@stackmemoryai/stackmemory 1.2.1 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (100) hide show
  1. package/dist/src/cli/codex-sm.js +6 -8
  2. package/dist/src/cli/commands/config.js +0 -81
  3. package/dist/src/cli/commands/context-rehydrate.js +133 -47
  4. package/dist/src/cli/commands/db.js +35 -8
  5. package/dist/src/cli/commands/handoff.js +1 -1
  6. package/dist/src/cli/commands/linear.js +9 -0
  7. package/dist/src/cli/commands/ralph.js +2 -2
  8. package/dist/src/cli/commands/setup.js +2 -2
  9. package/dist/src/cli/commands/signup.js +3 -1
  10. package/dist/src/cli/commands/skills.js +123 -1
  11. package/dist/src/cli/commands/storage-tier.js +26 -8
  12. package/dist/src/cli/index.js +1 -57
  13. package/dist/src/core/config/feature-flags.js +0 -4
  14. package/dist/src/core/context/dual-stack-manager.js +10 -3
  15. package/dist/src/core/context/frame-database.js +32 -0
  16. package/dist/src/core/context/frame-handoff-manager.js +2 -2
  17. package/dist/src/core/context/{refactored-frame-manager.js → frame-manager.js} +3 -3
  18. package/dist/src/core/context/index.js +2 -2
  19. package/dist/src/core/database/sqlite-adapter.js +161 -1
  20. package/dist/src/core/digest/frame-digest-integration.js +1 -1
  21. package/dist/src/core/digest/index.js +1 -1
  22. package/dist/src/core/execution/parallel-executor.js +5 -1
  23. package/dist/src/core/projects/project-isolation.js +18 -4
  24. package/dist/src/core/security/index.js +2 -0
  25. package/dist/src/core/security/input-sanitizer.js +23 -0
  26. package/dist/src/core/utils/update-checker.js +10 -6
  27. package/dist/src/daemon/daemon-config.js +2 -1
  28. package/dist/src/daemon/services/auto-save-service.js +121 -0
  29. package/dist/src/daemon/services/maintenance-service.js +76 -1
  30. package/dist/src/features/sweep/prompt-builder.js +2 -2
  31. package/dist/src/hooks/graphiti-hooks.js +149 -0
  32. package/dist/src/hooks/session-summary.js +30 -0
  33. package/dist/src/integrations/graphiti/linear-graphiti-bridge.js +115 -0
  34. package/dist/src/integrations/greptile/client.js +101 -0
  35. package/dist/src/integrations/greptile/config.js +14 -0
  36. package/dist/src/integrations/greptile/index.js +11 -0
  37. package/dist/src/integrations/greptile/types.js +4 -0
  38. package/dist/src/integrations/linear/config.js +3 -1
  39. package/dist/src/integrations/linear/sync.js +18 -5
  40. package/dist/src/integrations/linear/webhook.js +16 -0
  41. package/dist/src/integrations/mcp/handlers/code-execution-handlers.js +33 -7
  42. package/dist/src/integrations/mcp/handlers/cord-handlers.js +397 -0
  43. package/dist/src/integrations/mcp/handlers/greptile-handlers.js +456 -0
  44. package/dist/src/integrations/mcp/handlers/index.js +55 -1
  45. package/dist/src/integrations/mcp/handlers/task-handlers.js +55 -12
  46. package/dist/src/integrations/mcp/handlers/team-handlers.js +211 -0
  47. package/dist/src/integrations/mcp/handlers/trace-handlers.js +25 -9
  48. package/dist/src/integrations/mcp/index.js +2 -2
  49. package/dist/src/integrations/mcp/refactored-server.js +31 -10
  50. package/dist/src/integrations/mcp/server.js +27 -0
  51. package/dist/src/integrations/mcp/tool-definitions.js +215 -1
  52. package/dist/src/integrations/ralph/context/context-budget-manager.js +10 -2
