turbine-orm 0.7.1 → 0.9.0

package/dist/cjs/schema-builder.js

@@ -261,15 +261,35 @@ class ColumnBuilder {
     }
 }
 exports.ColumnBuilder = ColumnBuilder;
+/** Type guard: is `prop` a known nullary ColumnBuilder type method? */
+function isNullaryColumnType(prop) {
+    return (prop === 'serial' ||
+        prop === 'bigint' ||
+        prop === 'integer' ||
+        prop === 'smallint' ||
+        prop === 'text' ||
+        prop === 'boolean' ||
+        prop === 'timestamp' ||
+        prop === 'date' ||
+        prop === 'json' ||
+        prop === 'uuid' ||
+        prop === 'real' ||
+        prop === 'doublePrecision' ||
+        prop === 'numeric' ||
+        prop === 'bytea');
+}
 /** @deprecated Use defineSchema() with plain objects instead */
 exports.column = new Proxy({}, {
     get(_target, prop) {
         if (prop === 'varchar')
             return (length) => new ColumnBuilder().varchar(length);
+        if (isNullaryColumnType(prop)) {
+            return () => {
+                const builder = new ColumnBuilder();
+                return builder[prop]();
+            };
+        }
         return () => {
-            const builder = new ColumnBuilder();
-            if (typeof builder[prop] === 'function')
-                return builder[prop].call(builder);
             throw new Error(`Unknown column type: ${prop}`);
         };
     },

package/dist/cli/index.d.ts

@@ -12,7 +12,7 @@
  *   turbine migrate status        — Show migration status
  *   turbine seed                  — Run seed file
  *   turbine status                — Show schema summary
- *   turbine studio                — Launch web UI (coming soon)
+ *   turbine studio                — Launch local read-only web UI
  *
  * Usage:
  *   DATABASE_URL=postgres://... npx turbine generate

