stripe-experiment-sync 1.0.6 → 1.0.8

package/dist/cli/index.cjs

@@ -0,0 +1,4592 @@
+#!/usr/bin/env node
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// ../../node_modules/.pnpm/tsup@8.5.0_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3_yaml@2.8.1/node_modules/tsup/assets/cjs_shims.js
+var getImportMetaUrl = () => typeof document === "undefined" ? new URL(`file:${__filename}`).href : document.currentScript && document.currentScript.src || new URL("main.js", document.baseURI).href;
+var importMetaUrl = /* @__PURE__ */ getImportMetaUrl();
+
+// src/cli/index.ts
+var import_commander = require("commander");
+
+// package.json
+var package_default = {
+  name: "stripe-experiment-sync",
+  version: "1.0.8-beta.1765856228",
+  private: false,
+  description: "Stripe Sync Engine to sync Stripe data to Postgres",
+  type: "module",
+  main: "./dist/index.cjs",
+  bin: "./dist/cli/index.js",
+  exports: {
+    ".": {
+      types: "./dist/index.d.ts",
+      import: "./dist/index.js",
+      require: "./dist/index.cjs"
+    },
+    "./supabase": {
+      types: "./dist/supabase/index.d.ts",
+      import: "./dist/supabase/index.js",
+      require: "./dist/supabase/index.cjs"
+    },
+    "./cli": {
+      types: "./dist/cli/lib.d.ts",
+      import: "./dist/cli/lib.js",
+      require: "./dist/cli/lib.cjs"
+    }
+  },
+  scripts: {
+    clean: "rimraf dist",
+    prebuild: "npm run clean",
+    build: "tsup src/index.ts src/supabase/index.ts src/cli/index.ts src/cli/lib.ts --format esm,cjs --dts --shims && cp -r src/database/migrations dist/migrations",
+    lint: "eslint src --ext .ts",
+    test: "vitest"
+  },
+  files: [
+    "dist"
+  ],
+  dependencies: {
+    "@ngrok/ngrok": "^1.4.1",
+    chalk: "^5.3.0",
+    commander: "^12.1.0",
+    dotenv: "^16.4.7",
+    express: "^4.18.2",
+    inquirer: "^12.3.0",
+    pg: "^8.16.3",
+    "pg-node-migrations": "0.0.8",
+    stripe: "^17.7.0",
+    "supabase-management-js": "^0.1.6",
+    ws: "^8.18.0",
+    yesql: "^7.0.0"
+  },
+  devDependencies: {
+    "@types/express": "^4.17.21",
+    "@types/inquirer": "^9.0.7",
+    "@types/node": "^24.10.1",
+    "@types/pg": "^8.15.5",
+    "@types/ws": "^8.5.13",
+    "@types/yesql": "^4.1.4",
+    "@vitest/ui": "^4.0.9",
+    tsx: "^4.19.2",
+    vitest: "^3.2.4"
+  },
+  repository: {
+    type: "git",
+    url: "https://github.com/tx-stripe/stripe-sync-engine.git"
+  },
+  homepage: "https://github.com/tx-stripe/stripe-sync-engine#readme",
+  bugs: {
+    url: "https://github.com/tx-stripe/stripe-sync-engine/issues"
+  },
+  keywords: [
+    "stripe",
+    "postgres",
+    "sync",
+    "webhooks",
+    "supabase",
+    "billing",
+    "database",
+    "typescript"
+  ],
+  author: "Supabase <https://supabase.com/>"
+};
+
+// src/cli/commands.ts
+var import_chalk3 = __toESM(require("chalk"), 1);
+var import_express = __toESM(require("express"), 1);
+var import_dotenv2 = __toESM(require("dotenv"), 1);
+
+// src/cli/config.ts
+var import_dotenv = __toESM(require("dotenv"), 1);
+var import_inquirer = __toESM(require("inquirer"), 1);
+var import_chalk = __toESM(require("chalk"), 1);
+async function loadConfig(options) {
+  import_dotenv.default.config();
+  const config = {};
+  config.stripeApiKey = options.stripeKey || process.env.STRIPE_API_KEY || "";
+  config.ngrokAuthToken = options.ngrokToken || process.env.NGROK_AUTH_TOKEN || "";
+  config.databaseUrl = options.databaseUrl || process.env.DATABASE_URL || "";
+  const questions = [];
+  if (!config.stripeApiKey) {
+    questions.push({
+      type: "password",
+      name: "stripeApiKey",
+      message: "Enter your Stripe API key:",
+      mask: "*",
+      validate: (input) => {
+        if (!input || input.trim() === "") {
+          return "Stripe API key is required";
+        }
+        if (!input.startsWith("sk_")) {
+          return 'Stripe API key should start with "sk_"';
+        }
+        return true;
+      }
+    });
+  }
+  if (!config.databaseUrl) {
+    questions.push({
+      type: "password",
+      name: "databaseUrl",
+      message: "Enter your Postgres DATABASE_URL:",
+      mask: "*",
+      validate: (input) => {
+        if (!input || input.trim() === "") {
+          return "DATABASE_URL is required";
+        }
+        if (!input.startsWith("postgres://") && !input.startsWith("postgresql://")) {
+          return 'DATABASE_URL should start with "postgres://" or "postgresql://"';
+        }
+        return true;
+      }
+    });
+  }
+  if (questions.length > 0) {
+    console.log(import_chalk.default.yellow("\nMissing required configuration. Please provide:"));
+    const answers = await import_inquirer.default.prompt(questions);
+    Object.assign(config, answers);
+  }
+  return config;
+}
+
+// src/stripeSync.ts
+var import_stripe2 = __toESM(require("stripe"), 1);
+var import_yesql2 = require("yesql");
+
+// src/database/postgres.ts
+var import_pg = __toESM(require("pg"), 1);
+var import_yesql = require("yesql");
+var ORDERED_STRIPE_TABLES = [
+  "subscription_items",
+  "subscriptions",
+  "subscription_schedules",
+  "checkout_session_line_items",
+  "checkout_sessions",
+  "tax_ids",
+  "charges",
+  "refunds",
+  "credit_notes",
+  "disputes",
+  "early_fraud_warnings",
+  "invoices",
+  "payment_intents",
+  "payment_methods",
+  "setup_intents",
+  "prices",
+  "plans",
+  "products",
+  "features",
+  "active_entitlements",
+  "reviews",
+  "_managed_webhooks",
+  "customers",
+  "_sync_obj_runs",
+  // Must be deleted before _sync_runs (foreign key)
+  "_sync_runs"
+];
+var TABLES_WITH_ACCOUNT_ID = /* @__PURE__ */ new Set(["_managed_webhooks"]);
+var PostgresClient = class {
+  constructor(config) {
+    this.config = config;
+    this.pool = new import_pg.default.Pool(config.poolConfig);
+  }
+  pool;
+  async delete(table, id) {
+    const prepared = (0, import_yesql.pg)(`
+    delete from "${this.config.schema}"."${table}"
+    where id = :id
+    returning id;
+    `)({ id });
+    const { rows } = await this.query(prepared.text, prepared.values);
+    return rows.length > 0;
+  }
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  async query(text, params) {
+    return this.pool.query(text, params);
+  }
+  async upsertMany(entries, table) {
+    if (!entries.length) return [];
+    const chunkSize = 5;
+    const results = [];
+    for (let i = 0; i < entries.length; i += chunkSize) {
+      const chunk = entries.slice(i, i + chunkSize);
+      const queries = [];
+      chunk.forEach((entry) => {
+        const rawData = JSON.stringify(entry);
+        const upsertSql = `
+          INSERT INTO "${this.config.schema}"."${table}" ("_raw_data")
+          VALUES ($1::jsonb)
+          ON CONFLICT (id)
+          DO UPDATE SET
+            "_raw_data" = EXCLUDED."_raw_data"
+          RETURNING *
+        `;
+        queries.push(this.pool.query(upsertSql, [rawData]));
+      });
+      results.push(...await Promise.all(queries));
+    }
+    return results.flatMap((it) => it.rows);
+  }
+  async upsertManyWithTimestampProtection(entries, table, accountId, syncTimestamp) {
+    const timestamp = syncTimestamp || (/* @__PURE__ */ new Date()).toISOString();
+    if (!entries.length) return [];
+    const chunkSize = 5;
+    const results = [];
+    for (let i = 0; i < entries.length; i += chunkSize) {
+      const chunk = entries.slice(i, i + chunkSize);
+      const queries = [];
+      chunk.forEach((entry) => {
+        if (table.startsWith("_")) {
+          const columns = Object.keys(entry).filter(
+            (k) => k !== "last_synced_at" && k !== "account_id"
+          );
+          const upsertSql = `
+            INSERT INTO "${this.config.schema}"."${table}" (
+              ${columns.map((c) => `"${c}"`).join(", ")}, "last_synced_at", "account_id"
+            )
+            VALUES (
+              ${columns.map((c) => `:${c}`).join(", ")}, :last_synced_at, :account_id
+            )
+            ON CONFLICT ("id")
+            DO UPDATE SET
+              ${columns.map((c) => `"${c}" = EXCLUDED."${c}"`).join(", ")},
+              "last_synced_at" = :last_synced_at,
+              "account_id" = EXCLUDED."account_id"
+            WHERE "${table}"."last_synced_at" IS NULL
+               OR "${table}"."last_synced_at" < :last_synced_at
+            RETURNING *
+          `;
+          const cleansed = this.cleanseArrayField(entry);
+          cleansed.last_synced_at = timestamp;
+          cleansed.account_id = accountId;
+          const prepared = (0, import_yesql.pg)(upsertSql, { useNullForMissing: true })(cleansed);
+          queries.push(this.pool.query(prepared.text, prepared.values));
+        } else {
+          const rawData = JSON.stringify(entry);
+          const upsertSql = `
+            INSERT INTO "${this.config.schema}"."${table}" ("_raw_data", "_last_synced_at", "_account_id")
+            VALUES ($1::jsonb, $2, $3)
+            ON CONFLICT (id)
+            DO UPDATE SET
+              "_raw_data" = EXCLUDED."_raw_data",
+              "_last_synced_at" = $2,
+              "_account_id" = EXCLUDED."_account_id"
+            WHERE "${table}"."_last_synced_at" IS NULL
+               OR "${table}"."_last_synced_at" < $2
+            RETURNING *
+          `;
+          queries.push(this.pool.query(upsertSql, [rawData, timestamp, accountId]));
+        }
+      });
+      results.push(...await Promise.all(queries));
+    }
+    return results.flatMap((it) => it.rows);
+  }
+  cleanseArrayField(obj) {
+    const cleansed = { ...obj };
+    Object.keys(cleansed).map((k) => {
+      const data = cleansed[k];
+      if (Array.isArray(data)) {
+        cleansed[k] = JSON.stringify(data);
+      }
+    });
+    return cleansed;
+  }
+  async findMissingEntries(table, ids) {
+    if (!ids.length) return [];
+    const prepared = (0, import_yesql.pg)(`
+    select id from "${this.config.schema}"."${table}"
+    where id=any(:ids::text[]);
+    `)({ ids });
+    const { rows } = await this.query(prepared.text, prepared.values);
+    const existingIds = rows.map((it) => it.id);
+    const missingIds = ids.filter((it) => !existingIds.includes(it));
+    return missingIds;
+  }
+  // Account management methods
+  async upsertAccount(accountData, apiKeyHash) {
+    const rawData = JSON.stringify(accountData.raw_data);
+    await this.query(
+      `INSERT INTO "${this.config.schema}"."accounts" ("_raw_data", "api_key_hashes", "first_synced_at", "_last_synced_at")
+       VALUES ($1::jsonb, ARRAY[$2], now(), now())
+       ON CONFLICT (id)
+       DO UPDATE SET
+         "_raw_data" = EXCLUDED."_raw_data",
+         "api_key_hashes" = (
+           SELECT ARRAY(
+             SELECT DISTINCT unnest(
+               COALESCE("${this.config.schema}"."accounts"."api_key_hashes", '{}') || ARRAY[$2]
+             )
+           )
+         ),
+         "_last_synced_at" = now(),
+         "_updated_at" = now()`,
+      [rawData, apiKeyHash]
+    );
+  }
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  async getAllAccounts() {
+    const result = await this.query(
+      `SELECT _raw_data FROM "${this.config.schema}"."accounts"
+       ORDER BY _last_synced_at DESC`
+    );
+    return result.rows.map((row) => row._raw_data);
+  }
+  /**
+   * Looks up an account ID by API key hash
+   * Uses the GIN index on api_key_hashes for fast lookups
+   * @param apiKeyHash - SHA-256 hash of the Stripe API key
+   * @returns Account ID if found, null otherwise
+   */
+  async getAccountIdByApiKeyHash(apiKeyHash) {
+    const result = await this.query(
+      `SELECT id FROM "${this.config.schema}"."accounts"
+       WHERE $1 = ANY(api_key_hashes)
+       LIMIT 1`,
+      [apiKeyHash]
+    );
+    return result.rows.length > 0 ? result.rows[0].id : null;
+  }
+  /**
+   * Looks up full account data by API key hash
+   * @param apiKeyHash - SHA-256 hash of the Stripe API key
+   * @returns Account raw data if found, null otherwise
+   */
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  async getAccountByApiKeyHash(apiKeyHash) {
+    const result = await this.query(
+      `SELECT _raw_data FROM "${this.config.schema}"."accounts"
+       WHERE $1 = ANY(api_key_hashes)
+       LIMIT 1`,
+      [apiKeyHash]
+    );
+    return result.rows.length > 0 ? result.rows[0]._raw_data : null;
+  }
+  getAccountIdColumn(table) {
+    return TABLES_WITH_ACCOUNT_ID.has(table) ? "account_id" : "_account_id";
+  }
+  async getAccountRecordCounts(accountId) {
+    const counts = {};
+    for (const table of ORDERED_STRIPE_TABLES) {
+      const accountIdColumn = this.getAccountIdColumn(table);
+      const result = await this.query(
+        `SELECT COUNT(*) as count FROM "${this.config.schema}"."${table}"
+         WHERE "${accountIdColumn}" = $1`,
+        [accountId]
+      );
+      counts[table] = parseInt(result.rows[0].count);
+    }
+    return counts;
+  }
+  async deleteAccountWithCascade(accountId, useTransaction) {
+    const deletionCounts = {};
+    try {
+      if (useTransaction) {
+        await this.query("BEGIN");
+      }
+      for (const table of ORDERED_STRIPE_TABLES) {
+        const accountIdColumn = this.getAccountIdColumn(table);
+        const result = await this.query(
+          `DELETE FROM "${this.config.schema}"."${table}"
+           WHERE "${accountIdColumn}" = $1`,
+          [accountId]
+        );
+        deletionCounts[table] = result.rowCount || 0;
+      }
+      const accountResult = await this.query(
+        `DELETE FROM "${this.config.schema}"."accounts"
+         WHERE "id" = $1`,
+        [accountId]
+      );
+      deletionCounts["accounts"] = accountResult.rowCount || 0;
+      if (useTransaction) {
+        await this.query("COMMIT");
+      }
+    } catch (error) {
+      if (useTransaction) {
+        await this.query("ROLLBACK");
+      }
+      throw error;
+    }
+    return deletionCounts;
+  }
+  /**
+   * Hash a string to a 32-bit integer for use with PostgreSQL advisory locks.
+   * Uses a simple hash algorithm that produces consistent results.
+   */
+  hashToInt32(key) {
+    let hash = 0;
+    for (let i = 0; i < key.length; i++) {
+      const char = key.charCodeAt(i);
+      hash = (hash << 5) - hash + char;
+      hash = hash & hash;
+    }
+    return hash;
+  }
+  /**
+   * Acquire a PostgreSQL advisory lock for the given key.
+   * This lock is automatically released when the connection is closed or explicitly released.
+   * Advisory locks are session-level and will block until the lock is available.
+   *
+   * @param key - A string key to lock on (will be hashed to an integer)
+   */
+  async acquireAdvisoryLock(key) {
+    const lockId = this.hashToInt32(key);
+    await this.query("SELECT pg_advisory_lock($1)", [lockId]);
+  }
+  /**
+   * Release a PostgreSQL advisory lock for the given key.
+   *
+   * @param key - The same string key used to acquire the lock
+   */
+  async releaseAdvisoryLock(key) {
+    const lockId = this.hashToInt32(key);
+    await this.query("SELECT pg_advisory_unlock($1)", [lockId]);
+  }
+  /**
+   * Execute a function while holding an advisory lock.
+   * The lock is automatically released after the function completes (success or error).
+   *
+   * IMPORTANT: This acquires a dedicated connection from the pool and holds it for the
+   * duration of the function execution. PostgreSQL advisory locks are session-level,
+   * so we must use the same connection for lock acquisition, operations, and release.
+   *
+   * @param key - A string key to lock on (will be hashed to an integer)
+   * @param fn - The function to execute while holding the lock
+   * @returns The result of the function
+   */
+  async withAdvisoryLock(key, fn) {
+    const lockId = this.hashToInt32(key);
+    const client = await this.pool.connect();
+    try {
+      await client.query("SELECT pg_advisory_lock($1)", [lockId]);
+      return await fn();
+    } finally {
+      try {
+        await client.query("SELECT pg_advisory_unlock($1)", [lockId]);
+      } finally {
+        client.release();
+      }
+    }
+  }
+  // =============================================================================
+  // Observable Sync System Methods
+  // =============================================================================
+  // These methods support long-running syncs with full observability.
+  // Uses two tables: _sync_runs (parent) and _sync_obj_runs (children)
+  // RunKey = (accountId, runStartedAt) - natural composite key
+  /**
+   * Cancel stale runs (running but no object updated in 5 minutes).
+   * Called before creating a new run to clean up crashed syncs.
+   * Only cancels runs that have objects AND none have recent activity.
+   * Runs without objects yet (just created) are not considered stale.
+   */
+  async cancelStaleRuns(accountId) {
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_obj_runs" o
+       SET status = 'error',
+           error_message = 'Auto-cancelled: stale (no update in 5 min)',
+           completed_at = now()
+       WHERE o."_account_id" = $1
+         AND o.status = 'running'
+         AND o.updated_at < now() - interval '5 minutes'`,
+      [accountId]
+    );
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_runs" r
+       SET closed_at = now()
+       WHERE r."_account_id" = $1
+         AND r.closed_at IS NULL
+         AND EXISTS (
+           SELECT 1 FROM "${this.config.schema}"."_sync_obj_runs" o
+           WHERE o."_account_id" = r."_account_id"
+             AND o.run_started_at = r.started_at
+         )
+         AND NOT EXISTS (
+           SELECT 1 FROM "${this.config.schema}"."_sync_obj_runs" o
+           WHERE o."_account_id" = r."_account_id"
+             AND o.run_started_at = r.started_at
+             AND o.status IN ('pending', 'running')
+         )`,
+      [accountId]
+    );
+  }
+  /**
+   * Get or create a sync run for this account.
+   * Returns existing run if one is active, otherwise creates new one.
+   * Auto-cancels stale runs before checking.
+   *
+   * @returns RunKey with isNew flag, or null if constraint violation (race condition)
+   */
+  async getOrCreateSyncRun(accountId, triggeredBy) {
+    await this.cancelStaleRuns(accountId);
+    const existing = await this.query(
+      `SELECT "_account_id", started_at FROM "${this.config.schema}"."_sync_runs"
+       WHERE "_account_id" = $1 AND closed_at IS NULL`,
+      [accountId]
+    );
+    if (existing.rows.length > 0) {
+      const row = existing.rows[0];
+      return { accountId: row._account_id, runStartedAt: row.started_at, isNew: false };
+    }
+    try {
+      const result = await this.query(
+        `INSERT INTO "${this.config.schema}"."_sync_runs" ("_account_id", triggered_by, started_at)
+         VALUES ($1, $2, date_trunc('milliseconds', now()))
+         RETURNING "_account_id", started_at`,
+        [accountId, triggeredBy ?? null]
+      );
+      const row = result.rows[0];
+      return { accountId: row._account_id, runStartedAt: row.started_at, isNew: true };
+    } catch (error) {
+      if (error instanceof Error && "code" in error && error.code === "23P01") {
+        return null;
+      }
+      throw error;
+    }
+  }
+  /**
+   * Get the active sync run for an account (if any).
