airkjw/claude-mem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ba1ef6c42cbfd5c925c068dd9804f2291f6b4a11
claude-mem/src/integrations/opencode-plugin/index.ts
T
Alex Newman ba1ef6c42c fix: Issue Blowout 2026 — 25 bugs across worker, hooks, security, and search (#2080) 
* fix: resolve search, database, and docker bugs (#1913, #1916, #1956, #1957, #2048)

- Fix concept/concepts param mismatch in SearchManager.normalizeParams (#1916)
- Add FTS5 keyword fallback when ChromaDB is unavailable (#1913, #2048)
- Add periodic WAL checkpoint and journal_size_limit to prevent unbounded WAL growth (#1956)
- Add periodic clearFailed() to purge stale pending_messages (#1957)
- Fix nounset-safe TTY_ARGS expansion in docker/claude-mem/run.sh

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: prevent silent data loss on non-XML responses, add queue info to /health (#1867, #1874)

- ResponseProcessor: mark messages as failed (with retry) instead of confirming
  when the LLM returns non-XML garbage (auth errors, rate limits) (#1874)
- Health endpoint: include activeSessions count for queue liveness monitoring (#1867)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: cache isFts5Available() at construction time

Addresses Greptile review: avoid DDL probe (CREATE + DROP) on every text
query. Result is now cached in _fts5Available at construction.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve worker stability bugs — pool deadlock, MCP loopback, restart guard (#1868, #1876, #2053)

- Replace flat consecutiveRestarts counter with time-windowed RestartGuard:
  only counts restarts within 60s window (cap=10), decays after 5min of
  success. Prevents stranding pending messages on long-running sessions. (#2053)

- Add idle session eviction to pool slot allocation: when all slots are full,
  evict the idlest session (no pending work, oldest activity) to free a slot
  for new requests, preventing 60s timeout deadlock. (#1868)

- Fix MCP loopback self-check: use process.execPath instead of bare 'node'
  which fails on non-interactive PATH. Fix crash misclassification by removing
  false "Generator exited unexpectedly" error log on normal completion. (#1876)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve hooks reliability bugs — summarize exit code, session-init health wait (#1896, #1901, #1903, #1907)

- Wrap summarize hook's workerHttpRequest in try/catch to prevent exit
  code 2 (blocking error) on network failures or malformed responses.
  Session exit no longer blocks on worker errors. (#1901)

- Add health-check wait loop to UserPromptSubmit session-init command in
  hooks.json. On Linux/WSL where hook ordering fires UserPromptSubmit
  before SessionStart, session-init now waits up to 10s for worker health
  before proceeding. Also wrap session-init HTTP call in try/catch. (#1907)

- Close #1896 as already-fixed: mtime comparison at file-context.ts:255-267
  bypasses truncation when file is newer than latest observation.

- Close #1903 as no-repro: hooks.json correctly declares all hook events.
  Issue was Claude Code 12.0.1/macOS platform event-dispatch bug.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: security hardening — bearer auth, path validation, rate limits, per-user port (#1932, #1933, #1934, #1935, #1936)

- Add bearer token auth to all API endpoints: auto-generated 32-byte
  token stored at ~/.claude-mem/worker-auth-token (mode 0600). All hook,
  MCP, viewer, and OpenCode requests include Authorization header.
  Health/readiness endpoints exempt for polling. (#1932, #1933)

- Add path traversal protection: watch.context.path validated against
  project root and ~/.claude-mem/ before write. Rejects ../../../etc
  style attacks. (#1934)

- Reduce JSON body limit from 50MB to 5MB. Add in-memory rate limiter
  (300 req/min/IP) to prevent abuse. (#1935)

- Derive default worker port from UID (37700 + uid%100) to prevent
  cross-user data leakage on multi-user macOS. Windows falls back to
  37777. Shell hooks use same formula via id -u. (#1936)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve search project filtering and import Chroma sync (#1911, #1912, #1914, #1918)

- Fix per-type search endpoints to pass project filter to Chroma queries
  and SQLite hydration. searchObservations/Sessions/UserPrompts now use
  $or clause matching project + merged_into_project. (#1912)

- Fix timeline/search methods to pass project to Chroma anchor queries.
  Prevents cross-project result leakage when project param omitted. (#1911)

- Sync imported observations to ChromaDB after FTS rebuild. Import
  endpoint now calls chromaSync.syncObservation() for each imported
  row, making them visible to MCP search(). (#1914)

- Fix session-init cwd fallback to match context.ts (process.cwd()).
  Prevents project key mismatch that caused "no previous sessions"
  on fresh sessions. (#1918)

- Fix sync-marketplace restart to include auth token and per-user port.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve all CodeRabbit and Greptile review comments on PR #2080

- Fix run.sh comment mismatch (no-op flag vs empty array)
- Gate session-init on health check success (prevent running when worker unreachable)
- Fix date_desc ordering ignored in FTS session search
- Age-scope failed message purge (1h retention) instead of clearing all
- Anchor RestartGuard decay to real successes (null init, not Date.now())
- Add recordSuccess() calls in ResponseProcessor and completion path
- Prevent caller headers from overriding bearer auth token
- Add lazy cleanup for rate limiter map to prevent unbounded growth
- Bound post-import Chroma sync with concurrency limit of 8
- Add doc_type:'observation' filter to Chroma queries feeding observation hydration
- Add FTS fallback to all specialized search handlers (observations, sessions, prompts, timeline)
- Add response.ok check and error handling in viewer saveSettings

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve CodeRabbit round-2 review comments

- Use failure timestamp (COALESCE) instead of created_at_epoch for stale purge
- Downgrade _fts5Available flag when FTS table creation fails
- Escape FTS5 MATCH input by quoting user queries as literal phrases
- Escape LIKE metacharacters (%, _, \) in prompt text search
- Add response.ok check in initial settings load (matches save flow)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve CodeRabbit round-3 review comments

- Include failed_at_epoch in COALESCE for age-scoped purge
- Re-throw FTS5 errors so callers can distinguish failure from no-results
- Wrap all FTS fallback calls in SearchManager with try/catch

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-20 11:42:09 -07:00

403 lines
12 KiB
TypeScript
Raw Blame History

/**
* OpenCode Plugin for claude-mem
*
* Integrates claude-mem persistent memory with OpenCode (110k+ stars).
* Runs inside OpenCode's Bun-based plugin runtime.
*
* Plugin hooks:
* - tool.execute.after: Captures tool execution observations
* - Bus events: session.created, message.updated, session.compacted,
* file.edited, session.deleted
*
* Custom tool:
* - claude_mem_search: Search memory database from within OpenCode
*/
// ============================================================================
// Minimal type declarations for OpenCode Plugin SDK
// These match the runtime API provided by @opencode-ai/plugin
// ============================================================================
interface OpenCodeProject {
name?: string;
path?: string;
}
interface OpenCodePluginContext {
client: unknown;
project: OpenCodeProject;
directory: string;
worktree: string;
serverUrl: URL;
$: unknown; // BunShell
}
interface ToolExecuteAfterInput {
tool: string;
sessionID: string;
callID: string;
args: Record<string, unknown>;
}
interface ToolExecuteAfterOutput {
title: string;
output: string;
metadata: Record<string, unknown>;
}
interface ToolDefinition {
description: string;
args: Record<string, unknown>;
execute: (args: Record<string, unknown>, context: unknown) => Promise<string>;
}
// Bus event payloads
interface SessionCreatedEvent {
event: {
sessionID: string;
directory?: string;
project?: string;
};
}
interface MessageUpdatedEvent {
event: {
sessionID: string;
role: string;
content: string;
};
}
interface SessionCompactedEvent {
event: {
sessionID: string;
summary?: string;
messageCount?: number;
};
}
interface FileEditedEvent {
event: {
sessionID: string;
path: string;
diff?: string;
};
}
interface SessionDeletedEvent {
event: {
sessionID: string;
};
}
// ============================================================================
// Constants
// ============================================================================
const WORKER_BASE_URL = "http://127.0.0.1:37777";
const MAX_TOOL_RESPONSE_LENGTH = 1000;
// ============================================================================
// Auth Token (reads from DATA_DIR/worker-auth-token)
// ============================================================================
import { readFileSync, existsSync } from "fs";
import { join } from "path";
import { homedir } from "os";
let cachedAuthToken: string | null = null;
function getAuthToken(): string | null {
if (cachedAuthToken) return cachedAuthToken;
const tokenPath = join(
process.env.CLAUDE_MEM_DATA_DIR || join(homedir(), ".claude-mem"),
"worker-auth-token",
);
if (!existsSync(tokenPath)) return null;
const token = readFileSync(tokenPath, "utf-8").trim();
if (token.length >= 32) {
cachedAuthToken = token;
return token;
}
return null;
}
function getAuthHeaders(): Record<string, string> {
const token = getAuthToken();
if (!token) return { "Content-Type": "application/json" };
return { "Content-Type": "application/json", Authorization: `Bearer ${token}` };
}
// ============================================================================
// Worker HTTP Client
// ============================================================================
async function workerPost(
path: string,
body: Record<string, unknown>,
): Promise<Record<string, unknown> | null> {
let response: Response;
try {
response = await fetch(`${WORKER_BASE_URL}${path}`, {
method: "POST",
headers: getAuthHeaders(),
body: JSON.stringify(body),
});
} catch (error: unknown) {
// Gracefully handle ECONNREFUSED — worker may not be running
const message = error instanceof Error ? error.message : String(error);
if (!message.includes("ECONNREFUSED")) {
console.warn(`[claude-mem] Worker POST ${path} failed: ${message}`);
}
return null;
}
if (!response.ok) {
console.warn(`[claude-mem] Worker POST ${path} returned ${response.status}`);
return null;
}
return (await response.json()) as Record<string, unknown>;
}
function workerPostFireAndForget(
path: string,
body: Record<string, unknown>,
): void {
fetch(`${WORKER_BASE_URL}${path}`, {
method: "POST",
headers: getAuthHeaders(),
body: JSON.stringify(body),
}).catch((error: unknown) => {
const message = error instanceof Error ? error.message : String(error);
if (!message.includes("ECONNREFUSED")) {
console.warn(`[claude-mem] Worker POST ${path} failed: ${message}`);
}
});
}
async function workerGetText(path: string): Promise<string | null> {
try {
const response = await fetch(`${WORKER_BASE_URL}${path}`, { headers: getAuthHeaders() });
if (!response.ok) {
console.warn(`[claude-mem] Worker GET ${path} returned ${response.status}`);
return null;
}
return await response.text();
} catch (error: unknown) {
const message = error instanceof Error ? error.message : String(error);
if (!message.includes("ECONNREFUSED")) {
console.warn(`[claude-mem] Worker GET ${path} failed: ${message}`);
}
return null;
}
}
// ============================================================================
// Session tracking
// ============================================================================
const contentSessionIdsByOpenCodeSessionId = new Map<string, string>();
const MAX_SESSION_MAP_ENTRIES = 1000;
function getOrCreateContentSessionId(openCodeSessionId: string): string {
