sessionmem 1.0.6 → 1.1.0

package/dist/core/storage/memorySearchRepo.js

@@ -16,7 +16,7 @@ function getSearchStatements(db) {
     WHERE project_id = ?
       AND (
         importance >= 8
-        OR updated_at > datetime('now', '-90 days')
+        OR updated_at > strftime('%Y-%m-%dT%H:%M:%fZ', 'now', '-90 days')
       )
   `),
         searchCandidatesFTS: db.prepare(`
@@ -51,6 +51,17 @@ function parseEmbedding(value) {
         return null;
     }
 }
+function dedupById(candidates) {
+    // Defensive — FTS should not emit duplicates, but this guards backfill
+    // corruption (e.g. a double-run 008 migration) from inflating results.
+    const seen = new Set();
+    return candidates.filter((candidate) => {
+        if (seen.has(candidate.id))
+            return false;
+        seen.add(candidate.id);
+        return true;
+    });
+}
 function mapRows(rows) {
     return rows.map((row) => {
         const parsed = parseEmbedding(row.embedding);
@@ -80,9 +91,19 @@ function sanitizeFtsQuery(queryText) {
 }
 /**
  * Pre-filter candidates using FTS5 full-text search before cosine similarity.
- * Returns top-50 candidates by FTS rank. Falls back to full
- * searchMemoryCandidates when FTS returns fewer than 5 results
- * (poor keyword overlap).
+ * Returns up to FTS_CANDIDATE_LIMIT candidates.
+ *
+ * FTS keyword overlap can be sparse, so the fallback recency/importance scan is
+ * UNIONed with (never substituted for) the FTS hits:
+ *  - >= FTS_FALLBACK_THRESHOLD FTS hits: use the FTS hits as-is (well-matched).
+ *  - 0 FTS hits: use the fallback scan only.
+ *  - 1..threshold-1 FTS hits: UNION the FTS hits with the fallback scan,
+ *    deduplicated by id (FTS hits first), capped at FTS_CANDIDATE_LIMIT.
+ *
+ * The previous behavior REPLACED a small FTS hit set with the fallback scan,
+ * which silently dropped genuine matches that were old (>90d) and low-importance
+ * (<8) — exactly the rows the fallback's filter excludes — returning zero
+ * candidates for a query that matched only such rows.
  */
 export function searchMemoryCandidatesFTS(db, projectId, queryText) {
     const sanitized = sanitizeFtsQuery(queryText);
@@ -97,8 +118,25 @@ export function searchMemoryCandidatesFTS(db, projectId, queryText) {
         // FTS5 MATCH can throw on malformed queries — fall back to full scan
         return searchMemoryCandidates(db, projectId);
     }
-    if (rows.length < FTS_FALLBACK_THRESHOLD) {
-        return searchMemoryCandidates(db, projectId);
+    if (rows.length >= FTS_FALLBACK_THRESHOLD) {
+        return dedupById(mapRows(rows));
     }
-    return mapRows(rows);
+    const fallback = searchMemoryCandidates(db, projectId);
+    if (rows.length === 0) {
+        return fallback;
+    }
+    // UNION FTS hits (first) with the fallback scan, deduplicated by id and
+    // capped at the same total limit FTS would have returned.
+    const ftsHits = mapRows(rows);
+    const seen = new Set(ftsHits.map((candidate) => candidate.id));
+    const merged = [...ftsHits];
+    for (const candidate of fallback) {
+        if (merged.length >= FTS_CANDIDATE_LIMIT)
+            break;
+        if (seen.has(candidate.id))
+            continue;
+        seen.add(candidate.id);
+        merged.push(candidate);
+    }
+    return merged;
 }

package/dist/core/storage/sessionEventsRepo.js

@@ -4,8 +4,11 @@ function getSessionEventsStatements(db) {
     if (stmts)
         return stmts;
     stmts = {
+        // INSERT OR IGNORE so re-ingesting an event with the same logical key
+        // (project_id, session_id, event_index) — now a UNIQUE index, migration 009
+        // — is a no-op rather than a duplicate row or a PK error.
         insertEvent: db.prepare(`
-    INSERT INTO session_events (
+    INSERT OR IGNORE INTO session_events (
       id, project_id, session_id, event_index, event_type, payload_json, created_at
     ) VALUES (
       @id, @project_id, @session_id, @event_index, @event_type, @payload_json,
@@ -18,12 +21,22 @@ function getSessionEventsStatements(db) {
     WHERE project_id = ? AND session_id = ?
     ORDER BY event_index ASC
   `),
+        countAll: db.prepare("SELECT COUNT(*) AS count FROM session_events WHERE project_id = ?"),
     };
     sessionEventsStmtCache.set(db, stmts);
     return stmts;
 }
+/**
+ * Insert a session event. Returns the number of rows written (1, or 0 when the
+ * (project_id, session_id, event_index) key already exists and the insert was
+ * ignored).
+ */
 export function insertSessionEvent(db, input) {
-    getSessionEventsStatements(db).insertEvent.run(input);
+    return getSessionEventsStatements(db).insertEvent.run(input).changes;
+}
+export function countAllSessionEvents(db, projectId) {
+    const row = getSessionEventsStatements(db).countAll.get(projectId);
+    return row.count;
 }
 export function listSessionEventsBySession(db, projectId, sessionId) {
     return getSessionEventsStatements(db).listBySession.all(projectId, sessionId);

package/dist/core/summarize/cloudSummarizer.js

@@ -19,15 +19,28 @@ export async function summarizeWithCloud(input) {
     const client = new Anthropic({ apiKey: input.anthropicApiKey });
     const response = await client.messages.create({
         model,
-        max_tokens: input.summaryTokenCap * 2,
+        // Cap the per-response token budget so a large summaryTokenCap cannot pass
+        // an out-of-range max_tokens to the API (which would error).
+        max_tokens: Math.min(Math.floor((input.summaryTokenCap ?? 4000) * 1.5), 8192),
         system: CLOUD_SYSTEM_PROMPT,
         messages: [{ role: "user", content: localResult.summary }],
     });
     // Extract text from response content blocks
-    const text = response.content
+    let text = response.content
         .filter((block) => block.type === "text")
         .map((block) => block.text)
         .join("\n");
+    // Throw on an empty response rather than storing an empty memory; the
+    // session-lifecycle retry/fallback-to-local path handles the failure.
+    if (!text || text.trim().length === 0) {
+        throw new Error("Cloud summarizer returned empty response");
+    }
+    // Cap cloud output to summaryTokenCap (rough token→char ratio) for parity
+    // with the local summarizer, so a verbose cloud response cannot blow past the
+    // configured budget.
+    if (input.summaryTokenCap && text.length > input.summaryTokenCap * 4) {
+        text = text.slice(0, input.summaryTokenCap * 4);
+    }
     return {
         summary: text,
         warningCodes: localResult.warningCodes,

