@powersync/management-types 0.0.0-dev.85b697f3

package/dist/config/HostedConfig.js

@@ -0,0 +1,101 @@
+import * as t from 'ts-codec';
+import { configFile } from '@powersync/service-types';
+import { HostedSecret } from './HostedSecret.js';
+import { HostedMSSQLConnection } from './connections/HostedMSSQLConnection.js';
+import { HostedMongoConnection } from './connections/HostedMongoConnection.js';
+import { HostedMySQLConnection } from './connections/HostedMySQLConnection.js';
+import { HostedPostgresConnection } from './connections/HostedPostgresConnection.js';
+export const AnyHostedConnection = HostedPostgresConnection.or(HostedMongoConnection)
+    .or(HostedMySQLConnection)
+    .or(HostedMSSQLConnection);
+AnyHostedConnection.meta({
+    description: 'Any hosted connection type.'
+});
+export const JwkHmac = t.object({
+    kty: t.literal('oct').meta({
+        description: 'Key type identifier, must be "oct" for HMAC keys.'
+    }),
+    kid: t.string.meta({
+        description: 'Key ID. Undefined kid indicates it can match any JWT, with or without a kid. Use a kid wherever possible.'
+    }),
+    k: HostedSecret.meta({
+        description: 'The HMAC key value, Base64 URL encoded (may be a secret reference).'
+    }),
+    alg: t.literal('HS256').or(t.literal('HS384')).or(t.literal('HS512')).meta({
+        description: 'The algorithm intended for use with this key (HS256, HS384, or HS512).'
+    }),
+    use: t.string
+        .meta({
+        description: 'The intended use of the key (e.g., "sig" for signature).'
+    })
+        .optional()
+});
+JwkHmac.meta({
+    description: 'JSON Web Key (JWK) representation of an HMAC key.'
+});
+export const Jwk = t.union(t.union(t.union(configFile.jwkRSA, JwkHmac), configFile.jwkOKP), configFile.jwkEC);
+Jwk.meta({
+    description: 'A JSON Web Key (JWK) representing a cryptographic key. Can be RSA, HMAC, OKP, or EC key types.'
+});
+export const Jwks = t.object({
+    keys: t.array(Jwk).meta({
+        description: 'An array of JSON Web Keys (JWKs).'
+    })
+});
+Jwks.meta({
+    description: 'A JSON Web Key Set (JWKS) containing a collection of JWKs.'
+});
+const ReplicationConfig = t.object({
+    connections: t
+        .array(AnyHostedConnection)
+        .meta({
+        description: 'Array of data source connections used for replication.'
+    })
+        .optional()
+});
+ReplicationConfig.meta({
+    description: 'Configuration for data replication services.'
+});
+const ClientAuthConfig = t.object({
+    jwks_uri: t.string
+        .meta({
+        description: 'URI pointing to a JWKS endpoint for client authentication.'
+    })
+        .optional(),
+    jwks: Jwks.meta({
+        description: 'Inline JWKS configuration for client authentication.'
+    }).optional(),
+    supabase: t.boolean
+        .meta({
+        description: 'Enables Supabase authentication integration.'
+    })
+        .optional(),
+    supabase_jwt_secret: HostedSecret.meta({
+        description: 'JWT secret for Supabase authentication (may be a secret reference).'
+    }).optional(),
+    additional_audiences: t
+        .array(t.string)
+        .meta({
+        description: 'Additional valid audiences for JWT validation.'
+    })
+        .optional(),
+    allow_temporary_tokens: t.boolean
+        .meta({
+        description: 'When true, allows temporary tokens for development or testing.'
+    })
+        .optional()
+});
+ClientAuthConfig.meta({
+    description: 'Configuration for client authentication mechanisms.'
+});
+export const BasePowerSyncHostedConfig = t.object({
+    region: t.string.meta({
+        description: 'Deployment region for the hosted service (e.g., "us" or "eu").'
+    }),
+    replication: ReplicationConfig.optional(),
+    client_auth: ClientAuthConfig.optional()
+});
+BasePowerSyncHostedConfig.meta({
+    description: 'Base configuration for PowerSync hosted service.'
+});
+//# sourceMappingURL=HostedConfig.js.map

