feat: distill safeguards — rolling backups + sanity checks

Before any memory file is overwritten, _rotate_backup() keeps 2 rolling backups: MEMORY_*.bak1.md (most recent) and MEMORY_*.bak2.md (older). _sanity_check() now also guards against size anomalies: the new content must be between 40% and 250% of the old file size — anything outside that range looks like truncation or runaway output and aborts the write. Existing checks (min length, refusal phrases) still apply. Backup files exposed in the Files panel (ALLOWED set) so they can be reviewed and manually restored if needed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-05 18:54:27 -04:00
parent 0ffcd57c95
commit 508fb638ad
2 changed files with 110 additions and 8 deletions
--- a/cortex/routers/files.py
+++ b/cortex/routers/files.py
@@ -16,10 +16,16 @@ ALLOWED = {
    "USER.md",
    "PROTOCOLS.md",
    "CONTEXT_TIERS.md",
-    "MEMORY.md",        # legacy — kept for reference
+    "MEMORY.md",          # legacy — kept for reference
    "MEMORY_LONG.md",
    "MEMORY_MID.md",
    "MEMORY_SHORT.md",
+    "MEMORY_LONG.bak1.md",
+    "MEMORY_LONG.bak2.md",
+    "MEMORY_MID.bak1.md",
+    "MEMORY_MID.bak2.md",
+    "MEMORY_SHORT.bak1.md",
+    "MEMORY_SHORT.bak2.md",
    "HELP.md",
 }