npm - stripe-experiment-sync - Versions diffs - 1.0.15 → 1.0.16 - Mend

stripe-experiment-sync 1.0.15 → 1.0.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +189 -117
package/dist/{chunk-XIFB5ALW.js → chunk-2Q3SNSKG.js} +12 -6
package/dist/{chunk-GOBVFXU7.js → chunk-NI6UMBIL.js} +12 -4
package/dist/{chunk-AODI5WO6.js → chunk-QHM3A4VW.js} +8 -4
package/dist/{chunk-3KVILTN4.js → chunk-VOYYTAJF.js} +5 -5
package/dist/cli/index.cjs +44 -18
package/dist/cli/index.js +15 -7
package/dist/cli/lib.cjs +33 -15
package/dist/cli/lib.d.cts +1 -0
package/dist/cli/lib.d.ts +1 -0
package/dist/cli/lib.js +4 -4
package/dist/index.cjs +16 -8
package/dist/index.js +2 -2
package/dist/supabase/index.cjs +16 -10
package/dist/supabase/index.d.cts +4 -3
package/dist/supabase/index.d.ts +4 -3
package/dist/supabase/index.js +2 -2
package/package.json +5 -5

package/dist/{chunk-AODI5WO6.js → chunk-QHM3A4VW.js} RENAMED Viewed

@@ -2,11 +2,11 @@ import {
   StripeSync,
   createStripeWebSocketClient,
   runMigrations
-} from "./chunk-GOBVFXU7.js";
+} from "./chunk-NI6UMBIL.js";
 import {
   install,
   uninstall
-} from "./chunk-XIFB5ALW.js";
+} from "./chunk-2Q3SNSKG.js";
 // src/cli/config.ts
 import dotenv from "dotenv";
@@ -545,13 +545,15 @@ async function installCommand(options) {
       }
     }
     console.log(chalk3.blue("\n\u{1F680} Installing Stripe Sync to Supabase Edge Functions...\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(chalk3.gray("Validating project access..."));
     await install({
       supabaseAccessToken: accessToken,
       supabaseProjectRef: projectRef,
       stripeKey,
       packageVersion: options.packageVersion,
-      workerIntervalSeconds: options.workerInterval
+      workerIntervalSeconds: options.workerInterval,
+      supabaseManagementUrl
     });
     console.log(chalk3.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(chalk3.cyan.bold("  Installation Complete!"));
@@ -602,10 +604,12 @@ async function uninstallCommand(options) {
     }
     console.log(chalk3.blue("\n\u{1F5D1}\uFE0F  Uninstalling Stripe Sync from Supabase...\n"));
     console.log(chalk3.yellow("\u26A0\uFE0F  Warning: This will delete all Stripe data from your database!\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(chalk3.gray("Removing all resources..."));
     await uninstall({
       supabaseAccessToken: accessToken,
-      supabaseProjectRef: projectRef
+      supabaseProjectRef: projectRef,
+      supabaseManagementUrl
     });
     console.log(chalk3.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(chalk3.cyan.bold("  Uninstall Complete!"));

package/dist/{chunk-3KVILTN4.js → chunk-VOYYTAJF.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 // package.json
 var package_default = {
   name: "stripe-experiment-sync",
-  version: "1.0.15",
+  version: "1.0.16",
   private: false,
   description: "Stripe Sync Engine to sync Stripe data to Postgres",
   type: "module",
@@ -63,11 +63,11 @@ var package_default = {
   },
   repository: {
     type: "git",
-    url: "https://github.com/tx-stripe/stripe-sync-engine.git"
+    url: "https://github.com/stripe-experiments/sync-engine.git"
   },
-  homepage: "https://github.com/tx-stripe/stripe-sync-engine#readme",
+  homepage: "https://github.com/stripe-experiments/sync-engine#readme",
   bugs: {
-    url: "https://github.com/tx-stripe/stripe-sync-engine/issues"
+    url: "https://github.com/stripe-experiments/sync-engine/issues"
   },
   keywords: [
     "stripe",
@@ -79,7 +79,7 @@ var package_default = {
     "database",
     "typescript"
   ],
-  author: "Supabase <https://supabase.com/>"
+  author: "Stripe <https://stripe.com/>"
 };
 export {

package/dist/cli/index.cjs CHANGED Viewed

@@ -33,7 +33,7 @@ var import_commander = require("commander");
 // package.json
 var package_default = {
   name: "stripe-experiment-sync",
-  version: "1.0.15",
+  version: "1.0.16",
   private: false,
   description: "Stripe Sync Engine to sync Stripe data to Postgres",
   type: "module",
@@ -95,11 +95,11 @@ var package_default = {
   },
   repository: {
     type: "git",
-    url: "https://github.com/tx-stripe/stripe-sync-engine.git"
+    url: "https://github.com/stripe-experiments/sync-engine.git"
   },
-  homepage: "https://github.com/tx-stripe/stripe-sync-engine#readme",
+  homepage: "https://github.com/stripe-experiments/sync-engine#readme",
   bugs: {
-    url: "https://github.com/tx-stripe/stripe-sync-engine/issues"
+    url: "https://github.com/stripe-experiments/sync-engine/issues"
   },
   keywords: [
     "stripe",
@@ -111,7 +111,7 @@ var package_default = {
     "database",
     "typescript"
   ],
-  author: "Supabase <https://supabase.com/>"
+  author: "Stripe <https://stripe.com/>"
 };
 // src/cli/commands.ts
@@ -1129,7 +1129,13 @@ async function fetchStripeText(url, apiKey, options) {
 async function runSigmaQueryAndDownloadCsv(params) {
   const pollTimeoutMs = params.pollTimeoutMs ?? 5 * 60 * 1e3;
   const pollIntervalMs = params.pollIntervalMs ?? 2e3;
-  const stripe = new import_stripe2.default(params.apiKey);
+  const stripe = new import_stripe2.default(params.apiKey, {
+    appInfo: {
+      name: "Stripe Sync Engine",
+      version: package_default.version,
+      url: package_default.homepage
+    }
+  });
   const created = await stripe.rawRequest("POST", "/v1/sigma/query_runs", {
     sql: params.sql
   });
@@ -1358,7 +1364,9 @@ var StripeSync = class {
       // @ts-ignore
       apiVersion: config.stripeApiVersion,
       appInfo: {
-        name: "Stripe Postgres Sync"
+        name: "Stripe Sync Engine",
+        version: package_default.version,
+        url: package_default.homepage
       }
     });
     this.stripe = createRetryableStripeClient(baseStripe, {}, config.logger);
@@ -2835,7 +2843,7 @@ var StripeSync = class {
         const customerIds = await this.postgresClient.query(prepared.text, prepared.values).then(({ rows }) => rows.map((it) => it.id));
         this.config.logger?.info(`Getting payment methods for ${customerIds.length} customers`);
         let synced = 0;
-        const chunkSize = this.config.maxConcurrentCustomers ?? 10;
+        const chunkSize = this.config.maxConcurrentCustomers ?? 3;
         for (const customerIdChunk of chunkArray(customerIds, chunkSize)) {
           await Promise.all(
             customerIdChunk.map(async (customerId) => {
@@ -4242,7 +4250,7 @@ Creating ngrok tunnel for port ${port}...`));
 var import_supabase_management_js = require("supabase-management-js");
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
-var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `https://api.supabase.com/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
+var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Get management API base URL from environment variable (for testing against localhost/staging)\n// Caller should provide full URL with protocol (e.g., http://localhost:54323 or https://api.supabase.com)\nconst MGMT_API_BASE_RAW = Deno.env.get('SUPABASE_MANAGEMENT_URL') || 'https://api.supabase.com'\nconst MGMT_API_BASE = MGMT_API_BASE_RAW.match(/^https?:\\/\\//)\n  ? MGMT_API_BASE_RAW\n  : `https://${MGMT_API_BASE_RAW}`\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
 var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
@@ -4264,14 +4272,16 @@ var SupabaseSetupClient = class {
   api;
   projectRef;
   projectBaseUrl;
+  supabaseManagementUrl;
   accessToken;
   constructor(options) {
     this.api = new import_supabase_management_js.SupabaseManagementAPI({
       accessToken: options.accessToken,
-      baseUrl: options.managementApiBaseUrl
+      baseUrl: options.supabaseManagementUrl
     });
     this.projectRef = options.projectRef;
     this.projectBaseUrl = options.projectBaseUrl || process.env.SUPABASE_BASE_URL || "supabase.co";
+    this.supabaseManagementUrl = options.supabaseManagementUrl;
     this.accessToken = options.accessToken;
   }
   /**
@@ -4578,7 +4588,11 @@ var SupabaseSetupClient = class {
       await this.deployFunction("stripe-setup", versionedSetup, false);
       await this.deployFunction("stripe-webhook", versionedWebhook, false);
       await this.deployFunction("stripe-worker", versionedWorker, false);
-      await this.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
+      const secrets = [{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }];
+      if (this.supabaseManagementUrl) {
+        secrets.push({ name: "SUPABASE_MANAGEMENT_URL", value: this.supabaseManagementUrl });
+      }
+      await this.setSecrets(secrets);
       const setupResult = await this.invokeFunction("stripe-setup", this.accessToken);
       if (!setupResult.success) {
         throw new Error(`Setup failed: ${setupResult.error}`);
@@ -4607,7 +4621,7 @@ async function install(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.install(stripeKey, packageVersion, workerIntervalSeconds);
 }
@@ -4617,7 +4631,7 @@ async function uninstall(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiBaseUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.uninstall();
 }
@@ -5058,13 +5072,15 @@ async function installCommand(options) {
       }
     }
     console.log(import_chalk3.default.blue("\n\u{1F680} Installing Stripe Sync to Supabase Edge Functions...\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(import_chalk3.default.gray("Validating project access..."));
     await install({
       supabaseAccessToken: accessToken,
       supabaseProjectRef: projectRef,
       stripeKey,
       packageVersion: options.packageVersion,
-      workerIntervalSeconds: options.workerInterval
+      workerIntervalSeconds: options.workerInterval,
+      supabaseManagementUrl
     });
     console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(import_chalk3.default.cyan.bold("  Installation Complete!"));
@@ -5115,10 +5131,12 @@ async function uninstallCommand(options) {
     }
     console.log(import_chalk3.default.blue("\n\u{1F5D1}\uFE0F  Uninstalling Stripe Sync from Supabase...\n"));
     console.log(import_chalk3.default.yellow("\u26A0\uFE0F  Warning: This will delete all Stripe data from your database!\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(import_chalk3.default.gray("Removing all resources..."));
     await uninstall({
       supabaseAccessToken: accessToken,
-      supabaseProjectRef: projectRef
+      supabaseProjectRef: projectRef,
+      supabaseManagementUrl
     });
     console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(import_chalk3.default.cyan.bold("  Uninstall Complete!"));
@@ -5171,19 +5189,27 @@ supabase.command("install").description("Install Stripe sync to Supabase Edge Fu
   "--worker-interval <seconds>",
   "Worker interval in seconds (defaults to 60)",
   (val) => parseInt(val, 10)
+).option(
+  "--management-url <url>",
+  "Supabase management API URL with protocol (e.g., http://localhost:54323, defaults to https://api.supabase.com or SUPABASE_MANAGEMENT_URL env)"
 ).action(async (options) => {
   await installCommand({
     supabaseAccessToken: options.token,
     supabaseProjectRef: options.project,
     stripeKey: options.stripeKey,
     packageVersion: options.packageVersion,
-    workerInterval: options.workerInterval
+    workerInterval: options.workerInterval,
+    supabaseManagementUrl: options.managementUrl
   });
 });
-supabase.command("uninstall").description("Uninstall Stripe sync from Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").action(async (options) => {
+supabase.command("uninstall").description("Uninstall Stripe sync from Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").option(
+  "--management-url <url>",
+  "Supabase management API URL with protocol (e.g., http://localhost:54323, defaults to https://api.supabase.com or SUPABASE_MANAGEMENT_URL env)"
+).action(async (options) => {
   await uninstallCommand({
     supabaseAccessToken: options.token,
-    supabaseProjectRef: options.project
+    supabaseProjectRef: options.project,
+    supabaseManagementUrl: options.managementUrl
   });
 });
 program.parse();

package/dist/cli/index.js CHANGED Viewed

@@ -5,12 +5,12 @@ import {
   migrateCommand,
   syncCommand,
   uninstallCommand
-} from "../chunk-AODI5WO6.js";
-import "../chunk-GOBVFXU7.js";
-import "../chunk-XIFB5ALW.js";
+} from "../chunk-QHM3A4VW.js";
+import "../chunk-NI6UMBIL.js";
+import "../chunk-2Q3SNSKG.js";
 import {
   package_default
-} from "../chunk-3KVILTN4.js";
+} from "../chunk-VOYYTAJF.js";
 // src/cli/index.ts
 import { Command } from "commander";
@@ -46,19 +46,27 @@ supabase.command("install").description("Install Stripe sync to Supabase Edge Fu
   "--worker-interval <seconds>",
   "Worker interval in seconds (defaults to 60)",
   (val) => parseInt(val, 10)
+).option(
+  "--management-url <url>",
+  "Supabase management API URL with protocol (e.g., http://localhost:54323, defaults to https://api.supabase.com or SUPABASE_MANAGEMENT_URL env)"
 ).action(async (options) => {
   await installCommand({
     supabaseAccessToken: options.token,
     supabaseProjectRef: options.project,
     stripeKey: options.stripeKey,
     packageVersion: options.packageVersion,
-    workerInterval: options.workerInterval
+    workerInterval: options.workerInterval,
+    supabaseManagementUrl: options.managementUrl
   });
 });
-supabase.command("uninstall").description("Uninstall Stripe sync from Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").action(async (options) => {
+supabase.command("uninstall").description("Uninstall Stripe sync from Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").option(
+  "--management-url <url>",
+  "Supabase management API URL with protocol (e.g., http://localhost:54323, defaults to https://api.supabase.com or SUPABASE_MANAGEMENT_URL env)"
+).action(async (options) => {
   await uninstallCommand({
     supabaseAccessToken: options.token,
-    supabaseProjectRef: options.project
+    supabaseProjectRef: options.project,
+    supabaseManagementUrl: options.managementUrl
   });
 });
 program.parse();

package/dist/cli/lib.cjs CHANGED Viewed

@@ -117,7 +117,7 @@ async function loadConfig(options) {
 // package.json
 var package_default = {
   name: "stripe-experiment-sync",
-  version: "1.0.15",
+  version: "1.0.16",
   private: false,
   description: "Stripe Sync Engine to sync Stripe data to Postgres",
   type: "module",
@@ -179,11 +179,11 @@ var package_default = {
   },
   repository: {
     type: "git",
-    url: "https://github.com/tx-stripe/stripe-sync-engine.git"
+    url: "https://github.com/stripe-experiments/sync-engine.git"
   },
-  homepage: "https://github.com/tx-stripe/stripe-sync-engine#readme",
+  homepage: "https://github.com/stripe-experiments/sync-engine#readme",
   bugs: {
-    url: "https://github.com/tx-stripe/stripe-sync-engine/issues"
+    url: "https://github.com/stripe-experiments/sync-engine/issues"
   },
   keywords: [
     "stripe",
@@ -195,7 +195,7 @@ var package_default = {
     "database",
     "typescript"
   ],
-  author: "Supabase <https://supabase.com/>"
+  author: "Stripe <https://stripe.com/>"
 };
 // src/stripeSync.ts
@@ -1143,7 +1143,13 @@ async function fetchStripeText(url, apiKey, options) {
 async function runSigmaQueryAndDownloadCsv(params) {
   const pollTimeoutMs = params.pollTimeoutMs ?? 5 * 60 * 1e3;
   const pollIntervalMs = params.pollIntervalMs ?? 2e3;
-  const stripe = new import_stripe2.default(params.apiKey);
+  const stripe = new import_stripe2.default(params.apiKey, {
+    appInfo: {
+      name: "Stripe Sync Engine",
+      version: package_default.version,
+      url: package_default.homepage
+    }
+  });
   const created = await stripe.rawRequest("POST", "/v1/sigma/query_runs", {
     sql: params.sql
   });
@@ -1372,7 +1378,9 @@ var StripeSync = class {
       // @ts-ignore
       apiVersion: config.stripeApiVersion,
       appInfo: {
-        name: "Stripe Postgres Sync"
+        name: "Stripe Sync Engine",
+        version: package_default.version,
+        url: package_default.homepage
       }
     });
     this.stripe = createRetryableStripeClient(baseStripe, {}, config.logger);
@@ -2849,7 +2857,7 @@ var StripeSync = class {
         const customerIds = await this.postgresClient.query(prepared.text, prepared.values).then(({ rows }) => rows.map((it) => it.id));
         this.config.logger?.info(`Getting payment methods for ${customerIds.length} customers`);
         let synced = 0;
-        const chunkSize = this.config.maxConcurrentCustomers ?? 10;
+        const chunkSize = this.config.maxConcurrentCustomers ?? 3;
         for (const customerIdChunk of chunkArray(customerIds, chunkSize)) {
           await Promise.all(
             customerIdChunk.map(async (customerId) => {
@@ -4256,7 +4264,7 @@ Creating ngrok tunnel for port ${port}...`));
 var import_supabase_management_js = require("supabase-management-js");
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
-var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `https://api.supabase.com/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
+var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Get management API base URL from environment variable (for testing against localhost/staging)\n// Caller should provide full URL with protocol (e.g., http://localhost:54323 or https://api.supabase.com)\nconst MGMT_API_BASE_RAW = Deno.env.get('SUPABASE_MANAGEMENT_URL') || 'https://api.supabase.com'\nconst MGMT_API_BASE = MGMT_API_BASE_RAW.match(/^https?:\\/\\//)\n  ? MGMT_API_BASE_RAW\n  : `https://${MGMT_API_BASE_RAW}`\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
 var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
@@ -4278,14 +4286,16 @@ var SupabaseSetupClient = class {
   api;
   projectRef;
   projectBaseUrl;
+  supabaseManagementUrl;
   accessToken;
   constructor(options) {
     this.api = new import_supabase_management_js.SupabaseManagementAPI({
       accessToken: options.accessToken,
-      baseUrl: options.managementApiBaseUrl
+      baseUrl: options.supabaseManagementUrl
     });
     this.projectRef = options.projectRef;
     this.projectBaseUrl = options.projectBaseUrl || process.env.SUPABASE_BASE_URL || "supabase.co";
+    this.supabaseManagementUrl = options.supabaseManagementUrl;
     this.accessToken = options.accessToken;
   }
   /**
@@ -4592,7 +4602,11 @@ var SupabaseSetupClient = class {
       await this.deployFunction("stripe-setup", versionedSetup, false);
       await this.deployFunction("stripe-webhook", versionedWebhook, false);
       await this.deployFunction("stripe-worker", versionedWorker, false);
-      await this.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
+      const secrets = [{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }];
+      if (this.supabaseManagementUrl) {
+        secrets.push({ name: "SUPABASE_MANAGEMENT_URL", value: this.supabaseManagementUrl });
+      }
+      await this.setSecrets(secrets);
       const setupResult = await this.invokeFunction("stripe-setup", this.accessToken);
       if (!setupResult.success) {
         throw new Error(`Setup failed: ${setupResult.error}`);
@@ -4621,7 +4635,7 @@ async function install(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.install(stripeKey, packageVersion, workerIntervalSeconds);
 }
@@ -4631,7 +4645,7 @@ async function uninstall(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiBaseUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.uninstall();
 }
@@ -5072,13 +5086,15 @@ async function installCommand(options) {
       }
     }
     console.log(import_chalk3.default.blue("\n\u{1F680} Installing Stripe Sync to Supabase Edge Functions...\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(import_chalk3.default.gray("Validating project access..."));
     await install({
       supabaseAccessToken: accessToken,
       supabaseProjectRef: projectRef,
       stripeKey,
       packageVersion: options.packageVersion,
-      workerIntervalSeconds: options.workerInterval
+      workerIntervalSeconds: options.workerInterval,
+      supabaseManagementUrl
     });
     console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(import_chalk3.default.cyan.bold("  Installation Complete!"));
@@ -5129,10 +5145,12 @@ async function uninstallCommand(options) {
     }
     console.log(import_chalk3.default.blue("\n\u{1F5D1}\uFE0F  Uninstalling Stripe Sync from Supabase...\n"));
     console.log(import_chalk3.default.yellow("\u26A0\uFE0F  Warning: This will delete all Stripe data from your database!\n"));
+    const supabaseManagementUrl = options.supabaseManagementUrl || process.env.SUPABASE_MANAGEMENT_URL;
     console.log(import_chalk3.default.gray("Removing all resources..."));
     await uninstall({
       supabaseAccessToken: accessToken,
-      supabaseProjectRef: projectRef
+      supabaseProjectRef: projectRef,
+      supabaseManagementUrl
     });
     console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(import_chalk3.default.cyan.bold("  Uninstall Complete!"));

package/dist/cli/lib.d.cts CHANGED Viewed

@@ -22,6 +22,7 @@ interface DeployOptions {
     stripeKey?: string;
     packageVersion?: string;
     workerInterval?: number;
+    supabaseManagementUrl?: string;
 }
 /**

package/dist/cli/lib.d.ts CHANGED Viewed

@@ -22,6 +22,7 @@ interface DeployOptions {
     stripeKey?: string;
     packageVersion?: string;
     workerInterval?: number;
+    supabaseManagementUrl?: string;
 }
 /**

package/dist/cli/lib.js CHANGED Viewed

@@ -6,10 +6,10 @@ import {
   migrateCommand,
   syncCommand,
   uninstallCommand
-} from "../chunk-AODI5WO6.js";
-import "../chunk-GOBVFXU7.js";
-import "../chunk-XIFB5ALW.js";
-import "../chunk-3KVILTN4.js";
+} from "../chunk-QHM3A4VW.js";
+import "../chunk-NI6UMBIL.js";
+import "../chunk-2Q3SNSKG.js";
+import "../chunk-VOYYTAJF.js";
 export {
   backfillCommand,
   createTunnel,