@askexenow/exe-os 0.9.155 → 0.9.157

package/deploy/compose/PROTECTED_FILES.md

@@ -0,0 +1,34 @@
+# Protected Files — NEVER overwritten by stack-update
+
+These files contain customer configuration. `exe-os stack-update` MUST NOT
+touch them. If a file needs to change, the update should add a NEW file
+and log a migration notice, not replace the existing one.
+
+## Config files (bind-mounted, customer-owned after first setup)
+- `.env` — all secrets, tokens, passwords (PATCHED, never replaced)
+- `gateway.json` — WhatsApp adapter config, account names
+- `branding.json` — customer brand colors, fonts, logo
+- `cloudflared/config.yml` — tunnel ID, credentials, ingress routes
+- `cloudflared/*.json` — tunnel credential files
+
+## Data volumes (Docker managed, persist across updates)
+- `postgres_data` — all database data (CRM, wiki, graph, raw, gateway)
+- `gateway_data` — Baileys WhatsApp auth state (creds.json, sessions)
+- `wiki_data` — uploaded documents, workspace storage
+- `crm_data` — CRM local file storage
+- `monitor_hub_data` — PocketBase data, alert history
+- `monitor_agent_data` — agent metrics cache
+- `redis_data` — CRM job queue, session cache
+- `clickhouse_data` — CRM analytics
+- `exe_os_data` — daemon state, SQLCipher memory DB
+
+## What CAN be updated safely
+- Docker images (pulled, not built locally)
+- `init-db.sql` (only runs on FIRST postgres boot, not on restarts)
+- `docker-compose.yml` (can be replaced — it references configs by path)
+- Deploy scripts (setup.sh, backup.sh, status.sh)
+
+## Golden rule
+If `docker compose down && docker compose up -d` loses customer data
+or config, the compose is WRONG. Volumes and bind mounts must survive
+any container lifecycle operation EXCEPT `docker compose down -v`.

package/deploy/compose/backup.sh

@@ -0,0 +1,117 @@
+#!/usr/bin/env bash
+# exe-os stack backup — full data + config, portable to any destination.
+#
+# Usage:
+#   ./backup.sh                          # Backup to /opt/exe-backups/
+#   ./backup.sh --output /tmp/backup     # Backup to custom dir
+#   ./backup.sh --download               # Create backup + print download command
+#   ./backup.sh --upload-r2              # Backup + upload to Cloudflare R2
+#   ./backup.sh --upload-s3 s3://bucket  # Backup + upload to S3
+#
+set -euo pipefail
+
+BACKUP_DIR="${BACKUP_DIR:-/opt/exe-backups}"
+RETENTION_DAYS="${BACKUP_RETENTION_DAYS:-7}"
+DATE=$(date +%Y%m%d-%H%M%S)
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+DOWNLOAD_MODE=false
+UPLOAD_R2=false
+UPLOAD_S3=""
+
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    --output) BACKUP_DIR="$2"; shift 2;;
+    --download) DOWNLOAD_MODE=true; shift;;
+    --upload-r2) UPLOAD_R2=true; shift;;
+    --upload-s3) UPLOAD_S3="$2"; shift 2;;
+    *) shift;;
+  esac
+done
+
+mkdir -p "$BACKUP_DIR"
+ARCHIVE="$BACKUP_DIR/exe-backup-$DATE"
+mkdir -p "$ARCHIVE"
+
+echo "[backup] Starting exe-os full stack backup ($DATE)"
+
+# 1. Postgres dump (all databases)
+echo "[backup] Dumping postgres..."
+docker exec exe-db pg_dumpall -U exe > "$ARCHIVE/postgres.sql" 2>/dev/null || echo "[backup] Postgres dump failed"
+gzip "$ARCHIVE/postgres.sql" 2>/dev/null || true
+
+# 2. Customer config files (.env, gateway.json, branding.json, cloudflared)
+echo "[backup] Backing up config files..."
+cp "$SCRIPT_DIR/.env" "$ARCHIVE/env.bak" 2>/dev/null || true
+cp "$SCRIPT_DIR/gateway.json" "$ARCHIVE/gateway.json" 2>/dev/null || true
+cp "$SCRIPT_DIR/branding.json" "$ARCHIVE/branding.json" 2>/dev/null || true
+cp -r "$SCRIPT_DIR/cloudflared" "$ARCHIVE/cloudflared" 2>/dev/null || true
+
+# 3. Gateway auth state (Baileys creds — critical for WhatsApp connection)
+echo "[backup] Backing up gateway WhatsApp auth state..."
+docker cp exe-gateway:/data/. "$ARCHIVE/gateway-data/" 2>/dev/null || echo "[backup] Gateway data skipped"
+
+# 4. Wiki storage (uploaded documents)
+echo "[backup] Backing up wiki storage..."
+docker cp exe-wiki:/app/server/storage/. "$ARCHIVE/wiki-storage/" 2>/dev/null || echo "[backup] Wiki storage skipped"
+
+# 5. exe-os daemon state (optional — SQLCipher DB is local-first, not critical for VPS)
+echo "[backup] Backing up exe-os state..."
+docker cp exe-os:/home/exed/.exe-os/. "$ARCHIVE/exe-os-data/" 2>/dev/null || echo "[backup] exe-os data skipped"
+
+# 6. Create single archive
+echo "[backup] Creating archive..."
+TARFILE="$BACKUP_DIR/exe-backup-$DATE.tar.gz"
+tar -czf "$TARFILE" -C "$BACKUP_DIR" "exe-backup-$DATE" 2>/dev/null
+rm -rf "$ARCHIVE"
+echo "[backup] Archive: $TARFILE ($(du -h "$TARFILE" | cut -f1))"
+
+# 7. Retention — delete old backups
+echo "[backup] Cleaning backups older than $RETENTION_DAYS days..."
+find "$BACKUP_DIR" -name "exe-backup-*.tar.gz" -mtime "+$RETENTION_DAYS" -delete 2>/dev/null
+
+# 8. Download instructions
+if $DOWNLOAD_MODE; then
+  echo ""
+  echo "=== Download to your local machine ==="
+  echo "Run on your local machine:"
+  echo ""
+  HOSTNAME=$(hostname)
+  IP=$(curl -s ifconfig.me 2>/dev/null || echo "<VPS_IP>")
+  echo "  scp root@$IP:$TARFILE ./exe-backup-$DATE.tar.gz"
+  echo ""
+  echo "Or via Tailscale:"
+  TS_IP=$(tailscale ip -4 2>/dev/null || echo "<TAILSCALE_IP>")
+  echo "  scp root@$TS_IP:$TARFILE ./exe-backup-$DATE.tar.gz"
+  echo ""
+  echo "To restore on a new VPS:"
+  echo "  tar -xzf exe-backup-$DATE.tar.gz"
+  echo "  cp env.bak /opt/exe-stack/.env"
+  echo "  cp gateway.json /opt/exe-stack/"
+  echo "  cp branding.json /opt/exe-stack/"
+  echo "  cp -r cloudflared/ /opt/exe-stack/"
+  echo "  cat postgres.sql.gz | gunzip | docker exec -i exe-db psql -U exe"
+  echo "  docker compose up -d"
+fi
+
+# 9. Upload to R2 (Cloudflare)
+if $UPLOAD_R2; then
+  echo "[backup] Uploading to Cloudflare R2..."
+  if command -v rclone >/dev/null 2>&1; then
+    rclone copy "$TARFILE" r2:exe-backups/ 2>&1 && echo "[backup] R2 upload complete" || echo "[backup] R2 upload failed"
+  elif command -v aws >/dev/null 2>&1; then
+    aws s3 cp "$TARFILE" "s3://exe-backups/$(basename "$TARFILE")" --endpoint-url "${R2_ENDPOINT:-}" 2>&1 || echo "[backup] R2 upload failed — configure R2_ENDPOINT"
+  else
+    echo "[backup] Install rclone or aws-cli for R2 upload"
+  fi
+fi
+
+# 10. Upload to S3
+if [[ -n "$UPLOAD_S3" ]]; then
+  echo "[backup] Uploading to S3..."
+  aws s3 cp "$TARFILE" "$UPLOAD_S3/$(basename "$TARFILE")" 2>&1 && echo "[backup] S3 upload complete" || echo "[backup] S3 upload failed"
+fi
+
+echo "[backup] Done."
+echo ""
+echo "Backups:"
+ls -lh "$BACKUP_DIR"/exe-backup-*.tar.gz 2>/dev/null | tail -5

