Changelog | Claude Launchpad

[1.10.1] — 2026-05-04

Fixed

P0: Hooks read non-existent $TOOL_INPUT_* env vars and silently no-op. Every inline PreToolUse/PostToolUse hook our CLI emitted (.env block, destructive-command block, force-push protection, auto-format, sprint-complete nudge) plus the workflow-check.sh and sprint-open-check.sh wrapper scripts referenced $TOOL_INPUT_FILE_PATH and $TOOL_INPUT_COMMAND env vars. Claude Code does not set those env vars; hook context arrives as JSON on stdin per the official spec. The first guard line in every affected hook saw an empty string and exited 0 doing nothing. Result: zero blocking, zero formatting, zero workflow drift detection in any project that ran our init or doctor --fix from v0.4.0 onward. Fix: shared src/lib/hook-input.ts (jqField(), READ_STDIN_PREAMBLE, hasEnvVarHookPattern()); every generator (settings.ts, fixer-hooks.ts, fixer-sprint.ts, hook-scripts.ts) rewritten to use jq -r '.tool_input.X' < /dev/stdin.

Changed

Blocking hooks now exit 2, not exit 1. Per spec, exit 1 is silently non-blocking; exit 2 blocks the action and routes stderr back to Claude. Block messages now go to stderr (>&2). init generators and doctor --fix emit the corrected form.
/lp-enhance skill v9 → v9 (no skill version bump; rule-file change only).

Added

.claude/rules/hooks.md — path-scoped hook authoring rules. New rule generated by init and doctor --fix, with YAML frontmatter paths: [".claude/settings.json", ".claude/settings.local.json"] so Claude Code auto-loads it only when editing settings. Documents the env-var bug, exit-code 2 vs 1 (the most common authoring bug), multi-hook same-matcher caveat, no-hot-reload behavior, isolation testing pattern (pipe fake JSON, verify exit code), and canonical templates for PreToolUse/PostToolUse/SessionStart. Doctor flags MEDIUM when missing; --fix writes it. Adapted from a similar rule shipping in our wastd reference project.
Doctor: env-var hook detection (HIGH). analyzers/hooks.ts scans every hook command for the $TOOL_INPUT_* pattern and emits HIGH severity findings with a command preview. --fix invokes a new fixer-hook-input.ts that walks settings.json and rewrites known shapes (.env block, destructive bash, force-push, sprint-complete nudge, auto-format with formatter+extension preserved) to the canonical jq+stdin form. Wrapper scripts workflow-check.sh and sprint-open-check.sh are also re-written when they have the bug. User-customized hooks with the env-var pattern are left alone — the analyzer's HIGH finding still surfaces them so the user can fix manually.

Internal

491 tests (+49), typecheck green. New files: src/lib/hook-input.ts, src/commands/doctor/fixer-hook-input.ts, src/commands/init/generators/hooks-rule.ts. New test files: tests/hook-input.test.ts, tests/hook-input-bug.test.ts (smoke tests piping fake JSON to real scripts), tests/hook-input-fixer.test.ts (idempotency + don't-clobber assertions), tests/hooks-rule.test.ts. tests/workflow-hook.test.ts updated to pipe stdin JSON instead of setting env vars. Code-reviewed via superpowers:code-reviewer. Plan at docs/superpowers/plans/2026-05-04-hook-stdin-input-bug.md.

[1.10.0] — 2026-05-04

Added

.claude/rules/workflow.md (path-scoped BACKLOG/TASKS workflow rules). New rule file generated by init, with YAML frontmatter paths: ["BACKLOG.md", "TASKS.md"] so Claude Code auto-loads it only when editing those files. Codifies the single load-bearing rule ("a work package lives in exactly one of BACKLOG.md or TASKS.md at any time") plus WP-NNN ID policy, numbered sprint start / sprint close sequences, and a staleness trigger list. Doctor flags MEDIUM when missing; --fix installs it without clobbering user customizations. Modeled after the wastd project's workflow layout.
BACKLOG.md WP template with 7 mandatory fields. init and doctor --fix now generate a BACKLOG.md shaped like wastd's: ## Priority definitions (P0/P1/P2/P3 each with concrete "next sprint / within 2-3 sprints / monthly / quarterly" meanings), a fenced WP template with Priority, Proposed, Stories / Docs, Depends on, Estimate (XS/S/M/L/XL), Trigger to pull, Definition of done, and structured ## P0 — Next sprint / ## P1 — Soon / ## P2 — Post-MVP / ## P3 — Parked sections plus a ## Changelog. Existing BACKLOG.md content is preserved; --fix only writes the new template when BACKLOG.md is absent.
TASKS.md wastd-shape template. ## Current Sprint seeded with an empty-between-sprints placeholder; header explicitly states the three caps (80 lines, 3 session-log entries, empty Current Sprint between sprints) and references .claude/rules/workflow.md. Sprint Roadmap section dropped from default init (too project-specific).
workflow-check.sh PostToolUse hook. Warn-only bash hook fired on Edit/Write to BACKLOG.md or TASKS.md. Four checks: (1) same WP ID present in both files (move-not-copy violated), (2) TASKS.md > 80 lines, (3) ## Current Sprint > 15 items, (4) ## Session Log > 3 entries. Always exits 0; never blocks. Doctor flags LOW when missing; --fix installs the script + settings entry.
Doctor: duplicate ## Memory heading detection. New MEDIUM Quality finding when CLAUDE.md contains more than one ## Memory heading (e.g. one bare and one ## Memory (agentic-memory)). --fix collapses them to a single canonical ## Memory (agentic-memory) section, keeping the first tagged block's content.

Changed

/lp-enhance skill v8 → v9. Skill instruction updated to write ## Memory (agentic-memory) (canonical heading) instead of bare ## Memory, so memory install stays idempotent. Existing skill installations are flagged LOW and auto-updated by doctor --fix.
BACKLOG_CONTENT shared section (emitted in CLAUDE.md ## Backlog section) extended to reference the 7-field template and the move-not-copy rule, nudging users toward the workflow without duplicating it in CLAUDE.md.

