@neon/env 0.0.0 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,445 @@
1
+ //#region ../config/dist/lib/types.d.ts
2
+ //#region src/lib/types.d.ts
3
+ /**
4
+ * Valid Neon Compute Unit values.
5
+ * Most plans support 0.25, 0.5, 1, 2, 4, 8. Higher values may be available on Business plans.
6
+ */
7
+ type ComputeUnit = 0.25 | 0.5 | 1 | 2 | 4 | 8;
8
+ /** Time units accepted in a {@link DurationString}: seconds, minutes, hours, days, weeks. */
9
+ type DurationUnit = "s" | "m" | "h" | "d" | "w";
10
+ /**
11
+ * A Neon duration string: a positive integer **followed by a unit** — `s` (seconds),
12
+ * `m` (minutes), `h` (hours), `d` (days), or `w` (weeks). Used by
13
+ * {@link ComputeSettings.suspendTimeout} and {@link BranchTuning.ttl}.
14
+ *
15
+ * A **unit is required**: a bare numeric string like `"7"` is rejected at the type level. To
16
+ * express a raw number of seconds, pass a `number` (`300`) — not a string (`"300"`). This
17
+ * removes the old ambiguity where `"7"` silently meant 7 *seconds* instead of, say, `"7d"`.
18
+ *
19
+ * @example "5m" // 5 minutes
20
+ * @example "1h" // 1 hour
21
+ * @example "7d" // 7 days
22
+ */
23
+ type DurationString = `${number}${DurationUnit}`;
24
+ /**
25
+ * Autocomplete suggestions for {@link ComputeSettings.suspendTimeout}. Every value sits inside
26
+ * the Neon API's allowed scale-to-zero band: **60s–604800s** (1 minute – 1 week). This is *not*
27
+ * a closed set — the field also accepts any other {@link DurationString} or a `number` of
28
+ * seconds; out-of-range values type-check but are rejected at apply time.
29
+ */
30
+ type SuspendTimeoutSuggestion = "1m" | "5m" | "15m" | "30m" | "1h" | "6h" | "12h" | "1d" | "7d";
31
+ /**
32
+ * Autocomplete suggestions for {@link BranchTuning.ttl}. Every value sits within the Neon API's
33
+ * branch-expiration limit (**max 30 days** from creation; the Console's own presets are 1h / 1d
34
+ * / 7d). This is *not* a closed set — the field also accepts any other {@link DurationString} or
35
+ * a `number` of seconds; values over 30 days are rejected at apply time.
36
+ */
37
+ type TtlSuggestion = "1h" | "6h" | "12h" | "1d" | "3d" | "7d" | "14d" | "30d";
38
+ /**
39
+ * Compose a field's duration type: its curated autocomplete `Suggestions` plus the open
40
+ * `DurationString` template (so any `<integer><unit>` string still type-checks) and a `number`
41
+ * of seconds. Intersecting the template arm with `NonNullable<unknown>` stops TypeScript from
42
+ * collapsing the literal suggestions into the template, which is what preserves the autocomplete.
43
+ */
44
+ type DurationField<Suggestions extends DurationString> = Suggestions | (DurationString & NonNullable<unknown>) | number;
45
+ /**
46
+ * Compute settings applied to the read/write endpoint of a branch.
47
+ *
48
+ * Mirrors the subset of {@link https://api-docs.neon.tech/reference/getting-started-with-neon-api Neon endpoint}
49
+ * fields that we expose as IaC primitives. Anything left undefined falls back to the project's
50
+ * `default_endpoint_settings` (which themselves fall back to Neon platform defaults).
51
+ */
52
+ interface ComputeSettings {
53
+ /**
54
+ * Minimum number of Compute Units. Set to 0.25 for true scale-to-zero.
55
+ * @example 0.25 // scale-to-zero
56
+ * @example 1 // always-on with 1 CU minimum
57
+ */
58
+ autoscalingLimitMinCu?: ComputeUnit;
59
+ /**
60
+ * Maximum number of Compute Units for autoscaling.
61
+ * @example 2
62
+ * @example 8
63
+ */
64
+ autoscalingLimitMaxCu?: ComputeUnit;
65
+ /**
66
+ * How long an idle compute waits before suspending (Neon's scale-to-zero). Accepts a
67
+ * {@link DurationString} (autocompletes common values), a number of seconds, or `false`.
68
+ *
69
+ * - `false` — never suspend (always-on compute)
70
+ * - {@link DurationString} — e.g. `"5m"`; autocompletes the in-range values `"1m"`, `"5m"`,
71
+ * `"15m"`, `"30m"`, `"1h"`, `"6h"`, `"12h"`, `"1d"`, `"7d"`, and accepts any other
72
+ * `<integer><unit>` (units: `s`, `m`, `h`, `d`, `w`). A **unit is required** — for raw
73
+ * seconds pass a `number`, not a string.
74
+ * - `number` — custom timeout in **seconds**, must be in `60`–`604800` (1 minute to 1 week)
75
+ * - `undefined` — use the Neon platform default (currently 300s / 5 minutes)
76
+ *
77
+ * Whichever form you use, the resolved timeout must fall in `60`–`604800` seconds (the Neon
78
+ * API limit); the suggestions are all within that band, anything else is checked at apply.
79
+ *
80
+ * @example false // never suspend (always-on)
81
+ * @example "5m" // suspend after 5 minutes idle
82
+ * @example "1h" // suspend after 1 hour idle
83
+ * @example 300 // 5 minutes, expressed in seconds
84
+ */
85
+ suspendTimeout?: false | DurationField<SuspendTimeoutSuggestion>;
86
+ }
87
+ /**
88
+ * Read-only descriptor of the branch a {@link Config} policy is being evaluated for — the
89
+ * `branch` argument passed to your `defineConfig({ branch: (branch) => … })` closure. It describes
90
+ * **which** branch this invocation decides for; it is not a live branch handle and must not
91
+ * be mutated. Switch on its fields and return the desired {@link BranchConfig}.
92
+ */
93
+ interface BranchTarget {
94
+ /** Branch name being evaluated. For `branch dev`, this is the generated branch name. */
95
+ name: string;
96
+ /** Neon branch id when the branch already exists. Undefined during pre-create eval. */
97
+ id?: string;
98
+ /** Whether this branch already exists on Neon. */
99
+ exists: boolean;
100
+ /** Parent branch id from Neon when known. */
101
+ parentId?: string;
102
+ /** Whether Neon marks this branch as the project default. */
103
+ isDefault?: boolean;
104
+ /** Whether Neon currently marks this branch protected. */
105
+ isProtected?: boolean;
106
+ /** Current expiration timestamp from Neon, when set. */
107
+ expiresAt?: string;
108
+ }
109
+ /**
110
+ * Object form of a branch-scoped service toggle. `{}` or `{ enabled: true }` enables it;
111
+ * `{ enabled: false }` opts out. Used as the object half of {@link ServiceToggleInput}.
112
+ */
113
+ interface ServiceToggle {
114
+ /** Defaults to `true` when the service namespace is present. Set `false` to opt out. */
115
+ enabled?: boolean;
116
+ }
117
+ /**
118
+ * How a branch-scoped service (Neon Auth, Data API, AI Gateway) is toggled in a policy.
119
+ *
120
+ * - `true` / `{}` / `{ enabled: true }` — enabled.
121
+ * - `false` / `{ enabled: false }` — disabled.
122
+ * - omitted (`undefined`) — not part of the policy at all.
123
+ *
124
+ * These toggles are **static** (they live in the top-level `defineConfig({ … })` object,
125
+ * not in the per-branch `branch` closure) so the secret set they imply can be derived at
126
+ * the type level — that's what makes `NeonEnv<typeof config>` exact.
127
+ */
128
+ type ServiceToggleInput = boolean | ServiceToggle;
129
+ /**
130
+ * Resolve a **static** service toggle (`true` / `false` / `{ enabled?: boolean }` / object /
131
+ * `undefined`) to a type-level boolean. The tuple wrapping (`[T] extends […]`) disables
132
+ * distribution so a union/`undefined` is judged as a single unit:
133
+ *
134
+ * - `false` / `{ enabled: false }` / `undefined` → `false`
135
+ * - `true` / `{ enabled: true }` / any other object (`{}`, `{ enabled?: boolean }`) → `true`
136
+ * (a present toggle defaults to enabled)
137
+ * - the bare `boolean | … | undefined` (no literal info) → `false`
138
+ *
139
+ * Shared by the {@link Config} static cross-field checks and the `@neon/env`
140
+ * `NeonEnv` namespace derivation, so both read "is this service on?" identically.