package/deploy/compose/branding.json

@@ -0,0 +1,20 @@
+{
+  "name": "Exe OS",
+  "logo": null,
+  "colors": {
+    "primary": "#F5D76E",
+    "background": "#0F0E1A",
+    "surface": "rgba(245, 215, 110, 0.08)",
+    "text": "#f8f5ea",
+    "muted": "rgba(248, 245, 234, 0.72)"
+  },
+  "fonts": {
+    "heading": "Epilogue",
+    "body": "Manrope",
+    "mono": "Space Grotesk"
+  },
+  "support": {
+    "email": "support@askexe.com",
+    "url": "https://askexe.com"
+  }
+}

package/deploy/compose/docker-compose.yml

@@ -126,6 +126,11 @@ services:
       API_EXTERNAL_URL: ${GOTRUE_EXTERNAL_URL:-https://auth.askexe.com}
       GOTRUE_DISABLE_SIGNUP: ${GOTRUE_DISABLE_SIGNUP:-false}
       GOTRUE_MAILER_AUTOCONFIRM: ${GOTRUE_MAILER_AUTOCONFIRM:-true}
+      GOTRUE_SMTP_HOST: ${SMTP_HOST:-}
+      GOTRUE_SMTP_PORT: ${SMTP_PORT:-587}
+      GOTRUE_SMTP_USER: ${SMTP_USER:-}
+      GOTRUE_SMTP_PASS: ${SMTP_PASS:-}
+      GOTRUE_SMTP_ADMIN_EMAIL: ${SMTP_FROM:-noreply@askexe.com}
     ports:
       - "127.0.0.1:${GOTRUE_HOST_PORT:-9999}:9999"
     networks:
@@ -173,9 +178,14 @@ services:
     image: ${CRM_IMAGE_TAG:-ghcr.io/askexe/exe-crm:v0.9.2}
     container_name: exe-crm
     restart: unless-stopped
+    # Auto-migrate on boot: run database init before starting the app.
+    # Twenty CRM won't create tables automatically — this ensures they exist.
+    command: ["sh", "-c", "yarn database:init:prod 2>/dev/null || true && node dist/src/main"]
     depends_on:
       exe-db:
         condition: service_healthy
+      gotrue:
+        condition: service_healthy
       clickhouse:
         condition: service_healthy
       redis:
@@ -261,9 +271,13 @@ services:
     image: ${WIKI_IMAGE_TAG:-ghcr.io/askexe/exe-wiki:v0.9.2}
     container_name: exe-wiki
     restart: unless-stopped
+    # Wiki uses Prisma — runs migrate on boot via built-in entrypoint.
+    # If tables don't exist, Prisma creates them automatically.
     depends_on:
       exe-db:
         condition: service_healthy
+      gotrue:
+        condition: service_healthy
     env_file:
       - path: .env
         required: false

package/deploy/compose/restore.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+# exe-os stack restore — restore from a backup archive.
+#
+# Usage:
+#   ./restore.sh /path/to/exe-backup-YYYYMMDD-HHMMSS.tar.gz
+#
+# WARNING: This overwrites current config and database. Make a backup first.
+set -euo pipefail
+
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+info() { echo -e "${GREEN}[restore]${NC} $1"; }
+warn() { echo -e "${YELLOW}[restore]${NC} $1"; }
+err() { echo -e "${RED}[restore]${NC} $1" >&2; }
+
+ARCHIVE="${1:-}"
+[[ -z "$ARCHIVE" ]] && { err "Usage: ./restore.sh <backup-archive.tar.gz>"; exit 1; }
+[[ ! -f "$ARCHIVE" ]] && { err "File not found: $ARCHIVE"; exit 1; }
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+TEMP_DIR=$(mktemp -d)
+trap "rm -rf $TEMP_DIR" EXIT
+
+info "Extracting backup..."
+tar -xzf "$ARCHIVE" -C "$TEMP_DIR"
+BACKUP_DIR=$(ls -d "$TEMP_DIR"/exe-backup-* 2>/dev/null | head -1)
+[[ -z "$BACKUP_DIR" ]] && { err "Invalid backup archive — no exe-backup-* directory found"; exit 1; }
+
+echo ""
+warn "This will OVERWRITE current config and restore the database."
+warn "Current data will be LOST. Make sure you have a backup of the current state."
+read -p "Type 'RESTORE' to confirm: " CONFIRM
+[[ "$CONFIRM" != "RESTORE" ]] && { err "Aborted."; exit 1; }
+
+# 1. Restore config files
+info "Restoring config files..."
+[[ -f "$BACKUP_DIR/env.bak" ]] && cp "$BACKUP_DIR/env.bak" "$SCRIPT_DIR/.env" && info ".env restored"
+[[ -f "$BACKUP_DIR/gateway.json" ]] && cp "$BACKUP_DIR/gateway.json" "$SCRIPT_DIR/gateway.json" && info "gateway.json restored"
+[[ -f "$BACKUP_DIR/branding.json" ]] && cp "$BACKUP_DIR/branding.json" "$SCRIPT_DIR/branding.json" && info "branding.json restored"
+[[ -d "$BACKUP_DIR/cloudflared" ]] && cp -r "$BACKUP_DIR/cloudflared" "$SCRIPT_DIR/" && info "cloudflared config restored"
+
+# 2. Restore postgres
+if [[ -f "$BACKUP_DIR/postgres.sql.gz" ]]; then
+  info "Restoring postgres database..."
+  docker compose up -d exe-db 2>/dev/null
+  sleep 5  # wait for postgres to be ready
+  gunzip -c "$BACKUP_DIR/postgres.sql.gz" | docker exec -i exe-db psql -U exe 2>/dev/null
+  info "Postgres restored"
+fi
+
+# 3. Restore gateway auth state
+if [[ -d "$BACKUP_DIR/gateway-data" ]]; then
+  info "Restoring gateway WhatsApp auth state..."
+  docker compose up -d exe-gateway 2>/dev/null
+  sleep 3
+  docker cp "$BACKUP_DIR/gateway-data/." exe-gateway:/data/ 2>/dev/null
+  docker restart exe-gateway 2>/dev/null
+  info "Gateway auth state restored (WhatsApp should reconnect)"
+fi
+
+# 4. Restore wiki storage
+if [[ -d "$BACKUP_DIR/wiki-storage" ]]; then
+  info "Restoring wiki storage..."
+  docker compose up -d exe-wiki 2>/dev/null
+  sleep 3
+  docker cp "$BACKUP_DIR/wiki-storage/." exe-wiki:/app/server/storage/ 2>/dev/null
+  info "Wiki storage restored"
+fi
+
+# 5. Start full stack
+info "Starting full stack..."
+docker compose up -d 2>&1
+
+info "Restore complete. Run ./status.sh to verify."