  53. package/dist/src/integrations/ralph/context/stackmemory-context-loader.js +54 -22
  54. package/dist/src/integrations/ralph/learning/pattern-learner.js +59 -24
  55. package/dist/src/integrations/ralph/orchestration/multi-loop-orchestrator.js +81 -35
  56. package/dist/src/integrations/ralph/patterns/compounding-engineering-pattern.js +12 -4
  57. package/dist/src/integrations/ralph/patterns/extended-coherence-sessions.js +32 -9
  58. package/dist/src/integrations/ralph/swarm/git-workflow-manager.js +25 -8
  59. package/dist/src/integrations/ralph/swarm/swarm-coordinator.js +17 -5
  60. package/dist/src/integrations/ralph/visualization/ralph-debugger.js +73 -22
  61. package/dist/src/skills/claude-skills.js +46 -103
  62. package/dist/src/skills/parallel-agent-skill.js +514 -0
  63. package/dist/src/utils/hook-installer.js +8 -0
  64. package/package.json +5 -5
  65. package/scripts/gepa/.before-optimize.md +140 -159
  66. package/scripts/gepa/config.json +7 -1
  67. package/scripts/gepa/evals/fixtures/api-endpoint.ts +31 -0
  68. package/scripts/gepa/evals/fixtures/brittle-integration.ts +38 -0
  69. package/scripts/gepa/evals/fixtures/fts5-triggers.sql +23 -0
  70. package/scripts/gepa/evals/fixtures/leaky-service.ts +70 -0
  71. package/scripts/gepa/evals/fixtures/mcp-dispatch-stub.ts +39 -0
  72. package/scripts/gepa/evals/fixtures/pr-diff.txt +24 -0
  73. package/scripts/gepa/evals/fixtures/unsafe-webhook.ts +34 -0
  74. package/scripts/gepa/evals/fixtures/unwrapped-db-op.ts +42 -0
  75. package/scripts/gepa/evals/stackmemory-tasks.jsonl +8 -0
  76. package/scripts/gepa/generations/gen-000/baseline.md +172 -159
  77. package/scripts/gepa/generations/gen-001/baseline.md +172 -159
  78. package/scripts/gepa/generations/gen-001/variant-a.md +156 -146
  79. package/scripts/gepa/generations/gen-001/variant-b.md +199 -170
  80. package/scripts/gepa/generations/gen-001/variant-c.md +127 -46
  81. package/scripts/gepa/generations/gen-001/variant-d.md +160 -107
  82. package/scripts/gepa/hooks/reflect.js +44 -5
  83. package/scripts/gepa/optimize.js +281 -39
  84. package/scripts/gepa/results/eval-1-baseline.json +187 -10
  85. package/scripts/gepa/results/eval-1-variant-a.json +188 -11
  86. package/scripts/gepa/results/eval-1-variant-b.json +188 -11
  87. package/scripts/gepa/results/eval-1-variant-c.json +168 -11
  88. package/scripts/gepa/results/eval-1-variant-d.json +169 -12
  89. package/scripts/gepa/state.json +18 -18
  90. package/scripts/install-claude-hooks-auto.js +8 -0
  91. package/templates/claude-hooks/cord-trace.js +225 -0
  92. package/dist/src/core/config/storage-config.js +0 -114
  93. package/dist/src/core/storage/chromadb-adapter.js +0 -379
  94. package/dist/src/integrations/claude-code/enhanced-pre-clear-hooks.js +0 -458
  95. package/dist/src/integrations/ralph/coordination/enhanced-coordination.js +0 -409
  96. package/dist/src/skills/repo-ingestion-skill.js +0 -631
  97. package/templates/claude-hooks/chromadb-wrapper +0 -21
  98. /package/dist/src/core/context/{enhanced-rehydration.js → rehydration.js} +0 -0
  99. /package/dist/src/core/digest/{enhanced-hybrid-digest.js → hybrid-digest.js} +0 -0
  100. /package/dist/src/core/session/{enhanced-handoff.js → handoff.js} +0 -0
@@ -1,237 +1,266 @@
1
- # CLAUDE.md [compact]
1
+ # StackMemory - Project Configuration
2
+
3
+ ## Project Structure
2
4
 
