@runa-ai/runa-cli 0.7.1 → 0.7.3

package/dist/commands/db/apply/helpers/plan-drop-protection.d.ts

@@ -0,0 +1,43 @@
+/**
+ * AI HINT: pg-schema-diff Plan DROP Protection
+ *
+ * Purpose: Filter DROP TABLE/INDEX/FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE statements
+ *          targeting idempotent-managed objects from pg-schema-diff plans.
+ *          Also blocks DROP SCHEMA for protected schemas (throws error).
+ *
+ * Extracted from plan-validator.ts for single responsibility.
+ */
+import type { IdempotentProtectedObjects } from './idempotent-object-registry.js';
+import type { PlanStatement, ValidatedPlan } from './plan-validator.js';
+export interface FilterResult {
+    filteredPlan: ValidatedPlan;
+    removedStatements: PlanStatement[];
+}
+declare function isDropStatementForProtected(sql: string, protectedTables: string[]): boolean;
+/**
+ * Check if a DROP FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE targets a protected object.
+ *
+ * For FUNCTION: matches schema.name (argument types stripped).
+ * For TRIGGER: matches schema.trigger_name via DROP TRIGGER name ON schema.table.
+ * For VIEW/TYPE/SEQUENCE: matches schema.name.
+ */
+export declare function isDropStatementForProtectedObject(sql: string, protectedObjects: IdempotentProtectedObjects): boolean;
+/**
+ * Extract unique schema names from protected table patterns.
+ * e.g., ['location_data.events', 'accounts.clients'] → ['location_data', 'accounts']
+ */
+declare function extractProtectedSchemas(protectedTables: string[]): string[];
+declare function isDropSchemaForProtected(sql: string, protectedTables: string[]): string | null;
+/**
+ * Filter out DROP TABLE/INDEX statements targeting idempotent-managed tables,
+ * and optionally DROP FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE for protected objects.
+ * BLOCKS (throws error) on DROP SCHEMA targeting protected schemas.
+ *
+ * @param protectedObjects - Optional extended protection for non-table objects.
+ *   When omitted, only DROP TABLE/INDEX are filtered (backward compatible).
+ */
+export declare function filterIdempotentProtectedStatements(plan: ValidatedPlan, protectedTables: string[], protectedObjects?: IdempotentProtectedObjects): FilterResult;
+export { isDropStatementForProtected as _isDropStatementForProtected };
+export { extractProtectedSchemas as _extractProtectedSchemas };
+export { isDropSchemaForProtected as _isDropSchemaForProtected };
+//# sourceMappingURL=plan-drop-protection.d.ts.map

package/dist/commands/db/apply/helpers/plan-ordering.d.ts

@@ -0,0 +1,6 @@
+import type { ValidatedPlan } from './plan-validator.js';
+export declare function stabilizePlanStatementOrder(plan: ValidatedPlan): Promise<{
+    plan: ValidatedPlan;
+    movedStatements: number;
+}>;
+//# sourceMappingURL=plan-ordering.d.ts.map

package/dist/commands/db/apply/helpers/plan-statement-parser.d.ts

@@ -0,0 +1,39 @@
+/**
+ * AI HINT: pg-schema-diff Plan Statement Parser
+ *
+ * Purpose: Parse pg-schema-diff plan output into structured statements.
+ * Handles two formats:
+ * 1. With `-- Statement Idx. N` markers → split into individual statements
+ * 2. Without markers → treat as single statement
+ *
+ * Extracted from plan-validator.ts for single responsibility.
+ * For Zod-validated output, use parsePlanOutput() in plan-validator.ts.
+ */
+interface ParsedHazard {
+    type: string;
+    message: string;
+}
+interface ParsedStatement {
+    index: number;
+    sql: string;
+    hazards: ParsedHazard[];
+}
+export interface ParsedPlanOutput {
+    statements: ParsedStatement[];
+    totalStatements: number;
+    rawSql: string;
+    parseConfidence?: 'high' | 'low';
+}
+export declare function stripBlockComments(line: string, inBlockComment: boolean): {
+    text: string;
+    inBlockComment: boolean;
+};
+/**
+ * Parse pg-schema-diff plan output into structured statements.
+ *
+ * Returns a raw parsed result without Zod validation.
+ * For Zod-validated output, use parsePlanOutput() from plan-validator.ts.
+ */
+export declare function parsePlanStatements(planOutput: string): ParsedPlanOutput;
+export {};
+//# sourceMappingURL=plan-statement-parser.d.ts.map

