Server side of haverstack/core#46 (SQLite split) and the remaining haverstack/core#45 items. This server is the primary beneficiary of the native adapter — it currently pays sql.js's whole-file-rewrite on every write.
Work items
Adapter swap (core #46)
Token storage (core #46 §4)
Deployment doc gains a note: with WAL + real locking, multi-process storage safety improves, but the single-writer topology stands for the trust-boundary reason (permissions only exist behind this server) — core #45's framing, worth restating where operators will read it.
Refs haverstack/core#46, haverstack/core#45, #42 (DID auth builds on the same token store).
Server side of haverstack/core#46 (SQLite split) and the remaining haverstack/core#45 items. This server is the primary beneficiary of the native adapter — it currently pays sql.js's whole-file-rewrite on every write.
Work items
Adapter swap (core #46)
@haverstack/adapter-localwhen it swaps torecord-adapter-sqlite— API-invisible in theory, but verify: Node engine floor rises to ≥22.5 (we already require ≥22.9 inpackage.json, fine), FTS4→FTS5 rebuild happens transparently on first open of an existingstack.db, WAL meansDB_PATHgains sidecar files (-wal/-shm) — update the Docker volume/deployment docs which currently say the directory holds "the SQLite database and attachments"DB_PATHshould fail loudly at startup — add a test and a clear operator-facing error messageToken storage (core #46 §4)
StackTokenStoreinstead ofLocalAdapter's token methods (src/middleware/auth.ts,src/routes/tokens.ts,TokenInfoimport moves to core); compose{ adapter, tokens }explicitly insrc/stack.tsrather than sniffing token methods off the adapterstack.db, excluded from "your data, take it with you" flows. Needs a small migration for existing deployments (copy token rows out on first boot)PRAGMA foreign_keys/ transaction items from the core Attachment upload buffers the entire body in memory before the size check #46 comment thread arrive via the adapter; server tests arounddeleteAttachmentrace behavior may need updatingDeployment doc gains a note: with WAL + real locking, multi-process storage safety improves, but the single-writer topology stands for the trust-boundary reason (permissions only exist behind this server) — core #45's framing, worth restating where operators will read it.
Refs haverstack/core#46, haverstack/core#45, #42 (DID auth builds on the same token store).