context-mode 1.0.136 → 1.0.138

package/build/server.js

@@ -8,6 +8,7 @@ import { join, dirname, resolve, sep, isAbsolute } from "node:path";
 import { fileURLToPath } from "node:url";
 import { homedir, tmpdir, cpus } from "node:os";
 import { request as httpsRequest } from "node:https";
+import { AsyncLocalStorage } from "node:async_hooks";
 import { z } from "zod";
 import { PolyglotExecutor } from "./executor.js";
 import { runPool } from "./runPool.js";
@@ -43,19 +44,130 @@ const VERSION = (() => {
     }
     return "unknown";
 })();
-// Prevent silent server death from unhandled async errors
-process.on("unhandledRejection", (err) => {
-    process.stderr.write(`[context-mode] unhandledRejection: ${err}\n`);
-});
-process.on("uncaughtException", (err) => {
-    process.stderr.write(`[context-mode] uncaughtException: ${err?.message ?? err}\n`);
-});
+// Prevent silent MCP server death from unhandled async errors.
+//
+// Guarded for plugin-native OpenCode/Kilo imports (#574): when server.js is
+// imported only to reuse the ctx_* tool registry, these handlers would become
+// process-wide OpenCode/Kilo host handlers. In Node, adding an
+// `uncaughtException` listener changes default crash behavior, so only the
+// standalone MCP process may install them.
+if (process.env.CONTEXT_MODE_EMBEDDED_PLUGIN_TOOLS !== "1") {
+    process.on("unhandledRejection", (err) => {
+        process.stderr.write(`[context-mode] unhandledRejection: ${err}\n`);
+    });
+    process.on("uncaughtException", (err) => {
+        process.stderr.write(`[context-mode] uncaughtException: ${err?.message ?? err}\n`);
+    });
+}
 const runtimes = detectRuntimes();
 const available = getAvailableLanguages(runtimes);
-const server = new McpServer({
+export const server = new McpServer({
     name: "context-mode",
     version: VERSION,
 });
+export const REGISTERED_CTX_TOOLS = [];
+export function shouldSuppressMcpToolsForNativePluginHost(opts = {}) {
+    const embedded = opts.embedded ?? process.env.CONTEXT_MODE_EMBEDDED_PLUGIN_TOOLS;
+    if (embedded === "1")
+        return false;
+    const platform = opts.platform ?? detectPlatform().platform;
+    if (platform !== "opencode" && platform !== "kilo")
+        return false;
+    const settings = opts.settings ?? readNativePluginHostSettings(platform);
+    return settingsHasContextModePlugin(settings) && settingsHasLegacyContextModeMcp(settings);
+}
+function stripJsonComments(str) {
+    let out = "";
+    let inString = false;
+    let escaped = false;
+    let inBlockComment = false;
+    for (let i = 0; i < str.length; i++) {
+        const c = str[i];
+        const next = str[i + 1];
+        if (inBlockComment) {
+            if (c === "*" && next === "/") {
+                inBlockComment = false;
+                i++;
+            }
+            continue;
+        }
+        if (escaped) {
+            out += c;
+            escaped = false;
+            continue;
+        }
+        if (c === "\\") {
+            out += c;
+            escaped = inString;
+            continue;
+        }
+        if (c === '"') {
+            inString = !inString;
+            out += c;
+            continue;
+        }
+        if (!inString && c === "/" && next === "/") {
+            while (i < str.length && str[i] !== "\n")
+                i++;
+            if (i < str.length)
+                out += "\n";
+            continue;
+        }
+        if (!inString && c === "/" && next === "*") {
+            inBlockComment = true;
+            i++;
+            continue;
+        }
+        out += c;
+    }
+    return out
+        .replace(/,(\s*[}\]])/g, "$1");
+}
+function readNativePluginHostSettings(platform) {
