@opengeni/db 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,8 +1,8 @@
1
- import { SessionEventType, Permission, CapabilityKind, CapabilitySource, ScheduledTaskStatus, ScheduledTaskScheduleSpec, ScheduledTaskRunMode, ScheduledTaskOverlapPolicy, ScheduledTaskAgentConfig, SessionGoalCreatedBy, SocialProvider, SocialConnectionStatus, SessionTurnSource, ResourceRef, ToolRef, ReasoningEffort, SandboxBackend, SessionGoal, CapabilityPack, SessionTurn, SessionEvent, SessionStatus, Session, BillingBalance, AccessContext, FileAsset, ApiKey, ScheduledTask, ScheduledTaskTriggerType, ScheduledTaskRun, SandboxOs, SocialConnection, SocialPost, Workspace, WorkspaceEnvironment, CapabilityInstallation, PackInstallation, SessionTurnStatus, CapabilityCatalogItem, FileUploadStatus, ManagedAccount, AccessGrant, WorkspaceRegisteredPack, UsageEvent, WorkspaceMember, SessionGoalStatus, WorkspaceEnvironmentVariableMetadata, PackInstallationStatus, ScheduledTaskRunStatus } from '@opengeni/contracts';
1
+ import { SessionEventType, Permission, CapabilityKind, CapabilitySource, ScheduledTaskStatus, ScheduledTaskScheduleSpec, ScheduledTaskRunMode, ScheduledTaskOverlapPolicy, ScheduledTaskAgentConfig, SessionGoalCreatedBy, SocialProvider, SocialConnectionStatus, SessionTurnSource, ResourceRef, ToolRef, ReasoningEffort, SandboxBackend, SessionGoal, CapabilityPack, SessionMcpServerMetadata, SessionTurn, SessionEvent, SessionStatus, Session, BillingBalance, AccessContext, FileAsset, ApiKey, ScheduledTask, ScheduledTaskTriggerType, ScheduledTaskRun, SandboxOs, SocialConnection, SocialPost, Workspace, WorkspaceEnvironment, CapabilityInstallation, PackInstallation, SessionTurnStatus, CapabilityCatalogItem, FileUploadStatus, ManagedAccount, AccessGrant, WorkspaceRegisteredPack, UsageEvent, WorkspaceMember, SessionGoalStatus, WorkspaceEnvironmentVariableMetadata, PackInstallationStatus, ScheduledTaskRunStatus } from '@opengeni/contracts';
2
2
  import { environmentsEncryptionKeyBytes, Settings } from '@opengeni/config';
3
3
  import { refreshCodexToken, CodexTokenSnapshot, CodexUsagePayload } from '@opengeni/codex';
4
4
  import { PgDatabase } from 'drizzle-orm/pg-core';
5
- import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-CaeZQAJQ.js';
5
+ import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-BI0iqN9U.js';
6
6
  import 'drizzle-orm';
7
7
  import './migrate.js';
8
8
 
@@ -483,6 +483,29 @@ type EnabledMcpCapabilityServer = {
483
483
  */
484
484
  headersEncrypted?: Record<string, string>;
485
485
  };
486
+ type CreateSessionMcpServerInput = {
487
+ id: string;
488
+ name?: string | null;
489
+ url: string;
490
+ allowedTools?: string[] | null;
491
+ timeoutMs?: number | null;
492
+ cacheToolsList?: boolean | null;
493
+ headersEncrypted?: Record<string, string>;
494
+ };
495
+ type UpdateSessionMcpServerCredentialsInput = {
496
+ id: string;
497
+ headersEncrypted: Record<string, string>;
498
+ };
499
+ type UpdateSessionMcpServerCredentialsResult = {
500
+ servers: SessionMcpServerMetadata[];
501
+ missingIds: string[];
502
+ };
503
+ type SessionMcpServerForRun = SessionMcpServerMetadata & {
504
+ allowedTools?: string[];
505
+ timeoutMs?: number;
506
+ cacheToolsList?: boolean;
507
+ headers: Record<string, string>;
508
+ };
486
509
  type EnqueueSessionTurnInput = {
487
510
  accountId: string;
488
511
  workspaceId: string;
@@ -951,6 +974,19 @@ declare function recordAuditEvent(db: Database, input: {
951
974
  targetId?: string | null;
952
975
  metadata?: Record<string, unknown>;
953
976
  }): Promise<void>;
977
+ declare function createSessionMcpServers(db: Database, input: {
978
+ accountId: string;
979
+ workspaceId: string;
980
+ sessionId: string;
981
+ servers: CreateSessionMcpServerInput[];
982
+ }): Promise<SessionMcpServerMetadata[]>;
983
+ declare function listSessionMcpServerMetadata(db: Database, workspaceId: string, sessionId: string): Promise<SessionMcpServerMetadata[]>;
984
+ declare function updateSessionMcpServerCredentials(db: Database, input: {
985
+ workspaceId: string;
986
+ sessionId: string;
987
+ updates: UpdateSessionMcpServerCredentialsInput[];
988
+ }): Promise<UpdateSessionMcpServerCredentialsResult>;
989
+ declare function listSessionMcpServersForRun(db: Database, workspaceId: string, sessionId: string, encryptionKey: Uint8Array): Promise<SessionMcpServerForRun[]>;
954
990
  declare function createSession(db: Database, input: {
955
991
  accountId: string;
956
992
  workspaceId: string;
@@ -966,6 +1002,7 @@ declare function createSession(db: Database, input: {
966
1002
  createIdempotencyKey?: string | null;
967
1003
  sandboxGroupId?: string | null;
968
1004
  sandboxOs?: SandboxOs;
1005
+ mcpServers?: CreateSessionMcpServerInput[];
969
1006
  }): Promise<Session>;
970
1007
  /**
971
1008
  * Inserts a session under a workspace-scoped CREATE idempotency key, collapsing
@@ -992,6 +1029,7 @@ declare function createSessionWithIdempotencyKey(db: Database, input: {
992
1029
  createIdempotencyKey: string;
993
1030
  sandboxGroupId?: string | null;
994
1031
  sandboxOs?: SandboxOs;
1032
+ mcpServers?: CreateSessionMcpServerInput[];
995
1033
  }): Promise<{
996
1034
  session: Session;
997
1035
  created: boolean;
@@ -1029,7 +1067,14 @@ declare function listSessions(db: Database, workspaceId: string, limit?: number)
1029
1067
  */
1030
1068
  declare function countActiveSessionsForWorkspace(db: Database, workspaceId: string): Promise<number>;
1031
1069
  declare function requireSession(db: Database, workspaceId: string, sessionId: string): Promise<Session>;
1032
- declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string, after?: number, limit?: number): Promise<SessionEvent[]>;
1070
+ type ListSessionEventsOptions = {
1071
+ after?: number;
1072
+ before?: number;
1073
+ limit?: number;
1074
+ };
1075
+ declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string): Promise<SessionEvent[]>;
1076
+ declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string, after: number, limit?: number): Promise<SessionEvent[]>;
1077
+ declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string, options: ListSessionEventsOptions): Promise<SessionEvent[]>;
1033
1078
  declare function getSessionEvent(db: Database, workspaceId: string, eventId: string): Promise<SessionEvent | null>;
1034
1079
  declare function getLatestRunState(db: Database, workspaceId: string, sessionId: string): Promise<{
1035
1080
  id: string;
@@ -1060,8 +1105,8 @@ declare function getSessionHistoryItems(db: Database, workspaceId: string, sessi
1060
1105
  }>>;
1061
1106
  /**
1062
1107
  * The LIVE conversation-truth read path: only active rows, position-ordered.
