@bike4mind/cli 0.5.0 → 0.6.0

package/dist/{ConfigStore-DBUmvCfe.mjs → ConfigStore-Dt6utdSA.mjs}

@@ -1027,6 +1027,8 @@ const SreRepoConfigSchema = z.object({
 	maxFixesPerDay: z.number().min(0).default(5),
 	/** Max revision attempts before escalating to human */
 	maxRevisions: z.number().int().min(0).max(10).default(2),
+	/** Max CI retry attempts before permanently failing (typecheck/apply-fix failures) */
+	maxCiRetries: z.number().int().min(0).max(3).default(1),
 	/** Log actions without dispatching */
 	dryRun: z.boolean().default(false),
 	/** Comma-separated GitHub usernames to request as PR reviewers */
@@ -1035,6 +1037,12 @@ const SreRepoConfigSchema = z.object({
 	defaultBranch: z.string().default(""),
 	/** Build command for the workflow */
 	buildCommand: z.string().default(""),
+	/**
+	* Repository-specific instructions for the Diagnostician (max 2,000 chars).
+	* For critical constraints that would cause broken fixes if unknown — e.g., "never modify X",
+	* "all DB calls must go through Y wrapper". Not for general coding conventions (use CLAUDE.md).
+	*/
+	sreInstructions: z.string().max(2e3).default(""),
 	/** Files the Surgeon can modify (glob patterns). Base patterns always merged in. */
 	allowedFilePatterns: z.array(z.string()).default([]),
 	/** Files never auto-fixed (glob patterns) */
@@ -1062,11 +1070,11 @@ const SreRepoConfigSchema = z.object({
 	/** Token budget per analysis */
 	tokenBudget: z.object({
 		maxInputTokens: z.number().default(5e4),
-		maxOutputTokens: z.number().default(8e3),
+		maxOutputTokens: z.number().default(16e3),
 		maxGithubApiCalls: z.number().default(20)
 	}).default({
 		maxInputTokens: 5e4,
-		maxOutputTokens: 8e3,
+		maxOutputTokens: 16e3,
 		maxGithubApiCalls: 20
 	}),
 	/** Error sources */
@@ -6280,6 +6288,49 @@ let FriendshipEvents = /* @__PURE__ */ function(FriendshipEvents) {
 	FriendshipEvents["FRIENDSHIP_CANCEL"] = "Friendship Cancelled";
 	return FriendshipEvents;
 }({});
+/**
+* Overwatch Analytics Event Schema
+*
+* Cross-product event schema for the Overwatch marketing command center.
+* Products (VibesWire, B4M, StocksAndVibes, K2Kanji) emit these events
+* to a shared SQS queue. Overwatch consumes them and rolls up DAU/WAU/MAU.
+*
+* Unlike the B4M-internal IBaseEvent analytics events, this schema is
+* designed for cross-product use with Zod validation at both emission
+* and consumption boundaries.
+*/
+const OverwatchUtmSchema = z.object({
+	source: z.string().max(128).optional(),
+	medium: z.string().max(128).optional(),
+	campaign: z.string().max(128).optional(),
+	content: z.string().max(128).optional()
+});
+z.object({
+	/** UUID for deduplication (SQS is at-least-once) */
+	eventId: z.string().uuid(),
+	/** Schema version for forward compatibility */
+	schemaVersion: z.number().int().positive(),
+	/** Product identifier: 'vibeswire', 'bike4mind', 'stocksandvibes', 'k2kanji', etc. */
+	productId: z.string().min(1).max(64),
+	/** Product's internal user ID */
+	userId: z.string().min(1).max(256),
+	/** Session identifier for retention/funnel analysis */
+	sessionId: z.string().min(1).max(256),
+	/** Event type: 'session_start', 'signup', 'feature_used', etc. */
+	event: z.string().min(1).max(128),
+	/** ISO 8601 timestamp */
+	timestamp: z.string().datetime(),
+	/** Where the user came from */
+	referrer: z.string().url().refine((url) => /^https?:\/\//i.test(url), "referrer must be an http or https URL").max(2048).optional(),
+	/** UTM attribution parameters */
+	utm: OverwatchUtmSchema.optional(),
+	/** Event-specific key-value data. Flat values only, max 1KB serialized. */
+	metadata: z.record(z.string(), z.union([
+		z.string(),
+		z.number(),
+		z.boolean()
+	])).refine((v) => JSON.stringify(v).length <= 1024, "metadata must be ≤ 1KB serialized").optional()
+});
 const InternalTeamMemberSchema = z.object({
 	name: z.string().min(1, "Name is required"),
 	phone: z.string().min(1, "Phone is required"),

