@mastra/cloudflare-d1 0.1.9 → 0.1.10-alpha.0

package/dist/_tsup-dts-rollup.d.cts

@@ -213,9 +213,30 @@ declare interface D1WorkersConfig {
 export { D1WorkersConfig }
 export { D1WorkersConfig as D1WorkersConfig_alias_1 }
 
+/**
+ * Parses and returns a valid SQL SELECT column identifier.
+ * Allows a single identifier (letters, numbers, underscores), or '*', optionally with 'AS alias'.
+ *
+ * @param column - The column identifier string to parse.
+ * @returns The validated column identifier as a branded type.
+ * @throws {Error} If invalid.
+ *
+ * @example
+ * const col = parseSelectIdentifier('user_id'); // Ok
+ * parseSelectIdentifier('user_id AS uid'); // Ok
+ * parseSelectIdentifier('*'); // Ok
+ * parseSelectIdentifier('user id'); // Throws error
+ */
+export declare function parseSelectIdentifier(column: string): SelectIdentifier;
+
 export declare const retryUntil: <T>(fn: () => Promise<T>, condition: (result: T) => boolean, timeout?: number, // REST API needs longer timeout due to higher latency
 interval?: number) => Promise<T>;
 
+/** Represents a validated SQL SELECT column identifier (or '*', optionally with 'AS alias'). */
+declare type SelectIdentifier = string & {
+    __brand: 'SelectIdentifier';
+};
+
 /**
  * SQL Builder class for constructing type-safe SQL queries
  * This helps create maintainable and secure SQL queries with proper parameter handling
@@ -279,7 +300,6 @@ export declare class SqlBuilder {
      * @returns The builder instance
      */
     createIndex(indexName: string, tableName: string, columnName: string, indexType?: string): SqlBuilder;
-    raw(sql: string, ...params: SqlParam[]): SqlBuilder;
     /**
      * Add a LIKE condition to the query
      * @param column The column to check
@@ -317,7 +337,7 @@ export declare type SqlParam = string | number | boolean | null | undefined;
 /**
  * Interface for SQL query options with generic type support
  */
-declare interface SqlQueryOptions {
+export declare interface SqlQueryOptions {
     /** SQL query to execute */
     sql: string;
     /** Parameters to bind to the query */
@@ -325,7 +345,5 @@ declare interface SqlQueryOptions {
     /** Whether to return only the first result */
     first?: boolean;
 }
-export { SqlQueryOptions }
-export { SqlQueryOptions as SqlQueryOptions_alias_1 }
 
 export { }

package/dist/_tsup-dts-rollup.d.ts

@@ -213,9 +213,30 @@ declare interface D1WorkersConfig {
 export { D1WorkersConfig }
 export { D1WorkersConfig as D1WorkersConfig_alias_1 }
 
+/**
+ * Parses and returns a valid SQL SELECT column identifier.
+ * Allows a single identifier (letters, numbers, underscores), or '*', optionally with 'AS alias'.
+ *
+ * @param column - The column identifier string to parse.
+ * @returns The validated column identifier as a branded type.
+ * @throws {Error} If invalid.
+ *
+ * @example
+ * const col = parseSelectIdentifier('user_id'); // Ok
+ * parseSelectIdentifier('user_id AS uid'); // Ok
+ * parseSelectIdentifier('*'); // Ok
+ * parseSelectIdentifier('user id'); // Throws error
+ */
+export declare function parseSelectIdentifier(column: string): SelectIdentifier;
+
 export declare const retryUntil: <T>(fn: () => Promise<T>, condition: (result: T) => boolean, timeout?: number, // REST API needs longer timeout due to higher latency
 interval?: number) => Promise<T>;
 
+/** Represents a validated SQL SELECT column identifier (or '*', optionally with 'AS alias'). */
+declare type SelectIdentifier = string & {
+    __brand: 'SelectIdentifier';
+};
+
 /**
  * SQL Builder class for constructing type-safe SQL queries
  * This helps create maintainable and secure SQL queries with proper parameter handling
@@ -279,7 +300,6 @@ export declare class SqlBuilder {
      * @returns The builder instance
      */
     createIndex(indexName: string, tableName: string, columnName: string, indexType?: string): SqlBuilder;
-    raw(sql: string, ...params: SqlParam[]): SqlBuilder;
     /**
      * Add a LIKE condition to the query
      * @param column The column to check
@@ -317,7 +337,7 @@ export declare type SqlParam = string | number | boolean | null | undefined;
 /**
  * Interface for SQL query options with generic type support
  */
-declare interface SqlQueryOptions {
+export declare interface SqlQueryOptions {
     /** SQL query to execute */
     sql: string;
     /** Parameters to bind to the query */
@@ -325,7 +345,5 @@ declare interface SqlQueryOptions {
     /** Whether to return only the first result */
     first?: boolean;
 }
-export { SqlQueryOptions }
-export { SqlQueryOptions as SqlQueryOptions_alias_1 }
 
