airkjw/claude-mem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
502f2fab027ab144adb51d680fc11fb5104c816d
claude-mem/docker/claude-mem
T
History
Alex Newman ba1ef6c42c fix: Issue Blowout 2026 — 25 bugs across worker, hooks, security, and search (#2080) 
* fix: resolve search, database, and docker bugs (#1913, #1916, #1956, #1957, #2048)

- Fix concept/concepts param mismatch in SearchManager.normalizeParams (#1916)
- Add FTS5 keyword fallback when ChromaDB is unavailable (#1913, #2048)
- Add periodic WAL checkpoint and journal_size_limit to prevent unbounded WAL growth (#1956)
- Add periodic clearFailed() to purge stale pending_messages (#1957)
- Fix nounset-safe TTY_ARGS expansion in docker/claude-mem/run.sh

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: prevent silent data loss on non-XML responses, add queue info to /health (#1867, #1874)

- ResponseProcessor: mark messages as failed (with retry) instead of confirming
  when the LLM returns non-XML garbage (auth errors, rate limits) (#1874)
- Health endpoint: include activeSessions count for queue liveness monitoring (#1867)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: cache isFts5Available() at construction time

Addresses Greptile review: avoid DDL probe (CREATE + DROP) on every text
query. Result is now cached in _fts5Available at construction.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve worker stability bugs — pool deadlock, MCP loopback, restart guard (#1868, #1876, #2053)

- Replace flat consecutiveRestarts counter with time-windowed RestartGuard:
  only counts restarts within 60s window (cap=10), decays after 5min of
  success. Prevents stranding pending messages on long-running sessions. (#2053)

- Add idle session eviction to pool slot allocation: when all slots are full,
  evict the idlest session (no pending work, oldest activity) to free a slot
  for new requests, preventing 60s timeout deadlock. (#1868)

- Fix MCP loopback self-check: use process.execPath instead of bare 'node'
  which fails on non-interactive PATH. Fix crash misclassification by removing
  false "Generator exited unexpectedly" error log on normal completion. (#1876)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve hooks reliability bugs — summarize exit code, session-init health wait (#1896, #1901, #1903, #1907)

- Wrap summarize hook's workerHttpRequest in try/catch to prevent exit
  code 2 (blocking error) on network failures or malformed responses.
  Session exit no longer blocks on worker errors. (#1901)

- Add health-check wait loop to UserPromptSubmit session-init command in
  hooks.json. On Linux/WSL where hook ordering fires UserPromptSubmit
  before SessionStart, session-init now waits up to 10s for worker health
  before proceeding. Also wrap session-init HTTP call in try/catch. (#1907)

- Close #1896 as already-fixed: mtime comparison at file-context.ts:255-267
  bypasses truncation when file is newer than latest observation.

- Close #1903 as no-repro: hooks.json correctly declares all hook events.
  Issue was Claude Code 12.0.1/macOS platform event-dispatch bug.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: security hardening — bearer auth, path validation, rate limits, per-user port (#1932, #1933, #1934, #1935, #1936)

- Add bearer token auth to all API endpoints: auto-generated 32-byte
  token stored at ~/.claude-mem/worker-auth-token (mode 0600). All hook,
  MCP, viewer, and OpenCode requests include Authorization header.
  Health/readiness endpoints exempt for polling. (#1932, #1933)

- Add path traversal protection: watch.context.path validated against
  project root and ~/.claude-mem/ before write. Rejects ../../../etc
  style attacks. (#1934)

- Reduce JSON body limit from 50MB to 5MB. Add in-memory rate limiter
  (300 req/min/IP) to prevent abuse. (#1935)

- Derive default worker port from UID (37700 + uid%100) to prevent
  cross-user data leakage on multi-user macOS. Windows falls back to
  37777. Shell hooks use same formula via id -u. (#1936)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve search project filtering and import Chroma sync (#1911, #1912, #1914, #1918)

