@pgpmjs/core 4.12.2 → 4.13.0

package/esm/export/export-meta.js

@@ -854,5 +854,5 @@ export const exportMeta = async ({ opts, dbname, database_id }) => {
     await queryAndParse('uuid_module', `SELECT * FROM metaschema_modules_public.uuid_module WHERE database_id = $1`);
     await queryAndParse('default_ids_module', `SELECT * FROM metaschema_modules_public.default_ids_module WHERE database_id = $1`);
     await queryAndParse('denormalized_table_field', `SELECT * FROM metaschema_modules_public.denormalized_table_field WHERE database_id = $1`);
-    return Object.entries(sql).reduce((m, [_, v]) => m + '\n\n' + v, '');
+    return sql;
 };

package/esm/export/export-migrations.js

@@ -155,12 +155,11 @@ const exportMigrationsToDisk = async ({ project, options, database, databaseId,
         }
         writePgpmPlan(results.rows, opts);
         writePgpmFiles(results.rows, opts);
-        let meta = await exportMeta({
+        const metaResult = await exportMeta({
             opts: options,
             dbname: database,
             database_id: databaseId
         });
-        meta = replacer(meta);
         // Build description for the meta/service extension package
         const metaDesc = metaExtensionDesc || `${metaExtensionName} service utilities for managing domains, APIs, and services`;
         // Detect missing modules at workspace level and prompt user
@@ -189,11 +188,10 @@ const exportMigrationsToDisk = async ({ project, options, database, databaseId,
             schemas: metaSchemasForReplacement,
             name: metaExtensionName
         });
-        const metaPackage = [
-            {
-                deps: [],
-                deploy: 'migrate/meta',
-                content: `SET session_replication_role TO replica;
+        // Create separate files for each table type
+        const metaPackage = [];
+        // Common header for all meta files
+        const commonHeader = `SET session_replication_role TO replica;
 -- using replica in case we are deploying triggers to metaschema_public
 
 -- unaccent, postgis affected and require grants
@@ -207,24 +205,92 @@ DO $LQLMIGRATION$
     EXECUTE format('GRANT CONNECT ON DATABASE %I TO %I', current_database(), 'app_admin');
 
   END;
-$LQLMIGRATION$;
-
-${meta}
-
--- TODO: Research needed - These UPDATE statements may be a security leak.
--- They appear to rebind exported metadata to the target database after import,
--- but exposing dbname in services_public tables could leak internal database names.
--- Consider removing entirely or gating behind an explicit flag.
--- UPDATE services_public.apis
---       SET dbname = current_database() WHERE TRUE;
+$LQLMIGRATION$;`;
+        const commonFooter = `
+SET session_replication_role TO DEFAULT;`;
+        // Define table ordering with dependencies
+        // Tables that depend on 'database' being inserted first
+        const tableOrder = [
+            'database',
+            'database_extension',
+            'schema',
+            'table',
+            'field',
+            'policy',
+            'index',
+            'trigger',
+            'trigger_function',
+            'rls_function',
+            'limit_function',
+            'procedure',
+            'foreign_key_constraint',
+            'primary_key_constraint',
+            'unique_constraint',
+            'check_constraint',
+            'full_text_search',
+            'schema_grant',
+            'table_grant',
+            'domains',
+            'sites',
+            'apis',
+            'apps',
+            'site_modules',
+            'site_themes',
+            'site_metadata',
+            'api_modules',
+            'api_extensions',
+            'api_schemas',
+            'rls_module',
+            'user_auth_module',
+            'memberships_module',
+            'permissions_module',
+            'limits_module',
+            'levels_module',
+            'users_module',
+            'hierarchy_module',
+            'membership_types_module',
+            'invites_module',
+            'emails_module',
+            'tokens_module',
+            'secrets_module',
+            'profiles_module',
+            'encrypted_secrets_module',
+            'connected_accounts_module',
+            'phone_numbers_module',
+            'crypto_addresses_module',
+            'crypto_auth_module',
+            'field_module',
+            'uuid_module',
+            'default_ids_module',
+            'denormalized_table_field'
+        ];
+        // Track which tables have content for dependency resolution
+        const tablesWithContent = [];
+        // Create a file for each table type that has content
+        for (const tableName of tableOrder) {
+            const tableSql = metaResult[tableName];
+            if (tableSql) {
+                const replacedSql = metaReplacer.replacer(tableSql);
+                // Determine dependencies - each table depends on the previous tables that have content
+                // This ensures proper ordering during deployment
+                const deps = tableName === 'database'
+                    ? []
+                    : tablesWithContent.length > 0
+                        ? [`migrate/${tablesWithContent[tablesWithContent.length - 1]}`]
+                        : [];
+                metaPackage.push({
+                    deps,
+                    deploy: `migrate/${tableName}`,
+                    content: `${commonHeader}
 
--- UPDATE services_public.sites
---       SET dbname = current_database() WHERE TRUE;
+${replacedSql}
 
-SET session_replication_role TO DEFAULT;
+${commonFooter}
 `
+                });
+                tablesWithContent.push(tableName);
             }
-        ];
+        }
         opts.replacer = metaReplacer.replacer;
         opts.name = metaExtensionName;
         opts.outdir = svcOutdir;

package/export/export-meta.d.ts

@@ -4,5 +4,6 @@ interface ExportMetaParams {
     dbname: string;
     database_id: string;
 }
-export declare const exportMeta: ({ opts, dbname, database_id }: ExportMetaParams) => Promise<string>;
+export type ExportMetaResult = Record<string, string>;
+export declare const exportMeta: ({ opts, dbname, database_id }: ExportMetaParams) => Promise<ExportMetaResult>;
 export {};

package/export/export-meta.js

@@ -857,6 +857,6 @@ const exportMeta = async ({ opts, dbname, database_id }) => {
     await queryAndParse('uuid_module', `SELECT * FROM metaschema_modules_public.uuid_module WHERE database_id = $1`);
     await queryAndParse('default_ids_module', `SELECT * FROM metaschema_modules_public.default_ids_module WHERE database_id = $1`);
     await queryAndParse('denormalized_table_field', `SELECT * FROM metaschema_modules_public.denormalized_table_field WHERE database_id = $1`);
-    return Object.entries(sql).reduce((m, [_, v]) => m + '\n\n' + v, '');
+    return sql;
 };
 exports.exportMeta = exportMeta;

package/export/export-migrations.js

@@ -161,12 +161,11 @@ const exportMigrationsToDisk = async ({ project, options, database, databaseId,
         }
         (0, files_1.writePgpmPlan)(results.rows, opts);
         (0, files_1.writePgpmFiles)(results.rows, opts);
-        let meta = await (0, export_meta_1.exportMeta)({
+        const metaResult = await (0, export_meta_1.exportMeta)({
             opts: options,
             dbname: database,
             database_id: databaseId
         });
-        meta = replacer(meta);
         // Build description for the meta/service extension package
         const metaDesc = metaExtensionDesc || `${metaExtensionName} service utilities for managing domains, APIs, and services`;
         // Detect missing modules at workspace level and prompt user
@@ -195,11 +194,10 @@ const exportMigrationsToDisk = async ({ project, options, database, databaseId,
             schemas: metaSchemasForReplacement,
             name: metaExtensionName
         });
-        const metaPackage = [
-            {
-                deps: [],
-                deploy: 'migrate/meta',
-                content: `SET session_replication_role TO replica;
+        // Create separate files for each table type
+        const metaPackage = [];
+        // Common header for all meta files
+        const commonHeader = `SET session_replication_role TO replica;
 -- using replica in case we are deploying triggers to metaschema_public
 
 -- unaccent, postgis affected and require grants
@@ -213,24 +211,92 @@ DO $LQLMIGRATION$
     EXECUTE format('GRANT CONNECT ON DATABASE %I TO %I', current_database(), 'app_admin');
 
   END;
-$LQLMIGRATION$;
-
-${meta}
-
--- TODO: Research needed - These UPDATE statements may be a security leak.
--- They appear to rebind exported metadata to the target database after import,
--- but exposing dbname in services_public tables could leak internal database names.
--- Consider removing entirely or gating behind an explicit flag.
--- UPDATE services_public.apis
---       SET dbname = current_database() WHERE TRUE;
+$LQLMIGRATION$;`;
+        const commonFooter = `
+SET session_replication_role TO DEFAULT;`;
+        // Define table ordering with dependencies
+        // Tables that depend on 'database' being inserted first
+        const tableOrder = [
+            'database',
+            'database_extension',
+            'schema',
+            'table',
+            'field',
+            'policy',
+            'index',
+            'trigger',
+            'trigger_function',
+            'rls_function',
+            'limit_function',
+            'procedure',
+            'foreign_key_constraint',
+            'primary_key_constraint',
+            'unique_constraint',
+            'check_constraint',
+            'full_text_search',
+            'schema_grant',
+            'table_grant',
+            'domains',
+            'sites',
+            'apis',
+            'apps',
+            'site_modules',
+            'site_themes',
+            'site_metadata',
+            'api_modules',
+            'api_extensions',
+            'api_schemas',
+            'rls_module',
+            'user_auth_module',
+            'memberships_module',
+            'permissions_module',
+            'limits_module',
+            'levels_module',
+            'users_module',
+            'hierarchy_module',
+            'membership_types_module',
+            'invites_module',
+            'emails_module',
+            'tokens_module',
+            'secrets_module',
+            'profiles_module',
+            'encrypted_secrets_module',
+            'connected_accounts_module',
+            'phone_numbers_module',
+            'crypto_addresses_module',
+            'crypto_auth_module',
+            'field_module',
+            'uuid_module',
+            'default_ids_module',
+            'denormalized_table_field'
+        ];
+        // Track which tables have content for dependency resolution
+        const tablesWithContent = [];
+        // Create a file for each table type that has content
+        for (const tableName of tableOrder) {
+            const tableSql = metaResult[tableName];
+            if (tableSql) {
+                const replacedSql = metaReplacer.replacer(tableSql);
+                // Determine dependencies - each table depends on the previous tables that have content
+                // This ensures proper ordering during deployment
+                const deps = tableName === 'database'
+                    ? []
+                    : tablesWithContent.length > 0
+                        ? [`migrate/${tablesWithContent[tablesWithContent.length - 1]}`]
+                        : [];
+                metaPackage.push({
+                    deps,
+                    deploy: `migrate/${tableName}`,
+                    content: `${commonHeader}
 
--- UPDATE services_public.sites
---       SET dbname = current_database() WHERE TRUE;
+${replacedSql}
 
-SET session_replication_role TO DEFAULT;
+${commonFooter}
 `
+                });
+                tablesWithContent.push(tableName);
             }
-        ];
+        }
         opts.replacer = metaReplacer.replacer;
         opts.name = metaExtensionName;
         opts.outdir = svcOutdir;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pgpmjs/core",
-  "version": "4.12.2",
+  "version": "4.13.0",
   "author": "Constructive <developers@constructive.io>",
   "description": "PGPM Package and Migration Tools",
   "main": "index.js",
@@ -64,5 +64,5 @@
     "pgsql-parser": "^17.9.11",
     "yanse": "^0.1.11"
   },
-  "gitHead": "8ba31ce871a6fec054ee6ea5627f44d69c635828"
+  "gitHead": "eff12e839462a1d5435f04318db1f44fc141e235"
 }