 export { }

package/dist/index.cjs

@@ -2,14 +2,13 @@
 
 var storage = require('@mastra/core/storage');
 var Cloudflare = require('cloudflare');
+var utils = require('@mastra/core/utils');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 
 var Cloudflare__default = /*#__PURE__*/_interopDefault(Cloudflare);
 
 // src/storage/index.ts
-
-// src/storage/sql-builder.ts
 var SqlBuilder = class {
   sql = "";
   params = [];
@@ -19,12 +18,15 @@ var SqlBuilder = class {
     if (!columns || Array.isArray(columns) && columns.length === 0) {
       this.sql = "SELECT *";
     } else {
-      this.sql = `SELECT ${Array.isArray(columns) ? columns.join(", ") : columns}`;
+      const cols = Array.isArray(columns) ? columns : [columns];
+      const parsedCols = cols.map((col) => parseSelectIdentifier(col));
+      this.sql = `SELECT ${parsedCols.join(", ")}`;
     }
     return this;
   }
   from(table) {
-    this.sql += ` FROM ${table}`;
+    const parsedTableName = utils.parseSqlIdentifier(table, "table name");
+    this.sql += ` FROM ${parsedTableName}`;
     return this;
   }
   /**
@@ -61,7 +63,11 @@ var SqlBuilder = class {
     return this;
   }
   orderBy(column, direction = "ASC") {
-    this.sql += ` ORDER BY ${column} ${direction}`;
+    const parsedColumn = utils.parseSqlIdentifier(column, "column name");
+    if (!["ASC", "DESC"].includes(direction)) {
+      throw new Error(`Invalid sort direction: ${direction}`);
+    }
+    this.sql += ` ORDER BY ${parsedColumn} ${direction}`;
     return this;
   }
   limit(count) {
@@ -87,27 +93,33 @@ var SqlBuilder = class {
    * @param updateMap Object mapping columns to update to their new value (e.g. { name: 'excluded.name' })
    */
   insert(table, columns, values, conflictColumns, updateMap) {
-    const placeholders = columns.map(() => "?").join(", ");
+    const parsedTableName = utils.parseSqlIdentifier(table, "table name");
+    const parsedColumns = columns.map((col) => utils.parseSqlIdentifier(col, "column name"));
+    const placeholders = parsedColumns.map(() => "?").join(", ");
     if (conflictColumns && updateMap) {
+      const parsedConflictColumns = conflictColumns.map((col) => utils.parseSqlIdentifier(col, "column name"));
       const updateClause = Object.entries(updateMap).map(([col, expr]) => `${col} = ${expr}`).join(", ");
-      this.sql = `INSERT INTO ${table} (${columns.join(", ")}) VALUES (${placeholders}) ON CONFLICT(${conflictColumns.join(", ")}) DO UPDATE SET ${updateClause}`;
+      this.sql = `INSERT INTO ${parsedTableName} (${parsedColumns.join(", ")}) VALUES (${placeholders}) ON CONFLICT(${parsedConflictColumns.join(", ")}) DO UPDATE SET ${updateClause}`;
       this.params.push(...values);
       return this;
     }
-    this.sql = `INSERT INTO ${table} (${columns.join(", ")}) VALUES (${placeholders})`;
+    this.sql = `INSERT INTO ${parsedTableName} (${parsedColumns.join(", ")}) VALUES (${placeholders})`;
     this.params.push(...values);
     return this;
   }
   // Update operations
   update(table, columns, values) {
-    const setClause = columns.map((col) => `${col} = ?`).join(", ");
-    this.sql = `UPDATE ${table} SET ${setClause}`;
+    const parsedTableName = utils.parseSqlIdentifier(table, "table name");
+    const parsedColumns = columns.map((col) => utils.parseSqlIdentifier(col, "column name"));
+    const setClause = parsedColumns.map((col) => `${col} = ?`).join(", ");
+    this.sql = `UPDATE ${parsedTableName} SET ${setClause}`;
     this.params.push(...values);
     return this;
   }
   // Delete operations
   delete(table) {
-    this.sql = `DELETE FROM ${table}`;
