@unifiedmemory/cli 1.3.0 → 1.3.6

package/.github/workflows/test-and-publish.yml

@@ -0,0 +1,92 @@
+name: Test and Publish
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [18, 20, 22]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm run test:ci
+        env:
+          CI: true
+
+      - name: Upload test results
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: test-results-node-${{ matrix.node-version }}
+          path: test-results.xml
+
+  publish:
+    needs: test
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+    permissions:
+      contents: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 24
+          registry-url: 'https://registry.npmjs.org'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Check if version changed
+        id: version-check
+        run: |
+          CURRENT_VERSION=$(node -p "require('./package.json').version")
+          NPM_VERSION=$(npm view @unifiedmemory/cli version 2>/dev/null || echo "0.0.0")
+          echo "current=$CURRENT_VERSION" >> $GITHUB_OUTPUT
+          echo "published=$NPM_VERSION" >> $GITHUB_OUTPUT
+          if [ "$CURRENT_VERSION" != "$NPM_VERSION" ]; then
+            echo "version_changed=true" >> $GITHUB_OUTPUT
+            echo "✅ Version changed: $NPM_VERSION → $CURRENT_VERSION"
+          else
+            echo "version_changed=false" >> $GITHUB_OUTPUT
+            echo "ℹ️ Version unchanged ($CURRENT_VERSION) - skipping publish"
+          fi
+
+      - name: Publish to npm
+        if: steps.version-check.outputs.version_changed == 'true'
+        run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Create Git tag
+        if: steps.version-check.outputs.version_changed == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git tag v${{ steps.version-check.outputs.current }}
+          git push origin v${{ steps.version-check.outputs.current }}
+
+      - name: Skip publish notification
+        if: steps.version-check.outputs.version_changed == 'false'
+        run: |
+          echo "::notice::Skipped npm publish - version ${{ steps.version-check.outputs.current }} already published"

package/commands/record.js

@@ -52,6 +52,7 @@ export async function record(summary, options = {}) {
     };
 
     // 5. Prepare tool arguments
+    // Note: headers (X-Org-Id, X-User-Id) are handled at HTTP level by authHeaders
     const toolArgs = {
       body: {
         summary_text: summary,
@@ -59,10 +60,6 @@ export async function record(summary, options = {}) {
         source: options.source || 'um-cli',
         confidence: options.confidence ? parseFloat(options.confidence) : 0.7,
         tags: options.tags ? options.tags.split(',') : []
-      },
-      headers: {
-        'X-Org-Id': tokenData.selectedOrg?.id || tokenData.decoded?.sub,
-        'X-User-Id': tokenData.decoded?.sub
       }
     };
 
@@ -89,22 +86,47 @@ export async function record(summary, options = {}) {
       projectContext
     );
 
-    // 7. Handle response
+    // 7. Handle response - validate success properly
     if (result.content && Array.isArray(result.content)) {
       const textContent = result.content.find(c => c.type === 'text');
       if (textContent) {
-        const response = JSON.parse(textContent.text);
-        console.log(chalk.green('✓ Note created successfully'));
-        console.log(chalk.gray(`  Note ID: ${response.note_id || 'N/A'}`));
-        if (response.confidence) {
-          console.log(chalk.gray(`  Confidence: ${response.confidence}`));
+        try {
+          const response = JSON.parse(textContent.text);
+
+          // Check for error in response
+          if (result.isError || response.error || response.detail) {
+            throw new Error(response.error || response.detail || 'Note creation failed');
+          }
+
+          console.log(chalk.green('✓ Note created successfully'));
+          console.log(chalk.gray(`  Note ID: ${response.note_id || 'N/A'}`));
+          if (response.confidence) {
+            console.log(chalk.gray(`  Confidence: ${response.confidence}`));
+          }
+          return response;
+        } catch (parseError) {
+          if (parseError.message.includes('Note creation failed')) {
+            throw parseError;
+          }
+          throw new Error(`Failed to parse API response: ${parseError.message}`);
         }
-        return response;
       }
     }
 
-    console.log(chalk.green('✓ Note created'));
-    return result;
+    // Check for direct note response (some backends return this directly)
+    if (result.note_id) {
+      console.log(chalk.green('✓ Note created successfully'));
+      console.log(chalk.gray(`  Note ID: ${result.note_id}`));
+      return result;
+    }
+
+    // Check for error indicators
+    if (result.error || result.detail || result.isError) {
+      throw new Error(result.error || result.detail || 'Note creation failed');
+    }
+
+    // Unknown response format - fail explicitly instead of silent success
+    throw new Error('Unexpected response format from API');
 
