npm - prism-mcp-server - Versions diffs - 2.3.6 → 2.3.8 - Mend

prism-mcp-server 2.3.6 → 2.3.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -14,13 +14,15 @@
 ---
-## What's New in v2.3.5 — AI Reasoning Engine 🧠
+## What's New in v2.3.8 — LangGraph Research Agent 🔬
 | Feature | Description |
 |---|---|
-| 🕸️ **Neural Graph** | Interactive knowledge graph on the Mind Palace Dashboard — visualize how projects connect through shared keywords and categories using Vis.js force-directed layout. |
-| 🛡️ **Prompt Injection Shield** | Gemini-powered security scan in `session_health_check` — detects system override attempts, jailbreaks, and data exfiltration hidden in agent memory. Tuned to avoid false positives on normal dev commands. |
-| 🧬 **Fact Merger** | Async LLM contradiction resolution on every handoff save — if old context says "Postgres" and new says "MySQL", Gemini silently merges the facts in the background. Zero latency impact (fire-and-forget). |
+| 🤖 **LangGraph Research Agent** | New `examples/langgraph-agent/` — a 5-node agentic research agent (plan→search→analyze→decide→answer→save) with autonomous looping, MCP integration, and persistent memory. |
+| 🧠 **Agentic Memory** | `save_session` node persists research findings to a ledger — the agent doesn't just answer and forget. Routes to Prism's `session_save_ledger` in MCP-connected mode. |
+| 🔌 **MCP Client Bridge** | Raw JSON-RPC 2.0 client (`mcp_client.py`) for Python 3.9+ — dynamically discovers and wraps Prism MCP tools as LangChain `StructuredTool` objects. |
+| 🔧 **Storage Abstraction Fix** | Resource/Prompt handlers now route through `getStorage()` instead of calling Supabase directly — eliminates EOF crashes when reading `memory://` resources. |
+| 🛡️ **Error Boundaries** | Resource handlers catch errors gracefully and return proper MCP error responses (`isError: true`) instead of crashing the server process. |
 <details>
 <summary><strong>What's in v2.2.0</strong></summary>
@@ -251,6 +253,39 @@ Add to your Continue `config.json` or Cline MCP settings:
 ---
+## Claude Code + Gemini Startup Compatibility
+If you want consistent behavior across clients, treat startup in two phases:
+1. **Server availability**: ensure `prism-mcp` is enabled in MCP config so tools are available.
+2. **Context hydration**: explicitly call `session_load_context` at session start.
+Recommended startup call:
+```json
+{
+  "projectName": "<your-project>",
+  "level": "standard"
+}
+```
+Important distinction:
+- Auto-loading `prism-mcp` makes the server available.
+- It does **not** guarantee memory context is auto-hydrated unless your client runtime/hook invokes `session_load_context`.
+Client notes:
+- **Gemini runtimes** may support native startup execution depending on configuration.
+- **Claude Code** should use a local `SessionStart` hook in `~/.claude/settings.json` for deterministic startup context loading.
+Verification pattern (same for both clients):
+- Print a startup marker after successful `session_load_context` (for example, `PRISM_CONTEXT_LOADED`).
+- If the marker is missing, startup hydration did not run.
+---
 ## Use Cases
 | Scenario | How Prism MCP Helps |

package/dist/config.js CHANGED Viewed

@@ -22,7 +22,7 @@
 // multi-tenant Row Level Security (RLS) for production hosting.
 export const SERVER_CONFIG = {
     name: "prism-mcp",
-    version: "2.3.4",
+    version: "2.3.7",
 };
 // ─── Required: Brave Search API Key ───────────────────────────
 export const BRAVE_API_KEY = process.env.BRAVE_API_KEY;

