@autohq/cli 0.1.103 → 0.1.105

package/dist/agent-bridge.js

@@ -19558,7 +19558,17 @@ var RuntimeBridgeBootstrapEnvelopeSchema = external_exports.object({
 var RuntimeBridgeBootstrapAckSchema = external_exports.object({
   status: external_exports.enum(["ready", "failed"]),
   error: external_exports.string().trim().min(1).optional(),
-  at: external_exports.string().datetime()
+  at: external_exports.string().datetime(),
+  // The sandbox-baked CLI's own release version (e.g. "0.1.95"), so the
+  // bridge can tag bootstrap observability with the runtime version that is
+  // actually live. Optional because runtimes older than the field predate
+  // reporting it; the bridge logs those as "unknown" instead of failing.
+  cliVersion: external_exports.string().trim().min(1).optional(),
+  // Top-level bootstrap plaintext fields the runtime's tolerant parse
+  // stripped because its schema does not know them yet (worker-ahead skew).
+  // Reported so the bridge can log the degradation instead of it staying
+  // silent.
+  ignoredBootstrapKeys: external_exports.array(external_exports.string().trim().min(1)).optional()
 });
 var RuntimeBridgeConnectedPayloadSchema = external_exports.object({
   runId: SessionRunIdSchema,
@@ -21838,6 +21848,14 @@ var ProjectApplyAssetsSchema = external_exports.record(
   }),
   ProjectApplyAssetSchema
 );
+var AvatarAssetUploadRequestSchema = ProjectApplyAssetSchema.omit({
+  sha256: true
+});
+var AvatarAssetUploadResponseSchema = external_exports.object({
+  sha256: external_exports.string().regex(/^[a-f0-9]{64}$/),
+  contentType: external_exports.enum(AVATAR_ASSET_CONTENT_TYPES),
+  sizeBytes: external_exports.number().int().positive()
+});
 var ProjectApplyRequestSchema = external_exports.object({
   delete: external_exports.array(ProjectDeleteResourceSchema).default([]),
   dryRun: external_exports.boolean().default(false),
@@ -22584,7 +22602,16 @@ function decryptRuntimeBridgeBootstrap(input) {
     decipher.update(Buffer.from(envelope.bootstrap.ciphertext, "base64")),
     decipher.final()
   ]).toString("utf8");
-  return RuntimeBridgeBootstrapPlaintextSchema.parse(JSON.parse(plaintext));
+  const raw = JSON.parse(plaintext);
+  const bootstrap = RuntimeBridgeBootstrapPlaintextSchema.parse(raw);
+  return { bootstrap, ignoredKeys: ignoredPlaintextKeys(raw) };
+}
+function ignoredPlaintextKeys(raw) {
+  const record2 = external_exports.record(external_exports.string(), external_exports.unknown()).parse(raw);
+  const knownKeys = new Set(
+    Object.keys(RuntimeBridgeBootstrapPlaintextSchema.shape)
+  );
+  return Object.keys(record2).filter((key) => !knownKeys.has(key));
 }
 function deriveBootstrapKey(accessToken, salt) {
   return Buffer.from(
@@ -26161,6 +26188,61 @@ Object.assign(lookup, {
   connect: lookup
 });
 
+// package.json
+var package_default = {
+  name: "@autohq/cli",
+  version: "0.1.105",
+  license: "SEE LICENSE IN README.md",
+  publishConfig: {
+    access: "public"
