npm - stripe-experiment-sync - Versions diffs - 1.0.15 → 1.0.17 - Mend

stripe-experiment-sync 1.0.15 → 1.0.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +189 -117
package/dist/{chunk-3KVILTN4.js → chunk-57SXDCMH.js} +5 -5
package/dist/{chunk-XIFB5ALW.js → chunk-I7IFXSAU.js} +12 -6
package/dist/{chunk-GOBVFXU7.js → chunk-TV67ZOCK.js} +12 -4
package/dist/{chunk-AODI5WO6.js → chunk-YXRCT3RK.js} +8 -4
package/dist/cli/index.cjs +44 -18
package/dist/cli/index.js +15 -7
package/dist/cli/lib.cjs +33 -15
package/dist/cli/lib.d.cts +1 -0
package/dist/cli/lib.d.ts +1 -0
package/dist/cli/lib.js +4 -4
package/dist/index.cjs +16 -8
package/dist/index.js +2 -2
package/dist/supabase/index.cjs +16 -10
package/dist/supabase/index.d.cts +4 -3
package/dist/supabase/index.d.ts +4 -3
package/dist/supabase/index.js +2 -2
package/package.json +5 -5

package/README.md CHANGED Viewed

@@ -1,14 +1,19 @@
 # Stripe Sync Engine
-![GitHub License](https://img.shields.io/github/license/tx-stripe/stripe-sync-engine)
+![GitHub License](https://img.shields.io/github/license/stripe-experiments/sync-engine)
 ![NPM Version](https://img.shields.io/npm/v/stripe-experiment-sync)
 A TypeScript library to synchronize Stripe data into a PostgreSQL database, designed for use in Node.js backends and serverless environments.
 ## Features
-- Programmatic management of Stripe webhooks for real-time updates
-- Sync Stripe objects (customers, invoices, products, etc.) to your PostgreSQL database
+- **Managed Webhooks:** Automatic webhook creation and lifecycle management with built-in processing
+- **Real-time Sync:** Keep your database in sync with Stripe automatically
+- **Backfill Support:** Sync historical data from Stripe to your database
+- **Stripe Sigma:** Support for Stripe Sigma reporting data
+- **Supabase Ready:** Deploy to Supabase Edge Functions with one command
+- **Automatic Retries:** Built-in retry logic for rate limits and transient errors
+- **Observability:** Track sync runs and monitor progress
 ## Installation
@@ -20,7 +25,7 @@ pnpm add stripe-experiment-sync stripe
 yarn add stripe-experiment-sync stripe
 ```
-## Usage
+## Quick Start
 ```ts
 import { StripeSync } from 'stripe-experiment-sync'
@@ -28,103 +33,129 @@ import { StripeSync } from 'stripe-experiment-sync'
 const sync = new StripeSync({
   poolConfig: {
     connectionString: 'postgres://user:pass@host:port/db',
-    max: 10, // Maximum number of connections
+    max: 10,
   },
   stripeSecretKey: 'sk_test_...',
-  stripeWebhookSecret: 'whsec_...',
-  // logger: <a pino logger>
 })
-// Example: process a Stripe webhook
-await sync.processWebhook(payload, signature)
+// Create a managed webhook - no additional processing needed!
+const webhook = await sync.findOrCreateManagedWebhook('https://example.com/stripe-webhooks')
+// Cleanup when done (closes PostgreSQL connection pool)
+await sync.close()
 ```
-## Low-Level API (Advanced)
+## Managed Webhooks
-For more control, you can use the `StripeSync` class directly:
+The Stripe Sync Engine automatically manages webhook endpoints and their processing. Once created, managed webhooks handle everything automatically - you don't need to manually process events.