package/deploy/compose/setup.sh

@@ -0,0 +1,166 @@
+#!/usr/bin/env bash
+# exe-os stack first-time setup — run once on a fresh VPS.
+# Usage: ./setup.sh --client <name> --domain <domain> [--license <key>]
+set -euo pipefail
+
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+info() { echo -e "${GREEN}[setup]${NC} $1"; }
+warn() { echo -e "${YELLOW}[setup]${NC} $1"; }
+err() { echo -e "${RED}[setup]${NC} $1" >&2; }
+
+# Parse args
+CLIENT="" DOMAIN="" LICENSE=""
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    --client) CLIENT="$2"; shift 2;;
+    --domain) DOMAIN="$2"; shift 2;;
+    --license) LICENSE="$2"; shift 2;;
+    *) err "Unknown arg: $1"; exit 1;;
+  esac
+done
+[[ -z "$CLIENT" || -z "$DOMAIN" ]] && { err "Usage: ./setup.sh --client <name> --domain <domain>"; exit 1; }
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+cd "$SCRIPT_DIR"
+
+# Step 1: Docker + GHCR auth
+info "Step 1: Docker registry authentication"
+if ! docker info >/dev/null 2>&1; then
+  err "Docker is not running. Install Docker first: https://docs.docker.com/engine/install/"
+  exit 1
+fi
+
+if [[ -f .ghcr-token ]]; then
+  info "Logging into GHCR with stored token..."
+  cat .ghcr-token | docker login ghcr.io -u exe-os-pull --password-stdin 2>/dev/null || true
+elif [[ -n "${GHCR_TOKEN:-}" ]]; then
+  info "Logging into GHCR with GHCR_TOKEN env var..."
+  echo "$GHCR_TOKEN" | docker login ghcr.io -u exe-os-pull --password-stdin 2>/dev/null || true
+else
+  warn "No GHCR token found. Set GHCR_TOKEN env var or create .ghcr-token file."
+  warn "Images must be pullable — public or pre-authed."
+fi
+
+# Step 2: Generate .env
+info "Step 2: Generating .env file"
+if [[ -f .env ]]; then
+  warn ".env already exists — skipping generation. Delete .env to regenerate."
+else
+  if command -v node >/dev/null 2>&1; then
+    node -e "
+      const { generateEnv } = require('../../dist/deploy/compose/generate-env.js');
+      console.log(generateEnv({ clientName: '$CLIENT', domain: '$DOMAIN', licenseKey: '${LICENSE:-}' || undefined }));
+    " > .env 2>/dev/null || {
+      # Fallback: generate inline
+      info "Generating secrets inline..."
+      gen() { openssl rand -hex "$1"; }
+      cat > .env << ENVEOF
+POSTGRES_USER=exe
+POSTGRES_PASSWORD=$(gen 32)
+POSTGRES_DB=exedb
+CLICKHOUSE_DB=default
+CLICKHOUSE_USER=exe
+CLICKHOUSE_PASSWORD=$(gen 32)
+REDIS_PASSWORD=$(gen 32)
+GOTRUE_JWT_SECRET=$(gen 48)
+GOTRUE_SITE_URL=https://crm.${DOMAIN}
+GOTRUE_EXTERNAL_URL=https://auth.${DOMAIN}
+GOTRUE_DISABLE_SIGNUP=false
+GOTRUE_MAILER_AUTOCONFIRM=true
+CRM_IMAGE_TAG=ghcr.io/askexe/exe-crm:v0.9.3
+CRM_SERVER_URL=https://crm.${DOMAIN}
+CRM_APP_SECRET=$(gen 48)
+EXE_CRM_ADMIN_TOKEN=$(gen 48)
+CRM_HOST_PORT=3000
+WIKI_IMAGE_TAG=ghcr.io/askexe/exe-wiki:v0.9.4
+WIKI_DB_SCHEMA=wiki
+WIKI_VECTOR_DB=postgres
+WIKI_AUTH_TOKEN=$(gen 48)
+EXE_WIKI_ADMIN_TOKEN=$(gen 48)
+WIKI_JWT_SECRET=$(gen 48)
+WIKI_SIG_KEY=$(gen 48)
+WIKI_SIG_SALT=$(gen 16)
+WIKI_HOST_PORT=3001
+EXE_OS_IMAGE_TAG=ghcr.io/askexe/exe-os:v0.9.155
+EXED_MCP_TOKEN=$(gen 48)
+EXED_DEVICE_ID=vps-${CLIENT}
+EXE_CLOUD_SYNC_TO_POSTGRES=true
+EXE_LICENSE_KEY=${LICENSE:-CHANGEME_EXE_LICENSE_KEY}
+GATEWAY_IMAGE_TAG=ghcr.io/askexe/exe-gateway:v0.9.3
+EXE_GATEWAY_AUTH_TOKEN=$(gen 48)
+EXE_GATEWAY_WS_RELAY_AUTH_TOKEN=$(gen 48)
+EXE_GATEWAY_WHATSAPP_VERIFY_TOKEN=$(gen 32)
+API_ROUTER_URL=https://gateway.${DOMAIN}
+GATEWAY_HTTP_HOST_PORT=3100
+GATEWAY_WS_HOST_PORT=3101
+MONITOR_HUB_IMAGE_TAG=ghcr.io/askexe/exe-monitor-hub:v0.9.4
+MONITOR_AGENT_IMAGE_TAG=ghcr.io/askexe/exe-monitor-agent:v0.9.4
+EXE_MONITOR_ADMIN_TOKEN=$(gen 48)
+MONITOR_HUB_URL=https://monitor.${DOMAIN}
+MONITOR_AGENT_TOKEN=CHANGEME_MONITOR_AGENT_TOKEN
+MONITOR_AGENT_KEY=CHANGEME_MONITOR_AGENT_KEY
+MONITOR_AGENT_LISTEN=:45876
+MONITOR_HUB_PORT=8090
+ENVEOF
+    }
+  fi
+  info ".env generated with auto-generated secrets"
+fi
+
+# Step 3: Cloudflared tunnel config
+info "Step 3: Cloudflare Tunnel setup"
+if [[ ! -f cloudflared/config.yml ]]; then
+  if [[ -f cloudflared/config.yml.example ]]; then
+    warn "Copy cloudflared/config.yml.example → cloudflared/config.yml"
+    warn "Then set TUNNEL_ID and DOMAIN in the config."
+    warn "Create tunnel: cloudflared tunnel create exe-${CLIENT}"
+  fi
+else
+  info "Cloudflared config exists."
+fi
+
+# Step 4: Pull images
+info "Step 4: Pulling Docker images..."
+docker compose pull 2>&1 || { err "Image pull failed — check GHCR authentication"; exit 1; }
+
+# Step 5: Start stack
+info "Step 5: Starting stack..."
+docker compose up -d 2>&1
+
+# Step 6: Wait for health
+info "Step 6: Waiting for services to be healthy..."
+sleep 10
+HEALTHY=0
+for i in $(seq 1 30); do
+  COUNT=$(docker ps --filter "health=healthy" --format '{{.Names}}' | wc -l | tr -d ' ')
+  TOTAL=$(docker ps --format '{{.Names}}' | wc -l | tr -d ' ')
+  echo -ne "\r  $COUNT/$TOTAL healthy (attempt $i/30)..."
+  if [[ "$COUNT" -ge "$TOTAL" ]]; then HEALTHY=1; break; fi
+  sleep 5
+done
+echo ""
+[[ "$HEALTHY" -eq 1 ]] && info "All services healthy!" || warn "Some services not healthy yet — check docker ps"
+
+# Step 7: Verify
+info "Step 7: Verification"
+docker ps --format 'table {{.Names}}\t{{.Status}}'
+echo ""
+info "Stack deployed! Next steps:"
+echo "  1. Configure Cloudflare tunnel (if not done)"
+echo "  2. Open https://crm.${DOMAIN} to create admin account"
+echo "  3. Open https://wiki.${DOMAIN} to set up wiki"
+echo "  4. Configure WhatsApp: edit gateway.json, restart gateway, pair at https://gateway.${DOMAIN}/pair/<name>"
+echo "  5. Verify: curl https://crm.${DOMAIN}/healthz && curl https://wiki.${DOMAIN}/api/ping"
+
+# Step 8: Firewall — ensure outbound HTTPS is open
+info "Step 8: Checking network connectivity..."
+if curl -s --max-time 5 https://ghcr.io >/dev/null 2>&1; then
+  info "Outbound HTTPS working (GHCR reachable)"
+else
+  warn "Cannot reach ghcr.io — check firewall/network. Docker pulls will fail."
+fi
+if curl -s --max-time 5 https://api.cloudflare.com >/dev/null 2>&1; then
+  info "Cloudflare reachable"
+else
+  warn "Cannot reach Cloudflare — tunnel won't work."
+fi

package/deploy/compose/status.sh

@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+# exe-os stack health check — run anytime to verify all services.
+set -euo pipefail
+
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+
+echo "=== exe-os Stack Health ==="
+echo ""
+
+# Container status
+echo "Containers:"
+docker ps --format 'table {{.Names}}\t{{.Status}}' 2>/dev/null
+echo ""
+
+# Service health endpoints
+echo "Service Endpoints:"
+DOMAIN="${1:-localhost}"
+check() {
+  local name=$1 url=$2
+  CODE=$(curl -sk -o /dev/null -w "%{http_code}" --max-time 5 "$url" 2>/dev/null || echo "000")
+  if [[ "$CODE" == "200" ]]; then
+    echo -e "  ${GREEN}✅${NC} $name ($CODE)"
+  elif [[ "$CODE" == "401" ]]; then
+    echo -e "  ${YELLOW}🔒${NC} $name ($CODE — auth required, service is up)"
+  else
+    echo -e "  ${RED}❌${NC} $name ($CODE)"
+  fi
+}
+
+check "CRM"      "http://127.0.0.1:3000/healthz"
+check "Wiki"     "http://127.0.0.1:3001/api/ping"
+check "Gateway"  "http://127.0.0.1:3100/health"
+check "Monitor"  "http://127.0.0.1:8090/api/health"
+check "GoTrue"   "http://127.0.0.1:9999/health"
+check "exe-os"   "http://127.0.0.1:8765/health"
+
+echo ""
+
+# Database
+echo "Database:"
+docker exec exe-db psql -U exe -d exedb -c "SELECT schemaname, COUNT(*) as tables FROM pg_tables WHERE schemaname NOT IN ('pg_catalog','information_schema') GROUP BY schemaname ORDER BY schemaname;" 2>/dev/null || echo "  ❌ Cannot connect to database"
+
+echo ""
+
+# Disk/Memory
+echo "Resources:"
+echo "  RAM: $(free -h 2>/dev/null | awk '/^Mem:/ {print $3 "/" $2}' || echo 'N/A')"
+echo "  Disk: $(df -h / 2>/dev/null | awk 'NR==2 {print $3 "/" $2 " (" $5 " used)"}' || echo 'N/A')"

package/dist/bin/stack-update.js

@@ -508,11 +508,36 @@ async function runStackUpdate(options) {
     return { status: "planned", targetVersion: plan.targetVersion, changes: plan.changes, lockFile };
   }
   await postDeployAudit(options, "started", plan.targetVersion, previousVersion);
-  const backupDir = path.join(path.dirname(options.envFile), ".exe-stack-backups");
+  const stackDir = path.dirname(options.envFile);
+  const backupDir = path.join(stackDir, ".exe-stack-backups");
   mkdirSync(backupDir, { recursive: true });
   const stamp = now().toISOString().replace(/[:.]/g, "-");
-  const backupEnvFile = path.join(backupDir, `env-${stamp}.bak`);
+  const updateBackupDir = path.join(backupDir, `pre-update-${stamp}`);
+  mkdirSync(updateBackupDir, { recursive: true });
+  const backupEnvFile = path.join(updateBackupDir, "env.bak");
   writeFileSync(backupEnvFile, envRaw, { mode: 384 });
+  const protectedFiles = ["gateway.json", "branding.json"];
+  for (const f of protectedFiles) {
+    const src = path.join(stackDir, f);
+    try {
+      if (existsSync(src)) {
+        copyFileSync(src, path.join(updateBackupDir, f));
+      }
+    } catch {
+    }
+  }
+  const cfDir = path.join(stackDir, "cloudflared");
+  try {
+    if (existsSync(cfDir)) {
+      const cfBackup = path.join(updateBackupDir, "cloudflared");
+      mkdirSync(cfBackup, { recursive: true });
+      for (const f of readdirSync(cfDir)) {
+        copyFileSync(path.join(cfDir, f), path.join(cfBackup, f));
+      }
+    }
+  } catch {
+  }
+  console.log(`[stack-update] Config backed up to ${updateBackupDir}`);
   const updates = Object.fromEntries(plan.changes.map((c) => [c.key, c.after]));
   const patched = patchEnv(envRaw, updates);
   const tmp = `${options.envFile}.tmp-${process.pid}`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.155",
+  "version": "0.9.157",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",

package/release-notes.json

@@ -1,10 +1,12 @@
 {
-  "current": "0.9.155",
+  "current": "0.9.157",
   "notes": {
-    "0.9.155": {
-      "version": "0.9.155",
+    "0.9.157": {
+      "version": "0.9.157",
       "date": "2026-05-28",
       "features": [
+        "update safety + portable backups + restore",
+        "complete deployment readiness — all 14 second-pass blind spots fixed",
         "production-ready stack — all 15 blind spots fixed",
         "blocked task notification — ping dispatcher immediately on status change",
         "self-improving skills — usage tracking, success counting, and refinement daemon",
@@ -27,9 +29,7 @@
         "device-scoped behaviors — add device_id column + filter on load",
         "gateway prompt injection defense — 3-tier security hardening",
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
-        "add task dependency tree visualization (action=dependency_tree)",
-        "graceful COO auto-relaunch after context-full exit",
-        "desktop push notifications on task completion (macOS/Linux)"
+        "add task dependency tree visualization (action=dependency_tree)"
       ],
       "fixes": [
         "add scope import to prompt-submit — gate pass",
@@ -104,10 +104,13 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.154": {
-      "version": "0.9.154",
+    "0.9.156": {
+      "version": "0.9.156",
       "date": "2026-05-28",
       "features": [
+        "complete deployment readiness — all 14 second-pass blind spots fixed",
+        "production-ready stack — all 15 blind spots fixed",
+        "blocked task notification — ping dispatcher immediately on status change",
         "self-improving skills — usage tracking, success counting, and refinement daemon",
         "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
         "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
@@ -129,12 +132,13 @@
         "gateway prompt injection defense — 3-tier security hardening",
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
         "add task dependency tree visualization (action=dependency_tree)",
-        "graceful COO auto-relaunch after context-full exit",
-        "desktop push notifications on task completion (macOS/Linux)",
-        "rename GHCR image exed → exe-os across all deploy/stack references",
-        "passive daemon-restart detection — agents get one-time /mcp notice"
+        "graceful COO auto-relaunch after context-full exit"
       ],
       "fixes": [
+        "add scope import to prompt-submit — gate pass",
+        "add writeFileSync import to config.ts",
+        "persist cloud endpoint migration to config.json — stop logging on every boot",
+        "include memory_type in pushToPostgres metadata — was stripped on sync",
         "add scope import to daemon-orchestration — satisfies customer-readiness gate",
         "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
         "make skill lifecycle fields optional on Behavior interface — unblocks publish",
@@ -155,11 +159,7 @@
         "close remaining session-scoping findings from Bob's audit",
         "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
         "diagnostics check_update ENOENT + healthcheck timeout",
-        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
-        "correct graph column names in federated recall query",
-        "review notifications never reached reviewer — signal file gate was dead code",
-        "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
-        "generate valid UUIDs in projection worker stableId + add wiki.* projection"
+        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -176,6 +176,8 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "rename memory schema → graph across codebase",
+        "unified access control — admin token + GoTrue across all services",
         "capture data pipeline spec — raw → filter → wiki + CRM projection",
         "bump to v0.9.149 — task lifecycle simplification + review notification fix",
         "capture gateway connection observability requirements (2026-05-28)",
@@ -198,19 +200,20 @@
         "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
         "PG-1 cross-repo entity federation design document",
         "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification",
-        "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
+        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.153": {
-      "version": "0.9.153",
+    "0.9.155": {
+      "version": "0.9.155",
       "date": "2026-05-28",
       "features": [
+        "production-ready stack — all 15 blind spots fixed",
+        "blocked task notification — ping dispatcher immediately on status change",
+        "self-improving skills — usage tracking, success counting, and refinement daemon",
         "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
         "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
         "run database migrations before container swap in stack-update",
@@ -232,12 +235,18 @@
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
         "add task dependency tree visualization (action=dependency_tree)",
         "graceful COO auto-relaunch after context-full exit",
-        "desktop push notifications on task completion (macOS/Linux)",
-        "rename GHCR image exed → exe-os across all deploy/stack references",
-        "passive daemon-restart detection — agents get one-time /mcp notice",
-        "daemon restart orchestrator — single authority for all restart decisions"
+        "desktop push notifications on task completion (macOS/Linux)"
       ],
       "fixes": [
+        "add scope import to prompt-submit — gate pass",
+        "add writeFileSync import to config.ts",
+        "persist cloud endpoint migration to config.json — stop logging on every boot",
+        "include memory_type in pushToPostgres metadata — was stripped on sync",
+        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
+        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
+        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
+        "session isolation for tmux kill — block cross-scope session kills",
+        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
         "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
         "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
         "include memory_type in cloud sync push/pull + fix backfill re-sync",
@@ -252,17 +261,8 @@
         "add shipped_version to support triage + clean platform procedures",
         "close remaining session-scoping findings from Bob's audit",
         "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
-        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
-        "correct graph column names in federated recall query",
         "diagnostics check_update ENOENT + healthcheck timeout",
-        "review notifications never reached reviewer — signal file gate was dead code",
-        "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
-        "generate valid UUIDs in projection worker stableId + add wiki.* projection",
-        "RSS backpressure + safe Metal shutdown for embedding daemon OOM",
-        "multi-Tom dispatch — per-task signal files + atomic claim + herd prevention",
-        "restrict project_name='all' to coordinators only in list_tasks",
-        "CRM Dockerfile multi-arch — BUILDPLATFORM for build stages, rebuild bcrypt",
-        "enhance intercom log with caller/task/trigger metadata for tracing"
+        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -279,6 +279,8 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "rename memory schema → graph across codebase",
+        "unified access control — admin token + GoTrue across all services",
         "capture data pipeline spec — raw → filter → wiki + CRM projection",
         "bump to v0.9.149 — task lifecycle simplification + review notification fix",
         "capture gateway connection observability requirements (2026-05-28)",
@@ -301,19 +303,20 @@
         "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
         "PG-1 cross-repo entity federation design document",
         "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification",
-        "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
+        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.150": {
-      "version": "0.9.150",
+    "0.9.154": {
+      "version": "0.9.154",
       "date": "2026-05-28",
       "features": [
+        "self-improving skills — usage tracking, success counting, and refinement daemon",
+        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
+        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
         "run database migrations before container swap in stack-update",
         "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
         "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
@@ -335,12 +338,21 @@
         "graceful COO auto-relaunch after context-full exit",
         "desktop push notifications on task completion (macOS/Linux)",
         "rename GHCR image exed → exe-os across all deploy/stack references",
-        "passive daemon-restart detection — agents get one-time /mcp notice",
-        "daemon restart orchestrator — single authority for all restart decisions",
-        "query router cache tuning + cross-session tasks + shared skills",
-        "socket health probe + tmux env guard + reviewer queue fallback (features 1, 2)"
+        "passive daemon-restart detection — agents get one-time /mcp notice"
       ],
       "fixes": [
+        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
+        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
+        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
+        "session isolation for tmux kill — block cross-scope session kills",
+        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
+        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
+        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
+        "include memory_type in cloud sync push/pull + fix backfill re-sync",
+        "session-scope signal file system — prevent cross-session task/review bleed",
+        "session-scope notification routing — use row.session_scope over ambient",
+        "daemon NEVER guesses session from tmux — header-only routing",
+        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
         "federated recall always searches code_context + graph — count threshold was useless",
         "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
         "ONE postgres — replace crm-postgres with exe-db across entire stack",
@@ -348,24 +360,12 @@
         "add shipped_version to support triage + clean platform procedures",
         "close remaining session-scoping findings from Bob's audit",
         "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
+        "diagnostics check_update ENOENT + healthcheck timeout",
         "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
         "correct graph column names in federated recall query",
-        "diagnostics check_update ENOENT + healthcheck timeout",
         "review notifications never reached reviewer — signal file gate was dead code",
         "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
-        "generate valid UUIDs in projection worker stableId + add wiki.* projection",
-        "RSS backpressure + safe Metal shutdown for embedding daemon OOM",
-        "multi-Tom dispatch — per-task signal files + atomic claim + herd prevention",
-        "restrict project_name='all' to coordinators only in list_tasks",
-        "CRM Dockerfile multi-arch — BUILDPLATFORM for build stages, rebuild bcrypt",
-        "enhance intercom log with caller/task/trigger metadata for tracing",
-        "project-scope review queries — no more cross-project review pollution",
-        "remove unused getActiveAgent import in list-tasks",
-        "project-scope ALL task queries — prevents cross-project pollution",
-        "hash-based cloud pull conflict detection + indentation-aware Python/Rust chunker",
-        "add sessionScopeFilter to worker-gate + create-task queries",
-        "replace require() with ESM import in shouldAutoInstance",
-        "intercom-check passes project_name to scanFromDb — prevents cross-project task pollution"
+        "generate valid UUIDs in projection worker stableId + add wiki.* projection"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -382,6 +382,7 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "capture data pipeline spec — raw → filter → wiki + CRM projection",
         "bump to v0.9.149 — task lifecycle simplification + review notification fix",
         "capture gateway connection observability requirements (2026-05-28)",
         "bump to v0.9.146 for publish",
@@ -405,70 +406,69 @@
         "add lint step + automated npm publish workflow",
         "audit: scoped SQL + package budget + TUI vendored + TODO classification",
         "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)",
-        "capture mcp restart self-healing roadmap"
+        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.144": {
-      "version": "0.9.144",
-      "date": "2026-05-26",
+    "0.9.153": {
+      "version": "0.9.153",
+      "date": "2026-05-28",
       "features": [
-        "close_task auto-merges PR + pulls main + builds + prunes + respawns",
-        "auto-respawn Tom after close_task if more tasks queued",
-        "message WAL fallback — messages survive daemon downtime",
-        "entity type hierarchy — subtypes with rollup queries (PG-2)",
-        "temporal validity windows for graph queries (PG-3)",
-        "backup restore CLI + restoreBackup function",
-        "ESLint setup + dependency hygiene + any type reduction",
-        "config(action=\"hire\") MCP tool — COO can hire employees directly",
-        "GM (General Manager) role template + hiring guidance",
-        "merge gate warning in close_task — catches unmerged PRs",
-        "behavior hygiene — platform procedure + COO identity + company procedure",
-        "MCP auto-reconnect to daemon — survives deploy restarts transparently",
-        "event-driven notifications — stop polling managers, let task state drive everything",
-        "MCP disconnect tracker + daemon observability",
-        "MCP lifecycle logging to file — FULL transparency on every disconnect",
-        "automatic P0 bug fixing — daemon auto-dispatch + GitHub Actions fallback",
-        "enforce worktrees for engineer sessions — prevent direct main commits",
-        "multi-device coordination — routing, handoff, device status",
-        "hook tamper protection — SHA-256 manifest + verification before spawn",
-        "governed collaborative memory — visibility tags + write governance",
-        "cache-sharing protocol — pub/sub memory bus for inter-agent sharing",
-        "multi-modal memory — media attachments on memories",
-        "comprehensive \"last 20%\" integration tests + audit_trail read path",
-        "wire memory poisoning defense into writeMemory() pipeline",
-        "memory poisoning defense — trust levels, anomaly detection, quarantine"
+        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
+        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
+        "run database migrations before container swap in stack-update",
