claude-memory-layer 1.0.36 → 1.0.38

package/dist/hooks/post-tool-use.js

@@ -10,8 +10,8 @@ const __dirname = dirname(__filename);
 import * as os5 from "os";
 
 // src/core/engine/memory-service-composition.ts
-import * as os from "os";
-import * as path6 from "path";
+import * as os2 from "os";
+import * as path7 from "path";
 
 // src/core/metadata-extractor.ts
 function getFileType(filePath) {
@@ -1641,8 +1641,8 @@ function createEndlessMemoryServices(options) {
 }
 
 // src/core/engine/memory-engine-services.ts
-import * as fs5 from "fs";
-import * as path4 from "path";
+import * as fs6 from "fs";
+import * as path5 from "path";
 
 // src/extensions/vector/embedder.ts
 var DEFAULT_EMBEDDING_MODEL = "Xenova/multilingual-e5-small";
@@ -2320,14 +2320,39 @@ function makeDedupeKey(content, sessionId) {
   return `${sessionId}:${contentHash}`;
 }
 
+// src/core/sqlite-event-store.ts
+import * as nodePath2 from "path";
+
+// src/core/registry/project-path.ts
+import * as crypto2 from "crypto";
+import * as fs3 from "fs";
+import * as os from "os";
+import * as path3 from "path";
+function normalizeProjectPath(projectPath) {
+  const expanded = projectPath.startsWith("~") ? path3.join(os.homedir(), projectPath.slice(1)) : projectPath;
+  try {
+    return fs3.realpathSync(expanded);
+  } catch {
+    return path3.resolve(expanded);
+  }
+}
+function hashProjectPath(projectPath) {
+  const normalizedPath = normalizeProjectPath(projectPath);
+  return crypto2.createHash("sha256").update(normalizedPath).digest("hex").slice(0, 8);
+}
+function getProjectStoragePath(projectPath) {
+  const hash = hashProjectPath(projectPath);
+  return path3.join(os.homedir(), ".claude-code", "memory", "projects", hash);
+}
+
 // src/core/sqlite-wrapper.ts
 import Database from "better-sqlite3";
-import * as fs3 from "fs";
+import * as fs4 from "fs";
 import * as nodePath from "path";
 function createSQLiteDatabase(path12, options) {
   const dir = nodePath.dirname(path12);
-  if (!fs3.existsSync(dir)) {
-    fs3.mkdirSync(dir, { recursive: true });
+  if (!fs4.existsSync(dir)) {
+    fs4.mkdirSync(dir, { recursive: true });
   }
   const db = new Database(path12, {
     readonly: options?.readonly ?? false
@@ -2376,8 +2401,8 @@ function toSQLiteTimestamp(date) {
 }
 
 // src/core/markdown-mirror.ts
-import * as fs4 from "fs/promises";
-import * as path3 from "path";
+import * as fs5 from "fs/promises";
+import * as path4 from "path";
 var DEFAULT_NAMESPACE = "default";
 var DEFAULT_CATEGORY = "uncategorized";
 function sanitizeSegment2(input, fallback) {
@@ -2406,7 +2431,7 @@ function buildMirrorPath2(rootDir, event) {
   const yyyy = d.getFullYear();
   const mm = String(d.getMonth() + 1).padStart(2, "0");
   const dd = String(d.getDate()).padStart(2, "0");
-  return path3.join(rootDir, "memory", namespace, ...categories, `${yyyy}-${mm}-${dd}.md`);
+  return path4.join(rootDir, "memory", namespace, ...categories, `${yyyy}-${mm}-${dd}.md`);
 }
 function formatMirrorEntry(event) {
   const category = Array.isArray(event.metadata?.categoryPath) ? event.metadata.categoryPath.join("/") : String(event.metadata?.category ?? event.eventType);
@@ -2427,8 +2452,8 @@ var MarkdownMirror2 = class {
   }
   async append(event) {
     const outPath = buildMirrorPath2(this.rootDir, event);
-    await fs4.mkdir(path3.dirname(outPath), { recursive: true });
-    await fs4.appendFile(outPath, formatMirrorEntry(event), "utf8");
+    await fs5.mkdir(path4.dirname(outPath), { recursive: true });
+    await fs5.appendFile(outPath, formatMirrorEntry(event), "utf8");
     return outPath;
   }
 };
@@ -2441,6 +2466,143 @@ function normalizeQueryRewriteKind(value) {
   return "none";
 }
 var REWRITTEN_QUERY_REWRITE_KIND_SQL = `LOWER(TRIM(COALESCE(query_rewrite_kind, 'none'))) IN ('follow-up-context', 'intent-rewrite')`;
+var DEFAULT_OUTBOX_STUCK_THRESHOLD_MS = 5 * 60 * 1e3;
+var DEFAULT_OUTBOX_MAX_RETRIES = 3;
+function emptyOutboxRecoveryResult() {
+  return {
+    embedding: { recoveredProcessing: 0, retriedFailed: 0 },
+    vector: { recoveredProcessing: 0, retriedFailed: 0 }
+  };
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function getNestedRecord(root, path12) {
+  let cursor = root;
+  for (const key of path12) {
+    if (!isRecord(cursor))
+      return void 0;
+    cursor = cursor[key];
+  }
+  return isRecord(cursor) ? cursor : void 0;
+}
+function getNestedString(root, path12) {
+  let cursor = root;
+  for (const key of path12) {
+    if (!isRecord(cursor))
+      return void 0;
+    cursor = cursor[key];
+  }
+  return typeof cursor === "string" && cursor.length > 0 ? cursor : void 0;
+}
+function metadataProjectHash(metadata) {
+  return getNestedString(metadata, ["scope", "project", "hash"]);
+}
+function metadataProjectPaths(metadata) {
+  const candidates = [
+    getNestedString(metadata, ["projectPath"]),
+    getNestedString(metadata, ["sourceProjectPath"]),
+    getNestedString(metadata, ["scope", "project", "path"])
+  ];
+  const paths = [];
+  for (const value of candidates) {
+    if (value && !paths.includes(value))
+      paths.push(value);
+  }
+  return paths;
+}
+function metadataProjectPath(metadata) {
+  return metadataProjectPaths(metadata)[0];
+}
+function isActiveQuarantinedMetadata(metadata) {
+  const quarantine = getNestedRecord(metadata, ["quarantine"]);
+  return quarantine?.status === "active";
+}
+function activeQuarantineStatusExpression(column = "metadata") {
+  return `COALESCE(json_extract(CASE WHEN json_valid(${column}) THEN ${column} ELSE '{}' END, '$.quarantine.status'), '')`;
+}
+function notActiveQuarantinedSql(column = "metadata") {
+  return `${activeQuarantineStatusExpression(column)} != 'active'`;
+}
+function maybeQuarantinePredicate(options, column = "metadata") {
+  return options?.includeQuarantined ? "1=1" : notActiveQuarantinedSql(column);
+}
+function safeParseMetadataValue(value) {
+  if (!value)
+    return void 0;
+  if (typeof value === "object")
+    return isRecord(value) ? value : void 0;
+  if (typeof value !== "string")
+    return void 0;
+  try {
+    const parsed = JSON.parse(value);
+    return isRecord(parsed) ? parsed : void 0;
+  } catch {
+    return void 0;
+  }
+}
+function isImportedOrLegacyScopedMetadata(metadata) {
+  if (!metadata)
+    return false;
+  return Boolean(
+    metadata.importedFrom || metadata.sourceSessionId || metadata.sourceSessionHash || metadata.hermesSource || metadata.projectPath || metadata.sourceProjectPath || metadata.source === "hermes" || metadata.source === "claude" || metadata.source === "codex"
+  );
+}
+function addMetadataTag(metadata, tag) {
+  const current = Array.isArray(metadata.tags) ? metadata.tags.filter((value) => typeof value === "string") : [];
+  if (!current.includes(tag))
+    metadata.tags = [...current, tag];
+}
+function buildRepairResult(projectHash, dryRun) {
+  return {
+    dryRun,
+    projectHash,
+    scanned: 0,
+    repaired: 0,
+    quarantined: 0,
+    alreadyScoped: 0,
+    skipped: 0,
+    samples: []
+  };
+}
+function normalizeRepoName(value) {
+  return value.replace(/\.git$/i, "").trim().toLowerCase();
+}
+function projectBasename(projectPath) {
+  if (!projectPath)
+    return void 0;
+  const trimmed = projectPath.replace(/[\\/]+$/, "");
+  const basename2 = nodePath2.basename(trimmed);
+  return basename2 ? normalizeRepoName(basename2) : void 0;
+}
+function isProjectScopeRepairExplanation(content) {
+  const normalized = content.toLowerCase();
+  const hasRepairContext = /project[- ]scope|mis[- ]scoped|quarantine|contamination|legacy|오염|격리|repair/.test(normalized);
+  const hasExplanationContext = /example|detector|trap|not a .*project task|기억|메모리|설명|수정|검증/.test(normalized);
+  return hasRepairContext && hasExplanationContext;
+}
+function hasConflictingContentProjectHint(content, projectPath) {
+  const currentName = projectBasename(projectPath);
+  if (!currentName)
+    return false;
+  if (isProjectScopeRepairExplanation(content))
+    return false;
+  const githubRepoPattern = /github\.com[:/]([^/\s`'"#)]+)\/([^/\s`'"#)]+)(?:\.git)?/gi;
+  let githubMatch;
+  while ((githubMatch = githubRepoPattern.exec(content)) !== null) {
+    const repo = normalizeRepoName(githubMatch[2] || "");
+    if (repo && repo !== currentName)
+      return true;
+  }
+  const workspacePathPattern = /\/workspace\/([^/\s`'"#)]+)/gi;
+  let workspaceMatch;