141
+ */
142
+
143
+ interface PostgresConfig {
144
+ computeSettings?: ComputeSettings;
145
+ }
146
+ /**
147
+ * Authentication providers a Data API integration can verify JWTs against, as written in
148
+ * `neon.ts`. Friendly authoring values (mapped to the Neon API's `neon_auth` / `external`
149
+ * at the API boundary):
150
+ *
151
+ * - `"neon"` — verify tokens minted by **Neon Auth** on the same branch. Neon supplies the
152
+ * JWKS URL / provider wiring for you, so the `jwksUrl` / `providerName` / `jwtAudience`
153
+ * fields are forbidden (a type error) on this variant — and the policy must also enable
154
+ * top-level `auth` (Neon Auth) so the tokens exist.
155
+ * - `"external"` — verify tokens from a third-party IdP (Clerk, Stytch, Auth0, …). You
156
+ * provide `jwksUrl` (and optionally `providerName` / `jwtAudience`).
157
+ */
158
+ declare const DATA_API_AUTH_PROVIDERS: readonly ["neon", "external"];
159
+ type DataApiAuthProvider = (typeof DATA_API_AUTH_PROVIDERS)[number];
160
+ /**
161
+ * Reusable runtime settings for a Data API integration (the Neon API `DataAPISettings`,
162
+ * camelCased to match the rest of `neon.ts`). Every field is optional; omitted fields keep
163
+ * the Neon defaults shown below. These are the **only** Data API fields that can change on
164
+ * an already-enabled integration — drift here is reconciled as an *update* (requires
165
+ * `updateExisting` / `--update-existing`); the create-only auth wiring above cannot.
166
+ */
167
+ interface DataApiSettings {
168
+ /** Enable the aggregates feature (`db_aggregates_enabled`). Default `true`. */
169
+ dbAggregatesEnabled?: boolean;
170
+ /** Database role used for anonymous requests (`db_anon_role`). Default `"anonymous"`. */
171
+ dbAnonRole?: string;
172
+ /** Extra schemas appended to the search path (`db_extra_search_path`). */
173
+ dbExtraSearchPath?: string;
174
+ /** Maximum rows returned in a single request (`db_max_rows`). */
175
+ dbMaxRows?: number;
176
+ /** Schemas exposed via the API (`db_schemas`). Default `["public"]`. */
177
+ dbSchemas?: string[];
178
+ /** JWT claim key used for role extraction (`jwt_role_claim_key`). Default `".role"`. */
179
+ jwtRoleClaimKey?: string;
180
+ /** Maximum lifetime of the JWT cache, in seconds (`jwt_cache_max_lifetime`). */
181
+ jwtCacheMaxLifetime?: number;
182
+ /** OpenAPI spec mode (`openapi_mode`). Default `"disabled"`. */
183
+ openapiMode?: "ignore-privileges" | "disabled";
184
+ /** CORS allowed origins (`server_cors_allowed_origins`). */
185
+ serverCorsAllowedOrigins?: string;
186
+ /** Emit server-timing headers (`server_timing_enabled`). */
187
+ serverTimingEnabled?: boolean;
188
+ }
189
+ /** Fields shared by every {@link DataApiConfig} variant. */
190
+ interface DataApiConfigBase {
191
+ /** Defaults to `true` when the `dataApi` namespace is present. Set `false` to opt out. */
192
+ enabled?: boolean;
193
+ /** Reusable runtime settings. Drift here is reconciled as an update. */
194
+ settings?: DataApiSettings;
195
+ }
196
+ /**
197
+ * Data API verified by **Neon Auth** (`authProvider: "neon"`, the default). The external
198
+ * IdP fields are statically forbidden (`?: never`) because Neon supplies them; declaring any
199
+ * of them is a type error directing you to `authProvider: "external"`.
200
+ */
201
+ interface DataApiNeonAuthConfig extends DataApiConfigBase {
202
+ authProvider?: "neon";
203
+ /** Forbidden with `authProvider: "neon"` — Neon provides the JWKS URL. */
204
+ jwksUrl?: never;
205
+ /** Forbidden with `authProvider: "neon"` — the provider is Neon Auth. */
206
+ providerName?: never;
207
+ /** Forbidden with `authProvider: "neon"` — Neon manages the audience. */
208
+ jwtAudience?: never;
209
+ }
210
+ /**
211
+ * Data API verified by an **external** IdP (`authProvider: "external"`). You provide the
212
+ * JWKS URL (and optionally a provider label / expected audience).
213
+ */
214
+ interface DataApiExternalAuthConfig extends DataApiConfigBase {
215
+ authProvider: "external";
216
+ /** URL that publishes the IdP's JWKS (JSON Web Key Set). */
217
+ jwksUrl?: string;
218
+ /** Human label for the IdP (e.g. "Clerk", "Stytch", "Auth0"). */
219
+ providerName?: string;
220
+ /**
221
+ * Expected `aud` claim. ⚠️ This only **rejects** tokens carrying a *different* audience;
222
+ * tokens with no `aud` claim are still accepted.
223
+ */
224
+ jwtAudience?: string;
225
+ }
226
+ /**
227
+ * Object form of the `dataApi` toggle. A discriminated union on {@link DataApiAuthProvider}:
228
+ * the `"neon"` variant forbids the external-IdP fields, the `"external"` variant allows them.
229
+ */
230
+ type DataApiConfig = DataApiNeonAuthConfig | DataApiExternalAuthConfig;
231
+ /**
232
+ * How the Data API is toggled in a policy: a bare boolean (like the other service toggles)
233
+ * or the richer {@link DataApiConfig} object. `true` / `{}` / `{ enabled: true }` enable it
234
+ * with Neon defaults; `false` / `{ enabled: false }` opt out.
235
+ */
236
+ type DataApiInput = boolean | DataApiConfig;
237
+ /**
238
+ * Supported function runtimes. Mirrors the Neon Functions deploy API `runtime` enum.
239
+ * Only `nodejs24` exists today; kept as a union so adding runtimes later is a
240
+ * non-breaking, type-checked change.
241
+ */
242
+ type FunctionRuntime = "nodejs24";
243
+ /**
244
+ * Local-development settings for a function, used by `neon dev` when it serves every
245
+ * function declared in `neon.ts` (i.e. invoked with no `--source`). Never affects deploy.
246
+ */
247
+ interface FunctionDevConfig {
248
+ /**
249
+ * Port the local server binds. Bound exactly (and `neon dev` fails loudly if it is taken)
250
+ * when set; a free port is found automatically when omitted.
251
+ */
252
+ port?: number;
253
+ }
254
+ /**
255
+ * Static definition of a Neon Function (Preview feature). Declares that the function
256
+ * **exists** on every branch; its branch-unique slug is the **record key** in
257
+ * {@link PreviewInput.functions} (not a field here), so slugs are statically enumerable,
258
+ * cannot duplicate, and the `branch` closure can only tune slugs that are declared here.
259
+ *
260
+ * A function is invoked like a Cloudflare/Vercel handler — its source module
261
+ * `export default { fetch }` or `export async function handler(req): Response`. The
262
+ * `source` path is bundled (esbuild) and uploaded as a deployment; the newest deployment
263
+ * becomes active.
264
+ *
265
+ * Runtime tuning is **not** here — it varies per branch and lives in the `branch` closure
266
+ * (see {@link FunctionTuning}). Memory is fixed by the platform policy for now and is not
267
+ * user-configurable.
268
+ */
269
+ interface FunctionDef {
270
+ /** Free-form display name. @example "Hello World" */
271
+ name: string;
272
+ /**
273
+ * Path to the function's entry module, **relative to `neon.ts`** (or absolute). The
274
+ * module's default export (`{ fetch }`) or `handler` export is the function entry. This
275
+ * path is resolved against the loaded `neon.ts` location and bundled with esbuild at
276
+ * deploy time.
277
+ *
278
+ * We require a string path rather than an imported handler because a JS function value
279
+ * carries no reference back to its source file, so esbuild has nothing to bundle from.
280
+ * @example "./functions/hello-world.ts"
281
+ */
282
+ source: string;
283
+ /**
284
+ * Environment variables injected into the deployed function, keyed by the var name the
285
+ * function reads at runtime. The **keys** are static (preserved at the type level so
286
+ * `parseEnv(config, "<slug>").function.<key>` is typed); the **values** are arbitrary
287
+ * strings evaluated when `neon.ts` is loaded (typically `process.env.X`) and uploaded
288
+ * at `config apply`. Every value must be a defined string — a `process.env.X` that is
289
+ * `undefined` (unset) errors at validation time rather than silently shipping
290
+ * `undefined`.
