npm - @vobase/core - Versions diffs - 0.9.0 → 0.11.0 - Mend

@vobase/core 0.9.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (188) hide show

package/package.json +9 -10
package/src/__tests__/drizzle-introspection.test.ts +77 -0
package/src/__tests__/e2e.test.ts +225 -0
package/src/__tests__/permissions.test.ts +157 -0
package/src/__tests__/rpc-types.test.ts +92 -0
package/src/app.test.ts +99 -0
package/src/app.ts +178 -0
package/src/audit.test.ts +126 -0
package/src/auth.test.ts +74 -0
package/src/contracts/auth.ts +37 -0
package/{dist/contracts/module.d.ts → src/contracts/module.ts} +6 -6
package/src/contracts/notify.ts +47 -0
package/src/contracts/permissions.ts +10 -0
package/src/contracts/storage.ts +61 -0
package/src/ctx.test.ts +162 -0
package/src/ctx.ts +64 -0
package/src/db/client.test.ts +75 -0
package/src/db/client.ts +15 -0
package/src/db/helpers.test.ts +147 -0
package/src/db/helpers.ts +51 -0
package/src/db/index.ts +8 -0
package/{dist/index.d.ts → src/index.ts} +105 -6
package/src/infra/circuit-breaker.test.ts +74 -0
package/src/infra/circuit-breaker.ts +57 -0
package/src/infra/errors.test.ts +175 -0
package/src/infra/errors.ts +64 -0
package/src/infra/http-client.test.ts +482 -0
package/src/infra/http-client.ts +221 -0
package/src/infra/index.ts +35 -0
package/src/infra/job.test.ts +85 -0
package/src/infra/job.ts +94 -0
package/src/infra/logger.test.ts +65 -0
package/src/infra/logger.ts +18 -0
package/src/infra/queue.test.ts +46 -0
package/src/infra/queue.ts +147 -0
package/src/infra/throw-proxy.test.ts +34 -0
package/src/infra/throw-proxy.ts +17 -0
package/src/infra/webhooks-schema.ts +17 -0
package/src/infra/webhooks.test.ts +364 -0
package/src/infra/webhooks.ts +146 -0
package/src/mcp/auth.test.ts +129 -0
package/src/mcp/crud.test.ts +128 -0
package/src/mcp/crud.ts +171 -0
package/{dist/mcp/index.d.ts → src/mcp/index.ts} +0 -1
package/src/mcp/server.test.ts +153 -0
package/src/mcp/server.ts +178 -0
package/src/middleware/audit.test.ts +169 -0
package/src/module-registry.ts +18 -0
package/src/module.test.ts +168 -0
package/src/module.ts +111 -0
package/src/modules/audit/index.ts +18 -0
package/src/modules/audit/middleware.ts +33 -0
package/src/modules/audit/schema.ts +35 -0
package/src/modules/audit/track-changes.ts +70 -0
package/src/modules/auth/audit-hooks.ts +74 -0
package/src/modules/auth/index.ts +101 -0
package/src/modules/auth/middleware.ts +51 -0
package/src/modules/auth/permissions.ts +46 -0
package/src/modules/auth/schema.ts +184 -0
package/src/modules/credentials/encrypt.ts +95 -0
package/src/modules/credentials/index.ts +15 -0
package/src/modules/credentials/schema.ts +10 -0
package/src/modules/notify/index.ts +90 -0
package/src/modules/notify/notify.test.ts +145 -0
package/src/modules/notify/providers/resend.ts +47 -0
package/src/modules/notify/providers/smtp.ts +117 -0
package/src/modules/notify/providers/waba.ts +82 -0
package/src/modules/notify/schema.ts +27 -0
package/src/modules/notify/service.ts +93 -0
package/src/modules/sequences/index.ts +15 -0
package/src/modules/sequences/next-sequence.ts +48 -0
package/src/modules/sequences/schema.ts +12 -0
package/src/modules/storage/index.ts +44 -0
package/src/modules/storage/providers/local.ts +124 -0
package/src/modules/storage/providers/s3.ts +83 -0
package/src/modules/storage/routes.ts +76 -0
package/src/modules/storage/schema.ts +26 -0
package/src/modules/storage/service.ts +202 -0
package/src/modules/storage/storage.test.ts +225 -0
package/src/schemas.test.ts +44 -0
package/src/schemas.ts +63 -0
package/src/sequence.test.ts +56 -0
package/dist/app.d.ts +0 -37
