uv-suite 0.30.0 → 0.32.0

package/uv.sh

@@ -175,7 +175,7 @@ launch_session() {
 
     curl -s "$wt_url/sessions/register" \
       -H 'Content-Type: application/json' \
-      -d "{\"id\":\"$UVS_SESSION_ID\",\"tmux\":\"$tname\",\"pid\":$$,\"cwd\":\"$PWD\"}" \
+      -d "{\"id\":\"$UVS_SESSION_ID\",\"tmux_target\":\"$tname\",\"pid\":$$,\"cwd\":\"$PWD\"}" \
       >/dev/null 2>&1 || true
 
     exec tmux -L "$socket" attach -t "$tname"

package/watchtower/README.md

@@ -4,23 +4,20 @@ Observability **and control** for UV Suite sessions. Hooks push events; the dash
 observes *and* acts — checkpoint a session, close it, or approve one that's blocked waiting
 for a human — from the browser.
 
-FastAPI + Postgres. A hook insert fires `pg_notify`; a listener forwards it to connected
-dashboards over WebSocket (no polling).
+FastAPI + embedded **SQLite** — no server, no Docker, no database to install. The live
+WebSocket stream is fed by an in-process broadcaster, so there is nothing external to run.
 
 ## Run
 
 ```bash
-cd watchtower
-docker compose up --build      # Postgres + the service on :4200
-# open http://localhost:4200
+uvs watch                 # opens http://localhost:4200
 ```
 
-Local (without Docker), against your own Postgres:
-```bash
-export DATABASE_URL=postgresql://watchtower:watchtower@localhost:5432/watchtower
-uv run --with-requirements requirements.txt uvicorn app.main:app --host 127.0.0.1 --port 4200
-```
-> Bind control to **127.0.0.1** — the control API can checkpoint/kill/approve sessions.
+That's the whole setup. `uvs watch` provisions the Python deps on first run (via `uv`, or
+a local `.venv`) and stores data in `watchtower/watchtower.db` (override with `WATCHTOWER_DB`).
+
+> The service binds to **127.0.0.1** — the control API can checkpoint/kill/approve
+> sessions, so it must stay on localhost.
 
 ## How sessions become controllable
 
@@ -49,26 +46,24 @@ works via PID, approve is unavailable from the UI.
 ```
 app/
   main.py            app wiring + lifespan + dashboard serving
-  db.py              asyncpg pool + NOTIFY → WebSocket broadcaster
+  db.py              SQLite layer + in-process WebSocket broadcaster
   models.py          request models
   routers/           ingest.py · query.py · stream.py · control.py
   services/          checkpoint.py (out-of-band) · tmux.py (send-keys/kill/capture)
 static/dashboard.html
-schema.sql · Dockerfile · docker-compose.yml · requirements.txt
+requirements.txt
 ```
 
 ## Status / follow-ups
 - The `Notification` hook (`hooks/watchtower-notify.sh`) still needs wiring into
   `personas/*.json` (a `Notification` event entry) for approve to fire.
-- The approve keystroke map (`y`/`n`) is a placeholder — Claude Code's permission UI may
-  use arrow-select + Enter. Validate against the installed version (`capture_pane` shows it).
+- Approve sends `1`+Enter (select "Yes") / Esc (cancel) — matched to Claude Code's
+  numbered arrow-select permission widget. Revisit if that TUI changes.
 - The semantic (haiku) checkpoint summary is a TODO; v1 checkpoints are mechanical.
-- Supersedes the old Node `server.js`/`dashboard.html`/`*-runner.js` (kept for now).
 