+    const parsedTableName = utils.parseSqlIdentifier(table, "table name");
+    this.sql = `DELETE FROM ${parsedTableName}`;
     return this;
   }
   /**
@@ -118,9 +130,16 @@ var SqlBuilder = class {
    * @returns The builder instance
    */
   createTable(table, columnDefinitions, tableConstraints) {
-    const columns = columnDefinitions.join(", ");
+    const parsedTableName = utils.parseSqlIdentifier(table, "table name");
+    const parsedColumnDefinitions = columnDefinitions.map((def) => {
+      const colName = def.split(/\s+/)[0];
+      if (!colName) throw new Error("Empty column name in definition");
+      utils.parseSqlIdentifier(colName, "column name");
+      return def;
+    });
+    const columns = parsedColumnDefinitions.join(", ");
     const constraints = tableConstraints && tableConstraints.length > 0 ? ", " + tableConstraints.join(", ") : "";
-    this.sql = `CREATE TABLE IF NOT EXISTS ${table} (${columns}${constraints})`;
+    this.sql = `CREATE TABLE IF NOT EXISTS ${parsedTableName} (${columns}${constraints})`;
     return this;
   }
   /**
@@ -143,13 +162,10 @@ var SqlBuilder = class {
    * @returns The builder instance
    */
   createIndex(indexName, tableName, columnName, indexType = "") {
-    this.sql = `CREATE ${indexType ? indexType + " " : ""}INDEX IF NOT EXISTS ${indexName} ON ${tableName}(${columnName})`;
-    return this;
-  }
-  // Raw SQL with params
-  raw(sql, ...params) {
-    this.sql = sql;
-    this.params.push(...params);
+    const parsedIndexName = utils.parseSqlIdentifier(indexName, "index name");
+    const parsedTableName = utils.parseSqlIdentifier(tableName, "table name");
+    const parsedColumnName = utils.parseSqlIdentifier(columnName, "column name");
+    this.sql = `CREATE ${indexType ? indexType + " " : ""}INDEX IF NOT EXISTS ${parsedIndexName} ON ${parsedTableName}(${parsedColumnName})`;
     return this;
   }
   /**
@@ -159,11 +175,12 @@ var SqlBuilder = class {
    * @param exact If true, will not add % wildcards
    */
   like(column, value, exact = false) {
+    const parsedColumnName = utils.parseSqlIdentifier(column, "column name");
     const likeValue = exact ? value : `%${value}%`;
     if (this.whereAdded) {
-      this.sql += ` AND ${column} LIKE ?`;
+      this.sql += ` AND ${parsedColumnName} LIKE ?`;
     } else {
-      this.sql += ` WHERE ${column} LIKE ?`;
+      this.sql += ` WHERE ${parsedColumnName} LIKE ?`;
       this.whereAdded = true;
     }
     this.params.push(likeValue);
@@ -176,11 +193,13 @@ var SqlBuilder = class {
    * @param value The value to match
    */
   jsonLike(column, key, value) {
-    const jsonPattern = `%"${key}":"${value}"%`;
+    const parsedColumnName = utils.parseSqlIdentifier(column, "column name");
+    const parsedKey = utils.parseSqlIdentifier(key, "key name");
+    const jsonPattern = `%"${parsedKey}":"${value}"%`;
     if (this.whereAdded) {
-      this.sql += ` AND ${column} LIKE ?`;
+      this.sql += ` AND ${parsedColumnName} LIKE ?`;
     } else {
-      this.sql += ` WHERE ${column} LIKE ?`;
+      this.sql += ` WHERE ${parsedColumnName} LIKE ?`;
       this.whereAdded = true;
     }
     this.params.push(jsonPattern);
@@ -210,6 +229,15 @@ var SqlBuilder = class {
 function createSqlBuilder() {
   return new SqlBuilder();
 }
+var SQL_IDENTIFIER_PATTERN = /^[a-zA-Z0-9_]+(\s+AS\s+[a-zA-Z0-9_]+)?$/;
+function parseSelectIdentifier(column) {
+  if (column !== "*" && !SQL_IDENTIFIER_PATTERN.test(column)) {
+    throw new Error(
+      `Invalid column name: "${column}". Must be "*" or a valid identifier (letters, numbers, underscores), optionally with "AS alias".`
+    );
+  }
+  return column;
+}
 
