@secondlayer/shared 1.1.0 → 2.1.0

package/dist/src/db/index.d.ts

@@ -13,7 +13,7 @@ declare function jsonb(value: unknown): RawBuilder<unknown>;
 declare function parseJsonb<T = unknown>(value: unknown): T;
 import { Kysely } from "kysely";
 import postgres from "postgres";
-import { Generated, Insertable, Selectable, Updateable } from "kysely";
+import { ColumnType, Generated, Insertable, Selectable, Updateable } from "kysely";
 interface BlocksTable {
 	height: number;
 	hash: string;
@@ -70,7 +70,6 @@ interface SubgraphsTable {
 	last_error_at: Date | null;
 	total_processed: Generated<number>;
 	total_errors: Generated<number>;
-	api_key_id: string | null;
 	account_id: string;
 	handler_code: string | null;
 	source_code: string | null;
@@ -374,7 +373,72 @@ interface Database {
 	workflow_cursors: WorkflowCursorsTable;
 	workflow_signer_secrets: WorkflowSignerSecretsTable;
 	workflow_budgets: WorkflowBudgetsTable;
+	tenants: TenantsTable;
+	tenant_usage_monthly: TenantUsageMonthlyTable;
+	provisioning_audit_log: ProvisioningAuditLogTable;
 }
+type TenantStatus = "provisioning" | "active" | "suspended" | "error" | "deleted";
+interface TenantsTable {
+	id: Generated<string>;
+	account_id: string;
+	slug: string;
+	status: ColumnType<TenantStatus, TenantStatus | undefined, TenantStatus>;
+	plan: string;
+	cpus: ColumnType<number, number | string, number | string>;
+	memory_mb: number;
+	storage_limit_mb: number;
+	storage_used_mb: number | null;
+	pg_container_id: string | null;
+	api_container_id: string | null;
+	processor_container_id: string | null;
+	target_database_url_enc: Buffer;
+	tenant_jwt_secret_enc: Buffer;
+	anon_key_enc: Buffer;
+	service_key_enc: Buffer;
+	api_url_internal: string;
+	api_url_public: string;
+	trial_ends_at: Date;
+	suspended_at: Date | null;
+	last_health_check_at: Date | null;
+	service_gen: Generated<number>;
+	anon_gen: Generated<number>;
+	project_id: string | null;
+	created_at: Generated<Date>;
+	updated_at: Generated<Date>;
+}
+type Tenant = Selectable<TenantsTable>;
+type InsertTenant = Insertable<TenantsTable>;
+type UpdateTenant = Updateable<TenantsTable>;
+interface TenantUsageMonthlyTable {
+	id: Generated<string>;
+	tenant_id: string;
+	period_month: Date;
+	storage_peak_mb: Generated<number>;
+	storage_avg_mb: Generated<number>;
+	storage_last_mb: Generated<number>;
+	measurements: Generated<number>;
+	first_at: Generated<Date>;
+	last_at: Generated<Date>;
+}
+type TenantUsageMonthly = Selectable<TenantUsageMonthlyTable>;
+type InsertTenantUsageMonthly = Insertable<TenantUsageMonthlyTable>;
+type UpdateTenantUsageMonthly = Updateable<TenantUsageMonthlyTable>;
+type ProvisioningAuditEvent = "provision.start" | "provision.success" | "provision.failure" | "suspend" | "resume" | "resize" | "keys.rotate" | "bastion.key.upload" | "bastion.key.revoke" | "teardown";
+type ProvisioningAuditStatus = "ok" | "error";
+interface ProvisioningAuditLogTable {
+	id: Generated<string>;
+	tenant_id: string | null;
+	tenant_slug: string | null;
+	account_id: string | null;
+	actor: string;
+	event: ProvisioningAuditEvent;
+	status: ProvisioningAuditStatus;
+	detail: unknown | null;
+	error: string | null;
+	created_at: Generated<Date>;
+}
+type ProvisioningAuditLog = Selectable<ProvisioningAuditLogTable>;
+type InsertProvisioningAuditLog = Insertable<ProvisioningAuditLogTable>;
 interface WorkflowBudgetsTable {
 	id: Generated<string>;
 	workflow_definition_id: string;
@@ -469,9 +533,28 @@ type UpdateChatSession = Updateable<ChatSessionsTable>;
 type ChatMessage = Selectable<ChatMessagesTable>;
 type InsertChatMessage = Insertable<ChatMessagesTable>;
 import { sql } from "kysely";
+/**
+* Kysely instance for the SOURCE DB (block/tx/event reads from the shared
+* indexer). Resolution: `SOURCE_DATABASE_URL || DATABASE_URL`.
+*/
+declare function getSourceDb(): Kysely<Database>;
+/**
+* Kysely instance for the TARGET DB (subgraph schemas, subgraphs table,
+* account-scoped data — tenant-side writes). Resolution:
+* `TARGET_DATABASE_URL || DATABASE_URL`.
+*/
+declare function getTargetDb(): Kysely<Database>;
+/**
+* Backward-compat alias for `getTargetDb()`. Accepts an optional
+* `connectionString` override used by seed/test helpers — when supplied,
+* bypasses env resolution and uses the provided URL directly (still cached).
+*/
 declare function getDb(connectionString?: string): Kysely<Database>;
-/** Raw postgres.js client for dynamic schema DDL (CREATE SCHEMA, DROP, etc.) */
-declare function getRawClient(): ReturnType<typeof postgres>;
