npm - @supabase/pg-delta - Versions diffs - 1.0.0-alpha.22 → 1.0.0-alpha.23 - Mend

@supabase/pg-delta 1.0.0-alpha.22 → 1.0.0-alpha.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (220) hide show

package/dist/core/objects/sequence/changes/sequence.security-label.js ADDED Viewed

@@ -0,0 +1,61 @@
+import { quoteLiteral } from "../../base.change.js";
+import { stableId } from "../../utils.js";
+import { CreateSequenceChange, DropSequenceChange } from "./sequence.base.js";
+export class CreateSecurityLabelOnSequence extends CreateSequenceChange {
+    sequence;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.sequence = props.sequence;
+        this.securityLabel = props.securityLabel;
+    }
+    get creates() {
+        return [
+            stableId.securityLabel(this.sequence.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [this.sequence.stableId];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON SEQUENCE",
+            `${this.sequence.schema}.${this.sequence.name}`,
+            "IS",
+            quoteLiteral(this.securityLabel.label),
+        ].join(" ");
+    }
+}
+export class DropSecurityLabelOnSequence extends DropSequenceChange {
+    sequence;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.sequence = props.sequence;
+        this.securityLabel = props.securityLabel;
+    }
+    get drops() {
+        return [
+            stableId.securityLabel(this.sequence.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [
+            stableId.securityLabel(this.sequence.stableId, this.securityLabel.provider),
+            this.sequence.stableId,
+        ];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON SEQUENCE",
+            `${this.sequence.schema}.${this.sequence.name}`,
+            "IS NULL",
+        ].join(" ");
+    }
+}

package/dist/core/objects/sequence/changes/sequence.types.d.ts CHANGED Viewed

@@ -3,5 +3,6 @@ import type { CommentSequence } from "./sequence.comment.ts";
 import type { CreateSequence } from "./sequence.create.ts";
 import type { DropSequence } from "./sequence.drop.ts";
 import type { SequencePrivilege } from "./sequence.privilege.ts";
+import type { SecurityLabelSequence } from "./sequence.security-label.ts";
 /** Union of all sequence-related change variants (`objectType: "sequence"`). @category Change Types */
-export type SequenceChange = AlterSequence | CommentSequence | CreateSequence | DropSequence | SequencePrivilege;
+export type SequenceChange = AlterSequence | CommentSequence | CreateSequence | DropSequence | SequencePrivilege | SecurityLabelSequence;

package/dist/core/objects/sequence/sequence.diff.js CHANGED Viewed

@@ -1,5 +1,6 @@
 import { diffObjects } from "../base.diff.js";
 import { diffPrivileges, emitObjectPrivilegeChanges, } from "../base.privilege-diff.js";
+import { diffSecurityLabels } from "../security-label.types.js";
 import { AlterTableAlterColumnSetDefault } from "../table/changes/table.alter.js";
 import { hasNonAlterableChanges } from "../utils.js";
 import { AlterSequenceSetOptions, AlterSequenceSetOwnedBy, } from "./changes/sequence.alter.js";
@@ -7,6 +8,7 @@ import { CreateCommentOnSequence, DropCommentOnSequence, } from "./changes/seque
 import { CreateSequence } from "./changes/sequence.create.js";
 import { DropSequence } from "./changes/sequence.drop.js";
 import { GrantSequencePrivileges, RevokeGrantOptionSequencePrivileges, RevokeSequencePrivileges, } from "./changes/sequence.privilege.js";
+import { CreateSecurityLabelOnSequence, DropSecurityLabelOnSequence, } from "./changes/sequence.security-label.js";
 /**
  * Diff two sets of sequences from main and branch catalogs.
  *
@@ -26,6 +28,12 @@ export function diffSequences(ctx, main, branch, branchTables = {}, mainTables =
         if (createdSeq.comment !== null) {
             changes.push(new CreateCommentOnSequence({ sequence: createdSeq }));
         }
+        for (const label of createdSeq.security_labels) {
+            changes.push(new CreateSecurityLabelOnSequence({
+                sequence: createdSeq,
+                securityLabel: label,
+            }));
+        }
         // If the created sequence is OWNED BY a column, emit an ALTER to set it
         if (createdSeq.owned_by_schema !== null &&
             createdSeq.owned_by_table !== null &&
@@ -229,6 +237,14 @@ export function diffSequences(ctx, main, branch, branchTables = {}, mainTables =
                     changes.push(new CreateCommentOnSequence({ sequence: branchSequence }));
                 }
             }
+            // SECURITY LABELS
+            changes.push(...diffSecurityLabels(mainSequence.security_labels, branchSequence.security_labels, (securityLabel) => new CreateSecurityLabelOnSequence({
+                sequence: branchSequence,
+                securityLabel,
+            }), (securityLabel) => new DropSecurityLabelOnSequence({
+                sequence: mainSequence,
+                securityLabel,
+            })));
             // PRIVILEGES
             // Filter out owner privileges - owner always has ALL privileges implicitly
             // and shouldn't be compared. Use branch owner as the reference.

