { D as Database, c as createDatabase } from '../../types-uK6CFlxr.js';
3
+ export { B as BudgetReservationAdmission, a as BudgetReservationAdmissionInput, b as BudgetReservationScope, c as BudgetSpendQuery, d as BudgetSpendSnapshot, F as FinishBudgetReservationInput, e as FinishReservationInput, G as GrantOnceInput, I as InsufficientCreditError, M as MeteringBalance, f as ModelBudgetExceededError, P as PostgresBudgetReservationStore, g as PostgresMeteringStore, h as PostgresModelBudgetStore, R as RecordUsageInput, i as RecordUsageResult, j as ReservationFinalStatus, k as ReserveBudgetInput, l as ReserveBudgetResult, m as ReserveInput, n as ReserveResult, o as RunMigrationsOptions, U as UserBudgetExceededError, r as runMigrations } from '../../PostgresModelBudgetStore-CViAvfFy.js';
4
+ import { U as User, b as Workspace, E as ERROR_CODES, M as MemberRole, W as WorkspaceMember, c as WorkspaceInvite, d as WorkspaceRuntime, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput } from '../../types-DKCtYltp.js';
5
5
  import { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
6
6
  import 'postgres';
7
7
  import 'fastify';
@@ -11,8 +11,8 @@ import {
11
11
  UserBudgetExceededError,
12
12
  createDatabase,
13
13
  runMigrations
14
- } from "../../chunk-RVVE5WOB.js";
15
- import "../../chunk-H7EYII35.js";
14
+ } from "../../chunk-C4YTZAZC.js";
15
+ import "../../chunk-VWE46RW4.js";
16
16
  import "../../chunk-MLKGABMK.js";
17
17
  export {
18
18
  InsufficientCreditError,
@@ -1,16 +1,16 @@
1
- import { L as LoadConfigOptions } from '../loadConfig-CuRGCFmt.js';
2
- export { A as AuthHookOptions, B as BetterAuthInstance, C as CreateAuthOptions, a as authHook, b as buildRuntimeConfigPayload, c as createAuth, l as loadConfig, v as validateConfig, d as validatePasswordStrength } from '../loadConfig-CuRGCFmt.js';
1
+ import { L as LoadConfigOptions } from '../loadConfig-DEG0Tu5n.js';
2
+ export { A as AuthHookOptions, B as BetterAuthInstance, C as CreateAuthOptions, a as authHook, b as buildRuntimeConfigPayload, c as createAuth, l as loadConfig, v as validateConfig, d as validatePasswordStrength } from '../loadConfig-DEG0Tu5n.js';
3
3
  import { z } from 'zod';
4
- import { C as CoreConfig, M as MemberRole, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput } from '../types-Di-eoc58.js';
4
+ import { C as CoreConfig, M as MemberRole, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput } from '../types-DKCtYltp.js';
5
5
  import * as fastify from 'fastify';
6
6
  import { preHandlerHookHandler, FastifyInstance, FastifyPluginAsync, FastifyRequest, FastifyReply } from 'fastify';
7
7
  import * as http from 'http';
8
8
  import { IncomingMessage } from 'node:http';
9
- import { W as WorkspaceStore, b as CreateCoreAppOptions, D as Database, U as UserStore, d as WorkspaceProvisioner } from '../types-CHdS89JJ.js';
10
- export { A as AuthProvider, e as CapabilitiesContributor, a as CoreRequestScope, C as CoreRequestScopeResolver, P as ProvisionContext, f as ProvisionResult, c as createDatabase } from '../types-CHdS89JJ.js';
9
+ import { W as WorkspaceStore, b as CreateCoreAppOptions, D as Database, U as UserStore, d as WorkspaceProvisioner } from '../types-uK6CFlxr.js';
10
+ export { A as AuthProvider, e as CapabilitiesContributor, a as CoreRequestScope, C as CoreRequestScopeResolver, P as ProvisionContext, f as ProvisionResult, c as createDatabase } from '../types-uK6CFlxr.js';
11
11
  import postgres from 'postgres';
12
