npm - codemem - Versions diffs - 0.25.1 → 0.25.2 - Mend

codemem 0.25.1 → 0.25.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,13 +1,14 @@
 #!/usr/bin/env node
-import { DEFAULT_COORDINATOR_DB_PATH, DedupKeyBackfillRunner, MemoryStore, ObserverClient, RawEventSweeper, SyncRetentionRunner, VERSION, VectorModelMigrationRunner, aiBackfillStructuredContent, applyBootstrapSnapshot, backfillMemoryDedupKeys, backfillNarrativeFromBody, backfillTagsText, backfillVectors, buildAuthHeaders, buildBaseUrl, buildRawEventEnvelopeFromHook, compareMemoryRoleReports, connect, coordinatorCreateGroupAction, coordinatorCreateInviteAction, coordinatorDisableDeviceAction, coordinatorEnrollDeviceAction, coordinatorImportInviteAction, coordinatorListBootstrapGrantsAction, coordinatorListDevicesAction, coordinatorListGroupsAction, coordinatorListJoinRequestsAction, coordinatorRemoveDeviceAction, coordinatorRenameDeviceAction, coordinatorReviewJoinRequestAction, coordinatorRevokeBootstrapGrantAction, createBetterSqliteCoordinatorApp, deactivateLowSignalMemories, deactivateLowSignalObservations, dedupNearDuplicateMemories, ensureDeviceIdentity, exportMemories, fetchAllSnapshotPages, fingerprintPublicKey, getExtractionBenchmarkProfile, getInjectionEvalScenarioPack, getInjectionEvalScenarioPrompts, getMemoryRoleReport, getRawEventRelinkPlan, getRawEventRelinkReport, getRawEventStatus, getSessionExtractionEval, getSessionExtractionEvalScenario, getWorkspaceCodememConfigPath, hasPendingDedupKeyBackfill, hasUnsyncedSharedMemoryChanges, importMemories, initDatabase, isEmbeddingDisabled, loadObserverConfig, loadPublicKey, loadSqliteVec, planReplicationOpsAgePrune, pruneReplicationOpsUntilCaughtUp, rawEventsGate, readCodememConfigFile, readCodememConfigFileAtPath, readCoordinatorSyncConfig, readImportPayload, replayBatchExtraction, replayBatchExtractionWithTierRouting, requestJson, resolveCodememConfigPath, resolveDbPath, resolveHookProject, resolveProject, retryRawEventFailures, runSyncDaemon, runSyncPass, schema, setPeerProjectFilter, stripJsonComments, stripPrivateObj, stripTrailingCommas, syncPassPreflight, updatePeerAddresses, vacuumDatabase, writeCodememConfigFile } from "@codemem/core";
+import { DEFAULT_COORDINATOR_DB_PATH, DedupKeyBackfillRunner, MemoryStore, ObserverClient, RawEventSweeper, SyncRetentionRunner, VERSION, VectorModelMigrationRunner, aiBackfillStructuredContent, applyBootstrapSnapshot, backfillMemoryDedupKeys, backfillNarrativeFromBody, backfillTagsText, backfillVectors, buildAuthHeaders, buildBaseUrl, buildRawEventEnvelopeFromHook, compareMemoryRoleReports, connect, coordinatorCreateGroupAction, coordinatorCreateInviteAction, coordinatorDisableDeviceAction, coordinatorEnrollDeviceAction, coordinatorImportInviteAction, coordinatorListBootstrapGrantsAction, coordinatorListDevicesAction, coordinatorListGroupsAction, coordinatorListJoinRequestsAction, coordinatorRemoveDeviceAction, coordinatorRenameDeviceAction, coordinatorReviewJoinRequestAction, coordinatorRevokeBootstrapGrantAction, createBetterSqliteCoordinatorApp, deactivateLowSignalMemories, deactivateLowSignalObservations, dedupNearDuplicateMemories, ensureDeviceIdentity, exportMemories, fetchAllSnapshotPages, fingerprintPublicKey, flushRawEvents, getExtractionBenchmarkProfile, getInjectionEvalScenarioPack, getInjectionEvalScenarioPrompts, getMemoryRoleReport, getRawEventRelinkPlan, getRawEventRelinkReport, getRawEventStatus, getSessionExtractionEval, getSessionExtractionEvalScenario, getWorkspaceCodememConfigPath, hasPendingDedupKeyBackfill, hasUnsyncedSharedMemoryChanges, importMemories, initDatabase, isEmbeddingDisabled, loadObserverConfig, loadPublicKey, loadSqliteVec, planReplicationOpsAgePrune, pruneReplicationOpsUntilCaughtUp, rawEventsGate, readCodememConfigFile, readCodememConfigFileAtPath, readCoordinatorSyncConfig, readImportPayload, replayBatchExtraction, replayBatchExtractionWithTierRouting, requestJson, resolveCodememConfigPath, resolveDbPath, resolveHookProject, resolveProject, retryRawEventFailures, runSyncDaemon, runSyncPass, schema, setPeerProjectFilter, stripJsonComments, stripPrivateObj, stripTrailingCommas, syncPassPreflight, updatePeerAddresses, vacuumDatabase, writeCodememConfigFile } from "@codemem/core";
 import { Command, Option } from "commander";
 import omelette from "omelette";
-import { existsSync, mkdirSync, readFileSync, rmSync, statSync, writeFileSync } from "node:fs";
+import { appendFileSync, existsSync, mkdirSync, readFileSync, readdirSync, renameSync, rmSync, rmdirSync, statSync, unlinkSync, writeFileSync } from "node:fs";
 import { styleText } from "node:util";
-import * as p from "@clack/prompts";
-import { serve } from "@hono/node-server";
+import { createHash, randomInt } from "node:crypto";
 import { homedir, networkInterfaces } from "node:os";
 import { dirname, join } from "node:path";
+import * as p from "@clack/prompts";
+import { serve } from "@hono/node-server";
 import { spawn, spawnSync } from "node:child_process";
 import net from "node:net";
 import { desc, eq } from "drizzle-orm";
@@ -76,14 +77,686 @@ function emitJsonError(errorCode, message, exitCode = 1) {
 	process.exitCode = exitCode;
 }
 //#endregion
+//#region src/commands/claude-hook-plugin-log.ts
+/**
+* Append-only plugin failure log used by both `claude-hook-inject` and
+* `claude-hook-ingest` to record errors that don't justify crashing the
+* hook command itself.