package/dist/config/HostedConfig.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HostedConfig.js","sourceRoot":"","sources":["../../src/config/HostedConfig.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,UAAU,CAAC;AAE9B,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AAErF,MAAM,CAAC,MAAM,mBAAmB,GAAG,wBAAwB,CAAC,EAAE,CAAC,qBAAqB,CAAC;KAClF,EAAE,CAAC,qBAAqB,CAAC;KACzB,EAAE,CAAC,qBAAqB,CAAC,CAAC;AAE7B,mBAAmB,CAAC,IAAI,CAAC;IACvB,WAAW,EAAE,6BAA6B;CAC3C,CAAC,CAAC;AAKH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC;QACzB,WAAW,EAAE,mDAAmD;KACjE,CAAC;IAEF,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;QACjB,WAAW,EACT,2GAA2G;KAC9G,CAAC;IAEF,CAAC,EAAE,YAAY,CAAC,IAAI,CAAC;QACnB,WAAW,EAAE,qEAAqE;KACnF,CAAC;IAEF,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,WAAW,EAAE,wEAAwE;KACtF,CAAC;IAEF,GAAG,EAAE,CAAC,CAAC,MAAM;SACV,IAAI,CAAC;QACJ,WAAW,EAAE,0DAA0D;KACxE,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH,OAAO,CAAC,IAAI,CAAC;IACX,WAAW,EAAE,mDAAmD;CACjE,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;AAE9G,GAAG,CAAC,IAAI,CAAC;IACP,WAAW,EAAE,gGAAgG;CAC9G,CAAC,CAAC;AAKH,MAAM,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;QACtB,WAAW,EAAE,mCAAmC;KACjD,CAAC;CACH,CAAC,CAAC;AAEH,IAAI,CAAC,IAAI,CAAC;IACR,WAAW,EAAE,4DAA4D;CAC1E,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,WAAW,EAAE,CAAC;SACX,KAAK,CAAC,mBAAmB,CAAC;SAC1B,IAAI,CAAC;QACJ,WAAW,EAAE,wDAAwD;KACtE,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH,iBAAiB,CAAC,IAAI,CAAC;IACrB,WAAW,EAAE,8CAA8C;CAC5D,CAAC,CAAC;AAIH,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,QAAQ,EAAE,CAAC,CAAC,MAAM;SACf,IAAI,CAAC;QACJ,WAAW,EAAE,4DAA4D;KAC1E,CAAC;SACD,QAAQ,EAAE;IAEb,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC;QACd,WAAW,EAAE,sDAAsD;KACpE,CAAC,CAAC,QAAQ,EAAE;IAEb,QAAQ,EAAE,CAAC,CAAC,OAAO;SAChB,IAAI,CAAC;QACJ,WAAW,EAAE,8CAA8C;KAC5D,CAAC;SACD,QAAQ,EAAE;IAEb,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC;QACrC,WAAW,EAAE,qEAAqE;KACnF,CAAC,CAAC,QAAQ,EAAE;IAEb,oBAAoB,EAAE,CAAC;SACpB,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;SACf,IAAI,CAAC;QACJ,WAAW,EAAE,gDAAgD;KAC9D,CAAC;SACD,QAAQ,EAAE;IAEb,sBAAsB,EAAE,CAAC,CAAC,OAAO;SAC9B,IAAI,CAAC;QACJ,WAAW,EAAE,gEAAgE;KAC9E,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH,gBAAgB,CAAC,IAAI,CAAC;IACpB,WAAW,EAAE,qDAAqD;CACnE,CAAC,CAAC;AAIH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;QACpB,WAAW,EAAE,gEAAgE;KAC9E,CAAC;IAEF,WAAW,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IAEzC,WAAW,EAAE,gBAAgB,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAC;AAEH,yBAAyB,CAAC,IAAI,CAAC;IAC7B,WAAW,EAAE,kDAAkD;CAChE,CAAC,CAAC"}

