turbine-orm 0.15.0 → 0.18.0

package/dist/cli/observe-ui.js

@@ -0,0 +1,180 @@
+// Embedded HTML for the Turbine Observe dashboard.
+// Same pattern as studio-ui.generated.ts but hand-authored (no build step needed).
+export const OBSERVE_HTML = `<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <meta name="color-scheme" content="dark" />
+  <title>Turbine Observe</title>
+  <style>
+    :root {
+      --bg: #0a0a0b;
+      --bg-elev: #111113;
+      --bg-hover: #1a1a1d;
+      --border: #26262b;
+      --text: #e6e6ea;
+      --text-dim: #8a8a93;
+      --accent: #60a5fa;
+      --green: #4ade80;
+      --red: #f87171;
+      --orange: #fb923c;
+      --purple: #a78bfa;
+      --mono: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, monospace;
+      --sans: system-ui, -apple-system, sans-serif;
+      --radius: 6px;
+    }
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body { background: var(--bg); color: var(--text); font-family: var(--sans); font-size: 14px; padding: 24px; }
+    h1 { font-size: 20px; margin-bottom: 4px; }
+    .subtitle { color: var(--text-dim); margin-bottom: 24px; }
+    .controls { display: flex; gap: 8px; margin-bottom: 24px; }
+    .controls button {
+      background: var(--bg-elev); border: 1px solid var(--border); border-radius: var(--radius);
+      color: var(--text); padding: 6px 12px; cursor: pointer; font-size: 13px;
+    }
+    .controls button.active { border-color: var(--accent); color: var(--accent); }
+    .card {
+      background: var(--bg-elev); border: 1px solid var(--border); border-radius: var(--radius);
+      padding: 16px; margin-bottom: 16px;
+    }
+    .card h2 { font-size: 14px; color: var(--text-dim); margin-bottom: 12px; text-transform: uppercase; letter-spacing: 0.5px; }
+    table { width: 100%; border-collapse: collapse; font-family: var(--mono); font-size: 12px; }
+    th { text-align: left; padding: 6px 8px; color: var(--text-dim); border-bottom: 1px solid var(--border); }
+    td { padding: 6px 8px; border-bottom: 1px solid var(--border); }
+    .num { text-align: right; }
+    .error-rate { color: var(--red); }
+    .low-error { color: var(--green); }
+    svg { width: 100%; height: 200px; }
+    .chart-line { fill: none; stroke-width: 1.5; }
+    .line-avg { stroke: var(--accent); }
+    .line-p95 { stroke: var(--orange); }
+    .line-p99 { stroke: var(--red); }
+    .legend { display: flex; gap: 16px; margin-top: 8px; font-size: 12px; color: var(--text-dim); }
+    .legend span::before { content: ''; display: inline-block; width: 12px; height: 2px; margin-right: 4px; vertical-align: middle; }
+    .legend .l-avg::before { background: var(--accent); }
+    .legend .l-p95::before { background: var(--orange); }
+    .legend .l-p99::before { background: var(--red); }
+    .empty { color: var(--text-dim); text-align: center; padding: 40px; }
+  </style>
+</head>
+<body>
+  <h1>Turbine Observe</h1>
+  <p class="subtitle">Query performance metrics</p>
+  <div class="controls">
+    <button data-range="1h" class="active">1h</button>
+    <button data-range="6h">6h</button>
+    <button data-range="24h">24h</button>
+    <button data-range="7d">7d</button>
+  </div>
+  <div class="card" id="latency-card">
+    <h2>Latency over time</h2>
+    <div id="chart"></div>
+    <div class="legend">
+      <span class="l-avg">avg</span>
+      <span class="l-p95">p95</span>
+      <span class="l-p99">p99</span>
+    </div>
+  </div>
+  <div class="card" id="models-card">
+    <h2>Top models</h2>
+    <div id="models-table"></div>
+  </div>
+  <div class="card" id="errors-card">
+    <h2>Error rates</h2>
