nexo-brain 6.0.4 → 6.0.5

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "6.0.4",
+  "version": "6.0.5",
   "description": "Local cognitive runtime for Claude Code \u2014 persistent memory, overnight learning, doctor diagnostics, personal scripts, recovery-aware jobs, startup preflight, and optional dashboard/power helper.",
   "author": {
     "name": "NEXO Brain",

package/README.md

@@ -18,7 +18,7 @@
 
 [Watch the overview video](https://nexo-brain.com/watch/) · [Watch on YouTube](https://www.youtube.com/watch?v=i2lkGhKyVqI) · [Open the infographic](https://nexo-brain.com/assets/nexo-brain-infographic-v5.png)
 
-Version `6.0.4` is the current packaged-runtime line: `nexo chat` and the dashboard's "Open followup in Terminal" action now honour `preferences.default_resonance`. Pre-v6.0.4 both launchers picked `--model` / `--effort` straight from `config/schedule.json`'s `client_runtime_profiles`, so users who switched their Resonance in NEXO Desktop Preferences (Alto → writes `brain/calibration.json`) kept getting the stale tier cached in the legacy profile — usually `max`. A new `_resolve_interactive_model_and_effort(caller, backend, ...)` helper consults `resonance_map.resolve_model_and_effort` first and falls back to `client_runtime_profiles` only when the resonance contract is missing. `nexo_followup_terminal` joins `nexo_chat` / `desktop_new_session` / `nexo_update_interactive` in `USER_FACING_CALLERS` so the dashboard launcher resolves against the user's preference.
+Version `6.0.5` is the current packaged-runtime line: the strict pre-tool guardrail no longer blocks `Edit`/`Write` with *"unknown target"* when Claude Code's `PreToolUse` payload omits `session_id`. `process_pre_tool_event` now falls back to `$NEXO_HOME/coordination/.claude-session-id` (written by the SessionStart hook) before giving up, so a user who already called `nexo_startup` + `nexo_task_open` + `nexo_guard_check` + `nexo_track` stops seeing the block storm that several Claude Code versions triggered in 6.0.2–6.0.4. Fail-closed semantics are preserved: if neither the payload nor the coordination file yields a session id the guardrail still blocks with `missing_startup`. Release also lands a new `.github/workflows/tests.yml` that runs the full `pytest` suite on every PR — the hook-guardrail regressions that shipped unnoticed in 6.0.2+ would have been caught by CI had this job existed then.
 
 Previously in `6.0.2`: adds the reserved caller prefix `personal/*` so scripts living in `~/.nexo/scripts/` can invoke the automation backend with their own caller id without editing `src/resonance_map.py`. New kwarg `tier` (`"maximo"` / `"alto"` / `"medio"` / `"bajo"`) on `run_automation_prompt`, `run_automation_interactive`, `nexo_helper.run_automation_text`, `nexo_helper.run_automation_json`, and `nexo-agent-run.py --tier`. Precedence for `personal/*` callers: explicit `tier=` → explicit `reasoning_effort=` → `calibration.preferences.default_resonance` → `DEFAULT_RESONANCE` (`alto`). Registered callers keep their behaviour unchanged. New guide: [`docs/personal-scripts-guide.md`](docs/personal-scripts-guide.md).
 

package/bin/nexo-brain.js

@@ -93,10 +93,50 @@ const RESONANCE_TIER_NAMES = ["maximo", "alto", "medio", "bajo"];
 const DEFAULT_RESONANCE_TIER = _RESONANCE_TIERS.default_tier || "alto";
 
