pipework 0.1.2 → 0.1.4

package/dist/migrate/run.js

@@ -1,17 +1,37 @@
 import { migrate as drizzleMigrate } from 'drizzle-orm/postgres-js/migrator';
 import { sql } from 'drizzle-orm';
 import { quoteIdentifier } from '../db/identifiers.js';
-export async function migrateAll(instance) {
+import { checkMigrations } from './check.js';
+export class UnsafeMigrationError extends Error {
+    check;
+    name = 'UnsafeMigrationError';
+    constructor(check, message) {
+        super(message);
+        this.check = check;
+    }
+}
+export async function migrateAll(instance, options = {}) {
     const results = [];
     for (const [, dbConfig] of instance.config.databases()) {
         if (dbConfig.migrations === undefined)
             continue;
-        const result = await migrateOne(instance, dbConfig);
+        const result = await migrateOne(instance, dbConfig, options);
         results.push(result);
     }
     return results;
 }
-export async function migrateOne(instance, dbConfig) {
+export async function migrateOne(instance, dbConfig, options = {}) {
+    const safetyCheck = dbConfig.migrations !== undefined
+        ? checkMigrations(dbConfig.migrations)
+        : { safe: true, hasDestructive: false, hasLocking: false, fileHazards: [] };
+    if (safetyCheck.hasDestructive && options.allowDestructive !== true) {
+        throw new UnsafeMigrationError(safetyCheck, `Migration for "${dbConfig.name}" contains destructive operations (DROP TABLE, DROP COLUMN, etc.). ` +
+            `Pass { allowDestructive: true } or use --allow-destructive on the CLI to proceed.`);
+    }
+    if (safetyCheck.hasLocking && options.acknowledgeLock !== true) {
+        throw new UnsafeMigrationError(safetyCheck, `Migration for "${dbConfig.name}" contains operations that acquire heavy locks. ` +
+            `Pass { acknowledgeLock: true } or use --acknowledge-lock on the CLI to proceed.`);
+    }
     const conn = instance.pool.getOrCreate(dbConfig);
     let extensionsCreated = [];
     if (dbConfig.extensions.length > 0) {
@@ -30,6 +50,7 @@ export async function migrateOne(instance, dbConfig) {
         database: dbConfig.name,
         migrationsRun: afterTables - beforeTables,
         extensions: extensionsCreated,
+        safetyCheck,
     };
 }
 async function getMigrationCount(db, table) {

package/dist/migrate/run.js.map

@@ -1 +1 @@
-{"version":3,"file":"run.js","sourceRoot":"","sources":["../../src/migrate/run.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,cAAc,EAAE,MAAM,kCAAkC,CAAA;AAC5E,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAA;AAGjC,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AAQtD,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAkB;IACjD,MAAM,OAAO,GAAoB,EAAE,CAAA;IAEnC,KAAK,MAAM,CAAC,EAAE,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;QACvD,IAAI,QAAQ,CAAC,UAAU,KAAK,SAAS;YAAE,SAAQ;QAC/C,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;QACnD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACtB,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAkB,EAAE,QAA0B;IAC7E,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IAChD,IAAI,iBAAiB,GAAa,EAAE,CAAA;IAEpC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YACtC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,kCAAkC,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAA;QAC5G,CAAC;QACD,iBAAiB,GAAG,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAA;IAC9C,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAA;IAEnF,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE;QACjC,gBAAgB,EAAE,QAAQ,CAAC,UAAW;QACtC,eAAe,EAAE,QAAQ,CAAC,cAAc;KACzC,CAAC,CAAA;IAEF,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAA;IAElF,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,IAAI;QACvB,aAAa,EAAE,WAAW,GAAG,YAAY;QACzC,UAAU,EAAE,iBAAiB;KAC9B,CAAA;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,EAAwC,EAAE,KAAa;IACtF,IAAI,CAAC;QACH,MAAM,MAAM,GAAc,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,sCAAsC,eAAe,CAAC,KAAK,EAAE,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAA;QACtI,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAkC,CAAA;QACtD,OAAO,GAAG,EAAE,KAAK,IAAI,CAAC,CAAA;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAA;IACV,CAAC;AACH,CAAC"}
+{"version":3,"file":"run.js","sourceRoot":"","sources":["../../src/migrate/run.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,cAAc,EAAE,MAAM,kCAAkC,CAAA;AAC5E,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAA;AAGjC,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,EAAE,eAAe,EAA6B,MAAM,YAAY,CAAA;AAcvE,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAG3B;IAFA,IAAI,GAAG,sBAAsB,CAAA;IAC/C,YACkB,KAA2B,EAC3C,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAA;QAHE,UAAK,GAAL,KAAK,CAAsB;IAI7C,CAAC;CACF;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAkB,EAAE,UAA0B,EAAE;IAC/E,MAAM,OAAO,GAAoB,EAAE,CAAA;IAEnC,KAAK,MAAM,CAAC,EAAE,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;QACvD,IAAI,QAAQ,CAAC,UAAU,KAAK,SAAS;YAAE,SAAQ;QAC/C,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;QAC5D,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACtB,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAkB,EAAE,QAA0B,EAAE,UAA0B,EAAE;IAC3G,MAAM,WAAW,GAAG,QAAQ,CAAC,UAAU,KAAK,SAAS;QACnD,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC;QACtC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAA0B,CAAA;IAErG,IAAI,WAAW,CAAC,cAAc,IAAI,OAAO,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;QACpE,MAAM,IAAI,oBAAoB,CAC5B,WAAW,EACX,kBAAkB,QAAQ,CAAC,IAAI,qEAAqE;YACpG,mFAAmF,CACpF,CAAA;IACH,CAAC;IAED,IAAI,WAAW,CAAC,UAAU,IAAI,OAAO,CAAC,eAAe,KAAK,IAAI,EAAE,CAAC;QAC/D,MAAM,IAAI,oBAAoB,CAC5B,WAAW,EACX,kBAAkB,QAAQ,CAAC,IAAI,kDAAkD;YACjF,iFAAiF,CAClF,CAAA;IACH,CAAC;IAED,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IAChD,IAAI,iBAAiB,GAAa,EAAE,CAAA;IAEpC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YACtC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,kCAAkC,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAA;QAC5G,CAAC;QACD,iBAAiB,GAAG,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAA;IAC9C,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAA;IAEnF,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE;QACjC,gBAAgB,EAAE,QAAQ,CAAC,UAAW;QACtC,eAAe,EAAE,QAAQ,CAAC,cAAc;KACzC,CAAC,CAAA;IAEF,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAA;IAElF,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,IAAI;QACvB,aAAa,EAAE,WAAW,GAAG,YAAY;QACzC,UAAU,EAAE,iBAAiB;QAC7B,WAAW;KACZ,CAAA;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,EAAwC,EAAE,KAAa;IACtF,IAAI,CAAC;QACH,MAAM,MAAM,GAAc,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,sCAAsC,eAAe,CAAC,KAAK,EAAE,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAA;QACtI,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAkC,CAAA;QACtD,OAAO,GAAG,EAAE,KAAK,IAAI,CAAC,CAAA;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAA;IACV,CAAC;AACH,CAAC"}