+   */
+  async getActiveSyncRun(accountId) {
+    const result = await this.query(
+      `SELECT "_account_id", started_at FROM "${this.config.schema}"."_sync_runs"
+       WHERE "_account_id" = $1 AND closed_at IS NULL`,
+      [accountId]
+    );
+    if (result.rows.length === 0) return null;
+    const row = result.rows[0];
+    return { accountId: row._account_id, runStartedAt: row.started_at };
+  }
+  /**
+   * Get sync run config (for concurrency control).
+   * Status is derived from sync_runs view.
+   */
+  async getSyncRun(accountId, runStartedAt) {
+    const result = await this.query(
+      `SELECT "_account_id", started_at, max_concurrent, closed_at
+       FROM "${this.config.schema}"."_sync_runs"
+       WHERE "_account_id" = $1 AND started_at = $2`,
+      [accountId, runStartedAt]
+    );
+    if (result.rows.length === 0) return null;
+    const row = result.rows[0];
+    return {
+      accountId: row._account_id,
+      runStartedAt: row.started_at,
+      maxConcurrent: row.max_concurrent,
+      closedAt: row.closed_at
+    };
+  }
+  /**
+   * Close a sync run (mark as done).
+   * Status (complete/error) is derived from object run states.
+   */
+  async closeSyncRun(accountId, runStartedAt) {
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_runs"
+       SET closed_at = now()
+       WHERE "_account_id" = $1 AND started_at = $2 AND closed_at IS NULL`,
+      [accountId, runStartedAt]
+    );
+  }
+  /**
+   * Create object run entries for a sync run.
+   * All objects start as 'pending'.
+   */
+  async createObjectRuns(accountId, runStartedAt, objects) {
+    if (objects.length === 0) return;
+    const values = objects.map((_, i) => `($1, $2, $${i + 3})`).join(", ");
+    await this.query(
+      `INSERT INTO "${this.config.schema}"."_sync_obj_runs" ("_account_id", run_started_at, object)
+       VALUES ${values}
+       ON CONFLICT ("_account_id", run_started_at, object) DO NOTHING`,
+      [accountId, runStartedAt, ...objects]
+    );
+  }
+  /**
+   * Try to start an object sync (respects max_concurrent).
+   * Returns true if claimed, false if already running or at concurrency limit.
+   *
+   * Note: There's a small race window where concurrent calls could result in
+   * max_concurrent + 1 objects running. This is acceptable behavior.
+   */
+  async tryStartObjectSync(accountId, runStartedAt, object) {
+    const run = await this.getSyncRun(accountId, runStartedAt);
+    if (!run) return false;
+    const runningCount = await this.countRunningObjects(accountId, runStartedAt);
+    if (runningCount >= run.maxConcurrent) return false;
+    const result = await this.query(
+      `UPDATE "${this.config.schema}"."_sync_obj_runs"
+       SET status = 'running', started_at = now(), updated_at = now()
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3 AND status = 'pending'
+       RETURNING *`,
+      [accountId, runStartedAt, object]
+    );
+    return (result.rowCount ?? 0) > 0;
+  }
+  /**
+   * Get object run details.
+   */
+  async getObjectRun(accountId, runStartedAt, object) {
+    const result = await this.query(
+      `SELECT object, status, processed_count, cursor
+       FROM "${this.config.schema}"."_sync_obj_runs"
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+      [accountId, runStartedAt, object]
+    );
+    if (result.rows.length === 0) return null;
+    const row = result.rows[0];
+    return {
+      object: row.object,
+      status: row.status,
+      processedCount: row.processed_count,
+      cursor: row.cursor
+    };
+  }
+  /**
+   * Update progress for an object sync.
+   * Also touches updated_at for stale detection.
+   */
+  async incrementObjectProgress(accountId, runStartedAt, object, count) {
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_obj_runs"
+       SET processed_count = processed_count + $4, updated_at = now()
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+      [accountId, runStartedAt, object, count]
+    );
+  }
+  /**
+   * Update the cursor for an object sync.
+   * Only updates if the new cursor is higher than the existing one (cursors should never decrease).
+   * For numeric cursors (timestamps), uses GREATEST to ensure monotonic increase.
+   * For non-numeric cursors, just sets the value directly.
+   */
+  async updateObjectCursor(accountId, runStartedAt, object, cursor) {
+    const isNumeric = cursor !== null && /^\d+$/.test(cursor);
+    if (isNumeric) {
+      await this.query(
+        `UPDATE "${this.config.schema}"."_sync_obj_runs"
+         SET cursor = GREATEST(COALESCE(cursor::bigint, 0), $4::bigint)::text,
+             updated_at = now()
+         WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+        [accountId, runStartedAt, object, cursor]
+      );
+    } else {
+      await this.query(
+        `UPDATE "${this.config.schema}"."_sync_obj_runs"
+         SET cursor = $4, updated_at = now()
+         WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+        [accountId, runStartedAt, object, cursor]
+      );
+    }
+  }
+  /**
+   * Get the highest cursor from previous syncs for an object type.
+   * This considers completed, error, AND running runs to ensure recovery syncs
+   * don't re-process data that was already synced before a crash.
+   * A 'running' status with a cursor means the process was killed mid-sync.
+   */
+  async getLastCompletedCursor(accountId, object) {
+    const result = await this.query(
+      `SELECT MAX(o.cursor::bigint)::text as cursor
+       FROM "${this.config.schema}"."_sync_obj_runs" o
+       WHERE o."_account_id" = $1
+         AND o.object = $2
+         AND o.cursor IS NOT NULL`,
+      [accountId, object]
+    );
+    return result.rows[0]?.cursor ?? null;
+  }
+  /**
+   * Delete all sync runs and object runs for an account.
+   * Useful for testing or resetting sync state.
+   */
+  async deleteSyncRuns(accountId) {
+    await this.query(
+      `DELETE FROM "${this.config.schema}"."_sync_obj_runs" WHERE "_account_id" = $1`,
+      [accountId]
+    );
+    await this.query(`DELETE FROM "${this.config.schema}"."_sync_runs" WHERE "_account_id" = $1`, [
+      accountId
+    ]);
+  }
+  /**
+   * Mark an object sync as complete.
+   * Auto-closes the run when all objects are done.
+   */
+  async completeObjectSync(accountId, runStartedAt, object) {
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_obj_runs"
+       SET status = 'complete', completed_at = now()
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+      [accountId, runStartedAt, object]
+    );
+    const allDone = await this.areAllObjectsComplete(accountId, runStartedAt);
+    if (allDone) {
+      await this.closeSyncRun(accountId, runStartedAt);
+    }
+  }
+  /**
+   * Mark an object sync as failed.
+   * Auto-closes the run when all objects are done.
+   */
+  async failObjectSync(accountId, runStartedAt, object, errorMessage) {
+    await this.query(
+      `UPDATE "${this.config.schema}"."_sync_obj_runs"
+       SET status = 'error', error_message = $4, completed_at = now()
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND object = $3`,
+      [accountId, runStartedAt, object, errorMessage]
+    );
+    const allDone = await this.areAllObjectsComplete(accountId, runStartedAt);
+    if (allDone) {
+      await this.closeSyncRun(accountId, runStartedAt);
+    }
+  }
+  /**
+   * Check if any object in a run has errored.
+   */
+  async hasAnyObjectErrors(accountId, runStartedAt) {
+    const result = await this.query(
+      `SELECT COUNT(*) as count FROM "${this.config.schema}"."_sync_obj_runs"
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND status = 'error'`,
+      [accountId, runStartedAt]
+    );
+    return parseInt(result.rows[0].count) > 0;
+  }
+  /**
+   * Count running objects in a run.
+   */
+  async countRunningObjects(accountId, runStartedAt) {
+    const result = await this.query(
+      `SELECT COUNT(*) as count FROM "${this.config.schema}"."_sync_obj_runs"
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND status = 'running'`,
+      [accountId, runStartedAt]
+    );
+    return parseInt(result.rows[0].count);
+  }
+  /**
+   * Get the next pending object to process.
+   * Returns null if no pending objects or at concurrency limit.
+   */
+  async getNextPendingObject(accountId, runStartedAt) {
+    const run = await this.getSyncRun(accountId, runStartedAt);
+    if (!run) return null;
+    const runningCount = await this.countRunningObjects(accountId, runStartedAt);
+    if (runningCount >= run.maxConcurrent) return null;
+    const result = await this.query(
+      `SELECT object FROM "${this.config.schema}"."_sync_obj_runs"
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND status = 'pending'
+       ORDER BY object
+       LIMIT 1`,
+      [accountId, runStartedAt]
+    );
+    return result.rows.length > 0 ? result.rows[0].object : null;
+  }
+  /**
+   * Check if all objects in a run are complete (or error).
+   */
+  async areAllObjectsComplete(accountId, runStartedAt) {
+    const result = await this.query(
+      `SELECT COUNT(*) as count FROM "${this.config.schema}"."_sync_obj_runs"
+       WHERE "_account_id" = $1 AND run_started_at = $2 AND status IN ('pending', 'running')`,
+      [accountId, runStartedAt]
+    );
+    return parseInt(result.rows[0].count) === 0;
+  }
+  /**
+   * Closes the database connection pool and cleans up resources.
+   * Call this when you're done using the PostgresClient instance.
+   */
+  async close() {
+    await this.pool.end();
+  }
+};
+
+// src/schemas/managed_webhook.ts
+var managedWebhookSchema = {
+  properties: [
+    "id",
+    "object",
+    "url",
+    "enabled_events",
+    "description",
+    "enabled",
+    "livemode",
+    "metadata",
+    "secret",
+    "status",
+    "api_version",
+    "created",
+    "account_id"
+  ]
+};
+
+// src/utils/retry.ts
+var import_stripe = __toESM(require("stripe"), 1);
+var DEFAULT_RETRY_CONFIG = {
+  maxRetries: 5,
+  initialDelayMs: 1e3,
+  // 1 second
+  maxDelayMs: 6e4,
+  // 60 seconds
+  jitterMs: 500
+  // randomization to prevent thundering herd
+};
+function isRetryableError(error) {
+  if (error instanceof import_stripe.default.errors.StripeRateLimitError) {
+    return true;
+  }
+  if (error instanceof import_stripe.default.errors.StripeAPIError) {
+    const statusCode = error.statusCode;
+    if (statusCode && [500, 502, 503, 504, 424].includes(statusCode)) {
+      return true;
+    }
+  }
+  if (error instanceof import_stripe.default.errors.StripeConnectionError) {
+    return true;
+  }
+  return false;
+}
+function getRetryAfterMs(error) {
+  if (!(error instanceof import_stripe.default.errors.StripeRateLimitError)) {
+    return null;
+  }
+  const retryAfterHeader = error.headers?.["retry-after"];
+  if (!retryAfterHeader) {
+    return null;
+  }
+  const retryAfterSeconds = Number(retryAfterHeader);
+  if (isNaN(retryAfterSeconds) || retryAfterSeconds <= 0) {
+    return null;
+  }
+  return retryAfterSeconds * 1e3;
+}
+function calculateDelay(attempt, config, retryAfterMs) {
+  if (retryAfterMs !== null && retryAfterMs !== void 0) {
+    const jitter2 = Math.random() * config.jitterMs;
+    return retryAfterMs + jitter2;
+  }
+  const exponentialDelay = Math.min(config.initialDelayMs * Math.pow(2, attempt), config.maxDelayMs);
+  const jitter = Math.random() * config.jitterMs;
+  return exponentialDelay + jitter;
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function getErrorType(error) {
+  if (error instanceof import_stripe.default.errors.StripeRateLimitError) {
+    return "rate_limit";
+  }
+  if (error instanceof import_stripe.default.errors.StripeAPIError) {
+    return `api_error_${error.statusCode}`;
+  }
+  if (error instanceof import_stripe.default.errors.StripeConnectionError) {
+    return "connection_error";
+  }
+  return "unknown";
+}
+async function withRetry(fn, config = {}, logger) {
+  const retryConfig = { ...DEFAULT_RETRY_CONFIG, ...config };
+  let lastError;
+  for (let attempt = 0; attempt <= retryConfig.maxRetries; attempt++) {
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error;
+      if (!isRetryableError(error)) {
+        throw error;
+      }
+      if (attempt >= retryConfig.maxRetries) {
+        logger?.error(
+          {
+            error: error instanceof Error ? error.message : String(error),
+            errorType: getErrorType(error),
+            attempt: attempt + 1,
+            maxRetries: retryConfig.maxRetries
+          },
+          "Max retries exhausted for Stripe error"
+        );
+        throw error;
+      }
+      const retryAfterMs = getRetryAfterMs(error);
+      const delay = calculateDelay(attempt, retryConfig, retryAfterMs);
+      logger?.warn(
+        {
+          error: error instanceof Error ? error.message : String(error),
+          errorType: getErrorType(error),
+          attempt: attempt + 1,
+          maxRetries: retryConfig.maxRetries,
+          delayMs: Math.round(delay),
+          retryAfterMs: retryAfterMs ?? void 0,
+          nextAttempt: attempt + 2
+        },
+        "Transient Stripe error, retrying after delay"
+      );
+      await sleep(delay);
+    }
+  }
+  throw lastError;
+}
+
+// src/utils/stripeClientWrapper.ts
+function createRetryableStripeClient(stripe, retryConfig = {}, logger) {
+  return new Proxy(stripe, {
+    get(target, prop, receiver) {
+      const original = Reflect.get(target, prop, receiver);
+      if (original && typeof original === "object" && !isPromise(original)) {
+        return wrapResource(original, retryConfig, logger);
+      }
+      return original;
+    }
+  });
+}
+function wrapResource(resource, retryConfig, logger) {
+  return new Proxy(resource, {
+    get(target, prop, receiver) {
+      const original = Reflect.get(target, prop, receiver);
+      if (typeof original === "function") {
+        return function(...args) {
+          const result = original.apply(target, args);
+          if (result && typeof result === "object" && Symbol.asyncIterator in result) {
+            return result;
+          }
+          if (isPromise(result)) {
+            return withRetry(() => Promise.resolve(result), retryConfig, logger);
+          }
+          return result;
+        };
+      }
+      if (original && typeof original === "object" && !isPromise(original)) {
+        return wrapResource(original, retryConfig, logger);
+      }
+      return original;
+    }
+  });
+}
+function isPromise(value) {
+  return value !== null && typeof value === "object" && typeof value.then === "function";
+}
+
+// src/utils/hashApiKey.ts
+var import_crypto = require("crypto");
+function hashApiKey(apiKey) {
+  return (0, import_crypto.createHash)("sha256").update(apiKey).digest("hex");
+}
+
+// src/stripeSync.ts
+function getUniqueIds(entries, key) {
+  const set = new Set(
+    entries.map((subscription) => subscription?.[key]?.toString()).filter((it) => Boolean(it))
+  );
+  return Array.from(set);
+}
+var StripeSync = class {
+  constructor(config) {
+    this.config = config;
+    const baseStripe = new import_stripe2.default(config.stripeSecretKey, {
+      // https://github.com/stripe/stripe-node#configuration
+      // @ts-ignore
+      apiVersion: config.stripeApiVersion,
+      appInfo: {
+        name: "Stripe Postgres Sync"
+      }
+    });
+    this.stripe = createRetryableStripeClient(baseStripe, {}, config.logger);
+    this.config.logger = config.logger ?? console;
+    this.config.logger?.info(
+      { autoExpandLists: config.autoExpandLists, stripeApiVersion: config.stripeApiVersion },
+      "StripeSync initialized"
+    );
+    const poolConfig = config.poolConfig ?? {};
+    if (config.databaseUrl) {
+      poolConfig.connectionString = config.databaseUrl;
+    }
+    if (config.maxPostgresConnections) {
+      poolConfig.max = config.maxPostgresConnections;
+    }
+    if (poolConfig.max === void 0) {
+      poolConfig.max = 10;
+    }
+    if (poolConfig.keepAlive === void 0) {
+      poolConfig.keepAlive = true;
+    }
+    this.postgresClient = new PostgresClient({
+      schema: "stripe",
+      poolConfig
+    });
+  }
+  stripe;
+  postgresClient;
+  /**
+   * Get the Stripe account ID. Delegates to getCurrentAccount() for the actual lookup.
+   */
+  async getAccountId(objectAccountId) {
+    const account = await this.getCurrentAccount(objectAccountId);
+    if (!account) {
+      throw new Error("Failed to retrieve Stripe account. Please ensure API key is valid.");
+    }
+    return account.id;
+  }
+  /**
+   * Upsert Stripe account information to the database
+   * @param account - Stripe account object
+   * @param apiKeyHash - SHA-256 hash of API key to store for fast lookups
+   */
+  async upsertAccount(account, apiKeyHash) {
+    try {
+      await this.postgresClient.upsertAccount(
+        {
+          id: account.id,
+          raw_data: account
+        },
+        apiKeyHash
+      );
+    } catch (error) {
+      this.config.logger?.error(error, "Failed to upsert account to database");
+      const errorMessage = error instanceof Error ? error.message : "Unknown error";
+      throw new Error(`Failed to upsert account to database: ${errorMessage}`);
+    }
+  }
+  /**
+   * Get the current account being synced. Uses database lookup by API key hash,
+   * with fallback to Stripe API if not found (first-time setup or new API key).
+   * @param objectAccountId - Optional account ID from event data (Connect scenarios)
+   */
+  async getCurrentAccount(objectAccountId) {
+    const apiKeyHash = hashApiKey(this.config.stripeSecretKey);
+    try {
+      const account = await this.postgresClient.getAccountByApiKeyHash(apiKeyHash);
+      if (account) {
+        return account;
+      }
+    } catch (error) {
+      this.config.logger?.warn(
+        error,
+        "Failed to lookup account by API key hash, falling back to API"
+      );
+    }
+    try {
+      const accountIdParam = objectAccountId || this.config.stripeAccountId;
+      const account = accountIdParam ? await this.stripe.accounts.retrieve(accountIdParam) : await this.stripe.accounts.retrieve();
+      await this.upsertAccount(account, apiKeyHash);
+      return account;
+    } catch (error) {
+      this.config.logger?.error(error, "Failed to retrieve account from Stripe API");
+      return null;
+    }
+  }
+  /**
+   * Get all accounts that have been synced to the database
+   */
+  async getAllSyncedAccounts() {
+    try {
+      const accountsData = await this.postgresClient.getAllAccounts();
+      return accountsData;
+    } catch (error) {
+      this.config.logger?.error(error, "Failed to retrieve accounts from database");
+      throw new Error("Failed to retrieve synced accounts from database");
+    }
+  }
+  /**
+   * DANGEROUS: Delete an account and all associated data from the database
+   * This operation cannot be undone!
+   *
+   * @param accountId - The Stripe account ID to delete
+   * @param options - Options for deletion behavior
+   * @param options.dryRun - If true, only count records without deleting (default: false)
+   * @param options.useTransaction - If true, use transaction for atomic deletion (default: true)
+   * @returns Deletion summary with counts and warnings
+   */
+  async dangerouslyDeleteSyncedAccountData(accountId, options) {
+    const dryRun = options?.dryRun ?? false;
+    const useTransaction = options?.useTransaction ?? true;
+    this.config.logger?.info(
+      `${dryRun ? "Preview" : "Deleting"} account ${accountId} (transaction: ${useTransaction})`
+    );
+    try {
+      const counts = await this.postgresClient.getAccountRecordCounts(accountId);
+      const warnings = [];
+      let totalRecords = 0;
+      for (const [table, count] of Object.entries(counts)) {
+        if (count > 0) {
+          totalRecords += count;
+          warnings.push(`Will delete ${count} ${table} record${count !== 1 ? "s" : ""}`);
+        }
+      }
+      if (totalRecords > 1e5) {
+        warnings.push(
+          `Large dataset detected (${totalRecords} total records). Consider using useTransaction: false for better performance.`
+        );
+      }
+      if (dryRun) {
+        this.config.logger?.info(`Dry-run complete: ${totalRecords} total records would be deleted`);
+        return {
+          deletedAccountId: accountId,
+          deletedRecordCounts: counts,
+          warnings
+        };
+      }
+      const deletionCounts = await this.postgresClient.deleteAccountWithCascade(
+        accountId,
+        useTransaction
+      );
+      this.config.logger?.info(
+        `Successfully deleted account ${accountId} with ${totalRecords} total records`
+      );
+      return {
+        deletedAccountId: accountId,
+        deletedRecordCounts: deletionCounts,
+        warnings
+      };
+    } catch (error) {
+      this.config.logger?.error(error, `Failed to delete account ${accountId}`);
+      const errorMessage = error instanceof Error ? error.message : "Unknown error";
+      throw new Error(`Failed to delete account ${accountId}: ${errorMessage}`);
+    }
+  }
+  async processWebhook(payload, signature) {
+    let webhookSecret = this.config.stripeWebhookSecret;
+    if (!webhookSecret) {
+      const accountId = await this.getAccountId();
+      const result = await this.postgresClient.query(
+        `SELECT secret FROM "stripe"."_managed_webhooks" WHERE account_id = $1 LIMIT 1`,
+        [accountId]
+      );
+      if (result.rows.length > 0) {
+        webhookSecret = result.rows[0].secret;
+      }
+    }
+    if (!webhookSecret) {
+      throw new Error(
+        "No webhook secret provided. Either create a managed webhook or configure stripeWebhookSecret."
