@neondatabase/config 0.0.0 → 0.1.0

package/dist/lib/wrap-neon-error.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wrap-neon-error.js","names":[],"sources":["../../src/lib/wrap-neon-error.ts"],"sourcesContent":["import { ErrorCode, PlatformError } from \"./errors.js\";\n\n/**\n * Context the wrapper attaches to every PlatformError so consumers can debug without\n * digging into the raw axios stack.\n */\nexport interface NeonErrorContext {\n\t/** Short label of the operation that failed, e.g. `getProject(proj-foo)` or `createBranch`. */\n\top: string;\n\t/** Optional project id when the operation is project-scoped. */\n\tprojectId?: string;\n}\n\n/**\n * Turn a raw error from `@neondatabase/api-client` (axios under the hood) into a typed\n * {@link PlatformError} whose message includes:\n *\n * 1. What operation was attempted (`op`, e.g. `getProject(proj-foo)`).\n * 2. Why it failed in human terms (e.g. \"API key is unauthorized\").\n * 3. The exact Neon API error message + request id (when present) for support tickets.\n * 4. A concrete next action (\"Generate a new key at …\", \"Pass `projectId`\", …).\n *\n * Non-axios errors are passed through unchanged (a regular `Error` already has a useful\n * stack trace; wrapping it would lose information without adding value).\n */\nexport function wrapNeonError(\n\terr: unknown,\n\tcontext: NeonErrorContext,\n): PlatformError | unknown {\n\tif (err instanceof PlatformError) return err;\n\tconst httpInfo = extractHttpInfo(err);\n\tif (!httpInfo) {\n\t\tconst networkInfo = extractNetworkInfo(err);\n\t\tif (networkInfo) {\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.NetworkError,\n\t\t\t\t`Could not reach the Neon API while running ${context.op}: ${networkInfo.message}. Check your network connection and that https://console.neon.tech is reachable.`,\n\t\t\t\t{ cause: err, details: { op: context.op, ...networkInfo } },\n\t\t\t);\n\t\t}\n\t\treturn err;\n\t}\n\n\tconst apiSummary = httpInfo.neonMessage\n\t\t? `Neon API said: \"${httpInfo.neonMessage}\"`\n\t\t: `HTTP ${httpInfo.status}`;\n\tconst requestIdSuffix = httpInfo.requestId\n\t\t? ` (request id ${httpInfo.requestId})`\n\t\t: \"\";\n\tconst apiSummaryWithRequestId = `${apiSummary}${requestIdSuffix}.`;\n\n\tswitch (httpInfo.status) {\n\t\tcase 401:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.Unauthorized,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: the Bearer token sent to the Neon API was rejected.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\t\"Either (a) generate or rotate an API key at https://console.neon.tech/app/settings/api-keys and set NEON_API_KEY / pass --api-key, or (b) re-run `npx neonctl auth` to refresh the OAuth token in `~/.config/neonctl/credentials.json` (OAuth tokens expire).\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t\tcase 403:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.Forbidden,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: this API key is not allowed to perform that operation.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\t\"Project-scoped keys can only operate on their own project; switch to an organisation/user-scoped key or pass `projectId` for an operation that doesn't need listing.\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t\tcase 404:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.NotFound,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: resource not found on Neon.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\tcontext.projectId\n\t\t\t\t\t\t? `Verify that project '${context.projectId}' exists in this account and that the API key has access to it.`\n\t\t\t\t\t\t: \"Verify that the resource id is correct and that the API key has access to it.\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t\tcase 409:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.Conflict,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: a conflicting resource already exists on Neon.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\t\"This is often a name collision (e.g. a branch with the same name already exists). Pull first to compare against the remote, or rename in your `neon.ts`.\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t\tcase 423:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.Locked,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: the resource is still being modified by a previous operation, and our built-in retries did not drain it in time.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\t\"Wait a few seconds and re-run, or raise `retryOnLocked.maxAttempts` when constructing the real Neon adapter.\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t\tcase 429:\n\t\t\treturn new PlatformError(\n\t\t\t\tErrorCode.RateLimited,\n\t\t\t\t[\n\t\t\t\t\t`${context.op} failed: rate-limited by the Neon API.`,\n\t\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\t\"Back off and retry; if this happens repeatedly, contact Neon support with the request id above.\",\n\t\t\t\t].join(\" \"),\n\t\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t\t);\n\t}\n\n\tif (httpInfo.status >= 500) {\n\t\treturn new PlatformError(\n\t\t\tErrorCode.ServerError,\n\t\t\t[\n\t\t\t\t`${context.op} failed: the Neon API returned a server error (HTTP ${httpInfo.status}).`,\n\t\t\t\tapiSummaryWithRequestId,\n\t\t\t\t\"This is most likely transient. Retry shortly; if it persists, file an issue with the request id above and check https://neonstatus.com.