+    const base = platform === "kilo" ? "kilo" : "opencode";
+    const paths = [
+        resolve(`${base}.json`),
+        resolve(`${base}.jsonc`),
+        resolve(`.${base}`, `${base}.json`),
+        resolve(`.${base}`, `${base}.jsonc`),
+        join(homedir(), ".config", base, `${base}.json`),
+        join(homedir(), ".config", base, `${base}.jsonc`),
+    ];
+    for (const p of paths) {
+        try {
+            if (!existsSync(p))
+                continue;
+            return JSON.parse(stripJsonComments(readFileSync(p, "utf8")));
+        }
+        catch { /* try next config path */ }
+    }
+    return null;
+}
+function settingsHasContextModePlugin(settings) {
+    const plugins = settings?.plugin;
+    return Array.isArray(plugins) && plugins.some((p) => typeof p === "string" && p.includes("context-mode"));
+}
+function settingsHasLegacyContextModeMcp(settings) {
+    const mcp = settings?.mcp;
+    return !!(mcp &&
+        typeof mcp === "object" &&
+        !Array.isArray(mcp) &&
+        Object.prototype.hasOwnProperty.call(mcp, "context-mode"));
+}
+const suppressMcpToolsForNativePluginHost = shouldSuppressMcpToolsForNativePluginHost();
+const originalRegisterTool = server.registerTool.bind(server);
+server.registerTool = (...args) => {
+    const [name, config, handler] = args;
+    if (suppressMcpToolsForNativePluginHost)
+        return undefined;
+    REGISTERED_CTX_TOOLS.push({ name, config, handler });
+    return originalRegisterTool(...args);
+};
+const projectDirOverride = new AsyncLocalStorage();
+export async function withProjectDirOverride(projectDir, fn) {
+    const ctx = typeof projectDir === "string" ? { projectDir } : projectDir;
+    return projectDirOverride.run(ctx, fn);
+}
 // Register empty prompts/resources handlers so MCP clients don't get -32601 (#168).
 // OpenCode calls listPrompts()/listResources() unconditionally — the error can poison
 // the SDK transport layer, causing subsequent listTools() calls to fail permanently.
@@ -76,6 +188,14 @@ const executor = new PolyglotExecutor({
 // This temp file is loaded via --require when batch commands spawn Node processes.
 const CM_FS_PRELOAD = join(tmpdir(), `cm-fs-preload-${process.pid}.js`);
 writeFileSync(CM_FS_PRELOAD, `(function(){var __cm_fs=0;process.on('exit',function(){if(__cm_fs>0)try{process.stderr.write('__CM_FS__:'+__cm_fs+'\\n')}catch(e){}});try{var f=require('fs');var ors=f.readFileSync;f.readFileSync=function(){var r=ors.apply(this,arguments);if(Buffer.isBuffer(r))__cm_fs+=r.length;else if(typeof r==='string')__cm_fs+=Buffer.byteLength(r);return r;};}catch(e){}})();\n`);
+// In the stdio MCP path, main() also removes this file during graceful
+// shutdown. Plugin-native OpenCode/Kilo imports skip main() (#574), so
+// register a top-level best-effort cleanup too to avoid leaking preload
+// snippets under /tmp when the host process exits.
+process.on("exit", () => { try {
+    unlinkSync(CM_FS_PRELOAD);
+}
+catch { /* best effort */ } });
 // Lazy singleton — no DB overhead unless index/search is used
 let _store = null;
 /**
@@ -87,6 +207,9 @@ let _store = null;
  * legacy unattributed rows readable.
  */
 export function currentAttribution() {
+    const override = projectDirOverride.getStore();
+    if (override?.sessionId)
+        return { sessionId: override.sessionId };
     // CLAUDE_SESSION_ID env var is NOT propagated to MCP servers (only to hooks).
     // Cross-adapter resolution: every adapter (15 of them) sets *_PROJECT_DIR env
     // and writes session_events via hooks. Read the most-recent session_id from
@@ -240,6 +363,9 @@ function getSessionDir() {
  * that don't set their own env var (Cursor, OpenClaw, Codex, Kiro, Zed).