package/dist/app.d.ts.map +0 -1
package/dist/contracts/auth.d.ts +0 -35
package/dist/contracts/auth.d.ts.map +0 -1
package/dist/contracts/module.d.ts.map +0 -1
package/dist/contracts/notify.d.ts +0 -46
package/dist/contracts/notify.d.ts.map +0 -1
package/dist/contracts/permissions.d.ts +0 -10
package/dist/contracts/permissions.d.ts.map +0 -1
package/dist/contracts/storage.d.ts +0 -54
package/dist/contracts/storage.d.ts.map +0 -1
package/dist/ctx.d.ts +0 -40
package/dist/ctx.d.ts.map +0 -1
package/dist/db/client.d.ts +0 -4
package/dist/db/client.d.ts.map +0 -1
package/dist/db/helpers.d.ts +0 -26
package/dist/db/helpers.d.ts.map +0 -1
package/dist/db/index.d.ts +0 -3
package/dist/db/index.d.ts.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -89026
package/dist/infra/circuit-breaker.d.ts +0 -17
package/dist/infra/circuit-breaker.d.ts.map +0 -1
package/dist/infra/errors.d.ts +0 -26
package/dist/infra/errors.d.ts.map +0 -1
package/dist/infra/http-client.d.ts +0 -31
package/dist/infra/http-client.d.ts.map +0 -1
package/dist/infra/index.d.ts +0 -11
package/dist/infra/index.d.ts.map +0 -1
package/dist/infra/job.d.ts +0 -14
package/dist/infra/job.d.ts.map +0 -1
package/dist/infra/logger.d.ts +0 -7
package/dist/infra/logger.d.ts.map +0 -1
package/dist/infra/queue.d.ts +0 -18
package/dist/infra/queue.d.ts.map +0 -1
package/dist/infra/throw-proxy.d.ts +0 -7
package/dist/infra/throw-proxy.d.ts.map +0 -1
package/dist/infra/webhooks-schema.d.ts +0 -60
package/dist/infra/webhooks-schema.d.ts.map +0 -1
package/dist/infra/webhooks.d.ts +0 -46
package/dist/infra/webhooks.d.ts.map +0 -1
package/dist/mcp/crud.d.ts +0 -12
package/dist/mcp/crud.d.ts.map +0 -1
package/dist/mcp/index.d.ts.map +0 -1
package/dist/mcp/server.d.ts +0 -10
package/dist/mcp/server.d.ts.map +0 -1
package/dist/module-registry.d.ts +0 -3
package/dist/module-registry.d.ts.map +0 -1
package/dist/module.d.ts +0 -29
package/dist/module.d.ts.map +0 -1
package/dist/modules/audit/index.d.ts +0 -5
package/dist/modules/audit/index.d.ts.map +0 -1
package/dist/modules/audit/middleware.d.ts +0 -3
package/dist/modules/audit/middleware.d.ts.map +0 -1
package/dist/modules/audit/schema.d.ts +0 -247
package/dist/modules/audit/schema.d.ts.map +0 -1
package/dist/modules/audit/track-changes.d.ts +0 -3
package/dist/modules/audit/track-changes.d.ts.map +0 -1
package/dist/modules/auth/audit-hooks.d.ts +0 -6
package/dist/modules/auth/audit-hooks.d.ts.map +0 -1
package/dist/modules/auth/index.d.ts +0 -17
package/dist/modules/auth/index.d.ts.map +0 -1
package/dist/modules/auth/middleware.d.ts +0 -15
package/dist/modules/auth/middleware.d.ts.map +0 -1
package/dist/modules/auth/permissions.d.ts +0 -5
package/dist/modules/auth/permissions.d.ts.map +0 -1
package/dist/modules/auth/schema.d.ts +0 -2519
package/dist/modules/auth/schema.d.ts.map +0 -1
package/dist/modules/credentials/encrypt.d.ts +0 -12
package/dist/modules/credentials/encrypt.d.ts.map +0 -1
package/dist/modules/credentials/index.d.ts +0 -4
package/dist/modules/credentials/index.d.ts.map +0 -1
package/dist/modules/credentials/schema.d.ts +0 -56
package/dist/modules/credentials/schema.d.ts.map +0 -1
package/dist/modules/notify/index.d.ts +0 -36
package/dist/modules/notify/index.d.ts.map +0 -1
package/dist/modules/notify/providers/resend.d.ts +0 -7
package/dist/modules/notify/providers/resend.d.ts.map +0 -1
package/dist/modules/notify/providers/smtp.d.ts +0 -18
package/dist/modules/notify/providers/smtp.d.ts.map +0 -1
package/dist/modules/notify/providers/waba.d.ts +0 -12
package/dist/modules/notify/providers/waba.d.ts.map +0 -1
package/dist/modules/notify/schema.d.ts +0 -337
