npm - ndomo - Versions diffs - 0.1.0 - Mend

ndomo 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (247) hide show

package/.bun-version +1 -0
package/.dockerignore +79 -0
package/.editorconfig +18 -0
package/.env.example +19 -0
package/.github/CODEOWNERS +8 -0
package/.github/ISSUE_TEMPLATE/bug_report.yml +62 -0
package/.github/ISSUE_TEMPLATE/config.yml +2 -0
package/.github/ISSUE_TEMPLATE/feature_request.yml +34 -0
package/.github/dependabot.yml +36 -0
package/.github/pull_request_template.md +24 -0
package/.github/release.yml +30 -0
package/.github/workflows/gitleaks.yml +28 -0
package/.github/workflows/release-please.yml +27 -0
package/.github/workflows/smoke.yml +29 -0
package/.husky/commit-msg +1 -0
package/CHANGELOG.md +114 -0
package/Dockerfile +32 -0
package/README.es.md +174 -0
package/README.md +187 -0
package/agents/chronicler.md +98 -0
package/agents/ci-smith.md +136 -0
package/agents/craftsman.md +341 -0
package/agents/deploy-smith.md +138 -0
package/agents/foreman.md +377 -0
package/agents/go-smith.md +164 -0
package/agents/guild.md +188 -0
package/agents/inspector.md +83 -0
package/agents/js-smith.md +127 -0
package/agents/ops-scout.md +173 -0
package/agents/painter.md +200 -0
package/agents/python-smith.md +120 -0
package/agents/ranger.md +307 -0
package/agents/release-smith.md +165 -0
package/agents/rust-smith.md +159 -0
package/agents/sage.md +178 -0
package/agents/scout.md +144 -0
package/agents/scribe.md +156 -0
package/agents/smith.md +201 -0
package/agents/vue-smith.md +155 -0
package/agents/warden.md +216 -0
package/agents/zig-smith.md +156 -0
package/bin/ndomo-analyses.ts +4 -0
package/bin/ndomo-status.ts +4 -0
package/biome.json +57 -0
package/bun.lock +514 -0
package/commitlint.config.js +3 -0
package/config/ndomo.config.json +258 -0
package/config/ndomo.schema.json +166 -0
package/docs/agents.md +375 -0
package/docs/bugs/plan-create-orphan-fk.md +131 -0
package/docs/bugs/task_create_batch-order-index-collision.md +158 -0
package/docs/configuration.md +276 -0
package/docs/database.md +364 -0
package/docs/features/feature-flexible-builder-v1.md +724 -0
package/docs/features/feature-flexible-builder-v2.md +882 -0
package/docs/features/feature-flexible-builder.md +974 -0
package/docs/http-server.md +244 -0
package/docs/installation.md +259 -0
package/docs/integrations.md +129 -0
package/docs/operations/anti-pattern-sub-agent-verify-2026-06-21.md +32 -0
package/docs/operations/audit-v1.md +417 -0
package/docs/operations/audit-v2.md +197 -0
package/docs/operations/audit-v3.md +306 -0
package/docs/operations/db-optimize-foundations.md +123 -0
package/docs/operations/verify-gate-architecture.md +82 -0
package/docs/workflows.md +448 -0
package/opencode.json +5 -0
package/package.json +65 -0
package/release-please-config.json +11 -0
package/scripts/dev-bust-cache.sh +164 -0
package/scripts/install.sh +688 -0
package/scripts/smoke-e2e.ts +704 -0
package/scripts/smoke-hot.ts +417 -0
package/scripts/smoke-http.sh +228 -0
package/scripts/smoke-v4.ts +256 -0
package/scripts/smoke-v5.ts +397 -0
package/scripts/smoke.sh +9 -0
package/scripts/uninstall.sh +224 -0
package/skills/api-security-best-practices/SKILL.md +915 -0
package/skills/bash-scripting/SKILL.md +201 -0
package/skills/bun/SKILL.md +313 -0
package/skills/cavecrew/SKILL.md +82 -0
package/skills/caveman/SKILL.md +74 -0
package/skills/caveman-review/README.md +33 -0
package/skills/caveman-review/SKILL.md +55 -0
package/skills/find-skills/SKILL.md +142 -0
package/skills/frontend-design/LICENSE.txt +177 -0
package/skills/frontend-design/SKILL.md +55 -0
package/skills/golang-patterns/SKILL.md +674 -0
package/skills/golang-security/SKILL.md +185 -0
package/skills/golang-security/evals/evals.json +595 -0
package/skills/golang-security/references/architecture.md +268 -0
package/skills/golang-security/references/checklist.md +80 -0
package/skills/golang-security/references/cookies.md +200 -0
package/skills/golang-security/references/cryptography.md +424 -0
package/skills/golang-security/references/filesystem.md +285 -0
package/skills/golang-security/references/injection.md +315 -0
package/skills/golang-security/references/logging.md +163 -0
package/skills/golang-security/references/memory-safety.md +241 -0
package/skills/golang-security/references/network.md +253 -0
package/skills/golang-security/references/secrets.md +189 -0
package/skills/golang-security/references/third-party.md +159 -0
package/skills/golang-security/references/threat-modeling.md +189 -0
package/skills/golang-testing/SKILL.md +720 -0
package/skills/grill-me/SKILL.md +7 -0
package/skills/javascript-testing-patterns/SKILL.md +537 -0
package/skills/javascript-testing-patterns/references/advanced-testing-patterns.md +513 -0
package/skills/modern-javascript-patterns/SKILL.md +43 -0
package/skills/modern-javascript-patterns/references/advanced-patterns.md +487 -0
package/skills/modern-javascript-patterns/references/details.md +457 -0
package/skills/python-anti-patterns/SKILL.md +349 -0
package/skills/python-design-patterns/SKILL.md +85 -0
package/skills/python-design-patterns/references/details.md +353 -0
package/skills/python-error-handling/SKILL.md +193 -0
package/skills/python-error-handling/references/details.md +171 -0
package/skills/python-testing-patterns/SKILL.md +278 -0
package/skills/python-testing-patterns/references/advanced-patterns.md +411 -0
package/skills/python-testing-patterns/references/details.md +349 -0
package/skills/rust-patterns/SKILL.md +500 -0
package/skills/rust-testing/SKILL.md +501 -0
package/skills/security-review/SKILL.md +504 -0
package/skills/security-review/cloud-infrastructure-security.md +361 -0
package/skills/vue-best-practices/SKILL.md +154 -0
package/skills/vue-best-practices/references/animation-class-based-technique.md +254 -0
package/skills/vue-best-practices/references/animation-state-driven-technique.md +291 -0
package/skills/vue-best-practices/references/component-async.md +97 -0
package/skills/vue-best-practices/references/component-data-flow.md +307 -0
package/skills/vue-best-practices/references/component-fallthrough-attrs.md +174 -0
package/skills/vue-best-practices/references/component-keep-alive.md +137 -0
package/skills/vue-best-practices/references/component-slots.md +216 -0
package/skills/vue-best-practices/references/component-suspense.md +228 -0
package/skills/vue-best-practices/references/component-teleport.md +108 -0
package/skills/vue-best-practices/references/component-transition-group.md +128 -0
package/skills/vue-best-practices/references/component-transition.md +125 -0
package/skills/vue-best-practices/references/composables.md +290 -0
package/skills/vue-best-practices/references/directives.md +162 -0
package/skills/vue-best-practices/references/perf-avoid-component-abstraction-in-lists.md +159 -0
package/skills/vue-best-practices/references/perf-v-once-v-memo-directives.md +182 -0
package/skills/vue-best-practices/references/perf-virtualize-large-lists.md +187 -0
package/skills/vue-best-practices/references/plugins.md +166 -0
package/skills/vue-best-practices/references/reactivity.md +344 -0
package/skills/vue-best-practices/references/render-functions.md +201 -0
package/skills/vue-best-practices/references/sfc.md +310 -0
