stripe-experiment-sync 1.0.7 → 1.0.8

package/dist/{chunk-YXQZXR7S.js → chunk-CKWVW2JK.js}

@@ -1,7 +1,7 @@
 // package.json
 var package_default = {
   name: "stripe-experiment-sync",
-  version: "1.0.7",
+  version: "1.0.8-beta.1765856228",
   private: false,
   description: "Stripe Sync Engine to sync Stripe data to Postgres",
   type: "module",

package/dist/{chunk-7JWRDXNB.js → chunk-J7BH3XD6.js}

@@ -1,6 +1,6 @@
 import {
   package_default
-} from "./chunk-YXQZXR7S.js";
+} from "./chunk-CKWVW2JK.js";
 
 // src/stripeSync.ts
 import Stripe2 from "stripe";
@@ -1607,19 +1607,8 @@ var StripeSync = class {
     if (params?.runStartedAt) {
       runStartedAt = params.runStartedAt;
     } else {
-      const runKey = await this.postgresClient.getOrCreateSyncRun(
-        accountId,
-        params?.triggeredBy ?? "processNext"
-      );
-      if (!runKey) {
-        const activeRun = await this.postgresClient.getActiveSyncRun(accountId);
-        if (!activeRun) {
-          throw new Error("Failed to get or create sync run");
-        }
-        runStartedAt = activeRun.runStartedAt;
-      } else {
-        runStartedAt = runKey.runStartedAt;
-      }
+      const { runKey } = await this.joinOrCreateSyncRun(params?.triggeredBy ?? "processNext");
+      runStartedAt = runKey.runStartedAt;
     }
     await this.postgresClient.createObjectRuns(accountId, runStartedAt, [resourceName]);
     const objRun = await this.postgresClient.getObjectRun(accountId, runStartedAt, resourceName);
@@ -1782,18 +1771,39 @@ var StripeSync = class {
     }
     return { synced: totalSynced };
   }
-  async processUntilDone(params) {
-    const { object } = params ?? { object: "all" };
+  /**
+   * Join existing sync run or create a new one.
+   * Returns sync run key and list of supported objects to sync.
+   *
+   * Cooperative behavior: If a sync run already exists, joins it instead of failing.
+   * This is used by workers and background processes that should cooperate.
+   *
+   * @param triggeredBy - What triggered this sync (for observability)
+   * @returns Run key and list of objects to sync
+   */
+  async joinOrCreateSyncRun(triggeredBy = "worker") {
     await this.getCurrentAccount();
     const accountId = await this.getAccountId();
-    const runKey = await this.postgresClient.getOrCreateSyncRun(accountId, "processUntilDone");
-    if (!runKey) {
+    const result = await this.postgresClient.getOrCreateSyncRun(accountId, triggeredBy);
+    if (!result) {
       const activeRun = await this.postgresClient.getActiveSyncRun(accountId);
       if (!activeRun) {
         throw new Error("Failed to get or create sync run");
       }
-      return this.processUntilDoneWithRun(activeRun.runStartedAt, object, params);
+      return {
+        runKey: { accountId: activeRun.accountId, runStartedAt: activeRun.runStartedAt },
+        objects: this.getSupportedSyncObjects()
+      };
     }
+    const { accountId: runAccountId, runStartedAt } = result;
+    return {
+      runKey: { accountId: runAccountId, runStartedAt },
+      objects: this.getSupportedSyncObjects()
+    };
+  }
+  async processUntilDone(params) {
+    const { object } = params ?? { object: "all" };
+    const { runKey } = await this.joinOrCreateSyncRun("processUntilDone");
     return this.processUntilDoneWithRun(runKey.runStartedAt, object, params);
   }
   /**
@@ -2408,14 +2418,14 @@ var StripeSync = class {
       throw error;
     }
   }
-  async fetchAndUpsert(fetch, upsert, accountId, resourceName, runStartedAt) {
+  async fetchAndUpsert(fetch2, upsert, accountId, resourceName, runStartedAt) {
     const CHECKPOINT_SIZE = 100;
     let totalSynced = 0;
     let currentBatch = [];
     try {
       this.config.logger?.info("Fetching items to sync from Stripe");
       try {
-        for await (const item of fetch()) {
+        for await (const item of fetch2()) {
           currentBatch.push(item);
           if (currentBatch.length >= CHECKPOINT_SIZE) {
             this.config.logger?.info(`Upserting batch of ${currentBatch.length} items`);
@@ -3141,11 +3151,11 @@ var StripeSync = class {
       }
     }
   }
-  async fetchMissingEntities(ids, fetch) {
+  async fetchMissingEntities(ids, fetch2) {
     if (!ids.length) return [];
     const entities = [];
     for (const id of ids) {
-      const entity = await fetch(id);
+      const entity = await fetch2(id);
       entities.push(entity);
     }
     return entities;
@@ -3252,6 +3262,167 @@ async function runMigrations(config) {
   }
 }
 
+// src/websocket-client.ts
+import WebSocket from "ws";
+var CLI_VERSION = "1.33.0";
+var PONG_WAIT = 10 * 1e3;
+var PING_PERIOD = PONG_WAIT * 2 / 10;
+function getClientUserAgent() {
+  return JSON.stringify({
+    name: "stripe-cli",
+    version: CLI_VERSION,
+    publisher: "stripe",
+    os: process.platform
+  });
+}
+async function createCliSession(stripeApiKey) {
+  const params = new URLSearchParams();
+  params.append("device_name", "stripe-sync-engine");
+  params.append("websocket_features[]", "webhooks");
+  const response = await fetch("https://api.stripe.com/v1/stripecli/sessions", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${stripeApiKey}`,
+      "Content-Type": "application/x-www-form-urlencoded",
+      "User-Agent": `Stripe/v1 stripe-cli/${CLI_VERSION}`,
+      "X-Stripe-Client-User-Agent": getClientUserAgent()
+    },
+    body: params.toString()
+  });
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Failed to create CLI session: ${error}`);
+  }
+  return await response.json();
+}
+async function createStripeWebSocketClient(options) {
+  const { stripeApiKey, onEvent, onReady, onError, onClose } = options;
+  const session = await createCliSession(stripeApiKey);
+  let ws = null;
+  let pingInterval = null;
+  let connected = false;
+  let shouldReconnect = true;
+  function connect() {
+    const wsUrl = `${session.websocket_url}?websocket_feature=${encodeURIComponent(session.websocket_authorized_feature)}`;
+    ws = new WebSocket(wsUrl, {
+      headers: {
+        "Accept-Encoding": "identity",
+        "User-Agent": `Stripe/v1 stripe-cli/${CLI_VERSION}`,
+        "X-Stripe-Client-User-Agent": getClientUserAgent(),
+        "Websocket-Id": session.websocket_id
+      }
+    });
+    ws.on("pong", () => {
+    });
+    ws.on("open", () => {
+      connected = true;
+      pingInterval = setInterval(() => {
+        if (ws && ws.readyState === WebSocket.OPEN) {
+          ws.ping();
+        }
+      }, PING_PERIOD);
+      if (onReady) {
+        onReady(session.secret);
+      }
+    });
+    ws.on("message", async (data) => {
+      try {
+        const message = JSON.parse(data.toString());
+        const ack = {
+          type: "event_ack",
+          event_id: message.webhook_id,
+          webhook_conversation_id: message.webhook_conversation_id,
+          webhook_id: message.webhook_id
+        };
+        if (ws && ws.readyState === WebSocket.OPEN) {
+          ws.send(JSON.stringify(ack));
+        }
+        let response;
+        try {
+          const result = await onEvent(message);
+          response = {
+            type: "webhook_response",
+            webhook_id: message.webhook_id,
+            webhook_conversation_id: message.webhook_conversation_id,
+            forward_url: "stripe-sync-engine",
+            status: result?.status ?? 200,
+            http_headers: {},
+            body: JSON.stringify({
+              event_type: result?.event_type,
+              event_id: result?.event_id,
+              database_url: result?.databaseUrl,
+              error: result?.error
+            }),
+            request_headers: message.http_headers,
+            request_body: message.event_payload,
+            notification_id: message.webhook_id
+          };
+        } catch (err) {
+          const errorMessage = err instanceof Error ? err.message : String(err);
+          response = {
+            type: "webhook_response",
+            webhook_id: message.webhook_id,
+            webhook_conversation_id: message.webhook_conversation_id,
+            forward_url: "stripe-sync-engine",
+            status: 500,
+            http_headers: {},
+            body: JSON.stringify({ error: errorMessage }),
+            request_headers: message.http_headers,
+            request_body: message.event_payload,
+            notification_id: message.webhook_id
+          };
+          if (onError) {
+            onError(err instanceof Error ? err : new Error(errorMessage));
+          }
+        }
+        if (ws && ws.readyState === WebSocket.OPEN) {
+          ws.send(JSON.stringify(response));
+        }
+      } catch (err) {
+        if (onError) {
+          onError(err instanceof Error ? err : new Error(String(err)));
+        }
+      }
+    });
+    ws.on("error", (error) => {
+      if (onError) {
+        onError(error);
+      }
+    });
+    ws.on("close", (code, reason) => {
+      connected = false;
+      if (pingInterval) {
+        clearInterval(pingInterval);
+        pingInterval = null;
+      }
+      if (onClose) {
+        onClose(code, reason.toString());
+      }
+      if (shouldReconnect) {
+        const delay = (session.reconnect_delay || 5) * 1e3;
+        setTimeout(() => {
+          connect();
+        }, delay);
+      }
+    });
+  }
+  connect();
+  return {
+    close: () => {
+      shouldReconnect = false;
+      if (pingInterval) {
+        clearInterval(pingInterval);
+        pingInterval = null;
+      }
+      if (ws) {
+        ws.close(1e3, "Connection Done");
+        ws = null;
+      }
+    },
+    isConnected: () => connected
+  };
+}
+
 // src/index.ts
 var VERSION = package_default.version;
 
@@ -3260,5 +3431,6 @@ export {
   hashApiKey,
   StripeSync,
   runMigrations,
+  createStripeWebSocketClient,
   VERSION
 };

package/dist/{chunk-SX3HLE4H.js → chunk-X2OQQCC2.js}

@@ -1,18 +1,18 @@
 import {
   package_default
-} from "./chunk-YXQZXR7S.js";
+} from "./chunk-CKWVW2JK.js";
 
 // src/supabase/supabase.ts
 import { SupabaseManagementAPI } from "supabase-management-js";
 
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-setup.ts
 var stripe_setup_default = "import { StripeSync, runMigrations } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  let stripeSync = null\n  try {\n    // Get and validate database URL\n    const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n    if (!rawDbUrl) {\n      throw new Error('SUPABASE_DB_URL environment variable is not set')\n    }\n    // Remove sslmode from connection string (not supported by pg in Deno)\n    const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n    await runMigrations({ databaseUrl: dbUrl })\n\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 2 }, // Need 2 for advisory lock + queries\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY'),\n    })\n\n    // Release any stale advisory locks from previous timeouts\n    await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n\n    // Construct webhook URL from SUPABASE_URL (available in all Edge Functions)\n    const supabaseUrl = Deno.env.get('SUPABASE_URL')\n    if (!supabaseUrl) {\n      throw new Error('SUPABASE_URL environment variable is not set')\n    }\n    const webhookUrl = supabaseUrl + '/functions/v1/stripe-webhook'\n\n    const webhook = await stripeSync.findOrCreateManagedWebhook(webhookUrl)\n\n    await stripeSync.postgresClient.pool.end()\n\n    return new Response(\n      JSON.stringify({\n        success: true,\n        message: 'Setup complete',\n        webhookId: webhook.id,\n      }),\n      {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      }\n    )\n  } catch (error) {\n    console.error('Setup error:', error)\n    // Cleanup on error\n    if (stripeSync) {\n      try {\n        await stripeSync.postgresClient.query('SELECT pg_advisory_unlock_all()')\n        await stripeSync.postgresClient.pool.end()\n      } catch (cleanupErr) {\n        console.warn('Cleanup failed:', cleanupErr)\n      }\n    }\n    return new Response(JSON.stringify({ success: false, error: error.message }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  }\n})\n";
 
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-webhook.ts
 var stripe_webhook_default = "import { StripeSync } from 'npm:stripe-experiment-sync'\n\nDeno.serve(async (req) => {\n  if (req.method !== 'POST') {\n    return new Response('Method not allowed', { status: 405 })\n  }\n\n  const sig = req.headers.get('stripe-signature')\n  if (!sig) {\n    return new Response('Missing stripe-signature header', { status: 400 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  const stripeSync = new StripeSync({\n    poolConfig: { connectionString: dbUrl, max: 1 },\n    stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n  })\n\n  try {\n    const rawBody = new Uint8Array(await req.arrayBuffer())\n    await stripeSync.processWebhook(rawBody, sig)\n    return new Response(JSON.stringify({ received: true }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Webhook processing error:', error)\n    const isSignatureError =\n      error.message?.includes('signature') || error.type === 'StripeSignatureVerificationError'\n    const status = isSignatureError ? 400 : 500\n    return new Response(JSON.stringify({ error: error.message }), {\n      status,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    await stripeSync.postgresClient.pool.end()\n  }\n})\n";
 
