oopsdb 1.0.0

package/dist/utils/dumper.js

@@ -0,0 +1,251 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createSnapshot = createSnapshot;
+exports.restoreSnapshot = restoreSnapshot;
+exports.listSnapshots = listSnapshots;
+const child_process_1 = require("child_process");
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+const crypto = __importStar(require("crypto"));
+const promises_1 = require("stream/promises");
+const config_1 = require("./config");
+const CIPHER_ALGO = 'aes-256-cbc';
+function timestamp() {
+    return new Date().toISOString().replace(/[:.]/g, '-');
+}
+function shellEscape(s) {
+    return `'${s.replace(/'/g, "'\\''")}'`;
+}
+/**
+ * Creates an encrypted, streamed snapshot of the database.
+ *
+ * For Postgres/MySQL: spawns pg_dump/mysqldump and pipes stdout → cipher → file.
+ * For SQLite: uses the native .backup command (always writes to a file), then
+ * streams that temp file through the cipher into the final encrypted output.
+ *
+ * Memory footprint stays near-zero regardless of database size.
+ */
+async function createSnapshot(config) {
+    const backupsDir = (0, config_1.getBackupsDir)();
+    const ts = timestamp();
+    if (config.type === 'sqlite') {
+        return createSqliteSnapshot(config, backupsDir, ts);
+    }
+    // Postgres and MySQL both emit SQL to stdout — stream it through the cipher
+    const ext = config.supabase ? 'supabase' : config.type === 'postgres' ? 'pg' : 'mysql';
+    const outFile = path.join(backupsDir, `${ext}_${ts}.sql.enc`);
+    const { cmd, args, env } = getDumpCommand(config);
+    const iv = crypto.randomBytes(16);
+    // Write the IV as the first 16 bytes of the file
+    const outStream = fs.createWriteStream(outFile);
+    outStream.write(iv);
+    const cipher = crypto.createCipheriv(CIPHER_ALGO, (0, config_1.getEncryptionKey)(), iv);
+    const child = (0, child_process_1.spawn)(cmd, args, { env, stdio: ['ignore', 'pipe', 'pipe'] });
+    let stderr = '';
+    child.stderr.on('data', (chunk) => {
+        stderr += chunk.toString();
+    });
+    const exitPromise = new Promise((resolve, reject) => {
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                reject(new Error(stderr || `${cmd} exited with code ${code}`));
+            }
+            else {
+                resolve();
+            }
+        });
+    });
+    await Promise.all([
+        (0, promises_1.pipeline)(child.stdout, cipher, outStream),
+        exitPromise,
+    ]);
+    return outFile;
+}
+/**
+ * Restores a database from an encrypted snapshot file by streaming:
+ * file → decipher → psql/mysql stdin.
+ *
+ * For SQLite: deciphers to a temp file, then copies over the original.
+ */
+async function restoreSnapshot(config, snapshotPath) {
+    if (config.type === 'sqlite') {
+        return restoreSqliteSnapshot(config, snapshotPath);
+    }
+    const { cmd, args, env } = getRestoreCommand(config);
+    const inStream = fs.createReadStream(snapshotPath);
+    // Read the first 16 bytes as IV
+    const iv = await readIV(snapshotPath);
+    const fileStream = fs.createReadStream(snapshotPath, { start: 16 });
+    const decipher = crypto.createDecipheriv(CIPHER_ALGO, (0, config_1.getEncryptionKey)(), iv);
+    const child = (0, child_process_1.spawn)(cmd, args, { env, stdio: ['pipe', 'pipe', 'pipe'] });
+    let stderr = '';
+    child.stderr.on('data', (chunk) => {
+        stderr += chunk.toString();
+    });
+    const exitPromise = new Promise((resolve, reject) => {
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                reject(new Error(stderr || `${cmd} exited with code ${code}`));
+            }
+            else {
+                resolve();
+            }
+        });
+    });
+    await Promise.all([
+        (0, promises_1.pipeline)(fileStream, decipher, child.stdin),
+        exitPromise,
+    ]);
+}
+function listSnapshots() {
+    const backupsDir = (0, config_1.getBackupsDir)();
+    if (!fs.existsSync(backupsDir))
+        return [];
+    return fs
+        .readdirSync(backupsDir)
+        .filter((f) => f.endsWith('.sql.enc') || f.endsWith('.db.enc'))
+        .map((f) => {
+        const fullPath = path.join(backupsDir, f);
+        const stat = fs.statSync(fullPath);
+        return { file: fullPath, time: stat.mtime, size: stat.size };
+    })
+        .sort((a, b) => b.time.getTime() - a.time.getTime());
+}
+// ─── SQLite helpers ──────────────────────────────────────────────────────────
+async function createSqliteSnapshot(config, backupsDir, ts) {
+    const outFile = path.join(backupsDir, `sqlite_${ts}.db.enc`);
+    const tmpFile = path.join(backupsDir, `sqlite_${ts}.db.tmp`);
+    // sqlite3 .backup writes directly to a file — we can't stream its stdout.
+    // Use the native backup, then stream the result through the cipher.
+    const child = (0, child_process_1.spawn)('sqlite3', [config.database, `.backup '${tmpFile}'`]);
+    await new Promise((resolve, reject) => {
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0)
+                reject(new Error(`sqlite3 backup exited with code ${code}`));
+            else
+                resolve();
+        });
+    });
+    // Stream the tmp file through cipher to the encrypted output
+    const iv = crypto.randomBytes(16);
+    const cipher = crypto.createCipheriv(CIPHER_ALGO, (0, config_1.getEncryptionKey)(), iv);
+    const outStream = fs.createWriteStream(outFile);
+    outStream.write(iv);
+    await (0, promises_1.pipeline)(fs.createReadStream(tmpFile), cipher, outStream);
+    // Remove the unencrypted temp file
+    fs.unlinkSync(tmpFile);
+    return outFile;
+}
+async function restoreSqliteSnapshot(config, snapshotPath) {
+    const iv = await readIV(snapshotPath);
+    const decipher = crypto.createDecipheriv(CIPHER_ALGO, (0, config_1.getEncryptionKey)(), iv);
+    const fileStream = fs.createReadStream(snapshotPath, { start: 16 });
+    const outStream = fs.createWriteStream(config.database);
+    await (0, promises_1.pipeline)(fileStream, decipher, outStream);
+}
+// ─── Command builders ────────────────────────────────────────────────────────
+function getDumpCommand(config) {
+    const env = { ...process.env };
+    if (config.type === 'postgres') {
+        if (config.password)
+            env.PGPASSWORD = config.password;
+        if (config.sslmode)
+            env.PGSSLMODE = config.sslmode;
+        const args = [
+            '-h', config.host || 'localhost',
+            '-p', String(config.port || 5432),
+            '-U', config.user || 'postgres',
+        ];
+        // Supabase-specific: skip ownership/privileges that conflict with managed Postgres
+        if (config.supabase) {
+            args.push('--no-owner', '--no-privileges', '--no-subscriptions');
+        }
+        args.push(config.database);
+        return { cmd: 'pg_dump', args, env };
+    }
+    // mysql
+    const args = [
+        '-h', config.host || 'localhost',
+        '-P', String(config.port || 3306),
+        '-u', config.user || 'root',
+    ];
+    if (config.password)
+        args.push(`-p${config.password}`);
+    args.push(config.database);
+    return { cmd: 'mysqldump', args, env };
+}
+function getRestoreCommand(config) {
+    const env = { ...process.env };
+    if (config.type === 'postgres') {
+        if (config.password)
+            env.PGPASSWORD = config.password;
+        if (config.sslmode)
+            env.PGSSLMODE = config.sslmode;
+        return {
+            cmd: 'psql',
+            args: [
+                '-h', config.host || 'localhost',
+                '-p', String(config.port || 5432),
+                '-U', config.user || 'postgres',
+                config.database,
+            ],
+            env,
+        };
+    }
+    // mysql
+    const args = [
+        '-h', config.host || 'localhost',
+        '-P', String(config.port || 3306),
+        '-u', config.user || 'root',
+    ];
+    if (config.password)
+        args.push(`-p${config.password}`);
+    args.push(config.database);
+    return { cmd: 'mysql', args, env };
+}
+// ─── Utilities ───────────────────────────────────────────────────────────────
+function readIV(filePath) {
+    return new Promise((resolve, reject) => {
+        const stream = fs.createReadStream(filePath, { start: 0, end: 15 });
+        const chunks = [];
+        stream.on('data', (chunk) => chunks.push(Buffer.from(chunk)));
+        stream.on('end', () => resolve(Buffer.concat(chunks)));
+        stream.on('error', reject);
+    });
+}

package/dist/utils/license.d.ts

@@ -0,0 +1,29 @@
+export type Tier = 'free' | 'pro' | 'secure';
+export interface LicenseInfo {
+    licenseKey: string;
+    instanceId: string;
+    tier: Tier;
+    activatedAt: string;
+    customerName?: string;
+    customerEmail?: string;
+    variantName?: string;
+}
+export declare function loadLicense(): LicenseInfo | null;
+export declare function removeLicense(): void;
+export declare function getCurrentTier(): Tier;
+export declare function requiresLicense(dbType: string): boolean;
+/**
+ * Activate a license key with LemonSqueezy.
+ * Returns the license info on success, throws on failure.
+ */
+export declare function activateLicense(licenseKey: string): Promise<LicenseInfo>;
+/**
+ * Deactivate the current license.
+ */
+export declare function deactivateLicense(): Promise<void>;
+/**
+ * Validate the current license is still active.
+ * Returns true if valid, false if invalid/expired.
+ * On network error, returns true (offline grace).
+ */
+export declare function validateLicense(): Promise<boolean>;

package/dist/utils/license.js

@@ -0,0 +1,205 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadLicense = loadLicense;
+exports.removeLicense = removeLicense;
+exports.getCurrentTier = getCurrentTier;
+exports.requiresLicense = requiresLicense;
+exports.activateLicense = activateLicense;
+exports.deactivateLicense = deactivateLicense;
+exports.validateLicense = validateLicense;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const https = __importStar(require("https"));
+// License stored globally in ~/.oopsdb/license.json (not per-project)
+const GLOBAL_CONFIG_DIR = path.join(os.homedir(), '.oopsdb');
+const LICENSE_FILE = path.join(GLOBAL_CONFIG_DIR, 'license.json');
+// LemonSqueezy license API
+const LEMONSQUEEZY_API = 'https://api.lemonsqueezy.com/v1/licenses';
+function ensureGlobalDir() {
+    if (!fs.existsSync(GLOBAL_CONFIG_DIR)) {
+        fs.mkdirSync(GLOBAL_CONFIG_DIR, { recursive: true });
+    }
+}
+function loadLicense() {
+    if (!fs.existsSync(LICENSE_FILE))
+        return null;
+    try {
+        return JSON.parse(fs.readFileSync(LICENSE_FILE, 'utf8'));
+    }
+    catch {
+        return null;
+    }
+}
+function saveLicense(license) {
+    ensureGlobalDir();
+    fs.writeFileSync(LICENSE_FILE, JSON.stringify(license, null, 2), 'utf8');
+}
+function removeLicense() {
+    if (fs.existsSync(LICENSE_FILE)) {
+        fs.unlinkSync(LICENSE_FILE);
+    }
+}
+function getCurrentTier() {
+    const license = loadLicense();
+    if (!license)
+        return 'free';
+    return license.tier;
+}
+function requiresLicense(dbType) {
+    return dbType !== 'sqlite';
+}
+function getInstanceName() {
+    return `${os.userInfo().username}@${os.hostname()}`;
+}
+/**
+ * Determine the tier from the LemonSqueezy variant name.
+ */
+function tierFromVariant(variantName) {
+    const lower = variantName.toLowerCase();
+    if (lower.includes('secure'))
+        return 'secure';
+    if (lower.includes('pro'))
+        return 'pro';
+    return 'pro'; // default paid tier
+}
+/**
+ * Make a POST request to LemonSqueezy license API.
+ */
+function lemonSqueezyRequest(endpoint, body) {
+    return new Promise((resolve, reject) => {
+        const postData = new URLSearchParams(body).toString();
+        const options = {
+            hostname: 'api.lemonsqueezy.com',
+            path: `/v1/licenses/${endpoint}`,
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/x-www-form-urlencoded',
+                'Content-Length': Buffer.byteLength(postData),
+                'Accept': 'application/json',
+            },
+        };
+        const req = https.request(options, (res) => {
+            let data = '';
+            res.on('data', (chunk) => { data += chunk; });
+            res.on('end', () => {
+                try {
+                    resolve(JSON.parse(data));
+                }
+                catch {
+                    reject(new Error(`Invalid response from license server`));
+                }
+            });
+        });
+        req.on('error', (err) => {
+            reject(new Error(`Could not reach license server: ${err.message}`));
+        });
+        req.setTimeout(10000, () => {
+            req.destroy();
+            reject(new Error('License server request timed out'));
+        });
+        req.write(postData);
+        req.end();
+    });
+}
+/**
+ * Activate a license key with LemonSqueezy.
+ * Returns the license info on success, throws on failure.
+ */
+async function activateLicense(licenseKey) {
+    const instanceName = getInstanceName();
+    const response = await lemonSqueezyRequest('activate', {
+        license_key: licenseKey,
+        instance_name: instanceName,
+    });
+    if (response.error) {
+        throw new Error(response.error);
+    }
+    if (!response.activated && !response.license_key) {
+        throw new Error(response.error || 'Activation failed. Check your license key.');
+    }
+    const variantName = response.meta?.variant_name || '';
+    const tier = tierFromVariant(variantName);
+    const license = {
+        licenseKey,
+        instanceId: response.instance?.id || '',
+        tier,
+        activatedAt: new Date().toISOString(),
+        customerName: response.meta?.customer_name,
+        customerEmail: response.meta?.customer_email,
+        variantName,
+    };
+    saveLicense(license);
+    return license;
+}
+/**
+ * Deactivate the current license.
+ */
+async function deactivateLicense() {
+    const license = loadLicense();
+    if (!license) {
+        throw new Error('No active license found.');
+    }
+    const response = await lemonSqueezyRequest('deactivate', {
+        license_key: license.licenseKey,
+        instance_id: license.instanceId,
+    });
+    if (response.error && !response.deactivated) {
+        throw new Error(response.error);
+    }
+    removeLicense();
+}
+/**
+ * Validate the current license is still active.
+ * Returns true if valid, false if invalid/expired.
+ * On network error, returns true (offline grace).
+ */
+async function validateLicense() {
+    const license = loadLicense();
+    if (!license)
+        return false;
+    try {
+        const response = await lemonSqueezyRequest('validate', {
+            license_key: license.licenseKey,
+            instance_id: license.instanceId,
+        });
+        return response.valid === true;
+    }
+    catch {
+        // Offline grace: if we can't reach the server, trust the local license
+        return true;
+    }
+}

package/dist/utils/preflight.d.ts

@@ -0,0 +1,2 @@
+import { DbConfig } from './config';
+export declare function preflightCheck(dbType: DbConfig['type'], mode?: 'dump' | 'restore' | 'both'): Promise<boolean>;

package/dist/utils/preflight.js

@@ -0,0 +1,101 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.preflightCheck = preflightCheck;
+const child_process_1 = require("child_process");
+const chalk_1 = __importDefault(require("chalk"));
+const TOOL_MAP = {
+    postgres: {
+        dump: {
+            command: 'pg_dump',
+            versionFlag: '--version',
+            name: 'pg_dump',
+            installHint: '  brew install postgresql     (macOS)\n' +
+                '  sudo apt install postgresql-client  (Ubuntu/Debian)\n' +
+                '  choco install postgresql     (Windows)',
+        },
+        restore: {
+            command: 'psql',
+            versionFlag: '--version',
+            name: 'psql',
+            installHint: '  brew install postgresql     (macOS)\n' +
+                '  sudo apt install postgresql-client  (Ubuntu/Debian)\n' +
+                '  choco install postgresql     (Windows)',
+        },
+    },
+    mysql: {
+        dump: {
+            command: 'mysqldump',
+            versionFlag: '--version',
+            name: 'mysqldump',
+            installHint: '  brew install mysql-client    (macOS)\n' +
+                '  sudo apt install mysql-client   (Ubuntu/Debian)\n' +
+                '  choco install mysql-cli      (Windows)',
+        },
+        restore: {
+            command: 'mysql',
+            versionFlag: '--version',
+            name: 'mysql',
+            installHint: '  brew install mysql-client    (macOS)\n' +
+                '  sudo apt install mysql-client   (Ubuntu/Debian)\n' +
+                '  choco install mysql-cli      (Windows)',
+        },
+    },
+    sqlite: {
+        dump: {
+            command: 'sqlite3',
+            versionFlag: '--version',
+            name: 'sqlite3',
+            installHint: '  brew install sqlite          (macOS)\n' +
+                '  sudo apt install sqlite3     (Ubuntu/Debian)\n' +
+                '  choco install sqlite         (Windows)',
+        },
+        restore: {
+            command: 'sqlite3',
+            versionFlag: '--version',
+            name: 'sqlite3',
+            installHint: '  brew install sqlite          (macOS)\n' +
+                '  sudo apt install sqlite3     (Ubuntu/Debian)\n' +
+                '  choco install sqlite         (Windows)',
+        },
+    },
+};
+function checkTool(tool) {
+    return new Promise((resolve) => {
+        (0, child_process_1.exec)(`${tool.command} ${tool.versionFlag}`, (error, stdout) => {
+            if (error) {
+                resolve(null);
+            }
+            else {
+                resolve(stdout.trim().split('\n')[0]);
+            }
+        });
+    });
+}
+async function preflightCheck(dbType, mode = 'both') {
+    const tools = TOOL_MAP[dbType];
+    const checks = [];
+    if (mode === 'dump' || mode === 'both')
+        checks.push(tools.dump);
+    if (mode === 'restore' || mode === 'both') {
+        // Avoid duplicate check for sqlite (same tool)
+        if (tools.restore.command !== tools.dump.command || mode === 'restore') {
+            checks.push(tools.restore);
+        }
+    }
+    let allGood = true;
+    for (const tool of checks) {
+        const version = await checkTool(tool);
+        if (version) {
+            console.log(chalk_1.default.green(`  ✓ ${tool.name} found`) + chalk_1.default.gray(` (${version})`));
+        }
+        else {
+            console.log(chalk_1.default.red(`  ✗ ${tool.name} not found`));
+            console.log(chalk_1.default.yellow(`\n  Install it:\n${tool.installHint}\n`));
+            allGood = false;
+        }
+    }
+    return allGood;
+}

package/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "oopsdb",
+  "version": "1.0.0",
+  "description": "Don't let AI nuke your database. Auto-backup and 1-click restore for developers using Claude Code, OpenClaw, and other AI coding agents.",
+  "main": "dist/index.js",
+  "bin": {
+    "oopsdb": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "ts-node src/index.ts",
+    "start": "node dist/index.js",
+    "prepublishOnly": "npm run build",
+    "test": "tsc && vitest run tests/unit.test.ts",
+    "test:e2e": "tsc && vitest run tests/e2e.test.ts",
+    "test:all": "tsc && vitest run"
+  },
+  "keywords": [
+    "database",
+    "backup",
+    "restore",
+    "rollback",
+    "claude-code",
+    "ai-safety",
+    "mysql",
+    "postgres",
+    "supabase",
+    "sqlite"
+  ],
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/pintayo/oopsdb.git"
+  },
+  "homepage": "https://oopsdb.com",
+  "engines": {
+    "node": ">=16.0.0"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "chalk": "^4.1.2",
+    "commander": "^12.1.0",
+    "inquirer": "^8.2.6",
+    "ora": "^5.4.1"
+  },
+  "devDependencies": {
+    "@types/inquirer": "^8.2.10",
+    "@types/node": "^22.0.0",
+    "testcontainers": "^11.12.0",
+    "typescript": "^5.7.0",
+    "vitest": "^4.0.18"
+  }
+}