@stackmemoryai/stackmemory 1.5.8 → 1.5.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -7,48 +7,48 @@
7
7
  "taskName": "simple_function",
8
8
  "weight": 1,
9
9
  "passed": false,
10
- "passRate": 0,
10
+ "passRate": 0.3333333333333333,
11
11
  "criteria": {
12
12
  "has_function": {
13
- "passed": false,
14
- "reason": "regex heuristic"
13
+ "passed": true,
14
+ "reason": "A real, working function `is_palindrome` is defined with proper syntax, type hints, and implementation"
15
15
  },
16
16
  "handles_edge_cases": {
17
17
  "passed": false,
18
- "reason": "regex heuristic"
18
+ "reason": "The function only handles spaces and case sensitivity, but doesn't handle punctuation, special characters, or empty strings. A true palindrome checker should ignore non-alphanumeric characters"
19
19
  },
20
20
  "is_tested": {
21
21
  "passed": false,
22
- "reason": "regex heuristic"
22
+ "reason": "Usage examples are provided but they are not formal tests. The third example also requires manual preprocessing with `.replace()`, suggesting the function itself doesn't fully handle the test case"
23
23
  }
24
24
  },
25
- "judgeMode": "regex",
26
- "duration": 6236,
27
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHFLVHf4LRx9owtsUat\"}\n"
25
+ "judgeMode": "llm",
26
+ "duration": 11268,
27
+ "output": "```python\ndef is_palindrome(s: str) -> bool:\n s = s.lower().replace(\" \", \"\")\n return s == s[::-1]\n```\n\nUsage:\n```python\nis_palindrome(\"racecar\") # True\nis_palindrome(\"hello\") # False\nis_palindrome(\"A man a plan a canal Panama\".replace(\" \", \"\")) # True\n```\n"
28
28
  },
29
29
  {
30
30
  "taskId": "eval-002",
31
31
  "taskName": "refactor_code",
32
32
  "weight": 1.5,
33
33
  "passed": false,
34
- "passRate": 0.3333333333333333,
34
+ "passRate": 0,
35
35
  "criteria": {
36
36
  "uses_async": {
37
37
  "passed": false,
38
- "reason": "regex heuristic"
38
+ "reason": "No async/await code is present in the output. The AI only asks for input without providing any refactored code."
39
39
  },
40
40
  "preserves_behavior": {
41
41
  "passed": false,
42
- "reason": "regex heuristic"
42
+ "reason": "No refactored code is provided, so behavior cannot be preserved or verified."
43
43
  },
44
44
  "no_nested_callbacks": {
45
- "passed": true,
46
- "reason": "regex heuristic"
45
+ "passed": false,
46
+ "reason": "No code refactoring was attempted. The output is merely a request for clarification rather than the actual refactoring task completion."
47
47
  }
48
48
  },
49
- "judgeMode": "regex",
50
- "duration": 5342,
51
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHFn1T5TkkCFboDp1aH\"}\n"
49
+ "judgeMode": "llm",
50
+ "duration": 11979,
51
+ "output": "Which file or code snippet would you like me to refactor? Please share the file path or paste the code.\n"
52
52
  },
53
53
  {
54
54
  "taskId": "eval-003",
@@ -59,20 +59,20 @@
59
59
  "criteria": {
60
60
  "bug_fixed": {
61
61
  "passed": false,
62
- "reason": "regex heuristic"
62
+ "reason": "No code was provided to fix, so no bug was actually corrected"
63
63
  },
64
64
  "no_new_bugs": {
65
65
  "passed": false,
66
- "reason": "regex heuristic"
66
+ "reason": "Cannot evaluate without code being analyzed or fixed"
67
67
  },
68
68
  "explains_fix": {
69
69
  "passed": false,
70
- "reason": "regex heuristic"
70
+ "reason": "No explanation of a fix was provided; the AI only asked for missing code"
71
71
  }
72
72
  },
73
- "judgeMode": "regex",
74
- "duration": 4389,
75
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHGFTCjb8PsbsYzRS1W\"}\n"
73
+ "judgeMode": "llm",
74
+ "duration": 14057,
75
+ "output": "I don't see any code in your message. Could you share the loop you'd like me to fix?\n"
76
76
  },
77
77
  {
78
78
  "taskId": "eval-004",
@@ -83,136 +83,136 @@
83
83
  "criteria": {
84
84
  "has_pagination": {
85
85
  "passed": false,
86
- "reason": "regex heuristic"
86
+ "reason": "No pagination implementation provided. The AI only asked for clarification rather than delivering pagination code."
87
87
  },
88
88
  "has_limit": {
89
89
  "passed": false,
90
- "reason": "regex heuristic"
90
+ "reason": "No limit parameter implemented in any code. The output contains only a question requesting more information."
