eagle-mem 4.12.1 → 4.13.1

package/tests/test_mod_tracker_concurrency.sh

@@ -0,0 +1,142 @@
+#!/usr/bin/env bash
+# ═══════════════════════════════════════════════════════════
+# Eagle Mem — mod-tracker concurrency regression test (finding #6)
+# Asserts:
+#   1. Many parallel writers never wedge the lock (no leaked *.lock dir).
+#   2. A pending append created DURING a drain is NOT lost (drains via mv, so
+#      only captured files are deleted; concurrent appends survive).
+#   3. A stale lock dir (older than TTL) is reclaimed, not wedged forever.
+#   4. The edit-history writer is lock-guarded and loses no append.
+# ═══════════════════════════════════════════════════════════
+set -uo pipefail
+
+ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+tmp_dir=$(mktemp -d)
+trap 'rm -rf "$tmp_dir"' EXIT
+
+export EAGLE_MEM_DIR="$tmp_dir/em"
+export EAGLE_AGENT_SOURCE="claude-code"
+export EAGLE_MEM_DISABLE_HOOKS=1
+export EAGLE_MOD_LOCK_TTL=2
+mkdir -p "$EAGLE_MEM_DIR"
+
+pass=0; fail=0
+ok()  { echo "  ok: $1"; pass=$((pass+1)); }
+bad() { echo "  FAIL: $1" >&2; fail=$((fail+1)); }
+
+. "$ROOT_DIR/lib/common.sh"
+
+# Pull the tracker functions out of post-tool-use.sh without running the hook
+# body. State-machine awk: capture the TTL assignment plus each named function
+# (header at column 0 through its closing `}` at column 0). No overlapping
+# ranges, so no duplicated lines.
+fn_src="$tmp_dir/tracker_fns.sh"
+awk '
+    /^EAGLE_MOD_LOCK_TTL=/ { print; next }
+    /^(eagle_acquire_dir_lock|eagle_track_modified_path|eagle_track_edit_history_path)\(\) \{/ { capture=1 }
+    capture { print }
+    capture && /^}$/ { capture=0 }
+' "$ROOT_DIR/hooks/post-tool-use.sh" > "$fn_src"
+bash -n "$fn_src" || { bad "extracted tracker fns have syntax errors"; cat "$fn_src" >&2; echo "$pass passed, $fail failed"; exit 1; }
+. "$fn_src"
+declare -F eagle_track_modified_path >/dev/null && ok "loaded eagle_track_modified_path" || { bad "could not load tracker fns"; echo "$pass passed, $fail failed"; exit 1; }
+declare -F eagle_acquire_dir_lock >/dev/null && ok "loaded eagle_acquire_dir_lock" || bad "could not load lock helper"
+
+SID="conc-aaa111bbb222"
+mod_dir="$EAGLE_MEM_DIR/mod-tracker"
+mod_file="$mod_dir/$SID"
+mod_lock="${mod_file}.lock"
+
+# ── 1. Parallel writers, no wedge ──────────────────────────
+N=40
+for i in $(seq 1 "$N"); do
+    eagle_track_modified_path "/p/file_${i}.txt" "$SID" &
+done
+wait
+[ ! -d "$mod_lock" ] && ok "1: lock dir not leaked after $N parallel writers" || bad "1: lock dir wedged"
+# Whatever is committed must be valid paths from our set (no corruption).
+committed=$(cat "$mod_file" 2>/dev/null | wc -l | tr -d ' ')
+[ "$committed" -ge 1 ] && ok "1: committed file has $committed line(s)" || bad "1: committed file empty"
+bad_lines=$(grep -vE '^/p/file_[0-9]+\.txt$' "$mod_file" 2>/dev/null | wc -l | tr -d ' ')
+[ "$bad_lines" = "0" ] && ok "1: no corrupted/interleaved lines in committed file" || bad "1: $bad_lines corrupted lines"
+
+# ── 2. Append during drain is NOT lost ─────────────────────
+# Hold the lock ourselves, create a pending file, snapshot starts, then a NEW
+# pending append lands. The drain must mv-capture only pre-existing pending
+# files and never delete the late append.
