npm - @runa-ai/runa-cli - Versions diffs - 0.8.0 → 0.10.0 - Mend

@runa-ai/runa-cli 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/dist/commands/db/sync/schema-guardrail-graph-nodes.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * AI HINT: Schema Guardrail Graph - Node Building
+ *
+ * Purpose: Build graph nodes from declarative SQL files
+ * Includes: Trigger extraction, declarative file parsing,
+ * table/FK/dependency/file node construction
+ */
+import { type SqlFile } from '../utils/declarative-dependency-sql-utils.js';
+import { type DeclarativeFileRecord, type DefinedFunctionMetadata, type ManagedBoundaryMetadata, type IdempotentTouchMetadata } from './schema-guardrail-graph-types.js';
+import type { SchemaGuardrailConfig, SchemaGraphFileDependencyEdge, SchemaGraphFileNode, SchemaGraphFunctionClaim, SchemaGraphPolicyClaim, SchemaGraphPolicyRef, SchemaGraphTableNode, SchemaGraphTriggerRef, SchemaGuardrailReport } from './schema-guardrail-types.js';
+declare function parseCreateTriggerStatement(statement: string): {
+    qualifiedTable: string;
+    trigger: SchemaGraphTriggerRef;
+} | null;
+declare function appendTriggerRef(triggerMap: Map<string, SchemaGraphTriggerRef[]>, qualifiedTable: string, trigger: SchemaGraphTriggerRef): void;
+declare function extractCreateTriggers(content: string): Map<string, SchemaGraphTriggerRef[]>;
+declare function buildDeclarativeFileRecord(file: SqlFile): Promise<DeclarativeFileRecord>;
+declare function collectDeclarativeClaims(records: DeclarativeFileRecord[]): {
+    tableOwnerClaims: Map<string, Set<string>>;
+    schemaClaims: Map<string, Set<string>>;
+    createSchemaClaims: Map<string, Set<string>>;
+    tablePolicies: Map<string, SchemaGraphPolicyRef[]>;
+    policyClaims: SchemaGraphPolicyClaim[];
+};
+declare function createDuplicateTableOwners(tableOwnerClaims: Map<string, Set<string>>): SchemaGuardrailReport['duplicateTableOwners'];
+declare function buildFunctionValidationArtifacts(params: {
+    targetDir: string;
+    config: SchemaGuardrailConfig;
+    declarativeFiles: SqlFile[];
+    idempotentFiles: SqlFile[];
+}): {
+    duplicateFunctionOwners: SchemaGuardrailReport['duplicateFunctionOwners'];
+    functionClaims: SchemaGraphFunctionClaim[];
+};
+declare function buildOwnerFileByTable(tableOwnerClaims: Map<string, Set<string>>): Map<string, string>;
+declare function buildPolicyOwnershipConflicts(params: {
+    policyClaims: SchemaGraphPolicyClaim[];
+    ownerFileByTable: Map<string, string>;
+}): SchemaGuardrailReport['policyOwnershipConflicts'];
+declare function buildTableNodesByName(params: {
+    records: DeclarativeFileRecord[];
+    tablePolicies: Map<string, SchemaGraphPolicyRef[]>;
+}): Map<string, SchemaGraphTableNode>;
+declare function attachInboundForeignKeys(tableNodesByName: Map<string, SchemaGraphTableNode>): void;
+declare function buildFileDependencies(params: {
+    tableNodesByName: Map<string, SchemaGraphTableNode>;
+    ownerFileByTable: Map<string, string>;
+}): SchemaGraphFileDependencyEdge[];
+declare function normalizeTriggerFunctionToken(value: string | undefined): string | null;
+declare function buildFileNodes(params: {
+    records: DeclarativeFileRecord[];
+    idempotentFiles: SqlFile[];
+    idempotentTouchMetadata: Map<string, IdempotentTouchMetadata>;
+    definedFunctionMetadataByFile: Map<string, DefinedFunctionMetadata[]>;
+    managedBoundaryMetadataByFile: Map<string, ManagedBoundaryMetadata>;
+    config: SchemaGuardrailConfig;
+    fileDependencies: SchemaGraphFileDependencyEdge[];
+    managedSchemas: Set<string>;
+}): SchemaGraphFileNode[];
+export { parseCreateTriggerStatement, appendTriggerRef, extractCreateTriggers, buildDeclarativeFileRecord, collectDeclarativeClaims, createDuplicateTableOwners, buildFunctionValidationArtifacts, buildOwnerFileByTable, buildPolicyOwnershipConflicts, buildTableNodesByName, attachInboundForeignKeys, buildFileDependencies, normalizeTriggerFunctionToken, buildFileNodes, };
+//# sourceMappingURL=schema-guardrail-graph-nodes.d.ts.map