+  },
+  repository: {
+    type: "git",
+    url: "git+https://github.com/fractal-works/auto.git",
+    directory: "apps/cli"
+  },
+  engines: {
+    node: ">=20"
+  },
+  type: "module",
+  bin: {
+    auto: "./dist/index.js"
+  },
+  files: ["dist"],
+  scripts: {
+    build: "tsup",
+    dev: "tsx src/main.ts",
+    "dev:tui": "node ../../scripts/cli-tui-dev-watch.mjs",
+    "skill:generate": "tsx scripts/generate-skill-content.ts",
+    test: "npm run test:unit",
+    "test:unit": 'tsx --test "test/**/*.unit.test.ts"',
+    typecheck: "tsc --noEmit"
+  },
+  dependencies: {
+    "@anthropic-ai/claude-agent-sdk": "^0.3.153",
+    "@inkjs/ui": "^2.0.0",
+    "@tanstack/react-query": "^5.100.14",
+    chalk: "^5.3.0",
+    commander: "^14.0.2",
+    ink: "^7",
+    "ink-text-input": "^6.0.0",
+    jose: "^5.9.6",
+    marked: "^15.0.12",
+    react: "^19",
+    "socket.io-client": "^4.8.3",
+    yaml: "^2.9.0"
+  },
+  devDependencies: {
+    "@auto/protocol": "*",
+    "@auto/schemas": "*",
+    "@types/react": "^19",
+    tsup: "^8.5.1"
+  }
+};
+
+// src/cli/version.ts
+var cliVersion = package_default.version;
+
 // src/commands/agent-bridge/socket.ts
 async function runAgentBridgeSocket(options) {
   const socket = lookup(`${options.bridgeUrl}${RUNTIME_BRIDGE_NAMESPACE}`, {
@@ -26296,13 +26378,18 @@ function createRuntimeBridgeBootstrapListener(input) {
         bridgeLeaseId: envelope.bridgeLeaseId
       });
       const decryptStartedAt = Date.now();
-      const bootstrap = decryptRuntimeBridgeBootstrap({
+      const { bootstrap, ignoredKeys } = decryptRuntimeBridgeBootstrap({
         accessToken: input.token,
         envelope
       });
       input.writeOutput?.(
         `agent_bridge_bootstrap_decrypted duration_ms=${Date.now() - decryptStartedAt}`
       );
+      if (ignoredKeys.length > 0) {
+        input.writeOutput?.(
+          `agent_bridge_bootstrap_ignored_keys cli_version=${cliVersion} keys=${ignoredKeys.join(",")}`
+        );
+      }
       await input.onBootstrap?.(bootstrap);
       let handler = input.getHandler();
       if (!handler) {
@@ -26318,7 +26405,9 @@ function createRuntimeBridgeBootstrapListener(input) {
       ack?.(
         RuntimeBridgeBootstrapAckSchema.parse({
           status: "ready",
-          at: (/* @__PURE__ */ new Date()).toISOString()
+          at: (/* @__PURE__ */ new Date()).toISOString(),
+          cliVersion,
+          ignoredBootstrapKeys: ignoredKeys.length > 0 ? ignoredKeys : void 0
         })
       );
       prepare?.then(
@@ -26344,7 +26433,10 @@ function createRuntimeBridgeBootstrapListener(input) {
         RuntimeBridgeBootstrapAckSchema.parse({
           status: "failed",
           error: message,
-          at: (/* @__PURE__ */ new Date()).toISOString()
+          at: (/* @__PURE__ */ new Date()).toISOString(),
+          // Version skew is a leading cause of bootstrap failure, so failed
+          // acks carry the version that could not bootstrap.