-// raw-ts:/home/runner/work/stripe-sync-engine/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-worker.ts
-var stripe_worker_default = "/**\n * Stripe Sync Worker\n *\n * Triggered by pg_cron every 10 seconds. Uses pgmq for durable work queue.\n *\n * Flow:\n * 1. Read batch of messages from pgmq (qty=10, vt=60s)\n * 2. If queue empty: enqueue all objects (continuous sync)\n * 3. Process messages in parallel (Promise.all):\n *    - processNext(object)\n *    - Delete message on success\n *    - Re-enqueue if hasMore\n * 4. Return results summary\n *\n * Concurrency:\n * - Multiple workers can run concurrently via overlapping pg_cron triggers.\n * - Each worker processes its batch of messages in parallel (Promise.all).\n * - pgmq visibility timeout prevents duplicate message reads across workers.\n * - processNext() is idempotent (uses internal cursor tracking), so duplicate\n *   processing on timeout/crash is safe.\n */\n\nimport { StripeSync } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\nconst QUEUE_NAME = 'stripe_sync_work'\nconst VISIBILITY_TIMEOUT = 60 // seconds\nconst BATCH_SIZE = 10\n\nDeno.serve(async (req) => {\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  let sql\n  let stripeSync\n\n  try {\n    sql = postgres(dbUrl, { max: 1, prepare: false })\n  } catch (error) {\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create postgres connection',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 1 },\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n    })\n  } catch (error) {\n    await sql.end()\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create StripeSync',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    // Read batch of messages from queue\n    const messages = await sql`\n      SELECT * FROM pgmq.read(${QUEUE_NAME}::text, ${VISIBILITY_TIMEOUT}::int, ${BATCH_SIZE}::int)\n    `\n\n    // If queue empty, enqueue all objects for continuous sync\n    if (messages.length === 0) {\n      const objects = stripeSync.getSupportedSyncObjects()\n      const msgs = objects.map((object) => JSON.stringify({ object }))\n\n      await sql`\n        SELECT pgmq.send_batch(\n          ${QUEUE_NAME}::text,\n          ${sql.array(msgs)}::jsonb[]\n        )\n      `\n\n      return new Response(JSON.stringify({ enqueued: objects.length, objects }), {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    // Process messages in parallel\n    const results = await Promise.all(\n      messages.map(async (msg) => {\n        const { object } = msg.message as { object: string }\n\n        try {\n          const result = await stripeSync.processNext(object)\n\n          // Delete message on success (cast to bigint to disambiguate overloaded function)\n          await sql`SELECT pgmq.delete(${QUEUE_NAME}::text, ${msg.msg_id}::bigint)`\n\n          // Re-enqueue if more pages\n          if (result.hasMore) {\n            await sql`SELECT pgmq.send(${QUEUE_NAME}::text, ${sql.json({ object })}::jsonb)`\n          }\n\n          return { object, ...result }\n        } catch (error) {\n          // Log error but continue to next message\n          // Message will become visible again after visibility timeout\n          console.error(`Error processing ${object}:`, error)\n          return {\n            object,\n            processed: 0,\n            hasMore: false,\n            error: error.message,\n            stack: error.stack,\n          }\n        }\n      })\n    )\n\n    return new Response(JSON.stringify({ results }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Worker error:', error)\n    return new Response(JSON.stringify({ error: error.message, stack: error.stack }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    if (sql) await sql.end()\n    if (stripeSync) await stripeSync.postgresClient.pool.end()\n  }\n})\n";
+// raw-ts:/Users/lfdepombo/src/stripe-sync-engine/packages/sync-engine/src/supabase/edge-functions/stripe-worker.ts
