web-agent-bridge 3.4.0 → 3.9.0

package/server/middleware/rateLimits.js

@@ -1,100 +1,100 @@
-/**
- * Comprehensive rate limits for all security-sensitive endpoints.
- */
-
-const rateLimit = require('express-rate-limit');
-
-// ─── Auth endpoints ──────────────────────────────────────────────────
-
-const authLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000,
-  max: 10,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many authentication attempts, please try again later' }
-});
-
-const registerLimiter = rateLimit({
-  windowMs: 60 * 60 * 1000,
-  max: 20,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many registration attempts, please try again later' }
-});
-
-const adminLoginLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000,
-  max: 5,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many admin login attempts, please try again later' }
-});
-
-// ─── WAB API endpoints ───────────────────────────────────────────────
-
-const wabAuthenticateLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000,
-  max: 20,
-  standardHeaders: true,
-  legacyHeaders: false,
-  keyGenerator: (req) => `${req.ip}:${req.body?.siteId || req.body?.apiKey || 'anon'}`,
-  message: { error: 'Too many WAB authentication attempts' }
-});
-
-const wabActionLimiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 300,
-  standardHeaders: true,
-  legacyHeaders: false,
-  keyGenerator: (req) => `${req.ip}:${req.wabSession?.siteId || 'anon'}`,
-  message: { error: 'Too many action requests, please slow down' }
-});
-
-// ─── General API endpoints ───────────────────────────────────────────
-
-const apiLimiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 300,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many requests, please try again later' }
-});
-
-const searchLimiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 30,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many search requests' }
-});
-
-// ─── License endpoints (existing) ────────────────────────────────────
-
-const licenseTokenLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000,
-  max: 30,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many token requests, please try again later' }
-});
-
-const licenseTrackLimiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 300,
-  standardHeaders: true,
-  legacyHeaders: false,
-  keyGenerator: (req) => `${req.ip}:${req.body?.sessionToken || req.body?.siteId || 'anon'}`,
-  message: { error: 'Too many track requests, please try again later' }
-});
-
-module.exports = {
-  authLimiter,
-  registerLimiter,
-  adminLoginLimiter,
-  wabAuthenticateLimiter,
-  wabActionLimiter,
-  apiLimiter,
-  searchLimiter,
-  licenseTokenLimiter,
-  licenseTrackLimiter,
-};
+/**
+ * Comprehensive rate limits for all security-sensitive endpoints.
+ */
+
+const rateLimit = require('express-rate-limit');
+
+// ─── Auth endpoints ──────────────────────────────────────────────────
+
+const authLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 10,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many authentication attempts, please try again later' }
+});
+
+const registerLimiter = rateLimit({
+  windowMs: 60 * 60 * 1000,
+  max: 20,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many registration attempts, please try again later' }
+});
+
+const adminLoginLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 5,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many admin login attempts, please try again later' }
+});
+
+// ─── WAB API endpoints ───────────────────────────────────────────────
+
+const wabAuthenticateLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 20,
+  standardHeaders: true,
+  legacyHeaders: false,
+  keyGenerator: (req) => `${req.ip}:${req.body?.siteId || req.body?.apiKey || 'anon'}`,
+  message: { error: 'Too many WAB authentication attempts' }
+});
+
+const wabActionLimiter = rateLimit({
+  windowMs: 60 * 1000,
+  max: 300,
+  standardHeaders: true,
+  legacyHeaders: false,
+  keyGenerator: (req) => `${req.ip}:${req.wabSession?.siteId || 'anon'}`,
+  message: { error: 'Too many action requests, please slow down' }
+});
+
+// ─── General API endpoints ───────────────────────────────────────────
+
+const apiLimiter = rateLimit({
+  windowMs: 60 * 1000,
+  max: 300,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many requests, please try again later' }
+});
+
+const searchLimiter = rateLimit({
+  windowMs: 60 * 1000,
+  max: 30,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many search requests' }
+});
+
+// ─── License endpoints (existing) ────────────────────────────────────
+
+const licenseTokenLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 30,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many token requests, please try again later' }
+});
+
+const licenseTrackLimiter = rateLimit({
+  windowMs: 60 * 1000,
+  max: 300,
+  standardHeaders: true,
+  legacyHeaders: false,
+  keyGenerator: (req) => `${req.ip}:${req.body?.sessionToken || req.body?.siteId || 'anon'}`,
+  message: { error: 'Too many track requests, please try again later' }
+});
+
+module.exports = {
+  authLimiter,
+  registerLimiter,
+  adminLoginLimiter,
+  wabAuthenticateLimiter,
+  wabActionLimiter,
+  apiLimiter,
+  searchLimiter,
+  licenseTokenLimiter,
+  licenseTrackLimiter,
+};

package/server/middleware/sensitiveAction.js

@@ -1,157 +1,157 @@
-'use strict';
-
-/**
- * Sensitive Action Gate — Human-in-the-Loop confirmation for destructive
- * or financially-impactful agent actions.
