metame-cli 1.4.34 → 1.5.1

package/scripts/daemon-ops-commands.js

@@ -61,7 +61,7 @@ function createOpsCommandHandler(deps) {
           return true;
         }
         let isGitRepo = false;
-        try { execSync('git rev-parse --is-inside-work-tree', { cwd, stdio: 'ignore', timeout: 3000 }); isGitRepo = true; } catch { }
+        try { execSync('git rev-parse --is-inside-work-tree', { cwd, stdio: 'ignore', timeout: 3000, ...(process.platform === 'win32' ? { windowsHide: true } : {}) }); isGitRepo = true; } catch { }
         const checkpoints = isGitRepo ? listCheckpoints(cwd) : [];
         const match = checkpoints.find(cp => cp.hash.startsWith(arg));
         if (!match) {
@@ -70,8 +70,9 @@ function createOpsCommandHandler(deps) {
         }
         try {
           let diffFiles = '';
-          try { diffFiles = execSync(`git diff --name-only HEAD ${match.hash}`, { cwd, encoding: 'utf8', timeout: 5000 }).trim(); } catch { }
-          execSync(`git reset --hard ${match.hash}`, { cwd, stdio: 'ignore', timeout: 10000 });
+          const _wh = process.platform === 'win32' ? { windowsHide: true } : {};
+          try { diffFiles = execSync(`git diff --name-only HEAD ${match.hash}`, { cwd, encoding: 'utf8', timeout: 5000, ..._wh }).trim(); } catch { }
+          execSync(`git reset --hard ${match.hash}`, { cwd, stdio: 'ignore', timeout: 10000, ..._wh });
           // Truncate context to checkpoint time (covers multi-turn rollback)
           truncateSessionToCheckpoint(session.id, match.message);
           const fileList = diffFiles ? diffFiles.split('\n').map(f => path.basename(f)).join(', ') : '';
@@ -199,7 +200,7 @@ function createOpsCommandHandler(deps) {
         const cwd2 = session2.cwd;
         if (cwd2) {
           let isGitRepo2 = false;
-          try { execSync('git rev-parse --is-inside-work-tree', { cwd: cwd2, stdio: 'ignore', timeout: 3000 }); isGitRepo2 = true; } catch { }
+          try { execSync('git rev-parse --is-inside-work-tree', { cwd: cwd2, stdio: 'ignore', timeout: 3000, ...(process.platform === 'win32' ? { windowsHide: true } : {}) }); isGitRepo2 = true; } catch { }
           if (isGitRepo2) {
             // Exclude safety checkpoints from matching to avoid confusion
             const checkpoints2 = listCheckpoints(cwd2).filter(cp => !cp.message.includes('[metame-safety]'));
@@ -208,11 +209,12 @@ function createOpsCommandHandler(deps) {
               : checkpoints2[0];
             if (cpMatch) {
               let diffFiles2 = '';
-              try { diffFiles2 = execSync(`git diff --name-only HEAD ${cpMatch.hash}`, { cwd: cwd2, encoding: 'utf8', timeout: 5000 }).trim(); } catch { }
+              const _wh2 = process.platform === 'win32' ? { windowsHide: true } : {};
+              try { diffFiles2 = execSync(`git diff --name-only HEAD ${cpMatch.hash}`, { cwd: cwd2, encoding: 'utf8', timeout: 5000, ..._wh2 }).trim(); } catch { }
               if (diffFiles2) {
                 // Save current state with distinct prefix (excluded from normal /undo list)
                 gitCheckpoint(cwd2, `[metame-safety] before rollback to: ${targetMsg.slice(0, 40)}`);
-                execSync(`git reset --hard ${cpMatch.hash}`, { cwd: cwd2, stdio: 'ignore', timeout: 10000 });
+                execSync(`git reset --hard ${cpMatch.hash}`, { cwd: cwd2, stdio: 'ignore', timeout: 10000, ..._wh2 });
                 gitMsg2 = `\n📁 ${diffFiles2.split('\n').length} 个文件已恢复`;
                 cleanupCheckpoints(cwd2);
               }

package/scripts/daemon-runtime-lifecycle.js

@@ -1,5 +1,6 @@
 'use strict';
 