package/dist/commands/db/apply/helpers/plan-validator.d.ts

@@ -1,10 +1,12 @@
 /**
  * AI HINT: pg-schema-diff Plan Output Validator
  *
- * Purpose: Parse pg-schema-diff plan output into structured statements and
- *          validate with Zod before psql execution (safety gate).
+ * Purpose: Zod schemas for plan validation and DDL/hazard safety checks.
  *
- * Pattern: plan → Zod validation → psql execution
+ * Architecture (split into 3 modules):
+ * - plan-statement-parser.ts: Parse raw plan output into structured statements
+ * - plan-drop-protection.ts: Filter DROP statements targeting protected objects
+ * - plan-validator.ts (this file): Zod schemas, DDL validation, hazard validation
  *
  * Safety layers:
  *   1. handleHazardsWithContext() in actors.ts → blocks unapproved hazards (primary)
@@ -12,7 +14,6 @@
  *   3. Zod structural validation → ensures plan is well-formed
  */
 import { z } from 'zod';
-import type { IdempotentProtectedObjects } from './pg-schema-diff-helpers.js';
 export declare const PlanHazardSchema: z.ZodObject<{
     type: z.ZodString;
     message: z.ZodString;
@@ -45,7 +46,7 @@ export type PlanHazard = z.infer<typeof PlanHazardSchema>;
 export type PlanStatement = z.infer<typeof PlanStatementSchema>;
 export type ValidatedPlan = z.infer<typeof ValidatedPlanSchema>;
 /**
- * Parse pg-schema-diff plan output into structured statements.
+ * Parse pg-schema-diff plan output into structured, Zod-validated statements.
  *
  * Handles two formats:
  * 1. With `-- Statement Idx. N` markers → split into individual statements
@@ -54,41 +55,6 @@ export type ValidatedPlan = z.infer<typeof ValidatedPlanSchema>;
  * @throws ZodError if parsed result fails structural validation
  */
 export declare function parsePlanOutput(planOutput: string): ValidatedPlan;
-export interface FilterResult {
-    filteredPlan: ValidatedPlan;
-    removedStatements: PlanStatement[];
-}
-declare function isDropStatementForProtected(sql: string, protectedTables: string[]): boolean;
-/**
- * Check if a DROP FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE targets a protected object.
- *
- * For FUNCTION: matches schema.name (argument types stripped).
- * For TRIGGER: matches schema.trigger_name via DROP TRIGGER name ON schema.table.
- * For VIEW/TYPE/SEQUENCE: matches schema.name.
- */
-export declare function isDropStatementForProtectedObject(sql: string, protectedObjects: IdempotentProtectedObjects): boolean;
-/**
- * Extract unique schema names from protected table patterns.
- * e.g., ['location_data.events', 'accounts.clients'] → ['location_data', 'accounts']
- */
-declare function extractProtectedSchemas(protectedTables: string[]): string[];
-/**
- * Check if a SQL statement is a DROP SCHEMA targeting a protected schema.
- * Returns the schema name if protected, null otherwise.
- */
-declare function isDropSchemaForProtected(sql: string, protectedTables: string[]): string | null;
-/**
- * Filter out DROP TABLE/INDEX statements targeting idempotent-managed tables,
- * and optionally DROP FUNCTION/TRIGGER/VIEW/TYPE/SEQUENCE for protected objects.
- * BLOCKS (throws error) on DROP SCHEMA targeting protected schemas.
- *
- * @param protectedObjects - Optional extended protection for non-table objects.
- *   When omitted, only DROP TABLE/INDEX are filtered (backward compatible).
- */
-export declare function filterIdempotentProtectedStatements(plan: ValidatedPlan, protectedTables: string[], protectedObjects?: IdempotentProtectedObjects): FilterResult;
-export { isDropStatementForProtected as _isDropStatementForProtected };
-export { extractProtectedSchemas as _extractProtectedSchemas };
-export { isDropSchemaForProtected as _isDropSchemaForProtected };
 /**
  * Allowed DDL statement prefixes. Only these statement types are permitted
  * in pg-schema-diff plan output. Checked against the normalized first keyword(s)
@@ -124,4 +90,6 @@ export declare function validateStatementTypes(plan: ValidatedPlan): void;
  * @throws Error if unresolved hazards are found
  */
 export declare function validatePlanForExecution(plan: ValidatedPlan, allowedHazardTypes: string[]): void;
+export type { FilterResult } from './plan-drop-protection.js';
+export { filterIdempotentProtectedStatements, isDropStatementForProtectedObject, _isDropStatementForProtected, _extractProtectedSchemas, _isDropSchemaForProtected, } from './plan-drop-protection.js';
 //# sourceMappingURL=plan-validator.d.ts.map

