@askexenow/exe-os 0.9.322 → 0.9.324
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/deploy/compose/.env.customer.example +1 -1
- package/deploy/compose/.env.example +18 -1
- package/deploy/compose/PROTECTED_FILES.md +4 -1
- package/deploy/compose/add-routes.sh +22 -0
- package/deploy/compose/cloudflared/config.yml.example +6 -3
- package/deploy/compose/docker-compose.yml +36 -1
- package/deploy/compose/generate-env.ts +40 -2
- package/deploy/compose/sso-edge/default.conf.template +11 -0
- package/deploy/compose/sso-edge/sso-redirect.conf +90 -21
- package/deploy/stack-manifests/v0.9.json +110 -2
- package/dist/{active-agent-M5NJFEBM.js → active-agent-CVSB2EER.js} +3 -3
- package/dist/{active-agent-SHM4QSRJ.js → active-agent-IUVRZOSF.js} +3 -3
- package/dist/{agentic-ontology-HQKCU7LG.js → agentic-ontology-2QFPBIQP.js} +1 -1
- package/dist/backfill-gate-J7UXFNXU.js +19 -0
- package/dist/{backfill-metadata-CXWFCTBO.js → backfill-metadata-W3PRQPVV.js} +4 -4
- package/dist/{behaviors-J47D342W.js → behaviors-MQCADHAD.js} +5 -5
- package/dist/bin/agentic-ontology-backfill.js +5 -5
- package/dist/bin/agentic-reflection-backfill.js +6 -6
- package/dist/bin/agentic-semantic-label.js +5 -5
- package/dist/bin/backfill-conversations.js +11 -11
- package/dist/bin/backfill-responses.js +11 -11
- package/dist/bin/backfill-vectors.js +102 -22
- package/dist/bin/bulk-sync-postgres.js +14 -14
- package/dist/bin/cc-doctor.js +5 -5
- package/dist/bin/cleanup-stale-review-tasks.js +20 -13
- package/dist/bin/cli.js +28 -31
- package/dist/bin/customer-readiness.js +1 -0
- package/dist/bin/deferred-daemon-restart.js +80 -77
- package/dist/bin/exe-agent-config.js +3 -3
- package/dist/bin/exe-agent.js +5 -5
- package/dist/bin/exe-assign.js +10 -10
- package/dist/bin/exe-boot.js +32 -23
- package/dist/bin/exe-call.js +5 -5
- package/dist/bin/exe-cloud.js +120 -47
- package/dist/bin/exe-config-dump.js +3 -3
- package/dist/bin/exe-dispatch.js +48 -14
- package/dist/bin/exe-doctor.js +4 -4
- package/dist/bin/exe-export-behaviors.js +7 -7
- package/dist/bin/exe-forget.js +6 -6
- package/dist/bin/exe-gateway.js +8 -8
- package/dist/bin/exe-healthcheck.js +17 -8
- package/dist/bin/exe-heartbeat.js +20 -13
- package/dist/bin/exe-kill.js +23 -16
- package/dist/bin/exe-launch-agent.js +30 -27
- package/dist/bin/exe-new-employee.js +9 -9
- package/dist/bin/exe-pending-messages.js +21 -14
- package/dist/bin/exe-pending-notifications.js +20 -13
- package/dist/bin/exe-pending-reviews.js +20 -13
- package/dist/bin/exe-rename.js +5 -5
- package/dist/bin/exe-review.js +22 -15
- package/dist/bin/exe-search.js +8 -13
- package/dist/bin/exe-session-cleanup.js +39 -22
- package/dist/bin/exe-settings.js +15 -15
- package/dist/bin/exe-start-codex.js +51 -34
- package/dist/bin/exe-start-opencode.js +8 -8
- package/dist/bin/exe-status.js +21 -14
- package/dist/bin/exe-support.js +3 -3
- package/dist/bin/exe-team.js +3 -3
- package/dist/bin/exe-watchdog.js +278 -39
- package/dist/bin/git-sweep.js +21 -14
- package/dist/bin/graph-backfill.js +4 -4
- package/dist/bin/graph-export.js +5 -5
- package/dist/bin/import-history.js +7 -7
- package/dist/bin/install-launchd.js +2 -2
- package/dist/bin/install.js +121 -88
- package/dist/bin/intercom-check.js +4 -4
- package/dist/bin/mcp-sessions.js +2 -2
- package/dist/bin/orchestration-metrics.js +4 -4
- package/dist/bin/postgres-agentic-reflection-backfill.js +2 -2
- package/dist/bin/postgres-agentic-semantic-backfill.js +1 -1
- package/dist/bin/pre-publish.js +1 -1
- package/dist/bin/registry-proxy.js +1 -1
- package/dist/bin/scan-tasks.js +20 -13
- package/dist/bin/setup.js +1 -1
- package/dist/bin/shard-migrate.js +4 -4
- package/dist/bin/stack-update.js +4 -4
- package/dist/bin/vps-health-gate.js +1 -1
- package/dist/{capability-cards-H7H3MU74.js → capability-cards-STD3NMCR.js} +2 -2
- package/dist/{capacity-monitor-WAEHVBL7.js → capacity-monitor-6O3PWYNM.js} +21 -14
- package/dist/{catchup-brief-L42STIDR.js → catchup-brief-EDQ3VZCF.js} +23 -16
- package/dist/{chunk-HKSJSW2V.js → chunk-2E2NKFXK.js} +1 -1
- package/dist/{chunk-NYFPFOYM.js → chunk-2NY7LZT7.js} +1 -1
- package/dist/{chunk-DGFIXJ4S.js → chunk-2QD5M47V.js} +3 -3
- package/dist/{chunk-3M73L663.js → chunk-2YWUZPHE.js} +2 -2
- package/dist/{chunk-LB77CSLO.js → chunk-2ZW4AQ24.js} +3 -3
- package/dist/{chunk-E32KARET.js → chunk-376J36IW.js} +4 -4
- package/dist/{chunk-CWQAXO3O.js → chunk-5RACW3LX.js} +28 -3
- package/dist/{chunk-VSXGFHJY.js → chunk-5VT45EV6.js} +1 -1
- package/dist/{chunk-X62GD6QW.js → chunk-5YCOEPEX.js} +2 -2
- package/dist/{chunk-TKBWBHFV.js → chunk-6FWMLTF2.js} +1 -1
- package/dist/chunk-6IWLAQ7O.js +40 -0
- package/dist/{chunk-WFHYAKEU.js → chunk-6XAAJ5OV.js} +1 -1
- package/dist/{chunk-4Z47UMMM.js → chunk-7M6TXYRQ.js} +23 -23
- package/dist/{chunk-HWC5W34K.js → chunk-7PLMYXPG.js} +1 -1
- package/dist/{chunk-DDKDN4HV.js → chunk-A47MXY2I.js} +7 -0
- package/dist/{chunk-SQ5JWDJ2.js → chunk-AEFZEJKW.js} +1 -1
- package/dist/{chunk-657AQEPY.js → chunk-AVKZIG4A.js} +1 -1
- package/dist/{chunk-EPBB2OD3.js → chunk-BB5IKY7B.js} +2 -2
- package/dist/{chunk-3JW3ZXCP.js → chunk-BC7IIR3A.js} +65 -39
- package/dist/{chunk-WSYKLS2Y.js → chunk-BDJQWBWF.js} +3 -3
- package/dist/{chunk-VY7345RO.js → chunk-BMSAJ2IH.js} +1 -1
- package/dist/{chunk-OI63OVCR.js → chunk-C7B44DJI.js} +1 -1
- package/dist/{chunk-GA76RGSP.js → chunk-CS6MYGNB.js} +5 -5
- package/dist/{chunk-6N4LYEDI.js → chunk-CSPHV5DJ.js} +1 -1
- package/dist/{chunk-HGM6NZQH.js → chunk-DYUISOIT.js} +1 -1
- package/dist/{signal-paths-4GOIRLGH.js → chunk-EIKATSE4.js} +3 -4
- package/dist/{chunk-G5TP2D2U.js → chunk-EWDTTTZP.js} +3 -3
- package/dist/{chunk-TI6YX3L5.js → chunk-F2RK5YWB.js} +36 -27
- package/dist/{chunk-HV5CUDOE.js → chunk-F6TJIWN5.js} +1 -1
- package/dist/{chunk-WCCR5IFR.js → chunk-FPTBCPI3.js} +2 -2
- package/dist/{chunk-QVFJCFNM.js → chunk-FROUDYRT.js} +33 -2
- package/dist/{chunk-T6AUMO5X.js → chunk-GIFDGNIL.js} +1 -1
- package/dist/{chunk-OFR7KQ37.js → chunk-HAYDXMW6.js} +3 -3
- package/dist/{chunk-V2ESQU3S.js → chunk-HBKYKN3S.js} +3 -3
- package/dist/{chunk-LCZ55G5G.js → chunk-HZ5J2GFE.js} +136 -66
- package/dist/{chunk-EOPSIIEH.js → chunk-ID3V4BWS.js} +1 -1
- package/dist/{chunk-ABGDTMKC.js → chunk-JRD7ARQ6.js} +60 -2
- package/dist/{chunk-7FBPLVHM.js → chunk-KADUJ7PE.js} +3 -3
- package/dist/{chunk-KLG53B63.js → chunk-KJOQLNX2.js} +1 -1
- package/dist/{chunk-AZL3EUR3.js → chunk-KK67DSCO.js} +229 -29
- package/dist/{chunk-H2SD2EA7.js → chunk-KLDQFOFY.js} +23 -9
- package/dist/chunk-KPIN44GZ.js +67 -0
- package/dist/{chunk-PLBDXCYZ.js → chunk-KUJGADX6.js} +1491 -606
- package/dist/{chunk-GN3IWZDH.js → chunk-KWWHRJGG.js} +660 -539
- package/dist/{chunk-ERSFOJGC.js → chunk-LUOQCGBO.js} +20 -11
- package/dist/{chunk-CXXERHNC.js → chunk-LWAGAC3H.js} +1 -1
- package/dist/{chunk-7BZ6TOZN.js → chunk-MB2YT5VQ.js} +3 -3
- package/dist/{chunk-KXP3CUTL.js → chunk-MCEXBLLK.js} +3 -3
- package/dist/{chunk-A3KUGBDP.js → chunk-MIWPKWXQ.js} +1 -1
- package/dist/{chunk-7CUF27OT.js → chunk-MKIFYIXC.js} +1 -1
- package/dist/{chunk-ONKIWA3R.js → chunk-ML4S5SHZ.js} +3 -1
- package/dist/{chunk-BFHBHQFA.js → chunk-MWIX3YKA.js} +5 -5
- package/dist/{chunk-6UQRJCKK.js → chunk-NBDTQVWU.js} +2 -2
- package/dist/{chunk-KK4ZOYXJ.js → chunk-NGACCR2M.js} +80 -40
- package/dist/{chunk-CMDC5D7S.js → chunk-NLEW62VC.js} +6 -0
- package/dist/{chunk-QYLDCPNG.js → chunk-PGFYWVOB.js} +1 -1
- package/dist/{chunk-XEBN5CPD.js → chunk-PGUISLOT.js} +3 -3
- package/dist/{chunk-MYMA23KC.js → chunk-PJTEZLAM.js} +1 -1
- package/dist/{chunk-QNUHDEPI.js → chunk-POOMY3CS.js} +4 -4
- package/dist/{chunk-2GBGIXKH.js → chunk-PV7IG4V6.js} +1 -1
- package/dist/{chunk-SENJA7BZ.js → chunk-QDI77B3E.js} +54 -7
- package/dist/{chunk-XLNF3CIO.js → chunk-QGOMYIVT.js} +119 -24
- package/dist/{chunk-HIOO7DZ2.js → chunk-QQFZ32WS.js} +5 -5
- package/dist/{chunk-KL5WYWS3.js → chunk-SOXUF34Y.js} +2 -2
- package/dist/{chunk-6XM6PZXQ.js → chunk-SPO2RLOB.js} +1 -1
- package/dist/{chunk-ROMB2HH4.js → chunk-T3XHH5FE.js} +6 -6
- package/dist/{chunk-6SXJZHRJ.js → chunk-TA3A4UQL.js} +1 -1
- package/dist/{chunk-XP53WEXP.js → chunk-TGVKQ3QB.js} +3 -3
- package/dist/{chunk-XC7C3GQ2.js → chunk-TNS6U2K7.js} +30 -19
- package/dist/{chunk-JXEMAB4M.js → chunk-UAIMI7CK.js} +1 -1
- package/dist/{chunk-YIFZZYQD.js → chunk-UBYAKNRF.js} +2 -2
- package/dist/{chunk-6IBUQBMY.js → chunk-UXYQLOFW.js} +198 -39
- package/dist/{chunk-C4BIZXKB.js → chunk-UYOW7U24.js} +1 -1
- package/dist/{chunk-NFM6VHL7.js → chunk-V4VYIHSL.js} +1 -1
- package/dist/{chunk-QQOH3I4A.js → chunk-VDUHWQFA.js} +1 -1
- package/dist/{chunk-EVUXF2G4.js → chunk-W5GBB23I.js} +1 -1
- package/dist/{chunk-FANIBYUO.js → chunk-WF3J6GJZ.js} +2 -2
- package/dist/{chunk-NAHAOFTY.js → chunk-WGHTISNK.js} +3 -3
- package/dist/{chunk-F5FAD2YR.js → chunk-WGOAILWE.js} +2 -2
- package/dist/{chunk-LOE2N23P.js → chunk-WJICX53Z.js} +1 -1
- package/dist/{skill-refinement-YLIAY7V4.js → chunk-Y2KBHLEO.js} +3 -11
- package/dist/{chunk-PISGLNV7.js → chunk-Y34FDPOY.js} +5 -5
- package/dist/{chunk-ORC5AO7E.js → chunk-YBHOWK3L.js} +2 -2
- package/dist/{chunk-7SDS5VCL.js → chunk-ZDNJ3TSB.js} +7 -7
- package/dist/{chunk-CHSRSESS.js → chunk-ZRZ2Z6RZ.js} +1 -1
- package/dist/{cleanup-graph-garbage-MX5JDTJA.js → cleanup-graph-garbage-2YH52ADR.js} +4 -4
- package/dist/{co-activation-K44LGZ7A.js → co-activation-7F3J2GC7.js} +2 -2
- package/dist/{co-occurrence-N62HJTRP.js → co-occurrence-B36Q5GY3.js} +2 -2
- package/dist/{code-context-index-6YQ3DGCN.js → code-context-index-2PUBBQOE.js} +3 -3
- package/dist/{crdt-sync-BO76VVRX.js → crdt-sync-MXHPR6V6.js} +1 -1
- package/dist/{crm-bridge-BVTB6LZK.js → crm-bridge-CZLEW2LW.js} +1 -1
- package/dist/{crm-webhook-UZLTHXAS.js → crm-webhook-56MWGMRY.js} +2 -2
- package/dist/{cto-delegation-gate-NVMRONA2.js → cto-delegation-gate-26BD7NEE.js} +19 -12
- package/dist/{daemon-orchestration-JI3RD5EZ.js → daemon-orchestration-IBP6PWEG.js} +31 -16
- package/dist/{db-backup-ITRADB2J.js → db-backup-XLID57KW.js} +1 -1
- package/dist/{doc-graph-extractor-L7YESUSI.js → doc-graph-extractor-VBZ6XTTE.js} +2 -2
- package/dist/{documents-7BFXA6V3.js → documents-C5LYSJT3.js} +10 -10
- package/dist/{dreaming-NRTMPNPZ.js → dreaming-LMVDIC5C.js} +20 -13
- package/dist/{exe-drift-GLJIM7EI.js → exe-drift-T3K6WA47.js} +3 -3
- package/dist/{exe-export-THIAYHXK.js → exe-export-QCTASWXI.js} +7 -7
- package/dist/{exe-import-3Y4VOUYL.js → exe-import-WNP5A7VA.js} +7 -7
- package/dist/{exe-key-IPGY4RMU.js → exe-key-JM3JXE2E.js} +78 -75
- package/dist/{exe-snapshot-2ZEWCDYK.js → exe-snapshot-ODDJUEM5.js} +23 -16
- package/dist/{fast-db-init-TLYUWCDE.js → fast-db-init-O6A3TK3F.js} +1 -1
- package/dist/{founder-context-J362DNU4.js → founder-context-FYTF4IMD.js} +2 -2
- package/dist/gateway/index.js +9 -9
- package/dist/{git-staleness-BRDHTHNS.js → git-staleness-YA5J6VYJ.js} +2 -2
- package/dist/{global-procedures-FNUKY2LF.js → global-procedures-76NDWTYN.js} +4 -4
- package/dist/{graph-auto-extract-AJZUV3PO.js → graph-auto-extract-I7QL2TY5.js} +2 -2
- package/dist/hooks/bug-report-worker.js +22 -15
- package/dist/hooks/codex-stop-task-finalizer.js +22 -15
- package/dist/hooks/commit-complete.js +22 -15
- package/dist/hooks/error-recall.js +6 -6
- package/dist/hooks/exe-heartbeat-hook.js +3 -3
- package/dist/hooks/ingest-worker.js +6 -6
- package/dist/hooks/ingest.js +6 -6
- package/dist/hooks/instructions-loaded.js +4 -4
- package/dist/hooks/manifest.json +20 -20
- package/dist/hooks/notification.js +4 -4
- package/dist/hooks/post-compact.js +21 -14
- package/dist/hooks/post-tool-combined.js +8 -8
- package/dist/hooks/pre-compact.js +22 -21
- package/dist/hooks/pre-tool-use.js +29 -19
- package/dist/hooks/prompt-submit.js +89 -72
- package/dist/hooks/session-end.js +27 -26
- package/dist/hooks/session-start.js +13 -13
- package/dist/hooks/stop.js +28 -21
- package/dist/hooks/subagent-stop.js +24 -41
- package/dist/hooks/summary-worker.js +27 -25
- package/dist/index.js +30 -23
- package/dist/{installer-SC7CQBYY.js → installer-3EYHBKWB.js} +5 -5
- package/dist/{installer-UEF44TWQ.js → installer-3VZMDDMJ.js} +5 -5
- package/dist/{installer-2EKTDQZB.js → installer-GYABVCB7.js} +5 -5
- package/dist/intercom-queue-ZCNT4LYU.js +53 -0
- package/dist/lib/agent-config.js +7 -1
- package/dist/lib/cloud-sync.js +16 -14
- package/dist/lib/consolidation.js +5 -5
- package/dist/lib/database.js +10 -2
- package/dist/lib/db-daemon-client.js +3 -3
- package/dist/lib/db.js +10 -2
- package/dist/lib/device-registry.js +1 -1
- package/dist/lib/embed-worker.js +28 -0
- package/dist/lib/embedder.js +3 -3
- package/dist/lib/employee-templates.js +5 -5
- package/dist/lib/employees.js +2 -2
- package/dist/lib/exe-daemon-client.js +2 -2
- package/dist/lib/exe-daemon.js +393 -140
- package/dist/lib/hybrid-search.js +5 -5
- package/dist/lib/identity.js +2 -2
- package/dist/lib/license.js +2 -2
- package/dist/lib/messaging.js +20 -13
- package/dist/lib/registry-proxy.js +1 -1
- package/dist/lib/reminders.js +3 -3
- package/dist/lib/schedules.js +5 -5
- package/dist/lib/session-registry.js +6 -4
- package/dist/lib/skill-learning.js +6 -6
- package/dist/lib/store.js +4 -4
- package/dist/lib/task-router.js +3 -3
- package/dist/lib/tasks.js +21 -14
- package/dist/lib/tmux-routing.js +29 -12
- package/dist/lib/token-spend.js +3 -3
- package/dist/{license-gate-YUUSIPJ7.js → license-gate-73XGUIVP.js} +3 -3
- package/dist/{license-sync-LX73IEBH.js → license-sync-CG5YRUVH.js} +2 -2
- package/dist/mcp/register-tools.js +75 -72
- package/dist/mcp/server.js +96 -130
- package/dist/mcp/tools/complete-reminder.js +4 -4
- package/dist/mcp/tools/create-reminder.js +4 -4
- package/dist/mcp/tools/create-task.js +37 -18
- package/dist/mcp/tools/deactivate-behavior.js +7 -7
- package/dist/mcp/tools/list-reminders.js +4 -4
- package/dist/mcp/tools/list-tasks.js +23 -16
- package/dist/mcp/tools/send-message.js +22 -15
- package/dist/mcp/tools/update-task.js +22 -15
- package/dist/{mcp-http-config-MBG5AQNH.js → mcp-http-config-TT7PXZLX.js} +3 -3
- package/dist/{memory-cards-MGZ4P3AA.js → memory-cards-6NGUDUDN.js} +4 -4
- package/dist/{memory-graph-extractor-44P2ATID.js → memory-graph-extractor-FIMS3VQR.js} +3 -3
- package/dist/{memory-poisoning-defense-3CYFKNLA.js → memory-poisoning-defense-M3LOQ3XU.js} +2 -2
- package/dist/{memory-pressure-watchdog-6PFLEOUO.js → memory-pressure-watchdog-45GABDWH.js} +20 -13
- package/dist/{memory-queue-client-BZD6MXA5.js → memory-queue-client-BDYKFNB4.js} +3 -3
- package/dist/{memory-reflection-AYPJRPU7.js → memory-reflection-LANCFYK2.js} +7 -9
- package/dist/{notifications-BBQ23ORD.js → notifications-N5NKUYAU.js} +19 -12
- package/dist/{orchestration-events-O5P5NEKS.js → orchestration-events-KVNRNIPR.js} +3 -3
- package/dist/{orchestrator-SERM6FDY.js → orchestrator-VTF5BR26.js} +21 -14
- package/dist/{pipeline-router-T673WGL3.js → pipeline-router-KQAYWDPH.js} +3 -3
- package/dist/{plan-limits-QWBN2EKH.js → plan-limits-EUZI4X5W.js} +5 -5
- package/dist/{projection-worker-K6TILAZH.js → projection-worker-FG6G226D.js} +12 -2
- package/dist/{prospective-memory-XRNRMEDL.js → prospective-memory-FVDNUSIL.js} +2 -2
- package/dist/{reranker-3XC5UM4F.js → reranker-54Q3L32E.js} +1 -1
- package/dist/{retrieval-health-ULVVOIPL.js → retrieval-health-YJ7CXYVD.js} +1 -1
- package/dist/{review-polling-5YGDPJUX.js → review-polling-TKXYSXH6.js} +20 -13
- package/dist/runtime/index.js +23 -16
- package/dist/{session-events-D52HNUJK.js → session-events-WQHTP65R.js} +20 -13
- package/dist/{session-kill-telemetry-IBNCJSI7.js → session-kill-telemetry-2HSE7IGH.js} +20 -13
- package/dist/{session-scope-5FWZ4AYR.js → session-scope-RBKAC75W.js} +19 -12
- package/dist/{setup-wizard-KVTLSSRD.js → setup-wizard-AA6ZV57H.js} +1 -1
- package/dist/signal-paths-4G53QTII.js +11 -0
- package/dist/skill-refinement-QI35LMTZ.js +20 -0
- package/dist/{stack-update-OWWGTYRB.js → stack-update-BE6PX4AG.js} +9 -3
- package/dist/{steward-gate-3ZITRYVH.js → steward-gate-2XD5BXH6.js} +3 -3
- package/dist/{support-outbox-QPQQK7F7.js → support-outbox-MGUVVGHT.js} +96 -44
- package/dist/sweep-budget-WB2FKPYN.js +64 -0
- package/dist/{task-enforcement-L4YTDOOX.js → task-enforcement-DMOCBRLB.js} +191 -17
- package/dist/{task-scope-OIHLMQOQ.js → task-scope-ULBNFBFH.js} +25 -12
- package/dist/{tasks-crud-QUIIRWE3.js → tasks-crud-6SJOKES5.js} +25 -12
- package/dist/{tasks-notify-ANYLB5GU.js → tasks-notify-TESRABUM.js} +20 -13
- package/dist/{tasks-review-BWSCXFMB.js → tasks-review-INDAGLWJ.js} +27 -14
- package/dist/{telemetry-upload-XLDBCD7B.js → telemetry-upload-6XB3Q3IH.js} +7 -7
- package/dist/{token-budget-OQCLPV3A.js → token-budget-NOF27AZC.js} +3 -3
- package/dist/{tool-capability-index-3UWKZZED.js → tool-capability-index-EFBBPTBI.js} +1 -1
- package/dist/{tool-telemetry-AQTFWOWG.js → tool-telemetry-OEK6KQFF.js} +1 -1
- package/dist/tui/App.js +28 -21
- package/dist/{tui-data-3Y5L5LJB.js → tui-data-EG6LEZFF.js} +19 -12
- package/dist/{worker-gate-WJS2MFNA.js → worker-gate-YA35VMAN.js} +1 -1
- package/dist/{workflow-engine-EPPZ226V.js → workflow-engine-3AVKRE5I.js} +2 -2
- package/dist/{worktree-OYGDGJP7.js → worktree-72QYYL5L.js} +4 -4
- package/dist/{worktree-sweep-KV4H4766.js → worktree-sweep-GDISKGQ2.js} +5 -5
- package/package.json +1 -1
- package/release-notes.json +45 -45
- package/dist/chunk-4FVVJ7ME.js +0 -193
- package/dist/completion-nudge-dedup-DBZF24MM.js +0 -74
- package/dist/git-task-sweep-7GVUKDBW.js +0 -47
- package/dist/intercom-queue-6M5IRX3Y.js +0 -17
- /package/dist/{chunk-QTEHH4LG.js → chunk-24WPWCD6.js} +0 -0
- /package/dist/{chunk-IZY6V4FI.js → chunk-4O3N7I5Z.js} +0 -0
- /package/dist/{chunk-WXRVHXVP.js → chunk-7577GDDG.js} +0 -0
- /package/dist/{chunk-Q5YKWFVO.js → chunk-EWKZKO7F.js} +0 -0
- /package/dist/{chunk-DY3J6GQO.js → chunk-H43BPGIV.js} +0 -0
- /package/dist/{chunk-DQJ3WZRK.js → chunk-IHRXCNSC.js} +0 -0
- /package/dist/{chunk-RRQI5PSJ.js → chunk-NIB2N6L2.js} +0 -0
- /package/dist/{chunk-ZU6767WK.js → chunk-QMUSJESS.js} +0 -0
- /package/dist/{chunk-72LWCZTJ.js → chunk-RXS2LBKE.js} +0 -0
- /package/dist/{chunk-SJZT66LM.js → chunk-SNFYZFXY.js} +0 -0
- /package/dist/{chunk-SIJSFULW.js → chunk-TSYMWC53.js} +0 -0
- /package/dist/{core-memory-DARTILJG.js → core-memory-NKKP2XUB.js} +0 -0
- /package/dist/{entity-boost-VR5YOQCT.js → entity-boost-DRIUFTYB.js} +0 -0
- /package/dist/{message-queue-client-HVFR67QH.js → message-queue-client-4ERC7HLX.js} +0 -0
- /package/dist/{oauth-server-UQHCFVHT.js → oauth-server-PECJREY2.js} +0 -0
- /package/dist/{project-boot-22ZZL2GE.js → project-boot-SFKP2MFW.js} +0 -0
- /package/dist/{wiki-acl-EZMGL6KW.js → wiki-acl-QIBDNXSM.js} +0 -0
|
@@ -186,7 +186,7 @@ MONITOR_AGENT_LISTEN=:45876
|
|
|
186
186
|
# erp.<domain> → http://exe-sso-edge:80 (NOT exe-erp / exe-erp-nginx)
|
|
187
187
|
# gateway.<domain> → http://exe-gateway:3100 (routed directly — no SSO gate)
|
|
188
188
|
# monitor.<domain> → http://exe-monitor-hub:8090
|
|
189
|
-
# auth.<domain> → http://gotrue:9999
|
|
189
|
+
# auth.<domain> → http://exe-auth:80 (auth gateway — NOT raw gotrue:9999; bug 802661a5)
|
|
190
190
|
# api.<domain> → http://exe-os:8765
|
|
191
191
|
# SET_MANUALLY
|
|
192
192
|
CLOUDFLARE_TUNNEL_TOKEN=CHANGEME_CLOUDFLARE_TUNNEL_TOKEN
|
|
@@ -10,6 +10,12 @@ DOMAIN=CHANGEME_DOMAIN
|
|
|
10
10
|
POSTGRES_USER=exe
|
|
11
11
|
POSTGRES_PASSWORD=CHANGEME_POSTGRES_PASSWORD
|
|
12
12
|
POSTGRES_DB=exedb
|
|
13
|
+
# bug ad645206: NEVER connect to exe-db via its container IP (10.42.0.x) —
|
|
14
|
+
# container IPs are reassigned on every stack update and silently break any
|
|
15
|
+
# script that hardcodes them. In-network services use the service hostname
|
|
16
|
+
# exe-db:5432; host-side scripts (crons, collectors, OCR workers) use the
|
|
17
|
+
# stable loopback port below (published as 127.0.0.1:<port> by compose).
|
|
18
|
+
EXE_DB_HOST_PORT=55432
|
|
13
19
|
|
|
14
20
|
CLICKHOUSE_DB=default
|
|
15
21
|
CLICKHOUSE_USER=exe
|
|
@@ -139,6 +145,17 @@ GATEWAY_WS_HOST_PORT=3101
|
|
|
139
145
|
GATEWAY_GOTRUE_URL=http://gotrue:9999
|
|
140
146
|
# CRM bridge: exe-gateway reaches exe-crm through Docker service DNS.
|
|
141
147
|
CRM_GRAPHQL_URL=http://exe-crm:3000/graphql
|
|
148
|
+
# bug 0b66164c: CRM bridge token. Compose passes CRM_API_TOKEN into the
|
|
149
|
+
# gateway container, defaulting to the EXE_CRM_ADMIN_TOKEN generated in the
|
|
150
|
+
# CRM block above — set this only to override with a dedicated token. If the
|
|
151
|
+
# gateway logs 'CRM bridge Disabled', check this chain and recreate the
|
|
152
|
+
# gateway container.
|
|
153
|
+
# CRM_API_TOKEN=
|
|
154
|
+
# bug a99c1462: one-time Baileys v7 WhatsApp auth migration. Set =1 for a
|
|
155
|
+
# single gateway restart after an update that invalidates WhatsApp auth
|
|
156
|
+
# (fresh-QR reconnect loop): old auth is archived and a clean QR pairing
|
|
157
|
+
# starts. Re-pair at https://gateway.<domain>/pair/<account>, then unset.
|
|
158
|
+
# EXE_GATEWAY_CONFIRM_BAILEYS_V7_REPAIR=1
|
|
142
159
|
# Error forwarding to exe-monitor-hub (strongly recommended for production)
|
|
143
160
|
ERROR_REPORTING_ENABLED=true
|
|
144
161
|
MONITOR_ERROR_URL=http://exe-monitor-hub:8090/api/exe-monitor/errors
|
|
@@ -230,7 +247,7 @@ MONITOR_SHARE_ALL_SYSTEMS=false
|
|
|
230
247
|
# erp.<domain> → http://exe-sso-edge:80 (NOT exe-erp / exe-erp-nginx)
|
|
231
248
|
# gateway.<domain> → http://exe-gateway:3100 (routed directly — no SSO gate)
|
|
232
249
|
# monitor.<domain> → http://exe-monitor-hub:8090
|
|
233
|
-
# auth.<domain> → http://gotrue:9999
|
|
250
|
+
# auth.<domain> → http://exe-auth:80 (auth gateway — NOT raw gotrue:9999; bug 802661a5)
|
|
234
251
|
# api.<domain> → http://exe-os:8765
|
|
235
252
|
# SET_MANUALLY
|
|
236
253
|
CLOUDFLARE_TUNNEL_TOKEN=CHANGEME_CLOUDFLARE_TUNNEL_TOKEN
|
|
@@ -14,7 +14,10 @@ and log a migration notice, not replace the existing one.
|
|
|
14
14
|
|
|
15
15
|
## Data volumes (Docker managed, persist across updates)
|
|
16
16
|
- `postgres_data` — all database data (CRM, wiki, graph, raw, gateway)
|
|
17
|
-
- `gateway_data` —
|
|
17
|
+
- `gateway_data` — gateway runtime data and local cache
|
|
18
|
+
- `gateway_whatsapp_auth` — Baileys WhatsApp auth state (creds.json, sessions);
|
|
19
|
+
mounted at both `/data/auth_info` and `/data/.auth` so gateway image updates
|
|
20
|
+
cannot strand pairings by switching auth directories
|
|
18
21
|
- `wiki_data` — uploaded documents, workspace storage
|
|
19
22
|
- `crm_data` — CRM local file storage
|
|
20
23
|
- `monitor_hub_data` — PocketBase data, alert history
|
|
@@ -26,6 +26,8 @@
|
|
|
26
26
|
# Host overlay dir : ${OVERLAY_DIR:-/opt/exe-stack/overlay}
|
|
27
27
|
# In-container view : /data/overlay (read-only bind-mount, always present)
|
|
28
28
|
# Applied into : ${OVERLAY_TARGET:-/app/overlay} inside the container
|
|
29
|
+
# Legacy fallback : matching files under /app/dist (when the image has no
|
|
30
|
+
# EXE_GATEWAY_OVERLAY_DIR loader yet)
|
|
29
31
|
#
|
|
30
32
|
# Overlays are loaded by the gateway from EXE_GATEWAY_OVERLAY_DIR (defaults to
|
|
31
33
|
# /data/overlay — the bind-mount — so on a modern gateway no copy is even needed;
|
|
@@ -84,6 +86,26 @@ for f in "${overlay_files[@]}"; do
|
|
|
84
86
|
else
|
|
85
87
|
log " ERROR failed to apply ${base}"
|
|
86
88
|
fi
|
|
89
|
+
|
|
90
|
+
# Compatibility fallback for gateway builds that still do NOT read
|
|
91
|
+
# EXE_GATEWAY_OVERLAY_DIR or /app/overlay (bug 20ae1f85). HYGO's overlays are
|
|
92
|
+
# flat files (po-intake.js, whatsapp.js) that patch same-named files in the
|
|
93
|
+
# built gateway dist. If exactly one match exists, patch that runtime file too
|
|
94
|
+
# so the overlay survives a container recreate even before the gateway image
|
|
95
|
+
# grows a native overlay loader. Multiple matches are unsafe — warn instead of
|
|
96
|
+
# guessing.
|
|
97
|
+
matches=$(docker exec "$CONTAINER" sh -c 'find /app/dist -type f -name "$1" 2>/dev/null' sh "$base" 2>/dev/null || true)
|
|
98
|
+
match_count=$(printf '%s\n' "$matches" | sed '/^$/d' | wc -l | tr -d ' ')
|
|
99
|
+
if [[ "$match_count" == "1" ]]; then
|
|
100
|
+
target=$(printf '%s\n' "$matches" | sed '/^$/d' | head -n1)
|
|
101
|
+
if docker cp "$f" "${CONTAINER}:${target}" >/dev/null 2>&1; then
|
|
102
|
+
log " patched legacy runtime file ${target}"
|
|
103
|
+
else
|
|
104
|
+
log " WARN failed to patch legacy runtime file ${target}"
|
|
105
|
+
fi
|
|
106
|
+
elif [[ "$match_count" != "0" ]]; then
|
|
107
|
+
log " WARN ${base} matched ${match_count} files under /app/dist; not patching legacy runtime path"
|
|
108
|
+
fi
|
|
87
109
|
done
|
|
88
110
|
|
|
89
111
|
if [[ "$applied" -eq 0 ]]; then
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
# erp.<domain> → http://exe-sso-edge:80 (unified SSO redirect)
|
|
10
10
|
# gateway.<domain> → http://exe-gateway:3100
|
|
11
11
|
# monitor.<domain> → http://exe-monitor-hub:8090
|
|
12
|
-
# auth.<domain> → http://gotrue:9999
|
|
12
|
+
# auth.<domain> → http://exe-auth:80 (auth gateway — NOT raw gotrue:9999; bug 802661a5)
|
|
13
13
|
# api.<domain> → http://exe-os:8765
|
|
14
14
|
# No config.yml or credentials file needed — the token embeds everything.
|
|
15
15
|
#
|
|
@@ -51,9 +51,12 @@ ingress:
|
|
|
51
51
|
service: http_status:404
|
|
52
52
|
- hostname: monitor.CHANGEME_DOMAIN
|
|
53
53
|
service: http://exe-monitor-hub:8090
|
|
54
|
-
# Auth (GoTrue)
|
|
54
|
+
# Auth gateway (login SPA + /api/ proxy to GoTrue). Bug 802661a5: routing
|
|
55
|
+
# auth.<domain> straight to raw gotrue:9999 bypasses the exe-auth gateway —
|
|
56
|
+
# no login UI, no CORS/domain templating, and GoTrue's API is exposed as the
|
|
57
|
+
# public front door. Always route through the exe-auth container.
|
|
55
58
|
- hostname: auth.CHANGEME_DOMAIN
|
|
56
|
-
service: http://
|
|
59
|
+
service: http://exe-auth:80
|
|
57
60
|
# exe-os daemon (MCP)
|
|
58
61
|
- hostname: api.CHANGEME_DOMAIN
|
|
59
62
|
service: http://exe-os:8765
|
|
@@ -68,6 +68,15 @@ services:
|
|
|
68
68
|
# container recreation; push it off-box for true disaster recovery.
|
|
69
69
|
- pg_wal_archive:/var/lib/postgresql/wal_archive
|
|
70
70
|
- ./init-db.sql:/docker-entrypoint-initdb.d/01-init.sql:ro
|
|
71
|
+
# bug ad645206: STABLE loopback-only host port for host-side tooling
|
|
72
|
+
# (dashboard snapshot crons, collectors, OCR workers, psql). Container IPs
|
|
73
|
+
# on the backend network (10.42.0.x) are REASSIGNED whenever the stack is
|
|
74
|
+
# recreated by an update — every script that hardcoded an IP broke silently
|
|
75
|
+
# (ECONNREFUSED for days). Host scripts must connect to
|
|
76
|
+
# 127.0.0.1:${EXE_DB_HOST_PORT} (default 55432); in-network services keep
|
|
77
|
+
# using the service hostname exe-db:5432. Never reference a container IP.
|
|
78
|
+
ports:
|
|
79
|
+
- "127.0.0.1:${EXE_DB_HOST_PORT:-55432}:5432"
|
|
71
80
|
networks:
|
|
72
81
|
- backend
|
|
73
82
|
healthcheck:
|
|
@@ -507,7 +516,7 @@ services:
|
|
|
507
516
|
# offline boots fail). WIKI_EXE_OS_NPM_VERSION defaults to the stack's
|
|
508
517
|
# pinned exe-os npm version and is threaded into the spawn args.
|
|
509
518
|
EXE_OS_MCP_COMMAND: ${WIKI_EXE_OS_MCP_COMMAND:-npx}
|
|
510
|
-
EXE_OS_MCP_ARGS: ${WIKI_EXE_OS_MCP_ARGS:--y @askexenow/exe-os@${WIKI_EXE_OS_NPM_VERSION:-0.9.