1063
- * After a client-side context compaction this returns [active summary,
1064
- * ...active recent tail]; with no compaction yet it equals
1108
+ * After a client-side context compaction this returns [retained user messages,
1109
+ * active summary]; with no compaction yet it equals
1065
1110
  * getSessionHistoryItems. The model-facing read path uses this so superseded
1066
1111
  * (summarized-away) prefix rows are excluded while the full transcript stays in
1067
1112
  * the table as an audit trail.
@@ -1137,8 +1182,18 @@ declare function applyContextCompaction(db: Database, input: {
1137
1182
  turnId?: string | null;
1138
1183
  /** Active prefix rows with position < boundaryPosition get superseded. */
1139
1184
  boundaryPosition: number;
1140
- /** Fractional position for the new summary row (must be < boundaryPosition). */
1185
+ /** Position for the new summary row. Old boundary mode uses a fractional half-step before the kept tail. */
1141
1186
  summaryPosition: number;
1187
+ /**
1188
+ * Optional replacement rows inserted after superseding the old active set.
1189
+ * Used by Codex-parity client compaction to rebuild active history as retained
1190
+ * user messages plus one summary. These rows are synthetic replay rows, so
1191
+ * they intentionally do not inherit the current compaction turn id.
1192
+ */
1193
+ replacementItems?: Array<{
1194
+ position: number;
1195
+ item: Record<string, unknown>;
1196
+ }>;
1142
1197
  summaryItem: Record<string, unknown>;
1143
1198
  }): Promise<void>;
1144
1199
  /**
@@ -2047,7 +2102,10 @@ declare function appendSessionEventsAndUpdateSession(db: Database, workspaceId:
2047
2102
  status?: SessionStatus;
2048
2103
  activeTurnId?: string | null;
2049
2104
  }): Promise<SessionEvent[]>;
2050
- declare function appendSessionEventsWithLockedSessionUpdate(db: Database, workspaceId: string, sessionId: string, build: (session: Session) => {
2105
+ type LockedSessionUpdateContext = {
2106
+ updateSessionMcpServerCredentials: (updates: UpdateSessionMcpServerCredentialsInput[]) => Promise<UpdateSessionMcpServerCredentialsResult>;
2107
+ };
2108
+ type LockedSessionUpdateResult = {
2051
2109
  events: AppendEventInput[];
2052
2110
  update?: {
2053
2111
  resources?: ResourceRef[];
@@ -2057,7 +2115,8 @@ declare function appendSessionEventsWithLockedSessionUpdate(db: Database, worksp
2057
2115
  status?: SessionStatus;
2058
2116
  activeTurnId?: string | null;
2059
2117
  };
2060
- }): Promise<SessionEvent[]>;
2118
+ };
2119
+ declare function appendSessionEventsWithLockedSessionUpdate(db: Database, workspaceId: string, sessionId: string, build: (session: Session, context: LockedSessionUpdateContext) => LockedSessionUpdateResult | Promise<LockedSessionUpdateResult>): Promise<SessionEvent[]>;
2061
2120
  declare function sessionSubject(workspaceId: string, sessionId: string): string;
2062
2121
 
2063
- export { type SessionCodexState as $, type AccrueWarmSecondsResult as A, type BootstrapWorkspaceInput as B, CLEARED_RUN_STATE as C, type Database as D, type EnableCapabilityInstallationInput as E, type EnrollmentOs as F, type EnrollmentRecord as G, type EnrollmentStatus as H, type ForceDrainResult as I, type GitHubInstallation as J, type GoalContinuationDecision as K, type LeaseHolderKind as L, type LeaseSnapshot as M, MACHINE_METRICS_SERIES_INTERVAL_MS as N, type MachineMetricsRow as O, type MachineMetricsSample as P, type ProvisionResult, type ProvisionRolesOptions, type MeterableWarmLease as Q, type ReapDrainable as R, type RegisterWorkspacePackInput as S, type RlsContext as T, type RlsStrategy as U, SandboxImageConflictError as V, type SandboxKind as W, type SandboxLeaseLiveness as X, SandboxLeaseSupersededError as Y, type SandboxPtySessionRow as Z, type SandboxRecord as _, type AcquireLeaseInput as a, decryptedCapabilityHeaders as a$, type SessionRecordingCodec as a0, type SessionRecordingMode as a1, type SessionRecordingRow as a2, type SessionRecordingState as a3, type StreamAcknowledgment as a4, type UpdateQueuedSessionTurnInput as a5, type UpdateScheduledTaskInput as a6, type UserLookup as a7, type WakeParentForChildCompletionInput as a8, type WakeParentForChildCompletionResult as a9, countActiveSessionHistoryItems as aA, countActiveSessionsForWorkspace as aB, countActiveSessionsUsingEnvironment as aC, countConsecutiveReactiveRotations as aD, countScheduledTasksForWorkspace as aE, countScheduledTasksUsingEnvironment as aF, countSessionHistoryItems as aG, countTurnSessionHistoryItems as aH, countWorkspaceEnvironments as aI, countWorkspacesForAccount as aJ, createApiKey as aK, createDb as aL, createDeviceEnrollmentRequest as aM, createEnrollment as aN, createFileUpload as aO, createSandbox as aP, createScheduledTask as aQ, createScheduledTaskRun as aR, createSession as aS, createSessionGoal as aT, createSessionWithIdempotencyKey as aU, createSocialConnection as aV, createSocialPost as aW, createTurn as aX, createWorkspace as aY, createWorkspaceEnvironment as aZ, decryptEnvironmentValue as a_, type WorkspaceEnvironmentForRun as aa, accrueWarmSeconds as ab, acquireLease as ac, allAccountPermissions as ad, allWorkspacePermissions as ae, appendSessionEvents as af, appendSessionEventsAndUpdateSession as ag, appendSessionEventsWithLockedSessionUpdate as ah, appendSessionHistoryItems as ai, applyContextCompaction as aj, applyCreditDebitUpToBalance as ak, applyCreditLedgerEntry as al, approveDeviceEnrollmentRequest as am, bootstrapWorkspace as an, buildCodexTokenResolver as ao, cancelQueuedSessionTurn as ap, claimNextQueuedTurn as aq, clearSessionContext as ar, clearedContextMarkerItem as as, closePtySession as at, commitWarmingToWarm as au, completeFileUpload as av, confirmDrainCold as aw, consumeDeviceEnrollmentRequest as ax, consumeSessionCompactionRequest as ay, countActiveApiKeysForWorkspace as az, type AcquireLeaseResult as b, hasCreditLedgerEntry as b$, deleteRecording as b0, deleteScheduledTask as b1, deleteWorkspace as b2, deleteWorkspaceEnvironment as b3, deleteWorkspaceEnvironmentVariable as b4, deleteWorkspacePack as b5, denyDeviceEnrollmentRequest as b6, disableCapabilityInstallation as b7, disconnectAllCodexAccounts