 function isEphemeralInstall(nexoHome) {
-  const homeDir = require("os").homedir();
+  const os = require("os");
+  const homeDir = os.homedir();
   const allowEphemeral = process.env.NEXO_ALLOW_EPHEMERAL_INSTALL === "1";
   if (allowEphemeral) return false;
-  return nexoHome.startsWith("/tmp/") || homeDir.startsWith("/tmp/");
+
+  const normalize = (candidate) => {
+    if (!candidate) return "";
+    let resolved = String(candidate);
+    try {
+      resolved = fs.realpathSync.native(resolved);
+    } catch {
+      try {
+        resolved = fs.realpathSync(resolved);
+      } catch {
+        resolved = path.resolve(resolved);
+      }
+    }
+    return resolved.replace(/\\/g, "/").replace(/\/+$/, "");
+  };
+
+  const tempRoots = new Set();
+  for (const root of [os.tmpdir(), "/tmp", "/var/folders", "/private/var/folders"]) {
+    const normalized = normalize(root);
+    if (!normalized) continue;
+    tempRoots.add(normalized);
+    if (normalized === "/tmp") {
+      tempRoots.add("/private/tmp");
+    } else if (normalized === "/private/tmp") {
+      tempRoots.add("/tmp");
+    } else if (normalized.startsWith("/var/")) {
+      tempRoots.add(`/private${normalized}`);
+    } else if (normalized.startsWith("/private/var/")) {
+      tempRoots.add(normalized.replace(/^\/private/, ""));
+    }
+  }
+
+  const isWithin = (candidate, root) => (
+    candidate === root || candidate.startsWith(`${root}/`)
+  );
+
+  return [nexoHome, homeDir]
+    .map(normalize)
+    .filter(Boolean)
+    .some((candidate) => Array.from(tempRoots).some((root) => isWithin(candidate, root)));
 }
 
 const rl = readline.createInterface({
@@ -3325,7 +3365,10 @@ ${doScan ? `- Stack: ${Object.keys(profileData.code.languages || {}).slice(0, 5)
   schedule = await maybeConfigurePublicContribution(schedule, useDefaults);
   schedule = await maybeConfigureFullDiskAccess(schedule, useDefaults, python);
   const enabledOptionals = { dashboard: doDashboard, automation: schedule.automation_enabled !== false };
-  if (isEphemeralInstall(NEXO_HOME)) {
+  const smokeTestMode = process.env.NEXO_TESTING_SMOKE === "1";
+  if (smokeTestMode) {
+    log("Smoke test mode detected — skipping LaunchAgents installation.");
+  } else if (isEphemeralInstall(NEXO_HOME)) {
     log("Ephemeral HOME/NEXO_HOME detected — skipping LaunchAgents installation.");
   } else {
     installAllProcesses(platform, python, NEXO_HOME, schedule, LAUNCH_AGENTS, enabledOptionals);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "6.0.4",
+  "version": "6.0.5",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO Brain \u2014 Shared brain for AI agents. Persistent memory, semantic RAG, natural forgetting, metacognitive guard, trust scoring, 150+ MCP tools. Works with Claude Code, Codex, Claude Desktop & any MCP client. 100% local, free.",
   "homepage": "https://nexo-brain.com",

package/src/auto_update.py

@@ -18,7 +18,18 @@ import time
 from pathlib import Path
 
 from runtime_home import export_resolved_nexo_home, managed_nexo_home
-from tree_hygiene import is_duplicate_artifact_name
+
+try:
+    from tree_hygiene import is_duplicate_artifact_name
+except ModuleNotFoundError as exc:
+    if getattr(exc, "name", "") != "tree_hygiene":
+        raise
+
+    # Older installed runtimes may update into code that references
+    # tree_hygiene.py before that module has been copied over. Fall back
+    # to "no duplicate" so the update can complete and deliver the module.
+    def is_duplicate_artifact_name(_path) -> bool:
+        return False
 
 NEXO_HOME = export_resolved_nexo_home()
 DATA_DIR = NEXO_HOME / "data"

package/src/client_sync.py

@@ -542,9 +542,31 @@ CORE_HOOK_SPECS = [
     },
 ]
 
+# Claude Code can retain legacy managed hooks from older/plugin-style installs
+# or from transient test runtimes. Treat their handler basenames as managed so
+# the next sync prunes them instead of leaving broken duplicates behind.
 LEGACY_CORE_HOOK_IDENTITIES_BY_EVENT = {
+    "SessionStart": {
+        "session_start.py",
+    },
+    "Stop": {
+        "stop.py",
+    },
+    "UserPromptSubmit": {
+        "auto_capture.py",
+    },
     "PostToolUse": {
         "heartbeat-guard.sh",
+        "post_tool_use.py",
+    },
+    "PreCompact": {
+        "pre_compact.py",
+    },
+    "Notification": {
+        "notification.py",
+    },
+    "SubagentStop": {
+        "subagent_stop.py",
     },
 }
 