package/skills/vue-best-practices/references/state-management.md +135 -0
package/skills/vue-best-practices/references/updated-hook-performance.md +187 -0
package/skills/vue-pinia-best-practices/SKILL.md +21 -0
package/skills/vue-pinia-best-practices/reference/pinia-no-active-pinia-error.md +248 -0
package/skills/vue-pinia-best-practices/reference/pinia-setup-store-return-all-state.md +227 -0
package/skills/vue-pinia-best-practices/reference/pinia-store-destructuring-breaks-reactivity.md +193 -0
package/skills/vue-pinia-best-practices/reference/state-url-for-ephemeral-filters.md +238 -0
package/skills/vue-pinia-best-practices/reference/state-use-pinia-for-large-apps.md +262 -0
package/skills/vue-pinia-best-practices/reference/store-method-binding-parentheses.md +191 -0
package/skills/zig-0.16/SKILL.md +840 -0
package/skills/zig-0.16/scripts/check-zig-version.sh +21 -0
package/src/cli/analyses.ts +280 -0
package/src/cli/index.ts +108 -0
package/src/cli/serve.ts +192 -0
package/src/cli/smoke.ts +131 -0
package/src/cli/status.test.ts +204 -0
package/src/cli/status.ts +263 -0
package/src/cli/vacuum.test.ts +82 -0
package/src/cli/vacuum.ts +96 -0
package/src/config/schema.test.ts +88 -0
package/src/config/schema.ts +64 -0
package/src/db/analyses-migration.test.ts +210 -0
package/src/db/analyses.test.ts +466 -0
package/src/db/analyses.ts +375 -0
package/src/db/auto-checkpoint.ts +131 -0
package/src/db/client.test.ts +129 -0
package/src/db/client.ts +55 -0
package/src/db/fts-escape.ts +20 -0
package/src/db/incidents.test.ts +201 -0
package/src/db/incidents.ts +93 -0
package/src/db/index.ts +86 -0
package/src/db/migrations-v13.test.ts +141 -0
package/src/db/migrations-v8.test.ts +301 -0
package/src/db/migrations.ts +147 -0
package/src/db/plan-archive.test.ts +180 -0
package/src/db/plan-archive.ts +274 -0
package/src/db/plan-create.test.ts +276 -0
package/src/db/plan-create.ts +78 -0
package/src/db/plan-files.test.ts +289 -0
package/src/db/plan-update-status.ts +287 -0
package/src/db/plans.test.ts +490 -0
package/src/db/plans.ts +534 -0
package/src/db/resolve-project-dir.test.ts +143 -0
package/src/db/resolve-project-dir.ts +75 -0
package/src/db/rollbacks.test.ts +150 -0
package/src/db/rollbacks.ts +67 -0
package/src/db/schema.ts +907 -0
package/src/db/sessions.test.ts +80 -0
package/src/db/sessions.ts +135 -0
package/src/db/shutdown.test.ts +147 -0
package/src/db/shutdown.ts +45 -0
package/src/db/tasks.test.ts +921 -0
package/src/db/tasks.ts +747 -0
package/src/db/types.ts +619 -0
package/src/http/__tests__/auth.test.ts +196 -0
package/src/http/__tests__/routes.test.ts +465 -0
package/src/http/__tests__/sse.test.ts +317 -0
package/src/http/auth.ts +72 -0
package/src/http/middleware/cors.ts +53 -0
package/src/http/middleware/security-headers.ts +21 -0
package/src/http/routes/events.ts +112 -0
package/src/http/routes/health.ts +51 -0
package/src/http/routes/plans.ts +66 -0
package/src/http/routes/sessions.ts +50 -0
package/src/http/routes/tasks.ts +60 -0
package/src/http/server.ts +95 -0
package/src/http/sse.ts +116 -0
package/src/index.ts +37 -0
package/src/lib.ts +65 -0
package/src/mem/scoped.ts +65 -0
package/src/orchestrator/background.test.ts +268 -0
package/src/orchestrator/background.ts +293 -0
package/src/orchestrator/memory-hook.ts +182 -0
package/src/orchestrator/reconciler.ts +123 -0
package/src/orchestrator/scheduler.test.ts +300 -0
package/src/orchestrator/scheduler.ts +243 -0
package/src/plugin.test.ts +2574 -0
package/src/plugin.ts +1690 -0
package/src/sdk/client.ts +66 -0
package/src/worktrees/manager.ts +236 -0
package/src/worktrees/state.ts +87 -0
package/tests/integration/ranger-flow.test.ts +257 -0
package/tools/analysis_archive.ts +28 -0
package/tools/analysis_create.ts +55 -0
package/tools/analysis_get.ts +33 -0
package/tools/analysis_link_plan.ts +44 -0
package/tools/analysis_list.ts +48 -0
package/tools/analysis_search.ts +36 -0
package/tools/analysis_update.ts +44 -0
package/tools/plan_approve.ts +31 -0
package/tools/plan_create.ts +58 -0
package/tools/plan_get.ts +40 -0
package/tools/plan_list.ts +37 -0
package/tools/plan_search.ts +34 -0
package/tools/plan_update_status.ts +71 -0
package/tools/session_checkpoint.ts +31 -0
package/tools/session_end.ts +26 -0
package/tools/session_start.ts +43 -0
package/tools/task_create_batch.ts +70 -0
package/tools/task_list.ts +35 -0
package/tools/task_next_for_agent.ts +30 -0
package/tools/task_search.ts +34 -0
package/tools/task_update_status.ts +37 -0
package/tsconfig.json +31 -0

package/src/db/sessions.test.ts ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Tests for ensureSession — the idempotent FK-integrity helper.
+ *
+ * Uses in-memory SQLite via bun:sqlite. Each test gets a fresh DB
+ * with the full schema applied by runMigrations.
+ */
+import { Database } from "bun:sqlite";
+import { beforeEach, describe, expect, test } from "bun:test";
+import { runMigrations } from "./migrations.ts";
+import { ensureSession, getSession } from "./sessions.ts";
+let db: Database;
+beforeEach(() => {
+  db = new Database(":memory:");
+  db.exec("PRAGMA foreign_keys = ON");
+  runMigrations(db);
+});
+describe("ensureSession", () => {
+  test("inserts row when missing", () => {
+    const id = crypto.randomUUID();
+    ensureSession(db, id, "test goal");
+    const row = getSession(db, id);
+    expect(row).not.toBeNull();
+    expect(row?.id).toBe(id);
+    expect(row?.goal).toBe("test goal");
+    expect(row?.createdBy).toBe("auto");
+    // NOT NULL cols must be populated
+    expect(row?.startedAt).toBeGreaterThan(0);
+    expect(row?.lastCheckpoint).toBeGreaterThan(0);
+    expect(row?.state).toEqual({});
+    expect(row?.agentHistory).toEqual([]);
+  });
+  test("is idempotent on existing row with different goal", () => {
+    const id = crypto.randomUUID();
+    ensureSession(db, id, "goal A");
+    ensureSession(db, id, "goal B");
+    const row = getSession(db, id);
+    expect(row).not.toBeNull();
+    // INSERT OR IGNORE — original goal preserved
+    expect(row?.goal).toBe("goal A");
+  });
+  test("respects custom createdBy", () => {
+    const id = crypto.randomUUID();
+    ensureSession(db, id, "test goal", "test-agent");
+    const row = getSession(db, id);
+    expect(row).not.toBeNull();
+    expect(row?.createdBy).toBe("test-agent");
+  });
+  test("defaults createdBy to 'auto' when not specified", () => {
+    const id = crypto.randomUUID();
+    ensureSession(db, id, "test goal");
+    const row = getSession(db, id);
+    expect(row).not.toBeNull();
+    expect(row?.createdBy).toBe("auto");
+  });
+  test("populates started_at and last_checkpoint with current timestamp", () => {
+    const before = Date.now();
+    const id = crypto.randomUUID();
+    ensureSession(db, id, "timestamp check");
+    const after = Date.now();
+    const row = getSession(db, id);
+    expect(row).not.toBeNull();
+    expect(row?.startedAt).toBeGreaterThanOrEqual(before);
+    expect(row?.startedAt).toBeLessThanOrEqual(after);
+    expect(row?.lastCheckpoint).toBeGreaterThanOrEqual(before);
+    expect(row?.lastCheckpoint).toBeLessThanOrEqual(after);
+  });
+});

package/src/db/sessions.ts ADDED Viewed

@@ -0,0 +1,135 @@
+/**
+ * ndomo DB — Session lifecycle management.
+ *
+ * Sessions track continuity across multiple agents working
+ * toward a shared goal. They record checkpoints, agent history,
+ * and key decisions.
+ */
+import type { Database } from "bun:sqlite";
+import type { Session, SessionMetadata } from "./types.ts";
+import { sessionFromRow } from "./types.ts";
+/**
+ * Idempotent upsert: ensure a session row exists for FK integrity.
+ *
+ * Used by plan_create and plan transition functions so that the harness
+ * session ID (ctx.sessionID) always has a matching row in `sessions`.
+ * INSERT OR IGNORE is safe — if the row already exists, this is a no-op.
+ * Does NOT call `startSession` (which requires full Session shape).
+ */
+export function ensureSession(
+  db: Database,
+  sessionId: string,
+  fallbackGoal: string,
+  createdBy = "auto",
+): void {
+  const now = Date.now();
+  db.query(
+    `INSERT OR IGNORE INTO sessions (id, started_at, last_checkpoint, goal, state, agent_history, created_by)
+     VALUES (?, ?, ?, ?, '{}', '[]', ?)`,
+  ).run(sessionId, now, now, fallbackGoal, createdBy);
+}
+export function startSession(
+  db: Database,
+  session: {
+    id: string;
+    goal: string;
+    planId?: string;
+    metadata?: SessionMetadata;
+    createdBy?: string;
+    sourceMessageId?: string;
+  },
+): Session {
+  const now = Date.now();
+  const meta = session.metadata ?? {};
+  db.query(
+    `INSERT INTO sessions (id, started_at, last_checkpoint, plan_id, goal, state, agent_history, key_decisions, metadata, created_by, source_message_id)
+     VALUES (?, ?, ?, ?, ?, '{}', '[]', NULL, ?, ?, ?)`,
+  ).run(
+    session.id,
+    now,
+    now,
+    session.planId ?? null,
+    session.goal,
+    JSON.stringify(meta),
+    session.createdBy ?? "unknown",
+    session.sourceMessageId ?? null,
+  );
+  const created = getSession(db, session.id);
+  if (!created) throw new Error("ndomo: failed to create session");
+  return created;
+}
+export function getSession(db: Database, id: string): Session | null {
+  const row = db.query("SELECT * FROM sessions WHERE id = ?").get(id);
+  return row ? sessionFromRow(row) : null;
+}
+export function listSessions(
+  db: Database,
+  opts: { planId?: string; limit?: number; includeArchived?: boolean } = {},
+): Session[] {
+  const limit = opts.limit ?? 20;
+  const conditions: string[] = [];
+  const params: (string | number)[] = [];
+  if (opts.planId) {
+    conditions.push("plan_id = ?");
+    params.push(opts.planId);
+  }
+  if (!opts.includeArchived) {
+    conditions.push("archived_at IS NULL");
+  }
+  const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+  params.push(limit);
+  const rows = db
+    .query(`SELECT * FROM sessions ${where} ORDER BY started_at DESC LIMIT ?`)
+    .all(...params);
+  return (rows as unknown[]).map((r) => sessionFromRow(r));
+}
+export function checkpointSession(
+  db: Database,
+  id: string,
+  state: Record<string, unknown>,
+  keyDecisions?: string,
+): Session | null {
+  const now = Date.now();
+  const result = db
+    .query(
+      "UPDATE sessions SET last_checkpoint = ?, state = ?, key_decisions = COALESCE(?, key_decisions) WHERE id = ?",
+    )
+    .run(now, JSON.stringify(state), keyDecisions ?? null, id);
+  if (result.changes === 0) return null;
+  return getSession(db, id);
+}
+export function appendAgentHistory(
+  db: Database,
+  id: string,
+  entry: {
+    agent: string;
+    taskId?: string;
+    startedAt?: number;
+    endedAt?: number | null;
+  },
+): Session | null {
+  const sess = getSession(db, id);
+  if (!sess) return null;
+  const history = [...sess.agentHistory, { ...entry, startedAt: entry.startedAt ?? Date.now() }];
+  db.query("UPDATE sessions SET agent_history = ? WHERE id = ?").run(JSON.stringify(history), id);
+  return getSession(db, id);
+}
+export function endSession(db: Database, id: string): Session | null {
+  const now = Date.now();
+  const result = db
+    .query("UPDATE sessions SET ended_at = ? WHERE id = ? AND ended_at IS NULL")
+    .run(now, id);
+  if (result.changes === 0) return null;
+  return getSession(db, id);
+}

package/src/db/shutdown.test.ts ADDED Viewed

@@ -0,0 +1,147 @@
+/**
+ * Tests for shutdown.ts — plan fcb12dc5 (memory hygiene, finding #2).
+ *
+ * Validates that:
+ *  - Multiple openDb() calls each get SIGTERM/SIGINT/beforeExit cleanup
+ *    (regression: module-level `registered` boolean skipped all but the first).
+ *  - unregister(db) explicitly removes a db from cleanup tracking (needed
+ *    by tests, hot-reload, and explicit teardown paths).
+ *  - process.once is used for SIGTERM/SIGINT so listeners self-remove after
+ *    firing (regression: process.on would leak listeners across signals).
+ *  - SIGTERM cleanly closes all tracked dbs (verify by attempting use-after-close).
+ */
+import { afterEach, beforeEach, describe, expect, test } from "bun:test";
+import { mkdtempSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { closeDb, openDb } from "./client.ts";
+import { getRegisteredDbCount, registerShutdownHandlers, unregister } from "./shutdown.ts";
+describe("shutdown — tracking", () => {
+  let tmpDir: string;
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), "ndomo-shutdown-test-"));
+  });
+  afterEach(() => {
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+  test("registerShutdownHandlers tracks each db in a Set", () => {
+    const baseline = getRegisteredDbCount();
+    const db1 = openDb(tmpDir);
+    const db2 = openDb(join(tmpDir, "sub"));
+    registerShutdownHandlers(db1);
+    expect(getRegisteredDbCount()).toBe(baseline + 1);
+    registerShutdownHandlers(db2);
+    expect(getRegisteredDbCount()).toBe(baseline + 2);
+    // Calling again with the same db should not double-count (Set semantics).
+    registerShutdownHandlers(db1);
+    expect(getRegisteredDbCount()).toBe(baseline + 2);
+    unregister(db1);
+    unregister(db2);
+    closeDb(db1);
+    closeDb(db2);
+  });
+  test("unregister(db) removes db from tracking", () => {
+    const db = openDb(tmpDir);
+    const baseline = getRegisteredDbCount();
+    registerShutdownHandlers(db);
+    expect(getRegisteredDbCount()).toBe(baseline + 1);
+    unregister(db);
+    expect(getRegisteredDbCount()).toBe(baseline);
+    closeDb(db);
+  });
+  test("unregister of an untracked db is a no-op (no throw)", () => {
+    const db = openDb(tmpDir);
+    expect(() => unregister(db)).not.toThrow();
+    closeDb(db);
+  });
+});
+describe("shutdown — SIGTERM behavior", () => {
+  let tmpDir: string;
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), "ndomo-shutdown-sigterm-"));
+  });
+  afterEach(() => {
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+  test("SIGTERM closes ALL registered dbs (regression: 2nd db used to leak)", () => {
+    const db1 = openDb(tmpDir);
+    const db2 = openDb(join(tmpDir, "sub"));
+    registerShutdownHandlers(db1);
+    registerShutdownHandlers(db2);
+    process.emit("SIGTERM" as NodeJS.Signals);
+    // Both dbs should now be closed — using them throws.
+    expect(() => db1.query("SELECT 1").get()).toThrow();
+    expect(() => db2.query("SELECT 1").get()).toThrow();
+  });
+  test("SIGINT closes ALL registered dbs", () => {
+    const db1 = openDb(tmpDir);
+    const db2 = openDb(join(tmpDir, "sub"));
+    registerShutdownHandlers(db1);
+    registerShutdownHandlers(db2);
+    process.emit("SIGINT" as NodeJS.Signals);
+    expect(() => db1.query("SELECT 1").get()).toThrow();
+    expect(() => db2.query("SELECT 1").get()).toThrow();
+  });
+  test("unregistered db is NOT closed on SIGTERM", () => {
+    const db1 = openDb(tmpDir);
+    const db2 = openDb(join(tmpDir, "sub"));
+    registerShutdownHandlers(db1);
+    registerShutdownHandlers(db2);
+    unregister(db2);
+    process.emit("SIGTERM" as NodeJS.Signals);
+    // db1 closed, db2 still usable
+    expect(() => db1.query("SELECT 1").get()).toThrow();
+    expect(db2.query("SELECT 1").get()).not.toBeNull();
+    // Cleanup
+    closeDb(db2);
+  });
+  test("process.once — SIGTERM listeners self-remove after firing (no leak)", () => {
+    const db1 = openDb(tmpDir);
+    const db2 = openDb(join(tmpDir, "sub"));
+    const beforeRegister = process.listenerCount("SIGTERM");
+    registerShutdownHandlers(db1);
+    registerShutdownHandlers(db2);
+    const afterRegister = process.listenerCount("SIGTERM");
+    // We added 2 SIGTERM listeners (one per db registration)
+    expect(afterRegister - beforeRegister).toBe(2);
+    // Emit SIGTERM — both listeners fire cleanup, then process.once removes them
+    process.emit("SIGTERM" as NodeJS.Signals);
+    const afterEmit = process.listenerCount("SIGTERM");
+    // process.once guarantees listeners deregister after firing — count must
+    // drop back to pre-registration baseline (no accumulation across signals).
+    expect(afterEmit).toBe(beforeRegister);
+  });
+});

package/src/db/shutdown.ts ADDED Viewed

@@ -0,0 +1,45 @@
+/**
+ * ndomo DB — Graceful shutdown handler.
+ *
+ * Tracks every Database returned by openDb() in a module-level Set so each
+ * connection gets SIGTERM/SIGINT/beforeExit cleanup. Replaces the previous
+ * module-level `registered` boolean which silently skipped every call after
+ * the first (resulting in leaked file handles on hot-reload, smoke tests,
+ * and CLI tools running alongside the plugin).
+ *
+ * Signal handlers use `process.once` so listeners self-remove after firing —
+ * prevents listener accumulation when multiple dbs register in sequence.
+ */
+import type { Database } from "bun:sqlite";
+import { closeDb } from "./client.ts";
+const registeredDbs = new Set<Database>();
+export function registerShutdownHandlers(db: Database): void {
+  if (registeredDbs.has(db)) return;
+  registeredDbs.add(db);
+  const cleanup = (): void => {
+    for (const tracked of registeredDbs) {
+      try {
+        closeDb(tracked);
+      } catch {
+        /* ignore — already closed or never opened */
+      }
+    }
+    registeredDbs.clear();
+  };
+  process.once("SIGTERM", cleanup);
+  process.once("SIGINT", cleanup);
+  process.once("beforeExit", cleanup);
+}
+export function unregister(db: Database): void {
+  registeredDbs.delete(db);
+}
+export function getRegisteredDbCount(): number {
+  return registeredDbs.size;
+}