SqliteConfig
@rotorsoft/act-root / act-sqlite/src / SqliteConfig
Interface: SqliteConfig
Defined in: libs/act-sqlite/src/sqlite-store.ts:28
SQLite store configuration
Propertiesโ
authToken?โ
optionalauthToken?:string
Defined in: libs/act-sqlite/src/sqlite-store.ts:32
Auth token for libSQL server connections (optional)
pii_encryption?โ
optionalpii_encryption?:Encryption
Defined in: libs/act-sqlite/src/sqlite-store.ts:59
Adapter-layer envelope encryption for the events.pii column.
Optional โ when present, every non-null PII payload is encrypted
before INSERT and decrypted on every read; when absent, the
column is stored and read as plaintext (the framework's default
behavior).
Cipher and wire format come from @rotorsoft/act-crypto:
AES-256-GCM with a versioned base64-framed envelope. The TEXT
column stores JSON.stringify(...)-ed values either way, so
encrypted writes land as a JSON-stringified base64 string and
plaintext writes as a JSON-stringified object. The read path
discriminates by typeof after JSON.parse โ strings get
decrypted, objects pass through โ which makes mixed-data
rollouts transparent.
forget_pii semantics are unchanged: the column is set to
NULL regardless of whether the prior value was plaintext or
ciphertext.
Encryption at rest at the storage layer (SQLite SEE, an
encrypted volume, OS-level FDE) composes orthogonally with
adapter-layer encryption. See
docs/docs/guides/pii-encryption-at-rest.md for the decision
matrix.
urlโ
url:
string
Defined in: libs/act-sqlite/src/sqlite-store.ts:30
Path to the SQLite database file (default: ":memory:")