postgresai 0.14.0-dev.70 → 0.14.0-dev.72

package/lib/mcp-server.ts

@@ -1,6 +1,19 @@
 import pkg from "../package.json";
 import * as config from "./config";
-import { fetchIssues, fetchIssueComments, createIssueComment, fetchIssue, createIssue, updateIssue, updateIssueComment } from "./issues";
+import {
+  fetchIssues,
+  fetchIssueComments,
+  createIssueComment,
+  fetchIssue,
+  createIssue,
+  updateIssue,
+  updateIssueComment,
+  fetchActionItem,
+  fetchActionItems,
+  createActionItem,
+  updateActionItem,
+  type ConfigChange,
+} from "./issues";
 import { resolveBaseUrls } from "./util";
 
 // MCP SDK imports - Bun handles these directly
@@ -64,7 +77,14 @@ export async function handleToolCall(
 
   try {
     if (toolName === "list_issues") {
-      const issues = await fetchIssues({ apiKey, apiBaseUrl, debug });
+      const orgId = args.org_id !== undefined ? Number(args.org_id) : cfg.orgId ?? undefined;
+      const statusArg = args.status ? String(args.status) : undefined;
+      let status: "open" | "closed" | undefined;
+      if (statusArg === "open") status = "open";
+      else if (statusArg === "closed") status = "closed";
+      const limit = args.limit !== undefined ? Number(args.limit) : undefined;
+      const offset = args.offset !== undefined ? Number(args.offset) : undefined;
+      const issues = await fetchIssues({ apiKey, apiBaseUrl, orgId, status, limit, offset, debug });
       return { content: [{ type: "text", text: JSON.stringify(issues, null, 2) }] };
     }
 
@@ -154,6 +174,82 @@ export async function handleToolCall(
       return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
     }
 
+    // Action Items Tools
+    if (toolName === "view_action_item") {
+      // Support both single ID and array of IDs
+      let actionItemIds: string[];
+      if (Array.isArray(args.action_item_ids)) {
+        actionItemIds = args.action_item_ids.map((id: unknown) => String(id).trim()).filter((id: string) => id);
+      } else if (args.action_item_id) {
+        actionItemIds = [String(args.action_item_id).trim()];
+      } else {
+        actionItemIds = [];
+      }
+      if (actionItemIds.length === 0) {
+        return { content: [{ type: "text", text: "action_item_id or action_item_ids is required" }], isError: true };
+      }
+      const actionItems = await fetchActionItem({ apiKey, apiBaseUrl, actionItemIds, debug });
+      if (actionItems.length === 0) {
+        return { content: [{ type: "text", text: "Action item(s) not found" }], isError: true };
+      }
+      return { content: [{ type: "text", text: JSON.stringify(actionItems, null, 2) }] };
+    }
+
+    if (toolName === "list_action_items") {
+      const issueId = String(args.issue_id || "").trim();
+      if (!issueId) {
+        return { content: [{ type: "text", text: "issue_id is required" }], isError: true };
+      }
+      const actionItems = await fetchActionItems({ apiKey, apiBaseUrl, issueId, debug });
+      return { content: [{ type: "text", text: JSON.stringify(actionItems, null, 2) }] };
+    }
+
+    if (toolName === "create_action_item") {
+      const issueId = String(args.issue_id || "").trim();
+      const rawTitle = String(args.title || "").trim();
+      if (!issueId) {
+        return { content: [{ type: "text", text: "issue_id is required" }], isError: true };
+      }
+      if (!rawTitle) {
+        return { content: [{ type: "text", text: "title is required" }], isError: true };
+      }
+      const title = interpretEscapes(rawTitle);
+      const rawDescription = args.description ? String(args.description) : undefined;
+      const description = rawDescription ? interpretEscapes(rawDescription) : undefined;
+      const sqlAction = args.sql_action !== undefined ? String(args.sql_action) : undefined;
+      const configs = Array.isArray(args.configs) ? args.configs as ConfigChange[] : undefined;
+      const result = await createActionItem({ apiKey, apiBaseUrl, issueId, title, description, sqlAction, configs, debug });
+      return { content: [{ type: "text", text: JSON.stringify({ id: result }, null, 2) }] };
+    }
+
+    if (toolName === "update_action_item") {
+      const actionItemId = String(args.action_item_id || "").trim();
+      if (!actionItemId) {
+        return { content: [{ type: "text", text: "action_item_id is required" }], isError: true };
+      }
+      const rawTitle = args.title !== undefined ? String(args.title) : undefined;
+      const title = rawTitle !== undefined ? interpretEscapes(rawTitle) : undefined;
+      const rawDescription = args.description !== undefined ? String(args.description) : undefined;
+      const description = rawDescription !== undefined ? interpretEscapes(rawDescription) : undefined;
+      const isDone = args.is_done !== undefined ? Boolean(args.is_done) : undefined;
+      const status = args.status !== undefined ? String(args.status) : undefined;
+      const statusReason = args.status_reason !== undefined ? String(args.status_reason) : undefined;
+
+      // Validate that at least one update field is provided
+      if (title === undefined && description === undefined &&
+          isDone === undefined && status === undefined && statusReason === undefined) {
+        return { content: [{ type: "text", text: "At least one field to update is required (title, description, is_done, status, or status_reason)" }], isError: true };
+      }
+
+      // Validate status value if provided
+      if (status !== undefined && !["waiting_for_approval", "approved", "rejected"].includes(status)) {
+        return { content: [{ type: "text", text: "status must be 'waiting_for_approval', 'approved', or 'rejected'" }], isError: true };
+      }
+
+      await updateActionItem({ apiKey, apiBaseUrl, actionItemId, title, description, isDone, status, statusReason, debug });
+      return { content: [{ type: "text", text: JSON.stringify({ success: true }, null, 2) }] };
+    }
+
     throw new Error(`Unknown tool: ${toolName}`);
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
@@ -163,7 +259,11 @@ export async function handleToolCall(
 