+          cliVersion
         })
       );
       input.onBootstrapError(error51);

package/dist/index.js

@@ -17628,7 +17628,7 @@ var init_sessions = __esm({
 });
 
 // ../../packages/schemas/src/project-resources.ts
-var EnvironmentApplyDocumentSchema, ProfileApplyDocumentSchema, ToolApplyDocumentSchema, SessionApplyDocumentSchema, ProjectApplyResourceSchema, PROJECT_RESOURCE_KINDS, ProjectDeleteResourceSchema, AVATAR_ASSET_CONTENT_TYPES, MAX_AVATAR_ASSET_BASE64_LENGTH, ProjectApplyAssetSchema, ProjectApplyAssetsSchema, ProjectApplyRequestSchema, ProjectApplySystemConfigSchema, ProjectAppliedResourceSchema, ProjectApplyDiagnosticSchema, ProjectApplyResponseSchema;
+var EnvironmentApplyDocumentSchema, ProfileApplyDocumentSchema, ToolApplyDocumentSchema, SessionApplyDocumentSchema, ProjectApplyResourceSchema, PROJECT_RESOURCE_KINDS, ProjectDeleteResourceSchema, AVATAR_ASSET_CONTENT_TYPES, MAX_AVATAR_ASSET_BASE64_LENGTH, ProjectApplyAssetSchema, ProjectApplyAssetsSchema, AvatarAssetUploadRequestSchema, AvatarAssetUploadResponseSchema, ProjectApplyRequestSchema, ProjectApplySystemConfigSchema, ProjectAppliedResourceSchema, ProjectApplyDiagnosticSchema, ProjectApplyResponseSchema;
 var init_project_resources = __esm({
   "../../packages/schemas/src/project-resources.ts"() {
     "use strict";
@@ -17678,6 +17678,14 @@ var init_project_resources = __esm({
       }),
       ProjectApplyAssetSchema
     );
+    AvatarAssetUploadRequestSchema = ProjectApplyAssetSchema.omit({
+      sha256: true
+    });
+    AvatarAssetUploadResponseSchema = external_exports.object({
+      sha256: external_exports.string().regex(/^[a-f0-9]{64}$/),
+      contentType: external_exports.enum(AVATAR_ASSET_CONTENT_TYPES),
+      sizeBytes: external_exports.number().int().positive()
+    });
     ProjectApplyRequestSchema = external_exports.object({
       delete: external_exports.array(ProjectDeleteResourceSchema).default([]),
       dryRun: external_exports.boolean().default(false),
@@ -18483,6 +18491,73 @@ var init_src = __esm({
   }
 });
 
+// package.json
+var package_default;
+var init_package = __esm({
+  "package.json"() {
+    package_default = {
+      name: "@autohq/cli",
+      version: "0.1.105",
+      license: "SEE LICENSE IN README.md",
+      publishConfig: {
+        access: "public"
+      },
+      repository: {
+        type: "git",
+        url: "git+https://github.com/fractal-works/auto.git",
+        directory: "apps/cli"
+      },
+      engines: {
+        node: ">=20"
+      },
+      type: "module",
+      bin: {
+        auto: "./dist/index.js"
+      },
+      files: ["dist"],
+      scripts: {
+        build: "tsup",
+        dev: "tsx src/main.ts",
+        "dev:tui": "node ../../scripts/cli-tui-dev-watch.mjs",
+        "skill:generate": "tsx scripts/generate-skill-content.ts",
+        test: "npm run test:unit",
+        "test:unit": 'tsx --test "test/**/*.unit.test.ts"',
+        typecheck: "tsc --noEmit"
+      },
+      dependencies: {
+        "@anthropic-ai/claude-agent-sdk": "^0.3.153",
+        "@inkjs/ui": "^2.0.0",
+        "@tanstack/react-query": "^5.100.14",
+        chalk: "^5.3.0",
+        commander: "^14.0.2",
+        ink: "^7",
+        "ink-text-input": "^6.0.0",
+        jose: "^5.9.6",
+        marked: "^15.0.12",
+        react: "^19",
+        "socket.io-client": "^4.8.3",
+        yaml: "^2.9.0"
+      },
+      devDependencies: {
+        "@auto/protocol": "*",
+        "@auto/schemas": "*",
+        "@types/react": "^19",
+        tsup: "^8.5.1"
+      }
+    };
+  }
+});
