npm - @askexenow/exe-os - Versions diffs - 0.9.283 → 0.9.284 - Mend

@askexenow/exe-os 0.9.283 → 0.9.284

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/bin/stack-update.js +2 -2
package/dist/bin/vps-health-gate.js +1 -1
package/dist/chunk-AQPTGQYH.js +230 -0
package/dist/chunk-OJQ34M77.js +1876 -0
package/dist/hooks/manifest.json +1 -1
package/dist/stack-update-TRZRI6V7.js +74 -0
package/package.json +1 -1
package/release-notes.json +61 -59

package/dist/hooks/manifest.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "version": 1,
-  "generatedAt": "2026-06-17T08:40:20.021Z",
+  "generatedAt": "2026-06-17T08:59:46.167Z",
   "hashes": {
     "bug-report-worker.js": "16d6fab856fd34eeeb4406f0b63578abbab9b85a2c5b552918b2dc096bff45b2",
     "codex-stop-task-finalizer.js": "2e1b30d86acf2359fe6e555e486ffc80c8b525ab43646c523e272b92d8cdaa93",

package/dist/stack-update-TRZRI6V7.js ADDED Viewed

@@ -0,0 +1,74 @@
+import {
+  ProgressReporter,
+  assertBreakingChangesAllowed,
+  assertDeploymentScopeAllowed,
+  assertHostReadyForApply,
+  assertProductionDeployGate,
+  bootstrapStackHost,
+  buildDefaultServiceSelection,
+  canonicalizeStackManifest,
+  collectProductionDeployGateIssues,
+  createStackUpdatePlan,
+  defaultStackPaths,
+  detectDanglingVolumes,
+  filterServicesBySelection,
+  findLatestBackupEnvFile,
+  hardenHost,
+  listAvailableVersions,
+  loadServiceSelection,
+  loadStackManifest,
+  pairMonitorAgent,
+  parseEnv,
+  parseStackManifest,
+  patchEnv,
+  printDanglingVolumes,
+  printVolumeCleanupResult,
+  readCurrentStackVersion,
+  removeDanglingVolumes,
+  rollbackStackUpdate,
+  runStackUpdate,
+  saveServiceSelection,
+  serviceSelectionPath,
+  verifyManifestImagesAvailable,
+  verifyReleaseHealth,
+  verifyStackManifestSignature
+} from "./chunk-OJQ34M77.js";
+import "./chunk-YMKUXZIG.js";
+import "./chunk-T3B5RK4H.js";
+import "./chunk-LYH5HE24.js";
+import "./chunk-MLKGABMK.js";
+export {
+  ProgressReporter,
+  assertBreakingChangesAllowed,
+  assertDeploymentScopeAllowed,
+  assertHostReadyForApply,
+  assertProductionDeployGate,
+  bootstrapStackHost,
+  buildDefaultServiceSelection,
+  canonicalizeStackManifest,
+  collectProductionDeployGateIssues,
+  createStackUpdatePlan,
+  defaultStackPaths,
+  detectDanglingVolumes,
+  filterServicesBySelection,
+  findLatestBackupEnvFile,
+  hardenHost,
+  listAvailableVersions,
+  loadServiceSelection,
+  loadStackManifest,
+  pairMonitorAgent,
+  parseEnv,
+  parseStackManifest,
+  patchEnv,
+  printDanglingVolumes,
+  printVolumeCleanupResult,
+  readCurrentStackVersion,
+  removeDanglingVolumes,
+  rollbackStackUpdate,
+  runStackUpdate,
+  saveServiceSelection,
+  serviceSelectionPath,
+  verifyManifestImagesAvailable,
+  verifyReleaseHealth,
+  verifyStackManifestSignature
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@askexenow/exe-os",
-  "version": "0.9.283",
+  "version": "0.9.284",
   "description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",

package/release-notes.json CHANGED Viewed

@@ -1,8 +1,8 @@
 {
-  "current": "0.9.283",
+  "current": "0.9.284",
   "notes": {
-    "0.9.283": {
-      "version": "0.9.283",
+    "0.9.284": {
+      "version": "0.9.284",
       "date": "2026-06-17",
       "features": [
         "GoTrue JWT auth for MCP — exe-os login/logout/whoami",
@@ -32,6 +32,7 @@
         "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)"
       ],
       "fixes": [
+        "add otel-collector to official image allowlist — unblocks stack-update",
         "correct exe-os + exe-auth digests for amd64 in manifest 0.9.24 (bug e0c3b3fb)",
         "update exe-os daemon image to v0.9.281 in manifest 0.9.24",
         "mcp_ping reports alive when running inside daemon process (bug b5fb9404)",
@@ -55,11 +56,11 @@
         "add sync_meta to SQL guard allowlist — fixes cloud sync (bug 9fbbe145)",
         "accept digest-only official images in deploy gate",
         "prevent empty/duplicate company_procedure rows at the source",
-        "remove duplicate if-block causing TS build failure",
-        "watchdog self-heal + restart-intent propagation (belt & suspenders)"
+        "remove duplicate if-block causing TS build failure"
       ],
       "security": [],
       "other": [
+        "bump v0.9.284 — otel deploy gate fix",
         "bump v0.9.283 — amd64 digest fix",
         "bump v0.9.282 — daemon image v0.9.281 in manifest",
         "prepare v0.9.281 — 50 bugs fixed, stack 0.9.24 fully deployable",
@@ -83,13 +84,12 @@
         "bump 0.9.275 — bundle stack 0.9.22 manifest for stack-update",
         "release: stack 0.9.22 — exe-os v0.9.270, exe-crm v0.9.48, exe-gateway v0.9.18 (digest-pinned)",
         "bump 0.9.273 — graph/send_whatsapp/phantom-notif fixes",
-        "Add daemon smoke gate",
-        "Publish Claude Fable model support as 0.9.272"
+        "Add daemon smoke gate"
       ],
       "migration_notes": []
     },
-    "0.9.282": {
-      "version": "0.9.282",
+    "0.9.283": {
+      "version": "0.9.283",
       "date": "2026-06-17",
       "features": [
         "GoTrue JWT auth for MCP — exe-os login/logout/whoami",
@@ -119,6 +119,7 @@
         "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)"
       ],
       "fixes": [
+        "correct exe-os + exe-auth digests for amd64 in manifest 0.9.24 (bug e0c3b3fb)",
         "update exe-os daemon image to v0.9.281 in manifest 0.9.24",
         "mcp_ping reports alive when running inside daemon process (bug b5fb9404)",
         "add exe-erp-nginx for static assets + remove direct gunicorn port (bug 6776edf0)",
@@ -142,11 +143,11 @@
         "accept digest-only official images in deploy gate",
         "prevent empty/duplicate company_procedure rows at the source",
         "remove duplicate if-block causing TS build failure",
-        "watchdog self-heal + restart-intent propagation (belt & suspenders)",
-        "skip junk/empty company_procedure rows that bloated prompts to 1.6MB"
+        "watchdog self-heal + restart-intent propagation (belt & suspenders)"
       ],
       "security": [],
       "other": [
+        "bump v0.9.283 — amd64 digest fix",
         "bump v0.9.282 — daemon image v0.9.281 in manifest",
         "prepare v0.9.281 — 50 bugs fixed, stack 0.9.24 fully deployable",
         "bump v0.9.280 — GoTrue MCP auth, support fixes",
@@ -170,13 +171,12 @@
         "release: stack 0.9.22 — exe-os v0.9.270, exe-crm v0.9.48, exe-gateway v0.9.18 (digest-pinned)",
         "bump 0.9.273 — graph/send_whatsapp/phantom-notif fixes",
         "Add daemon smoke gate",
-        "Publish Claude Fable model support as 0.9.272",
-        "Add Claude Fable model whitelist"
+        "Publish Claude Fable model support as 0.9.272"
       ],
       "migration_notes": []
     },
-    "0.9.281": {
-      "version": "0.9.281",
+    "0.9.282": {
+      "version": "0.9.282",
       "date": "2026-06-17",
       "features": [
         "GoTrue JWT auth for MCP — exe-os login/logout/whoami",
@@ -206,6 +206,7 @@
         "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)"
       ],
       "fixes": [
+        "update exe-os daemon image to v0.9.281 in manifest 0.9.24",
         "mcp_ping reports alive when running inside daemon process (bug b5fb9404)",
         "add exe-erp-nginx for static assets + remove direct gunicorn port (bug 6776edf0)",
         "ERP healthcheck Host header + websocket path for Frappe 17 (bugs 7c905474, 468cc508)",
@@ -229,11 +230,11 @@
         "prevent empty/duplicate company_procedure rows at the source",
         "remove duplicate if-block causing TS build failure",