+*
+* Behavior:
+* - Default log path is `~/.codemem/plugin.log`.
+* - `CODEMEM_PLUGIN_LOG_PATH` (preferred) or `CODEMEM_PLUGIN_LOG` may
+*   override the path. Boolean-shaped values (`0/1/true/false/yes/no/on/off`
+*   and empty) are treated as toggles, not paths, so the default is used.
+* - All I/O is best-effort: failures are swallowed.
+*/
+var BOOLEAN_TOGGLE_VALUES = new Set([
+	"",
+	"0",
+	"false",
+	"off",
+	"1",
+	"true",
+	"yes",
+	"on",
+	"no"
+]);
+function expandHome$2(value) {
+	if (value === "~") return homedir();
+	if (value.startsWith("~/")) return join(homedir(), value.slice(2));
+	return value;
+}
+function pluginLogPath() {
+	const raw = process.env.CODEMEM_PLUGIN_LOG_PATH ?? process.env.CODEMEM_PLUGIN_LOG ?? "";
+	const normalized = raw.trim().toLowerCase();
+	if (BOOLEAN_TOGGLE_VALUES.has(normalized)) return expandHome$2("~/.codemem/plugin.log");
+	return expandHome$2(raw.trim());
+}
+/**
+* Append a single timestamped line to the plugin log. Best-effort: any
+* filesystem error is swallowed so a logging failure can never bubble up
+* into a Claude hook crash.
+*/
+function logHookFailure(message) {
+	const path = pluginLogPath();
+	try {
+		mkdirSync(dirname(path), { recursive: true });
+		appendFileSync(path, `${(/* @__PURE__ */ new Date()).toISOString()} ${message}\n`, { encoding: "utf8" });
+	} catch {}
+}
+//#endregion
+//#region src/commands/claude-hook-ingest-spool.ts
+/**
+* Durability layer for `claude-hook-ingest`: file-based mutex to
+* serialize concurrent invocations, on-disk spool that captures
+* payloads when both HTTP and direct ingestion paths fail, and a
+* recovery routine that promotes stale temp files back into the queue.
+*/
+var DEFAULT_LOCK_TTL_S = 300;
+var DEFAULT_LOCK_GRACE_S = 2;
+var LOCK_ACQUIRE_ATTEMPTS = 100;
+var LOCK_ACQUIRE_BACKOFF_MS = 50;
+var LockBusyError = class extends Error {
+	constructor() {
+		super("claude-hook-ingest lock busy");
+		this.name = "LockBusyError";
+	}
+};
+function expandHome$1(value) {
+	if (value === "~") return homedir();
+	if (value.startsWith("~/")) return join(homedir(), value.slice(2));
+	return value;
+}
+function envInt(name, fallback) {
+	const raw = process.env[name];
+	if (raw === void 0) return fallback;
+	const parsed = Number.parseInt(raw, 10);
+	return Number.isFinite(parsed) ? parsed : fallback;
+}
+function envTruthy$1(name, fallback) {
+	const raw = process.env[name];
+	if (raw === void 0) return fallback;
+	const normalized = raw.trim().toLowerCase();
+	if ([
+		"1",
+		"true",
+		"yes",
+		"on"
+	].includes(normalized)) return true;
+	if ([
+		"0",
+		"false",
+		"no",
+		"off"
+	].includes(normalized)) return false;
+	return fallback;
+}
+function lockConfig() {
+	return {
+		lockDir: expandHome$1(process.env.CODEMEM_CLAUDE_HOOK_LOCK_DIR?.trim() || "~/.codemem/claude-hook-ingest.lock"),
+		ttlSeconds: Math.max(1, envInt("CODEMEM_CLAUDE_HOOK_LOCK_TTL_S", DEFAULT_LOCK_TTL_S)),
+		graceSeconds: Math.max(1, envInt("CODEMEM_CLAUDE_HOOK_LOCK_GRACE_S", DEFAULT_LOCK_GRACE_S))
+	};
+}
+function spoolDir() {
+	return expandHome$1(process.env.CODEMEM_CLAUDE_HOOK_SPOOL_DIR?.trim() || "~/.codemem/claude-hook-spool");
+}
+/**
+* Cheap pre-check used by the unlocked HTTP-success path to decide
+* whether it needs to acquire the ingest lock and drain queued
+* payloads. Returns true when the spool directory contains at least
+* one active entry (a `*.json` file that is neither an in-flight
+* `.hook-tmp-*` nor a quarantined `.bad-*` file). Any I/O failure
+* is treated as "no entries" so callers stay on the fast path.
