@playcademy/sandbox 0.3.9 → 0.3.10

package/dist/cli.js

@@ -1224,7 +1224,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "@playcademy/sandbox",
-    version: "0.3.9",
+    version: "0.3.10",
     description: "Local development server for Playcademy game development",
     type: "module",
     exports: {
@@ -5720,7 +5720,7 @@ function isProduction2(config2) {
 var stageSchema, ltiConfigSchema, realtimeConfigSchema, apiConfigSchema;
 var init_schema = __esm(() => {
   init_esm();
-  stageSchema = exports_external.enum(["production", "staging", "local"]);
+  stageSchema = exports_external.enum(["production", "dev", "local"]);
   ltiConfigSchema = exports_external.object({
     audience: exports_external.string(),
     jwksUrl: exports_external.string().url(),
@@ -13458,7 +13458,7 @@ class DeployService {
     }
     return cf;
   }
-  async createAndPersistApiKey(user, slug2, game, keyName) {
+  async createApiKey(user, slug2, keyName) {
     const { id, key: apiKey } = await this.ctx.providers.auth.createApiKey({
       userId: user.id,
       name: keyName,
@@ -13467,16 +13467,6 @@ class DeployService {
         games: [`read:${slug2}`, `write:${slug2}`]
       }
     });
-    try {
-      const existingSecrets = await this.ctx.providers.secrets.readSecrets(game.id) || {};
-      await this.ctx.providers.secrets.writeSecrets(game.id, {
-        ...existingSecrets,
-        PLAYCADEMY_API_KEY: apiKey
-      });
-      logger8.debug("Persisted API key to secrets", { gameId: game.id });
-    } catch (error) {
-      logger8.warn("Failed to persist API key to secrets", { error });
-    }
     logger8.info("Created new game-scoped API key", {
       userId: user.id,
       slug: slug2,
@@ -13484,48 +13474,47 @@ class DeployService {
     });
     return apiKey;
   }
-  async retrieveApiKeyFromSecrets(gameId) {
-    try {
-      const secrets = await this.ctx.providers.secrets.readSecrets(gameId);
-      if (secrets?.PLAYCADEMY_API_KEY) {
-        logger8.debug("Retrieved API key from secrets");
-        return secrets.PLAYCADEMY_API_KEY;
-      }
-      return null;
-    } catch (error) {
-      logger8.warn("Failed to retrieve secrets", { error });
-      return null;
-    }
-  }
-  async regenerateAndPersistApiKey(user, slug2, game, existingKeyId, keyName) {
-    logger8.info("Regenerating API key (migration)", {
-      userId: user.id,
-      slug: slug2,
-      oldKeyId: existingKeyId
-    });
-    try {
-      await this.ctx.providers.auth.deleteApiKey(existingKeyId);
-      logger8.debug("Revoked old API key", { keyId: existingKeyId });
-    } catch (error) {
-      logger8.warn("Failed to revoke old API key", {
-        keyId: existingKeyId,
-        error
+  async regenerateApiKey(user, slug2, existingKeyId, keyName) {
+    if (existingKeyId) {
+      logger8.info("Regenerating API key", {
+        userId: user.id,
+        slug: slug2,
+        oldKeyId: existingKeyId
       });
+      try {
+        await this.ctx.providers.auth.deleteApiKey(existingKeyId);
+        logger8.debug("Revoked old API key", { keyId: existingKeyId });
+      } catch (error) {
+        logger8.warn("Failed to revoke old API key", {
+          keyId: existingKeyId,
+          error
+        });
+      }
     }
-    return this.createAndPersistApiKey(user, slug2, game, keyName);
+    return this.createApiKey(user, slug2, keyName);
   }
-  async resolveApiKeyForDeployment(user, slug2, game, headers) {
+  async ensureApiKeyOnWorker(user, slug2, deploymentId, headers) {
+    const cf = this.getCloudflare();
     const keyName = getGameWorkerApiKeyName(slug2);
     const existingKeys = await this.ctx.providers.auth.listApiKeys(headers);
     const existingKey = existingKeys.find((k) => k.name === keyName);
+    let apiKey;
     if (!existingKey) {
-      return this.createAndPersistApiKey(user, slug2, game, keyName);
-    }
-    const apiKey = await this.retrieveApiKeyFromSecrets(game.id);
-    if (apiKey) {
-      return apiKey;
+      apiKey = await this.createApiKey(user, slug2, keyName);
+    } else {
+      try {
+        const workerSecrets = await cf.listSecrets(deploymentId);
+        if (workerSecrets.includes("PLAYCADEMY_API_KEY")) {
+          logger8.debug("API key already on worker", { slug: slug2, deploymentId });
+          return;
+        }
+      } catch (error) {
+        logger8.warn("Could not check worker secrets, will regenerate key", { error });
+      }
+      apiKey = await this.regenerateApiKey(user, slug2, existingKey.id, keyName);
     }
-    return this.regenerateAndPersistApiKey(user, slug2, game, existingKey.id, keyName);
+    await cf.setSecrets(deploymentId, { PLAYCADEMY_API_KEY: apiKey });
+    logger8.info("Set API key on worker", { slug: slug2, deploymentId });
   }
   async* deploy(slug2, request, user, uploadDeps, extractZip) {
     const cf = this.getCloudflare();
@@ -13573,9 +13562,7 @@ class DeployService {
     }
     const env = {
       GAME_ID: game.id,
-      PLAYCADEMY_BASE_URL: playcademyBaseUrl,
-      ...request._gameApiKey && { PLAYCADEMY_API_KEY: request._gameApiKey },
-      ...request.secrets && { secrets: request.secrets }
+      PLAYCADEMY_BASE_URL: playcademyBaseUrl
     };
     const deployMsg = hasBackend ? "Deploying backend code" : "Deploying to platform";
     yield { type: "status", data: { message: deployMsg } };
@@ -13598,6 +13585,10 @@ class DeployService {
     }
     const codeHash = hasBackend ? await generateDeploymentHash(request.code) : null;
     await this.saveDeployment(game.id, result.deploymentId, result.url, codeHash, result.resources);
+    if (hasBackend && request._headers) {
+      yield { type: "status", data: { message: "Configuring worker secrets" } };
+      await this.ensureApiKeyOnWorker(user, slug2, result.deploymentId, request._headers);
+    }
     yield { type: "status", data: { message: "Finalizing deployment" } };
     if (hasMetadata || hasFrontend) {
       const updates = { updatedAt: new Date };
@@ -14081,12 +14072,6 @@ class GameService {
       } catch (keyError) {
         logger11.warn("Failed to cleanup API key", { gameId, error: keyError });
       }
-      try {
-        await this.ctx.providers.secrets.deleteSecrets(gameId);
-        logger11.info("Cleaned up secrets for deleted game", { gameId });
-      } catch (secretsError) {
-        logger11.warn("Failed to cleanup secrets", { gameId, error: secretsError });
-      }
     }
     return {
       slug: gameToDelete.slug,
@@ -15036,1090 +15021,12 @@ var init_logs_service = __esm(() => {
   logger16 = log.scope("LogsService");
 });
 
