@askexenow/exe-os 0.9.156 → 0.9.157

package/deploy/compose/PROTECTED_FILES.md

@@ -0,0 +1,34 @@
+# Protected Files — NEVER overwritten by stack-update
+
+These files contain customer configuration. `exe-os stack-update` MUST NOT
+touch them. If a file needs to change, the update should add a NEW file
+and log a migration notice, not replace the existing one.
+
+## Config files (bind-mounted, customer-owned after first setup)
+- `.env` — all secrets, tokens, passwords (PATCHED, never replaced)
+- `gateway.json` — WhatsApp adapter config, account names
+- `branding.json` — customer brand colors, fonts, logo
+- `cloudflared/config.yml` — tunnel ID, credentials, ingress routes
+- `cloudflared/*.json` — tunnel credential files
+
+## Data volumes (Docker managed, persist across updates)
+- `postgres_data` — all database data (CRM, wiki, graph, raw, gateway)
+- `gateway_data` — Baileys WhatsApp auth state (creds.json, sessions)
+- `wiki_data` — uploaded documents, workspace storage
+- `crm_data` — CRM local file storage
+- `monitor_hub_data` — PocketBase data, alert history
+- `monitor_agent_data` — agent metrics cache
+- `redis_data` — CRM job queue, session cache
+- `clickhouse_data` — CRM analytics
+- `exe_os_data` — daemon state, SQLCipher memory DB
+
+## What CAN be updated safely
+- Docker images (pulled, not built locally)
+- `init-db.sql` (only runs on FIRST postgres boot, not on restarts)
+- `docker-compose.yml` (can be replaced — it references configs by path)
+- Deploy scripts (setup.sh, backup.sh, status.sh)
+
+## Golden rule
+If `docker compose down && docker compose up -d` loses customer data
+or config, the compose is WRONG. Volumes and bind mounts must survive
+any container lifecycle operation EXCEPT `docker compose down -v`.

package/deploy/compose/backup.sh

@@ -1,37 +1,117 @@
 #!/usr/bin/env bash
-# Automated backup for exe-os stack — runs daily via cron or systemd timer.
-# Backs up: postgres (all databases), gateway auth state, wiki storage.
+# exe-os stack backup — full data + config, portable to any destination.
+#
+# Usage:
+#   ./backup.sh                          # Backup to /opt/exe-backups/
+#   ./backup.sh --output /tmp/backup     # Backup to custom dir
+#   ./backup.sh --download               # Create backup + print download command
+#   ./backup.sh --upload-r2              # Backup + upload to Cloudflare R2
+#   ./backup.sh --upload-s3 s3://bucket  # Backup + upload to S3
+#
 set -euo pipefail
 
 BACKUP_DIR="${BACKUP_DIR:-/opt/exe-backups}"
 RETENTION_DAYS="${BACKUP_RETENTION_DAYS:-7}"
 DATE=$(date +%Y%m%d-%H%M%S)
-COMPOSE_DIR="$(cd "$(dirname "$0")" && pwd)"
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+DOWNLOAD_MODE=false
+UPLOAD_R2=false
+UPLOAD_S3=""
+
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    --output) BACKUP_DIR="$2"; shift 2;;
+    --download) DOWNLOAD_MODE=true; shift;;
+    --upload-r2) UPLOAD_R2=true; shift;;
+    --upload-s3) UPLOAD_S3="$2"; shift 2;;
+    *) shift;;
+  esac
+done
 
 mkdir -p "$BACKUP_DIR"
+ARCHIVE="$BACKUP_DIR/exe-backup-$DATE"
+mkdir -p "$ARCHIVE"
 
-echo "[backup] Starting exe-os stack backup ($DATE)"
+echo "[backup] Starting exe-os full stack backup ($DATE)"
 
