@pgpmjs/server-utils 2.8.0

package/LICENSE

@@ -0,0 +1,23 @@
+The MIT License (MIT)
+
+Copyright (c) 2025 Dan Lynch <pyramation@gmail.com>
+Copyright (c) 2025 Constructive <developers@constructive.io>
+Copyright (c) 2020-present, Interweb, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,89 @@
+# @launchql/server-utils
+
+<p align="center" width="100%">
+  <img height="250" src="https://raw.githubusercontent.com/constructive-io/constructive/refs/heads/main/assets/outline-logo.svg" />
+</p>
+
+<p align="center" width="100%">
+  <a href="https://github.com/constructive-io/constructive/actions/workflows/run-tests.yaml">
+    <img height="20" src="https://github.com/constructive-io/constructive/actions/workflows/run-tests.yaml/badge.svg" />
+  </a>
+   <a href="https://github.com/constructive-io/constructive/blob/main/LICENSE"><img height="20" src="https://img.shields.io/badge/license-MIT-blue.svg"/></a>
+   <a href="https://www.npmjs.com/package/@launchql/server-utils"><img height="20" src="https://img.shields.io/github/package-json/v/constructive-io/constructive?filename=packages%2Fserver-utils%2Fpackage.json"/></a>
+</p>
+
+---
+
+## Education and Tutorials
+
+ 1. 🚀 [Quickstart: Getting Up and Running](https://constructive.io/learn/quickstart)
+Get started with modular databases in minutes. Install prerequisites and deploy your first module.
+
+ 2. 📦 [Modular PostgreSQL Development with Database Packages](https://constructive.io/learn/modular-postgres)
+Learn to organize PostgreSQL projects with pgpm workspaces and reusable database modules.
+
+ 3. ✏️ [Authoring Database Changes](https://constructive.io/learn/authoring-database-changes)
+Master the workflow for adding, organizing, and managing database changes with pgpm.
+
+ 4. 🧪 [End-to-End PostgreSQL Testing with TypeScript](https://constructive.io/learn/e2e-postgres-testing)
+Master end-to-end PostgreSQL testing with ephemeral databases, RLS testing, and CI/CD automation.
+
+ 5. ⚡ [Supabase Testing](https://constructive.io/learn/supabase)
+Use TypeScript-first tools to test Supabase projects with realistic RLS, policies, and auth contexts.
+
+ 6. 💧 [Drizzle ORM Testing](https://constructive.io/learn/drizzle-testing)
+Run full-stack tests with Drizzle ORM, including database setup, teardown, and RLS enforcement.
+
+ 7. 🔧 [Troubleshooting](https://constructive.io/learn/troubleshooting)
+Common issues and solutions for pgpm, PostgreSQL, and testing.
+
+## Related Constructive Tooling
+
+### 🧪 Testing
+
+* [pgsql-test](https://github.com/constructive-io/constructive/tree/main/packages/pgsql-test): **📊 Isolated testing environments** with per-test transaction rollbacks—ideal for integration tests, complex migrations, and RLS simulation.
+* [supabase-test](https://github.com/constructive-io/constructive/tree/main/packages/supabase-test): **🧪 Supabase-native test harness** preconfigured for the local Supabase stack—per-test rollbacks, JWT/role context helpers, and CI/GitHub Actions ready.
+* [graphile-test](https://github.com/constructive-io/constructive/tree/main/packages/graphile-test): **🔐 Authentication mocking** for Graphile-focused test helpers and emulating row-level security contexts.
+* [pg-query-context](https://github.com/constructive-io/constructive/tree/main/packages/pg-query-context): **🔒 Session context injection** to add session-local context (e.g., `SET LOCAL`) into queries—ideal for setting `role`, `jwt.claims`, and other session settings.
+
+### 🧠 Parsing & AST
+
+* [pgsql-parser](https://www.npmjs.com/package/pgsql-parser): **🔄 SQL conversion engine** that interprets and converts PostgreSQL syntax.
+* [libpg-query-node](https://www.npmjs.com/package/libpg-query): **🌉 Node.js bindings** for `libpg_query`, converting SQL into parse trees.
+* [pg-proto-parser](https://www.npmjs.com/package/pg-proto-parser): **📦 Protobuf parser** for parsing PostgreSQL Protocol Buffers definitions to generate TypeScript interfaces, utility functions, and JSON mappings for enums.
+* [@pgsql/enums](https://www.npmjs.com/package/@pgsql/enums): **🏷️ TypeScript enums** for PostgreSQL AST for safe and ergonomic parsing logic.