-```ts
-import { StripeSync } from 'stripe-experiment-sync'
+### Creating Managed Webhooks
-const sync = new StripeSync({
-  poolConfig: {
-    connectionString: 'postgres://user:pass@host:port/db',
-    max: 10, // Maximum number of connections
-  },
-  stripeSecretKey: 'sk_test_...',
-  stripeWebhookSecret: 'whsec_...',
-  // logger: <a pino logger>
+```typescript
+// Create or reuse an existing webhook endpoint
+// This webhook will automatically sync all Stripe events to your database
+const webhook = await sync.findOrCreateManagedWebhook('https://example.com/stripe-webhooks')
+// Create a webhook for specific events
+const webhook = await sync.createManagedWebhook('https://example.com/stripe-webhooks', {
+  enabled_events: ['customer.created', 'customer.updated', 'invoice.paid'],
 })
-// Example: process a Stripe webhook
-await sync.processWebhook(payload, signature)
+console.log(webhook.id) // we_xxx
+console.log(webhook.secret) // whsec_xxx
 ```
-### Processing Webhooks
+**⚠️ Important:** Managed webhooks are tracked in the database and automatically process incoming events. You don't need to call `processWebhook()` for managed webhooks - the library handles this internally.
-The `processWebhook` method validates and processes Stripe webhook events:
+### Managing Webhooks
 ```typescript
-// Process a webhook event with signature validation
-await sync.processWebhook(payload, signature)
+// List all managed webhooks
+const webhooks = await sync.listManagedWebhooks()
+// Get a specific webhook
+const webhook = await sync.getManagedWebhook('we_xxx')
-// Or process an event directly (no signature validation):
-await sync.processEvent(event)
+// Delete a managed webhook
+await sync.deleteManagedWebhook('we_xxx')
 ```
-### Managed Webhook Endpoints
+### How It Works
-The library provides methods to create and manage webhook endpoints:
+**Automatic Processing:** Managed webhooks are stored in the `stripe._managed_webhooks` table. When Stripe sends events to these webhooks, they are automatically processed and synced to your database.
-```typescript
-// Create or reuse an existing webhook endpoint for a URL
-const webhook = await sync.findOrCreateManagedWebhook('https://example.com/stripe-webhooks', {
-  enabled_events: ['*'], // or specific events like ['customer.created', 'invoice.paid']
-  description: 'My app webhook',
-})
+**Race Condition Protection:** PostgreSQL advisory locks prevent race conditions when multiple instances call `findOrCreateManagedWebhook()` concurrently. A unique constraint on `(url, account_id)` provides additional safety.
-// Create a new webhook endpoint (always creates new)
-const webhook = await sync.createManagedWebhook('https://example.com/stripe-webhooks', {
-  enabled_events: ['customer.created', 'customer.updated'],
+**Automatic Cleanup:** When you call `findOrCreateManagedWebhook()`, it will:
+1. Check if a webhook already exists for the URL in the database
+2. If found, reuse the existing webhook
+3. If not found, create a new webhook in Stripe and record it
+4. Clean up any orphaned webhooks from previous installations
+## Manual Webhook Processing
+If you need to process webhooks outside of managed webhooks (e.g., for testing or custom integrations):
+```typescript
+// Validate and process a webhook event
+app.post('/stripe-webhooks', async (req, res) => {
+  const signature = req.headers['stripe-signature']
+  const payload = req.body
+  try {
+    await sync.processWebhook(payload, signature)
+    res.status(200).send({ received: true })
+  } catch (error) {
+    res.status(400).send({ error: error.message })
+  }
 })
-// Get a managed webhook by ID
-const webhook = await sync.getManagedWebhook('we_xxx')
+// Or process an event directly (no signature validation)
+await sync.processEvent(stripeEvent)
-// Delete a managed webhook
-await sync.deleteManagedWebhook('we_xxx')
+// Cleanup when done
+await sync.close()
 ```
-**Note:** The library automatically manages webhook endpoints for you. When you call `findOrCreateManagedWebhook()` with a URL, it will reuse an existing webhook if one is found in the database, or create a new one if needed. Old or orphaned webhooks from this package are automatically cleaned up.
-**Race Condition Protection:** The library uses PostgreSQL advisory locks to prevent race conditions when multiple instances call `findOrCreateManagedWebhook()` concurrently for the same URL. A unique constraint on `(url, account_id)` provides an additional safety net at the database level.
+**Note:** This is only needed for custom webhook endpoints. Managed webhooks handle processing automatically.
