npm - pgserve - Versions diffs - 2.1.3 → 2.2.1 - Mend

pgserve 2.1.3 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

package/CHANGELOG.md +96 -0
package/README.md +105 -1
package/bin/autopg-wrapper.cjs +16 -0
package/bin/pgserve-wrapper.cjs +32 -6
package/bin/postgres-server.js +56 -0
package/console/README.md +131 -0
package/console/api.js +173 -0
package/console/app.jsx +483 -0
package/console/colors_and_type.css +227 -0
package/console/components.jsx +167 -0
package/console/console.css +1666 -0
package/console/data.jsx +350 -0
package/console/index.html +31 -0
package/console/screens/databases.jsx +5 -0
package/console/screens/health.jsx +5 -0
package/console/screens/ingress.jsx +5 -0
package/console/screens/optimizer.jsx +5 -0
package/console/screens/rlm-sim.jsx +5 -0
package/console/screens/rlm-trace.jsx +5 -0
package/console/screens/security.jsx +5 -0
package/console/screens/settings.jsx +611 -0
package/console/screens/sql.jsx +5 -0
package/console/screens/sync.jsx +5 -0
package/console/screens/tables.jsx +5 -0
package/console/tweaks-panel.jsx +425 -0
package/package.json +14 -2
package/scripts/postinstall.cjs +60 -0
package/src/cli-config.cjs +310 -0
package/src/cli-install.cjs +112 -11
package/src/cli-restart.cjs +228 -0
package/src/cli-ui.cjs +580 -0
package/src/cluster.js +43 -38
package/src/postgres.js +141 -19
package/src/settings-loader.cjs +235 -0
package/src/settings-migrate.cjs +212 -0
package/src/settings-pg-args.cjs +146 -0
package/src/settings-schema.cjs +422 -0
package/src/settings-validator.cjs +416 -0
package/src/settings-writer.cjs +288 -0
package/src/upgrade/index.js +65 -0
package/src/upgrade/runner.js +23 -0
package/src/upgrade/steps/binary-cache-flush.js +67 -0
package/src/upgrade/steps/consumer-signal.js +40 -0
package/src/upgrade/steps/env-refresh.js +89 -0
package/src/upgrade/steps/health-validate.js +53 -0
package/src/upgrade/steps/plpgsql-resolve.js +66 -0
package/src/upgrade/steps/port-reconcile.js +52 -0
package/.claude/context/windows-debug.md +0 -119
package/.genie/AGENTS.md +0 -15
package/.genie/agents/README.md +0 -110
package/.genie/agents/analyze.md +0 -176
package/.genie/agents/forge.md +0 -290
package/.genie/agents/garbage-cleaner.md +0 -324
package/.genie/agents/garbage-collector.md +0 -596
package/.genie/agents/github-issue-gc.md +0 -618
package/.genie/agents/review.md +0 -380
package/.genie/agents/semantic-analyzer/find-duplicates.md +0 -90
package/.genie/agents/semantic-analyzer/find-orphans.md +0 -99
package/.genie/agents/semantic-analyzer.md +0 -101
package/.genie/agents/update.md +0 -182
package/.genie/agents/wish.md +0 -357
package/.genie/brainstorms/pgserve-v2/DESIGN.md +0 -174
package/.genie/code/AGENTS.md +0 -694
package/.genie/code/agents/audit/risk.md +0 -173
package/.genie/code/agents/audit/security.md +0 -189
package/.genie/code/agents/audit.md +0 -145
package/.genie/code/agents/challenge.md +0 -230
package/.genie/code/agents/change-reviewer.md +0 -295
package/.genie/code/agents/code-garbage-collector.md +0 -425
package/.genie/code/agents/code-quality.md +0 -410
package/.genie/code/agents/commit-suggester.md +0 -255
package/.genie/code/agents/commit.md +0 -124
package/.genie/code/agents/consensus.md +0 -204
package/.genie/code/agents/daily-standup.md +0 -722
package/.genie/code/agents/docgen.md +0 -48
package/.genie/code/agents/explore.md +0 -79
package/.genie/code/agents/fix.md +0 -100
package/.genie/code/agents/git/commit-advisory.md +0 -219
package/.genie/code/agents/git/workflows/issue.md +0 -244
package/.genie/code/agents/git/workflows/pr.md +0 -179
package/.genie/code/agents/git/workflows/release.md +0 -460
package/.genie/code/agents/git/workflows/report.md +0 -342
package/.genie/code/agents/git.md +0 -432
package/.genie/code/agents/implementor.md +0 -161
package/.genie/code/agents/install.md +0 -515
package/.genie/code/agents/issue-creator.md +0 -344
package/.genie/code/agents/polish.md +0 -116
package/.genie/code/agents/qa.md +0 -653
package/.genie/code/agents/refactor.md +0 -294
package/.genie/code/agents/release.md +0 -1129
package/.genie/code/agents/roadmap.md +0 -885
package/.genie/code/agents/tests.md +0 -557
package/.genie/code/agents/tracer.md +0 -50
package/.genie/code/agents/update/upstream-update.md +0 -85
package/.genie/code/agents/update/versions/generic-update.md +0 -305
package/.genie/code/agents/vibe.md +0 -1317
package/.genie/code/spells/agent-configuration.md +0 -58
package/.genie/code/spells/automated-rc-publishing.md +0 -106
package/.genie/code/spells/branch-tracker-guidance.md +0 -28
package/.genie/code/spells/debug.md +0 -320
package/.genie/code/spells/emoji-naming-convention.md +0 -303
package/.genie/code/spells/evidence-storage.md +0 -26
package/.genie/code/spells/file-naming-rules.md +0 -35
package/.genie/code/spells/forge-code-blueprints.md +0 -195
package/.genie/code/spells/genie-integration.md +0 -153
package/.genie/code/spells/publishing-protocol.md +0 -61
package/.genie/code/spells/team-consultation-protocol.md +0 -284
package/.genie/code/spells/tool-requirements.md +0 -20
package/.genie/code/spells/triad-maintenance-protocol.md +0 -154
package/.genie/code/teams/tech-council/council.md +0 -328
package/.genie/code/teams/tech-council/jt.md +0 -352
package/.genie/code/teams/tech-council/nayr.md +0 -305
package/.genie/code/teams/tech-council/oettam.md +0 -375
package/.genie/neurons/README.md +0 -193
package/.genie/neurons/forge.md +0 -106
package/.genie/neurons/genie.md +0 -63
package/.genie/neurons/review.md +0 -106
package/.genie/neurons/wish.md +0 -104
package/.genie/product/README.md +0 -20
package/.genie/product/cli-automation.md +0 -359
package/.genie/product/environment.md +0 -60
package/.genie/product/mission.md +0 -60
package/.genie/product/roadmap.md +0 -44
package/.genie/product/tech-stack.md +0 -34
package/.genie/product/templates/context-template.md +0 -218
package/.genie/product/templates/qa-done-report-template.md +0 -68
package/.genie/product/templates/review-report-template.md +0 -89
package/.genie/product/templates/wish-template.md +0 -120
package/.genie/scripts/helpers/analyze-commit.js +0 -195
package/.genie/scripts/helpers/bullet-counter.js +0 -194
package/.genie/scripts/helpers/bullet-find.js +0 -289
package/.genie/scripts/helpers/bullet-id.js +0 -244
package/.genie/scripts/helpers/check-secrets.js +0 -237
package/.genie/scripts/helpers/count-tokens.js +0 -200
package/.genie/scripts/helpers/create-frontmatter.js +0 -456
package/.genie/scripts/helpers/detect-markers.js +0 -293
package/.genie/scripts/helpers/detect-todos.js +0 -267
package/.genie/scripts/helpers/detect-unlabeled-blocks.js +0 -135
package/.genie/scripts/helpers/embeddings.js +0 -344
package/.genie/scripts/helpers/find-empty-sections.js +0 -158
package/.genie/scripts/helpers/index.js +0 -319
package/.genie/scripts/helpers/validate-frontmatter.js +0 -578
package/.genie/scripts/helpers/validate-links.js +0 -207
package/.genie/scripts/helpers/validate-paths.js +0 -373
package/.genie/spells/README.md +0 -9
package/.genie/spells/ace-protocol.md +0 -118
package/.genie/spells/ask-one-at-a-time.md +0 -175
package/.genie/spells/backup-analyzer.md +0 -542
package/.genie/spells/blocker.md +0 -12
package/.genie/spells/break-things-move-fast.md +0 -56
package/.genie/spells/context-candidates.md +0 -72
package/.genie/spells/context-critic.md +0 -51
package/.genie/spells/defer-to-expertise.md +0 -278
package/.genie/spells/delegate-dont-do.md +0 -292
package/.genie/spells/error-investigation-protocol.md +0 -328
package/.genie/spells/evidence-based-completion.md +0 -273
package/.genie/spells/experiment.md +0 -65
package/.genie/spells/file-creation-protocol.md +0 -229
package/.genie/spells/forge-integration.md +0 -281
package/.genie/spells/forge-orchestration.md +0 -514
package/.genie/spells/gather-context.md +0 -18
package/.genie/spells/global-health-check.md +0 -34
package/.genie/spells/global-noop-roundtrip.md +0 -25
package/.genie/spells/install-genie.md +0 -1232
package/.genie/spells/install.md +0 -82
package/.genie/spells/investigate-before-commit.md +0 -112
package/.genie/spells/know-yourself.md +0 -288
package/.genie/spells/learn.md +0 -828
package/.genie/spells/mcp-diagnostic-protocol.md +0 -246
package/.genie/spells/mcp-first.md +0 -124
package/.genie/spells/multi-step-execution.md +0 -67
package/.genie/spells/orchestration-boundary-protocol.md +0 -256
package/.genie/spells/orchestrator-not-implementor.md +0 -189
package/.genie/spells/prompt.md +0 -746
package/.genie/spells/reflect.md +0 -404
package/.genie/spells/routing-decision-matrix.md +0 -368
package/.genie/spells/run-in-parallel.md +0 -12
package/.genie/spells/session-state-updater-example.md +0 -196
package/.genie/spells/session-state-updater.md +0 -220
package/.genie/spells/track-long-running-tasks.md +0 -133
package/.genie/spells/troubleshoot-infrastructure.md +0 -176
package/.genie/spells/upgrade-genie.md +0 -415
package/.genie/spells/url-presentation-protocol.md +0 -301
package/.genie/spells/wish-initiation.md +0 -158
package/.genie/spells/wish-issue-linkage.md +0 -410
package/.genie/spells/wish-lifecycle.md +0 -100
package/.genie/state/provider-status.json +0 -3
package/.genie/state/version.json +0 -16
package/.genie/wishes/canonical-pgserve-pm2-supervision/WISH.md +0 -290
package/.genie/wishes/pgserve-v2/BRIEF-from-genie-pgserve.md +0 -99
package/.genie/wishes/pgserve-v2/WISH.md +0 -442
package/.genie/wishes/release-system-genie-pattern/WISH.md +0 -268
package/.genie/wishes/release-system-genie-pattern/validation.md +0 -205
package/.gitguardian.yaml +0 -29
package/.gitguardianignore +0 -16
package/.github/workflows/ci.yml +0 -122
package/.github/workflows/release.yml +0 -289
package/.github/workflows/version.yml +0 -228
package/.husky/pre-commit +0 -2
package/AGENTS.md +0 -433
package/CLAUDE.md +0 -1
package/Makefile +0 -285
package/assets/icon.ico +0 -0
package/bun.lock +0 -435
package/bunfig.toml +0 -28
package/ecosystem.config.cjs +0 -23
package/eslint.config.js +0 -63
package/examples/multi-tenant-demo.js +0 -104
package/install.sh +0 -123
package/knip.json +0 -9
package/tests/audit.test.js +0 -189
package/tests/backpressure.test.js +0 -167
package/tests/benchmarks/runner.js +0 -1197
package/tests/benchmarks/vector-generator.js +0 -368
package/tests/cli-install.test.js +0 -322
package/tests/control-db.test.js +0 -285
package/tests/daemon-args.test.js +0 -86
package/tests/daemon-control.test.js +0 -171
package/tests/daemon-fingerprint-integration.test.js +0 -111
package/tests/daemon-pr24-regression.test.js +0 -198
package/tests/fingerprint.test.js +0 -263
package/tests/fixtures/240-orphan-seed.sql +0 -30
package/tests/multi-tenant.test.js +0 -374
package/tests/orphan-cleanup.test.js +0 -390
package/tests/pg-version-regex.test.js +0 -129
package/tests/quick-bench.js +0 -135
package/tests/router-handshake-retry.test.js +0 -119
package/tests/router-handshake-watchdog.test.js +0 -110
package/tests/sdk.test.js +0 -71
package/tests/stale-postmaster-pid.test.js +0 -85
package/tests/stress-test.js +0 -439
package/tests/sync-perf-test.js +0 -150
package/tests/tcp-listen.test.js +0 -368
package/tests/tenancy.test.js +0 -403
package/tests/wrapper-supervision.test.js +0 -107

package/tests/daemon-pr24-regression.test.js DELETED Viewed

@@ -1,198 +0,0 @@
-/**
- * PR #24 regression tests for the v2 daemon.