+var stripe_worker_default = "/**\n * Stripe Sync Worker\n *\n * Triggered by pg_cron every 10 seconds. Uses pgmq for durable work queue.\n *\n * Flow:\n * 1. Read batch of messages from pgmq (qty=10, vt=60s)\n * 2. If queue empty: enqueue all objects (continuous sync)\n * 3. Process messages in parallel (Promise.all):\n *    - processNext(object)\n *    - Delete message on success\n *    - Re-enqueue if hasMore\n * 4. Return results summary\n *\n * Concurrency:\n * - Multiple workers can run concurrently via overlapping pg_cron triggers.\n * - Each worker processes its batch of messages in parallel (Promise.all).\n * - pgmq visibility timeout prevents duplicate message reads across workers.\n * - processNext() is idempotent (uses internal cursor tracking), so duplicate\n *   processing on timeout/crash is safe.\n */\n\nimport { StripeSync } from 'npm:stripe-experiment-sync'\nimport postgres from 'npm:postgres'\n\nconst QUEUE_NAME = 'stripe_sync_work'\nconst VISIBILITY_TIMEOUT = 60 // seconds\nconst BATCH_SIZE = 10\n\nDeno.serve(async (req) => {\n  const authHeader = req.headers.get('Authorization')\n  if (!authHeader?.startsWith('Bearer ')) {\n    return new Response('Unauthorized', { status: 401 })\n  }\n\n  const rawDbUrl = Deno.env.get('SUPABASE_DB_URL')\n  if (!rawDbUrl) {\n    return new Response(JSON.stringify({ error: 'SUPABASE_DB_URL not set' }), { status: 500 })\n  }\n  const dbUrl = rawDbUrl.replace(/[?&]sslmode=[^&]*/g, '').replace(/[?&]$/, '')\n\n  let sql\n  let stripeSync\n\n  try {\n    sql = postgres(dbUrl, { max: 1, prepare: false })\n  } catch (error) {\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create postgres connection',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    stripeSync = new StripeSync({\n      poolConfig: { connectionString: dbUrl, max: 1 },\n      stripeSecretKey: Deno.env.get('STRIPE_SECRET_KEY')!,\n    })\n  } catch (error) {\n    await sql.end()\n    return new Response(\n      JSON.stringify({\n        error: 'Failed to create StripeSync',\n        details: error.message,\n        stack: error.stack,\n      }),\n      { status: 500, headers: { 'Content-Type': 'application/json' } }\n    )\n  }\n\n  try {\n    // Read batch of messages from queue\n    const messages = await sql`\n      SELECT * FROM pgmq.read(${QUEUE_NAME}::text, ${VISIBILITY_TIMEOUT}::int, ${BATCH_SIZE}::int)\n    `\n\n    // If queue empty, enqueue all objects for continuous sync\n    if (messages.length === 0) {\n      // Create sync run to make enqueued work visible (status='pending')\n      const { objects } = await stripeSync.joinOrCreateSyncRun('worker')\n      const msgs = objects.map((object) => JSON.stringify({ object }))\n\n      await sql`\n        SELECT pgmq.send_batch(\n          ${QUEUE_NAME}::text,\n          ${sql.array(msgs)}::jsonb[]\n        )\n      `\n\n      return new Response(JSON.stringify({ enqueued: objects.length, objects }), {\n        status: 200,\n        headers: { 'Content-Type': 'application/json' },\n      })\n    }\n\n    // Process messages in parallel\n    const results = await Promise.all(\n      messages.map(async (msg) => {\n        const { object } = msg.message as { object: string }\n\n        try {\n          const result = await stripeSync.processNext(object)\n\n          // Delete message on success (cast to bigint to disambiguate overloaded function)\n          await sql`SELECT pgmq.delete(${QUEUE_NAME}::text, ${msg.msg_id}::bigint)`\n\n          // Re-enqueue if more pages\n          if (result.hasMore) {\n            await sql`SELECT pgmq.send(${QUEUE_NAME}::text, ${sql.json({ object })}::jsonb)`\n          }\n\n          return { object, ...result }\n        } catch (error) {\n          // Log error but continue to next message\n          // Message will become visible again after visibility timeout\n          console.error(`Error processing ${object}:`, error)\n          return {\n            object,\n            processed: 0,\n            hasMore: false,\n            error: error.message,\n            stack: error.stack,\n          }\n        }\n      })\n    )\n\n    return new Response(JSON.stringify({ results }), {\n      status: 200,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } catch (error) {\n    console.error('Worker error:', error)\n    return new Response(JSON.stringify({ error: error.message, stack: error.stack }), {\n      status: 500,\n      headers: { 'Content-Type': 'application/json' },\n    })\n  } finally {\n    if (sql) await sql.end()\n    if (stripeSync) await stripeSync.postgresClient.pool.end()\n  }\n})\n";
 