 ## Configuration
-| Option                          | Type    | Description                                                                                                                                                                                                                                                                                              |
-| ------------------------------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `databaseUrl`                   | string  | **Deprecated:** Use `poolConfig` with a connection string instead.                                                                                                                                                                                                                                       |
-| `stripeSecretKey`               | string  | Stripe secret key                                                                                                                                                                                                                                                                                        |
-| `stripeWebhookSecret`           | string  | Stripe webhook signing secret                                                                                                                                                                                                                                                                            |
-| `stripeApiVersion`              | string  | Stripe API version (default: `2020-08-27`)                                                                                                                                                                                                                                                               |
-| `autoExpandLists`               | boolean | Fetch all list items from Stripe (not just the default 10)                                                                                                                                                                                                                                               |
-| `backfillRelatedEntities`       | boolean | Ensure related entities are present for foreign key integrity                                                                                                                                                                                                                                            |
-| `revalidateObjectsViaStripeApi` | Array   | Always fetch latest entity from Stripe instead of trusting webhook payload, possible values: charge, credit_note, customer, dispute, invoice, payment_intent, payment_method, plan, price, product, refund, review, radar.early_fraud_warning, setup_intent, subscription, subscription_schedule, tax_id |
-| `poolConfig`                    | object  | Configuration for PostgreSQL connection pooling. Supports options like `connectionString`, `max`, and `keepAlive`. For more details, refer to the [Node-Postgres Pool API documentation](https://node-postgres.com/apis/pool).                                                                           |
-| `maxPostgresConnections`        | number  | **Deprecated:** Use `poolConfig.max` instead to configure the maximum number of PostgreSQL connections.                                                                                                                                                                                                  |
-| `logger`                        | Logger  | Logger instance (pino)                                                                                                                                                                                                                                                                                   |
+| Option                          | Type    | Description                                                                                                                                                                                                                                                                                            |
+| ------------------------------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `poolConfig`                    | object  | **Required.** PostgreSQL connection pool configuration. Supports `connectionString`, `max`, `keepAlive`. See [Node-Postgres Pool API](https://node-postgres.com/apis/pool).                                                                                                                            |
+| `stripeSecretKey`               | string  | **Required.** Stripe secret key                                                                                                                                                                                                                                                                        |
+| `stripeWebhookSecret`           | string  | Stripe webhook signing secret (only needed for manual webhook processing)                                                                                                                                                                                                                              |
+| `stripeApiVersion`              | string  | Stripe API version (default: `2020-08-27`)                                                                                                                                                                                                                                                             |
+| `enableSigma`                   | boolean | Enable Stripe Sigma reporting data sync. Default: false                                                                                                                                                                                                                                                |
+| `autoExpandLists`               | boolean | Fetch all list items from Stripe (not just the default 10)                                                                                                                                                                                                                                             |
+| `backfillRelatedEntities`       | boolean | Ensure related entities exist for foreign key integrity                                                                                                                                                                                                                                                |
+| `revalidateObjectsViaStripeApi` | Array   | Always fetch latest data from Stripe instead of trusting webhook payload. Possible values: charge, credit_note, customer, dispute, invoice, payment_intent, payment_method, plan, price, product, refund, review, radar.early_fraud_warning, setup_intent, subscription, subscription_schedule, tax_id |
+| `maxRetries`                    | number  | Maximum retry attempts for 429 rate limits. Default: 5                                                                                                                                                                                                                                                 |
+| `initialRetryDelayMs`           | number  | Initial retry delay in milliseconds. Default: 1000                                                                                                                                                                                                                                                     |
+| `maxRetryDelayMs`               | number  | Maximum retry delay in milliseconds. Default: 60000                                                                                                                                                                                                                                                    |
+| `logger`                        | Logger  | Logger instance (pino-compatible)                                                                                                                                                                                                                                                                      |
 ## Database Schema
-The library will create and manage a `stripe` schema in your PostgreSQL database, with tables for all supported Stripe objects (products, customers, invoices, etc.).
+The library creates and manages a `stripe` schema in PostgreSQL with tables for all supported Stripe objects.
+> **Important:** The schema name is fixed as `stripe` and cannot be configured.
-> **Important:** The library uses a fixed schema name of `stripe`. This cannot be configured as the SQL migrations hardcode this schema name.
+> **Note:** Fields and tables prefixed with `_` are reserved for internal metadata: `_account_id`, `_last_synced_at`, `_updated_at`, `_migrations`, `_managed_webhooks`, `_sync_runs`, `_sync_obj_runs`.
