@opengeni/db 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-PSX56ZTL.js → chunk-NZA6YVN7.js} +24 -1
- package/dist/chunk-NZA6YVN7.js.map +1 -0
- package/dist/index.d.ts +2 -2
- package/dist/index.js +237 -13
- package/dist/index.js.map +1 -1
- package/dist/provision-roles.d.ts +68 -9
- package/dist/{schema-fwrPBw5T.d.ts → schema-BI0iqN9U.d.ts} +252 -2
- package/dist/schema.d.ts +1 -1
- package/dist/schema.js +3 -1
- package/drizzle/0035_session_mcp_servers.sql +50 -0
- package/package.json +3 -3
- package/src/event-payload-sanitizer.ts +58 -1
- package/src/index.ts +297 -17
- package/src/schema.ts +22 -0
- package/dist/chunk-PSX56ZTL.js.map +0 -1
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import { SessionEventType, Permission, CapabilityKind, CapabilitySource, ScheduledTaskStatus, ScheduledTaskScheduleSpec, ScheduledTaskRunMode, ScheduledTaskOverlapPolicy, ScheduledTaskAgentConfig, SessionGoalCreatedBy, SocialProvider, SocialConnectionStatus, SessionTurnSource, ResourceRef, ToolRef, ReasoningEffort, SandboxBackend, SessionGoal, CapabilityPack, SessionTurn, SessionEvent, SessionStatus, Session, BillingBalance, AccessContext, FileAsset, ApiKey, ScheduledTask, ScheduledTaskTriggerType, ScheduledTaskRun, SandboxOs, SocialConnection, SocialPost, Workspace, WorkspaceEnvironment, CapabilityInstallation, PackInstallation, SessionTurnStatus, CapabilityCatalogItem, FileUploadStatus, ManagedAccount, AccessGrant, WorkspaceRegisteredPack, UsageEvent, WorkspaceMember, SessionGoalStatus, WorkspaceEnvironmentVariableMetadata, PackInstallationStatus, ScheduledTaskRunStatus } from '@opengeni/contracts';
|
|
1
|
+
import { SessionEventType, Permission, CapabilityKind, CapabilitySource, ScheduledTaskStatus, ScheduledTaskScheduleSpec, ScheduledTaskRunMode, ScheduledTaskOverlapPolicy, ScheduledTaskAgentConfig, SessionGoalCreatedBy, SocialProvider, SocialConnectionStatus, SessionTurnSource, ResourceRef, ToolRef, ReasoningEffort, SandboxBackend, SessionGoal, CapabilityPack, SessionMcpServerMetadata, SessionTurn, SessionEvent, SessionStatus, Session, BillingBalance, AccessContext, FileAsset, ApiKey, ScheduledTask, ScheduledTaskTriggerType, ScheduledTaskRun, SandboxOs, SocialConnection, SocialPost, Workspace, WorkspaceEnvironment, CapabilityInstallation, PackInstallation, SessionTurnStatus, CapabilityCatalogItem, FileUploadStatus, ManagedAccount, AccessGrant, WorkspaceRegisteredPack, UsageEvent, WorkspaceMember, SessionGoalStatus, WorkspaceEnvironmentVariableMetadata, PackInstallationStatus, ScheduledTaskRunStatus } from '@opengeni/contracts';
|
|
2
2
|
import { environmentsEncryptionKeyBytes, Settings } from '@opengeni/config';
|
|
3
3
|
import { refreshCodexToken, CodexTokenSnapshot, CodexUsagePayload } from '@opengeni/codex';
|
|
4
4
|
import { PgDatabase } from 'drizzle-orm/pg-core';
|
|
5
|
-
import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-
|
|
5
|
+
import { s as schema, e as enrollmentOsValues, a as enrollmentExposureValues, d as deviceEnrollmentStatusValues, b as enrollmentStatusValues, c as sandboxKindValues, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues } from './schema-BI0iqN9U.js';
|
|
6
6
|
import 'drizzle-orm';
|
|
7
7
|
import './migrate.js';
|
|
8
8
|
|
|
@@ -483,6 +483,29 @@ type EnabledMcpCapabilityServer = {
|
|
|
483
483
|
*/
|
|
484
484
|
headersEncrypted?: Record<string, string>;
|
|
485
485
|
};
|
|
486
|
+
type CreateSessionMcpServerInput = {
|
|
487
|
+
id: string;
|
|
488
|
+
name?: string | null;
|
|
489
|
+
url: string;
|
|
490
|
+
allowedTools?: string[] | null;
|
|
491
|
+
timeoutMs?: number | null;
|
|
492
|
+
cacheToolsList?: boolean | null;
|
|
493
|
+
headersEncrypted?: Record<string, string>;
|
|
494
|
+
};
|
|
495
|
+
type UpdateSessionMcpServerCredentialsInput = {
|
|
496
|
+
id: string;
|
|
497
|
+
headersEncrypted: Record<string, string>;
|
|
498
|
+
};
|
|
499
|
+
type UpdateSessionMcpServerCredentialsResult = {
|
|
500
|
+
servers: SessionMcpServerMetadata[];
|
|
501
|
+
missingIds: string[];
|
|
502
|
+
};
|
|
503
|
+
type SessionMcpServerForRun = SessionMcpServerMetadata & {
|
|
504
|
+
allowedTools?: string[];
|
|
505
|
+
timeoutMs?: number;
|
|
506
|
+
cacheToolsList?: boolean;
|
|
507
|
+
headers: Record<string, string>;
|
|
508
|
+
};
|
|
486
509
|
type EnqueueSessionTurnInput = {
|
|
487
510
|
accountId: string;
|
|
488
511
|
workspaceId: string;
|
|
@@ -951,6 +974,19 @@ declare function recordAuditEvent(db: Database, input: {
|
|
|
951
974
|
targetId?: string | null;
|
|
952
975
|
metadata?: Record<string, unknown>;
|
|
953
976
|
}): Promise<void>;
|
|
977
|
+
declare function createSessionMcpServers(db: Database, input: {
|
|
978
|
+
accountId: string;
|
|
979
|
+
workspaceId: string;
|
|
980
|
+
sessionId: string;
|
|
981
|
+
servers: CreateSessionMcpServerInput[];
|
|
982
|
+
}): Promise<SessionMcpServerMetadata[]>;
|
|
983
|
+
declare function listSessionMcpServerMetadata(db: Database, workspaceId: string, sessionId: string): Promise<SessionMcpServerMetadata[]>;
|
|
984
|
+
declare function updateSessionMcpServerCredentials(db: Database, input: {
|
|
985
|
+
workspaceId: string;
|
|
986
|
+
sessionId: string;
|
|
987
|
+
updates: UpdateSessionMcpServerCredentialsInput[];
|
|
988
|
+
}): Promise<UpdateSessionMcpServerCredentialsResult>;
|
|
989
|
+
declare function listSessionMcpServersForRun(db: Database, workspaceId: string, sessionId: string, encryptionKey: Uint8Array): Promise<SessionMcpServerForRun[]>;
|
|
954
990
|
declare function createSession(db: Database, input: {
|
|
955
991
|
accountId: string;
|
|
956
992
|
workspaceId: string;
|
|
@@ -966,6 +1002,7 @@ declare function createSession(db: Database, input: {
|
|
|
966
1002
|
createIdempotencyKey?: string | null;
|
|
967
1003
|
sandboxGroupId?: string | null;
|
|
968
1004
|
sandboxOs?: SandboxOs;
|
|
1005
|
+
mcpServers?: CreateSessionMcpServerInput[];
|
|
969
1006
|
}): Promise<Session>;
|
|
970
1007
|
/**
|
|
971
1008
|
* Inserts a session under a workspace-scoped CREATE idempotency key, collapsing
|
|
@@ -992,6 +1029,7 @@ declare function createSessionWithIdempotencyKey(db: Database, input: {
|
|
|
992
1029
|
createIdempotencyKey: string;
|
|
993
1030
|
sandboxGroupId?: string | null;
|
|
994
1031
|
sandboxOs?: SandboxOs;
|
|
1032
|
+
mcpServers?: CreateSessionMcpServerInput[];
|
|
995
1033
|
}): Promise<{
|
|
996
1034
|
session: Session;
|
|
997
1035
|
created: boolean;
|
|
@@ -1029,7 +1067,14 @@ declare function listSessions(db: Database, workspaceId: string, limit?: number)
|
|
|
1029
1067
|
*/
|
|
1030
1068
|
declare function countActiveSessionsForWorkspace(db: Database, workspaceId: string): Promise<number>;
|
|
1031
1069
|
declare function requireSession(db: Database, workspaceId: string, sessionId: string): Promise<Session>;
|
|
1032
|
-
|
|
1070
|
+
type ListSessionEventsOptions = {
|
|
1071
|
+
after?: number;
|
|
1072
|
+
before?: number;
|
|
1073
|
+
limit?: number;
|
|
1074
|
+
};
|
|
1075
|
+
declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string): Promise<SessionEvent[]>;
|
|
1076
|
+
declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string, after: number, limit?: number): Promise<SessionEvent[]>;
|
|
1077
|
+
declare function listSessionEvents(db: Database, workspaceId: string, sessionId: string, options: ListSessionEventsOptions): Promise<SessionEvent[]>;
|
|
1033
1078
|
declare function getSessionEvent(db: Database, workspaceId: string, eventId: string): Promise<SessionEvent | null>;
|
|
1034
1079
|
declare function getLatestRunState(db: Database, workspaceId: string, sessionId: string): Promise<{
|
|
1035
1080
|
id: string;
|
|
@@ -1060,8 +1105,8 @@ declare function getSessionHistoryItems(db: Database, workspaceId: string, sessi
|
|
|
1060
1105
|
}>>;
|
|
1061
1106
|
/**
|
|
1062
1107
|
* The LIVE conversation-truth read path: only active rows, position-ordered.
|
|
1063
|
-
* After a client-side context compaction this returns [
|
|
1064
|
-
*
|
|
1108
|
+
* After a client-side context compaction this returns [retained user messages,
|
|
1109
|
+
* active summary]; with no compaction yet it equals
|
|
1065
1110
|
* getSessionHistoryItems. The model-facing read path uses this so superseded
|
|
1066
1111
|
* (summarized-away) prefix rows are excluded while the full transcript stays in
|
|
1067
1112
|
* the table as an audit trail.
|
|
@@ -1137,8 +1182,18 @@ declare function applyContextCompaction(db: Database, input: {
|
|
|
1137
1182
|
turnId?: string | null;
|
|
1138
1183
|
/** Active prefix rows with position < boundaryPosition get superseded. */
|
|
1139
1184
|
boundaryPosition: number;
|
|
1140
|
-
/**
|
|
1185
|
+
/** Position for the new summary row. Old boundary mode uses a fractional half-step before the kept tail. */
|
|
1141
1186
|
summaryPosition: number;
|
|
1187
|
+
/**
|
|
1188
|
+
* Optional replacement rows inserted after superseding the old active set.
|
|
1189
|
+
* Used by Codex-parity client compaction to rebuild active history as retained
|
|
1190
|
+
* user messages plus one summary. These rows are synthetic replay rows, so
|
|
1191
|
+
* they intentionally do not inherit the current compaction turn id.
|
|
1192
|
+
*/
|
|
1193
|
+
replacementItems?: Array<{
|
|
1194
|
+
position: number;
|
|
1195
|
+
item: Record<string, unknown>;
|
|
1196
|
+
}>;
|
|
1142
1197
|
summaryItem: Record<string, unknown>;
|
|
1143
1198
|
}): Promise<void>;
|
|
1144
1199
|
/**
|
|
@@ -2047,7 +2102,10 @@ declare function appendSessionEventsAndUpdateSession(db: Database, workspaceId:
|
|
|
2047
2102
|
status?: SessionStatus;
|
|
2048
2103
|
activeTurnId?: string | null;
|
|
2049
2104
|
}): Promise<SessionEvent[]>;
|
|
2050
|
-
|
|
2105
|
+
type LockedSessionUpdateContext = {
|
|
2106
|
+
updateSessionMcpServerCredentials: (updates: UpdateSessionMcpServerCredentialsInput[]) => Promise<UpdateSessionMcpServerCredentialsResult>;
|
|
2107
|
+
};
|
|
2108
|
+
type LockedSessionUpdateResult = {
|
|
2051
2109
|
events: AppendEventInput[];
|
|
2052
2110
|
update?: {
|
|
2053
2111
|
resources?: ResourceRef[];
|
|
@@ -2057,7 +2115,8 @@ declare function appendSessionEventsWithLockedSessionUpdate(db: Database, worksp
|
|
|
2057
2115
|
status?: SessionStatus;
|
|
2058
2116
|
activeTurnId?: string | null;
|
|
2059
2117
|
};
|
|
2060
|
-
}
|
|
2118
|
+
};
|
|
2119
|
+
declare function appendSessionEventsWithLockedSessionUpdate(db: Database, workspaceId: string, sessionId: string, build: (session: Session, context: LockedSessionUpdateContext) => LockedSessionUpdateResult | Promise<LockedSessionUpdateResult>): Promise<SessionEvent[]>;
|
|
2061
2120
|
declare function sessionSubject(workspaceId: string, sessionId: string): string;
|
|
2062
2121
|
|
|
2063
|
-
export { type
|
|
2122
|
+
