superlocalmemory 3.4.19 → 3.4.21

package/src/superlocalmemory/server/routes/profiles.py

@@ -11,7 +11,7 @@ SQLite is the single source of truth for profiles. profiles.json
 is kept in sync as a cache for backward compatibility.
 """
 import logging
-from datetime import datetime
+from datetime import datetime, timezone
 
 from fastapi import APIRouter, HTTPException
 
@@ -106,7 +106,7 @@ async def switch_profile(name: str):
         # Update last_used in profiles.json
         json_config = _load_profiles_json()
         if name in json_config.get('profiles', {}):
-            json_config['profiles'][name]['last_used'] = datetime.now().isoformat()
+            json_config['profiles'][name]['last_used'] = datetime.now(timezone.utc).isoformat()
             _save_profiles_json(json_config)
 
         count = _get_memory_count(name)
@@ -115,7 +115,7 @@ async def switch_profile(name: str):
             await ws_manager.broadcast({
                 "type": "profile_switched", "profile": name,
                 "previous": previous, "memory_count": count,
-                "timestamp": datetime.now().isoformat(),
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             })
 
         return {

package/src/superlocalmemory/server/routes/token.py

@@ -0,0 +1,88 @@
+"""GET /internal/token — serve install token to the local dashboard.
+
+Non-technical user fix: the browser dashboard runs on the same machine
+that owns the install-token file. Forcing the user to open a terminal
+and paste ``cat ~/.superlocalmemory/.install_token`` into a browser
+prompt is pure UX friction with no real security gain — anyone who can
+open the dashboard can read the token file (both are user-owned on
+loopback). Non-browser clients (Cursor, Antigravity, Copilot, MCP, CLI)
+continue to read the token file directly and send ``X-Install-Token``
+on their requests; their security model is unchanged.
+
+Gates (narrower than prewarm's 4):
+  1. Loopback-only client (127.0.0.1 / ::1).
+  2. Origin header, if present, must be a loopback URL.
+  3. No install-token requirement — this endpoint PROVIDES the token.
+
+On gate failure or unreadable token file, responds with a fixed-tag
+error and non-200 status. Never echoes attacker-supplied material.
+"""
+
+from __future__ import annotations
+
+import logging
+from pathlib import Path
+
+from fastapi import APIRouter, Request
+from fastapi.responses import JSONResponse
+
+logger = logging.getLogger(__name__)
+
+router = APIRouter(tags=["internal"])
+
+
+_ALLOWED_ORIGIN_PREFIXES = (
+    "http://127.0.0.1",
+    "http://localhost",
+    "http://[::1]",
+)
+
+
+def _origin_is_loopback(origin: str) -> bool:
+    """Return True iff ``origin`` is absent or a loopback URL."""
+    if not origin:
+        return True
+    return any(origin.startswith(p) for p in _ALLOWED_ORIGIN_PREFIXES)
+
+
+@router.get("/internal/token")
+async def get_token(request: Request) -> JSONResponse:
+    """Return the install token for browser-based local dashboard use."""
+    try:
+        from superlocalmemory.core.security_primitives import (
+            _install_token_path,
+        )
+        from superlocalmemory.hooks.prewarm_auth import is_loopback
+    except Exception as exc:  # pragma: no cover
+        logger.debug("token: primitives unimportable: %s", exc)
+        return JSONResponse({"error": "server_error"}, status_code=500)
+
+    client_host = request.client.host if request.client else ""
+    if not is_loopback(client_host):
+        return JSONResponse({"error": "loopback only"}, status_code=403)
+
+    headers = {k.lower(): v for k, v in request.headers.items()}
+    origin = headers.get("origin", "")
+    if not _origin_is_loopback(origin):
+        return JSONResponse(
+            {"error": "origin not allowed"}, status_code=403,
+        )
+
+    try:
+        tok_path = _install_token_path()
+        tok = Path(tok_path).read_text(encoding="utf-8").strip()
+    except Exception as exc:
+        logger.debug("token: file read failed: %s", exc)
+        return JSONResponse(
+            {"error": "token_unavailable"}, status_code=500,
+        )
+
+    if not tok:
+        return JSONResponse(
+            {"error": "token_unavailable"}, status_code=500,
+        )
+
+    return JSONResponse({"token": tok})
+
+
+__all__ = ("router",)