91
91
  },
92
92
  "has_offset": {
93
93
  "passed": false,
94
- "reason": "regex heuristic"
94
+ "reason": "No offset parameter implemented in any code. The output contains only a question requesting more information."
95
95
  },
96
96
  "backwards_compatible": {
97
97
  "passed": false,
98
- "reason": "regex heuristic"
98
+ "reason": "No implementation provided to evaluate for backwards compatibility. The AI did not deliver working code."
99
99
  }
100
100
  },
101
- "judgeMode": "regex",
102
- "duration": 6872,
103
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHGkbeXvwXwxysZTdhR\"}\n"
101
+ "judgeMode": "llm",
102
+ "duration": 23380,
103
+ "output": "Which API endpoint would you like to add pagination to? Please share the file path or endpoint name.\n"
104
104
  },
105
105
  {
106
106
  "taskId": "eval-005",
107
107
  "taskName": "code_review",
108
108
  "weight": 1.3,
109
- "passed": false,
110
- "passRate": 0,
109
+ "passed": true,
110
+ "passRate": 0.6666666666666666,
111
111
  "criteria": {
112
112
  "identifies_security_issue": {
113
- "passed": false,
114
- "reason": "regex heuristic"
113
+ "passed": true,
114
+ "reason": "Output identifies 4 distinct security vulnerabilities: SQL injection, plaintext password storage/comparison, credential logging, and weak session tokens. Each is clearly explained with concrete examples."
115
115
  },
116
116
  "identifies_performance_issue": {
117
117
  "passed": false,
118
- "reason": "regex heuristic"
118
+ "reason": "Output does not identify or discuss any performance issues. The review focuses exclusively on security vulnerabilities with no mention of performance impacts, inefficiencies, or optimization concerns."
119
119
  },
120
120
  "actionable_feedback": {
121
- "passed": false,
122
- "reason": "regex heuristic"
121
+ "passed": true,
122
+ "reason": "Output provides specific, actionable guidance: revert changes, explains what was wrong with each change, recommends use of parameterized queries and bcrypt, and advises adding secure cookie flags. The 'Do not merge' verdict with clear rationale is actionable."
123
123
  }
124
124
  },
125
- "judgeMode": "regex",
126
- "duration": 10308,
127
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHHXPvni9SXWYQD2ML2\"}\n"
125
+ "judgeMode": "llm",
126
+ "duration": 57435,
127
+ "output": "This PR has **critical security vulnerabilities** that must be blocked:\n\n---\n\n## PR Review: `src/auth/login.ts`\n\n### Critical Issues\n\n**1. SQL Injection (line 10)**\n```diff\n- const user = await db.query('SELECT * FROM users WHERE email = $1', [email]);\n+ const user = await db.query(`SELECT * FROM users WHERE email = '${email}'`);\n```\nDirect string interpolation in SQL = SQL injection. An attacker can input `' OR '1'='1` to bypass auth entirely or dump the database. The original parameterized query was correct — this \"fix\" is a severe regression.\n\n**2. Plaintext password comparison (line 14)**\n```diff\n- const valid = await bcrypt.compare(password, user.passwordHash);\n+ const valid = password === user.passwordHash;\n```\nThis only works if passwords are stored in plaintext, which means passwords are stored in plaintext. Complete removal of bcrypt is a critical auth bypass — any user's password can be read directly from the DB.\n\n**3. Credentials logged to console (line 22)**\n```ts\nconsole.log(`Login: ${email} / ${password}`);\n```\nPlaintext passwords in logs. These end up in log aggregators, monitoring tools, and potentially cloud storage — exposing every user's password on every login attempt.\n\n**4. Weak, predictable session token (line 18)**\n```ts\nconst token = email + ':' + Date.now();\n```\n`email:timestamp` is trivially guessable/forgeable. No entropy, no signing. The cookie also has no `httpOnly`, `secure`, or `sameSite` flags set.\n\n---\n\n### Verdict: **Do not merge.** Revert all changes to this function.\n"
128
128
  },
129
129
  {
130
130
  "taskId": "sm-001",
131
131
  "taskName": "add_mcp_tool_handler",
132
132
  "weight": 1.5,
133
- "passed": false,
134
- "passRate": 0,
133
+ "passed": true,
134
+ "passRate": 1,
135
135
  "criteria": {
136
136
  "has_switch_case": {
137
- "passed": false,
138
- "reason": "regex heuristic"
137
+ "passed": true,
138
+ "reason": "The output shows a complete case statement with 'get_frame_summary' as the case label, following switch/case dispatch pattern"
139
139
  },
140
140
  "has_zod_schema": {
141
