opencode-lcm 0.13.0 → 0.13.2

package/CHANGELOG.md

@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.13.2] - 2026-04-08
+
+### Fixed
+- Republish of 0.13.1 malformed-message hardening through CI with provenance
+
+## [0.13.1] - 2026-04-07
+
+### Fixed
+- Archive transform now removes malformed messages from the outbound message array before returning control to OpenCode, preventing follow-on backend `Bad Request` failures
+- Archive, resume, describe, search indexing, and capture paths now skip malformed `message.info` metadata defensively instead of throwing when required fields are missing
+
 ### Added
 - Opt-in `perf:archive` harness for large-archive regression coverage across transform, grep, snapshot, reopen, resume, and retention paths
 - Separate advisory `Archive Performance` workflow for scheduled/manual perf runs with JSON artifact upload

package/dist/store.d.ts

@@ -248,6 +248,8 @@ export declare class SqliteLcmStore {
     buildCompactionContext(sessionID: string): Promise<string | undefined>;
     transformMessages(messages: ConversationMessage[]): Promise<boolean>;
     systemHint(): string | undefined;
+    private sanitizeSessionMessages;
+    private shouldSkipMalformedCapturedEvent;
     private buildAutomaticRetrievalContext;
     private buildAutomaticRetrievalQuery;
     private buildAutomaticRetrievalQueries;