export { type SandboxPtySessionRow as $, type AccrueWarmSecondsResult as A, type BootstrapWorkspaceInput as B, CLEARED_RUN_STATE as C, type Database as D, type EnableCapabilityInstallationInput as E, type EnrollmentExposure as F, type EnrollmentOs as G, type EnrollmentRecord as H, type EnrollmentStatus as I, type ForceDrainResult as J, type GitHubInstallation as K, type GoalContinuationDecision as L, type LeaseHolderKind as M, type LeaseSnapshot as N, type ListSessionEventsOptions as O, MACHINE_METRICS_SERIES_INTERVAL_MS as P, type ProvisionResult, type ProvisionRolesOptions, type MachineMetricsRow as Q, type MachineMetricsSample as R, type MeterableWarmLease as S, type ReapDrainable as T, type RegisterWorkspacePackInput as U, type RlsContext as V, type RlsStrategy as W, SandboxImageConflictError as X, type SandboxKind as Y, type SandboxLeaseLiveness as Z, SandboxLeaseSupersededError as _, type AcquireLeaseInput as a, createSocialConnection as a$, type SandboxRecord as a0, type SessionCodexState as a1, type SessionMcpServerForRun as a2, type SessionRecordingCodec as a3, type SessionRecordingMode as a4, type SessionRecordingRow as a5, type SessionRecordingState as a6, type StreamAcknowledgment as a7, type UpdateQueuedSessionTurnInput as a8, type UpdateScheduledTaskInput as a9, completeFileUpload as aA, confirmDrainCold as aB, consumeDeviceEnrollmentRequest as aC, consumeSessionCompactionRequest as aD, countActiveApiKeysForWorkspace as aE, countActiveSessionHistoryItems as aF, countActiveSessionsForWorkspace as aG, countActiveSessionsUsingEnvironment as aH, countConsecutiveReactiveRotations as aI, countScheduledTasksForWorkspace as aJ, countScheduledTasksUsingEnvironment as aK, countSessionHistoryItems as aL, countTurnSessionHistoryItems as aM, countWorkspaceEnvironments as aN, countWorkspacesForAccount as aO, createApiKey as aP, createDb as aQ, createDeviceEnrollmentRequest as aR, createEnrollment as aS, createFileUpload as aT, createSandbox as aU, createScheduledTask as aV, createScheduledTaskRun as aW, createSession as aX, createSessionGoal as aY, createSessionMcpServers as aZ, createSessionWithIdempotencyKey as a_, type UpdateSessionMcpServerCredentialsInput as aa, type UpdateSessionMcpServerCredentialsResult as ab, type UserLookup as ac, type WakeParentForChildCompletionInput as ad, type WakeParentForChildCompletionResult as ae, type WorkspaceEnvironmentForRun as af, accrueWarmSeconds as ag, acquireLease as ah, allAccountPermissions as ai, allWorkspacePermissions as aj, appendSessionEvents as ak, appendSessionEventsAndUpdateSession as al, appendSessionEventsWithLockedSessionUpdate as am, appendSessionHistoryItems as an, applyContextCompaction as ao, applyCreditDebitUpToBalance as ap, applyCreditLedgerEntry as aq, approveDeviceEnrollmentRequest as ar, bootstrapWorkspace as as, buildCodexTokenResolver as at, cancelQueuedSessionTurn as au, claimNextQueuedTurn as av, clearSessionContext as aw, clearedContextMarkerItem as ax, closePtySession as ay, commitWarmingToWarm as az, type AcquireLeaseResult as b, getWorkspaceEnvironment as b$, createSocialPost as b0, createTurn as b1, createWorkspace as b2, createWorkspaceEnvironment as b3, decryptEnvironmentValue as b4, decryptedCapabilityHeaders as b5, deleteRecording as b6, deleteScheduledTask as b7, deleteWorkspace as b8, deleteWorkspaceEnvironment as b9, getCodexRotationSettings as bA, getDeviceEnrollmentRequestByDeviceCode as bB, getEnrollment as bC, getFile as bD, getFileUpload as bE, getLatestRunState as bF, getManagedAccount as bG, getManagedUserByEmail as bH, getOpenPtySession as bI, getPackInstallation as bJ, getPendingDeviceEnrollmentRequestByUserCode as bK, getPendingDeviceEnrollmentRequestByUserCodeGlobal as bL, getRecording as bM, getSandbox as bN, getSandboxSessionEnvelope as bO, getScheduledTask as bP, getSession as bQ, getSessionByCreateIdempotencyKey as bR, getSessionCodexState as bS, getSessionEvent as bT, getSessionGoal as bU, getSessionHistoryItems as bV, getSessionTurn as bW, getSocialConnection as bX, getStoredCapabilityHeaderCiphertext as bY, getStreamAcknowledgment as bZ, getWorkspace as b_, deleteWorkspaceEnvironmentVariable as ba, deleteWorkspacePack as bb, denyDeviceEnrollmentRequest as bc, disableCapabilityInstallation as bd, disconnectAllCodexAccounts as be, disconnectCodexAccount as bf, enableCapabilityInstallation as bg, enablePackInstallation as bh, encryptEnvironmentValue as bi, enqueueSessionTurn as bj, ensureCodexRotationSettings as bk, ensureManagedAccessForUser as bl, evaluateGoalContinuation as bm, failWarmingToCold as bn, fetchCodexUsageForAccount as bo, finalizeEnrollmentByToken as bp, findActiveApiKeyByHash as bq, finishTurn as br, forceDrainOverLimitViewerOnlyBoxes as bs, getActiveSessionHistoryItems as bt, getAnySessionInGroup as bu, getBillingBalance as bv, getBillingCustomer as bw, getCapabilityCatalogItem as bx, getCapabilityInstallation as by, getCodexCredentialStatus as bz, type ActiveSandboxPointer as c, recordLeaseDataPlaneUrl as c$, getWorkspaceEnvironmentByName as c0, getWorkspaceEnvironmentValuesForRun as c1, getWorkspaceGrant as c2, getWorkspacePack as c3, grantWorkspaceAccess as c4, hasCreditLedgerEntry as c5, heartbeatLeaseHolder as c6, incrementTurnWorkerDeathRedispatches as c7, ingestMachineMetricsSample as c8, insertMachineMetricsSeries as c9, listSocialConnections as cA, listSocialPosts as cB, listUsageEvents as cC, listWorkspaceEnvironments as cD, listWorkspaceMembers as cE, listWorkspacePacks as cF, listWorkspacesForSubject as cG, loadCodexCredentialForRun as cH, loadWorkspaceEnvironmentForRun as cI, markFileUploadFailed as cJ, markStripeWebhookProcessed as cK, mcpServerIdForCapability as cL, nextSessionHistoryPosition as cM, orphanedResultRowIndicesForRepair as cN, persistDrainSnapshot as cO, reArmDrainingLease as cP, readActiveSandbox as cQ, readLease as cR, readMachineMetricsLatest as cS, readMachineMetricsLatestForWorkspace as cT, readMachineMetricsSeries as cU, reapStaleLeaseHolders as cV, reapStaleLeaseHoldersGlobal as cW, recordAuditEvent as cX, recordCodexAccountConnectors as cY, recordCodexAccountUsage as cZ, recordCodexTokenRefresh as c_, insertPtySession as ca, insertRecording as cb, isCodexBilledTurn as cc, isStripeWebhookProcessed as cd, listApiKeys as ce, listCapabilityCatalogItems as cf, listCapabilityInstallations as cg, listCodexAccountStatuses as ch, listDistinctEnvironmentIdsInGroup as ci, listEnabledMcpCapabilityServers as cj, listEnrollments as ck, listGitHubInstallationIdsForWorkspace