@evomap/evolver 1.87.3 → 1.88.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@evomap/evolver",
-  "version": "1.87.3",
+  "version": "1.88.0",
   "description": "A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol (GEP) for auditable, reusable evolution assets.",
   "main": "index.js",
   "bin": {

package/scripts/build_binaries.js

@@ -249,8 +249,18 @@ if (!OPTS.skipObfuscate) {
     };
 
     const MAX_OBF_ATTEMPTS_RAW = process.env.OBF_MAX_ATTEMPTS;
+    // Default 12 (was 4). The obfuscator's new.target -> #target mangling is
+    // non-deterministic ACROSS PROCESSES, not just across seeds: the same seed
+    // + same input can pass in one node process and fail in another (Set
+    // iteration / internal-state timing). So perturbing the seed per attempt is
+    // not the real lever — re-running the obfuscate call is. The v1.87.4 deploy
+    // hit 4/4 consecutive failures with the default of 4 and aborted the npm
+    // publish + binary upload. At an observed per-attempt failure rate that can
+    // run well above the historical ~5% for some bundles, 4 retries is too few;
+    // 12 drives the all-fail probability to negligible while costing only extra
+    // attempts on the rare unlucky run. Override with OBF_MAX_ATTEMPTS.
     const MAX_OBF_ATTEMPTS = MAX_OBF_ATTEMPTS_RAW === undefined
-      ? 4
+      ? 12
       : parseInt(MAX_OBF_ATTEMPTS_RAW, 10);
     if (!Number.isInteger(MAX_OBF_ATTEMPTS) || MAX_OBF_ATTEMPTS < 1) {
       console.error(`  ERROR: OBF_MAX_ATTEMPTS must be a positive integer; got ${JSON.stringify(MAX_OBF_ATTEMPTS_RAW)}.`);

package/src/adapters/hookAdapter.js

@@ -189,7 +189,9 @@ function copyHookScripts(destDir, evolverRoot) {
     // closes the per-file hole.
     assertNotSymlink(dest, `hook destination ${name}`);
     fs.copyFileSync(src, dest);
-    try { fs.chmodSync(dest, 0o755); } catch { /* windows */ }
+    // NOTE(windows): fs.chmodSync is a no-op on Windows; hook scripts remain
+    // executable via file extension association (.js), not Unix mode bits.
+    try { fs.chmodSync(dest, 0o755); } catch { /* best-effort; no-op on Windows */ }
     copied.push(dest);
   }
   return copied;

package/src/adapters/scripts/_runtimePaths.js

@@ -19,6 +19,7 @@
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
+const { spawnSync } = require('child_process');
 
 function isEvolverPackageJson(filePath) {
   try {
@@ -58,12 +59,36 @@ function findEvolverRoot() {
   // `evolver-session-start.js`'s `additionalContext`. Restrict to trusted,
   // user/system-scoped install roots.
   try {
+    // Windows: `npm install -g` puts packages under %APPDATA%\npm\node_modules
+    // (most common), %ProgramFiles%\nodejs\node_modules (system-wide installer),
+    // or %ProgramFiles(x86)%\nodejs\node_modules. Build the extra Windows paths
+    // conditionally so the POSIX base list stays intact.
+    const _winPaths = process.platform === 'win32'
+      ? [
+          path.join(
+            process.env.APPDATA || path.join(os.homedir(), 'AppData', 'Roaming'),
+            'npm', 'node_modules'
+          ),
+          ...(process.env.ProgramFiles
+            ? [path.join(process.env.ProgramFiles, 'nodejs', 'node_modules')]
+            : []),
+          ...(process.env['ProgramFiles(x86)']
+            ? [path.join(process.env['ProgramFiles(x86)'], 'nodejs', 'node_modules')]
+            : []),
+        ]
+      : [];
+
     const pkgJson = require.resolve('@evomap/evolver/package.json', {
+      // Do NOT include process.cwd() — a hostile workspace can plant its own
+      // node_modules/@evomap/evolver to gain control over the memory graph path
+      // (prompt-injection surface: evolver-session-start.js additionalContext).
+      // Only trust user/system-scoped install roots.
       paths: [
         path.join(os.homedir(), '.npm-global', 'lib', 'node_modules'),
         path.join(os.homedir(), '.local', 'lib', 'node_modules'),
         '/usr/lib/node_modules',
         '/usr/local/lib/node_modules',
+        ..._winPaths,
       ],
     });
     if (pkgJson && isEvolverPackageJson(pkgJson)) {
@@ -80,6 +105,162 @@ function findEvolverRoot() {
   return null;
 }
 