+const { execSync } = require('child_process');
 const { sleepSync } = require('./platform');
 
 function createPidManager(deps) {
@@ -50,6 +51,7 @@ function setupRuntimeWatchers(deps) {
     log,
     notifyFn,
     adminNotifyFn,
+    notifyPersonalFn,
     activeProcesses,
     getConfig,
     setConfig,
@@ -68,7 +70,7 @@ function setupRuntimeWatchers(deps) {
     refreshLogMaxSize(newConfig);
     const timer = getHeartbeatTimer();
     if (timer) clearInterval(timer);
-    setHeartbeatTimer(startHeartbeat(newConfig, notifyFn));
+    setHeartbeatTimer(startHeartbeat(newConfig, notifyFn, notifyPersonalFn));
     const { general, project } = getAllTasks(newConfig);
     const totalCount = general.length + project.length;
     log('INFO', `Config reloaded: ${totalCount} tasks (${project.length} in projects)`);
@@ -91,6 +93,127 @@ function setupRuntimeWatchers(deps) {
     }, 1000);
   });
 
+  // ── Pre-restart syntax validation ──────────────────────────────────────────
+  // Catches the most common class of hot-reload failures: syntax errors from
+  // bad merges or careless agent edits. Runs `node -c` on all .js files in
+  // METAME_DIR before allowing the daemon to exit for restart.
+  function validateScriptsSyntax() {
+    try {
+      const jsFiles = fs.readdirSync(METAME_DIR).filter(f => f.endsWith('.js'));
+      const errors = [];
+      for (const f of jsFiles) {
+        const fp = path.join(METAME_DIR, f);
+        try {
+          execSync(`"${process.execPath}" -c "${fp}"`, {
+            timeout: 5000,
+            stdio: 'pipe',
+            windowsHide: true,
+          });
+        } catch (e) {
+          const msg = (e.stderr ? e.stderr.toString().trim() : e.message).split('\n')[0];
+          errors.push(`${f}: ${msg}`);
+        }
+      }
+      if (errors.length > 0) {
+        return { ok: false, errors };
+      }
+      return { ok: true };
+    } catch (e) {
+      // If validation itself fails (e.g. can't read dir), allow restart
+      log('WARN', `Syntax validation skipped: ${e.message}`);
+      return { ok: true };
+    }
+  }
+
+  // ── Last-good backup ─────────────────────────────────────────────────────
+  const LAST_GOOD_DIR = path.join(METAME_DIR, '.last-good');
+
+  function backupLastGood() {
+    try {
+      if (!fs.existsSync(LAST_GOOD_DIR)) fs.mkdirSync(LAST_GOOD_DIR, { recursive: true });
+      const jsFiles = fs.readdirSync(METAME_DIR).filter(f => f.endsWith('.js'));
+      for (const f of jsFiles) {
+        fs.copyFileSync(path.join(METAME_DIR, f), path.join(LAST_GOOD_DIR, f));
+      }
+      log('INFO', `[BACKUP] Saved ${jsFiles.length} scripts to .last-good/`);
+    } catch (e) {
+      log('WARN', `[BACKUP] Failed: ${e.message}`);
+    }
+  }
+
+  function restoreFromLastGood() {
+    try {
+      if (!fs.existsSync(LAST_GOOD_DIR)) return false;
+      const files = fs.readdirSync(LAST_GOOD_DIR).filter(f => f.endsWith('.js'));
+      if (files.length === 0) return false;
+      for (const f of files) {
+        fs.copyFileSync(path.join(LAST_GOOD_DIR, f), path.join(METAME_DIR, f));
+      }
+      log('INFO', `[RESTORE] Restored ${files.length} scripts from .last-good/`);
+      return true;
+    } catch (e) {
+      log('ERROR', `[RESTORE] Failed: ${e.message}`);
+      return false;
+    }
+  }
+
+  // Delay initial backup: only backup after daemon has been running stably for 60s.
+  // This prevents backing up broken code that passed syntax check but fails at runtime.
+  const STABLE_BACKUP_DELAY_MS = 60 * 1000;
+  const stableBackupTimer = setTimeout(() => {
+    backupLastGood();
+  }, STABLE_BACKUP_DELAY_MS);
+
+  // ── Crash-loop detection ─────────────────────────────────────────────────
+  // Uses a consecutive crash counter (not just single boot timestamp) to avoid
+  // false positives from one-off crashes caused by user input rather than bad code.
+  const restartFromPid = process.env.METAME_RESTART_FROM_PID;
+  const bootFile = path.join(METAME_DIR, '.last-boot-ts');
+  const crashCountFile = path.join(METAME_DIR, '.crash-count');
