corsair 0.1.52 → 0.1.53

package/dist/{chunk-BEVGZD7X.js → chunk-ACRK2W72.js}

@@ -1,4 +1,4 @@
-import{q as k,r as w}from"./chunk-ZWWGVPSP.js";import{a as m}from"./chunk-7IH5DNUL.js";import{ZodBoolean as h,ZodDate as _,ZodEffects as $,ZodEnum as P,ZodNullable as K,ZodNumber as M,ZodObject as T,ZodOptional as v,ZodRecord as A,ZodString as j}from"zod";var b={slack:{channels:{list:{}},users:{list:{}}},linear:{projects:{list:{}},issues:{list:{}},users:{list:{}}},github:{issues:{list:{}},pullRequests:{list:{}},repositories:{list:{}}},discord:{guilds:{list:{}},channels:{list:{}}},hubspot:{contacts:{getMany:{}},companies:{getMany:{}},deals:{getMany:{}}},gmail:{messages:{list:{}},labels:{list:{}},drafts:{list:{}},threads:{list:{}}},googlecalendar:{events:{getMany:{}}},googledrive:{files:{list:{}},folders:{list:{}},sharedDrives:{list:{}}},notion:{databases:{getManyDatabases:{}},databasePages:{getManyDatabasePages:{}},users:{getManyUsers:{}}},airtable:{bases:{getMany:{}}},todoist:{projects:{getMany:{}},tasks:{getMany:{}}},cal:{bookings:{list:{}}}};async function Y(e,c){let l=[],r=t=>{l.push(t),console.log(t)},o=t=>{l.push(t),console.warn(t)},g=c?.caller??"script",s=e[k];if(!s)throw new Error("setupCorsair: invalid corsair instance");if(s.multiTenancy)throw new Error("setupCorsair: multi-tenancy instances are not supported. Create your corsair instance without multiTenancy: true.");if(!s.database)throw new Error("setupCorsair: a database must be configured on the corsair instance");let u=s.database.db,n=w({plugins:s.plugins,database:s.database.db,kek:s.kek});await D(u,o),await E(u,n,s.plugins,r),c?.credentials&&Object.keys(c.credentials).length>0&&await I(n,c.credentials,r,o);let a=await Z(n,s.plugins,r,g);return c?.backfill&&(r("[corsair:setup] Starting backfill..."),await L(n,s.plugins,a,r,o),r("[corsair:setup] Backfill complete.")),l.join(`
+import{q as k,r as w}from"./chunk-KVGGQMXC.js";import{a as m}from"./chunk-7IH5DNUL.js";import{ZodBoolean as h,ZodDate as _,ZodEffects as $,ZodEnum as P,ZodNullable as K,ZodNumber as M,ZodObject as T,ZodOptional as v,ZodRecord as A,ZodString as j}from"zod";var b={slack:{channels:{list:{}},users:{list:{}}},linear:{projects:{list:{}},issues:{list:{}},users:{list:{}}},github:{issues:{list:{}},pullRequests:{list:{}},repositories:{list:{}}},discord:{guilds:{list:{}},channels:{list:{}}},hubspot:{contacts:{getMany:{}},companies:{getMany:{}},deals:{getMany:{}}},gmail:{messages:{list:{}},labels:{list:{}},drafts:{list:{}},threads:{list:{}}},googlecalendar:{events:{getMany:{}}},googledrive:{files:{list:{}},folders:{list:{}},sharedDrives:{list:{}}},notion:{databases:{getManyDatabases:{}},databasePages:{getManyDatabasePages:{}},users:{getManyUsers:{}}},airtable:{bases:{getMany:{}}},todoist:{projects:{getMany:{}},tasks:{getMany:{}}},cal:{bookings:{list:{}}}};async function Y(e,c){let l=[],r=t=>{l.push(t),console.log(t)},o=t=>{l.push(t),console.warn(t)},g=c?.caller??"script",s=e[k];if(!s)throw new Error("setupCorsair: invalid corsair instance");if(s.multiTenancy)throw new Error("setupCorsair: multi-tenancy instances are not supported. Create your corsair instance without multiTenancy: true.");if(!s.database)throw new Error("setupCorsair: a database must be configured on the corsair instance");let u=s.database.db,n=w({plugins:s.plugins,database:s.database.db,kek:s.kek});await D(u,o),await E(u,n,s.plugins,r),c?.credentials&&Object.keys(c.credentials).length>0&&await I(n,c.credentials,r,o);let a=await Z(n,s.plugins,r,g);return c?.backfill&&(r("[corsair:setup] Starting backfill..."),await L(n,s.plugins,a,r,o),r("[corsair:setup] Backfill complete.")),l.join(`
 `)}var O={...m};function p(e){if(e instanceof T){let c={};for(let[l,r]of Object.entries(e.shape))c[l]=p(r);return c}return e instanceof $?p(e.innerType()):e instanceof K?`${p(e.unwrap())} | null`:e instanceof v?`${p(e.unwrap())} | undefined`:e instanceof P?e.options.join(" | "):e instanceof j?"string":e instanceof M?"number":e instanceof h?"boolean":e instanceof _?"date":e instanceof A?"jsonb":"unknown"}async function D(e,c){let l=await e.introspection.getTables(),r=new Set(l.map(o=>o.name));for(let[o,g]of Object.entries(O))r.has(o)||c(`[corsair:setup] Table "${o}" does not exist. Run your database migrations before calling setupCorsair.
 Schema: ${JSON.stringify(p(g),null,2)}`)}var C="default";async function E(e,c,l,r){let o=new Date,g=c.keys,s=c;for(let u of l){let n=u.id,a=await e.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!a){let f=crypto.randomUUID();await e.insertInto("corsair_integrations").values({id:f,name:n,config:{},created_at:o,updated_at:o}).execute(),a=await e.selectFrom("corsair_integrations").selectAll().where("id","=",f).executeTakeFirst(),r(`[corsair:setup] Created integration: ${n}`)}let t=g[n];if(a&&!a.dek&&t&&(await t.issue_new_dek(),r(`[corsair:setup] Issued integration DEK: ${n}`)),!a)continue;let i=await e.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",C).where("integration_id","=",a.id).executeTakeFirst();if(!i){let f=crypto.randomUUID();await e.insertInto("corsair_accounts").values({id:f,tenant_id:C,integration_id:a.id,config:{},created_at:o,updated_at:o}).execute(),i=await e.selectFrom("corsair_accounts").selectAll().where("id","=",f).executeTakeFirst(),r(`[corsair:setup] Created account: ${n}`)}let d=s[n]?.keys;i&&!i.dek&&d&&(await d.issue_new_dek(),r(`[corsair:setup] Issued account DEK: ${n}`))}}async function I(e,c,l,r){let o=e.keys,g=e;for(let[s,u]of Object.entries(c)){let n=o[s],a=g[s]?.keys;for(let[t,i]of Object.entries(u)){let d=`set_${t}`;n&&typeof n[d]=="function"?(await n[d](i),l(`[corsair:setup] Set integration credential: ${s}.${t}`)):a&&typeof a[d]=="function"?(await a[d](i),l(`[corsair:setup] Set account credential: ${s}.${t}`)):r(`[corsair:setup] No setter found for '${s}.${t}' \u2014 skipping.`)}}}var S=new Set(["webhook_signature","expires_at","scope","redirect_url"]);async function x(e,c,l,r,o,g){let s=[],u=[];for(let a of Object.keys(l)){if(!a.startsWith("set_"))continue;let t=a.slice(4);if(S.has(t))continue;let i=l[`get_${t}`];if(!i)continue;let d=null;try{d=await i()}catch{}d||s.push(t)}for(let a of Object.keys(r)){if(!a.startsWith("set_"))continue;let t=a.slice(4);if(S.has(t))continue;let i=r[`get_${t}`];if(!i)continue;let d=null;try{d=await i()}catch{}d||u.push(t)}let n=s.length===0&&u.length===0;if(n)o(`[corsair:setup] '${e}' (${c}) is configured \u2713`);else{let a=[...s,...u];if(g==="cli"){let t=a.map(i=>`${i}=VALUE`).join(" ");o(`[corsair:setup] '${e}' (${c}) needs credentials. Run:
   corsair setup --${e} ${t}`)}else{let t=[`[corsair:setup] '${e}' (${c}) needs credentials. Call:`];for(let i of s)t.push(`  await corsair.keys.${e}.set_${i}(value)`);for(let i of u)t.push(`  await corsair.${e}.keys.set_${i}(value)`);o(t.join(`