package/dist/commands/db/sync/schema-guardrail-graph-sql-helpers.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/**
+ * AI HINT: Schema Guardrail Graph - SQL Helpers
+ *
+ * Purpose: SQL string sanitization, pattern matching, and metadata extraction
+ * for idempotent file analysis
+ */
+import { type SqlFile } from '../utils/declarative-dependency-sql-utils.js';
+import type { IdempotentTouchMetadata } from './schema-guardrail-graph-types.js';
+declare function normalizeSqlIdentifier(value: string): string;
+declare function consumeSingleQuotedLiteral(params: {
+    content: string;
+    startIndex: number;
+    prefixLength: number;
+}): {
+    blankedText: string;
+    nextIndex: number;
+};
+declare function blankSingleQuotedStrings(content: string): string;
+declare function blankDynamicExecuteLiterals(content: string): string;
+declare function sanitizeIdempotentTouchScanContent(content: string): string;
+declare function splitFunctionTargetList(value: string): string[];
+declare function normalizeFunctionTouchTarget(value: string): string | null;
+declare function extractTouchedSchemas(content: string): string[];
+declare function extractTouchedFunctions(content: string): string[];
+declare function normalizeExtensionIdentifier(identifier: string): string;
+declare function extractTouchedExtensions(content: string): string[];
+declare function extractTouchedPolicies(content: string): string[];
+declare function extractIdempotentTouchMetadata(file: SqlFile): IdempotentTouchMetadata;
+export declare function buildIdempotentTouchMetadata(files: SqlFile[]): Map<string, IdempotentTouchMetadata>;
+export { normalizeSqlIdentifier, consumeSingleQuotedLiteral, blankSingleQuotedStrings, blankDynamicExecuteLiterals, sanitizeIdempotentTouchScanContent, splitFunctionTargetList, normalizeFunctionTouchTarget, normalizeExtensionIdentifier, extractTouchedSchemas, extractTouchedFunctions, extractTouchedExtensions, extractTouchedPolicies, extractIdempotentTouchMetadata, };
+//# sourceMappingURL=schema-guardrail-graph-sql-helpers.d.ts.map

package/dist/commands/db/sync/schema-guardrail-graph-types.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+/**
+ * AI HINT: Schema Guardrail Graph - Types & Constants
+ *
+ * Purpose: Shared types, constants, and tiny utility functions
+ * for the schema guardrail graph builder
+ */
+import type { SqlFile } from '../utils/declarative-dependency-sql-utils.js';
+import type { SchemaGraphManifest, SchemaGraphOutboundForeignKey, SchemaGraphPolicyClaim, SchemaGraphTriggerRef } from './schema-guardrail-types.js';
+export type PolicyCommand = 'all' | 'select' | 'insert' | 'update' | 'delete';
+export type IdempotentTouchMetadata = {
+    touchedSchemas: string[];
+    touchedExtensions: string[];
+    touchedFunctions: string[];
+    touchedPolicies: string[];
+};
+export type DefinedFunctionMetadata = {
+    qualifiedName: string;
+    qualifiedSignature: string;
+    securityDefiner: boolean;
+    searchPathLocked: boolean;
+    crossSchemaRefs: string[];
+};
+export type ManagedBoundaryMetadata = {
+    schemas: string[];
+    refs: string[];
+};
+export type DeclarativeFileRecord = {
+    file: SqlFile;
+    declaredSchemas: string[];
+    createSchemaClaims: string[];
+    tables: Array<{
+        schema: string;
+        name: string;
+        qualifiedName: string;
+        lineNumber?: number;
+        columns: string[];
+        outboundForeignKeys: SchemaGraphOutboundForeignKey[];
+    }>;
+    policies: SchemaGraphPolicyClaim[];
+    triggersByTable: Map<string, SchemaGraphTriggerRef[]>;
+};
+export declare const GENERATOR_VERSION = "1.0.0";
+export declare const SQL_IDENTIFIER_PATTERN: RegExp;
+export declare const SQL_EXTENSION_IDENTIFIER_PATTERN: RegExp;
+export declare const QUALIFIED_SQL_OBJECT_RE: RegExp;
+export declare const SECURITY_DEFINER_RE: RegExp;
+export declare const SEARCH_PATH_LOCK_RE: RegExp;
+export declare const MANAGED_BOUNDARY_SCHEMAS: readonly ["auth", "storage", "extensions", "net", "supabase_functions"];
+export declare const TRIGGER_GUIDANCE_SUPPRESSED_FUNCTIONS: Set<string>;
+export declare const MAX_SCHEMA_GUIDANCE_TARGETS_PER_FILE = 3;
+export declare function makeGraphVersion(graph: Omit<SchemaGraphManifest, 'graphVersion' | 'generatedAt'>): string;
+export declare function currentIsoTimestamp(): string;
+export declare function stableSorted<T>(values: Iterable<T>, map: (value: T) => string): T[];
+export declare function normalizeFileList(files: Iterable<string>): string[];
+export declare function normalizePolicyCommand(input: string): PolicyCommand;
+//# sourceMappingURL=schema-guardrail-graph-types.d.ts.map

