npm - mneme-ai - Versions diffs - 1.9.0 → 1.17.2 - Mend

mneme-ai 1.9.0 → 1.17.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/bin/git-mneme.js +0 -0
package/bin/mneme.js +0 -0
package/dist/commands/audit-log-cmd.d.ts +24 -0
package/dist/commands/audit-log-cmd.d.ts.map +1 -0
package/dist/commands/audit-log-cmd.js +131 -0
package/dist/commands/audit-log-cmd.js.map +1 -0
package/dist/commands/bench.d.ts +23 -0
package/dist/commands/bench.d.ts.map +1 -0
package/dist/commands/bench.js +85 -0
package/dist/commands/bench.js.map +1 -0
package/dist/commands/constitution.d.ts +45 -0
package/dist/commands/constitution.d.ts.map +1 -0
package/dist/commands/constitution.js +204 -0
package/dist/commands/constitution.js.map +1 -0
package/dist/commands/daemon.d.ts.map +1 -1
package/dist/commands/daemon.js +41 -3
package/dist/commands/daemon.js.map +1 -1
package/dist/commands/ecosystem.d.ts +13 -0
package/dist/commands/ecosystem.d.ts.map +1 -0
package/dist/commands/ecosystem.js +44 -0
package/dist/commands/ecosystem.js.map +1 -0
package/dist/commands/index-cmd.d.ts.map +1 -1
package/dist/commands/index-cmd.js +21 -1
package/dist/commands/index-cmd.js.map +1 -1
package/dist/commands/init.d.ts.map +1 -1
package/dist/commands/init.js +53 -2
package/dist/commands/init.js.map +1 -1
package/dist/commands/key.d.ts +22 -0
package/dist/commands/key.d.ts.map +1 -0
package/dist/commands/key.js +60 -0
package/dist/commands/key.js.map +1 -0
package/dist/commands/security.d.ts +18 -0
package/dist/commands/security.d.ts.map +1 -0
package/dist/commands/security.js +126 -0
package/dist/commands/security.js.map +1 -0
package/dist/commands/security.test.d.ts +5 -0
package/dist/commands/security.test.d.ts.map +1 -0
package/dist/commands/security.test.js +198 -0
package/dist/commands/security.test.js.map +1 -0
package/dist/commands/session.d.ts +67 -0
package/dist/commands/session.d.ts.map +1 -0
package/dist/commands/session.js +216 -0
package/dist/commands/session.js.map +1 -0
package/dist/commands/session.test.d.ts +5 -0
package/dist/commands/session.test.d.ts.map +1 -0
package/dist/commands/session.test.js +270 -0
package/dist/commands/session.test.js.map +1 -0
package/dist/commands/upgrade.d.ts.map +1 -1
package/dist/commands/upgrade.js +12 -2
package/dist/commands/upgrade.js.map +1 -1
package/dist/commands/webhook.d.ts +59 -0
package/dist/commands/webhook.d.ts.map +1 -0
package/dist/commands/webhook.js +220 -0
package/dist/commands/webhook.js.map +1 -0
package/dist/commands/webhook.test.d.ts +5 -0
package/dist/commands/webhook.test.d.ts.map +1 -0
package/dist/commands/webhook.test.js +192 -0
package/dist/commands/webhook.test.js.map +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +235 -0
package/dist/index.js.map +1 -1
package/package.json +5 -5
package/dist/commands/wild-stubs.d.ts +0 -6
package/dist/commands/wild-stubs.d.ts.map +0 -1
package/dist/commands/wild-stubs.js +0 -112
package/dist/commands/wild-stubs.js.map +0 -1

package/bin/git-mneme.js CHANGED Viewed

File without changes

package/bin/mneme.js CHANGED Viewed

File without changes

package/dist/commands/audit-log-cmd.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * `mneme audit-log` — manage the HMAC-chained tamper-evident audit log.
+ *
+ * Subcommands:
+ *   - enable   — turn on append-only logging of every mutating action
+ *   - disable  — turn off (existing log preserved)
+ *   - status   — show current state + entry count + last entry
+ *   - verify   — re-walk the chain; report tamper, if any
+ *   - rotate   — archive current log + start fresh chain
+ *   - show     — dump entries (JSON or pretty)
+ *
+ * Banking / SOC2 / PCI-DSS audit requirement: `mneme audit-log verify`
+ * is the compliance checkpoint. CI exit code 0 = chain intact.
+ */
+export type AuditLogAction = "enable" | "disable" | "status" | "verify" | "rotate" | "show";
+export interface AuditLogOptions {
+    cwd: string;
+    action: AuditLogAction;
+    actor?: string;
+    limit?: number;
+    json?: boolean;
+}
+export declare function auditLogCommand(opts: AuditLogOptions): Promise<number>;
+//# sourceMappingURL=audit-log-cmd.d.ts.map

package/dist/commands/audit-log-cmd.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit-log-cmd.d.ts","sourceRoot":"","sources":["../../src/commands/audit-log-cmd.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,CAAC;AAE5F,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,cAAc,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,wBAAsB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAyH5E"}

