@askexenow/exe-os 0.9.196 → 0.9.197

package/deploy/compose/docker-compose.yml

@@ -435,6 +435,46 @@ services:
       driver: json-file
       options: { max-size: "10m", max-file: "3" }
 
+  # ------------------------------------------------------------------
+  # Update service — registry proxy for customer image pulls
+  # Serves update.askexe.com: /v2/* Docker registry proxy, /health
+  # AskExe control-plane only — not deployed on customer VPSs.
+  # ------------------------------------------------------------------
+  exe-update:
+    image: ${EXE_OS_IMAGE_TAG:-${EXED_IMAGE_TAG:-ghcr.io/askexe/exe-os:v0.9.157}}
+    container_name: exe-update
+    restart: unless-stopped
+    entrypoint: ["node", "/app/dist/bin/registry-proxy.js"]
+    env_file:
+      - path: .env
+        required: false
+    environment:
+      EXE_REGISTRY_PROXY_PORT: "${EXE_REGISTRY_PROXY_PORT:-3200}"
+      EXE_REGISTRY_PROXY_HOST: "${EXE_REGISTRY_PROXY_HOST:-0.0.0.0}"
+      EXE_REGISTRY_PROXY_UPSTREAM: "${EXE_REGISTRY_PROXY_UPSTREAM:-https://ghcr.io}"
+      EXE_REGISTRY_PROXY_UPSTREAM_USERNAME: "${EXE_REGISTRY_PROXY_UPSTREAM_USERNAME}"
+      EXE_REGISTRY_PROXY_UPSTREAM_TOKEN: "${EXE_REGISTRY_PROXY_UPSTREAM_TOKEN}"
+      EXE_REGISTRY_PROXY_PULL_TOKENS: "${EXE_REGISTRY_PROXY_PULL_TOKENS}"
+      EXE_REGISTRY_PROXY_ALLOWED_NAMESPACE: "${EXE_REGISTRY_PROXY_ALLOWED_NAMESPACE:-askexe}"
+    ports:
+      - "127.0.0.1:${EXE_UPDATE_HOST_PORT:-3200}:${EXE_REGISTRY_PROXY_PORT:-3200}"
+    networks:
+      backend:
+        ipv4_address: 10.42.0.25
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:3200/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"]
+      interval: 30s
+      timeout: 5s
+      start_period: 10s
+      retries: 3
+    deploy:
+      resources:
+        limits:
+          memory: 256M
+    logging:
+      driver: json-file
+      options: { max-size: "10m", max-file: "3" }
+
   # ------------------------------------------------------------------
   # Infrastructure — Cloudflare Tunnel (replaces nginx + SSL certs)
   # ------------------------------------------------------------------