+
+// src/cli/version.ts
+var cliVersion;
+var init_version = __esm({
+  "src/cli/version.ts"() {
+    "use strict";
+    init_package();
+    cliVersion = package_default.version;
+  }
+});
+
 // src/lib/auth/tokens.ts
 function accessTokenExpiresAt(token2) {
   if (!token2.access_token) {
@@ -18853,6 +18928,8 @@ function createResourceApi(context) {
   });
   return {
     applyEnvironmentResource: environments.apply,
+    hasAvatarAsset: (request, options) => hasAvatarAsset(context, request, options ?? {}),
+    uploadAvatarAsset: (request, options) => uploadAvatarAsset(context, request, options ?? {}),
     applyProjectResources: (request, options) => applyProjectResources(
       context,
       request,
@@ -18878,6 +18955,58 @@ function createResourceApi(context) {
     updateProjectServiceAccount: (request, options) => updateProjectServiceAccount(context, request, options ?? {})
   };
 }
+async function hasAvatarAsset(context, request, options) {
+  const response = await context.authenticatedFetch(
+    context.apiUrl(
+      apiPath(`/avatars/${encodeURIComponent(request.sha256)}`),
+      options.apiBaseUrl
+    ),
+    { method: "HEAD" },
+    options.apiBaseUrl
+  );
+  if (response.ok) {
+    return true;
+  }
+  if (response.status === 404) {
+    return false;
+  }
+  throw new Error(await responseErrorMessage(response));
+}
+async function uploadAvatarAsset(context, request, options) {
+  const path2 = await avatarAssetUploadPath(context, request.sha256);
+  const response = await context.authenticatedFetch(
+    context.apiUrl(path2, options.apiBaseUrl),
+    {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        contentType: request.contentType,
+        dataBase64: request.dataBase64
+      })
+    },
+    options.apiBaseUrl
+  );
+  if (response.status === 404) {
+    throw new AvatarAssetUploadUnsupportedError(
+      await responseErrorMessage(response)
+    );
+  }
+  if (!response.ok) {
+    throw new Error(await responseErrorMessage(response));
+  }
+  return AvatarAssetUploadResponseSchema.parse(await response.json());
+}
+async function avatarAssetUploadPath(context, sha256) {
+  const subpath = `/avatar-assets/${encodeURIComponent(sha256)}`;
+  try {
+    return projectApiPath(await context.activeProject(), subpath);
+  } catch (error51) {
+    if (context.shouldTryProjectInferredAuth()) {
+      return apiPath(`/project${subpath}`);
+    }
+    throw error51;
+  }
+}
 async function listProjectServiceAccounts(context, options) {
   const project = await context.activeProject();
   const response = await context.authenticatedFetch(
@@ -19182,13 +19311,15 @@ async function listProjectResources(context, endpoint, options) {
   }
   return await response.json();
 }
-var SlackConfigTokenRequiredError;
+var AvatarAssetUploadUnsupportedError, SlackConfigTokenRequiredError;
 var init_resources2 = __esm({
   "src/lib/api/resources.ts"() {
     "use strict";
     init_src();
     init_errors3();
     init_paths();
+    AvatarAssetUploadUnsupportedError = class extends Error {
+    };
     SlackConfigTokenRequiredError = class extends Error {
       workspace;
       constructor(message, workspace) {
@@ -20868,6 +20999,98 @@ var init_connect = __esm({
   }
 });
 
+// src/commands/apply/assets.ts
+async function resolveApplyAssets(input) {
+  const entries = Object.entries(input.request.assets);
+  if (entries.length === 0) {
+    return { resources: input.request.resources, assets: {} };
+  }
+  const probes = await Promise.all(
+    entries.map(async ([path2, asset]) => ({