291
+ * @example { resendApiKey: process.env.RESEND_API_KEY ?? "" }
292
+ */
293
+ env?: Record<string, string>;
294
+ /**
295
+ * Local-development settings used by `neon dev` when serving every function from
296
+ * `neon.ts`. Ignored at deploy time. See {@link FunctionDevConfig}.
297
+ */
298
+ dev?: FunctionDevConfig;
299
+ }
300
+ /**
301
+ * A single capability a branch-scoped service credential may exercise (Preview). A
302
+ * credential is granted a set of these and may only perform the listed actions. Mirrors
303
+ * the Neon API `CredentialScope` enum (`x-stability-level: beta`):
304
+ *
305
+ * - `storage:read` / `storage:write` — object-storage (bucket) access via the S3 key.
306
+ * - `ai_gateway:invoke` — call the AI Gateway with the bearer `api_token`.
307
+ * - `functions:invoke` — invoke Neon Functions with the bearer `api_token`.
308
+ *
309
+ * The set a policy needs is derived from its enabled Preview features (see
310
+ * {@link deriveCredentialScopes}); it is never authored by hand.
311
+ */
312
+ type CredentialScope = "storage:read" | "storage:write" | "ai_gateway:invoke" | "functions:invoke";
313
+ /**
314
+ * Who a credential acts as. `user` is the developer/app principal minted for local dev and
315
+ * app bootstrap (`fetchEnv` / `env pull`); `function` is a deployed-function principal
316
+ * (carries a `function_id`). The env tooling only mints `user` credentials today.
317
+ */
318
+ type CredentialPrincipalType = "user" | "function";
319
+ /** Anonymous-access level for a branchable object-storage bucket. */
320
+ type BucketAccessLevel = "private" | "public_read";
321
+ /**
322
+ * Static definition of a branchable object-storage bucket (Preview feature). The bucket's
323
+ * name is the **record key** in {@link PreviewInput.buckets}, so names are statically
324
+ * enumerable and cannot duplicate.
325
+ */
326
+ interface BucketDef {
327
+ /**
328
+ * Anonymous access level. `private` (default) requires authenticated reads/writes;
329
+ * `public_read` allows anonymous GetObject/HeadObject.
330
+ */
331
+ access?: BucketAccessLevel;
332
+ }
333
+ /**
334
+ * Static, branch-scoped **Preview** features. Grouped under `preview` to signal they are
335
+ * backed by Neon `x-stability-level: beta` endpoints and may change before GA. Everything
336
+ * here is existential (it determines what exists on the branch); per-branch tuning lives in
337
+ * the `branch` closure.
338
+ */
339
+ interface PreviewInput {
340
+ /** Enable/disable the AI Gateway on the branch (toggle, like auth / dataApi). */
341
+ aiGateway?: ServiceToggleInput;
342
+ /** Functions to deploy, keyed by branch-unique slug (`^[a-z0-9]{1,20}$`). */
343
+ functions?: Record<string, FunctionDef>;
344
+ /** Object-storage buckets to create, keyed by bucket name. */
345
+ buckets?: Record<string, BucketDef>;
346
+ }
347
+ /**
348
+ * Per-branch deploy tuning for a single function. Returned (per slug) by the `branch`
349
+ * closure. Deliberately **cannot** change the function's existence, source, name, env
350
+ * **keys**, or memory — only runtime selection is currently configurable — so the static
351
+ * secret/function set stays sound.
352
+ */
353
+ interface FunctionTuning {
354
+ /** Runtime to execute the function with. Defaults to `"nodejs24"`. */
355
+ runtime?: FunctionRuntime;
356
+ }
357
+ /**
358
+ * Per-branch tuning of Preview features. Only existing function slugs (those declared in
359
+ * the static {@link PreviewInput.functions}) may be tuned — `Slug` is constrained to the
360
+ * declared keys by {@link BranchTuningFn}.
361
+ */
362
+ interface PreviewTuning<Slug extends string = string> {
363
+ functions?: Partial<Record<Slug, FunctionTuning>>;
364
+ }
365
+ /**
366
+ * The per-branch tuning object returned by the `branch` closure. It can adjust branch
367
+ * lifecycle (`parent`, `ttl`, `protected`), Postgres compute settings, and per-function
368
+ * deploy tuning — but **cannot** add/remove services or functions. That guarantee is what
369
+ * keeps the static secret set (and therefore `NeonEnv`) exact.
370
+ */
371
+ interface BranchTuning<Slug extends string = string> {
372
+ /** Parent branch name used when creating a new branch. Not a Postgres setting. */
373
+ parent?: string;
374
+ /**
375
+ * Branch time-to-live: how long after creation the branch should auto-expire. Applied
376
+ * when creating a new branch and reconciled on existing branches (when `updateExisting`
377
+ * is set). Accepts a {@link DurationString} (autocompletes common values) or a number of
378
+ * seconds. Omit to keep the branch indefinitely.
379
+ *
380
+ * - {@link DurationString} — e.g. `"7d"`; autocompletes `"1h"`, `"6h"`, `"12h"`, `"1d"`,
381
+ * `"3d"`, `"7d"`, `"14d"`, `"30d"`, and accepts any other `<integer><unit>` (units: `s`,
382
+ * `m`, `h`, `d`, `w` — e.g. `"12h"`, `"2w"`). A **unit is required** — `"7"` is rejected;
383
+ * for raw seconds pass a `number`.
384
+ * - `number` — custom TTL in **seconds** (e.g. `3600`)
385
+ * - `undefined` — no expiry; the branch persists until explicitly deleted
386
+ *
387
+ * The Neon API caps branch expiration at **30 days** from creation, so the resolved TTL must
388
+ * be `> 0` and `<= 30d`; the suggestions stay within that limit and anything longer is
389
+ * rejected at apply.
390
+ *
391
+ * @example "1d" // ephemeral preview branch: expires a day after creation
392
+ * @example "7d" // one-week TTL
393
+ * @example "30d" // the maximum the API allows
394
+ * @example 3600 // 1 hour, expressed in seconds
395
+ */
396
+ ttl?: DurationField<TtlSuggestion>;
397
+ /** Whether the selected branch should be protected. Undefined means "leave as-is". */
398
+ protected?: boolean;
399
+ postgres?: PostgresConfig;
400
+ preview?: PreviewTuning<Slug>;
401
+ }
402
+ /** Extract the declared function slugs from a {@link PreviewInput} for closure typing. */
403
+ type FunctionSlugsOf<Preview extends PreviewInput | undefined> = Preview extends {
404
+ functions: infer F;
405
+ } ? Extract<keyof F, string> : string;
406
+ /**
407
+ * Signature of the `branch` closure. Generic over the static {@link PreviewInput} so the
408
+ * `preview.functions` keys it may tune are constrained to the slugs actually declared.
409
+ */
410
+ type BranchTuningFn<Preview extends PreviewInput | undefined = PreviewInput | undefined> = (branch: BranchTarget) => BranchTuning<FunctionSlugsOf<Preview>>;
411
+ /**
412
+ * A validated Neon branch policy — the value `defineConfig({ … })` returns and `neon.ts`
413
+ * default-exports.
414
+ *
415
+ * Split into a **static** existential set (top-level `auth` / `dataApi` GA toggles plus the
416
+ * beta `preview` block) and a **dynamic** per-branch `branch` closure for tuning. The
417
+ * static half is what makes the secret set — and therefore `NeonEnv<typeof config>` and
418
+ * `parseEnv` — exact; the closure can tune but never change what exists.
419
+ *
420
+ * Generic over the three static fields so the type system can read the exact toggle/slug
421
+ * literals; the defaults make the bare `Config` a usable "any policy" type for runtime
422
+ * function signatures.
423
+ */
424
+ interface Config<Auth extends ServiceToggleInput | undefined = ServiceToggleInput | undefined, DataApi extends DataApiInput | undefined = DataApiInput | undefined, Preview extends PreviewInput | undefined = PreviewInput | undefined> {
425
+ /** Neon Auth integration toggle (GA). Static — drives `NeonEnv.auth`. */
426
+ auth?: Auth;
427
+ /**
428
+ * Neon Data API integration (GA). Static — drives `NeonEnv.dataApi`. A boolean/toggle, or
429
+ * a {@link DataApiConfig} object selecting the auth provider (`"neon"` / `"external"`) and
430
+ * runtime {@link DataApiSettings}. With `authProvider: "neon"` the policy must also enable
431
+ * top-level `auth`.
