@squadbase/vite-server 0.1.12-dev.a9ac647 → 0.1.17-dev.24af54e

package/dist/connectors/jdbc.js

@@ -1,105 +1,70 @@
-// ../connectors/src/parameter-definition.ts
-var ParameterDefinition = class {
-  slug;
-  name;
-  description;
-  envVarBaseKey;
-  type;
-  secret;
-  required;
-  constructor(config) {
-    this.slug = config.slug;
-    this.name = config.name;
-    this.description = config.description;
-    this.envVarBaseKey = config.envVarBaseKey;
-    this.type = config.type;
-    this.secret = config.secret;
-    this.required = config.required;
-  }
-  /**
-   * Get the parameter value from a ConnectorConnectionObject.
-   */
-  getValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) {
-      throw new Error(
-        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
-      );
-    }
-    return param.value;
-  }
-  /**
-   * Try to get the parameter value. Returns undefined if not found (for optional params).
-   */
-  tryGetValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) return void 0;
-    return param.value;
-  }
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
-
-// ../connectors/src/lib/ssh-tunnel.ts
-var sshTunnelParameters = {
-  sshHost: new ParameterDefinition({
-    slug: "ssh-host",
-    name: "SSH Tunnel Host",
-    description: "Optional. Hostname of the SSH bastion to tunnel through. Leave empty to connect directly.",
-    envVarBaseKey: "SSH_TUNNEL_HOST",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshPort: new ParameterDefinition({
-    slug: "ssh-port",
-    name: "SSH Tunnel Port",
-    description: "Optional. SSH port of the bastion host (default: 22).",
-    envVarBaseKey: "SSH_TUNNEL_PORT",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshUsername: new ParameterDefinition({
-    slug: "ssh-username",
-    name: "SSH Tunnel Username",
-    description: "Optional. Username for SSH authentication. Required when SSH Tunnel Host is set.",
-    envVarBaseKey: "SSH_TUNNEL_USERNAME",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshPrivateKeyBase64: new ParameterDefinition({
-    slug: "ssh-private-key-base64",
-    name: "SSH Private Key",
-    description: "Optional. Private key (PEM, base64-encoded) used for SSH authentication. Required when SSH Tunnel Host is set.",
-    envVarBaseKey: "SSH_TUNNEL_PRIVATE_KEY_BASE64",
-    type: "base64EncodedText",
-    secret: true,
-    required: false
-  }),
-  sshPassphrase: new ParameterDefinition({
-    slug: "ssh-passphrase",
-    name: "SSH Private Key Passphrase",
-    description: "Optional. Passphrase for the SSH private key, if it is encrypted.",
-    envVarBaseKey: "SSH_TUNNEL_PASSPHRASE",
-    type: "text",
-    secret: true,
-    required: false
-  })
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
 };
-var NOOP_TUNNEL = (connectionUrl) => ({
-  connectionUrl,
-  close: async () => {
+
+// ../connectors/src/parameter-definition.ts
+var ParameterDefinition;
+var init_parameter_definition = __esm({
+  "../connectors/src/parameter-definition.ts"() {
+    "use strict";
+    ParameterDefinition = class {
+      slug;
+      name;
+      description;
+      envVarBaseKey;
+      type;
+      secret;
+      required;
+      constructor(config) {
+        this.slug = config.slug;
+        this.name = config.name;
+        this.description = config.description;
+        this.envVarBaseKey = config.envVarBaseKey;
+        this.type = config.type;
+        this.secret = config.secret;
+        this.required = config.required;
+      }
+      /**
+       * Get the parameter value from a ConnectorConnectionObject.
+       */
+      getValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) {
+          throw new Error(
+            `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+          );
+        }
+        return param.value;
+      }
+      /**
+       * Try to get the parameter value. Returns undefined if not found (for optional params).
