npm - @squadbase/vite-server - Versions diffs - 0.1.12-dev.a9ac647 → 0.1.17-dev.24af54e - Mend

@squadbase/vite-server 0.1.12-dev.a9ac647 → 0.1.17-dev.24af54e

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/dist/cli/index.js +12374 -883
package/dist/connectors/airtable-oauth.js +257 -46
package/dist/connectors/airtable.js +294 -51
package/dist/connectors/amplitude.js +297 -47
package/dist/connectors/anthropic.js +135 -47
package/dist/connectors/asana.js +302 -49
package/dist/connectors/attio.js +277 -49
package/dist/connectors/aws-billing.js +262 -46
package/dist/connectors/azure-sql.js +396 -102
package/dist/connectors/backlog-api-key.js +292 -47
package/dist/connectors/clickup.js +313 -49
package/dist/connectors/cosmosdb.js +280 -50
package/dist/connectors/customerio.js +294 -47
package/dist/connectors/dbt.js +315 -47
package/dist/connectors/freshdesk.js +317 -53
package/dist/connectors/freshsales.js +308 -52
package/dist/connectors/freshservice.js +336 -53
package/dist/connectors/gamma.js +302 -52
package/dist/connectors/gemini.js +134 -47
package/dist/connectors/github.js +361 -49
package/dist/connectors/gmail-oauth.js +179 -7
package/dist/connectors/gmail.js +325 -47
package/dist/connectors/google-ads.js +263 -46
package/dist/connectors/google-analytics-oauth.js +285 -46
package/dist/connectors/google-analytics.js +387 -49
package/dist/connectors/google-audit-log.js +413 -47
package/dist/connectors/google-calendar-oauth.js +234 -46
package/dist/connectors/google-calendar.js +334 -47
package/dist/connectors/google-docs.js +195 -6
package/dist/connectors/google-drive.js +237 -5
package/dist/connectors/google-search-console-oauth.js +231 -46
package/dist/connectors/google-sheets.js +247 -47
package/dist/connectors/google-slides.js +180 -6
package/dist/connectors/grafana.js +307 -49
package/dist/connectors/hubspot-oauth.js +183 -5
package/dist/connectors/hubspot.js +281 -49
package/dist/connectors/influxdb.js +391 -51
package/dist/connectors/intercom-oauth.js +185 -5
package/dist/connectors/intercom.js +277 -49
package/dist/connectors/jdbc.js +737 -110
package/dist/connectors/jira-api-key.js +301 -47
package/dist/connectors/kintone-api-token.js +256 -47
package/dist/connectors/kintone.js +303 -47
package/dist/connectors/linear.js +305 -49
package/dist/connectors/linkedin-ads.js +243 -50
package/dist/connectors/mailchimp-oauth.js +243 -46
package/dist/connectors/mailchimp.js +295 -49
package/dist/connectors/meta-ads-oauth.js +248 -48
package/dist/connectors/meta-ads.js +260 -50
package/dist/connectors/mixpanel.js +313 -47
package/dist/connectors/monday.js +335 -49
package/dist/connectors/mongodb.js +294 -57
package/dist/connectors/notion-oauth.js +206 -5
package/dist/connectors/notion.js +298 -51
package/dist/connectors/openai.js +134 -47
package/dist/connectors/oracle.js +414 -103
package/dist/connectors/outlook-oauth.js +179 -5
package/dist/connectors/powerbi-oauth.js +226 -5
package/dist/connectors/salesforce.js +359 -49
package/dist/connectors/semrush.js +289 -49
package/dist/connectors/sentry.js +264 -50
package/dist/connectors/shopify-oauth.js +162 -5
package/dist/connectors/shopify.js +332 -47
package/dist/connectors/sqlserver.js +390 -102
package/dist/connectors/stripe-api-key.js +244 -46
package/dist/connectors/stripe-oauth.js +177 -5
package/dist/connectors/supabase.js +278 -48
package/dist/connectors/tableau.js +389 -184
package/dist/connectors/tiktok-ads.js +254 -48
package/dist/connectors/wix-store.js +295 -49
package/dist/connectors/zendesk-oauth.js +214 -5
package/dist/connectors/zendesk.js +333 -47
package/dist/index.d.ts +149 -1
package/dist/index.js +13677 -1969
