turbine-orm 0.5.0 → 0.7.1

package/dist/client.js

@@ -1,5 +1,5 @@
 /**
- * @batadata/turbine — TurbineClient
+ * turbine-orm — TurbineClient
  *
  * The main entry point for the Turbine TypeScript SDK.
  * Manages connection pooling and provides typed table accessors.
@@ -16,28 +16,15 @@
  * const user = await db.users.findUnique({ where: { id: 1 } });
  *
  * // With base client (dynamic):
- * import { TurbineClient } from '@batadata/turbine';
+ * import { TurbineClient } from 'turbine-orm';
  * const db = new TurbineClient({ connectionString: '...' }, schema);
  * const users = db.table<User>('users');
  * ```
  */
 import pg from 'pg';
-import { QueryInterface } from './query.js';
+import { setErrorMessageMode, TimeoutError, wrapPgError } from './errors.js';
 import { executePipeline } from './pipeline.js';
-/**
- * Parse int8 (bigint, OID 20) as JavaScript number instead of string.
- * Safe for values up to Number.MAX_SAFE_INTEGER (9,007,199,254,740,991).
- *
- * NOTE: For values exceeding Number.MAX_SAFE_INTEGER, the parser falls back
- * to returning the raw string to avoid precision loss. The generated TypeScript
- * type maps int8/bigint to `number`, which is correct for the vast majority of
- * use cases (IDs, counts, timestamps). If you store values > 2^53 - 1 in a
- * bigint column, the runtime return type will be `string` for those rows.
- */
-pg.types.setTypeParser(20, (val) => {
-    const n = Number(val);
-    return Number.isSafeInteger(n) ? n : val; // fall back to string for huge values
-});
+import { QueryInterface } from './query.js';
 /** Maps isolation level names to SQL */
 const ISOLATION_LEVELS = {
     ReadUncommitted: 'READ UNCOMMITTED',
@@ -119,20 +106,36 @@ export class TransactionClient {
                 sql += `$${i + 1}`;
             }
         });
-        const result = await this.client.query(sql, values);
-        return result.rows;
+        try {
+            const result = await this.client.query(sql, values);
+            return result.rows;
+        }
+        catch (err) {
+            throw wrapPgError(err);
+        }
     }
     /**
      * Create a pool-like wrapper around the transaction client.
      * This allows QueryInterface to work with the transaction connection
      * without knowing it's in a transaction.
+     *
+     * pg driver errors thrown by queries are translated into typed Turbine
+     * errors via wrapPgError so transaction-scoped queries surface the same
+     * typed errors as pool-scoped queries.
      */
     createTxPool() {
         const client = this.client;
         // Return a minimal pool-compatible object that routes queries
         // through the transaction client
         return {
-            query: (text, values) => client.query(text, values),
+            query: async (text, values) => {
+                try {
+                    return await client.query(text, values);
+                }
+                catch (err) {
+                    throw wrapPgError(err);
+                }
+            },
             connect: () => Promise.resolve(client),
         };
     }
@@ -145,38 +148,86 @@ export class TurbineClient {
     pool;
     /** The schema metadata this client was built from */
     schema;
+    static int8ParserRegistered = false;
     logging;
     tableCache = new Map();
     middlewares = [];
     queryOptions;
+    /** True when Turbine created the pool and is responsible for tearing it down */
+    ownsPool = true;
     constructor(config = {}, schema) {
+        /**
+         * Parse int8 (bigint, OID 20) as JavaScript number instead of string.
+         * Safe for values up to Number.MAX_SAFE_INTEGER (9,007,199,254,740,991).
+         *
+         * NOTE: For values exceeding Number.MAX_SAFE_INTEGER, the parser falls back
+         * to returning the raw string to avoid precision loss. The generated TypeScript
+         * type maps int8/bigint to `number`, which is correct for the vast majority of
+         * use cases (IDs, counts, timestamps). If you store values > 2^53 - 1 in a
+         * bigint column, the runtime return type will be `string` for those rows.
+         *
+         * NOTE: We intentionally do NOT register a parser for numeric (OID 1700).
+         * Postgres numeric is arbitrary-precision, so the default pg driver behavior
+         * of returning a string is correct and matches the generated TypeScript type
+         * (numeric → string). Users who want number can cast explicitly in SQL.