+      );
+    }
+    const event = await this.stripe.webhooks.constructEventAsync(payload, signature, webhookSecret);
+    return this.processEvent(event);
+  }
+  // Event handler registry - maps event types to handler functions
+  // Note: Uses 'any' for event parameter to allow handlers with specific Stripe event types
+  // (e.g., CustomerDeletedEvent, ProductDeletedEvent) which TypeScript won't accept
+  // as contravariant parameters when using the base Stripe.Event type
+  eventHandlers = {
+    "charge.captured": this.handleChargeEvent.bind(this),
+    "charge.expired": this.handleChargeEvent.bind(this),
+    "charge.failed": this.handleChargeEvent.bind(this),
+    "charge.pending": this.handleChargeEvent.bind(this),
+    "charge.refunded": this.handleChargeEvent.bind(this),
+    "charge.succeeded": this.handleChargeEvent.bind(this),
+    "charge.updated": this.handleChargeEvent.bind(this),
+    "customer.deleted": this.handleCustomerDeletedEvent.bind(this),
+    "customer.created": this.handleCustomerEvent.bind(this),
+    "customer.updated": this.handleCustomerEvent.bind(this),
+    "checkout.session.async_payment_failed": this.handleCheckoutSessionEvent.bind(this),
+    "checkout.session.async_payment_succeeded": this.handleCheckoutSessionEvent.bind(this),
+    "checkout.session.completed": this.handleCheckoutSessionEvent.bind(this),
+    "checkout.session.expired": this.handleCheckoutSessionEvent.bind(this),
+    "customer.subscription.created": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.deleted": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.paused": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.pending_update_applied": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.pending_update_expired": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.trial_will_end": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.resumed": this.handleSubscriptionEvent.bind(this),
+    "customer.subscription.updated": this.handleSubscriptionEvent.bind(this),
+    "customer.tax_id.updated": this.handleTaxIdEvent.bind(this),
+    "customer.tax_id.created": this.handleTaxIdEvent.bind(this),
+    "customer.tax_id.deleted": this.handleTaxIdDeletedEvent.bind(this),
+    "invoice.created": this.handleInvoiceEvent.bind(this),
+    "invoice.deleted": this.handleInvoiceEvent.bind(this),
+    "invoice.finalized": this.handleInvoiceEvent.bind(this),
+    "invoice.finalization_failed": this.handleInvoiceEvent.bind(this),
+    "invoice.paid": this.handleInvoiceEvent.bind(this),
+    "invoice.payment_action_required": this.handleInvoiceEvent.bind(this),
+    "invoice.payment_failed": this.handleInvoiceEvent.bind(this),
+    "invoice.payment_succeeded": this.handleInvoiceEvent.bind(this),
+    "invoice.upcoming": this.handleInvoiceEvent.bind(this),
+    "invoice.sent": this.handleInvoiceEvent.bind(this),
+    "invoice.voided": this.handleInvoiceEvent.bind(this),
+    "invoice.marked_uncollectible": this.handleInvoiceEvent.bind(this),
+    "invoice.updated": this.handleInvoiceEvent.bind(this),
+    "product.created": this.handleProductEvent.bind(this),
+    "product.updated": this.handleProductEvent.bind(this),
+    "product.deleted": this.handleProductDeletedEvent.bind(this),
+    "price.created": this.handlePriceEvent.bind(this),
+    "price.updated": this.handlePriceEvent.bind(this),
+    "price.deleted": this.handlePriceDeletedEvent.bind(this),
+    "plan.created": this.handlePlanEvent.bind(this),
+    "plan.updated": this.handlePlanEvent.bind(this),
+    "plan.deleted": this.handlePlanDeletedEvent.bind(this),
+    "setup_intent.canceled": this.handleSetupIntentEvent.bind(this),
+    "setup_intent.created": this.handleSetupIntentEvent.bind(this),
+    "setup_intent.requires_action": this.handleSetupIntentEvent.bind(this),
+    "setup_intent.setup_failed": this.handleSetupIntentEvent.bind(this),
+    "setup_intent.succeeded": this.handleSetupIntentEvent.bind(this),
+    "subscription_schedule.aborted": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.canceled": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.completed": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.created": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.expiring": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.released": this.handleSubscriptionScheduleEvent.bind(this),
+    "subscription_schedule.updated": this.handleSubscriptionScheduleEvent.bind(this),
+    "payment_method.attached": this.handlePaymentMethodEvent.bind(this),
+    "payment_method.automatically_updated": this.handlePaymentMethodEvent.bind(this),
+    "payment_method.detached": this.handlePaymentMethodEvent.bind(this),
+    "payment_method.updated": this.handlePaymentMethodEvent.bind(this),
+    "charge.dispute.created": this.handleDisputeEvent.bind(this),
+    "charge.dispute.funds_reinstated": this.handleDisputeEvent.bind(this),
+    "charge.dispute.funds_withdrawn": this.handleDisputeEvent.bind(this),
+    "charge.dispute.updated": this.handleDisputeEvent.bind(this),
+    "charge.dispute.closed": this.handleDisputeEvent.bind(this),
+    "payment_intent.amount_capturable_updated": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.canceled": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.created": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.partially_funded": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.payment_failed": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.processing": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.requires_action": this.handlePaymentIntentEvent.bind(this),
+    "payment_intent.succeeded": this.handlePaymentIntentEvent.bind(this),
+    "credit_note.created": this.handleCreditNoteEvent.bind(this),
+    "credit_note.updated": this.handleCreditNoteEvent.bind(this),
+    "credit_note.voided": this.handleCreditNoteEvent.bind(this),
+    "radar.early_fraud_warning.created": this.handleEarlyFraudWarningEvent.bind(this),
+    "radar.early_fraud_warning.updated": this.handleEarlyFraudWarningEvent.bind(this),
+    "refund.created": this.handleRefundEvent.bind(this),
+    "refund.failed": this.handleRefundEvent.bind(this),
+    "refund.updated": this.handleRefundEvent.bind(this),
+    "charge.refund.updated": this.handleRefundEvent.bind(this),
+    "review.closed": this.handleReviewEvent.bind(this),
+    "review.opened": this.handleReviewEvent.bind(this),
+    "entitlements.active_entitlement_summary.updated": this.handleEntitlementSummaryEvent.bind(this)
+  };
+  // Resource registry - maps SyncObject → list/upsert operations for processNext()
+  // Complements eventHandlers which maps event types → handlers for webhooks
+  // Both registries share the same underlying upsert methods
+  // Order field determines backfill sequence - parents before children for FK dependencies
+  resourceRegistry = {
+    product: {
+      order: 1,
+      // No dependencies
+      listFn: (p) => this.stripe.products.list(p),
+      upsertFn: (items, id) => this.upsertProducts(items, id),
+      supportsCreatedFilter: true
+    },
+    price: {
+      order: 2,
+      // Depends on product
+      listFn: (p) => this.stripe.prices.list(p),
+      upsertFn: (items, id, bf) => this.upsertPrices(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    plan: {
+      order: 3,
+      // Depends on product
+      listFn: (p) => this.stripe.plans.list(p),
+      upsertFn: (items, id, bf) => this.upsertPlans(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    customer: {
+      order: 4,
+      // No dependencies
+      listFn: (p) => this.stripe.customers.list(p),
+      upsertFn: (items, id) => this.upsertCustomers(items, id),
+      supportsCreatedFilter: true
+    },
+    subscription: {
+      order: 5,
+      // Depends on customer, price
+      listFn: (p) => this.stripe.subscriptions.list(p),
+      upsertFn: (items, id, bf) => this.upsertSubscriptions(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    subscription_schedules: {
+      order: 6,
+      // Depends on customer
+      listFn: (p) => this.stripe.subscriptionSchedules.list(p),
+      upsertFn: (items, id, bf) => this.upsertSubscriptionSchedules(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    invoice: {
+      order: 7,
+      // Depends on customer, subscription
+      listFn: (p) => this.stripe.invoices.list(p),
+      upsertFn: (items, id, bf) => this.upsertInvoices(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    charge: {
+      order: 8,
+      // Depends on customer, invoice
+      listFn: (p) => this.stripe.charges.list(p),
+      upsertFn: (items, id, bf) => this.upsertCharges(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    setup_intent: {
+      order: 9,
+      // Depends on customer
+      listFn: (p) => this.stripe.setupIntents.list(p),
+      upsertFn: (items, id, bf) => this.upsertSetupIntents(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    payment_method: {
+      order: 10,
+      // Depends on customer (special: iterates customers)
+      listFn: (p) => this.stripe.paymentMethods.list(p),
+      upsertFn: (items, id, bf) => this.upsertPaymentMethods(items, id, bf),
+      supportsCreatedFilter: false
+      // Requires customer param, can't filter by created
+    },
+    payment_intent: {
+      order: 11,
+      // Depends on customer
+      listFn: (p) => this.stripe.paymentIntents.list(p),
+      upsertFn: (items, id, bf) => this.upsertPaymentIntents(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    tax_id: {
+      order: 12,
+      // Depends on customer
+      listFn: (p) => this.stripe.taxIds.list(p),
+      upsertFn: (items, id, bf) => this.upsertTaxIds(items, id, bf),
+      supportsCreatedFilter: false
+      // taxIds don't support created filter
+    },
+    credit_note: {
+      order: 13,
+      // Depends on invoice
+      listFn: (p) => this.stripe.creditNotes.list(p),
+      upsertFn: (items, id, bf) => this.upsertCreditNotes(items, id, bf),
+      supportsCreatedFilter: true
+      // credit_notes support created filter
+    },
+    dispute: {
+      order: 14,
+      // Depends on charge
+      listFn: (p) => this.stripe.disputes.list(p),
+      upsertFn: (items, id, bf) => this.upsertDisputes(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    early_fraud_warning: {
+      order: 15,
+      // Depends on charge
+      listFn: (p) => this.stripe.radar.earlyFraudWarnings.list(p),
+      upsertFn: (items, id) => this.upsertEarlyFraudWarning(items, id),
+      supportsCreatedFilter: true
+    },
+    refund: {
+      order: 16,
+      // Depends on charge
+      listFn: (p) => this.stripe.refunds.list(p),
+      upsertFn: (items, id, bf) => this.upsertRefunds(items, id, bf),
+      supportsCreatedFilter: true
+    },
+    checkout_sessions: {
+      order: 17,
+      // Depends on customer (optional)
+      listFn: (p) => this.stripe.checkout.sessions.list(p),
+      upsertFn: (items, id) => this.upsertCheckoutSessions(items, id),
+      supportsCreatedFilter: true
+    }
+  };
+  async processEvent(event) {
+    const objectAccountId = event.data?.object && typeof event.data.object === "object" && "account" in event.data.object ? event.data.object.account : void 0;
+    const accountId = await this.getAccountId(objectAccountId);
+    await this.getCurrentAccount();
+    const handler = this.eventHandlers[event.type];
+    if (handler) {
+      const entityId = event.data?.object && typeof event.data.object === "object" && "id" in event.data.object ? event.data.object.id : "unknown";
+      this.config.logger?.info(`Received webhook ${event.id}: ${event.type} for ${entityId}`);
+      await handler(event, accountId);
+    } else {
+      this.config.logger?.warn(
+        `Received unhandled webhook event: ${event.type} (${event.id}). Ignoring.`
+      );
+    }
+  }
+  /**
+   * Returns an array of all webhook event types that this sync engine can handle.
+   * Useful for configuring webhook endpoints with specific event subscriptions.
+   */
+  getSupportedEventTypes() {
+    return Object.keys(
+      this.eventHandlers
+    ).sort();
+  }
+  /**
+   * Returns an array of all object types that can be synced via processNext/processUntilDone.
+   * Ordered for backfill: parents before children (products before prices, customers before subscriptions).
+   * Order is determined by the `order` field in resourceRegistry.
+   */
+  getSupportedSyncObjects() {
+    return Object.entries(this.resourceRegistry).sort(([, a], [, b]) => a.order - b.order).map(([key]) => key);
+  }
+  // Event handler methods
+  async handleChargeEvent(event, accountId) {
+    const { entity: charge, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.charges.retrieve(id),
+      (charge2) => charge2.status === "failed" || charge2.status === "succeeded"
+    );
+    await this.upsertCharges([charge], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handleCustomerDeletedEvent(event, accountId) {
+    const customer = {
+      id: event.data.object.id,
+      object: "customer",
+      deleted: true
+    };
+    await this.upsertCustomers([customer], accountId, this.getSyncTimestamp(event, false));
+  }
+  async handleCustomerEvent(event, accountId) {
+    const { entity: customer, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.customers.retrieve(id),
+      (customer2) => customer2.deleted === true
+    );
+    await this.upsertCustomers([customer], accountId, this.getSyncTimestamp(event, refetched));
+  }
+  async handleCheckoutSessionEvent(event, accountId) {
+    const { entity: checkoutSession, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.checkout.sessions.retrieve(id)
+    );
+    await this.upsertCheckoutSessions(
+      [checkoutSession],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleSubscriptionEvent(event, accountId) {
+    const { entity: subscription, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.subscriptions.retrieve(id),
+      (subscription2) => subscription2.status === "canceled" || subscription2.status === "incomplete_expired"
+    );
+    await this.upsertSubscriptions(
+      [subscription],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleTaxIdEvent(event, accountId) {
+    const { entity: taxId, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.taxIds.retrieve(id)
+    );
+    await this.upsertTaxIds([taxId], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handleTaxIdDeletedEvent(event, _accountId) {
+    const taxId = event.data.object;
+    await this.deleteTaxId(taxId.id);
+  }
+  async handleInvoiceEvent(event, accountId) {
+    const { entity: invoice, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.invoices.retrieve(id),
+      (invoice2) => invoice2.status === "void"
+    );
+    await this.upsertInvoices([invoice], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handleProductEvent(event, accountId) {
+    try {
+      const { entity: product, refetched } = await this.fetchOrUseWebhookData(
+        event.data.object,
+        (id) => this.stripe.products.retrieve(id)
+      );
+      await this.upsertProducts([product], accountId, this.getSyncTimestamp(event, refetched));
+    } catch (err) {
+      if (err instanceof import_stripe2.default.errors.StripeAPIError && err.code === "resource_missing") {
+        const product = event.data.object;
+        await this.deleteProduct(product.id);
+      } else {
+        throw err;
+      }
+    }
+  }
+  async handleProductDeletedEvent(event, _accountId) {
+    const product = event.data.object;
+    await this.deleteProduct(product.id);
+  }
+  async handlePriceEvent(event, accountId) {
+    try {
+      const { entity: price, refetched } = await this.fetchOrUseWebhookData(
+        event.data.object,
+        (id) => this.stripe.prices.retrieve(id)
+      );
+      await this.upsertPrices([price], accountId, false, this.getSyncTimestamp(event, refetched));
+    } catch (err) {
+      if (err instanceof import_stripe2.default.errors.StripeAPIError && err.code === "resource_missing") {
+        const price = event.data.object;
+        await this.deletePrice(price.id);
+      } else {
+        throw err;
+      }
+    }
+  }
+  async handlePriceDeletedEvent(event, _accountId) {
+    const price = event.data.object;
+    await this.deletePrice(price.id);
+  }
+  async handlePlanEvent(event, accountId) {
+    try {
+      const { entity: plan, refetched } = await this.fetchOrUseWebhookData(
+        event.data.object,
+        (id) => this.stripe.plans.retrieve(id)
+      );
+      await this.upsertPlans([plan], accountId, false, this.getSyncTimestamp(event, refetched));
+    } catch (err) {
+      if (err instanceof import_stripe2.default.errors.StripeAPIError && err.code === "resource_missing") {
+        const plan = event.data.object;
+        await this.deletePlan(plan.id);
+      } else {
+        throw err;
+      }
+    }
+  }
+  async handlePlanDeletedEvent(event, _accountId) {
+    const plan = event.data.object;
+    await this.deletePlan(plan.id);
+  }
+  async handleSetupIntentEvent(event, accountId) {
+    const { entity: setupIntent, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.setupIntents.retrieve(id),
+      (setupIntent2) => setupIntent2.status === "canceled" || setupIntent2.status === "succeeded"
+    );
+    await this.upsertSetupIntents(
+      [setupIntent],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleSubscriptionScheduleEvent(event, accountId) {
+    const { entity: subscriptionSchedule, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.subscriptionSchedules.retrieve(id),
+      (schedule) => schedule.status === "canceled" || schedule.status === "completed"
+    );
+    await this.upsertSubscriptionSchedules(
+      [subscriptionSchedule],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handlePaymentMethodEvent(event, accountId) {
+    const { entity: paymentMethod, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.paymentMethods.retrieve(id)
+    );
+    await this.upsertPaymentMethods(
+      [paymentMethod],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleDisputeEvent(event, accountId) {
+    const { entity: dispute, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.disputes.retrieve(id),
+      (dispute2) => dispute2.status === "won" || dispute2.status === "lost"
+    );
+    await this.upsertDisputes([dispute], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handlePaymentIntentEvent(event, accountId) {
+    const { entity: paymentIntent, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.paymentIntents.retrieve(id),
+      // Final states - do not re-fetch from API
+      (entity) => entity.status === "canceled" || entity.status === "succeeded"
+    );
+    await this.upsertPaymentIntents(
+      [paymentIntent],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleCreditNoteEvent(event, accountId) {
+    const { entity: creditNote, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.creditNotes.retrieve(id),
+      (creditNote2) => creditNote2.status === "void"
+    );
+    await this.upsertCreditNotes(
+      [creditNote],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleEarlyFraudWarningEvent(event, accountId) {
+    const { entity: earlyFraudWarning, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.radar.earlyFraudWarnings.retrieve(id)
+    );
+    await this.upsertEarlyFraudWarning(
+      [earlyFraudWarning],
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  async handleRefundEvent(event, accountId) {
+    const { entity: refund, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.refunds.retrieve(id)
+    );
+    await this.upsertRefunds([refund], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handleReviewEvent(event, accountId) {
+    const { entity: review, refetched } = await this.fetchOrUseWebhookData(
+      event.data.object,
+      (id) => this.stripe.reviews.retrieve(id)
+    );
+    await this.upsertReviews([review], accountId, false, this.getSyncTimestamp(event, refetched));
+  }
+  async handleEntitlementSummaryEvent(event, accountId) {
+    const activeEntitlementSummary = event.data.object;
+    let entitlements = activeEntitlementSummary.entitlements;
+    let refetched = false;
+    if (this.config.revalidateObjectsViaStripeApi?.includes("entitlements")) {
+      const { lastResponse, ...rest } = await this.stripe.entitlements.activeEntitlements.list({
+        customer: activeEntitlementSummary.customer
+      });
+      entitlements = rest;
+      refetched = true;
+    }
+    await this.deleteRemovedActiveEntitlements(
+      activeEntitlementSummary.customer,
+      entitlements.data.map((entitlement) => entitlement.id)
+    );
+    await this.upsertActiveEntitlements(
+      activeEntitlementSummary.customer,
+      entitlements.data,
+      accountId,
+      false,
+      this.getSyncTimestamp(event, refetched)
+    );
+  }
+  getSyncTimestamp(event, refetched) {
+    return refetched ? (/* @__PURE__ */ new Date()).toISOString() : new Date(event.created * 1e3).toISOString();
+  }
+  shouldRefetchEntity(entity) {
+    return this.config.revalidateObjectsViaStripeApi?.includes(entity.object);
+  }
+  async fetchOrUseWebhookData(entity, fetchFn, entityInFinalState) {
+    if (!entity.id) return { entity, refetched: false };
+    if (entityInFinalState && entityInFinalState(entity)) return { entity, refetched: false };
+    if (this.shouldRefetchEntity(entity)) {
+      const fetchedEntity = await fetchFn(entity.id);
+      return { entity: fetchedEntity, refetched: true };
+    }
+    return { entity, refetched: false };
+  }
+  async syncSingleEntity(stripeId) {
+    const accountId = await this.getAccountId();
+    if (stripeId.startsWith("cus_")) {
+      return this.stripe.customers.retrieve(stripeId).then((it) => {
+        if (!it || it.deleted) return;
+        return this.upsertCustomers([it], accountId);
+      });
+    } else if (stripeId.startsWith("in_")) {
+      return this.stripe.invoices.retrieve(stripeId).then((it) => this.upsertInvoices([it], accountId));
+    } else if (stripeId.startsWith("price_")) {
+      return this.stripe.prices.retrieve(stripeId).then((it) => this.upsertPrices([it], accountId));
+    } else if (stripeId.startsWith("prod_")) {
+      return this.stripe.products.retrieve(stripeId).then((it) => this.upsertProducts([it], accountId));
+    } else if (stripeId.startsWith("sub_")) {
+      return this.stripe.subscriptions.retrieve(stripeId).then((it) => this.upsertSubscriptions([it], accountId));
+    } else if (stripeId.startsWith("seti_")) {
+      return this.stripe.setupIntents.retrieve(stripeId).then((it) => this.upsertSetupIntents([it], accountId));
+    } else if (stripeId.startsWith("pm_")) {
+      return this.stripe.paymentMethods.retrieve(stripeId).then((it) => this.upsertPaymentMethods([it], accountId));
+    } else if (stripeId.startsWith("dp_") || stripeId.startsWith("du_")) {
+      return this.stripe.disputes.retrieve(stripeId).then((it) => this.upsertDisputes([it], accountId));
+    } else if (stripeId.startsWith("ch_")) {
+      return this.stripe.charges.retrieve(stripeId).then((it) => this.upsertCharges([it], accountId, true));
+    } else if (stripeId.startsWith("pi_")) {
+      return this.stripe.paymentIntents.retrieve(stripeId).then((it) => this.upsertPaymentIntents([it], accountId));
+    } else if (stripeId.startsWith("txi_")) {
+      return this.stripe.taxIds.retrieve(stripeId).then((it) => this.upsertTaxIds([it], accountId));
+    } else if (stripeId.startsWith("cn_")) {
+      return this.stripe.creditNotes.retrieve(stripeId).then((it) => this.upsertCreditNotes([it], accountId));
+    } else if (stripeId.startsWith("issfr_")) {
+      return this.stripe.radar.earlyFraudWarnings.retrieve(stripeId).then((it) => this.upsertEarlyFraudWarning([it], accountId));
+    } else if (stripeId.startsWith("prv_")) {
+      return this.stripe.reviews.retrieve(stripeId).then((it) => this.upsertReviews([it], accountId));
+    } else if (stripeId.startsWith("re_")) {
+      return this.stripe.refunds.retrieve(stripeId).then((it) => this.upsertRefunds([it], accountId));
+    } else if (stripeId.startsWith("feat_")) {
+      return this.stripe.entitlements.features.retrieve(stripeId).then((it) => this.upsertFeatures([it], accountId));
+    } else if (stripeId.startsWith("cs_")) {
+      return this.stripe.checkout.sessions.retrieve(stripeId).then((it) => this.upsertCheckoutSessions([it], accountId));
+    }
+  }
+  /**
+   * Process one page of items for the specified object type.
+   * Returns the number of items processed and whether there are more pages.
+   *
+   * This method is designed for queue-based consumption where each page
+   * is processed as a separate job. Uses the observable sync system for tracking.
+   *
+   * @param object - The Stripe object type to sync (e.g., 'customer', 'product')
+   * @param params - Optional parameters for filtering and run context
+   * @returns ProcessNextResult with processed count, hasMore flag, and runStartedAt
+   *
+   * @example
+   * ```typescript
+   * // Queue worker
+   * const { hasMore, runStartedAt } = await stripeSync.processNext('customer')
+   * if (hasMore) {
+   *   await queue.send({ object: 'customer', runStartedAt })
+   * }
+   * ```
+   */
+  async processNext(object, params) {
+    await this.getCurrentAccount();
+    const accountId = await this.getAccountId();
+    const resourceName = this.getResourceName(object);
+    let runStartedAt;
+    if (params?.runStartedAt) {
+      runStartedAt = params.runStartedAt;
+    } else {
+      const { runKey } = await this.joinOrCreateSyncRun(params?.triggeredBy ?? "processNext");
+      runStartedAt = runKey.runStartedAt;
+    }
+    await this.postgresClient.createObjectRuns(accountId, runStartedAt, [resourceName]);
+    const objRun = await this.postgresClient.getObjectRun(accountId, runStartedAt, resourceName);
+    if (objRun?.status === "complete" || objRun?.status === "error") {
+      return {
+        processed: 0,
+        hasMore: false,
+        runStartedAt
+      };
+    }
+    if (objRun?.status === "pending") {
+      const started = await this.postgresClient.tryStartObjectSync(
+        accountId,
+        runStartedAt,
+        resourceName
+      );
+      if (!started) {
+        return {
+          processed: 0,
+          hasMore: true,
+          runStartedAt
+        };
+      }
+    }
+    let cursor = null;
+    if (!params?.created) {
+      if (objRun?.cursor) {
+        cursor = parseInt(objRun.cursor);
+      } else {
+        const lastCursor = await this.postgresClient.getLastCompletedCursor(accountId, resourceName);
+        cursor = lastCursor ? parseInt(lastCursor) : null;
+      }
+    }
+    const result = await this.fetchOnePage(
+      object,
+      accountId,
+      resourceName,
+      runStartedAt,
+      cursor,
+      params
+    );
+    return result;
+  }
+  /**
+   * Get the database resource name for a SyncObject type
+   */
+  getResourceName(object) {
+    const mapping = {
+      customer: "customers",
+      invoice: "invoices",
+      price: "prices",
+      product: "products",
+      subscription: "subscriptions",
+      subscription_schedules: "subscription_schedules",
+      setup_intent: "setup_intents",
+      payment_method: "payment_methods",
+      dispute: "disputes",
+      charge: "charges",
+      payment_intent: "payment_intents",
+      plan: "plans",
+      tax_id: "tax_ids",
+      credit_note: "credit_notes",
+      early_fraud_warning: "early_fraud_warnings",
+      refund: "refunds",
+      checkout_sessions: "checkout_sessions"
+    };
+    return mapping[object] || object;
+  }
+  /**
+   * Fetch one page of items from Stripe and upsert to database.
+   * Uses resourceRegistry for DRY list/upsert operations.
+   * Uses the observable sync system for tracking progress.
+   */
+  async fetchOnePage(object, accountId, resourceName, runStartedAt, cursor, params) {
+    const limit = 100;
+    if (object === "payment_method" || object === "tax_id") {
+      this.config.logger?.warn(`processNext for ${object} requires customer context`);
+      await this.postgresClient.completeObjectSync(accountId, runStartedAt, resourceName);
+      return { processed: 0, hasMore: false, runStartedAt };
+    }
+    const config = this.resourceRegistry[object];
+    if (!config) {
+      throw new Error(`Unsupported object type for processNext: ${object}`);
+    }
+    try {
+      const listParams = { limit };
+      if (config.supportsCreatedFilter) {
+        const created = params?.created ?? (cursor ? { gte: cursor } : void 0);
+        if (created) {
+          listParams.created = created;
+        }
+      }
+      const response = await config.listFn(listParams);
+      if (response.data.length > 0) {
+        this.config.logger?.info(`processNext: upserting ${response.data.length} ${resourceName}`);
+        await config.upsertFn(response.data, accountId, params?.backfillRelatedEntities);
+        await this.postgresClient.incrementObjectProgress(
+          accountId,
+          runStartedAt,
+          resourceName,
+          response.data.length
+        );
+        const maxCreated = Math.max(
+          ...response.data.map((i) => i.created || 0)
+        );
+        if (maxCreated > 0) {
+          await this.postgresClient.updateObjectCursor(
+            accountId,
+            runStartedAt,
+            resourceName,
+            String(maxCreated)
+          );
+        }
+      }
+      if (!response.has_more) {
+        await this.postgresClient.completeObjectSync(accountId, runStartedAt, resourceName);
+      }
+      return {
+        processed: response.data.length,
+        hasMore: response.has_more,
+        runStartedAt
+      };
+    } catch (error) {
+      await this.postgresClient.failObjectSync(
+        accountId,
+        runStartedAt,
+        resourceName,
+        error instanceof Error ? error.message : "Unknown error"
+      );
+      throw error;
+    }
+  }
+  /**
+   * Process all pages for all (or specified) object types until complete.
+   *
+   * @param params - Optional parameters for filtering and specifying object types
+   * @returns SyncBackfill with counts for each synced resource type
+   */
+  /**
+   * Process all pages for a single object type until complete.
+   * Loops processNext() internally until hasMore is false.
+   *
+   * @param object - The object type to sync
+   * @param runStartedAt - The sync run to use (for sharing across objects)
+   * @param params - Optional sync parameters
+   * @returns Sync result with count of synced items
+   */
+  async processObjectUntilDone(object, runStartedAt, params) {
+    let totalSynced = 0;
+    while (true) {
+      const result = await this.processNext(object, {
+        ...params,
+        runStartedAt,
+        triggeredBy: "processUntilDone"
+      });
+      totalSynced += result.processed;
+      if (!result.hasMore) {
+        break;
+      }
+    }
+    return { synced: totalSynced };
+  }
+  /**
+   * Join existing sync run or create a new one.
+   * Returns sync run key and list of supported objects to sync.
+   *
+   * Cooperative behavior: If a sync run already exists, joins it instead of failing.
+   * This is used by workers and background processes that should cooperate.
+   *
+   * @param triggeredBy - What triggered this sync (for observability)
+   * @returns Run key and list of objects to sync
+   */
+  async joinOrCreateSyncRun(triggeredBy = "worker") {
+    await this.getCurrentAccount();
+    const accountId = await this.getAccountId();
+    const result = await this.postgresClient.getOrCreateSyncRun(accountId, triggeredBy);
+    if (!result) {
+      const activeRun = await this.postgresClient.getActiveSyncRun(accountId);
+      if (!activeRun) {
+        throw new Error("Failed to get or create sync run");
+      }
+      return {
+        runKey: { accountId: activeRun.accountId, runStartedAt: activeRun.runStartedAt },
+        objects: this.getSupportedSyncObjects()
+      };
+    }
+    const { accountId: runAccountId, runStartedAt } = result;
+    return {
+      runKey: { accountId: runAccountId, runStartedAt },
+      objects: this.getSupportedSyncObjects()
+    };
+  }
+  async processUntilDone(params) {
+    const { object } = params ?? { object: "all" };
+    const { runKey } = await this.joinOrCreateSyncRun("processUntilDone");
+    return this.processUntilDoneWithRun(runKey.runStartedAt, object, params);
+  }
+  /**
+   * Internal implementation of processUntilDone with an existing run.
+   */
+  async processUntilDoneWithRun(runStartedAt, object, params) {
+    const accountId = await this.getAccountId();
+    const results = {};
+    try {
+      const objectsToSync = object === "all" || object === void 0 ? this.getSupportedSyncObjects() : [object];
+      for (const obj of objectsToSync) {
+        this.config.logger?.info(`Syncing ${obj}`);
+        if (obj === "payment_method") {
+          results.paymentMethods = await this.syncPaymentMethodsWithRun(runStartedAt, params);
+        } else {
+          const result = await this.processObjectUntilDone(obj, runStartedAt, params);
+          switch (obj) {
+            case "product":
+              results.products = result;
+              break;
+            case "price":
+              results.prices = result;
+              break;
+            case "plan":
+              results.plans = result;
+              break;
+            case "customer":
+              results.customers = result;
+              break;
+            case "subscription":
+              results.subscriptions = result;
+              break;
+            case "subscription_schedules":
+              results.subscriptionSchedules = result;
+              break;
+            case "invoice":
+              results.invoices = result;
+              break;
+            case "charge":
+              results.charges = result;
+              break;
+            case "setup_intent":
+              results.setupIntents = result;
+              break;
+            case "payment_intent":
+              results.paymentIntents = result;
+              break;
+            case "tax_id":
+              results.taxIds = result;
+              break;
+            case "credit_note":
+              results.creditNotes = result;
+              break;
+            case "dispute":
+              results.disputes = result;
+              break;
+            case "early_fraud_warning":
+              results.earlyFraudWarnings = result;
+              break;
+            case "refund":
+              results.refunds = result;
+              break;
+            case "checkout_sessions":
+              results.checkoutSessions = result;
+              break;
+          }
+        }
+      }
+      await this.postgresClient.closeSyncRun(accountId, runStartedAt);
+      return results;
+    } catch (error) {
+      await this.postgresClient.closeSyncRun(accountId, runStartedAt);
+      throw error;
+    }
+  }
+  /**
+   * Sync payment methods with an existing run (special case - iterates customers)
+   */
+  async syncPaymentMethodsWithRun(runStartedAt, syncParams) {
+    const accountId = await this.getAccountId();
+    const resourceName = "payment_methods";
+    await this.postgresClient.createObjectRuns(accountId, runStartedAt, [resourceName]);
+    await this.postgresClient.tryStartObjectSync(accountId, runStartedAt, resourceName);
+    try {
+      const prepared = (0, import_yesql2.pg)(
+        `select id from "stripe"."customers" WHERE COALESCE(deleted, false) <> true;`
+      )([]);
+      const customerIds = await this.postgresClient.query(prepared.text, prepared.values).then(({ rows }) => rows.map((it) => it.id));
+      this.config.logger?.info(`Getting payment methods for ${customerIds.length} customers`);
+      let synced = 0;
+      for (const customerIdChunk of chunkArray(customerIds, 10)) {
+        await Promise.all(
+          customerIdChunk.map(async (customerId) => {
+            const CHECKPOINT_SIZE = 100;
+            let currentBatch = [];
+            for await (const item of this.stripe.paymentMethods.list({
+              limit: 100,
+              customer: customerId
+            })) {
+              currentBatch.push(item);
+              if (currentBatch.length >= CHECKPOINT_SIZE) {
+                await this.upsertPaymentMethods(
+                  currentBatch,
+                  accountId,
+                  syncParams?.backfillRelatedEntities
+                );
+                synced += currentBatch.length;
+                await this.postgresClient.incrementObjectProgress(
+                  accountId,
+                  runStartedAt,
+                  resourceName,
+                  currentBatch.length
+                );
+                currentBatch = [];
+              }
+            }
+            if (currentBatch.length > 0) {
+              await this.upsertPaymentMethods(
+                currentBatch,
+                accountId,
+                syncParams?.backfillRelatedEntities
+              );
+              synced += currentBatch.length;
+              await this.postgresClient.incrementObjectProgress(
+                accountId,
+                runStartedAt,
+                resourceName,
+                currentBatch.length
+              );
+            }
+          })
+        );
+      }
+      await this.postgresClient.completeObjectSync(accountId, runStartedAt, resourceName);
+      return { synced };
+    } catch (error) {
+      await this.postgresClient.failObjectSync(
+        accountId,
+        runStartedAt,
+        resourceName,
+        error instanceof Error ? error.message : "Unknown error"
+      );
+      throw error;
+    }
+  }
+  async syncProducts(syncParams) {
+    this.config.logger?.info("Syncing products");
+    return this.withSyncRun("products", "syncProducts", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.products.list(params),
+        (products) => this.upsertProducts(products, accountId),
+        accountId,
+        "products",
+        runStartedAt
+      );
+    });
+  }
+  async syncPrices(syncParams) {
+    this.config.logger?.info("Syncing prices");
+    return this.withSyncRun("prices", "syncPrices", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.prices.list(params),
+        (prices) => this.upsertPrices(prices, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "prices",
+        runStartedAt
+      );
+    });
+  }
+  async syncPlans(syncParams) {
+    this.config.logger?.info("Syncing plans");
+    return this.withSyncRun("plans", "syncPlans", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.plans.list(params),
+        (plans) => this.upsertPlans(plans, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "plans",
+        runStartedAt
+      );
+    });
+  }
+  async syncCustomers(syncParams) {
+    this.config.logger?.info("Syncing customers");
+    return this.withSyncRun("customers", "syncCustomers", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.customers.list(params),
+        // @ts-expect-error
+        (items) => this.upsertCustomers(items, accountId),
+        accountId,
+        "customers",
+        runStartedAt
+      );
+    });
+  }
+  async syncSubscriptions(syncParams) {
+    this.config.logger?.info("Syncing subscriptions");
+    return this.withSyncRun("subscriptions", "syncSubscriptions", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { status: "all", limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.subscriptions.list(params),
+        (items) => this.upsertSubscriptions(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "subscriptions",
+        runStartedAt
+      );
+    });
+  }
+  async syncSubscriptionSchedules(syncParams) {
+    this.config.logger?.info("Syncing subscription schedules");
+    return this.withSyncRun(
+      "subscription_schedules",
+      "syncSubscriptionSchedules",
+      async (cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const params = { limit: 100 };
+        if (syncParams?.created) {
+          params.created = syncParams.created;
+        } else if (cursor) {
+          params.created = { gte: cursor };
+          this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+        }
+        return this.fetchAndUpsert(
+          () => this.stripe.subscriptionSchedules.list(params),
+          (items) => this.upsertSubscriptionSchedules(items, accountId, syncParams?.backfillRelatedEntities),
+          accountId,
+          "subscription_schedules",
+          runStartedAt
+        );
+      }
+    );
+  }
+  async syncInvoices(syncParams) {
+    this.config.logger?.info("Syncing invoices");
+    return this.withSyncRun("invoices", "syncInvoices", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.invoices.list(params),
+        (items) => this.upsertInvoices(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "invoices",
+        runStartedAt
+      );
+    });
+  }
+  async syncCharges(syncParams) {
+    this.config.logger?.info("Syncing charges");
+    return this.withSyncRun("charges", "syncCharges", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.charges.list(params),
+        (items) => this.upsertCharges(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "charges",
+        runStartedAt
+      );
+    });
+  }
+  async syncSetupIntents(syncParams) {
+    this.config.logger?.info("Syncing setup_intents");
+    return this.withSyncRun("setup_intents", "syncSetupIntents", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.setupIntents.list(params),
+        (items) => this.upsertSetupIntents(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "setup_intents",
+        runStartedAt
+      );
+    });
+  }
+  async syncPaymentIntents(syncParams) {
+    this.config.logger?.info("Syncing payment_intents");
+    return this.withSyncRun(
+      "payment_intents",
+      "syncPaymentIntents",
+      async (cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const params = { limit: 100 };
+        if (syncParams?.created) {
+          params.created = syncParams.created;
+        } else if (cursor) {
+          params.created = { gte: cursor };
+          this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+        }
+        return this.fetchAndUpsert(
+          () => this.stripe.paymentIntents.list(params),
+          (items) => this.upsertPaymentIntents(items, accountId, syncParams?.backfillRelatedEntities),
+          accountId,
+          "payment_intents",
+          runStartedAt
+        );
+      }
+    );
+  }
+  async syncTaxIds(syncParams) {
+    this.config.logger?.info("Syncing tax_ids");
+    return this.withSyncRun("tax_ids", "syncTaxIds", async (_cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      return this.fetchAndUpsert(
+        () => this.stripe.taxIds.list(params),
+        (items) => this.upsertTaxIds(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "tax_ids",
+        runStartedAt
+      );
+    });
+  }
+  async syncPaymentMethods(syncParams) {
+    this.config.logger?.info("Syncing payment method");
+    return this.withSyncRun(
+      "payment_methods",
+      "syncPaymentMethods",
+      async (_cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const prepared = (0, import_yesql2.pg)(
+          `select id from "stripe"."customers" WHERE COALESCE(deleted, false) <> true;`
+        )([]);
+        const customerIds = await this.postgresClient.query(prepared.text, prepared.values).then(({ rows }) => rows.map((it) => it.id));
+        this.config.logger?.info(`Getting payment methods for ${customerIds.length} customers`);
+        let synced = 0;
+        for (const customerIdChunk of chunkArray(customerIds, 10)) {
+          await Promise.all(
+            customerIdChunk.map(async (customerId) => {
+              const CHECKPOINT_SIZE = 100;
+              let currentBatch = [];
+              for await (const item of this.stripe.paymentMethods.list({
+                limit: 100,
+                customer: customerId
+              })) {
+                currentBatch.push(item);
+                if (currentBatch.length >= CHECKPOINT_SIZE) {
+                  await this.upsertPaymentMethods(
+                    currentBatch,
+                    accountId,
+                    syncParams?.backfillRelatedEntities
+                  );
+                  synced += currentBatch.length;
+                  await this.postgresClient.incrementObjectProgress(
+                    accountId,
+                    runStartedAt,
+                    "payment_methods",
+                    currentBatch.length
+                  );
+                  currentBatch = [];
+                }
+              }
+              if (currentBatch.length > 0) {
+                await this.upsertPaymentMethods(
+                  currentBatch,
+                  accountId,
+                  syncParams?.backfillRelatedEntities
+                );
+                synced += currentBatch.length;
+                await this.postgresClient.incrementObjectProgress(
+                  accountId,
+                  runStartedAt,
+                  "payment_methods",
+                  currentBatch.length
+                );
+              }
+            })
+          );
+        }
+        await this.postgresClient.completeObjectSync(accountId, runStartedAt, "payment_methods");
+        return { synced };
+      }
+    );
+  }
+  async syncDisputes(syncParams) {
+    this.config.logger?.info("Syncing disputes");
+    return this.withSyncRun("disputes", "syncDisputes", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.disputes.list(params),
+        (items) => this.upsertDisputes(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "disputes",
+        runStartedAt
+      );
+    });
+  }
+  async syncEarlyFraudWarnings(syncParams) {
+    this.config.logger?.info("Syncing early fraud warnings");
+    return this.withSyncRun(
+      "early_fraud_warnings",
+      "syncEarlyFraudWarnings",
+      async (cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const params = { limit: 100 };
+        if (syncParams?.created) {
+          params.created = syncParams.created;
+        } else if (cursor) {
+          params.created = { gte: cursor };
+          this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+        }
+        return this.fetchAndUpsert(
+          () => this.stripe.radar.earlyFraudWarnings.list(params),
+          (items) => this.upsertEarlyFraudWarning(items, accountId, syncParams?.backfillRelatedEntities),
+          accountId,
+          "early_fraud_warnings",
+          runStartedAt
+        );
+      }
+    );
+  }
+  async syncRefunds(syncParams) {
+    this.config.logger?.info("Syncing refunds");
+    return this.withSyncRun("refunds", "syncRefunds", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.refunds.list(params),
+        (items) => this.upsertRefunds(items, accountId, syncParams?.backfillRelatedEntities),
+        accountId,
+        "refunds",
+        runStartedAt
+      );
+    });
+  }
+  async syncCreditNotes(syncParams) {
+    this.config.logger?.info("Syncing credit notes");
+    return this.withSyncRun("credit_notes", "syncCreditNotes", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = { limit: 100 };
+      if (syncParams?.created) {
+        params.created = syncParams.created;
+      } else if (cursor) {
+        params.created = { gte: cursor };
+        this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+      }
+      return this.fetchAndUpsert(
+        () => this.stripe.creditNotes.list(params),
+        (creditNotes) => this.upsertCreditNotes(creditNotes, accountId),
+        accountId,
+        "credit_notes",
+        runStartedAt
+      );
+    });
+  }
+  async syncFeatures(syncParams) {
+    this.config.logger?.info("Syncing features");
+    return this.withSyncRun("features", "syncFeatures", async (cursor, runStartedAt) => {
+      const accountId = await this.getAccountId();
+      const params = {
+        limit: 100,
+        ...syncParams?.pagination
+      };
+      return this.fetchAndUpsert(
+        () => this.stripe.entitlements.features.list(params),
+        (features) => this.upsertFeatures(features, accountId),
+        accountId,
+        "features",
+        runStartedAt
+      );
+    });
+  }
+  async syncEntitlements(customerId, syncParams) {
+    this.config.logger?.info("Syncing entitlements");
+    return this.withSyncRun(
+      "active_entitlements",
+      "syncEntitlements",
+      async (cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const params = {
+          customer: customerId,
+          limit: 100,
+          ...syncParams?.pagination
+        };
+        return this.fetchAndUpsert(
+          () => this.stripe.entitlements.activeEntitlements.list(params),
+          (entitlements) => this.upsertActiveEntitlements(customerId, entitlements, accountId),
+          accountId,
+          "active_entitlements",
+          runStartedAt
+        );
+      }
+    );
+  }
+  async syncCheckoutSessions(syncParams) {
+    this.config.logger?.info("Syncing checkout sessions");
+    return this.withSyncRun(
+      "checkout_sessions",
+      "syncCheckoutSessions",
+      async (cursor, runStartedAt) => {
+        const accountId = await this.getAccountId();
+        const params = { limit: 100 };
+        if (syncParams?.created) {
+          params.created = syncParams.created;
+        } else if (cursor) {
+          params.created = { gte: cursor };
+          this.config.logger?.info(`Incremental sync from cursor: ${cursor}`);
+        }
+        return this.fetchAndUpsert(
+          () => this.stripe.checkout.sessions.list(params),
+          (items) => this.upsertCheckoutSessions(items, accountId, syncParams?.backfillRelatedEntities),
+          accountId,
+          "checkout_sessions",
+          runStartedAt
+        );
+      }
+    );
+  }
+  /**
+   * Helper to wrap a sync operation in the observable sync system.
