basic-memory 0.14.2__py3-none-any.whl → 0.14.3__py3-none-any.whl

basic_memory/config.py

@@ -74,6 +74,12 @@ class BasicMemoryConfig(BaseSettings):
         description="Whether to sync changes in real time. default (True)",
     )
 
+    # API connection configuration
+    api_url: Optional[str] = Field(
+        default=None,
+        description="URL of remote Basic Memory API. If set, MCP will connect to this API instead of using local ASGI transport.",
+    )
+
     model_config = SettingsConfigDict(
         env_prefix="BASIC_MEMORY_",
         extra="ignore",
@@ -124,6 +130,7 @@ class BasicMemoryConfig(BaseSettings):
         """
 
         # Load the app-level database path from the global config
+        config_manager = ConfigManager()
         config = config_manager.load_config()  # pragma: no cover
         return config.app_database_path  # pragma: no cover
 
@@ -162,20 +169,21 @@ class ConfigManager:
         # Ensure config directory exists
         self.config_dir.mkdir(parents=True, exist_ok=True)
 
-        # Load or create configuration
-        self.config = self.load_config()
+    @property
+    def config(self) -> BasicMemoryConfig:
+        """Get configuration, loading it lazily if needed."""
+        return self.load_config()
 
     def load_config(self) -> BasicMemoryConfig:
         """Load configuration from file or create default."""
+
         if self.config_file.exists():
             try:
                 data = json.loads(self.config_file.read_text(encoding="utf-8"))
                 return BasicMemoryConfig(**data)
             except Exception as e:  # pragma: no cover
-                logger.error(f"Failed to load config: {e}")
-                config = BasicMemoryConfig()
-                self.save_config(config)
-                return config
+                logger.exception(f"Failed to load config: {e}")
+                raise e
         else:
             config = BasicMemoryConfig()
             self.save_config(config)
@@ -183,10 +191,7 @@ class ConfigManager:
 
     def save_config(self, config: BasicMemoryConfig) -> None:
         """Save configuration to file."""
-        try:
-            self.config_file.write_text(json.dumps(config.model_dump(), indent=2))
-        except Exception as e:  # pragma: no cover
-            logger.error(f"Failed to save config: {e}")
+        save_basic_memory_config(self.config_file, config)
 
     @property
     def projects(self) -> Dict[str, str]:
@@ -208,8 +213,10 @@ class ConfigManager:
         project_path = Path(path)
         project_path.mkdir(parents=True, exist_ok=True)  # pragma: no cover
 
-        self.config.projects[name] = str(project_path)
-        self.save_config(self.config)
+        # Load config, modify it, and save it
+        config = self.load_config()
+        config.projects[name] = str(project_path)
+        self.save_config(config)
         return ProjectConfig(name=name, home=project_path)
 
     def remove_project(self, name: str) -> None:
@@ -219,11 +226,13 @@ class ConfigManager:
         if not project_name:  # pragma: no cover
             raise ValueError(f"Project '{name}' not found")
 
-        if project_name == self.config.default_project:  # pragma: no cover
+        # Load config, check, modify, and save
+        config = self.load_config()
+        if project_name == config.default_project:  # pragma: no cover
             raise ValueError(f"Cannot remove the default project '{name}'")
 
-        del self.config.projects[name]
-        self.save_config(self.config)
+        del config.projects[name]
+        self.save_config(config)
 
     def set_default_project(self, name: str) -> None:
         """Set the default project."""
@@ -231,15 +240,18 @@ class ConfigManager:
         if not project_name:  # pragma: no cover
             raise ValueError(f"Project '{name}' not found")
 
-        self.config.default_project = name
-        self.save_config(self.config)
+        # Load config, modify, and save
+        config = self.load_config()
+        config.default_project = name
+        self.save_config(config)
 
     def get_project(self, name: str) -> Tuple[str, str] | Tuple[None, None]:
         """Look up a project from the configuration by name or permalink"""
         project_permalink = generate_permalink(name)
-        for name, path in app_config.projects.items():
-            if project_permalink == generate_permalink(name):
-                return name, path
+        app_config = self.config
+        for project_name, path in app_config.projects.items():
+            if project_permalink == generate_permalink(project_name):
+                return project_name, path
         return None, None
 