package/dist/commands/doctorCommand.mjs

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { i as version, n as fetchLatestVersion, r as forceCheckForUpdate } from "../updateChecker-Boy2GLk4.mjs";
+import { i as version, n as fetchLatestVersion, r as forceCheckForUpdate } from "../updateChecker-DZXWZfKF.mjs";
 import { execSync } from "child_process";
 import { constants, existsSync, promises } from "fs";
 import { homedir } from "os";

package/dist/commands/headlessCommand.mjs

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { A as getApiUrl, C as WebSocketLlmBackend, G as isReadOnlyTool, J as CheckpointStore, K as ReActAgent, M as PermissionManager, N as generateCliTools, S as FallbackLlmBackend, T as McpManager, U as buildCoreSystemPrompt, V as setWebSocketToolExecutor, X as SessionStore, _ as createSkillTool, b as WebSocketToolExecutor, c as createFindDefinitionTool, d as createCoordinateTaskTool, f as createBackgroundAgentTools, g as SubagentOrchestrator, h as AgentStore, k as loadContextFiles, l as createTodoStore, m as createAgentDelegateTool, p as BackgroundAgentManager, q as CustomCommandStore, s as createGetFileStructureTool, u as createWriteTodosTool, w as ServerLlmBackend, x as WebSocketConnectionManager, y as ApiClient } from "../tools-V5FJ83BJ.mjs";
-import { n as logger, t as ConfigStore } from "../ConfigStore-DBUmvCfe.mjs";
+import { A as getApiUrl, C as WebSocketLlmBackend, G as isReadOnlyTool, J as CheckpointStore, K as ReActAgent, M as PermissionManager, N as generateCliTools, S as FallbackLlmBackend, T as McpManager, U as buildCoreSystemPrompt, V as setWebSocketToolExecutor, X as SessionStore, _ as createSkillTool, b as WebSocketToolExecutor, c as createFindDefinitionTool, d as createCoordinateTaskTool, f as createBackgroundAgentTools, g as SubagentOrchestrator, h as AgentStore, k as loadContextFiles, l as createTodoStore, m as createAgentDelegateTool, p as BackgroundAgentManager, q as CustomCommandStore, s as createGetFileStructureTool, u as createWriteTodosTool, w as ServerLlmBackend, x as WebSocketConnectionManager, y as ApiClient } from "../tools-dIVxi-6-.mjs";
+import { n as logger, t as ConfigStore } from "../ConfigStore-Dt6utdSA.mjs";
 import { t as DEFAULT_SANDBOX_CONFIG } from "../types-DBEjF9YS.mjs";
 import { t as createSandboxRuntime } from "../SandboxRuntimeAdapter-C1B4t20N.mjs";
 import { t as SandboxOrchestrator } from "../SandboxOrchestrator-BEW3rqYi.mjs";

package/dist/commands/mcpCommand.mjs

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { t as ConfigStore } from "../ConfigStore-DBUmvCfe.mjs";
+import { t as ConfigStore } from "../ConfigStore-Dt6utdSA.mjs";
 //#region src/commands/mcpCommand.ts
 /**
 * External MCP commands (b4m mcp list, b4m mcp add, etc.)

package/dist/commands/updateCommand.mjs

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { i as version, r as forceCheckForUpdate } from "../updateChecker-Boy2GLk4.mjs";
+import { i as version, r as forceCheckForUpdate } from "../updateChecker-DZXWZfKF.mjs";
 import { execSync } from "child_process";
 //#region src/commands/updateCommand.ts
 /**