package/dist/chunk-B6CM5Q2M.js

@@ -0,0 +1 @@
+import{a as t}from"./chunk-QAIKSQAD.js";import{Kysely as r,PostgresDialect as o,SqliteDialect as s}from"kysely";function i(e){return typeof e.query=="function"&&typeof e.connect=="function"}function n(e){let a=e;return typeof a.prepare=="function"&&typeof a.exec=="function"&&typeof a.close=="function"&&!("query"in e)}function y(e){return typeof e.selectFrom=="function"}function p(e){if(y(e))return{db:e};if(n(e))return{db:new r({dialect:new s({database:e}),plugins:[new t]})};if(i(e))return{db:new r({dialect:new o({pool:e})})};throw new Error("Unsupported database input. Expected a pg Pool, better-sqlite3 Database, or a Kysely instance.")}export{p as a};

package/dist/{chunk-ZWWGVPSP.js → chunk-KVGGQMXC.js}

@@ -1,4 +1,4 @@
-import{a as pe,b as Q}from"./chunk-2PB34FTK.js";import{a as ge}from"./chunk-73HYPGOI.js";import{createCipheriv as fe,createDecipheriv as ye,randomBytes as H,scrypt as Ke}from"crypto";import{promisify as $e}from"util";var he=$e(Ke),U="aes-256-gcm",me=12,q=16,Me=16,B=32;function O(){return H(B).toString("base64")}async function K(e,t){let n=H(Me),r=await he(t,n,B),o=H(me),i=fe(U,r,o,{authTagLength:q}),s=Buffer.concat([i.update(e,"utf8"),i.final()]),a=i.getAuthTag();return[n.toString("base64"),o.toString("base64"),a.toString("base64"),s.toString("base64")].join(":")}async function D(e,t){let[n,r,o,i]=e.split(":");if(!n||!r||!o||!i)throw new Error("Invalid encrypted DEK format");let s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),g=Buffer.from(i,"base64"),f=await he(t,s,B),c=ye(U,f,a,{authTagLength:q});return c.setAuthTag(d),Buffer.concat([c.update(g),c.final()]).toString("utf8")}function X(e,t){let n=Buffer.from(t,"base64"),r=H(me),o=fe(U,n,r,{authTagLength:q}),i=Buffer.concat([o.update(e,"utf8"),o.final()]),s=o.getAuthTag();return[r.toString("base64"),s.toString("base64"),i.toString("base64")].join(":")}function ee(e,t){let[n,r,o]=e.split(":");if(!n||!r||!o)throw new Error("Invalid encrypted data format");let i=Buffer.from(t,"base64"),s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),g=ye(U,i,s,{authTagLength:q});return g.setAuthTag(a),Buffer.concat([g.update(d),g.final()]).toString("utf8")}function F(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=X(o,t);return n}function $(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=ee(o,t);return n}function S(e,t,n){let r=$(e,t);return F(r,n)}function z(e,t){let n=[];e||n.push("database"),t||n.push("kek");let r={};return new Proxy(r,{get(o,i){let s=n.length>1;throw new Error(`corsair.keys.${String(i)}: Cannot access keys because ${n.join(" and ")} ${s?"are":"is"} not configured. Provide both 'database' and 'kek' in createCorsair() to enable key management.
+import{a as pe,b as Q}from"./chunk-2PB34FTK.js";import{a as ge}from"./chunk-B6CM5Q2M.js";import{createCipheriv as fe,createDecipheriv as ye,randomBytes as H,scrypt as Ke}from"crypto";import{promisify as $e}from"util";var he=$e(Ke),U="aes-256-gcm",me=12,q=16,Me=16,B=32;function O(){return H(B).toString("base64")}async function K(e,t){let n=H(Me),r=await he(t,n,B),o=H(me),i=fe(U,r,o,{authTagLength:q}),s=Buffer.concat([i.update(e,"utf8"),i.final()]),a=i.getAuthTag();return[n.toString("base64"),o.toString("base64"),a.toString("base64"),s.toString("base64")].join(":")}async function D(e,t){let[n,r,o,i]=e.split(":");if(!n||!r||!o||!i)throw new Error("Invalid encrypted DEK format");let s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),g=Buffer.from(i,"base64"),f=await he(t,s,B),c=ye(U,f,a,{authTagLength:q});return c.setAuthTag(d),Buffer.concat([c.update(g),c.final()]).toString("utf8")}function X(e,t){let n=Buffer.from(t,"base64"),r=H(me),o=fe(U,n,r,{authTagLength:q}),i=Buffer.concat([o.update(e,"utf8"),o.final()]),s=o.getAuthTag();return[r.toString("base64"),s.toString("base64"),i.toString("base64")].join(":")}function ee(e,t){let[n,r,o]=e.split(":");if(!n||!r||!o)throw new Error("Invalid encrypted data format");let i=Buffer.from(t,"base64"),s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),g=ye(U,i,s,{authTagLength:q});return g.setAuthTag(a),Buffer.concat([g.update(d),g.final()]).toString("utf8")}function F(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=X(o,t);return n}function $(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=ee(o,t);return n}function S(e,t,n){let r=$(e,t);return F(r,n)}function z(e,t){let n=[];e||n.push("database"),t||n.push("kek");let r={};return new Proxy(r,{get(o,i){let s=n.length>1;throw new Error(`corsair.keys.${String(i)}: Cannot access keys because ${n.join(" and ")} ${s?"are":"is"} not configured. Provide both 'database' and 'kek' in createCorsair() to enable key management.
 