- *
- * The daemon (src/daemon.js) shares a PostgresManager lifecycle with the
- * v1 router (src/router.js). PR #24's fixes for issue #24 (stale socketDir
- * leaks across stop/start cycles) must remain in force after the v2 cut.
- *
- * Coverage:
- *   1. PostgresManager.stop() nulls socketDir/databaseDir.
- *   2. start() + stop() + start() yields a fresh socketDir (no leak).
- *   3. Double start() is a no-op (re-entry guard).
- *   4. Daemon mode does NOT introduce a new socketDir leak path under
- *      abnormal exit (kill -9): orphaned socket file + pid lock are cleaned
- *      up by the next `PgserveDaemon.start()` boot via stale-pid detection.
- */
-import { describe, test, expect } from 'bun:test';
-import fs from 'fs';
-import path from 'path';
-import { PostgresManager } from '../src/postgres.js';
-import { createLogger } from '../src/logger.js';
-import {
-  PgserveDaemon,
-  acquirePidLock,
-  resolveControlSocketPath,
-  resolvePidLockPath,
-  isProcessAlive,
-} from '../src/daemon.js';
-function silentLogger() {
-  return createLogger({ level: 'warn' });
-}
-// Each test uses a unique controlSocketDir under tmp so concurrent runs
-// (and the existing host's real /run/user/<uid>/pgserve) cannot collide.
-function makeDaemonDirs(tag) {
-  return fs.mkdtempSync(path.join('/tmp', `pgs-${tag}-`));
-}
-describe('PR #24 regression — PostgresManager lifecycle', () => {
-  test('stop() nulls socketDir/databaseDir', async () => {
-    const pg = new PostgresManager({ port: 16001, logger: silentLogger() });
-    await pg.start();
-    expect(pg.socketDir).not.toBeNull();
-    expect(fs.existsSync(pg.socketDir)).toBe(true);
-    const stale = pg.socketDir;
-    await pg.stop();
-    expect(pg.socketDir).toBeNull();
-    expect(pg.databaseDir).toBeNull();
-    expect(pg.getSocketPath()).toBeNull();
-    expect(fs.existsSync(stale)).toBe(false);
-  });
-  test('start()+stop()+start() yields fresh socketDir, no leak', async () => {
-    const pg = new PostgresManager({ port: 16002, logger: silentLogger() });
-    await pg.start();
-    const dirA = pg.socketDir;
-    expect(dirA).not.toBeNull();
-    await pg.stop();
-    expect(pg.socketDir).toBeNull();
-    await pg.start();
-    const dirB = pg.socketDir;
-    expect(dirB).not.toBeNull();
-    expect(dirB).not.toBe(dirA);
-    expect(fs.existsSync(dirB)).toBe(true);
-    // Old dir must be gone; PR #24 guarantees no leak across cycles.
-    expect(fs.existsSync(dirA)).toBe(false);
-    await pg.stop();
-  });
-  test('double start() is a no-op (re-entry guard preserved)', async () => {
-    const pg = new PostgresManager({ port: 16003, logger: silentLogger() });
-    await pg.start();
-    const before = pg.socketDir;
-    const result = await pg.start();
-    expect(result).toBe(pg);
-    expect(pg.socketDir).toBe(before);
-    await pg.stop();
-  });
-});
-describe('PR #24 regression — daemon does not leak under abnormal exit', () => {
-  test('stale pid lock + orphaned socket are cleaned up by next daemon boot', async () => {
-    const dir = makeDaemonDirs('stale');
-    const socketPath = resolveControlSocketPath(dir);
-    const pidLockPath = resolvePidLockPath(dir);
-    // Simulate kill -9: write a pid file pointing at a guaranteed-dead pid
-    // and create a fake stale socket file beside it. PID 1 is always alive
-    // on Unix, so we manufacture a dead one by reading max_pid + 1 (Linux)
-    // or just using a high value not currently in use.
