context-mode 1.0.103 → 1.0.105

package/build/session/db.js

@@ -19,31 +19,46 @@ import { execFileSync } from "node:child_process";
  * (useful in CI environments or when git is unavailable).
  * Set to empty string to disable isolation entirely.
  */
+// Memoized per (cwd, env override) — recomputing on every tool call cost
+// ~12ms (git worktree list subprocess fork) on macOS, 50ms+ on Windows.
+// Key by cwd so a defensive `process.chdir()` invalidates rather than
+// returning stale data.
+let _wtCache;
 export function getWorktreeSuffix() {
     const envSuffix = process.env.CONTEXT_MODE_SESSION_SUFFIX;
+    const cwd = process.cwd();
+    if (_wtCache && _wtCache.cwd === cwd && _wtCache.envSuffix === envSuffix) {
+        return _wtCache.suffix;
+    }
+    let suffix = "";
     if (envSuffix !== undefined) {
-        return envSuffix ? `__${envSuffix}` : "";
+        suffix = envSuffix ? `__${envSuffix}` : "";
     }
-    try {
-        const cwd = process.cwd();
-        const mainWorktree = execFileSync("git", ["worktree", "list", "--porcelain"], {
-            encoding: "utf-8",
-            timeout: 2000,
-            stdio: ["ignore", "pipe", "ignore"],
-        })
-            .split(/\r?\n/)
-            .find((l) => l.startsWith("worktree "))
-            ?.replace("worktree ", "")
-            ?.trim();
-        if (mainWorktree && cwd !== mainWorktree) {
-            const suffix = createHash("sha256").update(cwd).digest("hex").slice(0, 8);
-            return `__${suffix}`;
+    else {
+        try {
+            const mainWorktree = execFileSync("git", ["worktree", "list", "--porcelain"], {
+                encoding: "utf-8",
+                timeout: 2000,
+                stdio: ["ignore", "pipe", "ignore"],
+            })
+                .split(/\r?\n/)
+                .find((l) => l.startsWith("worktree "))
+                ?.replace("worktree ", "")
+                ?.trim();
+            if (mainWorktree && cwd !== mainWorktree) {
+                suffix = `__${createHash("sha256").update(cwd).digest("hex").slice(0, 8)}`;
+            }
+        }
+        catch {
+            // git not available or not a git repo — no suffix
         }
     }
-    catch {
-        // git not available or not a git repo — no suffix
-    }
-    return "";
+    _wtCache = { cwd, envSuffix, suffix };
+    return suffix;
+}
+// Test-only helper: clear the memoization between cases.
+export function _resetWorktreeSuffixCacheForTests() {
+    _wtCache = undefined;
 }
 // ─────────────────────────────────────────────────────────
 // Constants
@@ -72,11 +87,15 @@ const S = {
     upsertResume: "upsertResume",
     getResume: "getResume",
     markResumeConsumed: "markResumeConsumed",
+    claimLatestUnconsumedResume: "claimLatestUnconsumedResume",
     deleteEvents: "deleteEvents",
     deleteMeta: "deleteMeta",
     deleteResume: "deleteResume",
     getOldSessions: "getOldSessions",
     searchEvents: "searchEvents",
+    incrementToolCall: "incrementToolCall",
+    getToolCallTotals: "getToolCallTotals",
+    getToolCallByTool: "getToolCallByTool",
 };
 // ─────────────────────────────────────────────────────────
 // SessionDB
@@ -140,6 +159,17 @@ export class SessionDB extends SQLiteBase {
         created_at TEXT NOT NULL DEFAULT (datetime('now')),
         consumed INTEGER NOT NULL DEFAULT 0
       );
+
+      CREATE TABLE IF NOT EXISTS tool_calls (
+        session_id TEXT NOT NULL,
+        tool TEXT NOT NULL,
+        calls INTEGER NOT NULL DEFAULT 0,
+        bytes_returned INTEGER NOT NULL DEFAULT 0,
+        updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+        PRIMARY KEY (session_id, tool)
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_tool_calls_session ON tool_calls(session_id);
     `);
         // Migration: add per-event attribution columns for existing DBs.
         try {
@@ -222,6 +252,19 @@ export class SessionDB extends SQLiteBase {
          consumed = 0`);
         p(S.getResume, `SELECT snapshot, event_count, consumed FROM session_resume WHERE session_id = ?`);
         p(S.markResumeConsumed, `UPDATE session_resume SET consumed = 1 WHERE session_id = ?`);
+        // Atomic "pick newest unconsumed snapshot AND mark it consumed in one
+        // statement". Required for race-safe cross-session resume injection
+        // (Mickey / PR #376) — two parallel chat-turn hooks must not both read
+        // the same row before either one writes consumed=1.