package/deploy/stack-manifests/v0.9.json

@@ -181,31 +181,31 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.3",
+          "image": "update.askexe.com/askexe/exed:v0.9.3",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer"
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "deploymentScope": "customer"
         }
       },
@@ -222,9 +222,9 @@
           "repo": "AskExe/exe-os",
           "npmPackage": "@askexenow/exe-os",
           "npmVersion": "0.9.69",
-          "image": "registry.askexe.com/askexe/exed:v0.9.3",
+          "image": "update.askexe.com/askexe/exed:v0.9.3",
           "imageVersion": "0.9.3",
-          "note": "npm package version and customer stack image tag are separate version tracks; Hygo pulls the exed image through registry.askexe.com, which proxies the GHCR artifact server-side.",
+          "note": "npm package version and customer stack image tag are separate version tracks; Hygo pulls the exed image through update.askexe.com, which proxies the GHCR artifact server-side.",
           "sourceRef": "v0.9.3"
         }
       }
@@ -246,31 +246,31 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.4",
+          "image": "update.askexe.com/askexe/exed:v0.9.4",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer"
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "deploymentScope": "customer"
         }
       },
@@ -287,9 +287,9 @@
           "repo": "AskExe/exe-os",
           "npmPackage": "@askexenow/exe-os",
           "npmVersion": "0.9.81",
-          "image": "registry.askexe.com/askexe/exed:v0.9.4",
+          "image": "update.askexe.com/askexe/exed:v0.9.4",
           "imageVersion": "0.9.4",
-          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through registry.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
+          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through update.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
           "sourceRef": "stack-v0.9.4"
         }
       }
@@ -311,31 +311,31 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.5",
+          "image": "update.askexe.com/askexe/exed:v0.9.5",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer"
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "deploymentScope": "customer"
         }
       },
@@ -352,9 +352,9 @@
           "repo": "AskExe/exe-os",
           "npmPackage": "@askexenow/exe-os",
           "npmVersion": "0.9.82",
-          "image": "registry.askexe.com/askexe/exed:v0.9.4",
+          "image": "update.askexe.com/askexe/exed:v0.9.4",
           "imageVersion": "0.9.5",
-          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through registry.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
+          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through update.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
           "sourceRef": "stack-v0.9.4",
           "commit": "main@stack-v0.9.5"
         }
@@ -379,31 +379,31 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.6",
+          "image": "update.askexe.com/askexe/exed:v0.9.6",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer"
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "deploymentScope": "customer"
         }
       },
@@ -420,9 +420,9 @@
           "repo": "AskExe/exe-os",
           "npmPackage": "@askexenow/exe-os",
           "npmVersion": "0.9.83",
-          "image": "registry.askexe.com/askexe/exed:v0.9.4",
+          "image": "update.askexe.com/askexe/exed:v0.9.4",
           "imageVersion": "0.9.6",
-          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through registry.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
+          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through update.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
           "sourceRef": "stack-v0.9.4",
           "commit": "main@stack-v0.9.6"
         }
@@ -447,31 +447,31 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.7",
+          "image": "update.askexe.com/askexe/exed:v0.9.7",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer"
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "deploymentScope": "customer"
         }
       },
@@ -488,9 +488,9 @@
           "repo": "AskExe/exe-os",
           "npmPackage": "@askexenow/exe-os",
           "npmVersion": "0.9.84",
-          "image": "registry.askexe.com/askexe/exed:v0.9.4",
+          "image": "update.askexe.com/askexe/exed:v0.9.4",
           "imageVersion": "0.9.7",
-          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through registry.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
+          "note": "Customer stack image tag is 0.9.4; bundled npm package is @askexenow/exe-os@0.9.81. Hygo pulls through update.askexe.com, which proxies the AskExe-owned GHCR artifact server-side.",
           "sourceRef": "stack-v0.9.4",
           "commit": "main@stack-v0.9.7"
         }
@@ -506,32 +506,32 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.8",
+          "image": "update.askexe.com/askexe/exed:v0.9.8",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer",
           "note": "npm package @askexenow/exe-os@0.9.89. Security hardening + 5 Hygo bug fixes + RSS memory fix."
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "healthUrl": "http://127.0.0.1:45876/",
           "deploymentScope": "customer"
         }
@@ -545,32 +545,32 @@
       "services": {
         "crm": {
           "env": "CRM_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-crm:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.3",
           "healthUrl": "http://127.0.0.1:3000/healthz",
           "deploymentScope": "customer"
         },
         "wiki": {
           "env": "WIKI_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-wiki:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.3",
           "healthUrl": "http://127.0.0.1:3001/api/ping",
           "deploymentScope": "customer"
         },
         "exe-os": {
           "env": "EXE_OS_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exed:v0.9.9",
+          "image": "update.askexe.com/askexe/exed:v0.9.9",
           "healthUrl": "http://127.0.0.1:8765/health",
           "deploymentScope": "customer",
           "note": "npm package @askexenow/exe-os@0.9.134. Session routing fix, DB safety suite, Codex MCP, 20 bug fixes."
         },
         "gateway": {
           "env": "GATEWAY_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-gateway:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.3",
           "healthUrl": "http://127.0.0.1:3100/health",
           "deploymentScope": "customer"
         },
         "monitorAgent": {
           "env": "MONITOR_AGENT_IMAGE_TAG",
-          "image": "registry.askexe.com/askexe/exe-monitor-agent:v0.9.3",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.3",
           "healthUrl": "http://127.0.0.1:45876/",
           "deploymentScope": "customer"
         }
@@ -584,32 +584,32 @@
       "breakingChanges": [],
       "services": {
         "crm": {
-          "image": "ghcr.io/askexe/exe-crm:v0.9.4",
+          "image": "update.askexe.com/askexe/exe-crm:v0.9.4",
           "env": "CRM_IMAGE_TAG",
           "composeService": "exe-crm"
         },
         "wiki": {
-          "image": "ghcr.io/askexe/exe-wiki:v0.9.5",
+          "image": "update.askexe.com/askexe/exe-wiki:v0.9.5",
           "env": "WIKI_IMAGE_TAG",
           "composeService": "exe-wiki"
         },
         "exe-os": {
-          "image": "ghcr.io/askexe/exe-os:v0.9.157",
+          "image": "update.askexe.com/askexe/exe-os:v0.9.157",
           "env": "EXE_OS_IMAGE_TAG",
           "composeService": "exe-os"
         },
         "gateway": {
-          "image": "ghcr.io/askexe/exe-gateway:v0.9.4",
+          "image": "update.askexe.com/askexe/exe-gateway:v0.9.4",
           "env": "GATEWAY_IMAGE_TAG",
           "composeService": "exe-gateway"
         },
         "monitorAgent": {
-          "image": "ghcr.io/askexe/exe-monitor-agent:v0.9.4",
+          "image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.4",
           "env": "MONITOR_AGENT_IMAGE_TAG",
           "composeService": "exe-monitor-agent"
         },
         "monitorHub": {
-          "image": "ghcr.io/askexe/exe-monitor-hub:v0.9.5",
+          "image": "update.askexe.com/askexe/exe-monitor-hub:v0.9.5",
           "env": "MONITOR_HUB_IMAGE_TAG",
           "composeService": "exe-monitor-hub"
         }

package/dist/bin/registry-proxy.js

@@ -22,8 +22,8 @@ Environment:
   EXE_REGISTRY_PROXY_ALLOWED_NAMESPACE=askexe
 
 Docker image shape for clients:
-  registry.askexe.com/askexe/exe-os:v0.9.3
-  registry.askexe.com/askexe/exe-crm:v0.9.3
+  update.askexe.com/askexe/exe-os:v0.9.3
+  update.askexe.com/askexe/exe-crm:v0.9.3
 `);
 }
 async function main(args = process.argv.slice(2)) {

package/dist/bin/stack-update.js

@@ -11,7 +11,7 @@ import {
   patchEnv,
   readCurrentStackVersion,
   runStackUpdate
-} from "../chunk-MJYXPMPW.js";
+} from "../chunk-T5U27Y4H.js";
 import "../chunk-MVMMULOJ.js";
 import "../chunk-4GXRETYL.js";
 import "../chunk-LYH5HE24.js";

package/dist/bin/vps-health-gate.js

@@ -207,7 +207,7 @@ async function main(args) {
   console.log("[health-gate] Starting rollback...");
   restorePreDeployBackup();
   try {
-    const { rollbackStackUpdate, defaultStackPaths } = await import("../stack-update-ODIHZZCZ.js");
+    const { rollbackStackUpdate, defaultStackPaths } = await import("../stack-update-PI2TWEGS.js");
     const paths = defaultStackPaths();
     await rollbackStackUpdate({
       manifestRef: paths.manifestRef,

package/dist/{chunk-2OX3F2UQ.js → chunk-4F4SOCKN.js}

@@ -6,7 +6,7 @@ import {
 } from "./chunk-AFJWUI3Y.js";
 import {
   AUTO_WAKE_MAX_RETRIES
-} from "./chunk-OK5U45GK.js";
+} from "./chunk-7JCK6TXX.js";
 import {
   getToolCapabilityIndex
 } from "./chunk-GHCVD7WV.js";

package/dist/{chunk-OK5U45GK.js → chunk-7JCK6TXX.js}

@@ -495,6 +495,15 @@ function createSessionTTLRealDeps(getClient) {
     listRegisteredSessions: () => listSessions(),
     listTmuxSessions: () => listTmuxSessions(),
     getSessionCreatedEpoch: (sessionName) => {
+      try {
+        const sessions = listSessions();
+        const entry = sessions.find((s) => s.windowName === sessionName);
+        if (entry?.registeredAt) {
+          const epoch = new Date(entry.registeredAt).getTime() / 1e3;
+          if (!isNaN(epoch)) return epoch;
+        }
+      } catch {
+      }
       try {
         const out = execSync(
           `tmux display-message -t ${JSON.stringify(sessionName)} -p '#{session_created}' 2>/dev/null`,

package/dist/{chunk-MJYXPMPW.js → chunk-T5U27Y4H.js}

@@ -140,12 +140,12 @@ function createStackUpdatePlan(manifest, envRaw, targetVersion) {
     breakingChanges: release.breakingChanges ?? []
   };
 }
-var ASKEXE_GHCR_IMAGE = /^(?:ghcr\.io\/askexe|registry\.askexe\.com\/askexe)\/[a-z0-9._/-]+(?::[^:@$/{]+|@sha256:[a-f0-9]{64})$/i;
+var ASKEXE_GHCR_IMAGE = /^(?:ghcr\.io\/askexe|update\.askexe\.com\/askexe|registry\.askexe\.com\/askexe)\/[a-z0-9._/-]+(?::[^:@$/{]+|@sha256:[a-f0-9]{64})$/i;
 function validatePinnedGhcrImage(image, label) {
   const trimmed = image.trim().replace(/^['"]|['"]$/g, "");
   if (!trimmed) return `${label} is empty`;
   if (trimmed.includes("${")) return null;
-  if (!trimmed.startsWith("ghcr.io/askexe/") && !trimmed.startsWith("registry.askexe.com/askexe/")) return `${label} must use ghcr.io/askexe/* or registry.askexe.com/askexe/*, got ${trimmed}`;
+  if (!trimmed.startsWith("ghcr.io/askexe/") && !trimmed.startsWith("update.askexe.com/askexe/") && !trimmed.startsWith("registry.askexe.com/askexe/")) return `${label} must use ghcr.io/askexe/*, update.askexe.com/askexe/*, or registry.askexe.com/askexe/*, got ${trimmed}`;
   if (/:latest(?:$|[\s#])/.test(trimmed)) return `${label} must not use :latest (${trimmed})`;
   if (!ASKEXE_GHCR_IMAGE.test(trimmed)) return `${label} must be pinned with an explicit tag or sha256 digest from ghcr.io/askexe or registry.askexe.com/askexe, got ${trimmed}`;
   return null;
@@ -153,9 +153,9 @@ function validatePinnedGhcrImage(image, label) {
 function validateComposeImageLiteral(image, label) {
   const trimmed = image.trim().replace(/^['"]|['"]$/g, "");
   if (!trimmed) return `${label} is empty`;
-  if (trimmed.startsWith("ghcr.io/askexe/") || trimmed.startsWith("registry.askexe.com/askexe/")) return validatePinnedGhcrImage(trimmed, label);
+  if (trimmed.startsWith("ghcr.io/askexe/") || trimmed.startsWith("update.askexe.com/askexe/") || trimmed.startsWith("registry.askexe.com/askexe/")) return validatePinnedGhcrImage(trimmed, label);
   if (/^(postgres|pgvector\/pgvector|clickhouse\/clickhouse-server|redis|nginx|postgrest\/postgrest|supabase\/gotrue):[^:]+$/i.test(trimmed)) return null;
-  return `${label} uses unsupported non-AskExe image ${trimmed}; customer app images must come from pinned ghcr.io/askexe images`;
+  return `${label} uses unsupported non-AskExe image ${trimmed}; customer app images must come from pinned update.askexe.com/askexe or ghcr.io/askexe images`;
 }
 function collectProductionDeployGateIssues(plan, envRaw, composeRaw) {
   const issues = [];
@@ -209,7 +209,7 @@ function assertProductionDeployGate(plan, envRaw, composeRaw, options = {}) {
   }
   const details = issues.map((issue) => `- [${issue.kind}] ${issue.message}`).join("\n");
   throw new Error(
-    `Production deploy gate failed. Exe OS deploys must use pinned ghcr.io/askexe or registry.askexe.com/askexe images and must not build from source on the VPS.
+    `Production deploy gate failed. Exe OS deploys must use pinned ghcr.io/askexe or update.askexe.com/askexe images and must not build from source on the VPS.
 ${details}
 Emergency override requires --break-glass <reason> and writes an audit file.`
   );

package/dist/{daemon-orchestration-MLB3WJHB.js → daemon-orchestration-N5GPEP4F.js}

@@ -48,7 +48,7 @@ import {
   shouldKillIdleSession,
   shouldKillSession,
   shouldNudgeEmployee
-} from "./chunk-OK5U45GK.js";
+} from "./chunk-7JCK6TXX.js";
 import "./chunk-WRCETUYE.js";
 import "./chunk-5RT7IBY4.js";
 import "./chunk-WP6P3LSI.js";

package/dist/lib/exe-daemon.js

@@ -2171,7 +2171,7 @@ async function startReviewPolling() {
     lastNudgeSent: /* @__PURE__ */ new Map(),
     intervalMs: REVIEW_POLL_INTERVAL_MS
   };
-  const { pollReviewNudge, createReviewNudgeRealDeps, loadNudgeState } = await import("../daemon-orchestration-MLB3WJHB.js");
+  const { pollReviewNudge, createReviewNudgeRealDeps, loadNudgeState } = await import("../daemon-orchestration-N5GPEP4F.js");
   const nudgeState = loadNudgeState();
   const tick = async () => {
     fired("review_polling");
@@ -2213,7 +2213,7 @@ function startSessionTTL() {
     if (!await ensureStoreForPolling()) return;
     try {
       const { getClient: getClient2 } = await import("./database.js");
-      const { checkSessionTTL, createSessionTTLRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { checkSessionTTL, createSessionTTLRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = createSessionTTLRealDeps(getClient2);
       const killed = await checkSessionTTL(deps);
       if (killed.length > 0) acted("session_ttl");
@@ -2262,7 +2262,7 @@ function startIdleKill() {
       const cfg = await getCachedConfig();
       if (!cfg) return;
       const { getClient: getClient2 } = await import("./database.js");
-      const { pollIdleKill, createIdleKillRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { pollIdleKill, createIdleKillRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = createIdleKillRealDeps(
         getClient2,
         cfg.sessionLifecycle.idleKillIntercomAckWindowMs
@@ -2819,7 +2819,7 @@ function startOrphanReaper() {
   const tick = async () => {
     fired("orphan_reaper");
     try {
-      const { reapOrphanedMcpProcesses, createOrphanReaperRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { reapOrphanedMcpProcesses, createOrphanReaperRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = createOrphanReaperRealDeps();
       const reaped = await reapOrphanedMcpProcesses(deps);
       if (reaped.length > 0) acted("orphan_reaper");
@@ -2843,7 +2843,7 @@ function startZombieAgentReaper() {
   const tick = async () => {
     fired("zombie_agent_reaper");
     try {
-      const { reapZombieAgentProcesses, createZombieAgentReaperRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { reapZombieAgentProcesses, createZombieAgentReaperRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = createZombieAgentReaperRealDeps();
       const reaped = reapZombieAgentProcesses(deps);
       if (reaped.length > 0) acted("zombie_agent_reaper");
@@ -2866,7 +2866,7 @@ function startWorktreeReaper() {
   const tick = async () => {
     fired("worktree_reaper");
     try {
-      const { reapOrphanedWorktrees, createWorktreeReaperRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { reapOrphanedWorktrees, createWorktreeReaperRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = await createWorktreeReaperRealDeps();
       const result = await reapOrphanedWorktrees(deps);
       if (result.pruned.length > 0) {
@@ -2915,7 +2915,7 @@ function startStuckTaskRelease() {
     if (!await ensureStoreForPolling()) return;
     try {
       const { getClient: getClient2 } = await import("./database.js");
-      const { releaseStuckTasks, createStuckTaskRealDeps } = await import("../daemon-orchestration-MLB3WJHB.js");
+      const { releaseStuckTasks, createStuckTaskRealDeps } = await import("../daemon-orchestration-N5GPEP4F.js");
       const deps = createStuckTaskRealDeps(getClient2);
       const released = await releaseStuckTasks(deps);
       if (released.length > 0) {

package/dist/mcp/register-tools.js

@@ -1,9 +1,9 @@
 import {
   registerAllTools
-} from "../chunk-2OX3F2UQ.js";
+} from "../chunk-4F4SOCKN.js";
 import "../chunk-PLNYW6PA.js";
 import "../chunk-AFJWUI3Y.js";
-import "../chunk-OK5U45GK.js";
+import "../chunk-7JCK6TXX.js";
 import "../chunk-GHCVD7WV.js";
 import "../chunk-WZTQUBIE.js";
 import "../chunk-KH5Y6RR4.js";

package/dist/mcp/server.js

@@ -3,7 +3,7 @@ import {
 } from "../chunk-V4TZI6EO.js";
 import {
   registerAllTools
-} from "../chunk-2OX3F2UQ.js";
+} from "../chunk-4F4SOCKN.js";
 import {
   initLicenseGate
 } from "../chunk-PLNYW6PA.js";
@@ -11,7 +11,7 @@ import {
   startToolTelemetryFlush,
   wrapServerWithTelemetry
 } from "../chunk-AFJWUI3Y.js";
-import "../chunk-OK5U45GK.js";
+import "../chunk-7JCK6TXX.js";
 import "../chunk-GHCVD7WV.js";
 import "../chunk-WZTQUBIE.js";
 import "../chunk-KH5Y6RR4.js";

package/dist/{stack-update-ODIHZZCZ.js → stack-update-PI2TWEGS.js}

@@ -20,7 +20,7 @@ import {
   runStackUpdate,
   verifyReleaseHealth,
   verifyStackManifestSignature
-} from "./chunk-MJYXPMPW.js";
+} from "./chunk-T5U27Y4H.js";
 import "./chunk-MVMMULOJ.js";
 import "./chunk-4GXRETYL.js";
 import "./chunk-LYH5HE24.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.196",
+  "version": "0.9.197",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",

package/release-notes.json

@@ -1,6 +1,206 @@
 {
-  "current": "0.9.162",
+  "current": "0.9.197",
   "notes": {
+    "0.9.197": {
+      "version": "0.9.197",
+      "date": "2026-06-02",
+      "features": [
+        "consolidate registry.askexe.com → update.askexe.com as primary registry (#51)",
+        "nginx /v2/ route for Docker registry proxy on update.askexe.com",
+        "consolidate registry into update.askexe.com — license key = pull auth",
+        "scale daemon heap to 25% of system RAM, support 10+ coordinators",
+        "add query expansion + benchmark results to retrieval platform procedure",
+        "3-mode BEAM benchmark — FTS vs FTS+Graph vs Hybrid",
+        "wire update.askexe.com — billing schema + non-fatal image credentials",
+        "add 'never defer' platform procedure — fix it now or assign it now",
+        "BEAM multi-tier support — 100K, 1M, 10M token scales",
+        "MemoryAgentBench harness — ICLR 2026 benchmark",
+        "support outbox flusher + list_tasks null fix + doctor outbox status",
+        "bug report outbox flusher — reports reach AskExe even when daemon is dead",
+        "add daily-summary CLI entry point + enable tsup build",
+        "add daemon observability platform procedure",
+        "add retrieval architecture platform procedure for 8-16GB machines",
+        "graceful shutdown warning via intercom 90s before idle kill",
+        "upload pre-update snapshot to R2 before every stack-update",
+        "encrypted daily VPS backups with R2 cloud upload",
+        "conversation history import — parser + MCP tool + CLI",
+        "add vps-backup + vps-health-gate scripts with stack-update integration",
+        "add update_bug_report + update_feature_request MCP tools",
+        "VPS guardrails — Postgres backup cron + post-deploy health gate",
+        "co-occurrence edges + graph backfill script",
+        "write-time entity/relationship extraction from memory text",
+        "parallel retrieval (FTS+graph+embed) with _source attribution"
+      ],
+      "fixes": [
+        "typecheck errors blocking publish — async embed alert + dead code cleanup",
+        "session TTL uses registry registeredAt instead of tmux session_created",
+        "CRM auth defaults + benchmark beam.ts updates",
+        "enable GoTrue email auth by default in setup template",
+        "intercom signal path in packaged source — ships to customers on npm install",
+        "intercom signal path + registry consolidated to update.askexe.com",
+        "4 customer P2 bugs — CLI passthrough + agent casing + clipboard (#50)",
+        "MCP pressure eviction evicts ONE session, not all",
+        "GHCR registry escape hatch + feature request 400 payload fix",
+        "WS client graceful failure on CF 1101 + capped backoff",
+        "3 of 4 customer P2 bugs — CLI passthrough + agent casing + clipboard",
+        "remove auto-close on session end (source persisted this time)",
+        "parallel Tom isolation — task-scoped branches + multi-instance task lookup",
+        "downgrade multi-coordinator hard-fail to warning",
+        "daemon RSS reconnect + review push notify + hot_entities timestamp",
+        "HYGO stack-update blockers — volume regex + memory_audit --fix",
+        "spawn CWD cross-project contamination + identity load ordering",
+        "MCP hot-reload checks agent context for COO role, not just env var",
+        "eliminate cross-session dispatch bug in create_task",
+        "bug/feature report upstream updates — PATCH→POST with action field",
+        "strip stale X-Exe-Session from global config + guard against re-adding",
+        "BEAM CLaRa — direct JSON response instead of tool_use, bump max_tokens",
+        "BEAM CLaRa benchmark — correct endpoint + configurable model",
+        "MCP session dedup false positive + BEAM CLaRa benchmark mode",
+        "prevent false-positive duplicate eviction for multi-coordinator sessions"
+      ],
+      "security": [
+        "fix shell injection, SSRF, socket leaks, backup validation",
+        "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
+        "fix 2 CRITICAL + 1 HIGH from post-fix audit",
+        "validate X-Agent-Role against roster — prevent privilege escalation",
+        "release: stack v0.9.8 — security hardening + Hygo bug fixes",
+        "add webhook HMAC-SHA256 validation + disable query param auth in prod",
+        "pin GitHub Actions to SHAs, update jose to 6.2.3",
+        "harden support intake against abuse and data leakage",
+        "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
+        "audit: pre-hygo exe-gateway security report",
+        "add SECURITY.md — trust document for pre-install security evaluation",
+        "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
+      ],
+      "other": [
+        "bump to 0.9.197 — TTL fix + registry consolidation + TS fixes",
+        "update all manifest images to update.askexe.com + compose + beam tuning",
+        "bump to 0.9.196",
+        "bump to 0.9.195",
+        "bump to 0.9.194",
+        "bump to 0.9.193",
+        "bump to 0.9.192",
+        "bump to 0.9.191",
+        "bump to 0.9.189",
+        "bump to 0.9.188 — HYGO stack-update blockers fixed",
+        "bump to 0.9.187",
+        "bump to 0.9.186 — cross-session dispatch fix",
+        "release: bump exe-os image to v0.9.185 in stack manifest",
+        "bump to 0.9.185",
+        "bump to 0.9.184",
+        "bump to 0.9.183",
+        "bump to 0.9.181 — BEAM 3-mode + query expansion",
+        "bump to 0.9.180 — complete worktree isolation",
+        "bump to 0.9.179",
+        "bump to 0.9.178 — Bob's null fixes merged",
+        "bump to 0.9.177",
+        "bump to 0.9.176",
+        "bump to 0.9.175",
+        "bump to 0.9.174 — Bob's daemon hardening merged",
+        "bump to 0.9.173"
+      ],
+      "migration_notes": []
+    },
+    "0.9.196": {
+      "version": "0.9.196",
+      "date": "2026-06-02",
+      "features": [
+        "consolidate registry.askexe.com → update.askexe.com as primary registry (#51)",
+        "nginx /v2/ route for Docker registry proxy on update.askexe.com",
+        "consolidate registry into update.askexe.com — license key = pull auth",
+        "scale daemon heap to 25% of system RAM, support 10+ coordinators",