package/src/superlocalmemory/server/routes/ws.py

@@ -7,7 +7,7 @@
 Routes: /ws/updates
 """
 from typing import Set
-from datetime import datetime
+from datetime import datetime, timezone
 
 from fastapi import APIRouter, WebSocket, WebSocketDisconnect
 
@@ -49,7 +49,7 @@ async def websocket_updates(websocket: WebSocket):
         await websocket.send_json({
             "type": "connected",
             "message": "WebSocket connection established",
-            "timestamp": datetime.now().isoformat(),
+            "timestamp": datetime.now(timezone.utc).isoformat(),
         })
 
         while True:
@@ -59,14 +59,14 @@ async def websocket_updates(websocket: WebSocket):
                 if data.get('type') == 'ping':
                     await websocket.send_json({
                         "type": "pong",
-                        "timestamp": datetime.now().isoformat(),
+                        "timestamp": datetime.now(timezone.utc).isoformat(),
                     })
 
                 elif data.get('type') == 'get_stats':
                     await websocket.send_json({
                         "type": "stats_update",
                         "message": "Use /api/stats endpoint for stats",
-                        "timestamp": datetime.now().isoformat(),
+                        "timestamp": datetime.now(timezone.utc).isoformat(),
                     })
 
             except WebSocketDisconnect:
@@ -75,7 +75,7 @@ async def websocket_updates(websocket: WebSocket):
                 await websocket.send_json({
                     "type": "error",
                     "message": str(e),
-                    "timestamp": datetime.now().isoformat(),
+                    "timestamp": datetime.now(timezone.utc).isoformat(),
                 })
 
     finally:

package/src/superlocalmemory/server/security_middleware.py

@@ -33,17 +33,23 @@ class SecurityHeadersMiddleware(BaseHTTPMiddleware):
         # Enable browser XSS filter (legacy, but doesn't hurt)
         response.headers["X-XSS-Protection"] = "1; mode=block"
 
-        # Content Security Policy
-        # Note: 'unsafe-inline' is needed for Bootstrap and inline scripts
-        # For production, consider moving inline scripts to separate files
+        # Content Security Policy (v3.4.21 — vendored assets, no CDN hosts).
+        # All Bootstrap/D3/Sigma/graphology/Inter assets ship locally under
+        # /static/vendor/, so we drop every CDN host from the allow-list.
+        # 'unsafe-inline' stays on script-src/style-src for the legacy inline
+        # click handlers in index.html — migrating those to addEventListener
+        # is tracked as a separate backlog item. img-src drops the https:
+        # wildcard now that nothing remote loads.
         csp_directives = [
             "default-src 'self'",
-            "script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://unpkg.com https://d3js.org",
-            "style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://unpkg.com",
-            "font-src 'self' https://cdn.jsdelivr.net",
-            "img-src 'self' data: https:",
+            "script-src 'self' 'unsafe-inline'",
+            "style-src 'self' 'unsafe-inline'",
+            "font-src 'self'",
+            "img-src 'self' data:",
             "connect-src 'self' ws://localhost:* ws://127.0.0.1:*",
             "frame-ancestors 'none'",
+            "base-uri 'self'",
+            "form-action 'self'",
         ]
         response.headers["Content-Security-Policy"] = "; ".join(csp_directives)
 

package/src/superlocalmemory/server/ui.py

@@ -20,7 +20,7 @@ All route handlers live in routes/ directory:
 import logging
 import sys
 from pathlib import Path
-from datetime import datetime
+from datetime import datetime, timezone
 
 logger = logging.getLogger(__name__)
 
@@ -201,7 +201,7 @@ def create_app() -> FastAPI:
             "status": "healthy",
             "version": SLM_VERSION,
             "database": "connected" if DB_PATH.exists() else "missing",
-            "timestamp": datetime.now().isoformat(),
+            "timestamp": datetime.now(timezone.utc).isoformat(),
         }
 
     # ========================================================================

package/src/superlocalmemory/server/unified_daemon.py

@@ -233,6 +233,90 @@ async def lifespan(application: FastAPI):
     engine = None
     config = None
 