+         */
+        // Only register the int8 parser when we own the pg driver. External
+        // pools (Neon HTTP, Vercel Postgres) may ship their own pg-types fork
+        // and rely on their own parser configuration — don't mutate global state
+        // we don't own.
+        if (!config.pool && !TurbineClient.int8ParserRegistered) {
+            pg.types.setTypeParser(20, (val) => {
+                const n = Number(val);
+                return Number.isSafeInteger(n) ? n : val;
+            });
+            TurbineClient.int8ParserRegistered = true;
+        }
         this.logging = config.logging ?? false;
         this.schema = schema;
         this.queryOptions = {
             defaultLimit: config.defaultLimit,
             warnOnUnlimited: config.warnOnUnlimited,
         };
-        const poolConfig = {
-            max: config.poolSize ?? 10,
-            idleTimeoutMillis: config.idleTimeoutMs ?? 30_000,
-            connectionTimeoutMillis: config.connectionTimeoutMs ?? 5_000,
-        };
-        if (config.connectionString) {
-            poolConfig.connectionString = config.connectionString;
+        // Apply NotFoundError message redaction mode (default: safe — values are
+        // stripped from messages to avoid leaking PII into error logs).
+        if (config.errorMessages) {
+            setErrorMessageMode(config.errorMessages);
         }
-        else {
-            poolConfig.host = config.host ?? 'localhost';
-            poolConfig.port = config.port ?? 5432;
-            poolConfig.database = config.database ?? 'postgres';
-            poolConfig.user = config.user ?? 'postgres';
-            poolConfig.password = config.password;
+        if (config.pool) {
+            // External pool — use directly. Turbine doesn't manage its lifecycle.
+            this.pool = config.pool;
+            this.ownsPool = false;
+            if (this.logging) {
+                console.log(`[turbine] Using external pool — ${Object.keys(schema.tables).length} tables`);
+            }
         }
-        this.pool = new pg.Pool(poolConfig);
-        this.pool.on('error', (err) => {
-            console.error('[turbine] Unexpected pool error:', err.message);
-        });
-        if (this.logging) {
-            console.log(`[turbine] Pool created — max ${poolConfig.max} connections, ${Object.keys(schema.tables).length} tables`);
+        else {
+            const poolConfig = {
+                max: config.poolSize ?? 10,
+                idleTimeoutMillis: config.idleTimeoutMs ?? 30_000,
+                connectionTimeoutMillis: config.connectionTimeoutMs ?? 5_000,
+            };
+            if (config.connectionString) {
+                poolConfig.connectionString = config.connectionString;
+            }
+            else {
+                poolConfig.host = config.host ?? 'localhost';
+                poolConfig.port = config.port ?? 5432;
+                poolConfig.database = config.database ?? 'postgres';
+                poolConfig.user = config.user ?? 'postgres';
+                poolConfig.password = config.password;
+            }
+            if (config.ssl !== undefined) {
+                poolConfig.ssl = config.ssl;
+            }
+            this.pool = new pg.Pool(poolConfig);
+            this.ownsPool = true;
+            this.pool.on('error', (err) => {
+                console.error('[turbine] Unexpected pool error:', err.message);
+            });
+            if (this.logging) {
+                console.log(`[turbine] Pool created — max ${poolConfig.max} connections, ${Object.keys(schema.tables).length} tables`);
+            }
         }
         // Auto-create typed table accessors for all tables in the schema
         for (const tableName of Object.keys(schema.tables)) {
@@ -283,8 +334,13 @@ export class TurbineClient {
         if (this.logging) {
             console.log(`[turbine] Raw SQL: ${sql.trim().substring(0, 120)}...`);
         }
-        const result = await this.pool.query(sql, values);
-        return result.rows;
+        try {
+            const result = await this.pool.query(sql, values);
+            return result.rows;
+        }
+        catch (err) {
+            throw wrapPgError(err);
+        }
     }
     // -------------------------------------------------------------------------
     // Transaction support (raw — legacy)
@@ -341,6 +397,24 @@ export class TurbineClient {
     async $transaction(fn, options) {
         const client = await this.pool.connect();
         const timeout = options?.timeout;
+        /**
+         * Track whether the connection has already been released so the finally
+         * block doesn't double-release. When a timeout fires we destroy the
+         * connection eagerly to abort the in-flight backend query.