+    <div id="errors-table"></div>
+  </div>
+  <script>
+    let currentRange = '1h';
+    const token = document.cookie.match(/turbine_observe_token=([a-f0-9]+)/)?.[1] || '';
+    const headers = { 'x-turbine-token': token };
+
+    document.querySelector('.controls').addEventListener('click', e => {
+      if (e.target.tagName !== 'BUTTON') return;
+      document.querySelectorAll('.controls button').forEach(b => b.classList.remove('active'));
+      e.target.classList.add('active');
+      currentRange = e.target.dataset.range;
+      refresh();
+    });
+
+    async function fetchJson(path) {
+      const res = await fetch(path, { headers });
+      if (!res.ok) return null;
+      return res.json();
+    }
+
+    function buildSvgPath(points, width, height, maxY) {
+      if (points.length === 0) return '';
+      const xStep = width / Math.max(points.length - 1, 1);
+      return points.map((y, i) => {
+        const px = i * xStep;
+        const py = height - (y / maxY) * height;
+        return (i === 0 ? 'M' : 'L') + px.toFixed(1) + ',' + py.toFixed(1);
+      }).join(' ');
+    }
+
+    function renderChart(data) {
+      const el = document.getElementById('chart');
+      if (!data || data.length === 0) { el.innerHTML = '<p class="empty">No data yet</p>'; return; }
+      const width = 800; const height = 180;
+      const allVals = data.flatMap(d => [d.avg_ms, d.p95_ms, d.p99_ms]);
+      const maxY = Math.max(...allVals, 1) * 1.1;
+      const avgPath = buildSvgPath(data.map(d => d.avg_ms), width, height, maxY);
+      const p95Path = buildSvgPath(data.map(d => d.p95_ms), width, height, maxY);
+      const p99Path = buildSvgPath(data.map(d => d.p99_ms), width, height, maxY);
+      el.innerHTML = '<svg viewBox="0 0 ' + width + ' ' + height + '" preserveAspectRatio="none">'
+        + '<path class="chart-line line-avg" d="' + avgPath + '"/>'
+        + '<path class="chart-line line-p95" d="' + p95Path + '"/>'
+        + '<path class="chart-line line-p99" d="' + p99Path + '"/>'
+        + '</svg>';
+    }
+
+    function renderModels(data) {
+      const el = document.getElementById('models-table');
+      if (!data || data.length === 0) { el.innerHTML = '<p class="empty">No data yet</p>'; return; }
+      let html = '<table><thead><tr><th>Model</th><th>Action</th><th class="num">Count</th><th class="num">Avg (ms)</th><th class="num">P95 (ms)</th><th class="num">P99 (ms)</th></tr></thead><tbody>';
+      for (const row of data) {
+        html += '<tr><td>' + row.model + '</td><td>' + row.action + '</td>'
+          + '<td class="num">' + row.count + '</td>'
+          + '<td class="num">' + row.avg_ms.toFixed(1) + '</td>'
+          + '<td class="num">' + row.p95_ms.toFixed(1) + '</td>'
+          + '<td class="num">' + row.p99_ms.toFixed(1) + '</td></tr>';
+      }
+      html += '</tbody></table>';
+      el.innerHTML = html;
+    }
+
+    function renderErrors(data) {
+      const el = document.getElementById('errors-table');
+      if (!data || data.length === 0) { el.innerHTML = '<p class="empty">No errors</p>'; return; }
+      let html = '<table><thead><tr><th>Model</th><th>Action</th><th class="num">Total</th><th class="num">Errors</th><th class="num">Rate</th></tr></thead><tbody>';
+      for (const row of data) {
+        const rate = row.count > 0 ? (row.error_count / row.count * 100).toFixed(1) : '0.0';
+        const cls = parseFloat(rate) > 5 ? 'error-rate' : 'low-error';
+        html += '<tr><td>' + row.model + '</td><td>' + row.action + '</td>'
+          + '<td class="num">' + row.count + '</td>'
+          + '<td class="num">' + row.error_count + '</td>'