         "watchdog self-heal + restart-intent propagation (belt & suspenders)",
-        "skip junk/empty company_procedure rows that bloated prompts to 1.6MB",
-        "match user by deviceId when encryption secret lost"
+        "skip junk/empty company_procedure rows that bloated prompts to 1.6MB"
       ],
       "security": [],
       "other": [
+        "bump v0.9.282 — daemon image v0.9.281 in manifest",
         "prepare v0.9.281 — 50 bugs fixed, stack 0.9.24 fully deployable",
         "bump v0.9.280 — GoTrue MCP auth, support fixes",
         "bump v0.9.279 — stack v0.9.24, GoTrue support auth, optional services",
@@ -257,13 +258,12 @@
         "bump 0.9.273 — graph/send_whatsapp/phantom-notif fixes",
         "Add daemon smoke gate",
         "Publish Claude Fable model support as 0.9.272",
-        "Add Claude Fable model whitelist",
-        "Publish stack-update service resume as 0.9.271"
+        "Add Claude Fable model whitelist"
       ],
       "migration_notes": []
     },
-    "0.9.280": {
-      "version": "0.9.280",
+    "0.9.281": {
+      "version": "0.9.281",
       "date": "2026-06-17",
       "features": [
         "GoTrue JWT auth for MCP — exe-os login/logout/whoami",
@@ -293,34 +293,35 @@
         "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)"
       ],
       "fixes": [
+        "mcp_ping reports alive when running inside daemon process (bug b5fb9404)",
+        "add exe-erp-nginx for static assets + remove direct gunicorn port (bug 6776edf0)",
+        "ERP healthcheck Host header + websocket path for Frappe 17 (bugs 7c905474, 468cc508)",
+        "rotate signing key to match Worker secret (bug 834ffb70)",
+        "add exe-auth service to main compose + fix image reference to update.askexe.com",
+        "align compose default image tags with manifest 0.9.24 (bug 79168bac)",
+        "isDaemonAlive falls back to socket check when PID file missing (bug b5fb9404)",
+        "correct exe-erp image tag final7→final3 in manifests 0.9.23 + 0.9.24 (bug ff960d31)",
+        "create exe_erp login role in init-db.sql (bug 9d452322)",
+        "CRM_SERVER_URL uses crm. subdomain + add EXE_CRM_ADMIN_EMAIL (bugs 8d20e779, 7debf355)",
+        "use update.askexe.com for exe-auth image in manifest 0.9.24 (bug 97f2d288)",
+        "ensure description field is never empty in feature request upstream payload (bug 0a8e16d0)",
+        "add WSL clip.exe detection to shipped tmux.conf (bug 3396fb26)",
+        "include node binary dir in exe-os-node shim PATH (bug 71adcb68)",
+        "add minimum daemon age guard to prevent crash-loop (bug 25faecf3)",
+        "digest-pin all 0.9.24 images + remove control-plane from customer manifest",
+        "resolve full UUID before upstream delivery — fixes update_bug/update_feature 400s (bug 31b1d2e3)",
+        "dual-key JWT verification — accept tokens signed by previous key (bug 2f5d6166)",
+        "add sync_meta to SQL guard allowlist — fixes cloud sync (bug 9fbbe145)",
+        "accept digest-only official images in deploy gate",
         "prevent empty/duplicate company_procedure rows at the source",
         "remove duplicate if-block causing TS build failure",
         "watchdog self-heal + restart-intent propagation (belt & suspenders)",
         "skip junk/empty company_procedure rows that bloated prompts to 1.6MB",
-        "match user by deviceId when encryption secret lost",
-        "backfill api_key_hash on every /auth/activate call",
-        "allow dev-fallback storage secret for backfill (keys were encrypted with it)",
-        "cap model-instructions prompt under the API limit (was 1.6MB → 400)",
-        "mark keychain unavailable on write timeout; pass --session to codex/opencode",
-        "backfill api_key_hash for ALREADY encrypted keys",
-        "store api_key_hash on key upgrade — support validation works for all customers",
-        "name the target keychain on store to fix \"cannot be found\"",
-        "never re-prompt when the OS keychain is unavailable",
-        "GoTrue JWT payload decode fallback — support channel working",
-        "validate against GoTrue JWT — not just D1 license keys",
-        "stop master-key destruction on launch + fix codex --profile",
-        "clear all 25 moderate CVEs via OTel+protobufjs overrides; fix date-bomb test",
-        "auth is customer-facing (not control-plane)",
-        "patch hono HIGH CVE + fix stale worker-gate test",
-        "use hooks-free CODEX_HOME to prevent crash after 10 codex calls",
-        "per-chat runner + offset flag + execSync + clean env + GC",
-        "execFile instead of spawn, sequential loop, useOpenCode, 180s timeout",