if (!contentSessionIdsByOpenCodeSessionId.has(openCodeSessionId)) {
// Evict oldest entries when the map exceeds the cap (Map preserves insertion order)
while (contentSessionIdsByOpenCodeSessionId.size >= MAX_SESSION_MAP_ENTRIES) {
const oldestKey = contentSessionIdsByOpenCodeSessionId.keys().next().value;
if (oldestKey !== undefined) {
contentSessionIdsByOpenCodeSessionId.delete(oldestKey);
} else {
break;
}
}
contentSessionIdsByOpenCodeSessionId.set(
openCodeSessionId,
`opencode-${openCodeSessionId}-${Date.now()}`,
);
}
return contentSessionIdsByOpenCodeSessionId.get(openCodeSessionId)!;
}
// ============================================================================
// Plugin Entry Point
// ============================================================================
export const ClaudeMemPlugin = async (ctx: OpenCodePluginContext) => {
const projectName = ctx.project?.name || "opencode";
console.log(`[claude-mem] OpenCode plugin loading (project: ${projectName})`);
return {
// ------------------------------------------------------------------
// Direct interceptor hooks
// ------------------------------------------------------------------
hooks: {
tool: {
execute: {
after: (
input: ToolExecuteAfterInput,
output: ToolExecuteAfterOutput,
) => {
const contentSessionId = getOrCreateContentSessionId(input.sessionID);
// Truncate long tool output
let toolResponseText = output.output || "";
if (toolResponseText.length > MAX_TOOL_RESPONSE_LENGTH) {
toolResponseText = toolResponseText.slice(0, MAX_TOOL_RESPONSE_LENGTH);
}
workerPostFireAndForget("/api/sessions/observations", {
contentSessionId,
tool_name: input.tool,
tool_input: input.args || {},
tool_response: toolResponseText,
cwd: ctx.directory,
});
},
},
},
},
// ------------------------------------------------------------------
// Bus event handlers
// ------------------------------------------------------------------
event: (eventName: string, payload: unknown) => {
switch (eventName) {
case "session.created": {
const { event } = payload as SessionCreatedEvent;
const contentSessionId = getOrCreateContentSessionId(event.sessionID);
workerPostFireAndForget("/api/sessions/init", {
contentSessionId,
project: projectName,
prompt: "",
});
break;
}
case "message.updated": {
const { event } = payload as MessageUpdatedEvent;
// Only capture assistant messages as observations
if (event.role !== "assistant") break;
const contentSessionId = getOrCreateContentSessionId(event.sessionID);
let messageText = event.content || "";
if (messageText.length > MAX_TOOL_RESPONSE_LENGTH) {
messageText = messageText.slice(0, MAX_TOOL_RESPONSE_LENGTH);
}
workerPostFireAndForget("/api/sessions/observations", {
contentSessionId,
tool_name: "assistant_message",
tool_input: {},
tool_response: messageText,
cwd: ctx.directory,
});
break;
}
case "session.compacted": {
const { event } = payload as SessionCompactedEvent;
const contentSessionId = getOrCreateContentSessionId(event.sessionID);
workerPostFireAndForget("/api/sessions/summarize", {
contentSessionId,
last_assistant_message: event.summary || "",
});
break;
}
case "file.edited": {
const { event } = payload as FileEditedEvent;
const contentSessionId = getOrCreateContentSessionId(event.sessionID);
workerPostFireAndForget("/api/sessions/observations", {
contentSessionId,
tool_name: "file_edit",
tool_input: { path: event.path },
tool_response: event.diff
? event.diff.slice(0, MAX_TOOL_RESPONSE_LENGTH)
: `File edited: ${event.path}`,
cwd: ctx.directory,
});
break;
}
case "session.deleted": {
const { event } = payload as SessionDeletedEvent;
const contentSessionId = contentSessionIdsByOpenCodeSessionId.get(
event.sessionID,
);
if (contentSessionId) {
workerPostFireAndForget("/api/sessions/complete", {
contentSessionId,
});
contentSessionIdsByOpenCodeSessionId.delete(event.sessionID);
}
break;
}
}
},
// ------------------------------------------------------------------
// Custom tools
// ------------------------------------------------------------------
tool: {
claude_mem_search: {
description:
"Search claude-mem memory database for past observations, sessions, and context",
args: {
query: {
type: "string",
description: "Search query for memory observations",
},
},
async execute(
args: Record<string, unknown>,
): Promise<string> {
const query = String(args.query || "");
if (!query) {
return "Please provide a search query.";
}
const text = await workerGetText(
`/api/search/observations?query=${encodeURIComponent(query)}&limit=10`,
);
if (!text) {
return "claude-mem worker is not running. Start it with: npx claude-mem start";
}
let data: any;
try {
data = JSON.parse(text);
} catch (error: unknown) {
console.warn('[claude-mem] Failed to parse search results:', error instanceof Error ? error.message : String(error));
return "Failed to parse search results.";
}
const items = Array.isArray(data.items) ? data.items : [];
if (items.length === 0) {
return `No results found for "${query}".`;
}
return items
.slice(0, 10)
.map((item: Record<string, unknown>, index: number) => {
const title = String(item.title || item.subtitle || "Untitled");
const project = item.project ? ` [${String(item.project)}]` : "";
return `${index + 1}. ${title}${project}`;
})
.join("\n");
},
} satisfies ToolDefinition,
},
};
};
export default ClaudeMemPlugin;
Reference in New Issue View Git Blame Copy Permalink