+          + '<td class="num ' + cls + '">' + rate + '%</td></tr>';
+      }
+      html += '</tbody></table>';
+      el.innerHTML = html;
+    }
+
+    async function refresh() {
+      const [latency, models] = await Promise.all([
+        fetchJson('/api/latency?range=' + currentRange),
+        fetchJson('/api/models?range=' + currentRange),
+      ]);
+      renderChart(latency);
+      renderModels(models);
+      // Derive errors from models data
+      const withErrors = (models || []).filter(m => m.error_count > 0);
+      renderErrors(withErrors);
+    }
+
+    refresh();
+    setInterval(refresh, 60000);
+  </script>
+</body>
+</html>`;
+//# sourceMappingURL=observe-ui.js.map

package/dist/cli/observe.d.ts

@@ -0,0 +1,20 @@
+/**
+ * turbine-orm CLI — Observe
+ *
+ * A local, read-only dashboard for viewing query metrics stored in
+ * _turbine_metrics. Same security model as Studio: loopback binding,
+ * random token, HttpOnly cookie, CSP headers, read-only transactions.
+ */
+export interface ObserveOptions {
+    url: string;
+    port: number;
+    host: string;
+    openBrowser: boolean;
+}
+export interface ObserveServerHandle {
+    dispose: () => Promise<void>;
+    authToken: string;
+    url: string;
+}
+export declare function startObserve(options: ObserveOptions): Promise<ObserveServerHandle>;
+//# sourceMappingURL=observe.d.ts.map

package/dist/cli/observe.js

@@ -0,0 +1,237 @@
+/**
+ * turbine-orm CLI — Observe
+ *
+ * A local, read-only dashboard for viewing query metrics stored in
+ * _turbine_metrics. Same security model as Studio: loopback binding,
+ * random token, HttpOnly cookie, CSP headers, read-only transactions.
+ */
+import { randomBytes } from 'node:crypto';
+import { createServer } from 'node:http';
+import pg from 'pg';
+import { OBSERVE_HTML } from './observe-ui.js';
+// ---------------------------------------------------------------------------
+// Main entry point
+// ---------------------------------------------------------------------------
+export async function startObserve(options) {
+    const pool = new pg.Pool({
+        connectionString: options.url,
+        max: 2,
+        idleTimeoutMillis: 10_000,
+    });
+    const probe = await pool.connect();
+    try {
+        await probe.query('SELECT 1');
+    }
+    finally {
+        probe.release();
+    }
+    const authToken = randomBytes(24).toString('hex');
+    const server = createServer((req, res) => {
+        handleRequest(req, res, pool, options, authToken).catch((err) => {
+            sendJson(res, 500, { error: err instanceof Error ? err.message : String(err) });
+        });
+    });
+    await new Promise((resolve, reject) => {
+        server.once('error', reject);
+        server.listen(options.port, options.host, () => {
+            server.off('error', reject);
+            resolve();
+        });
+    });
+    const hostPart = options.host.includes(':') && !options.host.startsWith('[') ? `[${options.host}]` : options.host;
+    const url = `http://${hostPart}:${options.port}/?token=${authToken}`;
+    if (options.openBrowser) {
+        openUrl(url);
+    }
+    return {
+        authToken,
+        url,
+        dispose: async () => {
+            await new Promise((resolve) => server.close(() => resolve()));
+            await pool.end();
+        },
+    };
+}
+// ---------------------------------------------------------------------------
+// Request routing
+// ---------------------------------------------------------------------------
+async function handleRequest(req, res, pool, options, authToken) {
