prism-mcp-server 4.0.0 → 4.3.0

package/dist/storage/supabase.js

@@ -15,10 +15,18 @@
 import { supabasePost, supabaseGet, supabaseRpc, supabasePatch, supabaseDelete, } from "../utils/supabaseApi.js";
 import { debugLog } from "../utils/logger.js";
 import { getSetting as cfgGet, setSetting as cfgSet, getAllSettings as cfgGetAll } from "./configStorage.js";
+import { runAutoMigrations } from "./supabaseMigrations.js";
 export class SupabaseStorage {
     // ─── Lifecycle ─────────────────────────────────────────────
     async initialize() {
         debugLog("[SupabaseStorage] Initialized (REST API, stateless)");
+        // Auto-apply pending schema migrations (non-fatal)
+        try {
+            await runAutoMigrations();
+        }
+        catch (err) {
+            console.error("[SupabaseStorage] Auto-migration failed. Server will continue, but some tools may be unstable.", err instanceof Error ? err.message : err);
+        }
     }
     async close() {
         debugLog("[SupabaseStorage] Closed (no-op for REST)");
@@ -375,4 +383,29 @@ export class SupabaseStorage {
             debugLog("[SupabaseStorage] adjustImportance failed: " + (e instanceof Error ? e.message : String(e)));
         }
     }
+    // ─── v4.2: Graduated Insights Query ──────────────────────────
+    async getGraduatedInsights(project, userId, minImportance = 7) {
+        const data = await supabaseGet("session_ledger", {
+            project: `eq.${project}`,
+            user_id: `eq.${userId}`,
+            importance: `gte.${minImportance}`,
+            deleted_at: "is.null",
+            archived_at: "is.null",
+            select: "id,project,user_id,role,summary,importance,event_type,decisions,created_at",
+            order: "importance.desc,created_at.desc",
+        });
+        const rows = Array.isArray(data) ? data : [];
+        return rows.map((r) => ({
+            id: r.id,
+            project: r.project,
+            user_id: r.user_id,
+            role: r.role || "global",
+            summary: r.summary,
+            importance: r.importance || 0,
+            event_type: r.event_type || "session",
+            decisions: Array.isArray(r.decisions) ? r.decisions : [],
+            created_at: r.created_at,
+            conversation_id: "",
+        }));
+    }
 }

package/dist/storage/supabaseMigrations.js

@@ -0,0 +1,110 @@
+/**
+ * Supabase Auto-Migration Runner (v4.1)
+ *
+ * On server startup, this module checks the `prism_schema_versions` table
+ * and applies any pending DDL migrations via the `prism_apply_ddl` RPC.
+ *
+ * ═══════════════════════════════════════════════════════════════════
+ * HOW IT WORKS:
+ *   1. For each migration in MIGRATIONS[], call prism_apply_ddl(version, name, sql)
+ *   2. The Postgres function checks if the version is already applied (idempotent)
+ *   3. If not applied, it EXECUTE's the SQL and records the version
+ *
+ * GRACEFUL DEGRADATION:
+ *   If prism_apply_ddl doesn't exist (PGRST202), the runner logs a
+ *   warning and skips — the server still starts, but v4+ tools may
+ *   fail against an old schema.
+ *
+ * SECURITY NOTE:
+ *   prism_apply_ddl is SECURITY DEFINER (runs as postgres owner).
+ *   The prism_schema_versions table has RLS: only service_role can write.
+ * ═══════════════════════════════════════════════════════════════════
+ */
+import { supabaseRpc } from "../utils/supabaseApi.js";
+/**
+ * All Supabase DDL migrations.
+ *
+ * IMPORTANT: Only add migrations for schema changes that Supabase
+ * users need. SQLite handles its own schema in sqlite.ts.
+ *
+ * Each `sql` string is passed to Postgres EXECUTE — it runs as a
+ * single transaction. Use IF NOT EXISTS / IF EXISTS guards generously.
+ */
+export const MIGRATIONS = [
+    {
+        version: 26,
+        name: "active_behavioral_memory",
+        sql: `
+      -- v4.0: Active Behavioral Memory columns
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS event_type TEXT NOT NULL DEFAULT 'session';
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS confidence_score INTEGER DEFAULT NULL;
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS importance INTEGER NOT NULL DEFAULT 0;
+
+      -- Soft-delete / archival columns
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS deleted_at TIMESTAMPTZ DEFAULT NULL;
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS archived_at TIMESTAMPTZ DEFAULT NULL;
+      ALTER TABLE session_ledger ADD COLUMN IF NOT EXISTS deleted_reason TEXT DEFAULT NULL;
+
+      -- Indexes
+      CREATE INDEX IF NOT EXISTS idx_ledger_event_type ON session_ledger(event_type);
+      CREATE INDEX IF NOT EXISTS idx_ledger_importance ON session_ledger(importance DESC);
+
+      -- Partial index for high-priority warnings
+      CREATE INDEX IF NOT EXISTS idx_ledger_behavioral_warnings
+        ON session_ledger(project, user_id, role, importance DESC)
+        WHERE event_type = 'correction' AND importance >= 3
+          AND deleted_at IS NULL AND archived_at IS NULL;
+    `,
+    },
+    // Future migrations go here (version 28+)
+];
+/**
+ * Current schema version — derived from the MIGRATIONS array.
+ * Automatically updates when new migrations are added.
+ * Used for logging and diagnostics.
+ */
+export const CURRENT_SCHEMA_VERSION = MIGRATIONS.length > 0 ? MIGRATIONS[MIGRATIONS.length - 1].version : 27;
+// ─── Runner ──────────────────────────────────────────────────────
+/**
+ * Run all pending auto-migrations on Supabase startup.
+ *
+ * Called from SupabaseStorage.initialize(). Non-fatal: if the
+ * migration infrastructure (027) hasn't been applied, the runner
+ * logs a warning and returns silently.
+ */
+export async function runAutoMigrations() {
+    if (MIGRATIONS.length === 0) {
+        return; // Nothing to apply
+    }
+    console.error(`[Prism Auto-Migration] Schema v${CURRENT_SCHEMA_VERSION} — checking ${MIGRATIONS.length} migration(s)…`);
+    for (const migration of MIGRATIONS) {
+        try {
+            const result = await supabaseRpc("prism_apply_ddl", {
+                p_version: migration.version,
+                p_name: migration.name,
+                p_sql: migration.sql,
+            });
+            // Parse the JSON result from the RPC
+            const data = (typeof result === "string" ? JSON.parse(result) : result);
+            if (data?.status === "applied") {
+                console.error(`[Prism Auto-Migration] ✅ Applied migration ${migration.version}: ${migration.name}`);
+            }
+            else if (data?.status === "already_applied") {
+                // Silent skip — expected for idempotent restarts
+            }
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            // PGRST202 = function not found → migration infra (027) not applied yet
+            if (errMsg.includes("PGRST202") || errMsg.includes("Could not find the function")) {
+                console.error("[Prism Auto-Migration] ⚠️  prism_apply_ddl() not found. " +
+                    "Apply migration 027_auto_migration_infra.sql to enable auto-migrations.\n" +
+                    "  Run: supabase db push  (or apply the SQL in the Supabase Dashboard SQL Editor)");
+                return; // Stop — no point trying further migrations
+            }
+            // Any other error: log and throw to surface the problem
+            console.error(`[Prism Auto-Migration] ❌ Migration ${migration.version} (${migration.name}) failed: ${errMsg}`);
+            throw err;
+        }
+    }
+}

package/dist/tools/index.js

@@ -26,8 +26,8 @@ export { webSearchHandler, braveWebSearchCodeModeHandler, localSearchHandler, br
 // This file always exports them — server.ts decides whether to include them in the tool list.
 //
 // v0.4.0: Added SESSION_COMPACT_LEDGER_TOOL and SESSION_SEARCH_MEMORY_TOOL
-export { SESSION_SAVE_LEDGER_TOOL, SESSION_SAVE_HANDOFF_TOOL, SESSION_LOAD_CONTEXT_TOOL, KNOWLEDGE_SEARCH_TOOL, KNOWLEDGE_FORGET_TOOL, SESSION_COMPACT_LEDGER_TOOL, SESSION_SEARCH_MEMORY_TOOL, MEMORY_HISTORY_TOOL, MEMORY_CHECKOUT_TOOL, SESSION_SAVE_IMAGE_TOOL, SESSION_VIEW_IMAGE_TOOL, SESSION_HEALTH_CHECK_TOOL, SESSION_FORGET_MEMORY_TOOL, KNOWLEDGE_SET_RETENTION_TOOL, SESSION_SAVE_EXPERIENCE_TOOL, KNOWLEDGE_UPVOTE_TOOL, KNOWLEDGE_DOWNVOTE_TOOL } from "./sessionMemoryDefinitions.js";
-export { sessionSaveLedgerHandler, sessionSaveHandoffHandler, sessionLoadContextHandler, knowledgeSearchHandler, knowledgeForgetHandler, sessionSearchMemoryHandler, backfillEmbeddingsHandler, memoryHistoryHandler, memoryCheckoutHandler, sessionSaveImageHandler, sessionViewImageHandler, sessionHealthCheckHandler, sessionForgetMemoryHandler, knowledgeSetRetentionHandler, sessionSaveExperienceHandler, knowledgeUpvoteHandler, knowledgeDownvoteHandler } from "./sessionMemoryHandlers.js";
+export { SESSION_SAVE_LEDGER_TOOL, SESSION_SAVE_HANDOFF_TOOL, SESSION_LOAD_CONTEXT_TOOL, KNOWLEDGE_SEARCH_TOOL, KNOWLEDGE_FORGET_TOOL, SESSION_COMPACT_LEDGER_TOOL, SESSION_SEARCH_MEMORY_TOOL, MEMORY_HISTORY_TOOL, MEMORY_CHECKOUT_TOOL, SESSION_SAVE_IMAGE_TOOL, SESSION_VIEW_IMAGE_TOOL, SESSION_HEALTH_CHECK_TOOL, SESSION_FORGET_MEMORY_TOOL, KNOWLEDGE_SET_RETENTION_TOOL, SESSION_SAVE_EXPERIENCE_TOOL, KNOWLEDGE_UPVOTE_TOOL, KNOWLEDGE_DOWNVOTE_TOOL, KNOWLEDGE_SYNC_RULES_TOOL } from "./sessionMemoryDefinitions.js";
+export { sessionSaveLedgerHandler, sessionSaveHandoffHandler, sessionLoadContextHandler, knowledgeSearchHandler, knowledgeForgetHandler, sessionSearchMemoryHandler, backfillEmbeddingsHandler, memoryHistoryHandler, memoryCheckoutHandler, sessionSaveImageHandler, sessionViewImageHandler, sessionHealthCheckHandler, sessionForgetMemoryHandler, knowledgeSetRetentionHandler, sessionSaveExperienceHandler, knowledgeUpvoteHandler, knowledgeDownvoteHandler, knowledgeSyncRulesHandler } from "./sessionMemoryHandlers.js";
 // ── Compaction Handler (v0.4.0 — Enhancement #2) ──
 // The compaction handler is in a separate file because it's significantly
 // more complex than the other session memory handlers (chunked Gemini

package/dist/tools/sessionMemoryDefinitions.js

@@ -743,3 +743,43 @@ export function isKnowledgeVoteArgs(args) {
         "id" in args &&
         typeof args.id === "string");
 }
+// ─── v4.2: Knowledge Sync Rules Tool ─────────────────────────
+export const KNOWLEDGE_SYNC_RULES_TOOL = {
+    name: "knowledge_sync_rules",
+    description: "Auto-sync graduated insights (importance >= 7) into your project's IDE rules file " +
+        "(.cursorrules or .clauderules). This bridges behavioral memory with static IDE context — " +
+        "turning dynamic agent learnings into always-on rules.\n\n" +
+        "**How it works:**\n" +
+        "1. Fetches graduated insights from the ledger\n" +
+        "2. Formats them as markdown rules inside sentinel markers\n" +
+        "3. Idempotently writes them into the target file at the project's configured repo_path\n\n" +
+        "**Requirements:** The project must have a repo_path configured in the dashboard.\n\n" +
+        "**Idempotency:** Uses `<!-- PRISM:AUTO-RULES:START -->` / `<!-- PRISM:AUTO-RULES:END -->` " +
+        "sentinel markers. Running this tool multiple times produces the same file. " +
+        "User-maintained content outside the sentinels is never touched.",
+    inputSchema: {
+        type: "object",
+        properties: {
+            project: {
+                type: "string",
+                description: "Project identifier. Must have a repo_path configured in the dashboard.",
+            },
+            target_file: {
+                type: "string",
+                description: "Target rules filename (default: '.cursorrules'). " +
+                    "Common values: '.cursorrules', '.clauderules'.",
+            },
+            dry_run: {
+                type: "boolean",
+                description: "If true, returns a preview of the rules block without writing to disk. Default: false.",
+            },
+        },
+        required: ["project"],
+    },
+};
+export function isKnowledgeSyncRulesArgs(args) {
+    return (typeof args === "object" &&
+        args !== null &&
+        "project" in args &&
+        typeof args.project === "string");
+}

package/dist/tools/sessionMemoryHandlers.js

@@ -34,7 +34,13 @@ import { isSessionSaveLedgerArgs, isSessionSaveHandoffArgs, isSessionLoadContext
 isSessionForgetMemoryArgs, // Phase 2: GDPR-compliant memory deletion type guard
 isKnowledgeSetRetentionArgs, // v3.1: TTL retention policy type guard
 // v4.0: Active Behavioral Memory type guards
-isSessionSaveExperienceArgs, isKnowledgeVoteArgs, } from "./sessionMemoryDefinitions.js";
+isSessionSaveExperienceArgs, isKnowledgeVoteArgs, 
+// v4.2: Sync Rules type guard
+isKnowledgeSyncRulesArgs, } from "./sessionMemoryDefinitions.js";
+// v4.2: File system access for knowledge_sync_rules
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { existsSync } from "node:fs";
+import { join, dirname } from "node:path";
 // v3.1: In-memory debounce lock for auto-compaction.
 // Prevents multiple concurrent Gemini compaction tasks for the same project
 // when many agents call session_save_ledger at the same time.
@@ -55,6 +61,23 @@ export async function sessionSaveLedgerHandler(args) {
     }
     const { project, conversation_id, summary, todos, files_changed, decisions, role } = args;
     const storage = await getStorage();
+    // ─── Repo path mismatch validation (v4.2) ───
+    let repoPathWarning = "";
+    if (files_changed && files_changed.length > 0) {
+        try {
+            const configuredPath = await getSetting(`repo_path:${project}`, "");
+            if (configuredPath && configuredPath.trim()) {
+                const normalizedPath = configuredPath.trim().replace(/\\/g, "/").replace(/\/+$/, ""); // normalize + strip trailing slash
+                const mismatched = files_changed.filter((f) => !f.replace(/\\/g, "/").startsWith(normalizedPath));
+                if (mismatched.length === files_changed.length) {
+                    repoPathWarning = `\n\n⚠️ Project mismatch: none of the files_changed paths match repo_path "${normalizedPath}" ` +
+                        `configured for project "${project}". Consider saving under the correct project.`;
+                    debugLog(`[session_save_ledger] Repo path mismatch for "${project}": expected prefix "${normalizedPath}"`);
+                }
+            }
+        }
+        catch { /* getSetting non-fatal */ }
+    }
     debugLog(`[session_save_ledger] Saving ledger entry for project="${project}"`);
     // Auto-extract keywords from summary + decisions for knowledge accumulation
     const combinedText = [summary, ...(decisions || [])].join(" ");
@@ -130,6 +153,7 @@ export async function sessionSaveLedgerHandler(args) {
                     (files_changed?.length ? `Files changed: ${files_changed.length}\n` : "") +
                     (decisions?.length ? `Decisions: ${decisions.length}\n` : "") +
                     (GOOGLE_API_KEY ? `📊 Embedding generation queued for semantic search.\n` : "") +
+                    repoPathWarning +
                     `\nRaw response: ${JSON.stringify(result)}`,
             }],
         isError: false,
@@ -360,7 +384,8 @@ export async function sessionLoadContextHandler(args) {
         throw new Error("Invalid arguments for session_load_context");
     }
     const { project, level = "standard", role } = args;
-    const maxTokens = args.max_tokens; // v4.0
+    const maxTokens = args.max_tokens
+        || parseInt(await getSetting("max_tokens", "0"), 10) || undefined; // v4.0: arg > dashboard setting > none
     const agentName = await getSetting("agent_name", "");
     const validLevels = ["quick", "standard", "deep"];
     if (!validLevels.includes(level)) {
@@ -1684,3 +1709,127 @@ export async function knowledgeDownvoteHandler(args) {
         isError: false,
     };
 }
+// ─── v4.2: Knowledge Sync Rules Handler ─────────────────────
+//
+// "The Bridge" — bridges v4.0 Behavioral Memory with v4.2 Repo
+// Registry. Extracts graduated insights (importance >= 7) from
+// the ledger and idempotently syncs them into the project's
+// .cursorrules or .clauderules file, turning dynamic learnings
+// into static, always-on IDE context.
+//
+// Sentinel markers ensure the auto-generated block is isolated
+// from user-maintained rules. Re-running always produces the
+// same output, preventing drift.
+const SENTINEL_START = "<!-- PRISM:AUTO-RULES:START -->";
+const SENTINEL_END = "<!-- PRISM:AUTO-RULES:END -->";
+/**
+ * Formats graduated insights into a markdown rules block.
+ * Each insight is rendered as a bullet with its importance score,
+ * event type, and the summary/correction text.
+ */
+function formatRulesBlock(insights, project) {
+    const header = `## Prism Graduated Insights (auto-synced)\n\n` +
+        `> These rules were automatically generated by [Prism MCP](https://github.com/fdarcy/prism) ` +
+        `from behavioral memory for project \"${project}\".\n` +
+        `> Last synced: ${new Date().toISOString().split("T")[0]}\n\n`;
+    const rules = insights.map(i => {
+        const tag = i.event_type && i.event_type !== "session" ? ` (${i.event_type})` : "";
+        return `- **[importance: ${i.importance}]**${tag} ${i.summary}`;
+    }).join("\n");
+    return `${SENTINEL_START}\n${header}${rules}\n${SENTINEL_END}`;
+}
+/**
+ * Idempotently replaces or appends the sentinel block in a rules file.
+ * Content outside the sentinels is never modified.
