@runa-ai/runa-cli 0.5.72 → 0.7.0

package/dist/commands/db/apply/actors.d.ts

@@ -1,70 +1,21 @@
-import type { DbApplyInput } from './contract.js';
-export interface ApplyResult {
-    filesApplied: number;
-    filesSkipped: number;
-    rolePasswordsSet: number;
-}
-export interface PgSchemaDiffResult {
-    sql: string;
-    hazards: string[];
-    applied: boolean;
-    /** Number of retry attempts made (for metrics) */
-    retryAttempts?: number;
-    /** Total time spent waiting between retries (ms) */
-    retryWaitMs?: number;
-    /** Number of pre-apply data compatibility violations detected */
-    dataViolations?: number;
-    /** Warning when SSOT enforcement had issues (schemas applied but cleanup incomplete) */
-    ssotWarning?: string;
-}
 /**
- * Apply idempotent schemas (extensions, RBAC, cleanup) and set role passwords.
+ * AI HINT: db apply Actors (Barrel Re-export)
  *
- * Flow:
- * 1. Apply idempotent/*.sql files (includes 15_rbac_roles.sql for ROLE creation)
- * 2. Set passwords for drizzle_app/drizzle_service if env vars present
+ * Purpose: Re-export all actors from split modules for backward compatibility.
+ * Consumers use `import * as actors from './actors.js'` (namespace import).
  *
- * @param pass - 'pre' = 1st pass (graceful skip on error), 'post' = 2nd pass (strict)
+ * Split modules:
+ * - actors/shared.ts: Shared utilities (logger, ApplyResult, helpers)
+ * - actors/lock-actors.ts: Advisory lock actors (acquireLock, releaseLock)
+ * - actors/idempotent-actors.ts: Idempotent schema actors + isDeferrableError
+ * - actors/pg-schema-diff-actors.ts: pg-schema-diff actors + partition validation
+ * - actors/seed-actors.ts: Seed application actor
  */
-export declare const applyIdempotentSchemas: import("xstate").PromiseActorLogic<ApplyResult, {
-    input: DbApplyInput;
-    targetDir: string;
-    pass: "pre" | "post";
-}, import("xstate").EventObject>;
-/**
- * Apply schema changes using pg-schema-diff (or direct psql for fresh DB).
- *
- * Extension Support:
- * If pgSchemaDiff.shadowDbExtensions is configured in runa.config.ts,
- * creates a shadow database with those extensions installed for type resolution.
- * This enables pg-schema-diff to recognize extension-defined types like
- * PostGIS geometry or pgvector vector.
- *
- * @see https://github.com/stripe/pg-schema-diff/pull/194
- */
-export declare const applyPgSchemaDiff: import("xstate").PromiseActorLogic<PgSchemaDiffResult, {
-    input: DbApplyInput;
-    targetDir: string;
-}, import("xstate").EventObject>;
-/**
- * Validate that expected partitions (from idempotent/*.sql) exist in the database.
- *
- * Non-blocking: failures are logged as warnings, never cause the pipeline to fail.
- * This runs after the 2nd idempotent pass so all partitions should exist.
- */
-export declare const validatePartitions: import("xstate").PromiseActorLogic<{
-    warnings: string[];
-}, {
-    input: DbApplyInput;
-    targetDir: string;
-}, import("xstate").EventObject>;
-/**
- * Apply seeds.
- */
-export declare const applySeeds: import("xstate").PromiseActorLogic<{
-    applied: boolean;
-}, {
-    input: DbApplyInput;
-    targetDir: string;
-}, import("xstate").EventObject>;
+export type { ApplyResult } from './actors/shared.js';
+export { acquireLock, releaseLock } from './actors/lock-actors.js';
+export { isDeferrableError, applyIdempotentSchemas, previewIdempotentSchemas, } from './actors/idempotent-actors.js';
+export type { IdempotentPreviewResult } from './actors/idempotent-actors.js';
+export { applyPgSchemaDiff, validatePartitions, } from './actors/pg-schema-diff-actors.js';
+export type { PgSchemaDiffResult } from './actors/pg-schema-diff-actors.js';
+export { applySeeds } from './actors/seed-actors.js';
 //# sourceMappingURL=actors.d.ts.map

