@askexenow/exe-os 0.9.197 → 0.9.199

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (156) hide show
  1. package/deploy/compose/cloudflared/config.yml.example +3 -0
  2. package/deploy/compose/docker-compose.yml +2 -2
  3. package/deploy/compose/init-db.sql +4 -0
  4. package/deploy/stack-manifests/v0.9.json +10 -5
  5. package/dist/{backfill-metadata-KYCN4I7C.js → backfill-metadata-RL7T4XGY.js} +1 -1
  6. package/dist/bin/agentic-ontology-backfill.js +1 -1
  7. package/dist/bin/agentic-reflection-backfill.js +1 -1
  8. package/dist/bin/agentic-semantic-label.js +1 -1
  9. package/dist/bin/backfill-conversations.js +1 -1
  10. package/dist/bin/backfill-responses.js +1 -1
  11. package/dist/bin/backfill-vectors.js +2 -2
  12. package/dist/bin/bulk-sync-postgres.js +1 -1
  13. package/dist/bin/cleanup-stale-review-tasks.js +2 -2
  14. package/dist/bin/cli.js +10 -10
  15. package/dist/bin/exe-agent.js +8 -8
  16. package/dist/bin/exe-assign.js +1 -1
  17. package/dist/bin/exe-boot.js +4 -4
  18. package/dist/bin/exe-call.js +1 -1
  19. package/dist/bin/exe-dispatch.js +2 -2
  20. package/dist/bin/exe-doctor.js +1 -1
  21. package/dist/bin/exe-export-behaviors.js +2 -2
  22. package/dist/bin/exe-forget.js +3 -3
  23. package/dist/bin/exe-gateway.js +4 -4
  24. package/dist/bin/exe-heartbeat.js +2 -2
  25. package/dist/bin/exe-kill.js +3 -3
  26. package/dist/bin/exe-launch-agent.js +3 -9
  27. package/dist/bin/exe-new-employee.js +2 -2
  28. package/dist/bin/exe-pending-messages.js +3 -3
  29. package/dist/bin/exe-pending-notifications.js +2 -2
  30. package/dist/bin/exe-pending-reviews.js +2 -2
  31. package/dist/bin/exe-rename.js +1 -1
  32. package/dist/bin/exe-review.js +3 -3
  33. package/dist/bin/exe-search.js +2 -2
  34. package/dist/bin/exe-session-cleanup.js +5 -5
  35. package/dist/bin/exe-start-codex.js +2 -2
  36. package/dist/bin/exe-start-opencode.js +2 -2
  37. package/dist/bin/exe-status.js +3 -3
  38. package/dist/bin/exe-team.js +1 -1
  39. package/dist/bin/generate-hook-manifest.js +30 -0
  40. package/dist/bin/git-sweep.js +2 -2
  41. package/dist/bin/graph-backfill.js +1 -1
  42. package/dist/bin/graph-export.js +2 -2
  43. package/dist/bin/import-history.js +1 -1
  44. package/dist/bin/install.js +3 -3
  45. package/dist/bin/intercom-check.js +3 -3
  46. package/dist/bin/scan-tasks.js +2 -2
  47. package/dist/bin/setup.js +1 -1
  48. package/dist/bin/shard-migrate.js +1 -1
  49. package/dist/bin/stack-update.js +1 -1
  50. package/dist/bin/vps-health-gate.js +1 -1
  51. package/dist/browser-sanitizer-Q3GWRYKI.js +229 -0
  52. package/dist/browser-session-store-TSD4PCY7.js +232 -0
  53. package/dist/{capacity-monitor-H7D43IUQ.js → capacity-monitor-2TRPP3AX.js} +2 -2
  54. package/dist/{catchup-brief-PTVQRBQK.js → catchup-brief-74ORL525.js} +3 -3
  55. package/dist/{chunk-BM4X3WHU.js → chunk-2DWKMJPE.js} +1 -1
  56. package/dist/{chunk-EMUQSTJL.js → chunk-2HEXCZGP.js} +1 -1
  57. package/dist/{chunk-HX4ULQ3E.js → chunk-5YVGHP2B.js} +11 -11
  58. package/dist/{chunk-5RT7IBY4.js → chunk-6BJ5GZD4.js} +3 -3
  59. package/dist/{chunk-BUN6JIDP.js → chunk-ACOQS4ZL.js} +1 -1
  60. package/dist/{chunk-HH4UGDJH.js → chunk-CGAYSKQF.js} +2 -2
  61. package/dist/{chunk-ADI4Z63O.js → chunk-DNEOEKWA.js} +2 -2
  62. package/dist/{chunk-7JCK6TXX.js → chunk-FDD7KX7Q.js} +39 -3
  63. package/dist/{chunk-7AJST6LP.js → chunk-FXVTLBBA.js} +1 -1
  64. package/dist/{chunk-CGDA6NJI.js → chunk-IFFVONU6.js} +1 -1
  65. package/dist/{chunk-VGBQKQHJ.js → chunk-JDGCEOT4.js} +1 -1
  66. package/dist/{chunk-2EVDBTCZ.js → chunk-JDHB6I4O.js} +1 -1
  67. package/dist/{chunk-FL4PEEWL.js → chunk-JQLWMZZJ.js} +1 -1
  68. package/dist/{chunk-4F4SOCKN.js → chunk-JRLSQFIE.js} +44 -44
  69. package/dist/{chunk-34ENR4JM.js → chunk-KRYEHI4V.js} +2 -2
  70. package/dist/{chunk-T5U27Y4H.js → chunk-M7NGABPF.js} +5 -5
  71. package/dist/{chunk-WP6P3LSI.js → chunk-MABQMUCQ.js} +9 -26
  72. package/dist/chunk-MNNWWEVJ.js +58 -0
  73. package/dist/{chunk-LLEB3QLI.js → chunk-MWGAC2ER.js} +1 -1
  74. package/dist/{chunk-UTDZUTRN.js → chunk-OF6TXNOC.js} +1 -1
  75. package/dist/{chunk-HH2QED73.js → chunk-OYU7TCBG.js} +1 -1
  76. package/dist/{chunk-UTUYZCQA.js → chunk-PHIQW2IU.js} +3 -3
  77. package/dist/{chunk-FXYOH3NG.js → chunk-RUKOGGQG.js} +1 -1
  78. package/dist/{chunk-FC3U23FN.js → chunk-WSYFZZCP.js} +2 -2
  79. package/dist/{chunk-QCNSCSCH.js → chunk-YZIUQ77U.js} +2 -2
  80. package/dist/{chunk-IUC2332K.js → chunk-ZAF4GJTD.js} +4 -4
  81. package/dist/{chunk-Q4WJJBOP.js → chunk-ZLP5TNRU.js} +1 -1
  82. package/dist/{crm-webhook-LRLN55LB.js → crm-webhook-OFWPEK33.js} +2 -2
  83. package/dist/{cto-delegation-gate-2FZN5SUY.js → cto-delegation-gate-7PGS5IN4.js} +1 -1
  84. package/dist/{daemon-orchestration-N5GPEP4F.js → daemon-orchestration-MP3PPX7Q.js} +3 -3
