nemoris 0.1.0 → 0.1.2

package/src/daemon/nurse.js

@@ -1,218 +1,218 @@
-const IDENTITY_FIELDS = new Set(["name", "soul", "purpose", "persona"]);
-const MAX_ATTEMPTS = 3;
-const AUTO_PROMOTE_ACTIONS = new Set(["restart", "retry", "retry_backoff", "resend", "cache_clear", "connection_reset", "compact", "reap", "rebuild_index"]);
-
-export class Nurse {
-  constructor({ repairLog, ruleStaging, runLlm, executeAction, notify, isOllamaAvailable }) {
-    this.repairLog = repairLog;
-    this.ruleStaging = ruleStaging;
-    this.runLlm = runLlm;
-    this.executeAction = executeAction;
-    this.notify = notify || (async () => {});
-    this.isOllamaAvailable = isOllamaAvailable || (async () => true);
-    this._ollamaFirstDownAt = null;
-  }
-
-  validateAction({ action, config_field }) {
-    if (action === "edit_config" && config_field && IDENTITY_FIELDS.has(config_field)) {
-      return { allowed: false, reason: "identity_field_protected" };
-    }
-    return { allowed: true };
-  }
-
-  async diagnoseEscalation(escalationId) {
-    // Check if Ollama is available before attempting diagnosis
-    if (!(await this.isOllamaAvailable())) {
-      // Don't claim — leave unclaimed so it's retried when Ollama is back
-      return;
-    }
-
-    const escalation = this.repairLog.getById(escalationId);
-    if (!escalation) return;
-
-    const recentContext = this.repairLog.getRecent(50);
-    const prompt = this._buildDiagnosticPrompt(escalation, recentContext);
-
-    const childId = this.repairLog.write({
-      source: "nurse", type: escalation.type, action: null,
-      result: "escalated", severity: "critical",
-      diagnosis: "Diagnosing...", parent_id: escalationId, attempts: 0
-    });
-
-    for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
-      let diagnosis, proposedAction;
-      try {
-        const raw = await this.runLlm(prompt);
-        const parsed = JSON.parse(raw);
-        diagnosis = parsed.diagnosis || "No diagnosis provided";
-        proposedAction = parsed.action || null;
-      } catch {
-        diagnosis = "LLM response unparseable";
-        proposedAction = null;
-      }
-
-      if (proposedAction) {
-        const validation = this.validateAction({ action: proposedAction, config_field: null });
-        if (!validation.allowed) {
-          this.repairLog.update(childId, {
-            action: proposedAction, result: "unresolved", severity: "critical",
-            diagnosis: `Blocked: ${validation.reason}`, attempts: attempt
-          });
-          await this.notify("critical", `Nurse attempted blocked action: ${proposedAction} (${validation.reason})`);
-          return;
-        }
-      }
-
-      const success = proposedAction ? await this.executeAction(proposedAction, escalation.context) : false;
-      const isLast = attempt === MAX_ATTEMPTS;
-
-      this.repairLog.update(childId, {
-        action: proposedAction,
-        result: success ? "resolved" : (isLast ? "unresolved" : "escalated"),
-        severity: success ? "notable" : "critical",
-        diagnosis,
-        attempts: attempt
-      });
-
-      if (success) {
-        await this.notify("notable", `Resolved: ${escalation.type} — ${diagnosis}`);
-        return;
-      }
-
-      if (isLast) {
-        await this.notify("critical", `Unresolved after ${MAX_ATTEMPTS} attempts: ${escalation.type}\nDiagnosis: ${diagnosis}`);
-        return;
-      }
-    }
-  }
-
-  minePatterns() {
-    const nurseEntries = this.repairLog.getRecent(200).filter(e => e.source === "nurse" && e.parent_id);
-    const groups = new Map();
-
-    for (const entry of nurseEntries) {
-      const key = `${entry.type}:${entry.action}`;
-      if (!groups.has(key)) groups.set(key, []);
-      groups.get(key).push(entry);
-    }
-
-    const proposedIds = [];
-    for (const [key, entries] of groups) {
-      if (entries.length < 3) continue;
-      const [type, action] = key.split(":");
-      if (!action || action === "null") continue;
-
-      if (this.ruleStaging.isDuplicate(type, action)) continue;
-
-      const actionClass = AUTO_PROMOTE_ACTIONS.has(action) ? "auto_promote" : "approval_required";
-      const id = this.ruleStaging.propose({
-        match_type: type, action, severity: "notable",
-        action_class: actionClass, cooldown_minutes: 5,
-        evidence: JSON.stringify(entries.map(e => e.id))
-      });
-      proposedIds.push(id);
-    }
-
-    return proposedIds;
-  }
-
-  _getEscalatedTypes() {
-    const escalated = this.repairLog.getRecent(200).filter(e => e.escalated === 1);
-    return [...new Set(escalated.map(e => e.type))];
-  }
-
-  composeDailyDigest() {
-    const since = new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString();
-    const stats = this.repairLog.getDigestSince(since);
-    const heldEntries = this.repairLog.getHeldUpdates();
-    const held = heldEntries.length;
-
-    const counts = {};
-    for (const { severity, count } of stats) counts[severity] = count;
-
-    // Subtract held entries from their severity bucket to avoid double-counting
-    for (const e of heldEntries) {
-      if (e.ts > since && counts[e.severity]) counts[e.severity]--;
-    }
-
-    const notables = counts.notable || 0;
-    const criticals = counts.critical || 0;
-    const silents = counts.silent || 0;
-
-    // Digest fires only when notables > 0 OR criticals > 0 OR held > 0
-    if (notables === 0 && criticals === 0 && held === 0) return null;
-
-    const lines = ["Daily health digest:"];
-    if (silents > 0) lines.push(`  ${silents} routine heal(s) (silent)`);
-    if (notables > 0) lines.push(`  ${notables} notable event(s)`);
-    if (criticals > 0) lines.push(`  ${criticals} critical issue(s)`);
-    if (held > 0) lines.push(`  ${held} held update(s) awaiting /approve`);
-    return lines.join("\n");
-  }
-
-  async checkOllamaDowntime() {
-    const available = await this.isOllamaAvailable();
-    if (available) {
-      this._ollamaFirstDownAt = null;
-      return;
-    }
-    if (!this._ollamaFirstDownAt) {
-      this._ollamaFirstDownAt = new Date();
-      return;
-    }
-    const downMs = Date.now() - this._ollamaFirstDownAt.getTime();
-    if (downMs > 24 * 60 * 60 * 1000) {
-      await this.notify("critical", "I can't reason about failures right now — Ollama is offline.");
-      this._ollamaFirstDownAt = new Date(); // Reset to avoid spamming every tick
-    }
-  }
-
-  async processHeldUpdateExpiry() {
-    const held = this.repairLog.getHeldUpdates();
-    const now = Date.now();
-    for (const entry of held) {
-      const age = now - new Date(entry.ts).getTime();
-      const daysOld = age / (24 * 60 * 60 * 1000);
-      const ctx = entry.context ? JSON.parse(entry.context) : {};
-      // Remind once between day 25 and 30 (check repair_log for existing reminder)
-      const reminderKey = `reminder:${entry.id}`;
-      const alreadyReminded = this.repairLog.getRecentByType(reminderKey, 30).length > 0;
-      if (daysOld >= 25 && daysOld < 30 && !alreadyReminded) {
-        this.repairLog.write({ source: "nurse", type: reminderKey, action: "remind", result: "resolved", severity: "silent" });
-        await this.notify("notable", `Reminder: ${ctx.update_target || "update"} ${ctx.to_version || ""} is still held. Reply /approve ${entry.id} or it expires in ${Math.ceil(30 - daysOld)} days.`);
-      }
-      // Archive at 30 days — write a child row marking it expired
-      if (daysOld >= 30) {
-        this.repairLog.write({
-          source: "nurse", type: entry.type, action: "expire",
-          result: "resolved", severity: "silent",
-          diagnosis: "Held update expired after 30 days",
-          parent_id: entry.id
-        });
-      }
-    }
-  }
-
-  _buildDiagnosticPrompt(escalation, context) {
-    // Enforce 50-entry window
-    const windowedContext = context.slice(0, 50);
-    // Build compact summary (one line per entry)
-    const lines = windowedContext.map(e =>
-      `[${e.ts.slice(0, 16)}] ${e.source}/${e.type} → ${e.action || "?"} → ${e.result}`
-    );
-    // Truncate if total prompt would exceed ~4000 tokens (~16000 chars)
-    let contextBlock = lines.join("\n");
-    if (contextBlock.length > 8000) {
-      contextBlock = lines.slice(0, 25).join("\n") + "\n... (truncated, 25 more entries)";
-    }
-
-    return `You are a system diagnostician for Nemoris. An unknown failure occurred.
-
-Failure: type=${escalation.type}, context=${escalation.context || "none"}
-
-Recent repair history (last ${windowedContext.length} entries):
-${contextBlock}
-
-Respond with JSON only: {"diagnosis": "root cause", "action": "one of: restart, retry, compact, rebuild_index, edit_config, swap_lane"}`;
-  }
-}
+const IDENTITY_FIELDS = new Set(["name", "soul", "purpose", "persona"]);
+const MAX_ATTEMPTS = 3;
+const AUTO_PROMOTE_ACTIONS = new Set(["restart", "retry", "retry_backoff", "resend", "cache_clear", "connection_reset", "compact", "reap", "rebuild_index"]);
+
+export class Nurse {
+  constructor({ repairLog, ruleStaging, runLlm, executeAction, notify, isOllamaAvailable }) {
+    this.repairLog = repairLog;
+    this.ruleStaging = ruleStaging;
+    this.runLlm = runLlm;
+    this.executeAction = executeAction;
+    this.notify = notify || (async () => {});
+    this.isOllamaAvailable = isOllamaAvailable || (async () => true);
+    this._ollamaFirstDownAt = null;
+  }
+
+  validateAction({ action, config_field }) {
+    if (action === "edit_config" && config_field && IDENTITY_FIELDS.has(config_field)) {
+      return { allowed: false, reason: "identity_field_protected" };
+    }
+    return { allowed: true };
+  }
+
+  async diagnoseEscalation(escalationId) {
+    // Check if Ollama is available before attempting diagnosis
+    if (!(await this.isOllamaAvailable())) {
+      // Don't claim — leave unclaimed so it's retried when Ollama is back
+      return;
+    }
+
+    const escalation = this.repairLog.getById(escalationId);
+    if (!escalation) return;
+
+    const recentContext = this.repairLog.getRecent(50);
+    const prompt = this._buildDiagnosticPrompt(escalation, recentContext);
+
+    const childId = this.repairLog.write({
+      source: "nurse", type: escalation.type, action: null,
+      result: "escalated", severity: "critical",
+      diagnosis: "Diagnosing...", parent_id: escalationId, attempts: 0
+    });
+
+    for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
+      let diagnosis, proposedAction;
+      try {
+        const raw = await this.runLlm(prompt);
+        const parsed = JSON.parse(raw);
+        diagnosis = parsed.diagnosis || "No diagnosis provided";
+        proposedAction = parsed.action || null;
+      } catch {
+        diagnosis = "LLM response unparseable";
+        proposedAction = null;
+      }
+
+      if (proposedAction) {
+        const validation = this.validateAction({ action: proposedAction, config_field: null });
+        if (!validation.allowed) {
+          this.repairLog.update(childId, {
+            action: proposedAction, result: "unresolved", severity: "critical",
+            diagnosis: `Blocked: ${validation.reason}`, attempts: attempt
+          });
+          await this.notify("critical", `Nurse attempted blocked action: ${proposedAction} (${validation.reason})`);
+          return;
+        }
+      }
+
+      const success = proposedAction ? await this.executeAction(proposedAction, escalation.context) : false;
+      const isLast = attempt === MAX_ATTEMPTS;
+
+      this.repairLog.update(childId, {
+        action: proposedAction,
+        result: success ? "resolved" : (isLast ? "unresolved" : "escalated"),
+        severity: success ? "notable" : "critical",
+        diagnosis,
+        attempts: attempt
+      });
+
+      if (success) {
+        await this.notify("notable", `Resolved: ${escalation.type} — ${diagnosis}`);
+        return;
+      }
+
+      if (isLast) {
+        await this.notify("critical", `Unresolved after ${MAX_ATTEMPTS} attempts: ${escalation.type}\nDiagnosis: ${diagnosis}`);
+        return;
+      }
+    }
+  }
+
+  minePatterns() {
+    const nurseEntries = this.repairLog.getRecent(200).filter(e => e.source === "nurse" && e.parent_id);
+    const groups = new Map();
+
+    for (const entry of nurseEntries) {
+      const key = `${entry.type}:${entry.action}`;
+      if (!groups.has(key)) groups.set(key, []);
+      groups.get(key).push(entry);
+    }
+
+    const proposedIds = [];
+    for (const [key, entries] of groups) {
+      if (entries.length < 3) continue;
+      const [type, action] = key.split(":");
+      if (!action || action === "null") continue;
+
+      if (this.ruleStaging.isDuplicate(type, action)) continue;
+
+      const actionClass = AUTO_PROMOTE_ACTIONS.has(action) ? "auto_promote" : "approval_required";
+      const id = this.ruleStaging.propose({
+        match_type: type, action, severity: "notable",
+        action_class: actionClass, cooldown_minutes: 5,
+        evidence: JSON.stringify(entries.map(e => e.id))
+      });
+      proposedIds.push(id);
+    }
+
+    return proposedIds;
+  }
+
+  _getEscalatedTypes() {
+    const escalated = this.repairLog.getRecent(200).filter(e => e.escalated === 1);
+    return [...new Set(escalated.map(e => e.type))];
+  }
+
+  composeDailyDigest() {
+    const since = new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString();
+    const stats = this.repairLog.getDigestSince(since);
+    const heldEntries = this.repairLog.getHeldUpdates();
+    const held = heldEntries.length;
+
+    const counts = {};
+    for (const { severity, count } of stats) counts[severity] = count;
+
+    // Subtract held entries from their severity bucket to avoid double-counting
+    for (const e of heldEntries) {
+      if (e.ts > since && counts[e.severity]) counts[e.severity]--;
+    }
+
+    const notables = counts.notable || 0;
+    const criticals = counts.critical || 0;
+    const silents = counts.silent || 0;
+
+    // Digest fires only when notables > 0 OR criticals > 0 OR held > 0
+    if (notables === 0 && criticals === 0 && held === 0) return null;
+
+    const lines = ["Daily health digest:"];
+    if (silents > 0) lines.push(`  ${silents} routine heal(s) (silent)`);
+    if (notables > 0) lines.push(`  ${notables} notable event(s)`);
+    if (criticals > 0) lines.push(`  ${criticals} critical issue(s)`);
+    if (held > 0) lines.push(`  ${held} held update(s) awaiting /approve`);
+    return lines.join("\n");
+  }
+
+  async checkOllamaDowntime() {
+    const available = await this.isOllamaAvailable();
+    if (available) {
+      this._ollamaFirstDownAt = null;
+      return;
+    }
+    if (!this._ollamaFirstDownAt) {
+      this._ollamaFirstDownAt = new Date();
+      return;
+    }
+    const downMs = Date.now() - this._ollamaFirstDownAt.getTime();
+    if (downMs > 24 * 60 * 60 * 1000) {
+      await this.notify("critical", "I can't reason about failures right now — Ollama is offline.");
+      this._ollamaFirstDownAt = new Date(); // Reset to avoid spamming every tick
+    }
+  }
+
+  async processHeldUpdateExpiry() {
+    const held = this.repairLog.getHeldUpdates();
+    const now = Date.now();
+    for (const entry of held) {
+      const age = now - new Date(entry.ts).getTime();
+      const daysOld = age / (24 * 60 * 60 * 1000);
+      const ctx = entry.context ? JSON.parse(entry.context) : {};
+      // Remind once between day 25 and 30 (check repair_log for existing reminder)
+      const reminderKey = `reminder:${entry.id}`;
+      const alreadyReminded = this.repairLog.getRecentByType(reminderKey, 30).length > 0;
+      if (daysOld >= 25 && daysOld < 30 && !alreadyReminded) {
+        this.repairLog.write({ source: "nurse", type: reminderKey, action: "remind", result: "resolved", severity: "silent" });
+        await this.notify("notable", `Reminder: ${ctx.update_target || "update"} ${ctx.to_version || ""} is still held. Reply /approve ${entry.id} or it expires in ${Math.ceil(30 - daysOld)} days.`);
+      }
+      // Archive at 30 days — write a child row marking it expired
+      if (daysOld >= 30) {
+        this.repairLog.write({
+          source: "nurse", type: entry.type, action: "expire",
+          result: "resolved", severity: "silent",
+          diagnosis: "Held update expired after 30 days",
+          parent_id: entry.id
+        });
+      }
+    }
+  }
+
+  _buildDiagnosticPrompt(escalation, context) {
+    // Enforce 50-entry window
+    const windowedContext = context.slice(0, 50);
+    // Build compact summary (one line per entry)
+    const lines = windowedContext.map(e =>
+      `[${e.ts.slice(0, 16)}] ${e.source}/${e.type} → ${e.action || "?"} → ${e.result}`
+    );
+    // Truncate if total prompt would exceed ~4000 tokens (~16000 chars)
+    let contextBlock = lines.join("\n");
+    if (contextBlock.length > 8000) {
+      contextBlock = lines.slice(0, 25).join("\n") + "\n... (truncated, 25 more entries)";
+    }
+
+    return `You are a system diagnostician for Nemoris. An unknown failure occurred.
+
+Failure: type=${escalation.type}, context=${escalation.context || "none"}
+
+Recent repair history (last ${windowedContext.length} entries):
+${contextBlock}
+
+Respond with JSON only: {"diagnosis": "root cause", "action": "one of: restart, retry, compact, rebuild_index, edit_config, swap_lane"}`;
+  }
+}

package/src/daemon/repair-log.js

@@ -1,106 +1,106 @@
-export class RepairLog {
-  constructor(db) {
-    this.db = db;
-  }
-
-  ensureSchema() {
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS repair_log (
-        id            INTEGER PRIMARY KEY AUTOINCREMENT,
-        ts            TEXT    NOT NULL DEFAULT (strftime('%Y-%m-%dT%H:%M:%fZ','now')),
-        source        TEXT    NOT NULL,
-        type          TEXT    NOT NULL,
-        context       TEXT,
-        action        TEXT,
-        result        TEXT    NOT NULL,
-        severity      TEXT    NOT NULL,
-        diagnosis     TEXT,
-        config_before TEXT,
-        config_after  TEXT,
-        escalated     INTEGER NOT NULL DEFAULT 0,
-        attempts      INTEGER NOT NULL DEFAULT 1,
-        parent_id     INTEGER REFERENCES repair_log(id)
-      );
-      CREATE INDEX IF NOT EXISTS idx_repair_log_type ON repair_log(type);
-      CREATE INDEX IF NOT EXISTS idx_repair_log_ts ON repair_log(ts);
-      CREATE INDEX IF NOT EXISTS idx_repair_log_result_ts ON repair_log(result, ts);
-      CREATE INDEX IF NOT EXISTS idx_repair_log_escalated ON repair_log(escalated) WHERE escalated = 1;
-      CREATE INDEX IF NOT EXISTS idx_repair_log_parent ON repair_log(parent_id) WHERE parent_id IS NOT NULL;
-    `);
-  }
-
-  write({ source, type, context, action, result, severity, diagnosis, config_before, config_after, escalated, attempts, parent_id }) {
-    const stmt = this.db.prepare(`
-      INSERT INTO repair_log (source, type, context, action, result, severity, diagnosis, config_before, config_after, escalated, attempts, parent_id)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `);
-    const info = stmt.run(
-      source, type, context ?? null, action ?? null, result, severity,
-      diagnosis ?? null, config_before ?? null, config_after ?? null,
-      escalated ?? 0, attempts ?? 1, parent_id ?? null
-    );
-    return Number(info.lastInsertRowid);
-  }
-
-  getById(id) {
-    return this.db.prepare("SELECT * FROM repair_log WHERE id = ?").get(id);
-  }
-
-  update(id, { action, result, severity, diagnosis, attempts, config_before, config_after }) {
-    const sets = [];
-    const params = [];
-    if (action !== undefined) { sets.push("action = ?"); params.push(action); }
-    if (result !== undefined) { sets.push("result = ?"); params.push(result); }
-    if (severity !== undefined) { sets.push("severity = ?"); params.push(severity); }
-    if (diagnosis !== undefined) { sets.push("diagnosis = ?"); params.push(diagnosis); }
-    if (attempts !== undefined) { sets.push("attempts = ?"); params.push(attempts); }
-    if (config_before !== undefined) { sets.push("config_before = ?"); params.push(config_before); }
-    if (config_after !== undefined) { sets.push("config_after = ?"); params.push(config_after); }
-    if (sets.length === 0) return;
-    params.push(id);
-    this.db.prepare(`UPDATE repair_log SET ${sets.join(", ")} WHERE id = ?`).run(...params);
-  }
-
-  getUnclaimedEscalations() {
-    return this.db.prepare(`
-      SELECT rl.* FROM repair_log rl
-      WHERE rl.escalated = 1
-        AND NOT EXISTS (SELECT 1 FROM repair_log child WHERE child.parent_id = rl.id)
-      ORDER BY rl.ts ASC
-    `).all();
-  }
-
-  getLastFiring(type, action) {
-    return this.db.prepare(
-      "SELECT * FROM repair_log WHERE type = ? AND action = ? ORDER BY ts DESC LIMIT 1"
-    ).get(type, action);
-  }
-
-  getRecentByType(type, days = 30) {
-    return this.db.prepare(
-      "SELECT * FROM repair_log WHERE type = ? AND ts > datetime('now', ? || ' days') ORDER BY ts DESC"
-    ).all(type, `-${days}`);
-  }
-
-  getRecent(limit = 50) {
-    return this.db.prepare("SELECT * FROM repair_log ORDER BY ts DESC LIMIT ?").all(limit);
-  }
-
-  getHeldUpdates() {
-    return this.db.prepare("SELECT * FROM repair_log WHERE result = 'held' ORDER BY ts DESC").all();
-  }
-
-  getDigestSince(sinceIso) {
-    return this.db.prepare(`
-      SELECT severity, COUNT(*) as count FROM repair_log
-      WHERE ts > ? GROUP BY severity
-    `).all(sinceIso);
-  }
-
-  pruneResolved(retentionDays = 90) {
-    const result = this.db.prepare(
-      "DELETE FROM repair_log WHERE result = 'resolved' AND ts < datetime('now', ? || ' days')"
-    ).run(`-${retentionDays}`);
-    return result.changes;
-  }
-}
+export class RepairLog {
+  constructor(db) {
+    this.db = db;
+  }
+
+  ensureSchema() {
+    this.db.exec(`
+      CREATE TABLE IF NOT EXISTS repair_log (
+        id            INTEGER PRIMARY KEY AUTOINCREMENT,
+        ts            TEXT    NOT NULL DEFAULT (strftime('%Y-%m-%dT%H:%M:%fZ','now')),
+        source        TEXT    NOT NULL,
+        type          TEXT    NOT NULL,
+        context       TEXT,
+        action        TEXT,
+        result        TEXT    NOT NULL,
+        severity      TEXT    NOT NULL,
+        diagnosis     TEXT,
+        config_before TEXT,
+        config_after  TEXT,
+        escalated     INTEGER NOT NULL DEFAULT 0,
+        attempts      INTEGER NOT NULL DEFAULT 1,
+        parent_id     INTEGER REFERENCES repair_log(id)
+      );
+      CREATE INDEX IF NOT EXISTS idx_repair_log_type ON repair_log(type);
+      CREATE INDEX IF NOT EXISTS idx_repair_log_ts ON repair_log(ts);
+      CREATE INDEX IF NOT EXISTS idx_repair_log_result_ts ON repair_log(result, ts);
+      CREATE INDEX IF NOT EXISTS idx_repair_log_escalated ON repair_log(escalated) WHERE escalated = 1;
+      CREATE INDEX IF NOT EXISTS idx_repair_log_parent ON repair_log(parent_id) WHERE parent_id IS NOT NULL;
+    `);
+  }
+
+  write({ source, type, context, action, result, severity, diagnosis, config_before, config_after, escalated, attempts, parent_id }) {
+    const stmt = this.db.prepare(`
+      INSERT INTO repair_log (source, type, context, action, result, severity, diagnosis, config_before, config_after, escalated, attempts, parent_id)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `);
+    const info = stmt.run(
+      source, type, context ?? null, action ?? null, result, severity,
+      diagnosis ?? null, config_before ?? null, config_after ?? null,
+      escalated ?? 0, attempts ?? 1, parent_id ?? null
+    );
+    return Number(info.lastInsertRowid);
+  }
+
+  getById(id) {
+    return this.db.prepare("SELECT * FROM repair_log WHERE id = ?").get(id);
+  }
+
+  update(id, { action, result, severity, diagnosis, attempts, config_before, config_after }) {
+    const sets = [];
+    const params = [];
+    if (action !== undefined) { sets.push("action = ?"); params.push(action); }
+    if (result !== undefined) { sets.push("result = ?"); params.push(result); }
+    if (severity !== undefined) { sets.push("severity = ?"); params.push(severity); }
+    if (diagnosis !== undefined) { sets.push("diagnosis = ?"); params.push(diagnosis); }
+    if (attempts !== undefined) { sets.push("attempts = ?"); params.push(attempts); }
+    if (config_before !== undefined) { sets.push("config_before = ?"); params.push(config_before); }
+    if (config_after !== undefined) { sets.push("config_after = ?"); params.push(config_after); }
+    if (sets.length === 0) return;
+    params.push(id);
+    this.db.prepare(`UPDATE repair_log SET ${sets.join(", ")} WHERE id = ?`).run(...params);
+  }
+
+  getUnclaimedEscalations() {
+    return this.db.prepare(`
+      SELECT rl.* FROM repair_log rl
+      WHERE rl.escalated = 1
+        AND NOT EXISTS (SELECT 1 FROM repair_log child WHERE child.parent_id = rl.id)
+      ORDER BY rl.ts ASC
+    `).all();
+  }
+
+  getLastFiring(type, action) {
+    return this.db.prepare(
+      "SELECT * FROM repair_log WHERE type = ? AND action = ? ORDER BY ts DESC LIMIT 1"
+    ).get(type, action);
+  }
+
+  getRecentByType(type, days = 30) {
+    return this.db.prepare(
+      "SELECT * FROM repair_log WHERE type = ? AND ts > datetime('now', ? || ' days') ORDER BY ts DESC"
+    ).all(type, `-${days}`);
+  }
+
+  getRecent(limit = 50) {
+    return this.db.prepare("SELECT * FROM repair_log ORDER BY ts DESC LIMIT ?").all(limit);
+  }
+
+  getHeldUpdates() {
+    return this.db.prepare("SELECT * FROM repair_log WHERE result = 'held' ORDER BY ts DESC").all();
+  }
+
+  getDigestSince(sinceIso) {
+    return this.db.prepare(`
+      SELECT severity, COUNT(*) as count FROM repair_log
+      WHERE ts > ? GROUP BY severity
+    `).all(sinceIso);
+  }
+
+  pruneResolved(retentionDays = 90) {
+    const result = this.db.prepare(
+      "DELETE FROM repair_log WHERE result = 'resolved' AND ts < datetime('now', ? || ' days')"
+    ).run(`-${retentionDays}`);
+    return result.changes;
+  }
+}