stripe-experiment-sync 1.0.3 → 1.0.7

package/dist/supabase/index.js

@@ -1,372 +1,23 @@
 import {
-  package_default
-} from "../chunk-SNGEJHKN.js";
-
-// src/supabase/supabase.ts
-import { SupabaseManagementAPI } from "supabase-management-js";
-
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
-var stripe_setup_default = "import { StripeSync, runMigrations } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
-
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
-var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
-
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-worker.ts
-var stripe_worker_default = "/**\n * Stripe Sync Worker\n *\n * Triggered by pg_cron every 10 seconds. Uses pgmq for durable work queue.\n *\n * Flow:\n * 1. Read batch of messages from pgmq (qty=10, vt=60s)\n * 2. If queue empty: enqueue all objects (continuous sync)\n * 3. Process messages in parallel (Promise.all):\n *    - processNext(object)\n *    - Delete message on success\n *    - Re-enqueue if hasMore\n * 4. Return results summary\n *\n * Concurrency:\n * - Multiple workers can run concurrently via overlapping pg_cron triggers.\n * - Each worker processes its batch of messages in parallel (Promise.all).\n * - pgmq visibility timeout prevents duplicate message reads across workers.\n * - processNext() is idempotent (uses internal cursor tracking), so duplicate\n *   processing on timeout/crash is safe.\n */\n\nimport { StripeSync } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\nconst QUEUE_NAME = 'stripe_sync_work'\nconst VISIBILITY_TIMEOUT = 60 // seconds\nconst BATCH_SIZE = 10\n\nDeno.serve(async (req) => {\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  let sql\n  let stripeSync\n\n  try {\n    sql = postgres(dbUrl, { max: 1, prepare: false })\n  } catch (error) {\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create postgres connection',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 1 },\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n    })\n  } catch (error) {\n    await sql.end()\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create StripeSync',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    // Read batch of messages from queue\n    const messages = await sql`\n      SELECT * FROM pgmq.read(${QUEUE_NAME}::text, ${VISIBILITY_TIMEOUT}::int, ${BATCH_SIZE}::int)\n    `\n\n    // If queue empty, enqueue all objects for continuous sync\n    if (messages.length === 0) {\n      const objects = stripeSync.getSupportedSyncObjects()\n      const msgs = objects.map((object) => JSON.stringify({ object }))\n\n      await sql`\n        SELECT pgmq.send_batch(\n          ${QUEUE_NAME}::text,\n          ${sql.array(msgs)}::jsonb[]\n        )\n      `\n\n      return new Response(JSON.stringify({ enqueued: objects.length, objects }), {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    // Process messages in parallel\n    const results = await Promise.all(\n      messages.map(async (msg) => {\n        const { object } = msg.message as { object: string }\n\n        try {\n          const result = await stripeSync.processNext(object)\n\n          // Delete message on success (cast to bigint to disambiguate overloaded function)\n          await sql`SELECT pgmq.delete(${QUEUE_NAME}::text, ${msg.msg_id}::bigint)`\n\n          // Re-enqueue if more pages\n          if (result.hasMore) {\n            await sql`SELECT pgmq.send(${QUEUE_NAME}::text, ${sql.json({ object })}::jsonb)`\n          }\n\n          return { object, ...result }\n        } catch (error) {\n          // Log error but continue to next message\n          // Message will become visible again after visibility timeout\n          console.error(`Error processing ${object}:`, error)\n          return {\n            object,\n            processed: 0,\n            hasMore: false,\n            error: error.message,\n            stack: error.stack,\n          }\n        }\n      })\n    )\n\n    return new Response(JSON.stringify({ results }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Worker error:', error)\n    return new Response(JSON.stringify({ error: error.message, stack: error.stack }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    if (sql) await sql.end()\n    if (stripeSync) await stripeSync.postgresClient.pool.end()\n  }\n})\n";