package/dist/migrate/safety.d.ts

@@ -0,0 +1,10 @@
+export type Severity = 'destructive' | 'locking' | 'safe';
+export interface MigrationHazard {
+    severity: Severity;
+    operation: string;
+    statement: string;
+    suggestion: string;
+}
+export declare function analyzeSQL(sql: string): MigrationHazard[];
+export declare function formatHazards(hazards: MigrationHazard[], file: string): string;
+//# sourceMappingURL=safety.d.ts.map

package/dist/migrate/safety.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"safety.d.ts","sourceRoot":"","sources":["../../src/migrate/safety.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,aAAa,GAAG,SAAS,GAAG,MAAM,CAAA;AAEzD,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,QAAQ,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;CACnB;AA8ED,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CAmBzD;AASD,wBAAgB,aAAa,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAoB9E"}

package/dist/migrate/safety.js

@@ -0,0 +1,115 @@
+const RULES = [
+    // ── Destructive (data loss / backward-incompatible) ───────────────────
+    {
+        pattern: /\bDROP\s+TABLE\b/i,
+        severity: 'destructive',
+        operation: 'DROP TABLE',
+        suggestion: 'Rename the table first, deploy, verify no access, then drop in a follow-up migration.',
+    },
+    {
+        pattern: /\bDROP\s+COLUMN\b/i,
+        severity: 'destructive',
+        operation: 'DROP COLUMN',
+        suggestion: 'Stop reading the column in application code first, then drop in a follow-up migration.',
+    },
+    {
+        pattern: /\bALTER\s+COLUMN\b[^;]*\bSET\s+NOT\s+NULL\b/i,
+        severity: 'destructive',
+        operation: 'SET NOT NULL',
+        suggestion: 'Add a CHECK constraint with NOT VALID, validate it separately, then convert to NOT NULL.',
+    },
+    {
+        pattern: /\bALTER\s+COLUMN\b[^;]*\bTYPE\b/i,
+        severity: 'destructive',
+        operation: 'ALTER COLUMN TYPE',
+        suggestion: 'Add a new column with the target type, backfill, swap reads, then drop the old column.',
+    },
+    {
+        pattern: /\bTRUNCATE\b/i,
+        severity: 'destructive',
+        operation: 'TRUNCATE',
+        suggestion: 'Use DELETE with a WHERE clause if you need to remove rows in a migration.',
+    },
+    // ── Locking (acquires heavy locks, risks downtime under load) ─────────
+    {
+        pattern: /\bCREATE\s+(?:UNIQUE\s+)?INDEX\b(?!\s+CONCURRENTLY)/i,
+        severity: 'locking',
+        operation: 'CREATE INDEX (non-concurrent)',
+        suggestion: 'Use CREATE INDEX CONCURRENTLY to avoid blocking writes.',
+        except: /\bCONCURRENTLY\b/i,
+    },
+    {
+        pattern: /\bRENAME\s+COLUMN\b/i,
+        severity: 'locking',
+        operation: 'RENAME COLUMN',
+        suggestion: 'Add a new column, backfill, migrate reads, then drop the old column.',
+    },
+    {
+        pattern: /\bRENAME\s+TABLE\b/i,
+        severity: 'locking',
+        operation: 'RENAME TABLE',
+        suggestion: 'Create a new table, migrate data, swap reads, then drop the old table.',
+    },
+    {
+        pattern: /\bRENAME\s+TO\b/i,
+        severity: 'locking',
+        operation: 'RENAME TO',
+        suggestion: 'Renames acquire AccessExclusive locks. Consider a multi-step migration instead.',
+        except: /\bRENAME\s+COLUMN\b|\bRENAME\s+TABLE\b/i,
+    },
+    {
+        pattern: /\bADD\s+CONSTRAINT\b[^;]*\bFOREIGN\s+KEY\b(?![^;]*\bNOT\s+VALID\b)/i,
+        severity: 'locking',
+        operation: 'ADD FOREIGN KEY (without NOT VALID)',
+        suggestion: 'Add the constraint with NOT VALID, then VALIDATE CONSTRAINT in a separate statement.',
+    },
+];
+export function analyzeSQL(sql) {
+    const statements = splitStatements(sql);
+    const hazards = [];
+    for (const stmt of statements) {
+        for (const rule of RULES) {
+            if (!rule.pattern.test(stmt))
+                continue;
+            if (rule.except !== undefined && rule.except.test(stmt))
+                continue;
+            hazards.push({
+                severity: rule.severity,
+                operation: rule.operation,
+                statement: stmt.trim().slice(0, 200),
+                suggestion: rule.suggestion,
+            });
+        }
+    }
+    return hazards;
+}
+function splitStatements(sql) {
+    return sql
+        .split(/;/)
+        .map(s => s.trim())
+        .filter(s => s.length > 0 && !s.startsWith('--'));
+}
+export function formatHazards(hazards, file) {
+    const destructive = hazards.filter(h => h.severity === 'destructive');
+    const locking = hazards.filter(h => h.severity === 'locking');
+    const lines = [];
+    lines.push(`  ${file}:`);
+    for (const h of destructive) {
+        lines.push(`    ✗ DESTRUCTIVE: ${h.operation}`);
+        lines.push(`      ${truncate(h.statement, 120)}`);
+        lines.push(`      → ${h.suggestion}`);
+    }
+    for (const h of locking) {
+        lines.push(`    ⚠ LOCKING: ${h.operation}`);
+        lines.push(`      ${truncate(h.statement, 120)}`);
+        lines.push(`      → ${h.suggestion}`);
+    }
+    return lines.join('\n');
+}
+function truncate(s, max) {
+    const oneLine = s.replace(/\s+/g, ' ');
+    if (oneLine.length <= max)
+        return oneLine;
+    return oneLine.slice(0, max - 3) + '...';
+}
+//# sourceMappingURL=safety.js.map