package/dist/commands/db/apply/helpers/retry-logic.d.ts

@@ -4,7 +4,7 @@
  * Purpose: Retry pg-schema-diff operations on lock_timeout errors
  * Pattern: Exponential backoff with jitter (configurable max delay)
  */
-import type { IdempotentProtectedObjects } from './pg-schema-diff-helpers.js';
+import type { IdempotentProtectedObjects } from './idempotent-object-registry.js';
 export declare const MAX_RETRIES = 5;
 export declare const BASE_DELAY_MS = 1000;
 export declare const DEFAULT_MAX_DELAY_MS = 30000;
@@ -53,15 +53,6 @@ export declare function calculateBackoffDelay(attempt: number, maxDelayMs?: numb
  * because it can fire for advisory lock failures or other non-DDL lock types.
  */
 export declare function isLockTimeoutError(errorOutput: string): boolean;
-/**
- * Wrap plan SQL for execution.
- *
- * PostgreSQL DDL is transactional (except CREATE INDEX CONCURRENTLY),
- * so we wrap in BEGIN/COMMIT to prevent partial apply on failure.
- *
- * If the plan contains CREATE INDEX CONCURRENTLY, we skip the transaction
- * wrapper because CONCURRENTLY cannot run inside a transaction block.
- */
 export declare function wrapPlanSql(planSql: string): string;
 /**
  * Options for plan+psql execution with retry.

package/dist/commands/db/apply/helpers/temp-db-bootstrap.d.ts

@@ -0,0 +1,18 @@
+interface DefaultAclRow {
+    grantor: string;
+    schemaName: string;
+    objType: string;
+    grantee: string;
+    privType: string;
+    isGrantable: string;
+}
+export declare function buildTempDbBootstrapStatements(params: {
+    roleNames: string[];
+    defaultAclRows: DefaultAclRow[];
+}): string[];
+export declare function bootstrapTempDbFromSource(params: {
+    sourceDbUrl: string;
+    tempDbDsn: string;
+}): void;
+export {};
+//# sourceMappingURL=temp-db-bootstrap.d.ts.map

package/dist/commands/db/apply/helpers/temp-db-dsn.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Resolve the temp DB DSN passed to pg-schema-diff.
+ *
+ * Priority:
+ * 1. Explicit shadow DB DSN created by runa
+ * 2. External temp DB DSN from environment (for CI-local temp databases)
+ * 3. Local Supabase DB DSN fallback (for remote checks from a developer machine)
+ */
+export declare function resolvePgSchemaDiffTempDbDsn(params: {
+    shadowDbDsn?: string;
+    envTempDbDsn?: string;
+    localTempDbDsn?: string;
+}): string | undefined;
+//# sourceMappingURL=temp-db-dsn.d.ts.map