package/dist/commands/db/apply/contract.d.ts

@@ -49,10 +49,17 @@ export declare const DbApplyOutputSchema: z.ZodObject<{
     seedsApplied: z.ZodBoolean;
     error: z.ZodOptional<z.ZodString>;
     planSql: z.ZodOptional<z.ZodString>;
+    filteredPlanSql: z.ZodOptional<z.ZodString>;
     checkOnly: z.ZodOptional<z.ZodBoolean>;
     dataViolations: z.ZodOptional<z.ZodNumber>;
     ssotWarning: z.ZodOptional<z.ZodString>;
     partitionWarnings: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    idempotentFiles: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    idempotentRisks: z.ZodOptional<z.ZodObject<{
+        high: z.ZodNumber;
+        medium: z.ZodNumber;
+        low: z.ZodNumber;
+    }, z.core.$strip>>;
     metrics: z.ZodOptional<z.ZodObject<{
         totalMs: z.ZodNumber;
         idempotentMs: z.ZodOptional<z.ZodNumber>;
@@ -60,6 +67,6 @@ export declare const DbApplyOutputSchema: z.ZodObject<{
         seedMs: z.ZodOptional<z.ZodNumber>;
         retryAttempts: z.ZodOptional<z.ZodNumber>;
     }, z.core.$strip>>;
-}, z.core.$strip>;
+}, z.core.$strict>;
 export type DbApplyOutput = z.infer<typeof DbApplyOutputSchema>;
 //# sourceMappingURL=contract.d.ts.map

package/dist/commands/db/apply/helpers/data-compatibility-checker.d.ts

@@ -13,7 +13,7 @@
  * Performance: All queries use LIMIT 100000 subquery cap + 10s timeout.
  */
 import type { ValidatedPlan } from './plan-validator.js';
-export type DataViolationType = 'not_null' | 'type_cast' | 'check_constraint' | 'unique_constraint';
+export type DataViolationType = 'not_null' | 'type_cast' | 'check_constraint' | 'unique_constraint' | 'query_error' | 'timeout';
 export interface DataViolation {
     statementIndex: number;
     sql: string;
@@ -30,6 +30,8 @@ export interface DataCompatibilityResult {
     checkedStatements: number;
     skippedStatements: number;
     errors: string[];
+    /** Number of validation queries that failed (query errors + timeouts) */
+    queryErrorCount: number;
 }
 /**
  * Parse SET NOT NULL from ALTER TABLE statement.
@@ -101,8 +103,5 @@ export declare function checkDataCompatibility(dbUrl: string, plan: ValidatedPla
     verbose?: boolean;
     timeout?: number;
 }): DataCompatibilityResult;
-/**
- * Display data compatibility results to the user.
- */
 export declare function displayDataCompatibilityResults(result: DataCompatibilityResult, verbose: boolean): void;
 //# sourceMappingURL=data-compatibility-checker.d.ts.map