package/dist/config/HostedSecret.d.ts

@@ -0,0 +1,18 @@
+import * as t from 'ts-codec';
+export declare const HostedSecretValue: t.ObjectCodec<{
+    secret: t.IdentityCodec<t.CodecType.String>;
+}>;
+export type HostedSecretValue = t.Encoded<typeof HostedSecretValue>;
+export declare const HostedSecretRef: t.ObjectCodec<{
+    secret_ref: t.IdentityCodec<t.CodecType.String>;
+}>;
+export type HostedSecretRef = t.Encoded<typeof HostedSecretRef>;
+export declare const HostedSecret: t.Union<t.Codec<{
+    secret_ref: string;
+}, {
+    secret_ref: string;
+}, string, t.CodecProps>, t.ObjectCodec<{
+    secret: t.IdentityCodec<t.CodecType.String>;
+}>>;
+export type HostedSecret = t.Encoded<typeof HostedSecret>;
+export declare function isHostedSecretValue(v: HostedSecret): v is HostedSecretValue;

package/dist/config/HostedSecret.js

@@ -0,0 +1,12 @@
+import * as t from 'ts-codec';
+export const HostedSecretValue = t.object({
+    secret: t.string
+});
+export const HostedSecretRef = t.object({
+    secret_ref: t.string
+});
+export const HostedSecret = HostedSecretRef.or(HostedSecretValue);
+export function isHostedSecretValue(v) {
+    return typeof v.secret == 'string';
+}
+//# sourceMappingURL=HostedSecret.js.map

package/dist/config/HostedSecret.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HostedSecret.js","sourceRoot":"","sources":["../../src/config/HostedSecret.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,UAAU,CAAC;AAE9B,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,MAAM,EAAE,CAAC,CAAC,MAAM;CACjB,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,UAAU,EAAE,CAAC,CAAC,MAAM;CACrB,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC;AAGlE,MAAM,UAAU,mBAAmB,CAAC,CAAe;IACjD,OAAO,OAAQ,CAAuB,CAAC,MAAM,IAAI,QAAQ,CAAC;AAC5D,CAAC"}

package/dist/config/connections/ConnectionType.d.ts

@@ -0,0 +1,6 @@
+export declare enum ConnectionType {
+    POSTGRES = "postgresql",
+    MONGODB = "mongodb",
+    MYSQL = "mysql",
+    MSSQL = "mssql"
+}

package/dist/config/connections/ConnectionType.js

@@ -0,0 +1,8 @@
+export var ConnectionType;
+(function (ConnectionType) {
+    ConnectionType["POSTGRES"] = "postgresql";
+    ConnectionType["MONGODB"] = "mongodb";
+    ConnectionType["MYSQL"] = "mysql";
+    ConnectionType["MSSQL"] = "mssql";
+})(ConnectionType || (ConnectionType = {}));
+//# sourceMappingURL=ConnectionType.js.map

package/dist/config/connections/ConnectionType.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConnectionType.js","sourceRoot":"","sources":["../../../src/config/connections/ConnectionType.ts"],"names":[],"mappings":"AAAA,MAAM,CAAN,IAAY,cAKX;AALD,WAAY,cAAc;IACxB,yCAAuB,CAAA;IACvB,qCAAmB,CAAA;IACnB,iCAAe,CAAA;IACf,iCAAe,CAAA;AACjB,CAAC,EALW,cAAc,KAAd,cAAc,QAKzB"}

package/dist/config/connections/HostedDatabaseSourceConfig.d.ts

@@ -0,0 +1,23 @@
+import * as t from 'ts-codec';
+import { ConnectionType } from './ConnectionType.js';
+export declare const DataSourceConfig: t.ObjectCodec<{
+    type: t.EnumCodec<typeof ConnectionType>;
+    /** Descriptive name */
+    name: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    /** Unique identifier for the connection - optional when a single connection is present. */
+    id: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    /** Tag used as reference in sync rules. Defaults to "default". Does not have to be unique. */
+    tag: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    username: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    password: t.OptionalCodec<t.Codec<{
+        secret: string;
+    } | {
+        secret_ref: string;
+    }, {
+        secret: string;
+    } | {
+        secret_ref: string;
+    }, string, t.CodecProps>>;
+    database: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+}>;
+export type DataSourceConfigDecoded = t.Decoded<typeof DataSourceConfig>;