as b8, disconnectCodexAccount as b9, getManagedAccount as bA, getManagedUserByEmail as bB, getOpenPtySession as bC, getPackInstallation as bD, getPendingDeviceEnrollmentRequestByUserCode as bE, getPendingDeviceEnrollmentRequestByUserCodeGlobal as bF, getRecording as bG, getSandbox as bH, getSandboxSessionEnvelope as bI, getScheduledTask as bJ, getSession as bK, getSessionByCreateIdempotencyKey as bL, getSessionCodexState as bM, getSessionEvent as bN, getSessionGoal as bO, getSessionHistoryItems as bP, getSessionTurn as bQ, getSocialConnection as bR, getStoredCapabilityHeaderCiphertext as bS, getStreamAcknowledgment as bT, getWorkspace as bU, getWorkspaceEnvironment as bV, getWorkspaceEnvironmentByName as bW, getWorkspaceEnvironmentValuesForRun as bX, getWorkspaceGrant as bY, getWorkspacePack as bZ, grantWorkspaceAccess as b_, enableCapabilityInstallation as ba, enablePackInstallation as bb, encryptEnvironmentValue as bc, enqueueSessionTurn as bd, ensureCodexRotationSettings as be, ensureManagedAccessForUser as bf, evaluateGoalContinuation as bg, failWarmingToCold as bh, fetchCodexUsageForAccount as bi, finalizeEnrollmentByToken as bj, findActiveApiKeyByHash as bk, finishTurn as bl, forceDrainOverLimitViewerOnlyBoxes as bm, getActiveSessionHistoryItems as bn, getAnySessionInGroup as bo, getBillingBalance as bp, getBillingCustomer as bq, getCapabilityCatalogItem as br, getCapabilityInstallation as bs, getCodexCredentialStatus as bt, getCodexRotationSettings as bu, getDeviceEnrollmentRequestByDeviceCode as bv, getEnrollment as bw, getFile as bx, getFileUpload as by, getLatestRunState as bz, type ActiveSandboxPointer as c, releaseLeaseHolder as c$, heartbeatLeaseHolder as c0, incrementTurnWorkerDeathRedispatches as c1, ingestMachineMetricsSample as c2, insertMachineMetricsSeries as c3, insertPtySession as c4, insertRecording as c5, isCodexBilledTurn as c6, isStripeWebhookProcessed as c7, listApiKeys as c8, listCapabilityCatalogItems as c9, loadWorkspaceEnvironmentForRun as cA, markFileUploadFailed as cB, markStripeWebhookProcessed as cC, mcpServerIdForCapability as cD, nextSessionHistoryPosition as cE, orphanedResultRowIndicesForRepair as cF, persistDrainSnapshot as cG, reArmDrainingLease as cH, readActiveSandbox as cI, readLease as cJ, readMachineMetricsLatest as cK, readMachineMetricsLatestForWorkspace as cL, readMachineMetricsSeries as cM, reapStaleLeaseHolders as cN, reapStaleLeaseHoldersGlobal as cO, recordAuditEvent as cP, recordCodexAccountConnectors as cQ, recordCodexAccountUsage as cR, recordCodexTokenRefresh as cS, recordLeaseDataPlaneUrl as cT, recordLeaseTerminalDataPlaneUrl as cU, recordSessionActiveCodexCredential as cV, recordStreamAcknowledgment as cW, recordStripeWebhookEvent as cX, recordUsageEvent as cY, registerDbBinding as cZ, registerWorkspacePack as c_, listCapabilityInstallations as ca, listCodexAccountStatuses as cb, listDistinctEnvironmentIdsInGroup as cc, listEnabledMcpCapabilityServers as cd, listEnrollments as ce, listGitHubInstallationIdsForWorkspace as cf, listGitHubInstallationsForWorkspace as cg, listMeterableWarmLeases as ch, listOpenPtySessions as ci, listPackInstallations as cj, listRecordings as ck, listSandboxes as cl, listScheduledTaskRuns as cm, listScheduledTasks as cn, listSessionEvents as co, listSessionIdsInGroup as cp, listSessionTurns as cq, listSessions as cr, listSocialConnections as cs, listSocialPosts as ct, listUsageEvents as cu, listWorkspaceEnvironments as cv, listWorkspaceMembers as cw, listWorkspacePacks as cx, listWorkspacesForSubject as cy, loadCodexCredentialForRun as cz, type AppendEventInput as d, removeWorkspaceMember as d0, renameCodexAccount as d1, reorderQueuedSessionTurns as d2, requestSessionCompaction as d3, requeuePreemptedTurn as d4, requireFile as d5, requireScheduledTask as d6, requireSession as d7, requireSocialConnection as d8, requireWorkspace as d9, updatePackInstallationStatus as dA, updatePtySessionActivity as dB, updateQueuedSessionTurn as dC, updateRecording as dD, updateScheduledTask as dE, updateScheduledTaskRun as dF, updateSessionGoal as dG, updateSessionTitle as dH, updateWorkspace as dI, updateWorkspaceEnvironment as dJ, upsertBillingCustomer as dK, upsertCapabilityCatalogItem as dL, upsertCodexSubscriptionCredential as dM, upsertGitHubInstallation as dN, upsertMachineMetricsLatest as dO, upsertSandboxSessionEnvelope as dP, upsertSessionGoal as dQ, wakeParentSessionForChildCompletion as dR, withAccountRls as dS, withRlsContext as dT, withWorkspaceRls as dU, withWorkspaceUsageLock as dV, workspaceCodexSubscriptionActive as dW, revokeApiKey as da, revokeEnrollment as db, revokeViewer as dc, rlsContextForWorkspace as dd, rlsStrategyFor as de, sanitizeEventPayload as df, sanitizeEventString as dg, saveRunState as dh, sessionSubject as di, setActiveCodexCredential as dj, setActiveSandbox as dk, setCodexCredentialExhausted as dl, setCodexCredentialStatus as dm, setEnrollmentHasDisplay as dn, setRlsContext as dp, setSessionCodexPin as dq, setSessionGoalLastContinuationTurn as dr, setSessionGoalStatus as ds, setSessionLastInputTokens as dt, setSessionStatus as du, setTemporalWorkflowId as dv, setWorkspaceEnvironmentVariable as dw, sumUsageQuantity as dx, touchEnrollmentLastSeen as dy, updateCodexRotationSettings as dz, CODEX_ROTATION_STRATEGIES as e, type ClearSessionContextResult as f, type CodexAccountStatus as g, type CodexAccountUsageSnapshot as h, type CodexAuthDeps as i, type CodexCredentialForRun as j, type CodexCredentialTokens as k, type CodexRotationSettings as l, type CodexRotationStrategy as m, type CreateCapabilityCatalogItemInput as n, type CreateDbOptions as o, type CreatePackInstallationInput as p, provisionRoles, type CreateScheduledTaskInput as q, type CreateSessionGoalInput as r, type CreateSocialConnectionInput as s, type CreateSocialPostInput as t, type DbClient as u, type DeviceEnrollmentRequestRecord as v, type DeviceEnrollmentStatus as w, type EnabledMcpCapabilityServer as x, type EnqueueSessionTurnInput as y, type EnrollmentExposure as z };
2122