+         */
+        let released = false;
+        const releaseOnce = (err) => {
+            if (released)
+                return;
+            released = true;
+            try {
+                client.release(err);
+            }
+            catch {
+                // pg may throw if the client is already released — swallow.
+            }
+        };
+        let timedOut = false;
         try {
             // BEGIN with optional isolation level
             let beginSQL = 'BEGIN';
@@ -364,11 +438,23 @@ export class TurbineClient {
             }
             let result;
             if (timeout) {
-                // Race between the function and a timeout
+                // Race between the function and a timeout. If the timeout fires we
+                // need to actually abort the in-flight query — otherwise the backend
+                // keeps running until pg's own timeout, holding a pool slot the whole
+                // time. The simplest reliable cancellation is to destroy the
+                // connection: passing a truthy argument to client.release() tells the
+                // pg pool to discard the client (its socket is closed, which causes
+                // Postgres to abort the active query and roll back the transaction).
+                // The pool will spin up a fresh connection on the next checkout.
                 let timer;
                 const timeoutPromise = new Promise((_, reject) => {
                     timer = setTimeout(() => {
-                        reject(new Error(`[turbine] Transaction timed out after ${timeout}ms`));
+                        timedOut = true;
+                        // Destroy the connection to abort the in-flight backend query.
+                        // We do this BEFORE rejecting so the socket is gone by the time
+                        // the caller's catch block runs.
+                        releaseOnce(new Error('[turbine] Transaction timeout — connection destroyed'));
+                        reject(new TimeoutError(timeout, 'Transaction'));
                     }, timeout);
                 });
                 try {
@@ -388,14 +474,25 @@ export class TurbineClient {
             return result;
         }
         catch (err) {
-            await client.query('ROLLBACK');
+            // If the timeout fired we already destroyed the connection — issuing a
+            // ROLLBACK on a released client would throw "Client has already been
+            // released". Skip the rollback in that case (the backend rolled back
+            // when its socket was closed).
+            if (!timedOut && !released) {
+                try {
+                    await client.query('ROLLBACK');
+                }
+                catch {
+                    // Best-effort rollback — the connection may have died mid-query.
+                }
+            }
             if (this.logging) {
                 console.log('[turbine] Transaction rolled back');
             }
             throw err;
         }
         finally {
-            client.release();
+            releaseOnce();
         }
     }
     // -------------------------------------------------------------------------
@@ -419,8 +516,17 @@ export class TurbineClient {
     }
     /**
      * Gracefully shut down the connection pool.
+     *
+     * If Turbine was given an external pool via `TurbineConfig.pool`, this
+     * method is a no-op — the caller is responsible for the pool's lifecycle.
      */
     async disconnect() {
+        if (!this.ownsPool) {
+            if (this.logging) {
+                console.log('[turbine] disconnect() skipped — external pool is not owned by Turbine');
+            }
+            return;
+        }
         await this.pool.end();
         if (this.logging) {
             console.log('[turbine] Pool disconnected');
@@ -430,12 +536,15 @@ export class TurbineClient {
     async end() {
         return this.disconnect();
     }
-    /** Pool statistics for monitoring. */
+    /**
+     * Pool statistics for monitoring. Returns zeros for pools that don't
+     * expose connection counts (e.g., stateless HTTP drivers like Neon).
+     */
     get stats() {
         return {
-            totalCount: this.pool.totalCount,
-            idleCount: this.pool.idleCount,
-            waitingCount: this.pool.waitingCount,
+            totalCount: this.pool.totalCount ?? 0,
+            idleCount: this.pool.idleCount ?? 0,
+            waitingCount: this.pool.waitingCount ?? 0,
         };
     }
 }

package/dist/errors.d.ts

@@ -0,0 +1,225 @@
+/**
+ * turbine-orm — Error types
+ *
+ * Typed errors with error codes for programmatic handling.
+ * All Turbine errors extend TurbineError which includes a `code` property.