package/dist/migrate/safety.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"safety.js","sourceRoot":"","sources":["../../src/migrate/safety.ts"],"names":[],"mappings":"AAiBA,MAAM,KAAK,GAAW;IACpB,yEAAyE;IACzE;QACE,OAAO,EAAE,mBAAmB;QAC5B,QAAQ,EAAE,aAAa;QACvB,SAAS,EAAE,YAAY;QACvB,UAAU,EAAE,uFAAuF;KACpG;IACD;QACE,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,aAAa;QACvB,SAAS,EAAE,aAAa;QACxB,UAAU,EAAE,wFAAwF;KACrG;IACD;QACE,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,aAAa;QACvB,SAAS,EAAE,cAAc;QACzB,UAAU,EAAE,0FAA0F;KACvG;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,QAAQ,EAAE,aAAa;QACvB,SAAS,EAAE,mBAAmB;QAC9B,UAAU,EAAE,wFAAwF;KACrG;IACD;QACE,OAAO,EAAE,eAAe;QACxB,QAAQ,EAAE,aAAa;QACvB,SAAS,EAAE,UAAU;QACrB,UAAU,EAAE,2EAA2E;KACxF;IAED,yEAAyE;IACzE;QACE,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,SAAS;QACnB,SAAS,EAAE,+BAA+B;QAC1C,UAAU,EAAE,yDAAyD;QACrE,MAAM,EAAE,mBAAmB;KAC5B;IACD;QACE,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,SAAS;QACnB,SAAS,EAAE,eAAe;QAC1B,UAAU,EAAE,sEAAsE;KACnF;IACD;QACE,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,SAAS;QACnB,SAAS,EAAE,cAAc;QACzB,UAAU,EAAE,wEAAwE;KACrF;IACD;QACE,OAAO,EAAE,kBAAkB;QAC3B,QAAQ,EAAE,SAAS;QACnB,SAAS,EAAE,WAAW;QACtB,UAAU,EAAE,iFAAiF;QAC7F,MAAM,EAAE,yCAAyC;KAClD;IACD;QACE,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,SAAS;QACnB,SAAS,EAAE,qCAAqC;QAChD,UAAU,EAAE,sFAAsF;KACnG;CACF,CAAA;AAED,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,CAAA;IACvC,MAAM,OAAO,GAAsB,EAAE,CAAA;IAErC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,SAAQ;YACtC,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,SAAQ;YAEjE,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;gBACpC,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,OAAO,GAAG;SACP,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SAClB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAA;AACrD,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,OAA0B,EAAE,IAAY;IACpE,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAA;IACrE,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAA;IAC7D,MAAM,KAAK,GAAa,EAAE,CAAA;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,CAAA;IAExB,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,SAAS,EAAE,CAAC,CAAA;QAC/C,KAAK,CAAC,IAAI,CAAC,SAAS,QAAQ,CAAC,CAAC,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;QACjD,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC,CAAA;IACvC,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,SAAS,EAAE,CAAC,CAAA;QAC3C,KAAK,CAAC,IAAI,CAAC,SAAS,QAAQ,CAAC,CAAC,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;QACjD,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC,CAAA;IACvC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,SAAS,QAAQ,CAAC,CAAS,EAAE,GAAW;IACtC,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IACtC,IAAI,OAAO,CAAC,MAAM,IAAI,GAAG;QAAE,OAAO,OAAO,CAAA;IACzC,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,KAAK,CAAA;AAC1C,CAAC"}

package/dist/pipework.d.ts

@@ -31,5 +31,5 @@ export interface ConnectionTracker {
     activeCount(): number;
     assertNoLeaks(maxExpected: number): void;
 }
-export declare function createPipework(raw: Blueprint): Manifold;
+export declare function createManifold(raw: Blueprint): Manifold;
 //# sourceMappingURL=pipework.d.ts.map

package/dist/pipework.js

@@ -1,7 +1,7 @@
 import { loadConfig as parseConfig } from './config/load.js';
 import { createManagedConnection } from './db/pool.js';
 import { InvariantViolation } from './invariants/assert.js';
-export function createPipework(raw) {
+export function createManifold(raw) {
     const config = parseConfig(raw);
     const pool = createPoolState();
     const isolation = createIsolationState();

package/dist/test/auto-setup.js

@@ -1,12 +1,12 @@
 import { beforeAll, afterAll, beforeEach, afterEach } from 'vitest';
-import { discoverConfig } from '../config/discover.js';
-import { createPipework } from '../pipework.js';
+import { loadEnvFiles } from '../config/env.js';
+import { discoverInstance } from '../config/discover.js';
 import { setupTestDatabases, teardownTestDatabases } from './setup.js';
 import { beginTestIsolation, endTestIsolation } from './plugin.js';
 import { _setTestState } from './vitest.js';
+loadEnvFiles();
 let _testContext = null;
-const config = await discoverConfig();
-const instance = createPipework(config);
+const instance = await discoverInstance();
 _setTestState(instance);
 beforeAll(async () => {
     await setupTestDatabases(instance);

