`ac27487`

S33: webhook sqlc package + queries

Authored by

espadonne 4 days ago

SHA: ac274873ab7efa9e4c2ea9e6dcf7c29f78fbcf07
Parents: 0699606
Tree: 78d0b01

8 changed files

Status	File	+
A	`internal/webhook/queries/cursor.sql`	35
A	`internal/webhook/queries/webhooks.sql`	170
A	`internal/webhook/sqlc/cursor.sql.go`	116
A	`internal/webhook/sqlc/db.go`	25
A	`internal/webhook/sqlc/models.go`	1917
A	`internal/webhook/sqlc/querier.go`	67
A	`internal/webhook/sqlc/webhooks.sql.go`	684
M	`sqlc.yaml`	16

internal/webhook/queries/cursor.sqladded

 +-- SPDX-License-Identifier: AGPL-3.0-or-later
 +--
 +-- Webhook fanout reads the same domain_events / cursor surface that
 +-- notifications do — but with its own consumer row so progress
 +-- doesn't collide with notify_fanout.
++
 +-- name: GetWebhookCursor :one
 +SELECT consumer, last_event_id, updated_at
 +FROM domain_events_processed
 +WHERE consumer = $1;
++
 +-- name: SetWebhookCursor :exec
 +INSERT INTO domain_events_processed (consumer, last_event_id)
 +VALUES ($1, $2)
 +ON CONFLICT (consumer)
 +DO UPDATE SET last_event_id = EXCLUDED.last_event_id,
 +              updated_at    = now();
++
 +-- name: ListUnprocessedDomainEvents :many
 +SELECT id, actor_user_id, kind, repo_id, source_kind, source_id,
 +       public, payload, created_at
 +FROM domain_events
 +WHERE id > $1
 +ORDER BY id
 +LIMIT $2;
++
 +-- name: GetRepoOwnerKindForFanout :one
 +-- Resolve a repo's owner so the fanout knows which webhooks to fire.
 +-- Returns owner_kind 'user' or 'org' so the matcher knows what bucket
 +-- to look in. (We use 'user' as a literal string here; the webhook
 +-- machinery itself only stores 'repo'/'org' as owners — repo-owned
 +-- webhooks attach to the repo regardless of who owns the repo.)
 +SELECT owner_user_id, owner_org_id
 +FROM repos
 +WHERE id = $1;

internal/webhook/queries/webhooks.sqladded

 +-- SPDX-License-Identifier: AGPL-3.0-or-later
 +--
 +-- Query surface for the webhook package. Naming mirrors the verb the
 +-- caller uses; visibility / ownership filters are applied by the
 +-- handler layer (the queries are deliberately narrow on key columns).
++
 +-- name: CreateWebhook :one
 +INSERT INTO webhooks (
 +    owner_kind, owner_id, url, content_type, events,
 +    secret_ciphertext, secret_nonce, active, ssl_verification,
 +    auto_disable_threshold, created_by_user_id
 +) VALUES (
 +    sqlc.arg(owner_kind), sqlc.arg(owner_id), sqlc.arg(url),
 +    sqlc.arg(content_type), sqlc.arg(events),
 +    sqlc.arg(secret_ciphertext), sqlc.arg(secret_nonce),
 +    sqlc.arg(active), sqlc.arg(ssl_verification),
 +    sqlc.arg(auto_disable_threshold),
 +    sqlc.narg(created_by_user_id)::bigint
 +)
 +RETURNING *;
++
 +-- name: GetWebhookByID :one
 +SELECT * FROM webhooks WHERE id = $1;
++
 +-- name: ListWebhooksForOwner :many
 +SELECT * FROM webhooks
 +WHERE owner_kind = $1 AND owner_id = $2
 +ORDER BY created_at DESC;
++
 +-- name: ListActiveWebhooksForOwner :many
 +-- Used by fanout to find subscribers for an event.
 +SELECT * FROM webhooks
 +WHERE owner_kind = $1 AND owner_id = $2
 +  AND active = true AND disabled_at IS NULL;
++
 +-- name: UpdateWebhook :exec
 +UPDATE webhooks
 +   SET url                    = $2,
 +       content_type           = $3,
 +       events                 = $4,
 +       active                 = $5,
 +       ssl_verification       = $6,
 +       auto_disable_threshold = $7,
 +       updated_at             = now()
 + WHERE id = $1;
++
 +-- name: UpdateWebhookSecret :exec
 +UPDATE webhooks
 +   SET secret_ciphertext = $2,
 +       secret_nonce      = $3,
 +       updated_at        = now()
 + WHERE id = $1;
++
 +-- name: DeleteWebhook :exec
 +DELETE FROM webhooks WHERE id = $1;
++
 +-- name: SetWebhookActive :exec
 +-- Re-enables a previously auto-disabled webhook (UI affordance).
 +-- Resets the failure counter and clears disabled_at/reason.
 +UPDATE webhooks
 +   SET active               = $2,
 +       disabled_at          = NULL,
 +       disabled_reason      = NULL,
 +       consecutive_failures = 0,
 +       updated_at           = now()
 + WHERE id = $1;
++
 +-- name: RecordWebhookSuccess :exec
 +UPDATE webhooks
 +   SET consecutive_failures = 0,
 +       last_success_at      = now(),
 +       updated_at           = now()
 + WHERE id = $1;
++
 +-- name: RecordWebhookFailure :one
 +-- Increments the failure counter and reports the new value so the
 +-- caller can decide whether to auto-disable.
 +UPDATE webhooks
 +   SET consecutive_failures = consecutive_failures + 1,
 +       last_failure_at      = now(),
 +       updated_at           = now()
 + WHERE id = $1
 +RETURNING consecutive_failures, auto_disable_threshold;
++
 +-- name: AutoDisableWebhook :exec
 +UPDATE webhooks
 +   SET disabled_at     = now(),
 +       disabled_reason = $2,
 +       updated_at      = now()
 + WHERE id = $1;
++
 +-- name: CreateDelivery :one
 +INSERT INTO webhook_deliveries (
 +    webhook_id, event_kind, event_id, payload, request_headers,
 +    request_body, attempt, max_attempts, next_retry_at, status,
 +    idempotency_key, redeliver_of
 +) VALUES (
 +    sqlc.arg(webhook_id), sqlc.arg(event_kind), sqlc.narg(event_id)::bigint,
 +    sqlc.arg(payload), sqlc.arg(request_headers), sqlc.arg(request_body),
 +    sqlc.arg(attempt), sqlc.arg(max_attempts), sqlc.narg(next_retry_at)::timestamptz,
 +    sqlc.arg(status), sqlc.arg(idempotency_key), sqlc.narg(redeliver_of)::bigint
 +)
 +RETURNING *;
++
 +-- name: GetDeliveryByID :one
 +SELECT * FROM webhook_deliveries WHERE id = $1;
++
 +-- name: ListDeliveriesForWebhook :many
 +SELECT id, webhook_id, event_kind, event_id, delivery_uuid, response_status,
 +       response_truncated, started_at, completed_at, attempt, max_attempts,
 +       next_retry_at, status, error_summary, redeliver_of
 +FROM webhook_deliveries
 +WHERE webhook_id = $1
 +ORDER BY started_at DESC
 +LIMIT $2;
++
 +-- name: ClaimDueDeliveries :many
 +-- Hot-path for the deliver worker: picks up to $1 rows that are
 +-- pending or in retry-ready state, FOR UPDATE SKIP LOCKED so concurrent
 +-- workers don't double-send. The deliverer marks the row 'pending'
 +-- with a far-future next_retry_at while it works on it (defense
 +-- against re-claim during a long HTTP timeout).
 +SELECT id FROM webhook_deliveries
 +WHERE status IN ('pending', 'failed_retry')
 +  AND (next_retry_at IS NULL OR next_retry_at <= now())
 +ORDER BY next_retry_at NULLS FIRST, id
 +LIMIT $1
 +FOR UPDATE SKIP LOCKED;
++
 +-- name: MarkDeliverySucceeded :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'succeeded',
 +       response_status     = $2,
 +       response_headers    = $3,
 +       response_body       = $4,
 +       response_truncated  = $5,
 +       completed_at        = now(),
 +       error_summary       = NULL
 + WHERE id = $1;
++
 +-- name: MarkDeliveryRetry :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'failed_retry',
 +       attempt             = attempt + 1,
 +       response_status     = sqlc.narg(response_status)::int,
 +       response_headers    = sqlc.narg(response_headers)::jsonb,
 +       response_body       = sqlc.narg(response_body)::bytea,
 +       response_truncated  = sqlc.arg(response_truncated)::bool,
 +       next_retry_at       = sqlc.arg(next_retry_at)::timestamptz,
 +       error_summary       = sqlc.arg(error_summary)::text
 + WHERE id = sqlc.arg(id)::bigint;
++
 +-- name: MarkDeliveryPermanentFailure :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'failed_permanent',
 +       response_status     = sqlc.narg(response_status)::int,
 +       response_headers    = sqlc.narg(response_headers)::jsonb,
 +       response_body       = sqlc.narg(response_body)::bytea,
 +       response_truncated  = sqlc.arg(response_truncated)::bool,
 +       completed_at        = now(),
 +       error_summary       = sqlc.arg(error_summary)::text
 + WHERE id = sqlc.arg(id)::bigint;
++
 +-- name: PurgeOldDeliveries :execrows
 +-- Cron: drops terminal deliveries older than the retention window.
 +-- pending/failed_retry rows are left alone so an in-flight retry isn't
 +-- aborted out from under the worker.
 +DELETE FROM webhook_deliveries
 +WHERE status IN ('succeeded', 'failed_permanent')
 +  AND completed_at < now() - sqlc.arg(retention)::interval;

