@sdsrs/code-graph 0.49.0 → 0.50.0

package/claude-plugin/.claude-plugin/plugin.json

@@ -4,7 +4,7 @@
   "author": {
     "name": "sdsrs"
   },
-  "version": "0.49.0",
+  "version": "0.50.0",
   "keywords": [
     "code-graph",
     "ast",

package/claude-plugin/scripts/auto-update.js

@@ -6,6 +6,7 @@ const https = require('https');
 const path = require('path');
 const os = require('os');
 const { CACHE_DIR, PLUGIN_ID, MARKETPLACE_NAME, readManifest, readJson, writeJsonAtomic, installedPluginsPath, pluginsCacheDir } = require('./lifecycle');
+const { claudeHome } = require('./claude-config');
 const { clearCache: clearBinaryCache } = require('./find-binary');
 const { readBinaryVersion, isDevMode } = require('./version-utils');
 const { cgTmpDir } = require('./tmp-dir');
@@ -277,9 +278,41 @@ function promoteVerifiedBinary(binaryTmp, binaryDst, expectedVersion) {
   }
 }
 
+// ── Marketplace clone refresh ──────────────────────────────
+
+function marketplaceCloneDir() {
+  return path.join(claudeHome(), 'plugins', 'marketplaces', MARKETPLACE_NAME);
+}
+
+/**
+ * Fast-forward the Claude Code marketplace clone after a plugin update.
+ *
+ * Auto-update writes the plugin cache + installed_plugins.json directly and
+ * never touched the marketplace clone, so its marketplace.json stayed pinned
+ * at the version present when the user last ran a /plugin command (observed
+ * live: clone at 0.48.0 four days after 0.49.0 shipped). A stale clone makes
+ * the /plugin UI report the old version and lets Claude Code re-install the
+ * old plugin files from it. --ff-only + silent failure: a dirty or diverged
+ * clone is Claude Code's property — never force anything there.
+ */
+function refreshMarketplaceClone({ dir = marketplaceCloneDir(), exec = execFileSync, timeoutMs = 15000 } = {}) {
+  try {
+    if (!fs.existsSync(path.join(dir, '.git'))) return false;
+    if (!commandExists('git')) return false;
+    exec('git', ['-C', dir, 'pull', '--ff-only', '--quiet'], { timeout: timeoutMs, stdio: 'pipe' });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
 // ── Download & Install ─────────────────────────────────────
 
-async function downloadAndInstall(latest) {
+async function downloadAndInstall(latest, {
+  exec = execFileSync,
+  downloadBin = downloadBinary,
+  refreshMarketplace = refreshMarketplaceClone,
+} = {}) {
   // Pre-flight: check required CLI tools before attempting any download
   const missingTools = ['curl', 'tar'].filter(cmd => !commandExists(cmd));
   if (missingTools.length > 0) {
@@ -290,19 +323,20 @@ async function downloadAndInstall(latest) {
   const tmpDir = path.join(cgTmpDir(), `update-${Date.now()}`);
   let pluginUpdated = false;
   let binaryUpdated = false;
+  let marketplaceRefreshed = false;
 
   try {
     fs.mkdirSync(tmpDir, { recursive: true });
 
     // ── Step 1: Download and install plugin files from tarball ──
     const tarballPath = path.join(tmpDir, 'release.tar.gz');
-    execFileSync('curl', [
+    exec('curl', [
       '-sL', '-o', tarballPath,
       '-H', 'Accept: application/vnd.github+json',
       latest.tarballUrl,
     ], { timeout: 30000, stdio: 'pipe' });
 
-    execFileSync('tar', [
+    exec('tar', [
       'xzf', tarballPath, '-C', tmpDir, '--strip-components=1',
     ], { timeout: 15000, stdio: 'pipe' });
 
@@ -344,22 +378,28 @@ async function downloadAndInstall(latest) {
       try {
         const newLifecycle = path.join(pluginDst, 'scripts', 'lifecycle.js');
         if (fs.existsSync(newLifecycle)) {
-          execFileSync(process.execPath, [newLifecycle, 'update'], {
+          exec(process.execPath, [newLifecycle, 'update'], {
             timeout: 5000, stdio: 'pipe',
           });
         }
       } catch { /* not fatal — syncLifecycleConfig will self-heal on next session */ }
     }
 
+    // ── Step 1.5: Fast-forward the marketplace clone so /plugin UI and any
+    //    Claude-Code-side reinstall see the version we just installed.
+    if (pluginUpdated) {
+      marketplaceRefreshed = refreshMarketplace();
+    }
+
     // ── Step 2: Download platform binary directly from GitHub release ──
-    if (await downloadBinary(latest)) {
+    if (await downloadBin(latest)) {
       binaryUpdated = true;
     }
 
-    return { pluginUpdated, binaryUpdated };
+    return { pluginUpdated, binaryUpdated, marketplaceRefreshed };
   } catch (e) {
     console.error(`[code-graph] Plugin download/extract failed: ${e.message}`);
-    return { pluginUpdated: false, binaryUpdated: false };
+    return { pluginUpdated: false, binaryUpdated: false, marketplaceRefreshed };
   } finally {
     try { fs.rmSync(tmpDir, { recursive: true, force: true }); } catch { /* ok */ }
   }
@@ -431,6 +471,7 @@ async function checkForUpdate({ installMissing = false } = {}) {
         lastUpdate: success ? new Date().toISOString() : state.lastUpdate,
         rateLimited: false,
         binaryUpdated: result.binaryUpdated,
+        marketplaceRefreshed: result.marketplaceRefreshed,
       };
       saveState(newState);
 
@@ -474,6 +515,7 @@ module.exports = {
   requestJson, parseLatestRelease, fetchLatestRelease,
   downloadBinary, cachedBinaryPath, cachedBinaryNeedsUpdate, cachedBinaryStaleVsState,
   selfHealStaleBinary,
+  downloadAndInstall, refreshMarketplaceClone, marketplaceCloneDir,
 };
 