+ export { type SandboxPtySessionRow as $, type AccrueWarmSecondsResult as A, type BootstrapWorkspaceInput as B, CLEARED_RUN_STATE as C, type Database as D, type EnableCapabilityInstallationInput as E, type EnrollmentExposure as F, type EnrollmentOs as G, type EnrollmentRecord as H, type EnrollmentStatus as I, type ForceDrainResult as J, type GitHubInstallation as K, type GoalContinuationDecision as L, type LeaseHolderKind as M, type LeaseSnapshot as N, type ListSessionEventsOptions as O, MACHINE_METRICS_SERIES_INTERVAL_MS as P, type ProvisionResult, type ProvisionRolesOptions, type MachineMetricsRow as Q, type MachineMetricsSample as R, type MeterableWarmLease as S, type ReapDrainable as T, type RegisterWorkspacePackInput as U, type RlsContext as V, type RlsStrategy as W, SandboxImageConflictError as X, type SandboxKind as Y, type SandboxLeaseLiveness as Z, SandboxLeaseSupersededError as _, type AcquireLeaseInput as a, createSocialConnection as a$, type SandboxRecord as a0, type SessionCodexState as a1, type SessionMcpServerForRun as a2, type SessionRecordingCodec as a3, type SessionRecordingMode as a4, type SessionRecordingRow as a5, type SessionRecordingState as a6, type StreamAcknowledgment as a7, type UpdateQueuedSessionTurnInput as a8, type UpdateScheduledTaskInput as a9, completeFileUpload as aA, confirmDrainCold as aB, consumeDeviceEnrollmentRequest as aC, consumeSessionCompactionRequest as aD, countActiveApiKeysForWorkspace as aE, countActiveSessionHistoryItems as aF, countActiveSessionsForWorkspace as aG, countActiveSessionsUsingEnvironment as aH, countConsecutiveReactiveRotations as aI, countScheduledTasksForWorkspace as aJ, countScheduledTasksUsingEnvironment as aK, countSessionHistoryItems as aL, countTurnSessionHistoryItems as aM, countWorkspaceEnvironments as aN, countWorkspacesForAccount as aO, createApiKey as aP, createDb as aQ, createDeviceEnrollmentRequest as aR, createEnrollment as aS, createFileUpload as aT, createSandbox as aU, createScheduledTask as aV, createScheduledTaskRun as aW, createSession as aX, createSessionGoal as aY, createSessionMcpServers as aZ, createSessionWithIdempotencyKey as a_, type UpdateSessionMcpServerCredentialsInput as aa, type UpdateSessionMcpServerCredentialsResult as ab, type UserLookup as ac, type WakeParentForChildCompletionInput as ad, type WakeParentForChildCompletionResult as ae, type WorkspaceEnvironmentForRun as af, accrueWarmSeconds as ag, acquireLease as ah, allAccountPermissions as ai, allWorkspacePermissions as aj, appendSessionEvents as ak, appendSessionEventsAndUpdateSession as al, appendSessionEventsWithLockedSessionUpdate as am, appendSessionHistoryItems as an, applyContextCompaction as ao, applyCreditDebitUpToBalance as ap, applyCreditLedgerEntry as aq, approveDeviceEnrollmentRequest as ar, bootstrapWorkspace as as, buildCodexTokenResolver as at, cancelQueuedSessionTurn as au, claimNextQueuedTurn as av, clearSessionContext as aw, clearedContextMarkerItem as ax, closePtySession as ay, commitWarmingToWarm as az, type AcquireLeaseResult as b, getWorkspaceEnvironment as b$, createSocialPost as b0, createTurn as b1, createWorkspace as b2, createWorkspaceEnvironment as b3, decryptEnvironmentValue as b4, decryptedCapabilityHeaders as b5, deleteRecording as b6, deleteScheduledTask as b7, deleteWorkspace as b8, deleteWorkspaceEnvironment as b9, getCodexRotationSettings as bA, getDeviceEnrollmentRequestByDeviceCode as bB, getEnrollment as bC, getFile as bD, getFileUpload as bE, getLatestRunState as bF, getManagedAccount as bG, getManagedUserByEmail as bH, getOpenPtySession as bI, getPackInstallation as bJ, getPendingDeviceEnrollmentRequestByUserCode as bK, getPendingDeviceEnrollmentRequestByUserCodeGlobal as bL, getRecording as bM, getSandbox as bN, getSandboxSessionEnvelope as bO, getScheduledTask as bP, getSession as bQ, getSessionByCreateIdempotencyKey as bR, getSessionCodexState as bS, getSessionEvent as bT, getSessionGoal as bU, getSessionHistoryItems as bV, getSessionTurn as bW, getSocialConnection as bX, getStoredCapabilityHeaderCiphertext as bY, getStreamAcknowledgment as bZ, getWorkspace as b_, deleteWorkspaceEnvironmentVariable as ba, deleteWorkspacePack as bb, denyDeviceEnrollmentRequest as bc, disableCapabilityInstallation as bd, disconnectAllCodexAccounts as be, disconnectCodexAccount as bf, enableCapabilityInstallation as bg, enablePackInstallation as bh, encryptEnvironmentValue as bi, enqueueSessionTurn as bj, ensureCodexRotationSettings as bk, ensureManagedAccessForUser as bl, evaluateGoalContinuation as bm, failWarmingToCold as bn, fetchCodexUsageForAccount as bo, finalizeEnrollmentByToken as bp, findActiveApiKeyByHash as bq, finishTurn as br, forceDrainOverLimitViewerOnlyBoxes as bs, getActiveSessionHistoryItems as bt, getAnySessionInGroup as bu, getBillingBalance as bv, getBillingCustomer as bw, getCapabilityCatalogItem as bx, getCapabilityInstallation as by, getCodexCredentialStatus as bz, type ActiveSandboxPointer as c, recordLeaseDataPlaneUrl as c$, getWorkspaceEnvironmentByName as c0, getWorkspaceEnvironmentValuesForRun as c1, getWorkspaceGrant as c2, getWorkspacePack as c3, grantWorkspaceAccess as c4, hasCreditLedgerEntry as c5, heartbeatLeaseHolder as c6, incrementTurnWorkerDeathRedispatches as c7, ingestMachineMetricsSample as c8, insertMachineMetricsSeries as c9, listSocialConnections as cA, listSocialPosts as cB, listUsageEvents as cC, listWorkspaceEnvironments as cD, listWorkspaceMembers as cE, listWorkspacePacks as cF, listWorkspacesForSubject as cG, loadCodexCredentialForRun as cH, loadWorkspaceEnvironmentForRun as cI, markFileUploadFailed as cJ, markStripeWebhookProcessed as cK, mcpServerIdForCapability as cL, nextSessionHistoryPosition as cM, orphanedResultRowIndicesForRepair as cN, persistDrainSnapshot as cO, reArmDrainingLease as cP, readActiveSandbox as cQ, readLease as cR, readMachineMetricsLatest as cS, readMachineMetricsLatestForWorkspace as cT, readMachineMetricsSeries as cU, reapStaleLeaseHolders as cV, reapStaleLeaseHoldersGlobal as cW, recordAuditEvent as cX, recordCodexAccountConnectors as cY, recordCodexAccountUsage as cZ, recordCodexTokenRefresh as c_, insertPtySession as ca, insertRecording as cb, isCodexBilledTurn as cc, isStripeWebhookProcessed as cd, listApiKeys as ce, listCapabilityCatalogItems as