- coerceEpoch: early-return fallback on null/undefined input (was falling
through to new Date(null) → epoch 0, surfacing as 1970-01-01 in the
stories list); also unify the tail branch to Number.isFinite for
consistency with the number-type fast path
- autosave .catch: roll back lastSavedFingerprintRef on unexpected throw
so the next session change retries instead of silently marking the
content as saved
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
From PR #114 external review agent — adopted the real, low-cost findings;
remaining items (false positives / design trade-offs) explained in PR replies:
- coerceEpoch: !Number.isNaN → Number.isFinite — reject ±Infinity, which
previously slipped through and produced Invalid Date via new Date(Infinity)
- enforceRetentionCap pass2/pass3: decrement overflow only when idbDelete
actually succeeds — a failed best-effort delete no longer under-evicts
- cloudListStories: explicit column list instead of select() — avoid pulling
the bulky session_jsonb when only metadata is needed
- Supabase stories: composite primary key (user_id, id) + onConflict user_id,id
— avoid a cross-user Session.id collision rejecting the second user's save
(skeleton not yet deployed, so the migration is edited in place)
typecheck + build:cf green.