  */
 function getProjectDir() {
+    const override = projectDirOverride.getStore();
+    if (override)
+        return override.projectDir;
     // Delegated to the shared resolver so the env-var chain rejects plugin
     // install paths (set by a prior MCP boot's start.mjs after `/ctx-upgrade`)
     // and prefers the shell-set PWD before the chdir'd cwd. v1.0.115 adds
@@ -2908,7 +3034,10 @@ server.registerTool("ctx_upgrade", {
             `const pkg=JSON.parse(readFileSync(join(T,"package.json"),"utf8"));`,
             `const items=[...(Array.isArray(pkg.files)?pkg.files:[]),"src","package.json"];`,
             `for(const item of items){const from=join(T,item);const to=join(P,item);if(existsSync(from)){rmSync(to,{recursive:true,force:true});cpSync(from,to,{recursive:true,force:true});}}`,
-            `writeFileSync(join(P,".mcp.json"),JSON.stringify({mcpServers:{"context-mode":{command:"node",args:["\${CLAUDE_PLUGIN_ROOT}/start.mjs"]}}},null,2)+"\\n");`,
+            // Issue #609: do NOT write .mcp.json into the cache dir. Claude Code reads
+            // .claude-plugin/plugin.json.mcpServers as the canonical MCP source — the
+            // per-version .mcp.json file is a stale-write vector. Same architectural
+            // fix as the cli.ts upgrade() path; both writers were the only producers.
             `console.log("- [x] Copied package files");`,
             `execFileSync(process.platform==="win32"?"npm.cmd":"npm",["install","--production"],{cwd:P,stdio:"inherit",shell:process.platform==="win32"});`,
             `console.log("- [x] Installed production dependencies");`,
@@ -3480,20 +3609,6 @@ server.registerTool("ctx_insight", {
 // Server startup
 // ─────────────────────────────────────────────────────────
 async function main() {
-    // Startup sibling sweep (#565). OpenCode/KiloCode spawn one MCP child
-    // per session/subagent and never reap them. When a new MCP child boots
-    // under a host that already has N stale idle siblings (sharing OUR
-    // ppid), reclaim them before opening our own DB / sentinel / stdio.
-    // Best effort — never blocks startup.
-    try {
-        const { startupSiblingSweep } = await import("./util/sibling-mcp.js");
-        const report = await startupSiblingSweep();
-        if (report.totalKilled > 0) {
-            console.error(`Reaped ${report.totalKilled} stale sibling MCP server(s) ` +
-                `(SIGTERM: ${report.terminatedBySigterm}, SIGKILL: ${report.terminatedBySigkill})`);
-        }
-    }
-    catch { /* best effort */ }
     // Clean up stale DB files from previous sessions
     const cleaned = cleanupStaleDBs();
     if (cleaned > 0) {
@@ -3543,38 +3658,7 @@ async function main() {
     process.on("SIGINT", () => { gracefulShutdown(); });
     process.on("SIGTERM", () => { gracefulShutdown(); });
     // Lifecycle guard: detect parent death + stdin close to prevent orphaned processes (#103)
-    // Also: idle self-shutdown (#565) — OpenCode/KiloCode open one MCP child per
-    // session AND per subagent and never tear them down for the host's lifetime,
-    // accumulating one stdio child per session (observed: 26 children / 1.6 GB
-    // RSS under a single `opencode serve` parent). Idle timeout reaps quiescent
-    // servers; live ones bump `recordActivity()` on every JSON-RPC request via
-    // the MCP SDK's `_onrequest` hook wrapped below.
-    const lifecycle = startLifecycleGuard({ onShutdown: () => gracefulShutdown() });
-    // Wrap the SDK's internal request entry so every JSON-RPC `tools/call`,
-    // `tools/list`, etc. resets the idle timer. We intercept at this layer
-    // rather than per-tool because (a) it covers ALL requests, including
-    // listTools / listPrompts / listResources / ping, and (b) it survives
-    // future tool additions without each handler needing to remember to opt in.
-    //
-    // The cast is necessary because `_onrequest` is intentionally undocumented
-    // in the SDK's public types. Best effort — if the field shape changes in
-    // a future SDK release the lifecycle still works, idle reset just degrades
-    // to "untriggered" which simply means the server lives until the next
-    // ppid/signal-based exit path fires. We never block the request path.