+      path: path2,
+      asset,
+      stored: await input.client.hasAvatarAsset(
+        { sha256: asset.sha256 },
+        { apiBaseUrl: input.apiBaseUrl }
+      )
+    }))
+  );
+  const inline2 = {};
+  for (const probe of probes) {
+    if (probe.stored) {
+      continue;
+    }
+    if (input.dryRun) {
+      inline2[probe.path] = probe.asset;
+      continue;
+    }
+    if (!await uploadAvatarAsset2(input.client, probe.asset, input.apiBaseUrl)) {
+      inline2[probe.path] = probe.asset;
+    }
+  }
+  const resources = input.request.resources.map(
+    (resource) => stampAvatarSha256(resource, input.request.assets)
+  );
+  return { resources, assets: inline2 };
+}
+function assertApplyRequestBodySize(input) {
+  const bytes = Buffer.byteLength(input.body, "utf8");
+  if (bytes <= MAX_APPLY_REQUEST_BODY_BYTES) {
+    return;
+  }
+  const paths = Object.keys(input.assets);
+  const assetDetail = paths.length > 0 ? ` ${paths.length} avatar asset(s) are not yet stored on the server, so their bytes must ride this request: ${paths.join(", ")}. Apply the sessions referencing them in smaller batches (auto apply -f <file> --no-prune) or shrink the image files.` : "";
+  throw new Error(
+    `Apply request body is ${formatMegabytes(bytes)}MB, over the ~4.5MB server request limit.${assetDetail}`
+  );
+}
+async function uploadAvatarAsset2(client, asset, apiBaseUrl) {
+  try {
+    await client.uploadAvatarAsset(asset, { apiBaseUrl });
+    return true;
+  } catch (error51) {
+    if (error51 instanceof AvatarAssetUploadUnsupportedError) {
+      return false;
+    }
+    throw error51;
+  }
+}
+function stampAvatarSha256(resource, assets) {
+  if (resource.kind !== "session") {
+    return resource;
+  }
+  const identity2 = resource.spec.identity;
+  const avatar = identity2?.avatar;
+  if (!identity2 || !avatar) {
+    return resource;
+  }
+  const asset = assets[avatar.asset];
+  if (!asset) {
+    return resource;
+  }
+  return {
+    ...resource,
+    spec: {
+      ...resource.spec,
+      identity: {
+        ...identity2,
+        avatar: { asset: avatar.asset, sha256: asset.sha256 }
+      }
+    }
+  };
+}
+function formatMegabytes(bytes) {
+  return (bytes / (1024 * 1024)).toFixed(1);
+}
+var MAX_APPLY_REQUEST_BODY_BYTES;
+var init_assets = __esm({
+  "src/commands/apply/assets.ts"() {
+    "use strict";
+    init_resources2();
+    MAX_APPLY_REQUEST_BODY_BYTES = 4 * 1024 * 1024;
+  }
+});
+
 // src/commands/apply/files.ts
 import { createHash as createHash2 } from "crypto";
 import {
@@ -21212,16 +21435,27 @@ async function applyResource(input) {
 }
 async function applyProjectInput(input) {
   const style = input.style ?? plainStyle;
-  const response = await input.client.applyProjectResources(
-    {
-      ...input.request.delete.length > 0 ? { delete: input.request.delete } : {},
-      dryRun: input.commandOptions.dryRun ?? input.request.dryRun,
-      prune: input.commandOptions.prune ?? input.request.prune,
-      resources: input.request.resources,
-      ...Object.keys(input.request.assets).length > 0 ? { assets: input.request.assets } : {}
-    },
-    { apiBaseUrl: input.commandOptions.apiBaseUrl }
-  );
+  const dryRun = input.commandOptions.dryRun ?? input.request.dryRun;
+  const resolved = await resolveApplyAssets({
+    client: input.client,
+    request: input.request,
+    apiBaseUrl: input.commandOptions.apiBaseUrl,
+    dryRun
+  });
+  const request = {
+    ...input.request.delete.length > 0 ? { delete: input.request.delete } : {},
+    dryRun,