package/dist/commands/db/apply/helpers/data-integrity-verifier.d.ts

@@ -0,0 +1,37 @@
+/**
+ * AI HINT: Data Integrity Verifier
+ *
+ * Purpose: Pre/post-apply data integrity checks for schema migrations.
+ * Detects unexpected data loss by comparing row count estimates before and after apply.
+ *
+ * Layers:
+ * 1. Pre-apply backup (production only) — pg_dump idempotent-managed tables
+ * 2. Pre-apply row estimate capture (pg_class.reltuples)
+ * 3. Post-apply row estimate comparison
+ *    - Full loss (N→0): CRITICAL error (unless --allow-data-loss)
+ *    - >50% reduction: WARNING log
+ *
+ * Safety: Non-fatal backup failures log warnings but never block apply.
+ */
+/**
+ * Backup idempotent-managed table data before applying schema changes.
+ * Non-fatal: backup failure logs a warning but does NOT block apply.
+ * Only runs for production deployments.
+ */
+export declare function backupIdempotentTables(dbUrl: string, protectedTables: string[], verbose: boolean): {
+    backupPath: string | null;
+};
+/**
+ * Get estimated row counts for all app tables using pg_class.reltuples.
+ * Fast (no sequential scan) and sufficient for integrity checks.
+ */
+export declare function getTableRowEstimates(dbUrl: string, schemasDir: string, verbose: boolean): Map<string, number>;
+/**
+ * Verify data integrity after schema apply.
+ * Compares pre-apply and post-apply row estimates.
+ *
+ * - Full data loss (N→0 where N>0): CRITICAL error (throws)
+ * - >50% reduction: WARNING log (informational)
+ */
+export declare function verifyDataIntegrity(dbUrl: string, schemasDir: string, preApplyCounts: Map<string, number>, verbose: boolean, allowDataLoss?: boolean): void;
+//# sourceMappingURL=data-integrity-verifier.d.ts.map

package/dist/commands/db/apply/helpers/fresh-db-handler.d.ts

@@ -0,0 +1,34 @@
+/**
+ * AI HINT: Fresh DB Detection and Direct Schema Application
+ *
+ * Purpose: Detect if a database is fresh (no app tables) and apply schemas directly
+ * via psql instead of pg-schema-diff for faster initial setup.
+ *
+ * Flow:
+ * 1. checkFreshDb() — detect if DB has app tables (whitelist/fallback strategies)
+ * 2. handleFreshDbCase() — if fresh, apply declarative/*.sql directly + SSOT cleanup
+ *
+ * Safety: Fail-safe — if all detection fails, assumes existing DB (uses pg-schema-diff).
+ */
+import type { DbApplyInput } from '../contract.js';
+export interface PgSchemaDiffResult {
+    sql: string;
+    hazards: string[];
+    applied: boolean;
+    filteredPlanSql?: string;
+    retryAttempts?: number;
+    retryWaitMs?: number;
+    dataViolations?: number;
+    ssotWarning?: string;
+}
+/**
+ * Check if DB has app tables.
+ * Returns true if existing DB (has tables), false if fresh DB.
+ */
+export declare function hasAppTables(dbUrl: string, schemasDir?: string, customSql?: string, verbose?: boolean): boolean;
+/**
+ * Handle fresh DB case - apply schemas directly, then use pg-schema-diff for SSOT cleanup.
+ * Returns null if the DB is NOT fresh (existing DB — caller should use pg-schema-diff).
+ */
+export declare function handleFreshDbCase(input: DbApplyInput, dbUrl: string, targetDir: string, pgSchemaDiffDir?: string): PgSchemaDiffResult | null;
+//# sourceMappingURL=fresh-db-handler.d.ts.map

