npm - @katyella/legio - Versions diffs - 0.1.0 - Mend

@katyella/legio 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (219) hide show

package/CHANGELOG.md +422 -0
package/LICENSE +21 -0
package/README.md +555 -0
package/agents/builder.md +141 -0
package/agents/coordinator.md +351 -0
package/agents/cto.md +196 -0
package/agents/gateway.md +276 -0
package/agents/lead.md +281 -0
package/agents/merger.md +156 -0
package/agents/monitor.md +212 -0
package/agents/reviewer.md +142 -0
package/agents/scout.md +131 -0
package/agents/supervisor.md +416 -0
package/bin/legio.mjs +38 -0
package/package.json +77 -0
package/src/agents/checkpoint.test.ts +88 -0
package/src/agents/checkpoint.ts +102 -0
package/src/agents/hooks-deployer.test.ts +1820 -0
package/src/agents/hooks-deployer.ts +574 -0
package/src/agents/identity.test.ts +614 -0
package/src/agents/identity.ts +385 -0
package/src/agents/lifecycle.test.ts +202 -0
package/src/agents/lifecycle.ts +184 -0
package/src/agents/manifest.test.ts +558 -0
package/src/agents/manifest.ts +297 -0
package/src/agents/overlay.test.ts +592 -0
package/src/agents/overlay.ts +316 -0
package/src/beads/client.test.ts +210 -0
package/src/beads/client.ts +227 -0
package/src/beads/molecules.test.ts +320 -0
package/src/beads/molecules.ts +209 -0
package/src/commands/agents.test.ts +325 -0
package/src/commands/agents.ts +286 -0
package/src/commands/clean.test.ts +730 -0
package/src/commands/clean.ts +653 -0
package/src/commands/completions.test.ts +346 -0
package/src/commands/completions.ts +950 -0
package/src/commands/coordinator.test.ts +1524 -0
package/src/commands/coordinator.ts +880 -0
package/src/commands/costs.test.ts +1015 -0
package/src/commands/costs.ts +473 -0
package/src/commands/dashboard.test.ts +94 -0
package/src/commands/dashboard.ts +607 -0
package/src/commands/doctor.test.ts +295 -0
package/src/commands/doctor.ts +213 -0
package/src/commands/down.test.ts +308 -0
package/src/commands/down.ts +124 -0
package/src/commands/errors.test.ts +648 -0
package/src/commands/errors.ts +255 -0
package/src/commands/feed.test.ts +579 -0
package/src/commands/feed.ts +368 -0
package/src/commands/gateway.test.ts +698 -0
package/src/commands/gateway.ts +419 -0
package/src/commands/group.test.ts +262 -0
package/src/commands/group.ts +539 -0
package/src/commands/hooks.test.ts +292 -0
package/src/commands/hooks.ts +210 -0
package/src/commands/init.test.ts +211 -0
package/src/commands/init.ts +622 -0
package/src/commands/inspect.test.ts +670 -0
package/src/commands/inspect.ts +455 -0
package/src/commands/log.test.ts +1556 -0
package/src/commands/log.ts +752 -0
package/src/commands/logs.test.ts +379 -0
package/src/commands/logs.ts +544 -0
package/src/commands/mail.test.ts +1726 -0
package/src/commands/mail.ts +926 -0
package/src/commands/merge.test.ts +676 -0
package/src/commands/merge.ts +374 -0
package/src/commands/metrics.test.ts +444 -0
package/src/commands/metrics.ts +150 -0
package/src/commands/monitor.test.ts +151 -0
package/src/commands/monitor.ts +394 -0
package/src/commands/nudge.test.ts +230 -0
package/src/commands/nudge.ts +373 -0
package/src/commands/prime.test.ts +467 -0
package/src/commands/prime.ts +386 -0
package/src/commands/replay.test.ts +742 -0
package/src/commands/replay.ts +367 -0
package/src/commands/run.test.ts +443 -0
package/src/commands/run.ts +365 -0
package/src/commands/server.test.ts +626 -0
package/src/commands/server.ts +298 -0
package/src/commands/sling.test.ts +810 -0
package/src/commands/sling.ts +700 -0
package/src/commands/spec.test.ts +206 -0
package/src/commands/spec.ts +171 -0
package/src/commands/status.test.ts +276 -0
package/src/commands/status.ts +339 -0
package/src/commands/stop.test.ts +357 -0
package/src/commands/stop.ts +119 -0
package/src/commands/supervisor.test.ts +186 -0
package/src/commands/supervisor.ts +544 -0
package/src/commands/trace.test.ts +746 -0
package/src/commands/trace.ts +332 -0
package/src/commands/up.test.ts +597 -0
package/src/commands/up.ts +275 -0
package/src/commands/watch.test.ts +152 -0