+    # H-21 (Stage 8) — first-boot-after-upgrade notice. Compare the cached
+    # version marker against the current package version; if they differ
+    # (fresh install or upgrade), log a one-time banner with a link to the
+    # CHANGELOG. Non-fatal; any filesystem error is swallowed.
+    try:
+        from pathlib import Path as _VP
+        try:
+            from importlib.metadata import version as _pkg_version
+            _slm_version = _pkg_version("superlocalmemory")
+        except Exception:
+            _slm_version = "unknown"
+        _version_marker = _VP.home() / ".superlocalmemory" / ".last_version"
+        _prev = None
+        if _version_marker.exists():
+            try:
+                _prev = _version_marker.read_text(encoding="utf-8").strip()
+            except OSError:
+                _prev = None
+        # S9-SKEP-15: the version marker is written AFTER the migration
+        # block succeeds (see below). A failed migration must NOT cause
+        # the next successful start to skip the upgrade banner — the
+        # banner is the operator's cue that a new version just landed.
+        _want_write_marker = _prev != _slm_version
+        if _want_write_marker:
+            if _prev is None:
+                logger.info(
+                    "[slm] first boot on v%s — run `slm status` to see your "
+                    "memory overview. Changelog: "
+                    "https://github.com/qualixar/superlocalmemory/blob/main/CHANGELOG.md",
+                    _slm_version,
+                )
+            else:
+                logger.info(
+                    "[slm] upgraded %s → %s. Data migrations run in a moment; "
+                    "your 18k+ atomic facts are preserved. Changelog: "
+                    "https://github.com/qualixar/superlocalmemory/blob/main/CHANGELOG.md",
+                    _prev, _slm_version,
+                )
+    except Exception as _exc:  # pragma: no cover — never block startup
+        logger.debug("version-banner skipped: %s", _exc)
+        _want_write_marker = False
+        _version_marker = None
+        _slm_version = None
+
+    # LLD-06 §7.3 / LLD-07 §4.1 — run additive schema migrations BEFORE
+    # engine init so later queries see the expected columns/tables.
+    # Non-fatal: any failure here is logged and the daemon still starts.
+    try:
+        from pathlib import Path as _P
+        from superlocalmemory.storage.migration_runner import apply_all
+        _home = _P.home() / ".superlocalmemory"
+        _learning_db = _home / "learning.db"
+        _memory_db = _home / "memory.db"
+        _result = apply_all(_learning_db, _memory_db)
+        _applied = _result.get("applied", [])
+        _failed = _result.get("failed", [])
+        if _applied:
+            logger.info("migrations applied: %s", _applied)
+        if _failed:
+            logger.warning("migrations failed (non-fatal): %s", _failed)
+        application.state.migration_result = _result
+        # S9-SKEP-15: only commit the new `.last_version` AFTER migrations
+        # complete with zero failures. A partial upgrade (schema didn't
+        # land) must retain the old marker so the next successful start
+        # still fires the upgrade banner — otherwise the operator loses
+        # the one signal that tells them a version just changed.
+        if (
+            _want_write_marker
+            and _version_marker is not None
+            and _slm_version is not None
+            and not _failed
+        ):
+            try:
+                _version_marker.parent.mkdir(parents=True, exist_ok=True)
+                _version_marker.write_text(_slm_version, encoding="utf-8")
+            except OSError:
+                pass  # non-fatal
+    except Exception as _exc:
+        logger.warning("migration runner crashed (non-fatal): %s", _exc)
+        application.state.migration_result = {
+            "applied": [], "skipped": [], "failed": [],
+            "details": {"_crash": str(_exc)},
+        }
+
     try:
         from superlocalmemory.core.config import SLMConfig
         from superlocalmemory.core.engine import MemoryEngine
@@ -254,6 +338,47 @@ async def lifespan(application: FastAPI):
         application.state.config = config
         logger.info("Unified daemon: MemoryEngine initialized (mode=%s)", config.mode.value)
 