- *
- * Threat: prompt-injection or compromised agent issues `purchase`, `transfer`,
- * `delete-account`, etc. without user intent.
- *
- * Defense:
- *   1. Maintain a static list of sensitive action verbs.
- *   2. If a request payload references one of those verbs, require either:
- *        - X-WAB-Confirm header containing an HMAC over the request body, OR
- *        - explicit `confirmed:true` flag set by an authenticated *user* token
- *          (not just an agent token).
- *   3. Otherwise return 412 with a confirmation challenge so the
- *      orchestrator can surface the prompt to a human.
- *
- * The HMAC is computed using process.env.HITL_SECRET (falls back to a
- * derived secret on first start) over `${actorId}:${actionKey}:${nonce}`.
- *
- * This is a defense-in-depth gate — site-level policies in
- * control-plane/policy-engine remain authoritative.
- */
-
-const crypto = require('crypto');
-
-const SENSITIVE_VERBS = new Set([
-  'purchase',
-  'checkout',
-  'pay',
-  'payment',
-  'transfer',
-  'wire',
-  'send-money',
-  'withdraw',
-  'delete',
-  'delete-account',
-  'wipe',
-  'unsubscribe-all',
-  'cancel-subscription',
-  'submit-payment',
-  'authorize',
-  'sign-contract',
-  'change-password',
-  'change-email',
-  'export-data',
-  'grant-admin',
-  'revoke-access',
-]);
-
-let _runtimeSecret = process.env.HITL_SECRET;
-function _secret() {
-  if (_runtimeSecret) return _runtimeSecret;
-  // Derive a stable per-process secret if none configured. Note: this means
-  // confirmations don't survive restarts, which is acceptable (HITL tokens
-  // are short-lived by design).
-  _runtimeSecret = crypto.randomBytes(32).toString('hex');
-  return _runtimeSecret;
-}
-
-function _flatten(obj, depth = 0, out = []) {
-  if (depth > 4 || obj == null) return out;
-  if (typeof obj === 'string') { out.push(obj.toLowerCase()); return out; }
-  if (Array.isArray(obj)) { obj.forEach((v) => _flatten(v, depth + 1, out)); return out; }
-  if (typeof obj === 'object') { Object.values(obj).forEach((v) => _flatten(v, depth + 1, out)); }
-  return out;
-}
-
-function detectSensitiveAction(body) {
-  const candidates = _flatten(body || {});
-  for (const v of candidates) {
-    if (typeof v !== 'string') continue;
-    // Match verb tokens: "purchase", "checkout.confirm", etc.
-    const tokens = v.split(/[\s.\-_/:]+/);
-    for (const t of tokens) {
-      if (SENSITIVE_VERBS.has(t)) return t;
-    }
-  }
-  return null;
-}
-
-function makeChallenge(actorId, actionKey) {
-  const nonce = crypto.randomBytes(12).toString('hex');
-  const ts = Date.now();
-  const payload = `${actorId || 'anon'}:${actionKey}:${nonce}:${ts}`;
-  const hmac = crypto.createHmac('sha256', _secret()).update(payload).digest('hex');
-  return { nonce, ts, signature: hmac, expiresInMs: 5 * 60 * 1000 };
-}
-
-function verifyConfirmation(header, actorId, actionKey) {
-  if (!header || typeof header !== 'string') return false;
-  const parts = header.split('.');
-  if (parts.length !== 3) return false;
-  const [nonce, ts, sig] = parts;
-  const tsNum = parseInt(ts, 10);
-  if (!nonce || !sig || !tsNum) return false;
-  if (Date.now() - tsNum > 5 * 60 * 1000) return false; // 5 min window
-  const payload = `${actorId || 'anon'}:${actionKey}:${nonce}:${tsNum}`;
-  const expected = crypto.createHmac('sha256', _secret()).update(payload).digest('hex');
-  try {
-    return crypto.timingSafeEqual(Buffer.from(sig, 'hex'), Buffer.from(expected, 'hex'));
-  } catch {
-    return false;
-  }
-}
-
-/**
- * Express middleware. Apply to runtime/execute/policy routes.
- * Bypassed when X-WAB-Confirm verifies, or when an authenticated USER token
- * (req.user) explicitly sets `confirmed:true` in the body.
- */
-function sensitiveActionGate(req, res, next) {
-  const action = detectSensitiveAction(req.body);
-  if (!action) return next();
-
-  const actorId = req.user?.id || req.agentId || req.session?.agentId || req.ip;
-  const actionKey = `${req.method}:${req.baseUrl || ''}${req.path}:${action}`;
-
-  // 1) User-supplied confirmation header (preferred)
-  const header = req.headers['x-wab-confirm'];
-  if (header && verifyConfirmation(header, actorId, action)) {
-    req._hitlConfirmed = action;
-    return next();
-  }
-
-  // 2) Logged-in user explicitly confirmed in body
-  if (req.user && req.body && req.body.confirmed === true && req.body.confirmedAction === action) {
-    req._hitlConfirmed = action;
-    return next();
-  }
-
-  // Otherwise issue a challenge.
-  const challenge = makeChallenge(actorId, action);
-  return res.status(412).json({
-    error: 'Human-in-the-loop confirmation required',
-    code: 'HITL_REQUIRED',
-    sensitiveAction: action,
-    challenge: {
-      nonce: challenge.nonce,
-      ts: challenge.ts,
-      signature: challenge.signature,
-      headerName: 'X-WAB-Confirm',
-      headerValue: `${challenge.nonce}.${challenge.ts}.${challenge.signature}`,
-      expiresInMs: challenge.expiresInMs,
-    },
-    hint: 'Resubmit the same request with the X-WAB-Confirm header carrying the headerValue above, after a human has approved the action.',
-  });
-}
-
-module.exports = {
-  sensitiveActionGate,
-  detectSensitiveAction,
-  makeChallenge,
-  verifyConfirmation,
-  SENSITIVE_VERBS,
-};
+'use strict';
+
+/**
+ * Sensitive Action Gate — Human-in-the-Loop confirmation for destructive
+ * or financially-impactful agent actions.
+ *
+ * Threat: prompt-injection or compromised agent issues `purchase`, `transfer`,
+ * `delete-account`, etc. without user intent.
+ *
+ * Defense:
+ *   1. Maintain a static list of sensitive action verbs.
+ *   2. If a request payload references one of those verbs, require either:
+ *        - X-WAB-Confirm header containing an HMAC over the request body, OR
+ *        - explicit `confirmed:true` flag set by an authenticated *user* token
+ *          (not just an agent token).
+ *   3. Otherwise return 412 with a confirmation challenge so the
+ *      orchestrator can surface the prompt to a human.
+ *
+ * The HMAC is computed using process.env.HITL_SECRET (falls back to a
+ * derived secret on first start) over `${actorId}:${actionKey}:${nonce}`.
+ *
+ * This is a defense-in-depth gate — site-level policies in
+ * control-plane/policy-engine remain authoritative.
+ */
+
+const crypto = require('crypto');
+
+const SENSITIVE_VERBS = new Set([
+  'purchase',
+  'checkout',
+  'pay',
+  'payment',
+  'transfer',
+  'wire',
+  'send-money',
+  'withdraw',
+  'delete',
+  'delete-account',
+  'wipe',
+  'unsubscribe-all',
+  'cancel-subscription',
+  'submit-payment',
+  'authorize',
+  'sign-contract',
+  'change-password',
+  'change-email',
+  'export-data',
+  'grant-admin',
+  'revoke-access',
+]);
+
+let _runtimeSecret = process.env.HITL_SECRET;
+function _secret() {
+  if (_runtimeSecret) return _runtimeSecret;
+  // Derive a stable per-process secret if none configured. Note: this means
+  // confirmations don't survive restarts, which is acceptable (HITL tokens
+  // are short-lived by design).
+  _runtimeSecret = crypto.randomBytes(32).toString('hex');
+  return _runtimeSecret;
+}
+
+function _flatten(obj, depth = 0, out = []) {
+  if (depth > 4 || obj == null) return out;
+  if (typeof obj === 'string') { out.push(obj.toLowerCase()); return out; }
+  if (Array.isArray(obj)) { obj.forEach((v) => _flatten(v, depth + 1, out)); return out; }
+  if (typeof obj === 'object') { Object.values(obj).forEach((v) => _flatten(v, depth + 1, out)); }
+  return out;
+}
+
+function detectSensitiveAction(body) {
+  const candidates = _flatten(body || {});
+  for (const v of candidates) {
+    if (typeof v !== 'string') continue;
+    // Match verb tokens: "purchase", "checkout.confirm", etc.
+    const tokens = v.split(/[\s.\-_/:]+/);
+    for (const t of tokens) {
+      if (SENSITIVE_VERBS.has(t)) return t;
+    }
+  }
+  return null;
+}
+
+function makeChallenge(actorId, actionKey) {
+  const nonce = crypto.randomBytes(12).toString('hex');
+  const ts = Date.now();
+  const payload = `${actorId || 'anon'}:${actionKey}:${nonce}:${ts}`;
+  const hmac = crypto.createHmac('sha256', _secret()).update(payload).digest('hex');
+  return { nonce, ts, signature: hmac, expiresInMs: 5 * 60 * 1000 };
+}
+
+function verifyConfirmation(header, actorId, actionKey) {
+  if (!header || typeof header !== 'string') return false;
+  const parts = header.split('.');
+  if (parts.length !== 3) return false;
+  const [nonce, ts, sig] = parts;
+  const tsNum = parseInt(ts, 10);
+  if (!nonce || !sig || !tsNum) return false;
+  if (Date.now() - tsNum > 5 * 60 * 1000) return false; // 5 min window
+  const payload = `${actorId || 'anon'}:${actionKey}:${nonce}:${tsNum}`;
+  const expected = crypto.createHmac('sha256', _secret()).update(payload).digest('hex');
+  try {
+    return crypto.timingSafeEqual(Buffer.from(sig, 'hex'), Buffer.from(expected, 'hex'));
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Express middleware. Apply to runtime/execute/policy routes.
+ * Bypassed when X-WAB-Confirm verifies, or when an authenticated USER token
+ * (req.user) explicitly sets `confirmed:true` in the body.
+ */
+function sensitiveActionGate(req, res, next) {
+  const action = detectSensitiveAction(req.body);
+  if (!action) return next();
+
+  const actorId = req.user?.id || req.agentId || req.session?.agentId || req.ip;
+  const actionKey = `${req.method}:${req.baseUrl || ''}${req.path}:${action}`;
+
+  // 1) User-supplied confirmation header (preferred)
+  const header = req.headers['x-wab-confirm'];
+  if (header && verifyConfirmation(header, actorId, action)) {
+    req._hitlConfirmed = action;
+    return next();
+  }
+
+  // 2) Logged-in user explicitly confirmed in body
+  if (req.user && req.body && req.body.confirmed === true && req.body.confirmedAction === action) {
+    req._hitlConfirmed = action;
+    return next();
+  }
+
+  // Otherwise issue a challenge.
+  const challenge = makeChallenge(actorId, action);
+  return res.status(412).json({
+    error: 'Human-in-the-loop confirmation required',
+    code: 'HITL_REQUIRED',
+    sensitiveAction: action,
+    challenge: {
+      nonce: challenge.nonce,
+      ts: challenge.ts,
+      signature: challenge.signature,
+      headerName: 'X-WAB-Confirm',
+      headerValue: `${challenge.nonce}.${challenge.ts}.${challenge.signature}`,
+      expiresInMs: challenge.expiresInMs,
+    },
+    hint: 'Resubmit the same request with the X-WAB-Confirm header carrying the headerValue above, after a human has approved the action.',
+  });
+}
+
+module.exports = {
+  sensitiveActionGate,
+  detectSensitiveAction,
+  makeChallenge,
+  verifyConfirmation,
+  SENSITIVE_VERBS,
+};

package/server/middleware/wab-trust.js

@@ -0,0 +1,141 @@
+// ═══════════════════════════════════════════════════════════════════════════
+// WAB Trust Headers Middleware (Ring 4)
+//
+// Recognizes:
+//   X-WAB-Trust-Domain  — the sovereign agent's declared trusted origin
+//   X-WAB-Signature     — Ed25519 signature (base64, "ed25519:..." or raw)
+//   X-WAB-Trust-Nonce   — replay-defence nonce
+//
+// Behavior:
+//   - Looks up the domain's registered Ring 4 trust profile.
+//   - If signature present, verifies it against the profile's signed_by_pk
+//     using the canonical message:  `${method} ${path}\n${nonce}`
+//   - Attaches `req.wabTrust = { domain, verified, profile, headers }`
+//   - NEVER blocks the request. Downstream handlers decide what to do.
+//   - Logs every recognition / verification event to ring4_interaction_log.
+// ═══════════════════════════════════════════════════════════════════════════
+
+const crypto = require('crypto');
+const { db } = require('../models/db');
+
+function ed25519Verify(publicKeyB64, message, signatureB64) {
+  try {
+    const pk = Buffer.from(publicKeyB64, 'base64');
+    if (pk.length !== 32) return false;
+    const der = Buffer.concat([Buffer.from('302a300506032b6570032100', 'hex'), pk]);
+    const keyObj = crypto.createPublicKey({ key: der, format: 'der', type: 'spki' });
+    const sig = Buffer.from(signatureB64, 'base64');
+    const msg = Buffer.isBuffer(message) ? message : Buffer.from(message, 'utf8');
+    return crypto.verify(null, msg, keyObj, sig);
+  } catch {
+    return false;
+  }
+}
+
+const DOMAIN_RE  = /^[a-z0-9.-]{3,253}$/i;
+const NONCE_RE   = /^[A-Za-z0-9_\-]{8,128}$/;
+const PROJECT_RE = /^[a-z0-9-]{2,64}$/i;
+const TRACEPARENT_RE = /^[0-9a-f]{2}-[0-9a-f]{32}-[0-9a-f]{16}-[0-9a-f]{2}$/i;
+
+function stripPrefix(s) {
+  return typeof s === 'string' && s.startsWith('ed25519:') ? s.slice(8) : s;
+}
+
+function wabTrustMiddleware(req, _res, next) {
+  // Trace context passthrough (always, even without trust headers).
+  const traceparent = String(req.headers['traceparent'] || '').trim();
+  const tracestate  = String(req.headers['tracestate'] || '').trim();
+  const trace = TRACEPARENT_RE.test(traceparent)
+    ? { traceparent, tracestate: tracestate || null }
+    : null;
+
+  const domain = String(req.headers['x-wab-trust-domain'] || '').toLowerCase().trim();
+  if (!domain || !DOMAIN_RE.test(domain)) {
+    if (trace) req.wabTrust = { recognized: false, verified: false, trace };
+    return next();
+  }
+
+  const sigHdr     = String(req.headers['x-wab-signature'] || '').trim();
+  const nonce      = String(req.headers['x-wab-trust-nonce'] || '').trim();
+  const projectHdr = String(req.headers['x-wab-trust-project'] || '').trim();
+
+  let profile = null;
+  try {
+    profile = db.prepare(`
+      SELECT domain, label, capabilities, constraints, signed_by_pk, expires_at, trust_score
+      FROM ring4_trust_profiles
+      WHERE domain = ?
+    `).get(domain);
+  } catch { /* table not yet migrated */ }
+
+  // Resolve verification key — prefer project pubkey when supplied, else profile.signed_by_pk.
+  let verifyPk = null;
+  let pkSource = null;
+  if (projectHdr && PROJECT_RE.test(projectHdr)) {
+    try {
+      const proj = db.prepare(`SELECT public_key FROM ring4_projects WHERE project_id = ?`).get(projectHdr);
+      if (proj && proj.public_key) { verifyPk = proj.public_key; pkSource = 'project'; }
+    } catch { /* swallow */ }
+  }
+  if (!verifyPk && profile && profile.signed_by_pk) {
+    verifyPk = profile.signed_by_pk;
+    pkSource = 'profile';
+  }
+
+  const expired = profile ? new Date(profile.expires_at).getTime() < Date.now() : false;
+  let verified = false;
+  let verifyDetail = null;
+
+  if (sigHdr && verifyPk && nonce && NONCE_RE.test(nonce)) {
+    const sigRaw = stripPrefix(sigHdr);
+    const pkRaw  = stripPrefix(verifyPk);
+    const message = `${req.method} ${req.originalUrl || req.url}\n${nonce}`;
+    verified = ed25519Verify(pkRaw, message, sigRaw);
+    verifyDetail = verified ? `sig_ok(${pkSource})` : `sig_invalid(${pkSource})`;
+  } else if (profile) {
+    verifyDetail = 'recognized_without_signature';
+  }
+
+  req.wabTrust = {
+    domain,
+    recognized: !!profile,
+    verified,
+    expired,
+    profile: profile ? {
+      label: profile.label,
+      trust_score: profile.trust_score,
+      capabilities: safeJson(profile.capabilities),
+      constraints: safeJson(profile.constraints),
+      expires_at: profile.expires_at
+    } : null,
+    project_id: (projectHdr && PROJECT_RE.test(projectHdr)) ? projectHdr : null,
+    pk_source: pkSource,
+    nonce: nonce || null,
+    detail: verifyDetail,
+    trace
+  };
+
+  // Best-effort audit log (never blocks the request)
+  if (profile) {
+    try {
+      db.prepare(`
+        INSERT INTO ring4_interaction_log (project_id, domain, event_type, signature_valid, outcome, detail, agent_nonce)
+        VALUES (?, ?, ?, ?, ?, ?, ?)
+      `).run(
+        req.wabTrust.project_id || 'wab-system',
+        domain,
+        sigHdr ? 'verify' : 'recognize',
+        sigHdr ? (verified ? 1 : 0) : null,
+        expired ? 'expired' : (sigHdr ? (verified ? 'allow' : 'refuse') : 'recognize'),
+        (trace ? `tp=${traceparent.slice(0, 36)}; ` : '') + (verifyDetail || ''),
+        nonce || null
+      );
+    } catch { /* swallow */ }
+  }
+
+  next();
+}
+
+function safeJson(s) { try { return JSON.parse(s || '{}'); } catch { return {}; } }
+
+module.exports = { wabTrustMiddleware };

package/server/migrations/001_add_analytics_indexes.sql

@@ -1,7 +1,7 @@
--- Migration 001: Add composite indexes for analytics performance
--- Created: 2024-12-01
-
-CREATE INDEX IF NOT EXISTS idx_analytics_site_action ON analytics(site_id, action_name);
-CREATE INDEX IF NOT EXISTS idx_analytics_site_created ON analytics(site_id, created_at);
-CREATE INDEX IF NOT EXISTS idx_subscriptions_user ON subscriptions(user_id);
-CREATE INDEX IF NOT EXISTS idx_subscriptions_status ON subscriptions(status);
+-- Migration 001: Add composite indexes for analytics performance
+-- Created: 2024-12-01
+
+CREATE INDEX IF NOT EXISTS idx_analytics_site_action ON analytics(site_id, action_name);
+CREATE INDEX IF NOT EXISTS idx_analytics_site_created ON analytics(site_id, created_at);
+CREATE INDEX IF NOT EXISTS idx_subscriptions_user ON subscriptions(user_id);
+CREATE INDEX IF NOT EXISTS idx_subscriptions_status ON subscriptions(status);