+    const hostPart = options.host.includes(':') && !options.host.startsWith('[') ? `[${options.host}]` : options.host;
+    const expectedOrigin = `http://${hostPart}:${options.port}`;
+    const origin = req.headers.origin;
+    if (origin && origin !== expectedOrigin) {
+        sendJson(res, 403, { error: 'cross-origin requests not allowed' });
+        return;
+    }
+    const url = new URL(req.url ?? '/', expectedOrigin);
+    const pathname = url.pathname;
+    if (pathname === '/' || pathname === '/index.html') {
+        if (req.method !== 'GET' && req.method !== 'HEAD') {
+            sendText(res, 405, 'Method Not Allowed');
+            return;
+        }
+        const queryToken = url.searchParams.get('token');
+        if (queryToken && constantTimeEqual(queryToken, authToken)) {
+            res.writeHead(302, {
+                Location: '/',
+                'Set-Cookie': `turbine_observe_token=${authToken}; Path=/; HttpOnly; SameSite=Strict`,
+            });
+            res.end();
+            return;
+        }
+        sendHtml(res, 200, OBSERVE_HTML);
+        return;
+    }
+    if (!isAuthorized(req, authToken)) {
+        sendJson(res, 401, { error: 'unauthorized' });
+        return;
+    }
+    if (pathname === '/api/latency' && req.method === 'GET') {
+        return apiLatency(res, pool, url.searchParams);
+    }
+    if (pathname === '/api/models' && req.method === 'GET') {
+        return apiModels(res, pool, url.searchParams);
+    }
+    sendJson(res, 404, { error: 'not found' });
+}
+// ---------------------------------------------------------------------------
+// Auth
+// ---------------------------------------------------------------------------
+function isAuthorized(req, expectedToken) {
+    const headerToken = req.headers['x-turbine-token'];
+    if (typeof headerToken === 'string' && constantTimeEqual(headerToken, expectedToken)) {
+        return true;
+    }
+    const cookieHeader = req.headers.cookie ?? '';
+    const match = /turbine_observe_token=([a-f0-9]+)/.exec(cookieHeader);
+    if (match?.[1] && constantTimeEqual(match[1], expectedToken)) {
+        return true;
+    }
+    return false;
+}
+function constantTimeEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let result = 0;
+    for (let i = 0; i < a.length; i++) {
+        result |= a.charCodeAt(i) ^ b.charCodeAt(i);
+    }
+    return result === 0;
+}
+// ---------------------------------------------------------------------------
+// API handlers
+// ---------------------------------------------------------------------------
+function rangeToInterval(range) {
+    switch (range) {
+        case '6h':
+            return '6 hours';
+        case '24h':
+            return '24 hours';
+        case '7d':
+            return '7 days';
+        default:
+            return '1 hour';
+    }
+}
+async function apiLatency(res, pool, params) {
+    const range = params.get('range') ?? '1h';
+    const interval = rangeToInterval(range);
+    const client = await pool.connect();
+    try {
+        await client.query('BEGIN READ ONLY');
+        await client.query(`SET LOCAL statement_timeout = '30s'`);
+        const result = await client.query(`SELECT bucket, SUM(count) as count,
+              SUM(avg_ms * count) / NULLIF(SUM(count), 0) as avg_ms,
+              MAX(p95_ms) as p95_ms,
+              MAX(p99_ms) as p99_ms
+       FROM _turbine_metrics
+       WHERE bucket >= NOW() - $1::interval
+       GROUP BY bucket
+       ORDER BY bucket`, [interval]);
+        await client.query('COMMIT');
+        sendJson(res, 200, result.rows);
+    }
+    catch (err) {
+        try {