 export async function startMcpServer(rootOpts?: RootOptsLike, extra?: { debug?: boolean }): Promise<void> {
   const server = new Server(
-    { name: "postgresai-mcp", version: pkg.version },
+    {
+      name: "postgresai-mcp",
+      version: pkg.version,
+      title: "PostgresAI MCP Server",
+    },
     { capabilities: { tools: {} } }
   );
 
@@ -176,6 +276,10 @@ export async function startMcpServer(rootOpts?: RootOptsLike, extra?: { debug?:
           inputSchema: {
             type: "object",
             properties: {
+              org_id: { type: "number", description: "Organization ID (optional, falls back to config)" },
+              status: { type: "string", description: "Filter by status: 'open', 'closed', or omit for all" },
+              limit: { type: "number", description: "Max number of issues to return (default: 20)" },
+              offset: { type: "number", description: "Number of issues to skip (default: 0)" },
               debug: { type: "boolean", description: "Enable verbose debug logs" },
             },
             additionalProperties: false,
@@ -265,6 +369,79 @@ export async function startMcpServer(rootOpts?: RootOptsLike, extra?: { debug?:
             additionalProperties: false,
           },
         },
+        // Action Items Tools
+        {
+          name: "view_action_item",
+          description: "View action item(s) with all details. Supports single ID or multiple IDs.",
+          inputSchema: {
+            type: "object",
+            properties: {
+              action_item_id: { type: "string", description: "Single action item ID (UUID)" },
+              action_item_ids: { type: "array", items: { type: "string" }, description: "Multiple action item IDs (UUIDs)" },
+              debug: { type: "boolean", description: "Enable verbose debug logs" },
+            },
+            additionalProperties: false,
+          },
+        },
+        {
+          name: "list_action_items",
+          description: "List action items for an issue",
+          inputSchema: {
+            type: "object",
+            properties: {
+              issue_id: { type: "string", description: "Issue ID (UUID)" },
+              debug: { type: "boolean", description: "Enable verbose debug logs" },
+            },
+            required: ["issue_id"],
+            additionalProperties: false,
+          },
+        },
+        {
+          name: "create_action_item",
+          description: "Create a new action item for an issue",
+          inputSchema: {
+            type: "object",
+            properties: {
+              issue_id: { type: "string", description: "Issue ID (UUID)" },
+              title: { type: "string", description: "Action item title" },
+              description: { type: "string", description: "Detailed description" },
+              sql_action: { type: "string", description: "SQL command to execute, e.g. 'DROP INDEX CONCURRENTLY idx_unused;'" },
+              configs: {
+                type: "array",
+                items: {
+                  type: "object",
+                  properties: {
+                    parameter: { type: "string" },
+                    value: { type: "string" },
+                  },
+                  required: ["parameter", "value"],
+                },
+                description: "Configuration parameter changes",
+              },
+              debug: { type: "boolean", description: "Enable verbose debug logs" },
+            },
+            required: ["issue_id", "title"],
+            additionalProperties: false,
+          },
+        },
+        {
+          name: "update_action_item",
+          description: "Update an action item: mark as done/not done, approve/reject, or edit title/description",
+          inputSchema: {
+            type: "object",
+            properties: {
+              action_item_id: { type: "string", description: "Action item ID (UUID)" },
+              title: { type: "string", description: "New title" },
+              description: { type: "string", description: "New description" },
+              is_done: { type: "boolean", description: "Mark as done (true) or not done (false)" },
+              status: { type: "string", description: "Approval status: 'waiting_for_approval', 'approved', or 'rejected'" },
+              status_reason: { type: "string", description: "Reason for approval/rejection" },
+              debug: { type: "boolean", description: "Enable verbose debug logs" },
+            },
+            required: ["action_item_id"],
+            additionalProperties: false,
+          },
+        },
       ],
     };
   });

