npm - @querypanel/node-sdk - Versions diffs - 1.0.36 → 1.0.38 - Mend

@querypanel/node-sdk 1.0.36 → 1.0.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -10,7 +10,7 @@ bun add @querypanel/sdk
 npm install @querypanel/sdk
 ```
-> **Runtime:** Node.js 18+ (or Bun). The SDK relies on the native `fetch` API.
+> **Runtime:** Node.js 18+, Deno, or Bun. The SDK uses Web Crypto API for JWT signing and the native `fetch` API, making it compatible with modern JavaScript runtimes.
 ## Quickstart
@@ -133,6 +133,25 @@ dashboard.data.forEach(item => {
 });
 ```
+## Deno Support
+The SDK is fully compatible with Deno (including Supabase Edge Functions) thanks to its use of Web Crypto API for JWT signing. No additional configuration needed:
+```ts
+import { QueryPanelSdkAPI } from "https://esm.sh/@querypanel/sdk";
+const qp = new QueryPanelSdkAPI(
+  Deno.env.get("QUERYPANEL_URL")!,
+  Deno.env.get("PRIVATE_KEY")!,
+  Deno.env.get("ORGANIZATION_ID")!,
+);
+// Use the SDK as normal - JWT signing works automatically
+const response = await qp.ask("Show top products", {
+  tenantId: "tenant_123",
+});
+```
 ## Building locally
 ```bash

package/dist/index.cjs CHANGED Viewed

@@ -554,7 +554,6 @@ function sanitize2(value) {
 }
 // src/core/client.ts
-var import_node_crypto = require("crypto");
 var ApiClient = class {
   baseUrl;
   privateKey;
@@ -562,6 +561,7 @@ var ApiClient = class {
   defaultTenantId;
   additionalHeaders;
   fetchImpl;
+  cryptoKey = null;
   constructor(baseUrl, privateKey, organizationId, options) {
     if (!baseUrl) {
       throw new Error("Base URL is required");
@@ -677,6 +677,66 @@ var ApiClient = class {
     }
     return headers;
   }
+  /**
+   * Base64URL encode a string (works in both Node.js 18+ and Deno)
+   */
+  base64UrlEncode(str) {
+    const bytes = new TextEncoder().encode(str);
+    let binary = "";
+    const chunkSize = 8192;
+    for (let i = 0; i < bytes.length; i += chunkSize) {
+      const chunk = bytes.slice(i, i + chunkSize);
+      binary += String.fromCharCode(...chunk);
+    }
+    const base64 = btoa(binary);
+    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+  }
+  /**
+   * Base64URL encode from Uint8Array (for binary data like signatures)
+   */
+  base64UrlEncodeBytes(bytes) {
+    let binary = "";
+    const chunkSize = 8192;
+    for (let i = 0; i < bytes.length; i += chunkSize) {
+      const chunk = bytes.slice(i, i + chunkSize);
+      binary += String.fromCharCode(...chunk);
+    }
+    const base64 = btoa(binary);
+    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+  }
+  /**
+   * Import the private key into Web Crypto API format (cached after first import)
+   */
+  async getCryptoKey() {
+    if (this.cryptoKey) {
+      return this.cryptoKey;
+    }
+    this.cryptoKey = await crypto.subtle.importKey(
+      "pkcs8",
+      this.privateKeyToArrayBuffer(this.privateKey),
+      {
+        name: "RSASSA-PKCS1-v1_5",
+        hash: "SHA-256"
+      },
+      false,
+      ["sign"]
+    );
+    return this.cryptoKey;
+  }
+  /**
+   * Convert PEM private key to ArrayBuffer for Web Crypto API
+   */
+  privateKeyToArrayBuffer(pem) {
+    const pemHeader = "-----BEGIN PRIVATE KEY-----";
+    const pemFooter = "-----END PRIVATE KEY-----";
+    const pemContents = pem.replace(pemHeader, "").replace(pemFooter, "").replace(/\s/g, "");
+    const binaryString = atob(pemContents);
+    const bytes = new Uint8Array(binaryString.length);
+    for (let i = 0; i < binaryString.length; i++) {
+      bytes[i] = binaryString.charCodeAt(i);
+    }
+    return bytes.buffer;
+  }