+            await client.query('ROLLBACK');
+        }
+        catch { }
+        sendJson(res, 500, { error: err instanceof Error ? err.message : String(err) });
+    }
+    finally {
+        client.release();
+    }
+}
+async function apiModels(res, pool, params) {
+    const range = params.get('range') ?? '1h';
+    const interval = rangeToInterval(range);
+    const client = await pool.connect();
+    try {
+        await client.query('BEGIN READ ONLY');
+        await client.query(`SET LOCAL statement_timeout = '30s'`);
+        const result = await client.query(`SELECT model, action,
+              SUM(count)::int as count,
+              SUM(avg_ms * count) / NULLIF(SUM(count), 0) as avg_ms,
+              MAX(p95_ms) as p95_ms,
+              MAX(p99_ms) as p99_ms,
+              SUM(error_count)::int as error_count
+       FROM _turbine_metrics
+       WHERE bucket >= NOW() - $1::interval
+       GROUP BY model, action
+       ORDER BY MAX(p95_ms) DESC
+       LIMIT 50`, [interval]);
+        await client.query('COMMIT');
+        sendJson(res, 200, result.rows);
+    }
+    catch (err) {
+        try {
+            await client.query('ROLLBACK');
+        }
+        catch { }
+        sendJson(res, 500, { error: err instanceof Error ? err.message : String(err) });
+    }
+    finally {
+        client.release();
+    }
+}
+// ---------------------------------------------------------------------------
+// Response helpers
+// ---------------------------------------------------------------------------
+const SECURITY_HEADERS = {
+    'X-Content-Type-Options': 'nosniff',
+    'X-Frame-Options': 'DENY',
+    'Referrer-Policy': 'no-referrer',
+    'Content-Security-Policy': "default-src 'self'; script-src 'unsafe-inline'; style-src 'unsafe-inline'",
+};
+function sendJson(res, status, body) {
+    const payload = JSON.stringify(body);
+    res.writeHead(status, { ...SECURITY_HEADERS, 'Content-Type': 'application/json' });
+    res.end(payload);
+}
+function sendHtml(res, status, html) {
+    res.writeHead(status, { ...SECURITY_HEADERS, 'Content-Type': 'text/html; charset=utf-8' });
+    res.end(html);
+}
+function sendText(res, status, text) {
+    res.writeHead(status, { ...SECURITY_HEADERS, 'Content-Type': 'text/plain' });
+    res.end(text);
+}
+// ---------------------------------------------------------------------------
+// Browser open
+// ---------------------------------------------------------------------------
+function openUrl(url) {
+    const { platform: os } = process;
+    const { spawn } = require('node:child_process');
+    try {
+        if (os === 'darwin')
+            spawn('open', [url], { stdio: 'ignore', detached: true }).unref();
+        else if (os === 'win32')
+            spawn('cmd', ['/c', 'start', '', url], { stdio: 'ignore', detached: true }).unref();
+        else
+            spawn('xdg-open', [url], { stdio: 'ignore', detached: true }).unref();
+    }
+    catch {
+        // Best effort
+    }
+}
+//# sourceMappingURL=observe.js.map

package/dist/cli/studio.js

@@ -60,7 +60,11 @@ export async function startStudio(options) {
     const authToken = randomBytes(24).toString('hex');
     const stateDir = pathResolve(options.stateDir ?? '.turbine');
     const statementTimeout = options.adapter?.statementTimeout?.(30) ?? {
-        sql: `SET LOCAL statement_timeout = $1`,
+        // Postgres rejects parameters in `SET LOCAL` (`SET LOCAL ... = $1` is a
+        // syntax error). `set_config(name, value, is_local=true)` is the
+        // parameterizable, transaction-local equivalent and works on every
+        // Postgres-compatible engine.
