memory-journal-mcp 4.4.2 → 5.0.0

package/src/database/SqliteAdapter.ts

@@ -9,7 +9,11 @@ import initSqlJs, { type Database } from 'sql.js'
 import * as fs from 'node:fs'
 import * as path from 'node:path'
 import { logger } from '../utils/logger.js'
-import { validateDateFormatPattern } from '../utils/security-utils.js'
+import {
+    validateDateFormatPattern,
+    sanitizeSearchQuery,
+    assertNoPathTraversal,
+} from '../utils/security-utils.js'
 import type {
     JournalEntry,
     Tag,
@@ -20,104 +24,9 @@ import type {
     ImportanceBreakdown,
     ImportanceResult,
 } from '../types/index.js'
-
-// Schema SQL for initialization
-const SCHEMA_SQL = `
--- Main journal entries table
-CREATE TABLE IF NOT EXISTS memory_journal (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    entry_type TEXT NOT NULL,
-    content TEXT NOT NULL,
-    timestamp TEXT DEFAULT CURRENT_TIMESTAMP,
-    is_personal INTEGER DEFAULT 1,
-    significance_type TEXT,
-    auto_context TEXT,
-    deleted_at TEXT,
-    -- GitHub integration fields
-    project_number INTEGER,
-    project_owner TEXT,
-    issue_number INTEGER,
-    issue_url TEXT,
-    pr_number INTEGER,
-    pr_url TEXT,
-    pr_status TEXT,
-    workflow_run_id INTEGER,
-    workflow_name TEXT,
-    workflow_status TEXT
-);
-
--- Tags table
-CREATE TABLE IF NOT EXISTS tags (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    name TEXT UNIQUE NOT NULL,
-    usage_count INTEGER DEFAULT 0
-);
-
--- Junction table for entry-tag relationships
-CREATE TABLE IF NOT EXISTS entry_tags (
-    entry_id INTEGER NOT NULL,
-    tag_id INTEGER NOT NULL,
-    PRIMARY KEY (entry_id, tag_id),
-    FOREIGN KEY (entry_id) REFERENCES memory_journal(id) ON DELETE CASCADE,
-    FOREIGN KEY (tag_id) REFERENCES tags(id) ON DELETE CASCADE
-);
-
--- Relationships between entries
-CREATE TABLE IF NOT EXISTS relationships (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    from_entry_id INTEGER NOT NULL,
-    to_entry_id INTEGER NOT NULL,
-    relationship_type TEXT NOT NULL,
-    description TEXT,
-    created_at TEXT DEFAULT CURRENT_TIMESTAMP,
-    FOREIGN KEY (from_entry_id) REFERENCES memory_journal(id) ON DELETE CASCADE,
-    FOREIGN KEY (to_entry_id) REFERENCES memory_journal(id) ON DELETE CASCADE
-);
-
--- Embeddings for vector search (stored as JSON for sql.js compatibility)
-CREATE TABLE IF NOT EXISTS embeddings (
-    entry_id INTEGER PRIMARY KEY,
-    embedding TEXT NOT NULL,
-    model_name TEXT NOT NULL,
-    FOREIGN KEY (entry_id) REFERENCES memory_journal(id) ON DELETE CASCADE
-);
-
--- Indexes for performance
-CREATE INDEX IF NOT EXISTS idx_memory_journal_timestamp ON memory_journal(timestamp);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_type ON memory_journal(entry_type);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_personal ON memory_journal(is_personal);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_deleted ON memory_journal(deleted_at);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_project ON memory_journal(project_number);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_issue ON memory_journal(issue_number);
-CREATE INDEX IF NOT EXISTS idx_memory_journal_pr ON memory_journal(pr_number);
-CREATE INDEX IF NOT EXISTS idx_tags_name ON tags(name);
-CREATE INDEX IF NOT EXISTS idx_entry_tags_entry ON entry_tags(entry_id);
-CREATE INDEX IF NOT EXISTS idx_entry_tags_tag ON entry_tags(tag_id);
-CREATE INDEX IF NOT EXISTS idx_relationships_from ON relationships(from_entry_id);
-CREATE INDEX IF NOT EXISTS idx_relationships_to ON relationships(to_entry_id);
-`
-
-/**
- * Input for creating a new entry
- */
-export interface CreateEntryInput {
-    content: string
-    entryType?: EntryType
-    tags?: string[]
-    isPersonal?: boolean
-    significanceType?: SignificanceType
-    autoContext?: string
-    projectNumber?: number
-    projectOwner?: string
-    issueNumber?: number
-    issueUrl?: string
-    prNumber?: number
-    prUrl?: string
-    prStatus?: 'draft' | 'open' | 'merged' | 'closed'
-    workflowRunId?: number
-    workflowName?: string
-    workflowStatus?: 'queued' | 'in_progress' | 'completed'
-}
+import { SCHEMA_SQL, TEAM_SCHEMA_SQL } from './schema.js'
+export type { CreateEntryInput } from './schema.js'
+import type { CreateEntryInput } from './schema.js'
 
 /**
  * SQLite Database Adapter for Memory Journal using sql.js
@@ -168,6 +77,14 @@ export class SqliteAdapter {
 
         // Initialize schema
         this.db.run(SCHEMA_SQL)
+
+        // Migrate existing databases that may lack newer columns
+        this.migrateSchema()
+
+        // Enable foreign key enforcement (SQLite disables by default)
+        // Required for ON DELETE CASCADE in entry_tags, relationships, embeddings
+        this.db.run('PRAGMA foreign_keys = ON')
+
         this.initialized = true
 
         logger.info('Database opened', { module: 'SqliteAdapter', dbPath: this.dbPath })
@@ -176,6 +93,176 @@ export class SqliteAdapter {
         this.flushSave()
     }
 
+    /**
+     * Migrate existing databases that may lack newer columns.
+     * Required because CREATE TABLE IF NOT EXISTS is a no-op on
+     * existing tables — columns added after initial creation are
+     * never added. This method checks for each expected column and
+     * runs ALTER TABLE as needed.
+     * Idempotent — safe to call on databases that already have all columns.
+     */
+    private migrateSchema(): void {
+        const db = this.ensureDb()
+        const tableInfo = db.exec('PRAGMA table_info(memory_journal)')
+        const columns = new Set((tableInfo[0]?.values ?? []).map((row) => String(row[1])))
+
+        const requiredColumns: { name: string; sql: string }[] = [
+            {
+                name: 'significance_type',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN significance_type TEXT',
+            },
+            {
+                name: 'auto_context',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN auto_context TEXT',
+            },
+            { name: 'deleted_at', sql: 'ALTER TABLE memory_journal ADD COLUMN deleted_at TEXT' },
+            {
+                name: 'project_number',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN project_number INTEGER',
+            },
+            {
+                name: 'project_owner',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN project_owner TEXT',
+            },
+            {
+                name: 'issue_number',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN issue_number INTEGER',
+            },
+            { name: 'issue_url', sql: 'ALTER TABLE memory_journal ADD COLUMN issue_url TEXT' },
+            { name: 'pr_number', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_number INTEGER' },
+            { name: 'pr_url', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_url TEXT' },
+            { name: 'pr_status', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_status TEXT' },
+            {
+                name: 'workflow_run_id',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_run_id INTEGER',
+            },
+            {
+                name: 'workflow_name',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_name TEXT',
+            },
+            {
+                name: 'workflow_status',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_status TEXT',
+            },
+        ]
+
+        const added: string[] = []
+        for (const col of requiredColumns) {
+            if (!columns.has(col.name)) {
+                db.run(col.sql)
+                added.push(col.name)
+            }
+        }
+
+        // Fix any tags with NULL usage_count (data repair from legacy DBs)
+        db.run('UPDATE tags SET usage_count = 0 WHERE usage_count IS NULL')
+
+        // Drop legacy FTS5 triggers from Python-era databases.
+        // sql.js WASM does not include FTS5; these triggers cause "no such module: fts5"
+        // on INSERT/UPDATE/DELETE operations. The TypeScript codebase uses LIKE queries.
+        // NOTE: We only drop triggers (regular objects). Dropping FTS5 virtual tables
+        // would also require the fts5 module, so we leave the inert shadow tables in place.
+        const dropped: string[] = []
+        const triggers = db.exec(
+            "SELECT name FROM sqlite_master WHERE type = 'trigger' AND sql LIKE '%fts%'"
+        )
+        // Validate trigger names before interpolating into DDL (defense-in-depth)
+        const SAFE_IDENTIFIER_RE = /^[a-zA-Z_][a-zA-Z0-9_]*$/
+        for (const row of triggers[0]?.values ?? []) {
+            const name = String(row[0])
+            if (!SAFE_IDENTIFIER_RE.test(name)) {
+                logger.warning('Skipping trigger with unsafe name during migration', {
+                    module: 'SqliteAdapter',
+                    triggerName: name,
+                })
+                continue
+            }
+            db.run(`DROP TRIGGER IF EXISTS "${name}"`)
+            dropped.push(`trigger:${name}`)
+        }
+
+        const changes = [...added.map((c) => `column:${c}`), ...dropped]
+        if (changes.length > 0) {
+            this.flushSave()
+            logger.info('Schema migrated', {
+                module: 'SqliteAdapter',
+                dbPath: this.dbPath,
+                changes,
+            })
+        }
+    }
+
+    /**
+     * Apply additional schema for team databases (adds author column).
+     * Also migrates legacy team DBs that may be missing columns from the
+     * current main schema (e.g. issue_number, pr_number added after v2).
+     * Idempotent — safe to call on databases that already have all columns.
+     */
+    applyTeamSchema(): void {
+        const db = this.ensureDb()
+        const tableInfo = db.exec('PRAGMA table_info(memory_journal)')
+        const columns = new Set((tableInfo[0]?.values ?? []).map((row) => String(row[1])))
+
+        // Columns required by the current schema that legacy team DBs may lack
+        const requiredColumns: { name: string; sql: string }[] = [
+            {
+                name: 'issue_number',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN issue_number INTEGER',
+            },
+            { name: 'issue_url', sql: 'ALTER TABLE memory_journal ADD COLUMN issue_url TEXT' },
+            { name: 'pr_number', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_number INTEGER' },
+            { name: 'pr_url', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_url TEXT' },
+            { name: 'pr_status', sql: 'ALTER TABLE memory_journal ADD COLUMN pr_status TEXT' },
+            {
+                name: 'workflow_run_id',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_run_id INTEGER',
+            },
+            {
+                name: 'workflow_name',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_name TEXT',
+            },
+            {
+                name: 'workflow_status',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN workflow_status TEXT',
+            },
+            {
+                name: 'project_number',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN project_number INTEGER',
+            },
+            {
+                name: 'project_owner',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN project_owner TEXT',
+            },
+            {
+                name: 'significance_type',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN significance_type TEXT',
+            },
+            {
+                name: 'auto_context',
+                sql: 'ALTER TABLE memory_journal ADD COLUMN auto_context TEXT',
+            },
+            { name: 'deleted_at', sql: 'ALTER TABLE memory_journal ADD COLUMN deleted_at TEXT' },
+            { name: 'author', sql: TEAM_SCHEMA_SQL.trim() },
+        ]
+
+        const added: string[] = []
+        for (const col of requiredColumns) {
+            if (!columns.has(col.name)) {
+                db.run(col.sql)
+                added.push(col.name)
+            }
+        }
+
+        if (added.length > 0) {
+            this.flushSave()
+            logger.info('Team schema migrated', {
+                module: 'SqliteAdapter',
+                dbPath: this.dbPath,
+                columnsAdded: added,
+            })
+        }
+    }
+
     /**
      * Schedule a debounced save to disk.
      * Batches rapid mutations into a single write after SAVE_DEBOUNCE_MS.
@@ -450,10 +537,7 @@ export class SqliteAdapter {
         const result = db.exec(sql, params)
         if (result.length === 0) return []
 
-        const columns = result[0]?.columns ?? []
-        return (result[0]?.values ?? []).map((values) =>
-            this.rowToEntry(this.rowToObject(columns, values))
-        )
+        return this.rowsToEntries(result[0]?.columns ?? [], result[0]?.values ?? [])
     }
 
     /**
@@ -468,10 +552,7 @@ export class SqliteAdapter {
         )
         if (result.length === 0) return []
 
-        const columns = result[0]?.columns ?? []
-        return (result[0]?.values ?? []).map((values) =>
-            this.rowToEntry(this.rowToObject(columns, values))
-        )
+        return this.rowsToEntries(result[0]?.columns ?? [], result[0]?.values ?? [])
     }
 
     /**
@@ -582,9 +663,9 @@ export class SqliteAdapter {
 
         let sql = `
             SELECT * FROM memory_journal
-            WHERE deleted_at IS NULL AND content LIKE ?
+            WHERE deleted_at IS NULL AND content LIKE ? ESCAPE '\\'
         `
-        const params: unknown[] = [`%${query}%`]
+        const params: unknown[] = [`%${sanitizeSearchQuery(query)}%`]
 
         if (isPersonal !== undefined) {
             sql += ` AND is_personal = ?`
@@ -609,10 +690,7 @@ export class SqliteAdapter {
         const result = db.exec(sql, params)
         if (result.length === 0) return []
 
-        const columns = result[0]?.columns ?? []
-        return (result[0]?.values ?? []).map((values) =>
-            this.rowToEntry(this.rowToObject(columns, values))
-        )
+        return this.rowsToEntries(result[0]?.columns ?? [], result[0]?.values ?? [])
     }
 
     /**
@@ -626,20 +704,35 @@ export class SqliteAdapter {
             tags?: string[]
             isPersonal?: boolean
             projectNumber?: number
+            limit?: number
         } = {}
     ): JournalEntry[] {
         const db = this.ensureDb()
         const { entryType, tags, isPersonal, projectNumber } = options
 
-        let sql = `
-            SELECT DISTINCT m.* FROM memory_journal m
-            LEFT JOIN entry_tags et ON m.id = et.entry_id
-            LEFT JOIN tags t ON et.tag_id = t.id
-            WHERE m.deleted_at IS NULL
-            AND m.timestamp >= ? AND m.timestamp <= ?
-        `
+        let sql: string
         const params: unknown[] = [startDate, endDate + ' 23:59:59']
 
+        // Only JOIN tag tables when filtering by tags (avoids DISTINCT overhead)
+        if (tags && tags.length > 0) {
+            sql = `
+                SELECT DISTINCT m.* FROM memory_journal m
+                JOIN entry_tags et ON m.id = et.entry_id
+                JOIN tags t ON et.tag_id = t.id
+                WHERE m.deleted_at IS NULL
+                AND m.timestamp >= ? AND m.timestamp <= ?
+            `
+            const placeholders = tags.map(() => '?').join(',')
+            sql += ` AND t.name IN (${placeholders})`
+            params.push(...tags)
+        } else {
+            sql = `
+                SELECT * FROM memory_journal m
+                WHERE m.deleted_at IS NULL
+                AND m.timestamp >= ? AND m.timestamp <= ?
+            `
+        }
+
         if (entryType) {
             sql += ` AND m.entry_type = ?`
             params.push(entryType)
@@ -652,21 +745,14 @@ export class SqliteAdapter {
             sql += ` AND m.project_number = ?`
             params.push(projectNumber)
         }
-        if (tags && tags.length > 0) {
-            const placeholders = tags.map(() => '?').join(',')
-            sql += ` AND t.name IN (${placeholders})`
-            params.push(...tags)
-        }
 
-        sql += ` ORDER BY m.timestamp DESC`
+        sql += ` ORDER BY m.timestamp DESC LIMIT ?`
+        params.push(options.limit ?? 500)
 
         const result = db.exec(sql, params)
         if (result.length === 0) return []
 
-        const columns = result[0]?.columns ?? []
-        return (result[0]?.values ?? []).map((values) =>
-            this.rowToEntry(this.rowToObject(columns, values))
-        )
+        return this.rowsToEntries(result[0]?.columns ?? [], result[0]?.values ?? [])
     }
 
     // =========================================================================
@@ -677,25 +763,34 @@ export class SqliteAdapter {
      * Get or create tags and link to entry
      */
     private linkTagsToEntry(entryId: number, tagNames: string[]): void {
+        if (tagNames.length === 0) return
         const db = this.ensureDb()
 
-        for (const tagName of tagNames) {
-            // Insert or ignore tag
-            db.run('INSERT OR IGNORE INTO tags (name, usage_count) VALUES (?, 0)', [tagName])
+        // Batch: insert all tags in one statement
+        const insertPlaceholders = tagNames.map(() => '(?, 0)').join(', ')
+        db.run(
+            `INSERT OR IGNORE INTO tags (name, usage_count) VALUES ${insertPlaceholders}`,
+            tagNames
+        )
 
-            // Get tag ID
-            const result = db.exec('SELECT id FROM tags WHERE name = ?', [tagName])
-            const tagId = result[0]?.values[0]?.[0] as number | undefined
+        // Batch: fetch all tag IDs in one query
+        const selectPlaceholders = tagNames.map(() => '?').join(', ')
+        const result = db.exec(
+            `SELECT id, name FROM tags WHERE name IN (${selectPlaceholders})`,
+            tagNames
+        )
 
-            if (tagId !== undefined) {
-                // Link tag to entry
-                db.run('INSERT OR IGNORE INTO entry_tags (entry_id, tag_id) VALUES (?, ?)', [
-                    entryId,
-                    tagId,
-                ])
-                // Increment usage
-                db.run('UPDATE tags SET usage_count = usage_count + 1 WHERE id = ?', [tagId])
-            }
+        const tagIds: number[] = []
+        for (const row of result[0]?.values ?? []) {
+            const tagId = row[0] as number
+            tagIds.push(tagId)
+            // Link tag to entry
+            db.run('INSERT OR IGNORE INTO entry_tags (entry_id, tag_id) VALUES (?, ?)', [
+                entryId,
+                tagId,
+            ])
+            // Increment usage
+            db.run('UPDATE tags SET usage_count = usage_count + 1 WHERE id = ?', [tagId])
         }
     }
 
@@ -722,7 +817,9 @@ export class SqliteAdapter {
      */
     listTags(): Tag[] {
         const db = this.ensureDb()
-        const result = db.exec('SELECT * FROM tags WHERE usage_count > 0 ORDER BY usage_count DESC')
+        const result = db.exec(
+            'SELECT id, name, COALESCE(usage_count, 0) as usage_count FROM tags WHERE COALESCE(usage_count, 0) > 0 ORDER BY usage_count DESC'
+        )
 
         if (result.length === 0) return []
 
@@ -918,29 +1015,27 @@ export class SqliteAdapter {
     } {
         const db = this.ensureDb()
 
-        // Total entries
-        const totalResult = db.exec(`
-            SELECT COUNT(*) as count FROM memory_journal WHERE deleted_at IS NULL
-        `)
-        const totalEntries = (totalResult[0]?.values[0]?.[0] as number) ?? 0
-
-        // By type
-        const byTypeResult = db.exec(`
+        // Combined query 1: total entries + breakdown by type
+        const combinedResult = db.exec(`
+            SELECT COUNT(*) as count FROM memory_journal WHERE deleted_at IS NULL;
             SELECT entry_type, COUNT(*) as count
             FROM memory_journal
             WHERE deleted_at IS NULL
             GROUP BY entry_type
         `)
+        const totalEntries = (combinedResult[0]?.values[0]?.[0] as number) ?? 0
         const entriesByType: Record<string, number> = {}
-        for (const row of byTypeResult[0]?.values ?? []) {
+        for (const row of combinedResult[1]?.values ?? []) {
             entriesByType[row[0] as string] = row[1] as number
         }
 
-        // By period - use validated date format pattern (defense-in-depth)
+        // Combined query 2: period breakdown + decision density (using CASE)
         const dateFormat = validateDateFormatPattern(groupBy)
-
-        const byPeriodResult = db.exec(`
-            SELECT strftime('${dateFormat}', timestamp) as period, COUNT(*) as count
+        const periodResult = db.exec(`
+            SELECT
+                strftime('${dateFormat}', timestamp) as period,
+                COUNT(*) as total_count,
+                SUM(CASE WHEN significance_type IS NOT NULL THEN 1 ELSE 0 END) as significant_count
             FROM memory_journal
             WHERE deleted_at IS NULL
             GROUP BY period
@@ -948,32 +1043,27 @@ export class SqliteAdapter {
             LIMIT 52
         `)
 
-        const entriesByPeriod = (byPeriodResult[0]?.values ?? []).map((v: unknown[]) => ({
+        const entriesByPeriod = (periodResult[0]?.values ?? []).map((v: unknown[]) => ({
             period: v[0] as string,
             count: v[1] as number,
         }))
 
-        // =========================================================================
-        // Enhanced Analytics Metrics (v4.3.0)
-        // =========================================================================
+        const decisionDensity = (periodResult[0]?.values ?? [])
+            .filter((v: unknown[]) => (v[2] as number) > 0)
+            .map((v: unknown[]) => ({
+                period: v[0] as string,
+                significantCount: v[2] as number,
+            }))
 
-        // Decision Density: significant entries per period
-        const decisionDensityResult = db.exec(`
-            SELECT strftime('${dateFormat}', timestamp) as period, COUNT(*) as count
-            FROM memory_journal
-            WHERE deleted_at IS NULL AND significance_type IS NOT NULL
-            GROUP BY period
-            ORDER BY period DESC
-            LIMIT 52
+        // Combined query 3: relationship counts + causal breakdown
+        const relResult = db.exec(`
+            SELECT COUNT(*) FROM relationships;
+            SELECT relationship_type, COUNT(*) as count
+            FROM relationships
+            WHERE relationship_type IN ('blocked_by', 'resolved', 'caused')
+            GROUP BY relationship_type
         `)
-        const decisionDensity = (decisionDensityResult[0]?.values ?? []).map((v: unknown[]) => ({
-            period: v[0] as string,
-            significantCount: v[1] as number,
-        }))
-
-        // Relationship Complexity: total relationships and avg per entry
-        const relCountResult = db.exec(`SELECT COUNT(*) FROM relationships`)
-        const totalRelationships = (relCountResult[0]?.values[0]?.[0] as number) ?? 0
+        const totalRelationships = (relResult[0]?.values[0]?.[0] as number) ?? 0
         const avgPerEntry = totalEntries > 0 ? totalRelationships / totalEntries : 0
 
         // Activity Trend: week-over-week growth
@@ -987,14 +1077,8 @@ export class SqliteAdapter {
                 : null
 
         // Causal Metrics: counts for causal relationship types
-        const causalResult = db.exec(`
-            SELECT relationship_type, COUNT(*) as count
-            FROM relationships
-            WHERE relationship_type IN ('blocked_by', 'resolved', 'caused')
-            GROUP BY relationship_type
-        `)
         const causalMetrics = { blocked_by: 0, resolved: 0, caused: 0 }
-        for (const row of causalResult[0]?.values ?? []) {
+        for (const row of relResult[1]?.values ?? []) {
             const relType = row[0] as 'blocked_by' | 'resolved' | 'caused'
             causalMetrics[relType] = row[1] as number
         }
@@ -1037,6 +1121,11 @@ export class SqliteAdapter {
         const db = this.ensureDb()
         const backupsDir = this.getBackupsDir()
 
+        // Validate backup name against path traversal before sanitization
+        if (backupName) {
+            assertNoPathTraversal(backupName)
+        }
+
         // Ensure backups directory exists
         if (!fs.existsSync(backupsDir)) {
             fs.mkdirSync(backupsDir, { recursive: true })
@@ -1118,7 +1207,7 @@ export class SqliteAdapter {
     deleteOldBackups(keepCount: number): { deleted: string[]; kept: number } {
         const backups = this.listBackups() // Already sorted newest-first
 
-        if (keepCount < 1) {
+        if (keepCount < 1 || Number.isNaN(keepCount)) {
             throw new Error('keepCount must be at least 1')
         }
 
@@ -1155,9 +1244,7 @@ export class SqliteAdapter {
         newEntryCount: number
     }> {
         // Validate filename (prevent path traversal)
-        if (filename.includes('/') || filename.includes('\\') || filename.includes('..')) {
-            throw new Error('Invalid backup filename: path separators not allowed')
-        }
+        assertNoPathTraversal(filename)
 
         const backupsDir = this.getBackupsDir()
         const backupPath = path.join(backupsDir, filename)
@@ -1187,6 +1274,7 @@ export class SqliteAdapter {
         // Initialize new database from backup
         const SQL = await import('sql.js').then((m) => m.default())
         this.db = new SQL.Database(backupBuffer)
+        this.db.run('PRAGMA foreign_keys = ON')
         this.initialized = true
 
         // Get new entry count
@@ -1300,7 +1388,9 @@ export class SqliteAdapter {
     }
 
     /**
-     * Convert database row to JournalEntry
+     * Convert database row to JournalEntry.
+     * Used for single-entry methods (getEntryById, getEntryByIdIncludeDeleted)
+     * where the N+1 overhead of one tag query is negligible.
      */
     private rowToEntry(row: Record<string, unknown>): JournalEntry {
         const id = row['id'] as number
@@ -1329,7 +1419,83 @@ export class SqliteAdapter {
     }
 
     /**
-     * Get raw database for advanced operations
+     * Convert multiple database rows to JournalEntry[] with batch tag fetching.
+     * Uses a single IN (...) query to fetch all tags for all entries at once,
+     * eliminating the N+1 query pattern of per-row getTagsForEntry calls.
+     */
+    private rowsToEntries(columns: string[], values: unknown[][]): JournalEntry[] {
+        if (values.length === 0) return []
+
+        // Step 1: Convert all rows to objects
+        const rows = values.map((v) => this.rowToObject(columns, v))
+        const ids = rows.map((r) => r['id'] as number)
+
+        // Step 2: Batch-fetch all tags in one query
+        const tagMap = this.batchGetTagsForEntries(ids)
+
+        // Step 3: Assemble entries using the pre-fetched tag map
+        return rows.map((row) => {
+            const id = row['id'] as number
+            return {
+                id,
+                entryType: row['entry_type'] as EntryType,
+                content: row['content'] as string,
+                timestamp: row['timestamp'] as string,
+                isPersonal: row['is_personal'] === 1,
+                significanceType: row['significance_type'] as SignificanceType,
+                autoContext: row['auto_context'] as string | null,
+                deletedAt: row['deleted_at'] as string | null,
+                tags: tagMap.get(id) ?? [],
+                projectNumber: (row['project_number'] as number | null) ?? null,
+                projectOwner: (row['project_owner'] as string | null) ?? null,
+                issueNumber: (row['issue_number'] as number | null) ?? null,
+                issueUrl: (row['issue_url'] as string | null) ?? null,
+                prNumber: (row['pr_number'] as number | null) ?? null,
+                prUrl: (row['pr_url'] as string | null) ?? null,
+                prStatus: (row['pr_status'] as string | null) ?? null,
+                workflowRunId: (row['workflow_run_id'] as number | null) ?? null,
+                workflowName: (row['workflow_name'] as string | null) ?? null,
+                workflowStatus: (row['workflow_status'] as string | null) ?? null,
+            }
+        })
+    }
+
+    /**
+     * Batch-fetch tags for multiple entry IDs in a single query.
+     * Returns a Map<entryId, tagNames[]>.
+     * Eliminates the N+1 query problem for multi-row result sets.
+     */
+    private batchGetTagsForEntries(ids: number[]): Map<number, string[]> {
+        const tagMap = new Map<number, string[]>()
+        if (ids.length === 0) return tagMap
+
+        const db = this.ensureDb()
+        const placeholders = ids.map(() => '?').join(', ')
+        const result = db.exec(
+            `SELECT et.entry_id, t.name
+             FROM entry_tags et
+             JOIN tags t ON et.tag_id = t.id
+             WHERE et.entry_id IN (${placeholders})`,
+            ids
+        )
+
+        for (const row of result[0]?.values ?? []) {
+            const entryId = row[0] as number
+            const tagName = row[1] as string
+            const existing = tagMap.get(entryId)
+            if (existing) {
+                existing.push(tagName)
+            } else {
+                tagMap.set(entryId, [tagName])
+            }
+        }
+
+        return tagMap
+    }
+
+    /**
+     * Get raw sql.js Database handle for advanced queries.
+     * @internal Callers MUST use parameterized queries — never concatenate user input into SQL.
      */
     getRawDb(): Database {
         return this.ensureDb()