npm - claude-mem-lite - Versions diffs - 2.65.0 → 2.66.0 - Mend

claude-mem-lite 2.65.0 → 2.66.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.claude-plugin/marketplace.json +1 -1
package/.claude-plugin/plugin.json +1 -1
package/install.mjs +5 -0
package/mem-cli.mjs +18 -1
package/nlp.mjs +19 -3
package/package.json +1 -1
package/secret-scrub.mjs +13 -1

package/.claude-plugin/marketplace.json CHANGED Viewed

@@ -10,7 +10,7 @@
   "plugins": [
     {
       "name": "claude-mem-lite",
-      "version": "2.65.0",
+      "version": "2.66.0",
       "source": "./",
       "description": "Lightweight persistent memory system for Claude Code — FTS5 search, episode batching, error-triggered recall"
     }

package/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "claude-mem-lite",
-  "version": "2.65.0",
+  "version": "2.66.0",
   "description": "Lightweight persistent memory system for Claude Code — FTS5 search, episode batching, error-triggered recall",
   "author": {
     "name": "sdsrss"

package/install.mjs CHANGED Viewed

@@ -1438,6 +1438,11 @@ async function doctor() {
   }
   console.log(`\n  ${buildDoctorSummary(issues, warnings)}\n`);
+  // Diagnostic-tool exit-code contract: any ✗-level finding must propagate non-zero
+  // so CI / wrapper scripts (`claude-mem-lite doctor || alert`) actually trip. Keeps
+  // ⚠-only states at exit 0 (#8268 already established the visual ⚠ vs counted-issue
+  // separation; this propagates that count to the shell).
+  if (issues > 0) process.exitCode = 1;
 }
 // ─── Settings helpers ───────────────────────────────────────────────────────

package/mem-cli.mjs CHANGED Viewed

@@ -1366,7 +1366,13 @@ function cmdExport(db, args) {
   `).all(...params, limit);
   if (rows.length === 0) {
-    out('[mem] No observations found matching criteria');
+    // Empty result must respect the requested format so `export … | jq` works:
+    //   json  → "[]" (valid empty array)
+    //   jsonl → 0 lines (valid empty file)
+    // The friendly note goes to stderr so it doesn't poison stdout for callers
+    // piping to a parser.
+    if (format === 'json') out('[]');
+    process.stderr.write('[mem] No observations found matching criteria\n');
     return;
   }
@@ -2320,6 +2326,17 @@ export async function run(argv) {
     return;
   }
+  // --json contract surfacing: only `search` and `context` actually emit JSON;
+  // historically `recent --json | jq` etc. silently produced text, breaking
+  // automation. Emit a one-line stderr note when --json is passed to a command
+  // that doesn't honor it. Stdout output and exit code are unchanged so existing
+  // text-parsing callers keep working — the note lives in stderr for scripts to
+  // detect the gap.
+  const JSON_SUPPORTED_CMDS = new Set(['search', 'context']);
+  if (cmdArgs.includes('--json') && !JSON_SUPPORTED_CMDS.has(cmd)) {
+    process.stderr.write(`[mem] Note: --json is supported only on: ${[...JSON_SUPPORTED_CMDS].join(', ')}. "${cmd}" outputs text.\n`);
+  }
   try {
     switch (cmd) {
       case 'search':    cmdSearch(db, cmdArgs); break;