3
- ## Refs
4
5
  ```
5
- ~/.claude/MCP.md|PERSONAS.md|STACKMEMORY.md
6
- ~/.claude/agent_docs/*.compact.md (on-demand)
6
+ src/
7
+ cli/ # CLI commands and entry point
8
+ core/ # Core business logic
9
+ context/ # Frame and context management
10
+ database/ # Database adapters (SQLite, ParadeDB)
11
+ digest/ # Digest generation
12
+ query/ # Query parsing and routing
13
+ integrations/ # External integrations (Linear, MCP)
14
+ services/ # Business services
15
+ skills/ # Claude Code skills
16
+ utils/ # Shared utilities
17
+ scripts/ # Build and utility scripts
18
+ config/ # Configuration files
19
+ docs/ # Documentation
7
20
  ```
8
21
 
22
+ ## Key Files
23
+
24
+ - Entry: src/cli/index.ts
25
+ - MCP Server: src/integrations/mcp/server.ts
26
+ - Frame Manager: src/core/context/frame-manager.ts
27
+ - Database: src/core/database/sqlite-adapter.ts
28
+
29
+ ## Detailed Guides
30
+
31
+ Quick reference (agent_docs/):
32
+ - linear_integration.md - Linear sync
33
+ - mcp_server.md - MCP tools
34
+ - database_storage.md - Storage
35
+ - claude_hooks.md - Hooks
36
+
37
+ Full documentation (docs/):
38
+ - principles.md - Agent programming paradigm
39
+ - architecture.md - Extension model and browser sandbox
40
+ - SPEC.md - Technical specification
41
+ - API_REFERENCE.md - API docs
42
+ - DEVELOPMENT.md - Dev guide
43
+ - SETUP.md - Installation
44
+
9
45
  ## Commands
10
- ```
11
- build|lint|lint:fix|test|test:run
12
- git status|diff|log --oneline -10
13
- npx tsc --noEmit|npm run format
46
+
47
+ ```bash
48
+ npm run build # Compile TypeScript (esbuild)
49
+ npm run lint # ESLint check
50
+ npm run lint:fix # Auto-fix lint issues
51
+ npm test # Run Vitest (watch)
52
+ npm run test:run # Run tests once
53
+ npm run linear:sync # Sync with Linear
54
+
55
+ # StackMemory CLI
56
+ stackmemory capture # Save session state for handoff
57
+ stackmemory restore # Restore from captured state
14
58
  ```
15
59
 
16
- ## Core
17
- [PRINCIPLE]code>docs|simple→complex|security first|evidence-based
18
- [COMM]concise|symbols>prose|bullets>paragraphs|<4 lines
19
- [WORKFLOW]TodoWrite(3+)→execute→update
20
- [GIT]clean commits|type(scope): message|feature/|fix/|chore/ prefix
21
- [STACK]React/TS/Vite|Node/Express/PG|Git/ESLint/Jest
22
-
23
- ## Think
24
- [NONE]single file,<10 lines
25
- [THINK]multi-file,standard|~4K
26
- [HARD]architecture,complex|~10K
27
- [ULTRA]critical redesign|~32K
28
-
29
- ## Critical [C:10]
30
- [SECURITY]
31
- NEVER:commit secrets|exec untrusted|expose PII|force push
32
- ALWAYS:validate input|parameterized queries|hash passwords
33
- BLOCK:~/.ssh|~/.aws|/api[_-]?key|token|secret/i
60
+ ## Working Directory
34
61
 
35
- <example>
36
- BAD:
37
- ```js
38
- db.query(`SELECT * FROM users WHERE id = ${userId}`)
39
- ```
40
- ✅ GOOD:
41
- ```js
42
- db.query('SELECT * FROM users WHERE id = $1', [userId])
43
- ```
44
- </example>
62
+ - PRIMARY: /Users/jwu/Dev/stackmemory
63
+ - ALLOWED: All subdirectories
64
+ - TEMP: /tmp for temporary operations
65
+
66
+ ## Validation (MUST DO)
45
67
 
46
- [ESM]add .js to relative imports|use ts-node-lint-fixer agent on ERR_MODULE_NOT_FOUND
68
+ After code changes:
69
+ 1. `npm run lint` - fix any errors AND warnings
70
+ 2. `npm run test:run` - verify no regressions
71
+ 3. `npm run build` - ensure compilation
72
+ 4. Run code to verify it works
47
73
 
48
74
  <example>
49
- BAD:
50
- ```ts
51
- import { foo } from './bar'
52
- ```
53
- ✅ GOOD:
54
- ```ts
55
- import { foo } from './bar.js'
56
- ```
75
+ # After adding a new MCP tool handler
76
+ npm run lint && npm run test:run && npm run build
77
+ # Then test the tool:
78
+ echo '{"method":"tools/call","params":{"name":"your_tool"}}' | node dist/integrations/mcp/server.js
57
79
  </example>
58
80
 
59
- [ERROR]return undefined>throw|log+continue>crash|filter nulls
81
+ Test coverage:
82
+ - New features require tests in `src/**/__tests__/`
83
+ - Maintain or improve coverage (no untested code paths)
84
+ - Critical paths: context management, handoff, Linear sync
60
85
 
61
86
  <example>
62
- BAD:
63
- ```js
64
- function getUser(id) {
65
- if (!id) throw new Error('No ID')
66
- return users.find(u => u.id === id)
67
- }
68
- ```
69
- ✅ GOOD:
70
- ```js
71
- function getUser(id) {
72
- if (!id) return undefined
73
- return users.find(u => u.id === id)
74
- }
75
- ```
87
+ # New feature: src/core/context/frame-deduplicator.ts
88
+ # Required: src/core/context/__tests__/frame-deduplicator.test.ts
89
+ # Test both happy path and edge cases (empty input, duplicates, conflicts)
76
90
  </example>
77
91
 
78
- [CODE]no emojis|comments only complex logic|short names
92
+ Never: Assume success | Skip testing | Use mock data as fallback
79
93
 
80
