Problem
π΄ Pre-existing architectural limitation.
π Discovered: 2026-04-23 during Gemini CLI review of dogfooding fixes #87β#92.
π File: src/server/handlers/teams.rs
π Code: handle_create_team
π Current Behavior:
handle_create_team performs SQLite writes, filesystem mutations (init_team, init_team_memory), and agent process restarts without a transaction or rollback mechanism.
β If a late-stage failure occurs (e.g. agent restart fails), DB records persist while FS state is partial.
Impact
- Severity: Low-probability in Chorus's local-first, single-user model, but high-impact if it occurs.
- Risk: Partial-state corruption on failure (DB records exist but FS is incomplete).
Precedent
All Chorus handlers that touch both DB and FS share this pattern. Fixing it requires a systemic solution, not a one-off patch.
Potential Solutions
- SQLite transactions spanning filesystem operations β Impossible without WAL + external coordination.
- Two-phase commit / compensation rollback β Staging DB writes and FS mutations, then committing or rolling back atomically.
- Shared
UnitOfWork abstraction β Survey all handlers that touch DB+FS, design a shared abstraction.
Acceptance Criteria
Related
Problem
π΄ Pre-existing architectural limitation.
π Discovered: 2026-04-23 during Gemini CLI review of dogfooding fixes #87β#92.
π File:
src/server/handlers/teams.rsπ Code:
handle_create_teamπ Current Behavior:
handle_create_teamperforms SQLite writes, filesystem mutations (init_team,init_team_memory), and agent process restarts without a transaction or rollback mechanism.β If a late-stage failure occurs (e.g. agent restart fails), DB records persist while FS state is partial.
Impact
Precedent
All Chorus handlers that touch both DB and FS share this pattern. Fixing it requires a systemic solution, not a one-off patch.
Potential Solutions
UnitOfWorkabstraction β Survey all handlers that touch DB+FS, design a shared abstraction.Acceptance Criteria
UnitOfWorkor equivalent abstractionRelated