package/dist/commands/audit-log-cmd.js ADDED Viewed

@@ -0,0 +1,131 @@
+/**
+ * `mneme audit-log` — manage the HMAC-chained tamper-evident audit log.
+ *
+ * Subcommands:
+ *   - enable   — turn on append-only logging of every mutating action
+ *   - disable  — turn off (existing log preserved)
+ *   - status   — show current state + entry count + last entry
+ *   - verify   — re-walk the chain; report tamper, if any
+ *   - rotate   — archive current log + start fresh chain
+ *   - show     — dump entries (JSON or pretty)
+ *
+ * Banking / SOC2 / PCI-DSS audit requirement: `mneme audit-log verify`
+ * is the compliance checkpoint. CI exit code 0 = chain intact.
+ */
+import kleur from "kleur";
+import { ui } from "../ui.js";
+import { git, security } from "@mneme-ai/core";
+export async function auditLogCommand(opts) {
+    if (!(await git.isGitRepo(opts.cwd))) {
+        ui.error("Not in a git repo. Run `mneme init` first.");
+        return 1;
+    }
+    const meta = await git.getRepoMeta(opts.cwd);
+    const root = meta.rootPath;
+    switch (opts.action) {
+        case "enable": {
+            security.auditLog.enable(root);
+            security.auditLog.appendEntry(root, {
+                actor: opts.actor ?? "cli",
+                action: "audit-log-enable",
+                details: { enabledAt: new Date().toISOString() },
+            });
+            if (opts.json) {
+                process.stdout.write(JSON.stringify({ enabled: true }, null, 2) + "\n");
+            }
+            else {
+                ui.banner();
+                process.stdout.write(kleur.bold("\n  🔒 Audit log: ENABLED\n\n") +
+                    "  Every mutating action is now appended to .mneme/audit.log\n" +
+                    "  with an HMAC-SHA-256 chain. Any modification to the log will\n" +
+                    "  be detected by `mneme audit-log verify`.\n\n" +
+                    "  Set " + kleur.cyan("MNEME_AUDIT_SECRET") + " (>= 32 chars) for production.\n\n");
+            }
+            return 0;
+        }
+        case "disable": {
+            security.auditLog.disable(root);
+            if (opts.json)
+                process.stdout.write(JSON.stringify({ enabled: false }, null, 2) + "\n");
+            else
+                ui.success("Audit log disabled. Existing log preserved.");
+            return 0;
+        }
+        case "status": {
+            const enabled = security.auditLog.isEnabled(root);
+            const entries = security.auditLog.readAll(root);
+            const last = entries[entries.length - 1];
+            const data = {
+                enabled,
+                totalEntries: entries.length,
+                lastEntry: last ? { ts: last.ts, actor: last.actor, action: last.action, hmac: last.hmac.slice(0, 12) + "…" } : null,
+            };
+            if (opts.json)
+                process.stdout.write(JSON.stringify(data, null, 2) + "\n");
+            else {
+                ui.banner();
+                process.stdout.write(kleur.bold("\n  🔒 Audit log status\n\n") +
+                    `  Enabled: ${enabled ? kleur.green("yes") : kleur.gray("no")}\n` +
+                    `  Entries: ${entries.length}\n` +
+                    (last ? `  Last:    ${last.ts} · ${last.actor} · ${last.action}\n` : "") +
+                    "\n");
+            }
+            return 0;
+        }
+        case "verify": {
+            const result = security.auditLog.verify(root);
+            if (opts.json) {
+                process.stdout.write(JSON.stringify(result, null, 2) + "\n");
+                return result.ok ? 0 : 1;
+            }
+            ui.banner();
+            if (result.ok) {
+                process.stdout.write(kleur.bold(`\n  ${kleur.green("✓")} Audit chain INTACT\n\n`) +
+                    `  ${result.totalEntries} entries verified · HMAC-SHA-256 chain unbroken\n\n`);
+                return 0;
+            }
+            process.stdout.write(kleur.bold(`\n  ${kleur.red("✗")} Audit chain BROKEN\n\n`) +
+                `  Total entries: ${result.totalEntries}\n` +
+                `  Broken at index: ${result.brokenAtIndex}\n` +
+                `  Reason: ${result.brokenReason}\n\n` +
+                kleur.yellow("  ⚠ Tamper detected. Investigate immediately.\n\n"));
+            return 1;
+        }
+        case "rotate": {
+            const r = security.auditLog.rotate(root, opts.actor ?? "cli");
+            if (opts.json)
+                process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            else if (r.rotated)
+                ui.success(`Rotated. Archived to ${r.archivedPath}`);
+            else
+                ui.success("Fresh log started.");
+            return 0;
+        }
+        case "show": {
+            const entries = security.auditLog.readAll(root);
+            const limit = opts.limit ?? entries.length;
+            const slice = entries.slice(-limit);
+            if (opts.json) {
+                process.stdout.write(JSON.stringify(slice, null, 2) + "\n");
+                return 0;
+            }
+            if (slice.length === 0) {
+                ui.info("No audit entries.");
+                return 0;
+            }
+            ui.banner();
+            process.stdout.write(kleur.bold(`\n  🔒 Audit log — last ${slice.length} entr${slice.length === 1 ? "y" : "ies"}\n\n`));
+            for (const e of slice) {
+                process.stdout.write(`  ${kleur.gray(e.ts)} · ${kleur.cyan(e.actor)} · ${kleur.bold(e.action)}` +
+                    (e.target ? ` → ${e.target}` : "") +
+                    kleur.gray(`  [${e.hmac.slice(0, 8)}]`) +
+                    "\n");
+            }
+            process.stdout.write("\n");
+            return 0;
+        }
+    }
+    ui.error(`Unknown audit-log action: ${opts.action}`);
+    return 1;
+}
+//# sourceMappingURL=audit-log-cmd.js.map