+        p(S.claimLatestUnconsumedResume, `UPDATE session_resume
+       SET consumed = 1
+       WHERE id = (
+         SELECT id FROM session_resume
+         WHERE consumed = 0
+         ORDER BY created_at DESC, id DESC
+         LIMIT 1
+       )
+       RETURNING session_id, snapshot`);
         // ── Delete ──
         p(S.deleteEvents, `DELETE FROM session_events WHERE session_id = ?`);
         p(S.deleteMeta, `DELETE FROM session_meta WHERE session_id = ?`);
@@ -236,6 +279,18 @@ export class SessionDB extends SQLiteBase {
        LIMIT ?`);
         // ── Cleanup ──
         p(S.getOldSessions, `SELECT session_id FROM session_meta WHERE started_at < datetime('now', ? || ' days')`);
+        // ── Tool calls (persistent counter) ──
+        p(S.incrementToolCall, `INSERT INTO tool_calls (session_id, tool, calls, bytes_returned)
+       VALUES (?, ?, 1, ?)
+       ON CONFLICT(session_id, tool) DO UPDATE SET
+         calls = calls + 1,
+         bytes_returned = bytes_returned + excluded.bytes_returned,
+         updated_at = datetime('now')`);
+        p(S.getToolCallTotals, `SELECT COALESCE(SUM(calls), 0) AS calls,
+              COALESCE(SUM(bytes_returned), 0) AS bytes_returned
+       FROM tool_calls WHERE session_id = ?`);
+        p(S.getToolCallByTool, `SELECT tool, calls, bytes_returned
+       FROM tool_calls WHERE session_id = ? ORDER BY calls DESC`);
     }
     // ═══════════════════════════════════════════
     // Events
@@ -287,6 +342,60 @@ export class SessionDB extends SQLiteBase {
         });
         this.withRetry(() => transaction());
     }
+    /**
+     * Bulk-insert N events in a SINGLE transaction.
+     *
+     * PostToolUse hooks emit 5–15 events per tool call. Calling insertEvent()
+     * in a loop runs N transactions = N WAL commits = N fsync candidates,
+     * which is painful on Windows NTFS where commit latency dominates.
+     * One transaction = one commit, dedup/evict checks reuse cached statements.
+     *
+     * Cross-platform: uses the same WAL-mode transaction primitive as
+     * insertEvent — behavior identical on macOS / Linux / Windows.
+     */
+    bulkInsertEvents(sessionId, events, sourceHook = "PostToolUse", attributions) {
+        if (!events || events.length === 0)
+            return;
+        if (events.length === 1) {
+            // Cheaper to fall through to insertEvent (its own dedicated transaction).
+            this.insertEvent(sessionId, events[0], sourceHook, attributions?.[0]);
+            return;
+        }
+        // Pre-compute hashes + normalized attribution outside the transaction
+        // so the SQL transaction holds only DB work (shorter lock window).
+        const prepared = events.map((event, i) => {
+            const dataHash = createHash("sha256")
+                .update(event.data)
+                .digest("hex")
+                .slice(0, 16)
+                .toUpperCase();
+            const attribution = attributions?.[i];
+            const projectDir = String(attribution?.projectDir ?? event.project_dir ?? "").trim();
+            const attributionSource = String(attribution?.source ?? event.attribution_source ?? "unknown");
+            const rawConfidence = Number(attribution?.confidence ?? event.attribution_confidence ?? 0);
+            const attributionConfidence = Number.isFinite(rawConfidence)
+                ? Math.max(0, Math.min(1, rawConfidence))
+                : 0;
+            return { event, dataHash, projectDir, attributionSource, attributionConfidence };
+        });
+        const transaction = this.db.transaction(() => {
+            let cnt = this.stmt(S.getEventCount).get(sessionId).cnt;
+            for (const row of prepared) {
+                const dup = this.stmt(S.checkDuplicate).get(sessionId, DEDUP_WINDOW, row.event.type, row.dataHash);
+                if (dup)
+                    continue;
+                if (cnt >= MAX_EVENTS_PER_SESSION) {
+                    this.stmt(S.evictLowestPriority).run(sessionId);
+                }
+                else {
+                    cnt++;
+                }
+                this.stmt(S.insertEvent).run(sessionId, row.event.type, row.event.category, row.event.priority, row.event.data, row.projectDir, row.attributionSource, row.attributionConfidence, sourceHook, row.dataHash);
+            }
+            this.stmt(S.updateMetaLastEvent).run(sessionId);
+        });
+        this.withRetry(() => transaction());
+    }
     /**
      * Retrieve events for a session with optional filtering.