-    try {
-        const inner = server.server;
-        const origOnRequest = inner._onrequest;
-        if (typeof origOnRequest === "function") {
-            inner._onrequest = function (...args) {
-                try {
-                    lifecycle.recordActivity();
-                }
-                catch { /* never break request path */ }
-                return origOnRequest.apply(this, args);
-            };
-        }
-    }
-    catch { /* best effort — see comment above */ }
+    startLifecycleGuard({ onShutdown: () => gracefulShutdown() });
     const transport = new StdioServerTransport();
     await server.connect(transport);
     // Write MCP readiness sentinel (#230)
@@ -3642,7 +3726,9 @@ async function main() {
         }
     }
 }
-main().catch((err) => {
-    console.error("Fatal:", err);
-    process.exit(1);
-});
+if (process.env.CONTEXT_MODE_EMBEDDED_PLUGIN_TOOLS !== "1") {
+    main().catch((err) => {
+        console.error("Fatal:", err);
+        process.exit(1);
+    });
+}

package/build/session/db.d.ts

@@ -216,6 +216,12 @@ export declare class SessionDB extends SQLiteBase {
      * Return the most recently attributed project dir for a session.
      */
     getLatestAttributedProjectDir(sessionId: string): string | null;
+    /**
+     * Look up the project_dir from session_meta as a last-resort fallback
+     * for event attribution. Prevents project_dir='' orphans when the caller
+     * (e.g. pi adapter) omits the attribution parameter.
+     */
+    _getSessionProjectDir(sessionId: string): string;
     /**
      * Search events by text query scoped to a project directory.
      *

package/build/session/db.js

@@ -491,7 +491,7 @@ export class SessionDB extends SQLiteBase {
         // ── Search ──
         p(S.searchEvents, `SELECT id, session_id, category, type, data, created_at
        FROM session_events
-       WHERE project_dir = ?
+       WHERE (project_dir = ? OR project_dir = '')
          AND (data LIKE '%' || ? || '%' ESCAPE '\\' OR category LIKE '%' || ? || '%' ESCAPE '\\')
          AND (? IS NULL OR category = ?)
        ORDER BY id ASC
@@ -536,7 +536,7 @@ export class SessionDB extends SQLiteBase {
             .toUpperCase();
         const projectDir = String(attribution?.projectDir
             ?? event.project_dir
-            ?? "").trim();
+            ?? this._getSessionProjectDir(sessionId)).trim();
         const attributionSource = String(attribution?.source
             ?? event.attribution_source
             ?? "unknown");
@@ -595,7 +595,7 @@ export class SessionDB extends SQLiteBase {
                 .slice(0, 16)
                 .toUpperCase();
             const attribution = attributions?.[i];
-            const projectDir = String(attribution?.projectDir ?? event.project_dir ?? "").trim();
+            const projectDir = String(attribution?.projectDir ?? event.project_dir ?? this._getSessionProjectDir(sessionId) ?? "").trim();
             const attributionSource = String(attribution?.source ?? event.attribution_source ?? "unknown");
             const rawConfidence = Number(attribution?.confidence ?? event.attribution_confidence ?? 0);
             const attributionConfidence = Number.isFinite(rawConfidence)
@@ -681,6 +681,20 @@ export class SessionDB extends SQLiteBase {
         const row = this.stmt(S.getLatestAttributedProject).get(sessionId);
         return row?.project_dir || null;
     }
+    /**
+     * Look up the project_dir from session_meta as a last-resort fallback
+     * for event attribution. Prevents project_dir='' orphans when the caller
+     * (e.g. pi adapter) omits the attribution parameter.
+     */
+    _getSessionProjectDir(sessionId) {
+        try {
+            const row = this.db.prepare("SELECT project_dir FROM session_meta WHERE session_id = ?").get(sessionId);
+            return row?.project_dir || "";
+        }
+        catch {
+            return "";
+        }
+    }
     /**
      * Search events by text query scoped to a project directory.
      *

package/build/util/db-lock.d.ts

@@ -0,0 +1,65 @@
+/**
+ * db-lock — Per-DB lockfile primitive for single-writer enforcement (#560).
+ *
+ * Issue #560: multiple context-mode MCP servers writing the same on-disk
+ * SQLite content store unbounded the WAL — readers held shared locks
+ * indefinitely so `wal_checkpoint(TRUNCATE)` never fired, and the only
+ * existing truncation path is `closeDB`'s checkpoint on graceful exit
+ * (which #559's zombie servers never reach). Result: 238MB+ WAL files
+ * and ctx_search hangs.