@@ -599,7 +621,7 @@ def _hook_identity(command: str) -> str:
     text = str(command or "")
     if ".session-start-ts" in text:
         return "session-start-ts"
-    match = re.search(r"([A-Za-z0-9._-]+\.sh)\b", text)
+    match = re.search(r"([A-Za-z0-9._-]+\.(?:sh|py))\b", text)
     if match:
         return match.group(1)
     return text.strip()

package/src/hook_guardrails.py

@@ -429,6 +429,38 @@ def _collect_automation_live_repo_blocks(
     return blocks
 
 
+def _read_claude_session_id_from_coordination() -> str:
+    """Fallback claude_session_id when Claude Code's PreToolUse payload omits it.
+
+    SessionStart hook writes the active Claude Code session UUID to
+    ``<NEXO_HOME>/coordination/.claude-session-id``. When the PreToolUse
+    payload omits ``session_id`` (observed across several Claude Code
+    versions), the pre-tool guardrail would lose correlation with the open
+    NEXO session and block every write with "unknown target" (learning
+    #411). Reading the coordination file restores the correlation without
+    relaxing fail-closed semantics: if the file is missing or empty the
+    caller still blocks.
+    """
+    candidates = []
+    nexo_home = os.environ.get("NEXO_HOME", "").strip()
+    if nexo_home:
+        candidates.append(Path(nexo_home).expanduser() / "coordination" / ".claude-session-id")
+    candidates.append(Path.home() / ".nexo" / "coordination" / ".claude-session-id")
+    seen: set[str] = set()
+    for path in candidates:
+        key = str(path)
+        if key in seen:
+            continue
+        seen.add(key)
+        try:
+            value = path.read_text().strip()
+        except (FileNotFoundError, OSError):
+            continue
+        if value:
+            return value
+    return ""
+
+
 def process_pre_tool_event(payload: dict) -> dict:
     tool_name = str(payload.get("tool_name", "")).strip()
     op = _operation_kind(tool_name)
@@ -439,7 +471,10 @@ def process_pre_tool_event(payload: dict) -> dict:
     files = _extract_touched_files(tool_input)
     strictness = get_protocol_strictness()
     conn = get_db()
-    sid = _resolve_nexo_sid(conn, str(payload.get("session_id", "")))
+    claude_sid = str(payload.get("session_id", "") or "").strip()
+    if not claude_sid:
+        claude_sid = _read_claude_session_id_from_coordination()
+    sid = _resolve_nexo_sid(conn, claude_sid)
     automation_blocks = _collect_automation_live_repo_blocks(
         conn,
         sid=sid,

package/src/plugin_loader.py

@@ -10,7 +10,17 @@ import time
 
 from db import get_db
 from fastmcp.tools import Tool
-from tree_hygiene import is_duplicate_artifact_name
+
+try:
+    from tree_hygiene import is_duplicate_artifact_name
+except ModuleNotFoundError as exc:
+    if getattr(exc, "name", "") != "tree_hygiene":
+        raise
+
+    # Keep older runtimes bootable long enough to receive tree_hygiene.py
+    # during update; duplicate filtering will resume once the module lands.
+    def is_duplicate_artifact_name(_path) -> bool:
+        return False
 
 SERVER_DIR = os.path.dirname(os.path.abspath(__file__))
 PLUGINS_DIR = os.path.join(SERVER_DIR, "plugins")

package/src/plugins/update.py

@@ -11,7 +11,18 @@ import time
 from pathlib import Path
 
 from runtime_home import export_resolved_nexo_home
-from tree_hygiene import is_duplicate_artifact_name
+
+try:
+    from tree_hygiene import is_duplicate_artifact_name
+except ModuleNotFoundError as exc:
+    if getattr(exc, "name", "") != "tree_hygiene":
+        raise
+
+    # Older packaged runtimes may import update.py before tree_hygiene.py
+    # has been copied in. Allow the update to finish so the missing module
+    # can be delivered by the same upgrade.
+    def is_duplicate_artifact_name(_path) -> bool:
+        return False
 
 # db_guard landed in v5.5.5. When plugins/update.py is imported from a runtime
 # that still ships the v5.5.4 tree (e.g. mid-upgrade), the import will fail —

package/src/script_registry.py

@@ -304,6 +304,10 @@ def _is_ignored(path: Path) -> bool:
     """Check if file should be ignored entirely."""
     if path.name in _IGNORED_FILES:
         return True
+    if re.search(r"\.bak(?:-[\w.-]+)?$", path.name, re.IGNORECASE):
+        return True
+    if path.name.endswith("~"):
+        return True
     if path.name.startswith("."):
         return True
     try: