From d14c790fb1be99639df69593cbaff6258d0e83c8 Mon Sep 17 00:00:00 2001
From: tudor <tudor.zaharia@gmail.com>
Date: Wed, 5 Nov 2025 13:53:18 +0100
Subject: [PATCH 1/4] cleanup

---
 src/backend/Makefile          | 4 ++--
 src/include/port/pg_pthread.h | 3 ---
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/src/backend/Makefile b/src/backend/Makefile
index 0bc6a84c3b10a..1c04efeab0099 100644
--- a/src/backend/Makefile
+++ b/src/backend/Makefile
@@ -110,8 +110,8 @@ pglite: pglite-exported-functions
 	$(CC) $(CFLAGS) $(LDFLAGS) -DPG_PREFIX=/tmp/pglite -I$(top_builddir)/src/include -I$(top_builddir)/src/ -I$(top_builddir)/src/interfaces/libpq -o pglite.o -c $(top_builddir)/$(PGLITE_MAIN) -Wno-incompatible-pointer-types-discards-qualifiers
 	$(CC) \
 	$(PGLITE_CFLAGS) \
-	-fPIC -m32 -D_FILE_OFFSET_BITS=64 -mno-bulk-memory -mnontrapping-fptoint -mno-reference-types -mno-sign-ext -mno-extended-const -mno-atomics -mno-tail-call -mno-multivalue -mno-relaxed-simd -mno-simd128 -mno-multimemory -mno-exception-handling -Wno-unused-command-line-argument -Wno-unreachable-code-fallthrough -Wno-unused-function -Wno-invalid-noreturn -Wno-declaration-after-statement -Wno-invalid-noreturn \
-	-DPYDK=1 -DPG_PREFIX=/tmp/pglite -o pglite.html \
+	-fPIC -m32 -mno-bulk-memory -mnontrapping-fptoint -mno-reference-types -mno-sign-ext -mno-extended-const -mno-atomics -mno-tail-call -mno-multivalue -mno-relaxed-simd -mno-simd128 -mno-multimemory -mno-exception-handling -Wno-unused-command-line-argument -Wno-unreachable-code-fallthrough -Wno-unused-function -Wno-invalid-noreturn -Wno-declaration-after-statement -Wno-invalid-noreturn \
+	-DPG_PREFIX=/tmp/pglite -o pglite.html \
         $(PGPRELOAD) \
         -ferror-limit=1 \
 		-sEXPORTED_FUNCTIONS=@$(emscripten_imports_dir)/exported_functions.txt \
diff --git a/src/include/port/pg_pthread.h b/src/include/port/pg_pthread.h
index 6922eb423b945..b3d4ffbf59353 100644
--- a/src/include/port/pg_pthread.h
+++ b/src/include/port/pg_pthread.h
@@ -12,9 +12,6 @@
 
 #ifndef PG_PTHREAD_H
 #define PG_PTHREAD_H
-#if defined(__wasi__)
-#define PYDK
-#endif /* __wasi__ */
 #include <pthread.h>
 
 #ifndef HAVE_PTHREAD_BARRIER_WAIT

From 1ccb2d383226687a3a326c1a09fbb092196a1d9c Mon Sep 17 00:00:00 2001
From: tudor <tudor@swisstch.com>
Date: Wed, 5 Nov 2025 14:24:42 +0100
Subject: [PATCH 2/4] initial pg_uuidv7 commit

---
 .gitmodules      | 3 +++
 pglite/pg_uuidv7 | 1 +
 2 files changed, 4 insertions(+)
 create mode 160000 pglite/pg_uuidv7

diff --git a/.gitmodules b/.gitmodules
index 94158709d174c..60cfbe40928c7 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -7,3 +7,6 @@
 [submodule "pglite/pgtap"]
 	path = pglite/pgtap
 	url = https://github.com/theory/pgtap.git
+[submodule "pglite/pg_uuidv7"]
+	path = pglite/pg_uuidv7
+	url = https://github.com/fboulnois/pg_uuidv7/
diff --git a/pglite/pg_uuidv7 b/pglite/pg_uuidv7
new file mode 160000
index 0000000000000..c707aae241118
--- /dev/null
+++ b/pglite/pg_uuidv7
@@ -0,0 +1 @@
+Subproject commit c707aae2411181be4802f5fa565b44d9c0bcbc29

From 1195d5388bd5529e0013c45fa816cfcd953d84e0 Mon Sep 17 00:00:00 2001
From: tudor <tudor@swisstch.com>
Date: Wed, 5 Nov 2025 14:51:58 +0100
Subject: [PATCH 3/4] backend pg_uuidv7 implemented

---
 pglite/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pglite/Makefile b/pglite/Makefile
index f6bc99b8e50cc..633fe686b9eba 100644
--- a/pglite/Makefile
+++ b/pglite/Makefile
@@ -6,7 +6,8 @@ include $(top_builddir)/src/Makefile.global
 SUBDIRS = \
 		pg_ivm \
 		vector \
-		pgtap
+		pgtap \
+		pg_uuidv7
 
 prefix ?= /install/pglite
 EXTENSIONS_BUILD_ROOT := /tmp/extensions/build

From ca285ad21f2eebcefe5a64b35e268cd642f556c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Filip=20Byr=C3=A9n?= <filip@valorquant.com>
Date: Mon, 5 Jan 2026 16:04:19 +0100
Subject: [PATCH 4/4] Feat(extensions): pg_session_jwt