package/dist/test/auto-setup.js.map

@@ -1 +1 @@
-{"version":3,"file":"auto-setup.js","sourceRoot":"","sources":["../../src/test/auto-setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAC/C,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAA;AACtE,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAoB,MAAM,aAAa,CAAA;AACpF,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAE3C,IAAI,YAAY,GAAuB,IAAI,CAAA;AAE3C,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE,CAAA;AACrC,MAAM,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,CAAA;AAEvC,aAAa,CAAC,QAAQ,CAAC,CAAA;AAEvB,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAA;AACpC,CAAC,CAAC,CAAA;AAEF,QAAQ,CAAC,KAAK,IAAI,EAAE;IAClB,MAAM,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAA;IAC9B,MAAM,qBAAqB,EAAE,CAAA;AAC/B,CAAC,CAAC,CAAA;AAEF,UAAU,CAAC,KAAK,IAAI,EAAE;IACpB,YAAY,GAAG,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAA;IACjD,aAAa,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;AACvC,CAAC,CAAC,CAAA;AAEF,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,gBAAgB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;QAC9C,YAAY,GAAG,IAAI,CAAA;QACnB,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/B,CAAC;AACH,CAAC,CAAC,CAAA"}
+{"version":3,"file":"auto-setup.js","sourceRoot":"","sources":["../../src/test/auto-setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAA;AACtE,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAoB,MAAM,aAAa,CAAA;AACpF,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAE3C,YAAY,EAAE,CAAA;AAEd,IAAI,YAAY,GAAuB,IAAI,CAAA;AAE3C,MAAM,QAAQ,GAAG,MAAM,gBAAgB,EAAE,CAAA;AAEzC,aAAa,CAAC,QAAQ,CAAC,CAAA;AAEvB,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAA;AACpC,CAAC,CAAC,CAAA;AAEF,QAAQ,CAAC,KAAK,IAAI,EAAE;IAClB,MAAM,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAA;IAC9B,MAAM,qBAAqB,EAAE,CAAA;AAC/B,CAAC,CAAC,CAAA;AAEF,UAAU,CAAC,KAAK,IAAI,EAAE;IACpB,YAAY,GAAG,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAA;IACjD,aAAa,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;AACvC,CAAC,CAAC,CAAA;AAEF,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,gBAAgB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;QAC9C,YAAY,GAAG,IAAI,CAAA;QACnB,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/B,CAAC;AACH,CAAC,CAAC,CAAA"}

package/dist/test/vitest.js

@@ -1,5 +1,5 @@
 import { beforeAll, afterAll, beforeEach, afterEach } from 'vitest';
-import { createPipework } from '../pipework.js';
+import { createManifold } from '../pipework.js';
 import { setupTestDatabases, teardownTestDatabases } from './setup.js';
 import { beginTestIsolation, endTestIsolation, createTestContext, runInContext } from './plugin.js';
 export {} from './plugin.js';
@@ -12,7 +12,7 @@ export function _setTestState(instance, testContext) {
     }
 }
 export function setupPipeworkTests(configOrInstance) {
-    const instance = isInstance(configOrInstance) ? configOrInstance : createPipework(configOrInstance);
+    const instance = isInstance(configOrInstance) ? configOrInstance : createManifold(configOrInstance);
     _instance = instance;
     beforeAll(async () => {
         await setupTestDatabases(instance);

package/dist/webhook/inbound.d.ts

@@ -0,0 +1,16 @@
+import type { Handler, HttpMethod } from '../di/types.js';
+import type { SignatureVerifier } from './verify.js';
+export interface InboundWebhookConfig<TPayload> {
+    path: string;
+    method?: HttpMethod;
+    verifier: SignatureVerifier;
+    parsePayload?: (rawBody: Buffer) => TPayload;
+    idempotencyKey?: (payload: TPayload) => string;
+}
+export interface InboundWebhookContext<TPayload> {
+    payload: TPayload;
+    rawBody: Buffer;
+    headers: Readonly<Record<string, string | undefined>>;
+}
+export declare function defineInboundWebhook<TPayload = unknown>(config: InboundWebhookConfig<TPayload>, handler: (ctx: InboundWebhookContext<TPayload>) => Promise<unknown>): Handler<Record<string, unknown>, unknown>;
+//# sourceMappingURL=inbound.d.ts.map

package/dist/webhook/inbound.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inbound.d.ts","sourceRoot":"","sources":["../../src/webhook/inbound.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AACzD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAIpD,MAAM,WAAW,oBAAoB,CAAC,QAAQ;IAC5C,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,QAAQ,EAAE,iBAAiB,CAAA;IAC3B,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,QAAQ,CAAA;IAC5C,cAAc,CAAC,EAAE,CAAC,OAAO,EAAE,QAAQ,KAAK,MAAM,CAAA;CAC/C;AAED,MAAM,WAAW,qBAAqB,CAAC,QAAQ;IAC7C,OAAO,EAAE,QAAQ,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,CAAA;CACtD;AAED,wBAAgB,oBAAoB,CAAC,QAAQ,GAAG,OAAO,EACrD,MAAM,EAAE,oBAAoB,CAAC,QAAQ,CAAC,EACtC,OAAO,EAAE,CAAC,GAAG,EAAE,qBAAqB,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,GAClE,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,CAsB3C"}

package/dist/webhook/inbound.js

@@ -0,0 +1,21 @@
+import { Builder } from '../di/builder.js';
+import { UnauthorizedError } from '../errors/index.js';
+export function defineInboundWebhook(config, handler) {
+    const method = config.method ?? 'POST';
+    const parse = config.parsePayload ?? ((raw) => JSON.parse(raw.toString('utf-8')));
+    return new Builder()
+        .public()
+        .rawBody()
+        .request()
+        .route(method, config.path)
+        .fit(async ({ rawBody, request }) => {
+        if (!config.verifier.verify(rawBody, request.headers)) {
+            throw new UnauthorizedError('Webhook signature verification failed.\n\n' +
+                '  The request signature does not match the expected value.\n' +
+                '  Check that the signing secret is correct and the raw body is unmodified.\n');
+        }
+        const payload = parse(rawBody);
+        return handler({ payload, rawBody, headers: request.headers });
+    });
+}
+//# sourceMappingURL=inbound.js.map