+*/
+function hasSpooledEntries() {
+	const dir = spoolDir();
+	let entries;
+	try {
+		entries = readdirSync(dir);
+	} catch {
+		return false;
+	}
+	for (const name of entries) {
+		if (!name.endsWith(".json")) continue;
+		if (name.startsWith(".hook-tmp-") || name.startsWith(".bad-")) continue;
+		return true;
+	}
+	return false;
+}
+function readFileTrimmedOrEmpty(path) {
+	try {
+		return readFileSync(path, "utf8").trim();
+	} catch {
+		return "";
+	}
+}
+function readLockMetadata(lockDir) {
+	const pid = readFileTrimmedOrEmpty(join(lockDir, "pid"));
+	const owner = readFileTrimmedOrEmpty(join(lockDir, "owner"));
+	const tsRaw = readFileTrimmedOrEmpty(join(lockDir, "ts"));
+	const ts = tsRaw === "" ? null : Number.parseInt(tsRaw, 10);
+	return {
+		pid,
+		ts: ts === null || !Number.isFinite(ts) ? null : ts,
+		owner
+	};
+}
+function isPidAlive(pidText) {
+	const pid = Number.parseInt(pidText, 10);
+	if (!Number.isFinite(pid) || pid <= 0) return false;
+	try {
+		process.kill(pid, 0);
+		return true;
+	} catch {
+		return false;
+	}
+}
+function lockIsStale(cfg) {
+	const snapshot = readLockMetadata(cfg.lockDir);
+	const nowS = Math.floor(Date.now() / 1e3);
+	if (snapshot.pid) {
+		if (isPidAlive(snapshot.pid)) {
+			if (snapshot.ts === null) return {
+				stale: false,
+				snapshot
+			};
+			return {
+				stale: nowS - snapshot.ts > cfg.ttlSeconds,
+				snapshot
+			};
+		}
+		return {
+			stale: true,
+			snapshot
+		};
+	}
+	if (snapshot.ts !== null) return {
+		stale: nowS - snapshot.ts > cfg.graceSeconds,
+		snapshot
+	};
+	let mtimeS;
+	try {
+		mtimeS = Math.floor(statSync(cfg.lockDir).mtimeMs / 1e3);
+	} catch {
+		return {
+			stale: true,
+			snapshot
+		};
+	}
+	return {
+		stale: nowS - mtimeS > cfg.graceSeconds,
+		snapshot
+	};
+}
+function cleanupLockDir(lockDir) {
+	for (const name of [
+		"pid",
+		"ts",
+		"owner"
+	]) try {
+		unlinkSync(join(lockDir, name));
+	} catch {}
+	try {
+		rmdirSync(lockDir);
+	} catch {}
+}
+function snapshotsEqual(a, b) {
+	return a.pid === b.pid && a.ts === b.ts && a.owner === b.owner;
+}
+function cleanupLockDirIfUnchanged(lockDir, snapshot) {
+	if (snapshotsEqual(readLockMetadata(lockDir), snapshot)) cleanupLockDir(lockDir);
+}
+function isErrnoException(err) {
+	return typeof err === "object" && err !== null && "code" in err;
+}
+async function sleep(ms) {
+	return new Promise((resolve) => setTimeout(resolve, ms));
+}
+/**
+* Run `fn` while holding the claude-hook-ingest lock. Throws
+* `LockBusyError` when the lock cannot be acquired within
+* `LOCK_ACQUIRE_ATTEMPTS` attempts.
+*
+* The lock is a directory at `lockDir`, with three sentinel files
+* (`pid`, `ts`, `owner`) recording who currently holds it. Stale locks
+* are detected via PID liveness, TTL, and a grace window for the
+* race between mkdir and writing pid/ts.
+*/
+async function withClaudeHookIngestLock(fn) {
+	const cfg = lockConfig();
+	mkdirSync(dirname(cfg.lockDir), { recursive: true });
+	const ownerToken = `${process.pid}-${Math.floor(Date.now() / 1e3)}-${randomInt(1e3, 1e4)}`;
+	let acquired = false;
+	for (let attempt = 0; attempt < LOCK_ACQUIRE_ATTEMPTS; attempt++) {
+		try {
+			mkdirSync(cfg.lockDir);
+		} catch (err) {
+			if (isErrnoException(err) && err.code === "EEXIST") {
+				const { stale, snapshot } = lockIsStale(cfg);
+				if (stale) cleanupLockDirIfUnchanged(cfg.lockDir, snapshot);
+				await sleep(LOCK_ACQUIRE_BACKOFF_MS);
+				continue;
+			}
+			await sleep(LOCK_ACQUIRE_BACKOFF_MS);
+			continue;
+		}
+		try {
+			writeFileSync(join(cfg.lockDir, "ts"), String(Math.floor(Date.now() / 1e3)), { encoding: "utf8" });
+			writeFileSync(join(cfg.lockDir, "pid"), String(process.pid), { encoding: "utf8" });
+			writeFileSync(join(cfg.lockDir, "owner"), ownerToken, { encoding: "utf8" });
+			acquired = true;
+			break;
+		} catch {
+			cleanupLockDir(cfg.lockDir);
+			await sleep(LOCK_ACQUIRE_BACKOFF_MS);
+		}
+	}
+	if (!acquired) throw new LockBusyError();
+	try {
+		return await fn();
+	} finally {
+		if (readFileTrimmedOrEmpty(join(cfg.lockDir, "owner")) === ownerToken) cleanupLockDir(cfg.lockDir);
+	}
+}
+/**
+* Persist a payload to the spool directory using a tmp+rename so that
+* a partially-written file is never visible to the drainer. Returns
+* true on success, false on any I/O failure.
+*/
+function spoolPayload(payload) {
+	const dir = spoolDir();
+	try {
+		mkdirSync(dir, { recursive: true });
+	} catch {
+		logHookFailure("codemem claude-hook-ingest failed to create spool dir");
+		return false;
+	}
+	const payloadText = JSON.stringify(payload);
+	const tmpPath = join(dir, `.hook-tmp-${process.pid}-${Date.now()}-${randomInt(1e3, 1e4)}.json`);
+	try {
+		writeFileSync(tmpPath, payloadText, { encoding: "utf8" });
+	} catch {
+		logHookFailure("codemem claude-hook-ingest failed to allocate spool temp file");
+		return false;
+	}
+	const finalPath = join(dir, `hook-${Math.floor(Date.now() / 1e3)}-${process.pid}-${randomInt(1e3, 1e4)}.json`);
+	try {
+		renameSync(tmpPath, finalPath);
+	} catch {
+		try {
+			unlinkSync(tmpPath);
+		} catch {}
+		logHookFailure("codemem claude-hook-ingest failed to spool payload");
+		return false;
+	}
+	logHookFailure(`codemem claude-hook-ingest spooled payload: ${finalPath}`);
+	return true;
+}
+/**
+* Promote any `.hook-tmp-*.json` files older than `ttlSeconds` to a
+* recovered name so they are picked up by the next drain. Caller is
+* responsible for passing the same TTL used by lock acquisition so
+* that an in-flight write inside an active locked region is never
+* mistaken for a crashed-writer leftover.
+*/
+function recoverStaleTmpSpool(ttlSeconds) {
+	const dir = spoolDir();
+	try {
+		mkdirSync(dir, { recursive: true });
+	} catch {
+		return;
+	}
+	let entries;
+	try {
+		entries = readdirSync(dir);
+	} catch {
+		return;
+	}
+	const nowS = Date.now() / 1e3;
+	for (const name of entries) {
+		if (!name.startsWith(".hook-tmp-") || !name.endsWith(".json")) continue;
+		const tmpPath = join(dir, name);
+		let mtimeS;
+		try {
+			mtimeS = statSync(tmpPath).mtimeMs / 1e3;
+		} catch {
+			continue;
+		}
+		if (nowS - mtimeS <= ttlSeconds) continue;
+		const recoveredPath = join(dir, `hook-recovered-${Math.floor(nowS)}-${process.pid}-${randomInt(1e3, 1e4)}.json`);
+		try {
+			renameSync(tmpPath, recoveredPath);
+			logHookFailure(`codemem claude-hook-ingest recovered stale temp spool payload: ${recoveredPath}`);
+		} catch {}
+	}
+}
+/**
+* Move a permanently-broken spool entry out of the queue so that it
+* stops being picked up by future drains. The entry is renamed in
+* place with a `.bad-<reason>-` prefix so an operator can inspect or
+* delete it manually.
+*/
+function quarantineSpoolEntry(dir, name, reason) {
+	const sourcePath = join(dir, name);
+	const quarantineName = `.bad-${reason}-${Date.now()}-${randomInt(1e3, 1e4)}-${name}`;
+	try {
+		renameSync(sourcePath, join(dir, quarantineName));
+		logHookFailure(`codemem claude-hook-ingest quarantined corrupt spool payload (${reason}): ${quarantineName}`);
+	} catch {
+		try {
+			unlinkSync(sourcePath);
+			logHookFailure(`codemem claude-hook-ingest dropped corrupt spool payload (${reason}): ${name}`);
+		} catch {}
+	}
+}
+/**
+* Process every queued payload in the spool directory in lexicographic
+* order (which approximates oldest-first because filenames embed the
+* second-precision creation timestamp). The handler returns true to
+* indicate the payload has been durably accepted; only then is the
+* spool entry deleted. Failed entries are left on disk for the next
+* drain attempt.
+*/
+async function drainSpool(handler) {
+	const dir = spoolDir();
+	try {
+		mkdirSync(dir, { recursive: true });
+	} catch {
+		return {
+			processed: 0,
+			failed: 0
+		};
+	}
+	let entries;
+	try {
+		entries = readdirSync(dir);
+	} catch {
+		return {
+			processed: 0,
+			failed: 0
+		};
+	}
+	const queued = entries.filter((name) => name.endsWith(".json") && !name.startsWith(".hook-tmp-") && !name.startsWith(".bad-")).sort();
+	const result = {
+		processed: 0,
+		failed: 0
+	};
+	for (const name of queued) {
+		const path = join(dir, name);
+		let raw;
+		try {
+			raw = readFileSync(path, "utf8");
+		} catch {
+			logHookFailure(`codemem claude-hook-ingest failed to read spooled payload: ${path}`);
+			result.failed++;
+			continue;
+		}
+		let parsed;
+		try {
+			parsed = JSON.parse(raw);
+		} catch {
+			quarantineSpoolEntry(dir, name, "parse-error");
+			result.failed++;
+			continue;
+		}
+		if (parsed == null || typeof parsed !== "object" || Array.isArray(parsed)) {
+			quarantineSpoolEntry(dir, name, "wrong-shape");
+			continue;
+		}
+		let ok = false;
+		try {
+			ok = await handler(parsed);
+		} catch {
+			ok = false;
+		}
+		if (ok) try {
+			unlinkSync(path);
+			result.processed++;
+		} catch {}
+		else {
+			logHookFailure(`codemem claude-hook-ingest failed processing spooled payload: ${path}`);
+			result.failed++;
+		}
+	}
+	return result;
+}
+/**
+* Whether the boundary-flush write-through should run for this hook
+* payload. SessionEnd defaults to forcing a flush; Stop only flushes
+* when both CODEMEM_CLAUDE_HOOK_FLUSH and CODEMEM_CLAUDE_HOOK_FLUSH_ON_STOP
+* are truthy.
+*/
+function shouldForceBoundaryFlush(payload) {
+	const eventName = typeof payload.hook_event_name === "string" ? payload.hook_event_name.trim() : "";
+	if (eventName !== "Stop" && eventName !== "SessionEnd") return false;
+	if (eventName === "SessionEnd") return envTruthy$1("CODEMEM_CLAUDE_HOOK_FLUSH", true);
+	if (!envTruthy$1("CODEMEM_CLAUDE_HOOK_FLUSH", false)) return false;
+	return envTruthy$1("CODEMEM_CLAUDE_HOOK_FLUSH_ON_STOP", false);
+}
+/**
+* Returns the configured lock TTL so callers (`claude-hook-ingest`)
+* can pass the same value to `recoverStaleTmpSpool` without re-reading
+* the env.
+*/
+function lockTtlSeconds() {
+	return lockConfig().ttlSeconds;
+}
+//#endregion
+//#region src/commands/claude-hook-session-state.ts
+/**
+* Session-state tracking for Claude Code hook commands.
+*
+* Persists per-session signal (first prompt, latest prompt, recently
+* modified files) to disk so that retrieval inside `claude-hook-inject`
+* can build a query richer than the bare current prompt and so that
+* file-locality boosts can target files the user just edited.