package/dist/commands/db/sync/schema-guardrail-graph.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+/**
+ * AI HINT: Schema Guardrail Graph - Orchestration
+ *
+ * Purpose: Main entry points for schema guardrail graph building
+ * Exports: loadSqlSources, buildStaticGraph, StaticGraphBuildResult
+ */
+import type { LoadedSqlSources, SchemaGraphManifest, SchemaGuardrailConfig, SchemaGuardrailReport } from './schema-guardrail-types.js';
+export declare function loadSqlSources(targetDir: string, config: SchemaGuardrailConfig): LoadedSqlSources;
+export type StaticGraphBuildResult = {
+    graph: SchemaGraphManifest;
+    duplicateTableOwners: SchemaGuardrailReport['duplicateTableOwners'];
+    duplicateFunctionOwners: SchemaGuardrailReport['duplicateFunctionOwners'];
+    policyOwnershipConflicts: SchemaGuardrailReport['policyOwnershipConflicts'];
+    semanticDuplicateWarnings: SchemaGuardrailReport['semanticDuplicateWarnings'];
+    boundaryGuidanceWarnings: SchemaGuardrailReport['boundaryGuidanceWarnings'];
+    localBlindSpotBlockers: SchemaGuardrailReport['localBlindSpotBlockers'];
+    multiFileSchemas: SchemaGuardrailReport['multiFileSchemas'];
+};
+export declare function buildStaticGraph(targetDir: string, config: SchemaGuardrailConfig, sources: LoadedSqlSources): Promise<StaticGraphBuildResult>;
+//# sourceMappingURL=schema-guardrail-graph.d.ts.map

package/dist/commands/db/sync/schema-guardrail-local-blockers.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { LoadedSqlSources, LocalBlindSpotBlocker, SchemaGraphManifest } from './schema-guardrail-types.js';
+export declare function buildLocalBlindSpotBlockers(params: {
+    graph: SchemaGraphManifest;
+    sources: LoadedSqlSources;
+    managedSchemas: Set<string>;
+}): LocalBlindSpotBlocker[];
+//# sourceMappingURL=schema-guardrail-local-blockers.d.ts.map

package/dist/commands/db/sync/schema-guardrail-phases.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import type { SchemaGuardrailReport } from './schema-guardrail-types.js';
+type GuardrailPhaseResult = {
+    id: string;
+    label: string;
+    status: 'passed' | 'warning' | 'failed';
+    warningCount?: number;
+    warnings?: Array<{
+        code: string;
+        message: string;
+        phase: string;
+        details?: Record<string, unknown>;
+    }>;
+    error?: {
+        code: string;
+        message: string;
+        retryable: boolean;
+        phase: string;
+    };
+};
+export declare function isStaleBlocking(params: {
+    targetDir: string;
+    strictOption?: boolean;
+}): boolean;
+export declare function createGuardrailOutcomePhases(report: SchemaGuardrailReport): GuardrailPhaseResult[];
+export {};
+//# sourceMappingURL=schema-guardrail-phases.d.ts.map