+        sql: `SELECT set_config('statement_timeout', $1, true)`,
         params: ['30s'],
     };
     const rateLimiter = new Map();

package/dist/client.d.ts

@@ -24,9 +24,12 @@
 import pg from 'pg';
 import type { Dialect } from './dialect.js';
 import { type ErrorMessageMode } from './errors.js';
+import { type ObserveConfig, type ObserveHandle } from './observe.js';
 import { type PipelineOptions, type PipelineResults } from './pipeline.js';
-import { type DeferredQuery, QueryInterface, type QueryInterfaceOptions } from './query/index.js';
+import { type DeferredQuery, type QueryEventListener, QueryInterface, type QueryInterfaceOptions } from './query/index.js';
+import { type NotificationHandler, type Subscription } from './realtime.js';
 import type { SchemaMetadata } from './schema.js';
+import { TypedSqlQuery } from './typed-sql.js';
 export interface RetryOptions {
     maxAttempts?: number;
     baseDelay?: number;
@@ -171,6 +174,30 @@ export interface TransactionOptions {
     timeout?: number;
     /** Isolation level for the transaction */
     isolationLevel?: 'ReadUncommitted' | 'ReadCommitted' | 'RepeatableRead' | 'Serializable';
+    /**
+     * Transaction-local session GUCs to set after BEGIN. The canonical use case
+     * is multi-tenant Postgres row-level security (RLS): your policies filter on
+     * `current_setting('app.current_tenant')`, and you set that value here so
+     * every query inside the transaction sees it.
+     *
+     * Each entry is applied via `SELECT set_config($1, $2, true)` — `is_local=true`
+     * scopes the value to this transaction, so it auto-resets on COMMIT/ROLLBACK
+     * and never leaks onto the pooled connection. Both the name and value are
+     * bound parameters (never interpolated); the GUC name is additionally
+     * validated against a strict identifier regex.
+     *
+     * @example
+     * ```ts
+     * await db.$transaction(
+     *   async (tx) => {
+     *     // every query here sees current_setting('app.current_tenant') = '42'
+     *     return tx.invoices.findMany();
+     *   },
+     *   { sessionContext: { 'app.current_tenant': '42', 'app.current_user': userId } },
+     * );
+     * ```
+     */
+    sessionContext?: Record<string, string | number | boolean>;
 }
 /**
  * A transaction-scoped client that provides the same table accessor API as TurbineClient.
@@ -219,9 +246,13 @@ export declare class TurbineClient {
     private readonly logging;
     private readonly tableCache;
     private readonly middlewares;
-    private readonly queryOptions;
+    private readonly queryListeners;
+    private queryOptions;
+    private readonly errorMessagesSafe;
     /** True when Turbine created the pool and is responsible for tearing it down */
     private readonly ownsPool;
+    /** Active LISTEN subscriptions — torn down on disconnect() so it never hangs */
+    private readonly activeSubscriptions;
     constructor(config: TurbineConfig | undefined, schema: SchemaMetadata);
     /**
      * Register a middleware function that runs before/after every query.
@@ -255,6 +286,10 @@ export declare class TurbineClient {
      * ```
      */
     $use(middleware: Middleware): void;
+    $on(_event: 'query', listener: QueryEventListener): void;
+    $off(_event: 'query', listener: QueryEventListener): void;
+    private observeEngine?;
+    $observe(config: ObserveConfig): Promise<ObserveHandle>;
     /**
      * Get a QueryInterface for a table.
      * Results are cached — calling `table('users')` twice returns the same instance.
@@ -291,6 +326,37 @@ export declare class TurbineClient {
      * ```
      */
     raw<T extends Record<string, unknown> = Record<string, unknown>>(strings: TemplateStringsArray, ...values: unknown[]): Promise<T[]>;
+    /**
+     * Execute a **typed** raw SQL query — Turbine's answer to Prisma's TypedSQL.
+     *
+     * Like {@link raw}, every interpolated `${value}` becomes a `$N` parameter
+     * (never string-concatenated), so it is injection-safe by construction. The
+     * difference is the caller-supplied row type and the chainable result: the
+     * returned {@link TypedSqlQuery} can be `await`ed directly for `T[]`, or
+     * refined with `.one()` (→ `T | null`) or `.scalar<V>()` (→ `V | null`).
+     *
+     * Rows are returned as-is — no snake→camel mapping (matching `raw()`). Alias
+     * columns in SQL if you want camelCase keys.