package/dist/commands/audit-log-cmd.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit-log-cmd.js","sourceRoot":"","sources":["../../src/commands/audit-log-cmd.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAY/C,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAqB;IACzD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACrC,EAAE,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC;IAE3B,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC/B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE;gBAClC,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK;gBAC1B,MAAM,EAAE,kBAAkB;gBAC1B,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE;aACjD,CAAC,CAAC;YACH,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YAC1E,CAAC;iBAAM,CAAC;gBACN,EAAE,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC;oBACzC,+DAA+D;oBAC/D,kEAAkE;oBAClE,gDAAgD;oBAChD,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,oCAAoC,CACrF,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,IAAI;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;;gBACnF,EAAE,CAAC,OAAO,CAAC,6CAA6C,CAAC,CAAC;YAC/D,OAAO,CAAC,CAAC;QACX,CAAC;QAED,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACzC,MAAM,IAAI,GAAG;gBACX,OAAO;gBACP,YAAY,EAAE,OAAO,CAAC,MAAM;gBAC5B,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI;aACrH,CAAC;YACF,IAAI,IAAI,CAAC,IAAI;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;iBACrE,CAAC;gBACJ,EAAE,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC;oBACvC,cAAc,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;oBACjE,cAAc,OAAO,CAAC,MAAM,IAAI;oBAChC,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,IAAI,CAAC,EAAE,MAAM,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBACxE,IAAI,CACP,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC9C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC7D,OAAO,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3B,CAAC;YACD,EAAE,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,yBAAyB,CAAC;oBAC1D,KAAK,MAAM,CAAC,YAAY,qDAAqD,CAChF,CAAC;gBACF,OAAO,CAAC,CAAC;YACX,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC;gBACxD,oBAAoB,MAAM,CAAC,YAAY,IAAI;gBAC3C,sBAAsB,MAAM,CAAC,aAAa,IAAI;gBAC9C,aAAa,MAAM,CAAC,YAAY,MAAM;gBACtC,KAAK,CAAC,MAAM,CAAC,mDAAmD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,CAAC;QACX,CAAC;QAED,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,CAAC;YAC9D,IAAI,IAAI,CAAC,IAAI;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;iBAClE,IAAI,CAAC,CAAC,OAAO;gBAAE,EAAE,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;;gBACpE,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACtC,OAAO,CAAC,CAAC;QACX,CAAC;QAED,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;YAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;YACpC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC5D,OAAO,CAAC,CAAC;YACX,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAC7B,OAAO,CAAC,CAAC;YACX,CAAC;YACD,EAAE,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,2BAA2B,KAAK,CAAC,MAAM,QAAQ,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC;YACxH,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;gBACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE;oBACxE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAClC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC;oBACvC,IAAI,CACP,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,EAAE,CAAC,KAAK,CAAC,6BAA6B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACrD,OAAO,CAAC,CAAC;AACX,CAAC"}

package/dist/commands/bench.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+/**
+ * `mneme bench` — AI-Memory-Bench CLI.
+ *
+ * Two modes:
+ *   1. `--probes-out <file>`  → emit JSON of probes for the AI to answer
+ *   2. `--score <answers.json>` → score AI's answers, render leaderboard
+ *
+ * Workflow:
+ *   $ mneme bench --probes-out probes.json
+ *   $ <feed probes.json questions to your AI; collect answers as JSON map>
+ *   $ mneme bench --score answers.json --label "claude-code-with-mneme"
+ */
+import { bench } from "@mneme-ai/core";
+export interface BenchOptions {
+    cwd: string;
+    probesOut?: string;
+    score?: string;
+    label?: string;
+    category?: bench.ProbeCategory;
+    json?: boolean;
+}
+export declare function benchCommand(opts: BenchOptions): Promise<number>;
+//# sourceMappingURL=bench.d.ts.map

package/dist/commands/bench.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"bench.d.ts","sourceRoot":"","sources":["../../src/commands/bench.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH,OAAO,EAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAE5C,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC;IAC/B,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,wBAAsB,YAAY,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,CA8EtE"}

