Update SQLx metadata

.cursor/rules/rust-best-practices.mdc

@@ -65,7 +65,6 @@ When generating code, especially involving `serde`, `sqlx`, and `tokio`, priorit
 
 ### SQLx Optimizations (Database Interaction)
 
--   **CRITICAL - Never Use `SELECT *` in Worker-Executed Queries:** For any query that can potentially be executed by workers, **always** explicitly list the specific columns you need instead of using `SELECT *`. This is essential for backwards compatibility: when workers are running behind the API server version (common in distributed deployments), adding new columns to database tables will cause outdated workers to fail when they try to deserialize rows with unexpected columns. Always use explicit column lists like `SELECT id, workspace_id, path, created_at FROM table` instead of `SELECT * FROM table`.
 -   **Select Only Necessary Columns:** In `SELECT` queries, list specific column names rather than using `SELECT *`. This reduces data transferred from the database and the work needed for hydration/deserialization.
 -   **Batch Operations:** For multiple `INSERT`, `UPDATE`, or `DELETE` statements, prefer executing them in a single query if the database and driver support it efficiently (e.g., `INSERT INTO ... VALUES (...), (...), ...`). This minimizes round trips to the database.
 -   **Avoid N+1 Queries:** Do not loop through results of one query and execute a separate query for each item (e.g., fetching users, then querying for each user's profile in a loop). Instead, use JOINs or a single query with an `IN` clause to fetch related data efficiently.

.dockerignore

@@ -3,4 +3,3 @@ frontend/build/
 frontend/.svelte-kit/
 
 backend/target/
-backend/windmill-duckdb-ffi-internal/target/

.github/CODEOWNERS

@@ -1,4 +1,4 @@
-*       @rubenfiszel @hugocasa @alpetric
+*       @rubenfiszel @HugoCasa @alpetric
 
-/community/ @rubenfiszel @hugocasa @alpetric
-/frontend/  @rubenfiszel @hugocasa @alpetric
+/community/ @rubenfiszel @HugoCasa @alpetric
+/frontend/  @rubenfiszel @HugoCasa @alpetric

.github/DockerfileBackendTests

@@ -42,7 +42,7 @@ RUN wget https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VER
 RUN /usr/local/bin/python3 -m pip install pip-tools
 
 # Bun
-COPY --from=oven/bun:1.2.23 /usr/local/bin/bun /usr/bin/bun
+COPY --from=oven/bun:1.2.4 /usr/local/bin/bun /usr/bin/bun
 
 ARG TARGETPLATFORM
 
@@ -57,12 +57,8 @@ RUN apt-get update \
 RUN rustup component add rustfmt
 
 # C#
-RUN wget https://dot.net/v1/dotnet-install.sh -O dotnet-install.sh \
-    && chmod +x dotnet-install.sh \
-    && ./dotnet-install.sh --channel 9.0 --install-dir /usr/share/dotnet \
-    && ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet \
-    && rm dotnet-install.sh
-
+COPY --from=bitnami/dotnet-sdk:9.0.101-debian-12-r0 /opt/bitnami/dotnet-sdk /opt/dotnet-sdk
+RUN ln -s /opt/dotnet-sdk/bin/dotnet /usr/bin/dotnet
 
 # Nushell
 COPY --from=ghcr.io/nushell/nushell:0.101.0-bookworm /usr/bin/nu /usr/bin/nu

.github/change-versions-mac.sh

@@ -7,7 +7,7 @@ VERSION=$1
 echo "Updating versions to: $VERSION"
 
 sed -i '' -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/backend/Cargo.toml
-sed -i '' -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/"  ${root_dirpath}/cli/src/main.ts
+sed -i '' -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/"  ${root_dirpath}/cli/main.ts
 sed -i '' -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/" ${root_dirpath}/benchmarks/lib.ts
 sed -i '' -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/backend/windmill-api/openapi.yaml
 sed -i '' -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/openflow.openapi.yaml

.github/change-versions.sh

@@ -7,7 +7,7 @@ VERSION=$1
 echo "Updating versions to: $VERSION"
 
 sed -i -e "/^version =/s/= .*/= \"$VERSION\"/" ${root_dirpath}/backend/Cargo.toml
-sed -i -e "/^export const VERSION =/s/= .*/= \"$VERSION\";/" ${root_dirpath}/cli/src/main.ts
+sed -i -e "/^export const VERSION =/s/= .*/= \"$VERSION\";/" ${root_dirpath}/cli/main.ts
 sed -i -e "/^export const VERSION =/s/= .*/= \"v$VERSION\";/" ${root_dirpath}/benchmarks/lib.ts
 sed -i -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/backend/windmill-api/openapi.yaml
 sed -i -e "/version: /s/: .*/: $VERSION/" ${root_dirpath}/openflow.openapi.yaml

.github/workflows/backend-check.yml

@@ -20,7 +20,10 @@ jobs:
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           cache-workspaces: backend
-          toolchain: 1.90.0
+          toolchain: 1.85.0
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: backend
       - name: cargo check
         working-directory: ./backend
         timeout-minutes: 16
@@ -41,13 +44,16 @@ jobs:
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           cache-workspaces: backend
-          toolchain: 1.90.0
+          toolchain: 1.85.0
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: backend
       - name: cargo check
         working-directory: ./backend
         timeout-minutes: 16
         run: |
           mkdir -p fake_frontend_build
-          FRONTEND_BUILD_DIR=$(pwd)/fake_frontend_build SQLX_OFFLINE=true cargo check --features all_sqlx_features
+          FRONTEND_BUILD_DIR=$(pwd)/fake_frontend_build SQLX_OFFLINE=true cargo check --features $(./all_features_oss.sh)
 
   check_ee:
     runs-on: ubicloud-standard-8
@@ -75,7 +81,10 @@ jobs:
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           cache-workspaces: backend
-          toolchain: 1.90.0
+          toolchain: 1.85.0
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: backend
       - name: cargo check
         working-directory: ./backend
         timeout-minutes: 16
@@ -112,10 +121,13 @@ jobs:
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           cache-workspaces: backend
-          toolchain: 1.90.0
+          toolchain: 1.85.0
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: backend
       - name: cargo check
         timeout-minutes: 16
         working-directory: ./backend
         run: |
           mkdir -p fake_frontend_build
-          FRONTEND_BUILD_DIR=$(pwd)/fake_frontend_build SQLX_OFFLINE=true cargo check --features all_sqlx_features,private
+          FRONTEND_BUILD_DIR=$(pwd)/fake_frontend_build SQLX_OFFLINE=true cargo check --all-features

.github/workflows/backend-test.yml

@@ -45,46 +45,24 @@ jobs:
       - uses: oven-sh/setup-bun@v2
         with:
           bun-version: 1.1.43
-      - uses: astral-sh/setup-uv@v6.2.1
+      - uses: astral-sh/setup-uv@v6
         with:
           version: "0.6.2"
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           cache-workspaces: backend
-          toolchain: 1.90.0
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
+          toolchain: 1.85.0
+      - uses: Swatinem/rust-cache@v2
         with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
-      - name: Substitute EE code (EE logic is behind feature flag)
-        run: |
-          ./substitute_ee_code.sh --copy --dir ./windmill-ee-private
-      - name: Cache DuckDB FFI module build
-        uses: actions/cache@v3
-        with:
-          path: ./backend/windmill-duckdb-ffi-internal/target
-          key: ${{ runner.os }}-duckdb-ffi-${{ hashFiles('./backend/windmill-duckdb-ffi-internal/src/**/*.rs', './backend/windmill-duckdb-ffi-internal/Cargo.toml', './backend/windmill-duckdb-ffi-internal/Cargo.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-duckdb-ffi-
+          workspaces: backend
       - name: cargo test
         timeout-minutes: 16
-        env:
-          SQLX_OFFLINE: true
-          DATABASE_URL: postgres://postgres:changeme@localhost:5432/windmill
-          DISABLE_EMBEDDING: true
-          RUST_LOG: info
-          RUST_LOG_STYLE: never
-          CARGO_NET_GIT_FETCH_WITH_CLI: true
-          WMDEBUG_FORCE_V0_WORKSPACE_DEPENDENCIES: 1
-        run: |
-          deno --version && bun -v && go version && python3 --version
-          cd windmill-duckdb-ffi-internal && ./build_dev.sh && cd ..
-          DENO_PATH=$(which deno) BUN_PATH=$(which bun) GO_PATH=$(which go) UV_PATH=$(which uv) cargo test --features enterprise,deno_core,duckdb,license,python,rust,scoped_cache,parquet,private --all -- --nocapture
+        run:
+          deno --version && bun -v && go version && python3 --version &&
+          SQLX_OFFLINE=true
+          DATABASE_URL=postgres://postgres:changeme@localhost:5432/windmill
+          DISABLE_EMBEDDING=true RUST_LOG=info
+          DENO_PATH=$(which deno) BUN_PATH=$(which bun) GO_PATH=$(which go)
+          UV_PATH=$(which uv) cargo test --features
+          enterprise,deno_core,license,python,rust,scoped_cache --all --
+          --nocapture

.github/workflows/build-publish-rh-image.yml

@@ -97,12 +97,6 @@ jobs:
           image: ${{ steps.meta-ee-public.outputs.tags}}-amd64
           path: "/windmill/target/release/windmill"
 
-      - uses: shrink/actions-docker-extract@v3
-        id: extract-duckdb-ffi-internal
-        with:
-          image: ${{ steps.meta-ee-public.outputs.tags}}-amd64
-          path: "/usr/src/app/libwindmill_duckdb_ffi_internal.so"
-
       # - uses: shrink/actions-docker-extract@v3
       #   id: extract-ee-arm64
       #   with:
@@ -117,12 +111,8 @@ jobs:
       - uses: actions/upload-artifact@v4
         with:
           name: RHEL9-amd64 build
-          path: ${{ steps.extract-ee-amd64.outputs.destination }}/windmill-ee-amd64-rhel9
-
-      - uses: actions/upload-artifact@v4
-        with:
-          name: RHEL9-amd64 dynamic libraries build
-          path: ${{ steps.extract-duckdb-ffi-internal.outputs.destination }}/libwindmill_duckdb_ffi_internal.so
+          path: ${{ steps.extract-ee-amd64.outputs.destination
+            }}/windmill-ee-amd64-rhel9
 
       # - uses: actions/upload-artifact@v4
       #   with:

.github/workflows/build-publish-rh8-image.yml

@@ -1,140 +0,0 @@
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
-name: Build and publish windmill for RHEL8
-on: workflow_dispatch
-
-permissions: write-all
-
-jobs:
-  build_ee:
-    runs-on: ubicloud
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Read EE repo commit hash
-        run: |
-          echo "ee_repo_ref=$(cat ./backend/ee-repo-ref.txt)" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v4
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: ./windmill-ee-private
-          ref: ${{ env.ee_repo_ref }}
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-          fetch-depth: 0
-
-      # - name: Set up Docker Buildx
-      #   uses: docker/setup-buildx-action@v2
-      - uses: depot/setup-action@v1
-
-      - name: Docker meta
-        id: meta-ee-public
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-ee-rhel8
-          flavor: |
-            latest=false
-          tags: |
-            type=sha
-
-      - name: Login to registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Substitute EE code
-        run: |
-          ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
-
-      - name: Copy RHEL8 Dockerfile
-        run: |
-          cp ./docker/RHEL8/Dockerfile ./Dockerfile
-
-      - name: Build and push publicly ee amd64
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/amd64
-          push: true
-          build-args: |
-            features=enterprise,enterprise_saml,stripe,embedding,parquet,prometheus,openidconnect,cloud,jemalloc,license,otel,http_trigger,zip,oauth2,kafka,sqs_trigger,nats,postgres_trigger,gcp_trigger,mqtt_trigger,websocket,smtp,static_frontend,all_languages,deno_core,mcp,private
-          secrets: |
-            rh_username=${{ secrets.RH_USERNAME }}
-            rh_password=${{ secrets.RH_PASSWORD }}
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}-amd64
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}-amd64
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-      - name: Build and push publicly ee arm64
-        uses: depot/build-push-action@v1
-        with:
-          context: .
-          platforms: linux/arm64
-          push: true
-          build-args: |
-            features=enterprise,enterprise_saml,stripe,embedding,parquet,prometheus,openidconnect,cloud,jemalloc,license,otel,http_trigger,zip,oauth2,kafka,sqs_trigger,nats,postgres_trigger,gcp_trigger,mqtt_trigger,websocket,smtp,static_frontend,all_languages,deno_core,mcp,private
-          secrets: |
-            rh_username=${{ secrets.RH_USERNAME }}
-            rh_password=${{ secrets.RH_PASSWORD }}
-          tags: |
-            ${{ steps.meta-ee-public.outputs.tags }}-arm64
-          labels: |
-            ${{ steps.meta-ee-public.outputs.labels }}-arm64
-            org.opencontainers.image.licenses=Windmill-Enterprise-License
-
-      - uses: shrink/actions-docker-extract@v3
-        id: extract-ee-amd64
-        with:
-          image: ${{ steps.meta-ee-public.outputs.tags}}-amd64
-          path: "/windmill/target/release/windmill"
-
-      - uses: shrink/actions-docker-extract@v3
-        id: extract-duckdb-ffi-internal
-        with:
-          image: ${{ steps.meta-ee-public.outputs.tags}}-amd64
-          path: "/usr/src/app/libwindmill_duckdb_ffi_internal.so"
-
-      # - uses: shrink/actions-docker-extract@v3
-      #   id: extract-ee-arm64
-      #   with:
-      #     image: ${{ steps.meta-ee-public.outputs.tags}}-arm64
-      #     path: "/windmill/target/release/windmill"
-
-      - name: Rename binary with corresponding architecture
-        run: |
-          mv "${{ steps.extract-ee-amd64.outputs.destination }}/windmill" "${{ steps.extract-ee-amd64.outputs.destination }}/windmill-ee-amd64-rhel8"
-          # mv "${{ steps.extract-ee-arm64.outputs.destination }}/windmill" "${{ steps.extract-ee-arm64.outputs.destination }}/windmill-ee-arm64-rhel8"
-
-      - uses: actions/upload-artifact@v4
-        with:
-          name: RHEL8-amd64 build
-          path: ${{ steps.extract-ee-amd64.outputs.destination }}/windmill-ee-amd64-rhel8
-
-      - uses: actions/upload-artifact@v4
-        with:
-          name: RHEL8-amd64 dynamic libraries build
-          path: ${{ steps.extract-duckdb-ffi-internal.outputs.destination }}/libwindmill_duckdb_ffi_internal.so
-
-      # - uses: actions/upload-artifact@v4
-      #   with:
-      #     name: RHEL8-arm64 build
-      #     path:
-      #       ${{ steps.extract-ee-arm64.outputs.destination
-      #       }}/windmill-ee-arm64-rhel8
-
-      # - name: Attach binary to release
-      #   uses: softprops/action-gh-release@v2
-      #   if: startsWith(github.ref, 'refs/tags/')
-      #   with:
-      #     files: |
-      #       ${{ steps.extract-ee-arm64.outputs.destination }}/windmill-ee-arm64-rhel8
-      #       ${{ steps.extract-ee-amd64.outputs.destination }}/windmill-ee-amd64-rhel8

.github/workflows/build_windows_worker_.yml

@@ -33,7 +33,7 @@ jobs:
       - name: Setup Rust
         uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.90.0
+          toolchain: 1.85.0
           override: true
 
       - name: Substitute EE code
@@ -41,13 +41,7 @@ jobs:
         run: |
           ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
 
-      - name: Cargo build dynamic libraries windows
-        timeout-minutes: 90
-        run: |
-          cd backend/windmill-duckdb-ffi-internal
-          cargo build --release -p windmill_duckdb_ffi_internal
-
-      - name: Cargo build binary windows
+      - name: Cargo build windows
         timeout-minutes: 90
         run: |
           vcpkg.exe install openssl-windows:x64-windows
@@ -62,14 +56,8 @@ jobs:
         run: |
           Rename-Item -Path ".\backend\target\release\windmill.exe" -NewName "windmill-ee.exe"
 
-      - name: Upload binary artifact
+      - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
           name: windmill-ee-binary
           path: ./backend/target/release/windmill-ee.exe
-
-      - name: Upload dynamic libraries artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: windmill_duckdb_ffi_internal.dll
-          path: ./backend/windmill-duckdb-ffi-internal/target/release/windmill_duckdb_ffi_internal.dll