+        # LLD-07 §4 — deferred migrations (e.g. M006 reward column) need to
+        # run AFTER MemoryEngine.initialize() has bootstrapped runtime tables
+        # like action_outcomes. Non-fatal by contract.
+        try:
+            from superlocalmemory.storage.migration_runner import apply_deferred
+            _deferred = apply_deferred(_learning_db, _memory_db)
+            _d_applied = _deferred.get("applied", [])
+            _d_failed = _deferred.get("failed", [])
+            if _d_applied:
+                logger.info("deferred migrations applied: %s", _d_applied)
+            if _d_failed:
+                logger.warning(
+                    "deferred migrations failed (non-fatal, trainer falls "
+                    "back to position proxy): %s", _d_failed,
+                )
+            # Merge into the migration result already on app state so the
+            # dashboard sees one consolidated picture.
+            _mr = getattr(application.state, "migration_result", None) or {
+                "applied": [], "skipped": [], "failed": [], "details": {},
+            }
+            _mr.setdefault("applied", []).extend(_d_applied)
+            _mr.setdefault("skipped", []).extend(_deferred.get("skipped", []))
+            _mr.setdefault("failed", []).extend(_d_failed)
+            _mr.setdefault("details", {}).update(_deferred.get("details", {}))
+            application.state.migration_result = _mr
+        except Exception as _dexc:  # pragma: no cover — defensive
+            logger.warning(
+                "deferred migration runner crashed (non-fatal): %s", _dexc,
+            )
+
+        # S9-DASH-02: start the outcome-queue worker so recall →
+        # pending_outcomes is actually produced. Before v3.4.21 this
+        # producer had zero callers and the closed-loop pipeline was
+        # dark. Worker drains at 250 ms cadence; one SQLite INSERT per
+        # event via EngagementRewardModel.record_recall.
+        try:
+            from superlocalmemory.learning.outcome_queue import start_worker
+            start_worker(_memory_db)
+        except Exception as _oqexc:  # pragma: no cover — defensive
+            logger.debug("outcome_queue start failed (non-fatal): %s", _oqexc)
+
         # Set up observe buffer
         _observe_buffer.set_engine(engine)
 
@@ -332,6 +457,41 @@ async def lifespan(application: FastAPI):
     if enable_legacy:
         asyncio.create_task(_start_legacy_redirect(_DEFAULT_PORT, _LEGACY_PORT))
 
+    # V3.4.21 LLD-02: signal-worker background drainer (S8-SK-01 fix).
+    # Without this, ``signals.enqueue`` fills a bounded queue and drops
+    # silently after ~250 recalls — learning_signals never populates,
+    # Phase 3 never activates, the whole Living Brain stays cold.
+    if os.environ.get("SLM_SIGNALS_ENABLED", "1") != "0":
+        try:
+            from superlocalmemory.learning import signal_worker as _sw
+            from pathlib import Path as _P
+            _learning_db = _P.home() / ".superlocalmemory" / "learning.db"
+            _sw.start(_learning_db)
+            application.state.signal_worker_started = True
+            logger.info("signal_worker started on %s", _learning_db)
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("signal_worker failed to start: %s", exc)
+            application.state.signal_worker_started = False
+
+    # V3.4.21 LLD-05: cross-platform adapter sync loop
+    if os.environ.get("SLM_CROSS_PLATFORM_SYNC_DISABLED", "").lower() not in ("1", "true"):
+        try:
+            from superlocalmemory.cli.context_commands import build_default_adapters
+            from superlocalmemory.hooks.sync_loop import schedule as _schedule_sync
+            _schedule_sync(build_default_adapters())
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("cross-platform sync loop failed to start: %s", exc)
+
+    # V3.4.21 LLD-03: bandit reward proxy settler + retention sweep loops
+    if os.environ.get("SLM_BANDIT_DISABLED", "0") != "1":
+        try:
+            from superlocalmemory.server.bandit_loops import (
+                schedule_bandit_loops,
+            )
+            schedule_bandit_loops(application, config)
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("bandit loops failed to start: %s", exc)
+
     global _start_time
     _start_time = time.monotonic()
     _last_activity = time.monotonic()
@@ -341,8 +501,110 @@ async def lifespan(application: FastAPI):
 