   async generateJWT(tenantId, userId, scopes) {
     const header = {
       alg: "RS256",
@@ -688,19 +748,20 @@ var ApiClient = class {
     };
     if (userId) payload.userId = userId;
     if (scopes?.length) payload.scopes = scopes;
-    const encodeJson = (obj) => {
-      const json = JSON.stringify(obj);
-      const base64 = Buffer.from(json).toString("base64");
-      return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
-    };
-    const encodedHeader = encodeJson(header);
-    const encodedPayload = encodeJson(payload);
+    const encodedHeader = this.base64UrlEncode(JSON.stringify(header));
+    const encodedPayload = this.base64UrlEncode(JSON.stringify(payload));
     const data = `${encodedHeader}.${encodedPayload}`;
-    const signer = (0, import_node_crypto.createSign)("RSA-SHA256");
-    signer.update(data);
-    signer.end();
-    const signature = signer.sign(this.privateKey);
-    const encodedSignature = signature.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+    const key = await this.getCryptoKey();
+    const dataBytes = new TextEncoder().encode(data);
+    const signature = await crypto.subtle.sign(
+      {
+        name: "RSASSA-PKCS1-v1_5"
+      },
+      key,
+      dataBytes
+    );
+    const signatureBytes = new Uint8Array(signature);
+    const encodedSignature = this.base64UrlEncodeBytes(signatureBytes);
     return `${data}.${encodedSignature}`;
   }
 };
@@ -785,13 +846,19 @@ var QueryEngine = class {
       return sql;
     }
     const tenantField = metadata.tenantFieldName;
-    const paramKey = tenantField;
-    params[paramKey] = tenantId;
     const normalizedSql = sql.toLowerCase();
     if (normalizedSql.includes(tenantField.toLowerCase())) {
       return sql;
     }
-    const tenantPredicate = metadata.dialect === "clickhouse" ? `${tenantField} = {${tenantField}:${metadata.tenantFieldType ?? "String"}}` : `${tenantField} = '${tenantId}'`;
+    let tenantPredicate;
+    if (metadata.dialect === "clickhouse") {
+      const paramKey = tenantField;
+      params[paramKey] = tenantId;
+      tenantPredicate = `${tenantField} = {${tenantField}:${metadata.tenantFieldType ?? "String"}}`;
+    } else {
+      const escapedId = tenantId.replace(/'/g, "''");
+      tenantPredicate = `${tenantField} = '${escapedId}'`;
+    }
     if (/\bwhere\b/i.test(sql)) {
       return sql.replace(
         /\bwhere\b/i,
@@ -1025,7 +1092,6 @@ function resolveTenantId2(client, tenantId) {
 }
 // src/routes/ingest.ts
-var import_node_crypto2 = require("crypto");
 async function syncSchema(client, queryEngine, databaseName, options, signal) {
   const tenantId = resolveTenantId3(client, options.tenantId);
   const adapter = queryEngine.getDatabase(databaseName);
@@ -1037,7 +1103,7 @@ async function syncSchema(client, queryEngine, databaseName, options, signal) {
   if (options.forceReindex) {
     payload.force_reindex = true;
   }
-  const sessionId = (0, import_node_crypto2.randomUUID)();
+  const sessionId = crypto.randomUUID();
   const response = await client.post(
     "/ingest",
     payload,
@@ -1086,10 +1152,9 @@ function buildSchemaRequest(databaseName, adapter, introspection, metadata) {
 }
 // src/routes/query.ts
-var import_node_crypto3 = require("crypto");
 async function ask(client, queryEngine, question, options, signal) {
   const tenantId = resolveTenantId4(client, options.tenantId);
-  const sessionId = (0, import_node_crypto3.randomUUID)();
+  const sessionId = crypto.randomUUID();
   const maxRetry = options.maxRetry ?? 0;
   let attempt = 0;
   let lastError = options.lastError;