  85. package/dist/{exe-export-4ZJTQRRE.js → exe-export-QMGWH3PL.js} +1 -1
  86. package/dist/{exe-import-JI3FTSWZ.js → exe-import-7NNKSCKI.js} +1 -1
  87. package/dist/{fast-db-init-URP3KJAE.js → fast-db-init-DAZZ7ZUP.js} +1 -1
  88. package/dist/gateway/index.js +5 -5
  89. package/dist/{git-task-sweep-GPPNL2DK.js → git-task-sweep-SLANXCSW.js} +2 -2
  90. package/dist/hooks/bug-report-worker.js +3 -3
  91. package/dist/hooks/codex-stop-task-finalizer.js +3 -3
  92. package/dist/hooks/commit-complete.js +4 -4
  93. package/dist/hooks/error-recall.js +2 -2
  94. package/dist/hooks/ingest.js +2 -2
  95. package/dist/hooks/instructions-loaded.js +1 -1
  96. package/dist/hooks/manifest.json +25 -0
  97. package/dist/hooks/notification.js +1 -1
  98. package/dist/hooks/post-compact.js +2 -2
  99. package/dist/hooks/post-tool-combined.js +2 -2
  100. package/dist/hooks/pre-compact.js +3 -3
  101. package/dist/hooks/pre-tool-use.js +6 -6
  102. package/dist/hooks/prompt-submit.js +8 -8
  103. package/dist/hooks/session-end.js +18 -10
  104. package/dist/hooks/session-start.js +17 -4
  105. package/dist/hooks/stop.js +5 -5
  106. package/dist/hooks/subagent-stop.js +2 -2
  107. package/dist/hooks/summary-worker.js +5 -5
  108. package/dist/index.js +10 -10
  109. package/dist/{installer-4SH2HTIU.js → installer-CWKEI7SE.js} +2 -2
  110. package/dist/{installer-BTOQSNZI.js → installer-DWVZFKAH.js} +4 -4
  111. package/dist/{installer-MWOEIXKV.js → installer-GSA2KOSE.js} +2 -2
  112. package/dist/lib/consolidation.js +2 -2
  113. package/dist/lib/embed-worker.js +81 -14
  114. package/dist/lib/employee-templates.js +1 -1
  115. package/dist/lib/exe-daemon.js +121 -69
  116. package/dist/lib/hybrid-search.js +2 -2
  117. package/dist/lib/messaging.js +2 -2
  118. package/dist/lib/schedules.js +2 -2
  119. package/dist/lib/store.js +1 -1
  120. package/dist/lib/tasks.js +2 -2
  121. package/dist/lib/tmux-routing.js +1 -1
  122. package/dist/mcp/register-tools.js +26 -26
  123. package/dist/mcp/server.js +29 -29
  124. package/dist/mcp/tools/create-task.js +3 -3
  125. package/dist/mcp/tools/list-tasks.js +3 -3
  126. package/dist/mcp/tools/send-message.js +3 -3
  127. package/dist/mcp/tools/update-task.js +3 -3
  128. package/dist/{notifications-GENT3AWZ.js → notifications-WYNI5OG6.js} +1 -1
  129. package/dist/{orchestrator-A72IFTWK.js → orchestrator-FRFCMLW3.js} +2 -2
  130. package/dist/{reranker-JJRY3V3V.js → reranker-2ZWUZRUF.js} +1 -1
  131. package/dist/{review-polling-UJ4P3BIG.js → review-polling-ADP5YFHW.js} +2 -2
  132. package/dist/runtime/index.js +11 -11
  133. package/dist/{session-events-GWEVYXPJ.js → session-events-JA3MCMZK.js} +2 -2
  134. package/dist/{session-scope-DKE6OPV5.js → session-scope-LXQKQDIS.js} +1 -1
  135. package/dist/{setup-wizard-B4WDA4KT.js → setup-wizard-GRR4F4TX.js} +1 -1
  136. package/dist/{stack-update-PI2TWEGS.js → stack-update-C4BAPLXJ.js} +1 -1
  137. package/dist/{task-enforcement-QYS2QEEO.js → task-enforcement-KSLBFILH.js} +1 -1
  138. package/dist/{task-scope-OS66ZD7O.js → task-scope-AI62AIPT.js} +1 -1
  139. package/dist/{tasks-crud-DJH4NZC2.js → tasks-crud-IEOK55IV.js} +1 -1
  140. package/dist/{tasks-review-Z6PA4AF5.js → tasks-review-ID7V6RSR.js} +1 -1
  141. package/dist/tui/App.js +8 -8
  142. package/dist/{tui-data-JI4URSHX.js → tui-data-HIFVW2PE.js} +1 -1
  143. package/dist/{worker-gate-DIILYSRZ.js → worker-gate-F3L7XDMJ.js} +1 -1
  144. package/dist/{workflow-engine-PJ5YSMRL.js → workflow-engine-H5KTDDJG.js} +2 -2
  145. package/package.json +3 -3
  146. package/release-notes.json +201 -207
  147. package/dist/chunk-WZTQUBIE.js +0 -125
  148. package/dist/{chunk-42QSXHKN.js → chunk-4X7CMJDN.js} +0 -0
  149. package/dist/{chunk-ZGPURQ4J.js → chunk-54MZI4PK.js} +0 -0
  150. package/dist/{chunk-TF2BZTXF.js → chunk-7WUBXLK2.js} +3 -3
  151. /package/dist/{chunk-SSRRHKIO.js → chunk-MQLMIY6U.js} +0 -0
  152. /package/dist/{chunk-M4UP7VWO.js → chunk-NF4AEKQK.js} +0 -0
  153. /package/dist/{chunk-LZU4HY4C.js → chunk-XNXTN5XZ.js} +0 -0
  154. /package/dist/{core-memory-UHWYIN2A.js → core-memory-VQKCHGFX.js} +0 -0
  155. /package/dist/{exe-key-4EUOGKBN.js → exe-key-QZ5GWV6D.js} +0 -0
  156. /package/dist/{skill-refinement-2U2UCV2H.js → skill-refinement-3UVLBCZD.js} +0 -0
@@ -1,6 +1,206 @@
1
1
  {
2
- "current": "0.9.197",
2
+ "current": "0.9.199",
3
3
  "notes": {
4
+ "0.9.199": {
5
+ "version": "0.9.199",
6
+ "date": "2026-06-02",
7
+ "features": [
8
+ "browser prompt injection defense + persistent cookie jar",
9
+ "wire exe-erp into VPS stack (init-db, cloudflared, manifest, docs)",
10
+ "consolidate registry.askexe.com → update.askexe.com as primary registry (#51)",
11
+ "nginx /v2/ route for Docker registry proxy on update.askexe.com",
12
+ "consolidate registry into update.askexe.com — license key = pull auth",
13
+ "scale daemon heap to 25% of system RAM, support 10+ coordinators",
14
+ "add query expansion + benchmark results to retrieval platform procedure",
15
+ "3-mode BEAM benchmark — FTS vs FTS+Graph vs Hybrid",
16
+ "wire update.askexe.com — billing schema + non-fatal image credentials",
17
+ "add 'never defer' platform procedure — fix it now or assign it now",
18
+ "BEAM multi-tier support — 100K, 1M, 10M token scales",
19
+ "MemoryAgentBench harness — ICLR 2026 benchmark",
20
+ "support outbox flusher + list_tasks null fix + doctor outbox status",
21
+ "bug report outbox flusher — reports reach AskExe even when daemon is dead",
22
+ "add daily-summary CLI entry point + enable tsup build",
23
+ "add daemon observability platform procedure",
24
+ "add retrieval architecture platform procedure for 8-16GB machines",
25
+ "graceful shutdown warning via intercom 90s before idle kill",
26
+ "upload pre-update snapshot to R2 before every stack-update",
27
+ "encrypted daily VPS backups with R2 cloud upload",
28
+ "conversation history import — parser + MCP tool + CLI",
29
+ "add vps-backup + vps-health-gate scripts with stack-update integration",
30
+ "add update_bug_report + update_feature_request MCP tools",
31
+ "VPS guardrails — Postgres backup cron + post-deploy health gate",
32
+ "co-occurrence edges + graph backfill script"
33
+ ],
34
+ "fixes": [
35
+ "add generate-hook-manifest to tsup entries — unblocks publish gate",
36
+ "remove unused cleanupExpiredJars import — fixes TS6133 blocking publish",
37
+ "remove dead actualRuntime variable — fixes TS6133 blocking publish",
38
+ "isolate Metal/GPU ops in worker process — reranker dispose crash was killing daemon",
39
+ "remove remaining /exe-intercom invocations + update tests",
40
+ "replace /exe-intercom skill invocation with plain text prompt",
41
+ "remove ALL --strict-mcp-config usage — was blocking /exe-intercom in session MCP config too",
42
+ "tsup outputs to dist directly — kill dist-next migration shim",
43
+ "drop --strict-mcp-config from lean MCP — was blocking skill loading (/exe-intercom)",
44
+ "zombie agent reaper never kills coordinator/exe session processes",
45
+ "typecheck errors blocking publish — async embed alert + dead code cleanup",
46
+ "session TTL uses registry registeredAt instead of tmux session_created",
47
+ "CRM auth defaults + benchmark beam.ts updates",
48
+ "enable GoTrue email auth by default in setup template",
49
+ "intercom signal path in packaged source — ships to customers on npm install",
50
+ "intercom signal path + registry consolidated to update.askexe.com",
51
+ "4 customer P2 bugs — CLI passthrough + agent casing + clipboard (#50)",
52
+ "MCP pressure eviction evicts ONE session, not all",
53
+ "GHCR registry escape hatch + feature request 400 payload fix",
54
+ "WS client graceful failure on CF 1101 + capped backoff",
55
+ "3 of 4 customer P2 bugs — CLI passthrough + agent casing + clipboard",
56
+ "remove auto-close on session end (source persisted this time)",
57
+ "parallel Tom isolation — task-scoped branches + multi-instance task lookup",
58
+ "downgrade multi-coordinator hard-fail to warning",
59
+ "daemon RSS reconnect + review push notify + hot_entities timestamp"
60
+ ],
61
+ "security": [
62
+ "fix shell injection, SSRF, socket leaks, backup validation",
63
+ "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
64
+ "fix 2 CRITICAL + 1 HIGH from post-fix audit",
65
+ "validate X-Agent-Role against roster — prevent privilege escalation",
66
+ "release: stack v0.9.8 — security hardening + Hygo bug fixes",
67
+ "add webhook HMAC-SHA256 validation + disable query param auth in prod",
68
+ "pin GitHub Actions to SHAs, update jose to 6.2.3",
69
+ "harden support intake against abuse and data leakage",
70
+ "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
71
+ "audit: pre-hygo exe-gateway security report",
72
+ "add SECURITY.md — trust document for pre-install security evaluation",
73
+ "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
74
+ ],
75
+ "other": [
76
+ "bump to v0.9.199",
77
+ "remove registry.askexe.com references — fully consolidated to update.askexe.com",
78
+ "bump to 0.9.198 — coordinator reaper guard",
79
+ "bump to 0.9.197 — TTL fix + registry consolidation + TS fixes",
80
+ "update all manifest images to update.askexe.com + compose + beam tuning",
81
+ "bump to 0.9.196",
82
+ "bump to 0.9.195",
83
+ "bump to 0.9.194",
84
+ "bump to 0.9.193",
85
+ "bump to 0.9.192",
86
+ "bump to 0.9.191",
87
+ "bump to 0.9.189",
88
+ "bump to 0.9.188 — HYGO stack-update blockers fixed",
89
+ "bump to 0.9.187",
90
+ "bump to 0.9.186 — cross-session dispatch fix",
91
+ "release: bump exe-os image to v0.9.185 in stack manifest",
92
+ "bump to 0.9.185",
93
+ "bump to 0.9.184",
94
+ "bump to 0.9.183",
95
+ "bump to 0.9.181 — BEAM 3-mode + query expansion",
