lakebed 0.0.8 → 0.0.9

package/README.md

@@ -60,6 +60,7 @@ export default capsule({
 ## Auth
 
 Every app starts with local guest auth. To let users sign in with Google, render the built-in button. Lakebed always asks Shoo for profile fields so the app can show a useful identifier like `auth.email` or `auth.displayName`.
+Check `auth.isLoading` before showing signed-out UI, because Lakebed may still be confirming a stored session.
 
 ```tsx
 import { SignInWithGoogle, signOut, useAuth } from "lakebed/client";
@@ -68,6 +69,10 @@ export function App() {
   const auth = useAuth();
   const authLabel = auth.email ?? auth.displayName;
 
+  if (auth.isLoading) {
+    return <p>Checking session</p>;
+  }
+
   return auth.isGuest ? (
     <SignInWithGoogle />
   ) : (

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lakebed",
-  "version": "0.0.8",
+  "version": "0.0.9",
   "description": "Agent-native CLI and runtime for building and deploying Lakebed capsules.",
   "license": "UNLICENSED",
   "type": "module",
@@ -29,6 +29,9 @@
     "src/runtime.js",
     "src/server.d.ts",
     "src/server.js",
+    "src/source-runtime-loader.mjs",
+    "src/source-runtime-worker.js",
+    "src/source-runtime.js",
     "src/source-store.js",
     "src/version.js"
   ],
@@ -49,9 +52,6 @@
   "publishConfig": {
     "access": "public"
   },
-  "scripts": {
-    "check": "node --check src/cli.js && node --check src/runtime.js && node --check src/server.js && node --check src/client.js && node --check src/source-store.js && node --check src/anonymous.js && node --check src/anonymous-server.js && node --check src/auth.js && node --check src/version.js"
-  },
   "dependencies": {
     "esbuild": "^0.27.1",
     "pg": "^8.16.3",
@@ -60,5 +60,8 @@
   },
   "devDependencies": {
     "@types/ws": "^8.18.1"
+  },
+  "scripts": {
+    "check": "node --check src/cli.js && node --check src/runtime.js && node --check src/server.js && node --check src/client.js && node --check src/source-store.js && node --check src/source-runtime.js && node --check src/source-runtime-worker.js && node --check src/source-runtime-loader.mjs && node --check src/anonymous.js && node --check src/anonymous-server.js && node --check src/auth.js && node --check src/version.js"
   }
-}
+}

package/src/anonymous-server.js

@@ -12,6 +12,7 @@ import {
   validateAnonymousDeployPayload
 } from "./anonymous.js";
 import { authFromUrl as resolveAuthFromUrl, createGuestAuth, requestOrigin, shooBaseUrlFromEnv } from "./auth.js";
+import { createSourceRuntimeFromEnv } from "./source-runtime.js";
 import { WebSocketServer } from "ws";
 
 function now() {
@@ -3185,6 +3186,7 @@ export async function startAnonymousServer({
   publicRootUrl,
   quiet = false,
   shooBaseUrl = shooBaseUrlFromEnv(),
+  sourceRuntime,
   store
 } = {}) {
   const resolvedAppBaseDomain = normalizeAppBaseDomain(appBaseDomain);
@@ -3193,6 +3195,7 @@ export async function startAnonymousServer({
   const resolvedDeveloperSessionSecret =
     developerSessionSecret || resolvedGithubOAuth?.sessionSecret || resolvedGithubOAuth?.clientSecret || adminPassword || "";
   const resolvedStore = store ?? (await createAnonymousStoreFromEnv());
+  const resolvedSourceRuntime = sourceRuntime === undefined ? createSourceRuntimeFromEnv() : sourceRuntime;
   await resolvedStore.initialize();
   const subscriptions = new Map();
 
@@ -3304,6 +3307,7 @@ export async function startAnonymousServer({
             auth: subscription.auth,
             deployId,
             name,
+            sourceRuntime: resolvedSourceRuntime,
             state: resolvedStore
           });
           websocketSend(ws, { data, name, op: "query.result" });
@@ -3762,6 +3766,7 @@ export async function startAnonymousServer({
             auth: subscription.auth,
             deployId: subscription.deploy.id,
             name: message.name,
+            sourceRuntime: resolvedSourceRuntime,
             state: resolvedStore