cf, listCapabilityInstallations as cg, listCodexAccountStatuses as ch, listDistinctEnvironmentIdsInGroup as ci, listEnabledMcpCapabilityServers as cj, listEnrollments as ck, listGitHubInstallationIdsForWorkspace as cl, listGitHubInstallationsForWorkspace as cm, listMeterableWarmLeases as cn, listOpenPtySessions as co, listPackInstallations as cp, listRecordings as cq, listSandboxes as cr, listScheduledTaskRuns as cs, listScheduledTasks as ct, listSessionEvents as cu, listSessionIdsInGroup as cv, listSessionMcpServerMetadata as cw, listSessionMcpServersForRun as cx, listSessionTurns as cy, listSessions as cz, type AppendEventInput as d, withAccountRls as d$, recordLeaseTerminalDataPlaneUrl as d0, recordSessionActiveCodexCredential as d1, recordStreamAcknowledgment as d2, recordStripeWebhookEvent as d3, recordUsageEvent as d4, registerDbBinding as d5, registerWorkspacePack as d6, releaseLeaseHolder as d7, removeWorkspaceMember as d8, renameCodexAccount as d9, setSessionGoalStatus as dA, setSessionLastInputTokens as dB, setSessionStatus as dC, setTemporalWorkflowId as dD, setWorkspaceEnvironmentVariable as dE, sumUsageQuantity as dF, touchEnrollmentLastSeen as dG, updateCodexRotationSettings as dH, updatePackInstallationStatus as dI, updatePtySessionActivity as dJ, updateQueuedSessionTurn as dK, updateRecording as dL, updateScheduledTask as dM, updateScheduledTaskRun as dN, updateSessionGoal as dO, updateSessionMcpServerCredentials as dP, updateSessionTitle as dQ, updateWorkspace as dR, updateWorkspaceEnvironment as dS, upsertBillingCustomer as dT, upsertCapabilityCatalogItem as dU, upsertCodexSubscriptionCredential as dV, upsertGitHubInstallation as dW, upsertMachineMetricsLatest as dX, upsertSandboxSessionEnvelope as dY, upsertSessionGoal as dZ, wakeParentSessionForChildCompletion as d_, reorderQueuedSessionTurns as da, requestSessionCompaction as db, requeuePreemptedTurn as dc, requireFile as dd, requireScheduledTask as de, requireSession as df, requireSocialConnection as dg, requireWorkspace as dh, revokeApiKey as di, revokeEnrollment as dj, revokeViewer as dk, rlsContextForWorkspace as dl, rlsStrategyFor as dm, sanitizeEventPayload as dn, sanitizeEventString as dp, saveRunState as dq, sessionSubject as dr, setActiveCodexCredential as ds, setActiveSandbox as dt, setCodexCredentialExhausted as du, setCodexCredentialStatus as dv, setEnrollmentHasDisplay as dw, setRlsContext as dx, setSessionCodexPin as dy, setSessionGoalLastContinuationTurn as dz, CODEX_ROTATION_STRATEGIES as e, withRlsContext as e0, withWorkspaceRls as e1, withWorkspaceUsageLock as e2, workspaceCodexSubscriptionActive as e3, type ClearSessionContextResult as f, type CodexAccountStatus as g, type CodexAccountUsageSnapshot as h, type CodexAuthDeps as i, type CodexCredentialForRun as j, type CodexCredentialTokens as k, type CodexRotationSettings as l, type CodexRotationStrategy as m, type CreateCapabilityCatalogItemInput as n, type CreateDbOptions as o, type CreatePackInstallationInput as p, provisionRoles, type CreateScheduledTaskInput as q, type CreateSessionGoalInput as r, type CreateSessionMcpServerInput as s, type CreateSocialConnectionInput as t, type CreateSocialPostInput as u, type DbClient as v, type DeviceEnrollmentRequestRecord as w, type DeviceEnrollmentStatus as x, type EnabledMcpCapabilityServer as y, type EnqueueSessionTurnInput as z };
@@ -2057,6 +2057,255 @@ declare const sessions: drizzle_orm_pg_core.PgTableWithColumns<{
2057
2057
  };
2058
2058
  dialect: "pg";
2059
2059
  }>;
2060
+ declare const sessionMcpServers: drizzle_orm_pg_core.PgTableWithColumns<{
2061
+ name: "session_mcp_servers";
2062
+ schema: undefined;
2063
+ columns: {
2064
+ id: drizzle_orm_pg_core.PgColumn<{
2065
+ name: "id";
2066
+ tableName: "session_mcp_servers";
2067
+ dataType: "string";
2068
+ columnType: "PgUUID";
2069
+ data: string;
2070
+ driverParam: string;
2071
+ notNull: true;
2072
+ hasDefault: true;
2073
+ isPrimaryKey: true;
2074
+ isAutoincrement: false;
2075
+ hasRuntimeDefault: false;
2076
+ enumValues: undefined;
2077
+ baseColumn: never;
2078
+ identity: undefined;
2079
+ generated: undefined;
2080
+ }, {}, {}>;
2081
+ accountId: drizzle_orm_pg_core.PgColumn<{
2082
+ name: "account_id";
2083
+ tableName: "session_mcp_servers";
2084
+ dataType: "string";
2085
+ columnType: "PgUUID";
2086
+ data: string;
2087
+ driverParam: string;
2088
+ notNull: true;
2089
+ hasDefault: false;
2090
+ isPrimaryKey: false;
2091
+ isAutoincrement: false;
2092
+ hasRuntimeDefault: false;
2093
+ enumValues: undefined;
2094
+ baseColumn: never;
2095
+ identity: undefined;
2096
+ generated: undefined;
2097
+ }, {}, {}>;
2098
+ workspaceId: drizzle_orm_pg_core.PgColumn<{
2099
+ name: "workspace_id";
2100
+ tableName: "session_mcp_servers";
2101
+ dataType: "string";
2102
+ columnType: "PgUUID";
2103
+ data: string;
2104
+ driverParam: string;
2105
+ notNull: true;
2106
+ hasDefault: false;
2107
+ isPrimaryKey: false;
2108
+ isAutoincrement: false;
2109
+ hasRuntimeDefault: false;
2110
+ enumValues: undefined;
2111
+ baseColumn: never;
2112
+ identity: undefined;
2113
+ generated: undefined;
2114
+ }, {}, {}>;
2115
+ sessionId: drizzle_orm_pg_core.PgColumn<{
2116
+ name: "session_id";
2117
+ tableName: "session_mcp_servers";
2118
+ dataType: "string";
2119
+ columnType: "PgUUID";
2120
+ data: string;
2121
+ driverParam: string;
2122
+ notNull: true;
2123
+ hasDefault: false;
2124
+ isPrimaryKey: false;
2125
+ isAutoincrement: false;
2126
+ hasRuntimeDefault: false;
2127
+ enumValues: undefined;
2128
+ baseColumn: never;
2129
+ identity: undefined;
2130
+ generated: undefined;
2131
+ }, {}, {}>;
2132
+ serverId: drizzle_orm_pg_core.PgColumn<{
2133
+ name: "server_id";
2134
+ tableName: "session_mcp_servers";
2135
+ dataType: "string";
2136
+ columnType: "PgText";
2137
+ data: string;
2138
+ driverParam: string;
2139
+ notNull: true;
2140
+ hasDefault: false;
2141
+ isPrimaryKey: false;
2142
+ isAutoincrement: false;
2143
+ hasRuntimeDefault: false;
2144
+ enumValues: [string, ...string[]];
2145
+ baseColumn: never;
2146
+ identity: undefined;
2147
+ generated: undefined;
2148
+ }, {}, {}>;
2149
+ name: drizzle_orm_pg_core.PgColumn<{