 // CLI: node auto-update.js [check|status] [--silent] [--install-missing]

package/claude-plugin/scripts/auto-update.test.js

@@ -247,4 +247,96 @@ test('fetchLatestRelease parses JSON without relying on global fetch', async ()
 
   assert.equal(latest.version, '2.0.0');
   assert.equal(latest.tarballUrl, 'https://example.com/release.tgz');
-});
+});
+// ── refreshMarketplaceClone (v0.49.1 marketplace-staleness fix) ────────────
+
+const { execFileSync: execGit } = require('child_process');
+const { refreshMarketplaceClone, downloadAndInstall } = require('./auto-update');
+
+function git(cwd, ...args) {
+  return execGit('git', ['-C', cwd, '-c', 'user.email=t@t', '-c', 'user.name=t', ...args],
+    { stdio: 'pipe', encoding: 'utf8' });
+}
+
+test('refreshMarketplaceClone fast-forwards a stale clone', (t) => {
+  const root = mkDir(t, 'code-graph-mp-');
+  const remote = path.join(root, 'remote');
+  const clone = path.join(root, 'clone');
+
+  fs.mkdirSync(remote);
+  git(remote, 'init', '-q', '-b', 'main');
+  fs.writeFileSync(path.join(remote, 'marketplace.json'), '{"version":"0.48.0"}');
+  git(remote, 'add', '.');
+  git(remote, 'commit', '-q', '-m', 'v0.48.0');
+  execGit('git', ['clone', '-q', remote, clone], { stdio: 'pipe' });
+
+  // Remote advances (a release bumped marketplace.json) — clone is now stale.
+  fs.writeFileSync(path.join(remote, 'marketplace.json'), '{"version":"0.49.0"}');
+  git(remote, 'commit', '-q', '-am', 'v0.49.0');
+
+  assert.equal(refreshMarketplaceClone({ dir: clone }), true);
+  assert.match(fs.readFileSync(path.join(clone, 'marketplace.json'), 'utf8'), /0\.49\.0/);
+});
+
+test('refreshMarketplaceClone is a safe no-op on non-git dirs and pull failures', (t) => {
+  const root = mkDir(t, 'code-graph-mp-');
+  // Not a git repo → false, no throw.
+  assert.equal(refreshMarketplaceClone({ dir: root }), false);
+  // Missing dir → false, no throw.
+  assert.equal(refreshMarketplaceClone({ dir: path.join(root, 'nope') }), false);
+  // exec throws (diverged / dirty clone) → false, no throw.
+  const fakeGitDir = path.join(root, 'repo');
+  fs.mkdirSync(path.join(fakeGitDir, '.git'), { recursive: true });
+  assert.equal(refreshMarketplaceClone({
+    dir: fakeGitDir,
+    exec: () => { throw new Error('not a fast-forward'); },
+  }), false);
+});
+
+test('downloadAndInstall wires the marketplace refresh + binary download (orchestration glue)', async (t) => {
+  // In-process with all side-effectful deps injected would still write the
+  // manifest into the REAL ~/.cache (CACHE_DIR is bound at module load), so
+  // run in a subprocess with a sandboxed HOME — same pattern as install-e2e.
+  const sandboxHome = mkDir(t, 'code-graph-dai-');
+  const script = `
+    const fs = require('fs');
+    const path = require('path');
+    const { downloadAndInstall } = require(${JSON.stringify(path.join(__dirname, 'auto-update.js'))});
+    const latest = { version: '9.9.9', tarballUrl: 'https://example/tar', binaryUrl: null };
+    const calls = [];
+    const exec = (cmd, args) => {
+      calls.push(cmd);
+      if (cmd === 'tar') {
+        // Simulate extraction: produce claude-plugin/ with a matching version.
+        const tmpDir = args[args.indexOf('-C') + 1];
+        const mDir = path.join(tmpDir, 'claude-plugin', '.claude-plugin');
+        fs.mkdirSync(mDir, { recursive: true });
+        fs.writeFileSync(path.join(mDir, 'plugin.json'), JSON.stringify({ version: '9.9.9' }));
+      }
+    };
+    (async () => {
+      let refreshed = 0;
+      let binDownloads = 0;
+      const result = await downloadAndInstall(latest, {
+        exec,
+        refreshMarketplace: () => { refreshed++; return true; },
+        downloadBin: async () => { binDownloads++; return true; },
+      });
+      console.log(JSON.stringify({ result, refreshed, binDownloads, calls }));
+    })();
+  `;
+  const out = execGit(process.execPath, ['-e', script], {
+    env: { ...process.env, HOME: sandboxHome },
+    encoding: 'utf8',
+  });
+  const { result, refreshed, binDownloads } = JSON.parse(out.trim().split('\n').pop());
+  assert.equal(result.pluginUpdated, true, 'plugin files must install from the extracted tarball');
+  assert.equal(refreshed, 1, 'marketplace refresh must run exactly once after a plugin update');
+  assert.equal(result.marketplaceRefreshed, true);
+  assert.equal(binDownloads, 1, 'binary download must run');
+  assert.equal(result.binaryUpdated, true);
+  // Plugin landed in the sandboxed cache, not the real one.
+  const dst = path.join(sandboxHome, '.claude', 'plugins', 'cache',
+    'code-graph-mcp', 'code-graph-mcp', '9.9.9', '.claude-plugin', 'plugin.json');
+  assert.equal(fs.existsSync(dst), true, 'plugin copied into sandbox plugins cache');
+});

package/claude-plugin/scripts/cg-answer.js

@@ -114,7 +114,16 @@ function runGrepAnswer(opts = {}) {
       // The CLI skips its recommendations.jsonl `use` record when this is set.
       env: { ...process.env, CODE_GRAPH_INTERNAL: '1' },
     });
-    if (res.error || res.signal || res.status !== 0) {
+    if (res.error || res.signal) {
+      return { status: 'unavailable' };
+    }
+    // v0.50 grep-parity exit codes: 0 = matched, 1 = no match, 2 = error.
+    // Older binaries exit 0 on no-match with the NO_MATCH_PREFIX on stderr
+    // (stdout empty) — both shapes resolve to 'no-hits' below.
+    if (res.status === 1) {
+      return { status: 'no-hits' };
+    }
+    if (res.status !== 0) {
       return { status: 'unavailable' };
     }
     const out = (res.stdout || '').trim();

package/claude-plugin/scripts/cg-answer.test.js

@@ -21,6 +21,9 @@ if (pattern === 'HangForever') { setTimeout(() => {}, 60000); }
 else if (pattern === 'ExplodePlease') { process.exit(3); }
 else if (pattern === 'NothingHere') {
   process.stdout.write('[code-graph] No matches for: NothingHere\\n');
+} else if (pattern === 'NothingHereExit1') {
+  // v0.50 grep-parity binary: no match → empty stdout + exit 1
+  process.exit(1);
 } else {
   process.stdout.write(
     'src/storage/db.rs:42  fn ' + pattern + '() {\\n' +
@@ -81,7 +84,13 @@ test('runGrepAnswer: CLI "[code-graph] No matches" → status no-hits', () => {
   assert.equal(r.status, 'no-hits');
 });
 