-/** Close the DB connection pool. Call in CLI commands to allow process exit. */
+/**
+* Raw postgres.js client for dynamic schema DDL (CREATE SCHEMA, DROP, etc.).
+* Defaults to the target role (tenant schemas live in the target DB).
+*/
+declare function getRawClient(role?: "source" | "target"): ReturnType<typeof postgres>;
+/** Close all DB connection pools. Call in CLI commands to allow process exit. */
 declare function closeDb(): Promise<void>;
-export { sql, parseJsonb, jsonb, getRawClient, getDb, closeDb, WorkflowStepsTable, WorkflowStep, WorkflowSignerSecretsTable, WorkflowSignerSecret, WorkflowSchedulesTable, WorkflowSchedule, WorkflowRunsTable, WorkflowRun, WorkflowQueueTable, WorkflowQueueItem, WorkflowDefinitionsTable, WorkflowDefinition, WorkflowCursorsTable, WorkflowCursor, WorkflowBudgetsTable, WorkflowBudget, WaitlistTable, UsageSnapshotsTable, UsageSnapshot, UsageDailyTable, UsageDaily, UpdateWorkflowStep, UpdateWorkflowSignerSecret, UpdateWorkflowSchedule, UpdateWorkflowRun, UpdateWorkflowDefinition, UpdateWorkflowBudget, UpdateTransaction, UpdateSubgraph, UpdateProject, UpdateIndexProgress, UpdateEvent, UpdateChatSession, UpdateBlock, UpdateApiKey, TransactionsTable, Transaction, TeamMembersTable, TeamMember, TeamInvitationsTable, TeamInvitation, SubgraphsTable, SubgraphUsageDailyTable, SubgraphUsageDaily, SubgraphTableSnapshotsTable, SubgraphProcessingStatsTable, SubgraphHealthSnapshotsTable, SubgraphHealthSnapshot, SubgraphGapsTable, SubgraphGap, Subgraph, SessionsTable, Session, ProjectsTable, Project, MagicLinksTable, MagicLink, InsertWorkflowStep, InsertWorkflowSignerSecret, InsertWorkflowSchedule, InsertWorkflowRun, InsertWorkflowQueueItem, InsertWorkflowDefinition, InsertWorkflowBudget, InsertTransaction, InsertTeamMember, InsertTeamInvitation, InsertSubgraphUsageDaily, InsertSubgraphHealthSnapshot, InsertSubgraphGap, InsertSubgraph, InsertSession, InsertProject, InsertMagicLink, InsertIndexProgress, InsertEvent, InsertChatSession, InsertChatMessage, InsertBlock, InsertApiKey, InsertAccountInsight, InsertAccountAgentRun, InsertAccount, IndexProgressTable, IndexProgress, EventsTable, Event, Database, ChatSessionsTable, ChatSession, ChatMessagesTable, ChatMessage, BlocksTable, Block, ApiKeysTable, ApiKey, AccountsTable, AccountInsightsTable, AccountInsight, AccountAgentRunsTable, AccountAgentRun, Account };
+export { sql, parseJsonb, jsonb, getTargetDb, getSourceDb, getRawClient, getDb, closeDb, WorkflowStepsTable, WorkflowStep, WorkflowSignerSecretsTable, WorkflowSignerSecret, WorkflowSchedulesTable, WorkflowSchedule, WorkflowRunsTable, WorkflowRun, WorkflowQueueTable, WorkflowQueueItem, WorkflowDefinitionsTable, WorkflowDefinition, WorkflowCursorsTable, WorkflowCursor, WorkflowBudgetsTable, WorkflowBudget, WaitlistTable, UsageSnapshotsTable, UsageSnapshot, UsageDailyTable, UsageDaily, UpdateWorkflowStep, UpdateWorkflowSignerSecret, UpdateWorkflowSchedule, UpdateWorkflowRun, UpdateWorkflowDefinition, UpdateWorkflowBudget, UpdateTransaction, UpdateTenantUsageMonthly, UpdateTenant, UpdateSubgraph, UpdateProject, UpdateIndexProgress, UpdateEvent, UpdateChatSession, UpdateBlock, UpdateApiKey, TransactionsTable, Transaction, TenantsTable, TenantUsageMonthlyTable, TenantUsageMonthly, TenantStatus, Tenant, TeamMembersTable, TeamMember, TeamInvitationsTable, TeamInvitation, SubgraphsTable, SubgraphUsageDailyTable, SubgraphUsageDaily, SubgraphTableSnapshotsTable, SubgraphProcessingStatsTable, SubgraphHealthSnapshotsTable, SubgraphHealthSnapshot, SubgraphGapsTable, SubgraphGap, Subgraph, SessionsTable, Session, ProvisioningAuditStatus, ProvisioningAuditLogTable, ProvisioningAuditLog, ProvisioningAuditEvent, ProjectsTable, Project, MagicLinksTable, MagicLink, InsertWorkflowStep, InsertWorkflowSignerSecret, InsertWorkflowSchedule, InsertWorkflowRun, InsertWorkflowQueueItem, InsertWorkflowDefinition, InsertWorkflowBudget, InsertTransaction, InsertTenantUsageMonthly, InsertTenant, InsertTeamMember, InsertTeamInvitation, InsertSubgraphUsageDaily, InsertSubgraphHealthSnapshot, InsertSubgraphGap, InsertSubgraph, InsertSession, InsertProvisioningAuditLog, InsertProject, InsertMagicLink, InsertIndexProgress, InsertEvent, InsertChatSession, InsertChatMessage, InsertBlock, InsertApiKey, InsertAccountInsight, InsertAccountAgentRun, InsertAccount, IndexProgressTable, IndexProgress, EventsTable, Event, Database, ChatSessionsTable, ChatSession, ChatMessagesTable, ChatMessage, BlocksTable, Block, ApiKeysTable, ApiKey, AccountsTable, AccountInsightsTable, AccountInsight, AccountAgentRunsTable, AccountAgentRun, Account };