+        "add query expansion + benchmark results to retrieval platform procedure",
+        "3-mode BEAM benchmark — FTS vs FTS+Graph vs Hybrid",
+        "wire update.askexe.com — billing schema + non-fatal image credentials",
+        "add 'never defer' platform procedure — fix it now or assign it now",
+        "BEAM multi-tier support — 100K, 1M, 10M token scales",
+        "MemoryAgentBench harness — ICLR 2026 benchmark",
+        "support outbox flusher + list_tasks null fix + doctor outbox status",
+        "bug report outbox flusher — reports reach AskExe even when daemon is dead",
+        "add daily-summary CLI entry point + enable tsup build",
+        "add daemon observability platform procedure",
+        "add retrieval architecture platform procedure for 8-16GB machines",
+        "graceful shutdown warning via intercom 90s before idle kill",
+        "upload pre-update snapshot to R2 before every stack-update",
+        "encrypted daily VPS backups with R2 cloud upload",
+        "conversation history import — parser + MCP tool + CLI",
+        "add vps-backup + vps-health-gate scripts with stack-update integration",
+        "add update_bug_report + update_feature_request MCP tools",
+        "VPS guardrails — Postgres backup cron + post-deploy health gate",
+        "co-occurrence edges + graph backfill script",
+        "write-time entity/relationship extraction from memory text",
+        "parallel retrieval (FTS+graph+embed) with _source attribution"
+      ],
+      "fixes": [
+        "typecheck errors blocking publish — async embed alert + dead code cleanup",
+        "session TTL uses registry registeredAt instead of tmux session_created",
+        "CRM auth defaults + benchmark beam.ts updates",
+        "enable GoTrue email auth by default in setup template",
+        "intercom signal path in packaged source — ships to customers on npm install",
+        "intercom signal path + registry consolidated to update.askexe.com",
+        "4 customer P2 bugs — CLI passthrough + agent casing + clipboard (#50)",
+        "MCP pressure eviction evicts ONE session, not all",
+        "GHCR registry escape hatch + feature request 400 payload fix",
+        "WS client graceful failure on CF 1101 + capped backoff",
+        "3 of 4 customer P2 bugs — CLI passthrough + agent casing + clipboard",
+        "remove auto-close on session end (source persisted this time)",
+        "parallel Tom isolation — task-scoped branches + multi-instance task lookup",
+        "downgrade multi-coordinator hard-fail to warning",
+        "daemon RSS reconnect + review push notify + hot_entities timestamp",
+        "HYGO stack-update blockers — volume regex + memory_audit --fix",
+        "spawn CWD cross-project contamination + identity load ordering",
+        "MCP hot-reload checks agent context for COO role, not just env var",
+        "eliminate cross-session dispatch bug in create_task",
+        "bug/feature report upstream updates — PATCH→POST with action field",
+        "strip stale X-Exe-Session from global config + guard against re-adding",
+        "BEAM CLaRa — direct JSON response instead of tool_use, bump max_tokens",
+        "BEAM CLaRa benchmark — correct endpoint + configurable model",
+        "MCP session dedup false positive + BEAM CLaRa benchmark mode",
+        "prevent false-positive duplicate eviction for multi-coordinator sessions"
+      ],
+      "security": [
+        "fix shell injection, SSRF, socket leaks, backup validation",
+        "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
+        "fix 2 CRITICAL + 1 HIGH from post-fix audit",
+        "validate X-Agent-Role against roster — prevent privilege escalation",
+        "release: stack v0.9.8 — security hardening + Hygo bug fixes",
+        "add webhook HMAC-SHA256 validation + disable query param auth in prod",
+        "pin GitHub Actions to SHAs, update jose to 6.2.3",
+        "harden support intake against abuse and data leakage",
+        "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
+        "audit: pre-hygo exe-gateway security report",
+        "add SECURITY.md — trust document for pre-install security evaluation",
+        "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
+      ],
+      "other": [
+        "update all manifest images to update.askexe.com + compose + beam tuning",
+        "bump to 0.9.196",
+        "bump to 0.9.195",
+        "bump to 0.9.194",
+        "bump to 0.9.193",
+        "bump to 0.9.192",
+        "bump to 0.9.191",
+        "bump to 0.9.189",
+        "bump to 0.9.188 — HYGO stack-update blockers fixed",
+        "bump to 0.9.187",
+        "bump to 0.9.186 — cross-session dispatch fix",
+        "release: bump exe-os image to v0.9.185 in stack manifest",
+        "bump to 0.9.185",
+        "bump to 0.9.184",
+        "bump to 0.9.183",
+        "bump to 0.9.181 — BEAM 3-mode + query expansion",
+        "bump to 0.9.180 — complete worktree isolation",
+        "bump to 0.9.179",
+        "bump to 0.9.178 — Bob's null fixes merged",
+        "bump to 0.9.177",
+        "bump to 0.9.176",
+        "bump to 0.9.175",
+        "bump to 0.9.174 — Bob's daemon hardening merged",
+        "bump to 0.9.173",
+        "bump to 0.9.172"
+      ],
+      "migration_notes": []
+    },
     "0.9.162": {
       "version": "0.9.162",
       "date": "2026-06-02",
@@ -309,212 +509,6 @@
         "If daemon goes down, agents will now fail instead of silently",
         "exe-daemon.ts kills old embed.pid process and cleans up"
       ]
-    },
-    "0.9.158": {
-      "version": "0.9.158",
-      "date": "2026-05-28",
-      "features": [
-        "stack manifest 0.9.10 — all new images for customer deployment",
-        "update safety + portable backups + restore",
-        "complete deployment readiness — all 14 second-pass blind spots fixed",
-        "production-ready stack — all 15 blind spots fixed",
-        "blocked task notification — ping dispatcher immediately on status change",
-        "self-improving skills — usage tracking, success counting, and refinement daemon",
-        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
-        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