- <example>
81
- ❌ BAD:
82
- ```js
83
- // This function gets the user from the database
84
- function getUserFromDatabase(userId) { ... }
85
- ```
86
- ✅ GOOD:
87
- ```js
88
- function getUser(id) { ... }
89
- // Only comment complex parts:
90
- const hash = await bcrypt.hash(pwd, 10) // 10 rounds for security/perf balance
91
- ```
92
- </example>
94
+ ## Git Rules (CRITICAL)
93
95
 
94
- ## High [H:8-9]
95
- [EFFICIENCY]do>explain|action>ceremony|parallel>sequential
96
+ - NEVER use `--no-verify` on git push or commit
97
+ - ALWAYS fix lint/test errors before pushing
98
+ - If pre-push hooks fail, fix the underlying issue
99
+ - Run `npm run lint && npm run test:run` before pushing
100
+ - Commit message format: `type(scope): message`
101
+ - Branch naming: `feature/STA-XXX-description` | `fix/STA-XXX-description` | `chore/description`
96
102
 
97
103
  <example>
98
- BAD: "I'll read file A, then file B, then file C..."
99
- ✅ GOOD: [Read A, Read B, Read C in parallel]
104
+ # Good commits:
105
+ feat(mcp): add search_frames tool for context retrieval
106
+ fix(linear): handle null assignee in webhook handler
107
+ chore(deps): upgrade better-sqlite3 to 11.8.0
108
+
109
+ # Good branches:
110
+ feature/STA-123-add-digest-export
111
+ fix/STA-456-frame-timestamp-parsing
112
+ chore/upgrade-typescript-5.3
100
113
  </example>
101
114
 
102
- [GIT]status→branch→fetch→pull --rebase|type(scope): message
115
+ ## Task Management
116
+
117
+ - Use TodoWrite for 3+ steps or multiple requests
118
+ - Keep one task in_progress at a time
119
+ - Update task status immediately on completion
103
120
 
104
121
  <example>
105
- GOOD commit messages:
106
- - feat(auth): add JWT token refresh
107
- - fix(api): handle null responses
108
- - chore(deps): bump express to 4.18
122
+ # Multi-step task requires TodoWrite:
123
+ User: "Add Graphiti integration with Linear bridge"
124
+ 1. Create TodoWrite with 4 tasks:
125
+ - Research Graphiti API patterns
126
+ - Implement LinearGraphitiBridge class
127
+ - Add webhook handler for Linear events
128
+ - Write integration tests
129
+ 2. Mark task 1 in_progress, complete it
130
+ 3. Mark task 2 in_progress, etc.
109
131
  </example>
110
132
 
111
- [RECOVERY]try alt→explain→suggest next|never silent fail
133
+ ## Security
134
+
135
+ NEVER hardcode secrets - use process.env with dotenv/config
112
136
 
113
137
  <example>
114
- BAD: Test fails → retry same command → retry again
115
- GOOD: Test fails → check logs → try different approach → explain issue
138
+ // CORRECT
139
+ import 'dotenv/config';
140
+ const API_KEY = process.env.LINEAR_API_KEY;
141
+ if (!API_KEY) {
142
+ console.error('LINEAR_API_KEY not set');
143
+ process.exit(1);
144
+ }
145
+
146
+ // ✗ WRONG
147
+ const API_KEY = 'lin_api_abc123def456';
116
148
  </example>
117
149
 
118
- [SESSION]track edits/corrections/paths|cache versions/locations
150
+ Environment sources (check in order):
151
+ 1. .env file
152
+ 2. .env.local
153
+ 3. ~/.zshrc
154
+ 4. Process environment
119
155
 
120
- ## Standards
121
- [TASK]TodoWrite 3+|one in_progress|update immediate
156
+ Secret patterns to block: lin_api_* | lin_oauth_* | sk-* | npm_*
122
157
 
123
158
  <example>
124
- GOOD workflow:
125
- 1. User asks to add feature
126
- 2. TodoWrite: ["Design API", "Implement handler", "Add tests", "Update docs"]
127
- 3. TaskUpdate task1 → in_progress
128
- 4. Complete work
129
- 5. TaskUpdate task1 → completed
130
- 6. TaskUpdate task2 → in_progress
159
+ # If you see this pattern, STOP and use env vars:
160
+ const token = 'lin_api_...';
161
+ const apiKey = 'sk-...';
162
+ const npmToken = 'npm_...';
131
163
  </example>
132
164
 
133
- [DESIGN]KISS|YAGNI|SOLID|<20 lines/fn|<5 complexity
165
+ ## Deploy
134
166
 
135
- <example>
136
- BAD:
137
- ```js
138
- function processUserDataWithValidationAndTransformation(user, options) {
139
- // 50 lines of mixed concerns
140
- }
141
- ```
142
- ✅ GOOD:
143
- ```js
144
- function validateUser(user) { ... } // 8 lines
145
- function transformUser(user) { ... } // 6 lines
146
- function processUser(user) { // 3 lines
147
- const valid = validateUser(user)
148
- return valid ? transformUser(user) : null
149
- }
167
+ ```bash
168
+ # npm publish (uses NPM_TOKEN from .env, no OTP needed)
169
+ git stash -- scripts/gepa/ # stash GEPA state (dirties working tree)
170
+ NPM_TOKEN=$(grep '^NPM_TOKEN=' .env | cut -d= -f2) \
171
+ npm publish --registry https://registry.npmjs.org/ \
172
+ --//registry.npmjs.org/:_authToken="$NPM_TOKEN"
173
+ git stash pop # restore GEPA state
174
+
175
+ # Railway
176
+ railway up
177
+
178
+ # Pre-publish checks require clean git status — stash GEPA files first
150
179
  ```
151
- </example>
152
180
 