      */
@@ -383,6 +492,78 @@ export class SessionDB extends SQLiteBase {
     markResumeConsumed(sessionId) {
         this.stmt(S.markResumeConsumed).run(sessionId);
     }
+    /**
+     * Atomically claim the most recent unconsumed resume snapshot in this DB.
+     *
+     * `SessionDB` is sharded per project (see `getSessionDBPath` — SHA-256 of
+     * project dir), so "this DB" already implies "this project". The atomic
+     * `UPDATE … RETURNING` ensures concurrent processes for the same project
+     * cannot both inject the same snapshot (Mickey / PR #376 race).
+     *
+     * Returns null when no unconsumed snapshot exists.
+     */
+    claimLatestUnconsumedResume() {
+        const row = this.stmt(S.claimLatestUnconsumedResume).get();
+        if (!row)
+            return null;
+        return { sessionId: row.session_id, snapshot: row.snapshot };
+    }
+    /**
+     * Return the most recent session_id from session_meta, or null if none.
+     * Used by the runtime to attach persistent counters to the right session
+     * after a process restart.
+     */
+    getLatestSessionId() {
+        try {
+            const row = this.db.prepare("SELECT session_id FROM session_meta ORDER BY started_at DESC LIMIT 1").get();
+            return row?.session_id ?? null;
+        }
+        catch {
+            return null;
+        }
+    }
+    // ═══════════════════════════════════════════
+    // Tool call counters (Bug #1 + #2 — survive restart, --continue, upgrade)
+    // ═══════════════════════════════════════════
+    /**
+     * Increment the persistent tool-call counter for `tool` in `sessionId`.
+     * Adds `bytesReturned` to the cumulative total. Idempotent across
+     * SessionDB instances — counters survive process restart.
+     */
+    incrementToolCall(sessionId, tool, bytesReturned = 0) {
+        const safeBytes = Number.isFinite(bytesReturned) && bytesReturned > 0 ? Math.round(bytesReturned) : 0;
+        try {
+            this.stmt(S.incrementToolCall).run(sessionId, tool, safeBytes);
+        }
+        catch {
+            // best-effort: counter must never throw and break the parent call
+        }
+    }
+    /**
+     * Get aggregated tool-call stats for `sessionId`. Returns zero-stats
+     * when the session has no recorded calls.
+     */
+    getToolCallStats(sessionId) {
+        try {
+            const totals = this.stmt(S.getToolCallTotals).get(sessionId);
+            const rows = this.stmt(S.getToolCallByTool).all(sessionId);
+            const byTool = {};
+            for (const row of rows) {
+                byTool[row.tool] = {
+                    calls: row.calls,
+                    bytesReturned: row.bytes_returned,
+                };
+            }
+            return {
+                totalCalls: totals?.calls ?? 0,
+                totalBytesReturned: totals?.bytes_returned ?? 0,
+                byTool,
+            };
+        }
+        catch {
+            return { totalCalls: 0, totalBytesReturned: 0, byTool: {} };
+        }
+    }
     // ═══════════════════════════════════════════
     // Lifecycle
     // ═══════════════════════════════════════════

package/build/session/extract.js

@@ -32,8 +32,23 @@ function extractFileAndRule(input) {
     const events = [];
     if (tool_name === "Read") {
         const filePath = String(tool_input["file_path"] ?? "");
-        // Rule detection: CLAUDE.md or anything inside a .claude/ directory
-        const isRuleFile = /CLAUDE\.md$|\.claude[\\/]/i.test(filePath);
+        // Rule detection — covers every supported platform's instruction
+        // file convention plus per-user memory directories. Hardcoding here
+        // (instead of dispatching through the adapter) keeps extract.ts
+        // pure / sync / hot-path-safe — the tradeoff is that adding a new
+        // platform requires updating this regex.