package/dist/index.mjs

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
 import { n as useCliStore, t as selectActiveBackgroundAgents } from "./store-B7-LLvvx.mjs";
-import { $ as processFileReferences, A as getApiUrl, B as registerFeatureModuleTools, C as WebSocketLlmBackend, D as formatStep, E as substituteArguments, F as DEFAULT_AGENT_MODEL, G as isReadOnlyTool, H as OllamaBackend, I as DEFAULT_MAX_ITERATIONS, J as CheckpointStore, K as ReActAgent, L as DEFAULT_RETRY_CONFIG, M as PermissionManager, N as generateCliTools, O as extractCompactInstructions, P as ALWAYS_DENIED_FOR_AGENTS, Q as hasFileReferences, R as DEFAULT_THOROUGHNESS, S as FallbackLlmBackend, T as McpManager, U as buildCoreSystemPrompt, V as setWebSocketToolExecutor, W as buildSkillsPromptSection, X as SessionStore, Y as CommandHistoryStore, Z as OAuthClient, _ as createSkillTool, a as createDecisionStore, b as WebSocketToolExecutor, c as createFindDefinitionTool, d as createCoordinateTaskTool, et as searchCommands, f as createBackgroundAgentTools, g as SubagentOrchestrator, h as AgentStore, i as createDecisionLogTool, it as warmFileCache, j as getEnvironmentName, k as loadContextFiles, l as createTodoStore, m as createAgentDelegateTool, n as createBlockerTools, nt as formatFileSize, o as formatDecisionsOutput, p as BackgroundAgentManager, q as CustomCommandStore, r as formatBlockersOutput, rt as searchFiles, s as createGetFileStructureTool, t as createBlockerStore, tt as mergeCommands, u as createWriteTodosTool, v as parseAgentConfig, w as ServerLlmBackend, x as WebSocketConnectionManager, y as ApiClient, z as clearFeatureModuleTools } from "./tools-V5FJ83BJ.mjs";
-import { Mt as validateNotebookPath$1, g as ChatModels, jt as validateJupyterKernelName, m as CREDIT_DEDUCT_TRANSACTION_TYPES, n as logger, t as ConfigStore } from "./ConfigStore-DBUmvCfe.mjs";
-import { i as version, t as checkForUpdate } from "./updateChecker-Boy2GLk4.mjs";
+import { $ as processFileReferences, A as getApiUrl, B as registerFeatureModuleTools, C as WebSocketLlmBackend, D as formatStep, E as substituteArguments, F as DEFAULT_AGENT_MODEL, G as isReadOnlyTool, H as OllamaBackend, I as DEFAULT_MAX_ITERATIONS, J as CheckpointStore, K as ReActAgent, L as DEFAULT_RETRY_CONFIG, M as PermissionManager, N as generateCliTools, O as extractCompactInstructions, P as ALWAYS_DENIED_FOR_AGENTS, Q as hasFileReferences, R as DEFAULT_THOROUGHNESS, S as FallbackLlmBackend, T as McpManager, U as buildCoreSystemPrompt, V as setWebSocketToolExecutor, W as buildSkillsPromptSection, X as SessionStore, Y as CommandHistoryStore, Z as OAuthClient, _ as createSkillTool, a as createDecisionStore, b as WebSocketToolExecutor, c as createFindDefinitionTool, d as createCoordinateTaskTool, et as searchCommands, f as createBackgroundAgentTools, g as SubagentOrchestrator, h as AgentStore, i as createDecisionLogTool, it as warmFileCache, j as getEnvironmentName, k as loadContextFiles, l as createTodoStore, m as createAgentDelegateTool, n as createBlockerTools, nt as formatFileSize, o as formatDecisionsOutput, p as BackgroundAgentManager, q as CustomCommandStore, r as formatBlockersOutput, rt as searchFiles, s as createGetFileStructureTool, t as createBlockerStore, tt as mergeCommands, u as createWriteTodosTool, v as parseAgentConfig, w as ServerLlmBackend, x as WebSocketConnectionManager, y as ApiClient, z as clearFeatureModuleTools } from "./tools-dIVxi-6-.mjs";
+import { Mt as validateNotebookPath$1, g as ChatModels, jt as validateJupyterKernelName, m as CREDIT_DEDUCT_TRANSACTION_TYPES, n as logger, t as ConfigStore } from "./ConfigStore-Dt6utdSA.mjs";
+import { i as version, t as checkForUpdate } from "./updateChecker-DZXWZfKF.mjs";
 import React, { useCallback, useEffect, useMemo, useReducer, useRef, useState } from "react";
 import { Box, Static, Text, render, useApp, useInput } from "ink";
 import { execSync } from "child_process";
@@ -2484,10 +2484,207 @@ function createCompactedSession(originalSession, summary, preservedMessages) {
 			totalTokens: 0,
 			totalCost: 0,
 			toolCallCount: 0,
-			compactedFrom: originalSession.id
+			compactedFrom: originalSession.id,
+			...originalSession.metadata.workflow ? { workflow: originalSession.metadata.workflow } : {}
 		}
 	};
 }
+/**
+* Prefix tag used to mark a system message as an injected handoff. Kept as a
+* single source of truth so the dedup-on-resume check and the system-message
+* builder cannot drift out of sync.
+*/
+const HANDOFF_MARKER = "[Session handoff from previous session]";
+const MAX_MESSAGE_CHARS = 2e3;
+/**
+* Cap on the number of conversation messages included in the handoff prompt.
