@sdsrs/code-graph 0.25.0 → 0.26.0

package/claude-plugin/.claude-plugin/plugin.json

@@ -4,7 +4,7 @@
   "author": {
     "name": "sdsrs"
   },
-  "version": "0.25.0",
+  "version": "0.26.0",
   "keywords": [
     "code-graph",
     "ast",

package/claude-plugin/scripts/find-binary.js

@@ -87,13 +87,33 @@ function isNativeBinary(candidate) {
   }
 }
 
+/**
+ * Decide whether a cached binary path is fresh enough to skip the full
+ * discovery walk. Matches the auto-update cache logic at ~:185-188 —
+ * cache wins only when its binary's version >= pkg version. Without this
+ * check, a stale cache entry (e.g. dev checkout's `bin/code-graph-mcp`
+ * recorded once, then never refreshed) shadows newer auto-update or
+ * platform-pkg binaries forever (see mem #8454).
+ *
+ * Permissive on unknown values: missing pkg version or unreadable binary
+ * version → trust cache (don't refuse the only path we know about).
+ */
+function isCachedBinaryFresh(cachedPath, pkgVersion) {
+  if (!isNativeBinary(cachedPath)) return false;
+  if (!pkgVersion) return true;
+  const cacheVer = readBinaryVersion(cachedPath);
+  if (!cacheVer) return true;
+  return compareVersions(cacheVer, pkgVersion) >= 0;
+}
+
 /**
  * Locate the code-graph-mcp binary using multiple strategies.
  * Results are cached to disk so repeated calls (e.g. per-hook) are fast.
  *
  * Priority:
- *   cache (if valid) → dev-mode (target/release) → auto-update cache
- *   → platform npm pkg → bundled (bin/) → cargo install → PATH → npx cache
+ *   cache (if valid + version >= pkg) → dev-mode (target/release) →
+ *   auto-update cache → platform npm pkg → bundled (bin/) →
+ *   cargo install → PATH → npx cache
  *
  * Returns the absolute path or null if not found.
  */
@@ -101,7 +121,7 @@ function findBinary() {
   // Try disk cache first (avoids spawning `which` on hot paths)
   try {
     const cached = fs.readFileSync(CACHE_FILE, 'utf8').trim();
-    if (isNativeBinary(cached)) return cached;
+    if (isCachedBinaryFresh(cached, getPackageVersion())) return cached;
     if (cached) clearCache();
   } catch { /* no cache or stale */ }
 
@@ -242,7 +262,7 @@ function clearCache() {
 module.exports = {
   findBinary, findBinaryUncached, clearCache,
   globalNodeModulesCandidates, findPlatformBinary,
-  getPackageVersion, compareVersions,
+  getPackageVersion, compareVersions, isCachedBinaryFresh,
   CACHE_FILE, BINARY_NAME, PLATFORM_PKG,
 };
 

package/claude-plugin/scripts/find-binary.test.js

@@ -6,7 +6,7 @@ const os = require('os');
 const path = require('path');
 
 const { globalNodeModulesCandidates, findPlatformBinary, BINARY_NAME,
-        compareVersions, getPackageVersion } = require('./find-binary');
+        compareVersions, getPackageVersion, isCachedBinaryFresh } = require('./find-binary');
 
 function mkDir(t, prefix) {
   const dir = fs.mkdtempSync(path.join(os.tmpdir(), prefix));
@@ -145,3 +145,77 @@ test('getPackageVersion reads root package.json', () => {
   const v = getPackageVersion();
   assert.match(v, /^\d+\.\d+\.\d+$/, `expected semver-ish, got: ${v}`);
 });
+
+// ─── isCachedBinaryFresh: disk cache version-check (mem #8454) ────────────
+//
+// Builds a fake binary that responds to `--version` with a controllable
+// string. process.execPath (node itself) won't do — we need a binary
+// whose --version line we control. Smallest approach: shell wrapper.
+
+function buildFakeBinary(t, versionLine) {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'cgmcp-fake-bin-'));
+  t.after(() => fs.rmSync(dir, { recursive: true, force: true }));
+  const binPath = path.join(dir, BINARY_NAME);
+  // readBinaryVersion parses "code-graph-mcp X.Y.Z" via the binary's first
+  // stdout line on `--version`. Shell wrapper is simpler than compiling.
+  const script = process.platform === 'win32'
+    ? `@echo off\r\necho ${versionLine}\r\n`
+    : `#!/bin/sh\necho '${versionLine}'\n`;
+  fs.writeFileSync(binPath, script);
+  if (process.platform !== 'win32') fs.chmodSync(binPath, 0o755);
+  return binPath;
+}
+
+test('isCachedBinaryFresh: cache binary version >= pkg → fresh', (t) => {
+  const bin = buildFakeBinary(t, 'code-graph-mcp 9.9.9');
+  assert.equal(isCachedBinaryFresh(bin, '0.25.0'), true);
+});
+
+test('isCachedBinaryFresh: cache binary version equals pkg → fresh', (t) => {
+  const bin = buildFakeBinary(t, 'code-graph-mcp 0.25.0');
+  assert.equal(isCachedBinaryFresh(bin, '0.25.0'), true);
+});
+
+test('isCachedBinaryFresh: cache binary version < pkg → stale (THE BUG)', (t) => {
+  // Reproduces mem #8454: cache pointed at bin/code-graph-mcp v0.5.28
+  // while pkg was v0.25.0 → cache was returned silently with no
+  // version-check, shadowing the installed 0.25.0 platform binary.
+  // After this fix, returns false → caller clears cache + falls through.
+  const bin = buildFakeBinary(t, 'code-graph-mcp 0.5.28');
+  assert.equal(isCachedBinaryFresh(bin, '0.25.0'), false);
+});
+
+test('isCachedBinaryFresh: missing pkg version → permissive (trust cache)', (t) => {
+  // Caller couldn't read package.json; refusing the cache would leave us
+  // with nothing. Better to trust the one path we have.
+  const bin = buildFakeBinary(t, 'code-graph-mcp 0.5.28');
+  assert.equal(isCachedBinaryFresh(bin, null), true);
+  assert.equal(isCachedBinaryFresh(bin, ''), true);
+});
+
+test('isCachedBinaryFresh: unreadable cache binary version → permissive', (t) => {
+  // Old binary that doesn't support `--version`, or output we can't
+  // parse. Same permissive path as missing pkg version.
+  const bin = buildFakeBinary(t, 'whatever garbage no semver here');
+  assert.equal(isCachedBinaryFresh(bin, '0.25.0'), true);
+});
+
+test('isCachedBinaryFresh: cache path does not exist → not fresh', () => {
+  assert.equal(isCachedBinaryFresh('/nonexistent/path/code-graph-mcp', '0.25.0'), false);
+});
+
+test('isCachedBinaryFresh: empty/null cache path → not fresh', () => {
+  assert.equal(isCachedBinaryFresh('', '0.25.0'), false);
+  assert.equal(isCachedBinaryFresh(null, '0.25.0'), false);
+  assert.equal(isCachedBinaryFresh(undefined, '0.25.0'), false);
+});
+
+test('isCachedBinaryFresh: file basename mismatch → not fresh', (t) => {
+  // realpathSync.basename check inside isNativeBinary — wrong name = not ours.
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'cgmcp-wrongname-'));
+  t.after(() => fs.rmSync(dir, { recursive: true, force: true }));
+  const wrongName = path.join(dir, 'other-tool');
+  fs.writeFileSync(wrongName, '#!/bin/sh\necho wrong\n');
+  if (process.platform !== 'win32') fs.chmodSync(wrongName, 0o755);
+  assert.equal(isCachedBinaryFresh(wrongName, '0.25.0'), false);
+});

package/claude-plugin/scripts/pre-edit-guide.js

@@ -118,13 +118,18 @@ try {
   process.exit(0);
 }
 
-// --- Only inject if high-impact (2+ production callers) ---
+// --- Inject when the symbol has any caller (1+) ---
+// Earlier gate was 2+ direct callers; reality is that editing a function with
+// even one production caller benefits from a one-line impact summary, and the
+// per-symbol 2-minute cooldown caps frequency. The 2+ floor was a remnant of
+// the v0.21 "agent picks tools without push" assumption — same bias mem #8234
+// records as bounded leverage at the bench level.
 const directCallers = jsonResult.direct_callers || 0;
 const totalCallers = jsonResult.total_callers || 0;
 const affectedFiles = jsonResult.affected_files || 0;
 const risk = jsonResult.risk || 'low';
 
-if (directCallers < 2) process.exit(0);
+if (directCallers < 1) process.exit(0);
 
 // Mark cooldown
 try { fs.writeFileSync(cooldownFile, ''); } catch { /* ok */ }

package/claude-plugin/scripts/user-prompt-context.js

@@ -33,23 +33,30 @@ function markCooldown(type) {
   } catch { /* ok */ }
 }
 
-// v0.21 — flipped to opt-in default. Routing-bench backend P@1=100% (v0.20.0)
-// proves Sonnet 4.5 picks tools correctly without push injection; per-prompt
-// CLI exec was costing 200-500 tokens/turn across N turns to repeat what the
-// agent would have called itself. Mirrors session-init.js computeQuietHooks
-// priority chain so a single env knob covers both hooks.
+// Default ON. The v0.21 opt-in flip relied on routing-bench P@1=100% to argue
+// "Sonnet 4.5 picks tools without push injection." That bench measures *triage
+// accuracy once the agent has decided to query a tool*; it does not measure
+// the prior question — *whether the agent reaches for a tool at all*.
+// pre-grep-guide.js sees the real-world counter-evidence: a 15-day baseline of
+// 429 raw `grep` vs 191 functional CLI calls on the same indexed source tree
+// — a 13× pre-training bias toward grep. Push injection on the relevant turns
+// is the corrective; cooldowns (impact 30s / overview 5min / callgraph 60s /
+// search 60s) already cap per-type frequency. SessionStart `project_map` stays
+// default OFF (lifecycle.js / session-init.js) — that one is a static dump
+// duplicated by MEMORY.md; this hook is reactive and trigger-shaped, so the
+// two defaults diverge intentionally.
 //
 // Priority (high → low):
-//   1. CODE_GRAPH_QUIET_HOOKS=0 → forced noisy (legacy back-compat)
-//   2. CODE_GRAPH_QUIET_HOOKS=1 → forced quiet (legacy back-compat)
-//   3. CODE_GRAPH_VERBOSE_HOOKS=1 → opt-in noisy (new, recommended)
-//   4. default → quiet
+//   1. CODE_GRAPH_QUIET_HOOKS=1 → forced quiet (escape hatch)
+//   2. CODE_GRAPH_QUIET_HOOKS=0 → forced noisy (legacy back-compat, redundant with default)
+//   3. CODE_GRAPH_VERBOSE_HOOKS=1 → noisy (legacy back-compat, redundant with default)
+//   4. default → noisy
 function computeQuietHooks(env = process.env) {
   const envQuiet = env.CODE_GRAPH_QUIET_HOOKS;
-  if (envQuiet === '0') return false;
   if (envQuiet === '1') return true;
+  if (envQuiet === '0') return false;
   if (env.CODE_GRAPH_VERBOSE_HOOKS === '1') return false;
-  return true;
+  return false;
 }
 
 // --- Pure logic (exported for testing) ---

package/claude-plugin/scripts/user-prompt-context.test.js

@@ -511,62 +511,48 @@ test('skills: only expected skills exist', () => {
   assert.deepEqual(files, ['explore.md', 'index.md']);
 });
 
-test('CODE_GRAPH_QUIET_HOOKS=1 short-circuits silently on stdout, stderr, exit 0', () => {
-  const { spawnSync } = require('node:child_process');
-  const script = path.join(__dirname, 'user-prompt-context.js');
-  const proc = spawnSync(process.execPath, [script], {
-    input: JSON.stringify({ message: 'impact analysis for fn_that_would_trigger_search' }),
-    env: { ...process.env, CODE_GRAPH_QUIET_HOOKS: '1' },
-    encoding: 'utf8',
-    timeout: 2000,
-  });
-  // Quiet mode must be fully silent — any stderr leaks into Claude's display.
-  assert.equal(proc.stdout, '', 'stdout must be empty');
-  assert.equal(proc.stderr, '', 'stderr must be empty');
-  assert.equal(proc.status, 0, 'must exit 0');
-});
+// ── computeQuietHooks priority chain (default-noisy flip) ────────
 
-// ── computeQuietHooks priority chain (v0.21 opt-in flip) ────────
-
-test('computeQuietHooks: default (no env) is QUIET', () => {
-  // v0.21: flipped from opt-out to opt-in. Routing-bench P@1=100% earned
-  // the right to stop pushing context the agent would have requested.
-  assert.equal(computeQuietHooks({}), true);
+test('computeQuietHooks: default (no env) is NOISY', () => {
+  // Default flipped back to push-on. The v0.21 opt-in default relied on
+  // routing-bench P@1=100% but that measures triage accuracy, not whether
+  // the agent reaches for a tool at all. pre-grep-guide.js sees 13× raw-grep
+  // bias on the same source tree — push is the corrective.
+  assert.equal(computeQuietHooks({}), false);
 });
 
-test('computeQuietHooks: CODE_GRAPH_VERBOSE_HOOKS=1 enables push (opt-in)', () => {
-  assert.equal(computeQuietHooks({ CODE_GRAPH_VERBOSE_HOOKS: '1' }), false);
+test('computeQuietHooks: CODE_GRAPH_QUIET_HOOKS=1 forces quiet (escape hatch)', () => {
+  assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '1' }), true);
 });
 
-test('computeQuietHooks: legacy CODE_GRAPH_QUIET_HOOKS=0 forces noisy (back-compat)', () => {
+test('computeQuietHooks: CODE_GRAPH_QUIET_HOOKS=0 stays noisy (back-compat, same as default)', () => {
   assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '0' }), false);
 });
 
-test('computeQuietHooks: legacy CODE_GRAPH_QUIET_HOOKS=1 forces quiet (back-compat)', () => {
-  assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '1' }), true);
+test('computeQuietHooks: CODE_GRAPH_VERBOSE_HOOKS=1 stays noisy (back-compat, same as default)', () => {
+  assert.equal(computeQuietHooks({ CODE_GRAPH_VERBOSE_HOOKS: '1' }), false);
 });
 
-test('computeQuietHooks: legacy QUIET_HOOKS=0 wins over VERBOSE_HOOKS=1 (priority chain)', () => {
-  // Priority order: CODE_GRAPH_QUIET_HOOKS=0/1 > CODE_GRAPH_VERBOSE_HOOKS > default.
-  assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '0', CODE_GRAPH_VERBOSE_HOOKS: '0' }), false);
+test('computeQuietHooks: QUIET_HOOKS=1 wins over VERBOSE_HOOKS=1 (priority chain)', () => {
+  // Priority: CODE_GRAPH_QUIET_HOOKS=1 (escape) > QUIET_HOOKS=0 / VERBOSE_HOOKS=1 > default.
   assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '1', CODE_GRAPH_VERBOSE_HOOKS: '1' }), true);
+  assert.equal(computeQuietHooks({ CODE_GRAPH_QUIET_HOOKS: '0', CODE_GRAPH_VERBOSE_HOOKS: '0' }), false);
 });
 
-test('default env (no flags) short-circuits silently — opt-in flip', () => {
-  // End-to-end check: with the opt-in flip, a default-env spawn produces
-  // no stdout/stderr even on a message that previously would have injected.
+test('CODE_GRAPH_QUIET_HOOKS=1 short-circuits silently on stdout, stderr, exit 0 (escape hatch verified end-to-end)', () => {
+  // End-to-end: the escape hatch must produce zero stdout/stderr noise
+  // (any leak would land in Claude's display). Was the only e2e check before
+  // the default-noisy flip — kept under the new default to guarantee that
+  // setting the env still fully silences the hook.
   const { spawnSync } = require('node:child_process');
   const script = path.join(__dirname, 'user-prompt-context.js');
-  const cleanEnv = { ...process.env };
-  delete cleanEnv.CODE_GRAPH_QUIET_HOOKS;
-  delete cleanEnv.CODE_GRAPH_VERBOSE_HOOKS;
   const proc = spawnSync(process.execPath, [script], {
     input: JSON.stringify({ message: 'impact of refactoring parse_code function' }),
-    env: cleanEnv,
+    env: { ...process.env, CODE_GRAPH_QUIET_HOOKS: '1' },
     encoding: 'utf8',
     timeout: 2000,
   });
-  assert.equal(proc.stdout, '', 'default must be silent on stdout');
-  assert.equal(proc.stderr, '', 'default must be silent on stderr');
-  assert.equal(proc.status, 0, 'default must exit 0');
+  assert.equal(proc.stdout, '', 'quiet must be silent on stdout');
+  assert.equal(proc.stderr, '', 'quiet must be silent on stderr');
+  assert.equal(proc.status, 0, 'quiet must exit 0');
 });

package/claude-plugin/templates/plugin_code_graph_mcp.md

@@ -15,12 +15,16 @@ type: reference
 > 的最新决策表（本文件 SHA 与 template 差异时覆盖）。手动编辑会被覆盖——
 > 要锁定自己的版本，设 `CODE_GRAPH_NO_TEMPLATE_REFRESH=1`（不影响首次 adopt）。
 >
-> **v0.17.0 起**：SessionStart `project_map` 注入 **默认 OFF**（不再随 adoption
-> 切换）。本文件 + 7 个工具描述已经覆盖路由所需的全部决策信息，每次会话再
-> dump ≈2.3 KB 的项目地图是冗余的常驻上下文成本。
-> 显式启用：`CODE_GRAPH_VERBOSE_HOOKS=1` —— Bash 调 `code-graph-mcp map --compact`
-> 也是等价的按需替代。
-> 向后兼容：`CODE_GRAPH_QUIET_HOOKS=0` 强制 noisy / `=1` 强制 quiet（优先级最高）。
+> **Hook 默认值（两个 hook，默认不同 —— 故意的）**：
+> - **SessionStart `project_map` 注入：默认 OFF**（v0.17.0 起）。本文件 + 7 个
+>   工具描述已经覆盖路由所需决策信息，每次会话再 dump ≈2.3 KB 项目地图是冗余的
+>   常驻上下文。显式启用：`CODE_GRAPH_VERBOSE_HOOKS=1`；或按需 `code-graph-mcp map --compact`。
+> - **UserPromptSubmit context push：默认 ON**。基于用户消息 intent 推 impact /
+>   overview / callgraph / search 结果（per-type cooldown 30s–5min）。routing-bench
+>   P@1=100% 测的是分诊准确率（已决定查工具时选哪个），不等于触发率（是否
+>   决定查工具）—— 真实 baseline 是 raw-grep ≈13× 偏向于内置 Grep。Push 是
+>   pre-training bias 的矫正。Escape hatch：`CODE_GRAPH_QUIET_HOOKS=1`。
+> - 优先级：`CODE_GRAPH_QUIET_HOOKS=1` (escape) > 其他 env > 默认。
 >
 > **v0.18.4 起**：原"进阶 5"（impact / similar / deps / dead-code / trace）已折叠
 > 进核心 7 的 flag —— Claude Code 现在能直接通过 MCP 调用，不必落到 CLI:
@@ -122,4 +126,5 @@ code-graph-mcp health-check              # 索引健康
 - `CODE_GRAPH_NO_AUTO_ADOPT=1`（`~/.claude/settings.json` env） — 阻止未来自动 adopt，不影响已 adopted 状态。
 - `CODE_GRAPH_NO_TEMPLATE_REFRESH=1`（v0.11.0+） — 锁定本文件不随插件升级刷新；允许手动编辑长久保留。
 - `CODE_GRAPH_VERBOSE_HOOKS=1`（v0.17.0+） — opt in 到 SessionStart `project_map` 注入（默认 OFF）。
-- `CODE_GRAPH_QUIET_HOOKS=0` — 强制恢复 `project_map` 注入；优先级高于 VERBOSE_HOOKS（向后兼容路径）。
+- `CODE_GRAPH_QUIET_HOOKS=1` — UserPromptSubmit context push 的 escape hatch（默认 ON）；同时强制 SessionStart `project_map` quiet。
+- `CODE_GRAPH_QUIET_HOOKS=0` — 强制恢复 SessionStart `project_map` 注入（向后兼容路径）。

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sdsrs/code-graph",
-  "version": "0.25.0",
+  "version": "0.26.0",
   "description": "MCP server that indexes codebases into an AST knowledge graph with semantic search, call graph traversal, and HTTP route tracing",
   "license": "MIT",
   "repository": {
@@ -35,10 +35,10 @@
     "node": ">=16"
   },
   "optionalDependencies": {
-    "@sdsrs/code-graph-linux-x64": "0.25.0",
-    "@sdsrs/code-graph-linux-arm64": "0.25.0",
-    "@sdsrs/code-graph-darwin-x64": "0.25.0",
-    "@sdsrs/code-graph-darwin-arm64": "0.25.0",
-    "@sdsrs/code-graph-win32-x64": "0.25.0"
+    "@sdsrs/code-graph-linux-x64": "0.26.0",
+    "@sdsrs/code-graph-linux-arm64": "0.26.0",
+    "@sdsrs/code-graph-darwin-x64": "0.26.0",
+    "@sdsrs/code-graph-darwin-arm64": "0.26.0",
+    "@sdsrs/code-graph-win32-x64": "0.26.0"
   }
 }