as cl, listGitHubInstallationsForWorkspace as cm, listMeterableWarmLeases as cn, listOpenPtySessions as co, listPackInstallations as cp, listRecordings as cq, listSandboxes as cr, listScheduledTaskRuns as cs, listScheduledTasks as ct, listSessionEvents as cu, listSessionIdsInGroup as cv, listSessionMcpServerMetadata as cw, listSessionMcpServersForRun as cx, listSessionTurns as cy, listSessions as cz, type AppendEventInput as d, withAccountRls as d$, recordLeaseTerminalDataPlaneUrl as d0, recordSessionActiveCodexCredential as d1, recordStreamAcknowledgment as d2, recordStripeWebhookEvent as d3, recordUsageEvent as d4, registerDbBinding as d5, registerWorkspacePack as d6, releaseLeaseHolder as d7, removeWorkspaceMember as d8, renameCodexAccount as d9, setSessionGoalStatus as dA, setSessionLastInputTokens as dB, setSessionStatus as dC, setTemporalWorkflowId as dD, setWorkspaceEnvironmentVariable as dE, sumUsageQuantity as dF, touchEnrollmentLastSeen as dG, updateCodexRotationSettings as dH, updatePackInstallationStatus as dI, updatePtySessionActivity as dJ, updateQueuedSessionTurn as dK, updateRecording as dL, updateScheduledTask as dM, updateScheduledTaskRun as dN, updateSessionGoal as dO, updateSessionMcpServerCredentials as dP, updateSessionTitle as dQ, updateWorkspace as dR, updateWorkspaceEnvironment as dS, upsertBillingCustomer as dT, upsertCapabilityCatalogItem as dU, upsertCodexSubscriptionCredential as dV, upsertGitHubInstallation as dW, upsertMachineMetricsLatest as dX, upsertSandboxSessionEnvelope as dY, upsertSessionGoal as dZ, wakeParentSessionForChildCompletion as d_, reorderQueuedSessionTurns as da, requestSessionCompaction as db, requeuePreemptedTurn as dc, requireFile as dd, requireScheduledTask as de, requireSession as df, requireSocialConnection as dg, requireWorkspace as dh, revokeApiKey as di, revokeEnrollment as dj, revokeViewer as dk, rlsContextForWorkspace as dl, rlsStrategyFor as dm, sanitizeEventPayload as dn, sanitizeEventString as dp, saveRunState as dq, sessionSubject as dr, setActiveCodexCredential as ds, setActiveSandbox as dt, setCodexCredentialExhausted as du, setCodexCredentialStatus as dv, setEnrollmentHasDisplay as dw, setRlsContext as dx, setSessionCodexPin as dy, setSessionGoalLastContinuationTurn as dz, CODEX_ROTATION_STRATEGIES as e, withRlsContext as e0, withWorkspaceRls as e1, withWorkspaceUsageLock as e2, workspaceCodexSubscriptionActive as e3, type ClearSessionContextResult as f, type CodexAccountStatus as g, type CodexAccountUsageSnapshot as h, type CodexAuthDeps as i, type CodexCredentialForRun as j, type CodexCredentialTokens as k, type CodexRotationSettings as l, type CodexRotationStrategy as m, type CreateCapabilityCatalogItemInput as n, type CreateDbOptions as o, type CreatePackInstallationInput as p, provisionRoles, type CreateScheduledTaskInput as q, type CreateSessionGoalInput as r, type CreateSessionMcpServerInput as s, type CreateSocialConnectionInput as t, type CreateSocialPostInput as u, type DbClient as v, type DeviceEnrollmentRequestRecord as w, type DeviceEnrollmentStatus as x, type EnabledMcpCapabilityServer as y, type EnqueueSessionTurnInput as z };
|
|
@@ -2057,6 +2057,255 @@ declare const sessions: drizzle_orm_pg_core.PgTableWithColumns<{
|
|
|
2057
2057
|
};
|
|
2058
2058
|
dialect: "pg";
|
|
2059
2059
|
}>;
|
|
2060
|
+
declare const sessionMcpServers: drizzle_orm_pg_core.PgTableWithColumns<{
|
|
2061
|
+
name: "session_mcp_servers";
|
|
2062
|
+
schema: undefined;
|
|
2063
|
+
columns: {
|
|
2064
|
+
id: drizzle_orm_pg_core.PgColumn<{
|
|
2065
|
+
name: "id";
|
|
2066
|
+
tableName: "session_mcp_servers";
|
|
2067
|
+
dataType: "string";
|
|
2068
|
+
columnType: "PgUUID";
|
|
2069
|
+
data: string;
|
|
2070
|
+
driverParam: string;
|
|
2071
|
+
notNull: true;
|
|
2072
|
+
hasDefault: true;
|
|
2073
|
+
isPrimaryKey: true;
|
|
2074
|
+
isAutoincrement: false;
|
|
2075
|
+
hasRuntimeDefault: false;
|
|
2076
|
+
enumValues: undefined;
|
|
2077
|
+
baseColumn: never;
|
|
2078
|
+
identity: undefined;
|
|
2079
|
+
generated: undefined;
|
|
2080
|
+
}, {}, {}>;
|
|
2081
|
+
accountId: drizzle_orm_pg_core.PgColumn<{
|
|
2082
|
+
name: "account_id";
|
|
2083
|
+
tableName: "session_mcp_servers";
|
|
2084
|
+
dataType: "string";
|
|
2085
|
+
columnType: "PgUUID";
|
|
2086
|
+
data: string;
|
|
2087
|
+
driverParam: string;
|
|
2088
|
+
notNull: true;
|
|
2089
|
+
hasDefault: false;
|
|
2090
|
+
isPrimaryKey: false;
|
|
2091
|
+
isAutoincrement: false;
|
|
2092
|
+
hasRuntimeDefault: false;
|
|
2093
|
+
enumValues: undefined;
|
|
2094
|
+
baseColumn: never;
|
|
2095
|
+
identity: undefined;
|
|
2096
|
+
generated: undefined;
|
|
2097
|
+
}, {}, {}>;
|
|
2098
|
+
workspaceId: drizzle_orm_pg_core.PgColumn<{
|
|
2099
|
+
name: "workspace_id";
|
|
2100
|
+
tableName: "session_mcp_servers";
|
|
2101
|
+
dataType: "string";
|
|
2102
|
+
columnType: "PgUUID";
|
|
2103
|
+
data: string;
|
|
2104
|
+
driverParam: string;
|
|
2105
|
+
notNull: true;
|
|
2106
|
+
hasDefault: false;
|
|
2107
|
+
isPrimaryKey: false;
|
|
2108
|
+
isAutoincrement: false;
|
|
2109
|
+
hasRuntimeDefault: false;
|
|
2110
|
+
enumValues: undefined;
|
|
2111
|
+
baseColumn: never;
|
|
2112
|
+
identity: undefined;
|
|
2113
|
+
generated: undefined;
|
|
2114
|
+
}, {}, {}>;
|
|
2115
|
+
sessionId: drizzle_orm_pg_core.PgColumn<{
|
|
2116
|
+
name: "session_id";
|
|
2117
|
+
tableName: "session_mcp_servers";
|
|
2118
|
+
dataType: "string";
|
|
2119
|
+
columnType: "PgUUID";
|
|
2120
|
+
data: string;
|
|
2121
|
+
driverParam: string;
|
|
2122
|
+
notNull: true;
|
|
2123
|
+
hasDefault: false;
|
|
2124
|
+
isPrimaryKey: false;
|
|
2125
|
+
isAutoincrement: false;
|
|
2126
|
+
hasRuntimeDefault: false;
|
|
2127
|