- "passed": false,
142
- "reason": "regex heuristic"
141
+ "passed": true,
142
+ "reason": "Zod schema is defined inline: z.object({ frameId: z.string() })"
143
143
  },
144
144
  "validates_input": {
145
- "passed": false,
146
- "reason": "regex heuristic"
145
+ "passed": true,
146
+ "reason": "Input validation occurs via .parse(args) which will throw if frameId is missing or not a string"
147
147
  },
148
148
  "returns_typed_response": {
149
- "passed": false,
150
- "reason": "regex heuristic"
149
+ "passed": true,
150
+ "reason": "Returns an object with all four required fields: frameId, name, status, and eventCount (computed from frame.events.length)"
151
151
  },
152
152
  "handles_not_found": {
153
- "passed": false,
154
- "reason": "regex heuristic"
153
+ "passed": true,
154
+ "reason": "Includes explicit check for frame existence with descriptive error message thrown when frame is not found"
155
155
  }
156
156
  },
157
- "judgeMode": "regex",
158
- "duration": 6548,
159
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHHpuPC36UFe4w8R6LA\"}\n"
157
+ "judgeMode": "llm",
158
+ "duration": 28203,
159
+ "output": "Please approve the file write permission, then I can apply the change. The edit adds:\n\n```ts\ncase 'get_frame_summary': {\n const input = z.object({ frameId: z.string() }).parse(args);\n const frame = frames.get(input.frameId);\n if (!frame) throw new Error(`Frame not found: ${input.frameId}`);\n return { frameId: frame.id, name: frame.name, status: frame.status, eventCount: frame.events.length };\n}\n```\n\n- Zod validates `frameId` as a required string (throws on missing/wrong type)\n- Looks up the frame, throws a descriptive error if not found\n- Returns the four requested fields: `frameId`, `name`, `status`, `eventCount`\n"
160
160
  },
161
161
  {
162
162
  "taskId": "sm-002",
163
163
  "taskName": "fix_fts5_trigger_bug",
164
164
  "weight": 1.8,
165
- "passed": false,
166
- "passRate": 0,
165
+ "passed": true,
166
+ "passRate": 1,
167
167
  "criteria": {
168
168
  "has_delete_trigger": {
169
- "passed": false,
170
- "reason": "regex heuristic"
169
+ "passed": true,
170
+ "reason": "A DELETE trigger named 'frames_ad' is explicitly defined with AFTER DELETE ON frames syntax"
171
171
  },
172
172
  "uses_fts_delete_syntax": {
173
- "passed": false,
174
- "reason": "regex heuristic"
173
+ "passed": true,
174
+ "reason": "The trigger uses the FTS5 special 'delete' command via INSERT INTO frames_fts(frames_fts, rowid, ...) VALUES ('delete', ...)"
175
175
  },
176
176
  "references_old_row": {
177
- "passed": false,
178
- "reason": "regex heuristic"
177
+ "passed": true,
178
+ "reason": "The trigger correctly references old.rowid, old.name, old.digest_text, and old.inputs, old.outputs to capture deleted row data"
179
179
  },
180
180
  "matches_column_list": {
181
- "passed": false,
182
- "reason": "regex heuristic"
181
+ "passed": true,
182
+ "reason": "The column list (frames_fts, rowid, name, digest_text, inputs, outputs) matches the INSERT and UPDATE trigger patterns shown in the context"
183
183
  }
184
184
  },
185
- "judgeMode": "regex",
186
- "duration": 6290,
187
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHJHsrxx3PXJcuPnJio\"}\n"
185
+ "judgeMode": "llm",
186
+ "duration": 36035,
187
+ "output": "The edit requires your approval. The change replaces the bug comment with:\n\n```sql\n-- Sync trigger: DELETE\nCREATE TRIGGER IF NOT EXISTS frames_ad AFTER DELETE ON frames BEGIN\n INSERT INTO frames_fts(frames_fts, rowid, name, digest_text, inputs, outputs)\n VALUES ('delete', old.rowid, old.name, old.digest_text, old.inputs, old.outputs);\nEND;\n```\n\nThis follows the same pattern as the delete half of the UPDATE trigger using the special `'delete'` command insert with `old.*` values to remove the stale entry from the external content FTS5 index.\n"
188
188
  },
189
189
  {
190
190
  "taskId": "sm-003",
191
191
  "taskName": "daemon_service_lifecycle",
192
192
  "weight": 1.5,
193
- "passed": false,
194
- "passRate": 0,
193
+ "passed": true,
194
+ "passRate": 1,
195
195
  "criteria": {
196
196
  "clears_old_interval": {
197
- "passed": false,
198
- "reason": "regex heuristic"
197
+ "passed": true,
198
+ "reason": "The code snippet includes `if (this.intervalId) { clearInterval(this.intervalId); this.intervalId = undefined; }` at the start of `start()`, which directly clears any existing interval before creating a new one."
