ndomo 0.1.0

package/src/db/fts-escape.ts

@@ -0,0 +1,20 @@
+/**
+ * ndomo DB — FTS5 query escaping.
+ *
+ * FTS5 MATCH interprets special characters as syntax:
+ *   " - ( ) : *
+ * A raw user input like "auth-bug" causes FTS5 to parse "-bug" as a column
+ * qualifier, throwing "SQLiteError: no such column: bug".
+ *
+ * The safe fix is to wrap the query in double quotes, making FTS5 treat the
+ * entire string as a literal phrase. Internal double quotes are escaped by
+ * doubling them ("").
+ *
+ * NOTE: Wrapped queries are phrase queries — FTS5 does NOT tokenize the
+ * interior. This is correct for our use case (exact phrase with hyphens).
+ * If boolean queries (AND/OR/NOT) are needed in the future, use selective
+ * escaping instead of blanket wrapping.
+ */
+export function escapeFtsQuery(q: string): string {
+  return `"${q.replace(/"/g, '""')}"`;
+}

package/src/db/incidents.test.ts

@@ -0,0 +1,201 @@
+import { Database } from "bun:sqlite"
+import { beforeEach, describe, expect, test } from "bun:test"
+import { createIncident, getIncident, listIncidents, updateIncidentStatus } from "./incidents.ts"
+import { runMigrations } from "./migrations.ts"
+
+function createTestDeployment(db: Database): string {
+  const now = Date.now()
+  db.query("INSERT INTO environments (id, name, slug, created_at, updated_at) VALUES (?, ?, ?, ?, ?)").run("e1", "prod", "prod", now, now)
+  db.query("INSERT INTO releases (id, version, title, created_at) VALUES (?, ?, ?, ?)").run("r1", "1.0.0", "rel", now)
+  db.query("INSERT INTO deployments (id, release_id, environment_id, status, created_at) VALUES (?, ?, ?, ?, ?)").run("d1", "r1", "e1", "planned", now)
+  return "d1"
+}
+
+describe("incidents.ts", () => {
+  let db: Database
+  beforeEach(() => {
+    db = new Database(":memory:")
+    db.exec("PRAGMA foreign_keys = ON")
+    runMigrations(db)
+  })
+
+  describe("createIncident", () => {
+    test("happy path — creates incident with status=open", () => {
+      const inc = createIncident(db, { title: "DB down", severity: "sev1", summary: "Production DB unreachable" })
+      expect(inc.id).toBeTruthy()
+      expect(inc.title).toBe("DB down")
+      expect(inc.severity).toBe("sev1")
+      expect(inc.status).toBe("open")
+      expect(inc.summary).toBe("Production DB unreachable")
+      expect(inc.triggeredByDeploymentId).toBeNull()
+      expect(inc.createdAt).toBeGreaterThan(0)
+      expect(inc.updatedAt).toBeGreaterThan(0)
+      expect(inc.resolvedAt).toBeNull()
+    })
+
+    test("creates incident without optional fields", () => {
+      const inc = createIncident(db, { title: "Minor issue", severity: "sev4" })
+      expect(inc.summary).toBeNull()
+      expect(inc.triggeredByDeploymentId).toBeNull()
+      expect(inc.metadata).toBeNull()
+    })
+
+    test("creates incident with metadata", () => {
+      const inc = createIncident(db, { title: "Test", severity: "sev2", metadata: { region: "us-east-1" } })
+      expect(inc.metadata).toEqual({ region: "us-east-1" })
+    })
+
+    test("throws on invalid severity", () => {
+      expect(() => createIncident(db, { title: "Bad", severity: "sev5" as any })).toThrow("invalid incident severity")
+    })
+
+    test("throws on empty title (whitespace only)", () => {
+      expect(() => createIncident(db, { title: "   ", severity: "sev1" })).toThrow("title cannot be empty")
+    })
+
+    test("trims title", () => {
+      const inc = createIncident(db, { title: "  spaced  ", severity: "sev1" })
+      expect(inc.title).toBe("spaced")
+    })
+
+    test("truncates summary >16KB", () => {
+      const bigSummary = "x".repeat(20_000)
+      const inc = createIncident(db, { title: "Big", severity: "sev1", summary: bigSummary })
+      expect(inc.summary!.length).toBeLessThan(20_000)
+      expect(inc.summary!).toContain("…[truncated]")
+    })
+
+    test("FK validation — triggeredByDeploymentId non-existent throws", () => {
+      expect(() => createIncident(db, { title: "FK test", severity: "sev1", triggeredByDeploymentId: "nonexistent" })).toThrow("deployment 'nonexistent' not found")
+    })
+
+    test("FK validation — valid triggeredByDeploymentId succeeds", () => {
+      createTestDeployment(db)
+      const inc = createIncident(db, { title: "Dep linked", severity: "sev2", triggeredByDeploymentId: "d1" })
+      expect(inc.triggeredByDeploymentId).toBe("d1")
+    })
+  })
+
+  describe("getIncident", () => {
+    test("returns existing incident", () => {
+      const created = createIncident(db, { title: "Find me", severity: "sev3" })
+      const found = getIncident(db, created.id)
+      expect(found).not.toBeNull()
+      expect(found!.title).toBe("Find me")
+    })
+
+    test("returns null for non-existent id", () => {
+      expect(getIncident(db, "nonexistent")).toBeNull()
+    })
+  })
+
+  describe("listIncidents", () => {
+    test("returns all incidents", () => {
+      createIncident(db, { title: "A", severity: "sev1" })
+      createIncident(db, { title: "B", severity: "sev2" })
+      const all = listIncidents(db)
+      expect(all.length).toBe(2)
+    })
+
+    test("filters by severity", () => {
+      createIncident(db, { title: "Sev1", severity: "sev1" })
+      createIncident(db, { title: "Sev2", severity: "sev2" })
+      createIncident(db, { title: "Sev1b", severity: "sev1" })
+      const sev1 = listIncidents(db, { severity: "sev1" })
+      expect(sev1.length).toBe(2)
+      expect(sev1.every(i => i.severity === "sev1")).toBe(true)
+    })
+
+    test("filters by status", () => {
+      const a = createIncident(db, { title: "A", severity: "sev1" })
+      createIncident(db, { title: "B", severity: "sev1" })
+      updateIncidentStatus(db, a.id, "triaging")
+      const open = listIncidents(db, { status: "open" })
+      const triaging = listIncidents(db, { status: "triaging" })
+      expect(open.length).toBe(1)
+      expect(triaging.length).toBe(1)
+    })
+
+    test("respects limit", () => {
+      for (let i = 0; i < 5; i++) createIncident(db, { title: `I${i}`, severity: "sev1" })
+      const limited = listIncidents(db, { limit: 2 })
+      expect(limited.length).toBe(2)
+    })
+  })
+
+  describe("updateIncidentStatus", () => {
+    test("valid transition chain: open→triaging→mitigated→resolved→postmortem", () => {
+      const inc = createIncident(db, { title: "Chain", severity: "sev1" })
+      expect(inc.status).toBe("open")
+
+      const t1 = updateIncidentStatus(db, inc.id, "triaging")
+      expect(t1.status).toBe("triaging")
+
+      const t2 = updateIncidentStatus(db, inc.id, "mitigated")
+      expect(t2.status).toBe("mitigated")
+
+      const t3 = updateIncidentStatus(db, inc.id, "resolved")
+      expect(t3.status).toBe("resolved")
+      expect(t3.resolvedAt).toBeGreaterThan(0)
+
+      const t4 = updateIncidentStatus(db, inc.id, "postmortem")
+      expect(t4.status).toBe("postmortem")
+    })
+
+    test("open→mitigated (skip triaging) is valid", () => {
+      const inc = createIncident(db, { title: "Skip", severity: "sev1" })
+      const updated = updateIncidentStatus(db, inc.id, "mitigated")
+      expect(updated.status).toBe("mitigated")
+    })
+
+    test("open→resolved (skip both) is valid", () => {
+      const inc = createIncident(db, { title: "Fast", severity: "sev1" })
+      const updated = updateIncidentStatus(db, inc.id, "resolved")
+      expect(updated.status).toBe("resolved")
+    })
+
+    test("throws on invalid transition: open→postmortem", () => {
+      const inc = createIncident(db, { title: "Bad", severity: "sev1" })
+      expect(() => updateIncidentStatus(db, inc.id, "postmortem")).toThrow("invalid incident transition")
+    })
+
+    test("throws on backward transition: resolved→mitigated", () => {
+      const inc = createIncident(db, { title: "Back", severity: "sev1" })
+      updateIncidentStatus(db, inc.id, "resolved")
+      expect(() => updateIncidentStatus(db, inc.id, "mitigated")).toThrow("invalid incident transition")
+    })
+
+    test("sets resolved_at when transitioning to resolved", () => {
+      const inc = createIncident(db, { title: "Resolve", severity: "sev1" })
+      expect(inc.resolvedAt).toBeNull()
+      const updated = updateIncidentStatus(db, inc.id, "resolved")
+      expect(updated.resolvedAt).toBeGreaterThan(0)
+    })
+
+    test("preserves resolved_at when going to postmortem", () => {
+      const inc = createIncident(db, { title: "PM", severity: "sev1" })
+      const resolved = updateIncidentStatus(db, inc.id, "resolved")
+      const resolvedAt = resolved.resolvedAt!
+      const pm = updateIncidentStatus(db, inc.id, "postmortem")
+      expect(pm.resolvedAt).toBe(resolvedAt)
+    })
+
+    test("no-op when same status", () => {
+      const inc = createIncident(db, { title: "Same", severity: "sev1" })
+      const same = updateIncidentStatus(db, inc.id, "open")
+      expect(same.id).toBe(inc.id)
+      expect(same.status).toBe("open")
+    })
+
+    test("throws on non-existent incident", () => {
+      expect(() => updateIncidentStatus(db, "nonexistent", "triaging")).toThrow("incident 'nonexistent' not found")
+    })
+
+    test("postmortem is terminal — no further transitions", () => {
+      const inc = createIncident(db, { title: "Terminal", severity: "sev1" })
+      updateIncidentStatus(db, inc.id, "resolved")
+      updateIncidentStatus(db, inc.id, "postmortem")
+      expect(() => updateIncidentStatus(db, inc.id, "resolved")).toThrow("invalid incident transition")
+    })
+  })
+})

package/src/db/incidents.ts

@@ -0,0 +1,93 @@
+/**
+ * ndomo DB — Incident CRUD with transition validation.
+ *
+ * All functions take a Database instance and return camelCase TS types.
+ */
+
+import type { Database } from "bun:sqlite"
+import { incidentFromRow, type Incident, type IncidentSeverity, type IncidentStatus, type InsertIncident } from "./types.ts"
+
+const MAX_TEXT_BYTES = 16 * 1024
+
+function truncateText(s: string): string {
+  if (s.length <= MAX_TEXT_BYTES) return s
+  return `${s.slice(0, MAX_TEXT_BYTES)}…[truncated]`
+}
+
+const VALID_SEVERITIES: IncidentSeverity[] = ["sev1", "sev2", "sev3", "sev4"]
+const VALID_STATUSES: IncidentStatus[] = ["open", "triaging", "mitigated", "resolved", "postmortem"]
+
+// Valid transitions: forward only, no backward
+const VALID_TRANSITIONS: Record<IncidentStatus, IncidentStatus[]> = {
+  open: ["triaging", "mitigated", "resolved"],
+  triaging: ["mitigated", "resolved"],
+  mitigated: ["resolved"],
+  resolved: ["postmortem"],
+  postmortem: [], // terminal
+}
+
+export function createIncident(
+  db: Database,
+  input: InsertIncident,
+): Incident {
+  if (!VALID_SEVERITIES.includes(input.severity)) {
+    throw new Error(`ndomo: invalid incident severity '${input.severity}' (must be sev1-4)`)
+  }
+  const title = input.title.trim()
+  if (title.length === 0) throw new Error("ndomo: incident title cannot be empty")
+  const summary = input.summary ? truncateText(input.summary.trim()) : null
+  if (input.triggeredByDeploymentId) {
+    const dep = db.query("SELECT id FROM deployments WHERE id = ?").get(input.triggeredByDeploymentId)
+    if (!dep) throw new Error(`ndomo: deployment '${input.triggeredByDeploymentId}' not found (FK violation)`)
+  }
+  const id = crypto.randomUUID()
+  const now = Date.now()
+  const metadata = input.metadata ? JSON.stringify(input.metadata) : null
+  db.query(
+    `INSERT INTO incidents (id, title, severity, status, summary, triggered_by_deployment_id, created_at, updated_at, resolved_at, metadata)
+     VALUES (?, ?, ?, 'open', ?, ?, ?, ?, NULL, ?)`,
+  ).run(id, title, input.severity, summary, input.triggeredByDeploymentId ?? null, now, now, metadata)
+  return getIncident(db, id)!
+}
+
+export function getIncident(db: Database, id: string): Incident | null {
+  const row = db.query("SELECT * FROM incidents WHERE id = ?").get(id)
+  return row ? incidentFromRow(row) : null
+}
+
+export function listIncidents(
+  db: Database,
+  opts?: { status?: IncidentStatus; severity?: IncidentSeverity; limit?: number },
+): Incident[] {
+  const limit = opts?.limit ?? 100
+  const clauses: string[] = []
+  const params: (string | number)[] = []
+  if (opts?.status) { clauses.push("status = ?"); params.push(opts.status) }
+  if (opts?.severity) { clauses.push("severity = ?"); params.push(opts.severity) }
+  const where = clauses.length > 0 ? `WHERE ${clauses.join(" AND ")}` : ""
+  params.push(limit)
+  const rows = db.query(`SELECT * FROM incidents ${where} ORDER BY created_at DESC LIMIT ?`).all(...params)
+  return rows.map(incidentFromRow)
+}
+
+export function updateIncidentStatus(
+  db: Database,
+  id: string,
+  newStatus: IncidentStatus,
+): Incident {
+  const current = getIncident(db, id)
+  if (!current) throw new Error(`ndomo: incident '${id}' not found`)
+  if (!VALID_STATUSES.includes(newStatus)) {
+    throw new Error(`ndomo: invalid incident status '${newStatus}'`)
+  }
+  const currentStatus = current.status
+  if (currentStatus === newStatus) return current // no-op
+  const allowed = VALID_TRANSITIONS[currentStatus]
+  if (!allowed.includes(newStatus)) {
+    throw new Error(`ndomo: invalid incident transition '${currentStatus}' → '${newStatus}' (allowed: ${allowed.join(", ") || "none (terminal)"})`)
+  }
+  const now = Date.now()
+  const resolvedAt = newStatus === "resolved" || newStatus === "postmortem" ? now : current.resolvedAt
+  db.query("UPDATE incidents SET status = ?, updated_at = ?, resolved_at = ? WHERE id = ?").run(newStatus, now, resolvedAt, id)
+  return getIncident(db, id)!
+}

package/src/db/index.ts

@@ -0,0 +1,86 @@
+/**
+ * Public DB API for ndomo.
+ *
+ * Re-exported so custom tools can `import { createPlan, openDb, ... } from "ndomo/db"`.
+ * Named re-exports only (no `export *`) for explicitness and tree-shaking clarity.
+ */
+
+// ─── Client ──────────────────────────────────────────────────────────────────
+export { closeDb, openDb } from "./client.ts";
+// ─── Migrations ──────────────────────────────────────────────────────────────
+export { runMigrations } from "./migrations.ts";
+export type { ArchiveResult } from "./plan-archive.ts";
+// ─── Plan Archive ────────────────────────────────────────────────────────────
+export { archivePlan, resolveArchiveDir } from "./plan-archive.ts";
+export type { PlanProgress } from "./plans.ts";
+// ─── Plans ───────────────────────────────────────────────────────────────────
+export {
+  addPlanTag,
+  approvePlan,
+  createPlan,
+  findPlansByCategory,
+  findPlansByTag,
+  getPlan,
+  getPlanBySlug,
+  getPlanProgress,
+  getPlanTags,
+  listPlans,
+  removePlanTag,
+  searchPlans,
+  updatePlanStatus,
+} from "./plans.ts";
+export type { ProjectDirContext } from "./resolve-project-dir.ts";
+// ─── Project dir resolution ──────────────────────────────────────────────────
+export { resolveProjectDir } from "./resolve-project-dir.ts";
+// ─── Sessions ────────────────────────────────────────────────────────────────
+export {
+  appendAgentHistory,
+  checkpointSession,
+  endSession,
+  getSession,
+  listSessions,
+  startSession,
+} from "./sessions.ts";
+export type { TaskTruncationInfo, TaskUpdateResult } from "./tasks.ts";
+// ─── Tasks ───────────────────────────────────────────────────────────────────
+export {
+  addTaskTag,
+  createTasksBatch,
+  getTask,
+  getTaskTags,
+  listTasksByPlan,
+  nextTaskForAgent,
+  removeTaskTag,
+  searchTasks,
+  splitFilesByStack,
+  updateTaskStatus,
+} from "./tasks.ts";
+
+// ─── Analyses (v14) ────────────────────────────────────────────────────────
+export {
+  archiveAnalysis,
+  createAnalysis,
+  getAnalysis,
+  getAnalysisBySlug,
+  linkAnalysisToPlan,
+  listAnalyses,
+  searchAnalyses,
+  unlinkAnalysisFromPlan,
+  updateAnalysis,
+} from "./analyses.ts";
+
+// ─── Types ───────────────────────────────────────────────────────────────────
+export type {
+  Analysis,
+  InsertAnalysis,
+  Plan,
+  PlanCategory,
+  PlanMetadata,
+  PlanStatus,
+  PlanTask,
+  Session,
+  SessionMetadata,
+  SessionOutcome,
+  TaskMetadata,
+  TaskStatus,
+} from "./types.ts";

package/src/db/migrations-v13.test.ts

@@ -0,0 +1,141 @@
+import { Database } from "bun:sqlite"
+import { beforeEach, describe, expect, test } from "bun:test"
+import { runMigrations } from "./migrations.ts"
+import { MIGRATIONS } from "./schema.ts"
+
+describe("migration v13 — ops tables (T2)", () => {
+  let db: Database
+  beforeEach(() => {
+    db = new Database(":memory:")
+    db.exec("PRAGMA foreign_keys = ON")
+  })
+
+  test("applies v13 and sets schema_version=15 (latest)", () => {
+    runMigrations(db)
+    const row = db.query("SELECT MAX(version) as v FROM schema_version").get() as { v: number }
+    expect(row.v).toBe(15)
+  })
+
+  test("all 5 ops tables exist", () => {
+    runMigrations(db)
+    const tables = db.query("SELECT name FROM sqlite_master WHERE type='table' AND name IN ('environments','releases','deployments','incidents','rollback_executions') ORDER BY name").all() as Array<{ name: string }>
+    expect(tables.map(t => t.name)).toEqual(["deployments", "environments", "incidents", "releases", "rollback_executions"])
+  })
+
+  test("idempotent — running migrations twice is a no-op", () => {
+    runMigrations(db)
+    const v1 = db.query("SELECT MAX(version) as v FROM schema_version").get() as { v: number }
+    runMigrations(db) // second run
+    const v2 = db.query("SELECT MAX(version) as v FROM schema_version").get() as { v: number }
+    expect(v2).toEqual(v1)
+    // Verify no duplicate schema_version rows
+    const count = db.query("SELECT COUNT(*) as c FROM schema_version WHERE version=13").get() as { c: number }
+    expect(count.c).toBe(1)
+  })
+
+  test("environments table has expected columns", () => {
+    runMigrations(db)
+    const cols = db.query("PRAGMA table_info(environments)").all() as Array<{ name: string }>
+    const names = cols.map(c => c.name)
+    expect(names).toContain("id")
+    expect(names).toContain("name")
+    expect(names).toContain("slug")
+    expect(names).toContain("description")
+    expect(names).toContain("metadata")
+    expect(names).toContain("created_at")
+    expect(names).toContain("updated_at")
+    expect(names).toContain("archived_at")
+  })
+
+  test("releases table has expected columns", () => {
+    runMigrations(db)
+    const cols = db.query("PRAGMA table_info(releases)").all() as Array<{ name: string }>
+    const names = cols.map(c => c.name)
+    expect(names).toContain("id")
+    expect(names).toContain("version")
+    expect(names).toContain("title")
+    expect(names).toContain("notes")
+    expect(names).toContain("created_at")
+    expect(names).toContain("archived_at")
+  })
+
+  test("deployments table has FK to releases + environments", () => {
+    runMigrations(db)
+    const fks = db.query("PRAGMA foreign_key_list(deployments)").all() as Array<{ table: string }>
+    const tables = fks.map(f => f.table)
+    expect(tables).toContain("releases")
+    expect(tables).toContain("environments")
+  })
+
+  test("incidents table has FK to deployments (triggered_by_deployment_id)", () => {
+    runMigrations(db)
+    const fks = db.query("PRAGMA foreign_key_list(incidents)").all() as Array<{ table: string; from: string }>
+    const depFk = fks.find(f => f.table === "deployments")
+    expect(depFk).toBeDefined()
+    expect(depFk?.from).toBe("triggered_by_deployment_id")
+  })
+
+  test("rollback_executions has FKs to deployments + incidents", () => {
+    runMigrations(db)
+    const fks = db.query("PRAGMA foreign_key_list(rollback_executions)").all() as Array<{ table: string; from: string }>
+    const tables = fks.map(f => f.table)
+    expect(tables).toContain("deployments")
+    expect(tables).toContain("incidents")
+    // Should have 2 FKs to deployments (deployment_id + new_deployment_id)
+    const depFks = fks.filter(f => f.table === "deployments")
+    expect(depFks.length).toBe(2)
+  })
+
+  test("indices exist on key columns", () => {
+    runMigrations(db)
+    const indices = db.query("SELECT name FROM sqlite_master WHERE type='index' AND name LIKE 'idx_%'").all() as Array<{ name: string }>
+    const names = indices.map(i => i.name)
+    expect(names).toContain("idx_environments_slug")
+    expect(names).toContain("idx_releases_version")
+    expect(names).toContain("idx_deployments_status")
+    expect(names).toContain("idx_incidents_severity")
+    expect(names).toContain("idx_rollbacks_deployment")
+  })
+
+  test("CHECK constraints enforce severity enum", () => {
+    runMigrations(db)
+    // Insert valid severity
+    db.query("INSERT INTO incidents (id, title, severity, status, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?)").run("i1", "test", "sev1", "open", Date.now(), Date.now())
+    // Invalid severity should fail
+    expect(() => {
+      db.query("INSERT INTO incidents (id, title, severity, status, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?)").run("i2", "test", "sev5", "open", Date.now(), Date.now())
+    }).toThrow()
+  })
+
+  test("CHECK constraints enforce incident status enum", () => {
+    runMigrations(db)
+    expect(() => {
+      db.query("INSERT INTO incidents (id, title, severity, status, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?)").run("i3", "test", "sev1", "invalid_status", Date.now(), Date.now())
+    }).toThrow()
+  })
+
+  test("CHECK constraints enforce rollback status enum", () => {
+    runMigrations(db)
+    // Need a deployment first for FK
+    db.query("INSERT INTO environments (id, name, slug, created_at, updated_at) VALUES (?, ?, ?, ?, ?)").run("e1", "prod", "prod", Date.now(), Date.now())
+    db.query("INSERT INTO releases (id, version, title, created_at) VALUES (?, ?, ?, ?)").run("r1", "1.0.0", "rel", Date.now())
+    db.query("INSERT INTO deployments (id, release_id, environment_id, status, created_at) VALUES (?, ?, ?, ?, ?)").run("d1", "r1", "e1", "planned", Date.now())
+    expect(() => {
+      db.query("INSERT INTO rollback_executions (id, deployment_id, status, plan, created_at) VALUES (?, ?, ?, ?, ?)").run("rb1", "d1", "invalid_status", "plan", Date.now())
+    }).toThrow()
+  })
+
+  test("FK constraint — cannot insert deployment with non-existent release", () => {
+    runMigrations(db)
+    db.query("INSERT INTO environments (id, name, slug, created_at, updated_at) VALUES (?, ?, ?, ?, ?)").run("e1", "prod", "prod", Date.now(), Date.now())
+    expect(() => {
+      db.query("INSERT INTO deployments (id, release_id, environment_id, status, created_at) VALUES (?, ?, ?, ?, ?)").run("d1", "nonexistent", "e1", "planned", Date.now())
+    }).toThrow()
+  })
+
+  test("v15 is the last entry in MIGRATIONS array", () => {
+    const last = MIGRATIONS[MIGRATIONS.length - 1]
+    expect(last).toBeDefined()
+    expect(last!.version).toBe(15)
+  })
+})