package/dist/store.js

@@ -147,6 +147,46 @@ function extractTimestamp(event) {
         return properties.time;
     return Date.now();
 }
+function logMalformedMessage(message, context, extra) {
+    getLogger().warn(message, {
+        operation: context.operation,
+        sessionID: context.sessionID,
+        eventType: context.eventType,
+        ...extra,
+    });
+}
+function getValidMessageInfo(info) {
+    const record = asRecord(info);
+    if (!record)
+        return undefined;
+    const time = asRecord(record.time);
+    if (typeof record.id !== 'string' ||
+        typeof record.sessionID !== 'string' ||
+        typeof record.role !== 'string' ||
+        typeof time?.created !== 'number' ||
+        !Number.isFinite(time.created)) {
+        return undefined;
+    }
+    return info;
+}
+function filterValidConversationMessages(messages, context) {
+    const valid = messages.filter((message) => Boolean(getValidMessageInfo(message?.info)));
+    const dropped = messages.length - valid.length;
+    if (dropped > 0 && context) {
+        logMalformedMessage('Skipping malformed conversation messages', context, { dropped });
+    }
+    return valid;
+}
+function isValidMessagePartUpdate(event) {
+    if (event.type !== 'message.part.updated')
+        return false;
+    const part = asRecord(event.properties.part);
+    if (!part)
+        return false;
+    return (typeof part.id === 'string' &&
+        typeof part.messageID === 'string' &&
+        typeof part.sessionID === 'string');
+}
 function normalizeEvent(event) {
     const record = asRecord(event);
     if (!record || typeof record.type !== 'string')
@@ -165,7 +205,15 @@ function getDeferredPartUpdateKey(event) {
     return `${event.properties.part.sessionID}:${event.properties.part.messageID}:${event.properties.part.id}`;
 }
 function compareMessages(a, b) {
-    return a.info.time.created - b.info.time.created;
+    const aInfo = getValidMessageInfo(a.info);
+    const bInfo = getValidMessageInfo(b.info);
+    if (!aInfo && !bInfo)
+        return 0;
+    if (!aInfo)
+        return 1;
+    if (!bInfo)
+        return -1;
+    return aInfo.time.created - bInfo.time.created || aInfo.id.localeCompare(bInfo.id);
 }
 function emptySession(sessionID) {
     return {
@@ -323,7 +371,7 @@ function listFiles(message) {
 function makeSessionTitle(session) {
     if (session.title)
         return session.title;
-    const firstUser = session.messages.find((message) => message.info.role === 'user');
+    const firstUser = session.messages.find((message) => getValidMessageInfo(message.info)?.role === 'user');
     if (!firstUser)
         return undefined;
     return truncate(guessMessageText(firstUser, []), 80);
@@ -910,6 +958,8 @@ export class SqliteLcmStore {
             const normalized = normalizeEvent(event);
             if (!normalized)
                 return;
+            if (this.shouldSkipMalformedCapturedEvent(normalized))
+                return;
             const shouldRecord = this.shouldRecordEvent(normalized.type);
             const shouldPersistSession = Boolean(normalized.sessionID) && this.shouldPersistSessionForEvent(normalized.type);
             if (!shouldRecord && !shouldPersistSession)
@@ -1346,8 +1396,9 @@ export class SqliteLcmStore {
         }
     }
     syncDerivedSessionStateSync(session, preserveExistingResume = false) {
-        const roots = this.ensureSummaryGraphSync(session.sessionID, this.getArchivedMessages(session.messages));
-        this.writeResumeSync(session, roots, preserveExistingResume);
+        const sanitizedSession = this.sanitizeSessionMessages(session, 'syncDerivedSessionStateSync');
+        const roots = this.ensureSummaryGraphSync(sanitizedSession.sessionID, this.getArchivedMessages(sanitizedSession.messages));
+        this.writeResumeSync(sanitizedSession, roots, preserveExistingResume);
         return roots;
     }
     syncDerivedLineageSubtreeSync(sessionID, preserveExistingResume = false) {
@@ -2239,6 +2290,12 @@ export class SqliteLcmStore {
     }
     async transformMessages(messages) {
         return this.withStoreActivity(async () => {
+            const validMessages = filterValidConversationMessages(messages, {
+                operation: 'transformMessages',
+            });
+            if (validMessages.length !== messages.length) {
+                messages.splice(0, messages.length, ...validMessages);
+            }
             if (messages.length < this.options.minMessagesForTransform)
                 return false;
             const window = resolveArchiveTransformWindow(messages, this.options.freshTailMessages);
@@ -2290,6 +2347,40 @@ export class SqliteLcmStore {
             'Keep ctx_* usage selective and treat those calls as infrastructure, not task intent.',
         ].join(' ');
     }
+    sanitizeSessionMessages(session, operation) {
+        const messages = filterValidConversationMessages(session.messages, {
+            operation,
+            sessionID: session.sessionID,
+        });
+        return messages.length === session.messages.length ? session : { ...session, messages };
+    }
+    shouldSkipMalformedCapturedEvent(event) {
+        const payload = event.payload;
+        switch (payload.type) {
+            case 'message.updated': {
+                if (getValidMessageInfo(payload.properties.info))
+                    return false;
+                logMalformedMessage('Skipping malformed message.updated event', {
+                    operation: 'capture',
+                    sessionID: event.sessionID,
+                    eventType: payload.type,
+                });
+                return true;
+            }
+            case 'message.part.updated': {
+                if (isValidMessagePartUpdate(payload))
+                    return false;
+                logMalformedMessage('Skipping malformed message.part.updated event', {
+                    operation: 'capture',
+                    sessionID: event.sessionID,
+                    eventType: payload.type,
+                });
+                return true;
+            }
+            default:
+                return false;
+        }
+    }
     async buildAutomaticRetrievalContext(sessionID, recent, anchor) {
         if (!this.options.automaticRetrieval.enabled)
             return undefined;
@@ -3096,9 +3187,17 @@ export class SqliteLcmStore {
         return searchByScanModule(this.searchDeps(), query, sessionIDs, limit);
     }
     replaceMessageSearchRowsSync(session) {
-        replaceMessageSearchRowsModule(this.searchDeps(), redactStructuredValue(session, this.privacy));
+        const sanitizedSession = this.sanitizeSessionMessages(session, 'replaceMessageSearchRowsSync');
+        replaceMessageSearchRowsModule(this.searchDeps(), redactStructuredValue(sanitizedSession, this.privacy));
     }
     replaceMessageSearchRowSync(sessionID, message) {
+        if (!getValidMessageInfo(message.info)) {
+            logMalformedMessage('Skipping malformed message search row', {
+                operation: 'replaceMessageSearchRowSync',
+                sessionID,
+            });
+            return;
+        }
         replaceMessageSearchRowModule(this.searchDeps(), sessionID, redactStructuredValue(message, this.privacy));
     }
     refreshSearchIndexesSync(sessionIDs) {
@@ -3471,7 +3570,10 @@ export class SqliteLcmStore {
         // Build NormalizedSession results
         return sessionIDs.map((sessionID) => {
             const row = sessionMap.get(sessionID);
-            const messages = messagesBySession.get(sessionID) ?? [];
+            const messages = filterValidConversationMessages(messagesBySession.get(sessionID) ?? [], {
+                operation: 'readSessionsBatchSync',
+                sessionID,
+            });
             if (!row) {
                 return { ...emptySession(sessionID), messages };
             }
@@ -3502,10 +3604,10 @@ export class SqliteLcmStore {
             parts.push(part);
             partsByMessage.set(partRow.message_id, parts);
         }
-        const messages = messageRows.map((messageRow) => ({
+        const messages = filterValidConversationMessages(messageRows.map((messageRow) => ({
             info: parseJson(messageRow.info_json),
             parts: partsByMessage.get(messageRow.message_id) ?? [],
-        }));
+        })), { operation: 'readSessionSync', sessionID });
         if (!row) {
             return { ...emptySession(sessionID), messages };
         }
@@ -3580,8 +3682,16 @@ export class SqliteLcmStore {
         const parts = db
             .prepare('SELECT * FROM parts WHERE session_id = ? AND message_id = ? ORDER BY sort_key ASC, part_id ASC')
             .all(sessionID, messageID);
+        const info = parseJson(row.info_json);
+        if (!getValidMessageInfo(info)) {
+            logMalformedMessage('Skipping malformed stored message', {
+                operation: 'readMessageSync',
+                sessionID,
+            }, { messageID });
+            return undefined;
+        }
         return {
-            info: parseJson(row.info_json),
+            info,
             parts: parts.map((partRow) => {
                 const part = parseJson(partRow.part_json);
                 hydratePartFromArtifacts(part, artifactsByPart.get(part.id) ?? []);
@@ -3695,7 +3805,15 @@ export class SqliteLcmStore {
          event_count = excluded.event_count`).run(session.sessionID, title ?? null, directory ?? null, worktreeKey ?? null, session.parentSessionID ?? null, session.rootSessionID ?? session.sessionID, session.lineageDepth ?? 0, session.pinned ? 1 : 0, pinReason ?? null, session.updatedAt, session.compactedAt ?? null, session.deleted ? 1 : 0, session.eventCount);
     }
     upsertMessageInfoSync(sessionID, message) {
-        const info = redactStructuredValue(message.info, this.privacy);
+        const validated = getValidMessageInfo(message.info);
+        if (!validated) {
+            logMalformedMessage('Skipping malformed message metadata', {
+                operation: 'upsertMessageInfoSync',
+                sessionID,
+            });
+            return;
+        }
+        const info = redactStructuredValue(validated, this.privacy);
         this.getDb()
             .prepare(`INSERT INTO messages (message_id, session_id, created_at, info_json)
          VALUES (?, ?, ?, ?)
@@ -3726,7 +3844,7 @@ export class SqliteLcmStore {
         return buildArtifactSearchContentModule(artifact);
     }
     async externalizeSession(session) {
-        return externalizeSessionModule(this.artifactDeps(), session);
+        return externalizeSessionModule(this.artifactDeps(), this.sanitizeSessionMessages(session, 'externalizeSession'));
     }
     writeEvent(event) {
         const payloadStub = event.type.startsWith('message.') || event.type.startsWith('session.')

