@myrialabs/clopen 0.2.11 → 0.2.12

package/backend/chat/stream-manager.ts

@@ -103,7 +103,7 @@ class StreamManager extends EventEmitter {
 	 * This event fires regardless of per-connection subscribers.
 	 * Used by the WS layer to send cross-project notifications (presence, sound, push).
 	 */
-	private emitStreamLifecycle(streamState: StreamState, status: 'completed' | 'error' | 'cancelled'): void {
+	private emitStreamLifecycle(streamState: StreamState, status: 'completed' | 'error' | 'cancelled', reason?: string): void {
 		if (this.lifecycleEmitted.has(streamState.streamId)) return;
 		this.lifecycleEmitted.add(streamState.streamId);
 
@@ -112,7 +112,8 @@ class StreamManager extends EventEmitter {
 			streamId: streamState.streamId,
 			projectId: streamState.projectId,
 			chatSessionId: streamState.chatSessionId,
-			timestamp: (streamState.completedAt || new Date()).toISOString()
+			timestamp: (streamState.completedAt || new Date()).toISOString(),
+			reason
 		});
 
 		// Clean up guard after 60s (no need to keep forever)
@@ -707,10 +708,16 @@ class StreamManager extends EventEmitter {
 							});
 						} else if ((event as any).content_block?.type === 'text') {
 							// Reset partial text for new text content block
-							// Don't emit the initial text — deltas will provide the content
-							// This prevents double-counting if content_block_start.text repeats
-							// the first content_block_delta.text
 							streamState.currentPartialText = '';
+							// Emit a start event so frontend has a text stream_event
+							// before deltas arrive (matches thinking block behavior)
+							this.emitStreamEvent(streamState, 'partial', {
+								processId: streamState.processId,
+								eventType: 'start',
+								partialText: '',
+								deltaText: '',
+								timestamp: new Date().toISOString()
+							});
 						}
 					} else if (event.type === 'content_block_delta') {
 						debug.log('chat', `[SM] content_block_delta: deltaType=${(event as any).delta?.type}, hasThinking=${'thinking' in ((event as any).delta || {})}, hasText=${'text' in ((event as any).delta || {})}`);
@@ -830,6 +837,9 @@ class StreamManager extends EventEmitter {
 							savedReasoningParentId = saved?.parent_message_id || null;
 						}
 
+						// Clear reasoning text after save to prevent stale catchup injection
+						streamState.currentReasoningText = undefined;
+
 						this.emitStreamEvent(streamState, 'message', {
 							processId: streamState.processId,
 							message: reasoningMsg,
@@ -890,6 +900,16 @@ class StreamManager extends EventEmitter {
 					savedParentId = saved?.parent_message_id || null;
 				}
 
+				// Clear partial text after saving a complete assistant message to prevent
+				// cancelStream from saving a duplicate text-only message to DB.
+				// Also prevents catchupActiveStream from injecting a stale stream_event
+				// with text that's already part of the saved message.
+				if (message.type === 'assistant' && !message.metadata?.reasoning) {
+					streamState.currentPartialText = undefined;
+				} else if (message.type === 'assistant' && message.metadata?.reasoning) {
+					streamState.currentReasoningText = undefined;
+				}
+
 				streamState.messages.push({
 					processId: streamState.processId,
 					message,
@@ -1083,7 +1103,7 @@ class StreamManager extends EventEmitter {
 		return engine.resolveUserAnswer(toolUseId, answers);
 	}
 
-	async cancelStream(streamId: string): Promise<boolean> {
+	async cancelStream(streamId: string, reason?: string): Promise<boolean> {
 		const streamState = this.activeStreams.get(streamId);
 		if (!streamState || streamState.status !== 'active') {
 			return false;
@@ -1093,6 +1113,37 @@ class StreamManager extends EventEmitter {
 		streamState.status = 'cancelled';
 		streamState.completedAt = new Date();
 