+       */
+      tryGetValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) return void 0;
+        return param.value;
+      }
+    };
   }
 });
-var NOOP_TUNNEL_HOSTPORT = (host, port) => ({
-  host,
-  port,
-  close: async () => {
-  }
+
+// ../connectors/src/lib/ssh-tunnel.ts
+var ssh_tunnel_exports = {};
+__export(ssh_tunnel_exports, {
+  connectionParamsToRecord: () => connectionParamsToRecord,
+  maybeOpenSshTunnel: () => maybeOpenSshTunnel,
+  maybeOpenSshTunnelHostPort: () => maybeOpenSshTunnelHostPort,
+  sshTunnelParameters: () => sshTunnelParameters
 });
 function connectionParamsToRecord(connection2) {
   const out = {};
@@ -185,11 +150,80 @@ async function maybeOpenSshTunnel(params, connectionUrl, defaultDbPort) {
     close: tunnel.close
   };
 }
+var sshTunnelParameters, NOOP_TUNNEL, NOOP_TUNNEL_HOSTPORT;
+var init_ssh_tunnel = __esm({
+  "../connectors/src/lib/ssh-tunnel.ts"() {
+    "use strict";
+    init_parameter_definition();
+    sshTunnelParameters = {
+      sshHost: new ParameterDefinition({
+        slug: "ssh-host",
+        name: "SSH Tunnel Host",
+        description: "Optional. Hostname of the SSH bastion to tunnel through. Leave empty to connect directly.",
+        envVarBaseKey: "SSH_TUNNEL_HOST",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshPort: new ParameterDefinition({
+        slug: "ssh-port",
+        name: "SSH Tunnel Port",
+        description: "Optional. SSH port of the bastion host (default: 22).",
+        envVarBaseKey: "SSH_TUNNEL_PORT",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshUsername: new ParameterDefinition({
+        slug: "ssh-username",
+        name: "SSH Tunnel Username",
+        description: "Optional. Username for SSH authentication. Required when SSH Tunnel Host is set.",
+        envVarBaseKey: "SSH_TUNNEL_USERNAME",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshPrivateKeyBase64: new ParameterDefinition({
+        slug: "ssh-private-key-base64",
+        name: "SSH Private Key",
+        description: "Optional. Private key (PEM, base64-encoded) used for SSH authentication. Required when SSH Tunnel Host is set.",
+        envVarBaseKey: "SSH_TUNNEL_PRIVATE_KEY_BASE64",
+        type: "base64EncodedText",
+        secret: true,
+        required: false
+      }),
+      sshPassphrase: new ParameterDefinition({
+        slug: "ssh-passphrase",
+        name: "SSH Private Key Passphrase",
+        description: "Optional. Passphrase for the SSH private key, if it is encrypted.",
+        envVarBaseKey: "SSH_TUNNEL_PASSPHRASE",
+        type: "text",
+        secret: true,
+        required: false
+      })
+    };
+    NOOP_TUNNEL = (connectionUrl) => ({
+      connectionUrl,
+      close: async () => {
+      }
+    });
+    NOOP_TUNNEL_HOSTPORT = (host, port) => ({
+      host,
+      port,
+      close: async () => {
+      }
+    });
+  }
+});
 
 // ../connectors/src/connectors/sqlserver/utils.ts
-var SQLSERVER_PREFIX_RE = /^(?:jdbc:)?sqlserver:\/\//i;
-var TRUE_VALUES = /* @__PURE__ */ new Set(["true", "1", "yes"]);
-var FALSE_VALUES = /* @__PURE__ */ new Set(["false", "0", "no"]);
+var utils_exports = {};
+__export(utils_exports, {
+  parseSqlServerJdbcUrl: () => parseSqlServerJdbcUrl,
+  redactSqlServerUrl: () => redactSqlServerUrl,
+  runSqlServerSetupQuery: () => runSqlServerSetupQuery,
+  toMssqlConfig: () => toMssqlConfig
+});
 function parseBoolean(value) {
   if (value == null) return void 0;
   const lower = value.toLowerCase();
@@ -256,8 +290,34 @@ function toMssqlConfig(parsed, defaults = {}) {
 function redactSqlServerUrl(jdbcUrl) {
   return jdbcUrl.replace(/(:\/\/)([^@/;]+)@/, "$1***@").replace(/(password\s*=\s*)([^;]+)/gi, "$1***");
 }
+async function runSqlServerSetupQuery(params, sql, forceEncrypt) {
+  const { runMssqlQuery: runMssqlQuery2 } = await Promise.resolve().then(() => (init_mssql_runner(), mssql_runner_exports));
+  const parsed = parseSqlServerJdbcUrl(params["jdbc-url"] ?? "", {
+    username: params["username"],
+    password: params["password"]
+  });
+  const result = await runMssqlQuery2(parsed, sql, {
+    forceEncrypt,
+    tunnelParams: params
+  });
+  return result.rows;
+}
+var SQLSERVER_PREFIX_RE, TRUE_VALUES, FALSE_VALUES;
+var init_utils = __esm({
+  "../connectors/src/connectors/sqlserver/utils.ts"() {
+    "use strict";
+    SQLSERVER_PREFIX_RE = /^(?:jdbc:)?sqlserver:\/\//i;
+    TRUE_VALUES = /* @__PURE__ */ new Set(["true", "1", "yes"]);
+    FALSE_VALUES = /* @__PURE__ */ new Set(["false", "0", "no"]);
+  }
+});
 
 // ../connectors/src/lib/mssql-runner.ts
+var mssql_runner_exports = {};
+__export(mssql_runner_exports, {
+  checkMssqlConnection: () => checkMssqlConnection,
+  runMssqlQuery: () => runMssqlQuery
+});
 async function importMssql() {
   const mod = await import("mssql");
   return mod.default ?? mod;
@@ -306,11 +366,23 @@ async function checkMssqlConnection(url, credentials, options = {}) {
     return { success: false, error: msg };
   }
 }
+var init_mssql_runner = __esm({
+  "../connectors/src/lib/mssql-runner.ts"() {
+    "use strict";
+    init_ssh_tunnel();
+    init_utils();
+  }
+});
 
 // ../connectors/src/connectors/oracle/utils.ts
-var JDBC_THIN_PREFIX_RE = /^jdbc:oracle:thin:/i;
-var JDBC_OCI_PREFIX_RE = /^jdbc:oracle:oci/i;
-var URL_PREFIX_RE = /^oracle:\/\//i;
+var utils_exports2 = {};
+__export(utils_exports2, {
+  parseOracleConnectStringHostPort: () => parseOracleConnectStringHostPort,
+  parseOracleJdbcUrl: () => parseOracleJdbcUrl,
+  redactOracleUrl: () => redactOracleUrl,
+  rewriteOracleConnectStringHostPort: () => rewriteOracleConnectStringHostPort,
+  runOracleSetupQuery: () => runOracleSetupQuery
+});
 function parseOracleJdbcUrl(jdbcUrl, options = {}) {
   const trimmed = jdbcUrl.trim();
   if (JDBC_OCI_PREFIX_RE.test(trimmed)) {
@@ -382,9 +454,34 @@ function rewriteOracleConnectStringHostPort(connectString, host, port) {
   if (!parts) return connectString;
   return `${host}:${port}${parts.trailing}`;
 }
+async function runOracleSetupQuery(params, sql) {
+  const { runOracleQuery: runOracleQuery2 } = await Promise.resolve().then(() => (init_oracle_runner(), oracle_runner_exports));
+  const parsed = parseOracleJdbcUrl(params["jdbc-url"] ?? "", {
+    username: params["username"],
+    password: params["password"]
+  });
+  const cleanSql = sql.replace(/;\s*$/, "");
+  const result = await runOracleQuery2(parsed, cleanSql, {
+    tunnelParams: params
+  });
+  return result.rows;
+}
+var JDBC_THIN_PREFIX_RE, JDBC_OCI_PREFIX_RE, URL_PREFIX_RE;
+var init_utils2 = __esm({
+  "../connectors/src/connectors/oracle/utils.ts"() {
+    "use strict";
+    JDBC_THIN_PREFIX_RE = /^jdbc:oracle:thin:/i;
+    JDBC_OCI_PREFIX_RE = /^jdbc:oracle:oci/i;
+    URL_PREFIX_RE = /^oracle:\/\//i;
+  }
+});
 
 // ../connectors/src/lib/oracle-runner.ts
-var GLOBAL_ORACLEDB_PATH = "/usr/lib/node_modules/oracledb/index.js";
+var oracle_runner_exports = {};
+__export(oracle_runner_exports, {
+  checkOracleConnection: () => checkOracleConnection,
+  runOracleQuery: () => runOracleQuery
+});
 async function importOracleDb() {
   let mod;
   try {
@@ -460,8 +557,22 @@ async function checkOracleConnection(url, credentials, options = {}) {
     return { success: false, error: msg };
   }
 }
+var GLOBAL_ORACLEDB_PATH;
+var init_oracle_runner = __esm({
+  "../connectors/src/lib/oracle-runner.ts"() {
+    "use strict";
+    init_ssh_tunnel();
+    init_utils2();
+    GLOBAL_ORACLEDB_PATH = "/usr/lib/node_modules/oracledb/index.js";
+  }
+});
 
 // ../connectors/src/lib/pg-pool.ts
+var pg_pool_exports = {};
+__export(pg_pool_exports, {
+  attachStatementTimeout: () => attachStatementTimeout,
+  withStatementTimeout: () => withStatementTimeout
+});
 function attachStatementTimeout(pool, statementTimeoutMs) {
   pool.on("connect", (client) => {
     void client.query(`SET statement_timeout = ${statementTimeoutMs}`).catch(() => {
@@ -486,8 +597,23 @@ async function withStatementTimeout(promise, statementTimeoutMs) {
     if (timer) clearTimeout(timer);
   }
 }
+var init_pg_pool = __esm({
+  "../connectors/src/lib/pg-pool.ts"() {
+    "use strict";
+  }
+});
+
+// ../connectors/src/connectors/jdbc/sdk/index.ts
+init_mssql_runner();
+init_oracle_runner();
+init_pg_pool();
+init_ssh_tunnel();
+init_utils();
+init_utils2();
 
 // ../connectors/src/connectors/jdbc/parameters.ts
+init_parameter_definition();
+init_ssh_tunnel();
 var parameters = {
   jdbcUrl: new ParameterDefinition({
     slug: "jdbc-url",
@@ -608,6 +734,91 @@ function parseJdbcUrl(jdbcUrl, options = {}) {
 function redactJdbcUrl(jdbcUrl) {
   return jdbcUrl.replace(/(:\/\/)([^@/]+)@/, "$1***@").replace(/(password\s*=\s*)([^;&]+)/gi, "$1***");
 }
+async function runJdbcSetupQuery(params, sql, values) {
+  const jdbcUrl = params["jdbc-url"] ?? "";
+  const username = params["username"] || void 0;
+  const password = params["password"] || void 0;
+  const parsed = parseJdbcUrl(jdbcUrl, { username, password });
+  if (parsed.driver === "sqlserver") {
+    const { parseSqlServerJdbcUrl: parseSqlServerJdbcUrl2 } = await Promise.resolve().then(() => (init_utils(), utils_exports));
+    const { runMssqlQuery: runMssqlQuery2 } = await Promise.resolve().then(() => (init_mssql_runner(), mssql_runner_exports));
+    const sqlParsed = parseSqlServerJdbcUrl2(parsed.originalUrl, {
+      username,
+      password
+    });
+    const result = await runMssqlQuery2(sqlParsed, sql, { tunnelParams: params });
+    return result.rows;
+  }
+  if (parsed.driver === "oracle") {
+    const { parseOracleJdbcUrl: parseOracleJdbcUrl2 } = await Promise.resolve().then(() => (init_utils2(), utils_exports2));
+    const { runOracleQuery: runOracleQuery2 } = await Promise.resolve().then(() => (init_oracle_runner(), oracle_runner_exports));
+    const oracleParsed = parseOracleJdbcUrl2(parsed.originalUrl, {
+      username,
+      password
+    });
+    const cleanSql = sql.replace(/;\s*$/, "");
+    const result = await runOracleQuery2(oracleParsed, cleanSql, {
+      tunnelParams: params
+    });
+    return result.rows;
+  }
+  const { maybeOpenSshTunnel: maybeOpenSshTunnel2 } = await Promise.resolve().then(() => (init_ssh_tunnel(), ssh_tunnel_exports));
+  const tunnel = await maybeOpenSshTunnel2(
+    params,
+    parsed.nativeUrl,
+    parsed.defaultPort
+  );
+  if (parsed.driver === "postgresql") {
+    const { Pool } = await import("pg");
+    const { attachStatementTimeout: attachStatementTimeout2, withStatementTimeout: withStatementTimeout2 } = await Promise.resolve().then(() => (init_pg_pool(), pg_pool_exports));
+    const pool2 = new Pool({
+      connectionString: tunnel.connectionUrl,
+      ssl: { rejectUnauthorized: false },
+      connectionTimeoutMillis: 1e4
+    });
+    attachStatementTimeout2(pool2, 3e4);
+    try {
+      const result = await withStatementTimeout2(
+        pool2.query(sql, values ?? []),
+        3e4
+      );
+      return result.rows;
+    } finally {
+      await pool2.end();
+      await tunnel.close();
+    }
+  }
+  const mysql = await import("mysql2/promise");
+  const pool = mysql.createPool({
+    uri: tunnel.connectionUrl,
+    connectTimeout: 1e4
+  });
+  try {
+    const queryPromise = pool.query(sql, values ?? []);
+    const timeoutPromise = new Promise(
+      (_, reject) => setTimeout(
+        () => reject(new Error("Query timed out after 30 seconds")),
+        3e4
+      )
+    );
+    const [rows] = await Promise.race([queryPromise, timeoutPromise]);
+    return Array.isArray(rows) ? rows : [];
+  } finally {
+    await pool.end();
+    await tunnel.close();
+  }
+}
+function getJdbcDialect(params) {
+  try {
+    const parsed = parseJdbcUrl(params["jdbc-url"] ?? "", {
+      username: params["username"] || void 0,
+      password: params["password"] || void 0
+    });
+    return parsed.driver;
+  } catch {
+    return null;
+  }
+}
 
 // ../connectors/src/connectors/jdbc/sdk/index.ts
 function createClient(params) {
@@ -763,6 +974,28 @@ var ConnectorPlugin = class _ConnectorPlugin {
   tools;
   query;
   checkConnection;
+  /**
+   * SQPD-1212: Logic-based, rule-driven connection setup. Connectors that
+   * implement this expose a step-by-step exploration flow (database/schema/
+   * table/etc. discovery) that the dashboard backend drives via the
+   * `/connections/:connectionId/setup` endpoint. Implement by delegating to
+   * `runSetupFlow` from `setup-flow.ts`.
+   */
+  setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -779,6 +1012,8 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.tools = config.tools;
     this.query = config.query;
     this.checkConnection = config.checkConnection;
+    this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -843,6 +1078,51 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
 
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      answerIdx += 1;
+      continue;
+    }
+    if (step.type === "text") {
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text"
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return { type: "fulfilled", dataInvestigationResult };
+}
+async function resolveSetupSelection(params) {
+  const { selected, allSentinel, fetchAll, limit } = params;
+  const resolved = selected.includes(allSentinel) ? await fetchAll() : selected.filter((v) => v !== allSentinel);
+  return resolved.slice(0, limit);
+}
+
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -853,6 +1133,14 @@ var AUTH_TYPES = {
   USER_PASSWORD: "user-password"
 };
 
+// ../connectors/src/connectors/jdbc/index.ts
+init_pg_pool();
+init_ssh_tunnel();
+init_mssql_runner();
+init_oracle_runner();
+init_utils();
+init_utils2();
+
 // ../connectors/src/connectors/jdbc/setup.ts
 var jdbcOnboarding = new ConnectorOnboarding({
   dataOverviewInstructions: {
@@ -871,8 +1159,326 @@ var jdbcOnboarding = new ConnectorOnboarding({
   }
 });
 
+// ../connectors/src/connectors/jdbc/setup-flow.ts
+var ALL_TABLES = "__ALL_TABLES__";
+var JDBC_SETUP_MAX_TABLES = 20;
+function quoteLiteral(value) {
+  return "'" + value.replace(/'/g, "''") + "'";
+}
+var PG_INTERNAL_SCHEMAS = /* @__PURE__ */ new Set([
+  "information_schema",
+  "pg_catalog",
+  "pg_toast"
+]);
+var MYSQL_INTERNAL_DATABASES = /* @__PURE__ */ new Set([
+  "mysql",
+  "information_schema",
+  "performance_schema",
+  "sys"
+]);
+var SQLSERVER_INTERNAL_SCHEMAS = /* @__PURE__ */ new Set([
+  "sys",
+  "information_schema",
+  "guest",
+  "db_owner",
+  "db_accessadmin",
+  "db_securityadmin",
+  "db_ddladmin",
+  "db_backupoperator",
+  "db_datareader",
+  "db_datawriter",
+  "db_denydatareader",
+  "db_denydatawriter"
+]);
+var ORACLE_INTERNAL_OWNERS = /* @__PURE__ */ new Set([
+  "SYS",
+  "SYSTEM",
+  "XDB",
+  "OUTLN",
+  "ANONYMOUS",
+  "APEX_PUBLIC_USER",
+  "APPQOSSYS",
+  "AUDSYS",
+  "CTXSYS",
+  "DBSFWUSER",
+  "DBSNMP",
+  "DIP",
+  "DVF",
+  "DVSYS",
+  "GGSYS",
+  "GSMADMIN_INTERNAL",
+  "GSMCATUSER",
+  "GSMUSER",
+  "LBACSYS",
+  "MDDATA",
+  "MDSYS",
+  "OJVMSYS",
+  "OLAPSYS",
+  "ORACLE_OCM",
+  "ORDDATA",
+  "ORDPLUGINS",
+  "ORDSYS",
+  "PDBADMIN",
+  "REMOTE_SCHEDULER_AGENT",
+  "SI_INFORMTN_SCHEMA",
+  "SPATIAL_CSW_ADMIN_USR",
+  "SPATIAL_WFS_ADMIN_USR",
+  "SQLTXADMIN",
+  "SQLTXPLAIN",
+  "SYSBACKUP",
+  "SYSDG",
+  "SYSKM",
+  "SYSRAC",
+  "TSMSYS",
+  "WMSYS",
+  "XS$NULL"
+]);
+async function listNamespaces(params) {
+  const dialect = getJdbcDialect(params);
+  if (dialect === "postgresql") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT schema_name FROM information_schema.schemata ORDER BY schema_name`
+    );
+    return rows.map((r) => String(r["schema_name"] ?? "")).filter(
+      (name) => name && !PG_INTERNAL_SCHEMAS.has(name.toLowerCase()) && !name.toLowerCase().startsWith("pg_")