-test('runGrepAnswer: nonzero exit → unavailable', () => {
+test('runGrepAnswer: exit 1 (v0.50 grep-parity no-match) → status no-hits', () => {
+  const r = runGrepAnswer({ cwd: stubDir, pattern: 'NothingHereExit1', binary: stubBinary() });
+  assert.equal(r.status, 'no-hits',
+    'grep-parity exit 1 means no match, not a failed binary');
+});
+
+test('runGrepAnswer: exit >1 → unavailable', () => {
   const r = runGrepAnswer({ cwd: stubDir, pattern: 'ExplodePlease', binary: stubBinary() });
   assert.equal(r.status, 'unavailable');
 });

package/claude-plugin/scripts/doctor.js

@@ -7,7 +7,7 @@ const os = require('os');
 const { readBinaryVersion, isDevMode, getNewestMtime } = require('./version-utils');
 const {
   getPluginVersion, readJson, healthCheck, CACHE_DIR,
-  isOurHookEntry, settingsPath, buildSettingsHookEntries,
+  settingsPath, surveyHookCoverage,
 } = require('./lifecycle');
 const { findBinary, clearCache: clearBinaryCache } = require('./find-binary');
 
@@ -234,49 +234,6 @@ function runDiagnostics() {
   return results;
 }
 
-// Inventory of (event, matcher) tuples we expect to find in settings.json after
-// install. Used by doctor to detect missing entries.
-function surveyHookCoverage(settings) {
-  const desired = buildSettingsHookEntries();
-  const expected = [];
-  const desiredCmd = {}; // key -> command string we would write now
-  for (const [event, entries] of Object.entries(desired)) {
-    for (const e of entries) {
-      const key = `${event}:${e.matcher || '*'}`;
-      expected.push(key);
-      desiredCmd[key] = e.hooks && e.hooks[0] && e.hooks[0].command;
-    }
-  }
-
-  const present = new Set();
-  const presentCmd = {}; // key -> command currently registered
-  if (settings && settings.hooks) {
-    for (const [event, entries] of Object.entries(settings.hooks)) {
-      if (!Array.isArray(entries)) continue;
-      for (const entry of entries) {
-        if (isOurHookEntry(entry)) {
-          const key = `${event}:${entry.matcher || '*'}`;
-          present.add(key);
-          if (entry.hooks && entry.hooks[0] && entry.hooks[0].command) {
-            presentCmd[key] = entry.hooks[0].command;
-          }
-        }
-      }
-    }
-  }
-
-  const missing = expected.filter(k => !present.has(k));
-  // Stale = present but the registered command no longer matches what we'd write
-  // now (points at an old plugin-cache version dir / moved path). A stale path can
-  // run pre-recordRecommendation hook code, so the hook fires but the conversion
-  // metric stays dark — invisible to a present/absent check. This is the
-  // 0.45.1-registered-while-0.45.4-active case the RCA surfaced.
-  const stale = expected.filter(k =>
-    present.has(k) && desiredCmd[k] && presentCmd[k] && presentCmd[k] !== desiredCmd[k]
-  );
-  return { expected, present: [...present], missing, stale };
-}
-
 // ── Report Formatting ─────────────────────────────────────
 
 const STATUS_ICONS = { ok: '\u2705', warn: '\u26a0\ufe0f', error: '\u274c', skip: '\u2796' };
@@ -306,6 +263,26 @@ function formatReport(results) {
 
 // ── Repair Actions ────────────────────────────────────────
 
+/**
+ * v0.50.0: settings-writing repairs get the same stale-relic guard as
+ * session-init. A doctor launched from an old plugin-cache version dir would
+ * otherwise install() and re-anchor manifest + settings.json hook paths to the
+ * relic — the exact downgrade war the guard exists for, just user-triggered.
+ * Returns true (and prints redirection) when this copy must NOT write config.
+ * `relic` is injectable for tests.
+ */
+function relicRepairGuard({ log = console.log, relic = undefined } = {}) {
+  const { isStaleRelicContext, activeInstallPath } = require('./lifecycle');
+  const isRelic = relic !== undefined ? relic : isStaleRelicContext();
+  if (!isRelic) return false;
+  const active = activeInstallPath();
+  log('  ⚠ This doctor copy is not the active install (installed_plugins.json points elsewhere) — skipping settings repair.');
+  if (active) {
+    log(`  Run the active copy instead: node "${path.join(active, 'scripts', 'doctor.js')}"`);
+  }
+  return true;
+}
+
 function runRepairs(results) {
   const fixable = results.filter(r => r.fixId);
   if (fixable.length === 0) return 0;
@@ -425,6 +402,7 @@ function runRepairs(results) {
 
       case 'hooks-invalid': {
         console.log('\n  Repairing hooks...');
+        if (relicRepairGuard()) break;
         const { install } = require('./lifecycle');
         install();
         console.log('  \u2705 Hooks repaired \u2014 restart Claude Code to apply');
@@ -434,6 +412,7 @@ function runRepairs(results) {
 
       case 'missing-hooks-in-settings': {
         console.log('\n  Registering code-graph hooks in settings.json...');
+        if (relicRepairGuard()) break;
         const { install } = require('./lifecycle');
         const r = install();
         if (r.hooksRegistered) {
@@ -474,7 +453,7 @@ function runDoctor(opts = {}) {
   return { results, issueCount: issues.length };
 }
 
-module.exports = { runDiagnostics, formatReport, runRepairs, runDoctor, surveyHookCoverage };
+module.exports = { runDiagnostics, formatReport, runRepairs, runDoctor, surveyHookCoverage, relicRepairGuard };
 
 if (require.main === module) {
   const args = process.argv.slice(2);

package/claude-plugin/scripts/doctor.test.js

@@ -80,3 +80,16 @@ test('surveyHookCoverage flags missing entries when settings empty', () => {
   assert.ok(cov.missing.length === cov.expected.length, 'all expected entries missing');
   assert.equal(cov.stale.length, 0, 'nothing present to be stale');
 });
+
+// ── relicRepairGuard (v0.50.0 — doctor twin of the session-init relic guard) ──
+
+test('relicRepairGuard blocks settings repair from a relic copy and redirects', () => {
+  const { relicRepairGuard } = require('./doctor');
+  const lines = [];
+  // Relic context → guard fires, prints the redirect, returns true (skip install).
+  assert.equal(relicRepairGuard({ relic: true, log: (s) => lines.push(s) }), true);
+  assert.ok(lines.some(l => l.includes('not the active install')),
+    `guard must explain why repair is skipped, got: ${lines.join(' | ')}`);
+  // Active (or dev/npm) context → repair proceeds.
+  assert.equal(relicRepairGuard({ relic: false, log: () => {} }), false);
+});

package/claude-plugin/scripts/lifecycle.js

@@ -75,6 +75,48 @@ function hasInstalledPluginRecord() {
   return !!(installed && installed.plugins && Array.isArray(installed.plugins[PLUGIN_ID]) && installed.plugins[PLUGIN_ID].length > 0);
 }
 
+/** The installPath Claude Code currently considers active (installed_plugins.json), or null. */
+function activeInstallPath() {
+  const installed = readJson(installedPluginsPath());
+  const recs = installed && installed.plugins && installed.plugins[PLUGIN_ID];
+  if (!Array.isArray(recs) || !recs[0] || typeof recs[0].installPath !== 'string') return null;
+  return recs[0].installPath;
+}
+
+/**
+ * Stale-relic detection: is THIS script running from an old plugin-cache
+ * version dir while installed_plugins.json points at a different (active)
+ * install that exists on disk?
+ *
+ * Why: a still-running Claude Code process keeps firing SessionStart from the
+ * install path it loaded at startup. After auto-update installs vN+1 and
+ * re-anchors manifest + settings.json, the next SessionStart in that old
+ * process runs the vN scripts, whose syncLifecycleConfig sees
+ * `manifest.version !== currentVersion` and — direction-blind — calls
+ * update(), dragging manifest and every settings.json hook path back to the
+ * vN dir. The two versions then ping-pong (observed live 2026-06-12: manifest
+ * 0.49.0 → rewritten 0.48.0 fifteen minutes after a successful update).
+ *
+ * The authority is installed_plugins.json, not version direction: a deliberate
+ * downgrade via /plugin lands installPath == the old dir, so the old scripts
+ * keep full self-heal rights. Dev checkouts and npm installs are exempt
+ * (pluginRoot not under the plugins cache).
+ */
+function isStaleRelicContext({
+  pluginRoot = PLUGIN_ROOT,
+  cacheRoot = pluginsCacheDir(),
+  activePath = activeInstallPath(),
+  existsSync = fs.existsSync,
+} = {}) {
+  if (!activePath) return false;
+  const root = path.resolve(pluginRoot);
+  const cache = path.resolve(cacheRoot);
+  if (root !== cache && !root.startsWith(cache + path.sep)) return false;
+  const active = path.resolve(activePath);
+  if (active === root) return false;
+  return existsSync(path.join(active, 'scripts', 'lifecycle.js'));
+}
+
 function isOurComposite(settings) {
   return settings.statusLine &&
     settings.statusLine.command &&
@@ -377,6 +419,50 @@ function registerHooksToSettings(settings) {
   return before !== JSON.stringify(settings.hooks);
 }
 
+// Inventory of (event, matcher) tuples we expect to find in settings.json after
+// install. Consumed by doctor (report + fix) and session-init (self-heal):
+// `missing` = entry absent; `stale` = present but the registered command no
+// longer matches what we'd write now (points at an old plugin-cache version
+// dir / moved path). A stale path can run pre-recordRecommendation hook code,
+// so the hook fires but the conversion metric stays dark — invisible to a
+// present/absent check. This is the 0.45.1-registered-while-0.45.4-active
+// case the RCA surfaced.
+function surveyHookCoverage(settings) {
+  const desired = buildSettingsHookEntries();
+  const expected = [];
+  const desiredCmd = {}; // key -> command string we would write now
+  for (const [event, entries] of Object.entries(desired)) {
+    for (const e of entries) {
+      const key = `${event}:${e.matcher || '*'}`;
+      expected.push(key);
+      desiredCmd[key] = e.hooks && e.hooks[0] && e.hooks[0].command;
+    }
+  }
+
+  const present = new Set();
+  const presentCmd = {}; // key -> command currently registered
+  if (settings && settings.hooks) {
+    for (const [event, entries] of Object.entries(settings.hooks)) {
+      if (!Array.isArray(entries)) continue;
+      for (const entry of entries) {
+        if (isOurHookEntry(entry)) {
+          const key = `${event}:${entry.matcher || '*'}`;
+          present.add(key);
+          if (entry.hooks && entry.hooks[0] && entry.hooks[0].command) {
+            presentCmd[key] = entry.hooks[0].command;
+          }
+        }
+      }
+    }
+  }
+
+  const missing = expected.filter(k => !present.has(k));
+  const stale = expected.filter(k =>
+    present.has(k) && desiredCmd[k] && presentCmd[k] && presentCmd[k] !== desiredCmd[k]
+  );
+  return { expected, present: [...present], missing, stale };
+}
+
 // --- Install (idempotent) ---
 
 function install() {
@@ -673,6 +759,8 @@ module.exports = {
   getPluginVersion, cleanupOldCacheVersions,
   removeHooksFromSettings, isOurHookEntry,
   registerHooksToSettings, buildSettingsHookEntries,                  // v0.32.0
+  surveyHookCoverage, compositeCommand,                                // v0.49.1 — version-aware self-heal
+  activeInstallPath, isStaleRelicContext,                              // v0.49.1 — stale-relic downgrade guard
   SETTINGS_HOOK_DESC, OUR_HOOK_SCRIPTS, OUR_DESCRIPTIONS,              // v0.32.0 — for tests
   PLUGIN_ROOT,                                                         // v0.32.1 — for tests / consumers
   registerStatuslineProvider, unregisterStatuslineProvider,