package/dist/commands/db/apply/helpers/hazard-handler.d.ts

@@ -0,0 +1,60 @@
+/**
+ * AI HINT: Hazard Handler for pg-schema-diff
+ *
+ * Purpose: Parse, display, and handle hazards from pg-schema-diff plan output.
+ * Separates hazard logic from binary verification and plan execution.
+ *
+ * Hazard Types:
+ * - DELETES_DATA: Data loss risk (blocks production without --allow-data-loss)
+ * - AUTHZ_UPDATE: RLS policy changes (blocks production without --confirm-authz-update)
+ * - ACQUIRES_ACCESS_EXCLUSIVE_LOCK: Table lock during migration
+ * - HAS_UNTRACKABLE_DEPENDENCIES: Cross-schema dependencies
+ * - INDEX_BUILD / INDEX_DROPPED: Index operations
+ */
+import type { DbApplyInput } from '../contract.js';
+import { type ParsedHazard } from './idempotent-object-registry.js';
+/**
+ * Parse hazards from pg-schema-diff output with context.
+ * Enhanced to extract the SQL statement that caused each hazard.
+ */
+export declare function parseHazardsWithContext(planOutput: string): ParsedHazard[];
+/**
+ * Display hazards with context and return flags.
+ */
+export declare function displayHazardsWithContext(hazards: ParsedHazard[], verbose: boolean): {
+    hasDeletesData: boolean;
+    hasAuthzUpdate: boolean;
+};
+/**
+ * Handle production data protection for DELETES_DATA hazard.
+ */
+export declare function handleProductionDataProtection(allowDataLoss: boolean): void;
+/**
+ * Handle production RLS policy protection for AUTHZ_UPDATE hazard.
+ */
+export declare function handleProductionAuthzProtection(confirmAuthzUpdate: boolean): void;
+/**
+ * Build list of allowed hazards based on environment and flags.
+ */
+export declare function buildAllowedHazards(input: DbApplyInput): string[];
+/**
+ * Handle hazards with enhanced context display.
+ *
+ * This function filters out false positive AUTHZ_UPDATE hazards for roles
+ * defined in idempotent/*.sql (e.g., drizzle_app, drizzle_service).
+ */
+export declare function handleHazardsWithContext(planOutput: string, input: DbApplyInput, schemasDir?: string): {
+    hazards: string[];
+    hasDeletesData: boolean;
+    hasAuthzUpdate: boolean;
+};
+/**
+ * Display check mode results.
+ */
+export declare function displayCheckModeResults(planOutput: string, filterInfo?: {
+    filteredPlanSql: string;
+    removedStatements: {
+        sql: string;
+    }[];
+}): void;
+//# sourceMappingURL=hazard-handler.d.ts.map

package/dist/commands/db/apply/helpers/idempotent-object-registry.d.ts

@@ -0,0 +1,96 @@
+/**
+ * AI HINT: Idempotent Object Registry
+ *
+ * Purpose: Detect and register all objects defined in idempotent/*.sql files.
+ * These objects are invisible to pg-schema-diff's shadow DB, so pg-schema-diff
+ * generates DROP statements for them. This registry is used to filter those out.
+ *
+ * Objects tracked:
+ * - Roles (CREATE ROLE) — for AUTHZ_UPDATE false positive filtering
+ * - Tables (CREATE TABLE) — for DROP TABLE protection
+ * - Functions, Triggers, Views, Types, Sequences — for DROP protection
+ *
+ * Security: All identifier extraction uses regex on comment-stripped SQL.
+ */
+/**
+ * Resolve the idempotent directory from a schemasDir path.
+ */
+export declare function resolveIdempotentDir(schemasDir?: string): string;
+/**
+ * Read and strip comments from all idempotent SQL files.
+ * Returns per-file results with filename and comment-stripped content.
+ */
+export declare function readIdempotentSqlFiles(idempotentDir: string): Array<{
+    file: string;
+    content: string;
+}> | null;
+/**
+ * Extract role names from idempotent SQL files.
+ * These roles are managed outside pg-schema-diff and should not trigger AUTHZ_UPDATE.
+ */
+export declare function getIdempotentRoles(schemasDir?: string): string[];
+/**
+ * Reset the cached idempotent roles.
+ * Useful for testing or when schema files change.
+ */
+export declare function resetIdempotentRolesCache(): void;
+/**
+ * Extract table names from idempotent SQL files.
+ * These tables are managed outside pg-schema-diff and must not be dropped.
+ *
+ * Also merges tables from `excludeFromOrphanDetection` config.
+ */
+export declare function getIdempotentProtectedTables(schemasDir?: string, configExclusions?: string[]): string[];
+export interface IdempotentProtectedObjects {
+    tables: string[];
+    functions: string[];
+    triggers: string[];
+    views: string[];
+    types: string[];
+    sequences: string[];
+}
+/**
+ * Extract all protected object names from idempotent/*.sql files.
+ *
+ * Scans for:
+ * - CREATE [OR REPLACE] FUNCTION schema.name(...)
+ * - CREATE TRIGGER name ON schema.table
+ * - CREATE [OR REPLACE] [MATERIALIZED] VIEW schema.name
+ * - CREATE TYPE schema.name
+ * - CREATE SEQUENCE schema.name
+ */
+export declare function getIdempotentProtectedObjects(schemasDir?: string, configExclusions?: string[]): IdempotentProtectedObjects;
+/**
+ * Parsed hazard with context information.
+ * Defined here to avoid circular dependency (used by both registry and handler).
+ */
+export interface ParsedHazard {
+    type: string;
+    message: string;
+    fullMatch: string;
+    /** SQL statement that caused this hazard (if extractable) */
+    causingSql?: string;
+    /** Line number in the plan output */
+    lineNumber?: number;
+}
+/**
+ * Check if an AUTHZ_UPDATE hazard is a false positive.
+ *
+ * False positives occur when the hazard's causingSql is a GRANT/REVOKE statement
+ * targeting a role defined in idempotent/*.sql. These are expected to be re-applied
+ * by the 2nd-pass idempotent execution.
+ *
+ * IMPORTANT: Only GRANT/REVOKE statements are considered FP. If causingSql is a
+ * schema change (ALTER TABLE, CREATE TABLE, etc.) that triggers an AUTHZ_UPDATE,
+ * it is a genuine hazard and should NOT be filtered.
+ */
+export declare function isIdempotentRoleHazard(hazard: ParsedHazard, schemasDir?: string): boolean;
+/**
+ * Filter out false positive hazards.
+ * Returns hazards that are NOT false positives (i.e., real issues).
+ */
+export declare function filterFalsePositiveHazards(hazards: ParsedHazard[], schemasDir?: string): {
+    filtered: ParsedHazard[];
+    falsePositives: ParsedHazard[];
+};
+//# sourceMappingURL=idempotent-object-registry.d.ts.map

package/dist/commands/db/apply/helpers/idempotent-transaction.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Check if a SQL file contains statements that cannot run inside a transaction block.
+ */
+export declare function hasTransactionIncompatibleStatements(filePath: string): boolean;
+/**
+ * Check if SQL content contains transaction-incompatible statements.
+ * Exported separately for testing without file I/O.
+ */
+export declare function hasTransactionIncompatibleContent(sql: string): boolean;
+/**
+ * Determine the transaction strategy for a SQL file.
+ *
+ * @returns 'wrap' if file can be wrapped in BEGIN/COMMIT, 'skip' otherwise
+ */
+export declare function getTransactionStrategy(filePath: string): 'wrap' | 'skip';
+/**
+ * Wrap SQL content in a transaction block (BEGIN/COMMIT).
+ */
+export declare function wrapInTransaction(sql: string): string;
+//# sourceMappingURL=idempotent-transaction.d.ts.map

package/dist/commands/db/apply/helpers/index.d.ts

@@ -20,4 +20,10 @@ export type { DetectedPartitionStub, PrefilterResult } from './partition-prefilt
 export { prefilterPartitionStubs } from './partition-prefilter.js';
 export type { ExpectedPartition, PartitionDrift } from './partition-validator.js';
 export { blankDollarQuotedBodies, detectPartitionDrift, formatPartitionWarnings, parseExpectedPartitions, queryActualPartitions, } from './partition-validator.js';
+export { isValidIdentifier, maskDbCredentials, qualifiedTable, quoteIdent } from './sql-utils.js';
+export type { PgSchemaDiffResult } from './fresh-db-handler.js';
+export { handleFreshDbCase, hasAppTables } from './fresh-db-handler.js';
+export { checkPasswordSecurity, parseDbCredentials, setRolePasswords, } from './rbac-password-manager.js';
+export { backupIdempotentTables, getTableRowEstimates, verifyDataIntegrity, } from './data-integrity-verifier.js';
+export { getTransactionStrategy, hasTransactionIncompatibleContent, hasTransactionIncompatibleStatements, wrapInTransaction, } from './idempotent-transaction.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/commands/db/apply/helpers/partition-validator.d.ts