-
-// src/supabase/edge-function-code.ts
-var setupFunctionCode = stripe_setup_default;
-var webhookFunctionCode = stripe_webhook_default;
-var workerFunctionCode = stripe_worker_default;
-
-// src/supabase/supabase.ts
-import Stripe from "stripe";
-var SupabaseDeployClient = class {
-  api;
-  projectRef;
-  baseUrl;
-  constructor(options) {
-    this.api = new SupabaseManagementAPI({ accessToken: options.accessToken });
-    this.projectRef = options.projectRef;
-    this.baseUrl = options.baseUrl || process.env.SUPABASE_BASE_URL || "supabase.co";
-  }
-  /**
-   * Validate that the project exists and we have access
-   */
-  async validateProject() {
-    const projects = await this.api.getProjects();
-    const project = projects?.find((p) => p.id === this.projectRef);
-    if (!project) {
-      throw new Error(`Project ${this.projectRef} not found or you don't have access`);
-    }
-    return {
-      id: project.id,
-      name: project.name,
-      region: project.region
-    };
-  }
-  /**
-   * Deploy an Edge Function
-   */
-  async deployFunction(name, code) {
-    const functions = await this.api.listFunctions(this.projectRef);
-    const exists = functions?.some((f) => f.slug === name);
-    if (exists) {
-      await this.api.updateFunction(this.projectRef, name, {
-        body: code,
-        verify_jwt: false
-      });
-    } else {
-      await this.api.createFunction(this.projectRef, {
-        slug: name,
-        name,
-        body: code,
-        verify_jwt: false
-      });
-    }
-  }
-  /**
-   * Set secrets for Edge Functions
-   */
-  async setSecrets(secrets) {
-    await this.api.createSecrets(this.projectRef, secrets);
-  }
-  /**
-   * Run SQL against the database
-   */
-  async runSQL(sql) {
-    return await this.api.runQuery(this.projectRef, sql);
-  }
-  /**
-   * Setup pg_cron job to invoke worker function
-   */
-  async setupPgCronJob() {
-    const serviceRoleKey = await this.getServiceRoleKey();
-    const escapedServiceRoleKey = serviceRoleKey.replace(/'/g, "''");
-    const sql = `
-      -- Enable extensions
-      CREATE EXTENSION IF NOT EXISTS pg_cron;
-      CREATE EXTENSION IF NOT EXISTS pg_net;
-      CREATE EXTENSION IF NOT EXISTS pgmq;
-
-      -- Create pgmq queue for sync work (idempotent)
-      SELECT pgmq.create('stripe_sync_work')
-      WHERE NOT EXISTS (
-        SELECT 1 FROM pgmq.list_queues() WHERE queue_name = 'stripe_sync_work'
-      );
-
-      -- Store service role key in vault for pg_cron to use
-      -- Delete existing secret if it exists, then create new one
-      DELETE FROM vault.secrets WHERE name = 'stripe_sync_service_role_key';
-      SELECT vault.create_secret('${escapedServiceRoleKey}', 'stripe_sync_service_role_key');
-
-      -- Delete existing jobs if they exist
-      SELECT cron.unschedule('stripe-sync-worker') WHERE EXISTS (
-        SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker'
-      );
-      SELECT cron.unschedule('stripe-sync-scheduler') WHERE EXISTS (
-        SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-scheduler'
-      );
-
-      -- Create job to invoke worker every 10 seconds
-      -- Worker reads from pgmq, enqueues objects if empty, and processes sync work
-      SELECT cron.schedule(
-        'stripe-sync-worker',
-        '10 seconds',
-        $$
-        SELECT net.http_post(
-          url := 'https://${this.projectRef}.${this.baseUrl}/functions/v1/stripe-worker',
-          headers := jsonb_build_object(