+    prune: input.commandOptions.prune ?? input.request.prune,
+    resources: resolved.resources,
+    ...Object.keys(resolved.assets).length > 0 ? { assets: resolved.assets } : {}
+  };
+  assertApplyRequestBodySize({
+    body: JSON.stringify(request),
+    assets: resolved.assets
+  });
+  const response = await input.client.applyProjectResources(request, {
+    apiBaseUrl: input.commandOptions.apiBaseUrl
+  });
   const resources = response.resources.map((resource, index) => ({
     kind: appliedResourceKind(input.request, response, index),
     resource
@@ -21324,6 +21558,7 @@ var init_actions = __esm({
     "use strict";
     init_style();
     init_connect();
+    init_assets();
     init_files();
   }
 });
@@ -21852,73 +22087,6 @@ var init_conversation2 = __esm({
   }
 });
 
-// package.json
-var package_default;
-var init_package = __esm({
-  "package.json"() {
-    package_default = {
-      name: "@autohq/cli",
-      version: "0.1.103",
-      license: "SEE LICENSE IN README.md",
-      publishConfig: {
-        access: "public"
-      },
-      repository: {
-        type: "git",
-        url: "git+https://github.com/fractal-works/auto.git",
-        directory: "apps/cli"
-      },
-      engines: {
-        node: ">=20"
-      },
-      type: "module",
-      bin: {
-        auto: "./dist/index.js"
-      },
-      files: ["dist"],
-      scripts: {
-        build: "tsup",
-        dev: "tsx src/main.ts",
-        "dev:tui": "node ../../scripts/cli-tui-dev-watch.mjs",
-        "skill:generate": "tsx scripts/generate-skill-content.ts",
-        test: "npm run test:unit",
-        "test:unit": 'tsx --test "test/**/*.unit.test.ts"',
-        typecheck: "tsc --noEmit"
-      },
-      dependencies: {
-        "@anthropic-ai/claude-agent-sdk": "^0.3.153",
-        "@inkjs/ui": "^2.0.0",
-        "@tanstack/react-query": "^5.100.14",
-        chalk: "^5.3.0",
-        commander: "^14.0.2",
-        ink: "^7",
-        "ink-text-input": "^6.0.0",
-        jose: "^5.9.6",
-        marked: "^15.0.12",
-        react: "^19",
-        "socket.io-client": "^4.8.3",
-        yaml: "^2.9.0"
-      },
-      devDependencies: {
-        "@auto/protocol": "*",
-        "@auto/schemas": "*",
-        "@types/react": "^19",
-        tsup: "^8.5.1"
-      }
-    };
-  }
-});
-
-// src/cli/version.ts
-var cliVersion;
-var init_version = __esm({
-  "src/cli/version.ts"() {
-    "use strict";
-    init_package();
-    cliVersion = package_default.version;
-  }
-});
-
 // src/tui/ApiClientContext.ts
 import { createContext, useContext } from "react";
 function useApiClient() {
@@ -27267,7 +27435,17 @@ var RuntimeBridgeBootstrapEnvelopeSchema = external_exports.object({
 var RuntimeBridgeBootstrapAckSchema = external_exports.object({
   status: external_exports.enum(["ready", "failed"]),
   error: external_exports.string().trim().min(1).optional(),
-  at: external_exports.string().datetime()
+  at: external_exports.string().datetime(),
+  // The sandbox-baked CLI's own release version (e.g. "0.1.95"), so the
+  // bridge can tag bootstrap observability with the runtime version that is
+  // actually live. Optional because runtimes older than the field predate
+  // reporting it; the bridge logs those as "unknown" instead of failing.
+  cliVersion: external_exports.string().trim().min(1).optional(),
+  // Top-level bootstrap plaintext fields the runtime's tolerant parse
+  // stripped because its schema does not know them yet (worker-ahead skew).
+  // Reported so the bridge can log the degradation instead of it staying
+  // silent.