package/dist/commands/db/sync/schema-guardrail-production-check.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+/**
+ * AI HINT: Post-sync Production DDL Order Check
+ *
+ * Purpose: After local db sync succeeds, generate a pg-schema-diff plan
+ * against production (if credentials available) and validate DDL ordering.
+ *
+ * This catches ALTER POLICY before CREATE FUNCTION issues that only appear
+ * in incremental diffs against an existing production database, not during
+ * fresh-DB local syncs.
+ *
+ * Requires: GH_DATABASE_URL_ADMIN or DATABASE_URL_ADMIN (production)
+ * If not available: silently skipped (local-only development is fine)
+ */
+interface ProductionCheckParams {
+    targetDir: string;
+    logger: {
+        info(message: string): void;
+        warn(message: string): void;
+    };
+}
+export declare function runProductionDdlOrderCheck(params: ProductionCheckParams): Promise<void>;
+export {};
+//# sourceMappingURL=schema-guardrail-production-check.d.ts.map

package/dist/commands/db/sync/schema-guardrail-rewrite.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+import type { SchemaGraphManifest, SchemaManagedBlockKind, SchemaGuardrailConfig, SchemaGuardrailReport, SchemaGuardrailStaticResult } from './schema-guardrail-types.js';
+type RenderedManagedBlock = {
+    kind: SchemaManagedBlockKind;
+    target: string;
+    content: string;
+};
+export type HeaderRewritePlan = {
+    filePath: string;
+    originalSql: string;
+    expectedFileBlock?: RenderedManagedBlock;
+    expectedTableHeaders: RenderedManagedBlock[];
+    staleBlocks: Array<{
+        file: string;
+        kind: SchemaManagedBlockKind;
+        target: string;
+    }>;
+    existingManagedCount: number;
+};
+export declare function loadHeaderRewritePlans(params: {
+    targetDir: string;
+    graph: SchemaGraphManifest;
+    config: SchemaGuardrailConfig;
+    report: SchemaGuardrailReport;
+}): {
+    staleBlocks: SchemaGuardrailReport['staleBlocks'];
+    rewritePlans: HeaderRewritePlan[];
+    failure?: undefined;
+} | {
+    staleBlocks?: undefined;
+    rewritePlans?: undefined;
+    failure: SchemaGuardrailStaticResult;
+};
+export declare function finalizeCheckModeReport(params: {
+    report: SchemaGuardrailReport;
+    graph: SchemaGraphManifest;
+    staleBlocks: SchemaGuardrailReport['staleBlocks'];
+    targetDir: string;
+    strictOption?: boolean;
+}): SchemaGuardrailStaticResult;
+export declare function rewriteManagedHeaders(params: {
+    targetDir: string;
+    rewritePlans: HeaderRewritePlan[];
+    report: SchemaGuardrailReport;
+}): SchemaGuardrailStaticResult | null;
+export {};
+//# sourceMappingURL=schema-guardrail-rewrite.d.ts.map

package/dist/commands/db/sync/schema-guardrail-runtime.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { TablesManifest } from '@runa-ai/runa/manifests';
+import type { SchemaGuardrailReport, SchemaGuardrailRuntimeInput } from './schema-guardrail-types.js';
+export declare function loadRuntimeTablesManifest(targetDir: string): TablesManifest | null;
+export declare function runSchemaGuardrailRuntime(input: SchemaGuardrailRuntimeInput): SchemaGuardrailReport;
+//# sourceMappingURL=schema-guardrail-runtime.d.ts.map

package/dist/commands/db/sync/schema-guardrail-semantic-warnings.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { TablesManifest } from '@runa-ai/runa/manifests';
+import type { SchemaGraphManifest, SchemaGuardrailConfig, SemanticDuplicateWarning } from './schema-guardrail-types.js';
+export declare function createSemanticWarningDetails(warning: SemanticDuplicateWarning): Record<string, unknown>;
+export declare function buildSemanticDuplicateWarnings(params: {
+    graph: SchemaGraphManifest;
+    runtimeTables: TablesManifest | null;
+    config: SchemaGuardrailConfig;
+}): SemanticDuplicateWarning[];
+//# sourceMappingURL=schema-guardrail-semantic-warnings.d.ts.map