package/dist/main.js +13627 -1927
package/dist/vite-plugin.js +12391 -890
package/package.json +1 -1

package/dist/connectors/azure-sql.js CHANGED Viewed

@@ -1,101 +1,64 @@
-// ../connectors/src/parameter-definition.ts
-var ParameterDefinition = class {
-  slug;
-  name;
-  description;
-  envVarBaseKey;
-  type;
-  secret;
-  required;
-  constructor(config) {
-    this.slug = config.slug;
-    this.name = config.name;
-    this.description = config.description;
-    this.envVarBaseKey = config.envVarBaseKey;
-    this.type = config.type;
-    this.secret = config.secret;
-    this.required = config.required;
-  }
-  /**
-   * Get the parameter value from a ConnectorConnectionObject.
-   */
-  getValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) {
-      throw new Error(
-        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
-      );
-    }
-    return param.value;
-  }
-  /**
-   * Try to get the parameter value. Returns undefined if not found (for optional params).
-   */
-  tryGetValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) return void 0;
-    return param.value;
-  }
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
-// ../connectors/src/lib/ssh-tunnel.ts
-var sshTunnelParameters = {
-  sshHost: new ParameterDefinition({
-    slug: "ssh-host",
-    name: "SSH Tunnel Host",
-    description: "Optional. Hostname of the SSH bastion to tunnel through. Leave empty to connect directly.",
-    envVarBaseKey: "SSH_TUNNEL_HOST",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshPort: new ParameterDefinition({
-    slug: "ssh-port",
-    name: "SSH Tunnel Port",
-    description: "Optional. SSH port of the bastion host (default: 22).",
-    envVarBaseKey: "SSH_TUNNEL_PORT",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshUsername: new ParameterDefinition({
-    slug: "ssh-username",
-    name: "SSH Tunnel Username",
-    description: "Optional. Username for SSH authentication. Required when SSH Tunnel Host is set.",
-    envVarBaseKey: "SSH_TUNNEL_USERNAME",
-    type: "text",
-    secret: false,
-    required: false
-  }),
-  sshPrivateKeyBase64: new ParameterDefinition({
-    slug: "ssh-private-key-base64",
-    name: "SSH Private Key",
-    description: "Optional. Private key (PEM, base64-encoded) used for SSH authentication. Required when SSH Tunnel Host is set.",
-    envVarBaseKey: "SSH_TUNNEL_PRIVATE_KEY_BASE64",
-    type: "base64EncodedText",
-    secret: true,
-    required: false
-  }),
-  sshPassphrase: new ParameterDefinition({
-    slug: "ssh-passphrase",
-    name: "SSH Private Key Passphrase",
-    description: "Optional. Passphrase for the SSH private key, if it is encrypted.",
-    envVarBaseKey: "SSH_TUNNEL_PASSPHRASE",
-    type: "text",
-    secret: true,
-    required: false
-  })
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
 };
-var NOOP_TUNNEL_HOSTPORT = (host, port) => ({
-  host,
-  port,
-  close: async () => {
+// ../connectors/src/parameter-definition.ts
+var ParameterDefinition;
+var init_parameter_definition = __esm({
+  "../connectors/src/parameter-definition.ts"() {
+    "use strict";
+    ParameterDefinition = class {
+      slug;
+      name;
+      description;
+      envVarBaseKey;
+      type;
+      secret;
+      required;
+      constructor(config) {
+        this.slug = config.slug;
+        this.name = config.name;
+        this.description = config.description;
+        this.envVarBaseKey = config.envVarBaseKey;
+        this.type = config.type;
+        this.secret = config.secret;
+        this.required = config.required;
+      }
+      /**
+       * Get the parameter value from a ConnectorConnectionObject.