package/dist/dashboard/ui.js CHANGED Viewed

@@ -1,5 +1,5 @@
 /**
- * Mind Palace Dashboard — UI Renderer (v2.3.4)
+ * Mind Palace Dashboard — UI Renderer (v2.3.7)
  *
  * Pure CSS + Vanilla JS single-page dashboard.
  * No build step, no Tailwind, no framework — served as a template literal.
@@ -279,7 +279,7 @@ export function renderDashboardHTML() {
       <div class="logo">
         <span class="logo-icon">🧠</span>
         Prism Mind Palace
-        <span class="version-badge">v2.3.4</span>
+        <span class="version-badge">v2.3.7</span>
       </div>
       <div class="selector">
         <select id="projectSelect">

package/dist/server.js CHANGED Viewed

@@ -61,12 +61,13 @@ SubscribeRequestSchema, UnsubscribeRequestSchema, } from "@modelcontextprotocol/
 import { SERVER_CONFIG, SESSION_MEMORY_ENABLED, PRISM_USER_ID } from "./config.js";
 import { getSyncBus } from "./sync/factory.js";
 import { startDashboardServer } from "./dashboard/server.js";
-// ─── v0.4.0: Supabase API imports for Prompts/Resources handlers ───
-// REVIEWER NOTE: The prompt and resource handlers need direct access
-// to supabaseRpc and supabaseGet to fetch context. In v0.3.0, only
-// the handler files imported from supabaseApi. Now server.ts needs
-// them too for the prompt/resource request handlers.
-import { supabaseRpc, supabaseGet } from "./utils/supabaseApi.js";
+// ─── v2.3.6 FIX: Use Storage Abstraction for Prompts/Resources ───
+// CRITICAL FIX: Previously imported supabaseRpc/supabaseGet directly,
+// which bypassed the storage abstraction layer and caused the server
+// to crash (EOF) when the Supabase REST call failed without a proper
+// error wrapper. Now uses getStorage() which routes through the
+// correct backend (Supabase or SQLite) with proper error handling.
+import { getStorage } from "./storage/index.js";
 // ─── Import Tool Definitions (schemas) and Handlers (implementations) ─────
 import { WEB_SEARCH_TOOL, BRAVE_WEB_SEARCH_CODE_MODE_TOOL, LOCAL_SEARCH_TOOL, BRAVE_LOCAL_SEARCH_CODE_MODE_TOOL, CODE_MODE_TRANSFORM_TOOL, BRAVE_ANSWERS_TOOL, RESEARCH_PAPER_ANALYSIS_TOOL, webSearchHandler, braveWebSearchCodeModeHandler, localSearchHandler, braveLocalSearchCodeModeHandler, codeModeTransformHandler, braveAnswersHandler, researchPaperAnalysisHandler, } from "./tools/index.js";
 // Session memory tools — only used if Supabase is configured
@@ -271,14 +272,10 @@ export function createServer() {
             const project = promptArgs?.project || "default";
             const level = promptArgs?.level || "standard";
             console.error(`[prompt:resume_session] Loading ${level} context for "${project}"`);
-            // Fetch context using the same RPC as session_load_context
-            // v1.5.0: Pass p_user_id for multi-tenant isolation
-            const result = await supabaseRpc("get_session_context", {
-                p_project: project,
-                p_level: level,
-                p_user_id: PRISM_USER_ID,
-            });
-            const data = Array.isArray(result) ? result[0] : result;
+            // v2.3.6 FIX: Use storage abstraction instead of direct supabaseRpc
+            const storage = await getStorage();
+            const result = await storage.loadContext(project, level, PRISM_USER_ID);
+            const data = result;
             // REVIEWER NOTE: We include the version in the prompt text so
             // the LLM knows to pass it back when saving. This is critical
             // for OCC (Enhancement #5) to work even when context is loaded
@@ -343,28 +340,25 @@ export function createServer() {
         }));
         // List concrete resources — one per known project
         server.setRequestHandler(ListResourcesRequestSchema, async () => {
-            // REVIEWER NOTE: We query Supabase for all projects that have
-            // a handoff entry. This gives Claude Desktop a browsable list
-            // of all projects with saved state. The select fields are
-            // minimal to keep the response lightweight.
-            const handoffs = await supabaseGet("session_handoffs", {
-                select: "project,last_summary,updated_at",
-            });
-            return {
-                resources: (Array.isArray(handoffs) ? handoffs : []).map((h) => ({
-                    uri: `memory://${h.project}/handoff`,
-                    name: `${h.project} — Session State`,
-                    description: h.last_summary
-                        ? h.last_summary.substring(0, 200)
-                        : "No summary available",
-                    mimeType: "application/json",
-                })),
-            };