 // src/storage/index.ts
 function isArrayOfRecords(value) {
@@ -228,6 +256,9 @@ var D1Store = class extends storage.MastraStorage {
    */
   constructor(config) {
     super({ name: "D1" });
+    if (config.tablePrefix && !/^[a-zA-Z0-9_]*$/.test(config.tablePrefix)) {
+      throw new Error("Invalid tablePrefix: only letters, numbers, and underscores are allowed.");
+    }
     this.tablePrefix = config.tablePrefix || "";
     if ("binding" in config) {
       if (!config.binding) {
@@ -717,7 +748,7 @@ var D1Store = class extends storage.MastraStorage {
           m.role,
           m.type,
           m.createdAt,
-          m.thread_id AS "threadId"
+          m.thread_id AS threadId
         FROM ordered_messages m
         WHERE m.id IN (${includeIds.map(() => "?").join(",")})
         OR EXISTS (
@@ -744,7 +775,7 @@ var D1Store = class extends storage.MastraStorage {
         if (Array.isArray(includeResult)) messages.push(...includeResult);
       }
       const excludeIds = messages.map((m) => m.id);
-      let query = createSqlBuilder().select(["id", "content", "role", "type", '"createdAt"', 'thread_id AS "threadId"']).from(fullTableName).where("thread_id = ?", threadId).andWhere(`id NOT IN (${excludeIds.map(() => "?").join(",")})`, ...excludeIds).orderBy("createdAt", "DESC").limit(limit);
+      let query = createSqlBuilder().select(["id", "content", "role", "type", "createdAt", "thread_id AS threadId"]).from(fullTableName).where("thread_id = ?", threadId).andWhere(`id NOT IN (${excludeIds.map(() => "?").join(",")})`, ...excludeIds).orderBy("createdAt", "DESC").limit(limit);
       const { sql, params } = query.build();
       const result = await this.executeQuery({ sql, params });
       if (Array.isArray(result)) messages.push(...result);

package/dist/index.d.cts

@@ -1,4 +1,3 @@
-export { SqlQueryOptions } from './_tsup-dts-rollup.cjs';
 export { D1Config } from './_tsup-dts-rollup.cjs';
 export { D1WorkersConfig } from './_tsup-dts-rollup.cjs';
 export { D1StoreConfig } from './_tsup-dts-rollup.cjs';

package/dist/index.d.ts

@@ -1,4 +1,3 @@
-export { SqlQueryOptions } from './_tsup-dts-rollup.js';
 export { D1Config } from './_tsup-dts-rollup.js';
 export { D1WorkersConfig } from './_tsup-dts-rollup.js';
 export { D1StoreConfig } from './_tsup-dts-rollup.js';

package/dist/index.js

@@ -1,9 +1,8 @@
 import { MastraStorage, TABLE_THREADS, TABLE_MESSAGES, TABLE_WORKFLOW_SNAPSHOT, TABLE_TRACES, TABLE_EVALS } from '@mastra/core/storage';
 import Cloudflare from 'cloudflare';
+import { parseSqlIdentifier } from '@mastra/core/utils';
 