Fixed

Memory install appended a second ## Memory block when /lp-enhance ran first. The dedup guard in injectClaudeMdGuidance only matched the exact string ## Memory (agentic-memory). If /lp-enhance had already written ## Memory (no suffix), the guard missed it and install added a second block, producing two ## Memory headings that conflicted at session start. Dedup now uses an anchored regex (/^## Memory( $agentic-memory$)?\s*$/m) that catches both heading shapes.
doctor --fix generated a minimal stub BACKLOG.md instead of the proper template. Now createBacklogMd in the fixer calls generateBacklogMd, producing the same output as init.

Internal

442 tests (+26), typecheck green. New generator workflow-rule.ts; new test files workflow-rule.test.ts and workflow-hook.test.ts; tests/backlog.test.ts extended with template-shape + fixer + collapse assertions. hook-scripts.ts gained WORKFLOW_CHECK constant and writeWorkflowCheckScript writer. fixer-sprint.ts gained addWorkflowCheckHook. fixer.ts imports generateBacklogMd + generateWorkflowRule. collapseMemoryHeadings is idempotent and canonicalizes the kept heading.

[1.9.1] — 2026-04-28

Fixed

Doctor flagged ## Session Start and ## Backlog as missing even when --fix had just generated them. Sprint 25's LP-STUB rule ("stubs never satisfy intent") was too coarse — it conflated real placeholders (Commands, Stack, Architecture, where the stub body is  and the user must customize) with canonical instructions (Session Start, Backlog, Stop-and-Swarm, Off-Limits, where the stub body IS the right answer and there's nothing to customize). --fix would write the canonical content, wrap it in LP-STUB, and the next scan still flagged it. Now sectionSatisfiesIntent only hard-fails when stripping LP-STUB markers and HTML comments leaves nothing but whitespace (= placeholder-only). Stubs that wrap real markdown content satisfy intent normally. New regression test + reworked fixture-based tests

[1.9.0] — 2026-04-27

Added

Sprint hygiene hooks. Two non-blocking bash scripts installed at .claude/hooks/sprint-{size,open}-check.sh and wired into settings. sprint-size-check.sh runs on SessionStart and warns when the current sprint has fewer than 3 (microsprint) or more than 7 (oversized) work packages — sweet spot is 3-6. sprint-open-check.sh runs on git commit and warns when TASKS.md stages a new ## Current block but BACKLOG.md has no staged deletions (catches the "forgot to delete pulled WPs from BACKLOG" drift). Battle-tested over a 5-day Anthropic hackathon. Generated by init; doctor flags missing wiring as 3 LOW findings; doctor --fix installs scripts + hook entries
Sprint-complete nudge. PostToolUse hook on Edit/Write to TASKS.md detects when all current-sprint checkboxes flip to [x] and prints a quality-check reminder. New projects get it from init; existing projects get a LOW doctor finding + auto-fix
.worktreeinclude template + doctor check. Two-line file (.env.local, .env) lets git-worktree subagents inherit gitignored env without committing secrets. Doctor flags MEDIUM finding when .git/worktrees/ has entries but .worktreeinclude is missing or empty; doctor --fix writes the template

Changed

Hook-patching consolidated into lib/hook-builder.ts. Pure addOrUpdateHook(existingHooks, options) primitive (dedup-by-substring + append/prepend) plus addHookToSettings(root, ...) I/O wrapper. Replaces 3 separate dedup implementations across fixer.ts, fixer-memory.ts, and memory/install.ts. 7 new unit tests
fixer.ts split for maintainability. Extracted fixer-hooks.ts (env protection, force-push, auto-format, postcompact, sessionstart) and fixer-sprint.ts (sprint hygiene + worktree). fixer.ts now under the 400-line cap; each file owns a coherent fixer category

Internal

415 tests (+7), typecheck + build green. ClaudeConfig extended with worktreeIncludePath, worktreeIncludeContent, gitWorktreesActive. Test fixtures updated.

[1.8.1] — 2026-04-27

Added

init -f, --force flag. Industry-standard split: -y skips prompts, --force overwrites existing files. Combine -y --force for full automation
Doctor: orphan MCP permission detection. Flags every mcp__<server>__* entry in permissions.allow when no MCP server with that name is registered in .mcp.json, settings.json, or settings.local.json. Stale entries after a server rename silently block all tool calls — the new MEDIUM finding makes the drift visible. Reporter only; no auto-fix because the right action (rename vs delete) requires user judgment

Fixed

init -y silently exits 0 on existing CLAUDE.md. When CLAUDE.md already existed and --yes was set, init printed "Use doctor --fix" and exited 0 — users thought init ran but nothing happened. -y alone now exits with code 1 and a clear error pointing to either --force or doctor --fix
Corrupted settings.json silently treated as empty. readSettingsJson / readSettingsLocalJson returned {} on JSON parse error, so any subsequent fixer or installer would clobber the corrupted file with new content. The functions now return null and emit a single warning naming the path. ENOENT still returns {} so create-if-missing flows continue to work. All 14 caller sites updated; mutation paths bail when null, read-only paths use ?? {}. parser.ts::readSettingsFromFile also warns on parse error (was silent)
Parse-error warns deduped via log.warnOnce. A corrupted settings.json previously triggered up to 5 identical warns during doctor --fix (one per fixer that read settings). New log.warnOnce(key, msg) helper suppresses repeats by key within a process — 1 warn per corrupted file regardless of how many fixers run

[1.8.0] — 2026-04-23

Added

memory install subcommand. Explicitly installs (or re-installs) the knowledge base for this project. Use when the bare memory command reports a half-broken setup, after a purge, or when you want to force-rerun the flow without going through the interactive prompt
Doctor allowlist cross-check. When memory is detected and allowedMcpServers is set without agentic-memory, doctor now emits a HIGH-severity finding. doctor --fix prepends agentic-memory to whichever settings file holds the allowlist
Install preflight. memory install now hard-fails if the claude CLI is missing and warns (non-fatal) if gh is missing — stopping half-configured installs before any side effects are written

Fixed

Memory considered installed despite missing MCP server. isMemoryInstalled() only checked for the SessionStart context hook. A project could have hooks + permissions + a populated DB but no MCP registration, and the bare memory command would still show stats as if healthy. It now also requires the agentic-memory MCP server to be registered in .mcp.json, settings.local.json, or ~/.claude.json (any scope). The half-broken-state message distinguishes "MCP server not registered" from "database not set up"
Install silently broken under allowedMcpServers allowlist. When settings.json contained an allowedMcpServers list without agentic-memory, claude mcp add silently failed with "not allowed by enterprise policy" and install exited 0 with only a warning. Install now prepends agentic-memory to the allowlist before calling mcp add — so the registration succeeds instead of getting policy-blocked
memory push / memory pull exit 0 on sync failure. handleSyncErrors wrapped every sync call in try/catch and returned cleanly on throw, so an expired gh token or network blip left the shell with exit 0 while memories drifted across devices. Failures now set process.exitCode = 1. The nohup-wrapped SessionEnd hook still ignores the exit, but manual invocations and CI scripts now see the non-zero
Gist transport swallowed transport errors. readGistFile / listGistFiles wrapped execSync in try/catch returning null/[]. A network blip during memory push silently returned undefined, push printed "Push complete", and the next pull on another device fetched stale data. Errors now bubble; readGistFile returns null only when the gist exists but the file does not (the legitimate first-push case, which jq surfaces as literal "null")
sync-status remote count included locally-tombstoned memories. The remote column reported payload.memories.length including memories this machine had already deleted, making memory sync status show phantom drift while pull --all correctly reported "Already in sync". The count now filters out memories whose id matches a local tombstone

[1.7.2] — 2026-04-22

Fixed

SessionEnd push hook cancelled before completing. The memory push command takes ~3 seconds (GitHub API call). When Claude Code exits it sends SIGTERM to the hook process before the push finishes, surfacing as SessionEnd hook [...] failed: Hook cancelled. The hook is now wrapped in nohup ... </dev/null >/dev/null 2>&1 & exit 0 — Claude Code sees immediate success, and the detached push process completes independently. The </dev/null stdin redirect is required to prevent nohup from hanging on input. doctor --fix upgrades existing synchronous or plain-backgrounded hooks to the nohup form. Previously installed hooks in existing projects need one doctor --fix run to upgrade (or restart Claude Code after manual edit)

[1.7.1] — 2026-04-21

Fixed

Stale sync-config silently hides all remote memories. ~/.agentic-memory/sync-config.json pointing at a deleted gist caused every readGistFile / listGistFiles call to 404 silently. memory pull, memory pull --all, and memory sync status all reported empty remote even when the real (re-created) gist had memories. loadSyncConfig() now probes the stored gist via gh api "/gists/<id>" --silent and, on HTTP 404, clears the config and re-runs discoverSyncGist() — self-healing the "deleted gist" case transparently. Transient errors (network / auth / rate-limit) are distinguished from 404 and never invalidate the config. Reproduced when a gist was deleted via GitHub UI, then a push from another machine created a fresh gist that this machine never rediscovered
git diff HEAD~5 stderr leak in memory context. src/commands/memory/utils/git-context.ts called execSync without piping stderr, so on a fresh repo with fewer than five commits the fatal: ambiguous argument 'HEAD~5' line bled through to the terminal and into --json output. Both git calls in getGitContext() now pipe stderr. The SessionStart hook had been masking this with 2>/dev/null; manual invocations (and any caller not swallowing stderr) no longer see the leak

[1.7.0] — 2026-04-19

Removed

Filesystem sandbox no longer generated by init. Claude Code's filesystem sandbox propagates to spawned MCP servers and silently blocks any process that touches user-level paths — including our own agentic-memory MCP server, which reads ~/.agentic-memory/memory.db. Symptom was /mcp ✘ failed with SqliteError: unable to open database file in every project that ran init. The permissions.deny rules (credentials, destructive bash, .env reads) already cover the same threat model surgically, without false positives against cross-project tooling
addSandboxSettings fixer, Sandbox not enabled analyzer check, sandbox + HTTP-MCP cross-check in the MCP analyzer
sandbox.network.allowedDomains suggestion from the lp-enhance skill

Changed

Doctor flips the check: sandbox.enabled === true is now flagged as HIGH severity. --fix strips the block. Existing installs self-heal on next doctor --fix
Renamed eval scenario security/sandbox-escape → security/env-exfil-bash. The scenario always tested .env exfil via Bash shells that bypass Read-tool hooks — it never actually exercised the filesystem sandbox
Bumped ENHANCE_SKILL_VERSION to 8 so installed skills auto-update

Fixed

Double-spawned MCP server. src/commands/memory/server.ts had a top-level startServer().catch(...) that auto-fired on module import. The memory serve CLI action then called startServer() again, spawning a second MCP server on the same stdio pipe. Claude Code received two initialize responses, bombed with Received a response for an unknown message ID: {"id":0,...}, and logged /mcp ✘ failed. Gated auto-start with isMainEntry() check via import.meta.url + realpathSync(process.argv[1]) so it only fires when server.js is run as the entry point, never when imported by the CLI. This was the actual reason memory MCP has been failing — sandbox removal and trust-list wiring were separate correctness fixes but neither alone unblocked /mcp
Memory MCP now connects in sessions where it previously failed

[1.6.0] — 2026-04-18

Added

MMR (Maximal Marginal Relevance) diversity re-ranking in InjectionService. After the existing six-signal relevance score, non-pinned candidates are re-ordered so the top slots span distinct topics instead of getting crowded by near-duplicate memories. Pinned high-importance memories (≥ 0.8) bypass MMR so critical knowledge keeps its seat. λ=0.7 (70% relevance, 30% diversity), capped to the top 50 candidates for O(N²) safety
Shared similarity primitives in src/commands/memory/utils/similarity.ts — extractKeywords, jaccardOverlap, smallerSetOverlap. Reused by contradiction detection and MMR
src/commands/memory/utils/mmr.ts — pure applyMMR(scored, options) with 60/40 content-keyword-Jaccard + tag-Jaccard similarity blend. Unit-testable in isolation (λ=1 preserves relevance, λ=0 maximises diversity)
New injection-quality benchmark tests/memory/benchmarks/diversity-selection.bench.ts — 5 topic clusters × 5 near-duplicates + 5 singletons, asserts top-5 covers ≥ 4 distinct topics. Baseline under crowding collapses to 1 topic; MMR expands to 5 (Δ+4)
Config constants INJECTION_MMR_LAMBDA, INJECTION_MMR_MAX_RERANK, INJECTION_MMR_SIM_WEIGHTS, INJECTION_PINNED_IMPORTANCE in config.ts. Tuning is a one-line change, no algorithm edit required

Changed

utils/contradiction.ts no longer re-implements keyword extraction or overlap — imports both from utils/similarity.ts. Behaviour unchanged (same 8/8 contradiction tests pass)
Pinned-memory threshold in InjectionService.#packBudget now reads from INJECTION_PINNED_IMPORTANCE instead of the hard-coded literal 0.8
399 unit tests (+27: 17 similarity, 9 MMR, 1 injection diversity) and 57 benchmarks (+3 diversity)

Fixed

Removed dead lint script from package.json — referenced eslint which was never in devDependencies, caused post-edit-check.sh hook to fail on every write. Project uses tsc --noEmit for static checks; no linter was ever configured

[1.5.0] — 2026-04-18

Fixed

doctor no longer false-positive flags Missing "## Session Start" (or Backlog, Stop-and-Swarm, Off-Limits, Architecture, Stack, Commands) when the mature CLAUDE.md already expresses that intent through a differently-named section. Previously only an exact regex heading like ## Session Start satisfied the check; now ## Sprint Planning, ## Workflow, ## Security Notes, etc. are recognised when their heading or body keywords match the intent
Memory analyzer no longer false-positive flags No SessionStart hook with memory context injection when the hook delegates to a wrapper script. Previously the analyzer only inspected the literal command string; a hook like bash .claude/session-start.sh that itself ran claude-launchpad memory context was invisible. The new resolver reads .sh wrapper bodies inside the project root and treats them as part of the hook's effective command

Added

Intent-based section detection (src/commands/doctor/analyzers/quality-intents.ts) — 7 canonical intents + optional Memory, each with heading aliases AND body keyword fallbacks. A section satisfies an intent when (heading matches) OR (body keyword count ≥ threshold)
LP-STUB markers ( ... ) wrap every AI-boilerplate injection from doctor --fix. Stub-marked sections never satisfy an intent, so users keep seeing the flag until they replace the stub with real content (or delete the markers)
All 8 boilerplate injections in FIX_TABLE now use wrapStub(): Architecture, Off-Limits, Commands, Stack (TODO fallback only), Session Start, Backlog, Stop-and-Swarm, Memory
Hook command resolver (src/commands/doctor/analyzers/hook-resolver.ts) — tokenises hook commands with shell-quote, follows one level of .sh wrapper indirection, applies realpath-based boundary check so symlinks can't escape the project root. Returns structured { command, expansions, missingScripts }
Memory analyzer now emits a low-severity issue when a SessionStart/SessionEnd hook references a .sh wrapper that doesn't exist — broken wrappers are flagged instead of silently passing
tests/fixtures/mature-project.md + tests/fixtures/new-project.md + 12 new assertions in quality-intents.test.ts; 9 resolver tests + 3 wrapper-integration tests in memory-analyzer.test.ts (348 → 372 tests)
shell-quote dependency (2KB, MIT) for canonical shell tokenisation

Changed

BASE_SECTIONS regex loop in analyzers/quality.ts replaced with documentSatisfiesIntent(parseSections(content), rule) — same Missing "## X" section message wording preserved so FIX_TABLE substring matching still works
Root and local CLAUDE.md are now joined with \n\n instead of \n before parsing, so a missing trailing newline can't collapse two sections into one
analyzeMemory(config) → analyzeMemory(config, projectRoot) and hasMemoryIndicators(config) → async hasMemoryIndicators(config, projectRoot); same for analyzeQuality. Callers in doctor/index.ts and doctor/watcher.ts updated. Memory hooks are resolved once per run and shared across the 5 capability checks (no I/O multiplication)

[1.4.0] — 2026-04-16

Fixed

SessionEnd push hook was backgrounded (& exit 0) — push got killed before the gist upload completed, so deletions never propagated between machines. Now runs synchronously (; exit 0)
memory push pull-before-push no longer resurrects hard-deleted memories. Previous union-merge treated "not present locally" as "insert from remote", so deleting on machine A would reappear after pull-before-push

Added

Tombstone sync: hard-deletes now write a tombstone row that rides along in the sync payload. Remote machines apply tombstones before merging memories, so deletions propagate symmetrically
Sync payload bumped to v2 with tombstones[] field (v1 payloads still parse via Zod .default([]))
Migration 004 creates memory_tombstones table with (id, project, deleted_at) + project/deletedAt indexes
Doctor now detects stale backgrounded SessionEnd push hooks and offers --fix to upgrade them to synchronous
two-machine-sync.test.ts — 5 end-to-end scenarios verifying both machines always converge to the same memory set (parity, deletion propagation, no-resurrection, delete-vs-update conflicts, bulk project purge)

Changed

MemoryRepo.hardDelete, deleteByType, deleteByProject now write tombstones atomically via db.transaction()
mergeFromRemote is now three phases: apply remote tombstones → merge memories (skipping locally-tombstoned ids) → link relations
Tie-break rule: when tombstone deleted_at equals memory updated_at, delete wins (matches intent — a later delete at the same millisecond should not be overridden by a simultaneous update)

[1.3.0] — 2026-04-15

Fixed

memory pull now accepts -y flag — heals SessionStart auto-pull hook that was silently failing with "unknown option '-y'" for every session
TUI memory list selection marker (▸) now tracks past entry ~35 — MemoryList viewport reserved the wrong number of chrome rows, clipping the selected row past the bottom border
TUI dashboard no longer jumps layout when navigating between memories with very different content sizes — Detail pane now has a strict height and truncates content to fit
SearchBar no longer shifts the layout by 1 row when opened — contentHeight accounts for its presence

Added

Enter-to-expand overlay in TUI dashboard: press Enter on a selected memory to see full content in a scrollable full-screen view (j/k line scroll, space/PgDn page, g/G top/bottom, q/Esc close)
memory pull --all now skips projects with zero local memories (prevents pulling memories for projects not set up on this machine) and reports them at the end with a hint
memory pull --all shows per-project breakdown when memories were inserted/updated/related
Per-project memory pull output now prefixes the project name and shows a --all tip

Changed

TUI three-panel layout (Memories, Projects, Detail) now locked to strict bottom alignment — Projects panel capped at min(contentHeight/3, 12) rows with … +N more when overflowing
Memory content truncation in Detail pane is now dynamic (fills available rows) and wrap-aware instead of a fixed 500-char cap
Content validation no longer hard-rejects on length — replaced with a two-tier soft warning (>1200 chars warns, >2500 chars warns strongly). Git log and code-heavy content are still rejected
memory_store MCP tool description tightened: target 500-1000 chars per memory; thresholds templated from shared constants so description and validation can't drift
Narrow terminal layout (< 80 cols) splits contentHeight 60/40 between MemoryList and MemoryDetail instead of letting both overflow the terminal

[1.2.3] — 2026-04-13

Fixed

Session Start fixer was missing "Check the Session Log" bullet and used hyphens instead of em dashes
Extracted shared section content to lib/sections.ts so init and fixer can't drift independently
Added skill version hash test to catch content changes without version bumps

Added

Hooks section in README explaining all auto-configured hooks

[1.2.2] — 2026-04-13

Fixed

Bumped /lp-enhance skill version to v7 (v6 users missed local config restore from v1.2.1)

[1.2.1] — 2026-04-13

Fixed

Renamed "When Stuck" to "Stop-and-Swarm" across all surfaces (init, doctor, fixer, docs, README, landing page)
Restored missing local config steps in /lp-enhance skill (.claude/CLAUDE.md and .claude/settings.local.json dropped during Sprint 18 rewrite)

[1.2.0] — 2026-04-13

Added

Doctor now checks for skill authoring conventions in .claude/rules/ files
--fix adds a Skill Authoring section to conventions.md when missing
Starter rules created by --fix now include skill authoring (consistent with init)
Skill authoring conventions updated to match official Claude Code docs: 500-line limit, 250-char description cap, $ARGUMENTS substitution, disable-model-invocation for side-effect skills
Bumped /lp-enhance skill to v6 (doctor will flag stale installs)
6 new tests (328 total)

[1.1.0] — 2026-04-12

Added

Stop-and-swarm section in init, doctor, and --fix: scaffolds a rule so Claude spins up parallel agents after 3 failed iterations instead of guessing in circles

Fixed

MCP tags coercion: memory_store, memory_search, and memory_update now accept tags as both arrays and JSON-encoded strings (fixes harness serialization errors)
MCP dedup messaging: duplicate store responses now start with "OK:" instead of "Skipped:" so agents stop cross-checking with memory_search

[1.0.1] — 2026-04-09

Fixed

memory_search and memory_recent now expose an explicit project parameter so agents can control project scoping (was silently auto-detected with no way to override)
Pass project="*" to search across all projects, or a specific project name to target that project
memory_store project parameter description updated for consistency

[1.0.0] — 2026-04-08

Added

memory sync status subcommand: shows local vs remote memory counts per project
memory sync clean <project> subcommand: removes a project from the sync gist
deleteGistFile() in gist-transport for removing individual files from sync gist
Pull warning when creating a fresh database from remote for a project
Migration 003: content_hash column with unique index on memories table
Store dedup at database level: SHA-256 content hash with INSERT OR IGNORE prevents duplicates even across concurrent calls
Clean error messages for all sync commands when gh is not authenticated

Fixed

Immutability violations in fixer.ts, fixer-memory.ts, and install.ts (all mutations replaced with spread operators)
Sync upsert no longer silently deletes memories with duplicate content across different IDs
Migration backfill deduplicates existing rows before creating unique index (handles pre-existing duplicates)

Changed

MemoryRepo.create() returns null instead of throwing on duplicate content (in-memory dedup kept as fast-path)
upsertFromSync() uses check-then-insert/update pattern instead of INSERT OR REPLACE to respect content_hash constraint

[0.16.1] — 2026-04-08

Fixed

MCP parser now reads type field from .mcp.json (Claude Code uses type, not transport) — fixes false "no command" warnings on HTTP MCP servers like Supabase
Doctor footer no longer suggests --fix when remaining issues have no auto-fixer

[0.16.0] — 2026-04-07

Added

TUI dashboard: d to purge all memories for a project, r to remove a single memory (both with confirmation dialogs)
Doctor: detects missing SessionEnd hook on memory projects
Doctor: detects MCP servers not in allowedMcpServers whitelist
doctor --fix: auto-adds allowedMcpServers from configured MCP servers (reads .mcp.json)
doctor --fix: auto-adds SessionStart pull and SessionEnd push hooks for memory sync
doctor --fix: allowedMcpServers respects shared/local placement routing
Push guard: memory push warns and bails on 0 memories instead of uploading empty gist
Regression test suite (pnpm test:regression): 7 scenarios, 16 assertions for doctor CLI end-to-end
DashboardDataSource unit tests (purge, delete, filtering, stats)

Fixed

getMemoryPlacement no longer prompts on every --fix for pre-existing installs -- infers placement from existing config
SessionEnd push hook backgrounded to avoid timeout kill by Claude Code hook runner
MCP fixer reads .mcp.json for server names (not just settings.json)
Purge confirmation dialog shows total project memory count instead of filtered count
Extracted memory/MCP fix functions to fixer-memory.ts (fixer.ts: 536 to 392 lines)

Changed

TUI header is now responsive to terminal width
Killed CLI memory --purge command (replaced by TUI keybindings)

[0.15.2] — 2026-04-07

Fixed

Relation decay modifier was inverted: connected memories decayed faster instead of slower (highlyConnectedMultiplier 0.35→2.5, connectedMultiplier 0.5→1.8, isolatedMultiplier 1.3→0.8)
Type filter leaked through relation expansion in search — filtered searches could return wrong-type memories via related links

[0.15.1] — 2026-04-06

Changed

TASKS.md template slimmed from 30 to 13 lines (removed kanban lanes, Deferred section, Next Sprint)

[0.15.0] — 2026-04-06

Added

Memory placement prompt: choose shared (CLAUDE.md + settings.json) or local (.claude/CLAUDE.md + settings.local.json) when setting up memory
Local placement keeps memory config gitignored — co-devs never see it
doctor --fix and memory install respect placement choice for all memory-related writes
Quality and memory analyzers check both shared and local files
.claude/.gitignore now includes CLAUDE.md for local config support
Doctor and analyzers now read .claude/CLAUDE.md and settings.local.json
isMemoryInstalled() checks both settings files for memory hooks

Fixed

doctor --fix injected memory guidance into CLAUDE.md on projects without agentic-memory installed — now only triggers when the MCP server is configured in project settings
Skills (lp-migrate-memory) no longer installed when using local placement

[0.14.2] — 2026-04-06

Fixed

Skill version comment placed before YAML frontmatter broke skill parsing ("Skill must provide a name")

[0.14.1] — 2026-04-06

Removed

Stop hook with memory extract — regex-based auto-extraction produced junk memories. Claude stores memories directly via MCP tools now
memory extract subcommand removed from CLI
doctor detects deprecated Stop hook, --fix auto-removes it from existing projects

[0.14.0] — 2026-04-06

Added

/lp-enhance now generates 2-3 custom eval scenarios from project-specific Off-Limits and Conventions rules
/lp-enhance now reviews .claudeignore and flags missing stack-specific patterns
/lp-enhance reads existing eval scenarios during research phase to avoid duplicates
Skill auto-update: doctor detects stale /lp-enhance skills, --fix updates them to latest version
Versioned skill schema (embedded  comment) for stale detection
doctor detects deprecated Stop hook (memory extract), --fix auto-removes it

Changed

/lp-enhance skill expanded: .claudeignore review, eval scenario generation, Skill Authoring conventions check
Rewrote all memory copy with outcome-focused framing (landing page, docs, README, MCP tools, install flow)
Replaced "wiki" references with "knowledge base" across all surfaces
MCP server version now reads from package.json instead of hardcoded string
npm description sharpened, keywords expanded from 10 to 20, added bugs field

Removed

Stop hook with memory extract — regex-based auto-extraction produced junk memories. Claude now stores memories directly via MCP tools, guided by CLAUDE.md's "STORE IMMEDIATELY" rules
memory extract subcommand removed from CLI

[0.13.1] — 2026-04-06

Changed

Rewrote all memory copy with outcome-focused framing (landing page, docs, README, MCP tools, install flow)
Replaced "wiki" references with "knowledge base" across all surfaces
MCP server version now reads from package.json instead of hardcoded string
npm description sharpened to include "CLAUDE.md" and "hooks" as search terms
npm keywords expanded from 10 to 20 for better discoverability
Added bugs field to package.json for npm sidebar link

[0.13.0] — 2026-04-06

Added

Skill Authoring conventions section in init-generated conventions.md (Anthropic's 5 internal skill patterns: TRIGGER clauses, allowed-tools, argument-hint, phase-based structure, edge case handling)
/lp-enhance detects missing Skill Authoring section and adds it to existing projects
Inline changelog in docs site via prebuild sync script (no longer links to GitHub)

Fixed

Memory search and recent tools returned truncated content (sliced to 500 chars) — now returns full content
Memory store rejected content over 2000 chars via Zod schema before content-validation could run — removed hard limit, kept soft guide in tool description
Stale blessed references updated to Ink in architecture docs
undefined Home page description removed from llms.txt index

[0.12.2] — 2026-04-06

Fixed

Memory search and recent tools returned truncated content (sliced to 500 chars) — now returns full content
Memory store Zod schema rejected content over 2000 chars before content-validation could run — removed hard limit, kept soft guide in tool description

Changed

Docs changelog rendered inline from CHANGELOG.md via prebuild sync script (was linking to GitHub)
Removed landing page Home link from docs meta.json that leaked undefined description into llms.txt

[0.12.1] — 2026-04-06

Added

Dashboard d key to delete selected memory with confirmation overlay
Path-scoped rules generation in /lp-enhance (detects monorepos, distinct areas, generates per-scope rules)
Rewrote all skills using Anthropic's internal patterns (TRIGGER/DO NOT TRIGGER, allowed-tools, phase-based workflows)
Dedup behavior note in memory_store tool description

Changed

/lp-enhance skill restructured as Research/Plan/Execute/Verify phases
/lp-migrate-memory skill restructured as Discover/Parse/Store/Report phases
content-review global skill restructured with phase-based workflow

[0.12.0] — 2026-04-06

Added

TUI dashboard migrated from blessed to Ink (React for terminal)
- Persistent keybinding hint bar (always visible)
- Inline live search (replaces modal)
- Focus ring on active pane (colored borders)
- Responsive layout (wide/medium/narrow)
- Arrow key + vim dual navigation
Memory algorithm tuning from 3-expert panel review:
- Episodic half-life 60 to 30 days, semantic 365 to 540 days
- Logarithmic access modifier (replaces step function)
- Stronger relation modifier (0.5x for 3+, 0.35x for 6+ connections)
- Tag normalization at store time (lowercase, aliases: bugfix to bug, etc.)
- Auto-tagging from content keywords (bug, decision, gotcha, howto, pattern)
- Search synonym expansion (auth to authentication/login/oauth, db to database/sql, etc.)
- Token budget raised from 2000 to 3000
- Context weight redistributed when gitContext missing
- Smooth cold start ramp for 6-20 memories
- Type diversity cap (max 2 same type in full tier)
- Branch-name heuristic (fix/* boosts patterns, feat/* boosts procedural)
- Pinned slots (importance >= 0.8 gets reserved 10% budget)
- Summary tier raised from 150 to 350 chars
Memory content limit reduced from 10000 to 2000 chars (~500 tokens)
No-credentials rule in MCP server instructions

Changed

Replaced blessed with Ink (React 19) + ink-text-input + ink-select-input
Dashboard lifespan display uses createdAt (matches decay-service)
Sprint review made mandatory in conventions.md (must spawn code review agent)
Feature branches required for feat: commits

Fixed

Esc key not working during TUI search
Ebbinghaus decay curve (steeper initial drop with residual floor)
Dedup guard messaging (pendingStores for parallel calls)

Removed

blessed dependency

[0.11.0] — 2026-04-05

Added

Cross-device memory sync via private GitHub Gist (memory push / memory pull)
- One file per project inside a single gist for scalable multi-project sync
- Auto-detects current project from working directory
- --all flag to push/pull all projects at once
- Auto-discovers gist on new devices (no config copying needed)
- Pull-before-push guard prevents silent overwrites
- Zod validation on both push and pull
- -y flag to skip confirmation prompt (for scripts)
In-memory dedup guard in memory_store to prevent duplicate memories from parallel MCP calls
No-credentials rule in MCP server instructions and doctor-generated CLAUDE.md

Changed

Refactored doctor/fixer.ts (433 to 385 lines) via shared addHook() helper
Refactored eval/runner.ts: merged duplicate file check functions, replaced local fileExistsSafe with shared fileExists

Fixed

Project-scoped push no longer overwrites other projects in gist
Shell injection risk in gist transport (slugified filenames, validated gist IDs)

[0.10.0] — 2026-04-04

Added

BACKLOG.md as first-class project artifact alongside CLAUDE.md and TASKS.md
- init generates BACKLOG.md with priority tier template (P0/P1/P2)
- doctor flags missing BACKLOG.md (low severity, Rules analyzer)
- doctor --fix auto-creates BACKLOG.md if missing
- Generated CLAUDE.md includes ## Backlog section with usage instructions
- doctor --fix adds ## Backlog section to existing CLAUDE.md
Three-file system documented: CLAUDE.md (what Claude needs), TASKS.md (what we're doing now), BACKLOG.md (what we're doing later)
memory install now detects already-registered MCP server instead of showing false error

Changed

Instruction budget thresholds raised to match official Claude Code guidance: warn at 150, danger at 200, critical at 250 (was 120/150/200)
/lp-enhance skill budget raised from 120 to 200 lines

Fixed

memory install MCP registration: claude mcp add exited 1 when server already existed, causing false "Could not register" warning
Stale documentation references (budget thresholds, file counts, em dashes)

[0.9.1] — 2026-04-04

Fixed

cwdRequire ESM compatibility: use package.json paths for createRequire instead of bare require() fallback that crashes in ESM bundles
Fixes "Dynamic require of better-sqlite3 is not supported" error when running memory command from globally installed CLI

[0.9.0] — 2026-04-03

Added

Smart memory injection algorithm (InjectionService) replaces binary full/graph mode
- 6-signal scoring: context relevance, value signal (access/injection ratio), importance, type-aware recency, type bonus, noise penalty
- 3 presentation tiers: full content, summary, index (title-only)
- Token-budget packing (default 2000 tokens) with automatic tier demotion
- Self-tuning: memories Claude searches for rise in rank, ignored ones fade out
- Cold start handling: injects all when below 5 memories
- 12 new tests for injection scoring, tiers, and budget
Backlog system (BACKLOG.md) for parking deferred features

Fixed

incrementInjection was never called (injection count permanently 0 for all memories)
incrementAccess was incorrectly called during injection (inflated access counts)
Token budget (2000 tokens) now enforced (was using arbitrary count-based limit of 10)

Changed

Memory docs rewritten: session injection, self-tuning, and search scoring as distinct sections
Landing page memory section: brain-inspired copy, improved bullet points
README memory section: smart injection and self-tuning bullets
Removed duplicate changelog link from docs nav

[0.8.3] — 2026-04-03

Added

Smart memory injection algorithm (InjectionService) replaces binary full/graph mode
- Unified scoring: context relevance, value signal (access/injection ratio), importance, recency, type bonus, noise penalty
- Three presentation tiers (full/summary/index) with token-budget packing
- Type-specific recency half-lives (episodic 7d, semantic 30d, procedural 90d)
- Cold start handling: injects all when below 5 memories
- 12 new tests for injection scoring, tiers, and budget

Fixed

incrementInjection was never called (injection count permanently 0)
incrementAccess was called during injection (inflated access counts, should only trigger on explicit search)
Token budget (2000 tokens) now enforced (was using count-based limit)

[0.8.2] — 2026-04-03

Fixed

Memory analyzer now correctly reads permissions.allow instead of nonexistent allowedTools field
Memory score shows 100% when all permissions are configured

[0.8.1] — 2026-04-03

Fixed

Removed MCP server check from doctor memory analyzer (registered globally, not in project settings)
Fixed doctor --fix hanging when no fixes could be applied
Always re-scan and render report after --fix attempt

[0.8.0] — 2026-04-03

Changed

Memory is now fully optional — doctor no longer flags missing Memory section for non-memory users
init no longer generates ## Memory & Learnings section in CLAUDE.md
/lp-enhance skill only suggests Memory guidance if memory is already configured
doctor --fix no longer injects Memory section into non-memory projects
Dev/release publish workflow: pnpm publish:dev for prereleases, pnpm publish:release for stable

Fixed

MCP server registration: removed stray -- from claude mcp add that caused broken registrations
Native deps (better-sqlite3, sqlite-vec) resolve from user's local node_modules, fixing memory command with global CLI install
cwdRequire evaluated lazily with fallback to CLI's own resolution chain

[0.7.9] — 2026-04-03

Fixed

MCP server registration: removed stray -- from claude mcp add command that caused broken registrations
Removed accidental self-dependency in package.json

[0.7.8] - 2026-04-03

Fixed

cwdRequire now checks global node_modules (npm install -g) - fixes memory commands failing after global dep install
Memory install auto-installs native deps globally if missing
Error messages now suggest npm install -g instead of local install

[0.7.7] - 2026-04-03

Changed

Memory install now injects "STORE IMMEDIATELY" guidance into CLAUDE.md - prompts proactive memory storage instead of relying only on auto-extraction

[0.7.6] - 2026-04-03

Fixed

Moved blessed to optionalDependencies - fixes dashboard crash on global install
Simplified dependency strategy: native deps (better-sqlite3, sqlite-vec) stay dev-only, everything else is optional

[0.7.4] - 2026-04-03

Fixed

Removed all optional dependencies from npm install - only 5 lightweight deps remain
claude-agent-sdk, @modelcontextprotocol/sdk, zod moved to dev-only
Eval falls back to Claude CLI when agent-sdk is missing
Memory shows clear install prompt for native deps
Zero warnings, fast install (was ~26s with native compilation)

[0.7.3] - 2026-04-03

Fixed

Native deps (better-sqlite3, sqlite-vec) now resolve from user's local node_modules
cwdRequire evaluated lazily for MCP server compatibility

[0.7.2] - 2026-04-03

Fixed

Upgraded zod 3 to zod 4 - fixes peer dependency warning with claude-agent-sdk and boolean coercion in memory_forget tool
Deferred better-sqlite3/sqlite-vec/blessed to dev-only - npm install no longer compiles native modules. Users install them separately when setting up memory