\",\n\t\t\t].join(\" \"),\n\t\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t\t);\n\t}\n\n\t// 4xx we don't have a dedicated code for. Surface what we know.\n\treturn new PlatformError(\n\t\tErrorCode.ServerError,\n\t\t`${context.op} failed: HTTP ${httpInfo.status}. ${apiSummary}${requestIdSuffix}.`,\n\t\t{ cause: err, details: httpDetails(context, httpInfo) },\n\t);\n}\n\ninterface HttpInfo {\n\tstatus: number;\n\tneonMessage?: string;\n\tneonCode?: string;\n\trequestId?: string;\n}\n\nfunction extractHttpInfo(err: unknown): HttpInfo | null {\n\tif (err === null || typeof err !== \"object\") return null;\n\tconst response = (err as { response?: unknown }).response;\n\tif (response === null || typeof response !== \"object\") return null;\n\tconst status = (response as { status?: unknown }).status;\n\tif (typeof status !== \"number\") return null;\n\tconst data = (response as { data?: unknown }).data;\n\tconst out: HttpInfo = { status };\n\tif (data !== null && typeof data === \"object\") {\n\t\tconst dataObj = data as Record<string, unknown>;\n\t\tif (typeof dataObj.message === \"string\" && dataObj.message !== \"\")\n\t\t\tout.neonMessage = dataObj.message;\n\t\tif (typeof dataObj.code === \"string\" && dataObj.code !== \"\")\n\t\t\tout.neonCode = dataObj.code;\n\t\tif (typeof dataObj.request_id === \"string\" && dataObj.request_id !== \"\")\n\t\t\tout.requestId = dataObj.request_id;\n\t}\n\treturn out;\n}\n\ninterface NetworkInfo {\n\tmessage: string;\n\tcode?: string;\n}\n\nfunction extractNetworkInfo(err: unknown): NetworkInfo | null {\n\tif (err === null || typeof err !== \"object\") return null;\n\tconst code = (err as { code?: unknown }).code;\n\tconst message = (err as { message?: unknown }).message;\n\tif (\n\t\ttypeof code === \"string\" &&\n\t\t/^(ECONNREFUSED|ECONNRESET|ETIMEDOUT|ENOTFOUND|EAI_AGAIN|EPIPE|EHOSTUNREACH|ENETUNREACH)$/.test(\n\t\t\tcode,\n\t\t)\n\t) {\n\t\treturn { message: typeof message === \"string\" ? message : code, code };\n\t}\n\t// axios timeout reports `code: \"ECONNABORTED\"`.\n\tif (code === \"ECONNABORTED\") {\n\t\treturn {\n\t\t\tmessage: typeof message === \"string\" ? message : \"timeout\",\n\t\t\tcode,\n\t\t};\n\t}\n\treturn null;\n}\n\nfunction httpDetails(\n\tcontext: NeonErrorContext,\n\tinfo: HttpInfo,\n): Record<string, unknown> {\n\tconst out: Record<string, unknown> = {\n\t\top: context.op,\n\t\tstatus: info.status,\n\t};\n\tif (context.projectId) out.projectId = context.projectId;\n\tif (info.neonMessage) out.neonMessage = info.neonMessage;\n\tif (info.neonCode) out.neonCode = info.neonCode;\n\tif (info.requestId) out.requestId = info.requestId;\n\treturn out;\n}\n"],"mappings":";;;;;;;;;;;;;;AAyBA,SAAgB,cACf,KACA,SAC0B;CAC1B,IAAI,eAAe,eAAe,OAAO;CACzC,MAAM,WAAW,gBAAgB,GAAG;CACpC,IAAI,CAAC,UAAU;EACd,MAAM,cAAc,mBAAmB,GAAG;EAC1C,IAAI,aACH,OAAO,IAAI,cACV,UAAU,cACV,8CAA8C,QAAQ,GAAG,IAAI,YAAY,QAAQ,mFACjF;GAAE,OAAO;GAAK,SAAS;IAAE,IAAI,QAAQ;IAAI,GAAG;GAAY;EAAE,CAC3D;EAED,OAAO;CACR;CAEA,MAAM,aAAa,SAAS,cACzB,mBAAmB,SAAS,YAAY,KACxC,QAAQ,SAAS;CACpB,MAAM,kBAAkB,SAAS,YAC9B,gBAAgB,SAAS,UAAU,KACnC;CACH,MAAM,0BAA0B,GAAG,aAAa,gBAAgB;CAEhE,QAAQ,SAAS,QAAjB;EACC,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,cACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA;EACD,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;EACD,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,WACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA;EACD,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;EACD,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,UACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA,QAAQ,YACL,wBAAwB,QAAQ,UAAU,mEAC1C;EACJ,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;EACD,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,UACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA;EACD,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;EACD,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,QACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA;EACD,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;EACD,KAAK,KACJ,OAAO,IAAI,cACV,UAAU,aACV;GACC,GAAG,QAAQ,GAAG;GACd;GACA;EACD,EAAE,KAAK,GAAG,GACV;GAAE,OAAO;GAAK,SAAS,YAAY,SAAS,QAAQ;EAAE,CACvD;CACF;CAEA,IAAI,SAAS,UAAU,KACtB,OAAO,IAAI,cACV,UAAU,aACV;EACC,GAAG,QAAQ,GAAG,sDAAsD,SAAS,OAAO;EACpF;EACA;CACD,EAAE,KAAK,GAAG,GACV;EAAE,OAAO;EAAK,SAAS,YAAY,SAAS,QAAQ;CAAE,CACvD;CAID,OAAO,IAAI,cACV,UAAU,aACV,GAAG,QAAQ,GAAG,gBAAgB,SAAS,OAAO,IAAI,aAAa,gBAAgB,IAC/E;EAAE,OAAO;EAAK,SAAS,YAAY,SAAS,QAAQ;CAAE,CACvD;AACD;AASA,SAAS,gBAAgB,KAA+B;CACvD,IAAI,QAAQ,QAAQ,OAAO,QAAQ,UAAU,OAAO;CACpD,MAAM,WAAY,IAA+B;CACjD,IAAI,aAAa,QAAQ,OAAO,aAAa,UAAU,OAAO;CAC9D,MAAM,SAAU,SAAkC;CAClD,IAAI,OAAO,WAAW,UAAU,OAAO;CACvC,MAAM,OAAQ,SAAgC;CAC9C,MAAM,MAAgB,EAAE,OAAO;CAC/B,IAAI,SAAS,QAAQ,OAAO,SAAS,UAAU;EAC9C,MAAM,UAAU;EAChB,IAAI,OAAO,QAAQ,YAAY,YAAY,QAAQ,YAAY,IAC9D,IAAI,cAAc,QAAQ;EAC3B,IAAI,OAAO,QAAQ,SAAS,YAAY,QAAQ,SAAS,IACxD,IAAI,WAAW,QAAQ;EACxB,IAAI,OAAO,QAAQ,eAAe,YAAY,QAAQ,eAAe,IACpE,IAAI,YAAY,QAAQ;CAC1B;CACA,OAAO;AACR;AAOA,SAAS,mBAAmB,KAAkC;CAC7D,IAAI,QAAQ,QAAQ,OAAO,QAAQ,UAAU,OAAO;CACpD,MAAM,OAAQ,IAA2B;CACzC,MAAM,UAAW,IAA8B;CAC/C,IACC,OAAO,SAAS,YAChB,2FAA2F,KAC1F,IACD,GAEA,OAAO;EAAE,SAAS,OAAO,YAAY,WAAW,UAAU;EAAM;CAAK;CAGtE,IAAI,SAAS,gBACZ,OAAO;EACN,SAAS,OAAO,YAAY,WAAW,UAAU;EACjD;CACD;CAED,OAAO;AACR;AAEA,SAAS,YACR,SACA,MAC0B;CAC1B,MAAM,MAA+B;EACpC,IAAI,QAAQ;EACZ,QAAQ,KAAK;CACd;CACA,IAAI,QAAQ,WAAW,IAAI,YAAY,QAAQ;CAC/C,IAAI,KAAK,aAAa,IAAI,cAAc,KAAK;CAC7C,IAAI,KAAK,UAAU,IAAI,WAAW,KAAK;CACvC,IAAI,KAAK,WAAW,IAAI,YAAY,KAAK;CACzC,OAAO;AACR"}