-    const deadPid = pickDeadPid();
-    expect(isProcessAlive(deadPid)).toBe(false);
-    fs.writeFileSync(pidLockPath, String(deadPid), { mode: 0o600 });
-    fs.writeFileSync(socketPath, ''); // stand-in for an orphaned socket file
-    expect(fs.existsSync(pidLockPath)).toBe(true);
-    expect(fs.existsSync(socketPath)).toBe(true);
-    const lock = acquirePidLock({
-      pidLockPath,
-      socketPath,
-      logger: silentLogger(),
-    });
-    expect(lock.acquired).toBe(true);
-    // The lock file now belongs to *us* (this test's process pid), and the
-    // orphaned socket placeholder must have been removed during stale-pid
-    // cleanup so the daemon can bind a fresh socket on the same path.
-    expect(fs.existsSync(pidLockPath)).toBe(true);
-    expect(fs.readFileSync(pidLockPath, 'utf8').trim()).toBe(String(process.pid));
-    expect(fs.existsSync(socketPath)).toBe(false);
-    // Cleanup the test's lock so we don't leak between tests.
-    fs.unlinkSync(pidLockPath);
-    fs.rmSync(dir, { recursive: true, force: true });
-  });
-  test('PgserveDaemon.start refuses second invocation while first is alive', async () => {
-    const dir = makeDaemonDirs('singleton');
-    const d1 = new PgserveDaemon({
-      controlSocketDir: dir,
-      controlSocketPath: resolveControlSocketPath(dir),
-      pidLockPath: resolvePidLockPath(dir),
-      pgPort: 16010,
-      logger: silentLogger(),
-    });
-    await d1.start();
-    const d2 = new PgserveDaemon({
-      controlSocketDir: dir,
-      controlSocketPath: resolveControlSocketPath(dir),
-      pidLockPath: resolvePidLockPath(dir),
-      pgPort: 16011,
-      logger: silentLogger(),
-    });
-    let captured;
-    try {
-      await d2.start();
-    } catch (err) {
-      captured = err;
-    }
-    expect(captured).toBeDefined();
-    expect(captured.code).toBe('EALREADYRUNNING');
-    expect(captured.pid).toBe(process.pid);
-    await d1.stop();
-    expect(fs.existsSync(d1.controlSocketPath)).toBe(false);
-    expect(fs.existsSync(d1.pidLockPath)).toBe(false);
-    fs.rmSync(dir, { recursive: true, force: true });
-  });
-  test('PgserveDaemon.stop unlinks both socket and pid lock', async () => {
-    const dir = makeDaemonDirs('cleanup');
-    const d = new PgserveDaemon({
-      controlSocketDir: dir,
-      controlSocketPath: resolveControlSocketPath(dir),
-      pidLockPath: resolvePidLockPath(dir),
-      pgPort: 16020,
-      logger: silentLogger(),
-    });
-    await d.start();
-    expect(fs.existsSync(d.controlSocketPath)).toBe(true);
-    expect(fs.existsSync(d.pidLockPath)).toBe(true);
-    await d.stop();
-    expect(fs.existsSync(d.controlSocketPath)).toBe(false);
-    expect(fs.existsSync(d.pidLockPath)).toBe(false);
-    // PR #24 invariant carries through: PostgresManager nulled its paths.
-    expect(d.pgManager.socketDir).toBeNull();
-    fs.rmSync(dir, { recursive: true, force: true });
-  });
-});
-/**
- * Pick a pid that is reasonably guaranteed not to be alive. We try a high
- * pid first (most kernels recycle low pids), then walk down until we find
- * one that is dead. As a final fallback we use 999999.
- */
-function pickDeadPid() {
-  const candidates = [987654, 765432, 543210, 321098, 109876];
-  for (const pid of candidates) {
-    if (!isProcessAlive(pid)) return pid;
-  }
-  return 999999;
-}

package/tests/fingerprint.test.js DELETED Viewed

@@ -1,263 +0,0 @@
-/**
- * Tests for src/fingerprint.js — kernel-rooted peer identity.