+rm -rf "$mod_dir"; mkdir -p "$mod_dir"
+printf '%s\n' "/p/early.txt" > "${mod_file}.pending.111"
+# Simulate: acquire lock, mv-drain existing pending, but a concurrent writer
+# adds a brand-new pending file before we rm. Reproduce the exact sequence the
+# fixed code uses.
+mkdir "$mod_lock"
+# drain step (mv existing pending out of the way)
+for pf in "${mod_file}".pending.*; do
+    [ -e "$pf" ] || continue
+    mv "$pf" "${pf}.draining.$$" 2>/dev/null || true
+done
+# CONCURRENT appender lands a new pending file AFTER our snapshot/mv:
+printf '%s\n' "/p/late.txt" > "${mod_file}.pending.999"
+# finish drain: build committed from draining files only, delete draining only
+{ cat "$mod_file" 2>/dev/null; for d in "${mod_file}".pending.*.draining.*; do [ -e "$d" ] && cat "$d"; done; } | tail -3 > "${mod_file}.tmp"
+mv "${mod_file}.tmp" "$mod_file"
+rm -f "${mod_file}".pending.*.draining.* 2>/dev/null || true
+rmdir "$mod_lock"
+# The late append must still be present as a pending file (not deleted).
+[ -f "${mod_file}.pending.999" ] && ok "2: concurrent append during drain survived (not deleted)" || bad "2: late append LOST"
+grep -q "/p/early.txt" "$mod_file" && ok "2: early pending drained into committed file" || bad "2: early pending lost"
+
+# ── 3. Stale lock reclaim ──────────────────────────────────
+rm -rf "$mod_dir"; mkdir -p "$mod_dir"
+mkdir "$mod_lock"
+# Age the lock past TTL (EAGLE_MOD_LOCK_TTL=2s) by backdating its mtime.
+touch -t "$(date -v-1H '+%Y%m%d%H%M.%S' 2>/dev/null || date -d '1 hour ago' '+%Y%m%d%H%M.%S')" "$mod_lock" 2>/dev/null || true
+# A new writer should reclaim the stale lock and succeed (not hang/fail).
+eagle_track_modified_path "/p/after_stale.txt" "$SID"
+[ ! -d "$mod_lock" ] && ok "3: stale lock reclaimed and released" || bad "3: stale lock not reclaimed"
+grep -q "/p/after_stale.txt" "$mod_file" && ok "3: write after stale-lock reclaim recorded" || bad "3: write lost after stale reclaim"
+
+# ── 4. edit-history writer is locked and loses nothing ─────
+edit_dir="$EAGLE_MEM_DIR/edit-tracker"
+edit_file="$edit_dir/$SID"
+rm -rf "$edit_dir"
+M=40
+for i in $(seq 1 "$M"); do
+    eagle_track_edit_history_path "/e/edit_${i}.txt" "$SID" &
+done
+wait
+[ ! -d "${edit_file}.lock" ] && ok "4: edit-history lock not leaked" || bad "4: edit-history lock wedged"
+edit_count=$(sort -u "$edit_file" 2>/dev/null | grep -cE '^/e/edit_[0-9]+\.txt$' || echo 0)
+[ "$edit_count" = "$M" ] && ok "4: all $M edit-history appends present (append-only, none lost)" || bad "4: only $edit_count/$M edit-history appends present"
+bad_e=$(grep -vE '^/e/edit_[0-9]+\.txt$' "$edit_file" 2>/dev/null | wc -l | tr -d ' ')
+[ "$bad_e" = "0" ] && ok "4: no torn/interleaved edit-history lines" || bad "4: $bad_e torn lines"
+
+# ── 5. Observation dedup is race-safe (finding #7) ─────────
+# Two concurrent identical observations must dedupe to ONE row. The fixed code
+# wraps the check-then-insert in BEGIN IMMEDIATE so the second writer blocks,
+# then sees the first row via NOT EXISTS.
