@askexenow/exe-os 0.9.161 → 0.9.162

package/dist/{chunk-NP55D5Q6.js → chunk-A4NCK74X.js}

@@ -1,6 +1,6 @@
 import {
   AUTO_WAKE_MAX_RETRIES
-} from "./chunk-BZYHF63H.js";
+} from "./chunk-RLHQMWLV.js";
 import {
   getToolCapabilityIndex
 } from "./chunk-ESRI7MFI.js";

package/dist/{chunk-BZYHF63H.js → chunk-RLHQMWLV.js}

@@ -1119,12 +1119,13 @@ function reapZombieAgentProcesses(deps) {
   const reaped = [];
   const procMap = /* @__PURE__ */ new Map();
   for (const line of lines) {
-    const match = line.trim().match(/^(\d+)\s+(\d+)\s+(\S+)\s+(.+)$/);
+    const match = line.trim().match(/^(\d+)\s+(\d+)\s+(\S+)\s+(\S+)\s+(.+)$/);
     if (!match) continue;
     procMap.set(parseInt(match[1], 10), {
       ppid: parseInt(match[2], 10),
       etime: match[3],
-      args: match[4]
+      tty: match[4],
+      args: match[5]
     });
   }
   const AGENT_PATTERNS = [
@@ -1141,6 +1142,9 @@ function reapZombieAgentProcesses(deps) {
     if (!isAgent) continue;
     const ageSecs = parseEtime(info.etime);
     if (ageSecs < ZOMBIE_AGENT_MAX_AGE_SECS) continue;
+    if (info.tty !== "??" && info.tty !== "-") continue;
+    const wrapperInfo = procMap.get(info.ppid);
+    if (wrapperInfo && wrapperInfo.tty !== "??" && wrapperInfo.tty !== "-") continue;
     let hasLiveSession = false;
     let cur = info.ppid;
     for (let depth = 0; depth < 5; depth++) {
@@ -1222,7 +1226,7 @@ function getRssKb(pid) {
 function createZombieAgentReaperRealDeps() {
   return {
     listProcesses: () => {
-      const output = execSync("ps -eo pid,ppid,etime,args", {
+      const output = execSync("ps -eo pid,ppid,etime,tty,args", {
         encoding: "utf8",
         timeout: 5e3
       });

package/dist/{daemon-orchestration-47D3OQQV.js → daemon-orchestration-4D2UNHKZ.js}

@@ -47,7 +47,7 @@ import {
   shouldKillIdleSession,
   shouldKillSession,
   shouldNudgeEmployee
-} from "./chunk-BZYHF63H.js";
+} from "./chunk-RLHQMWLV.js";
 import "./chunk-FRH7EY2Z.js";
 import "./chunk-MPCICOVG.js";
 import "./chunk-7X7HKWH7.js";

package/dist/hooks/session-end.js

@@ -70,6 +70,24 @@ process.stdin.on("end", async () => {
     }
     const data = JSON.parse(input);
     const agent = getActiveAgent();
+    try {
+      const { appendFileSync } = await import("fs");
+      const { join } = await import("path");
+      const { homedir } = await import("os");
+      const deathLog = join(homedir(), ".exe-os", "session-deaths.log");
+      const entry = JSON.stringify({
+        ts: (/* @__PURE__ */ new Date()).toISOString(),
+        agent: agent.agentId,
+        role: agent.agentRole,
+        session: data.session_id,
+        project: process.env.EXE_PROJECT_NAME ?? process.cwd().split("/").pop() ?? "unknown",
+        tty: process.env.TTY ?? process.env.GPG_TTY ?? "unknown",
+        pid: process.pid,
+        ppid: process.ppid
+      });
+      appendFileSync(deathLog, entry + "\n");
+    } catch {
+    }
     if (agent.agentId !== "default") {
       try {
         const { fastDbInit } = await import("../fast-db-init-FLMQJFDI.js");