+  if (restartFromPid) {
+    try {
+      if (fs.existsSync(bootFile)) {
+        const lastBoot = Number(fs.readFileSync(bootFile, 'utf8').trim());
+        const elapsed = Date.now() - lastBoot;
+        if (elapsed > 0 && elapsed < 30000) {
+          // Increment crash counter
+          let crashCount = 1;
+          try { crashCount = Number(fs.readFileSync(crashCountFile, 'utf8').trim()) + 1; } catch { /* first crash */ }
+          fs.writeFileSync(crashCountFile, String(crashCount), 'utf8');
+          log('FATAL', `[CRASH-LOOP] Previous daemon lived only ${Math.round(elapsed / 1000)}s (consecutive: ${crashCount})`);
+          if (crashCount >= 2) {
+            log('FATAL', `[CRASH-LOOP] ${crashCount} consecutive fast crashes — restoring from .last-good`);
+            const restored = restoreFromLastGood();
+            if (restored) {
+              adminNotifyFn('⚠️ 检测到 daemon 连续崩溃，已从上一个正常版本恢复。请检查最近的代码改动。').catch(() => {});
+              try { fs.writeFileSync(crashCountFile, '0', 'utf8'); } catch { /* non-fatal */ }
+            }
+          }
+        } else {
+          // Previous daemon ran long enough — reset crash counter
+          try { fs.writeFileSync(crashCountFile, '0', 'utf8'); } catch { /* non-fatal */ }
+        }
+      }
+    } catch { /* non-fatal */ }
+  }
+  // Record boot timestamp for next crash-loop check
+  try { fs.writeFileSync(bootFile, String(Date.now()), 'utf8'); } catch { /* non-fatal */ }
+
+  // ── Safe restart: validate then proceed ──────────────────────────────────
+  function safeRestart() {
+    const validation = validateScriptsSyntax();
+    if (!validation.ok) {
+      const errSummary = validation.errors.slice(0, 3).join('\n');
+      log('ERROR', `[RESTART BLOCKED] Syntax errors detected:\n${errSummary}`);
+      adminNotifyFn(`🚫 Daemon 热重载已阻止 — 新代码有语法错误:\n${errSummary}\n\n当前 daemon 继续运行。`).catch(() => {});
+      pendingRestart = false;
+      return;
+    }
+    // Backup current known-good set before restarting with new code
+    backupLastGood();
+    onRestartRequested();
+  }
+
   const daemonScript = path.join(METAME_DIR, 'daemon.js');
   const startTime = Date.now();
   let restartDebounce = null;
@@ -117,8 +240,8 @@ function setupRuntimeWatchers(deps) {
             pendingRestart = true;
             return;
           }
-          log('INFO', 'daemon.js changed on disk — exiting for restart...');
-          onRestartRequested();
+          log('INFO', 'daemon.js changed on disk — validating before restart...');
+          safeRestart();
         }, 5000);
       }
     }, 2000);
@@ -128,8 +251,8 @@ function setupRuntimeWatchers(deps) {
   activeProcesses.delete = function (key) {
     const result = origDelete(key);
     if (pendingRestart && activeProcesses.size === 0 && !deferredRestartTimer) {
-      log('INFO', 'All tasks completed — executing deferred restart in 8s...');
-      deferredRestartTimer = setTimeout(onRestartRequested, 8000); // 给 sendMessage/deleteMessage 等 cleanup 留出足够时间
+      log('INFO', 'All tasks completed — validating deferred restart in 8s...');
+      deferredRestartTimer = setTimeout(safeRestart, 8000); // 给 sendMessage/deleteMessage 等 cleanup 留出足够时间
     }
     return result;
   };
@@ -140,6 +263,7 @@ function setupRuntimeWatchers(deps) {
     if (reloadDebounce) clearTimeout(reloadDebounce);
     if (restartDebounce) clearTimeout(restartDebounce);
     if (deferredRestartTimer) clearTimeout(deferredRestartTimer);
+    if (stableBackupTimer) clearTimeout(stableBackupTimer);
     activeProcesses.delete = origDelete;
   }
 

package/scripts/daemon-session-commands.js

@@ -14,6 +14,7 @@ function createSessionCommandHandler(deps) {
     sendBrowse,
     sendDirPicker,
     createSession,
+    getSessionForEngine,
     getCachedFile,
     getSession,
     listRecentSessions,
@@ -26,8 +27,35 @@ function createSessionCommandHandler(deps) {
     sessionRichLabel,
     buildSessionCardElements,
     sessionLabel,
+    getDefaultEngine = () => 'claude',
   } = deps;
 
+  function normalizeEngineName(name) {
+    const n = String(name || '').trim().toLowerCase();
+    return n === 'codex' ? 'codex' : getDefaultEngine();
+  }
+
+  // Write per-engine session slot, preserving cwd and other engine slots.
+  function attachEngineSession(state, chatId, engine, sessionId, cwd) {
+    const existing = state.sessions[chatId] || {};
+    const existingEngines = existing.engines || {};
+    state.sessions[chatId] = {
+      ...existing,
+      cwd: cwd || existing.cwd || HOME,
+      engines: { ...existingEngines, [engine]: { id: sessionId, started: true } },
+    };
+  }
+
+  function inferEngineByCwd(cfg, cwd) {
+    if (!cfg || !cfg.projects || !cwd) return null;
+    const target = normalizeCwd(cwd);
+    for (const proj of Object.values(cfg.projects || {})) {
+      if (!proj || !proj.cwd) continue;
+      if (normalizeCwd(proj.cwd) === target) return normalizeEngineName(proj.engine);
+    }
+    return null;
+  }
+
   async function handleSessionCommand(ctx) {
     const { bot, chatId, text } = ctx;
 
@@ -61,7 +89,7 @@ function createSessionCommandHandler(deps) {
         const boundProj = boundKey && newCfg.projects && newCfg.projects[boundKey];
         if (boundProj && boundProj.cwd) {
           const boundCwd = normalizeCwd(boundProj.cwd);
-          const session = createSession(chatId, boundCwd, '');
+          const session = createSession(chatId, boundCwd, '', normalizeEngineName(boundProj.engine));
           await bot.sendMessage(chatId, `✅ 新会话已创建\nWorkdir: ${session.cwd}`);
           return true;
         }
@@ -87,7 +115,13 @@ function createSessionCommandHandler(deps) {
           return true;
         }
       }
-      const session = createSession(chatId, dirPath, sessionName || '');
+      const cfgForEngine = loadConfig();
+      const mapForEngine = { ...(cfgForEngine.telegram ? cfgForEngine.telegram.chat_agent_map : {}), ...(cfgForEngine.feishu ? cfgForEngine.feishu.chat_agent_map : {}) };
+      const mappedKeyForEngine = mapForEngine[String(chatId)];
+      const mappedProjForEngine = mappedKeyForEngine && cfgForEngine.projects ? cfgForEngine.projects[mappedKeyForEngine] : null;
+      const currentEngine = getDefaultEngine();
+      const sessionEngine = normalizeEngineName((mappedProjForEngine && mappedProjForEngine.engine) || currentEngine);
+      const session = createSession(chatId, dirPath, sessionName || '', sessionEngine);
       const label = sessionName ? `[${sessionName}]` : '';
       await bot.sendMessage(chatId, `New session ${label}\nWorkdir: ${session.cwd}`);
       return true;
@@ -142,23 +176,18 @@ function createSessionCommandHandler(deps) {
       if (!s) {
         // Last resort: use __continue__ to resume whatever Claude thinks is last
         const state2 = loadState();
-        state2.sessions[chatId] = {
-          id: '__continue__',
-          cwd: curCwd || HOME,
-          created: new Date().toISOString(),
-          started: true,
-        };
+        const cfgForEngine = loadConfig();
+        const engineByCwd = inferEngineByCwd(cfgForEngine, curCwd || HOME) || getDefaultEngine();
+        attachEngineSession(state2, chatId, engineByCwd, '__continue__', curCwd || HOME);
         saveState(state2);
         await bot.sendMessage(chatId, `⚡ Resuming last session in ${path.basename(curCwd || HOME)}`);
         return true;
       }
 
       const state2 = loadState();
-      state2.sessions[chatId] = {
-        id: s.sessionId,
-        cwd: s.projectPath || HOME,
-        started: true,
-      };
+      const cfgForEngine = loadConfig();
+      const engineByCwd = inferEngineByCwd(cfgForEngine, s.projectPath || HOME) || getDefaultEngine();
+      attachEngineSession(state2, chatId, engineByCwd, s.sessionId, s.projectPath || HOME);
       saveState(state2);
       // Display: name/summary + id on separate lines
       const name = s.customTitle;
@@ -223,9 +252,12 @@ function createSessionCommandHandler(deps) {
 
     // /sessions — compact list, tap to see details, then tap to switch
     if (text === '/sessions') {
+      const currentEngine = getDefaultEngine();
+      const codexLimitTip = '⚠️ 当前为 Codex 会话：`/sessions` 列表暂仅展示 Claude 本地会话，Codex 会话暂不可见。';
       const allSessions = listRecentSessions(15);
       if (allSessions.length === 0) {
-        await bot.sendMessage(chatId, 'No sessions found. Try /new first.');
+        const base = 'No sessions found. Try /new first.';
+        await bot.sendMessage(chatId, currentEngine === 'codex' ? `${base}\n\n${codexLimitTip}` : base);
         return true;
       }
       if (bot.sendButtons) {
@@ -236,8 +268,12 @@ function createSessionCommandHandler(deps) {
         allSessions.forEach((s, i) => {
           msg += sessionRichLabel(s, i + 1, _tags1) + '\n';
         });
+        if (currentEngine === 'codex') msg += `\n${codexLimitTip}\n`;
         await bot.sendMessage(chatId, msg);
       }
+      if (bot.sendButtons && currentEngine === 'codex') {
+        await bot.sendMessage(chatId, codexLimitTip);
+      }
       return true;
     }
 
@@ -348,11 +384,9 @@ function createSessionCommandHandler(deps) {
           const target = candidates[0];
           // Switch to that session (like /resume) AND its directory
           const state2 = loadState();
-          state2.sessions[chatId] = {
-            id: target.sessionId,
-            cwd: target.projectPath,
-            started: true,
-          };
+          const cfgForEngine = loadConfig();
+          const engineByCwd = inferEngineByCwd(cfgForEngine, target.projectPath) || getDefaultEngine();
+          attachEngineSession(state2, chatId, engineByCwd, target.sessionId, target.projectPath);
           saveState(state2);
           const name = target.customTitle || target.summary || '';
           const label = name ? name.slice(0, 40) : target.sessionId.slice(0, 8);
@@ -378,16 +412,17 @@ function createSessionCommandHandler(deps) {
       if (recentInDir.length > 0 && recentInDir[0].sessionId) {
         // Attach to existing session in this directory
         const target = recentInDir[0];
-        state2.sessions[chatId] = {
-          id: target.sessionId,
-          cwd: newCwd,
-          started: true,
-        };
+        const cfgForEngine = loadConfig();
+        const engineByCwd = inferEngineByCwd(cfgForEngine, newCwd) || getDefaultEngine();
+        attachEngineSession(state2, chatId, engineByCwd, target.sessionId, newCwd);
         saveState(state2);
         const label = target.customTitle || target.summary?.slice(0, 30) || target.sessionId.slice(0, 8);
         await bot.sendMessage(chatId, `📁 ${path.basename(newCwd)}\n🔄 Attached: ${label}`);
       } else if (!state2.sessions[chatId]) {
-        createSession(chatId, newCwd);
+        const cfgForEngine = loadConfig();
+        const engineByCwd = inferEngineByCwd(cfgForEngine, newCwd);
+        const currentEngine = getDefaultEngine();
+        createSession(chatId, newCwd, '', engineByCwd || currentEngine);
         await bot.sendMessage(chatId, `📁 ${path.basename(newCwd)} (new session)`);
       } else {
         state2.sessions[chatId].cwd = newCwd;

package/scripts/daemon-session-store.js

@@ -2,6 +2,7 @@
 
 const crypto = require('crypto');
 