   } catch (error) {
     console.error(chalk.red('✗ Failed to create note:'));

package/lib/mcp-proxy.js

@@ -14,6 +14,23 @@ function transformToolSchema(tool) {
   // Deep clone to avoid mutations
   const transformed = JSON.parse(JSON.stringify(tool));
 
+  // Remove headers entirely - proxy handles all headers at HTTP level
+  // AI never needs to provide X-Org-Id, X-User-Id, etc.
+  if (transformed.inputSchema?.properties?.headers) {
+    delete transformed.inputSchema.properties.headers;
+
+    // Also remove from required array if present
+    if (transformed.inputSchema.required && Array.isArray(transformed.inputSchema.required)) {
+      transformed.inputSchema.required = transformed.inputSchema.required.filter(
+        field => field !== 'headers'
+      );
+
+      if (transformed.inputSchema.required.length === 0) {
+        delete transformed.inputSchema.required;
+      }
+    }
+  }
+
   // Check if tool has pathParams in schema
   if (!transformed.inputSchema?.properties?.pathParams) {
     return transformed;
@@ -79,22 +96,31 @@ function injectContextParams(args, authContext, projectContext) {
     injected.pathParams = {};
   }
 
+  // Ensure headers object exists (gateway expects these in tool args)
+  if (!injected.headers) {
+    injected.headers = {};
+  }
+
   // Inject user ID from decoded JWT
   if (authContext?.decoded?.sub) {
     injected.pathParams.user = authContext.decoded.sub;
+    injected.headers['X-User-Id'] = authContext.decoded.sub;
   }
 
   // Inject org ID (from selectedOrg or fallback to user ID for personal account)
   if (authContext?.selectedOrg?.id) {
     injected.pathParams.org = authContext.selectedOrg.id;
+    injected.headers['X-Org-Id'] = authContext.selectedOrg.id;
   } else if (authContext?.decoded?.sub) {
     // Fallback to user ID for personal account context
     injected.pathParams.org = authContext.decoded.sub;
+    injected.headers['X-Org-Id'] = authContext.decoded.sub;
   }
 
   // Inject project ID from project config
   if (projectContext?.project_id) {
     injected.pathParams.proj = projectContext.project_id;
+    injected.headers['X-Project-Id'] = projectContext.project_id;
   }
 
   return injected;

package/lib/memory-instructions.js

@@ -1,72 +1,82 @@
 // Unique marker to detect if instructions already present
-export const MEMORY_INSTRUCTIONS_MARKER = '<!-- UNIFIEDMEMORY_INSTRUCTIONS_V1 -->';
+export const MEMORY_INSTRUCTIONS_MARKER = '<!-- UNIFIEDMEMORY_INSTRUCTIONS_V2 -->';
 
 export function getMemoryInstructions() {
   return `${MEMORY_INSTRUCTIONS_MARKER}
 
-# UnifiedMemory Automatic Integration
+# UnifiedMemory Integration (REQUIRED)
 
-When working in this project, automatically integrate with UnifiedMemory to maintain project knowledge:
+This project uses UnifiedMemory for persistent knowledge management. The \`unifiedmemory\` MCP server is configured and MUST be used for all relevant queries.
 
-## 1. Search Before Responding
+## Available Tools
 
-**When**: User submits any query or request
-**Action**: Use the \`unifiedmemory\` MCP tool to search for relevant context
-**Usage**:
-- Send the user's query to the search tool
-- Review the search results for relevant prior work, decisions, or context
-- Incorporate findings into your response
+The \`unifiedmemory\` MCP server provides these tools (call them like any MCP tool):
 
-Example:
-\`\`\`
-User: "Add dark mode to the dashboard"
-→ Search: unifiedmemory search --query "dark mode dashboard styling"
-→ Review results for existing patterns or decisions
-→ Respond with context-aware answer
-\`\`\`
+| Tool | Purpose | Required Parameters |
+|------|---------|---------------------|
+| \`search_notes\` | **Primary tool** - Search project knowledge base | \`query\` (search text) |
+| \`create_note\` | Record decisions, plans, or completions | \`summary_text\`, \`topic\` |
+| \`list_notes\` | List all notes in current project | None |
+| \`get_note\` | Retrieve a specific note by ID | \`note_id\` |
+| \`list_topics\` | List available topics/categories | None |
+| \`create_topic\` | Create a new topic for organization | \`name\` |
+| \`list_projects\` | List available projects | None |
 
-## 2. Record Plans
+All tools automatically use the correct project context - no additional configuration needed.
 