+    );
+  }
+  if (dialect === "mysql") {
+    const rows = await runJdbcSetupQuery(params, "SHOW DATABASES");
+    return rows.map(
+      (r) => String(r["Database"] ?? r["database"] ?? r["SCHEMA_NAME"] ?? "")
+    ).filter(
+      (name) => name && !MYSQL_INTERNAL_DATABASES.has(name.toLowerCase())
+    );
+  }
+  if (dialect === "sqlserver") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA ORDER BY SCHEMA_NAME`
+    );
+    return rows.map((r) => String(r["SCHEMA_NAME"] ?? "")).filter(
+      (name) => name && !SQLSERVER_INTERNAL_SCHEMAS.has(name.toLowerCase())
+    );
+  }
+  if (dialect === "oracle") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT USERNAME FROM ALL_USERS ORDER BY USERNAME`
+    );
+    return rows.map((r) => String(r["USERNAME"] ?? "")).filter((name) => {
+      if (!name) return false;
+      const upper = name.toUpperCase();
+      return !ORACLE_INTERNAL_OWNERS.has(upper) && !upper.startsWith("APEX_");
+    });
+  }
+  return [];
+}
+async function listTables(params, namespace) {
+  const dialect = getJdbcDialect(params);
+  if (dialect === "postgresql") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT table_name FROM information_schema.tables
+       WHERE table_schema = $1 AND table_type IN ('BASE TABLE', 'VIEW')
+       ORDER BY table_name`,
+      [namespace]
+    );
+    return rows.map((r) => String(r["table_name"] ?? "")).filter((name) => name);
+  }
+  if (dialect === "mysql") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT TABLE_NAME FROM information_schema.TABLES
+       WHERE TABLE_SCHEMA = ? AND TABLE_TYPE IN ('BASE TABLE', 'VIEW')
+       ORDER BY TABLE_NAME`,
+      [namespace]
+    );
+    return rows.map((r) => String(r["TABLE_NAME"] ?? r["table_name"] ?? "")).filter((name) => name);
+  }
+  if (dialect === "sqlserver") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
+       WHERE TABLE_TYPE IN ('BASE TABLE', 'VIEW')
+         AND TABLE_SCHEMA = ${quoteLiteral(namespace)}
+       ORDER BY TABLE_NAME`
+    );
+    return rows.map((r) => String(r["TABLE_NAME"] ?? "")).filter((name) => name);
+  }
+  if (dialect === "oracle") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT TABLE_NAME FROM ALL_TABLES
+       WHERE OWNER = ${quoteLiteral(namespace)}
+       ORDER BY TABLE_NAME`
+    );
+    return rows.map((r) => String(r["TABLE_NAME"] ?? "")).filter((name) => name);
+  }
+  return [];
+}
+async function describeTable(params, namespace, table) {
+  const dialect = getJdbcDialect(params);
+  if (dialect === "postgresql") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT column_name, data_type, is_nullable, column_default
+       FROM information_schema.columns
+       WHERE table_schema = $1 AND table_name = $2
+       ORDER BY ordinal_position`,
+      [namespace, table]
+    );
+    return rows.map((c) => ({
+      name: String(c["column_name"] ?? ""),
+      type: String(c["data_type"] ?? ""),
+      nullable: String(c["is_nullable"] ?? ""),
+      default: c["column_default"] == null ? "-" : String(c["column_default"])
+    }));
+  }
+  if (dialect === "mysql") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT COLUMN_NAME, DATA_TYPE, IS_NULLABLE, COLUMN_DEFAULT
+       FROM information_schema.COLUMNS
+       WHERE TABLE_SCHEMA = ? AND TABLE_NAME = ?