 // src/storage/index.ts
-
-// src/storage/sql-builder.ts
 var SqlBuilder = class {
   sql = "";
   params = [];
@@ -13,12 +12,15 @@ var SqlBuilder = class {
     if (!columns || Array.isArray(columns) && columns.length === 0) {
       this.sql = "SELECT *";
     } else {
-      this.sql = `SELECT ${Array.isArray(columns) ? columns.join(", ") : columns}`;
+      const cols = Array.isArray(columns) ? columns : [columns];
+      const parsedCols = cols.map((col) => parseSelectIdentifier(col));
+      this.sql = `SELECT ${parsedCols.join(", ")}`;
     }
     return this;
   }
   from(table) {
-    this.sql += ` FROM ${table}`;
+    const parsedTableName = parseSqlIdentifier(table, "table name");
+    this.sql += ` FROM ${parsedTableName}`;
     return this;
   }
   /**
@@ -55,7 +57,11 @@ var SqlBuilder = class {
     return this;
   }
   orderBy(column, direction = "ASC") {
-    this.sql += ` ORDER BY ${column} ${direction}`;
+    const parsedColumn = parseSqlIdentifier(column, "column name");
+    if (!["ASC", "DESC"].includes(direction)) {
+      throw new Error(`Invalid sort direction: ${direction}`);
+    }
+    this.sql += ` ORDER BY ${parsedColumn} ${direction}`;
     return this;
   }
   limit(count) {
@@ -81,27 +87,33 @@ var SqlBuilder = class {
    * @param updateMap Object mapping columns to update to their new value (e.g. { name: 'excluded.name' })
    */
   insert(table, columns, values, conflictColumns, updateMap) {
-    const placeholders = columns.map(() => "?").join(", ");
+    const parsedTableName = parseSqlIdentifier(table, "table name");
+    const parsedColumns = columns.map((col) => parseSqlIdentifier(col, "column name"));
+    const placeholders = parsedColumns.map(() => "?").join(", ");
     if (conflictColumns && updateMap) {
+      const parsedConflictColumns = conflictColumns.map((col) => parseSqlIdentifier(col, "column name"));
       const updateClause = Object.entries(updateMap).map(([col, expr]) => `${col} = ${expr}`).join(", ");
-      this.sql = `INSERT INTO ${table} (${columns.join(", ")}) VALUES (${placeholders}) ON CONFLICT(${conflictColumns.join(", ")}) DO UPDATE SET ${updateClause}`;
+      this.sql = `INSERT INTO ${parsedTableName} (${parsedColumns.join(", ")}) VALUES (${placeholders}) ON CONFLICT(${parsedConflictColumns.join(", ")}) DO UPDATE SET ${updateClause}`;
       this.params.push(...values);
       return this;
     }
-    this.sql = `INSERT INTO ${table} (${columns.join(", ")}) VALUES (${placeholders})`;
+    this.sql = `INSERT INTO ${parsedTableName} (${parsedColumns.join(", ")}) VALUES (${placeholders})`;
     this.params.push(...values);
     return this;
   }
   // Update operations
   update(table, columns, values) {
-    const setClause = columns.map((col) => `${col} = ?`).join(", ");
-    this.sql = `UPDATE ${table} SET ${setClause}`;
+    const parsedTableName = parseSqlIdentifier(table, "table name");
+    const parsedColumns = columns.map((col) => parseSqlIdentifier(col, "column name"));
+    const setClause = parsedColumns.map((col) => `${col} = ?`).join(", ");
+    this.sql = `UPDATE ${parsedTableName} SET ${setClause}`;
     this.params.push(...values);
     return this;
   }
   // Delete operations
   delete(table) {
-    this.sql = `DELETE FROM ${table}`;
+    const parsedTableName = parseSqlIdentifier(table, "table name");
+    this.sql = `DELETE FROM ${parsedTableName}`;
     return this;
   }
   /**
@@ -112,9 +124,16 @@ var SqlBuilder = class {
    * @returns The builder instance
    */
   createTable(table, columnDefinitions, tableConstraints) {
-    const columns = columnDefinitions.join(", ");
+    const parsedTableName = parseSqlIdentifier(table, "table name");
+    const parsedColumnDefinitions = columnDefinitions.map((def) => {
+      const colName = def.split(/\s+/)[0];
+      if (!colName) throw new Error("Empty column name in definition");
+      parseSqlIdentifier(colName, "column name");
+      return def;
+    });
+    const columns = parsedColumnDefinitions.join(", ");
     const constraints = tableConstraints && tableConstraints.length > 0 ? ", " + tableConstraints.join(", ") : "";
-    this.sql = `CREATE TABLE IF NOT EXISTS ${table} (${columns}${constraints})`;
+    this.sql = `CREATE TABLE IF NOT EXISTS ${parsedTableName} (${columns}${constraints})`;
     return this;
   }
   /**
@@ -137,13 +156,10 @@ var SqlBuilder = class {
    * @returns The builder instance
    */
   createIndex(indexName, tableName, columnName, indexType = "") {
-    this.sql = `CREATE ${indexType ? indexType + " " : ""}INDEX IF NOT EXISTS ${indexName} ON ${tableName}(${columnName})`;
-    return this;
-  }
-  // Raw SQL with params
-  raw(sql, ...params) {
-    this.sql = sql;
-    this.params.push(...params);
+    const parsedIndexName = parseSqlIdentifier(indexName, "index name");
+    const parsedTableName = parseSqlIdentifier(tableName, "table name");
+    const parsedColumnName = parseSqlIdentifier(columnName, "column name");
+    this.sql = `CREATE ${indexType ? indexType + " " : ""}INDEX IF NOT EXISTS ${parsedIndexName} ON ${parsedTableName}(${parsedColumnName})`;
     return this;
   }
   /**
@@ -153,11 +169,12 @@ var SqlBuilder = class {
    * @param exact If true, will not add % wildcards
    */
   like(column, value, exact = false) {
+    const parsedColumnName = parseSqlIdentifier(column, "column name");
     const likeValue = exact ? value : `%${value}%`;
     if (this.whereAdded) {
-      this.sql += ` AND ${column} LIKE ?`;
+      this.sql += ` AND ${parsedColumnName} LIKE ?`;
     } else {
-      this.sql += ` WHERE ${column} LIKE ?`;
+      this.sql += ` WHERE ${parsedColumnName} LIKE ?`;
       this.whereAdded = true;
     }
     this.params.push(likeValue);
@@ -170,11 +187,13 @@ var SqlBuilder = class {
    * @param value The value to match
    */
   jsonLike(column, key, value) {
-    const jsonPattern = `%"${key}":"${value}"%`;
+    const parsedColumnName = parseSqlIdentifier(column, "column name");
+    const parsedKey = parseSqlIdentifier(key, "key name");
+    const jsonPattern = `%"${parsedKey}":"${value}"%`;
     if (this.whereAdded) {
-      this.sql += ` AND ${column} LIKE ?`;
+      this.sql += ` AND ${parsedColumnName} LIKE ?`;
     } else {
-      this.sql += ` WHERE ${column} LIKE ?`;
+      this.sql += ` WHERE ${parsedColumnName} LIKE ?`;
       this.whereAdded = true;
     }
     this.params.push(jsonPattern);
@@ -204,6 +223,15 @@ var SqlBuilder = class {
 function createSqlBuilder() {
   return new SqlBuilder();
 }
+var SQL_IDENTIFIER_PATTERN = /^[a-zA-Z0-9_]+(\s+AS\s+[a-zA-Z0-9_]+)?$/;
+function parseSelectIdentifier(column) {
+  if (column !== "*" && !SQL_IDENTIFIER_PATTERN.test(column)) {
+    throw new Error(
+      `Invalid column name: "${column}". Must be "*" or a valid identifier (letters, numbers, underscores), optionally with "AS alias".`
+    );
+  }
+  return column;
+}
 