+   * Creates/gets a sync run, sets up the object run, gets cursor, and handles completion.
+   *
+   * @param resourceName - The resource being synced (e.g., 'products', 'customers')
+   * @param triggeredBy - What triggered this sync (for observability)
+   * @param fn - The sync function to execute, receives cursor and runStartedAt
+   * @returns The result of the sync function
+   */
+  async withSyncRun(resourceName, triggeredBy, fn) {
+    const accountId = await this.getAccountId();
+    const lastCursor = await this.postgresClient.getLastCompletedCursor(accountId, resourceName);
+    const cursor = lastCursor ? parseInt(lastCursor) : null;
+    const runKey = await this.postgresClient.getOrCreateSyncRun(accountId, triggeredBy);
+    if (!runKey) {
+      const activeRun = await this.postgresClient.getActiveSyncRun(accountId);
+      if (!activeRun) {
+        throw new Error("Failed to get or create sync run");
+      }
+      throw new Error("Another sync is already running for this account");
+    }
+    const { runStartedAt } = runKey;
+    await this.postgresClient.createObjectRuns(accountId, runStartedAt, [resourceName]);
+    await this.postgresClient.tryStartObjectSync(accountId, runStartedAt, resourceName);
+    try {
+      const result = await fn(cursor, runStartedAt);
+      await this.postgresClient.completeObjectSync(accountId, runStartedAt, resourceName);
+      return result;
+    } catch (error) {
+      await this.postgresClient.failObjectSync(
+        accountId,
+        runStartedAt,
+        resourceName,
+        error instanceof Error ? error.message : "Unknown error"
+      );
+      throw error;
+    }
+  }
+  async fetchAndUpsert(fetch2, upsert, accountId, resourceName, runStartedAt) {
+    const CHECKPOINT_SIZE = 100;
+    let totalSynced = 0;
+    let currentBatch = [];
+    try {
+      this.config.logger?.info("Fetching items to sync from Stripe");
+      try {
+        for await (const item of fetch2()) {
+          currentBatch.push(item);
+          if (currentBatch.length >= CHECKPOINT_SIZE) {
+            this.config.logger?.info(`Upserting batch of ${currentBatch.length} items`);
+            await upsert(currentBatch, accountId);
+            totalSynced += currentBatch.length;
+            await this.postgresClient.incrementObjectProgress(
+              accountId,
+              runStartedAt,
+              resourceName,
+              currentBatch.length
+            );
+            const maxCreated = Math.max(
+              ...currentBatch.map((i) => i.created || 0)
+            );
+            if (maxCreated > 0) {
+              await this.postgresClient.updateObjectCursor(
+                accountId,
+                runStartedAt,
+                resourceName,
+                String(maxCreated)
+              );
+              this.config.logger?.info(`Checkpoint: cursor updated to ${maxCreated}`);
+            }
+            currentBatch = [];
+          }
+        }
+        if (currentBatch.length > 0) {
+          this.config.logger?.info(`Upserting final batch of ${currentBatch.length} items`);
+          await upsert(currentBatch, accountId);
+          totalSynced += currentBatch.length;
+          await this.postgresClient.incrementObjectProgress(
+            accountId,
+            runStartedAt,
+            resourceName,
+            currentBatch.length
+          );
+          const maxCreated = Math.max(
+            ...currentBatch.map((i) => i.created || 0)
+          );
+          if (maxCreated > 0) {
+            await this.postgresClient.updateObjectCursor(
+              accountId,
+              runStartedAt,
+              resourceName,
+              String(maxCreated)
+            );
+          }
+        }
+      } catch (error) {
+        if (currentBatch.length > 0) {
+          this.config.logger?.info(
+            `Error occurred, saving partial progress: ${currentBatch.length} items`
+          );
+          await upsert(currentBatch, accountId);
+          totalSynced += currentBatch.length;
+          await this.postgresClient.incrementObjectProgress(
+            accountId,
+            runStartedAt,
+            resourceName,
+            currentBatch.length
+          );
+          const maxCreated = Math.max(
+            ...currentBatch.map((i) => i.created || 0)
+          );
+          if (maxCreated > 0) {
+            await this.postgresClient.updateObjectCursor(
+              accountId,
+              runStartedAt,
+              resourceName,
+              String(maxCreated)
+            );
+          }
+        }
+        throw error;
+      }
+      await this.postgresClient.completeObjectSync(accountId, runStartedAt, resourceName);
+      this.config.logger?.info(`Sync complete: ${totalSynced} items synced`);
+      return { synced: totalSynced };
+    } catch (error) {
+      await this.postgresClient.failObjectSync(
+        accountId,
+        runStartedAt,
+        resourceName,
+        error instanceof Error ? error.message : "Unknown error"
+      );
+      throw error;
+    }
+  }
+  async upsertCharges(charges, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(charges, "customer"), accountId),
+        this.backfillInvoices(getUniqueIds(charges, "invoice"), accountId)
+      ]);
+    }
+    await this.expandEntity(
+      charges,
+      "refunds",
+      (id) => this.stripe.refunds.list({ charge: id, limit: 100 })
+    );
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      charges,
+      "charges",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async backfillCharges(chargeIds, accountId) {
+    const missingChargeIds = await this.postgresClient.findMissingEntries("charges", chargeIds);
+    await this.fetchMissingEntities(
+      missingChargeIds,
+      (id) => this.stripe.charges.retrieve(id)
+    ).then((charges) => this.upsertCharges(charges, accountId));
+  }
+  async backfillPaymentIntents(paymentIntentIds, accountId) {
+    const missingIds = await this.postgresClient.findMissingEntries(
+      "payment_intents",
+      paymentIntentIds
+    );
+    await this.fetchMissingEntities(
+      missingIds,
+      (id) => this.stripe.paymentIntents.retrieve(id)
+    ).then((paymentIntents) => this.upsertPaymentIntents(paymentIntents, accountId));
+  }
+  async upsertCreditNotes(creditNotes, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(creditNotes, "customer"), accountId),
+        this.backfillInvoices(getUniqueIds(creditNotes, "invoice"), accountId)
+      ]);
+    }
+    await this.expandEntity(
+      creditNotes,
+      "lines",
+      (id) => this.stripe.creditNotes.listLineItems(id, { limit: 100 })
+    );
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      creditNotes,
+      "credit_notes",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertCheckoutSessions(checkoutSessions, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(checkoutSessions, "customer"), accountId),
+        this.backfillSubscriptions(getUniqueIds(checkoutSessions, "subscription"), accountId),
+        this.backfillPaymentIntents(getUniqueIds(checkoutSessions, "payment_intent"), accountId),
+        this.backfillInvoices(getUniqueIds(checkoutSessions, "invoice"), accountId)
+      ]);
+    }
+    const rows = await this.postgresClient.upsertManyWithTimestampProtection(
+      checkoutSessions,
+      "checkout_sessions",
+      accountId,
+      syncTimestamp
+    );
+    await this.fillCheckoutSessionsLineItems(
+      checkoutSessions.map((cs) => cs.id),
+      accountId,
+      syncTimestamp
+    );
+    return rows;
+  }
+  async upsertEarlyFraudWarning(earlyFraudWarnings, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillPaymentIntents(getUniqueIds(earlyFraudWarnings, "payment_intent"), accountId),
+        this.backfillCharges(getUniqueIds(earlyFraudWarnings, "charge"), accountId)
+      ]);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      earlyFraudWarnings,
+      "early_fraud_warnings",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertRefunds(refunds, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillPaymentIntents(getUniqueIds(refunds, "payment_intent"), accountId),
+        this.backfillCharges(getUniqueIds(refunds, "charge"), accountId)
+      ]);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      refunds,
+      "refunds",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertReviews(reviews, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillPaymentIntents(getUniqueIds(reviews, "payment_intent"), accountId),
+        this.backfillCharges(getUniqueIds(reviews, "charge"), accountId)
+      ]);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      reviews,
+      "reviews",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertCustomers(customers, accountId, syncTimestamp) {
+    const deletedCustomers = customers.filter((customer) => customer.deleted);
+    const nonDeletedCustomers = customers.filter((customer) => !customer.deleted);
+    await this.postgresClient.upsertManyWithTimestampProtection(
+      nonDeletedCustomers,
+      "customers",
+      accountId,
+      syncTimestamp
+    );
+    await this.postgresClient.upsertManyWithTimestampProtection(
+      deletedCustomers,
+      "customers",
+      accountId,
+      syncTimestamp
+    );
+    return customers;
+  }
+  async backfillCustomers(customerIds, accountId) {
+    const missingIds = await this.postgresClient.findMissingEntries("customers", customerIds);
+    await this.fetchMissingEntities(missingIds, (id) => this.stripe.customers.retrieve(id)).then((entries) => this.upsertCustomers(entries, accountId)).catch((err) => {
+      this.config.logger?.error(err, "Failed to backfill");
+      throw err;
+    });
+  }
+  async upsertDisputes(disputes, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillCharges(getUniqueIds(disputes, "charge"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      disputes,
+      "disputes",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertInvoices(invoices, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(invoices, "customer"), accountId),
+        this.backfillSubscriptions(getUniqueIds(invoices, "subscription"), accountId)
+      ]);
+    }
+    await this.expandEntity(
+      invoices,
+      "lines",
+      (id) => this.stripe.invoices.listLineItems(id, { limit: 100 })
+    );
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      invoices,
+      "invoices",
+      accountId,
+      syncTimestamp
+    );
+  }
+  backfillInvoices = async (invoiceIds, accountId) => {
+    const missingIds = await this.postgresClient.findMissingEntries("invoices", invoiceIds);
+    await this.fetchMissingEntities(missingIds, (id) => this.stripe.invoices.retrieve(id)).then(
+      (entries) => this.upsertInvoices(entries, accountId)
+    );
+  };
+  backfillPrices = async (priceIds, accountId) => {
+    const missingIds = await this.postgresClient.findMissingEntries("prices", priceIds);
+    await this.fetchMissingEntities(missingIds, (id) => this.stripe.prices.retrieve(id)).then(
+      (entries) => this.upsertPrices(entries, accountId)
+    );
+  };
+  async upsertPlans(plans, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillProducts(getUniqueIds(plans, "product"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      plans,
+      "plans",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async deletePlan(id) {
+    return this.postgresClient.delete("plans", id);
+  }
+  async upsertPrices(prices, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillProducts(getUniqueIds(prices, "product"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      prices,
+      "prices",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async deletePrice(id) {
+    return this.postgresClient.delete("prices", id);
+  }
+  async upsertProducts(products, accountId, syncTimestamp) {
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      products,
+      "products",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async deleteProduct(id) {
+    return this.postgresClient.delete("products", id);
+  }
+  async backfillProducts(productIds, accountId) {
+    const missingProductIds = await this.postgresClient.findMissingEntries("products", productIds);
+    await this.fetchMissingEntities(
+      missingProductIds,
+      (id) => this.stripe.products.retrieve(id)
+    ).then((products) => this.upsertProducts(products, accountId));
+  }
+  async upsertPaymentIntents(paymentIntents, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(paymentIntents, "customer"), accountId),
+        this.backfillInvoices(getUniqueIds(paymentIntents, "invoice"), accountId)
+      ]);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      paymentIntents,
+      "payment_intents",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertPaymentMethods(paymentMethods, accountId, backfillRelatedEntities = false, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillCustomers(getUniqueIds(paymentMethods, "customer"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      paymentMethods,
+      "payment_methods",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertSetupIntents(setupIntents, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillCustomers(getUniqueIds(setupIntents, "customer"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      setupIntents,
+      "setup_intents",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async upsertTaxIds(taxIds, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await this.backfillCustomers(getUniqueIds(taxIds, "customer"), accountId);
+    }
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      taxIds,
+      "tax_ids",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async deleteTaxId(id) {
+    return this.postgresClient.delete("tax_ids", id);
+  }
+  async upsertSubscriptionItems(subscriptionItems, accountId, syncTimestamp) {
+    const modifiedSubscriptionItems = subscriptionItems.map((subscriptionItem) => {
+      const priceId = subscriptionItem.price.id.toString();
+      const deleted = subscriptionItem.deleted;
+      const quantity = subscriptionItem.quantity;
+      return {
+        ...subscriptionItem,
+        price: priceId,
+        deleted: deleted ?? false,
+        quantity: quantity ?? null
+      };
+    });
+    await this.postgresClient.upsertManyWithTimestampProtection(
+      modifiedSubscriptionItems,
+      "subscription_items",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async fillCheckoutSessionsLineItems(checkoutSessionIds, accountId, syncTimestamp) {
+    for (const checkoutSessionId of checkoutSessionIds) {
+      const lineItemResponses = [];
+      for await (const lineItem of this.stripe.checkout.sessions.listLineItems(checkoutSessionId, {
+        limit: 100
+      })) {
+        lineItemResponses.push(lineItem);
+      }
+      await this.upsertCheckoutSessionLineItems(
+        lineItemResponses,
+        checkoutSessionId,
+        accountId,
+        syncTimestamp
+      );
+    }
+  }
+  async upsertCheckoutSessionLineItems(lineItems, checkoutSessionId, accountId, syncTimestamp) {
+    await this.backfillPrices(
+      lineItems.map((lineItem) => lineItem.price?.id?.toString() ?? void 0).filter((id) => id !== void 0),
+      accountId
+    );
+    const modifiedLineItems = lineItems.map((lineItem) => {
+      const priceId = typeof lineItem.price === "object" && lineItem.price?.id ? lineItem.price.id.toString() : lineItem.price?.toString() || null;
+      return {
+        ...lineItem,
+        price: priceId,
+        checkout_session: checkoutSessionId
+      };
+    });
+    await this.postgresClient.upsertManyWithTimestampProtection(
+      modifiedLineItems,
+      "checkout_session_line_items",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async markDeletedSubscriptionItems(subscriptionId, currentSubItemIds) {
+    let prepared = (0, import_yesql2.pg)(`
+    select id from "stripe"."subscription_items"
+    where subscription = :subscriptionId and COALESCE(deleted, false) = false;
+    `)({ subscriptionId });
+    const { rows } = await this.postgresClient.query(prepared.text, prepared.values);
+    const deletedIds = rows.filter(
+      ({ id }) => currentSubItemIds.includes(id) === false
+    );
+    if (deletedIds.length > 0) {
+      const ids = deletedIds.map(({ id }) => id);
+      prepared = (0, import_yesql2.pg)(`
+      update "stripe"."subscription_items"
+      set _raw_data = jsonb_set(_raw_data, '{deleted}', 'true'::jsonb)
+      where id=any(:ids::text[]);
+      `)({ ids });
+      const { rowCount } = await this.postgresClient.query(prepared.text, prepared.values);
+      return { rowCount: rowCount || 0 };
+    } else {
+      return { rowCount: 0 };
+    }
+  }
+  async upsertSubscriptionSchedules(subscriptionSchedules, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      const customerIds = getUniqueIds(subscriptionSchedules, "customer");
+      await this.backfillCustomers(customerIds, accountId);
+    }
+    const rows = await this.postgresClient.upsertManyWithTimestampProtection(
+      subscriptionSchedules,
+      "subscription_schedules",
+      accountId,
+      syncTimestamp
+    );
+    return rows;
+  }
+  async upsertSubscriptions(subscriptions, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      const customerIds = getUniqueIds(subscriptions, "customer");
+      await this.backfillCustomers(customerIds, accountId);
+    }
+    await this.expandEntity(
+      subscriptions,
+      "items",
+      (id) => this.stripe.subscriptionItems.list({ subscription: id, limit: 100 })
+    );
+    const rows = await this.postgresClient.upsertManyWithTimestampProtection(
+      subscriptions,
+      "subscriptions",
+      accountId,
+      syncTimestamp
+    );
+    const allSubscriptionItems = subscriptions.flatMap((subscription) => subscription.items.data);
+    await this.upsertSubscriptionItems(allSubscriptionItems, accountId, syncTimestamp);
+    const markSubscriptionItemsDeleted = [];
+    for (const subscription of subscriptions) {
+      const subscriptionItems = subscription.items.data;
+      const subItemIds = subscriptionItems.map((x) => x.id);
+      markSubscriptionItemsDeleted.push(
+        this.markDeletedSubscriptionItems(subscription.id, subItemIds)
+      );
+    }
+    await Promise.all(markSubscriptionItemsDeleted);
+    return rows;
+  }
+  async deleteRemovedActiveEntitlements(customerId, currentActiveEntitlementIds) {
+    const prepared = (0, import_yesql2.pg)(`
+      delete from "stripe"."active_entitlements"
+      where customer = :customerId and id <> ALL(:currentActiveEntitlementIds::text[]);
+      `)({ customerId, currentActiveEntitlementIds });
+    const { rowCount } = await this.postgresClient.query(prepared.text, prepared.values);
+    return { rowCount: rowCount || 0 };
+  }
+  async upsertFeatures(features, accountId, syncTimestamp) {
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      features,
+      "features",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async backfillFeatures(featureIds, accountId) {
+    const missingFeatureIds = await this.postgresClient.findMissingEntries("features", featureIds);
+    await this.fetchMissingEntities(
+      missingFeatureIds,
+      (id) => this.stripe.entitlements.features.retrieve(id)
+    ).then((features) => this.upsertFeatures(features, accountId)).catch((err) => {
+      this.config.logger?.error(err, "Failed to backfill features");
+      throw err;
+    });
+  }
+  async upsertActiveEntitlements(customerId, activeEntitlements, accountId, backfillRelatedEntities, syncTimestamp) {
+    if (backfillRelatedEntities ?? this.config.backfillRelatedEntities) {
+      await Promise.all([
+        this.backfillCustomers(getUniqueIds(activeEntitlements, "customer"), accountId),
+        this.backfillFeatures(getUniqueIds(activeEntitlements, "feature"), accountId)
+      ]);
+    }
+    const entitlements = activeEntitlements.map((entitlement) => ({
+      id: entitlement.id,