package/dist/src/db/index.js

@@ -36,48 +36,72 @@ import { Kysely } from "kysely";
 import { PostgresJSDialect } from "kysely-postgres-js";
 import postgres from "postgres";
 import { sql as sql2 } from "kysely";
-var db = null;
-var rawClient = null;
+var DEFAULT_URL = "postgres://postgres:postgres@localhost:5432/secondlayer_dev";
+var pools = new Map;
+function resolveSourceUrl() {
+  return process.env.SOURCE_DATABASE_URL || process.env.DATABASE_URL || DEFAULT_URL;
+}
+function resolveTargetUrl() {
+  return process.env.TARGET_DATABASE_URL || process.env.DATABASE_URL || DEFAULT_URL;
+}
+function getOrCreatePool(url) {
+  const existing = pools.get(url);
+  if (existing)
+    return existing;
+  const host = (() => {
+    try {
+      return new URL(url).hostname;
+    } catch {
+      return "";
+    }
+  })();
+  const isLocal = host === "localhost" || host === "127.0.0.1" || !host.includes(".");
+  const poolMax = Number.parseInt(process.env.DATABASE_POOL_MAX ?? "20", 10);
+  const rawClient = postgres(url, {
+    max: poolMax,
+    ssl: isLocal ? undefined : {
+      rejectUnauthorized: process.env.NODE_TLS_REJECT_UNAUTHORIZED !== "0"
+    }
+  });
+  const db = new Kysely({
+    dialect: new PostgresJSDialect({ postgres: rawClient })
+  });
+  const entry = { db, rawClient };
+  pools.set(url, entry);
+  return entry;
+}
+function getSourceDb() {
+  return getOrCreatePool(resolveSourceUrl()).db;
+}
+function getTargetDb() {
+  return getOrCreatePool(resolveTargetUrl()).db;
+}
 function getDb(connectionString) {
-  if (!db) {
-    const url = connectionString || process.env.DATABASE_URL || "postgres://postgres:postgres@localhost:5432/secondlayer_dev";
-    const isLocal = url.includes("localhost") || url.includes("127.0.0.1") || url.includes("@postgres:");
-    const poolMax = Number.parseInt(process.env.DATABASE_POOL_MAX ?? "20", 10);
-    rawClient = postgres(url, {
-      max: poolMax,
-      ssl: isLocal ? undefined : {
-        rejectUnauthorized: process.env.NODE_TLS_REJECT_UNAUTHORIZED !== "0"
-      }
-    });
-    db = new Kysely({
-      dialect: new PostgresJSDialect({ postgres: rawClient })
-    });
-  }
-  return db;
+  if (connectionString)
+    return getOrCreatePool(connectionString).db;
+  return getTargetDb();
 }
-function getRawClient() {
-  if (!rawClient)
-    getDb();
-  return rawClient;
+function getRawClient(role = "target") {
+  const url = role === "source" ? resolveSourceUrl() : resolveTargetUrl();
+  return getOrCreatePool(url).rawClient;
 }
 async function closeDb() {
-  if (db) {
-    await db.destroy();
-    db = null;
-  }
-  if (rawClient) {
-    await rawClient.end();
-    rawClient = null;
+  for (const entry of pools.values()) {
+    await entry.db.destroy();
+    await entry.rawClient.end();
   }
+  pools.clear();
 }
 export {
   sql2 as sql,
   parseJsonb,
   jsonb,
+  getTargetDb,
+  getSourceDb,
   getRawClient,
   getDb,
   closeDb
 };
 
-//# debugId=E1023FA2C43975A264756E2164756E21
+//# debugId=C0DD7408E000897364756E2164756E21
 //# sourceMappingURL=index.js.map

package/dist/src/db/index.js.map

@@ -2,10 +2,10 @@
   "version": 3,
   "sources": ["../src/db/jsonb.ts", "../src/db/index.ts"],
   "sourcesContent": [
-    "import { type RawBuilder, sql } from \"kysely\";\n\n/**\n * Safely encode a JS value as a JSONB literal for Kysely inserts/updates.\n * Kysely + postgres.js double-encodes JSON when using parameterized queries\n * with ::jsonb casts. This uses sql.raw to inline a properly escaped literal.\n */\nexport function jsonb(value: unknown): RawBuilder<unknown> {\n\tconst escaped = JSON.stringify(value, (_k, v) => (typeof v === \"bigint\" ? v.toString() : v)).replace(/'/g, \"''\");\n\treturn sql`${sql.raw(`'${escaped}'::jsonb`)}`;\n}\n\n/**\n * Safely parse a JSONB value from the database.\n * Handles double-encoded strings where postgres.js returns a JSON string\n * instead of a parsed object.\n */\nexport function parseJsonb<T = unknown>(value: unknown): T {\n\tif (typeof value === \"string\") {\n\t\ttry {\n\t\t\treturn JSON.parse(value) as T;\n\t\t} catch {\n\t\t\treturn value as T;\n\t\t}\n\t}\n\treturn (value ?? {}) as T;\n}\n",
-    "import { Kysely } from \"kysely\";\nimport { PostgresJSDialect } from \"kysely-postgres-js\";\nimport postgres from \"postgres\";\nimport type { Database } from \"./types.ts\";\n\nlet db: Kysely<Database> | null = null;\nlet rawClient: ReturnType<typeof postgres> | null = null;\n\nexport function getDb(connectionString?: string): Kysely<Database> {\n\tif (!db) {\n\t\tconst url =\n\t\t\tconnectionString ||\n\t\t\tprocess.env.DATABASE_URL ||\n\t\t\t\"postgres://postgres:postgres@localhost:5432/secondlayer_dev\";\n\n\t\t// Always use SSL for remote databases, just disable cert verification if needed\n\t\tconst isLocal =\n\t\t\turl.includes(\"localhost\") ||\n\t\t\turl.includes(\"127.0.0.1\") ||\n\t\t\turl.includes(\"@postgres:\");\n\t\tconst poolMax = Number.parseInt(process.env.DATABASE_POOL_MAX ?? \"20\", 10);\n\t\trawClient = postgres(url, {\n\t\t\tmax: poolMax,\n\t\t\tssl: isLocal\n\t\t\t\t? undefined\n\t\t\t\t: {\n\t\t\t\t\t\trejectUnauthorized:\n\t\t\t\t\t\t\tprocess.env.NODE_TLS_REJECT_UNAUTHORIZED !== \"0\",\n\t\t\t\t\t},\n\t\t});\n\t\tdb = new Kysely<Database>({\n\t\t\tdialect: new PostgresJSDialect({ postgres: rawClient }),\n\t\t});\n\t}\n\treturn db;\n}\n\n/** Raw postgres.js client for dynamic schema DDL (CREATE SCHEMA, DROP, etc.) */\nexport function getRawClient(): ReturnType<typeof postgres> {\n\tif (!rawClient) getDb();\n\treturn rawClient!;\n}\n\n/** Close the DB connection pool. Call in CLI commands to allow process exit. */\nexport async function closeDb(): Promise<void> {\n\tif (db) {\n\t\tawait db.destroy();\n\t\tdb = null;\n\t}\n\tif (rawClient) {\n\t\tawait rawClient.end();\n\t\trawClient = null;\n\t}\n}\n\nimport { sql } from \"kysely\";\nexport { sql };\nexport * from \"./types.ts\";\nexport { jsonb, parseJsonb } from \"./jsonb.ts\";\n"
+    "import { type RawBuilder, sql } from \"kysely\";\n\n/**\n * Safely encode a JS value as a JSONB literal for Kysely inserts/updates.\n * Kysely + postgres.js double-encodes JSON when using parameterized queries\n * with ::jsonb casts. This uses sql.raw to inline a properly escaped literal.\n */\nexport function jsonb(value: unknown): RawBuilder<unknown> {\n\tconst escaped = JSON.stringify(value, (_k, v) =>\n\t\ttypeof v === \"bigint\" ? v.toString() : v,\n\t).replace(/'/g, \"''\");\n\treturn sql`${sql.raw(`'${escaped}'::jsonb`)}`;\n}\n\n/**\n * Safely parse a JSONB value from the database.\n * Handles double-encoded strings where postgres.js returns a JSON string\n * instead of a parsed object.\n */\nexport function parseJsonb<T = unknown>(value: unknown): T {\n\tif (typeof value === \"string\") {\n\t\ttry {\n\t\t\treturn JSON.parse(value) as T;\n\t\t} catch {\n\t\t\treturn value as T;\n\t\t}\n\t}\n\treturn (value ?? {}) as T;\n}\n",
+    "import { Kysely } from \"kysely\";\nimport { PostgresJSDialect } from \"kysely-postgres-js\";\nimport postgres from \"postgres\";\nimport type { Database } from \"./types.ts\";\n\nconst DEFAULT_URL =\n\t\"postgres://postgres:postgres@localhost:5432/secondlayer_dev\";\n\ninterface PoolEntry {\n\tdb: Kysely<Database>;\n\trawClient: ReturnType<typeof postgres>;\n}\n\n/**\n * Cache of Kysely + raw postgres.js pools keyed by resolved URL.\n * Two getters resolving to the same URL share one entry (single pool) —\n * this is the single-DB backward-compat contract: when only `DATABASE_URL`\n * is set, `getSourceDb() === getTargetDb()` (zero regression vs. pre-dual-DB).\n */\nconst pools = new Map<string, PoolEntry>();\n\nfunction resolveSourceUrl(): string {\n\treturn (\n\t\tprocess.env.SOURCE_DATABASE_URL || process.env.DATABASE_URL || DEFAULT_URL\n\t);\n}\n\nfunction resolveTargetUrl(): string {\n\treturn (\n\t\tprocess.env.TARGET_DATABASE_URL || process.env.DATABASE_URL || DEFAULT_URL\n\t);\n}\n\nfunction getOrCreatePool(url: string): PoolEntry {\n\tconst existing = pools.get(url);\n\tif (existing) return existing;\n\n\t// \"Local\" = we skip TLS. Any Docker service alias (single-label hostname\n\t// with no dots) is on an internal network and won't serve TLS.\n\tconst host = (() => {\n\t\ttry {\n\t\t\treturn new URL(url).hostname;\n\t\t} catch {\n\t\t\treturn \"\";\n\t\t}\n\t})();\n\tconst isLocal =\n\t\thost === \"localhost\" || host === \"127.0.0.1\" || !host.includes(\".