fix(trash): close active-query invariant leaks (review T5 important #1+#2)

T5 reviewer identified 2 reads outside NoteRepository that were missing the
'WHERE deleted_at IS NULL' filter, breaking the silent invariant beyond the
3 originally-listed methods.

- ContinuityService.get() now excludes trashed notes from streak / weekCount
  / lastNoteAt / recovery-toast math. A trashed note no longer counts toward
  weekly streak (regression: streak felt fake after trash).
- NoteRepository.getPendingCount() now excludes trashed-but-still-pending
  notes. trash() removes the pending_jobs row but leaves notes.ai_status='pending';
  the count would have drifted upward as users trashed pending notes.
- MediaGc.run() gets an inline comment documenting why it intentionally does
  NOT filter — trashed notes still own their media until permanentDelete /
  emptyTrash. Removing here would defeat restore.

Also: migrations.due_date.test.ts had 2 brittle assertions
(latestVersion()===2, user_version===2) that broke with v3. Migration-system
version assertions belong in migrations.test.ts (already covered there);
m002-specific test keeps the due_date column assertion which is version-stable.

Tests: 245 → 265 (+20). typecheck 0 errors.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/main/repository/NoteRepository.ts

@@ -345,7 +345,9 @@ export class NoteRepository {
 
   getPendingCount(): number {
     const row = this.db
-      .prepare(`SELECT COUNT(*) AS c FROM notes WHERE ai_status='pending'`)
+      .prepare(
+        `SELECT COUNT(*) AS c FROM notes WHERE ai_status='pending' AND deleted_at IS NULL`
+      )
       .get() as { c: number };
     return row.c;
   }

src/main/services/ContinuityService.ts

@@ -32,7 +32,9 @@ export class ContinuityService {
 
   get(): WeeklyContinuity {
     const rows = this.db
-      .prepare(`SELECT created_at FROM notes ORDER BY created_at ASC`)
+      .prepare(
+        `SELECT created_at FROM notes WHERE deleted_at IS NULL ORDER BY created_at ASC`
+      )
       .all() as Array<{ created_at: string }>;
     const dates = rows.map((r) => new Date(r.created_at));
     if (dates.length === 0) {

src/main/services/MediaGc.ts

@@ -6,6 +6,9 @@ export class MediaGc {
 
   async run(): Promise<{ removed: number }> {
     const dirs = await this.store.listNoteDirs();
+    // Intentionally does NOT filter `deleted_at IS NULL` — trashed notes still own
+    // their media until permanentDelete/emptyTrash. Removing dirs of soft-deleted
+    // notes here would defeat restore.
     const rows = this.db.prepare('SELECT id FROM notes').all() as Array<{ id: string }>;
     const known = new Set(rows.map((r) => r.id));
     let removed = 0;

tests/unit/ContinuityService.test.ts

@@ -88,4 +88,18 @@ describe('ContinuityService', () => {
     const svc = new ContinuityService(db, () => new Date('2026-04-25T12:00:00+09:00'));
     expect(svc.get().showRecoveryToast).toBe(false);
   });
+
+  it('excludes trashed notes from streak/recovery math (v0.2.3 #4)', () => {
+    const db = dbWithDates([
+      '2026-04-22T10:00:00+09:00',
+      '2026-04-25T11:00:00+09:00'
+    ]);
+    // 22일 노트를 trash → 25일이 마지막. 22일 미만이라 weekCount 1 이지만 lastNoteAt
+    // 은 25일 (마지막 active) 이어야 함. trashed 노트가 무시되어야 함.
+    db.prepare(`UPDATE notes SET deleted_at='2026-04-26T00:00:00Z' WHERE id='n0'`).run();
+    const svc = new ContinuityService(db, () => new Date('2026-04-25T12:00:00+09:00'));
+    const r = svc.get();
+    expect(r.weekCount).toBe(1);
+    expect(r.lastNoteAt).toBe('2026-04-25T02:00:00.000Z'); // KST 11:00 = UTC 02:00
+  });
 });

tests/unit/NoteRepository.test.ts

@@ -403,4 +403,14 @@ describe('Active queries exclude deleted notes', () => {
     expect(note).not.toBeNull();
     expect(note!.deletedAt).toBe('2026-05-01T00:00:00.000Z');
   });
+
+  it('getPendingCount() excludes trashed pending notes (drift guard)', () => {
+    const a = repo.create({ rawText: 'a' }).id; // ai_status=pending
+    repo.create({ rawText: 'b' }); // ai_status=pending
+    expect(repo.getPendingCount()).toBe(2);
+    // trash() 가 pending_jobs row 는 정리하지만 notes.ai_status 는 'pending' 그대로.
+    // getPendingCount 가 deleted_at IS NOT NULL 노트 포함하면 영구 over-count.
+    repo.trash(a, '2026-05-01T00:00:00.000Z');
+    expect(repo.getPendingCount()).toBe(1);
+  });
 });

tests/unit/migrations.due_date.test.ts

@@ -1,19 +1,11 @@
 import { describe, it, expect } from 'vitest';
 import Database from 'better-sqlite3';
-import { runMigrations, latestVersion } from '@main/db/migrations/index.js';
+import { runMigrations } from '@main/db/migrations/index.js';
 
 describe('migrations m002 due_date', () => {
-  it('latestVersion returns 2', () => {
-    expect(latestVersion()).toBe(2);
-  });
-
-  it('runMigrations on fresh DB advances user_version to 2', () => {
-    const db = new Database(':memory:');
-    runMigrations(db);
-    const row = db.pragma('user_version', { simple: true });
-    expect(row).toBe(2);
-  });
-
+  // v3 (m003 soft_delete) lands in v0.2.3 #4 — latest version + user_version
+  // assertions migrate to migrations.test.ts. Here we keep only the m002-specific
+  // assertion (due_date column existence) which is version-stable.
   it('due_date column exists with NULL default', () => {
     const db = new Database(':memory:');
     runMigrations(db);