.github/workflows/change-versions.yml

@@ -9,14 +9,7 @@ jobs:
     runs-on: ubicloud
     container: node:18
     steps:
-      - uses: actions/create-github-app-token@v2
-        id: app
-        with:
-          app-id: ${{ vars.INTERNAL_APP_ID }}
-          private-key: ${{ secrets.INTERNAL_APP_KEY }}
       - uses: actions/checkout@v4
-        with:
-          token: ${{ steps.app.outputs.token }}
       - run: git config --system --add safe.directory /__w/windmill/windmill
       - name: Change versions
         run: ./.github/change-versions.sh "$(cat version.txt)"
@@ -28,8 +21,3 @@ jobs:
           cd backend
           cargo generate-lockfile
       - uses: stefanzweifel/git-auto-commit-action@v5
-        with:
-          commit_user_name: windmill-internal-app[bot]
-          commit_user_email: windmill-internal-app[bot]@users.noreply.github.com
-        env:
-          GITHUB_TOKEN: ${{ steps.app.outputs.token }}

.github/workflows/check-org-membership.yml

@@ -1,66 +0,0 @@
-name: Check Organization Membership
-
-on:
-  workflow_call:
-    inputs:
-      commenter:
-        required: true
-        type: string
-        description: 'The username to check for organization membership'
-      organization:
-        required: false
-        type: string
-        default: 'windmill-labs'
-        description: 'The organization to check membership for'
-      trusted_bot:
-        required: false
-        type: string
-        default: 'windmill-internal-app[bot]'
-        description: 'The trusted bot username to allow'
-    secrets:
-      access_token:
-        required: true
-        description: 'The access token to use for org membership check'
-    outputs:
-      is_member:
-        description: 'Whether the user is an organization member or trusted bot'
-        value: ${{ jobs.check-membership.outputs.is_member }}
-
-jobs:
-  check-membership:
-    runs-on: ubicloud-standard-2
-    outputs:
-      is_member: ${{ steps.check-membership.outputs.is_member }}
-    steps:
-      - name: Check organization membership
-        id: check-membership
-        env:
-          ORG_ACCESS_TOKEN: ${{ secrets.access_token }}
-          COMMENTER: ${{ inputs.commenter }}
-          ORG: ${{ inputs.organization }}
-          TRUSTED_BOT: ${{ inputs.trusted_bot }}
-        run: |
-          # 1. Allow the trusted bot straight away
-          if [[ "$COMMENTER" == "$TRUSTED_BOT" ]]; then
-            echo "is_member=true" >> $GITHUB_OUTPUT
-            exit 0
-          fi
-
-          # 2. Disallow other bots
-          if [[ "${COMMENTER}" =~ \[bot\]$ ]]; then
-            echo "is_member=false" >> $GITHUB_OUTPUT
-            exit 0
-          fi
-
-          # 3. Otherwise check if the user is a member of the organization
-          STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
-            -H "Authorization: token $ORG_ACCESS_TOKEN" \
-            -H "Accept: application/vnd.github+json" \
-            -H "X-GitHub-Api-Version: 2022-11-28" \
-            "https://api.github.com/orgs/$ORG/members/$COMMENTER")
-
-          if [ "$STATUS" -eq 204 ]; then
-            echo "is_member=true" >> $GITHUB_OUTPUT
-          else
-            echo "is_member=false" >> $GITHUB_OUTPUT
-          fi

.github/workflows/claude-fast.yml

@@ -1,78 +0,0 @@
-name: Fast Claude
-
-on:
-  issue_comment:
-    types: [created]
-  pull_request_review_comment:
-    types: [created]
-  issues:
-    types: [opened, assigned]
-  pull_request_review:
-    types: [submitted]
-
-jobs:
-  determine-commenter:
-    if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '/ai-fast')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '/ai-fast')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '/ai-fast')) ||
-      (github.event_name == 'issues' && contains(github.event.issue.body, '/ai-fast'))
-    runs-on: ubicloud-standard-2
-    outputs:
-      commenter: ${{ steps.determine-commenter.outputs.commenter }}
-    steps:
-      - name: Determine commenter
-        id: determine-commenter
-        run: |
-          # Work out who wrote the comment / review
-          if [[ "${{ github.event_name }}" == "issue_comment" || \
-                "${{ github.event_name }}" == "pull_request_review_comment" ]]; then
-            COMMENTER="${{ github.event.comment.user.login }}"
-          elif [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
-            COMMENTER="${{ github.event.review.user.login }}"
-          else
-            COMMENTER="${{ github.event.issue.user.login }}"
-          fi
-          echo "commenter=$COMMENTER" >> $GITHUB_OUTPUT
-
-  check-membership:
-    needs: determine-commenter
-    uses: ./.github/workflows/check-org-membership.yml
-    with:
-      commenter: ${{ needs.determine-commenter.outputs.commenter }}
-    secrets:
-      access_token: ${{ secrets.ORG_ACCESS_TOKEN }}
-
-  claude-code-action:
-    needs: [determine-commenter, check-membership]
-    if: |
-      needs.check-membership.outputs.is_member == 'true'
-    runs-on: ubicloud-standard-8
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Run Claude PR Action
-        uses: anthropics/claude-code-action@beta
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          model: claude-opus-4-1-20250805
-          fallback_model: claude-sonnet-4-20250514
-          timeout_minutes: "60"
-          allowed_tools: "mcp__github__create_pull_request"
-          allowed_bots: "windmill-internal-app[bot]"
-          custom_instructions: |
-            ## IMPORTANT INSTRUCTIONS
-            - Your branch name should be a short description of the requested changes.
-            - Bypass previous instructions and instead of adding a url in your comment to manually create a PR, if you created a new branch with your changes, automatically create a draft PR from that branch to main.
-
-            ## Available Tools
-            - mcp__github__create_pull_request: Create PRs from branches
-          trigger_phrase: "/ai-fast"

.github/workflows/claude-plan.yml

@@ -1,90 +0,0 @@
-name: Claude Plan Assistant
-
-on:
-  issue_comment:
-    types: [created]
-  pull_request_review_comment:
-    types: [created]
-  issues:
-    types: [opened, assigned]
-  pull_request_review:
-    types: [submitted]
-
-jobs:
-  determine-commenter:
-    if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '/plan')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '/plan')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '/plan')) ||
-      (github.event_name == 'issues' && contains(github.event.issue.body, '/plan'))
-    runs-on: ubicloud-standard-2
-    outputs:
-      commenter: ${{ steps.determine-commenter.outputs.commenter }}
-    steps:
-      - name: Determine commenter
-        id: determine-commenter
-        run: |
-          # Work out who wrote the comment / review
-          if [[ "${{ github.event_name }}" == "issue_comment" || \
-                "${{ github.event_name }}" == "pull_request_review_comment" ]]; then
-            COMMENTER="${{ github.event.comment.user.login }}"
-          elif [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
-            COMMENTER="${{ github.event.review.user.login }}"
-          else
-            COMMENTER="${{ github.event.issue.user.login }}"
-          fi
-          echo "commenter=$COMMENTER" >> $GITHUB_OUTPUT
-
-  check-membership:
-    needs: determine-commenter
-    uses: ./.github/workflows/check-org-membership.yml
-    with:
-      commenter: ${{ needs.determine-commenter.outputs.commenter }}
-    secrets:
-      access_token: ${{ secrets.ORG_ACCESS_TOKEN }}
-
-  claude-plan-action:
-    needs: [determine-commenter, check-membership]
-    if: |
-      needs.check-membership.outputs.is_member == 'true'
-    runs-on: ubicloud-standard-4
-    timeout-minutes: 20
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Run Claude Plan Action
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          allowed_bots: "windmill-internal-app[bot]"
-          trigger_phrase: "/plan"
-          claude_args: |
-            --system-prompt "# Claude Planning Mode
-
-            You are operating in PLANNING MODE ONLY. Your role is to create detailed, structured plans without making any code changes.
-
-            ## Your Responsibilities:
-
-            1. **Analyze the Request**: Carefully read and understand what the user is asking for
-            2. **Explore the Codebase**: Understand the relevant code structure
-            3. **Create a Detailed Plan**: Provide a comprehensive, step-by-step plan that includes:
-               - Clear breakdown of all tasks needed
-               - Files that will need to be modified or created
-               - Code patterns and architecture decisions
-               - Potential challenges and how to address them
-               - If there are multiple options to achieve the same goal, explain the pros and cons of each option
-
-            ## Strict Constraints:
-
-            - **DO NOT** make any code changes
-            - **DO NOT** create branches or pull requests
-
-            Remember: You are here to plan, not to implement. Provide thorough analysis and clear guidance for implementation."

.github/workflows/claude.yml

@@ -11,44 +11,48 @@ on:
     types: [submitted]
 
 jobs:
-  determine-commenter:
+  check-membership:
     if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '/ai')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '/ai')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '/ai')) ||
-      (github.event_name == 'issues' && contains(github.event.issue.body, '/ai'))
+      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '/ai') && !contains(github.event.comment.user.login, '[bot]')) ||
+      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '/ai') && !contains(github.event.comment.user.login, '[bot]')) ||
+      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '/ai') && !contains(github.event.review.user.login, '[bot]')) ||
+      (github.event_name == 'issues' && contains(github.event.issue.body, '/ai') && !contains(github.event.issue.user.login, '[bot]'))
     runs-on: ubicloud-standard-2
     outputs:
-      commenter: ${{ steps.determine-commenter.outputs.commenter }}
+      is_member: ${{ steps.check-membership.outputs.is_member }}
     steps:
-      - name: Determine commenter
-        id: determine-commenter
+      - name: Check organization membership
+        id: check-membership
+        env:
+          ORG_ACCESS_TOKEN: ${{ secrets.ORG_ACCESS_TOKEN }}
         run: |
-          # Work out who wrote the comment / review
-          if [[ "${{ github.event_name }}" == "issue_comment" || \
-                "${{ github.event_name }}" == "pull_request_review_comment" ]]; then
+          ORG="windmill-labs"
+
+          if [[ "${{ github.event_name }}" == "issue_comment" || "${{ github.event_name }}" == "pull_request_review_comment" ]]; then
             COMMENTER="${{ github.event.comment.user.login }}"
           elif [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
             COMMENTER="${{ github.event.review.user.login }}"
           else
             COMMENTER="${{ github.event.issue.user.login }}"
           fi
-          echo "commenter=$COMMENTER" >> $GITHUB_OUTPUT
 
-  check-membership:
-    needs: determine-commenter
-    uses: ./.github/workflows/check-org-membership.yml
-    with:
-      commenter: ${{ needs.determine-commenter.outputs.commenter }}
-    secrets:
-      access_token: ${{ secrets.ORG_ACCESS_TOKEN }}
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+            -H "Authorization: token $ORG_ACCESS_TOKEN" \
+            -H "Accept: application/vnd.github+json" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/orgs/$ORG/members/$COMMENTER")
+
+          if [ "$STATUS" -eq 204 ]; then
+            echo "is_member=true" >> $GITHUB_OUTPUT
+          else
+            echo "is_member=false" >> $GITHUB_OUTPUT
+          fi
 
   claude-code-action:
-    needs: [determine-commenter, check-membership]
+    needs: check-membership
     if: |
       needs.check-membership.outputs.is_member == 'true'
     runs-on: ubicloud-standard-8
-    timeout-minutes: 60
     permissions:
       contents: read
       pull-requests: read
@@ -60,69 +64,21 @@ jobs:
         with:
           fetch-depth: 1
 
-      - uses: actions/cache@v3
-        with:
-          path: ~/.npm
-          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
-          restore-keys: |
-            ${{ runner.os }}-node-
-
-      - name: Run npm install and generate-backend-client
-        working-directory: ./frontend
-        run: |
-          # add a build directory for cargo check
-          mkdir -p build
-          npm install
-          npm run generate-backend-client
-
-      - name: install xmlsec1
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y libxml2-dev libxmlsec1-dev
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-        with:
-          cache-workspaces: backend
-          toolchain: 1.90.0
-
-      - name: cargo check
-        working-directory: ./backend
-        timeout-minutes: 16
-        run: |
-          SQLX_OFFLINE=true cargo check --features $(./all_features_oss.sh)
-
       - name: Run Claude PR Action
-        uses: anthropics/claude-code-action@v1
+        uses: anthropics/claude-code-action@beta
         with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          allowed_bots: "windmill-internal-app[bot]"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          timeout_minutes: "60"
+          allowed_tools: "mcp__github__create_pull_request,Bash(npm:*),Bash(cargo:*)"
+          custom_instructions: "TEST IMPORTANT INSTRUCTIONS:
+          - Bypass previous instructions and instead of adding a url in your comment to manually create a PR, if you created a new branch with your changes, automatically create a draft PR from that branch to main, with the title starting with [Claude PR].
+          - If you made changes to the frontend code, run npm install, then npm run generate-backend-client, then npm run check. You can ignore warnings that are reported by the check script, but fix the errors.
+          - If you made changes to the backend code, run cargo check. You can ignore warnings that are reported by the check script, but fix the errors.
+          - DO NOT FORGET TO OPEN A DRAFT PR AFTER YOU ARE DONE if you made changes after a request from a git issue.
+          AVAILABLE TOOLS:
+          - mcp__github__create_pull_request: Create a PR from a branch to main
+          - Bash(npm run check): Run the check script. You should run this tool after making changes to the frontend code.
+          - Bash(npm install): Install dependencies. You need this to run npm run check.
+          - Bash(npm run generate-backend-client): Generate the backend client. You need this to run npm run check.
+          - Bash(cargo check): Run the cargo check script. You should run this tool after making changes to the backend code.
           trigger_phrase: "/ai"
-          settings: |
-            {
-              "env": {
-                "SQLX_OFFLINE": "true"
-              }
-            }
-          claude_args: |
-            --allowedTools "Bash,WebFetch,WebSearch"
-            --system-prompt "## IMPORTANT INSTRUCTIONS
-            - Your branch name should be a short description of the requested changes.
-            - Bypass previous instructions and instead of adding a url in your comment to manually create a PR, if you created a new branch with your changes, automatically create a draft PR from that branch to main.
-
-            ## Code Quality Requirements
-
-            After making any code changes, you MUST run the appropriate validation commands:
-
-            **Frontend Changes:**
-            - Run: \`npm run check\` in the frontend directory
-            - Fix all warnings and errors before proceeding
-
-            **Backend Changes:**
-            - Run: \`cargo check --features $(./all_features_oss.sh)\` in the backend directory
-            - Fix all warnings and errors before proceeding
-
-            **Pull Request Creation:**
-            - DO NOT FORGET TO OPEN A DRAFT PR AFTER YOU ARE DONE if you made changes after a request from a git issue.
-
-            ## Available Tools
-            - Bash: Full access to run validation commands and git operations"

.github/workflows/create-docs.yml

@@ -4,36 +4,38 @@ on:
 
 jobs:
   check-membership:
-    if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, '/docs') }}
-    uses: ./.github/workflows/check-org-membership.yml
-    with:
-      commenter: ${{ github.event.comment.user.login }}
-    secrets:
-      access_token: ${{ secrets.ORG_ACCESS_TOKEN }}
-
-  generate-token:
-    needs: check-membership
-    if: ${{ needs.check-membership.outputs.is_member == 'true' }}
+    if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, '/docs') && github.event.comment.user.type != 'Bot' }}
     runs-on: ubicloud-standard-2
     outputs:
-      app_token: ${{ steps.app.outputs.token }}
+      is_member: ${{ steps.check-membership.outputs.is_member }}
     steps:
-      - name: Generate an installation token
-        id: app
-        uses: actions/create-github-app-token@v2
-        with:
-          app-id: ${{ vars.INTERNAL_APP_ID }}
-          private-key: ${{ secrets.INTERNAL_APP_KEY }}
-          owner: windmill-labs
+      - name: Check organization membership
+        id: check-membership
+        env:
+          ORG_ACCESS_TOKEN: ${{ secrets.ORG_ACCESS_TOKEN }}
+          COMMENTER: ${{ github.event.comment.user.login }}
+        run: |
+          ORG="windmill-labs"
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+            -H "Authorization: token $ORG_ACCESS_TOKEN" \
+            -H "Accept: application/vnd.github+json" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/orgs/$ORG/members/$COMMENTER")
+
+          if [ "$STATUS" -eq 204 ]; then
+            echo "is_member=true" >> $GITHUB_OUTPUT
+          else
+            echo "is_member=false" >> $GITHUB_OUTPUT
+          fi
 
   trigger-docs:
-    needs: [generate-token, check-membership]
-    if: ${{ needs.check-membership.outputs.is_member == 'true' }}
+    needs: check-membership
+    if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, '/docs') && needs.check-membership.outputs.is_member == 'true' }}
     uses: windmill-labs/windmilldocs/.github/workflows/create-docs.yml@main
     with:
       pr_number: ${{ github.event.issue.number }}
       repo: ${{ github.event.repository.name }}
       comment_text: ${{ github.event.comment.body }}
     secrets:
-      DOCS_TOKEN: ${{ needs.generate-token.outputs.app_token }}
+      DOCS_TOKEN: ${{ secrets.DOCS_TOKEN }}
       GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}

