@noormdev/sdk@1.0.0-alpha.35

Minor Changes

• 01208ec: ## Added

  • feat(runner): Split MSSQL SQL files on the GO batch separator. Multi-statement DDL files (multiple CREATE PROCEDURE / CREATE FUNCTION / CREATE TRIGGER / CREATE VIEW / CREATE TYPE in one file) now run correctly instead of failing with Incorrect syntax near 'GO'.
  • feat(runner): Batch failures report the failed batch index in FileResult.error (e.g. [batch 3 of 5] <driver error>) and short-circuit the remaining batches.

  Known limitations

  • GO inside string literals or block comments is still treated as a separator — matches sqlcmd behavior. Document accordingly when authoring T-SQL files.
  • GO <N> repetition is not implemented.

Patch Changes

• 01208ec: ## Changed

  • feat(sdk): changes.ff(options?) and changes.next(count, options?) now accept BatchChangeOptions so callers can pass dryRun / force. Previously the options were silently dropped before reaching the manager.

• 01208ec: ## Fixed

  • fix(teardown): Reorder schema teardown to drop procedures and functions before tables. MSSQL schema-bound UDFs (WITH SCHEMABINDING) previously blocked the table drop with Cannot DROP TABLE because it is being referenced by object 'fn_X'. New order: FK constraints → Procedures → Functions → Views → Tables → Types.
  • fix(teardown): Replace sp_MSforeachtable with per-table sequential ALTER TABLE [name] NOCHECK CONSTRAINT ALL (and inverse) in MSSQL db.truncate(). The previous implementation spawned parallel workers that deadlocked on schema locks against non-trivial schemas.
  • fix(teardown): TeardownDialectOperations.disableForeignKeyChecks / enableForeignKeyChecks now accept an optional tables?: string[] and may return string | string[]. PostgreSQL / MySQL / SQLite implementations ignore the argument — no behavior change for those dialects.

• 01208ec: ## Changed

  • fix(vault): vault.init() is now idempotent. A repeat call against an already-initialized vault returns [null, null] instead of [null, Error('Vault already initialized')]. The vault:initialized observer event still fires only on first init.

  This is a behavior change for callers that were special-casing the 'Vault already initialized' error string — they now see no error on repeat and must check whether the returned key is null (already initialized) or a Buffer (newly generated).

@noormdev/cli@1.0.0-alpha.35

Minor Changes

• f522adc: ### Added

  • feat(cli): Add noorm init --here to initialize a project in the original cwd, ignoring any parent .noorm/ discovered while walking up
  • feat(cli): Add global -c <path> / --cwd <path> flag (like git -C) that runs the subcommand inside <path> and skips the walk-up. Must precede the subcommand; after the subcommand -c keeps its per-command --config meaning.

  Changed

  • refactor(cli): noorm init now reports an existing .noorm/ before the TTY gate, so scripted invocations get the more actionable error.

• 01208ec: ## Added

  • feat(cli): Universal --yes / -y flag and NOORM_YES=1 environment variable for TTY-gated commands. Unblocks CI, scripted bootstrap, and subagent flows.
  • feat(cli): noorm init --yes now succeeds in non-TTY environments when an identity already exists at ~/.noorm/identity.{key,pub,json}. Without an identity, it errors with a hint pointing at noorm identity init --name "X" --email "Y".
  • feat(cli): noorm sql repl --yes, noorm settings edit --yes, and noorm settings secret --yes print a documented redirect-hint error instead of refusing silently, telling the user which non-interactive alternative to use (sql query / direct YAML edit / secret set).

Patch Changes

• 01208ec: ## Fixed
  • fix(cli): Wire noorm change ff --dry-run (and next / run / revert) through to the SDK — the flag previously parsed but did nothing
  • fix(cli): Drop the unreachable positional query arg from noorm sql and add an argv rewriter so noorm sql "SELECT 1" is rewritten to noorm sql query "SELECT 1" before citty dispatch
  • fix(cli): Show (dry-run) markers in human output and dryRun: true in --json envelopes for all four change commands
• 01208ec: ## Fixed
  • fix(cli): Surface SQL errors and skip reasons in run and change output
  • fix(cli): noorm run build / dir / files / exec now print each failed file's driver error inline and route the summary through logger.error on non-success
  • fix(cli): noorm run file and the skip path now report (skipped: <reason>) so callers know whether the file was unchanged or already-run
  • fix(cli): noorm change ff / run / revert / rewind print per-change error detail on failure instead of just (failed)

@noormdev/sdk@1.0.0-alpha.34

@noormdev/sdk@1.0.0-alpha.34

@noormdev/cli@1.0.0-alpha.34

Minor Changes

• 7b907b3: Introduce the noorm ci command namespace and retire the standalone noorm identity ci diagnostic.

  Four new commands cover the full CI lifecycle — mint a keypair, enroll it in a real database, bootstrap ephemeral state inside a job, and batch-load secrets:

  • noorm ci identity new --name <str> --email <str> — generate a test-CI keypair locally. No database contact, no state written. Prints the private key once plus a copy-pasteable NOORM_IDENTITY_* env block. Designed for stateless/ephemeral CI (isTest configs, throwaway databases). Accepts --json.
  • noorm ci identity enroll --config <name> --name <str> --email <str> [--public-key <hex>] — register a CI identity in the target database and propagate vault access to it. Run once by a developer with existing vault access. Decrypts the caller's vault key, inserts a new identity row (machine='ci', os='env'), and re-encrypts the vault key for the new identity. Idempotent on identityHash — safe to re-run. When --public-key is omitted, mints a new keypair and returns the private key; when provided, only the public half is enrolled (air-gapped flow).
  • noorm ci init [--name <str>] [--force] — bootstrap ephemeral state.enc from NOORM_IDENTITY_* + NOORM_CONNECTION_* env vars. Runs inside the CI job. Creates a config (default: ci, override via --name or NOORM_CI_CONFIG_NAME), marks it active, sets isTest: true. Absorbs the former noorm identity ci precheck — fails fast with exit 1 if any required env var is missing or malformed, or if state.enc already exists without --force.
  • noorm ci secrets --file <path> [--config <name>] [--overwrite] — batch-load secrets from a dotenv-style file into the active (or --config-named) vault. Parser ignores blank lines and # comments, splits on the first =, and strips a single matched pair of surrounding quotes. Existing keys are skipped unless --overwrite is set (so reruns are safe). Exit codes: 0 clean, 1 precondition failure, 2 partial (some set, some errored).

  Removed: noorm identity ci. Its precheck behavior is now built into noorm ci init. Callers that used identity ci only for validation should replace it with noorm ci init, which does the validation plus the state bootstrap.

  Migration: replace any pipeline that set NOORM_IDENTITY_* + NOORM_CONNECTION_* and ran noorm identity ci followed by noorm change ff with:

  noorm ci init --name prod
  noorm change ff

  For vault-aware pipelines, provision the CI identity once from a developer machine:

  noorm ci identity enroll --config prod --name "CI Bot" --email ci@example.com
  # copy the printed NOORM_IDENTITY_* block into your CI secrets store

@noormdev/sdk@1.0.0-alpha.33

@noormdev/sdk@1.0.0-alpha.33

@noormdev/cli@1.0.0-alpha.33

Minor Changes

• e87c435: Rework noorm change for interactive-first ergonomics and drop the surprising bare-invocation side effect.

  • Bare noorm change now renders citty's help output and does not connect to the database. The status listing that used to live there moved to a new explicit leaf: noorm change list. This matches every other root command (config, settings, identity, db, vault, secret, run) and prevents accidental connection attempts when users are just exploring the CLI.
  • change list — new. Lists every known change with its status; accepts --config, --json.
  • change edit [name] — new. Resolves the change folder from settings and spawns $EDITOR (then $VISUAL, then code) with stdio inherited so terminal editors work in-place; exits with the editor's own exit code. Surfaces spawn failures (e.g. editor binary not found) instead of silently no-oping.
  • change add [description] — prompts for a description via p.text when omitted on a TTY.
  • change rm [name] — prompts for a change to delete, then confirms with p.confirm. --yes is no longer required on a TTY (it now just skips the confirm). On a non-TTY, both the name and --yes are still required so CI never deletes silently.
  • change run [name] — prompts from pending/reverted changes (filters ctx.noorm.changes.status() by !orphaned && status in { pending, reverted }).
  • change revert [name] — prompts from successfully applied changes.
  • change rewind [name] — prompts from successfully applied changes.
  • change history-detail [name] — prompts from changes with execution history (status !== 'pending').

  In every case, non-TTY invocations without a name exit 1 with a uniform Change name required… error. User cancellation from any picker exits 1 with Cancelled..

  Migration: replace noorm change with noorm change list in any scripts or CI jobs that relied on the status listing. The --json shape is unchanged.

@noormdev/sdk@1.0.0-alpha.32

@noormdev/sdk@1.0.0-alpha.32

@noormdev/cli@1.0.0-alpha.32

Minor Changes

• f946820: Add CI identity bootstrap and two interactive settings editors:

  • noorm identity ci — diagnostic command for CI environments. Bootstraps the process from NOORM_IDENTITY_PRIVATE_KEY, NOORM_IDENTITY_NAME, and NOORM_IDENTITY_EMAIL env vars, deriving the public key from the private key and computing a deterministic identity hash across runners. In-memory overrides for both private key and metadata replace ~/.noorm/ filesystem reads, so CI runners can decrypt vault/state without writing key files.
  • noorm settings edit — interactive editor covering all 7 settings sections: paths, build, strict, logging, stages, rules, teardown. Stages and rules use add/edit/remove sub-loops. Esc inside a sub-editor returns to the section picker; only Esc at the top level exits. Adds setTeardown() to SettingsManager and a settings:teardown-updated event.
  • noorm settings secret — interactive editor for universal and stage-scoped secret requirements (declarations, not values). Supports add, edit, remove, and list actions.

@noormdev/sdk@1.0.0-alpha.31

@noormdev/sdk@1.0.0-alpha.31

@noormdev/cli@1.0.0-alpha.31

Minor Changes

• e10b7a4: Add two new CLI commands:

  • noorm init — interactive project bootstrap. Creates identity (if missing), project structure, and settings. Requires an interactive TTY.
  • noorm sql repl — launches the TUI directly on the SQL Terminal screen. Supports --config <name> to switch active config before launching. Requires an interactive TTY.