sessionmem 1.0.5 → 1.1.0

package/dist/core/api/sessionLifecycleService.js

@@ -111,6 +111,14 @@ export function createSessionLifecycleService(deps) {
      * Hard-deletes memories older than the effective retentionDays for this
      * project. retentionDays<=0 disables pruning. Any failure is swallowed
      * so it can never block or fail summarization.
+     *
+     * IMPORTANT: retention pruning fires INDEPENDENTLY of summarization. It runs
+     * on every handleSessionEnd path — including the `skipped_disabled`
+     * (autoSummarize=false) and `skipped_threshold` (too few events) early
+     * returns — because retention is a time-based policy that must apply whether
+     * or not a summary was produced this session. It is gated only by the
+     * retentionDays config (retentionDays<=0 disables it), not by whether the
+     * lifecycle proceeded past the summarization threshold.
      */
     function runLightPrune(projectId) {
         try {
@@ -185,8 +193,18 @@ export function createSessionLifecycleService(deps) {
                     memoryId,
                 };
             }
-            catch {
-                // fall back to local summarizer
+            catch (cloudError) {
+                const failureRecordId = createFailureId();
+                insertSummarizationFailure(deps.db, {
+                    id: failureRecordId,
+                    project_id: request.projectId,
+                    session_id: request.sessionId,
+                    source_adapter: request.sourceAdapter,
+                    reason: "cloud_failed",
+                    attempt_count: CLOUD_RETRY_CONFIG.retries + 1,
+                    last_error_json: toErrorJson(cloudError),
+                });
+                // fall through to local summarizer
             }
             try {
                 const fallbackResult = await summarizeLocal(baseInput);

package/dist/core/config/policyConfig.js

@@ -1,7 +1,20 @@
 import { z } from "zod";
 import { homedir } from "os";
 import { join, dirname } from "path";
-import { mkdirSync, readFileSync, writeFileSync } from "fs";
+import { mkdirSync, readFileSync, writeFileSync, renameSync } from "fs";
+/** Lower bound of the 1-10 importance scale. */
+export const MIN_IMPORTANCE = 1;
+/** Upper bound of the 1-10 importance scale. */
+export const MAX_IMPORTANCE = 10;
+/** Importance threshold at or above which a warning is considered critical. */
+export const CRITICAL_WARNING_IMPORTANCE_THRESHOLD = 9;
+/** Maximum number of memories returned by a "deep" retrieval. */
+export const DEEP_MODE_RETRIEVAL_CAP = 100;
+/**
+ * Default model for cloud summarization via the Anthropic API.
+ * Consumed by {@link import("../summarize/cloudSummarizer.js").summarizeWithCloud}.
+ */
+export const DEFAULT_SUMMARIZER_MODEL = "claude-sonnet-4-6";
 /**
  * Built-in policy defaults. Used whenever the config file is missing, malformed,
  * or fails validation, and as the lowest-precedence source in
@@ -34,8 +47,12 @@ const teamConfigShape = z
  * built-in defaults.
  */
 const policyConfigShape = {
-    retentionDays: z.number().int().default(DEFAULT_POLICY_CONFIG.retentionDays),
+    retentionDays: z.number().int().min(0).default(DEFAULT_POLICY_CONFIG.retentionDays),
     redactionEnabled: z.boolean().default(DEFAULT_POLICY_CONFIG.redactionEnabled),
+    // Optional per-session startup-injection token cap. When set, it overrides the
+    // built-in DEFAULT_INJECTION_CAP used by formatStartupInjection and the
+    // `savings` analytics. Omitted by default so existing configs keep the default.
+    injectionCap: z.number().int().min(100).max(10000).optional(),
     team: teamConfigShape.default({ enabled: false }),
 };
 /**
@@ -67,14 +84,32 @@ export function configFilePath() {
  * are merged over defaults via the schema's per-field `.default()`.
  */
 export function readPolicyConfig(filePath) {
+    let raw;
+    let obj;
     try {
-        const raw = readFileSync(filePath, "utf8");
-        const parsed = JSON.parse(raw);
-        return policyConfigReadSchema.parse(parsed);
+        raw = readFileSync(filePath, "utf8");
+        obj = JSON.parse(raw);
     }
     catch {
         return { ...DEFAULT_POLICY_CONFIG };
     }
+    // Fast path: strict parse succeeds (the common case).
+    const strict = policyConfigReadSchema.safeParse(obj);
+    if (strict.success)
+        return strict.data;
+    // Lenient fallback: salvage valid individual fields so a single bad value
+    // (e.g. injectionCap: 50, below min 100) doesn't wipe out retentionDays etc.
+    const s = policyConfigShape;
+    const rd = s.retentionDays.safeParse(obj.retentionDays);
+    const re = s.redactionEnabled.safeParse(obj.redactionEnabled);
+    const ic = s.injectionCap.safeParse(obj.injectionCap);
+    const tm = s.team.safeParse(obj.team);
+    return {
+        retentionDays: rd.success ? rd.data : DEFAULT_POLICY_CONFIG.retentionDays,
+        redactionEnabled: re.success ? re.data : DEFAULT_POLICY_CONFIG.redactionEnabled,
+        injectionCap: ic.success ? ic.data : undefined,
+        team: tm.success ? tm.data : { ...DEFAULT_POLICY_CONFIG.team },
+    };
 }
 /**
  * Persist a partial policy config, merged over the current on-disk values (or
@@ -91,7 +126,12 @@ export function writePolicyConfig(filePath, partial) {
     const current = readPolicyConfig(filePath);
     const merged = policyConfigSchema.parse({ ...current, ...validatedPartial });
     mkdirSync(dirname(filePath), { recursive: true });
-    writeFileSync(filePath, `${JSON.stringify(merged, null, 2)}\n`, "utf8");
+    // Atomic write: write to a temp file then rename over the target so a crash
+    // mid-write can't leave a truncated/corrupt config. On Windows, renameSync
+    // over an existing file works (Node wraps it via MoveFileExW).
+    const tmpPath = `${filePath}.tmp`;
+    writeFileSync(tmpPath, `${JSON.stringify(merged, null, 2)}\n`, "utf8");
+    renameSync(tmpPath, filePath);
     return merged;
 }
 /**
@@ -116,6 +156,13 @@ export function resolvePolicySettings(input) {
         redactionEnabled: resolve("redactionEnabled"),
     };
 }
+/**
+ * Per-session write soft limit. When a session has stored at least this many
+ * memories, subsequent storeMemory calls still succeed but the response
+ * includes a "session_write_limit_warning" warningCode, giving the agent
+ * feedback to stop storing excessive memories in a single session.
+ */
+export const SESSION_WRITE_SOFT_LIMIT = 50;
 /**
  * Resolve the `team` config as a single object unit using precedence
  * override > config.json > default (RESEARCH Pitfall 5). Unlike

package/dist/core/injection/formatStartupInjection.js

@@ -1,13 +1,37 @@
+import { CRITICAL_WARNING_IMPORTANCE_THRESHOLD } from "../config/policyConfig.js";
 import { countTokens, trimLowestPriorityContent } from "./tokenBudget.js";
 const DEFAULT_TOKEN_CAP = 450;
 const HEADER = "Relevant prior context";
+// At most this many preserved (critical-warning) entries may bypass trimming.
+// Critical warnings rarely need more, and an unbounded count would let
+// preserved entries dominate the injection block past the token cap.
+const MAX_PRESERVED = 5;
+// Strip control characters and hard-cap per-entry content before it is rendered
+// into the injection block. Prevents a single memory from breaking out of the
+// block (newlines/control chars) or dominating it (length). The full content
+// remains retrievable via retrieveMemories — this only affects startup display.
+const safeContent = (content) => 
+// eslint-disable-next-line no-control-regex -- intentional control-char strip
+content.replace(/[\n\r\x00-\x08\x0e-\x1f\x7f]/g, " ").slice(0, 500);
+// Sanitize source_adapter before it is rendered verbatim onto the metadata
+// line. Like `author`, a malformed row could otherwise smuggle newlines/control
+// chars (and thus a prompt-injection payload) into the injection block.
+const safeSourceAdapter = (s) => 
+// eslint-disable-next-line no-control-regex -- intentional control-char strip
+(s ?? "").replace(/[\n\r\x00-\x08\x0e-\x1f\x7f]/g, "").slice(0, 100);
+// Allow-list of known kinds. Any unrecognized kind renders as "memory" so a
+// malformed row cannot inject arbitrary text into the rendered `[kind]` label.
+const KNOWN_KINDS = new Set(["fact", "decision", "preference", "warning", "summary", "memory", "context"]);
+function safeKind(kind) {
+    return KNOWN_KINDS.has(kind) ? kind : "memory";
+}
 const KIND_ORDER = ["warning", "decision", "fact", "summary", "preference"];
 const KIND_RANK = new Map(KIND_ORDER.map((kind, index) => [kind, index]));
 function kindRank(kind) {
     return KIND_RANK.get(kind) ?? KIND_ORDER.length;
 }
 function isCriticalWarning(memory) {
-    return memory.kind === "warning" && memory.importance >= 9;
+    return memory.kind === "warning" && memory.importance >= CRITICAL_WARNING_IMPORTANCE_THRESHOLD;
 }
 function sortMemories(memories) {
     return [...memories].sort((left, right) => {
@@ -35,7 +59,12 @@ function authorPrefix(memory, localUsername) {
     if (memory.author &&
         localUsername &&
         memory.author !== localUsername) {
-        return `${memory.author}: `;
+        // Defense in depth: even though `author` is constrained at the contract
+        // boundary, strip any control characters before rendering so a malformed
+        // row cannot break out of the injection block.
+        // eslint-disable-next-line no-control-regex -- intentional control-char strip
+        const safeAuthor = memory.author.replace(/[\n\r\x00-\x1f\x7f]/g, "");
+        return `${safeAuthor}: `;
     }
     return "";
 }
@@ -44,8 +73,8 @@ function formatLine(entry, localUsername) {
     const score = memory.score;
     const prefix = authorPrefix(memory, localUsername);
     return [
-        `- [${memory.kind}] ${prefix}${entry.content}`,
-        `(score total=${formatScore(score.total)}, semantic=${formatScore(score.raw.semantic)}, recency=${formatScore(score.raw.recency)}, importance=${formatScore(score.raw.importance)}; source=${memory.source_adapter}; date=${memory.updated_at})`,
+        `- [${safeKind(memory.kind)}] ${prefix}${safeContent(entry.content)}`,
+        `(score total=${formatScore(score.total)}, semantic=${formatScore(score.raw.semantic)}, recency=${formatScore(score.raw.recency)}, importance=${formatScore(score.raw.importance)}; source=${safeSourceAdapter(memory.source_adapter)}; date=${memory.updated_at})`,
     ].join(" ");
 }
 function render(entries, localUsername) {
@@ -72,12 +101,28 @@ function lowestDroppableIndex(entries) {
 export function formatStartupInjection(rankedMemories, options = {}) {
     const tokenCap = options.tokenCap ?? DEFAULT_TOKEN_CAP;
     const localUsername = options.localUsername;
-    let included = sortMemories(rankedMemories).map((memory) => ({
-        memory,
-        content: memory.content,
-        priority: KIND_ORDER.length - kindRank(memory.kind),
-        preserve: isCriticalWarning(memory),
-    }));
+    // Cap how many entries may be marked `preserve`. Excess critical warnings
+    // beyond MAX_PRESERVED become droppable so they cannot bypass the trim/drop
+    // loop and blow past the token cap. Sorting first keeps the highest-ranked
+    // warnings preserved.
+    let preservedCount = 0;
+    let included = sortMemories(rankedMemories).map((memory) => {
+        let preserve = isCriticalWarning(memory);
+        if (preserve) {
+            if (preservedCount >= MAX_PRESERVED) {
+                preserve = false;
+            }
+            else {
+                preservedCount += 1;
+            }
+        }
+        return {
+            memory,
+            content: memory.content,
+            priority: KIND_ORDER.length - kindRank(memory.kind),
+            preserve,
+        };
+    });
     let output = render(included, localUsername);
     while (included.length > 0 && countTokens(output) > tokenCap) {
         const trimmed = trimLowestPriorityContent(included);

package/dist/core/injection/tokenBudget.js

@@ -5,6 +5,14 @@ const DEFAULT_TRIM_RATIO = 0.75;
 export function countTokens(text) {
     return encoding.encode(text).length;
 }
+export function capTokens(text, cap) {
+    const tokens = encoding.encode(text);
+    if (tokens.length <= cap) {
+        return text;
+    }
+    const trimmed = encoding.decode(tokens.slice(0, cap)).trimEnd();
+    return `${trimmed} ...`;
+}
 export function trimLowestPriorityContent(included, options = {}) {
     const minContentTokens = options.minContentTokens ?? DEFAULT_MIN_CONTENT_TOKENS;
     const trimRatio = options.trimRatio ?? DEFAULT_TRIM_RATIO;

package/dist/core/retrieve/importance.js

@@ -1,6 +1,7 @@
+import { MIN_IMPORTANCE, MAX_IMPORTANCE } from "../config/policyConfig.js";
 export function normalizeImportance(score1to10) {
-    if (!Number.isFinite(score1to10) || score1to10 < 1 || score1to10 > 10) {
-        throw new Error("importance must be between 1 and 10");
+    if (!Number.isFinite(score1to10) || score1to10 < MIN_IMPORTANCE || score1to10 > MAX_IMPORTANCE) {
+        throw new Error(`importance must be between ${MIN_IMPORTANCE} and ${MAX_IMPORTANCE}`);
     }
-    return (score1to10 - 1) / 9;
+    return (score1to10 - MIN_IMPORTANCE) / (MAX_IMPORTANCE - MIN_IMPORTANCE);
 }

package/dist/core/retrieve/recencyBands.js

@@ -4,15 +4,11 @@ function toDate(value) {
 }
 export function getRecencyBandScore(updatedAt, now = new Date()) {
     const updatedDate = toDate(updatedAt);
-    const ageDays = Math.max(0, (now.getTime() - updatedDate.getTime()) / DAY_IN_MS);
-    if (ageDays <= 1) {
-        return 1.0;
+    const ageDays = (now.getTime() - updatedDate.getTime()) / DAY_IN_MS;
+    if (!Number.isFinite(ageDays) || ageDays < 0) {
+        return 0.05; // invalid/future date -> treat as max age (lowest recency score)
     }
-    if (ageDays <= 7) {
-        return 0.75;
-    }
-    if (ageDays <= 30) {
-        return 0.5;
-    }
-    return 0.25;
+    const HALF_LIFE_DAYS = 14;
+    const lambda = Math.LN2 / HALF_LIFE_DAYS;
+    return Math.max(0.05, Math.exp(-lambda * ageDays));
 }

package/dist/core/retrieve/retrieveMemories.js

@@ -1,6 +1,7 @@
 import { deterministicEmbed } from "../embed/deterministicEmbed.js";
+import { decayOldBoosts } from "./decay.js";
 import { scoreMemoryCandidate, } from "./score.js";
-import { searchMemoryCandidates, } from "../storage/memorySearchRepo.js";
+import { searchMemoryCandidatesFTS, } from "../storage/memorySearchRepo.js";
 const DEFAULT_EMBEDDING_DIMENSION = 32;
 function resolveEmbeddingDimension(candidates) {
     for (const candidate of candidates) {
@@ -40,16 +41,29 @@ export function retrieveMemories(input) {
     }
     const topK = input.topK ?? input.limit ?? 20;
     const now = input.now ?? new Date();
-    const candidates = searchMemoryCandidates(input.db, input.projectId);
+    // Use FTS5 pre-filtering to limit cosine similarity computation to ~50 candidates.
+    // queryText is guaranteed non-empty by the Zod schema (z.string().min(1)) upstream.
+    const candidates = searchMemoryCandidatesFTS(input.db, input.projectId, queryText);
+    const decayedCandidates = decayOldBoosts(candidates, now);
     const dimension = resolveEmbeddingDimension(candidates);
     const queryVector = deterministicEmbed(queryText, dimension).vector;
-    const ranked = candidates
+    const ranked = decayedCandidates
         .map((candidate) => {
-        const semantic = cosineSimilarity(queryVector, candidate.embedding);
+        // When embedding is null (version mismatch or missing), use a neutral
+        // score of 0.5 so the memory is neither penalized nor boosted. A non-null
+        // embedding whose length differs from the query vector (a stored
+        // embedding from a different dimension) is treated the same way: passing
+        // it to cosineSimilarity would return 0 and actively penalize the row.
+        const semantic = candidate.embedding === null ||
+            candidate.embedding.length !== queryVector.length
+            ? 0.5
+            : cosineSimilarity(queryVector, candidate.embedding);
         const score = scoreMemoryCandidate({
             semantic,
             updated_at: candidate.updated_at,
             importance: candidate.importance,
+            access_count: candidate.access_count,
+            decayedImportance: candidate.decayedImportance,
         }, now);
         return {
             id: candidate.id,
@@ -62,6 +76,7 @@ export function retrieveMemories(input) {
             importance: candidate.importance,
             author: candidate.author,
             origin_project_id: candidate.origin_project_id,
+            access_count: candidate.access_count,
             created_at: candidate.created_at,
             updated_at: candidate.updated_at,
             embedding_dim: candidate.embedding_dim,

package/dist/core/retrieve/score.js

@@ -5,9 +5,19 @@ export const SCORING_WEIGHTS = {
     recency: 0.25,
     importance: 0.15,
 };
+export const ACCESS_BOOST_THRESHOLD = 3;
+export const ACCESS_BOOST_AMOUNT = 2;
+export function computeEffectiveImportance(storedImportance, accessCount) {
+    if (accessCount >= ACCESS_BOOST_THRESHOLD) {
+        return Math.min(storedImportance + ACCESS_BOOST_AMOUNT, 10);
+    }
+    return storedImportance;
+}
 export function scoreMemoryCandidate(candidate, now = new Date()) {
     const recency = getRecencyBandScore(candidate.updated_at, now);
-    const importance = normalizeImportance(candidate.importance);
+    const baseImportance = candidate.decayedImportance ?? candidate.importance;
+    const effectiveImportance = computeEffectiveImportance(baseImportance, candidate.access_count ?? 0);
+    const importance = normalizeImportance(effectiveImportance);
     const weighted = {
         semantic: candidate.semantic * SCORING_WEIGHTS.semantic,
         recency: recency * SCORING_WEIGHTS.recency,

package/dist/core/schema/migrations/005_team_provenance.sql

@@ -1,9 +1,14 @@
--- Team-mode provenance: record who authored each memory and, for
--- synced/shared rows, which project they originated in. Both columns are added
--- to the existing `memories` table without rewriting it so pre-existing rows
--- survive. `author` is NOT NULL with a DEFAULT '' sentinel because a
--- NOT NULL ADD COLUMN requires a default and the local OS username is not
--- available inside static SQL. `origin_project_id` is nullable and
--- only set on rows pulled in from another project's store.
-ALTER TABLE memories ADD COLUMN author TEXT NOT NULL DEFAULT '';
-ALTER TABLE memories ADD COLUMN origin_project_id TEXT;
+-- Team-mode provenance: record who authored each memory and, for
+-- synced/shared rows, which project they originated in. Both columns are added
+-- to the existing `memories` table without rewriting it so pre-existing rows
+-- survive. `author` is NOT NULL with a DEFAULT '' sentinel because a
+-- NOT NULL ADD COLUMN requires a default and the local OS username is not
+-- available inside static SQL. `origin_project_id` is nullable and
+-- only set on rows pulled in from another project's store.
+--
+-- Idempotency: SQLite has no `ADD COLUMN IF NOT EXISTS`. Re-running this
+-- migration (only possible if the _migrations record was lost) throws
+-- "duplicate column name", which runMigrations catches and treats as
+-- already-applied. See src/core/schema/runMigrations.ts.
+ALTER TABLE memories ADD COLUMN author TEXT NOT NULL DEFAULT '';
+ALTER TABLE memories ADD COLUMN origin_project_id TEXT;

package/dist/core/schema/migrations/006_access_pattern_boosting.sql

@@ -0,0 +1,10 @@
+-- Access-pattern boosting: track how often each memory is included in
+-- retrieval output. access_count drives a read-time effective_importance
+-- boost without mutating the stored importance score.
+--
+-- Idempotency: SQLite has no `ADD COLUMN IF NOT EXISTS`. Re-running this
+-- migration (only possible if the _migrations record was lost) throws
+-- "duplicate column name", which runMigrations catches and treats as
+-- already-applied. See src/core/schema/runMigrations.ts.
+ALTER TABLE memories ADD COLUMN access_count INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE memories ADD COLUMN last_accessed TEXT;

package/dist/core/schema/migrations/007_feedback_manual_delete.sql

@@ -0,0 +1,23 @@
+-- Allow 'manual_delete' feedback_type and new_importance = 0 for deletion records.
+-- Remove FOREIGN KEY CASCADE so feedback rows survive when a memory is deleted.
+-- SQLite requires table recreation to alter CHECK constraints and FK behavior.
+
+CREATE TABLE IF NOT EXISTS memory_feedback_new (
+  id TEXT PRIMARY KEY,
+  memory_id TEXT NOT NULL,
+  feedback_type TEXT NOT NULL CHECK (feedback_type IN ('auto_use', 'manual', 'manual_delete')),
+  previous_importance INTEGER NOT NULL CHECK (previous_importance >= 0 AND previous_importance <= 10),
+  new_importance INTEGER NOT NULL CHECK (new_importance >= 0 AND new_importance <= 10),
+  created_at TEXT NOT NULL DEFAULT (strftime('%Y-%m-%dT%H:%M:%fZ', 'now'))
+);
+
+INSERT OR IGNORE INTO memory_feedback_new (id, memory_id, feedback_type, previous_importance, new_importance, created_at)
+  SELECT id, memory_id, feedback_type, previous_importance, new_importance, created_at
+  FROM memory_feedback;
+
+DROP TABLE memory_feedback;
+
+ALTER TABLE memory_feedback_new RENAME TO memory_feedback;
+
+CREATE INDEX IF NOT EXISTS idx_memory_feedback_memory_created
+ON memory_feedback(memory_id, created_at DESC);

package/dist/core/schema/migrations/008_fts5_search.sql

@@ -0,0 +1,37 @@
+-- FTS5 full-text search index on memory content for candidate pre-filtering.
+-- Using content-sync (external content) mode: the FTS index mirrors the
+-- memories table without duplicating storage. Triggers keep it in sync.
+CREATE VIRTUAL TABLE IF NOT EXISTS memories_fts USING fts5(
+  content,
+  normalized_content,
+  content='memories',
+  content_rowid='rowid'
+);
+
+-- Populate FTS index from existing rows. Guard against double-backfill: if this
+-- migration is re-run on a DB that already has FTS data (e.g. after the
+-- _migrations record was lost), re-inserting every row would duplicate the
+-- index entries. Only backfill when the FTS table is empty.
+INSERT INTO memories_fts(rowid, content, normalized_content)
+  SELECT rowid, content, normalized_content FROM memories
+  WHERE NOT EXISTS (SELECT 1 FROM memories_fts LIMIT 1);
+
+-- Keep FTS index in sync: INSERT trigger
+CREATE TRIGGER IF NOT EXISTS memories_fts_insert AFTER INSERT ON memories BEGIN
+  INSERT INTO memories_fts(rowid, content, normalized_content)
+    VALUES (new.rowid, new.content, new.normalized_content);
+END;
+
+-- Keep FTS index in sync: DELETE trigger
+CREATE TRIGGER IF NOT EXISTS memories_fts_delete AFTER DELETE ON memories BEGIN
+  INSERT INTO memories_fts(memories_fts, rowid, content, normalized_content)
+    VALUES ('delete', old.rowid, old.content, old.normalized_content);
+END;
+
+-- Keep FTS index in sync: UPDATE trigger (content or normalized_content changed)
+CREATE TRIGGER IF NOT EXISTS memories_fts_update AFTER UPDATE OF content, normalized_content ON memories BEGIN
+  INSERT INTO memories_fts(memories_fts, rowid, content, normalized_content)
+    VALUES ('delete', old.rowid, old.content, old.normalized_content);
+  INSERT INTO memories_fts(rowid, content, normalized_content)
+    VALUES (new.rowid, new.content, new.normalized_content);
+END;

package/dist/core/schema/migrations/009_session_events_unique.sql

@@ -0,0 +1,24 @@
+-- Deduplicate session events by their logical key.
+--
+-- `ingestSessionEvents` is now reachable from agents (MCP tool) and CLI, so it
+-- can be called more than once for the same session. The original index on
+-- (project_id, session_id, event_index) was NOT unique, so re-ingesting the
+-- same logical event with a fresh `id` silently created duplicate rows — which
+-- then inflated session-event counts and the local-summarizer input.
+--
+-- Replace it with a UNIQUE index so `INSERT OR IGNORE` makes re-ingestion a
+-- no-op. session_events has no production writer before this migration, so there
+-- are no pre-existing duplicates to reconcile.
+DROP INDEX IF EXISTS idx_session_events_project_session_event_index;
+
+-- Remove duplicate rows before adding unique constraint.
+-- Keep the row with the smallest rowid for each logical key.
+DELETE FROM session_events
+WHERE rowid NOT IN (
+  SELECT MIN(rowid)
+  FROM session_events
+  GROUP BY project_id, session_id, event_index
+);
+
+CREATE UNIQUE INDEX IF NOT EXISTS idx_session_events_project_session_event_index
+  ON session_events(project_id, session_id, event_index);

package/dist/core/schema/runMigrations.js

@@ -1,6 +1,7 @@
 import fs from "node:fs";
 import path from "node:path";
-const DEFAULT_MIGRATIONS_DIR = path.resolve(process.cwd(), "src/core/schema/migrations");
+import { fileURLToPath } from "node:url";
+const DEFAULT_MIGRATIONS_DIR = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "migrations");
 function ensureMigrationsTable(db) {
     db.exec(`
     CREATE TABLE IF NOT EXISTS _migrations (
@@ -18,6 +19,38 @@ function listMigrationFiles(migrationsDir) {
         .filter((fileName) => fileName.endsWith(".sql"))
         .sort((left, right) => left.localeCompare(right));
 }
+/**
+ * Verify that every column an ADD COLUMN migration declares already exists in
+ * its target table. Parses `ALTER TABLE <table> ADD COLUMN <name>` statements
+ * from the migration SQL and checks each against `PRAGMA table_info`. Returns
+ * false the moment a declared column is missing (or its table doesn't exist),
+ * so a partially-applied migration is never marked complete.
+ */
+function allAddedColumnsExist(db, sql) {
+    const addColumnRe = /ALTER\s+TABLE\s+(\w+)\s+ADD\s+COLUMN\s+(\w+)/gi;
+    const byTable = new Map();
+    let match;
+    while ((match = addColumnRe.exec(sql)) !== null) {
+        const [, table, column] = match;
+        const cols = byTable.get(table) ?? [];
+        cols.push(column);
+        byTable.set(table, cols);
+    }
+    // No ADD COLUMN statements parsed → we cannot prove the schema is consistent,
+    // so treat it as unsafe and let the caller re-throw.
+    if (byTable.size === 0) {
+        return false;
+    }
+    for (const [table, columns] of byTable) {
+        const existing = new Set(db.prepare(`PRAGMA table_info(${table})`).all().map((row) => row.name));
+        for (const column of columns) {
+            if (!existing.has(column)) {
+                return false;
+            }
+        }
+    }
+    return true;
+}
 export function runMigrations(db, migrationsDir = DEFAULT_MIGRATIONS_DIR) {
     ensureMigrationsTable(db);
     const files = listMigrationFiles(migrationsDir);
@@ -31,8 +64,37 @@ export function runMigrations(db, migrationsDir = DEFAULT_MIGRATIONS_DIR) {
     });
     for (const fileName of files) {