+  while ((workspaceMatch = workspacePathPattern.exec(content)) !== null) {
+    const repo = normalizeRepoName(workspaceMatch[1] || "");
+    if (repo && repo !== currentName)
+      return true;
+  }
+  return false;
+}
 var SQLiteEventStore = class {
   db;
   initialized = false;
@@ -2939,11 +3101,11 @@ var SQLiteEventStore = class {
   /**
    * Get events by session ID
    */
-  async getSessionEvents(sessionId) {
+  async getSessionEvents(sessionId, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE session_id = ? ORDER BY timestamp ASC`,
+      `SELECT * FROM events WHERE session_id = ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC`,
       [sessionId]
     );
     return rows.map(this.rowToEvent);
@@ -2951,11 +3113,11 @@ var SQLiteEventStore = class {
   /**
    * Get recent events
    */
-  async getRecentEvents(limit = 100) {
+  async getRecentEvents(limit = 100, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events ORDER BY timestamp DESC LIMIT ?`,
+      `SELECT * FROM events WHERE ${maybeQuarantinePredicate(options)} ORDER BY timestamp DESC LIMIT ?`,
       [limit]
     );
     return rows.map(this.rowToEvent);
@@ -2963,11 +3125,11 @@ var SQLiteEventStore = class {
   /**
    * Get event by ID
    */
-  async getEvent(id) {
+  async getEvent(id, options) {
     await this.initialize();
     const row = sqliteGet(
       this.db,
-      `SELECT * FROM events WHERE id = ?`,
+      `SELECT * FROM events WHERE id = ? AND ${maybeQuarantinePredicate(options)}`,
       [id]
     );
     if (!row)
@@ -2977,11 +3139,11 @@ var SQLiteEventStore = class {
   /**
    * Get events since a timestamp (for sync)
    */
-  async getEventsSince(timestamp, limit = 1e3) {
+  async getEventsSince(timestamp, limit = 1e3, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE timestamp > ? ORDER BY timestamp ASC LIMIT ?`,
+      `SELECT * FROM events WHERE timestamp > ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC LIMIT ?`,
       [timestamp, limit]
     );
     return rows.map(this.rowToEvent);
@@ -2990,11 +3152,11 @@ var SQLiteEventStore = class {
    * Get events since a SQLite rowid (for robust incremental replication).
    * Rowid is monotonic for append-only tables, independent of client timestamps.
    */
-  async getEventsSinceRowid(lastRowid, limit = 1e3) {
+  async getEventsSinceRowid(lastRowid, limit = 1e3, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT rowid as _rowid, * FROM events WHERE rowid > ? ORDER BY rowid ASC LIMIT ?`,
+      `SELECT rowid as _rowid, * FROM events WHERE rowid > ? AND ${maybeQuarantinePredicate(options)} ORDER BY rowid ASC LIMIT ?`,
       [lastRowid, limit]
     );
     return rows.map((row) => ({
@@ -3191,7 +3353,9 @@ var SQLiteEventStore = class {
     const placeholders = ids.map(() => "?").join(",");
     sqliteRun(
       this.db,
-      `UPDATE embedding_outbox SET status = 'processing' WHERE id IN (${placeholders})`,
+      `UPDATE embedding_outbox
+       SET status = 'processing', processed_at = datetime('now'), error_message = NULL
+       WHERE id IN (${placeholders})`,
       ids
     );
     return pending.map((row) => ({
@@ -3227,19 +3391,19 @@ var SQLiteEventStore = class {
   /**
    * Count total events
    */
-  async countEvents() {
+  async countEvents(options) {
     await this.initialize();
-    const row = sqliteGet(this.db, `SELECT COUNT(*) as count FROM events`);
+    const row = sqliteGet(this.db, `SELECT COUNT(*) as count FROM events WHERE ${maybeQuarantinePredicate(options)}`);
     return row?.count || 0;
   }
   /**
    * Get events page in timestamp ascending order (stable migration/reindex scans)
    */
-  async getEventsPage(limit = 1e3, offset = 0) {
+  async getEventsPage(limit = 1e3, offset = 0, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events ORDER BY timestamp ASC LIMIT ? OFFSET ?`,
+      `SELECT * FROM events WHERE ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC LIMIT ? OFFSET ?`,
       [limit, offset]
     );
     return rows.map(this.rowToEvent);
@@ -3261,6 +3425,197 @@ var SQLiteEventStore = class {
       [error, ...ids]
     );
   }
+  /**
+   * Recover abandoned outbox work after a worker/process crash.