package/claude-plugin/scripts/lifecycle.test.js

@@ -660,4 +660,43 @@ test('scanForBrokenPaths is exported and returns the issue structure', (t) => {
   assert.ok(Array.isArray(issues));
   assert.ok(issues.some(i => i.type === 'hook' && i.event === 'PreToolUse' && i.path.includes('/nonexistent/')),
     'scanForBrokenPaths must report the seeded broken hook entry');
-});
+});
+// ── isStaleRelicContext (v0.49.1 downgrade-war guard) ──────────────────────
+
+test('isStaleRelicContext: relic in plugins cache defers to a different active install', (t) => {
+  const { isStaleRelicContext } = require('./lifecycle');
+  const cacheRoot = '/home/u/.claude/plugins/cache';
+  const relicRoot = `${cacheRoot}/code-graph-mcp/code-graph-mcp/0.48.0`;
+  const activeRoot = `${cacheRoot}/code-graph-mcp/code-graph-mcp/0.49.0`;
+
+  // The downgrade-war case: running from old cache dir, active points elsewhere.
+  assert.equal(isStaleRelicContext({
+    pluginRoot: relicRoot, cacheRoot, activePath: activeRoot,
+    existsSync: () => true,
+  }), true);
+
+  // Running FROM the active install → full self-heal rights.
+  assert.equal(isStaleRelicContext({
+    pluginRoot: activeRoot, cacheRoot, activePath: activeRoot,
+    existsSync: () => true,
+  }), false);
+
+  // Dev checkout / npm install (pluginRoot outside the plugins cache) → exempt.
+  assert.equal(isStaleRelicContext({
+    pluginRoot: '/repo/code-graph-mcp/claude-plugin', cacheRoot, activePath: activeRoot,
+    existsSync: () => true,
+  }), false);
+
+  // No installed_plugins record → exempt (nothing authoritative to defer to).
+  assert.equal(isStaleRelicContext({
+    pluginRoot: relicRoot, cacheRoot, activePath: null,
+    existsSync: () => true,
+  }), false);
+
+  // Active path recorded but its lifecycle.js is gone (cache wiped) → the
+  // relic is the only working copy left; keep self-heal rights.
+  assert.equal(isStaleRelicContext({
+    pluginRoot: relicRoot, cacheRoot, activePath: activeRoot,
+    existsSync: () => false,
+  }), false);
+});

package/claude-plugin/scripts/pre-grep-guide.js

@@ -242,6 +242,44 @@ function extractSedReadTargets(cmd) {
   return out;
 }
 
+// v0.50 — a compound command (`grep …; sed -n 1,60p f` / `grep … && wc`) is
+// denied WHOLE, but the answer covers only the grep. The 2026-06-13 mem-project
+// deny swallowed a `; sed` read while the copy said "use these results directly
+// instead of re-running" — the tail's intent was silently dropped. Extract the
+// first top-level `;`/`&&` tail (quote-aware) so the deny can flag it for
+// re-issue. `||` tails are skipped: the answer delivered hits, so the on-failure
+// branch would not have run anyway. Pipes/redirects are the same pipeline.
+function extractUnansweredTail(cmd) {
+  if (!cmd || typeof cmd !== 'string' || cmd.length > 2000) return null;
+  let quote = null;
+  for (let i = 0; i < cmd.length; i++) {
+    const c = cmd[i];
+    if (quote) {
+      if (c === quote) quote = null;
+      continue;
+    }
+    if (c === '"' || c === "'") { quote = c; continue; }
+    if (c === ';' || (c === '&' && cmd[i + 1] === '&')) {
+      const tail = cmd.slice(i + (c === ';' ? 1 : 2)).trim();
+      return tail || null;
+    }
+  }
+  return null;
+}
+
+// Shared deny-copy footer for the unanswered compound tail. Budget-conscious:
+// two lines, verbatim command so the model can re-issue without thinking.
+// Wording is path-neutral — it must stay true for BOTH the answered deny
+// ("grep half answered, tail wasn't") and the static fallback (nothing was).
+function appendUnansweredTailNote(lines, tail) {
+  if (!tail) return;
+  const shown = tail.length > 300 ? tail.slice(0, 300) + '…' : tail;
+  lines.push(
+    'NOTE: the rest of this compound command (after the grep) did NOT run — re-issue it separately:',
+    `$ ${shown}`,
+  );
+}
+
 // v0.47.0 — pull the first source-tree path token out of the denied command so
 // the inline answer can scope its search the same way the raw grep would have.
 function extractSearchPath(cmd) {
@@ -282,7 +320,7 @@ function buildHint() {
   // Terse, no banner spam. Single message budget ~600 bytes.
   return [
     '[code-graph] Raw `grep`/`rg` on indexed source — consider AST-aware equivalents:',
-    '  • code-graph-mcp grep "<pat>" <path>          # grep + containing fn/module per hit',
+    '  • code-graph-mcp grep "<pat>" [paths...]      # grep + containing fn/module per hit (-F literal, -i, -w, -l, -C N)',
     '  • code-graph-mcp ast-search "<pat>" --type fn # filter by type/returns/params',
     '  • code-graph-mcp callgraph SYMBOL             # callers + callees, repo-wide',
     '  • code-graph-mcp show SYMBOL                  # one symbol: signature + source',
@@ -290,20 +328,22 @@ function buildHint() {
   ].join('\n');
 }
 
-function buildBlockReason() {
+function buildBlockReason(unansweredTail) {
   // Shown to Claude via PreToolUse `decision: block` reason. Must give a
   // concrete alternate command Claude can re-issue without further thinking.
   // v0.49 — NO escape-hatch line anywhere in deny copy: the daagu 2026-06-12
   // night proved even the "THIS command only" scoping reads as a teachable
   // permanent prefix (adopted in 8s, reused 11×, incl. on the exact identifier
   // searches this hook targets). The env opt-out stays documented in README.
-  return [
+  const lines = [
     '[code-graph] Raw `grep -rn` on indexed source — denied by code-graph hook.',
     'Use the AST-aware equivalent (returns containing fn/module per hit, repo-wide):',
-    '  code-graph-mcp grep "<pattern>" <path>          # FTS + AST context per hit',
+    '  code-graph-mcp grep "<pattern>" [paths...]      # AST context per hit; -F literal, -i, -w, -l, -C N, --max-count 0',
     '  code-graph-mcp ast-search "<pattern>" --type fn # filter by node type',
     '  code-graph-mcp callgraph SYMBOL                 # callers + callees',
-  ].join('\n');
+  ];
+  appendUnansweredTailNote(lines, unansweredTail);
+  return lines.join('\n');
 }
 
 // v0.47.0 — deny WITH the answer inline. Hint-only had ~0% transfer and a bare
@@ -313,7 +353,7 @@ function buildBlockReason() {
 // advertising the bypass taught it a permanent prefix within 5 seconds (daagu
 // 2026-06-11: one deny → 14 bypassed greps). The static deny keeps a scoped
 // escape because there we give no answer.
-function buildBlockReasonWithAnswer(pattern, searchPath, answer) {
+function buildBlockReasonWithAnswer(pattern, searchPath, answer, unansweredTail) {
   const cmdShown = `code-graph-mcp grep "${pattern}"${searchPath ? ` ${searchPath}` : ''}`;
   const lines = [
     '[code-graph] Raw `grep` on indexed source — denied; the AST-aware equivalent already ran for you:',
@@ -326,6 +366,7 @@ function buildBlockReasonWithAnswer(pattern, searchPath, answer) {
   lines.push(
     'Each hit shows its containing fn/module — use these results directly instead of re-running the search.',
   );
+  appendUnansweredTailNote(lines, unansweredTail);
   return lines.join('\n');
 }
 
