airkjw/claude-mem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove per-session gate, use permissionDecision deny for every read

Browse Source 
The per-session FileReadGate was never requested and broke the cost
savings loop — subsequent reads in the same session silently bypassed
the timeline, hiding newly created observations.

Now the timeline fires on every read that has observations, using the
hook contract's permissionDecision: "deny" with the timeline as the
reason (exit 0 + JSON) instead of exit code 2 + stderr.

- Delete FileReadGate.ts entirely
- Remove /api/file-context/gate endpoint from DataRoutes
- Switch handler from exit code 2 to permissionDecision: "deny"
- Restore permissionDecision fields to HookResult
- Eliminate one HTTP round-trip per read (no gate check needed)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Alex Newman
2026-04-06 22:05:40 -07:00
parent 31910fb265
commit 455aeaf654
5 changed files with 116 additions and 228 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/services/worker/http/routes/DataRoutes.ts
-19
View File
@@ -19,7 +19,6 @@ import { SSEBroadcaster } from '../../SSEBroadcaster.js';
import type { WorkerService } from '../../../worker-service.js';
import { BaseRouteHandler } from '../BaseRouteHandler.js';
import { getObservationsByFilePath } from '../../../sqlite/observations/get.js';
import { checkAndMark } from '../../FileReadGate.js';
export class DataRoutes extends BaseRouteHandler {
constructor(
@@ -63,9 +62,6 @@ export class DataRoutes extends BaseRouteHandler {
// Import endpoint
app.post('/api/import', this.handleImport.bind(this));
// File-context gate
app.post('/api/file-context/gate', this.handleFileContextGate.bind(this));
}
/**
@@ -502,19 +498,4 @@ export class DataRoutes extends BaseRouteHandler {
});
});
/**
* Check if a file has already had its timeline injected in this session
* POST /api/file-context/gate
* Body: { sessionId: string, filePath: string }
* Returns: { firstAttempt: boolean }
*/
private handleFileContextGate = this.wrapHandler((req: Request, res: Response): void => {
const { sessionId, filePath, cwd } = req.body;
if (!sessionId || !filePath) {
this.badRequest(res, 'sessionId and filePath are required');
return;
}
const firstAttempt = checkAndMark(sessionId, filePath, cwd);
res.json({ firstAttempt });
});
}