-        "P1 CVE fixes + test alignment + tarball budget + env sync",
-        "exe-start COO_NAME resolution fails on npm install (not dev symlink)",
-        "fix FTS ambiguous column bug + CLaRa term sanitization"
+        "match user by deviceId when encryption secret lost"
       ],
       "security": [],
       "other": [
+        "prepare v0.9.281 — 50 bugs fixed, stack 0.9.24 fully deployable",
         "bump v0.9.280 — GoTrue MCP auth, support fixes",
         "bump v0.9.279 — stack v0.9.24, GoTrue support auth, optional services",
         "service ownership matrix — dashboard is AskExe-only, not customer stack",
@@ -348,10 +349,12 @@
       ],
       "migration_notes": []
     },
-    "0.9.279": {
-      "version": "0.9.279",
+    "0.9.280": {
+      "version": "0.9.280",
       "date": "2026-06-17",
       "features": [
+        "GoTrue JWT auth for MCP — exe-os login/logout/whoami",
+        "admin backfill endpoint for api_key_hash — fixes all encrypted keys",
         "implement startMonitor for Slack/Discord/Telegram/WhatsApp + SMTP via nodemailer",
         "add dashboard + auth + otel to manifest as control-plane services",
         "CLI service selection + exe-build removal from customer stack",
@@ -374,11 +377,20 @@
         "split exe-os into server (~200MB) and worker (~1GB) images (#130)",
         "out-of-process socket watchdog (c3b287cc) (#129)",
         "hot-path session summary — compress last checkpoint into ~200 tokens at boot (edaf4eb3) (#128)",
-        "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)",
-        "wire dashboard → api.askexe.com billing API (7 endpoints)",
-        "dashboard.askexe.com — customer developer portal"
+        "cloud-synced cross-device reminders via Cloudflare Worker KV (a4195632) (#127)"
       ],
       "fixes": [
+        "prevent empty/duplicate company_procedure rows at the source",
+        "remove duplicate if-block causing TS build failure",
+        "watchdog self-heal + restart-intent propagation (belt & suspenders)",
+        "skip junk/empty company_procedure rows that bloated prompts to 1.6MB",
+        "match user by deviceId when encryption secret lost",
+        "backfill api_key_hash on every /auth/activate call",
+        "allow dev-fallback storage secret for backfill (keys were encrypted with it)",
+        "cap model-instructions prompt under the API limit (was 1.6MB → 400)",
+        "mark keychain unavailable on write timeout; pass --session to codex/opencode",
+        "backfill api_key_hash for ALREADY encrypted keys",
+        "store api_key_hash on key upgrade — support validation works for all customers",
         "name the target keychain on store to fix \"cannot be found\"",
         "never re-prompt when the OS keychain is unavailable",
         "GoTrue JWT payload decode fallback — support channel working",
@@ -392,21 +404,11 @@
         "execFile instead of spawn, sequential loop, useOpenCode, 180s timeout",
         "P1 CVE fixes + test alignment + tarball budget + env sync",
         "exe-start COO_NAME resolution fails on npm install (not dev symlink)",
-        "fix FTS ambiguous column bug + CLaRa term sanitization",
-        "document cloud_action param in consolidated procedures (customer-readiness gate)",
-        "typecheck errors (session-summary undefined, unused import)",
-        "graceful exit on missing GHCR_TOKEN prevents crash-loop (bug 3416cead) (#141)",
-        "graceful exit on missing GHCR_TOKEN prevents crash-loop (bug 3416cead) (#140)",
-        "exe-build is askexe-control-plane, not customer-deployable",
-        "unquarantine gateway-client WS tests — clear NODE_OPTIONS + CI-aware timeouts (bug d51015bb) (#119)",
-        "typecheck errors from subagent code (failover undefined model, unused vars)",
-        "config-search-cloud reconciliation + Keychain-aware boot (bugs 370587e3, e3fd2319, 6bce0a70, 6727e213) (#109)",
-        "SSE stale-session recovery + eviction notification + headless session isolation (bugs 5b601250, 56caa668, 17882f71) (#108)",
-        "platform-aware RAM gate, dynamic worker cap, dirty worktree aging (bugs a3eb23d2, ed1fb3d2) (#107)",
-        "orchestration bugs — reviewer loop, session isolation, Desktop reaper (57b06092, b313fec5, 6b3a7810) (#106)"
+        "fix FTS ambiguous column bug + CLaRa term sanitization"
       ],
       "security": [],
       "other": [
+        "bump v0.9.280 — GoTrue MCP auth, support fixes",
         "bump v0.9.279 — stack v0.9.24, GoTrue support auth, optional services",
         "service ownership matrix — dashboard is AskExe-only, not customer stack",
         "bump version to 0.9.278",