package/dist/webhook/inbound.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inbound.js","sourceRoot":"","sources":["../../src/webhook/inbound.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAgBtD,MAAM,UAAU,oBAAoB,CAClC,MAAsC,EACtC,OAAmE;IAEnE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAA;IACtC,MAAM,KAAK,GAAG,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAa,CAAC,CAAA;IAErG,OAAO,IAAI,OAAO,EAAE;SACjB,MAAM,EAAE;SACR,OAAO,EAAE;SACT,OAAO,EAAE;SACT,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC;SAC1B,GAAG,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE;QAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,iBAAiB,CACzB,4CAA4C;gBAC5C,8DAA8D;gBAC9D,8EAA8E,CAC/E,CAAA;QACH,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAA;QAE9B,OAAO,OAAO,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IAChE,CAAC,CAAC,CAAA;AACN,CAAC"}

package/dist/webhook/index.d.ts

@@ -0,0 +1,5 @@
+export { defineInboundWebhook, type InboundWebhookConfig, type InboundWebhookContext } from './inbound.js';
+export { hmacVerifier, stripeVerifier, githubVerifier, type SignatureVerifier } from './verify.js';
+export { signPayload, type SignedPayload, type WebhookSignatureOptions } from './sign.js';
+export { createOutboundWebhook, type OutboundWebhookConfig, type OutboundWebhook, type WebhookEndpoint, type DeliveryAttempt } from './outbound.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/webhook/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/webhook/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,KAAK,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,MAAM,cAAc,CAAA;AAC1G,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,KAAK,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAClG,OAAO,EAAE,WAAW,EAAE,KAAK,aAAa,EAAE,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAA;AACzF,OAAO,EAAE,qBAAqB,EAAE,KAAK,qBAAqB,EAAE,KAAK,eAAe,EAC9E,KAAK,eAAe,EAAE,KAAK,eAAe,EAAE,MAAM,eAAe,CAAA"}

package/dist/webhook/index.js

@@ -0,0 +1,5 @@
+export { defineInboundWebhook } from './inbound.js';
+export { hmacVerifier, stripeVerifier, githubVerifier } from './verify.js';
+export { signPayload } from './sign.js';
+export { createOutboundWebhook } from './outbound.js';
+//# sourceMappingURL=index.js.map

package/dist/webhook/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/webhook/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAyD,MAAM,cAAc,CAAA;AAC1G,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAA0B,MAAM,aAAa,CAAA;AAClG,OAAO,EAAE,WAAW,EAAoD,MAAM,WAAW,CAAA;AACzF,OAAO,EAAE,qBAAqB,EACgB,MAAM,eAAe,CAAA"}

package/dist/webhook/namespace.d.ts

@@ -0,0 +1,15 @@
+import { defineInboundWebhook } from './inbound.js';
+import { hmacVerifier, stripeVerifier, githubVerifier } from './verify.js';
+import { signPayload } from './sign.js';
+import { createOutboundWebhook } from './outbound.js';
+export declare const webhook: {
+    readonly defineInbound: typeof defineInboundWebhook;
+    readonly createOutbound: typeof createOutboundWebhook;
+    readonly verify: {
+        readonly hmac: typeof hmacVerifier;
+        readonly stripe: typeof stripeVerifier;
+        readonly github: typeof githubVerifier;
+    };
+    readonly sign: typeof signPayload;
+};
+//# sourceMappingURL=namespace.d.ts.map

package/dist/webhook/namespace.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/webhook/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AACnD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC1E,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AACvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAErD,eAAO,MAAM,OAAO;;;;;;;;;CAWV,CAAA"}

package/dist/webhook/namespace.js

@@ -0,0 +1,15 @@
+import { defineInboundWebhook } from './inbound.js';
+import { hmacVerifier, stripeVerifier, githubVerifier } from './verify.js';
+import { signPayload } from './sign.js';
+import { createOutboundWebhook } from './outbound.js';
+export const webhook = {
+    defineInbound: defineInboundWebhook,
+    createOutbound: createOutboundWebhook,
+    verify: {
+        hmac: hmacVerifier,
+        stripe: stripeVerifier,
+        github: githubVerifier,
+    },
+    sign: signPayload,
+};
+//# sourceMappingURL=namespace.js.map

package/dist/webhook/namespace.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"namespace.js","sourceRoot":"","sources":["../../src/webhook/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AACnD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC1E,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AACvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAErD,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,aAAa,EAAE,oBAAoB;IACnC,cAAc,EAAE,qBAAqB;IAErC,MAAM,EAAE;QACN,IAAI,EAAE,YAAY;QAClB,MAAM,EAAE,cAAc;QACtB,MAAM,EAAE,cAAc;KACvB;IAED,IAAI,EAAE,WAAW;CACT,CAAA"}

package/dist/webhook/outbound.d.ts

@@ -0,0 +1,48 @@
+import type { DB } from '../db/index.js';
+import { type WebhookSignatureOptions } from './sign.js';
+export interface OutboundWebhookConfig {
+    table?: string;
+    deliveryTable?: string;
+    signing?: WebhookSignatureOptions;
+    retry?: {
+        maxAttempts?: number;
+        initialDelayMs?: number;
+        maxDelayMs?: number;
+    };
+    timeoutMs?: number;
+}
+export interface WebhookEndpoint {
+    id: string;
+    tenantId: string;
+    url: string;
+    secret: string;
+    events: string[];
+    active: boolean;
+}
+export interface DeliveryAttempt {
+    id: string;
+    endpointId: string;
+    tenantId: string;
+    eventType: string;
+    payload: unknown;
+    statusCode: number | null;
+    responseBody: string | null;
+    attempt: number;
+    maxAttempts: number;
+    nextRetryAt: Date | null;
+    createdAt: Date;
+}
+export interface OutboundWebhook {
+    ensureTables(db: DB): Promise<void>;
+    send(db: DB, tenantId: string, eventType: string, payload: unknown): Promise<string[]>;
+    deliver(db: DB, deliveryId: string): Promise<{
+        success: boolean;
+        statusCode: number | null;
+    }>;
+    processPending(db: DB): Promise<number>;
+    registerEndpoint(db: DB, endpoint: Omit<WebhookEndpoint, 'id'>): Promise<string>;
+    listEndpoints(db: DB, tenantId: string): Promise<WebhookEndpoint[]>;
+    removeEndpoint(db: DB, tenantId: string, endpointId: string): Promise<boolean>;
+}
+export declare function createOutboundWebhook(config?: OutboundWebhookConfig): OutboundWebhook;
+//# sourceMappingURL=outbound.d.ts.map