package/lib/metrics-embedded.ts

@@ -1,6 +1,6 @@
 // AUTO-GENERATED FILE - DO NOT EDIT
 // Generated from config/pgwatch-prometheus/metrics.yml by scripts/embed-metrics.ts
-// Generated at: 2026-01-08T20:01:57.541Z
+// Generated at: 2026-01-09T15:26:19.729Z
 
 /**
  * Metric definition from metrics.yml

package/lib/supabase.ts

@@ -333,6 +333,58 @@ export class SupabaseClient {
   }
 }
 
+/**
+ * Fetch the database pooler connection string from Supabase Management API.
+ * Returns a postgresql:// URL with username but no password.
+ *
+ * @param config Supabase configuration with projectRef and accessToken
+ * @returns Database URL without password (e.g., "postgresql://postgres.ref@host:port/postgres")
+ */
+export async function fetchPoolerDatabaseUrl(
+  config: SupabaseConfig
+): Promise<string | null> {
+  const url = `${SUPABASE_API_BASE}/v1/projects/${encodeURIComponent(config.projectRef)}/config/database/pooler`;
+
+  try {
+    const response = await fetch(url, {
+      method: "GET",
+      headers: {
+        Authorization: `Bearer ${config.accessToken}`,
+      },
+    });
+
+    if (!response.ok) {
+      return null;
+    }
+
+    const data = await response.json();
+
+    // The API returns an array of pooler configurations
+    // Look for a connection string in the response
+    if (Array.isArray(data) && data.length > 0) {
+      const pooler = data[0];
+      // Build URL from components if available
+      if (pooler.db_host && pooler.db_port && pooler.db_name && pooler.db_user) {
+        return `postgresql://${pooler.db_user}@${pooler.db_host}:${pooler.db_port}/${pooler.db_name}`;
+      }
+      // Fallback: try to extract from connection_string if present
+      if (typeof pooler.connection_string === "string") {
+        try {
+          const connUrl = new URL(pooler.connection_string);
+          // Remove password from URL
+          return `postgresql://${connUrl.username}@${connUrl.hostname}:${connUrl.port}${connUrl.pathname}`;
+        } catch {
+          return null;
+        }
+      }
+    }
+
+    return null;
+  } catch {
+    return null;
+  }
+}
+
 /**
  * Resolve Supabase configuration from options and environment variables.
  */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "postgresai",
-  "version": "0.14.0-dev.70",
+  "version": "0.14.0-dev.72",
   "description": "postgres_ai CLI",
   "license": "Apache-2.0",
   "private": false,

