@vellumai/assistant 0.5.6 → 0.5.8

package/src/memory/migrations/127-guardian-principal-id-not-null.ts

@@ -1,6 +1,83 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v16: rebuild channel_guardian_bindings to make guardian_principal_id
+ * nullable again (removing the NOT NULL constraint added by the forward migration).
+ */
+export function downGuardianPrincipalIdNotNull(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  const tableExists = raw
+    .query(
+      `SELECT 1 FROM sqlite_master WHERE type = 'table' AND name = 'channel_guardian_bindings'`,
+    )
+    .get();
+  if (!tableExists) return;
+
+  // Check if guardian_principal_id has NOT NULL — if not, already rolled back
+  const colInfo = raw
+    .query(
+      `SELECT "notnull" FROM pragma_table_info('channel_guardian_bindings') WHERE name = 'guardian_principal_id'`,
+    )
+    .get() as { notnull: number } | null;
+  if (!colInfo || colInfo.notnull === 0) return;
+
+  raw.exec("PRAGMA foreign_keys = OFF");
+  try {
+    raw.exec("BEGIN");
+
+    raw.exec(/*sql*/ `
+      CREATE TABLE channel_guardian_bindings_new (
+        id TEXT PRIMARY KEY,
+        assistant_id TEXT NOT NULL,
+        channel TEXT NOT NULL,
+        guardian_external_user_id TEXT NOT NULL,
+        guardian_delivery_chat_id TEXT NOT NULL,
+        guardian_principal_id TEXT,
+        status TEXT NOT NULL DEFAULT 'active',
+        verified_at INTEGER NOT NULL,
+        verified_via TEXT NOT NULL DEFAULT 'challenge',
+        metadata_json TEXT,
+        created_at INTEGER NOT NULL,
+        updated_at INTEGER NOT NULL
+      )
+    `);
+
+    raw.exec(/*sql*/ `
+      INSERT INTO channel_guardian_bindings_new
+      SELECT id, assistant_id, channel, guardian_external_user_id,
+             guardian_delivery_chat_id, guardian_principal_id,
+             status, verified_at, verified_via, metadata_json,
+             created_at, updated_at
+      FROM channel_guardian_bindings
+    `);
+
+    raw.exec(/*sql*/ `DROP TABLE channel_guardian_bindings`);
+    raw.exec(
+      /*sql*/ `ALTER TABLE channel_guardian_bindings_new RENAME TO channel_guardian_bindings`,
+    );
+
+    // Recreate the unique index for active bindings
+    raw.exec(/*sql*/ `
+      CREATE UNIQUE INDEX IF NOT EXISTS idx_channel_guardian_bindings_active
+      ON channel_guardian_bindings(assistant_id, channel)
+      WHERE status = 'active'
+    `);
+
+    raw.exec("COMMIT");
+  } catch (e) {
+    try {
+      raw.exec("ROLLBACK");
+    } catch {
+      /* no active transaction */
+    }
+    throw e;
+  } finally {
+    raw.exec("PRAGMA foreign_keys = ON");
+  }
+}
+
 /**
  * Enforce NOT NULL on channel_guardian_bindings.guardian_principal_id.
  *

package/src/memory/migrations/134-contacts-notes-column.ts

@@ -2,6 +2,19 @@ import { getLogger } from "../../util/logger.js";
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v17: no-op — the original separate columns (relationship, importance,
+ * response_expectation, preferred_tone) cannot be reliably restored from the
+ * consolidated notes TEXT column.
+ *
+ * The forward migration concatenated multiple typed fields into a single
+ * free-text notes field and then dropped the original columns. Parsing the
+ * notes back into structured fields would be lossy and error-prone.
+ */
+export function downContactsNotesColumn(_database: DrizzleDb): void {
+  // Lossy — original structured columns cannot be restored from notes text.
+}
+
 const log = getLogger("migration-134");
 
 export function migrateContactsNotesColumn(database: DrizzleDb): void {

package/src/memory/migrations/135-backfill-contact-interaction-stats.ts

@@ -1,6 +1,26 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v18: set contacts.last_interaction back to NULL.
+ *
+ * The forward migration backfilled last_interaction from channel data.
+ * Rolling back simply clears the column — the data can be re-derived by
+ * re-running the forward migration.
+ */
+export function downBackfillContactInteractionStats(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  const colExists = raw
+    .query(
+      `SELECT 1 FROM pragma_table_info('contacts') WHERE name = 'last_interaction'`,
+    )
+    .get();
+  if (!colExists) return;
+
+  raw.exec(/*sql*/ `UPDATE contacts SET last_interaction = NULL`);
+}
+
 /**
  * Backfill contacts.last_interaction from the max lastSeenAt across each
  * contact's channels. interactionCount cannot be reliably derived from

package/src/memory/migrations/136-drop-assistant-id-columns.ts

@@ -2,6 +2,58 @@ import { getLogger } from "../../util/logger.js";
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v19: add assistant_id columns back to all 16 tables via
+ * ALTER TABLE ADD COLUMN, defaulting to 'self'.
+ *
+ * This restores the column that the forward migration dropped. All rows
+ * get assistant_id = 'self' since that was the only value before dropping.
+ */
+export function downDropAssistantIdColumns(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  const tables = [
+    "contacts",
+    "assistant_ingress_invites",
+    "assistant_inbox_thread_state",
+    "call_sessions",
+    "channel_guardian_verification_challenges",
+    "channel_guardian_approval_requests",
+    "channel_guardian_rate_limits",
+    "guardian_action_requests",
+    "scoped_approval_grants",
+    "notification_events",
+    "notification_preferences",
+    "notification_deliveries",
+    "conversation_attention_events",
+    "conversation_assistant_attention_state",
+    "actor_token_records",
+    "actor_refresh_token_records",
+  ];
+
+  for (const table of tables) {
+    // Skip if table doesn't exist
+    const tableExists = raw
+      .query(`SELECT 1 FROM sqlite_master WHERE type = 'table' AND name = ?`)
+      .get(table);
+    if (!tableExists) continue;
+
+    // Skip if column already exists (idempotent)
+    const colExists = raw
+      .query(`SELECT 1 FROM pragma_table_info(?) WHERE name = 'assistant_id'`)
+      .get(table);
+    if (colExists) continue;
+
+    try {
+      raw.exec(
+        /*sql*/ `ALTER TABLE ${table} ADD COLUMN assistant_id TEXT NOT NULL DEFAULT 'self'`,
+      );
+    } catch {
+      /* column may already exist from partial run */
+    }
+  }
+}
+
 const log = getLogger("migration-136");
 
 /**

package/src/memory/migrations/140-backfill-usage-cache-accounting.ts

@@ -8,6 +8,19 @@ import { resolvePricingForUsageWithOverrides } from "../../util/pricing.js";
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v20: no-op — cannot reliably identify which llm_usage_events rows
+ * were updated by the backfill vs already had correct cache accounting.
+ *
+ * The forward migration updated input_tokens, output_tokens, cache token
+ * columns, estimated_cost_usd, and pricing_status based on request logs.
+ * There is no marker distinguishing backfilled rows from naturally-written
+ * ones, so a reversal cannot be performed without risking data corruption.
+ */
+export function downBackfillUsageCacheAccounting(_database: DrizzleDb): void {
+  // Lossy — cannot identify which rows were backfilled.
+}
+
 const log = getLogger("memory-db");
 
 const CHECKPOINT_KEY = "migration_backfill_usage_cache_accounting_v1";

package/src/memory/migrations/141-rename-verification-table.ts

@@ -1,6 +1,60 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v21: rename channel_verification_sessions back to
+ * channel_guardian_verification_challenges and recreate old indexes.
+ */
+export function downRenameVerificationTable(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  // Check the new table exists before attempting anything
+  const newTableExists = raw
+    .query(
+      `SELECT 1 FROM sqlite_master WHERE type = 'table' AND name = 'channel_verification_sessions'`,
+    )
+    .get();
+  if (!newTableExists) return;
+
+  // If the old table already exists, skip (already rolled back)
+  const oldTableExists = raw
+    .query(
+      `SELECT 1 FROM sqlite_master WHERE type = 'table' AND name = 'channel_guardian_verification_challenges'`,
+    )
+    .get();
+  if (oldTableExists) return;
+
+  // Rename back to old name
+  raw.exec(
+    /*sql*/ `ALTER TABLE channel_verification_sessions RENAME TO channel_guardian_verification_challenges`,
+  );
+
+  // Drop new-style indexes and recreate old-style ones
+  raw.exec(/*sql*/ `DROP INDEX IF EXISTS idx_verification_sessions_lookup`);
+  raw.exec(/*sql*/ `DROP INDEX IF EXISTS idx_verification_sessions_active`);
+  raw.exec(/*sql*/ `DROP INDEX IF EXISTS idx_verification_sessions_identity`);
+  raw.exec(
+    /*sql*/ `DROP INDEX IF EXISTS idx_verification_sessions_destination`,
+  );
+  raw.exec(/*sql*/ `DROP INDEX IF EXISTS idx_verification_sessions_bootstrap`);
+
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_channel_guardian_challenges_lookup ON channel_guardian_verification_challenges(channel, challenge_hash, status)`,
+  );
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_guardian_sessions_active ON channel_guardian_verification_challenges(channel, status)`,
+  );
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_guardian_sessions_identity ON channel_guardian_verification_challenges(channel, expected_external_user_id, expected_chat_id, status)`,
+  );
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_guardian_sessions_destination ON channel_guardian_verification_challenges(channel, destination_address)`,
+  );
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_guardian_sessions_bootstrap ON channel_guardian_verification_challenges(channel, bootstrap_token_hash, status)`,
+  );
+}
+
 /**
  * One-shot migration: rename channel_guardian_verification_challenges →
  * channel_verification_sessions, including all indexes that reference the

package/src/memory/migrations/142-rename-verification-session-id-column.ts

@@ -1,6 +1,31 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v22: rename verification_session_id back to
+ * guardian_verification_session_id in call_sessions.
+ */
+export function downRenameVerificationSessionIdColumn(
+  database: DrizzleDb,
+): void {
+  const raw = getSqliteFrom(database);
+
+  const columns = raw.query(`PRAGMA table_info(call_sessions)`).all() as Array<{
+    name: string;
+  }>;
+  const hasNewColumn = columns.some(
+    (c) => c.name === "verification_session_id",
+  );
+  const hasOldColumn = columns.some(
+    (c) => c.name === "guardian_verification_session_id",
+  );
+  if (!hasNewColumn || hasOldColumn) return;
+
+  raw.exec(
+    /*sql*/ `ALTER TABLE call_sessions RENAME COLUMN verification_session_id TO guardian_verification_session_id`,
+  );
+}
+
 /**
  * One-shot migration: rename the guardian_verification_session_id column
  * in call_sessions to verification_session_id, dropping the "guardian_"

package/src/memory/migrations/143-rename-guardian-verification-values.ts

@@ -1,6 +1,41 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v23: add the "guardian_" prefix back to verification-related
+ * call_mode and event_type values.
+ */
+export function downRenameGuardianVerificationValues(
+  database: DrizzleDb,
+): void {
+  const raw = getSqliteFrom(database);
+
+  // Rename call_mode values back
+  raw.exec(
+    /*sql*/ `UPDATE call_sessions SET call_mode = 'guardian_verification' WHERE call_mode = 'verification'`,
+  );
+
+  // Rename event_type values back
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'guardian_voice_verification_started' WHERE event_type = 'voice_verification_started'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'guardian_voice_verification_succeeded' WHERE event_type = 'voice_verification_succeeded'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'guardian_voice_verification_failed' WHERE event_type = 'voice_verification_failed'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'outbound_guardian_voice_verification_started' WHERE event_type = 'outbound_voice_verification_started'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'outbound_guardian_voice_verification_succeeded' WHERE event_type = 'outbound_voice_verification_succeeded'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE call_events SET event_type = 'outbound_guardian_voice_verification_failed' WHERE event_type = 'outbound_voice_verification_failed'`,
+  );
+}
+
 /**
  * One-shot migration: rename persisted `guardian_verification` and
  * `guardian_voice_verification_*` / `outbound_guardian_voice_verification_*`

package/src/memory/migrations/144-rename-voice-to-phone.ts

@@ -1,6 +1,142 @@
 import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
+/**
+ * Reverse v24: rename "phone" channel values back to "voice" across all
+ * tables with channel text columns.
+ */
+export function downRenameVoiceToPhone(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  // contact_channels.type
+  raw.exec(
+    /*sql*/ `UPDATE contact_channels SET type = 'voice' WHERE type = 'phone'`,
+  );
+
+  // conversations.origin_channel
+  raw.exec(
+    /*sql*/ `UPDATE conversations SET origin_channel = 'voice' WHERE origin_channel = 'phone'`,
+  );
+
+  // conversations.origin_interface
+  raw.exec(
+    /*sql*/ `UPDATE conversations SET origin_interface = 'voice' WHERE origin_interface = 'phone'`,
+  );
+
+  // messages.metadata — reverse the JSON string replacement
+  raw.exec(
+    /*sql*/ `UPDATE messages SET metadata = REPLACE(metadata, '"phone"', '"voice"') WHERE metadata LIKE '%"phone"%'`,
+  );
+
+  // assistant_ingress_invites.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE assistant_ingress_invites SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // assistant_inbox_thread_state.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE assistant_inbox_thread_state SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // guardian_action_requests.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE guardian_action_requests SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // guardian_action_requests.answered_by_channel
+  raw.exec(
+    /*sql*/ `UPDATE guardian_action_requests SET answered_by_channel = 'voice' WHERE answered_by_channel = 'phone'`,
+  );
+
+  // channel_verification_sessions.channel (the forward migration ran after v21 rename)
+  raw.exec(
+    /*sql*/ `UPDATE channel_verification_sessions SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+
+  // channel_guardian_approval_requests.channel
+  raw.exec(
+    /*sql*/ `UPDATE channel_guardian_approval_requests SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+
+  // channel_guardian_rate_limits.channel
+  // Dedup: remove phone rows that would collide with existing voice rows
+  raw.exec(/*sql*/ `DELETE FROM channel_guardian_rate_limits WHERE channel = 'phone' AND EXISTS (
+      SELECT 1 FROM channel_guardian_rate_limits AS t2
+      WHERE t2.channel = 'voice'
+        AND t2.actor_external_user_id = channel_guardian_rate_limits.actor_external_user_id
+        AND t2.actor_chat_id = channel_guardian_rate_limits.actor_chat_id
+    )`);
+  raw.exec(
+    /*sql*/ `UPDATE channel_guardian_rate_limits SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+
+  // notification_events.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE notification_events SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // notification_deliveries.channel
+  raw.exec(
+    /*sql*/ `UPDATE notification_deliveries SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+
+  // external_conversation_bindings.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE external_conversation_bindings SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // channel_inbound_events.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE channel_inbound_events SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // conversation_attention_events.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE conversation_attention_events SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // conversation_assistant_attention_state.last_seen_source_channel
+  raw.exec(
+    /*sql*/ `UPDATE conversation_assistant_attention_state SET last_seen_source_channel = 'voice' WHERE last_seen_source_channel = 'phone'`,
+  );
+
+  // canonical_guardian_requests.source_channel
+  raw.exec(
+    /*sql*/ `UPDATE canonical_guardian_requests SET source_channel = 'voice' WHERE source_channel = 'phone'`,
+  );
+
+  // canonical_guardian_deliveries.destination_channel
+  raw.exec(
+    /*sql*/ `UPDATE canonical_guardian_deliveries SET destination_channel = 'voice' WHERE destination_channel = 'phone'`,
+  );
+
+  // guardian_action_deliveries.destination_channel
+  raw.exec(
+    /*sql*/ `UPDATE guardian_action_deliveries SET destination_channel = 'voice' WHERE destination_channel = 'phone'`,
+  );
+
+  // scoped_approval_grants: request_channel, decision_channel, execution_channel
+  raw.exec(
+    /*sql*/ `UPDATE scoped_approval_grants SET request_channel = 'voice' WHERE request_channel = 'phone'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE scoped_approval_grants SET decision_channel = 'voice' WHERE decision_channel = 'phone'`,
+  );
+  raw.exec(
+    /*sql*/ `UPDATE scoped_approval_grants SET execution_channel = 'voice' WHERE execution_channel = 'phone'`,
+  );
+
+  // sequences.channel
+  raw.exec(
+    /*sql*/ `UPDATE sequences SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+
+  // followups.channel
+  raw.exec(
+    /*sql*/ `UPDATE followups SET channel = 'voice' WHERE channel = 'phone'`,
+  );
+}
+
 /**
  * One-shot migration: rename stored "voice" channel values to "phone" across
  * all tables that persist channel identifiers as text.

package/src/memory/migrations/145-drop-accounts-table.ts

@@ -17,3 +17,35 @@ export function migrateDropAccountsTable(database: DrizzleDb): void {
     raw.exec(/*sql*/ `DROP TABLE IF EXISTS accounts`);
   });
 }
+
+/**
+ * Reverse: recreate the accounts table with its original schema.
+ *
+ * Data is permanently lost — the table was dropped. This only restores the
+ * empty table structure so that earlier migrations referencing it can operate.
+ */
+export function migrateDropAccountsTableDown(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  raw.exec(/*sql*/ `
+    CREATE TABLE IF NOT EXISTS accounts (
+      id TEXT PRIMARY KEY,
+      service TEXT NOT NULL,
+      username TEXT,
+      email TEXT,
+      display_name TEXT,
+      status TEXT NOT NULL DEFAULT 'active',
+      credential_ref TEXT,
+      metadata_json TEXT,
+      created_at INTEGER NOT NULL,
+      updated_at INTEGER NOT NULL
+    )
+  `);
+
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_accounts_service ON accounts(service)`,
+  );
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_accounts_status ON accounts(status)`,
+  );
+}

package/src/memory/migrations/147-migrate-reminders-to-schedules.ts

@@ -1,4 +1,5 @@
-import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
+import type { DrizzleDb } from "../db-connection.js";
+import { getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
 /**
@@ -123,3 +124,15 @@ export function migrateRemindersToSchedules(database: DrizzleDb): void {
     }
   });
 }
+
+/**
+ * Reverse: no-op.
+ *
+ * Cannot reliably identify which cron_jobs rows were migrated from reminders
+ * versus created natively as schedules. Rows share the same table and there
+ * is no origin marker. Deleting the wrong rows would destroy user-created
+ * schedules.
+ */
+export function migrateRemindersToSchedulesDown(_database: DrizzleDb): void {
+  // No-op — see comment above.
+}

package/src/memory/migrations/148-drop-reminders-table.ts

@@ -1,4 +1,5 @@
-import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
+import type { DrizzleDb } from "../db-connection.js";
+import { getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
 /**
@@ -12,3 +13,36 @@ export function migrateDropRemindersTable(database: DrizzleDb): void {
     raw.run("DROP TABLE IF EXISTS reminders");
   });
 }
+
+/**
+ * Reverse: recreate the reminders table with its original schema.
+ *
+ * Data is permanently lost — the table was dropped. This only restores the
+ * empty table structure so that earlier migrations referencing it can operate.
+ * Includes the routing_intent and routing_hints_json columns added by
+ * migration 118.
+ */
+export function migrateDropRemindersTableDown(database: DrizzleDb): void {
+  const raw = getSqliteFrom(database);
+
+  raw.exec(/*sql*/ `
+    CREATE TABLE IF NOT EXISTS reminders (
+      id TEXT PRIMARY KEY,
+      label TEXT NOT NULL,
+      message TEXT NOT NULL,
+      fire_at INTEGER NOT NULL,
+      mode TEXT NOT NULL,
+      status TEXT NOT NULL,
+      fired_at INTEGER,
+      conversation_id TEXT,
+      routing_intent TEXT NOT NULL DEFAULT 'all_channels',
+      routing_hints_json TEXT NOT NULL DEFAULT '{}',
+      created_at INTEGER NOT NULL,
+      updated_at INTEGER NOT NULL
+    )
+  `);
+
+  raw.exec(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_reminders_status_fire_at ON reminders(status, fire_at)`,
+  );
+}

package/src/memory/migrations/150-oauth-apps-client-secret-path.ts

@@ -1,4 +1,5 @@
-import { type DrizzleDb, getSqliteFrom } from "../db-connection.js";
+import type { DrizzleDb } from "../db-connection.js";
+import { getSqliteFrom } from "../db-connection.js";
 import { withCrashRecovery } from "./validate-migration-state.js";
 
 /**
@@ -96,3 +97,70 @@ export function migrateOAuthAppsClientSecretPath(database: DrizzleDb): void {
     },
   );
 }
+
+/**
+ * Reverse: drop the client_secret_credential_path column from oauth_apps.
+ *
+ * Rebuilds the table without the column (SQLite doesn't support DROP COLUMN
+ * on older versions). Idempotent — skips if the column doesn't exist.
+ */
+export function migrateOAuthAppsClientSecretPathDown(
+  database: DrizzleDb,
+): void {
+  const raw = getSqliteFrom(database);
+
+  // Guard: table must exist
+  const tableExists = raw
+    .query(
+      `SELECT 1 FROM sqlite_master WHERE type = 'table' AND name = 'oauth_apps'`,
+    )
+    .get();
+  if (!tableExists) return;
+
+  // Guard: if the column doesn't exist, nothing to do
+  const colInfo = raw
+    .query(
+      `SELECT 1 FROM pragma_table_info('oauth_apps') WHERE name = 'client_secret_credential_path'`,
+    )
+    .get();
+  if (!colInfo) return;
+
+  raw.exec("PRAGMA foreign_keys = OFF");
+  try {
+    raw.exec("BEGIN");
+
+    raw.exec(/*sql*/ `
+      CREATE TABLE oauth_apps_rollback (
+        id TEXT PRIMARY KEY,
+        provider_key TEXT NOT NULL REFERENCES oauth_providers(provider_key),
+        client_id TEXT NOT NULL,
+        created_at INTEGER NOT NULL,
+        updated_at INTEGER NOT NULL
+      )
+    `);
+
+    raw.exec(/*sql*/ `
+      INSERT INTO oauth_apps_rollback
+      SELECT id, provider_key, client_id, created_at, updated_at
+      FROM oauth_apps
+    `);
+
+    raw.exec(/*sql*/ `DROP TABLE oauth_apps`);
+    raw.exec(/*sql*/ `ALTER TABLE oauth_apps_rollback RENAME TO oauth_apps`);
+
+    raw.exec(
+      /*sql*/ `CREATE UNIQUE INDEX IF NOT EXISTS idx_oauth_apps_provider_client ON oauth_apps(provider_key, client_id)`,
+    );
+
+    raw.exec("COMMIT");
+  } catch (e) {
+    try {
+      raw.exec("ROLLBACK");
+    } catch {
+      /* no active transaction */
+    }
+    throw e;
+  } finally {
+    raw.exec("PRAGMA foreign_keys = ON");
+  }
+}