@@ -1,3 +1,5 @@
+import { blankDollarQuotedBodies, stripSqlComments } from '../../../../lib/sql-comment-utils.js';
+export { blankDollarQuotedBodies, stripSqlComments };
 export interface ExpectedPartition {
     /** Qualified child table name (e.g., "events.location_events_2026_01") */
     child: string;
@@ -10,12 +12,6 @@ export interface PartitionDrift {
     /** Partitions expected in SQL but missing from the database */
     missing: ExpectedPartition[];
 }
-/**
- * Strip SQL comments while preserving quoted text.
- * Handles: -- line comments, nested block comments, single/double/dollar-quoted strings,
- * and PostgreSQL E-string literals (E'...' with backslash escapes).
- */
-export declare function stripSqlComments(content: string): string;
 /**
  * Qualified name pattern: optional schema prefix + table name.
  * Matches: schema.table, "schema"."table", or bare table (no schema).
@@ -43,15 +39,6 @@ export declare const PARTITION_OF_REGEX: RegExp;
  * Returns "schema.table" when schema is present, or just "table" when absent.
  */
 export declare function extractQualifiedName(quotedSchema: string | undefined, unquotedSchema: string | undefined, quotedTable: string | undefined, unquotedTable: string | undefined): string;
-/**
- * Replace content inside dollar-quoted strings with spaces.
- * This prevents false-positive PARTITION OF matches inside PL/pgSQL function bodies.
- *
- * Input is already comment-stripped (from stripSqlComments), so we only need to
- * handle dollar-quoted strings — single/double quotes are already handled by the
- * regex (they can't span the CREATE TABLE ... PARTITION OF ... ; pattern).
- */
-export declare function blankDollarQuotedBodies(content: string): string;
 /**
  * Parse all expected partitions from idempotent SQL directory.
  *