+   *
+   * Rows in `processing` are claimed work. If the process exits before marking
+   * them done/failed, they otherwise remain invisible to future processing.
+   * Recovery is deliberately age-gated so an active worker is not disturbed.
+   */
+  async recoverStuckOutboxItems(options = {}) {
+    await this.initialize();
+    const thresholdMs = Number.isFinite(options.stuckThresholdMs) && (options.stuckThresholdMs ?? 0) >= 0 ? options.stuckThresholdMs : DEFAULT_OUTBOX_STUCK_THRESHOLD_MS;
+    const maxRetries = Number.isFinite(options.maxRetries) && (options.maxRetries ?? 0) > 0 ? options.maxRetries : DEFAULT_OUTBOX_MAX_RETRIES;
+    const now = options.now ?? /* @__PURE__ */ new Date();
+    const threshold = new Date(now.getTime() - thresholdMs).toISOString();
+    const result = emptyOutboxRecoveryResult();
+    const embeddingRecovered = sqliteRun(
+      this.db,
+      `UPDATE embedding_outbox
+       SET status = 'pending', processed_at = NULL, error_message = NULL
+       WHERE status = 'processing'
+         AND datetime(COALESCE(processed_at, created_at)) < datetime(?)`,
+      [threshold]
+    );
+    result.embedding.recoveredProcessing = Number(embeddingRecovered.changes ?? 0);
+    const embeddingRetried = sqliteRun(
+      this.db,
+      `UPDATE embedding_outbox
+       SET status = 'pending', error_message = NULL
+       WHERE status = 'failed'
+         AND retry_count < ?`,
+      [maxRetries]
+    );
+    result.embedding.retriedFailed = Number(embeddingRetried.changes ?? 0);
+    const vectorRecovered = sqliteRun(
+      this.db,
+      `UPDATE vector_outbox
+       SET status = 'pending', updated_at = ?, error = NULL
+       WHERE status = 'processing'
+         AND datetime(updated_at) < datetime(?)`,
+      [now.toISOString(), threshold]
+    );
+    result.vector.recoveredProcessing = Number(vectorRecovered.changes ?? 0);
+    const vectorRetried = sqliteRun(
+      this.db,
+      `UPDATE vector_outbox
+       SET status = 'pending', updated_at = ?, error = NULL
+       WHERE status = 'failed'
+         AND retry_count < ?`,
+      [now.toISOString(), maxRetries]
+    );
+    result.vector.retriedFailed = Number(vectorRetried.changes ?? 0);
+    return result;
+  }
+  /**
+   * Repair legacy imported events that predate canonical project scope metadata.
+   *
+   * Same-project legacy rows are tagged with scope.project.hash. Rows that look
+   * imported but cannot be proven to belong to this project are quarantined so
+   * dashboard default reads/search do not surface cross-project contamination.
+   */
+  async repairLegacyProjectScope(options = {}) {
+    await this.initialize();
+    const projectHash = options.projectHash || (options.projectPath ? hashProjectPath(options.projectPath) : void 0);
+    if (!projectHash) {
+      throw new Error("repairLegacyProjectScope requires projectPath or projectHash");
+    }
+    if (options.projectPath && options.projectHash && hashProjectPath(options.projectPath) !== options.projectHash) {
+      throw new Error("repairLegacyProjectScope projectPath and projectHash refer to different project stores");
+    }
+    const dryRun = options.dryRun === true;
+    const nowIso = (options.now || /* @__PURE__ */ new Date()).toISOString();
+    const result = buildRepairResult(projectHash, dryRun);
+    const rows = sqliteAll(
+      this.db,
+      `SELECT e.id, e.content, e.metadata, s.project_path as session_project_path
+       FROM events e
+       LEFT JOIN sessions s ON s.id = e.session_id
+       ORDER BY e.timestamp ASC`,
+      []
+    );
+    const sample = (entry) => {
+      if (result.samples.length < 20)
+        result.samples.push(entry);
+    };
+    for (const row of rows) {
+      result.scanned++;
+      let metadata = {};
+      let metadataParseInvalid = false;
+      if (row.metadata) {
+        const parsed = safeParseMetadataValue(row.metadata);
+        if (parsed) {
+          metadata = parsed;
+        } else {
+          metadataParseInvalid = true;
+        }
+      }
+      if (isActiveQuarantinedMetadata(metadata)) {
+        result.skipped++;
+        continue;
+      }
+      const currentHash = metadataProjectHash(metadata);
+      const explicitPath = metadataProjectPath(metadata);