+. "$ROOT_DIR/lib/db.sh"
+bash "$ROOT_DIR/db/migrate.sh" >/dev/null 2>&1
+OSID="obs-dedup-7777"
+eagle_upsert_session "$OSID" "obs/proj" "$tmp_dir" "" "test" "claude-code"
+for i in $(seq 1 12); do
+    eagle_insert_observation "$OSID" "obs/proj" "Bash" "ls -la /tmp" "[]" "[]" &
+done
+wait
+obs_rows=$(eagle_db "SELECT COUNT(*) FROM observations WHERE session_id='$OSID' AND tool_input_summary='ls -la /tmp';")
+[ "$obs_rows" = "1" ] && ok "5: 12 concurrent identical observations deduped to 1 row" || bad "5: dedup race produced $obs_rows rows (expected 1)"
+
+# eagle_db_strict exists and aborts a multi-statement script on first error.
+if declare -F eagle_db_strict >/dev/null; then
+    ok "5: eagle_db_strict variant present"
+    # A failing first statement must prevent the second from running.
+    eagle_db_strict "INSERT INTO nonexistent_table_xyz VALUES (1); INSERT INTO observations (session_id, project, tool_name) VALUES ('strict-canary','obs/proj','Bash');" >/dev/null 2>&1 || true
+    canary=$(eagle_db "SELECT COUNT(*) FROM observations WHERE session_id='strict-canary';")
+    [ "$canary" = "0" ] && ok "5: eagle_db_strict bailed before 2nd statement" || bad "5: eagle_db_strict did not bail ($canary canary rows)"
+else
+    bad "5: eagle_db_strict missing"
+fi
+
+echo ""
+echo "test_mod_tracker_concurrency: $pass passed, $fail failed"
+[ "$fail" -eq 0 ]

package/tests/test_redaction_coverage.sh

@@ -0,0 +1,183 @@
+#!/usr/bin/env bash
+# Regression coverage for the Phase 1 security hardening:
+#  - secrets are redacted BEFORE leaving the machine (LLM provider input,
+#    enrich job file) and before persistence (recall_events, observations)
+#  - configured [redaction] extra_patterns are actually applied by eagle_redact
+#  - orchestration workers default to a non-full-access (safe) autonomy mode
+#  - logs path resolver rejects traversal/symlink/out-of-root references
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+
+tmp_dir=$(mktemp -d "$ROOT_DIR/.tmp-redaction.XXXXXX")
+trap 'rm -rf "$tmp_dir"' EXIT
+
+export HOME="$tmp_dir/home"
+export EAGLE_MEM_DIR="$tmp_dir/eagle-mem"
+export EAGLE_CONFIG_FILE="$EAGLE_MEM_DIR/config.toml"
+mkdir -p "$HOME" "$EAGLE_MEM_DIR"
+
+. "$ROOT_DIR/lib/common.sh"
+"$ROOT_DIR/db/migrate.sh" >/dev/null
+. "$ROOT_DIR/lib/db.sh"
+. "$ROOT_DIR/lib/provider.sh"
+
+# Fake secrets that must never survive redaction.