package/test/config-consistency.test.ts

@@ -0,0 +1,36 @@
+/**
+ * Tests that config files are consistent with what the CLI expects.
+ * Catches schema mismatches like pg_statistic in wrong schema.
+ */
+import { describe, test, expect } from "bun:test";
+import { readFileSync } from "fs";
+import { resolve } from "path";
+
+const configDir = resolve(import.meta.dir, "../../config");
+
+describe("Config consistency", () => {
+  test("target-db/init.sql creates pg_statistic in postgres_ai schema", () => {
+    const initSql = readFileSync(resolve(configDir, "target-db/init.sql"), "utf8");
+
+    // Must create postgres_ai schema
+    expect(initSql).toMatch(/create\s+schema\s+if\s+not\s+exists\s+postgres_ai/i);
+
+    // Must create view in postgres_ai schema, not public
+    expect(initSql).toMatch(/create\s+or\s+replace\s+view\s+postgres_ai\.pg_statistic/i);
+    expect(initSql).not.toMatch(/create\s+or\s+replace\s+view\s+public\.pg_statistic/i);
+
+    // Must grant on postgres_ai.pg_statistic
+    expect(initSql).toMatch(/grant\s+select\s+on\s+postgres_ai\.pg_statistic/i);
+  });
+
+  test("pgwatch metrics.yml uses postgres_ai.pg_statistic", () => {
+    const metricsYml = readFileSync(
+      resolve(configDir, "pgwatch-prometheus/metrics.yml"),
+      "utf8"
+    );
+
+    // Should reference postgres_ai.pg_statistic, not public.pg_statistic
+    expect(metricsYml).not.toMatch(/public\.pg_statistic/);
+    expect(metricsYml).toMatch(/postgres_ai\.pg_statistic/);
+  });
+});

package/test/init.integration.test.ts

@@ -241,70 +241,76 @@ describe.skipIf(skipTests)("integration: prepare-db", () => {
     }
   });
 
-  test("fixes slightly-off permissions idempotently", async () => {
-    pg = await createTempPostgres();
+  test(
+    "fixes slightly-off permissions idempotently",
+    async () => {
+      pg = await createTempPostgres();
 
-    try {
-      // Create monitoring role with wrong password, no grants.
-      {
-        const c = new Client({ connectionString: pg.adminUri });
-        await c.connect();
-        await c.query(
-          "do $$ begin if not exists (select 1 from pg_roles where rolname='postgres_ai_mon') then create role postgres_ai_mon login password 'wrong'; end if; end $$;"
-        );
-        await c.end();
-      }
+      try {
+        // Create monitoring role with wrong password, no grants.
+        {
+          const c = new Client({ connectionString: pg.adminUri });
+          await c.connect();
+          await c.query(
+            "do $$ begin if not exists (select 1 from pg_roles where rolname='postgres_ai_mon') then create role postgres_ai_mon login password 'wrong'; end if; end $$;"
+          );
+          await c.end();
+        }
 
-      // Run init (should grant everything).
-      {
-        const r = runCliInit([pg.adminUri, "--password", "correctpw", "--skip-optional-permissions"]);
-        expect(r.status).toBe(0);
-      }
+        // Run init (should grant everything).
+        {
+          const r = runCliInit([pg.adminUri, "--password", "correctpw", "--skip-optional-permissions"]);
+          expect(r.status).toBe(0);
+        }
 
-      // Verify privileges.
-      {
-        const c = new Client({ connectionString: pg.adminUri });
-        await c.connect();
-        const dbOk = await c.query(
-          "select has_database_privilege('postgres_ai_mon', current_database(), 'CONNECT') as ok"
-        );
-        expect(dbOk.rows[0].ok).toBe(true);
-        const roleOk = await c.query("select pg_has_role('postgres_ai_mon', 'pg_monitor', 'member') as ok");
-        expect(roleOk.rows[0].ok).toBe(true);
-        const idxOk = await c.query(
-          "select has_table_privilege('postgres_ai_mon', 'pg_catalog.pg_index', 'SELECT') as ok"
-        );
-        expect(idxOk.rows[0].ok).toBe(true);
-        const viewOk = await c.query(
-          "select has_table_privilege('postgres_ai_mon', 'postgres_ai.pg_statistic', 'SELECT') as ok"
-        );
-        expect(viewOk.rows[0].ok).toBe(true);
-        const sp = await c.query("select rolconfig from pg_roles where rolname='postgres_ai_mon'");
-        expect(Array.isArray(sp.rows[0].rolconfig)).toBe(true);
-        expect(sp.rows[0].rolconfig.some((v: string) => String(v).includes("search_path="))).toBe(true);
-        await c.end();
-      }
+        // Verify privileges.
+        {
+          const c = new Client({ connectionString: pg.adminUri });
+          await c.connect();
+          const dbOk = await c.query(
+            "select has_database_privilege('postgres_ai_mon', current_database(), 'CONNECT') as ok"
+          );
+          expect(dbOk.rows[0].ok).toBe(true);
+          const roleOk = await c.query("select pg_has_role('postgres_ai_mon', 'pg_monitor', 'member') as ok");
+          expect(roleOk.rows[0].ok).toBe(true);
+          const idxOk = await c.query(
+            "select has_table_privilege('postgres_ai_mon', 'pg_catalog.pg_index', 'SELECT') as ok"
+          );
+          expect(idxOk.rows[0].ok).toBe(true);
+          const viewOk = await c.query(
+            "select has_table_privilege('postgres_ai_mon', 'postgres_ai.pg_statistic', 'SELECT') as ok"
+          );
+          expect(viewOk.rows[0].ok).toBe(true);
+          const sp = await c.query("select rolconfig from pg_roles where rolname='postgres_ai_mon'");
+          expect(Array.isArray(sp.rows[0].rolconfig)).toBe(true);
+          expect(sp.rows[0].rolconfig.some((v: string) => String(v).includes("search_path="))).toBe(true);
+          await c.end();
+        }
 