153
- [FILES]read before write|edit>write|no docs unless asked
181
+ ## Task Delegation Model
154
182
 
155
- <example>
156
- ❌ BAD: User asks to update function → Write entire new file
157
- ✅ GOOD: User asks to update function → Read file → Edit specific function
158
- </example>
183
+ Route effort by task complexity — not all code changes deserve equal scrutiny:
159
184
 
160
- [VALIDATE]linttest→build→run|never assume success
185
+ **AUTOMATE** — Execute immediately, lint+test is sufficient:
186
+ - CRUD operations, boilerplate, formatting, simple transforms
187
+ - Adding a tool handler following existing switch/case pattern
188
+ - Config additions (new env var, feature flag)
161
189
 
162
190
  <example>
163
- GOOD workflow:
164
- 1. Edit code
165
- 2. `npm run lint` check output
166
- 3. `npm test` → verify passing
167
- 4. `npm run build` → ensure clean build
168
- 5. Only then mark task complete
191
+ # AUTOMATE tier example:
192
+ User: "Add a new MCP tool for listing frames by tag"
193
+ Action: Add case to server.ts switch, follow existing pattern, lint+test
169
194
  </example>
170
195
 
171
- [COVERAGE]maintain or improve test coverage|no untested code paths
196
+ **STANDARD** Normal workflow, lint+test+build:
197
+ - Feature implementation, bug fixes, refactoring
198
+ - New test coverage, documentation updates
199
+ - Integration wiring (adding handler to server.ts dispatch)
172
200
 
173
201
  <example>
174
- BAD: Add new route without tests
175
- ✅ GOOD: Add new route + unit test + integration test
202
+ # STANDARD tier example:
203
+ User: "Fix the digest generation to include frame metadata"
204
+ Action: Modify digest-generator.ts, add tests, lint+test+build, verify output
176
205
  </example>
177
206
 
178
- ## Style
179
- [OUTPUT]concise|structured|actionable
207
+ **CAREFUL** — Review approach before implementation:
208
+ - API/schema changes, database migrations, auth flows
209
+ - New integration patterns (MCP tools, webhook handlers)
210
+ - Changes to frame-manager, sqlite-adapter, or daemon lifecycle
211
+ - Anything touching error handling chains
180
212
 
