Update database migration instructions and add new migration files for OAuth and session management

- Changed `npm run db:push` to `npm run db:migrate` in CONTRIBUTING.md and README.md for consistency.
- Added a new RELEASING.md file with detailed instructions for versioning and releasing new updates.
- Introduced new migration files for OAuth token management and session handling in the drizzle/migrations directory.

Author: jpatterson933

CONTRIBUTING.md

@@ -21,14 +21,25 @@ Fathom OAuth apps require HTTPS redirect URIs, so you'll need to deploy to test
 
 ### 3. Initialize Database Schema
 
-After adding a PostgreSQL database to your Railway project (step 1.3) and copying `DATABASE_URL` to your local `.env`, create the tables:
+After adding a PostgreSQL database to your Railway project (step 1.3) and copying `DATABASE_URL` to your local `.env`:
 
 ```bash
-npm run db:push
+npm run db:migrate
 ```
 
 This connects to your Railway database and creates the required tables.
 
+### Making Database Schema Changes
+
+If your PR modifies `src/db/schema.ts`:
+
+1. Make your schema changes
+2. Run `npm run db:generate` to create a migration file
+3. Run `npm run db:migrate` to apply it to your Railway database
+4. Commit both the schema change and the new migration file in `drizzle/migrations/`
+
+> **Note**: After your PR is merged, a maintainer will run migrations against staging/production. This may change in the future.
+
 ### 4. Test Your Changes
 
 1. Make changes locally
@@ -59,10 +70,13 @@ src/
 
 ## Pull Requests
 
-1. Create a feature branch from `main`
+1. Create a feature branch from `staging`
 2. Make your changes
 3. Run `npm run ci` to ensure all checks pass
-4. Submit a PR with a clear description of what changed and why
+4. Open a PR **targeting the `staging` branch** (not `main`)
+5. Include a clear description of what changed and why
+
+> **Important**: All PRs should be opened against `staging`. The `main` branch is reserved for production releases.
 
 ## Reporting Issues
 

README.md

@@ -138,13 +138,13 @@ Set these in your hosting provider's dashboard (as well as your local .env file
 Run migrations after first deploy:
 
 ```bash
-npm run db:push
+npm run db:migrate
 ```
 
 Or via Railway CLI:
 
 ```bash
-railway run npm run db:push
+railway run npm run db:migrate
 ```
 
 ### 5. Connect Claude
@@ -190,6 +190,10 @@ https://developers.fathom.ai/llms.txt
 
 See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.
 
+## Releasing
+
+See [RELEASING.md](RELEASING.md) for version and release instructions.
+
 ## License
 
 MIT License - see [LICENSE](LICENSE) for details.

RELEASING.md

@@ -0,0 +1,73 @@
+# Releasing a New Version
+
+## Prerequisites
+
+- All changes merged from `staging` → `main`
+- You're on the `main` branch locally
+
+## Steps
+
+### 1. Checkout and pull main
+
+```bash
+git checkout main
+git pull origin main
+```
+
+### 2. Bump the version
+
+Run ONE of these commands in your terminal:
+
+```bash
+npm version patch   # 1.0.0 → 1.0.1 (bug fixes)
+npm version minor   # 1.0.0 → 1.1.0 (new features)
+npm version major   # 1.0.0 → 2.0.0 (breaking changes)
+```
+
+This command does three things automatically:
+- Updates `version` in `package.json`
+- Creates a git commit (e.g., "v1.0.1")
+- Creates a git tag (e.g., `v1.0.1`)
+
+### 3. Push the commit and tag
+
+```bash
+git push origin main --tags
+```
+
+### 4. Create the GitHub Release
+
+1. Go to the repo on GitHub
+2. Click **Releases** (right sidebar)
+3. Click **Draft a new release**
+4. **Choose a tag**: Select the tag you just pushed (e.g., `v1.0.1`)
+5. **Release title**: Same as tag (e.g., `v1.0.1`)
+6. **Description**: Write what changed (see example below)
+7. Click **Publish release**
+
+### Example Release Notes
+
+```markdown
+## What's New
+
+- Added support for X
+- Improved performance of Y
+
+## Bug Fixes
+
+- Fixed issue with Z
+
+## Breaking Changes
+
+- None
+```
+
+> **Tip**: Click "Generate release notes" in GitHub to auto-generate a commit list, then edit it to be human-readable.
+
+## Version Naming
+
+| Type | When to use | Example |
+|------|-------------|---------|
+| **patch** | Bug fixes, minor improvements | 1.0.0 → 1.0.1 |
+| **minor** | New features, backward compatible | 1.0.0 → 1.1.0 |
+| **major** | Breaking changes | 1.0.0 → 2.0.0 |

drizzle/migrations/0000_overjoyed_kulan_gath.sql

@@ -0,0 +1,73 @@
+CREATE TABLE "fathom_oauth_tokens" (
+	"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
+	"user_id" text NOT NULL,
+	"access_token" text NOT NULL,
+	"refresh_token" text NOT NULL,
+	"expires_at" timestamp NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"updated_at" timestamp DEFAULT now() NOT NULL,
+	CONSTRAINT "fathom_oauth_tokens_user_id_unique" UNIQUE("user_id")
+);
+--> statement-breakpoint
+CREATE TABLE "mcp_server_access_tokens" (
+	"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
+	"token" text NOT NULL,
+	"user_id" text NOT NULL,
+	"scope" text DEFAULT 'fathom:read' NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"expires_at" timestamp NOT NULL,
+	CONSTRAINT "mcp_server_access_tokens_token_unique" UNIQUE("token")
+);
+--> statement-breakpoint
+CREATE TABLE "mcp_server_authorization_codes" (
+	"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
+	"code" text NOT NULL,
+	"user_id" text NOT NULL,
+	"client_id" text NOT NULL,
+	"client_redirect_uri" text NOT NULL,
+	"client_code_challenge" text,
+	"client_code_challenge_method" text,
+	"scope" text DEFAULT 'fathom:read' NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"expires_at" timestamp NOT NULL,
+	"used" timestamp,
+	CONSTRAINT "mcp_server_authorization_codes_code_unique" UNIQUE("code")
+);
+--> statement-breakpoint
+CREATE TABLE "mcp_server_oauth_clients" (
+	"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
+	"client_id" text NOT NULL,
+	"client_secret" text,
+	"client_name" text,
+	"redirect_uris" json NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	CONSTRAINT "mcp_server_oauth_clients_client_id_unique" UNIQUE("client_id")
+);
+--> statement-breakpoint
+CREATE TABLE "mcp_server_oauth_states" (
+	"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
+	"state" text NOT NULL,
+	"client_id" text NOT NULL,
+	"client_redirect_uri" text NOT NULL,
+	"client_state" text NOT NULL,
+	"client_code_challenge" text,
+	"client_code_challenge_method" text,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"expires_at" timestamp NOT NULL,
+	CONSTRAINT "mcp_server_oauth_states_state_unique" UNIQUE("state")
+);
+--> statement-breakpoint
+CREATE TABLE "mcp_sessions" (
+	"session_id" uuid PRIMARY KEY NOT NULL,
+	"user_id" text NOT NULL,
+	"created_at" timestamp DEFAULT now() NOT NULL,
+	"expires_at" timestamp NOT NULL,
+	"terminated_at" timestamp
+);
+--> statement-breakpoint
+CREATE INDEX "fathom_oauth_tokens_expires_at_idx" ON "fathom_oauth_tokens" USING btree ("expires_at");--> statement-breakpoint
+CREATE INDEX "mcp_server_access_tokens_expires_at_idx" ON "mcp_server_access_tokens" USING btree ("expires_at");--> statement-breakpoint
+CREATE INDEX "mcp_server_authorization_codes_expires_at_idx" ON "mcp_server_authorization_codes" USING btree ("expires_at");--> statement-breakpoint
+CREATE INDEX "mcp_server_oauth_states_expires_at_idx" ON "mcp_server_oauth_states" USING btree ("expires_at");--> statement-breakpoint
+CREATE INDEX "mcp_sessions_expires_at_idx" ON "mcp_sessions" USING btree ("expires_at");--> statement-breakpoint
+CREATE INDEX "mcp_sessions_terminated_at_idx" ON "mcp_sessions" USING btree ("terminated_at");