2150
+ name: "name";
2151
+ tableName: "session_mcp_servers";
2152
+ dataType: "string";
2153
+ columnType: "PgText";
2154
+ data: string;
2155
+ driverParam: string;
2156
+ notNull: false;
2157
+ hasDefault: false;
2158
+ isPrimaryKey: false;
2159
+ isAutoincrement: false;
2160
+ hasRuntimeDefault: false;
2161
+ enumValues: [string, ...string[]];
2162
+ baseColumn: never;
2163
+ identity: undefined;
2164
+ generated: undefined;
2165
+ }, {}, {}>;
2166
+ url: drizzle_orm_pg_core.PgColumn<{
2167
+ name: "url";
2168
+ tableName: "session_mcp_servers";
2169
+ dataType: "string";
2170
+ columnType: "PgText";
2171
+ data: string;
2172
+ driverParam: string;
2173
+ notNull: true;
2174
+ hasDefault: false;
2175
+ isPrimaryKey: false;
2176
+ isAutoincrement: false;
2177
+ hasRuntimeDefault: false;
2178
+ enumValues: [string, ...string[]];
2179
+ baseColumn: never;
2180
+ identity: undefined;
2181
+ generated: undefined;
2182
+ }, {}, {}>;
2183
+ allowedTools: drizzle_orm_pg_core.PgColumn<{
2184
+ name: "allowed_tools";
2185
+ tableName: "session_mcp_servers";
2186
+ dataType: "json";
2187
+ columnType: "PgJsonb";
2188
+ data: string[];
2189
+ driverParam: unknown;
2190
+ notNull: false;
2191
+ hasDefault: false;
2192
+ isPrimaryKey: false;
2193
+ isAutoincrement: false;
2194
+ hasRuntimeDefault: false;
2195
+ enumValues: undefined;
2196
+ baseColumn: never;
2197
+ identity: undefined;
2198
+ generated: undefined;
2199
+ }, {}, {
2200
+ $type: string[];
2201
+ }>;
2202
+ timeoutMs: drizzle_orm_pg_core.PgColumn<{
2203
+ name: "timeout_ms";
2204
+ tableName: "session_mcp_servers";
2205
+ dataType: "number";
2206
+ columnType: "PgInteger";
2207
+ data: number;
2208
+ driverParam: string | number;
2209
+ notNull: false;
2210
+ hasDefault: false;
2211
+ isPrimaryKey: false;
2212
+ isAutoincrement: false;
2213
+ hasRuntimeDefault: false;
2214
+ enumValues: undefined;
2215
+ baseColumn: never;
2216
+ identity: undefined;
2217
+ generated: undefined;
2218
+ }, {}, {}>;
2219
+ cacheToolsList: drizzle_orm_pg_core.PgColumn<{
2220
+ name: "cache_tools_list";
2221
+ tableName: "session_mcp_servers";
2222
+ dataType: "boolean";
2223
+ columnType: "PgBoolean";
2224
+ data: boolean;
2225
+ driverParam: boolean;
2226
+ notNull: true;
2227
+ hasDefault: true;
2228
+ isPrimaryKey: false;
2229
+ isAutoincrement: false;
2230
+ hasRuntimeDefault: false;
2231
+ enumValues: undefined;
2232
+ baseColumn: never;
2233
+ identity: undefined;
2234
+ generated: undefined;
2235
+ }, {}, {}>;
2236
+ headersEncrypted: drizzle_orm_pg_core.PgColumn<{
2237
+ name: "headers_encrypted";
2238
+ tableName: "session_mcp_servers";
2239
+ dataType: "json";
2240
+ columnType: "PgJsonb";
2241
+ data: Record<string, string>;
2242
+ driverParam: unknown;
2243
+ notNull: true;
2244
+ hasDefault: true;
2245
+ isPrimaryKey: false;
2246
+ isAutoincrement: false;
2247
+ hasRuntimeDefault: false;
2248
+ enumValues: undefined;
2249
+ baseColumn: never;
2250
+ identity: undefined;
2251
+ generated: undefined;
2252
+ }, {}, {
2253
+ $type: Record<string, string>;
2254
+ }>;
2255
+ credentialVersion: drizzle_orm_pg_core.PgColumn<{
2256
+ name: "credential_version";
2257
+ tableName: "session_mcp_servers";
2258
+ dataType: "number";
2259
+ columnType: "PgInteger";
2260
+ data: number;
2261
+ driverParam: string | number;
2262
+ notNull: true;
2263
+ hasDefault: true;
2264
+ isPrimaryKey: false;
2265
+ isAutoincrement: false;
2266
+ hasRuntimeDefault: false;
2267
+ enumValues: undefined;
2268
+ baseColumn: never;
2269
+ identity: undefined;
2270
+ generated: undefined;
2271
+ }, {}, {}>;
2272
+ createdAt: drizzle_orm_pg_core.PgColumn<{
2273
+ name: "created_at";
2274
+ tableName: "session_mcp_servers";
2275
+ dataType: "date";
2276
+ columnType: "PgTimestamp";
2277
+ data: Date;
2278
+ driverParam: string;
2279
+ notNull: true;
2280
+ hasDefault: true;
2281
+ isPrimaryKey: false;
2282
+ isAutoincrement: false;
2283
+ hasRuntimeDefault: false;
2284
+ enumValues: undefined;
2285
+ baseColumn: never;
2286
+ identity: undefined;
2287
+ generated: undefined;
2288
+ }, {}, {}>;
2289
+ updatedAt: drizzle_orm_pg_core.PgColumn<{
2290
+ name: "updated_at";
2291
+ tableName: "session_mcp_servers";
2292
+ dataType: "date";
2293
+ columnType: "PgTimestamp";
2294
+ data: Date;
2295
+ driverParam: string;
2296
+ notNull: true;
2297
+ hasDefault: true;
2298
+ isPrimaryKey: false;
2299
+ isAutoincrement: false;
2300
+ hasRuntimeDefault: false;
2301
+ enumValues: undefined;
2302
+ baseColumn: never;
2303
+ identity: undefined;
2304
+ generated: undefined;
2305
+ }, {}, {}>;
2306
+ };
2307
+ dialect: "pg";
2308
+ }>;
2060
2309
  declare const files: drizzle_orm_pg_core.PgTableWithColumns<{
2061
2310
  name: "files";
2062
2311
  schema: undefined;
@@ -5073,7 +5322,7 @@ declare const sessionRecordings: drizzle_orm_pg_core.PgTableWithColumns<{
5073
5322
  tableName: "session_recordings";
5074
5323
  dataType: "string";
5075
5324
  columnType: "PgText";
5076
- data: "recording" | "finalizing" | "available" | "failed";
5325
+ data: "failed" | "available" | "recording" | "finalizing";
5077
5326
  driverParam: string;
5078
5327
  notNull: true;
5079
5328
  hasDefault: false;
@@ -9683,6 +9932,7 @@ declare const schema_scheduledTasks: typeof scheduledTasks;
9683
9932
  declare const schema_sessionEvents: typeof sessionEvents;
9684
9933
  declare const schema_sessionGoals: typeof sessionGoals;
9685
9934
  declare const schema_sessionHistoryItems: typeof sessionHistoryItems;
9935
+ declare const schema_sessionMcpServers: typeof sessionMcpServers;
9686
9936
  declare const schema_sessionRecordingCodecValues: typeof sessionRecordingCodecValues;
9687
9937
  declare const schema_sessionRecordingModeValues: typeof sessionRecordingModeValues;
9688
9938
  declare const schema_sessionRecordingStateValues: typeof sessionRecordingStateValues;
@@ -9699,7 +9949,7 @@ declare const schema_workspaceMemberships: typeof workspaceMemberships;
9699
9949
  declare const schema_workspacePacks: typeof workspacePacks;
9700
9950
  declare const schema_workspaces: typeof workspaces;
9701
9951
  declare namespace schema {
9702
- export { schema_agentRunStates as agentRunStates, schema_apiKeys as apiKeys, schema_auditEvents as auditEvents, schema_billingCustomers as billingCustomers, schema_capabilityCatalogItems as capabilityCatalogItems, schema_capabilityInstallations as capabilityInstallations, schema_codexRotationSettings as codexRotationSettings, schema_codexSubscriptionCredentials as codexSubscriptionCredentials, schema_creditLedgerEntries as creditLedgerEntries, schema_deviceEnrollmentRequests as deviceEnrollmentRequests, schema_deviceEnrollmentStatusValues as deviceEnrollmentStatusValues, schema_documentBases as documentBases, schema_documentChunks as documentChunks, schema_documents as documents, schema_enrollmentExposureValues as enrollmentExposureValues, schema_enrollmentOsValues as enrollmentOsValues, schema_enrollmentStatusValues as enrollmentStatusValues, schema_enrollments as enrollments, schema_fileUploads as fileUploads, schema_files as files, schema_githubInstallations as githubInstallations, schema_machineMetricsLatest as machineMetricsLatest, schema_machineMetricsSeries as machineMetricsSeries, schema_managedAccounts as managedAccounts, schema_packInstallations as packInstallations, schema_sandboxKindValues as sandboxKindValues, schema_sandboxLeaseHolders as sandboxLeaseHolders, schema_sandboxLeaseLivenessValues as sandboxLeaseLivenessValues, schema_sandboxLeases as sandboxLeases, schema_sandboxPtySessions as sandboxPtySessions, schema_sandboxSessionEnvelopes as sandboxSessionEnvelopes, schema_sandboxes as sandboxes, schema_scheduledTaskRuns as scheduledTaskRuns, schema_scheduledTasks as scheduledTasks, schema_sessionEvents as sessionEvents, schema_sessionGoals as sessionGoals, schema_sessionHistoryItems as sessionHistoryItems, schema_sessionRecordingCodecValues as sessionRecordingCodecValues, schema_sessionRecordingModeValues as sessionRecordingModeValues, schema_sessionRecordingStateValues as sessionRecordingStateValues, schema_sessionRecordings as sessionRecordings, schema_sessionTurns as sessionTurns, schema_sessions as sessions, schema_socialConnections as socialConnections, schema_socialPosts as socialPosts, schema_stripeWebhookEvents as stripeWebhookEvents, schema_usageEvents as usageEvents, schema_workspaceEnvironmentVariables as workspaceEnvironmentVariables, schema_workspaceEnvironments as workspaceEnvironments, schema_workspaceMemberships as workspaceMemberships, schema_workspacePacks as workspacePacks, schema_workspaces as workspaces };
9952
+ export { schema_agentRunStates as agentRunStates, schema_apiKeys as apiKeys, schema_auditEvents as auditEvents, schema_billingCustomers as billingCustomers, schema_capabilityCatalogItems as capabilityCatalogItems, schema_capabilityInstallations as capabilityInstallations, schema_codexRotationSettings as codexRotationSettings, schema_codexSubscriptionCredentials as codexSubscriptionCredentials, schema_creditLedgerEntries as creditLedgerEntries, schema_deviceEnrollmentRequests as deviceEnrollmentRequests, schema_deviceEnrollmentStatusValues as deviceEnrollmentStatusValues, schema_documentBases as documentBases, schema_documentChunks as documentChunks, schema_documents as documents, schema_enrollmentExposureValues as enrollmentExposureValues, schema_enrollmentOsValues as enrollmentOsValues, schema_enrollmentStatusValues as enrollmentStatusValues, schema_enrollments as enrollments, schema_fileUploads as fileUploads, schema_files as files, schema_githubInstallations as githubInstallations, schema_machineMetricsLatest as machineMetricsLatest, schema_machineMetricsSeries as machineMetricsSeries, schema_managedAccounts as managedAccounts, schema_packInstallations as packInstallations, schema_sandboxKindValues as sandboxKindValues, schema_sandboxLeaseHolders as sandboxLeaseHolders, schema_sandboxLeaseLivenessValues as sandboxLeaseLivenessValues, schema_sandboxLeases as sandboxLeases, schema_sandboxPtySessions as sandboxPtySessions, schema_sandboxSessionEnvelopes as sandboxSessionEnvelopes, schema_sandboxes as sandboxes, schema_scheduledTaskRuns as scheduledTaskRuns, schema_scheduledTasks as scheduledTasks, schema_sessionEvents as sessionEvents, schema_sessionGoals as sessionGoals, schema_sessionHistoryItems as sessionHistoryItems, schema_sessionMcpServers as sessionMcpServers, schema_sessionRecordingCodecValues as sessionRecordingCodecValues, schema_sessionRecordingModeValues as sessionRecordingModeValues, schema_sessionRecordingStateValues as sessionRecordingStateValues, schema_sessionRecordings as sessionRecordings, schema_sessionTurns as sessionTurns, schema_sessions as sessions, schema_socialConnections as socialConnections, schema_socialPosts as socialPosts, schema_stripeWebhookEvents as stripeWebhookEvents, schema_usageEvents as usageEvents, schema_workspaceEnvironmentVariables as workspaceEnvironmentVariables, schema_workspaceEnvironments as workspaceEnvironments, schema_workspaceMemberships as workspaceMemberships, schema_workspacePacks as workspacePacks, schema_workspaces as workspaces };
9703
9953
  }
9704
9954
 
9705
- export { machineMetricsLatest as A, machineMetricsSeries as B, managedAccounts as C, packInstallations as D, sandboxLeaseHolders as E, sandboxLeaseLivenessValues as F, sandboxLeases as G, sandboxPtySessions as H, sandboxSessionEnvelopes as I, sandboxes as J, scheduledTaskRuns as K, scheduledTasks as L, sessionEvents as M, sessionGoals as N, sessionHistoryItems as O, sessionRecordings as P, sessionTurns as Q, sessions as R, socialConnections as S, socialPosts as T, stripeWebhookEvents as U, usageEvents as V, workspaceEnvironmentVariables as W, workspaceEnvironments as X, workspaceMemberships as Y, workspacePacks as Z, workspaces as _, enrollmentExposureValues as a, enrollmentStatusValues as b, sandboxKindValues as c, deviceEnrollmentStatusValues as d, enrollmentOsValues as e, sessionRecordingCodecValues as f, sessionRecordingModeValues as g, sessionRecordingStateValues as h, agentRunStates as i, apiKeys as j, auditEvents as k, billingCustomers as l, capabilityCatalogItems as m, capabilityInstallations as n, codexRotationSettings as o, codexSubscriptionCredentials as p, creditLedgerEntries as q, deviceEnrollmentRequests as r, schema as s, documentBases as t, documentChunks as u, documents as v, enrollments as w, fileUploads as x, files as y, githubInstallations as z };
9955
+ export { workspaces as $, machineMetricsLatest as A, machineMetricsSeries as B, managedAccounts as C, packInstallations as D, sandboxLeaseHolders as E, sandboxLeaseLivenessValues as F, sandboxLeases as G, sandboxPtySessions as H, sandboxSessionEnvelopes as I, sandboxes as J, scheduledTaskRuns as K, scheduledTasks as L, sessionEvents as M, sessionGoals as N, sessionHistoryItems as O, sessionMcpServers as P, sessionRecordings as Q, sessionTurns as R, sessions as S, socialConnections as T, socialPosts as U, stripeWebhookEvents as V, usageEvents as W, workspaceEnvironmentVariables as X, workspaceEnvironments as Y, workspaceMemberships as Z, workspacePacks as _, enrollmentExposureValues as a, enrollmentStatusValues as b, sandboxKindValues as c, deviceEnrollmentStatusValues as d, enrollmentOsValues as e, sessionRecordingCodecValues as f, sessionRecordingModeValues as g, sessionRecordingStateValues as h, agentRunStates as i, apiKeys as j, auditEvents as k, billingCustomers as l, capabilityCatalogItems as m, capabilityInstallations as n, codexRotationSettings as o, codexSubscriptionCredentials as p, creditLedgerEntries as q, deviceEnrollmentRequests as r, schema as s, documentBases as t, documentChunks as u, documents as v, enrollments as w, fileUploads as x, files as y, githubInstallations as z };
package/dist/schema.d.ts CHANGED
@@ -1,3 +1,3 @@
1
1
  import 'drizzle-orm';
2
2
  import 'drizzle-orm/pg-core';
3
- export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues, P as sessionRecordings, Q as sessionTurns, R as sessions, S as socialConnections, T as socialPosts, U as stripeWebhookEvents, V as usageEvents, W as workspaceEnvironmentVariables, X as workspaceEnvironments, Y as workspaceMemberships, Z as workspacePacks, _ as workspaces } from './schema-CaeZQAJQ.js';
3
+ export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, P as sessionMcpServers, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues, Q as sessionRecordings, R as sessionTurns, S as sessions, T as socialConnections, U as socialPosts, V as stripeWebhookEvents, W as usageEvents, X as workspaceEnvironmentVariables, Y as workspaceEnvironments, Z as workspaceMemberships, _ as workspacePacks, $ as workspaces } from './schema-BI0iqN9U.js';
package/dist/schema.js CHANGED
@@ -36,6 +36,7 @@ import {
36
36
  sessionEvents,
37
37
  sessionGoals,
38
38
  sessionHistoryItems,
39
+ sessionMcpServers,
39
40
  sessionRecordingCodecValues,
40
41
  sessionRecordingModeValues,
41
42
  sessionRecordingStateValues,
@@ -51,7 +52,7 @@ import {
51
52
  workspaceMemberships,
52
53
  workspacePacks,
53
54
  workspaces
54
- } from "./chunk-PSX56ZTL.js";
55
+ } from "./chunk-NZA6YVN7.js";
55
56
  import "./chunk-PZ5AY32C.js";
56
57
  export {
57
58
  agentRunStates,
@@ -91,6 +92,7 @@ export {
91
92
  sessionEvents,
92
93
  sessionGoals,
93
94
  sessionHistoryItems,
95
+ sessionMcpServers,
94
96
  sessionRecordingCodecValues,
95
97
  sessionRecordingModeValues,
96
98
  sessionRecordingStateValues,
@@ -0,0 +1,50 @@
1
+ CREATE TABLE IF NOT EXISTS "session_mcp_servers" (
2
+ "id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
3
+ "account_id" uuid NOT NULL REFERENCES "managed_accounts"("id") ON DELETE CASCADE,
4
+ "workspace_id" uuid NOT NULL REFERENCES "workspaces"("id") ON DELETE CASCADE,
5
+ "session_id" uuid NOT NULL REFERENCES "sessions"("id") ON DELETE CASCADE,
6
+ "server_id" text NOT NULL,
7
+ "name" text,
8
+ "url" text NOT NULL,
9
+ "allowed_tools" jsonb,
10
+ "timeout_ms" integer,
11
+ "cache_tools_list" boolean NOT NULL DEFAULT false,
12
+ "headers_encrypted" jsonb NOT NULL DEFAULT '{}'::jsonb,
13
+ "credential_version" integer NOT NULL DEFAULT 1,
14
+ "created_at" timestamptz NOT NULL DEFAULT now(),
15
+ "updated_at" timestamptz NOT NULL DEFAULT now(),
16
+ CONSTRAINT "session_mcp_servers_allowed_tools_array_chk"
17
+ CHECK ("allowed_tools" IS NULL OR jsonb_typeof("allowed_tools") = 'array'),
18
+ CONSTRAINT "session_mcp_servers_headers_object_chk"
19
+ CHECK (jsonb_typeof("headers_encrypted") = 'object'),
20
+ CONSTRAINT "session_mcp_servers_timeout_positive_chk"
21
+ CHECK ("timeout_ms" IS NULL OR "timeout_ms" > 0),
22
+ CONSTRAINT "session_mcp_servers_credential_version_positive_chk"
23
+ CHECK ("credential_version" > 0)
24
+ );
25
+ CREATE UNIQUE INDEX IF NOT EXISTS "session_mcp_servers_session_server_idx"
26
+ ON "session_mcp_servers" ("workspace_id", "session_id", "server_id");
27
+ CREATE INDEX IF NOT EXISTS "session_mcp_servers_session_idx"
28
+ ON "session_mcp_servers" ("workspace_id", "session_id");
29
+
30
+ ALTER TABLE "session_mcp_servers" ENABLE ROW LEVEL SECURITY;
31
+ ALTER TABLE "session_mcp_servers" FORCE ROW LEVEL SECURITY;
32
+ DO $$
33
+ BEGIN
34
+ IF EXISTS (
35
+ SELECT 1 FROM pg_policies
36
+ WHERE schemaname = current_schema() AND tablename = 'session_mcp_servers' AND policyname = 'workspace_isolation'
37
+ ) THEN
38
+ DROP POLICY workspace_isolation ON "session_mcp_servers";
39
+ END IF;
40
+ END $$;
41
+ CREATE POLICY workspace_isolation ON "session_mcp_servers"
42
+ USING (opengeni_private.workspace_rls_visible(account_id, workspace_id))
43
+ WITH CHECK (opengeni_private.workspace_rls_visible(account_id, workspace_id));
44
+
45
+ DO $$
46
+ BEGIN
47
+ IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'opengeni_app') THEN
48
+ GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO opengeni_app;
49
+ END IF;
50
+ END $$;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@opengeni/db",
3
- "version": "0.2.1",
3
+ "version": "0.3.0",
4
4
  "description": "OpenGeni persistence: Drizzle schema, RLS-scoped query layer, the SQL migration runner, and role provisioning.",
5
5
  "license": "Apache-2.0",
6
6
  "repository": {
@@ -51,9 +51,9 @@
51
51
  "build": "tsup"
52
52
  },
53
53
  "dependencies": {
54
- "@opengeni/codex": "^0.2.0",
55
- "@opengeni/config": "^0.2.1",
56
- "@opengeni/contracts": "^0.4.0",
54
+ "@opengeni/codex": "^0.2.1",
55
+ "@opengeni/config": "^0.2.3",
56
+ "@opengeni/contracts": "^0.5.0",
57
57
  "drizzle-orm": "^0.45.2",
58
58
  "postgres": "^3.4.7"
59
59
  },