internal/webhook/sqlc/cursor.sql.goadded

 +// Code generated by sqlc. DO NOT EDIT.
 +// versions:
 +//   sqlc v1.31.1
 +// source: cursor.sql
++
 +package webhookdb
++
 +import (
 +	"context"
++
 +	"github.com/jackc/pgx/v5/pgtype"
 +)
++
 +const getRepoOwnerKindForFanout = `-- name: GetRepoOwnerKindForFanout :one
 +SELECT owner_user_id, owner_org_id
 +FROM repos
 +WHERE id = $1
 +`
++
 +type GetRepoOwnerKindForFanoutRow struct {
 +	OwnerUserID pgtype.Int8
 +	OwnerOrgID  pgtype.Int8
 +}
++
 +// Resolve a repo's owner so the fanout knows which webhooks to fire.
 +// Returns owner_kind 'user' or 'org' so the matcher knows what bucket
 +// to look in. (We use 'user' as a literal string here; the webhook
 +// machinery itself only stores 'repo'/'org' as owners — repo-owned
 +// webhooks attach to the repo regardless of who owns the repo.)
 +func (q *Queries) GetRepoOwnerKindForFanout(ctx context.Context, db DBTX, id int64) (GetRepoOwnerKindForFanoutRow, error) {
 +	row := db.QueryRow(ctx, getRepoOwnerKindForFanout, id)
 +	var i GetRepoOwnerKindForFanoutRow
 +	err := row.Scan(&i.OwnerUserID, &i.OwnerOrgID)
 +	return i, err
 +}
++
 +const getWebhookCursor = `-- name: GetWebhookCursor :one
++
 +SELECT consumer, last_event_id, updated_at
 +FROM domain_events_processed
 +WHERE consumer = $1
 +`
++
 +// SPDX-License-Identifier: AGPL-3.0-or-later
 +//
 +// Webhook fanout reads the same domain_events / cursor surface that
 +// notifications do — but with its own consumer row so progress
 +// doesn't collide with notify_fanout.
 +func (q *Queries) GetWebhookCursor(ctx context.Context, db DBTX, consumer string) (DomainEventsProcessed, error) {
 +	row := db.QueryRow(ctx, getWebhookCursor, consumer)
 +	var i DomainEventsProcessed
 +	err := row.Scan(&i.Consumer, &i.LastEventID, &i.UpdatedAt)
 +	return i, err
 +}
++
 +const listUnprocessedDomainEvents = `-- name: ListUnprocessedDomainEvents :many
 +SELECT id, actor_user_id, kind, repo_id, source_kind, source_id,
 +       public, payload, created_at
 +FROM domain_events
 +WHERE id > $1
 +ORDER BY id
 +LIMIT $2
 +`
++
 +type ListUnprocessedDomainEventsParams struct {
 +	ID    int64
 +	Limit int32
 +}
++
 +func (q *Queries) ListUnprocessedDomainEvents(ctx context.Context, db DBTX, arg ListUnprocessedDomainEventsParams) ([]DomainEvent, error) {
 +	rows, err := db.Query(ctx, listUnprocessedDomainEvents, arg.ID, arg.Limit)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []DomainEvent{}
 +	for rows.Next() {
 +		var i DomainEvent
 +		if err := rows.Scan(
 +			&i.ID,
 +			&i.ActorUserID,
 +			&i.Kind,
 +			&i.RepoID,
 +			&i.SourceKind,
 +			&i.SourceID,
 +			&i.Public,
 +			&i.Payload,
 +			&i.CreatedAt,
 +		); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, i)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
 +const setWebhookCursor = `-- name: SetWebhookCursor :exec
 +INSERT INTO domain_events_processed (consumer, last_event_id)
 +VALUES ($1, $2)
 +ON CONFLICT (consumer)
 +DO UPDATE SET last_event_id = EXCLUDED.last_event_id,
 +              updated_at    = now()
 +`
++
 +type SetWebhookCursorParams struct {
 +	Consumer    string
 +	LastEventID int64
 +}
++
 +func (q *Queries) SetWebhookCursor(ctx context.Context, db DBTX, arg SetWebhookCursorParams) error {
 +	_, err := db.Exec(ctx, setWebhookCursor, arg.Consumer, arg.LastEventID)
 +	return err
 +}

internal/webhook/sqlc/db.goadded

 +// Code generated by sqlc. DO NOT EDIT.
 +// versions:
 +//   sqlc v1.31.1
++
 +package webhookdb
++
 +import (
 +	"context"
++
 +	"github.com/jackc/pgx/v5"
 +	"github.com/jackc/pgx/v5/pgconn"
 +)
++
 +type DBTX interface {
 +	Exec(context.Context, string, ...interface{}) (pgconn.CommandTag, error)
 +	Query(context.Context, string, ...interface{}) (pgx.Rows, error)
 +	QueryRow(context.Context, string, ...interface{}) pgx.Row
 +}
++
 +func New() *Queries {
 +	return &Queries{}
 +}
++
 +type Queries struct {
 +}