+ */
+/** Error codes for all Turbine errors */
+export declare const TurbineErrorCode: {
+    readonly NOT_FOUND: "TURBINE_E001";
+    readonly TIMEOUT: "TURBINE_E002";
+    readonly VALIDATION: "TURBINE_E003";
+    readonly CONNECTION: "TURBINE_E004";
+    readonly RELATION: "TURBINE_E005";
+    readonly MIGRATION: "TURBINE_E006";
+    readonly CIRCULAR_RELATION: "TURBINE_E007";
+    readonly UNIQUE_VIOLATION: "TURBINE_E008";
+    readonly FOREIGN_KEY_VIOLATION: "TURBINE_E009";
+    readonly NOT_NULL_VIOLATION: "TURBINE_E010";
+    readonly CHECK_VIOLATION: "TURBINE_E011";
+    readonly DEADLOCK_DETECTED: "TURBINE_E012";
+    readonly SERIALIZATION_FAILURE: "TURBINE_E013";
+};
+export type TurbineErrorCode = (typeof TurbineErrorCode)[keyof typeof TurbineErrorCode];
+/** Base error class for all Turbine errors */
+export declare class TurbineError extends Error {
+    readonly code: TurbineErrorCode;
+    constructor(code: TurbineErrorCode, message: string, options?: {
+        cause?: unknown;
+    });
+}
+/**
+ * Controls whether NotFoundError messages include the actual `where` values
+ * (`'verbose'`) or only the where-clause keys (`'safe'`, the default).
+ *
+ * Defaults to `'safe'` to avoid leaking PII into error logs (Sentry, Datadog,
+ * etc.). The full `where` object is always available as `err.where` for
+ * programmatic access — only the human-readable message is redacted.
+ *
+ * Set via `setErrorMessageMode('verbose')` or by constructing TurbineClient
+ * with `{ errorMessages: 'verbose' }`.
+ */
+export type ErrorMessageMode = 'safe' | 'verbose';
+/**
+ * Set the global NotFoundError message mode. Called from the TurbineClient
+ * constructor when `TurbineConfig.errorMessages` is provided.
+ *
+ *   - `'safe'`    (default): the message includes only the keys of the where
+ *     clause (e.g. `where: { id, email }`). Values are redacted.
+ *   - `'verbose'`: the message includes the full JSON-serialized where
+ *     clause (e.g. `where: {"id":1,"email":"alice@x.com"}`).
+ */
+export declare function setErrorMessageMode(mode: ErrorMessageMode): void;
+/** Returns the current NotFoundError message mode. Exported for tests. */
+export declare function getErrorMessageMode(): ErrorMessageMode;
+/**
+ * Thrown when a record is not found (findUniqueOrThrow, findFirstOrThrow,
+ * update/delete against a non-matching row, etc.)
+ *
+ * Supports two call styles for back-compat:
+ *   - `new NotFoundError()` / `new NotFoundError('custom message')`
+ *   - `new NotFoundError({ table, where, operation, cause, message })`
+ *
+ * When called with an options object and no explicit `message`, a Prisma-style
+ * message is built automatically. By default, only the where-clause keys are
+ * shown to avoid leaking PII into logs:
+ *   `[turbine] findUniqueOrThrow on "users" found no record matching where: { id }`
+ *
+ * Set `setErrorMessageMode('verbose')` (or pass `errorMessages: 'verbose'` to
+ * the TurbineClient constructor) to include the full where values:
+ *   `[turbine] findUniqueOrThrow on "users" found no record matching where: {"id":1}`
+ *
+ * The full `where` object, `table`, and `operation` are always available as
+ * structured properties on the error instance regardless of mode.