+FAKE_ANT="sk-ant-FAKEabcdefghijklmnop1234567890"
+FAKE_AWS="AKIAFAKE0000000000AB"
+FAKE_BEARER="Bearer FAKEtokenshouldnotleak123"
+FAKE_OPENAI="sk-FAKE0123456789abcdef0123456789abcdef"
+
+fail() { echo "FAIL: $1" >&2; exit 1; }
+
+assert_no_secret() {
+    local label="$1" haystack="$2"
+    case "$haystack" in
+        *"$FAKE_ANT"*)    fail "$label leaked Anthropic key" ;;
+        *"$FAKE_AWS"*)    fail "$label leaked AWS key" ;;
+        *"FAKEtoken"*)    fail "$label leaked Bearer token" ;;
+        *"$FAKE_OPENAI"*) fail "$label leaked OpenAI key" ;;
+    esac
+}
+
+# ── eagle_redact built-ins ───────────────────────────────────────────────
+redacted=$(printf 'k=%s a=%s h=%s o=%s\n' "$FAKE_ANT" "$FAKE_AWS" "$FAKE_BEARER" "$FAKE_OPENAI" | eagle_redact)
+assert_no_secret "eagle_redact built-ins" "$redacted"
+case "$redacted" in *"[REDACTED]"*) ;; *) fail "eagle_redact produced no [REDACTED] marker" ;; esac
+
+# ── Finding 4: configured extra_patterns are honored ─────────────────────
+cat > "$EAGLE_CONFIG_FILE" <<'TOML'
+[redaction]
+extra_patterns = ["CORPSECRET_[A-Z0-9]+", "INTERNAL-[0-9]+"]
+TOML
+extra_redacted=$(printf 'token CORPSECRET_AB12 and ticket INTERNAL-9988 here\n' | eagle_redact)
+case "$extra_redacted" in
+    *CORPSECRET_AB12*) fail "extra_patterns[0] not applied (CORPSECRET leaked)" ;;
+    *INTERNAL-9988*)   fail "extra_patterns[1] not applied (INTERNAL leaked)" ;;
+esac
+
+# Commented-out default must NOT redact (proves we parse real config, not the doc line).
+cat > "$EAGLE_CONFIG_FILE" <<'TOML'
+[redaction]
+# extra_patterns = ["MY_CUSTOM_SECRET_.*"]
+TOML
+commented=$(printf 'MY_CUSTOM_SECRET_xyz stays visible\n' | eagle_redact)
+case "$commented" in
+    *MY_CUSTOM_SECRET_xyz*) ;;
+    *) fail "commented extra_patterns default was wrongly applied" ;;
+esac
+rm -f "$EAGLE_CONFIG_FILE"
+
+# ── Finding 2: recall_events.prompt_snippet is redacted before insert ────
+project="redaction-project"
+repo="$tmp_dir/repo"; mkdir -p "$repo"
+eagle_upsert_session "redact-session" "$project" "$repo" "test-model" "test" "codex" >/dev/null
+eagle_insert_recall_event "redact-session" "$project" "$repo" "codex" \
+    "please use my key $FAKE_ANT and aws $FAKE_AWS to deploy" \
+    "deploy" 0 0 0 0 "ok" "" >/dev/null
+snippet=$(eagle_db "SELECT prompt_snippet FROM recall_events WHERE session_id='redact-session' LIMIT 1;")
+assert_no_secret "recall_events.prompt_snippet" "$snippet"
+case "$snippet" in *"[REDACTED]"*) ;; *) fail "recall_events.prompt_snippet not redacted" ;; esac
+
+# ── Finding 1: enrich job file written by Stop is redacted ───────────────
+# Drive the Stop hook with a transcript that contains a secret and assert the
+# background enrich job file (and what the enricher would read) is clean.
+transcript="$tmp_dir/transcript.jsonl"
+cat > "$transcript" <<EOF
+{"type":"user","message":{"role":"user","content":"set up deploy"}}
+{"type":"assistant","message":{"role":"assistant","content":[{"type":"text","text":"Using API key $FAKE_ANT and aws $FAKE_AWS for the deploy. Here is what I did."}]}}
+EOF
+mkdir -p "$EAGLE_MEM_DIR/tmp"
+stop_input=$(jq -nc \
+    --arg sid "stop-redact-session" \
+    --arg tp "$transcript" \
+    --arg cwd "$repo" \
+    '{session_id:$sid, transcript_path:$tp, cwd:$cwd}')
+# A provider must be configured so Stop queues a background enrich job. We
+# DISABLE the background enricher itself (EAGLE_MEM_DISABLE_BACKGROUND_ENRICH=1)
+# so the queued job file is left on disk for inspection, and force the defer
+# path with EAGLE_MEM_STOP_ENRICH=0. EAGLE_MEM_PROJECT pins project resolution
+# so the hook does not early-exit in this synthetic environment.