package/dist/modules/notify/schema.d.ts.map +0 -1
package/dist/modules/notify/service.d.ts +0 -22
package/dist/modules/notify/service.d.ts.map +0 -1
package/dist/modules/sequences/index.d.ts +0 -4
package/dist/modules/sequences/index.d.ts.map +0 -1
package/dist/modules/sequences/next-sequence.d.ts +0 -8
package/dist/modules/sequences/next-sequence.d.ts.map +0 -1
package/dist/modules/sequences/schema.d.ts +0 -72
package/dist/modules/sequences/schema.d.ts.map +0 -1
package/dist/modules/storage/index.d.ts +0 -24
package/dist/modules/storage/index.d.ts.map +0 -1
package/dist/modules/storage/providers/local.d.ts +0 -3
package/dist/modules/storage/providers/local.d.ts.map +0 -1
package/dist/modules/storage/providers/s3.d.ts +0 -3
package/dist/modules/storage/providers/s3.d.ts.map +0 -1
package/dist/modules/storage/routes.d.ts +0 -4
package/dist/modules/storage/routes.d.ts.map +0 -1
package/dist/modules/storage/schema.d.ts +0 -273
package/dist/modules/storage/schema.d.ts.map +0 -1
package/dist/modules/storage/service.d.ts +0 -35
package/dist/modules/storage/service.d.ts.map +0 -1
package/dist/schemas.d.ts +0 -19
package/dist/schemas.d.ts.map +0 -1

package/src/modules/storage/providers/local.ts ADDED Viewed

@@ -0,0 +1,124 @@
+import { mkdirSync, unlinkSync, existsSync, readdirSync, statSync } from 'node:fs';
+import { join, normalize, dirname } from 'node:path';
+import { validation } from '../../../infra/errors';
+import type {
+  StorageProvider,
+  StorageObjectInfo,
+  LocalProviderConfig,
+} from '../../../contracts/storage';
+function sanitizePath(inputPath: string): string {
+  if (inputPath.includes('..')) {
+    throw validation(
+      { path: inputPath },
+      'Invalid path: directory traversal not allowed',
+    );
+  }
+  return normalize(inputPath).replace(/^\/+/, '');
+}
+export function createLocalProvider(config: LocalProviderConfig): StorageProvider {
+  const basePath = config.basePath;
+  const baseUrl = config.baseUrl ?? '/api/storage';
+  // Ensure base directory exists
+  mkdirSync(basePath, { recursive: true });
+  return {
+    async upload(fullKey, data, opts) {
+      const safe = sanitizePath(fullKey);
+      const fullPath = join(basePath, safe);
+      if (opts?.maxSize && data.byteLength > opts.maxSize) {
+        throw validation(
+          { size: data.byteLength, maxSize: opts.maxSize },
+          `File size ${data.byteLength} exceeds maximum allowed size ${opts.maxSize}`,
+        );
+      }
+      const dir = dirname(fullPath);
+      mkdirSync(dir, { recursive: true });
+      await Bun.write(fullPath, data);
+    },
+    async download(fullKey) {
+      const safe = sanitizePath(fullKey);
+      const file = Bun.file(join(basePath, safe));
+      if (!(await file.exists())) {
+        throw validation({ key: fullKey }, `File not found: ${fullKey}`);
+      }
+      return new Uint8Array(await file.arrayBuffer());
+    },
+    async delete(fullKey) {
+      const safe = sanitizePath(fullKey);
+      const fullPath = join(basePath, safe);
+      try {
+        unlinkSync(fullPath);
+      } catch (err) {
+        if ((err as NodeJS.ErrnoException).code !== 'ENOENT') throw err;
+      }
+    },
+    async exists(fullKey) {
+      const safe = sanitizePath(fullKey);
+      return existsSync(join(basePath, safe));
+    },
+    presign(fullKey, _opts) {
+      const safe = sanitizePath(fullKey);
+      // Local provider returns a proxy URL — the server handles the actual I/O
+      return `${baseUrl}/${safe}`;
+    },
+    async list(prefix, opts) {
+      const safe = sanitizePath(prefix || '');
+      const dir = join(basePath, safe);