\");\n\tconst poolMax = Number.parseInt(process.env.DATABASE_POOL_MAX ?? \"20\", 10);\n\tconst rawClient = postgres(url, {\n\t\tmax: poolMax,\n\t\tssl: isLocal\n\t\t\t? undefined\n\t\t\t: {\n\t\t\t\t\trejectUnauthorized: process.env.NODE_TLS_REJECT_UNAUTHORIZED !== \"0\",\n\t\t\t\t},\n\t});\n\tconst db = new Kysely<Database>({\n\t\tdialect: new PostgresJSDialect({ postgres: rawClient }),\n\t});\n\tconst entry: PoolEntry = { db, rawClient };\n\tpools.set(url, entry);\n\treturn entry;\n}\n\n/**\n * Kysely instance for the SOURCE DB (block/tx/event reads from the shared\n * indexer). Resolution: `SOURCE_DATABASE_URL || DATABASE_URL`.\n */\nexport function getSourceDb(): Kysely<Database> {\n\treturn getOrCreatePool(resolveSourceUrl()).db;\n}\n\n/**\n * Kysely instance for the TARGET DB (subgraph schemas, subgraphs table,\n * account-scoped data — tenant-side writes). Resolution:\n * `TARGET_DATABASE_URL || DATABASE_URL`.\n */\nexport function getTargetDb(): Kysely<Database> {\n\treturn getOrCreatePool(resolveTargetUrl()).db;\n}\n\n/**\n * Backward-compat alias for `getTargetDb()`. Accepts an optional\n * `connectionString` override used by seed/test helpers — when supplied,\n * bypasses env resolution and uses the provided URL directly (still cached).\n */\nexport function getDb(connectionString?: string): Kysely<Database> {\n\tif (connectionString) return getOrCreatePool(connectionString).db;\n\treturn getTargetDb();\n}\n\n/**\n * Raw postgres.js client for dynamic schema DDL (CREATE SCHEMA, DROP, etc.).\n * Defaults to the target role (tenant schemas live in the target DB).\n */\nexport function getRawClient(\n\trole: \"source\" | \"target\" = \"target\",\n): ReturnType<typeof postgres> {\n\tconst url = role === \"source\" ? resolveSourceUrl() : resolveTargetUrl();\n\treturn getOrCreatePool(url).rawClient;\n}\n\n/** Close all DB connection pools. Call in CLI commands to allow process exit. */\nexport async function closeDb(): Promise<void> {\n\tfor (const entry of pools.values()) {\n\t\tawait entry.db.destroy();\n\t\tawait entry.rawClient.end();\n\t}\n\tpools.clear();\n}\n\nimport { sql } from \"kysely\";\nexport { sql };\nexport * from \"./types.ts\";\nexport { jsonb, parseJsonb } from \"./jsonb.ts\";\n"
   ],
-  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAOO,SAAS,KAAK,CAAC,OAAqC;AAAA,EAC1D,MAAM,UAAU,KAAK,UAAU,OAAO,CAAC,IAAI,MAAO,OAAO,MAAM,WAAW,EAAE,SAAS,IAAI,CAAE,EAAE,QAAQ,MAAM,IAAI;AAAA,EAC/G,OAAO,MAAM,IAAI,IAAI,IAAI,iBAAiB;AAAA;AAQpC,SAAS,UAAuB,CAAC,OAAmB;AAAA,EAC1D,IAAI,OAAO,UAAU,UAAU;AAAA,IAC9B,IAAI;AAAA,MACH,OAAO,KAAK,MAAM,KAAK;AAAA,MACtB,MAAM;AAAA,MACP,OAAO;AAAA;AAAA,EAET;AAAA,EACA,OAAQ,SAAS,CAAC;AAAA;;;ACzBnB;AACA;AACA;AAqDA,gBAAS;AAlDT,IAAI,KAA8B;AAClC,IAAI,YAAgD;AAE7C,SAAS,KAAK,CAAC,kBAA6C;AAAA,EAClE,IAAI,CAAC,IAAI;AAAA,IACR,MAAM,MACL,oBACA,QAAQ,IAAI,gBACZ;AAAA,IAGD,MAAM,UACL,IAAI,SAAS,WAAW,KACxB,IAAI,SAAS,WAAW,KACxB,IAAI,SAAS,YAAY;AAAA,IAC1B,MAAM,UAAU,OAAO,SAAS,QAAQ,IAAI,qBAAqB,MAAM,EAAE;AAAA,IACzE,YAAY,SAAS,KAAK;AAAA,MACzB,KAAK;AAAA,MACL,KAAK,UACF,YACA;AAAA,QACA,oBACC,QAAQ,IAAI,iCAAiC;AAAA,MAC/C;AAAA,IACH,CAAC;AAAA,IACD,KAAK,IAAI,OAAiB;AAAA,MACzB,SAAS,IAAI,kBAAkB,EAAE,UAAU,UAAU,CAAC;AAAA,IACvD,CAAC;AAAA,EACF;AAAA,EACA,OAAO;AAAA;AAID,SAAS,YAAY,GAAgC;AAAA,EAC3D,IAAI,CAAC;AAAA,IAAW,MAAM;AAAA,EACtB,OAAO;AAAA;AAIR,eAAsB,OAAO,GAAkB;AAAA,EAC9C,IAAI,IAAI;AAAA,IACP,MAAM,GAAG,QAAQ;AAAA,IACjB,KAAK;AAAA,EACN;AAAA,EACA,IAAI,WAAW;AAAA,IACd,MAAM,UAAU,IAAI;AAAA,IACpB,YAAY;AAAA,EACb;AAAA;",
-  "debugId": "E1023FA2C43975A264756E2164756E21",
+  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAOO,SAAS,KAAK,CAAC,OAAqC;AAAA,EAC1D,MAAM,UAAU,KAAK,UAAU,OAAO,CAAC,IAAI,MAC1C,OAAO,MAAM,WAAW,EAAE,SAAS,IAAI,CACxC,EAAE,QAAQ,MAAM,IAAI;AAAA,EACpB,OAAO,MAAM,IAAI,IAAI,IAAI,iBAAiB;AAAA;AAQpC,SAAS,UAAuB,CAAC,OAAmB;AAAA,EAC1D,IAAI,OAAO,UAAU,UAAU;AAAA,IAC9B,IAAI;AAAA,MACH,OAAO,KAAK,MAAM,KAAK;AAAA,MACtB,MAAM;AAAA,MACP,OAAO;AAAA;AAAA,EAET;AAAA,EACA,OAAQ,SAAS,CAAC;AAAA;;;AC3BnB;AACA;AACA;AA8GA,gBAAS;AA3GT,IAAM,cACL;AAaD,IAAM,QAAQ,IAAI;AAElB,SAAS,gBAAgB,GAAW;AAAA,EACnC,OACC,QAAQ,IAAI,uBAAuB,QAAQ,IAAI,gBAAgB;AAAA;AAIjE,SAAS,gBAAgB,GAAW;AAAA,EACnC,OACC,QAAQ,IAAI,uBAAuB,QAAQ,IAAI,gBAAgB;AAAA;AAIjE,SAAS,eAAe,CAAC,KAAwB;AAAA,EAChD,MAAM,WAAW,MAAM,IAAI,GAAG;AAAA,EAC9B,IAAI;AAAA,IAAU,OAAO;AAAA,EAIrB,MAAM,QAAQ,MAAM;AAAA,IACnB,IAAI;AAAA,MACH,OAAO,IAAI,IAAI,GAAG,EAAE;AAAA,MACnB,MAAM;AAAA,MACP,OAAO;AAAA;AAAA,KAEN;AAAA,EACH,MAAM,UACL,SAAS,eAAe,SAAS,eAAe,CAAC,KAAK,SAAS,GAAG;AAAA,EACnE,MAAM,UAAU,OAAO,SAAS,QAAQ,IAAI,qBAAqB,MAAM,EAAE;AAAA,EACzE,MAAM,YAAY,SAAS,KAAK;AAAA,IAC/B,KAAK;AAAA,IACL,KAAK,UACF,YACA;AAAA,MACA,oBAAoB,QAAQ,IAAI,iCAAiC;AAAA,IAClE;AAAA,EACH,CAAC;AAAA,EACD,MAAM,KAAK,IAAI,OAAiB;AAAA,IAC/B,SAAS,IAAI,kBAAkB,EAAE,UAAU,UAAU,CAAC;AAAA,EACvD,CAAC;AAAA,EACD,MAAM,QAAmB,EAAE,IAAI,UAAU;AAAA,EACzC,MAAM,IAAI,KAAK,KAAK;AAAA,EACpB,OAAO;AAAA;AAOD,SAAS,WAAW,GAAqB;AAAA,EAC/C,OAAO,gBAAgB,iBAAiB,CAAC,EAAE;AAAA;AAQrC,SAAS,WAAW,GAAqB;AAAA,EAC/C,OAAO,gBAAgB,iBAAiB,CAAC,EAAE;AAAA;AAQrC,SAAS,KAAK,CAAC,kBAA6C;AAAA,EAClE,IAAI;AAAA,IAAkB,OAAO,gBAAgB,gBAAgB,EAAE;AAAA,EAC/D,OAAO,YAAY;AAAA;AAOb,SAAS,YAAY,CAC3B,OAA4B,UACE;AAAA,EAC9B,MAAM,MAAM,SAAS,WAAW,iBAAiB,IAAI,iBAAiB;AAAA,EACtE,OAAO,gBAAgB,GAAG,EAAE;AAAA;AAI7B,eAAsB,OAAO,GAAkB;AAAA,EAC9C,WAAW,SAAS,MAAM,OAAO,GAAG;AAAA,IACnC,MAAM,MAAM,GAAG,QAAQ;AAAA,IACvB,MAAM,MAAM,UAAU,IAAI;AAAA,EAC3B;AAAA,EACA,MAAM,MAAM;AAAA;",
+  "debugId": "C0DD7408E000897364756E2164756E21",
   "names": []
 }