package/dist/core/objects/sequence/sequence.model.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@ import type { Pool } from "pg";
 import z from "zod";
 import { BasePgModel } from "../base.model.ts";
 import { type PrivilegeProps } from "../base.privilege-diff.ts";
+import { type SecurityLabelProps } from "../security-label.types.ts";
 declare const sequencePropsSchema: z.ZodObject<{
     schema: z.ZodString;
     name: z.ZodString;
@@ -24,6 +25,10 @@ declare const sequencePropsSchema: z.ZodObject<{
         columns: z.ZodOptional<z.ZodNullable<z.ZodArray<z.ZodString>>>;
     }, z.z.core.$strip>>;
     owner: z.ZodString;
+    security_labels: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        provider: z.ZodString;
+        label: z.ZodString;
+    }, z.z.core.$strip>>>>;
 }, z.z.core.$strip>;
 type SequencePrivilegeProps = PrivilegeProps;
 export type SequenceProps = z.infer<typeof sequencePropsSchema>;
@@ -44,6 +49,7 @@ export declare class Sequence extends BasePgModel {
     readonly comment: SequenceProps["comment"];
     readonly privileges: SequencePrivilegeProps[];
     readonly owner: SequenceProps["owner"];
+    readonly security_labels: SecurityLabelProps[];
     constructor(props: SequenceProps);
     get stableId(): `sequence:${string}`;
     get identityFields(): {
@@ -70,6 +76,10 @@ export declare class Sequence extends BasePgModel {
             columns?: string[] | null | undefined;
         }[];
         owner: string;
+        security_labels: {
+            provider: string;
+            label: string;
+        }[];
     };
 }
 export declare function extractSequences(pool: Pool): Promise<Sequence[]>;

package/dist/core/objects/sequence/sequence.model.js CHANGED Viewed

@@ -2,6 +2,7 @@ import { sql } from "@ts-safeql/sql-tag";
 import z from "zod";
 import { BasePgModel } from "../base.model.js";
 import { privilegePropsSchema, } from "../base.privilege-diff.js";
+import { securityLabelPropsSchema, } from "../security-label.types.js";
 const sequencePropsSchema = z.object({
     schema: z.string(),
     name: z.string(),
@@ -19,6 +20,7 @@ const sequencePropsSchema = z.object({
     comment: z.string().nullable(),
     privileges: z.array(privilegePropsSchema),
     owner: z.string(),
+    security_labels: z.array(securityLabelPropsSchema).default([]).optional(),
 });
 export class Sequence extends BasePgModel {
     schema;
@@ -37,6 +39,7 @@ export class Sequence extends BasePgModel {
     comment;
     privileges;
     owner;
+    security_labels;
     constructor(props) {
         super();
         // Identity fields
@@ -57,6 +60,7 @@ export class Sequence extends BasePgModel {
         this.comment = props.comment;
         this.privileges = props.privileges;
         this.owner = props.owner;
+        this.security_labels = props.security_labels ?? [];
     }
     get stableId() {
         return `sequence:${this.schema}.${this.name}`;
@@ -83,6 +87,7 @@ export class Sequence extends BasePgModel {
             comment: this.comment,
             privileges: this.privileges,
             owner: this.owner,
+            security_labels: this.security_labels,
         };
     }
 }
@@ -135,7 +140,20 @@ select
       from lateral aclexplode(COALESCE(c.relacl, acldefault('S', c.relowner))) as x(grantor, grantee, privilege_type, is_grantable)
     ), '[]'
   ) as privileges,
-  c.relowner::regrole::text as owner
+  c.relowner::regrole::text as owner,
+  coalesce(
+    (
+      select json_agg(
+        json_build_object('provider', sl.provider, 'label', sl.label)
+        order by sl.provider
+      )
+      from pg_catalog.pg_seclabel sl
+      where sl.objoid = c.oid
+        and sl.classoid = 'pg_class'::regclass
+        and sl.objsubid = 0
+    ),
+    '[]'::json
+  ) as security_labels
 from
   pg_catalog.pg_class c
   inner join pg_catalog.pg_sequence s on s.seqrelid = c.oid