- Fix per-type search endpoints to pass project filter to Chroma queries
  and SQLite hydration. searchObservations/Sessions/UserPrompts now use
  $or clause matching project + merged_into_project. (#1912)

- Fix timeline/search methods to pass project to Chroma anchor queries.
  Prevents cross-project result leakage when project param omitted. (#1911)

- Sync imported observations to ChromaDB after FTS rebuild. Import
  endpoint now calls chromaSync.syncObservation() for each imported
  row, making them visible to MCP search(). (#1914)

- Fix session-init cwd fallback to match context.ts (process.cwd()).
  Prevents project key mismatch that caused "no previous sessions"
  on fresh sessions. (#1918)

- Fix sync-marketplace restart to include auth token and per-user port.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve all CodeRabbit and Greptile review comments on PR #2080

- Fix run.sh comment mismatch (no-op flag vs empty array)
- Gate session-init on health check success (prevent running when worker unreachable)
- Fix date_desc ordering ignored in FTS session search
- Age-scope failed message purge (1h retention) instead of clearing all
- Anchor RestartGuard decay to real successes (null init, not Date.now())
- Add recordSuccess() calls in ResponseProcessor and completion path
- Prevent caller headers from overriding bearer auth token
- Add lazy cleanup for rate limiter map to prevent unbounded growth
- Bound post-import Chroma sync with concurrency limit of 8
- Add doc_type:'observation' filter to Chroma queries feeding observation hydration
- Add FTS fallback to all specialized search handlers (observations, sessions, prompts, timeline)
- Add response.ok check and error handling in viewer saveSettings

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve CodeRabbit round-2 review comments

- Use failure timestamp (COALESCE) instead of created_at_epoch for stale purge
- Downgrade _fts5Available flag when FTS table creation fails
- Escape FTS5 MATCH input by quoting user queries as literal phrases
- Escape LIKE metacharacters (%, _, \) in prompt text search
- Add response.ok check in initial settings load (matches save flow)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve CodeRabbit round-3 review comments

- Include failed_at_epoch in COALESCE for age-scoped purge
- Re-throw FTS5 errors so callers can distinguish failure from no-results
- Wrap all FTS fallback calls in SearchManager with try/catch

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-20 11:42:09 -07:00
..
build.sh
feat: basic claude-mem Docker container for easy spin-up (#2076)
2026-04-19 17:34:30 -07:00
Dockerfile
feat: basic claude-mem Docker container for easy spin-up (#2076)
2026-04-19 17:34:30 -07:00
entrypoint.sh
feat: basic claude-mem Docker container for easy spin-up (#2076)
2026-04-19 17:34:30 -07:00
README.md
docs: add README for docker/claude-mem harness
2026-04-19 17:45:35 -07:00
run.sh
fix: Issue Blowout 2026 — 25 bugs across worker, hooks, security, and search (#2080)
2026-04-20 11:42:09 -07:00

README.md

claude-mem Docker harness

A minimal container for exercising claude-mem end-to-end without polluting your host. Not a dev environment — just enough to boot claude with the locally-built plugin and capture observations into a throwaway SQLite DB you can inspect afterwards.

Files

File Purpose
Dockerfile Image definition (node:20 + Bun + uv + Claude Code CLI + local plugin/)
build.sh Runs npm run build then docker build. Tag defaults to claude-mem:basic.
entrypoint.sh Runs inside the container. Seeds OAuth creds into $HOME/.claude/ if mounted, then exec "$@".
run.sh Host-side launcher. Extracts creds (Keychain → file → env), mounts a persistent data dir, drops you into an interactive shell.

Quick start

# From the repo root:
docker/claude-mem/build.sh
docker/claude-mem/run.sh

run.sh drops you into bash inside the container with claude on PATH and the plugin pre-staged at /opt/claude-mem. Launch it with:

claude --plugin-dir /opt/claude-mem

On exit, the SQLite DB survives at ./.docker-claude-mem-data/claude-mem.db on the host — inspect with:

sqlite3 .docker-claude-mem-data/claude-mem.db 'select count(*) from observations'

What's in the image

Mirrors the layout of anthropics/claude-code's devcontainer: FROM node:20, non-root node user, global npm install -g @anthropic-ai/claude-code. Skips the firewall/zsh/fzf/delta/git-hist tooling since this image is about running claude-mem, not editing code.

On top of that:

  • Bun (/usr/local/bun) — claude-mem's worker service runtime
  • uv (/usr/local/bin/uv) — provides Python for Chroma per CLAUDE.md
  • plugin/ copied to /opt/claude-mem — the locally-built plugin tree
  • /home/node/.claude and /home/node/.claude-mem — pre-created mount points

Layer ordering is deliberate: plugin files are copied after the npm install layer so iterating on the plugin doesn't bust the CLI install cache.

Pinning versions

Everything that matters is a --build-arg — pin for reproducibility, omit for latest:

docker build \
  -f docker/claude-mem/Dockerfile \
  --build-arg BUN_VERSION=1.3.12 \
  --build-arg UV_VERSION=0.11.7 \
  --build-arg CLAUDE_CODE_VERSION=1.2.3 \
  -t claude-mem:basic .
Arg Default Notes
BUN_VERSION 1.3.12 Installed via the official bun.sh/install script, tag bun-v${BUN_VERSION}.
UV_VERSION 0.11.7 Installed via the versioned astral.sh/uv/${UV_VERSION}/install.sh.
CLAUDE_CODE_VERSION latest npm tag or exact version. Pin in CI, let it float locally.

Authentication

run.sh picks the first auth source that works, in this order:

  1. ANTHROPIC_API_KEY env var — mounted straight into the container.
  2. macOS Keychainsecurity find-generic-password -s 'Claude Code-credentials'.
  3. ~/.claude/.credentials.json — legacy on-disk form, still present on some older CLI installs and migrated machines.

If a credentials file is used, it's written to a mktemp file with chmod 600, mounted read-only at /auth/.credentials.json, and the container's entrypoint copies it to $HOME/.claude/.credentials.json before exec. An EXIT trap deletes the temp file when run.sh returns — docker run is deliberately not exec'd so the trap gets a chance to fire.

If no auth source is found, run.sh exits with an error pointing you at claude login or ANTHROPIC_API_KEY.

Manual invocation (without run.sh)

docker run --rm -it \
  -v $(mktemp -d):/home/node/.claude-mem \
  -e CLAUDE_MEM_CREDENTIALS_FILE=/auth/.credentials.json \
  -v /path/to/creds.json:/auth/.credentials.json:ro \
  claude-mem:basic

Or with API key auth:

docker run --rm -it \
  -v $(mktemp -d):/home/node/.claude-mem \
  -e ANTHROPIC_API_KEY \
  claude-mem:basic

Environment variables

Var Where Purpose
TAG build.sh, run.sh Override image tag (default claude-mem:basic).
HOST_MEM_DIR run.sh Override host path for the persistent .claude-mem volume (default $REPO_ROOT/.docker-claude-mem-data).
ANTHROPIC_API_KEY run.sh, entrypoint API-key auth. Skips the OAuth creds extraction.
CLAUDE_MEM_CREDENTIALS_FILE entrypoint Path (inside the container) to a mounted OAuth creds JSON. Copied to $HOME/.claude/.credentials.json at startup.

Passing args through

Anything after run.sh is forwarded to the container as the command:

docker/claude-mem/run.sh claude --plugin-dir /opt/claude-mem --print "what did we learn yesterday?"

Cleanup

rm -rf .docker-claude-mem-data   # wipes the persistent DB + Chroma store
docker rmi claude-mem:basic       # removes the image
Reference in New Issue View Git Blame Copy Permalink