package/dist/src/db/jsonb.js.map

@@ -2,9 +2,9 @@
   "version": 3,
   "sources": ["../src/db/jsonb.ts"],
   "sourcesContent": [
-    "import { type RawBuilder, sql } from \"kysely\";\n\n/**\n * Safely encode a JS value as a JSONB literal for Kysely inserts/updates.\n * Kysely + postgres.js double-encodes JSON when using parameterized queries\n * with ::jsonb casts. This uses sql.raw to inline a properly escaped literal.\n */\nexport function jsonb(value: unknown): RawBuilder<unknown> {\n\tconst escaped = JSON.stringify(value, (_k, v) => (typeof v === \"bigint\" ? v.toString() : v)).replace(/'/g, \"''\");\n\treturn sql`${sql.raw(`'${escaped}'::jsonb`)}`;\n}\n\n/**\n * Safely parse a JSONB value from the database.\n * Handles double-encoded strings where postgres.js returns a JSON string\n * instead of a parsed object.\n */\nexport function parseJsonb<T = unknown>(value: unknown): T {\n\tif (typeof value === \"string\") {\n\t\ttry {\n\t\t\treturn JSON.parse(value) as T;\n\t\t} catch {\n\t\t\treturn value as T;\n\t\t}\n\t}\n\treturn (value ?? {}) as T;\n}\n"
+    "import { type RawBuilder, sql } from \"kysely\";\n\n/**\n * Safely encode a JS value as a JSONB literal for Kysely inserts/updates.\n * Kysely + postgres.js double-encodes JSON when using parameterized queries\n * with ::jsonb casts. This uses sql.raw to inline a properly escaped literal.\n */\nexport function jsonb(value: unknown): RawBuilder<unknown> {\n\tconst escaped = JSON.stringify(value, (_k, v) =>\n\t\ttypeof v === \"bigint\" ? v.toString() : v,\n\t).replace(/'/g, \"''\");\n\treturn sql`${sql.raw(`'${escaped}'::jsonb`)}`;\n}\n\n/**\n * Safely parse a JSONB value from the database.\n * Handles double-encoded strings where postgres.js returns a JSON string\n * instead of a parsed object.\n */\nexport function parseJsonb<T = unknown>(value: unknown): T {\n\tif (typeof value === \"string\") {\n\t\ttry {\n\t\t\treturn JSON.parse(value) as T;\n\t\t} catch {\n\t\t\treturn value as T;\n\t\t}\n\t}\n\treturn (value ?? {}) as T;\n}\n"
   ],
-  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAOO,SAAS,KAAK,CAAC,OAAqC;AAAA,EAC1D,MAAM,UAAU,KAAK,UAAU,OAAO,CAAC,IAAI,MAAO,OAAO,MAAM,WAAW,EAAE,SAAS,IAAI,CAAE,EAAE,QAAQ,MAAM,IAAI;AAAA,EAC/G,OAAO,MAAM,IAAI,IAAI,IAAI,iBAAiB;AAAA;AAQpC,SAAS,UAAuB,CAAC,OAAmB;AAAA,EAC1D,IAAI,OAAO,UAAU,UAAU;AAAA,IAC9B,IAAI;AAAA,MACH,OAAO,KAAK,MAAM,KAAK;AAAA,MACtB,MAAM;AAAA,MACP,OAAO;AAAA;AAAA,EAET;AAAA,EACA,OAAQ,SAAS,CAAC;AAAA;",
+  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAOO,SAAS,KAAK,CAAC,OAAqC;AAAA,EAC1D,MAAM,UAAU,KAAK,UAAU,OAAO,CAAC,IAAI,MAC1C,OAAO,MAAM,WAAW,EAAE,SAAS,IAAI,CACxC,EAAE,QAAQ,MAAM,IAAI;AAAA,EACpB,OAAO,MAAM,IAAI,IAAI,IAAI,iBAAiB;AAAA;AAQpC,SAAS,UAAuB,CAAC,OAAmB;AAAA,EAC1D,IAAI,OAAO,UAAU,UAAU;AAAA,IAC9B,IAAI;AAAA,MACH,OAAO,KAAK,MAAM,KAAK;AAAA,MACtB,MAAM;AAAA,MACP,OAAO;AAAA;AAAA,EAET;AAAA,EACA,OAAQ,SAAS,CAAC;AAAA;",
   "debugId": "DA6ABA81E2ABDC7864756E2164756E21",
   "names": []
 }

package/dist/src/db/queries/accounts.d.ts

@@ -1,6 +1,6 @@
 import { Kysely } from "kysely";
 import { Selectable as Selectable2 } from "kysely";
-import { Generated, Selectable } from "kysely";
+import { ColumnType, Generated, Selectable } from "kysely";
 interface BlocksTable {
 	height: number;
 	hash: string;
@@ -57,7 +57,6 @@ interface SubgraphsTable {
 	last_error_at: Date | null;
 	total_processed: Generated<number>;
 	total_errors: Generated<number>;
-	api_key_id: string | null;
 	account_id: string;
 	handler_code: string | null;
 	source_code: string | null;
@@ -361,6 +360,63 @@ interface Database {
 	workflow_cursors: WorkflowCursorsTable;
 	workflow_signer_secrets: WorkflowSignerSecretsTable;
 	workflow_budgets: WorkflowBudgetsTable;
+	tenants: TenantsTable;
+	tenant_usage_monthly: TenantUsageMonthlyTable;
+	provisioning_audit_log: ProvisioningAuditLogTable;
+}
+type TenantStatus = "provisioning" | "active" | "suspended" | "error" | "deleted";
+interface TenantsTable {
+	id: Generated<string>;
+	account_id: string;
+	slug: string;
+	status: ColumnType<TenantStatus, TenantStatus | undefined, TenantStatus>;
+	plan: string;
+	cpus: ColumnType<number, number | string, number | string>;
+	memory_mb: number;
+	storage_limit_mb: number;
+	storage_used_mb: number | null;
+	pg_container_id: string | null;
+	api_container_id: string | null;
+	processor_container_id: string | null;
+	target_database_url_enc: Buffer;
+	tenant_jwt_secret_enc: Buffer;
+	anon_key_enc: Buffer;
+	service_key_enc: Buffer;
+	api_url_internal: string;
+	api_url_public: string;
+	trial_ends_at: Date;
+	suspended_at: Date | null;
+	last_health_check_at: Date | null;
+	service_gen: Generated<number>;
+	anon_gen: Generated<number>;
+	project_id: string | null;
+	created_at: Generated<Date>;
+	updated_at: Generated<Date>;
+}
+interface TenantUsageMonthlyTable {
+	id: Generated<string>;
+	tenant_id: string;
+	period_month: Date;
+	storage_peak_mb: Generated<number>;
+	storage_avg_mb: Generated<number>;
+	storage_last_mb: Generated<number>;
+	measurements: Generated<number>;
+	first_at: Generated<Date>;
+	last_at: Generated<Date>;
+}
+type ProvisioningAuditEvent = "provision.start" | "provision.success" | "provision.failure" | "suspend" | "resume" | "resize" | "keys.rotate" | "bastion.key.upload" | "bastion.key.revoke" | "teardown";
+type ProvisioningAuditStatus = "ok" | "error";
+interface ProvisioningAuditLogTable {
+	id: Generated<string>;
+	tenant_id: string | null;
+	tenant_slug: string | null;
+	account_id: string | null;
+	actor: string;
+	event: ProvisioningAuditEvent;
+	status: ProvisioningAuditStatus;
+	detail: unknown | null;
+	error: string | null;
+	created_at: Generated<Date>;
 }
 interface WorkflowBudgetsTable {
 	id: Generated<string>;