+     *
+     * @example
+     * ```ts
+     * // rows
+     * const rows = await db.sql<{ id: number; name: string }>`
+     *   SELECT id, name FROM users WHERE org_id = ${orgId}
+     * `;
+     *
+     * // single row or null
+     * const user = await db.sql<{ id: number; name: string }>`
+     *   SELECT id, name FROM users WHERE id = ${userId}
+     * `.one();
+     *
+     * // scalar
+     * const total = await db.sql<{ count: number }>`
+     *   SELECT COUNT(*)::int AS count FROM users
+     * `.scalar();
+     * ```
+     */
+    sql<T extends Record<string, unknown> = Record<string, unknown>>(strings: TemplateStringsArray, ...values: unknown[]): TypedSqlQuery<T>;
     /**
      * Execute a function within a database transaction (raw pg.PoolClient).
      * For the typed API, use `$transaction()` instead.
@@ -323,6 +389,67 @@ export declare class TurbineClient {
      * ```
      */
     $transaction<R>(fn: (tx: TransactionClient) => Promise<R>, options?: TransactionOptions): Promise<R>;
+    /**
+     * Convenience wrapper around `$transaction` for the multi-tenant / RLS case:
+     * runs `fn` inside a transaction with the given session GUCs applied via
+     * `set_config(..., is_local=true)`. Equivalent to
+     * `$transaction(fn, { sessionContext: context })`.
+     *
+     * @example
+     * ```ts
+     * const invoices = await db.$withSession(
+     *   { 'app.current_tenant': tenantId },
+     *   (tx) => tx.invoices.findMany(),
+     * );
+     * ```
+     */
+    $withSession<R>(context: Record<string, string | number | boolean>, fn: (tx: TransactionClient) => Promise<R>): Promise<R>;
+    /**
+     * Subscribe to a Postgres NOTIFY channel. The handler fires with each
+     * notification's payload string (the empty string when a payload-less
+     * NOTIFY is sent) for as long as the subscription is active.
+     *
+     * Each `$listen` checks out its OWN dedicated long-lived connection from the
+     * pool and runs `LISTEN "channel"` on it; `subscription.unsubscribe()`
+     * UNLISTENs, detaches the handler, and releases that connection. Active
+     * subscriptions are tracked and force-released on `disconnect()` so shutdown
+     * never hangs.
+     *
+     * The channel name CANNOT be a bound parameter (`LISTEN $1` is a syntax
+     * error), so it is validated against a strict identifier regex AND quoted via
+     * `quoteIdent` before interpolation — it is the only identifier this method
+     * places into SQL text.
+     *
+     * **Serverless caveat:** LISTEN needs a persistent connection that can push
+     * async notifications. Stateless HTTP drivers (Neon HTTP, Vercel Postgres)
+     * cannot do this — `$listen` throws a `ConnectionError` rather than hang.
+     * `$notify` works on every driver.
+     *
+     * @example
+     * ```ts
+     * const sub = await db.$listen('order_created', (payload) => {
+     *   const order = JSON.parse(payload);
+     *   console.log('new order', order.id);
+     * });
+     * // ...later
+     * await sub.unsubscribe();
+     * ```
+     */
+    $listen(channel: string, handler: NotificationHandler): Promise<Subscription>;
+    /**
+     * Send a Postgres NOTIFY on `channel` with an optional payload string.
+     *
+     * Issued as `SELECT pg_notify($1, $2)` — both the channel and payload are
+     * BOUND parameters (no quoting/injection concern). The channel is still
+     * validated against the identifier regex for parity with `$listen` and to
+     * catch typos loudly. Works on every driver, including serverless HTTP pools.
+     *
+     * @example
+     * ```ts
+     * await db.$notify('order_created', JSON.stringify({ id: 7 }));
+     * ```
+     */
+    $notify(channel: string, payload?: string): Promise<void>;
     /**
      * Execute an async function with automatic retry on retryable errors.
      *