+// Resolve the user's PROJECT directory — the workspace the agent is actually
+// working in — for git-diff collection and workspace tagging.
+//
+// Why this exists: hook scripts must NOT assume `process.cwd()` is the project
+// root. Cursor invokes some hook events (e.g. afterFileEdit) with the working
+// directory set to the *plugin* install dir (`~/.cursor/plugins/local/<name>`),
+// not the opened workspace. A hook that runs `git diff` in cwd would then look
+// for changes in the plugin directory and find none — silently recording
+// nothing for every task. Hosts expose the real workspace root via an env var:
+//   - Cursor sets CURSOR_PROJECT_DIR (and a CLAUDE_PROJECT_DIR compat alias)
+//   - Claude Code sets CLAUDE_PROJECT_DIR
+// Codex / opencode / Kiro and direct CLI usage leave both unset, in which case
+// `process.cwd()` is already the project root and remains the fallback — so
+// this change is a no-op on those platforms.
+//
+// SECURITY: only honor an env value that points at an existing directory. A
+// stale or empty value must not redirect git collection to a bogus path; we
+// fall through to cwd instead. We intentionally do NOT recurse into evolver
+// package discovery here — this is purely "where is the user's code".
+function resolveProjectDir() {
+  for (const key of ['CURSOR_PROJECT_DIR', 'CLAUDE_PROJECT_DIR']) {
+    const v = process.env[key];
+    if (typeof v === 'string' && v.trim()) {
+      try {
+        if (fs.statSync(v).isDirectory()) return v;
+      } catch { /* not a usable dir — try next / fall back to cwd */ }
+    }
+  }
+  return process.cwd();
+}
+
+// Determine the workspace ROOT for a project, mirroring src/gep/paths.js
+// getWorkspaceRoot() step-for-step so the FS-only fallback lands its secret at
+// the SAME path paths.js would (what lets an installed @evomap/evolver read the
+// very same id):
+//   1. OPENCLAW_WORKSPACE override.
+//   2. else the git repo root at/above projectDir, BUT if that repo root has a
+//      `workspace/` subdirectory, paths.js returns <repoRoot>/workspace — so we
+//      must too, or the two land on different .evolver/workspace-id files (the
+//      "read back identically" guarantee would break for such projects).
+//   3. else projectDir.
+function _fsWorkspaceRoot(projectDir) {
+  if (process.env.OPENCLAW_WORKSPACE) return process.env.OPENCLAW_WORKSPACE;
+  // Walk up from projectDir looking for a .git entry (file or dir) = repo root.
+  let repoRoot = null;
+  let dir = projectDir;
+  while (dir) {
+    if (fs.existsSync(path.join(dir, '.git'))) { repoRoot = dir; break; }
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  if (!repoRoot) return projectDir;
+  // Mirror getWorkspaceRoot()'s workspace/ subdir step.
+  const workspaceDir = path.join(repoRoot, 'workspace');
+  if (fs.existsSync(workspaceDir)) return workspaceDir;
+  return repoRoot;
+}
+
+// FS-only re-implementation of src/gep/paths.js getWorkspaceId() for the case
+// where the evolver package is not installed (plugin-only installs). It reads
+// — and lazily, atomically creates — the per-workspace secret at
+// <workspaceRoot>/.evolver/workspace-id. The format (16-byte hex), the path,
+// the 0600 mode, the O_EXCL|O_NOFOLLOW atomic create, and the symlink
+// rejection all match paths.js exactly, so a workspace seeded by this fallback
+// is transparently picked up by paths.getWorkspaceId() once the package is
+// present, and vice-versa. Returns null on any read/write error (caller then
+// falls back to legacy cwd-tag matching — no regression).
+// Read <dir>/workspace-id with the same symlink guards paths.js'
+// _readWorkspaceIdFromFs uses: reject a symlinked .evolver dir, reject a
+// symlinked / non-regular id file, and require hex format. Returns the id, or
+// null on any error / missing file. Used for BOTH the initial read and the
+// EEXIST race re-read so a symlink swapped in between our lstat and openSync
+// can never be followed (Bugbot PR #557).
+function _readWsIdGuarded(dir, file) {
+  try {
+    const dirStat = fs.lstatSync(dir, { throwIfNoEntry: false });
+    if (dirStat && dirStat.isSymbolicLink()) return null;
+    const fileStat = fs.lstatSync(file, { throwIfNoEntry: false });
+    if (!fileStat) return null;
+    if (fileStat.isSymbolicLink() || !fileStat.isFile()) return null;
+    const raw = fs.readFileSync(file, 'utf8').trim();