+       ORDER BY ORDINAL_POSITION`,
+      [namespace, table]
+    );
+    return rows.map((c) => ({
+      name: String(c["COLUMN_NAME"] ?? c["column_name"] ?? ""),
+      type: String(c["DATA_TYPE"] ?? c["data_type"] ?? ""),
+      nullable: String(c["IS_NULLABLE"] ?? c["is_nullable"] ?? ""),
+      default: (c["COLUMN_DEFAULT"] ?? c["column_default"]) == null ? "-" : String(c["COLUMN_DEFAULT"] ?? c["column_default"])
+    }));
+  }
+  if (dialect === "sqlserver") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT COLUMN_NAME, DATA_TYPE, IS_NULLABLE, COLUMN_DEFAULT
+       FROM INFORMATION_SCHEMA.COLUMNS
+       WHERE TABLE_SCHEMA = ${quoteLiteral(namespace)}
+         AND TABLE_NAME = ${quoteLiteral(table)}
+       ORDER BY ORDINAL_POSITION`
+    );
+    return rows.map((c) => ({
+      name: String(c["COLUMN_NAME"] ?? ""),
+      type: String(c["DATA_TYPE"] ?? ""),
+      nullable: String(c["IS_NULLABLE"] ?? ""),
+      default: c["COLUMN_DEFAULT"] == null ? "-" : String(c["COLUMN_DEFAULT"])
+    }));
+  }
+  if (dialect === "oracle") {
+    const rows = await runJdbcSetupQuery(
+      params,
+      `SELECT COLUMN_NAME, DATA_TYPE, NULLABLE, DATA_DEFAULT
+       FROM ALL_TAB_COLUMNS
+       WHERE OWNER = ${quoteLiteral(namespace)}
+         AND TABLE_NAME = ${quoteLiteral(table)}
+       ORDER BY COLUMN_ID`
+    );
+    return rows.map((c) => {
+      const defaultRaw = c["DATA_DEFAULT"];
+      return {
+        name: String(c["COLUMN_NAME"] ?? ""),
+        type: String(c["DATA_TYPE"] ?? ""),
+        nullable: String(c["NULLABLE"] ?? ""),
+        default: defaultRaw == null ? "-" : String(defaultRaw).trim() || "-"
+      };
+    });
+  }
+  return [];
+}
+function namespaceLabel(dialect, language) {
+  if (dialect === "mysql") {
+    return language === "ja" ? "\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9" : "Database";
+  }
+  if (dialect === "oracle") {
+    return language === "ja" ? "\u30AA\u30FC\u30CA\u30FC\uFF08\u30B9\u30AD\u30FC\u30DE\uFF09" : "Schema (owner)";
+  }
+  return language === "ja" ? "\u30B9\u30AD\u30FC\u30DE" : "Schema";
+}
+var jdbcSetupFlow = {
+  initialState: () => ({}),
+  steps: [
+    {
+      slug: "namespace",
+      type: "select",
+      question: {
+        ja: "\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u306B\u4F7F\u3046\u30B9\u30AD\u30FC\u30DE\u307E\u305F\u306F\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044",
+        en: "Select the schema or database to use for setup"
+      },
+      async fetchOptions(_state, rt) {
+        const names = await listNamespaces(rt.params);
+        return names.map((value) => ({ value }));
+      },
+      applyAnswer: (state, answer) => ({ ...state, namespace: answer[0] })
+    },
+    {
+      slug: "tables",
+      type: "multiSelect",
+      question: {
+        ja: "\u5BFE\u8C61\u30C6\u30FC\u30D6\u30EB\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+        en: "Select target tables (multi-select allowed)"
+      },
+      async fetchOptions(state, rt) {
+        if (!state.namespace) return [];
+        const names = await listTables(rt.params, state.namespace);
+        const tableOptions = names.map((value) => ({ value }));
+        return [
+          {
+            value: ALL_TABLES,
+            label: rt.language === "ja" ? "\u3059\u3079\u3066\u306E\u30C6\u30FC\u30D6\u30EB" : "All tables"
+          },
+          ...tableOptions
+        ];
+      },