+      const sessionProjectPath = typeof row.session_project_path === "string" && row.session_project_path.length > 0 ? row.session_project_path : void 0;
+      const candidatePaths = metadataProjectPaths(metadata);
+      if (sessionProjectPath && !candidatePaths.includes(sessionProjectPath)) {
+        candidatePaths.push(sessionProjectPath);
+      }
+      const importedOrLegacy = metadataParseInvalid || isImportedOrLegacyScopedMetadata(metadata) || Boolean(sessionProjectPath);
+      const pathHashes = candidatePaths.map((candidate) => {
+        try {
+          return { path: candidate, hash: hashProjectPath(candidate) };
+        } catch {
+          return { path: candidate, hash: void 0 };
+        }
+      });
+      const matchingPath = pathHashes.find((candidate) => candidate.hash === projectHash);
+      const foreignPath = pathHashes.find((candidate) => candidate.hash && candidate.hash !== projectHash);
+      let action = "skipped";
+      let reason;
+      let observedProjectHash;
+      if (foreignPath) {
+        action = "quarantined";
+        reason = "project-path-mismatch";
+        observedProjectHash = foreignPath.hash;
+      } else if (currentHash === projectHash && importedOrLegacy && hasConflictingContentProjectHint(row.content, options.projectPath)) {
+        action = "quarantined";
+        reason = "content-project-mismatch";
+      } else if (currentHash === projectHash) {
+        result.alreadyScoped++;
+        continue;
+      } else if (currentHash && currentHash !== projectHash) {
+        action = "quarantined";
+        reason = "scope-hash-mismatch";
+        observedProjectHash = currentHash;
+      } else if (matchingPath) {
+        action = "repaired";
+        reason = matchingPath.path === sessionProjectPath && matchingPath.path !== explicitPath ? "session-project-path" : "same-project-path";
+      } else if (candidatePaths.length > 0) {
+        action = "quarantined";
+        reason = "project-path-mismatch";
+      } else if (importedOrLegacy) {
+        action = "quarantined";
+        reason = "missing-project-scope";
+      }
+      if (action === "skipped" || !reason) {
+        result.skipped++;
+        continue;
+      }
+      if (action === "repaired") {
+        const scope = isRecord(metadata.scope) ? { ...metadata.scope } : {};
+        const project = isRecord(scope.project) ? { ...scope.project } : {};
+        project.hash = projectHash;
+        scope.project = project;
+        metadata.scope = scope;
+        metadata.repair = {
+          ...isRecord(metadata.repair) ? metadata.repair : {},
+          legacyProjectScope: {
+            action,
+            reason,
+            repairedAt: nowIso
+          }
+        };
+        addMetadataTag(metadata, `proj:${projectHash}`);
+        result.repaired++;
+      } else {
+        metadata.quarantine = {
+          ...isRecord(metadata.quarantine) ? metadata.quarantine : {},
+          status: "active",
+          category: "project-scope",
+          reason,
+          detectedAt: nowIso,
+          expectedProjectHash: projectHash,
+          ...observedProjectHash ? { observedProjectHash } : {}
+        };
+        metadata.repair = {
+          ...isRecord(metadata.repair) ? metadata.repair : {},
+          legacyProjectScope: {
+            action,
+            reason,
+            repairedAt: nowIso
+          }
+        };
+        addMetadataTag(metadata, "quarantine:project-scope");
+        result.quarantined++;
+      }
+      sample({ eventId: row.id, action, reason });
+      if (!dryRun) {
+        sqliteRun(this.db, `UPDATE events SET metadata = ? WHERE id = ?`, [JSON.stringify(metadata), row.id]);
+      }
+    }
+    return result;
+  }
   /**
    * Get embedding/vector outbox health statistics
    */
@@ -3308,7 +3663,11 @@ var SQLiteEventStore = class {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT level, COUNT(*) as count FROM memory_levels GROUP BY level`
+      `SELECT ml.level, COUNT(*) as count
+       FROM memory_levels ml
+       INNER JOIN events e ON e.id = ml.event_id
+       WHERE ${notActiveQuarantinedSql("e.metadata")}
+       GROUP BY ml.level`
     );
     return rows;
   }
@@ -3324,6 +3683,7 @@ var SQLiteEventStore = class {
       `SELECT e.* FROM events e
        INNER JOIN memory_levels ml ON e.id = ml.event_id
        WHERE ml.level = ?
+         AND ${notActiveQuarantinedSql("e.metadata")}
        ORDER BY e.timestamp DESC
        LIMIT ? OFFSET ?`,
       [level, limit, offset]
@@ -3416,12 +3776,13 @@ var SQLiteEventStore = class {
   /**
    * Get most accessed memories (falls back to recent events if none accessed)
    */
-  async getMostAccessed(limit = 10) {
+  async getMostAccessed(limit = 10, options) {
     await this.initialize();
     let rows = sqliteAll(
       this.db,
       `SELECT * FROM events
        WHERE access_count > 0
+         AND ${maybeQuarantinePredicate(options)}
        ORDER BY access_count DESC, last_accessed_at DESC
        LIMIT ?`,
       [limit]
@@ -3430,6 +3791,7 @@ var SQLiteEventStore = class {
       rows = sqliteAll(
         this.db,
         `SELECT * FROM events
+         WHERE ${maybeQuarantinePredicate(options)}
          ORDER BY timestamp DESC
          LIMIT ?`,
         [limit]
@@ -3560,6 +3922,7 @@ var SQLiteEventStore = class {
        FROM memory_helpfulness mh
        JOIN events e ON e.id = mh.event_id
        WHERE mh.measured_at IS NOT NULL
+         AND ${notActiveQuarantinedSql("e.metadata")}
        GROUP BY mh.event_id
        ORDER BY avg_score DESC
        LIMIT ?`,
@@ -3624,6 +3987,7 @@ var SQLiteEventStore = class {
          FROM events_fts fts
          JOIN events e ON e.id = fts.event_id
          WHERE events_fts MATCH ?
+           AND ${notActiveQuarantinedSql("e.metadata")}
          ORDER BY fts.rank
          LIMIT ?`,
         [searchTerms, limit]
@@ -3638,6 +4002,7 @@ var SQLiteEventStore = class {
         this.db,
         `SELECT *, 0 as rank FROM events
          WHERE content LIKE ?
+           AND ${notActiveQuarantinedSql()}
          ORDER BY timestamp DESC
          LIMIT ?`,
         [likePattern, limit]
@@ -3844,6 +4209,7 @@ var SQLiteEventStore = class {
       `SELECT turn_id, MIN(timestamp) as min_ts
        FROM events
        WHERE session_id = ? AND turn_id IS NOT NULL
+         AND ${maybeQuarantinePredicate(options)}
        GROUP BY turn_id
        ORDER BY min_ts DESC
        LIMIT ? OFFSET ?`,
@@ -3851,7 +4217,7 @@ var SQLiteEventStore = class {
     );
     const turns = [];
     for (const turnRow of turnRows) {
-      const events = await this.getEventsByTurn(turnRow.turn_id);
+      const events = await this.getEventsByTurn(turnRow.turn_id, options);
       const promptEvent = events.find((e) => e.eventType === "user_prompt");
       const toolEvents = events.filter((e) => e.eventType === "tool_observation");
       const hasResponse = events.some((e) => e.eventType === "agent_response");
@@ -3870,11 +4236,11 @@ var SQLiteEventStore = class {
   /**
    * Get all events for a specific turn_id
    */
-  async getEventsByTurn(turnId) {
+  async getEventsByTurn(turnId, options) {
     await this.initialize();
     const rows = sqliteAll(
       this.db,
-      `SELECT * FROM events WHERE turn_id = ? ORDER BY timestamp ASC`,
+      `SELECT * FROM events WHERE turn_id = ? AND ${maybeQuarantinePredicate(options)} ORDER BY timestamp ASC`,
       [turnId]
     );
     return rows.map(this.rowToEvent);
@@ -3882,13 +4248,14 @@ var SQLiteEventStore = class {
   /**
    * Count total turns for a session
    */
-  async countSessionTurns(sessionId) {
+  async countSessionTurns(sessionId, options) {
     await this.initialize();
     const row = sqliteGet(
       this.db,
       `SELECT COUNT(DISTINCT turn_id) as count
        FROM events
-       WHERE session_id = ? AND turn_id IS NOT NULL`,
+       WHERE session_id = ? AND turn_id IS NOT NULL
+         AND ${maybeQuarantinePredicate(options)}`,
       [sessionId]
     );
     return row?.count || 0;
@@ -3980,7 +4347,7 @@ var SQLiteEventStore = class {
       content: row.content,
       canonicalKey: row.canonical_key,
       dedupeKey: row.dedupe_key,
-      metadata: row.metadata ? JSON.parse(row.metadata) : void 0
+      metadata: safeParseMetadataValue(row.metadata)
     };
     if (row.access_count !== void 0) {
       event.access_count = row.access_count;
@@ -4132,6 +4499,7 @@ var VectorStore = class {
    * Get total count of vectors
    */
   async count() {
+    await this.initialize();
     if (!this.table)
       return 0;
     const result = await this.table.countRows();
@@ -4570,6 +4938,14 @@ var MemoryQueryService = class {
     await this.initialize();
     return this.getMaintenanceStore("getOutboxStats").getOutboxStats();
   }
+  async recoverStuckOutboxItems(options) {
+    await this.initialize();
+    return this.getMaintenanceStore("recoverStuckOutboxItems").recoverStuckOutboxItems(options);
+  }
+  async repairLegacyProjectScope(options) {
+    await this.initialize();
+    return this.getMaintenanceStore("repairLegacyProjectScope").repairLegacyProjectScope(options);
+  }
   async getStats() {
     await this.initialize();
     const deps = this.getStatsDeps();
@@ -6192,18 +6568,18 @@ function assertDefaultRetrieverStore(eventStore) {
 function createMemoryEngineServices(options) {
   const factories = options.factories ?? {};
   const storagePath = options.storagePath;
-  if (!options.readOnly && !fs5.existsSync(storagePath)) {
-    fs5.mkdirSync(storagePath, { recursive: true });
+  if (!options.readOnly && !fs6.existsSync(storagePath)) {
+    fs6.mkdirSync(storagePath, { recursive: true });
   }
   const sqliteStore = (factories.createSQLiteEventStore ?? defaultCreateSQLiteEventStore)(
-    path4.join(storagePath, "events.sqlite"),
+    path5.join(storagePath, "events.sqlite"),
     {
       readonly: options.readOnly,
       markdownMirrorRoot: storagePath
     }
   );
   const vectorStore = (factories.createVectorStore ?? defaultCreateVectorStore)(
-    path4.join(storagePath, "vectors")
+    path5.join(storagePath, "vectors")
   );
   const embeddingModel = options.embeddingModel || process.env.CLAUDE_MEMORY_EMBEDDING_MODEL;
   const embedder = embeddingModel ? (factories.createEmbedder ?? defaultCreateEmbedder)(embeddingModel) : (factories.getDefaultEmbedder ?? getDefaultEmbedder)();
@@ -6614,8 +6990,8 @@ function createMemoryRuntimeService(deps) {
 }
 
 // src/extensions/shared-memory/shared-memory-services.ts
-import * as fs6 from "fs";
-import * as path5 from "path";
+import * as fs7 from "fs";
+import * as path6 from "path";
 
 // src/core/shared-event-store.ts
 var SharedEventStore = class {
@@ -7303,7 +7679,7 @@ var SharedMemoryServices = class {
     this.ensureDirectory(sharedPath, { allowCreate: true });
     const store = await this.openStore(sharedPath);
     this.sharedVectorStore = this.factories.createSharedVectorStore(
-      path5.join(sharedPath, "vectors")
+      path6.join(sharedPath, "vectors")
     );
     await this.sharedVectorStore.initialize();
     this.sharedPromoter = this.factories.createSharedPromoter(
@@ -7376,7 +7752,7 @@ var SharedMemoryServices = class {
   async createOpenStorePromise(sharedPath) {
     if (!this.sharedEventStore) {
       const sharedEventStore = this.factories.createSharedEventStore(
-        path5.join(sharedPath, "shared.duckdb")
+        path6.join(sharedPath, "shared.duckdb")
       );
       await sharedEventStore.initialize();
       this.sharedEventStore = sharedEventStore;
@@ -7396,9 +7772,9 @@ var SharedMemoryServices = class {
   }
   get factories() {
     return {
-      existsSync: this.options.factories?.existsSync ?? fs6.existsSync,
+      existsSync: this.options.factories?.existsSync ?? fs7.existsSync,
       mkdirSync: this.options.factories?.mkdirSync ?? ((targetPath) => {
-        fs6.mkdirSync(targetPath, { recursive: true });
+        fs7.mkdirSync(targetPath, { recursive: true });
       }),
       createSharedEventStore: this.options.factories?.createSharedEventStore ?? createSharedEventStore,
       createSharedStore: this.options.factories?.createSharedStore ?? createSharedStore,
@@ -7513,33 +7889,11 @@ function createMemoryServiceComposition(options) {
 }
 function defaultExpandPath(targetPath) {
   if (targetPath.startsWith("~")) {
-    return path6.join(os.homedir(), targetPath.slice(1));
+    return path7.join(os2.homedir(), targetPath.slice(1));
   }
   return targetPath;
 }
 
-// src/core/registry/project-path.ts
-import * as crypto2 from "crypto";
-import * as fs7 from "fs";
-import * as os2 from "os";
-import * as path7 from "path";
-function normalizeProjectPath(projectPath) {
-  const expanded = projectPath.startsWith("~") ? path7.join(os2.homedir(), projectPath.slice(1)) : projectPath;
-  try {
-    return fs7.realpathSync(expanded);
-  } catch {
-    return path7.resolve(expanded);
-  }
-}
-function hashProjectPath(projectPath) {
-  const normalizedPath = normalizeProjectPath(projectPath);
-  return crypto2.createHash("sha256").update(normalizedPath).digest("hex").slice(0, 8);
-}
-function getProjectStoragePath(projectPath) {
-  const hash = hashProjectPath(projectPath);
-  return path7.join(os2.homedir(), ".claude-code", "memory", "projects", hash);
-}
-
 // src/core/registry/session-registry.ts
 import * as fs8 from "fs";
 import * as os3 from "os";
@@ -7838,6 +8192,12 @@ var MemoryService = class {
   async getOutboxStats() {
     return this.queryService.getOutboxStats();
   }
+  async recoverStuckOutboxItems(options) {
+    return this.queryService.recoverStuckOutboxItems(options);
+  }
+  async repairLegacyProjectScope(options) {
+    return this.queryService.repairLegacyProjectScope(options);
+  }
   async getRetrievalTraceStats() {
     return this.retrievalAnalyticsService.getRetrievalTraceStats();
   }
@@ -8223,10 +8583,10 @@ var SENSITIVE_PATTERNS = [
   // Redact the whole URI so usernames, credentials, hosts, paths, and query
   // params do not leak either.
