plasalid 0.3.5 → 0.4.1

package/dist/scanner/concurrency.js

@@ -0,0 +1,31 @@
+/**
+ * Run an array of async task factories with a fixed concurrency bound. Resolves
+ * to an array of results in the same order as the input tasks (regardless of
+ * completion order). Any rejection settles that slot with `undefined` and the
+ * caller is responsible for tracking failures — but since each task is wrapped
+ * in `Promise.resolve()` and pushed through `try/catch`, one task throwing
+ * never aborts the rest of the run.
+ *
+ * No new dependency. Simple worker-pool: kicks off up to `n` tasks, then each
+ * worker pulls the next index from a shared cursor until the queue is drained.
+ */
+export async function runWithConcurrency(tasks, n) {
+    const results = new Array(tasks.length);
+    const workerCount = Math.max(1, Math.min(n, tasks.length));
+    let cursor = 0;
+    async function worker() {
+        while (true) {
+            const index = cursor++;
+            if (index >= tasks.length)
+                return;
+            try {
+                results[index] = await tasks[index]();
+            }
+            catch (err) {
+                results[index] = { error: err };
+            }
+        }
+    }
+    await Promise.all(Array.from({ length: workerCount }, () => worker()));
+    return results;
+}

package/dist/scanner/decrypt_queue.d.ts

@@ -0,0 +1,57 @@
+import type Database from "libsql";
+import type { ScannedFile } from "./walker.js";
+export interface DecryptedFile {
+    path: string;
+    fileName: string;
+    relPath: string;
+    hash: string;
+    mime: string;
+    decryptedBytes: Buffer;
+    /** True if a prior scan covered this hash; only present when --force is set. */
+    replacesPriorScannedFileId?: string;
+}
+export interface SkippedFile {
+    file: ScannedFile;
+    /** id of the scanned_files row that already has this hash. */
+    existingScannedFileId: string;
+}
+export interface FailedFile {
+    file: ScannedFile;
+    error: string;
+}
+export interface DecryptQueueResult {
+    decrypted: DecryptedFile[];
+    skipped: SkippedFile[];
+    failed: FailedFile[];
+}
+export interface DecryptQueueOptions {
+    /** Re-decrypt and queue files that match a prior hash. */
+    force: boolean;
+    /** If false, never prompt for a password; treat unlock failure as failed. */
+    interactive: boolean;
+    /** Called as each file finishes (any outcome) so a spinner can update its label. */
+    onProgress?: (event: {
+        index: number;
+        total: number;
+        fileName: string;
+        outcome: "decrypted" | "skipped" | "failed";
+    }) => void;
+}
+/**
+ * Phase 1 of scan: walk every file in the queue, decrypt any that need it,
+ * and return a partition (decrypted / skipped / failed). The actual agent
+ * work in Phase 2 only sees `decrypted` — no password prompts during the
+ * parallel scan loop.
+ *
+ * Failures don't abort; the caller (CLI) confirms whether to proceed.
+ */
+export declare function decryptQueue(db: Database.Database, files: ScannedFile[], opts: DecryptQueueOptions): Promise<DecryptQueueResult>;
+/**
+ * Interactive go/no-go gate when some files failed to decrypt. Returns true
+ * if the caller should proceed with the decrypted set, false to abort the
+ * whole scan run.
+ *
+ * Returns true automatically when interactive is false (CI / non-TTY runs);
+ * the caller is expected to inspect `result.failed` and report.
+ */
+export declare function confirmProceedAfterFailures(result: DecryptQueueResult, interactive: boolean): Promise<boolean>;

package/dist/scanner/decrypt_queue.js

@@ -0,0 +1,96 @@
+import chalk from "chalk";
+import inquirer from "inquirer";
+import { readPdf } from "./pdf.js";
+import { unlockIfNeeded, persistUnlockOutcome } from "./unlock.js";
+/**
+ * Phase 1 of scan: walk every file in the queue, decrypt any that need it,
+ * and return a partition (decrypted / skipped / failed). The actual agent
+ * work in Phase 2 only sees `decrypted` — no password prompts during the
+ * parallel scan loop.
+ *
+ * Failures don't abort; the caller (CLI) confirms whether to proceed.
+ */
+export async function decryptQueue(db, files, opts) {
+    const decrypted = [];
+    const skipped = [];
+    const failed = [];
+    for (let i = 0; i < files.length; i++) {
+        const f = files[i];
+        let pdf;
+        try {
+            pdf = readPdf(f.path);
+        }
+        catch (err) {
+            failed.push({ file: f, error: `read failed: ${err.message}` });
+            opts.onProgress?.({ index: i, total: files.length, fileName: f.name, outcome: "failed" });
+            continue;
+        }
+        const existing = findScannedByHash(db, pdf.hash);
+        if (existing && !opts.force) {
+            skipped.push({ file: f, existingScannedFileId: existing.id });
+            opts.onProgress?.({ index: i, total: files.length, fileName: f.name, outcome: "skipped" });
+            continue;
+        }
+        try {
+            const unlocked = await unlockIfNeeded({
+                db,
+                filePath: f.path,
+                bytes: pdf.bytes,
+                interactive: opts.interactive,
+            });
+            persistUnlockOutcome(db, f.path, unlocked.outcome);
+            decrypted.push({
+                path: f.path,
+                fileName: f.name,
+                relPath: f.relPath,
+                hash: pdf.hash,
+                mime: pdf.mime,
+                decryptedBytes: unlocked.decrypted,
+                replacesPriorScannedFileId: existing?.id,
+            });
+            opts.onProgress?.({ index: i, total: files.length, fileName: f.name, outcome: "decrypted" });
+        }
+        catch (err) {
+            failed.push({ file: f, error: err.message ?? "unlock failed" });
+            opts.onProgress?.({ index: i, total: files.length, fileName: f.name, outcome: "failed" });
+        }
+    }
+    return { decrypted, skipped, failed };
+}
+/**
+ * Interactive go/no-go gate when some files failed to decrypt. Returns true
+ * if the caller should proceed with the decrypted set, false to abort the
+ * whole scan run.
+ *
+ * Returns true automatically when interactive is false (CI / non-TTY runs);
+ * the caller is expected to inspect `result.failed` and report.
+ */
+export async function confirmProceedAfterFailures(result, interactive) {
+    if (result.failed.length === 0)
+        return true;
+    console.log("");
+    console.log(chalk.yellow(`${result.failed.length} file(s) could not be decrypted:`));
+    for (const f of result.failed) {
+        console.log(`  ${chalk.red("✗")} ${f.file.relPath} — ${chalk.dim(f.error)}`);
+    }
+    if (result.decrypted.length === 0) {
+        console.log(chalk.red("Nothing to scan."));
+        return false;
+    }
+    if (!interactive)
+        return true;
+    const { proceed } = (await inquirer.prompt([
+        {
+            type: "confirm",
+            name: "proceed",
+            message: `Proceed scanning the ${result.decrypted.length} file(s) that decrypted successfully?`,
+            default: true,
+        },
+    ]));
+    return proceed;
+}
+function findScannedByHash(db, hash) {
+    return db
+        .prepare(`SELECT id FROM scanned_files WHERE file_hash = ?`)
+        .get(hash) ?? null;
+}

package/dist/scanner/pipeline.d.ts

@@ -1,32 +1,60 @@
+export type ScanFileStatus = "scanned" | "replaced" | "failed" | "skipped";
 export interface ScanFileResult {
-    fileId: string | null;
-    status: "scanned" | "needs_input" | "failed" | "skipped" | "replaced";
-    summary?: string;
+    name: string;
+    relPath: string;
+    status: ScanFileStatus;
+    entries: number;
+    concerns: number;
     error?: string;
-    pendingQuestions: number;
 }
-export interface ScanOptions {
-    interactive?: boolean;
-    force?: boolean;
-    onProgress?: (msg: string) => void;
-}
-export declare function scanFile(filePath: string, opts?: ScanOptions): Promise<ScanFileResult>;
 export interface ScanSummary {
     total: number;
     scanned: number;
     replaced: number;
     skipped: number;
-    needsInput: number;
     failed: number;
-    details: {
-        name: string;
-        relPath: string;
-        result: ScanFileResult;
-    }[];
+    concerns: number;
+    details: ScanFileResult[];
 }
-export interface RunScanOptions extends ScanOptions {
-    /** Optional regex (string). Partial, case-insensitive, against the relative path. */
+/** Event hooks the CLI subscribes to. All callbacks are best-effort and ignored if absent. */
+export interface ScanRunEvents {
+    decryptStart?: (count: number) => void;
+    decryptProgress?: (e: {
+        index: number;
+        total: number;
+        fileName: string;
+        outcome: "decrypted" | "skipped" | "failed";
+    }) => void;
+    decryptDone?: (e: {
+        decrypted: number;
+        skipped: number;
+        failed: number;
+    }) => void;
+    scanStart?: (e: {
+        fileName: string;
+    }) => void;
+    scanProgress?: (e: {
+        fileName: string;
+        step: string;
+    }) => void;
+    scanEnd?: (e: {
+        fileName: string;
+        status: "scanned" | "failed";
+        entries: number;
+        concerns: number;
+        error?: string;
+    }) => void;
+    correlating?: (pairs: number) => void;
+    committing?: () => void;
+}
+export interface RunScanOptions {
     regex?: string;
+    force?: boolean;
+    /** Allow interactive password prompts when a PDF is encrypted. */
+    interactive?: boolean;
+    /** Max concurrent scan agents. Default 3, hard cap 8. */
+    concurrency?: number;
+    events?: ScanRunEvents;
 }
 export declare function compileMatcher(input: string): RegExp;
 export declare function runScan(opts?: RunScanOptions): Promise<ScanSummary>;

package/dist/scanner/pipeline.js

@@ -1,64 +1,73 @@
 import { randomUUID } from "crypto";
 import { getDb } from "../db/connection.js";
+import { countOpenConcerns, } from "../db/queries/concerns.js";
+import { correlatePairs } from "../db/queries/journal.js";
 import { runScanAgent } from "../ai/agent.js";
-import { statusSpinner, makePromptUser, makeAgentOnProgress, } from "../cli/ux.js";
-import { readPdf, buildDocumentBlock } from "./pdf.js";
+import { buildDocumentBlock } from "./pdf.js";
 import { buildScanUserMessage } from "./prompts.js";
 import { scanDataDir } from "./walker.js";
-import { unlockIfNeeded, persistUnlockOutcome } from "./unlock.js";
-// ── DB helpers ──────────────────────────────────────────────────────────────
-function findScannedByHash(db, hash) {
-    return db
-        .prepare(`SELECT id FROM scanned_files WHERE file_hash = ?`)
-        .get(hash) ?? null;
-}
-function deleteScannedFile(db, id) {
-    db.prepare(`DELETE FROM scanned_files WHERE id = ?`).run(id);
-}
-function insertScannedFile(db, args) {
-    const id = `sf:${randomUUID()}`;
-    db.prepare(`INSERT INTO scanned_files (id, path, file_hash, mime, status)
-     VALUES (?, ?, ?, ?, 'pending')`).run(id, args.path, args.hash, args.mime);
-    return id;
-}
-function countPendingQuestions(db, fileId) {
-    const row = db
-        .prepare(`SELECT COUNT(*) as n FROM pending_questions WHERE file_id = ? AND resolved_at IS NULL`)
-        .get(fileId);
-    return row.n;
-}
-function setFileStatus(db, id, status, fields = {}) {
-    db.prepare(`UPDATE scanned_files
-     SET status = ?, scanned_at = datetime('now'), error = ?, raw_text = COALESCE(?, raw_text)
-     WHERE id = ?`).run(status, fields.error ?? null, fields.raw_text ?? null, id);
+import { BufferedWriteContext } from "./buffer.js";
+import { runWithConcurrency } from "./concurrency.js";
+import { decryptQueue, confirmProceedAfterFailures, } from "./decrypt_queue.js";
+export function compileMatcher(input) {
+    return new RegExp(input, "i");
 }
-// ── Per-file scan ───────────────────────────────────────────────────────────
-export async function scanFile(filePath, opts = {}) {
+// ── Orchestration ───────────────────────────────────────────────────────────
+export async function runScan(opts = {}) {
     const db = getDb();
-    const file = readPdf(filePath);
-    const existing = findScannedByHash(db, file.hash);
-    if (existing && !opts.force) {
-        return { fileId: existing.id, status: "skipped", pendingQuestions: countPendingQuestions(db, existing.id) };
-    }
-    const wasReplaced = !!existing;
-    if (existing) {
-        deleteScannedFile(db, existing.id);
-    }
-    let unlocked;
-    try {
-        unlocked = await unlockIfNeeded({
-            db,
-            filePath,
-            bytes: file.bytes,
-            interactive: opts.interactive ?? true,
-        });
-    }
-    catch (err) {
-        return { fileId: null, status: "failed", error: err.message, pendingQuestions: 0 };
+    const matcher = opts.regex ? compileMatcher(opts.regex) : null;
+    const allFiles = scanDataDir().filter(f => (matcher ? matcher.test(f.relPath) : true));
+    const concurrency = Math.min(8, Math.max(1, opts.concurrency ?? 3));
+    const interactive = opts.interactive ?? true;
+    const events = opts.events;
+    // Phase 1 — decrypt all
+    events?.decryptStart?.(allFiles.length);
+    const decryptResult = await decryptQueue(db, allFiles, {
+        force: !!opts.force,
+        interactive,
+        onProgress: events?.decryptProgress,
+    });
+    events?.decryptDone?.({
+        decrypted: decryptResult.decrypted.length,
+        skipped: decryptResult.skipped.length,
+        failed: decryptResult.failed.length,
+    });
+    const proceed = await confirmProceedAfterFailures(decryptResult, interactive);
+    if (!proceed) {
+        return buildAbortedSummary(allFiles.length, decryptResult);
     }
-    persistUnlockOutcome(db, filePath, unlocked.outcome);
-    const fileId = insertScannedFile(db, { path: filePath, hash: file.hash, mime: file.mime });
-    const block = buildDocumentBlock(unlocked.decrypted, file.fileName, file.mime);
+    // Phase 2 — parallel scan with buffered writes
+    const scanResults = await scanInParallel(db, decryptResult.decrypted, { concurrency, events });
+    // Phase 3 — cross-file correlation pre-commit
+    const pairCount = applyCrossFileCorrelations(scanResults);
+    events?.correlating?.(pairCount);
+    // Phase 4 — per-file commit
+    events?.committing?.();
+    const fileResults = commitAll(db, decryptResult, scanResults);
+    return buildSummary(allFiles.length, fileResults, decryptResult);
+}
+async function scanInParallel(db, files, opts) {
+    const tasks = files.map(f => () => scanOneFile(db, f, opts.events));
+    const settled = await runWithConcurrency(tasks, opts.concurrency);
+    // Worker errors are captured per-slot by runWithConcurrency. scanOneFile
+    // itself catches LLM errors and returns a ScanWorkResult with `error` set,
+    // so the `{error}` branch only fires for truly unexpected throws.
+    return settled.map((r, i) => {
+        if (r && typeof r === "object" && "error" in r && !("buffer" in r)) {
+            return {
+                decryptedFile: files[i],
+                buffer: new BufferedWriteContext(files[i].fileName),
+                error: String(r.error),
+                agentText: "",
+            };
+        }
+        return r;
+    });
+}
+async function scanOneFile(db, file, events) {
+    const buffer = new BufferedWriteContext(file.fileName);
+    events?.scanStart?.({ fileName: file.fileName });
+    const block = buildDocumentBlock(file.decryptedBytes, file.fileName, file.mime);
     const messages = [
         {
             role: "user",
@@ -68,70 +77,214 @@ export async function scanFile(filePath, opts = {}) {
             ],
         },
     ];
-    const spinner = statusSpinner(`Scanning ${file.fileName}...`);
-    let summary = "";
     try {
         const text = await runScanAgent({
             db,
             initialMessages: messages,
             prompt: { fileName: file.fileName },
             agentCtx: {
-                fileId,
-                interactive: opts.interactive ?? true,
-                promptUser: opts.interactive === false ? undefined : makePromptUser(spinner),
-                onComplete: (s) => { summary = s; },
+                interactive: false,
+                buffer,
             },
-            onProgress: makeAgentOnProgress(spinner, file.fileName),
+            onProgress: (event) => {
+                if (event.phase === "tool" && event.toolName) {
+                    events?.scanProgress?.({ fileName: file.fileName, step: event.toolName });
+                }
+                else if (event.phase === "responding") {
+                    events?.scanProgress?.({ fileName: file.fileName, step: "thinking" });
+                }
+            },
+        });
+        events?.scanEnd?.({
+            fileName: file.fileName,
+            status: "scanned",
+            entries: buffer.journalEntries.length,
+            concerns: buffer.concerns.length,
         });
-        const stillPending = countPendingQuestions(db, fileId);
-        if (stillPending > 0) {
-            setFileStatus(db, fileId, "needs_input", { raw_text: text });
-            spinner.info(`${file.fileName} needs input (${stillPending} pending).`);
-            return { fileId, status: "needs_input", summary: summary || text, pendingQuestions: stillPending };
+        return { decryptedFile: file, buffer, agentText: text };
+    }
+    catch (err) {
+        const message = err?.message ?? "agent error";
+        events?.scanEnd?.({
+            fileName: file.fileName,
+            status: "failed",
+            entries: 0,
+            concerns: 0,
+            error: message,
+        });
+        return { decryptedFile: file, buffer, error: message, agentText: "" };
+    }
+}
+// ── Phase 3: cross-file correlation ─────────────────────────────────────────
+/**
+ * For every pair of buffered entries that look like the same money movement
+ * across two different files, append a mirror concern to each side's buffer.
+ * Returns the number of pairs detected so the CLI can report it.
+ */
+function applyCrossFileCorrelations(results) {
+    const all = [];
+    for (const res of results) {
+        if (res.error)
+            continue;
+        for (const be of res.buffer.journalEntries) {
+            all.push({
+                file: res,
+                entryId: be.entry_id,
+                lines: be.input.lines,
+                date: be.input.date,
+                description: be.input.description,
+            });
         }
-        setFileStatus(db, fileId, "scanned", { raw_text: text });
-        spinner.succeed(`Scanned ${file.fileName}.`);
+    }
+    const candidates = all.map(e => {
+        const debit = e.lines.reduce((s, l) => s + (l.debit ?? 0), 0);
+        const currency = e.lines.find(l => l.currency)?.currency ?? "THB";
+        const ids = Array.from(new Set(e.lines.map(l => l.account_id)));
         return {
-            fileId,
-            status: wasReplaced ? "replaced" : "scanned",
-            summary: summary || text,
-            pendingQuestions: 0,
+            id: e.entryId,
+            date: e.date,
+            description: e.description,
+            amount: Math.round(debit * 100) / 100,
+            currency,
+            account_ids: ids,
+            account_names: ids,
         };
+    });
+    const pairs = correlatePairs(candidates, { toleranceDays: 3 });
+    const byEntry = new Map(all.map(a => [a.entryId, a]));
+    for (const pair of pairs) {
+        const a = byEntry.get(pair.a.id);
+        const b = byEntry.get(pair.b.id);
+        if (!a || !b)
+            continue;
+        if (a.file === b.file)
+            continue; // same-file pairs are within-statement dupes; review's own detectors will handle.
+        const amountStr = `฿${pair.amount.toLocaleString("en-US", { minimumFractionDigits: 2, maximumFractionDigits: 2 })}`;
+        a.file.buffer.appendConcern({
+            entry_id: a.entryId,
+            account_id: null,
+            prompt: `Looks like the matching half of this ${amountStr} movement on ${a.date} was also recorded in ${b.file.decryptedFile.fileName} on ${b.date}. Merge during review?`,
+            options: ["Yes — merge into one entry", "No — these are two real events", "Skip — leave as is"],
+        });
+        b.file.buffer.appendConcern({
+            entry_id: b.entryId,
+            account_id: null,
+            prompt: `Looks like the matching half of this ${amountStr} movement on ${b.date} was also recorded in ${a.file.decryptedFile.fileName} on ${a.date}. Merge during review?`,
+            options: ["Yes — merge into one entry", "No — these are two real events", "Skip — leave as is"],
+        });
     }
-    catch (err) {
-        setFileStatus(db, fileId, "failed", { error: err.message });
-        spinner.fail(`${file.fileName} failed: ${err.message}`);
-        return { fileId, status: "failed", error: err.message, pendingQuestions: countPendingQuestions(db, fileId) };
-    }
+    return pairs.filter(p => byEntry.get(p.a.id)?.file !== byEntry.get(p.b.id)?.file).length;
 }
-export function compileMatcher(input) {
-    return new RegExp(input, "i");
+// ── Phase 4: commit ─────────────────────────────────────────────────────────
+function commitAll(db, decryptResult, scanResults) {
+    const out = [];
+    // Skipped files: keep them in the summary with their existing concern count.
+    for (const skipped of decryptResult.skipped) {
+        out.push({
+            name: skipped.file.name,
+            relPath: skipped.file.relPath,
+            status: "skipped",
+            entries: 0,
+            concerns: countOpenConcerns(db, { file_id: skipped.existingScannedFileId }),
+        });
+    }
+    // Files that failed to decrypt never reached an agent.
+    for (const failed of decryptResult.failed) {
+        out.push({
+            name: failed.file.name,
+            relPath: failed.file.relPath,
+            status: "failed",
+            entries: 0,
+            concerns: 0,
+            error: failed.error,
+        });
+    }
+    // Scanned files: per-file transaction. Replaces prior records when needed.
+    for (const res of scanResults) {
+        const { decryptedFile, buffer, error, agentText } = res;
+        if (error) {
+            out.push({
+                name: decryptedFile.fileName,
+                relPath: decryptedFile.relPath,
+                status: "failed",
+                entries: 0,
+                concerns: buffer.concerns.length,
+                error,
+            });
+            continue;
+        }
+        try {
+            if (decryptedFile.replacesPriorScannedFileId) {
+                deleteScannedFile(db, decryptedFile.replacesPriorScannedFileId);
+            }
+            const scannedFileId = insertScannedFile(db, {
+                path: decryptedFile.path,
+                hash: decryptedFile.hash,
+                mime: decryptedFile.mime,
+            });
+            const counts = buffer.commit(db, scannedFileId);
+            setFileStatus(db, scannedFileId, "scanned", { raw_text: agentText });
+            out.push({
+                name: decryptedFile.fileName,
+                relPath: decryptedFile.relPath,
+                status: decryptedFile.replacesPriorScannedFileId ? "replaced" : "scanned",
+                entries: counts.entries,
+                concerns: counts.concerns,
+            });
+        }
+        catch (err) {
+            out.push({
+                name: decryptedFile.fileName,
+                relPath: decryptedFile.relPath,
+                status: "failed",
+                entries: 0,
+                concerns: buffer.concerns.length,
+                error: err?.message ?? "commit failed",
+            });
+        }
+    }
+    return out;
 }
-export async function runScan(opts = {}) {
-    const matcher = opts.regex ? compileMatcher(opts.regex) : null;
-    const files = scanDataDir().filter(f => (matcher ? matcher.test(f.relPath) : true));
+// ── Summary assembly ────────────────────────────────────────────────────────
+function buildSummary(total, details, _decrypt) {
     const summary = {
-        total: files.length,
+        total,
         scanned: 0,
         replaced: 0,
         skipped: 0,
-        needsInput: 0,
         failed: 0,
-        details: [],
+        concerns: 0,
+        details,
     };
-    for (const f of files) {
-        const result = await scanFile(f.path, opts);
-        summary.details.push({ name: f.name, relPath: f.relPath, result });
-        if (result.status === "scanned")
-            summary.scanned++;
-        else if (result.status === "replaced")
-            summary.replaced++;
-        else if (result.status === "skipped")
-            summary.skipped++;
-        else if (result.status === "needs_input")
-            summary.needsInput++;
-        else if (result.status === "failed")
-            summary.failed++;
+    for (const d of details) {
+        summary[d.status]++;
+        summary.concerns += d.concerns;
     }
     return summary;
 }
+function buildAbortedSummary(total, decrypt) {
+    const details = [
+        ...decrypt.skipped.map(s => ({
+            name: s.file.name, relPath: s.file.relPath, status: "skipped", entries: 0, concerns: 0,
+        })),
+        ...decrypt.failed.map(f => ({
+            name: f.file.name, relPath: f.file.relPath, status: "failed", entries: 0, concerns: 0, error: f.error,
+        })),
+    ];
+    return buildSummary(total, details, decrypt);
+}
+// ── Low-level DB helpers ────────────────────────────────────────────────────
+function deleteScannedFile(db, id) {
+    db.prepare(`DELETE FROM scanned_files WHERE id = ?`).run(id);
+}
+function insertScannedFile(db, args) {
+    const id = `sf:${randomUUID()}`;
+    db.prepare(`INSERT INTO scanned_files (id, path, file_hash, mime, status)
+     VALUES (?, ?, ?, ?, 'pending')`).run(id, args.path, args.hash, args.mime);
+    return id;
+}
+function setFileStatus(db, id, status, fields = {}) {
+    db.prepare(`UPDATE scanned_files
+     SET status = ?, scanned_at = datetime('now'), error = ?, raw_text = COALESCE(?, raw_text)
+     WHERE id = ?`).run(status, fields.error ?? null, fields.raw_text ?? null, id);
+}

package/dist/scanner/prompts.js

@@ -14,7 +14,7 @@ export function buildScanUserMessage(opts) {
         `3. If this document references an account that isn't yet in the chart, call create_account once. Mask the account number to the last 4 digits.`,
         `4. Persist any document-level metadata you find (statement_day, due_day, points_balance, etc.) using update_account_metadata.`,
         `5. For every transaction in the document, call record_journal_entry with balanced debit/credit lines. Use existing accounts where possible; create expense/income accounts as needed.`,
-        `6. If a row is ambiguous, call ask_user before guessing.`,
+        `6. Never pause to ask the user. If a row is ambiguous, post your best-guess entry first, then call note_concern with details and the new entry_id. If a row is truly unparseable, skip it and call note_concern with the raw row text (no entry_id). A missing row is better than a wrong row.`,
         `7. When you are done, call mark_file_scanned with a short summary.`,
     ].join("\n");
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "plasalid",
-  "version": "0.3.5",
+  "version": "0.4.1",
   "description": "A local-first AI that reads every line of your transactions and coaches you the best move.",
   "keywords": [
     "finance",