JOUNGWOOK KWON 4317a097de chore: merge upstream v12.3.7 + keep local fixes ...

Upstream brings (net of revert cycle):
- 12.3.2: search/DB/worker bug fixes (FTS5 fallback, WAL checkpoint, pending-message purge)
- 12.3.3: "Issue Blowout 2026" — 25 bugs across worker/hooks/security/search (#2080)
- 12.3.4: rollback of 12.3.3 (SessionStart context injection regression)
- 12.3.5: restore 12.3.3 fixes minus bearer auth
- 12.3.6: drop 300-req/min rate limiter (broke viewer polling)
- 12.3.7: drop bearer auth + unused platform_source context filter (#2081)

Net result: FTS5 keyword search fallback, RestartGuard, idle-session eviction,
WAL checkpoint, periodic clearFailed, path-traversal protection, health
endpoint activeSessions, summarize hook try/catch — without bearer auth or
rate limiting (localhost-only, enforced via CORS).

Local fixes preserved through merge:
- env-sanitizer PATH extension for claude CLI lookup
- SessionStore stale session reset (mac sleep / 4h wall-clock)

Built artifacts rebuilt from merged sources; both fixes verified present in
worker-service.cjs. Worker restarted to v12.3.7.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-21 09:06:31 +09:00

..

.claude-plugin

chore: bump version to 12.3.7

2026-04-20 13:32:20 -07:00

hooks

Revert "revert: roll back v12.3.3 (Issue Blowout 2026)"

2026-04-20 12:18:55 -07:00

modes

chore: bump version to 12.1.0

2026-04-08 17:31:19 -07:00

scripts

chore: merge upstream v12.3.7 + keep local fixes

2026-04-21 09:06:31 +09:00

skills

fix: broadcast uses summaryForStore to support salvaged summaries (#1718)

2026-04-14 19:11:48 -07:00

ui

chore: merge upstream v12.3.7 + keep local fixes

2026-04-21 09:06:31 +09:00

.mcp.json

fix: use bun to run mcp-server.cjs instead of node shebang (fixes #1648)

2026-04-09 09:29:23 +08:00

package.json

chore: bump version to 12.3.7

2026-04-20 13:32:20 -07:00