package/dist/core/objects/subscription/changes/subscription.base.d.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { BaseChange } from "../../base.change.ts";
 import type { Subscription } from "../subscription.model.ts";
 declare abstract class BaseSubscriptionChange extends BaseChange {
     abstract readonly subscription: Subscription;
-    abstract readonly scope: "object" | "comment";
+    abstract readonly scope: "object" | "comment" | "security_label";
     readonly objectType: "subscription";
 }
 export declare abstract class CreateSubscriptionChange extends BaseSubscriptionChange {

package/dist/core/objects/subscription/changes/subscription.security-label.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import type { SecurityLabelProps } from "../../security-label.types.ts";
+import type { Subscription } from "../subscription.model.ts";
+import { CreateSubscriptionChange, DropSubscriptionChange } from "./subscription.base.ts";
+export type SecurityLabelSubscription = CreateSecurityLabelOnSubscription | DropSecurityLabelOnSubscription;
+export declare class CreateSecurityLabelOnSubscription extends CreateSubscriptionChange {
+    readonly subscription: Subscription;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        subscription: Subscription;
+        securityLabel: SecurityLabelProps;
+    });
+    get creates(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): `subscription:${string}`[];
+    serialize(): string;
+}
+export declare class DropSecurityLabelOnSubscription extends DropSubscriptionChange {
+    readonly subscription: Subscription;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        subscription: Subscription;
+        securityLabel: SecurityLabelProps;
+    });
+    get drops(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): (`securityLabel:${string}::provider:${string}` | `subscription:${string}`)[];
+    serialize(): string;
+}

package/dist/core/objects/subscription/changes/subscription.security-label.js ADDED Viewed

@@ -0,0 +1,61 @@
+import { quoteLiteral } from "../../base.change.js";
+import { stableId } from "../../utils.js";
+import { CreateSubscriptionChange, DropSubscriptionChange, } from "./subscription.base.js";
+export class CreateSecurityLabelOnSubscription extends CreateSubscriptionChange {
+    subscription;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.subscription = props.subscription;
+        this.securityLabel = props.securityLabel;
+    }
+    get creates() {
+        return [
+            stableId.securityLabel(this.subscription.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [this.subscription.stableId];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON SUBSCRIPTION",
+            this.subscription.name,
+            "IS",
+            quoteLiteral(this.securityLabel.label),
+        ].join(" ");
+    }
+}
+export class DropSecurityLabelOnSubscription extends DropSubscriptionChange {
+    subscription;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.subscription = props.subscription;
+        this.securityLabel = props.securityLabel;
+    }
+    get drops() {
+        return [
+            stableId.securityLabel(this.subscription.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [
+            stableId.securityLabel(this.subscription.stableId, this.securityLabel.provider),
+            this.subscription.stableId,
+        ];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON SUBSCRIPTION",
+            this.subscription.name,
+            "IS NULL",
+        ].join(" ");
+    }
+}

package/dist/core/objects/subscription/changes/subscription.types.d.ts CHANGED Viewed

@@ -2,5 +2,6 @@ import type { AlterSubscriptionDisable, AlterSubscriptionEnable, AlterSubscripti
 import type { CommentSubscription } from "./subscription.comment.ts";
 import type { CreateSubscription } from "./subscription.create.ts";
 import type { DropSubscription } from "./subscription.drop.ts";
+import type { SecurityLabelSubscription } from "./subscription.security-label.ts";
 /** Union of all subscription-related change variants (`objectType: "subscription"`). @category Change Types */
-export type SubscriptionChange = CreateSubscription | DropSubscription | AlterSubscriptionSetConnection | AlterSubscriptionSetPublication | AlterSubscriptionEnable | AlterSubscriptionDisable | AlterSubscriptionSetOptions | AlterSubscriptionSetOwner | CommentSubscription;
+export type SubscriptionChange = CreateSubscription | DropSubscription | AlterSubscriptionSetConnection | AlterSubscriptionSetPublication | AlterSubscriptionEnable | AlterSubscriptionDisable | AlterSubscriptionSetOptions | AlterSubscriptionSetOwner | CommentSubscription | SecurityLabelSubscription;

package/dist/core/objects/subscription/subscription.diff.js CHANGED Viewed

@@ -1,9 +1,11 @@
 import { diffObjects } from "../base.diff.js";
+import { diffSecurityLabels } from "../security-label.types.js";
 import { hasNonAlterableChanges } from "../utils.js";
 import { AlterSubscriptionDisable, AlterSubscriptionEnable, AlterSubscriptionSetConnection, AlterSubscriptionSetOptions, AlterSubscriptionSetOwner, AlterSubscriptionSetPublication, } from "./changes/subscription.alter.js";
 import { CreateCommentOnSubscription, DropCommentOnSubscription, } from "./changes/subscription.comment.js";
 import { CreateSubscription } from "./changes/subscription.create.js";
 import { DropSubscription } from "./changes/subscription.drop.js";
+import { CreateSecurityLabelOnSubscription, DropSecurityLabelOnSubscription, } from "./changes/subscription.security-label.js";
 const NON_ALTERABLE_FIELDS = [
     "two_phase",
 ];
@@ -35,6 +37,12 @@ export function diffSubscriptions(ctx, main, branch) {
         if (subscription.comment !== null) {
             changes.push(new CreateCommentOnSubscription({ subscription }));
         }
+        for (const label of subscription.security_labels) {
+            changes.push(new CreateSecurityLabelOnSubscription({
+                subscription,
+                securityLabel: label,
+            }));
+        }
     }
     for (const id of dropped) {
         changes.push(new DropSubscription({ subscription: main[id] }));
@@ -162,6 +170,14 @@ export function diffSubscriptions(ctx, main, branch) {
                 }));
             }
         }
+        // SECURITY LABELS
+        changes.push(...diffSecurityLabels(mainSubscription.security_labels, branchSubscription.security_labels, (securityLabel) => new CreateSecurityLabelOnSubscription({
+            subscription: branchSubscription,
+            securityLabel,
+        }), (securityLabel) => new DropSecurityLabelOnSubscription({
+            subscription: mainSubscription,
+            securityLabel,
+        })));
     }
     return changes;
 }

package/dist/core/objects/subscription/subscription.model.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import type { Pool } from "pg";
 import z from "zod";
 import { BasePgModel } from "../base.model.ts";
+import { type SecurityLabelProps } from "../security-label.types.ts";
 declare const subscriptionPropsSchema: z.ZodObject<{
     name: z.ZodString;
     raw_name: z.ZodString;
@@ -28,6 +29,10 @@ declare const subscriptionPropsSchema: z.ZodObject<{
         any: "any";
         none: "none";
     }>;
+    security_labels: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        provider: z.ZodString;
+        label: z.ZodString;
+    }, z.z.core.$strip>>>>;
 }, z.z.core.$strip>;
 export type SubscriptionProps = z.infer<typeof subscriptionPropsSchema>;
 export declare class Subscription extends BasePgModel {
@@ -50,6 +55,7 @@ export declare class Subscription extends BasePgModel {
     readonly synchronous_commit: SubscriptionProps["synchronous_commit"];
     readonly publications: SubscriptionProps["publications"];
     readonly origin: SubscriptionProps["origin"];
+    readonly security_labels: SecurityLabelProps[];
     constructor(props: SubscriptionProps);
     get stableId(): `subscription:${string}`;
     get identityFields(): {
@@ -74,6 +80,10 @@ export declare class Subscription extends BasePgModel {
         synchronous_commit: string;
         publications: string[];
         origin: "any" | "none";
+        security_labels: {
+            provider: string;
+            label: string;
+        }[];
     };
 }
 export declare function extractSubscriptions(pool: Pool): Promise<Subscription[]>;

package/dist/core/objects/subscription/subscription.model.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import z from "zod";
 import { extractVersion } from "../../context.js";
 import { BasePgModel } from "../base.model.js";
+import { securityLabelPropsSchema, } from "../security-label.types.js";
 const subscriptionPropsSchema = z.object({
     name: z.string(),
     raw_name: z.string(),
@@ -21,6 +22,7 @@ const subscriptionPropsSchema = z.object({
     synchronous_commit: z.string(),
     publications: z.array(z.string()),
     origin: z.enum(["any", "none"]),
+    security_labels: z.array(securityLabelPropsSchema).default([]).optional(),
 });
 export class Subscription extends BasePgModel {
     name;
@@ -42,6 +44,7 @@ export class Subscription extends BasePgModel {
     synchronous_commit;
     publications;
     origin;
+    security_labels;
     constructor(props) {
         super();
         this.name = props.name;
@@ -63,6 +66,7 @@ export class Subscription extends BasePgModel {
         this.synchronous_commit = props.synchronous_commit;
         this.publications = [...props.publications].sort((a, b) => a.localeCompare(b));
         this.origin = props.origin;
+        this.security_labels = props.security_labels ?? [];
     }
     get stableId() {
         return `subscription:${this.name}`;
@@ -92,6 +96,7 @@ export class Subscription extends BasePgModel {
             synchronous_commit: this.synchronous_commit,
             publications: this.publications,
             origin: this.origin,
+            security_labels: this.security_labels,
         };
     }
 }
@@ -156,7 +161,20 @@ export async function extractSubscriptions(pool) {
           ),
           '[]'::json
         ) as publications,
-        ${originExpr} as origin
+        ${originExpr} as origin,
+        coalesce(
+          (
+            select json_agg(
+              json_build_object('provider', sl.provider, 'label', sl.label)
+              order by sl.provider
+            )
+            from pg_catalog.pg_seclabel sl
+            where sl.objoid = s.oid
+              and sl.classoid = 'pg_subscription'::regclass
+              and sl.objsubid = 0
+          ),
+          '[]'::json
+        ) as security_labels
       from scoped_subscriptions s
       left join pg_replication_slots r
         on r.slot_name = s.subslotname

package/dist/core/objects/table/changes/table.base.d.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { BaseChange } from "../../base.change.ts";
 import type { Table } from "../table.model.ts";
 declare abstract class BaseTableChange extends BaseChange {
     abstract readonly table: Table;
-    abstract readonly scope: "object" | "comment" | "privilege";
+    abstract readonly scope: "object" | "comment" | "privilege" | "security_label";
     readonly objectType: "table";
 }
 export declare abstract class CreateTableChange extends BaseTableChange {

package/dist/core/objects/table/changes/table.security-label.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import type { ColumnProps } from "../../base.model.ts";
+import type { SecurityLabelProps } from "../../security-label.types.ts";
+import type { Table } from "../table.model.ts";
+import { CreateTableChange, DropTableChange } from "./table.base.ts";
+export type SecurityLabelTable = CreateSecurityLabelOnTable | DropSecurityLabelOnTable | CreateSecurityLabelOnColumn | DropSecurityLabelOnColumn;
+/**
+ * SECURITY LABEL FOR <provider> ON TABLE <schema>.<table> IS <literal>
+ */
+export declare class CreateSecurityLabelOnTable extends CreateTableChange {
+    readonly table: Table;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        table: Table;
+        securityLabel: SecurityLabelProps;
+    });
+    get creates(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): `table:${string}`[];
+    serialize(): string;
+}
+export declare class DropSecurityLabelOnTable extends DropTableChange {
+    readonly table: Table;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        table: Table;
+        securityLabel: SecurityLabelProps;
+    });
+    get drops(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): (`securityLabel:${string}::provider:${string}` | `table:${string}`)[];
+    serialize(): string;
+}
+/**
+ * SECURITY LABEL FOR <provider> ON COLUMN <schema>.<table>.<column> IS <literal>
+ */
+export declare class CreateSecurityLabelOnColumn extends CreateTableChange {
+    readonly table: Table;
+    readonly column: ColumnProps;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        table: Table;
+        column: ColumnProps;
+        securityLabel: SecurityLabelProps;
+    });
+    get creates(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): `column:${string}.${string}.${string}`[];
+    serialize(): string;
+}
+export declare class DropSecurityLabelOnColumn extends DropTableChange {
+    readonly table: Table;
+    readonly column: ColumnProps;
+    readonly securityLabel: SecurityLabelProps;
+    readonly scope: "security_label";
+    constructor(props: {
+        table: Table;
+        column: ColumnProps;
+        securityLabel: SecurityLabelProps;
+    });
+    get drops(): `securityLabel:${string}::provider:${string}`[];
+    get requires(): (`column:${string}.${string}.${string}` | `securityLabel:${string}::provider:${string}`)[];
+    serialize(): string;
+}

