trekoon 0.3.5 → 0.3.7

package/src/sync/service.ts

@@ -3,7 +3,7 @@ import { randomUUID } from "node:crypto";
 import { type Database } from "bun:sqlite";
 
 import { openTrekoonDatabase, writeTransaction } from "../storage/database";
-import { countBranchEventsSince, queryBranchEventsSince } from "./branch-db";
+import { countBranchEventsSince, queryBranchEventsSinceBatch } from "./branch-db";
 import { nextEventTimestamp } from "./event-writes";
 import { persistGitContext, resolveGitContext } from "./git-context";
 import { DomainError } from "../domain/types";
@@ -24,11 +24,23 @@ import {
 
 const SYNC_ALLOWED_FIELDS: Readonly<Record<string, readonly string[]>> = {
   epics: ["title", "description", "status"],
-  tasks: ["epic_id", "title", "description", "status"],
-  subtasks: ["task_id", "title", "description", "status"],
+  tasks: ["epic_id", "title", "description", "status", "owner"],
+  subtasks: ["task_id", "title", "description", "status", "owner"],
   dependencies: ["source_id", "source_kind", "depends_on_id", "depends_on_kind"],
 };
 
+function isSyncNullableStringField(tableName: string, fieldName: string): boolean {
+  return (tableName === "tasks" || tableName === "subtasks") && fieldName === "owner";
+}
+
+function isSyncFieldValueSupported(tableName: string, fieldName: string, value: unknown): boolean {
+  if (typeof value === "string") {
+    return true;
+  }
+
+  return value === null && isSyncNullableStringField(tableName, fieldName);
+}
+
 function isCursorStale(db: Database, cursorToken: string, sourceBranch: string): boolean {
   if (cursorToken === "0:") {
     return false;
@@ -106,6 +118,14 @@ interface ConflictRow {
   readonly updated_at: number;
 }
 
+interface ResolutionEventPayload {
+  readonly conflict_id?: string;
+  readonly source_event_id?: string;
+  readonly field: string;
+  readonly resolution: string;
+  readonly value?: string | null;
+}
+
 interface ResolutionWriteContext {
   readonly branchName: string | null;
   readonly headSha: string | null;
@@ -120,6 +140,27 @@ interface EventPayload {
   readonly fields: Record<string, unknown>;
 }
 
+interface DeleteCascadeResolutionRow {
+  readonly id: string;
+  readonly source_id: string;
+  readonly depends_on_id: string;
+}
+
+interface ConflictOrderRow {
+  readonly id: string;
+}
+
+interface LocalEntityEventRow {
+  readonly payload: string;
+  readonly created_at: number;
+  readonly id: string;
+}
+
+const SYNC_PULL_BATCH_SIZE = 250;
+const CONFLICT_HISTORY_SCAN_BATCH_SIZE = 250;
+const RESOLVE_ALL_CHUNK_SIZE = 200;
+const DELETE_CONFLICT_DEPENDENCY_SCAN_CHUNK_SIZE = 400;
+
 interface PayloadValidation {
   readonly ok: boolean;
   readonly fields: Record<string, unknown>;
@@ -130,6 +171,15 @@ function isObjectRecord(value: unknown): value is Record<string, unknown> {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 
+function parseJsonObject(rawPayload: string): Record<string, unknown> | null {
+  try {
+    const parsed: unknown = JSON.parse(rawPayload);
+    return isObjectRecord(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
+
 function parsePayload(rawPayload: string): PayloadValidation {
   try {
     const parsed: unknown = JSON.parse(rawPayload);
@@ -331,7 +381,7 @@ function currentEntityFieldValue(db: Database, entityKind: string, entityId: str
   }
 
   const row = db.query(`SELECT ${fieldName} AS value FROM ${tableName} WHERE id = ? LIMIT 1;`).get(entityId) as
-    | { value: string }
+    | { value: string | null }
     | null;
 
   return row?.value;
@@ -349,46 +399,68 @@ function entityFieldConflict(
     return null;
   }
 
-  // Note: loads all matching events into memory. For entities with very large
-  // event histories, consider a cursor-based scan. The idx_events_entity index
-  // keeps the scan narrow by (entity_kind, entity_id).
-  const rows = localDb
+  let beforeCreatedAt = Number.MAX_SAFE_INTEGER;
+  let beforeId = "\uffff";
+
+  while (true) {
+    const rows = localDb
     .query(
       `
-      SELECT payload, git_branch
+      SELECT payload, created_at, id
       FROM events
-      WHERE entity_kind = ? AND entity_id = ? AND git_branch != ?
+      WHERE entity_kind = ?
+        AND entity_id = ?
+        AND (git_branch IS NULL OR git_branch != ?)
+        AND (
+          created_at < ?
+          OR (created_at = ? AND id < ?)
+        )
       ORDER BY created_at DESC, id DESC
-      LIMIT 500;
+      LIMIT ?;
 `,
     )
-    .all(event.entity_kind, event.entity_id, sourceBranch) as Array<{ payload: string; git_branch: string | null }>;
+      .all(
+        event.entity_kind,
+        event.entity_id,
+        sourceBranch,
+        beforeCreatedAt,
+        beforeCreatedAt,
+        beforeId,
+        CONFLICT_HISTORY_SCAN_BATCH_SIZE,
+      ) as LocalEntityEventRow[];
 
-  for (const row of rows) {
-    const payloadValidation = parsePayload(row.payload);
-    if (!payloadValidation.ok) {
-      continue;
+    if (rows.length === 0) {
+      return null;
     }
 
-    const payload: EventPayload = { fields: payloadValidation.fields };
-    const localValue: unknown = readFieldValue(payload, fieldName);
+    for (const row of rows) {
+      const payloadValidation = parsePayload(row.payload);
+      if (!payloadValidation.ok) {
+        continue;
+      }
 
-    if (typeof localValue === "undefined") {
-      continue;
-    }
+      const payload: EventPayload = { fields: payloadValidation.fields };
+      const localValue: unknown = readFieldValue(payload, fieldName);
 
-    const oursValue = serializeValue(localValue);
-    const theirsValue = serializeValue(incomingValue);
+      if (typeof localValue === "undefined") {
+        continue;
+      }
 
-    if (oursValue !== theirsValue) {
-      return {
-        oursValue,
-        theirsValue,
-      };
+      const oursValue = serializeValue(localValue);
+      const theirsValue = serializeValue(incomingValue);
+
+      if (oursValue !== theirsValue) {
+        return {
+          oursValue,
+          theirsValue,
+        };
+      }
     }
-  }
 
-  return null;
+    const lastRow = rows.at(-1)!;
+    beforeCreatedAt = lastRow.created_at;
+    beforeId = lastRow.id;
+  }
 }
 
 function createConflict(
@@ -400,6 +472,45 @@ function createConflict(
   resolution: string = "pending",
 ): void {
   const now: number = Date.now();
+  const existing = db
+    .query(
+      `
+      SELECT id, resolution, ours_value, theirs_value
+      FROM sync_conflicts
+      WHERE event_id = ? AND entity_kind = ? AND entity_id = ? AND field_name = ?
+      ORDER BY CASE WHEN resolution = 'pending' THEN 0 ELSE 1 END, created_at ASC, id ASC
+      LIMIT 1;
+      `,
+    )
+    .get(event.id, event.entity_kind, event.entity_id, fieldName) as
+    | { id: string; resolution: string; ours_value: string | null; theirs_value: string | null }
+    | null;
+
+  if (existing) {
+    const nextResolution = existing.resolution === "pending" ? resolution : existing.resolution;
+    const unchanged =
+      existing.ours_value === oursValue &&
+      existing.theirs_value === theirsValue &&
+      existing.resolution === nextResolution;
+
+    if (unchanged) {
+      return;
+    }
+
+    db.query(
+      `
+      UPDATE sync_conflicts
+      SET ours_value = ?,
+          theirs_value = ?,
+          resolution = ?,
+          updated_at = ?,
+          version = version + 1
+      WHERE id = ?;
+      `,
+    ).run(oursValue, theirsValue, nextResolution, now, existing.id);
+    return;
+  }
+
   db.query(
     `
     INSERT INTO sync_conflicts (
@@ -419,15 +530,227 @@ function createConflict(
   ).run(randomUUID(), event.id, event.entity_kind, event.entity_id, fieldName, oursValue, theirsValue, resolution, now, now);
 }
 
+function findConflictForResolutionEvent(
+  db: Database,
+  event: StoredEvent,
+  payload: ResolutionEventPayload,
+): ConflictRow | null {
+  if (typeof payload.source_event_id === "string" && payload.source_event_id.length > 0) {
+    const bySourceEvent = db
+      .query(
+        `
+        SELECT id, event_id, entity_kind, entity_id, field_name, ours_value, theirs_value, resolution, created_at, updated_at
+        FROM sync_conflicts
+        WHERE event_id = ?
+          AND entity_kind = ?
+          AND entity_id = ?
+          AND field_name = ?
+        ORDER BY CASE WHEN resolution = 'pending' THEN 0 ELSE 1 END, created_at ASC, id ASC
+        LIMIT 1;
+        `,
+      )
+      .get(payload.source_event_id, event.entity_kind, event.entity_id, payload.field) as ConflictRow | null;
+
+    if (bySourceEvent) {
+      return bySourceEvent;
+    }
+  }
+
+  if (typeof payload.conflict_id !== "string" || payload.conflict_id.length === 0) {
+    return null;
+  }
+
+  return db
+    .query(
+      `
+      SELECT id, event_id, entity_kind, entity_id, field_name, ours_value, theirs_value, resolution, created_at, updated_at
+      FROM sync_conflicts
+      WHERE id = ?
+        AND entity_kind = ?
+        AND entity_id = ?
+        AND field_name = ?
+      LIMIT 1;
+      `,
+    )
+    .get(payload.conflict_id, event.entity_kind, event.entity_id, payload.field) as ConflictRow | null;
+}
+
+function removeDependenciesTouchingNode(db: Database, nodeId: string): void {
+  db.query("DELETE FROM dependencies WHERE source_id = ? OR depends_on_id = ?;").run(nodeId, nodeId);
+}
+
+function removeTaskSubtree(db: Database, taskId: string): void {
+  const subtasks = db
+    .query("SELECT id FROM subtasks WHERE task_id = ? ORDER BY created_at ASC, id ASC;")
+    .all(taskId) as Array<{ id: string }>;
+
+  for (const subtask of subtasks) {
+    removeDependenciesTouchingNode(db, subtask.id);
+  }
+
+  db.query("DELETE FROM subtasks WHERE task_id = ?;").run(taskId);
+  removeDependenciesTouchingNode(db, taskId);
+}
+
+function applyPendingDeleteCascadeResolution(db: Database, conflict: ConflictRow): void {
+  const rows = db
+    .query(
+      `
+      SELECT e.id, json_extract(e.payload, '$.fields.source_id') AS source_id, json_extract(e.payload, '$.fields.depends_on_id') AS depends_on_id
+      FROM events e
+      WHERE e.operation = 'dependency.removed'
+        AND json_extract(e.payload, '$.fields.source_event_id') = ?
+      ORDER BY e.created_at ASC, e.id ASC;
+      `,
+    )
+    .all(conflict.event_id) as DeleteCascadeResolutionRow[];
+
+  for (const row of rows) {
+    if (typeof row.source_id !== "string" || typeof row.depends_on_id !== "string") {
+      continue;
+    }
+
+    db.query("DELETE FROM dependencies WHERE source_id = ? AND depends_on_id = ?;").run(row.source_id, row.depends_on_id);
+  }
+}
+
+function applyConflictTheirsResolution(db: Database, conflict: ConflictRow): void {
+  if (conflict.field_name === "__delete__") {
+    if (conflict.entity_kind === "task") {
+      removeTaskSubtree(db, conflict.entity_id);
+    } else if (conflict.entity_kind === "subtask") {
+      removeDependenciesTouchingNode(db, conflict.entity_id);
+    }
+    applyPendingDeleteCascadeResolution(db, conflict);
+    deleteSingleEntity(db, conflict.entity_kind, conflict.entity_id, { allowMissing: true });
+    return;
+  }
+
+  updateSingleField(db, conflict.entity_kind, conflict.entity_id, conflict.field_name, parseConflictValue(conflict.theirs_value), {
+    allowMissing: true,
+  });
+}
+
+function applyIncomingResolutionEvent(db: Database, event: StoredEvent): boolean {
+  const parsed = parseJsonObject(event.payload);
+  if (!parsed) {
+    return false;
+  }
+
+  const resolutionPayload = parsed as unknown as ResolutionEventPayload;
+  const fieldName = resolutionPayload.field;
+  const resolution = resolutionPayload.resolution;
+
+  if (
+    typeof fieldName !== "string" ||
+    (resolution !== "ours" && resolution !== "theirs")
+  ) {
+    return false;
+  }
+
+  const conflict = findConflictForResolutionEvent(db, event, resolutionPayload);
+  if (!conflict) {
+    return false;
+  }
+
+  if (conflict.resolution === "pending" && resolution === "theirs") {
+    applyConflictTheirsResolution(db, conflict);
+  }
+
+  const now = nextEventTimestamp(db);
+  const updated = db
+    .query(
+      `
+      UPDATE sync_conflicts
+      SET resolution = CASE WHEN resolution = 'pending' THEN @resolution ELSE resolution END,
+          updated_at = CASE WHEN resolution = 'pending' THEN @now ELSE updated_at END,
+          version = CASE WHEN resolution = 'pending' THEN version + 1 ELSE version END
+      WHERE id = @conflictId
+        AND entity_kind = @entityKind
+        AND entity_id = @entityId
+        AND field_name = @fieldName;
+      `,
+    )
+      .run({
+        "@resolution": resolution,
+        "@now": now,
+        "@conflictId": conflict.id,
+        "@entityKind": event.entity_kind,
+        "@entityId": event.entity_id,
+        "@fieldName": fieldName,
+    });
+
+  return updated.changes > 0;
+}
+
 function hasLocalEntityEdits(db: Database, entityKind: string, entityId: string, sourceBranch: string): boolean {
   const row = db
     .query(
-      `SELECT 1 FROM events WHERE entity_kind = ? AND entity_id = ? AND git_branch != ? LIMIT 1;`,
+      `SELECT 1 FROM events WHERE entity_kind = ? AND entity_id = ? AND (git_branch IS NULL OR git_branch != ?) LIMIT 1;`,
     )
     .get(entityKind, entityId, sourceBranch);
   return row !== null;
 }
 
+function hasLocalDependencyEditsTouchingNodes(db: Database, nodeIds: readonly string[], sourceBranch: string): boolean {
+  if (nodeIds.length === 0) {
+    return false;
+  }
+
+  for (let offset = 0; offset < nodeIds.length; offset += DELETE_CONFLICT_DEPENDENCY_SCAN_CHUNK_SIZE) {
+    const chunk = nodeIds.slice(offset, offset + DELETE_CONFLICT_DEPENDENCY_SCAN_CHUNK_SIZE);
+    const placeholders = chunk.map(() => "?").join(", ");
+    const row = db
+      .query(
+        `
+        SELECT 1
+        FROM events
+        WHERE entity_kind = 'dependency'
+          AND (git_branch IS NULL OR git_branch != ?)
+          AND (
+            json_extract(payload, '$.fields.source_id') IN (${placeholders})
+            OR json_extract(payload, '$.fields.depends_on_id') IN (${placeholders})
+          )
+        LIMIT 1;
+        `,
+      )
+      .get(sourceBranch, ...chunk, ...chunk);
+
+    if (row !== null) {
+      return true;
+    }
+  }
+
+  return false;
+}
+
+function hasLocalDeleteCascadeEdits(db: Database, event: StoredEvent, sourceBranch: string): boolean {
+  if (hasLocalEntityEdits(db, event.entity_kind, event.entity_id, sourceBranch)) {
+    return true;
+  }
+
+  if (event.entity_kind === "subtask") {
+    return hasLocalDependencyEditsTouchingNodes(db, [event.entity_id], sourceBranch);
+  }
+
+  if (event.entity_kind !== "task") {
+    return false;
+  }
+
+  const subtaskRows = db
+    .query("SELECT id FROM subtasks WHERE task_id = ? ORDER BY created_at ASC, id ASC;")
+    .all(event.entity_id) as Array<{ id: string }>;
+  const subtaskIds = subtaskRows.map((row) => row.id);
+
+  for (const subtaskId of subtaskIds) {
+    if (hasLocalEntityEdits(db, "subtask", subtaskId, sourceBranch)) {
+      return true;
+    }
+  }
+
+  return hasLocalDependencyEditsTouchingNodes(db, [event.entity_id, ...subtaskIds], sourceBranch);
+}
+
 function rowExists(db: Database, tableName: string, id: string): boolean {
   const row = db.query(`SELECT id FROM ${tableName} WHERE id = ? LIMIT 1;`).get(id) as { id: string } | null;
   return row !== null;
@@ -495,19 +818,21 @@ function applyCreate(db: Database, event: StoredEvent, fields: Record<string, un
     }
 
     const description = typeof fields.description === "string" ? fields.description : "";
+    const owner = isSyncFieldValueSupported(tableName, "owner", fields.owner) ? (fields.owner as string | null) : null;
     db.query(
       `
-      INSERT INTO tasks (id, epic_id, title, description, status, created_at, updated_at, version)
-      VALUES (?, ?, ?, ?, ?, ?, ?, 1)
+      INSERT INTO tasks (id, epic_id, title, description, status, owner, created_at, updated_at, version)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)
       ON CONFLICT(id) DO UPDATE SET
         epic_id = excluded.epic_id,
         title = excluded.title,
         description = excluded.description,
         status = excluded.status,
+        owner = excluded.owner,
         updated_at = excluded.updated_at,
         version = tasks.version + 1;
       `,
-    ).run(event.entity_id, epicId, title, description, status, now, now);
+    ).run(event.entity_id, epicId, title, description, status, owner, now, now);
 
     return true;
   }
@@ -521,19 +846,21 @@ function applyCreate(db: Database, event: StoredEvent, fields: Record<string, un
     }
 
     const description = typeof fields.description === "string" ? fields.description : "";
+    const owner = isSyncFieldValueSupported(tableName, "owner", fields.owner) ? (fields.owner as string | null) : null;
     db.query(
       `
-      INSERT INTO subtasks (id, task_id, title, description, status, created_at, updated_at, version)
-      VALUES (?, ?, ?, ?, ?, ?, ?, 1)
+      INSERT INTO subtasks (id, task_id, title, description, status, owner, created_at, updated_at, version)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)
       ON CONFLICT(id) DO UPDATE SET
         task_id = excluded.task_id,
         title = excluded.title,
         description = excluded.description,
         status = excluded.status,
+        owner = excluded.owner,
         updated_at = excluded.updated_at,
         version = subtasks.version + 1;
       `,
-    ).run(event.entity_id, taskId, title, description, status, now, now);
+    ).run(event.entity_id, taskId, title, description, status, owner, now, now);
 
     return true;
   }
@@ -586,7 +913,9 @@ function applyUpdatePatch(db: Database, event: StoredEvent, fields: Record<strin
   }
 
   const allowed = new Set(SYNC_ALLOWED_FIELDS[tableName] ?? []);
-  const entries = Object.entries(fields).filter(([fieldName, value]) => allowed.has(fieldName) && typeof value === "string");
+  const entries = Object.entries(fields).filter(([fieldName, value]) =>
+    allowed.has(fieldName) && isSyncFieldValueSupported(tableName, fieldName, value)
+  );
 
   if (entries.length === 0) {
     return false;
@@ -608,7 +937,7 @@ function applyUpdatePatch(db: Database, event: StoredEvent, fields: Record<strin
 
   const now = Date.now();
   const setClause = entries.map(([field]) => `${field} = ?`).join(", ");
-  const values = entries.map(([, value]) => value as string);
+  const values = entries.map(([, value]) => value as string | null);
 
   db.query(`UPDATE ${tableName} SET ${setClause}, updated_at = ?, version = version + 1 WHERE id = ?;`).run(
     ...values,
@@ -636,10 +965,52 @@ function applyDelete(db: Database, event: StoredEvent, fields: Record<string, un
     return true;
   }
 
+  if (event.entity_kind === "task") {
+    removeTaskSubtree(db, event.entity_id);
+  } else if (event.entity_kind === "subtask") {
+    removeDependenciesTouchingNode(db, event.entity_id);
+  }
+
   db.query(`DELETE FROM ${tableName} WHERE id = ?;`).run(event.entity_id);
   return true;
 }
 
+function hasPendingDeleteConflict(db: Database, sourceEventId: string): boolean {
+  const row = db
+    .query(
+      `
+      SELECT 1
+      FROM sync_conflicts
+      WHERE event_id = ?
+        AND field_name = '__delete__'
+        AND resolution = 'pending'
+      LIMIT 1;
+      `,
+    )
+    .get(sourceEventId);
+
+  return row !== null;
+}
+
+function pendingDeleteConflictSourceEventId(fields: Record<string, unknown>): string | null {
+  const sourceEventId = fields.source_event_id;
+  return typeof sourceEventId === "string" && sourceEventId.length > 0 ? sourceEventId : null;
+}
+
+function shouldWithholdDeleteCascadeEvent(db: Database, event: StoredEvent, fields: Record<string, unknown>): boolean {
+  const sourceEventId = pendingDeleteConflictSourceEventId(fields);
+  if (!sourceEventId) {
+    return false;
+  }
+
+  const isDeleteCascadeEvent = event.operation === "dependency.removed" || event.operation === "subtask.deleted";
+  if (!isDeleteCascadeEvent) {
+    return false;
+  }
+
+  return hasPendingDeleteConflict(db, sourceEventId);
+}
+
 function applyEntityFields(db: Database, event: StoredEvent, fields: Record<string, unknown>): boolean {
   if (event.operation.endsWith(".deleted") || event.operation === "dependency.removed") {
     return applyDelete(db, event, fields);
@@ -750,19 +1121,34 @@ export function syncPull(cwd: string, sourceBranch: string): PullSummary {
     const cursor = loadCursor(storage.db, git.worktreePath, sourceBranch);
     const cursorToken = cursor?.cursor_token ?? "0:";
     const staleCursor: boolean = cursor !== null && isCursorStale(storage.db, cursorToken, sourceBranch);
-    const incomingEvents: StoredEvent[] = queryBranchEventsSince(storage.db, sourceBranch, cursorToken) as StoredEvent[];
 
     // Same-branch fast path: skip conflict detection when already on sourceBranch.
     // Null branchName (detached HEAD) falls through to the normal path.
     if (git.branchName !== null && git.branchName === sourceBranch) {
       let lastToken: string | null = null;
       let lastEventAt: number | null = cursor?.last_event_at ?? null;
+      let scannedEvents = 0;
 
       writeTransaction(storage.db, (): void => {
-        for (const incoming of incomingEvents) {
-          storeEvent(storage.db, incoming);
-          lastToken = cursorTokenFromEvent(incoming);
-          lastEventAt = incoming.created_at;
+        while (true) {
+          const incomingEvents = queryBranchEventsSinceBatch(
+            storage.db,
+            sourceBranch,
+            lastToken ?? cursorToken,
+            SYNC_PULL_BATCH_SIZE,
+          ) as StoredEvent[];
+
+          if (incomingEvents.length === 0) {
+            break;
+          }
+
+          scannedEvents += incomingEvents.length;
+
+          for (const incoming of incomingEvents) {
+            storeEvent(storage.db, incoming);
+            lastToken = cursorTokenFromEvent(incoming);
+            lastEventAt = incoming.created_at;
+          }
         }
 
         if (lastToken) {
@@ -772,7 +1158,7 @@ export function syncPull(cwd: string, sourceBranch: string): PullSummary {
 
       return {
         sourceBranch,
-        scannedEvents: incomingEvents.length,
+        scannedEvents,
         appliedEvents: 0,
         createdConflicts: 0,
         cursorToken: lastToken,
@@ -798,85 +1184,115 @@ export function syncPull(cwd: string, sourceBranch: string): PullSummary {
     let conflictEvents = 0;
     let lastToken: string | null = null;
     let lastEventAt: number | null = cursor?.last_event_at ?? null;
+    let scannedEvents = 0;
 
     writeTransaction(storage.db, (): void => {
-      for (const incoming of incomingEvents) {
-        const payloadValidation = parsePayload(incoming.payload);
-
-        if (!payloadValidation.ok) {
-          malformedPayloadEvents += 1;
-          quarantinedEvents += 1;
-          createConflict(
-            storage.db,
-            incoming,
-            "__payload__",
-            null,
-            payloadValidation.reason ?? "Invalid payload",
-            "invalid",
-          );
-          createdConflicts += 1;
-          storeEvent(storage.db, incoming);
-          lastToken = cursorTokenFromEvent(incoming);
-          lastEventAt = incoming.created_at;
-          continue;
+      while (true) {
+        const incomingEvents = queryBranchEventsSinceBatch(
+          storage.db,
+          sourceBranch,
+          lastToken ?? cursorToken,
+          SYNC_PULL_BATCH_SIZE,
+        ) as StoredEvent[];
+
+        if (incomingEvents.length === 0) {
+          break;
         }
 
-        const payload: EventPayload = { fields: payloadValidation.fields };
-
-        const isDeleteWithLocalEdits =
-          incoming.operation.endsWith(".deleted") &&
-          hasLocalEntityEdits(storage.db, incoming.entity_kind, incoming.entity_id, sourceBranch);
-        if (isDeleteWithLocalEdits) {
-          // Note: dependency.removed is intentionally excluded — dependencies are
-          // edges (not entities with local edit history), so conflict detection
-          // does not apply to them.
-          createConflict(storage.db, incoming, "__delete__", null, "Entity deleted on source branch");
-          createdConflicts += 1;
-          conflictEvents += 1;
-          storeEvent(storage.db, incoming);
-          lastToken = cursorTokenFromEvent(incoming);
-          lastEventAt = incoming.created_at;
-          continue;
-        }
+        scannedEvents += incomingEvents.length;
 
-        const fieldsToApply: Record<string, unknown> = {};
-        let withheldConflictCount = 0;
+        for (const incoming of incomingEvents) {
+          if (incoming.operation === "resolve_conflict") {
+            if (applyIncomingResolutionEvent(storage.db, incoming)) {
+              appliedEvents += 1;
+            }
+            storeEvent(storage.db, incoming);
+            lastToken = cursorTokenFromEvent(incoming);
+            lastEventAt = incoming.created_at;
+            continue;
+          }
 
-        for (const [fieldName, value] of Object.entries(payload.fields)) {
-          const conflict = entityFieldConflict(storage.db, sourceBranch, incoming, fieldName, value);
+          const payloadValidation = parsePayload(incoming.payload);
+
+          if (!payloadValidation.ok) {
+            malformedPayloadEvents += 1;
+            quarantinedEvents += 1;
+            createConflict(
+              storage.db,
+              incoming,
+              "__payload__",
+              null,
+              payloadValidation.reason ?? "Invalid payload",
+              "invalid",
+            );
+            createdConflicts += 1;
+            storeEvent(storage.db, incoming);
+            lastToken = cursorTokenFromEvent(incoming);
+            lastEventAt = incoming.created_at;
+            continue;
+          }
 
-          if (conflict) {
-            withheldConflictCount += 1;
-            conflictEvents += 1;
-            createConflict(storage.db, incoming, fieldName, conflict.oursValue, conflict.theirsValue);
+          const payload: EventPayload = { fields: payloadValidation.fields };
+
+          if (shouldWithholdDeleteCascadeEvent(storage.db, incoming, payload.fields)) {
+            storeEvent(storage.db, incoming);
+            lastToken = cursorTokenFromEvent(incoming);
+            lastEventAt = incoming.created_at;
+            continue;
+          }
+
+          const isDeleteWithLocalEdits =
+            incoming.operation.endsWith(".deleted") &&
+            hasLocalDeleteCascadeEdits(storage.db, incoming, sourceBranch);
+          if (isDeleteWithLocalEdits) {
+            createConflict(storage.db, incoming, "__delete__", null, "Entity deleted on source branch");
             createdConflicts += 1;
+            conflictEvents += 1;
+            storeEvent(storage.db, incoming);
+            lastToken = cursorTokenFromEvent(incoming);
+            lastEventAt = incoming.created_at;
             continue;
           }
 
-          fieldsToApply[fieldName] = value;
-        }
+          const fieldsToApply: Record<string, unknown> = {};
+          let withheldConflictCount = 0;
 
-        if (applyEntityFields(storage.db, incoming, fieldsToApply)) {
-          appliedEvents += 1;
-        } else if (applyReplayedCreateWithConflicts(storage.db, incoming, fieldsToApply, withheldConflictCount)) {
-          appliedEvents += 1;
-        } else if (incoming.operation !== "resolve_conflict") {
-          applyRejectedEvents += 1;
-          quarantinedEvents += 1;
-          createConflict(
-            storage.db,
-            incoming,
-            "__apply__",
-            null,
-            `Rejected event ${incoming.operation} for ${incoming.entity_kind}`,
-            "invalid",
-          );
-          createdConflicts += 1;
-        }
+          for (const [fieldName, value] of Object.entries(payload.fields)) {
+            const conflict = entityFieldConflict(storage.db, sourceBranch, incoming, fieldName, value);
+
+            if (conflict) {
+              withheldConflictCount += 1;
+              conflictEvents += 1;
+              createConflict(storage.db, incoming, fieldName, conflict.oursValue, conflict.theirsValue);
+              createdConflicts += 1;
+              continue;
+            }
 
-        storeEvent(storage.db, incoming);
-        lastToken = cursorTokenFromEvent(incoming);
-        lastEventAt = incoming.created_at;
+            fieldsToApply[fieldName] = value;
+          }
+
+          if (applyEntityFields(storage.db, incoming, fieldsToApply)) {
+            appliedEvents += 1;
+          } else if (applyReplayedCreateWithConflicts(storage.db, incoming, fieldsToApply, withheldConflictCount)) {
+            appliedEvents += 1;
+          } else {
+            applyRejectedEvents += 1;
+            quarantinedEvents += 1;
+            createConflict(
+              storage.db,
+              incoming,
+              "__apply__",
+              null,
+              `Rejected event ${incoming.operation} for ${incoming.entity_kind}`,
+              "invalid",
+            );
+            createdConflicts += 1;
+          }
+
+          storeEvent(storage.db, incoming);
+          lastToken = cursorTokenFromEvent(incoming);
+          lastEventAt = incoming.created_at;
+        }
       }
 
       if (lastToken) {
@@ -895,7 +1311,7 @@ export function syncPull(cwd: string, sourceBranch: string): PullSummary {
 
     return {
       sourceBranch,
-      scannedEvents: incomingEvents.length,
+      scannedEvents,
       appliedEvents,
       createdConflicts,
       cursorToken: lastToken,
@@ -926,7 +1342,14 @@ function parseConflictValue(value: string | null): unknown {
   }
 }
 
-function updateSingleField(db: Database, entityKind: string, entityId: string, fieldName: string, value: unknown): void {
+function updateSingleField(
+  db: Database,
+  entityKind: string,
+  entityId: string,
+  fieldName: string,
+  value: unknown,
+  options: { allowMissing?: boolean } = {},
+): void {
   const tableName = tableForEntityKind(entityKind);
   if (!tableName) {
     throw new DomainError({
@@ -946,11 +1369,12 @@ function updateSingleField(db: Database, entityKind: string, entityId: string, f
   }
 
   const now: number = Date.now();
+  const normalizedValue = typeof value === "string" || value === null ? value : JSON.stringify(value);
   const result = db
     .query(`UPDATE ${tableName} SET ${fieldName} = ?, updated_at = ?, version = version + 1 WHERE id = ?;`)
-    .run(typeof value === "string" ? value : JSON.stringify(value), now, entityId);
+    .run(normalizedValue, now, entityId);
 
-  if (result.changes === 0) {
+  if (result.changes === 0 && !options.allowMissing) {
     throw new DomainError({
       code: "row_not_found",
       message: `No row updated: entity '${entityKind}' with id '${entityId}' not found in table '${tableName}'`,
@@ -959,7 +1383,12 @@ function updateSingleField(db: Database, entityKind: string, entityId: string, f
   }
 }
 
-function deleteSingleEntity(db: Database, entityKind: string, entityId: string): void {
+function deleteSingleEntity(
+  db: Database,
+  entityKind: string,
+  entityId: string,
+  options: { allowMissing?: boolean } = {},
+): void {
   const tableName = tableForEntityKind(entityKind);
   if (!tableName) {
     throw new DomainError({
@@ -971,7 +1400,7 @@ function deleteSingleEntity(db: Database, entityKind: string, entityId: string):
 
   const result = db.query(`DELETE FROM ${tableName} WHERE id = ?;`).run(entityId);
 
-  if (result.changes === 0) {
+  if (result.changes === 0 && !options.allowMissing) {
     throw new DomainError({
       code: "row_not_found",
       message: `No row deleted: entity '${entityKind}' with id '${entityId}' not found in table '${tableName}'`,
@@ -994,11 +1423,7 @@ function resolveConflictRow(
   git: ResolutionWriteContext,
 ): void {
   if (resolution === "theirs") {
-    if (conflict.field_name === "__delete__") {
-      deleteSingleEntity(db, conflict.entity_kind, conflict.entity_id);
-    } else {
-      updateSingleField(db, conflict.entity_kind, conflict.entity_id, conflict.field_name, parseConflictValue(conflict.theirs_value));
-    }
+    applyConflictTheirsResolution(db, conflict);
   }
 
   const now: number = nextEventTimestamp(db);
@@ -1043,6 +1468,7 @@ function appendResolutionEvent(
     conflict.entity_id,
     JSON.stringify({
       conflict_id: conflict.id,
+      source_event_id: conflict.event_id,
       field: conflict.field_name,
       resolution,
       value: resolvedValue,
@@ -1210,10 +1636,10 @@ export function syncResolvePreview(cwd: string, conflictId: string, resolution:
   }
 }
 
-function queryPendingConflicts(
+function queryPendingConflictIds(
   db: Database,
   filters: ResolveAllQueryFilters,
-): readonly ConflictRow[] {
+): readonly string[] {
   const conditions: string[] = ["resolution = 'pending'"];
   const params: string[] = [];
 
@@ -1228,14 +1654,14 @@ function queryPendingConflicts(
   }
 
   const sql = `
-    SELECT c.id, c.event_id, c.entity_kind, c.entity_id, c.field_name, c.ours_value, c.theirs_value, c.resolution, c.created_at, c.updated_at
+    SELECT c.id
     FROM sync_conflicts c
     LEFT JOIN events e ON e.id = c.event_id
     WHERE ${conditions.map((condition) => condition.replaceAll("resolution", "c.resolution").replaceAll("entity_id", "c.entity_id").replaceAll("field_name", "c.field_name")).join(" AND ")}
     ORDER BY COALESCE(e.created_at, c.created_at) ASC, COALESCE(e.id, c.event_id) ASC, c.created_at ASC, c.id ASC;
   `;
 
-  return db.query(sql).all(...params) as ConflictRow[];
+  return (db.query(sql).all(...params) as ConflictOrderRow[]).map((row) => row.id);
 }
 
 function queryPendingConflictsByIds(db: Database, conflictIds: readonly string[]): readonly ConflictRow[] {
@@ -1277,11 +1703,9 @@ export function syncResolveAll(
 
     const resolvedIds: string[] = writeTransaction(storage.db, (): string[] => {
       const expectedConflictIds = options.expectedConflictIds;
-      const conflicts = expectedConflictIds
-        ? queryPendingConflictsByIds(storage.db, expectedConflictIds)
-        : queryPendingConflicts(storage.db, filters);
+      const orderedConflictIds = expectedConflictIds ?? queryPendingConflictIds(storage.db, filters);
 
-      if (conflicts.length === 0) {
+      if (orderedConflictIds.length === 0) {
         throw new DomainError({
           code: "no_matching_conflicts",
           message: "No pending conflicts match the given filters.",
@@ -1289,23 +1713,28 @@ export function syncResolveAll(
         });
       }
 
-      if (expectedConflictIds && conflicts.length !== expectedConflictIds.length) {
-        throw new DomainError({
-          code: "conflict_set_changed",
-          message: "Pending conflicts changed before batch resolution could be applied.",
-          details: {
-            filters: normalizedFilters,
-            expectedConflictIds,
-            availableConflictIds: conflicts.map((conflict) => conflict.id),
-          },
-        });
-      }
-
       const ids: string[] = [];
 
-      for (const conflict of conflicts) {
-        resolveConflictRow(storage.db, conflict, resolution, git);
-        ids.push(conflict.id);
+      for (let offset = 0; offset < orderedConflictIds.length; offset += RESOLVE_ALL_CHUNK_SIZE) {
+        const chunkIds = orderedConflictIds.slice(offset, offset + RESOLVE_ALL_CHUNK_SIZE);
+        const chunkConflicts = queryPendingConflictsByIds(storage.db, chunkIds);
+
+        if (chunkConflicts.length !== chunkIds.length) {
+          throw new DomainError({
+            code: "conflict_set_changed",
+            message: "Pending conflicts changed before batch resolution could be applied.",
+            details: {
+              filters: normalizedFilters,
+              expectedConflictIds: chunkIds,
+              availableConflictIds: chunkConflicts.map((conflict) => conflict.id),
+            },
+          });
+        }
+
+        for (const conflict of chunkConflicts) {
+          resolveConflictRow(storage.db, conflict, resolution, git);
+          ids.push(conflict.id);
+        }
       }
 
       return ids;
@@ -1331,9 +1760,9 @@ export function syncResolveAllPreview(
   const normalizedFilters: ResolveAllFilters = normalizeResolveAllFilters(filters);
 
   try {
-    const conflicts = queryPendingConflicts(storage.db, filters);
+    const conflictIds = queryPendingConflictIds(storage.db, filters);
 
-    if (conflicts.length === 0) {
+    if (conflictIds.length === 0) {
       throw new DomainError({
         code: "no_matching_conflicts",
         message: "No pending conflicts match the given filters.",
@@ -1343,8 +1772,8 @@ export function syncResolveAllPreview(
 
     return {
       resolution,
-      matchedCount: conflicts.length,
-      matchedIds: conflicts.map((c) => c.id),
+      matchedCount: conflictIds.length,
+      matchedIds: conflictIds,
       filters: normalizedFilters,
       dryRun: true,
     };