npm - @chude/memory - Versions diffs - 4.0.0 → 4.0.2 - Mend

@chude/memory 4.0.0 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

package/dist/infrastructure/capabilities/capability-status.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import type { CapabilityInteropStatus, MaskedCapabilityReference } from "../../domain/ports/capability.js";
+import type { MemoryConfig } from "../hooks/config-manager.js";
+export type CapabilityCommandResolver = (command: string) => string | null;
+export interface CapabilityStatusOptions {
+    env?: NodeJS.ProcessEnv | undefined;
+    platform?: NodeJS.Platform | undefined;
+    commandResolver?: CapabilityCommandResolver | undefined;
+}
+export declare function checkCapabilityInterop(config: MemoryConfig, options?: CapabilityStatusOptions): CapabilityInteropStatus;
+export declare function maskCapabilityReference(rawReference: string): MaskedCapabilityReference;

package/dist/infrastructure/capabilities/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { checkCapabilityInterop, maskCapabilityReference, type CapabilityCommandResolver, type CapabilityStatusOptions, } from "./capability-status.js";

package/dist/infrastructure/database/event-log.d.ts CHANGED Viewed

@@ -1,22 +1,54 @@
 /**
- * Event-Log SSOT Manager
+ * Event-log SSOT manager.
  *
- * Manages the append-only JSONL event log as the source of truth (SSOT),
- * and handles playing back events to rebuild database projections.
+ * v2 JSONL records are canonical MemoryEventEnvelope entries. Legacy v1
+ * fact-shaped records remain readable through the adapter below.
  */
 import type { Database } from "bun:sqlite";
+import { type ProjectionReplayResult } from "../../application/services/projection-registry.js";
 import { Fact } from "../../domain/entities/fact.js";
+import { MemoryEventEnvelope } from "../../domain/entities/memory-event.js";
+export interface InvalidEventLogLine {
+    filePath: string;
+    lineNumber: number;
+    line: string;
+    reason: string;
+}
+export interface EventReadReport {
+    events: MemoryEventEnvelope[];
+    invalidEvents: InvalidEventLogLine[];
+}
+export interface ProjectionRebuildReport {
+    invalidEvents: number;
+    invalidEventLines: InvalidEventLogLine[];
+    replay: ProjectionReplayResult;
+}
 /**
- * Append a serialized Fact entity into the plain-text event log.
+ * Append a Fact through the canonical v2 event envelope.
  */
 export declare function appendEvent(fact: Fact, logPath?: string): Promise<void>;
 /**
- * Read all Fact events sequentially from the plain-text event log.
- * Yields Fact entities.
+ * Append a canonical memory event envelope into the plain-text event log.
+ */
+export declare function appendMemoryEvent(memoryEvent: MemoryEventEnvelope, logPath?: string): Promise<void>;
+/**
+ * Read canonical memory events from one explicit log file or all known event
+ * logs. Invalid lines are skipped; use readMemoryEventsWithReport for evidence.
+ */
+export declare function readMemoryEvents(logPath?: string, eventsDir?: string): AsyncGenerator<MemoryEventEnvelope, void, unknown>;
+/**
+ * Read canonical memory events with structured invalid-line reporting.
+ */
+export declare function readMemoryEventsWithReport(logPath?: string, eventsDir?: string): Promise<EventReadReport>;
+/**
+ * Compatibility API: read event log records as Fact entities.
  */
 export declare function readEvents(logPath?: string, eventsDir?: string): AsyncGenerator<Fact, void, unknown>;
 /**
- * Completely wipe the derived database projections and play back the entire
- * plain-text events.jsonl timeline sequentially to rebuild the SQLite database.
+ * Rebuild derived database projections from the canonical event log.
  */
 export declare function rebuildProjections(db: Database, logPath?: string, eventsDir?: string): Promise<void>;
+/**
+ * Rebuild derived database projections and return replay evidence.
+ */
+export declare function rebuildProjectionsWithReport(db: Database, logPath?: string, eventsDir?: string): Promise<ProjectionRebuildReport>;

package/dist/infrastructure/database/health-checker.d.ts CHANGED Viewed

@@ -11,7 +11,10 @@
  * - Configuration validation
  */
 import { Database } from "bun:sqlite";
-import { type HookStatus } from "../hooks/index.js";
+import { type MemoryConfig, type HookStatus } from "../hooks/index.js";
+import { type ProviderEgressAssessment } from "../providers/provider-egress-policy.js";
+import { type CapabilityStatusOptions } from "../capabilities/index.js";
+import type { CapabilityInteropStatus } from "../../domain/ports/capability.js";
 /**
  * Database health status
  */
@@ -118,6 +121,16 @@ export interface LlmExtractionHealth {
     /** Reason for readiness status */
     readyReason?: string | undefined;
 }
+export interface ProviderEgressHealth {
+    /** Configured consent state */
+    consent: MemoryConfig["providerEgress"]["consent"];
+    /** Embedding provider egress assessment, or disabled when embeddings are off */
+    embedding: ProviderEgressAssessment;
+    /** LLM extraction provider egress assessment */
+    llmExtraction: ProviderEgressAssessment;
+    /** User-visible warnings for allowed remote egress */
+    warnings: string[];
+}
 /**
  * Complete health check result
  */
@@ -138,6 +151,10 @@ export interface HealthCheckResult {
     searchCapability: SearchCapability;
     /** LLM extraction provider status */
     llmExtraction: LlmExtractionHealth;
+    /** Remote provider egress consent and allowlist status */
+    providerEgress: ProviderEgressHealth;
+    /** Optional capability provider diagnostics with masked references only */
+    capabilityInterop: CapabilityInteropStatus;
 }
 /**
  * Test path overrides for testing
@@ -155,6 +172,8 @@ export interface HealthCheckOverrides {
     hookOverrides?: import("../hooks/settings-manager.js").PathOverrides | undefined;
     /** Optional pre-calculated hook status to avoid redundant file reads */
     preCalculatedHookStatus?: HookStatus | undefined;
+    /** Optional capability-status overrides for deterministic tests */
+    capabilityInterop?: CapabilityStatusOptions | undefined;
 }
 /**
  * Check database integrity using PRAGMA integrity_check
@@ -231,6 +250,8 @@ export declare function checkEmbeddingConfig(configPath?: string): EmbeddingHeal
  * @returns LLM extraction health status
  */
 export declare function checkLlmExtractionHealth(configPath?: string): LlmExtractionHealth;
+export declare function checkProviderEgressHealth(configPath?: string): ProviderEgressHealth;
+export declare function checkCapabilityInteropHealth(configPath?: string, options?: CapabilityStatusOptions): CapabilityInteropStatus;
 /**
  * Run comprehensive health check
  *

package/dist/infrastructure/database/index.d.ts CHANGED Viewed

@@ -4,8 +4,8 @@
  * Provides SQLite database initialization, schema management,
  * and connection utilities for memory.
  */
-export { SCHEMA_SQL, createSchema, checkFts5Support, SESSIONS_TABLE, MESSAGES_META_TABLE, MESSAGES_FTS_TABLE, TOOL_USES_TABLE, LINKS_TABLE, TOPICS_TABLE, EXTRACTION_STATE_TABLE, EMBEDDING_STATE_TABLE, EMBEDDING_STATE_ADD_MODEL_NAME, MESSAGE_EMBEDDINGS_TABLE, FRICTION_LOG_TABLE, BACKFILL_STATE_TABLE, type SchemaOptions, } from "./schema.js";
+export { SCHEMA_SQL, createSchema, checkFts5Support, SESSIONS_TABLE, MESSAGES_META_TABLE, MESSAGES_FTS_TABLE, TOOL_USES_TABLE, LINKS_TABLE, TOPICS_TABLE, EXTRACTION_STATE_TABLE, EMBEDDING_STATE_TABLE, EMBEDDING_STATE_ADD_MODEL_NAME, MESSAGE_EMBEDDINGS_TABLE, FRICTION_LOG_TABLE, BACKFILL_STATE_TABLE, MEMORY_GOVERNANCE_TABLE, MEMORY_GOVERNANCE_EVENTS_TABLE, PERSONA_ENTRIES_TABLE, GRAPH_EDGES_TABLE, MEMORY_UTILITY_METRICS_TABLE, type SchemaOptions, } from "./schema.js";
 export { initializeDatabase, initializeDatabaseSafe, closeDatabase, checkpointDatabase, bulkOperationCheckpoint, getDefaultDbPath, type DatabaseConfig, type DatabaseInitResult, type CheckpointResult, } from "./connection.js";
-export { SqliteSessionRepository, SqliteMessageRepository, SqliteExtractionStateRepository, SqliteToolUseRepository, SqliteLinkRepository, type BatchResult, type BatchOptions, type RelatedLink, EmbeddingRepository, type UnembeddedMessage, type EmbeddingBatchItem, SqliteFrictionRepository, SqliteBackfillStateRepository, } from "./repositories/index.js";
+export { SqliteSessionRepository, SqliteMessageRepository, SqliteExtractionStateRepository, SqliteToolUseRepository, SqliteLinkRepository, type BatchResult, type BatchOptions, type RelatedLink, EmbeddingRepository, type UnembeddedMessage, type EmbeddingBatchItem, SqliteFrictionRepository, SqliteBackfillStateRepository, SqliteMemoryGovernanceRepository, SqlitePersonaRepository, SqliteGraphRepository, SqliteMemoryUtilityRepository, } from "./repositories/index.js";
 export { Fts5SearchService, HybridSearchService, type HybridSearchDeps, type SearchMeta, SqliteStatsService, SqliteContextService, SqliteProjectResolver, type ProjectContext, type ContextOptions, type ToolUsage, } from "./services/index.js";
-export { checkDatabaseIntegrity, checkQuickIntegrity, checkDirectoryPermissions, checkConfigValidity, checkHookStatus, checkSqliteVecAvailability, checkEmbeddingConfig, runHealthCheck, type DatabaseHealth, type PermissionsHealth, type HooksHealth, type ConfigHealth, type EmbeddingHealth, type SqliteVecHealth, type HealthCheckResult, type HealthCheckOverrides, type SearchCapability, } from "./health-checker.js";
+export { checkDatabaseIntegrity, checkQuickIntegrity, checkDirectoryPermissions, checkConfigValidity, checkHookStatus, checkSqliteVecAvailability, checkEmbeddingConfig, checkProviderEgressHealth, checkCapabilityInteropHealth, runHealthCheck, type DatabaseHealth, type PermissionsHealth, type HooksHealth, type ConfigHealth, type EmbeddingHealth, type SqliteVecHealth, type HealthCheckResult, type HealthCheckOverrides, type SearchCapability, type ProviderEgressHealth, } from "./health-checker.js";

package/dist/infrastructure/database/repositories/embedding-repository.d.ts CHANGED Viewed

@@ -10,8 +10,8 @@
  * table is a vec0 virtual table storing the actual vector data.
  */
 import type { Database } from "bun:sqlite";
-import type { IEmbeddingRepository, UnembeddedMessage, EmbeddingBatchItem } from "../../../domain/ports/repositories.js";
-export type { UnembeddedMessage, EmbeddingBatchItem };
+import type { IEmbeddingRepository, UnembeddedMessage, EmbeddingBatchItem, EmbeddingSkipRecordInput } from "../../../domain/ports/repositories.js";
+export type { UnembeddedMessage, EmbeddingBatchItem, EmbeddingSkipRecordInput };
 /**
  * A vector KNN search result row.
  */
@@ -35,12 +35,26 @@ export declare class EmbeddingRepository implements IEmbeddingRepository {
      * Find messages that have not yet been embedded.
      *
      * Uses LEFT JOIN on messages_meta and embedding_state to find
-     * messages without a corresponding embedding_state row.
+     * messages without a corresponding embedding_state row. When a model hash
+     * is supplied, rows skipped for that exact model are also excluded so
+     * deterministic oversize failures do not block later batches.
      *
      * @param limit Maximum number of messages to return
+     * @param modelHash Optional model hash for model-scoped skip filtering
      * @returns Array of unembedded messages ordered by rowid ASC
      */
-    findUnembedded(limit: number): UnembeddedMessage[];
+    findUnembedded(limit: number, modelHash?: string): UnembeddedMessage[];
+    /**
+     * Persist a sanitized skip record for a message/model pair.
+     *
+     * The record is idempotent for message + model + reason. It stores a hash
+     * and byte count instead of raw content.
+     */
+    markSkipped(record: EmbeddingSkipRecordInput): void;
+    /**
+     * Count skipped messages, optionally for a specific model hash.
+     */
+    getSkippedCount(modelHash?: string): number;
     /**
      * Store a batch of embeddings in a single transaction.
      *

package/dist/infrastructure/database/repositories/friction-repository.d.ts CHANGED Viewed

@@ -5,7 +5,7 @@
  * Provides full CRUD, stats aggregation via SQL, and weekly trend analysis.
  */
 import type { Database } from "bun:sqlite";
-import type { IFrictionRepository, FrictionStats, FrictionPattern } from "../../../domain/ports/repositories.js";
+import type { IFrictionRepository, FrictionStats, FrictionPattern, FrictionQueryOptions, FrictionQueryResult } from "../../../domain/ports/repositories.js";
 import { FrictionEntry, type FrictionCategory, type FrictionStatus } from "../../../domain/entities/friction-entry.js";
 /**
  * SQLite implementation of IFrictionRepository.
@@ -26,6 +26,7 @@ export declare class SqliteFrictionRepository implements IFrictionRepository {
         sourceProject?: string;
         limit?: number;
     }): Promise<FrictionEntry[]>;
+    query(options?: FrictionQueryOptions): Promise<FrictionQueryResult>;
     resolve(id: number, resolution: string): Promise<void>;
     updateStatus(id: number, status: FrictionStatus): Promise<void>;
     getStats(): Promise<FrictionStats>;

package/dist/infrastructure/database/repositories/graph-repository.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { Database } from "bun:sqlite";
+import { GraphEdge } from "../../../domain/entities/graph-edge.js";
+import type { GraphEdgeQueryOptions, IGraphRepository } from "../../../domain/ports/repositories.js";
+export declare class SqliteGraphRepository implements IGraphRepository {
+    private readonly db;
+    constructor(db: Database);
+    save(edge: GraphEdge): Promise<GraphEdge>;
+    saveMany(edges: GraphEdge[]): Promise<GraphEdge[]>;
+    findByEdgeId(edgeId: string): Promise<GraphEdge | null>;
+    findCurrent(options?: GraphEdgeQueryOptions): Promise<GraphEdge[]>;
+    pruneStale(cutoff: Date): Promise<number>;
+    deleteByProject(project: string): Promise<void>;
+    clearAll(): Promise<void>;
+    private toSqlParams;
+    private toEntity;
+    private nodeFromRow;
+}

package/dist/infrastructure/database/repositories/index.d.ts CHANGED Viewed

@@ -15,3 +15,7 @@ export { SqliteFrictionRepository } from "./friction-repository.js";
 export { SqliteBackfillStateRepository } from "./backfill-state-repository.js";
 export { SqliteFactRepository } from "./fact-repository.js";
 export { SqliteExtractionLogRepository } from "./extraction-log-repository.js";
+export { SqliteMemoryGovernanceRepository, governanceEntryFromFactEvent, } from "./memory-governance-repository.js";
+export { SqlitePersonaRepository } from "./persona-repository.js";
+export { SqliteGraphRepository } from "./graph-repository.js";
+export { SqliteMemoryUtilityRepository } from "./memory-utility-repository.js";

package/dist/infrastructure/database/repositories/memory-governance-repository.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * SQLite implementation of IMemoryGovernanceRepository.
+ */
+import type { Database } from "bun:sqlite";
+import { MemoryGovernanceEntry, type MemoryGovernanceSurface } from "../../../domain/entities/memory-governance.js";
+import type { MemoryEventEnvelope } from "../../../domain/entities/memory-event.js";
+import type { IMemoryGovernanceRepository, MemoryGovernanceListOptions } from "../../../domain/ports/repositories.js";
+export declare class SqliteMemoryGovernanceRepository implements IMemoryGovernanceRepository {
+    private readonly db;
+    constructor(db: Database);
+    save(entry: MemoryGovernanceEntry): Promise<MemoryGovernanceEntry>;
+    findByTarget(surface: MemoryGovernanceSurface, targetId: string): Promise<MemoryGovernanceEntry | null>;
+    findByTargetIds(surface: MemoryGovernanceSurface, targetIds: string[]): Promise<MemoryGovernanceEntry[]>;
+    findAll(options?: MemoryGovernanceListOptions): Promise<MemoryGovernanceEntry[]>;
+    applyMemoryEvent(event: MemoryEventEnvelope): Promise<MemoryGovernanceEntry | null>;
+    clearAll(): Promise<void>;
+    private toSqlParams;
+    private toEntity;
+    private recordGovernanceEvent;
+}
+export declare function governanceEntryFromFactEvent(event: MemoryEventEnvelope, factUuid: string, project: string): MemoryGovernanceEntry;

package/dist/infrastructure/database/repositories/memory-utility-repository.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { Database } from "bun:sqlite";
+import { MemoryUtilityMetric, type MemoryUtilitySurface } from "../../../domain/entities/memory-utility-metric.js";
+import type { IMemoryUtilityRepository } from "../../../domain/ports/repositories.js";
+export declare class SqliteMemoryUtilityRepository implements IMemoryUtilityRepository {
+    private readonly db;
+    constructor(db: Database);
+    save(metric: MemoryUtilityMetric): Promise<MemoryUtilityMetric>;
+    findByTarget(surface: MemoryUtilitySurface, targetId: string): Promise<MemoryUtilityMetric | null>;
+    findByTargetIds(surface: MemoryUtilitySurface, targetIds: string[]): Promise<MemoryUtilityMetric[]>;
+    recordAccess(surface: MemoryUtilitySurface, targetId: string, accessedAt: Date): Promise<MemoryUtilityMetric>;
+    deleteByProject(project: string): Promise<void>;
+    clearAll(): Promise<void>;
+    private toSqlParams;
+    private toEntity;
+}

package/dist/infrastructure/database/repositories/persona-repository.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import type { Database } from "bun:sqlite";
+import { PersonaEntry } from "../../../domain/entities/persona-entry.js";
+import type { IPersonaRepository, PersonaContextOptions, PersonaListOptions } from "../../../domain/ports/repositories.js";
+export declare class SqlitePersonaRepository implements IPersonaRepository {
+    private readonly db;
+    constructor(db: Database);
+    save(entry: PersonaEntry): Promise<PersonaEntry>;
+    saveMany(entries: PersonaEntry[]): Promise<PersonaEntry[]>;
+    findByEntryId(entryId: string): Promise<PersonaEntry | null>;
+    findAll(options?: PersonaListOptions): Promise<PersonaEntry[]>;
+    findForContext(project: string, options?: PersonaContextOptions): Promise<PersonaEntry[]>;
+    deleteByProject(project: string): Promise<void>;
+    clearAll(): Promise<void>;
+    private toSqlParams;
+    private toEntity;
+}

package/dist/infrastructure/database/schema.d.ts CHANGED Viewed

@@ -128,6 +128,44 @@ export declare const FACTS_FTS_TRIGGERS = "\nCREATE TRIGGER IF NOT EXISTS facts_
  * Extraction log table - tracks run logs of LLM fact extraction.
  */
 export declare const EXTRACTION_LOG_TABLE = "\nCREATE TABLE IF NOT EXISTS extraction_log (\n    session_id TEXT PRIMARY KEY,\n    mode TEXT NOT NULL,\n    facts_added INTEGER DEFAULT 0,\n    facts_updated INTEGER DEFAULT 0,\n    facts_superseded INTEGER DEFAULT 0,\n    facts_skipped INTEGER DEFAULT 0,\n    provider TEXT NOT NULL,\n    model TEXT NOT NULL,\n    tokens_consumed INTEGER DEFAULT 0,\n    extracted_at TEXT NOT NULL\n);\n";
+/**
+ * Governance projection table - current consent/provenance/control state for
+ * derived memory entries across all user-visible and agent-visible surfaces.
+ */
+export declare const MEMORY_GOVERNANCE_TABLE = "\nCREATE TABLE IF NOT EXISTS memory_governance (\n    id INTEGER PRIMARY KEY AUTOINCREMENT,\n    surface TEXT NOT NULL CHECK (surface IN ('fact', 'context', 'provider_egress', 'remote_sync', 'friction', 'evaluation', 'persona', 'graph', 'ranking', 'dream', 'projection')),\n    target_id TEXT NOT NULL,\n    project TEXT,\n    visibility TEXT NOT NULL CHECK (visibility IN ('project', 'workspace', 'global')),\n    source_event_ids TEXT NOT NULL,\n    transformation_method TEXT NOT NULL,\n    actor TEXT NOT NULL,\n    confidence REAL NOT NULL CHECK (confidence >= 0 AND confidence <= 1),\n    redaction_state TEXT NOT NULL CHECK (redaction_state IN ('none', 'redacted', 'quarantined')),\n    consent_status TEXT NOT NULL CHECK (consent_status IN ('not_required', 'granted', 'denied', 'revoked')),\n    consent_scopes TEXT NOT NULL,\n    scope TEXT NOT NULL,\n    status TEXT NOT NULL CHECK (status IN ('active', 'pending_review', 'suppressed', 'invalidated', 'expired')),\n    status_reason TEXT,\n    created_at TEXT NOT NULL,\n    updated_at TEXT NOT NULL,\n    reviewed_at TEXT,\n    expires_at TEXT,\n    last_event_id TEXT,\n    UNIQUE(surface, target_id)\n);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_surface ON memory_governance(surface);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_project ON memory_governance(project);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_status ON memory_governance(status);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_target ON memory_governance(surface, target_id);\n";
+/**
+ * Governance event audit table - every replayed governance/consent control
+ * event. This keeps manual controls inspectable without reading JSONL logs.
+ */
+export declare const MEMORY_GOVERNANCE_EVENTS_TABLE = "\nCREATE TABLE IF NOT EXISTS memory_governance_events (\n    event_id TEXT PRIMARY KEY,\n    kind TEXT NOT NULL CHECK (kind IN ('governance', 'consent')),\n    control TEXT NOT NULL,\n    surface TEXT NOT NULL,\n    target_id TEXT NOT NULL,\n    actor TEXT NOT NULL,\n    reason TEXT,\n    occurred_at TEXT NOT NULL,\n    payload TEXT NOT NULL\n);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_events_target ON memory_governance_events(surface, target_id);\nCREATE INDEX IF NOT EXISTS idx_memory_governance_events_occurred ON memory_governance_events(occurred_at);\n";
+/**
+ * Persona/profile projection table.
+ *
+ * Derived from canonical fact events and friction patterns. Governance for
+ * whether entries may be used lives in memory_governance(surface='persona').
+ */
+export declare const PERSONA_ENTRIES_TABLE = "\nCREATE TABLE IF NOT EXISTS persona_entries (\n    id INTEGER PRIMARY KEY AUTOINCREMENT,\n    entry_id TEXT UNIQUE NOT NULL,\n    kind TEXT NOT NULL CHECK (kind IN ('preference', 'procedure', 'correction', 'decision_pattern', 'friction_pattern')),\n    content TEXT NOT NULL,\n    project TEXT,\n    visibility TEXT NOT NULL CHECK (visibility IN ('project', 'workspace', 'global')),\n    source_event_ids TEXT NOT NULL,\n    source_kinds TEXT NOT NULL,\n    confidence REAL NOT NULL CHECK (confidence >= 0 AND confidence <= 1),\n    scope TEXT NOT NULL,\n    review_status TEXT NOT NULL CHECK (review_status IN ('pending_review', 'reviewed')),\n    review_after TEXT NOT NULL,\n    expires_at TEXT,\n    why TEXT NOT NULL,\n    created_at TEXT NOT NULL,\n    updated_at TEXT NOT NULL\n);\nCREATE INDEX IF NOT EXISTS idx_persona_entries_project ON persona_entries(project);\nCREATE INDEX IF NOT EXISTS idx_persona_entries_kind ON persona_entries(kind);\nCREATE INDEX IF NOT EXISTS idx_persona_entries_visibility ON persona_entries(visibility);\n";
+/**
+ * Temporal semantic graph edge projection table.
+ *
+ * Derived from canonical fact events and extraction metadata. Governance for
+ * whether edges may be used lives in memory_governance(surface='graph').
+ */
+export declare const GRAPH_EDGES_TABLE = "\nCREATE TABLE IF NOT EXISTS graph_edges (\n    id INTEGER PRIMARY KEY AUTOINCREMENT,\n    edge_id TEXT UNIQUE NOT NULL,\n    source_type TEXT NOT NULL CHECK (source_type IN ('project', 'tool', 'person', 'decision', 'error', 'plan', 'file', 'command', 'capability')),\n    source_id TEXT NOT NULL,\n    source_label TEXT NOT NULL,\n    target_type TEXT NOT NULL CHECK (target_type IN ('project', 'tool', 'person', 'decision', 'error', 'plan', 'file', 'command', 'capability')),\n    target_id TEXT NOT NULL,\n    target_label TEXT NOT NULL,\n    relationship TEXT NOT NULL,\n    project TEXT,\n    visibility TEXT NOT NULL CHECK (visibility IN ('project', 'workspace', 'global')),\n    source_event_ids TEXT NOT NULL,\n    source_kinds TEXT NOT NULL,\n    confidence REAL NOT NULL CHECK (confidence >= 0 AND confidence <= 1),\n    valid_from TEXT NOT NULL,\n    valid_to TEXT,\n    why TEXT NOT NULL,\n    metadata TEXT,\n    created_at TEXT NOT NULL,\n    updated_at TEXT NOT NULL\n);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_edge_id ON graph_edges(edge_id);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_project ON graph_edges(project);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_scope ON graph_edges(project, visibility);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_source ON graph_edges(source_type, source_id);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_target ON graph_edges(target_type, target_id);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_relationship ON graph_edges(relationship);\nCREATE INDEX IF NOT EXISTS idx_graph_edges_temporal ON graph_edges(valid_from, valid_to, confidence);\n";
+/**
+ * Utility/ranking metrics for governed memory surfaces.
+ *
+ * The table is surface-agnostic so Phase 41 can rank current fact/persona/graph
+ * projections and future link/dream projections without schema churn.
+ */
+export declare const MEMORY_UTILITY_METRICS_TABLE = "\nCREATE TABLE IF NOT EXISTS memory_utility_metrics (\n    id INTEGER PRIMARY KEY AUTOINCREMENT,\n    surface TEXT NOT NULL CHECK (surface IN ('fact', 'persona', 'graph', 'link', 'dream')),\n    target_id TEXT NOT NULL,\n    project TEXT,\n    access_count INTEGER NOT NULL DEFAULT 0 CHECK (access_count >= 0),\n    last_accessed_at TEXT,\n    last_ranked_at TEXT,\n    utility_score REAL NOT NULL DEFAULT 0.5 CHECK (utility_score >= 0 AND utility_score <= 1),\n    importance_score REAL NOT NULL DEFAULT 0.5 CHECK (importance_score >= 0 AND importance_score <= 1),\n    evergreen INTEGER NOT NULL DEFAULT 0 CHECK (evergreen IN (0, 1)),\n    pinned INTEGER NOT NULL DEFAULT 0 CHECK (pinned IN (0, 1)),\n    half_life_days REAL CHECK (half_life_days IS NULL OR half_life_days > 0),\n    metadata TEXT,\n    created_at TEXT NOT NULL,\n    updated_at TEXT NOT NULL,\n    UNIQUE(surface, target_id)\n);\nCREATE INDEX IF NOT EXISTS idx_memory_utility_metrics_target ON memory_utility_metrics(surface, target_id);\nCREATE INDEX IF NOT EXISTS idx_memory_utility_metrics_project ON memory_utility_metrics(project);\nCREATE INDEX IF NOT EXISTS idx_memory_utility_metrics_rank ON memory_utility_metrics(surface, evergreen, pinned, utility_score, importance_score);\n";
+/**
+ * Model-scoped embedding skip ledger.
+ *
+ * Stores only sanitized metadata for messages that a provider/model cannot
+ * embed, so deterministic provider-limit failures do not wedge future syncs.
+ */
+export declare const EMBEDDING_SKIPS_TABLE = "\nCREATE TABLE IF NOT EXISTS embedding_skips (\n    id INTEGER PRIMARY KEY AUTOINCREMENT,\n    message_id INTEGER NOT NULL,\n    model_hash TEXT NOT NULL,\n    model_name TEXT NOT NULL,\n    provider TEXT NOT NULL,\n    reason TEXT NOT NULL CHECK (reason IN ('payload_too_large')),\n    retryable INTEGER NOT NULL CHECK (retryable IN (0, 1)),\n    content_hash TEXT NOT NULL,\n    content_bytes INTEGER NOT NULL CHECK (content_bytes >= 0),\n    safe_error TEXT,\n    skipped_at TEXT NOT NULL,\n    FOREIGN KEY (message_id) REFERENCES messages_meta(rowid) ON DELETE CASCADE,\n    UNIQUE(message_id, model_hash, reason)\n);\nCREATE INDEX IF NOT EXISTS idx_embedding_skips_model ON embedding_skips(model_hash);\nCREATE INDEX IF NOT EXISTS idx_embedding_skips_message_model ON embedding_skips(message_id, model_hash);\n";
 /**
  * Schema options for conditional table creation
  */
@@ -174,6 +212,8 @@ export declare const SESSIONS_FTS_TRIGGERS = "\nCREATE TRIGGER IF NOT EXISTS ses
  * 17. memory_files FTS triggers (depend on both memory_files tables)
  * 18. friction_log (no dependencies)
  * 19. backfill_state (no dependencies)
+ * 20. facts / governance / derived memory projections
+ * 21. embedding skip ledger (depends on messages_meta)
  *
  * Note: message_embeddings (vec0) is NOT in this array.
  * It is conditionally created in createSchema() when sqliteVecAvailable is true.

package/dist/infrastructure/embedding/embedding-provider-factory.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@
  * - "ollama" -> OllamaProvider
  */
 import type { IEmbeddingProvider } from "../../domain/ports/embedding.js";
-import type { EmbeddingConfigData } from "../hooks/config-manager.js";
+import type { EmbeddingConfigData, ProviderEgressPolicyData } from "../hooks/config-manager.js";
 export declare class EmbeddingProviderFactory {
     private cache;
     /**
@@ -27,7 +27,7 @@ export declare class EmbeddingProviderFactory {
      *
      * @throws Error if provider type is unsupported
      */
-    create(config: EmbeddingConfigData): IEmbeddingProvider;
+    create(config: EmbeddingConfigData, providerEgress?: ProviderEgressPolicyData): IEmbeddingProvider;
     /**
      * Create an embedding provider from a MemoryConfig object.
      *
@@ -36,6 +36,7 @@ export declare class EmbeddingProviderFactory {
      */
     createFromConfig(memoryConfig: {
         embedding?: EmbeddingConfigData;
+        providerEgress?: ProviderEgressPolicyData;
     }): IEmbeddingProvider | null;
     /**
      * Dispose all cached providers and clear the cache.

package/dist/infrastructure/embedding/ollama-provider.d.ts CHANGED Viewed

@@ -33,6 +33,7 @@ export declare class OllamaProvider implements IEmbeddingProvider {
     embedBatch(texts: string[]): Promise<EmbeddingResult[]>;
     isReady(): boolean;
     dispose(): Promise<void>;
+    private requestEmbeddings;
     /**
      * Throw an error with an actionable hint for model-not-found cases.
      */

package/dist/infrastructure/hooks/config-manager.d.ts CHANGED Viewed

@@ -23,6 +23,8 @@ export interface EmbeddingConfigData {
     dimensions: number;
     /** Number of messages to embed per batch */
     batchSize: number;
+    /** Maximum estimated JSON payload bytes per embedding provider request */
+    maxBatchBytes: number;
     /** @deprecated Prefer apiKeyEnv or runtime environment injection. */
     apiKey?: string;
     /** Environment variable name that contains the provider API key */
@@ -100,6 +102,18 @@ export interface RemoteSyncConfigData {
  * Default remote sync configuration
  */
 export declare const DEFAULT_REMOTE_SYNC_CONFIG: RemoteSyncConfigData;
+export type ProviderEgressConsent = "unset" | "granted" | "denied";
+export interface ProviderEgressPolicyData {
+    /** Consent state for sending redacted memory content to remote providers */
+    consent: ProviderEgressConsent;
+    /** Remote hosts allowed to receive provider payloads after consent is granted */
+    allowedHosts: string[];
+    /** Hostless remote provider ids allowed after consent is granted */
+    allowedProviders: string[];
+    /** Optional ISO timestamp for when consent was granted */
+    grantedAt?: string | undefined;
+}
+export declare const DEFAULT_PROVIDER_EGRESS_POLICY: ProviderEgressPolicyData;
 export interface LegacyMemoryFilesConfigData {
     /** Whether legacy ~/.memory / MEMORY_HOME markdown indexing and writes are enabled */
     enabled: boolean;
@@ -121,6 +135,7 @@ export declare const DEFAULT_LEGACY_MEMORY_FILES_CONFIG: LegacyMemoryFilesConfig
  * - ambientContext: Ambient context generation configuration
  * - machineId: Unique identifier for the local machine
  * - remoteSync: Remote sync configuration
+ * - providerEgress: Remote provider egress consent and allowlist policy
  * - legacyMemoryFiles: Explicit opt-in for pre-v4 ~/.memory / MEMORY_HOME sidecar files
  */
 export interface MemoryConfig {
@@ -148,6 +163,8 @@ export interface MemoryConfig {
     machineId: string;
     /** Remote sync configuration */
     remoteSync: RemoteSyncConfigData;
+    /** Remote provider egress consent and allowlist policy */
+    providerEgress: ProviderEgressPolicyData;
     /** Legacy memory-file sidecar compatibility */
     legacyMemoryFiles: LegacyMemoryFilesConfigData;
 }

package/dist/infrastructure/providers/provider-egress-policy.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { EmbeddingConfigData, MemoryConfig, ProviderEgressPolicyData } from "../hooks/config-manager.js";
+import { DEFAULT_PROVIDER_EGRESS_POLICY } from "../hooks/config-manager.js";
+export declare const DEFAULT_ALLOWED_REMOTE_HOSTS: string[];
+export declare const DEFAULT_ALLOWED_REMOTE_PROVIDERS: string[];
+export interface ProviderEgressAssessment {
+    required: boolean;
+    allowed: boolean;
+    target: string;
+    capability: "embedding" | "extraction";
+    provider: string;
+    host?: string | undefined;
+    reason?: string | undefined;
+    warnings: string[];
+}
+type ConfigWithProviderEgress = Pick<MemoryConfig, "embedding"> & {
+    providerEgress?: ProviderEgressPolicyData | undefined;
+};
+export { DEFAULT_PROVIDER_EGRESS_POLICY };
+export declare function assessEmbeddingProviderEgress(embedding: EmbeddingConfigData, policy?: ProviderEgressPolicyData): ProviderEgressAssessment;
+export declare function assessExtractionProviderEgress(config: ConfigWithProviderEgress, providerId: string): ProviderEgressAssessment;
+export declare function requireProviderEgressAllowed(assessment: ProviderEgressAssessment): void;

package/dist/infrastructure/providers/provider-registry.d.ts CHANGED Viewed

@@ -7,7 +7,7 @@
  */
 import type { IEmbeddingProvider } from "../../domain/ports/embedding.js";
 import type { IExtractionProvider } from "../../domain/ports/extraction.js";
-import type { EmbeddingConfigData, MemoryConfig } from "../hooks/config-manager.js";
+import type { EmbeddingConfigData, MemoryConfig, ProviderEgressPolicyData } from "../hooks/config-manager.js";
 export interface ProviderReadiness {
     ready: boolean;
     readyReason?: string | undefined;
@@ -20,9 +20,13 @@ export declare function getEmbeddingProviderDefaults(providerId: string): {
     model: string;
     dimensions: number;
 } | undefined;
-export declare function checkEmbeddingProviderReadiness(config: EmbeddingConfigData): ProviderReadiness;
-export declare function createEmbeddingProvider(config: EmbeddingConfigData): IEmbeddingProvider;
+export declare function getEmbeddingProviderSecretEnvVars(providerId: string): string[];
+export declare function getExtractionProviderSecretEnvVars(providerId: string): string[];
+export declare function checkEmbeddingProviderReadiness(config: EmbeddingConfigData, providerEgress?: ProviderEgressPolicyData): ProviderReadiness;
+export declare function createEmbeddingProvider(config: EmbeddingConfigData, providerEgress?: ProviderEgressPolicyData): IEmbeddingProvider;
 export declare function resolveExtractionProviderId(config: Pick<MemoryConfig, "embedding">, env?: NodeJS.ProcessEnv): string;
 export declare function getExtractionModel(_config: Pick<MemoryConfig, "embedding">, providerId: string, env?: NodeJS.ProcessEnv): string;
 export declare function checkExtractionProviderReadiness(config: Pick<MemoryConfig, "embedding">, providerId?: string): ProviderReadiness;
-export declare function createExtractionProvider(config: Pick<MemoryConfig, "embedding">): IExtractionProvider;
+export declare function createExtractionProvider(config: Pick<MemoryConfig, "embedding"> & {
+    providerEgress?: ProviderEgressPolicyData;
+}): IExtractionProvider;

package/dist/infrastructure/remote/git-remote-event-transport.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import type { RemoteEventTransport, RemoteGitIdentity, RemoteTransportCommandResult } from "../../application/services/remote-event-sync-service.js";
+export interface GitCommandResult {
+    success: boolean;
+    stdout: string;
+    stderr: string;
+    exitCode: number;
+}
+export interface RunGitCommandOptions {
+    env?: NodeJS.ProcessEnv;
+}
+export interface GitRemoteEventTransportDeps {
+    runGit?: (args: string[], cwd: string) => Promise<GitCommandResult>;
+    env?: NodeJS.ProcessEnv;
+    existsSync?: (path: string) => boolean;
+    mkdirSync?: (path: string, options?: {
+        recursive?: boolean;
+    }) => void;
+    readFileSync?: (path: string, encoding: BufferEncoding) => string;
+    getAllLogFiles?: (eventsDir?: string) => string[];
+}
+export declare function sanitizeGitEnvironment(env?: NodeJS.ProcessEnv): NodeJS.ProcessEnv;
+export declare function runGitCommand(args: string[], cwd: string, options?: RunGitCommandOptions): Promise<GitCommandResult>;
+export declare class GitRemoteEventTransport implements RemoteEventTransport {
+    private readonly eventsDir;
+    private readonly runGit;
+    private readonly deps;
+    constructor(eventsDir: string, deps?: GitRemoteEventTransportDeps);
+    isRepository(): Promise<boolean>;
+    initRepository(identity: RemoteGitIdentity): Promise<RemoteTransportCommandResult>;
+    getRemoteUrl(): Promise<string | null>;
+    setRemoteUrl(remoteUrl: string): Promise<RemoteTransportCommandResult>;
+    listEventLogFingerprints(): Promise<Record<string, string>>;
+    hasEventLog(machineId: string): Promise<boolean>;
+    commitEventLog(machineId: string, message: string): Promise<RemoteTransportCommandResult>;
+    fetch(remoteName: string): Promise<RemoteTransportCommandResult>;
+    hasRemoteRef(remoteName: string, ref: string): Promise<boolean>;
+    pullRebase(remoteName: string, ref: string): Promise<RemoteTransportCommandResult>;
+    abortRebase(): Promise<RemoteTransportCommandResult>;
+    push(remoteName: string, ref: string): Promise<RemoteTransportCommandResult>;
+}

package/dist/infrastructure/security/pattern-redactor.d.ts CHANGED Viewed

@@ -1,6 +1,9 @@
 import type { IRedactor, JsonRedactionResult, RedactionResult } from "../../domain/ports/redactor.js";
+export declare const PATTERN_REDACTOR_RULE_VERSION = "pattern-redactor-v2";
 export declare class PatternRedactor implements IRedactor {
     redactText(input: string): RedactionResult;
     redactJson<T>(input: T): JsonRedactionResult<T>;
     private redactUnknown;
+    private redactObjectValue;
+    private redactFlagAdjacentValue;
 }

package/dist/infrastructure/security/secret-audit-service.d.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import type { Database } from "bun:sqlite";
+import type { IRedactor, RedactionFinding } from "../../domain/ports/redactor.js";
+export type SecretAuditSurface = "database" | "event_log";
+export interface SecretAuditFinding {
+    surface: SecretAuditSurface;
+    kind: RedactionFinding["kind"];
+    placeholder: string;
+    hash?: string | undefined;
+    ruleVersion?: string | undefined;
+    table?: string | undefined;
+    column?: string | undefined;
+    rowId?: string | number | undefined;
+    filePath?: string | undefined;
+    lineNumber?: number | undefined;
+}
+export interface SecretAuditReport {
+    schemaVersion: 1;
+    generatedAt: string;
+    redactionPolicy: string;
+    summary: {
+        totalFindings: number;
+        databaseFindings: number;
+        eventLogFindings: number;
+    };
+    findings: SecretAuditFinding[];
+    remediation: {
+        database: {
+            requested: boolean;
+            updatedFields: number;
+            rebuiltFtsIndexes: string[];
+        };
+        eventLogs: {
+            requested: boolean;
+            sanitizedFiles: string[];
+            quarantinedFiles: Array<{
+                originalPath: string;
+                quarantinedPath: string;
+            }>;
+        };
+    };
+}
+export interface SecretAuditOptions {
+    db?: Database | undefined;
+    eventLogPaths?: string[] | undefined;
+    redactDatabase?: boolean | undefined;
+    quarantineEvents?: boolean | undefined;
+    quarantineDir?: string | undefined;
+    reportPath?: string | undefined;
+}
+export declare class SecretAuditService {
+    private readonly redactor;
+    constructor(redactor: IRedactor);
+    audit(options?: SecretAuditOptions): Promise<SecretAuditReport>;
+    private scanDatabase;
+    private scanEventLogs;
+    private redactEventLine;
+}

package/dist/infrastructure/sources/project-name-resolver.d.ts CHANGED Viewed

@@ -31,7 +31,7 @@ export declare class ProjectNameResolver implements IProjectNameResolver {
      * Resolve the project name from an encoded path (without drive prefix).
      * Walks the filesystem matching encoded segments against real directory names.
      *
-     * @param encodedSegments - The encoded path without drive prefix (e.g., "Users-Destiny-Projects-memory-nexus")
+     * @param encodedSegments - The encoded path without drive prefix (e.g., "Projects-memory-nexus")
      * @returns The actual name of the last matched directory
      */
     resolveProjectName(encodedSegments: string): string;
@@ -43,7 +43,7 @@ export declare class ProjectNameResolver implements IProjectNameResolver {
     /**
      * Probe for hidden/virtual directories that readdirSync does not enumerate.
      *
-     * Some directories (e.g., iCloudDrive on Windows) are valid and traversable
+       * Some directories (for example, cloud-synced Windows folders) are valid and traversable
      * but invisible to readdirSync. This method tries progressively longer
      * dash-separated prefixes of the remaining encoded string as candidate
      * directory names, checking each via statSync.