 To generate a KEK, run: openssl rand -base64 ${B}`)}})}var Z={oauth_2:{integration:["client_id","client_secret","redirect_url"],account:["access_token","refresh_token","expires_at","scope","webhook_signature"]},api_key:{integration:[],account:["api_key","webhook_signature"]},bot_token:{integration:[],account:["bot_token","webhook_signature"]}};function ke(e,t,n){let r={};for(let o of n)r[`get_${o}`]=async()=>(await e())[o]??null,r[`set_${o}`]=async i=>{let s=[null,void 0,""].includes(i)?null:i;await t({[o]:s})};return r}var ne=e=>{if(!e)return{};if(typeof e=="string")try{return JSON.parse(e)}catch{return{}}return e};function G(e){let{authType:t,integrationName:n,kek:r,database:o,extraIntegrationFields:i=[]}=e,s=[...Z[t].integration,...i],a=null,d={kek:r,integrationName:n,getIntegration:async()=>{if(a)return a;let u=await o.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!u)throw new Error(`Integration "${n}" not found. Make sure to create the integration first.`);return a={id:u.id,config:ne(u.config),dek:u.dek??null},a},updateIntegration:async u=>{let p=await d.getIntegration();await o.db.updateTable("corsair_integrations").set({...u.config!==void 0?{config:u.config}:{},...u.dek!==void 0?{dek:u.dek}:{},updated_at:new Date}).where("id","=",p.id).execute(),a=null}},g=null,f=async()=>{if(g)return g;let u=await d.getIntegration();if(!u.dek)throw new Error(`No DEK found for integration "${n}". Initialize the integration first.`);return g=await D(u.dek,r),g},c=async()=>{let u=await d.getIntegration(),p=await f(),m=u.config;return!m||Object.keys(m).length===0?{}:$(m,p)};return{get_dek:f,issue_new_dek:async()=>{let u=await d.getIntegration(),p=O(),m={};if(u.dek){let P=await D(u.dek,r),b=u.config;b&&Object.keys(b).length>0&&(m=S(b,P,p))}let w=await K(p,r);return await d.updateIntegration({config:m,dek:w}),g=p,p},...ke(c,async u=>{let p=await f(),m;try{m=await c()}catch(b){console.error(`[corsair] Failed to decrypt config for integration "${n}", starting fresh:`,b),m={}}let w={...m};for(let[b,l]of Object.entries(u))l===null?delete w[b]:w[b]=l;let P=F(w,p);await d.updateIntegration({config:P})},s)}}function V(e){let{authType:t,integrationName:n,tenantId:r,kek:o,database:i,extraAccountFields:s=[]}=e,a=[...Z[t].account,...s],d=null,g=null,f=async()=>{if(g)return g;let l=await i.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!l)throw new Error(`Integration "${n}" not found. Make sure to create the integration first.`);return g={id:l.id,config:ne(l.config),dek:l.dek??null},g},c={kek:o,integrationName:n,tenantId:r,getIntegration:f,getAccount:async()=>{if(d)return d;let l=await f(),k=await i.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",r).where("integration_id","=",l.id).executeTakeFirst();if(!k)throw new Error(`Account not found for tenant "${r}" and integration "${n}". Make sure to create the account first.`);return d={id:k.id,config:ne(k.config),dek:k.dek??null},d},updateAccount:async l=>{let k=await c.getAccount();await i.db.updateTable("corsair_accounts").set({...l.config!==void 0?{config:l.config}:{},...l.dek!==void 0?{dek:l.dek}:{},updated_at:new Date}).where("id","=",k.id).execute(),d=null}},y=null,h=null,u=async()=>{if(y)return y;let l=await c.getAccount();if(!l.dek)throw new Error(`No DEK found for account (tenant: "${r}", integration: "${n}"). Initialize the account first.`);return y=await D(l.dek,o),y},p=async()=>{if(h)return h;let l=await c.getIntegration();if(!l.dek)throw new Error(`No DEK found for integration "${n}". Initialize the integration first.`);return h=await D(l.dek,o),h},m=async()=>{let l=await c.getAccount(),k=await u(),C=l.config;return!C||Object.keys(C).length===0?{}:$(C,k)},w=async()=>{let l=await c.getIntegration(),k=await p(),C=l.config;return!C||Object.keys(C).length===0?{}:$(C,k)},b={get_dek:u,issue_new_dek:async()=>{let l=await c.getAccount(),k=O(),C={};if(l.dek){let A=await D(l.dek,o),x=l.config;x&&Object.keys(x).length>0&&(C=S(x,A,k))}let I=await K(k,o);return await c.updateAccount({config:C,dek:I}),y=k,k},...ke(m,async l=>{let k=await u(),C;try{C=await m()}catch(x){console.error(`[corsair] Failed to decrypt config for account (tenant: "${r}", integration: "${n}"), starting fresh:`,x),C={}}let I={...C};for(let[x,T]of Object.entries(l))T===null?delete I[x]:I[x]=T;let A=F(I,k);await c.updateAccount({config:A})},a)};return t==="oauth_2"&&(b.get_integration_credentials=async()=>{let l=await w();return{client_id:l.client_id||null,client_secret:l.client_secret||null,redirect_url:l.redirect_url??null}}),b}async function be(e,t,n){let r=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!r)throw new Error(`Integration "${t}" not found.`);let o=O(),i=await K(o,n);return await e.db.updateTable("corsair_integrations").set({dek:i,updated_at:new Date}).where("id","=",r.id).execute(),o}async function we(e,t,n,r){let o=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!o)throw new Error(`Integration "${t}" not found.`);let i=await e.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",n).where("integration_id","=",o.id).executeTakeFirst();if(!i)throw new Error(`Account not found for tenant "${n}" and integration "${t}".`);let s=O(),a=await K(s,r);return await e.db.updateTable("corsair_accounts").set({dek:a,updated_at:new Date}).where("id","=",i.id).execute(),s}var Fe=async(e,t)=>(console.error(`[corsair:${t.pluginId}:${t.operation}]`,{error:e.message,input:t.input}),{maxRetries:0});async function Ce(e,t,n,r,o){let i={pluginId:t,operation:n,input:r,originalError:e},s=Object.keys(o).find(g=>o[g]?.match(e,i));return await(o[s||"DEFAULT"]?.handler||Fe)(e,i)}import{randomBytes as Ne}from"crypto";import{v4 as Be}from"uuid";var Se={open:{read:"allow",write:"allow",destructive:"allow"},cautious:{read:"allow",write:"allow",destructive:"require_approval"},strict:{read:"allow",write:"require_approval",destructive:"deny"},readonly:{read:"allow",write:"deny",destructive:"deny"}};function Ze(e,t,n){return n!==void 0?n:Se[t][e]}function Te(e){let t=/(\d+)(d|h|m|s)/g,n=0,r;for(;(r=t.exec(e))!==null;){let o=parseInt(r[1],10);switch(r[2]){case"d":n+=o*864e5;break;case"h":n+=o*36e5;break;case"m":n+=o*6e4;break;case"s":n+=o*1e3;break}}return n>0?n:600*1e3}function Pe(e){return{async find_by_permission_id(t){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("id","=",t).executeTakeFirst()},async find_by_token(t){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("token","=",t).executeTakeFirst()},async set_executing(t){e&&await e.db.updateTable("corsair_permissions").set({status:"executing",updated_at:new Date}).where("id","=",t).execute()},async set_completed(t){e&&await e.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",t).execute()}}}async function xe(e){let t=Ze(e.riskLevel,e.mode,e.override);if(t==="allow")return{result:"allow"};let n=e.meta?.irreversible?" (irreversible)":"",r=e.meta?.description?`${e.meta.description}${n}`:`${e.pluginId}.${e.endpointPath}${n}`;if(t==="deny"||!e.db)return console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 denied by permission mode '${e.mode}'.`,`
   Action: ${r}`,`
@@ -10,7 +10,7 @@ To generate a KEK, run: openssl rand -base64 ${B}`)}})}var Z={oauth_2:{integrati
   Permission ID:    ${d}`,`
   Permission token: ${g}`,`
   Expires at:       ${c}`,`
-  Use the token to approve or deny this request.`),{result:"blocked"}}function je(e){return typeof e=="function"}function te({endpoints:e,hooks:t,ctx:n,tree:r,pluginId:o,errorHandlers:i,currentPath:s=[],keyBuilder:a,permissionsConfig:d,endpointMeta:g,database:f,approvalConfig:c,tenantId:y}){for(let[h,u]of Object.entries(e)){let p=t?.[h];if(je(u)){let m=p,w=[...s,h].join("."),P=async(b={})=>{let l;if(d){let T=g?.[w],{result:v,onComplete:E}=await xe({pluginId:o,endpointPath:w,args:b,mode:d.mode,override:d.overrides?.[w],riskLevel:T?.riskLevel??"write",meta:T,db:f,timeoutMs:c?Te(c.timeout):void 0,tenantId:y});if(v==="blocked")return null;l=E}let k=async(T,v,E)=>{try{return await u(v,E)}catch(N){if(N instanceof Error){let M=await Ce(N,o,w,typeof E=="object"&&E!==null?E:{args:E},i);if(T<(M.maxRetries||0)){let L=T+1;console.log(`Retrying (${L} / ${M.maxRetries})...`);let _;if(M.headersRetryAfterMs)_=M.headersRetryAfterMs;else switch(M.retryStrategy){case"exponential_backoff":_=Math.pow(2,L-1)*1e3;break;case"exponential_backoff_jitter":let Y=Math.pow(2,L-1)*1e3,Oe=(Math.random()-.5)*1e3;_=Math.max(0,Y+Oe);break;case"linear_1s":_=1e3;break;case"linear_2s":_=2e3;break;case"linear_3s":_=3e3;break;case"linear_4s":_=4e3;break;default:_=1e3;break}await new Promise(Y=>setTimeout(Y,_)),await k(L,v,E),console.log(`[corsair:${o}:${w}] Retry strategy:`,M)}}throw N}},C=a?await a(n,"endpoint"):void 0;if(!m?.before&&!m?.after){let T=await k(0,{...n,key:C},b);return await l?.