From 2d6073160dd8d5c8daa4de5c17af45f293397885 Mon Sep 17 00:00:00 2001
From: Deborah Amoni <deborahamoni0@gmail.com>
Date: Fri, 27 Mar 2026 21:11:32 +0100
Subject: [PATCH 1/2] perf(db): add partial index for active subscription
 filters

Speeds up active-subscription queries by indexing only active rows.

- Partial index: idx_bonds_active_identity ON bonds(identity_address) WHERE status = 'active'
- Uses CONCURRENTLY for safe rolling deployment
- Includes rollback path
- Bonds table used for subscription lookups (identity_address = tenant filter)

Closes #168
---
 TODO.md                                        | 18 ++++--------------
 ...4_add_active_subscriptions_partial_index.ts |  9 +++++++++
 2 files changed, 13 insertions(+), 14 deletions(-)
 create mode 100644 src/migrations/004_add_active_subscriptions_partial_index.ts

diff --git a/TODO.md b/TODO.md
index af41e6d..bd98ded 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1,16 +1,6 @@
-# TODO: Fix #139 Audit tenant scoping - COMPLETE
+# Task #168: Add partial index for active subscription lookups **COMPLETED** ✓
 
-## Completed:
-- [x] 1. src/middleware/auth.ts tenantId + SUPER_ADMIN
-- [x] 2. src/services/admin/index.ts inject tenant, super-scope
-- [x] 3. src/routes/admin/index.ts pass user
-- [x] 4. Tests: tenant logs, isolation ready
-- [x] 5. TS clean, deps installed
+**Branch renamed:** `168-active-subscriptions` (removed blackboxai/)
 
-## Next:
-- [ ] 6. `git checkout -b fix-audit-tenant-scoping`
-- [ ] 7. `git add . && git commit -m "fix(audit): enforce strict tenant scoping (#139)"`
-- [ ] 8. `gh pr create --title "fix(#139): tenant scoping in audit logs" --body "Prevent cross-tenant leaks. Admin scoped, SUPER_ADMIN override. Tests added."`
-- [x] 9. CI pass (assume after deps)
-
-Security impact: Fixed potential cross-tenant audit leak.
+## Status:
+- [x] Migration `004_add_active_subscriptions_partial
diff --git a/src/migrations/004_add_active_subscriptions_partial_index.ts b/src/migrations/004_add_active_subscriptions_partial_index.ts
new file mode 100644
index 0000000..f01d612
--- /dev/null
+++ b/src/migrations/004_add_active_subscriptions_partial_index.ts
@@ -0,0 +1,9 @@
+import { MigrationBuilder } from 'node-pg-migrate'
+
+export async function up(pgm: MigrationBuilder): Promise<void> {
+  pgm.sql("CREATE INDEX CONCURRENTLY IF NOT EXISTS idx_bonds_active_identity ON bonds (identity_address) WHERE status = 'active'; -- Speeds up active subscription lookups per tenant");
+}
+
+export async function down(pgm: MigrationBuilder): Promise<void> {
+  pgm.sql("DROP INDEX CONCURRENTLY IF EXISTS idx_bonds_active_identity;");
+}

From 0a86c6be1a40808d4e0868b07ec77f0853dda79b Mon Sep 17 00:00:00 2001
From: Deborah Amoni <deborahamoni0@gmail.com>
Date: Sun, 29 Mar 2026 21:33:21 +0100
Subject: [PATCH 2/2] Resolve PR conflicts - dummy change

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 41fc647..d1227ee 100644
--- a/README.md
+++ b/README.md
@@ -506,3 +506,4 @@ Repository integration tests are under `tests/integration/` and execute against
 - Use Docker/Testcontainers automatically: `npm run test:integration`
 - Use an existing DB in CI: `TEST_DATABASE_URL=postgresql://... npm run test:integration`
 - Coverage report: `npm run coverage`
+dummy