-            'Authorization', 'Bearer ' || (SELECT decrypted_secret FROM vault.decrypted_secrets WHERE name = 'stripe_sync_service_role_key')
-          )
-        )
-        $$
-      );
-    `;
-    await this.runSQL(sql);
-  }
-  /**
-   * Get the webhook URL for this project
-   */
-  getWebhookUrl() {
-    return `https://${this.projectRef}.${this.baseUrl}/functions/v1/stripe-webhook`;
-  }
-  /**
-   * Get the service role key for this project (needed to invoke Edge Functions)
-   */
-  async getServiceRoleKey() {
-    const apiKeys = await this.api.getProjectApiKeys(this.projectRef);
-    const serviceRoleKey = apiKeys?.find((k) => k.name === "service_role");
-    if (!serviceRoleKey) {
-      throw new Error("Could not find service_role API key");
-    }
-    return serviceRoleKey.api_key;
-  }
-  /**
-   * Get the anon key for this project (needed for Realtime subscriptions)
-   */
-  async getAnonKey() {
-    const apiKeys = await this.api.getProjectApiKeys(this.projectRef);
-    const anonKey = apiKeys?.find((k) => k.name === "anon");
-    if (!anonKey) {
-      throw new Error("Could not find anon API key");
-    }
-    return anonKey.api_key;
-  }
-  /**
-   * Get the project URL
-   */
-  getProjectUrl() {
-    return `https://${this.projectRef}.${this.baseUrl}`;
-  }
-  /**
-   * Invoke an Edge Function
-   */
-  async invokeFunction(name, serviceRoleKey) {
-    const url = `https://${this.projectRef}.${this.baseUrl}/functions/v1/${name}`;
-    const response = await fetch(url, {
-      method: "POST",
-      headers: {
-        Authorization: `Bearer ${serviceRoleKey}`,
-        "Content-Type": "application/json"
-      }
-    });
-    if (!response.ok) {
-      const text = await response.text();
-      return { success: false, error: `${response.status}: ${text}` };
-    }
-    const result = await response.json();
-    if (result.success === false) {
-      return { success: false, error: result.error };
-    }
-    return { success: true };
-  }
-  /**
-   * Check if stripe-sync is installed in the database.
-   *
-   * Uses the Supabase Management API to run SQL queries.
-   * Uses duck typing (schema + migrations table) combined with comment validation.
-   * Throws error for legacy installations to prevent accidental corruption.
-   *
-   * @param schema The schema name to check (defaults to 'stripe')
-   * @returns true if properly installed with comment marker, false if not installed
-   * @throws Error if legacy installation detected (schema exists without comment)
-   */
-  async isInstalled(schema = "stripe") {
-    try {
-      const schemaCheck = await this.runSQL(
-        `SELECT EXISTS (
-          SELECT 1 FROM information_schema.schemata
-          WHERE schema_name = '${schema}'
-        ) as schema_exists`
-      );
-      const schemaExists = schemaCheck[0]?.rows?.[0]?.schema_exists === true;
-      if (!schemaExists) {
-        return false;
-      }
-      const migrationsCheck = await this.runSQL(
-        `SELECT EXISTS (
-          SELECT 1 FROM information_schema.tables
-          WHERE table_schema = '${schema}' AND table_name IN ('migrations', '_migrations')
-        ) as table_exists`
-      );
-      const migrationsTableExists = migrationsCheck[0]?.rows?.[0]?.table_exists === true;
-      if (!migrationsTableExists) {
-        return false;
-      }
-      const commentCheck = await this.runSQL(
-        `SELECT obj_description(oid, 'pg_namespace') as comment
-         FROM pg_namespace
-         WHERE nspname = '${schema}'`
-      );
-      const comment = commentCheck[0]?.rows?.[0]?.comment;
-      if (!comment || !comment.includes("stripe-sync")) {
-        throw new Error(
-          `Legacy installation detected: Schema '${schema}' and migrations table exist, but missing stripe-sync comment marker. This may be a legacy installation or manually created schema. Please contact support or manually drop the schema before proceeding.`