 ## Legacy fallback (Node)
 
-The original Node Watchtower lives under `watchtower/legacy/` as a fallback that needs
-**no Docker/Postgres**:
+The original Node Watchtower lives under `watchtower/legacy/` — pure Node, no Python:
 
 ```bash
 uvs watch --legacy        # runs legacy/server.js on :4200 (flat events.json, SSE)

package/watchtower/app/db.py

@@ -1,26 +1,28 @@
-"""Async Postgres layer + a NOTIFY → WebSocket broadcaster.
+"""Database layer — embedded SQLite (no server, no Docker).
 
-A hook insert calls `notify()` which `pg_notify`s on CHANNEL; a dedicated listener
-connection forwards each payload to the Broadcaster, which fans it out to connected
-WebSocket subscribers. No polling.
+Data lives in a single file (default watchtower/watchtower.db, override with
+WATCHTOWER_DB). The live WebSocket stream is fed by an in-process broadcaster, so
+there is nothing external to run. Routers use one small async API: `fetch`,
+`fetchrow`, `execute`, `insert` (with `?` placeholders) and the sync `notify(payload)`.
+JSON columns are stored as TEXT; callers json.dumps on write and json.loads on read.
 """
 import asyncio
 import json
 import os
 
-import asyncpg
+import aiosqlite
 
-DATABASE_URL = os.environ.get(
-    "DATABASE_URL", "postgresql://watchtower:watchtower@localhost:5432/watchtower"
+SQLITE_PATH = os.environ.get(
+    "WATCHTOWER_DB",
+    os.path.join(os.path.dirname(__file__), "..", "watchtower.db"),
 )
-CHANNEL = "watchtower_events"
-SCHEMA_PATH = os.path.join(os.path.dirname(__file__), "..", "schema.sql")
 
-pool: asyncpg.Pool | None = None
+_db: aiosqlite.Connection | None = None
+_write_lock = asyncio.Lock()
 
 
 class Broadcaster:
-    """Fan out NOTIFY payloads (JSON strings) to subscribed WebSocket clients."""
+    """Fan out payloads (JSON strings) to subscribed WebSocket clients (in-process)."""
 
     def __init__(self) -> None:
         self._subs: set[asyncio.Queue] = set()
@@ -43,43 +45,85 @@ class Broadcaster:
 
 broadcaster = Broadcaster()
 
-
-async def init_pool() -> None:
-    global pool
-    async def _init(con):
-        await con.set_type_codec(
-            "jsonb", encoder=json.dumps, decoder=json.loads, schema="pg_catalog"
-        )
-
-    pool = await asyncpg.create_pool(DATABASE_URL, min_size=1, max_size=10, init=_init)
-    with open(SCHEMA_PATH) as f:
-        schema = f.read()
-    async with pool.acquire() as con:
-        await con.execute(schema)
-
-
-async def listen_notify() -> None:
-    """Dedicated connection LISTENing on CHANNEL; forwards payloads to the broadcaster."""
-    con = await asyncpg.connect(DATABASE_URL)
-    await con.add_listener(CHANNEL, lambda *args: broadcaster.publish(args[-1]))
-    try:
-        while True:
-            await asyncio.sleep(3600)
-    finally:
-        await con.close()
-
-
-async def close_pool() -> None:
-    if pool:
-        await pool.close()
-
-
-async def db() -> asyncpg.Connection:
-    """FastAPI dependency: yields a pooled connection."""
-    async with pool.acquire() as con:
-        yield con
-
-
-async def notify(con: asyncpg.Connection, payload: dict) -> None:
-    """Emit a NOTIFY so the stream router pushes this to dashboards."""
-    await con.execute("SELECT pg_notify($1, $2)", CHANNEL, json.dumps(payload, default=str))
+_SCHEMA = [
+    """CREATE TABLE IF NOT EXISTS sessions (
+        id text PRIMARY KEY, name text, kind text, purpose text, priority text,
+        persona text, cwd text, worktree text, branch text, pid integer,
+        tmux_target text, parent_id text, state text DEFAULT 'active',
+        input_tokens integer, output_tokens integer,
+        started_at TEXT DEFAULT CURRENT_TIMESTAMP, ended_at text)""",
+    """CREATE TABLE IF NOT EXISTS events (
+        id INTEGER PRIMARY KEY AUTOINCREMENT, session_id text, event_type text,
+        tool_name text, command text, payload text,
+        created_at TEXT DEFAULT CURRENT_TIMESTAMP)""",
+    """CREATE TABLE IF NOT EXISTS approvals (
+        id INTEGER PRIMARY KEY AUTOINCREMENT, session_id text, tool_name text,
+        command text, request text, status text DEFAULT 'pending', decided_by text,
+        created_at TEXT DEFAULT CURRENT_TIMESTAMP, decided_at text)""",
+    "CREATE TABLE IF NOT EXISTS settings (key text PRIMARY KEY, value text)",