+      applyAnswer: (state, answer) => ({ ...state, tables: answer })
+    }
+  ],
+  async finalize(state, rt) {
+    if (!state.namespace || !state.tables) {
+      throw new Error("JDBC setup: incomplete state on finalize");
+    }
+    const namespace = state.namespace;
+    const dialect = getJdbcDialect(rt.params);
+    const targetTables = await resolveSetupSelection({
+      selected: state.tables,
+      allSentinel: ALL_TABLES,
+      fetchAll: () => listTables(rt.params, namespace),
+      limit: JDBC_SETUP_MAX_TABLES
+    });
+    const label = namespaceLabel(dialect, rt.language);
+    const sections = [
+      "## JDBC",
+      "",
+      `### Dialect: ${dialect ?? "unknown"}`,
+      `### ${label}: ${namespace}`,
+      ""
+    ];
+    for (const table of targetTables) {
+      const cols = await describeTable(rt.params, namespace, table);
+      sections.push(`#### Table: ${table}`, "");
+      sections.push("| Column | Type | Nullable | Default |");
+      sections.push("|--------|------|----------|---------|");
+      for (const c of cols) {
+        sections.push(
+          `| ${c.name} | ${c.type} | ${c.nullable} | ${c.default} |`
+        );
+      }
+      sections.push("");
+    }
+    return sections.join("\n");
+  }
+};
+
 // ../connectors/src/connectors/jdbc/tools/execute-query.ts
 import { z } from "zod";
+init_pg_pool();
+init_ssh_tunnel();
+init_mssql_runner();
+init_oracle_runner();
+init_utils();
+init_utils2();
 var MAX_ROWS = 500;
 var CONNECT_TIMEOUT_MS = 1e4;
 var STATEMENT_TIMEOUT_MS = 6e4;
@@ -1128,6 +1734,7 @@ JDBC URL \u306E\u30D7\u30EC\u30D5\u30A3\u30C3\u30AF\u30B9\u306B\u3088\u308A\u65B
 \u30D7\u30E9\u30C3\u30C8\u30D5\u30A9\u30FC\u30E0\u306E server-logic \u30B9\u30AD\u30FC\u30DE\u63A8\u8AD6\u306F\u3001\u30AF\u30A8\u30EA\u3092 \`SELECT * FROM (<inner>) AS _sq LIMIT N\`\uFF08PostgreSQL/MySQL \u69CB\u6587\uFF09\u306E\u5F62\u3067\u30E9\u30C3\u30D7\u3057\u3066\u304F\u308B\u3053\u3068\u304C\u3042\u308A\u307E\u3059\u3002PostgreSQL / Redshift / MySQL \u30EB\u30FC\u30C8\u3067\u306F\u305D\u306E\u307E\u307E\u5B9F\u884C\u3055\u308C\u307E\u3059\u3002\`jdbc:sqlserver://\` \u304A\u3088\u3073 \`jdbc:oracle:thin:\` \u30EB\u30FC\u30C8\u3067\u306F\u3001\u30B3\u30CD\u30AF\u30BF\u304C \`query()\` \u5185\u3067\u3053\u306E\u30E9\u30C3\u30D1\u3092\u691C\u51FA\u3057\u3001\`<inner>\` \u3092\u65B9\u8A00\u56FA\u6709\u306E\u30C9\u30E9\u30A4\u30D0\u3067\u76F4\u63A5\u5B9F\u884C\u3057\u3066 JS \u5074\u3067\u5148\u982D N \u884C\u306B\u5207\u308A\u8A70\u3081\u307E\u3059\u3002\u5229\u7528\u8005\u5074\u3067\u5BFE\u51E6\u3059\u308B\u5FC5\u8981\u306F\u3042\u308A\u307E\u305B\u3093\u304C\u3001**\u81EA\u5206\u3067\u66F8\u304F SQL** \u3067\u306F SQL Server / Oracle \u30EB\u30FC\u30C8\u3067 \`LIMIT\` \u3092\u4F7F\u308F\u305A\u3001\u4E0A\u8A18\u306E \`TOP\` / \`FETCH FIRST\` \u3092\u4F7F\u3063\u3066\u304F\u3060\u3055\u3044\u3002`
   },
   tools,
+  setup: (params, ctx, config) => runSetupFlow(jdbcSetupFlow, params, ctx, config),
   async checkConnection(params, _config) {
     const jdbcUrl = params[parameters.jdbcUrl.slug];
     const username = params[parameters.username.slug];
@@ -1307,6 +1914,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -1315,6 +1923,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -1324,10 +1937,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -1353,10 +1973,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -1364,6 +1983,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {