@secondlayer/shared 2.1.0 → 3.0.0-alpha.0

package/migrations/0052_sentries.ts

@@ -0,0 +1,61 @@
+import { type Kysely, sql } from "kysely";
+
+/**
+ * Protocol Sentry v1 — packaged monitoring product.
+ *
+ * `sentries` holds per-account enabled sentries. Worker cron ticks every
+ * 60s, loads active rows, runs per-kind detect SQL on the shared indexer
+ * DB, AI-triages matches, delivers to `delivery_webhook` (Slack-shape).
+ *
+ * `sentry_alerts` holds one row per delivered alert. UNIQUE on
+ * (sentry_id, idempotency_key) dedupes across ticks — key is
+ * sha256(txId:eventIndex) for the large-outflow kind.
+ */
+export async function up(db: Kysely<unknown>): Promise<void> {
+	await sql`
+		CREATE TABLE sentries (
+			id                uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+			account_id        uuid NOT NULL REFERENCES accounts(id) ON DELETE CASCADE,
+			kind              text NOT NULL,
+			name              text NOT NULL,
+			config            jsonb NOT NULL,
+			active            boolean NOT NULL DEFAULT true,
+			last_check_at     timestamptz,
+			delivery_webhook  text NOT NULL,
+			created_at        timestamptz NOT NULL DEFAULT now(),
+			updated_at        timestamptz NOT NULL DEFAULT now()
+		)
+	`.execute(db);
+
+	await sql`CREATE INDEX sentries_account_idx ON sentries (account_id)`.execute(
+		db,
+	);
+	await sql`
+		CREATE INDEX sentries_tick_idx
+			ON sentries (active, last_check_at NULLS FIRST)
+			WHERE active = true
+	`.execute(db);
+
+	await sql`
+		CREATE TABLE sentry_alerts (
+			id                uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+			sentry_id         uuid NOT NULL REFERENCES sentries(id) ON DELETE CASCADE,
+			idempotency_key   text NOT NULL,
+			fired_at          timestamptz NOT NULL DEFAULT now(),
+			payload           jsonb NOT NULL,
+			delivery_status   text NOT NULL DEFAULT 'pending',
+			delivery_error    text,
+			UNIQUE (sentry_id, idempotency_key)
+		)
+	`.execute(db);
+
+	await sql`
+		CREATE INDEX sentry_alerts_sentry_fired_idx
+			ON sentry_alerts (sentry_id, fired_at DESC)
+	`.execute(db);
+}
+
+export async function down(db: Kysely<unknown>): Promise<void> {
+	await sql`DROP TABLE IF EXISTS sentry_alerts`.execute(db);
+	await sql`DROP TABLE IF EXISTS sentries`.execute(db);
+}