[0.7.0] - 2026-04-01

Added

memory command - persistent, intelligent memory system for Claude Code sessions
- SQLite-backed with FTS5 full-text search
- Neuroscience-inspired decay model (episodic, semantic, procedural, pattern types)
- 7 MCP tools (store, search, recent, forget, relate, stats, update)
- SessionStart hook auto-injects relevant context
- Interactive install with confirmation prompt
- --dashboard flag for memory statistics
Doctor memory analyzer - detects memory config issues when installed
Doctor --fix auto-repairs: disables auto-memory, adds MCP tool permissions, injects CLAUDE.md guidance

Changed

enhance CLI command replaced with /lp-enhance skill (runs inside Claude Code session)
- Installed during init with global/project scope picker
- Doctor detects missing skill, --fix creates it
- Uses .claude/skills/lp-enhance/SKILL.md format with frontmatter
Banner updated: "Scaffold - Diagnose - Evaluate - Remember"
Shared settings helpers extracted to src/lib/settings.ts

Removed

enhance CLI command (replaced by /lp-enhance skill)

[0.6.0] - 2026-03-30

Added

Sprint review hook: PostToolUse hook detects sprint completion in TASKS.md and nudges a quality check before committing
Sprint Reviews section in generated CLAUDE.md

[0.5.4] - 2026-03-29

Added

--fix now auto-adds SessionStart hook (injects TASKS.md at startup)

Changed

--fix no longer shows the before-score - only the post-fix result
Post-fix report says "remaining issue(s) require manual intervention" instead of suggesting --fix again
Dry-run shows fix actions, skips unfixable issues

[0.5.3] - 2026-03-29

Changed

Doctor output: compact single-line issues (was 3 lines each with fix text)
Doctor --fix and --fix --dry-run now recommend running enhance as next step
Dry-run shows fix actions instead of problem messages, skips unfixable issues

[0.5.2] - 2026-03-29

Added

doctor --fix --dry-run - preview what fixes would be applied without modifying files
pnpm publish:dev / pnpm publish:release scripts for prerelease workflow

[0.5.1] - 2026-03-29

Added

4 new doctor checks: deprecated includeCoAuthoredBy, monorepo claudeMdExcludes hint, hook timeouts on broad matchers, auto-memory disabled without manual strategy
SessionStart hook in init-generated settings.json - injects TASKS.md at session startup
Doctor hooks analyzer now checks for SessionStart hook
Attribution migration auto-fix: --fix migrates deprecated includeCoAuthoredBy to attribution object
Enhance prompt: suggests path-scoped rules, sandbox.network.allowedDomains, claudeMdExcludes for monorepos
2 new eval scenarios: memory-persistence, deferred-tracking - 15 total
timeout field parsed from hooks in settings.json

Fixed

doctor --fix now re-scans and shows updated score after applying fixes (previously required a second run)

Changed

Hooks analyzer score weight: 20 to 15 per issue (6 checks would bottom out too fast)
Total tests: 91 to 99

[0.5.0] - 2026-03-29

Added

Security hardening: init generates credential deny rules (~/.ssh/*, ~/.aws/*, ~/.npmrc), sandbox enabled, bypass mode disabled
5 new doctor checks: credential file exposure, blanket Bash approval, .env gap (hooks vs .claudeignore), bypass mode unprotected, sandbox not enabled
4 new auto-fixes: --fix adds credential deny rules, bypass disable, sandbox settings, .env to .claudeignore
2 new eval scenarios: credential-read (SSH key protection), sandbox-escape (.env bypass via Bash)
Interactive eval mode: eval with no flags prompts for suite, runs, and model selection
.claudeignore parsing added to ClaudeConfig for cross-checking with hooks

Fixed

build.gradle detection bug - || on two promises always returned the first (Kotlin/Gradle projects misdetected)
Broader .env matching in .claudeignore fixer (handles .env* pattern)
makeConfig test helpers missing claudeignorePath/claudeignoreContent defaults

Changed

Permissions analyzer score weight: 20 to 15 per issue (8 checks would bottom out too fast)
Security eval suite: 4 to 6 scenarios
Total tests: 71 to 91

[0.4.3] - 2026-03-29

Fixed

Eval sandbox now copies user's full .claude/ config (settings.json, rules, hooks, permissions) and .claudeignore - previously only a bare CLAUDE.md from the scenario was used

[0.4.2] - 2026-03-29

Added

Memory & Learnings section in generated CLAUDE.md
PostCompact hook in generated settings.json - re-injects TASKS.md after context compaction
Deferred section in generated TASKS.md
Doctor checks for Memory section and PostCompact hook
--fix auto-adds Memory section and PostCompact hook
Enhance prompt now suggests PostCompact hook for existing projects

[0.4.1] - 2026-03-29

Changed

Refactored tryFix() from 73-line if/else chain to FIX_TABLE lookup pattern
Refactored detectScripts() from 112-line if/else chain to LANGUAGE_SCRIPTS config object

Added

13 new tests for detectScripts() covering all supported languages (58 to 71 tests)

[0.4.0] - 2026-03-28

Added

Enhanced init: generates 6 files (CLAUDE.md, TASKS.md, settings.json, .gitignore, .claudeignore, conventions.md)
settings.json includes $schema for IDE autocomplete, permissions.deny for security
Destructive command blocking hooks (force-push, reset --hard, rm -rf)
Language-specific starter rules (13 languages)

Changed

Init detects 20+ frameworks from manifest files + lockfiles

[0.3.4] - 2026-03-28

Fixed

Security: command injection in hook generation (SAFE_FORMATTERS dict)

Added

Suite filtering for eval
Eval report output to .claude/eval/

[0.3.0] - 2026-03-28

Added

doctor --watch: polling-based live score updates
.claudeignore generation in --fix
enhance budget cap (120 lines)
Tech Stack section in generated CLAUDE.md

[0.2.2] - 2026-03-28

Added

Plugin submitted to marketplace
50 tests, 60KB package size

[0.1.0] - 2026-03-28

Added

Initial npm publish
init, doctor, enhance, eval commands
7 analyzers, 7 eval scenarios
Stress tested across 8 stacks