 // src/supabase/edge-function-code.ts
 var setupFunctionCode = stripe_setup_default;
@@ -324,40 +324,43 @@ var SupabaseSetupClient = class {
       throw new Error(`Uninstall failed: ${error instanceof Error ? error.message : String(error)}`);
     }
   }
-  async install(stripeKey) {
+  /**
+   * Inject package version into Edge Function code
+   */
+  injectPackageVersion(code, version) {
+    if (version === "latest") {
+      return code;
+    }
+    return code.replace(
+      /from ['"]npm:stripe-experiment-sync['"]/g,
+      `from 'npm:stripe-experiment-sync@${version}'`
+    );
+  }
+  async install(stripeKey, packageVersion) {
     const trimmedStripeKey = stripeKey.trim();
     if (!trimmedStripeKey.startsWith("sk_") && !trimmedStripeKey.startsWith("rk_")) {
       throw new Error('Stripe key should start with "sk_" or "rk_"');
     }
+    const version = packageVersion || "latest";
     try {
       await this.validateProject();
       await this.runSQL(`CREATE SCHEMA IF NOT EXISTS stripe`);
       await this.updateInstallationComment(
         `${STRIPE_SCHEMA_COMMENT_PREFIX} v${package_default.version} ${INSTALLATION_STARTED_SUFFIX}`
       );
-      await this.deployFunction("stripe-setup", setupFunctionCode);
-      await this.deployFunction("stripe-webhook", webhookFunctionCode);
-      await this.deployFunction("stripe-worker", workerFunctionCode);
+      const versionedSetup = this.injectPackageVersion(setupFunctionCode, version);
+      const versionedWebhook = this.injectPackageVersion(webhookFunctionCode, version);
+      const versionedWorker = this.injectPackageVersion(workerFunctionCode, version);
+      await this.deployFunction("stripe-setup", versionedSetup);
+      await this.deployFunction("stripe-webhook", versionedWebhook);
+      await this.deployFunction("stripe-worker", versionedWorker);
       await this.setSecrets([{ name: "STRIPE_SECRET_KEY", value: trimmedStripeKey }]);
       const serviceRoleKey = await this.getServiceRoleKey();
       const setupResult = await this.invokeFunction("stripe-setup", serviceRoleKey);
       if (!setupResult.success) {
         throw new Error(`Setup failed: ${setupResult.error}`);
       }
-      let pgCronEnabled = false;
-      try {
-        await this.setupPgCronJob();
-        pgCronEnabled = true;
-      } catch {
-        console.warn("pg_cron setup failed - falling back to manual worker invocation");
-      }
-      if (!pgCronEnabled) {
-        try {
-          await this.invokeFunction("stripe-worker", serviceRoleKey);
-        } catch (err) {
-          console.warn("Failed to trigger initial worker invocation:", err);
-        }
-      }
+      await this.setupPgCronJob();
       await this.updateInstallationComment(
         `${STRIPE_SCHEMA_COMMENT_PREFIX} v${package_default.version} ${INSTALLATION_INSTALLED_SUFFIX}`
       );
@@ -370,14 +373,14 @@ var SupabaseSetupClient = class {
   }
 };
 async function install(params) {
-  const { supabaseAccessToken, supabaseProjectRef, stripeKey } = params;
+  const { supabaseAccessToken, supabaseProjectRef, stripeKey, packageVersion } = params;
   const client = new SupabaseSetupClient({
     accessToken: supabaseAccessToken,
     projectRef: supabaseProjectRef,
     projectBaseUrl: params.baseProjectUrl,
     managementApiBaseUrl: params.baseManagementApiUrl
   });
-  await client.install(stripeKey);
+  await client.install(stripeKey, packageVersion);
 }
 async function uninstall(params) {
   const { supabaseAccessToken, supabaseProjectRef, stripeKey } = params;