package/dist/commands/db/apply/helpers/pg-schema-diff-helpers.d.ts

@@ -1,163 +1,37 @@
 /**
  * AI HINT: pg-schema-diff Helper Functions
  *
- * Purpose: Utility functions for pg-schema-diff operations
- * Pattern: Pure functions for verification, parsing, and display
+ * Purpose: Binary verification, plan execution, and error detection for pg-schema-diff.
+ * This file was refactored from a 1,015-line monolith into 3 focused modules:
  *
- * False Positive Filtering:
- * - AUTHZ_UPDATE hazards for roles defined in idempotent/*.sql are filtered
- * - Reason: idempotent files (e.g., 15_rbac_roles.sql) grant privileges that
- *   pg-schema-diff doesn't know about (it only manages declarative/*.sql)
+ * - idempotent-object-registry.ts: Idempotent object detection & DROP protection
+ * - hazard-handler.ts: Hazard parsing, display, and production protection
+ * - pg-schema-diff-helpers.ts (this file): Binary verification, plan execution, error detection
+ *
+ * Re-exports are provided for backward compatibility.
  *
  * Security:
  * - All psql calls use parsePostgresUrl + buildPsqlArgs to prevent SQL injection
  * - Passwords are passed via PGPASSWORD env var, not command line
  */
-import type { DbApplyInput } from '../contract.js';
-/**
- * Extract role names from idempotent SQL files.
- * These roles are managed outside pg-schema-diff and should not trigger AUTHZ_UPDATE.
- */
-export declare function getIdempotentRoles(schemasDir?: string): string[];
-/**
- * Check if an AUTHZ_UPDATE hazard is a false positive.
- *
- * False positives occur when:
- * - The hazard type is AUTHZ_UPDATE
- * - The causing SQL references a role defined in idempotent/*.sql
- * - Example: "REVOKE ... FROM drizzle_app" when drizzle_app is in 15_rbac_roles.sql
- */
-export declare function isIdempotentRoleHazard(hazard: ParsedHazard, schemasDir?: string): boolean;
-/**
- * Filter out false positive hazards.
- * Returns hazards that are NOT false positives (i.e., real issues).
- */
-export declare function filterFalsePositiveHazards(hazards: ParsedHazard[], schemasDir?: string): {
-    filtered: ParsedHazard[];
-    falsePositives: ParsedHazard[];
-};
-/**
- * Reset the cached idempotent roles.
- * Useful for testing or when schema files change.
- */
-export declare function resetIdempotentRolesCache(): void;
-/**
- * AI HINT: Idempotent Table Extraction
- *
- * Purpose: Extract table names defined in idempotent/*.sql files
- * Use case: Filter out DROP TABLE statements for these tables from pg-schema-diff plan
- *
- * Pattern: Parse SQL for CREATE TABLE statements
- * Example: CREATE TABLE location_data.location_events → ['location_data.location_events']
- *
- * Incident context: pg-schema-diff drops tables not in declarative/*.sql because its
- * shadow DB doesn't contain idempotent-managed tables. This function identifies those
- * tables so their DROP statements can be filtered from the plan output.
- */
-/**
- * Extract table names from idempotent SQL files.
- * These tables are managed outside pg-schema-diff and must not be dropped.
- *
- * Also merges tables from `excludeFromOrphanDetection` config.
- */
-export declare function getIdempotentProtectedTables(schemasDir?: string, configExclusions?: string[]): string[];
+export type { IdempotentProtectedObjects, ParsedHazard, } from './idempotent-object-registry.js';
+export { filterFalsePositiveHazards, getIdempotentProtectedObjects, getIdempotentProtectedTables, getIdempotentRoles, isIdempotentRoleHazard, resetIdempotentRolesCache, } from './idempotent-object-registry.js';
+export { buildAllowedHazards, displayCheckModeResults, displayHazardsWithContext, handleHazardsWithContext, handleProductionAuthzProtection, handleProductionDataProtection, parseHazardsWithContext, } from './hazard-handler.js';
 /**
  * Verify pg-schema-diff binary is available.
  */
-export declare function verifyPgSchemaDiffBinary(): void;
-/**
- * Verify database connection.
- */
-export declare function verifyDatabaseConnection(dbUrl: string): void;
-/**
- * Parsed hazard with context information.
- */
-export interface ParsedHazard {
-    type: string;
-    message: string;
-    fullMatch: string;
-    /** SQL statement that caused this hazard (if extractable) */
-    causingSql?: string;
-    /** Line number in the plan output */
-    lineNumber?: number;
+export interface VerifyPgSchemaDiffBinaryOptions {
+    strictVersion?: boolean;
 }
 /**
- * Parse hazards from pg-schema-diff output with context.
- * Enhanced to extract the SQL statement that caused each hazard.
- */
-export declare function parseHazardsWithContext(planOutput: string): ParsedHazard[];
-/**
- * Display hazards with context and return flags.
- */
-export declare function displayHazardsWithContext(hazards: ParsedHazard[], verbose: boolean): {
-    hasDeletesData: boolean;
-    hasAuthzUpdate: boolean;
-};
-/**
- * Handle production data protection for DELETES_DATA hazard.