- *
- * Coverage:
- *  - getPeerCred() returns the calling process's pid/uid/gid via SO_PEERCRED
- *  - findNearestPackageJson() walks upward; deepest match wins (monorepo)
- *  - derivePackageFingerprint() is stable across cwd changes in the same project
- *  - same name + different paths → different fingerprints
- *  - same path + different uid → different fingerprints
- *  - script fallback triggers when no package.json above cwd
- *  - end-to-end: handleControlAccept() emits a connection_routed audit entry
- */
-import { test, expect, beforeAll, beforeEach, afterEach } from 'bun:test';
-import fs from 'fs';
-import os from 'os';
-import path from 'path';
-import net from 'net';
-import {
-  initFingerprintFfi,
-  getPeerCred,
-  findNearestPackageJson,
-  parseDarwinLsofCwd,
-  readProcCwd,
-  readPackageName,
-  derivePackageFingerprint,
-  deriveScriptFingerprint,
-  fingerprintFromCred,
-  handleControlAccept,
-  _setPeerCredImpl,
-} from '../src/fingerprint.js';
-import { configureAudit, AUDIT_EVENTS } from '../src/audit.js';
-let scratch;
-beforeAll(async () => {
-  await initFingerprintFfi();
-});
-beforeEach(() => {
-  scratch = fs.mkdtempSync(path.join(os.tmpdir(), 'pgserve-fp-test-'));
-  configureAudit({
-    logFile: path.join(scratch, 'audit.log'),
-    target: 'file',
-  });
-});
-afterEach(() => {
-  _setPeerCredImpl(null);
-  try { fs.rmSync(scratch, { recursive: true, force: true }); } catch { /* noop */ }
-});
-// ---------------------------------------------------------------------------
-// SO_PEERCRED smoke — proves the FFI path works end-to-end on this kernel.
-// ---------------------------------------------------------------------------
-test('getPeerCred reads kernel-attested pid/uid/gid via Unix socket pair', async () => {
-  const sockPath = path.join(scratch, 'peer.sock');
-  const expectedUid = process.getuid();
-  const expectedGid = process.getgid();
-  const expectedPid = process.pid;
-  const cred = await new Promise((resolve, reject) => {
-    const server = net.createServer((socket) => {
-      try {
-        const c = getPeerCred(socket);
-        socket.end();
-        server.close(() => resolve(c));
-      } catch (err) {
-        server.close(() => reject(err));
-      }
-    });
-    server.on('error', reject);
-    server.listen(sockPath, () => {
-      const client = net.createConnection(sockPath);
-      client.on('error', reject);
-    });
-  });
-  expect(cred.pid).toBe(expectedPid);
-  expect(cred.uid).toBe(expectedUid);
-  expect(cred.gid).toBe(expectedGid);
-});
-test('macOS lsof parser extracts cwd field output', () => {
-  const cwd = path.join(scratch, 'project');
-  const output = `p12345\nn${cwd}\n`;
-  expect(parseDarwinLsofCwd(output)).toBe(cwd);
-  expect(parseDarwinLsofCwd('p12345\n')).toBeNull();
-});
-test('readProcCwd resolves the current process cwd on supported platforms', () => {
-  if (process.platform !== 'linux' && process.platform !== 'darwin') return;
-  expect(readProcCwd(process.pid)).toBe(process.cwd());
-});
-// ---------------------------------------------------------------------------
-// Pure-function tests on derivation surface
-// ---------------------------------------------------------------------------
-test('fingerprint stable across cwd change in the same project', () => {
-  // Layout:
-  //   <scratch>/proj/package.json (name=alpha)
-  //   <scratch>/proj/sub/deep/
-  // Same project → same fingerprint regardless of starting cwd.