+
enumValues: undefined;
|
|
2128
|
+
baseColumn: never;
|
|
2129
|
+
identity: undefined;
|
|
2130
|
+
generated: undefined;
|
|
2131
|
+
}, {}, {}>;
|
|
2132
|
+
serverId: drizzle_orm_pg_core.PgColumn<{
|
|
2133
|
+
name: "server_id";
|
|
2134
|
+
tableName: "session_mcp_servers";
|
|
2135
|
+
dataType: "string";
|
|
2136
|
+
columnType: "PgText";
|
|
2137
|
+
data: string;
|
|
2138
|
+
driverParam: string;
|
|
2139
|
+
notNull: true;
|
|
2140
|
+
hasDefault: false;
|
|
2141
|
+
isPrimaryKey: false;
|
|
2142
|
+
isAutoincrement: false;
|
|
2143
|
+
hasRuntimeDefault: false;
|
|
2144
|
+
enumValues: [string, ...string[]];
|
|
2145
|
+
baseColumn: never;
|
|
2146
|
+
identity: undefined;
|
|
2147
|
+
generated: undefined;
|
|
2148
|
+
}, {}, {}>;
|
|
2149
|
+
name: drizzle_orm_pg_core.PgColumn<{
|
|
2150
|
+
name: "name";
|
|
2151
|
+
tableName: "session_mcp_servers";
|
|
2152
|
+
dataType: "string";
|
|
2153
|
+
columnType: "PgText";
|
|
2154
|
+
data: string;
|
|
2155
|
+
driverParam: string;
|
|
2156
|
+
notNull: false;
|
|
2157
|
+
hasDefault: false;
|
|
2158
|
+
isPrimaryKey: false;
|
|
2159
|
+
isAutoincrement: false;
|
|
2160
|
+
hasRuntimeDefault: false;
|
|
2161
|
+
enumValues: [string, ...string[]];
|
|
2162
|
+
baseColumn: never;
|
|
2163
|
+
identity: undefined;
|
|
2164
|
+
generated: undefined;
|
|
2165
|
+
}, {}, {}>;
|
|
2166
|
+
url: drizzle_orm_pg_core.PgColumn<{
|
|
2167
|
+
name: "url";
|
|
2168
|
+
tableName: "session_mcp_servers";
|
|
2169
|
+
dataType: "string";
|
|
2170
|
+
columnType: "PgText";
|
|
2171
|
+
data: string;
|
|
2172
|
+
driverParam: string;
|
|
2173
|
+
notNull: true;
|
|
2174
|
+
hasDefault: false;
|
|
2175
|
+
isPrimaryKey: false;
|
|
2176
|
+
isAutoincrement: false;
|
|
2177
|
+
hasRuntimeDefault: false;
|
|
2178
|
+
enumValues: [string, ...string[]];
|
|
2179
|
+
baseColumn: never;
|
|
2180
|
+
identity: undefined;
|
|
2181
|
+
generated: undefined;
|
|
2182
|
+
}, {}, {}>;
|
|
2183
|
+
allowedTools: drizzle_orm_pg_core.PgColumn<{
|
|
2184
|
+
name: "allowed_tools";
|
|
2185
|
+
tableName: "session_mcp_servers";
|
|
2186
|
+
dataType: "json";
|
|
2187
|
+
columnType: "PgJsonb";
|
|
2188
|
+
data: string[];
|
|
2189
|
+
driverParam: unknown;
|
|
2190
|
+
notNull: false;
|
|
2191
|
+
hasDefault: false;
|
|
2192
|
+
isPrimaryKey: false;
|
|
2193
|
+
isAutoincrement: false;
|
|
2194
|
+
hasRuntimeDefault: false;
|
|
2195
|
+
enumValues: undefined;
|
|
2196
|
+
baseColumn: never;
|
|
2197
|
+
identity: undefined;
|
|
2198
|
+
generated: undefined;
|
|
2199
|
+
}, {}, {
|
|
2200
|
+
$type: string[];
|
|
2201
|
+
}>;
|
|
2202
|
+
timeoutMs: drizzle_orm_pg_core.PgColumn<{
|
|
2203
|
+
name: "timeout_ms";
|
|
2204
|
+
tableName: "session_mcp_servers";
|
|
2205
|
+
dataType: "number";
|
|
2206
|
+
columnType: "PgInteger";
|
|
2207
|
+
data: number;
|
|
2208
|
+
driverParam: string | number;
|
|
2209
|
+
notNull: false;
|
|
2210
|
+
hasDefault: false;
|
|
2211
|
+
isPrimaryKey: false;
|
|
2212
|
+
isAutoincrement: false;
|
|
2213
|
+
hasRuntimeDefault: false;
|
|
2214
|
+
enumValues: undefined;
|
|
2215
|
+
baseColumn: never;
|
|
2216
|
+
identity: undefined;
|
|
2217
|
+
generated: undefined;
|
|
2218
|
+
}, {}, {}>;
|
|
2219
|
+
cacheToolsList: drizzle_orm_pg_core.PgColumn<{
|
|
2220
|
+
name: "cache_tools_list";
|
|
2221
|
+
tableName: "session_mcp_servers";
|
|
2222
|
+
dataType: "boolean";
|
|
2223
|
+
columnType: "PgBoolean";
|
|
2224
|
+
data: boolean;
|
|
2225
|
+
driverParam: boolean;
|
|
2226
|
+
notNull: true;
|
|
2227
|
+
hasDefault: true;
|
|
2228
|
+
isPrimaryKey: false;
|
|
2229
|
+
isAutoincrement: false;
|
|
2230
|
+
hasRuntimeDefault: false;
|
|
2231
|
+
enumValues: undefined;
|
|
2232
|
+
baseColumn: never;
|
|
2233
|
+
identity: undefined;
|
|
2234
|
+
generated: undefined;
|
|
2235
|
+
}, {}, {}>;
|
|
2236
|
+
headersEncrypted: drizzle_orm_pg_core.PgColumn<{
|
|
2237
|
+
name: "headers_encrypted";
|
|
2238
|
+
tableName: "session_mcp_servers";
|
|
2239
|
+
dataType: "json";
|
|
2240
|
+
columnType: "PgJsonb";
|
|
2241
|
+
data: Record<string, string>;
|
|
2242
|
+
driverParam: unknown;
|
|
2243
|
+
notNull: true;
|
|
2244
|
+
hasDefault: true;
|
|
2245
|
+
isPrimaryKey: false;
|
|
2246
|
+
isAutoincrement: false;
|
|
2247
|
+
hasRuntimeDefault: false;
|
|
2248
|
+
enumValues: undefined;
|
|
2249
|
+
baseColumn: never;
|
|
2250
|
+
identity: undefined;
|
|
2251
|
+
generated: undefined;
|
|
2252
|
+
}, {}, {
|
|
2253
|
+
$type: Record<string, string>;
|
|
2254
|
+
}>;
|
|
2255
|
+
credentialVersion: drizzle_orm_pg_core.PgColumn<{
|
|
2256
|
+
name: "credential_version";
|
|
2257
|
+
tableName: "session_mcp_servers";
|
|
2258
|
+
dataType: "number";
|
|
2259
|
+
columnType: "PgInteger";
|
|
2260
|
+
data: number;
|
|
2261
|
+
driverParam: string | number;
|
|
2262
|
+
notNull: true;
|
|
2263
|
+
hasDefault: true;
|
|
2264
|
+
isPrimaryKey: false;
|
|
2265
|
+
isAutoincrement: false;
|
|
2266
|
+
hasRuntimeDefault: false;
|
|
2267
|
+
enumValues: undefined;
|
|
2268
|
+
baseColumn: never;
|
|
2269
|
+
identity: undefined;
|
|
2270
|
+
generated: undefined;
|
|
2271
|
+
}, {}, {}>;
|
|
2272
|
+
createdAt: drizzle_orm_pg_core.PgColumn<{
|
|
2273
|
+
name: "created_at";
|
|
2274
|
+
tableName: "session_mcp_servers";
|
|
2275
|
+
dataType: "date";
|
|
2276
|
+
columnType: "PgTimestamp";
|
|
2277
|
+
data: Date;
|
|
2278
|
+
driverParam: string;
|
|
2279
|
+
notNull: true;
|
|
2280
|
+
hasDefault: true;
|
|
2281
|
+
isPrimaryKey: false;
|
|
2282
|
+
isAutoincrement: false;
|
|
2283
|
+
hasRuntimeDefault: false;
|
|
2284
|
+
enumValues: undefined;
|
|
2285
|
+
baseColumn: never;
|
|
2286
|
+
identity: undefined;
|
|
2287
|
+
generated: undefined;
|
|
2288
|
+
}, {}, {}>;
|
|
2289
|
+