-        "run database migrations before container swap in stack-update",
-        "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
-        "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
-        "federated recall — code_context + graph fallback when memory results weak",
-        "migrate cloud.askexe.com → api.askexe.com across all src/ defaults",
-        "rolling restart in stack-update — one service at a time with health verification",
-        "DMR benchmark harness + LoCoMo improvements for v0.9.145 evaluation",
-        "Windows/WSL support — WezTerm config + WSL detection in setup wizard",
-        "queryTaskRows() consolidation — single scoped query path for all task list operations",
-        "review signal files — reliable reviewer notification on update_task(done)",
-        "Ghostty-native notifications via OSC 9 — no more Script Editor popup",
-        "device-scoped behaviors — device_id column + filter in loading",
-        "dispatch reliability — 45s boot timeout, dispatch ack signals, agent heartbeat",
-        "setup wizard headless mode + daemon health check after restart",
-        "device-scoped behaviors — add device_id column + filter on load",
-        "gateway prompt injection defense — 3-tier security hardening",
-        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs"
-      ],
-      "fixes": [
-        "support API — verified encrypted bug reports work (HTTP 201)",
-        "support API accepts encrypted bug reports — prevents HTTP 400",
-        "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
-        "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
-        "add scope import to prompt-submit — gate pass",
-        "add writeFileSync import to config.ts",
-        "persist cloud endpoint migration to config.json — stop logging on every boot",
-        "include memory_type in pushToPostgres metadata — was stripped on sync",
-        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
-        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
-        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
-        "session isolation for tmux kill — block cross-scope session kills",
-        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
-        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
-        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
-        "include memory_type in cloud sync push/pull + fix backfill re-sync",
-        "session-scope signal file system — prevent cross-session task/review bleed",
-        "session-scope notification routing — use row.session_scope over ambient",
-        "daemon NEVER guesses session from tmux — header-only routing",
-        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
-        "federated recall always searches code_context + graph — count threshold was useless",
-        "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
-        "ONE postgres — replace crm-postgres with exe-db across entire stack",
-        "smart session-scoping gate + last boot cleanup leak + triage_bug docs",
-        "add shipped_version to support triage + clean platform procedures"
-      ],
-      "security": [
-        "fix shell injection, SSRF, socket leaks, backup validation",
-        "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
-        "fix 2 CRITICAL + 1 HIGH from post-fix audit",
-        "validate X-Agent-Role against roster — prevent privilege escalation",
-        "release: stack v0.9.8 — security hardening + Hygo bug fixes",
-        "add webhook HMAC-SHA256 validation + disable query param auth in prod",
-        "pin GitHub Actions to SHAs, update jose to 6.2.3",
-        "harden support intake against abuse and data leakage",
-        "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
-        "audit: pre-hygo exe-gateway security report",
-        "add SECURITY.md — trust document for pre-install security evaluation",
-        "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
-      ],
-      "other": [
-        "rename memory schema → graph across codebase",
-        "unified access control — admin token + GoTrue across all services",
-        "capture data pipeline spec — raw → filter → wiki + CRM projection",
-        "bump to v0.9.149 — task lifecycle simplification + review notification fix",
-        "capture gateway connection observability requirements (2026-05-28)",
-        "bump to v0.9.146 for publish",
-        "Windows support architecture — WezTerm + WSL decision (2026-05-27)",
-        "Merge branch 'tom4-work' — device-scoped behaviors + push-notification fix",
-        "bump to v0.9.145 for publish",
-        "revert: keep workflow files unchanged — GitHub OAuth blocks workflow scope",
-        "stage remaining Yoshi fixes — features + bug cleanup",
-        "add tests for daemon restart orchestrator module",
-        "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
-        "add MCP tool tests for message, cloud-sync, and file-copy",
-        "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
-        "Recover MCP sessions after daemon restart",
-        "publish v0.9.143 — all fixes live",
-        "publish v0.9.142",
-        "publish v0.9.141",
-        "ops: journalctl rotation + certbot expiry alerting",
-        "revert: daemon heap back to 33% of RAM — no artificial cap",
-        "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
-        "PG-1 cross-repo entity federation design document",
-        "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
-      ],
-      "migration_notes": [
-        "If daemon goes down, agents will now fail instead of silently",
-        "exe-daemon.ts kills old embed.pid process and cleans up"
-      ]
-    },
-    "0.9.157": {
-      "version": "0.9.157",
-      "date": "2026-05-28",
-      "features": [
-        "update safety + portable backups + restore",
-        "complete deployment readiness — all 14 second-pass blind spots fixed",
-        "production-ready stack — all 15 blind spots fixed",
-        "blocked task notification — ping dispatcher immediately on status change",
-        "self-improving skills — usage tracking, success counting, and refinement daemon",
-        "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
-        "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
-        "run database migrations before container swap in stack-update",
-        "graph auto-extract from ARCHITECTURE.md — regex-based entity/relationship extraction",
-        "migrate cloud.askexe.com → api.askexe.com as canonical endpoint",
-        "federated recall — code_context + graph fallback when memory results weak",
-        "migrate cloud.askexe.com → api.askexe.com across all src/ defaults",
-        "rolling restart in stack-update — one service at a time with health verification",
-        "DMR benchmark harness + LoCoMo improvements for v0.9.145 evaluation",
-        "Windows/WSL support — WezTerm config + WSL detection in setup wizard",
-        "queryTaskRows() consolidation — single scoped query path for all task list operations",
-        "review signal files — reliable reviewer notification on update_task(done)",
-        "Ghostty-native notifications via OSC 9 — no more Script Editor popup",
-        "device-scoped behaviors — device_id column + filter in loading",
-        "dispatch reliability — 45s boot timeout, dispatch ack signals, agent heartbeat",
-        "setup wizard headless mode + daemon health check after restart",
-        "device-scoped behaviors — add device_id column + filter on load",
-        "gateway prompt injection defense — 3-tier security hardening",
-        "add diagnostics(action=\"merge_agent_memories\") for reassigning memories across agent IDs",
-        "add task dependency tree visualization (action=dependency_tree)"
-      ],
-      "fixes": [
-        "add scope import to prompt-submit — gate pass",
-        "add writeFileSync import to config.ts",
-        "persist cloud endpoint migration to config.json — stop logging on every boot",
-        "include memory_type in pushToPostgres metadata — was stripped on sync",
-        "add scope import to daemon-orchestration — satisfies customer-readiness gate",
-        "skill-refinement.ts — correct writeMemory field names + updateIdentity 3rd arg",
-        "make skill lifecycle fields optional on Behavior interface — unblocks publish",
-        "session isolation for tmux kill — block cross-scope session kills",
-        "session-scope daemon, push, capacity, and cleanup (P0 #7-#13)",
-        "add memory_type to crdt-sync MemoryRecord interface — unblocks publish",
-        "session-scope daemon, push, capacity, cleanup (P0 #7-#9, #13)",
-        "include memory_type in cloud sync push/pull + fix backfill re-sync",
-        "session-scope signal file system — prevent cross-session task/review bleed",
-        "session-scope notification routing — use row.session_scope over ambient",
-        "daemon NEVER guesses session from tmux — header-only routing",
-        "3 daemon bugs — context-full TTL override, API watchdog kill-after-3, idle-kill verify",
-        "federated recall always searches code_context + graph — count threshold was useless",
-        "make cross-repo guardrail task-aware — allow multi-repo work when task scope permits",
-        "ONE postgres — replace crm-postgres with exe-db across entire stack",
-        "smart session-scoping gate + last boot cleanup leak + triage_bug docs",
-        "add shipped_version to support triage + clean platform procedures",
-        "close remaining session-scoping findings from Bob's audit",
-        "close 3 more session-scoping leaks from Bob's audit (LEAK-4, LEAK-7, LEAK-8)",
-        "diagnostics check_update ENOENT + healthcheck timeout",
-        "close 8 session-scoping leaks — daemon ALS trust + review cleanup + close-task + inbox"
-      ],
-      "security": [
-        "fix shell injection, SSRF, socket leaks, backup validation",
-        "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
-        "fix 2 CRITICAL + 1 HIGH from post-fix audit",
-        "validate X-Agent-Role against roster — prevent privilege escalation",
-        "release: stack v0.9.8 — security hardening + Hygo bug fixes",
-        "add webhook HMAC-SHA256 validation + disable query param auth in prod",
-        "pin GitHub Actions to SHAs, update jose to 6.2.3",
-        "harden support intake against abuse and data leakage",
-        "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
-        "audit: pre-hygo exe-gateway security report",
-        "add SECURITY.md — trust document for pre-install security evaluation",
-        "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
-      ],
-      "other": [
-        "rename memory schema → graph across codebase",
-        "unified access control — admin token + GoTrue across all services",
-        "capture data pipeline spec — raw → filter → wiki + CRM projection",
-        "bump to v0.9.149 — task lifecycle simplification + review notification fix",
-        "capture gateway connection observability requirements (2026-05-28)",
-        "bump to v0.9.146 for publish",
-        "Windows support architecture — WezTerm + WSL decision (2026-05-27)",
-        "Merge branch 'tom4-work' — device-scoped behaviors + push-notification fix",
-        "bump to v0.9.145 for publish",
-        "revert: keep workflow files unchanged — GitHub OAuth blocks workflow scope",
-        "stage remaining Yoshi fixes — features + bug cleanup",
-        "add tests for daemon restart orchestrator module",
-        "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
-        "add MCP tool tests for message, cloud-sync, and file-copy",
-        "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
-        "Recover MCP sessions after daemon restart",
-        "publish v0.9.143 — all fixes live",
-        "publish v0.9.142",
-        "publish v0.9.141",
-        "ops: journalctl rotation + certbot expiry alerting",
-        "revert: daemon heap back to 33% of RAM — no artificial cap",
-        "v0.9.140 publish + heap cap 4GB (was 33% unbounded)",
-        "PG-1 cross-repo entity federation design document",
-        "add lint step + automated npm publish workflow",
-        "audit: scoped SQL + package budget + TUI vendored + TODO classification"
-      ],
-      "migration_notes": [
-        "If daemon goes down, agents will now fail instead of silently",
-        "exe-daemon.ts kills old embed.pid process and cleans up"
-      ]
     }
   }
 }