-**When**: Creating an implementation plan or design approach
-**Action**: Record the plan as a note using the \`unifiedmemory\` tool
-**Format**:
-- Include: objective, approach, key steps, important decisions
-- Keep concise but informative
-- Limit to under 1000 characters for optimal indexing
+## MANDATORY: Search Before Implementing
 
-Example:
-\`\`\`
-Plan created for dark mode feature
-→ unifiedmemory create_note --content "Plan: Dark mode implementation. Approach: CSS variables + localStorage persistence. Steps: 1) Define color tokens, 2) Add toggle component, 3) Persist preference. Decision: Use system preference as default."
-\`\`\`
+**REQUIREMENT**: Before responding to ANY coding task, feature request, or implementation question, you MUST:
+
+1. Call the \`search_notes\` tool with the user's query or relevant keywords
+2. Review returned results for prior decisions, patterns, or context
+3. Incorporate relevant findings into your response
+4. Mention what context you found (or didn't find) in your response
+
+### When to Search
 
-## 3. Record Task Completions
+You MUST search before:
+- Implementing any feature (search for existing patterns)
+- Fixing any bug (search for related issues)
+- Answering architecture questions (search for design decisions)
+- Modifying any component (search for existing conventions)
+- ANY coding task, no exceptions
 
-**When**: After completing any task, feature, or significant milestone
-**Action**: Create a summary note using the \`unifiedmemory\` tool
-**Format**:
-- Summarize what was accomplished and why
-- Include key technical decisions or gotchas
-- **IMPORTANT**: Limit to under 1000 characters
-- Focus on outcomes, not detailed code
+### Example Workflow
 
-Example:
 \`\`\`
-Completed dark mode feature
-→ unifiedmemory create_note --content "Completed: Dark mode toggle in dashboard. Implemented CSS custom properties with theme switcher component. User preference stored in localStorage. Respects system prefers-color-scheme by default. All components updated to use theme tokens."
+User: "Add authentication to the API"
+
+Step 1: Call search_notes with query "authentication API security"
+Step 2: Review results - found: "Decision: Use JWT with refresh tokens"
+Step 3: Implement following the established pattern
+Step 4: Respond: "Based on prior decisions in UnifiedMemory, I'll use JWT..."
 \`\`\`
 
-## Summary Guidelines
+## Do NOT Skip These Tools
+
+- ❌ NEVER start implementing without calling \`search_notes\` first
+- ❌ NEVER assume patterns without checking the knowledge base
+- ❌ NEVER skip search for "simple" tasks - context always helps
+- ✅ ALWAYS search even if you think you know the answer
+- ✅ ALWAYS mention search results (or lack thereof) in your response
+- ✅ ALWAYS use these tools when they can provide relevant context
+
+## Recording Knowledge with create_note
+
+After completing significant work, use \`create_note\` to record:
+- Implementation decisions and rationale
+- Completed features or fixes
+- Architectural patterns established
+- Gotchas or lessons learned
+
+Keep notes concise (under 1000 characters) and focus on the "why" not the "what".
+
+## Additional Tools
 
-- ✅ **DO**: Search context before responding
-- ✅ **DO**: Record plans and completions automatically
-- ✅ **DO**: Keep notes under 1000 characters
-- ✅ **DO**: Focus on decisions, outcomes, and context
-- ❌ **DON'T**: Record trivial tasks (typo fixes, minor edits)
-- ❌ **DON'T**: Include full code in notes
-- ❌ **DON'T**: Duplicate information already in git commits
+Use \`list_topics\` to understand project organization, \`list_notes\` to browse available knowledge, and \`get_note\` to retrieve full details of relevant notes found via search.
 