+
 function createSessionStore(deps) {
   const {
     fs,
@@ -18,7 +19,7 @@ function createSessionStore(deps) {
   const _sessionFileCache = new Map(); // sessionId -> { path, ts }
   let _sessionCache = null;
   let _sessionCacheTime = 0;
-  const SESSION_CACHE_TTL = 10000; // 10s
+  const SESSION_CACHE_TTL = 30000; // 30s — scan is expensive, 10s was too frequent
 
   function findSessionFile(sessionId) {
     if (!sessionId || !fs.existsSync(CLAUDE_PROJECTS_DIR)) return null;
@@ -192,7 +193,8 @@ function createSessionStore(deps) {
             const fileMtime = stat.mtimeMs;
             const existing = sessionMap.get(sessionId);
             if (!existing || fileMtime > (existing.fileMtime || 0)) {
-              const projectPath = projPathCache.get(proj) || proj.slice(1).replace(/-/g, '/');
+              const projectPath = projPathCache.get(proj);
+              if (!projectPath) continue;
               sessionMap.set(sessionId, {
                 sessionId, projectPath, fileMtime,
                 modified: new Date(fileMtime).toISOString(),
@@ -427,24 +429,46 @@ function createSessionStore(deps) {
     }
   }
 
+  function sanitizeCwd(cwd) {
+    try {
+      const resolved = path.resolve(String(cwd || HOME));
+      if (process.platform === 'win32' && !/^[A-Za-z]:[\\\/]/i.test(resolved)) return HOME;
+      const stat = fs.statSync(resolved, { throwIfNoEntry: false });
+      if (!stat || !stat.isDirectory()) return HOME;
+      return resolved;
+    } catch { return HOME; }
+  }
+
   function getSession(chatId) {
     const state = loadState();
     return state.sessions[chatId] || null;
   }
 
-  function createSession(chatId, cwd, name) {
+  function getSessionForEngine(chatId, engine) {
+    const raw = getSession(chatId);
+    if (!raw) return null;
+    const safeEngine = String(engine || 'claude').trim().toLowerCase() === 'codex' ? 'codex' : 'claude';
+    if (!raw.engines) return { cwd: raw.cwd, engine: safeEngine, id: raw.id || null, started: !!raw.started };
+    const slot = raw.engines[safeEngine] || {};
+    return { cwd: raw.cwd, engine: safeEngine, id: slot.id || null, started: !!slot.started };
+  }
+
+  function createSession(chatId, cwd, name, engine = 'claude') {
     const state = loadState();
+    const safeEngine = String(engine || 'claude').trim().toLowerCase() === 'codex' ? 'codex' : 'claude';
+    const safeCwd = sanitizeCwd(cwd);
     const sessionId = crypto.randomUUID();
+    const existing = state.sessions[chatId] || {};
+    const existingEngines = existing.engines || {};
     state.sessions[chatId] = {
-      id: sessionId,
-      cwd: cwd || HOME,
-      started: false,
+      cwd: safeCwd,
+      engines: { ...existingEngines, [safeEngine]: { id: sessionId, started: false } },
     };
     saveState(state);
     invalidateSessionCache();
-    if (name) writeSessionName(sessionId, cwd || HOME, name);
-    log('INFO', `New session for ${chatId}: ${sessionId}${name ? ' [' + name + ']' : ''} (cwd: ${state.sessions[chatId].cwd})`);
-    return { ...state.sessions[chatId], id: sessionId };
+    if (name) writeSessionName(sessionId, safeCwd, name);
+    log('INFO', `New session for ${chatId}: ${sessionId}${name ? ' [' + name + ']' : ''} (cwd: ${safeCwd}) [${safeEngine}]`);
+    return getSessionForEngine(chatId, safeEngine);
   }
 
   function getSessionName(sessionId) {
@@ -525,12 +549,94 @@ function createSessionStore(deps) {
     } catch { return null; }
   }
 