-// ../../node_modules/aws-jwt-verify/dist/esm/error.js
-var JwtBaseError, FailedAssertionError, JwtParseError, ParameterValidationError, JwtInvalidSignatureError, JwtInvalidSignatureAlgorithmError, JwtInvalidClaimError, JwtInvalidIssuerError, JwtInvalidAudienceError, JwtInvalidScopeError, JwtExpiredError, JwtNotBeforeError, CognitoJwtInvalidGroupError, CognitoJwtInvalidTokenUseError, CognitoJwtInvalidClientIdError, JwksValidationError, JwkValidationError, JwtWithoutValidKidError, KidNotFoundInJwksError, WaitPeriodNotYetEndedJwkError, JwksNotAvailableInCacheError, JwkInvalidUseError, JwkInvalidKtyError, FetchError, NonRetryableFetchError;
-var init_error = __esm(() => {
-  JwtBaseError = class JwtBaseError extends Error {
-  };
-  FailedAssertionError = class FailedAssertionError extends JwtBaseError {
-    constructor(msg, actual, expected) {
-      super(msg);
-      this.failedAssertion = {
-        actual,
-        expected
-      };
-    }
-  };
-  JwtParseError = class JwtParseError extends JwtBaseError {
-    constructor(msg, error) {
-      const message = error != null ? `${msg}: ${error}` : msg;
-      super(message);
-    }
-  };
-  ParameterValidationError = class ParameterValidationError extends JwtBaseError {
-  };
-  JwtInvalidSignatureError = class JwtInvalidSignatureError extends JwtBaseError {
-  };
-  JwtInvalidSignatureAlgorithmError = class JwtInvalidSignatureAlgorithmError extends FailedAssertionError {
-  };
-  JwtInvalidClaimError = class JwtInvalidClaimError extends FailedAssertionError {
-    withRawJwt({ header, payload }) {
-      this.rawJwt = {
-        header,
-        payload
-      };
-      return this;
-    }
-  };
-  JwtInvalidIssuerError = class JwtInvalidIssuerError extends JwtInvalidClaimError {
-  };
-  JwtInvalidAudienceError = class JwtInvalidAudienceError extends JwtInvalidClaimError {
-  };
-  JwtInvalidScopeError = class JwtInvalidScopeError extends JwtInvalidClaimError {
-  };
-  JwtExpiredError = class JwtExpiredError extends JwtInvalidClaimError {
-  };
-  JwtNotBeforeError = class JwtNotBeforeError extends JwtInvalidClaimError {
-  };
-  CognitoJwtInvalidGroupError = class CognitoJwtInvalidGroupError extends JwtInvalidClaimError {
-  };
-  CognitoJwtInvalidTokenUseError = class CognitoJwtInvalidTokenUseError extends JwtInvalidClaimError {
-  };
-  CognitoJwtInvalidClientIdError = class CognitoJwtInvalidClientIdError extends JwtInvalidClaimError {
-  };
-  JwksValidationError = class JwksValidationError extends JwtBaseError {
-  };
-  JwkValidationError = class JwkValidationError extends JwtBaseError {
-  };
-  JwtWithoutValidKidError = class JwtWithoutValidKidError extends JwtBaseError {
-  };
-  KidNotFoundInJwksError = class KidNotFoundInJwksError extends JwtBaseError {
-  };
-  WaitPeriodNotYetEndedJwkError = class WaitPeriodNotYetEndedJwkError extends JwtBaseError {
-  };
-  JwksNotAvailableInCacheError = class JwksNotAvailableInCacheError extends JwtBaseError {
-  };
-  JwkInvalidUseError = class JwkInvalidUseError extends FailedAssertionError {
-  };
-  JwkInvalidKtyError = class JwkInvalidKtyError extends FailedAssertionError {
-  };
-  FetchError = class FetchError extends JwtBaseError {
-    constructor(uri, msg) {
-      super(`Failed to fetch ${uri}: ${msg}`);
-    }
-  };
-  NonRetryableFetchError = class NonRetryableFetchError extends FetchError {
-  };
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/https-node.js
-import { request } from "https";
-import { pipeline } from "stream";
-async function fetch2(uri, requestOptions, data) {
-  let responseTimeout;
-  return new Promise((resolve, reject) => {
-    const req = request(uri, {
-      method: "GET",
-      ...requestOptions
-    }, (response) => {
-      if (response.statusCode !== 200) {
-        done(new NonRetryableFetchError(uri, `Status code is ${response.statusCode}, expected 200`));
-        return;
-      }
-      pipeline(response, async (responseBody) => {
-        const chunks = [];
-        for await (const chunk of responseBody) {
-          chunks.push(chunk);
-        }
-        return Buffer.concat(chunks);
-      }, done);
-    });
-    if (requestOptions?.responseTimeout) {
-      responseTimeout = setTimeout(() => done(new FetchError(uri, `Response time-out (after ${requestOptions.responseTimeout} ms.)`)), requestOptions.responseTimeout);
-      responseTimeout.unref();
-    }
-    function done(err2, data2) {
-      if (responseTimeout)
-        clearTimeout(responseTimeout);
-      if (err2 == null) {
-        resolve(data2);
-        return;
-      }
-      req.socket?.emit("agentRemove");
-      if (!(err2 instanceof FetchError)) {
-        err2 = new FetchError(uri, err2.message);
-      }
-      req.destroy();
-      reject(err2);
-    }
-    req.on("error", done);
-    req.end(data);
-  });
-}
-var init_https_node = __esm(() => {
-  init_error();
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/node-web-compat-node.js
-import { createPublicKey, createVerify, verify } from "crypto";
-var JwtSignatureAlgorithmHashNames, nodeWebCompat;
-var init_node_web_compat_node = __esm(() => {
-  init_https_node();
-  (function(JwtSignatureAlgorithmHashNames2) {
-    JwtSignatureAlgorithmHashNames2["RS256"] = "RSA-SHA256";
-    JwtSignatureAlgorithmHashNames2["RS384"] = "RSA-SHA384";
-    JwtSignatureAlgorithmHashNames2["RS512"] = "RSA-SHA512";
-    JwtSignatureAlgorithmHashNames2["ES256"] = "RSA-SHA256";
-    JwtSignatureAlgorithmHashNames2["ES384"] = "RSA-SHA384";
-    JwtSignatureAlgorithmHashNames2["ES512"] = "RSA-SHA512";
-  })(JwtSignatureAlgorithmHashNames || (JwtSignatureAlgorithmHashNames = {}));
-  nodeWebCompat = {
-    fetch: fetch2,
-    transformJwkToKeyObjectSync: (jwk) => createPublicKey({
-      key: jwk,
-      format: "jwk"
-    }),
-    transformJwkToKeyObjectAsync: async (jwk) => createPublicKey({
-      key: jwk,
-      format: "jwk"
-    }),
-    parseB64UrlString: (b64) => Buffer.from(b64, "base64").toString("utf8"),
-    verifySignatureSync: ({ alg, keyObject, jwsSigningInput, signature }) => alg !== "EdDSA" ? createVerify(JwtSignatureAlgorithmHashNames[alg]).update(jwsSigningInput).verify({
-      key: keyObject,
-      dsaEncoding: "ieee-p1363"
-    }, signature, "base64") : verify(null, Buffer.from(jwsSigningInput), keyObject, Buffer.from(signature, "base64")),
-    verifySignatureAsync: async (args2) => nodeWebCompat.verifySignatureSync(args2),
-    defaultFetchTimeouts: {
-      socketIdle: 1500,
-      response: 3000
-    },
-    setTimeoutUnref: (...args2) => setTimeout(...args2).unref(),
-    transformPemToJwk: async (pem) => {
-      return createPublicKey({
-        key: Buffer.from(pem),
-        format: "pem"
-      }).export({
-        format: "jwk"
-      });
-    }
-  };
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/https.js
-class SimpleFetcher {
-  constructor(props) {
-    this.defaultRequestOptions = {
-      timeout: nodeWebCompat.defaultFetchTimeouts.socketIdle,
-      responseTimeout: nodeWebCompat.defaultFetchTimeouts.response,
-      ...props?.defaultRequestOptions
-    };
-  }
-  async fetch(uri, requestOptions, data) {
-    requestOptions = { ...this.defaultRequestOptions, ...requestOptions };
-    try {
-      return await fetch3(uri, requestOptions, data);
-    } catch (err2) {
-      if (err2 instanceof NonRetryableFetchError) {
-        throw err2;
-      }
-      return fetch3(uri, requestOptions, data);
-    }
-  }
-}
-var fetch3;
-var init_https = __esm(() => {
-  init_error();
-  init_node_web_compat_node();
-  fetch3 = nodeWebCompat.fetch.bind(undefined);
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/safe-json-parse.js
-function isJsonObject(j) {
-  return typeof j === "object" && !Array.isArray(j) && j !== null;
-}
-function safeJsonParse(s) {
-  return JSON.parse(s, (_, value) => {
-    if (typeof value === "object" && !Array.isArray(value) && value !== null) {
-      delete value.__proto__;
-      delete value.constructor;
-    }
-    return value;
-  });
-}
-
-// ../../node_modules/aws-jwt-verify/dist/esm/assert.js
-function assertStringEquals(name3, actual, expected, errorConstructor = FailedAssertionError) {
-  if (!actual) {
-    throw new errorConstructor(`Missing ${name3}. Expected: ${expected}`, actual, expected);
-  }
-  if (typeof actual !== "string") {
-    throw new errorConstructor(`${name3} is not of type string`, actual, expected);
-  }
-  if (expected !== actual) {
-    throw new errorConstructor(`${name3} not allowed: ${actual}. Expected: ${expected}`, actual, expected);
-  }
-}
-function assertStringArrayContainsString(name3, actual, expected, errorConstructor = FailedAssertionError) {
-  if (!actual) {
-    throw new errorConstructor(`Missing ${name3}. ${expectationMessage(expected)}`, actual, expected);
-  }
-  if (typeof actual !== "string") {
-    throw new errorConstructor(`${name3} is not of type string`, actual, expected);
-  }
-  return assertStringArraysOverlap(name3, actual, expected, errorConstructor);
-}
-function assertStringArraysOverlap(name3, actual, expected, errorConstructor = FailedAssertionError) {
-  if (!actual) {
-    throw new errorConstructor(`Missing ${name3}. ${expectationMessage(expected)}`, actual, expected);
-  }
-  const expectedAsSet = new Set(Array.isArray(expected) ? expected : [expected]);
-  if (typeof actual === "string") {
-    actual = [actual];
-  }
-  if (!Array.isArray(actual)) {
-    throw new errorConstructor(`${name3} is not an array`, actual, expected);
-  }
-  const overlaps = actual.some((actualItem) => {
-    if (typeof actualItem !== "string") {
-      throw new errorConstructor(`${name3} includes elements that are not of type string`, actual, expected);
-    }
-    return expectedAsSet.has(actualItem);
-  });
-  if (!overlaps) {
-    throw new errorConstructor(`${name3} not allowed: ${actual.join(", ")}. ${expectationMessage(expected)}`, actual, expected);
-  }
-}
-function expectationMessage(expected) {
-  if (Array.isArray(expected)) {
-    if (expected.length > 1) {
-      return `Expected one of: ${expected.join(", ")}`;
-    }
-    return `Expected: ${expected[0]}`;
-  }
-  return `Expected: ${expected}`;
-}
-function assertIsNotPromise(actual, errorFactory) {
-  if (actual && typeof actual.then === "function") {
-    throw errorFactory();
-  }
-}
-var init_assert = __esm(() => {
-  init_error();
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/jwk.js
-function findJwkInJwks(jwks, kid) {
-  return jwks.keys.find((jwk) => jwk.kid != null && jwk.kid === kid);
-}
-function assertIsJwks(jwks) {
-  if (!jwks) {
-    throw new JwksValidationError("JWKS empty");
-  }
-  if (!isJsonObject(jwks)) {
-    throw new JwksValidationError("JWKS should be an object");
-  }
-  if (!Object.keys(jwks).includes("keys")) {
-    throw new JwksValidationError("JWKS does not include keys");
-  }
-  if (!Array.isArray(jwks.keys)) {
-    throw new JwksValidationError("JWKS keys should be an array");
-  }
-  for (const jwk of jwks.keys) {
-    assertIsJwk(jwk);
-  }
-}
-function assertIsSignatureJwk(jwk) {
-  assertStringArrayContainsString("JWK kty", jwk.kty, ["EC", "RSA", "OKP"], JwkInvalidKtyError);
-  if (jwk.kty === "EC") {
-    assertIsEsSignatureJwk(jwk);
-  } else if (jwk.kty === "RSA") {
-    assertIsRsaSignatureJwk(jwk);
-  } else if (jwk.kty === "OKP") {
-    assertIsEdDSASignatureJwk(jwk);
-  }
-}
-function assertIsEdDSASignatureJwk(jwk) {
-  if (jwk.use) {
-    assertStringEquals("JWK use", jwk.use, "sig", JwkInvalidUseError);
-  }
-  assertStringEquals("JWK kty", jwk.kty, "OKP", JwkInvalidKtyError);
-  if (!jwk.crv)
-    throw new JwkValidationError("Missing Curve (crv)");
-  if (!jwk.x)
-    throw new JwkValidationError("Missing X Coordinate (x)");
-}
-function assertIsEsSignatureJwk(jwk) {
-  if (jwk.use) {
-    assertStringEquals("JWK use", jwk.use, "sig", JwkInvalidUseError);
-  }
-  assertStringEquals("JWK kty", jwk.kty, "EC", JwkInvalidKtyError);
-  if (!jwk.crv)
-    throw new JwkValidationError("Missing Curve (crv)");
-  if (!jwk.x)
-    throw new JwkValidationError("Missing X Coordinate (x)");
-  if (!jwk.y)
-    throw new JwkValidationError("Missing Y Coordinate (y)");
-}
-function assertIsRsaSignatureJwk(jwk) {
-  if (jwk.use) {
-    assertStringEquals("JWK use", jwk.use, "sig", JwkInvalidUseError);
-  }
-  assertStringEquals("JWK kty", jwk.kty, "RSA", JwkInvalidKtyError);
-  if (!jwk.n)
-    throw new JwkValidationError("Missing modulus (n)");
-  if (!jwk.e)
-    throw new JwkValidationError("Missing exponent (e)");
-}
-function assertIsJwk(jwk) {
-  if (!jwk) {
-    throw new JwkValidationError("JWK empty");
-  }
-  if (!isJsonObject(jwk)) {
-    throw new JwkValidationError("JWK should be an object");
-  }
-  for (const field of mandatoryJwkFieldNames) {
-    if (typeof jwk[field] !== "string") {
-      throw new JwkValidationError(`JWK ${field} should be a string`);
-    }
-  }
-  for (const field of optionalJwkFieldNames) {
-    if (field in jwk && typeof jwk[field] !== "string") {
-      throw new JwkValidationError(`JWK ${field} should be a string`);
-    }
-  }
-}
-function isJwks(jwks) {
-  try {
-    assertIsJwks(jwks);
-    return true;
-  } catch {
-    return false;
-  }
-}
-function isJwk(jwk) {
-  try {
-    assertIsJwk(jwk);
-    return true;
-  } catch {
-    return false;
-  }
-}
-
-class SimplePenaltyBox {
-  constructor(props) {
-    this.waitingUris = new Map;
-    this.waitSeconds = props?.waitSeconds ?? 10;
-  }
-  async wait(jwksUri) {
-    if (this.waitingUris.has(jwksUri)) {
-      throw new WaitPeriodNotYetEndedJwkError("Not allowed to fetch JWKS yet, still waiting for back off period to end");
-    }
-  }
-  release(jwksUri) {
-    const i2 = this.waitingUris.get(jwksUri);
-    if (i2) {
-      clearTimeout(i2);
-      this.waitingUris.delete(jwksUri);
-    }
-  }
-  registerFailedAttempt(jwksUri) {
-    const i2 = nodeWebCompat.setTimeoutUnref(() => {
-      this.waitingUris.delete(jwksUri);
-    }, this.waitSeconds * 1000);
-    this.waitingUris.set(jwksUri, i2);
-  }
-  registerSuccessfulAttempt(jwksUri) {
-    this.release(jwksUri);
-  }
-}
-
-class SimpleJwksCache {
-  constructor(props) {
-    this.jwksCache = new Map;
-    this.fetchingJwks = new Map;
-    this.penaltyBox = props?.penaltyBox ?? new SimplePenaltyBox;
-    this.fetcher = props?.fetcher ?? new SimpleFetcher;
-    this.jwksParser = props?.jwksParser ?? parseJwks;
-  }
-  addJwks(jwksUri, jwks) {
-    this.jwksCache.set(jwksUri, jwks);
-  }
-  async getJwks(jwksUri) {
-    const existingFetch = this.fetchingJwks.get(jwksUri);
-    if (existingFetch) {
-      return existingFetch;
-    }
-    const jwksPromise = this.fetcher.fetch(jwksUri).then(this.jwksParser);
-    this.fetchingJwks.set(jwksUri, jwksPromise);
-    let jwks;
-    try {
-      jwks = await jwksPromise;
-    } finally {
-      this.fetchingJwks.delete(jwksUri);
-    }
-    this.jwksCache.set(jwksUri, jwks);
-    return jwks;
-  }
-  getCachedJwk(jwksUri, decomposedJwt) {
-    if (typeof decomposedJwt.header.kid !== "string") {
-      throw new JwtWithoutValidKidError("JWT header does not have valid kid claim");
-    }
-    if (!this.jwksCache.has(jwksUri)) {
-      throw new JwksNotAvailableInCacheError(`JWKS for uri ${jwksUri} not yet available in cache`);
-    }
-    const jwk = findJwkInJwks(this.jwksCache.get(jwksUri), decomposedJwt.header.kid);
-    if (!jwk) {
-      throw new KidNotFoundInJwksError(`JWK for kid ${decomposedJwt.header.kid} not found in the JWKS`);
-    }
-    return jwk;
-  }
-  async getJwk(jwksUri, decomposedJwt) {
-    if (typeof decomposedJwt.header.kid !== "string") {
-      throw new JwtWithoutValidKidError("JWT header does not have valid kid claim");
-    }
-    const cachedJwks = this.jwksCache.get(jwksUri);
-    if (cachedJwks) {
-      const cachedJwk = findJwkInJwks(cachedJwks, decomposedJwt.header.kid);
-      if (cachedJwk) {
-        return cachedJwk;
-      }
-    }
-    await this.penaltyBox.wait(jwksUri, decomposedJwt.header.kid);
-    const jwks = await this.getJwks(jwksUri);
-    const jwk = findJwkInJwks(jwks, decomposedJwt.header.kid);
-    if (!jwk) {
-      this.penaltyBox.registerFailedAttempt(jwksUri, decomposedJwt.header.kid);
-      throw new KidNotFoundInJwksError(`JWK for kid "${decomposedJwt.header.kid}" not found in the JWKS`);
-    } else {
-      this.penaltyBox.registerSuccessfulAttempt(jwksUri, decomposedJwt.header.kid);
-    }
-    return jwk;
-  }
-}
-var optionalJwkFieldNames, mandatoryJwkFieldNames, parseJwks = function(jwksBin) {
-  let jwks;
-  try {
-    const jwksText = new TextDecoder("utf8", {
-      fatal: true,
-      ignoreBOM: true
-    }).decode(jwksBin);
-    jwks = safeJsonParse(jwksText);
-  } catch (err2) {
-    throw new JwksValidationError(`JWKS could not be parsed as JSON: ${err2}`);
-  }
-  assertIsJwks(jwks);
-  return jwks;
-};
-var init_jwk = __esm(() => {
-  init_https();
-  init_error();
-  init_node_web_compat_node();
-  init_assert();
-  optionalJwkFieldNames = [
-    "use",
-    "alg",
-    "kid",
-    "n",
-    "e",
-    "x",
-    "y",
-    "crv"
-  ];
-  mandatoryJwkFieldNames = [
-    "kty"
-  ];
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/jwt.js
-function assertJwtHeader(header) {
-  if (!isJsonObject(header)) {
-    throw new JwtParseError("JWT header is not an object");
-  }
-  if (header.alg !== undefined && typeof header.alg !== "string") {
-    throw new JwtParseError("JWT header alg claim is not a string");
-  }
-  if (header.kid !== undefined && typeof header.kid !== "string") {
-    throw new JwtParseError("JWT header kid claim is not a string");
-  }
-}
-function assertJwtPayload(payload) {
-  if (!isJsonObject(payload)) {
-    throw new JwtParseError("JWT payload is not an object");
-  }
-  if (payload.exp !== undefined && !Number.isFinite(payload.exp)) {
-    throw new JwtParseError("JWT payload exp claim is not a number");
-  }
-  if (payload.iss !== undefined && typeof payload.iss !== "string") {
-    throw new JwtParseError("JWT payload iss claim is not a string");
-  }
-  if (payload.sub !== undefined && typeof payload.sub !== "string") {
-    throw new JwtParseError("JWT payload sub claim is not a string");
-  }
-  if (payload.aud !== undefined && typeof payload.aud !== "string" && (!Array.isArray(payload.aud) || payload.aud.some((aud) => typeof aud !== "string"))) {
-    throw new JwtParseError("JWT payload aud claim is not a string or array of strings");
-  }
-  if (payload.nbf !== undefined && !Number.isFinite(payload.nbf)) {
-    throw new JwtParseError("JWT payload nbf claim is not a number");
-  }
-  if (payload.iat !== undefined && !Number.isFinite(payload.iat)) {
-    throw new JwtParseError("JWT payload iat claim is not a number");
-  }
-  if (payload.scope !== undefined && typeof payload.scope !== "string") {
-    throw new JwtParseError("JWT payload scope claim is not a string");
-  }
-  if (payload.jti !== undefined && typeof payload.jti !== "string") {
-    throw new JwtParseError("JWT payload jti claim is not a string");
-  }
-}
-function decomposeUnverifiedJwt(jwt) {
-  if (!jwt) {
-    throw new JwtParseError("Empty JWT");
-  }
-  if (typeof jwt !== "string") {
-    throw new JwtParseError("JWT is not a string");
-  }
-  if (!JWT_REGEX.test(jwt)) {
-    throw new JwtParseError("JWT string does not consist of exactly 3 parts (header, payload, signature)");
-  }
-  const [headerB64, payloadB64, signatureB64] = jwt.split(".");
-  const [headerString, payloadString] = [headerB64, payloadB64].map(nodeWebCompat.parseB64UrlString);
-  let header;
-  try {
-    header = safeJsonParse(headerString);
-  } catch (err2) {
-    throw new JwtParseError("Invalid JWT. Header is not a valid JSON object", err2);
-  }
-  assertJwtHeader(header);
-  let payload;
-  try {
-    payload = safeJsonParse(payloadString);
-  } catch (err2) {
-    throw new JwtParseError("Invalid JWT. Payload is not a valid JSON object", err2);
-  }
-  assertJwtPayload(payload);
-  return {
-    header,
-    headerB64,
-    payload,
-    payloadB64,
-    signatureB64
-  };
-}
-function validateJwtFields(payload, options) {
-  if (payload.exp !== undefined) {
-    if (payload.exp + (options.graceSeconds ?? 0) < Date.now() / 1000) {
-      throw new JwtExpiredError(`Token expired at ${new Date(payload.exp * 1000).toISOString()}`, payload.exp);
-    }
-  }
-  if (payload.nbf !== undefined) {
-    if (payload.nbf - (options.graceSeconds ?? 0) > Date.now() / 1000) {
-      throw new JwtNotBeforeError(`Token can't be used before ${new Date(payload.nbf * 1000).toISOString()}`, payload.nbf);
-    }
-  }
-  if (options.issuer !== null) {
-    if (options.issuer === undefined) {
-      throw new ParameterValidationError("issuer must be provided or set to null explicitly");
-    }
-    assertStringArrayContainsString("Issuer", payload.iss, options.issuer, JwtInvalidIssuerError);
-  }
-  if (options.audience !== null) {
-    if (options.audience === undefined) {
-      throw new ParameterValidationError("audience must be provided or set to null explicitly");
-    }
-    assertStringArraysOverlap("Audience", payload.aud, options.audience, JwtInvalidAudienceError);
-  }
-  if (options.scope != null) {
-    assertStringArraysOverlap("Scope", payload.scope?.split(" "), options.scope, JwtInvalidScopeError);
-  }
-}
-var JWT_REGEX;
-var init_jwt = __esm(() => {
-  init_assert();
-  init_error();
-  init_node_web_compat_node();
-  JWT_REGEX = /^[A-Za-z0-9_-]+={0,2}\.[A-Za-z0-9_-]+={0,2}\.[A-Za-z0-9_-]+={0,2}$/;
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/jwt-verifier.js
-function validateJwtHeaderAndJwk(header, jwk) {
-  assertIsSignatureJwk(jwk);
-  if (jwk.alg) {
-    assertStringEquals("JWT signature algorithm", header.alg, jwk.alg, JwtInvalidSignatureAlgorithmError);
-  }
-  assertStringArrayContainsString("JWT signature algorithm", header.alg, supportedSignatureAlgorithms, JwtInvalidSignatureAlgorithmError);
-}
-async function verifyDecomposedJwt(decomposedJwt, jwksUri, options, jwkFetcher, transformJwkToKeyObjectFn) {
-  const { header, headerB64, payload, payloadB64, signatureB64 } = decomposedJwt;
-  const jwk = await jwkFetcher(jwksUri, decomposedJwt);
-  validateJwtHeaderAndJwk(decomposedJwt.header, jwk);
-  const keyObject = await transformJwkToKeyObjectFn(jwk, header.alg, payload.iss);
-  const valid = await nodeWebCompat.verifySignatureAsync({
-    jwsSigningInput: `${headerB64}.${payloadB64}`,
-    signature: signatureB64,
-    alg: header.alg,
-    keyObject
-  });
-  if (!valid) {
-    throw new JwtInvalidSignatureError("Invalid signature");
-  }
-  try {
-    validateJwtFields(payload, options);
-    if (options.customJwtCheck) {
-      await options.customJwtCheck({ header, payload, jwk });
-    }
-  } catch (err2) {
-    if (options.includeRawJwtInErrors && err2 instanceof JwtInvalidClaimError) {
-      throw err2.withRawJwt(decomposedJwt);
-    }
-    throw err2;
-  }
-  return payload;
-}
-function verifyDecomposedJwtSync(decomposedJwt, jwkOrJwks, options, transformJwkToKeyObjectFn) {
-  const { header, headerB64, payload, payloadB64, signatureB64 } = decomposedJwt;
-  let jwk;
-  if (isJwk(jwkOrJwks)) {
-    jwk = jwkOrJwks;
-  } else if (isJwks(jwkOrJwks)) {
-    const locatedJwk = header.kid ? findJwkInJwks(jwkOrJwks, header.kid) : undefined;
-    if (!locatedJwk) {
-      throw new KidNotFoundInJwksError(`JWK for kid ${header.kid} not found in the JWKS`);
-    }
-    jwk = locatedJwk;
-  } else {
-    throw new ParameterValidationError([
-      `Expected a valid JWK or JWKS (parsed as JavaScript object), but received: ${jwkOrJwks}.`,
-      "If you're passing a JWKS URI, use the async verify() method instead, it will download and parse the JWKS for you"
-    ].join());
-  }
-  validateJwtHeaderAndJwk(decomposedJwt.header, jwk);
-  const keyObject = transformJwkToKeyObjectFn(jwk, header.alg, payload.iss);
-  const valid = nodeWebCompat.verifySignatureSync({
-    jwsSigningInput: `${headerB64}.${payloadB64}`,
-    signature: signatureB64,
-    alg: header.alg,
-    keyObject
-  });
-  if (!valid) {
-    throw new JwtInvalidSignatureError("Invalid signature");
-  }
-  try {
-    validateJwtFields(payload, options);
-    if (options.customJwtCheck) {
-      const res = options.customJwtCheck({ header, payload, jwk });
-      assertIsNotPromise(res, () => new ParameterValidationError("Custom JWT checks must be synchronous but a promise was returned"));
-    }
-  } catch (err2) {
-    if (options.includeRawJwtInErrors && err2 instanceof JwtInvalidClaimError) {
-      throw err2.withRawJwt(decomposedJwt);
-    }
-    throw err2;
-  }
-  return payload;
-}
-
-class JwtVerifierBase {
-  constructor(verifyProperties, jwksCache = new SimpleJwksCache) {
-    this.jwksCache = jwksCache;
-    this.issuersConfig = new Map;
-    this.publicKeyCache = new KeyObjectCache;
-    if (Array.isArray(verifyProperties)) {
-      if (!verifyProperties.length) {
-        throw new ParameterValidationError("Provide at least one issuer configuration");
-      }
-      verifyProperties.forEach((prop, index2) => {
-        if (this.issuersConfig.has(prop.issuer)) {
-          throw new ParameterValidationError(`issuer ${prop.issuer} supplied multiple times`);
-        } else if (prop.issuer === null && verifyProperties.length >= 2) {
-          throw new ParameterValidationError(`issuer cannot be null when multiple issuers are supplied (at issuer: ${index2})`);
-        }
-        this.issuersConfig.set(prop.issuer, this.withJwksUri(prop));
-      });
-    } else {
-      this.issuersConfig.set(verifyProperties.issuer, this.withJwksUri(verifyProperties));
-    }
-  }
-  getIssuerConfig(issuer) {
-    if (this.issuersConfig.size === 1) {
-      issuer = this.issuersConfig.keys().next().value;
-    }
-    if (issuer === undefined) {
-      throw new ParameterValidationError("issuer must be provided");
-    }
-    const config2 = this.issuersConfig.get(issuer);
-    if (!config2) {
-      throw new ParameterValidationError(`issuer not configured: ${issuer}`);
-    }
-    return config2;
-  }
-  cacheJwks(...[jwks, issuer]) {
-    const issuerConfig = this.getIssuerConfig(issuer);
-    this.jwksCache.addJwks(issuerConfig.jwksUri, jwks);
-    this.publicKeyCache.clearCache(issuerConfig.issuer);
-  }
-  async hydrate() {
-    const jwksFetches = Array.from(this.issuersConfig.values()).map(({ jwksUri }) => this.jwksCache.getJwks(jwksUri));
-    await Promise.all(jwksFetches);
-  }
-  verifySync(...[jwt, properties]) {
-    const { decomposedJwt, jwksUri, verifyProperties } = this.getVerifyParameters(jwt, properties);
-    return this.verifyDecomposedJwtSync(decomposedJwt, jwksUri, verifyProperties);
-  }
-  verifyDecomposedJwtSync(decomposedJwt, jwksUri, verifyProperties) {
-    const jwk = this.jwksCache.getCachedJwk(jwksUri, decomposedJwt);
-    return verifyDecomposedJwtSync(decomposedJwt, jwk, verifyProperties, this.publicKeyCache.transformJwkToKeyObjectSync.bind(this.publicKeyCache));
-  }
-  async verify(...[jwt, properties]) {
-    const { decomposedJwt, jwksUri, verifyProperties } = this.getVerifyParameters(jwt, properties);
-    return this.verifyDecomposedJwt(decomposedJwt, jwksUri, verifyProperties);
-  }
-  verifyDecomposedJwt(decomposedJwt, jwksUri, verifyProperties) {
-    return verifyDecomposedJwt(decomposedJwt, jwksUri, verifyProperties, this.jwksCache.getJwk.bind(this.jwksCache), this.publicKeyCache.transformJwkToKeyObjectAsync.bind(this.publicKeyCache));
-  }
-  getVerifyParameters(jwt, verifyProperties) {
-    const decomposedJwt = decomposeUnverifiedJwt(jwt);
-    const issuerConfig = this.getIssuerConfig(decomposedJwt.payload.iss);
-    return {
-      decomposedJwt,
-      jwksUri: issuerConfig.jwksUri,
-      verifyProperties: {
-        ...issuerConfig,
-        ...verifyProperties
-      }
-    };
-  }
-  withJwksUri(config2) {
-    if (config2.jwksUri) {
-      return config2;
-    }
-    const issuer = config2.issuer;
-    if (!issuer) {
-      throw new ParameterValidationError("jwksUri must be provided for issuer null");
-    }
-    const issuerUri = new URL(issuer).pathname.replace(/\/$/, "");
-    return {
-      jwksUri: new URL(`${issuerUri}/.well-known/jwks.json`, issuer).href,
-      ...config2
-    };
-  }
-}
-
-class KeyObjectCache {
-  constructor(transformJwkToKeyObjectSyncFn = nodeWebCompat.transformJwkToKeyObjectSync, transformJwkToKeyObjectAsyncFn = nodeWebCompat.transformJwkToKeyObjectAsync) {
-    this.transformJwkToKeyObjectSyncFn = transformJwkToKeyObjectSyncFn;
-    this.transformJwkToKeyObjectAsyncFn = transformJwkToKeyObjectAsyncFn;
-    this.publicKeys = new Map;
-  }
-  transformJwkToKeyObjectSync(jwk, jwtHeaderAlg, issuer) {
-    const alg = jwk.alg ?? jwtHeaderAlg;
-    if (!issuer || !jwk.kid || !alg) {
-      return this.transformJwkToKeyObjectSyncFn(jwk, alg, issuer);
-    }
-    const fromCache = this.publicKeys.get(issuer)?.get(jwk.kid)?.get(alg);
-    if (fromCache)
-      return fromCache;
-    const publicKey = this.transformJwkToKeyObjectSyncFn(jwk, alg, issuer);
-    this.putKeyObjectInCache(issuer, jwk.kid, alg, publicKey);
-    return publicKey;
-  }
-  async transformJwkToKeyObjectAsync(jwk, jwtHeaderAlg, issuer) {
-    const alg = jwk.alg ?? jwtHeaderAlg;
-    if (!issuer || !jwk.kid || !alg) {
-      return this.transformJwkToKeyObjectAsyncFn(jwk, alg, issuer);
-    }
-    const fromCache = this.publicKeys.get(issuer)?.get(jwk.kid)?.get(alg);
-    if (fromCache)
-      return fromCache;
-    const publicKey = await this.transformJwkToKeyObjectAsyncFn(jwk, alg, issuer);
-    this.putKeyObjectInCache(issuer, jwk.kid, alg, publicKey);
-    return publicKey;
-  }
-  putKeyObjectInCache(issuer, kid, alg, publicKey) {
-    const cachedIssuer = this.publicKeys.get(issuer);
-    const cachedIssuerKid = cachedIssuer?.get(kid);
-    if (cachedIssuerKid) {
-      cachedIssuerKid.set(alg, publicKey);
-    } else if (cachedIssuer) {
-      cachedIssuer.set(kid, new Map([[alg, publicKey]]));
-    } else {
-      this.publicKeys.set(issuer, new Map([[kid, new Map([[alg, publicKey]])]]));
-    }
-  }
-  clearCache(issuer) {
-    this.publicKeys.delete(issuer);
-  }
-}
-var supportedSignatureAlgorithms, JwtVerifier;
-var init_jwt_verifier = __esm(() => {
-  init_jwk();
-  init_assert();
-  init_jwt();
-  init_error();
-  init_node_web_compat_node();
-  supportedSignatureAlgorithms = [
-    "RS256",
-    "RS384",
-    "RS512",
-    "ES256",
-    "ES384",
-    "ES512",
-    "EdDSA"
-  ];
-  JwtVerifier = class JwtVerifier extends JwtVerifierBase {
-    static create(verifyProperties, additionalProperties) {
-      return new this(verifyProperties, additionalProperties?.jwksCache);
-    }
-  };
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/cognito-verifier.js
-function validateCognitoJwtFields(payload, options) {
-  if (options.groups != null) {
-    assertStringArraysOverlap("Cognito group", payload["cognito:groups"], options.groups, CognitoJwtInvalidGroupError);
-  }
-  assertStringArrayContainsString("Token use", payload.token_use, ["id", "access"], CognitoJwtInvalidTokenUseError);
-  if (options.tokenUse !== null) {
-    if (options.tokenUse === undefined) {
-      throw new ParameterValidationError("tokenUse must be provided or set to null explicitly");
-    }
-    assertStringEquals("Token use", payload.token_use, options.tokenUse, CognitoJwtInvalidTokenUseError);
-  }
-  if (options.clientId !== null) {
-    if (options.clientId === undefined) {
-      throw new ParameterValidationError("clientId must be provided or set to null explicitly");
-    }
-    if (payload.token_use === "id") {
-      assertStringArrayContainsString('Client ID ("audience")', payload.aud, options.clientId, CognitoJwtInvalidClientIdError);
-    } else {
-      assertStringArrayContainsString("Client ID", payload.client_id, options.clientId, CognitoJwtInvalidClientIdError);
-    }
-  }
-}
-var CognitoJwtVerifier;
-var init_cognito_verifier = __esm(() => {
-  init_error();
-  init_jwt_verifier();
-  init_assert();
-  CognitoJwtVerifier = class CognitoJwtVerifier extends JwtVerifierBase {
-    constructor(props, jwksCache) {
-      const issuerConfig = Array.isArray(props) ? props.map((p) => ({
-        ...p,
-        ...CognitoJwtVerifier.parseUserPoolId(p.userPoolId),
-        audience: null
-      })) : {
-        ...props,
-        ...CognitoJwtVerifier.parseUserPoolId(props.userPoolId),
-        audience: null
-      };
-      super(issuerConfig, jwksCache);
-    }
-    static parseUserPoolId(userPoolId) {
-      const match = userPoolId.match(this.USER_POOL_ID_REGEX);
-      if (!match) {
-        throw new ParameterValidationError(`Invalid Cognito User Pool ID: ${userPoolId}`);
-      }
-      const region = match.groups.region;
-      const issuer = `https://cognito-idp.${region}.amazonaws.com/${userPoolId}`;
-      return {
-        issuer,
-        jwksUri: `${issuer}/.well-known/jwks.json`
-      };
-    }
-    static create(verifyProperties, additionalProperties) {
-      return new this(verifyProperties, additionalProperties?.jwksCache);
-    }
-    verifySync(...[jwt, properties]) {
-      const { decomposedJwt, jwksUri, verifyProperties } = this.getVerifyParameters(jwt, properties);
-      this.verifyDecomposedJwtSync(decomposedJwt, jwksUri, verifyProperties);
-      try {
-        validateCognitoJwtFields(decomposedJwt.payload, verifyProperties);
-      } catch (err2) {
-        if (verifyProperties.includeRawJwtInErrors && err2 instanceof JwtInvalidClaimError) {
-          throw err2.withRawJwt(decomposedJwt);
-        }
-        throw err2;
-      }
-      return decomposedJwt.payload;
-    }
-    async verify(...[jwt, properties]) {
-      const { decomposedJwt, jwksUri, verifyProperties } = this.getVerifyParameters(jwt, properties);
-      await this.verifyDecomposedJwt(decomposedJwt, jwksUri, verifyProperties);
-      try {
-        validateCognitoJwtFields(decomposedJwt.payload, verifyProperties);
-      } catch (err2) {
-        if (verifyProperties.includeRawJwtInErrors && err2 instanceof JwtInvalidClaimError) {
-          throw err2.withRawJwt(decomposedJwt);
-        }
-        throw err2;
-      }
-      return decomposedJwt.payload;
-    }
-    cacheJwks(...[jwks, userPoolId]) {
-      let issuer;
-      if (userPoolId !== undefined) {
-        issuer = CognitoJwtVerifier.parseUserPoolId(userPoolId).issuer;
-      } else if (Array.from(this.issuersConfig).length > 1) {
-        throw new ParameterValidationError("userPoolId must be provided");
-      }
-      const issuerConfig = this.getIssuerConfig(issuer);
-      super.cacheJwks(jwks, issuerConfig.issuer);
-    }
-  };
-  CognitoJwtVerifier.USER_POOL_ID_REGEX = /^(?<region>[a-z]{2}-(gov-)?[a-z]+-\d)_[a-zA-Z0-9]+$/;
-});
-// ../../node_modules/aws-jwt-verify/dist/esm/alb-cache.js
-var init_alb_cache = __esm(() => {
-  init_error();
-  init_https();
-  init_node_web_compat_node();
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/alb-verifier.js
-var init_alb_verifier = __esm(() => {
-  init_alb_cache();
-  init_assert();
-  init_error();
-  init_jwt_verifier();
-});
-
-// ../../node_modules/aws-jwt-verify/dist/esm/index.js
-var init_esm2 = __esm(() => {
-  init_jwt_verifier();
-  init_cognito_verifier();
-  init_alb_verifier();
-  init_jwt_verifier();
-});
-
-// ../api-core/src/utils/lti.util.ts
-function generateUsername(email) {
-  const baseUsername = (email.split("@")[0] || "user").toLowerCase();
-  const cleanUsername = baseUsername.replace(/[^a-z0-9]/g, "");
-  const randomSuffix = Math.random().toString(36).substring(2, 7);
-  return `${cleanUsername}_${randomSuffix}`;
-}
-function extractRedirectPath(targetUri, currentHost) {
-  try {
-    const targetUrl = new URL(targetUri);
-    if (targetUrl.hostname === currentHost) {
-      return targetUrl.pathname + targetUrl.search;
-    }
-  } catch {}
-  return "/";
-}
-function getLtiRoles(claims) {
-  return claims["https://purl.imsglobal.org/spec/lti/claim/roles"] || [];
-}
-function hasLtiRole(claims, role) {
-  return getLtiRoles(claims).some((r) => r.includes(role));
-}
-function validateLtiClaims(claims) {
-  const messageType = claims["https://purl.imsglobal.org/spec/lti/claim/message_type"];
-  const version2 = claims["https://purl.imsglobal.org/spec/lti/claim/version"];
-  if (messageType !== "LtiResourceLinkRequest") {
-    return `Invalid LTI message type: ${messageType}`;
-  }
-  if (version2 !== "1.3.0") {
-    return `Unsupported LTI version: ${version2}`;
-  }
-  return null;
-}
-var LtiRoleChecks;
-var init_lti_util = __esm(() => {
-  LtiRoleChecks = {
-    isLearner: (claims) => hasLtiRole(claims, "Learner"),
-    isInstructor: (claims) => hasLtiRole(claims, "Instructor"),
-    isAdministrator: (claims) => hasLtiRole(claims, "Administrator"),
-    isContentDeveloper: (claims) => hasLtiRole(claims, "ContentDeveloper"),
-    isMentor: (claims) => hasLtiRole(claims, "Mentor")
-  };
-});
-
 // ../api-core/src/services/lti.service.ts
-import * as crypto4 from "node:crypto";
-
 class LtiService {
   ctx;
-  verifier = null;
   constructor(ctx) {
     this.ctx = ctx;
   }
-  getConfig() {
-    if (!this.ctx.config.lti) {
-      logger17.error("LTI configuration not available");
-      throw new ValidationError("LTI is not configured");
-    }
-    return this.ctx.config.lti;
-  }
-  getVerifier() {
-    if (!this.verifier) {
-      const lti = this.getConfig();
-      this.verifier = JwtVerifier.create({
-        issuer: lti.issuer,
-        audience: lti.audience,
-        jwksUri: lti.jwksUrl
-      });
-    }
-    return this.verifier;
-  }
-  async verifyToken(idToken) {
-    if (this.ctx.config.ltiTestMode) {
-      if (!idToken.startsWith("mock:")) {
-        throw new ValidationError("Invalid LTI token");
-      }
-      try {
-        const jsonStr = Buffer.from(idToken.slice(5), "base64").toString();
-        return JSON.parse(jsonStr);
-      } catch {
-        throw new ValidationError("Invalid LTI token format");
-      }
-    }
-    try {
-      const verifier = this.getVerifier();
-      const claims = await verifier.verify(idToken);
-      logger17.info("Verified token", {
-        sub: claims.sub,
-        email: claims.email,
-        roles: claims["https://purl.imsglobal.org/spec/lti/claim/roles"]
-      });
-      return claims;
-    } catch (error) {
-      logger17.error("Token verification failed", {
-        error: error instanceof Error ? error.message : String(error)
-      });
-      throw new ValidationError("Invalid LTI token");
-    }
-  }
-  async processLaunch(idToken, currentHost) {
-    const claims = await this.verifyToken(idToken);
-    const validationError = validateLtiClaims(claims);
-    if (validationError) {
-      logger17.warn("LTI claims validation failed", {
-        error: validationError,
-        sub: claims.sub
-      });
-      throw new ValidationError(validationError);
-    }
-    const user = await this.provisionUser(claims);
-    logger17.info("Processed launch roles", {
-      userId: user.id,
-      isLearner: LtiRoleChecks.isLearner(claims),
-      isInstructor: LtiRoleChecks.isInstructor(claims),
-      isAdministrator: LtiRoleChecks.isAdministrator(claims),
-      allRoles: claims["https://purl.imsglobal.org/spec/lti/claim/roles"]
-    });
-    const sessionToken = await this.createSession(user.id);
-    const targetUri = claims["https://purl.imsglobal.org/spec/lti/claim/target_link_uri"];
-    const redirectPath = extractRedirectPath(targetUri, currentHost);
-    logger17.info("Launch processed", { userId: user.id, redirectPath });
-    const userInfo = {
-      sub: user.id,
-      email: user.email,
-      name: user.name,
-      email_verified: user.emailVerified,
-      timeback_id: user.timebackId ?? undefined
-    };
-    return { user: userInfo, redirectPath, sessionToken };
-  }
   async getStatus(user) {
     const db2 = this.ctx.db;
     const [ltiAccount, oauthAccount, userRecord] = await Promise.all([
@@ -16143,134 +15050,11 @@ class LtiService {
       userId: user.id
     };
   }
-  async createSession(userId) {
-    const db2 = this.ctx.db;
-    const sessionToken = crypto4.randomUUID();
-    const expiresAt = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000);
-    const [session2] = await db2.insert(sessions).values({
-      id: crypto4.randomUUID(),
-      userId,
-      token: sessionToken,
-      expiresAt,
-      createdAt: new Date,
-      updatedAt: new Date
-    }).returning({ id: sessions.id });
-    if (!session2) {
-      logger17.error("Session insert returned no rows", { userId });
-      throw new InternalError("Failed to create session");
-    }
-    logger17.info("Created session", {
-      userId,
-      providerId: AUTH_PROVIDER_IDS.TIMEBACK_LTI
-    });
-    return sessionToken;
-  }
-  async provisionUser(claims) {
-    const db2 = this.ctx.db;
-    const email = claims.email;
-    const ltiTimebackId = claims.sub;
-    const providerId = AUTH_PROVIDER_IDS.TIMEBACK_LTI;
-    if (!email) {
-      throw new ValidationError("Email is required in LTI claims");
-    }
-    const existingAccount = await db2.query.accounts.findFirst({
-      where: and(eq(accounts.accountId, ltiTimebackId), eq(accounts.providerId, providerId))
-    });
-    if (existingAccount) {
-      const user = await db2.query.users.findFirst({
-        where: eq(users.id, existingAccount.userId)
-      });
-      if (user) {
-        logger17.info("Found user by account", {
-          userId: user.id,
-          ltiTimebackId
-        });
-        return user;
-      }
-    }
-    const existingUser = await db2.query.users.findFirst({
-      where: eq(users.email, email)
-    });
-    if (existingUser) {
-      await db2.transaction(async (tx) => {
-        const existingLtiAccount = await tx.query.accounts.findFirst({
-          where: and(eq(accounts.userId, existingUser.id), eq(accounts.providerId, providerId))
-        });
-        if (!existingLtiAccount) {
-          const [account] = await tx.insert(accounts).values({
-            id: crypto4.randomUUID(),
-            userId: existingUser.id,
-            accountId: ltiTimebackId,
-            providerId,
-            accessToken: null,
-            refreshToken: null,
-            accessTokenExpiresAt: null,
-            refreshTokenExpiresAt: null,
-            createdAt: new Date,
-            updatedAt: new Date
-          }).returning({ id: accounts.id });
-          if (!account) {
-            logger17.error("LTI account link insert returned no rows", {
-              userId: existingUser.id,
-              ltiTimebackId
-            });
-            throw new InternalError("Failed to link LTI account");
-          }
-          logger17.info("Linked existing user", {
-            userId: existingUser.id,
-            ltiTimebackId
-          });
-        }
-      });
-      return existingUser;
-    }
-    const newUserId = crypto4.randomUUID();
-    const createdUser = await db2.transaction(async (tx) => {
-      const [insertedUser] = await tx.insert(users).values({
-        id: newUserId,
-        email,
-        emailVerified: true,
-        timebackId: ltiTimebackId,
-        username: generateUsername(email),
-        name: claims.name || claims.given_name || email.split("@")[0] || "Timeback User",
-        createdAt: new Date,
-        updatedAt: new Date
-      }).returning();
-      if (!insertedUser) {
-        logger17.error("LTI user insert returned no rows", { email, ltiTimebackId });
-        throw new InternalError("Failed to create user");
-      }
-      await tx.insert(accounts).values({
-        id: crypto4.randomUUID(),
-        userId: newUserId,
-        accountId: ltiTimebackId,
-        providerId,
-        accessToken: null,
-        refreshToken: null,
-        accessTokenExpiresAt: null,
-        refreshTokenExpiresAt: null,
-        createdAt: new Date,
-        updatedAt: new Date
-      });
-      logger17.info("Provisioned user", {
-        userId: insertedUser.id,
-        ltiTimebackId
-      });
-      return insertedUser;
-    });
-    return createdUser;
-  }
 }
-var logger17;
 var init_lti_service = __esm(() => {
-  init_esm2();
   init_drizzle_orm();
   init_src();
   init_tables_index();
-  init_src2();
-  init_errors();
-  init_lti_util();
-  logger17 = log.scope("LtiService");
 });
 