+      object: entitlement.object,
+      feature: typeof entitlement.feature === "string" ? entitlement.feature : entitlement.feature.id,
+      customer: customerId,
+      livemode: entitlement.livemode,
+      lookup_key: entitlement.lookup_key
+    }));
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      entitlements,
+      "active_entitlements",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async findOrCreateManagedWebhook(url, params) {
+    const webhookParams = {
+      enabled_events: this.getSupportedEventTypes(),
+      ...params
+    };
+    const accountId = await this.getAccountId();
+    const lockKey = `webhook:${accountId}:${url}`;
+    return this.postgresClient.withAdvisoryLock(lockKey, async () => {
+      const existingWebhook = await this.getManagedWebhookByUrl(url);
+      if (existingWebhook) {
+        try {
+          const stripeWebhook = await this.stripe.webhookEndpoints.retrieve(existingWebhook.id);
+          if (stripeWebhook.status === "enabled") {
+            return stripeWebhook;
+          }
+          this.config.logger?.info(
+            { webhookId: existingWebhook.id },
+            "Webhook is disabled, deleting and will recreate"
+          );
+          await this.stripe.webhookEndpoints.del(existingWebhook.id);
+          await this.postgresClient.delete("_managed_webhooks", existingWebhook.id);
+        } catch (error) {
+          const stripeError = error;
+          if (stripeError?.statusCode === 404 || stripeError?.code === "resource_missing") {
+            this.config.logger?.warn(
+              { error, webhookId: existingWebhook.id },
+              "Webhook not found in Stripe (404), removing from database"
+            );
+            await this.postgresClient.delete("_managed_webhooks", existingWebhook.id);
+          } else {
+            this.config.logger?.error(
+              { error, webhookId: existingWebhook.id },
+              "Error retrieving webhook from Stripe, keeping in database"
+            );
+            throw error;
+          }
+        }
+      }
+      const allDbWebhooks = await this.listManagedWebhooks();
+      for (const dbWebhook of allDbWebhooks) {
+        if (dbWebhook.url !== url) {
+          this.config.logger?.info(
+            { webhookId: dbWebhook.id, oldUrl: dbWebhook.url, newUrl: url },
+            "Webhook URL mismatch, deleting"
+          );
+          try {
+            await this.stripe.webhookEndpoints.del(dbWebhook.id);
+          } catch (error) {
+            this.config.logger?.warn(
+              { error, webhookId: dbWebhook.id },
+              "Failed to delete old webhook from Stripe"
+            );
+          }
+          await this.postgresClient.delete("_managed_webhooks", dbWebhook.id);
+        }
+      }
+      try {
+        const stripeWebhooks = await this.stripe.webhookEndpoints.list({ limit: 100 });
+        for (const stripeWebhook of stripeWebhooks.data) {
+          const isManagedByMetadata = stripeWebhook.metadata?.managed_by?.toLowerCase().replace(/[\s\-]+/g, "") === "stripesync";
+          const normalizedDescription = stripeWebhook.description?.toLowerCase().replace(/[\s\-]+/g, "") || "";
+          const isManagedByDescription = normalizedDescription.includes("stripesync");
+          if (isManagedByMetadata || isManagedByDescription) {
+            const existsInDb = allDbWebhooks.some((dbWebhook) => dbWebhook.id === stripeWebhook.id);
+            if (!existsInDb) {
+              this.config.logger?.warn(
+                { webhookId: stripeWebhook.id, url: stripeWebhook.url },
+                "Found orphaned managed webhook in Stripe, deleting"
+              );
+              await this.stripe.webhookEndpoints.del(stripeWebhook.id);
+            }
+          }
+        }
+      } catch (error) {
+        this.config.logger?.warn({ error }, "Failed to check for orphaned webhooks");
+      }
+      const webhook = await this.stripe.webhookEndpoints.create({
+        ...webhookParams,
+        url,
+        // Always set metadata to identify managed webhooks
+        metadata: {
+          ...webhookParams.metadata,
+          managed_by: "stripe-sync",
+          version: package_default.version
+        }
+      });
+      const accountId2 = await this.getAccountId();
+      await this.upsertManagedWebhooks([webhook], accountId2);
+      return webhook;
+    });
+  }
+  async getManagedWebhook(id) {
+    const accountId = await this.getAccountId();
+    const result = await this.postgresClient.query(
+      `SELECT * FROM "stripe"."_managed_webhooks" WHERE id = $1 AND "account_id" = $2`,
+      [id, accountId]
+    );
+    return result.rows.length > 0 ? result.rows[0] : null;
+  }
+  /**
+   * Get a managed webhook by URL and account ID.
+   * Used for race condition recovery: when createManagedWebhook hits a unique constraint
+   * violation (another instance created the webhook), we need to fetch the existing webhook
+   * by URL since we only know the URL, not the ID of the webhook that won the race.
+   */
+  async getManagedWebhookByUrl(url) {
+    const accountId = await this.getAccountId();
+    const result = await this.postgresClient.query(
+      `SELECT * FROM "stripe"."_managed_webhooks" WHERE url = $1 AND "account_id" = $2`,
+      [url, accountId]
+    );
+    return result.rows.length > 0 ? result.rows[0] : null;
+  }
+  async listManagedWebhooks() {
+    const accountId = await this.getAccountId();
+    const result = await this.postgresClient.query(
+      `SELECT * FROM "stripe"."_managed_webhooks" WHERE "account_id" = $1 ORDER BY created DESC`,
+      [accountId]
+    );
+    return result.rows;
+  }
+  async updateManagedWebhook(id, params) {
+    const webhook = await this.stripe.webhookEndpoints.update(id, params);
+    const accountId = await this.getAccountId();
+    await this.upsertManagedWebhooks([webhook], accountId);
+    return webhook;
+  }
+  async deleteManagedWebhook(id) {
+    await this.stripe.webhookEndpoints.del(id);
+    return this.postgresClient.delete("_managed_webhooks", id);
+  }
+  async upsertManagedWebhooks(webhooks, accountId, syncTimestamp) {
+    const filteredWebhooks = webhooks.map((webhook) => {
+      const filtered = {};
+      for (const prop of managedWebhookSchema.properties) {
+        if (prop in webhook) {
+          filtered[prop] = webhook[prop];
+        }
+      }
+      return filtered;
+    });
+    return this.postgresClient.upsertManyWithTimestampProtection(
+      filteredWebhooks,
+      "_managed_webhooks",
+      accountId,
+      syncTimestamp
+    );
+  }
+  async backfillSubscriptions(subscriptionIds, accountId) {
+    const missingSubscriptionIds = await this.postgresClient.findMissingEntries(
+      "subscriptions",
+      subscriptionIds
+    );
+    await this.fetchMissingEntities(
+      missingSubscriptionIds,
+      (id) => this.stripe.subscriptions.retrieve(id)
+    ).then((subscriptions) => this.upsertSubscriptions(subscriptions, accountId));
+  }
+  backfillSubscriptionSchedules = async (subscriptionIds, accountId) => {
+    const missingSubscriptionIds = await this.postgresClient.findMissingEntries(
+      "subscription_schedules",
+      subscriptionIds
+    );
+    await this.fetchMissingEntities(
+      missingSubscriptionIds,
+      (id) => this.stripe.subscriptionSchedules.retrieve(id)
+    ).then(
+      (subscriptionSchedules) => this.upsertSubscriptionSchedules(subscriptionSchedules, accountId)
+    );
+  };
+  /**
+   * Stripe only sends the first 10 entries by default, the option will actively fetch all entries.
+   */
+  async expandEntity(entities, property, listFn) {
+    if (!this.config.autoExpandLists) return;
+    for (const entity of entities) {
+      if (entity[property]?.has_more) {
+        const allData = [];
+        for await (const fetchedEntity of listFn(entity.id)) {
+          allData.push(fetchedEntity);
+        }
+        entity[property] = {
+          ...entity[property],
+          data: allData,
+          has_more: false
+        };
+      }
+    }
+  }
+  async fetchMissingEntities(ids, fetch2) {
+    if (!ids.length) return [];
+    const entities = [];
+    for (const id of ids) {
+      const entity = await fetch2(id);
+      entities.push(entity);
+    }
+    return entities;
+  }
+  /**
+   * Closes the database connection pool and cleans up resources.
+   * Call this when you're done using the StripeSync instance.
+   */
+  async close() {
+    await this.postgresClient.pool.end();
+  }
+};
+function chunkArray(array, chunkSize) {
+  const result = [];
+  for (let i = 0; i < array.length; i += chunkSize) {
+    result.push(array.slice(i, i + chunkSize));
+  }
+  return result;
+}
+
+// src/database/migrate.ts
+var import_pg2 = require("pg");
+var import_pg_node_migrations = require("pg-node-migrations");
+var import_node_fs = __toESM(require("fs"), 1);
+var import_node_path = __toESM(require("path"), 1);
+var import_node_url = require("url");
+var __filename2 = (0, import_node_url.fileURLToPath)(importMetaUrl);
+var __dirname = import_node_path.default.dirname(__filename2);
+async function doesTableExist(client, schema, tableName) {
+  const result = await client.query(
+    `SELECT EXISTS (
+      SELECT 1
+      FROM information_schema.tables
+      WHERE table_schema = $1
+      AND table_name = $2
+    )`,
+    [schema, tableName]
+  );
+  return result.rows[0]?.exists || false;
+}
+async function renameMigrationsTableIfNeeded(client, schema = "stripe", logger) {
+  const oldTableExists = await doesTableExist(client, schema, "migrations");
+  const newTableExists = await doesTableExist(client, schema, "_migrations");
+  if (oldTableExists && !newTableExists) {
+    logger?.info("Renaming migrations table to _migrations");
+    await client.query(`ALTER TABLE "${schema}"."migrations" RENAME TO "_migrations"`);
+    logger?.info("Successfully renamed migrations table");
+  }
+}
+async function cleanupSchema(client, schema, logger) {
+  logger?.warn(`Migrations table is empty - dropping and recreating schema "${schema}"`);
+  await client.query(`DROP SCHEMA IF EXISTS "${schema}" CASCADE`);
+  await client.query(`CREATE SCHEMA "${schema}"`);
+  logger?.info(`Schema "${schema}" has been reset`);
+}
+async function connectAndMigrate(client, migrationsDirectory, config, logOnError = false) {
+  if (!import_node_fs.default.existsSync(migrationsDirectory)) {
+    config.logger?.info(`Migrations directory ${migrationsDirectory} not found, skipping`);
+    return;
+  }
+  const optionalConfig = {
+    schemaName: "stripe",
+    tableName: "_migrations"
+  };
+  try {
+    await (0, import_pg_node_migrations.migrate)({ client }, migrationsDirectory, optionalConfig);
+  } catch (error) {
+    if (logOnError && error instanceof Error) {
+      config.logger?.error(error, "Migration error:");
+    } else {
+      throw error;
+    }
+  }
+}
+async function runMigrations(config) {
+  const client = new import_pg2.Client({
+    connectionString: config.databaseUrl,
+    ssl: config.ssl,
+    connectionTimeoutMillis: 1e4
+  });
+  const schema = "stripe";
+  try {
+    await client.connect();
+    await client.query(`CREATE SCHEMA IF NOT EXISTS ${schema};`);
+    await renameMigrationsTableIfNeeded(client, schema, config.logger);
+    const tableExists = await doesTableExist(client, schema, "_migrations");
+    if (tableExists) {
+      const migrationCount = await client.query(
+        `SELECT COUNT(*) as count FROM "${schema}"."_migrations"`
+      );
+      const isEmpty = migrationCount.rows[0]?.count === "0";
+      if (isEmpty) {
+        await cleanupSchema(client, schema, config.logger);
+      }
+    }
+    config.logger?.info("Running migrations");
+    await connectAndMigrate(client, import_node_path.default.resolve(__dirname, "./migrations"), config);
+  } catch (err) {
+    config.logger?.error(err, "Error running migrations");
+    throw err;
+  } finally {
+    await client.end();
+    config.logger?.info("Finished migrations");
+  }
+}
+
+// src/websocket-client.ts
+var import_ws = __toESM(require("ws"), 1);
+var CLI_VERSION = "1.33.0";
+var PONG_WAIT = 10 * 1e3;
+var PING_PERIOD = PONG_WAIT * 2 / 10;
+function getClientUserAgent() {
+  return JSON.stringify({
+    name: "stripe-cli",
+    version: CLI_VERSION,
+    publisher: "stripe",
+    os: process.platform
+  });
+}
+async function createCliSession(stripeApiKey) {
+  const params = new URLSearchParams();
+  params.append("device_name", "stripe-sync-engine");
+  params.append("websocket_features[]", "webhooks");
+  const response = await fetch("https://api.stripe.com/v1/stripecli/sessions", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${stripeApiKey}`,
+      "Content-Type": "application/x-www-form-urlencoded",
+      "User-Agent": `Stripe/v1 stripe-cli/${CLI_VERSION}`,
+      "X-Stripe-Client-User-Agent": getClientUserAgent()
+    },
+    body: params.toString()
+  });
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Failed to create CLI session: ${error}`);
+  }
+  return await response.json();
+}
+async function createStripeWebSocketClient(options) {
+  const { stripeApiKey, onEvent, onReady, onError, onClose } = options;
+  const session = await createCliSession(stripeApiKey);
+  let ws = null;
+  let pingInterval = null;
+  let connected = false;
+  let shouldReconnect = true;
+  function connect() {
+    const wsUrl = `${session.websocket_url}?websocket_feature=${encodeURIComponent(session.websocket_authorized_feature)}`;
+    ws = new import_ws.default(wsUrl, {
+      headers: {
+        "Accept-Encoding": "identity",
+        "User-Agent": `Stripe/v1 stripe-cli/${CLI_VERSION}`,
+        "X-Stripe-Client-User-Agent": getClientUserAgent(),
+        "Websocket-Id": session.websocket_id
+      }
+    });
+    ws.on("pong", () => {
+    });
+    ws.on("open", () => {
+      connected = true;
+      pingInterval = setInterval(() => {
+        if (ws && ws.readyState === import_ws.default.OPEN) {
+          ws.ping();
+        }
+      }, PING_PERIOD);
+      if (onReady) {
+        onReady(session.secret);
+      }
+    });
+    ws.on("message", async (data) => {
+      try {
+        const message = JSON.parse(data.toString());
+        const ack = {
+          type: "event_ack",
+          event_id: message.webhook_id,
+          webhook_conversation_id: message.webhook_conversation_id,
+          webhook_id: message.webhook_id
+        };
+        if (ws && ws.readyState === import_ws.default.OPEN) {
+          ws.send(JSON.stringify(ack));
+        }
+        let response;
+        try {
+          const result = await onEvent(message);
+          response = {
+            type: "webhook_response",
+            webhook_id: message.webhook_id,
+            webhook_conversation_id: message.webhook_conversation_id,
+            forward_url: "stripe-sync-engine",
+            status: result?.status ?? 200,
+            http_headers: {},
+            body: JSON.stringify({
+              event_type: result?.event_type,
+              event_id: result?.event_id,
+              database_url: result?.databaseUrl,
+              error: result?.error
+            }),
+            request_headers: message.http_headers,
+            request_body: message.event_payload,
+            notification_id: message.webhook_id
+          };
+        } catch (err) {
+          const errorMessage = err instanceof Error ? err.message : String(err);
+          response = {
+            type: "webhook_response",
+            webhook_id: message.webhook_id,
+            webhook_conversation_id: message.webhook_conversation_id,
+            forward_url: "stripe-sync-engine",
+            status: 500,
+            http_headers: {},
+            body: JSON.stringify({ error: errorMessage }),
+            request_headers: message.http_headers,
+            request_body: message.event_payload,
+            notification_id: message.webhook_id
+          };
+          if (onError) {
+            onError(err instanceof Error ? err : new Error(errorMessage));
+          }
+        }
+        if (ws && ws.readyState === import_ws.default.OPEN) {
+          ws.send(JSON.stringify(response));
+        }
+      } catch (err) {
+        if (onError) {
+          onError(err instanceof Error ? err : new Error(String(err)));
+        }
+      }
+    });
+    ws.on("error", (error) => {
+      if (onError) {
+        onError(error);
+      }
+    });
+    ws.on("close", (code, reason) => {
+      connected = false;
+      if (pingInterval) {
+        clearInterval(pingInterval);
+        pingInterval = null;
+      }
+      if (onClose) {
+        onClose(code, reason.toString());
+      }
+      if (shouldReconnect) {
+        const delay = (session.reconnect_delay || 5) * 1e3;
+        setTimeout(() => {
+          connect();
+        }, delay);
+      }
+    });
+  }
+  connect();
+  return {
+    close: () => {
+      shouldReconnect = false;
+      if (pingInterval) {
+        clearInterval(pingInterval);
+        pingInterval = null;
+      }
+      if (ws) {
+        ws.close(1e3, "Connection Done");
+        ws = null;
+      }
+    },
+    isConnected: () => connected
+  };
+}
+
+// src/index.ts
+var VERSION = package_default.version;
+
+// src/cli/ngrok.ts
+var import_ngrok = __toESM(require("@ngrok/ngrok"), 1);
+var import_chalk2 = __toESM(require("chalk"), 1);
+async function createTunnel(port, authToken) {
+  try {
+    console.log(import_chalk2.default.blue(`
+Creating ngrok tunnel for port ${port}...`));
+    const listener = await import_ngrok.default.forward({
+      addr: port,
+      authtoken: authToken
+    });
+    const url = listener.url();
+    if (!url) {
+      throw new Error("Failed to get ngrok URL");
+    }
+    console.log(import_chalk2.default.green(`\u2713 ngrok tunnel created: ${url}`));
+    return {
+      url,
+      close: async () => {
+        console.log(import_chalk2.default.blue("\nClosing ngrok tunnel..."));
+        await listener.close();
+        console.log(import_chalk2.default.green("\u2713 ngrok tunnel closed"));
+      }
+    };
+  } catch (error) {
+    console.error(import_chalk2.default.red("\nFailed to create ngrok tunnel:"));
+    if (error instanceof Error) {
+      console.error(import_chalk2.default.red(error.message));
+    }
+    throw error;
+  }
+}
+
+// src/supabase/supabase.ts
+var import_supabase_management_js = require("supabase-management-js");
+
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
+var stripe_setup_default = "import { StripeSync, runMigrations } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
+
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
+var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
+
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-worker.ts