+ *
+ * This module provides a tiny atomic-write primitive sitting in front of
+ * `new Database(...)`. The first opener writes its PID into
+ * `<dbPath>.lock` via O_EXCL (`flag: 'wx'`). Subsequent openers either:
+ *
+ *   - find the lockfile + see the PID is alive → throw
+ *     DatabaseLockedError with the reporter's verbatim message;
+ *   - find the lockfile + see the PID is dead → claim it, with a re-read
+ *     check to resolve a same-instant race between two stale-claimers.
+ *
+ * The lockfile is the PRIMARY single-writer defense. The SQLiteBase ctor
+ * also applies `locking_mode = EXCLUSIVE` as a SECONDARY defense
+ * (belt-and-braces) — the lockfile owns the user-facing UX, EXCLUSIVE
+ * catches the narrow race window between the lockfile check and the
+ * actual `Database(...)` open.
+ *
+ * Per-process tmp DBs (those under `os.tmpdir()`) skip the lockfile
+ * entirely — those are the existing `defaultDBPath()` shape and embed
+ * `process.pid` already, so cross-instance contention is impossible.
+ *
+ * `isProcessAlive` is COPIED from `store.ts:187` — not imported — to
+ * keep `db-base.ts` (which imports this module) free of any dependency
+ * on `store.ts` (which itself imports from `db-base.ts`). See
+ * PR-559-560-FIX-DESIGN.md regression risks #4.
+ */
+/** User-facing failure used by SQLiteBase to surface the contention. */
+export declare class DatabaseLockedError extends Error {
+    readonly pid: number;
+    readonly dbPath: string;
+    constructor(pid: number, dbPath: string);
+}
+export interface AcquireOptions {
+    dbPath: string;
+}
+export interface AcquireResult {
+    /** True when the lockfile was skipped because dbPath is under tmpdir. */
+    skipped: boolean;
+}
+/**
+ * Atomically claim the lockfile for `dbPath`. Throws `DatabaseLockedError`
+ * if another live process holds it. Silently claims stale lockfiles whose
+ * owning PID is dead.
+ */
+export declare function acquireDbLock(opts: AcquireOptions): AcquireResult;
+export interface ReleaseOptions {
+    dbPath: string;
+}
+/**
+ * Drop the lockfile for `dbPath`. Swallows all errors so callers can
+ * always invoke this in a finally / cleanup path without try/catch —
+ * mirrors the shape of `db-base.ts closeDB`.
+ *
+ * Skipped (no-op) when `dbPath` is under tmpdir — symmetric with
+ * `acquireDbLock`'s skip-gate.
+ */
+export declare function releaseDbLock(opts: ReleaseOptions): void;

package/build/util/db-lock.js

@@ -0,0 +1,166 @@
+/**
+ * db-lock — Per-DB lockfile primitive for single-writer enforcement (#560).
+ *
+ * Issue #560: multiple context-mode MCP servers writing the same on-disk
+ * SQLite content store unbounded the WAL — readers held shared locks
+ * indefinitely so `wal_checkpoint(TRUNCATE)` never fired, and the only
+ * existing truncation path is `closeDB`'s checkpoint on graceful exit
+ * (which #559's zombie servers never reach). Result: 238MB+ WAL files
+ * and ctx_search hangs.
+ *
+ * This module provides a tiny atomic-write primitive sitting in front of
+ * `new Database(...)`. The first opener writes its PID into
+ * `<dbPath>.lock` via O_EXCL (`flag: 'wx'`). Subsequent openers either:
+ *
+ *   - find the lockfile + see the PID is alive → throw
+ *     DatabaseLockedError with the reporter's verbatim message;
+ *   - find the lockfile + see the PID is dead → claim it, with a re-read
+ *     check to resolve a same-instant race between two stale-claimers.
+ *
+ * The lockfile is the PRIMARY single-writer defense. The SQLiteBase ctor
+ * also applies `locking_mode = EXCLUSIVE` as a SECONDARY defense
+ * (belt-and-braces) — the lockfile owns the user-facing UX, EXCLUSIVE
+ * catches the narrow race window between the lockfile check and the
+ * actual `Database(...)` open.
