@smallironman/mcp-memory-keeper 0.12.2-fork1

package/dist/utils/validation.js

@@ -0,0 +1,296 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ValidationError = void 0;
+exports.validateFilePath = validateFilePath;
+exports.validateSearchQuery = validateSearchQuery;
+exports.validateSessionName = validateSessionName;
+exports.validateKey = validateKey;
+exports.validateValue = validateValue;
+exports.validateCategory = validateCategory;
+exports.validatePriority = validatePriority;
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+class ValidationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ValidationError';
+    }
+}
+exports.ValidationError = ValidationError;
+function validateFilePath(filePath, mode) {
+    if (!filePath || typeof filePath !== 'string') {
+        throw new ValidationError('File path must be a non-empty string');
+    }
+    // Check for null bytes
+    if (filePath.includes('\0')) {
+        throw new ValidationError('File path contains invalid characters');
+    }
+    // Check for common Windows reserved names
+    const basename = path.basename(filePath).toLowerCase();
+    const reservedNames = [
+        'con',
+        'prn',
+        'aux',
+        'nul',
+        'com1',
+        'com2',
+        'com3',
+        'com4',
+        'com5',
+        'com6',
+        'com7',
+        'com8',
+        'com9',
+        'lpt1',
+        'lpt2',
+        'lpt3',
+        'lpt4',
+        'lpt5',
+        'lpt6',
+        'lpt7',
+        'lpt8',
+        'lpt9',
+    ];
+    if (reservedNames.includes(basename.split('.')[0])) {
+        throw new ValidationError('File path contains reserved name');
+    }
+    // Normalize the path
+    const normalizedPath = path.normalize(filePath);
+    // Check for path traversal attempts
+    if (normalizedPath.includes('..') || filePath.includes('../') || filePath.includes('..\\')) {
+        throw new ValidationError('Path traversal detected');
+    }
+    // Block access to system directories
+    const blockedPaths = ['/etc/', '/sys/', '/proc/', '\\Windows\\', '\\System32\\'];
+    const lowerPath = normalizedPath.toLowerCase();
+    for (const blocked of blockedPaths) {
+        if (lowerPath.includes(blocked.toLowerCase())) {
+            throw new ValidationError('Access to system directories not allowed');
+        }
+    }
+    // Block absolute paths to sensitive files
+    if (normalizedPath.startsWith('/etc/passwd') || normalizedPath.includes('\\config\\sam')) {
+        throw new ValidationError('Access to sensitive files not allowed');
+    }
+    if (mode === 'read') {
+        // Check if file exists for read operations
+        if (!fs.existsSync(normalizedPath)) {
+            throw new ValidationError(`File not found: ${normalizedPath}`);
+        }
+    }
+    else {
+        // Check if directory exists for write operations
+        const dir = path.dirname(normalizedPath);
+        if (!fs.existsSync(dir)) {
+            throw new ValidationError(`Directory not found: ${dir}`);
+        }
+    }
+    return normalizedPath;
+}
+function validateSearchQuery(query) {
+    if (!query || typeof query !== 'string') {
+        throw new ValidationError('Search query must be a non-empty string');
+    }
+    // Remove potentially dangerous SQL characters
+    let sanitized = query
+        .replace(/['"`;\\]/g, '') // Remove quotes, semicolons, backslashes
+        .replace(/--/g, '') // Remove SQL comments
+        .replace(/\/\*/g, '') // Remove block comment starts
+        .replace(/\*\//g, '') // Remove block comment ends
+        .replace(/[%_]/g, '\\$&') // Escape wildcards
+        .trim();
+    if (sanitized.length === 0) {
+        throw new ValidationError('Search query cannot be empty');
+    }
+    if (sanitized.length > 1000) {
+        throw new ValidationError('Search query too long (max 1000 characters)');
+    }
+    return sanitized;
+}
+function validateSessionName(name) {
+    if (!name || typeof name !== 'string') {
+        throw new ValidationError('Session name must be a non-empty string');
+    }
+    const trimmed = name.trim();
+    if (trimmed.length === 0) {
+        throw new ValidationError('Session name cannot be empty');
+    }
+    if (trimmed.length > 255) {
+        throw new ValidationError('Session name too long (max 255 characters)');
+    }
+    // Check for path traversal attempts
+    if (trimmed.includes('../') || trimmed.includes('..\\')) {
+        throw new ValidationError('Session name contains invalid characters');
+    }
+    // Check for null bytes
+    if (trimmed.includes('\0')) {
+        throw new ValidationError('Session name contains invalid characters');
+    }
+    // Check for script injection
+    if (/<script|<\/script|javascript:|<iframe|<object|<embed/i.test(trimmed)) {
+        throw new ValidationError('Session name contains invalid characters');
+    }
+    return trimmed;
+}
+function validateKey(key) {
+    // Type validation
+    if (key === null || key === undefined) {
+        throw new ValidationError('Key cannot be null or undefined');
+    }
+    if (typeof key !== 'string') {
+        throw new ValidationError('Key must be a string');
+    }
+    // Empty string check (before trimming)
+    if (key === '') {
+        throw new ValidationError('Key cannot be empty');
+    }
+    // Check if key becomes empty after trimming
+    const trimmed = key.trim();
+    if (trimmed.length === 0) {
+        throw new ValidationError('Key cannot be empty or contain only whitespace');
+    }
+    // Length validation
+    if (trimmed.length > 255) {
+        throw new ValidationError('Key too long (max 255 characters)');
+    }
+    // Check for invalid characters
+    // First check for spaces specifically (for better error messages)
+    if (/\s/.test(key)) {
+        if (/ /.test(key)) {
+            throw new ValidationError('Key contains special characters - spaces are not allowed');
+        }
+        else if (/\t/.test(key)) {
+            throw new ValidationError('Key contains special characters - tabs are not allowed');
+        }
+        else if (/[\n\r]/.test(key)) {
+            throw new ValidationError('Key contains special characters (newlines)');
+        }
+        else {
+            throw new ValidationError('Key contains special characters (whitespace)');
+        }
+    }
+    // Check for null bytes
+    if (/\0/.test(key)) {
+        throw new ValidationError('Key contains invalid characters (null bytes)');
+    }
+    // Check for control characters (excluding those already checked)
+    // eslint-disable-next-line no-control-regex
+    if (/[\x01-\x08\x0B\x0C\x0E-\x1F\x7F]/.test(key)) {
+        throw new ValidationError('Key contains control characters');
+    }
+    // Check for backslashes
+    if (/\\/.test(key)) {
+        throw new ValidationError('Key contains special characters (backslashes)');
+    }
+    // Check for quotes
+    if (/['"`]/.test(key)) {
+        throw new ValidationError('Key contains quotes');
+    }
+    // Check for shell special characters (including ~)
+    if (/[;|&$<>(){}[\]!#~]/.test(key)) {
+        throw new ValidationError('Key contains special characters');
+    }
+    // Check for wildcards
+    if (/[*?]/.test(key)) {
+        throw new ValidationError('Key contains wildcards (* or ?)');
+    }
+    // Only allow basic ASCII characters plus underscore, hyphen, dot, forward slash, and colon
+    // This will reject all Unicode including emojis, Chinese characters, etc.
+    if (!/^[a-zA-Z0-9_\-./:]+$/.test(key)) {
+        throw new ValidationError('Key contains special characters');
+    }
+    // Path traversal protection
+    if (key.includes('../') || key.includes('..\\')) {
+        throw new ValidationError('Key cannot contain path traversal sequences');
+    }
+    // SQL injection protection - check for common SQL keywords in suspicious patterns
+    const sqlPatterns = [
+        /;\s*(DROP|DELETE|INSERT|UPDATE|SELECT|CREATE|ALTER|TRUNCATE)/i,
+        /--\s*$/,
+        /\/\*.*\*\//,
+        /\bUNION\s+SELECT\b/i,
+        /\bOR\s+1\s*=\s*1\b/i,
+    ];
+    for (const pattern of sqlPatterns) {
+        if (pattern.test(key)) {
+            throw new ValidationError('Key contains potentially malicious SQL patterns');
+        }
+    }
+    // Script injection protection
+    if (/<script|<\/script|javascript:|<iframe|<object|<embed|<img.*on\w+=/i.test(key)) {
+        throw new ValidationError('Key contains potentially malicious script patterns');
+    }
+    // If we get here, the key is valid
+    return trimmed;
+}
+function validateValue(value) {
+    if (typeof value !== 'string') {
+        throw new ValidationError('Value must be a string');
+    }
