https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8918

The `:/@/$` sigil in name thing should be resolved... currently it tries the sigil form lookup first, then falls back to lookup without the sigil. One of the two should be officially blessed.

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8923

@Ragnarok would be interested in your feedback on this as well.

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8936

wow! very cool, I checkout asap and play with it.

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8937

Actually, it's fine.

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8940

Docs are available here: https://nix.synchro.net/jsobjs.html#SQLite_class Mostly hoping that the API is solid, actual bugs and integrating with the Windows build can follow on in master after it merges.

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8963

i just try to buld.. sems to debian13 need more recent compiler?

```
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/configure.in
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/jsnum.h
patching file js-1.8.5/js/src/ctypes/CTypes.cpp
patching file js-1.8.5/js/src/configure
Hunk #1 succeeded at 16133 (offset -101 lines).
patching file js-1.8.5/js/src/configure.in
patching file js-1.8.5/js/src/jsgcchunk.cpp
patching file js-1.8.5/js/src/jsgcchunk.cpp
/bin/sh: 1: autoconf-2.13: not found
gmake[1]: [GNUmakefile:117: ../build/../../src/../3rdp/gcc.linux.x64.debug/mozjs/lib/libmozjs185-1.0.a] Error 127 (no tiene efecto)
creating cache ./config.cache
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking build system type... x86_64-pc-linux-gnu
checking for mawk... mawk
checking for perl5... no
checking for perl... /usr/bin/perl
checking for Cygwin environment... no
checking for mingw32 environment... no
checking for executable suffix... no
checking for gcc... cc
checking whether the C compiler (cc -std=gnu17 ) works... no
configure: error: installation or configuration problem: C compiler cannot create executables.
gmake[1]: *** [GNUmakefile:121: ../build/../../src/../3rdp/gcc.linux.x64.debug/mozjs/lib/libmozjs185-1.0.a] Error 1
gmake[1]: se sale del directorio '/tmp/sbbs3/3rdp/build'
gmake: *** [/tmp/sbbs3/src/sbbs3/../build/Common.gmake:735: js] Error 2 ragnarok@ragnarok-pc:/tmp/sbbs3/src/sbbs3$ cc --version
cc (Debian 14.2.0-19) 14.2.0
Copyright (C) 2024 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
```

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8963

i just try to build.. sems to need more recent compiler on debian 13?

```
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/configure.in
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/configure
patching file js-1.8.5/js/src/jsnum.h
patching file js-1.8.5/js/src/ctypes/CTypes.cpp
patching file js-1.8.5/js/src/configure
Hunk #1 succeeded at 16133 (offset -101 lines).
patching file js-1.8.5/js/src/configure.in
patching file js-1.8.5/js/src/jsgcchunk.cpp
patching file js-1.8.5/js/src/jsgcchunk.cpp
/bin/sh: 1: autoconf-2.13: not found
gmake[1]: [GNUmakefile:117: ../build/../../src/../3rdp/gcc.linux.x64.debug/mozjs/lib/libmozjs185-1.0.a] Error 127 (no tiene efecto)
creating cache ./config.cache
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking build system type... x86_64-pc-linux-gnu
checking for mawk... mawk
checking for perl5... no
checking for perl... /usr/bin/perl
checking for Cygwin environment... no
checking for mingw32 environment... no
checking for executable suffix... no
checking for gcc... cc
checking whether the C compiler (cc -std=gnu17 ) works... no
configure: error: installation or configuration problem: C compiler cannot create executables.
gmake[1]: *** [GNUmakefile:121: ../build/../../src/../3rdp/gcc.linux.x64.debug/mozjs/lib/libmozjs185-1.0.a] Error 1
gmake[1]: se sale del directorio '/tmp/sbbs3/3rdp/build'
gmake: *** [/tmp/sbbs3/src/sbbs3/../build/Common.gmake:735: js] Error 2 ragnarok@ragnarok-pc:/tmp/sbbs3/src/sbbs3$ cc --version
cc (Debian 14.2.0-19) 14.2.0
Copyright (C) 2024 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
```

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_8968

Hrm, did you have CFLAGS or similar set in your environment?

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/merge_requests/681#note_9019

Code review pass. Overall the design is solid: clean separation of `SQLite` / `SQLiteStatement` / `SQLiteRow` (live view) / `SQLiteValue` (eager snapshot) / `SQLiteTable` / `SQLiteRecord`; injection-resistant API (exec rejects params, query/run require params when SQL has placeholders, all binding through `sqlite3_bind_*`, no escape helpers exposed); lifetime via `__sqlite_parent` rooting + generation counter for stale-row detection; `JS_SUSPENDREQUEST`/`RESUMEREQUEST` around every blocking SQLite call; `sqlite3_close_v2` so child statements stay valid after `db.close()`; thorough JSDOC strings and a comprehensive constants set.

A few findings, ranked.

### Strategic

**No Windows build wiring.** Diff updates `GNUmakefile`, `objects.mk`, and `CMakeLists.txt`, but `sbbs.vcxproj` is untouched. On Windows `js_sqlite.cpp` is simply never compiled, and the `#else` stub at `src/sbbs3/js_sqlite.cpp:4307` keeps the exported symbol satisfied Ä so it builds clean but the feature is silently absent. If Windows is in scope, the `.vcxproj` needs `js_sqlite.cpp` added and sqlite3 linked. If Linux-only is intentional, worth saying so in the MR description.

### Bugs

**1. Possible null deref on `transaction(null)` / `forEach(null)`** Ä `src/sbbs3/js_sqlite.cpp:1190` and `:1740`:
```cpp
if (argc < 1 || !JSVAL_IS_OBJECT(argv[0])
|| !JS_ObjectIsFunction(cx, JSVAL_TO_OBJECT(argv[0]))) { ... }
```
SM 1.8.5's `JSVAL_IS_OBJECT(JSVAL_NULL)` returns true (legacy quirk), so `null` passes the first check. `JSVAL_TO_OBJECT(JSVAL_NULL)` returns `NULL`, and `JS_ObjectIsFunction(cx, NULL)` derefs. The same idiom in `set_log` at `:2358` *does* guard `!JSVAL_IS_NULL(in)` first Ä that one is correct; mirror it in the other two.

**2. Duplicate `JS_IsArrayObject` call** Ä `src/sbbs3/js_sqlite.cpp:855-856`: ```cpp
JSBool is_array = JS_FALSE;
JS_IsArrayObject(cx, o); // result discarded
is_array = JS_IsArrayObject(cx, o);
```
First call is dead; looks like a copy-paste artifact. Harmless but should go.

### Minor / consistency

**3. Unchecked `JS_NewStringCopyZ`/`JS_NewStringCopyN`** in several array-building paths: `js_sqlite_row_get` at `:612`, `js_sqlite_stmt_get` (`STMT_PROP_COLUMN_NAMES`) at `:1297`, `js_conn_columns` at `:1973`/`:1978`/`:1989`. Pattern when alloc fails:
```cpp
JSString* s = JS_NewStringCopyZ(cx, cn ? cn : "");
jsval v = STRING_TO_JSVAL(s); // STRING_TO_JSVAL(NULL)  bad jsval JS_SetElement(cx, arr, i, &v); // stores garbage / masks the real OOM exception
```
Other sites in the same file *do* check (`:2848`, `:3821`, `js_conn_tables:1814`). Worth normalizing.

**4. `js_conn_transaction` if the callback closes the connection** Ä `:1757-1764`. If `argv[0]` calls `db.close()`, then `p->db` is `NULL` and the subsequent COMMIT/ROLLBACK `sqlite3_exec(p->db, ...)` hits `SQLITE_MISUSE`. Not a crash (SQLite's MISUSE path is NULL-safe), but the "ok" branch then throws something confusing. Re-check `p->db != NULL` after the call before issuing the commit/rollback.

**5. `sqlite3_bind_text` return value ignored** in `table_load_schema` Ä `:2610`, `:2635`, `:2698`. With `SQLITE_TRANSIENT` and a known-valid index these can only really fail on OOM, but the bare-call style is inconsistent with the rest of the file.

**6. Schema cache is never invalidated.** Design choice already documented at the struct doc on `:119` ("scripts that need to see post-DDL schema changes must reopen the connection"), but the `db.table` namespace JSDOC at `:4228` doesn't mention it. Users hitting `db.exec("ALTER TABLE t ADD COLUMN x ...")` followed by `db.table.t.x` will get surprised. A one-line addition to that docstring would close the gap.

### Things checked and OK

- Integer/double dispatch in `bind_jsval` with the 2^53 safe-int boundary.
- `INTEGER PRIMARY KEY`  rowid-alias detection (correctly excludes `INT`, `BIGINT`, composite PKs).
- `sql_quote_ident` worst-case sizing (`name*2 + 3`).
- `record_apply_defaults` running schema-derived SQL (explicitly trusted, commented).
- All malloc'd buffer-size calcs in `record_insert`/`update`/`remove`, `table_load_by_pk`, `table_build_select_prefix`, `table_select` Ä tight but exact.
- `pthread_once` install of the global log handler.
- `set_log` thread guard (`pthread_equal` against installing thread) and JS-VM cross-thread suppression.
- Rooting pattern (`__sqlite_parent`) keeping conns alive past statements and statements past rows.

Ä *Authored by Claude (Claude Code), on behalf of @rswindell*

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net