 // src/storage/index.ts
 function isArrayOfRecords(value) {
@@ -222,6 +250,9 @@ var D1Store = class extends MastraStorage {
    */
   constructor(config) {
     super({ name: "D1" });
+    if (config.tablePrefix && !/^[a-zA-Z0-9_]*$/.test(config.tablePrefix)) {
+      throw new Error("Invalid tablePrefix: only letters, numbers, and underscores are allowed.");
+    }
     this.tablePrefix = config.tablePrefix || "";
     if ("binding" in config) {
       if (!config.binding) {
@@ -711,7 +742,7 @@ var D1Store = class extends MastraStorage {
           m.role,
           m.type,
           m.createdAt,
-          m.thread_id AS "threadId"
+          m.thread_id AS threadId
         FROM ordered_messages m
         WHERE m.id IN (${includeIds.map(() => "?").join(",")})
         OR EXISTS (
@@ -738,7 +769,7 @@ var D1Store = class extends MastraStorage {
         if (Array.isArray(includeResult)) messages.push(...includeResult);
       }
       const excludeIds = messages.map((m) => m.id);
-      let query = createSqlBuilder().select(["id", "content", "role", "type", '"createdAt"', 'thread_id AS "threadId"']).from(fullTableName).where("thread_id = ?", threadId).andWhere(`id NOT IN (${excludeIds.map(() => "?").join(",")})`, ...excludeIds).orderBy("createdAt", "DESC").limit(limit);
+      let query = createSqlBuilder().select(["id", "content", "role", "type", "createdAt", "thread_id AS threadId"]).from(fullTableName).where("thread_id = ?", threadId).andWhere(`id NOT IN (${excludeIds.map(() => "?").join(",")})`, ...excludeIds).orderBy("createdAt", "DESC").limit(limit);
       const { sql, params } = query.build();
       const result = await this.executeQuery({ sql, params });
       if (Array.isArray(result)) messages.push(...result);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mastra/cloudflare-d1",
-  "version": "0.1.9",
+  "version": "0.1.10-alpha.0",
   "description": "D1 provider for Mastra - includes db storage capabilities",
   "type": "module",
   "files": [
@@ -23,7 +23,7 @@
   },
   "dependencies": {
     "cloudflare": "^4.1.0",
-    "@mastra/core": "^0.9.4"
+    "@mastra/core": "^0.9.5-alpha.0"
   },
   "devDependencies": {
     "@cloudflare/workers-types": "^4.20250417.0",