package/dist/lib/exe-daemon.js

@@ -1337,8 +1337,9 @@ async function startMcpHttpServer() {
     }, evictDuplicateMcpSessions2 = function(ownerKey, keepSid) {
       for (const [sid, existingOwner] of sessionOwnerKeys.entries()) {
         if (sid !== keepSid && existingOwner === ownerKey) {
+          const age = sessionLastSeen.has(sid) ? Math.round((Date.now() - sessionLastSeen.get(sid)) / 1e3) : -1;
           closeMcpSession2(sid, "duplicate_session_eviction");
-          process.stderr.write(`[exed] MCP duplicate session eviction: closed ${sid.slice(0, 8)} for ${ownerKey}
+          process.stderr.write(`[exed] MCP duplicate session eviction: closed ${sid.slice(0, 8)} for ${ownerKey} (age=${age}s, replaced by ${keepSid?.slice(0, 8) ?? "none"})
 `);
         }
       }
@@ -2055,7 +2056,7 @@ function startSessionTTL() {
     if (!await ensureStoreForPolling()) return;
     try {
       const { getClient: getClient2 } = await import("./database.js");
-      const { checkSessionTTL, createSessionTTLRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { checkSessionTTL, createSessionTTLRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createSessionTTLRealDeps(getClient2);
       const killed = await checkSessionTTL(deps);
       if (killed.length > 0) acted("session_ttl");
@@ -2084,7 +2085,7 @@ function startCooAutoRestart() {
         _cooLastSeen = Date.now();
         try {
           const { getClient: getClient2 } = await import("./database.js");
-          const { pollCoordinatorContextRestart, createCoordinatorRestartRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+          const { pollCoordinatorContextRestart, createCoordinatorRestartRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
           const deps = createCoordinatorRestartRealDeps(getClient2);
           const restarted = await pollCoordinatorContextRestart(deps, process.cwd());
           if (restarted.length > 0) {
@@ -2202,7 +2203,7 @@ function startIdleKill() {
       const { loadConfigSync } = await import("./config.js");
       const cfg = loadConfigSync();
       const { getClient: getClient2 } = await import("./database.js");
-      const { pollIdleKill, createIdleKillRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { pollIdleKill, createIdleKillRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createIdleKillRealDeps(
         getClient2,
         cfg.sessionLifecycle.idleKillIntercomAckWindowMs
@@ -2746,7 +2747,7 @@ function startOrphanReaper() {
   const tick = async () => {
     fired("orphan_reaper");
     try {
-      const { reapOrphanedMcpProcesses, createOrphanReaperRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { reapOrphanedMcpProcesses, createOrphanReaperRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createOrphanReaperRealDeps();
       const reaped = await reapOrphanedMcpProcesses(deps);
       if (reaped.length > 0) acted("orphan_reaper");
@@ -2770,7 +2771,7 @@ function startZombieAgentReaper() {
   const tick = async () => {
     fired("zombie_agent_reaper");
     try {
-      const { reapZombieAgentProcesses, createZombieAgentReaperRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { reapZombieAgentProcesses, createZombieAgentReaperRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createZombieAgentReaperRealDeps();
       const reaped = reapZombieAgentProcesses(deps);
       if (reaped.length > 0) acted("zombie_agent_reaper");
@@ -2793,7 +2794,7 @@ function startWorktreeReaper() {
   const tick = async () => {
     fired("worktree_reaper");
     try {
-      const { reapOrphanedWorktrees, createWorktreeReaperRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { reapOrphanedWorktrees, createWorktreeReaperRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = await createWorktreeReaperRealDeps();
       const result = await reapOrphanedWorktrees(deps);
       if (result.pruned.length > 0) {
@@ -2824,7 +2825,7 @@ function startAutoWake() {
     if (!await ensureStoreForPolling()) return;
     try {
       const { getClient: getClient2 } = await import("./database.js");
-      const { pollOrphanedTasks, createAutoWakeRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { pollOrphanedTasks, createAutoWakeRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createAutoWakeRealDeps(getClient2, process.cwd());
       const woken = await pollOrphanedTasks(deps);
       if (woken.length > 0) acted("auto_wake");
@@ -2933,7 +2934,7 @@ function startStuckTaskRelease() {
     if (!await ensureStoreForPolling()) return;
     try {
       const { getClient: getClient2 } = await import("./database.js");
-      const { releaseStuckTasks, createStuckTaskRealDeps } = await import("../daemon-orchestration-47D3OQQV.js");
+      const { releaseStuckTasks, createStuckTaskRealDeps } = await import("../daemon-orchestration-4D2UNHKZ.js");
       const deps = createStuckTaskRealDeps(getClient2);
       const released = await releaseStuckTasks(deps);
       if (released.length > 0) {

package/dist/mcp/register-tools.js

@@ -1,7 +1,7 @@
 import {
   registerAllTools
-} from "../chunk-NP55D5Q6.js";
-import "../chunk-BZYHF63H.js";
+} from "../chunk-A4NCK74X.js";
+import "../chunk-RLHQMWLV.js";
 import "../chunk-ESRI7MFI.js";
 import "../chunk-PLNYW6PA.js";
 import "../chunk-MGRHSBXO.js";

package/dist/mcp/server.js

@@ -3,8 +3,8 @@ import {
 } from "../chunk-V4TZI6EO.js";
 import {
   registerAllTools
-} from "../chunk-NP55D5Q6.js";
-import "../chunk-BZYHF63H.js";
+} from "../chunk-A4NCK74X.js";
+import "../chunk-RLHQMWLV.js";
 import "../chunk-ESRI7MFI.js";
 import {
   initLicenseGate

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.161",
+  "version": "0.9.162",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",

package/release-notes.json

@@ -1,8 +1,8 @@
 {
-  "current": "0.9.161",
+  "current": "0.9.162",
   "notes": {
-    "0.9.161": {
-      "version": "0.9.161",
+    "0.9.162": {
+      "version": "0.9.162",
       "date": "2026-05-30",
       "features": [
         "add worktree reaper daemon job to prune orphaned agent worktrees",
@@ -32,6 +32,7 @@
         "blocked task notification — ping dispatcher immediately on status change"
       ],
       "fixes": [
+        "zombie reaper must never kill TTY-attached sessions + death log",
         "update readiness gate to check daemon-restart-orchestrator",
         "resolve TS errors blocking publish — unused import + undefined row",
         "zombie agent reaper + deferred daemon restart (OOM crash fix)",
@@ -55,8 +56,7 @@
         "DMR retrieval 20% → 100% — stop words, name filtering, speaker fix",
         "kill idle Codex/OpenCode sessions instead of sending intercom — enables auto-wake respawn",
         "suppress daemon auto-reconnect noise — only log after attempt 2+",
-        "remove E2EE from bug reports — support intake must be readable server-side",
-        "support API — verified encrypted bug reports work (HTTP 201)"
+        "remove E2EE from bug reports — support intake must be readable server-side"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -104,10 +104,12 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.160": {
-      "version": "0.9.160",
+    "0.9.161": {
+      "version": "0.9.161",
       "date": "2026-05-30",
       "features": [
+        "add worktree reaper daemon job to prune orphaned agent worktrees",
+        "add pre-flight gates to close_task — status gate, worktree check, commit recency",
         "add wiki document ingestion via API for embedding pipeline",
         "add filtered.* projection targets to projection worker",
         "verify-stack post-deploy checks — 8 runtime validations",
@@ -130,11 +132,14 @@
         "update safety + portable backups + restore",
         "complete deployment readiness — all 14 second-pass blind spots fixed",
         "production-ready stack — all 15 blind spots fixed",
-        "blocked task notification — ping dispatcher immediately on status change",
-        "self-improving skills — usage tracking, success counting, and refinement daemon",
-        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention"
+        "blocked task notification — ping dispatcher immediately on status change"
       ],
       "fixes": [
+        "update readiness gate to check daemon-restart-orchestrator",
+        "resolve TS errors blocking publish — unused import + undefined row",
+        "zombie agent reaper + deferred daemon restart (OOM crash fix)",
+        "idle-kill now reaps Codex/OpenCode sessions (bug 47d1e446)",
+        "change orphaned task terminal state from blocked → needs_review",
         "auto-close temporal guard + session_scope fallback + orphan cleanup safety",
         "cloud sync skip-bad-rows + age-based orphan hook reaper",
         "clean unused imports + publish gate fixes for v0.9.159",
@@ -154,12 +159,7 @@
         "kill idle Codex/OpenCode sessions instead of sending intercom — enables auto-wake respawn",
         "suppress daemon auto-reconnect noise — only log after attempt 2+",
         "remove E2EE from bug reports — support intake must be readable server-side",
-        "support API — verified encrypted bug reports work (HTTP 201)",
-        "support API accepts encrypted bug reports — prevents HTTP 400",
-        "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
-        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
-        "add scope import to prompt-submit — gate pass",
-        "add writeFileSync import to config.ts"
+        "support API — verified encrypted bug reports work (HTTP 201)"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -207,10 +207,12 @@
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.159": {
-      "version": "0.9.159",
-      "date": "2026-05-29",
+    "0.9.160": {
+      "version": "0.9.160",
+      "date": "2026-05-30",
       "features": [
+        "add wiki document ingestion via API for embedding pipeline",
+        "add filtered.* projection targets to projection worker",
         "verify-stack post-deploy checks — 8 runtime validations",
         "preflight deploy gate + filtered schema + gateway graceful degradation",
         "harden /exe-afk as primary monitoring tool, deprecate /loop for orchestration",
@@ -233,16 +235,12 @@
         "production-ready stack — all 15 blind spots fixed",
         "blocked task notification — ping dispatcher immediately on status change",
         "self-improving skills — usage tracking, success counting, and refinement daemon",
-        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
-        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
-        "run database migrations before container swap in stack-update"
+        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention"
       ],
       "fixes": [
-        "cloud sync NOT NULL resilience — sqlSafeRequired() defaults + per-record error handling, skip bad rows instead of retry storm",
-        "auto-close temporal guard — reject commits older than task creation date, raise threshold 0.6→0.8",
-        "session_scope fallback — listTasks returns unscoped results when scoped query finds 0 after daemon restart",
-        "orphan task file cleanup safety — 24h threshold (was 1h) + ID-based fallback before deleting",
-        "blocked task escalation — writeNotification to COO when auto-wake fails 3x and marks task blocked",
+        "auto-close temporal guard + session_scope fallback + orphan cleanup safety",
+        "cloud sync skip-bad-rows + age-based orphan hook reaper",
+        "clean unused imports + publish gate fixes for v0.9.159",
         "daemon memory cascade — prevent duplicate daemons, reap orphan hooks, cap heap",
         "auto-inject timeout on tmux capture-pane to prevent session freeze",
         "auto-wake crash loop — filter boot memories + circuit breaker",
@@ -262,7 +260,9 @@
         "support API — verified encrypted bug reports work (HTTP 201)",
         "support API accepts encrypted bug reports — prevents HTTP 400",
         "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
-        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files"
+        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
+        "add scope import to prompt-submit — gate pass",
+        "add writeFileSync import to config.ts"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -279,6 +279,8 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "bump v0.9.160 — cloud sync resilience + orphan reaper + auto-close guard",
+        "update release notes with 5 bug fixes from support triage",
         "bump v0.9.159 — daemon memory cascade fix + session_scope + benchmarks",
         "arch: customer onboarding automation — exe-os deploy-customer command",
         "arch: Fleet Operations Roadmap — 8 phases for production safety at scale",
@@ -301,19 +303,33 @@
         "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
         "add MCP tool tests for message, cloud-sync, and file-copy",
         "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
-        "Recover MCP sessions after daemon restart",
-        "publish v0.9.143 — all fixes live",
-        "publish v0.9.142"
+        "Recover MCP sessions after daemon restart"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.158": {
-      "version": "0.9.158",
-      "date": "2026-05-28",
+    "0.9.159": {
+      "version": "0.9.159",
+      "date": "2026-05-29",
       "features": [
+        "verify-stack post-deploy checks — 8 runtime validations",
+        "preflight deploy gate + filtered schema + gateway graceful degradation",
+        "harden /exe-afk as primary monitoring tool, deprecate /loop for orchestration",
+        "add --judge-model flag to LoCoMo harness",
+        "dashboard.askexe.com — customer credits dashboard (backend + frontend)",
+        "config persistence contract — document + enforce what survives stack updates",
+        "add persona depth to identity — tone, vocabulary, response_style, communication_patterns",
+        "4 BEAM improvements — o4-mini judge, entity expansion, temporal prompts, contradiction detection",
+        "DMR 100% + BEAM 35% — full results with Claude Sonnet judge",
+        "session_scope read paths — search filter + backfill + tests",
+        "add session_scope filtering to memory read paths + MCP tools + backfill",
+        "classify prompt memories as conversation type + enrich session-end captures",
+        "add session_scope column to memories table — schema migration + all write paths",