181
213
  <example>
182
- BAD: "I've made some changes to the authentication system to improve security..."
183
- ✅ GOOD: "Added JWT refresh tokens in src/auth/tokens.js:45"
214
+ # CAREFUL tier example:
215
+ User: "Add a new column to frames table for priority scoring"
216
+ Action: Read schema, check migrations, discuss ALTER TABLE vs rebuild, plan rollback
184
217
  </example>
185
218
 
186
- [PUSHBACK]"Simpler: X"|"Risk: Y"|"Consider: Z"
219
+ **ARCHITECT** Plan mode required, explore existing patterns first:
220
+ - New service boundaries, system integrations
221
+ - Performance-critical paths (FTS5 queries, search scoring)
222
+ - Breaking changes to MCP protocol or CLI interface
187
223
 
188
224
  <example>
189
- User: "Add Redis caching to all endpoints"
190
- ✅ GOOD response: "Risk: premature optimization. Consider: profile first, cache hot paths only"
225
+ # ARCHITECT tier example:
226
+ User: "Integrate Graphiti knowledge graph with existing frame storage"
227
+ Action: EnterPlanMode, explore frame-manager.ts, research Graphiti API, design bridge layer
191
228
  </example>
192
229
 
193
- [QUESTIONS]1-3 clarifying|one at a time|no time estimates
230
+ **HUMAN** Explicit user approval before any changes:
231
+ - Security-critical decisions, secret handling
232
+ - Irreversible operations (data migrations, schema drops)
233
+ - Publishing (npm publish, Railway deploy)
194
234
 
195
235
  <example>
196
- BAD: "This will take 2-3 hours. Should I add error handling, logging, tests, docs, and type safety?"
197
- ✅ GOOD: "Add error handling for network failures?"
236
+ # HUMAN tier example:
237
+ User: "Publish v1.3.0 to npm"
238
+ Action: Ask "Ready to publish? This will run npm publish with NPM_TOKEN." Wait for approval.
198
239
  </example>
199
240
 
200
- ## Summary Format
201
- ```
202
- Session: actual vs estimated|variance %
203
- Completed: N/M tasks|files modified|commits
204
- Outcomes: deliverables|blockers|next actions
205
- ```
241
+ Quality gates scale with tier — don't over-engineer AUTOMATE tasks, don't under-review CAREFUL ones.
206
242
 
207
- <example>
208
- ✅ GOOD summary:
209
- ```
210
- Completed: 3/4 tasks | 7 files | 2 commits
211
- Outcomes: Auth refresh implemented, tests passing
212
- Blockers: Redis connection requires env var
213
- Next: Add REDIS_URL to .env, deploy to staging
214
- ```
215
- </example>
243
+ ## Workflow
216
244
 
217
- ## Auto-Activate
218
- [FILES]*.tsx→frontend|*.sql→data|Docker→devops|*.test→qa
219
- [KEYWORDS]bug/error→debugger|optimize→perf|secure→security
245
+ - Check .env for API keys before asking
246
+ - Run npm run linear:sync after task completion
247
+ - Use browser MCP for visual testing
248
+ - Review recent commits and stackmemory.json on session start
249
+ - Use subagents for multi-step tasks
250
+ - Ask 1-3 clarifying questions for complex commands (one at a time)
220
251
 
221
252
  <example>
222
- User shares error.tsx → automatically apply frontend patterns
223
- User mentions "slow query" automatically consider performance context
253
+ # Session start workflow:
254
+ 1. Read stackmemory.json for project state
255
+ 2. Run: git log --oneline -5
256
+ 3. Check git status for uncommitted work
257
+ 4. If user mentions Linear task, run: npm run linear:sync
258
+ 5. Proceed with user request
224
259
  </example>
225
260
 
226
- ## Expand (read on match)
227
- [AGENTIC]multi-agent→AGENTIC_CODING.compact.md
228
- [CONTEXT]token budget→CONTEXT_MANAGEMENT.compact.md
229
- [TOOLS]parallel tools→TOOL_USE.compact.md
230
- [HORIZON]multi-session→LONG_HORIZON.compact.md
231
- [PROMPTS]prompt design→PROMPT_ENGINEERING.compact.md
232
- [BUILD]npm build|esbuild|tsc→building_the_project.md
233
- [CODE]conventions|naming|imports→code_conventions.md
234
- [TEST]vitest|jest|test:run→running_tests.md
235
- [OVERVIEW]agent docs|guides→OVERVIEW.md
236
-
237
- ~150t|v4.4.0-compact
261
+ <example>
262
+ # Complex command clarification:
263
+ User: "Optimize the search performance"
264
+ Response: "Which search path should I focus on? (1) FTS5 queries, (2) Hybrid search scoring, or (3) Database indexes?"
265
+ # Wait for answer before proceeding
266
+ </example>
@@ -1,61 +1,142 @@
1
- # ProvenantAI
1
+ # StackMemory - Project Configuration
2
+
3
+ ## Project Structure
2
4
 
3
- ## Refs
4
5
  ```
5
- AGENTS.md # Agent workflow + guardrails
6
- PROMPT_PLAN.md # 20 staged prompts
7
- docs/STYLE.md # Design system (Hatchet + Outliner)
8
- docs/business/ONE_PAGER.md|VISION.md # Executive summary + vision
9
- DEV_SPEC.md # Developer spec
10
- docs/reference/PROJECT.md # Quick reference
11
- docs/architecture/SYSTEM_INTEGRATION.md # System connections
12
- docs/architecture/HEARTBEAT_DESIGN.md|WEBHOOK_SYSTEM_DESIGN.md
13
- docs/nudge-engine-design.md # Proactive alerts
14
- docs/VALUES.md # Company values
6
+ src/
7
+ cli/ # CLI commands and entry point
8
+ core/ # Core business logic
9
+ context/ # Frame and context management
10
+ database/ # Database adapters (SQLite, ParadeDB)
11
+ digest/ # Digest generation
12
+ query/ # Query parsing and routing
13
+ integrations/ # External integrations (Linear, MCP)
14
+ services/ # Business services
15
+ skills/ # Claude Code skills
16
+ utils/ # Shared utilities
17
+ scripts/ # Build and utility scripts
18
+ config/ # Configuration files
19
+ docs/ # Documentation
15
20
  ```
16
21
 
22
+ ## Key Files
23
+
24
+ - Entry: src/cli/index.ts
25
+ - MCP Server: src/integrations/mcp/server.ts
26
+ - Frame Manager: src/core/context/frame-manager.ts
27
+ - Database: src/core/database/sqlite-adapter.ts
28
+
29
+ ## Documentation
30
+
31
+ Quick reference (agent_docs/): linear_integration.md | mcp_server.md | database_storage.md | claude_hooks.md
32
+
33
+ Full docs (docs/): principles.md | architecture.md | SPEC.md | API_REFERENCE.md | DEVELOPMENT.md | SETUP.md
34
+
17
35
  ## Commands
36
+
37
+ ```bash
38
+ npm run build|lint|lint:fix|test|test:run|linear:sync
39
+ stackmemory capture|restore # Session state handoff
40
+ ```
41
+
42
+ ## Working Directory
43
+
44
+ PRIMARY: /Users/jwu/Dev/stackmemory | ALLOWED: All subdirectories | TEMP: /tmp
45
+
46
+ ## Validation (MUST DO)
47
+
48
+ After code changes:
49
+ 1. `npm run lint` - fix errors AND warnings
50
+ 2. `npm run test:run` - verify no regressions
51
+ 3. `npm run build` - ensure compilation
52
+ 4. Run code to verify it works
53
+
54
+ Test coverage:
55
+ - New features require tests in `src/**/__tests__/`
56
+ - Maintain or improve coverage (no untested code paths)
57
+ - Critical paths: context management, handoff, Linear sync
58
+
59
+ Never: Assume success | Skip testing | Use mock data as fallback
60
+
61
+ ## Git Rules (CRITICAL)
62
+
63
+ - NEVER use `--no-verify` on commit/push
64
+ - ALWAYS fix lint/test errors before pushing
65
+ - Run `npm run lint && npm run test:run` before pushing
66
+ - Commit format: `type(scope): message`
67
+ - Branch naming: `feature/STA-XXX-desc` | `fix/STA-XXX-desc` | `chore/desc`
68
+
69
+ ## Security
70
+
71
+ NEVER hardcode secrets - use process.env with dotenv/config
72
+
73
+ ```javascript
74
+ import 'dotenv/config';
75
+ const API_KEY = process.env.LINEAR_API_KEY;
76
+ if (!API_KEY) {
77
+ console.error('LINEAR_API_KEY not set');
78
+ process.exit(1);
79
+ }
80
+ ```
81
+
82
+ Environment sources (check in order): .env | .env.local | ~/.zshrc | process.env
83
+
84
+ Secret patterns to block: lin_api_* | lin_oauth_* | sk-* | npm_*
85
+
86
+ ## Deploy
87
+
18
88
  ```bash
19
- npm run dev|test|lint|migrate
20
- docker-compose up -d; railway up # Local DBs; Deploy
89
+ # npm publish (uses NPM_TOKEN from .env)
90
+ git stash -- scripts/gepa/
91
+ NPM_TOKEN=$(grep '^NPM_TOKEN=' .env | cut -d= -f2) \
92
+ npm publish --registry https://registry.npmjs.org/ \
93
+ --//registry.npmjs.org/:_authToken="$NPM_TOKEN"
94
+ git stash pop
95
+
96
+ # Railway
97
+ railway up
98
+
99
+ # Pre-publish requires clean git — stash GEPA files first
21
100
  ```
22
101
 