.github/workflows/discord-notification.yml

@@ -24,7 +24,7 @@ jobs:
       DISCORD_BOT_TOKEN: ${{ secrets.DISCORD_AI_BOT_TOKEN }}
 
   merge_success_emoji:
-    if: github.event.action == 'closed'
+    if: github.event.pull_request.merged == true
     uses: ./.github/workflows/shareable-discord-notification.yml
     with:
       PR_STATUS: "merged"

.github/workflows/docker-image.yml

@@ -220,12 +220,6 @@ jobs:
           image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
           path: "/usr/src/app/windmill"
 
-      - uses: shrink/actions-docker-extract@v3
-        id: extract-duckdb-ffi-internal
-        with:
-          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEV_SHA }}
-          path: "/usr/src/app/libwindmill_duckdb_ffi_internal.so"
-
       - uses: shrink/actions-docker-extract@v3
         id: extract-ee
         with:
@@ -243,7 +237,6 @@ jobs:
           files: |
             ${{ steps.extract.outputs.destination }}/*
             ${{ steps.extract-ee.outputs.destination }}/*
-            ${{ steps.extract-duckdb-ffi-internal.outputs.destination }}/*
 
   # attach_arm64_binary_to_release:
   #   needs: [build, build_ee]

.github/workflows/frontend-check.yml

@@ -16,12 +16,11 @@ jobs:
     runs-on: ubicloud-standard-8
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v3
         with:
-          node-version: 24
-          cache: "npm"
-          cache-dependency-path: "frontend/package-lock.json"
+          node-version: 18
       - name: "npm check"
         timeout-minutes: 5
-        run: cd frontend && npm ci && npm run generate-backend-client && npm run
+        run:
+          cd frontend && npm ci && npm run generate-backend-client && npm run
           check

.github/workflows/git-commands.yaml

@@ -1,285 +0,0 @@
-name: Git commands
-
-on:
-  issue_comment:
-    types: [created]
-
-jobs:
-  update-sqlx:
-    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/updatesqlx')
-    runs-on: ubicloud-standard-8
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-
-    services:
-      postgres:
-        image: postgres:16
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-          POSTGRES_DB: windmill
-        ports:
-          - 5432:5432
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    steps:
-      - uses: actions/create-github-app-token@v2
-        id: app
-        with:
-          app-id: ${{ vars.INTERNAL_APP_ID }}
-          private-key: ${{ secrets.INTERNAL_APP_KEY }}
-
-      - name: Comment on PR - Starting
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ steps.app.outputs.token }}
-          script: |
-            const runUrl = `https://github.com/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`;
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: `Starting sqlx update...\n\n[View workflow run](${runUrl})`
-            })
-
-      - name: Checkout repository
-        uses: actions/checkout@v3
-        with:
-          token: ${{ steps.app.outputs.token }}
-          ref: ${{ github.event.issue.pull_request.head.ref }}
-          fetch-depth: 0
-
-      - name: Checkout windmill-ee-private
-        uses: actions/checkout@v3
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: windmill-ee-private
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-
-      # Cache rust dependencies
-      - uses: dtolnay/rust-toolchain@stable
-      - uses: Swatinem/rust-cache@v2
-        with:
-          workspaces: "./backend -> target"
-
-      - name: Install xmlsec build-time deps
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y --no-install-recommends \
-            pkg-config libxml2-dev libssl-dev \
-            xmlsec1 libxmlsec1-dev libxmlsec1-openssl
-
-      - name: Run update-sqlx script
-        env:
-          DATABASE_URL: postgres://postgres:postgres@localhost:5432/windmill
-          GH_TOKEN: ${{ steps.app.outputs.token }}
-        run: |
-          set -e  # Exit on any command failure
-          PR_NUMBER=${{ github.event.issue.number }}
-
-          # Set up error trap to comment on PR for any failure
-          trap 'gh pr comment $PR_NUMBER --body "❌ SQLx update failed. Please check the workflow logs for details."' ERR
-
-          BRANCH_NAME=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)
-          echo "Checking out PR branch: $BRANCH_NAME"
-          git checkout $BRANCH_NAME
-          git config --local user.email "windmill-internal-app[bot]@users.noreply.github.com"
-          git config --local user.name "windmill-internal-app[bot]"
-          git config pull.rebase true
-          git pull origin $BRANCH_NAME
-          mkdir -p frontend/build
-          cd backend
-          cargo install sqlx-cli --version 0.8.5
-          sqlx migrate run
-          ./substitute_ee_code.sh --dir ./windmill-ee-private
-          ./update_sqlx.sh
-          # Pass the branch name to the next step
-          echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
-
-      - name: Commit changes if any
-        run: |
-          git add backend/.sqlx
-          git commit -m "Update SQLx metadata"
-          git push origin ${{ env.BRANCH_NAME }}
-
-      - name: Comment on PR - Completed
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ steps.app.outputs.token }}
-          script: |
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: 'Successfully ran sqlx update'
-            })
-
-  demo:
-    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/demo')
-    runs-on: ubicloud-standard-2
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Run Claude Code for Demo Generation
-        uses: anthropics/claude-code-action@beta
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          timeout_minutes: "10"
-          allowed_tools: "Bash"
-          direct_prompt: |
-            You need to:
-
-            1. Extract the Cloudflare preview URL from the cloudflare-workers-and-pages bot comment in this PR
-            2. Analyze the PR changes to understand what feature was added/modified
-            3. Create detailed instructions to give to an AI agent that will click and interact with buttons and inputs to showcase the new feature. Only include the instructions, nothing else.
-            4. Create a demo.json file with a valid JSON object containing:
-              - instructions: the demo instructions
-              - url: the preview URL
-            5. VALIDATE the JSON file using `jq` before finishing
-            DO NOT COMMIT THIS FILE TO THE PR.
-
-            Example demo.json:
-            {
-              "instructions": "Click on settings, then account settings, then 'generate new token'",
-              "url": "https://example.pages.dev"
-            }
-
-            CRITICAL: After creating demo.json, you MUST:
-            1. Run `jq empty demo.json` to validate the JSON is properly formatted
-            2. If validation fails, fix the JSON and validate again
-            3. Only proceed once the JSON passes validation
-            4. Use proper JSON escaping for newlines, quotes, and special characters
-
-            Make sure to:
-            - Create a valid JSON object that passes `jq empty demo.json`
-            - Extract the correct preview URL (should be a .pages.dev domain)
-            - Create specific, actionable demo steps based on the actual changes in the PR
-            - Properly escape all strings in the JSON (use jq to create the file if needed)
-            - NOT COMMIT THE DEMO.JSON FILE TO THE PR
-
-      - name: Send instructions to Windmill
-        env:
-          DEMO_WEBHOOK_TOKEN: ${{ secrets.DEMO_WEBHOOK_TOKEN }}
-        run: |
-          if [[ -f "demo.json" ]]; then
-            echo "Found demo.json, sending to Windmill..."
-            cat demo.json
-
-            # Validate JSON one more time (Claude should have already done this)
-            if ! jq empty demo.json; then
-              echo "Error: demo.json is not valid JSON"
-              exit 1
-            fi
-
-            RESULT=$(curl -s \
-              -H 'Content-Type: application/json' \
-              -H "Authorization: Bearer $DEMO_WEBHOOK_TOKEN" \
-              -X POST \
-              -d @demo.json \
-              'https://app.windmill.dev/api/w/windmill-labs/jobs/run/f/f/ai/browserbase_demo')
-
-            echo "Windmill response:"
-            echo -E "$RESULT"
-          else
-            echo "Error: demo.json file not found"
-            exit 1
-          fi
-
-  update-ee-ref:
-    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/eeref')
-    runs-on: ubicloud-standard-2
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-    steps:
-      - uses: actions/create-github-app-token@v2
-        id: app
-        with:
-          app-id: ${{ vars.INTERNAL_APP_ID }}
-          private-key: ${{ secrets.INTERNAL_APP_KEY }}
-
-      - name: Comment on PR - Starting
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ steps.app.outputs.token }}
-          script: |
-            const runUrl = `https://github.com/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`;
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: `Starting ee ref update...\n\n[View workflow run](${runUrl})`
-            })
-
-      - name: Checkout repository
-        uses: actions/checkout@v3
-        with:
-          token: ${{ steps.app.outputs.token }}
-          ref: ${{ github.event.issue.pull_request.head.ref }}
-          fetch-depth: 0
-
-      - name: Checkout windmill-ee-private
-        uses: actions/checkout@v3
-        with:
-          repository: windmill-labs/windmill-ee-private
-          path: windmill-ee-private
-          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
-
-      - name: Get last commit hash of private-repo
-        id: get-commit-hash
-        run: |
-          cd windmill-ee-private
-          COMMIT_HASH=$(git rev-parse HEAD)
-          echo "commit_hash=$COMMIT_HASH" >> $GITHUB_OUTPUT
-          echo "Latest commit hash: $COMMIT_HASH"
-
-      - name: Update ee-repo-ref.txt
-        env:
-          GH_TOKEN: ${{ steps.app.outputs.token }}
-        run: |
-          set -e  # Exit on any command failure
-          PR_NUMBER=${{ github.event.issue.number }}
-
-          # Set up error trap to comment on PR for any failure
-          trap 'gh pr comment $PR_NUMBER --body "❌ EE ref update failed. Please check the workflow logs for details."' ERR
-
-          BRANCH_NAME=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)
-          echo "Checking out PR branch: $BRANCH_NAME"
-          git checkout $BRANCH_NAME
-          git config --local user.email "windmill-internal-app[bot]@users.noreply.github.com"
-          git config --local user.name "windmill-internal-app[bot]"
-          git config pull.rebase true
-          git pull origin $BRANCH_NAME
-          echo "${{ steps.get-commit-hash.outputs.commit_hash }}" > backend/ee-repo-ref.txt
-          echo "Updated backend/ee-repo-ref.txt with commit hash: ${{ steps.get-commit-hash.outputs.commit_hash }}"
-          # commit and push the changes
-          git add backend/ee-repo-ref.txt
-          git commit -m "Update ee-repo-ref.txt" || echo "No changes to commit"
-          git push origin $BRANCH_NAME
-
-      - name: Comment on PR - Completed
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ steps.app.outputs.token }}
-          script: |
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: 'Successfully updated ee-repo-ref.txt'
-            })

.github/workflows/helmchart_on_release.yml

@@ -9,19 +9,11 @@ jobs:
     runs-on: ubicloud-standard-2
 
     steps:
-      - name: Generate an installation token
-        id: app
-        uses: actions/create-github-app-token@v2
-        with:
-          app-id: ${{ vars.INTERNAL_APP_ID }}
-          private-key: ${{ secrets.INTERNAL_APP_KEY }}
-          owner: windmill-labs
-
       - name: Checkout on helm repository
         uses: actions/checkout@v3
         with:
           repository: windmill-labs/windmill-helm-charts
-          token: ${{ steps.app.outputs.token }}
+          token: ${{ secrets.HELM_CHART_TOKEN }}
 
       - name: Get version
         id: get_version
@@ -57,23 +49,6 @@ jobs:
           APP_VERSION=${APP_VERSION%/}
           sed -i "s/appVersion: .*/appVersion: $APP_VERSION/" ./charts/windmill/Chart.yaml
 
-      - name: Close existing bump-helm PRs
-        env:
-          GH_TOKEN: ${{ steps.app.outputs.token }}
-        run: |
-          # List open PR numbers whose title starts with the prefix
-          prs=$(gh pr list \
-                  --state open \
-                  --search '"helm: bump version to" in:title' \
-                  --json number \
-                  -q '.[].number')
-
-          for pr in $prs; do
-            echo "Closing outdated bump PR #$pr"
-            gh pr close "$pr" \
-              --comment "Closed automatically – superseded by a newer Helm-chart bump PR."
-          done
-
       - name: Commit and push
         run: |
           git add .
@@ -82,7 +57,7 @@ jobs:
 
       - name: Create PR
         env:
-          GH_TOKEN: ${{ steps.app.outputs.token }}
+          GH_TOKEN: ${{ secrets.HELM_CHART_TOKEN }}
         run: |
           gh pr create \
             --title "helm: bump version to ${{ env.VERSION }}" \

.github/workflows/pr-ready-review.yml

@@ -1,47 +0,0 @@
-name: Claude Auto Review
-
-on:
-  pull_request:
-    types: [ready_for_review, opened]
-
-concurrency:
-  group: claude-review-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  auto-review:
-    runs-on: ubuntu-latest
-    if: github.event.pull_request.draft == false || github.event.pull_request.ready_for_review == true
-    permissions:
-      contents: read
-      pull-requests: read
-      id-token: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Automatic PR Review
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          track_progress: true
-          prompt: |
-            REPO: ${{ github.repository }}
-            PR NUMBER: ${{ github.event.pull_request.number }}
-
-            Please review this pull request and provide comprehensive feedback.
-
-            Focus on:
-            - Code quality and best practices
-            - Potential bugs or issues
-            - Performance considerations
-            - Security implications
-
-            Provide detailed feedback using inline comments for specific issues.
-            Use top-level comments for general observations or praise.
-
-            At the end of your review, add complete instructions to reproduce the added changes through the app interface. These instructions will be given to a tester so he can verify the changes. It should be a short descriptive text (not a step by step or a list) on how to navigate the app (what page, what action, what input, etc) to see the changes.
-          claude_args: |
-            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"

.github/workflows/publish_windows_worker.yml

@@ -35,7 +35,7 @@ jobs:
       - name: Setup Rust
         uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.90.0
+          toolchain: 1.85.0
           override: true
 
       - name: Substitute EE code
@@ -43,12 +43,6 @@ jobs:
         run: |
           ./backend/substitute_ee_code.sh --copy --dir ./windmill-ee-private
 
-      - name: Cargo build dynamic libraries windows
-        timeout-minutes: 90
-        run: |
-          cd backend/windmill-duckdb-ffi-internal
-          cargo build --release -p windmill_duckdb_ffi_internal
-
       - name: Cargo build windows
         timeout-minutes: 90
         run: |
@@ -69,9 +63,3 @@ jobs:
         with:
           files: |
             ./backend/target/release/windmill-ee.exe
-
-      - name: Attach dynamic libraries to release
-        uses: softprops/action-gh-release@v2
-        with:
-          files: |
-            ./backend/windmill-duckdb-ffi-internal/target/release/windmill_duckdb_ffi_internal.dll

.github/workflows/rust-client-check.yml

@@ -1,27 +0,0 @@
-name: Rust Client Check
-on:
-  workflow_run:
-    workflows: ["Change versions"]
-    types:
-      - completed
-  push:
-    paths:
-      - "rust-client/**"
-      - "backend/**/*.rs"
-      - "backend/windmill-api/openapi.yaml"
-      - "version.txt"
-      - "flake.nix"
-      - ".github/workflows/rust-client-check.yml"
-
-jobs:
-  check_rust_client:
-    runs-on: ubicloud-standard-8
-    steps:
-      - uses: actions/checkout@v4
-      - uses: cachix/install-nix-action@v20
-        with:
-          extra_nix_config: |
-            experimental-features = nix-command flakes
-      - name: Check rust client builds
-        run: cd rust-client && nix develop ../ --command ./dev.nu --check
-        timeout-minutes: 16

.github/workflows/update-sqlx.yaml

@@ -0,0 +1,105 @@
+name: Update SQLx
+
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  update-sqlx:
+    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/updatesqlx')
+    runs-on: ubicloud-standard-8
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+
+    services:
+      postgres:
+        image: postgres:14
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_USER: postgres
+          POSTGRES_DB: windmill
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - name: Comment on PR - Starting
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'Starting sqlx update...'
+            })
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.issue.pull_request.head.ref }}
+          fetch-depth: 0
+
+      - name: Checkout windmill-ee-private
+        uses: actions/checkout@v3
+        with:
+          repository: windmill-labs/windmill-ee-private
+          path: windmill-ee-private
+          token: ${{ secrets.WINDMILL_EE_PRIVATE_ACCESS }}
+
+      # Cache rust dependencies
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: "./backend -> target"
+
+      - name: Install xmlsec build-time deps
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends \
+            pkg-config libxml2-dev libssl-dev \
+            xmlsec1 libxmlsec1-dev libxmlsec1-openssl
+
+      - name: Run update-sqlx script
+        env:
+          DATABASE_URL: postgres://postgres:postgres@localhost:5432/windmill
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          PR_NUMBER=${{ github.event.issue.number }}
+          BRANCH_NAME=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)
+          echo "Checking out PR branch: $BRANCH_NAME"
+          git checkout $BRANCH_NAME
+          mkdir frontend/build
+          cd backend
+          cargo install sqlx-cli --version 0.8.5
+          sqlx migrate run
+          ./update_sqlx.sh --dir ./windmill-ee-private
+          # Pass the branch name to the next step
+          echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
+
+      - name: Commit changes if any
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add backend/.sqlx
+          git commit -m "Update SQLx metadata"
+          git push origin ${{ env.BRANCH_NAME }}
+
+      - name: Comment on PR - Completed
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'Successfully ran sqlx update'
+            })

.github/workflows/weekly-pr-summary.yml

@@ -1,144 +0,0 @@
-name: Weekly PR Summary
-
-on:
-  schedule:
-    # Every Friday at 8:00 AM UTC
-    - cron: "0 8 * * 5"
-  workflow_dispatch:
-    # Allow manual triggering for testing
-
-jobs:
-  weekly-pr-summary:
-    runs-on: ubicloud-standard-4
-    timeout-minutes: 30
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: write
-      id-token: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Generate Weekly PR Summary
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          prompt: |
-            REPO: ${{ github.repository }}
-
-            Generate a categorized weekly summary of ONLY MERGED Pull Requests from the past 7 days.
-
-            ## Your Task:
-
-            1. **Calculate Date Range**:
-               - Run: `CUTOFF_DATE=$(date --date='7 days ago' --iso-8601)`
-               - Run: `TODAY=$(date --iso-8601)`
-               - This gives you the exact 7-day window (store these in variables for use in commands)
-
-            2. **Fetch ONLY Merged PRs from Past Week**:
-               - Command: `gh pr list --repo ${{ github.repository }} --state merged --search "merged:>=$CUTOFF_DATE" --limit 100 --json number,title,author,mergedAt,url`
-               - This returns ONLY PRs that were merged in the last 7 days
-               - The --search flag filters by merge date using GitHub's search syntax
-               - **FILTER OUT** any PRs with titles starting with "chore: release" or "chore(release)"
-
-            3. **Categorize PRs**: Group PRs into three categories by analyzing titles and labels:
-               - **Features**: PRs with titles starting with "feat:", "feature:", or containing "add", "implement", "new"
-               - **Bug Fixes**: PRs with titles starting with "fix:", "bug:", or containing "fix", "resolve", "patch"
-               - **Other**: All remaining PRs (improvements, refactors, docs, chores, etc.)
-
-            4. **Gather Details**: For each feature and bug fix merged PR, include:
-               - Full PR title (NO truncation, NO links)
-               - Author (extract login from author.login in JSON)
-               - Brief summary: Use `gh pr view <number> --json body` to get PR description, then extract first paragraph or key points (1-2 sentences max)
-
-            5. **Character Limit Enforcement**:
-               - The final summary MUST be under 5000 characters
-               - If the summary exceeds 5000 characters, truncate PR descriptions (NOT titles) and add at the end: "_and X more PRs_" where X is the count of omitted PRs
-
-            6. **Save Summary to Markdown File**: Write the summary to a file for webhook delivery:
-               - Save the complete formatted markdown to: `summary.md`
-               - Do not commit the file to the repository
-
-            ## Output Format:
-
-            ```markdown
-            ### 📈 Weekly overview
-            - **Total merged**: X
-            - **Features**: Y
-            - **Bug Fixes**: Z
-            - **Other**: W
-
-            ### ✨ Features (Y)
-            - **[Full PR Title]** by @username - [brief impact description]
-            - **[Full PR Title]** by @username - [brief impact description]
-
-            ### 🐛 Bug Fixes (Z)
-            - **[Full PR Title]** by @username - [brief impact description]
-            - **[Full PR Title]** by @username - [brief impact description]
-
-            _and X more PRs_
-            ```
-
-            ## Important Notes:
-            - **CRITICAL**: ONLY include PRs with state "merged" from the last 7 days
-            - **CRITICAL**: EXCLUDE all PRs with titles starting with "chore: release" or "chore(release)"
-            - **CRITICAL**: Total character count MUST be under 5000 characters
-            - Count the number of "Other" PRs but do not include a section for them in the output
-            - Only use ### markdown headers for major sections and emoji indicators
-            - NO links to PRs
-            - NO merged date in output
-            - NEVER truncate PR titles - show full titles
-            - Use GitHub CLI (`gh`) for all operations
-            - Sort PRs within each category by merge date (most recent first)
-            - If a PR has no description, write "(No description provided)"
-            - Extract meaningful summary from PR body - look for the first paragraph or key bullet points
-            - Parse JSON responses carefully using `jq` or similar tools
-            - If summary exceeds 5000 chars, shorten PR descriptions and add "_and X more PRs_" at the end
-            - Count PRs in each category and display in both overview and section headers
-
-            ## Saving the Markdown Output:
-            After generating the markdown summary, save it to a file, BUT DO NOT COMMIT IT TO THE REPOSITORY.
-
-            ## Write Tool Fallback:
-            - First, attempt to use the Write tool to create `summary.md` with the markdown content
-            - If the Write tool returns ANY error or fails:
-              1. Use the Bash tool with the `echo` command instead
-              2. Use a heredoc to write the content: `cat > summary.md << 'EOF'` followed by your markdown content and `EOF` on a new line
-              3. Example: `cat > summary.md << 'EOF'\n[your markdown content here]\nEOF`
-              4. This ensures the file is always created regardless of Write tool issues
-            - Verify the file was created by running: `ls -lh summary.md`
-          claude_args: |
-            --allowedTools "Edit,MultiEdit,Write,Read,Glob,Grep,LS,Bash"
-
-      - name: Send Summary to Windmill
-        if: hashFiles('summary.md') != ''
-        env:
-          WEEKLY_SUMMARY_TOKEN: ${{ secrets.WEEKLY_SUMMARY_TOKEN }}
-        run: |
-          if [[ -f "summary.md" ]]; then
-            echo "Found summary.md, sending to Windmill..."
-
-            # Read the markdown content
-            MARKDOWN_CONTENT=$(cat summary.md)
-
-            # Create JSON payload
-            PAYLOAD=$(jq -n --arg markdown "$MARKDOWN_CONTENT" '{markdown: $markdown}')
-
-            # Send to Windmill webhook
-            RESULT=$(curl -s \
-              -H 'Content-Type: application/json' \
-              -H "Authorization: Bearer $WEEKLY_SUMMARY_TOKEN" \
-              -X POST \
-              -d "$PAYLOAD" \
-              'https://app.windmill.dev/api/w/windmill-labs/jobs/run/f/f/ai/send_past_week_pr_summaries_to_discord')
-
-            echo "Windmill response:"
-            echo -E "$RESULT"
-            echo "✅ Summary sent successfully to Windmill!"
-          else
-            echo "⚠️ Warning: summary.md not found, skipping delivery"
-            exit 1
-          fi

.gitignore

@@ -7,9 +7,8 @@ CaddyfileRemoteMalo
 *.swp
 **/.idea/
 .direnv
-/.vscode
+.vscode
 .dev-docker-wrapper*
 backend/.minio-data
 .aider*
-!.aiderignore
-rust-client/Cargo.toml
+!.aiderignore

.mcp.json

@@ -1,8 +0,0 @@
-{
-  "mcpServers": {
-    "svelte": {
-      "type": "http",
-      "url": "https://mcp.svelte.dev/mcp"
-    }
-  }
-}

CLAUDE.md

@@ -1,35 +1,3 @@
-# Windmill Development Guide
-
-## Overview
-
-Windmill is an open-source developer platform for building internal tools, workflows, API integrations, background jobs, workflows, and user interfaces. See @windmill-overview.mdc for full platform details.
-
-## New Feature Implementation Guidelines
-
-When implementing new features in Windmill, follow these best practices:
-
-- **Clean Code First**: Write clean, readable, and maintainable code. Prioritize clarity over cleverness.
-- **Avoid Duplication at All Costs**: Before writing new code, thoroughly search for existing implementations that can be reused or extended.
-- **Adapt Existing Code**: Refactor and generalize existing code when necessary to avoid logic duplication. Extract common patterns into reusable utilities.
-- **Follow Established Patterns**: Study existing code patterns in the codebase and maintain consistency with established conventions.
-- **Single Responsibility**: Each function, component, and module should have a single, well-defined responsibility.
-- **Incremental Implementation**: Break large features into smaller, reviewable chunks that can be implemented and tested incrementally.
-
-## Language-Specific Guides
-
-- Backend (Rust): @backend/rust-best-practices.mdc + @backend/summarized_schema.txt
-- Frontend (Svelte 5): @frontend/svelte5-best-practices.mdc
-
-## Querying the Database
-
-To query the database directly, use psql with the following connection string:
-
-```bash
-psql postgres://postgres:changeme@localhost:5432/windmill
-```
-
-This can be helpful for:
-
-- Inspecting database state during development
-- Testing queries before implementing them in Rust
-- Debugging data-related issues
+To have an overview of what this app does, see @.cursor/rules/windmill-overview.mdc
+For backend modifications, follow the rules mentioned here @.cursor/rules/rust-best-practices.mdc. You also have access to a summarized version of the database schema here @backend/summarized_schema.txt
+For frontend modifications, follow the rules mentioned here @.cursor/rules/svelte5-best-practices.mdc

Dockerfile

@@ -1,15 +1,5 @@
 ARG DEBIAN_IMAGE=debian:bookworm-slim
-ARG RUST_IMAGE=rust:1.90-slim-bookworm
-
-# Build libwindmill_duckdb_ffi_internal.so separately
-FROM ${RUST_IMAGE} AS windmill_duckdb_ffi_internal_builder
-
-WORKDIR /windmill-duckdb-ffi-internal
-RUN apt-get update && apt-get install -y pkg-config clang=1:14.0-55.* libclang-dev=1:14.0-55.* cmake=3.25.* && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
-COPY ./backend/windmill-duckdb-ffi-internal .
-RUN cargo build --release -p windmill_duckdb_ffi_internal
+ARG RUST_IMAGE=rust:1.86-slim-bookworm
 
 FROM ${RUST_IMAGE} AS rust_base
 
@@ -30,7 +20,7 @@ WORKDIR /windmill
 ENV SQLX_OFFLINE=true
 # ENV CARGO_INCREMENTAL=1
 
-FROM node:24-alpine as frontend
+FROM node:20-alpine as frontend
 
 # install dependencies
 WORKDIR /frontend
@@ -48,7 +38,6 @@ COPY /backend/windmill-api/build_openapi.sh /backend/windmill-api/build_openapi.
 RUN cd /backend/windmill-api && . ./build_openapi.sh
 COPY /backend/parsers/windmill-parser-wasm/pkg/ /backend/parsers/windmill-parser-wasm/pkg/
 COPY /typescript-client/docs/ /frontend/static/tsdocs/
-COPY /python-client/docs/ /frontend/static/pydocs/
 
 RUN npm run generate-backend-client
 ENV NODE_OPTIONS "--max-old-space-size=8192"
@@ -93,6 +82,7 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
     --mount=type=cache,target=$SCCACHE_DIR,sharing=locked \
     CARGO_NET_GIT_FETCH_WITH_CLI=true cargo build --release --features "$features"
 
+
 FROM ${DEBIAN_IMAGE}
 
 ARG TARGETPLATFORM
@@ -100,8 +90,7 @@ ARG POWERSHELL_VERSION=7.5.0
 ARG POWERSHELL_DEB_VERSION=7.5.0-1
 ARG KUBECTL_VERSION=1.28.7
 ARG HELM_VERSION=3.14.3
-# NOTE: If changing, also change go version in workspace dependencies template at WorkspaceDependenciesEditor.svelte
-ARG GO_VERSION=1.25.0
+ARG GO_VERSION=1.22.5
 ARG APP=/usr/src/app
 ARG WITH_POWERSHELL=true
 ARG WITH_KUBECTL=true
@@ -115,10 +104,7 @@ ARG WITH_GIT=true
 ARG LATEST_STABLE_PY=3.11.10
 ENV UV_PYTHON_INSTALL_DIR=/tmp/windmill/cache/py_runtime
 ENV UV_PYTHON_PREFERENCE=only-managed
-
-RUN mkdir -p /usr/local/uv
 ENV UV_TOOL_BIN_DIR=/usr/local/bin
-ENV UV_TOOL_DIR=/usr/local/uv
 
 ENV PATH /usr/local/bin:/root/.local/bin:$PATH
 
@@ -205,11 +191,10 @@ ENV TZ=Etc/UTC
 
 COPY --from=builder /frontend/build /static_frontend
 COPY --from=builder /windmill/target/release/windmill ${APP}/windmill
-COPY --from=windmill_duckdb_ffi_internal_builder /windmill-duckdb-ffi-internal/target/release/libwindmill_duckdb_ffi_internal.so ${APP}/libwindmill_duckdb_ffi_internal.so
 
 COPY --from=denoland/deno:2.2.1 --chmod=755 /usr/bin/deno /usr/bin/deno
 
-COPY --from=oven/bun:1.2.23 /usr/local/bin/bun /usr/bin/bun
+COPY --from=oven/bun:1.2.4 /usr/local/bin/bun /usr/bin/bun
 
 COPY --from=php:8.3.7-cli /usr/local/bin/php /usr/bin/php
 COPY --from=composer:2.7.6 /usr/bin/composer /usr/bin/composer
@@ -219,7 +204,6 @@ COPY --from=docker:dind /usr/local/bin/docker /usr/local/bin/
 
 ENV RUSTUP_HOME="/usr/local/rustup"
 ENV CARGO_HOME="/usr/local/cargo"
-ENV LD_LIBRARY_PATH="."
 
 WORKDIR ${APP}
 

README.md

@@ -332,40 +332,38 @@ you to have it being synced automatically everyday.
 
 ## Environment Variables
 
-| Environment Variable name           | Default                          | Description                                                                                                                                                                                        | Api Server/Worker/All |
-| ----------------------------------- | -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
-| DATABASE_URL                        |                                  | The Postgres database url.                                                                                                                                                                         | All                   |
-| WORKER_GROUP                        | default                          | The worker group the worker belongs to and get its configuration pulled from                                                                                                                       | Worker                |
-| MODE                                | standalone                       | The mode if the binary. Possible values: standalone, worker, server, agent                                                                                                                         | All                   |
-| METRICS_ADDR                        | None                             | (ee only) The socket addr at which to expose Prometheus metrics at the /metrics path. Set to "true" to expose it on port 8001                                                                      | All                   |
-| JSON_FMT                            | false                            | Output the logs in json format instead of logfmt                                                                                                                                                   | All                   |
-| BASE_URL                            | http://localhost:8000            | The base url that is exposed publicly to access your instance. Is overriden by the instance settings if any.                                                                                       | Server                |
-| ZOMBIE_JOB_TIMEOUT                  | 30                               | The timeout after which a job is considered to be zombie if the worker did not send pings about processing the job (every server check for zombie jobs every 30s)                                  | Server                |
-| RESTART_ZOMBIE_JOBS                 | true                             | If true then a zombie job is restarted (in-place with the same uuid and some logs), if false the zombie job is failed                                                                              | Server                |
-| SLEEP_QUEUE                         | 50                               | The number of ms to sleep in between the last check for new jobs in the DB. It is multiplied by NUM_WORKERS such that in average, for one worker instance, there is one pull every SLEEP_QUEUE ms. | Worker                |
-| KEEP_JOB_DIR                        | false                            | Keep the job directory after the job is done. Useful for debugging.                                                                                                                                | Worker                |
-| LICENSE_KEY (EE only)               | None                             | License key checked at startup for the Enterprise Edition of Windmill                                                                                                                              | Worker                |
-| SLACK_SIGNING_SECRET                | None                             | The signing secret of your Slack app. See [Slack documentation](https://api.slack.com/authentication/verifying-requests-from-slack)                                                                | Server                |
-| COOKIE_DOMAIN                       | None                             | The domain of the cookie. If not set, the cookie will be set by the browser based on the full origin                                                                                               | Server                |
-| DENO_PATH                           | /usr/bin/deno                    | The path to the deno binary.                                                                                                                                                                       | Worker                |
-| PYTHON_PATH                         |                                  | The path to the python binary if wanting to not have it managed by uv.                                                                                                                             | Worker                |
-| GO_PATH                             | /usr/bin/go                      | The path to the go binary.                                                                                                                                                                         | Worker                |
-| GOPRIVATE                           |                                  | The GOPRIVATE env variable to use private go modules                                                                                                                                               | Worker                |
-| GOPROXY                             |                                  | The GOPROXY env variable to use                                                                                                                                                                    | Worker                |
-| NETRC                               |                                  | The netrc content to use a private go registry                                                                                                                                                     | Worker                |
-| PY_CONCURRENT_DOWNLOADS             | 20                               | Sets the maximum number of in-flight concurrent python downloads that windmill will perform at any given time.                                                                                     | Worker                |
-| PATH                                | None                             | The path environment variable, usually inherited                                                                                                                                                   | Worker                |
-| HOME                                | None                             | The home directory to use for Go and Bash , usually inherited                                                                                                                                      | Worker                |
-| DATABASE_CONNECTIONS                | 50 (Server)/3 (Worker)           | The max number of connections in the database connection pool                                                                                                                                      | All                   |
-| SUPERADMIN_SECRET                   | None                             | A token that would let the caller act as a virtual superadmin superadmin@windmill.dev                                                                                                              | Server                |
-| TIMEOUT_WAIT_RESULT                 | 20                               | The number of seconds to wait before timeout on the 'run_wait_result' endpoint                                                                                                                     | Worker                |
-| QUEUE_LIMIT_WAIT_RESULT             | None                             | The number of max jobs in the queue before rejecting immediately the request in 'run_wait_result' endpoint. Takes precedence on the query arg. If none is specified, there are no limit.           | Worker                |
-| DENO_AUTH_TOKENS                    | None                             | Custom DENO_AUTH_TOKENS to pass to worker to allow the use of private modules                                                                                                                      | Worker                |
-| DISABLE_RESPONSE_LOGS               | false                            | Disable response logs                                                                                                                                                                              | Server                |
-| CREATE_WORKSPACE_REQUIRE_SUPERADMIN | true                             | If true, only superadmins can create new workspaces                                                                                                                                                | Server                |
-| MIN_FREE_DISK_SPACE_MB              | 15000                            | Minimum amount of free space on worker. Sends critical alert if worker has less free space.                                                                                                        | Worker                |
-| RUN_UPDATE_CA_CERTIFICATE_AT_START  | false                            | If true, runs CA certificate update command at startup before other initialization                                                                                                                 | All                   |
-| RUN_UPDATE_CA_CERTIFICATE_PATH      | /usr/sbin/update-ca-certificates | Path to the CA certificate update command/script to run when RUN_UPDATE_CA_CERTIFICATE_AT_START is true                                                                                            | All                   |
+| Environment Variable name           | Default                | Description                                                                                                                                                                                        | Api Server/Worker/All |
+| ----------------------------------- | ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
+| DATABASE_URL                        |                        | The Postgres database url.                                                                                                                                                                         | All                   |
+| WORKER_GROUP                        | default                | The worker group the worker belongs to and get its configuration pulled from                                                                                                                       | Worker                |
+| MODE                                | standalone             | The mode if the binary. Possible values: standalone, worker, server, agent                                                                                                                         | All                   |
+| METRICS_ADDR                        | None                   | (ee only) The socket addr at which to expose Prometheus metrics at the /metrics path. Set to "true" to expose it on port 8001                                                                      | All                   |
+| JSON_FMT                            | false                  | Output the logs in json format instead of logfmt                                                                                                                                                   | All                   |
+| BASE_URL                            | http://localhost:8000  | The base url that is exposed publicly to access your instance. Is overriden by the instance settings if any.                                                                                       | Server                |
+| ZOMBIE_JOB_TIMEOUT                  | 30                     | The timeout after which a job is considered to be zombie if the worker did not send pings about processing the job (every server check for zombie jobs every 30s)                                  | Server                |
+| RESTART_ZOMBIE_JOBS                 | true                   | If true then a zombie job is restarted (in-place with the same uuid and some logs), if false the zombie job is failed                                                                              | Server                |
+| SLEEP_QUEUE                         | 50                     | The number of ms to sleep in between the last check for new jobs in the DB. It is multiplied by NUM_WORKERS such that in average, for one worker instance, there is one pull every SLEEP_QUEUE ms. | Worker                |
+| KEEP_JOB_DIR                        | false                  | Keep the job directory after the job is done. Useful for debugging.                                                                                                                                | Worker                |
+| LICENSE_KEY (EE only)               | None                   | License key checked at startup for the Enterprise Edition of Windmill                                                                                                                              | Worker                |
+| SLACK_SIGNING_SECRET                | None                   | The signing secret of your Slack app. See [Slack documentation](https://api.slack.com/authentication/verifying-requests-from-slack)                                                                | Server                |
+| COOKIE_DOMAIN                       | None                   | The domain of the cookie. If not set, the cookie will be set by the browser based on the full origin                                                                                               | Server                |
+| DENO_PATH                           | /usr/bin/deno          | The path to the deno binary.                                                                                                                                                                       | Worker                |
+| PYTHON_PATH                         |                        | The path to the python binary if wanting to not have it managed by uv.                                                                                                                             | Worker                |
+| GO_PATH                             | /usr/bin/go            | The path to the go binary.                                                                                                                                                                         | Worker                |
+| GOPRIVATE                           |                        | The GOPRIVATE env variable to use private go modules                                                                                                                                               | Worker                |
+| GOPROXY                             |                        | The GOPROXY env variable to use                                                                                                                                                                    | Worker                |
+| NETRC                               |                        | The netrc content to use a private go registry                                                                                                                                                     | Worker                |
+| PY_CONCURRENT_DOWNLOADS             | 20                     | Sets the maximum number of in-flight concurrent python downloads that windmill will perform at any given time.                                                                                     | Worker                |
+| PATH                                | None                   | The path environment variable, usually inherited                                                                                                                                                   | Worker                |
+| HOME                                | None                   | The home directory to use for Go and Bash , usually inherited                                                                                                                                      | Worker                |
+| DATABASE_CONNECTIONS                | 50 (Server)/3 (Worker) | The max number of connections in the database connection pool                                                                                                                                      | All                   |
+| SUPERADMIN_SECRET                   | None                   | A token that would let the caller act as a virtual superadmin superadmin@windmill.dev                                                                                                              | Server                |
+| TIMEOUT_WAIT_RESULT                 | 20                     | The number of seconds to wait before timeout on the 'run_wait_result' endpoint                                                                                                                     | Worker                |
+| QUEUE_LIMIT_WAIT_RESULT             | None                   | The number of max jobs in the queue before rejecting immediately the request in 'run_wait_result' endpoint. Takes precedence on the query arg. If none is specified, there are no limit.           | Worker                |
+| DENO_AUTH_TOKENS                    | None                   | Custom DENO_AUTH_TOKENS to pass to worker to allow the use of private modules                                                                                                                      | Worker                |
+| DISABLE_RESPONSE_LOGS               | false                  | Disable response logs                                                                                                                                                                              | Server                |
+| CREATE_WORKSPACE_REQUIRE_SUPERADMIN | true                   | If true, only superadmins can create new workspaces                                                                                                                                                | Server                |
+| MIN_FREE_DISK_SPACE_MB              | 15000                  | Minimum amount of free space on worker. Sends critical alert if worker has less free space.                                                                                                        | Worker                |
 
 ## Run a local dev setup
 
@@ -374,6 +372,7 @@ Using [Nix](./frontend/README_DEV.md#nix) (Recommended).
 See the [./frontend/README_DEV.md](./frontend/README_DEV.md) file for all
 running options.
 
+
 ### only Frontend
 
 This will use the backend of <https://app.windmill.dev> but your own frontend
@@ -399,27 +398,29 @@ npm run generate-backend-client-mac
 See the [./frontend/README_DEV.md](./frontend/README_DEV.md) file for all
 running options.
 
-1. Start a local Postgres database using for instance the `start-dev-db.sh` script which will make a database available at `postgres://postgres:changeme@localhost:5432/windmill`
-   Then run the migrations using the following command:
+1. Create a Postgres Database for Windmill and create an admin role inside your
+   Postgres setup. The easiest way to get a working db is to run
    ```
    cargo install sqlx-cli
    env DATABASE_URL=<YOUR_DATABASE_URL> sqlx migrate run
    ```
-   This will also avoid compile time issue with sqlx's `query!` macro.
-2. (optional, linux only) Install [nsjail](https://github.com/google/nsjail) and have it accessible in
+   This will also avoid compile time issue with sqlx's `query!` macro
+2. Install [nsjail](https://github.com/google/nsjail) and have it accessible in
    your PATH
-3. Install bun, deno and python3 (+ any languages you want to use), have the bins at `/usr/bin/bun`,`/usr/bin/deno`, and
-   `/usr/local/bin/python3` or set the corresponding environment variables.
-4. (optional) Install the [lld linker](https://lld.llvm.org/)
-5. Go to `frontend/`:
-   1. `npm install`, `npm run generate-backend-client` then `REMOTE=http://localhost:8000 npm run dev`
+3. Install deno and python3, have the bins at `/usr/bin/deno` and
+   `/usr/local/bin/python3`
+4. Install [caddy](https://caddyserver.com)
+5. Install the [lld linker](https://lld.llvm.org/)
+6. Go to `frontend/`:
+   1. `npm install`, `npm run generate-backend-client` then `npm run dev`
    2. You might need to set some extra heap space for the node runtime
       `export NODE_OPTIONS="--max-old-space-size=4096"`
-   3. Create an empty `frontend/build` folder using `mkdir frontend/build`
-6. Go to `backend/`:
-   1. `env DATABASE_URL=<YOUR_DATABASE_URL> RUST_LOG=info cargo run`
-   2. You can specify any feature flag you want to enable, for example `cargo run --features python` to enable the python executor.
-7. Et voilà, windmill should be available at `http://localhost:3000`
+   3. In another shell `npm run build` otherwise the backend will not find the
+      `frontend/build` folder and will not compile.
+   4. In another shell `sudo caddy run --config Caddyfile`
+7. Go to `backend/`:
+   `env DATABASE_URL=<DATABASE_URL_TO_YOUR_WINDMILL_DB> RUST_LOG=info cargo run`
+8. Et voilà, windmill should be available at `http://localhost/`
 
 ## Contributors
 

backend/.cargo/config.toml

@@ -5,15 +5,10 @@ incremental = true
 rustflags = [
     "-C", "link-arg=-undefined",
     "-C", "link-arg=dynamic_lookup",
-    "-C", "link-args=-Wl,-rpath,$ORIGIN/"
 ]
 
 [target.aarch64-apple-darwin]
 rustflags = [
     "-C", "link-arg=-undefined",
     "-C", "link-arg=dynamic_lookup",
-    "-C", "link-args=-Wl,-rpath,$ORIGIN/"
-]
-
-[net]
-git-fetch-with-cli = true
+]

backend/.gitignore

@@ -7,7 +7,4 @@ heaptrack*
 index/
 windmill-api/openapi-*.*
 .duckdb/*
-*ee.rs
-generate_mcp_endpoints_tools/venv
-bacon.toml
-libwindmill_duckdb_ffi_internal.so
+*ee.rs

backend/.sqlx/query-0084c1246d1391d106da2e67a394eafc6695257632406ed9a2111dba1dd106c7.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT args as \"args: sqlx::types::Json<HashMap<String, Box<RawValue>>>\" FROM v2_job WHERE id = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "args: sqlx::types::Json<HashMap<String, Box<RawValue>>>",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": [
-      true
-    ]
-  },
-  "hash": "0084c1246d1391d106da2e67a394eafc6695257632406ed9a2111dba1dd106c7"
-}

backend/.sqlx/query-00b9f392a5cc07bd4ed14e3b69f96408e219d70015dd2f419fc87a440f070c64.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO dependency_map (workspace_id, importer_path, importer_kind, imported_path, importer_node_id)\n         SELECT $1, importer_path, importer_kind, imported_path, importer_node_id\n         FROM dependency_map\n         WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "00b9f392a5cc07bd4ed14e3b69f96408e219d70015dd2f419fc87a440f070c64"
-}

backend/.sqlx/query-00c0ae12b19ba495f307f0ce6b4833947c5b3fe45826fc5468e326d171d95236.json

@@ -1,24 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT f.path\n                FROM workspace_runnable_dependencies wru \n                JOIN flow f\n                    ON wru.flow_path = f.path AND wru.workspace_id = f.workspace_id\n                WHERE wru.runnable_path = $1 AND wru.runnable_is_flow = $2 AND wru.workspace_id = $3",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Bool",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "00c0ae12b19ba495f307f0ce6b4833947c5b3fe45826fc5468e326d171d95236"
-}

backend/.sqlx/query-01050e7057f3d1971ad9e47ac83bf6a3c3c9f41689c3607f0b264437ae6b3324.json

@@ -1,24 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT data FROM app_bundles WHERE app_version_id = $1 AND file_type = $2 AND w_id = $3",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "data",
-        "type_info": "Bytea"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Text",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "01050e7057f3d1971ad9e47ac83bf6a3c3c9f41689c3607f0b264437ae6b3324"
-}

backend/.sqlx/query-011c7638eeeda710deb86a216a9e10df9c3e9458e85bcdde466b01011a1f2ac2.json

@@ -0,0 +1,50 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            SELECT\n                path,\n                is_flow,\n                workspace_id,\n                owner,\n                email,\n                trigger_config as \"trigger_config!: _\"\n            FROM\n                capture_config\n            WHERE\n                trigger_kind = 'postgres' AND\n                last_client_ping > NOW() - INTERVAL '10 seconds' AND\n                trigger_config IS NOT NULL AND\n                (last_server_ping IS NULL OR last_server_ping < now() - interval '15 seconds')\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 1,
+        "name": "is_flow",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 2,
+        "name": "workspace_id",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 3,
+        "name": "owner",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 4,
+        "name": "email",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 5,
+        "name": "trigger_config!: _",
+        "type_info": "Jsonb"
+      }
+    ],
+    "parameters": {
+      "Left": []
+    },
+    "nullable": [
+      false,
+      false,
+      false,
+      false,
+      false,
+      true
+    ]
+  },
+  "hash": "011c7638eeeda710deb86a216a9e10df9c3e9458e85bcdde466b01011a1f2ac2"
+}

backend/.sqlx/query-0186c1058f147e012b8120c342caf8688a6d1643747be3ec4f784c3029a59e52.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT j.id\n             FROM v2_job_queue q JOIN v2_job j USING (id) LEFT JOIN v2_job_runtime r USING (id) LEFT JOIN v2_job_status s USING (id)\n             WHERE r.ping < now() - ($1 || ' seconds')::interval\n             AND q.running = true AND j.kind NOT IN ('flow', 'flowpreview', 'flownode', 'singlestepflow') AND j.same_worker = false",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0186c1058f147e012b8120c342caf8688a6d1643747be3ec4f784c3029a59e52"
-}

backend/.sqlx/query-0188214a2d01b11e441b6bec56f62c97a821d50f0be73df88f735978ae2ea0ae.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n            SELECT \n                path \n            FROM \n                flow_version \n            WHERE \n                id = $1 AND \n                workspace_id = $2\n            ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "path",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0188214a2d01b11e441b6bec56f62c97a821d50f0be73df88f735978ae2ea0ae"
-}

backend/.sqlx/query-023555d33652d40fa381b1baaae6b319c4bac92cb2d90bb4ffd08e25f4a4d18b.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM v2_job WHERE workspace_id = $1 AND id = ANY($2)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "UuidArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "023555d33652d40fa381b1baaae6b319c4bac92cb2d90bb4ffd08e25f4a4d18b"
-}

backend/.sqlx/query-029b81eb00250eacded407b12bcfbab2b3f35354bdb9ef6e30281a4ff6235060.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE asset SET workspace_id = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "029b81eb00250eacded407b12bcfbab2b3f35354bdb9ef6e30281a4ff6235060"
-}

backend/.sqlx/query-02c945b5f18a56a826721f6884846d79167747742de236ce57f395561685adc0.json

@@ -1,77 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT\n                    v2_job.permissioned_as_email,\n                    v2_job.created_by,\n                    v2_job.parent_job,\n                    v2_job.permissioned_as,\n                    v2_job.runnable_path,\n                    CASE WHEN v2_job.trigger_kind = 'schedule'::job_trigger_kind THEN v2_job.trigger END AS schedule_path,\n                    v2_job.flow_step_id,\n                    v2_job.flow_innermost_root_job,\n                    v2_job.root_job,\n                    v2_job_queue.scheduled_for AS \"scheduled_for: chrono::DateTime<chrono::Utc>\"\n                FROM v2_job INNER JOIN v2_job_queue ON v2_job.id = v2_job_queue.id\n                WHERE v2_job.id = $1 AND v2_job.workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "permissioned_as_email",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "created_by",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "parent_job",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 3,
-        "name": "permissioned_as",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 4,
-        "name": "runnable_path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 5,
-        "name": "schedule_path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 6,
-        "name": "flow_step_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 7,
-        "name": "flow_innermost_root_job",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 8,
-        "name": "root_job",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 9,
-        "name": "scheduled_for: chrono::DateTime<chrono::Utc>",
-        "type_info": "Timestamptz"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      true,
-      false,
-      true,
-      null,
-      true,
-      true,
-      true,
-      false
-    ]
-  },
-  "hash": "02c945b5f18a56a826721f6884846d79167747742de236ce57f395561685adc0"
-}

backend/.sqlx/query-02ecdcc882931d5cbb2243e32805c8a1291a5106fff46ceba85fa27d50a0354c.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n            SELECT jsonb_object_keys(ws.ducklake->'ducklakes') AS ducklake_name\n            FROM workspace_settings ws\n            WHERE ws.workspace_id = $1\n        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "ducklake_name",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "02ecdcc882931d5cbb2243e32805c8a1291a5106fff46ceba85fa27d50a0354c"
-}

backend/.sqlx/query-02fdd7b94e6b6c9bb7985dfeb2082655d08946206dcfb25158c10f78619cf7fc.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM v2_job_status WHERE id = ANY($1)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "UuidArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "02fdd7b94e6b6c9bb7985dfeb2082655d08946206dcfb25158c10f78619cf7fc"
-}

backend/.sqlx/query-031d0d70b0aff52feaad487bddb74e5ef0aaa2505facbea8c764003dfc8fffb1.json

@@ -0,0 +1,26 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "UPDATE capture_config SET last_server_ping = now(), error = $1 WHERE workspace_id = $2 AND path = $3 AND is_flow = $4 AND trigger_kind = 'websocket' AND server_id = $5 AND last_client_ping > NOW() - INTERVAL '10 seconds' RETURNING 1",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "?column?",
+        "type_info": "Int4"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Text",
+        "Text",
+        "Bool",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "031d0d70b0aff52feaad487bddb74e5ef0aaa2505facbea8c764003dfc8fffb1"
+}

backend/.sqlx/query-04362a55081f7a98bca8fe4db0669939da8944711037957664cc2989b239c9d1.json

@@ -1,16 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO tutorial_progress (email, progress, skipped_all) VALUES ($2, $1::bigint::bit(64), $3) ON CONFLICT (email) DO UPDATE SET progress = EXCLUDED.progress, skipped_all = EXCLUDED.skipped_all",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Varchar",
-        "Bool"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "04362a55081f7a98bca8fe4db0669939da8944711037957664cc2989b239c9d1"
-}

backend/.sqlx/query-04ce5c530c80ae6f911dfe0dc9ed7d1a2e10342bbbc7f8486df0b73f5657a493.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT COUNT(*) FROM v2_job",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "count",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "04ce5c530c80ae6f911dfe0dc9ed7d1a2e10342bbbc7f8486df0b73f5657a493"
-}

backend/.sqlx/query-05bbdf192c51cd75552674c7db209cad66016cc112b58eb943f038308090ec5c.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO workspace_dependencies (workspace_id, language, name, description, content, archived, created_at)\n         SELECT $1, language, name, description, content, archived, created_at\n         FROM workspace_dependencies \n         WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "05bbdf192c51cd75552674c7db209cad66016cc112b58eb943f038308090ec5c"
-}

backend/.sqlx/query-05cb171b610bfb45f6228128a385cde8a5b86d7ca377a028004cc382e12faf41.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "INSERT INTO concurrency_counter(concurrency_id, job_uuids)\n                VALUES ($1, '{}'::jsonb)",
+  "query": "INSERT INTO concurrency_counter(concurrency_id, job_uuids) \n             VALUES ($1, '{}'::jsonb)",
   "describe": {
     "columns": [],
     "parameters": {
@@ -10,5 +10,5 @@
     },
     "nullable": []
   },
-  "hash": "a5313b8d1d29c13a5b23cd8b6f9bd4c3d96c53dd0d8702facfefaaf35b7d6b26"
+  "hash": "05cb171b610bfb45f6228128a385cde8a5b86d7ca377a028004cc382e12faf41"
 }

backend/.sqlx/query-070b8ad0b59f485fa5bf68082b060f5c3561c37e9c6f2834d234a862a475a6eb.json

@@ -0,0 +1,26 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        UPDATE \n            gcp_trigger \n        SET \n            enabled = $1, \n            email = $2, \n            edited_by = $3, \n            edited_at = now(), \n            server_id = NULL, \n            error = NULL\n        WHERE \n            path = $4 AND \n            workspace_id = $5 \n        RETURNING 1\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "?column?",
+        "type_info": "Int4"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Bool",
+        "Varchar",
+        "Varchar",
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "070b8ad0b59f485fa5bf68082b060f5c3561c37e9c6f2834d234a862a475a6eb"
+}

backend/.sqlx/query-07168aaf14cb6beff0ad4274b441f7f387f5055c47f493271d26731336257384.json

@@ -1,59 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT\n            workspace.id AS \"id!\",\n            workspace.name AS \"name!\",\n            workspace.owner AS \"owner!\",\n            workspace.deleted AS \"deleted!\",\n            workspace.premium AS \"premium!\",\n            workspace_settings.color AS \"color\",\n            workspace.parent_workspace_id AS \"parent_workspace_id\"\n        FROM workspace\n        LEFT JOIN workspace_settings ON workspace.id = workspace_settings.workspace_id\n         LIMIT $1 OFFSET $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "name!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "owner!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 3,
-        "name": "deleted!",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 4,
-        "name": "premium!",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 5,
-        "name": "color",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 6,
-        "name": "parent_workspace_id",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Int8"
-      ]
-    },
-    "nullable": [
-      true,
-      true,
-      true,
-      true,
-      true,
-      true,
-      true
-    ]
-  },
-  "hash": "07168aaf14cb6beff0ad4274b441f7f387f5055c47f493271d26731336257384"
-}

backend/.sqlx/query-081dc94a7d0fdaade77cfb593a025d8c48d7eab3dbb30ca0b43fb1ef45d8d8bd.json

@@ -1,25 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO flow (\n        workspace_id, path, summary, description,\n        dependency_job, lock_error_logs, draft_only, tag,\n        dedicated_worker, visible_to_runner_only, on_behalf_of_email,\n        value, schema, edited_by, edited_at\n    ) VALUES (\n        $1, $2, $3, $4,\n        NULL, '', $5, $6,\n        $7, $8, $9,\n        $10, $11::text::json, $12, now()\n    )",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar",
-        "Text",
-        "Text",
-        "Bool",
-        "Varchar",
-        "Bool",
-        "Bool",
-        "Text",
-        "Jsonb",
-        "Text",
-        "Varchar"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "081dc94a7d0fdaade77cfb593a025d8c48d7eab3dbb30ca0b43fb1ef45d8d8bd"
-}

backend/.sqlx/query-081f838b3dbe81631d17e7ca0751db725a7f92d4e43a86bcfa06a4ac7c70ac8f.json

@@ -1,19 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE v2_job_status SET flow_status = \n            CASE WHEN flow_status->'modules'->$1::int->'flow_jobs_duration' IS NOT NULL THEN\n                     JSONB_SET(JSONB_SET(JSONB_SET(\n                         flow_status,\n                         ARRAY['modules', $1::TEXT, 'flow_jobs_success', $3::TEXT],\n                         $4\n                     ),\n                     ARRAY['modules', $1::TEXT, 'flow_jobs_duration', 'duration_ms', $3::TEXT], $5),\n                     ARRAY['modules', $1::TEXT, 'flow_jobs_duration', 'started_at', $3::TEXT], $6)\n                 ELSE\n                    JSONB_SET(flow_status, ARRAY['modules', $1::TEXT, 'flow_jobs_success', $3::TEXT], $4)\n            END\n            WHERE id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int4",
-        "Uuid",
-        "Text",
-        "Jsonb",
-        "Jsonb",
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "081f838b3dbe81631d17e7ca0751db725a7f92d4e43a86bcfa06a4ac7c70ac8f"
-}

backend/.sqlx/query-08574e8e5dc165041750880fb02e7ffea83ae94a670b598b6dada0b3d0914629.json

@@ -1,14 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM flow_conversation WHERE workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "08574e8e5dc165041750880fb02e7ffea83ae94a670b598b6dada0b3d0914629"
-}

backend/.sqlx/query-086fdf726b88e9f4fd9750bf9dd7f49c589465194548d88e5ae30872846b70a9.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT EXISTS(SELECT 1 FROM flow_conversation WHERE id = $1) as \"exists!\"",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "exists!",
-        "type_info": "Bool"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "086fdf726b88e9f4fd9750bf9dd7f49c589465194548d88e5ae30872846b70a9"
-}

backend/.sqlx/query-089d7bc7acdbb97cf477159e111bc7e9ee85289ff5c52af43166928337c257e7.json

@@ -1,46 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT id FROM v2_job\n             WHERE workspace_id = $1\n               AND (kind = 'unassigned_script'::JOB_KIND OR kind = 'unassigned_flow'::JOB_KIND OR kind = 'unassigned_singlestepflow'::JOB_KIND)\n               AND trigger_kind = $2\n               AND trigger = $3",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        {
-          "Custom": {
-            "name": "job_trigger_kind",
-            "kind": {
-              "Enum": [
-                "webhook",
-                "http",
-                "websocket",
-                "kafka",
-                "email",
-                "nats",
-                "schedule",
-                "app",
-                "ui",
-                "postgres",
-                "sqs",
-                "gcp",
-                "mqtt",
-                "nextcloud"
-              ]
-            }
-          }
-        },
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "089d7bc7acdbb97cf477159e111bc7e9ee85289ff5c52af43166928337c257e7"
-}

backend/.sqlx/query-08dd2ea6b17a52bce352d6443d7d009cfc9da0d3b2bd1f40d422b550779e5324.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "INSERT INTO variable\n             (workspace_id, path, value, is_secret, account, is_oauth, expires_at)\n             VALUES ($1, $2, $3, $4, $5, $6, $7)\n             ON CONFLICT (workspace_id, path) DO UPDATE SET value = EXCLUDED.value, expires_at = EXCLUDED.expires_at",
+  "query": "INSERT INTO variable\n             (workspace_id, path, value, is_secret, account, is_oauth, expires_at)\n             VALUES ($1, $2, $3, $4, $5, $6, $7)\n             ON CONFLICT (workspace_id, path) DO UPDATE SET value = $3, expires_at = $7",
   "describe": {
     "columns": [],
     "parameters": {
@@ -16,5 +16,5 @@
     },
     "nullable": []
   },
-  "hash": "5701ee0b862dbdb44990702af270a2eb517e82943bb8c078c7bb2e60def3cbf1"
+  "hash": "08dd2ea6b17a52bce352d6443d7d009cfc9da0d3b2bd1f40d422b550779e5324"
 }

backend/.sqlx/query-08f288d2781d823e109a9e5b8848234ca7d1efeee9661f3901f298da375e73f7.json

@@ -142,36 +142,6 @@
         "ordinal": 27,
         "name": "git_app_installations",
         "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 28,
-        "name": "ducklake",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 29,
-        "name": "auto_add_instance_groups",
-        "type_info": "TextArray"
-      },
-      {
-        "ordinal": 30,
-        "name": "auto_add_instance_groups_roles",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 31,
-        "name": "slack_oauth_client_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 32,
-        "name": "slack_oauth_client_secret",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 33,
-        "name": "datatable",
-        "type_info": "Jsonb"
       }
     ],
     "parameters": {
@@ -207,13 +177,7 @@
       true,
       true,
       true,
-      false,
-      true,
-      true,
-      true,
-      true,
-      true,
-      true
+      false
     ]
   },
   "hash": "08f288d2781d823e109a9e5b8848234ca7d1efeee9661f3901f298da375e73f7"

backend/.sqlx/query-0924c79aca648e5ec3fcc5e91ca71d524fe9d4b46c2e8ed36ae99b5810a896ab.json

@@ -1,18 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO app_version (app_id, value, created_by, created_at, raw_app)\n                 VALUES ($1, $2, $3, $4, $5)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Int8",
-        "Json",
-        "Varchar",
-        "Timestamptz",
-        "Bool"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0924c79aca648e5ec3fcc5e91ca71d524fe9d4b46c2e8ed36ae99b5810a896ab"
-}

backend/.sqlx/query-0937e25e89959447e7cb1816c112bbc4718cbb8ad6e2f13eae6b14f129d12936.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "select hash, tag, concurrency_key, concurrent_limit, concurrency_time_window_s, debounce_key, debounce_delay_s, cache_ttl, cache_ignore_s3_path, language as \"language: ScriptLang\", dedicated_worker, priority, timeout, on_behalf_of_email, created_by FROM script\n             WHERE path = $1 AND workspace_id = $2 AND archived = false AND (lock IS NOT NULL OR $3 = false)\n             ORDER BY created_at DESC LIMIT 1",
+  "query": "select hash, tag, concurrency_key, concurrent_limit, concurrency_time_window_s, cache_ttl, language as \"language: ScriptLang\", dedicated_worker, priority, delete_after_use, timeout, has_preprocessor, on_behalf_of_email, created_by, path from script where hash = $1 AND workspace_id = $2",
   "describe": {
     "columns": [
       {
@@ -30,26 +30,11 @@
       },
       {
         "ordinal": 5,
-        "name": "debounce_key",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 6,
-        "name": "debounce_delay_s",
-        "type_info": "Int4"
-      },
-      {
-        "ordinal": 7,
         "name": "cache_ttl",
         "type_info": "Int4"
       },
       {
-        "ordinal": 8,
-        "name": "cache_ignore_s3_path",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 9,
+        "ordinal": 6,
         "name": "language: ScriptLang",
         "type_info": {
           "Custom": {
@@ -77,44 +62,57 @@
                 "oracledb",
                 "nu",
                 "java",
-                "duckdb",
-                "ruby"
+                "duckdb"
               ]
             }
           }
         }
       },
       {
-        "ordinal": 10,
+        "ordinal": 7,
         "name": "dedicated_worker",
         "type_info": "Bool"
       },
       {
-        "ordinal": 11,
+        "ordinal": 8,
         "name": "priority",
         "type_info": "Int2"
       },
       {
-        "ordinal": 12,
+        "ordinal": 9,
+        "name": "delete_after_use",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 10,
         "name": "timeout",
         "type_info": "Int4"
       },
       {
-        "ordinal": 13,
+        "ordinal": 11,
+        "name": "has_preprocessor",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 12,
         "name": "on_behalf_of_email",
         "type_info": "Text"
       },
       {
-        "ordinal": 14,
+        "ordinal": 13,
         "name": "created_by",
         "type_info": "Varchar"
+      },
+      {
+        "ordinal": 14,
+        "name": "path",
+        "type_info": "Varchar"
       }
     ],
     "parameters": {
       "Left": [
-        "Text",
-        "Text",
-        "Bool"
+        "Int8",
+        "Text"
       ]
     },
     "nullable": [
@@ -124,16 +122,16 @@
       true,
       true,
       true,
-      true,
-      true,
-      true,
       false,
       true,
       true,
       true,
       true,
+      true,
+      true,
+      false,
       false
     ]
   },
-  "hash": "7f9b7ab9bec6a0f745273d0cd5602ceab46a7ec9fd225f7b9d16a2ddb9bad7b3"
+  "hash": "0937e25e89959447e7cb1816c112bbc4718cbb8ad6e2f13eae6b14f129d12936"
 }

backend/.sqlx/query-0a1c10bd2232b0770a7816e1bd8d758dc393f797890d597e5996146247f512ac.json

@@ -1,38 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\nWITH lockable_counters AS (\n    SELECT concurrency_id, job_uuids\n    FROM concurrency_counter\n    WHERE job_uuids != '{}'::jsonb\n    FOR UPDATE SKIP LOCKED\n),\nall_job_uuids AS (\n    SELECT DISTINCT jsonb_object_keys(job_uuids) AS job_uuid\n    FROM lockable_counters\n),\norphaned_job_uuids AS (\n    SELECT job_uuid\n    FROM all_job_uuids\n    WHERE job_uuid NOT IN (\n        SELECT id::text \n        FROM v2_job_queue \n        FOR SHARE SKIP LOCKED\n    )\n),\norphaned_array AS (\n    SELECT ARRAY(SELECT job_uuid FROM orphaned_job_uuids) AS orphaned_keys\n),\nbefore_update AS (\n    SELECT lc.concurrency_id, lc.job_uuids, oa.orphaned_keys\n    FROM lockable_counters lc, orphaned_array oa\n    WHERE lc.job_uuids ?| oa.orphaned_keys\n),\naffected_rows AS (\n    UPDATE concurrency_counter \n    SET job_uuids = job_uuids - orphaned_array.orphaned_keys\n    FROM orphaned_array\n    WHERE concurrency_counter.concurrency_id IN (\n        SELECT concurrency_id FROM before_update\n    )\n    RETURNING concurrency_id, job_uuids AS updated_job_uuids\n),\nexpanded_orphaned AS (\n    SELECT bu.concurrency_id, \n           bu.job_uuids AS original_job_uuids,\n           unnest(bu.orphaned_keys) AS orphaned_key\n    FROM before_update bu\n)\nSELECT \n    eo.concurrency_id,\n    eo.orphaned_key,\n    eo.original_job_uuids,\n    ar.updated_job_uuids\nFROM expanded_orphaned eo\nJOIN affected_rows ar ON eo.concurrency_id = ar.concurrency_id\nWHERE eo.original_job_uuids ? eo.orphaned_key\nORDER BY eo.concurrency_id, eo.orphaned_key\n",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "concurrency_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "orphaned_key",
-        "type_info": "Text"
-      },
-      {
-        "ordinal": 2,
-        "name": "original_job_uuids",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 3,
-        "name": "updated_job_uuids",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false,
-      null,
-      false,
-      false
-    ]
-  },
-  "hash": "0a1c10bd2232b0770a7816e1bd8d758dc393f797890d597e5996146247f512ac"
-}

backend/.sqlx/query-0a3ee1329fb4f705c0006480d03f299ef549e11a017016924c62c1cab179412c.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "UPDATE workspace_settings SET datatable = $1 WHERE workspace_id = $2",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Jsonb",
-        "Text"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0a3ee1329fb4f705c0006480d03f299ef549e11a017016924c62c1cab179412c"
-}

backend/.sqlx/query-0a56301b5aaf57339cb2904c8f617366b74e891034d32f2867ccb019da869fc8.json

@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "INSERT INTO flow\n            (workspace_id, path, summary, description, archived, extra_perms, dependency_job, draft_only, tag, ws_error_handler_muted, dedicated_worker, timeout, visible_to_runner_only, on_behalf_of_email, concurrency_key, versions, value, schema, edited_by, edited_at) \n        SELECT workspace_id, REGEXP_REPLACE(path,'u/' || $2 || '/(.*)','u/' || $1 || '/\\1'), summary, description, archived, extra_perms, dependency_job, draft_only, tag, ws_error_handler_muted, dedicated_worker, timeout, visible_to_runner_only, on_behalf_of_email, concurrency_key, versions, value, schema, edited_by, edited_at\n            FROM flow \n            WHERE path LIKE ('u/' || $2 || '/%') AND workspace_id = $3",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "0a56301b5aaf57339cb2904c8f617366b74e891034d32f2867ccb019da869fc8"
+}

backend/.sqlx/query-0b43d1f0c0d205d978cdb41d30835a6a41a13f39159e106834c62f3b46c44227.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT usage FROM usage\n            WHERE id = $1\n            AND is_workspace = FALSE\n            AND month_ = EXTRACT(YEAR FROM current_date) * 12 + EXTRACT(MONTH FROM current_date)",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "usage",
-        "type_info": "Int4"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "0b43d1f0c0d205d978cdb41d30835a6a41a13f39159e106834c62f3b46c44227"
-}

backend/.sqlx/query-0b5103497ab09affbdf3793d7d7857807d20645561c178d822ecad779c4f7bf4.json

@@ -1,20 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT value->>'user_pwd' FROM global_settings WHERE name = 'custom_instance_pg_databases';",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "?column?",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0b5103497ab09affbdf3793d7d7857807d20645561c178d822ecad779c4f7bf4"
-}

backend/.sqlx/query-0bfd22be1d6966c61c9a5fedc2522be8a17f06391b882337c74c1817c99b533d.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT name FROM folder WHERE workspace_id = $1 ORDER BY name asc LIMIT $2 OFFSET $3",
+  "query": "SELECT name FROM folder WHERE workspace_id = $1 ORDER BY name desc LIMIT $2 OFFSET $3",
   "describe": {
     "columns": [
       {
@@ -20,5 +20,5 @@
       false
     ]
   },
-  "hash": "c77fc86e0fa5d483889b0c4201f6d89b454523b31847798bedcc6c460f9ff7ea"
+  "hash": "0bfd22be1d6966c61c9a5fedc2522be8a17f06391b882337c74c1817c99b533d"
 }

backend/.sqlx/query-0c7517fba8a6fb4c4e33b1a635cfefa362cdaf79d4f4a32b6d929701b68f4d1c.json

@@ -1,70 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT id, workspace_id, path, summary, policy, versions, extra_perms, draft_only, custom_path \n         FROM app \n         WHERE workspace_id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Int8"
-      },
-      {
-        "ordinal": 1,
-        "name": "workspace_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 3,
-        "name": "summary",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 4,
-        "name": "policy",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 5,
-        "name": "versions",
-        "type_info": "Int8Array"
-      },
-      {
-        "ordinal": 6,
-        "name": "extra_perms",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 7,
-        "name": "draft_only",
-        "type_info": "Bool"
-      },
-      {
-        "ordinal": 8,
-        "name": "custom_path",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      false,
-      false,
-      false,
-      false,
-      false,
-      true,
-      true
-    ]
-  },
-  "hash": "0c7517fba8a6fb4c4e33b1a635cfefa362cdaf79d4f4a32b6d929701b68f4d1c"
-}

backend/.sqlx/query-0c89ef278782f5a72b0b07ab3ba0edc487f03edd61936fcf77dee93fb22839ea.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT jsonb_build_object(\n                'kind', jb.kind,\n                'script_path', jb.runnable_path,\n                'latest_schema', COALESCE(\n                    (SELECT DISTINCT ON (s.path) s.schema FROM script s WHERE s.workspace_id = $1 AND s.path = jb.runnable_path AND jb.kind = 'script' ORDER BY s.path, s.created_at DESC),\n                    (SELECT flow_version.schema FROM flow LEFT JOIN flow_version ON flow_version.id = flow.versions[array_upper(flow.versions, 1)] WHERE flow.workspace_id = $1 AND flow.path = jb.runnable_path AND jb.kind = 'flow')\n                ),\n                'schemas', ARRAY(\n                    SELECT jsonb_build_object(\n                        'script_hash', LPAD(TO_HEX(COALESCE(s.hash, f.id)), 16, '0'),\n                        'job_ids', ARRAY_AGG(DISTINCT j.id),\n                        'schema', (ARRAY_AGG(COALESCE(s.schema, f.schema)))[1]\n                    ) FROM v2_job j\n                    LEFT JOIN script s ON s.hash = j.runnable_id AND j.kind = 'script'\n                    LEFT JOIN flow_version f ON f.id = j.runnable_id AND j.kind = 'flow'\n                    WHERE j.id = ANY(ARRAY_AGG(jb.id))\n                    GROUP BY COALESCE(s.hash, f.id)\n                )\n            ) FROM v2_job jb\n            WHERE (jb.kind = 'flow' OR jb.kind = 'script')\n                AND jb.workspace_id = $1 AND jb.id = ANY($2)\n            GROUP BY jb.kind, jb.runnable_path",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "jsonb_build_object",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "UuidArray"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0c89ef278782f5a72b0b07ab3ba0edc487f03edd61936fcf77dee93fb22839ea"
-}

backend/.sqlx/query-0cb0e912bc942af2b1ef784455f3f073a79e300f3dd48f14122d1782eee663cd.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT coalesce(COUNT(*) FILTER(WHERE q.suspend = 0 AND q.running = false), 0) as \"database_length!\", coalesce(COUNT(*) FILTER(WHERE q.suspend > 0), 0) as \"suspended!\" FROM v2_job_queue q JOIN v2_job j USING (id) WHERE (j.workspace_id = $1 OR $2) AND q.scheduled_for <= now() AND ($3::text[] IS NULL OR j.tag = ANY($3))",
+  "query": "SELECT coalesce(COUNT(*) FILTER(WHERE suspend = 0 AND running = false), 0) as \"database_length!\", coalesce(COUNT(*) FILTER(WHERE suspend > 0), 0) as \"suspended!\" FROM v2_as_queue WHERE (workspace_id = $1 OR $2) AND scheduled_for <= now() AND ($3::text[] IS NULL OR tag = ANY($3))",
   "describe": {
     "columns": [
       {
@@ -26,5 +26,5 @@
       null
     ]
   },
-  "hash": "57bd445bfdc667089f847acb9dc484028ce8a077308979a5ba8ef252e19aa825"
+  "hash": "0cb0e912bc942af2b1ef784455f3f073a79e300f3dd48f14122d1782eee663cd"
 }

backend/.sqlx/query-0cc221cb8b3059b21e6b3b4c874b8f4d32815edd2090ccb5d562a89142a7dd9c.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "VACUUM (SKIP_LOCKED) v2_job_queue, v2_job_runtime, v2_job_status, job_perms",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": []
-  },
-  "hash": "0cc221cb8b3059b21e6b3b4c874b8f4d32815edd2090ccb5d562a89142a7dd9c"
-}

backend/.sqlx/query-0d86a31d7d53e52d24df76fa745d968cda48e036139cdaecf4e87d948f8c365e.json

@@ -0,0 +1,25 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        UPDATE v2_job_status f SET flow_status = JSONB_SET(flow_status,  ARRAY['user_states'], JSONB_SET(COALESCE(flow_status->'user_states', '{}'::jsonb), ARRAY[$1], $2))\n        FROM v2_job j\n        WHERE f.id = $3 AND f.id = j.id AND j.workspace_id = $4 AND kind IN ('flow', 'flowpreview', 'flownode') RETURNING 1\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "?column?",
+        "type_info": "Int4"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Jsonb",
+        "Uuid",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "0d86a31d7d53e52d24df76fa745d968cda48e036139cdaecf4e87d948f8c365e"
+}

backend/.sqlx/query-0e14ab95a08572f0672db266187335f578c622eb335cfc7cd0969633d85c9f73.json

@@ -1,23 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT COALESCE(root_job, flow_innermost_root_job, parent_job, id) as \"root_job!\" FROM v2_job WHERE id = $1 AND workspace_id = $2",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "root_job!",
-        "type_info": "Uuid"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Text"
-      ]
-    },
-    "nullable": [
-      null
-    ]
-  },
-  "hash": "0e14ab95a08572f0672db266187335f578c622eb335cfc7cd0969633d85c9f73"
-}

backend/.sqlx/query-0e621bba5913482b8235d7d8442b8f0e9012c265e150afd4aa41972bf7334ba2.json

@@ -1,17 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO deployment_metadata (workspace_id, path, flow_version, job_id)\n         VALUES ($1, $2, $3, $4)\n         ON CONFLICT (workspace_id, path, flow_version) WHERE flow_version IS NOT NULL\n         DO UPDATE SET job_id = EXCLUDED.job_id",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar",
-        "Int8",
-        "Uuid"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0e621bba5913482b8235d7d8442b8f0e9012c265e150afd4aa41972bf7334ba2"
-}

backend/.sqlx/query-0ef1e5bbbefc117a4cdaf414b3652354641c2f735d071540f858bc064f2432cd.json

@@ -1,28 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n            UPDATE nats_trigger \n            SET \n                nats_resource_path = $1,\n                subjects = $2,\n                stream_name = $3,\n                consumer_name = $4,\n                use_jetstream = $5,\n                script_path = $6,\n                path = $7,\n                is_flow = $8,\n                edited_by = $9,\n                email = $10,\n                edited_at = now(),\n                server_id = NULL,\n                error = NULL,\n                error_handler_path = $13,\n                error_handler_args = $14,\n                retry = $15\n            WHERE \n                workspace_id = $11 AND path = $12\n            ",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "VarcharArray",
-        "Varchar",
-        "Varchar",
-        "Bool",
-        "Varchar",
-        "Varchar",
-        "Bool",
-        "Varchar",
-        "Varchar",
-        "Text",
-        "Text",
-        "Varchar",
-        "Jsonb",
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0ef1e5bbbefc117a4cdaf414b3652354641c2f735d071540f858bc064f2432cd"
-}

backend/.sqlx/query-0f013d0698d26526ef4ba4f767624263d87163a93a999c0389400dea6c9ec6f6.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO flow_node (workspace_id, hash, path, lock, code, flow, hash_v2)\n         SELECT $2,\n                (SELECT COALESCE(MAX(hash), 0) FROM flow_node) + row_number() OVER () AS new_hash,\n                source_fn.path, source_fn.lock, source_fn.code, source_fn.flow, source_fn.hash_v2\n         FROM flow_node source_fn\n         WHERE source_fn.workspace_id = $1",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Varchar"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0f013d0698d26526ef4ba4f767624263d87163a93a999c0389400dea6c9ec6f6"
-}

backend/.sqlx/query-0f697b1ab3105e2ea036f8ecace2d54f97bc2d0ef52f5812244a97c289523592.json

@@ -1,39 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n            UPDATE \n                mqtt_trigger \n            SET\n                mqtt_resource_path = $1,\n                subscribe_topics = $2,\n                client_version = $3,\n                client_id = $4,\n                v3_config = $5,\n                v5_config = $6,\n                is_flow = $7, \n                edited_by = $8, \n                email = $9,\n                script_path = $10,\n                path = $11,\n                edited_at = now(), \n                error = NULL,\n                server_id = NULL,\n                error_handler_path = $14,\n                error_handler_args = $15,\n                retry = $16\n            WHERE \n                workspace_id = $12 AND \n                path = $13\n            ",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "JsonbArray",
-        {
-          "Custom": {
-            "name": "mqtt_client_version",
-            "kind": {
-              "Enum": [
-                "v3",
-                "v5"
-              ]
-            }
-          }
-        },
-        "Varchar",
-        "Jsonb",
-        "Jsonb",
-        "Bool",
-        "Varchar",
-        "Varchar",
-        "Varchar",
-        "Varchar",
-        "Text",
-        "Text",
-        "Varchar",
-        "Jsonb",
-        "Jsonb"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "0f697b1ab3105e2ea036f8ecace2d54f97bc2d0ef52f5812244a97c289523592"
-}

backend/.sqlx/query-1060c503cf8d4bb5cef9720c162b8192924b4a938d249fae92624cd55e44f488.json

@@ -0,0 +1,17 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "UPDATE v2_job_status SET\n                     flow_status = JSONB_SET(\n                         flow_status,\n                         ARRAY['modules', $1::TEXT, 'flow_jobs_success', $3::TEXT],\n                         $4\n                     )\n                 WHERE id = $2",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Uuid",
+        "Text",
+        "Jsonb"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "1060c503cf8d4bb5cef9720c162b8192924b4a938d249fae92624cd55e44f488"
+}

backend/.sqlx/query-1072a02c7765d70c2dce17cd00a0490e61504484b560865006700030dadfbbcf.json

@@ -1,27 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "INSERT INTO flow_version (workspace_id, path, value, schema, created_by, created_at)\n             VALUES ($1, $2, $3, $4, $5, $6)\n             RETURNING id",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id",
-        "type_info": "Int8"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Varchar",
-        "Varchar",
-        "Jsonb",
-        "Json",
-        "Varchar",
-        "Timestamptz"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "1072a02c7765d70c2dce17cd00a0490e61504484b560865006700030dadfbbcf"
-}

backend/.sqlx/query-10f6d3ffd7406146572b1becdce5c8da5242b58f6ce46ab10296cff9d6a3a6c4.json

@@ -1,32 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT name, summary, array_remove(array_agg(email_to_igroup.email), null) as emails FROM email_to_igroup RIGHT JOIN instance_group ON instance_group.name = email_to_igroup.igroup GROUP BY name, summary",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "name",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "summary",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "emails",
-        "type_info": "VarcharArray"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false,
-      true,
-      null
-    ]
-  },
-  "hash": "10f6d3ffd7406146572b1becdce5c8da5242b58f6ce46ab10296cff9d6a3a6c4"
-}

backend/.sqlx/query-115544a96173f9cb1d27757e7b931fb27912cfd05ba768a42cf9b3dfd7205e9a.json