package/dist/src/db/queries/integrity.d.ts

@@ -1,5 +1,5 @@
 import { Kysely } from "kysely";
-import { Generated } from "kysely";
+import { ColumnType, Generated } from "kysely";
 interface BlocksTable {
 	height: number;
 	hash: string;
@@ -56,7 +56,6 @@ interface SubgraphsTable {
 	last_error_at: Date | null;
 	total_processed: Generated<number>;
 	total_errors: Generated<number>;
-	api_key_id: string | null;
 	account_id: string;
 	handler_code: string | null;
 	source_code: string | null;
@@ -360,6 +359,63 @@ interface Database {
 	workflow_cursors: WorkflowCursorsTable;
 	workflow_signer_secrets: WorkflowSignerSecretsTable;
 	workflow_budgets: WorkflowBudgetsTable;
+	tenants: TenantsTable;
+	tenant_usage_monthly: TenantUsageMonthlyTable;
+	provisioning_audit_log: ProvisioningAuditLogTable;
+}
+type TenantStatus = "provisioning" | "active" | "suspended" | "error" | "deleted";
+interface TenantsTable {
+	id: Generated<string>;
+	account_id: string;
+	slug: string;
+	status: ColumnType<TenantStatus, TenantStatus | undefined, TenantStatus>;
+	plan: string;
+	cpus: ColumnType<number, number | string, number | string>;
+	memory_mb: number;
+	storage_limit_mb: number;
+	storage_used_mb: number | null;
+	pg_container_id: string | null;
+	api_container_id: string | null;
+	processor_container_id: string | null;
+	target_database_url_enc: Buffer;
+	tenant_jwt_secret_enc: Buffer;
+	anon_key_enc: Buffer;
+	service_key_enc: Buffer;
+	api_url_internal: string;
+	api_url_public: string;
+	trial_ends_at: Date;
+	suspended_at: Date | null;
+	last_health_check_at: Date | null;
+	service_gen: Generated<number>;
+	anon_gen: Generated<number>;
+	project_id: string | null;
+	created_at: Generated<Date>;
+	updated_at: Generated<Date>;
+}
+interface TenantUsageMonthlyTable {
+	id: Generated<string>;
+	tenant_id: string;
+	period_month: Date;
+	storage_peak_mb: Generated<number>;
+	storage_avg_mb: Generated<number>;
+	storage_last_mb: Generated<number>;
+	measurements: Generated<number>;
+	first_at: Generated<Date>;
+	last_at: Generated<Date>;
+}
+type ProvisioningAuditEvent = "provision.start" | "provision.success" | "provision.failure" | "suspend" | "resume" | "resize" | "keys.rotate" | "bastion.key.upload" | "bastion.key.revoke" | "teardown";
+type ProvisioningAuditStatus = "ok" | "error";
+interface ProvisioningAuditLogTable {
+	id: Generated<string>;
+	tenant_id: string | null;
+	tenant_slug: string | null;
+	account_id: string | null;
+	actor: string;
+	event: ProvisioningAuditEvent;
+	status: ProvisioningAuditStatus;
+	detail: unknown | null;
+	error: string | null;
+	created_at: Generated<Date>;
 }
 interface WorkflowBudgetsTable {
 	id: Generated<string>;

package/dist/src/db/queries/projects.d.ts

@@ -1,5 +1,5 @@
 import { Kysely } from "kysely";
-import { Generated, Selectable } from "kysely";
+import { ColumnType, Generated, Selectable } from "kysely";
 interface BlocksTable {
 	height: number;
 	hash: string;
@@ -56,7 +56,6 @@ interface SubgraphsTable {
 	last_error_at: Date | null;
 	total_processed: Generated<number>;
 	total_errors: Generated<number>;
-	api_key_id: string | null;
 	account_id: string;
 	handler_code: string | null;
 	source_code: string | null;
@@ -360,6 +359,63 @@ interface Database {
 	workflow_cursors: WorkflowCursorsTable;
 	workflow_signer_secrets: WorkflowSignerSecretsTable;
 	workflow_budgets: WorkflowBudgetsTable;
+	tenants: TenantsTable;
+	tenant_usage_monthly: TenantUsageMonthlyTable;
+	provisioning_audit_log: ProvisioningAuditLogTable;
+}
+type TenantStatus = "provisioning" | "active" | "suspended" | "error" | "deleted";
+interface TenantsTable {
+	id: Generated<string>;
+	account_id: string;
+	slug: string;
+	status: ColumnType<TenantStatus, TenantStatus | undefined, TenantStatus>;
+	plan: string;
+	cpus: ColumnType<number, number | string, number | string>;
+	memory_mb: number;
+	storage_limit_mb: number;
+	storage_used_mb: number | null;
+	pg_container_id: string | null;
+	api_container_id: string | null;
+	processor_container_id: string | null;
+	target_database_url_enc: Buffer;
+	tenant_jwt_secret_enc: Buffer;
+	anon_key_enc: Buffer;
+	service_key_enc: Buffer;
+	api_url_internal: string;
+	api_url_public: string;
+	trial_ends_at: Date;
+	suspended_at: Date | null;
+	last_health_check_at: Date | null;
+	service_gen: Generated<number>;
+	anon_gen: Generated<number>;
+	project_id: string | null;
+	created_at: Generated<Date>;
+	updated_at: Generated<Date>;
+}
+interface TenantUsageMonthlyTable {
+	id: Generated<string>;
+	tenant_id: string;
+	period_month: Date;
+	storage_peak_mb: Generated<number>;
+	storage_avg_mb: Generated<number>;
+	storage_last_mb: Generated<number>;
+	measurements: Generated<number>;
+	first_at: Generated<Date>;
+	last_at: Generated<Date>;
+}
+type ProvisioningAuditEvent = "provision.start" | "provision.success" | "provision.failure" | "suspend" | "resume" | "resize" | "keys.rotate" | "bastion.key.upload" | "bastion.key.revoke" | "teardown";
+type ProvisioningAuditStatus = "ok" | "error";
+interface ProvisioningAuditLogTable {
+	id: Generated<string>;
+	tenant_id: string | null;
+	tenant_slug: string | null;
+	account_id: string | null;
+	actor: string;
+	event: ProvisioningAuditEvent;
+	status: ProvisioningAuditStatus;
+	detail: unknown | null;
+	error: string | null;
+	created_at: Generated<Date>;
 }
 interface WorkflowBudgetsTable {
 	id: Generated<string>;