-        );
-      }
-      if (comment.includes("installation:started")) {
-        return false;
-      }
-      if (comment.includes("installation:error")) {
-        throw new Error(
-          `Installation failed: Schema '${schema}' exists but installation encountered an error. Comment: ${comment}. Please uninstall and install again.`
-        );
-      }
-      return true;
-    } catch (error) {
-      if (error instanceof Error && (error.message.includes("Legacy installation detected") || error.message.includes("Installation failed"))) {
-        throw error;
-      }
-      return false;
-    }
-  }
-  /**
-   * Update installation progress comment on the stripe schema
-   */
-  async updateInstallationComment(message) {
-    const escapedMessage = message.replace(/'/g, "''");
-    await this.runSQL(`COMMENT ON SCHEMA stripe IS '${escapedMessage}'`);
-  }
-  /**
-   * Delete an Edge Function
-   */
-  async deleteFunction(name) {
-    try {
-      await this.api.deleteFunction(this.projectRef, name);
-    } catch (err) {
-      console.warn(`Could not delete function ${name}:`, err);
-    }
-  }
-  /**
-   * Delete a secret
-   */
-  async deleteSecret(name) {
-    try {
-      await this.api.deleteSecrets(this.projectRef, [name]);
-    } catch (err) {
-      console.warn(`Could not delete secret ${name}:`, err);
-    }
-  }
-  /**
-   * Uninstall stripe-sync from a Supabase project
-   * Removes all Edge Functions, secrets, database resources, and Stripe webhooks
-   */
-  async uninstall(stripeSecretKey) {
-    const stripe = new Stripe(stripeSecretKey, { apiVersion: "2025-05-28.basil" });
-    try {
-      try {
-        const webhookResult = await this.runSQL(`
-          SELECT id FROM stripe._managed_webhooks WHERE id IS NOT NULL
-        `);
-        const webhookIds = webhookResult[0]?.rows?.map((r) => r.id) || [];
-        for (const webhookId of webhookIds) {
-          try {
-            await stripe.webhookEndpoints.del(webhookId);
-          } catch (err) {
-            console.warn(`Could not delete Stripe webhook ${webhookId}:`, err);
-          }
-        }
-      } catch (err) {
-        console.warn("Could not query/delete webhooks:", err);
-      }
-      await this.deleteFunction("stripe-setup");
-      await this.deleteFunction("stripe-webhook");
-      await this.deleteFunction("stripe-worker");
-      await this.deleteSecret("STRIPE_SECRET_KEY");
-      try {
-        await this.runSQL(`
-          SELECT cron.unschedule('stripe-sync-worker')
-          WHERE EXISTS (
-            SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker'
-          )
-        `);
-      } catch (err) {
-        console.warn("Could not unschedule pg_cron job:", err);
-      }
-      try {
-        await this.runSQL(`
-          DELETE FROM vault.secrets
-          WHERE name = 'stripe_sync_service_role_key'
-        `);
-      } catch (err) {
-        console.warn("Could not delete vault secret:", err);
-      }
-      await this.runSQL(`DROP SCHEMA IF EXISTS stripe CASCADE`);
-    } catch (error) {
-      throw new Error(`Uninstall failed: ${error instanceof Error ? error.message : String(error)}`);
-    }
-  }
-};
-async function install(params) {
-  const { supabaseAccessToken, supabaseProjectRef, stripeKey } = params;
-  const trimmedStripeKey = stripeKey.trim();
-  if (!trimmedStripeKey.startsWith("sk_") && !trimmedStripeKey.startsWith("rk_")) {
-    throw new Error('Stripe key should start with "sk_" or "rk_"');
-  }
-  const client = new SupabaseDeployClient({
-    accessToken: supabaseAccessToken,
-    projectRef: supabaseProjectRef
-  });
-  try {
-    await client.validateProject();
-    await client.runSQL(`CREATE SCHEMA IF NOT EXISTS stripe`);
-    await client.updateInstallationComment(`stripe-sync v${package_default.version} installation:started`);