+var stripe_worker_default = "/**\n * Stripe Sync Worker\n *\n * Triggered by pg_cron every 10 seconds. Uses pgmq for durable work queue.\n *\n * Flow:\n * 1. Read batch of messages from pgmq (qty=10, vt=60s)\n * 2. If queue empty: enqueue all objects (continuous sync)\n * 3. Process messages in parallel (Promise.all):\n *    - processNext(object)\n *    - Delete message on success\n *    - Re-enqueue if hasMore\n * 4. Return results summary\n *\n * Concurrency:\n * - Multiple workers can run concurrently via overlapping pg_cron triggers.\n * - Each worker processes its batch of messages in parallel (Promise.all).\n * - pgmq visibility timeout prevents duplicate message reads across workers.\n * - processNext() is idempotent (uses internal cursor tracking), so duplicate\n *   processing on timeout/crash is safe.\n */\n\nimport { StripeSync } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\nconst QUEUE_NAME = 'stripe_sync_work'\nconst VISIBILITY_TIMEOUT = 60 // seconds\nconst BATCH_SIZE = 10\n\nDeno.serve(async (req) => {\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  let sql\n  let stripeSync\n\n  try {\n    sql = postgres(dbUrl, { max: 1, prepare: false })\n  } catch (error) {\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create postgres connection',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 1 },\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n    })\n  } catch (error) {\n    await sql.end()\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create StripeSync',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    // Read batch of messages from queue\n    const messages = await sql`\n      SELECT * FROM pgmq.read(${QUEUE_NAME}::text, ${VISIBILITY_TIMEOUT}::int, ${BATCH_SIZE}::int)\n    `\n\n    // If queue empty, enqueue all objects for continuous sync\n    if (messages.length === 0) {\n      // Create sync run to make enqueued work visible (status='pending')\n      const { objects } = await stripeSync.joinOrCreateSyncRun('worker')\n      const msgs = objects.map((object) => JSON.stringify({ object }))\n\n      await sql`\n        SELECT pgmq.send_batch(\n          ${QUEUE_NAME}::text,\n          ${sql.array(msgs)}::jsonb[]\n        )\n      `\n\n      return new Response(JSON.stringify({ enqueued: objects.length, objects }), {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    // Process messages in parallel\n    const results = await Promise.all(\n      messages.map(async (msg) => {\n        const { object } = msg.message as { object: string }\n\n        try {\n          const result = await stripeSync.processNext(object)\n\n          // Delete message on success (cast to bigint to disambiguate overloaded function)\n          await sql`SELECT pgmq.delete(${QUEUE_NAME}::text, ${msg.msg_id}::bigint)`\n\n          // Re-enqueue if more pages\n          if (result.hasMore) {\n            await sql`SELECT pgmq.send(${QUEUE_NAME}::text, ${sql.json({ object })}::jsonb)`\n          }\n\n          return { object, ...result }\n        } catch (error) {\n          // Log error but continue to next message\n          // Message will become visible again after visibility timeout\n          console.error(`Error processing ${object}:`, error)\n          return {\n            object,\n            processed: 0,\n            hasMore: false,\n            error: error.message,\n            stack: error.stack,\n          }\n        }\n      })\n    )\n\n    return new Response(JSON.stringify({ results }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Worker error:', error)\n    return new Response(JSON.stringify({ error: error.message, stack: error.stack }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    if (sql) await sql.end()\n    if (stripeSync) await stripeSync.postgresClient.pool.end()\n  }\n})\n";
+
+// src/supabase/edge-function-code.ts
+var setupFunctionCode = stripe_setup_default;
+var webhookFunctionCode = stripe_webhook_default;
+var workerFunctionCode = stripe_worker_default;
+
+// src/supabase/supabase.ts
+var import_stripe3 = __toESM(require("stripe"), 1);
+var STRIPE_SCHEMA_COMMENT_PREFIX = "stripe-sync";
+var INSTALLATION_STARTED_SUFFIX = "installation:started";
+var INSTALLATION_ERROR_SUFFIX = "installation:error";
+var INSTALLATION_INSTALLED_SUFFIX = "installed";
+var SupabaseSetupClient = class {
+  api;
+  projectRef;
+  projectBaseUrl;
+  constructor(options) {
+    this.api = new import_supabase_management_js.SupabaseManagementAPI({
+      accessToken: options.accessToken,
+      baseUrl: options.managementApiBaseUrl
+    });
+    this.projectRef = options.projectRef;
+    this.projectBaseUrl = options.projectBaseUrl || process.env.SUPABASE_BASE_URL || "supabase.co";
+  }
+  /**
+   * Validate that the project exists and we have access
+   */
+  async validateProject() {
+    const projects = await this.api.getProjects();
+    const project = projects?.find((p) => p.id === this.projectRef);
+    if (!project) {
+      throw new Error(`Project ${this.projectRef} not found or you don't have access`);
+    }
+    return {
+      id: project.id,
+      name: project.name,
+      region: project.region
+    };
+  }
+  /**
+   * Deploy an Edge Function
+   */
+  async deployFunction(name, code) {
+    const functions = await this.api.listFunctions(this.projectRef);
+    const exists = functions?.some((f) => f.slug === name);
+    if (exists) {
+      await this.api.updateFunction(this.projectRef, name, {
+        body: code,
+        verify_jwt: false
+      });
+    } else {
+      await this.api.createFunction(this.projectRef, {
+        slug: name,
+        name,
+        body: code,
+        verify_jwt: false
+      });
+    }
+  }
+  /**
+   * Set secrets for Edge Functions
+   */
+  async setSecrets(secrets) {
+    await this.api.createSecrets(this.projectRef, secrets);
+  }
+  /**
+   * Run SQL against the database
+   */
+  async runSQL(sql3) {
+    return await this.api.runQuery(this.projectRef, sql3);
+  }
+  /**
+   * Setup pg_cron job to invoke worker function
+   */
+  async setupPgCronJob() {
+    const serviceRoleKey = await this.getServiceRoleKey();
+    const escapedServiceRoleKey = serviceRoleKey.replace(/'/g, "''");
+    const sql3 = `
+      -- Enable extensions
+      CREATE EXTENSION IF NOT EXISTS pg_cron;
+      CREATE EXTENSION IF NOT EXISTS pg_net;
+      CREATE EXTENSION IF NOT EXISTS pgmq;
+
+      -- Create pgmq queue for sync work (idempotent)
+      SELECT pgmq.create('stripe_sync_work')
+      WHERE NOT EXISTS (
+        SELECT 1 FROM pgmq.list_queues() WHERE queue_name = 'stripe_sync_work'
+      );
+
+      -- Store service role key in vault for pg_cron to use
+      -- Delete existing secret if it exists, then create new one
+      DELETE FROM vault.secrets WHERE name = 'stripe_sync_service_role_key';
+      SELECT vault.create_secret('${escapedServiceRoleKey}', 'stripe_sync_service_role_key');
+
+      -- Delete existing jobs if they exist
+      SELECT cron.unschedule('stripe-sync-worker') WHERE EXISTS (
+        SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker'
+      );
+      SELECT cron.unschedule('stripe-sync-scheduler') WHERE EXISTS (
+        SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-scheduler'
+      );
+
+      -- Create job to invoke worker every 10 seconds
+      -- Worker reads from pgmq, enqueues objects if empty, and processes sync work
+      SELECT cron.schedule(
+        'stripe-sync-worker',
+        '10 seconds',
+        $$
+        SELECT net.http_post(
+          url := 'https://${this.projectRef}.${this.projectBaseUrl}/functions/v1/stripe-worker',
+          headers := jsonb_build_object(
+            'Authorization', 'Bearer ' || (SELECT decrypted_secret FROM vault.decrypted_secrets WHERE name = 'stripe_sync_service_role_key')
+          )
+        )
+        $$
+      );
+    `;
+    await this.runSQL(sql3);
+  }
+  /**
+   * Get the webhook URL for this project
+   */
+  getWebhookUrl() {
+    return `https://${this.projectRef}.${this.projectBaseUrl}/functions/v1/stripe-webhook`;
+  }
+  /**
+   * Get the service role key for this project (needed to invoke Edge Functions)
+   */
+  async getServiceRoleKey() {
+    const apiKeys = await this.api.getProjectApiKeys(this.projectRef);
+    const serviceRoleKey = apiKeys?.find((k) => k.name === "service_role");
+    if (!serviceRoleKey) {
+      throw new Error("Could not find service_role API key");
+    }
+    return serviceRoleKey.api_key;
+  }
+  /**
+   * Get the anon key for this project (needed for Realtime subscriptions)
+   */
+  async getAnonKey() {
+    const apiKeys = await this.api.getProjectApiKeys(this.projectRef);
+    const anonKey = apiKeys?.find((k) => k.name === "anon");
+    if (!anonKey) {
+      throw new Error("Could not find anon API key");
+    }
+    return anonKey.api_key;
+  }
+  /**
+   * Get the project URL
+   */
+  getProjectUrl() {
+    return `https://${this.projectRef}.${this.projectBaseUrl}`;
+  }
+  /**
+   * Invoke an Edge Function
+   */
+  async invokeFunction(name, serviceRoleKey) {
+    const url = `https://${this.projectRef}.${this.projectBaseUrl}/functions/v1/${name}`;
+    const response = await fetch(url, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${serviceRoleKey}`,
+        "Content-Type": "application/json"
+      }
+    });
+    if (!response.ok) {
+      const text = await response.text();
+      return { success: false, error: `${response.status}: ${text}` };
+    }
+    const result = await response.json();
+    if (result.success === false) {
+      return { success: false, error: result.error };
+    }
+    return { success: true };
+  }
+  /**
+   * Check if stripe-sync is installed in the database.
+   *
+   * Uses the Supabase Management API to run SQL queries.
+   * Uses duck typing (schema + migrations table) combined with comment validation.
+   * Throws error for legacy installations to prevent accidental corruption.
+   *
+   * @param schema The schema name to check (defaults to 'stripe')
+   * @returns true if properly installed with comment marker, false if not installed
+   * @throws Error if legacy installation detected (schema exists without comment)
+   */
+  async isInstalled(schema = "stripe") {
+    try {
+      const schemaCheck = await this.runSQL(
+        `SELECT EXISTS (
+          SELECT 1 FROM information_schema.schemata
+          WHERE schema_name = '${schema}'
+        ) as schema_exists`
+      );
+      const schemaExists = schemaCheck[0]?.rows?.[0]?.schema_exists === true;
+      if (!schemaExists) {
+        return false;
+      }
+      const migrationsCheck = await this.runSQL(
+        `SELECT EXISTS (
+          SELECT 1 FROM information_schema.tables
+          WHERE table_schema = '${schema}' AND table_name IN ('migrations', '_migrations')
+        ) as table_exists`
+      );
+      const migrationsTableExists = migrationsCheck[0]?.rows?.[0]?.table_exists === true;
+      if (!migrationsTableExists) {
+        return false;
+      }
+      const commentCheck = await this.runSQL(
+        `SELECT obj_description(oid, 'pg_namespace') as comment
+         FROM pg_namespace
+         WHERE nspname = '${schema}'`
+      );
+      const comment = commentCheck[0]?.rows?.[0]?.comment;
+      if (!comment || !comment.includes(STRIPE_SCHEMA_COMMENT_PREFIX)) {
+        throw new Error(
+          `Legacy installation detected: Schema '${schema}' and migrations table exist, but missing stripe-sync comment marker. This may be a legacy installation or manually created schema. Please contact support or manually drop the schema before proceeding.`
+        );
+      }
+      if (comment.includes(INSTALLATION_STARTED_SUFFIX)) {
+        return false;
+      }
+      if (comment.includes(INSTALLATION_ERROR_SUFFIX)) {
+        throw new Error(
+          `Installation failed: Schema '${schema}' exists but installation encountered an error. Comment: ${comment}. Please uninstall and install again.`
+        );
+      }
+      return true;
+    } catch (error) {
+      if (error instanceof Error && (error.message.includes("Legacy installation detected") || error.message.includes("Installation failed"))) {
+        throw error;
+      }
+      return false;
+    }
+  }
+  /**
+   * Update installation progress comment on the stripe schema
+   */
+  async updateInstallationComment(message) {
+    const escapedMessage = message.replace(/'/g, "''");
+    await this.runSQL(`COMMENT ON SCHEMA stripe IS '${escapedMessage}'`);
+  }
+  /**
+   * Delete an Edge Function
+   */
+  async deleteFunction(name) {
+    try {
+      await this.api.deleteFunction(this.projectRef, name);
+    } catch (err) {
+      console.warn(`Could not delete function ${name}:`, err);
+    }
+  }
+  /**
+   * Delete a secret
+   */
+  async deleteSecret(name) {
+    try {
+      await this.api.deleteSecrets(this.projectRef, [name]);
+    } catch (err) {
+      console.warn(`Could not delete secret ${name}:`, err);
+    }
+  }
+  /**
+   * Uninstall stripe-sync from a Supabase project
+   * Removes all Edge Functions, secrets, database resources, and Stripe webhooks
+   */
+  async uninstall(stripeSecretKey) {
+    const stripe = new import_stripe3.default(stripeSecretKey, { apiVersion: "2025-02-24.acacia" });
+    try {
+      try {
+        const webhookResult = await this.runSQL(`
+          SELECT id FROM stripe._managed_webhooks WHERE id IS NOT NULL
+        `);
+        const webhookIds = webhookResult[0]?.rows?.map((r) => r.id) || [];
+        for (const webhookId of webhookIds) {
+          try {
+            await stripe.webhookEndpoints.del(webhookId);
+          } catch (err) {
+            console.warn(`Could not delete Stripe webhook ${webhookId}:`, err);
+          }
+        }
+      } catch (err) {
+        console.warn("Could not query/delete webhooks:", err);
+      }
+      await this.deleteFunction("stripe-setup");
+      await this.deleteFunction("stripe-webhook");
+      await this.deleteFunction("stripe-worker");
+      await this.deleteSecret("STRIPE_SECRET_KEY");
+      try {
+        await this.runSQL(`
+          SELECT cron.unschedule('stripe-sync-worker')
+          WHERE EXISTS (
+            SELECT 1 FROM cron.job WHERE jobname = 'stripe-sync-worker'
+          )
+        `);
+      } catch (err) {
+        console.warn("Could not unschedule pg_cron job:", err);
+      }
+      try {
+        await this.runSQL(`
+          DELETE FROM vault.secrets
+          WHERE name = 'stripe_sync_service_role_key'
+        `);
+      } catch (err) {
+        console.warn("Could not delete vault secret:", err);
+      }
+      await this.runSQL(`DROP SCHEMA IF EXISTS stripe CASCADE`);
+    } catch (error) {
+      throw new Error(`Uninstall failed: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+  /**
+   * Inject package version into Edge Function code
+   */
+  injectPackageVersion(code, version) {
+    if (version === "latest") {
+      return code;
+    }
+    return code.replace(
+      /from ['"]npm:stripe-experiment-sync['"]/g,
+      `from 'npm:stripe-experiment-sync@${version}'`
+    );
+  }
+  async install(stripeKey, packageVersion) {
+    const trimmedStripeKey = stripeKey.trim();
+    if (!trimmedStripeKey.startsWith("sk_") && !trimmedStripeKey.startsWith("rk_")) {
+      throw new Error('Stripe key should start with "sk_" or "rk_"');
+    }
+    const version = packageVersion || "latest";
+    try {
+      await this.validateProject();
+      await this.runSQL(`CREATE SCHEMA IF NOT EXISTS stripe`);
+      await this.updateInstallationComment(
+        `${STRIPE_SCHEMA_COMMENT_PREFIX} v${package_default.version} ${INSTALLATION_STARTED_SUFFIX}`
+      );
+      const versionedSetup = this.injectPackageVersion(setupFunctionCode, version);
+      const versionedWebhook = this.injectPackageVersion(webhookFunctionCode, version);
+      const versionedWorker = this.injectPackageVersion(workerFunctionCode, version);
+      await this.deployFunction("stripe-setup", versionedSetup);
+      await this.deployFunction("stripe-webhook", versionedWebhook);
+      await this.deployFunction("stripe-worker", versionedWorker);
+      await this.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
+      const serviceRoleKey = await this.getServiceRoleKey();
+      const setupResult = await this.invokeFunction("stripe-setup", serviceRoleKey);
+      if (!setupResult.success) {
+        throw new Error(`Setup failed: ${setupResult.error}`);
+      }
+      await this.setupPgCronJob();
+      await this.updateInstallationComment(
+        `${STRIPE_SCHEMA_COMMENT_PREFIX} v${package_default.version} ${INSTALLATION_INSTALLED_SUFFIX}`
+      );
+    } catch (error) {
+      await this.updateInstallationComment(
+        `${STRIPE_SCHEMA_COMMENT_PREFIX} v${package_default.version} ${INSTALLATION_ERROR_SUFFIX} - ${error instanceof Error ? error.message : String(error)}`
+      );
+      throw error;
+    }
+  }
+};
+async function install(params) {
+  const { supabaseAccessToken, supabaseProjectRef, stripeKey, packageVersion } = params;
+  const client = new SupabaseSetupClient({
+    accessToken: supabaseAccessToken,
+    projectRef: supabaseProjectRef,
+    projectBaseUrl: params.baseProjectUrl,
+    managementApiBaseUrl: params.baseManagementApiUrl
+  });
+  await client.install(stripeKey, packageVersion);
+}
+async function uninstall(params) {
+  const { supabaseAccessToken, supabaseProjectRef, stripeKey } = params;
+  const trimmedStripeKey = stripeKey.trim();
+  if (!trimmedStripeKey.startsWith("sk_") && !trimmedStripeKey.startsWith("rk_")) {
+    throw new Error('Stripe key should start with "sk_" or "rk_"');
+  }
+  const client = new SupabaseSetupClient({
+    accessToken: supabaseAccessToken,
+    projectRef: supabaseProjectRef
+  });
+  await client.uninstall(trimmedStripeKey);
+}
+
+// src/cli/commands.ts
+var VALID_SYNC_OBJECTS = [
+  "all",
+  "customer",
+  "customer_with_entitlements",
+  "invoice",
+  "price",
+  "product",
+  "subscription",
+  "subscription_schedules",
+  "setup_intent",
+  "payment_method",
+  "dispute",
+  "charge",
+  "payment_intent",
+  "plan",
+  "tax_id",
+  "credit_note",
+  "early_fraud_warning",
+  "refund",
+  "checkout_sessions"
+];
+async function backfillCommand(options, entityName) {
+  let stripeSync = null;
+  try {
+    if (!VALID_SYNC_OBJECTS.includes(entityName)) {
+      console.error(
+        import_chalk3.default.red(
+          `Error: Invalid entity name "${entityName}". Valid entities are: ${VALID_SYNC_OBJECTS.join(", ")}`
+        )
+      );
+      process.exit(1);
+    }
+    import_dotenv2.default.config();
+    let stripeApiKey = options.stripeKey || process.env.STRIPE_API_KEY || process.env.STRIPE_SECRET_KEY || "";
+    let databaseUrl = options.databaseUrl || process.env.DATABASE_URL || "";
+    if (!stripeApiKey || !databaseUrl) {
+      const inquirer2 = (await import("inquirer")).default;
+      const questions = [];
+      if (!stripeApiKey) {
+        questions.push({
+          type: "password",
+          name: "stripeApiKey",
+          message: "Enter your Stripe API key:",
+          mask: "*",
+          validate: (input) => {
+            if (!input || input.trim() === "") {
+              return "Stripe API key is required";
+            }
+            if (!input.startsWith("sk_")) {
+              return 'Stripe API key should start with "sk_"';
+            }
+            return true;
+          }
+        });
+      }
+      if (!databaseUrl) {
+        questions.push({
+          type: "password",
+          name: "databaseUrl",
+          message: "Enter your Postgres DATABASE_URL:",
+          mask: "*",
+          validate: (input) => {
+            if (!input || input.trim() === "") {
+              return "DATABASE_URL is required";
+            }
+            if (!input.startsWith("postgres://") && !input.startsWith("postgresql://")) {
+              return 'DATABASE_URL should start with "postgres://" or "postgresql://"';
+            }
+            return true;
+          }
+        });
+      }
+      if (questions.length > 0) {
+        console.log(import_chalk3.default.yellow("\nMissing required configuration. Please provide:"));
+        const answers = await inquirer2.prompt(questions);
+        if (answers.stripeApiKey) stripeApiKey = answers.stripeApiKey;
+        if (answers.databaseUrl) databaseUrl = answers.databaseUrl;
+      }
+    }
+    const config = {
+      stripeApiKey,
+      databaseUrl,
+      ngrokAuthToken: ""
+      // Not needed for backfill
+    };
+    console.log(import_chalk3.default.blue(`Backfilling ${entityName} from Stripe in 'stripe' schema...`));
+    console.log(import_chalk3.default.gray(`Database: ${config.databaseUrl.replace(/:[^:@]+@/, ":****@")}`));
+    try {
+      await runMigrations({
+        databaseUrl: config.databaseUrl
+      });
+    } catch (migrationError) {
+      console.error(import_chalk3.default.red("Failed to run migrations:"));
+      console.error(
+        migrationError instanceof Error ? migrationError.message : String(migrationError)
+      );
+      throw migrationError;
+    }
+    const poolConfig = {
+      max: 10,
+      connectionString: config.databaseUrl,
+      keepAlive: true
+    };