@@ -333,7 +374,7 @@ function buildBlockReasonWithAnswer(pattern, searchPath, answer) {
 // context flags (-A/-B/-C = "show me the body"); the answer IS the bodies,
 // fetched via `code-graph-mcp show`. answer.text already carries per-symbol
 // `$ code-graph-mcp show <sym>` headers.
-function buildShowDenyReason(answer) {
+function buildShowDenyReason(answer, unansweredTail) {
   const lines = [
     '[code-graph] Raw grep for symbol definitions — denied; here are the definitions from the AST index:',
     answer.text,
@@ -342,6 +383,7 @@ function buildShowDenyReason(answer) {
     lines.push('(truncated — re-run the `code-graph-mcp show <symbol>` command above for full source)');
   }
   lines.push('Use these directly instead of re-running the search.');
+  appendUnansweredTailNote(lines, unansweredTail);
   return lines.join('\n');
 }
 
@@ -364,7 +406,7 @@ function translateBreToRg(cmd, pattern) {
 // ripgrep) mean 0 hits is NOT proof of absence, so denying here could mislead.
 // Let the raw grep through with an honest one-liner.
 function buildNoHitsFyi(pattern) {
-  return `[code-graph] FYI: \`code-graph-mcp grep "${pattern}"\` found no matches — raw grep proceeding.`;
+  return `[code-graph] FYI: \`code-graph-mcp grep "${pattern}"\` found no matches — raw grep proceeding. (Regex-metachar patterns: \`code-graph-mcp grep -F\` searches literally.)`;
 }
 
 // --- Main execution (only when run directly) ---
@@ -483,20 +525,26 @@ function runMain() {
     // is the documented modern path. Exit 0 — this is a routing decision, not
     // a hook failure (exit 2 would mark the tool call as "hook errored").
     const answered = answer.status === 'hits';
+    // v0.50 — flag the unanswered `;`/`&&` tail. Extracted from rawCmd: its
+    // paths are valid in the model's shell cwd, where the re-issue will run.
+    const unansweredTail = extractUnansweredTail(rawCmd);
     recordRecommendation(root, {
       hook: 'grep', action: 'deny', answered,
       // mode segments which answer type converts (show=bodies, grep=hits).
       ...(answered ? { mode: answeredMode } : {}),
+      // tail segments compound-command denies — lets the funnel compare
+      // re-issue behavior for denies that carried a tail note.
+      ...(unansweredTail ? { tail: true } : {}),
     });
     process.stdout.write(JSON.stringify({
       hookSpecificOutput: {
         hookEventName: 'PreToolUse',
         permissionDecision: 'deny',
         permissionDecisionReason: !answered
-          ? buildBlockReason()
+          ? buildBlockReason(unansweredTail)
           : answeredMode === 'show'
-            ? buildShowDenyReason(answer)
-            : buildBlockReasonWithAnswer(pattern, searchPath, answer),
+            ? buildShowDenyReason(answer, unansweredTail)
+            : buildBlockReasonWithAnswer(pattern, searchPath, answer, unansweredTail),
       },
     }) + '\n');
     return;
@@ -518,6 +566,7 @@ module.exports = {
   translateBreToRg,      // v0.49 — BRE→rust-regex dialect bridge
   buildShowDenyReason,   // v0.49 — show-mode deny copy
   extractSedReadTargets, // v0.49 — sed-range reads feed the read-fanout state
+  extractUnansweredTail, // v0.50 — compound-tail honesty in answered denies
   extractPatterns,    // v0.32.1 — exposed for tests
   extractSearchPath,  // v0.47.0 — deny-with-answer
   normalizeCommandPaths, // v0.47.1 — abs-path matcher fix

package/claude-plugin/scripts/pre-grep-guide.test.js

@@ -9,6 +9,7 @@ const {
   translateBreToRg,
   buildShowDenyReason,
   extractSedReadTargets,
+  extractUnansweredTail,
   extractPatterns,
   extractSearchPath,
   normalizeCommandPaths,
@@ -741,6 +742,78 @@ test('buildBlockReasonWithAnswer: truncated flag adds marker', () => {
   assert.match(reason, /truncated/);
 });
 
+// ── v0.50 compound-command tail: deny answers the grep, NOT the rest ─
+
+test('extractUnansweredTail: `; sed` tail after piped grep (2026-06-13 real deny shape)', () => {
+  assert.equal(
+    extractUnansweredTail(
+      'grep -n "mem_update\\|registerTool" tests/server.test.mjs | head -20; sed -n \'1,60p\' tests/server.test.mjs'),
+    "sed -n '1,60p' tests/server.test.mjs");
+});
+
+test('extractUnansweredTail: && tail is unanswered (would have run on grep success)', () => {
+  assert.equal(
+    extractUnansweredTail('grep -rn "fts5_search" src/ && wc -l src/storage/db.rs'),
+    'wc -l src/storage/db.rs');
+});
+
+test('extractUnansweredTail: quoted separators are pattern text, not a tail', () => {
+  assert.equal(extractUnansweredTail('grep -rn "a;b" src/'), null);
+  assert.equal(extractUnansweredTail("grep -rn 'a && b' src/"), null);
+});
+
+test('extractUnansweredTail: pipes and redirects are the same pipeline, not a tail', () => {
+  assert.equal(extractUnansweredTail('grep -rn "Foo" src/ 2>&1 | head -10'), null);
+});
+
+test('extractUnansweredTail: || branch would NOT have run on hits — no tail', () => {
+  assert.equal(extractUnansweredTail('grep -rn "Foo" src/ || echo none'), null);
+});
+
+test('extractUnansweredTail: trailing separator with nothing after → no tail', () => {
+  assert.equal(extractUnansweredTail('grep -rn "Foo" src/;'), null);
+});
+
+test('buildBlockReasonWithAnswer: compound tail → note says the rest did NOT run', () => {
+  const reason = buildBlockReasonWithAnswer('fts5_search', 'src/', {
+    status: 'hits', text: 'hit', truncated: false,
+  }, "sed -n '1,60p' tests/server.test.mjs");
+  assert.match(reason, /did NOT run/);
+  assert.match(reason, /sed -n '1,60p' tests\/server\.test\.mjs/);
+});
+
+test('buildBlockReasonWithAnswer: no tail → no compound note', () => {
+  const reason = buildBlockReasonWithAnswer('fts5_search', 'src/', {
+    status: 'hits', text: 'hit', truncated: false,
+  });
+  assert.doesNotMatch(reason, /did NOT run/);
+});
+
+test('buildShowDenyReason: compound tail → note says the rest did NOT run', () => {
+  const reason = buildShowDenyReason(
+    { status: 'hits', text: 'fn body', truncated: false },
+    'cargo test -q');
+  assert.match(reason, /did NOT run/);
+  assert.match(reason, /cargo test -q/);
+});
+
+test('buildShowDenyReason: no tail → no compound note', () => {
+  const reason = buildShowDenyReason({ status: 'hits', text: 'fn body', truncated: false });
+  assert.doesNotMatch(reason, /did NOT run/);
+});
+
+test('buildBlockReason: compound tail → static deny also flags the unanswered tail', () => {
+  const reason = buildBlockReason("sed -n '1,60p' tests/server.test.mjs");
+  assert.match(reason, /did NOT run/);
+  assert.match(reason, /sed -n '1,60p' tests\/server\.test\.mjs/);
+});
+
+test('buildBlockReason: no tail → unchanged static deny', () => {
+  const reason = buildBlockReason();
+  assert.match(reason, /denied by code-graph hook/);
+  assert.doesNotMatch(reason, /did NOT run/);
+});
+
 test('buildNoHitsFyi: names the pattern and says raw grep proceeds', () => {
   const fyi = buildNoHitsFyi('GhostSymbol');
   assert.match(fyi, /GhostSymbol/);
@@ -903,6 +976,75 @@ test('e2e: CODE_GRAPH_NO_ANSWER_IN_DENY=1 → static deny even when stub would h
   }
 });
 