package/dist/v1.d.ts

@@ -0,0 +1,132 @@
+import { AppliedChange, BranchConfig, BranchTarget, BucketAccessLevel, BucketConfig, ComputeSettings, Config, ConflictReport, FunctionConfig, FunctionMemoryMib, FunctionRuntime, PostgresConfig, PreviewConfig, PushResult, ResolvedBranchConfig, ResolvedBucketConfig, ResolvedFunctionConfig, ResolvedPreviewConfig, ServiceToggle } from "./lib/types.js";
+import { ConfigLoadError, ConfigValidationError, ErrorCode, MissingContextError, PlatformError, PushAbortedError, PushConflictError } from "./lib/errors.js";
+import { CreateBranchInput, CreateBucketInput, CreateProjectInput, DeployFunctionInput, GetConnectionUriInput, NeonApi, NeonAuthSnapshot, NeonBranchSnapshot, NeonBucketSnapshot, NeonDataApiSnapshot, NeonDatabaseSnapshot, NeonEndpointSnapshot, NeonFunctionDeploymentSnapshot, NeonFunctionSnapshot, NeonProjectSnapshot, NeonRoleSnapshot, UpdateBranchInput } from "./lib/neon-api.js";
+import { createNeonApiFromOptions, resolveApiKey } from "./lib/auth.js";
+import { defineConfig, resolveConfig } from "./lib/define-config.js";
+import { DiffOptions, DiffResult, PlanStep, RemotePreviewState, RemoteServiceState, RemoteState, diffConfig } from "./lib/diff.js";
+import { LoadConfigOptions, loadConfigFromFile } from "./lib/loader.js";
+import { createRealNeonApi } from "./lib/neon-api-real.js";
+import * as zod0 from "zod";
+import * as zod_v4_core0 from "zod/v4/core";
+
+//#region src/v1.d.ts
+
+/**
+ * Specific `PlatformError` subclasses, grouped for `instanceof` / structured access.
+ * Also available as top-level exports.
+ */
+declare const errors: {
+  readonly ConfigLoadError: typeof ConfigLoadError;
+  readonly ConfigValidationError: typeof ConfigValidationError;
+  readonly ErrorCode: {
+    readonly InvalidConfig: "PLATFORM_INVALID_CONFIG";
+    readonly EnvNotInjected: "PLATFORM_ENV_NOT_INJECTED";
+    readonly MissingContext: "PLATFORM_MISSING_CONTEXT";
+    readonly PushConflict: "PLATFORM_PUSH_CONFLICT";
+    readonly PushAborted: "PLATFORM_PUSH_ABORTED";
+    readonly ConfigLoadFailed: "PLATFORM_CONFIG_LOAD_FAILED";
+    readonly MissingApiKey: "PLATFORM_MISSING_API_KEY";
+    readonly AmbiguousBranchAuth: "PLATFORM_AMBIGUOUS_BRANCH_AUTH";
+    readonly BranchNotFound: "PLATFORM_BRANCH_NOT_FOUND";
+    readonly MissingParentBranch: "PLATFORM_MISSING_PARENT_BRANCH";
+    readonly Unauthorized: "PLATFORM_UNAUTHORIZED";
+    readonly Forbidden: "PLATFORM_FORBIDDEN";
+    readonly NotFound: "PLATFORM_NOT_FOUND";
+    readonly Conflict: "PLATFORM_CONFLICT";
+    readonly RateLimited: "PLATFORM_RATE_LIMITED";
+    readonly Locked: "PLATFORM_LOCKED";
+    readonly ServerError: "PLATFORM_SERVER_ERROR";
+    readonly NetworkError: "PLATFORM_NETWORK_ERROR";
+    readonly InternalError: "PLATFORM_INTERNAL_ERROR";
+  };
+  readonly MissingContextError: typeof MissingContextError;
+  readonly PlatformError: typeof PlatformError;
+  readonly PushAbortedError: typeof PushAbortedError;
+  readonly PushConflictError: typeof PushConflictError;
+};
+/** The zod schemas underlying `defineConfig`, grouped under product-friendly names. */
+declare const schemas: {
+  readonly branch: zod0.ZodObject<{
+    parent: zod0.ZodOptional<zod0.ZodString>;
+    protected: zod0.ZodOptional<zod0.ZodBoolean>;
+    ttl: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodString, zod0.ZodNumber]>>;
+    postgres: zod0.ZodOptional<zod0.ZodObject<{
+      computeSettings: zod0.ZodOptional<zod0.ZodObject<{
+        autoscalingLimitMinCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+        autoscalingLimitMaxCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+        suspendTimeout: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<false>, zod0.ZodString, zod0.ZodNumber]>>;
+      }, zod_v4_core0.$strict>>;
+    }, zod_v4_core0.$strict>>;
+    auth: zod0.ZodOptional<zod0.ZodObject<{
+      enabled: zod0.ZodOptional<zod0.ZodBoolean>;
+    }, zod_v4_core0.$strict>>;
+    dataApi: zod0.ZodOptional<zod0.ZodObject<{
+      enabled: zod0.ZodOptional<zod0.ZodBoolean>;
+    }, zod_v4_core0.$strict>>;
+    preview: zod0.ZodOptional<zod0.ZodObject<{
+      functions: zod0.ZodOptional<zod0.ZodArray<zod0.ZodObject<{
+        slug: zod0.ZodString;
+        name: zod0.ZodString;
+        source: zod0.ZodString;
+        env: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodString>>;
+        runtime: zod0.ZodOptional<zod0.ZodLiteral<"nodejs24">>;
+        memoryMib: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<256>, zod0.ZodLiteral<512>, zod0.ZodLiteral<1024>, zod0.ZodLiteral<2048>, zod0.ZodLiteral<4096>, zod0.ZodLiteral<8192>]>>;
+      }, zod_v4_core0.$strict>>>;
+      buckets: zod0.ZodOptional<zod0.ZodArray<zod0.ZodObject<{