package/dist/cli/index.js

@@ -12,7 +12,7 @@
  *   turbine migrate status        — Show migration status
  *   turbine seed                  — Run seed file
  *   turbine status                — Show schema summary
- *   turbine studio                — Launch web UI (coming soon)
+ *   turbine studio                — Launch local read-only web UI
  *
  * Usage:
  *   DATABASE_URL=postgres://... npx turbine generate
@@ -20,7 +20,7 @@
  *   npx turbine migrate create add_users_table
  */
 import { appendFileSync, existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
-import { relative, resolve } from 'node:path';
+import { dirname, relative, resolve } from 'node:path';
 import { pathToFileURL } from 'node:url';
 import { generate } from '../generate.js';
 import { introspect } from '../introspect.js';
@@ -28,6 +28,7 @@ import { schemaDiff, schemaPush } from '../schema-sql.js';
 import { configTemplate, findConfigFile, loadConfig, resolveConfig } from './config.js';
 import { needsTsLoader, registerTsLoader } from './loader.js';
 import { createMigration, listMigrationFiles, migrateDown, migrateStatus, migrateUp } from './migrate.js';
+import { startStudio } from './studio.js';
 import { banner, blue, bold, box, cyan, dim, divider, elapsed, error, table as formatTable, gray, green, header, info, label, magenta, newline, red, redactUrl, Spinner, success, symbols, warn, yellow, } from './ui.js';
 function parseArgs() {
     const args = process.argv.slice(2);
@@ -94,6 +95,17 @@ function parseArgs() {
             case '-h':
                 result.help = true;
                 break;
+            case '--port':
+                result.port = next ? Number.parseInt(next, 10) : undefined;
+                i++;
+                break;
+            case '--host':
+                result.host = next;
+                i++;
+                break;
+            case '--no-open':
+                result.noOpen = true;
+                break;
             default:
                 if (!arg.startsWith('-')) {
                     result.positional.push(arg);
@@ -890,19 +902,71 @@ async function cmdStatus(_args, config) {
     }
 }
 // ---------------------------------------------------------------------------
-// Command: studio (scaffold)
+// Command: studio — local read-only web UI
 // ---------------------------------------------------------------------------
-async function cmdStudio(_args, _config) {
+async function cmdStudio(args, config) {
     banner();
+    const url = requireUrl(config);
+    const port = args.port ?? 4983;
+    const host = args.host ?? '127.0.0.1';
+    const openBrowser = !args.noOpen;
+    if (!Number.isFinite(port) || port <= 0 || port > 65535) {
+        console.log(red(`✗ invalid port: ${args.port}`));
+        process.exit(1);
+    }
+    // Refuse to bind anything other than loopback unless explicitly overridden.
+    // This is deliberate: Studio has no real authentication beyond a random
+    // session token, so exposing it on a LAN interface is foot-gun territory.
+    if (host !== '127.0.0.1' && host !== 'localhost' && host !== '::1') {
+        console.log(warn(`Studio is binding to ${yellow(host)} — this is NOT loopback. ` +
+            `Anyone on your network who can reach this port + guess the session token can read your database.`));
+    }
+    const spinner = new Spinner('Introspecting database').start();
+    let studio;
+    try {
+        studio = await startStudio({
+            url,
+            schema: config.schema,
+            port,
+            host,
+            openBrowser,
+            include: config.include.length ? config.include : undefined,
+            exclude: config.exclude.length ? config.exclude : undefined,
+        });
+        spinner.succeed(`Studio is running`);
+    }
+    catch (err) {
+        spinner.fail(`Failed to start Studio: ${err instanceof Error ? err.message : String(err)}`);
+        process.exit(1);
+    }
+    newline();
     console.log(box([