+ */
+export declare class NotFoundError extends TurbineError {
+    readonly table?: string;
+    readonly where?: unknown;
+    readonly operation?: string;
+    constructor(input?: string | {
+        table?: string;
+        where?: unknown;
+        operation?: string;
+        cause?: unknown;
+        message?: string;
+    });
+}
+/** Thrown when a query or transaction exceeds the configured timeout */
+export declare class TimeoutError extends TurbineError {
+    readonly timeoutMs: number;
+    constructor(timeoutMs: number, context?: string);
+}
+/** Thrown when query arguments fail validation (unknown column, invalid operator, etc.) */
+export declare class ValidationError extends TurbineError {
+    constructor(message: string);
+}
+/** Thrown when a database connection fails */
+export declare class ConnectionError extends TurbineError {
+    constructor(message: string);
+}
+/** Thrown when a relation reference is invalid */
+export declare class RelationError extends TurbineError {
+    constructor(message: string);
+}
+/** Thrown when a migration operation fails */
+export declare class MigrationError extends TurbineError {
+    constructor(message: string);
+}
+/** Thrown when circular relation nesting is detected */
+export declare class CircularRelationError extends TurbineError {
+    readonly path: string[];
+    constructor(path: string[]);
+}
+/** Thrown when a UNIQUE constraint is violated (pg code 23505) */
+export declare class UniqueConstraintError extends TurbineError {
+    readonly constraint?: string;
+    readonly columns?: string[];
+    readonly table?: string;
+    constructor(opts?: {
+        constraint?: string;
+        columns?: string[];
+        table?: string;
+        message?: string;
+        cause?: unknown;
+    });
+}
+/** Thrown when a FOREIGN KEY constraint is violated (pg code 23503) */
+export declare class ForeignKeyError extends TurbineError {
+    readonly constraint?: string;
+    readonly table?: string;
+    constructor(opts?: {
+        constraint?: string;
+        table?: string;
+        message?: string;
+        cause?: unknown;
+    });
+}
+/** Thrown when a NOT NULL constraint is violated (pg code 23502) */
+export declare class NotNullViolationError extends TurbineError {
+    readonly column?: string;
+    readonly table?: string;
+    constructor(opts?: {
+        column?: string;
+        table?: string;
+        message?: string;
+        cause?: unknown;
+    });
+}
+/**
+ * Thrown when Postgres detects a deadlock (pg code 40P01).
+ *
+ * This error is **retryable** — when caught, callers can safely retry the
+ * transaction (typically with backoff). Catch it explicitly:
+ *
+ * ```ts
+ * try {
+ *   await db.$transaction(async (tx) => { ... });
+ * } catch (err) {
+ *   if (err instanceof DeadlockError) {
+ *     // safe to retry
+ *   }
+ * }
+ * ```
+ */
+export declare class DeadlockError extends TurbineError {
+    /** Marks this error as safe to retry */
+    readonly isRetryable: true;
+    readonly constraint?: string;
+    constructor(opts?: {
+        message?: string;
+        constraint?: string;
+        cause?: unknown;
+    });
+}
+/**
+ * Thrown when a Serializable transaction fails due to a serialization
+ * conflict (pg code 40001 — `could not serialize access due to ...`).
+ *
+ * This error is **retryable** — by Postgres documentation, the recommended
+ * response is to re-run the entire transaction. Catch it explicitly:
+ *
+ * ```ts
+ * try {
+ *   await db.$transaction(async (tx) => { ... }, { isolationLevel: 'Serializable' });
+ * } catch (err) {
+ *   if (err instanceof SerializationFailureError) {
+ *     // safe to retry the whole transaction
+ *   }
+ * }
+ * ```
+ */
+export declare class SerializationFailureError extends TurbineError {
+    /** Marks this error as safe to retry */
+    readonly isRetryable: true;
+    constructor(opts?: {
+        message?: string;
+        cause?: unknown;
+    });
+}
+/** Thrown when a CHECK constraint is violated (pg code 23514) */
+export declare class CheckConstraintError extends TurbineError {
+    readonly constraint?: string;
+    readonly table?: string;
+    constructor(opts?: {
+        constraint?: string;
+        table?: string;
+        message?: string;
+        cause?: unknown;
+    });
+}
+/**
+ * Translate a pg driver error into a typed Turbine error.
+ * If the error doesn't match a known constraint code, returns it unchanged.
+ *
+ * Maps:
+ *   23505 (unique_violation)      -> UniqueConstraintError
+ *   23503 (foreign_key_violation) -> ForeignKeyError
+ *   23502 (not_null_violation)    -> NotNullViolationError
+ *   23514 (check_violation)       -> CheckConstraintError
+ *   40P01 (deadlock_detected)     -> DeadlockError       (retryable)
+ *   40001 (serialization_failure) -> SerializationFailureError (retryable)
+ *
+ * The original pg error is preserved as `.cause` on the wrapped error.
+ */
+export declare function wrapPgError(err: unknown): unknown;
+//# sourceMappingURL=errors.d.ts.map