package/dist/{chunk-3P5TZKWU.js → chunk-YH6KRZDQ.js}

@@ -1,11 +1,12 @@
 import {
   StripeSync,
+  createStripeWebSocketClient,
   runMigrations
-} from "./chunk-7JWRDXNB.js";
+} from "./chunk-J7BH3XD6.js";
 import {
   install,
   uninstall
-} from "./chunk-SX3HLE4H.js";
+} from "./chunk-X2OQQCC2.js";
 
 // src/cli/config.ts
 import dotenv from "dotenv";
@@ -35,20 +36,6 @@ async function loadConfig(options) {
       }
     });
   }
-  if (!config.ngrokAuthToken) {
-    questions.push({
-      type: "password",
-      name: "ngrokAuthToken",
-      message: "Enter your ngrok auth token:",
-      mask: "*",
-      validate: (input) => {
-        if (!input || input.trim() === "") {
-          return "Ngrok auth token is required";
-        }
-        return true;
-      }
-    });
-  }
   if (!config.databaseUrl) {
     questions.push({
       type: "password",
@@ -299,10 +286,19 @@ async function syncCommand(options) {
   let tunnel = null;
   let server = null;
   let webhookId = null;
+  let wsClient = null;
   const cleanup = async (signal) => {
     console.log(chalk3.blue(`
 