+       */
+      getValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) {
+          throw new Error(
+            `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+          );
+        }
+        return param.value;
+      }
+      /**
+       * Try to get the parameter value. Returns undefined if not found (for optional params).
+       */
+      tryGetValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) return void 0;
+        return param.value;
+      }
+    };
   }
 });
+// ../connectors/src/lib/ssh-tunnel.ts
 function connectionParamsToRecord(connection2) {
   const out = {};
   for (const p of connection2.parameters) {
@@ -166,11 +129,68 @@ async function maybeOpenSshTunnelHostPort(params, dbHost, dbPort) {
     }
   };
 }
+var sshTunnelParameters, NOOP_TUNNEL_HOSTPORT;
+var init_ssh_tunnel = __esm({
+  "../connectors/src/lib/ssh-tunnel.ts"() {
+    "use strict";
+    init_parameter_definition();
+    sshTunnelParameters = {
+      sshHost: new ParameterDefinition({
+        slug: "ssh-host",
+        name: "SSH Tunnel Host",
+        description: "Optional. Hostname of the SSH bastion to tunnel through. Leave empty to connect directly.",
+        envVarBaseKey: "SSH_TUNNEL_HOST",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshPort: new ParameterDefinition({
+        slug: "ssh-port",
+        name: "SSH Tunnel Port",
+        description: "Optional. SSH port of the bastion host (default: 22).",
+        envVarBaseKey: "SSH_TUNNEL_PORT",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshUsername: new ParameterDefinition({
+        slug: "ssh-username",
+        name: "SSH Tunnel Username",
+        description: "Optional. Username for SSH authentication. Required when SSH Tunnel Host is set.",
+        envVarBaseKey: "SSH_TUNNEL_USERNAME",
+        type: "text",
+        secret: false,
+        required: false
+      }),
+      sshPrivateKeyBase64: new ParameterDefinition({
+        slug: "ssh-private-key-base64",
+        name: "SSH Private Key",
+        description: "Optional. Private key (PEM, base64-encoded) used for SSH authentication. Required when SSH Tunnel Host is set.",
+        envVarBaseKey: "SSH_TUNNEL_PRIVATE_KEY_BASE64",
+        type: "base64EncodedText",
+        secret: true,
+        required: false
+      }),
+      sshPassphrase: new ParameterDefinition({
+        slug: "ssh-passphrase",
+        name: "SSH Private Key Passphrase",
+        description: "Optional. Passphrase for the SSH private key, if it is encrypted.",
+        envVarBaseKey: "SSH_TUNNEL_PASSPHRASE",
+        type: "text",
+        secret: true,
+        required: false
+      })
+    };
+    NOOP_TUNNEL_HOSTPORT = (host, port) => ({
+      host,
+      port,
+      close: async () => {
+      }
+    });
+  }
+});
 // ../connectors/src/connectors/sqlserver/utils.ts
-var SQLSERVER_PREFIX_RE = /^(?:jdbc:)?sqlserver:\/\//i;
-var TRUE_VALUES = /* @__PURE__ */ new Set(["true", "1", "yes"]);
-var FALSE_VALUES = /* @__PURE__ */ new Set(["false", "0", "no"]);
 function parseBoolean(value) {
   if (value == null) return void 0;
   const lower = value.toLowerCase();
@@ -237,8 +257,34 @@ function toMssqlConfig(parsed, defaults = {}) {
 function redactSqlServerUrl(jdbcUrl) {
   return jdbcUrl.replace(/(:\/\/)([^@/;]+)@/, "$1***@").replace(/(password\s*=\s*)([^;]+)/gi, "$1***");
 }