package/dist/webhook/outbound.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"outbound.d.ts","sourceRoot":"","sources":["../../src/webhook/outbound.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AACxC,OAAO,EAAe,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAA;AAErE,MAAM,WAAW,qBAAqB;IACpC,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE,uBAAuB,CAAA;IACjC,KAAK,CAAC,EAAE;QACN,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,cAAc,CAAC,EAAE,MAAM,CAAA;QACvB,UAAU,CAAC,EAAE,MAAM,CAAA;KACpB,CAAA;IACD,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAA;IACV,QAAQ,EAAE,MAAM,CAAA;IAChB,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,MAAM,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,IAAI,GAAG,IAAI,CAAA;IACxB,SAAS,EAAE,IAAI,CAAA;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACnC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IACtF,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC,CAAA;IAC7F,cAAc,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IACvC,gBAAgB,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAChF,aAAa,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CAAA;IACnE,cAAc,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/E;AAWD,wBAAgB,qBAAqB,CAAC,MAAM,GAAE,qBAA0B,GAAG,eAAe,CAqLzF"}

package/dist/webhook/outbound.js

@@ -0,0 +1,160 @@
+import { sql } from '../db/sql.js';
+import { signPayload } from './sign.js';
+const DEFAULTS = {
+    table: '__pipework_webhook_endpoints',
+    deliveryTable: '__pipework_webhook_deliveries',
+    maxAttempts: 5,
+    initialDelayMs: 1000,
+    maxDelayMs: 3_600_000,
+    timeoutMs: 30_000,
+};
+export function createOutboundWebhook(config = {}) {
+    const endpointTable = config.table ?? DEFAULTS.table;
+    const deliveryTable = config.deliveryTable ?? DEFAULTS.deliveryTable;
+    const maxAttempts = config.retry?.maxAttempts ?? DEFAULTS.maxAttempts;
+    const initialDelayMs = config.retry?.initialDelayMs ?? DEFAULTS.initialDelayMs;
+    const maxDelayMs = config.retry?.maxDelayMs ?? DEFAULTS.maxDelayMs;
+    const timeoutMs = config.timeoutMs ?? DEFAULTS.timeoutMs;
+    const signingOptions = config.signing ?? {};
+    return {
+        async ensureTables(db) {
+            await db.execute(sql.raw(`
+        CREATE TABLE IF NOT EXISTS ${endpointTable} (
+          id TEXT NOT NULL PRIMARY KEY DEFAULT gen_random_uuid()::text,
+          tenant_id TEXT NOT NULL,
+          url TEXT NOT NULL,
+          secret TEXT NOT NULL,
+          events TEXT[] NOT NULL DEFAULT '{}',
+          active BOOLEAN NOT NULL DEFAULT true,
+          created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+        )
+      `));
+            await db.execute(sql.raw(`
+        CREATE TABLE IF NOT EXISTS ${deliveryTable} (
+          id TEXT NOT NULL PRIMARY KEY DEFAULT gen_random_uuid()::text,
+          endpoint_id TEXT NOT NULL,
+          tenant_id TEXT NOT NULL,
+          event_type TEXT NOT NULL,
+          payload JSONB NOT NULL,
+          status_code INTEGER,
+          response_body TEXT,
+          attempt INTEGER NOT NULL DEFAULT 0,
+          max_attempts INTEGER NOT NULL,
+          next_retry_at TIMESTAMPTZ,
+          completed_at TIMESTAMPTZ,
+          created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+        )
+      `));
+        },
+        async send(db, tenantId, eventType, payload) {
+            const endpoints = await db.execute(sql `SELECT id, url, secret FROM ${sql.raw(endpointTable)}
+            WHERE tenant_id = ${tenantId}
+              AND active = true
+              AND (events = '{}' OR ${eventType} = ANY(events))`);
+            const deliveryIds = [];
+            for (const row of endpoints) {
+                const result = await db.execute(sql `INSERT INTO ${sql.raw(deliveryTable)} (endpoint_id, tenant_id, event_type, payload, max_attempts, next_retry_at)
+              VALUES (${row.id}, ${tenantId}, ${eventType}, ${JSON.stringify(payload)}, ${maxAttempts}, now())
+              RETURNING id`);
+                const inserted = result[0];
+                if (inserted !== undefined)
+                    deliveryIds.push(inserted.id);
+            }
+            return deliveryIds;
+        },
+        async deliver(db, deliveryId) {
+            const rows = await db.execute(sql `SELECT d.id, d.endpoint_id, d.event_type, d.payload, d.attempt, d.max_attempts,
+                   e.url, e.secret
+            FROM ${sql.raw(deliveryTable)} d
+            JOIN ${sql.raw(endpointTable)} e ON e.id = d.endpoint_id
+            WHERE d.id = ${deliveryId} AND d.completed_at IS NULL`);
+            const delivery = rows[0];
+            if (delivery === undefined)
+                return { success: false, statusCode: null };
+            const attempt = delivery['attempt'] + 1;
+            const signed = signPayload(delivery['payload'], delivery['secret'], signingOptions);
+            let statusCode = null;
+            let responseBody = null;
+            let success = false;
+            try {
+                const controller = new AbortController();
+                const timer = setTimeout(() => controller.abort(), timeoutMs);
+                const response = await fetch(delivery['url'], {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        'X-Webhook-Id': signed.messageId,
+                        'X-Webhook-Timestamp': signed.timestamp.toString(),
+                        'X-Webhook-Signature': signed.signature,
+                    },
+                    body: signed.body,
+                    signal: controller.signal,
+                });
+                clearTimeout(timer);
+                statusCode = response.status;
+                responseBody = await response.text().catch(() => null);
+                success = statusCode >= 200 && statusCode < 300;
+            }
+            catch {
+                statusCode = null;
+                responseBody = null;
+                success = false;
+            }
+            if (success || attempt >= delivery['max_attempts']) {
+                await db.execute(sql `UPDATE ${sql.raw(deliveryTable)}
+              SET attempt = ${attempt}, status_code = ${statusCode},
+                  response_body = ${responseBody}, completed_at = now(), next_retry_at = NULL
+              WHERE id = ${deliveryId}`);
+            }
+            else {
+                const delayMs = Math.min(initialDelayMs * Math.pow(2, attempt - 1), maxDelayMs);
+                const nextRetry = new Date(Date.now() + delayMs);
+                await db.execute(sql `UPDATE ${sql.raw(deliveryTable)}
+              SET attempt = ${attempt}, status_code = ${statusCode},
+                  response_body = ${responseBody}, next_retry_at = ${nextRetry.toISOString()}
+              WHERE id = ${deliveryId}`);
+            }
+            return { success, statusCode };
+        },
+        async processPending(db) {
+            const rows = await db.execute(sql `SELECT id FROM ${sql.raw(deliveryTable)}
+            WHERE completed_at IS NULL AND next_retry_at <= now()
+            ORDER BY next_retry_at ASC
+            LIMIT 100`);
+            let processed = 0;
+            for (const row of rows) {
+                await this.deliver(db, row.id);
+                processed++;
+            }
+            return processed;
+        },
+        async registerEndpoint(db, endpoint) {
+            const rows = await db.execute(sql `INSERT INTO ${sql.raw(endpointTable)} (tenant_id, url, secret, events, active)
+            VALUES (${endpoint.tenantId}, ${endpoint.url}, ${endpoint.secret},
+                    ${`{${endpoint.events.join(',')}}`}, ${endpoint.active})
+            RETURNING id`);
+            return (rows[0]).id;
+        },
+        async listEndpoints(db, tenantId) {
+            const rows = await db.execute(sql `SELECT id, tenant_id, url, secret, events, active
+            FROM ${sql.raw(endpointTable)}
+            WHERE tenant_id = ${tenantId}
+            ORDER BY created_at ASC`);
+            return rows.map(row => ({
+                id: row['id'],
+                tenantId: row['tenant_id'],
+                url: row['url'],
+                secret: row['secret'],
+                events: row['events'],
+                active: row['active'],
+            }));
+        },
+        async removeEndpoint(db, tenantId, endpointId) {
+            const rows = await db.execute(sql `DELETE FROM ${sql.raw(endpointTable)}
+            WHERE id = ${endpointId} AND tenant_id = ${tenantId}
+            RETURNING id`);
+            return rows.length > 0;
+        },
+    };
+}
+//# sourceMappingURL=outbound.js.map

package/dist/webhook/outbound.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"outbound.js","sourceRoot":"","sources":["../../src/webhook/outbound.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,WAAW,EAAgC,MAAM,WAAW,CAAA;AA+CrE,MAAM,QAAQ,GAAG;IACf,KAAK,EAAE,8BAA8B;IACrC,aAAa,EAAE,+BAA+B;IAC9C,WAAW,EAAE,CAAC;IACd,cAAc,EAAE,IAAI;IACpB,UAAU,EAAE,SAAS;IACrB,SAAS,EAAE,MAAM;CACT,CAAA;AAEV,MAAM,UAAU,qBAAqB,CAAC,SAAgC,EAAE;IACtE,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,IAAI,QAAQ,CAAC,KAAK,CAAA;IACpD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,QAAQ,CAAC,aAAa,CAAA;IACpE,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,EAAE,WAAW,IAAI,QAAQ,CAAC,WAAW,CAAA;IACrE,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,EAAE,cAAc,IAAI,QAAQ,CAAC,cAAc,CAAA;IAC9E,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,EAAE,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAA;IAClE,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,QAAQ,CAAC,SAAS,CAAA;IACxD,MAAM,cAAc,GAAG,MAAM,CAAC,OAAO,IAAI,EAAE,CAAA;IAE3C,OAAO;QACL,KAAK,CAAC,YAAY,CAAC,EAAE;YACnB,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;qCACM,aAAa;;;;;;;;;OAS3C,CAAC,CAAC,CAAA;YAEH,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;qCACM,aAAa;;;;;;;;;;;;;;OAc3C,CAAC,CAAC,CAAA;QACL,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO;YACzC,MAAM,SAAS,GAAc,MAAM,EAAE,CAAC,OAAO,CAC3C,GAAG,CAAA,+BAA+B,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;gCAChC,QAAQ;;sCAEF,SAAS,iBAAiB,CACzD,CAAA;YAED,MAAM,WAAW,GAAa,EAAE,CAAA;YAChC,KAAK,MAAM,GAAG,IAAI,SAA6B,EAAE,CAAC;gBAChD,MAAM,MAAM,GAAc,MAAM,EAAE,CAAC,OAAO,CACxC,GAAG,CAAA,eAAe,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;wBAC1B,GAAG,CAAC,EAAE,KAAK,QAAQ,KAAK,SAAS,KAAK,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,WAAW;2BAC1E,CAClB,CAAA;gBACD,MAAM,QAAQ,GAAI,MAA2B,CAAC,CAAC,CAAC,CAAA;gBAChD,IAAI,QAAQ,KAAK,SAAS;oBAAE,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;YAC3D,CAAC;YAED,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,EAAE,EAAE,UAAU;YAC1B,MAAM,IAAI,GAAc,MAAM,EAAE,CAAC,OAAO,CACtC,GAAG,CAAA;;mBAEQ,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;mBACtB,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;2BACd,UAAU,6BAA6B,CAC3D,CAAA;YAED,MAAM,QAAQ,GAAI,IAAkC,CAAC,CAAC,CAAC,CAAA;YACvD,IAAI,QAAQ,KAAK,SAAS;gBAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,CAAA;YAEvE,MAAM,OAAO,GAAI,QAAQ,CAAC,SAAS,CAAY,GAAG,CAAC,CAAA;YACnD,MAAM,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,QAAQ,CAAW,EAAE,cAAc,CAAC,CAAA;YAE7F,IAAI,UAAU,GAAkB,IAAI,CAAA;YACpC,IAAI,YAAY,GAAkB,IAAI,CAAA;YACtC,IAAI,OAAO,GAAG,KAAK,CAAA;YAEnB,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAA;gBACxC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;gBAE7D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAW,EAAE;oBACtD,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE;wBACP,cAAc,EAAE,kBAAkB;wBAClC,cAAc,EAAE,MAAM,CAAC,SAAS;wBAChC,qBAAqB,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE;wBAClD,qBAAqB,EAAE,MAAM,CAAC,SAAS;qBACxC;oBACD,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAA;gBAEF,YAAY,CAAC,KAAK,CAAC,CAAA;gBACnB,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAA;gBAC5B,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;gBACtD,OAAO,GAAG,UAAU,IAAI,GAAG,IAAI,UAAU,GAAG,GAAG,CAAA;YACjD,CAAC;YAAC,MAAM,CAAC;gBACP,UAAU,GAAG,IAAI,CAAA;gBACjB,YAAY,GAAG,IAAI,CAAA;gBACnB,OAAO,GAAG,KAAK,CAAA;YACjB,CAAC;YAED,IAAI,OAAO,IAAI,OAAO,IAAK,QAAQ,CAAC,cAAc,CAAY,EAAE,CAAC;gBAC/D,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA,UAAU,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;8BACf,OAAO,mBAAmB,UAAU;oCAC9B,YAAY;2BACrB,UAAU,EAAE,CAC9B,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;gBAC/E,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,CAAA;gBAChD,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA,UAAU,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;8BACf,OAAO,mBAAmB,UAAU;oCAC9B,YAAY,qBAAqB,SAAS,CAAC,WAAW,EAAE;2BACjE,UAAU,EAAE,CAC9B,CAAA;YACH,CAAC;YAED,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAA;QAChC,CAAC;QAED,KAAK,CAAC,cAAc,CAAC,EAAE;YACrB,MAAM,IAAI,GAAc,MAAM,EAAE,CAAC,OAAO,CACtC,GAAG,CAAA,kBAAkB,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;;;sBAG7B,CACf,CAAA;YAED,IAAI,SAAS,GAAG,CAAC,CAAA;YACjB,KAAK,MAAM,GAAG,IAAI,IAAwB,EAAE,CAAC;gBAC3C,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;gBAC9B,SAAS,EAAE,CAAA;YACb,CAAC;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,EAAE,EAAE,QAAQ;YACjC,MAAM,IAAI,GAAc,MAAM,EAAE,CAAC,OAAO,CACtC,GAAG,CAAA,eAAe,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;sBAC1B,QAAQ,CAAC,QAAQ,KAAK,QAAQ,CAAC,GAAG,KAAK,QAAQ,CAAC,MAAM;sBACtD,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,MAAM;yBACjD,CAClB,CAAA;YACD,OAAO,CAAE,IAAyB,CAAC,CAAC,CAAC,CAAE,CAAC,EAAE,CAAA;QAC5C,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,QAAQ;YAC9B,MAAM,IAAI,GAAc,MAAM,EAAE,CAAC,OAAO,CACtC,GAAG,CAAA;mBACQ,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;gCACT,QAAQ;oCACJ,CAC7B,CAAA;YACD,OAAQ,IAAkC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACrD,EAAE,EAAE,GAAG,CAAC,IAAI,CAAW;gBACvB,QAAQ,EAAE,GAAG,CAAC,WAAW,CAAW;gBACpC,GAAG,EAAE,GAAG,CAAC,KAAK,CAAW;gBACzB,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAW;gBAC/B,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAa;gBACjC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAY;aACjC,CAAC,CAAC,CAAA;QACL,CAAC;QAED,KAAK,CAAC,cAAc,CAAC,EAAE,EAAE,QAAQ,EAAE,UAAU;YAC3C,MAAM,IAAI,GAAc,MAAM,EAAE,CAAC,OAAO,CACtC,GAAG,CAAA,eAAe,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;yBACvB,UAAU,oBAAoB,QAAQ;yBACtC,CAClB,CAAA;YACD,OAAQ,IAAkB,CAAC,MAAM,GAAG,CAAC,CAAA;QACvC,CAAC;KACF,CAAA;AACH,CAAC"}