 Cleaning up... (signal: ${signal || "manual"})`));
+    if (wsClient) {
+      try {
+        wsClient.close();
+        console.log(chalk3.green("\u2713 WebSocket closed"));
+      } catch {
+        console.log(chalk3.yellow("\u26A0 Could not close WebSocket"));
+      }
+    }
     const keepWebhooksOnShutdown = process.env.KEEP_WEBHOOKS_ON_SHUTDOWN === "true";
     if (webhookId && stripeSync && !keepWebhooksOnShutdown) {
       try {
@@ -346,7 +342,12 @@ Cleaning up... (signal: ${signal || "manual"})`));
   process.on("SIGTERM", () => cleanup("SIGTERM"));
   try {
     const config = await loadConfig(options);
-    console.log(chalk3.gray(`$ stripe-sync start ${config.databaseUrl}`));
+    const useWebSocketMode = !config.ngrokAuthToken;
+    const modeLabel = useWebSocketMode ? "WebSocket" : "Webhook (ngrok)";
+    console.log(chalk3.blue(`
+Mode: ${modeLabel}`));
+    const maskedDbUrl = config.databaseUrl.replace(/:[^:@]+@/, ":****@");
+    console.log(chalk3.gray(`Database: ${maskedDbUrl}`));
     try {
       await runMigrations({
         databaseUrl: config.databaseUrl
@@ -371,53 +372,90 @@ Cleaning up... (signal: ${signal || "manual"})`));
       backfillRelatedEntities: process.env.BACKFILL_RELATED_ENTITIES !== "false",
       poolConfig
     });
-    const port = 3e3;
-    tunnel = await createTunnel(port, config.ngrokAuthToken);
-    const webhookPath = process.env.WEBHOOK_PATH || "/stripe-webhooks";
-    console.log(chalk3.blue("\nCreating Stripe webhook endpoint..."));
-    const webhook = await stripeSync.findOrCreateManagedWebhook(`${tunnel.url}${webhookPath}`);
-    webhookId = webhook.id;
-    const eventCount = webhook.enabled_events?.length || 0;
-    console.log(chalk3.green(`\u2713 Webhook created: ${webhook.id}`));
-    console.log(chalk3.cyan(`  URL: ${webhook.url}`));
-    console.log(chalk3.cyan(`  Events: ${eventCount} supported events`));
-    const app = express();
-    const webhookRoute = webhookPath;
-    app.use(webhookRoute, express.raw({ type: "application/json" }));
-    app.post(webhookRoute, async (req, res) => {
-      const sig = req.headers["stripe-signature"];
-      if (!sig || typeof sig !== "string") {
-        console.error("[Webhook] Missing stripe-signature header");
-        return res.status(400).send({ error: "Missing stripe-signature header" });
-      }
-      const rawBody = req.body;
-      if (!rawBody || !Buffer.isBuffer(rawBody)) {
-        console.error("[Webhook] Body is not a Buffer!");
-        return res.status(400).send({ error: "Missing raw body for signature verification" });
-      }
-      try {
-        await stripeSync.processWebhook(rawBody, sig);
-        return res.status(200).send({ received: true });
-      } catch (error) {
-        const errorMessage = error instanceof Error ? error.message : "Unknown error";
-        console.error("[Webhook] Processing error:", errorMessage);
-        return res.status(400).send({ error: errorMessage });
-      }
-    });
-    app.use(express.json());
-    app.use(express.urlencoded({ extended: false }));
-    app.get("/health", async (req, res) => {
-      return res.status(200).json({ status: "ok" });
-    });
-    console.log(chalk3.blue(`
+    const databaseUrlWithoutPassword = config.databaseUrl.replace(/:[^:@]+@/, ":****@");
+    if (useWebSocketMode) {
+      console.log(chalk3.blue("\nConnecting to Stripe WebSocket..."));
+      wsClient = await createStripeWebSocketClient({
+        stripeApiKey: config.stripeApiKey,
+        onEvent: async (event) => {
+          try {
+            const payload = JSON.parse(event.event_payload);
+            console.log(chalk3.cyan(`\u2190 ${payload.type}`) + chalk3.gray(` (${payload.id})`));
+            if (stripeSync) {
+              await stripeSync.processEvent(payload);
+              return {
+                status: 200,
+                event_type: payload.type,
+                event_id: payload.id,
+                databaseUrl: databaseUrlWithoutPassword
+              };
+            }
+          } catch (err) {
+            console.error(chalk3.red("Error processing event:"), err);
+            return {
+              status: 500,
+              databaseUrl: databaseUrlWithoutPassword,
+              error: err instanceof Error ? err.message : String(err)
+            };
+          }
+        },
+        onReady: (secret) => {
+          console.log(chalk3.green("\u2713 Connected to Stripe WebSocket"));
+          const maskedSecret = secret.length > 14 ? `${secret.slice(0, 10)}...${secret.slice(-4)}` : "****";
+          console.log(chalk3.gray(`  Webhook secret: ${maskedSecret}`));
+        },
+        onError: (error) => {
+          console.error(chalk3.red("WebSocket error:"), error.message);
+        },
+        onClose: (code, reason) => {
+          console.log(chalk3.yellow(`WebSocket closed: ${code} - ${reason}`));
+        }
+      });
+    } else {
+      const port = 3e3;
+      tunnel = await createTunnel(port, config.ngrokAuthToken);
+      const webhookPath = process.env.WEBHOOK_PATH || "/stripe-webhooks";
+      console.log(chalk3.blue("\nCreating Stripe webhook endpoint..."));
+      const webhook = await stripeSync.findOrCreateManagedWebhook(`${tunnel.url}${webhookPath}`);
+      webhookId = webhook.id;
+      const eventCount = webhook.enabled_events?.length || 0;
+      console.log(chalk3.green(`\u2713 Webhook created: ${webhook.id}`));
+      console.log(chalk3.cyan(`  URL: ${webhook.url}`));
+      console.log(chalk3.cyan(`  Events: ${eventCount} supported events`));
+      const app = express();
+      const webhookRoute = webhookPath;
+      app.use(webhookRoute, express.raw({ type: "application/json" }));
+      app.post(webhookRoute, async (req, res) => {
+        const sig = req.headers["stripe-signature"];
+        if (!sig || typeof sig !== "string") {
+          console.error("[Webhook] Missing stripe-signature header");
+          return res.status(400).send({ error: "Missing stripe-signature header" });
+        }
+        const rawBody = req.body;
+        if (!rawBody || !Buffer.isBuffer(rawBody)) {
+          console.error("[Webhook] Body is not a Buffer!");
+          return res.status(400).send({ error: "Missing raw body for signature verification" });
+        }
+        try {
+          await stripeSync.processWebhook(rawBody, sig);
+          return res.status(200).send({ received: true });
+        } catch (error) {
+          const errorMessage = error instanceof Error ? error.message : "Unknown error";
+          console.error("[Webhook] Processing error:", errorMessage);
+          return res.status(400).send({ error: errorMessage });
+        }
+      });
+      app.use(express.json());
+      app.use(express.urlencoded({ extended: false }));
+      app.get("/health", async (req, res) => res.status(200).json({ status: "ok" }));
+      console.log(chalk3.blue(`
 Starting server on port ${port}...`));
-    await new Promise((resolve, reject) => {
-      server = app.listen(port, "0.0.0.0", () => {
-        resolve();
+      await new Promise((resolve, reject) => {
+        server = app.listen(port, "0.0.0.0", () => resolve());
+        server.on("error", reject);
       });
-      server.on("error", reject);
-    });
-    console.log(chalk3.green(`\u2713 Server started on port ${port}`));
+      console.log(chalk3.green(`\u2713 Server started on port ${port}`));
+    }
     if (process.env.SKIP_BACKFILL !== "true") {
       console.log(chalk3.blue("\nStarting initial sync of all Stripe data..."));
       const syncResult = await stripeSync.processUntilDone();
@@ -494,7 +532,8 @@ async function installCommand(options) {
     await install({
       supabaseAccessToken: accessToken,
       supabaseProjectRef: projectRef,
-      stripeKey
+      stripeKey,
+      packageVersion: options.packageVersion
     });
     console.log(chalk3.cyan("\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501"));
     console.log(chalk3.cyan.bold("  Installation Complete!"));