+async function runSqlServerSetupQuery(params, sql, forceEncrypt) {
+  const { runMssqlQuery: runMssqlQuery2 } = await Promise.resolve().then(() => (init_mssql_runner(), mssql_runner_exports));
+  const parsed = parseSqlServerJdbcUrl(params["jdbc-url"] ?? "", {
+    username: params["username"],
+    password: params["password"]
+  });
+  const result = await runMssqlQuery2(parsed, sql, {
+    forceEncrypt,
+    tunnelParams: params
+  });
+  return result.rows;
+}
+var SQLSERVER_PREFIX_RE, TRUE_VALUES, FALSE_VALUES;
+var init_utils = __esm({
+  "../connectors/src/connectors/sqlserver/utils.ts"() {
+    "use strict";
+    SQLSERVER_PREFIX_RE = /^(?:jdbc:)?sqlserver:\/\//i;
+    TRUE_VALUES = /* @__PURE__ */ new Set(["true", "1", "yes"]);
+    FALSE_VALUES = /* @__PURE__ */ new Set(["false", "0", "no"]);
+  }
+});
 // ../connectors/src/lib/mssql-runner.ts
+var mssql_runner_exports = {};
+__export(mssql_runner_exports, {
+  checkMssqlConnection: () => checkMssqlConnection,
+  runMssqlQuery: () => runMssqlQuery
+});
 async function importMssql() {
   const mod = await import("mssql");
   return mod.default ?? mod;
@@ -287,8 +333,21 @@ async function checkMssqlConnection(url, credentials, options = {}) {
     return { success: false, error: msg };
   }
 }
+var init_mssql_runner = __esm({
+  "../connectors/src/lib/mssql-runner.ts"() {
+    "use strict";
+    init_ssh_tunnel();
+    init_utils();
+  }
+});
+// ../connectors/src/connectors/azure-sql/sdk/index.ts
+init_mssql_runner();
+init_utils();
 // ../connectors/src/connectors/azure-sql/parameters.ts
+init_parameter_definition();
+init_ssh_tunnel();
 var parameters = {
   jdbcUrl: new ParameterDefinition({
     slug: "jdbc-url",
@@ -405,6 +464,28 @@ var ConnectorPlugin = class _ConnectorPlugin {
   tools;
   query;
   checkConnection;
+  /**
+   * SQPD-1212: Logic-based, rule-driven connection setup. Connectors that
+   * implement this expose a step-by-step exploration flow (database/schema/
+   * table/etc. discovery) that the dashboard backend drives via the
+   * `/connections/:connectionId/setup` endpoint. Implement by delegating to
+   * `runSetupFlow` from `setup-flow.ts`.
+   */
+  setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -421,6 +502,8 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.tools = config.tools;
     this.query = config.query;
     this.checkConnection = config.checkConnection;
+    this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -485,6 +568,51 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      answerIdx += 1;
+      continue;
+    }
+    if (step.type === "text") {
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text"
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return { type: "fulfilled", dataInvestigationResult };
+}
+async function resolveSetupSelection(params) {
+  const { selected, allSentinel, fetchAll, limit } = params;
+  const resolved = selected.includes(allSentinel) ? await fetchAll() : selected.filter((v) => v !== allSentinel);
+  return resolved.slice(0, limit);
+}
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -511,6 +639,142 @@ function unwrapSampleLimit(sql) {
   return { inner, limit };
 }
+// ../connectors/src/connectors/sqlserver/setup-flow.ts
+init_utils();
+var ALL_TABLES = "__ALL_TABLES__";
+var SQLSERVER_SETUP_MAX_TABLES = 20;
+var INTERNAL_SCHEMAS = /* @__PURE__ */ new Set([
+  "sys",
+  "information_schema",