(),T}let I={...n,key:C},A=m.before?await m.before(I,b):{ctx:I,args:b,continue:!0,passToAfter:void 0};if(A.continue===!1)return;let x=await k(0,A.ctx,A.args);return await m.after?.(A.ctx,x,A.passToAfter),await l?.(),x};r[h]=P}else if(u&&typeof u=="object"){let m={};te({endpoints:u,hooks:p,ctx:n,tree:m,pluginId:o,errorHandlers:i,currentPath:[...s,h],keyBuilder:a,permissionsConfig:d,endpointMeta:g,database:f,approvalConfig:c,tenantId:y}),r[h]=m}}}var Ae=["airtable","amplitude","asana","box","cal","calendly","discord","dropbox","exa","figma","fireflies","github","gmail","googlecalendar","googledrive","googlesheets","hackernews","hubspot","intercom","jira","linear","monday","notion","oura","pagerduty","posthog","resend","sentry","slack","spotify","stripe","tavily","teams","telegram","todoist","trello","twitter","twitterapiio","typeform","zoom"];var Ee="  ";function R(e){let t=e._def,n=t.typeName;switch(n){case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodNull":return"null";case"ZodUnknown":case"ZodAny":return"any";case"ZodLiteral":return String(t.value);case"ZodEnum":return t.values.map(r=>String(r)).join(" | ");case"ZodOptional":return R(t.innerType);case"ZodNullable":return`${R(t.innerType)} | null`;case"ZodArray":{let r=t.type,i=r._def.typeName==="ZodUnion",s=R(r);return`${i?`(${s})`:s}[]`}case"ZodRecord":return"{}";case"ZodObject":{let r=t.shape(),o=Object.entries(r);return o.length===0?"{}":`{ ${o.map(([s,a])=>{let d=a._def.typeName;return`${d==="ZodOptional"||d==="ZodNullable"?s+"?":s}: ${R(a)}`}).join(", ")} }`}case"ZodUnion":return t.options.map(R).join(" | ");case"ZodIntersection":return`${R(t.left)} & ${R(t.right)}`;case"ZodEffects":return R(t.schema);default:return(n??"unknown").replace("Zod","").toLowerCase()}}function j(e,t){let n=e._def,r=n.typeName;if(r==="ZodOptional"||r==="ZodEffects")return j(r==="ZodOptional"?n.innerType:n.schema,t);if(r!=="ZodObject")return R(e);let o=n.shape(),i=Object.entries(o);if(i.length===0)return"{}";let s=Ee.repeat(t+1),a=Ee.repeat(t),d=[];for(let[g,f]of i){let c=f._def,y=c.typeName,u=y==="ZodOptional"||y==="ZodNullable"?`${g}?`:g,p=y==="ZodOptional"||y==="ZodNullable"?c.innerType:f,m=p?._def,w=m?.typeName,P=m?.description,b=P?`  // ${P}`:"";w==="ZodObject"?d.push(`${s}${u}: ${j(p,t+1)}${b}`):d.push(`${s}${u}: ${R(f)}${b}`)}return`{
+  Use the token to approve or deny this request.`),{result:"blocked"}}function je(e){return typeof e=="function"}function te({endpoints:e,hooks:t,ctx:n,tree:r,pluginId:o,errorHandlers:i,currentPath:s=[],keyBuilder:a,permissionsConfig:d,endpointMeta:g,database:f,approvalConfig:c,tenantId:y}){for(let[h,u]of Object.entries(e)){let p=t?.[h];if(je(u)){let m=p,w=[...s,h].join("."),P=async(b={})=>{let l;if(d){let T=g?.[w],{result:v,onComplete:E}=await xe({pluginId:o,endpointPath:w,args:b,mode:d.mode,override:d.overrides?.[w],riskLevel:T?.riskLevel??"write",meta:T,db:f,timeoutMs:c?Te(c.timeout):void 0,tenantId:y});if(v==="blocked")return null;l=E}let k=async(T,v,E)=>{try{return await u(v,E)}catch(N){if(N instanceof Error){let M=await Ce(N,o,w,typeof E=="object"&&E!==null?E:{args:E},i);if(T<(M.maxRetries||0)){let L=T+1;console.log(`Retrying (${L} / ${M.maxRetries})...`);let _;if(M.headersRetryAfterMs)_=M.headersRetryAfterMs;else switch(M.retryStrategy){case"exponential_backoff":_=Math.pow(2,L-1)*1e3;break;case"exponential_backoff_jitter":let Y=Math.pow(2,L-1)*1e3,Oe=(Math.random()-.5)*1e3;_=Math.max(0,Y+Oe);break;case"linear_1s":_=1e3;break;case"linear_2s":_=2e3;break;case"linear_3s":_=3e3;break;case"linear_4s":_=4e3;break;default:_=1e3;break}await new Promise(Y=>setTimeout(Y,_)),await k(L,v,E),console.log(`[corsair:${o}:${w}] Retry strategy:`,M)}}throw N}},C=a?await a(n,"endpoint"):void 0;if(!m?.before&&!m?.after){let T=await k(0,{...n,key:C},b);return await l?.(),T}let I={...n,key:C},A=m.before?await m.before(I,b):{ctx:I,args:b,continue:!0,passToAfter:void 0};if(A.continue===!1)return;let x=await k(0,A.ctx,A.args);return await m.after?.(A.ctx,x,A.passToAfter),await l?.(),x};r[h]=P}else if(u&&typeof u=="object"){let m={};te({endpoints:u,hooks:p,ctx:n,tree:m,pluginId:o,errorHandlers:i,currentPath:[...s,h],keyBuilder:a,permissionsConfig:d,endpointMeta:g,database:f,approvalConfig:c,tenantId:y}),r[h]=m}}}var Ae=["airtable","amplitude","asana","box","cal","calendly","cursor","discord","dropbox","exa","figma","fireflies","github","gmail","googlecalendar","googledrive","googlesheets","hackernews","hubspot","intercom","jira","linear","monday","notion","onedrive","oura","outlook","pagerduty","posthog","resend","sentry","sharepoint","slack","spotify","strava","stripe","tavily","teams","telegram","todoist","trello","twitter","twitterapiio","youtube","typeform","zoom"];var Ee="  ";function R(e){let t=e._def,n=t.typeName;switch(n){case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodNull":return"null";case"ZodUnknown":case"ZodAny":return"any";case"ZodLiteral":return String(t.value);case"ZodEnum":return t.values.map(r=>String(r)).join(" | ");case"ZodOptional":return R(t.innerType);case"ZodNullable":return`${R(t.innerType)} | null`;case"ZodArray":{let r=t.type,i=r._def.typeName==="ZodUnion",s=R(r);return`${i?`(${s})`:s}[]`}case"ZodRecord":return"{}";case"ZodObject":{let r=t.shape(),o=Object.entries(r);return o.length===0?"{}":`{ ${o.map(([s,a])=>{let d=a._def.typeName;return`${d==="ZodOptional"||d==="ZodNullable"?s+"?":s}: ${R(a)}`}).join(", ")} }`}case"ZodUnion":return t.options.map(R).join(" | ");case"ZodIntersection":return`${R(t.left)} & ${R(t.right)}`;case"ZodEffects":return R(t.schema);default:return(n??"unknown").replace("Zod","").toLowerCase()}}function j(e,t){let n=e._def,r=n.typeName;if(r==="ZodOptional"||r==="ZodEffects")return j(r==="ZodOptional"?n.innerType:n.schema,t);if(r!=="ZodObject")return R(e);let o=n.shape(),i=Object.entries(o);if(i.length===0)return"{}";let s=Ee.repeat(t+1),a=Ee.repeat(t),d=[];for(let[g,f]of i){let c=f._def,y=c.typeName,u=y==="ZodOptional"||y==="ZodNullable"?`${g}?`:g,p=y==="ZodOptional"||y==="ZodNullable"?c.innerType:f,m=p?._def,w=m?.typeName,P=m?.description,b=P?`  // ${P}`:"";w==="ZodObject"?d.push(`${s}${u}: ${j(p,t+1)}${b}`):d.push(`${s}${u}: ${R(f)}${b}`)}return`{
 ${d.join(`
 `)}
 ${a}}`}var Re=["equals","contains","startsWith","endsWith","in"],We=["equals","gt","gte","lt","lte","in"],Le=["equals"],He=["equals","before","after","between"];function ie(e){let t=e._def;switch(t.typeName){case"ZodOptional":case"ZodNullable":case"ZodDefault":return ie(t.innerType);case"ZodEffects":return ie(t.schema);case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodDate":return"date";default:return null}}function se(e){let t=e._def,n=t.typeName;if(n==="ZodOptional"||n==="ZodNullable"||n==="ZodDefault")return se(t.innerType);if(n==="ZodEffects")return se(t.schema);if(n!=="ZodObject")return{};let r=t.shape(),o={};for(let[i,s]of Object.entries(r)){let a=ie(s);a==="string"?o[i]={type:"string",operators:Re}:a==="number"?o[i]={type:"number",operators:We}:a==="boolean"?o[i]={type:"boolean",operators:Le}:a==="date"&&(o[i]={type:"date",operators:He})}return o}function Ue(e,t){for(let[n,r]of Object.entries(e))if(n.toLowerCase()===t)return[n,r]}function ae(e,t,n){for(let[r,o]of Object.entries(e)){let i=[...t,r];typeof o=="function"?n.push(i.join(".")):o!==null&&typeof o=="object"&&ae(o,i,n)}}function ce(e){return e!==null&&typeof e=="object"&&"match"in e&&"handler"in e&&typeof e.match=="function"&&typeof e.handler=="function"}function de(e,t,n){for(let[r,o]of Object.entries(e)){let i=[...t,r];ce(o)?n.push(i.join(".")):o!==null&&typeof o=="object"&&de(o,i,n)}}function Ie(e,t){if(t.length===0)return null;let[n,...r]=t,o=Object.entries(e).find(([a])=>a.toLowerCase()===n);if(!o)return null;let[i,s]=o;if(r.length===0)return ce(s)?[i]:null;if(s!==null&&typeof s=="object"&&!ce(s)){let a=Ie(s,r);if(a!==null)return[i,...a]}return null}function qe(e,t,n){let r=[];r.push(`${e}({`),r.push("    webhookHooks: {");for(let s=0;s<t.length;s++){let a="    ".repeat(s+2);r.push(`${a}${t[s]}: {`)}let o="    ".repeat(t.length+2),i=o+"    ";r.push(`${o}before(ctx, args) {`),r.push(`${i}return { ctx, args };`),r.push(`${o}},`),r.push(`${o}after(ctx, response) {`),r.push(n!==null?`${i}// response.data: ${n}`:`${i}// response.data: unknown (register webhookSchemas to see the type)`),r.push(`${o}},`);for(let s=t.length-1;s>=0;s--){let a="    ".repeat(s+2);r.push(`${a}},`)}return r.push("    },"),r.push("})"),r.join(`