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-lcm",
-  "version": "0.13.0",
+  "version": "0.13.2",
   "description": "Long-memory plugin for OpenCode with context-mode interop",
   "type": "module",
   "main": "./dist/index.js",

package/src/store.ts

@@ -338,6 +338,66 @@ function extractTimestamp(event: unknown): number {
   return Date.now();
 }
 
+type MessageValidationContext = {
+  operation: string;
+  sessionID?: string;
+  eventType?: string;
+};
+
+function logMalformedMessage(
+  message: string,
+  context: MessageValidationContext,
+  extra?: Record<string, unknown>,
+): void {
+  getLogger().warn(message, {
+    operation: context.operation,
+    sessionID: context.sessionID,
+    eventType: context.eventType,
+    ...extra,
+  });
+}
+
+function getValidMessageInfo(info: unknown): Message | undefined {
+  const record = asRecord(info);
+  if (!record) return undefined;
+
+  const time = asRecord(record.time);
+  if (
+    typeof record.id !== 'string' ||
+    typeof record.sessionID !== 'string' ||
+    typeof record.role !== 'string' ||
+    typeof time?.created !== 'number' ||
+    !Number.isFinite(time.created)
+  ) {
+    return undefined;
+  }
+
+  return info as Message;
+}
+
+function filterValidConversationMessages(
+  messages: ConversationMessage[],
+  context?: MessageValidationContext,
+): ConversationMessage[] {
+  const valid = messages.filter((message) => Boolean(getValidMessageInfo(message?.info)));
+  const dropped = messages.length - valid.length;
+  if (dropped > 0 && context) {
+    logMalformedMessage('Skipping malformed conversation messages', context, { dropped });
+  }
+  return valid;
+}
+
+function isValidMessagePartUpdate(event: Event): boolean {
+  if (event.type !== 'message.part.updated') return false;
+  const part = asRecord(event.properties.part);
+  if (!part) return false;
+  return (
+    typeof part.id === 'string' &&
+    typeof part.messageID === 'string' &&
+    typeof part.sessionID === 'string'
+  );
+}
+
 function normalizeEvent(event: unknown): CapturedEvent | null {
   const record = asRecord(event);
   if (!record || typeof record.type !== 'string') return null;
@@ -357,7 +417,13 @@ function getDeferredPartUpdateKey(event: Event): string | undefined {
 }
 