+    // Allow empty values but check size
+    if (value.length > 1000000) {
+        // 1MB limit
+        throw new ValidationError('Value too large (max 1MB)');
+    }
+    return value;
+}
+function validateCategory(category) {
+    if (!category)
+        return undefined;
+    const validCategories = [
+        'task',
+        'decision',
+        'progress',
+        'note',
+        'error',
+        'warning',
+        'git',
+        'system',
+    ];
+    if (!validCategories.includes(category)) {
+        throw new ValidationError(`Invalid category. Must be one of: ${validCategories.join(', ')}`);
+    }
+    return category;
+}
+function validatePriority(priority) {
+    if (!priority)
+        return 'normal';
+    const validPriorities = ['high', 'normal', 'low'];
+    if (!validPriorities.includes(priority)) {
+        throw new ValidationError(`Invalid priority. Must be one of: ${validPriorities.join(', ')}`);
+    }
+    return priority;
+}

package/dist/utils/vector-store.js

@@ -0,0 +1,247 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VectorStore = void 0;
+const uuid_1 = require("uuid");
+const crypto = __importStar(require("crypto"));
+class VectorStore {
+    db;
+    dimension = 384; // Using smaller embeddings for efficiency
+    constructor(db) {
+        this.db = db;
+        this.initializeTables();
+    }
+    initializeTables() {
+        // Create vector storage table
+        this.db.exec(`
+      CREATE TABLE IF NOT EXISTS vector_embeddings (
+        id TEXT PRIMARY KEY,
+        content_id TEXT NOT NULL,
+        content TEXT NOT NULL,
+        embedding BLOB NOT NULL,
+        metadata TEXT,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (content_id) REFERENCES context_items(id) ON DELETE CASCADE
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_vector_content_id ON vector_embeddings(content_id);
+    `);
+    }
+    // Simple text embedding using character n-grams and hashing
+    // This is a lightweight alternative to neural embeddings
+    createEmbedding(text) {
+        const embedding = new Array(this.dimension).fill(0);
+        const normalizedText = text.toLowerCase().replace(/\s+/g, ' ').trim();
+        // Generate character trigrams
+        const ngrams = [];
+        for (let i = 0; i <= normalizedText.length - 3; i++) {
+            ngrams.push(normalizedText.slice(i, i + 3));
+        }
+        // Also add word-level features
+        const words = normalizedText.split(' ');
+        for (const word of words) {
+            if (word.length > 2) {
+                ngrams.push(word);
+            }
+        }
+        // Hash each n-gram to a position in the embedding
+        for (const ngram of ngrams) {
+            const hash = crypto.createHash('md5').update(ngram).digest();
+            // Use multiple hash values to set multiple positions
+            for (let i = 0; i < 3; i++) {
+                const position = ((hash[i * 2] << 8) | hash[i * 2 + 1]) % this.dimension;
+                const value = (hash[i * 2 + 2] % 256) / 255.0;
+                embedding[position] += value;
+            }
+        }
+        // Normalize the embedding
+        const magnitude = Math.sqrt(embedding.reduce((sum, val) => sum + val * val, 0));
+        if (magnitude > 0) {
+            for (let i = 0; i < embedding.length; i++) {
+                embedding[i] /= magnitude;
+            }
+        }
+        return embedding;
+    }
+    // Cosine similarity between two embeddings
+    cosineSimilarity(a, b) {
+        let dotProduct = 0;
+        let normA = 0;
+        let normB = 0;
+        for (let i = 0; i < a.length; i++) {
+            dotProduct += a[i] * b[i];
+            normA += a[i] * a[i];
+            normB += b[i] * b[i];
+        }
+        const magnitude = Math.sqrt(normA) * Math.sqrt(normB);
+        return magnitude > 0 ? dotProduct / magnitude : 0;
+    }
+    // Store a document with its embedding
+    async storeDocument(contentId, content, metadata) {
+        const id = (0, uuid_1.v4)();
+        const embedding = this.createEmbedding(content);
+        // Convert embedding to buffer for storage
+        const buffer = Buffer.from(new Float32Array(embedding).buffer);
+        const stmt = this.db.prepare(`
+      INSERT INTO vector_embeddings (id, content_id, content, embedding, metadata)
+      VALUES (?, ?, ?, ?, ?)