+  "guest",
+  "db_owner",
+  "db_accessadmin",
+  "db_securityadmin",
+  "db_ddladmin",
+  "db_backupoperator",
+  "db_datareader",
+  "db_datawriter",
+  "db_denydatareader",
+  "db_denydatawriter"
+]);
+function isInternalSchema(name) {
+  return INTERNAL_SCHEMAS.has(name.toLowerCase());
+}
+function quoteLiteral(value) {
+  return "'" + value.replace(/'/g, "''") + "'";
+}
+function buildFlow(options) {
+  const { connectorName, forceEncrypt } = options;
+  async function fetchTableNames(params, schema) {
+    const rows = await runSqlServerSetupQuery(
+      params,
+      `SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
+       WHERE TABLE_TYPE IN ('BASE TABLE', 'VIEW')
+         AND TABLE_SCHEMA = ${quoteLiteral(schema)}
+       ORDER BY TABLE_NAME`,
+      forceEncrypt
+    );
+    return rows.map((r) => String(r["TABLE_NAME"] ?? "")).filter((name) => name);
+  }
+  return {
+    initialState: () => ({}),
+    steps: [
+      {
+        slug: "schema",
+        type: "select",
+        question: {
+          ja: "\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u306B\u4F7F\u3046\u30B9\u30AD\u30FC\u30DE\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044",
+          en: "Select the schema to use for setup"
+        },
+        async fetchOptions(_state, rt) {
+          const rows = await runSqlServerSetupQuery(
+            rt.params,
+            `SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA ORDER BY SCHEMA_NAME`,
+            forceEncrypt
+          );
+          return rows.map((r) => String(r["SCHEMA_NAME"] ?? "")).filter((name) => name && !isInternalSchema(name)).map((value) => ({ value }));
+        },
+        applyAnswer: (state, answer) => ({ ...state, schema: answer[0] })
+      },
+      {
+        slug: "tables",
+        type: "multiSelect",
+        question: {
+          ja: "\u5BFE\u8C61\u30C6\u30FC\u30D6\u30EB\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+          en: "Select target tables (multi-select allowed)"
+        },
+        async fetchOptions(state, rt) {
+          if (!state.schema) return [];
+          const names = await fetchTableNames(rt.params, state.schema);
+          const tableOptions = names.map((value) => ({ value }));
+          return [
+            {
+              value: ALL_TABLES,
+              label: rt.language === "ja" ? "\u3059\u3079\u3066\u306E\u30C6\u30FC\u30D6\u30EB" : "All tables"
+            },
+            ...tableOptions
+          ];
+        },
+        applyAnswer: (state, answer) => ({ ...state, tables: answer })
+      }
+    ],
+    async finalize(state, rt) {
+      if (!state.schema || !state.tables) {
+        throw new Error(`${connectorName} setup: incomplete state on finalize`);
+      }
+      const schema = state.schema;
+      const targetTables = await resolveSetupSelection({
+        selected: state.tables,
+        allSentinel: ALL_TABLES,
+        fetchAll: () => fetchTableNames(rt.params, schema),
+        limit: SQLSERVER_SETUP_MAX_TABLES
+      });
+      const sections = [
+        `## ${connectorName}`,
+        "",
+        `### Schema: ${schema}`,
+        ""
+      ];
+      for (const table of targetTables) {
+        const cols = await runSqlServerSetupQuery(
+          rt.params,
+          `SELECT COLUMN_NAME, DATA_TYPE, IS_NULLABLE, COLUMN_DEFAULT
+           FROM INFORMATION_SCHEMA.COLUMNS