package/dist/commands/db/apply/machine.d.ts

@@ -1,35 +1,3 @@
-/**
- * AI HINT: db apply State Machine (Declarative Schema Management)
- *
- * Purpose: Orchestrate schema application to any DB (local, Branch DB, Production)
- *
- * User Journey (2-pass idempotent):
- * 1. Apply idempotent schemas (1st pass: extensions, roles - may skip dependent tables)
- * 2. Run pg-schema-diff (current DB → desired state)
- * 3. Apply idempotent schemas (2nd pass: dependent tables now succeed)
- * 4. Validate partitions (non-blocking drift detection)
- * 5. Apply seeds
- *
- * Why 2-pass idempotent?
- * - Some idempotent SQL depends on declarative tables (e.g., areas → floors)
- * - 1st pass: extensions/roles succeed, dependent tables are skipped (no error)
- * - 2nd pass: dependent tables succeed because declarative tables now exist
- *
- * Architecture:
- * - No migration files needed
- * - pg-schema-diff runs at runtime against actual DB state
- * - Same logic for all environments
- *
- * E2E Test Mapping (CLI observable behavior):
- * - idle → expect(log).toContain('Starting db apply')
- * - applyingIdempotentPre → expect(log).toContain('Applied idempotent schema')
- * - applyingPgSchemaDiff → expect(log).toContain('pg-schema-diff')
- * - applyingIdempotentPost → expect(log).toContain('Applied idempotent schema')
- * - validatingPartitions → expect(log).toContain('partition')
- * - applyingSeeds → expect(log).toContain('Applying seeds')
- * - done → expect(exitCode).toBe(0)
- * - failed → expect(exitCode).toBe(1)
- */
 import { type SnapshotFrom } from 'xstate';
 import * as actors from './actors.js';
 import type { DbApplyInput } from './contract.js';
@@ -167,6 +135,62 @@ export declare const dbApplyMachine: import("xstate").StateMachine<DbApplyContex
     schemaChangesApplied: boolean;
     hazards: string[];
     seedsApplied: boolean;
+    outcome: {
+        command: string;
+        exitMode: "success" | "timeout" | "failed" | "cancelled" | "success_with_warnings";
+        startedAt: string;
+        endedAt: string;
+        durationMs: number;
+        phases: {
+            id: string;
+            label: string;
+            status: "timeout" | "warning" | "skipped" | "failed" | "pending" | "running" | "passed" | "cancelled";
+            startedAt?: string | undefined;
+            endedAt?: string | undefined;
+            durationMs?: number | undefined;
+            timeoutMs?: number | undefined;
+            warningCount?: number | undefined;
+            error?: {
+                code: string;
+                message: string;
+                retryable: boolean;
+                statusCode?: number | undefined;
+                retryAfterMs?: number | undefined;
+                phase?: string | undefined;
+                details?: Record<string, unknown> | undefined;
+            } | undefined;
+            warnings?: {
+                code: string;
+                message: string;
+                phase: string;
+                details?: Record<string, unknown> | undefined;
+            }[] | undefined;
+            metrics?: Record<string, number> | undefined;
+        }[];
+        warnings: {
+            code: string;
+            message: string;
+            phase: string;
+            details?: Record<string, unknown> | undefined;
+        }[];
+        errors: {
+            code: string;
+            message: string;
+            retryable: boolean;
+            statusCode?: number | undefined;
+            retryAfterMs?: number | undefined;
+            phase?: string | undefined;
+            details?: Record<string, unknown> | undefined;
+        }[];
+        summary: {
+            passed: number;
+            warnings: number;
+            failed: number;
+            skipped: number;
+            timedOut: number;
+        };
+        nextActions?: string[] | undefined;
+    };
     idempotentSchemasSkipped?: number | undefined;
     rolePasswordsSet?: number | undefined;
     error?: string | undefined;