package/dist/commands/bench.js ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * `mneme bench` — AI-Memory-Bench CLI.
+ *
+ * Two modes:
+ *   1. `--probes-out <file>`  → emit JSON of probes for the AI to answer
+ *   2. `--score <answers.json>` → score AI's answers, render leaderboard
+ *
+ * Workflow:
+ *   $ mneme bench --probes-out probes.json
+ *   $ <feed probes.json questions to your AI; collect answers as JSON map>
+ *   $ mneme bench --score answers.json --label "claude-code-with-mneme"
+ */
+import { readFileSync, writeFileSync, existsSync } from "node:fs";
+import kleur from "kleur";
+import { ui } from "../ui.js";
+import { git, bench } from "@mneme-ai/core";
+export async function benchCommand(opts) {
+    if (!(await git.isGitRepo(opts.cwd))) {
+        ui.error("Not in a git repo. Run `mneme init` first.");
+        return 1;
+    }
+    const meta = await git.getRepoMeta(opts.cwd);
+    const probes = opts.category
+        ? bench.STANDARD_PROBES.filter((p) => p.category === opts.category)
+        : bench.STANDARD_PROBES;
+    // ── Mode 1: emit probes for AI to answer ──────────────────────────
+    if (opts.probesOut) {
+        const out = probes.map((p) => ({
+            id: p.id,
+            category: p.category,
+            question: p.question,
+            tags: p.tags,
+        }));
+        writeFileSync(opts.probesOut, JSON.stringify(out, null, 2), "utf8");
+        if (opts.json) {
+            process.stdout.write(JSON.stringify({ probesEmitted: out.length, path: opts.probesOut }, null, 2) + "\n");
+        }
+        else {
+            ui.banner();
+            process.stdout.write(kleur.bold(`\n  📐 AI-Memory-Bench — ${out.length} probe(s) written to ${opts.probesOut}\n\n`) +
+                "  Next:\n" +
+                "    1. Feed each `question` to your AI client (with or without Mneme attached)\n" +
+                "    2. Collect responses into a JSON map: { \"<probe-id>\": \"<answer>\", ... }\n" +
+                "    3. Run: " + kleur.cyan("mneme bench --score answers.json --label '<your-config>'") + "\n\n");
+        }
+        return 0;
+    }
+    // ── Mode 2: score AI answers ──────────────────────────────────────
+    if (opts.score) {
+        if (!existsSync(opts.score)) {
+            ui.error(`No such answers file: ${opts.score}`);
+            return 1;
+        }
+        let answers;
+        try {
+            answers = JSON.parse(readFileSync(opts.score, "utf8"));
+        }
+        catch (err) {
+            ui.error(`Could not parse answers JSON: ${err.message}`);
+            return 1;
+        }
+        const result = await bench.runBench(probes, answers, meta.rootPath);
+        const label = opts.label ?? "unnamed-run";
+        if (opts.json) {
+            process.stdout.write(JSON.stringify({ label, ...result }, null, 2) + "\n");
+            return 0;
+        }
+        ui.banner();
+        process.stdout.write("\n" + bench.renderLeaderboard(result, label) + "\n\n");
+        process.stdout.write(kleur.gray("  Tip: pipe " + kleur.cyan("--json") + " into your CI to fail builds when " +
+            "Wilson lower bound drops below your threshold.\n\n"));
+        return result.hallucinationRate > 0.1 ? 1 : 0;
+    }
+    // ── No mode → print help ──────────────────────────────────────────
+    ui.banner();
+    process.stdout.write(kleur.bold("\n  📐 AI-Memory-Bench — the first reproducible benchmark for AI memory layers\n\n") +
+        `  Probes available: ${kleur.green(`${probes.length}`)} (across ${kleur.cyan(`${new Set(probes.map((p) => p.category)).size}`)} categories)\n\n` +
+        "  Usage:\n" +
+        `    ${kleur.cyan("mneme bench --probes-out probes.json")}     emit probes for the AI to answer\n` +
+        `    ${kleur.cyan("mneme bench --score answers.json --label X")}   score the AI's answers\n\n` +
+        "  Why measure: if you can't quantify hallucination, you can't reduce it.\n" +
+        "  Run with + without Mneme attached, compare the two leaderboards.\n\n");
+    return 0;
+}
+//# sourceMappingURL=bench.js.map

package/dist/commands/bench.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"bench.js","sourceRoot":"","sources":["../../src/commands/bench.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAClE,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAW5C,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAkB;IACnD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACrC,EAAE,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ;QAC1B,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAc,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,QAAQ,CAAC;QAChF,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC;IAE1B,qEAAqE;IACrE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAc,EAAE,EAAE,CAAC,CAAC;YAC1C,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;SACb,CAAC,CAAC,CAAC;QACJ,aAAa,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACpE,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC5G,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,4BAA4B,GAAG,CAAC,MAAM,wBAAwB,IAAI,CAAC,SAAS,MAAM,CAAC;gBAC5F,WAAW;gBACX,kFAAkF;gBAClF,mFAAmF;gBACnF,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,GAAG,MAAM,CACnG,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,qEAAqE;IACrE,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5B,EAAE,CAAC,KAAK,CAAC,yBAAyB,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;YAChD,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,OAA+B,CAAC;QACpC,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAA2B,CAAC;QACnF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,EAAE,CAAC,KAAK,CAAC,iCAAkC,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACpE,OAAO,CAAC,CAAC;QACX,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,aAAa,CAAC;QAE1C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YAC3E,OAAO,CAAC,CAAC;QACX,CAAC;QACD,EAAE,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,CAAC;QAC7E,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CACR,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,oCAAoC;YAC1E,oDAAoD,CACvD,CACF,CAAC;QACF,OAAO,MAAM,CAAC,iBAAiB,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,qEAAqE;IACrE,EAAE,CAAC,MAAM,EAAE,CAAC;IACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,oFAAoF,CAAC;QAC9F,uBAAuB,KAAK,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,YAAY,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,kBAAkB;QAChJ,YAAY;QACZ,OAAO,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,yCAAyC;QAClG,OAAO,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,+BAA+B;QAC9F,4EAA4E;QAC5E,wEAAwE,CAC3E,CAAC;IACF,OAAO,CAAC,CAAC;AACX,CAAC"}