+      const limit = opts?.limit ?? 100;
+      const objects: StorageObjectInfo[] = [];
+      if (!existsSync(dir)) {
+        return { objects };
+      }
+      const entries = readdirSync(dir, { recursive: true });
+      let skipping = !!opts?.cursor;
+      for (const entry of entries) {
+        const entryStr = typeof entry === 'string' ? entry : entry.toString();
+        const fullPath = join(dir, entryStr);
+        try {
+          const stat = statSync(fullPath);
+          if (!stat.isFile()) continue;
+        } catch {
+          continue;
+        }
+        const key = safe ? `${safe}/${entryStr}` : entryStr;
+        if (skipping) {
+          if (key === opts?.cursor) skipping = false;
+          continue;
+        }
+        if (objects.length >= limit) {
+          return { objects, cursor: objects[objects.length - 1].key };
+        }
+        const stat = statSync(fullPath);
+        objects.push({
+          key,
+          size: stat.size,
+          contentType: 'application/octet-stream',
+          lastModified: stat.mtime,
+        });
+      }
+      return { objects };
+    },
+  };
+}

package/src/modules/storage/providers/s3.ts ADDED Viewed

@@ -0,0 +1,83 @@
+import { S3Client } from 'bun';
+import type {
+  StorageProvider,
+  StorageObjectInfo,
+  S3ProviderConfig,
+} from '../../../contracts/storage';
+import { validation } from '../../../infra/errors';
+export function createS3Provider(config: S3ProviderConfig): StorageProvider {
+  const client = new S3Client({
+    accessKeyId: config.accessKeyId,
+    secretAccessKey: config.secretAccessKey,
+    bucket: config.bucket,
+    ...(config.region && { region: config.region }),
+    ...(config.endpoint && { endpoint: config.endpoint }),
+  });
+  return {
+    async upload(fullKey, data, opts) {
+      if (opts?.maxSize && data.byteLength > opts.maxSize) {
+        throw validation(
+          { size: data.byteLength, maxSize: opts.maxSize },
+          `File size ${data.byteLength} exceeds maximum allowed size ${opts.maxSize}`,
+        );
+      }
+      const file = client.file(fullKey);
+      await file.write(data, {
+        ...(opts?.contentType && { type: opts.contentType }),
+      });
+    },
+    async download(fullKey) {
+      const file = client.file(fullKey);
+      try {
+        const buf = await file.arrayBuffer();
+        return new Uint8Array(buf);
+      } catch {
+        throw validation({ key: fullKey }, `File not found: ${fullKey}`);
+      }
+    },
+    async delete(fullKey) {
+      const file = client.file(fullKey);
+      await file.delete();
+    },
+    async exists(fullKey) {
+      const file = client.file(fullKey);
+      return file.exists();
+    },
+    presign(fullKey, opts) {
+      return client.presign(fullKey, {
+        expiresIn: opts.expiresIn ?? 3600,
+        method: opts.method ?? 'GET',
+      });
+    },
+    async list(prefix, opts) {
+      // Bun's S3Client doesn't have a native list API — use the S3 ListObjectsV2 REST API
+      const limit = opts?.limit ?? 100;
+      const params = new URLSearchParams({
+        'list-type': '2',
+        prefix: prefix,
+        'max-keys': String(limit),
+      });
+      if (opts?.cursor) {
+        params.set('start-after', opts.cursor);
+      }
+      // const endpoint = config.endpoint ?? `https://s3.${config.region ?? 'us-east-1'}.amazonaws.com`;
+      // const url = `${endpoint}/${config.bucket}?${params}`;
+      // Bun's S3Client doesn't expose ListObjectsV2 — full listing requires XML parsing.
+      // Most use cases rely on metadata in SQLite; enhance here when needed.