-      // Run init again (idempotent).
-      {
-        const r = runCliInit([pg.adminUri, "--password", "correctpw", "--skip-optional-permissions"]);
-        expect(r.status).toBe(0);
+        // Run init again (idempotent).
+        {
+          const r = runCliInit([pg.adminUri, "--password", "correctpw", "--skip-optional-permissions"]);
+          expect(r.status).toBe(0);
+        }
+      } finally {
+        await pg.cleanup();
       }
-    } finally {
-      await pg.cleanup();
-    }
-  });
+    },
+    { timeout: 15000 }
+  );
 
-  test("reports nicely when lacking permissions", async () => {
-    pg = await createTempPostgres();
+  test(
+    "reports nicely when lacking permissions",
+    async () => {
+      pg = await createTempPostgres();
 
-    try {
-      // Create limited user that can connect but cannot create roles / grant.
-      const limitedPw = "limitedpw";
-      {
-        const c = new Client({ connectionString: pg.adminUri });
-        await c.connect();
-        await c.query(`do $$ begin
+      try {
+        // Create limited user that can connect but cannot create roles / grant.
+        const limitedPw = "limitedpw";
+        {
+          const c = new Client({ connectionString: pg.adminUri });
+          await c.connect();
+          await c.query(`do $$ begin
           if not exists (select 1 from pg_roles where rolname='limited') then
             begin
               create role limited login password ${sqlLiteral(limitedPw)};
@@ -313,20 +319,22 @@ describe.skipIf(skipTests)("integration: prepare-db", () => {
             end;
           end if;
         end $$;`);
-        await c.query("grant connect on database testdb to limited");
-        await c.end();
-      }
+          await c.query("grant connect on database testdb to limited");
+          await c.end();
+        }
 
-      const limitedUri = `postgresql://limited:${limitedPw}@127.0.0.1:${pg.port}/testdb`;
-      const r = runCliInit([limitedUri, "--password", "monpw", "--skip-optional-permissions"]);
-      expect(r.status).not.toBe(0);
-      expect(r.stderr).toMatch(/Error: prepare-db:/);
-      expect(r.stderr).toMatch(/Failed at step "/);
-      expect(r.stderr).toMatch(/Fix: connect as a superuser/i);
-    } finally {
-      await pg.cleanup();
-    }
-  });
+        const limitedUri = `postgresql://limited:${limitedPw}@127.0.0.1:${pg.port}/testdb`;
+        const r = runCliInit([limitedUri, "--password", "monpw", "--skip-optional-permissions"]);
+        expect(r.status).not.toBe(0);
+        expect(r.stderr).toMatch(/Error: prepare-db:/);
+        expect(r.stderr).toMatch(/Failed at step "/);
+        expect(r.stderr).toMatch(/Fix: connect as a superuser/i);
+      } finally {
+        await pg.cleanup();
+      }
+    },
+    { timeout: 15000 }
+  );
 
   test(
     "--verify returns 0 when ok and non-zero when missing",