package/dist/src/db/queries/projects.js.map

@@ -2,9 +2,9 @@
   "version": 3,
   "sources": ["../src/db/queries/projects.ts"],
   "sourcesContent": [
-    "import type { Kysely } from \"kysely\";\nimport type { Database, Project, TeamInvitation } from \"../types.ts\";\n\nexport async function getProjectsByAccount(\n\tdb: Kysely<Database>,\n\taccountId: string,\n): Promise<Project[]> {\n\treturn db\n\t\t.selectFrom(\"projects\")\n\t\t.selectAll()\n\t\t.where(\"account_id\", \"=\", accountId)\n\t\t.orderBy(\"created_at\", \"asc\")\n\t\t.execute();\n}\n\nexport async function getProjectBySlug(\n\tdb: Kysely<Database>,\n\taccountId: string,\n\tslug: string,\n): Promise<Project | undefined> {\n\treturn db\n\t\t.selectFrom(\"projects\")\n\t\t.selectAll()\n\t\t.where(\"account_id\", \"=\", accountId)\n\t\t.where(\"slug\", \"=\", slug)\n\t\t.executeTakeFirst();\n}\n\nexport async function getTeamMembers(\n\tdb: Kysely<Database>,\n\tprojectId: string,\n): Promise<Array<{\n\tid: string;\n\trole: string;\n\tcreated_at: Date;\n\taccount_id: string;\n\temail: string;\n\tdisplay_name: string | null;\n\tavatar_url: string | null;\n\taccount_slug: string | null;\n}>> {\n\treturn db\n\t\t.selectFrom(\"team_members\")\n\t\t.innerJoin(\"accounts\", \"accounts.id\", \"team_members.account_id\")\n\t\t.select([\n\t\t\t\"team_members.id\",\n\t\t\t\"team_members.role\",\n\t\t\t\"team_members.created_at\",\n\t\t\t\"accounts.id as account_id\",\n\t\t\t\"accounts.email\",\n\t\t\t\"accounts.display_name\",\n\t\t\t\"accounts.avatar_url\",\n\t\t\t\"accounts.slug as account_slug\",\n\t\t])\n\t\t.where(\"team_members.project_id\", \"=\", projectId)\n\t\t.orderBy(\"team_members.created_at\", \"asc\")\n\t\t.execute();\n}\n\nexport async function getTeamInvitations(\n\tdb: Kysely<Database>,\n\tprojectId: string,\n): Promise<TeamInvitation[]> {\n\treturn db\n\t\t.selectFrom(\"team_invitations\")\n\t\t.selectAll()\n\t\t.where(\"project_id\", \"=\", projectId)\n\t\t.where(\"accepted_at\", \"is\", null)\n\t\t.orderBy(\"created_at\", \"desc\")\n\t\t.execute();\n}\n"
+    "import type { Kysely } from \"kysely\";\nimport type { Database, Project, TeamInvitation } from \"../types.ts\";\n\nexport async function getProjectsByAccount(\n\tdb: Kysely<Database>,\n\taccountId: string,\n): Promise<Project[]> {\n\treturn db\n\t\t.selectFrom(\"projects\")\n\t\t.selectAll()\n\t\t.where(\"account_id\", \"=\", accountId)\n\t\t.orderBy(\"created_at\", \"asc\")\n\t\t.execute();\n}\n\nexport async function getProjectBySlug(\n\tdb: Kysely<Database>,\n\taccountId: string,\n\tslug: string,\n): Promise<Project | undefined> {\n\treturn db\n\t\t.selectFrom(\"projects\")\n\t\t.selectAll()\n\t\t.where(\"account_id\", \"=\", accountId)\n\t\t.where(\"slug\", \"=\", slug)\n\t\t.executeTakeFirst();\n}\n\nexport async function getTeamMembers(\n\tdb: Kysely<Database>,\n\tprojectId: string,\n): Promise<\n\tArray<{\n\t\tid: string;\n\t\trole: string;\n\t\tcreated_at: Date;\n\t\taccount_id: string;\n\t\temail: string;\n\t\tdisplay_name: string | null;\n\t\tavatar_url: string | null;\n\t\taccount_slug: string | null;\n\t}>\n> {\n\treturn db\n\t\t.selectFrom(\"team_members\")\n\t\t.innerJoin(\"accounts\", \"accounts.id\", \"team_members.account_id\")\n\t\t.select([\n\t\t\t\"team_members.id\",\n\t\t\t\"team_members.role\",\n\t\t\t\"team_members.created_at\",\n\t\t\t\"accounts.id as account_id\",\n\t\t\t\"accounts.email\",\n\t\t\t\"accounts.display_name\",\n\t\t\t\"accounts.avatar_url\",\n\t\t\t\"accounts.slug as account_slug\",\n\t\t])\n\t\t.where(\"team_members.project_id\", \"=\", projectId)\n\t\t.orderBy(\"team_members.created_at\", \"asc\")\n\t\t.execute();\n}\n\nexport async function getTeamInvitations(\n\tdb: Kysely<Database>,\n\tprojectId: string,\n): Promise<TeamInvitation[]> {\n\treturn db\n\t\t.selectFrom(\"team_invitations\")\n\t\t.selectAll()\n\t\t.where(\"project_id\", \"=\", projectId)\n\t\t.where(\"accepted_at\", \"is\", null)\n\t\t.orderBy(\"created_at\", \"desc\")\n\t\t.execute();\n}\n"
   ],
-  "mappings": ";;;;;;;;;;;;;;;;;AAGA,eAAsB,oBAAoB,CACzC,IACA,WACqB;AAAA,EACrB,OAAO,GACL,WAAW,UAAU,EACrB,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,QAAQ,cAAc,KAAK,EAC3B,QAAQ;AAAA;AAGX,eAAsB,gBAAgB,CACrC,IACA,WACA,MAC+B;AAAA,EAC/B,OAAO,GACL,WAAW,UAAU,EACrB,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,MAAM,QAAQ,KAAK,IAAI,EACvB,iBAAiB;AAAA;AAGpB,eAAsB,cAAc,CACnC,IACA,WAUG;AAAA,EACH,OAAO,GACL,WAAW,cAAc,EACzB,UAAU,YAAY,eAAe,yBAAyB,EAC9D,OAAO;AAAA,IACP;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,CAAC,EACA,MAAM,2BAA2B,KAAK,SAAS,EAC/C,QAAQ,2BAA2B,KAAK,EACxC,QAAQ;AAAA;AAGX,eAAsB,kBAAkB,CACvC,IACA,WAC4B;AAAA,EAC5B,OAAO,GACL,WAAW,kBAAkB,EAC7B,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,MAAM,eAAe,MAAM,IAAI,EAC/B,QAAQ,cAAc,MAAM,EAC5B,QAAQ;AAAA;",
+  "mappings": ";;;;;;;;;;;;;;;;;AAGA,eAAsB,oBAAoB,CACzC,IACA,WACqB;AAAA,EACrB,OAAO,GACL,WAAW,UAAU,EACrB,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,QAAQ,cAAc,KAAK,EAC3B,QAAQ;AAAA;AAGX,eAAsB,gBAAgB,CACrC,IACA,WACA,MAC+B;AAAA,EAC/B,OAAO,GACL,WAAW,UAAU,EACrB,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,MAAM,QAAQ,KAAK,IAAI,EACvB,iBAAiB;AAAA;AAGpB,eAAsB,cAAc,CACnC,IACA,WAYC;AAAA,EACD,OAAO,GACL,WAAW,cAAc,EACzB,UAAU,YAAY,eAAe,yBAAyB,EAC9D,OAAO;AAAA,IACP;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,CAAC,EACA,MAAM,2BAA2B,KAAK,SAAS,EAC/C,QAAQ,2BAA2B,KAAK,EACxC,QAAQ;AAAA;AAGX,eAAsB,kBAAkB,CACvC,IACA,WAC4B;AAAA,EAC5B,OAAO,GACL,WAAW,kBAAkB,EAC7B,UAAU,EACV,MAAM,cAAc,KAAK,SAAS,EAClC,MAAM,eAAe,MAAM,IAAI,EAC/B,QAAQ,cAAc,MAAM,EAC5B,QAAQ;AAAA;",
   "debugId": "F62DBD8C7A91B89F64756E2164756E21",
   "names": []
 }