+cat > "$EAGLE_CONFIG_FILE" <<'TOML'
+[provider]
+type = "anthropic"
+TOML
+printf '%s' "$stop_input" | \
+    EAGLE_MEM_PROJECT="$project" \
+    EAGLE_MEM_STOP_ENRICH=0 \
+    EAGLE_MEM_DISABLE_BACKGROUND_ENRICH=1 \
+    EAGLE_AGENT_SOURCE=codex \
+    bash "$ROOT_DIR/hooks/stop.sh" >/dev/null 2>&1 || true
+# The background enricher is disabled from running, so the job file remains for inspection.
+saw_job=0
+for job in "$EAGLE_MEM_DIR"/tmp/summary-enrich.*.json; do
+    [ -f "$job" ] || continue
+    saw_job=1
+    body=$(cat "$job")
+    assert_no_secret "enrich job file" "$body"
+    case "$body" in *"[REDACTED]"*) ;; *) fail "enrich job file was not redacted" ;; esac
+done
+[ "$saw_job" = 1 ] || fail "Stop did not queue a background enrich job file to verify (finding 1)"
+rm -f "$EAGLE_MEM_DIR"/tmp/summary-enrich.*.json 2>/dev/null || true
+rm -f "$EAGLE_CONFIG_FILE"
+
+# Even if no job file was produced in this environment, the redaction path is
+# also unit-tested directly: the exact transformation Stop applies.
+text_with_secret="prefix $FAKE_ANT mid $FAKE_AWS suffix"
+enrich_text=$(printf '%s' "$text_with_secret" | eagle_redact)
+assert_no_secret "Stop enrich_text transform" "$enrich_text"
+
+# ── Finding 3: redact-before-truncate (boundary secret defeats prefix) ───
+# A secret split across the 200-char truncation boundary must still be redacted.
+pad=$(printf 'a%.0s' $(seq 1 190))
+boundary_cmd="curl -H \"Authorization: Bearer ${pad}${FAKE_OPENAI}\""
+# Old order (truncate THEN redact) would cut the token mid-stream; the new order
+# redacts first. Emulate the new order exactly as post-tool-use.sh does.
+new_order=$(printf '%s' "$boundary_cmd" | eagle_redact | cut -c1-200)
+assert_no_secret "redact-before-truncate" "$new_order"
+
+# ── Finding 9: orchestration workers default to safe autonomy ────────────
+eval "$(sed -n '/^orchestrate_worker_autonomy()/,/^}/p' "$ROOT_DIR/scripts/orchestrate.sh")"
+[ -f "$EAGLE_CONFIG_FILE" ] && rm -f "$EAGLE_CONFIG_FILE"
+default_autonomy=$(orchestrate_worker_autonomy)
+[ "$default_autonomy" = "safe" ] || fail "orchestration worker autonomy should default to 'safe', got '$default_autonomy'"
+cat > "$EAGLE_CONFIG_FILE" <<'TOML'
+[orchestration]
+worker_autonomy = "danger"
+TOML
+opt_in_autonomy=$(orchestrate_worker_autonomy)
+[ "$opt_in_autonomy" = "danger" ] || fail "worker_autonomy='danger' should opt into 'danger', got '$opt_in_autonomy'"
+rm -f "$EAGLE_CONFIG_FILE"
+
+# The generated safe run-script must not contain danger-full-access / never / dontAsk.