+        name: zod0.ZodString;
+        access: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<"private">, zod0.ZodLiteral<"public_read">]>>;
+      }, zod_v4_core0.$strict>>>;
+      aiGateway: zod0.ZodOptional<zod0.ZodObject<{
+        enabled: zod0.ZodOptional<zod0.ZodBoolean>;
+      }, zod_v4_core0.$strict>>;
+    }, zod_v4_core0.$strict>>;
+  }, zod_v4_core0.$strict>;
+  readonly bucket: zod0.ZodObject<{
+    name: zod0.ZodString;
+    access: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<"private">, zod0.ZodLiteral<"public_read">]>>;
+  }, zod_v4_core0.$strict>;
+  readonly computeSettings: zod0.ZodObject<{
+    autoscalingLimitMinCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+    autoscalingLimitMaxCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+    suspendTimeout: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<false>, zod0.ZodString, zod0.ZodNumber]>>;
+  }, zod_v4_core0.$strict>;
+  readonly config: zod0.ZodFunction<zod0.ZodTuple<readonly [zod0.ZodUnknown], null>, zod0.ZodUnknown>;
+  readonly function: zod0.ZodObject<{
+    slug: zod0.ZodString;
+    name: zod0.ZodString;
+    source: zod0.ZodString;
+    env: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodString>>;
+    runtime: zod0.ZodOptional<zod0.ZodLiteral<"nodejs24">>;
+    memoryMib: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<256>, zod0.ZodLiteral<512>, zod0.ZodLiteral<1024>, zod0.ZodLiteral<2048>, zod0.ZodLiteral<4096>, zod0.ZodLiteral<8192>]>>;
+  }, zod_v4_core0.$strict>;
+  readonly postgres: zod0.ZodObject<{
+    computeSettings: zod0.ZodOptional<zod0.ZodObject<{
+      autoscalingLimitMinCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+      autoscalingLimitMaxCu: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<0.25>, zod0.ZodLiteral<0.5>, zod0.ZodLiteral<1>, zod0.ZodLiteral<2>, zod0.ZodLiteral<4>, zod0.ZodLiteral<8>]>>;
+      suspendTimeout: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<false>, zod0.ZodString, zod0.ZodNumber]>>;
+    }, zod_v4_core0.$strict>>;
+  }, zod_v4_core0.$strict>;
+  readonly preview: zod0.ZodObject<{
+    functions: zod0.ZodOptional<zod0.ZodArray<zod0.ZodObject<{
+      slug: zod0.ZodString;
+      name: zod0.ZodString;
+      source: zod0.ZodString;
+      env: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodString>>;
+      runtime: zod0.ZodOptional<zod0.ZodLiteral<"nodejs24">>;
+      memoryMib: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<256>, zod0.ZodLiteral<512>, zod0.ZodLiteral<1024>, zod0.ZodLiteral<2048>, zod0.ZodLiteral<4096>, zod0.ZodLiteral<8192>]>>;
+    }, zod_v4_core0.$strict>>>;
+    buckets: zod0.ZodOptional<zod0.ZodArray<zod0.ZodObject<{
+      name: zod0.ZodString;
+      access: zod0.ZodOptional<zod0.ZodUnion<readonly [zod0.ZodLiteral<"private">, zod0.ZodLiteral<"public_read">]>>;
+    }, zod_v4_core0.$strict>>>;
+    aiGateway: zod0.ZodOptional<zod0.ZodObject<{
+      enabled: zod0.ZodOptional<zod0.ZodBoolean>;
+    }, zod_v4_core0.$strict>>;
+  }, zod_v4_core0.$strict>;
+  readonly service: zod0.ZodObject<{
+    enabled: zod0.ZodOptional<zod0.ZodBoolean>;
+  }, zod_v4_core0.$strict>;
+};
+//#endregion
+export { type AppliedChange, type BranchConfig, type BranchTarget, type BucketAccessLevel, type BucketConfig, type ComputeSettings, type Config, ConfigLoadError, ConfigValidationError, type ConflictReport, type CreateBranchInput, type CreateBucketInput, type CreateProjectInput, type DeployFunctionInput, type DiffOptions, type DiffResult, ErrorCode, type FunctionConfig, type FunctionMemoryMib, type FunctionRuntime, type GetConnectionUriInput, type LoadConfigOptions, MissingContextError, type NeonApi, type NeonAuthSnapshot, type NeonBranchSnapshot, type NeonBucketSnapshot, type NeonDataApiSnapshot, type NeonDatabaseSnapshot, type NeonEndpointSnapshot, type NeonFunctionDeploymentSnapshot, type NeonFunctionSnapshot, type NeonProjectSnapshot, type NeonRoleSnapshot, type PlanStep, PlatformError, type PostgresConfig, type PreviewConfig, PushAbortedError, PushConflictError, type PushResult, type RemotePreviewState, type RemoteServiceState, type RemoteState, type ResolvedBranchConfig, type ResolvedBucketConfig, type ResolvedFunctionConfig, type ResolvedPreviewConfig, type ServiceToggle, type UpdateBranchInput, createNeonApiFromOptions, createRealNeonApi, defineConfig, diffConfig, errors, loadConfigFromFile, resolveApiKey, resolveConfig, schemas };
+//# sourceMappingURL=v1.d.ts.map

package/dist/v1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"v1.d.ts","names":[],"sources":["../src/v1.ts"],"mappings":";;;;;;;;;;;;;;;;;cA0Da;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAWA;;6BASH,IAAA,CAAA,SAAA"}