package/dist/commands/db/sync/schema-guardrail-types.d.ts ADDED Viewed

@@ -0,0 +1,243 @@
+import type { SqlFile } from '../utils/declarative-dependency-sql-utils.js';
+export type SchemaManagedBlockKind = 'file-header' | 'table-header';
+export type SchemaGuardrailMode = 'check' | 'sync';
+export type SchemaGraphFileLayer = 'declarative' | 'idempotent';
+export type SchemaGraphFileAuthoringRole = 'declarative-owner' | 'operational';
+export type BoundaryGuidanceWarningKind = 'schema' | 'function' | 'policy' | 'security_definer' | 'trigger_function' | 'managed_boundary';
+export type LocalBlindSpotBlockerKind = 'cross-schema-rls' | 'dynamic-sql' | 'extension-placement';
+export type SchemaGuardrailPhaseId = 'load_sources' | 'build_static_graph' | 'validate_ownership' | 'compare_generated_headers' | 'refresh_generated_headers' | 'handoff_db_sync' | 'runtime_reconcile' | 'publish_report';
+export type SchemaGuardrailFailureCode = 'source_load_failed' | 'duplicate_table_owner' | 'duplicate_function_owner' | 'policy_ownership_conflict' | 'raw_cross_schema_rls_blocked' | 'dynamic_sql_blocked' | 'extension_placement_blocked' | 'stale_generated_header' | 'generated_header_validation_failed' | 'generated_header_rewrite_failed' | 'static_graph_build_failed' | 'critical_runtime_graph_contradiction' | 'sync_apply_failed';
+export interface SchemaGraphFileNode {
+    path: string;
+    sourceLayer: SchemaGraphFileLayer;
+    authoringRole: SchemaGraphFileAuthoringRole;
+    domainName?: string;
+    declaredSchemas: string[];
+    ownedTables: string[];
+    forwardDependsOnFiles: string[];
+    definedFunctions: string[];
+    securityDefinerFunctions: string[];
+    securityDefinerContracts: string[];
+    triggerFunctions: string[];
+    functionCrossSchemaRefs: string[];
+    managedBoundarySchemas: string[];
+    managedBoundaryRefs: string[];
+    touchedSchemas: string[];
+    touchedExtensions: string[];
+    touchedFunctions: string[];
+    touchedPolicies: string[];
+    policyCrossSchemaRefs: string[];
+    preferredEditSurface?: string;
+    idempotentPurpose?: string;
+}
+export interface SchemaGraphSchemaNode {
+    name: string;
+    claimFiles: string[];
+    createSchemaFiles?: string[];
+}
+export interface SchemaGraphOutboundForeignKey {
+    column: string;
+    referencesTable: string;
+    referencesColumn: string;
+    onDelete?: 'CASCADE' | 'SET NULL' | 'SET DEFAULT' | 'RESTRICT' | 'NO ACTION';
+    onUpdate?: 'CASCADE' | 'SET NULL' | 'SET DEFAULT' | 'RESTRICT' | 'NO ACTION';
+}
+export interface SchemaGraphInboundForeignKey {
+    fromTable: string;
+    fromColumn: string;
+    toColumn: string;
+    onDelete?: 'CASCADE' | 'SET NULL' | 'SET DEFAULT' | 'RESTRICT' | 'NO ACTION';
+    onUpdate?: 'CASCADE' | 'SET NULL' | 'SET DEFAULT' | 'RESTRICT' | 'NO ACTION';
+}
+export interface SchemaGraphPolicyRef {
+    name: string;
+    command: 'all' | 'select' | 'insert' | 'update' | 'delete';
+}
+export interface SchemaGraphTriggerRef {
+    name: string;
+    timing: 'BEFORE' | 'AFTER' | 'INSTEAD OF';
+    event: string;
+    functionName?: string;
+}
+export interface SchemaGraphTableNode {
+    schema: string;
+    name: string;
+    qualifiedName: string;
+    ownerFile: string;
+    lineNumber?: number;
+    columns: string[];
+    outboundForeignKeys: SchemaGraphOutboundForeignKey[];
+    inboundForeignKeys: SchemaGraphInboundForeignKey[];
+    policies: SchemaGraphPolicyRef[];
+    triggers: SchemaGraphTriggerRef[];
+}
+export interface SchemaGraphFunctionClaim {
+    qualifiedName: string;
+    signature: string;
+    sourceLayer: 'declarative' | 'idempotent';
+    sourceFile: string;
+    lineNumber?: number;
+    bodyHash?: string;
+}
+export interface SchemaGraphPolicyClaim {
+    name: string;
+    targetTable: string;
+    command: 'all' | 'select' | 'insert' | 'update' | 'delete';
+    sourceFile: string;
+    lineNumber?: number;
+}
+export interface SchemaGraphFileDependencyEdge {
+    fromFile: string;
+    toFile: string;
+    viaTables: string[];
+}
+export interface SchemaGraphManifest {
+    version: 1;
+    source: 'declarative-sql-ast';
+    generatedAt: string;
+    generatorVersion: string;
+    graphVersion: string;
+    files: SchemaGraphFileNode[];
+    schemas: SchemaGraphSchemaNode[];