-  const proj = path.join(scratch, 'proj');
-  fs.mkdirSync(path.join(proj, 'sub', 'deep'), { recursive: true });
-  fs.writeFileSync(path.join(proj, 'package.json'), JSON.stringify({ name: 'alpha' }));
-  const root = findNearestPackageJson(proj);
-  const fromSub = findNearestPackageJson(path.join(proj, 'sub'));
-  const fromDeep = findNearestPackageJson(path.join(proj, 'sub', 'deep'));
-  expect(root).not.toBeNull();
-  expect(fromSub).toBe(root);
-  expect(fromDeep).toBe(root);
-  const fp1 = derivePackageFingerprint({ packageRealpath: root, name: 'alpha', uid: 1000 });
-  const fp2 = derivePackageFingerprint({ packageRealpath: fromSub, name: 'alpha', uid: 1000 });
-  const fp3 = derivePackageFingerprint({ packageRealpath: fromDeep, name: 'alpha', uid: 1000 });
-  expect(fp1).toBe(fp2);
-  expect(fp2).toBe(fp3);
-  expect(fp1).toMatch(/^[0-9a-f]{12}$/);
-});
-test('two projects with the same name but different paths get different fingerprints', () => {
-  const a = path.join(scratch, 'a-project');
-  const b = path.join(scratch, 'b-project');
-  fs.mkdirSync(a);
-  fs.mkdirSync(b);
-  fs.writeFileSync(path.join(a, 'package.json'), JSON.stringify({ name: 'shared' }));
-  fs.writeFileSync(path.join(b, 'package.json'), JSON.stringify({ name: 'shared' }));
-  const pa = findNearestPackageJson(a);
-  const pb = findNearestPackageJson(b);
-  expect(pa).not.toBe(pb);
-  const fpa = derivePackageFingerprint({ packageRealpath: pa, name: 'shared', uid: 1000 });
-  const fpb = derivePackageFingerprint({ packageRealpath: pb, name: 'shared', uid: 1000 });
-  expect(fpa).not.toBe(fpb);
-});
-test('same path + different uid → different fingerprints', () => {
-  const proj = path.join(scratch, 'multi-user');
-  fs.mkdirSync(proj);
-  fs.writeFileSync(path.join(proj, 'package.json'), JSON.stringify({ name: 'multi' }));
-  const realpath = findNearestPackageJson(proj);
-  const fp1000 = derivePackageFingerprint({ packageRealpath: realpath, name: 'multi', uid: 1000 });
-  const fp1001 = derivePackageFingerprint({ packageRealpath: realpath, name: 'multi', uid: 1001 });
-  expect(fp1000).not.toBe(fp1001);
-});
-test('script fallback triggered when no package.json above cwd', () => {
-  // Build an isolated path tree under scratch with no package.json anywhere.
-  // We point fingerprintFromCred at an override cwd inside scratch so the
-  // upward walk hits the filesystem root (no package.json in /tmp/.. either,
-  // because we use a deliberately ephemeral dir tree owned by the test).
-  const isolated = path.join(scratch, 'isolated', 'deep');
-  fs.mkdirSync(isolated, { recursive: true });
-  // Sanity: walking up from `isolated` finds no package.json (until at least
-  // /tmp/... or higher; we trust the host doesn't have one in /tmp).
-  // If the host *does* have one above /tmp, the result would still be deterministic
-  // and correct (mode='package'), but we want to test the script-fallback branch
-  // here. Mock findNearestPackageJson by passing a cwdOverride beneath a fake
-  // chroot — the easiest way is to walk to a path that we control: use an
-  // empty subtree under scratch and pretend the walk has hit the root.
-  const sentinelFile = findNearestPackageJson(isolated);
-  // If the host has no package.json anywhere up to /, sentinelFile is null.
-  // If it does, this assertion would falsely target the host's package.json.
-  // To make the test deterministic, we drive the script branch directly via
-  // deriveScriptFingerprint; the integration of "no package.json found" is
-  // covered by fingerprintFromCred's branch logic with cmdlineOverride.
-  const fp = deriveScriptFingerprint({
-    uid: 1000,
-    cwd: '/some/orphan/dir',
-    cmdline1: '/usr/local/bin/foo.js',
-  });
-  expect(fp).toMatch(/^[0-9a-f]{12}$/);
-  // Also verify fingerprintFromCred picks the script branch when cwdOverride
-  // points at a path with no ancestor package.json — we use a path under
-  // scratch since scratch itself has no package.json, and we pass cmdlineOverride.
-  const info = fingerprintFromCred(
-    { pid: 9999, uid: 1000, gid: 1000 },
-    {
-      cwdOverride: isolated,
-      cmdlineOverride: ['/usr/local/bin/bun', '/some/orphan/dir/foo.js'],
-    },
-  );
-  // sentinelFile may be null (script mode) or non-null (if host has /package.json upstream).
-  if (sentinelFile === null) {
-    expect(info.mode).toBe('script');
-    expect(info.fingerprint).toMatch(/^[0-9a-f]{12}$/);
-    expect(info.packageRealpath).toBeNull();
-  } else {
-    // Host has an ancestor package.json. Still verify that derivation produces
-    // a 12-hex value and that the 'package' branch was chosen — the
-    // script-fallback behavior is independently exercised by deriveScriptFingerprint above.