package/dist/webhook/sign.d.ts

@@ -0,0 +1,12 @@
+export interface WebhookSignatureOptions {
+    algorithm?: string;
+    encoding?: 'hex' | 'base64';
+}
+export interface SignedPayload {
+    body: string;
+    signature: string;
+    timestamp: number;
+    messageId: string;
+}
+export declare function signPayload(payload: unknown, secret: string, options?: WebhookSignatureOptions): SignedPayload;
+//# sourceMappingURL=sign.d.ts.map

package/dist/webhook/sign.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../../src/webhook/sign.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,uBAAuB;IACtC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,QAAQ,CAAC,EAAE,KAAK,GAAG,QAAQ,CAAA;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,wBAAgB,WAAW,CACzB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,uBAA4B,GACpC,aAAa,CAWf"}

package/dist/webhook/sign.js

@@ -0,0 +1,12 @@
+import { createHmac, randomUUID } from 'node:crypto';
+export function signPayload(payload, secret, options = {}) {
+    const algorithm = options.algorithm ?? 'sha256';
+    const encoding = options.encoding ?? 'hex';
+    const messageId = randomUUID();
+    const timestamp = Math.floor(Date.now() / 1000);
+    const body = typeof payload === 'string' ? payload : JSON.stringify(payload);
+    const toSign = `${messageId}.${timestamp}.${body}`;
+    const signature = createHmac(algorithm, secret).update(toSign).digest(encoding);
+    return { body, signature, timestamp, messageId };
+}
+//# sourceMappingURL=sign.js.map