internal/webhook/sqlc/models.goadded

1917 lines changed — click to load

 +// Code generated by sqlc. DO NOT EDIT.
 +// versions:
 +//   sqlc v1.31.1
++
 +package webhookdb
++
 +import (
 +	"database/sql/driver"
 +	"fmt"
 +	"net/netip"
++
 +	"github.com/jackc/pgx/v5/pgtype"
 +)
++
 +type CheckConclusion string
++
 +const (
 +	CheckConclusionSuccess        CheckConclusion = "success"
 +	CheckConclusionFailure        CheckConclusion = "failure"
 +	CheckConclusionNeutral        CheckConclusion = "neutral"
 +	CheckConclusionCancelled      CheckConclusion = "cancelled"
 +	CheckConclusionSkipped        CheckConclusion = "skipped"
 +	CheckConclusionTimedOut       CheckConclusion = "timed_out"
 +	CheckConclusionActionRequired CheckConclusion = "action_required"
 +	CheckConclusionStale          CheckConclusion = "stale"
 +)
++
 +func (e *CheckConclusion) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = CheckConclusion(s)
 +	case string:
 +		*e = CheckConclusion(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for CheckConclusion: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullCheckConclusion struct {
 +	CheckConclusion CheckConclusion
 +	Valid           bool // Valid is true if CheckConclusion is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullCheckConclusion) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.CheckConclusion, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.CheckConclusion.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullCheckConclusion) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.CheckConclusion), nil
 +}
++
 +type CheckStatus string
++
 +const (
 +	CheckStatusQueued     CheckStatus = "queued"
 +	CheckStatusInProgress CheckStatus = "in_progress"
 +	CheckStatusCompleted  CheckStatus = "completed"
 +	CheckStatusPending    CheckStatus = "pending"
 +)
++
 +func (e *CheckStatus) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = CheckStatus(s)
 +	case string:
 +		*e = CheckStatus(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for CheckStatus: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullCheckStatus struct {
 +	CheckStatus CheckStatus
 +	Valid       bool // Valid is true if CheckStatus is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullCheckStatus) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.CheckStatus, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.CheckStatus.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullCheckStatus) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.CheckStatus), nil
 +}
++
 +type CollabRole string
++
 +const (
 +	CollabRoleRead     CollabRole = "read"
 +	CollabRoleTriage   CollabRole = "triage"
 +	CollabRoleWrite    CollabRole = "write"
 +	CollabRoleMaintain CollabRole = "maintain"
 +	CollabRoleAdmin    CollabRole = "admin"
 +)
++
 +func (e *CollabRole) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = CollabRole(s)
 +	case string:
 +		*e = CollabRole(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for CollabRole: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullCollabRole struct {
 +	CollabRole CollabRole
 +	Valid      bool // Valid is true if CollabRole is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullCollabRole) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.CollabRole, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.CollabRole.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullCollabRole) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.CollabRole), nil
 +}
++
 +type IssueKind string
++
 +const (
 +	IssueKindIssue IssueKind = "issue"
 +	IssueKindPr    IssueKind = "pr"
 +)
++
 +func (e *IssueKind) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = IssueKind(s)
 +	case string:
 +		*e = IssueKind(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for IssueKind: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullIssueKind struct {
 +	IssueKind IssueKind
 +	Valid     bool // Valid is true if IssueKind is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullIssueKind) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.IssueKind, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.IssueKind.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullIssueKind) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.IssueKind), nil
 +}
++
 +type IssueRefSource string
++
 +const (
 +	IssueRefSourceCommentBody   IssueRefSource = "comment_body"
 +	IssueRefSourceIssueBody     IssueRefSource = "issue_body"
 +	IssueRefSourceCommitMessage IssueRefSource = "commit_message"
 +)
++
 +func (e *IssueRefSource) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = IssueRefSource(s)
 +	case string:
 +		*e = IssueRefSource(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for IssueRefSource: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullIssueRefSource struct {
 +	IssueRefSource IssueRefSource
 +	Valid          bool // Valid is true if IssueRefSource is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullIssueRefSource) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.IssueRefSource, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.IssueRefSource.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullIssueRefSource) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.IssueRefSource), nil
 +}
++
 +type IssueState string
++
 +const (
 +	IssueStateOpen   IssueState = "open"
 +	IssueStateClosed IssueState = "closed"
 +)
++
 +func (e *IssueState) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = IssueState(s)
 +	case string:
 +		*e = IssueState(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for IssueState: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullIssueState struct {
 +	IssueState IssueState
 +	Valid      bool // Valid is true if IssueState is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullIssueState) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.IssueState, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.IssueState.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullIssueState) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.IssueState), nil
 +}
++
 +type IssueStateReason string
++
 +const (
 +	IssueStateReasonCompleted  IssueStateReason = "completed"
 +	IssueStateReasonNotPlanned IssueStateReason = "not_planned"
 +	IssueStateReasonReopened   IssueStateReason = "reopened"
 +	IssueStateReasonDuplicate  IssueStateReason = "duplicate"
 +)
++
 +func (e *IssueStateReason) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = IssueStateReason(s)
 +	case string:
 +		*e = IssueStateReason(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for IssueStateReason: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullIssueStateReason struct {
 +	IssueStateReason IssueStateReason
 +	Valid            bool // Valid is true if IssueStateReason is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullIssueStateReason) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.IssueStateReason, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.IssueStateReason.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullIssueStateReason) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.IssueStateReason), nil
 +}
++
 +type MilestoneState string
++
 +const (
 +	MilestoneStateOpen   MilestoneState = "open"
 +	MilestoneStateClosed MilestoneState = "closed"
 +)
++
 +func (e *MilestoneState) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = MilestoneState(s)
 +	case string:
 +		*e = MilestoneState(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for MilestoneState: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullMilestoneState struct {
 +	MilestoneState MilestoneState
 +	Valid          bool // Valid is true if MilestoneState is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullMilestoneState) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.MilestoneState, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.MilestoneState.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullMilestoneState) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.MilestoneState), nil
 +}
++
 +type NotificationThreadKind string
++
 +const (
 +	NotificationThreadKindIssue NotificationThreadKind = "issue"
 +	NotificationThreadKindPr    NotificationThreadKind = "pr"
 +)
++
 +func (e *NotificationThreadKind) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = NotificationThreadKind(s)
 +	case string:
 +		*e = NotificationThreadKind(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for NotificationThreadKind: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullNotificationThreadKind struct {
 +	NotificationThreadKind NotificationThreadKind
 +	Valid                  bool // Valid is true if NotificationThreadKind is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullNotificationThreadKind) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.NotificationThreadKind, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.NotificationThreadKind.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullNotificationThreadKind) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.NotificationThreadKind), nil
 +}
++
 +type OrgPlan string
++
 +const (
 +	OrgPlanFree       OrgPlan = "free"
 +	OrgPlanTeam       OrgPlan = "team"
 +	OrgPlanEnterprise OrgPlan = "enterprise"
 +)
++
 +func (e *OrgPlan) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = OrgPlan(s)
 +	case string:
 +		*e = OrgPlan(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for OrgPlan: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullOrgPlan struct {
 +	OrgPlan OrgPlan
 +	Valid   bool // Valid is true if OrgPlan is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullOrgPlan) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.OrgPlan, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.OrgPlan.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullOrgPlan) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.OrgPlan), nil
 +}
++
 +type OrgRole string
++
 +const (
 +	OrgRoleOwner  OrgRole = "owner"
 +	OrgRoleMember OrgRole = "member"
 +)
++
 +func (e *OrgRole) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = OrgRole(s)
 +	case string:
 +		*e = OrgRole(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for OrgRole: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullOrgRole struct {
 +	OrgRole OrgRole
 +	Valid   bool // Valid is true if OrgRole is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullOrgRole) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.OrgRole, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.OrgRole.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullOrgRole) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.OrgRole), nil
 +}
++
 +type PrFileStatus string
++
 +const (
 +	PrFileStatusAdded    PrFileStatus = "added"
 +	PrFileStatusModified PrFileStatus = "modified"
 +	PrFileStatusDeleted  PrFileStatus = "deleted"
 +	PrFileStatusRenamed  PrFileStatus = "renamed"
 +	PrFileStatusCopied   PrFileStatus = "copied"
 +)
++
 +func (e *PrFileStatus) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrFileStatus(s)
 +	case string:
 +		*e = PrFileStatus(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrFileStatus: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrFileStatus struct {
 +	PrFileStatus PrFileStatus
 +	Valid        bool // Valid is true if PrFileStatus is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrFileStatus) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrFileStatus, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrFileStatus.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrFileStatus) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrFileStatus), nil
 +}
++
 +type PrMergeMethod string
++
 +const (
 +	PrMergeMethodMerge  PrMergeMethod = "merge"
 +	PrMergeMethodSquash PrMergeMethod = "squash"
 +	PrMergeMethodRebase PrMergeMethod = "rebase"
 +)
++
 +func (e *PrMergeMethod) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrMergeMethod(s)
 +	case string:
 +		*e = PrMergeMethod(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrMergeMethod: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrMergeMethod struct {
 +	PrMergeMethod PrMergeMethod
 +	Valid         bool // Valid is true if PrMergeMethod is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrMergeMethod) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrMergeMethod, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrMergeMethod.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrMergeMethod) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrMergeMethod), nil
 +}
++
 +type PrMergeableState string
++
 +const (
 +	PrMergeableStateUnknown PrMergeableState = "unknown"
 +	PrMergeableStateClean   PrMergeableState = "clean"
 +	PrMergeableStateDirty   PrMergeableState = "dirty"
 +	PrMergeableStateBlocked PrMergeableState = "blocked"
 +	PrMergeableStateBehind  PrMergeableState = "behind"
 +)
++
 +func (e *PrMergeableState) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrMergeableState(s)
 +	case string:
 +		*e = PrMergeableState(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrMergeableState: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrMergeableState struct {
 +	PrMergeableState PrMergeableState
 +	Valid            bool // Valid is true if PrMergeableState is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrMergeableState) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrMergeableState, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrMergeableState.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrMergeableState) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrMergeableState), nil
 +}
++
 +type PrReviewSide string
++
 +const (
 +	PrReviewSideLeft  PrReviewSide = "left"
 +	PrReviewSideRight PrReviewSide = "right"
 +)
++
 +func (e *PrReviewSide) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrReviewSide(s)
 +	case string:
 +		*e = PrReviewSide(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrReviewSide: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrReviewSide struct {
 +	PrReviewSide PrReviewSide
 +	Valid        bool // Valid is true if PrReviewSide is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrReviewSide) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrReviewSide, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrReviewSide.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrReviewSide) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrReviewSide), nil
 +}
++
 +type PrReviewState string
++
 +const (
 +	PrReviewStateComment        PrReviewState = "comment"
 +	PrReviewStateApprove        PrReviewState = "approve"
 +	PrReviewStateRequestChanges PrReviewState = "request_changes"
 +)
++
 +func (e *PrReviewState) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrReviewState(s)
 +	case string:
 +		*e = PrReviewState(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrReviewState: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrReviewState struct {
 +	PrReviewState PrReviewState
 +	Valid         bool // Valid is true if PrReviewState is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrReviewState) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrReviewState, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrReviewState.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrReviewState) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrReviewState), nil
 +}
++
 +type PrincipalKind string
++
 +const (
 +	PrincipalKindUser PrincipalKind = "user"
 +	PrincipalKindOrg  PrincipalKind = "org"
 +)
++
 +func (e *PrincipalKind) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = PrincipalKind(s)
 +	case string:
 +		*e = PrincipalKind(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for PrincipalKind: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullPrincipalKind struct {
 +	PrincipalKind PrincipalKind
 +	Valid         bool // Valid is true if PrincipalKind is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullPrincipalKind) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.PrincipalKind, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.PrincipalKind.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullPrincipalKind) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.PrincipalKind), nil
 +}
++
 +type RepoInitStatus string
++
 +const (
 +	RepoInitStatusInitialized RepoInitStatus = "initialized"
 +	RepoInitStatusInitPending RepoInitStatus = "init_pending"
 +	RepoInitStatusInitFailed  RepoInitStatus = "init_failed"
 +)
++
 +func (e *RepoInitStatus) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = RepoInitStatus(s)
 +	case string:
 +		*e = RepoInitStatus(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for RepoInitStatus: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullRepoInitStatus struct {
 +	RepoInitStatus RepoInitStatus
 +	Valid          bool // Valid is true if RepoInitStatus is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullRepoInitStatus) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.RepoInitStatus, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.RepoInitStatus.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullRepoInitStatus) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.RepoInitStatus), nil
 +}
++
 +type RepoVisibility string
++
 +const (
 +	RepoVisibilityPublic  RepoVisibility = "public"
 +	RepoVisibilityPrivate RepoVisibility = "private"
 +)
++
 +func (e *RepoVisibility) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = RepoVisibility(s)
 +	case string:
 +		*e = RepoVisibility(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for RepoVisibility: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullRepoVisibility struct {
 +	RepoVisibility RepoVisibility
 +	Valid          bool // Valid is true if RepoVisibility is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullRepoVisibility) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.RepoVisibility, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.RepoVisibility.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullRepoVisibility) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.RepoVisibility), nil
 +}
++
 +type TeamPrivacy string
++
 +const (
 +	TeamPrivacyVisible TeamPrivacy = "visible"
 +	TeamPrivacySecret  TeamPrivacy = "secret"
 +)
++
 +func (e *TeamPrivacy) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = TeamPrivacy(s)
 +	case string:
 +		*e = TeamPrivacy(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for TeamPrivacy: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullTeamPrivacy struct {
 +	TeamPrivacy TeamPrivacy
 +	Valid       bool // Valid is true if TeamPrivacy is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullTeamPrivacy) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.TeamPrivacy, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.TeamPrivacy.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullTeamPrivacy) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.TeamPrivacy), nil
 +}
++
 +type TeamRepoRole string
++
 +const (
 +	TeamRepoRoleRead     TeamRepoRole = "read"
 +	TeamRepoRoleTriage   TeamRepoRole = "triage"
 +	TeamRepoRoleWrite    TeamRepoRole = "write"
 +	TeamRepoRoleMaintain TeamRepoRole = "maintain"
 +	TeamRepoRoleAdmin    TeamRepoRole = "admin"
 +)
++
 +func (e *TeamRepoRole) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = TeamRepoRole(s)
 +	case string:
 +		*e = TeamRepoRole(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for TeamRepoRole: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullTeamRepoRole struct {
 +	TeamRepoRole TeamRepoRole
 +	Valid        bool // Valid is true if TeamRepoRole is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullTeamRepoRole) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.TeamRepoRole, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.TeamRepoRole.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullTeamRepoRole) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.TeamRepoRole), nil
 +}
++
 +type TeamRole string
++
 +const (
 +	TeamRoleMember     TeamRole = "member"
 +	TeamRoleMaintainer TeamRole = "maintainer"
 +)
++
 +func (e *TeamRole) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = TeamRole(s)
 +	case string:
 +		*e = TeamRole(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for TeamRole: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullTeamRole struct {
 +	TeamRole TeamRole
 +	Valid    bool // Valid is true if TeamRole is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullTeamRole) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.TeamRole, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.TeamRole.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullTeamRole) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.TeamRole), nil
 +}
++
 +type TransferPrincipalKind string
++
 +const (
 +	TransferPrincipalKindUser TransferPrincipalKind = "user"
 +	TransferPrincipalKindOrg  TransferPrincipalKind = "org"
 +)
++
 +func (e *TransferPrincipalKind) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = TransferPrincipalKind(s)
 +	case string:
 +		*e = TransferPrincipalKind(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for TransferPrincipalKind: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullTransferPrincipalKind struct {
 +	TransferPrincipalKind TransferPrincipalKind
 +	Valid                 bool // Valid is true if TransferPrincipalKind is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullTransferPrincipalKind) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.TransferPrincipalKind, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.TransferPrincipalKind.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullTransferPrincipalKind) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.TransferPrincipalKind), nil
 +}
++
 +type TransferStatus string
++
 +const (
 +	TransferStatusPending  TransferStatus = "pending"
 +	TransferStatusAccepted TransferStatus = "accepted"
 +	TransferStatusDeclined TransferStatus = "declined"
 +	TransferStatusCanceled TransferStatus = "canceled"
 +	TransferStatusExpired  TransferStatus = "expired"
 +)
++
 +func (e *TransferStatus) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = TransferStatus(s)
 +	case string:
 +		*e = TransferStatus(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for TransferStatus: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullTransferStatus struct {
 +	TransferStatus TransferStatus
 +	Valid          bool // Valid is true if TransferStatus is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullTransferStatus) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.TransferStatus, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.TransferStatus.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullTransferStatus) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.TransferStatus), nil
 +}
++
 +type WatchLevel string
++
 +const (
 +	WatchLevelAll           WatchLevel = "all"
 +	WatchLevelParticipating WatchLevel = "participating"
 +	WatchLevelIgnore        WatchLevel = "ignore"
 +)
++
 +func (e *WatchLevel) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = WatchLevel(s)
 +	case string:
 +		*e = WatchLevel(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for WatchLevel: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullWatchLevel struct {
 +	WatchLevel WatchLevel
 +	Valid      bool // Valid is true if WatchLevel is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullWatchLevel) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.WatchLevel, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.WatchLevel.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullWatchLevel) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.WatchLevel), nil
 +}
++
 +type WebhookContentType string
++
 +const (
 +	WebhookContentTypeJson WebhookContentType = "json"
 +	WebhookContentTypeForm WebhookContentType = "form"
 +)
++
 +func (e *WebhookContentType) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = WebhookContentType(s)
 +	case string:
 +		*e = WebhookContentType(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for WebhookContentType: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullWebhookContentType struct {
 +	WebhookContentType WebhookContentType
 +	Valid              bool // Valid is true if WebhookContentType is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullWebhookContentType) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.WebhookContentType, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.WebhookContentType.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullWebhookContentType) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.WebhookContentType), nil
 +}
++
 +type WebhookDeliveryStatus string
++
 +const (
 +	WebhookDeliveryStatusPending         WebhookDeliveryStatus = "pending"
 +	WebhookDeliveryStatusSucceeded       WebhookDeliveryStatus = "succeeded"
 +	WebhookDeliveryStatusFailedRetry     WebhookDeliveryStatus = "failed_retry"
 +	WebhookDeliveryStatusFailedPermanent WebhookDeliveryStatus = "failed_permanent"
 +)
++
 +func (e *WebhookDeliveryStatus) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = WebhookDeliveryStatus(s)
 +	case string:
 +		*e = WebhookDeliveryStatus(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for WebhookDeliveryStatus: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullWebhookDeliveryStatus struct {
 +	WebhookDeliveryStatus WebhookDeliveryStatus
 +	Valid                 bool // Valid is true if WebhookDeliveryStatus is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullWebhookDeliveryStatus) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.WebhookDeliveryStatus, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.WebhookDeliveryStatus.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullWebhookDeliveryStatus) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.WebhookDeliveryStatus), nil
 +}
++
 +type WebhookOwnerKind string
++
 +const (
 +	WebhookOwnerKindRepo WebhookOwnerKind = "repo"
 +	WebhookOwnerKindOrg  WebhookOwnerKind = "org"
 +)
++
 +func (e *WebhookOwnerKind) Scan(src interface{}) error {
 +	switch s := src.(type) {
 +	case []byte:
 +		*e = WebhookOwnerKind(s)
 +	case string:
 +		*e = WebhookOwnerKind(s)
 +	default:
 +		return fmt.Errorf("unsupported scan type for WebhookOwnerKind: %T", src)
 +	}
 +	return nil
 +}
++
 +type NullWebhookOwnerKind struct {
 +	WebhookOwnerKind WebhookOwnerKind
 +	Valid            bool // Valid is true if WebhookOwnerKind is not NULL
 +}
++
 +// Scan implements the Scanner interface.
 +func (ns *NullWebhookOwnerKind) Scan(value interface{}) error {
 +	if value == nil {
 +		ns.WebhookOwnerKind, ns.Valid = "", false
 +		return nil
 +	}
 +	ns.Valid = true
 +	return ns.WebhookOwnerKind.Scan(value)
 +}
++
 +// Value implements the driver Valuer interface.
 +func (ns NullWebhookOwnerKind) Value() (driver.Value, error) {
 +	if !ns.Valid {
 +		return nil, nil
 +	}
 +	return string(ns.WebhookOwnerKind), nil
 +}
++
 +type AuthAuditLog struct {
 +	ID         int64
 +	ActorID    pgtype.Int8
 +	Action     string
 +	TargetType string
 +	TargetID   pgtype.Int8
 +	Meta       []byte
 +	CreatedAt  pgtype.Timestamptz
 +}
++
 +type AuthThrottle struct {
 +	ID              int64
 +	Scope           string
 +	Identifier      string
 +	Hits            int32
 +	WindowStartedAt pgtype.Timestamptz
 +}
++
 +type BranchProtectionRule struct {
 +	ID                             int64
 +	RepoID                         int64
 +	Pattern                        string
 +	PreventForcePush               bool
 +	PreventDeletion                bool
 +	RequirePrForPush               bool
 +	AllowedPusherUserIds           []int64
 +	RequireSignedCommits           bool
 +	StatusChecksRequired           []string
 +	CreatedAt                      pgtype.Timestamptz
 +	UpdatedAt                      pgtype.Timestamptz
 +	CreatedByUserID                pgtype.Int8
 +	RequiredReviewCount            int32
 +	DismissStaleReviewsOnPush      bool
 +	RequireCodeOwnerReview         bool
 +	DismissStaleStatusChecksOnPush bool
 +}
++
 +type CheckRun struct {
 +	ID          int64
 +	SuiteID     int64
 +	RepoID      int64
 +	HeadSha     string
 +	Name        string
 +	Status      CheckStatus
 +	Conclusion  NullCheckConclusion
 +	StartedAt   pgtype.Timestamptz
 +	CompletedAt pgtype.Timestamptz
 +	DetailsUrl  string
 +	Output      []byte
 +	ExternalID  pgtype.Text
 +	CreatedAt   pgtype.Timestamptz
 +	UpdatedAt   pgtype.Timestamptz
 +}
++
 +type CheckSuite struct {
 +	ID         int64
 +	RepoID     int64
 +	HeadSha    string
 +	AppSlug    string
 +	Status     CheckStatus
 +	Conclusion NullCheckConclusion
 +	CreatedAt  pgtype.Timestamptz
 +	UpdatedAt  pgtype.Timestamptz
 +}
++
 +type CodeSearchContent struct {
 +	RepoID      int64
 +	RefName     string
 +	Path        string
 +	ContentTsv  interface{}
 +	ContentTrgm string
 +}
++
 +type CodeSearchPath struct {
 +	RepoID  int64
 +	RefName string
 +	Path    string
 +	Tsv     interface{}
 +}
++
 +type DomainEvent struct {
 +	ID          int64
 +	ActorUserID pgtype.Int8
 +	Kind        string
 +	RepoID      pgtype.Int8
 +	SourceKind  string
 +	SourceID    int64
 +	Public      bool
 +	Payload     []byte
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type DomainEventsProcessed struct {
 +	Consumer    string
 +	LastEventID int64
 +	UpdatedAt   pgtype.Timestamptz
 +}
++
 +type EmailVerification struct {
 +	ID          int64
 +	UserEmailID int64
 +	TokenHash   []byte
 +	ExpiresAt   pgtype.Timestamptz
 +	UsedAt      pgtype.Timestamptz
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type Issue struct {
 +	ID                int64
 +	RepoID            int64
 +	Number            int64
 +	Kind              IssueKind
 +	Title             string
 +	Body              string
 +	BodyHtmlCached    pgtype.Text
 +	MdPipelineVersion int32
 +	AuthorUserID      pgtype.Int8
 +	State             IssueState
 +	StateReason       NullIssueStateReason
 +	Locked            bool
 +	LockReason        pgtype.Text
 +	MilestoneID       pgtype.Int8
 +	CreatedAt         pgtype.Timestamptz
 +	UpdatedAt         pgtype.Timestamptz
 +	EditedAt          pgtype.Timestamptz
 +	ClosedAt          pgtype.Timestamptz
 +	ClosedByUserID    pgtype.Int8
 +}
++
 +type IssueAssignee struct {
 +	IssueID          int64
 +	UserID           int64
 +	AssignedAt       pgtype.Timestamptz
 +	AssignedByUserID pgtype.Int8
 +}
++
 +type IssueComment struct {
 +	ID                int64
 +	IssueID           int64
 +	AuthorUserID      pgtype.Int8
 +	Body              string
 +	BodyHtmlCached    pgtype.Text
 +	MdPipelineVersion int32
 +	CreatedAt         pgtype.Timestamptz
 +	UpdatedAt         pgtype.Timestamptz
 +	EditedAt          pgtype.Timestamptz
 +}
++
 +type IssueEvent struct {
 +	ID          int64
 +	IssueID     int64
 +	ActorUserID pgtype.Int8
 +	Kind        string
 +	Meta        []byte
 +	RefTargetID pgtype.Int8
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type IssueLabel struct {
 +	IssueID         int64
 +	LabelID         int64
 +	AppliedAt       pgtype.Timestamptz
 +	AppliedByUserID pgtype.Int8
 +}
++
 +type IssueReference struct {
 +	ID             int64
 +	SourceIssueID  pgtype.Int8
 +	TargetIssueID  int64
 +	SourceKind     IssueRefSource
 +	SourceObjectID pgtype.Int8
 +	CreatedAt      pgtype.Timestamptz
 +}
++
 +type IssuesSearch struct {
 +	IssueID      int64
 +	RepoID       int64
 +	Kind         IssueKind
 +	State        IssueState
 +	AuthorUserID pgtype.Int8
 +	Tsv          interface{}
 +}
++
 +type Job struct {
 +	ID          int64
 +	Kind        string
 +	Payload     []byte
 +	RunAt       pgtype.Timestamptz
 +	Attempts    int32
 +	MaxAttempts int32
 +	LastError   pgtype.Text
 +	LockedBy    pgtype.Text
 +	LockedAt    pgtype.Timestamptz
 +	CompletedAt pgtype.Timestamptz
 +	FailedAt    pgtype.Timestamptz
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type Label struct {
 +	ID          int64
 +	RepoID      int64
 +	Name        string
 +	Color       string
 +	Description string
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type Meta struct {
 +	Key       string
 +	Value     []byte
 +	UpdatedAt pgtype.Timestamptz
 +}
++
 +type Milestone struct {
 +	ID          int64
 +	RepoID      int64
 +	Title       string
 +	Description string
 +	State       MilestoneState
 +	DueOn       pgtype.Timestamptz
 +	CreatedAt   pgtype.Timestamptz
 +	ClosedAt    pgtype.Timestamptz
 +}
++
 +type Notification struct {
 +	ID              int64
 +	RecipientUserID int64
 +	Kind            string
 +	Reason          string
 +	RepoID          pgtype.Int8
 +	ThreadKind      NullNotificationThreadKind
 +	ThreadID        pgtype.Int8
 +	SourceEventID   pgtype.Int8
 +	Unread          bool
 +	LastEventAt     pgtype.Timestamptz
 +	LastActorUserID pgtype.Int8
 +	Summary         []byte
 +	CreatedAt       pgtype.Timestamptz
 +	UpdatedAt       pgtype.Timestamptz
 +}
++
 +type NotificationEmailLog struct {
 +	ID              int64
 +	RecipientUserID int64
 +	NotificationID  pgtype.Int8
 +	ThreadKind      NullNotificationThreadKind
 +	ThreadID        pgtype.Int8
 +	SentAt          pgtype.Timestamptz
 +	MessageID       pgtype.Text
 +}
++
 +type NotificationThread struct {
 +	RecipientUserID int64
 +	ThreadKind      NotificationThreadKind
 +	ThreadID        int64
 +	Subscribed      bool
 +	Reason          string
 +	UpdatedAt       pgtype.Timestamptz
 +}
++
 +type Org struct {
 +	ID                    int64
 +	Slug                  string
 +	DisplayName           string
 +	Description           string
 +	AvatarObjectKey       pgtype.Text
 +	Location              string
 +	Website               string
 +	BillingEmail          string
 +	Plan                  OrgPlan
 +	AllowMemberRepoCreate bool
 +	CreatedByUserID       pgtype.Int8
 +	SuspendedAt           pgtype.Timestamptz
 +	SuspendedReason       pgtype.Text
 +	DeletedAt             pgtype.Timestamptz
 +	CreatedAt             pgtype.Timestamptz
 +	UpdatedAt             pgtype.Timestamptz
 +}
++
 +type OrgInvitation struct {
 +	ID              int64
 +	OrgID           int64
 +	InvitedByUserID pgtype.Int8
 +	TargetUserID    pgtype.Int8
 +	TargetEmail     pgtype.Text
 +	Role            OrgRole
 +	TokenHash       []byte
 +	ExpiresAt       pgtype.Timestamptz
 +	AcceptedAt      pgtype.Timestamptz
 +	DeclinedAt      pgtype.Timestamptz
 +	CanceledAt      pgtype.Timestamptz
 +	CreatedAt       pgtype.Timestamptz
 +}
++
 +type OrgMember struct {
 +	OrgID           int64
 +	UserID          int64
 +	Role            OrgRole
 +	InvitedByUserID pgtype.Int8
 +	JoinedAt        pgtype.Timestamptz
 +}
++
 +type PasswordReset struct {
 +	ID        int64
 +	UserID    int64
 +	TokenHash []byte
 +	ExpiresAt pgtype.Timestamptz
 +	UsedAt    pgtype.Timestamptz
 +	CreatedAt pgtype.Timestamptz
 +}
++
 +type PrReview struct {
 +	ID                int64
 +	PrIssueID         int64
 +	AuthorUserID      pgtype.Int8
 +	State             PrReviewState
 +	Body              string
 +	BodyHtmlCached    pgtype.Text
 +	SubmittedAt       pgtype.Timestamptz
 +	DismissedAt       pgtype.Timestamptz
 +	DismissedByUserID pgtype.Int8
 +	DismissalReason   string
 +}
++
 +type PrReviewComment struct {
 +	ID                int64
 +	PrIssueID         int64
 +	ReviewID          pgtype.Int8
 +	AuthorUserID      pgtype.Int8
 +	FilePath          string
 +	Side              PrReviewSide
 +	OriginalCommitSha string
 +	OriginalLine      int32
 +	OriginalPosition  int32
 +	CurrentPosition   pgtype.Int4
 +	Body              string
 +	BodyHtmlCached    pgtype.Text
 +	InReplyToID       pgtype.Int8
 +	Pending           bool
 +	ResolvedAt        pgtype.Timestamptz
 +	ResolvedByUserID  pgtype.Int8
 +	CreatedAt         pgtype.Timestamptz
 +	UpdatedAt         pgtype.Timestamptz
 +	EditedAt          pgtype.Timestamptz
 +}
++
 +type PrReviewRequest struct {
 +	ID                  int64
 +	PrIssueID           int64
 +	RequestedUserID     pgtype.Int8
 +	RequestedTeamID     pgtype.Int8
 +	RequestedByUserID   pgtype.Int8
 +	RequestedAt         pgtype.Timestamptz
 +	DismissedAt         pgtype.Timestamptz
 +	SatisfiedByReviewID pgtype.Int8
 +}
++
 +type Principal struct {
 +	Slug string
 +	Kind PrincipalKind
 +	ID   int64
 +}
++
 +type PullRequest struct {
 +	IssueID            int64
 +	BaseRef            string
 +	HeadRef            string
 +	HeadRepoID         int64
 +	BaseOid            string
 +	HeadOid            string
 +	Draft              bool
 +	Mergeable          pgtype.Bool
 +	MergeableState     PrMergeableState
 +	MergeCommitSha     pgtype.Text
 +	MergedAt           pgtype.Timestamptz
 +	MergedByUserID     pgtype.Int8
 +	MergeMethod        NullPrMergeMethod
 +	BaseOidAtMerge     pgtype.Text
 +	HeadOidAtMerge     pgtype.Text
 +	LastSynchronizedAt pgtype.Timestamptz
 +}
++
 +type PullRequestCommit struct {
 +	PrID           int64
 +	Sha            string
 +	Position       int32
 +	AuthorName     string
 +	AuthorEmail    string
 +	CommitterName  string
 +	CommitterEmail string
 +	Subject        string
 +	Body           string
 +	AuthoredAt     pgtype.Timestamptz
 +	CommittedAt    pgtype.Timestamptz
 +}
++
 +type PullRequestFile struct {
 +	PrID      int64
 +	Path      string
 +	Status    PrFileStatus
 +	OldPath   pgtype.Text
 +	Additions int32
 +	Deletions int32
 +	Changes   int32
 +}
++
 +type PushEvent struct {
 +	ID           int64
 +	RepoID       int64
 +	PusherUserID pgtype.Int8
 +	BeforeSha    string
 +	AfterSha     string
 +	Ref          string
 +	Protocol     string
 +	RequestID    string
 +	ProcessedAt  pgtype.Timestamptz
 +	CreatedAt    pgtype.Timestamptz
 +}
++
 +type Repo struct {
 +	ID                 int64
 +	OwnerUserID        pgtype.Int8
 +	OwnerOrgID         pgtype.Int8
 +	Name               string
 +	Description        string
 +	Visibility         RepoVisibility
 +	DefaultBranch      string
 +	IsArchived         bool
 +	ArchivedAt         pgtype.Timestamptz
 +	DeletedAt          pgtype.Timestamptz
 +	DiskUsedBytes      int64
 +	ForkOfRepoID       pgtype.Int8
 +	LicenseKey         pgtype.Text
 +	PrimaryLanguage    pgtype.Text
 +	HasIssues          bool
 +	HasPulls           bool
 +	CreatedAt          pgtype.Timestamptz
 +	UpdatedAt          pgtype.Timestamptz
 +	DefaultBranchOid   pgtype.Text
 +	AllowSquashMerge   bool
 +	AllowRebaseMerge   bool
 +	AllowMergeCommit   bool
 +	DefaultMergeMethod PrMergeMethod
 +	StarCount          int64
 +	WatcherCount       int64
 +	ForkCount          int64
 +	InitStatus         RepoInitStatus
 +	LastIndexedOid     pgtype.Text
 +}
++
 +type RepoCollaborator struct {
 +	RepoID        int64
 +	UserID        int64
 +	Role          CollabRole
 +	AddedAt       pgtype.Timestamptz
 +	AddedByUserID pgtype.Int8
 +}
++
 +type RepoIssueCounter struct {
 +	RepoID     int64
 +	NextNumber int64
 +}
++
 +type RepoRedirect struct {
 +	OldOwnerUserID pgtype.Int8
 +	OldOwnerOrgID  pgtype.Int8
 +	OldName        string
 +	RepoID         int64
 +	RedirectedAt   pgtype.Timestamptz
 +}
++
 +type RepoTopic struct {
 +	RepoID    int64
 +	Topic     string
 +	CreatedAt pgtype.Timestamptz
 +}
++
 +type RepoTransferRequest struct {
 +	ID              int64
 +	RepoID          int64
 +	FromUserID      int64
 +	ToPrincipalKind TransferPrincipalKind
 +	ToPrincipalID   int64
 +	CreatedBy       int64
 +	CreatedAt       pgtype.Timestamptz
 +	ExpiresAt       pgtype.Timestamptz
 +	Status          TransferStatus
 +	AcceptedAt      pgtype.Timestamptz
 +	DeclinedAt      pgtype.Timestamptz
 +	CanceledAt      pgtype.Timestamptz
 +}
++
 +type ReposSearch struct {
 +	RepoID int64
 +	Tsv    interface{}
 +}
++
 +type Star struct {
 +	UserID    int64
 +	RepoID    int64
 +	StarredAt pgtype.Timestamptz
 +}
++
 +type Team struct {
 +	ID              int64
 +	OrgID           int64
 +	Slug            string
 +	DisplayName     string
 +	Description     string
 +	ParentTeamID    pgtype.Int8
 +	Privacy         TeamPrivacy
 +	CreatedByUserID pgtype.Int8
 +	CreatedAt       pgtype.Timestamptz
 +	UpdatedAt       pgtype.Timestamptz
 +}
++
 +type TeamMember struct {
 +	TeamID        int64
 +	UserID        int64
 +	Role          TeamRole
 +	AddedByUserID pgtype.Int8
 +	AddedAt       pgtype.Timestamptz
 +}
++
 +type TeamRepoAccess struct {
 +	TeamID        int64
 +	RepoID        int64
 +	Role          TeamRepoRole
 +	AddedByUserID pgtype.Int8
 +	AddedAt       pgtype.Timestamptz
 +}
++
 +type User struct {
 +	ID                int64
 +	Username          string
 +	DisplayName       string
 +	PrimaryEmailID    pgtype.Int8
 +	PasswordHash      string
 +	PasswordAlgo      string
 +	PasswordUpdatedAt pgtype.Timestamptz
 +	EmailVerified     bool
 +	LastLoginAt       pgtype.Timestamptz
 +	SuspendedAt       pgtype.Timestamptz
 +	SuspendedReason   pgtype.Text
 +	DeletedAt         pgtype.Timestamptz
 +	CreatedAt         pgtype.Timestamptz
 +	UpdatedAt         pgtype.Timestamptz
 +	Bio               string
 +	Location          string
 +	Website           string
 +	Company           string
 +	Pronouns          string
 +	AvatarObjectKey   pgtype.Text
 +	Theme             string
 +	SessionEpoch      int32
 +}
++
 +type UserEmail struct {
 +	ID                    int64
 +	UserID                int64
 +	Email                 string
 +	IsPrimary             bool
 +	Verified              bool
 +	VerificationTokenHash []byte
 +	VerificationSentAt    pgtype.Timestamptz
 +	VerifiedAt            pgtype.Timestamptz
 +	CreatedAt             pgtype.Timestamptz
 +}
++
 +type UserNotificationPref struct {
 +	UserID    int64
 +	Key       string
 +	Value     []byte
 +	UpdatedAt pgtype.Timestamptz
 +}
++
 +type UserRecoveryCode struct {
 +	ID          int64
 +	UserID      int64
 +	CodeHash    []byte
 +	UsedAt      pgtype.Timestamptz
 +	GeneratedAt pgtype.Timestamptz
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type UserSshKey struct {
 +	ID                int64
 +	UserID            int64
 +	Title             string
 +	FingerprintSha256 string
 +	KeyType           string
 +	KeyBits           int32
 +	PublicKey         string
 +	LastUsedAt        pgtype.Timestamptz
 +	LastUsedIp        *netip.Addr
 +	CreatedAt         pgtype.Timestamptz
 +}
++
 +type UserToken struct {
 +	ID          int64
 +	UserID      int64
 +	Name        string
 +	TokenHash   []byte
 +	TokenPrefix string
 +	Scopes      []string
 +	ExpiresAt   pgtype.Timestamptz
 +	LastUsedAt  pgtype.Timestamptz
 +	LastUsedIp  *netip.Addr
 +	RevokedAt   pgtype.Timestamptz
 +	CreatedAt   pgtype.Timestamptz
 +}
++
 +type UserTotp struct {
 +	ID              int64
 +	UserID          int64
 +	SecretEncrypted []byte
 +	SecretNonce     []byte
 +	ConfirmedAt     pgtype.Timestamptz
 +	LastUsedCounter int64
 +	CreatedAt       pgtype.Timestamptz
 +	UpdatedAt       pgtype.Timestamptz
 +}
++
 +type UsernameRedirect struct {
 +	OldUsername string
 +	UserID      int64
 +	ChangedAt   pgtype.Timestamptz
 +}
++
 +type UsersSearch struct {
 +	UserID int64
 +	Tsv    interface{}
 +}
++
 +type Watch struct {
 +	UserID    int64
 +	RepoID    int64
 +	Level     WatchLevel
 +	UpdatedAt pgtype.Timestamptz
 +}
++
 +type Webhook struct {
 +	ID                   int64
 +	OwnerKind            WebhookOwnerKind
 +	OwnerID              int64
 +	Url                  string
 +	ContentType          WebhookContentType
 +	Events               []string
 +	SecretCiphertext     []byte
 +	SecretNonce          []byte
 +	Active               bool
 +	SslVerification      bool
 +	ConsecutiveFailures  int32
 +	AutoDisableThreshold int32
 +	DisabledAt           pgtype.Timestamptz
 +	DisabledReason       pgtype.Text
 +	LastSuccessAt        pgtype.Timestamptz
 +	LastFailureAt        pgtype.Timestamptz
 +	CreatedByUserID      pgtype.Int8
 +	CreatedAt            pgtype.Timestamptz
 +	UpdatedAt            pgtype.Timestamptz
 +}
++
 +type WebhookDelivery struct {
 +	ID                int64
 +	WebhookID         int64
 +	EventKind         string
 +	EventID           pgtype.Int8
 +	DeliveryUuid      pgtype.UUID
 +	Payload           []byte
 +	RequestHeaders    []byte
 +	RequestBody       []byte
 +	ResponseStatus    pgtype.Int4
 +	ResponseHeaders   []byte
 +	ResponseBody      []byte
 +	ResponseTruncated bool
 +	StartedAt         pgtype.Timestamptz
 +	CompletedAt       pgtype.Timestamptz
 +	Attempt           int32
 +	MaxAttempts       int32
 +	NextRetryAt       pgtype.Timestamptz
 +	Status            WebhookDeliveryStatus
 +	IdempotencyKey    string
 +	ErrorSummary      pgtype.Text
 +	RedeliverOf       pgtype.Int8
 +}
++
 +type WebhookEventsPending struct {
 +	ID        int64
 +	RepoID    int64
 +	EventKind string
 +	Payload   []byte
 +	CreatedAt pgtype.Timestamptz
 +}

internal/webhook/sqlc/querier.goadded

 +// Code generated by sqlc. DO NOT EDIT.
 +// versions:
 +//   sqlc v1.31.1
++
 +package webhookdb
++
 +import (
 +	"context"
++
 +	"github.com/jackc/pgx/v5/pgtype"
 +)
++
 +type Querier interface {
 +	AutoDisableWebhook(ctx context.Context, db DBTX, arg AutoDisableWebhookParams) error
 +	// Hot-path for the deliver worker: picks up to $1 rows that are
 +	// pending or in retry-ready state, FOR UPDATE SKIP LOCKED so concurrent
 +	// workers don't double-send. The deliverer marks the row 'pending'
 +	// with a far-future next_retry_at while it works on it (defense
 +	// against re-claim during a long HTTP timeout).
 +	ClaimDueDeliveries(ctx context.Context, db DBTX, limit int32) ([]int64, error)
 +	CreateDelivery(ctx context.Context, db DBTX, arg CreateDeliveryParams) (WebhookDelivery, error)
 +	// SPDX-License-Identifier: AGPL-3.0-or-later
 +	//
 +	// Query surface for the webhook package. Naming mirrors the verb the
 +	// caller uses; visibility / ownership filters are applied by the
 +	// handler layer (the queries are deliberately narrow on key columns).
 +	CreateWebhook(ctx context.Context, db DBTX, arg CreateWebhookParams) (Webhook, error)
 +	DeleteWebhook(ctx context.Context, db DBTX, id int64) error
 +	GetDeliveryByID(ctx context.Context, db DBTX, id int64) (WebhookDelivery, error)
 +	// Resolve a repo's owner so the fanout knows which webhooks to fire.
 +	// Returns owner_kind 'user' or 'org' so the matcher knows what bucket
 +	// to look in. (We use 'user' as a literal string here; the webhook
 +	// machinery itself only stores 'repo'/'org' as owners — repo-owned
 +	// webhooks attach to the repo regardless of who owns the repo.)
 +	GetRepoOwnerKindForFanout(ctx context.Context, db DBTX, id int64) (GetRepoOwnerKindForFanoutRow, error)
 +	GetWebhookByID(ctx context.Context, db DBTX, id int64) (Webhook, error)
 +	// SPDX-License-Identifier: AGPL-3.0-or-later
 +	//
 +	// Webhook fanout reads the same domain_events / cursor surface that
 +	// notifications do — but with its own consumer row so progress
 +	// doesn't collide with notify_fanout.
 +	GetWebhookCursor(ctx context.Context, db DBTX, consumer string) (DomainEventsProcessed, error)
 +	// Used by fanout to find subscribers for an event.
 +	ListActiveWebhooksForOwner(ctx context.Context, db DBTX, arg ListActiveWebhooksForOwnerParams) ([]Webhook, error)
 +	ListDeliveriesForWebhook(ctx context.Context, db DBTX, arg ListDeliveriesForWebhookParams) ([]ListDeliveriesForWebhookRow, error)
 +	ListUnprocessedDomainEvents(ctx context.Context, db DBTX, arg ListUnprocessedDomainEventsParams) ([]DomainEvent, error)
 +	ListWebhooksForOwner(ctx context.Context, db DBTX, arg ListWebhooksForOwnerParams) ([]Webhook, error)
 +	MarkDeliveryPermanentFailure(ctx context.Context, db DBTX, arg MarkDeliveryPermanentFailureParams) error
 +	MarkDeliveryRetry(ctx context.Context, db DBTX, arg MarkDeliveryRetryParams) error
 +	MarkDeliverySucceeded(ctx context.Context, db DBTX, arg MarkDeliverySucceededParams) error
 +	// Cron: drops terminal deliveries older than the retention window.
 +	// pending/failed_retry rows are left alone so an in-flight retry isn't
 +	// aborted out from under the worker.
 +	PurgeOldDeliveries(ctx context.Context, db DBTX, retention pgtype.Interval) (int64, error)
 +	// Increments the failure counter and reports the new value so the
 +	// caller can decide whether to auto-disable.
 +	RecordWebhookFailure(ctx context.Context, db DBTX, id int64) (RecordWebhookFailureRow, error)
 +	RecordWebhookSuccess(ctx context.Context, db DBTX, id int64) error
 +	// Re-enables a previously auto-disabled webhook (UI affordance).
 +	// Resets the failure counter and clears disabled_at/reason.
 +	SetWebhookActive(ctx context.Context, db DBTX, arg SetWebhookActiveParams) error
 +	SetWebhookCursor(ctx context.Context, db DBTX, arg SetWebhookCursorParams) error
 +	UpdateWebhook(ctx context.Context, db DBTX, arg UpdateWebhookParams) error
 +	UpdateWebhookSecret(ctx context.Context, db DBTX, arg UpdateWebhookSecretParams) error
 +}
++
 +var _ Querier = (*Queries)(nil)

internal/webhook/sqlc/webhooks.sql.goadded

 +// Code generated by sqlc. DO NOT EDIT.
 +// versions:
 +//   sqlc v1.31.1
 +// source: webhooks.sql
++
 +package webhookdb
++
 +import (
 +	"context"
++
 +	"github.com/jackc/pgx/v5/pgtype"
 +)
++
 +const autoDisableWebhook = `-- name: AutoDisableWebhook :exec
 +UPDATE webhooks
 +   SET disabled_at     = now(),
 +       disabled_reason = $2,
 +       updated_at      = now()
 + WHERE id = $1
 +`
++
 +type AutoDisableWebhookParams struct {
 +	ID             int64
 +	DisabledReason pgtype.Text
 +}
++
 +func (q *Queries) AutoDisableWebhook(ctx context.Context, db DBTX, arg AutoDisableWebhookParams) error {
 +	_, err := db.Exec(ctx, autoDisableWebhook, arg.ID, arg.DisabledReason)
 +	return err
 +}
++
 +const claimDueDeliveries = `-- name: ClaimDueDeliveries :many
 +SELECT id FROM webhook_deliveries
 +WHERE status IN ('pending', 'failed_retry')
 +  AND (next_retry_at IS NULL OR next_retry_at <= now())
 +ORDER BY next_retry_at NULLS FIRST, id
 +LIMIT $1
 +FOR UPDATE SKIP LOCKED
 +`
++
 +// Hot-path for the deliver worker: picks up to $1 rows that are
 +// pending or in retry-ready state, FOR UPDATE SKIP LOCKED so concurrent
 +// workers don't double-send. The deliverer marks the row 'pending'
 +// with a far-future next_retry_at while it works on it (defense
 +// against re-claim during a long HTTP timeout).
 +func (q *Queries) ClaimDueDeliveries(ctx context.Context, db DBTX, limit int32) ([]int64, error) {
 +	rows, err := db.Query(ctx, claimDueDeliveries, limit)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []int64{}
 +	for rows.Next() {
 +		var id int64
 +		if err := rows.Scan(&id); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, id)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
 +const createDelivery = `-- name: CreateDelivery :one
 +INSERT INTO webhook_deliveries (
 +    webhook_id, event_kind, event_id, payload, request_headers,
 +    request_body, attempt, max_attempts, next_retry_at, status,
 +    idempotency_key, redeliver_of
 +) VALUES (
 +    $1, $2, $3::bigint,
 +    $4, $5, $6,
 +    $7, $8, $9::timestamptz,
 +    $10, $11, $12::bigint
 +)
 +RETURNING id, webhook_id, event_kind, event_id, delivery_uuid, payload, request_headers, request_body, response_status, response_headers, response_body, response_truncated, started_at, completed_at, attempt, max_attempts, next_retry_at, status, idempotency_key, error_summary, redeliver_of
 +`
++
 +type CreateDeliveryParams struct {
 +	WebhookID      int64
 +	EventKind      string
 +	EventID        pgtype.Int8
 +	Payload        []byte
 +	RequestHeaders []byte
 +	RequestBody    []byte
 +	Attempt        int32
 +	MaxAttempts    int32
 +	NextRetryAt    pgtype.Timestamptz
 +	Status         WebhookDeliveryStatus
 +	IdempotencyKey string
 +	RedeliverOf    pgtype.Int8
 +}
++
 +func (q *Queries) CreateDelivery(ctx context.Context, db DBTX, arg CreateDeliveryParams) (WebhookDelivery, error) {
 +	row := db.QueryRow(ctx, createDelivery,
 +		arg.WebhookID,
 +		arg.EventKind,
 +		arg.EventID,
 +		arg.Payload,
 +		arg.RequestHeaders,
 +		arg.RequestBody,
 +		arg.Attempt,
 +		arg.MaxAttempts,
 +		arg.NextRetryAt,
 +		arg.Status,
 +		arg.IdempotencyKey,
 +		arg.RedeliverOf,
 +	)
 +	var i WebhookDelivery
 +	err := row.Scan(
 +		&i.ID,
 +		&i.WebhookID,
 +		&i.EventKind,
 +		&i.EventID,
 +		&i.DeliveryUuid,
 +		&i.Payload,
 +		&i.RequestHeaders,
 +		&i.RequestBody,
 +		&i.ResponseStatus,
 +		&i.ResponseHeaders,
 +		&i.ResponseBody,
 +		&i.ResponseTruncated,
 +		&i.StartedAt,
 +		&i.CompletedAt,
 +		&i.Attempt,
 +		&i.MaxAttempts,
 +		&i.NextRetryAt,
 +		&i.Status,
 +		&i.IdempotencyKey,
 +		&i.ErrorSummary,
 +		&i.RedeliverOf,
 +	)
 +	return i, err
 +}
++
 +const createWebhook = `-- name: CreateWebhook :one
++
 +INSERT INTO webhooks (
 +    owner_kind, owner_id, url, content_type, events,
 +    secret_ciphertext, secret_nonce, active, ssl_verification,
 +    auto_disable_threshold, created_by_user_id
 +) VALUES (
 +    $1, $2, $3,
 +    $4, $5,
 +    $6, $7,
 +    $8, $9,
 +    $10,
 +    $11::bigint
 +)
 +RETURNING id, owner_kind, owner_id, url, content_type, events, secret_ciphertext, secret_nonce, active, ssl_verification, consecutive_failures, auto_disable_threshold, disabled_at, disabled_reason, last_success_at, last_failure_at, created_by_user_id, created_at, updated_at
 +`
++
 +type CreateWebhookParams struct {
 +	OwnerKind            WebhookOwnerKind
 +	OwnerID              int64
 +	Url                  string
 +	ContentType          WebhookContentType
 +	Events               []string
 +	SecretCiphertext     []byte
 +	SecretNonce          []byte
 +	Active               bool
 +	SslVerification      bool
 +	AutoDisableThreshold int32
 +	CreatedByUserID      pgtype.Int8
 +}
++
 +// SPDX-License-Identifier: AGPL-3.0-or-later
 +//
 +// Query surface for the webhook package. Naming mirrors the verb the
 +// caller uses; visibility / ownership filters are applied by the
 +// handler layer (the queries are deliberately narrow on key columns).
 +func (q *Queries) CreateWebhook(ctx context.Context, db DBTX, arg CreateWebhookParams) (Webhook, error) {
 +	row := db.QueryRow(ctx, createWebhook,
 +		arg.OwnerKind,
 +		arg.OwnerID,
 +		arg.Url,
 +		arg.ContentType,
 +		arg.Events,
 +		arg.SecretCiphertext,
 +		arg.SecretNonce,
 +		arg.Active,
 +		arg.SslVerification,
 +		arg.AutoDisableThreshold,
 +		arg.CreatedByUserID,
 +	)
 +	var i Webhook
 +	err := row.Scan(
 +		&i.ID,
 +		&i.OwnerKind,
 +		&i.OwnerID,
 +		&i.Url,
 +		&i.ContentType,
 +		&i.Events,
 +		&i.SecretCiphertext,
 +		&i.SecretNonce,
 +		&i.Active,
 +		&i.SslVerification,
 +		&i.ConsecutiveFailures,
 +		&i.AutoDisableThreshold,
 +		&i.DisabledAt,
 +		&i.DisabledReason,
 +		&i.LastSuccessAt,
 +		&i.LastFailureAt,
 +		&i.CreatedByUserID,
 +		&i.CreatedAt,
 +		&i.UpdatedAt,
 +	)
 +	return i, err
 +}
++
 +const deleteWebhook = `-- name: DeleteWebhook :exec
 +DELETE FROM webhooks WHERE id = $1
 +`
++
 +func (q *Queries) DeleteWebhook(ctx context.Context, db DBTX, id int64) error {
 +	_, err := db.Exec(ctx, deleteWebhook, id)
 +	return err
 +}
++
 +const getDeliveryByID = `-- name: GetDeliveryByID :one
 +SELECT id, webhook_id, event_kind, event_id, delivery_uuid, payload, request_headers, request_body, response_status, response_headers, response_body, response_truncated, started_at, completed_at, attempt, max_attempts, next_retry_at, status, idempotency_key, error_summary, redeliver_of FROM webhook_deliveries WHERE id = $1
 +`
++
 +func (q *Queries) GetDeliveryByID(ctx context.Context, db DBTX, id int64) (WebhookDelivery, error) {
 +	row := db.QueryRow(ctx, getDeliveryByID, id)
 +	var i WebhookDelivery
 +	err := row.Scan(
 +		&i.ID,
 +		&i.WebhookID,
 +		&i.EventKind,
 +		&i.EventID,
 +		&i.DeliveryUuid,
 +		&i.Payload,
 +		&i.RequestHeaders,
 +		&i.RequestBody,
 +		&i.ResponseStatus,
 +		&i.ResponseHeaders,
 +		&i.ResponseBody,
 +		&i.ResponseTruncated,
 +		&i.StartedAt,
 +		&i.CompletedAt,
 +		&i.Attempt,
 +		&i.MaxAttempts,
 +		&i.NextRetryAt,
 +		&i.Status,
 +		&i.IdempotencyKey,
 +		&i.ErrorSummary,
 +		&i.RedeliverOf,
 +	)
 +	return i, err
 +}
++
 +const getWebhookByID = `-- name: GetWebhookByID :one
 +SELECT id, owner_kind, owner_id, url, content_type, events, secret_ciphertext, secret_nonce, active, ssl_verification, consecutive_failures, auto_disable_threshold, disabled_at, disabled_reason, last_success_at, last_failure_at, created_by_user_id, created_at, updated_at FROM webhooks WHERE id = $1
 +`
++
 +func (q *Queries) GetWebhookByID(ctx context.Context, db DBTX, id int64) (Webhook, error) {
 +	row := db.QueryRow(ctx, getWebhookByID, id)
 +	var i Webhook
 +	err := row.Scan(
 +		&i.ID,
 +		&i.OwnerKind,
 +		&i.OwnerID,
 +		&i.Url,
 +		&i.ContentType,
 +		&i.Events,
 +		&i.SecretCiphertext,
 +		&i.SecretNonce,
 +		&i.Active,
 +		&i.SslVerification,
 +		&i.ConsecutiveFailures,
 +		&i.AutoDisableThreshold,
 +		&i.DisabledAt,
 +		&i.DisabledReason,
 +		&i.LastSuccessAt,
 +		&i.LastFailureAt,
 +		&i.CreatedByUserID,
 +		&i.CreatedAt,
 +		&i.UpdatedAt,
 +	)
 +	return i, err
 +}
++
 +const listActiveWebhooksForOwner = `-- name: ListActiveWebhooksForOwner :many
 +SELECT id, owner_kind, owner_id, url, content_type, events, secret_ciphertext, secret_nonce, active, ssl_verification, consecutive_failures, auto_disable_threshold, disabled_at, disabled_reason, last_success_at, last_failure_at, created_by_user_id, created_at, updated_at FROM webhooks
 +WHERE owner_kind = $1 AND owner_id = $2
 +  AND active = true AND disabled_at IS NULL
 +`
++
 +type ListActiveWebhooksForOwnerParams struct {
 +	OwnerKind WebhookOwnerKind
 +	OwnerID   int64
 +}
++
 +// Used by fanout to find subscribers for an event.
 +func (q *Queries) ListActiveWebhooksForOwner(ctx context.Context, db DBTX, arg ListActiveWebhooksForOwnerParams) ([]Webhook, error) {
 +	rows, err := db.Query(ctx, listActiveWebhooksForOwner, arg.OwnerKind, arg.OwnerID)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []Webhook{}
 +	for rows.Next() {
 +		var i Webhook
 +		if err := rows.Scan(
 +			&i.ID,
 +			&i.OwnerKind,
 +			&i.OwnerID,
 +			&i.Url,
 +			&i.ContentType,
 +			&i.Events,
 +			&i.SecretCiphertext,
 +			&i.SecretNonce,
 +			&i.Active,
 +			&i.SslVerification,
 +			&i.ConsecutiveFailures,
 +			&i.AutoDisableThreshold,
 +			&i.DisabledAt,
 +			&i.DisabledReason,
 +			&i.LastSuccessAt,
 +			&i.LastFailureAt,
 +			&i.CreatedByUserID,
 +			&i.CreatedAt,
 +			&i.UpdatedAt,
 +		); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, i)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
 +const listDeliveriesForWebhook = `-- name: ListDeliveriesForWebhook :many
 +SELECT id, webhook_id, event_kind, event_id, delivery_uuid, response_status,
 +       response_truncated, started_at, completed_at, attempt, max_attempts,
 +       next_retry_at, status, error_summary, redeliver_of
 +FROM webhook_deliveries
 +WHERE webhook_id = $1
 +ORDER BY started_at DESC
 +LIMIT $2
 +`
++
 +type ListDeliveriesForWebhookParams struct {
 +	WebhookID int64
 +	Limit     int32
 +}
++
 +type ListDeliveriesForWebhookRow struct {
 +	ID                int64
 +	WebhookID         int64
 +	EventKind         string
 +	EventID           pgtype.Int8
 +	DeliveryUuid      pgtype.UUID
 +	ResponseStatus    pgtype.Int4
 +	ResponseTruncated bool
 +	StartedAt         pgtype.Timestamptz
 +	CompletedAt       pgtype.Timestamptz
 +	Attempt           int32
 +	MaxAttempts       int32
 +	NextRetryAt       pgtype.Timestamptz
 +	Status            WebhookDeliveryStatus
 +	ErrorSummary      pgtype.Text
 +	RedeliverOf       pgtype.Int8
 +}
++
 +func (q *Queries) ListDeliveriesForWebhook(ctx context.Context, db DBTX, arg ListDeliveriesForWebhookParams) ([]ListDeliveriesForWebhookRow, error) {
 +	rows, err := db.Query(ctx, listDeliveriesForWebhook, arg.WebhookID, arg.Limit)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []ListDeliveriesForWebhookRow{}
 +	for rows.Next() {
 +		var i ListDeliveriesForWebhookRow
 +		if err := rows.Scan(
 +			&i.ID,
 +			&i.WebhookID,
 +			&i.EventKind,
 +			&i.EventID,
 +			&i.DeliveryUuid,
 +			&i.ResponseStatus,
 +			&i.ResponseTruncated,
 +			&i.StartedAt,
 +			&i.CompletedAt,
 +			&i.Attempt,
 +			&i.MaxAttempts,
 +			&i.NextRetryAt,
 +			&i.Status,
 +			&i.ErrorSummary,
 +			&i.RedeliverOf,
 +		); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, i)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
 +const listWebhooksForOwner = `-- name: ListWebhooksForOwner :many
 +SELECT id, owner_kind, owner_id, url, content_type, events, secret_ciphertext, secret_nonce, active, ssl_verification, consecutive_failures, auto_disable_threshold, disabled_at, disabled_reason, last_success_at, last_failure_at, created_by_user_id, created_at, updated_at FROM webhooks
 +WHERE owner_kind = $1 AND owner_id = $2
 +ORDER BY created_at DESC
 +`
++
 +type ListWebhooksForOwnerParams struct {
 +	OwnerKind WebhookOwnerKind
 +	OwnerID   int64
 +}
++
 +func (q *Queries) ListWebhooksForOwner(ctx context.Context, db DBTX, arg ListWebhooksForOwnerParams) ([]Webhook, error) {
 +	rows, err := db.Query(ctx, listWebhooksForOwner, arg.OwnerKind, arg.OwnerID)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []Webhook{}
 +	for rows.Next() {
 +		var i Webhook
 +		if err := rows.Scan(
 +			&i.ID,
 +			&i.OwnerKind,
 +			&i.OwnerID,
 +			&i.Url,
 +			&i.ContentType,
 +			&i.Events,
 +			&i.SecretCiphertext,
 +			&i.SecretNonce,
 +			&i.Active,
 +			&i.SslVerification,
 +			&i.ConsecutiveFailures,
 +			&i.AutoDisableThreshold,
 +			&i.DisabledAt,
 +			&i.DisabledReason,
 +			&i.LastSuccessAt,
 +			&i.LastFailureAt,
 +			&i.CreatedByUserID,
 +			&i.CreatedAt,
 +			&i.UpdatedAt,
 +		); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, i)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
 +const markDeliveryPermanentFailure = `-- name: MarkDeliveryPermanentFailure :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'failed_permanent',
 +       response_status     = $1::int,
 +       response_headers    = $2::jsonb,
 +       response_body       = $3::bytea,
 +       response_truncated  = $4::bool,
 +       completed_at        = now(),
 +       error_summary       = $5::text
 + WHERE id = $6::bigint
 +`
++
 +type MarkDeliveryPermanentFailureParams struct {
 +	ResponseStatus    pgtype.Int4
 +	ResponseHeaders   []byte
 +	ResponseBody      []byte
 +	ResponseTruncated bool
 +	ErrorSummary      string
 +	ID                int64
 +}
++
 +func (q *Queries) MarkDeliveryPermanentFailure(ctx context.Context, db DBTX, arg MarkDeliveryPermanentFailureParams) error {
 +	_, err := db.Exec(ctx, markDeliveryPermanentFailure,
 +		arg.ResponseStatus,
 +		arg.ResponseHeaders,
 +		arg.ResponseBody,
 +		arg.ResponseTruncated,
 +		arg.ErrorSummary,
 +		arg.ID,
 +	)
 +	return err
 +}
++
 +const markDeliveryRetry = `-- name: MarkDeliveryRetry :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'failed_retry',
 +       attempt             = attempt + 1,
 +       response_status     = $1::int,
 +       response_headers    = $2::jsonb,
 +       response_body       = $3::bytea,
 +       response_truncated  = $4::bool,
 +       next_retry_at       = $5::timestamptz,
 +       error_summary       = $6::text
 + WHERE id = $7::bigint
 +`
++
 +type MarkDeliveryRetryParams struct {
 +	ResponseStatus    pgtype.Int4
 +	ResponseHeaders   []byte
 +	ResponseBody      []byte
 +	ResponseTruncated bool
 +	NextRetryAt       pgtype.Timestamptz
 +	ErrorSummary      string
 +	ID                int64
 +}
++
 +func (q *Queries) MarkDeliveryRetry(ctx context.Context, db DBTX, arg MarkDeliveryRetryParams) error {
 +	_, err := db.Exec(ctx, markDeliveryRetry,
 +		arg.ResponseStatus,
 +		arg.ResponseHeaders,
 +		arg.ResponseBody,
 +		arg.ResponseTruncated,
 +		arg.NextRetryAt,
 +		arg.ErrorSummary,
 +		arg.ID,
 +	)
 +	return err
 +}
++
 +const markDeliverySucceeded = `-- name: MarkDeliverySucceeded :exec
 +UPDATE webhook_deliveries
 +   SET status              = 'succeeded',
 +       response_status     = $2,
 +       response_headers    = $3,
 +       response_body       = $4,
 +       response_truncated  = $5,
 +       completed_at        = now(),
 +       error_summary       = NULL
 + WHERE id = $1
 +`
++
 +type MarkDeliverySucceededParams struct {
 +	ID                int64
 +	ResponseStatus    pgtype.Int4
 +	ResponseHeaders   []byte
 +	ResponseBody      []byte
 +	ResponseTruncated bool
 +}
++
 +func (q *Queries) MarkDeliverySucceeded(ctx context.Context, db DBTX, arg MarkDeliverySucceededParams) error {
 +	_, err := db.Exec(ctx, markDeliverySucceeded,
 +		arg.ID,
 +		arg.ResponseStatus,
 +		arg.ResponseHeaders,
 +		arg.ResponseBody,
 +		arg.ResponseTruncated,
 +	)
 +	return err
 +}
++
 +const purgeOldDeliveries = `-- name: PurgeOldDeliveries :execrows
 +DELETE FROM webhook_deliveries
 +WHERE status IN ('succeeded', 'failed_permanent')
 +  AND completed_at < now() - $1::interval
 +`
++
 +// Cron: drops terminal deliveries older than the retention window.
 +// pending/failed_retry rows are left alone so an in-flight retry isn't
 +// aborted out from under the worker.
 +func (q *Queries) PurgeOldDeliveries(ctx context.Context, db DBTX, retention pgtype.Interval) (int64, error) {
 +	result, err := db.Exec(ctx, purgeOldDeliveries, retention)
 +	if err != nil {
 +		return 0, err
 +	}
 +	return result.RowsAffected(), nil
 +}
++
 +const recordWebhookFailure = `-- name: RecordWebhookFailure :one
 +UPDATE webhooks
 +   SET consecutive_failures = consecutive_failures + 1,
 +       last_failure_at      = now(),
 +       updated_at           = now()
 + WHERE id = $1
 +RETURNING consecutive_failures, auto_disable_threshold
 +`
++
 +type RecordWebhookFailureRow struct {
 +	ConsecutiveFailures  int32
 +	AutoDisableThreshold int32
 +}
++
 +// Increments the failure counter and reports the new value so the
 +// caller can decide whether to auto-disable.
 +func (q *Queries) RecordWebhookFailure(ctx context.Context, db DBTX, id int64) (RecordWebhookFailureRow, error) {
 +	row := db.QueryRow(ctx, recordWebhookFailure, id)
 +	var i RecordWebhookFailureRow
 +	err := row.Scan(&i.ConsecutiveFailures, &i.AutoDisableThreshold)
 +	return i, err
 +}
++
 +const recordWebhookSuccess = `-- name: RecordWebhookSuccess :exec
 +UPDATE webhooks
 +   SET consecutive_failures = 0,
 +       last_success_at      = now(),
 +       updated_at           = now()
 + WHERE id = $1
 +`
++
 +func (q *Queries) RecordWebhookSuccess(ctx context.Context, db DBTX, id int64) error {
 +	_, err := db.Exec(ctx, recordWebhookSuccess, id)
 +	return err
 +}
++
 +const setWebhookActive = `-- name: SetWebhookActive :exec
 +UPDATE webhooks
 +   SET active               = $2,
 +       disabled_at          = NULL,
 +       disabled_reason      = NULL,
 +       consecutive_failures = 0,
 +       updated_at           = now()
 + WHERE id = $1
 +`
++
 +type SetWebhookActiveParams struct {
 +	ID     int64
 +	Active bool
 +}
++
 +// Re-enables a previously auto-disabled webhook (UI affordance).
 +// Resets the failure counter and clears disabled_at/reason.
 +func (q *Queries) SetWebhookActive(ctx context.Context, db DBTX, arg SetWebhookActiveParams) error {
 +	_, err := db.Exec(ctx, setWebhookActive, arg.ID, arg.Active)
 +	return err
 +}
++
 +const updateWebhook = `-- name: UpdateWebhook :exec
 +UPDATE webhooks
 +   SET url                    = $2,
 +       content_type           = $3,
 +       events                 = $4,
 +       active                 = $5,
 +       ssl_verification       = $6,
 +       auto_disable_threshold = $7,
 +       updated_at             = now()
 + WHERE id = $1
 +`
++
 +type UpdateWebhookParams struct {
 +	ID                   int64
 +	Url                  string
 +	ContentType          WebhookContentType
 +	Events               []string
 +	Active               bool
 +	SslVerification      bool
 +	AutoDisableThreshold int32
 +}
++
 +func (q *Queries) UpdateWebhook(ctx context.Context, db DBTX, arg UpdateWebhookParams) error {
 +	_, err := db.Exec(ctx, updateWebhook,
 +		arg.ID,
 +		arg.Url,
 +		arg.ContentType,
 +		arg.Events,
 +		arg.Active,
 +		arg.SslVerification,
 +		arg.AutoDisableThreshold,
 +	)
 +	return err
 +}
++
 +const updateWebhookSecret = `-- name: UpdateWebhookSecret :exec
 +UPDATE webhooks
 +   SET secret_ciphertext = $2,
 +       secret_nonce      = $3,
 +       updated_at        = now()
 + WHERE id = $1
 +`
++
 +type UpdateWebhookSecretParams struct {
 +	ID               int64
 +	SecretCiphertext []byte
 +	SecretNonce      []byte
 +}
++
 +func (q *Queries) UpdateWebhookSecret(ctx context.Context, db DBTX, arg UpdateWebhookSecretParams) error {
 +	_, err := db.Exec(ctx, updateWebhookSecret, arg.ID, arg.SecretCiphertext, arg.SecretNonce)
 +	return err
 +}

sqlc.yamlmodified

          emit_exact_table_names: false
          emit_empty_slices: true
          emit_methods_with_db_argument: true
++
 +  - engine: postgresql
 +    schema: internal/migrationsfs/migrations
 +    queries: internal/webhook/queries
 +    gen:
 +      go:
 +        package: webhookdb
 +        out: internal/webhook/sqlc
 +        sql_package: pgx/v5
 +        emit_json_tags: false
 +        emit_pointers_for_null_types: false
 +        emit_prepared_queries: false
 +        emit_interface: true
 +        emit_exact_table_names: false
 +        emit_empty_slices: true
 +        emit_methods_with_db_argument: true