 ---
-*Auto-generated by UnifiedMemory CLI v1.0*
+*UnifiedMemory CLI - Knowledge that persists*
 `;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@unifiedmemory/cli",
-  "version": "1.3.0",
+  "version": "1.3.6",
   "description": "UnifiedMemory CLI - AI code assistant integration",
   "main": "index.js",
   "type": "module",
@@ -9,7 +9,13 @@
   },
   "scripts": {
     "start": "node index.js",
-    "build": "pkg . --targets node18-linux-x64,node18-macos-x64,node18-win-x64 --output dist/um"
+    "build": "pkg . --targets node18-linux-x64,node18-macos-x64,node18-win-x64 --output dist/um",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "test:unit": "vitest run tests/unit",
+    "test:integration": "vitest run tests/integration",
+    "test:ci": "vitest run --reporter=junit --outputFile=test-results.xml"
   },
   "keywords": [
     "ai",
@@ -42,10 +48,16 @@
     "open": "^10.0.3"
   },
   "devDependencies": {
-    "pkg": "^5.8.1"
+    "@vitest/coverage-v8": "^3.0.0",
+    "msw": "^2.7.0",
+    "pkg": "^5.8.1",
+    "vitest": "^3.0.0"
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/unifiedmemory/um-cli.git"
+    "url": "https://github.com/Episodic-Solutions/um-cli.git"
+  },
+  "publishConfig": {
+    "access": "public"
   }
 }

package/tests/fixtures/expired-auth.json

@@ -0,0 +1,20 @@
+{
+  "accessToken": "mock_expired_access_token",
+  "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyXzEyMzQ1Njc4OSIsImVtYWlsIjoidGVzdEB0ZXN0LmNvbSIsImV4cCI6MTYwMDAwMDAwMCwiaWF0IjoxNTk5OTk2NDAwLCJzaWQiOiJzZXNzXzEyMzQ1Njc4OSJ9.mock_signature",
+  "refresh_token": "mock_refresh_token_for_expired",
+  "tokenType": "Bearer",
+  "expiresIn": 3600,
+  "receivedAt": 1599996400000,
+  "decoded": {
+    "sub": "user_123456789",
+    "email": "test@test.com",
+    "exp": 1600000000,
+    "iat": 1599996400,
+    "sid": "sess_123456789"
+  },
+  "selectedOrg": {
+    "id": "org_456789012",
+    "name": "Test Organization",
+    "role": "admin"
+  }
+}

package/tests/fixtures/mock-auth.json

@@ -0,0 +1,21 @@
+{
+  "accessToken": "mock_access_token_abc123",
+  "idToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyXzEyMzQ1Njc4OSIsImVtYWlsIjoidGVzdEB0ZXN0LmNvbSIsImV4cCI6OTk5OTk5OTk5OSwiaWF0IjoxNjAwMDAwMDAwLCJzaWQiOiJzZXNzXzEyMzQ1Njc4OSIsIm9yZ19pZCI6Im9yZ180NTY3ODkwMTIifQ.mock_signature",
+  "refresh_token": "mock_refresh_token_xyz789",
+  "tokenType": "Bearer",
+  "expiresIn": 3600,
+  "receivedAt": 1700000000000,
+  "decoded": {
+    "sub": "user_123456789",
+    "email": "test@test.com",
+    "exp": 9999999999,
+    "iat": 1600000000,
+    "sid": "sess_123456789",
+    "org_id": "org_456789012"
+  },
+  "selectedOrg": {
+    "id": "org_456789012",
+    "name": "Test Organization",
+    "role": "admin"
+  }
+}

package/tests/fixtures/mock-project-config.json

@@ -0,0 +1,12 @@
+{
+  "version": "1.0",
+  "org_id": "org_456789012",
+  "project_id": "proj_987654321",
+  "project_name": "test-project",
+  "api_url": "https://api.test.unifiedmemory.ai",
+  "created_at": "2024-01-01T00:00:00.000Z",
+  "mcp_config": {
+    "inject_headers": true,
+    "auto_context": true
+  }
+}

package/tests/mocks/api.mock.js

@@ -0,0 +1,200 @@
+/**
+ * MSW (Mock Service Worker) handlers for API mocking
+ *
+ * These handlers intercept HTTP requests during tests and return
+ * predefined responses without hitting real APIs.
+ */
+
+import { http, HttpResponse } from 'msw';
+
+const API_BASE_URL = 'https://rose-asp-main-1c0b114.d2.zuplo.dev';
+
+// Sample project data
+const mockProjects = [
+  {
+    id: 'proj_001',
+    name: 'project-one',
+    display_name: 'Project One',
+    slug: 'project-one',
+    description: 'First test project',
+    created_at: '2024-01-01T00:00:00.000Z',
+  },
+  {
+    id: 'proj_002',
+    name: 'project-two',
+    display_name: 'Project Two',
+    slug: 'project-two',
+    description: 'Second test project',
+    created_at: '2024-01-02T00:00:00.000Z',
+  },
+];
+
+// Sample MCP tools data
+const mockMCPTools = [
+  {
+    name: 'create_note',
+    description: 'Create a new note in the vault',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        content: { type: 'string', description: 'Note content' },
+        pathParams: {
+          type: 'object',
+          properties: {
+            org: { type: 'string' },
+            proj: { type: 'string' },
+          },
+          required: ['org', 'proj'],
+        },
+        headers: {
+          type: 'object',
+          properties: {
+            'X-Org-Id': { type: 'string' },
+          },
+        },
+      },
+      required: ['content', 'pathParams'],
+    },
+  },
+  {
+    name: 'search_notes',
+    description: 'Search notes in the vault',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        query: { type: 'string', description: 'Search query' },
+        pathParams: {
+          type: 'object',
+          properties: {
+            org: { type: 'string' },
+            proj: { type: 'string' },
+          },
+          required: ['org', 'proj'],
+        },
+      },
+      required: ['query', 'pathParams'],
+    },
+  },
+];
+
+/**
+ * Default API handlers for common endpoints
+ */
+export const handlers = [
+  // GET /v1/orgs/:org/projects - List projects
+  http.get(`${API_BASE_URL}/v1/orgs/:org/projects`, ({ request, params }) => {
+    const authHeader = request.headers.get('Authorization');
+
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      return HttpResponse.json(
+        { error: 'Unauthorized', message: 'Missing or invalid authorization header' },
+        { status: 401 }
+      );
+    }
+
+    return HttpResponse.json({ items: mockProjects });
+  }),
+
+  // POST /v1/orgs/:org/projects - Create project
+  http.post(`${API_BASE_URL}/v1/orgs/:org/projects`, async ({ request, params }) => {
+    const authHeader = request.headers.get('Authorization');
+
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      return HttpResponse.json(
+        { error: 'Unauthorized', message: 'Missing or invalid authorization header' },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+
+    return HttpResponse.json({
+      id: `proj_${Date.now()}`,
+      name: body.display_name.toLowerCase().replace(/\s+/g, '-'),
+      display_name: body.display_name,
+      slug: body.display_name.toLowerCase().replace(/\s+/g, '-'),
+      description: body.description || '',
+      created_at: new Date().toISOString(),
+    });
+  }),
+
+  // POST /mcp - MCP endpoint for tools/list
+  http.post(`${API_BASE_URL}/mcp`, async ({ request }) => {
+    const body = await request.json();
+
+    if (body.method === 'tools/list') {
+      return HttpResponse.json({
+        jsonrpc: '2.0',
+        id: body.id,
+        result: {
+          tools: mockMCPTools,
+        },
+      });
+    }
+
+    if (body.method === 'tools/call') {
+      return HttpResponse.json({
+        jsonrpc: '2.0',
+        id: body.id,
+        result: {
+          content: [
+            {
+              type: 'text',
+              text: `Tool ${body.params.name} executed successfully`,
+            },
+          ],
+        },
+      });
+    }
+
+    return HttpResponse.json(
+      {
+        jsonrpc: '2.0',
+        id: body.id,
+        error: { code: -32601, message: 'Method not found' },
+      },
+      { status: 400 }
+    );
+  }),
+
+  // GET /health - Health check
+  http.get(`${API_BASE_URL}/health`, () => {
+    return HttpResponse.json({ status: 'healthy' });
+  }),
+];
+
+/**
+ * Handler that returns 401 for all requests (unauthorized)
+ */
+export const unauthorizedHandlers = [
+  http.all(`${API_BASE_URL}/*`, () => {
+    return HttpResponse.json(
+      { error: 'Unauthorized', message: 'Token expired or invalid' },
+      { status: 401 }
+    );
+  }),
+];
+
+/**
+ * Handler that returns 500 for all requests (server error)
+ */
+export const serverErrorHandlers = [
+  http.all(`${API_BASE_URL}/*`, () => {
+    return HttpResponse.json(
+      { error: 'Internal Server Error', message: 'Something went wrong' },
+      { status: 500 }
+    );
+  }),
+];
+
+/**
+ * Handler that simulates network failure
+ */
+export const networkErrorHandlers = [
+  http.all(`${API_BASE_URL}/*`, () => {
+    return HttpResponse.error();
+  }),
+];
+
+// Export mock data for use in tests
+export { mockProjects, mockMCPTools };