---
 pglite/Makefile                               |  3 +-
 pglite/pg_session_jwt/Makefile                | 28 +++++++
 .../pglite/pg_session_jwt--0.4.0.sql          | 76 +++++++++++++++++++
 3 files changed, 106 insertions(+), 1 deletion(-)
 create mode 100644 pglite/pg_session_jwt/Makefile
 create mode 100644 pglite/pg_session_jwt/pglite/pg_session_jwt--0.4.0.sql

diff --git a/pglite/Makefile b/pglite/Makefile
index 633fe686b9eba..0d773748e67f1 100644
--- a/pglite/Makefile
+++ b/pglite/Makefile
@@ -7,7 +7,8 @@ SUBDIRS = \
 		pg_ivm \
 		vector \
 		pgtap \
-		pg_uuidv7
+		pg_uuidv7 \
+		pg_session_jwt
 
 prefix ?= /install/pglite
 EXTENSIONS_BUILD_ROOT := /tmp/extensions/build
diff --git a/pglite/pg_session_jwt/Makefile b/pglite/pg_session_jwt/Makefile
new file mode 100644
index 0000000000000..abcb95c06fd97
--- /dev/null
+++ b/pglite/pg_session_jwt/Makefile
@@ -0,0 +1,28 @@
+# Minimal PGXS-style shim for PGlite builds.
+#
+# Upstream pg_session_jwt is pgrx-based and doesn't ship a Makefile compatible
+# with PGlite's backend build (which expects to `make install` each extension
+# directory). This shim installs a fallback-mode-only SQL implementation that
+# uses PostgREST-compatible `request.jwt.claims`.
+
+EXTENSION = pg_session_jwt
+EXTVERSION = 0.4.0
+
+prefix ?= /install/pglite
+
+EXTENSION_DIR = $(DESTDIR)$(prefix)/share/postgresql/extension
+
+.PHONY: all install
+
+all:
+	@echo "$(EXTENSION): nothing to build (SQL-only shim)"
+
+install:
+	mkdir -p $(EXTENSION_DIR)
+	printf "%s\n" \
+		"comment = 'pg_session_jwt (PGlite shim): JWT session helpers using request.jwt.claims'" \
+		"default_version = '$(EXTVERSION)'" \
+		"relocatable = false" \
+		"trusted = true" \
+		> $(EXTENSION_DIR)/$(EXTENSION).control
+	cp -f pglite/$(EXTENSION)--$(EXTVERSION).sql $(EXTENSION_DIR)/
diff --git a/pglite/pg_session_jwt/pglite/pg_session_jwt--0.4.0.sql b/pglite/pg_session_jwt/pglite/pg_session_jwt--0.4.0.sql
new file mode 100644
index 0000000000000..28021d9ae90ee
--- /dev/null
+++ b/pglite/pg_session_jwt/pglite/pg_session_jwt--0.4.0.sql
@@ -0,0 +1,76 @@
+CREATE SCHEMA IF NOT EXISTS auth;
+
+CREATE OR REPLACE FUNCTION auth."session"() RETURNS jsonb
+STABLE PARALLEL SAFE
+LANGUAGE plpgsql
+AS $$
+DECLARE
+  claims_text text;
+BEGIN
+  claims_text := current_setting('request.jwt.claims', true);
+
+  IF claims_text IS NULL OR claims_text = '' THEN
+    RETURN NULL;
+  END IF;
+
+  BEGIN
+    RETURN claims_text::jsonb;
+  EXCEPTION
+    WHEN others THEN
+      RETURN NULL;
+  END;
+END;
+$$;
+
+CREATE OR REPLACE FUNCTION auth."jwt"() RETURNS jsonb
+STABLE PARALLEL SAFE
+LANGUAGE sql
+AS $$
+  SELECT auth."session"();
+$$;
+
+CREATE OR REPLACE FUNCTION auth."user_id"() RETURNS text
+STABLE PARALLEL SAFE
+LANGUAGE sql
+AS $$
+  SELECT auth."session"() ->> 'sub';
+$$;
+
+CREATE OR REPLACE FUNCTION auth."uid"() RETURNS uuid
+STABLE PARALLEL SAFE
+LANGUAGE plpgsql
+AS $$
+DECLARE
+  sub text;
+BEGIN
+  sub := auth."user_id"();
+  IF sub IS NULL OR sub = '' THEN
+    RETURN NULL;
+  END IF;
+
+  BEGIN
+    RETURN sub::uuid;
+  EXCEPTION
+    WHEN others THEN
+      RETURN NULL;
+  END;
+END;
+$$;
+
+CREATE OR REPLACE FUNCTION auth."init"() RETURNS void
+LANGUAGE plpgsql
+AS $$
+BEGIN
+  RAISE EXCEPTION
+    'pg_session_jwt JWK validation is not supported in this PGlite shim; set request.jwt.claims instead';
+END;
+$$;
+
+CREATE OR REPLACE FUNCTION auth."jwt_session_init"(jwt text) RETURNS void
+LANGUAGE plpgsql
+AS $$
+BEGIN
+  RAISE EXCEPTION
+    'pg_session_jwt JWK validation is not supported in this PGlite shim; set request.jwt.claims instead';
+END;
+$$;