+           WHERE TABLE_SCHEMA = ${quoteLiteral(schema)}
+             AND TABLE_NAME = ${quoteLiteral(table)}
+           ORDER BY ORDINAL_POSITION`,
+          forceEncrypt
+        );
+        sections.push(`#### Table: ${table}`, "");
+        sections.push("| Column | Type | Nullable | Default |");
+        sections.push("|--------|------|----------|---------|");
+        for (const c of cols) {
+          const name = String(c["COLUMN_NAME"] ?? "");
+          const type = String(c["DATA_TYPE"] ?? "");
+          const nullable = String(c["IS_NULLABLE"] ?? "");
+          const defaultValue = c["COLUMN_DEFAULT"] == null ? "-" : String(c["COLUMN_DEFAULT"]);
+          sections.push(
+            `| ${name} | ${type} | ${nullable} | ${defaultValue} |`
+          );
+        }
+        sections.push("");
+      }
+      return sections.join("\n");
+    }
+  };
+}
+function createSqlServerSetupFlow(options) {
+  return buildFlow(options);
+}
+var sqlserverSetupFlow = createSqlServerSetupFlow({
+  connectorName: "SQL Server",
+  forceEncrypt: false
+});
+// ../connectors/src/connectors/azure-sql/index.ts
+init_mssql_runner();
+init_utils();
 // ../connectors/src/connectors/azure-sql/setup.ts
 var azureSqlOnboarding = new ConnectorOnboarding({
   dataOverviewInstructions: {
@@ -525,8 +789,17 @@ var azureSqlOnboarding = new ConnectorOnboarding({
   }
 });
+// ../connectors/src/connectors/azure-sql/setup-flow.ts
+var azureSqlSetupFlow = createSqlServerSetupFlow({
+  connectorName: "Azure SQL",
+  forceEncrypt: true
+});
 // ../connectors/src/connectors/azure-sql/tools/execute-query.ts
 import { z } from "zod";
+init_mssql_runner();
+init_ssh_tunnel();
+init_utils();
 var MAX_ROWS = 500;
 var inputSchema = z.object({
   toolUseIntent: z.string().optional().describe(
@@ -649,6 +922,7 @@ The business logic type for this connector is "sql".
 - \u884C\u6570\u5236\u9650\u306E\u4E92\u63DB\u6027: \u30D7\u30E9\u30C3\u30C8\u30D5\u30A9\u30FC\u30E0\u306E server-logic \u30B9\u30AD\u30FC\u30DE\u63A8\u8AD6\u306F\u3001\u30AF\u30A8\u30EA\u3092 \`SELECT * FROM (<inner>) AS _sq LIMIT N\` \u306E\u5F62\u3067\u30E9\u30C3\u30D7\u3057\u3066\u304F\u308B\u3053\u3068\u304C\u3042\u308A\u307E\u3059\u3002T-SQL \u306B\u306F \`LIMIT\` \u304C\u7121\u3044\u305F\u3081\u3001\u30B3\u30CD\u30AF\u30BF\u306F \`query()\` \u5185\u3067\u3053\u306E\u30E9\u30C3\u30D1\u3092\u691C\u51FA\u3057\u3001\`<inner>\` \u3092\u305D\u306E\u307E\u307E\u5B9F\u884C\u3057\u3066 JS \u5074\u3067\u5148\u982D N \u884C\u306B\u5207\u308A\u8A70\u3081\u307E\u3059\u3002\u5229\u7528\u8005\u5074\u3067\u5BFE\u51E6\u3059\u308B\u5FC5\u8981\u306F\u3042\u308A\u307E\u305B\u3093\u304C\u3001\u81EA\u5206\u3067\u66F8\u304F SQL \u3067\u306F \`LIMIT\` \u3092\u4F7F\u308F\u305A \`TOP\` / \`OFFSET ... FETCH NEXT\` \u3092\u4F7F\u3063\u3066\u304F\u3060\u3055\u3044\u3002`
   },
   tools,
+  setup: (params, ctx, config) => runSetupFlow(azureSqlSetupFlow, params, ctx, config),
   async checkConnection(params, _config) {
     return checkMssqlConnection(
       params[parameters.jdbcUrl.slug],
@@ -705,6 +979,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -713,6 +988,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -722,10 +1002,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -751,10 +1038,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -762,6 +1048,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {