prism-mcp-server 9.4.3 → 9.4.4

package/README.md

@@ -826,8 +826,9 @@ The Generator strips the `console.log`, resubmits, and the next `EVALUATE` retur
 
 ## 🆕 What's New
 
-> **Current release: v9.4.2 — Shell Injection Fix (Git Drift Detection)**
+> **Current release: v9.4.3 — ESM Bundling Fix (async_hooks)**
 
+- 🔧 **v9.4.3 — ESM Bundling Fix:** Bundled dist had inlined OpenTelemetry CJS `require("async_hooks")` into ESM chunks, causing `Dynamic require of "async_hooks" is not supported` at runtime. Rebuilt with `tsc`. Affects CLI, session save/load, and MCP server startup.
 - 🔒 **v9.4.2 — Shell Injection Fix:** Deep code review found shell injection in `getGitDrift()` — `oldSha` was interpolated into `execSync` template string. Fixed with SHA format validation + `execFileSync` (no shell). Defense-in-depth.
 - 🔒 **v9.4.1 — Security Hardening & Bidirectional Sync:** Two-pass adversarial audit found 18 vulnerabilities (4C/5H/9M) — 17 fixed. Critical: fail-closed rate limiter, path traversal guards, error sanitization. High: plan name alignment (revenue fix), CORS allowlist, settings injection prevention. New: bidirectional `prism sync push` CLI command pushes local SQLite → Supabase, JWT enrichment eliminates N+1 DB queries, concurrency counter guaranteed via `try/finally`, 10MB request body limits.
 - 🎯 **v9.3.0 — TurboQuant ResidualNorm Tiebreaker:** Configurable ranking optimization for Tier-2 search. When compressed cosine scores are within ε of each other, prefers the candidate with lower `residualNorm` (more trustworthy compressed representation). `PRISM_TURBOQUANT_TIEBREAKER_EPSILON=0.005` gives +2pp R@1, +1pp R@5. Empirically validated at N=5K with A/B test. 1066 tests, 0 regressions. Inspired by [@m13v's suggestion](https://github.com/xiaowu0162/LongMemEval/issues/31).

package/dist/lifecycle.js

@@ -8,7 +8,7 @@
 import * as fs from "fs";
 import * as path from "path";
 import * as os from "os";
-import { execSync } from "child_process";
+import { execFileSync } from "child_process";
 import { closeConfigStorage } from "./storage/configStorage.js";
 import { getStorage } from "./storage/index.js";
 import { shutdownTelemetry } from "./utils/telemetry.js";
@@ -65,8 +65,12 @@ function isOrphanProcess(pid) {
         return false;
     }
     try {
-        // 'ps -o ppid= -p PID' returns just the parent PID
-        const ppid = execSync(`ps -o ppid= -p ${pid}`, { encoding: "utf8" }).trim();
+        // SECURITY: Use execFileSync (no shell) to prevent command injection.
+        // The PID comes from a file that could be tampered with by another process.
+        const ppid = execFileSync("ps", ["-o", "ppid=", "-p", String(pid)], {
+            encoding: "utf8",
+            timeout: 5000,
+        }).trim();
         return ppid === "1";
     }
     catch {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "9.4.3",
+  "version": "9.4.4",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — a true Cognitive Architecture with Hebbian learning (episodic→semantic consolidation), ACT-R spreading activation (multi-hop causal reasoning), uncertainty-aware rejection gates (agents that know when they don't know), adversarial evaluation (anti-sycophancy), fail-closed Dark Factory pipelines, persistent memory (SQLite/Supabase), multi-agent Hivemind, time travel & visual dashboard. Zero-config local mode.",
   "module": "index.ts",
@@ -102,7 +102,6 @@
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.81.0",
-    "@google-cloud/discoveryengine": "^2.5.3",
     "@google/generative-ai": "^0.24.1",
     "@libsql/client": "^0.17.2",
     "@modelcontextprotocol/sdk": "^1.27.1",
@@ -116,7 +115,6 @@
     "@tavily/core": "^0.6.0",
     "cheerio": "^1.2.0",
     "commander": "^14.0.3",
-    "dotenv": "^16.5.0",
     "fflate": "^0.8.2",
     "jose": "^6.2.2",
     "jsdom": "^29.0.1",