+		// Save partial reasoning text to DB before cancelling (persists across refresh/project switch)
+		if (streamState.currentReasoningText && streamState.chatSessionId) {
+			try {
+				const reasoningMessage = {
+					type: 'assistant' as const,
+					parent_tool_use_id: null,
+					message: {
+						role: 'assistant' as const,
+						content: [{ type: 'text' as const, text: streamState.currentReasoningText }]
+					},
+					session_id: streamState.sdkSessionId || '',
+					metadata: { reasoning: true }
+				};
+
+				const timestamp = new Date().toISOString();
+				const currentHead = sessionQueries.getHead(streamState.chatSessionId);
+
+				const savedMessage = messageQueries.create({
+					session_id: streamState.chatSessionId,
+					sdk_message: reasoningMessage as any,
+					timestamp,
+					parent_message_id: currentHead || undefined
+				});
+
+				sessionQueries.updateHead(streamState.chatSessionId, savedMessage.id);
+				debug.log('chat', 'Saved partial reasoning on cancel:', savedMessage.id);
+			} catch (error) {
+				debug.error('chat', 'Failed to save partial reasoning on cancel:', error);
+			}
+		}
+
 		// Save partial text to DB before cancelling (persists across refresh/project switch)
 		if (streamState.currentPartialText && streamState.chatSessionId) {
 			try {
@@ -1172,7 +1223,7 @@ class StreamManager extends EventEmitter {
 			timestamp: streamState.completedAt.toISOString()
 		});
 
-		this.emitStreamLifecycle(streamState, 'cancelled');
+		this.emitStreamLifecycle(streamState, 'cancelled', reason);
 
 		// Auto-release all MCP-controlled tabs for this chat session
 		if (streamState.chatSessionId) {
@@ -1190,8 +1241,16 @@ class StreamManager extends EventEmitter {
 		const streamState = this.activeStreams.get(streamId);
 		if (streamState) {
 			const sessionKey = this.getSessionKey(streamState.projectId, streamState.chatSessionId);
-			this.sessionStreams.delete(sessionKey);
-			this.sessionStreams.delete(streamState.chatSessionId);
+			// Only delete session key if it still points to THIS stream.
+			// A newer stream for the same session may have overridden the key;
+			// blindly deleting it would orphan the active stream — making it
+			// unfindable by getSessionStream() and breaking cancel/reconnect.
+			if (this.sessionStreams.get(sessionKey) === streamId) {
+				this.sessionStreams.delete(sessionKey);
+			}
+			if (this.sessionStreams.get(streamState.chatSessionId) === streamId) {
+				this.sessionStreams.delete(streamState.chatSessionId);
+			}
 			this.activeStreams.delete(streamId);
 
 			// Cleanup project context service
@@ -1376,6 +1435,41 @@ class StreamManager extends EventEmitter {
 		});
 	}
 
+	/**
+	 * Cancel and clean up all streams for a specific chat session.
+	 * Used when a session is deleted to remove green/amber status indicators.
+	 */
+	async cleanupSessionStreams(chatSessionId: string): Promise<void> {
+		const streamsToCancel: string[] = [];
+		const streamsToClean: string[] = [];
+
+		this.activeStreams.forEach((stream, streamId) => {
+			if (stream.chatSessionId === chatSessionId) {
+				if (stream.status === 'active') {
+					streamsToCancel.push(streamId);
+				} else {
+					streamsToClean.push(streamId);
+				}
+			}
+		});
+
+		// Cancel active streams and await their processStream promise so the
+		// finally block (snapshot capture) completes before the caller deletes
+		// the session — preventing FOREIGN KEY constraint failures.
+		for (const streamId of streamsToCancel) {
+			await this.cancelStream(streamId, 'session-deleted');
+			const stream = this.activeStreams.get(streamId);
+			if (stream?.streamPromise) {
+				await stream.streamPromise.catch(() => {});
+			}
+		}
+
+		// Clean up non-active streams
+		for (const streamId of streamsToClean) {
+			this.cleanupStream(streamId);
+		}
+	}
+
 	/**
 	 * Clean up all completed streams
 	 */