 # 1. Postgres dump (all databases)
 echo "[backup] Dumping postgres..."
-docker exec exe-db pg_dumpall -U exe > "$BACKUP_DIR/postgres-$DATE.sql" 2>/dev/null
-gzip "$BACKUP_DIR/postgres-$DATE.sql"
-echo "[backup] Postgres: $(du -h "$BACKUP_DIR/postgres-$DATE.sql.gz" | cut -f1)"
+docker exec exe-db pg_dumpall -U exe > "$ARCHIVE/postgres.sql" 2>/dev/null || echo "[backup] Postgres dump failed"
+gzip "$ARCHIVE/postgres.sql" 2>/dev/null || true
+
+# 2. Customer config files (.env, gateway.json, branding.json, cloudflared)
+echo "[backup] Backing up config files..."
+cp "$SCRIPT_DIR/.env" "$ARCHIVE/env.bak" 2>/dev/null || true
+cp "$SCRIPT_DIR/gateway.json" "$ARCHIVE/gateway.json" 2>/dev/null || true
+cp "$SCRIPT_DIR/branding.json" "$ARCHIVE/branding.json" 2>/dev/null || true
+cp -r "$SCRIPT_DIR/cloudflared" "$ARCHIVE/cloudflared" 2>/dev/null || true
 
-# 2. Gateway auth state (Baileys creds)
-echo "[backup] Backing up gateway auth state..."
-docker cp exe-gateway:/data/. "$BACKUP_DIR/gateway-$DATE/" 2>/dev/null || echo "[backup] Gateway backup skipped (not running)"
-tar -czf "$BACKUP_DIR/gateway-$DATE.tar.gz" -C "$BACKUP_DIR" "gateway-$DATE" 2>/dev/null && rm -rf "$BACKUP_DIR/gateway-$DATE"
+# 3. Gateway auth state (Baileys creds — critical for WhatsApp connection)
+echo "[backup] Backing up gateway WhatsApp auth state..."
+docker cp exe-gateway:/data/. "$ARCHIVE/gateway-data/" 2>/dev/null || echo "[backup] Gateway data skipped"
 
-# 3. Wiki storage (uploaded docs)
+# 4. Wiki storage (uploaded documents)
 echo "[backup] Backing up wiki storage..."
-docker cp exe-wiki:/app/server/storage/. "$BACKUP_DIR/wiki-$DATE/" 2>/dev/null || echo "[backup] Wiki backup skipped"
-tar -czf "$BACKUP_DIR/wiki-$DATE.tar.gz" -C "$BACKUP_DIR" "wiki-$DATE" 2>/dev/null && rm -rf "$BACKUP_DIR/wiki-$DATE"
+docker cp exe-wiki:/app/server/storage/. "$ARCHIVE/wiki-storage/" 2>/dev/null || echo "[backup] Wiki storage skipped"
+
+# 5. exe-os daemon state (optional — SQLCipher DB is local-first, not critical for VPS)
+echo "[backup] Backing up exe-os state..."
+docker cp exe-os:/home/exed/.exe-os/. "$ARCHIVE/exe-os-data/" 2>/dev/null || echo "[backup] exe-os data skipped"
+
+# 6. Create single archive
+echo "[backup] Creating archive..."
+TARFILE="$BACKUP_DIR/exe-backup-$DATE.tar.gz"
+tar -czf "$TARFILE" -C "$BACKUP_DIR" "exe-backup-$DATE" 2>/dev/null
+rm -rf "$ARCHIVE"
+echo "[backup] Archive: $TARFILE ($(du -h "$TARFILE" | cut -f1))"
 
-# 4. Retention — delete backups older than N days
+# 7. Retention — delete old backups
 echo "[backup] Cleaning backups older than $RETENTION_DAYS days..."
-find "$BACKUP_DIR" -name "*.gz" -mtime "+$RETENTION_DAYS" -delete 2>/dev/null
-find "$BACKUP_DIR" -name "*.sql" -mtime "+$RETENTION_DAYS" -delete 2>/dev/null
+find "$BACKUP_DIR" -name "exe-backup-*.tar.gz" -mtime "+$RETENTION_DAYS" -delete 2>/dev/null
+
+# 8. Download instructions
+if $DOWNLOAD_MODE; then
+  echo ""
+  echo "=== Download to your local machine ==="
+  echo "Run on your local machine:"
+  echo ""
+  HOSTNAME=$(hostname)
+  IP=$(curl -s ifconfig.me 2>/dev/null || echo "<VPS_IP>")
+  echo "  scp root@$IP:$TARFILE ./exe-backup-$DATE.tar.gz"
+  echo ""
+  echo "Or via Tailscale:"
+  TS_IP=$(tailscale ip -4 2>/dev/null || echo "<TAILSCALE_IP>")
+  echo "  scp root@$TS_IP:$TARFILE ./exe-backup-$DATE.tar.gz"
+  echo ""
+  echo "To restore on a new VPS:"
+  echo "  tar -xzf exe-backup-$DATE.tar.gz"
+  echo "  cp env.bak /opt/exe-stack/.env"
+  echo "  cp gateway.json /opt/exe-stack/"
+  echo "  cp branding.json /opt/exe-stack/"
+  echo "  cp -r cloudflared/ /opt/exe-stack/"
+  echo "  cat postgres.sql.gz | gunzip | docker exec -i exe-db psql -U exe"
+  echo "  docker compose up -d"
+fi
+
+# 9. Upload to R2 (Cloudflare)
+if $UPLOAD_R2; then
+  echo "[backup] Uploading to Cloudflare R2..."
+  if command -v rclone >/dev/null 2>&1; then
+    rclone copy "$TARFILE" r2:exe-backups/ 2>&1 && echo "[backup] R2 upload complete" || echo "[backup] R2 upload failed"
+  elif command -v aws >/dev/null 2>&1; then
+    aws s3 cp "$TARFILE" "s3://exe-backups/$(basename "$TARFILE")" --endpoint-url "${R2_ENDPOINT:-}" 2>&1 || echo "[backup] R2 upload failed — configure R2_ENDPOINT"
+  else
+    echo "[backup] Install rclone or aws-cli for R2 upload"
+  fi
+fi
+
+# 10. Upload to S3
+if [[ -n "$UPLOAD_S3" ]]; then
+  echo "[backup] Uploading to S3..."
+  aws s3 cp "$TARFILE" "$UPLOAD_S3/$(basename "$TARFILE")" 2>&1 && echo "[backup] S3 upload complete" || echo "[backup] S3 upload failed"
+fi
 
-echo "[backup] Done. Backups at $BACKUP_DIR:"
-ls -lh "$BACKUP_DIR"/*.gz 2>/dev/null | tail -5
+echo "[backup] Done."
+echo ""
+echo "Backups:"
+ls -lh "$BACKUP_DIR"/exe-backup-*.tar.gz 2>/dev/null | tail -5

package/deploy/compose/restore.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+# exe-os stack restore — restore from a backup archive.
+#
+# Usage:
+#   ./restore.sh /path/to/exe-backup-YYYYMMDD-HHMMSS.tar.gz
+#
+# WARNING: This overwrites current config and database. Make a backup first.
+set -euo pipefail
+
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
+info() { echo -e "${GREEN}[restore]${NC} $1"; }
+warn() { echo -e "${YELLOW}[restore]${NC} $1"; }
+err() { echo -e "${RED}[restore]${NC} $1" >&2; }
+
+ARCHIVE="${1:-}"
+[[ -z "$ARCHIVE" ]] && { err "Usage: ./restore.sh <backup-archive.tar.gz>"; exit 1; }
+[[ ! -f "$ARCHIVE" ]] && { err "File not found: $ARCHIVE"; exit 1; }
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+TEMP_DIR=$(mktemp -d)
+trap "rm -rf $TEMP_DIR" EXIT
+
+info "Extracting backup..."
+tar -xzf "$ARCHIVE" -C "$TEMP_DIR"
+BACKUP_DIR=$(ls -d "$TEMP_DIR"/exe-backup-* 2>/dev/null | head -1)
+[[ -z "$BACKUP_DIR" ]] && { err "Invalid backup archive — no exe-backup-* directory found"; exit 1; }
+
+echo ""
+warn "This will OVERWRITE current config and restore the database."
+warn "Current data will be LOST. Make sure you have a backup of the current state."
+read -p "Type 'RESTORE' to confirm: " CONFIRM
+[[ "$CONFIRM" != "RESTORE" ]] && { err "Aborted."; exit 1; }
+
+# 1. Restore config files
+info "Restoring config files..."
+[[ -f "$BACKUP_DIR/env.bak" ]] && cp "$BACKUP_DIR/env.bak" "$SCRIPT_DIR/.env" && info ".env restored"
+[[ -f "$BACKUP_DIR/gateway.json" ]] && cp "$BACKUP_DIR/gateway.json" "$SCRIPT_DIR/gateway.json" && info "gateway.json restored"
+[[ -f "$BACKUP_DIR/branding.json" ]] && cp "$BACKUP_DIR/branding.json" "$SCRIPT_DIR/branding.json" && info "branding.json restored"
+[[ -d "$BACKUP_DIR/cloudflared" ]] && cp -r "$BACKUP_DIR/cloudflared" "$SCRIPT_DIR/" && info "cloudflared config restored"
+
+# 2. Restore postgres
+if [[ -f "$BACKUP_DIR/postgres.sql.gz" ]]; then
+  info "Restoring postgres database..."
+  docker compose up -d exe-db 2>/dev/null
+  sleep 5  # wait for postgres to be ready
+  gunzip -c "$BACKUP_DIR/postgres.sql.gz" | docker exec -i exe-db psql -U exe 2>/dev/null
+  info "Postgres restored"
+fi
+
+# 3. Restore gateway auth state
+if [[ -d "$BACKUP_DIR/gateway-data" ]]; then
+  info "Restoring gateway WhatsApp auth state..."
+  docker compose up -d exe-gateway 2>/dev/null
+  sleep 3
+  docker cp "$BACKUP_DIR/gateway-data/." exe-gateway:/data/ 2>/dev/null
+  docker restart exe-gateway 2>/dev/null
+  info "Gateway auth state restored (WhatsApp should reconnect)"
+fi
+
+# 4. Restore wiki storage
+if [[ -d "$BACKUP_DIR/wiki-storage" ]]; then
+  info "Restoring wiki storage..."
+  docker compose up -d exe-wiki 2>/dev/null
+  sleep 3
+  docker cp "$BACKUP_DIR/wiki-storage/." exe-wiki:/app/server/storage/ 2>/dev/null
+  info "Wiki storage restored"
+fi
+
+# 5. Start full stack
+info "Starting full stack..."
+docker compose up -d 2>&1
+
+info "Restore complete. Run ./status.sh to verify."

package/dist/bin/stack-update.js

@@ -508,11 +508,36 @@ async function runStackUpdate(options) {
     return { status: "planned", targetVersion: plan.targetVersion, changes: plan.changes, lockFile };
   }
   await postDeployAudit(options, "started", plan.targetVersion, previousVersion);
-  const backupDir = path.join(path.dirname(options.envFile), ".exe-stack-backups");
+  const stackDir = path.dirname(options.envFile);
+  const backupDir = path.join(stackDir, ".exe-stack-backups");
   mkdirSync(backupDir, { recursive: true });
   const stamp = now().toISOString().replace(/[:.]/g, "-");
-  const backupEnvFile = path.join(backupDir, `env-${stamp}.bak`);
+  const updateBackupDir = path.join(backupDir, `pre-update-${stamp}`);
+  mkdirSync(updateBackupDir, { recursive: true });
+  const backupEnvFile = path.join(updateBackupDir, "env.bak");
   writeFileSync(backupEnvFile, envRaw, { mode: 384 });
+  const protectedFiles = ["gateway.json", "branding.json"];
+  for (const f of protectedFiles) {
+    const src = path.join(stackDir, f);
+    try {
+      if (existsSync(src)) {
+        copyFileSync(src, path.join(updateBackupDir, f));
+      }
+    } catch {
+    }
+  }
+  const cfDir = path.join(stackDir, "cloudflared");
+  try {
+    if (existsSync(cfDir)) {
+      const cfBackup = path.join(updateBackupDir, "cloudflared");
+      mkdirSync(cfBackup, { recursive: true });
+      for (const f of readdirSync(cfDir)) {
+        copyFileSync(path.join(cfDir, f), path.join(cfBackup, f));
+      }
+    }
+  } catch {
+  }
+  console.log(`[stack-update] Config backed up to ${updateBackupDir}`);
   const updates = Object.fromEntries(plan.changes.map((c) => [c.key, c.after]));
   const patched = patchEnv(envRaw, updates);
   const tmp = `${options.envFile}.tmp-${process.pid}`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.156",
+  "version": "0.9.157",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",

package/release-notes.json

@@ -1,10 +1,11 @@
 {
-  "current": "0.9.156",
+  "current": "0.9.157",
   "notes": {
-    "0.9.156": {
-      "version": "0.9.156",
+    "0.9.157": {
+      "version": "0.9.157",
       "date": "2026-05-28",
       "features": [
+        "update safety + portable backups + restore",
         "complete deployment readiness — all 14 second-pass blind spots fixed",
         "production-ready stack — all 15 blind spots fixed",
         "blocked task notification — ping dispatcher immediately on status change",
@@ -28,8 +29,7 @@
         "device-scoped behaviors — add device_id column + filter on load",
         "gateway prompt injection defense — 3-tier security hardening",
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
-        "add task dependency tree visualization (action=dependency_tree)",
-        "graceful COO auto-relaunch after context-full exit"
+        "add task dependency tree visualization (action=dependency_tree)"
       ],
       "fixes": [
         "add scope import to prompt-submit — gate pass",
@@ -104,10 +104,11 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.155": {
-      "version": "0.9.155",
+    "0.9.156": {
+      "version": "0.9.156",
       "date": "2026-05-28",
       "features": [
+        "complete deployment readiness — all 14 second-pass blind spots fixed",
         "production-ready stack — all 15 blind spots fixed",
         "blocked task notification — ping dispatcher immediately on status change",
         "self-improving skills — usage tracking, success counting, and refinement daemon",
@@ -131,8 +132,7 @@
         "gateway prompt injection defense — 3-tier security hardening",
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
         "add task dependency tree visualization (action=dependency_tree)",
-        "graceful COO auto-relaunch after context-full exit",
-        "desktop push notifications on task completion (macOS/Linux)"
+        "graceful COO auto-relaunch after context-full exit"
       ],
       "fixes": [
         "add scope import to prompt-submit — gate pass",
@@ -207,10 +207,12 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.154": {
-      "version": "0.9.154",
+    "0.9.155": {
+      "version": "0.9.155",
       "date": "2026-05-28",
       "features": [
+        "production-ready stack — all 15 blind spots fixed",
+        "blocked task notification — ping dispatcher immediately on status change",
         "self-improving skills — usage tracking, success counting, and refinement daemon",
         "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
         "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
@@ -233,11 +235,13 @@
         "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
         "add task dependency tree visualization (action=dependency_tree)",
         "graceful COO auto-relaunch after context-full exit",
-        "desktop push notifications on task completion (macOS/Linux)",
-        "rename GHCR image exed → exe-os across all deploy/stack references",
-        "passive daemon-restart detection — agents get one-time /mcp notice"
+        "desktop push notifications on task completion (macOS/Linux)"
       ],
       "fixes": [
+        "add scope import to prompt-submit — gate pass",
+        "add writeFileSync import to config.ts",
+        "persist cloud endpoint migration to config.json — stop logging on every boot",
+        "include memory_type in pushToPostgres metadata — was stripped on sync",
         "add scope import to daemon-orchestration — satisfies customer-readiness gate",
         "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
         "make skill lifecycle fields optional on Behavior interface — unblocks publish",
@@ -258,11 +262,7 @@
         "close remaining session-scoping findings from Bob's audit",
         "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
         "diagnostics check_update ENOENT + healthcheck timeout",
-        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
-        "correct graph column names in federated recall query",
-        "review notifications never reached reviewer — signal file gate was dead code",
-        "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
-        "generate valid UUIDs in projection worker stableId + add wiki.* projection"
+        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -279,6 +279,8 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "rename memory schema → graph across codebase",
+        "unified access control — admin token + GoTrue across all services",
         "capture data pipeline spec — raw → filter → wiki + CRM projection",
         "bump to v0.9.149 — task lifecycle simplification + review notification fix",
         "capture gateway connection observability requirements (2026-05-28)",
@@ -301,19 +303,18 @@
         "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
         "PG-1 cross-repo entity federation design document",
         "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification",
-        "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
+        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.153": {
-      "version": "0.9.153",
+    "0.9.154": {
+      "version": "0.9.154",
       "date": "2026-05-28",
       "features": [
+        "self-improving skills — usage tracking, success counting, and refinement daemon",
         "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
         "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
         "run database migrations before container swap in stack-update",
@@ -337,10 +338,14 @@
         "graceful COO auto-relaunch after context-full exit",
         "desktop push notifications on task completion (macOS/Linux)",
         "rename GHCR image exed → exe-os across all deploy/stack references",