+        "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
+        "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
+        "federated recall — code_context + graph fallback when memory results weak",
+        "migrate cloud.askexe.com → api.askexe.com across all src/ defaults",
+        "rolling restart in stack-update — one service at a time with health verification",
+        "DMR benchmark harness + LoCoMo improvements for v0.9.145 evaluation",
+        "Windows/WSL support — WezTerm config + WSL detection in setup wizard",
+        "queryTaskRows() consolidation — single scoped query path for all task list operations",
+        "review signal files — reliable reviewer notification on update_task(done)",
+        "Ghostty-native notifications via OSC 9 — no more Script Editor popup",
+        "device-scoped behaviors — device_id column + filter in loading",
+        "dispatch reliability — 45s boot timeout, dispatch ack signals, agent heartbeat",
+        "setup wizard headless mode + daemon health check after restart",
+        "device-scoped behaviors — add device_id column + filter on load",
+        "gateway prompt injection defense — 3-tier security hardening",
+        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
+        "add task dependency tree visualization (action=dependency_tree)",
+        "graceful COO auto-relaunch after context-full exit",
+        "desktop push notifications on task completion (macOS/Linux)",
+        "rename GHCR image exed → exe-os across all deploy/stack references",
+        "passive daemon-restart detection — agents get one-time /mcp notice",
+        "daemon restart orchestrator — single authority for all restart decisions"
       ],
       "fixes": [
-        "remove unused test imports blocking publish",
-        "resolve all typecheck errors — await-in-sync + type mismatches",
-        "remaining require() → ESM imports in daemon (db-backup, intercom, shutdown)",
-        "eliminate CJS require() from ESM daemon + reliable task signal delivery",
-        "migrate critical writeFileSync to atomicWrite — prevent corruption on crash (Track C)",
-        "security hardening — SQL injection lint + TUI input sanitize + MCP rate limiter (Track D)",
-        "clear public launch readiness blockers",
-        "prune old worktree on close_task before respawning fresh",
-        "exe-launch-agent resolves multi-instance names — tom2/tom3 no longer rejected",
-        "worktree isolation for all runtimes + token budget enforcement + atomic memory versioning",
-        "cross-device sync dedup — cooldown key prevents duplicate pushes",
-        "merge gate checks branch name not git author — was silently passing",
-        "resume_employee uses autoInstance — spawns tom2/tom3 for parallel",
-        "security hardening — fail-closed behavior auth gates",
-        "send_message intercom uses force:true — bypass 5-min debounce",
-        "global session cap 10→50 — match MCP session cap",
-        "/exe-call ALWAYS fires + tmux send-keys blocked for ALL agents",
-        "SIGTERM graceful shutdown — remove process.exit(0) from initMetrics",
-        "stale task escalation — surface alive-but-stalled agents to COO",
-        "cloud sync upsert + entity type hierarchy + temporal validity + file_copy security",
-        "daemon memory leak + duplicate watchdog + HTTP body limit + WAL flush",
-        "heap pressure alarm was false positive — compared heapUsed/heapTotal instead of heapUsed/heapLimit",
-        "strengthen scoped SQL audit — cover UPDATE/INSERT, expand exemptions",
-        "hard block tmux send-keys for non-coordinator agents",
-        "MCP disconnect procedure — explicitly block tmux send-keys workaround"
+        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
+        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
+        "include memory_type in cloud sync push/pull + fix backfill re-sync",
+        "session-scope signal file system — prevent cross-session task/review bleed",
+        "session-scope notification routing — use row.session_scope over ambient",
+        "daemon NEVER guesses session from tmux — header-only routing",
+        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
+        "federated recall always searches code_context + graph — count threshold was useless",
+        "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
+        "ONE postgres — replace crm-postgres with exe-db across entire stack",
+        "smart session-scoping gate + last boot cleanup leak + triage_bug docs",
+        "add shipped_version to support triage + clean platform procedures",
+        "close remaining session-scoping findings from Bob's audit",
+        "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
+        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
+        "correct graph column names in federated recall query",
+        "diagnostics check_update ENOENT + healthcheck timeout",
+        "review notifications never reached reviewer — signal file gate was dead code",
+        "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
+        "generate valid UUIDs in projection worker stableId + add wiki.* projection",
+        "RSS backpressure + safe Metal shutdown for embedding daemon OOM",
+        "multi-Tom dispatch — per-task signal files + atomic claim + herd prevention",
+        "restrict project_name='all' to coordinators only in list_tasks",
+        "CRM Dockerfile multi-arch — BUILDPLATFORM for build stages, rebuild bcrypt",
+        "enhance intercom log with caller/task/trigger metadata for tracing"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -485,7 +485,18 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "capture data pipeline spec — raw → filter → wiki + CRM projection",
+        "bump to v0.9.149 — task lifecycle simplification + review notification fix",
+        "capture gateway connection observability requirements (2026-05-28)",
+        "bump to v0.9.146 for publish",
+        "Windows support architecture — WezTerm + WSL decision (2026-05-27)",
+        "Merge branch 'tom4-work' — device-scoped behaviors + push-notification fix",
+        "bump to v0.9.145 for publish",
+        "revert: keep workflow files unchanged — GitHub OAuth blocks workflow scope",
+        "stage remaining Yoshi fixes — features + bug cleanup",
+        "add tests for daemon restart orchestrator module",
         "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
+        "add MCP tool tests for message, cloud-sync, and file-copy",
         "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
         "Recover MCP sessions after daemon restart",
         "publish v0.9.143 — all fixes live",
@@ -498,18 +509,7 @@
         "add lint step + automated npm publish workflow",
         "audit: scoped SQL + package budget + TUI vendored + TODO classification",
         "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)",
-        "capture mcp restart self-healing roadmap",
-        "Enforce chain of command task review parity",
-        "document raw SQL fallback in orchestrator auto-approve path",
-        "Finalize orchestration rollout fixes",
-        "Scope device governance task queries",
-        "bump v0.9.138 — 7 critical bug fixes, 10 features, 16 commits",
-        "bump v0.9.137 — Memanto typed schema, push notifications, lazy consolidation",
-        "bump v0.9.136 — daemon OOM fix, process monitor, auto-notify reviewer",
-        "bump v0.9.135 — code debt cleanup, 28 new tests, full observability",
-        "Codex MCP regression tests (18) + DB singleton integration tests (10)",
-        "release notes for v0.9.134"
+        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",