package/dist/v1.js

@@ -0,0 +1,69 @@
+import { ConfigLoadError, ConfigValidationError, ErrorCode, MissingContextError, PlatformError, PushAbortedError, PushConflictError } from "./lib/errors.js";
+import { branchConfigSchema, bucketConfigSchema, computeSettingsSchema, configSchema, functionConfigSchema, postgresConfigSchema, previewConfigSchema, serviceToggleSchema } from "./lib/schema.js";
+import { createRealNeonApi } from "./lib/neon-api-real.js";
+import { createNeonApiFromOptions, resolveApiKey } from "./lib/auth.js";
+import { defineConfig, resolveConfig } from "./lib/define-config.js";
+import { diffConfig } from "./lib/diff.js";
+import { loadConfigFromFile } from "./lib/loader.js";
+//#region src/v1.ts
+/**
+* `@neondatabase/config/v1` — the v1 public API for Config-as-Code on the Neon Platform.
+*
+* Usage in `neon.ts`:
+* ```ts
+* import { defineConfig } from "@neondatabase/config/v1";
+*
+* export default defineConfig((branch) => {
+*   if (branch.name === "main") return { protected: true, auth: {} };
+*   return { parent: "main", ttl: "7d" };
+* });
+* ```
+*
+* This is the **authoring** surface — `defineConfig`, types, schemas, the pure diff engine,
+* and the Neon API adapter. It is intentionally free of heavy/native dependencies so that
+* importing it from `neon.ts` stays cheap and bundler-safe.
+*
+* The imperative operations (`inspect` / `plan` / `apply`, `pushConfig` / `pullConfig`) and
+* function bundling/deploy live in **`@neondatabase/config-runtime`**, which depends on this
+* package and pulls in `esbuild`. Import that from your CLI / CI, not from `neon.ts`:
+* ```ts
+* import config from "../neon";
+* import { inspect, plan, apply } from "@neondatabase/config-runtime/v1";
+* ```
+*
+* Surface guidelines:
+* - Top-level: `defineConfig` / `resolveConfig`, the pure `diffConfig` engine, the
+*   `createRealNeonApi` adapter + `NeonApi` types, the config loader, the `PlatformError`
+*   base class + `ErrorCode` enum, and the config types used in `neon.ts`.
+* - `errors` namespace: specific `PlatformError` subclasses (`ConfigLoadError`,
+*   `PushConflictError`, …).
+* - `schemas` namespace: the zod schemas underlying `defineConfig`.
+*/
+/**
+* Specific `PlatformError` subclasses, grouped for `instanceof` / structured access.
+* Also available as top-level exports.
+*/
+const errors = {
+	ConfigLoadError,
+	ConfigValidationError,
+	ErrorCode,
+	MissingContextError,
+	PlatformError,
+	PushAbortedError,
+	PushConflictError
+};
+/** The zod schemas underlying `defineConfig`, grouped under product-friendly names. */
+const schemas = {
+	branch: branchConfigSchema,
+	bucket: bucketConfigSchema,
+	computeSettings: computeSettingsSchema,
+	config: configSchema,
+	function: functionConfigSchema,
+	postgres: postgresConfigSchema,
+	preview: previewConfigSchema,
+	service: serviceToggleSchema
+};
+//#endregion
+export { ConfigLoadError, ConfigValidationError, ErrorCode, MissingContextError, PlatformError, PushAbortedError, PushConflictError, createNeonApiFromOptions, createRealNeonApi, defineConfig, diffConfig, errors, loadConfigFromFile, resolveApiKey, resolveConfig, schemas };
+
+//# sourceMappingURL=v1.js.map