+project="orch-proj"; name="orch-name"
+eval "$(sed -n '/^orchestrate_worker_run_script()/,/^}/p' "$ROOT_DIR/scripts/orchestrate.sh")"
+safe_script="$tmp_dir/safe-run.sh"
+orchestrate_worker_run_script "$safe_script" "codex" "m" "xhigh" "/wt" "/p.md" "/exit" "/last" "/bin" "lane1" "/log"
+if grep -qE 'danger-full-access|approval_policy="never"' "$safe_script"; then
+    fail "safe-mode codex worker still uses full-access flags"
+fi
+safe_claude="$tmp_dir/safe-claude.sh"
+orchestrate_worker_run_script "$safe_claude" "claude-code" "m" "xhigh" "/wt" "/p.md" "/exit" "/last" "/bin" "lane1" "/log"
+if grep -q 'permission-mode dontAsk' "$safe_claude"; then
+    fail "safe-mode claude worker still uses --permission-mode dontAsk"
+fi
+
+# ── Finding 7: logs path resolver containment ────────────────────────────
+runs_root="$tmp_dir/runs"; mkdir -p "$runs_root"
+echo "log line" > "$runs_root/run1.log"
+secret_dir="$tmp_dir/secret"; mkdir -p "$secret_dir"
+echo "TOPSECRET" > "$secret_dir/secret.log"
+ln -s "$secret_dir/secret.log" "$runs_root/evil.log"
+eval "$(sed -n '/^canonicalize_path()/,/^}/p;/^path_within()/,/^}/p;/^resolve_log_path()/,/^}/p' "$ROOT_DIR/scripts/logs.sh")"
+EAGLE_RUNS_DIR="$runs_root"
+
+valid=$(resolve_log_path "run1" || true)
+[ -n "$valid" ] || fail "logs resolver rejected a valid in-root log"
+
+if resolve_log_path "evil.log" >/dev/null 2>&1; then fail "logs resolver followed a symlink out of root"; fi
+if resolve_log_path "../../etc/passwd" >/dev/null 2>&1; then fail "logs resolver allowed traversal"; fi
+if resolve_log_path "$secret_dir/secret.log" >/dev/null 2>&1; then fail "logs resolver allowed an out-of-root absolute path"; fi
+if resolve_log_path "$runs_root/../secret/secret.log" >/dev/null 2>&1; then fail "logs resolver allowed prefixed traversal"; fi
+
+echo "PASS: redaction + autonomy + log-path containment regression coverage"

package/tests/test_reliability_retention.sh

@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+# Phase 3 reliability hardening regressions:
+#  A. Auto-scan/index in-flight vs freshness marker separation — a crashed or
+#     output-less job must NOT block retry for a day (only a genuine success
+#     sets the freshness marker; the foreground touch is a short-lived debounce).
+#  B. eagle_events retention — the hook-observability table is pruned by age.
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+tmp_dir=$(mktemp -d "$ROOT_DIR/.tmp-reliability.XXXXXX")
+trap 'rm -rf "$tmp_dir"' EXIT
+
+export HOME="$tmp_dir/home"
+export EAGLE_MEM_DIR="$tmp_dir/eagle-mem"
+mkdir -p "$HOME" "$EAGLE_MEM_DIR"
+
+. "$ROOT_DIR/lib/common.sh"
+"$ROOT_DIR/db/migrate.sh" >/dev/null
+. "$ROOT_DIR/lib/db.sh"
+. "$ROOT_DIR/lib/hooks-sessionstart.sh"
+
+pass=0; fail=0
+ok()  { echo "  ok: $1"; pass=$((pass+1)); }
+bad() { echo "  FAIL: $1"; fail=$((fail+1)); }
+assert()     { if eval "$1"; then ok "$2"; else bad "$2"; fi; }
+assert_not() { if eval "$1"; then bad "$2"; else ok "$2"; fi; }
+
+project="test/reliability"
+
+# ── A. In-flight vs freshness ───────────────────────────────────────────────
+# Crashed/output-less job: only the in-flight marker exists, never the freshness one.
