claude-mem

v13.4.0 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 5d AI Coding Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai ai-agents ai-memory anthropic artificial-intelligence chromadb

+14 more

claude claude-agent-sdk claude-agents claude-code claude-code-plugin claude-skills embeddings long-term-memory mem0 memory-engine openmemory llm sqlite supermemory

ReleasePort's take

Light signal

editorial:auto 5d

Version v13.4.0 adds a configurable OpenAI‑compatible base URL for the OpenRouter provider and resolves several Windows‑specific bugs, SQLite repair issues, and CI test leakage.

Why it matters: The new OpenRouter configuration enables custom endpoint routing; bug fixes address PID reuse, schema corruption, and logger leaks that could cause flaky builds or data loss in affected environments.

Summary

AI summary

Updates CI / tests, highlights, and plan-02 across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature	Low	Adds configurable OpenAI-compatible base URL for OpenRouter provider. Adds configurable OpenAI-compatible base URL for OpenRouter provider. Source: llm_adapter@2026-05-29 Confidence: high	—
Dependency	Low	Removes npm‑lockfile dependency to align with repo's no‑committed‑lockfile convention. Removes npm‑lockfile dependency to align with repo's no‑committed‑lockfile convention. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix
Bugfix	Medium	Fixes canonical CLAUDE_PLUGIN_ROOT resolution and Windows spawn issues (codex.cmd, chroma-mcp quoting). Fixes canonical CLAUDE_PLUGIN_ROOT resolution and Windows spawn issues (codex.cmd, chroma-mcp quoting). Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Adds Windows PID-reuse start-token guard for worker lifecycle. Adds Windows PID-reuse start-token guard for worker lifecycle. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Implements commit‑hash verification before persisting output and prevents null cwd from stripping hex strings. Implements commit‑hash verification before persisting output and prevents null cwd from stripping hex strings. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Adds SQLite schema repair via .recover and closes DB handle on repair errors to avoid leaked write locks. Adds SQLite schema repair via .recover and closes DB handle on repair errors to avoid leaked write locks. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Ensures SessionMessageBuffer.clear() also resets the dedup set, allowing toolUseId reuse. Ensures SessionMessageBuffer.clear() also resets the dedup set, allowing toolUseId reuse. Source: llm_adapter@2026-05-29 Confidence: high	—
Bugfix	Medium	Fixes mock.module logger leakage across test files and guards sqlite3 .recover capability for clean CI runs. Fixes mock.module logger leakage across test files and guards sqlite3 .recover capability for clean CI runs. Source: llm_adapter@2026-05-29 Confidence: high	—

Full changelog

v13.4.0 — Defect backlog clearance + provider extensibility

Clears a large defect backlog (plans 01–11 plus standalone fixes) and adds provider configurability. Test suite moved 46 → 0 failing and typecheck 24 → 0 errors over the branch.

Features

Configurable OpenAI-compatible base URL for the OpenRouter provider (CLAUDE_MEM_OPENROUTER_BASE_URL) — point claude-mem at DeepSeek, LM Studio, or any custom OpenAI-compatible endpoint.

Fixes (highlights)

Spawn contract (plan-02): canonical ${CLAUDE_PLUGIN_ROOT} resolution + Windows spawn fixes (codex.cmd, chroma-mcp cmd.exe quoting).
Worker lifecycle (plan-03): Windows PID-reuse start-token guard.
Output fidelity (plan-11): commit-hash verification before persist; null-cwd no longer strips every hex string from summaries.
SQLite self-healing: schema repair via sqlite3 .recover; close DB handle on repair error paths (no leaked write lock).
SessionMessageBuffer: clear() now also resets the dedup set, so a previously-seen toolUseId can re-enter.
Standalone: project name, dot-path encoding, path-match, CLAUDE.md denylist.

CI / tests

New CI workflow (typecheck · build · test · bundle-size + docker pg+valkey e2e) made green; removed npm-lockfile dependency to match the repo's no-committed-lockfile convention.
Fixed mock.module logger leakage across test files and guarded sqlite3 .recover capability so CI runs cleanly.

Full diff: https://github.com/thedotmack/claude-mem/pull/2701

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track claude-mem

Get notified when new releases ship.

About claude-mem

A Claude Code plugin that automatically captures everything Claude does during your coding sessions, compresses it with AI (using Claude's agent-sdk), and injects relevant context back into future sessions.

All releases →