package/dist/v1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"v1.js","names":[],"sources":["../src/v1.ts"],"sourcesContent":["/**\n * `@neondatabase/config/v1` — the v1 public API for Config-as-Code on the Neon Platform.\n *\n * Usage in `neon.ts`:\n * ```ts\n * import { defineConfig } from \"@neondatabase/config/v1\";\n *\n * export default defineConfig((branch) => {\n *   if (branch.name === \"main\") return { protected: true, auth: {} };\n *   return { parent: \"main\", ttl: \"7d\" };\n * });\n * ```\n *\n * This is the **authoring** surface — `defineConfig`, types, schemas, the pure diff engine,\n * and the Neon API adapter. It is intentionally free of heavy/native dependencies so that\n * importing it from `neon.ts` stays cheap and bundler-safe.\n *\n * The imperative operations (`inspect` / `plan` / `apply`, `pushConfig` / `pullConfig`) and\n * function bundling/deploy live in **`@neondatabase/config-runtime`**, which depends on this\n * package and pulls in `esbuild`. Import that from your CLI / CI, not from `neon.ts`:\n * ```ts\n * import config from \"../neon\";\n * import { inspect, plan, apply } from \"@neondatabase/config-runtime/v1\";\n * ```\n *\n * Surface guidelines:\n * - Top-level: `defineConfig` / `resolveConfig`, the pure `diffConfig` engine, the\n *   `createRealNeonApi` adapter + `NeonApi` types, the config loader, the `PlatformError`\n *   base class + `ErrorCode` enum, and the config types used in `neon.ts`.\n * - `errors` namespace: specific `PlatformError` subclasses (`ConfigLoadError`,\n *   `PushConflictError`, …).\n * - `schemas` namespace: the zod schemas underlying `defineConfig`.\n */\n\nimport {\n\tConfigLoadError,\n\tConfigValidationError,\n\tErrorCode,\n\tMissingContextError,\n\tPlatformError,\n\tPushAbortedError,\n\tPushConflictError,\n} from \"./lib/errors.js\";\nimport {\n\tbranchConfigSchema,\n\tbucketConfigSchema,\n\tcomputeSettingsSchema,\n\tconfigSchema,\n\tfunctionConfigSchema,\n\tpostgresConfigSchema,\n\tpreviewConfigSchema,\n\tserviceToggleSchema,\n} from \"./lib/schema.js\";\n\n/**\n * Specific `PlatformError` subclasses, grouped for `instanceof` / structured access.\n * Also available as top-level exports.\n */\nexport const errors = {\n\tConfigLoadError,\n\tConfigValidationError,\n\tErrorCode,\n\tMissingContextError,\n\tPlatformError,\n\tPushAbortedError,\n\tPushConflictError,\n} as const;\n\n/** The zod schemas underlying `defineConfig`, grouped under product-friendly names. */\nexport const schemas = {\n\tbranch: branchConfigSchema,\n\tbucket: bucketConfigSchema,\n\tcomputeSettings: computeSettingsSchema,\n\tconfig: configSchema,\n\tfunction: functionConfigSchema,\n\tpostgres: postgresConfigSchema,\n\tpreview: previewConfigSchema,\n\tservice: serviceToggleSchema,\n} as const;\n\n// ─── Lower-level adapters ──────────────────────────────────────────────────────\nexport { createNeonApiFromOptions, resolveApiKey } from \"./lib/auth.js\";\nexport { defineConfig, resolveConfig } from \"./lib/define-config.js\";\n// ─── Diff engine (pure; consumed by @neondatabase/config-runtime) ─────────────\nexport type {\n\tDiffOptions,\n\tDiffResult,\n\tPlanStep,\n\tRemotePreviewState,\n\tRemoteServiceState,\n\tRemoteState,\n} from \"./lib/diff.js\";\nexport { diffConfig } from \"./lib/diff.js\";\n// ─── Errors ────────────────────────────────────────────────────────────────────\nexport {\n\tConfigLoadError,\n\tConfigValidationError,\n\tErrorCode,\n\tMissingContextError,\n\tPlatformError,\n\tPushAbortedError,\n\tPushConflictError,\n} from \"./lib/errors.js\";\nexport type { LoadConfigOptions } from \"./lib/loader.js\";\nexport { loadConfigFromFile } from \"./lib/loader.js\";\n// ─── NeonApi types (needed by callers implementing their own adapters) ────────\nexport type {\n\tCreateBranchInput,\n\tCreateBucketInput,\n\tCreateProjectInput,\n\tDeployFunctionInput,\n\tGetConnectionUriInput,\n\tNeonApi,\n\tNeonAuthSnapshot,\n\tNeonBranchSnapshot,\n\tNeonBucketSnapshot,\n\tNeonDataApiSnapshot,\n\tNeonDatabaseSnapshot,\n\tNeonEndpointSnapshot,\n\tNeonFunctionDeploymentSnapshot,\n\tNeonFunctionSnapshot,\n\tNeonProjectSnapshot,\n\tNeonRoleSnapshot,\n\tUpdateBranchInput,\n} from \"./lib/neon-api.js\";\nexport { createRealNeonApi } from \"./lib/neon-api-real.js\";\n// ─── Config types (used in neon.ts and in operation return values) ────────────\nexport type {\n\tAppliedChange,\n\tBranchConfig,\n\tBranchTarget,\n\tBucketAccessLevel,\n\tBucketConfig,\n\tComputeSettings,\n\tConfig,\n\tConflictReport,\n\tFunctionConfig,\n\tFunctionMemoryMib,\n\tFunctionRuntime,\n\tPostgresConfig,\n\tPreviewConfig,\n\tPushResult,\n\tResolvedBranchConfig,\n\tResolvedBucketConfig,\n\tResolvedFunctionConfig,\n\tResolvedPreviewConfig,\n\tServiceToggle,\n} from \"./lib/types.js\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0DA,MAAa,SAAS;CACrB;CACA;CACA;CACA;CACA;CACA;CACA;AACD;;AAGA,MAAa,UAAU;CACtB,QAAQ;CACR,QAAQ;CACR,iBAAiB;CACjB,QAAQ;CACR,UAAU;CACV,UAAU;CACV,SAAS;CACT,SAAS;AACV"}

package/package.json

@@ -1,18 +1,68 @@
 {
-	"name": "@neondatabase/config",
-	"version": "0.0.0",
-	"description": "Config-as-Code for the Neon Platform. Define a `neon.ts` policy and inspect/diff/deploy it against the Neon API as plain TypeScript functions.",
-	"keywords": [
-		"neon",
-		"database",
-		"postgres",
-		"iac",
-		"config-as-code",
-		"platform"
-	],
-	"license": "Apache-2.0",
-	"author": {
-		"name": "Neon",
-		"url": "https://neon.com"
-	}
-}
+  "name": "@neondatabase/config",
+  "version": "0.1.0",
+  "description": "Config-as-Code for the Neon Platform. Define a `neon.ts` policy and inspect/diff/deploy it against the Neon API as plain TypeScript functions.",
+  "keywords": [
+    "neon",
+    "database",
+    "postgres",
+    "iac",
+    "config-as-code",
+    "platform"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/neondatabase/neon-pkgs.git"
+  },
+  "license": "Apache-2.0",
+  "author": {
+    "name": "Neon",
+    "url": "https://neon.com"
+  },
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./v1": {
+      "types": "./dist/v1.d.ts",
+      "import": "./dist/v1.js",
+      "default": "./dist/v1.js"
+    }
+  },
+  "files": [
+    "README.md",
+    "dist/",
+    "package.json"
+  ],
+  "devDependencies": {
+    "@types/node": "^20.19.0",
+    "@vitest/coverage-v8": "3.0.9",
+    "console-fail-test": "0.5.0",
+    "tsdown": "^0.14.1",
+    "typescript": "^5.8.2",
+    "vitest": "^3.0.9"
+  },
+  "dependencies": {
+    "@neondatabase/api-client": "^2.7.1",
+    "jiti": "^2.7.0",
+    "zod": "^4.4.3"
+  },
+  "engines": {
+    "node": ">=22"
+  },
+  "publishConfig": {
+    "provenance": false
+  },
+  "scripts": {
+    "build": "tsc --noEmit && tsdown",
+    "test": "vitest --passWithNoTests",
+    "test:ci": "vitest run --passWithNoTests",
+    "test:e2e": "vitest run --config vitest.e2e.config.ts",
+    "tsc": "tsc"
+  }
+}

package/.env.example

@@ -1,5 +0,0 @@
-# Copy to `.env` and fill in real values. `.env` itself is gitignored.
-# Required to run `pnpm --filter @neondatabase/config test:e2e`.
-NEON_API_KEY=
-# Optional. When set, e2e tests scope project creation/listing to this org.
-NEON_ORG_ID=