-> **Note:** Fields and tables prefixed with an underscore (`_`) are reserved for internal metadata managed by the sync engine and should not be modified directly. These include fields like `_account_id`, `_last_synced_at`, `_updated_at`, and tables like `_migrations`, `_managed_webhooks`, `_sync_runs`, and `_sync_obj_runs`.
+### Running Migrations
+```ts
+import { runMigrations } from 'stripe-experiment-sync'
+await runMigrations({ databaseUrl: 'postgres://...' })
+```
 ### Observability
-The sync engine tracks sync operations in the `sync_runs` view, which provides aggregated metrics for each sync session:
+Track sync operations with the `sync_runs` view:
 ```sql
 SELECT
@@ -132,104 +163,145 @@ SELECT
   started_at,
   closed_at,
   status,              -- 'running', 'complete', or 'error'
-  total_processed,     -- Total records synced across all objects
-  complete_count,      -- Number of object types completed
-  error_count,         -- Number of object types with errors
-  running_count,       -- Number of object types currently syncing
-  pending_count        -- Number of object types not yet started
+  total_processed,     -- Total records synced
+  complete_count,      -- Completed object types
+  error_count,         -- Object types with errors
+  running_count,       -- Currently syncing
+  pending_count        -- Not yet started
 FROM stripe.sync_runs
 ORDER BY started_at DESC;
 ```
-For detailed per-object status, you can query the internal `_sync_obj_runs` table (though this is not recommended for production use).
+## Syncing Data
-### Migrations
+### Sync a Single Entity
+```ts
+// Automatically detects entity type from ID prefix
+await sync.syncSingleEntity('cus_12345')
+await sync.syncSingleEntity('prod_xyz')
+```
-Migrations are automatically included with the package and bundled in the `dist/migrations` directory when built. You can run them using the provided `runMigrations` function:
+### Backfill Historical Data
 ```ts
-import { runMigrations } from 'stripe-experiment-sync'
+// Sync all products created after a date
+await sync.processUntilDone({
+  object: 'product',
+  created: { gte: 1643872333 }, // Unix timestamp
+})
-await runMigrations({ databaseUrl: 'postgres://...' })
+// Sync all customers
+await sync.processUntilDone({ object: 'customer' })
+// Sync everything
+await sync.processUntilDone({ object: 'all' })
 ```
-## Account Management
+Supported objects: `all`, `charge`, `checkout_sessions`, `credit_note`, `customer`, `customer_with_entitlements`, `dispute`, `early_fraud_warning`, `invoice`, `payment_intent`, `payment_method`, `plan`, `price`, `product`, `refund`, `setup_intent`, `subscription`, `subscription_schedules`, `tax_id`.
-### Getting Current Account
+The sync engine tracks cursors per account and resource, enabling incremental syncing that resumes after interruptions.
-Retrieve the currently authenticated Stripe account:
+> **Tip:** For large Stripe accounts (>10,000 objects), loop through date ranges day-by-day to avoid timeouts.
+## Account Management
+### Get Current Account
 ```ts
 const account = await sync.getCurrentAccount()
-console.log(account.id) // e.g., "acct_xxx"
+console.log(account.id) // acct_xxx
 ```
-### Listing Synced Accounts
-Get all Stripe accounts that have been synced to the database:
+### List Synced Accounts
 ```ts
 const accounts = await sync.getAllSyncedAccounts()
-// Returns array of Stripe account objects from database
 ```
-### Deleting Synced Account Data
+### Delete Account Data
-**⚠️ DANGEROUS:** Delete all synced data for a specific Stripe account from the database. This operation cannot be undone!
+**⚠️ WARNING:** This permanently deletes all synced data for an account.
 ```ts
-// Preview what will be deleted (dry-run mode)
+// Preview deletion
 const preview = await sync.dangerouslyDeleteSyncedAccountData('acct_xxx', {
   dryRun: true,
-  useTransaction: true,
 })
-console.log(preview.deletedRecordCounts) // Shows count per table
+console.log(preview.deletedRecordCounts)
-// Actually delete the data
-const result = await sync.dangerouslyDeleteSyncedAccountData('acct_xxx', {
-  dryRun: false, // default
-  useTransaction: true, // default - wraps deletion in transaction
-})
+// Actually delete
+const result = await sync.dangerouslyDeleteSyncedAccountData('acct_xxx')
 ```
-Options:
+## Supabase Deployment
-- `dryRun` (default: `false`): If true, only counts records without deleting
-- `useTransaction` (default: `true`): If true, wraps all deletions in a database transaction for atomicity
+Deploy to Supabase Edge Functions for serverless operation with automatic webhook processing:
-The method returns:
+```bash
+# Install
+npx stripe-experiment-sync supabase install \
+  --token $SUPABASE_ACCESS_TOKEN \
+  --project $SUPABASE_PROJECT_REF \
+  --stripe-key $STRIPE_API_KEY
-- `deletedAccountId`: The account ID that was deleted
-- `deletedRecordCounts`: Object mapping table names to number of records deleted
-- `warnings`: Array of warning messages (e.g., if you're deleting your cached account)
+# Install specific version
+npx stripe-experiment-sync supabase install \
+  --token $SUPABASE_ACCESS_TOKEN \
+  --project $SUPABASE_PROJECT_REF \
+  --stripe-key $STRIPE_API_KEY \
+  --package-version 1.0.15
-## Backfilling and Syncing Data
+# Uninstall
+npx stripe-experiment-sync supabase uninstall \
+  --token $SUPABASE_ACCESS_TOKEN \
+  --project $SUPABASE_PROJECT_REF
+```
-### Syncing a Single Entity
+### Install Options
-You can sync or update a single Stripe entity by its ID using the `syncSingleEntity` method:
+- `--token <token>` - Supabase access token (or `SUPABASE_ACCESS_TOKEN` env)
+- `--project <ref>` - Supabase project ref (or `SUPABASE_PROJECT_REF` env)
+- `--stripe-key <key>` - Stripe API key (or `STRIPE_API_KEY` env)
+- `--package-version <version>` - npm package version (default: latest)
+- `--worker-interval <seconds>` - Worker interval in seconds (default: 60)
+- `--management-url <url>` - Supabase management API URL with protocol (default: https://api.supabase.com). For local testing: http://localhost:54323
-```ts
-await sync.syncSingleEntity('cus_12345')
-```
+The install command will:
-The entity type is detected automatically based on the Stripe ID prefix (e.g., `cus_` for customer, `prod_` for product). `ent_` is not supported at the moment.
+1. Deploy Edge Functions: `stripe-setup`, `stripe-webhook`, `stripe-worker`
+2. Run database migrations to create the `stripe` schema
+3. Create a managed Stripe webhook pointing to your Supabase project
+4. Set up a pg_cron job for automatic background syncing
-### Syncing Data
+## CLI Commands
-To sync Stripe data (e.g., all products created after a certain date), use the `processUntilDone` method:
+```bash
+# Run database migrations
+npx stripe-experiment-sync migrate --database-url $DATABASE_URL
-```ts
-await sync.processUntilDone({
-  object: 'product',
-  created: { gte: 1643872333 }, // Unix timestamp
-})
+# Start local sync with ngrok tunnel
+npx stripe-experiment-sync start \
+  --stripe-key $STRIPE_API_KEY \
+  --ngrok-token $NGROK_AUTH_TOKEN \
+  --database-url $DATABASE_URL
+# Backfill specific entity type
+npx stripe-experiment-sync backfill customer \
+  --stripe-key $STRIPE_API_KEY \
+  --database-url $DATABASE_URL
+# Enable Sigma data syncing
+npx stripe-experiment-sync start \
+  --stripe-key $STRIPE_API_KEY \
+  --database-url $DATABASE_URL \
+  --sigma
 ```
-- `object` can be one of: `all`, `charge`, `checkout_sessions`, `credit_note`, `customer`, `customer_with_entitlements`, `dispute`, `early_fraud_warning`, `invoice`, `payment_intent`, `payment_method`, `plan`, `price`, `product`, `refund`, `setup_intent`, `subscription`, `subscription_schedules`, `tax_id`.
-- `created` is a Stripe RangeQueryParam and supports `gt`, `gte`, `lt`, `lte`.
+## License
+See [LICENSE](LICENSE) file.
-The sync engine automatically tracks per-account cursors in the `_sync_runs` and `_sync_obj_runs` tables. When you call sync methods without an explicit `created` filter, they will automatically resume from the last synced position for that account and resource. This enables incremental syncing that can resume after interruptions.
+## Contributing
-> **Note:**
-> For large Stripe accounts (more than 10,000 objects), it is recommended to write a script that loops through each day and sets the `created` date filters to the start and end of day. This avoids timeouts and memory issues when syncing large datasets.
+Issues and pull requests are welcome at [https://github.com/stripe-experiments/sync-engine](https://github.com/stripe-experiments/sync-engine).

package/dist/{chunk-3KVILTN4.js → chunk-57SXDCMH.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 // package.json
 var package_default = {
   name: "stripe-experiment-sync",
-  version: "1.0.15",
+  version: "1.0.17",
   private: false,
   description: "Stripe Sync Engine to sync Stripe data to Postgres",
   type: "module",
@@ -63,11 +63,11 @@ var package_default = {
   },
   repository: {
     type: "git",
-    url: "https://github.com/tx-stripe/stripe-sync-engine.git"
+    url: "https://github.com/stripe-experiments/sync-engine.git"
   },
-  homepage: "https://github.com/tx-stripe/stripe-sync-engine#readme",
+  homepage: "https://github.com/stripe-experiments/sync-engine#readme",
   bugs: {
-    url: "https://github.com/tx-stripe/stripe-sync-engine/issues"
+    url: "https://github.com/stripe-experiments/sync-engine/issues"
   },
   keywords: [
     "stripe",
@@ -79,7 +79,7 @@ var package_default = {
     "database",
     "typescript"
   ],
-  author: "Supabase <https://supabase.com/>"
+  author: "Stripe <https://stripe.com/>"
 };
 export {

package/dist/{chunk-XIFB5ALW.js → chunk-I7IFXSAU.js} RENAMED Viewed

@@ -1,12 +1,12 @@
 import {
   package_default
-} from "./chunk-3KVILTN4.js";
+} from "./chunk-57SXDCMH.js";
 // src/supabase/supabase.ts
 import { SupabaseManagementAPI } from "supabase-management-js";
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
-var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `https://api.supabase.com/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `https://api.supabase.com/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
+var stripe_setup_default = "import { StripeSync, runMigrations, VERSION } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\n// Get management API base URL from environment variable (for testing against localhost/staging)\n// Caller should provide full URL with protocol (e.g., http://localhost:54323 or https://api.supabase.com)\nconst MGMT_API_BASE_RAW = Deno.env.get('MANAGEMENT_API_URL') || 'https://api.supabase.com'\nconst MGMT_API_BASE = MGMT_API_BASE_RAW.match(/^https?:\\/\\//)\n  ? MGMT_API_BASE_RAW\n  : `https://${MGMT_API_BASE_RAW}`\n\n// Helper to validate accessToken against Management API\nasync function validateAccessToken(projectRef: string, accessToken: string): Promise<boolean> {\n  // Try to fetch project details using the access token\n  // This validates that the token is valid for the management API\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}`\n  const response = await fetch(url, {\n    method: 'GET',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  // If we can successfully get the project, the token is valid\n  return response.ok\n}\n\n// Helper to delete edge function via Management API\nasync function deleteEdgeFunction(\n  projectRef: string,\n  functionSlug: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/functions/${functionSlug}`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    throw new Error(`Failed to delete function ${functionSlug}: ${response.status} ${text}`)\n  }\n}\n\n// Helper to delete secrets via Management API\nasync function deleteSecret(\n  projectRef: string,\n  secretName: string,\n  accessToken: string\n): Promise<void> {\n  const url = `${MGMT_API_BASE}/v1/projects/${projectRef}/secrets`\n  const response = await fetch(url, {\n    method: 'DELETE',\n    headers: {\n      Authorization: `Bearer ${accessToken}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify([secretName]),\n  })\n\n  if (!response.ok && response.status !== 404) {\n    const text = await response.text()\n    console.warn(`Failed to delete secret ${secretName}: ${response.status} ${text}`)\n  }\n}\n\nDeno.serve(async (req) => {\n  // Extract project ref from SUPABASE_URL (format: https://{projectRef}.{base})\n  const supabaseUrl = Deno.env.get('SUPABASE_URL')\n  if (!supabaseUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_URL not set' }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n  const projectRef = new URL(supabaseUrl).hostname.split('.')[0]\n\n  // Validate access token for all requests\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const accessToken = authHeader.substring(7) // Remove 'Bearer '\n  const isValid = await validateAccessToken(projectRef, accessToken)\n  if (!isValid) {\n    return new Response('Forbidden: Invalid access token for this project', { status: 403 })\n  }\n\n  // Handle GET requests for status\n  if (req.method === 'GET') {\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n    let sql\n\n    try {\n      sql = postgres(dbUrl, { max: 1, prepare: false })\n\n      // Query installation status from schema comment\n      const commentResult = await sql`\n        SELECT obj_description(oid, 'pg_namespace') as comment\n        FROM pg_namespace\n        WHERE nspname = 'stripe'\n      `\n\n      const comment = commentResult[0]?.comment || null\n      let installationStatus = 'not_installed'\n\n      if (comment && comment.includes('stripe-sync')) {\n        // Parse installation status from comment\n        if (comment.includes('installation:started')) {\n          installationStatus = 'installing'\n        } else if (comment.includes('installation:error')) {\n          installationStatus = 'error'\n        } else if (comment.includes('installed')) {\n          installationStatus = 'installed'\n        }\n      }\n\n      // Query sync runs (only if schema exists)\n      let syncStatus = []\n      if (comment) {\n        try {\n          syncStatus = await sql`\n            SELECT DISTINCT ON (account_id)\n              account_id, started_at, closed_at, status, error_message,\n              total_processed, total_objects, complete_count, error_count,\n              running_count, pending_count, triggered_by, max_concurrent\n            FROM stripe.sync_runs\n            ORDER BY account_id, started_at DESC\n          `\n        } catch (err) {\n          // Ignore errors if sync_runs view doesn't exist yet\n          console.warn('sync_runs query failed (may not exist yet):', err)\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          package_version: VERSION,\n          installation_status: installationStatus,\n          sync_status: syncStatus,\n        }),\n        {\n          status: 200,\n          headers: {\n            'Content-Type': 'application/json',\n            'Cache-Control': 'no-cache, no-store, must-revalidate',\n          },\n        }\n      )\n    } catch (error) {\n      console.error('Status query error:', error)\n      return new Response(\n        JSON.stringify({\n          error: error.message,\n          package_version: VERSION,\n          installation_status: 'not_installed',\n        }),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } finally {\n      if (sql) await sql.end()\n    }\n  }\n\n  // Handle DELETE requests for uninstall\n  if (req.method === 'DELETE') {\n    let stripeSync = null\n    try {\n      // Get and validate database URL\n      const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n      if (!rawDbUrl) {\n        throw new Error('SUPABASE_DB_URL environment variable is not set')\n      }\n      // Remove sslmode from connection string (not supported by pg in Deno)\n      const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n      // Stripe key is required for uninstall to delete webhooks\n      const stripeKey = Deno.env.get('STRIPE_SECRET_KEY')\n      if (!stripeKey) {\n        throw new Error('STRIPE_SECRET_KEY environment variable is required for uninstall')\n      }\n\n      // Step 1: Delete Stripe webhooks and clean up database\n      stripeSync = new StripeSync({\n        poolConfig: { connectionString: dbUrl, max: 2 },\n        stripeSecretKey: stripeKey,\n      })\n\n      // Delete all managed webhooks\n      const webhooks = await stripeSync.listManagedWebhooks()\n      for (const webhook of webhooks) {\n        try {\n          await stripeSync.deleteManagedWebhook(webhook.id)\n          console.log(`Deleted webhook: ${webhook.id}`)\n        } catch (err) {\n          console.warn(`Could not delete webhook ${webhook.id}:`, err)\n        }\n      }\n\n      // Unschedule pg_cron job\n      try {\n        await stripeSync.postgresClient.query(`\n          DO $$\n          BEGIN\n            IF EXISTS (SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker') THEN\n              PERFORM cron.unschedule('stripe-sync-worker');\n            END IF;\n          END $$;\n        `)\n      } catch (err) {\n        console.warn('Could not unschedule pg_cron job:', err)\n      }\n\n      // Delete vault secret\n      try {\n        await stripeSync.postgresClient.query(`\n          DELETE FROM vault.secrets\n          WHERE name = 'stripe_sync_worker_secret'\n        `)\n      } catch (err) {\n        console.warn('Could not delete vault secret:', err)\n      }\n\n      // Terminate connections holding locks on stripe schema\n      try {\n        await stripeSync.postgresClient.query(`\n          SELECT pg_terminate_backend(pid)\n          FROM pg_locks l\n          JOIN pg_class c ON l.relation = c.oid\n          JOIN pg_namespace n ON c.relnamespace = n.oid\n          WHERE n.nspname = 'stripe'\n            AND l.pid != pg_backend_pid()\n        `)\n      } catch (err) {\n        console.warn('Could not terminate connections:', err)\n      }\n\n      // Drop schema with retry\n      let dropAttempts = 0\n      const maxAttempts = 3\n      while (dropAttempts < maxAttempts) {\n        try {\n          await stripeSync.postgresClient.query('DROP SCHEMA IF EXISTS stripe CASCADE')\n          break // Success, exit loop\n        } catch (err) {\n          dropAttempts++\n          if (dropAttempts >= maxAttempts) {\n            throw new Error(\n              `Failed to drop schema after ${maxAttempts} attempts. ` +\n                `There may be active connections or locks on the stripe schema. ` +\n                `Error: ${err.message}`\n            )\n          }\n          // Wait 1 second before retrying\n          await new Promise((resolve) => setTimeout(resolve, 1000))\n        }\n      }\n\n      await stripeSync.postgresClient.pool.end()\n\n      // Step 2: Delete Supabase secrets\n      try {\n        await deleteSecret(projectRef, 'STRIPE_SECRET_KEY', accessToken)\n      } catch (err) {\n        console.warn('Could not delete STRIPE_SECRET_KEY secret:', err)\n      }\n\n      // Step 3: Delete Edge Functions\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-setup', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-setup function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-webhook', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-webhook function:', err)\n      }\n\n      try {\n        await deleteEdgeFunction(projectRef, 'stripe-worker', accessToken)\n      } catch (err) {\n        console.warn('Could not delete stripe-worker function:', err)\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          message: 'Uninstall complete',\n        }),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      )\n    } catch (error) {\n      console.error('Uninstall error:', error)\n      // Cleanup on error\n      if (stripeSync) {\n        try {\n          await stripeSync.postgresClient.pool.end()\n        } catch (cleanupErr) {\n          console.warn('Cleanup failed:', cleanupErr)\n        }\n      }\n      return new Response(JSON.stringify({ success: false, error: error.message }), {\n        status: 500,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n  }\n\n  // Handle POST requests for install\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
 // raw-ts:/home/runner/work/sync-engine/sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
 var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
@@ -28,14 +28,16 @@ var SupabaseSetupClient = class {
   api;
   projectRef;
   projectBaseUrl;
+  supabaseManagementUrl;
   accessToken;
   constructor(options) {
     this.api = new SupabaseManagementAPI({
       accessToken: options.accessToken,
-      baseUrl: options.managementApiBaseUrl
+      baseUrl: options.supabaseManagementUrl
     });
     this.projectRef = options.projectRef;
     this.projectBaseUrl = options.projectBaseUrl || process.env.SUPABASE_BASE_URL || "supabase.co";
+    this.supabaseManagementUrl = options.supabaseManagementUrl;
     this.accessToken = options.accessToken;
   }
   /**
@@ -342,7 +344,11 @@ var SupabaseSetupClient = class {
       await this.deployFunction("stripe-setup", versionedSetup, false);
       await this.deployFunction("stripe-webhook", versionedWebhook, false);
       await this.deployFunction("stripe-worker", versionedWorker, false);
-      await this.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
+      const secrets = [{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }];
+      if (this.supabaseManagementUrl) {
+        secrets.push({ name: "MANAGEMENT_API_URL", value: this.supabaseManagementUrl });
+      }
+      await this.setSecrets(secrets);
       const setupResult = await this.invokeFunction("stripe-setup", this.accessToken);
       if (!setupResult.success) {
         throw new Error(`Setup failed: ${setupResult.error}`);
@@ -371,7 +377,7 @@ async function install(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.install(stripeKey, packageVersion, workerIntervalSeconds);
 }
@@ -381,7 +387,7 @@ async function uninstall(params) {
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
-    managementApiBaseUrl: params.baseManagementApiBaseUrl
+    supabaseManagementUrl: params.supabaseManagementUrl
   });
   await client.uninstall();
 }