feat(session): harden SQLite sharding with retries, monitoring, and load tests

Author: sjawhar

packages/opencode/src/effect/runner.ts

@@ -192,8 +192,8 @@ export namespace Runner {
         case "ShellThenRun":
           return [
             Effect.gen(function* () {
-              yield* Deferred.fail(st.run.done, new Cancelled()).pipe(Effect.asVoid)
               yield* stopShell(st.shell)
+              yield* Deferred.fail(st.run.done, new Cancelled()).pipe(Effect.asVoid)
               yield* idleIfCurrent()
             }),
             { _tag: "Idle" } as const,

packages/opencode/src/project/project.ts

@@ -134,6 +134,12 @@ export namespace Project {
       const db = <T>(fn: (d: Parameters<typeof Database.use>[0] extends (trx: infer D) => any ? D : never) => T) =>
         Effect.sync(() => Database.use(fn))
 
+      type Sync<T> = T extends Promise<any> ? never : T
+
+      const tx = <T>(
+        fn: (d: Parameters<typeof Database.transaction>[0] extends (trx: infer D) => any ? D : never) => Sync<T>,
+      ) => Effect.sync(() => Database.transaction(fn, { behavior: "immediate" }))
+
       const emitUpdated = (data: Info) =>
         Effect.sync(() =>
           GlobalBus.emit("event", {
@@ -245,7 +251,7 @@ export namespace Project {
         })
 
         // Phase 2: upsert
-        const row = yield* db((d) => d.select().from(ProjectTable).where(eq(ProjectTable.id, data.id)).get())
+        const row = yield* tx((d) => d.select().from(ProjectTable).where(eq(ProjectTable.id, data.id)).get())
         const existing = row
           ? fromRow(row)
           : {
@@ -277,9 +283,8 @@ export namespace Project {
           { concurrency: "unbounded" },
         ).pipe(Effect.map((arr) => arr.filter((x): x is string => x !== undefined)))
 
-        yield* db((d) =>
-          d
-            .insert(ProjectTable)
+        yield* tx((d) => {
+          d.insert(ProjectTable)
             .values({
               id: result.id,
               worktree: result.worktree,
@@ -307,18 +312,15 @@ export namespace Project {
                 commands: result.commands,
               },
             })
-            .run(),
-        )
+            .run()
 
-        if (data.id !== ProjectID.global) {
-          yield* db((d) =>
-            d
-              .update(SessionTable)
-              .set({ project_id: data.id })
-              .where(and(eq(SessionTable.project_id, ProjectID.global), eq(SessionTable.directory, data.worktree)))
-              .run(),
-          )
-        }
+          if (data.id === ProjectID.global) return
+
+          d.update(SessionTable)
+            .set({ project_id: data.id })
+            .where(and(eq(SessionTable.project_id, ProjectID.global), eq(SessionTable.directory, data.worktree)))
+            .run()
+        })
 
         yield* emitUpdated(result)
         return { project: result, sandbox: data.sandbox }

packages/opencode/src/session/index.ts

@@ -403,6 +403,14 @@ export namespace Session {
 
         yield* Effect.sync(() => SyncEvent.run(Event.Created, { sessionID: result.id, info: result }))
 
+        if (!input.parentID) {
+          try {
+            Database.session(result.id)
+          } catch (e) {
+            log.error("failed to create per-tree db", { error: e })
+          }
+        }
+
         const cfg = yield* config.get()
         if (!result.parentID && (Flag.OPENCODE_AUTO_SHARE || cfg.share === "auto")) {
           yield* share(result.id).pipe(Effect.ignore, Effect.forkIn(scope))
@@ -592,12 +600,13 @@ export namespace Session {
         )
       })
 
-      const messages = Effect.fn("Session.messages")(function* (input: { sessionID: SessionID; limit?: number }) {
-        if (input.limit) {
-          return MessageV2.page({ sessionID: input.sessionID, limit: input.limit }).items
-        }
-        return Array.from(MessageV2.stream(input.sessionID)).reverse()
-      })
+      const messages = Effect.fn("Session.messages")((input: { sessionID: SessionID; limit?: number }) =>
+        Effect.succeed(
+          input.limit
+            ? MessageV2.page({ sessionID: input.sessionID, limit: input.limit }).items
+            : Array.from(MessageV2.stream(input.sessionID)).reverse(),
+        ),
+      )
 
       const removeMessage = Effect.fn("Session.removeMessage")(function* (input: {
         sessionID: SessionID

packages/opencode/src/session/llm.ts

@@ -235,13 +235,45 @@ export namespace LLM {
     // and results sent back over the WebSocket.
     if (language instanceof GitLabWorkflowLanguageModel) {
       const workflowModel = language
-      workflowModel.sessionID = input.sessionID
       workflowModel.systemPrompt = system.join("\n")
-      workflowModel.toolExecutor = async (toolName, argsJson, _requestID) => {
+
+      const ruleset = Permission.merge(input.agent.permission ?? [], input.permission ?? [])
+      const preapprovedTools = Object.keys(tools).filter((name) => {
+        const match = ruleset.findLast((rule) => Wildcard.match(name, rule.permission))
+        return !match || match.action !== "ask"
+      })
+      const approvedToolsForSession = new Set<string>()
+      workflowModel.toolExecutor = async (toolName: string, argsJson: string, _requestID: string) => {
         const t = tools[toolName]
         if (!t || !t.execute) {
           return { result: "", error: `Unknown tool: ${toolName}` }
         }
+
+        if (!preapprovedTools.includes(toolName) && !approvedToolsForSession.has(toolName)) {
+          const id = PermissionID.ascending()
+          let unsub: (() => void) | undefined
+          try {
+            const parsed = JSON.parse(argsJson) as Record<string, unknown>
+            const title = (parsed?.title ?? parsed?.name ?? "") as string
+            const pattern = title ? `${toolName}: ${title}` : toolName
+            unsub = Bus.subscribe(Permission.Event.Replied, (_evt) => {})
+            await Permission.ask({
+              id,
+              sessionID: SessionID.make(input.sessionID),
+              permission: "workflow_tool_approval",
+              patterns: [pattern],
+              metadata: { tools: [{ name: toolName, args: argsJson }] },
+              always: [pattern],
+              ruleset: [],
+            })
+            approvedToolsForSession.add(toolName)
+          } catch {
+            return { result: "", error: `Tool approval rejected: ${toolName}` }
+          } finally {
+            unsub?.()
+          }
+        }
+
         try {
           const result = await t.execute!(JSON.parse(argsJson), {
             toolCallId: _requestID,
@@ -258,57 +290,6 @@ export namespace LLM {
           return { result: "", error: e.message ?? String(e) }
         }
       }
-
-      const ruleset = Permission.merge(input.agent.permission ?? [], input.permission ?? [])
-      workflowModel.sessionPreapprovedTools = Object.keys(tools).filter((name) => {
-        const match = ruleset.findLast((rule) => Wildcard.match(name, rule.permission))
-        return !match || match.action !== "ask"
-      })
-
-      const approvedToolsForSession = new Set<string>()
-      workflowModel.approvalHandler = Instance.bind(async (approvalTools) => {
-        const uniqueNames = [...new Set(approvalTools.map((t: { name: string }) => t.name))] as string[]
-        // Auto-approve tools that were already approved in this session
-        // (prevents infinite approval loops for server-side MCP tools)
-        if (uniqueNames.every((name) => approvedToolsForSession.has(name))) {
-          return { approved: true }
-        }
-
-        const id = PermissionID.ascending()
-        let reply: Permission.Reply | undefined
-        let unsub: (() => void) | undefined
-        try {
-          unsub = Bus.subscribe(Permission.Event.Replied, (evt) => {
-            if (evt.properties.requestID === id) reply = evt.properties.reply
-          })
-          const toolPatterns = approvalTools.map((t: { name: string; args: string }) => {
-            try {
-              const parsed = JSON.parse(t.args) as Record<string, unknown>
-              const title = (parsed?.title ?? parsed?.name ?? "") as string
-              return title ? `${t.name}: ${title}` : t.name
-            } catch {
-              return t.name
-            }
-          })
-          const uniquePatterns = [...new Set(toolPatterns)] as string[]
-          await Permission.ask({
-            id,
-            sessionID: SessionID.make(input.sessionID),
-            permission: "workflow_tool_approval",
-            patterns: uniquePatterns,
-            metadata: { tools: approvalTools },
-            always: uniquePatterns,
-            ruleset: [],
-          })
-          for (const name of uniqueNames) approvedToolsForSession.add(name)
-          workflowModel.sessionPreapprovedTools = [...workflowModel.sessionPreapprovedTools, ...uniqueNames]
-          return { approved: true }
-        } catch {
-          return { approved: false }
-        } finally {
-          unsub?.()
-        }
-      })
     }
 
     return streamText({

packages/opencode/src/session/message-v2.ts

@@ -547,18 +547,20 @@ export namespace MessageV2 {
       and(eq(MessageTable.time_created, row.time), lt(MessageTable.id, row.id)),
     )
 
-  function hydrate(rows: (typeof MessageTable.$inferSelect)[]) {
+  function resolve(sid: SessionID) {
+    return Database.resolveSession(sid)
+  }
+
+  function hydrate(db: Database.TxOrDb, rows: (typeof MessageTable.$inferSelect)[]) {
     const ids = rows.map((row) => row.id)
     const partByMessage = new Map<string, MessageV2.Part[]>()
     if (ids.length > 0) {
-      const partRows = Database.use((db) =>
-        db
-          .select()
-          .from(PartTable)
-          .where(inArray(PartTable.message_id, ids))
-          .orderBy(PartTable.message_id, PartTable.id)
-          .all(),
-      )
+      const partRows = db
+        .select()
+        .from(PartTable)
+        .where(inArray(PartTable.message_id, ids))
+        .orderBy(PartTable.message_id, PartTable.id)
+        .all()
       for (const row of partRows) {
         const next = part(row)
         const list = partByMessage.get(row.message_id)
@@ -831,15 +833,14 @@ export namespace MessageV2 {
     const where = before
       ? and(eq(MessageTable.session_id, input.sessionID), older(before))
       : eq(MessageTable.session_id, input.sessionID)
-    const rows = Database.use((db) =>
-      db
-        .select()
-        .from(MessageTable)
-        .where(where)
-        .orderBy(desc(MessageTable.time_created), desc(MessageTable.id))
-        .limit(input.limit + 1)
-        .all(),
-    )
+    const db = resolve(input.sessionID)
+    const rows = db
+      .select()
+      .from(MessageTable)
+      .where(where)
+      .orderBy(desc(MessageTable.time_created), desc(MessageTable.id))
+      .limit(input.limit + 1)
+      .all()
     if (rows.length === 0) {
       const row = Database.use((db) =>
         db.select({ id: SessionTable.id }).from(SessionTable).where(eq(SessionTable.id, input.sessionID)).get(),
@@ -853,7 +854,7 @@ export namespace MessageV2 {
 
     const more = rows.length > input.limit
     const slice = more ? rows.slice(0, input.limit) : rows
-    const items = hydrate(slice)
+    const items = hydrate(db, slice)
     items.reverse()
     const tail = slice.at(-1)
     return {
@@ -877,33 +878,28 @@ export namespace MessageV2 {
     }
   }
 
-  export function parts(message_id: MessageID) {
-    const rows = Database.use((db) =>
-      db.select().from(PartTable).where(eq(PartTable.message_id, message_id)).orderBy(PartTable.id).all(),
-    )
-    return rows.map(
-      (row) =>
-        ({
-          ...row.data,
-          id: row.id,
-          sessionID: row.session_id,
-          messageID: row.message_id,
-        }) as MessageV2.Part,
-    )
+  export function parts(mid: MessageID, sid?: SessionID) {
+    const db = sid ? resolve(sid) : Database.Client()
+    return db.select().from(PartTable).where(eq(PartTable.message_id, mid)).orderBy(PartTable.id).all().map(part)
   }
 
   export function get(input: { sessionID: SessionID; messageID: MessageID }): WithParts {
-    const row = Database.use((db) =>
-      db
-        .select()
-        .from(MessageTable)
-        .where(and(eq(MessageTable.id, input.messageID), eq(MessageTable.session_id, input.sessionID)))
-        .get(),
-    )
+    const db = resolve(input.sessionID)
+    const row = db
+      .select()
+      .from(MessageTable)
+      .where(and(eq(MessageTable.id, input.messageID), eq(MessageTable.session_id, input.sessionID)))
+      .get()
     if (!row) throw new NotFoundError({ message: `Message not found: ${input.messageID}` })
     return {
       info: info(row),
-      parts: parts(input.messageID),
+      parts: db
+        .select()
+        .from(PartTable)
+        .where(eq(PartTable.message_id, input.messageID))
+        .orderBy(PartTable.id)
+        .all()
+        .map(part),
     }
   }
 
@@ -925,9 +921,7 @@ export namespace MessageV2 {
     return result
   }
 
-  export const filterCompactedEffect = Effect.fnUntraced(function* (sessionID: SessionID) {
-    return filterCompacted(stream(sessionID))
-  })
+  export const filterCompactedEffect = (sessionID: SessionID) => Effect.succeed(filterCompacted(stream(sessionID)))
 
   export function fromError(
     e: unknown,
@@ -979,7 +973,7 @@ export namespace MessageV2 {
           },
           { cause: e },
         ).toObject()
-      case APICallError.isInstance(e):
+      case APICallError.isInstance(e): {
         const parsed = ProviderError.parseAPICallError({
           providerID: ctx.providerID,
           error: e,
@@ -1005,6 +999,7 @@ export namespace MessageV2 {
           },
           { cause: e },
         ).toObject()
+      }
       case e instanceof Error:
         return new NamedError.Unknown({ message: errorMessage(e) }, { cause: e }).toObject()
       default:

packages/opencode/src/session/processor.ts

@@ -30,6 +30,7 @@ export namespace SessionProcessor {
   export interface Handle {
     readonly message: MessageV2.Assistant
     readonly partFromToolCall: (toolCallID: string) => MessageV2.ToolPart | undefined
+    readonly abort: Effect.Effect<void>
     readonly process: (streamInput: LLM.StreamInput) => Effect.Effect<Result>
   }
 
@@ -186,7 +187,7 @@ export namespace SessionProcessor {
                   : value.providerMetadata,
               } satisfies MessageV2.ToolPart)
 
-              const parts = MessageV2.parts(ctx.assistantMessage.id)
+              const parts = MessageV2.parts(ctx.assistantMessage.id, ctx.assistantMessage.sessionID)
               const recentParts = parts.slice(-DOOM_LOOP_THRESHOLD)
 
               if (
@@ -398,7 +399,7 @@ export namespace SessionProcessor {
           }
           ctx.reasoningMap = {}
 
-          const parts = MessageV2.parts(ctx.assistantMessage.id)
+          const parts = MessageV2.parts(ctx.assistantMessage.id, ctx.assistantMessage.sessionID)
           for (const part of parts) {
             if (part.type !== "tool" || part.state.status === "completed" || part.state.status === "error") continue
             yield* session.updatePart({
@@ -489,6 +490,7 @@ export namespace SessionProcessor {
           partFromToolCall(toolCallID: string) {
             return ctx.toolcalls[toolCallID]
           },
+          abort: cleanup(),
           process,
         } satisfies Handle
       })