+    stripeSync = new StripeSync({
+      databaseUrl: config.databaseUrl,
+      stripeSecretKey: config.stripeApiKey,
+      stripeApiVersion: process.env.STRIPE_API_VERSION || "2020-08-27",
+      autoExpandLists: process.env.AUTO_EXPAND_LISTS === "true",
+      backfillRelatedEntities: process.env.BACKFILL_RELATED_ENTITIES !== "false",
+      poolConfig
+    });
+    const result = await stripeSync.processUntilDone({ object: entityName });
+    const totalSynced = Object.values(result).reduce(
+      (sum, syncResult) => sum + (syncResult?.synced || 0),
+      0
+    );
+    console.log(import_chalk3.default.green(`\u2713 Backfill complete: ${totalSynced} ${entityName} objects synced`));
+    await stripeSync.close();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.red(error.message));
+    }
+    if (stripeSync) {
+      try {
+        await stripeSync.close();
+      } catch {
+      }
+    }
+    process.exit(1);
+  }
+}
+async function migrateCommand(options) {
+  try {
+    import_dotenv2.default.config();
+    let databaseUrl = options.databaseUrl || process.env.DATABASE_URL || "";
+    if (!databaseUrl) {
+      const inquirer2 = (await import("inquirer")).default;
+      const answers = await inquirer2.prompt([
+        {
+          type: "password",
+          name: "databaseUrl",
+          message: "Enter your Postgres DATABASE_URL:",
+          mask: "*",
+          validate: (input) => {
+            if (!input || input.trim() === "") {
+              return "DATABASE_URL is required";
+            }
+            if (!input.startsWith("postgres://") && !input.startsWith("postgresql://")) {
+              return 'DATABASE_URL should start with "postgres://" or "postgresql://"';
+            }
+            return true;
+          }
+        }
+      ]);
+      databaseUrl = answers.databaseUrl;
+    }
+    console.log(import_chalk3.default.blue("Running database migrations in 'stripe' schema..."));
+    console.log(import_chalk3.default.gray(`Database: ${databaseUrl.replace(/:[^:@]+@/, ":****@")}`));
+    try {
+      await runMigrations({
+        databaseUrl
+      });
+      console.log(import_chalk3.default.green("\u2713 Migrations completed successfully"));
+    } catch (migrationError) {
+      console.warn(import_chalk3.default.yellow("Migrations failed."));
+      if (migrationError instanceof Error) {
+        const errorMsg = migrationError.message || migrationError.toString();
+        console.warn("Migration error:", errorMsg);
+        if (migrationError.stack) {
+          console.warn(import_chalk3.default.gray(migrationError.stack));
+        }
+      } else {
+        console.warn("Migration error:", String(migrationError));
+      }
+      throw migrationError;
+    }
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.red(error.message));
+    }
+    process.exit(1);
+  }
+}
+async function syncCommand(options) {
+  let stripeSync = null;
+  let tunnel = null;
+  let server = null;
+  let webhookId = null;
+  let wsClient = null;
+  const cleanup = async (signal) => {
+    console.log(import_chalk3.default.blue(`
+
+Cleaning up... (signal: ${signal || "manual"})`));
+    if (wsClient) {
+      try {
+        wsClient.close();
+        console.log(import_chalk3.default.green("\u2713 WebSocket closed"));
+      } catch {
+        console.log(import_chalk3.default.yellow("\u26A0 Could not close WebSocket"));
+      }
+    }
+    const keepWebhooksOnShutdown = process.env.KEEP_WEBHOOKS_ON_SHUTDOWN === "true";
+    if (webhookId && stripeSync && !keepWebhooksOnShutdown) {
+      try {
+        await stripeSync.deleteManagedWebhook(webhookId);
+        console.log(import_chalk3.default.green("\u2713 Webhook cleanup complete"));
+      } catch {
+        console.log(import_chalk3.default.yellow("\u26A0 Could not delete webhook"));
+      }
+    }
+    if (server) {
+      try {
+        await new Promise((resolve, reject) => {
+          server.close((err) => {
+            if (err) reject(err);
+            else resolve();
+          });
+        });
+        console.log(import_chalk3.default.green("\u2713 Server stopped"));
+      } catch {
+        console.log(import_chalk3.default.yellow("\u26A0 Server already stopped"));
+      }
+    }
+    if (tunnel) {
+      try {
+        await tunnel.close();
+      } catch {
+        console.log(import_chalk3.default.yellow("\u26A0 Could not close tunnel"));
+      }
+    }
+    if (stripeSync) {
+      try {
+        await stripeSync.close();
+        console.log(import_chalk3.default.green("\u2713 Database pool closed"));
+      } catch {
+        console.log(import_chalk3.default.yellow("\u26A0 Could not close database pool"));
+      }
+    }
+    process.exit(0);
+  };
+  process.on("SIGINT", () => cleanup("SIGINT"));
+  process.on("SIGTERM", () => cleanup("SIGTERM"));
+  try {
+    const config = await loadConfig(options);
+    const useWebSocketMode = !config.ngrokAuthToken;
+    const modeLabel = useWebSocketMode ? "WebSocket" : "Webhook (ngrok)";
+    console.log(import_chalk3.default.blue(`
+Mode: ${modeLabel}`));
+    const maskedDbUrl = config.databaseUrl.replace(/:[^:@]+@/, ":****@");
+    console.log(import_chalk3.default.gray(`Database: ${maskedDbUrl}`));
+    try {
+      await runMigrations({
+        databaseUrl: config.databaseUrl
+      });
+    } catch (migrationError) {
+      console.error(import_chalk3.default.red("Failed to run migrations:"));
+      console.error(
+        migrationError instanceof Error ? migrationError.message : String(migrationError)
+      );
+      throw migrationError;
+    }
+    const poolConfig = {
+      max: 10,
+      connectionString: config.databaseUrl,
+      keepAlive: true
+    };
+    stripeSync = new StripeSync({
+      databaseUrl: config.databaseUrl,
+      stripeSecretKey: config.stripeApiKey,
+      stripeApiVersion: process.env.STRIPE_API_VERSION || "2020-08-27",
+      autoExpandLists: process.env.AUTO_EXPAND_LISTS === "true",
+      backfillRelatedEntities: process.env.BACKFILL_RELATED_ENTITIES !== "false",
+      poolConfig
+    });
+    const databaseUrlWithoutPassword = config.databaseUrl.replace(/:[^:@]+@/, ":****@");
+    if (useWebSocketMode) {
+      console.log(import_chalk3.default.blue("\nConnecting to Stripe WebSocket..."));
+      wsClient = await createStripeWebSocketClient({
+        stripeApiKey: config.stripeApiKey,
+        onEvent: async (event) => {
+          try {
+            const payload = JSON.parse(event.event_payload);
+            console.log(import_chalk3.default.cyan(`\u2190 ${payload.type}`) + import_chalk3.default.gray(` (${payload.id})`));
+            if (stripeSync) {
+              await stripeSync.processEvent(payload);
+              return {
+                status: 200,
+                event_type: payload.type,
+                event_id: payload.id,
+                databaseUrl: databaseUrlWithoutPassword
+              };
+            }
+          } catch (err) {
+            console.error(import_chalk3.default.red("Error processing event:"), err);
+            return {
+              status: 500,
+              databaseUrl: databaseUrlWithoutPassword,
+              error: err instanceof Error ? err.message : String(err)
+            };
+          }
+        },
+        onReady: (secret) => {
+          console.log(import_chalk3.default.green("\u2713 Connected to Stripe WebSocket"));
+          const maskedSecret = secret.length > 14 ? `${secret.slice(0, 10)}...${secret.slice(-4)}` : "****";
+          console.log(import_chalk3.default.gray(`  Webhook secret: ${maskedSecret}`));
+        },
+        onError: (error) => {
+          console.error(import_chalk3.default.red("WebSocket error:"), error.message);
+        },
+        onClose: (code, reason) => {
+          console.log(import_chalk3.default.yellow(`WebSocket closed: ${code} - ${reason}`));
+        }
+      });
+    } else {
+      const port = 3e3;
+      tunnel = await createTunnel(port, config.ngrokAuthToken);
+      const webhookPath = process.env.WEBHOOK_PATH || "/stripe-webhooks";
+      console.log(import_chalk3.default.blue("\nCreating Stripe webhook endpoint..."));
+      const webhook = await stripeSync.findOrCreateManagedWebhook(`${tunnel.url}${webhookPath}`);
+      webhookId = webhook.id;
+      const eventCount = webhook.enabled_events?.length || 0;
+      console.log(import_chalk3.default.green(`\u2713 Webhook created: ${webhook.id}`));
+      console.log(import_chalk3.default.cyan(`  URL: ${webhook.url}`));
+      console.log(import_chalk3.default.cyan(`  Events: ${eventCount} supported events`));
+      const app = (0, import_express.default)();
+      const webhookRoute = webhookPath;
+      app.use(webhookRoute, import_express.default.raw({ type: "application/json" }));
+      app.post(webhookRoute, async (req, res) => {
+        const sig = req.headers["stripe-signature"];
+        if (!sig || typeof sig !== "string") {
+          console.error("[Webhook] Missing stripe-signature header");
+          return res.status(400).send({ error: "Missing stripe-signature header" });
+        }
+        const rawBody = req.body;
+        if (!rawBody || !Buffer.isBuffer(rawBody)) {
+          console.error("[Webhook] Body is not a Buffer!");
+          return res.status(400).send({ error: "Missing raw body for signature verification" });
+        }
+        try {
+          await stripeSync.processWebhook(rawBody, sig);
+          return res.status(200).send({ received: true });
+        } catch (error) {
+          const errorMessage = error instanceof Error ? error.message : "Unknown error";
+          console.error("[Webhook] Processing error:", errorMessage);
+          return res.status(400).send({ error: errorMessage });
+        }
+      });
+      app.use(import_express.default.json());
+      app.use(import_express.default.urlencoded({ extended: false }));
+      app.get("/health", async (req, res) => res.status(200).json({ status: "ok" }));
+      console.log(import_chalk3.default.blue(`
+Starting server on port ${port}...`));
+      await new Promise((resolve, reject) => {
+        server = app.listen(port, "0.0.0.0", () => resolve());
+        server.on("error", reject);
+      });
+      console.log(import_chalk3.default.green(`\u2713 Server started on port ${port}`));
+    }
+    if (process.env.SKIP_BACKFILL !== "true") {
+      console.log(import_chalk3.default.blue("\nStarting initial sync of all Stripe data..."));
+      const syncResult = await stripeSync.processUntilDone();
+      const totalSynced = Object.values(syncResult).reduce(
+        (sum, result) => sum + (result?.synced || 0),
+        0
+      );
+      console.log(import_chalk3.default.green(`\u2713 Sync complete: ${totalSynced} objects synced`));
+    } else {
+      console.log(import_chalk3.default.yellow("\n\u23ED\uFE0F  Skipping initial sync (SKIP_BACKFILL=true)"));
+    }
+    console.log(
+      import_chalk3.default.cyan("\n\u25CF Streaming live changes...") + import_chalk3.default.gray(" [press Ctrl-C to abort]")
+    );
+    await new Promise(() => {
+    });
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.red(error.message));
+    }
+    await cleanup();
+    process.exit(1);
+  }
+}
+async function installCommand(options) {
+  try {
+    import_dotenv2.default.config();
+    let accessToken = options.supabaseAccessToken || process.env.SUPABASE_ACCESS_TOKEN || "";
+    let projectRef = options.supabaseProjectRef || process.env.SUPABASE_PROJECT_REF || "";
+    let stripeKey = options.stripeKey || process.env.STRIPE_API_KEY || process.env.STRIPE_SECRET_KEY || "";
+    if (!accessToken || !projectRef || !stripeKey) {
+      const inquirer2 = (await import("inquirer")).default;
+      const questions = [];
+      if (!accessToken) {
+        questions.push({
+          type: "password",
+          name: "accessToken",
+          message: "Enter your Supabase access token (from supabase.com/dashboard/account/tokens):",
+          mask: "*",
+          validate: (input) => input.trim() !== "" || "Access token is required"
+        });
+      }
+      if (!projectRef) {
+        questions.push({
+          type: "input",
+          name: "projectRef",
+          message: "Enter your Supabase project ref (e.g., abcdefghijklmnop):",
+          validate: (input) => input.trim() !== "" || "Project ref is required"
+        });
+      }
+      if (!stripeKey) {
+        questions.push({
+          type: "password",
+          name: "stripeKey",
+          message: "Enter your Stripe secret key:",
+          mask: "*",
+          validate: (input) => {
+            if (!input.trim()) return "Stripe key is required";
+            if (!input.startsWith("sk_")) return 'Stripe key should start with "sk_"';
+            return true;
+          }
+        });
+      }
+      if (questions.length > 0) {
+        console.log(import_chalk3.default.yellow("\nMissing required configuration. Please provide:"));
+        const answers = await inquirer2.prompt(questions);
+        if (answers.accessToken) accessToken = answers.accessToken;
+        if (answers.projectRef) projectRef = answers.projectRef;
+        if (answers.stripeKey) stripeKey = answers.stripeKey;
+      }
+    }
+    console.log(import_chalk3.default.blue("\n\u{1F680} Installing Stripe Sync to Supabase Edge Functions...\n"));
+    console.log(import_chalk3.default.gray("Validating project access..."));
+    await install({
+      supabaseAccessToken: accessToken,
+      supabaseProjectRef: projectRef,
+      stripeKey,
+      packageVersion: options.packageVersion
+    });
+    console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
+    console.log(import_chalk3.default.cyan.bold("  Installation Complete!"));
+    console.log(import_chalk3.default.cyan("\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n"));
+    console.log(import_chalk3.default.gray("\n  Your Stripe data will stay in sync to your Supabase database."));
+    console.log(
+      import_chalk3.default.gray('  View your data in the Supabase dashboard under the "stripe" schema.\n')
+    );
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.red(`
+\u2717 Installation failed: ${error.message}`));
+    }
+    process.exit(1);
+  }
+}
+async function uninstallCommand(options) {
+  try {
+    import_dotenv2.default.config();
+    let accessToken = options.supabaseAccessToken || process.env.SUPABASE_ACCESS_TOKEN || "";
+    let projectRef = options.supabaseProjectRef || process.env.SUPABASE_PROJECT_REF || "";
+    let stripeKey = options.stripeKey || process.env.STRIPE_API_KEY || process.env.STRIPE_SECRET_KEY || "";
+    if (!accessToken || !projectRef || !stripeKey) {
+      const inquirer2 = (await import("inquirer")).default;
+      const questions = [];
+      if (!accessToken) {
+        questions.push({
+          type: "password",
+          name: "accessToken",
+          message: "Enter your Supabase access token (from supabase.com/dashboard/account/tokens):",
+          mask: "*",
+          validate: (input) => input.trim() !== "" || "Access token is required"
+        });
+      }
+      if (!projectRef) {
+        questions.push({
+          type: "input",
+          name: "projectRef",
+          message: "Enter your Supabase project ref (e.g., abcdefghijklmnop):",
+          validate: (input) => input.trim() !== "" || "Project ref is required"
+        });
+      }
+      if (!stripeKey) {
+        questions.push({
+          type: "password",
+          name: "stripeKey",
+          message: "Enter your Stripe secret key:",
+          mask: "*",
+          validate: (input) => {
+            if (!input.trim()) return "Stripe key is required";
+            if (!input.startsWith("sk_")) return 'Stripe key should start with "sk_"';
+            return true;
+          }
+        });
+      }
+      if (questions.length > 0) {
+        console.log(import_chalk3.default.yellow("\nMissing required configuration. Please provide:"));
+        const answers = await inquirer2.prompt(questions);
+        if (answers.accessToken) accessToken = answers.accessToken;
+        if (answers.projectRef) projectRef = answers.projectRef;
+        if (answers.stripeKey) stripeKey = answers.stripeKey;
+      }
+    }
+    console.log(import_chalk3.default.blue("\n\u{1F5D1}\uFE0F  Uninstalling Stripe Sync from Supabase...\n"));
+    console.log(import_chalk3.default.yellow("\u26A0\uFE0F  Warning: This will delete all Stripe data from your database!\n"));
+    console.log(import_chalk3.default.gray("Removing all resources..."));
+    await uninstall({
+      supabaseAccessToken: accessToken,
+      supabaseProjectRef: projectRef,
+      stripeKey
+    });
+    console.log(import_chalk3.default.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
+    console.log(import_chalk3.default.cyan.bold("  Uninstall Complete!"));
+    console.log(import_chalk3.default.cyan("\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n"));
+    console.log(
+      import_chalk3.default.gray("\n  All Stripe sync resources have been removed from your Supabase project.")
+    );
+    console.log(import_chalk3.default.gray("  - Edge Functions deleted"));
+    console.log(import_chalk3.default.gray("  - Stripe webhooks removed"));
+    console.log(import_chalk3.default.gray("  - Database schema dropped\n"));
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.red(`
+\u2717 Uninstall failed: ${error.message}`));
+    }
+    process.exit(1);
+  }
+}
+
+// src/cli/index.ts
+var program = new import_commander.Command();
+program.name("stripe-experiment-sync").description("CLI tool for syncing Stripe data to PostgreSQL").version(package_default.version);
+program.command("migrate").description("Run database migrations only").option("--database-url <url>", "Postgres DATABASE_URL (or DATABASE_URL env)").action(async (options) => {
+  await migrateCommand({
+    databaseUrl: options.databaseUrl
+  });
+});
+program.command("start").description("Start Stripe sync").option("--stripe-key <key>", "Stripe API key (or STRIPE_API_KEY env)").option("--ngrok-token <token>", "ngrok auth token (or NGROK_AUTH_TOKEN env)").option("--database-url <url>", "Postgres DATABASE_URL (or DATABASE_URL env)").action(async (options) => {
+  await syncCommand({
+    stripeKey: options.stripeKey,
+    ngrokToken: options.ngrokToken,
+    databaseUrl: options.databaseUrl
+  });
+});
+program.command("backfill <entityName>").description("Backfill a specific entity type from Stripe (e.g., customer, invoice, product)").option("--stripe-key <key>", "Stripe API key (or STRIPE_API_KEY env)").option("--database-url <url>", "Postgres DATABASE_URL (or DATABASE_URL env)").action(async (entityName, options) => {
+  await backfillCommand(
+    {
+      stripeKey: options.stripeKey,
+      databaseUrl: options.databaseUrl
+    },
+    entityName
+  );
+});
+var supabase = program.command("supabase").description("Supabase Edge Functions commands");
+supabase.command("install").description("Install Stripe sync to Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").option("--stripe-key <key>", "Stripe API key (or STRIPE_API_KEY env)").option(
+  "--version <version>",
+  "Package version to install (e.g., 1.0.8-beta.1, defaults to latest)"
+).action(async (options) => {
+  await installCommand({
+    supabaseAccessToken: options.token,
+    supabaseProjectRef: options.project,
+    stripeKey: options.stripeKey,
+    packageVersion: options.version
+  });
+});
+supabase.command("uninstall").description("Uninstall Stripe sync from Supabase Edge Functions").option("--token <token>", "Supabase access token (or SUPABASE_ACCESS_TOKEN env)").option("--project <ref>", "Supabase project ref (or SUPABASE_PROJECT_REF env)").option("--stripe-key <key>", "Stripe API key (or STRIPE_API_KEY env)").action(async (options) => {
+  await uninstallCommand({
+    supabaseAccessToken: options.token,
+    supabaseProjectRef: options.project,
+    stripeKey: options.stripeKey
+  });
+});
+program.parse();