+ *
+ * Per-process tmp DBs (those under `os.tmpdir()`) skip the lockfile
+ * entirely — those are the existing `defaultDBPath()` shape and embed
+ * `process.pid` already, so cross-instance contention is impossible.
+ *
+ * `isProcessAlive` is COPIED from `store.ts:187` — not imported — to
+ * keep `db-base.ts` (which imports this module) free of any dependency
+ * on `store.ts` (which itself imports from `db-base.ts`). See
+ * PR-559-560-FIX-DESIGN.md regression risks #4.
+ */
+import { writeFileSync, readFileSync, unlinkSync } from "node:fs";
+import { tmpdir } from "node:os";
+/** User-facing failure used by SQLiteBase to surface the contention. */
+export class DatabaseLockedError extends Error {
+    pid;
+    dbPath;
+    constructor(pid, dbPath) {
+        super(`Another context-mode server is already running (PID: ${pid}). ` +
+            `Stop it before starting a new instance.`);
+        this.name = "DatabaseLockedError";
+        this.pid = pid;
+        this.dbPath = dbPath;
+    }
+}
+/**
+ * Liveness probe — a 6-line copy of `store.ts:187 isProcessAlive`.
+ * Sends signal 0 (no-op kill) which only verifies that the kernel
+ * recognizes the PID + that the caller has permission to signal it.
+ *
+ * Copied (not imported) so this module stays leaf-level and `db-base.ts`
+ * does not pick up a transitive dependency on `store.ts` — `store.ts`
+ * already imports from `db-base.ts`, so the reverse would create a
+ * circular dep that breaks under bun:sqlite's lazy load path.
+ */
+function isProcessAlive(pid) {
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function lockPathFor(dbPath) {
+    return `${dbPath}.lock`;
+}
+/**
+ * tmpdir skip-gate — per-process DBs (e.g. defaultDBPath() output) embed
+ * `process.pid` so cross-instance contention is impossible by
+ * construction. We never want to install a lockfile on the test runner's
+ * tmp scratch path either.
+ */
+function isUnderTmpdir(dbPath) {
+    // Trailing-slash normalize — tmpdir() may or may not include it on the
+    // current platform, and dbPath may be exactly tmpdir() when callers
+    // join() with no separator (rare but cheap to guard).
+    const tmp = tmpdir();
+    return dbPath === tmp || dbPath.startsWith(tmp + "/") || dbPath.startsWith(tmp + "\\");
+}
+/**
+ * Atomically claim the lockfile for `dbPath`. Throws `DatabaseLockedError`
+ * if another live process holds it. Silently claims stale lockfiles whose
+ * owning PID is dead.
+ */
+export function acquireDbLock(opts) {
+    const { dbPath } = opts;
+    if (isUnderTmpdir(dbPath))
+        return { skipped: true };
+    const lockPath = lockPathFor(dbPath);
+    const ownPid = String(process.pid);
+    // Fast path: O_EXCL atomic create — succeeds iff the lockfile did not
+    // exist. This is the single race-free moment that grants ownership.
+    try {
+        writeFileSync(lockPath, ownPid, { flag: "wx" });
+        return { skipped: false };
+    }
+    catch (err) {
+        const code = err?.code;
+        if (code !== "EEXIST")
+            throw err;
+        // Fall through to liveness check.
+    }
+    // Slow path: lockfile exists. Read the PID, probe liveness.
+    let existingPidStr;
+    try {
+        existingPidStr = readFileSync(lockPath, "utf-8").trim();
+    }
+    catch {
+        // Lockfile vanished between EEXIST and read — race won by another
+        // claimer that already finished cleanup. Retry once via the fast
+        // path; if even that fails, surface as locked (best-effort).
+        try {
+            writeFileSync(lockPath, ownPid, { flag: "wx" });
+            return { skipped: false };
+        }
+        catch {
+            throw new DatabaseLockedError(0, dbPath);
+        }
+    }
+    const existingPid = Number.parseInt(existingPidStr, 10);
+    if (Number.isFinite(existingPid) && existingPid > 0 && isProcessAlive(existingPid)) {
+        throw new DatabaseLockedError(existingPid, dbPath);
+    }
+    // Stale lockfile — owning PID is dead (or unparseable). Claim it.
+    // We do NOT use { flag: 'wx' } here because we deliberately want to
+    // overwrite the dead-PID record. Then re-read to confirm we won the
+    // race against any other process also seeing the same stale lock.
+    writeFileSync(lockPath, ownPid, { flag: "w" });
+    let writtenPid;
+    try {
+        writtenPid = Number.parseInt(readFileSync(lockPath, "utf-8").trim(), 10);
+    }
+    catch {
+        // Vanished again — extremely unlikely. Surface as locked rather than
+        // proceeding with no guarantee.
+        throw new DatabaseLockedError(0, dbPath);
+    }
+    if (writtenPid !== process.pid) {
+        // Lost the stale-claim race to another concurrent claimer.
+        throw new DatabaseLockedError(writtenPid, dbPath);
+    }
+    return { skipped: false };
+}
+/**
+ * Drop the lockfile for `dbPath`. Swallows all errors so callers can
+ * always invoke this in a finally / cleanup path without try/catch —
+ * mirrors the shape of `db-base.ts closeDB`.
+ *
+ * Skipped (no-op) when `dbPath` is under tmpdir — symmetric with
+ * `acquireDbLock`'s skip-gate.
+ */
+export function releaseDbLock(opts) {
+    const { dbPath } = opts;
+    if (isUnderTmpdir(dbPath))
+        return;
+    try {
+        unlinkSync(lockPathFor(dbPath));
+    }
+    catch {
+        // Already gone, permission denied, etc. — best-effort.
+    }
+}

package/build/util/sibling-mcp.d.ts

@@ -38,21 +38,6 @@ export interface DiscoverOptions {
     platform?: NodeJS.Platform;
     /** Test injection point — defaults to `child_process.execFileSync`. */
     runCommand?: RunCommand;
-    /**
-     * When true, only return pids whose parent (ppid) is the SAME as the
-     * caller's own ppid (i.e. siblings under the same host process).
-     *
-     * Used by the startup sweep (#565) so an opencode-spawned MCP child
-     * only reaps OTHER opencode-spawned MCP children, never the children
-     * of a different opencode/Claude host running in parallel.
-     *
-     * Requires a way to read each pid's ppid. Defaults to a `ps -o ppid=`
-     * probe on POSIX and PowerShell `Get-CimInstance` on Windows. Set
-     * `readPpid` to inject in tests.
-     */
-    sameParentOnly?: boolean;
-    /** Test injection — read ppid for a given pid. Defaults to platform probe. */
-    readPpid?: (pid: number) => number;
 }
 export interface KillOptions {
     pids: readonly number[];
@@ -92,28 +77,3 @@ export declare function discoverSiblingMcpPids(opts: DiscoverOptions): number[];
  *      counted — they were not ours to kill.
  */
 export declare function killSiblingMcpServers(opts: KillOptions): Promise<KillReport>;
-/**
- * Startup-time sibling sweep (#565).
- *
- * Discovers any context-mode MCP server pids that share OUR parent process
- * (i.e. other MCP children of the same host like `opencode serve`) and
- * terminates them. The intent is "exactly one MCP child per host" — when a
- * new MCP client spawns inside an opencode host that already has 25 stale
- * idle siblings, this sweep reclaims them at boot rather than waiting for
- * the idle timeout to fire on each one independently.
- *
- * Gated by env (default-on but easy to disable):
- *
- *   CONTEXT_MODE_STARTUP_SWEEP=0   → disabled
- *   CONTEXT_MODE_STARTUP_SWEEP=1   → enabled (default)
- *
- * Safety:
- *   - `sameParentOnly: true` — never touches MCP children of a different host.
- *   - Best-effort throughout: failures never block server startup.
- *   - Composes with the idle-timeout path: if a sibling is actively in use
- *     by another session, the parent process will simply spawn a new MCP
- *     child on its next request. The cost is one cold-start (~1–3 s) for
- *     that session, which is identical to opencode's existing behaviour
- *     of spawning a fresh MCP child per session anyway.
- */
-export declare function startupSiblingSweep(env?: NodeJS.ProcessEnv): Promise<KillReport>;