 function compareMessages(a: ConversationMessage, b: ConversationMessage): number {
-  return a.info.time.created - b.info.time.created;
+  const aInfo = getValidMessageInfo(a.info);
+  const bInfo = getValidMessageInfo(b.info);
+  if (!aInfo && !bInfo) return 0;
+  if (!aInfo) return 1;
+  if (!bInfo) return -1;
+
+  return aInfo.time.created - bInfo.time.created || aInfo.id.localeCompare(bInfo.id);
 }
 
 function emptySession(sessionID: string): NormalizedSession {
@@ -513,7 +579,9 @@ function listFiles(message: ConversationMessage): string[] {
 function makeSessionTitle(session: NormalizedSession): string | undefined {
   if (session.title) return session.title;
 
-  const firstUser = session.messages.find((message) => message.info.role === 'user');
+  const firstUser = session.messages.find(
+    (message) => getValidMessageInfo(message.info)?.role === 'user',
+  );
   if (!firstUser) return undefined;
 
   return truncate(guessMessageText(firstUser, []), 80);
@@ -1198,6 +1266,8 @@ export class SqliteLcmStore {
       const normalized = normalizeEvent(event);
       if (!normalized) return;
 
+      if (this.shouldSkipMalformedCapturedEvent(normalized)) return;
+
       const shouldRecord = this.shouldRecordEvent(normalized.type);
       const shouldPersistSession =
         Boolean(normalized.sessionID) && this.shouldPersistSessionForEvent(normalized.type);
@@ -1832,11 +1902,12 @@ export class SqliteLcmStore {
     session: NormalizedSession,
     preserveExistingResume = false,
   ): SummaryNodeData[] {
+    const sanitizedSession = this.sanitizeSessionMessages(session, 'syncDerivedSessionStateSync');
     const roots = this.ensureSummaryGraphSync(
-      session.sessionID,
-      this.getArchivedMessages(session.messages),
+      sanitizedSession.sessionID,
+      this.getArchivedMessages(sanitizedSession.messages),
     );
-    this.writeResumeSync(session, roots, preserveExistingResume);
+    this.writeResumeSync(sanitizedSession, roots, preserveExistingResume);
     return roots;
   }
 
@@ -2989,6 +3060,12 @@ export class SqliteLcmStore {
 
   async transformMessages(messages: ConversationMessage[]): Promise<boolean> {
     return this.withStoreActivity(async () => {
+      const validMessages = filterValidConversationMessages(messages, {
+        operation: 'transformMessages',
+      });
+      if (validMessages.length !== messages.length) {
+        messages.splice(0, messages.length, ...validMessages);
+      }
       if (messages.length < this.options.minMessagesForTransform) return false;
 
       const window = resolveArchiveTransformWindow(messages, this.options.freshTailMessages);
@@ -3055,6 +3132,44 @@ export class SqliteLcmStore {
     ].join(' ');
   }
 
+  private sanitizeSessionMessages(
+    session: NormalizedSession,
+    operation: string,
+  ): NormalizedSession {
+    const messages = filterValidConversationMessages(session.messages, {
+      operation,
+      sessionID: session.sessionID,
+    });
+    return messages.length === session.messages.length ? session : { ...session, messages };
+  }
+
+  private shouldSkipMalformedCapturedEvent(event: CapturedEvent): boolean {
+    const payload = event.payload as Event;
+
+    switch (payload.type) {
+      case 'message.updated': {
+        if (getValidMessageInfo(payload.properties.info)) return false;
+        logMalformedMessage('Skipping malformed message.updated event', {
+          operation: 'capture',
+          sessionID: event.sessionID,
+          eventType: payload.type,
+        });
+        return true;
+      }
+      case 'message.part.updated': {
+        if (isValidMessagePartUpdate(payload)) return false;
+        logMalformedMessage('Skipping malformed message.part.updated event', {
+          operation: 'capture',
+          sessionID: event.sessionID,
+          eventType: payload.type,
+        });
+        return true;
+      }
+      default:
+        return false;
+    }
+  }
+
   private async buildAutomaticRetrievalContext(
     sessionID: string,
     recent: ConversationMessage[],
@@ -4184,10 +4299,22 @@ export class SqliteLcmStore {
   }
 