+        "fix Codex integration + add --codex to all 4 harnesses",
+        "add checkpoint/resume support for long LoCoMo runs",
+        "add Codex GPT-5.5 judge, pre-embedding, expanded retrieval, production prompts",
         "stack manifest 0.9.10 — all new images for customer deployment",
         "update safety + portable backups + restore",
         "complete deployment readiness — all 14 second-pass blind spots fixed",
@@ -322,50 +338,34 @@
         "self-improving skills — usage tracking, success counting, and refinement daemon",
         "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
         "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
-        "run database migrations before container swap in stack-update",
-        "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
-        "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
-        "federated recall — code_context + graph fallback when memory results weak",
-        "migrate cloud.askexe.com → api.askexe.com across all src/ defaults",
-        "rolling restart in stack-update — one service at a time with health verification",
-        "DMR benchmark harness + LoCoMo improvements for v0.9.145 evaluation",
-        "Windows/WSL support — WezTerm config + WSL detection in setup wizard",
-        "queryTaskRows() consolidation — single scoped query path for all task list operations",
-        "review signal files — reliable reviewer notification on update_task(done)",
-        "Ghostty-native notifications via OSC 9 — no more Script Editor popup",
-        "device-scoped behaviors — device_id column + filter in loading",
-        "dispatch reliability — 45s boot timeout, dispatch ack signals, agent heartbeat",
-        "setup wizard headless mode + daemon health check after restart",
-        "device-scoped behaviors — add device_id column + filter on load",
-        "gateway prompt injection defense — 3-tier security hardening",
-        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs"
+        "run database migrations before container swap in stack-update"
       ],
       "fixes": [
+        "cloud sync NOT NULL resilience — sqlSafeRequired() defaults + per-record error handling, skip bad rows instead of retry storm",
+        "auto-close temporal guard — reject commits older than task creation date, raise threshold 0.6→0.8",
+        "session_scope fallback — listTasks returns unscoped results when scoped query finds 0 after daemon restart",
+        "orphan task file cleanup safety — 24h threshold (was 1h) + ID-based fallback before deleting",
+        "blocked task escalation — writeNotification to COO when auto-wake fails 3x and marks task blocked",
+        "daemon memory cascade — prevent duplicate daemons, reap orphan hooks, cap heap",
+        "auto-inject timeout on tmux capture-pane to prevent session freeze",
+        "auto-wake crash loop — filter boot memories + circuit breaker",
+        "Codex numbered instances use baseAgentName for identity resolution",
+        "auto-chain project scope + writeNotification on needs_review",
+        "persist WhatsApp auth in Docker volume — prevent data loss on update",
+        "wake idle codex sessions on pending tasks",
+        "fix daemon MCP session heap leak",
+        "include typescript as runtime dependency",
+        "remove direct Postgres license validation — CF Worker is the only path",
+        "gateway stop_grace_period 45s — prevent SIGKILL during message drain",
+        "filter person names from FTS queries to prevent speaker-prefix pollution",
+        "DMR retrieval 20% → 100% — stop words, name filtering, speaker fix",
+        "kill idle Codex/OpenCode sessions instead of sending intercom — enables auto-wake respawn",
+        "suppress daemon auto-reconnect noise — only log after attempt 2+",
+        "remove E2EE from bug reports — support intake must be readable server-side",
         "support API — verified encrypted bug reports work (HTTP 201)",
         "support API accepts encrypted bug reports — prevents HTTP 400",
         "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
-        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
-        "add scope import to prompt-submit — gate pass",
-        "add writeFileSync import to config.ts",
-        "persist cloud endpoint migration to config.json — stop logging on every boot",
-        "include memory_type in pushToPostgres metadata — was stripped on sync",
-        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
-        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
-        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
-        "session isolation for tmux kill — block cross-scope session kills",
-        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
-        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
-        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
-        "include memory_type in cloud sync push/pull + fix backfill re-sync",
-        "session-scope signal file system — prevent cross-session task/review bleed",
-        "session-scope notification routing — use row.session_scope over ambient",
-        "daemon NEVER guesses session from tmux — header-only routing",
-        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
-        "federated recall always searches code_context + graph — count threshold was useless",
-        "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
-        "ONE postgres — replace crm-postgres with exe-db across entire stack",
-        "smart session-scoping gate + last boot cleanup leak + triage_bug docs",
-        "add shipped_version to support triage + clean platform procedures"
+        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",
@@ -382,6 +382,13 @@
         "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
       ],
       "other": [
+        "bump v0.9.159 — daemon memory cascade fix + session_scope + benchmarks",
+        "arch: customer onboarding automation — exe-os deploy-customer command",
+        "arch: Fleet Operations Roadmap — 8 phases for production safety at scale",
+        "arch: add filtered table pipeline + pre-flight deploy system to roadmap",
+        "add EXE-OS-STACK.md — complete 6-repo deployment map",
+        "cache tmux session (5 calls → 1) + offset daemon timers",
+        "cut agent boot from 4min to <30s — merge Bash blocks + parallel DB queries",
         "rename memory schema → graph across codebase",
         "unified access control — admin token + GoTrue across all services",
         "capture data pipeline spec — raw → filter → wiki + CRM projection",
@@ -399,24 +406,18 @@
         "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
         "Recover MCP sessions after daemon restart",
         "publish v0.9.143 — all fixes live",
-        "publish v0.9.142",
-        "publish v0.9.141",
-        "ops: journalctl rotation + certbot expiry alerting",
-        "revert: daemon heap back to 33% of RAM — no artificial cap",
-        "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
-        "PG-1 cross-repo entity federation design document",
-        "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
+        "publish v0.9.142"
       ],
       "migration_notes": [
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
     },
-    "0.9.157": {
-      "version": "0.9.157",
+    "0.9.158": {
+      "version": "0.9.158",
       "date": "2026-05-28",
       "features": [
+        "stack manifest 0.9.10 — all new images for customer deployment",
         "update safety + portable backups + restore",
         "complete deployment readiness — all 14 second-pass blind spots fixed",
         "production-ready stack — all 15 blind spots fixed",
@@ -440,10 +441,13 @@
         "setup wizard headless mode + daemon health check after restart",
         "device-scoped behaviors — add device_id column + filter on load",
         "gateway prompt injection defense — 3-tier security hardening",
-        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
-        "add task dependency tree visualization (action=dependency_tree)"
+        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs"
       ],
       "fixes": [
+        "support API — verified encrypted bug reports work (HTTP 201)",
+        "support API accepts encrypted bug reports — prevents HTTP 400",
+        "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
+        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
         "add scope import to prompt-submit — gate pass",
         "add writeFileSync import to config.ts",
         "persist cloud endpoint migration to config.json — stop logging on every boot",
@@ -464,11 +468,7 @@
         "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
         "ONE postgres — replace crm-postgres with exe-db across entire stack",
         "smart session-scoping gate + last boot cleanup leak + triage_bug docs",
-        "add shipped_version to support triage + clean platform procedures",
-        "close remaining session-scoping findings from Bob's audit",
-        "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
-        "diagnostics check_update ENOENT + healthcheck timeout",
-        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox"
+        "add shipped_version to support triage + clean platform procedures"
       ],
       "security": [
         "fix shell injection, SSRF, socket leaks, backup validation",