96
+ "bump to 0.9.180 — complete worktree isolation",
97
+ "bump to 0.9.179",
98
+ "bump to 0.9.178 — Bob's null fixes merged",
99
+ "bump to 0.9.177",
100
+ "bump to 0.9.176"
101
+ ],
102
+ "migration_notes": []
103
+ },
104
+ "0.9.198": {
105
+ "version": "0.9.198",
106
+ "date": "2026-06-02",
107
+ "features": [
108
+ "browser prompt injection defense + persistent cookie jar",
109
+ "wire exe-erp into VPS stack (init-db, cloudflared, manifest, docs)",
110
+ "consolidate registry.askexe.com → update.askexe.com as primary registry (#51)",
111
+ "nginx /v2/ route for Docker registry proxy on update.askexe.com",
112
+ "consolidate registry into update.askexe.com — license key = pull auth",
113
+ "scale daemon heap to 25% of system RAM, support 10+ coordinators",
114
+ "add query expansion + benchmark results to retrieval platform procedure",
115
+ "3-mode BEAM benchmark — FTS vs FTS+Graph vs Hybrid",
116
+ "wire update.askexe.com — billing schema + non-fatal image credentials",
117
+ "add 'never defer' platform procedure — fix it now or assign it now",
118
+ "BEAM multi-tier support — 100K, 1M, 10M token scales",
119
+ "MemoryAgentBench harness — ICLR 2026 benchmark",
120
+ "support outbox flusher + list_tasks null fix + doctor outbox status",
121
+ "bug report outbox flusher — reports reach AskExe even when daemon is dead",
122
+ "add daily-summary CLI entry point + enable tsup build",
123
+ "add daemon observability platform procedure",
124
+ "add retrieval architecture platform procedure for 8-16GB machines",
125
+ "graceful shutdown warning via intercom 90s before idle kill",
126
+ "upload pre-update snapshot to R2 before every stack-update",
127
+ "encrypted daily VPS backups with R2 cloud upload",
128
+ "conversation history import — parser + MCP tool + CLI",
129
+ "add vps-backup + vps-health-gate scripts with stack-update integration",
130
+ "add update_bug_report + update_feature_request MCP tools",
131
+ "VPS guardrails — Postgres backup cron + post-deploy health gate",
132
+ "co-occurrence edges + graph backfill script"
133
+ ],
134
+ "fixes": [
135
+ "add generate-hook-manifest to tsup entries — unblocks publish gate",
136
+ "remove unused cleanupExpiredJars import — fixes TS6133 blocking publish",
137
+ "remove dead actualRuntime variable — fixes TS6133 blocking publish",
138
+ "isolate Metal/GPU ops in worker process — reranker dispose crash was killing daemon",
139
+ "remove remaining /exe-intercom invocations + update tests",
140
+ "replace /exe-intercom skill invocation with plain text prompt",
141
+ "remove ALL --strict-mcp-config usage — was blocking /exe-intercom in session MCP config too",
142
+ "tsup outputs to dist directly — kill dist-next migration shim",
143
+ "drop --strict-mcp-config from lean MCP — was blocking skill loading (/exe-intercom)",
144
+ "zombie agent reaper never kills coordinator/exe session processes",
145
+ "typecheck errors blocking publish — async embed alert + dead code cleanup",
146
+ "session TTL uses registry registeredAt instead of tmux session_created",
147
+ "CRM auth defaults + benchmark beam.ts updates",
148
+ "enable GoTrue email auth by default in setup template",
149
+ "intercom signal path in packaged source — ships to customers on npm install",
150
+ "intercom signal path + registry consolidated to update.askexe.com",
151
+ "4 customer P2 bugs — CLI passthrough + agent casing + clipboard (#50)",
152
+ "MCP pressure eviction evicts ONE session, not all",
153
+ "GHCR registry escape hatch + feature request 400 payload fix",
154
+ "WS client graceful failure on CF 1101 + capped backoff",
155
+ "3 of 4 customer P2 bugs — CLI passthrough + agent casing + clipboard",
156
+ "remove auto-close on session end (source persisted this time)",
157
+ "parallel Tom isolation — task-scoped branches + multi-instance task lookup",
158
+ "downgrade multi-coordinator hard-fail to warning",
159
+ "daemon RSS reconnect + review push notify + hot_entities timestamp"
160
+ ],
161
+ "security": [
162
+ "fix shell injection, SSRF, socket leaks, backup validation",
163
+ "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
164
+ "fix 2 CRITICAL + 1 HIGH from post-fix audit",
165
+ "validate X-Agent-Role against roster — prevent privilege escalation",
166
+ "release: stack v0.9.8 — security hardening + Hygo bug fixes",
167
+ "add webhook HMAC-SHA256 validation + disable query param auth in prod",
168
+ "pin GitHub Actions to SHAs, update jose to 6.2.3",
169
+ "harden support intake against abuse and data leakage",
170
+ "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
171
+ "audit: pre-hygo exe-gateway security report",
172
+ "add SECURITY.md — trust document for pre-install security evaluation",
173
+ "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
174
+ ],
175
+ "other": [
176