   private replaceMessageSearchRowsSync(session: NormalizedSession): void {
-    replaceMessageSearchRowsModule(this.searchDeps(), redactStructuredValue(session, this.privacy));
+    const sanitizedSession = this.sanitizeSessionMessages(session, 'replaceMessageSearchRowsSync');
+    replaceMessageSearchRowsModule(
+      this.searchDeps(),
+      redactStructuredValue(sanitizedSession, this.privacy),
+    );
   }
 
   private replaceMessageSearchRowSync(sessionID: string, message: ConversationMessage): void {
+    if (!getValidMessageInfo(message.info)) {
+      logMalformedMessage('Skipping malformed message search row', {
+        operation: 'replaceMessageSearchRowSync',
+        sessionID,
+      });
+      return;
+    }
+
     replaceMessageSearchRowModule(
       this.searchDeps(),
       sessionID,
@@ -4651,7 +4778,10 @@ export class SqliteLcmStore {
     // Build NormalizedSession results
     return sessionIDs.map((sessionID) => {
       const row = sessionMap.get(sessionID);
-      const messages = messagesBySession.get(sessionID) ?? [];
+      const messages = filterValidConversationMessages(messagesBySession.get(sessionID) ?? [], {
+        operation: 'readSessionsBatchSync',
+        sessionID,
+      });
       if (!row) {
         return { ...emptySession(sessionID), messages };
       }
@@ -4693,10 +4823,13 @@ export class SqliteLcmStore {
       partsByMessage.set(partRow.message_id, parts);
     }
 
-    const messages = messageRows.map((messageRow) => ({
-      info: parseJson<Message>(messageRow.info_json),
-      parts: partsByMessage.get(messageRow.message_id) ?? [],
-    }));
+    const messages = filterValidConversationMessages(
+      messageRows.map((messageRow) => ({
+        info: parseJson<Message>(messageRow.info_json),
+        parts: partsByMessage.get(messageRow.message_id) ?? [],
+      })),
+      { operation: 'readSessionSync', sessionID },
+    );
 
     if (!row) {
       return { ...emptySession(sessionID), messages };
@@ -4789,8 +4922,21 @@ export class SqliteLcmStore {
       )
       .all(sessionID, messageID) as PartRow[];
 
+    const info = parseJson<Message>(row.info_json);
+    if (!getValidMessageInfo(info)) {
+      logMalformedMessage(
+        'Skipping malformed stored message',
+        {
+          operation: 'readMessageSync',
+          sessionID,
+        },
+        { messageID },
+      );
+      return undefined;
+    }
+
     return {
-      info: parseJson<Message>(row.info_json),
+      info,
       parts: parts.map((partRow) => {
         const part = parseJson<Part>(partRow.part_json);
         hydratePartFromArtifacts(part, artifactsByPart.get(part.id) ?? []);
@@ -4952,7 +5098,16 @@ export class SqliteLcmStore {
   }
 
   private upsertMessageInfoSync(sessionID: string, message: ConversationMessage): void {
-    const info = redactStructuredValue(message.info, this.privacy);
+    const validated = getValidMessageInfo(message.info);
+    if (!validated) {
+      logMalformedMessage('Skipping malformed message metadata', {
+        operation: 'upsertMessageInfoSync',
+        sessionID,
+      });
+      return;
+    }
+
+    const info = redactStructuredValue(validated, this.privacy);
     this.getDb()
       .prepare(
         `INSERT INTO messages (message_id, session_id, created_at, info_json)
@@ -5004,7 +5159,10 @@ export class SqliteLcmStore {
   }
 
   private async externalizeSession(session: NormalizedSession): Promise<ExternalizedSession> {
-    return externalizeSessionModule(this.artifactDeps(), session);
+    return externalizeSessionModule(
+      this.artifactDeps(),
+      this.sanitizeSessionMessages(session, 'externalizeSession'),
+    );
   }
 
   private writeEvent(event: CapturedEvent): void {