package/dist/commands/constitution.d.ts ADDED Viewed

@@ -0,0 +1,45 @@
+/**
+ * `mneme constitution` — Codebase Constitution synthesizer.
+ *
+ * Synthesises a living "constitution" document from the repo's history:
+ * never-do rules from past regrets · expert-pairing constraints from
+ * atrophy · file-level safety constraints from incidents · architectural
+ * decisions auto-extracted from commit messages.
+ *
+ * Output: a Markdown document AI tools can prepend to their system prompt
+ * (via the MCP `mneme.constitution.get` tool) so AI literally cannot
+ * suggest things that contradict the constitution.
+ *
+ * v1.10.0 ships rule-extraction from 4 sources:
+ *   • regret patterns (rules from "we tried X, broke Y")
+ *   • atrophy / bus-factor (pairing constraints)
+ *   • forensics anomalies (security must-not-do rules)
+ *   • decisions (ADR-style "must do" rules)
+ */
+export interface ConstitutionOptions {
+    cwd: string;
+    out?: string;
+    json?: boolean;
+}
+export interface ConstitutionRule {
+    id: string;
+    source: "regret" | "atrophy" | "forensics" | "decision";
+    rule: string;
+    evidence: string;
+    severity: "must-not" | "must" | "should" | "consider";
+}
+export interface Constitution {
+    generatedAt: string;
+    generatedByMneme: string;
+    repoName: string;
+    rules: ConstitutionRule[];
+}
+declare function extractRegretRules(commits: import("@mneme-ai/core").Commit[]): ConstitutionRule[];
+declare function extractDecisionRules(commits: import("@mneme-ai/core").Commit[]): ConstitutionRule[];
+export declare function renderConstitutionMarkdown(c: Constitution): string;
+export declare function constitutionCommand(opts: ConstitutionOptions): Promise<number>;
+export declare const _renderConstitutionMarkdownForTests: typeof renderConstitutionMarkdown;
+export declare const _extractRegretRulesForTests: typeof extractRegretRules;
+export declare const _extractDecisionRulesForTests: typeof extractDecisionRules;
+export {};
+//# sourceMappingURL=constitution.d.ts.map

package/dist/commands/constitution.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"constitution.d.ts","sourceRoot":"","sources":["../../src/commands/constitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AASH,MAAM,WAAW,mBAAmB;IAClC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,UAAU,CAAC;IACxD,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,UAAU,CAAC;CACvD;AAED,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,gBAAgB,EAAE,CAAC;CAC3B;AAeD,iBAAS,kBAAkB,CAAC,OAAO,EAAE,OAAO,gBAAgB,EAAE,MAAM,EAAE,GAAG,gBAAgB,EAAE,CAe1F;AA6CD,iBAAS,oBAAoB,CAAC,OAAO,EAAE,OAAO,gBAAgB,EAAE,MAAM,EAAE,GAAG,gBAAgB,EAAE,CAe5F;AAED,wBAAgB,0BAA0B,CAAC,CAAC,EAAE,YAAY,GAAG,MAAM,CA8ClE;AAED,wBAAsB,mBAAmB,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC,CAmDpF;AAGD,eAAO,MAAM,mCAAmC,mCAA6B,CAAC;AAC9E,eAAO,MAAM,2BAA2B,2BAAqB,CAAC;AAC9D,eAAO,MAAM,6BAA6B,6BAAuB,CAAC"}