-        `${bold('Turbine Studio')} ${dim('— coming soon')}`,
+        `${bold('Turbine Studio')}  ${dim('— local read-only UI')}`,
         '',
-        'A local web UI for browsing your database,',
-        'exploring relations, and managing data.',
+        `  ${cyan('URL:')}    ${bold(studio.url)}`,
+        `  ${cyan('Schema:')} ${config.schema}`,
+        `  ${cyan('DB:')}     ${redactUrl(url)}`,
         '',
-        `Follow ${cyan('@turbineorm')} for updates.`,
-    ].join('\n'), { title: bold(cyan('Studio')), padding: 2 }));
+        dim('Open the URL above in your browser. It includes a one-time session'),
+        dim('token that gets set as an HttpOnly cookie on first load.'),
+        dim('Press Ctrl+C to stop.'),
+    ].join('\n'), { title: bold(cyan('Studio')), padding: 1 }));
     newline();
+    // Wait forever until SIGINT/SIGTERM, then dispose cleanly.
+    await new Promise((resolve) => {
+        const shutdown = async () => {
+            console.log(dim('\n  shutting down…'));
+            try {
+                await studio.dispose();
+            }
+            catch {
+                /* ignore */
+            }
+            resolve();
+        };
+        process.once('SIGINT', shutdown);
+        process.once('SIGTERM', shutdown);
+    });
 }
 // ---------------------------------------------------------------------------
 // Subcommand help
@@ -1051,7 +1115,7 @@ function showHelp() {
     console.log(`      ${dim('status')}           Show applied/pending migrations`);
     console.log(`    ${cyan('seed')}               Run seed file`);
     console.log(`    ${cyan('status')} ${dim('| info')}     Show schema summary`);
-    console.log(`    ${cyan('studio')}             Launch web UI (coming soon)`);
+    console.log(`    ${cyan('studio')}             Launch local read-only web UI`);
     newline();
     console.log(`  ${bold('Options:')}`);
     console.log(`    ${cyan('--url, -u')} ${dim('<url>')}      Postgres connection string`);
@@ -1063,6 +1127,11 @@ function showHelp() {
     console.log(`    ${cyan('--verbose, -v')}        Show detailed output`);
     console.log(`    ${cyan('--force, -f')}          Overwrite existing files`);
     newline();
+    console.log(`  ${bold('Studio options:')}`);
+    console.log(`    ${cyan('--port')} ${dim('<n>')}           HTTP port ${dim('(default: 4983)')}`);
+    console.log(`    ${cyan('--host')} ${dim('<addr>')}        Bind address ${dim('(default: 127.0.0.1)')}`);
+    console.log(`    ${cyan('--no-open')}            Don't auto-open the browser`);
+    newline();
     console.log(`  ${bold('Config file:')}`);
     console.log(`    ${dim('Create')} ${cyan('turbine.config.ts')} ${dim('with')} ${cyan('npx turbine init')}`);
     console.log(`    ${dim('CLI flags override config file values.')}`);
@@ -1079,7 +1148,30 @@ function showHelp() {
 // Version
 // ---------------------------------------------------------------------------
 function showVersion() {
-    console.log(`turbine-orm v0.5.0`);
+    // Walk up from the running script to find the turbine-orm package.json.
+    // Using process.argv[1] instead of import.meta.url so the same code compiles
+    // cleanly for both the ESM and CJS builds.
+    try {
+        let dir = dirname(process.argv[1] ?? '');
+        for (let i = 0; i < 6; i++) {
+            const candidate = resolve(dir, 'package.json');
+            if (existsSync(candidate)) {
+                const pkg = JSON.parse(readFileSync(candidate, 'utf8'));
+                if (pkg.name === 'turbine-orm') {
+                    console.log(`turbine-orm v${pkg.version ?? '?'}`);
+                    return;
+                }
+            }
+            const parent = dirname(dir);
+            if (parent === dir)
+                break;
+            dir = parent;
+        }
+        console.log(`turbine-orm`);
+    }
+    catch {
+        console.log(`turbine-orm`);
+    }
 }
 // ---------------------------------------------------------------------------
 // Main

package/dist/cli/migrate.d.ts

@@ -79,6 +79,22 @@ export declare function createMigration(migrationsDir: string, name: string, aut
     up: string;
     down: string;
 }): MigrationFile;
+/**
+ * Derive a Postgres advisory lock ID (positive int4) from the database name.
+ *
+ * Uses FNV-1a 32-bit hash — a well-known, stable, non-cryptographic hash with
+ * excellent distribution over short strings (database names are typically <64
+ * chars). Chosen over alternatives because it's:
+ *   - deterministic (same input → same output, across processes/machines)
+ *   - tiny (two lines, no allocations, no imports)
+ *   - well-distributed (low collision rate for typical DB-name distributions)
+ *
+ * The top bit is cleared so the result fits in a positive int4, which is the
+ * range `pg_advisory_lock` expects for the single-argument form. Two databases
+ * in the same Postgres cluster can now run `turbine migrate` concurrently
+ * without contending on a single hardcoded lock ID.
+ */
+export declare function deriveLockId(databaseName: string): number;
 /**
  * Apply all pending migrations (UP).
  *

package/dist/cli/migrate.js

@@ -202,16 +202,44 @@ ${autoContent.down}
 // ---------------------------------------------------------------------------
 // Advisory lock for concurrent migration safety
 // ---------------------------------------------------------------------------
-/** Fixed lock ID for Turbine migrations — prevents concurrent migrate runs */
-const MIGRATION_LOCK_ID = 8_347_291; // arbitrary but stable
-async function acquireLock(client) {
-    const result = await client.query(`SELECT pg_try_advisory_lock($1)`, [
-        MIGRATION_LOCK_ID,
-    ]);
-    return result.rows[0]?.pg_try_advisory_lock ?? false;
+/**
+ * Derive a Postgres advisory lock ID (positive int4) from the database name.
+ *
+ * Uses FNV-1a 32-bit hash — a well-known, stable, non-cryptographic hash with
+ * excellent distribution over short strings (database names are typically <64
+ * chars). Chosen over alternatives because it's:
+ *   - deterministic (same input → same output, across processes/machines)
+ *   - tiny (two lines, no allocations, no imports)
+ *   - well-distributed (low collision rate for typical DB-name distributions)
+ *
+ * The top bit is cleared so the result fits in a positive int4, which is the
+ * range `pg_advisory_lock` expects for the single-argument form. Two databases
+ * in the same Postgres cluster can now run `turbine migrate` concurrently
+ * without contending on a single hardcoded lock ID.
+ */
+export function deriveLockId(databaseName) {
+    let hash = 0x811c9dc5;
+    for (let i = 0; i < databaseName.length; i++) {
+        hash ^= databaseName.charCodeAt(i);
+        hash = Math.imul(hash, 0x01000193);
+    }
+    return hash >>> 1; // positive int4 (top bit cleared)
+}
+/**
+ * Fetch the current database name from the connected client. Used to derive
+ * the advisory lock ID so concurrent migrations in sibling databases do not
+ * contend on one another.
+ */
+async function getCurrentDatabaseName(client) {
+    const result = await client.query(`SELECT current_database()`);
+    return result.rows[0]?.current_database ?? '';
+}
+async function acquireLock(client, lockId) {
+    const result = await client.query(`SELECT pg_try_advisory_lock($1) AS locked`, [lockId]);
+    return result.rows[0]?.locked ?? false;
 }
-async function releaseLock(client) {
-    await client.query(`SELECT pg_advisory_unlock($1)`, [MIGRATION_LOCK_ID]);
+async function releaseLock(client, lockId) {
+    await client.query(`SELECT pg_advisory_unlock($1)`, [lockId]);
 }
 /**
  * Validate that applied migration files have not been modified or deleted since they were run.
@@ -274,8 +302,12 @@ export async function migrateUp(connectionString, migrationsDir, options) {
     // Treat `force` as an alias for `allowDrift` for backwards compatibility.
     const allowDrift = options?.allowDrift === true || options?.force === true;
     try {
+        // Derive an advisory lock ID per-database so concurrent migrations in
+        // sibling databases on the same Postgres cluster do not contend.
+        const dbName = await getCurrentDatabaseName(client);
+        const lockId = deriveLockId(dbName);
         // Acquire advisory lock to prevent concurrent migrations
-        const gotLock = await acquireLock(client);
+        const gotLock = await acquireLock(client, lockId);
         if (!gotLock) {
             throw new MigrationError('[turbine] Could not acquire migration lock — another migration is already running');
         }
@@ -347,7 +379,7 @@ export async function migrateUp(connectionString, migrationsDir, options) {
             return { applied: results, errors };
         }
         finally {
-            await releaseLock(client);
+            await releaseLock(client, lockId);
         }
     }
     finally {
@@ -366,7 +398,11 @@ export async function migrateDown(connectionString, migrationsDir, options) {
     const client = new pg.Client({ connectionString });
     await client.connect();
     try {
-        const gotLock = await acquireLock(client);
+        // Derive a per-database advisory lock ID so concurrent migrations in
+        // sibling databases on the same cluster do not contend.
+        const dbName = await getCurrentDatabaseName(client);
+        const lockId = deriveLockId(dbName);
+        const gotLock = await acquireLock(client, lockId);
         if (!gotLock) {
             throw new MigrationError('[turbine] Could not acquire migration lock — another migration is already running');
         }
@@ -413,7 +449,7 @@ export async function migrateDown(connectionString, migrationsDir, options) {
             return { rolledBack: results, errors };
         }
         finally {
-            await releaseLock(client);
+            await releaseLock(client, lockId);
         }
     }
     finally {

package/dist/cli/studio-ui.generated.d.ts

@@ -0,0 +1,2 @@
+export declare const STUDIO_HTML: string;
+//# sourceMappingURL=studio-ui.generated.d.ts.map