         const existing = hasMigrationStmt.get(fileName);
-        if (!existing) {
+        if (existing) {
+            continue;
+        }
+        try {
             runMigration(fileName);
         }
+        catch (err) {
+            // Idempotency guard for ALTER TABLE ADD COLUMN migrations (005/006).
+            // SQLite has no `ADD COLUMN IF NOT EXISTS`, so re-running a column-adding
+            // migration on a DB that already has the column throws "duplicate column
+            // name". This only happens when the _migrations record was lost (e.g. the
+            // table was dropped) while the schema change survived.
+            //
+            // Each migration runs in a transaction (all-or-nothing), so the duplicate
+            // error rolls the whole body back. Migrations 005/006 add TWO columns
+            // each: if only the FIRST already exists, the throw fires on the first
+            // ALTER and the second column is never added. Blindly marking the
+            // migration applied would leave that second column permanently missing.
+            //
+            // So instead of trusting the error, verify that EVERY column this
+            // migration was supposed to add actually exists. Only then is it safe to
+            // record as applied; otherwise re-throw so the failure surfaces.
+            if (err instanceof Error && /duplicate column name/i.test(err.message)) {
+                const filePath = path.join(migrationsDir, fileName);
+                const sql = fs.readFileSync(filePath, "utf8");
+                if (allAddedColumnsExist(db, sql)) {
+                    insertMigrationStmt.run(fileName);
+                    continue;
+                }
+            }
+            throw err;
+        }
     }
 }

package/dist/core/storage/db.js

@@ -2,7 +2,13 @@ import BetterSqlite3 from "better-sqlite3";
 import { runMigrations } from "../schema/runMigrations.js";
 export function openDb(options = {}) {
     const db = new BetterSqlite3(options.dbPath ?? ":memory:");
+    // Performance pragmas — WAL enables concurrent reads during writes;
+    // busy_timeout prevents SQLITE_BUSY under concurrent MCP tool calls.
+    db.pragma("journal_mode = WAL");
+    db.pragma("synchronous = NORMAL");
     db.pragma("foreign_keys = ON");
+    db.pragma("busy_timeout = 5000");
+    db.pragma("cache_size = -32000");
     runMigrations(db, options.migrationsDir);
     return db;
 }

package/dist/core/storage/memoryFeedbackRepo.js

@@ -1,14 +1,24 @@
 import { randomUUID } from "node:crypto";
-export function insertMemoryFeedbackEvent(db, event) {
-    const stmt = db.prepare(`
+const feedbackStmtCache = new WeakMap();
+function getFeedbackStatements(db) {
+    let stmts = feedbackStmtCache.get(db);
+    if (stmts)
+        return stmts;
+    stmts = {
+        insertFeedback: db.prepare(`
     INSERT INTO memory_feedback (
       id, memory_id, feedback_type, previous_importance, new_importance, created_at
     ) VALUES (
       @id, @memory_id, @feedback_type, @previous_importance, @new_importance,
       COALESCE(@created_at, strftime('%Y-%m-%dT%H:%M:%fZ', 'now'))
     )
-  `);
-    stmt.run({
+  `),
+    };
+    feedbackStmtCache.set(db, stmts);
+    return stmts;
+}
+export function insertMemoryFeedbackEvent(db, event) {
+    getFeedbackStatements(db).insertFeedback.run({
         ...event,
         id: event.id ?? randomUUID(),
         created_at: event.created_at ?? null,