- */
-export declare function handleProductionDataProtection(allowDataLoss: boolean): void;
-/**
- * Handle production RLS policy protection for AUTHZ_UPDATE hazard.
- * RLS policy changes can silently affect security if not explicitly approved.
- */
-export declare function handleProductionAuthzProtection(confirmAuthzUpdate: boolean): void;
-/**
- * AI HINT: Idempotent Object Extraction
- *
- * Purpose: Extract all object names defined in idempotent/*.sql files
- * Use case: Filter DROP FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE from pg-schema-diff plan
- *
- * Pattern: Parse SQL for CREATE statements (after stripping comments)
- * Objects created in idempotent/*.sql are invisible to pg-schema-diff's shadow DB,
- * so pg-schema-diff generates DROP statements for them. We must filter these out.
- */
-export interface IdempotentProtectedObjects {
-    tables: string[];
-    functions: string[];
-    triggers: string[];
-    views: string[];
-    types: string[];
-    sequences: string[];
-}
-/**
- * Extract all protected object names from idempotent/*.sql files.
- *
- * Scans for:
- * - CREATE [OR REPLACE] FUNCTION schema.name(...)
- * - CREATE TRIGGER name ON schema.table
- * - CREATE [OR REPLACE] [MATERIALIZED] VIEW schema.name
- * - CREATE TYPE schema.name
- * - CREATE SEQUENCE schema.name
- *
- * Uses stripSqlComments to avoid matching inside comments.
- */
-export declare function getIdempotentProtectedObjects(schemasDir?: string, configExclusions?: string[]): IdempotentProtectedObjects;
-/**
- * Display check mode results.
- */
-export declare function displayCheckModeResults(planOutput: string, filterInfo?: {
-    filteredPlanSql: string;
-    removedStatements: {
-        sql: string;
-    }[];
-}): void;
-/**
- * Build list of allowed hazards based on environment and flags.
+ * Verify pg-schema-diff binary is available.
+ * strictVersion=true blocks unsupported/undetectable versions.
  */
-export declare function buildAllowedHazards(input: DbApplyInput): string[];
+export declare function verifyPgSchemaDiffBinary(options?: VerifyPgSchemaDiffBinaryOptions): void;
 /**
- * Handle hazards with enhanced context display.
- * Use this for detailed hazard reporting with SQL context.
- *
- * This function filters out false positive AUTHZ_UPDATE hazards for roles
- * defined in idempotent/*.sql (e.g., drizzle_app, drizzle_service).
+ * Verify database connection with retry for transient startup errors.
  */
-export declare function handleHazardsWithContext(planOutput: string, input: DbApplyInput, schemasDir?: string): {
-    hazards: string[];
-    hasDeletesData: boolean;
-    hasAuthzUpdate: boolean;
-};
+export declare function verifyDatabaseConnection(dbUrl: string): Promise<void>;
 export interface MissingExtensionDetection {
     detected: boolean;
     missingTypes: string[];
@@ -178,7 +52,6 @@ export interface PartitionPrivilegeDetection {
 }
 /**
  * Detect "privileges on partitions: not implemented" errors in pg-schema-diff output.
- * pg-schema-diff v1.0.5 hard-rejects partition privilege diffs in sql_generator.go.
  */
 export declare function detectPartitionPrivilegeError(errorOutput: string): PartitionPrivilegeDetection;
 /**
@@ -187,23 +60,12 @@ export declare function detectPartitionPrivilegeError(errorOutput: string): Part
 export declare function formatPartitionPrivilegeHint(detection: PartitionPrivilegeDetection): string;
 /**
  * Detect DROP TABLE statements in plan output.
- * Returns list of "schema.table" names that would be dropped.
- * Used for pre-apply warnings (separate from idempotent protection).
  */
 export declare function detectDropTableStatements(planOutput: string): string[];
-/**
- * Options for pg-schema-diff plan execution.
- */
 export interface PgSchemaDiffPlanOptions {
     /**
      * Shadow DB DSN for extension type resolution.
-     *
-     * When specified, pg-schema-diff uses this database for parsing
-     * extension-defined types (PostGIS geometry, pgvector vector, etc.).
-     *
-     * This is passed as --temp-db-dsn to pg-schema-diff.
-     *
-     * @see https://github.com/stripe/pg-schema-diff/pull/194
+     * Passed as --temp-db-dsn to pg-schema-diff.
      */
     tempDbDsn?: string;
 }
@@ -211,12 +73,6 @@ export interface PgSchemaDiffPlanOptions {
 export declare const PG_SCHEMA_DIFF_APPLY_TIMEOUT_MS = 600000;
 /**
  * Execute pg-schema-diff plan and handle errors.
- *
- * @param dbUrl - Source database URL (--from-dsn)
- * @param schemasDir - Directory containing declarative SQL schemas (--to-dir)
- * @param includeSchemas - Schemas to include in diff
- * @param verbose - Enable verbose logging
- * @param options - Additional options (tempDbDsn for extension support)
  */
 export declare function executePgSchemaDiffPlan(dbUrl: string, schemasDir: string, includeSchemas: string[], verbose: boolean, options?: PgSchemaDiffPlanOptions): {
     planOutput: string;