package/nlp.mjs CHANGED Viewed

@@ -117,10 +117,17 @@ export function extractCjkKeywords(text) {
 export function extractCjkLikePatterns(query) {
   if (!query || !/[\u4e00-\u9fff\u3400-\u4dbf]{2,}/.test(query)) return [];
   const keywords = extractCjkKeywords(query);
-  // Bigrams for unmatched CJK portions
+  // Bigrams for unmatched CJK portions \u2014 but only from pure-CJK whitespace tokens.
+  // Mixed-script tokens (e.g. "xyzAbc\u4e0d\u5b58\u5728neverhit") behave as identifier-like
+  // literals; LIKE-OR'ing the CJK-suffix bigrams matches unrelated docs containing
+  // common fragments. Mirrors the FTS-side guard in sanitizeFtsQuery.
   let remainder = query;
   for (const w of keywords) remainder = remainder.split(w).join(' ');
-  const bigrams = cjkBigrams(remainder).split(' ').filter(Boolean);
+  const pureCjkOnly = remainder
+    .split(/\s+/)
+    .filter(t => /[\u4e00-\u9fff\u3400-\u4dbf]/.test(t) && !/[A-Za-z0-9]/.test(t))
+    .join(' ');
+  const bigrams = pureCjkOnly ? cjkBigrams(pureCjkOnly).split(' ').filter(Boolean) : [];
   return [...new Set([...keywords, ...bigrams])];
 }
@@ -255,7 +262,16 @@ export function sanitizeFtsQuery(query) {
   // Individual CJK chars ("系","统") are too noisy; bigrams ("系统") capture compound words.
   // Skip bigrams when CJK synonym extraction already produced meaningful tokens —
   // bigrams joined with AND would make the query too restrictive.
-  const bigrams = cjkExtracted ? null : cjkBigrams(cleaned);
+  // Also skip for mixed-script tokens (e.g. "xyzAbc不存在neverhit"): the latin portion
+  // is already a strong literal anchor; bigramming the CJK suffix lets short fragments
+  // like "存在" match alone after AND→OR fallback, exploding recall onto unrelated docs.
+  let bigrams = null;
+  if (!cjkExtracted) {
+    const pureCjkTokens = tokens.filter(t =>
+      /[一-鿿㐀-䶿]/.test(t) && !/[A-Za-z0-9]/.test(t)
+    );
+    if (pureCjkTokens.length > 0) bigrams = cjkBigrams(pureCjkTokens.join(' '));
+  }
   const bigramSet = new Set(bigrams ? bigrams.split(' ').filter(b => b && !CJK_STOP_WORDS.has(b)) : []);
   const hasBigrams = bigramSet.size > 0;
   const finalTokens = [];

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "claude-mem-lite",
-  "version": "2.65.0",
+  "version": "2.66.0",
   "description": "Lightweight persistent memory system for Claude Code",
   "type": "module",
   "packageManager": "npm@10.9.2",

package/secret-scrub.mjs CHANGED Viewed

@@ -7,7 +7,19 @@ export const SECRET_PATTERNS = [
   // Key-value assignments: password=xxx, token=xxx, api_key=xxx, secret=xxx, etc.
   // Excludes code-like values: null, undefined, true, false, None, empty, function calls (word()),
   // and short values (<6 chars) that are typically variable names not secrets.
-  [/(\b(?:password|passwd|token|api[_-]?key|api[_-]?secret|secret[_-]?key|access[_-]?key|private[_-]?key|client[_-]?secret|auth[_-]?token|bearer)\s*[=:]\s*)(?!process\.env\.)(?!new\s)(?!\w+\()(?!(?:null|undefined|true|false|None|nil|empty|""|''|0)\b)[^\s,;'"}\]]{6,}/gi, '$1***'],
+  //
+  // Split into two patterns so prose mentions don't get scrubbed:
+  //   1. Bare credential nouns (password|passwd|token|bearer) commonly appear in
+  //      English prose — "Marker token: xyzpdq", "the bearer: alice". We require
+  //      the keyword NOT to be preceded by an English-word + horizontal-space
+  //      (the prose mention shape). Code/config has the keyword at start-of-line,
+  //      after a separator, or in object-literal context — none of which match
+  //      "letter-then-space" preceding the keyword.
+  //   2. Structured keys (api_key, auth_token, …) keep the original behavior —
+  //      a separator/compound key is unambiguous config syntax even when
+  //      preceded by prose ("see auth_token: shhhhhh").
+  [/((?<![A-Za-z][ \t])\b(?:password|passwd|token|bearer)\s*[=:]\s*)(?!process\.env\.)(?!new\s)(?!\w+\()(?!(?:null|undefined|true|false|None|nil|empty|""|''|0)\b)[^\s,;'"}\]]{6,}/gi, '$1***'],
+  [/(\b(?:api[_-]?key|api[_-]?secret|secret[_-]?key|access[_-]?key|private[_-]?key|client[_-]?secret|auth[_-]?token)\s*[=:]\s*)(?!process\.env\.)(?!new\s)(?!\w+\()(?!(?:null|undefined|true|false|None|nil|empty|""|''|0)\b)[^\s,;'"}\]]{6,}/gi, '$1***'],
   // AWS access keys (AKIA...)
   [/\bAKIA[A-Z0-9]{16}\b/g, '***'],
   // OpenAI / Anthropic keys (sk-...) — specific prefixes have lower length threshold