+    `);
+        stmt.run(id, contentId, content, buffer, metadata ? JSON.stringify(metadata) : null);
+        return id;
+    }
+    // Search for similar documents
+    async search(query, topK = 10, minSimilarity = 0.3) {
+        const queryEmbedding = this.createEmbedding(query);
+        // Get all embeddings (in production, we'd want to optimize this)
+        const rows = this.db
+            .prepare('SELECT id, content, embedding, metadata FROM vector_embeddings')
+            .all();
+        const results = [];
+        for (const row of rows) {
+            // Convert buffer back to array
+            const buffer = row.embedding;
+            const embedding = Array.from(new Float32Array(buffer.buffer, buffer.byteOffset, buffer.byteLength / 4));
+            const similarity = this.cosineSimilarity(queryEmbedding, embedding);
+            if (similarity >= minSimilarity) {
+                results.push({
+                    id: row.id,
+                    content: row.content,
+                    similarity,
+                    metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+                });
+            }
+        }
+        // Sort by similarity descending
+        results.sort((a, b) => b.similarity - a.similarity);
+        return results.slice(0, topK);
+    }
+    // Search within a specific session
+    async searchInSession(sessionId, query, topK = 10, minSimilarity = 0.3) {
+        const queryEmbedding = this.createEmbedding(query);
+        // Get embeddings for this session
+        const rows = this.db
+            .prepare(`
+      SELECT ve.id, ve.content, ve.embedding, ve.metadata
+      FROM vector_embeddings ve
+      JOIN context_items ci ON ve.content_id = ci.id
+      WHERE ci.session_id = ?
+    `)
+            .all(sessionId);
+        const results = [];
+        for (const row of rows) {
+            const buffer = row.embedding;
+            const embedding = Array.from(new Float32Array(buffer.buffer, buffer.byteOffset, buffer.byteLength / 4));
+            const similarity = this.cosineSimilarity(queryEmbedding, embedding);
+            if (similarity >= minSimilarity) {
+                results.push({
+                    id: row.id,
+                    content: row.content,
+                    similarity,
+                    metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+                });
+            }
+        }
+        results.sort((a, b) => b.similarity - a.similarity);
+        return results.slice(0, topK);
+    }
+    // Find related documents to a given document
+    async findRelated(documentId, topK = 10, minSimilarity = 0.3) {
+        // Get the document's embedding
+        const doc = this.db
+            .prepare('SELECT content, embedding FROM vector_embeddings WHERE id = ?')
+            .get(documentId);
+        if (!doc) {
+            return [];
+        }
+        const buffer = doc.embedding;
+        const targetEmbedding = Array.from(new Float32Array(buffer.buffer, buffer.byteOffset, buffer.byteLength / 4));
+        // Get all other embeddings
+        const rows = this.db
+            .prepare('SELECT id, content, embedding, metadata FROM vector_embeddings WHERE id != ?')
+            .all(documentId);
+        const results = [];
+        for (const row of rows) {
+            const rowBuffer = row.embedding;
+            const embedding = Array.from(new Float32Array(rowBuffer.buffer, rowBuffer.byteOffset, rowBuffer.byteLength / 4));
+            const similarity = this.cosineSimilarity(targetEmbedding, embedding);
+            if (similarity >= minSimilarity) {
+                results.push({
+                    id: row.id,
+                    content: row.content,
+                    similarity,
+                    metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+                });
+            }
+        }
+        results.sort((a, b) => b.similarity - a.similarity);
+        return results.slice(0, topK);
+    }
+    // Update embeddings for all context items in a session
+    async updateSessionEmbeddings(sessionId) {
+        // Get all context items without embeddings
+        const items = this.db
+            .prepare(`
+      SELECT ci.id, ci.key, ci.value, ci.category, ci.priority
+      FROM context_items ci
+      LEFT JOIN vector_embeddings ve ON ci.id = ve.content_id
+      WHERE ci.session_id = ? AND ve.id IS NULL
+    `)
+            .all(sessionId);
+        let count = 0;
+        for (const item of items) {
+            const content = `${item.key}: ${item.value}`;
+            const metadata = {
+                key: item.key,
+                category: item.category,
+                priority: item.priority,
+            };
+            await this.storeDocument(item.id, content, metadata);
+            count++;
+        }
+        return count;
+    }
+    // Delete embeddings for a content item
+    deleteEmbedding(contentId) {
+        this.db.prepare('DELETE FROM vector_embeddings WHERE content_id = ?').run(contentId);
+    }
+    // Get statistics
+    getStats() {
+        const count = this.db.prepare('SELECT COUNT(*) as count FROM vector_embeddings').get();
+        return {
+            totalDocuments: count.count,
+        };
+    }
+}
+exports.VectorStore = VectorStore;

package/examples/config.json

@@ -0,0 +1,31 @@
+{
+  "_comment": "Place this file at ~/.mcp-memory-keeper/config.json. Built-in profiles (minimal, standard, full) are available without configuration. Define custom profiles or override built-ins here.",
+  "profiles": {
+    "my_custom_workflow": [
+      "context_session_start",
+      "context_save",
+      "context_get",
+      "context_search",
+      "context_status",
+      "context_checkpoint",
+      "context_restore_checkpoint",
+      "context_diff",
+      "context_timeline",
+      "context_batch_save"
+    ],
+    "git_focused": [
+      "context_session_start",
+      "context_session_list",
+      "context_set_project_dir",
+      "context_save",
+      "context_get",
+      "context_search",
+      "context_status",
+      "context_checkpoint",
+      "context_restore_checkpoint",
+      "context_git_commit",
+      "context_diff",
+      "context_export"
+    ]
+  }
+}

package/examples/project-directory-setup.md

@@ -0,0 +1,114 @@
+# Smart Project Directory Management
+
+As of version 0.8.3, MCP Memory Keeper provides intelligent assistance for setting up project directories to enable git tracking. This enhancement helps users configure their project directory correctly, especially when starting Claude Code from parent directories.
+
+## How it Works
+
+When you start a new session without providing a `projectDir`, the server will:
+
+1. Check if the current directory has a git repository
+2. Scan subdirectories for git repositories
+3. Provide smart suggestions for setting up the project directory
+4. Prompt for project directory when git operations are attempted
+
+## Examples
+
+### Starting from Parent Directory
+
+```typescript
+// If you're in ~/workspace and your project is in ~/workspace/my-project
+await mcp.call('context_session_start', {
+  name: 'My Feature Work',
+  description: 'Working on the new feature',
+});
+
+// Response will show:
+// Started new session: <session-id>
+// Name: My Feature Work
+// Git branch: unknown
+//
+// 💡 Found git repositories in: my-project, another-project
+// To enable git tracking, start a session with your project directory:
+// context_session_start({ name: "My Feature Work", projectDir: "/Users/you/workspace/my-project" })
+```
+
+### Explicit Directory (Override)
+
+```typescript
+// You can still explicitly set a different directory if needed
+await mcp.call('context_session_start', {
+  name: 'Another Project',
+  projectDir: '/path/to/different/project',
+});
+
+// Response will show:
+// Started new session: <session-id>
+// Name: Another Project
+// Working directory: /path/to/different/project (explicitly set)
+// Git branch: develop
+```
+
+### Non-Git Directory
+
+```typescript
+// If the directory is not a git repository
+await mcp.call('context_session_start', {
+  name: 'Non-Git Project',
+});
+
+// Response will show:
+// Started new session: <session-id>
+// Name: Non-Git Project
+// Working directory: /path/to/current/directory (auto-detected)
+// Git: No repository found in working directory
+```
+
+### Git Operations Without Project Directory
+
+```typescript
+// If you try to commit without setting project directory
+await mcp.call('context_git_commit', {
+  message: 'feat: Add new feature',
+});
+
+// Response will show:
+// ⚠️ No project directory set for git tracking!
+//
+// To enable git tracking for your project, use one of these methods:
+//
+// 1. For the current session:
+//    context_set_project_dir({ projectDir: "/path/to/your/project" })
+//
+// 2. When starting a new session:
+//    context_session_start({ name: "My Session", projectDir: "/path/to/your/project" })
+```
+
+## Benefits
+
+1. **Smart Suggestions**: Automatically detects git repositories and suggests the right paths
+2. **Clear Guidance**: Provides helpful messages when project directory is needed
+3. **Prevents Mistakes**: Avoids using wrong directories when started from parent folders
+4. **Context Preservation**: The working directory is saved with the session for future reference
+5. **Backward Compatible**: Existing code that provides `projectDir` continues to work as before
+
+## Database Schema
+
+The sessions table now includes a `working_directory` column to persist this information:
+
+```sql
+CREATE TABLE sessions (
+  id TEXT PRIMARY KEY,
+  name TEXT,
+  description TEXT,
+  branch TEXT,
+  working_directory TEXT,  -- New column
+  parent_id TEXT,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (parent_id) REFERENCES sessions(id)
+);
+```
+
+## Migration Support
+
+For existing databases, the schema is automatically updated when the server starts. The migration checks if the `working_directory` column exists and adds it if missing.