-  function markSessionStarted(chatId) {
+  function markSessionStarted(chatId, engine) {
     const state = loadState();
-    if (state.sessions[chatId]) {
-      state.sessions[chatId].started = true;
-      saveState(state);
+    const s = state.sessions[chatId];
+    if (!s) return;
+    if (s.engines) {
+      const safeEngine = String(engine || 'claude').trim().toLowerCase() === 'codex' ? 'codex' : 'claude';
+      if (!s.engines[safeEngine]) s.engines[safeEngine] = {};
+      s.engines[safeEngine].started = true;
+    } else {
+      s.started = true; // old flat format
     }
+    saveState(state);
+  }
+
+  // Codex session validation via ~/.codex/state_5.sqlite
+  // ─── Unified session validation ──────────────────────────────────────────
+  // Both engines store sessions locally; only the backend differs.
+  // Single entry point: isEngineSessionValid(engine, sessionId, cwd)
+
+  const SESSION_VALIDATE_TTL = 30000;
+  const _validateCache = new Map(); // `${engine}@@${sessionId}@@${cwd}` -> { valid, ts }
+
+  function _cacheValidation(key, valid) {
+    _validateCache.set(key, { valid: !!valid, ts: Date.now() });
+    if (_validateCache.size > 512) _validateCache.delete(_validateCache.keys().next().value);
+    return !!valid;
+  }
+
+  // Claude backend: JSONL files under ~/.claude/projects/<hash>/
+  function _isClaudeSessionValid(sessionId, normCwd) {
+    try {
+      const sessionFile = findSessionFile(sessionId);
+      if (!sessionFile) return false;
+      const projectDir = path.dirname(sessionFile);
+      const indexFile = path.join(projectDir, 'sessions-index.json');
+      if (fs.existsSync(indexFile)) {
+        const data = JSON.parse(fs.readFileSync(indexFile, 'utf8'));
+        const entries = Array.isArray(data && data.entries) ? data.entries : [];
+        const entry = entries.find(e => e && e.sessionId === sessionId);
+        if (entry && entry.projectPath) return path.resolve(entry.projectPath) === normCwd;
+        const anyPath = (entries.find(e => e && e.projectPath) || {}).projectPath;
+        if (anyPath) return path.resolve(anyPath) === normCwd;
+      }
+      // Weak fallback: Claude encodes cwd in dir name; only trust a positive match.
+      // Unix: /home/user/project → -home-user-project
+      // Windows: D:\MetaMe → D--MetaMe (replaces : and \ with -)
+      const actualDir = path.basename(projectDir).toLowerCase();
+      const expectedDir = process.platform === 'win32'
+        ? normCwd.replace(/[:\\\/_ ]/g, '-').toLowerCase()
+        : ('-' + normCwd.replace(/^\//, '').replace(/[\/_ ]/g, '-')).toLowerCase();
+      if (actualDir === expectedDir) return true;
+      return false; // dir name mismatch — session belongs to a different project
+    } catch {
+      return true; // conservative: infra failure ≠ invalid session
+    }
+  }
+
+  // Codex backend: SQLite index at ~/.codex/state_5.sqlite
+  const CODEX_DB = path.join(HOME, '.codex', 'state_5.sqlite');
+  function _isCodexSessionValid(sessionId, normCwd) {
+    let db = null;
+    try {
+      const { DatabaseSync } = require('node:sqlite');
+      db = new DatabaseSync(CODEX_DB, { readonly: true });
+      const row = db.prepare('SELECT cwd FROM threads WHERE id = ?').get(sessionId);
+      db.close();
+      db = null;
+      return !!row && path.resolve(row.cwd) === normCwd;
+    } catch (e) {
+      if (db) { try { db.close(); } catch { /* ignore */ } }
+      // Transient errors (DB locked, busy) should not invalidate a live session.
+      // Only treat "session truly not found" as invalid; infra failures are conservative.
+      const msg = (e && e.message) || '';
+      if (msg.includes('SQLITE_BUSY') || msg.includes('SQLITE_LOCKED')) return true;
+      return false;
+    }
+  }
+
+  function isEngineSessionValid(engine, sessionId, cwd) {
+    if (!sessionId || !cwd || sessionId === '__continue__') return true;
+    const normCwd = path.resolve(cwd);
+    const key = `${engine}@@${sessionId}@@${normCwd}`;
+    const cached = _validateCache.get(key);
+    if (cached && Date.now() - cached.ts < SESSION_VALIDATE_TTL) return cached.valid;
+    const valid = engine === 'codex'
+      ? _isCodexSessionValid(sessionId, normCwd)
+      : _isClaudeSessionValid(sessionId, normCwd);
+    return _cacheValidation(key, valid);
   }
 
   return {
@@ -547,11 +653,13 @@ function createSessionStore(deps) {
     buildSessionCardElements,
     listProjectDirs,
     getSession,
+    getSessionForEngine,
     createSession,
     getSessionName,
     writeSessionName,
     markSessionStarted,
     getSessionRecentContext,
+    isEngineSessionValid,
   };
 }