package/e2e/errors.e2e.test.ts

@@ -1,52 +0,0 @@
-import { describe, expect } from "vitest";
-import { createRealNeonApi, ErrorCode, type PlatformError } from "../src/v1.js";
-import { detectApiKeyScope, e2eTest } from "./helpers.js";
-
-describe("e2e — error wrapping against real Neon API", () => {
-	e2eTest(
-		"bad API key yields PLATFORM_UNAUTHORIZED with key-rotation guidance",
-		async () => {
-			const api = createRealNeonApi({
-				apiKey: "napi_definitely_not_a_real_key_xxxxxxxxxxxxxxxxxx",
-			});
-			await expect(api.listProjects({})).rejects.toMatchObject({
-				code: ErrorCode.Unauthorized,
-			});
-			try {
-				await api.listProjects({});
-			} catch (err) {
-				const p = err as PlatformError;
-				expect(p.message).toContain(
-					"Bearer token sent to the Neon API was rejected",
-				);
-				expect(p.message).toContain(
-					"https://console.neon.tech/app/settings/api-keys",
-				);
-				expect(p.message).toContain("neonctl auth");
-			}
-		},
-	);
-
-	e2eTest(
-		"getProject on a non-existent id yields PLATFORM_NOT_FOUND with the offending id in the message",
-		async () => {
-			const scope = await detectApiKeyScope();
-			if (scope.kind !== "org-or-user") return;
-			const api = createRealNeonApi({
-				apiKey: process.env.NEON_API_KEY ?? "",
-			});
-			await expect(
-				api.getProject("proj-definitely-not-real-12345"),
-			).rejects.toMatchObject({
-				code: ErrorCode.NotFound,
-			});
-			try {
-				await api.getProject("proj-definitely-not-real-12345");
-			} catch (err) {
-				const p = err as PlatformError;
-				expect(p.message).toContain("proj-definitely-not-real-12345");
-				expect(p.details.status).toBe(404);
-			}
-		},
-	);
-});

package/e2e/helpers.ts

@@ -1,205 +0,0 @@
-import { randomUUID } from "node:crypto";
-import { createApiClient } from "@neondatabase/api-client";
-import { test } from "vitest";
-import type { NeonApi } from "../src/lib/neon-api.js";
-import { createRealNeonApi } from "../src/lib/neon-api-real.js";
-
-/**
- * Every e2e-created project is named `neon-ts-e2e-<uuid>`. Tests can register
- * `track(id)` to opt into the per-test cleanup hook. The suite-level
- * {@link sweepOrphans} additionally deletes leftovers from a previous failed run.
- */
-const PROJECT_PREFIX = "neon-ts-e2e-";
-
-/**
- * Default Neon region used by every e2e test that creates a project. Override per-test
- * by passing `region` to `defineConfig`.
- */
-export const DEFAULT_REGION = "aws-us-east-2";
-
-/** Generate a project name guaranteed not to collide with anything else in the org. */
-export function uniqueProjectName(suffix?: string): string {
-	const id = randomUUID().slice(0, 8);
-	return suffix
-		? `${PROJECT_PREFIX}${id}-${suffix}`
-		: `${PROJECT_PREFIX}${id}`;
-}
-
-function requireApiKey(): string {
-	const key = process.env.NEON_API_KEY;
-	if (!key || key.trim() === "") {
-		throw new Error(
-			"NEON_API_KEY is not set. Create packages/config/.env (see .env.example) before running test:e2e.",
-		);
-	}
-	return key;
-}
-
-/** The same real NeonApi adapter the SDK uses internally — exercised end-to-end. */
-export function makeRealApi(): NeonApi {
-	return createRealNeonApi({ apiKey: requireApiKey() });
-}
-
-/**
- * Create a real Neon project via the NeonApi adapter directly. `pushConfig` no longer
- * provisions projects (callers are expected to run `neonctl link` first), so every e2e
- * test that needs a fresh project to push against goes through this helper instead.
- */
-export async function bootstrapProject(
-	api: NeonApi,
-	args: { name: string; region: string },
-): Promise<string> {
-	const created = await api.createProject({
-		name: args.name,
-		regionId: args.region,
-	});
-	return created.id;
-}
-
-/** Lower-level Neon client. Used by cleanup and a few setup helpers. */
-function makeRawClient(): ReturnType<typeof createApiClient> {
-	return createApiClient({ apiKey: requireApiKey() });
-}
-
-/**
- * Discriminates the key currently configured. Project-scoped keys can't list projects;
- * org/user-scoped keys can.
- */
-export type ApiKeyScope =
-	| { kind: "org-or-user"; canCreate: true }
-	| { kind: "project"; projectId: string; canCreate: false };
-
-/**
- * Probe the configured API key to find out what it can do. Memoised because we only need
- * to do this once per process.
- */
-let cachedScope: ApiKeyScope | undefined;
-export async function detectApiKeyScope(): Promise<ApiKeyScope> {
-	if (cachedScope) return cachedScope;
-	const client = makeRawClient();
-	try {
-		await client.listProjects({ limit: 1 });
-		cachedScope = { kind: "org-or-user", canCreate: true };
-		return cachedScope;
-	} catch (err) {
-		const status = (err as { response?: { status?: number } } | undefined)
-			?.response?.status;
-		if (status !== 401 && status !== 403) throw err;
-	}
-	const fixedProjectId = process.env.NEON_PROJECT_ID;
-	if (!fixedProjectId || fixedProjectId.trim() === "") {
-		throw new Error(
-			"API key cannot list projects (looks project-scoped) and NEON_PROJECT_ID is not set. " +
-				"Set NEON_PROJECT_ID in packages/config/.env to target a fixed project for the bounded e2e subset.",
-		);
-	}
-	cachedScope = {
-		kind: "project",
-		projectId: fixedProjectId,
-		canCreate: false,
-	};
-	return cachedScope;
-}
-
-/**
- * Delete a project, ignoring "already gone" errors so cleanup is idempotent. Refuses to
- * delete anything that isn't prefixed with {@link PROJECT_PREFIX} so a mis-typed id can
- * never wipe an unrelated project.
- */
-async function deleteProject(projectId: string): Promise<void> {
-	const client = makeRawClient();
-	const project = await client.getProject(projectId).catch((err) => {
-		const status = (err as { response?: { status?: number } } | undefined)
-			?.response?.status;
-		if (status === 404 || status === 410) return null;
-		throw err;
-	});
-	if (!project) return;
-	if (!project.data.project.name.startsWith(PROJECT_PREFIX)) {
-		throw new Error(
-			`Refusing to delete project ${projectId} ("${project.data.project.name}"): does not match the e2e prefix.`,
-		);
-	}
-	// Retry on 423 (locked while a previous mutation is in flight) so cleanup is robust.
-	const maxAttempts = 12;
-	let delay = 500;
-	for (let attempt = 1; attempt <= maxAttempts; attempt++) {
-		try {
-			await client.deleteProject(projectId);
-			return;
-		} catch (err) {
-			const status = (
-				err as { response?: { status?: number } } | undefined
-			)?.response?.status;
-			if (status === 404 || status === 410) return;
-			if (status !== 423 || attempt === maxAttempts) throw err;
-			await sleep(delay);
-			delay = Math.min(delay * 2, 5_000);
-		}
-	}
-}
-
-/**
- * List every project whose name starts with {@link PROJECT_PREFIX} and delete them.
- * Called once at suite start to mop up orphans from a previous failed run.
- */
-export async function sweepOrphans(): Promise<{ swept: string[] }> {
-	const scope = await detectApiKeyScope();
-	if (scope.kind === "project") return { swept: [] };
-	const client = makeRawClient();
-	const swept: string[] = [];
-	let cursor: string | undefined;
-	while (true) {
-		const res = await client.listProjects({
-			limit: 100,
-			...(cursor ? { cursor } : {}),
-		});
-		for (const project of res.data.projects) {
-			if (project.name.startsWith(PROJECT_PREFIX)) {
-				await deleteProject(project.id);
-				swept.push(project.id);
-			}
-		}
-		const next = (res.data as { pagination?: { next?: string } }).pagination
-			?.next;
-		if (!next || next === cursor) break;
-		cursor = next;
-	}
-	return { swept };
-}
-
-/**
- * A vitest `test.extend` fixture that tracks every project id a test creates and deletes
- * each one in the cleanup phase, even if the test failed mid-way. Use `track(id)` to
- * register ids — cleanup runs regardless of outcome.
- */
-export const e2eTest = test.extend<{
-	track: (projectId: string) => void;
-}>({
-	// biome-ignore lint/correctness/noEmptyPattern: vitest's fixture API requires this exact shape.
-	track: async ({}, use) => {
-		const created: string[] = [];
-		await use((projectId: string) => {
-			created.push(projectId);
-		});
-		for (const projectId of created) {
-			try {
-				await deleteProject(projectId);
-			} catch (err) {
-				// Surface, but don't fail on cleanup errors — the orphan sweep on the next
-				// run will mop up anything we miss.
-				console.error(
-					`[e2e cleanup] failed to delete ${projectId}: ${(err as Error).message}`,
-				);
-			}
-		}
-	},
-});
-
-/**
- * Some Neon operations are eventually consistent (notably branch creation finishing
- * `init` → `ready`). A small wait avoids racing on subsequent reads.
- */
-function sleep(ms: number): Promise<void> {
-	return new Promise((resolve) => setTimeout(resolve, ms));
-}