432
+ */
433
+ dataApi?: DataApi;
434
+ /** Beta (Preview) feature set: AI Gateway, functions, buckets. Static. */
435
+ preview?: Preview;
436
+ /** Per-branch tuning closure. Cannot change the static existential set. */
437
+ branch?: BranchTuningFn<Preview>;
438
+ }
439
+ /**
440
+ * A function with all deploy defaults applied. `resolveConfig` fills in `runtime` so
441
+ * downstream diff/apply never has to re-derive it.
442
+ */
443
+ //#endregion
444
+ export { BranchTarget, BranchTuning, BranchTuningFn, BucketAccessLevel, BucketDef, ComputeSettings, ComputeUnit, Config, CredentialPrincipalType, CredentialScope, DATA_API_AUTH_PROVIDERS, DataApiAuthProvider, DataApiConfig, DataApiExternalAuthConfig, DataApiInput, DataApiNeonAuthConfig, DataApiSettings, DurationString, DurationUnit, FunctionDef, FunctionDevConfig, FunctionRuntime, FunctionTuning, PostgresConfig, PreviewInput, PreviewTuning, ServiceToggle, ServiceToggleInput };
445
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","names":["ComputeUnit","DurationUnit","DurationString","SuspendTimeoutSuggestion","TtlSuggestion","DurationField","Suggestions","NonNullable","ComputeSettings","BranchTarget","ServiceToggle","ServiceToggleInput","ServiceEnabled","T","PostgresConfig","DATA_API_AUTH_PROVIDERS","DataApiAuthProvider","DataApiSettings","DataApiConfigBase","DataApiNeonAuthConfig","DataApiExternalAuthConfig","DataApiConfig","DataApiInput","FunctionRuntime","FunctionDevConfig","FunctionDef","Record","CredentialScope","CredentialPrincipalType","BucketAccessLevel","BucketDef","PreviewInput","FunctionTuning","PreviewTuning","Slug","Partial","BranchTuning","FunctionSlugsOf","Preview","F","Extract","BranchTuningFn","Config","Auth","DataApi","ResolvedFunctionConfig","ResolvedBucketConfig","ResolvedPreviewConfig","ResolvedDataApiConfig","ResolvedBranchConfig","AppliedChange","ConflictReport","PushResult"],"sources":["../../../../../config/dist/lib/types.d.ts"],"sourcesContent":["//#region src/lib/types.d.ts\n/**\n * Valid Neon Compute Unit values.\n * Most plans support 0.25, 0.5, 1, 2, 4, 8. Higher values may be available on Business plans.\n */\ntype ComputeUnit = 0.25 | 0.5 | 1 | 2 | 4 | 8;\n/** Time units accepted in a {@link DurationString}: seconds, minutes, hours, days, weeks. */\ntype DurationUnit = \"s\" | \"m\" | \"h\" | \"d\" | \"w\";\n/**\n * A Neon duration string: a positive integer **followed by a unit** — `s` (seconds),\n * `m` (minutes), `h` (hours), `d` (days), or `w` (weeks). Used by\n * {@link ComputeSettings.suspendTimeout} and {@link BranchTuning.ttl}.\n *\n * A **unit is required**: a bare numeric string like `\"7\"` is rejected at the type level. To\n * express a raw number of seconds, pass a `number` (`300`) — not a string (`\"300\"`). This\n * removes the old ambiguity where `\"7\"` silently meant 7 *seconds* instead of, say, `\"7d\"`.\n *\n * @example \"5m\" // 5 minutes\n * @example \"1h\" // 1 hour\n * @example \"7d\" // 7 days\n */\ntype DurationString = `${number}${DurationUnit}`;\n/**\n * Autocomplete suggestions for {@link ComputeSettings.suspendTimeout}. Every value sits inside\n * the Neon API's allowed scale-to-zero band: **60s–604800s** (1 minute – 1 week). This is *not*\n * a closed set — the field also accepts any other {@link DurationString} or a `number` of\n * seconds; out-of-range values type-check but are rejected at apply time.\n */\ntype SuspendTimeoutSuggestion = \"1m\" | \"5m\" | \"15m\" | \"30m\" | \"1h\" | \"6h\" | \"12h\" | \"1d\" | \"7d\";\n/**\n * Autocomplete suggestions for {@link BranchTuning.ttl}. Every value sits within the Neon API's\n * branch-expiration limit (**max 30 days** from creation; the Console's own presets are 1h / 1d\n * / 7d). This is *not* a closed set — the field also accepts any other {@link DurationString} or\n * a `number` of seconds; values over 30 days are rejected at apply time.\n */\ntype TtlSuggestion = \"1h\" | \"6h\" | \"12h\" | \"1d\" | \"3d\" | \"7d\" | \"14d\" | \"30d\";\n/**\n * Compose a field's duration type: its curated autocomplete `Suggestions` plus the open\n * `DurationString` template (so any `<integer><unit>` string still type-checks) and a `number`\n * of seconds. Intersecting the template arm with `NonNullable<unknown>` stops TypeScript from\n * collapsing the literal suggestions into the template, which is what preserves the autocomplete.\n */\ntype DurationField<Suggestions extends DurationString> = Suggestions | (DurationString & NonNullable<unknown>) | number;\n/**\n * Compute settings applied to the read/write endpoint of a branch.\n *\n * Mirrors the subset of {@link https://api-docs.neon.tech/reference/getting-started-with-neon-api Neon endpoint}\n * fields that we expose as IaC primitives. Anything left undefined falls back to the project's\n * `default_endpoint_settings` (which themselves fall back to Neon platform defaults).\n */\ninterface ComputeSettings {\n /**\n * Minimum number of Compute Units. Set to 0.25 for true scale-to-zero.\n * @example 0.25 // scale-to-zero\n * @example 1 // always-on with 1 CU minimum\n */\n autoscalingLimitMinCu?: ComputeUnit;\n /**\n * Maximum number of Compute Units for autoscaling.\n * @example 2\n * @example 8\n */\n autoscalingLimitMaxCu?: ComputeUnit;\n /**\n * How long an idle compute waits before suspending (Neon's scale-to-zero). Accepts a\n * {@link DurationString} (autocompletes common values), a number of seconds, or `false`.\n *\n * - `false` — never suspend (always-on compute)\n * - {@link DurationString} — e.g. `\"5m\"`; autocompletes the in-range values `\"1m\"`, `\"5m\"`,\n * `\"15m\"`, `\"30m\"`, `\"1h\"`, `\"6h\"`, `\"12h\"`, `\"1d\"`, `\"7d\"`, and accepts any other\n * `<integer><unit>` (units: `s`, `m`, `h`, `d`, `w`). A **unit is required** — for raw\n * seconds pass a `number`, not a string.\n * - `number` — custom timeout in **seconds**, must be in `60`–`604800` (1 minute to 1 week)\n * - `undefined` — use the Neon platform default (currently 300s / 5 minutes)\n *\n * Whichever form you use, the resolved timeout must fall in `60`–`604800` seconds (the Neon\n * API limit); the suggestions are all within that band, anything else is checked at apply.\n *\n * @example false // never suspend (always-on)\n * @example \"5m\" // suspend after 5 minutes idle\n * @example \"1h\" // suspend after 1 hour idle\n * @example 300 // 5 minutes, expressed in seconds\n */\n suspendTimeout?: false | DurationField<SuspendTimeoutSuggestion>;\n}\n/**\n * Read-only descriptor of the branch a {@link Config} policy is being evaluated for — the\n * `branch` argument passed to your `defineConfig({ branch: (branch) => … })` closure. It describes\n * **which** branch this invocation decides for; it is not a live branch handle and must not\n * be mutated. Switch on its fields and return the desired {@link BranchConfig}.