fix: Claude Code 2.1.1 compatibility + log-level audit + path validation fixes (#614)

* Refactor CLAUDE.md and related files for December 2025 updates

- Updated CLAUDE.md in src/services/worker with new entries for December 2025, including changes to Search.ts, GeminiAgent.ts, SDKAgent.ts, and SessionManager.ts.
- Revised CLAUDE.md in src/shared to reflect updates and new entries for December 2025, including paths.ts and worker-utils.ts.
- Modified hook-constants.ts to clarify exit codes and their behaviors.
- Added comprehensive hooks reference documentation for Claude Code, detailing usage, events, and examples.
- Created initial CLAUDE.md files in various directories to track recent activity.

* fix: Merge user-message-hook output into context-hook hookSpecificOutput

- Add footer message to additionalContext in context-hook.ts
- Remove user-message-hook from SessionStart hooks array
- Fixes issue where stderr+exit(1) approach was silently discarded

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* Update logs and documentation for recent plugin and worker service changes

- Added detailed logs for worker service activities from Dec 10, 2025 to Jan 7, 2026, including initialization patterns, cleanup confirmations, and diagnostic logging.
- Updated plugin documentation with recent activities, including plugin synchronization and configuration changes from Dec 3, 2025 to Jan 7, 2026.
- Enhanced the context hook and worker service logs to reflect improvements and fixes in the plugin architecture.
- Documented the migration and verification processes for the Claude memory system and its integration with the marketplace.

* Refactor hooks architecture and remove deprecated user-message-hook

- Updated hook configurations in CLAUDE.md and hooks.json to reflect changes in session start behavior.
- Removed user-message-hook functionality as it is no longer utilized in Claude Code 2.1.0; context is now injected silently.
- Enhanced context-hook to handle session context injection without user-visible messages.
- Cleaned up documentation across multiple files to align with the new hook structure and removed references to obsolete hooks.
- Adjusted timing and command execution for hooks to improve performance and reliability.

* fix: Address PR #610 review issues

- Replace USER_MESSAGE_ONLY test with BLOCKING_ERROR test in hook-constants.test.ts
- Standardize Claude Code 2.1.0 note wording across all three documentation files
- Exclude deprecated user-message-hook.ts from logger-usage-standards test

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix: Remove hardcoded fake token counts from context injection

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* Address PR #610 review issues by fixing test files, standardizing documentation notes, and verifying code quality improvements.

* fix: Add path validation to CLAUDE.md distribution to prevent invalid directory creation

- Add isValidPathForClaudeMd() function to reject invalid paths:
  - Tilde paths (~) that Node.js doesn't expand
  - URLs (http://, https://)
  - Paths with spaces (likely command text or PR references)
  - Paths with # (GitHub issue/PR references)
  - Relative paths that escape project boundary

- Integrate validation in updateFolderClaudeMdFiles loop
- Add 6 unit tests for path validation
- Update .gitignore to prevent accidental commit of malformed directories
- Clean up existing invalid directories (~/, PR #610..., git diff..., https:)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: Implement path validation in CLAUDE.md generation to prevent invalid directory creation

- Added `isValidPathForClaudeMd()` function to validate file paths in `src/utils/claude-md-utils.ts`.
- Integrated path validation in `updateFolderClaudeMdFiles` to skip invalid paths.
- Added 6 new unit tests in `tests/utils/claude-md-utils.test.ts` to cover various rejection cases.
- Updated `.gitignore` to prevent tracking of invalid directories.
- Cleaned up existing invalid directories in the repository.

* feat: Promote critical WARN logs to ERROR level across codebase

Comprehensive log-level audit promoting 38+ WARN messages to ERROR for
improved debugging and incident response:

- Parser: observation type errors, data contamination
- SDK/Agents: empty init responses (Gemini, OpenRouter)
- Worker/Queue: session recovery, auto-recovery failures
- Chroma: sync failures, search failures (now treated as critical)
- SQLite: search failures (primary data store)
- Session/Generator: failures, missing context
- Infrastructure: shutdown, process management failures
- File Operations: CLAUDE.md updates, config reads
- Branch Management: recovery checkout failures

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: Address PR #614 review issues

- Remove incorrectly tracked tilde-prefixed files from git
- Fix absolute path validation to check projectRoot boundaries
- Add test coverage for absolute path validation edge cases

Closes review issues:
- Issue 1: ~/ prefixed files removed from tracking
- Issue 3: Absolute paths now validated against projectRoot
- Issue 4: Added 3 new test cases for absolute path scenarios

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* build assets and context

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

tests/utils/CLAUDE.md

@@ -3,36 +3,5 @@
 
 <!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
 
-### Jan 5, 2026
-
-**claude-md-utils.test.ts**
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #38086 | 10:42 PM | ✅ | Merged PR with comprehensive CLAUDE.md documentation system | ~478 |
-| #38047 | 9:45 PM | 🔴 | PR #556 Review Items - Worker Host Configuration and Path Resolution | ~389 |
-| #38025 | 9:15 PM | 🔴 | Fixed PR #556 review items and committed changes | ~344 |
-| #38024 | " | ✅ | Git status shows modified source files and auto-updated CLAUDE.md files | ~295 |
-| #38022 | " | ✅ | Phase 3 complete: Worktree detection test coverage verified by agent | ~391 |
-| #38021 | " | 🔵 | Test suite expanded with additional projectRoot edge case tests | ~389 |
-| #38020 | 9:14 PM | ✅ | All 27 tests passing in claude-md-utils test suite | ~237 |
-| #38019 | " | ✅ | Test suite passed for claude-md-utils.ts with all 27 tests green | ~306 |
-| #38018 | " | 🟣 | Added comprehensive test coverage for worktree detection and projectRoot path resolution | ~450 |
-| #38017 | " | ✅ | Verified existing claude-md-utils.test.ts passes with 27 tests | ~244 |
-| #38016 | 9:13 PM | 🔵 | Existing test suite for claude-md-utils.ts with projectRoot tests already present | ~426 |
-| #37977 | 8:33 PM | 🔵 | All 23 tests pass for claude-md-utils module | ~209 |
-
-**logger-format-tool.test.ts**
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #37809 | 6:43 PM | 🔴 | Logger Tests Now Pass When Run With Gemini Test | ~340 |
-| #37797 | 6:41 PM | 🔴 | Logger Coverage Test Now Passes With Other Tests After Exclusion | ~311 |
-| #37796 | 6:40 PM | 🔴 | Utils and Shared Tests Pass When Run Together | ~342 |
-| #37792 | 6:39 PM | 🔴 | Logger Tests Pass When Run Together With Coverage Test | ~345 |
-| #37789 | 6:38 PM | 🔴 | Logger FormatTool Tests Pass When Run In Isolation | ~359 |
-| #37777 | 6:36 PM | 🔴 | Phase 1 Test Cleanup Completed - 6 Low-Quality Test Files Deleted | ~430 |
-| #37769 | 6:34 PM | 🔵 | Logger-format-tool test file contains 81 comprehensive tests for non-existent logger.formatTool method | ~487 |
-| #37655 | 5:51 PM | 🔵 | Logger formatTool test imports logger directly creating test-time circular dependency exposure | ~392 |
-| #37642 | 5:41 PM | 🟣 | Second Task Agent Independently Created and Verified FormatTool Tests | ~544 |
-| #37638 | 5:40 PM | 🟣 | FormatTool Test Suite Successfully Passes All 56 Tests | ~515 |
-| #37635 | 5:39 PM | 🟣 | Created Comprehensive FormatTool Test Suite | ~619 |
+*No recent activity*
 </claude-mem-context>

tests/utils/claude-md-utils.test.ts

@@ -1,6 +1,6 @@
 import { describe, it, expect, mock, afterEach, beforeEach } from 'bun:test';
 import { mkdirSync, writeFileSync, readFileSync, existsSync, rmSync } from 'fs';
-import { join } from 'path';
+import path, { join } from 'path';
 import { tmpdir } from 'os';
 
 // Mock logger BEFORE imports (required pattern)
@@ -322,7 +322,7 @@ describe('updateFolderClaudeMdFiles', () => {
     expect(callUrl).toContain(encodeURIComponent('/home/user/my-project/src/utils'));
   });
 
-  it('should not modify absolute paths even with projectRoot', async () => {
+  it('should accept absolute paths within projectRoot and use them directly', async () => {
     const folderPath = join(tempDir, 'absolute-path-test');
     const filePath = join(folderPath, 'file.ts');
 
@@ -339,10 +339,10 @@ describe('updateFolderClaudeMdFiles', () => {
     global.fetch = fetchMock;
 
     await updateFolderClaudeMdFiles(
-      [filePath],  // absolute path
+      [filePath],  // absolute path within tempDir
       'test-project',
       37777,
-      '/home/user/my-project'  // projectRoot should be ignored
+      tempDir  // projectRoot matches the absolute path's root
     );
 
     // Should call API with the original absolute path's folder
@@ -485,3 +485,152 @@ describe('updateFolderClaudeMdFiles', () => {
     expect(callUrl).toContain(encodeURIComponent('/home/user/project/src'));
   });
 });
+
+describe('path validation in updateFolderClaudeMdFiles', () => {
+  it('should reject tilde paths', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['~/.claude-mem/logs/worker.log'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should reject URLs', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['https://example.com/file.ts'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should reject paths with spaces', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['PR #610 on thedotmack/CLAUDE.md'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should reject paths with hash symbols', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['issue#123/file.ts'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should reject path traversal outside project', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['../../../etc/passwd'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should reject absolute paths outside project root', async () => {
+    const fetchMock = mock(() => Promise.resolve({ ok: true } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['/etc/passwd'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).not.toHaveBeenCalled();
+  });
+
+  it('should accept absolute paths within project root', async () => {
+    const apiResponse = {
+      content: [{ text: '| #123 | 4:30 PM | 🔵 | Test | ~100 |' }]
+    };
+    const fetchMock = mock(() => Promise.resolve({
+      ok: true,
+      json: () => Promise.resolve(apiResponse)
+    } as Response));
+    global.fetch = fetchMock;
+
+    // Create an absolute path within the temp directory
+    const absolutePathInProject = path.join(tempDir, 'src', 'utils', 'file.ts');
+
+    await updateFolderClaudeMdFiles(
+      [absolutePathInProject],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).toHaveBeenCalledTimes(1);
+  });
+
+  it('should accept absolute paths when no projectRoot is provided', async () => {
+    const apiResponse = {
+      content: [{ text: '| #123 | 4:30 PM | 🔵 | Test | ~100 |' }]
+    };
+    const fetchMock = mock(() => Promise.resolve({
+      ok: true,
+      json: () => Promise.resolve(apiResponse)
+    } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['/home/user/valid/file.ts'],
+      'test-project',
+      37777
+      // No projectRoot provided
+    );
+
+    expect(fetchMock).toHaveBeenCalledTimes(1);
+  });
+
+  it('should accept valid relative paths', async () => {
+    const apiResponse = {
+      content: [{ text: '| #123 | 4:30 PM | 🔵 | Test | ~100 |' }]
+    };
+    const fetchMock = mock(() => Promise.resolve({
+      ok: true,
+      json: () => Promise.resolve(apiResponse)
+    } as Response));
+    global.fetch = fetchMock;
+
+    await updateFolderClaudeMdFiles(
+      ['src/utils/logger.ts'],
+      'test-project',
+      37777,
+      tempDir
+    );
+
+    expect(fetchMock).toHaveBeenCalledTimes(1);
+  });
+});