@openparachute/vault 0.5.3-rc.3 → 0.6.0

package/src/auto-transcribe.test.ts

@@ -118,4 +118,55 @@ describe("shouldAutoTranscribe", () => {
       enabledOverride: false,
     })).toBe(false);
   });
+
+  describe("per-vault precedence (per-vault → global → true)", () => {
+    test("per-vault true wins even when global is false", () => {
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(false),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: true,
+      })).toBe(true);
+    });
+
+    test("per-vault false wins even when global is true", () => {
+      // The whole point: linking scribe to vault X (perVault true) elsewhere
+      // must not force-on a vault that set its own false.
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(true),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: false,
+      })).toBe(false);
+    });
+
+    test("per-vault unset falls back to global", () => {
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(true),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: undefined,
+      })).toBe(true);
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(false),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: undefined,
+      })).toBe(false);
+    });
+
+    test("both per-vault and global unset falls back to true (no regression)", () => {
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(undefined),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: undefined,
+      })).toBe(true);
+    });
+
+    test("enabledOverride still hard-overrides the per-vault value", () => {
+      // The explicit caller-opt-in path beats everything.
+      expect(shouldAutoTranscribe("audio/wav", {
+        readGlobalConfigImpl: readGlobalConfig(true),
+        getCachedScribeUrlImpl: scribePresent,
+        perVaultEnabled: false,
+        enabledOverride: true,
+      })).toBe(true);
+    });
+  });
 });

package/src/auto-transcribe.ts

@@ -19,11 +19,18 @@ import { getCachedScribeUrl } from "./scribe-discovery.ts";
  *
  * Returns `true` only when ALL three conditions hold:
  *   1. mime-type starts with `audio/` (case-insensitive).
- *   2. `globalConfig.auto_transcribe?.enabled` is not explicitly false.
- *      Default behavior (when unset) is ON — once an operator has scribe
- *      reachable, audio attachments transcribe automatically without a
- *      separate config step. Operators who want it OFF set
- *      `auto_transcribe.enabled: false` explicitly.
+ *   2. The resolved auto-transcribe toggle is not `false`. Resolution is
+ *      **per-vault → global → true**:
+ *        - `perVaultEnabled` (the owning vault's own `auto_transcribe.enabled`)
+ *          wins when set — this is what makes scribe's "link to vault X" affect
+ *          only X, not the whole server.
+ *        - else the server-wide `globalConfig.auto_transcribe?.enabled`.
+ *        - else `true` (default ON — once scribe is reachable, audio
+ *          transcribes without a separate config step). Operators who want it
+ *          OFF set `auto_transcribe.enabled: false` explicitly (per-vault or
+ *          globally).
+ *      `enabledOverride`, when present, hard-overrides the whole chain (used
+ *      by the explicit caller-opt-in path).
  *   3. Scribe is discoverable (services.json entry OR SCRIBE_URL env).
  *
  * The three conditions are independent guards: a single `false` is sufficient
@@ -35,7 +42,17 @@ export function shouldAutoTranscribe(
     /** Injection seam for tests — defaults to live globals. */
     readGlobalConfigImpl?: typeof readGlobalConfig;
     getCachedScribeUrlImpl?: () => string | undefined;
-    /** Allow per-call enabled override — used by the explicit-opt-in path. */
+    /**
+     * The owning vault's per-vault `auto_transcribe.enabled` (vault.yaml).
+     * Takes precedence over the global toggle when set, so enabling/disabling
+     * one vault doesn't move the rest. `undefined` (the vault left it unset)
+     * falls through to the global toggle.
+     */
+    perVaultEnabled?: boolean;
+    /**
+     * Hard override of the entire per-vault→global→true chain. Used by the
+     * explicit caller-opt-in path; not part of the normal precedence ladder.
+     */
     enabledOverride?: boolean;
   } = {},
 ): boolean {
@@ -43,6 +60,7 @@ export function shouldAutoTranscribe(
     return false;
   }
   const enabled = opts.enabledOverride
+    ?? opts.perVaultEnabled
     ?? (opts.readGlobalConfigImpl ?? readGlobalConfig)().auto_transcribe?.enabled
     ?? true;
   if (!enabled) return false;

package/src/cli.ts

@@ -933,21 +933,16 @@ async function cmdCreate(args: string[]) {
     process.exit(1);
   }
 
-  // Lowercase-only (security review — multi-user hardening). An uppercase
-  // vault name flips the audience case (`vault.<Name>` vs `vault.<name>`)
-  // and drifts from hub-side / init-path lowercasing, breaking JWT
-  // audience matching. `init` already enforces lowercase via
-  // `validateVaultName`; mirror that rule here so uppercase can't enter
-  // through `create` either.
-  if (!/^[a-z0-9_-]+$/.test(name)) {
-    console.error("Vault name must be lowercase alphanumeric with hyphens or underscores (no uppercase).");
-    process.exit(1);
-  }
-  if (name === "list") {
-    // Reserved — keeps the "list" vault name out of play even though per-vault
-    // routes now live under /vault/<name>/ and no longer collide with the
-    // /vaults/list discovery endpoint.
-    console.error(`"list" is a reserved vault name.`);
+  // One validator for every name-minting edge (2026-06-09 hub-module-boundary
+  // migration B2). cmdCreate used to carry its own inline charset check plus a
+  // hardcoded `"list"` reservation that had drifted from `validateVaultName`'s
+  // set — a vault named `admin`/`new`/`assets` could enter through `create`
+  // and capture a reserved route (`/vault/admin` is the daemon-level admin
+  // mount as of B3). Consuming the shared validator also picks up its 2–32
+  // length rule, aligning `create` with `init`, the env var, and hub's wizard.
+  const nameValidation = validateVaultName(name);
+  if (!nameValidation.ok) {
+    console.error(nameValidation.error);
     process.exit(1);
   }
 
@@ -1575,20 +1570,52 @@ function cmdRemove(args: string[]) {
   // Keep default_vault in sync. If the removed vault was the default, either
   // promote the remaining vault (if exactly one) or clear the setting.
   const globalConfig = readGlobalConfig();
+  const remaining = listVaults();
+  let configDirty = false;
   if (globalConfig.default_vault === name) {
-    const remaining = listVaults();
     if (remaining.length === 1) {
       globalConfig.default_vault = remaining[0];
-      writeGlobalConfig(globalConfig);
       console.log(`  Default vault is now "${remaining[0]}".`);
     } else {
       delete globalConfig.default_vault;
-      writeGlobalConfig(globalConfig);
       if (remaining.length > 1) {
         console.log(`  Cleared default_vault — set one with: editor ${CONFIG_DIR}/config.yaml`);
       }
     }
+    configDirty = true;
+  }
+
+  // Last-vault marker (2026-06-09 hub-module-boundary migration, B1's
+  // CLI-side improvement). Server boot auto-creates `default` when zero
+  // vaults exist — without the marker, an operator who explicitly emptied
+  // the server would find a freshly-credentialed `default` resurrected on
+  // the next restart. Fresh installs never carry the marker (no config.yaml
+  // at all), so Docker / hub-install first-run auto-create is preserved.
+  if (remaining.length === 0 && globalConfig.auto_create !== false) {
+    globalConfig.auto_create = false;
+    configDirty = true;
+    console.log(
+      `  Last vault removed — wrote auto_create: false to ${GLOBAL_CONFIG_PATH} so the` +
+        ` server won't auto-recreate "default" on next boot. Create a vault with:` +
+        ` parachute-vault create <name>`,
+    );
   }
+  if (configDirty) writeGlobalConfig(globalConfig);
+
+  // Refresh services.json so the removed vault's /vault/<name> path drops
+  // out of the parachute-vault row immediately — the same selfRegister
+  // refresh cmdCreate does (#208). Without this, the hub's well-known
+  // fan-out kept advertising the deleted vault until the next server boot.
+  // Note: with zero vaults remaining, selfRegister falls back to the
+  // manifest's canonical paths (`/vault/default`) — the same row a
+  // subsequent boot would write — so CLI-remove and boot agree on the
+  // zero-vault registration shape. Warnings go to stderr; status lines stay
+  // ours.
+  selfRegister({
+    version: pkg.version,
+    warn: (msg) => console.error(`Warning: ${msg}`),
+    log: () => {},
+  });
 }
 
 async function cmdConfig(args: string[]) {

package/src/config.test.ts

@@ -169,6 +169,33 @@ describe("config", () => {
     expect(loaded!.transcription).toBeUndefined();
   });
 
+  test("round-trips per-vault auto_transcribe.enabled (true + false)", () => {
+    // The PATCH /api/vault handler persists the per-vault toggle via
+    // writeVaultConfig; confirm it survives a read-back — this is the exact
+    // field shouldAutoTranscribe reads per-vault (per-vault → global → true).
+    const base: VaultConfig = {
+      name: "testvault",
+      api_keys: [],
+      created_at: "2026-01-01T00:00:00.000Z",
+    };
+
+    writeVaultConfig({ ...base, auto_transcribe: { enabled: true } });
+    expect(readVaultConfig("testvault")!.auto_transcribe?.enabled).toBe(true);
+
+    writeVaultConfig({ ...base, auto_transcribe: { enabled: false } });
+    expect(readVaultConfig("testvault")!.auto_transcribe?.enabled).toBe(false);
+  });
+
+  test("vault config without auto_transcribe loads as undefined (falls back to global)", () => {
+    const config: VaultConfig = {
+      name: "testvault",
+      api_keys: [],
+      created_at: "2026-01-01T00:00:00.000Z",
+    };
+    writeVaultConfig(config);
+    expect(readVaultConfig("testvault")!.auto_transcribe).toBeUndefined();
+  });
+
   test("round-trips discovery: enabled|disabled", () => {
     // Default: absent means enabled (endpoint serves names).
     writeGlobalConfig({ port: 1940 });

package/src/config.ts

@@ -183,6 +183,23 @@ export interface VaultConfig {
   transcription?: {
     context?: TriggerIncludeContext[];
   };
+  /**
+   * Per-vault auto-transcribe override (vault#353 follow-up). When set, this
+   * vault's value takes precedence over the server-wide
+   * `GlobalConfig.auto_transcribe.enabled`. Resolution at the decision point
+   * (`shouldAutoTranscribe`) is **per-vault → global → true**: a vault that
+   * sets `enabled` here uses it; a vault that leaves it unset falls back to
+   * the global toggle, which itself defaults ON.
+   *
+   * This is what makes scribe's "link to vault X" genuinely per-vault —
+   * `PATCH /vault/X/api/vault {auto_transcribe:{enabled:true}}` flips only
+   * vault X, never the whole server. URL + bearer are still resolved per-
+   * process (services.json / SCRIBE_AUTH_TOKEN); only the on/off toggle is
+   * per-vault.
+   */
+  auto_transcribe?: {
+    enabled?: boolean;
+  };
 }
 
 // ---------------------------------------------------------------------------
@@ -240,6 +257,20 @@ export interface TriggerAction {
    * top-level `context` field (send=json). send=content ignores this.
    */
   include_context?: TriggerIncludeContext[];
+  /**
+   * Optional webhook auth. When `auth.bearer` is set, the trigger sends
+   * `Authorization: Bearer <bearer>` on the webhook POST — the JWT path that
+   * retires the shared `?secret=` query param. Back-compat: a webhook URL
+   * carrying its own `?secret=` still works; `auth` is purely additive.
+   * Runtime triggers (registered via the /api/triggers REST surface) are the
+   * primary users; config.yaml triggers may also carry it.
+   */
+  auth?: TriggerAuth;
+}
+
+export interface TriggerAuth {
+  /** Bearer token (typically a hub-issued JWT) for the webhook Authorization header. */
+  bearer?: string;
 }
 
 export interface TriggerConfig {
@@ -281,6 +312,19 @@ export interface GlobalConfig {
    * point their own supervisor at it.
    */
   autostart?: boolean;
+  /**
+   * Boot auto-create marker (2026-06-09 hub-module-boundary migration, the
+   * vault wave's `cmdRemove` improvement). Server boot auto-creates a
+   * `default` vault when `listVaults()` is empty — the Docker / hub-install
+   * first-run path. When the operator EXPLICITLY deletes their last vault
+   * via `parachute-vault remove`, that auto-create would silently resurrect
+   * a fresh `default` (with fresh credentials) on the next boot. `cmdRemove`
+   * writes `auto_create: false` when it removes the last vault; boot skips
+   * the auto-create while the marker is present. Fresh installs (no
+   * config.yaml at all) never carry the marker, so the Docker first-run
+   * behavior is preserved. See `bootAutoCreateAllowed`.
+   */
+  auto_create?: boolean;
   /** Backup configuration: schedule, retention, destinations. */
   backup?: BackupConfig;
   /**
@@ -430,6 +474,14 @@ function serializeVaultConfig(config: VaultConfig): string {
     lines.push(`audio_retention: ${config.audio_retention}`);
   }
 
+  // Per-vault auto-transcribe override. Serialized as a nested block so future
+  // fields can grow under it (mirrors the GlobalConfig shape). Only emitted
+  // when `enabled` is explicitly set — an unset vault falls back to global.
+  if (config.auto_transcribe?.enabled !== undefined) {
+    lines.push("auto_transcribe:");
+    lines.push(`  enabled: ${config.auto_transcribe.enabled}`);
+  }
+
   if (config.transcription?.context?.length) {
     lines.push("transcription:");
     lines.push("  context:");
@@ -566,6 +618,22 @@ function parseVaultConfig(yaml: string, name: string): VaultConfig {
     config.transcription = { context: transcriptionContext };
   }
 
+  // Parse the per-vault auto_transcribe block — currently single boolean
+  // `enabled`. Nested 2-space-indent block (mirrors the GlobalConfig parser)
+  // so future fields can grow under it without breaking the regex.
+  const autoTranscribeStart = yaml.match(/^auto_transcribe:\s*$/m);
+  if (autoTranscribeStart) {
+    const after = yaml.slice((autoTranscribeStart.index ?? 0) + autoTranscribeStart[0].length);
+    for (const line of after.split("\n")) {
+      if (line.match(/^\S/) && line.trim().length > 0) break; // next top-level key
+      const m = line.match(/^\s+enabled:\s*(true|false)/);
+      if (m) {
+        config.auto_transcribe = { enabled: m[1]! === "true" };
+        break;
+      }
+    }
+  }
+
   return config;
 }
 
@@ -1203,6 +1271,20 @@ export function migrateVaultInternalLayout(): void {
 // Global config
 // ---------------------------------------------------------------------------
 
+/**
+ * Whether server boot may auto-create the first vault when none exist.
+ *
+ * Only the explicit `auto_create: false` marker (written by `cmdRemove`
+ * when it deletes the LAST vault) blocks the auto-create. A fresh install
+ * has no config.yaml — `readGlobalConfig()` returns defaults with
+ * `auto_create` unset — so Docker / hub-install first-run still
+ * auto-creates `default`. Pure + exported so the boot gate is testable
+ * without booting a server.
+ */
+export function bootAutoCreateAllowed(config: Pick<GlobalConfig, "auto_create">): boolean {
+  return config.auto_create !== false;
+}
+
 export function readGlobalConfig(): GlobalConfig {
   try {
     const gcPath = globalConfigPath();
@@ -1214,6 +1296,7 @@ export function readGlobalConfig(): GlobalConfig {
       const totpSecretMatch = yaml.match(/^totp_secret:\s*"([^"]+)"/m);
       const discoveryMatch = yaml.match(/^discovery:\s*(enabled|disabled)/m);
       const autostartMatch = yaml.match(/^autostart:\s*(true|false)/m);
+      const autoCreateMatch = yaml.match(/^auto_create:\s*(true|false)/m);
       const defaultMirrorMatch = yaml.match(/^default_mirror:\s*(internal|off)/m);
       // auto_transcribe block — currently single boolean `enabled` (vault#353).
       // Parsed as a nested 2-space-indent block so future fields can grow under
@@ -1243,6 +1326,9 @@ export function readGlobalConfig(): GlobalConfig {
       if (autostartMatch) {
         config.autostart = autostartMatch[1]! === "true";
       }
+      if (autoCreateMatch) {
+        config.auto_create = autoCreateMatch[1]! === "true";
+      }
       if (defaultMirrorMatch) {
         config.default_mirror = defaultMirrorMatch[1]! as "internal" | "off";
       }
@@ -1318,6 +1404,7 @@ export function writeGlobalConfig(config: GlobalConfig): void {
   if (config.default_vault) lines.push(`default_vault: ${config.default_vault}`);
   if (config.discovery) lines.push(`discovery: ${config.discovery}`);
   if (config.autostart !== undefined) lines.push(`autostart: ${config.autostart}`);
+  if (config.auto_create !== undefined) lines.push(`auto_create: ${config.auto_create}`);
   if (config.default_mirror) lines.push(`default_mirror: ${config.default_mirror}`);
   if (config.owner_password_hash) {
     lines.push(`owner_password_hash: "${config.owner_password_hash}"`);

package/src/live-match.test.ts

@@ -0,0 +1,198 @@
+/**
+ * Predicate-parity tests for the live matcher (live-query SSE).
+ *
+ * The load-bearing invariant: for any supported query, the set of notes the
+ * snapshot SQL (`store.queryNotes`) returns MUST equal the set the in-process
+ * `buildLiveMatcher` accepts over the same corpus. Each `it` seeds a corpus,
+ * runs both evaluators for a query shape, and asserts the id-sets are equal.
+ */
+
+import { describe, it, expect, beforeEach, afterEach } from "bun:test";
+import { Database } from "bun:sqlite";
+import { SqliteStore } from "../core/src/store.ts";
+import { generateMcpTools } from "../core/src/mcp.ts";
+import type { QueryOpts } from "../core/src/types.ts";
+import { buildLiveMatcher } from "./live-match.ts";
+
+/**
+ * Declare metadata fields as `indexed: true` via the update-tag MCP tool —
+ * the only path that populates the `indexed_fields` table + reconciles the
+ * generated `meta_<field>` columns the snapshot operator queries need.
+ * `store.upsertTagSchema` alone records the schema but NOT the index.
+ */
+async function declareIndexed(tag: string, fields: Record<string, { type: string; indexed: boolean }>) {
+  const tools = generateMcpTools(store);
+  const updateTag = tools.find((t) => t.name === "update-tag")!;
+  await updateTag.execute({ tag, fields });
+}
+
+let db: Database;
+let store: SqliteStore;
+
+beforeEach(() => {
+  db = new Database(":memory:");
+  store = new SqliteStore(db);
+});
+
+afterEach(() => {
+  db.close();
+});
+
+/** Build the parity assertion: snapshot id-set === live-matcher id-set. */
+async function assertParity(opts: QueryOpts): Promise<Set<string>> {
+  const snapshot = await store.queryNotes(opts);
+  const snapshotIds = new Set(snapshot.map((n) => n.id));
+
+  const all = await store.queryNotes({ limit: 100000 });
+  const matcher = await buildLiveMatcher(store, opts);
+  const liveIds = new Set(all.filter((n) => matcher.match(n)).map((n) => n.id));
+
+  expect([...liveIds].sort()).toEqual([...snapshotIds].sort());
+  return snapshotIds;
+}
+
+describe("live-match — predicate parity with the query engine", () => {
+  it("tags (single, no hierarchy)", async () => {
+    await store.createNote("a", { tags: ["chat"] });
+    await store.createNote("b", { tags: ["chat", "x"] });
+    await store.createNote("c", { tags: ["other"] });
+    await store.createNote("d", {});
+    const ids = await assertParity({ tags: ["chat"] });
+    expect(ids.size).toBe(2);
+  });
+
+  it("tags 'all' (AND) across multiple tags", async () => {
+    await store.createNote("a", { tags: ["chat", "x"] });
+    await store.createNote("b", { tags: ["chat"] });
+    await store.createNote("c", { tags: ["x"] });
+    const ids = await assertParity({ tags: ["chat", "x"], tagMatch: "all" });
+    expect(ids.size).toBe(1);
+  });
+
+  it("tags 'any' (OR) across multiple tags", async () => {
+    await store.createNote("a", { tags: ["chat"] });
+    await store.createNote("b", { tags: ["x"] });
+    await store.createNote("c", { tags: ["other"] });
+    const ids = await assertParity({ tags: ["chat", "x"], tagMatch: "any" });
+    expect(ids.size).toBe(2);
+  });
+
+  it("tags with descendant/hierarchy expansion", async () => {
+    // Declare voice as a child of manual via parent_names.
+    await store.upsertTagRecord("manual", { description: "manual root" });
+    await store.upsertTagRecord("voice", { parent_names: ["manual"] });
+    await store.createNote("root", { tags: ["manual"] });
+    await store.createNote("child", { tags: ["voice"] });
+    await store.createNote("unrelated", { tags: ["other"] });
+    // Query for #manual should match notes tagged #voice (a descendant).
+    const ids = await assertParity({ tags: ["manual"] });
+    expect(ids.has("nonexistent")).toBe(false);
+    // Both root + child match.
+    const notes = await store.queryNotes({ tags: ["manual"] });
+    expect(notes.length).toBe(2);
+  });
+
+  it("excludeTags (raw, no expansion — mirrors engine)", async () => {
+    await store.createNote("a", { tags: ["chat"] });
+    await store.createNote("b", { tags: ["chat", "muted"] });
+    await assertParity({ tags: ["chat"], excludeTags: ["muted"] });
+  });
+
+  it("path (case-insensitive exact)", async () => {
+    await store.createNote("a", { path: "Channels/general" });
+    await store.createNote("b", { path: "Channels/random" });
+    await assertParity({ path: "channels/general" });
+  });
+
+  it("pathPrefix", async () => {
+    await store.createNote("a", { path: "Channels/general" });
+    await store.createNote("b", { path: "Channels/random" });
+    await store.createNote("c", { path: "Other/thing" });
+    const ids = await assertParity({ pathPrefix: "Channels/" });
+    expect(ids.size).toBe(2);
+  });
+
+  it("pathPrefix (mixed-case — parity with the engine's CI LIKE) (N1)", async () => {
+    await store.createNote("a", { path: "Channels/general" });
+    await store.createNote("b", { path: "Channels/random" });
+    await store.createNote("c", { path: "Other/thing" });
+    // Lower-case prefix must still match the title-case paths, same as the
+    // engine's `LIKE 'channels/%'` (ASCII case-insensitive).
+    const ids = await assertParity({ pathPrefix: "channels/" });
+    expect(ids.size).toBe(2);
+  });
+
+  it("hasTags true/false (M1 — presence parity)", async () => {
+    await store.createNote("tagged", { tags: ["x"] });
+    await store.createNote("bare", {});
+    const has = await assertParity({ hasTags: true });
+    expect(has.size).toBe(1);
+    const none = await assertParity({ hasTags: false });
+    expect(none.size).toBe(1);
+  });
+
+  it("hasTags is ignored when a tag filter is also present (engine parity)", async () => {
+    // queryNotes drops hasTags when `tags` is set (the tag filter already
+    // constrains to tagged notes); the matcher must mirror that exactly.
+    await store.createNote("a", { tags: ["chat"] });
+    await store.createNote("b", { tags: ["other"] });
+    await assertParity({ tags: ["chat"], hasTags: false });
+  });
+
+  it("extension (default md + explicit)", async () => {
+    await store.createNote("md1", { path: "n1" });
+    await store.createNote("csv1", { path: "n2", extension: "csv" });
+    await assertParity({ extension: "csv" });
+    await assertParity({ extension: "md" });
+    await assertParity({ extension: ["csv", "yaml"] });
+  });
+
+  describe("metadata operators (indexed field)", () => {
+    beforeEach(async () => {
+      // Declare `channel` + `count` indexed so the snapshot operator path works.
+      await declareIndexed("msg", {
+        channel: { type: "string", indexed: true },
+        count: { type: "integer", indexed: true },
+      });
+      await store.createNote("g1", { tags: ["msg"], metadata: { channel: "general", count: 5 } });
+      await store.createNote("g2", { tags: ["msg"], metadata: { channel: "general", count: 10 } });
+      await store.createNote("r1", { tags: ["msg"], metadata: { channel: "random", count: 1 } });
+      await store.createNote("n1", { tags: ["msg"] }); // no channel/count
+    });
+
+    it("eq", async () => {
+      const ids = await assertParity({ tags: ["msg"], metadata: { channel: { eq: "general" } } });
+      expect(ids.size).toBe(2);
+    });
+    it("ne (absent field passes)", async () => {
+      await assertParity({ tags: ["msg"], metadata: { channel: { ne: "general" } } });
+    });
+    it("gt / gte / lt / lte", async () => {
+      await assertParity({ tags: ["msg"], metadata: { count: { gt: 5 } } });
+      await assertParity({ tags: ["msg"], metadata: { count: { gte: 5 } } });
+      await assertParity({ tags: ["msg"], metadata: { count: { lt: 5 } } });
+      await assertParity({ tags: ["msg"], metadata: { count: { lte: 5 } } });
+    });
+    it("in / not_in", async () => {
+      await assertParity({ tags: ["msg"], metadata: { channel: { in: ["general", "random"] } } });
+      await assertParity({ tags: ["msg"], metadata: { channel: { not_in: ["random"] } } });
+    });
+    it("exists true/false", async () => {
+      await assertParity({ tags: ["msg"], metadata: { channel: { exists: true } } });
+      await assertParity({ tags: ["msg"], metadata: { channel: { exists: false } } });
+    });
+    it("combined: tag + metadata operator (the channel case)", async () => {
+      const ids = await assertParity({
+        tags: ["msg"],
+        metadata: { channel: { eq: "general" }, count: { gte: 10 } },
+      });
+      expect(ids.size).toBe(1);
+    });
+  });
+
+  it("metadata primitive exact-match (shorthand)", async () => {
+    await store.createNote("a", { tags: ["t"], metadata: { kind: "note" } });
+    await store.createNote("b", { tags: ["t"], metadata: { kind: "task" } });
+    await assertParity({ tags: ["t"], metadata: { kind: "note" } });
+  });
+});