+    "CREATE INDEX IF NOT EXISTS idx_events_session_created ON events (session_id, created_at)",
+    "CREATE INDEX IF NOT EXISTS idx_approvals_session_status ON approvals (session_id, status)",
+]
+
+
+async def init_db() -> None:
+    global _db
+    _db = await aiosqlite.connect(SQLITE_PATH)
+    _db.row_factory = aiosqlite.Row
+    for stmt in _SCHEMA:
+        await _db.execute(stmt)
+    # Migrate older dbs that predate newer columns.
+    for col in ("parent_id text", "input_tokens integer", "output_tokens integer"):
+        try:
+            await _db.execute(f"ALTER TABLE sessions ADD COLUMN {col}")
+        except Exception:
+            pass  # column already exists
+    await _db.commit()
+
+
+async def close() -> None:
+    if _db:
+        await _db.close()
+
+
+async def fetch(sql: str, *args) -> list[dict]:
+    cur = await _db.execute(sql, args)
+    rows = await cur.fetchall()
+    return [dict(r) for r in rows]
+
+
+async def fetchrow(sql: str, *args) -> dict | None:
+    rows = await fetch(sql, *args)
+    return rows[0] if rows else None
+
+
+async def execute(sql: str, *args) -> None:
+    async with _write_lock:
+        await _db.execute(sql, args)
+        await _db.commit()
+
+
+async def insert(sql: str, *args) -> int:
+    """Run an INSERT and return the new row id."""
+    async with _write_lock:
+        cur = await _db.execute(sql, args)
+        await _db.commit()
+        return cur.lastrowid
+
+
+async def get_setting(key: str, default: str | None = None) -> str | None:
+    row = await fetchrow("SELECT value FROM settings WHERE key = ?", key)
+    return row["value"] if row else default
+
+
+async def set_setting(key: str, value: str) -> None:
+    await execute(
+        "INSERT INTO settings (key, value) VALUES (?, ?) "
+        "ON CONFLICT (key) DO UPDATE SET value = excluded.value",
+        key, value,
+    )
+
+
+def notify(payload: dict) -> None:
+    """Push an update to connected dashboards (in-process)."""
+    broadcaster.publish(json.dumps(payload, default=str))

package/watchtower/app/main.py

@@ -1,5 +1,4 @@
 """Watchtower service entrypoint. Wires the routers built independently in app/routers/."""
-import asyncio
 import os
 from contextlib import asynccontextmanager
 
@@ -8,20 +7,18 @@ from fastapi.responses import FileResponse
 from fastapi.staticfiles import StaticFiles
 
 from app import db
-from app.routers import control, ingest, query, stream
+from app.routers import control, ingest, query, settings, stream
 
 STATIC_DIR = os.path.join(os.path.dirname(__file__), "..", "static")
 
 
 @asynccontextmanager
 async def lifespan(app: FastAPI):
-    await db.init_pool()
-    listener = asyncio.create_task(db.listen_notify())
+    await db.init_db()
     try:
         yield
     finally:
-        listener.cancel()
-        await db.close_pool()
+        await db.close()
 
 
 app = FastAPI(title="Watchtower", version="1.0.0", lifespan=lifespan)
@@ -30,6 +27,7 @@ app.include_router(ingest.router)
 app.include_router(query.router)
 app.include_router(stream.router)
 app.include_router(control.router)
+app.include_router(settings.router)
 
 
 app.mount("/static", StaticFiles(directory=STATIC_DIR), name="static")

package/watchtower/app/models.py

@@ -30,6 +30,11 @@ class StateUpdate(BaseModel):
     state: Literal["active", "idle", "awaiting_human", "terminated"]
 
 
+class TokensIn(BaseModel):
+    input_tokens: int = 0
+    output_tokens: int = 0
+
+
 class ApprovalIn(BaseModel):
     session_id: str
     tool_name: str | None = None

package/watchtower/app/routers/control.py

@@ -5,13 +5,16 @@
 # is started with `--host 127.0.0.1`; keep it bound to localhost.
 """
 import asyncio
+import json
 import os
+import shlex
 import shutil
 import signal
+import subprocess
+import sys
 import uuid
 
-import asyncpg
-from fastapi import APIRouter, Depends, HTTPException
+from fastapi import APIRouter, HTTPException
 
 from app import db
 from app.models import ApprovalDecision, SpawnRequest
@@ -19,30 +22,70 @@ from app.services import checkpoint, tmux
 
 router = APIRouter()
 
+
+def _terminal_app(pref: str | None = None) -> str:
+    """Which macOS terminal to open. Precedence: the UI setting (pref), then the
+    UVS_TERMINAL env, then the terminal that launched Watchtower (TERM_PROGRAM),
+    then Terminal.app. 'auto'/empty falls through to detection."""
+    for candidate in (pref, os.environ.get("UVS_TERMINAL", "")):
+        c = (candidate or "").strip().lower()
+        if c in ("iterm", "iterm2"):
+            return "iterm"
+        if c in ("terminal", "terminal.app", "apple_terminal"):
+            return "terminal"
+    if os.environ.get("TERM_PROGRAM") == "iTerm.app":
+        return "iterm"
+    return "terminal"
+
+
+def _term_script(app: str, attach: str) -> str:
+    if app == "iterm":
+        return (
+            'tell application "iTerm"\n'
+            "  create window with default profile\n"
+            f'  tell current session of current window to write text "{attach}"\n'
+            "  activate\n"
+            "end tell"
+        )
+    return f'tell application "Terminal" to do script "{attach}"\ntell application "Terminal" to activate'
+
+
+def _open_terminal(target: str, pref: str | None = None) -> bool:
+    """Best-effort: open a terminal window attached to the tmux session (macOS).
+    Tries the preferred app first, then the other as a fallback."""
+    if sys.platform != "darwin":
+        return False
+    attach = f"tmux -L {tmux.SOCKET} attach -t {shlex.quote(target)}"
+    order = ["iterm", "terminal"] if _terminal_app(pref) == "iterm" else ["terminal", "iterm"]
+    for app in order:
+        if subprocess.run(["osascript", "-e", _term_script(app, attach)], capture_output=True).returncode == 0:
+            return True
+    return False
+
 # Claude Code's permission gate is a numbered arrow-select menu confirmed with Enter and
 # cancelled with Esc (verified live: the trust-folder and tool-permission prompts use the
 # same widget — it is NOT a y/n prompt). Approve = select option 1 ("Yes") + Enter;
 # deny = Esc. This is the one part coupled to the tool's TUI; revisit if the widget changes.
 
 
-async def _load_session(id: str, con: asyncpg.Connection) -> dict:
-    row = await con.fetchrow("SELECT * FROM sessions WHERE id = $1", id)
+async def _load_session(id: str) -> dict:
+    row = await db.fetchrow("SELECT * FROM sessions WHERE id = ?", id)
     if row is None:
         raise HTTPException(status_code=404, detail=f"session {id} not found")
-    return dict(row)
+    return row
 
 
 @router.post("/sessions/{id}/checkpoint")
-async def checkpoint_session(id: str, con: asyncpg.Connection = Depends(db.db)) -> dict:
-    session = await _load_session(id, con)
+async def checkpoint_session(id: str) -> dict:
+    session = await _load_session(id)
     path = await checkpoint.write_checkpoint(session)
-    await db.notify(con, {"type": "checkpoint", "session_id": id, "path": path})
+    db.notify({"type": "checkpoint", "session_id": id, "path": path})
     return {"path": path}
 
 
 @router.post("/sessions/{id}/close")
-async def close_session(id: str, con: asyncpg.Connection = Depends(db.db)) -> dict:
-    session = await _load_session(id, con)
+async def close_session(id: str) -> dict:
+    session = await _load_session(id)
 
     path = await checkpoint.write_checkpoint(session)
 
@@ -57,61 +100,137 @@ async def close_session(id: str, con: asyncpg.Connection = Depends(db.db)) -> di
         except ProcessLookupError:
             terminated_via = "pid_gone"
 
-    await con.execute(
-        "UPDATE sessions SET state = 'terminated', ended_at = now() WHERE id = $1", id
+    await db.execute(
+        "UPDATE sessions SET state = 'terminated', ended_at = CURRENT_TIMESTAMP WHERE id = ?",
+        id,
     )
-    await db.notify(con, {"type": "session", "session_id": id, "state": "terminated"})
+    db.notify({"type": "session", "session_id": id, "state": "terminated"})
     return {"ok": True, "checkpoint": path, "terminated_via": terminated_via}
 
 
-@router.post("/sessions/{id}/approve")
-async def approve_session(
-    id: str, decision: ApprovalDecision, con: asyncpg.Connection = Depends(db.db)
-) -> dict:
-    session = await _load_session(id, con)
+@router.post("/approvals/{approval_id}/decide")
+async def decide_approval(approval_id: int, decision: ApprovalDecision) -> dict:
+    """Resolve an approval by its own id. Actuates via send-keys when the session is
+    owned (tmux); otherwise still records the decision so it clears from the UI (the
+    user answers in the terminal). Never 404s on a missing/unowned session."""
+    appr = await db.fetchrow("SELECT * FROM approvals WHERE id = ?", approval_id)
+    if appr is None:
+        raise HTTPException(status_code=404, detail="approval not found")
 
+    sid = appr["session_id"]
+    session = await db.fetchrow("SELECT * FROM sessions WHERE id = ?", sid)
+
+    actuated = False
+    if session and session.get("tmux_target"):
+        keys = "1" if decision.decision == "approve" else "Escape"  # numbered menu: 1=Yes / Esc=cancel
+        await asyncio.to_thread(tmux.send_keys, session["tmux_target"], keys, decision.decision == "approve")
+        actuated = True
+
+    new_status = "approved" if decision.decision == "approve" else "denied"
+    await db.execute(
+        "UPDATE approvals SET status = ?, decided_by = ?, decided_at = CURRENT_TIMESTAMP WHERE id = ?",
+        new_status, decision.decided_by, approval_id,
+    )
+    if session:
+        await db.execute("UPDATE sessions SET state = 'active' WHERE id = ?", sid)
+    db.notify({"type": "approval", "id": approval_id, "session_id": sid, "status": new_status})
+    return {"ok": True, "status": new_status, "actuated": actuated}
+
+
+@router.post("/sessions/{id}/compact")
+async def compact_session(id: str) -> dict:
+    session = await _load_session(id)
     if not session.get("tmux_target"):
         raise HTTPException(
             status_code=400,
-            detail="session not owned by Watchtower; approve in the terminal",
+            detail="session not owned by Watchtower; run /compact in the terminal",
         )
+    await asyncio.to_thread(tmux.send_keys, session["tmux_target"], "/compact", True)
+    db.notify({"type": "event", "session_id": id, "event_type": "Compact"})
+    return {"ok": True}
 
-    approval = await con.fetchrow(
-        """SELECT id FROM approvals
-            WHERE session_id = $1 AND status = 'pending'
-         ORDER BY created_at DESC
-            LIMIT 1""",
-        id,
+
+@router.post("/sessions/{id}/fork")
+async def fork_session(id: str, open: bool = True) -> dict:
+    parent = await _load_session(id)
+    if not tmux.has_tmux():
+        raise HTTPException(status_code=400, detail="tmux not available; cannot fork")
+
+    child = uuid.uuid4().hex
+    cwd = parent.get("cwd") or os.getcwd()
+    persona = parent.get("persona") or "professional"
+    name = (parent.get("name") or parent["id"][:8]) + " (fork)"
+
+    # Write a metadata file so the child's hooks attribute events to it (name, persona,
+    # parent) instead of falling back to Claude's internal session id.
+    try:
+        meta_dir = os.path.join(cwd, ".uv-suite-state", "sessions")
+        os.makedirs(meta_dir, exist_ok=True)
+        with open(os.path.join(meta_dir, f"{child}.json"), "w") as f:
+            json.dump(
+                {"uvs_session_id": child, "name": name, "persona": persona,
+                 "parent_id": id, "cwd": cwd},
+                f,
+            )
+    except OSError:
+        pass  # best-effort; the hook still tags by UVS_SESSION_ID
+
+    settings = os.path.join(cwd, ".claude", "personas", f"{persona}.json")
+    claude = "claude" + (f" --settings {shlex.quote(settings)}" if os.path.isfile(settings) else "")
+    cmd = f"UVS_SESSION_ID={child} UVS_IN_TMUX=1 exec {claude}"
+
+    try:
+        target = await asyncio.to_thread(tmux.spawn, child, cmd, cwd)
+    except RuntimeError as e:
+        raise HTTPException(status_code=400, detail=str(e))
+
+    await db.execute(
+        """INSERT INTO sessions (id, name, persona, cwd, tmux_target, parent_id, state)
+           VALUES (?, ?, ?, ?, ?, ?, 'active')""",
+        child, name, persona, cwd, target, id,
     )
-    if approval is None:
-        raise HTTPException(status_code=404, detail="no pending approval for session")
+    pref = await db.get_setting("terminal_app")
+    opened = await asyncio.to_thread(_open_terminal, target, pref) if open else False
+    db.notify({"type": "session", "session_id": child, "state": "active"})
+    return {"id": child, "name": name, "tmux_target": target, "parent_id": id, "terminal_opened": opened}
 
-    target = session["tmux_target"]
-    # Read the current prompt before answering (surfaced for debugging / UI).
-    prompt = await asyncio.to_thread(tmux.capture_pane, target)
-    if decision.decision == "approve":
-        await asyncio.to_thread(tmux.send_keys, target, "1", True)        # select "Yes" + Enter
-    else:
-        await asyncio.to_thread(tmux.send_keys, target, "Escape", False)  # Esc cancels → reject
 
-    new_status = "approved" if decision.decision == "approve" else "denied"
-    await con.execute(
-        """UPDATE approvals
-              SET status = $2, decided_by = $3, decided_at = now()
-            WHERE id = $1""",
-        approval["id"], new_status, decision.decided_by,
+@router.delete("/sessions/{id}")
+async def delete_session(id: str) -> dict:
+    """Permanently remove a session and its events/approvals from Watchtower.
+    Kills the live tmux session first (if owned + active) so it can't re-register.
+    On-disk checkpoint files in the project's uv-out/ are left intact."""
+    session = await db.fetchrow("SELECT tmux_target, state FROM sessions WHERE id = ?", id)
+    if session is None:
+        raise HTTPException(status_code=404, detail="session not found")
+    if session.get("tmux_target") and session.get("state") != "terminated":
+        await asyncio.to_thread(tmux.kill_session, session["tmux_target"])
+    await db.execute("DELETE FROM events WHERE session_id = ?", id)
+    await db.execute("DELETE FROM approvals WHERE session_id = ?", id)
+    await db.execute("DELETE FROM sessions WHERE id = ?", id)
+    db.notify({"type": "session_deleted", "session_id": id})
+    return {"ok": True, "deleted": id}
+
+
+@router.post("/sessions/cleanup")
+async def cleanup_sessions() -> dict:
+    """Permanently remove ALL sessions (and their events/approvals). Kills any owned,
+    still-live tmux sessions first. Used by the dashboard's double-confirmed cleanup."""
+    live = await db.fetch(
+        "SELECT tmux_target FROM sessions WHERE state != 'terminated' AND tmux_target IS NOT NULL"
     )
-    await con.execute("UPDATE sessions SET state = 'active' WHERE id = $1", id)
-    await db.notify(con, {
-        "type": "approval",
-        "session_id": id,
-        "status": new_status,
-    })
-    return {"ok": True, "status": new_status, "prompt": prompt[-500:]}
+    for r in live:
+        await asyncio.to_thread(tmux.kill_session, r["tmux_target"])
+    count = (await db.fetchrow("SELECT count(*) AS n FROM sessions"))["n"]
+    await db.execute("DELETE FROM events")
+    await db.execute("DELETE FROM approvals")
+    await db.execute("DELETE FROM sessions")
+    db.notify({"type": "cleanup"})
+    return {"ok": True, "deleted": count}
 
 
 @router.post("/sessions/spawn")
-async def spawn_session(req: SpawnRequest, con: asyncpg.Connection = Depends(db.db)) -> dict:
+async def spawn_session(req: SpawnRequest) -> dict:
     if not tmux.has_tmux():
         raise HTTPException(status_code=400, detail="tmux not available; cannot spawn")
 
@@ -119,10 +238,7 @@ async def spawn_session(req: SpawnRequest, con: asyncpg.Connection = Depends(db.
     cwd = req.cwd or os.getcwd()
 
     # Prefer the real `uvs <tool> <persona>` launcher; fall back to the bare tool.
-    if shutil.which("uvs"):
-        launch = f"uvs {req.tool} {req.persona}"
-    else:
-        launch = req.tool
+    launch = f"uvs {req.tool} {req.persona}" if shutil.which("uvs") else req.tool
     cmd = f"UVS_SESSION_ID={id} {launch}"
 
     try:
@@ -130,15 +246,15 @@ async def spawn_session(req: SpawnRequest, con: asyncpg.Connection = Depends(db.
     except RuntimeError as e:
         raise HTTPException(status_code=400, detail=str(e))
 
-    await con.execute(
+    await db.execute(
         """INSERT INTO sessions (id, persona, cwd, tmux_target, state)
-           VALUES ($1, $2, $3, $4, 'active')
+           VALUES (?, ?, ?, ?, 'active')
            ON CONFLICT (id) DO UPDATE SET
-             persona     = COALESCE($2, sessions.persona),
-             cwd         = COALESCE($3, sessions.cwd),
-             tmux_target = $4,
+             persona     = COALESCE(excluded.persona, sessions.persona),
+             cwd         = COALESCE(excluded.cwd, sessions.cwd),
+             tmux_target = excluded.tmux_target,
              state       = 'active'""",
         id, req.persona, cwd, target,
     )
-    await db.notify(con, {"type": "session", "session_id": id, "state": "active"})
+    db.notify({"type": "session", "session_id": id, "state": "active"})
     return {"id": id, "tmux_target": target}