23
- ## Stack
24
- Node/Express/PostgreSQL/Redis | Railway | Stripe/Salesforce/QuickBooks
102
+ ## Task Delegation Model
25
103
 
26
- ## Structure
27
- src/api|core|features|shared|integrations | docs/ | scripts/ | docker/
104
+ Route effort by complexity:
28
105
 
29
- ## Key Context
30
- - Provenance tracking: source + timestamp + lineage on all data
31
- - Multi-tenant container isolation
32
- - Investigation replays: data/investigation-replays/
33
- - StackMemory: security layer (future session/entity context bridge on KG)
106
+ **AUTOMATE** Execute immediately, lint+test sufficient:
107
+ - CRUD, boilerplate, formatting, simple transforms
108
+ - Tool handler following existing pattern
109
+ - Config additions (env var, feature flag)
34
110
 
35
- ## Git
36
- - No "Co-Authored-By" lines
37
- - Pre-commit: lint + test (3 parallel suites: unit/core/integrations)
38
- - Commit format: type(scope): message
111
+ **STANDARD** — Normal workflow, lint+test+build:
112
+ - Features, bug fixes, refactoring
113
+ - Tests, docs, integration wiring
39
114
 
40
- ## Critical Rules
41
- [SECURITY]
42
- NEVER: commit secrets|exec untrusted|expose PII|force push
43
- ALWAYS: validate input|parameterized queries|hash passwords
44
- BLOCK: ~/.ssh|~/.aws|/api[_-]?key|token|secret/i
115
+ **CAREFUL** Review approach before implementation:
116
+ - API/schema changes, migrations, auth flows
117
+ - New integration patterns (MCP, webhooks)
118
+ - Changes to frame-manager, sqlite-adapter, daemon lifecycle
119
+ - Error handling chains
45
120
 
46
- [ESM] Add .js to relative imports | use ts-node-lint-fixer on ERR_MODULE_NOT_FOUND
47
- [ERROR] return undefined>throw | log+continue>crash | filter nulls
48
- [CODE] no emojis | comments only complex logic | short names
121
+ **ARCHITECT** Plan mode required, explore patterns first:
122
+ - New service boundaries, system integrations
123
+ - Performance-critical paths (FTS5, search scoring)
124
+ - Breaking changes to MCP protocol or CLI
125
+
126
+ **HUMAN** — Explicit approval required:
127
+ - Security decisions, secret handling
128
+ - Irreversible operations (migrations, schema drops)
129
+ - Publishing (npm, Railway)
130
+
131
+ Quality gates scale with tier — don't over-engineer AUTOMATE, don't under-review CAREFUL.
49
132
 
50
133
  ## Workflow
51
- [EFFICIENCY] do>explain | action>ceremony | parallel>sequential
52
- [TASK] TodoWrite 3+ | one in_progress | update immediate
53
- [DESIGN] KISS|YAGNI|SOLID | <20 lines/fn | <5 complexity
54
- [FILES] read before write | edit>write | no docs unless asked
55
- [VALIDATE] lint→test→build→run | never assume success
56
- [COVERAGE] maintain or improve | no untested paths
57
-
58
- ## Style
59
- [OUTPUT] concise | structured | actionable | <4 lines default
60
- [PUSHBACK] "Simpler: X" | "Risk: Y" | "Consider: Z"
61
- [QUESTIONS] 1-3 clarifying | one at a time | no time estimates
134
+
135
+ - Check .env for API keys before asking
136
+ - Run npm run linear:sync after task completion
137
+ - Use browser MCP for visual testing
138
+ - Review recent commits and stackmemory.json on session start
139
+ - Use TodoWrite for 3+ steps or multiple requests
140
+ - Keep one task in_progress at a time
141
+ - Update task status immediately on completion
142
+ - Ask 1-3 clarifying questions for complex commands (one at a time)