+            // v2.3.6 FIX: Use storage abstraction instead of direct supabaseGet
+            try {
+                const storage = await getStorage();
+                const projects = await storage.listProjects();
+                return {
+                    resources: projects.map((p) => ({
+                        uri: `memory://${p}/handoff`,
+                        name: `${p} — Session State`,
+                        mimeType: "application/json",
+                    })),
+                };
+            }
+            catch (error) {
+                console.error(`[resource:list] Error listing resources: ${error}`);
+                return { resources: [] };
+            }
         });
         // Read a specific project's handoff as a resource
         server.setRequestHandler(ReadResourceRequestSchema, async (request) => {
-            // REVIEWER NOTE: Parse the project name from the URI.
-            // URI format: memory://{project}/handoff
             const uri = request.params.uri;
             const match = uri.match(/^memory:\/\/(.+)\/handoff$/);
             if (!match) {
@@ -372,32 +366,35 @@ export function createServer() {
             }
             const project = decodeURIComponent(match[1]);
             console.error(`[resource:read] Fetching handoff for "${project}"`);
-            // Reuse the same RPC as session_load_context — standard level
-            // gives a good balance of info without being too large.
-            // REVIEWER NOTE: The RPC response includes `version` (added in
-            // migration 019), which the LLM needs for OCC when saving later.
-            // v1.5.0: Pass p_user_id for multi-tenant isolation
-            const result = await supabaseRpc("get_session_context", {
-                p_project: project,
-                p_level: "standard",
-                p_user_id: PRISM_USER_ID,
-            });
-            const data = Array.isArray(result) ? result[0] : result;
-            // REVIEWER NOTE: Inject explicit OCC instructions into the
-            // resource text so the LLM knows to pass version on save.
-            const resourceData = data || { status: "no_session_found", project };
-            if (data?.version) {
-                resourceData._occ_instruction =
-                    `When saving handoff state, you MUST pass expected_version: ${data.version} ` +
-                        `to prevent state collisions with other sessions.`;
+            try {
+                // v2.3.6 FIX: Use storage abstraction instead of direct supabaseRpc
+                const storage = await getStorage();
+                const data = await storage.loadContext(project, "standard", PRISM_USER_ID);
+                const resourceData = data || { status: "no_session_found", project };
+                if (data?.version) {
+                    resourceData._occ_instruction =
+                        `When saving handoff state, you MUST pass expected_version: ${data.version} ` +
+                            `to prevent state collisions with other sessions.`;
+                }
+                return {
+                    contents: [{
+                            uri: uri,
+                            mimeType: "application/json",
+                            text: JSON.stringify(resourceData, null, 2),
+                        }],
+                };
+            }
+            catch (error) {
+                console.error(`[resource:read] Error reading resource ${uri}: ${error}`);
+                return {
+                    isError: true,
+                    contents: [{
+                            uri: uri,
+                            mimeType: "text/plain",
+                            text: `Error reading resource: ${error instanceof Error ? error.message : String(error)}`,
+                        }],
+                };
             }
-            return {
-                contents: [{
-                        uri: uri,
-                        mimeType: "application/json",
-                        text: JSON.stringify(resourceData, null, 2),
-                    }],
-            };
         });
         // ─── Resource Subscriptions: subscribe/unsubscribe ───
         // REVIEWER NOTE: These handlers track which resource URIs the

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "2.3.6",
+  "version": "2.3.8",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — local-first MCP server with persistent memory (SQLite/Supabase), visual dashboard, time travel, multi-agent sync, Morning Briefings, reality drift detection, code mode templates, semantic vector search, and Brave Search + Gemini analysis. Zero-config local mode.",
   "module": "index.ts",