+        //
+        //   Filenames: CLAUDE.md, AGENTS.md, AGENTS.override.md, GEMINI.md,
+        //              QWEN.md, KIRO.md, copilot-instructions.md,
+        //              context-mode.mdc
+        //   Directories: .claude/, .codex/memories/, .qwen/memory/,
+        //                .gemini/memory/, .config/<plat>/memory/, .cursor/memory/,
+        //                .github/memory/, .kiro/memory/, etc.
+        const isRuleFile = /(?:CLAUDE|AGENTS(?:\.override)?|GEMINI|QWEN|KIRO)\.md$/i.test(filePath)
+            || /\/copilot-instructions\.md$/i.test(filePath)
+            || /\/context-mode\.mdc$/i.test(filePath)
+            || /\.claude[\\/]/i.test(filePath)
+            || /[\\/]memor(?:y|ies)[\\/][^\\/]+\.md$/i.test(filePath);
         if (isRuleFile) {
             events.push({
                 type: "rule",
@@ -415,6 +430,112 @@ function extractMcp(input) {
             priority: 3,
         }];
 }
+/**
+ * Category 27: mcp_tool_call
+ * Records the raw MCP call shape (tool_name + tool_input) so analytics
+ * can compute usage patterns like batch concurrency.
+ *
+ * Distinct from `extractMcp` (category "mcp"), which captures the textual
+ * call+response for FTS5 search. This emits a structured JSON payload
+ * keyed by tool_name + params, capped to ~2KB to keep SQLite rows small.
+ *
+ * Priority 4 (informational) — should not crowd out high-signal events
+ * during FIFO eviction.
+ */
+const MCP_PARAMS_BUDGET_BYTES = 2048;
+/**
+ * UTF-8-aware string truncation. Returns the longest prefix of `s` whose
+ * UTF-8 byte length is <= `maxBytes`, never landing mid-multibyte-codepoint.
+ *
+ * Naive `s.slice(0, N)` operates on UTF-16 code units, so a 2KB cap could
+ * either over-shoot (multi-byte codepoints occupy fewer code units than
+ * bytes — e.g. a chunk of CJK / emoji-heavy JSON would silently exceed
+ * the byte budget) or land mid surrogate pair (corrupt JSON downstream).
+ */
+function truncateToBytes(s, maxBytes) {
+    if (Buffer.byteLength(s, "utf8") <= maxBytes)
+        return { value: s, truncated: false };
+    const buf = Buffer.from(s, "utf8");
+    // Walk back from maxBytes until the byte starts a fresh codepoint:
+    //   0xxxxxxx → ASCII (start)
+    //   11xxxxxx → start of multi-byte
+    //   10xxxxxx → continuation; keep walking
+    let cut = maxBytes;
+    while (cut > 0 && (buf[cut] & 0xc0) === 0x80)
+        cut--;
+    return { value: buf.subarray(0, cut).toString("utf8"), truncated: true };
+}
+/**
+ * Keys whose VALUES must be redacted before persisting tool_input — secrets,
+ * tokens, credentials, signatures. Match is on the LAST path segment of the
+ * key (case-insensitive substring), so `headers.Authorization`, `auth.token`,
+ * `apiKey`, `API_KEY`, `password`, `secret`, `cookie`, `set-cookie`, `signature`,
+ * `private_key`, etc. all redact. False-positive risk acceptable — we'd rather
+ * over-redact than ship a Bearer token to SQLite.
+ */
+const SECRET_KEY_PATTERN = /(authorization|auth_token|access_token|refresh_token|bearer|token|secret|password|passwd|pwd|api[-_]?key|apikey|cookie|set-cookie|signature|private[-_]?key|client[-_]?secret|x[-_]?api[-_]?key)/i;
+const REDACTED = "[REDACTED]";
+/**
+ * Walk an arbitrary JSON-serializable value and return a clone with values
+ * redacted under any key matching SECRET_KEY_PATTERN. Cycle-safe.
+ */
+function redactSecrets(value, ancestors = new WeakSet()) {
+    if (value == null || typeof value !== "object")
+        return value;
+    // Path-based ancestor check: only flag TRUE cycles, not DAG / shared refs
+    // (e.g., a single `headers` object passed to multiple sub-requests must
+    // be processed at every reference site, not flagged as circular).