+    tables: SchemaGraphTableNode[];
+    functionClaims: SchemaGraphFunctionClaim[];
+    policyClaims: SchemaGraphPolicyClaim[];
+    fileDependencies: SchemaGraphFileDependencyEdge[];
+}
+export interface RuntimeWarningIssue {
+    code: 'RUNTIME_EXTRA_TABLE';
+    target: string;
+    details: string;
+}
+export interface RuntimeContradictionIssue {
+    code: 'RUNTIME_TABLE_MISSING' | 'RUNTIME_FK_MISMATCH' | 'RUNTIME_POLICY_MISMATCH' | 'RUNTIME_TRIGGER_MISMATCH';
+    target: string;
+    details: string;
+}
+export interface SemanticDuplicateEvidence {
+    nameSimilarity: number;
+    sharedColumns: string[];
+    sharedFkNeighborhood: string[];
+    sameSchemaAffinity: boolean;
+}
+export interface SemanticDuplicateCandidate {
+    qualifiedName: string;
+    ownerFile: string;
+    score: number;
+    evidence: SemanticDuplicateEvidence;
+}
+export interface SemanticDuplicateWarning {
+    proposedTable: string;
+    ownerFile: string;
+    candidates: SemanticDuplicateCandidate[];
+    score: number;
+    evidence: SemanticDuplicateEvidence;
+    suggestedNextFile?: string;
+    suppressionKey: string;
+}
+export interface BoundaryGuidanceWarning {
+    sourceFile: string;
+    kind: BoundaryGuidanceWarningKind;
+    target: string;
+    suggestedDeclarativeFile?: string;
+    suggestedIdempotentFile?: string;
+    suggestedHelperFunction?: string;
+    reason: string;
+}
+export interface LocalBlindSpotBlocker {
+    kind: LocalBlindSpotBlockerKind;
+    sourceFile: string;
+    line?: number;
+    target: string;
+    details: string;
+    suggestedDeclarativeFile?: string;
+    suggestedHelper?: string;
+    requiredFile?: string;
+}
+export interface SchemaGuardrailReport {
+    mode: SchemaGuardrailMode;
+    exitMode: 'success' | 'success_with_warnings' | 'failed';
+    graphVersion?: string;
+    parser: {
+        engine: 'ast';
+        available: boolean;
+    };
+    multiFileSchemas: Array<{
+        schema: string;
+        files: string[];
+    }>;
+    duplicateTableOwners: Array<{
+        qualifiedName: string;
+        files: string[];
+    }>;
+    duplicateFunctionOwners: Array<{
+        qualifiedName: string;
+        signature: string | null;
+        declarativeFiles: string[];
+        idempotentFiles: string[];
+    }>;
+    policyOwnershipConflicts: Array<{
+        policyName: string;
+        targetTable: string;
+        files: string[];
+        tableOwnerFile: string;
+    }>;
+    semanticDuplicateWarnings: SemanticDuplicateWarning[];
+    boundaryGuidanceWarnings: BoundaryGuidanceWarning[];
+    localBlindSpotBlockers: LocalBlindSpotBlocker[];
+    staleBlocks: Array<{
+        file: string;
+        kind: SchemaManagedBlockKind;
+        target: string;
+    }>;
+    headersRewritten: string[];
+    rewritesRetainedOnDisk: boolean;
+    applyCommitted: boolean;
+    runtimeWarnings: RuntimeWarningIssue[];
+    runtimeContradictions: RuntimeContradictionIssue[];
+    failure?: {
+        phase: SchemaGuardrailPhaseId;
+        code: SchemaGuardrailFailureCode;
+        message: string;
+    };
+}
+export interface SchemaGuardrailStaticInput {
+    targetDir: string;
+    mode: SchemaGuardrailMode;
+    strictOption?: boolean;
+    enableLocalBlindSpotBlockers?: boolean;
+}
+export interface SchemaGuardrailStaticResult {
+    graph: SchemaGraphManifest | null;
+    report: SchemaGuardrailReport;
+}
+export interface SchemaGuardrailRuntimeInput {
+    targetDir: string;
+    graph: SchemaGraphManifest;
+    report: SchemaGuardrailReport;
+}
+export type SchemaGuardrailConfig = {
+    declarativeSqlDir: string;
+    allowedDuplicateFunctions: Array<{
+        qualifiedName: string;
+        signature: string;
+        reason: string;
+        declarativeFile?: string;
+        idempotentFile?: string;
+        expectedBodyHash?: string;
+    }>;
+    generatedHeaderRewriteTargets: string[];
+    semanticWarnings: {
+        threshold: number;
+        maxCandidates: number;
+        ignorePairs: Set<string>;
+    };
+    tableHeaderMaxWidth: number;
+    excludeFromOrphanDetection: string[];
+    idempotentSqlDir: string;
+};
+export type LoadedSqlSources = {
+    declarativeFiles: SqlFile[];
+    idempotentFiles: SqlFile[];
+};
+//# sourceMappingURL=schema-guardrail-types.d.ts.map