package/e2e/load-env.ts

@@ -1,29 +0,0 @@
-// Loaded by vitest.e2e.config.ts `setupFiles`; not imported statically.
-// fallow-ignore-file unused-file
-import { existsSync, readFileSync } from "node:fs";
-import { dirname, resolve } from "node:path";
-import { fileURLToPath } from "node:url";
-
-/**
- * Vitest setup file — loads `packages/config/.env` into `process.env` so e2e tests can
- * read `NEON_API_KEY` (and friends). Node 22 has `--env-file` but it's per-process; doing
- * it here keeps the test command short (`pnpm test:e2e`).
- *
- * Lines starting with `#` are treated as comments; everything else is parsed as
- * `KEY=value` (no quoting / interpolation — we keep this minimal on purpose).
- */
-const here = dirname(fileURLToPath(import.meta.url));
-const envPath = resolve(here, "..", ".env");
-
-if (existsSync(envPath)) {
-	const raw = readFileSync(envPath, "utf-8");
-	for (const rawLine of raw.split("\n")) {
-		const line = rawLine.trim();
-		if (line === "" || line.startsWith("#")) continue;
-		const eq = line.indexOf("=");
-		if (eq <= 0) continue;
-		const key = line.slice(0, eq).trim();
-		const value = line.slice(eq + 1).trim();
-		if (process.env[key] === undefined) process.env[key] = value;
-	}
-}

package/e2e/setup.ts

@@ -1,24 +0,0 @@
-// Loaded by vitest.e2e.config.ts `setupFiles`; not imported statically.
-// fallow-ignore-file unused-file
-import { beforeAll } from "vitest";
-import { detectApiKeyScope, sweepOrphans } from "./helpers.js";
-
-/**
- * Suite-level setup. Runs once before any e2e test:
- * 1. Probes the configured API key to detect its scope. We do this here so a misconfigured
- *    environment fails fast with a clear message rather than surfacing as cryptic 403s
- *    inside individual tests.
- * 2. When the key is org/user-scoped, sweep any orphaned `neon-ts-e2e-*` projects
- *    left over from a previous run.
- */
-beforeAll(async () => {
-	const scope = await detectApiKeyScope();
-	if (scope.kind === "org-or-user") {
-		const { swept } = await sweepOrphans();
-		if (swept.length > 0) {
-			console.warn(
-				`[e2e setup] swept ${swept.length} orphaned project(s) from a previous run.`,
-			);
-		}
-	}
-});

package/src/index.ts

@@ -1,5 +0,0 @@
-/**
- * The default entry point re-exports the latest stable version. New consumers should import
- * directly from `@neondatabase/config/v1` to opt in to a specific major.
- */
-export * from "./v1.js";