- import { o as RunMigrationsOptions, g as PostgresMeteringStore, C as CreditLedgerEntry } from '../PostgresModelBudgetStore-Ulw6ijJG.js';
13
- export { B as BudgetReservationAdmission, a as BudgetReservationAdmissionInput, b as BudgetReservationScope, c as BudgetSpendQuery, d as BudgetSpendSnapshot, F as FinishBudgetReservationInput, e as FinishReservationInput, G as GrantOnceInput, I as InsufficientCreditError, M as MeteringBalance, f as ModelBudgetExceededError, P as PostgresBudgetReservationStore, h as PostgresModelBudgetStore, R as RecordUsageInput, i as RecordUsageResult, j as ReservationFinalStatus, k as ReserveBudgetInput, l as ReserveBudgetResult, m as ReserveInput, n as ReserveResult, U as UserBudgetExceededError, r as runMigrations } from '../PostgresModelBudgetStore-Ulw6ijJG.js';
12
+ import { o as RunMigrationsOptions, g as PostgresMeteringStore, C as CreditLedgerEntry } from '../PostgresModelBudgetStore-CViAvfFy.js';
13
+ export { B as BudgetReservationAdmission, a as BudgetReservationAdmissionInput, b as BudgetReservationScope, c as BudgetSpendQuery, d as BudgetSpendSnapshot, F as FinishBudgetReservationInput, e as FinishReservationInput, G as GrantOnceInput, I as InsufficientCreditError, M as MeteringBalance, f as ModelBudgetExceededError, P as PostgresBudgetReservationStore, h as PostgresModelBudgetStore, R as RecordUsageInput, i as RecordUsageResult, j as ReservationFinalStatus, k as ReserveBudgetInput, l as ReserveBudgetResult, m as ReserveInput, n as ReserveResult, U as UserBudgetExceededError, r as runMigrations } from '../PostgresModelBudgetStore-CViAvfFy.js';
14
14
  import { T as TelemetrySink } from '../telemetry-DR18MeI0.js';
15
15
  import { AgentMeteringSink } from '@hachej/boring-agent/server';
16
16
  import 'better-auth';
@@ -25,7 +25,7 @@ import {
25
25
  validateConfig,
26
26
  validatePasswordStrength,
27
27
  withUserSettingsWriteLock
28
- } from "../chunk-YFCR6SAS.js";
28
+ } from "../chunk-MWOZRTRG.js";
29
29
  import {
30
30
  InsufficientCreditError,
31
31
  ModelBudgetExceededError,
@@ -35,7 +35,7 @@ import {
35
35
  UserBudgetExceededError,
36
36
  createDatabase,
37
37
  runMigrations
38
- } from "../chunk-RVVE5WOB.js";
38
+ } from "../chunk-C4YTZAZC.js";
39
39
  import {
40
40
  noopTelemetry,
41
41
  safeCapture
@@ -43,7 +43,7 @@ import {
43
43
  import "../chunk-I4PGL4ZD.js";
44
44
  import {
45
45
  ERROR_CODES
46
- } from "../chunk-H7EYII35.js";
46
+ } from "../chunk-VWE46RW4.js";
47
47
  import "../chunk-MLKGABMK.js";
48
48
 
49
49
  // src/server/security/safeRedirect.ts
@@ -1,5 +1,5 @@
1
- import { U as User, C as CoreConfig, R as RuntimeConfig } from '../types-Di-eoc58.js';
2
- export { a as CapabilitiesResponse, h as ConfigFetchError, i as ConfigValidationError, j as CoreCapabilities, E as ERROR_CODES, k as ErrorCode, H as HttpError, J as JsonValue, M as MemberRole, l as RateLimitEndpointOverride, m as SessionPayload, S as SessionState, T as TrustedProxyPolicy, b as Workspace, c as WorkspaceInvite, W as WorkspaceMember, d as WorkspaceRuntime } from '../types-Di-eoc58.js';
1
+ import { U as User, C as CoreConfig, R as RuntimeConfig } from '../types-DKCtYltp.js';
2
+ export { a as CapabilitiesResponse, h as ConfigFetchError, i as ConfigValidationError, j as CoreCapabilities, E as ERROR_CODES, k as ErrorCode, H as HttpError, J as JsonValue, M as MemberRole, l as RateLimitEndpointOverride, m as SessionPayload, S as SessionState, T as TrustedProxyPolicy, b as Workspace, c as WorkspaceInvite, W as WorkspaceMember, d as WorkspaceRuntime } from '../types-DKCtYltp.js';
3
3
  export { a as TelemetryEvent, T as TelemetrySink, n as noopTelemetry, s as safeCapture } from '../telemetry-DR18MeI0.js';
4
4
 
5
5
  declare function isCoreEmailVerificationEnabled(config: Pick<CoreConfig, 'auth'>): boolean;
@@ -12,7 +12,7 @@ import {
12
12
  ConfigValidationError,
13
13
  ERROR_CODES,
14
14
  HttpError
15
- } from "../chunk-H7EYII35.js";
15
+ } from "../chunk-VWE46RW4.js";
16
16
  import "../chunk-MLKGABMK.js";
17
17
  export {
18
18
  ConfigFetchError,
@@ -24,6 +24,7 @@ declare const ERROR_CODES: {
24
24
  readonly DB_UNAVAILABLE: "db_unavailable";
25
25
  readonly INTERNAL_ERROR: "internal_error";
26
26
  readonly D1_HOST_SCOPE_VIOLATION: "D1_HOST_SCOPE_VIOLATION";
27
+ readonly D1_ADMISSION_RECORD_FAILED: "D1_ADMISSION_RECORD_FAILED";
27
28
  readonly D1_MANAGED_WORKSPACE_MUTATION_FORBIDDEN: "D1_MANAGED_WORKSPACE_MUTATION_FORBIDDEN";
28
29
  readonly PAYMENT_REQUIRED: "payment_required";
29
30
  readonly INVALID_PACK: "invalid_pack";
@@ -1,6 +1,6 @@
1
1
  import { drizzle } from 'drizzle-orm/postgres-js';
2
2
  import postgres from 'postgres';
3
- import { C as CoreConfig, b as Workspace, E as ERROR_CODES, M as MemberRole, W as WorkspaceMember, U as User, c as WorkspaceInvite, d as WorkspaceRuntime, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput, a as CapabilitiesResponse } from './types-Di-eoc58.js';
3
+ import { C as CoreConfig, b as Workspace, E as ERROR_CODES, M as MemberRole, W as WorkspaceMember, U as User, c as WorkspaceInvite, d as WorkspaceRuntime, e as WorkspaceRuntimeResourceSelector, f as WorkspaceRuntimeResource, g as WorkspaceRuntimeResourceInput, a as CapabilitiesResponse } from './types-DKCtYltp.js';
4
4
  import { FastifyRequest } from 'fastify';
5
5
 
6
6
  type Database = ReturnType<typeof drizzle>;
@@ -0,0 +1,10 @@
1
+ CREATE TABLE "d1_binding_admissions" (
2
+ "sequence" bigint GENERATED ALWAYS AS IDENTITY NOT NULL,
3
+ "host_id" text NOT NULL,
4
+ "binding_id" text NOT NULL,
5
+ "active_revision" text NOT NULL,
6
+ "admitted_at" timestamp with time zone DEFAULT now() NOT NULL,
7
+ CONSTRAINT "d1_binding_admissions_pk" PRIMARY KEY("host_id","binding_id"),
8
+ CONSTRAINT "d1_binding_admissions_sequence_unique" UNIQUE("sequence"),
9
+ CONSTRAINT "d1_binding_admissions_revision_check" CHECK ("active_revision" ~ '^r[0-9]{10}$')
10
+ );
@@ -127,6 +127,13 @@
127
127
  "when": 1783497600000,
128
128
  "tag": "0017_user_budget_reservations",
129
129
  "breakpoints": true
130
+ },
131
+ {
132
+ "idx": 18,
133
+ "version": "7",
134
+ "when": 1783900800000,
135
+ "tag": "0018_d1_binding_admissions",
136
+ "breakpoints": true
130
137
  }
131
138
  ]
132
139
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hachej/boring-core",
3
- "version": "0.1.82",
3
+ "version": "0.1.84",
4
4
  "type": "module",
5
5
  "license": "MIT",
6
6
  "description": "Foundation package for boring-ui-v2 apps: DB, auth, config, HTTP app factory, and frontend app shell.",
@@ -80,9 +80,9 @@
80
80
  "react-router-dom": "^7.18.0",
81
81
  "smol-toml": "^1.7.0",
82
82
  "zod": "^3.25.76",
83
- "@hachej/boring-agent": "0.1.82",
84
- "@hachej/boring-ui-kit": "0.1.82",
85
- "@hachej/boring-workspace": "0.1.82"
83
+ "@hachej/boring-agent": "0.1.84",
84
+ "@hachej/boring-ui-kit": "0.1.84",
85
+ "@hachej/boring-workspace": "0.1.84"
86
86
  },
87
87
  "devDependencies": {
88
88
  "@testing-library/jest-dom": "^6.9.1",