+    if (ancestors.has(value))
+        return "[CIRCULAR]";
+    ancestors.add(value);
+    let out;
+    if (Array.isArray(value)) {
+        out = value.map((v) => redactSecrets(v, ancestors));
+    }
+    else {
+        const obj = {};
+        for (const [k, v] of Object.entries(value)) {
+            if (SECRET_KEY_PATTERN.test(k)) {
+                obj[k] = REDACTED;
+            }
+            else {
+                obj[k] = redactSecrets(v, ancestors);
+            }
+        }
+        out = obj;
+    }
+    ancestors.delete(value); // pop ancestor — siblings can re-visit
+    return out;
+}
+function extractMcpToolCall(input) {
+    const { tool_name, tool_input } = input;
+    if (!tool_name.startsWith("mcp__"))
+        return [];
+    // Redact secrets BEFORE serialization. Any `tool_input` carrying
+    // `Authorization: Bearer …`, `api_key: "sk-…"`, cookies, signatures, etc.
+    // is masked before it touches SQLite. Over-redaction acceptable — under-
+    // redaction is a credential leak to SessionDB.
+    const redactedInput = redactSecrets(tool_input ?? {});
+    // Serialize the redacted shape, then truncate the *string* (not the object)
+    // so the diagnosable shape survives huge payloads.
+    let paramsStr;
+    try {
+        paramsStr = JSON.stringify(redactedInput);
+    }
+    catch {
+        paramsStr = "{}";
+    }
+    const { value: cappedStr, truncated } = truncateToBytes(paramsStr, MCP_PARAMS_BUDGET_BYTES);
+    const payload = truncated
+        ? `{"tool_name":${JSON.stringify(tool_name)},"params_raw":${JSON.stringify(cappedStr)},"truncated":true}`
+        : `{"tool_name":${JSON.stringify(tool_name)},"params":${cappedStr}}`;
+    return [{
+            type: "mcp_tool_call",
+            category: "mcp_tool_call",
+            data: safeString(payload),
+            priority: 4,
+        }];
+}
 /**
  * Category 6 (tool-based): decision
  * AskUserQuestion tool — tracks questions posed to user and their answers.
@@ -751,6 +872,7 @@ export function extractEvents(input) {
         events.push(...extractSkill(input));
         events.push(...extractSubagent(input));
         events.push(...extractMcp(input));
+        events.push(...extractMcpToolCall(input));
         events.push(...extractDecision(input));
         events.push(...extractConstraint(input));
         events.push(...extractWorktree(input));

package/build/tool-naming.d.ts

@@ -0,0 +1,4 @@
+export declare function getToolName(platform: string, bareTool: string): string;
+export type ToolNamer = (bareTool: string) => string;
+export declare function createToolNamer(platform: string): ToolNamer;
+export declare const KNOWN_PLATFORMS: string[];

package/build/tool-naming.js

@@ -0,0 +1,24 @@
+const TOOL_PREFIXES = {
+    "claude-code": (tool) => `mcp__plugin_context-mode_context-mode__${tool}`,
+    "gemini-cli": (tool) => `mcp__context-mode__${tool}`,
+    "antigravity": (tool) => `mcp__context-mode__${tool}`,
+    "opencode": (tool) => `context-mode_${tool}`,
+    "kilo": (tool) => `context-mode_${tool}`,
+    "vscode-copilot": (tool) => `context-mode_${tool}`,
+    "jetbrains-copilot": (tool) => `context-mode_${tool}`,
+    "kiro": (tool) => `@context-mode/${tool}`,
+    "zed": (tool) => `mcp:context-mode:${tool}`,
+    "cursor": (tool) => tool,
+    "codex": (tool) => tool,
+    "openclaw": (tool) => tool,
+    "pi": (tool) => tool,
+    "qwen-code": (tool) => `mcp__context-mode__${tool}`,
+};
+export function getToolName(platform, bareTool) {
+    const fn = TOOL_PREFIXES[platform] || TOOL_PREFIXES["claude-code"];
+    return fn(bareTool);
+}
+export function createToolNamer(platform) {
+    return (bareTool) => getToolName(platform, bareTool);
+}
+export const KNOWN_PLATFORMS = Object.keys(TOOL_PREFIXES);