da74e3e763
From PR #114 external review agent — adopted the real, low-cost findings; remaining items (false positives / design trade-offs) explained in PR replies: - coerceEpoch: !Number.isNaN → Number.isFinite — reject ±Infinity, which previously slipped through and produced Invalid Date via new Date(Infinity) - enforceRetentionCap pass2/pass3: decrement overflow only when idbDelete actually succeeds — a failed best-effort delete no longer under-evicts - cloudListStories: explicit column list instead of select() — avoid pulling the bulky session_jsonb when only metadata is needed - Supabase stories: composite primary key (user_id, id) + onConflict user_id,id — avoid a cross-user Session.id collision rejecting the second user's save (skeleton not yet deployed, so the migration is edited in place) typecheck + build:cf green.