package/migrations/0053_workflow_runtime.ts

@@ -0,0 +1,88 @@
+import { type Kysely, sql } from "kysely";
+
+/**
+ * Workflow runtime tables (v3).
+ *
+ * Minimal revival of the runner's execution substrate after migration
+ * 0038 dropped the v2 tables. No `workflow_definitions` — v3 is a
+ * zero-sugar TS SDK, definitions live in compiled code + a process-
+ * local registry, not the DB. No schedules / cursors / signer secrets
+ * / budgets — consumers own their own scheduling; broadcast/budget
+ * features land in later migrations when a consumer needs them.
+ *
+ *   workflow_runs    — one row per enqueued invocation
+ *   workflow_steps   — memoized `step.*` outputs, keyed by
+ *                      `sha256(stepId + canonicalJSON(inputs))`
+ *   workflow_queue   — SKIP LOCKED dispatch table; one or more rows
+ *                      per run (one per scheduling — sleeps re-enqueue)
+ */
+export async function up(db: Kysely<unknown>): Promise<void> {
+	await sql`
+		CREATE TABLE workflow_runs (
+			id               uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+			workflow_name    text NOT NULL,
+			input            jsonb NOT NULL DEFAULT '{}'::jsonb,
+			status           text NOT NULL DEFAULT 'queued',
+			output           jsonb,
+			error            text,
+			started_at       timestamptz,
+			completed_at     timestamptz,
+			created_at       timestamptz NOT NULL DEFAULT now()
+		)
+	`.execute(db);
+
+	await sql`
+		CREATE INDEX workflow_runs_name_status_idx
+			ON workflow_runs (workflow_name, status, created_at DESC)
+	`.execute(db);
+
+	await sql`
+		CREATE TABLE workflow_steps (
+			id               uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+			run_id           uuid NOT NULL REFERENCES workflow_runs(id) ON DELETE CASCADE,
+			step_id          text NOT NULL,
+			memo_key         text NOT NULL,
+			status           text NOT NULL DEFAULT 'pending',
+			output           jsonb,
+			error            text,
+			attempts         integer NOT NULL DEFAULT 0,
+			started_at       timestamptz,
+			completed_at     timestamptz,
+			created_at       timestamptz NOT NULL DEFAULT now(),
+			UNIQUE (run_id, memo_key)
+		)
+	`.execute(db);
+
+	await sql`
+		CREATE INDEX workflow_steps_run_idx
+			ON workflow_steps (run_id, created_at ASC)
+	`.execute(db);
+
+	await sql`
+		CREATE TABLE workflow_queue (
+			id               uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+			run_id           uuid NOT NULL REFERENCES workflow_runs(id) ON DELETE CASCADE,
+			status           text NOT NULL DEFAULT 'pending',
+			attempts         integer NOT NULL DEFAULT 0,
+			max_attempts     integer NOT NULL DEFAULT 3,
+			scheduled_for    timestamptz NOT NULL DEFAULT now(),
+			locked_at        timestamptz,
+			locked_by        text,
+			error            text,
+			completed_at     timestamptz,
+			created_at       timestamptz NOT NULL DEFAULT now()
+		)
+	`.execute(db);
+
+	await sql`
+		CREATE INDEX workflow_queue_dispatch_idx
+			ON workflow_queue (status, scheduled_for)
+			WHERE status = 'pending'
+	`.execute(db);
+}
+
+export async function down(db: Kysely<unknown>): Promise<void> {
+	await sql`DROP TABLE IF EXISTS workflow_queue CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_steps CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_runs CASCADE`.execute(db);
+}

package/migrations/0054_accounts_plan_hobby.ts

@@ -0,0 +1,32 @@
+import { type Kysely, sql } from "kysely";
+
+/**
+ * Normalize the legacy `free` plan string to `hobby`.
+ *
+ * Migration 0004 originally set `accounts.plan` default to `"free"` when
+ * the tier vocabulary was free/pro/builder. The pricing model later
+ * settled on `hobby/launch/grow/scale/enterprise`. Every lookup table
+ * (pricing.ts allowances, TIER_META, webhook handlers) is keyed on
+ * `hobby` — but existing signups still carry `plan='free'`, breaking
+ * the usage + billing pages' tier mapping.
+ *
+ * This migration:
+ *   1. Backfills existing rows: `free` → `hobby`
+ *   2. Flips the column default so new signups default to `hobby`
+ *
+ * No paid accounts are affected (no existing `plan` value maps to a
+ * current tier except `hobby` and whatever a webhook has written).
+ */
+export async function up(db: Kysely<unknown>): Promise<void> {
+	await sql`UPDATE accounts SET plan = 'hobby' WHERE plan = 'free'`.execute(db);
+	await sql`ALTER TABLE accounts ALTER COLUMN plan SET DEFAULT 'hobby'`.execute(
+		db,
+	);
+}
+
+export async function down(db: Kysely<unknown>): Promise<void> {
+	await sql`ALTER TABLE accounts ALTER COLUMN plan SET DEFAULT 'free'`.execute(
+		db,
+	);
+	await sql`UPDATE accounts SET plan = 'free' WHERE plan = 'hobby'`.execute(db);
+}