package/dist/commands/db/sync/schema-guardrail.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { createGuardrailOutcomePhases } from './schema-guardrail-phases.js';
+import { runSchemaGuardrailRuntime } from './schema-guardrail-runtime.js';
+import type { SchemaGuardrailReport, SchemaGuardrailStaticInput, SchemaGuardrailStaticResult } from './schema-guardrail-types.js';
+export declare function runSchemaGuardrailStatic(input: SchemaGuardrailStaticInput): Promise<SchemaGuardrailStaticResult>;
+export declare function createSyncApplyFailureReport(report: SchemaGuardrailReport, message: string, options?: {
+    applyCommitted?: boolean;
+}): SchemaGuardrailReport;
+export { createGuardrailOutcomePhases };
+export { runSchemaGuardrailRuntime };
+//# sourceMappingURL=schema-guardrail.d.ts.map

package/dist/commands/db/utils/declarative-dependency-sql-utils.d.ts CHANGED Viewed

@@ -36,7 +36,7 @@ export declare const STATIC_EXECUTE_LITERAL_RE: RegExp;
 export declare const DOLLAR_TAG_RE: RegExp;
 export declare const PUBLIC_SCHEMA = "public";
 export declare function countNewlines(text: string): number;
-export declare function collectSqlFiles(targetDir: string, layer: SqlLayer): SqlFile[];
+export declare function collectSqlFiles(targetDir: string, layer: SqlLayer, relativeDir?: string): SqlFile[];
 export declare function blankQuotedStrings(content: string): string;
 export declare function sanitizeTopLevelSql(statement: string): string;
 export declare function sanitizeExecutableCode(content: string): string;