+      // This will be enhanced when needed; most use cases rely on metadata in SQLite
+      const objects: StorageObjectInfo[] = [];
+      return { objects };
+    },
+  };
+}

package/src/modules/storage/routes.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import { Hono } from 'hono';
+import type { StorageService } from './service';
+export function createStorageRoutes(service: StorageService): Hono {
+  const routes = new Hono();
+  // POST /api/storage/:bucket — upload a file
+  routes.post('/:bucket', async (c) => {
+    const bucketName = c.req.param('bucket');
+    const bucket = service.bucket(bucketName);
+    const body = await c.req.parseBody();
+    const file = body.file;
+    if (!file || !(file instanceof File)) {
+      return c.json({ error: 'Missing file in request body' }, 400);
+    }
+    const data = new Uint8Array(await file.arrayBuffer());
+    const key = (body.key as string) || file.name;
+    const contentType = file.type || 'application/octet-stream';
+    const obj = await bucket.upload(key, data, { contentType });
+    return c.json(obj, 201);
+  });
+  // POST /api/storage/:bucket/confirm — confirm a presigned upload
+  routes.post('/:bucket/confirm', async (c) => {
+    const bucketName = c.req.param('bucket');
+    const bucket = service.bucket(bucketName);
+    const { key } = await c.req.json<{ key: string }>();
+    const meta = await bucket.metadata(key);
+    if (meta) {
+      return c.json(meta);
+    }
+    return c.json({ error: 'Object not found' }, 404);
+  });
+  // GET /api/storage/:bucket — list objects
+  routes.get('/:bucket', async (c) => {
+    const bucketName = c.req.param('bucket');
+    const bucket = service.bucket(bucketName);
+    const prefix = c.req.query('prefix');
+    const cursor = c.req.query('cursor');
+    const limit = c.req.query('limit');
+    const result = await bucket.list({
+      prefix: prefix || undefined,
+      cursor: cursor || undefined,
+      limit: limit ? Number.parseInt(limit, 10) : undefined,
+    });
+    return c.json(result);
+  });
+  // GET /api/storage/:bucket/:key{.+} — download / proxy a file
+  routes.get('/:bucket/:key{.+}', async (c) => {
+    const bucketName = c.req.param('bucket');
+    const key = c.req.param('key');
+    const bucket = service.bucket(bucketName);
+    const data = await bucket.download(key);
+    const meta = await bucket.metadata(key);
+    const contentType = meta?.contentType ?? 'application/octet-stream';
+    return new Response(data.buffer as ArrayBuffer, {
+      headers: { 'content-type': contentType },
+    });
+  });
+  return routes;
+}

package/src/modules/storage/schema.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import { index, integer, sqliteTable, text, uniqueIndex } from 'drizzle-orm/sqlite-core';
+import { nanoidPrimaryKey } from '../../db/helpers';
+export const storageObjects = sqliteTable(
+  '_storage_objects',
+  {
+    id: nanoidPrimaryKey(),
+    bucket: text('bucket').notNull(),
+    key: text('key').notNull(),
+    size: integer('size').notNull(),
+    contentType: text('content_type').notNull().default('application/octet-stream'),
+    metadata: text('metadata'),
+    uploadedBy: text('uploaded_by'),
+    createdAt: integer('created_at', { mode: 'timestamp_ms' })
+      .notNull()
+      .$defaultFn(() => new Date()),
+  },
+  (table) => [
+    uniqueIndex('storage_objects_bucket_key_idx').on(table.bucket, table.key),
+    index('storage_objects_bucket_idx').on(table.bucket),
+    index('storage_objects_uploaded_by_idx').on(table.uploadedBy),
+  ],
+);
+export const storageSchema = { storageObjects };

package/src/modules/storage/service.ts ADDED Viewed

@@ -0,0 +1,202 @@
+import { eq, and } from 'drizzle-orm';
+import type { VobaseDb } from '../../db/client';
+import type {
+  StorageProvider,
+  UploadOptions,
+  PresignOptions,
+  StorageListResult,
+} from '../../contracts/storage';
+import { validation } from '../../infra/errors';
+import { storageObjects } from './schema';
+export interface BucketConfig {
+  access: 'public' | 'private';
+  maxSize?: number;
+  allowedTypes?: string[];
+}
+export interface StorageObject {
+  id: string;
+  bucket: string;
+  key: string;
+  size: number;
+  contentType: string;
+  metadata: Record<string, string> | null;
+  uploadedBy: string | null;
+  createdAt: Date;
+}
+export interface BucketHandle {
+  upload(key: string, data: Buffer | Uint8Array, opts?: UploadOptions): Promise<StorageObject>;
+  download(key: string): Promise<Uint8Array>;
+  delete(key: string): Promise<void>;
+  presign(key: string, opts?: PresignOptions): string;
+  list(opts?: BucketListOptions): Promise<StorageListResult>;
+  metadata(key: string): Promise<StorageObject | null>;
+}
+export interface BucketListOptions {
+  prefix?: string;
+  cursor?: string;
+  limit?: number;
+}
+export interface StorageService {
+  bucket(name: string): BucketHandle;
+}
+export function createStorageService(
+  provider: StorageProvider,
+  buckets: Record<string, BucketConfig>,
+  db: VobaseDb,
+): StorageService {
+  const validBucketNames = new Set(Object.keys(buckets));
+  function assertBucket(name: string): BucketConfig {
+    if (!validBucketNames.has(name)) {
+      throw validation(
+        { bucket: name, available: [...validBucketNames] },
+        `Unknown storage bucket "${name}". Available buckets: ${[...validBucketNames].join(', ')}`,
+      );
+    }
+    return buckets[name];
+  }
+  function fullKey(bucket: string, key: string): string {
+    return `${bucket}/${key}`;
+  }
+  return {
+    bucket(name: string): BucketHandle {
+      const config = assertBucket(name);
+      return {
+        async upload(key, data, opts) {
+          const fk = fullKey(name, key);
+          const contentType = opts?.contentType ?? 'application/octet-stream';
+          if (config.maxSize && data.byteLength > config.maxSize) {
+            throw validation(
+              { size: data.byteLength, maxSize: config.maxSize },
+              `File size ${data.byteLength} exceeds bucket max size ${config.maxSize}`,
+            );
+          }
+          if (config.allowedTypes && config.allowedTypes.length > 0) {
+            const allowed = config.allowedTypes.some((pattern) => {
+              if (pattern.endsWith('/*')) {
+                return contentType.startsWith(pattern.slice(0, -1));
+              }
+              return contentType === pattern;
+            });
+            if (!allowed) {
+              throw validation(
+                { contentType, allowedTypes: config.allowedTypes },
+                `Content type "${contentType}" is not allowed in bucket "${name}"`,
+              );
+            }
+          }
+          await provider.upload(fk, data, { ...opts, maxSize: config.maxSize });
+          // Upsert metadata in SQLite
+          const existing = db
+            .select()
+            .from(storageObjects)
+            .where(and(eq(storageObjects.bucket, name), eq(storageObjects.key, key)))
+            .get();
+          if (existing) {
+            db.update(storageObjects)
+              .set({
+                size: data.byteLength,
+                contentType,
+                metadata: opts?.metadata ? JSON.stringify(opts.metadata) : null,
+              })
+              .where(eq(storageObjects.id, existing.id))
+              .run();
+            return {
+              ...existing,
+              size: data.byteLength,
+              contentType,
+              metadata: opts?.metadata ?? null,
+              createdAt: existing.createdAt,
+            };
+          }
+          const row = db
+            .insert(storageObjects)
+            .values({
+              bucket: name,
+              key,
+              size: data.byteLength,
+              contentType,
+              metadata: opts?.metadata ? JSON.stringify(opts.metadata) : null,
+              uploadedBy: opts?.metadata?.uploadedBy ?? null,
+            })
+            .returning()
+            .get();
+          return {
+            id: row.id,
+            bucket: row.bucket,
+            key: row.key,
+            size: row.size,
+            contentType: row.contentType,
+            metadata: row.metadata ? JSON.parse(row.metadata) : null,
+            uploadedBy: row.uploadedBy,
+            createdAt: row.createdAt,
+          };
+        },
+        async download(key) {
+          return provider.download(fullKey(name, key));
+        },
+        async delete(key) {
+          await provider.delete(fullKey(name, key));
+          db.delete(storageObjects)
+            .where(and(eq(storageObjects.bucket, name), eq(storageObjects.key, key)))
+            .run();
+        },
+        presign(key, opts) {
+          return provider.presign(fullKey(name, key), opts ?? {});
+        },
+        async list(opts) {
+          const prefix = opts?.prefix
+            ? fullKey(name, opts.prefix)
+            : `${name}/`;
+          return provider.list(prefix, {
+            cursor: opts?.cursor,
+            limit: opts?.limit,
+          });
+        },
+        async metadata(key) {
+          const row = db
+            .select()
+            .from(storageObjects)
+            .where(and(eq(storageObjects.bucket, name), eq(storageObjects.key, key)))
+            .get();
+          if (!row) return null;
+          return {
+            id: row.id,
+            bucket: row.bucket,
+            key: row.key,
+            size: row.size,
+            contentType: row.contentType,
+            metadata: row.metadata ? JSON.parse(row.metadata) : null,
+            uploadedBy: row.uploadedBy,
+            createdAt: row.createdAt,
+          };
+        },
+      };
+    },
+  };
+}