updatedAt: drizzle_orm_pg_core.PgColumn<{
|
|
2290
|
+
name: "updated_at";
|
|
2291
|
+
tableName: "session_mcp_servers";
|
|
2292
|
+
dataType: "date";
|
|
2293
|
+
columnType: "PgTimestamp";
|
|
2294
|
+
data: Date;
|
|
2295
|
+
driverParam: string;
|
|
2296
|
+
notNull: true;
|
|
2297
|
+
hasDefault: true;
|
|
2298
|
+
isPrimaryKey: false;
|
|
2299
|
+
isAutoincrement: false;
|
|
2300
|
+
hasRuntimeDefault: false;
|
|
2301
|
+
enumValues: undefined;
|
|
2302
|
+
baseColumn: never;
|
|
2303
|
+
identity: undefined;
|
|
2304
|
+
generated: undefined;
|
|
2305
|
+
}, {}, {}>;
|
|
2306
|
+
};
|
|
2307
|
+
dialect: "pg";
|
|
2308
|
+
}>;
|
|
2060
2309
|
declare const files: drizzle_orm_pg_core.PgTableWithColumns<{
|
|
2061
2310
|
name: "files";
|
|
2062
2311
|
schema: undefined;
|
|
@@ -9683,6 +9932,7 @@ declare const schema_scheduledTasks: typeof scheduledTasks;
|
|
|
9683
9932
|
declare const schema_sessionEvents: typeof sessionEvents;
|
|
9684
9933
|
declare const schema_sessionGoals: typeof sessionGoals;
|
|
9685
9934
|
declare const schema_sessionHistoryItems: typeof sessionHistoryItems;
|
|
9935
|
+
declare const schema_sessionMcpServers: typeof sessionMcpServers;
|
|
9686
9936
|
declare const schema_sessionRecordingCodecValues: typeof sessionRecordingCodecValues;
|
|
9687
9937
|
declare const schema_sessionRecordingModeValues: typeof sessionRecordingModeValues;
|
|
9688
9938
|
declare const schema_sessionRecordingStateValues: typeof sessionRecordingStateValues;
|
|
@@ -9699,7 +9949,7 @@ declare const schema_workspaceMemberships: typeof workspaceMemberships;
|
|
|
9699
9949
|
declare const schema_workspacePacks: typeof workspacePacks;
|
|
9700
9950
|
declare const schema_workspaces: typeof workspaces;
|
|
9701
9951
|
declare namespace schema {
|
|
9702
|
-
export { schema_agentRunStates as agentRunStates, schema_apiKeys as apiKeys, schema_auditEvents as auditEvents, schema_billingCustomers as billingCustomers, schema_capabilityCatalogItems as capabilityCatalogItems, schema_capabilityInstallations as capabilityInstallations, schema_codexRotationSettings as codexRotationSettings, schema_codexSubscriptionCredentials as codexSubscriptionCredentials, schema_creditLedgerEntries as creditLedgerEntries, schema_deviceEnrollmentRequests as deviceEnrollmentRequests, schema_deviceEnrollmentStatusValues as deviceEnrollmentStatusValues, schema_documentBases as documentBases, schema_documentChunks as documentChunks, schema_documents as documents, schema_enrollmentExposureValues as enrollmentExposureValues, schema_enrollmentOsValues as enrollmentOsValues, schema_enrollmentStatusValues as enrollmentStatusValues, schema_enrollments as enrollments, schema_fileUploads as fileUploads, schema_files as files, schema_githubInstallations as githubInstallations, schema_machineMetricsLatest as machineMetricsLatest, schema_machineMetricsSeries as machineMetricsSeries, schema_managedAccounts as managedAccounts, schema_packInstallations as packInstallations, schema_sandboxKindValues as sandboxKindValues, schema_sandboxLeaseHolders as sandboxLeaseHolders, schema_sandboxLeaseLivenessValues as sandboxLeaseLivenessValues, schema_sandboxLeases as sandboxLeases, schema_sandboxPtySessions as sandboxPtySessions, schema_sandboxSessionEnvelopes as sandboxSessionEnvelopes, schema_sandboxes as sandboxes, schema_scheduledTaskRuns as scheduledTaskRuns, schema_scheduledTasks as scheduledTasks, schema_sessionEvents as sessionEvents, schema_sessionGoals as sessionGoals, schema_sessionHistoryItems as sessionHistoryItems, schema_sessionRecordingCodecValues as sessionRecordingCodecValues, schema_sessionRecordingModeValues as sessionRecordingModeValues, schema_sessionRecordingStateValues as sessionRecordingStateValues, schema_sessionRecordings as sessionRecordings, schema_sessionTurns as sessionTurns, schema_sessions as sessions, schema_socialConnections as socialConnections, schema_socialPosts as socialPosts, schema_stripeWebhookEvents as stripeWebhookEvents, schema_usageEvents as usageEvents, schema_workspaceEnvironmentVariables as workspaceEnvironmentVariables, schema_workspaceEnvironments as workspaceEnvironments, schema_workspaceMemberships as workspaceMemberships, schema_workspacePacks as workspacePacks, schema_workspaces as workspaces };
|
|
9952
|
+
export { schema_agentRunStates as agentRunStates, schema_apiKeys as apiKeys, schema_auditEvents as auditEvents, schema_billingCustomers as billingCustomers, schema_capabilityCatalogItems as capabilityCatalogItems, schema_capabilityInstallations as capabilityInstallations, schema_codexRotationSettings as codexRotationSettings, schema_codexSubscriptionCredentials as codexSubscriptionCredentials, schema_creditLedgerEntries as creditLedgerEntries, schema_deviceEnrollmentRequests as deviceEnrollmentRequests, schema_deviceEnrollmentStatusValues as deviceEnrollmentStatusValues, schema_documentBases as documentBases, schema_documentChunks as documentChunks, schema_documents as documents, schema_enrollmentExposureValues as enrollmentExposureValues, schema_enrollmentOsValues as enrollmentOsValues, schema_enrollmentStatusValues as enrollmentStatusValues, schema_enrollments as enrollments, schema_fileUploads as fileUploads, schema_files as files, schema_githubInstallations as githubInstallations, schema_machineMetricsLatest as machineMetricsLatest, schema_machineMetricsSeries as machineMetricsSeries, schema_managedAccounts as managedAccounts, schema_packInstallations as packInstallations, schema_sandboxKindValues as sandboxKindValues, schema_sandboxLeaseHolders as sandboxLeaseHolders, schema_sandboxLeaseLivenessValues as sandboxLeaseLivenessValues, schema_sandboxLeases as sandboxLeases, schema_sandboxPtySessions as sandboxPtySessions, schema_sandboxSessionEnvelopes