package/src/commands/watch.ts +238 -0
package/src/commands/worktree.test.ts +648 -0
package/src/commands/worktree.ts +266 -0
package/src/config.test.ts +496 -0
package/src/config.ts +616 -0
package/src/doctor/agents.test.ts +448 -0
package/src/doctor/agents.ts +396 -0
package/src/doctor/config-check.test.ts +184 -0
package/src/doctor/config-check.ts +185 -0
package/src/doctor/consistency.test.ts +645 -0
package/src/doctor/consistency.ts +294 -0
package/src/doctor/databases.test.ts +284 -0
package/src/doctor/databases.ts +211 -0
package/src/doctor/dependencies.test.ts +150 -0
package/src/doctor/dependencies.ts +179 -0
package/src/doctor/logs.test.ts +244 -0
package/src/doctor/logs.ts +295 -0
package/src/doctor/merge-queue.test.ts +210 -0
package/src/doctor/merge-queue.ts +144 -0
package/src/doctor/structure.test.ts +285 -0
package/src/doctor/structure.ts +195 -0
package/src/doctor/types.ts +37 -0
package/src/doctor/version.test.ts +130 -0
package/src/doctor/version.ts +131 -0
package/src/e2e/chat-flow.test.ts +346 -0
package/src/e2e/init-sling-lifecycle.test.ts +288 -0
package/src/errors.test.ts +21 -0
package/src/errors.ts +246 -0
package/src/events/store.test.ts +660 -0
package/src/events/store.ts +344 -0
package/src/events/tool-filter.test.ts +330 -0
package/src/events/tool-filter.ts +126 -0
package/src/global-setup.ts +14 -0
package/src/index.ts +339 -0
package/src/insights/analyzer.test.ts +466 -0
package/src/insights/analyzer.ts +203 -0
package/src/logging/color.test.ts +118 -0
package/src/logging/color.ts +71 -0
package/src/logging/logger.test.ts +812 -0
package/src/logging/logger.ts +266 -0
package/src/logging/reporter.test.ts +258 -0
package/src/logging/reporter.ts +109 -0
package/src/logging/sanitizer.test.ts +190 -0
package/src/logging/sanitizer.ts +57 -0
package/src/mail/broadcast.test.ts +203 -0
package/src/mail/broadcast.ts +92 -0
package/src/mail/client.test.ts +873 -0
package/src/mail/client.ts +236 -0
package/src/mail/store.test.ts +815 -0
package/src/mail/store.ts +402 -0
package/src/merge/queue.test.ts +449 -0
package/src/merge/queue.ts +262 -0
package/src/merge/resolver.test.ts +1453 -0
package/src/merge/resolver.ts +759 -0
package/src/metrics/store.test.ts +1167 -0
package/src/metrics/store.ts +511 -0
package/src/metrics/summary.test.ts +397 -0
package/src/metrics/summary.ts +178 -0
package/src/metrics/transcript.test.ts +643 -0
package/src/metrics/transcript.ts +351 -0
package/src/mulch/client.test.ts +547 -0
package/src/mulch/client.ts +416 -0
package/src/server/audit-store.test.ts +384 -0
package/src/server/audit-store.ts +257 -0
package/src/server/headless.test.ts +180 -0
package/src/server/headless.ts +151 -0
package/src/server/index.test.ts +241 -0
package/src/server/index.ts +317 -0
package/src/server/public/app.js +187 -0
package/src/server/public/apple-touch-icon.png +0 -0
package/src/server/public/components/agent-badge.js +37 -0
package/src/server/public/components/data-table.js +114 -0
package/src/server/public/components/gateway-chat.js +256 -0
package/src/server/public/components/issue-card.js +96 -0
package/src/server/public/components/layout.js +88 -0
package/src/server/public/components/message-bubble.js +120 -0
package/src/server/public/components/stat-card.js +26 -0
package/src/server/public/components/terminal-panel.js +140 -0
package/src/server/public/favicon-16.png +0 -0
package/src/server/public/favicon-32.png +0 -0
package/src/server/public/favicon.ico +0 -0
package/src/server/public/favicon.png +0 -0
package/src/server/public/index.html +64 -0
package/src/server/public/lib/api.js +35 -0
package/src/server/public/lib/markdown.js +8 -0
package/src/server/public/lib/preact-setup.js +8 -0
package/src/server/public/lib/state.js +99 -0
package/src/server/public/lib/utils.js +309 -0
package/src/server/public/lib/ws.js +79 -0
package/src/server/public/views/chat.js +983 -0
package/src/server/public/views/costs.js +692 -0
package/src/server/public/views/dashboard.js +781 -0
package/src/server/public/views/gateway-chat.js +622 -0
package/src/server/public/views/inspect.js +399 -0
package/src/server/public/views/issues.js +470 -0
package/src/server/public/views/setup.js +94 -0
package/src/server/public/views/task-detail.js +422 -0
package/src/server/routes.test.ts +3816 -0
package/src/server/routes.ts +1964 -0
package/src/server/websocket.test.ts +288 -0
package/src/server/websocket.ts +196 -0
package/src/sessions/compat.test.ts +109 -0
package/src/sessions/compat.ts +17 -0
package/src/sessions/store.test.ts +969 -0
package/src/sessions/store.ts +480 -0
package/src/test-helpers.test.ts +97 -0
package/src/test-helpers.ts +143 -0
package/src/types.ts +708 -0
package/src/watchdog/daemon.test.ts +1233 -0
package/src/watchdog/daemon.ts +533 -0
package/src/watchdog/health.test.ts +371 -0
package/src/watchdog/health.ts +248 -0
package/src/watchdog/triage.test.ts +162 -0
package/src/watchdog/triage.ts +193 -0
package/src/worktree/manager.test.ts +444 -0
package/src/worktree/manager.ts +224 -0
package/src/worktree/tmux.test.ts +1238 -0
package/src/worktree/tmux.ts +644 -0
package/templates/CLAUDE.md.tmpl +89 -0
package/templates/hooks.json.tmpl +132 -0
package/templates/overlay.md.tmpl +79 -0

package/src/server/audit-store.test.ts ADDED Viewed

@@ -0,0 +1,384 @@
+/**
+ * Tests for the AuditStore SQLite implementation.
+ *
+ * Uses real temp-file databases — no mocking of store logic.
+ */
+import { mkdir, rm } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import { createAuditStore } from "./audit-store.ts";
+let tempDir: string;
+let dbPath: string;
+beforeEach(async () => {
+	tempDir = join(tmpdir(), `audit-store-test-${Date.now()}`);
+	await mkdir(tempDir, { recursive: true });
+	dbPath = join(tempDir, "audit.db");
+});
+afterEach(async () => {
+	await rm(tempDir, { recursive: true, force: true });
+});
+describe("createAuditStore", () => {
+	it("creates a store and returns it", () => {
+		const store = createAuditStore(dbPath);
+		expect(store).toBeDefined();
+		store.close();
+	});
+	it("insert + getAll round-trip", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			const id = store.insert({
+				type: "command",
+				agent: "orchestrator",
+				source: "web_ui",
+				summary: "User sent a command",
+				detail: "ls -la",
+			});
+			expect(typeof id).toBe("number");
+			expect(id).toBeGreaterThan(0);
+			const events = store.getAll();
+			expect(events.length).toBe(1);
+			const ev = events[0];
+			expect(ev).toBeDefined();
+			if (!ev) return;
+			expect(ev.id).toBe(id);
+			expect(ev.type).toBe("command");
+			expect(ev.agent).toBe("orchestrator");
+			expect(ev.source).toBe("web_ui");
+			expect(ev.summary).toBe("User sent a command");
+			expect(ev.detail).toBe("ls -la");
+			expect(ev.sessionId).toBeNull();
+			expect(typeof ev.createdAt).toBe("string");
+		} finally {
+			store.close();
+		}
+	});
+	it("defaults source to system when not provided", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "system", summary: "Startup" });
+			const events = store.getAll();
+			expect(events[0]?.source).toBe("system");
+		} finally {
+			store.close();
+		}
+	});
+	it("allows null agent", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "system", summary: "No agent event", agent: null });
+			const events = store.getAll();
+			expect(events[0]?.agent).toBeNull();
+		} finally {
+			store.close();
+		}
+	});
+	it("stores sessionId when provided", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "state_change", summary: "Agent started", sessionId: "sess-abc" });
+			const events = store.getAll();
+			expect(events[0]?.sessionId).toBe("sess-abc");
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("getAll filters", () => {
+	function seedStore(store: ReturnType<typeof createAuditStore>): void {
+		store.insert({ type: "command", agent: "orchestrator", source: "web_ui", summary: "cmd1" });
+		store.insert({ type: "response", agent: "coordinator", source: "system", summary: "resp1" });
+		store.insert({ type: "error", agent: "orchestrator", source: "cli", summary: "err1" });