\n */\ninterface BranchTarget {\n /** Branch name being evaluated. For `branch dev`, this is the generated branch name. */\n name: string;\n /** Neon branch id when the branch already exists. Undefined during pre-create eval. */\n id?: string;\n /** Whether this branch already exists on Neon. */\n exists: boolean;\n /** Parent branch id from Neon when known. */\n parentId?: string;\n /** Whether Neon marks this branch as the project default. */\n isDefault?: boolean;\n /** Whether Neon currently marks this branch protected. */\n isProtected?: boolean;\n /** Current expiration timestamp from Neon, when set. */\n expiresAt?: string;\n}\n/**\n * Object form of a branch-scoped service toggle. `{}` or `{ enabled: true }` enables it;\n * `{ enabled: false }` opts out. Used as the object half of {@link ServiceToggleInput}.\n */\ninterface ServiceToggle {\n /** Defaults to `true` when the service namespace is present. Set `false` to opt out. */\n enabled?: boolean;\n}\n/**\n * How a branch-scoped service (Neon Auth, Data API, AI Gateway) is toggled in a policy.\n *\n * - `true` / `{}` / `{ enabled: true }` — enabled.\n * - `false` / `{ enabled: false }` — disabled.\n * - omitted (`undefined`) — not part of the policy at all.\n *\n * These toggles are **static** (they live in the top-level `defineConfig({ … })` object,\n * not in the per-branch `branch` closure) so the secret set they imply can be derived at\n * the type level — that's what makes `NeonEnv<typeof config>` exact.\n */\ntype ServiceToggleInput = boolean | ServiceToggle;\n/**\n * Resolve a **static** service toggle (`true` / `false` / `{ enabled?: boolean }` / object /\n * `undefined`) to a type-level boolean. The tuple wrapping (`[T] extends […]`) disables\n * distribution so a union/`undefined` is judged as a single unit:\n *\n * - `false` / `{ enabled: false }` / `undefined` → `false`\n * - `true` / `{ enabled: true }` / any other object (`{}`, `{ enabled?: boolean }`) → `true`\n * (a present toggle defaults to enabled)\n * - the bare `boolean | … | undefined` (no literal info) → `false`\n *\n * Shared by the {@link Config} static cross-field checks and the `@neon/env`\n * `NeonEnv` namespace derivation, so both read \"is this service on?\" identically.\n */\ntype ServiceEnabled<T> = [T] extends [false] ? false : [T] extends [{\n enabled: false;\n}] ? false : [T] extends [undefined] ? false : [T] extends [true] ? true : [T] extends [{\n enabled: true;\n}] ? true : [T] extends [object] ? true : false;\ninterface PostgresConfig {\n computeSettings?: ComputeSettings;\n}\n/**\n * Authentication providers a Data API integration can verify JWTs against, as written in\n * `neon.ts`. Friendly authoring values (mapped to the Neon API's `neon_auth` / `external`\n * at the API boundary):\n *\n * - `\"neon\"` — verify tokens minted by **Neon Auth** on the same branch. Neon supplies the\n * JWKS URL / provider wiring for you, so the `jwksUrl` / `providerName` / `jwtAudience`\n * fields are forbidden (a type error) on this variant — and the policy must also enable\n * top-level `auth` (Neon Auth) so the tokens exist.\n * - `\"external\"` — verify tokens from a third-party IdP (Clerk, Stytch, Auth0, …). You\n * provide `jwksUrl` (and optionally `providerName` / `jwtAudience`).\n */\ndeclare const DATA_API_AUTH_PROVIDERS: readonly [\"neon\", \"external\"];\ntype DataApiAuthProvider = (typeof DATA_API_AUTH_PROVIDERS)[number];\n/**\n * Reusable runtime settings for a Data API integration (the Neon API `DataAPISettings`,\n * camelCased to match the rest of `neon.ts`). Every field is optional; omitted fields keep\n * the Neon defaults shown below. These are the **only** Data API fields that can change on\n * an already-enabled integration — drift here is reconciled as an *update* (requires\n * `updateExisting` / `--update-existing`); the create-only auth wiring above cannot.\n */\ninterface DataApiSettings {\n /** Enable the aggregates feature (`db_aggregates_enabled`). Default `true`. */\n dbAggregatesEnabled?: boolean;\n /** Database role used for anonymous requests (`db_anon_role`). Default `\"anonymous\"`. */\n dbAnonRole?: string;\n /** Extra schemas appended to the search path (`db_extra_search_path`). */\n dbExtraSearchPath?: string;\n /** Maximum rows returned in a single request (`db_max_rows`). */\n dbMaxRows?: number;\n /** Schemas exposed via the API (`db_schemas`). Default `[\"public\"]`. */\n dbSchemas?: string[];\n /** JWT claim key used for role extraction (`jwt_role_claim_key`). Default `\".role\"`. */\n jwtRoleClaimKey?: string;\n /** Maximum lifetime of the JWT cache, in seconds (`jwt_cache_max_lifetime`). */\n jwtCacheMaxLifetime?: number;\n /** OpenAPI spec mode (`openapi_mode`). Default `\"disabled\"`. */\n openapiMode?: \"ignore-privileges\" | \"disabled\";\n /** CORS allowed origins (`server_cors_allowed_origins`). */\n serverCorsAllowedOrigins?: string;\n /** Emit server-timing headers (`server_timing_enabled`). */\n serverTimingEnabled?: boolean;\n}\n/** Fields shared by every {@link DataApiConfig} variant. */\ninterface DataApiConfigBase {\n /** Defaults to `true` when the `dataApi` namespace is present. Set `false` to opt out. */\n enabled?: boolean;\n /** Reusable runtime settings. Drift here is reconciled as an update. */\n settings?: DataApiSettings;\n}\n/**\n * Data API verified by **Neon Auth** (`authProvider: \"neon\"`, the default). The external\n * IdP fields are statically forbidden (`?: never`) because Neon supplies them; declaring any\n * of them is a type error directing you to `authProvider: \"external\"`.\n */\ninterface DataApiNeonAuthConfig extends DataApiConfigBase {\n authProvider?: \"neon\";\n /** Forbidden with `authProvider: \"neon\"` — Neon provides the JWKS URL. */\n jwksUrl?: never;\n /** Forbidden with `authProvider: \"neon\"` — the provider is Neon Auth. */\n providerName?: never;\n /** Forbidden with `authProvider: \"neon\"` — Neon manages the audience. */\n jwtAudience?: never;\n}\n/**\n * Data API verified by an **external** IdP (`authProvider: \"external\"`). You provide the\n * JWKS URL (and optionally a provider label / expected audience).\n */\ninterface DataApiExternalAuthConfig extends DataApiConfigBase {\n authProvider: \"external\";\n /** URL that publishes the IdP's JWKS (JSON Web Key Set). */\n jwksUrl?: string;\n /** Human label for the IdP (e.g. \"Clerk\", \"Stytch\", \"Auth0\"). */\n providerName?: string;\n /**\n * Expected `aud` claim. ⚠️ This only **rejects** tokens carrying a *different* audience;\n * tokens with no `aud` claim are still accepted.\n */\n jwtAudience?: string;\n}\n/**\n * Object form of the `dataApi` toggle. A discriminated union on {@link DataApiAuthProvider}:\n * the `\"neon\"` variant forbids the external-IdP fields, the `\"external\"` variant allows them.\n */\ntype DataApiConfig = DataApiNeonAuthConfig | DataApiExternalAuthConfig;\n/**\n * How the Data API is toggled in a policy: a bare boolean (like the other service toggles)\n * or the richer {@link DataApiConfig} object. `true` / `{}` / `{ enabled: true }` enable it\n * with Neon defaults; `false` / `{ enabled: false }` opt out.\n */\ntype DataApiInput = boolean | DataApiConfig;\n/**\n * Supported function runtimes. Mirrors the Neon Functions deploy API `runtime` enum.\n * Only `nodejs24` exists today; kept as a union so adding runtimes later is a\n * non-breaking, type-checked change.