as sandboxSessionEnvelopes, schema_sandboxes as sandboxes, schema_scheduledTaskRuns as scheduledTaskRuns, schema_scheduledTasks as scheduledTasks, schema_sessionEvents as sessionEvents, schema_sessionGoals as sessionGoals, schema_sessionHistoryItems as sessionHistoryItems, schema_sessionMcpServers as sessionMcpServers, schema_sessionRecordingCodecValues as sessionRecordingCodecValues, schema_sessionRecordingModeValues as sessionRecordingModeValues, schema_sessionRecordingStateValues as sessionRecordingStateValues, schema_sessionRecordings as sessionRecordings, schema_sessionTurns as sessionTurns, schema_sessions as sessions, schema_socialConnections as socialConnections, schema_socialPosts as socialPosts, schema_stripeWebhookEvents as stripeWebhookEvents, schema_usageEvents as usageEvents, schema_workspaceEnvironmentVariables as workspaceEnvironmentVariables, schema_workspaceEnvironments as workspaceEnvironments, schema_workspaceMemberships as workspaceMemberships, schema_workspacePacks as workspacePacks, schema_workspaces as workspaces };
|
|
9703
9953
|
}
|
|
9704
9954
|
|
|
9705
|
-
export { machineMetricsLatest as A, machineMetricsSeries as B, managedAccounts as C, packInstallations as D, sandboxLeaseHolders as E, sandboxLeaseLivenessValues as F, sandboxLeases as G, sandboxPtySessions as H, sandboxSessionEnvelopes as I, sandboxes as J, scheduledTaskRuns as K, scheduledTasks as L, sessionEvents as M, sessionGoals as N, sessionHistoryItems as O,
|
|
9955
|
+
export { workspaces as $, machineMetricsLatest as A, machineMetricsSeries as B, managedAccounts as C, packInstallations as D, sandboxLeaseHolders as E, sandboxLeaseLivenessValues as F, sandboxLeases as G, sandboxPtySessions as H, sandboxSessionEnvelopes as I, sandboxes as J, scheduledTaskRuns as K, scheduledTasks as L, sessionEvents as M, sessionGoals as N, sessionHistoryItems as O, sessionMcpServers as P, sessionRecordings as Q, sessionTurns as R, sessions as S, socialConnections as T, socialPosts as U, stripeWebhookEvents as V, usageEvents as W, workspaceEnvironmentVariables as X, workspaceEnvironments as Y, workspaceMemberships as Z, workspacePacks as _, enrollmentExposureValues as a, enrollmentStatusValues as b, sandboxKindValues as c, deviceEnrollmentStatusValues as d, enrollmentOsValues as e, sessionRecordingCodecValues as f, sessionRecordingModeValues as g, sessionRecordingStateValues as h, agentRunStates as i, apiKeys as j, auditEvents as k, billingCustomers as l, capabilityCatalogItems as m, capabilityInstallations as n, codexRotationSettings as o, codexSubscriptionCredentials as p, creditLedgerEntries as q, deviceEnrollmentRequests as r, schema as s, documentBases as t, documentChunks as u, documents as v, enrollments as w, fileUploads as x, files as y, githubInstallations as z };
|
package/dist/schema.d.ts
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import 'drizzle-orm';
|
|
2
2
|
import 'drizzle-orm/pg-core';
|
|
3
|
-
export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues,
|
|
3
|
+
export { i as agentRunStates, j as apiKeys, k as auditEvents, l as billingCustomers, m as capabilityCatalogItems, n as capabilityInstallations, o as codexRotationSettings, p as codexSubscriptionCredentials, q as creditLedgerEntries, r as deviceEnrollmentRequests, d as deviceEnrollmentStatusValues, t as documentBases, u as documentChunks, v as documents, a as enrollmentExposureValues, e as enrollmentOsValues, b as enrollmentStatusValues, w as enrollments, x as fileUploads, y as files, z as githubInstallations, A as machineMetricsLatest, B as machineMetricsSeries, C as managedAccounts, D as packInstallations, c as sandboxKindValues, E as sandboxLeaseHolders, F as sandboxLeaseLivenessValues, G as sandboxLeases, H as sandboxPtySessions, I as sandboxSessionEnvelopes, J as sandboxes, K as scheduledTaskRuns, L as scheduledTasks, M as sessionEvents, N as sessionGoals, O as sessionHistoryItems, P as sessionMcpServers, f as sessionRecordingCodecValues, g as sessionRecordingModeValues, h as sessionRecordingStateValues, Q as sessionRecordings, R as sessionTurns, S as sessions, T as socialConnections, U as socialPosts, V as stripeWebhookEvents, W as usageEvents, X as workspaceEnvironmentVariables, Y as workspaceEnvironments, Z as workspaceMemberships, _ as workspacePacks, $ as workspaces } from './schema-BI0iqN9U.js';
|
package/dist/schema.js
CHANGED
|
@@ -36,6 +36,7 @@ import {
|
|
|
36
36
|
sessionEvents,
|
|
37
37
|
sessionGoals,
|
|
38
38
|
sessionHistoryItems,
|
|
39
|
+
sessionMcpServers,
|
|
39
40
|
sessionRecordingCodecValues,
|
|
40
41
|
sessionRecordingModeValues,
|
|
41
42
|
sessionRecordingStateValues,
|
|
@@ -51,7 +52,7 @@ import {
|
|
|
51
52
|
workspaceMemberships,
|
|
52
53
|
workspacePacks,
|
|
53
54
|
workspaces
|
|
54
|
-
} from "./chunk-
|
|
55
|
+
} from "./chunk-NZA6YVN7.js";
|
|
55
56
|
import "./chunk-PZ5AY32C.js";
|
|
56
57
|
export {
|
|
57
58
|
agentRunStates,
|
|
@@ -91,6 +92,7 @@ export {
|
|
|
91
92
|
sessionEvents,
|
|
92
93
|
sessionGoals,
|
|
93
94
|
sessionHistoryItems,
|
|
95
|
+
sessionMcpServers,
|
|
94
96
|
sessionRecordingCodecValues,
|
|
95
97
|
sessionRecordingModeValues,
|
|
96
98
|
sessionRecordingStateValues,
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
CREATE TABLE IF NOT EXISTS "session_mcp_servers" (
|
|
2
|
+
"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
|
|
3
|
+
"account_id" uuid NOT NULL REFERENCES "managed_accounts"("id") ON DELETE CASCADE,
|
|
4
|
+
"workspace_id" uuid NOT NULL REFERENCES "workspaces"("id") ON DELETE CASCADE,
|
|
5
|
+
"session_id" uuid NOT NULL REFERENCES "sessions"("id") ON DELETE CASCADE,
|
|
6
|
+
"server_id" text NOT NULL,
|
|
7
|
+
"name" text,
|
|
8
|
+
"url" text NOT NULL,
|
|
9
|
+