+  ignoredBootstrapKeys: external_exports.array(external_exports.string().trim().min(1)).optional()
 });
 var RuntimeBridgeConnectedPayloadSchema = external_exports.object({
   runId: SessionRunIdSchema,
@@ -27383,6 +27561,7 @@ function now() {
 }
 
 // ../../packages/protocol/src/bootstrap-crypto.ts
+init_zod();
 import {
   createCipheriv,
   createDecipheriv,
@@ -27412,7 +27591,16 @@ function decryptRuntimeBridgeBootstrap(input) {
     decipher.update(Buffer.from(envelope.bootstrap.ciphertext, "base64")),
     decipher.final()
   ]).toString("utf8");
-  return RuntimeBridgeBootstrapPlaintextSchema.parse(JSON.parse(plaintext));
+  const raw = JSON.parse(plaintext);
+  const bootstrap = RuntimeBridgeBootstrapPlaintextSchema.parse(raw);
+  return { bootstrap, ignoredKeys: ignoredPlaintextKeys(raw) };
+}
+function ignoredPlaintextKeys(raw) {
+  const record2 = external_exports.record(external_exports.string(), external_exports.unknown()).parse(raw);
+  const knownKeys = new Set(
+    Object.keys(RuntimeBridgeBootstrapPlaintextSchema.shape)
+  );
+  return Object.keys(record2).filter((key) => !knownKeys.has(key));
 }
 function deriveBootstrapKey(accessToken, salt) {
   return Buffer.from(
@@ -27433,6 +27621,7 @@ function bootstrapAdditionalData(input) {
 }
 
 // src/commands/agent-bridge/socket.ts
+init_version();
 import { io } from "socket.io-client";
 async function runAgentBridgeSocket(options) {
   const socket = io(`${options.bridgeUrl}${RUNTIME_BRIDGE_NAMESPACE}`, {
@@ -27568,13 +27757,18 @@ function createRuntimeBridgeBootstrapListener(input) {
         bridgeLeaseId: envelope.bridgeLeaseId
       });
       const decryptStartedAt = Date.now();
-      const bootstrap = decryptRuntimeBridgeBootstrap({
+      const { bootstrap, ignoredKeys } = decryptRuntimeBridgeBootstrap({
         accessToken: input.token,
         envelope
       });
       input.writeOutput?.(
         `agent_bridge_bootstrap_decrypted duration_ms=${Date.now() - decryptStartedAt}`
       );
+      if (ignoredKeys.length > 0) {
+        input.writeOutput?.(
+          `agent_bridge_bootstrap_ignored_keys cli_version=${cliVersion} keys=${ignoredKeys.join(",")}`
+        );
+      }
       await input.onBootstrap?.(bootstrap);
       let handler = input.getHandler();
       if (!handler) {
@@ -27590,7 +27784,9 @@ function createRuntimeBridgeBootstrapListener(input) {
       ack?.(
         RuntimeBridgeBootstrapAckSchema.parse({
           status: "ready",
-          at: (/* @__PURE__ */ new Date()).toISOString()
+          at: (/* @__PURE__ */ new Date()).toISOString(),
+          cliVersion,
+          ignoredBootstrapKeys: ignoredKeys.length > 0 ? ignoredKeys : void 0
         })
       );
       prepare?.then(
@@ -27616,7 +27812,10 @@ function createRuntimeBridgeBootstrapListener(input) {
         RuntimeBridgeBootstrapAckSchema.parse({
           status: "failed",
           error: message,
-          at: (/* @__PURE__ */ new Date()).toISOString()
+          at: (/* @__PURE__ */ new Date()).toISOString(),
+          // Version skew is a leading cause of bootstrap failure, so failed
+          // acks carry the version that could not bootstrap.
+          cliVersion
         })
       );
       input.onBootstrapError(error51);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@autohq/cli",
-  "version": "0.1.103",
+  "version": "0.1.105",
   "license": "SEE LICENSE IN README.md",
   "publishConfig": {
     "access": "public"