     yield
 
-    # Shutdown
+    # S9-W4 C2: symmetric shutdown. Prior version only flushed the
+    # observe-buffer + signal_worker + engine. The following long-lived
+    # subsystems lived on ``application.state`` but were never
+    # explicitly cancelled / joined, so uvicorn's
+    # ``timeout_graceful_shutdown=10`` silently killed live threads
+    # mid-commit: HealthMonitor probes, MeshBroker cleanup thread,
+    # bandit settler asyncio tasks, and the process-wide cost-log
+    # connection cache. A WAL commit interrupted mid-flight could
+    # leave ``evolution_llm_cost_log`` with torn rows.
+    #
+    # New policy: every subsystem that stored a handle on
+    # ``application.state`` MUST be stopped here, in reverse start
+    # order. Each stop is wrapped in try/except so one failure does
+    # not skip the rest.
     _observe_buffer.flush_sync()
+
+    # S9-DASH-02: stop outcome-queue worker (final drain on graceful
+    # shutdown). Any events left unpersisted are logged but not
+    # replayed — signal capture is not load-bearing on correctness.
+    try:
+        from superlocalmemory.learning.outcome_queue import stop_worker
+        _oq_remaining = stop_worker(timeout_s=2.0)
+        if _oq_remaining:
+            logger.info(
+                "outcome_queue shutdown: %d events dropped on flush",
+                _oq_remaining,
+            )
+    except Exception as exc:  # pragma: no cover — defensive
+        logger.warning("outcome_queue stop failed: %s", exc)
+
+    # Cancel bandit asyncio tasks (LLD-03). ``bandit_loops`` stashes
+    # them at ``application.state.bandit_tasks``; if the attr is
+    # missing we skip.
+    _bandit_tasks = getattr(application.state, "bandit_tasks", None)
+    if _bandit_tasks:
+        try:
+            for _t in _bandit_tasks:
+                try:
+                    _t.cancel()
+                except Exception:  # pragma: no cover
+                    pass
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("bandit_tasks cancel failed: %s", exc)
+
+    # Stop HealthMonitor (health_monitor.py owns a daemon thread).
+    _health = getattr(application.state, "health_monitor", None)
+    if _health is not None:
+        try:
+            stop_fn = getattr(_health, "stop", None)
+            if callable(stop_fn):
+                stop_fn()
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("health_monitor stop failed: %s", exc)
+
+    # Stop MeshBroker cleanup thread.
+    _mesh = getattr(application.state, "mesh_broker", None)
+    if _mesh is not None:
+        try:
+            stop_fn = getattr(_mesh, "stop_cleanup", None)
+            if callable(stop_fn):
+                stop_fn()
+            else:  # pragma: no cover — older broker versions
+                stop_fn = getattr(_mesh, "stop", None)
+                if callable(stop_fn):
+                    stop_fn()
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("mesh_broker stop failed: %s", exc)
+
+    # LLD-02 SW3: flush pending signals to DB before closing. Bounded 3 s
+    # to keep daemon shutdown snappy; drops + counts anything unwritten.
+    if getattr(application.state, "signal_worker_started", False):
+        try:
+            from superlocalmemory.learning import signal_worker as _sw
+            _sw.stop(timeout=3.0)
+        except Exception as exc:  # pragma: no cover — defensive
+            logger.warning("signal_worker shutdown flush failed: %s", exc)
+
+    # Close the process-wide evolution cost-log connection cache
+    # BEFORE engine.close so fsyncs land under our own control, not
+    # under uvicorn's SIGTERM timeout. ``_close_cost_conns`` is
+    # idempotent — the atexit hook is still registered but won't
+    # re-close since the cache is cleared.
+    try:
+        from superlocalmemory.evolution import llm_dispatch as _ld
+        _ld._close_cost_conns()
+    except Exception as exc:  # pragma: no cover — defensive
+        logger.warning("evolution cost-conn cache close failed: %s", exc)
+
+    # Drop the trigram cache conn symmetrically.
+    try:
+        from superlocalmemory.learning import trigram_index as _ti
+        _ti._reset_cache_conn()
+    except Exception as exc:  # pragma: no cover — defensive
+        logger.warning("trigram cache conn close failed: %s", exc)
+
+    # Flush the perf-log fd explicitly (the atexit hook still fires
+    # but explicit close here is cheap insurance against uvicorn
+    # killing the process before atexit runs).
+    try:
+        from superlocalmemory.hooks._outcome_common import _perf_log_flush
+        _perf_log_flush()
+    except Exception as exc:  # pragma: no cover — defensive
+        logger.warning("perf_log flush failed: %s", exc)
+
     if engine is not None:
         try:
             engine.close()
@@ -408,6 +670,51 @@ def create_app() -> FastAPI:
     except ImportError:
         pass
 
+    # -- Brain route (LLD-04 v2: /api/v3/brain + deprecated shims) --
+    try:
+        from superlocalmemory.server.routes.brain import (
+            router as brain_router,
+        )
+        from superlocalmemory.server.middleware.security_headers import (
+            SecurityHeadersMiddleware as StrictSecurityHeadersMiddleware,
+        )
+        application.include_router(brain_router)
+        # Strict CSP / XFO / XCTO / Referrer-Policy — applies to every
+        # response including the Brain route. Added as the outermost
+        # middleware so it overrides the legacy security_middleware's
+        # looser CSP on requests that pass through this strict wall.
+        application.add_middleware(StrictSecurityHeadersMiddleware)
+    except ImportError as exc:  # pragma: no cover — defensive wiring
+        logger.warning("brain router not wired: %s", exc)
+
+    # -- Prewarm route (LLD-01 §4.4 — S8-SK-02 fix) --
+    # POST /internal/prewarm populates active_brain_cache after every
+    # tool_use. Without this handler, the async hook POSTs to a 404 and
+    # the cache never gets populated, which made every UserPromptSubmit
+    # a structural miss. All 4 auth gates applied inside the route.
+    try:
+        from superlocalmemory.server.routes.prewarm import (
+            router as prewarm_router,
+        )
+        application.include_router(prewarm_router)
+    except ImportError as exc:  # pragma: no cover — defensive wiring
+        logger.warning("prewarm router not wired: %s", exc)
+
+    # -- Token route — auto-inject install token into the local dashboard --
+    # GET /internal/token returns the install token to loopback+origin-
+    # scoped browser callers so brain.js (and any future token-gated
+    # dashboard fetch) can include X-Install-Token without ever asking
+    # the non-technical user to paste it. Non-browser clients (MCP, CLI,
+    # IDE adapters) keep reading ~/.superlocalmemory/.install_token
+    # directly and sending the header themselves.
+    try:
+        from superlocalmemory.server.routes.token import (
+            router as token_router,
+        )
+        application.include_router(token_router)
+    except ImportError as exc:  # pragma: no cover — defensive wiring
+        logger.warning("token router not wired: %s", exc)
+
     # -- Daemon-specific routes --
     _register_daemon_routes(application)
 
@@ -427,9 +734,18 @@ def _register_dashboard_routes(application: FastAPI) -> None:
         _write_limiter = RateLimiter(max_requests=30, window_seconds=60)
         _read_limiter = RateLimiter(max_requests=120, window_seconds=60)
 
+        # S9-DASH-09: loopback (127.0.0.1 / ::1) is always the dashboard
+        # itself — it legitimately makes many rapid reads (Brain + tabs +
+        # polling). Rate-limiting our own UI produces 429s that cascade
+        # into blank panels. CORS already restricts origins to localhost,
+        # so we don't lose the anti-abuse posture for external callers.
+        _LOOPBACK_IPS = frozenset({"127.0.0.1", "::1", "localhost"})
+
         @application.middleware("http")
         async def rate_limit_middleware(request, call_next):
             client_ip = request.client.host if request.client else "unknown"
+            if client_ip in _LOOPBACK_IPS:
+                return await call_next(request)
             is_write = request.method in ("POST", "PUT", "DELETE", "PATCH")
             limiter = _write_limiter if is_write else _read_limiter
             allowed, remaining = limiter.is_allowed(client_ip)
@@ -586,14 +902,30 @@ def _register_daemon_routes(application: FastAPI) -> None:
         }
 
     @application.get("/recall")
-    async def recall(q: str = "", query: str = "", limit: int = 20):
+    async def recall(
+        request: Request,
+        q: str = "", query: str = "", limit: int = 20,
+        session_id: str = "",
+    ):
         _update_activity()
         search_query = q or query  # Accept both ?q= and ?query= for compatibility
         engine = _get_engine_or_503()
         if not search_query:
             return {"results": [], "count": 0, "query_type": "none", "retrieval_time_ms": 0}
+        # S9-DASH-02: session_id for the outcome-queue producer.
+        # Priority: ?session_id= > X-SLM-Session-Id header > synthetic
+        # "http:<ts>". Without a session_id the recall still works
+        # (outcome just can't be hook-matched).
+        effective_sid = session_id
+        if not effective_sid:
+            effective_sid = request.headers.get("X-SLM-Session-Id", "")
+        if not effective_sid:
+            import time as _t
+            effective_sid = f"http:{int(_t.time() * 1000)}"
         try:
-            response = engine.recall(search_query, limit=limit)
+            response = engine.recall(
+                search_query, limit=limit, session_id=effective_sid,
+            )
             results = [
                 {
                     "content": r.fact.content,