 // ../api-core/src/services/map.service.ts
@@ -16287,7 +15071,7 @@ class MapService {
     if (!mapDetails) {
       throw new NotFoundError("Map", identifier);
     }
-    logger18.debug("Retrieved map", { identifier });
+    logger17.debug("Retrieved map", { identifier });
     return mapDetails;
   }
   async getElements(mapId) {
@@ -16303,7 +15087,7 @@ class MapService {
         }
       }
     });
-    logger18.debug("Retrieved elements", { mapId, count: elements.length });
+    logger17.debug("Retrieved elements", { mapId, count: elements.length });
     return elements;
   }
   async getObjects(mapId, userId) {
@@ -16324,7 +15108,7 @@ class MapService {
         }
       }
     });
-    logger18.debug("Retrieved objects", { mapId, userId, count: objects.length });
+    logger17.debug("Retrieved objects", { mapId, userId, count: objects.length });
     return objects.map((object) => this.formatMapObjectWithItem(object));
   }
   async createObject(mapId, data, user) {
@@ -16351,7 +15135,7 @@ class MapService {
       throw new NotFoundError("Item", data.itemId);
     }
     if (!item.isPlaceable) {
-      logger18.warn("Attempted to place non-placeable item", {
+      logger17.warn("Attempted to place non-placeable item", {
         userId: user.id,
         itemId: data.itemId,
         mapId
@@ -16365,7 +15149,7 @@ class MapService {
     };
     const [createdObject] = await db2.insert(mapObjects).values(objectData).returning();
     if (!createdObject) {
-      logger18.error("Map object insert returned no rows", {
+      logger17.error("Map object insert returned no rows", {
         userId: user.id,
         mapId,
         itemId: data.itemId
@@ -16389,12 +15173,12 @@ class MapService {
       }
     });
     if (!objectWithItem) {
-      logger18.error("Map object query after insert returned no rows", {
+      logger17.error("Map object query after insert returned no rows", {
         objectId: createdObject.id
       });
       throw new InternalError("Failed to retrieve created object");
     }
-    logger18.info("Created object", {
+    logger17.info("Created object", {
       userId: user.id,
       mapId,
       objectId: createdObject.id,
@@ -16418,7 +15202,7 @@ class MapService {
     if (result.length === 0) {
       throw new NotFoundError("MapObject", objectId);
     }
-    logger18.info("Deleted object", {
+    logger17.info("Deleted object", {
       userId: user.id,
       mapId,
       objectId
@@ -16447,13 +15231,13 @@ class MapService {
     };
   }
 }
-var logger18;
+var logger17;
 var init_map_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger18 = log.scope("MapService");
+  logger17 = log.scope("MapService");
 });
 
 // ../realtime/src/server/domain/events.ts
@@ -16474,13 +15258,13 @@ async function publishToUser(baseUrl, secret, userId, type, payload) {
     });
     if (!res.ok) {
       const text3 = await res.text().catch(() => "");
-      logger19.warn("Failed to publish to user", {
+      logger18.warn("Failed to publish to user", {
         status: res.status,
         body: text3
       });
     }
   } catch (error) {
-    logger19.error("Publish to user error", { error });
+    logger18.error("Publish to user error", { error });
   }
 }
 
@@ -16500,7 +15284,7 @@ class NotificationService {
     if (type)
       conditions2.push(eq(notifications.type, type));
     const results = await this.ctx.db.select().from(notifications).where(and(...conditions2)).orderBy(desc(notifications.createdAt)).limit(limit).offset(offset);
-    logger19.debug("Listed notifications", { userId: user.id, count: results.length });
+    logger18.debug("Listed notifications", { userId: user.id, count: results.length });
     return results;
   }
   async updateStatus(notificationId, status, method) {
@@ -16518,7 +15302,7 @@ class NotificationService {
     if (!updated) {
       throw new NotFoundError("Notification", notificationId);
     }
-    logger19.debug("Updated status", { notificationId, status });
+    logger18.debug("Updated status", { notificationId, status });
     return updated;
   }
   async getStats(user, options) {
@@ -16542,7 +15326,7 @@ class NotificationService {
     const clicked = statsMap.clicked || 0;
     const dismissed = statsMap.dismissed || 0;
     const expired = statsMap.expired || 0;
-    logger19.debug("Retrieved stats", { userId: user.id, total });
+    logger18.debug("Retrieved stats", { userId: user.id, total });
     return {
       total,
       delivered,
@@ -16588,7 +15372,7 @@ class NotificationService {
           metadata: metadata2
         });
       }
-      logger19.debug("Created notification", {
+      logger18.debug("Created notification", {
         userId,
         type,
         id: notificationId,
@@ -16596,14 +15380,14 @@ class NotificationService {
       });
       return notificationId;
     } catch (error) {
-      logger19.error("Failed to create notification", { userId, type, error });
+      logger18.error("Failed to create notification", { userId, type, error });
       return null;
     }
   }
   async publish(userId, notificationId, type, title, message, options) {
     const realtimeConfig = this.ctx.config.realtime;
     if (!realtimeConfig) {
-      logger19.warn("No realtime config for publish");
+      logger18.warn("No realtime config for publish");
       return;
     }
     const { relayUrl, publishSecret } = realtimeConfig;
@@ -16645,13 +15429,13 @@ class NotificationService {
       metadata: data.metadata || {}
     }).returning();
     if (!notification) {
-      logger19.error("Notification insert returned no rows", {
+      logger18.error("Notification insert returned no rows", {
         userId: data.userId,
         type: data.type
       });
       throw new InternalError("Failed to create notification");
     }
-    logger19.info("Inserted notification", {
+    logger18.info("Inserted notification", {
       notificationId: notification.id,
       userId: notification.userId,
       type: notification.type
@@ -16661,7 +15445,7 @@ class NotificationService {
   async deliverPending(userId) {
     const realtimeConfig = this.ctx.config.realtime;
     if (!realtimeConfig) {
-      logger19.warn("No realtime config for delivery");
+      logger18.warn("No realtime config for delivery");
       return;
     }
     const { relayUrl, publishSecret } = realtimeConfig;
@@ -16688,13 +15472,13 @@ class NotificationService {
           metadata: notification.metadata,
           clickUrl: notification.clickUrl
         });
-        logger19.info("Delivered notification", {
+        logger18.info("Delivered notification", {
           notificationId: notification.id,
           userId,
           type: notification.type
         });
       } catch (error) {
-        logger19.warn("Failed to deliver", {
+        logger18.warn("Failed to deliver", {
           notificationId: notification.id,
           error
         });
@@ -16702,7 +15486,7 @@ class NotificationService {
     }
   }
 }
-var logger19;
+var logger18;
 var init_notification_service = __esm(() => {
   init_drizzle_orm();
   init_src();
@@ -16711,7 +15495,7 @@ var init_notification_service = __esm(() => {
   init_events();
   init_notification();
   init_errors();
-  logger19 = log.scope("NotificationService");
+  logger18 = log.scope("NotificationService");
 });
 
 // ../api-core/src/services/realtime.service.ts
@@ -16746,20 +15530,20 @@ class RealtimeService {
     }
     const displayName = user.username || (user.name ? user.name.split(" ")[0] : undefined) || undefined;
     const token = await this.ctx.providers.auth.mintRealtimeToken(user.id, resolvedGameId, displayName, user.role);
-    logger20.info("Generated token", {
+    logger19.info("Generated token", {
       userId: user.id,
       gameId: resolvedGameId || "global"
     });
     return { token };
   }
 }
-var logger20;
+var logger19;
 var init_realtime_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger20 = log.scope("RealtimeService");
+  logger19 = log.scope("RealtimeService");
 });
 
 // ../api-core/src/services/secrets.service.ts
@@ -16768,60 +15552,92 @@ class SecretsService {
   constructor(ctx) {
     this.ctx = ctx;
   }
-  async listKeys(slug2, user) {
-    const game = await this.ctx.services.game.validateDeveloperAccessBySlug(user, slug2);
-    const secrets = await this.ctx.providers.secrets.readSecrets(game.id);
-    const keys = secrets ? Object.keys(secrets).filter((k) => !INTERNAL_SECRET_KEYS.includes(k)) : [];
-    logger21.debug("Listed secret keys", { gameId: game.id, slug: slug2, keyCount: keys.length });
-    return keys;
+  getCloudflare() {
+    if (!this.ctx.cloudflare) {
+      throw new ValidationError("Secrets management requires Cloudflare provider");
+    }
+    return this.ctx.cloudflare;
+  }
+  getDeploymentId(slug2) {
+    const isProd = isProduction2(this.ctx.config);
+    return getDeploymentId(slug2, isProd);
   }
-  async getValues(slug2, user) {
+  async listKeys(slug2, user) {
     const game = await this.ctx.services.game.validateDeveloperAccessBySlug(user, slug2);
-    const secrets = await this.ctx.providers.secrets.readSecrets(game.id);
-    if (!secrets) {
-      return {};
-    }
-    const filtered = {};
-    for (const [key, value] of Object.entries(secrets)) {
-      if (!INTERNAL_SECRET_KEYS.includes(key)) {
-        filtered[key] = value;
+    const cf = this.getCloudflare();
+    const deploymentId = this.getDeploymentId(slug2);
+    try {
+      const allKeys = await cf.listSecrets(deploymentId);
+      const keys = allKeys.filter((k) => k.startsWith(SECRETS_PREFIX)).map((k) => k.slice(SECRETS_PREFIX.length));
+      logger20.debug("Listed secret keys", { gameId: game.id, slug: slug2, keyCount: keys.length });
+      return keys;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes("not found") || message.includes("10007")) {
+        logger20.debug("Worker not found, returning empty secrets list", {
+          gameId: game.id,
+          slug: slug2
+        });
+        return [];
       }
+      throw error;
     }
-    logger21.debug("Retrieved secret values", { gameId: game.id, slug: slug2 });
-    return filtered;
   }
   async setSecrets(slug2, newSecrets, user) {
     const game = await this.ctx.services.game.validateDeveloperAccessBySlug(user, slug2);
+    const cf = this.getCloudflare();
+    const deploymentId = this.getDeploymentId(slug2);
     const secretKeys = Object.keys(newSecrets);
     if (secretKeys.length === 0) {
+      logger20.warn("No secrets provided", { userId: user.id, slug: slug2 });
       throw new ValidationError("At least one secret must be provided");
     }
     for (const [key, value] of Object.entries(newSecrets)) {
       if (typeof value !== "string") {
+        logger20.warn("Secret value must be a string", { userId: user.id, slug: slug2, key });
         throw new ValidationError(`Secret value for "${key}" must be a string`);
       }
       if (INTERNAL_SECRET_KEYS.includes(key)) {
-        logger21.warn("Attempted to set reserved secret", {
-          userId: user.id,
+        logger20.warn("Attempted to set reserved secret", { userId: user.id, slug: slug2, key });
+        throw new ValidationError(`Cannot set reserved secret "${key}"`);
+      }
+    }
+    try {
+      const prefixedSecrets = {};
+      for (const [key, value] of Object.entries(newSecrets)) {
+        prefixedSecrets[`${SECRETS_PREFIX}${key}`] = value;
+      }
+      await cf.setSecrets(deploymentId, prefixedSecrets);
+      logger20.info("Set secrets", {
+        gameId: game.id,
+        slug: slug2,
+        deploymentId,
+        keys: secretKeys
+      });
+      const allKeys = await cf.listSecrets(deploymentId);
+      return allKeys.filter((k) => k.startsWith(SECRETS_PREFIX)).map((k) => k.slice(SECRETS_PREFIX.length));
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes("not found") || message.includes("10007")) {
+        logger20.warn("Cannot set secrets - game not deployed", {
           gameId: game.id,
-          key
+          slug: slug2,
+          deploymentId
         });
-        throw new ValidationError(`Cannot set reserved secret "${key}"`);
+        throw new ValidationError("Game must be deployed before setting secrets. Run `playcademy deploy` first.");
       }
+      logger20.error("Failed to set secrets", {
+        gameId: game.id,
+        slug: slug2,
+        deploymentId,
+        error: message
+      });
+      throw error;
     }
-    const existingSecrets = await this.ctx.providers.secrets.readSecrets(game.id) || {};
-    const updatedSecrets = { ...existingSecrets, ...newSecrets };
-    await this.ctx.providers.secrets.writeSecrets(game.id, updatedSecrets);
-    logger21.info("Set secrets", {
-      gameId: game.id,
-      slug: slug2,
-      addedKeys: secretKeys
-    });
-    return Object.keys(updatedSecrets).filter((k) => !INTERNAL_SECRET_KEYS.includes(k));
   }
   async deleteSecret(slug2, key, user) {
     if (INTERNAL_SECRET_KEYS.includes(key)) {
-      logger21.warn("Attempted to delete reserved secret", {
+      logger20.warn("Attempted to delete reserved secret", {
         userId: user.id,
         slug: slug2,
         key
@@ -16829,25 +15645,53 @@ class SecretsService {
       throw new ValidationError(`Cannot delete reserved secret "${key}"`);
     }
     const game = await this.ctx.services.game.validateDeveloperAccessBySlug(user, slug2);
-    const secrets = await this.ctx.providers.secrets.readSecrets(game.id);
-    if (!secrets || !(key in secrets)) {
-      throw new NotFoundError("Secret", key);
-    }
-    delete secrets[key];
-    if (Object.keys(secrets).length > 0) {
-      await this.ctx.providers.secrets.writeSecrets(game.id, secrets);
-    } else {
-      await this.ctx.providers.secrets.deleteSecrets(game.id);
+    const cf = this.getCloudflare();
+    const deploymentId = this.getDeploymentId(slug2);
+    try {
+      const prefixedKey = `${SECRETS_PREFIX}${key}`;
+      const existingKeys = await cf.listSecrets(deploymentId);
+      if (!existingKeys.includes(prefixedKey)) {
+        throw new NotFoundError("Secret", key);
+      }
+      await cf.deleteSecret(deploymentId, prefixedKey);
+      logger20.info("Deleted secret", {
+        gameId: game.id,
+        slug: slug2,
+        deploymentId,
+        key
+      });
+    } catch (error) {
+      if (error instanceof NotFoundError) {
+        throw error;
+      }
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes("not found") || message.includes("10007")) {
+        logger20.warn("Cannot delete secret - game not deployed", {
+          gameId: game.id,
+          slug: slug2,
+          deploymentId
+        });
+        throw new ValidationError("Game must be deployed before managing secrets. Run `playcademy deploy` first.");
+      }
+      logger20.error("Failed to delete secret", {
+        gameId: game.id,
+        slug: slug2,
+        deploymentId,
+        key,
+        error: message
+      });
+      throw error;
     }
-    logger21.info("Deleted secret", { gameId: game.id, slug: slug2, key });
   }
 }
-var logger21, INTERNAL_SECRET_KEYS;
+var logger20, SECRETS_PREFIX = "secrets_", INTERNAL_SECRET_KEYS;
 var init_secrets_service = __esm(() => {
   init_src2();
+  init_config2();
   init_errors();
-  logger21 = log.scope("SecretsService");
-  INTERNAL_SECRET_KEYS = ["PLAYCADEMY_API_KEY"];
+  init_deployment_util();
+  logger20 = log.scope("SecretsService");
+  INTERNAL_SECRET_KEYS = ["PLAYCADEMY_API_KEY", "GAME_ID", "PLAYCADEMY_BASE_URL"];
 });
 
 // ../api-core/src/services/seed.service.ts
@@ -16859,7 +15703,7 @@ class SeedService {
   getCloudflare() {
     const cf = this.ctx.cloudflare;
     if (!cf) {
-      logger22.error("Cloudflare provider not available for seeding");
+      logger21.error("Cloudflare provider not available for seeding");
       throw new ValidationError("Cloudflare provider not configured");
     }
     return cf;
@@ -16871,7 +15715,7 @@ class SeedService {
     const deploymentId = getDeploymentId(slug2, isProd);
     const uniqueSuffix = Date.now().toString(36);
     const seedDeploymentId = `seed-${deploymentId}-${uniqueSuffix}`;
-    logger22.debug("Seeding database", {
+    logger21.debug("Seeding database", {
       userId: user.id,
       gameId: game.id,
       slug: slug2,
@@ -16880,7 +15724,7 @@ class SeedService {
     });
     try {
       const workerResponse = await this.deployAndExecuteSeedWorker(cf, seedDeploymentId, game.id, deploymentId, code);
-      logger22.info("Seed completed", {
+      logger21.info("Seed completed", {
         gameId: game.id,
         slug: slug2,
         deploymentId,
@@ -16896,7 +15740,7 @@ class SeedService {
       };
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : String(error);
-      logger22.error("Seed failed", {
+      logger21.error("Seed failed", {
         slug: slug2,
         error: errorMessage
       });
@@ -16906,7 +15750,7 @@ class SeedService {
         error: errorMessage,
         developer: { id: user.id, email: user.email }
       }).catch((err2) => {
-        logger22.warn("Failed to send failure alert", { error: err2 });
+        logger21.warn("Failed to send failure alert", { error: err2 });
       });
       if (error instanceof Error) {
         if (error.message.includes("timed out") || error.message.includes("AbortError")) {
@@ -16960,7 +15804,7 @@ class SeedService {
         bindings: { d1: [deploymentId], r2: [], kv: [] },
         keepAssets: false
       });
-      logger22.info("Worker deployed", { seedDeploymentId, url: result.url });
+      logger21.info("Worker deployed", { seedDeploymentId, url: result.url });
       return await this.executeSeedWorker(result.url, seedDeploymentId);
     } finally {
       await this.cleanupSeedWorker(cf, seedDeploymentId);
@@ -16976,7 +15820,7 @@ class SeedService {
     await new Promise((resolve) => setTimeout(resolve, INITIAL_DELAY));
     for (let attempt = 0;attempt < MAX_RETRIES; attempt++) {
       if (attempt > 0) {
-        logger22.debug("Retrying seed execution", {
+        logger21.debug("Retrying seed execution", {
           attempt: attempt + 1,
           maxRetries: MAX_RETRIES,
           nextRetryIn: `${RETRY_INTERVAL / 1000}s`
@@ -16996,14 +15840,14 @@ class SeedService {
           const isRetryable = response.status === 404 || response.status >= 500;
           if (isRetryable && attempt < MAX_RETRIES - 1) {
             lastError = new Error(`Worker returned ${response.status}`);
-            logger22.debug("Worker not ready, will retry", {
+            logger21.debug("Worker not ready, will retry", {
               status: response.status,
               attempt: attempt + 1,
               errorBody: errorBody?.substring(0, 500)
             });
             continue;
           }
-          logger22.error("Worker returned error", {
+          logger21.error("Worker returned error", {
             status: response.status,
             statusText: response.statusText,
             errorBody
@@ -17013,7 +15857,7 @@ class SeedService {
         const data = await response.json();
         if (!data.success) {
           const error = data.error || "Seed execution failed";
-          logger22.error("Seed execution failed", {
+          logger21.error("Seed execution failed", {
             error,
             stack: data.stack,
             details: data.details,
@@ -17034,7 +15878,7 @@ class SeedService {
           };
           throw new InternalError(detailedMessage, errorDetails);
         }
-        logger22.info("Seed executed successfully", {
+        logger21.info("Seed executed successfully", {
           seedDeploymentId,
           duration: data.duration,
           logCount: data.logs?.length ?? 0
@@ -17044,7 +15888,7 @@ class SeedService {
         clearTimeout(timeout);
         if (error instanceof Error && error.name === "AbortError") {
           lastError = new Error("Seed execution timed out");
-          logger22.debug("Seed execution timed out, will retry", {
+          logger21.debug("Seed execution timed out, will retry", {
             attempt: attempt + 1
           });
           if (attempt < MAX_RETRIES - 1)
@@ -17055,7 +15899,7 @@ class SeedService {
         }
         lastError = error instanceof Error ? error : new Error(String(error));
         if (attempt < MAX_RETRIES - 1) {
-          logger22.debug("Network error, will retry", {
+          logger21.debug("Network error, will retry", {
             error: lastError.message,
             attempt: attempt + 1
           });
@@ -17068,19 +15912,19 @@ class SeedService {
   async cleanupSeedWorker(cf, seedDeploymentId) {
     try {
       await cf.delete(seedDeploymentId);
-      logger22.info("Worker deleted", { seedDeploymentId });
+      logger21.info("Worker deleted", { seedDeploymentId });
     } catch (error) {
-      logger22.warn("Failed to cleanup worker", { seedDeploymentId, error });
+      logger21.warn("Failed to cleanup worker", { seedDeploymentId, error });
     }
   }
 }
-var logger22;
+var logger21;
 var init_seed_service = __esm(() => {
   init_src2();
   init_config2();
   init_errors();
   init_deployment_util();
-  logger22 = log.scope("SeedService");
+  logger21 = log.scope("SeedService");
 });
 
 // ../api-core/src/services/session.service.ts
@@ -17115,10 +15959,10 @@ class SessionService {
     };
     const [newSession] = await db2.insert(gameSessions).values(sessionToInsert).returning({ sessionId: gameSessions.id });
     if (!newSession?.sessionId) {
-      logger23.error("Game session insert returned no rows", { userId, gameId });
+      logger22.error("Game session insert returned no rows", { userId, gameId });
       throw new InternalError("Failed to create game session");
     }
-    logger23.info("Started new session", {
+    logger22.info("Started new session", {
       sessionId: newSession.sessionId,
       gameId,
       userId
@@ -17139,23 +15983,23 @@ class SessionService {
       return { success: true, message: "Session already ended" };
     }
     await db2.update(gameSessions).set({ endedAt: new Date }).where(eq(gameSessions.id, sessionId));
-    logger23.info("Ended session", { sessionId, gameId, userId });
+    logger22.info("Ended session", { sessionId, gameId, userId });
     return { success: true };
   }
   async mintToken(gameIdOrSlug, userId) {
     const gameId = await this.resolveGameId(gameIdOrSlug);
     const result = await this.ctx.providers.auth.mintGameToken(gameId, userId);
-    logger23.debug("Minted game token", { gameId, userId });
+    logger22.debug("Minted game token", { gameId, userId });
     return result;
   }
 }
-var logger23;
+var logger22;
 var init_session_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger23 = log.scope("SessionService");
+  logger22 = log.scope("SessionService");
 });
 
 // ../api-core/src/services/shop-listing.service.ts
@@ -17167,7 +16011,7 @@ class ShopListingService {
   async list() {
     const db2 = this.ctx.db;
     const allListings = await db2.query.shopListings.findMany();
-    logger24.debug("Listed shop listings", { count: allListings.length });
+    logger23.debug("Listed shop listings", { count: allListings.length });
     return allListings;
   }
   async getById(listingId) {
@@ -17178,7 +16022,7 @@ class ShopListingService {
     if (!listing) {
       throw new NotFoundError("ShopListing", listingId);
     }
-    logger24.debug("Retrieved listing", { listingId });
+    logger23.debug("Retrieved listing", { listingId });
     return listing;
   }
   async create(data) {
@@ -17189,13 +16033,13 @@ class ShopListingService {
         price: data.price
       }).returning();
       if (!newListing) {
-        logger24.error("Shop listing insert returned no rows", {
+        logger23.error("Shop listing insert returned no rows", {
           itemId: data.itemId,
           currencyId: data.currencyId
         });
         throw new InternalError("Failed to create shop listing");
       }
-      logger24.info("Created listing", {
+      logger23.info("Created listing", {
         listingId: newListing.id,
         itemId: newListing.itemId,
         currencyId: newListing.currencyId,
@@ -17238,7 +16082,7 @@ class ShopListingService {
       if (!updatedListing) {
         throw new NotFoundError("ShopListing", listingId);
       }
-      logger24.info("Updated listing", {
+      logger23.info("Updated listing", {
         listingId: updatedListing.id,
         updatedFields: Object.keys(updateData)
       });
@@ -17268,7 +16112,7 @@ class ShopListingService {
     if (result.length === 0) {
       throw new NotFoundError("ShopListing", listingId);
     }
-    logger24.info("Deleted listing", { listingId });
+    logger23.info("Deleted listing", { listingId });
   }
   async listByGame(gameId, user) {
     await this.ctx.services.game.validateOwnership(user, gameId);
@@ -17286,7 +16130,7 @@ class ShopListingService {
         item: true
       }
     });
-    logger24.debug("Listed game listings", {
+    logger23.debug("Listed game listings", {
       gameId,
       count: listings.length
     });
@@ -17316,14 +16160,14 @@ class ShopListingService {
         currencyId: currency.id
       }).returning();
       if (!newListing) {
-        logger24.error("Game item listing insert returned no rows", {
+        logger23.error("Game item listing insert returned no rows", {
           gameId,
           itemId,
           currencyId: currency.id
         });
         throw new InternalError("Failed to create shop listing");
       }
-      logger24.info("Created game item listing", {
+      logger23.info("Created game item listing", {
         listingId: newListing.id,
         gameId,
         itemId,
@@ -17364,7 +16208,7 @@ class ShopListingService {
       if (!updatedListing) {
         throw new NotFoundError("ShopListing", `for item ${itemId}`);
       }
-      logger24.info("Updated game item listing", {
+      logger23.info("Updated game item listing", {
         listingId: updatedListing.id,
         gameId,
         itemId,
@@ -17389,7 +16233,7 @@ class ShopListingService {
     if (result.length === 0) {
       throw new NotFoundError("ShopListing", `for item ${itemId}`);
     }
-    logger24.info("Deleted game item listing", {
+    logger23.info("Deleted game item listing", {
       listingId: result[0].id,
       gameId,
       itemId
@@ -17406,13 +16250,13 @@ class ShopListingService {
     }
   }
 }
-var logger24;
+var logger23;
 var init_shop_listing_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger24 = log.scope("ShopListingService");
+  logger23 = log.scope("ShopListingService");
 });
 
 // ../api-core/src/services/shop.service.ts
@@ -17458,7 +16302,7 @@ class ShopService {
     const shopItems = [];
     for (const listing of listingsWithRelations) {
       if (!listing.item || !listing.currency) {
-        logger25.warn("Listing missing item or currency, skipping", {
+        logger24.warn("Listing missing item or currency, skipping", {
           listingId: listing.id
         });
         continue;
@@ -17475,7 +16319,7 @@ class ShopService {
         sellBackPercentage: listing.sellBackPercentage
       });
     }
-    logger25.debug("Retrieved shop view", {
+    logger24.debug("Retrieved shop view", {
       userId: user.id,
       itemCount: shopItems.length,
       currencyCount: shopCurrencies.length
@@ -17486,12 +16330,12 @@ class ShopService {
     };
   }
 }
-var logger25;
+var logger24;
 var init_shop_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
-  logger25 = log.scope("ShopService");
+  logger24 = log.scope("ShopService");
 });
 
 // ../api-core/src/services/sprite.service.ts
@@ -17508,17 +16352,17 @@ class SpriteService {
     if (!template) {
       throw new NotFoundError("SpriteTemplate", slug2);
     }
-    logger26.debug("Retrieved sprite", { slug: slug2 });
+    logger25.debug("Retrieved sprite", { slug: slug2 });
     return template;
   }
 }
-var logger26;
+var logger25;
 var init_sprite_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger26 = log.scope("SpriteService");
+  logger25 = log.scope("SpriteService");
 });
 
 // ../timeback/dist/types.js
@@ -17961,7 +16805,7 @@ class TimebackService {
   }
   requireClient() {
     if (!this.ctx.timeback) {
-      logger27.error("Timeback client not available in context");
+      logger26.error("Timeback client not available in context");
       throw new ValidationError("Timeback integration not available in this environment");
     }
     return this.ctx.timeback;
@@ -18014,7 +16858,7 @@ class TimebackService {
       set: { xp: sql`excluded.xp`, updatedAt: new Date }
     }).returning({ xp: timebackDailyXp.xp, date: timebackDailyXp.date });
     if (!result) {
-      logger27.error("Daily XP upsert returned no rows", { userId, date: targetDate });
+      logger26.error("Daily XP upsert returned no rows", { userId, date: targetDate });
       throw new InternalError("Failed to update daily XP record");
     }
     return { xp: result.xp, date: result.date.toISOString() };
@@ -18045,7 +16889,7 @@ class TimebackService {
       columns: { id: true, timebackId: true }
     });
     if (dbUser?.timebackId) {
-      logger27.info("Student already onboarded", { userId: user.id });
+      logger26.info("Student already onboarded", { userId: user.id });
       return { status: "already_populated" };
     }
     let timebackId;
@@ -18054,7 +16898,7 @@ class TimebackService {
       const existingUser = await client.oneroster.users.findByEmail(user.email);
       timebackId = existingUser.sourcedId;
       name3 = `${existingUser.givenName} ${existingUser.familyName}`;
-      logger27.info("Found existing student in OneRoster", {
+      logger26.info("Found existing student in OneRoster", {
         userId: user.id,
         timebackId
       });
@@ -18083,7 +16927,7 @@ class TimebackService {
       }
       timebackId = response.sourcedIdPairs.allocatedSourcedId;
       name3 = `${providedNames.firstName} ${providedNames.lastName}`;
-      logger27.info("Created student in OneRoster", { userId: user.id, timebackId });
+      logger26.info("Created student in OneRoster", { userId: user.id, timebackId });
     }
     const assessments = await this.fetchAssessments(timebackId);
     await db2.transaction(async (tx) => {
@@ -18117,7 +16961,7 @@ class TimebackService {
       }
       const [updated] = await tx.update(users).set({ timebackId, name: name3 }).where(eq(users.id, user.id)).returning({ id: users.id });
       if (!updated) {
-        logger27.error("User Timeback ID update returned no rows", {
+        logger26.error("User Timeback ID update returned no rows", {
           userId: user.id,
           timebackId
         });
@@ -18140,13 +16984,13 @@ class TimebackService {
           break;
         offset += limit;
       }
-      logger27.debug("Fetched assessments", {
+      logger26.debug("Fetched assessments", {
         studentSourcedId,
         totalCount: allAssessments.length
       });
       return allAssessments;
     } catch (error) {
-      logger27.warn("Failed to fetch assessments", { studentSourcedId, error });
+      logger26.warn("Failed to fetch assessments", { studentSourcedId, error });
       return [];
     }
   }
@@ -18231,11 +17075,11 @@ class TimebackService {
       return [];
     }
   }
-  async setupIntegration(gameId, request2, user) {
+  async setupIntegration(gameId, request, user) {
     const client = this.requireClient();
     const db2 = this.ctx.db;
     await this.ctx.services.game.validateDeveloperAccess(user, gameId);
-    const { courses, baseConfig, verbose } = request2;
+    const { courses, baseConfig, verbose } = request;
     const existing = await db2.query.gameTimebackIntegrations.findMany({
       where: eq(gameTimebackIntegrations.gameId, gameId)
     });
@@ -18253,7 +17097,7 @@ class TimebackService {
         masterableUnits: derivedMasterableUnits
       } = courseConfig;
       if (!isTimebackSubject(subjectInput)) {
-        logger27.warn("Invalid Timeback subject in course config", {
+        logger26.warn("Invalid Timeback subject in course config", {
           subject: subjectInput,
           courseCode,
           title
@@ -18261,7 +17105,7 @@ class TimebackService {
         throw new ValidationError(`Invalid subject "${subjectInput}"`);
       }
       if (!isTimebackGrade(grade)) {
-        logger27.warn("Invalid Timeback grade in course config", {
+        logger26.warn("Invalid Timeback grade in course config", {
           grade,
           courseCode,
           title
@@ -18273,7 +17117,7 @@ class TimebackService {
       const totalXp = derivedTotalXp ?? courseMetadata?.metrics?.totalXp;
       const masterableUnits = derivedMasterableUnits ?? (isPlaycademyResourceMetadata(courseMetadata?.playcademy) ? courseMetadata?.playcademy?.mastery?.masterableUnits : undefined);
       if (typeof totalXp !== "number") {
-        logger27.warn("Course missing totalXp in Timeback config", {
+        logger26.warn("Course missing totalXp in Timeback config", {
           courseCode,
           title
         });
@@ -18444,7 +17288,7 @@ class TimebackService {
       courseName: activityData.courseName,
       studentEmail: activityData.studentEmail
     });
-    logger27.info("Recorded activity completion", {
+    logger26.info("Recorded activity completion", {
       gameId,
       courseId: integration.courseId,
       studentId,
@@ -18461,7 +17305,7 @@ class TimebackService {
     };
   }
 }
-var logger27;
+var logger26;
 var init_timeback_service = __esm(() => {
   init_drizzle_orm();
   init_src();
@@ -18471,7 +17315,7 @@ var init_timeback_service = __esm(() => {
   init_src4();
   init_errors();
   init_timeback_util();
-  logger27 = log.scope("TimebackService");
+  logger26 = log.scope("TimebackService");
 });
 
 // ../api-core/src/services/upload.service.ts
@@ -18480,19 +17324,19 @@ class UploadService {
   constructor(ctx) {
     this.ctx = ctx;
   }
-  async initiate(request2, user) {
-    const { fileName, gameId } = request2;
+  async initiate(request, user) {
+    const { fileName, gameId } = request;
     const bucketName = this.ctx.config.uploadBucket;
     if (!bucketName) {
-      logger28.error("Upload bucket not configured in environment");
+      logger27.error("Upload bucket not configured in environment");
       throw new ValidationError("Upload bucket not configured");
     }
     await this.ctx.services.game.validateDeveloperAccess(user, gameId);
     const version2 = ulid();
     const tempS3Key = `uploads-temp/${gameId}/${version2}/${fileName}`;
-    logger28.debug("Initiating upload", { userId: user.id, gameId, fileName, version: version2 });
+    logger27.debug("Initiating upload", { userId: user.id, gameId, fileName, version: version2 });
     const presignedUrl = await this.ctx.providers.storage.generatePresignedPutUrl(bucketName, tempS3Key, "application/zip");
-    logger28.info("Presigned URL generated", {
+    logger27.info("Presigned URL generated", {
       userId: user.id,
       gameId,
       version: version2
@@ -18505,12 +17349,12 @@ class UploadService {
     };
   }
 }
-var logger28;
+var logger27;
 var init_upload_service = __esm(() => {
   init_node();
   init_src2();
   init_errors();
-  logger28 = log.scope("UploadService");
+  logger27 = log.scope("UploadService");
 });
 
 // ../api-core/src/services/user.service.ts
@@ -18525,12 +17369,12 @@ class UserService {
       where: eq(users.id, user.id)
     });
     if (!userData) {
-      logger29.error("User not found", { userId: user.id });
+      logger28.error("User not found", { userId: user.id });
       throw new NotFoundError("User", user.id);
     }
     const timeback2 = userData.timebackId ? await this.fetchTimebackData(userData.timebackId, gameId) : undefined;
     if (gameId) {
-      logger29.debug("Fetched user profile (game context)", { userId: user.id, gameId });
+      logger28.debug("Fetched user profile (game context)", { userId: user.id, gameId });
       return {
         id: userData.id,
         name: userData.name,
@@ -18543,7 +17387,7 @@ class UserService {
     const timebackAccount = await db2.query.accounts.findFirst({
       where: and(eq(accounts.userId, user.id), eq(accounts.providerId, "timeback"))
     });
-    logger29.debug("Fetched user profile (platform context)", { userId: user.id });
+    logger28.debug("Fetched user profile (platform context)", { userId: user.id });
     return {
       id: userData.id,
       name: userData.name,
@@ -18567,7 +17411,7 @@ class UserService {
     ]);
     const enrollments = gameId ? this.filterEnrollmentsByGame(allEnrollments, gameId) : allEnrollments;
     const organizations = gameId ? this.filterOrganizationsByEnrollments(allOrganizations, enrollments) : allOrganizations;
-    logger29.debug("Fetched Timeback data", {
+    logger28.debug("Fetched Timeback data", {
       timebackId,
       role,
       enrollmentCount: enrollments.length,
@@ -18576,9 +17420,9 @@ class UserService {
     return { id: timebackId, role, enrollments, organizations };
   }
   async fetchStudentProfile(timebackId) {
-    logger29.debug("Fetching student profile", { timebackId });
+    logger28.debug("Fetching student profile", { timebackId });
     if (!this.ctx.timeback) {
-      logger29.warn("Timeback client not available");
+      logger28.warn("Timeback client not available");
       return { role: "student", organizations: [] };
     }
     try {
@@ -18606,14 +17450,14 @@ class UserService {
       }
       return { role, organizations: Array.from(orgMap.values()) };
     } catch (error) {
-      logger29.warn("Failed to fetch student profile", { error, timebackId });
+      logger28.warn("Failed to fetch student profile", { error, timebackId });
       return { role: "student", organizations: [] };
     }
   }
   async fetchEnrollments(timebackId) {
-    logger29.debug("Fetching enrollments", { timebackId });
+    logger28.debug("Fetching enrollments", { timebackId });
     if (!this.ctx.timeback) {
-      logger29.warn("Timeback client not available");
+      logger28.warn("Timeback client not available");
       return [];
     }
     try {
@@ -18633,7 +17477,7 @@ class UserService {
         orgId: courseToSchool.get(i2.courseId)
       }));
     } catch (error) {
-      logger29.warn("Failed to fetch enrollments", { error, timebackId });
+      logger28.warn("Failed to fetch enrollments", { error, timebackId });
       return [];
     }
   }
@@ -18647,13 +17491,13 @@ class UserService {
     return organizations.filter((o) => enrollmentOrgIds.has(o.id));
   }
 }
-var logger29;
+var logger28;
 var init_user_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger29 = log.scope("UserService");
+  logger28 = log.scope("UserService");
 });
 
 // ../api-core/src/services/verify.service.ts
@@ -18663,16 +17507,16 @@ class VerifyService {
     this.ctx = ctx;
   }
   async verifyGameToken(token) {
-    logger30.debug("Verifying game token");
+    logger29.debug("Verifying game token");
     const payload = await this.ctx.providers.auth.validateGameToken(token);
     if (!payload) {
-      logger30.warn("Invalid or expired game token presented");
+      logger29.warn("Invalid or expired game token presented");
       throw new ValidationError("Invalid or expired token");
     }
     const gameId = payload.sub;
     const userId = payload.uid;
     if (typeof gameId !== "string" || typeof userId !== "string") {
-      logger30.warn("Game token missing required claims", {
+      logger29.warn("Game token missing required claims", {
         hasGameId: typeof gameId === "string",
         hasUserId: typeof userId === "string"
       });
@@ -18683,7 +17527,7 @@ class VerifyService {
       where: eq(users.id, userId)
     });
     if (!userData) {
-      logger30.error("User not found for valid token", {
+      logger29.error("User not found for valid token", {
         userId
       });
       throw new NotFoundError("User", userId);
@@ -18697,7 +17541,7 @@ class VerifyService {
       family_name: undefined,
       timeback_id: userData.timebackId || undefined
     };
-    logger30.info("Token verified", { gameId, userId });
+    logger29.info("Token verified", { gameId, userId });
     return {
       claims: payload,
       gameId,
@@ -18705,13 +17549,13 @@ class VerifyService {
     };
   }
 }
-var logger30;
+var logger29;
 var init_verify_service = __esm(() => {
   init_drizzle_orm();
   init_tables_index();
   init_src2();
   init_errors();
-  logger30 = log.scope("VerifyService");
+  logger29 = log.scope("VerifyService");
 });
 
 // ../api-core/src/services/index.ts
@@ -18947,35 +17791,6 @@ var init_cache_provider = __esm(() => {
   gameOrigins = [];
 });
 
-// src/infrastructure/api/providers/secrets.provider.ts
-function createSandboxSecretsProvider() {
-  return {
-    async readSecrets(gameId) {
-      const secrets = secretsStorage.get(gameId);
-      return secrets ?? null;
-    },
-    async writeSecrets(gameId, secrets) {
-      secretsStorage.set(gameId, { ...secrets });
-      log.debug("[SandboxSecretsProvider] Stored secrets", {
-        gameId,
-        keyCount: Object.keys(secrets).length
-      });
-    },
-    async deleteSecrets(gameId) {
-      secretsStorage.delete(gameId);
-      log.debug("[SandboxSecretsProvider] Deleted secrets", { gameId });
-    }
-  };
-}
-function clearSandboxSecrets() {
-  secretsStorage.clear();
-}
-var secretsStorage;
-var init_secrets_provider = __esm(() => {
-  init_src2();
-  secretsStorage = new Map;
-});
-
 // src/infrastructure/api/providers/storage.provider.ts
 function getBucket(bucketName) {
   let bucket = storage.get(bucketName);
@@ -19050,7 +17865,6 @@ var init_storage_provider = __esm(() => {
 var init_providers = __esm(() => {
   init_auth_provider();
   init_cache_provider();
-  init_secrets_provider();
   init_storage_provider();
 });
 
@@ -19069,7 +17883,6 @@ function buildProviders() {
   return {
     auth: createSandboxAuthProvider(),
     storage: createSandboxStorageProvider(),
-    secrets: createSandboxSecretsProvider(),
     cache: createSandboxCacheProvider()
   };
 }
@@ -19210,8 +18023,8 @@ var init_constants3 = __esm(() => {
 });
 
 // ../../node_modules/hono/dist/utils/body.js
-async function parseFormData(request2, options) {
-  const formData = await request2.formData();
+async function parseFormData(request, options) {
+  const formData = await request.formData();
   if (formData) {
     return convertFormDataToBodyData(formData, options);
   }
@@ -19238,12 +18051,12 @@ function convertFormDataToBodyData(formData, options) {
   }
   return form;
 }
-var parseBody = async (request2, options = /* @__PURE__ */ Object.create(null)) => {
+var parseBody = async (request, options = /* @__PURE__ */ Object.create(null)) => {
   const { all = false, dot = false } = options;
-  const headers = request2 instanceof HonoRequest ? request2.raw.headers : request2.headers;
+  const headers = request instanceof HonoRequest ? request.raw.headers : request.headers;
   const contentType = headers.get("Content-Type");
   if (contentType?.startsWith("multipart/form-data") || contentType?.startsWith("application/x-www-form-urlencoded")) {
-    return parseFormData(request2, { all, dot });
+    return parseFormData(request, { all, dot });
   }
   return {};
 }, handleParsingAllValues = (form, key, value) => {
@@ -19337,8 +18150,8 @@ var splitPath = (path) => {
       }
     });
   }
-}, tryDecodeURI = (str) => tryDecode(str, decodeURI), getPath = (request2) => {
-  const url = request2.url;
+}, tryDecodeURI = (str) => tryDecode(str, decodeURI), getPath = (request) => {
+  const url = request.url;
   const start2 = url.indexOf("/", url.indexOf(":") + 4);
   let i2 = start2;
   for (;i2 < url.length; i2++) {
@@ -19352,8 +18165,8 @@ var splitPath = (path) => {
     }
   }
   return url.slice(start2, i2);
-}, getPathNoStrict = (request2) => {
-  const result = getPath(request2);
+}, getPathNoStrict = (request) => {
+  const result = getPath(request);
   return result.length > 1 && result.at(-1) === "/" ? result.slice(0, -1) : result;
 }, mergePath = (base, sub, ...rest) => {
   if (rest.length) {
@@ -19479,8 +18292,8 @@ var init_request = __esm(() => {
     routeIndex = 0;
     path;
     bodyCache = {};
-    constructor(request2, path = "/", matchResult = [[]]) {
-      this.raw = request2;
+    constructor(request, path = "/", matchResult = [[]]) {
+      this.raw = request;
       this.path = path;
       this.#matchResult = matchResult;
       this.#validatedData = {};
@@ -19916,7 +18729,7 @@ var notFoundHandler = (c) => {
       } else {
         optionHandler = options.optionHandler;
         if (options.replaceRequest === false) {
-          replaceRequest = (request2) => request2;
+          replaceRequest = (request) => request;
         } else {
           replaceRequest = options.replaceRequest;
         }
@@ -19935,10 +18748,10 @@ var notFoundHandler = (c) => {
     replaceRequest ||= (() => {
       const mergedPath = mergePath(this._basePath, path);
       const pathPrefixLength = mergedPath === "/" ? 0 : mergedPath.length;
-      return (request2) => {
-        const url = new URL(request2.url);
+      return (request) => {
+        const url = new URL(request.url);
         url.pathname = url.pathname.slice(pathPrefixLength) || "/";
-        return new Request(url, request2);
+        return new Request(url, request);
       };
     })();
     const handler = async (c, next) => {
@@ -19964,13 +18777,13 @@ var notFoundHandler = (c) => {
     }
     throw err2;
   }
-  #dispatch(request2, executionCtx, env, method) {
+  #dispatch(request, executionCtx, env, method) {
     if (method === "HEAD") {
-      return (async () => new Response(null, await this.#dispatch(request2, executionCtx, env, "GET")))();
+      return (async () => new Response(null, await this.#dispatch(request, executionCtx, env, "GET")))();
     }
-    const path = this.getPath(request2, { env });
+    const path = this.getPath(request, { env });
     const matchResult = this.router.match(method, path);
-    const c = new Context(request2, {
+    const c = new Context(request, {
       path,
       matchResult,
       env,
@@ -20001,8 +18814,8 @@ var notFoundHandler = (c) => {
       }
     })();
   }
-  fetch = (request2, ...rest) => {
-    return this.#dispatch(request2, rest[1], rest[0], request2.method);
+  fetch = (request, ...rest) => {
+    return this.#dispatch(request, rest[1], rest[0], request.method);
   };
   request = (input, requestInit, Env, executionCtx) => {
     if (input instanceof Request) {
@@ -20874,7 +19687,7 @@ var humanize = (times) => {
     }
   }
   return `${status}`;
-}, logger31 = (fn = console.log) => {
+}, logger30 = (fn = console.log) => {
   return async function logger2(c, next) {
     const { method, url } = c.req;
     const path = url.slice(url.indexOf("/", 8));
@@ -21051,7 +19864,7 @@ function createApp(db2, options) {
   const app = new Hono2;
   app.use("*", cors({ origin: "*", credentials: true }));
   if (options.verbose && !options.quiet) {
-    app.use("*", logger31());
+    app.use("*", logger30());
   }
   app.use("/api/*", async (c, next) => {
     c.set("db", db2);
@@ -27524,12 +26337,12 @@ var init_session2 = __esm(() => {
   init_utils();
   init_dist4();
   PglitePreparedQuery = class PglitePreparedQuery extends PgPreparedQuery {
-    constructor(client, queryString, params, logger32, fields, name3, _isResponseInArrayMode, customResultMapper) {
+    constructor(client, queryString, params, logger31, fields, name3, _isResponseInArrayMode, customResultMapper) {
       super({ sql: queryString, params });
       this.client = client;
       this.queryString = queryString;
       this.params = params;
-      this.logger = logger32;
+      this.logger = logger31;
       this.fields = fields;
       this._isResponseInArrayMode = _isResponseInArrayMode;
       this.customResultMapper = customResultMapper;
@@ -27633,11 +26446,11 @@ var init_session2 = __esm(() => {
 // ../../node_modules/drizzle-orm/pglite/driver.js
 function construct(client, config2 = {}) {
   const dialect2 = new PgDialect({ casing: config2.casing });
-  let logger32;
+  let logger31;
   if (config2.logger === true) {
-    logger32 = new DefaultLogger;
+    logger31 = new DefaultLogger;
   } else if (config2.logger !== false) {
-    logger32 = config2.logger;
+    logger31 = config2.logger;
   }
   let schema2;
   if (config2.schema) {
@@ -27648,7 +26461,7 @@ function construct(client, config2 = {}) {
       tableNamesMap: tablesConfig.tableNamesMap
     };
   }
-  const driver = new PgliteDriver(client, dialect2, { logger: logger32 });
+  const driver = new PgliteDriver(client, dialect2, { logger: logger31 });
   const session2 = driver.createSession(schema2);
   const db2 = new PgliteDatabase(dialect2, session2, schema2);
   db2.$client = client;
@@ -28445,24 +27258,24 @@ is not a problem with esbuild. You need to fix your environment instead.
         throw new Error("The service is no longer running" + closeData.reason);
       streamIn.writeToStdin(encodePacket({ id, isRequest: false, value }));
     };
-    let handleRequest = async (id, request2) => {
+    let handleRequest = async (id, request) => {
       try {
-        if (request2.command === "ping") {
+        if (request.command === "ping") {
           sendResponse(id, {});
           return;
         }
-        if (typeof request2.key === "number") {
-          const requestCallbacks = requestCallbacksByKey[request2.key];
+        if (typeof request.key === "number") {
+          const requestCallbacks = requestCallbacksByKey[request.key];
           if (!requestCallbacks) {
             return;
           }
-          const callback = requestCallbacks[request2.command];
+          const callback = requestCallbacks[request.command];
           if (callback) {
-            await callback(id, request2);
+            await callback(id, request);
             return;
           }
         }
-        throw new Error(`Invalid command: ` + request2.command);
+        throw new Error(`Invalid command: ` + request.command);
       } catch (e) {
         const errors3 = [extractErrorMessageV8(e, streamIn, null, undefined, "")];
         try {
@@ -28531,15 +27344,15 @@ is not a problem with esbuild. You need to fix your environment instead.
             flags: flags2,
             mangleCache
           } = flagsForTransformOptions(callName, options, isTTY2, transformLogLevelDefault);
-          let request2 = {
+          let request = {
             command: "transform",
             flags: flags2,
             inputFS: inputPath !== null,
             input: inputPath !== null ? encodeUTF8(inputPath) : typeof input === "string" ? encodeUTF8(input) : input
           };
           if (mangleCache)
-            request2.mangleCache = mangleCache;
-          sendRequest(refs, request2, (error, response) => {
+            request.mangleCache = mangleCache;
+          sendRequest(refs, request, (error, response) => {
             if (error)
               return callback(new Error(error), null);
             let errors3 = replaceDetailsInMessages(response.errors, details);
@@ -28617,16 +27430,16 @@ is not a problem with esbuild. You need to fix your environment instead.
         throw new Error(`Missing "kind" in ${callName}() call`);
       if (kind !== "error" && kind !== "warning")
         throw new Error(`Expected "kind" to be "error" or "warning" in ${callName}() call`);
-      let request2 = {
+      let request = {
         command: "format-msgs",
         messages: sanitizeMessages(messages, "messages", null, "", terminalWidth),
         isWarning: kind === "warning"
       };
       if (color !== undefined)
-        request2.color = color;
+        request.color = color;
       if (terminalWidth !== undefined)
-        request2.terminalWidth = terminalWidth;
-      sendRequest(refs, request2, (error, response) => {
+        request.terminalWidth = terminalWidth;
+      sendRequest(refs, request, (error, response) => {
         if (error)
           return callback(new Error(error), null);
         callback(null, response.messages);
@@ -28639,15 +27452,15 @@ is not a problem with esbuild. You need to fix your environment instead.
       let color = getFlag(options, keys, "color", mustBeBoolean);
       let verbose = getFlag(options, keys, "verbose", mustBeBoolean);
       checkForInvalidFlags(options, keys, `in ${callName}() call`);
-      let request2 = {
+      let request = {
         command: "analyze-metafile",
         metafile
       };
       if (color !== undefined)
-        request2.color = color;
+        request.color = color;
       if (verbose !== undefined)
-        request2.verbose = verbose;
-      sendRequest(refs, request2, (error, response) => {
+        request.verbose = verbose;
+      sendRequest(refs, request, (error, response) => {
         if (error)
           return callback(new Error(error), null);
         callback(null, response.result);
@@ -28720,7 +27533,7 @@ is not a problem with esbuild. You need to fix your environment instead.
       } = flagsForBuildOptions(callName, options, isTTY2, buildLogLevelDefault, writeDefault);
       if (write && !streamIn.hasFS)
         throw new Error(`The "write" option is unavailable in this environment`);
-      const request2 = {
+      const request = {
         command: "build",
         key: buildKey,
         entries,
@@ -28733,9 +27546,9 @@ is not a problem with esbuild. You need to fix your environment instead.
         context: isContext
       };
       if (requestPlugins)
-        request2.plugins = requestPlugins;
+        request.plugins = requestPlugins;
       if (mangleCache)
-        request2.mangleCache = mangleCache;
+        request.mangleCache = mangleCache;
       const buildResponseToResult = (response, callback2) => {
         const result = {
           errors: replaceDetailsInMessages(response.errors, details),
@@ -28765,8 +27578,8 @@ is not a problem with esbuild. You need to fix your environment instead.
       let latestResultPromise;
       let provideLatestResult;
       if (isContext)
-        requestCallbacks["on-end"] = (id, request22) => new Promise((resolve2) => {
-          buildResponseToResult(request22, (err2, result, onEndErrors, onEndWarnings) => {
+        requestCallbacks["on-end"] = (id, request2) => new Promise((resolve2) => {
+          buildResponseToResult(request2, (err2, result, onEndErrors, onEndWarnings) => {
             const response = {
               errors: onEndErrors,
               warnings: onEndWarnings
@@ -28779,7 +27592,7 @@ is not a problem with esbuild. You need to fix your environment instead.
             resolve2();
           });
         });
-      sendRequest(refs, request2, (error, response) => {
+      sendRequest(refs, request, (error, response) => {
         if (error)
           return callback(new Error(error), null);
         if (!isContext) {
@@ -28802,11 +27615,11 @@ is not a problem with esbuild. You need to fix your environment instead.
                     settlePromise = () => err2 ? reject(err2) : resolve2(result2);
                 };
                 const triggerAnotherBuild = () => {
-                  const request22 = {
+                  const request2 = {
                     command: "rebuild",
                     key: buildKey
                   };
-                  sendRequest(refs, request22, (error2, response2) => {
+                  sendRequest(refs, request2, (error2, response2) => {
                     if (error2) {
                       reject(new Error(error2));
                     } else if (settlePromise) {
@@ -28826,13 +27639,13 @@ is not a problem with esbuild. You need to fix your environment instead.
             const keys = {};
             const delay = getFlag(options2, keys, "delay", mustBeInteger);
             checkForInvalidFlags(options2, keys, `in watch() call`);
-            const request22 = {
+            const request2 = {
               command: "watch",
               key: buildKey
             };
             if (delay)
-              request22.delay = delay;
-            sendRequest(refs, request22, (error2) => {
+              request2.delay = delay;
+            sendRequest(refs, request2, (error2) => {
               if (error2)
                 reject(new Error(error2));
               else
@@ -28852,33 +27665,33 @@ is not a problem with esbuild. You need to fix your environment instead.
             const cors2 = getFlag(options2, keys, "cors", mustBeObject);
             const onRequest = getFlag(options2, keys, "onRequest", mustBeFunction);
             checkForInvalidFlags(options2, keys, `in serve() call`);
-            const request22 = {
+            const request2 = {
               command: "serve",
               key: buildKey,
               onRequest: !!onRequest
             };
             if (port !== undefined)
-              request22.port = port;
+              request2.port = port;
             if (host !== undefined)
-              request22.host = host;
+              request2.host = host;
             if (servedir !== undefined)
-              request22.servedir = servedir;
+              request2.servedir = servedir;
             if (keyfile !== undefined)
-              request22.keyfile = keyfile;
+              request2.keyfile = keyfile;
             if (certfile !== undefined)
-              request22.certfile = certfile;
+              request2.certfile = certfile;
             if (fallback !== undefined)
-              request22.fallback = fallback;
+              request2.fallback = fallback;
             if (cors2) {
               const corsKeys = {};
               const origin = getFlag(cors2, corsKeys, "origin", mustBeStringOrArrayOfStrings);
               checkForInvalidFlags(cors2, corsKeys, `on "cors" object`);
               if (Array.isArray(origin))
-                request22.corsOrigin = origin;
+                request2.corsOrigin = origin;
               else if (origin !== undefined)
-                request22.corsOrigin = [origin];
+                request2.corsOrigin = [origin];
             }
-            sendRequest(refs, request22, (error2, response2) => {
+            sendRequest(refs, request2, (error2, response2) => {
               if (error2)
                 return reject(new Error(error2));
               if (onRequest) {
@@ -28893,11 +27706,11 @@ is not a problem with esbuild. You need to fix your environment instead.
           cancel: () => new Promise((resolve2) => {
             if (didDispose)
               return resolve2();
-            const request22 = {
+            const request2 = {
               command: "cancel",
               key: buildKey
             };
-            sendRequest(refs, request22, () => {
+            sendRequest(refs, request2, () => {
               resolve2();
             });
           }),
@@ -28905,11 +27718,11 @@ is not a problem with esbuild. You need to fix your environment instead.
             if (didDispose)
               return resolve2();
             didDispose = true;
-            const request22 = {
+            const request2 = {
               command: "dispose",
               key: buildKey
             };
-            sendRequest(refs, request22, () => {
+            sendRequest(refs, request2, () => {
               resolve2();
               scheduleOnDisposeCallbacks();
               refs.unref();
@@ -28967,29 +27780,29 @@ is not a problem with esbuild. You need to fix your environment instead.
           let importAttributes = getFlag(options, keys2, "with", mustBeObject);
           checkForInvalidFlags(options, keys2, "in resolve() call");
           return new Promise((resolve22, reject) => {
-            const request2 = {
+            const request = {
               command: "resolve",
               path: path3,
               key: buildKey,
               pluginName: name3
             };
             if (pluginName != null)
-              request2.pluginName = pluginName;
+              request.pluginName = pluginName;
             if (importer != null)
-              request2.importer = importer;
+              request.importer = importer;
             if (namespace != null)
-              request2.namespace = namespace;
+              request.namespace = namespace;
             if (resolveDir != null)
-              request2.resolveDir = resolveDir;
+              request.resolveDir = resolveDir;
             if (kind != null)
-              request2.kind = kind;
+              request.kind = kind;
             else
               throw new Error(`Must specify "kind" when calling "resolve"`);
             if (pluginData != null)
-              request2.pluginData = details.store(pluginData);
+              request.pluginData = details.store(pluginData);
             if (importAttributes != null)
-              request2.with = sanitizeStringMap(importAttributes, "with");
-            sendRequest(refs, request2, (error, response) => {
+              request.with = sanitizeStringMap(importAttributes, "with");
+            sendRequest(refs, request, (error, response) => {
               if (error !== null)
                 reject(new Error(error));
               else
@@ -29059,7 +27872,7 @@ is not a problem with esbuild. You need to fix your environment instead.
         return { ok: false, error: e, pluginName: name3 };
       }
     }
-    requestCallbacks["on-start"] = async (id, request2) => {
+    requestCallbacks["on-start"] = async (id, request) => {
       details.clear();
       let response = { errors: [], warnings: [] };
       await Promise.all(onStartCallbacks.map(async ({ name: name3, callback, note }) => {
@@ -29083,19 +27896,19 @@ is not a problem with esbuild. You need to fix your environment instead.
       }));
       sendResponse(id, response);
     };
-    requestCallbacks["on-resolve"] = async (id, request2) => {
+    requestCallbacks["on-resolve"] = async (id, request) => {
       let response = {}, name3 = "", callback, note;
-      for (let id2 of request2.ids) {
+      for (let id2 of request.ids) {
         try {
           ({ name: name3, callback, note } = onResolveCallbacks[id2]);
           let result = await callback({
-            path: request2.path,
-            importer: request2.importer,
-            namespace: request2.namespace,
-            resolveDir: request2.resolveDir,
-            kind: request2.kind,
-            pluginData: details.load(request2.pluginData),
-            with: request2.with
+            path: request.path,
+            importer: request.importer,
+            namespace: request.namespace,
+            resolveDir: request.resolveDir,
+            kind: request.kind,
+            pluginData: details.load(request.pluginData),
+            with: request.with
           });
           if (result != null) {
             if (typeof result !== "object")
@@ -29145,17 +27958,17 @@ is not a problem with esbuild. You need to fix your environment instead.
       }
       sendResponse(id, response);
     };
-    requestCallbacks["on-load"] = async (id, request2) => {
+    requestCallbacks["on-load"] = async (id, request) => {
       let response = {}, name3 = "", callback, note;
-      for (let id2 of request2.ids) {
+      for (let id2 of request.ids) {
         try {
           ({ name: name3, callback, note } = onLoadCallbacks[id2]);
           let result = await callback({
-            path: request2.path,
-            namespace: request2.namespace,
-            suffix: request2.suffix,
-            pluginData: details.load(request2.pluginData),
-            with: request2.with
+            path: request.path,
+            namespace: request.namespace,
+            suffix: request.suffix,
+            pluginData: details.load(request.pluginData),
+            with: request.with
           });
           if (result != null) {
             if (typeof result !== "object")
@@ -29680,7 +28493,7 @@ for your current platform.`);
     return { binPath, isWASM };
   }
   var child_process = __require("child_process");
-  var crypto5 = __require("crypto");
+  var crypto4 = __require("crypto");
   var path2 = __require("path");
   var fs22 = __require("fs");
   var os2 = __require("os");
@@ -29994,7 +28807,7 @@ More information: The file containing the code for esbuild's JavaScript API (${_
     afterClose(null);
   };
   var randomFileName = () => {
-    return path2.join(os2.tmpdir(), `esbuild-${crypto5.randomBytes(32).toString("hex")}`);
+    return path2.join(os2.tmpdir(), `esbuild-${crypto4.randomBytes(32).toString("hex")}`);
   };
   var workerThreadService = null;
   var startWorkerThreadService = (worker_threads2) => {
@@ -32597,8 +31410,8 @@ var require_node2 = __commonJS((exports) => {
       }
     } catch (err2) {}
     var bufferFrom = require_buffer_from();
-    function dynamicRequire(mod, request2) {
-      return mod.require(request2);
+    function dynamicRequire(mod, request) {
+      return mod.require(request);
     }
     var errorFormatterInstalled = false;
     var uncaughtShimInstalled = false;
@@ -35402,10 +34215,10 @@ If you have no idea what this means or what Pirates is, let me explain: Pirates
       var Module2 = __require("module");
       var originalResolveFilename = Module2._resolveFilename;
       var coreModules = getCoreModules(Module2.builtinModules);
-      Module2._resolveFilename = function(request2, _parent) {
-        var isCoreModule = coreModules.hasOwnProperty(request2);
+      Module2._resolveFilename = function(request, _parent) {
+        var isCoreModule = coreModules.hasOwnProperty(request);
         if (!isCoreModule) {
-          var found = matchPath(request2);
+          var found = matchPath(request);
           if (found) {
             var modifiedArguments = __spreadArray([found], [].slice.call(arguments, 1), true);
             return originalResolveFilename.apply(this, modifiedArguments);
@@ -35572,10 +34385,10 @@ If you have no idea what this means or what Pirates is, let me explain: Pirates
     const matchPath = (0, import_tsconfig_paths.createMatchPath)(configLoaderResult.absoluteBaseUrl, configLoaderResult.paths, configLoaderResult.mainFields, configLoaderResult.addMatchAll);
     const Module2 = __require("module");
     const originalResolveFilename = Module2._resolveFilename;
-    Module2._resolveFilename = function(request2, _parent) {
-      const isCoreModule = _module2.builtinModules.includes(request2);
+    Module2._resolveFilename = function(request, _parent) {
+      const isCoreModule = _module2.builtinModules.includes(request);
       if (!isCoreModule) {
-        const found = matchPath(request2);
+        const found = matchPath(request);
         if (found) {
           const modifiedArguments = [found, ...[].slice.call(arguments, 1)];
           return originalResolveFilename.apply(this, modifiedArguments);
@@ -35723,7 +34536,7 @@ __export(exports_api, {
 import process2 from "process";
 import os from "os";
 import tty from "tty";
-import { randomUUID as randomUUID2 } from "crypto";
+import { randomUUID } from "crypto";
 function assembleStyles() {
   const codes = /* @__PURE__ */ new Map;
   for (const [groupName, group] of Object.entries(styles2)) {
@@ -38398,7 +37211,7 @@ var __create2, __defProp2, __getOwnPropDesc, __getOwnPropNames2, __getProtoOf2,
         __defProp2(to, key, { get: () => from[key], enumerable: !(desc2 = __getOwnPropDesc(from, key)) || desc2.enumerable });
   }
   return to;
-}, __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, mod)), __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value), ANSI_BACKGROUND_OFFSET, wrapAnsi16, wrapAnsi256, wrapAnsi16m, styles2, modifierNames, foregroundColorNames, backgroundColorNames, colorNames, ansiStyles, ansi_styles_default, init_ansi_styles, env, flagForceColor, supportsColor, supports_color_default, init_supports_color, init_utilities, stdoutColor, stderrColor, GENERATOR, STYLER, IS_EMPTY, levelMapping, styles22, applyOptions, chalkFactory, getModelAnsi, usedModels, proto, createStyler, createBuilder, applyStyle, chalk, chalkStderr, source_default, init_source, require_old, require_fs, require_path, require_balanced_match, require_brace_expansion, require_minimatch, require_inherits_browser, require_inherits, require_common2, require_sync, require_wrappy, require_once, require_inflight, require_glob, require_readline, require_src2, require_utils, require_lodash, require_hanji, originUUID, snapshotVersion, mapValues, mapKeys, mapEntries, customMapEntries, init_global2, util3, objectUtil2, ZodParsedType2, getParsedType2, init_util2, ZodIssueCode2, ZodError3, init_ZodError2, errorMap2, en_default2, init_en2, overrideErrorMap2, init_errors4, makeIssue2, ParseStatus2, INVALID2, DIRTY2, OK2, isAborted2, isDirty2, isValid2, isAsync2, init_parseUtil2, init_typeAliases2, errorUtil2, init_errorUtil2, ParseInputLazyPath2, handleResult2, ZodType2, cuidRegex2, cuid2Regex2, ulidRegex2, uuidRegex2, nanoidRegex2, jwtRegex2, durationRegex2, emailRegex2, _emojiRegex2, emojiRegex2, ipv4Regex2, ipv4CidrRegex2, ipv6Regex2, ipv6CidrRegex2, base64Regex2, base64urlRegex2, dateRegexSource2, dateRegex2, ZodString2, ZodNumber2, ZodBigInt2, ZodBoolean2, ZodDate2, ZodSymbol2, ZodUndefined2, ZodNull2, ZodAny2, ZodUnknown2, ZodNever2, ZodVoid2, ZodArray2, ZodObject2, ZodUnion2, getDiscriminator2, ZodDiscriminatedUnion2, ZodIntersection2, ZodTuple2, ZodRecord2, ZodMap2, ZodSet2, ZodFunction2, ZodLazy2, ZodLiteral2, ZodEnum2, ZodNativeEnum2, ZodPromise2, ZodEffects2, ZodOptional2, ZodNullable2, ZodDefault2, ZodCatch2, ZodNaN2, BRAND2, ZodBranded2, ZodPipeline2, ZodReadonly2, late2, ZodFirstPartyTypeKind2, stringType2, numberType2, nanType2, bigIntType2, booleanType2, dateType2, symbolType2, undefinedType2, nullType2, anyType2, unknownType2, neverType2, voidType2, arrayType2, objectType2, strictObjectType2, unionType2, discriminatedUnionType2, intersectionType2, tupleType2, recordType2, mapType2, setType2, functionType2, lazyType2, literalType2, enumType2, nativeEnumType2, promiseType2, effectsType2, optionalType2, nullableType2, preprocessType2, pipelineType2, coerce2, init_types8, init_external2, init_v32, init_esm3, enumSchema, enumSchemaV1, indexColumn, index2, fk, sequenceSchema, roleSchema, sequenceSquashed, column2, checkConstraint, columnSquashed, compositePK, uniqueConstraint, policy, policySquashed, viewWithOption, matViewWithOption, mergedViewWithOption, view2, table15, schemaHash, kitInternals, gelSchemaExternal, gelSchemaInternal, tableSquashed, gelSchemaSquashed, gelSchema, dryGel, init_gelSchema, index22, fk2, column22, tableV3, compositePK2, uniqueConstraint2, checkConstraint2, tableV4, table22, viewMeta, view22, kitInternals2, dialect2, schemaHash2, schemaInternalV3, schemaInternalV4, schemaInternalV5, schemaInternal, schemaV3, schemaV4, schemaV5, schema2, tableSquashedV4, tableSquashed2, viewSquashed, schemaSquashed, schemaSquashedV4, MySqlSquasher, squashMysqlScheme, mysqlSchema, mysqlSchemaV5, mysqlSchemaSquashed, backwardCompatibleMysqlSchema, dryMySql, init_mysqlSchema, indexV2, columnV2, tableV2, enumSchemaV12, enumSchema2, pgSchemaV2, references, columnV1, tableV1, pgSchemaV1, indexColumn2, index3, indexV4, indexV5, indexV6, fk3, sequenceSchema2, roleSchema2, sequenceSquashed2, columnV7, column3, checkConstraint3, columnSquashed2, tableV32, compositePK3, uniqueConstraint3, policy2, policySquashed2, viewWithOption2, matViewWithOption2, mergedViewWithOption2, view3, tableV42, tableV5, tableV6, tableV7, table32, schemaHash3, kitInternals3, pgSchemaInternalV3, pgSchemaInternalV4, pgSchemaInternalV5, pgSchemaInternalV6, pgSchemaExternal, pgSchemaInternalV7, pgSchemaInternal, tableSquashed3, tableSquashedV42, pgSchemaSquashedV4, pgSchemaSquashedV6, pgSchemaSquashed, pgSchemaV3, pgSchemaV4, pgSchemaV5, pgSchemaV6, pgSchemaV7, pgSchema, backwardCompatiblePgSchema, PgSquasher, squashPgScheme, dryPg, init_pgSchema, index4, column4, compositePK4, uniqueConstraint4, table42, viewMeta2, kitInternals4, dialect22, schemaHash4, schemaInternal2, schema22, tableSquashed4, schemaSquashed2, SingleStoreSquasher, squashSingleStoreScheme, singlestoreSchema, singlestoreSchemaSquashed, backwardCompatibleSingleStoreSchema, drySingleStore, init_singlestoreSchema, index5, fk4, compositePK5, column5, tableV33, uniqueConstraint5, checkConstraint4, table52, view4, dialect3, schemaHash5, schemaInternalV32, schemaInternalV42, schemaInternalV52, kitInternals5, latestVersion, schemaInternal3, schemaV32, schemaV42, schemaV52, schema3, tableSquashed5, schemaSquashed3, SQLiteSquasher, squashSqliteScheme, drySQLite, sqliteSchemaV5, sqliteSchema, SQLiteSchemaSquashed, backwardCompatibleSqliteSchema, init_sqliteSchema, copy, prepareMigrationMeta, schemaRenameKey, tableRenameKey, columnRenameKey, init_utils5, import_hanji, warning, error, isRenamePromptItem, ResolveColumnSelect, tableKey, ResolveSelectNamed, ResolveSelect, ResolveSchemasSelect, Spinner2, ProgressView, init_views, glob, init_serializer, fillPgSnapshot, init_migrationPreparator, require_heap, require_heap2, require_difflib, require_difflib2, require_util, require_styles, require_has_flag2, require_supports_colors, require_trap, require_zalgo, require_america, require_zebra, require_rainbow, require_random, require_colors, require_safe, require_colorize, require_lib, import_json_diff, mapArraysDiff, findAlternationsInTable, alternationsInColumn, init_jsonDiffer, parseType, Convertor, PgCreateRoleConvertor, PgDropRoleConvertor, PgRenameRoleConvertor, PgAlterRoleConvertor, PgCreatePolicyConvertor, PgDropPolicyConvertor, PgRenamePolicyConvertor, PgAlterPolicyConvertor, PgCreateIndPolicyConvertor, PgDropIndPolicyConvertor, PgRenameIndPolicyConvertor, PgAlterIndPolicyConvertor, PgEnableRlsConvertor, PgDisableRlsConvertor, PgCreateTableConvertor, MySqlCreateTableConvertor, SingleStoreCreateTableConvertor, SQLiteCreateTableConvertor, PgCreateViewConvertor, MySqlCreateViewConvertor, SqliteCreateViewConvertor, PgDropViewConvertor, MySqlDropViewConvertor, SqliteDropViewConvertor, MySqlAlterViewConvertor, PgRenameViewConvertor, MySqlRenameViewConvertor, PgAlterViewSchemaConvertor, PgAlterViewAddWithOptionConvertor, PgAlterViewDropWithOptionConvertor, PgAlterViewAlterTablespaceConvertor, PgAlterViewAlterUsingConvertor, PgAlterTableAlterColumnSetGenerated, PgAlterTableAlterColumnDropGenerated, PgAlterTableAlterColumnAlterGenerated, PgAlterTableAddUniqueConstraintConvertor, PgAlterTableDropUniqueConstraintConvertor, PgAlterTableAddCheckConstraintConvertor, PgAlterTableDeleteCheckConstraintConvertor, MySQLAlterTableAddUniqueConstraintConvertor, MySQLAlterTableDropUniqueConstraintConvertor, MySqlAlterTableAddCheckConstraintConvertor, SingleStoreAlterTableAddUniqueConstraintConvertor, SingleStoreAlterTableDropUniqueConstraintConvertor, MySqlAlterTableDeleteCheckConstraintConvertor, CreatePgSequenceConvertor, DropPgSequenceConvertor, RenamePgSequenceConvertor, MovePgSequenceConvertor, AlterPgSequenceConvertor, CreateTypeEnumConvertor, DropTypeEnumConvertor, AlterTypeAddValueConvertor, AlterTypeSetSchemaConvertor, AlterRenameTypeConvertor, AlterTypeDropValueConvertor, PgDropTableConvertor, MySQLDropTableConvertor, SingleStoreDropTableConvertor, SQLiteDropTableConvertor, PgRenameTableConvertor, SqliteRenameTableConvertor, MySqlRenameTableConvertor, SingleStoreRenameTableConvertor, PgAlterTableRenameColumnConvertor, MySqlAlterTableRenameColumnConvertor, SingleStoreAlterTableRenameColumnConvertor, SQLiteAlterTableRenameColumnConvertor, PgAlterTableDropColumnConvertor, MySqlAlterTableDropColumnConvertor, SingleStoreAlterTableDropColumnConvertor, SQLiteAlterTableDropColumnConvertor, PgAlterTableAddColumnConvertor, MySqlAlterTableAddColumnConvertor, SingleStoreAlterTableAddColumnConvertor, SQLiteAlterTableAddColumnConvertor, PgAlterTableAlterColumnSetTypeConvertor, PgAlterTableAlterColumnSetDefaultConvertor, PgAlterTableAlterColumnDropDefaultConvertor, PgAlterTableAlterColumnDropGeneratedConvertor, PgAlterTableAlterColumnSetExpressionConvertor, PgAlterTableAlterColumnAlterrGeneratedConvertor, SqliteAlterTableAlterColumnDropGeneratedConvertor, SqliteAlterTableAlterColumnSetExpressionConvertor, SqliteAlterTableAlterColumnAlterGeneratedConvertor, MySqlAlterTableAlterColumnAlterrGeneratedConvertor, MySqlAlterTableAddPk, MySqlAlterTableDropPk, LibSQLModifyColumn, MySqlModifyColumn, SingleStoreAlterTableAlterColumnAlterrGeneratedConvertor, SingleStoreAlterTableAddPk, SingleStoreAlterTableDropPk, SingleStoreModifyColumn, PgAlterTableCreateCompositePrimaryKeyConvertor, PgAlterTableDeleteCompositePrimaryKeyConvertor, PgAlterTableAlterCompositePrimaryKeyConvertor, MySqlAlterTableCreateCompositePrimaryKeyConvertor, MySqlAlterTableDeleteCompositePrimaryKeyConvertor, MySqlAlterTableAlterCompositePrimaryKeyConvertor, PgAlterTableAlterColumnSetPrimaryKeyConvertor, PgAlterTableAlterColumnDropPrimaryKeyConvertor, PgAlterTableAlterColumnSetNotNullConvertor, PgAlterTableAlterColumnDropNotNullConvertor, PgCreateForeignKeyConvertor, LibSQLCreateForeignKeyConvertor, MySqlCreateForeignKeyConvertor, PgAlterForeignKeyConvertor, PgDeleteForeignKeyConvertor, MySqlDeleteForeignKeyConvertor, CreatePgIndexConvertor, CreateMySqlIndexConvertor, CreateSingleStoreIndexConvertor, CreateSqliteIndexConvertor, PgDropIndexConvertor, PgCreateSchemaConvertor, PgRenameSchemaConvertor, PgDropSchemaConvertor, PgAlterTableSetSchemaConvertor, PgAlterTableSetNewSchemaConvertor, PgAlterTableRemoveFromSchemaConvertor, SqliteDropIndexConvertor, MySqlDropIndexConvertor, SingleStoreDropIndexConvertor, SQLiteRecreateTableConvertor, LibSQLRecreateTableConvertor, SingleStoreRecreateTableConvertor, convertors, init_sqlgenerator, _moveDataStatements, getOldTableName, getNewTableName, logSuggestionsAndReturn, init_sqlitePushUtils, preparePgCreateTableJson, prepareMySqlCreateTableJson, prepareSingleStoreCreateTableJson, prepareSQLiteCreateTable, prepareDropTableJson, prepareRenameTableJson, prepareCreateEnumJson, prepareAddValuesToEnumJson, prepareDropEnumValues, prepareDropEnumJson, prepareMoveEnumJson, prepareRenameEnumJson, prepareCreateSequenceJson, prepareAlterSequenceJson, prepareDropSequenceJson, prepareMoveSequenceJson, prepareRenameSequenceJson, prepareCreateRoleJson, prepareAlterRoleJson, prepareDropRoleJson, prepareRenameRoleJson, prepareCreateSchemasJson, prepareRenameSchemasJson, prepareDeleteSchemasJson, prepareRenameColumns, _prepareDropColumns, _prepareAddColumns, _prepareSqliteAddColumns, prepareAlterColumnsMysql, preparePgAlterColumns, prepareSqliteAlterColumns, prepareRenamePolicyJsons, prepareRenameIndPolicyJsons, prepareCreatePolicyJsons, prepareCreateIndPolicyJsons, prepareDropPolicyJsons, prepareDropIndPolicyJsons, prepareAlterPolicyJson, prepareAlterIndPolicyJson, preparePgCreateIndexesJson, prepareCreateIndexesJson, prepareCreateReferencesJson, prepareLibSQLCreateReferencesJson, prepareDropReferencesJson, prepareLibSQLDropReferencesJson, prepareAlterReferencesJson, prepareDropIndexesJson, prepareAddCompositePrimaryKeySqlite, prepareDeleteCompositePrimaryKeySqlite, prepareAlterCompositePrimaryKeySqlite, prepareAddCompositePrimaryKeyPg, prepareDeleteCompositePrimaryKeyPg, prepareAlterCompositePrimaryKeyPg, prepareAddUniqueConstraintPg, prepareDeleteUniqueConstraintPg, prepareAddCheckConstraint, prepareDeleteCheckConstraint, prepareAddCompositePrimaryKeyMySql, prepareDeleteCompositePrimaryKeyMySql, prepareAlterCompositePrimaryKeyMySql, preparePgCreateViewJson, prepareMySqlCreateViewJson, prepareSqliteCreateViewJson, prepareDropViewJson, prepareRenameViewJson, preparePgAlterViewAlterSchemaJson, preparePgAlterViewAddWithOptionJson, preparePgAlterViewDropWithOptionJson, preparePgAlterViewAlterTablespaceJson, preparePgAlterViewAlterUsingJson, prepareMySqlAlterView, init_jsonStatements, prepareLibSQLRecreateTable, prepareSQLiteRecreateTable, libSQLCombineStatements, sqliteCombineStatements, prepareSingleStoreRecreateTable, singleStoreCombineStatements, init_statementCombiner, snapshotsDiffer_exports, makeChanged, makeSelfOrChanged, makePatched, makeSelfOrPatched, columnSchema, alteredColumnSchema, enumSchema3, changedEnumSchema, tableScheme, alteredTableScheme, alteredViewCommon, alteredPgViewSchema, alteredMySqlViewSchema, diffResultScheme, diffResultSchemeMysql, diffResultSchemeSingleStore, diffResultSchemeSQLite, schemaChangeFor, nameChangeFor, nameSchemaChangeFor, columnChangeFor, applyPgSnapshotsDiff, applyMysqlSnapshotsDiff, applySingleStoreSnapshotsDiff, applySqliteSnapshotsDiff, applyLibSQLSnapshotsDiff, init_snapshotsDiffer, init_words, dialects, dialect4, commonSquashedSchema, commonSchema, init_schemaValidator, sqliteDriversLiterals, postgresqlDriversLiterals, prefixes, prefix, casingTypes, casingType, sqliteDriver, postgresDriver, driver2, configMigrations, configCommonSchema, casing, introspectParams, configIntrospectCliSchema, configGenerateSchema, configPushSchema, init_common2, withStyle, init_outputs, import_hanji2, schemasResolver, tablesResolver, viewsResolver, mySqlViewsResolver, sqliteViewsResolver, sequencesResolver, roleResolver, policyResolver, indPolicyResolver, enumsResolver, columnsResolver, promptColumnsConflicts, promptNamedConflict, promptNamedWithSchemasConflict, promptSchemasConflict, BREAKPOINT, init_migrate, posixClasses, braceEscape, regexpEscape, rangesToString, parseClass, init_brace_expressions, escape, init_escape, unescape, init_unescape, import_brace_expansion, minimatch, starDotExtRE, starDotExtTest, starDotExtTestDot, starDotExtTestNocase, starDotExtTestNocaseDot, starDotStarRE, starDotStarTest, starDotStarTestDot, dotStarRE, dotStarTest, starRE, starTest, starTestDot, qmarksRE, qmarksTestNocase, qmarksTestNocaseDot, qmarksTestDot, qmarksTest, qmarksTestNoExt, qmarksTestNoExtDot, defaultPlatform, path, sep, GLOBSTAR, plTypes, qmark, star, twoStarDot, twoStarNoDot, charSet, reSpecials, addPatternStartSet, filter, ext, defaults, braceExpand, MAX_PATTERN_LENGTH, assertValidPattern, makeRe, match2, globUnescape, globMagic, regExpEscape, Minimatch, init_mjs, entityKind2, hasOwnEntityKind2, init_entity2, _a, Column2, init_column2, _a2, ColumnBuilder2, init_column_builder2, TableName2, init_table_utils2, _a3, ForeignKeyBuilder2, _a4, ForeignKey2, init_foreign_keys2, init_tracing_utils2, _a5, UniqueConstraintBuilder, _a6, UniqueOnConstraintBuilder, _a7, UniqueConstraint, init_unique_constraint2, init_array2, _a8, _b, PgColumnBuilder2, _a9, _b2, PgColumn2, _a10, _b3, ExtraConfigColumn2, _a11, IndexedColumn2, _a12, _b4, PgArrayBuilder2, _a13, _b5, _PgArray, PgArray2, init_common22, _a14, _b6, PgEnumObjectColumnBuilder2, _a15, _b7, PgEnumObjectColumn2, isPgEnumSym2, _a16, _b8, PgEnumColumnBuilder2, _a17, _b9, PgEnumColumn2, init_enum2, _a18, Subquery2, _a19, _b10, WithSubquery2, init_subquery2, version2, init_version2, otel2, rawTracer2, tracer2, init_tracing2, ViewBaseConfig2, init_view_common3, Schema2, Columns2, ExtraConfigColumns2, OriginalName2, BaseName2, IsAlias2, ExtraConfigBuilder2, IsDrizzleTable2, _a20, _b11, _c, _d, _e2, _f, _g, _h, _i, _j, Table2, init_table15, _a21, FakePrimitiveParam, _a22, StringChunk2, _a23, _SQL, SQL2, _a24, Name2, noopDecoder2, noopEncoder2, noopMapper2, _a25, Param2, _a26, Placeholder2, IsDrizzleView2, _a27, _b12, _c2, View3, init_sql3, _a28, ColumnAliasProxyHandler2, _a29, TableAliasProxyHandler2, _a30, RelationTableAliasProxyHandler, init_alias3, _a31, _b13, DrizzleError2, DrizzleQueryError, _a32, _b14, TransactionRollbackError2, init_errors22, _a33, ConsoleLogWriter2, _a34, DefaultLogger2, _a35, NoopLogger2, init_logger3, init_operations, _a36, _b15, QueryPromise2, init_query_promise2, textDecoder, init_utils22, _a37, _b16, PgIntColumnBaseBuilder2, init_int_common2, _a38, _b17, PgBigInt53Builder2, _a39, _b18, PgBigInt532, _a40, _b19, PgBigInt64Builder2, _a41, _b20, PgBigInt642, init_bigint2, _a42, _b21, PgBigSerial53Builder2, _a43, _b22, PgBigSerial532, _a44, _b23, PgBigSerial64Builder2, _a45, _b24, PgBigSerial642, init_bigserial2, _a46, _b25, PgBooleanBuilder2, _a47, _b26, PgBoolean2, init_boolean2, _a48, _b27, PgCharBuilder2, _a49, _b28, PgChar2, init_char2, _a50, _b29, PgCidrBuilder2, _a51, _b30, PgCidr2, init_cidr2, _a52, _b31, PgCustomColumnBuilder2, _a53, _b32, PgCustomColumn2, init_custom2, _a54, _b33, PgDateColumnBaseBuilder2, init_date_common2, _a55, _b34, PgDateBuilder2, _a56, _b35, PgDate2, _a57, _b36, PgDateStringBuilder2, _a58, _b37, PgDateString2, init_date2, _a59, _b38, PgDoublePrecisionBuilder2, _a60, _b39, PgDoublePrecision2, init_double_precision2, _a61, _b40, PgInetBuilder2, _a62, _b41, PgInet2, init_inet2, _a63, _b42, PgIntegerBuilder2, _a64, _b43, PgInteger2, init_integer2, _a65, _b44, PgIntervalBuilder2, _a66, _b45, PgInterval2, init_interval2, _a67, _b46, PgJsonBuilder2, _a68, _b47, PgJson2, init_json2, _a69, _b48, PgJsonbBuilder2, _a70, _b49, PgJsonb2, init_jsonb2, _a71, _b50, PgLineBuilder2, _a72, _b51, PgLineTuple2, _a73, _b52, PgLineABCBuilder2, _a74, _b53, PgLineABC2, init_line2, _a75, _b54, PgMacaddrBuilder2, _a76, _b55, PgMacaddr2, init_macaddr2, _a77, _b56, PgMacaddr8Builder2, _a78, _b57, PgMacaddr82, init_macaddr82, _a79, _b58, PgNumericBuilder2, _a80, _b59, PgNumeric2, _a81, _b60, PgNumericNumberBuilder2, _a82, _b61, PgNumericNumber2, _a83, _b62, PgNumericBigIntBuilder2, _a84, _b63, PgNumericBigInt2, init_numeric2, _a85, _b64, PgPointTupleBuilder2, _a86, _b65, PgPointTuple2, _a87, _b66, PgPointObjectBuilder2, _a88, _b67, PgPointObject2, init_point2, init_utils32, _a89, _b68, PgGeometryBuilder2, _a90, _b69, PgGeometry2, _a91, _b70, PgGeometryObjectBuilder2, _a92, _b71, PgGeometryObject2, init_geometry2, _a93, _b72, PgRealBuilder2, _a94, _b73, PgReal2, init_real2, _a95, _b74, PgSerialBuilder2, _a96, _b75, PgSerial2, init_serial2, _a97, _b76, PgSmallIntBuilder2, _a98, _b77, PgSmallInt2, init_smallint2, _a99, _b78, PgSmallSerialBuilder2, _a100, _b79, PgSmallSerial2, init_smallserial2, _a101, _b80, PgTextBuilder2, _a102, _b81, PgText2, init_text2, _a103, _b82, PgTimeBuilder2, _a104, _b83, PgTime2, init_time2, _a105, _b84, PgTimestampBuilder2, _a106, _b85, PgTimestamp2, _a107, _b86, PgTimestampStringBuilder2, _a108, _b87, PgTimestampString2, init_timestamp2, _a109, _b88, PgUUIDBuilder2, _a110, _b89, PgUUID2, init_uuid3, _a111, _b90, PgVarcharBuilder2, _a112, _b91, PgVarchar2, init_varchar2, _a113, _b92, PgBinaryVectorBuilder2, _a114, _b93, PgBinaryVector2, init_bit2, _a115, _b94, PgHalfVectorBuilder2, _a116, _b95, PgHalfVector2, init_halfvec2, _a117, _b96, PgSparseVectorBuilder2, _a118, _b97, PgSparseVector2, init_sparsevec2, _a119, _b98, PgVectorBuilder2, _a120, _b99, PgVector2, init_vector3, init_all2, InlineForeignKeys2, EnableRLS2, _a121, _b100, _c3, _d2, _e22, _f2, PgTable2, pgTable2, init_table22, _a122, PrimaryKeyBuilder2, _a123, PrimaryKey2, init_primary_keys2, eq2, ne3, gt3, gte2, lt3, lte2, init_conditions2, init_select3, init_expressions2, _a124, Relation2, _a125, Relations2, _a126, _b101, _One, One2, _a127, _b102, _Many, Many2, init_relations2, init_aggregate2, init_vector22, init_functions2, init_sql22, dist_exports, init_dist5, init_alias22, _a128, CheckBuilder, _a129, Check, init_checks2, init_columns2, _a130, _SelectionProxyHandler, SelectionProxyHandler2, init_selection_proxy2, _a131, IndexBuilderOn2, _a132, IndexBuilder2, _a133, Index2, init_indexes2, _a134, PgPolicy, init_policies2, PgViewConfig2, init_view_common22, _a135, CasingCache2, init_casing2, _a136, _b103, PgViewBase2, init_view_base2, _a137, PgDialect2, init_dialect2, _a138, TypedQueryBuilder2, init_query_builder3, _a139, PgSelectBuilder2, _a140, _b104, PgSelectQueryBuilderBase2, _a141, _b105, PgSelectBase2, getPgSetOperators2, union2, unionAll2, intersect2, intersectAll2, except2, exceptAll2, init_select22, _a142, QueryBuilder2, init_query_builder22, _a143, DefaultViewBuilderCore, _a144, _b106, ViewBuilder, _a145, _b107, ManualViewBuilder, _a146, MaterializedViewBuilderCore, _a147, _b108, MaterializedViewBuilder, _a148, _b109, ManualMaterializedViewBuilder, _a149, _b110, _c4, PgView2, PgMaterializedViewConfig2, _a150, _b111, _c5, PgMaterializedView, init_view2, init_utils42, _a151, _b112, PgDeleteBase2, init_delete2, _a152, PgInsertBuilder2, _a153, _b113, PgInsertBase2, init_insert2, _a154, _b114, PgRefreshMaterializedView2, init_refresh_materialized_view2, init_select_types, _a155, PgUpdateBuilder2, _a156, _b115, PgUpdateBase2, init_update2, init_query_builders2, _a157, _b116, _c6, _PgCountBuilder, PgCountBuilder2, init_count2, _a158, RelationalQueryBuilder2, _a159, _b117, PgRelationalQuery2, init_query2, _a160, _b118, PgRaw2, init_raw2, _a161, PgDatabase2, init_db2, _a162, PgRole, init_roles2, _a163, PgSequence, init_sequence2, _a164, PgSchema5, init_schema3, _a165, Cache, _a166, _b119, NoopCache, init_cache, _a167, PgPreparedQuery2, _a168, PgSession2, _a169, _b120, PgTransaction2, init_session3, init_subquery22, init_utils52, init_pg_core2, vectorOps, init_vector32, sqlToStr, init_utils6, indexName, generatePgSnapshot, trimChar, fromDatabase, defaultForColumn, getColumnsInfoQuery, init_pgSerializer, import_hanji4, Select, init_selector_ui, init_alias32, _a170, CheckBuilder2, _a171, Check2, init_checks22, _a172, ForeignKeyBuilder22, _a173, ForeignKey22, init_foreign_keys22, _a174, UniqueConstraintBuilder2, _a175, UniqueOnConstraintBuilder2, _a176, UniqueConstraint2, init_unique_constraint22, _a177, _b121, SQLiteColumnBuilder, _a178, _b122, SQLiteColumn, init_common3, _a179, _b123, SQLiteBigIntBuilder, _a180, _b124, SQLiteBigInt, _a181, _b125, SQLiteBlobJsonBuilder, _a182, _b126, SQLiteBlobJson, _a183, _b127, SQLiteBlobBufferBuilder, _a184, _b128, SQLiteBlobBuffer, init_blob, _a185, _b129, SQLiteCustomColumnBuilder, _a186, _b130, SQLiteCustomColumn, init_custom22, _a187, _b131, SQLiteBaseIntegerBuilder, _a188, _b132, SQLiteBaseInteger, _a189, _b133, SQLiteIntegerBuilder, _a190, _b134, SQLiteInteger, _a191, _b135, SQLiteTimestampBuilder, _a192, _b136, SQLiteTimestamp, _a193, _b137, SQLiteBooleanBuilder, _a194, _b138, SQLiteBoolean, init_integer22, _a195, _b139, SQLiteNumericBuilder, _a196, _b140, SQLiteNumeric, _a197, _b141, SQLiteNumericNumberBuilder, _a198, _b142, SQLiteNumericNumber, _a199, _b143, SQLiteNumericBigIntBuilder, _a200, _b144, SQLiteNumericBigInt, init_numeric22, _a201, _b145, SQLiteRealBuilder, _a202, _b146, SQLiteReal, init_real22, _a203, _b147, SQLiteTextBuilder, _a204, _b148, SQLiteText, _a205, _b149, SQLiteTextJsonBuilder, _a206, _b150, SQLiteTextJson, init_text22, init_columns22, init_all22, InlineForeignKeys22, _a207, _b151, _c7, _d3, _e3, SQLiteTable, sqliteTable, init_table32, _a208, IndexBuilderOn22, _a209, IndexBuilder22, _a210, Index4, init_indexes22, _a211, PrimaryKeyBuilder22, _a212, PrimaryKey22, init_primary_keys22, init_utils7, _a213, _b152, SQLiteDeleteBase, init_delete22, _a214, _b153, SQLiteViewBase, init_view_base22, _a215, SQLiteDialect, _a216, _b154, SQLiteSyncDialect, _a217, _b155, SQLiteAsyncDialect, init_dialect22, _a218, SQLiteSelectBuilder, _a219, _b156, SQLiteSelectQueryBuilderBase, _a220, _b157, SQLiteSelectBase, getSQLiteSetOperators, union3, unionAll22, intersect22, except22, init_select32, _a221, QueryBuilder22, init_query_builder32, _a222, SQLiteInsertBuilder, _a223, _b158, SQLiteInsertBase, init_insert22, init_select_types2, _a224, SQLiteUpdateBuilder, _a225, _b159, SQLiteUpdateBase, init_update22, init_query_builders22, _a226, _b160, _c8, _SQLiteCountBuilder, SQLiteCountBuilder, init_count22, _a227, RelationalQueryBuilder22, _a228, _b161, SQLiteRelationalQuery, _a229, _b162, SQLiteSyncRelationalQuery, init_query22, _a230, _b163, SQLiteRaw, init_raw22, _a231, BaseSQLiteDatabase, init_db22, _a232, _b164, ExecuteResultSync, _a233, SQLitePreparedQuery, _a234, SQLiteSession, _a235, _b165, SQLiteTransaction, init_session22, init_subquery3, _a236, ViewBuilderCore, _a237, _b166, ViewBuilder2, _a238, _b167, ManualViewBuilder2, _a239, _b168, SQLiteView2, init_view22, init_sqlite_core, generateSqliteSnapshot, fromDatabase2, init_sqliteSerializer, getTablesFilterByExtensions, init_getTablesFilterByExtensions, init_alias4, _a240, CheckBuilder3, _a241, Check3, init_checks3, _a242, ForeignKeyBuilder3, _a243, ForeignKey3, init_foreign_keys3, _a244, UniqueConstraintBuilder3, _a245, UniqueOnConstraintBuilder3, _a246, UniqueConstraint3, init_unique_constraint3, _a247, _b169, MySqlColumnBuilder, _a248, _b170, MySqlColumn, _a249, _b171, MySqlColumnBuilderWithAutoIncrement, _a250, _b172, MySqlColumnWithAutoIncrement, init_common4, _a251, _b173, MySqlBigInt53Builder, _a252, _b174, MySqlBigInt53, _a253, _b175, MySqlBigInt64Builder, _a254, _b176, MySqlBigInt64, init_bigint22, _a255, _b177, MySqlBinaryBuilder, _a256, _b178, MySqlBinary, init_binary, _a257, _b179, MySqlBooleanBuilder, _a258, _b180, MySqlBoolean, init_boolean22, _a259, _b181, MySqlCharBuilder, _a260, _b182, MySqlChar, init_char22, _a261, _b183, MySqlCustomColumnBuilder, _a262, _b184, MySqlCustomColumn, init_custom3, _a263, _b185, MySqlDateBuilder, _a264, _b186, MySqlDate, _a265, _b187, MySqlDateStringBuilder, _a266, _b188, MySqlDateString, init_date22, _a267, _b189, MySqlDateTimeBuilder, _a268, _b190, MySqlDateTime, _a269, _b191, MySqlDateTimeStringBuilder, _a270, _b192, MySqlDateTimeString, init_datetime, _a271, _b193, MySqlDecimalBuilder, _a272, _b194, MySqlDecimal, _a273, _b195, MySqlDecimalNumberBuilder, _a274, _b196, MySqlDecimalNumber, _a275, _b197, MySqlDecimalBigIntBuilder, _a276, _b198, MySqlDecimalBigInt, init_decimal, _a277, _b199, MySqlDoubleBuilder, _a278, _b200, MySqlDouble, init_double, _a279, _b201, MySqlEnumColumnBuilder, _a280, _b202, MySqlEnumColumn, _a281, _b203, MySqlEnumObjectColumnBuilder, _a282, _b204, MySqlEnumObjectColumn, init_enum22, _a283, _b205, MySqlFloatBuilder, _a284, _b206, MySqlFloat, init_float, _a285, _b207, MySqlIntBuilder, _a286, _b208, MySqlInt, init_int, _a287, _b209, MySqlJsonBuilder, _a288, _b210, MySqlJson, init_json22, _a289, _b211, MySqlMediumIntBuilder, _a290, _b212, MySqlMediumInt, init_mediumint, _a291, _b213, MySqlRealBuilder, _a292, _b214, MySqlReal, init_real3, _a293, _b215, MySqlSerialBuilder, _a294, _b216, MySqlSerial, init_serial22, _a295, _b217, MySqlSmallIntBuilder, _a296, _b218, MySqlSmallInt, init_smallint22, _a297, _b219, MySqlTextBuilder, _a298, _b220, MySqlText, init_text3, _a299, _b221, MySqlTimeBuilder, _a300, _b222, MySqlTime, init_time22, _a301, _b223, MySqlDateColumnBaseBuilder, _a302, _b224, MySqlDateBaseColumn, init_date_common22, _a303, _b225, MySqlTimestampBuilder, _a304, _b226, MySqlTimestamp, _a305, _b227, MySqlTimestampStringBuilder, _a306, _b228, MySqlTimestampString, init_timestamp22, _a307, _b229, MySqlTinyIntBuilder, _a308, _b230, MySqlTinyInt, init_tinyint, _a309, _b231, MySqlVarBinaryBuilder, _a310, _b232, MySqlVarBinary, init_varbinary, _a311, _b233, MySqlVarCharBuilder, _a312, _b234, MySqlVarChar, init_varchar22, _a313, _b235, MySqlYearBuilder, _a314, _b236, MySqlYear, init_year, init_columns3, _a315, _b237, _c9, _MySqlCountBuilder, MySqlCountBuilder, init_count3, _a316, IndexBuilderOn3, _a317, IndexBuilder3, _a318, Index5, init_indexes3, init_all3, InlineForeignKeys3, _a319, _b238, _c10, _d4, _e4, MySqlTable, mysqlTable, init_table42, _a320, PrimaryKeyBuilder3, _a321, PrimaryKey3, init_primary_keys3, MySqlViewConfig, init_view_common32, init_utils8, _a322, _b239, MySqlDeleteBase, init_delete3, _a323, _b240, MySqlViewBase, init_view_base3, _a324, MySqlDialect, init_dialect3, _a325, MySqlSelectBuilder, _a326, _b241, MySqlSelectQueryBuilderBase, _a327, _b242, MySqlSelectBase, getMySqlSetOperators, union4, unionAll3, intersect3, intersectAll22, except3, exceptAll22, init_select4, _a328, QueryBuilder3, init_query_builder4, _a329, MySqlInsertBuilder, _a330, _b243, MySqlInsertBase, init_insert3, init_select_types3, _a331, MySqlUpdateBuilder, _a332, _b244, MySqlUpdateBase, init_update3, init_query_builders3, _a333, RelationalQueryBuilder3, _a334, _b245, MySqlRelationalQuery, init_query3, _a335, MySqlDatabase, init_db3, _a336, ViewBuilderCore2, _a337, _b246, ViewBuilder3, _a338, _b247, ManualViewBuilder3, _a339, _b248, _c11, MySqlView2, init_view3, _a340, MySqlSchema5, init_schema22, _a341, MySqlPreparedQuery, _a342, MySqlSession, _a343, _b249, MySqlTransaction, init_session32, init_subquery4, init_mysql_core, handleEnumType, generateMySqlSnapshot, fromDatabase3, init_mysqlSerializer, cliConfigGenerate, pushParams, pullParams, configCheck, cliConfigCheck, init_cli, gelCredentials, init_gel, libSQLCredentials, init_libsql, mysqlCredentials, init_mysql, postgresCredentials, init_postgres, singlestoreCredentials, init_singlestore, sqliteCredentials, init_sqlite, credentials, studioCliParams, studioConfig, init_studio, es5_exports, _3, es5_default, init_es5, import_hanji7, assertES5, safeRegister, migrateConfig, init_utils9, prepareFromExports, init_pgImports, init_alias5, _a344, UniqueConstraintBuilder4, _a345, UniqueOnConstraintBuilder4, _a346, UniqueConstraint4, init_unique_constraint4, _a347, _b250, SingleStoreColumnBuilder, _a348, _b251, SingleStoreColumn, _a349, _b252, SingleStoreColumnBuilderWithAutoIncrement, _a350, _b253, SingleStoreColumnWithAutoIncrement, init_common5, _a351, _b254, SingleStoreBigInt53Builder, _a352, _b255, SingleStoreBigInt53, _a353, _b256, SingleStoreBigInt64Builder, _a354, _b257, SingleStoreBigInt64, init_bigint3, _a355, _b258, SingleStoreBinaryBuilder, _a356, _b259, SingleStoreBinary, init_binary2, _a357, _b260, SingleStoreBooleanBuilder, _a358, _b261, SingleStoreBoolean, init_boolean3, _a359, _b262, SingleStoreCharBuilder, _a360, _b263, SingleStoreChar, init_char3, _a361, _b264, SingleStoreCustomColumnBuilder, _a362, _b265, SingleStoreCustomColumn, init_custom4, _a363, _b266, SingleStoreDateBuilder, _a364, _b267, SingleStoreDate, _a365, _b268, SingleStoreDateStringBuilder, _a366, _b269, SingleStoreDateString, init_date3, _a367, _b270, SingleStoreDateTimeBuilder, _a368, _b271, SingleStoreDateTime, _a369, _b272, SingleStoreDateTimeStringBuilder, _a370, _b273, SingleStoreDateTimeString, init_datetime2, _a371, _b274, SingleStoreDecimalBuilder, _a372, _b275, SingleStoreDecimal, _a373, _b276, SingleStoreDecimalNumberBuilder, _a374, _b277, SingleStoreDecimalNumber, _a375, _b278, SingleStoreDecimalBigIntBuilder, _a376, _b279, SingleStoreDecimalBigInt, init_decimal2, _a377, _b280, SingleStoreDoubleBuilder, _a378, _b281, SingleStoreDouble, init_double2, _a379, _b282, SingleStoreEnumColumnBuilder, _a380, _b283, SingleStoreEnumColumn, init_enum3, _a381, _b284, SingleStoreFloatBuilder, _a382, _b285, SingleStoreFloat, init_float2, _a383, _b286, SingleStoreIntBuilder, _a384, _b287, SingleStoreInt, init_int2, _a385, _b288, SingleStoreJsonBuilder, _a386, _b289, SingleStoreJson, init_json3, _a387, _b290, SingleStoreMediumIntBuilder, _a388, _b291, SingleStoreMediumInt, init_mediumint2, _a389, _b292, SingleStoreRealBuilder, _a390, _b293, SingleStoreReal, init_real4, _a391, _b294, SingleStoreSerialBuilder, _a392, _b295, SingleStoreSerial, init_serial3, _a393, _b296, SingleStoreSmallIntBuilder, _a394, _b297, SingleStoreSmallInt, init_smallint3, _a395, _b298, SingleStoreTextBuilder, _a396, _b299, SingleStoreText, init_text4, _a397, _b300, SingleStoreTimeBuilder, _a398, _b301, SingleStoreTime, init_time3, _a399, _b302, SingleStoreDateColumnBaseBuilder, _a400, _b303, SingleStoreDateBaseColumn, init_date_common3, _a401, _b304, SingleStoreTimestampBuilder, _a402, _b305, SingleStoreTimestamp, _a403, _b306, SingleStoreTimestampStringBuilder, _a404, _b307, SingleStoreTimestampString, init_timestamp3, _a405, _b308, SingleStoreTinyIntBuilder, _a406, _b309, SingleStoreTinyInt, init_tinyint2, _a407, _b310, SingleStoreVarBinaryBuilder, _a408, _b311, SingleStoreVarBinary, init_varbinary2, _a409, _b312, SingleStoreVarCharBuilder, _a410, _b313, SingleStoreVarChar, init_varchar3, _a411, _b314, SingleStoreVectorBuilder, _a412, _b315, SingleStoreVector, init_vector4, _a413, _b316, SingleStoreYearBuilder, _a414, _b317, SingleStoreYear, init_year2, init_columns4, _a415, _b318, _c12, _SingleStoreCountBuilder, SingleStoreCountBuilder, init_count4, _a416, IndexBuilderOn4, _a417, IndexBuilder4, _a418, Index6, init_indexes4, init_all4, _a419, _b319, _c13, _d5, SingleStoreTable, init_table52, _a420, PrimaryKeyBuilder4, _a421, PrimaryKey4, init_primary_keys4, init_utils10, _a422, _b320, SingleStoreDeleteBase, init_delete4, _a423, SingleStoreInsertBuilder, _a424, _b321, SingleStoreInsertBase, init_insert4, _a425, SingleStoreDialect, init_dialect4, _a426, SingleStoreSelectBuilder, _a427, _b322, SingleStoreSelectQueryBuilderBase, _a428, _b323, SingleStoreSelectBase, getSingleStoreSetOperators, union5, unionAll4, intersect4, except4, minus, init_select5, _a429, QueryBuilder4, init_query_builder5, init_select_types4, _a430, SingleStoreUpdateBuilder, _a431, _b324, SingleStoreUpdateBase, init_update4, init_query_builders4, _a432, SingleStoreDatabase, init_db4, _a433, SingleStoreSchema5, init_schema32, _a434, SingleStorePreparedQuery, _a435, SingleStoreSession, _a436, _b325, SingleStoreTransaction, init_session4, init_subquery5, init_singlestore_core, dialect5, generateSingleStoreSnapshot, fromDatabase4, init_singlestoreSerializer, sqliteImports_exports, prepareFromExports2, prepareFromSqliteImports, init_sqliteImports, mysqlImports_exports, prepareFromExports3, prepareFromMySqlImports, init_mysqlImports, mysqlPushUtils_exports, import_hanji8, filterStatements, logSuggestionsAndReturn2, init_mysqlPushUtils, mysqlIntrospect_exports, import_hanji9, mysqlPushIntrospect, init_mysqlIntrospect, singlestoreImports_exports, prepareFromExports4, prepareFromSingleStoreImports, init_singlestoreImports, singlestorePushUtils_exports, import_hanji10, filterStatements2, logSuggestionsAndReturn3, init_singlestorePushUtils, singlestoreIntrospect_exports, import_hanji11, singlestorePushIntrospect, init_singlestoreIntrospect, import_hanji3, pgPushIntrospect = async (db2, filters, schemaFilters, entities, tsSchema) => {
+}, __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, mod)), __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value), ANSI_BACKGROUND_OFFSET, wrapAnsi16, wrapAnsi256, wrapAnsi16m, styles2, modifierNames, foregroundColorNames, backgroundColorNames, colorNames, ansiStyles, ansi_styles_default, init_ansi_styles, env, flagForceColor, supportsColor, supports_color_default, init_supports_color, init_utilities, stdoutColor, stderrColor, GENERATOR, STYLER, IS_EMPTY, levelMapping, styles22, applyOptions, chalkFactory, getModelAnsi, usedModels, proto, createStyler, createBuilder, applyStyle, chalk, chalkStderr, source_default, init_source, require_old, require_fs, require_path, require_balanced_match, require_brace_expansion, require_minimatch, require_inherits_browser, require_inherits, require_common2, require_sync, require_wrappy, require_once, require_inflight, require_glob, require_readline, require_src2, require_utils, require_lodash, require_hanji, originUUID, snapshotVersion, mapValues, mapKeys, mapEntries, customMapEntries, init_global2, util3, objectUtil2, ZodParsedType2, getParsedType2, init_util2, ZodIssueCode2, ZodError3, init_ZodError2, errorMap2, en_default2, init_en2, overrideErrorMap2, init_errors4, makeIssue2, ParseStatus2, INVALID2, DIRTY2, OK2, isAborted2, isDirty2, isValid2, isAsync2, init_parseUtil2, init_typeAliases2, errorUtil2, init_errorUtil2, ParseInputLazyPath2, handleResult2, ZodType2, cuidRegex2, cuid2Regex2, ulidRegex2, uuidRegex2, nanoidRegex2, jwtRegex2, durationRegex2, emailRegex2, _emojiRegex2, emojiRegex2, ipv4Regex2, ipv4CidrRegex2, ipv6Regex2, ipv6CidrRegex2, base64Regex2, base64urlRegex2, dateRegexSource2, dateRegex2, ZodString2, ZodNumber2, ZodBigInt2, ZodBoolean2, ZodDate2, ZodSymbol2, ZodUndefined2, ZodNull2, ZodAny2, ZodUnknown2, ZodNever2, ZodVoid2, ZodArray2, ZodObject2, ZodUnion2, getDiscriminator2, ZodDiscriminatedUnion2, ZodIntersection2, ZodTuple2, ZodRecord2, ZodMap2, ZodSet2, ZodFunction2, ZodLazy2, ZodLiteral2, ZodEnum2, ZodNativeEnum2, ZodPromise2, ZodEffects2, ZodOptional2, ZodNullable2, ZodDefault2, ZodCatch2, ZodNaN2, BRAND2, ZodBranded2, ZodPipeline2, ZodReadonly2, late2, ZodFirstPartyTypeKind2, stringType2, numberType2, nanType2, bigIntType2, booleanType2, dateType2, symbolType2, undefinedType2, nullType2, anyType2, unknownType2, neverType2, voidType2, arrayType2, objectType2, strictObjectType2, unionType2, discriminatedUnionType2, intersectionType2, tupleType2, recordType2, mapType2, setType2, functionType2, lazyType2, literalType2, enumType2, nativeEnumType2, promiseType2, effectsType2, optionalType2, nullableType2, preprocessType2, pipelineType2, coerce2, init_types8, init_external2, init_v32, init_esm2, enumSchema, enumSchemaV1, indexColumn, index2, fk, sequenceSchema, roleSchema, sequenceSquashed, column2, checkConstraint, columnSquashed, compositePK, uniqueConstraint, policy, policySquashed, viewWithOption, matViewWithOption, mergedViewWithOption, view2, table15, schemaHash, kitInternals, gelSchemaExternal, gelSchemaInternal, tableSquashed, gelSchemaSquashed, gelSchema, dryGel, init_gelSchema, index22, fk2, column22, tableV3, compositePK2, uniqueConstraint2, checkConstraint2, tableV4, table22, viewMeta, view22, kitInternals2, dialect2, schemaHash2, schemaInternalV3, schemaInternalV4, schemaInternalV5, schemaInternal, schemaV3, schemaV4, schemaV5, schema2, tableSquashedV4, tableSquashed2, viewSquashed, schemaSquashed, schemaSquashedV4, MySqlSquasher, squashMysqlScheme, mysqlSchema, mysqlSchemaV5, mysqlSchemaSquashed, backwardCompatibleMysqlSchema, dryMySql, init_mysqlSchema, indexV2, columnV2, tableV2, enumSchemaV12, enumSchema2, pgSchemaV2, references, columnV1, tableV1, pgSchemaV1, indexColumn2, index3, indexV4, indexV5, indexV6, fk3, sequenceSchema2, roleSchema2, sequenceSquashed2, columnV7, column3, checkConstraint3, columnSquashed2, tableV32, compositePK3, uniqueConstraint3, policy2, policySquashed2, viewWithOption2, matViewWithOption2, mergedViewWithOption2, view3, tableV42, tableV5, tableV6, tableV7, table32, schemaHash3, kitInternals3, pgSchemaInternalV3, pgSchemaInternalV4, pgSchemaInternalV5, pgSchemaInternalV6, pgSchemaExternal, pgSchemaInternalV7, pgSchemaInternal, tableSquashed3, tableSquashedV42, pgSchemaSquashedV4, pgSchemaSquashedV6, pgSchemaSquashed, pgSchemaV3, pgSchemaV4, pgSchemaV5, pgSchemaV6, pgSchemaV7, pgSchema, backwardCompatiblePgSchema, PgSquasher, squashPgScheme, dryPg, init_pgSchema, index4, column4, compositePK4, uniqueConstraint4, table42, viewMeta2, kitInternals4, dialect22, schemaHash4, schemaInternal2, schema22, tableSquashed4, schemaSquashed2, SingleStoreSquasher, squashSingleStoreScheme, singlestoreSchema, singlestoreSchemaSquashed, backwardCompatibleSingleStoreSchema, drySingleStore, init_singlestoreSchema, index5, fk4, compositePK5, column5, tableV33, uniqueConstraint5, checkConstraint4, table52, view4, dialect3, schemaHash5, schemaInternalV32, schemaInternalV42, schemaInternalV52, kitInternals5, latestVersion, schemaInternal3, schemaV32, schemaV42, schemaV52, schema3, tableSquashed5, schemaSquashed3, SQLiteSquasher, squashSqliteScheme, drySQLite, sqliteSchemaV5, sqliteSchema, SQLiteSchemaSquashed, backwardCompatibleSqliteSchema, init_sqliteSchema, copy, prepareMigrationMeta, schemaRenameKey, tableRenameKey, columnRenameKey, init_utils5, import_hanji, warning, error, isRenamePromptItem, ResolveColumnSelect, tableKey, ResolveSelectNamed, ResolveSelect, ResolveSchemasSelect, Spinner2, ProgressView, init_views, glob, init_serializer, fillPgSnapshot, init_migrationPreparator, require_heap, require_heap2, require_difflib, require_difflib2, require_util, require_styles, require_has_flag2, require_supports_colors, require_trap, require_zalgo, require_america, require_zebra, require_rainbow, require_random, require_colors, require_safe, require_colorize, require_lib, import_json_diff, mapArraysDiff, findAlternationsInTable, alternationsInColumn, init_jsonDiffer, parseType, Convertor, PgCreateRoleConvertor, PgDropRoleConvertor, PgRenameRoleConvertor, PgAlterRoleConvertor, PgCreatePolicyConvertor, PgDropPolicyConvertor, PgRenamePolicyConvertor, PgAlterPolicyConvertor, PgCreateIndPolicyConvertor, PgDropIndPolicyConvertor, PgRenameIndPolicyConvertor, PgAlterIndPolicyConvertor, PgEnableRlsConvertor, PgDisableRlsConvertor, PgCreateTableConvertor, MySqlCreateTableConvertor, SingleStoreCreateTableConvertor, SQLiteCreateTableConvertor, PgCreateViewConvertor, MySqlCreateViewConvertor, SqliteCreateViewConvertor, PgDropViewConvertor, MySqlDropViewConvertor, SqliteDropViewConvertor, MySqlAlterViewConvertor, PgRenameViewConvertor, MySqlRenameViewConvertor, PgAlterViewSchemaConvertor, PgAlterViewAddWithOptionConvertor, PgAlterViewDropWithOptionConvertor, PgAlterViewAlterTablespaceConvertor, PgAlterViewAlterUsingConvertor, PgAlterTableAlterColumnSetGenerated, PgAlterTableAlterColumnDropGenerated, PgAlterTableAlterColumnAlterGenerated, PgAlterTableAddUniqueConstraintConvertor, PgAlterTableDropUniqueConstraintConvertor, PgAlterTableAddCheckConstraintConvertor, PgAlterTableDeleteCheckConstraintConvertor, MySQLAlterTableAddUniqueConstraintConvertor, MySQLAlterTableDropUniqueConstraintConvertor, MySqlAlterTableAddCheckConstraintConvertor, SingleStoreAlterTableAddUniqueConstraintConvertor, SingleStoreAlterTableDropUniqueConstraintConvertor, MySqlAlterTableDeleteCheckConstraintConvertor, CreatePgSequenceConvertor, DropPgSequenceConvertor, RenamePgSequenceConvertor, MovePgSequenceConvertor, AlterPgSequenceConvertor, CreateTypeEnumConvertor, DropTypeEnumConvertor, AlterTypeAddValueConvertor, AlterTypeSetSchemaConvertor, AlterRenameTypeConvertor, AlterTypeDropValueConvertor, PgDropTableConvertor, MySQLDropTableConvertor, SingleStoreDropTableConvertor, SQLiteDropTableConvertor, PgRenameTableConvertor, SqliteRenameTableConvertor, MySqlRenameTableConvertor, SingleStoreRenameTableConvertor, PgAlterTableRenameColumnConvertor, MySqlAlterTableRenameColumnConvertor, SingleStoreAlterTableRenameColumnConvertor, SQLiteAlterTableRenameColumnConvertor, PgAlterTableDropColumnConvertor, MySqlAlterTableDropColumnConvertor, SingleStoreAlterTableDropColumnConvertor, SQLiteAlterTableDropColumnConvertor, PgAlterTableAddColumnConvertor, MySqlAlterTableAddColumnConvertor, SingleStoreAlterTableAddColumnConvertor, SQLiteAlterTableAddColumnConvertor, PgAlterTableAlterColumnSetTypeConvertor, PgAlterTableAlterColumnSetDefaultConvertor, PgAlterTableAlterColumnDropDefaultConvertor, PgAlterTableAlterColumnDropGeneratedConvertor, PgAlterTableAlterColumnSetExpressionConvertor, PgAlterTableAlterColumnAlterrGeneratedConvertor, SqliteAlterTableAlterColumnDropGeneratedConvertor, SqliteAlterTableAlterColumnSetExpressionConvertor, SqliteAlterTableAlterColumnAlterGeneratedConvertor, MySqlAlterTableAlterColumnAlterrGeneratedConvertor, MySqlAlterTableAddPk, MySqlAlterTableDropPk, LibSQLModifyColumn, MySqlModifyColumn, SingleStoreAlterTableAlterColumnAlterrGeneratedConvertor, SingleStoreAlterTableAddPk, SingleStoreAlterTableDropPk, SingleStoreModifyColumn, PgAlterTableCreateCompositePrimaryKeyConvertor, PgAlterTableDeleteCompositePrimaryKeyConvertor, PgAlterTableAlterCompositePrimaryKeyConvertor, MySqlAlterTableCreateCompositePrimaryKeyConvertor, MySqlAlterTableDeleteCompositePrimaryKeyConvertor, MySqlAlterTableAlterCompositePrimaryKeyConvertor, PgAlterTableAlterColumnSetPrimaryKeyConvertor, PgAlterTableAlterColumnDropPrimaryKeyConvertor, PgAlterTableAlterColumnSetNotNullConvertor, PgAlterTableAlterColumnDropNotNullConvertor, PgCreateForeignKeyConvertor, LibSQLCreateForeignKeyConvertor, MySqlCreateForeignKeyConvertor, PgAlterForeignKeyConvertor, PgDeleteForeignKeyConvertor, MySqlDeleteForeignKeyConvertor, CreatePgIndexConvertor, CreateMySqlIndexConvertor, CreateSingleStoreIndexConvertor, CreateSqliteIndexConvertor, PgDropIndexConvertor, PgCreateSchemaConvertor, PgRenameSchemaConvertor, PgDropSchemaConvertor, PgAlterTableSetSchemaConvertor, PgAlterTableSetNewSchemaConvertor, PgAlterTableRemoveFromSchemaConvertor, SqliteDropIndexConvertor, MySqlDropIndexConvertor, SingleStoreDropIndexConvertor, SQLiteRecreateTableConvertor, LibSQLRecreateTableConvertor, SingleStoreRecreateTableConvertor, convertors, init_sqlgenerator, _moveDataStatements, getOldTableName, getNewTableName, logSuggestionsAndReturn, init_sqlitePushUtils, preparePgCreateTableJson, prepareMySqlCreateTableJson, prepareSingleStoreCreateTableJson, prepareSQLiteCreateTable, prepareDropTableJson, prepareRenameTableJson, prepareCreateEnumJson, prepareAddValuesToEnumJson, prepareDropEnumValues, prepareDropEnumJson, prepareMoveEnumJson, prepareRenameEnumJson, prepareCreateSequenceJson, prepareAlterSequenceJson, prepareDropSequenceJson, prepareMoveSequenceJson, prepareRenameSequenceJson, prepareCreateRoleJson, prepareAlterRoleJson, prepareDropRoleJson, prepareRenameRoleJson, prepareCreateSchemasJson, prepareRenameSchemasJson, prepareDeleteSchemasJson, prepareRenameColumns, _prepareDropColumns, _prepareAddColumns, _prepareSqliteAddColumns, prepareAlterColumnsMysql, preparePgAlterColumns, prepareSqliteAlterColumns, prepareRenamePolicyJsons, prepareRenameIndPolicyJsons, prepareCreatePolicyJsons, prepareCreateIndPolicyJsons, prepareDropPolicyJsons, prepareDropIndPolicyJsons, prepareAlterPolicyJson, prepareAlterIndPolicyJson, preparePgCreateIndexesJson, prepareCreateIndexesJson, prepareCreateReferencesJson, prepareLibSQLCreateReferencesJson, prepareDropReferencesJson, prepareLibSQLDropReferencesJson, prepareAlterReferencesJson, prepareDropIndexesJson, prepareAddCompositePrimaryKeySqlite, prepareDeleteCompositePrimaryKeySqlite, prepareAlterCompositePrimaryKeySqlite, prepareAddCompositePrimaryKeyPg, prepareDeleteCompositePrimaryKeyPg, prepareAlterCompositePrimaryKeyPg, prepareAddUniqueConstraintPg, prepareDeleteUniqueConstraintPg, prepareAddCheckConstraint, prepareDeleteCheckConstraint, prepareAddCompositePrimaryKeyMySql, prepareDeleteCompositePrimaryKeyMySql, prepareAlterCompositePrimaryKeyMySql, preparePgCreateViewJson, prepareMySqlCreateViewJson, prepareSqliteCreateViewJson, prepareDropViewJson, prepareRenameViewJson, preparePgAlterViewAlterSchemaJson, preparePgAlterViewAddWithOptionJson, preparePgAlterViewDropWithOptionJson, preparePgAlterViewAlterTablespaceJson, preparePgAlterViewAlterUsingJson, prepareMySqlAlterView, init_jsonStatements, prepareLibSQLRecreateTable, prepareSQLiteRecreateTable, libSQLCombineStatements, sqliteCombineStatements, prepareSingleStoreRecreateTable, singleStoreCombineStatements, init_statementCombiner, snapshotsDiffer_exports, makeChanged, makeSelfOrChanged, makePatched, makeSelfOrPatched, columnSchema, alteredColumnSchema, enumSchema3, changedEnumSchema, tableScheme, alteredTableScheme, alteredViewCommon, alteredPgViewSchema, alteredMySqlViewSchema, diffResultScheme, diffResultSchemeMysql, diffResultSchemeSingleStore, diffResultSchemeSQLite, schemaChangeFor, nameChangeFor, nameSchemaChangeFor, columnChangeFor, applyPgSnapshotsDiff, applyMysqlSnapshotsDiff, applySingleStoreSnapshotsDiff, applySqliteSnapshotsDiff, applyLibSQLSnapshotsDiff, init_snapshotsDiffer, init_words, dialects, dialect4, commonSquashedSchema, commonSchema, init_schemaValidator, sqliteDriversLiterals, postgresqlDriversLiterals, prefixes, prefix, casingTypes, casingType, sqliteDriver, postgresDriver, driver2, configMigrations, configCommonSchema, casing, introspectParams, configIntrospectCliSchema, configGenerateSchema, configPushSchema, init_common2, withStyle, init_outputs, import_hanji2, schemasResolver, tablesResolver, viewsResolver, mySqlViewsResolver, sqliteViewsResolver, sequencesResolver, roleResolver, policyResolver, indPolicyResolver, enumsResolver, columnsResolver, promptColumnsConflicts, promptNamedConflict, promptNamedWithSchemasConflict, promptSchemasConflict, BREAKPOINT, init_migrate, posixClasses, braceEscape, regexpEscape, rangesToString, parseClass, init_brace_expressions, escape, init_escape, unescape, init_unescape, import_brace_expansion, minimatch, starDotExtRE, starDotExtTest, starDotExtTestDot, starDotExtTestNocase, starDotExtTestNocaseDot, starDotStarRE, starDotStarTest, starDotStarTestDot, dotStarRE, dotStarTest, starRE, starTest, starTestDot, qmarksRE, qmarksTestNocase, qmarksTestNocaseDot, qmarksTestDot, qmarksTest, qmarksTestNoExt, qmarksTestNoExtDot, defaultPlatform, path, sep, GLOBSTAR, plTypes, qmark, star, twoStarDot, twoStarNoDot, charSet, reSpecials, addPatternStartSet, filter, ext, defaults, braceExpand, MAX_PATTERN_LENGTH, assertValidPattern, makeRe, match2, globUnescape, globMagic, regExpEscape, Minimatch, init_mjs, entityKind2, hasOwnEntityKind2, init_entity2, _a, Column2, init_column2, _a2, ColumnBuilder2, init_column_builder2, TableName2, init_table_utils2, _a3, ForeignKeyBuilder2, _a4, ForeignKey2, init_foreign_keys2, init_tracing_utils2, _a5, UniqueConstraintBuilder, _a6, UniqueOnConstraintBuilder, _a7, UniqueConstraint, init_unique_constraint2, init_array2, _a8, _b, PgColumnBuilder2, _a9, _b2, PgColumn2, _a10, _b3, ExtraConfigColumn2, _a11, IndexedColumn2, _a12, _b4, PgArrayBuilder2, _a13, _b5, _PgArray, PgArray2, init_common22, _a14, _b6, PgEnumObjectColumnBuilder2, _a15, _b7, PgEnumObjectColumn2, isPgEnumSym2, _a16, _b8, PgEnumColumnBuilder2, _a17, _b9, PgEnumColumn2, init_enum2, _a18, Subquery2, _a19, _b10, WithSubquery2, init_subquery2, version2, init_version2, otel2, rawTracer2, tracer2, init_tracing2, ViewBaseConfig2, init_view_common3, Schema2, Columns2, ExtraConfigColumns2, OriginalName2, BaseName2, IsAlias2, ExtraConfigBuilder2, IsDrizzleTable2, _a20, _b11, _c, _d, _e2, _f, _g, _h, _i, _j, Table2, init_table15, _a21, FakePrimitiveParam, _a22, StringChunk2, _a23, _SQL, SQL2, _a24, Name2, noopDecoder2, noopEncoder2, noopMapper2, _a25, Param2, _a26, Placeholder2, IsDrizzleView2, _a27, _b12, _c2, View3, init_sql3, _a28, ColumnAliasProxyHandler2, _a29, TableAliasProxyHandler2, _a30, RelationTableAliasProxyHandler, init_alias3, _a31, _b13, DrizzleError2, DrizzleQueryError, _a32, _b14, TransactionRollbackError2, init_errors22, _a33, ConsoleLogWriter2, _a34, DefaultLogger2, _a35, NoopLogger2, init_logger3, init_operations, _a36, _b15, QueryPromise2, init_query_promise2, textDecoder, init_utils22, _a37, _b16, PgIntColumnBaseBuilder2, init_int_common2, _a38, _b17, PgBigInt53Builder2, _a39, _b18, PgBigInt532, _a40, _b19, PgBigInt64Builder2, _a41, _b20, PgBigInt642, init_bigint2, _a42, _b21, PgBigSerial53Builder2, _a43, _b22, PgBigSerial532, _a44, _b23, PgBigSerial64Builder2, _a45, _b24, PgBigSerial642, init_bigserial2, _a46, _b25, PgBooleanBuilder2, _a47, _b26, PgBoolean2, init_boolean2, _a48, _b27, PgCharBuilder2, _a49, _b28, PgChar2, init_char2, _a50, _b29, PgCidrBuilder2, _a51, _b30, PgCidr2, init_cidr2, _a52, _b31, PgCustomColumnBuilder2, _a53, _b32, PgCustomColumn2, init_custom2, _a54, _b33, PgDateColumnBaseBuilder2, init_date_common2, _a55, _b34, PgDateBuilder2, _a56, _b35, PgDate2, _a57, _b36, PgDateStringBuilder2, _a58, _b37, PgDateString2, init_date2, _a59, _b38, PgDoublePrecisionBuilder2, _a60, _b39, PgDoublePrecision2, init_double_precision2, _a61, _b40, PgInetBuilder2, _a62, _b41, PgInet2, init_inet2, _a63, _b42, PgIntegerBuilder2, _a64, _b43, PgInteger2, init_integer2, _a65, _b44, PgIntervalBuilder2, _a66, _b45, PgInterval2, init_interval2, _a67, _b46, PgJsonBuilder2, _a68, _b47, PgJson2, init_json2, _a69, _b48, PgJsonbBuilder2, _a70, _b49, PgJsonb2, init_jsonb2, _a71, _b50, PgLineBuilder2, _a72, _b51, PgLineTuple2, _a73, _b52, PgLineABCBuilder2, _a74, _b53, PgLineABC2, init_line2, _a75, _b54, PgMacaddrBuilder2, _a76, _b55, PgMacaddr2, init_macaddr2, _a77, _b56, PgMacaddr8Builder2, _a78, _b57, PgMacaddr82, init_macaddr82, _a79, _b58, PgNumericBuilder2, _a80, _b59, PgNumeric2, _a81, _b60, PgNumericNumberBuilder2, _a82, _b61, PgNumericNumber2, _a83, _b62, PgNumericBigIntBuilder2, _a84, _b63, PgNumericBigInt2, init_numeric2, _a85, _b64, PgPointTupleBuilder2, _a86, _b65, PgPointTuple2, _a87, _b66, PgPointObjectBuilder2, _a88, _b67, PgPointObject2, init_point2, init_utils32, _a89, _b68, PgGeometryBuilder2, _a90, _b69, PgGeometry2, _a91, _b70, PgGeometryObjectBuilder2, _a92, _b71, PgGeometryObject2, init_geometry2, _a93, _b72, PgRealBuilder2, _a94, _b73, PgReal2, init_real2, _a95, _b74, PgSerialBuilder2, _a96, _b75, PgSerial2, init_serial2, _a97, _b76, PgSmallIntBuilder2, _a98, _b77, PgSmallInt2, init_smallint2, _a99, _b78, PgSmallSerialBuilder2, _a100, _b79, PgSmallSerial2, init_smallserial2, _a101, _b80, PgTextBuilder2, _a102, _b81, PgText2, init_text2, _a103, _b82, PgTimeBuilder2, _a104, _b83, PgTime2, init_time2, _a105, _b84, PgTimestampBuilder2, _a106, _b85, PgTimestamp2, _a107, _b86, PgTimestampStringBuilder2, _a108, _b87, PgTimestampString2, init_timestamp2, _a109, _b88, PgUUIDBuilder2, _a110, _b89, PgUUID2, init_uuid3, _a111, _b90, PgVarcharBuilder2, _a112, _b91, PgVarchar2, init_varchar2, _a113, _b92, PgBinaryVectorBuilder2, _a114, _b93, PgBinaryVector2, init_bit2, _a115, _b94, PgHalfVectorBuilder2, _a116, _b95, PgHalfVector2, init_halfvec2, _a117, _b96, PgSparseVectorBuilder2, _a118, _b97, PgSparseVector2, init_sparsevec2, _a119, _b98, PgVectorBuilder2, _a120, _b99, PgVector2, init_vector3, init_all2, InlineForeignKeys2, EnableRLS2, _a121, _b100, _c3, _d2, _e22, _f2, PgTable2, pgTable2, init_table22, _a122, PrimaryKeyBuilder2, _a123, PrimaryKey2, init_primary_keys2, eq2, ne3, gt3, gte2, lt3, lte2, init_conditions2, init_select3, init_expressions2, _a124, Relation2, _a125, Relations2, _a126, _b101, _One, One2, _a127, _b102, _Many, Many2, init_relations2, init_aggregate2, init_vector22, init_functions2, init_sql22, dist_exports, init_dist5, init_alias22, _a128, CheckBuilder, _a129, Check, init_checks2, init_columns2, _a130, _SelectionProxyHandler, SelectionProxyHandler2, init_selection_proxy2, _a131, IndexBuilderOn2, _a132, IndexBuilder2, _a133, Index2, init_indexes2, _a134, PgPolicy, init_policies2, PgViewConfig2, init_view_common22, _a135, CasingCache2, init_casing2, _a136, _b103, PgViewBase2, init_view_base2, _a137, PgDialect2, init_dialect2, _a138, TypedQueryBuilder2, init_query_builder3, _a139, PgSelectBuilder2, _a140, _b104, PgSelectQueryBuilderBase2, _a141, _b105, PgSelectBase2, getPgSetOperators2, union2, unionAll2, intersect2, intersectAll2, except2, exceptAll2, init_select22, _a142, QueryBuilder2, init_query_builder22, _a143, DefaultViewBuilderCore, _a144, _b106, ViewBuilder, _a145, _b107, ManualViewBuilder, _a146, MaterializedViewBuilderCore, _a147, _b108, MaterializedViewBuilder, _a148, _b109, ManualMaterializedViewBuilder, _a149, _b110, _c4, PgView2, PgMaterializedViewConfig2, _a150, _b111, _c5, PgMaterializedView, init_view2, init_utils42, _a151, _b112, PgDeleteBase2, init_delete2, _a152, PgInsertBuilder2, _a153, _b113, PgInsertBase2, init_insert2, _a154, _b114, PgRefreshMaterializedView2, init_refresh_materialized_view2, init_select_types, _a155, PgUpdateBuilder2, _a156, _b115, PgUpdateBase2, init_update2, init_query_builders2, _a157, _b116, _c6, _PgCountBuilder, PgCountBuilder2, init_count2, _a158, RelationalQueryBuilder2, _a159, _b117, PgRelationalQuery2, init_query2, _a160, _b118, PgRaw2, init_raw2, _a161, PgDatabase2, init_db2, _a162, PgRole, init_roles2, _a163, PgSequence, init_sequence2, _a164, PgSchema5, init_schema3, _a165, Cache, _a166, _b119, NoopCache, init_cache, _a167, PgPreparedQuery2, _a168, PgSession2, _a169, _b120, PgTransaction2, init_session3, init_subquery22, init_utils52, init_pg_core2, vectorOps, init_vector32, sqlToStr, init_utils6, indexName, generatePgSnapshot, trimChar, fromDatabase, defaultForColumn, getColumnsInfoQuery, init_pgSerializer, import_hanji4, Select, init_selector_ui, init_alias32, _a170, CheckBuilder2, _a171, Check2, init_checks22, _a172, ForeignKeyBuilder22, _a173, ForeignKey22, init_foreign_keys22, _a174, UniqueConstraintBuilder2, _a175, UniqueOnConstraintBuilder2, _a176, UniqueConstraint2, init_unique_constraint22, _a177, _b121, SQLiteColumnBuilder, _a178, _b122, SQLiteColumn, init_common3, _a179, _b123, SQLiteBigIntBuilder, _a180, _b124, SQLiteBigInt, _a181, _b125, SQLiteBlobJsonBuilder, _a182, _b126, SQLiteBlobJson, _a183, _b127, SQLiteBlobBufferBuilder, _a184, _b128, SQLiteBlobBuffer, init_blob, _a185, _b129, SQLiteCustomColumnBuilder, _a186, _b130, SQLiteCustomColumn, init_custom22, _a187, _b131, SQLiteBaseIntegerBuilder, _a188, _b132, SQLiteBaseInteger, _a189, _b133, SQLiteIntegerBuilder, _a190, _b134, SQLiteInteger, _a191, _b135, SQLiteTimestampBuilder, _a192, _b136, SQLiteTimestamp, _a193, _b137, SQLiteBooleanBuilder, _a194, _b138, SQLiteBoolean, init_integer22, _a195, _b139, SQLiteNumericBuilder, _a196, _b140, SQLiteNumeric, _a197, _b141, SQLiteNumericNumberBuilder, _a198, _b142, SQLiteNumericNumber, _a199, _b143, SQLiteNumericBigIntBuilder, _a200, _b144, SQLiteNumericBigInt, init_numeric22, _a201, _b145, SQLiteRealBuilder, _a202, _b146, SQLiteReal, init_real22, _a203, _b147, SQLiteTextBuilder, _a204, _b148, SQLiteText, _a205, _b149, SQLiteTextJsonBuilder, _a206, _b150, SQLiteTextJson, init_text22, init_columns22, init_all22, InlineForeignKeys22, _a207, _b151, _c7, _d3, _e3, SQLiteTable, sqliteTable, init_table32, _a208, IndexBuilderOn22, _a209, IndexBuilder22, _a210, Index4, init_indexes22, _a211, PrimaryKeyBuilder22, _a212, PrimaryKey22, init_primary_keys22, init_utils7, _a213, _b152, SQLiteDeleteBase, init_delete22, _a214, _b153, SQLiteViewBase, init_view_base22, _a215, SQLiteDialect, _a216, _b154, SQLiteSyncDialect, _a217, _b155, SQLiteAsyncDialect, init_dialect22, _a218, SQLiteSelectBuilder, _a219, _b156, SQLiteSelectQueryBuilderBase, _a220, _b157, SQLiteSelectBase, getSQLiteSetOperators, union3, unionAll22, intersect22, except22, init_select32, _a221, QueryBuilder22, init_query_builder32, _a222, SQLiteInsertBuilder, _a223, _b158, SQLiteInsertBase, init_insert22, init_select_types2, _a224, SQLiteUpdateBuilder, _a225, _b159, SQLiteUpdateBase, init_update22, init_query_builders22, _a226, _b160, _c8, _SQLiteCountBuilder, SQLiteCountBuilder, init_count22, _a227, RelationalQueryBuilder22, _a228, _b161, SQLiteRelationalQuery, _a229, _b162, SQLiteSyncRelationalQuery, init_query22, _a230, _b163, SQLiteRaw, init_raw22, _a231, BaseSQLiteDatabase, init_db22, _a232, _b164, ExecuteResultSync, _a233, SQLitePreparedQuery, _a234, SQLiteSession, _a235, _b165, SQLiteTransaction, init_session22, init_subquery3, _a236, ViewBuilderCore, _a237, _b166, ViewBuilder2, _a238, _b167, ManualViewBuilder2, _a239, _b168, SQLiteView2, init_view22, init_sqlite_core, generateSqliteSnapshot, fromDatabase2, init_sqliteSerializer, getTablesFilterByExtensions, init_getTablesFilterByExtensions, init_alias4, _a240, CheckBuilder3, _a241, Check3, init_checks3, _a242, ForeignKeyBuilder3, _a243, ForeignKey3, init_foreign_keys3, _a244, UniqueConstraintBuilder3, _a245, UniqueOnConstraintBuilder3, _a246, UniqueConstraint3, init_unique_constraint3, _a247, _b169, MySqlColumnBuilder, _a248, _b170, MySqlColumn, _a249, _b171, MySqlColumnBuilderWithAutoIncrement, _a250, _b172, MySqlColumnWithAutoIncrement, init_common4, _a251, _b173, MySqlBigInt53Builder, _a252, _b174, MySqlBigInt53, _a253, _b175, MySqlBigInt64Builder, _a254, _b176, MySqlBigInt64, init_bigint22, _a255, _b177, MySqlBinaryBuilder, _a256, _b178, MySqlBinary, init_binary, _a257, _b179, MySqlBooleanBuilder, _a258, _b180, MySqlBoolean, init_boolean22, _a259, _b181, MySqlCharBuilder, _a260, _b182, MySqlChar, init_char22, _a261, _b183, MySqlCustomColumnBuilder, _a262, _b184, MySqlCustomColumn, init_custom3, _a263, _b185, MySqlDateBuilder, _a264, _b186, MySqlDate, _a265, _b187, MySqlDateStringBuilder, _a266, _b188, MySqlDateString, init_date22, _a267, _b189, MySqlDateTimeBuilder, _a268, _b190, MySqlDateTime, _a269, _b191, MySqlDateTimeStringBuilder, _a270, _b192, MySqlDateTimeString, init_datetime, _a271, _b193, MySqlDecimalBuilder, _a272, _b194, MySqlDecimal, _a273, _b195, MySqlDecimalNumberBuilder, _a274, _b196, MySqlDecimalNumber, _a275, _b197, MySqlDecimalBigIntBuilder, _a276, _b198, MySqlDecimalBigInt, init_decimal, _a277, _b199, MySqlDoubleBuilder, _a278, _b200, MySqlDouble, init_double, _a279, _b201, MySqlEnumColumnBuilder, _a280, _b202, MySqlEnumColumn, _a281, _b203, MySqlEnumObjectColumnBuilder, _a282, _b204, MySqlEnumObjectColumn, init_enum22, _a283, _b205, MySqlFloatBuilder, _a284, _b206, MySqlFloat, init_float, _a285, _b207, MySqlIntBuilder, _a286, _b208, MySqlInt, init_int, _a287, _b209, MySqlJsonBuilder, _a288, _b210, MySqlJson, init_json22, _a289, _b211, MySqlMediumIntBuilder, _a290, _b212, MySqlMediumInt, init_mediumint, _a291, _b213, MySqlRealBuilder, _a292, _b214, MySqlReal, init_real3, _a293, _b215, MySqlSerialBuilder, _a294, _b216, MySqlSerial, init_serial22, _a295, _b217, MySqlSmallIntBuilder, _a296, _b218, MySqlSmallInt, init_smallint22, _a297, _b219, MySqlTextBuilder, _a298, _b220, MySqlText, init_text3, _a299, _b221, MySqlTimeBuilder, _a300, _b222, MySqlTime, init_time22, _a301, _b223, MySqlDateColumnBaseBuilder, _a302, _b224, MySqlDateBaseColumn, init_date_common22, _a303, _b225, MySqlTimestampBuilder, _a304, _b226, MySqlTimestamp, _a305, _b227, MySqlTimestampStringBuilder, _a306, _b228, MySqlTimestampString, init_timestamp22, _a307, _b229, MySqlTinyIntBuilder, _a308, _b230, MySqlTinyInt, init_tinyint, _a309, _b231, MySqlVarBinaryBuilder, _a310, _b232, MySqlVarBinary, init_varbinary, _a311, _b233, MySqlVarCharBuilder, _a312, _b234, MySqlVarChar, init_varchar22, _a313, _b235, MySqlYearBuilder, _a314, _b236, MySqlYear, init_year, init_columns3, _a315, _b237, _c9, _MySqlCountBuilder, MySqlCountBuilder, init_count3, _a316, IndexBuilderOn3, _a317, IndexBuilder3, _a318, Index5, init_indexes3, init_all3, InlineForeignKeys3, _a319, _b238, _c10, _d4, _e4, MySqlTable, mysqlTable, init_table42, _a320, PrimaryKeyBuilder3, _a321, PrimaryKey3, init_primary_keys3, MySqlViewConfig, init_view_common32, init_utils8, _a322, _b239, MySqlDeleteBase, init_delete3, _a323, _b240, MySqlViewBase, init_view_base3, _a324, MySqlDialect, init_dialect3, _a325, MySqlSelectBuilder, _a326, _b241, MySqlSelectQueryBuilderBase, _a327, _b242, MySqlSelectBase, getMySqlSetOperators, union4, unionAll3, intersect3, intersectAll22, except3, exceptAll22, init_select4, _a328, QueryBuilder3, init_query_builder4, _a329, MySqlInsertBuilder, _a330, _b243, MySqlInsertBase, init_insert3, init_select_types3, _a331, MySqlUpdateBuilder, _a332, _b244, MySqlUpdateBase, init_update3, init_query_builders3, _a333, RelationalQueryBuilder3, _a334, _b245, MySqlRelationalQuery, init_query3, _a335, MySqlDatabase, init_db3, _a336, ViewBuilderCore2, _a337, _b246, ViewBuilder3, _a338, _b247, ManualViewBuilder3, _a339, _b248, _c11, MySqlView2, init_view3, _a340, MySqlSchema5, init_schema22, _a341, MySqlPreparedQuery, _a342, MySqlSession, _a343, _b249, MySqlTransaction, init_session32, init_subquery4, init_mysql_core, handleEnumType, generateMySqlSnapshot, fromDatabase3, init_mysqlSerializer, cliConfigGenerate, pushParams, pullParams, configCheck, cliConfigCheck, init_cli, gelCredentials, init_gel, libSQLCredentials, init_libsql, mysqlCredentials, init_mysql, postgresCredentials, init_postgres, singlestoreCredentials, init_singlestore, sqliteCredentials, init_sqlite, credentials, studioCliParams, studioConfig, init_studio, es5_exports, _3, es5_default, init_es5, import_hanji7, assertES5, safeRegister, migrateConfig, init_utils9, prepareFromExports, init_pgImports, init_alias5, _a344, UniqueConstraintBuilder4, _a345, UniqueOnConstraintBuilder4, _a346, UniqueConstraint4, init_unique_constraint4, _a347, _b250, SingleStoreColumnBuilder, _a348, _b251, SingleStoreColumn, _a349, _b252, SingleStoreColumnBuilderWithAutoIncrement, _a350, _b253, SingleStoreColumnWithAutoIncrement, init_common5, _a351, _b254, SingleStoreBigInt53Builder, _a352, _b255, SingleStoreBigInt53, _a353, _b256, SingleStoreBigInt64Builder, _a354, _b257, SingleStoreBigInt64, init_bigint3, _a355, _b258, SingleStoreBinaryBuilder, _a356, _b259, SingleStoreBinary, init_binary2, _a357, _b260, SingleStoreBooleanBuilder, _a358, _b261, SingleStoreBoolean, init_boolean3, _a359, _b262, SingleStoreCharBuilder, _a360, _b263, SingleStoreChar, init_char3, _a361, _b264, SingleStoreCustomColumnBuilder, _a362, _b265, SingleStoreCustomColumn, init_custom4, _a363, _b266, SingleStoreDateBuilder, _a364, _b267, SingleStoreDate, _a365, _b268, SingleStoreDateStringBuilder, _a366, _b269, SingleStoreDateString, init_date3, _a367, _b270, SingleStoreDateTimeBuilder, _a368, _b271, SingleStoreDateTime, _a369, _b272, SingleStoreDateTimeStringBuilder, _a370, _b273, SingleStoreDateTimeString, init_datetime2, _a371, _b274, SingleStoreDecimalBuilder, _a372, _b275, SingleStoreDecimal, _a373, _b276, SingleStoreDecimalNumberBuilder, _a374, _b277, SingleStoreDecimalNumber, _a375, _b278, SingleStoreDecimalBigIntBuilder, _a376, _b279, SingleStoreDecimalBigInt, init_decimal2, _a377, _b280, SingleStoreDoubleBuilder, _a378, _b281, SingleStoreDouble, init_double2, _a379, _b282, SingleStoreEnumColumnBuilder, _a380, _b283, SingleStoreEnumColumn, init_enum3, _a381, _b284, SingleStoreFloatBuilder, _a382, _b285, SingleStoreFloat, init_float2, _a383, _b286, SingleStoreIntBuilder, _a384, _b287, SingleStoreInt, init_int2, _a385, _b288, SingleStoreJsonBuilder, _a386, _b289, SingleStoreJson, init_json3, _a387, _b290, SingleStoreMediumIntBuilder, _a388, _b291, SingleStoreMediumInt, init_mediumint2, _a389, _b292, SingleStoreRealBuilder, _a390, _b293, SingleStoreReal, init_real4, _a391, _b294, SingleStoreSerialBuilder, _a392, _b295, SingleStoreSerial, init_serial3, _a393, _b296, SingleStoreSmallIntBuilder, _a394, _b297, SingleStoreSmallInt, init_smallint3, _a395, _b298, SingleStoreTextBuilder, _a396, _b299, SingleStoreText, init_text4, _a397, _b300, SingleStoreTimeBuilder, _a398, _b301, SingleStoreTime, init_time3, _a399, _b302, SingleStoreDateColumnBaseBuilder, _a400, _b303, SingleStoreDateBaseColumn, init_date_common3, _a401, _b304, SingleStoreTimestampBuilder, _a402, _b305, SingleStoreTimestamp, _a403, _b306, SingleStoreTimestampStringBuilder, _a404, _b307, SingleStoreTimestampString, init_timestamp3, _a405, _b308, SingleStoreTinyIntBuilder, _a406, _b309, SingleStoreTinyInt, init_tinyint2, _a407, _b310, SingleStoreVarBinaryBuilder, _a408, _b311, SingleStoreVarBinary, init_varbinary2, _a409, _b312, SingleStoreVarCharBuilder, _a410, _b313, SingleStoreVarChar, init_varchar3, _a411, _b314, SingleStoreVectorBuilder, _a412, _b315, SingleStoreVector, init_vector4, _a413, _b316, SingleStoreYearBuilder, _a414, _b317, SingleStoreYear, init_year2, init_columns4, _a415, _b318, _c12, _SingleStoreCountBuilder, SingleStoreCountBuilder, init_count4, _a416, IndexBuilderOn4, _a417, IndexBuilder4, _a418, Index6, init_indexes4, init_all4, _a419, _b319, _c13, _d5, SingleStoreTable, init_table52, _a420, PrimaryKeyBuilder4, _a421, PrimaryKey4, init_primary_keys4, init_utils10, _a422, _b320, SingleStoreDeleteBase, init_delete4, _a423, SingleStoreInsertBuilder, _a424, _b321, SingleStoreInsertBase, init_insert4, _a425, SingleStoreDialect, init_dialect4, _a426, SingleStoreSelectBuilder, _a427, _b322, SingleStoreSelectQueryBuilderBase, _a428, _b323, SingleStoreSelectBase, getSingleStoreSetOperators, union5, unionAll4, intersect4, except4, minus, init_select5, _a429, QueryBuilder4, init_query_builder5, init_select_types4, _a430, SingleStoreUpdateBuilder, _a431, _b324, SingleStoreUpdateBase, init_update4, init_query_builders4, _a432, SingleStoreDatabase, init_db4, _a433, SingleStoreSchema5, init_schema32, _a434, SingleStorePreparedQuery, _a435, SingleStoreSession, _a436, _b325, SingleStoreTransaction, init_session4, init_subquery5, init_singlestore_core, dialect5, generateSingleStoreSnapshot, fromDatabase4, init_singlestoreSerializer, sqliteImports_exports, prepareFromExports2, prepareFromSqliteImports, init_sqliteImports, mysqlImports_exports, prepareFromExports3, prepareFromMySqlImports, init_mysqlImports, mysqlPushUtils_exports, import_hanji8, filterStatements, logSuggestionsAndReturn2, init_mysqlPushUtils, mysqlIntrospect_exports, import_hanji9, mysqlPushIntrospect, init_mysqlIntrospect, singlestoreImports_exports, prepareFromExports4, prepareFromSingleStoreImports, init_singlestoreImports, singlestorePushUtils_exports, import_hanji10, filterStatements2, logSuggestionsAndReturn3, init_singlestorePushUtils, singlestoreIntrospect_exports, import_hanji11, singlestorePushIntrospect, init_singlestoreIntrospect, import_hanji3, pgPushIntrospect = async (db2, filters, schemaFilters, entities, tsSchema) => {
   const matchers = filters.map((it2) => {
     return new Minimatch(it2);
   });
@@ -38655,7 +37468,7 @@ var __create2, __defProp2, __getOwnPropDesc, __getOwnPropNames2, __getProtoOf2,
   return { schema: schema5 };
 }, generateDrizzleJson = (imports, prevId, schemaFilters, casing2) => {
   const prepared = prepareFromExports(imports);
-  const id = randomUUID2();
+  const id = randomUUID();
   const snapshot = generatePgSnapshot(prepared.tables, prepared.enums, prepared.schemas, prepared.sequences, prepared.roles, prepared.policies, prepared.views, prepared.matViews, casing2, schemaFilters);
   return fillPgSnapshot({
     serialized: snapshot,
@@ -38701,7 +37514,7 @@ var __create2, __defProp2, __getOwnPropDesc, __getOwnPropNames2, __getProtoOf2,
 }, generateSQLiteDrizzleJson = async (imports, prevId, casing2) => {
   const { prepareFromExports: prepareFromExports5 } = await Promise.resolve().then(() => (init_sqliteImports(), sqliteImports_exports));
   const prepared = prepareFromExports5(imports);
-  const id = randomUUID2();
+  const id = randomUUID();
   const snapshot = generateSqliteSnapshot(prepared.tables, prepared.views, casing2);
   return {
     ...snapshot,
@@ -38749,7 +37562,7 @@ var __create2, __defProp2, __getOwnPropDesc, __getOwnPropNames2, __getProtoOf2,
 }, generateMySQLDrizzleJson = async (imports, prevId, casing2) => {
   const { prepareFromExports: prepareFromExports5 } = await Promise.resolve().then(() => (init_mysqlImports(), mysqlImports_exports));
   const prepared = prepareFromExports5(imports);
-  const id = randomUUID2();
+  const id = randomUUID();
   const snapshot = generateMySqlSnapshot(prepared.tables, prepared.views, casing2);
   return {
     ...snapshot,
@@ -38796,7 +37609,7 @@ var __create2, __defProp2, __getOwnPropDesc, __getOwnPropNames2, __getProtoOf2,
 }, generateSingleStoreDrizzleJson = async (imports, prevId, casing2) => {
   const { prepareFromExports: prepareFromExports5 } = await Promise.resolve().then(() => (init_singlestoreImports(), singlestoreImports_exports));
   const prepared = prepareFromExports5(imports);
-  const id = randomUUID2();
+  const id = randomUUID();
   const snapshot = generateSingleStoreSnapshot(prepared.tables, casing2);
   return {
     ...snapshot,
@@ -45583,7 +44396,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
       init_external2();
     }
   });
-  init_esm3 = __esm3({
+  init_esm2 = __esm3({
     "../node_modules/.pnpm/zod@3.25.42/node_modules/zod/dist/esm/index.js"() {
       init_v32();
       init_v32();
@@ -45592,7 +44405,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
   init_gelSchema = __esm3({
     "src/serializer/gelSchema.ts"() {
       init_global2();
-      init_esm3();
+      init_esm2();
       enumSchema = objectType2({
         name: stringType2(),
         schema: stringType2(),
@@ -45846,7 +44659,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
   });
   init_mysqlSchema = __esm3({
     "src/serializer/mysqlSchema.ts"() {
-      init_esm3();
+      init_esm2();
       init_global2();
       index22 = objectType2({
         name: stringType2(),
@@ -46152,7 +44965,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
   init_pgSchema = __esm3({
     "src/serializer/pgSchema.ts"() {
       init_global2();
-      init_esm3();
+      init_esm2();
       indexV2 = objectType2({
         name: stringType2(),
         columns: recordType2(stringType2(), objectType2({
@@ -46873,7 +45686,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
   });
   init_singlestoreSchema = __esm3({
     "src/serializer/singlestoreSchema.ts"() {
-      init_esm3();
+      init_esm2();
       init_global2();
       index4 = objectType2({
         name: stringType2(),
@@ -47032,7 +45845,7 @@ See: https://github.com/isaacs/node-glob/issues/167`);
   });
   init_sqliteSchema = __esm3({
     "src/serializer/sqliteSchema.ts"() {
-      init_esm3();
+      init_esm2();
       init_global2();
       index5 = objectType2({
         name: stringType2(),
@@ -54710,7 +53523,7 @@ ${BREAKPOINT}ALTER TABLE ${tableNameWithSchema} ADD CONSTRAINT "${statement.newC
   });
   init_snapshotsDiffer = __esm3({
     "src/snapshotsDiffer.ts"() {
-      init_esm3();
+      init_esm2();
       init_jsonDiffer();
       init_sqlgenerator();
       init_jsonStatements();
@@ -56821,7 +55634,7 @@ ${BREAKPOINT}ALTER TABLE ${tableNameWithSchema} ADD CONSTRAINT "${statement.newC
   });
   init_schemaValidator = __esm3({
     "src/schemaValidator.ts"() {
-      init_esm3();
+      init_esm2();
       init_mysqlSchema();
       init_pgSchema();
       init_singlestoreSchema();
@@ -56839,7 +55652,7 @@ ${BREAKPOINT}ALTER TABLE ${tableNameWithSchema} ADD CONSTRAINT "${statement.newC
   });
   init_common2 = __esm3({
     "src/cli/validations/common.ts"() {
-      init_esm3();
+      init_esm2();
       init_schemaValidator();
       init_outputs();
       sqliteDriversLiterals = [
@@ -72041,7 +70854,7 @@ AND
   });
   init_cli = __esm3({
     "src/cli/validations/cli.ts"() {
-      init_esm3();
+      init_esm2();
       init_schemaValidator();
       init_common2();
       cliConfigGenerate = objectType2({
@@ -72102,7 +70915,7 @@ AND
   });
   init_gel = __esm3({
     "src/cli/validations/gel.ts"() {
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       gelCredentials = unionType2([
@@ -72146,7 +70959,7 @@ AND
   });
   init_libsql = __esm3({
     "src/cli/validations/libsql.ts"() {
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       libSQLCredentials = objectType2({
@@ -72157,7 +70970,7 @@ AND
   });
   init_mysql = __esm3({
     "src/cli/validations/mysql.ts"() {
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       init_outputs();
@@ -72190,7 +71003,7 @@ AND
   });
   init_postgres = __esm3({
     "src/cli/validations/postgres.ts"() {
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       postgresCredentials = unionType2([
@@ -72235,7 +71048,7 @@ AND
   });
   init_singlestore = __esm3({
     "src/cli/validations/singlestore.ts"() {
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       init_outputs();
@@ -72269,7 +71082,7 @@ AND
   init_sqlite = __esm3({
     "src/cli/validations/sqlite.ts"() {
       init_global2();
-      init_esm3();
+      init_esm2();
       init_views();
       init_common2();
       sqliteCredentials = unionType2([
@@ -72296,7 +71109,7 @@ AND
   });
   init_studio = __esm3({
     "src/cli/validations/studio.ts"() {
-      init_esm3();
+      init_esm2();
       init_schemaValidator();
       init_common2();
       init_mysql();
@@ -72328,7 +71141,7 @@ AND
   init_utils9 = __esm3({
     "src/cli/commands/utils.ts"() {
       import_hanji7 = __toESM2(require_hanji());
-      init_esm3();
+      init_esm2();
       init_getTablesFilterByExtensions();
       init_global2();
       init_schemaValidator();
@@ -76229,8 +75042,8 @@ var init_currencies = __esm(() => {
 });
 
 // src/lib/logging/adapter.ts
-function setLogger(logger32) {
-  customLogger = logger32;
+function setLogger(logger31) {
+  customLogger = logger31;
 }
 function getLogger() {
   if (customLogger) {
@@ -76242,10 +75055,10 @@ function getLogger() {
     error: (msg) => console.error(msg)
   };
 }
-var customLogger, logger32;
+var customLogger, logger31;
 var init_adapter = __esm(() => {
   init_config();
-  logger32 = {
+  logger31 = {
     info: (msg) => {
       if (customLogger || !config.embedded) {
         getLogger().info(msg);
@@ -76332,7 +75145,7 @@ async function seedCoreGames(db2) {
     try {
       await db2.insert(games).values(gameData).onConflictDoNothing();
     } catch (error2) {
-      logger32.error(`Error seeding core game '${gameData.slug}': ${error2}`);
+      logger31.error(`Error seeding core game '${gameData.slug}': ${error2}`);
     }
   }
 }
@@ -76373,7 +75186,7 @@ async function seedCurrentProjectGame(db2, project) {
     }
     return newGame;
   } catch (error2) {
-    logger32.error(`❌ Error seeding project game: ${error2}`);
+    logger31.error(`❌ Error seeding project game: ${error2}`);
     throw error2;
   }
 }
@@ -77783,6 +76596,142 @@ var init_auth_util = __esm(() => {
   init_types9();
 });
 