|
|
519
|
+
EXE_OS_MCP_ARGS: ${WIKI_EXE_OS_MCP_ARGS:--y @askexenow/exe-os@${WIKI_EXE_OS_NPM_VERSION:-0.9.322} mcp}
|
|
511
520
|
BRANDING_CONFIG_PATH: /app/branding.json
|
|
512
521
|
ports:
|
|
513
522
|
- "127.0.0.1:${WIKI_HOST_PORT:-3001}:3001"
|
|
@@ -693,6 +702,21 @@ services:
|
|
|
693
702
|
EXED_MCP_URL: http://exe-os:48739/mcp
|
|
694
703
|
EXED_MCP_TOKEN: ${EXED_MCP_TOKEN:?EXED_MCP_TOKEN is required}
|
|
695
704
|
CRM_GRAPHQL_URL: ${CRM_GRAPHQL_URL:-http://exe-crm:3000/graphql}
|
|
705
|
+
# bug 0b66164c: CRM bridge auth token. The per-service env allowlist that
|
|
706
|
+
# replaced the blanket `env_file: .env` (bug 67d62490) silently DROPPED
|
|
707
|
+
# CRM_API_TOKEN from the gateway container on the next stack update — the
|
|
708
|
+
# CRM bridge disabled itself ("CRM bridge Disabled — CRM_API_TOKEN not
|
|
709
|
+
# set") and WhatsApp→CRM contact sync stopped with no alert. Pass the
|
|
710
|
+
# token through explicitly, defaulting to the EXE_CRM_ADMIN_TOKEN that
|
|
711
|
+
# generate-env.ts already provisions (the CRM accepts it as an admin API
|
|
712
|
+
# token), so a fresh stack has a working bridge out of the box.
|
|
713
|
+
CRM_API_TOKEN: ${CRM_API_TOKEN:-${EXE_CRM_ADMIN_TOKEN:-}}
|
|
714
|
+
# bug a99c1462: opt-in Baileys v7 auth-state migration. When a gateway
|
|
715
|
+
# update crosses a Baileys major (pre-v7 auth state invalid → fresh QR +
|
|
716
|
+
# reconnect loop), set this to 1 in .env for ONE restart: the gateway
|
|
717
|
+
# archives the old WhatsApp auth (kept 7 days) and starts a clean QR
|
|
718
|
+
# pairing flow. Re-pair at https://gateway.<domain>/pair/<account>, then unset.
|
|
719
|
+
EXE_GATEWAY_CONFIRM_BAILEYS_V7_REPAIR: ${EXE_GATEWAY_CONFIRM_BAILEYS_V7_REPAIR:-}
|
|
696
720
|
ERROR_REPORTING_ENABLED: "true"
|
|
697
721
|
MONITOR_ERROR_URL: http://exe-monitor-hub:8090/api/exe-monitor/errors
|
|
698
722
|
# bug 182c6da3 / a125785d: shared monitor secret. The hub authenticates the
|
|
@@ -721,6 +745,12 @@ services:
|
|
|
721
745
|
# EXE_GATEWAY_HOME; the old /app/auth_info mount was unreachable when the
|
|
722
746
|
# gateway used its default path. gateway.json authDir updated to match.
|
|
723
747
|
- gateway_whatsapp_auth:/data/auth_info
|
|
748
|
+
# bug d16a808f/a99c1462: keep the SAME WhatsApp auth-state volume visible
|
|
749
|
+
# at the newer Baileys/default gateway path too. Some gateway builds used
|
|
750
|
+
# /data/.auth/whatsapp-* regardless of gateway.json authDir; exposing one
|
|
751
|
+
# volume at both paths prevents an image update from "losing" pairings just
|
|
752
|
+
# because the app switched auth directories.
|
|
753
|
+
- gateway_whatsapp_auth:/data/.auth
|
|
724
754
|
- ./gateway.json:/data/gateway.json:ro
|
|
725
755
|
# bug 02bc1bb8: PERSISTENT customer-overlay bind-mount. Anything the
|
|
726
756
|
# customer drops in the host ./overlay dir (e.g. po-intake.js) is exposed
|
|
@@ -904,6 +934,11 @@ services:
|
|
|
904
934
|
condition: service_healthy
|
|
905
935
|
exe-erp-nginx:
|
|
906
936
|
condition: service_healthy
|
|
937
|
+
# Bug 462d3273: the edge's /_sso_gate validates ?access_token= against
|
|
938
|
+
# GoTrue (upstream sso_gotrue → gotrue:9999) instead of trusting its
|
|
939
|
+
# presence, so the edge needs GoTrue resolvable and healthy at start.
|
|
940
|
+
gotrue:
|
|
941
|
+
condition: service_healthy
|
|
907
942
|
environment:
|
|
908
943
|
DOMAIN: ${DOMAIN:?DOMAIN is required — set to your customer apex domain (e.g. hygo.co)}
|
|
909
944
|
# Neutralize nginx:alpine's built-in 20-envsubst-on-templates.sh: it would
|
|
@@ -51,6 +51,10 @@ const DEFAULT_MONITOR_HUB_URL = "http://exe-monitor-hub:8090";
|
|
|
51
51
|
const DEFAULT_MONITOR_AGENT_LISTEN = ":45876";
|
|
52
52
|
const DEFAULT_EXE_MCP_HOST_BIND = "127.0.0.1";
|
|
53
53
|
const DEFAULT_EXE_MCP_HOST_PORT = "48739";
|
|
54
|
+
// bug ad645206: stable loopback-only host port for exe-db so host-side scripts
|
|
55
|
+
// never hardcode a (reassigned-on-update) container IP. 55432 avoids colliding
|
|
56
|
+
// with a host-local Postgres on 5432.
|
|
57
|
+
const DEFAULT_EXE_DB_HOST_PORT = "55432";
|
|
54
58
|
|
|
55
59
|
export interface GenerateEnvOptions {
|
|
56
60
|
clientName: string;
|
|
@@ -73,6 +77,12 @@ export function generateEnv(options: GenerateEnvOptions): string {
|
|
|
73
77
|
`POSTGRES_USER=${POSTGRES_USER}`,
|
|
74
78
|
`POSTGRES_PASSWORD=${randomSecret(RANDOM_SECRET_32)}`,
|
|
75
79
|
`POSTGRES_DB=${POSTGRES_DB}`,
|
|
80
|
+
"# bug ad645206: NEVER connect to exe-db via its container IP (10.42.0.x) —",
|
|
81
|
+
"# container IPs are reassigned on every stack update and silently break any",
|
|
82
|
+
"# script that hardcodes them. In-network services use the service hostname",
|
|
83
|
+
"# exe-db:5432; host-side scripts (crons, collectors, OCR workers) use the",
|
|
84
|
+
"# stable loopback port below (published as 127.0.0.1:<port> by compose).",
|
|
85
|
+
`EXE_DB_HOST_PORT=${DEFAULT_EXE_DB_HOST_PORT}`,
|
|
76
86
|
"",
|
|
77
87
|
`CLICKHOUSE_DB=${CLICKHOUSE_DB}`,
|
|
78
88
|
`CLICKHOUSE_USER=${CLICKHOUSE_USER}`,
|
|
@@ -190,6 +200,17 @@ export function generateEnv(options: GenerateEnvOptions): string {
|
|
|
190
200
|
"GATEWAY_GOTRUE_URL=http://gotrue:9999",
|
|
191
201
|
"# CRM bridge: exe-gateway reaches exe-crm through Docker service DNS.",
|
|
192
202
|
`CRM_GRAPHQL_URL=${DEFAULT_CRM_GRAPHQL_URL}`,
|
|
203
|
+
"# bug 0b66164c: CRM bridge token. Compose passes CRM_API_TOKEN into the",
|
|
204
|
+
"# gateway container, defaulting to the EXE_CRM_ADMIN_TOKEN generated in the",
|
|
205
|
+
"# CRM block above — set this only to override with a dedicated token. If the",
|
|
206
|
+
"# gateway logs 'CRM bridge Disabled', check this chain and recreate the",
|
|
207
|
+
"# gateway container.",
|
|
208
|
+
"# CRM_API_TOKEN=",
|
|
209
|
+
"# bug a99c1462: one-time Baileys v7 WhatsApp auth migration. Set =1 for a",
|
|
210
|
+
"# single gateway restart after an update that invalidates WhatsApp auth",
|
|
211
|
+
"# (fresh-QR reconnect loop): old auth is archived and a clean QR pairing",
|
|
212
|
+
"# starts. Re-pair at https://gateway.<domain>/pair/<account>, then unset.",
|
|
213
|
+
"# EXE_GATEWAY_CONFIRM_BAILEYS_V7_REPAIR=1",
|
|
193
214
|
"# Error forwarding to exe-monitor-hub (strongly recommended for production)",
|
|
194
215
|
"ERROR_REPORTING_ENABLED=true",
|
|
195
216
|
"MONITOR_ERROR_URL=http://exe-monitor-hub:8090/api/exe-monitor/errors",
|
|
@@ -271,7 +292,7 @@ export function generateEnv(options: GenerateEnvOptions): string {
|
|
|
271
292
|
"# erp.<domain> → http://exe-sso-edge:80 (NOT exe-erp / exe-erp-nginx)",
|
|
272
293
|
"# gateway.<domain> → http://exe-gateway:3100 (routed directly — no SSO gate)",
|
|
273
294
|
"# monitor.<domain> → http://exe-monitor-hub:8090",
|
|
274
|
-
"# auth.<domain> → http://gotrue:9999",
|
|
295
|
+
"# auth.<domain> → http://exe-auth:80 (auth gateway — NOT raw gotrue:9999; bug 802661a5)",
|
|
275
296
|
"# api.<domain> → http://exe-os:8765",
|
|
276
297
|
MANUAL_VALUE_COMMENT,
|
|
277
298
|
"CLOUDFLARE_TUNNEL_TOKEN=",
|
|
@@ -296,6 +317,12 @@ export function generateExampleEnv(): string {
|
|
|
296
317
|
`POSTGRES_USER=${POSTGRES_USER}`,
|
|
297
318
|
"POSTGRES_PASSWORD=CHANGEME_POSTGRES_PASSWORD",
|
|
298
319
|
`POSTGRES_DB=${POSTGRES_DB}`,
|
|
320
|
+
"# bug ad645206: NEVER connect to exe-db via its container IP (10.42.0.x) —",
|
|
321
|
+
"# container IPs are reassigned on every stack update and silently break any",
|
|
322
|
+
"# script that hardcodes them. In-network services use the service hostname",
|
|
323
|
+
"# exe-db:5432; host-side scripts (crons, collectors, OCR workers) use the",
|
|
324
|
+
"# stable loopback port below (published as 127.0.0.1:<port> by compose).",
|
|
325
|
+
`EXE_DB_HOST_PORT=${DEFAULT_EXE_DB_HOST_PORT}`,
|
|
299
326
|
"",
|
|
300
327
|
`CLICKHOUSE_DB=${CLICKHOUSE_DB}`,
|
|
301
328
|
`CLICKHOUSE_USER=${CLICKHOUSE_USER}`,
|
|
@@ -425,6 +452,17 @@ export function generateExampleEnv(): string {
|
|
|
425
452
|
"GATEWAY_GOTRUE_URL=http://gotrue:9999",
|
|
426
453
|
"# CRM bridge: exe-gateway reaches exe-crm through Docker service DNS.",
|
|
427
454
|
`CRM_GRAPHQL_URL=${DEFAULT_CRM_GRAPHQL_URL}`,
|
|
455
|
+
"# bug 0b66164c: CRM bridge token. Compose passes CRM_API_TOKEN into the",
|
|
456
|
+
"# gateway container, defaulting to the EXE_CRM_ADMIN_TOKEN generated in the",
|
|
457
|
+
"# CRM block above — set this only to override with a dedicated token. If the",
|
|
458
|
+
"# gateway logs 'CRM bridge Disabled', check this chain and recreate the",
|
|
459
|
+
"# gateway container.",
|
|
460
|
+
"# CRM_API_TOKEN=",
|
|
461
|
+
"# bug a99c1462: one-time Baileys v7 WhatsApp auth migration. Set =1 for a",
|
|
462
|
+
"# single gateway restart after an update that invalidates WhatsApp auth",
|
|
463
|
+
"# (fresh-QR reconnect loop): old auth is archived and a clean QR pairing",
|
|
464
|
+
"# starts. Re-pair at https://gateway.<domain>/pair/<account>, then unset.",
|
|
465
|
+
"# EXE_GATEWAY_CONFIRM_BAILEYS_V7_REPAIR=1",
|
|
428
466
|
"# Error forwarding to exe-monitor-hub (strongly recommended for production)",
|
|
429
467
|
"ERROR_REPORTING_ENABLED=true",
|
|
430
468
|
"MONITOR_ERROR_URL=http://exe-monitor-hub:8090/api/exe-monitor/errors",
|
|
@@ -516,7 +554,7 @@ export function generateExampleEnv(): string {
|
|
|
516
554
|
"# erp.<domain> → http://exe-sso-edge:80 (NOT exe-erp / exe-erp-nginx)",
|
|
517
555
|
"# gateway.<domain> → http://exe-gateway:3100 (routed directly — no SSO gate)",
|
|
518
556
|
"# monitor.<domain> → http://exe-monitor-hub:8090",
|
|
519
|
-
"# auth.<domain> → http://gotrue:9999",
|
|
557
|
+
"# auth.<domain> → http://exe-auth:80 (auth gateway — NOT raw gotrue:9999; bug 802661a5)",
|
|
520
558
|
"# api.<domain> → http://exe-os:8765",
|
|
521
559
|
MANUAL_VALUE_COMMENT,
|
|
522
560
|
"CLOUDFLARE_TUNNEL_TOKEN=CHANGEME_CLOUDFLARE_TUNNEL_TOKEN",
|
|
@@ -20,6 +20,17 @@ upstream sso_crm { server exe-crm:3000; }
|
|
|
20
20
|
upstream sso_wiki { server exe-wiki:3001; }
|
|
21
21
|
# ERP must be reached through its own nginx (gunicorn can't serve /assets/ — bug 6776edf0)
|
|
22
22
|
upstream sso_erp { server exe-erp-nginx:80; }
|
|
23
|
+
# Shared GoTrue — the sso-redirect snippet's /_sso_gate validates ?access_token=
|
|
24
|
+
# against GET /user here instead of trusting its presence (P0 bug 462d3273).
|
|
25
|
+
upstream sso_gotrue { server gotrue:9999; }
|
|
26
|
+
|
|
27
|
+
# Extract the SSO callback token from the request line (P0 bug 462d3273).
|
|
28
|
+
# The gate's auth_request subrequest does not inherit the query string, but it
|
|
29
|
+
# does inherit $request_uri — this map is how /_sso_gate reads the token.
|
|
30
|
+
map $request_uri $sso_uri_access_token {
|
|
31
|
+
default "";
|
|
32
|
+
"~[?&]access_token=(?<tok>[^&]+)" $tok;
|
|
33
|
+
}
|
|
23
34
|
|
|
24
35
|
map $http_upgrade $sso_conn_upgrade {
|
|
25
36
|
default upgrade;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
2
|
-
# Unified SSO redirect snippet (bug 66f8e10a)
|
|
2
|
+
# Unified SSO redirect snippet (bug 66f8e10a, hardened for bug 462d3273)
|
|
3
3
|
#
|
|
4
4
|
# Funnels UNAUTHENTICATED visitors of an app subdomain (crm / wiki / erp) to the
|
|
5
5
|
# central auth gateway at auth.<domain>, then lets the gateway redirect them back
|
|
@@ -7,20 +7,42 @@
|
|
|
7
7
|
# advertised "single front door" does not exist.
|
|
8
8
|
#
|
|
9
9
|
# ── How it works ────────────────────────────────────────────────────────────
|
|
10
|
-
# 1.
|
|
11
|
-
#
|
|
12
|
-
#
|
|
13
|
-
#
|
|
10
|
+
# 1. Every request runs the edge auth gate (auth_request → /_sso_gate).
|
|
11
|
+
# 2. If the app session cookie is present the request passes (the app validates
|
|
12
|
+
# its own session server-side — the cookie name differs per app; set it via
|
|
13
|
+
# $sso_session_cookie below).
|
|
14
|
+
# 3. If the request carries ?access_token= (the SSO callback), the edge
|
|
15
|
+
# VALIDATES the token against the shared GoTrue (`GET /user` with
|
|
16
|
+
# `Authorization: Bearer <token>`) before letting it through. P0 bug
|
|
17
|
+
# 462d3273: the edge previously trusted the mere PRESENCE of the query
|
|
18
|
+
# param, so `?access_token=anything` bypassed the gate. Presence is never
|
|
19
|
+
# trusted — only a token GoTrue accepts passes.
|
|
20
|
+
# 4. Anything else 401s inside the gate and is 302-redirected to:
|
|
14
21
|
# https://auth.<domain>/?product=<App>&redirect=https://<app>.<domain><uri>
|
|
15
|
-
#
|
|
16
|
-
# back to the app URL with ?access_token=<jwt>&refresh_token=<...>.
|
|
17
|
-
#
|
|
18
|
-
# cookie
|
|
22
|
+
# 5. The gateway authenticates against the shared GoTrue and bounces the user
|
|
23
|
+
# back to the app URL with ?access_token=<jwt>&refresh_token=<...>. The app
|
|
24
|
+
# consumes the token and sets its session cookie — subsequent requests carry
|
|
25
|
+
# the cookie and skip the GoTrue round-trip (gate returns 204 locally).
|
|
19
26
|
#
|
|
20
27
|
# ── Per-customer install ────────────────────────────────────────────────────
|
|
21
28
|
# These are templated values — replace before installing, or render with envsubst
|
|
22
29
|
# (DOMAIN, APP_NAME, APP_SUBDOMAIN, APP_SESSION_COOKIE):
|
|
23
30
|
#
|
|
31
|
+
# # TWO http-context declarations MUST exist once per nginx config (the
|
|
32
|
+
# # compose edge ships them in sso-edge/default.conf.template; host-nginx
|
|
33
|
+
# # installs add them next to their `include`s — see sso-redirect.README.md):
|
|
34
|
+
# #
|
|
35
|
+
# # 1. The shared GoTrue upstream the gate validates tokens against
|
|
36
|
+
# # (compose: `server gotrue:9999`; host nginx: the published port):
|
|
37
|
+
# upstream sso_gotrue { server 127.0.0.1:9999; }
|
|
38
|
+
# # 2. The callback-token extractor. The auth_request subrequest does not
|
|
39
|
+
# # inherit the query string, but it DOES inherit $request_uri, so the
|
|
40
|
+
# # token is mapped from it:
|
|
41
|
+
# map $request_uri $sso_uri_access_token {
|
|
42
|
+
# default "";
|
|
43
|
+
# "~[?&]access_token=(?<tok>[^&]+)" $tok;
|
|
44
|
+
# }
|
|
45
|
+
#
|
|
24
46
|
# server {
|
|
25
47
|
# server_name crm.${DOMAIN};
|
|
26
48
|
# set $sso_auth_base "https://auth.${DOMAIN}";
|
|
@@ -40,24 +62,71 @@
|
|
|
40
62
|
# the stack with Cloudflare Tunnel instead of host nginx, implement the same gate
|
|
41
63
|
# with Cloudflare Access (see sso-redirect.README.md) — cloudflared ingress alone
|
|
42
64
|
# cannot express a cookie-conditional redirect.
|
|
65
|
+
#
|
|
66
|
+
# NOTE: cookie PRESENCE is still trusted at the edge (the CRM/ERP session cookies
|
|
67
|
+
# are app-native sessions the edge cannot verify against GoTrue); each app fully
|
|
68
|
+
# validates its own session server-side. The edge gate's job is the login funnel
|
|
69
|
+
# plus never letting an unvalidated bearer token skip it (bug 462d3273).
|
|
43
70
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
44
71
|
|
|
45
|
-
#
|
|
46
|
-
#
|
|
47
|
-
#
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
72
|
+
# Run the gate for every request on this vhost. The gate is a zero-cost local
|
|
73
|
+
# check when the session cookie is present; it only round-trips to GoTrue for
|
|
74
|
+
# the ?access_token= SSO callback. A gate 401 becomes the login redirect below.
|
|
75
|
+
# Requires nginx built with ngx_http_auth_request_module (present in the
|
|
76
|
+
# official nginx / nginx:alpine builds).
|
|
77
|
+
auth_request /_sso_gate;
|
|
78
|
+
error_page 401 = @sso_login;
|
|
79
|
+
|
|
80
|
+
location = /_sso_gate {
|
|
81
|
+
internal;
|
|
82
|
+
auth_request off; # never gate the gate (recursion guard)
|
|
83
|
+
|
|
84
|
+
# The gate must answer the auth subrequest with a PLAIN 401 — without this
|
|
85
|
+
# override, the server-level `error_page 401 = @sso_login` would intercept
|
|
86
|
+
# the internally-generated 401s below and turn the subrequest into a 302,
|
|
87
|
+
# which auth_request rejects ("auth request unexpected status: 302").
|
|
88
|
+
error_page 401 = @sso_gate_deny;
|
|
89
|
+
|
|
90
|
+
# 1. App session cookie present → authenticated (app re-validates it).
|
|
91
|
+
if ($sso_session_cookie) {
|
|
92
|
+
return 204;
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
# 2. No cookie and no token → unauthenticated → login redirect.
|
|
96
|
+
# $sso_uri_access_token comes from the REQUIRED http-context map (see
|
|
97
|
+
# header comment): the auth_request subrequest does not inherit the
|
|
98
|
+
# query string (so $arg_access_token is empty here) and server-level
|
|
99
|
+
# `set` re-runs empty in the subrequest — but $request_uri IS inherited,
|
|
100
|
+
# so a map over it yields the callback token reliably.
|
|
101
|
+
if ($sso_uri_access_token = "") {
|
|
102
|
+
return 401;
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
# 3. SSO callback: VALIDATE the token against the shared GoTrue.
|
|
106
|
+
# GET /user returns 200 only for a currently-valid access token; any
|
|
107
|
+
# 401/403 propagates and triggers the login redirect. If GoTrue is
|
|
108
|
+
# unreachable the subrequest 5xx fails the gate (fail closed).
|
|
109
|
+
proxy_pass http://sso_gotrue/user;
|
|
110
|
+
proxy_pass_request_body off;
|
|
111
|
+
proxy_set_header Content-Length "";
|
|
112
|
+
proxy_set_header Authorization "Bearer $sso_uri_access_token";
|
|
113
|
+
proxy_set_header Cookie "";
|
|
114
|
+
proxy_connect_timeout 5s;
|
|
115
|
+
proxy_send_timeout 5s;
|
|
116
|
+
proxy_read_timeout 5s;
|
|
51
117
|
}
|
|
52
118
|
|
|
53
|
-
#
|
|
54
|
-
#
|
|
55
|
-
|
|
56
|
-
|
|
119
|
+
# Plain-401 sink for the gate subrequest (see error_page inside /_sso_gate).
|
|
120
|
+
# recursive_error_pages is off by default, so this terminal 401 is not
|
|
121
|
+
# re-intercepted by the server-level error_page.
|
|
122
|
+
location @sso_gate_deny {
|
|
123
|
+
auth_request off;
|
|
124
|
+
return 401;
|
|
57
125
|
}
|
|
58
126
|
|
|
59
|
-
#
|
|
127
|
+
# Login redirect for unauthenticated top-level page loads.
|
|
60
128
|
# $request_uri preserves the path + query the user was trying to reach.
|
|
61
|
-
|
|
129
|
+
location @sso_login {
|
|
130
|
+
auth_request off;
|
|
62
131
|
return 302 "$sso_auth_base/?product=$sso_product&redirect=$sso_app_url$request_uri";
|
|
63
132
|
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schemaVersion": 1,
|
|
3
|
-
"latest": "0.9.
|
|
3
|
+
"latest": "0.9.29",
|
|
4
4
|
"stacks": {
|
|
5
5
|
"0.9.0": {
|
|
6
6
|
"version": "0.9.0",
|
|
@@ -1906,11 +1906,119 @@
|
|
|
1906
1906
|
"category": "infra"
|
|
1907
1907
|
}
|
|
1908
1908
|
}
|
|
1909
|
+
},
|
|
1910
|
+
"0.9.29": {
|
|
1911
|
+
"version": "0.9.29",
|
|
1912
|
+
"releasedAt": "2026-07-04T00:00:00Z",
|
|
1913
|
+