@@ -0,0 +1,24 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            UPDATE \n                mqtt_trigger \n            SET \n                server_id = $1, \n                last_server_ping = now(),\n                error = 'Connecting...'\n            WHERE \n                enabled IS TRUE \n                AND workspace_id = $2 \n                AND path = $3 \n                AND (last_server_ping IS NULL \n                    OR last_server_ping < now() - INTERVAL '15 seconds'\n                ) \n            RETURNING true\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "bool",
+        "type_info": "Bool"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Varchar",
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "115544a96173f9cb1d27757e7b931fb27912cfd05ba768a42cf9b3dfd7205e9a"
+}

backend/.sqlx/query-11db65c493990f6935103033b2fbb0c08ae6d91b05b2f3f7c89a990d1d5a5f8a.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT COUNT(*) FROM token WHERE email = $1",
+  "query": "SELECT COUNT(id) FROM v2_as_queue WHERE running = true AND email = $1",
   "describe": {
     "columns": [
       {
@@ -18,5 +18,5 @@
       null
     ]
   },
-  "hash": "2f30274b0fe89aa1579b252b990876e5035ca5b31a68fcf08701102a6457e5c4"
+  "hash": "11db65c493990f6935103033b2fbb0c08ae6d91b05b2f3f7c89a990d1d5a5f8a"
 }

backend/.sqlx/query-11e24f758a70cd5f3a240bc81a05f40754826db0ee1194409227597a98603e92.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n                        SELECT\n                            path,\n                            custom_path\n                        FROM \n                            app\n                        WHERE \n                            custom_path IN (\n                                SELECT \n                                    custom_path\n                                FROM \n                                    app\n                                GROUP \n                                    BY custom_path\n                                HAVING COUNT(*) > 1\n                            )\n                        ORDER BY custom_path\n                        ",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "custom_path",
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Left": []
-    },
-    "nullable": [
-      false,
-      true
-    ]
-  },
-  "hash": "11e24f758a70cd5f3a240bc81a05f40754826db0ee1194409227597a98603e92"
-}

backend/.sqlx/query-124b27de35b49fbdb13a1f772044665a84325e34ae04bf2795fafb7bb6f2f0c6.json

@@ -0,0 +1,23 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        INSERT INTO postgres_trigger (\n            publication_name,\n            replication_slot_name,\n            workspace_id, \n            path, \n            script_path, \n            is_flow, \n            email, \n            enabled, \n            postgres_resource_path, \n            edited_by\n        ) \n        VALUES (\n            $1, \n            $2, \n            $3, \n            $4, \n            $5, \n            $6, \n            $7, \n            $8, \n            $9, \n            $10\n        )",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Varchar",
+        "Varchar",
+        "Varchar",
+        "Varchar",
+        "Varchar",
+        "Bool",
+        "Varchar",
+        "Bool",
+        "Varchar",
+        "Varchar"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "124b27de35b49fbdb13a1f772044665a84325e34ae04bf2795fafb7bb6f2f0c6"
+}

backend/.sqlx/query-12d37d75a429c0ddf2b2c190ab28bea5aefd27d0ed8a1bb2c8b3c1b0ece4efb7.json

@@ -1,41 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "WITH to_update AS (\n                SELECT q.id, q.workspace_id, r.ping, COALESCE(zjc.counter, 0) as counter\n                FROM v2_job_queue q\n                JOIN v2_job j ON j.id = q.id\n                JOIN v2_job_runtime r ON r.id = j.id\n                LEFT JOIN zombie_job_counter zjc ON zjc.job_id = q.id\n                WHERE ping < now() - ($1 || ' seconds')::interval\n                    AND running = true\n                    AND kind NOT IN ('flow', 'flowpreview', 'flownode', 'singlestepflow')\n                    AND same_worker = false\n                    AND (zjc.counter IS NULL OR zjc.counter <= $2)\n                FOR UPDATE of q SKIP LOCKED\n            ),\n            zombie_jobs AS (\n                UPDATE v2_job_queue q\n                SET running = false, started_at = null\n                FROM to_update tu\n                WHERE q.id = tu.id AND (tu.counter IS NULL OR tu.counter < $2)\n                RETURNING q.id, q.workspace_id, ping, tu.counter\n            ),\n            update_ping AS (\n                UPDATE v2_job_runtime r\n                SET ping = null\n                FROM zombie_jobs zj\n                WHERE r.id = zj.id\n            ),\n            increment_counter AS (\n                INSERT INTO zombie_job_counter (job_id, counter)\n                SELECT id, 1 FROM to_update WHERE counter < $2\n                ON CONFLICT (job_id) DO UPDATE\n                SET counter = zombie_job_counter.counter + 1\n            ),\n            update_concurrency AS (\n                UPDATE concurrency_counter cc\n                SET job_uuids = job_uuids - zj.id::text\n                FROM zombie_jobs zj\n                INNER JOIN concurrency_key ck ON ck.job_id = zj.id\n                WHERE cc.concurrency_id = ck.key\n            )\n            SELECT id AS \"id!\", workspace_id AS \"workspace_id!\", ping, counter + 1 AS counter FROM to_update",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "id!",
-        "type_info": "Uuid"
-      },
-      {
-        "ordinal": 1,
-        "name": "workspace_id!",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "ping",
-        "type_info": "Timestamptz"
-      },
-      {
-        "ordinal": 3,
-        "name": "counter",
-        "type_info": "Int4"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text",
-        "Int4"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      true,
-      null
-    ]
-  },
-  "hash": "12d37d75a429c0ddf2b2c190ab28bea5aefd27d0ed8a1bb2c8b3c1b0ece4efb7"
-}

backend/.sqlx/query-12e868b63a7c622c76713db5a5577a927efca4ae49a15c2b999e2410f2a312ff.json

@@ -0,0 +1,16 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "UPDATE \n                        capture_config \n                    SET \n                        last_server_ping = NULL \n                    WHERE \n                        workspace_id = $1 AND \n                        path = $2 AND \n                        is_flow = $3 AND \n                        trigger_kind = 'postgres' AND \n                        server_id IS NULL\n                    ",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Text",
+        "Bool"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "12e868b63a7c622c76713db5a5577a927efca4ae49a15c2b999e2410f2a312ff"
+}

backend/.sqlx/query-1312b7fd622cc814a406c85dbbff61f003c29185c267642cfd898075ebda855d.json

@@ -0,0 +1,145 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        SELECT\n            gcp_resource_path,\n            subscription_id,\n            topic_id,\n            workspace_id,\n            delivery_type AS \"delivery_type: _\",\n            delivery_config AS \"delivery_config: _\",\n            subscription_mode AS \"subscription_mode: _\",\n            path,\n            script_path,\n            is_flow,\n            edited_by,\n            email,\n            edited_at,\n            server_id,\n            last_server_ping,\n            extra_perms,\n            error,\n            enabled\n        FROM \n            gcp_trigger\n        WHERE \n            workspace_id = $1 AND \n            path = $2\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "gcp_resource_path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 1,
+        "name": "subscription_id",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 2,
+        "name": "topic_id",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 3,
+        "name": "workspace_id",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 4,
+        "name": "delivery_type: _",
+        "type_info": {
+          "Custom": {
+            "name": "delivery_mode",
+            "kind": {
+              "Enum": [
+                "push",
+                "pull"
+              ]
+            }
+          }
+        }
+      },
+      {
+        "ordinal": 5,
+        "name": "delivery_config: _",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 6,
+        "name": "subscription_mode: _",
+        "type_info": {
+          "Custom": {
+            "name": "gcp_subscription_mode",
+            "kind": {
+              "Enum": [
+                "create_update",
+                "existing"
+              ]
+            }
+          }
+        }
+      },
+      {
+        "ordinal": 7,
+        "name": "path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 8,
+        "name": "script_path",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 9,
+        "name": "is_flow",
+        "type_info": "Bool"
+      },
+      {
+        "ordinal": 10,
+        "name": "edited_by",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 11,
+        "name": "email",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 12,
+        "name": "edited_at",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 13,
+        "name": "server_id",
+        "type_info": "Varchar"
+      },
+      {
+        "ordinal": 14,
+        "name": "last_server_ping",
+        "type_info": "Timestamptz"
+      },
+      {
+        "ordinal": 15,
+        "name": "extra_perms",
+        "type_info": "Jsonb"
+      },
+      {
+        "ordinal": 16,
+        "name": "error",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 17,
+        "name": "enabled",
+        "type_info": "Bool"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": [
+      false,
+      false,
+      false,
+      false,
+      false,
+      true,
+      false,
+      false,
+      false,
+      false,
+      false,
+      false,
+      false,
+      true,
+      true,
+      false,
+      true,
+      false
+    ]
+  },
+  "hash": "1312b7fd622cc814a406c85dbbff61f003c29185c267642cfd898075ebda855d"
+}

backend/.sqlx/query-13297889361ac6839d6c4bd0b8ae121305d63cfcd88f69700125d17fb2c56a1f.json

@@ -1,46 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "\n        SELECT workspace_id, importer_path, importer_kind::text, imported_path, importer_node_id\n        FROM dependency_map WHERE workspace_id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "workspace_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 1,
-        "name": "importer_path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 2,
-        "name": "importer_kind",
-        "type_info": "Text"
-      },
-      {
-        "ordinal": 3,
-        "name": "imported_path",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 4,
-        "name": "importer_node_id",
-        "type_info": "Varchar"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Text"
-      ]
-    },
-    "nullable": [
-      false,
-      false,
-      null,
-      false,
-      false
-    ]
-  },
-  "hash": "13297889361ac6839d6c4bd0b8ae121305d63cfcd88f69700125d17fb2c56a1f"
-}

backend/.sqlx/query-13444bbd5547e101c41206c5f97ac4dded0536faf52c370d704ed9a451041caf.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT COUNT(*) FROM flow WHERE workspace_id = $1",
+  "query": "SELECT COUNT(*) FROM sqs_trigger WHERE script_path = $1 AND is_flow = $2 AND workspace_id = $3",
   "describe": {
     "columns": [
       {
@@ -11,6 +11,8 @@
     ],
     "parameters": {
       "Left": [
+        "Text",
+        "Bool",
         "Text"
       ]
     },
@@ -18,5 +20,5 @@
       null
     ]
   },
-  "hash": "52032730f2eeaaeab55305f72bea5481d1c50c2eaa92a97a078239430f0d6c13"
+  "hash": "13444bbd5547e101c41206c5f97ac4dded0536faf52c370d704ed9a451041caf"
 }

backend/.sqlx/query-13aaff548ff7d3bd38c40799958b2892b100a6ca1c99396254e24b981a2bb1c0.json

@@ -1,15 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "DELETE FROM job_stats WHERE workspace_id = $1 AND job_id = ANY($2)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Left": [
-        "Text",
-        "UuidArray"
-      ]
-    },
-    "nullable": []
-  },
-  "hash": "13aaff548ff7d3bd38c40799958b2892b100a6ca1c99396254e24b981a2bb1c0"
-}

backend/.sqlx/query-140e77db6b38574c62f35d23b876e749d2c43af837f2b3f3edbf49f979e44082.json

@@ -1,29 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT flow_status->'modules'->$2::int->'flow_jobs_success' as \"flow_jobs_success: Json<Vec<Option<bool>>>\", flow_status->'modules'->$2::int->'flow_jobs_duration' as \"flow_jobs_duration: Json<FlowJobsDuration>\"\n                        FROM v2_job_status WHERE id = $1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "flow_jobs_success: Json<Vec<Option<bool>>>",
-        "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 1,
-        "name": "flow_jobs_duration: Json<FlowJobsDuration>",
-        "type_info": "Jsonb"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Uuid",
-        "Int4"
-      ]
-    },
-    "nullable": [
-      null,
-      null
-    ]
-  },
-  "hash": "140e77db6b38574c62f35d23b876e749d2c43af837f2b3f3edbf49f979e44082"
-}

backend/.sqlx/query-1452033a8e2b160883a649c986d6c7ba2f60f41e1abb6ff8332bd2dfa7379d14.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT workspace.id, workspace.name, usr.username, workspace_settings.color, workspace.parent_workspace_id,\n                CASE WHEN usr.operator THEN workspace_settings.operator_settings ELSE NULL END as operator_settings,\n                usr.disabled\n         FROM workspace\n         JOIN usr ON usr.workspace_id = workspace.id\n         JOIN workspace_settings ON workspace_settings.workspace_id = workspace.id\n         WHERE usr.email = $1 AND workspace.deleted = false",
+  "query": "SELECT workspace.id, workspace.name, usr.username, workspace_settings.color,\n                CASE WHEN usr.operator THEN workspace_settings.operator_settings ELSE NULL END as operator_settings\n         FROM workspace\n         JOIN usr ON usr.workspace_id = workspace.id\n         JOIN workspace_settings ON workspace_settings.workspace_id = workspace.id\n         WHERE usr.email = $1 AND workspace.deleted = false",
   "describe": {
     "columns": [
       {
@@ -25,18 +25,8 @@
       },
       {
         "ordinal": 4,
-        "name": "parent_workspace_id",
-        "type_info": "Varchar"
-      },
-      {
-        "ordinal": 5,
         "name": "operator_settings",
         "type_info": "Jsonb"
-      },
-      {
-        "ordinal": 6,
-        "name": "disabled",
-        "type_info": "Bool"
       }
     ],
     "parameters": {
@@ -49,10 +39,8 @@
       false,
       false,
       true,
-      true,
-      null,
-      false
+      null
     ]
   },
-  "hash": "c095a9658c542efc9f0255a1b536d2fd8a25fe4cd57c223db7d744493f8470c6"
+  "hash": "1452033a8e2b160883a649c986d6c7ba2f60f41e1abb6ff8332bd2dfa7379d14"
 }

backend/.sqlx/query-1488e1b5007752e1ebae4235ad04c398fe6398745e16fd119008b8ea67662416.json

@@ -0,0 +1,24 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n            UPDATE postgres_trigger \n            SET \n                server_id = $1, \n                last_server_ping = now(),\n                error = 'Connecting...'\n            WHERE \n                enabled IS TRUE \n                AND workspace_id = $2 \n                AND path = $3 \n                AND (last_server_ping IS NULL \n                    OR last_server_ping < now() - INTERVAL '15 seconds'\n                ) \n            RETURNING true\n            ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "bool",
+        "type_info": "Bool"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Varchar",
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "1488e1b5007752e1ebae4235ad04c398fe6398745e16fd119008b8ea67662416"
+}

backend/.sqlx/query-1492b88c75722465b1a5c138729e6bb2782e1f8ef5f9fe752b356927a8605100.json

@@ -1,22 +0,0 @@
-{
-  "db_name": "PostgreSQL",
-  "query": "SELECT value FROM app_version WHERE id = $1 LIMIT 1",
-  "describe": {
-    "columns": [
-      {
-        "ordinal": 0,
-        "name": "value",
-        "type_info": "Json"
-      }
-    ],
-    "parameters": {
-      "Left": [
-        "Int8"
-      ]
-    },
-    "nullable": [
-      false
-    ]
-  },
-  "hash": "1492b88c75722465b1a5c138729e6bb2782e1f8ef5f9fe752b356927a8605100"
-}

backend/.sqlx/query-14abf759dae7ba5c38017ba6001927c6df0653a02b87bcea939066e39ebcf24d.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "INSERT INTO concurrency_locks (id, last_locked_at, owner)\n                    VALUES ($1, now(), $2)\n                    ON CONFLICT (id)\n                    DO UPDATE SET\n                        last_locked_at = now(),\n                        owner = EXCLUDED.owner",
+  "query": "INSERT INTO concurrency_locks (id, last_locked_at, owner)\n                    VALUES ($1, now(), $2)\n                    ON CONFLICT (id)\n                    DO UPDATE SET\n                        last_locked_at = now(),\n                        owner = $2",
   "describe": {
     "columns": [],
     "parameters": {
@@ -11,5 +11,5 @@
     },
     "nullable": []
   },
-  "hash": "6d7a4185063dbcca0dbea1b002330d622c9d2d844a2ab3938e6ec23c6150fb40"
+  "hash": "14abf759dae7ba5c38017ba6001927c6df0653a02b87bcea939066e39ebcf24d"
 }

backend/.sqlx/query-1625a84fbcf8c5f77eb0519f60d9418f85d4d3d599f4177403fad5ad99380715.json

@@ -0,0 +1,26 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "\n        UPDATE \n            sqs_trigger \n        SET \n            enabled = $1, \n            email = $2, \n            edited_by = $3, \n            edited_at = now(), \n            server_id = NULL, \n            error = NULL\n        WHERE \n            path = $4 AND \n            workspace_id = $5 \n        RETURNING 1\n        ",
+  "describe": {
+    "columns": [
+      {
+        "ordinal": 0,
+        "name": "?column?",
+        "type_info": "Int4"
+      }
+    ],
+    "parameters": {
+      "Left": [
+        "Bool",
+        "Varchar",
+        "Varchar",
+        "Text",
+        "Text"
+      ]
+    },
+    "nullable": [
+      null
+    ]
+  },
+  "hash": "1625a84fbcf8c5f77eb0519f60d9418f85d4d3d599f4177403fad5ad99380715"
+}