\n */\ntype FunctionRuntime = \"nodejs24\";\n/**\n * Local-development settings for a function, used by `neon dev` when it serves every\n * function declared in `neon.ts` (i.e. invoked with no `--source`). Never affects deploy.\n */\ninterface FunctionDevConfig {\n /**\n * Port the local server binds. Bound exactly (and `neon dev` fails loudly if it is taken)\n * when set; a free port is found automatically when omitted.\n */\n port?: number;\n}\n/**\n * Static definition of a Neon Function (Preview feature). Declares that the function\n * **exists** on every branch; its branch-unique slug is the **record key** in\n * {@link PreviewInput.functions} (not a field here), so slugs are statically enumerable,\n * cannot duplicate, and the `branch` closure can only tune slugs that are declared here.\n *\n * A function is invoked like a Cloudflare/Vercel handler — its source module\n * `export default { fetch }` or `export async function handler(req): Response`. The\n * `source` path is bundled (esbuild) and uploaded as a deployment; the newest deployment\n * becomes active.\n *\n * Runtime tuning is **not** here — it varies per branch and lives in the `branch` closure\n * (see {@link FunctionTuning}). Memory is fixed by the platform policy for now and is not\n * user-configurable.\n */\ninterface FunctionDef {\n /** Free-form display name. @example \"Hello World\" */\n name: string;\n /**\n * Path to the function's entry module, **relative to `neon.ts`** (or absolute). The\n * module's default export (`{ fetch }`) or `handler` export is the function entry. This\n * path is resolved against the loaded `neon.ts` location and bundled with esbuild at\n * deploy time.\n *\n * We require a string path rather than an imported handler because a JS function value\n * carries no reference back to its source file, so esbuild has nothing to bundle from.\n * @example \"./functions/hello-world.ts\"\n */\n source: string;\n /**\n * Environment variables injected into the deployed function, keyed by the var name the\n * function reads at runtime. The **keys** are static (preserved at the type level so\n * `parseEnv(config, \"<slug>\").function.<key>` is typed); the **values** are arbitrary\n * strings evaluated when `neon.ts` is loaded (typically `process.env.X`) and uploaded\n * at `config apply`. Every value must be a defined string — a `process.env.X` that is\n * `undefined` (unset) errors at validation time rather than silently shipping\n * `undefined`.\n * @example { resendApiKey: process.env.RESEND_API_KEY ?? \"\" }\n */\n env?: Record<string, string>;\n /**\n * Local-development settings used by `neon dev` when serving every function from\n * `neon.ts`. Ignored at deploy time. See {@link FunctionDevConfig}.\n */\n dev?: FunctionDevConfig;\n}\n/**\n * A single capability a branch-scoped service credential may exercise (Preview). A\n * credential is granted a set of these and may only perform the listed actions. Mirrors\n * the Neon API `CredentialScope` enum (`x-stability-level: beta`):\n *\n * - `storage:read` / `storage:write` — object-storage (bucket) access via the S3 key.\n * - `ai_gateway:invoke` — call the AI Gateway with the bearer `api_token`.\n * - `functions:invoke` — invoke Neon Functions with the bearer `api_token`.\n *\n * The set a policy needs is derived from its enabled Preview features (see\n * {@link deriveCredentialScopes}); it is never authored by hand.\n */\ntype CredentialScope = \"storage:read\" | \"storage:write\" | \"ai_gateway:invoke\" | \"functions:invoke\";\n/**\n * Who a credential acts as. `user` is the developer/app principal minted for local dev and\n * app bootstrap (`fetchEnv` / `env pull`); `function` is a deployed-function principal\n * (carries a `function_id`). The env tooling only mints `user` credentials today.\n */\ntype CredentialPrincipalType = \"user\" | \"function\";\n/** Anonymous-access level for a branchable object-storage bucket. */\ntype BucketAccessLevel = \"private\" | \"public_read\";\n/**\n * Static definition of a branchable object-storage bucket (Preview feature). The bucket's\n * name is the **record key** in {@link PreviewInput.buckets}, so names are statically\n * enumerable and cannot duplicate.\n */\ninterface BucketDef {\n /**\n * Anonymous access level. `private` (default) requires authenticated reads/writes;\n * `public_read` allows anonymous GetObject/HeadObject.\n */\n access?: BucketAccessLevel;\n}\n/**\n * Static, branch-scoped **Preview** features. Grouped under `preview` to signal they are\n * backed by Neon `x-stability-level: beta` endpoints and may change before GA. Everything\n * here is existential (it determines what exists on the branch); per-branch tuning lives in\n * the `branch` closure.\n */\ninterface PreviewInput {\n /** Enable/disable the AI Gateway on the branch (toggle, like auth / dataApi). */\n aiGateway?: ServiceToggleInput;\n /** Functions to deploy, keyed by branch-unique slug (`^[a-z0-9]{1,20}$`). */\n functions?: Record<string, FunctionDef>;\n /** Object-storage buckets to create, keyed by bucket name. */\n buckets?: Record<string, BucketDef>;\n}\n/**\n * Per-branch deploy tuning for a single function. Returned (per slug) by the `branch`\n * closure. Deliberately **cannot** change the function's existence, source, name, env\n * **keys**, or memory — only runtime selection is currently configurable — so the static\n * secret/function set stays sound.\n */\ninterface FunctionTuning {\n /** Runtime to execute the function with. Defaults to `\"nodejs24\"`. */\n runtime?: FunctionRuntime;\n}\n/**\n * Per-branch tuning of Preview features. Only existing function slugs (those declared in\n * the static {@link PreviewInput.functions}) may be tuned — `Slug` is constrained to the\n * declared keys by {@link BranchTuningFn}.\n */\ninterface PreviewTuning<Slug extends string = string> {\n functions?: Partial<Record<Slug, FunctionTuning>>;\n}\n/**\n * The per-branch tuning object returned by the `branch` closure. It can adjust branch\n * lifecycle (`parent`, `ttl`, `protected`), Postgres compute settings, and per-function\n * deploy tuning — but **cannot** add/remove services or functions. That guarantee is what\n * keeps the static secret set (and therefore `NeonEnv`) exact.\n */\ninterface BranchTuning<Slug extends string = string> {\n /** Parent branch name used when creating a new branch. Not a Postgres setting. */\n parent?: string;\n /**\n * Branch time-to-live: how long after creation the branch should auto-expire. Applied\n * when creating a new branch and reconciled on existing branches (when `updateExisting`\n * is set). Accepts a {@link DurationString} (autocompletes common values) or a number of\n * seconds. Omit to keep the branch indefinitely.\n *\n * - {@link DurationString} — e.g. `\"7d\"`; autocompletes `\"1h\"`, `\"6h\"`, `\"12h\"`, `\"1d\"`,\n * `\"3d\"`, `\"7d\"`, `\"14d\"`, `\"30d\"`, and accepts any other `<integer><unit>` (units: `s`,\n * `m`, `h`, `d`, `w` — e.g. `\"12h\"`, `\"2w\"`). A **unit is required** — `\"7\"` is rejected;\n * for raw seconds pass a `number`.\n * - `number` — custom TTL in **seconds** (e.g. `3600`)\n * - `undefined` — no expiry; the branch persists until explicitly deleted\n *\n * The Neon API caps branch expiration at **30 days** from creation, so the resolved TTL must\n * be `> 0` and `<= 30d`; the suggestions stay within that limit and anything longer is\n * rejected at apply.\n *\n * @example \"1d\" // ephemeral preview branch: expires a day after creation\n * @example \"7d\" // one-week TTL\n * @example \"30d\" // the maximum the API allows\n * @example 3600 // 1 hour, expressed in seconds\n */\n ttl?: DurationField<TtlSuggestion>;\n /** Whether the selected branch should be protected. Undefined means \"leave as-is\". */\n protected?: boolean;\n postgres?: PostgresConfig;\n preview?: PreviewTuning<Slug>;\n}\n/** Extract the declared function slugs from a {@link PreviewInput} for closure typing. */\ntype FunctionSlugsOf<Preview extends PreviewInput | undefined> = Preview extends {\n functions: infer F;\n} ? Extract<keyof F, string> : string;\n/**\n * Signature of the `branch` closure. Generic over the static {@link PreviewInput} so the\n * `preview.functions` keys it may tune are constrained to the slugs actually declared.\n */\ntype BranchTuningFn<Preview extends PreviewInput | undefined = PreviewInput | undefined> = (branch: BranchTarget) => BranchTuning<FunctionSlugsOf<Preview>>;\n/**\n * A validated Neon branch policy — the value `defineConfig({ … })` returns and `neon.ts`\n * default-exports.\n *\n * Split into a **static** existential set (top-level `auth` / `dataApi` GA toggles plus the\n * beta `preview` block) and a **dynamic** per-branch `branch` closure for tuning. The\n * static half is what makes the secret set — and therefore `NeonEnv<typeof config>` and\n * `parseEnv` — exact; the closure can tune but never change what exists.\n *\n * Generic over the three static fields so the type system can read the exact toggle/slug\n * literals; the defaults make the bare `Config` a usable \"any policy\" type for runtime\n * function signatures.\n */\ninterface Config<Auth extends ServiceToggleInput | undefined = ServiceToggleInput | undefined, DataApi extends DataApiInput | undefined = DataApiInput | undefined, Preview extends PreviewInput | undefined = PreviewInput | undefined> {\n /** Neon Auth integration toggle (GA). Static — drives `NeonEnv.auth`. */\n auth?: Auth;\n /**\n * Neon Data API integration (GA). Static — drives `NeonEnv.dataApi`. A boolean/toggle, or\n * a {@link DataApiConfig} object selecting the auth provider (`\"neon\"` / `\"external\"`) and\n * runtime {@link DataApiSettings}. With `authProvider: \"neon\"` the policy must also enable\n * top-level `auth`.\n */\n dataApi?: DataApi;\n /** Beta (Preview) feature set: AI Gateway, functions, buckets. Static. */\n preview?: Preview;\n /** Per-branch tuning closure. Cannot change the static existential set. */\n branch?: BranchTuningFn<Preview>;\n}\n/**\n * A function with all deploy defaults applied. `resolveConfig` fills in `runtime` so\n * downstream diff/apply never has to re-derive it.\n */\ninterface ResolvedFunctionConfig {\n slug: string;\n name: string;\n source: string;\n env: Record<string, string>;\n runtime: FunctionRuntime;\n /**\n * Local-development settings, passed through untouched from {@link FunctionDef.dev}\n * (no defaults applied). Only consumed by `neon dev`; deploy ignores it.\n */\n dev?: FunctionDevConfig;\n}\n/** A bucket with its access level defaulted to `private`. */\ninterface ResolvedBucketConfig {\n name: string;\n access: BucketAccessLevel;\n}\n/**\n * Normalized {@link PreviewInput}. Only present on {@link ResolvedBranchConfig} when the\n * policy returned a `preview` block. `aiGatewayEnabled` follows the same\n * \"present-and-not-`false`\" semantics as `authEnabled` / `dataApiEnabled`.\n */\ninterface ResolvedPreviewConfig {\n functions: ResolvedFunctionConfig[];\n buckets: ResolvedBucketConfig[];\n aiGatewayEnabled: boolean;\n}\n/**\n * Normalized Data API integration. Present on {@link ResolvedBranchConfig} only when the\n * policy enables `dataApi`. `authProvider` always resolves (defaults to `\"neon\"`); the\n * external-IdP wiring is present only for `\"external\"`; `settings` carries the camelCase\n * runtime settings (reconciled as an update when they drift).\n */\ninterface ResolvedDataApiConfig {\n authProvider: DataApiAuthProvider;\n jwksUrl?: string;\n providerName?: string;\n jwtAudience?: string;\n settings?: DataApiSettings;\n}\ninterface ResolvedBranchConfig {\n parent?: string;\n ttlSeconds?: number;\n protected?: boolean;\n postgres?: PostgresConfig;\n authEnabled: boolean;\n dataApiEnabled: boolean;\n /**\n * Resolved Data API integration. Present iff {@link dataApiEnabled} is `true`. Carries the\n * create-time auth wiring and the updatable {@link DataApiSettings}.\n */\n dataApi?: ResolvedDataApiConfig;\n preview?: ResolvedPreviewConfig;\n}\n/**\n * One concrete change `pushConfig` made (or, in dry-run, would make) on the remote.\n */\ninterface AppliedChange {\n /**\n * `service` covers branch-scoped integrations driven by the branch policy (e.g.\n * Neon Auth, Data API).\n */\n kind: \"branch\" | \"service\";\n action: \"create\" | \"update\" | \"noop\";\n identifier: string;\n details?: Record<string, unknown>;\n}\n/**\n * A diff entry that conflicts with the desired config. `pushConfig` throws\n * {@link PushConflictError} on the first call when conflicts exist; pass\n * `updateExisting: true` to apply mutable drift (settings, `protected`, TTL, project\n * rename). Immutable fields (region, Postgres major version) are always conflicts —\n * recreate the project to change them.\n */\ninterface ConflictReport {\n kind: \"branch\";\n identifier: string;\n field: string;\n current: unknown;\n desired: unknown;\n reason: string;\n}\n/**\n * Result of a `pushConfig` invocation.\n */\ninterface PushResult {\n projectId: string;\n orgId?: string;\n branchId: string;\n branchName: string;\n /**\n * `true` when `pushConfig` was called with `{ dryRun: true }`. `applied` then records\n * what **would** be applied on a real push; no API mutations were performed.\n */\n dryRun: boolean;\n applied: AppliedChange[];\n conflicts: ConflictReport[];\n}\n//#endregion\nexport { AppliedChange, BranchTarget, BranchTuning, BranchTuningFn, BucketAccessLevel, BucketDef, ComputeSettings, ComputeUnit, Config, ConflictReport, CredentialPrincipalType, CredentialScope, DATA_API_AUTH_PROVIDERS, DataApiAuthProvider, DataApiConfig, DataApiExternalAuthConfig, DataApiInput, DataApiNeonAuthConfig, DataApiSettings, DurationString, DurationUnit, FunctionDef, FunctionDevConfig, FunctionRuntime, FunctionTuning, PostgresConfig, PreviewInput, PreviewTuning, PushResult, ResolvedBranchConfig, ResolvedBucketConfig, ResolvedDataApiConfig, ResolvedFunctionConfig, ResolvedPreviewConfig, ServiceEnabled, ServiceToggle, ServiceToggleInput };\n//# sourceMappingURL=types.d.ts.map"],"mappings":";;;AAKgB;AAEC;AAc6B;AAOjB,KAvBxBA,WAAAA,GA8BAI,IAAa,GAAA,GAAA,GAAA,CAAA,GAAA,CAAA,GAAA,CAAA,GAAA,CAAA;AAAA;KA5BbH,YAAAA,GAmCa,GAAA,GAAA,GAAA,GAAA,GAAA,GAAA,GAAA,GAAA,GAAA;;;;;AAAkF;AAAA;;;;;;AAyC5D;AAAA;AAQlB,KAtEjBC,cAAAA,GA0FkB,GAAA,MAAA,GA1FWD,YA0FX,EAAA;AAAA;AAiCT;AAEqB;AAciC;AACV;AAQjC;AA2BG,KAxKvBE,wBAAAA,GA+K0B,IAAA,GAASe,IAAAA,GAAAA,KAAAA,GAAAA,KAAiB,GAAA,IAAA,GAAA,IAAA,GAAA,KAAA,GAAA,IAAA,GAAA,IAAA;AAAA;AAaI;;;;AAgBS;AAAA,KArMjEd,aAAAA,GA2MY,IAAA,GAAA,IAAaiB,GAAAA,KAAAA,GAAa,IAAA,GAAA,IAAA,GAAA,IAAA,GAAA,KAAA,GAAA,KAAA;AAAA;AAMvB;AAKO;;;;AAmDF,KAlQpBhB,aAkQoB,CAAA,oBAlQcH,cAkQd,CAAA,GAlQgCI,WAkQhC,GAAA,CAlQ+CJ,cAkQ/C,GAlQgEK,WAkQhE,CAAA,OAAA,CAAA,CAAA,GAAA,MAAA;AAAA;AAcL;AAMQ;AAEN;AAWM;;;UA3RlBC,eAAAA,CAuSmBiB;;;;AAEX;AAAA;EAUS,qBAOJ,CAAA,EApTGzB,WAoTH;EAAA;;;;;EACF,qBAAA,CAAA,EA/SKA,WA+SL;EAAA;;;;;;;AAqCI;AAAA;;;;;;AAKd;AAAA;;;;;gBAKuIsC,CAAAA,EAAAA,KAAAA,GAzUvHjC,aAyUuHiC,CAzUzGnC,wBAyUyGmC,CAAAA;;;AAAjB;AAAA;;;;UAjUvH7B,YAAAA,CA+UqGa;;QAAqES,MAAAA;;OAE3KY,MAAAA;;QASGL,EAAAA,OAAAA;;UAEDG,CAAAA,EAAAA,MAAAA;EAAc;;;;;;;;;;;UAxUf/B,aAAAA;;;;;;;;;;;;;;;KAeLC,kBAAAA,aAA+BD;;;;;;;;;;;;;;;UAmB1BI,cAAAA;oBACUN;;;;;;;;;;;;;;cAcNO;KACTC,mBAAAA,WAA8BD;;;;;;;;UAQzBE,eAAAA;;;;;;;;;;;;;;;;;;;;;;;UAuBAC,iBAAAA;;;;aAIGD;;;;;;;UAOHE,qBAAAA,SAA8BD;;;;;;;;;;;;;UAa9BE,yBAAAA,SAAkCF;;;;;;;;;;;;;;;;KAgBvCG,aAAAA,GAAgBF,wBAAwBC;;;;;;KAMxCE,YAAAA,aAAyBD;;;;;;KAMzBE,eAAAA;;;;;UAKKC,iBAAAA;;;;;;;;;;;;;;;;;;;;;;UAsBAC,WAAAA;;;;;;;;;;;;;;;;;;;;;;;;QAwBFC;;;;;QAKAF;;;;;;;;;;;;;;KAcHG,eAAAA;;;;;;KAMAC,uBAAAA;;KAEAC,iBAAAA;;;;;;UAMKC,SAAAA;;;;;WAKCD;;;;;;;;UAQDE,YAAAA;;cAEIpB;;cAEAe,eAAeD;;YAEjBC,eAAeI;;;;;;;;UAQjBE,cAAAA;;YAEET;;;;;;;UAOFU;cACIE,QAAQT,OAAOQ,MAAMF;;;;;;;;UAQzBI;;;;;;;;;;;;;;;;;;;;;;;;;QAyBF/B,cAAcD;;;aAGTU;YACDmB,cAAcC;;;KAGrBG,gCAAgCN,4BAA4BO;;IAE7DE,cAAcD;;;;;KAKbE,+BAA+BV,2BAA2BA,qCAAqCtB,iBAAiB2B,aAAaC,gBAAgBC;;;;;;;;;;;;;;UAcxII,oBAAoB/B,iCAAiCA,gDAAgDW,2BAA2BA,0CAA0CS,2BAA2BA;;SAEtMY;;;;;;;YAOGC;;YAEAN;;WAEDG,eAAeH"}
@@ -0,0 +1,4 @@
1
+ import { BranchTarget, BranchTuning, BranchTuningFn, BucketAccessLevel, BucketDef, ComputeSettings, ComputeUnit, Config, CredentialPrincipalType, CredentialScope, DATA_API_AUTH_PROVIDERS, DataApiAuthProvider, DataApiConfig, DataApiExternalAuthConfig, DataApiInput, DataApiNeonAuthConfig, DataApiSettings, DurationString, DurationUnit, FunctionDef, FunctionDevConfig, FunctionRuntime, FunctionTuning, PostgresConfig, PreviewInput, PreviewTuning, ServiceToggle, ServiceToggleInput } from "./lib/types.js";
2
+ import { CreateBranchInput, CreateBucketInput, CreateCredentialInput, CreateProjectInput, DeployFunctionInput, EnableDataApiInput, GetConnectionUriInput, NeonApi, NeonAuthSnapshot, NeonBranchSnapshot, NeonBranchStorageSnapshot, NeonBucketSnapshot, NeonCredentialMeta, NeonCredentialSecret, NeonDataApiSnapshot, NeonDatabaseSnapshot, NeonEndpointSnapshot, NeonFunctionDeploymentSnapshot, NeonFunctionSnapshot, NeonProjectSnapshot, NeonRoleSnapshot, UpdateBranchInput } from "./lib/neon-api.js";
3
+ import "zod";
4
+ export {};
@@ -0,0 +1,2 @@
1
+ import { FetchEnvOptions, FilteredNeonEnv, FunctionSlugOf, NEON_ENV_VAR_KEYS, NeonAiGatewayEnv, NeonAuthEnv, NeonBranchEnv, NeonDataApiEnv, NeonEnv, NeonFunctionEnv, NeonPostgresEnv, NeonStorageEnv, SelectableEnvKey, fetchEnv, parseEnv, toEntries } from "./lib/env.js";
2
+ export { type FetchEnvOptions, type FilteredNeonEnv, type FunctionSlugOf, NEON_ENV_VAR_KEYS, type NeonAiGatewayEnv, type NeonAuthEnv, type NeonBranchEnv, type NeonDataApiEnv, type NeonEnv, type NeonFunctionEnv, type NeonPostgresEnv, type NeonStorageEnv, type SelectableEnvKey, fetchEnv, parseEnv, toEntries };
package/dist/index.js ADDED
@@ -0,0 +1,2 @@
1
+ import { NEON_ENV_VAR_KEYS, fetchEnv, parseEnv, toEntries } from "./lib/env.js";
2
+ export { NEON_ENV_VAR_KEYS, fetchEnv, parseEnv, toEntries };
@@ -0,0 +1,64 @@
1
+ import { NeonApi } from "../../config/dist/lib/neon-api.js";
2
+ import "../../config/dist/v1.js";
3
+
4
+ //#region src/lib/cli/commands.d.ts
5
+
6
+ /**
7
+ * Cross-cutting environment a CLI command is allowed to touch. Injected so tests can drive
8
+ * the handler with a custom NeonApi and a controlled `cwd` without spawning child
9
+ * processes.
10
+ */
11
+ interface CommandEnv {
12
+ cwd: string;
13
+ /**
14
+ * When set, used directly as the NeonApi. When omitted, the real adapter is built from
15
+ * `options.apiKey ?? NEON_API_KEY` inside `fetchEnv`.
16
+ */
17
+ api?: NeonApi;
18
+ }
19
+ interface CommandResult {
20
+ /** Process exit code. `0` for success, non-zero for failure. */
21
+ exitCode: number;
22
+ /** Text intended for stdout. */
23
+ stdout: string;
24
+ /** Text intended for stderr (human-readable status / error messages). */
25
+ stderr: string;
26
+ /** Optional structured debug payload — printed only when `--debug` is passed. */
27
+ debugInfo?: string;
28
+ }
29
+ /**
30
+ * Inputs needed to resolve a branch and fetch its env, shared by `run` and `export`: an
31
+ * optional explicit `neon.ts` path, project/branch overrides, and an API key (otherwise
32
+ * resolved from `.neon` / `NEON_*` env by the CLI and `NEON_API_KEY` by `fetchEnv`).
33
+ */
34
+ interface EnvResolveOptions {
35
+ configPath?: string;
36
+ projectId?: string;
37
+ branch?: string;
38
+ apiKey?: string;
39
+ }
40
+ interface EnvRunCommandOptions extends EnvResolveOptions {
41
+ /** The user command to spawn (after `--`). The first element is the executable. */
42
+ command: string[];
43
+ }
44
+ /**
45
+ * Implementation of `neon-env run -- <cmd...>`. Loads `neon.ts`, fetches the env from
46
+ * Neon, then spawns the user-supplied command with the env vars injected on top of the
47
+ * inherited `process.env`. Stdio is inherited so interactive dev servers keep working.
48
+ * The parent process exits with the child's exit code.
49
+ */
50
+ declare function runEnvRun(options: EnvRunCommandOptions, ctx: CommandEnv): Promise<CommandResult>;
51
+ interface EnvExportCommandOptions extends EnvResolveOptions {
52
+ /** Output format. `dotenv` (KEY=value lines) by default; `json` for tooling / bulk loaders. */
53
+ format?: "dotenv" | "json";
54
+ }
55
+ /**
56
+ * Implementation of `neon-env export`. Resolves the branch's Neon env the same way `run`
57
+ * does (neon.ts policy + linked branch), then writes it to stdout — as dotenv lines or JSON —
58
+ * instead of spawning a process, so other env tools can consume it. For example, varlock can
59
+ * bulk-load it with `@setValuesBulk(exec("neon-env export --format json"), format=json)`.
60
+ */
61
+ declare function runEnvExport(options: EnvExportCommandOptions, ctx: CommandEnv): Promise<CommandResult>;
62
+ //#endregion
63
+ export { CommandEnv, CommandResult, EnvExportCommandOptions, EnvResolveOptions, EnvRunCommandOptions, runEnvExport, runEnvRun };
64
+ //# sourceMappingURL=commands.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"commands.d.ts","names":[],"sources":["../../../src/lib/cli/commands.ts"],"mappings":";;;;;;;;AAsBA;AASA;AAgBiB,UAzBA,UAAA,CAyBiB;EAOjB,GAAA,EAAA,MAAA;EAWK;;;;KAGX,CAAA,EAxCJ,OAwCI;;AAAD,UArCO,aAAA,CAqCP;EA4CO;EAWK,QAAA,EAAA,MAAY;EAAA;QACxB,EAAA,MAAA;;QAEC,EAAA,MAAA;;EAAD,SAAA,CAAA,EAAA,MAAA;;;;;;;UA/EO,iBAAA;;;;;;UAOA,oBAAA,SAA6B;;;;;;;;;;iBAWxB,SAAA,UACZ,2BACJ,aACH,QAAQ;UA4CM,uBAAA,SAAgC;;;;;;;;;;iBAW3B,YAAA,UACZ,8BACJ,aACH,QAAQ"}