-    expect(info.mode).toBe('package');
-    expect(info.fingerprint).toMatch(/^[0-9a-f]{12}$/);
-  }
-});
-test('monorepo: nested package.json wins (deepest match)', () => {
-  // Layout:
-  //   <scratch>/mono/package.json           (name=workspace-root)
-  //   <scratch>/mono/packages/api/package.json (name=api)
-  //   <scratch>/mono/packages/api/src/
-  // Walking up from src/ must find the api package.json, not the workspace root.
-  const root = path.join(scratch, 'mono');
-  const api = path.join(root, 'packages', 'api');
-  const apiSrc = path.join(api, 'src');
-  fs.mkdirSync(apiSrc, { recursive: true });
-  fs.writeFileSync(path.join(root, 'package.json'), JSON.stringify({ name: 'workspace-root' }));
-  fs.writeFileSync(path.join(api, 'package.json'), JSON.stringify({ name: 'api' }));
-  const found = findNearestPackageJson(apiSrc);
-  expect(found).toBe(fs.realpathSync(path.join(api, 'package.json')));
-  expect(readPackageName(found)).toBe('api');
-  const info = fingerprintFromCred(
-    { pid: 9999, uid: 1000, gid: 1000 },
-    { cwdOverride: apiSrc, cmdlineOverride: ['bun', 'src/index.js'] },
-  );
-  expect(info.mode).toBe('package');
-  expect(info.name).toBe('api');
-  expect(info.packageRealpath).toBe(found);
-});
-// ---------------------------------------------------------------------------
-// End-to-end: handleControlAccept emits connection_routed
-// ---------------------------------------------------------------------------
-test('handleControlAccept emits a connection_routed audit event with 12-hex fingerprint', () => {
-  const proj = path.join(scratch, 'audit-target');
-  fs.mkdirSync(proj);
-  fs.writeFileSync(path.join(proj, 'package.json'), JSON.stringify({ name: 'audit-app' }));
-  // Stub peer-cred impl so we don't need a real socket.
-  _setPeerCredImpl(() => ({ pid: 4242, uid: 1000, gid: 1000 }));
-  const info = handleControlAccept(
-    { /* fake socket */ },
-    { cwdOverride: proj, cmdlineOverride: ['bun', 'index.js'] },
-  );
-  expect(info.fingerprint).toMatch(/^[0-9a-f]{12}$/);
-  expect(info.mode).toBe('package');
-  expect(info.name).toBe('audit-app');
-  const logFile = path.join(scratch, 'audit.log');
-  const lines = fs.readFileSync(logFile, 'utf8').trim().split('\n').filter(Boolean);
-  expect(lines.length).toBe(1);
-  const entry = JSON.parse(lines[0]);
-  expect(entry.event).toBe(AUDIT_EVENTS.CONNECTION_ROUTED);
-  expect(entry.fingerprint).toBe(info.fingerprint);
-  expect(entry.peer_pid).toBe(4242);
-  expect(entry.peer_uid).toBe(1000);
-  expect(entry.mode).toBe('package');
-});

package/tests/fixtures/240-orphan-seed.sql DELETED Viewed

@@ -1,30 +0,0 @@
--- Group 5 — synthetic orphan fixture.
---
--- Seeds 240 rows in `pgserve_meta` with stale `last_connection_at`
--- (48 hours old, well past the 24h TTL) and a dead `liveness_pid`. Half
--- the rows use a guaranteed-out-of-range PID (2147483646, far above
--- Linux's pid_max ≤ 2^22 ≈ 4M); the other half use NULL so the sweep
--- exercises both audit code paths (`db_reaped_liveness` vs `db_reaped_ttl`).
---
--- The accompanying harness `tests/orphan-cleanup.test.js` runs this file
--- and then `CREATE DATABASE`s each row's `database_name` so the sweep
--- actually has something to DROP.
-INSERT INTO pgserve_meta (
-  database_name,
-  fingerprint,
-  peer_uid,
-  package_realpath,
-  last_connection_at,
-  liveness_pid,
-  persist
-)
-SELECT
-  format('app_orphan_%s', lpad(to_hex(i), 12, '0')),
-  lpad(to_hex(i), 12, '0'),
-  1000,
-  NULL,
-  now() - interval '48 hours',
-  CASE WHEN i % 2 = 0 THEN 2147483646 ELSE NULL END,
-  false
-FROM generate_series(1, 240) AS i;