+ */
+function applySentinelBlock(existingContent, rulesBlock) {
+    const startIdx = existingContent.indexOf(SENTINEL_START);
+    const endIdx = existingContent.indexOf(SENTINEL_END);
+    if (startIdx !== -1 && endIdx !== -1) {
+        // Replace existing block
+        const before = existingContent.substring(0, startIdx);
+        const after = existingContent.substring(endIdx + SENTINEL_END.length);
+        return `${before}${rulesBlock}${after}`;
+    }
+    // Append with separator
+    const separator = existingContent.length > 0 && !existingContent.endsWith("\n\n")
+        ? (existingContent.endsWith("\n") ? "\n" : "\n\n")
+        : "";
+    return `${existingContent}${separator}${rulesBlock}\n`;
+}
+export async function knowledgeSyncRulesHandler(args) {
+    if (!isKnowledgeSyncRulesArgs(args)) {
+        throw new Error("Invalid arguments for knowledge_sync_rules");
+    }
+    const { project, target_file = ".cursorrules", dry_run = false } = args;
+    const storage = await getStorage();
+    // 1. Resolve repo path
+    const repoPath = await getSetting(`repo_path:${project}`, "");
+    if (!repoPath || !repoPath.trim()) {
+        return {
+            content: [{
+                    type: "text",
+                    text: `❌ No repo_path configured for project "${project}".\n` +
+                        `Set it in the Mind Palace dashboard (Settings → Project Repo Paths) before syncing rules.`,
+                }],
+            isError: true,
+        };
+    }
+    const normalizedRepoPath = repoPath.trim().replace(/\/+$/, "");
+    // 2. Fetch graduated insights
+    const insights = await storage.getGraduatedInsights(project, PRISM_USER_ID, 7);
+    if (insights.length === 0) {
+        return {
+            content: [{
+                    type: "text",
+                    text: `ℹ️ No graduated insights found for project "${project}".\n` +
+                        `Insights graduate when their importance score reaches 7 or higher.\n` +
+                        `Use \`knowledge_upvote\` to increase importance of valuable entries.`,
+                }],
+            isError: false,
+        };
+    }
+    // 3. Format rules block
+    const rulesBlock = formatRulesBlock(insights.map(i => ({ ...i, importance: i.importance ?? 0 })), project);
+    // 4. Dry-run: return preview without writing
+    if (dry_run) {
+        return {
+            content: [{
+                    type: "text",
+                    text: `🔍 **Dry Run Preview** — ${insights.length} graduated insight(s) for "${project}":\n\n` +
+                        `Target: ${normalizedRepoPath}/${target_file}\n\n` +
+                        `\`\`\`markdown\n${rulesBlock}\n\`\`\`\n\n` +
+                        `Run again without \`dry_run\` to write this to disk.`,
+                }],
+            isError: false,
+        };
+    }
+    // 5. Idempotent file write
+    const targetPath = join(normalizedRepoPath, target_file);
+    // Ensure directory exists (handles nested target_file like ".config/rules.md")
+    const targetDir = dirname(targetPath);
+    if (!existsSync(targetDir)) {
+        await mkdir(targetDir, { recursive: true });
+    }
+    let existingContent = "";
+    try {
+        existingContent = await readFile(targetPath, "utf-8");
+    }
+    catch {
+        // File doesn't exist yet — will be created
+        debugLog(`[knowledge_sync_rules] File ${targetPath} doesn't exist, creating new`);
+    }
+    const newContent = applySentinelBlock(existingContent, rulesBlock);
+    await writeFile(targetPath, newContent, "utf-8");
+    debugLog(`[knowledge_sync_rules] Synced ${insights.length} insights to ${targetPath}`);
+    return {
+        content: [{
+                type: "text",
+                text: `✅ Synced ${insights.length} graduated insight(s) to \`${targetPath}\`\n\n` +
+                    `Top insights synced:\n` +
+                    insights.slice(0, 5).map(i => `  • [${i.importance}] ${i.summary.substring(0, 80)}${i.summary.length > 80 ? "..." : ""}`).join("\n") +
+                    (insights.length > 5 ? `\n  ... and ${insights.length - 5} more` : ""),
+            }],
+        isError: false,
+    };
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "4.0.0",
+  "version": "4.3.0",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — local-first MCP server with persistent memory (SQLite/Supabase), visual dashboard, time travel, multi-agent sync, Morning Briefings, reality drift detection, code mode templates, semantic vector search, and Brave Search + Gemini analysis. Zero-config local mode.",
   "module": "index.ts",