package/dist/chunk-QAIKSQAD.js

@@ -0,0 +1 @@
+import{OperationNodeTransformer as a}from"kysely";function n(r){return r instanceof Date?r.toISOString():r!==null&&typeof r=="object"&&!Buffer.isBuffer(r)?JSON.stringify(r):r}var s=class extends a{transformValue(e){let t=n(e.value);return t===e.value?e:{...e,value:t}}transformPrimitiveValueList(e){let t=e.values.map(n);return t.some((u,i)=>u!==e.values[i])?{...e,values:t}:e}},l=new s,o=class{transformQuery(e){return l.transformNode(e.node)}async transformResult(e){return e.result}};export{o as a};

package/dist/core.d.ts

@@ -1,6 +1,6 @@
-export { C as CORSAIR_INTERNAL, a as CorsairInternalConfig, c as createCorsair } from './index-DpPKj1ZX.js';
-import { A as AuthTypes, f as AccountKeyManagerFor, I as IntegrationKeyManagerFor } from './index-D_Ah5Tz6.js';
-export { g as AccountFieldNames, m as AllProviders, k as BASE_AUTH_FIELDS, h as BaseAuthFieldConfig, i as BaseKeyManager, e as BaseProviders, K as BeforeHookResult, o as BindEndpoints, a5 as BindWebhooks, a3 as Bivariant, p as BoundEndpointFn, q as BoundEndpointTree, a6 as BoundWebhook, B as BoundWebhookTree, l as CorsairClient, r as CorsairContext, s as CorsairEndpoint, u as CorsairErrorHandler, F as CorsairInspectMethods, a as CorsairIntegration, L as CorsairKeyBuilder, M as CorsairKeyBuilderBase, d as CorsairPermissionsNamespace, C as CorsairPlugin, Q as CorsairPluginContext, c as CorsairSingleTenantClient, b as CorsairTenantWrapper, a7 as CorsairWebhook, a8 as CorsairWebhookHandler, a9 as CorsairWebhookMatcher, S as EndpointHooks, T as EndpointMetaEntry, E as EndpointPathsOf, U as EndpointRiskLevel, G as EndpointSchemaResult, t as EndpointTree, H as EnforcePermissionOptions, J as EnforcePermissionResult, v as ErrorContext, w as ErrorHandler, x as ErrorHandlerAndMatchFunction, y as ErrorMatcher, j as IntegrationFieldNames, V as KeyBuilderContext, O as OAuth2IntegrationCredentials, N as OAuthConfig, X as PermissionMode, Y as PermissionPolicy, n as PickAuth, P as PluginAuthConfig, Z as PluginEndpointMeta, _ as PluginPermissionsConfig, R as RawWebhookRequest, $ as RequiredPluginEndpointMeta, a0 as RequiredPluginEndpointSchemas, a1 as RequiredPluginWebhookSchemas, z as RetryStrategies, D as RetryStrategy, a4 as UnionToIntersection, a2 as WebhookHooks, aa as WebhookPathsOf, ab as WebhookRequest, W as WebhookResponse, ac as WebhookTree } from './index-D_Ah5Tz6.js';
+export { C as CORSAIR_INTERNAL, a as CorsairInternalConfig, c as createCorsair } from './index-BnadO6xy.js';
+import { A as AuthTypes, f as AccountKeyManagerFor, I as IntegrationKeyManagerFor } from './index-BRqL1nFq.js';
+export { g as AccountFieldNames, m as AllProviders, k as BASE_AUTH_FIELDS, h as BaseAuthFieldConfig, i as BaseKeyManager, e as BaseProviders, K as BeforeHookResult, o as BindEndpoints, a5 as BindWebhooks, a3 as Bivariant, p as BoundEndpointFn, q as BoundEndpointTree, a6 as BoundWebhook, B as BoundWebhookTree, l as CorsairClient, r as CorsairContext, s as CorsairEndpoint, u as CorsairErrorHandler, F as CorsairInspectMethods, a as CorsairIntegration, L as CorsairKeyBuilder, M as CorsairKeyBuilderBase, d as CorsairPermissionsNamespace, C as CorsairPlugin, Q as CorsairPluginContext, c as CorsairSingleTenantClient, b as CorsairTenantWrapper, a7 as CorsairWebhook, a8 as CorsairWebhookHandler, a9 as CorsairWebhookMatcher, S as EndpointHooks, T as EndpointMetaEntry, E as EndpointPathsOf, U as EndpointRiskLevel, G as EndpointSchemaResult, t as EndpointTree, H as EnforcePermissionOptions, J as EnforcePermissionResult, v as ErrorContext, w as ErrorHandler, x as ErrorHandlerAndMatchFunction, y as ErrorMatcher, j as IntegrationFieldNames, V as KeyBuilderContext, O as OAuth2IntegrationCredentials, N as OAuthConfig, X as PermissionMode, Y as PermissionPolicy, n as PickAuth, P as PluginAuthConfig, Z as PluginEndpointMeta, _ as PluginPermissionsConfig, R as RawWebhookRequest, $ as RequiredPluginEndpointMeta, a0 as RequiredPluginEndpointSchemas, a1 as RequiredPluginWebhookSchemas, z as RetryStrategies, D as RetryStrategy, a4 as UnionToIntersection, a2 as WebhookHooks, aa as WebhookPathsOf, ab as WebhookRequest, W as WebhookResponse, ac as WebhookTree } from './index-BRqL1nFq.js';
 import { CorsairDatabase } from './db.js';
 import 'zod';
 import './orm.js';

package/dist/core.js

@@ -1 +1 @@
-import{a,b,c,d,e,f,g,h,i,j,k,l,m,o as n,p as o,q as p,r as q}from"./chunk-ZWWGVPSP.js";import"./chunk-2PB34FTK.js";import"./chunk-73HYPGOI.js";export{i as BASE_AUTH_FIELDS,p as CORSAIR_INTERNAL,k as createAccountKeyManager,q as createCorsair,j as createIntegrationKeyManager,g as decryptConfig,c as decryptDEK,e as decryptWithDEK,f as encryptConfig,b as encryptDEK,d as encryptWithDEK,a as generateDEK,m as initializeAccountDEK,l as initializeIntegrationDEK,n as logEvent,o as logEventFromContext,h as reEncryptConfig};
+import{a,b,c,d,e,f,g,h,i,j,k,l,m,o as n,p as o,q as p,r as q}from"./chunk-KVGGQMXC.js";import"./chunk-2PB34FTK.js";import"./chunk-B6CM5Q2M.js";import"./chunk-QAIKSQAD.js";export{i as BASE_AUTH_FIELDS,p as CORSAIR_INTERNAL,k as createAccountKeyManager,q as createCorsair,j as createIntegrationKeyManager,g as decryptConfig,c as decryptDEK,e as decryptWithDEK,f as encryptConfig,b as encryptDEK,d as encryptWithDEK,a as generateDEK,m as initializeAccountDEK,l as initializeIntegrationDEK,n as logEvent,o as logEventFromContext,h as reEncryptConfig};

package/dist/db.js

@@ -1 +1 @@
-import{a as g}from"./chunk-N2XRSSRL.js";import{a as b,b as c,c as d,d as e,e as f}from"./chunk-HO245J34.js";import{a}from"./chunk-73HYPGOI.js";export{c as CorsairAccountsSchema,d as CorsairEntitiesSchema,e as CorsairEventsSchema,b as CorsairIntegrationsSchema,f as CorsairPermissionsSchema,a as createCorsairDatabase,g as sql};
+import{a as g}from"./chunk-N2XRSSRL.js";import{a as b,b as c,c as d,d as e,e as f}from"./chunk-HO245J34.js";import{a}from"./chunk-B6CM5Q2M.js";import"./chunk-QAIKSQAD.js";export{c as CorsairAccountsSchema,d as CorsairEntitiesSchema,e as CorsairEventsSchema,b as CorsairIntegrationsSchema,f as CorsairPermissionsSchema,a as createCorsairDatabase,g as sql};

package/dist/{index-D_Ah5Tz6.d.ts → index-BRqL1nFq.d.ts}

@@ -3,8 +3,8 @@ import { CorsairPluginSchema, PluginEntityClients } from './orm.js';
 import { CorsairDatabase, CorsairDatabaseInput, CorsairPermission } from './db.js';
 
 type AllErrors = 'RATE_LIMIT_ERROR' | 'AUTH_ERROR' | 'PERMISSION_ERROR' | 'NETWORK_ERROR' | 'TIMEOUT_ERROR' | 'SERVER_ERROR' | 'VALIDATION_ERROR' | 'NOT_FOUND_ERROR' | 'BAD_REQUEST_ERROR' | 'PARSING_ERROR' | 'DEFAULT' | (string & {});
-declare const BaseProviders: readonly ["airtable", "amplitude", "asana", "box", "cal", "calendly", "discord", "dropbox", "exa", "figma", "fireflies", "github", "gmail", "googlecalendar", "googledrive", "googlesheets", "hackernews", "hubspot", "intercom", "jira", "linear", "monday", "notion", "oura", "pagerduty", "posthog", "resend", "sentry", "slack", "spotify", "stripe", "tavily", "teams", "telegram", "todoist", "trello", "twitter", "twitterapiio", "typeform", "zoom"];
-type AllProviders = 'airtable' | 'amplitude' | 'asana' | 'box' | 'cal' | 'calendly' | 'discord' | 'dropbox' | 'exa' | 'figma' | 'fireflies' | 'github' | 'gmail' | 'googlecalendar' | 'googledrive' | 'googlesheets' | 'hackernews' | 'hubspot' | 'intercom' | 'jira' | 'linear' | 'monday' | 'notion' | 'oura' | 'pagerduty' | 'posthog' | 'resend' | 'sentry' | 'slack' | 'spotify' | 'stripe' | 'tavily' | 'teams' | 'telegram' | 'todoist' | 'trello' | 'twitter' | 'twitterapiio' | 'typeform' | 'zoom' | (string & {});
+declare const BaseProviders: readonly ["airtable", "amplitude", "asana", "box", "cal", "calendly", "cursor", "discord", "dropbox", "exa", "figma", "fireflies", "github", "gmail", "googlecalendar", "googledrive", "googlesheets", "hackernews", "hubspot", "intercom", "jira", "linear", "monday", "notion", "onedrive", "oura", "outlook", "pagerduty", "posthog", "resend", "sentry", "sharepoint", "slack", "spotify", "strava", "stripe", "tavily", "teams", "telegram", "todoist", "trello", "twitter", "twitterapiio", "youtube", "typeform", "zoom"];
+type AllProviders = 'airtable' | 'amplitude' | 'asana' | 'box' | 'cal' | 'calendly' | 'cursor' | 'discord' | 'dropbox' | 'exa' | 'figma' | 'fireflies' | 'github' | 'gmail' | 'googlecalendar' | 'googledrive' | 'googlesheets' | 'hackernews' | 'hubspot' | 'intercom' | 'jira' | 'linear' | 'monday' | 'notion' | 'onedrive' | 'oura' | 'outlook' | 'pagerduty' | 'posthog' | 'resend' | 'sentry' | 'sharepoint' | 'slack' | 'spotify' | 'strava' | 'stripe' | 'tavily' | 'teams' | 'telegram' | 'todoist' | 'trello' | 'twitter' | 'twitterapiio' | 'youtube' | 'typeform' | 'zoom' | (string & {});
 type AuthTypes = 'oauth_2' | 'api_key' | 'bot_token';
 type PickAuth<T extends AuthTypes> = T;
 

package/dist/{index-DpPKj1ZX.d.ts → index-BnadO6xy.d.ts}

@@ -1,5 +1,5 @@
 import { CorsairDatabase } from './db.js';
-import { C as CorsairPlugin, a as CorsairIntegration, b as CorsairTenantWrapper, c as CorsairSingleTenantClient } from './index-D_Ah5Tz6.js';
+import { C as CorsairPlugin, a as CorsairIntegration, b as CorsairTenantWrapper, c as CorsairSingleTenantClient } from './index-BRqL1nFq.js';
 
 declare const CORSAIR_INTERNAL: unique symbol;
 type CorsairInternalConfig = {

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-export { c as createCorsair } from './index-DpPKj1ZX.js';
-import { d as CorsairPermissionsNamespace, B as BoundWebhookTree, R as RawWebhookRequest, e as BaseProviders, W as WebhookResponse } from './index-D_Ah5Tz6.js';
+export { c as createCorsair } from './index-BnadO6xy.js';
+import { d as CorsairPermissionsNamespace, B as BoundWebhookTree, R as RawWebhookRequest, e as BaseProviders, W as WebhookResponse } from './index-BRqL1nFq.js';
 export { SetupCorsairOptions, setupCorsair } from './setup.js';
 import './db.js';
 import 'kysely';

package/dist/index.js

@@ -1 +1 @@
-import{a as W}from"./chunk-BEVGZD7X.js";import{n as k,r as x}from"./chunk-ZWWGVPSP.js";import"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import"./chunk-HO245J34.js";import"./chunk-73HYPGOI.js";var R=Symbol.for("corsair:internal");function P(n,r){let o=n;for(let e of r){if(!o||typeof o!="object")return null;o=o[e]}return typeof o=="function"?o:null}function b(n){return n[R]?.database}async function I(n,r){let o=new Date().toISOString(),e=await n.permissions.find_by_token(r);if(!e)return console.error("executePermission: no permission found for token."),{error:"executePermission: no permission found for token."};if(e.status!=="approved")return console.error(`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`};if(e.expires_at<o){let i=b(n);return i&&await i.db.updateTable("corsair_permissions").set({status:"expired",updated_at:new Date}).where("id","=",e.id).execute(),console.error(`executePermission: permission '${e.id}' has expired.`),{error:`executePermission: permission '${e.id}' has expired.`,endpoint:e.endpoint,plugin:e.plugin,result:null}}let t=e.tenant_id??"default",g=(n.withTenant?n.withTenant(t):n)[e.plugin];if(!g?.api)return console.error(`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`),{error:`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`,plugin:e.plugin,endpoint:e.endpoint,result:null};let d=P(g.api,e.endpoint.split("."));if(!d)return console.error(`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`};await n.permissions.set_executing(e.id);try{let i=typeof e.args=="string"?JSON.parse(e.args):e.args,a=await d(i);return await n.permissions.set_completed(e.id),{plugin:e.plugin,endpoint:e.endpoint,result:a}}catch(i){let a=i instanceof Error?i.message:String(i),c=b(n);return c&&await c.db.updateTable("corsair_permissions").set({status:"failed",error:a,updated_at:new Date}).where("id","=",e.id).execute(),{plugin:e.plugin,endpoint:e.endpoint,result:null,error:a}}}function B(n){return n!==null&&typeof n=="object"&&"match"in n&&"handler"in n&&typeof n.match=="function"&&typeof n.handler=="function"}function m(n,r,o=[]){for(let[e,t]of Object.entries(n))if(B(t)){if(t.match(r))return{webhook:t,path:[...o,e]}}else if(t&&typeof t=="object"){let s=m(t,r,[...o,e]);if(s)return s}return null}function C(n){let r={};for(let[o,e]of Object.entries(n))r[o.toLowerCase()]=Array.isArray(e)?e[0]:e;return r}function S(n){let r=n["x-goog-resource-uri"],o=n["x-goog-channel-id"];if(!r||!o)return null;let e={resourceId:n["x-goog-resource-id"]||"",resourceState:n["x-goog-resource-state"]||"",resourceUri:r,channelId:o,channelExpiration:n["x-goog-channel-expiration"]||""};return r.includes("/drive/")&&(e.kind="drive#change"),{message:{data:Buffer.from(JSON.stringify(e)).toString("base64"),messageId:n["x-goog-message-number"]||""}}}async function T(n,r,o,e){let t=C(r),s=typeof o=="string"?JSON.parse(o):o;(!s||typeof s=="object"&&Object.keys(s).length===0)&&t["x-goog-resource-uri"]&&(s=S(t)||s);let d={headers:t,body:s},i=e?.tenantId||"default",a=n.withTenant?n.withTenant(i):n,c=k;for(let l of c){let p=a[l];if(!p||!p.webhooks||p.pluginWebhookMatcher&&!p.pluginWebhookMatcher(d))continue;let f=m(p.webhooks,d);if(!f)continue;let h=f.path.join("."),w={payload:s,headers:t,rawBody:typeof o=="string"?o:JSON.stringify(o)};try{let u=await f.webhook.handler(w),y=!!Object.keys(u.returnToSender||{})?.length;return{plugin:l,action:h,body:s,response:y?{...u?.returnToSender,success:!0}:{success:!0},...u.responseHeaders&&{responseHeaders:u.responseHeaders}}}catch(u){return console.error(`Error executing webhook handler for ${l}.${h}:`,u),{plugin:l,action:h,body:s,response:{success:!1,error:u instanceof Error?u.message:"Unknown error"}}}}return{plugin:null,action:null,body:null}}export{x as createCorsair,I as executePermission,T as processWebhook,W as setupCorsair};
+import{a as W}from"./chunk-ACRK2W72.js";import{n as k,r as x}from"./chunk-KVGGQMXC.js";import"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import"./chunk-HO245J34.js";import"./chunk-B6CM5Q2M.js";import"./chunk-QAIKSQAD.js";var R=Symbol.for("corsair:internal");function P(n,r){let o=n;for(let e of r){if(!o||typeof o!="object")return null;o=o[e]}return typeof o=="function"?o:null}function b(n){return n[R]?.database}async function I(n,r){let o=new Date().toISOString(),e=await n.permissions.find_by_token(r);if(!e)return console.error("executePermission: no permission found for token."),{error:"executePermission: no permission found for token."};if(e.status!=="approved")return console.error(`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`};if(e.expires_at<o){let i=b(n);return i&&await i.db.updateTable("corsair_permissions").set({status:"expired",updated_at:new Date}).where("id","=",e.id).execute(),console.error(`executePermission: permission '${e.id}' has expired.`),{error:`executePermission: permission '${e.id}' has expired.`,endpoint:e.endpoint,plugin:e.plugin,result:null}}let t=e.tenant_id??"default",g=(n.withTenant?n.withTenant(t):n)[e.plugin];if(!g?.api)return console.error(`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`),{error:`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`,plugin:e.plugin,endpoint:e.endpoint,result:null};let d=P(g.api,e.endpoint.split("."));if(!d)return console.error(`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`};await n.permissions.set_executing(e.id);try{let i=typeof e.args=="string"?JSON.parse(e.args):e.args,a=await d(i);return await n.permissions.set_completed(e.id),{plugin:e.plugin,endpoint:e.endpoint,result:a}}catch(i){let a=i instanceof Error?i.message:String(i),c=b(n);return c&&await c.db.updateTable("corsair_permissions").set({status:"failed",error:a,updated_at:new Date}).where("id","=",e.id).execute(),{plugin:e.plugin,endpoint:e.endpoint,result:null,error:a}}}function B(n){return n!==null&&typeof n=="object"&&"match"in n&&"handler"in n&&typeof n.match=="function"&&typeof n.handler=="function"}function m(n,r,o=[]){for(let[e,t]of Object.entries(n))if(B(t)){if(t.match(r))return{webhook:t,path:[...o,e]}}else if(t&&typeof t=="object"){let s=m(t,r,[...o,e]);if(s)return s}return null}function C(n){let r={};for(let[o,e]of Object.entries(n))r[o.toLowerCase()]=Array.isArray(e)?e[0]:e;return r}function S(n){let r=n["x-goog-resource-uri"],o=n["x-goog-channel-id"];if(!r||!o)return null;let e={resourceId:n["x-goog-resource-id"]||"",resourceState:n["x-goog-resource-state"]||"",resourceUri:r,channelId:o,channelExpiration:n["x-goog-channel-expiration"]||""};return r.includes("/drive/")&&(e.kind="drive#change"),{message:{data:Buffer.from(JSON.stringify(e)).toString("base64"),messageId:n["x-goog-message-number"]||""}}}async function T(n,r,o,e){let t=C(r),s=typeof o=="string"?JSON.parse(o):o;(!s||typeof s=="object"&&Object.keys(s).length===0)&&t["x-goog-resource-uri"]&&(s=S(t)||s);let d={headers:t,body:s},i=e?.tenantId||"default",a=n.withTenant?n.withTenant(i):n,c=k;for(let l of c){let p=a[l];if(!p||!p.webhooks||p.pluginWebhookMatcher&&!p.pluginWebhookMatcher(d))continue;let f=m(p.webhooks,d);if(!f)continue;let h=f.path.join("."),w={payload:s,headers:t,rawBody:typeof o=="string"?o:JSON.stringify(o)};try{let u=await f.webhook.handler(w),y=!!Object.keys(u.returnToSender||{})?.length;return{plugin:l,action:h,body:s,response:y?{...u?.returnToSender,success:!0}:{success:!0},...u.responseHeaders&&{responseHeaders:u.responseHeaders}}}catch(u){return console.error(`Error executing webhook handler for ${l}.${h}:`,u),{plugin:l,action:h,body:s,response:{success:!1,error:u instanceof Error?u.message:"Unknown error"}}}}return{plugin:null,action:null,body:null}}export{x as createCorsair,I as executePermission,T as processWebhook,W as setupCorsair};