+test('e2e: compound `grep …; sed` → deny answers grep AND flags the unanswered sed tail', () => {
+  const uniq = `StubTail${Date.now()}`;
+  const fixture = e2eFixture(
+    `process.stdout.write('src/foo.rs:7  fn ' + process.argv[3] + '()\\n');`);
+  const cmd = `grep -n "${uniq}" src/foo.rs | head -20; sed -n '100,160p' src/foo.rs`;
+  try {
+    fsE2e.mkdirSync(pathE2e.join(fixture.dir, 'src'), { recursive: true });
+    fsE2e.writeFileSync(pathE2e.join(fixture.dir, 'src', 'foo.rs'), 'fn x() {}\n');
+    const res = runHook(cmd, fixture);
+    assert.equal(res.status, 0);
+    const out = JSON.parse(res.stdout);
+    assert.equal(out.hookSpecificOutput.permissionDecision, 'deny');
+    const reason = out.hookSpecificOutput.permissionDecisionReason;
+    assert.match(reason, /src\/foo\.rs:7/);            // grep half answered
+    assert.match(reason, /did NOT run/);               // tail flagged honestly
+    assert.match(reason, /sed -n '100,160p' src\/foo\.rs/); // verbatim re-issue line
+    // funnel: the deny record marks that a tail note was carried
+    const recs = fsE2e.readFileSync(
+      pathE2e.join(fixture.dir, '.code-graph', 'recommendations.jsonl'), 'utf8');
+    const rec = JSON.parse(recs.trim().split('\n').pop());
+    assert.equal(rec.action, 'deny');
+    assert.equal(rec.tail, true);
+  } finally {
+    cleanupFixture(fixture, cmd);
+  }
+});
+
+test('e2e: compound cmd + answer failure → STATIC deny still flags tail + records tail:true', () => {
+  const uniq = `StubTailBoom${Date.now()}`;
+  const fixture = e2eFixture(`process.exit(3);`);
+  const cmd = `grep -n "${uniq}" src/foo.rs && cargo test -q`;
+  try {
+    fsE2e.mkdirSync(pathE2e.join(fixture.dir, 'src'), { recursive: true });
+    fsE2e.writeFileSync(pathE2e.join(fixture.dir, 'src', 'foo.rs'), 'fn x() {}\n');
+    const res = runHook(cmd, fixture);
+    assert.equal(res.status, 0);
+    const out = JSON.parse(res.stdout);
+    assert.equal(out.hookSpecificOutput.permissionDecision, 'deny');
+    const reason = out.hookSpecificOutput.permissionDecisionReason;
+    assert.match(reason, /denied by code-graph hook/);  // static fallback path
+    assert.match(reason, /did NOT run/);
+    assert.match(reason, /cargo test -q/);
+    const rec = JSON.parse(fsE2e.readFileSync(
+      pathE2e.join(fixture.dir, '.code-graph', 'recommendations.jsonl'), 'utf8').trim());
+    assert.equal(rec.answered, false);
+    assert.equal(rec.tail, true);
+  } finally {
+    cleanupFixture(fixture, cmd);
+  }
+});
+
+test('e2e: simple (non-compound) denied grep → no tail field in the deny record', () => {
+  const uniq = `StubNoTail${Date.now()}`;
+  const fixture = e2eFixture(
+    `process.stdout.write('src/foo.rs:7  fn ' + process.argv[3] + '()\\n');`);
+  const cmd = `grep -rn "${uniq}" src/`;
+  try {
+    const res = runHook(cmd, fixture);
+    const out = JSON.parse(res.stdout);
+    assert.equal(out.hookSpecificOutput.permissionDecision, 'deny');
+    const rec = JSON.parse(fsE2e.readFileSync(
+      pathE2e.join(fixture.dir, '.code-graph', 'recommendations.jsonl'), 'utf8').trim());
+    assert.equal(rec.action, 'deny');
+    assert.equal('tail' in rec, false);
+  } finally {
+    cleanupFixture(fixture, cmd);
+  }
+});
+
 // ── v0.48 subdir-cwd dark fix: resolveProjectRoot / rebaseRelativePaths ──
 // daagu 2026-06-11: the persistent shell `cd backend/` darkened 38/40
 // head-greps for the rest of the night — gate 5 checked process.cwd() only.

