Phase 1 of the parent/child rollup feature. Self-FK on properties
with ON DELETE RESTRICT, plus a CHECK that blocks self-reference at
the DB level. Service-layer helpers (getDescendantIds,
getAncestorIds, assertNoCycle) walk the tree via recursive CTEs and
guard against cycles and cross-company parents. softDeleteProperty
now refuses to delete a property with live children.
No UI yet — readers and roll-up routes land in Phase 2.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Pin Node 24 via .node-version/.nvmrc and pnpm 9.15.0 via
package.json#packageManager. Regenerate lockfile as pnpm-lock.yaml.
Rewrite README setup + scripts table around pnpm, and add a
production deployment guide covering systemd, nginx, upgrades,
rollback, and backups.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- expense_kind enum (utilities + maintenance/repair/cleaning/insurance/tax/rent/other)
- property_expenses table with optional link to a property_accounts row
(preserves history via ON DELETE SET NULL)
- services/expenses.ts: CRUD + 12-month monthly series aggregation +
year-to-date summary by kind
- /properties/[id]/expenses tab: inline SVG line chart for electricity +
water last 12 months (no chart library), summary card, add/edit/delete
inline with account linking when kind matches
Stack matches sibling buildfor_life_* apps: SvelteKit 5 with adapter-node,
Svelte 5 runes, TypeScript, Tailwind v4 with @theme inline tokens,
PostgreSQL via Drizzle ORM, Argon2id sessions via @node-rs/argon2 and
@oslojs/crypto, EasyMDE ready for wiki/decision markdown, Sharp for
thumbnails.
Included in this commit:
- Config: package.json, svelte.config.js, vite.config.ts, tsconfig.json,
drizzle.config.ts, .gitignore, .env.example, .gitattributes, .npmrc
- Tenancy schema: companies, users, company_users, sessions
(10 enums pre-declared for the full domain so downstream migrations
don't re-diff them; decision_scope widened to include asset +
work_package per product decision)
- Auth: password hashing + SHA-256-hashed session cookies,
session lifetime 30d with sliding renewal at T-15d,
login + logout + session refresh in hooks
- Storage: StorageAdapter interface + LocalDiskStorage with HMAC-signed
URLs served by /api/files, S3 drop-in with zero schema change
- UI shell: dark-mode bootstrap in app.html identical to siblings,
sidebar (w-64, h-14 header, amber attention band pattern from repair),
topbar with breadcrumbs, theme toggle with cross-tab sync via
storage event, blue-600 primary, responsive drawer
- Routes: (app) authed group with auto-redirect to /login,
(auth) login group, dashboard placeholder, error page, signed-file API
- Scripts: create-user script for bootstrapping first admin user
- Drizzle: initial migration generated (0000_init.sql)
- Shared agents and skills committed under .claude/; per-user
permissions gitignored
Typecheck: 0 errors / 0 warnings across 555 files.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
grabowski