package/dist/config/connections/HostedDatabaseSourceConfig.js

@@ -0,0 +1,18 @@
+import * as t from 'ts-codec';
+import { ConnectionType } from './ConnectionType.js';
+import { HostedSecret } from '../HostedSecret.js';
+// This will be imported from the core module package once module packages are used
+export const DataSourceConfig = t.object({
+    // Unique string identifier for the data source
+    type: t.Enum(ConnectionType),
+    /** Descriptive name */
+    name: t.string.optional(),
+    /** Unique identifier for the connection - optional when a single connection is present. */
+    id: t.string.optional(),
+    /** Tag used as reference in sync rules. Defaults to "default". Does not have to be unique. */
+    tag: t.string.optional(),
+    username: t.string.optional(),
+    password: HostedSecret.optional(),
+    database: t.string.optional()
+});
+//# sourceMappingURL=HostedDatabaseSourceConfig.js.map

package/dist/config/connections/HostedDatabaseSourceConfig.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HostedDatabaseSourceConfig.js","sourceRoot":"","sources":["../../../src/config/connections/HostedDatabaseSourceConfig.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,mFAAmF;AACnF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,+CAA+C;IAC/C,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;IAC5B,uBAAuB;IACvB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IACzB,2FAA2F;IAC3F,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IACvB,8FAA8F;IAC9F,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IAExB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IAC7B,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE;IACjC,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;CAC9B,CAAC,CAAC"}