package/claude-plugin/scripts/session-init.js

@@ -6,7 +6,7 @@ const fs = require('fs');
 const {
   install, update, readManifest, getPluginVersion, checkScopeConflict,
   cleanupDisabledStatusline, isPluginInactive, readJson, CACHE_DIR,
-  settingsPath,
+  settingsPath, isStaleRelicContext,
 } = require('./lifecycle');
 const { readBinaryVersion, isDevMode, getNewestMtime } = require('./version-utils');
 const { maybeAutoAdopt, isAdopted } = require('./adopt');
@@ -55,6 +55,15 @@ function launchBackgroundAutoUpdate(spawnFn = spawn, env = process.env) {
 }
 
 function syncLifecycleConfig() {
+  // v0.49.1: stale-relic guard. A still-running Claude Code process fires
+  // SessionStart from the plugin-cache dir it loaded at startup; after
+  // auto-update installs a newer version, those old scripts would see
+  // `manifest.version !== currentVersion` below and — direction-blind —
+  // call update(), dragging manifest + every settings.json hook path back
+  // to the old dir (upgrade↔downgrade ping-pong, observed live 2026-06-12).
+  // installed_plugins.json is the authority on which install may self-heal.
+  if (isStaleRelicContext()) return 'deferred-to-active-install';
+
   const manifest = readManifest();
   const currentVersion = getPluginVersion();
 
@@ -81,6 +90,14 @@ function syncLifecycleConfig() {
     install();
     return 'self-healed-bad-path';
   }
+  // v0.49.1: also self-heal when the composite path exists but is not the one
+  // we'd write now (old plugin-cache version dir that still exists on disk —
+  // invisible to the existence check above; same fault class as the binary pin).
+  const { compositeCommand } = require('./lifecycle');
+  if (settings.statusLine.command !== compositeCommand()) {
+    install();
+    return 'self-healed-stale-statusline';
+  }
   // Self-heal if any hook command points to a non-existent script (path pollution)
   if (settings.hooks) {
     for (const entries of Object.values(settings.hooks)) {
@@ -101,18 +118,20 @@ function syncLifecycleConfig() {
   // (e.g. user manually edited settings.json, or settings.json got rewritten
   // by another tool that didn't preserve our entries). Without this, the
   // user silently loses PreToolUse/PostToolUse hooks until next plugin update.
-  const { isOurHookEntry, buildSettingsHookEntries } = require('./lifecycle');
-  const desired = buildSettingsHookEntries();
-  for (const [event, desiredEntries] of Object.entries(desired)) {
-    const presentMatchers = new Set(
-      (settings.hooks?.[event] || []).filter(isOurHookEntry).map(e => e.matcher || '*')
-    );
-    for (const e of desiredEntries) {
-      if (!presentMatchers.has(e.matcher || '*')) {
-        install();
-        return 'self-healed-missing-settings-hook';
-      }
-    }
+  // v0.49.1: upgraded from matcher-presence to surveyHookCoverage so a
+  // present-but-stale command path (old plugin-cache version dir that still
+  // exists) also heals. Previously only doctor checked staleness, so if the
+  // auto-update re-register step failed silently, users kept running old hook
+  // code indefinitely — the settings.json sibling of the binary-pin bug.
+  const { surveyHookCoverage } = require('./lifecycle');
+  const cov = surveyHookCoverage(settings);
+  if (cov.missing.length > 0) {
+    install();
+    return 'self-healed-missing-settings-hook';
+  }
+  if (cov.stale.length > 0) {
+    install();
+    return 'self-healed-stale-settings-hook';
   }
   return 'noop';
 }
@@ -298,6 +317,11 @@ function runSessionInit() {
   }
 
   const lifecycle = syncLifecycleConfig();
+  // v0.49.1: a stale relic (see isStaleRelicContext) must not write ANY
+  // versioned state — that includes the adoption template: maybeAutoAdopt's
+  // drift-refresh would "refresh" MEMORY.md back to the relic's OLD shipped
+  // template, the adoption-surface twin of the settings.json downgrade war.
+  const isRelic = lifecycle === 'deferred-to-active-install';
 
   // Verify binary availability — catch issues early with actionable diagnostics
   const binaryCheck = verifyBinary();
@@ -308,7 +332,7 @@ function runSessionInit() {
   // v0.9.0 C' 上下文感知默认：插件模式下首次 SessionStart 自动 adopt。
   // v0.11.0: 已 adopt 的项目如果 shipped template 漂移也会触发一次刷新。
   // 两种情况都发一次 stderr 提示，让用户知道发生了什么 + 如何回退。
-  const autoAdopt = maybeAutoAdopt({ scriptPath: __dirname });
+  const autoAdopt = isRelic ? { attempted: false, result: null } : maybeAutoAdopt({ scriptPath: __dirname });
   if (autoAdopt.attempted && autoAdopt.result && autoAdopt.result.ok) {
     if (autoAdopt.reason === 'refreshed') {
       process.stderr.write(

package/claude-plugin/templates/plugin_code_graph_mcp.md

@@ -42,6 +42,9 @@ type: reference
 > ToolSearch 加载），而 Bash 永远在线——真实编程夜（2026-06-12）观测到的全部
 > 转化都是 CLI 调用。结构化查询的最快路径是 Bash 直呼
 > `code-graph-mcp callgraph X / show X / overview <dir> / grep "pat" / impact X`。
+> `grep` 是 drop-in 替代：`-F` 字面 / `-i` / `-w` / `-l` / `-A/-B/-C N` 上下文 /
+> 多路径 / `--max-count 0`，退出码兼容 grep（0/1/2），召回达 git-grep 级
+> （tracked-but-gitignored 也能搜到），每条命中标注所属 fn/class。
 >
 > v0.10.0 起：tools/list 默认只暴露 7 个核心工具；下表"进阶 5"中的工具
 > 已从 tools/list 隐藏以节省 session 启动 tokens。**Claude Code 里请走 CLI

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sdsrs/code-graph",
-  "version": "0.49.0",
+  "version": "0.50.0",
   "description": "MCP server that indexes codebases into an AST knowledge graph with semantic search, call graph traversal, and HTTP route tracing",
   "license": "MIT",
   "repository": {
@@ -35,10 +35,10 @@
     "node": ">=16"
   },
   "optionalDependencies": {
-    "@sdsrs/code-graph-linux-x64": "0.49.0",
-    "@sdsrs/code-graph-linux-arm64": "0.49.0",
-    "@sdsrs/code-graph-darwin-x64": "0.49.0",
-    "@sdsrs/code-graph-darwin-arm64": "0.49.0",
-    "@sdsrs/code-graph-win32-x64": "0.49.0"
+    "@sdsrs/code-graph-linux-x64": "0.50.0",
+    "@sdsrs/code-graph-linux-arm64": "0.50.0",
+    "@sdsrs/code-graph-darwin-x64": "0.50.0",
+    "@sdsrs/code-graph-darwin-arm64": "0.50.0",
+    "@sdsrs/code-graph-win32-x64": "0.50.0"
   }
 }