package/dist/commands/constitution.js ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * `mneme constitution` — Codebase Constitution synthesizer.
+ *
+ * Synthesises a living "constitution" document from the repo's history:
+ * never-do rules from past regrets · expert-pairing constraints from
+ * atrophy · file-level safety constraints from incidents · architectural
+ * decisions auto-extracted from commit messages.
+ *
+ * Output: a Markdown document AI tools can prepend to their system prompt
+ * (via the MCP `mneme.constitution.get` tool) so AI literally cannot
+ * suggest things that contradict the constitution.
+ *
+ * v1.10.0 ships rule-extraction from 4 sources:
+ *   • regret patterns (rules from "we tried X, broke Y")
+ *   • atrophy / bus-factor (pairing constraints)
+ *   • forensics anomalies (security must-not-do rules)
+ *   • decisions (ADR-style "must do" rules)
+ */
+import { existsSync, writeFileSync, mkdirSync } from "node:fs";
+import { join, dirname } from "node:path";
+import kleur from "kleur";
+import { ui } from "../ui.js";
+import { git, store, util, people } from "@mneme-ai/core";
+import { dbPath } from "../paths.js";
+function safeReadVersion() {
+    try {
+        const here = new URL(".", import.meta.url).pathname;
+        const fs = require("node:fs");
+        const path = require("node:path");
+        const pkgPath = path.resolve(here, "..", "..", "package.json");
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf8"));
+        return pkg.version ?? "0.0.0";
+    }
+    catch {
+        return "0.0.0";
+    }
+}
+function extractRegretRules(commits) {
+    const rules = [];
+    // Find revert/hotfix patterns
+    const reverts = commits.filter((c) => /\b(revert|hotfix|rollback)\b/i.test(c.subject));
+    for (let i = 0; i < Math.min(5, reverts.length); i++) {
+        const r = reverts[i];
+        rules.push({
+            id: `regret-${r.shortHash}`,
+            source: "regret",
+            rule: `Be cautious with patterns similar to: ${r.subject.slice(0, 100)}`,
+            evidence: `Commit ${r.shortHash} (${r.authorDate.slice(0, 10)}) — past regret`,
+            severity: "should",
+        });
+    }
+    return rules;
+}
+function extractAtrophyRules(s) {
+    const rules = [];
+    try {
+        const report = people.atrophy(s, { topN: 10 });
+        // For records below 30 freshness, add a pairing constraint
+        const records = report.records ?? [];
+        for (let i = 0; i < Math.min(5, records.length); i++) {
+            const rec = records[i];
+            if (rec.score < 30 && rec.authorEmail && rec.area) {
+                rules.push({
+                    id: `atrophy-${i}`,
+                    source: "atrophy",
+                    rule: `Pair with ${rec.authorEmail} when modifying ${rec.area} (knowledge atrophy ${rec.score}/100)`,
+                    evidence: `Atrophy report — ${rec.authorEmail}'s ${rec.area} expertise is fading`,
+                    severity: "should",
+                });
+            }
+        }
+    }
+    catch { }
+    return rules;
+}
+function extractForensicsRules(s) {
+    const rules = [];
+    try {
+        const incidents = s.db.prepare("SELECT * FROM incidents LIMIT 10").all();
+        for (let i = 0; i < incidents.length; i++) {
+            const inc = incidents[i];
+            const files = inc.affected_files ? JSON.parse(inc.affected_files) : [];
+            if (inc.title && files.length > 0) {
+                rules.push({
+                    id: `forensics-${i}`,
+                    source: "forensics",
+                    rule: `Apply extra scrutiny to ${files[0]} — past incident: ${inc.title.slice(0, 80)}`,
+                    evidence: `Incident affected ${files.length} file(s)`,
+                    severity: "must",
+                });
+            }
+        }
+    }
+    catch { }
+    return rules;
+}
+function extractDecisionRules(commits) {
+    const rules = [];
+    const decisionMarkers = /\b(adr|decision|chose|migrate|switch from .+ to .+)\b/i;
+    const filtered = commits.filter((c) => decisionMarkers.test(c.subject));
+    for (let i = 0; i < Math.min(5, filtered.length); i++) {
+        const r = filtered[i];
+        rules.push({
+            id: `decision-${r.shortHash}`,
+            source: "decision",
+            rule: `Prior decision: ${r.subject.slice(0, 100)}`,
+            evidence: `Commit ${r.shortHash} (${r.authorDate.slice(0, 10)}) — architectural decision`,
+            severity: "should",
+        });
+    }
+    return rules;
+}
+export function renderConstitutionMarkdown(c) {
+    const lines = [];
+    lines.push(`# ${c.repoName} — Codebase Constitution`);
+    lines.push("");
+    lines.push(`> AI tools: prepend this to your system prompt before answering. ` +
+        `These rules are derived from this repo's history of regrets, decisions, ` +
+        `incidents, and knowledge-atrophy patterns. **Contradicting them is a hallucination signal.**`);
+    lines.push("");
+    lines.push(`Generated: ${c.generatedAt} · By Mneme ${c.generatedByMneme}`);
+    lines.push("");
+    const bySource = new Map();
+    for (const r of c.rules) {
+        if (!bySource.has(r.source))
+            bySource.set(r.source, []);
+        bySource.get(r.source).push(r);
+    }
+    for (const [source, rules] of bySource) {
+        const heading = source === "regret" ? "## ⚠ Past regrets — patterns to avoid" :
+            source === "atrophy" ? "## 👥 Knowledge atrophy — pairing constraints" :
+                source === "forensics" ? "## 🛡 Security — must-do scrutiny zones" :
+                    "## 📋 Architectural decisions";
+        lines.push(heading);
+        lines.push("");
+        for (const r of rules) {
+            const tag = r.severity === "must-not" ? "❌ MUST NOT" :
+                r.severity === "must" ? "✅ MUST" :
+                    r.severity === "should" ? "▸ SHOULD" : "○ CONSIDER";
+            lines.push(`- ${tag}: ${r.rule}`);
+            lines.push(`  - *Evidence: ${r.evidence}*`);
+        }
+        lines.push("");
+    }
+    if (c.rules.length === 0) {
+        lines.push("## (No rules synthesized)");
+        lines.push("");
+        lines.push("Run `mneme index` first to build the corpus, then re-run `mneme constitution` to derive rules.");
+    }
+    lines.push("---");
+    lines.push("");
+    lines.push("> *This document is auto-synthesized. Re-run `mneme constitution` after major commits.*");
+    return lines.join("\n");
+}
+export async function constitutionCommand(opts) {
+    if (!(await git.isGitRepo(opts.cwd))) {
+        ui.error("Not in a git repo. Run `mneme init` first.");
+        return 1;
+    }
+    const meta = await git.getRepoMeta(opts.cwd);
+    const dbPathStr = dbPath(meta.rootPath);
+    if (!existsSync(dbPathStr)) {
+        ui.error("No Mneme index found. Run `mneme index` first.");
+        return 1;
+    }
+    const s = new store.MnemeStore(dbPathStr);
+    const commits = util.loadAllCommits(s);
+    const rules = [
+        ...extractForensicsRules(s),
+        ...extractRegretRules(commits),
+        ...extractAtrophyRules(s),
+        ...extractDecisionRules(commits),
+    ];
+    const constitution = {
+        generatedAt: new Date().toISOString(),
+        generatedByMneme: safeReadVersion(),
+        repoName: meta.repo ?? "(unknown)",
+        rules,
+    };
+    const md = renderConstitutionMarkdown(constitution);
+    // Always cache the result for the MCP tool to read
+    const cachePath = join(meta.rootPath, ".mneme", "constitution.md");
+    if (!existsSync(dirname(cachePath)))
+        mkdirSync(dirname(cachePath), { recursive: true });
+    writeFileSync(cachePath, md, "utf8");
+    if (opts.out) {
+        writeFileSync(opts.out, md, "utf8");
+    }
+    if (opts.json) {
+        process.stdout.write(JSON.stringify(constitution, null, 2) + "\n");
+        return 0;
+    }
+    ui.banner();
+    process.stdout.write(kleur.bold(`\n  📜 Constitution synthesised — ${rules.length} rule(s)\n\n`) +
+        `  ${kleur.green("✓")} cached at .mneme/constitution.md\n` +
+        (opts.out ? `  ${kleur.green("✓")} written to ${opts.out}\n` : "") +
+        `\n  AI tools can fetch via the MCP tool ${kleur.cyan("mneme.constitution.get")}.\n\n`);
+    return 0;
+}
+// Test exports
+export const _renderConstitutionMarkdownForTests = renderConstitutionMarkdown;
+export const _extractRegretRulesForTests = extractRegretRules;
+export const _extractDecisionRulesForTests = extractDecisionRules;
+//# sourceMappingURL=constitution.js.map

package/dist/commands/constitution.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"constitution.js","sourceRoot":"","sources":["../../src/commands/constitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,UAAU,EAAgB,aAAa,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAuBrC,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QACpD,MAAM,EAAE,GAAG,OAAO,CAAC,SAAS,CAA6B,CAAC;QAC1D,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAA+B,CAAC;QAChE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAyB,CAAC;QACjF,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,OAA0C;IACpE,MAAM,KAAK,GAAuB,EAAE,CAAC;IACrC,8BAA8B;IAC9B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,+BAA+B,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACvF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACrD,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,UAAU,CAAC,CAAC,SAAS,EAAE;YAC3B,MAAM,EAAE,QAAQ;YAChB,IAAI,EAAE,yCAAyC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACxE,QAAQ,EAAE,UAAU,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB;YAC9E,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,mBAAmB,CAAC,CAAmB;IAC9C,MAAM,KAAK,GAAuB,EAAE,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAC/C,2DAA2D;QAC3D,MAAM,OAAO,GAAI,MAAsF,CAAC,OAAO,IAAI,EAAE,CAAC;QACtH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACrD,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC;YACxB,IAAI,GAAG,CAAC,KAAK,GAAG,EAAE,IAAI,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;gBAClD,KAAK,CAAC,IAAI,CAAC;oBACT,EAAE,EAAE,WAAW,CAAC,EAAE;oBAClB,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,aAAa,GAAG,CAAC,WAAW,mBAAmB,GAAG,CAAC,IAAI,uBAAuB,GAAG,CAAC,KAAK,OAAO;oBACpG,QAAQ,EAAE,oBAAoB,GAAG,CAAC,WAAW,MAAM,GAAG,CAAC,IAAI,sBAAsB;oBACjF,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IACV,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,qBAAqB,CAAC,CAAmB;IAChD,MAAM,KAAK,GAAuB,EAAE,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAkC,CAAC,CAAC,GAAG,EAAwD,CAAC;QAC/H,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC1C,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,GAAG,CAAC,cAAc,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAc,CAAC,CAAC,CAAC,EAAE,CAAC;YACrF,IAAI,GAAG,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,KAAK,CAAC,IAAI,CAAC;oBACT,EAAE,EAAE,aAAa,CAAC,EAAE;oBACpB,MAAM,EAAE,WAAW;oBACnB,IAAI,EAAE,2BAA2B,KAAK,CAAC,CAAC,CAAC,qBAAqB,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;oBACtF,QAAQ,EAAE,qBAAqB,KAAK,CAAC,MAAM,UAAU;oBACrD,QAAQ,EAAE,MAAM;iBACjB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IACV,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,OAA0C;IACtE,MAAM,KAAK,GAAuB,EAAE,CAAC;IACrC,MAAM,eAAe,GAAG,wDAAwD,CAAC;IACjF,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACxE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACtD,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,YAAY,CAAC,CAAC,SAAS,EAAE;YAC7B,MAAM,EAAE,UAAU;YAClB,IAAI,EAAE,mBAAmB,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YAClD,QAAQ,EAAE,UAAU,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,4BAA4B;YACzF,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,CAAe;IACxD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,0BAA0B,CAAC,CAAC;IACtD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,mEAAmE;QAC5E,0EAA0E;QAC1E,8FAA8F,CAAC,CAAC;IAClG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,WAAW,eAAe,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAC3E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA8B,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;YAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACxD,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;QACvC,MAAM,OAAO,GACX,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,uCAAuC,CAAC,CAAC;YAC/D,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,+CAA+C,CAAC,CAAC;gBACxE,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,yCAAyC,CAAC,CAAC;oBACpE,+BAA+B,CAAC;QAClC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,GAAG,GACP,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;gBAC1C,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;oBAClC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,YAAY,CAAC;YACtD,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;QAC9C,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,gGAAgG,CAAC,CAAC;IAC/G,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yFAAyF,CAAC,CAAC;IACtG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,IAAyB;IACjE,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACrC,EAAE,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,EAAE,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAEvC,MAAM,KAAK,GAAuB;QAChC,GAAG,qBAAqB,CAAC,CAAC,CAAC;QAC3B,GAAG,kBAAkB,CAAC,OAAO,CAAC;QAC9B,GAAG,mBAAmB,CAAC,CAAC,CAAC;QACzB,GAAG,oBAAoB,CAAC,OAAO,CAAC;KACjC,CAAC;IAEF,MAAM,YAAY,GAAiB;QACjC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,gBAAgB,EAAE,eAAe,EAAE;QACnC,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,WAAW;QAClC,KAAK;KACN,CAAC;IAEF,MAAM,EAAE,GAAG,0BAA0B,CAAC,YAAY,CAAC,CAAC;IAEpD,mDAAmD;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACnE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAAE,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACxF,aAAa,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IAErC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QACb,aAAa,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACnE,OAAO,CAAC,CAAC;IACX,CAAC;IACD,EAAE,CAAC,MAAM,EAAE,CAAC;IACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,KAAK,CAAC,IAAI,CAAC,qCAAqC,KAAK,CAAC,MAAM,cAAc,CAAC;QACzE,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,qCAAqC;QAC1D,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAClE,2CAA2C,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CACzF,CAAC;IACF,OAAO,CAAC,CAAC;AACX,CAAC;AAED,eAAe;AACf,MAAM,CAAC,MAAM,mCAAmC,GAAG,0BAA0B,CAAC;AAC9E,MAAM,CAAC,MAAM,2BAA2B,GAAG,kBAAkB,CAAC;AAC9D,MAAM,CAAC,MAAM,6BAA6B,GAAG,oBAAoB,CAAC"}

package/dist/commands/daemon.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"daemon.d.ts","sourceRoot":"","sources":["../../src/commands/daemon.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAUH,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC7C,mEAAmE;IACnE,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;~~AAsTD~~,wBAAsB,aAAa,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAUxE"}
1	+ {"version":3,"file":"daemon.d.ts","sourceRoot":"","sources":["../../src/commands/daemon.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAUH,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC7C,mEAAmE;IACnE,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAyVD,wBAAsB,aAAa,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAUxE"}

package/dist/commands/daemon.js CHANGED Viewed

@@ -17,7 +17,7 @@
  * Cross-platform: PID-file approach works on win32 + darwin + linux.
  * fs.watch is supported on all three. No native deps.
  */
-import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync, watch, renameSync } from "node:fs";
+import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync, watch, renameSync, statSync } from "node:fs";
 import { join } from "node:path";
 import { spawn, spawnSync } from "node:child_process";
 import { setTimeout as wait } from "node:timers/promises";
@@ -44,6 +44,23 @@ function isAlive(pid) {
         return err.code === "EPERM";
     }
 }
+/** v1.11.0 security: verify the PID file is owned by the current user.
+ *  On Windows, file UID is not meaningful — we trust the per-user repo
+ *  path (typically under %USERPROFILE%) instead. */
+function isPidFileOwnedByMe(pidPath) {
+    try {
+        if (process.platform === "win32")
+            return true; // POSIX-only check
+        const st = statSync(pidPath);
+        const me = process.getuid?.();
+        if (typeof me !== "number")
+            return true; // can't check, fail open
+        return st.uid === me;
+    }
+    catch {
+        return true; // missing → not a security issue, fail open for the caller
+    }
+}
 function readStatus(repoRoot) {
     const p = paths(repoRoot);
     if (!existsSync(p.status))
@@ -185,6 +202,18 @@ async function startDaemon(opts) {
     const p = paths(meta.rootPath);
     if (!existsSync(p.dir))
         mkdirSync(p.dir, { recursive: true });
+    // v1.11.0 security hardening: refuse to read/trust a PID file that's
+    // not owned by the current user. Mitigates the "another user / attacker
+    // plants a PID file in a shared workspace, hijacks our daemon control"
+    // attack on multi-user POSIX boxes.
+    if (existsSync(p.pid) && !isPidFileOwnedByMe(p.pid)) {
+        if (opts.json) {
+            process.stdout.write(JSON.stringify({ started: false, error: "pid-file-owned-by-other-user", path: p.pid }, null, 2) + "\n");
+            return 1;
+        }
+        ui.error(`Refusing to start: ${p.pid} is owned by a different user. Investigate before removing.`);
+        return 1;
+    }
     // Already running?
     if (existsSync(p.pid)) {
         const existing = parseInt(readFileSync(p.pid, "utf8").trim(), 10);
@@ -203,8 +232,9 @@ async function startDaemon(opts) {
         catch { }
     }
     if (opts.attached) {
-        // We ARE the daemon — write PID file and run loop
-        writeFileSync(p.pid, String(process.pid), "utf8");
+        // We ARE the daemon — write PID file and run loop. Restrictive perms
+        // (0600) so other users on a shared box can't read/forge.
+        writeFileSync(p.pid, String(process.pid), { encoding: "utf8", mode: 0o600 });
         await runDaemonLoop(meta.rootPath);
         return 0;
     }
@@ -246,6 +276,14 @@ async function stopDaemon(opts) {
             ui.warn("No daemon running.");
         return 0;
     }
+    // v1.11.0 security hardening: refuse to act on a foreign PID file.
+    if (!isPidFileOwnedByMe(p.pid)) {
+        if (opts.json)
+            process.stdout.write(JSON.stringify({ stopped: false, error: "pid-file-owned-by-other-user", path: p.pid }, null, 2) + "\n");
+        else
+            ui.error(`Refusing to stop: ${p.pid} is owned by a different user.`);
+        return 1;
+    }
     const pid = parseInt(readFileSync(p.pid, "utf8").trim(), 10);
     if (!isAlive(pid)) {
         try {