-    await client.deployFunction("stripe-setup", setupFunctionCode);
-    await client.deployFunction("stripe-webhook", webhookFunctionCode);
-    await client.deployFunction("stripe-worker", workerFunctionCode);
-    await client.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
-    const serviceRoleKey = await client.getServiceRoleKey();
-    const setupResult = await client.invokeFunction("stripe-setup", serviceRoleKey);
-    if (!setupResult.success) {
-      throw new Error(`Setup failed: ${setupResult.error}`);
-    }
-    try {
-      await client.setupPgCronJob();
-    } catch {
-    }
-    await client.updateInstallationComment(`stripe-sync v${package_default.version} installed`);
-  } catch (error) {
-    await client.updateInstallationComment(
-      `stripe-sync v${package_default.version} installation:error - ${error instanceof Error ? error.message : String(error)}`
-    );
-    throw error;
-  }
-}
-async function uninstall(params) {
-  const { supabaseAccessToken, supabaseProjectRef, stripeKey } = params;
-  const trimmedStripeKey = stripeKey.trim();
-  if (!trimmedStripeKey.startsWith("sk_") && !trimmedStripeKey.startsWith("rk_")) {
-    throw new Error('Stripe key should start with "sk_" or "rk_"');
-  }
-  const client = new SupabaseDeployClient({
-    accessToken: supabaseAccessToken,
-    projectRef: supabaseProjectRef
-  });
-  await client.uninstall(trimmedStripeKey);
-}
+  INSTALLATION_ERROR_SUFFIX,
+  INSTALLATION_INSTALLED_SUFFIX,
+  INSTALLATION_STARTED_SUFFIX,
+  STRIPE_SCHEMA_COMMENT_PREFIX,
+  SupabaseSetupClient,
+  install,
+  setupFunctionCode,
+  uninstall,
+  webhookFunctionCode,
+  workerFunctionCode
+} from "../chunk-SX3HLE4H.js";
+import "../chunk-YXQZXR7S.js";
 export {
-  SupabaseDeployClient,
+  INSTALLATION_ERROR_SUFFIX,
+  INSTALLATION_INSTALLED_SUFFIX,
+  INSTALLATION_STARTED_SUFFIX,
+  STRIPE_SCHEMA_COMMENT_PREFIX,
+  SupabaseSetupClient as SupabaseDeployClient,
+  SupabaseSetupClient,
   install,
   setupFunctionCode,
   uninstall,

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "stripe-experiment-sync",
-  "version": "1.0.3",
+  "version": "1.0.7",
   "private": false,
   "description": "Stripe Sync Engine to sync Stripe data to Postgres",
   "type": "module",
   "main": "./dist/index.cjs",
-  "bin": "./dist/cli/index.cjs",
+  "bin": "./dist/cli/index.js",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
@@ -16,12 +16,17 @@
       "types": "./dist/supabase/index.d.ts",
       "import": "./dist/supabase/index.js",
       "require": "./dist/supabase/index.cjs"
+    },
+    "./cli": {
+      "types": "./dist/cli/lib.d.ts",
+      "import": "./dist/cli/lib.js",
+      "require": "./dist/cli/lib.cjs"
     }
   },
   "scripts": {
     "clean": "rimraf dist",
     "prebuild": "npm run clean",
-    "build": "tsup src/index.ts src/supabase/index.ts --format esm,cjs --dts --shims && cp -r src/database/migrations dist/migrations",
+    "build": "tsup src/index.ts src/supabase/index.ts src/cli/index.ts src/cli/lib.ts --format esm,cjs --dts --shims && cp -r src/database/migrations dist/migrations",
     "lint": "eslint src --ext .ts",
     "test": "vitest"
   },
@@ -29,21 +34,28 @@
     "dist"
   ],
   "dependencies": {
+    "@ngrok/ngrok": "^1.4.1",
+    "chalk": "^5.3.0",
+    "commander": "^12.1.0",
+    "dotenv": "^16.4.7",
+    "express": "^4.18.2",
+    "inquirer": "^12.3.0",
     "pg": "^8.16.3",
     "pg-node-migrations": "0.0.8",
+    "stripe": "^17.7.0",
     "supabase-management-js": "^0.1.6",
     "ws": "^8.18.0",
     "yesql": "^7.0.0"
   },
-  "peerDependencies": {
-    "stripe": "> 11"
-  },
   "devDependencies": {
+    "@types/express": "^4.17.21",
+    "@types/inquirer": "^9.0.7",
     "@types/node": "^24.10.1",
     "@types/pg": "^8.15.5",
     "@types/ws": "^8.5.13",
     "@types/yesql": "^4.1.4",
     "@vitest/ui": "^4.0.9",
+    "tsx": "^4.19.2",
     "vitest": "^3.2.4"
   },
   "repository": {