           });
           websocketSend(ws, { data, id: message.id, name: message.name, ok: true, op: "query.result" });
@@ -3779,7 +3784,9 @@ export async function startAnonymousServer({
             artifact: subscription.artifact,
             auth: subscription.auth,
             deployId: subscription.deploy.id,
+            limits: subscription.deploy.limits,
             name: message.name,
+            sourceRuntime: resolvedSourceRuntime,
             state: resolvedStore
           });
           websocketSend(ws, { id: message.id, ok: true, op: "mutation.result", result });

package/src/anonymous.js

@@ -1021,7 +1021,7 @@ function metadataFields() {
   return new Set(["id", "createdAt", "updatedAt"]);
 }
 
-function assertFieldValue(tableName, fieldName, field, value) {
+function assertFieldValue(tableName, fieldName, field, value, limits = DEFAULT_ANONYMOUS_LIMITS) {
   if (value === undefined) {
     throw new Error(`Missing value for ${tableName}.${fieldName}`);
   }
@@ -1034,12 +1034,13 @@ function assertFieldValue(tableName, fieldName, field, value) {
     throw new Error(`Expected ${tableName}.${fieldName} to be a boolean.`);
   }
 
-  if (byteLength(value) > DEFAULT_ANONYMOUS_LIMITS.maxValueBytes) {
-    throw new Error(`Value for ${tableName}.${fieldName} exceeds ${DEFAULT_ANONYMOUS_LIMITS.maxValueBytes} bytes.`);
+  const maxValueBytes = limits.maxValueBytes ?? DEFAULT_ANONYMOUS_LIMITS.maxValueBytes;
+  if (byteLength(value) > maxValueBytes) {
+    throw new Error(`Value for ${tableName}.${fieldName} exceeds ${maxValueBytes} bytes.`);
   }
 }
 
-function prepareInsert(schema, tableName, value) {
+function prepareInsert(schema, tableName, value, limits = DEFAULT_ANONYMOUS_LIMITS) {
   const table = schema[tableName];
   if (!table) {
     throw new Error(`Unknown table: ${tableName}`);
@@ -1065,14 +1066,14 @@ function prepareInsert(schema, tableName, value) {
 
   for (const [fieldName, field] of Object.entries(fields)) {
     const valueOrDefault = value[fieldName] ?? field.defaultValue;
-    assertFieldValue(tableName, fieldName, field, valueOrDefault);
+    assertFieldValue(tableName, fieldName, field, valueOrDefault, limits);
     row[fieldName] = valueOrDefault;
   }
 
   return row;
 }
 
-function preparePatch(schema, tableName, patch) {
+function preparePatch(schema, tableName, patch, limits = DEFAULT_ANONYMOUS_LIMITS) {
   const table = schema[tableName];
   if (!table) {
     throw new Error(`Unknown table: ${tableName}`);
@@ -1089,7 +1090,7 @@ function preparePatch(schema, tableName, patch) {
       throw new Error(`Lakebed manages ${tableName}.${key}; app code cannot update it directly.`);
     }
 
-    assertFieldValue(tableName, key, fields[key], value);
+    assertFieldValue(tableName, key, fields[key], value, limits);
     cleanPatch[key] = value;
   }
 
@@ -1097,6 +1098,14 @@ function preparePatch(schema, tableName, patch) {
   return cleanPatch;
 }
 
+export function prepareAnonymousInsert(schema, tableName, value, limits = DEFAULT_ANONYMOUS_LIMITS) {
+  return prepareInsert(schema, tableName, value, limits);
+}
+
+export function prepareAnonymousPatch(schema, tableName, patch, limits = DEFAULT_ANONYMOUS_LIMITS) {
+  return preparePatch(schema, tableName, patch, limits);
+}
+
 function compareValues(left, right) {
   if (left === right) {
     return 0;
@@ -1132,6 +1141,10 @@ async function loadSourceApp(artifact) {
     return null;
   }
 
+  if (process.env.LAKEBED_UNSAFE_IN_PROCESS_SOURCE !== "1") {
+    throw new Error("Claimed-source execution requires a configured source runtime. Set LAKEBED_UNSAFE_IN_PROCESS_SOURCE=1 only for local unsafe debugging.");
+  }
+
   if (!sourceModuleCache.has(source.bundleHash)) {
     const url = `data:text/javascript;base64,${source.bundle}`;
     sourceModuleCache.set(source.bundleHash, import(url).then((module) => module.default));
@@ -1234,9 +1247,13 @@ async function createSourceContext({ artifact, auth, deployId, state }) {
   };
 }
 
-export async function executeAnonymousQuery({ args = [], artifact, auth, deployId, name, state }) {
-  const sourceApp = await loadSourceApp(artifact);
-  if (sourceApp) {
+export async function executeAnonymousQuery({ args = [], artifact, auth, deployId, name, sourceRuntime, state }) {
+  if (artifact.server?.source) {
+    if (sourceRuntime) {
+      return sourceRuntime.executeQuery({ args, artifact, auth, deployId, name, state });
+    }
+
+    const sourceApp = await loadSourceApp(artifact);
     const handler = sourceApp.queries?.[name];
     if (!handler) {
       throw new Error(`Unknown query: ${name}`);
@@ -1262,9 +1279,13 @@ async function checkUpdateGuards({ auth, guards = [], row }) {
   return true;
 }
 
-export async function executeAnonymousMutation({ args = [], artifact, auth, deployId, name, state }) {
-  const sourceApp = await loadSourceApp(artifact);
-  if (sourceApp) {
+export async function executeAnonymousMutation({ args = [], artifact, auth, deployId, limits = DEFAULT_ANONYMOUS_LIMITS, name, sourceRuntime, state }) {
+  if (artifact.server?.source) {
+    if (sourceRuntime) {
+      return sourceRuntime.executeMutation({ args, artifact, auth, deployId, limits, name, state });
+    }
+
+    const sourceApp = await loadSourceApp(artifact);
     const handler = sourceApp.mutations?.[name];
     if (!handler) {
       throw new Error(`Unknown mutation: ${name}`);

package/src/cli.js

@@ -1238,6 +1238,7 @@ export function App() {
   const todos = useQuery<Todo[]>("todos");
   const addTodo = useMutation<[text: string], void>("addTodo");
   const authLabel = auth.email ?? auth.displayName;
+  const authStatus = auth.isLoading && auth.isGuest ? "checking session" : "signed in as " + authLabel;
 
   async function onSubmit(event: SubmitEvent) {
     event.preventDefault();
@@ -1256,14 +1257,14 @@ export function App() {
     <main className="min-h-screen bg-black px-6 py-10 text-white">
       <section className="mx-auto max-w-2xl">
         <div className="mb-3 flex items-center justify-between gap-3">
-          <p className="font-mono text-sm text-neutral-500">signed in as {authLabel}</p>
-          {auth.isGuest ? (
+          <p className="font-mono text-sm text-neutral-500">{authStatus}</p>
+          {!auth.isLoading && auth.isGuest ? (
             <SignInWithGoogle className="border border-neutral-700 px-3 py-1.5 text-sm font-medium text-neutral-200 hover:border-white hover:text-white" />
-          ) : (
+          ) : !auth.isLoading ? (
             <button className="text-sm text-neutral-400 hover:text-white" type="button" onClick={() => signOut()}>
               Sign out
             </button>
-          )}
+          ) : null}
         </div>
         <h1 className="mb-8 text-5xl font-bold tracking-tight">${title}</h1>
         <form className="mb-8 flex gap-3" onSubmit={(event) => void onSubmit(event)}>

package/src/client.d.ts

@@ -6,6 +6,7 @@ export type Auth = {
   provider: "guest" | "google";
   isGuest: boolean;
   isAuthenticated: boolean;
+  isLoading?: boolean;
   email?: string;
   emailVerified?: boolean;
   name?: string;

package/src/client.js

@@ -11,7 +11,7 @@ const encoder = new TextEncoder();
 
 let socket = null;
 let nextRequestId = 1;
-let auth = createGuestAuth("local");
+let auth = createInitialAuth();
 const authListeners = new Set();
 const queryValues = new Map();
 const queryListeners = new Map();
@@ -51,6 +51,40 @@ function createGuestAuth(name) {
   };
 }
 
+function withAuthLoading(value, isLoading) {
+  return { ...value, isLoading };
+}
+
+function browserStorage() {
+  if (typeof window === "undefined") {
+    return null;
+  }
+
+  try {
+    return window.localStorage;
+  } catch {
+    return null;
+  }
+}
+
+function currentGuestName() {
+  if (typeof window === "undefined") {
+    return "local";
+  }
+
+  return new URLSearchParams(window.location.search).get("lakebed_guest") ?? "local";
+}
+
+function createInitialAuth() {
+  const token = storedAuthToken();
+  const googleAuth = createGoogleAuthFromToken(token);
+  if (googleAuth) {
+    return withAuthLoading(googleAuth, true);
+  }
+
+  return withAuthLoading(createGuestAuth(currentGuestName()), typeof window !== "undefined");
+}
+
 function emitAuth() {
   for (const listener of authListeners) {
     listener(auth);
@@ -203,7 +237,18 @@ export function decodeIdentityClaims(idToken) {
 }
 
 function readStoredIdentity() {
-  const raw = window.localStorage.getItem(AUTH_STORAGE_KEY) ?? window.localStorage.getItem(LEGACY_SHOO_STORAGE_KEY);
+  const storage = browserStorage();
+  if (!storage) {
+    return { userId: null };
+  }
+
+  let raw = null;
+  try {
+    raw = storage.getItem(AUTH_STORAGE_KEY) ?? storage.getItem(LEGACY_SHOO_STORAGE_KEY);
+  } catch {
+    return { userId: null };
+  }
+
   if (!raw) {
     return { userId: null };
   }
@@ -227,20 +272,38 @@ function readStoredIdentity() {
 }
 
 function persistIdentity(userId, token, expiresIn) {
-  window.localStorage.setItem(
-    AUTH_STORAGE_KEY,
-    JSON.stringify({
-      expiresIn,
-      receivedAt: Date.now(),
-      token,
-      userId
-    })
-  );
+  const storage = browserStorage();
+  if (!storage) {
+    return;
+  }
+
+  try {
+    storage.setItem(
+      AUTH_STORAGE_KEY,
+      JSON.stringify({
+        expiresIn,
+        receivedAt: Date.now(),
+        token,
+        userId
+      })
+    );
+  } catch {
+    // Storage persistence is best effort; server auth remains authoritative.
+  }
 }
 
 function clearStoredIdentity() {
-  window.localStorage.removeItem(AUTH_STORAGE_KEY);
-  window.localStorage.removeItem(LEGACY_SHOO_STORAGE_KEY);
+  const storage = browserStorage();
+  if (!storage) {
+    return;
+  }
+
+  try {
+    storage.removeItem(AUTH_STORAGE_KEY);
+    storage.removeItem(LEGACY_SHOO_STORAGE_KEY);
+  } catch {
+    // Ignore storage failures; reconnecting as guest is still safe.
+  }
 }
 
 function storedAuthToken() {
@@ -372,7 +435,7 @@ async function handleGoogleCallback() {
 
   const localAuth = createGoogleAuthFromToken(token.id_token);
   if (localAuth) {
-    auth = localAuth;
+    auth = withAuthLoading(localAuth, true);
     emitAuth();
   }
 
@@ -438,7 +501,7 @@ function connect() {
     const message = JSON.parse(String(event.data));
 
     if (message.op === "auth.result") {
-      auth = message.auth;
+      auth = withAuthLoading(message.auth, false);
       emitAuth();
       return;
     }
@@ -529,7 +592,7 @@ export async function signInWithGoogle(options = {}) {
 
 export function signOut() {
   clearStoredIdentity();
-  auth = createGuestAuth(new URLSearchParams(window.location.search).get("lakebed_guest") ?? "local");
+  auth = withAuthLoading(createGuestAuth(currentGuestName()), true);
   emitAuth();
   reconnect();
 }

package/src/source-runtime-loader.mjs

@@ -0,0 +1,31 @@
+function isBareSpecifier(specifier) {
+  return !specifier.startsWith(".") && !specifier.startsWith("/") && !/^[a-zA-Z][a-zA-Z0-9+.-]*:/.test(specifier);
+}
+
+function isWorkerInternalImport(context) {
+  return !context.parentURL || context.parentURL.startsWith("file:");
+}
+
+export async function resolve(specifier, context, nextResolve) {
+  if (specifier.startsWith("node:")) {
+    if (isWorkerInternalImport(context)) {
+      return nextResolve(specifier, context);
+    }
+
+    throw new Error(`Source runtime imports are not available: ${specifier}`);
+  }
+
+  if (isBareSpecifier(specifier)) {
+    throw new Error(`Source runtime imports are not available: ${specifier}`);
+  }
+
+  if (specifier.startsWith("file:") && context.parentURL) {
+    throw new Error(`Source runtime file imports are not available: ${specifier}`);
+  }
+
+  if (specifier.startsWith("/") || specifier.startsWith("./") || specifier.startsWith("../")) {
+    throw new Error(`Source runtime relative imports are not available: ${specifier}`);
+  }
+
+  return nextResolve(specifier, context);
+}