package/dist/orm.js

@@ -1 +1 @@
-import"./chunk-N2XRSSRL.js";import{b as o,c as e,d as n,e as s}from"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import{a as r,b as t,c as i,d as a}from"./chunk-HO245J34.js";import"./chunk-73HYPGOI.js";export{t as CorsairAccountsSchema,i as CorsairEntitiesSchema,a as CorsairEventsSchema,r as CorsairIntegrationsSchema,o as createCorsairOrm,e as createPluginOrm,s as createPluginOrmFactory,n as createTenantScopedOrm};
+import"./chunk-N2XRSSRL.js";import{b as o,c as e,d as n,e as s}from"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import{a as r,b as t,c as i,d as a}from"./chunk-HO245J34.js";import"./chunk-B6CM5Q2M.js";import"./chunk-QAIKSQAD.js";export{t as CorsairAccountsSchema,i as CorsairEntitiesSchema,a as CorsairEventsSchema,r as CorsairIntegrationsSchema,o as createCorsairOrm,e as createPluginOrm,s as createPluginOrmFactory,n as createTenantScopedOrm};

package/dist/setup.d.ts

@@ -1,4 +1,4 @@
-import { C as CorsairPlugin, c as CorsairSingleTenantClient } from './index-D_Ah5Tz6.js';
+import { C as CorsairPlugin, c as CorsairSingleTenantClient } from './index-BRqL1nFq.js';
 import 'zod';
 import './orm.js';
 import './db.js';

package/dist/setup.js

@@ -1 +1 @@
-import{a as o}from"./chunk-BEVGZD7X.js";import"./chunk-ZWWGVPSP.js";import"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import"./chunk-HO245J34.js";import"./chunk-73HYPGOI.js";export{o as setupCorsair};
+import{a as o}from"./chunk-ACRK2W72.js";import"./chunk-KVGGQMXC.js";import"./chunk-7IH5DNUL.js";import"./chunk-2PB34FTK.js";import"./chunk-HO245J34.js";import"./chunk-B6CM5Q2M.js";import"./chunk-QAIKSQAD.js";export{o as setupCorsair};

package/dist/tests.d.ts

@@ -0,0 +1,15 @@
+import * as kysely from 'kysely';
+import { Kysely } from 'kysely';
+import { CorsairKyselyDatabase, CorsairDatabase } from './db.js';
+import 'zod';
+import 'pg';
+
+declare function createIntegrationAndAccount(db: Kysely<CorsairKyselyDatabase>, pluginId: string, tenantId?: string): Promise<kysely.InsertResult[]>;
+
+declare function createTestDatabase(): {
+    db: Kysely<CorsairKyselyDatabase>;
+    database: CorsairDatabase;
+    cleanup: () => void;
+};
+
+export { createIntegrationAndAccount, createTestDatabase };

package/dist/tests.js

@@ -0,0 +1,42 @@
+import{a as n}from"./chunk-QAIKSQAD.js";function s(a,e,r="default"){let t=new Date,T=`${e}-integration`,o=`${e}-account`;return a.insertInto("corsair_integrations").values({id:T,created_at:t,updated_at:t,name:e,config:{},dek:void 0}).execute().then(()=>a.insertInto("corsair_accounts").values({id:o,created_at:t,updated_at:t,tenant_id:r,integration_id:T,config:{},dek:void 0}).execute())}import i from"better-sqlite3";import{Kysely as E,SqliteDialect as N}from"kysely";function d(){let a=new i(":memory:");a.exec(`
+
+		CREATE TABLE IF NOT EXISTS corsair_integrations (
+			id TEXT PRIMARY KEY,
+			created_at INTEGER NOT NULL,
+			updated_at INTEGER NOT NULL,
+			name TEXT NOT NULL,
+			config TEXT NOT NULL,
+			dek TEXT NULL
+		);
+
+		CREATE TABLE IF NOT EXISTS corsair_accounts (
+			id TEXT PRIMARY KEY,
+			created_at INTEGER NOT NULL,
+			updated_at INTEGER NOT NULL,
+			tenant_id TEXT NOT NULL,
+			integration_id TEXT NOT NULL,
+			config TEXT NOT NULL,
+			dek TEXT NULL
+		);
+
+		CREATE TABLE IF NOT EXISTS corsair_entities (
+			id TEXT PRIMARY KEY,
+			created_at INTEGER NOT NULL,
+			updated_at INTEGER NOT NULL,
+			account_id TEXT NOT NULL,
+			entity_id TEXT NOT NULL,
+			entity_type TEXT NOT NULL,
+			version TEXT NOT NULL,
+			data TEXT NOT NULL
+		);
+
+		CREATE TABLE IF NOT EXISTS corsair_events (
+			id TEXT PRIMARY KEY,
+			created_at INTEGER NOT NULL,
+			updated_at INTEGER NOT NULL,
+			account_id TEXT NOT NULL,
+			event_type TEXT NOT NULL,
+			payload TEXT NOT NULL,
+			status TEXT
+		);
+	`);let e=new E({dialect:new N({database:a}),plugins:[new n]});return{db:e,database:{db:e},cleanup:()=>{e.destroy(),a.close()}}}export{s as createIntegrationAndAccount,d as createTestDatabase};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "corsair",
-  "version": "0.1.52",
+  "version": "0.1.53",
   "description": "",
   "type": "module",
   "main": "./dist/index.js",
@@ -36,6 +36,11 @@
       "dev-source": "./http.ts",
       "types": "./dist/http.d.ts",
       "default": "./dist/http.js"
+    },
+    "./tests": {
+      "dev-source": "./tests.ts",
+      "types": "./dist/tests.d.ts",
+      "default": "./dist/tests.js"
     }
   },
   "dependencies": {

package/dist/chunk-73HYPGOI.js

@@ -1 +0,0 @@
-import{Kysely as i,PostgresDialect as c,SqliteDialect as p}from"kysely";import{OperationNodeTransformer as u}from"kysely";function s(e){return e instanceof Date?e.toISOString():e!==null&&typeof e=="object"&&!Buffer.isBuffer(e)?JSON.stringify(e):e}var o=class extends u{transformValue(r){let t=s(r.value);return t===r.value?r:{...r,value:t}}transformPrimitiveValueList(r){let t=r.values.map(s);return t.some((n,l)=>n!==r.values[l])?{...r,values:t}:r}},y=new o,a=class{transformQuery(r){return y.transformNode(r.node)}async transformResult(r){return r.result}};function f(e){return typeof e.query=="function"&&typeof e.connect=="function"}function m(e){let r=e;return typeof r.prepare=="function"&&typeof r.exec=="function"&&typeof r.close=="function"&&!("query"in e)}function b(e){return typeof e.selectFrom=="function"}function w(e){if(b(e))return{db:e};if(m(e))return{db:new i({dialect:new p({database:e}),plugins:[new a]})};if(f(e))return{db:new i({dialect:new c({pool:e})})};throw new Error("Unsupported database input. Expected a pg Pool, better-sqlite3 Database, or a Kysely instance.")}export{w as a};