   /\b[a-z][a-z0-9+.-]*:\/\/[^\s'"`<>/@]+@[^\s'"`<>]+/gi,
-  /password\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /api[_-]?key\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /secret\s*[:=]\s*['"]?[^\s'"]+/gi,
-  /token\s*[:=]\s*['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?password\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?api[-_]?key\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?secret\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
+  /(?:[\w.-]+[-_])?token\s*[:=]\s*(?!\[REDACTED\])['"]?[^\s'"]+/gi,
   /bearer\s+[a-zA-Z0-9\-_.]+/gi,
   /AWS[_-]?ACCESS[_-]?KEY[_-]?ID\s*[:=]\s*['"]?[A-Z0-9]+/gi,
   /AWS[_-]?SECRET[_-]?ACCESS[_-]?KEY\s*[:=]\s*['"]?[^\s'"]+/gi,
@@ -8236,8 +8596,37 @@ var SENSITIVE_PATTERNS = [
   /sk-[a-zA-Z0-9]{48}/g
   // OpenAI API Key
 ];
-function maskSensitiveString(value) {
+var CLI_SECRET_OPTION_PATTERNS = [
+  /(--(?:[a-z0-9]+[-_])*(?:password|secret|api[-_]?key|token|bearer)(?:[-_][a-z0-9]+)*(?:\s+|=))(?:"[^"]*"|'[^']*'|[^\s'"`<>]+)/gi
+];
+var URL_FOLLOWING_SECRET_PATTERN = /((?:https?:\/\/[^\s'"`<>]+)\s*\r?\n\s*)([A-Za-z0-9!@#$%^&*._+\-~:=/]{6,})(?=\s*(?:\r?\n|$))/gi;
+function looksLikePastedSecret(value) {
+  return value.length >= 8 && /(?:\d|[^A-Za-z0-9])/.test(value);
+}
+function maskUrlFollowingSecret(value) {
+  let count = 0;
+  const content = value.replace(URL_FOLLOWING_SECRET_PATTERN, (_match, prefix, secret) => {
+    if (!looksLikePastedSecret(secret))
+      return `${prefix}${secret}`;
+    count++;
+    return `${prefix}[REDACTED]`;
+  });
+  return { content, count };
+}
+function maskCliSecretOptions(value) {
+  let count = 0;
   let filtered = value;
+  for (const pattern of CLI_SECRET_OPTION_PATTERNS) {
+    pattern.lastIndex = 0;
+    filtered = filtered.replace(pattern, (_match, prefix) => {
+      count++;
+      return `${prefix}[REDACTED]`;
+    });
+  }
+  return { content: filtered, count };
+}
+function maskSensitiveString(value) {
+  let filtered = maskCliSecretOptions(value).content;
   for (const pattern of SENSITIVE_PATTERNS) {
     pattern.lastIndex = 0;
     filtered = filtered.replace(pattern, "[REDACTED]");
@@ -8257,6 +8646,12 @@ function applyPrivacyFilter(content, config) {
     filtered = tagResult.filtered;
     privateTagCount = tagResult.stats.count;
   }
+  const cliResult = maskCliSecretOptions(filtered);
+  filtered = cliResult.content;
+  patternMatchCount += cliResult.count;
+  const urlSecretResult = maskUrlFollowingSecret(filtered);
+  filtered = urlSecretResult.content;
+  patternMatchCount += urlSecretResult.count;
   for (const pattern of SENSITIVE_PATTERNS) {
     pattern.lastIndex = 0;
     const matches = filtered.match(pattern);
@@ -8268,13 +8663,13 @@ function applyPrivacyFilter(content, config) {
   for (const patternStr of config.excludePatterns || []) {
     try {
       const regex = new RegExp(
-        `(${patternStr})\\s*[:=]\\s*['"]?[^\\s'"]+`,
+        `(^|[^\\w-])(${patternStr})\\s*[:=]\\s*['"]?[^\\s'"]+`,
         "gi"
       );
       const matches = filtered.match(regex);
       if (matches) {
         patternMatchCount += matches.length;
-        filtered = filtered.replace(regex, "[REDACTED]");
+        filtered = filtered.replace(regex, "$1[REDACTED]");
       }
     } catch {
     }