+_eagle_state_touch "scan-inflight" "$project"
+assert_not '_eagle_state_fresh "scan" "$project" 1' \
+    "A1: in-flight-only does NOT satisfy the 1-day freshness gate (retry not blocked for a day)"
+assert '_eagle_state_inflight_fresh "scan" "$project" 15' \
+    "A2: a recent in-flight marker debounces concurrent spawns"
+
+# Genuine success sets the freshness marker.
+_eagle_state_touch "scan" "$project"
+assert '_eagle_state_fresh "scan" "$project" 1' \
+    "A3: a success-set freshness marker satisfies the freshness gate"
+
+# A stale in-flight marker (job died long ago) must age out so retry reopens.
+stale_inflight=$(_eagle_state_file "index-inflight" "$project")
+mkdir -p "$(dirname "$stale_inflight")"
+: > "$stale_inflight"
+touch -t 202001010000 "$stale_inflight"
+assert_not '_eagle_state_inflight_fresh "index" "$project" 15' \
+    "A4: a stale in-flight marker is not 'fresh' — retry is allowed after the debounce window"
+
+# ── B. eagle_events retention ───────────────────────────────────────────────
+p1=$(eagle_sql_escape "$project")
+p2=$(eagle_sql_escape "other/project")
+eagle_db "INSERT INTO eagle_events (project, session_id, agent, event_type, status, created_at)
+          VALUES ('$p1','s-old','codex','hook_started','ok', strftime('%Y-%m-%dT%H:%M:%fZ','now','-60 days'));" >/dev/null
+eagle_db "INSERT INTO eagle_events (project, session_id, agent, event_type, status, created_at)
+          VALUES ('$p1','s-new','codex','hook_started','ok', strftime('%Y-%m-%dT%H:%M:%fZ','now'));" >/dev/null
+eagle_db "INSERT INTO eagle_events (project, session_id, agent, event_type, status, created_at)
+          VALUES ('$p2','s-old2','codex','hook_started','ok', strftime('%Y-%m-%dT%H:%M:%fZ','now','-60 days'));" >/dev/null
+
+eagle_prune_events 30 "$project"
+old_p1=$(eagle_db "SELECT COUNT(*) FROM eagle_events WHERE project='$p1' AND session_id='s-old';")
+new_p1=$(eagle_db "SELECT COUNT(*) FROM eagle_events WHERE project='$p1' AND session_id='s-new';")
+old_p2=$(eagle_db "SELECT COUNT(*) FROM eagle_events WHERE project='$p2' AND session_id='s-old2';")
+[ "$old_p1" = "0" ] && ok "B1: old event (60d) pruned for the target project" || bad "B1: old event not pruned (got $old_p1)"
+[ "$new_p1" = "1" ] && ok "B2: recent event retained" || bad "B2: recent event lost (got $new_p1)"
+[ "$old_p2" = "1" ] && ok "B3: project filter — other project's old event untouched" || bad "B3: project filter leaked (got $old_p2)"
+
+eagle_prune_events 30
+old_p2b=$(eagle_db "SELECT COUNT(*) FROM eagle_events WHERE project='$p2' AND session_id='s-old2';")
+[ "$old_p2b" = "0" ] && ok "B4: unscoped prune removes other project's old event" || bad "B4: unscoped prune missed it (got $old_p2b)"
+
+echo ""
+echo "test_reliability_retention: $pass passed, $fail failed"
+[ "$fail" -eq 0 ] || exit 1

package/tests/test_rust_migration_plan.sh

@@ -18,7 +18,14 @@ require_contains() {
     fi
 }
 
-[ -f "$PLAN" ] || fail "missing MIGRATION.md"
+# MIGRATION.md is a maintainer-only roadmap and is intentionally NOT shipped in
+# the npm package (`files` allowlist), so this contract test has nothing to
+# guard when the suite runs from a published install via `eagle-mem test`.
+# Skip cleanly (exit 2) in that case; run strictly from a source checkout.
+if [ ! -f "$PLAN" ]; then
+    echo "skip: MIGRATION.md not present (dev-only contract test)" >&2
+    exit 2
+fi
 
 require_contains "~/.eagle-mem/memory\\.db" "the existing user database path"
 require_contains "compatibility wrapper" "the Bash compatibility wrapper"

package/tests/test_test_runner_no_abort.sh

@@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+# ═══════════════════════════════════════════════════════════
+# Regression: scripts/test.sh must NOT abort mid-run when a
+# single check fails.
+#
+# Guards against the `set -e` masking bug where the failure
+# accumulator used `((errors++))`. Under `set -euo pipefail`,
+# `((errors++))` returns exit status 1 when the pre-increment
+# value is 0 (post-increment evaluates the old, falsy value),
+# so the FIRST failing check aborted the entire runner —
+# skipping every later check and the failure-count summary.
+# The fix uses the assignment form `errors=$((errors + 1))`,
+# which always returns 0.
+# ═══════════════════════════════════════════════════════════
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+REPO_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
+TEST_SH="$REPO_DIR/scripts/test.sh"
+
+pass=0
+fail=0
+ok()  { echo "  ok: $1"; pass=$((pass+1)); }
+bad() { echo "  FAIL: $1"; fail=$((fail+1)); }
+
+# 1. The buggy idiom must be gone from the runner's executable code.
+#    Match only non-comment lines so the explanatory comment that names
+#    the old idiom does not trip the check.
+if grep -vE '^\s*#' "$TEST_SH" | grep -qE '\(\(errors\+\+\)\)'; then
+    bad "scripts/test.sh still uses ((errors++)) in code (aborts under set -e)"
+else
+    ok "scripts/test.sh no longer uses ((errors++)) in code"
+fi
+if grep -qF 'errors=$((errors + 1))' "$TEST_SH"; then
+    ok "scripts/test.sh uses the safe assignment form"
+else
+    bad "scripts/test.sh missing safe assignment accumulator"
+fi
+
+# 2. Behavioral proof: replicate the runner's exact accumulation loop
+#    under `set -euo pipefail`, force the FIRST check to fail, and
+#    confirm execution reaches the end with a correct count.
+result=$(
+    set -euo pipefail
+    errors=0
+    run_check() {
+        if eval "$2" >/dev/null 2>&1; then
+            :
+        else
+            errors=$((errors + 1))
+        fi
+    }
+    run_check "first-fails" "false"   # errors goes 0 -> 1
+    run_check "second-ok"   "true"
+    run_check "third-fails"  "false"  # errors goes 1 -> 2
+    echo "REACHED_END errors=$errors"
+)
+status=$?
+
+if [ "$status" -eq 0 ] && printf '%s' "$result" | grep -qF 'REACHED_END errors=2'; then
+    ok "runner reaches summary after failures with correct count (errors=2)"
+else
+    bad "runner aborted early or miscounted (status=$status, out='$result')"
+fi
+
+# 3. Sanity: the old idiom genuinely aborts (proves the test is meaningful).
+#    Run as a separate `bash` process so `set -e` is fully active (a `|| ...`
+#    on a subshell would disable `set -e` inside it and hide the abort).
+control_tmp=$(mktemp)
+cat > "$control_tmp" <<'CTRL'
+set -euo pipefail
+errors=0
+((errors++))          # pre-value 0 -> command returns 1 -> set -e aborts here
+echo "SHOULD_NOT_PRINT"
+CTRL
+control_out=$(bash "$control_tmp" 2>/dev/null); control_status=$?
+rm -f "$control_tmp"
+if [ "$control_status" -ne 0 ] && ! printf '%s' "$control_out" | grep -qF 'SHOULD_NOT_PRINT'; then
+    ok "control: ((errors++)) from 0 aborts under set -e (bug is real)"
+else
+    bad "control: ((errors++)) did not abort (status=$control_status) — test premise invalid"
+fi
+
+echo ""
+echo "test_test_runner_no_abort: $pass passed, $fail failed"
+[ "$fail" -eq 0 ] || exit 1