+    return raw && /^[a-f0-9]{32,}$/i.test(raw) ? raw : null;
+  } catch { return null; }
+}
+
+function _fsWorkspaceId(projectDir) {
+  // Whole body is wrapped: the documented contract is "returns null on ANY
+  // read/write error" so the session-start/-end hooks degrade gracefully
+  // rather than crash. throwIfNoEntry:false only suppresses ENOENT; EACCES/EIO
+  // and friends still throw, so a bare lstat/mkdir here must not escape
+  // (Bugbot PR #557 round-2 — an unguarded lstat could crash the hook).
+  try {
+    const dir = path.join(_fsWorkspaceRoot(projectDir), '.evolver');
+    const file = path.join(dir, 'workspace-id');
+    // Read first, with symlink guards.
+    const existing = _readWsIdGuarded(dir, file);
+    if (existing) return existing;
+    // If the file exists but the guards rejected it (symlink / bad format),
+    // refuse rather than create over it.
+    if (fs.lstatSync(file, { throwIfNoEntry: false })) return null;
+    // Missing — create atomically. Refuse a symlinked .evolver dir (O_NOFOLLOW
+    // only guards the final component, not intermediate dirs).
+    const dirStat = fs.lstatSync(dir, { throwIfNoEntry: false });
+    if (dirStat && dirStat.isSymbolicLink()) return null;
+    fs.mkdirSync(dir, { recursive: true });
+    const payload = require('crypto').randomBytes(16).toString('hex');
+    const flags = fs.constants.O_WRONLY | fs.constants.O_CREAT | fs.constants.O_EXCL |
+      (fs.constants.O_NOFOLLOW || 0);
+    let fd;
+    try {
+      fd = fs.openSync(file, flags, 0o600);
+    } catch (e) {
+      // Lost a race — re-read WITH the same symlink guards (paths.js does the
+      // same). A bare readFileSync here would follow a symlink swapped in
+      // after our dir lstat (Bugbot PR #557).
+      if (e && e.code === 'EEXIST') return _readWsIdGuarded(dir, file);
+      return null; // ELOOP/EMLINK from O_NOFOLLOW hitting a symlink — refuse.
+    }
+    try { fs.writeSync(fd, payload + '\n', 0, 'utf8'); } finally { fs.closeSync(fd); }
+    try { fs.chmodSync(file, 0o600); } catch { /* best-effort */ }
+    return payload;
+  } catch { return null; }
+}
+
+// Resolve the current workspace id — the forge-resistant tag the session-end
+// writer stamps on every memory-graph entry (`workspace_id`). This is the
+// SINGLE source of that resolution: the session-end writer stamps it and the
+// session-start reader scopes by it, so both call this one function. Keeping
+// it here (rather than a copy per hook) is what guarantees reader and writer
+// can never drift apart — if they resolved different ids, no entry would ever
+// match the reader's filter and workspace scoping would silently break.
+// Resolution order:
+//   1. EVOLVER_WORKSPACE_ID env override
+//   2. paths.getWorkspaceId() loaded from the resolved evolver root (this is
+//      the richer path — it can additionally back the secret with the OS
+//      keychain when @napi-rs/keyring is installed).
+//   3. FS-only fallback for plugin-only installs where the evolver package is
+//      not reachable. Without this, plugin users got workspace_id=null and the
+//      forge-resistant scoping silently degraded to cwd-tag matching (found
+//      via real-Cursor end-to-end testing). The fallback writes the same
+//      secret file paths.js uses, so installing the package later is seamless.
+// Still returns null if even the FS write fails — callers must then NOT filter
+// (show everything), preserving prior behavior rather than hiding all memory.
+function resolveWorkspaceId(evolverRoot, projectDir) {
+  if (process.env.EVOLVER_WORKSPACE_ID) return String(process.env.EVOLVER_WORKSPACE_ID);
+  const root = evolverRoot || findEvolverRoot();
+  if (root) {
+    try {
+      const paths = require(path.join(root, 'src', 'gep', 'paths.js'));
+      if (typeof paths.getWorkspaceId === 'function') return paths.getWorkspaceId();
+    } catch { /* paths.js unreachable — fall through to FS-only */ }
+  }
+  return _fsWorkspaceId(projectDir || resolveProjectDir());
+}
+
 // Returns a path to the evolution memory graph, or a fallback location that
 // is guaranteed to be writable. Never returns null — when no evolver root is
 // available, we fall back to `~/.evolver/memory/evolution/memory_graph.jsonl`
@@ -111,4 +292,24 @@ function findMemoryGraph(evolverRoot) {
   return path.join(userDir, 'memory_graph.jsonl');
 }
 