+// ../api-core/src/utils/lti.util.ts
+function generateUsername(email) {
+  const baseUsername = (email.split("@")[0] || "user").toLowerCase();
+  const cleanUsername = baseUsername.replace(/[^a-z0-9]/g, "");
+  const randomSuffix = Math.random().toString(36).substring(2, 7);
+  return `${cleanUsername}_${randomSuffix}`;
+}
+function extractRedirectPath(targetUri, currentHost) {
+  try {
+    const targetUrl = new URL(targetUri);
+    if (targetUrl.hostname === currentHost) {
+      return targetUrl.pathname + targetUrl.search;
+    }
+  } catch {}
+  return "/";
+}
+function validateLtiClaims(claims) {
+  const messageType = claims["https://purl.imsglobal.org/spec/lti/claim/message_type"];
+  const version4 = claims["https://purl.imsglobal.org/spec/lti/claim/version"];
+  if (messageType !== "LtiResourceLinkRequest") {
+    return `Invalid LTI message type: ${messageType}`;
+  }
+  if (version4 !== "1.3.0") {
+    return `Unsupported LTI version: ${version4}`;
+  }
+  return null;
+}
+var init_lti_util = () => {};
+
+// ../api-core/src/utils/lti-provisioning.ts
+import * as crypto4 from "node:crypto";
+async function provisionLtiUser(db2, claims) {
+  const database2 = db2;
+  const email = claims.email;
+  const ltiTimebackId = claims.sub;
+  const providerId = AUTH_PROVIDER_IDS.TIMEBACK_LTI;
+  if (!email) {
+    throw new ValidationError("Email is required in LTI claims");
+  }
+  const existingAccount = await database2.query.accounts.findFirst({
+    where: and(eq(accounts.accountId, ltiTimebackId), eq(accounts.providerId, providerId))
+  });
+  if (existingAccount) {
+    const user = await database2.query.users.findFirst({
+      where: eq(users.id, existingAccount.userId)
+    });
+    if (user) {
+      logger32.info("Found user by LTI account", {
+        userId: user.id,
+        ltiTimebackId
+      });
+      return user;
+    }
+  }
+  const existingUser = await database2.query.users.findFirst({
+    where: eq(users.email, email)
+  });
+  if (existingUser) {
+    await database2.transaction(async (tx) => {
+      const existingLtiAccount = await tx.query.accounts.findFirst({
+        where: and(eq(accounts.userId, existingUser.id), eq(accounts.providerId, providerId))
+      });
+      if (!existingLtiAccount) {
+        const [account] = await tx.insert(accounts).values({
+          id: crypto4.randomUUID(),
+          userId: existingUser.id,
+          accountId: ltiTimebackId,
+          providerId,
+          accessToken: null,
+          refreshToken: null,
+          accessTokenExpiresAt: null,
+          refreshTokenExpiresAt: null,
+          createdAt: new Date,
+          updatedAt: new Date
+        }).returning({ id: accounts.id });
+        if (!account) {
+          logger32.error("LTI account link insert returned no rows", {
+            userId: existingUser.id,
+            ltiTimebackId
+          });
+          throw new InternalError("Failed to link LTI account");
+        }
+        logger32.info("Linked LTI account to existing user", {
+          userId: existingUser.id,
+          ltiTimebackId
+        });
+      }
+    });
+    return existingUser;
+  }
+  const newUserId = crypto4.randomUUID();
+  const createdUser = await database2.transaction(async (tx) => {
+    const [insertedUser] = await tx.insert(users).values({
+      id: newUserId,
+      email,
+      emailVerified: true,
+      username: generateUsername(email),
+      name: claims.name || claims.given_name || email.split("@")[0] || "Timeback User",
+      createdAt: new Date,
+      updatedAt: new Date
+    }).returning();
+    if (!insertedUser) {
+      logger32.error("LTI user insert returned no rows", { email, ltiTimebackId });
+      throw new InternalError("Failed to create user");
+    }
+    await tx.insert(accounts).values({
+      id: crypto4.randomUUID(),
+      userId: newUserId,
+      accountId: ltiTimebackId,
+      providerId,
+      accessToken: null,
+      refreshToken: null,
+      accessTokenExpiresAt: null,
+      refreshTokenExpiresAt: null,
+      createdAt: new Date,
+      updatedAt: new Date
+    });
+    logger32.info("Provisioned new user from LTI", {
+      userId: insertedUser.id,
+      ltiTimebackId
+    });
+    return insertedUser;
+  });
+  return createdUser;
+}
+var logger32;
+var init_lti_provisioning = __esm(() => {
+  init_drizzle_orm();
+  init_src();
+  init_tables_index();
+  init_src2();
+  init_errors();
+  init_lti_util();
+  logger32 = log.scope("LtiProvisioning");
+});
+
 // ../api-core/src/utils/validation.util.ts
 function formatZodError(error2) {
   const flat = error2.flatten();
@@ -77807,6 +76756,7 @@ var init_utils11 = __esm(() => {
   init_deployment_util();
   init_leaderboard_util();
   init_lti_util();
+  init_lti_provisioning();
   init_scope_util();
   init_timeback_util();
 });
@@ -87965,20 +86915,9 @@ var init_logs_controller = __esm(() => {
 });
 
 // ../api-core/src/controllers/lti.controller.ts
-async function launch(ctx) {
-  const formData = await ctx.request.formData();
-  const idToken = formData.get("id_token");
-  if (!idToken || typeof idToken !== "string") {
-    throw ApiError.badRequest("Missing or invalid id_token");
-  }
-  const currentHost = ctx.url.hostname;
-  logger48.debug("Processing launch", { host: currentHost });
-  return ctx.services.lti.processLaunch(idToken, currentHost);
-}
 var logger48, getStatus3, lti;
 var init_lti_controller = __esm(() => {
   init_src2();
-  init_errors();
   init_utils11();
   logger48 = log.scope("LtiController");
   getStatus3 = requireAuth(async (ctx) => {
@@ -87986,7 +86925,6 @@ var init_lti_controller = __esm(() => {
     return ctx.services.lti.getStatus(ctx.user);
   });
   lti = {
-    launch,
     getStatus: getStatus3
   };
 });
@@ -88218,7 +87156,7 @@ var init_realtime_controller = __esm(() => {
 });
 
 // ../api-core/src/controllers/secrets.controller.ts
-var logger52, listKeys, getValues, setSecrets, deleteSecret, secrets;
+var logger52, listKeys, setSecrets, deleteSecret, secrets;
 var init_secrets_controller = __esm(() => {
   init_esm();
   init_schemas_index();
@@ -88235,15 +87173,6 @@ var init_secrets_controller = __esm(() => {
     const keys = await ctx.services.secrets.listKeys(slug2, ctx.user);
     return { keys };
   });
-  getValues = requireDeveloper(async (ctx) => {
-    const slug2 = ctx.params.slug;
-    if (!slug2) {
-      throw ApiError.badRequest("Missing game slug");
-    }
-    logger52.debug("Getting secret values", { userId: ctx.user.id, slug: slug2 });
-    const secrets = await ctx.services.secrets.getValues(slug2, ctx.user);
-    return { secrets };
-  });
   setSecrets = requireDeveloper(async (ctx) => {
     const slug2 = ctx.params.slug;
     if (!slug2) {
@@ -88284,7 +87213,6 @@ var init_secrets_controller = __esm(() => {
   });
   secrets = {
     listKeys,
-    getValues,
     setSecrets,
     deleteSecret
   };
@@ -89384,7 +88312,6 @@ var init_secrets = __esm(() => {
   init_api();
   gameSecretsRouter = new Hono2;
   gameSecretsRouter.get("/:slug/secrets", handle2(secrets.listKeys));
-  gameSecretsRouter.get("/:slug/secrets/values", handle2(secrets.getValues));
   gameSecretsRouter.post("/:slug/secrets", handle2(secrets.setSecrets));
   gameSecretsRouter.delete("/:slug/secrets/:key", handle2(secrets.deleteSecret));
 });
@@ -89921,51 +88848,85 @@ var init_timeback6 = __esm(() => {
 });
 
 // src/routes/integrations/lti.ts
-var ltiRouter;
+function verifyMockToken(idToken) {
+  if (!idToken.startsWith("mock:")) {
+    throw new Error("Invalid LTI token - must be mock token in sandbox");
+  }
+  try {
+    const jsonStr = Buffer.from(idToken.slice(5), "base64").toString();
+    return JSON.parse(jsonStr);
+  } catch {
+    throw new Error("Invalid LTI token format");
+  }
+}
+var logger62, ltiRouter;
 var init_lti = __esm(() => {
   init_drizzle_orm();
   init_dist3();
   init_controllers();
-  init_errors();
+  init_utils11();
   init_tables_index();
+  init_src2();
   init_constants();
   init_api();
-  init_context();
+  logger62 = log.scope("SandboxLti");
   ltiRouter = new Hono2;
-  ltiRouter.all("/launch", async (c2) => {
-    if (c2.req.method !== "POST") {
-      return c2.json({
-        error: "method_not_allowed",
-        message: "LTI launches must use POST method"
-      }, 405);
-    }
-    const sandboxCtx = getSandboxContext();
-    const ctx = {
-      db: sandboxCtx.db,
-      config: sandboxCtx.config,
-      providers: sandboxCtx.providers,
-      services: sandboxCtx.services,
-      user: undefined,
-      params: {},
-      url: new URL(c2.req.url),
-      request: c2.req.raw
-    };
+  ltiRouter.post("/launch", async (c2) => {
+    const db2 = c2.get("db");
     try {
-      const result = await lti.launch(ctx);
-      c2.header("Set-Cookie", `better-auth.session=${result.sessionToken}; Path=/; HttpOnly; SameSite=Lax; Max-Age=${30 * 24 * 60 * 60}`);
-      return c2.redirect(result.redirectPath);
-    } catch (error2) {
-      if (error2 instanceof ApiError) {
+      const formData = await c2.req.formData();
+      const idToken = formData.get("id_token");
+      if (!idToken || typeof idToken !== "string") {
         return c2.json({
-          error: "lti_launch_failed",
-          message: error2.message,
-          code: error2.code,
-          details: error2.details
-        }, error2.status);
+          error: "missing_token",
+          message: "Missing or invalid id_token in request"
+        }, 400);
       }
+      let claims;
+      try {
+        claims = verifyMockToken(idToken);
+      } catch (error2) {
+        const errorMessage = error2 instanceof Error ? error2.message : String(error2);
+        logger62.error("LTI token verification failed", { error: errorMessage });
+        return c2.json({
+          error: "invalid_token",
+          message: errorMessage
+        }, 401);
+      }
+      const validationError = validateLtiClaims(claims);
+      if (validationError) {
+        logger62.warn("LTI claims validation failed", {
+          error: validationError,
+          sub: claims.sub
+        });
+        return c2.json({
+          error: "invalid_claims",
+          message: validationError
+        }, 400);
+      }
+      const user = await provisionLtiUser(db2, claims);
+      const sessionToken = crypto.randomUUID();
+      const expiresAt = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000);
+      await db2.insert(sessions).values({
+        id: crypto.randomUUID(),
+        userId: user.id,
+        token: sessionToken,
+        expiresAt,
+        createdAt: new Date,
+        updatedAt: new Date
+      });
+      logger62.info("LTI launch successful", { userId: user.id });
+      const targetUri = claims["https://purl.imsglobal.org/spec/lti/claim/target_link_uri"];
+      const currentHost = new URL(c2.req.url).hostname;
+      const redirectPath = extractRedirectPath(targetUri, currentHost);
+      c2.header("Set-Cookie", `sandbox-session=${sessionToken}; Path=/; HttpOnly; SameSite=Lax; Max-Age=${30 * 24 * 60 * 60}`);
+      return c2.redirect(redirectPath);
+    } catch (error2) {
+      const errorMessage = error2 instanceof Error ? error2.message : String(error2);
+      logger62.error("Unexpected error during LTI launch", { error: errorMessage });
       return c2.json({
         error: "unexpected_error",
-        message: "An unexpected error occurred during LTI launch. Please try again or contact support."
+        message: "An unexpected error occurred during LTI launch"
       }, 500);
     }
   });
@@ -90095,7 +89056,6 @@ async function startServer(port, project, options = {}) {
   resetSandboxContext();
   resetHandlers();
   clearSandboxCache();
-  clearSandboxSecrets();
   clearSandboxStorage();
   const db2 = await setupServerDatabase(processedOptions, project);
   createSandboxContext({ db: db2, port });
@@ -90122,7 +89082,6 @@ async function startServer(port, project, options = {}) {
       resetSandboxContext();
       resetHandlers();
       clearSandboxCache();
-      clearSandboxSecrets();
       clearSandboxStorage();
     }
   };