+ "remove registry.askexe.com references — fully consolidated to update.askexe.com",
177
+ "bump to 0.9.198 — coordinator reaper guard",
178
+ "bump to 0.9.197 — TTL fix + registry consolidation + TS fixes",
179
+ "update all manifest images to update.askexe.com + compose + beam tuning",
180
+ "bump to 0.9.196",
181
+ "bump to 0.9.195",
182
+ "bump to 0.9.194",
183
+ "bump to 0.9.193",
184
+ "bump to 0.9.192",
185
+ "bump to 0.9.191",
186
+ "bump to 0.9.189",
187
+ "bump to 0.9.188 — HYGO stack-update blockers fixed",
188
+ "bump to 0.9.187",
189
+ "bump to 0.9.186 — cross-session dispatch fix",
190
+ "release: bump exe-os image to v0.9.185 in stack manifest",
191
+ "bump to 0.9.185",
192
+ "bump to 0.9.184",
193
+ "bump to 0.9.183",
194
+ "bump to 0.9.181 — BEAM 3-mode + query expansion",
195
+ "bump to 0.9.180 — complete worktree isolation",
196
+ "bump to 0.9.179",
197
+ "bump to 0.9.178 — Bob's null fixes merged",
198
+ "bump to 0.9.177",
199
+ "bump to 0.9.176",
200
+ "bump to 0.9.175"
201
+ ],
202
+ "migration_notes": []
203
+ },
4
204
  "0.9.197": {
5
205
  "version": "0.9.197",
6
206
  "date": "2026-06-02",
@@ -303,212 +503,6 @@
303
503
  "If daemon goes down, agents will now fail instead of silently",
304
504
  "exe-daemon.ts kills old embed.pid process and cleans up"
305
505
  ]
306
- },
307
- "0.9.160": {
308
- "version": "0.9.160",
309
- "date": "2026-05-30",
310
- "features": [
311
- "add wiki document ingestion via API for embedding pipeline",
312
- "add filtered.* projection targets to projection worker",
313
- "verify-stack post-deploy checks — 8 runtime validations",
314
- "preflight deploy gate + filtered schema + gateway graceful degradation",
315
- "harden /exe-afk as primary monitoring tool, deprecate /loop for orchestration",
316
- "add --judge-model flag to LoCoMo harness",
317
- "dashboard.askexe.com — customer credits dashboard (backend + frontend)",
318
- "config persistence contract — document + enforce what survives stack updates",
319
- "add persona depth to identity — tone, vocabulary, response_style, communication_patterns",
320
- "4 BEAM improvements — o4-mini judge, entity expansion, temporal prompts, contradiction detection",
321
- "DMR 100% + BEAM 35% — full results with Claude Sonnet judge",
322
- "session_scope read paths — search filter + backfill + tests",
323
- "add session_scope filtering to memory read paths + MCP tools + backfill",
324
- "classify prompt memories as conversation type + enrich session-end captures",
325
- "add session_scope column to memories table — schema migration + all write paths",
326
- "fix Codex integration + add --codex to all 4 harnesses",
327
- "add checkpoint/resume support for long LoCoMo runs",
328
- "add Codex GPT-5.5 judge, pre-embedding, expanded retrieval, production prompts",
329
- "stack manifest 0.9.10 — all new images for customer deployment",
330
- "update safety + portable backups + restore",
331
- "complete deployment readiness — all 14 second-pass blind spots fixed",
332
- "production-ready stack — all 15 blind spots fixed",
333
- "blocked task notification — ping dispatcher immediately on status change",
334
- "self-improving skills — usage tracking, success counting, and refinement daemon",
335
- "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention"
336
- ],
337
- "fixes": [
338
- "auto-close temporal guard + session_scope fallback + orphan cleanup safety",
339
- "cloud sync skip-bad-rows + age-based orphan hook reaper",
340
- "clean unused imports + publish gate fixes for v0.9.159",
341
- "daemon memory cascade — prevent duplicate daemons, reap orphan hooks, cap heap",
342
- "auto-inject timeout on tmux capture-pane to prevent session freeze",
343
- "auto-wake crash loop — filter boot memories + circuit breaker",
344
- "Codex numbered instances use baseAgentName for identity resolution",
345
- "auto-chain project scope + writeNotification on needs_review",
346
- "persist WhatsApp auth in Docker volume — prevent data loss on update",
347
- "wake idle codex sessions on pending tasks",
348
- "fix daemon MCP session heap leak",
349
- "include typescript as runtime dependency",
350
- "remove direct Postgres license validation — CF Worker is the only path",
351
- "gateway stop_grace_period 45s — prevent SIGKILL during message drain",
352
- "filter person names from FTS queries to prevent speaker-prefix pollution",
353
- "DMR retrieval 20% → 100% — stop words, name filtering, speaker fix",
354
- "kill idle Codex/OpenCode sessions instead of sending intercom — enables auto-wake respawn",
355
- "suppress daemon auto-reconnect noise — only log after attempt 2+",
356
- "remove E2EE from bug reports — support intake must be readable server-side",
357
- "support API — verified encrypted bug reports work (HTTP 201)",
358
- "support API accepts encrypted bug reports — prevents HTTP 400",
359
- "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
360
- "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files",
361
- "add scope import to prompt-submit — gate pass",
362
- "add writeFileSync import to config.ts"
363
- ],
364
- "security": [
365
- "fix shell injection, SSRF, socket leaks, backup validation",
366
- "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
367
- "fix 2 CRITICAL + 1 HIGH from post-fix audit",
368
- "validate X-Agent-Role against roster — prevent privilege escalation",
369
- "release: stack v0.9.8 — security hardening + Hygo bug fixes",
370
- "add webhook HMAC-SHA256 validation + disable query param auth in prod",
371
- "pin GitHub Actions to SHAs, update jose to 6.2.3",
372
- "harden support intake against abuse and data leakage",
373
- "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
374
- "audit: pre-hygo exe-gateway security report",
375
- "add SECURITY.md — trust document for pre-install security evaluation",
376
- "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
377
- ],
378
- "other": [
379
- "bump v0.9.160 — cloud sync resilience + orphan reaper + auto-close guard",
380
- "update release notes with 5 bug fixes from support triage",
381
- "bump v0.9.159 — daemon memory cascade fix + session_scope + benchmarks",
382
- "arch: customer onboarding automation — exe-os deploy-customer command",
383
- "arch: Fleet Operations Roadmap — 8 phases for production safety at scale",
384
- "arch: add filtered table pipeline + pre-flight deploy system to roadmap",
385
- "add EXE-OS-STACK.md — complete 6-repo deployment map",
386
- "cache tmux session (5 calls → 1) + offset daemon timers",
387
- "cut agent boot from 4min to <30s — merge Bash blocks + parallel DB queries",
388
- "rename memory schema → graph across codebase",
389
- "unified access control — admin token + GoTrue across all services",
390
- "capture data pipeline spec — raw → filter → wiki + CRM projection",
391
- "bump to v0.9.149 — task lifecycle simplification + review notification fix",
392
- "capture gateway connection observability requirements (2026-05-28)",
393
- "bump to v0.9.146 for publish",
394
- "Windows support architecture — WezTerm + WSL decision (2026-05-27)",
395
- "Merge branch 'tom4-work' — device-scoped behaviors + push-notification fix",
396
- "bump to v0.9.145 for publish",
397
- "revert: keep workflow files unchanged — GitHub OAuth blocks workflow scope",
398
- "stage remaining Yoshi fixes — features + bug cleanup",
399
- "add tests for daemon restart orchestrator module",
400
- "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
401
- "add MCP tool tests for message, cloud-sync, and file-copy",
402
- "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
403
- "Recover MCP sessions after daemon restart"
404
- ],
405
- "migration_notes": [
406
- "If daemon goes down, agents will now fail instead of silently",
407
- "exe-daemon.ts kills old embed.pid process and cleans up"
408
- ]
409
- },
410
- "0.9.159": {
411
- "version": "0.9.159",
412
- "date": "2026-05-29",
413
- "features": [
414
- "verify-stack post-deploy checks — 8 runtime validations",
415
- "preflight deploy gate + filtered schema + gateway graceful degradation",
416
- "harden /exe-afk as primary monitoring tool, deprecate /loop for orchestration",
417
- "add --judge-model flag to LoCoMo harness",
418
- "dashboard.askexe.com — customer credits dashboard (backend + frontend)",
419
- "config persistence contract — document + enforce what survives stack updates",
420
- "add persona depth to identity — tone, vocabulary, response_style, communication_patterns",
421
- "4 BEAM improvements — o4-mini judge, entity expansion, temporal prompts, contradiction detection",
422
- "DMR 100% + BEAM 35% — full results with Claude Sonnet judge",
423
- "session_scope read paths — search filter + backfill + tests",
424
- "add session_scope filtering to memory read paths + MCP tools + backfill",
425
- "classify prompt memories as conversation type + enrich session-end captures",
426
- "add session_scope column to memories table — schema migration + all write paths",
427
- "fix Codex integration + add --codex to all 4 harnesses",
428
- "add checkpoint/resume support for long LoCoMo runs",
429
- "add Codex GPT-5.5 judge, pre-embedding, expanded retrieval, production prompts",
430
- "stack manifest 0.9.10 — all new images for customer deployment",
431
- "update safety + portable backups + restore",
432
- "complete deployment readiness — all 14 second-pass blind spots fixed",
433
- "production-ready stack — all 15 blind spots fixed",
434
- "blocked task notification — ping dispatcher immediately on status change",
435
- "self-improving skills — usage tracking, success counting, and refinement daemon",
436
- "4 retrieval improvements — query expansion, stop words, contradiction resolution, abstention",
437
- "competitive roadmap — serverless tier, identity depth, self-improving skills, user modeling",
438
- "run database migrations before container swap in stack-update"
439
- ],
440
- "fixes": [
441
- "cloud sync NOT NULL resilience — sqlSafeRequired() defaults + per-record error handling, skip bad rows instead of retry storm",
442
- "auto-close temporal guard — reject commits older than task creation date, raise threshold 0.6→0.8",
443
- "session_scope fallback — listTasks returns unscoped results when scoped query finds 0 after daemon restart",
444
- "orphan task file cleanup safety — 24h threshold (was 1h) + ID-based fallback before deleting",
445
- "blocked task escalation — writeNotification to COO when auto-wake fails 3x and marks task blocked",
446
- "daemon memory cascade — prevent duplicate daemons, reap orphan hooks, cap heap",
447
- "auto-inject timeout on tmux capture-pane to prevent session freeze",
448
- "auto-wake crash loop — filter boot memories + circuit breaker",
449
- "Codex numbered instances use baseAgentName for identity resolution",
450
- "auto-chain project scope + writeNotification on needs_review",
451
- "persist WhatsApp auth in Docker volume — prevent data loss on update",
452
- "wake idle codex sessions on pending tasks",
453
- "fix daemon MCP session heap leak",
454
- "include typescript as runtime dependency",
455
- "remove direct Postgres license validation — CF Worker is the only path",
456
- "gateway stop_grace_period 45s — prevent SIGKILL during message drain",
457
- "filter person names from FTS queries to prevent speaker-prefix pollution",
458
- "DMR retrieval 20% → 100% — stop words, name filtering, speaker fix",
459
- "kill idle Codex/OpenCode sessions instead of sending intercom — enables auto-wake respawn",
460
- "suppress daemon auto-reconnect noise — only log after attempt 2+",
461
- "remove E2EE from bug reports — support intake must be readable server-side",
462
- "support API — verified encrypted bug reports work (HTTP 201)",
463
- "support API accepts encrypted bug reports — prevents HTTP 400",
464
- "Codex agents recheck tasks before stopping — prevents idle-with-open-tasks",
465
- "P0 #13 session_scope in cleanup SELECT + P0 #6 wire review signal files"
466
- ],
467
- "security": [
468
- "fix shell injection, SSRF, socket leaks, backup validation",
469
- "bump v0.9.139 — 2 CRITICAL security fixes, 14 bug fixes, 6 features, customer config preservation",
470
- "fix 2 CRITICAL + 1 HIGH from post-fix audit",
471
- "validate X-Agent-Role against roster — prevent privilege escalation",
472
- "release: stack v0.9.8 — security hardening + Hygo bug fixes",
473
- "add webhook HMAC-SHA256 validation + disable query param auth in prod",
474
- "pin GitHub Actions to SHAs, update jose to 6.2.3",
475
- "harden support intake against abuse and data leakage",
476
- "bump to v0.9.22 — Codex MCP parity + customer bug fixes + security audit remediation",
477
- "audit: pre-hygo exe-gateway security report",
478
- "add SECURITY.md — trust document for pre-install security evaluation",
479
- "fix 4 pricing tier bypass vulnerabilities (audit F1-F4)"
480
- ],
481
- "other": [
482
- "bump v0.9.159 — daemon memory cascade fix + session_scope + benchmarks",
483
- "arch: customer onboarding automation — exe-os deploy-customer command",
484
- "arch: Fleet Operations Roadmap — 8 phases for production safety at scale",
485
- "arch: add filtered table pipeline + pre-flight deploy system to roadmap",
486
- "add EXE-OS-STACK.md — complete 6-repo deployment map",
487
- "cache tmux session (5 calls → 1) + offset daemon timers",
488
- "cut agent boot from 4min to <30s — merge Bash blocks + parallel DB queries",
489
- "rename memory schema → graph across codebase",
490
- "unified access control — admin token + GoTrue across all services",
491
- "capture data pipeline spec — raw → filter → wiki + CRM projection",
492
- "bump to v0.9.149 — task lifecycle simplification + review notification fix",
493
- "capture gateway connection observability requirements (2026-05-28)",
494
- "bump to v0.9.146 for publish",
495
- "Windows support architecture — WezTerm + WSL decision (2026-05-27)",
496
- "Merge branch 'tom4-work' — device-scoped behaviors + push-notification fix",
497
- "bump to v0.9.145 for publish",
498
- "revert: keep workflow files unchanged — GitHub OAuth blocks workflow scope",
499
- "stage remaining Yoshi fixes — features + bug cleanup",
500
- "add tests for daemon restart orchestrator module",
501
- "publish v0.9.144 — ESM require() fix + reliable task signals + OAuth 2.1",
502
- "add MCP tool tests for message, cloud-sync, and file-copy",
503
- "add coverage for send_message, cloud_sync, file_copy MCP tools (Track A)",
504
- "Recover MCP sessions after daemon restart",
505
- "publish v0.9.143 — all fixes live",
506
- "publish v0.9.142"
507
- ],
508
- "migration_notes": [
509
- "If daemon goes down, agents will now fail instead of silently",
510
- "exe-daemon.ts kills old embed.pid process and cleans up"
511
- ]
512
506
  }
513
507
  }
514
508
  }
@@ -1,125 +0,0 @@
1
- import {
2
- MODELS_DIR
3
- } from "./chunk-4GXRETYL.js";
4
-
5
- // src/lib/reranker.ts
6
- import path from "path";
7
- import { existsSync } from "fs";
8
- var RERANKER_MODEL_FILE = "jina-reranker-v3-q4_k_m.gguf";
9
- var IDLE_TIMEOUT_MS = 6e4;
10
- var _rerankerContext = null;
11
- var _rerankerModel = null;
12
- var _idleTimer = null;
13
- function resetIdleTimer() {
14
- if (_idleTimer) clearTimeout(_idleTimer);
15
- _idleTimer = setTimeout(() => {
16
- void disposeReranker();
17
- }, IDLE_TIMEOUT_MS);
18
- if (_idleTimer && typeof _idleTimer === "object" && "unref" in _idleTimer) {
19
- _idleTimer.unref();
20
- }
21
- }
22
- function isRerankerAvailable() {
23
- return existsSync(path.join(MODELS_DIR, RERANKER_MODEL_FILE));
24
- }
25
- function getRerankerModelPath() {
26
- return path.join(MODELS_DIR, RERANKER_MODEL_FILE);
27
- }
28
- async function ensureLoaded() {
29
- if (_rerankerContext) {
30
- resetIdleTimer();
31
- return;
32
- }
33
- const modelPath = path.join(MODELS_DIR, RERANKER_MODEL_FILE);
34
- if (!existsSync(modelPath)) {
35
- throw new Error(
36
- `Reranker model not found at ${modelPath}. Run /exe-setup to download it.`
37
- );
38
- }
39
- process.stderr.write("[reranker] Loading Jina Reranker v3...\n");
40
- const { getLlama } = await import("node-llama-cpp");
41
- const llama = await getLlama();
42
- _rerankerModel = await llama.loadModel({ modelPath });
43
- _rerankerContext = await _rerankerModel.createEmbeddingContext();
44
- process.stderr.write("[reranker] Jina Reranker v3 loaded.\n");
45
- resetIdleTimer();
46
- }
47
- async function disposeReranker() {
48
- if (_idleTimer) {
49
- clearTimeout(_idleTimer);
50
- _idleTimer = null;
51
- }
52
- if (_rerankerContext) {
53
- try {
54
- await _rerankerContext.dispose();
55
- } catch {
56
- }
57
- _rerankerContext = null;
58
- }
59
- if (_rerankerModel) {
60
- try {
61
- await _rerankerModel.dispose();
62
- } catch {
63
- }
64
- _rerankerModel = null;
65
- }
66
- process.stderr.write("[reranker] Unloaded (idle timeout).\n");
67
- }
68
- async function rerankWithScores(query, texts, topK) {
69
- if (texts.length === 0) return [];
70
- await ensureLoaded();
71
- const ctx = _rerankerContext;
72
- const scored = [];
73
- for (let i = 0; i < texts.length; i++) {
74
- const text = texts[i] ?? "";
75
- try {
76
- const input = `query: ${query} document: ${text.slice(0, 512)}`;
77
- const embedding = await ctx.getEmbeddingFor(input);
78
- const score = embedding.vector[0] ?? 0;
79
- scored.push({ text, score, index: i });
80
- } catch {
81
- scored.push({ text, score: -1, index: i });
82
- }
83
- }
84
- scored.sort((a, b) => b.score - a.score);
85
- return typeof topK === "number" ? scored.slice(0, topK) : scored;
86
- }
87
- async function rerank(query, candidates, topK = 5) {
88
- if (candidates.length === 0) return [];
89
- if (candidates.length <= topK) return candidates;
90
- const scored = await rerankWithScores(
91
- query,
92
- candidates.map((c) => c.raw_text),
93
- topK
94
- );
95
- return scored.map((s) => candidates[s.index]);
96
- }
97
- async function rerankWithContext(query, candidates, topK) {
98
- if (candidates.length === 0) return [];
99
- await ensureLoaded();
100
- const ctx = _rerankerContext;
101
- const scored = [];
102
- for (let i = 0; i < candidates.length; i++) {
103
- const candidate = candidates[i];
104
- try {
105
- const docText = candidate.context ? `[${candidate.context}] ${candidate.text.slice(0, 460)}` : candidate.text.slice(0, 512);
106
- const input = `query: ${query} document: ${docText}`;
107
- const embedding = await ctx.getEmbeddingFor(input);
108
- const score = embedding.vector[0] ?? 0;
109
- scored.push({ text: candidate.text, score, index: i });
110
- } catch {
111
- scored.push({ text: candidate.text, score: -1, index: i });
112
- }
113
- }
114
- scored.sort((a, b) => b.score - a.score);
115
- return typeof topK === "number" ? scored.slice(0, topK) : scored;
116
- }
117
-
118
- export {
119
- isRerankerAvailable,
120
- getRerankerModelPath,
121
- disposeReranker,
122
- rerankWithScores,
123
- rerank,
124
- rerankWithContext
125
- };
File without changes
File without changes
@@ -1,9 +1,9 @@
1
- import {
2
- buildClaudeHttpMcpEntry
3
- } from "./chunk-QPSUK5HA.js";
4
1
  import {
5
2
  loadPreferences
6
3
  } from "./chunk-GNHN5HRQ.js";
4
+ import {
5
+ buildClaudeHttpMcpEntry
6
+ } from "./chunk-QPSUK5HA.js";
7
7
  import {
8
8
  EXE_HOOKS,
9
9
  isLegacyHomeDirHookCommand,
File without changes
File without changes
File without changes