package/dist/config/connections/HostedMSSQLConnection.d.ts

@@ -0,0 +1,308 @@
+import * as t from 'ts-codec';
+import { ConnectionType } from './ConnectionType.js';
+export declare const DefaultAuthenticationHosted: t.Intersection<t.Codec<{
+    type: "default";
+    options: {
+        password: string;
+        userName: string;
+    };
+}, {
+    type: "default";
+    options: {
+        password: string;
+        userName: string;
+    };
+}, string, t.CodecProps>, t.ObjectCodec<{
+    options: t.ObjectCodec<{
+        password: t.Union<t.Codec<{
+            secret_ref: string;
+        }, {
+            secret_ref: string;
+        }, string, t.CodecProps>, t.ObjectCodec<{
+            secret: t.IdentityCodec<t.CodecType.String>;
+        }>>;
+    }>;
+}>>;
+export type DefaultAuthenticationHosted = t.Encoded<typeof DefaultAuthenticationHosted>;
+export declare const AzureActiveDirectoryPasswordAuthenticationHosted: t.Intersection<t.Codec<{
+    type: "azure-active-directory-password";
+    options: {
+        password: string;
+        userName: string;
+        clientId: string;
+        tenantId: string;
+    };
+}, {
+    type: "azure-active-directory-password";
+    options: {
+        password: string;
+        userName: string;
+        clientId: string;
+        tenantId: string;
+    };
+}, string, t.CodecProps>, t.ObjectCodec<{
+    options: t.ObjectCodec<{
+        password: t.Union<t.Codec<{
+            secret_ref: string;
+        }, {
+            secret_ref: string;
+        }, string, t.CodecProps>, t.ObjectCodec<{
+            secret: t.IdentityCodec<t.CodecType.String>;
+        }>>;
+    }>;
+}>>;
+export type AzureActiveDirectoryPasswordAuthenticationHosted = t.Encoded<typeof AzureActiveDirectoryPasswordAuthenticationHosted>;
+export declare const AzureActiveDirectoryServicePrincipalSecretHosted: t.Intersection<t.Codec<{
+    type: "azure-active-directory-service-principal-secret";
+    options: {
+        clientId: string;
+        tenantId: string;
+        clientSecret: string;
+    };
+}, {
+    type: "azure-active-directory-service-principal-secret";
+    options: {
+        clientId: string;
+        tenantId: string;
+        clientSecret: string;
+    };
+}, string, t.CodecProps>, t.ObjectCodec<{
+    options: t.ObjectCodec<{
+        clientSecret: t.Union<t.Codec<{
+            secret_ref: string;
+        }, {
+            secret_ref: string;
+        }, string, t.CodecProps>, t.ObjectCodec<{
+            secret: t.IdentityCodec<t.CodecType.String>;
+        }>>;
+    }>;
+}>>;
+export type AzureActiveDirectoryServicePrincipalSecretHosted = t.Encoded<typeof AzureActiveDirectoryServicePrincipalSecretHosted>;
+export declare const AuthenticationHosted: t.Union<t.Codec<({
+    type: "default";
+    options: {
+        password: string;
+        userName: string;
+    };
+} & {
+    options: {
+        password: {
+            secret: string;
+        } | {
+            secret_ref: string;
+        };
+    };
+}) | ({
+    type: "azure-active-directory-password";
+    options: {
+        password: string;
+        userName: string;
+        clientId: string;
+        tenantId: string;
+    };
+} & {
+    options: {
+        password: {
+            secret: string;
+        } | {
+            secret_ref: string;
+        };
+    };
+}), ({
+    type: "default";
+    options: {
+        password: string;
+        userName: string;
+    };
+} & {
+    options: {
+        password: {
+            secret: string;
+        } | {
+            secret_ref: string;
+        };
+    };
+}) | ({
+    type: "azure-active-directory-password";
+    options: {
+        password: string;
+        userName: string;
+        clientId: string;
+        tenantId: string;
+    };
+} & {
+    options: {
+        password: {
+            secret: string;
+        } | {
+            secret_ref: string;
+        };
+    };
+}), string, t.CodecProps>, t.Intersection<t.Codec<{
+    type: "azure-active-directory-service-principal-secret";
+    options: {
+        clientId: string;
+        tenantId: string;
+        clientSecret: string;
+    };
+}, {
+    type: "azure-active-directory-service-principal-secret";
+    options: {
+        clientId: string;
+        tenantId: string;
+        clientSecret: string;
+    };
+}, string, t.CodecProps>, t.ObjectCodec<{
+    options: t.ObjectCodec<{
+        clientSecret: t.Union<t.Codec<{
+            secret_ref: string;
+        }, {
+            secret_ref: string;
+        }, string, t.CodecProps>, t.ObjectCodec<{
+            secret: t.IdentityCodec<t.CodecType.String>;
+        }>>;
+    }>;
+}>>>;
+export type AuthenticationHosted = t.Encoded<typeof AuthenticationHosted>;
+export declare const HostedMSSQLConnection: t.Intersection<t.Codec<{
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, {
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, string, t.CodecProps>, t.ObjectCodec<{
+    type: t.LiteralCodec<ConnectionType.MSSQL>;
+    uri: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    hostname: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    port: t.OptionalCodec<t.Codec<number, number, string, t.CodecProps>>;
+    schema: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    /**
+     *  Authentication method to use when connecting to the database.
+     *  When not specified, 'default' username & password authentication is used.
+     */
+    authentication: t.OptionalCodec<t.Codec<({
+        type: "default";
+        options: {
+            password: string;
+            userName: string;
+        };
+    } & {
+        options: {
+            password: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }) | ({
+        type: "azure-active-directory-password";
+        options: {
+            password: string;
+            userName: string;
+            clientId: string;
+            tenantId: string;
+        };
+    } & {
+        options: {
+            password: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }) | ({
+        type: "azure-active-directory-service-principal-secret";
+        options: {
+            clientId: string;
+            tenantId: string;
+            clientSecret: string;
+        };
+    } & {
+        options: {
+            clientSecret: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }), ({
+        type: "default";
+        options: {
+            password: string;
+            userName: string;
+        };
+    } & {
+        options: {
+            password: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }) | ({
+        type: "azure-active-directory-password";
+        options: {
+            password: string;
+            userName: string;
+            clientId: string;
+            tenantId: string;
+        };
+    } & {
+        options: {
+            password: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }) | ({
+        type: "azure-active-directory-service-principal-secret";
+        options: {
+            clientId: string;
+            tenantId: string;
+            clientSecret: string;
+        };
+    } & {
+        options: {
+            clientSecret: {
+                secret: string;
+            } | {
+                secret_ref: string;
+            };
+        };
+    }), string, t.CodecProps>>;
+    /**
+     *  Additional configuration options for tweaking replicator and connection behavior.
+     */
+    additionalConfig: t.OptionalCodec<t.Codec<{
+        pollingIntervalMs?: number | undefined;
+        pollingBatchSize?: number | undefined;
+        trustServerCertificate?: boolean | undefined;
+    }, {
+        pollingIntervalMs?: number | undefined;
+        pollingBatchSize?: number | undefined;
+        trustServerCertificate?: boolean | undefined;
+    }, string, t.CodecProps>>;
+    /** Expose execute-sql */
+    debug_api: t.OptionalCodec<t.Codec<boolean, boolean, string, t.CodecProps>>;
+}>>;
+export type HostedMSSQLConnection = t.Encoded<typeof HostedMSSQLConnection>;
+export type HostedMSSQLConnectionDecoded = t.Decoded<typeof HostedMSSQLConnection>;

package/dist/config/connections/HostedMSSQLConnection.js

@@ -0,0 +1,41 @@
+import * as mssql_types from '@powersync/service-module-mssql/types';
+import * as t from 'ts-codec';
+import { HostedSecret } from '../HostedSecret.js';
+import { ConnectionType } from './ConnectionType.js';
+import { DataSourceConfig } from './HostedDatabaseSourceConfig.js';
+// Replace confidential fields with HostedSecret
+export const DefaultAuthenticationHosted = mssql_types.DefaultAuthentication.and(t.object({
+    options: t.object({
+        password: HostedSecret
+    })
+}));
+export const AzureActiveDirectoryPasswordAuthenticationHosted = mssql_types.AzureActiveDirectoryPasswordAuthentication.and(t.object({
+    options: t.object({
+        password: HostedSecret
+    })
+}));
+export const AzureActiveDirectoryServicePrincipalSecretHosted = mssql_types.AzureActiveDirectoryServicePrincipalSecret.and(t.object({
+    options: t.object({
+        clientSecret: HostedSecret
+    })
+}));
+export const AuthenticationHosted = DefaultAuthenticationHosted.or(AzureActiveDirectoryPasswordAuthenticationHosted).or(AzureActiveDirectoryServicePrincipalSecretHosted);
+export const HostedMSSQLConnection = DataSourceConfig.and(t.object({
+    type: t.literal(ConnectionType.MSSQL),
+    uri: t.string.optional(),
+    hostname: t.string.optional(),
+    port: t.number.optional(),
+    schema: t.string.optional(),
+    /**
+     *  Authentication method to use when connecting to the database.
+     *  When not specified, 'default' username & password authentication is used.
+     */
+    authentication: AuthenticationHosted.optional(),
+    /**
+     *  Additional configuration options for tweaking replicator and connection behavior.
+     */
+    additionalConfig: mssql_types.AdditionalConfig.optional(),
+    /** Expose execute-sql */
+    debug_api: t.boolean.optional()
+}));
+//# sourceMappingURL=HostedMSSQLConnection.js.map

package/dist/config/connections/HostedMSSQLConnection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HostedMSSQLConnection.js","sourceRoot":"","sources":["../../../src/config/connections/HostedMSSQLConnection.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,WAAW,MAAM,uCAAuC,CAAC;AACrE,OAAO,KAAK,CAAC,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAEnE,gDAAgD;AAChD,MAAM,CAAC,MAAM,2BAA2B,GAAG,WAAW,CAAC,qBAAqB,CAAC,GAAG,CAC9E,CAAC,CAAC,MAAM,CAAC;IACP,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,QAAQ,EAAE,YAAY;KACvB,CAAC;CACH,CAAC,CACH,CAAC;AAIF,MAAM,CAAC,MAAM,gDAAgD,GAC3D,WAAW,CAAC,0CAA0C,CAAC,GAAG,CACxD,CAAC,CAAC,MAAM,CAAC;IACP,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,QAAQ,EAAE,YAAY;KACvB,CAAC;CACH,CAAC,CACH,CAAC;AAKJ,MAAM,CAAC,MAAM,gDAAgD,GAC3D,WAAW,CAAC,0CAA0C,CAAC,GAAG,CACxD,CAAC,CAAC,MAAM,CAAC;IACP,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,YAAY,EAAE,YAAY;KAC3B,CAAC;CACH,CAAC,CACH,CAAC;AAKJ,MAAM,CAAC,MAAM,oBAAoB,GAAG,2BAA2B,CAAC,EAAE,CAAC,gDAAgD,CAAC,CAAC,EAAE,CACrH,gDAAgD,CACjD,CAAC;AAGF,MAAM,CAAC,MAAM,qBAAqB,GAAG,gBAAgB,CAAC,GAAG,CACvD,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,CAAC;IACrC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IACxB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IAC7B,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IACzB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;IAE3B;;;OAGG;IACH,cAAc,EAAE,oBAAoB,CAAC,QAAQ,EAAE;IAE/C;;OAEG;IACH,gBAAgB,EAAE,WAAW,CAAC,gBAAgB,CAAC,QAAQ,EAAE;IAEzD,yBAAyB;IACzB,SAAS,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE;CAChC,CAAC,CACH,CAAC"}

package/dist/config/connections/HostedMongoConnection.d.ts

@@ -0,0 +1,33 @@
+import * as t from 'ts-codec';
+import { ConnectionType } from './ConnectionType.js';
+export declare const HostedMongoConnection: t.Intersection<t.Codec<{
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, {
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, string, t.CodecProps>, t.ObjectCodec<{
+    type: t.LiteralCodec<ConnectionType.MONGODB>;
+    uri: t.IdentityCodec<t.CodecType.String>;
+    post_images: t.OptionalCodec<t.Codec<"off" | "auto_configure" | "read_only", "off" | "auto_configure" | "read_only", string, t.CodecProps>>;
+    vpc_endpoint_hostname: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+}>>;
+export type HostedMongoConnection = t.Encoded<typeof HostedMongoConnection>;

package/dist/config/connections/HostedMongoConnection.js

@@ -0,0 +1,10 @@
+import * as t from 'ts-codec';
+import { DataSourceConfig } from './HostedDatabaseSourceConfig.js';
+import { ConnectionType } from './ConnectionType.js';
+export const HostedMongoConnection = DataSourceConfig.and(t.object({
+    type: t.literal(ConnectionType.MONGODB),
+    uri: t.string,
+    post_images: t.literal('off').or(t.literal('auto_configure')).or(t.literal('read_only')).optional(),
+    vpc_endpoint_hostname: t.string.optional()
+}));
+//# sourceMappingURL=HostedMongoConnection.js.map

package/dist/config/connections/HostedMongoConnection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HostedMongoConnection.js","sourceRoot":"","sources":["../../../src/config/connections/HostedMongoConnection.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,CAAC,MAAM,qBAAqB,GAAG,gBAAgB,CAAC,GAAG,CACvD,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC;IACvC,GAAG,EAAE,CAAC,CAAC,MAAM;IAEb,WAAW,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEnG,qBAAqB,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;CAC3C,CAAC,CACH,CAAC"}

package/dist/config/connections/HostedMySQLConnection.d.ts

@@ -0,0 +1,46 @@
+import * as t from 'ts-codec';
+import { ConnectionType } from './ConnectionType.js';
+export declare const HostedMySQLConnection: t.Intersection<t.Codec<{
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, {
+    type: ConnectionType;
+    name?: string | undefined;
+    id?: string | undefined;
+    tag?: string | undefined;
+    username?: string | undefined;
+    password?: {
+        secret: string;
+    } | {
+        secret_ref: string;
+    } | undefined;
+    database?: string | undefined;
+}, string, t.CodecProps>, t.ObjectCodec<{
+    type: t.LiteralCodec<ConnectionType.MYSQL>;
+    uri: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    hostname: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    port: t.OptionalCodec<t.Codec<number, number, string, t.CodecProps>>;
+    /** For mutual TLS */
+    client_certificate: t.OptionalCodec<t.Codec<string, string, string, t.CodecProps>>;
+    client_private_key: t.OptionalCodec<t.Codec<{
+        secret: string;
+    } | {
+        secret_ref: string;
+    }, {
+        secret: string;
+    } | {
+        secret_ref: string;
+    }, string, t.CodecProps>>;
+    /** Expose execute-sql */
+    debug_api: t.OptionalCodec<t.Codec<boolean, boolean, string, t.CodecProps>>;
+}>>;
+export type HostedMySQLConnection = t.Encoded<typeof HostedMySQLConnection>;