package/dist/commands/db/commands/db-apply-error.d.ts

@@ -0,0 +1,5 @@
+import { CLIError } from '@runa-ai/runa';
+type DbApplyEnvironment = 'local' | 'preview' | 'production';
+export declare function buildDbApplyCliError(errorMessage: string, environment: DbApplyEnvironment): CLIError;
+export {};
+//# sourceMappingURL=db-apply-error.d.ts.map

package/dist/commands/db/commands/db-apply.d.ts

@@ -9,7 +9,9 @@ export interface DbApplyOptions {
     allowDataLoss?: boolean;
     confirmAuthzUpdate?: boolean;
     check?: boolean;
+    strict?: boolean;
     skipDataCheck?: boolean;
+    compareOnly?: boolean;
     maxLockWaitMs?: number;
     freshDbCheckSql?: string;
 }

package/dist/commands/db/commands/db-sync/directory-placement-check.d.ts

@@ -0,0 +1,4 @@
+import type { AllowlistAwareReport, ExtensionCheckReport } from './types.js';
+export declare function collectDirectoryPlacementReport(): Promise<AllowlistAwareReport>;
+export declare function collectExtensionPlacementReport(): ExtensionCheckReport;
+//# sourceMappingURL=directory-placement-check.d.ts.map

package/dist/commands/db/commands/db-sync/error-classifier.d.ts

@@ -1,4 +1,4 @@
-import { type RunaDbEnv } from '../../utils/db-target.js';
+import type { RunaDbEnv } from '../../utils/db-target.js';
 export interface DbSyncCommandFailure {
     code: string;
     message: string;

package/dist/commands/db/commands/db-sync/plan-boundary-reconciliation.d.ts

@@ -0,0 +1,3 @@
+import type { AllowlistAwareReport } from './types.js';
+export declare function collectPlanBoundaryReconciliationReport(planSql: string | undefined): Promise<AllowlistAwareReport>;
+//# sourceMappingURL=plan-boundary-reconciliation.d.ts.map

package/dist/commands/db/commands/db-sync/precheck-helpers.d.ts

@@ -0,0 +1,18 @@
+/**
+ * AI HINT: Shared helpers for production precheck reporting
+ *
+ * Purpose: Small utility functions and constants shared across precheck modules
+ * Used by: plan-boundary-reconciliation, directory-placement-check, risk-scan-collectors, production-precheck
+ */
+import type { DeclarativeRiskAllowlistRule, DirectoryPlacementAllowlistRule } from '../../utils/boundary-policy.js';
+import type { ExtensionCheckReport } from './types.js';
+export declare const SHOW_ALLOWLIST_REPORT: boolean;
+export declare const DIRECTORY_PLACEMENT_WARNING_PREFIX = "  [misplacement] ";
+export declare function applyStrictModeToReport(report: ExtensionCheckReport, strict: boolean): ExtensionCheckReport;
+export declare function formatAllowlistReason({ label, ruleId, reason, rule, }: {
+    label: string;
+    ruleId: string;
+    reason: string;
+    rule?: DeclarativeRiskAllowlistRule | DirectoryPlacementAllowlistRule;
+}): string;
+//# sourceMappingURL=precheck-helpers.d.ts.map

package/dist/commands/db/commands/db-sync/production-precheck.d.ts

@@ -0,0 +1,15 @@
+/**
+ * AI HINT: Production apply precheck orchestration
+ *
+ * Purpose: Run full production precheck pipeline: local risk checks + plan boundary reconciliation.
+ * Collects findings, applies strict mode, logs results, and throws on blockers.
+ *
+ * Used by: db-sync.ts (maybeRunProductionApplyPrecheck)
+ */
+import { type createCLILogger } from '@runa-ai/runa';
+import type { DbApplyOutput } from '../../apply/contract.js';
+import type { RunaDbEnv } from '../../utils/db-target.js';
+import type { SyncOptions } from './types.js';
+export declare function collectProductionApplyRiskReasons(output: DbApplyOutput): string[];
+export declare function maybeRunProductionApplyPrecheck(logger: ReturnType<typeof createCLILogger>, runaEnv: RunaDbEnv, options: SyncOptions): Promise<void>;
+//# sourceMappingURL=production-precheck.d.ts.map