-        "passive daemon-restart detection — agents get one-time /mcp notice",
-        "daemon restart orchestrator — single authority for all restart decisions"
+        "passive daemon-restart detection — agents get one-time /mcp notice"
       ],
       "fixes": [
+        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
+        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
+        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
+        "session isolation for tmux kill — block cross-scope session kills",
+        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
         "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
         "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
         "include memory_type in cloud sync push/pull + fix backfill re-sync",
@@ -355,17 +360,12 @@
         "add shipped_version to support triage + clean platform procedures",
         "close remaining session-scoping findings from Bob's audit",
         "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
+        "diagnostics check_update ENOENT + healthcheck timeout",
         "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox",
         "correct graph column names in federated recall query",
-        "diagnostics check_update ENOENT + healthcheck timeout",
         "review notifications never reached reviewer — signal file gate was dead code",
         "remove osascript fallback — desktop notifications use OSC 9 only on macOS",
-        "generate valid UUIDs in projection worker stableId + add wiki.* projection",
-        "RSS backpressure + safe Metal shutdown for embedding daemon OOM",
-        "multi-Tom dispatch — per-task signal files + atomic claim + herd prevention",
-        "restrict project_name='all' to coordinators only in list_tasks",
-        "CRM Dockerfile multi-arch — BUILDPLATFORM for build stages, rebuild bcrypt",
-        "enhance intercom log with caller/task/trigger metadata for tracing"
+        "generate valid UUIDs in projection worker stableId + add wiki.* projection"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -413,10 +413,12 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.150": {
-      "version": "0.9.150",
+    "0.9.153": {
+      "version": "0.9.153",
       "date": "2026-05-28",
       "features": [
+        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
+        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
         "run database migrations before container swap in stack-update",
         "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
         "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
@@ -439,11 +441,16 @@
         "desktop push notifications on task completion (macOS/Linux)",
         "rename GHCR image exed → exe-os across all deploy/stack references",
         "passive daemon-restart detection — agents get one-time /mcp notice",
-        "daemon restart orchestrator — single authority for all restart decisions",
-        "query router cache tuning + cross-session tasks + shared skills",
-        "socket health probe + tmux env guard + reviewer queue fallback (features 1, 2)"
+        "daemon restart orchestrator — single authority for all restart decisions"
       ],
       "fixes": [
+        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
+        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
+        "include memory_type in cloud sync push/pull + fix backfill re-sync",
+        "session-scope signal file system — prevent cross-session task/review bleed",
+        "session-scope notification routing — use row.session_scope over ambient",
+        "daemon NEVER guesses session from tmux — header-only routing",
+        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
         "federated recall always searches code_context + graph — count threshold was useless",
         "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
         "ONE postgres — replace crm-postgres with exe-db across entire stack",
@@ -461,14 +468,7 @@
         "multi-Tom dispatch — per-task signal files + atomic claim + herd prevention",
         "restrict project_name='all' to coordinators only in list_tasks",
         "CRM Dockerfile multi-arch — BUILDPLATFORM for build stages, rebuild bcrypt",
-        "enhance intercom log with caller/task/trigger metadata for tracing",
-        "project-scope review queries — no more cross-project review pollution",
-        "remove unused getActiveAgent import in list-tasks",
-        "project-scope ALL task queries — prevents cross-project pollution",
-        "hash-based cloud pull conflict detection + indentation-aware Python/Rust chunker",
-        "add sessionScopeFilter to worker-gate + create-task queries",
-        "replace require() with ESM import in shouldAutoInstance",
-        "intercom-check passes project_name to scanFromDb — prevents cross-project task pollution"
+        "enhance intercom log with caller/task/trigger metadata for tracing"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -485,6 +485,7 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "capture data pipeline spec — raw → filter → wiki + CRM projection",
         "bump to v0.9.149 — task lifecycle simplification + review notification fix",
         "capture gateway connection observability requirements (2026-05-28)",
         "bump to v0.9.146 for publish",
@@ -508,8 +509,7 @@
         "add lint step + automated npm publish workflow",
         "audit: scoped SQL + package budget + TUI vendored + TODO classification",
         "add full readiness audit evidence",
-        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)",
-        "capture mcp restart self-healing roadmap"
+        "roadmap: Cross-Repo Ontology — Palantir-level graph (PG-1 through PG-10)"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",