package/migrations/0055_ai_usage_account_scope.ts

@@ -0,0 +1,108 @@
+import { type Kysely, sql } from "kysely";
+
+/**
+ * Re-scope workflow AI usage to the account level.
+ *
+ * Sentries have no tenant (they're account-level), so the original
+ * `workflow_ai_usage_daily` schema keyed on `(tenant_id, day)` can't
+ * attribute a sentry's AI calls to an account. This migration:
+ *
+ *   1. Adds `account_id` (NOT NULL) and makes `tenant_id` nullable on
+ *      `workflow_ai_usage_daily`.
+ *   2. Drops the old PK, replaces with a UNIQUE index using
+ *      `NULLS NOT DISTINCT` so two NULL-tenant rows for the same
+ *      account+day conflict correctly (requires PG 15+, matches prod).
+ *   3. Adds `account_id` + `tenant_id` nullable columns to
+ *      `workflow_runs` so the processor can set AsyncLocalStorage
+ *      context before invoking the handler — AI middleware reads this
+ *      context to attribute usage back to the caller.
+ *
+ * Backfill for existing rows joins through `tenants.account_id`.
+ * On prod the table has 0 rows (AI middleware was a no-op previously),
+ * so backfill is a formality.
+ */
+export async function up(db: Kysely<unknown>): Promise<void> {
+	// ── workflow_ai_usage_daily ──────────────────────────────────────
+	await sql`
+		ALTER TABLE workflow_ai_usage_daily
+			ADD COLUMN account_id uuid REFERENCES accounts(id) ON DELETE CASCADE
+	`.execute(db);
+
+	await sql`
+		UPDATE workflow_ai_usage_daily u
+		SET account_id = t.account_id
+		FROM tenants t
+		WHERE u.tenant_id = t.id AND u.account_id IS NULL
+	`.execute(db);
+
+	// Drop any rows we couldn't backfill (orphans — tenant already deleted).
+	await sql`DELETE FROM workflow_ai_usage_daily WHERE account_id IS NULL`.execute(
+		db,
+	);
+
+	// Drop the old PK first — it includes tenant_id, which blocks the
+	// subsequent DROP NOT NULL.
+	await sql`
+		ALTER TABLE workflow_ai_usage_daily
+			DROP CONSTRAINT workflow_ai_usage_daily_pkey
+	`.execute(db);
+
+	await sql`
+		ALTER TABLE workflow_ai_usage_daily
+			ALTER COLUMN account_id SET NOT NULL,
+			ALTER COLUMN tenant_id DROP NOT NULL
+	`.execute(db);
+
+	await sql`
+		CREATE UNIQUE INDEX workflow_ai_usage_daily_account_tenant_day_key
+			ON workflow_ai_usage_daily (account_id, tenant_id, day)
+			NULLS NOT DISTINCT
+	`.execute(db);
+
+	await sql`DROP INDEX IF EXISTS workflow_ai_usage_daily_lookup_idx`.execute(
+		db,
+	);
+	await sql`
+		CREATE INDEX workflow_ai_usage_daily_account_day_idx
+			ON workflow_ai_usage_daily (account_id, day DESC)
+	`.execute(db);
+
+	// ── workflow_runs ────────────────────────────────────────────────
+	await sql`
+		ALTER TABLE workflow_runs
+			ADD COLUMN account_id uuid REFERENCES accounts(id) ON DELETE SET NULL,
+			ADD COLUMN tenant_id  uuid REFERENCES tenants(id)  ON DELETE SET NULL
+	`.execute(db);
+
+	await sql`
+		CREATE INDEX workflow_runs_account_idx
+			ON workflow_runs (account_id, created_at DESC)
+			WHERE account_id IS NOT NULL
+	`.execute(db);
+}
+
+export async function down(db: Kysely<unknown>): Promise<void> {
+	await sql`DROP INDEX IF EXISTS workflow_runs_account_idx`.execute(db);
+	await sql`
+		ALTER TABLE workflow_runs
+			DROP COLUMN IF EXISTS account_id,
+			DROP COLUMN IF EXISTS tenant_id
+	`.execute(db);
+
+	await sql`DROP INDEX IF EXISTS workflow_ai_usage_daily_account_day_idx`.execute(
+		db,
+	);
+	await sql`DROP INDEX IF EXISTS workflow_ai_usage_daily_account_tenant_day_key`.execute(
+		db,
+	);
+	// Best-effort: rows without tenant_id fill would violate NOT NULL on
+	// revert. Assume down is dev-only.
+	await sql`DELETE FROM workflow_ai_usage_daily WHERE tenant_id IS NULL`.execute(
+		db,
+	);
+	await sql`
+		ALTER TABLE workflow_ai_usage_daily
+			ALTER COLUMN tenant_id SET NOT NULL,
+			DROP COLUMN account_id
+	`.execute(db);
+}