package/dist/commands/db/utils/duplicate-function-ownership.d.ts CHANGED Viewed

@@ -1,3 +1,25 @@
+/**
+ * AI HINT: Duplicate Function Ownership Detector
+ *
+ * Purpose: Detect functions defined in BOTH declarative and idempotent SQL layers.
+ * Declarative SQL owns function definitions (pg-schema-diff manages them);
+ * idempotent SQL must not redefine declarative-managed functions.
+ *
+ * Key Functions:
+ * - analyzeDuplicateFunctionOwnership(targetDir): Scan declarative/ and idempotent/
+ *   directories, collect all CREATE FUNCTION definitions, and report duplicates.
+ * - formatDuplicateFunctionOwnershipFinding(finding): Format a finding for CLI display.
+ *
+ * SQL Parsing Approach:
+ * - Uses regex-based CREATE [OR REPLACE] FUNCTION detection (from FUNCTION_DEFINITION_RE)
+ * - Signature normalization: strips parameter names, canonicalizes type aliases,
+ *   handles dollar-quoting, nested parens, and DEFAULT expressions
+ * - Groups by qualified name (schema.function) and matches by normalized signature
+ *
+ * Finding Codes:
+ * - DUPLICATE_FUNCTION_OWNERSHIP: Exact signature match across layers
+ * - DUPLICATE_FUNCTION_OWNERSHIP_AMBIGUOUS: Same name but signature could not be matched
+ */
 import { type SqlLayer } from './declarative-dependency-sql-utils.js';
 export interface FunctionOwnershipDefinition {
     qualifiedName: string;
@@ -30,6 +52,10 @@ export interface FormattedDuplicateFunctionOwnershipFinding {
     suggestion: string;
 }
 export declare const DUPLICATE_FUNCTION_OWNERSHIP_NOTE = "Function ownership belongs to declarative SQL; idempotent 2nd pass must not redefine declarative-managed functions.";
-export declare function analyzeDuplicateFunctionOwnership(targetDir: string): DuplicateFunctionOwnershipAnalysisResult;
+export declare function extractFunctionOwnershipDefinition(statement: string, file: string, line: number, layer: SqlLayer): FunctionOwnershipDefinition | null;
+export declare function analyzeDuplicateFunctionOwnership(targetDir: string, options?: {
+    declarativeSqlDir?: string;
+    idempotentSqlDir?: string;
+}): DuplicateFunctionOwnershipAnalysisResult;
 export declare function formatDuplicateFunctionOwnershipFinding(finding: DuplicateFunctionOwnershipFinding): FormattedDuplicateFunctionOwnershipFinding;
 //# sourceMappingURL=duplicate-function-ownership.d.ts.map

package/dist/commands/db/utils/policy-cross-schema-refs.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export type PolicyCrossSchemaReference = {
+    policySchema: string;
+    refSchema: string;
+    refTable: string;
+    qualifiedRef: string;
+    line: number;
+};
+export declare function collectPolicyCrossSchemaReferences(params: {
+    content: string;
+    managedSchemas: Iterable<string>;
+}): PolicyCrossSchemaReference[];
+//# sourceMappingURL=policy-cross-schema-refs.d.ts.map

package/dist/commands/db/utils/sql-table-extractor.d.ts CHANGED Viewed

@@ -25,6 +25,11 @@ import type { ForeignKeyDefinition, TableEntry } from '@runa-ai/runa/manifests';
 interface SqlParserUtils {
     isSqlParserAvailable(): Promise<boolean>;
     parseSchemaDocument(sqlContent: string): Promise<{
+        schemas: Array<{
+            name: string;
+            ifNotExists: boolean;
+            lineNumber?: number;
+        }>;
         tables: Array<{
             schema: string;
             name: string;
@@ -58,6 +63,7 @@ interface SqlParserUtils {
             for: 'select' | 'insert' | 'update' | 'delete' | 'all';
             using?: string;
             withCheck?: string;
+            lineNumber?: number;
         }>;
     }>;
     parseCreateTables(sqlContent: string): Promise<unknown>;

package/dist/commands/test/commands/layer4-prereqs.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+type Layer4ManifestFlagOptions = {
+    requireManifest?: boolean;
+    allowManifestFallback?: boolean;
+};
+type Layer4ManifestResolutionOptions = Layer4ManifestFlagOptions & {
+    exclusiveErrorCode: string;
+};
+type Layer4InjectOptions = {
+    verbose?: boolean;
+    requireManifest?: boolean;
+};
+export declare function resolveLayer4RequireManifest(options: Layer4ManifestResolutionOptions): boolean | undefined;
+export declare function injectLayer4TestAttrs(options?: Layer4InjectOptions): void;
+export {};
+//# sourceMappingURL=layer4-prereqs.d.ts.map

package/dist/{config-loader-GT3HAQ7U.js → config-loader-N5ODNMD5.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import { createRequire } from 'module';
-export { getAppConfig, getDatabaseConfig, getDatabasePackagePath, getDeployConfig, getSDKScriptsPath, getSDKTemplatesPath, isMonorepo, loadRunaConfig, validateRunaConfig } from './chunk-5NKWR4FF.js';
-import './chunk-JMJP4A47.js';
+export { getAppConfig, getDatabaseConfig, getDatabasePackagePath, getDeployConfig, getSDKScriptsPath, getSDKTemplatesPath, isMonorepo, loadRunaConfig, validateRunaConfig } from './chunk-OERS32LW.js';
+import './chunk-GT5DMS5R.js';
 import './chunk-VRXHCR5K.js';
 createRequire(import.meta.url);