-module.exports = { findEvolverRoot, findMemoryGraph };
+// Is `dir` inside a git work tree? Cheap, no-shell `git rev-parse`. Returns
+// false on any error (git missing, not a repo, timeout) and never throws — the
+// session-start hook uses this only to decide whether to surface a one-line
+// "evolver needs a git workspace" notice, so a false negative just suppresses
+// the notice rather than breaking anything.
+function isGitWorkspace(dir) {
+  try {
+    const res = spawnSync('git', ['rev-parse', '--is-inside-work-tree'], {
+      cwd: dir,
+      encoding: 'utf8',
+      timeout: 5000,
+      stdio: ['ignore', 'pipe', 'pipe'],
+      shell: false,
+    });
+    return res.status === 0 && typeof res.stdout === 'string' && res.stdout.trim() === 'true';
+  } catch {
+    return false;
+  }
+}
+
+module.exports = { findEvolverRoot, findMemoryGraph, resolveProjectDir, resolveWorkspaceId, isGitWorkspace };

package/src/adapters/scripts/evolver-session-end.js

@@ -8,32 +8,23 @@
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
+const https = require('https');
+const http = require('http');
 const { spawnSync } = require('child_process');
 // 10 MB — prevents RangeError on large child process output (e.g. git log/diff
 // on large repos). See GHSA reports / issue #451.
 const MAX_EXEC_BUFFER = 10 * 1024 * 1024;
 
-const { findEvolverRoot, findMemoryGraph } = require('./_runtimePaths');
+const { findEvolverRoot, findMemoryGraph, resolveProjectDir, resolveWorkspaceId } = require('./_runtimePaths');
 
-// Workspace-id must use the same resolution as the reader in
-// src/evolve/pipeline/collect.js (which goes through src/gep/paths.js#
-// getWorkspaceRoot()). Otherwise writer and reader could land on
-// different `.evolver/workspace-id` files when EVOLVER_REPO_ROOT or
-// OPENCLAW_WORKSPACE is set, or when a `<repoRoot>/workspace`
-// subdirectory exists — in which case the IDs would never match and
-// every memory-graph entry would silently get dropped (Bugbot PR #109
-// round-1 MEDIUM). Lazy-load the canonical resolver from the resolved
-// evolver root; fall back to env-only when paths.js is unreachable.
-function resolveWorkspaceIdForWriter() {
-  if (process.env.EVOLVER_WORKSPACE_ID) return String(process.env.EVOLVER_WORKSPACE_ID);
-  const evolverRoot = findEvolverRoot();
-  if (!evolverRoot) return null;
-  try {
-    const paths = require(path.join(evolverRoot, 'src', 'gep', 'paths.js'));
-    if (typeof paths.getWorkspaceId === 'function') return paths.getWorkspaceId();
-  } catch { /* paths.js unreachable — return null */ }
-  return null;
-}
+// Workspace-id resolution is shared with the session-start reader via
+// _runtimePaths.resolveWorkspaceId(). Reader and writer MUST resolve the SAME
+// id or workspace scoping silently breaks (no entry would ever match the
+// reader's filter), so this logic lives in exactly one place instead of being
+// duplicated here. The shared resolver mirrors src/gep/paths.js#getWorkspaceId()
+// loaded from the evolver root, with an EVOLVER_WORKSPACE_ID env override —
+// consistent with the review-time reader in src/evolve/pipeline/collect.js
+// (Bugbot PR #109 round-1 MEDIUM; reader/writer drift flagged on PR #555).
 
 function runGit(args, cwd) {
   // Argv-array form, no shell. Avoids POSIX `2>/dev/null` redirects that
@@ -55,7 +46,9 @@ function runGit(args, cwd) {
 }
 
 function getGitDiffStats() {
-  const cwd = process.cwd();
+  // Use the host-provided workspace root, not process.cwd(): Cursor runs some
+  // hook events with cwd set to the plugin dir, where `git diff` finds nothing.
+  const cwd = resolveProjectDir();
   // Distinguish "git failed (no HEAD~1, etc.)" from "git succeeded with
   // empty output (e.g. empty merge)". The previous `||` chain treated
   // both as falsy and fell through to the working-tree diff, which can
@@ -67,11 +60,16 @@ function getGitDiffStats() {
   const filesChanged = (stat.match(/\d+ files? changed/) || ['0'])[0];
   const insertions = (stat.match(/(\d+) insertions?/) || [null, '0'])[1];
   const deletions = (stat.match(/(\d+) deletions?/) || [null, '0'])[1];
+  // Distinguish "no git repo here" from "repo with no changes" purely for the
+  // skip-log message — the diff commands above can't tell the two apart (both
+  // yield empty output). A single cheap rev-parse settles it.
+  const isRepo = runGit(['rev-parse', '--is-inside-work-tree'], cwd).out === 'true';
   return {
     stat,
     summary: `${filesChanged}, +${insertions}/-${deletions}`,
     diffSnippet: diffContent.slice(0, 2000),
     hasChanges: stat.length > 0,
+    isRepo,
   };
 }
 
@@ -120,6 +118,9 @@ function recordToHub(outcome) {
   const nodeId = process.env.EVOMAP_NODE_ID || process.env.A2A_NODE_ID;
   if (!hubUrl || !apiKey) return false;
 
+  // Use Node.js built-in http/https instead of curl so this works on all
+  // platforms, including Windows where curl may not be available or may be
+  // an older, incompatible version bundled with some environments.
   try {
     const payload = JSON.stringify({
       gene_id: outcome.geneId || 'ad_hoc',
@@ -129,22 +130,39 @@ function recordToHub(outcome) {
       summary: outcome.summary,
       sender_id: nodeId || undefined,
     });
-    // Argv-array form avoids shell interpretation of apiKey, payload, or the
-    // hub URL. Values cannot break out through shell metacharacters.
-    const res = spawnSync('curl', [
-      '-s', '-m', '8', '-X', 'POST',
-      '-H', 'Content-Type: application/json',
-      '-H', `Authorization: Bearer ${apiKey}`,
-      '-d', payload,
-      `${hubUrl.replace(/\/+$/, '')}/a2a/evolution/record`,
-    ], {
-      timeout: 10000,
-      stdio: ['pipe', 'pipe', 'pipe'],
-      maxBuffer: MAX_EXEC_BUFFER,
-      shell: false,
+
+    const endpoint = hubUrl.replace(/\/+$/, '') + '/a2a/evolution/record';
+    let parsedUrl;
+    try { parsedUrl = new URL(endpoint); } catch { return false; }
+
+    const isHttps = parsedUrl.protocol === 'https:';
+    const transport = isHttps ? https : http;
+
+    return new Promise((resolve) => {
+      const req = transport.request(
+        {
+          hostname: parsedUrl.hostname,
+          port: parsedUrl.port || (isHttps ? 443 : 80),
+          path: parsedUrl.pathname + (parsedUrl.search || ''),
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${apiKey}`,
+            'Content-Length': Buffer.byteLength(payload),
+          },
+          timeout: 8000,
+        },
+        (res) => {
+          // Drain the response to free the socket; we only care about status.
+          res.resume();
+          resolve(res.statusCode >= 200 && res.statusCode < 300);
+        }
+      );
+      req.on('error', () => resolve(false));
+      req.on('timeout', () => { req.destroy(); resolve(false); });
+      req.write(payload);
+      req.end();
     });
-    if (res.status !== 0 || res.error) return false;
-    return true;
   } catch {
     return false;
   }
@@ -152,6 +170,10 @@ function recordToHub(outcome) {
 
 function recordToLocal(graphPath, outcome) {
   try {
+    // Resolve the project dir once so the cwd tag and the workspace_id secret
+    // share a single, consistent source (both must agree with the session-start
+    // reader's resolveProjectDir()-based scoping).
+    const projectDir = resolveProjectDir();
     const entry = {
       timestamp: new Date().toISOString(),
       gene_id: outcome.geneId || 'ad_hoc',
@@ -174,8 +196,17 @@ function recordToLocal(graphPath, outcome) {
       // .evolver/workspace-id file. cwd is retained as a backward-compat
       // tag so older entries written before this hardening still pass
       // the cwd check.
-      cwd: process.cwd(),
-      workspace_id: resolveWorkspaceIdForWriter(),
+      //
+      // Use resolveProjectDir() (NOT process.cwd()) so the cwd tag records the
+      // user's project, consistent with how the diff above is collected and
+      // with the session-start reader's cwd fallback. Under Cursor, cwd is the
+      // plugin install dir, so a raw process.cwd() tag would never match the
+      // reader's resolveProjectDir()-derived currentDir — silently hiding every
+      // cwd-only entry (Bugbot PR #555). collect.js only uses cwd as a legacy
+      // fallback (disabled once a workspace_id secret exists), so changing the
+      // tag's source — still a directory path — does not affect its scoping.
+      cwd: projectDir,
+      workspace_id: resolveWorkspaceId(undefined, projectDir),
       source: 'hook:session-end',
     };
     fs.appendFileSync(graphPath, JSON.stringify(entry) + '\n', 'utf8');
@@ -185,6 +216,24 @@ function recordToLocal(graphPath, outcome) {
   }
 }
 
+// Append a single timestamped line to ~/.evolver/logs/evolution.log (or
+// EVOLVER_HOOK_LOG_DIR). Best-effort: a log-write failure must never break the
+// hook. Used both for recorded outcomes and for the "skipped, nothing to
+// record" notices so a user can always see why a session did or did not
+// produce an entry.
+function appendEvolutionLog(line) {
+  try {
+    const logDir = process.env.EVOLVER_HOOK_LOG_DIR
+      || path.join(os.homedir(), '.evolver', 'logs');
+    fs.mkdirSync(logDir, { recursive: true });
+    fs.appendFileSync(
+      path.join(logDir, 'evolution.log'),
+      `${new Date().toISOString()} ${line}\n`,
+      'utf8'
+    );
+  } catch { /* best-effort, never break the hook on log write */ }
+}
+
 function main() {
   let inputData = '';
   let handled = false;
@@ -200,75 +249,88 @@ function main() {
   process.stdin.on('data', chunk => { inputData += chunk; });
   process.stdin.on('end', () => {
     if (handled) return;
-    try {
-      const diffInfo = getGitDiffStats();
+    // recordToHub is async (uses Node.js http/https); wrap the rest of the
+    // handler in an immediately-invoked async function so we can await it
+    // while still honouring the watchdog timeout and the `handled` guard.
+    (async () => {
+      try {
+        const diffInfo = getGitDiffStats();
 
-      if (!diffInfo.hasChanges) {
-        finish({});
-        return;
-      }
+        if (!diffInfo.hasChanges) {
+          // No git diff means no signal source — session-end derives the
+          // outcome (status/score/signals/summary) entirely from the diff, so
+          // there is nothing meaningful to record. This is expected in a
+          // non-git workspace or a repo with no changes this session. Rather
+          // than fabricate an empty outcome (which would pollute the memory
+          // graph), record nothing — but leave a log breadcrumb so the user
+          // can tell "evolver ran but had nothing to record" apart from
+          // "evolver never fired".
+          const reason = diffInfo.isRepo
+            ? 'no changes detected this session'
+            : 'not a git workspace';
+          appendEvolutionLog(`[Evolution] Session end: nothing recorded (${reason}).`);
+          finish({});
+          return;
+        }
 
-      const signals = detectSignals(diffInfo.diffSnippet);
-      if (signals.length === 0) signals.push('stable_success_plateau');
+        const signals = detectSignals(diffInfo.diffSnippet);
+        if (signals.length === 0) signals.push('stable_success_plateau');
 
-      const hasErrors = signals.includes('log_error') || signals.includes('test_failure');
-      const status = hasErrors ? 'failed' : 'success';
-      const score = hasErrors ? 0.3 : 0.8;
+        const hasErrors = signals.includes('log_error') || signals.includes('test_failure');
+        const status = hasErrors ? 'failed' : 'success';
+        const score = hasErrors ? 0.3 : 0.8;
 
-      const outcome = {
-        geneId: 'ad_hoc',
-        signals,
-        status,
-        score,
-        summary: `Session end: ${diffInfo.summary}. Signals: [${signals.join(', ')}]`,
-      };
+        const outcome = {
+          geneId: 'ad_hoc',
+          signals,
+          status,
+          score,
+          summary: `Session end: ${diffInfo.summary}. Signals: [${signals.join(', ')}]`,
+        };
 
-      const evolverRoot = findEvolverRoot();
-      const graphPath = findMemoryGraph(evolverRoot);
+        const evolverRoot = findEvolverRoot();
+        const graphPath = findMemoryGraph(evolverRoot);
 
-      const hubOk = recordToHub(outcome);
-      const localOk = graphPath ? recordToLocal(graphPath, outcome) : false;
+        // Local first: recordToHub is async with an 8s socket timeout, but
+        // the 7s watchdog (setTimeout below) will process.exit(0) before a
+        // slow hub returns — so anything sequenced after `await recordToHub`
+        // can be silently skipped. recordToLocal is the reliable offline
+        // fallback and must run regardless of hub latency.
+        const localOk = graphPath ? recordToLocal(graphPath, outcome) : false;
+        const hubOk = await recordToHub(outcome);
 
-      const target = hubOk ? 'Hub' : localOk ? 'local memory' : 'nowhere (no Hub or local path)';
-      const msg = `[Evolution] Session outcome recorded to ${target}: ${outcome.summary}`;
+        const target = hubOk ? 'Hub' : localOk ? 'local memory' : 'nowhere (no Hub or local path)';
+        const msg = `[Evolution] Session outcome recorded to ${target}: ${outcome.summary}`;
 
-      // Stop hook output schema (per Claude Code docs):
-      //   - decision: "approve" | "block"
-      //   - reason: string (shown when decision is set)
-      //   - systemMessage: string (notification displayed to user)
-      //   - continue: boolean
-      //   - stopReason: string
-      //
-      // Earlier versions emitted `followup_message`, `stopMessage`, and
-      // `additionalContext` together. `followup_message` is the field that
-      // re-injects the receipt into Claude's next inference round, which
-      // caused the agent to "respond" to its own evolution log line —
-      // visible to users as an unexplained extra reasoning turn after
-      // every task. The evolver is supposed to be observational, so we
-      // now use `systemMessage` only — that surfaces the receipt to the
-      // user without forcing another inference round.
-      //
-      // Cursor compatibility: Cursor's Claude Code-compatible runtime
-      // currently treats `systemMessage` as a user prompt for the next
-      // inference round. When we detect Cursor, omit systemMessage too.
-      // The receipt is always appended to ~/.evolver/logs/evolution.log
-      // so it is never silently lost; users can opt back in to the inline
-      // notification with EVOLVER_HOOK_VERBOSE=1.
-      try {
-        const logDir = process.env.EVOLVER_HOOK_LOG_DIR
-          || path.join(os.homedir(), '.evolver', 'logs');
-        fs.mkdirSync(logDir, { recursive: true });
-        fs.appendFileSync(
-          path.join(logDir, 'evolution.log'),
-          `${new Date().toISOString()} ${msg}\n`,
-          'utf8'
-        );
-      } catch { /* best-effort, never break the hook on log write */ }
+        // Stop hook output schema (per Claude Code docs):
+        //   - decision: "approve" | "block"
+        //   - reason: string (shown when decision is set)
+        //   - systemMessage: string (notification displayed to user)
+        //   - continue: boolean
+        //   - stopReason: string
+        //
+        // Earlier versions emitted `followup_message`, `stopMessage`, and
+        // `additionalContext` together. `followup_message` is the field that
+        // re-injects the receipt into Claude's next inference round, which
+        // caused the agent to "respond" to its own evolution log line —
+        // visible to users as an unexplained extra reasoning turn after
+        // every task. The evolver is supposed to be observational, so we
+        // now use `systemMessage` only — that surfaces the receipt to the
+        // user without forcing another inference round.
+        //
+        // Cursor compatibility: Cursor's Claude Code-compatible runtime
+        // currently treats `systemMessage` as a user prompt for the next
+        // inference round. When we detect Cursor, omit systemMessage too.
+        // The receipt is always appended to ~/.evolver/logs/evolution.log
+        // so it is never silently lost; users can opt back in to the inline
+        // notification with EVOLVER_HOOK_VERBOSE=1.
+        appendEvolutionLog(msg);
 
-      finish(isCursorHost() ? {} : { systemMessage: msg });
-    } catch (e) {
-      finish({});
-    }
+        finish(isCursorHost() ? {} : { systemMessage: msg });
+      } catch (e) {
+        finish({});
+      }
+    })();
   });
 
   watchdog = setTimeout(() => finish({}), 7000);