fix(db): quote SQLCipher PRAGMA hex key to fix fresh install crash

The hex-encoded encryption key (x'...') is not valid as a bare PRAGMA
value in better-sqlite3. Wrapping it in double quotes produces valid
SQLCipher PRAGMA syntax.

Fixes #3

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

CHANGELOG.md

@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.5.4] - 2026-04-03
+
+### Fixed
+- Fix SQLCipher PRAGMA key syntax error on fresh install — hex-encoded key must be wrapped in double quotes for valid PRAGMA syntax (fixes #3)
+
 ## [0.5.3] - 2026-04-03
 
 ### Security

package.json

@@ -1,6 +1,6 @@
 {
   "name": "oikos",
-  "version": "0.5.2",
+  "version": "0.5.4",
   "description": "Selbstgehosteter Familienplaner — Kalender, Aufgaben, Einkauf, Essensplan, Budget und mehr. Privat, offen, ohne Abo.",
   "main": "server/index.js",
   "engines": {

server/db.js

@@ -33,7 +33,8 @@ function init() {
 
   if (DB_KEY) {
     // Nur wirksam wenn Binary gegen SQLCipher kompiliert ist (Docker)
-    db.pragma(`key=x'${Buffer.from(DB_KEY, 'utf8').toString('hex')}'`);
+    db.pragma(`key="x'${Buffer.from(DB_KEY, 'utf8').toString('hex')}'"`);
+
     // Sicherstellen dass die Datenbank tatsächlich entschlüsselbar ist
     try {
       db.prepare('SELECT count(*) FROM sqlite_master').get();