package/dist/commands/db/commands/db-sync/risk-scan-collectors.d.ts

@@ -0,0 +1,11 @@
+export declare function collectDeclarativeRiskReport(): Promise<{
+    blockers: string[];
+    warnings: string[];
+    allowlist: string[];
+}>;
+export declare function collectIdempotentRiskReport(): Promise<{
+    blockers: string[];
+    warnings: string[];
+    allowlist: string[];
+}>;
+//# sourceMappingURL=risk-scan-collectors.d.ts.map

package/dist/commands/db/commands/db-sync.d.ts

@@ -6,11 +6,17 @@
  * plan boundary reconciliation).
  *
  * Submodules (db-sync/):
- *   types.ts               — Shared type definitions
- *   sql-parser.ts          — SQL text parsing & embedded SQL extraction
- *   boundary-classifier.ts — DDL statement boundary classification
- *   plan-hazard-analyzer.ts— pg-schema-diff plan hazard analysis
- *   risk-reporter.ts       — Risk formatting, deduplication, display
+ *   types.ts                        — Shared type definitions
+ *   sql-parser.ts                   — SQL text parsing & embedded SQL extraction
+ *   boundary-classifier.ts          — DDL statement boundary classification
+ *   plan-hazard-analyzer.ts         — pg-schema-diff plan hazard analysis
+ *   risk-reporter.ts                — Risk formatting, deduplication, display
+ *   error-classifier.ts             — Error classification for sync failures
+ *   precheck-helpers.ts             — Shared constants and utilities for prechecks
+ *   plan-boundary-reconciliation.ts — Plan boundary analysis and reconciliation
+ *   directory-placement-check.ts    — Directory placement scanning
+ *   risk-scan-collectors.ts         — Declarative/idempotent risk scanning
+ *   production-precheck.ts          — Production precheck orchestration
  */
 import { Command } from 'commander';
 export declare const checkCommand: Command;

package/dist/commands/db/sync/contract.d.ts

@@ -37,10 +37,13 @@ export declare const DbSyncInputSchema: z.ZodObject<{
     verbose: z.ZodDefault<z.ZodBoolean>;
     skipCodegen: z.ZodDefault<z.ZodBoolean>;
     strictIntrospect: z.ZodDefault<z.ZodBoolean>;
+    strict: z.ZodDefault<z.ZodBoolean>;
     targetDir: z.ZodOptional<z.ZodString>;
     fromProduction: z.ZodDefault<z.ZodBoolean>;
     autoSnapshot: z.ZodDefault<z.ZodBoolean>;
     reportJson: z.ZodOptional<z.ZodString>;
+    snapshotTimeoutMs: z.ZodOptional<z.ZodNumber>;
+    syncTimeoutMs: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strict>;
 export type DbSyncInput = z.infer<typeof DbSyncInputSchema>;
 /**
@@ -109,11 +112,14 @@ export declare const StepContextSchema: z.ZodObject<{
     verbose: z.ZodBoolean;
     skipCodegen: z.ZodBoolean;
     strictIntrospect: z.ZodBoolean;
+    strict: z.ZodBoolean;
     fromProduction: z.ZodBoolean;
     autoSnapshot: z.ZodBoolean;
     noSeed: z.ZodBoolean;
     reportJson: z.ZodOptional<z.ZodString>;
     timeoutMs: z.ZodOptional<z.ZodNumber>;
+    snapshotTimeoutMs: z.ZodOptional<z.ZodNumber>;
+    syncTimeoutMs: z.ZodOptional<z.ZodNumber>;
     configTimeoutMs: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strip>;
 export type StepContext = z.infer<typeof StepContextSchema>;
@@ -135,6 +141,77 @@ export declare const DbSyncOutputSchema: z.ZodObject<{
     reportJsonPath: z.ZodOptional<z.ZodString>;
     exitCode: z.ZodUnion<readonly [z.ZodLiteral<0>, z.ZodLiteral<1>]>;
     error: z.ZodOptional<z.ZodString>;
+    outcome: z.ZodObject<{
+        command: z.ZodString;
+        exitMode: z.ZodEnum<{
+            success: "success";
+            success_with_warnings: "success_with_warnings";
+            failed: "failed";
+            timeout: "timeout";
+            cancelled: "cancelled";
+        }>;
+        startedAt: z.ZodString;
+        endedAt: z.ZodString;
+        durationMs: z.ZodNumber;
+        phases: z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            label: z.ZodString;
+            status: z.ZodEnum<{
+                failed: "failed";
+                timeout: "timeout";
+                cancelled: "cancelled";
+                pending: "pending";
+                running: "running";
+                passed: "passed";
+                warning: "warning";
+                skipped: "skipped";
+            }>;
+            startedAt: z.ZodOptional<z.ZodString>;
+            endedAt: z.ZodOptional<z.ZodString>;
+            durationMs: z.ZodOptional<z.ZodNumber>;
+            timeoutMs: z.ZodOptional<z.ZodNumber>;
+            warningCount: z.ZodOptional<z.ZodNumber>;
+            error: z.ZodOptional<z.ZodObject<{
+                code: z.ZodString;
+                message: z.ZodString;
+                statusCode: z.ZodOptional<z.ZodNumber>;
+                retryable: z.ZodBoolean;
+                retryAfterMs: z.ZodOptional<z.ZodNumber>;
+                phase: z.ZodOptional<z.ZodString>;
+                details: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+            }, z.core.$strict>>;
+            warnings: z.ZodOptional<z.ZodArray<z.ZodObject<{
+                code: z.ZodString;
+                message: z.ZodString;
+                phase: z.ZodString;
+                details: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+            }, z.core.$strict>>>;
+            metrics: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodNumber>>;
+        }, z.core.$strict>>;
+        warnings: z.ZodArray<z.ZodObject<{
+            code: z.ZodString;
+            message: z.ZodString;
+            phase: z.ZodString;
+            details: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+        }, z.core.$strict>>;
+        errors: z.ZodArray<z.ZodObject<{
+            code: z.ZodString;
+            message: z.ZodString;
+            statusCode: z.ZodOptional<z.ZodNumber>;
+            retryable: z.ZodBoolean;
+            retryAfterMs: z.ZodOptional<z.ZodNumber>;
+            phase: z.ZodOptional<z.ZodString>;
+            details: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+        }, z.core.$strict>>;
+        summary: z.ZodObject<{
+            passed: z.ZodNumber;
+            warnings: z.ZodNumber;
+            failed: z.ZodNumber;
+            skipped: z.ZodNumber;
+            timedOut: z.ZodNumber;
+        }, z.core.$strict>;
+        nextActions: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strict>;
 }, z.core.$strict>;
 export type DbSyncOutput = z.infer<typeof DbSyncOutputSchema>;
 /**
@@ -152,6 +229,7 @@ export declare const DbSyncMachineInputSchema: z.ZodObject<{
     verbose: z.ZodOptional<z.ZodBoolean>;
     skipCodegen: z.ZodOptional<z.ZodBoolean>;
     strictIntrospect: z.ZodOptional<z.ZodBoolean>;
+    strict: z.ZodOptional<z.ZodBoolean>;
     targetDir: z.ZodOptional<z.ZodString>;
     fromProduction: z.ZodOptional<z.ZodBoolean>;
     autoSnapshot: z.ZodOptional<z.ZodBoolean>;
@@ -159,6 +237,8 @@ export declare const DbSyncMachineInputSchema: z.ZodObject<{
     reportJson: z.ZodOptional<z.ZodString>;
     reconcile: z.ZodOptional<z.ZodBoolean>;
     timeoutMs: z.ZodOptional<z.ZodNumber>;
+    snapshotTimeoutMs: z.ZodOptional<z.ZodNumber>;
+    syncTimeoutMs: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strict>;
 export type DbSyncMachineInput = z.infer<typeof DbSyncMachineInputSchema>;
 //# sourceMappingURL=contract.d.ts.map

package/dist/commands/db/sync/machine.d.ts

@@ -104,7 +104,7 @@ export declare const dbSyncMachine: import("xstate").StateMachine<DbSyncContext,
     src: "writeReport";
     logic: import("xstate").PromiseActorLogic<actors.ReportOutput, actors.ReportInput, import("xstate").EventObject>;
     id: string | undefined;
-}, never, never, never, "done" | "failed" | "sync" | "setup" | "idle" | "snapshot" | "preflight" | "reconcile" | "report", string, {
+}, never, never, never, "done" | "failed" | "sync" | "setup" | "idle" | "snapshot" | "report" | "preflight" | "reconcile", string, {
     env?: "local" | "preview" | "production" | undefined;
     check?: boolean | undefined;
     force?: boolean | undefined;
@@ -112,6 +112,7 @@ export declare const dbSyncMachine: import("xstate").StateMachine<DbSyncContext,
     verbose?: boolean | undefined;
     skipCodegen?: boolean | undefined;
     strictIntrospect?: boolean | undefined;
+    strict?: boolean | undefined;
     targetDir?: string | undefined;
     fromProduction?: boolean | undefined;
     autoSnapshot?: boolean | undefined;
@@ -119,6 +120,8 @@ export declare const dbSyncMachine: import("xstate").StateMachine<DbSyncContext,
     reportJson?: string | undefined;
     reconcile?: boolean | undefined;
     timeoutMs?: number | undefined;
+    snapshotTimeoutMs?: number | undefined;
+    syncTimeoutMs?: number | undefined;
 }, {
     env: "local" | "preview" | "production";
     check: boolean;
@@ -128,6 +131,62 @@ export declare const dbSyncMachine: import("xstate").StateMachine<DbSyncContext,
     applied: boolean;
     stepsCompleted: string[];
     exitCode: 0 | 1;
+    outcome: {
+        command: string;
+        exitMode: "success" | "timeout" | "failed" | "cancelled" | "success_with_warnings";
+        startedAt: string;
+        endedAt: string;
+        durationMs: number;
+        phases: {
+            id: string;
+            label: string;
+            status: "timeout" | "warning" | "skipped" | "failed" | "pending" | "running" | "passed" | "cancelled";
+            startedAt?: string | undefined;
+            endedAt?: string | undefined;
+            durationMs?: number | undefined;
+            timeoutMs?: number | undefined;
+            warningCount?: number | undefined;
+            error?: {
+                code: string;
+                message: string;
+                retryable: boolean;
+                statusCode?: number | undefined;
+                retryAfterMs?: number | undefined;
+                phase?: string | undefined;
+                details?: Record<string, unknown> | undefined;
+            } | undefined;
+            warnings?: {
+                code: string;
+                message: string;
+                phase: string;
+                details?: Record<string, unknown> | undefined;
+            }[] | undefined;
+            metrics?: Record<string, number> | undefined;
+        }[];
+        warnings: {
+            code: string;
+            message: string;
+            phase: string;
+            details?: Record<string, unknown> | undefined;
+        }[];
+        errors: {
+            code: string;
+            message: string;
+            retryable: boolean;
+            statusCode?: number | undefined;
+            retryAfterMs?: number | undefined;
+            phase?: string | undefined;
+            details?: Record<string, unknown> | undefined;
+        }[];
+        summary: {
+            passed: number;
+            warnings: number;
+            failed: number;
+            skipped: number;
+            timedOut: number;
+        };
+        nextActions?: string[] | undefined;
+    };
     reportJsonPath?: string | undefined;
     error?: string | undefined;
 }, import("xstate").EventObject, import("xstate").MetaObject, {