package/dist/core/objects/table/changes/table.security-label.js ADDED Viewed

@@ -0,0 +1,134 @@
+import { quoteLiteral } from "../../base.change.js";
+import { stableId } from "../../utils.js";
+import { CreateTableChange, DropTableChange } from "./table.base.js";
+/**
+ * SECURITY LABEL FOR <provider> ON TABLE <schema>.<table> IS <literal>
+ */
+export class CreateSecurityLabelOnTable extends CreateTableChange {
+    table;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.table = props.table;
+        this.securityLabel = props.securityLabel;
+    }
+    get creates() {
+        return [
+            stableId.securityLabel(this.table.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [this.table.stableId];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON TABLE",
+            `${this.table.schema}.${this.table.name}`,
+            "IS",
+            quoteLiteral(this.securityLabel.label),
+        ].join(" ");
+    }
+}
+export class DropSecurityLabelOnTable extends DropTableChange {
+    table;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.table = props.table;
+        this.securityLabel = props.securityLabel;
+    }
+    get drops() {
+        return [
+            stableId.securityLabel(this.table.stableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [
+            stableId.securityLabel(this.table.stableId, this.securityLabel.provider),
+            this.table.stableId,
+        ];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON TABLE",
+            `${this.table.schema}.${this.table.name}`,
+            "IS NULL",
+        ].join(" ");
+    }
+}
+/**
+ * SECURITY LABEL FOR <provider> ON COLUMN <schema>.<table>.<column> IS <literal>
+ */
+export class CreateSecurityLabelOnColumn extends CreateTableChange {
+    table;
+    column;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.table = props.table;
+        this.column = props.column;
+        this.securityLabel = props.securityLabel;
+    }
+    get creates() {
+        const columnStableId = stableId.column(this.table.schema, this.table.name, this.column.name);
+        return [
+            stableId.securityLabel(columnStableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        return [
+            stableId.column(this.table.schema, this.table.name, this.column.name),
+        ];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON COLUMN",
+            `${this.table.schema}.${this.table.name}.${this.column.name}`,
+            "IS",
+            quoteLiteral(this.securityLabel.label),
+        ].join(" ");
+    }
+}
+export class DropSecurityLabelOnColumn extends DropTableChange {
+    table;
+    column;
+    securityLabel;
+    scope = "security_label";
+    constructor(props) {
+        super();
+        this.table = props.table;
+        this.column = props.column;
+        this.securityLabel = props.securityLabel;
+    }
+    get drops() {
+        const columnStableId = stableId.column(this.table.schema, this.table.name, this.column.name);
+        return [
+            stableId.securityLabel(columnStableId, this.securityLabel.provider),
+        ];
+    }
+    get requires() {
+        const columnStableId = stableId.column(this.table.schema, this.table.name, this.column.name);
+        return [
+            stableId.securityLabel(columnStableId, this.securityLabel.provider),
+            columnStableId,
+        ];
+    }
+    serialize() {
+        return [
+            "SECURITY LABEL FOR",
+            this.securityLabel.provider,
+            "ON COLUMN",
+            `${this.table.schema}.${this.table.name}.${this.column.name}`,
+            "IS NULL",
+        ].join(" ");
+    }
+}

package/dist/core/objects/table/changes/table.types.d.ts CHANGED Viewed

@@ -3,5 +3,6 @@ import type { CommentTable } from "./table.comment.ts";
 import type { CreateTable } from "./table.create.ts";
 import type { DropTable } from "./table.drop.ts";
 import type { TablePrivilege } from "./table.privilege.ts";
+import type { SecurityLabelTable } from "./table.security-label.ts";
 /** Union of all table-related change variants (`objectType: "table"`). @category Change Types */
-export type TableChange = AlterTable | CommentTable | CreateTable | DropTable | TablePrivilege;
+export type TableChange = AlterTable | CommentTable | CreateTable | DropTable | TablePrivilege | SecurityLabelTable;