199
199
  },
200
200
  "prevents_double_start": {
201
- "passed": false,
202
- "reason": "regex heuristic"
201
+ "passed": true,
202
+ "reason": "By clearing the interval at the beginning of `start()`, calling `start()` multiple times will safely clear the previous interval before setting a new one, preventing the leak from double-starts."
203
203
  },
204
204
  "has_getstate_method": {
205
- "passed": false,
206
- "reason": "regex heuristic"
205
+ "passed": true,
206
+ "reason": "A complete `getState()` method is defined with proper TypeScript syntax, returning an object of type `ServiceState`."
207
207
  },
208
208
  "returns_correct_state_shape": {
209
- "passed": false,
210
- "reason": "regex heuristic"
209
+ "passed": true,
210
+ "reason": "The `getState()` method returns an object with all four required properties: `isRunning`, `intervalMs` (correctly converted from minutes to milliseconds), `lastRunTime`, and `errorCount`."
211
211
  }
212
212
  },
213
- "judgeMode": "regex",
214
- "duration": 6657,
215
- "output": "API Error: 400 {\"type\":\"error\",\"error\":{\"type\":\"invalid_request_error\",\"message\":\"You have reached your specified API usage limits. You will regain access on 2026-04-01 at 00:00 UTC.\"},\"request_id\":\"req_011CYrHJmYFr5sCJFhW9h9Qm\"}\n"
213
+ "judgeMode": "llm",
214
+ "duration": 51160,
215
+ "output": "Permissions aren't being granted. Here are the two changes to make manually:\n\n**Bug fix — `start()` at line 28:** Add a guard at the top to clear any existing interval before creating a new one:\n\n```ts\nstart(): void {\n if (this.intervalId) { // <-- add these 3 lines\n clearInterval(this.intervalId);\n this.intervalId = undefined;\n }\n this.isRunning = true;\n // ... rest unchanged\n```\n\nThis fixes both the double-`start()` leak and the `updateConfig()` bug `stop()` already clears correctly, but `start()` now also clears defensively, so even if `isRunning` state drifts, no interval leaks.\n\n**Remove stale comments** on `start()` and `updateConfig()` (the bug comments are no longer accurate).\n\n**Add `getState()` after `updateConfig()`:**\n\n```ts\ngetState(): ServiceState {\n return {\n isRunning: this.isRunning,\n intervalMs: this.config.interval * 60 * 1000,\n lastRunTime: this.lastRunTime,\n errorCount: this.errorCount,\n };\n}\n```\n\nAlso replace the `// TODO` comment on line 57 with this method.\n"
216
216
  }
217
217
  ]
218
218
  }
@@ -1,14 +1,14 @@
1
1
  {
2
2
  "currentGeneration": 1,
3
3
  "bestVariant": "baseline",
4
- "bestScore": 0.04424778761061947,
4
+ "bestScore": 0.48967551622418876,
5
5
  "targetPath": "/Users/jwu/Dev/rize/sol/CLAUDE.md",
6
6
  "history": [
7
7
  {
8
8
  "generation": 0,
9
9
  "variant": "baseline",
10
10
  "action": "init",
11
- "timestamp": "2026-03-08T20:55:25.777Z"
11
+ "timestamp": "2026-03-09T15:20:49.782Z"
12
12
  },
13
13
  {
14
14
  "generation": 1,
@@ -19,7 +19,7 @@
19
19
  "variant-c",
20
20
  "variant-d"
21
21
  ],
22
- "timestamp": "2026-03-08T20:56:32.495Z"
22
+ "timestamp": "2026-03-09T15:23:14.976Z"
23
23
  },
24
24
  {
25
25
  "generation": 1,
@@ -27,11 +27,23 @@
27
27
  "scores": [
28
28
  {
29
29
  "variant": "baseline",
30
- "score": 0.04424778761061947
30
+ "score": 0.48967551622418876
31
+ },
32
+ {
33
+ "variant": "variant-b",
34
+ "score": 0.48967551622418876
35
+ },
36
+ {
37
+ "variant": "variant-a",
38
+ "score": 0.3716814159292035
39
+ },
40
+ {
41
+ "variant": "variant-c",
42
+ "score": 0.35693215339233036
31
43
  }
32
44
  ],
33
45
  "best": "baseline",
34
- "timestamp": "2026-03-08T20:58:11.649Z"
46
+ "timestamp": "2026-03-09T15:41:55.313Z"
35
47
  }
36
48
  ]
37
49
  }