csesh is built as a CLI-first tool with an integrated web dashboard — two interfaces to the same underlying session engine.

The CLI reads Claude Code's local session storage directly, parsing session files to extract conversation content, metadata, timestamps, and token usage. All indexing and search happens locally using optimized string matching — no external search engine, no database, no dependencies.

The web dashboard is a lightweight HTTP server that serves a vanilla HTML/JS interface on localhost:3456. Activity graphs, cost breakdowns, and session browsing in a visual format. The server binds exclusively to the loopback interface with strict CORS headers.

Key Decisions

Zero dependencies — The entire tool — CLI parser, HTTP server, HTML dashboard, search engine — is built from scratch using only Node.js built-in modules. This eliminates supply chain risk and keeps cold start under one second.
Localhost-only binding — The web dashboard binds to 127.0.0.1, not 0.0.0.0. Combined with CORS restrictions, session data is only accessible from your browser on your machine.
Non-destructive deletion — Deleted sessions are removed from disk but their metadata is preserved in a trash manifest, allowing recovery and audit.
Direct file parsing — csesh reads Claude Code's session files directly rather than maintaining a separate database. Zero sync issues and immediate availability of new sessions.

# Search across all sessions
npx @arthurpcd/csesh search "authentication bug"

# View cost breakdown by project
npx @arthurpcd/csesh costs --by project

# Launch the web dashboard
npx @arthurpcd/csesh dashboard

# Clean up sessions older than 30 days
npx @arthurpcd/csesh prune --older-than 30d

// Zero-dependency HTTP server — Node.js built-ins only
const { createServer } = require("node:http");

const server = createServer((req, res) => {
  if (
    req.headers.origin &&
    !req.headers.origin.includes("localhost")
  ) {
    res.writeHead(403);
    return res.end("Forbidden");
  }

  res.setHeader(
    "Access-Control-Allow-Origin",
    "http://localhost:3456"
  );
  const url = new URL(req.url, `http://${req.headers.host}`);
  return router.handle(url.pathname, req, res);
});

// Bind exclusively to loopback
server.listen(3456, "127.0.0.1");

# Search across all sessions npx @arthurpcd/csesh search "authentication bug" # View cost breakdown by project npx @arthurpcd/csesh costs --by project # Launch the web dashboard npx @arthurpcd/csesh dashboard # Clean up sessions older than 30 days npx @arthurpcd/csesh prune --older-than 30d

// Zero-dependency HTTP server — Node.js built-ins only const { createServer } = require("node:http"); const server = createServer((req, res) => { if ( req.headers.origin && !req.headers.origin.includes("localhost") ) { res.writeHead(403); return res.end("Forbidden"); } res.setHeader( "Access-Control-Allow-Origin", "http://localhost:3456" ); const url = new URL(req.url, `http://${req.headers.host}`); return router.handle(url.pathname, req, res); }); // Bind exclusively to loopback server.listen(3456, "127.0.0.1");

csesh

Key Decisions

Origo

csesh

Key Decisions

Origo