package/dist/core/summarize/redaction.js

@@ -3,8 +3,20 @@
 // a fragment of a larger secret and leave a partial body behind. All patterns are
 // anchored with explicit literal prefixes/markers and use bounded quantifiers to
 // avoid catastrophic backtracking (ReDoS).
-function defaultRules() {
+//
+// The rule set is allocated once at module load (not per call): the rules are
+// pure, stateless closures, so hoisting avoids re-allocating 8 closures on every
+// applyRedaction invocation — a measurable saving in batch/import/pull loops.
+// The regex literals carry no `lastIndex` state because every pattern is used
+// with String.prototype.replace (not stateful .test()/.exec() on a shared regex).
+const DEFAULT_RULES = createDefaultRules();
+function createDefaultRules() {
     return [
+        // URL-embedded credentials: scheme://user:password@host. Run BEFORE the
+        // email rule so the `password@host` segment is collapsed here rather than
+        // partially matched as an email. Scheme + host are preserved; the
+        // user:password pair is redacted. Bounded quantifiers stay ReDoS-safe.
+        (input) => input.replace(/\b([a-z][a-z0-9+.-]{0,20}:\/\/)[^\s:/@]{1,256}:[^\s/@]{1,256}@/gi, "$1[REDACTED_CREDENTIALS]@"),
         // Email (original rule — unchanged).
         (input) => input.replace(/\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi, "[REDACTED_EMAIL]"),
         // PEM private key block: ----BEGIN <type> PRIVATE KEY---- ... ----END ... ----.
@@ -14,14 +26,39 @@ function defaultRules() {
         (input) => input.replace(/\beyJ[A-Za-z0-9_-]{5,}\.[A-Za-z0-9_-]{5,}\.[A-Za-z0-9_-]{5,}\b/g, "[REDACTED_JWT]"),
         // AWS access key id: AKIA + 16 uppercase alphanumerics.
         (input) => input.replace(/\bAKIA[A-Z0-9]{16}\b/g, "[REDACTED_AWS_KEY]"),
-        // GitHub tokens: ghp_/gho_/ghu_/ghs_/ghr_ + 36 alphanumerics.
-        (input) => input.replace(/\bgh[poushr]_[A-Za-z0-9]{36}\b/g, "[REDACTED_GITHUB_TOKEN]"),
-        // OpenAI-style API key (original rule — unchanged).
-        (input) => input.replace(/sk-[a-zA-Z0-9]{12,}/g, "[REDACTED_API_KEY]"),
+        // AWS temporary credentials access key id: ASIA + 16 uppercase alphanumerics.
+        (input) => input.replace(/\bASIA[A-Z0-9]{16}\b/g, "[REDACTED_AWS_KEY]"),
+        // GitHub tokens: ghp_/gho_/ghu_/ghs_/ghr_ + 36 OR MORE alphanumerics
+        // (GitHub has lengthened tokens over time; `{36,}` future-proofs the rule).
+        (input) => input.replace(/\bgh[poushr]_[A-Za-z0-9]{36,}\b/g, "[REDACTED_GITHUB_TOKEN]"),
+        // GitHub fine-grained personal access tokens: github_pat_ + long body.
+        (input) => input.replace(/\bgithub_pat_[A-Za-z0-9_]{20,}\b/g, "[REDACTED_GITHUB_TOKEN]"),
+        // Slack tokens: xoxb-/xoxp-/xoxa-/xoxr-/xoxs-/xoxe-/xoxc-/xoxt- and the
+        // app-level xapp- prefix + dash-delimited segments.
+        (input) => input.replace(/\b(?:xox[baprsect]|xapp)-[A-Za-z0-9-]{10,256}\b/g, "[REDACTED_SLACK_TOKEN]"),
+        // Stripe live keys: secret (sk_live_), restricted (rk_live_), and
+        // publishable (pk_live_) + 24 or more alphanumerics.
+        (input) => input.replace(/\b[srp]k_live_[A-Za-z0-9]{24,}\b/g, "[REDACTED_STRIPE_KEY]"),
+        // npm access tokens: npm_ + 36 alphanumerics.
+        (input) => input.replace(/\bnpm_[A-Za-z0-9]{36}\b/g, "[REDACTED_NPM_TOKEN]"),
+        // Google API keys: AIza + 35 url-safe chars (39 total).
+        (input) => input.replace(/\bAIza[0-9A-Za-z_-]{35}\b/g, "[REDACTED_GOOGLE_API_KEY]"),
+        // OpenAI-style API key. Allow an optional internal dash segment so
+        // project-scoped keys (sk-proj-...) are fully redacted rather than leaving
+        // the project segment behind. Bounded quantifiers stay ReDoS-safe.
+        (input) => input.replace(/\bsk-(?:[a-zA-Z0-9]{1,32}-){0,4}[a-zA-Z0-9]{12,200}\b/g, "[REDACTED_API_KEY]"),
         // Bearer token header value: "Bearer <token>" (case-insensitive), token redacted.
         (input) => input.replace(/\bBearer\s+[A-Za-z0-9._~+/-]{8,}=*/gi, "Bearer [REDACTED_BEARER_TOKEN]"),
-        // Connection-string assignment: password=/secret= value -> key kept, value redacted.
-        (input) => input.replace(/\b(password|secret)=([^\s"'&;]+)/gi, "$1=[REDACTED]"),
+        // Config/connection-string assignments: key=value where key is a known
+        // secret-bearing name. The key is kept and the value redacted. Covers
+        // password/secret plus api_key/apikey/token/access_token/pwd in URL query
+        // strings and config files. The `=` separator may carry surrounding spaces.
+        (input) => input.replace(/\b(password|passwd|pwd|secret|api[_-]?key|access[_-]?token|token)\s*=\s*([^\s"'&;]+)/gi, "$1=[REDACTED]"),
+        // JSON-form secret assignments: "key": "value" for known secret-bearing
+        // keys. Complements the key=value rule above so secrets embedded in JSON
+        // payloads (config files, logged request bodies) are redacted too. The key
+        // is preserved; the quoted value is collapsed.
+        (input) => input.replace(/"(password|secret|api_key|token|access_token|auth_token|client_secret|private_key|pwd|passwd)"\s*:\s*"[^"]{4,}"/gi, '"$1": "[REDACTED]"'),
     ];
 }
 export function applyRedaction(input, options) {
@@ -33,7 +70,7 @@ export function applyRedaction(input, options) {
     }
     let text = input;
     const warningCodes = [];
-    for (const rule of options.rules ?? defaultRules()) {
+    for (const rule of options.rules ?? DEFAULT_RULES) {
         try {
             text = rule(text);
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sessionmem",
-  "version": "1.0.6",
+  "version": "1.1.0",
   "private": false,
   "type": "module",
   "description": "Local-first MCP memory layer for coding agents across Claude Code, Codex, Cursor, Cline, Windsurf, and other MCP-compatible hosts.",
@@ -28,7 +28,7 @@
     "lint": "eslint .",
     "typecheck": "tsc --noEmit",
     "benchmark": "node scripts/benchmark.mjs",
-    "postversion": "node -e \"const v=require('./package.json').version; ['package/package.json','.claude-plugin/plugin.json','server.json'].forEach(f=>{const o=require('./'+f);o.version=v;if(o.packages&&o.packages[0])o.packages[0].version=v;require('fs').writeFileSync('./'+f,JSON.stringify(o,null,2)+'\\n')})\""
+    "postversion": "node -e \"const v=require('./package.json').version; ['package/package.json','.claude-plugin/plugin.json','server.json'].forEach(f=>{const o=require('./'+f);o.version=v;if(o.packages&&o.packages[0])o.packages[0].version=v;require('fs').writeFileSync('./'+f,JSON.stringify(o,null,2)+'\\n')})\" && npm run build"
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.105.0",