package/migrations/0056_drop_workflow_sentry_residuals.ts

@@ -0,0 +1,23 @@
+import { type Kysely, sql } from "kysely";
+
+/**
+ * Drop all residual workflow + sentry tables after the product pivot.
+ * Workflows/runner/sentries packages are gone; these tables have no writers.
+ */
+export async function up(db: Kysely<unknown>): Promise<void> {
+	await sql`DROP TABLE IF EXISTS sentry_alerts CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS sentries CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_queue CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_steps CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_runs CASCADE`.execute(db);
+	await sql`DROP TABLE IF EXISTS workflow_ai_usage_daily CASCADE`.execute(db);
+
+	await sql`DROP TRIGGER IF EXISTS tx_confirmed_trigger ON transactions`.execute(
+		db,
+	);
+	await sql`DROP FUNCTION IF EXISTS tx_confirmed_notify() CASCADE`.execute(db);
+}
+
+export async function down(_db: Kysely<unknown>): Promise<void> {
+	throw new Error("0056 is a one-way demolition; restore from backup");
+}

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@secondlayer/shared",
-	"version": "2.1.0",
+	"version": "3.0.0-alpha.0",
 	"type": "module",
 	"main": "./dist/src/index.js",
 	"types": "./dist/src/index.d.ts",
@@ -41,10 +41,6 @@
 			"types": "./dist/src/db/schema.d.ts",
 			"import": "./dist/src/db/schema.js"
 		},
-		"./lib/plans": {
-			"types": "./dist/src/lib/plans.d.ts",
-			"import": "./dist/src/lib/plans.js"
-		},
 		"./queue/listener": {
 			"types": "./dist/src/queue/listener.d.ts",
 			"import": "./dist/src/queue/listener.js"
@@ -65,14 +61,6 @@
 			"types": "./dist/src/schemas/accounts.d.ts",
 			"import": "./dist/src/schemas/accounts.js"
 		},
-		"./schemas/workflows": {
-			"types": "./dist/src/schemas/workflows.d.ts",
-			"import": "./dist/src/schemas/workflows.js"
-		},
-		"./db/queries/workflows": {
-			"types": "./dist/src/db/queries/workflows.d.ts",
-			"import": "./dist/src/db/queries/workflows.js"
-		},
 		"./db/queries/tenants": {
 			"types": "./dist/src/db/queries/tenants.d.ts",
 			"import": "./dist/src/db/queries/tenants.js"
@@ -85,6 +73,30 @@
 			"types": "./dist/src/db/queries/provisioning-audit.d.ts",
 			"import": "./dist/src/db/queries/provisioning-audit.js"
 		},
+		"./db/queries/tenant-compute-addons": {
+			"types": "./dist/src/db/queries/tenant-compute-addons.d.ts",
+			"import": "./dist/src/db/queries/tenant-compute-addons.js"
+		},
+		"./db/queries/account-spend-caps": {
+			"types": "./dist/src/db/queries/account-spend-caps.d.ts",
+			"import": "./dist/src/db/queries/account-spend-caps.js"
+		},
+		"./db/queries/sentries": {
+			"types": "./dist/src/db/queries/sentries.d.ts",
+			"import": "./dist/src/db/queries/sentries.js"
+		},
+		"./db/queries/account-usage": {
+			"types": "./dist/src/db/queries/account-usage.d.ts",
+			"import": "./dist/src/db/queries/account-usage.js"
+		},
+		"./db/queries/workflow-runs": {
+			"types": "./dist/src/db/queries/workflow-runs.d.ts",
+			"import": "./dist/src/db/queries/workflow-runs.js"
+		},
+		"./schemas/sentries": {
+			"types": "./dist/src/schemas/sentries.d.ts",
+			"import": "./dist/src/schemas/sentries.js"
+		},
 		"./types": {
 			"types": "./dist/src/types.d.ts",
 			"import": "./dist/src/types.js"
@@ -164,7 +176,7 @@
 		"prepublishOnly": "bun run build"
 	},
 	"dependencies": {
-		"@secondlayer/stacks": "^0.3.0",
+		"@secondlayer/stacks": "^1.0.0-alpha.0",
 		"kysely": "0.28.15",
 		"kysely-postgres-js": "3.0.0",
 		"postgres": "^3.4.6",

package/dist/src/db/queries/workflows.js

@@ -1,260 +0,0 @@
-import { createRequire } from "node:module";
-var __defProp = Object.defineProperty;
-var __returnValue = (v) => v;
-function __exportSetter(name, newValue) {
-  this[name] = __returnValue.bind(null, newValue);
-}
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, {
-      get: all[name],
-      enumerable: true,
-      configurable: true,
-      set: __exportSetter.bind(all, name)
-    });
-};
-
-// src/db/jsonb.ts
-import { sql } from "kysely";
-function jsonb(value) {
-  const escaped = JSON.stringify(value, (_k, v) => typeof v === "bigint" ? v.toString() : v).replace(/'/g, "''");
-  return sql`${sql.raw(`'${escaped}'::jsonb`)}`;
-}
-function parseJsonb(value) {
-  if (typeof value === "string") {
-    try {
-      return JSON.parse(value);
-    } catch {
-      return value;
-    }
-  }
-  return value ?? {};
-}
-
-// src/errors.ts
-var ErrorCodes = {
-  VALIDATION_ERROR: "VALIDATION_ERROR",
-  DATABASE_ERROR: "DATABASE_ERROR",
-  AUTHENTICATION_ERROR: "AUTHENTICATION_ERROR",
-  AUTHORIZATION_ERROR: "AUTHORIZATION_ERROR",
-  RATE_LIMIT_ERROR: "RATE_LIMIT_ERROR",
-  FORBIDDEN: "FORBIDDEN",
-  VERSION_CONFLICT: "VERSION_CONFLICT",
-  NOT_FOUND: "NOT_FOUND",
-  KEY_ROTATED: "KEY_ROTATED",
-  TRIAL_EXPIRED: "TRIAL_EXPIRED",
-  TENANT_SUSPENDED: "TENANT_SUSPENDED",
-  NO_TENANT_FOR_PROJECT: "NO_TENANT_FOR_PROJECT",
-  INSTANCE_EXISTS: "INSTANCE_EXISTS"
-};
-
-class SecondLayerError extends Error {
-  code;
-  cause;
-  constructor(code, message, cause) {
-    super(message);
-    this.code = code;
-    this.cause = cause;
-    this.name = this.constructor.name;
-    Error.captureStackTrace?.(this, this.constructor);
-  }
-  toJSON() {
-    return {
-      name: this.name,
-      code: this.code,
-      message: this.message,
-      stack: this.stack,
-      cause: this.cause
-    };
-  }
-}
-
-class NotFoundError extends SecondLayerError {
-  constructor(message) {
-    super("NOT_FOUND", message);
-  }
-}
-
-class ValidationError extends SecondLayerError {
-  constructor(message, cause) {
-    super("VALIDATION_ERROR", message, cause);
-  }
-}
-
-class DatabaseError extends SecondLayerError {
-  constructor(message, cause) {
-    super("DATABASE_ERROR", message, cause);
-  }
-}
-
-class AuthenticationError extends SecondLayerError {
-  constructor(message) {
-    super("AUTHENTICATION_ERROR", message);
-  }
-}
-
-class AuthorizationError extends SecondLayerError {
-  constructor(message) {
-    super("AUTHORIZATION_ERROR", message);
-  }
-}
-
-class RateLimitError extends SecondLayerError {
-  constructor(message) {
-    super("RATE_LIMIT_ERROR", message);
-  }
-}
-
-class ForbiddenError extends SecondLayerError {
-  constructor(message = "Forbidden") {
-    super("FORBIDDEN", message);
-  }
-}
-
-class VersionConflictError extends SecondLayerError {
-  currentVersion;
-  expectedVersion;
-  constructor(currentVersion, expectedVersion) {
-    super("VERSION_CONFLICT", `Version conflict: expected ${expectedVersion}, current ${currentVersion}`);
-    this.currentVersion = currentVersion;
-    this.expectedVersion = expectedVersion;
-  }
-}
-
-class KeyRotatedError extends SecondLayerError {
-  constructor(message = "Token has been rotated") {
-    super("KEY_ROTATED", message);
-  }
-}
-
-class TrialExpiredError extends SecondLayerError {
-  constructor(message) {
-    super("TRIAL_EXPIRED", message);
-  }
-}
-
-class TenantSuspendedError extends SecondLayerError {
-  constructor(message = "Instance is suspended") {
-    super("TENANT_SUSPENDED", message);
-  }
-}
-var CODE_TO_STATUS = {
-  AUTHENTICATION_ERROR: 401,
-  AUTHORIZATION_ERROR: 403,
-  RATE_LIMIT_ERROR: 429,
-  FORBIDDEN: 403,
-  NOT_FOUND: 404,
-  VALIDATION_ERROR: 400,
-  KEY_ROTATED: 401,
-  TRIAL_EXPIRED: 402,
-  TENANT_SUSPENDED: 423,
-  NO_TENANT_FOR_PROJECT: 404,
-  INSTANCE_EXISTS: 409
-};
-function getErrorMessage(err) {
-  return err instanceof Error ? err.message : String(err);
-}
-
-// src/db/queries/workflows.ts
-function bumpPatch(version) {
-  const parts = version.split(".");
-  if (parts.length !== 3)
-    return "1.0.1";
-  const [major, minor, patch] = parts.map((p) => Number.parseInt(p, 10));
-  if (Number.isNaN(major) || Number.isNaN(minor) || Number.isNaN(patch) || major === undefined || minor === undefined || patch === undefined) {
-    return "1.0.1";
-  }
-  return `${major}.${minor}.${patch + 1}`;
-}
-async function listWorkflowDefinitions(db, apiKeyIds) {
-  let query = db.selectFrom("workflow_definitions").selectAll().where("status", "!=", "deleted").orderBy("created_at", "desc");
-  if (apiKeyIds?.length) {
-    query = query.where("api_key_id", "in", apiKeyIds);
-  }
-  return await query.execute();
-}
-async function getWorkflowDefinition(db, name, apiKeyIds) {
-  let query = db.selectFrom("workflow_definitions").selectAll().where("name", "=", name);
-  if (apiKeyIds?.length) {
-    query = query.where("api_key_id", "in", apiKeyIds);
-  }
-  return await query.executeTakeFirst() ?? null;
-}
-async function upsertWorkflowDefinition(db, data) {
-  const existing = await db.selectFrom("workflow_definitions").selectAll().where("name", "=", data.name).where("api_key_id", "=", data.apiKeyId).executeTakeFirst();
-  if (existing) {
-    if (data.expectedVersion !== undefined && existing.version !== data.expectedVersion) {
-      throw new VersionConflictError(existing.version, data.expectedVersion);
-    }
-    const nextVersion = bumpPatch(existing.version);
-    return await db.updateTable("workflow_definitions").set({
-      trigger_type: data.triggerType,
-      trigger_config: jsonb(data.triggerConfig),
-      handler_path: data.handlerPath,
-      source_code: data.sourceCode ?? existing.source_code,
-      retries_config: data.retriesConfig ? jsonb(data.retriesConfig) : null,
-      timeout_ms: data.timeoutMs ?? null,
-      version: nextVersion,
-      status: "active",
-      updated_at: new Date
-    }).where("id", "=", existing.id).returningAll().executeTakeFirstOrThrow();
-  }
-  return await db.insertInto("workflow_definitions").values({
-    name: data.name,
-    trigger_type: data.triggerType,
-    trigger_config: jsonb(data.triggerConfig),
-    handler_path: data.handlerPath,
-    source_code: data.sourceCode ?? null,
-    api_key_id: data.apiKeyId,
-    project_id: data.projectId ?? null,
-    retries_config: data.retriesConfig ? jsonb(data.retriesConfig) : null,
-    timeout_ms: data.timeoutMs ?? null,
-    version: "1.0.0"
-  }).returningAll().executeTakeFirstOrThrow();
-}
-async function updateWorkflowStatus(db, name, apiKeyId, status) {
-  await db.updateTable("workflow_definitions").set({ status, updated_at: new Date }).where("name", "=", name).where("api_key_id", "=", apiKeyId).execute();
-}
-async function deleteWorkflowDefinition(db, name, apiKeyId) {
-  await db.updateTable("workflow_definitions").set({ status: "deleted", updated_at: new Date }).where("name", "=", name).where("api_key_id", "=", apiKeyId).execute();
-}
-async function createWorkflowRun(db, data) {
-  return await db.insertInto("workflow_runs").values({
-    definition_id: data.definitionId,
-    trigger_type: data.triggerType,
-    trigger_data: data.triggerData ? jsonb(data.triggerData) : null,
-    dedup_key: data.dedupKey ?? null
-  }).returningAll().executeTakeFirstOrThrow();
-}
-async function getWorkflowRun(db, runId) {
-  return await db.selectFrom("workflow_runs").selectAll().where("id", "=", runId).executeTakeFirst() ?? null;
-}
-async function listWorkflowRuns(db, definitionId, params) {
-  let query = db.selectFrom("workflow_runs").selectAll().where("definition_id", "=", definitionId).orderBy("created_at", "desc");
-  if (params?.status) {
-    query = query.where("status", "=", params.status);
-  }
-  query = query.limit(params?.limit ?? 20);
-  if (params?.offset) {
-    query = query.offset(params.offset);
-  }
-  return await query.execute();
-}
-async function getWorkflowSteps(db, runId) {
-  return await db.selectFrom("workflow_steps").selectAll().where("run_id", "=", runId).orderBy("step_index", "asc").execute();
-}
-export {
-  upsertWorkflowDefinition,
-  updateWorkflowStatus,
-  listWorkflowRuns,
-  listWorkflowDefinitions,
-  getWorkflowSteps,
-  getWorkflowRun,
-  getWorkflowDefinition,
-  deleteWorkflowDefinition,
-  createWorkflowRun,
-  bumpPatch
-};
-
-//# debugId=E33493756835BCAB64756E2164756E21
-//# sourceMappingURL=workflows.js.map