package/backend/database/queries/project-queries.ts

@@ -57,11 +57,8 @@ export const projectQueries = {
 		`).run(now, id);
 	},
 
-	delete(id: string): void {
+	deleteProject(id: string): void {
 		const db = getDatabase();
-		// Delete related data first
-		db.prepare('DELETE FROM messages WHERE session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)').run(id);
-		db.prepare('DELETE FROM chat_sessions WHERE project_id = ?').run(id);
 		db.prepare('DELETE FROM user_projects WHERE project_id = ?').run(id);
 		db.prepare('DELETE FROM projects WHERE id = ?').run(id);
 	},

package/backend/database/queries/session-queries.ts

@@ -125,11 +125,46 @@ export const sessionQueries = {
 
 	delete(id: string): void {
 		const db = getDatabase();
-		// Delete related messages first
+		// Delete all related data
+		db.prepare('DELETE FROM branches WHERE session_id = ?').run(id);
+		db.prepare('DELETE FROM message_snapshots WHERE session_id = ?').run(id);
+		db.prepare('DELETE FROM session_relationships WHERE parent_session_id = ? OR child_session_id = ?').run(id, id);
 		db.prepare('DELETE FROM messages WHERE session_id = ?').run(id);
+		db.prepare('DELETE FROM user_unread_sessions WHERE session_id = ?').run(id);
+		// Clear current_session_id references in user_projects
+		db.prepare('UPDATE user_projects SET current_session_id = NULL WHERE current_session_id = ?').run(id);
 		db.prepare('DELETE FROM chat_sessions WHERE id = ?').run(id);
 	},
 
+	/**
+	 * Delete all sessions for a project and their related data.
+	 * Returns the list of deleted session IDs.
+	 */
+	deleteAllByProjectId(projectId: string): string[] {
+		const db = getDatabase();
+		const sessions = db.prepare('SELECT id FROM chat_sessions WHERE project_id = ?')
+			.all(projectId) as { id: string }[];
+		const sessionIds = sessions.map(s => s.id);
+
+		if (sessionIds.length === 0) return [];
+
+		// Delete all related data for the project's sessions
+		db.prepare('DELETE FROM branches WHERE session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)').run(projectId);
+		db.prepare('DELETE FROM message_snapshots WHERE project_id = ?').run(projectId);
+		db.prepare(`
+			DELETE FROM session_relationships
+			WHERE parent_session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)
+			   OR child_session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)
+		`).run(projectId, projectId);
+		db.prepare('DELETE FROM messages WHERE session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)').run(projectId);
+		db.prepare('DELETE FROM user_unread_sessions WHERE project_id = ?').run(projectId);
+		// Clear current_session_id references in user_projects for this project
+		db.prepare('UPDATE user_projects SET current_session_id = NULL WHERE project_id = ?').run(projectId);
+		db.prepare('DELETE FROM chat_sessions WHERE project_id = ?').run(projectId);
+
+		return sessionIds;
+	},
+
 	/**
 	 * Get the active shared session for a project
 	 * Returns the most recent session that hasn't ended

package/backend/database/queries/snapshot-queries.ts

@@ -325,5 +325,127 @@ export const snapshotQueries = {
 		`).all(projectId) as SessionRelationship[];
 
 		return relationships;
+	},
+
+	/**
+	 * Get ALL snapshots for a session (including soft-deleted).
+	 * Used for cleanup — getBySessionId filters is_deleted which misses hashes.
+	 */
+	getAllBySessionId(sessionId: string): MessageSnapshot[] {
+		const db = getDatabase();
+		return db.prepare(`
+			SELECT * FROM message_snapshots WHERE session_id = ?
+			ORDER BY created_at ASC
+		`).all(sessionId) as MessageSnapshot[];
+	},
+
+	/**
+	 * Get ALL snapshots for a project (including soft-deleted).
+	 * Used for cleanup.
+	 */
+	getAllByProjectId(projectId: string): MessageSnapshot[] {
+		const db = getDatabase();
+		return db.prepare(`
+			SELECT * FROM message_snapshots WHERE project_id = ?
+			ORDER BY created_at ASC
+		`).all(projectId) as MessageSnapshot[];
+	},
+
+	/**
+	 * Delete all snapshots for a session.
+	 * Returns the deleted snapshots so callers can clean up blob store.
+	 */
+	deleteBySessionId(sessionId: string): MessageSnapshot[] {
+		const db = getDatabase();
+		const snapshots = db.prepare(`
+			SELECT * FROM message_snapshots WHERE session_id = ?
+		`).all(sessionId) as MessageSnapshot[];
+
+		if (snapshots.length > 0) {
+			db.prepare('DELETE FROM message_snapshots WHERE session_id = ?').run(sessionId);
+		}
+
+		return snapshots;
+	},
+
+	/**
+	 * Delete all snapshots for a project.
+	 * Returns the deleted snapshots so callers can clean up blob store.
+	 */
+	deleteByProjectId(projectId: string): MessageSnapshot[] {
+		const db = getDatabase();
+		const snapshots = db.prepare(`
+			SELECT * FROM message_snapshots WHERE project_id = ?
+		`).all(projectId) as MessageSnapshot[];
+
+		if (snapshots.length > 0) {
+			db.prepare('DELETE FROM message_snapshots WHERE project_id = ?').run(projectId);
+		}
+
+		return snapshots;
+	},
+
+	/**
+	 * Delete session relationships by session ID (as parent or child).
+	 */
+	deleteRelationshipsBySessionId(sessionId: string): void {
+		const db = getDatabase();
+		db.prepare('DELETE FROM session_relationships WHERE parent_session_id = ? OR child_session_id = ?')
+			.run(sessionId, sessionId);
+	},
+
+	/**
+	 * Delete all session relationships for a project.
+	 */
+	deleteRelationshipsByProjectId(projectId: string): void {
+		const db = getDatabase();
+		db.prepare(`
+			DELETE FROM session_relationships
+			WHERE parent_session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)
+			   OR child_session_id IN (SELECT id FROM chat_sessions WHERE project_id = ?)
+		`).run(projectId, projectId);
+	},
+
+	/**
+	 * Collect all blob hashes referenced by the given snapshots.
+	 * Extracts oldHash and newHash from session_changes.
+	 */
+	collectBlobHashes(snapshots: MessageSnapshot[]): Set<string> {
+		const hashes = new Set<string>();
+		for (const snap of snapshots) {
+			if (!snap.session_changes) continue;
+			try {
+				const changes = JSON.parse(snap.session_changes as string) as Record<string, { oldHash: string; newHash: string }>;
+				for (const change of Object.values(changes)) {
+					if (change.oldHash) hashes.add(change.oldHash);
+					if (change.newHash) hashes.add(change.newHash);
+				}
+			} catch { /* skip malformed */ }
+		}
+		return hashes;
+	},
+
+	/**
+	 * Get all blob hashes still referenced by remaining snapshots in the database.
+	 * Used to determine which blobs are safe to delete (orphan detection).
+	 */
+	getAllReferencedBlobHashes(): Set<string> {
+		const db = getDatabase();
+		const rows = db.prepare(`
+			SELECT session_changes FROM message_snapshots
+			WHERE session_changes IS NOT NULL
+		`).all() as { session_changes: string }[];
+
+		const hashes = new Set<string>();
+		for (const row of rows) {
+			try {
+				const changes = JSON.parse(row.session_changes) as Record<string, { oldHash: string; newHash: string }>;
+				for (const change of Object.values(changes)) {
+					if (change.oldHash) hashes.add(change.oldHash);
+					if (change.newHash) hashes.add(change.newHash);
+				}
+			} catch { /* skip malformed */ }
+		}
+		return hashes;
 	}
 };

package/backend/database/utils/connection.ts

@@ -117,23 +117,29 @@ export class DatabaseManager {
 
 	async resetDatabase(): Promise<void> {
 		debug.log('database', '⚠️ Resetting database (dropping all tables)...');
-		
+
 		if (!this.db) {
 			throw new Error('Database not connected');
 		}
 
-		// Drop all tables
-		const tables = this.db.prepare(`
-			SELECT name FROM sqlite_master 
-			WHERE type='table' AND name NOT LIKE 'sqlite_%'
-		`).all() as { name: string }[];
+		// Disable foreign key checks to allow dropping in any order
+		this.db.exec('PRAGMA foreign_keys = OFF');
 
-		for (const table of tables) {
-			debug.log('database', `🗑️ Dropping table: ${table.name}`);
-			this.db.exec(`DROP TABLE IF EXISTS ${table.name}`);
-		}
+		try {
+			const tables = this.db.prepare(`
+				SELECT name FROM sqlite_master
+				WHERE type='table' AND name NOT LIKE 'sqlite_%'
+			`).all() as { name: string }[];
+
+			for (const table of tables) {
+				debug.log('database', `🗑️ Dropping table: ${table.name}`);
+				this.db.exec(`DROP TABLE IF EXISTS ${table.name}`);
+			}
 
-		debug.log('database', '✅ Database reset completed');
+			debug.log('database', '✅ Database reset completed');
+		} finally {
+			this.db.exec('PRAGMA foreign_keys = ON');
+		}
 	}
 
 	async vacuum(): Promise<void> {

package/backend/engine/adapters/claude/stream.ts

@@ -22,6 +22,7 @@ import { debug } from '$shared/utils/logger';
 /** Pending AskUserQuestion resolver — stored while SDK is blocked waiting for user input */
 interface PendingUserAnswer {
   resolve: (result: PermissionResult) => void;
+  removeAbortListener: () => void;
   input: Record<string, unknown>;
 }
 
@@ -130,6 +131,9 @@ export class ClaudeCodeEngine implements AIEngine {
                   options.signal.removeEventListener('abort', onAbort);
                   resolve(result);
                 },
+                removeAbortListener: () => {
+                  options.signal.removeEventListener('abort', onAbort);
+                },
                 input
               });
             });
@@ -180,9 +184,15 @@ export class ClaudeCodeEngine implements AIEngine {
    * Cancel active query
    */
   async cancel(): Promise<void> {
-    // Resolve all pending AskUserQuestion promises before terminating.
+    // Remove abort listeners from pending AskUserQuestion promises WITHOUT
+    // resolving them. Resolving causes the SDK to call handleControlRequest →
+    // write() to send the permission result to the subprocess. If close() has
+    // already killed the subprocess, this write throws "Operation aborted" as
+    // an unhandled error, crashing the server. By removing listeners and not
+    // resolving, the promises are safely abandoned when close() terminates the
+    // process and the async generator completes.
     for (const [, pending] of this.pendingUserAnswers) {
-      pending.resolve({ behavior: 'deny', message: 'Cancelled' });
+      pending.removeAbortListener();
     }
     this.pendingUserAnswers.clear();
 

package/backend/index.ts

@@ -35,6 +35,7 @@ import { handleMcpRequest, closeMcpServer } from './mcp/remote-server';
 
 // Auth middleware
 import { checkRouteAccess } from './auth/permissions';
+import { authRateLimiter } from './auth';
 import { ws as wsServer } from './utils/ws';
 
 // Register auth gate on WebSocket router — blocks unauthenticated/unauthorized access
@@ -165,22 +166,32 @@ async function gracefulShutdown() {
 	if (isShuttingDown) return;
 	isShuttingDown = true;
 
+	// Force exit after 5 seconds — prevents port from being held by slow cleanup
+	// during bun --watch restarts, which causes ECONNREFUSED on the Vite WS proxy.
+	const forceExitTimer = setTimeout(() => {
+		debug.warn('server', '⚠️ Shutdown timeout — forcing exit to release port');
+		process.exit(1);
+	}, 5_000);
+
 	console.log('\n🛑 Shutting down server...');
 	try {
+		// Stop accepting new connections first — release the port ASAP
+		app.stop();
+		// Dispose rate limiter timer
+		authRateLimiter.dispose();
 		// Close MCP remote server (before engines, as they may still reference it)
 		await closeMcpServer();
 		// Cleanup browser preview sessions
 		await browserPreviewServiceManager.cleanup();
 		// Dispose all AI engines
 		await disposeAllEngines();
-		// Stop accepting new connections
-		app.stop();
 		// Close database connection
 		closeDatabase();
 		debug.log('server', '✅ Graceful shutdown completed');
 	} catch (error) {
 		debug.error('server', '❌ Error during shutdown:', error);
 	}
+	clearTimeout(forceExitTimer);
 	process.exit(0);
 }
 

package/backend/snapshot/blob-store.ts

@@ -4,7 +4,6 @@
  *
  * Structure:
  *   ~/.clopen/snapshots/blobs/{hash[0:2]}/{hash}.gz  - compressed file blobs
- *   ~/.clopen/snapshots/trees/{snapshotId}.json       - tree maps (filepath -> hash)
  *
  * Deduplication: Same file content across any snapshot is stored only once.
  * Compression: All blobs are gzip compressed to minimize disk usage.
@@ -18,7 +17,6 @@ import { getClopenDir } from '../utils/index.js';
 
 const SNAPSHOTS_DIR = join(getClopenDir(), 'snapshots');
 const BLOBS_DIR = join(SNAPSHOTS_DIR, 'blobs');
-const TREES_DIR = join(SNAPSHOTS_DIR, 'trees');
 
 export interface TreeMap {
 	[filepath: string]: string; // filepath -> blob hash
@@ -45,7 +43,6 @@ class BlobStore {
 	async init(): Promise<void> {
 		if (this.initialized) return;
 		await fs.mkdir(BLOBS_DIR, { recursive: true });
-		await fs.mkdir(TREES_DIR, { recursive: true });
 		this.initialized = true;
 	}
 
@@ -112,69 +109,6 @@ class BlobStore {
 		return gunzipSync(compressed);
 	}
 
-	/**
-	 * Store a tree (snapshot state) as a JSON file.
-	 * Returns the tree hash for reference.
-	 */
-	async storeTree(snapshotId: string, tree: TreeMap): Promise<string> {
-		await this.init();
-		const treePath = join(TREES_DIR, `${snapshotId}.json`);
-		const content = JSON.stringify(tree);
-		const treeHash = this.hashContent(Buffer.from(content, 'utf-8'));
-		await fs.writeFile(treePath, content, 'utf-8');
-		return treeHash;
-	}
-
-	/**
-	 * Read a tree by snapshot ID
-	 */
-	async readTree(snapshotId: string): Promise<TreeMap> {
-		const treePath = join(TREES_DIR, `${snapshotId}.json`);
-		const content = await fs.readFile(treePath, 'utf-8');
-		return JSON.parse(content) as TreeMap;
-	}
-
-	/**
-	 * Check if a tree exists
-	 */
-	async hasTree(snapshotId: string): Promise<boolean> {
-		try {
-			await fs.access(join(TREES_DIR, `${snapshotId}.json`));
-			return true;
-		} catch {
-			return false;
-		}
-	}
-
-	/**
-	 * Resolve a tree to full file contents (as Buffers).
-	 * Reads all blobs in parallel for performance.
-	 * Returns { filepath: Buffer } map for binary-safe handling.
-	 */
-	async resolveTree(tree: TreeMap): Promise<Record<string, Buffer>> {
-		const result: Record<string, Buffer> = {};
-
-		const entries = Object.entries(tree);
-		const blobPromises = entries.map(async ([filepath, hash]) => {
-			try {
-				const content = await this.readBlob(hash);
-				return { filepath, content };
-			} catch (err) {
-				debug.warn('snapshot', `Could not read blob ${hash} for ${filepath}:`, err);
-				return null;
-			}
-		});
-
-		const results = await Promise.all(blobPromises);
-		for (const r of results) {
-			if (r) {
-				result[r.filepath] = r.content;
-			}
-		}
-
-		return result;
-	}
-
 	/**
 	 * Hash a file using mtime cache. Returns { hash, content? }.
 	 * If the file hasn't changed (same mtime+size), returns cached hash without reading content.
@@ -191,10 +125,15 @@ class BlobStore {
 		// Check mtime cache
 		const cached = this.fileHashCache.get(filepath);
 		if (cached && cached.mtimeMs === stat.mtimeMs && cached.size === stat.size) {
-			return { hash: cached.hash, content: null, cached: true };
+			// Verify blob still exists on disk (could have been cleaned up)
+			if (await this.hasBlob(cached.hash)) {
+				return { hash: cached.hash, content: null, cached: true };
+			}
+			// Blob was deleted — invalidate cache, fall through to re-read and re-store
+			this.fileHashCache.delete(filepath);
 		}
 
-		// File changed - read as Buffer (binary-safe, no encoding conversion)
+		// File changed or cache miss - read as Buffer (binary-safe, no encoding conversion)
 		const content = await fs.readFile(fullPath);
 		const hash = this.hashContent(content);
 
@@ -212,14 +151,55 @@ class BlobStore {
 	}
 
 	/**
-	 * Delete a tree file (cleanup)
+	 * Delete multiple blobs by hash.
+	 * Also invalidates fileHashCache entries whose hash matches a deleted blob.
 	 */
-	async deleteTree(snapshotId: string): Promise<void> {
+	async deleteBlobs(hashes: string[]): Promise<number> {
+		const hashSet = new Set(hashes);
+		let deleted = 0;
+		for (const hash of hashes) {
+			try {
+				await fs.unlink(this.getBlobPath(hash));
+				deleted++;
+			} catch {
+				// Ignore - might not exist
+			}
+		}
+
+		// Invalidate fileHashCache entries pointing to deleted blobs
+		for (const [filepath, entry] of this.fileHashCache) {
+			if (hashSet.has(entry.hash)) {
+				this.fileHashCache.delete(filepath);
+			}
+		}
+
+		return deleted;
+	}
+
+	/**
+	 * Scan all blob files on disk and return their hashes.
+	 * Used for full garbage collection — compare with DB references to find orphans.
+	 */
+	async scanAllBlobHashes(): Promise<Set<string>> {
+		const hashes = new Set<string>();
 		try {
-			await fs.unlink(join(TREES_DIR, `${snapshotId}.json`));
+			const prefixDirs = await fs.readdir(BLOBS_DIR);
+			for (const prefix of prefixDirs) {
+				const prefixPath = join(BLOBS_DIR, prefix);
+				const stat = await fs.stat(prefixPath);
+				if (!stat.isDirectory()) continue;
+
+				const files = await fs.readdir(prefixPath);
+				for (const file of files) {
+					if (file.endsWith('.gz')) {
+						hashes.add(file.slice(0, -3)); // Remove .gz suffix
+					}
+				}
+			}
 		} catch {
-			// Ignore - might not exist
+			// Directory might not exist yet
 		}
+		return hashes;
 	}
 }