"allowed_tools" jsonb,
|
|
10
|
+
"timeout_ms" integer,
|
|
11
|
+
"cache_tools_list" boolean NOT NULL DEFAULT false,
|
|
12
|
+
"headers_encrypted" jsonb NOT NULL DEFAULT '{}'::jsonb,
|
|
13
|
+
"credential_version" integer NOT NULL DEFAULT 1,
|
|
14
|
+
"created_at" timestamptz NOT NULL DEFAULT now(),
|
|
15
|
+
"updated_at" timestamptz NOT NULL DEFAULT now(),
|
|
16
|
+
CONSTRAINT "session_mcp_servers_allowed_tools_array_chk"
|
|
17
|
+
CHECK ("allowed_tools" IS NULL OR jsonb_typeof("allowed_tools") = 'array'),
|
|
18
|
+
CONSTRAINT "session_mcp_servers_headers_object_chk"
|
|
19
|
+
CHECK (jsonb_typeof("headers_encrypted") = 'object'),
|
|
20
|
+
CONSTRAINT "session_mcp_servers_timeout_positive_chk"
|
|
21
|
+
CHECK ("timeout_ms" IS NULL OR "timeout_ms" > 0),
|
|
22
|
+
CONSTRAINT "session_mcp_servers_credential_version_positive_chk"
|
|
23
|
+
CHECK ("credential_version" > 0)
|
|
24
|
+
);
|
|
25
|
+
CREATE UNIQUE INDEX IF NOT EXISTS "session_mcp_servers_session_server_idx"
|
|
26
|
+
ON "session_mcp_servers" ("workspace_id", "session_id", "server_id");
|
|
27
|
+
CREATE INDEX IF NOT EXISTS "session_mcp_servers_session_idx"
|
|
28
|
+
ON "session_mcp_servers" ("workspace_id", "session_id");
|
|
29
|
+
|
|
30
|
+
ALTER TABLE "session_mcp_servers" ENABLE ROW LEVEL SECURITY;
|
|
31
|
+
ALTER TABLE "session_mcp_servers" FORCE ROW LEVEL SECURITY;
|
|
32
|
+
DO $$
|
|
33
|
+
BEGIN
|
|
34
|
+
IF EXISTS (
|
|
35
|
+
SELECT 1 FROM pg_policies
|
|
36
|
+
WHERE schemaname = current_schema() AND tablename = 'session_mcp_servers' AND policyname = 'workspace_isolation'
|
|
37
|
+
) THEN
|
|
38
|
+
DROP POLICY workspace_isolation ON "session_mcp_servers";
|
|
39
|
+
END IF;
|
|
40
|
+
END $$;
|
|
41
|
+
CREATE POLICY workspace_isolation ON "session_mcp_servers"
|
|
42
|
+
USING (opengeni_private.workspace_rls_visible(account_id, workspace_id))
|
|
43
|
+
WITH CHECK (opengeni_private.workspace_rls_visible(account_id, workspace_id));
|
|
44
|
+
|
|
45
|
+
DO $$
|
|
46
|
+
BEGIN
|
|
47
|
+
IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'opengeni_app') THEN
|
|
48
|
+
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO opengeni_app;
|
|
49
|
+
END IF;
|
|
50
|
+
END $$;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@opengeni/db",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"description": "OpenGeni persistence: Drizzle schema, RLS-scoped query layer, the SQL migration runner, and role provisioning.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"repository": {
|
|
@@ -52,8 +52,8 @@
|
|
|
52
52
|
},
|
|
53
53
|
"dependencies": {
|
|
54
54
|
"@opengeni/codex": "^0.2.1",
|
|
55
|
-
"@opengeni/config": "^0.2.
|
|
56
|
-
"@opengeni/contracts": "^0.
|
|
55
|
+
"@opengeni/config": "^0.2.3",
|
|
56
|
+
"@opengeni/contracts": "^0.5.0",
|
|
57
57
|
"drizzle-orm": "^0.45.2",
|
|
58
58
|
"postgres": "^3.4.7"
|
|
59
59
|
},
|
|
@@ -81,9 +81,66 @@ export function sanitizeEventPayload<T>(payload: T): T {
|
|
|
81
81
|
}
|
|
82
82
|
if (payload && typeof payload === "object") {
|
|
83
83
|
const entries = Object.entries(payload as Record<string, unknown>).map(
|
|
84
|
-
([key, value]) => [sanitizeEventString(key),
|
|
84
|
+
([key, value]) => [sanitizeEventString(key), sanitizeSensitiveEventField(key, value)] as const,
|
|
85
85
|
);
|
|
86
86
|
return Object.fromEntries(entries) as unknown as T;
|
|
87
87
|
}
|
|
88
88
|
return payload;
|
|
89
89
|
}
|
|
90
|
+
|
|
91
|
+
function sanitizeSensitiveEventField(key: string, value: unknown): unknown {
|
|
92
|
+
if (key === "mcpServers") {
|
|
93
|
+
return sanitizeSessionMcpServerList(value);
|
|
94
|
+
}
|
|
95
|
+
if (key === "mcpCredentialUpdates") {
|
|
96
|
+
return sanitizeMcpCredentialUpdateList(value);
|
|
97
|
+
}
|
|
98
|
+
return sanitizeEventPayload(value);
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
function sanitizeSessionMcpServerList(value: unknown): unknown {
|
|
102
|
+
if (!Array.isArray(value)) {
|
|
103
|
+
return sanitizeEventPayload(value);
|
|
104
|
+
}
|
|
105
|
+
return value.map((item) => {
|
|
106
|
+
if (!isPlainObject(item)) {
|
|
107
|
+
return sanitizeEventPayload(item);
|
|
108
|
+
}
|
|
109
|
+
const { headers, headersEncrypted, ...rest } = item;
|
|
110
|
+
const cleaned = sanitizeEventPayload(rest) as Record<string, unknown>;
|
|
111
|
+
const headerNames = safeHeaderNames(headers) ?? safeHeaderNames(headersEncrypted);
|
|
112
|
+
if (headerNames) {
|
|
113
|
+
cleaned.headerNames = headerNames;
|
|
114
|
+
}
|
|
115
|
+
return cleaned;
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
function sanitizeMcpCredentialUpdateList(value: unknown): unknown {
|
|
120
|
+
if (!Array.isArray(value)) {
|
|
121
|
+
return sanitizeEventPayload(value);
|
|
122
|
+
}
|
|
123
|
+
return value.map((item) => {
|
|
124
|
+
if (!isPlainObject(item)) {
|
|
125
|
+
return sanitizeEventPayload(item);
|
|
126
|
+
}
|
|
127
|
+
const { headers, headersEncrypted, ...rest } = item;
|
|
128
|
+
const cleaned = sanitizeEventPayload(rest) as Record<string, unknown>;
|
|
129
|
+
const headerNames = safeHeaderNames(headers) ?? safeHeaderNames(headersEncrypted);
|
|
130
|
+
if (headerNames) {
|
|
131
|
+
cleaned.headerNames = headerNames;
|
|
132
|
+
}
|
|
133
|
+
return cleaned;
|
|
134
|
+
});
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
function safeHeaderNames(value: unknown): string[] | null {
|
|
138
|
+
if (!isPlainObject(value)) {
|
|
139
|
+
return null;
|
|
140
|
+
}
|
|
141
|
+
return Object.keys(value).map(sanitizeEventString).sort();
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
function isPlainObject(value: unknown): value is Record<string, unknown> {
|
|
145
|
+
return Boolean(value && typeof value === "object" && !Array.isArray(value));
|
|
146
|
+
}
|