+*/
+var MAX_FILES_MODIFIED = 64;
+var MAX_WORKING_SET_PATHS = 8;
+var MAX_QUERY_CHARS = 500;
+var MAX_QUERY_FILE_BASENAMES = 5;
+var MUTATING_TOOL_NAMES = new Set([
+	"edit",
+	"write",
+	"multiedit",
+	"notebookedit",
+	"apply_patch"
+]);
+var APPLY_PATCH_PATH_PREFIXES = [
+	"*** Add File: ",
+	"*** Update File: ",
+	"*** Delete File: "
+];
+function defaultSessionState() {
+	return {
+		first_prompt: "",
+		last_prompt: "",
+		files_modified: [],
+		updated_at: ""
+	};
+}
+function expandHome(value) {
+	if (value === "~") return homedir();
+	if (value.startsWith("~/")) return join(homedir(), value.slice(2));
+	return value;
+}
+function contextDir() {
+	const override = process.env.CODEMEM_CLAUDE_HOOK_CONTEXT_DIR;
+	return expandHome(override?.trim() ? override : "~/.codemem/claude-hook-context");
+}
+function statePathForSession(sessionId) {
+	const digest = createHash("sha1").update(sessionId).digest("hex").slice(0, 16);
+	return join(contextDir(), `${digest}.json`);
+}
+/**
+* Normalize a prompt-shaped payload field: drop non-strings, trim
+* leading/trailing whitespace, and collapse newlines to spaces so that
+* prompts compared across the inject + ingest paths and across turns
+* within a session use the same canonical form.
+*/
+function normalizePromptText(value) {
+	if (typeof value !== "string") return "";
+	return value.trim().replace(/\n/g, " ");
+}
+function normalizeStringList(value, cap) {
+	if (!Array.isArray(value)) return [];
+	const out = [];
+	for (const item of value) {
+		if (typeof item !== "string") continue;
+		const trimmed = item.trim();
+		if (trimmed) out.push(trimmed);
+	}
+	return out.slice(0, cap);
+}
+function loadSessionState(sessionId) {
+	const path = statePathForSession(sessionId);
+	if (!existsSync(path)) return defaultSessionState();
+	try {
+		const raw = readFileSync(path, "utf8");
+		const parsed = JSON.parse(raw);
+		if (parsed == null || typeof parsed !== "object" || Array.isArray(parsed)) return defaultSessionState();
+		const obj = parsed;
+		return {
+			first_prompt: typeof obj.first_prompt === "string" ? obj.first_prompt.trim() : "",
+			last_prompt: typeof obj.last_prompt === "string" ? obj.last_prompt.trim() : "",
+			files_modified: normalizeStringList(obj.files_modified, MAX_FILES_MODIFIED),
+			updated_at: typeof obj.updated_at === "string" ? obj.updated_at.trim() : ""
+		};
+	} catch {
+		return defaultSessionState();
+	}
+}
+function nowIso() {
+	return (/* @__PURE__ */ new Date()).toISOString();
+}
+function saveSessionState(sessionId, state) {
+	mkdirSync(contextDir(), { recursive: true });
+	const path = statePathForSession(sessionId);
+	const tmpPath = `${path}.tmp`;
+	const payload = {
+		first_prompt: String(state.first_prompt ?? ""),
+		last_prompt: String(state.last_prompt ?? ""),
+		files_modified: normalizeStringList(state.files_modified, MAX_FILES_MODIFIED),
+		updated_at: String(state.updated_at ?? "")
+	};
+	writeFileSync(tmpPath, JSON.stringify(payload), { encoding: "utf8" });
+	renameSync(tmpPath, path);
+}
+function clearSessionState(sessionId) {
+	const path = statePathForSession(sessionId);
+	try {
+		rmSync(path, { force: true });
+	} catch {}
+}
+function extractApplyPatchPaths(patchText) {
+	const out = [];
+	for (const line of patchText.split("\n")) for (const prefix of APPLY_PATCH_PATH_PREFIXES) if (line.startsWith(prefix)) {
+		const path = line.slice(prefix.length).trim();
+		if (path) out.push(path);
+	}
+	return out;
+}
+function extractModifiedPathsFromHook(payload) {
+	const toolName = String(payload.tool_name ?? "").trim().toLowerCase();
+	if (!MUTATING_TOOL_NAMES.has(toolName)) return [];
+	const toolInput = payload.tool_input;
+	if (toolInput == null || typeof toolInput !== "object" || Array.isArray(toolInput)) return [];
+	const obj = toolInput;
+	const collected = [];
+	for (const key of [
+		"filePath",
+		"file_path",
+		"path"
+	]) {
+		const value = obj[key];
+		if (typeof value === "string") {
+			const trimmed = value.trim();
+			if (trimmed) collected.push(trimmed);
+		}
+	}
+	if (toolName === "apply_patch") {
+		const patchText = (typeof obj.patchText === "string" && obj.patchText.trim() ? obj.patchText : null) ?? (typeof obj.patch === "string" ? obj.patch : null);
+		if (patchText?.trim()) collected.push(...extractApplyPatchPaths(patchText));
+	}
+	const seen = /* @__PURE__ */ new Set();
+	const ordered = [];
+	for (const path of collected) {
+		if (seen.has(path)) continue;
+		seen.add(path);
+		ordered.push(path);
+	}
+	return ordered;
+}
+/**
+* Update the on-disk session state for a hook payload and return the
+* resulting state. Returns null when the payload has no usable session_id
+* or when SessionEnd just cleared the state. Failures are swallowed —
+* hook commands must never crash on state I/O errors.
+*/
+function trackHookSessionState(payload) {
+	const sessionRaw = payload.session_id;
+	if (typeof sessionRaw !== "string") return null;
+	const sessionId = sessionRaw.trim();
+	if (!sessionId) return null;
+	const hookEventName = typeof payload.hook_event_name === "string" ? payload.hook_event_name.trim() : "";
+	if (hookEventName === "SessionEnd") {
+		clearSessionState(sessionId);
+		return null;
+	}
+	const state = loadSessionState(sessionId);
+	let changed = false;
+	if (hookEventName === "UserPromptSubmit") {
+		const prompt = normalizePromptText(payload.prompt);
+		if (prompt) {
+			if (!state.first_prompt) {
+				state.first_prompt = prompt;
+				changed = true;
+			}
+			if (state.last_prompt !== prompt) {
+				state.last_prompt = prompt;
+				changed = true;
+			}
+		}
+	} else if (hookEventName === "PostToolUse" || hookEventName === "PostToolUseFailure") {
+		const existing = state.files_modified.filter((path) => path.trim().length > 0);
+		const seen = new Set(existing);
+		for (const path of extractModifiedPathsFromHook(payload)) {
+			if (seen.has(path)) continue;
+			existing.push(path);
+			seen.add(path);
+			changed = true;
+		}
+		state.files_modified = existing.slice(-MAX_FILES_MODIFIED);
+	}
+	if (changed) {
+		state.updated_at = nowIso();
+		try {
+			saveSessionState(sessionId, state);
+		} catch {}
+	}
+	return state;
+}
+function pathBasename(value) {
+	const normalized = value.replace(/\\/g, "/").replace(/\/+$/, "");
+	if (!normalized) return "";
+	const parts = normalized.split("/");
+	return parts[parts.length - 1] ?? "";
+}
+/**
+* Compose a retrieval query that combines the original session intent,
+* the current prompt, the project, and recent modified file basenames.
+* Caps the result at 500 characters.
+*/
+function buildInjectQuery(args) {
+	const parts = [];
+	const firstPrompt = args.state ? normalizePromptText(args.state.first_prompt) : "";
+	const filesModified = args.state ? args.state.files_modified.filter((item) => item.trim().length > 0) : [];
+	if (firstPrompt) parts.push(firstPrompt);
+	if (args.prompt && args.prompt !== firstPrompt && args.prompt.length > 5) parts.push(args.prompt);
+	if (args.project) parts.push(args.project);
+	if (filesModified.length > 0) {
+		const names = filesModified.slice(-MAX_QUERY_FILE_BASENAMES).map(pathBasename).filter((name) => name.length > 0);
+		if (names.length > 0) parts.push(names.join(" "));
+	}
+	if (parts.length === 0) return "recent work";
+	const query = parts.join(" ");
+	return query.length > MAX_QUERY_CHARS ? query.slice(0, MAX_QUERY_CHARS) : query;
+}
+/** Return the working set paths (last N modified files) for pack filters. */
+function workingSetPathsFromState(state) {
+	if (!state) return [];
+	return state.files_modified.filter((path) => path.trim().length > 0).slice(-MAX_WORKING_SET_PATHS);
+}
+//#endregion
 //#region src/commands/claude-hook-ingest.ts
 /**
 * codemem claude-hook-ingest — read a single Claude Code hook payload
 * from stdin and enqueue it for processing.
 *
-* Ports codemem/commands/claude_hook_runtime_cmds.py with an HTTP-first
-* strategy: try POST /api/claude-hooks (viewer must be running), then
-* fall back to direct raw-event enqueue via the local store.
+* HTTP-first strategy: POST to the running viewer's /api/claude-hooks
+* endpoint, then fall back to direct raw-event enqueue via the local
+* store when the viewer is unreachable.
 *
 * Usage (from Claude hooks config):
 *   echo '{"hook_event_name":"Stop","session_id":"...","last_assistant_message":"..."}' \
@@ -96,7 +769,14 @@ function emitStructuredError$1(errorCode, message) {
 	}));
 	process.exitCode = 1;
 }
-/** Try to POST the hook payload to the running viewer server. */
+/** Try to POST the hook payload to the running viewer server.
+*
+* Returns `ok: true` only when the viewer accepted the payload AND
+* actually inserted it. The viewer may legitimately accept a request
+* but report `skipped > 0` when the payload was deduped or otherwise
+* rejected after parse — those cases must trigger the locked
+* fallback so the durability layer can decide whether to spool.
+*/
 async function tryHttpIngest(payload, host, port) {
 	const url = `http://${host}:${port}/api/claude-hooks`;
 	const controller = new AbortController();
@@ -113,11 +793,46 @@ async function tryHttpIngest(payload, host, port) {
 			inserted: 0,
 			skipped: 0
 		};
-		const body = await res.json();
+		let body;
+		try {
+			body = await res.json();
+		} catch {
+			logHookFailure("codemem claude-hook-ingest HTTP accepted with invalid response body");
+			return {
+				ok: false,
+				inserted: 0,
+				skipped: 0
+			};
+		}
+		if (body == null || typeof body !== "object" || Array.isArray(body)) {
+			logHookFailure("codemem claude-hook-ingest HTTP accepted with invalid response type");
+			return {
+				ok: false,
+				inserted: 0,
+				skipped: 0
+			};
+		}
+		const obj = body;
+		if (typeof obj.inserted !== "number" || typeof obj.skipped !== "number") {
+			logHookFailure("codemem claude-hook-ingest HTTP accepted with unexpected response body");
+			return {
+				ok: false,
+				inserted: 0,
+				skipped: 0
+			};
+		}
+		if (obj.skipped > 0) {
+			logHookFailure("codemem claude-hook-ingest HTTP accepted but skipped payload");
+			return {
+				ok: false,
+				inserted: obj.inserted,
+				skipped: obj.skipped
+			};
+		}
 		return {
 			ok: true,
-			inserted: Number(body.inserted ?? 0),
-			skipped: Number(body.skipped ?? 0)
+			inserted: obj.inserted,
+			skipped: obj.skipped
 		};
 	} catch {
 		return {
@@ -174,31 +889,175 @@ function directEnqueue(payload, dbPath) {
 	}
 }
 /**
-* Ingest one Claude hook payload using the TS contract:
-* HTTP enqueue first, then direct local enqueue fallback.
+* Best-effort boundary flush: write the payload through to the local
+* store (so the just-fired SessionEnd / Stop event is durable in
+* raw_events) and then run a synchronous flushRawEvents pass so that
+* the latest memories are extracted before the hook process exits and
+* the user closes their terminal.
 *
-* This path intentionally does not implement file-spool/lock durability.
+* Any failure here \u2014 observer construction, store I/O, flush errors,
+* or simply running without observer credentials \u2014 is logged to
+* `~/.codemem/plugin.log` and swallowed. The hook command must never
+* crash on a boundary flush failure.
+*/
+async function flushBoundaryRawEvents(payload, dbPath) {
+	const envelope = buildRawEventEnvelopeFromHook(payload);
+	if (!envelope) return;
+	let observer;
+	try {
+		observer = new ObserverClient();
+	} catch (err) {
+		logHookFailure(`codemem claude-hook-ingest boundary flush observer init failed: ${err instanceof Error ? err.message : String(err)}`);
+		return;
+	}
+	let store;
+	try {
+		store = new MemoryStore(dbPath);
+	} catch (err) {
+		logHookFailure(`codemem claude-hook-ingest boundary flush store init failed: ${err instanceof Error ? err.message : String(err)}`);
+		return;
+	}
+	try {
+		await flushRawEvents(store, { observer }, {
+			opencodeSessionId: envelope.session_stream_id,
+			source: envelope.source,
+			cwd: envelope.cwd ?? null,
+			project: envelope.project ?? null,
+			startedAt: envelope.started_at ?? null,
+			maxEvents: null
+		});
+	} catch (err) {
+		logHookFailure(`codemem claude-hook-ingest boundary flush raw events failed: ${err instanceof Error ? err.message : String(err)}`);
+	} finally {
+		store.close();
+	}
+}
+/**
+* Ingest one Claude hook payload using the TS contract:
+* HTTP enqueue first, then locked drain + retry + direct fallback +
+* disk spool durability.
 */
 async function ingestClaudeHookPayload(payload, opts, deps = {}) {
 	const httpIngest = deps.httpIngest ?? tryHttpIngest;
 	const directIngest = deps.directIngest ?? directEnqueue;
 	const resolveDb = deps.resolveDb ?? resolveDbPath;
+	const boundaryFlush = deps.boundaryFlush ?? flushBoundaryRawEvents;
+	try {
+		trackHookSessionState(payload);
+	} catch {}
 	const port = typeof opts.port === "number" ? opts.port : Number.parseInt(opts.port, 10);
-	const httpResult = await httpIngest(payload, opts.host, port);
-	if (httpResult.ok) return {
-		inserted: httpResult.inserted,
-		skipped: httpResult.skipped,
-		via: "http"
+	let cachedDbPath = null;
+	const getDbPath = () => {
+		if (cachedDbPath === null) cachedDbPath = resolveDb(resolveDbOpt(opts));
+		return cachedDbPath;
 	};
-	return {
-		...directIngest(payload, resolveDb(resolveDbOpt(opts))),
-		via: "direct"
+	const tryDirectFallback = (queued) => {
+		try {
+			return {
+				ok: true,
+				result: directIngest(queued, getDbPath())
+			};
+		} catch (err) {
+			logHookFailure(`codemem claude-hook-ingest direct fallback failed: ${err instanceof Error ? err.message : String(err)}`);
+			return { ok: false };
+		}
+	};
+	const flushOnBoundaryIfRequested = async () => {
+		if (!shouldForceBoundaryFlush(payload)) return;
+		try {
+			directIngest(payload, getDbPath());
+		} catch (err) {
+			logHookFailure(`codemem claude-hook-ingest boundary flush direct write failed: ${err instanceof Error ? err.message : String(err)}`);
+		}
+		try {
+			await boundaryFlush(payload, getDbPath());
+		} catch (err) {
+			logHookFailure(`codemem claude-hook-ingest boundary flush failed: ${err instanceof Error ? err.message : String(err)}`);
+		}
 	};
+	const drainBacklogIfPresent = async () => {
+		if (!hasSpooledEntries()) return;
+		try {
+			await withClaudeHookIngestLock(async () => {
+				recoverStaleTmpSpool(lockTtlSeconds());
+				await drainSpool(async (queuedPayload) => {
+					if ((await httpIngest(queuedPayload, opts.host, port)).ok) return true;
+					return tryDirectFallback(queuedPayload).ok;
+				});
+			});
+		} catch (err) {
+			if (err instanceof LockBusyError) return;
+			logHookFailure(`codemem claude-hook-ingest backlog drain failed: ${err instanceof Error ? err.message : String(err)}`);
+		}
+	};
+	const httpResult = await httpIngest(payload, opts.host, port);
+	if (httpResult.ok) {
+		await flushOnBoundaryIfRequested();
+		await drainBacklogIfPresent();
+		return {
+			inserted: httpResult.inserted,
+			skipped: httpResult.skipped,
+			via: "http"
+		};
+	}
+	try {
+		return await withClaudeHookIngestLock(async () => {
+			recoverStaleTmpSpool(lockTtlSeconds());
+			await drainSpool(async (queuedPayload) => {
+				if ((await httpIngest(queuedPayload, opts.host, port)).ok) return true;
+				return tryDirectFallback(queuedPayload).ok;
+			});
+			const secondHttp = await httpIngest(payload, opts.host, port);
+			if (secondHttp.ok) {
+				await flushOnBoundaryIfRequested();
+				return {
+					inserted: secondHttp.inserted,
+					skipped: secondHttp.skipped,
+					via: "http"
+				};
+			}
+			const direct = tryDirectFallback(payload);
+			if (direct.ok) {
+				await flushOnBoundaryIfRequested();
+				return {
+					...direct.result,
+					via: "direct"
+				};
+			}
+			if (spoolPayload(payload)) return {
+				inserted: 0,
+				skipped: 0,
+				via: "spool"
+			};
+			logHookFailure("codemem claude-hook-ingest failed: fallback and spool failed");
+			throw new Error("claude-hook-ingest: fallback and spool both failed");
+		});
+	} catch (err) {
+		if (!(err instanceof LockBusyError)) throw err;
+		logHookFailure("codemem claude-hook-ingest lock busy; trying unlocked fallback");
+		const direct = tryDirectFallback(payload);
+		if (direct.ok) return {
+			...direct.result,
+			via: "direct"
+		};
+		if (spoolPayload(payload)) return {
+			inserted: 0,
+			skipped: 0,
+			via: "spool_lock_busy"
+		};
+		logHookFailure("codemem claude-hook-ingest failed: unlocked fallback and spool failed");
+		throw err;
+	}
 }
 var claudeHookCmd = new Command("claude-hook-ingest").configureHelp(helpStyle).description("Ingest Claude hook payload: HTTP first, direct DB fallback");
 addDbOption(claudeHookCmd);
 addViewerHostOptions(claudeHookCmd);
+function envTruthyValue(value) {
+	const normalized = String(value ?? "").trim().toLowerCase();
+	return normalized === "1" || normalized === "true" || normalized === "yes" || normalized === "on";
+}
 var claudeHookIngestCommand = claudeHookCmd.action(async (opts) => {
+	if (envTruthyValue(process.env.CODEMEM_PLUGIN_IGNORE)) return;
 	let raw;
 	try {
 		raw = readFileSync(0, "utf8").trim();
@@ -231,6 +1090,7 @@ var claudeHookIngestCommand = claudeHookCmd.action(async (opts) => {
 });
 //#endregion
 //#region src/commands/claude-hook-inject.ts
+var HOOK_EVENT_NAME = "UserPromptSubmit";
 var DEFAULT_VIEWER_HOST = "127.0.0.1";
 var DEFAULT_VIEWER_PORT = 38888;
 var DEFAULT_MAX_CHARS = 16e3;
@@ -242,6 +1102,10 @@ function envNotDisabled(value) {
 	const normalized = String(value ?? "").trim().toLowerCase();
 	return normalized !== "0" && normalized !== "false" && normalized !== "off";
 }
+function envTruthy(value) {
+	const normalized = String(value ?? "").trim().toLowerCase();
+	return normalized === "1" || normalized === "true" || normalized === "yes" || normalized === "on";
+}
 function parsePositiveInt$1(value, fallback) {
 	const parsed = Number.parseInt(String(value ?? ""), 10);
 	if (!Number.isFinite(parsed) || parsed <= 0) return fallback;
@@ -251,28 +1115,32 @@ function continueResult(additionalContext) {
 	if (!additionalContext) return { continue: true };
 	return {
 		continue: true,
-		hookSpecificOutput: { additionalContext }
+		hookSpecificOutput: {
+			hookEventName: HOOK_EVENT_NAME,
+			additionalContext
+		}
 	};
 }
 function truncateAdditionalContext(text, maxChars) {
 	const normalized = text.trim();
 	if (!normalized) return "";
 	if (!Number.isFinite(maxChars) || maxChars <= 0 || normalized.length <= maxChars) return normalized;
-	return normalized.slice(0, maxChars);
+	return `${normalized.slice(0, maxChars).trimEnd()}\n\n[pack truncated]`;
 }
 function extractInjectContext(payload) {
-	return String(payload.prompt ?? "").trim() || null;
+	return normalizePromptText(payload.prompt) || null;
 }
 function resolveInjectProject(payload) {
 	return resolveHookProject(typeof payload.cwd === "string" ? payload.cwd : null, payload.project);
 }
-async function buildLocalPack(context, project, dbPath) {
+async function buildLocalPack(context, project, dbPath, workingSetPaths = []) {
 	const store = new MemoryStore(dbPath);
 	try {
 		const limit = parsePositiveInt$1(process.env.CODEMEM_INJECT_LIMIT, 8);
 		const budget = parsePositiveInt$1(process.env.CODEMEM_INJECT_TOKEN_BUDGET, 800);
 		const filters = {};
 		if (project) filters.project = project;
+		if (workingSetPaths.length > 0) filters.working_set_paths = workingSetPaths;
 		const pack = await store.buildMemoryPackAsync(context, limit, budget, filters);
 		return String(pack.pack_text ?? "").trim();
 	} finally {
@@ -301,22 +1169,36 @@ async function tryHttpPack(context, project, maxTimeMs = DEFAULT_HTTP_MAX_TIME_S
 	}
 }
 async function buildClaudeHookInjection(payload, opts, deps = {}) {
+	if (envTruthy(process.env.CODEMEM_PLUGIN_IGNORE)) return continueResult();
 	if (!envNotDisabled(process.env.CODEMEM_INJECT_CONTEXT || "1")) return continueResult();
-	const context = extractInjectContext(payload);
-	if (!context) return continueResult();
+	let state = null;
+	try {
+		state = trackHookSessionState(payload);
+	} catch {
+		state = null;
+	}
+	const promptText = extractInjectContext(payload);
+	if (!promptText) return continueResult();
 	const buildPack = deps.buildLocalPack ?? buildLocalPack;
 	const httpPack = deps.httpPack ?? tryHttpPack;
 	const resolveDb = deps.resolveDb ?? resolveDbPath;
 	const project = resolveInjectProject(payload);
+	const query = buildInjectQuery({
+		prompt: promptText,
+		project,
+		state
+	});
+	const workingSetPaths = workingSetPathsFromState(state);
 	const maxChars = parsePositiveInt$1(process.env.CODEMEM_INJECT_MAX_CHARS, DEFAULT_MAX_CHARS);
 	const httpMaxTimeMs = parsePositiveInt$1(process.env.CODEMEM_INJECT_HTTP_MAX_TIME_S, DEFAULT_HTTP_MAX_TIME_S) * 1e3;
 	let additionalContext = "";
 	try {
-		additionalContext = await buildPack(context, project, resolveDb(resolveDbOpt(opts)));
-	} catch {
+		additionalContext = await buildPack(query, project, resolveDb(resolveDbOpt(opts)), workingSetPaths);
+	} catch (err) {
 		additionalContext = "";
+		logHookFailure(`codemem claude-hook-inject local pack failed: ${err instanceof Error ? err.message : String(err)}`);
 	}
-	if (!additionalContext && envNotDisabled(process.env.CODEMEM_INJECT_HTTP_FALLBACK || "1")) additionalContext = await httpPack(context, project, httpMaxTimeMs);
+	if (!additionalContext && envNotDisabled(process.env.CODEMEM_INJECT_HTTP_FALLBACK || "1")) additionalContext = await httpPack(query, project, httpMaxTimeMs);
 	return continueResult(truncateAdditionalContext(additionalContext, maxChars));
 }
 var claudeHookInjectCmd = new Command("claude-hook-inject").configureHelp(helpStyle).description("Return Claude hook additionalContext from local pack generation");