+		store.insert({ type: "command", agent: "coordinator", source: "web_ui", summary: "cmd2" });
+	}
+	it("returns all events without filters", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			expect(store.getAll().length).toBe(4);
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by type", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			const events = store.getAll({ type: "command" });
+			expect(events.length).toBe(2);
+			expect(events.every((e) => e.type === "command")).toBe(true);
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by agent", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			const events = store.getAll({ agent: "coordinator" });
+			expect(events.length).toBe(2);
+			expect(events.every((e) => e.agent === "coordinator")).toBe(true);
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by source", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			const events = store.getAll({ source: "web_ui" });
+			expect(events.length).toBe(2);
+			expect(events.every((e) => e.source === "web_ui")).toBe(true);
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by since timestamp", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			// Insert one event, record time, insert another after
+			store.insert({ type: "command", summary: "before" });
+			const midpoint = new Date().toISOString();
+			// Wait a tiny bit so the next event has a later timestamp
+			const now = Date.now();
+			while (Date.now() - now < 5) {
+				// spin
+			}
+			store.insert({ type: "command", summary: "after" });
+			const events = store.getAll({ since: midpoint });
+			// The "after" event should be returned; "before" may or may not depending on timing
+			expect(events.length).toBeGreaterThanOrEqual(1);
+			const latest = events[events.length - 1];
+			expect(latest?.summary).toBe("after");
+		} finally {
+			store.close();
+		}
+	});
+	it("applies limit", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			const events = store.getAll({ limit: 2 });
+			expect(events.length).toBe(2);
+		} finally {
+			store.close();
+		}
+	});
+	it("combines multiple filters", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			seedStore(store);
+			const events = store.getAll({ type: "command", agent: "orchestrator" });
+			expect(events.length).toBe(1);
+			expect(events[0]?.summary).toBe("cmd1");
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("getTimeline", () => {
+	it("returns events in chronological order", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", summary: "first" });
+			store.insert({ type: "response", summary: "second" });
+			store.insert({ type: "state_change", summary: "third" });
+			const events = store.getTimeline();
+			expect(events.length).toBe(3);
+			for (let i = 0; i < events.length - 1; i++) {
+				const a = events[i];
+				const b = events[i + 1];
+				if (a && b) {
+					expect(a.createdAt <= b.createdAt).toBe(true);
+				}
+			}
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by since and until", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			const past = "1970-01-01T00:00:00.000Z";
+			const future = "2099-01-01T00:00:00.000Z";
+			store.insert({ type: "command", summary: "event" });
+			const events = store.getTimeline({ since: past, until: future });
+			expect(events.length).toBe(1);
+		} finally {
+			store.close();
+		}
+	});
+	it("applies limit", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			for (let i = 0; i < 5; i++) {
+				store.insert({ type: "command", summary: `event-${i}` });
+			}
+			const events = store.getTimeline({ limit: 3 });
+			expect(events.length).toBe(3);
+		} finally {
+			store.close();
+		}
+	});
+	it("returns empty array when no events match", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			const events = store.getTimeline({ since: "2099-01-01T00:00:00.000Z" });
+			expect(events).toEqual([]);
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("getByAgent", () => {
+	it("returns events for the given agent", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", agent: "orch", summary: "cmd" });
+			store.insert({ type: "response", agent: "coord", summary: "resp" });
+			store.insert({ type: "error", agent: "orch", summary: "err" });
+			const events = store.getByAgent("orch");
+			expect(events.length).toBe(2);
+			expect(events.every((e) => e.agent === "orch")).toBe(true);
+		} finally {
+			store.close();
+		}
+	});
+	it("filters by since", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", agent: "orch", summary: "old" });
+			const mid = new Date().toISOString();
+			const now = Date.now();
+			while (Date.now() - now < 5) {
+				// spin
+			}
+			store.insert({ type: "command", agent: "orch", summary: "new" });
+			const events = store.getByAgent("orch", { since: mid });
+			expect(events.length).toBeGreaterThanOrEqual(1);
+			const last = events[events.length - 1];
+			expect(last?.summary).toBe("new");
+		} finally {
+			store.close();
+		}
+	});
+	it("applies limit", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			for (let i = 0; i < 4; i++) {
+				store.insert({ type: "command", agent: "orch", summary: `cmd-${i}` });
+			}
+			const events = store.getByAgent("orch", { limit: 2 });
+			expect(events.length).toBe(2);
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("getByType", () => {
+	it("returns events of the given type", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", summary: "cmd1" });
+			store.insert({ type: "error", summary: "err1" });
+			store.insert({ type: "command", summary: "cmd2" });
+			const events = store.getByType("command");
+			expect(events.length).toBe(2);
+			expect(events.every((e) => e.type === "command")).toBe(true);
+		} finally {
+			store.close();
+		}
+	});
+	it("applies limit", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			for (let i = 0; i < 5; i++) {
+				store.insert({ type: "merge", summary: `merge-${i}` });
+			}
+			const events = store.getByType("merge", { limit: 3 });
+			expect(events.length).toBe(3);
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("purge", () => {
+	it("purge all deletes all events and returns count", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", summary: "a" });
+			store.insert({ type: "command", summary: "b" });
+			store.insert({ type: "command", summary: "c" });
+			const deleted = store.purge({ all: true });
+			expect(deleted).toBe(3);
+			expect(store.getAll().length).toBe(0);
+		} finally {
+			store.close();
+		}
+	});
+	it("purge olderThanMs deletes events older than the threshold", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", summary: "old" });
+			// After insertion, the event's created_at is in the past.
+			// Use a large enough window that the event is "recent" — but we want it gone.
+			// Actually we want to test that events are NOT purged if they are new.
+			// Insert, then purge with 10 seconds threshold — the event is brand new,
+			// so nothing should be deleted.
+			const deleted = store.purge({ olderThanMs: 10_000 });
+			expect(deleted).toBe(0);
+			expect(store.getAll().length).toBe(1);
+		} finally {
+			store.close();
+		}
+	});
+	it("purge with no options returns 0 and deletes nothing", () => {
+		const store = createAuditStore(dbPath);
+		try {
+			store.insert({ type: "command", summary: "event" });
+			const deleted = store.purge({});
+			expect(deleted).toBe(0);
+			expect(store.getAll().length).toBe(1);
+		} finally {
+			store.close();
+		}
+	});
+});
+describe("close", () => {
+	it("can be called without error", () => {
+		const store = createAuditStore(dbPath);
+		expect(() => store.close()).not.toThrow();
+	});
+});

package/src/server/audit-store.ts ADDED Viewed

@@ -0,0 +1,257 @@
+/**
+ * SQLite-backed audit trail store for the legio web UI.
+ *
+ * Records orchestration events: commands sent via UI, coordinator responses,
+ * state transitions, merge events, errors, and system-level events.
+ * Uses better-sqlite3 for synchronous database access.
+ * WAL mode enables concurrent reads from multiple processes.
+ */
+import Database from "better-sqlite3";
+/** Row shape as stored in SQLite (snake_case columns). */
+interface AuditRow {
+	id: number;
+	type: string;
+	agent: string | null;
+	source: string;
+	summary: string;
+	detail: string | null;
+	session_id: string | null;
+	created_at: string;
+}
+export interface AuditEvent {
+	id: number;
+	type: string;
+	agent: string | null;
+	source: string;
+	summary: string;
+	detail: string | null;
+	sessionId: string | null;
+	createdAt: string;
+}
+export interface InsertAuditEvent {
+	type: string;
+	agent?: string | null;
+	source?: string;
+	summary: string;
+	detail?: string | null;
+	sessionId?: string | null;
+}
+export interface AuditQueryOptions {
+	since?: string;
+	until?: string;
+	agent?: string;
+	type?: string;
+	source?: string;
+	limit?: number;
+}
+export interface AuditStore {
+	insert(event: InsertAuditEvent): number;
+	getAll(opts?: AuditQueryOptions): AuditEvent[];
+	getTimeline(opts?: { since?: string; until?: string; limit?: number }): AuditEvent[];
+	getByAgent(agent: string, opts?: { since?: string; limit?: number }): AuditEvent[];
+	getByType(type: string, opts?: { since?: string; limit?: number }): AuditEvent[];
+	purge(opts: { all?: boolean; olderThanMs?: number }): number;
+	close(): void;
+}
+const CREATE_TABLE = `
+CREATE TABLE IF NOT EXISTS audit_events (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  type TEXT NOT NULL,
+  agent TEXT,
+  source TEXT NOT NULL DEFAULT 'system',
+  summary TEXT NOT NULL,
+  detail TEXT,
+  session_id TEXT,
+  created_at TEXT NOT NULL DEFAULT (strftime('%Y-%m-%dT%H:%M:%f','now'))
+)`;
+const CREATE_INDEXES = `
+CREATE INDEX IF NOT EXISTS idx_audit_type_time ON audit_events(type, created_at);
+CREATE INDEX IF NOT EXISTS idx_audit_agent_time ON audit_events(agent, created_at);
+CREATE INDEX IF NOT EXISTS idx_audit_source ON audit_events(source)`;
+/** Convert a database row (snake_case) to an AuditEvent object (camelCase). */
+function rowToAuditEvent(row: AuditRow): AuditEvent {
+	return {
+		id: row.id,
+		type: row.type,
+		agent: row.agent,
+		source: row.source,
+		summary: row.summary,
+		detail: row.detail,
+		sessionId: row.session_id,
+		createdAt: row.created_at,
+	};
+}
+/**
+ * Create a new AuditStore backed by a SQLite database at the given path.
+ *
+ * Initializes the database with WAL mode and a 5-second busy timeout.
+ * Creates the audit_events table and indexes if they do not already exist.
+ */
+export function createAuditStore(dbPath: string): AuditStore {
+	const db = new Database(dbPath);
+	// Configure for concurrent access from multiple processes.
+	db.exec("PRAGMA journal_mode = WAL");
+	db.exec("PRAGMA synchronous = NORMAL");
+	db.exec("PRAGMA busy_timeout = 5000");
+	// Create schema
+	db.exec(CREATE_TABLE);
+	db.exec(CREATE_INDEXES);
+	// Prepare the insert statement
+	const insertStmt = db.prepare(`
+		INSERT INTO audit_events
+			(type, agent, source, summary, detail, session_id)
+		VALUES
+			($type, $agent, $source, $summary, $detail, $session_id)
+		RETURNING id
+	`);
+	return {
+		insert(event: InsertAuditEvent): number {
+			const row = insertStmt.get({
+				type: event.type,
+				agent: event.agent ?? null,
+				source: event.source ?? "system",
+				summary: event.summary,
+				detail: event.detail ?? null,
+				session_id: event.sessionId ?? null,
+			}) as { id: number } | undefined;
+			if (!row) {
+				return 0;
+			}
+			return row.id;
+		},
+		getAll(opts?: AuditQueryOptions): AuditEvent[] {
+			const conditions: string[] = [];
+			const params: Record<string, string | number> = {};
+			if (opts?.since !== undefined) {
+				conditions.push("created_at >= $since");
+				params.since = opts.since;
+			}
+			if (opts?.until !== undefined) {
+				conditions.push("created_at <= $until");
+				params.until = opts.until;
+			}
+			if (opts?.agent !== undefined) {
+				conditions.push("agent = $agent");
+				params.agent = opts.agent;
+			}
+			if (opts?.type !== undefined) {
+				conditions.push("type = $type");
+				params.type = opts.type;
+			}
+			if (opts?.source !== undefined) {
+				conditions.push("source = $source");
+				params.source = opts.source;
+			}
+			const whereClause = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+			const limitClause = opts?.limit !== undefined ? `LIMIT ${opts.limit}` : "";
+			const query = `SELECT * FROM audit_events ${whereClause} ORDER BY created_at ASC ${limitClause}`;
+			const rows = db.prepare(query).all(params) as AuditRow[];
+			return rows.map(rowToAuditEvent);
+		},
+		getTimeline(opts?: { since?: string; until?: string; limit?: number }): AuditEvent[] {
+			const conditions: string[] = [];
+			const params: Record<string, string | number> = {};
+			if (opts?.since !== undefined) {
+				conditions.push("created_at >= $since");
+				params.since = opts.since;
+			}
+			if (opts?.until !== undefined) {
+				conditions.push("created_at <= $until");
+				params.until = opts.until;
+			}
+			const whereClause = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+			const limitClause = opts?.limit !== undefined ? `LIMIT ${opts.limit}` : "";
+			const query = `SELECT * FROM audit_events ${whereClause} ORDER BY created_at ASC ${limitClause}`;
+			const rows = db.prepare(query).all(params) as AuditRow[];
+			return rows.map(rowToAuditEvent);
+		},
+		getByAgent(agent: string, opts?: { since?: string; limit?: number }): AuditEvent[] {
+			const conditions: string[] = ["agent = $agent"];
+			const params: Record<string, string | number> = { agent };
+			if (opts?.since !== undefined) {
+				conditions.push("created_at >= $since");
+				params.since = opts.since;
+			}
+			const whereClause = `WHERE ${conditions.join(" AND ")}`;
+			const limitClause = opts?.limit !== undefined ? `LIMIT ${opts.limit}` : "";
+			const query = `SELECT * FROM audit_events ${whereClause} ORDER BY created_at ASC ${limitClause}`;
+			const rows = db.prepare(query).all(params) as AuditRow[];
+			return rows.map(rowToAuditEvent);
+		},
+		getByType(type: string, opts?: { since?: string; limit?: number }): AuditEvent[] {
+			const conditions: string[] = ["type = $type"];
+			const params: Record<string, string | number> = { type };
+			if (opts?.since !== undefined) {
+				conditions.push("created_at >= $since");
+				params.since = opts.since;
+			}
+			const whereClause = `WHERE ${conditions.join(" AND ")}`;
+			const limitClause = opts?.limit !== undefined ? `LIMIT ${opts.limit}` : "";
+			const query = `SELECT * FROM audit_events ${whereClause} ORDER BY created_at ASC ${limitClause}`;
+			const rows = db.prepare(query).all(params) as AuditRow[];
+			return rows.map(rowToAuditEvent);
+		},
+		purge(opts: { all?: boolean; olderThanMs?: number }): number {
+			if (opts.all) {
+				const countRow = db.prepare("SELECT COUNT(*) as cnt FROM audit_events").get() as
+					| { cnt: number }
+					| undefined;
+				const count = countRow?.cnt ?? 0;
+				db.prepare("DELETE FROM audit_events").run();
+				return count;
+			}
+			if (opts.olderThanMs !== undefined) {
+				const cutoff = new Date(Date.now() - opts.olderThanMs).toISOString();
+				const countRow = db
+					.prepare("SELECT COUNT(*) as cnt FROM audit_events WHERE created_at < $cutoff")
+					.get({ cutoff }) as { cnt: number } | undefined;
+				const count = countRow?.cnt ?? 0;
+				db.prepare("DELETE FROM audit_events WHERE created_at < $cutoff").run({ cutoff });
+				return count;
+			}
+			return 0;
+		},
+		close(): void {
+			try {
+				db.exec("PRAGMA wal_checkpoint(PASSIVE)");
+			} catch {
+				// Best effort — checkpoint failure is non-fatal
+			}
+			db.close();
+		},
+	};
+}