"notes": "exe-os v0.9.324 (#305 daemon event-loop, #307 orchestration dispatch, #308 customer-readiness, #309 MCP transport isolation + coordinator-orphan reaper), exe-gateway v0.9.28 (#55: WhatsApp auth persistence, crm-bridge push_name, overlay loading, raw-event replay ON CONFLICT, health adapter state, Prisma migrations), exe-crm v0.9.53 (#58: startup-crash WorkspaceDomainsService + upgrade command + version resolution + k8s hardening), exe-wiki v0.9.27 (#34: test-teardown). Other services unchanged from 0.9.28.",
|
|
1914
|
+
"npmVersion": "0.9.324",
|
|
1915
|
+
"services": {
|
|
1916
|
+
"exe-db": {
|
|
1917
|
+
"image": "pgvector/pgvector:0.8.0-pg16@sha256:a132765ec351c65111b5b675928a3a0515a466a40f97277329db8b8209ad8bc9",
|
|
1918
|
+
"env": "EXE_DB_IMAGE",
|
|
1919
|
+
"composeService": "exe-db",
|
|
1920
|
+
"required": true,
|
|
1921
|
+
"category": "core",
|
|
1922
|
+
"description": "Postgres (pgvector) — digest-pinned (bug 32d6e02f; was tag-only in 0.9.25, regressed from 0.9.24)"
|
|
1923
|
+
},
|
|
1924
|
+
"exe-os": {
|
|
1925
|
+
"image": "update.askexe.com/askexe/exe-os:v0.9.324@sha256:3ce6406e0f7f279ff2568bbbb7d55de51a46fdf35c49691f24fd959d6fd2d3fa",
|
|
1926
|
+
"env": "EXE_OS_IMAGE_TAG",
|
|
1927
|
+
"composeService": "exe-os",
|
|
1928
|
+
"healthUrl": "http://127.0.0.1:8765/health",
|
|
1929
|
+
"required": true,
|
|
1930
|
+
"category": "core",
|
|
1931
|
+
"description": "exe-os daemon + MCP server"
|
|
1932
|
+
},
|
|
1933
|
+
"crm": {
|
|
1934
|
+
"image": "update.askexe.com/askexe/exe-crm:v0.9.53@sha256:a586dcc8bbd992538e3caa18c44e772d30f31155dfef0a2b7466ca3fc7c553d8",
|
|
1935
|
+
"env": "CRM_IMAGE_TAG",
|
|
1936
|
+
"composeService": "exe-crm",
|
|
1937
|
+
"healthUrl": "http://127.0.0.1:3000/healthz",
|
|
1938
|
+
"category": "app"
|
|
1939
|
+
},
|
|
1940
|
+
"wiki": {
|
|
1941
|
+
"image": "update.askexe.com/askexe/exe-wiki:v0.9.27@sha256:a422e787f06850a5302dc560bfb1b944d8b35927607ded762bbda610fb7db48d",
|
|
1942
|
+
"env": "WIKI_IMAGE_TAG",
|
|
1943
|
+
"composeService": "exe-wiki",
|
|
1944
|
+
"healthUrl": "http://127.0.0.1:3001/api/ping",
|
|
1945
|
+
"category": "app"
|
|
1946
|
+
},
|
|
1947
|
+
"gateway": {
|
|
1948
|
+
"image": "update.askexe.com/askexe/exe-gateway:v0.9.28@sha256:b3ab35cf00490711c4ae945d06da042cb285ca1c07902ea1c2e28ca540741a5d",
|
|
1949
|
+
"env": "GATEWAY_IMAGE_TAG",
|
|
1950
|
+
"composeService": "exe-gateway",
|
|
1951
|
+
"healthUrl": "http://127.0.0.1:3100/health",
|
|
1952
|
+
"category": "app",
|
|
1953
|
+
"description": "WhatsApp/messaging gateway — CRM bridge fix, BYOK alias, SQL race fix, Baileys WA version floor"
|
|
1954
|
+
},
|
|
1955
|
+
"monitorAgent": {
|
|
1956
|
+
"image": "update.askexe.com/askexe/exe-monitor-agent:v0.9.5@sha256:cada7dace00ccb629aa10976e80e20d7d25685042519bd2aec58ab4bf35ff0cd",
|
|
1957
|
+
"env": "MONITOR_AGENT_IMAGE_TAG",
|
|
1958
|
+
"composeService": "exe-monitor-agent",
|
|
1959
|
+
"category": "monitoring"
|
|
1960
|
+
},
|
|
1961
|
+
"monitorHub": {
|
|
1962
|
+
"image": "update.askexe.com/askexe/exe-monitor-hub:v0.9.5@sha256:1af31893cc8b1e51892be7d7705fa6c6b3108af8366b1fa8da2879d8ae21ec88",
|
|
1963
|
+
"env": "MONITOR_HUB_IMAGE_TAG",
|
|
1964
|
+
"composeService": "exe-monitor-hub",
|
|
1965
|
+
"healthUrl": "http://127.0.0.1:8090/api/health",
|
|
1966
|
+
"category": "monitoring"
|
|
1967
|
+
},
|
|
1968
|
+
"auth": {
|
|
1969
|
+
"image": "update.askexe.com/askexe/exe-auth:v0.1.0@sha256:5de4fe282c60c9877b6a0e22cfba43f6222982d81eb315667e9479eb94d94d7a",
|
|
1970
|
+
"env": "AUTH_IMAGE_TAG",
|
|
1971
|
+
"composeService": "exe-auth",
|
|
1972
|
+
"healthUrl": "http://127.0.0.1:3300/api/health",
|
|
1973
|
+
"category": "auth"
|
|
1974
|
+
},
|
|
1975
|
+
"erp": {
|
|
1976
|
+
"image": "update.askexe.com/askexe/exe-erp:v0.2.0-final8@sha256:15bb6020b109b4dfd51d245273ffa88bbfbaf0de09da05a09e6b6f9344b00c46",
|
|
1977
|
+
"env": "ERP_IMAGE_TAG",
|
|
1978
|
+
"composeService": "exe-erp",
|
|
1979
|
+
"healthUrl": "http://127.0.0.1:8069/api/method/ping",
|
|
1980
|
+
"healthHost": "localhost",
|
|
1981
|
+
"required": false,
|
|
1982
|
+
"category": "app",
|
|
1983
|
+
"description": "Enterprise Resource Planning"
|
|
1984
|
+
},
|
|
1985
|
+
"gotrue": {
|
|
1986
|
+
"image": "supabase/gotrue:v2.172.1@sha256:b0dd7aa28dd1f9a8bd31f136c8b912661f701d9b863171e5843cb08f18f49de4",
|
|
1987
|
+
"composeService": "gotrue",
|
|
1988
|
+
"healthUrl": "http://127.0.0.1:9999/health",
|
|
1989
|
+
"category": "infra"
|
|
1990
|
+
},
|
|
1991
|
+
"redis": {
|
|
1992
|
+
"image": "redis:7.4-alpine@sha256:6ab0b6e7381779332f97b8ca76193e45b0756f38d4c0dcda72dbb3c32061ab99",
|
|
1993
|
+
"composeService": "redis",
|
|
1994
|
+
"category": "infra"
|
|
1995
|
+
},
|
|
1996
|
+
"clickhouse": {
|
|
1997
|
+
"image": "clickhouse/clickhouse-server:24.8.4.13-alpine@sha256:88a45f9e328549b2579256c46ee38e5c0e25ae58303d9eb6d9c7ed8d6d2bbf3c",
|
|
1998
|
+
"composeService": "clickhouse",
|
|
1999
|
+
"category": "infra"
|
|
2000
|
+
},
|
|
2001
|
+
"cloudflared": {
|
|
2002
|
+
"image": "cloudflare/cloudflared@sha256:ba461b8aa9c042156dbd39c38657fe7431bafa063220eab8d5330a523863da9f",
|
|
2003
|
+
"composeService": "cloudflared",
|
|
2004
|
+
"category": "infra"
|
|
2005
|
+
},
|
|
2006
|
+
"exe-sso-edge": {
|
|
2007
|
+
"image": "nginx:alpine@sha256:20316569d8f81a160065d7d2a5eeffc7ca97d79022462ee255fd23fa103a6b5c",
|
|
2008
|
+
"composeService": "exe-sso-edge",
|
|
2009
|
+
"category": "infra"
|
|
2010
|
+
},
|
|
2011
|
+
"exe-otel-collector": {
|
|
2012
|
+
"image": "otel/opentelemetry-collector-contrib:0.114.0@sha256:37fa87091cfaaec7234a27e4e395a40c31c2bfaea97a349a4afef6d9e9681197",
|
|
2013
|
+
"composeService": "exe-otel-collector",
|
|
2014
|
+
"category": "infra"
|
|
2015
|
+
}
|
|
2016
|
+
}
|
|
1909
2017
|
}
|
|
1910
2018
|
},
|
|
1911
2019
|
"signature": {
|
|
1912
2020
|
"keyId": "exe-stack-1",
|
|
1913
2021
|
"alg": "ed25519",
|
|
1914
|
-
"signature": "
|
|
2022
|
+
"signature": "7e/1gwcJB83aPHZPJHEnZRI/Nc4Rr5NZn4qyqk3f9Bv6KruxygvvagcUs/u+NPjWrzyXIUK5nimpGsaulJf7DQ=="
|
|
1915
2023
|
}
|
|
1916
2024
|
}
|
|
@@ -6,12 +6,12 @@ import {
|
|
|
6
6
|
getAllActiveAgents,
|
|
7
7
|
resolveActiveAgentFromTmuxSession,
|
|
8
8
|
writeActiveAgent
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-ID3V4BWS.js";
|
|
10
10
|
import "./chunk-CVYC6DUW.js";
|
|
11
11
|
import "./chunk-GJV3WDWM.js";
|
|
12
|
-
import "./chunk-
|
|
12
|
+
import "./chunk-QGOMYIVT.js";
|
|
13
13
|
import "./chunk-2I23RPSI.js";
|
|
14
|
-
import "./chunk-
|
|
14
|
+
import "./chunk-7577GDDG.js";
|
|
15
15
|
import "./chunk-PNQDP3OA.js";
|
|
16
16
|
import "./chunk-H73TUI4Y.js";
|
|
17
17
|
import "./chunk-7HLWBYH7.js";
|
|
@@ -5,12 +5,12 @@ import {
|
|
|
5
5
|
getAllActiveAgents,
|
|
6
6
|
resolveActiveAgentFromTmuxSession,
|
|
7
7
|
writeActiveAgent
|
|
8
|
-
} from "./chunk-
|
|
8
|
+
} from "./chunk-ID3V4BWS.js";
|
|
9
9
|
import "./chunk-CVYC6DUW.js";
|
|
10
10
|
import "./chunk-GJV3WDWM.js";
|
|
11
|
-
import "./chunk-
|
|
11
|
+
import "./chunk-QGOMYIVT.js";
|
|
12
12
|
import "./chunk-2I23RPSI.js";
|
|
13
|
-
import "./chunk-
|
|
13
|
+
import "./chunk-7577GDDG.js";
|
|
14
14
|
import "./chunk-PNQDP3OA.js";
|
|
15
15
|
import "./chunk-H73TUI4Y.js";
|
|
16
16
|
import "./chunk-7HLWBYH7.js";
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import {
|
|
2
|
+
NOT_PARKED_SQL,
|
|
3
|
+
PARKED_EMBEDDING_MODEL,
|
|
4
|
+
PARKED_EMBEDDING_MODEL_PREFIX,
|
|
5
|
+
backfillKillSwitchEnabled,
|
|
6
|
+
computeBackfillDisabled,
|
|
7
|
+
countActionableNullVectors
|
|
8
|
+
} from "./chunk-KPIN44GZ.js";
|
|
9
|
+
import "./chunk-7Y5UDEVM.js";
|
|
10
|
+
import "./chunk-SHIICYJW.js";
|
|
11
|
+
import "./chunk-MLKGABMK.js";
|
|
12
|
+
export {
|
|
13
|
+
NOT_PARKED_SQL,
|
|
14
|
+
PARKED_EMBEDDING_MODEL,
|
|
15
|
+
PARKED_EMBEDDING_MODEL_PREFIX,
|
|
16
|
+
backfillKillSwitchEnabled,
|
|
17
|
+
computeBackfillDisabled,
|
|
18
|
+
countActionableNullVectors
|
|
19
|
+
};
|