 
@@ -252,7 +264,7 @@ def get_project_config(project_name: Optional[str] = None) -> ProjectConfig:
     actual_project_name = None
 
     # load the config from file
-    global app_config
+    config_manager = ConfigManager()
     app_config = config_manager.load_config()
 
     # Get project name from environment variable
@@ -282,14 +294,12 @@ def get_project_config(project_name: Optional[str] = None) -> ProjectConfig:
     raise ValueError(f"Project '{actual_project_name}' not found")  # pragma: no cover
 
 
-# Create config manager
-config_manager = ConfigManager()
-
-# Export the app-level config
-app_config: BasicMemoryConfig = config_manager.config
-
-# Load project config for the default project (backward compatibility)
-config: ProjectConfig = get_project_config()
+def save_basic_memory_config(file_path: Path, config: BasicMemoryConfig) -> None:
+    """Save configuration to file."""
+    try:
+        file_path.write_text(json.dumps(config.model_dump(), indent=2))
+    except Exception as e:  # pragma: no cover
+        logger.error(f"Failed to save config: {e}")
 
 
 def update_current_project(project_name: str) -> None:
@@ -341,12 +351,17 @@ def setup_basic_memory_logging():  # pragma: no cover
         # print("Skipping duplicate logging setup")
         return
 
+    # Check for console logging environment variable
+    console_logging = os.getenv("BASIC_MEMORY_CONSOLE_LOGGING", "false").lower() == "true"
+
+    config_manager = ConfigManager()
+    config = get_project_config()
     setup_logging(
         env=config_manager.config.env,
         home_dir=user_home,  # Use user home for logs
-        log_level=config_manager.load_config().log_level,
+        log_level=config_manager.config.log_level,
         log_file=f"{DATA_DIR_NAME}/basic-memory-{process_name}.log",
-        console=False,
+        console=console_logging,
     )
 
     logger.info(f"Basic Memory {basic_memory.__version__} (Project: {config.project})")

basic_memory/db.py

@@ -4,7 +4,7 @@ from enum import Enum, auto
 from pathlib import Path
 from typing import AsyncGenerator, Optional
 
-from basic_memory.config import BasicMemoryConfig
+from basic_memory.config import BasicMemoryConfig, ConfigManager
 from alembic import command
 from alembic.config import Config
 
@@ -88,7 +88,6 @@ async def get_or_create_db(
     db_path: Path,
     db_type: DatabaseType = DatabaseType.FILESYSTEM,
     ensure_migrations: bool = True,
-    app_config: Optional["BasicMemoryConfig"] = None,
 ) -> tuple[AsyncEngine, async_sessionmaker[AsyncSession]]:  # pragma: no cover
     """Get or create database engine and session maker."""
     global _engine, _session_maker
@@ -98,10 +97,7 @@ async def get_or_create_db(
 
         # Run migrations automatically unless explicitly disabled
         if ensure_migrations:
-            if app_config is None:
-                from basic_memory.config import app_config as global_app_config
-
-                app_config = global_app_config
+            app_config = ConfigManager().config
             await run_migrations(app_config, db_type)
 
     # These checks should never fail since we just created the engine and session maker

basic_memory/deps.py

@@ -12,7 +12,7 @@ from sqlalchemy.ext.asyncio import (
 import pathlib
 
 from basic_memory import db
-from basic_memory.config import ProjectConfig, BasicMemoryConfig
+from basic_memory.config import ProjectConfig, BasicMemoryConfig, ConfigManager
 from basic_memory.importers import (
     ChatGPTImporter,
     ClaudeConversationsImporter,
@@ -33,10 +33,10 @@ from basic_memory.services.file_service import FileService
 from basic_memory.services.link_resolver import LinkResolver
 from basic_memory.services.search_service import SearchService
 from basic_memory.sync import SyncService
-from basic_memory.config import app_config
 
 
 def get_app_config() -> BasicMemoryConfig:  # pragma: no cover
+    app_config = ConfigManager().config
     return app_config
 
 
@@ -297,6 +297,7 @@ ContextServiceDep = Annotated[ContextService, Depends(get_context_service)]
 
 
 async def get_sync_service(
+    app_config: AppConfigDep,
     entity_service: EntityServiceDep,
     entity_parser: EntityParserDep,
     entity_repository: EntityRepositoryDep,

basic_memory/importers/chatgpt_importer.py

@@ -193,7 +193,7 @@ class ChatGPTImporter(Importer[ChatImportResult]):
     def _traverse_messages(
         self, mapping: Dict[str, Any], root_id: Optional[str], seen: Set[str]
     ) -> List[Dict[str, Any]]:  # pragma: no cover
-        """Traverse message tree and return messages in order.
+        """Traverse message tree iteratively to handle deep conversations.
 
         Args:
             mapping: Message mapping.
@@ -204,19 +204,29 @@ class ChatGPTImporter(Importer[ChatImportResult]):
             List of message data.
         """
         messages = []
-        node = mapping.get(root_id) if root_id else None
+        if not root_id:
+            return messages
 
-        while node:
+        # Use iterative approach with stack to avoid recursion depth issues
+        stack = [root_id]
+
+        while stack:
+            node_id = stack.pop()
+            if not node_id:
+                continue
+
+            node = mapping.get(node_id)
+            if not node:
+                continue
+
+            # Process current node if it has a message and hasn't been seen
             if node["id"] not in seen and node.get("message"):
                 seen.add(node["id"])
                 messages.append(node["message"])
 
-            # Follow children
+            # Add children to stack in reverse order to maintain conversation flow
             children = node.get("children", [])
-            for child_id in children:
-                child_msgs = self._traverse_messages(mapping, child_id, seen)
-                messages.extend(child_msgs)
-
-            break  # Don't follow siblings
+            for child_id in reversed(children):
+                stack.append(child_id)
 
         return messages

basic_memory/importers/memory_json_importer.py

@@ -3,7 +3,7 @@
 import logging
 from typing import Any, Dict, List
 
-from basic_memory.config import config
+from basic_memory.config import get_project_config
 from basic_memory.markdown.schemas import EntityFrontmatter, EntityMarkdown, Observation, Relation
 from basic_memory.importers.base import Importer
 from basic_memory.schemas.importer import EntityImportResult
@@ -27,10 +27,12 @@ class MemoryJsonImporter(Importer[EntityImportResult]):
         Returns:
             EntityImportResult containing statistics and status of the import.
         """
+        config = get_project_config()
         try:
             # First pass - collect all relations by source entity
             entity_relations: Dict[str, List[Relation]] = {}
             entities: Dict[str, Dict[str, Any]] = {}
+            skipped_entities: int = 0
 
             # Ensure the base path exists
             base_path = config.home  # pragma: no cover
@@ -41,7 +43,13 @@ class MemoryJsonImporter(Importer[EntityImportResult]):
             for line in source_data:
                 data = line
                 if data["type"] == "entity":
-                    entities[data["name"]] = data
+                    # Handle different possible name keys
+                    entity_name = data.get("name") or data.get("entityName") or data.get("id")
+                    if not entity_name:
+                        logger.warning(f"Entity missing name field: {data}")
+                        skipped_entities += 1
+                        continue
+                    entities[entity_name] = data
                 elif data["type"] == "relation":
                     # Store relation with its source entity
                     source = data.get("from") or data.get("from_id")
@@ -57,25 +65,31 @@ class MemoryJsonImporter(Importer[EntityImportResult]):
             # Second pass - create and write entities
             entities_created = 0
             for name, entity_data in entities.items():
+                # Get entity type with fallback
+                entity_type = entity_data.get("entityType") or entity_data.get("type") or "entity"
+
                 # Ensure entity type directory exists
-                entity_type_dir = base_path / entity_data["entityType"]
+                entity_type_dir = base_path / entity_type
                 entity_type_dir.mkdir(parents=True, exist_ok=True)
 
+                # Get observations with fallback to empty list
+                observations = entity_data.get("observations", [])
+
                 entity = EntityMarkdown(
                     frontmatter=EntityFrontmatter(
                         metadata={
-                            "type": entity_data["entityType"],
+                            "type": entity_type,
                             "title": name,
-                            "permalink": f"{entity_data['entityType']}/{name}",
+                            "permalink": f"{entity_type}/{name}",
                         }
                     ),
                     content=f"# {name}\n",
-                    observations=[Observation(content=obs) for obs in entity_data["observations"]],
+                    observations=[Observation(content=obs) for obs in observations],
                     relations=entity_relations.get(name, []),
                 )
 
                 # Write entity file
-                file_path = base_path / f"{entity_data['entityType']}/{name}.md"
+                file_path = base_path / f"{entity_type}/{name}.md"
                 await self.write_entity(entity, file_path)
                 entities_created += 1
 
@@ -86,6 +100,7 @@ class MemoryJsonImporter(Importer[EntityImportResult]):
                 success=True,
                 entities=entities_created,
                 relations=relations_count,
+                skipped_entities=skipped_entities,
             )
 
         except Exception as e:  # pragma: no cover

basic_memory/mcp/async_client.py

@@ -1,8 +1,28 @@
 from httpx import ASGITransport, AsyncClient
+from loguru import logger
 
 from basic_memory.api.app import app as fastapi_app
+from basic_memory.config import ConfigManager
+
+
+def create_client() -> AsyncClient:
+    """Create an HTTP client based on configuration.
+
+    Returns:
+        AsyncClient configured for either local ASGI or remote HTTP transport
+    """
+    config_manager = ConfigManager()
+    config = config_manager.load_config()
+
+    if config.api_url:
+        # Use HTTP transport for remote API
+        logger.info(f"Creating HTTP client for remote Basic Memory API: {config.api_url}")
+        return AsyncClient(base_url=config.api_url)
+    else:
+        # Use ASGI transport for local API
+        logger.debug("Creating ASGI client for local Basic Memory API")
+        return AsyncClient(transport=ASGITransport(app=fastapi_app), base_url="http://test")
 
-BASE_URL = "http://test"
 
 # Create shared async client
-client = AsyncClient(transport=ASGITransport(app=fastapi_app), base_url=BASE_URL)
+client = create_client()

basic_memory/mcp/project_session.py

@@ -8,7 +8,7 @@ from dataclasses import dataclass
 from typing import Optional
 from loguru import logger
 
-from basic_memory.config import ProjectConfig, get_project_config, config_manager
+from basic_memory.config import ProjectConfig, get_project_config, ConfigManager
 
 
 @dataclass
@@ -23,7 +23,7 @@ class ProjectSession:
     current_project: Optional[str] = None
     default_project: Optional[str] = None
 
-    def initialize(self, default_project: str) -> None:
+    def initialize(self, default_project: str) -> "ProjectSession":
         """Set the default project from config on startup.
 
         Args:
@@ -32,6 +32,7 @@ class ProjectSession:
         self.default_project = default_project
         self.current_project = default_project
         logger.info(f"Initialized project session with default project: {default_project}")
+        return self
 
     def get_current_project(self) -> str:
         """Get the currently active project name.
@@ -72,7 +73,7 @@ class ProjectSession:
         via CLI or API to ensure MCP session stays in sync.
         """
         # Reload config to get latest default project
-        current_config = config_manager.load_config()
+        current_config = ConfigManager().config
         new_default = current_config.default_project
 
         # Reinitialize with new default
@@ -102,7 +103,8 @@ def get_active_project(project_override: Optional[str] = None) -> ProjectConfig:
         return project
 
     current_project = session.get_current_project()
-    return get_project_config(current_project)
+    active_project = get_project_config(current_project)
+    return active_project
 
 
 def add_project_metadata(result: str, project_name: str) -> str:

basic_memory/mcp/prompts/__init__.py

@@ -10,12 +10,10 @@ from basic_memory.mcp.prompts import continue_conversation
 from basic_memory.mcp.prompts import recent_activity
 from basic_memory.mcp.prompts import search
 from basic_memory.mcp.prompts import ai_assistant_guide
-from basic_memory.mcp.prompts import sync_status
 
 __all__ = [
     "ai_assistant_guide",
     "continue_conversation",
     "recent_activity",
     "search",
-    "sync_status",
 ]

basic_memory/mcp/server.py

@@ -7,25 +7,10 @@ from contextlib import asynccontextmanager
 from dataclasses import dataclass
 from typing import AsyncIterator, Optional, Any
 
-from dotenv import load_dotenv
 from fastmcp import FastMCP
-from fastmcp.utilities.logging import configure_logging as mcp_configure_logging
-from mcp.server.auth.settings import AuthSettings
 
-from basic_memory.config import app_config
+from basic_memory.config import ConfigManager
 from basic_memory.services.initialization import initialize_app
-from basic_memory.mcp.auth_provider import BasicMemoryOAuthProvider
-from basic_memory.mcp.project_session import session
-from basic_memory.mcp.external_auth_provider import (
-    create_github_provider,
-    create_google_provider,
-)
-from basic_memory.mcp.supabase_auth_provider import SupabaseOAuthProvider
-
-# mcp console logging
-mcp_configure_logging(level="ERROR")
-
-load_dotenv()
 
 
 @dataclass
@@ -36,7 +21,11 @@ class AppContext:
 
 @asynccontextmanager
 async def app_lifespan(server: FastMCP) -> AsyncIterator[AppContext]:  # pragma: no cover
-    """Manage application lifecycle with type-safe context"""
+    """ """
+    # defer import so tests can monkeypatch
+    from basic_memory.mcp.project_session import session
+
+    app_config = ConfigManager().config
     # Initialize on startup (now returns migration_manager)
     migration_manager = await initialize_app(app_config)
 
@@ -50,60 +39,8 @@ async def app_lifespan(server: FastMCP) -> AsyncIterator[AppContext]:  # pragma:
         pass
 
 
-# OAuth configuration function
-def create_auth_config() -> tuple[AuthSettings | None, Any | None]:
-    """Create OAuth configuration if enabled."""
-    # Check if OAuth is enabled via environment variable
-    import os
-
-    if os.getenv("FASTMCP_AUTH_ENABLED", "false").lower() == "true":
-        from pydantic import AnyHttpUrl
-
-        # Configure OAuth settings
-        issuer_url = os.getenv("FASTMCP_AUTH_ISSUER_URL", "http://localhost:8000")
-        required_scopes = os.getenv("FASTMCP_AUTH_REQUIRED_SCOPES", "read,write")
-        docs_url = os.getenv("FASTMCP_AUTH_DOCS_URL") or "http://localhost:8000/docs/oauth"
-
-        auth_settings = AuthSettings(
-            issuer_url=AnyHttpUrl(issuer_url),
-            service_documentation_url=AnyHttpUrl(docs_url),
-            required_scopes=required_scopes.split(",") if required_scopes else ["read", "write"],
-        )
-
-        # Create OAuth provider based on type
-        provider_type = os.getenv("FASTMCP_AUTH_PROVIDER", "basic").lower()
-
-        if provider_type == "github":
-            auth_provider = create_github_provider()
-        elif provider_type == "google":
-            auth_provider = create_google_provider()
-        elif provider_type == "supabase":
-            supabase_url = os.getenv("SUPABASE_URL")
-            supabase_anon_key = os.getenv("SUPABASE_ANON_KEY")
-            supabase_service_key = os.getenv("SUPABASE_SERVICE_KEY")
-
-            if not supabase_url or not supabase_anon_key:
-                raise ValueError("SUPABASE_URL and SUPABASE_ANON_KEY must be set for Supabase auth")
-
-            auth_provider = SupabaseOAuthProvider(
-                supabase_url=supabase_url,
-                supabase_anon_key=supabase_anon_key,
-                supabase_service_key=supabase_service_key,
-                issuer_url=issuer_url,
-            )
-        else:  # default to "basic"
-            auth_provider = BasicMemoryOAuthProvider(issuer_url=issuer_url)
-
-        return auth_settings, auth_provider
-
-    return None, None
-
-
-# Create auth configuration
-auth_settings, auth_provider = create_auth_config()
-
-# Create the shared server instance
+# Create the shared server instance with custom Stytch auth
 mcp = FastMCP(
     name="Basic Memory",
-    auth=auth_provider,
+    lifespan=app_lifespan,
 )

basic_memory/mcp/tools/move_note.py

@@ -11,6 +11,7 @@ from basic_memory.mcp.tools.utils import call_post, call_get
 from basic_memory.mcp.project_session import get_active_project
 from basic_memory.schemas import EntityResponse
 from basic_memory.schemas.project_info import ProjectList
+from basic_memory.utils import validate_project_path
 
 
 async def _detect_cross_project_move_attempt(
@@ -47,18 +48,7 @@ async def _detect_cross_project_move_attempt(
                     identifier, destination_path, current_project, matching_project
                 )
 
-        # Check if the destination path looks like it might be trying to reference another project
-        # (e.g., contains common project-like patterns)
-        if any(keyword in dest_lower for keyword in ["project", "workspace", "repo"]):
-            # This might be a cross-project attempt, but we can't be sure
-            # Return a general guidance message
-            available_projects = [
-                p.name for p in project_list.projects if p.name != current_project
-            ]
-            if available_projects:
-                return _format_potential_cross_project_guidance(
-                    identifier, destination_path, current_project, available_projects
-                )
+        # No other cross-project patterns detected
 
     except Exception as e:
         # If we can't detect, don't interfere with normal error handling
@@ -404,6 +394,28 @@ async def move_note(
     active_project = get_active_project(project)
     project_url = active_project.project_url
 
+    # Validate destination path to prevent path traversal attacks
+    project_path = active_project.home
+    if not validate_project_path(destination_path, project_path):
+        logger.warning(
+            "Attempted path traversal attack blocked",
+            destination_path=destination_path,
+            project=active_project.name,
+        )
+        return f"""# Move Failed - Security Validation Error
+
+The destination path '{destination_path}' is not allowed - paths must stay within project boundaries.
+
+## Valid path examples:
+- `notes/my-file.md`
+- `projects/2025/meeting-notes.md`
+- `archive/old-notes.md`
+
+## Try again with a safe path:
+```
+move_note("{identifier}", "notes/{destination_path.split("/")[-1] if "/" in destination_path else destination_path}")
+```"""
+
     # Check for potential cross-project move attempts
     cross_project_error = await _detect_cross_project_move_attempt(
         identifier, destination_path, active_project.name

basic_memory/mcp/tools/read_content.py

@@ -17,6 +17,7 @@ from basic_memory.mcp.async_client import client
 from basic_memory.mcp.tools.utils import call_get
 from basic_memory.mcp.project_session import get_active_project
 from basic_memory.schemas.memory import memory_url_path
+from basic_memory.utils import validate_project_path
 
 
 def calculate_target_params(content_length):
@@ -188,6 +189,21 @@ async def read_content(path: str, project: Optional[str] = None) -> dict:
     project_url = active_project.project_url
 
     url = memory_url_path(path)
+
+    # Validate path to prevent path traversal attacks
+    project_path = active_project.home
+    if not validate_project_path(url, project_path):
+        logger.warning(
+            "Attempted path traversal attack blocked",
+            path=path,
+            url=url,
+            project=active_project.name,
+        )
+        return {
+            "type": "error",
+            "error": f"Path '{path}' is not allowed - paths must stay within project boundaries",
+        }
+
     response = await call_get(client, f"{project_url}/resource/{url}")
     content_type = response.headers.get("content-type", "application/octet-stream")
     content_length = int(response.headers.get("content-length", 0))

basic_memory/mcp/tools/read_note.py

@@ -11,6 +11,7 @@ from basic_memory.mcp.tools.search import search_notes
 from basic_memory.mcp.tools.utils import call_get
 from basic_memory.mcp.project_session import get_active_project
 from basic_memory.schemas.memory import memory_url_path
+from basic_memory.utils import validate_project_path
 
 
 @mcp.tool(
@@ -67,6 +68,17 @@ async def read_note(
 
     # Get the file via REST API - first try direct permalink lookup
     entity_path = memory_url_path(identifier)
+
+    # Validate path to prevent path traversal attacks
+    project_path = active_project.home
+    if not validate_project_path(entity_path, project_path):
+        logger.warning(
+            "Attempted path traversal attack blocked",
+            identifier=identifier,
+            entity_path=entity_path,
+            project=active_project.name,
+        )
+        return f"# Error\n\nPath '{identifier}' is not allowed - paths must stay within project boundaries"
     path = f"{project_url}/resource/{entity_path}"
     logger.info(f"Attempting to read note from URL: {path}")