+* [@pgsql/types](https://www.npmjs.com/package/@pgsql/types): **📝 Type definitions** for PostgreSQL AST nodes in TypeScript.
+* [@pgsql/utils](https://www.npmjs.com/package/@pgsql/utils): **🛠️ AST utilities** for constructing and transforming PostgreSQL syntax trees.
+* [pg-ast](https://www.npmjs.com/package/pg-ast): **🔍 Low-level AST tools** and transformations for Postgres query structures.
+
+### 🚀 API & Dev Tools
+
+* [launchql/server](https://github.com/constructive-io/constructive/tree/main/packages/server): **⚡ Express-based API server** powered by PostGraphile to expose a secure, scalable GraphQL API over your Postgres database.
+* [launchql/explorer](https://github.com/constructive-io/constructive/tree/main/packages/explorer): **🔎 Visual API explorer** with GraphiQL for browsing across all databases and schemas—useful for debugging, documentation, and API prototyping.
+
+### 🔁 Streaming & Uploads
+
+* [launchql/s3-streamer](https://github.com/constructive-io/constructive/tree/main/packages/s3-streamer): **📤 Direct S3 streaming** for large files with support for metadata injection and content validation.
+* [launchql/etag-hash](https://github.com/constructive-io/constructive/tree/main/packages/etag-hash): **🏷️ S3-compatible ETags** created by streaming and hashing file uploads in chunks.
+* [launchql/etag-stream](https://github.com/constructive-io/constructive/tree/main/packages/etag-stream): **🔄 ETag computation** via Node stream transformer during upload or transfer.
+* [launchql/uuid-hash](https://github.com/constructive-io/constructive/tree/main/packages/uuid-hash): **🆔 Deterministic UUIDs** generated from hashed content, great for deduplication and asset referencing.
+* [launchql/uuid-stream](https://github.com/constructive-io/constructive/tree/main/packages/uuid-stream): **🌊 Streaming UUID generation** based on piped file content—ideal for upload pipelines.
+* [launchql/upload-names](https://github.com/constructive-io/constructive/tree/main/packages/upload-names): **📂 Collision-resistant filenames** utility for structured and unique file names for uploads.
+
+### 🧰 CLI & Codegen
+
+* [pgpm](https://github.com/constructive-io/constructive/tree/main/packages/pgpm): **🖥️ PostgreSQL Package Manager** for modular Postgres development. Works with database workspaces, scaffolding, migrations, seeding, and installing database packages.
+* [@launchql/cli](https://github.com/constructive-io/constructive/tree/main/packages/cli): **🖥️ Command-line toolkit** for managing LaunchQL projects—supports database scaffolding, migrations, seeding, code generation, and automation.
+* [constructive-io/constructive-gen](https://github.com/constructive-io/constructive/tree/main/packages/launchql-gen): **✨ Auto-generated GraphQL** mutations and queries dynamically built from introspected schema data.
+* [@launchql/query-builder](https://github.com/constructive-io/constructive/tree/main/packages/query-builder): **🏗️ SQL constructor** providing a robust TypeScript-based query builder for dynamic generation of `SELECT`, `INSERT`, `UPDATE`, `DELETE`, and stored procedure calls—supports advanced SQL features like `JOIN`, `GROUP BY`, and schema-qualified queries.
+* [@launchql/query](https://github.com/constructive-io/constructive/tree/main/packages/query): **🧩 Fluent GraphQL builder** for PostGraphile schemas. ⚡ Schema-aware via introspection, 🧩 composable and ergonomic for building deeply nested queries.
+
+## Credits
+
+**🛠 Built by the [Constructive](https://constructive.io) team — creators of modular Postgres tooling for secure, composable backends. If you like our work, contribute on [GitHub](https://github.com/constructive-io).**
+
+## Disclaimer
+
+AS DESCRIBED IN THE LICENSES, THE SOFTWARE IS PROVIDED "AS IS", AT YOUR OWN RISK, AND WITHOUT WARRANTIES OF ANY KIND.
+
+No developer or entity involved in creating this software will be liable for any claims or damages whatsoever associated with your use, inability to use, or your interaction with other users of the code, including any direct, indirect, incidental, special, exemplary, punitive or consequential damages, or loss of profits, cryptocurrencies, tokens, or anything else of value.

package/cors.d.ts

@@ -0,0 +1,11 @@
+import type { Express } from 'express';
+/**
+ * App-wide CORS helper (used by Explorer and optionally by API)
+ *
+ * - If an explicit origin string is provided (and not "*"), enable CORS for that
+ *   exact origin and set credentials=true.
+ * - If origin is omitted or "*", install a small wrapper that reflects the
+ *   request's Origin header (permissive mode). This is convenient for
+ *   development or single-tenant setups but should be scoped in production.
+ */
+export declare const cors: (app: Express, origin?: string) => void;

package/cors.js

@@ -0,0 +1,40 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cors = void 0;
+const cors_1 = __importDefault(require("cors"));
+/**
+ * App-wide CORS helper (used by Explorer and optionally by API)
+ *
+ * - If an explicit origin string is provided (and not "*"), enable CORS for that
+ *   exact origin and set credentials=true.
+ * - If origin is omitted or "*", install a small wrapper that reflects the
+ *   request's Origin header (permissive mode). This is convenient for
+ *   development or single-tenant setups but should be scoped in production.
+ */
+const cors = (app, origin) => {
+    const corsOptions = origin && origin.trim() !== '*'
+        ? {
+            origin,
+            credentials: true,
+            optionsSuccessStatus: 200,
+        }
+        : undefined;
+    if (corsOptions) {
+        app.use((0, cors_1.default)(corsOptions));
+    }
+    else {
+        // Wildcard/permissive mode: reflect the caller's Origin header
+        app.use((req, res, next) => {
+            const opts = {
+                origin: req.get('origin'),
+                credentials: true,
+                optionsSuccessStatus: 200,
+            };
+            return (0, cors_1.default)(opts)(req, res, next);
+        });
+    }
+};
+exports.cors = cors;

package/esm/cors.js

@@ -0,0 +1,33 @@
+import corsPlugin from 'cors';
+/**
+ * App-wide CORS helper (used by Explorer and optionally by API)
+ *
+ * - If an explicit origin string is provided (and not "*"), enable CORS for that
+ *   exact origin and set credentials=true.
+ * - If origin is omitted or "*", install a small wrapper that reflects the
+ *   request's Origin header (permissive mode). This is convenient for
+ *   development or single-tenant setups but should be scoped in production.
+ */
+export const cors = (app, origin) => {
+    const corsOptions = origin && origin.trim() !== '*'
+        ? {
+            origin,
+            credentials: true,
+            optionsSuccessStatus: 200,
+        }
+        : undefined;
+    if (corsOptions) {
+        app.use(corsPlugin(corsOptions));
+    }
+    else {
+        // Wildcard/permissive mode: reflect the caller's Origin header
+        app.use((req, res, next) => {
+            const opts = {
+                origin: req.get('origin'),
+                credentials: true,
+                optionsSuccessStatus: 200,
+            };
+            return corsPlugin(opts)(req, res, next);
+        });
+    }
+};

package/esm/index.js

@@ -0,0 +1,3 @@
+export * from './cors';
+export * from './lru';
+export * from './utils';

package/esm/lru.js

@@ -0,0 +1,15 @@
+import { Logger } from '@pgpmjs/logger';
+import { LRUCache } from 'lru-cache';
+const log = new Logger('pg-cache');
+const ONE_HOUR_IN_MS = 1000 * 60 * 60;
+const ONE_DAY = ONE_HOUR_IN_MS * 24;
+const ONE_YEAR = ONE_DAY * 366;
+// --- Service Cache ---
+export const svcCache = new LRUCache({
+    max: 25,
+    ttl: ONE_YEAR,
+    updateAgeOnGet: true,
+    dispose: (_, key) => {
+        log.debug(`Disposing service[${key}]`);
+    }
+});

package/esm/utils.js

@@ -0,0 +1,21 @@
+export const healthz = (app) => {
+    app.get('/healthz', (req, res) => {
+        // could be checking db, etc..
+        res.send('ok');
+    });
+};
+export const poweredBy = (name) => {
+    return async (req, res, next) => {
+        res.set({
+            'X-Powered-By': name,
+        });
+        return next();
+    };
+};
+export const trustProxy = (app, trustProxy) => {
+    if (trustProxy) {
+        app.set('trust proxy', (ip) => {
+            return true;
+        });
+    }
+};

package/index.d.ts

@@ -0,0 +1,3 @@
+export * from './cors';
+export * from './lru';
+export * from './utils';

package/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./cors"), exports);
+__exportStar(require("./lru"), exports);
+__exportStar(require("./utils"), exports);

package/lru.d.ts

@@ -0,0 +1,2 @@
+import { LRUCache } from 'lru-cache';
+export declare const svcCache: LRUCache<string, any, unknown>;

package/lru.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.svcCache = void 0;
+const logger_1 = require("@pgpmjs/logger");
+const lru_cache_1 = require("lru-cache");
+const log = new logger_1.Logger('pg-cache');
+const ONE_HOUR_IN_MS = 1000 * 60 * 60;
+const ONE_DAY = ONE_HOUR_IN_MS * 24;
+const ONE_YEAR = ONE_DAY * 366;
+// --- Service Cache ---
+exports.svcCache = new lru_cache_1.LRUCache({
+    max: 25,
+    ttl: ONE_YEAR,
+    updateAgeOnGet: true,
+    dispose: (_, key) => {
+        log.debug(`Disposing service[${key}]`);
+    }
+});

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@pgpmjs/server-utils",
+  "version": "2.8.0",
+  "author": "Constructive <developers@constructive.io>",
+  "description": "PGPM server utils",
+  "main": "index.js",
+  "module": "esm/index.js",
+  "types": "index.d.ts",
+  "homepage": "https://github.com/constructive-io/constructive",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public",
+    "directory": "dist"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/constructive-io/constructive"
+  },
+  "bugs": {
+    "url": "https://github.com/constructive-io/constructive/issues"
+  },
+  "scripts": {
+    "clean": "makage clean",
+    "prepack": "npm run build",
+    "build": "makage build",
+    "build:dev": "makage build --dev",
+    "lint": "eslint . --fix",
+    "test": "jest",
+    "test:watch": "jest --watch"
+  },
+  "dependencies": {
+    "@pgpmjs/logger": "^1.3.0",
+    "@pgpmjs/types": "^2.11.0",
+    "cors": "^2.8.5",
+    "express": "^5.1.0",
+    "lru-cache": "^11.2.4"
+  },
+  "devDependencies": {
+    "@types/cors": "^2.8.17",
+    "@types/express": "^5.0.6",
+    "makage": "^0.1.8",
+    "ts-node": "^10.9.2"
+  },
+  "keywords": [
+    "server",
+    "utilities",
+    "express",
+    "pgpm",
+    "pgpmjs",
+    "helpers"
+  ],
+  "gitHead": "e4d5396a5d9154f4886176bb00c2b460b0f320e5"
+}

package/utils.d.ts

@@ -0,0 +1,4 @@
+import { Express, NextFunction, Request, Response } from 'express';
+export declare const healthz: (app: Express) => void;
+export declare const poweredBy: (name: string) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+export declare const trustProxy: (app: Express, trustProxy?: boolean) => void;

package/utils.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.trustProxy = exports.poweredBy = exports.healthz = void 0;
+const healthz = (app) => {
+    app.get('/healthz', (req, res) => {
+        // could be checking db, etc..
+        res.send('ok');
+    });
+};
+exports.healthz = healthz;
+const poweredBy = (name) => {
+    return async (req, res, next) => {
+        res.set({
+            'X-Powered-By': name,
+        });
+        return next();
+    };
+};
+exports.poweredBy = poweredBy;
+const trustProxy = (app, trustProxy) => {
+    if (trustProxy) {
+        app.set('trust proxy', (ip) => {
+            return true;
+        });
+    }
+};
+exports.trustProxy = trustProxy;