+* Prevents unbounded prompt growth on long sessions; the most recent messages
+* are kept since they best reflect the session's current state. Decisions and
+* blockers from workflow state are still included in full above the excerpt.
+*/
+const MAX_CONVERSATION_MESSAGES = 50;
+const ROLE_LABELS = {
+	user: "User",
+	assistant: "Assistant",
+	system: "System"
+};
+/**
+* Build a prompt instructing the LLM to produce a structured session handoff
+* as JSON. Incorporates decisions and blockers from the existing workflow state
+* so the handoff reflects durable state, not just chat history.
+*
+* Any previously-injected handoff message (from a prior /resume) is filtered
+* out — the LLM should produce a fresh handoff from the actual conversation,
+* not echo back a prior handoff sitting at the top of the message list.
+*
+* Returns an empty string for short sessions — callers should skip generation.
+*/
+function buildHandoffPrompt(session) {
+	if (session.messages.length < 4) return "";
+	const filtered = session.messages.filter((m) => !isInjectedHandoff(m));
+	const conversation = filtered.length > MAX_CONVERSATION_MESSAGES ? filtered.slice(-MAX_CONVERSATION_MESSAGES) : filtered;
+	let prompt = `You are generating a structured session handoff so the next session (or another agent) can pick up seamlessly without re-reading the full chat history.
+
+Output a single JSON object — no prose, no markdown fences — with exactly these fields:
+
+{
+  "summary": "2-4 sentence overview of what this session accomplished and where it ended",
+  "keyFindings": ["concise factual discoveries — e.g. 'auth bug is in middleware.ts:42, caused by missing token refresh'"],
+  "nextSteps": ["concrete actions the next session should take, in priority order"],
+  "pendingDecisions": ["open questions or trade-offs awaiting a decision"],
+  "blockers": ["anything preventing progress — wait conditions, missing inputs, broken upstream"]
+}
+
+Rules:
+- Each list item is a single line, no nested structure.
+- Empty lists are fine — use [] when nothing applies.
+- Be specific: cite filenames, function names, error messages where relevant.
+- Do not invent context. Only include items grounded in the conversation or workflow state below.
+
+`;
+	prompt += appendWorkflowContext(session.metadata.workflow);
+	prompt += `CONVERSATION:\n\n`;
+	for (const msg of conversation) {
+		const role = ROLE_LABELS[msg.role] || "System";
+		const content = msg.content.length > MAX_MESSAGE_CHARS ? msg.content.slice(0, MAX_MESSAGE_CHARS) + "...[truncated]" : msg.content;
+		prompt += `**${role}:** ${content}\n\n`;
+	}
+	prompt += `\nReturn only the JSON object.`;
+	return prompt;
+}
+function appendWorkflowContext(workflow) {
+	if (!workflow) return "";
+	const sections = [];
+	if (workflow.decisions.length > 0) {
+		const lines = workflow.decisions.map((d) => `- ${d.summary} (rationale: ${d.rationale})`);
+		sections.push(`LOGGED DECISIONS:\n${lines.join("\n")}`);
+	}
+	const openBlockers = workflow.blockers.filter((b) => b.status === "open");
+	if (openBlockers.length > 0) {
+		const lines = openBlockers.map((b) => `- ${b.description}`);
+		sections.push(`OPEN BLOCKERS:\n${lines.join("\n")}`);
+	}
+	return sections.length > 0 ? `${sections.join("\n\n")}\n\n` : "";
+}
+/**
+* Parse a raw LLM response into a SessionHandoff.
+*
+* Tolerates fenced code blocks (```json ... ```) and surrounding prose by
+* extracting the first balanced JSON object. Returns null if no valid handoff
+* can be parsed — callers decide how to surface that to the user.
+*/
+function parseHandoffResponse(response) {
+	const json = extractJsonObject(response);
+	if (!json) return null;
+	let parsed;
+	try {
+		parsed = JSON.parse(json);
+	} catch {
+		return null;
+	}
+	if (!parsed || typeof parsed !== "object") return null;
+	const obj = parsed;
+	const summary = typeof obj.summary === "string" ? obj.summary.trim() : "";
+	if (!summary) return null;
+	return {
+		summary,
+		keyFindings: toStringArray(obj.keyFindings),
+		nextSteps: toStringArray(obj.nextSteps),
+		pendingDecisions: toStringArray(obj.pendingDecisions),
+		blockers: toStringArray(obj.blockers),
+		generatedAt: (/* @__PURE__ */ new Date()).toISOString()
+	};
+}
+function toStringArray(value) {
+	if (!Array.isArray(value)) return [];
+	return value.filter((v) => typeof v === "string" && v.trim().length > 0).map((v) => v.trim());
+}
+function extractJsonObject(text) {
+	const trimmed = text.trim();
+	if (!trimmed) return null;
+	const fenced = trimmed.match(/```(?:json)?\s*([\s\S]*?)```/i);
+	const candidate = fenced ? fenced[1].trim() : trimmed;
+	const start = candidate.indexOf("{");
+	if (start === -1) return null;
+	let depth = 0;
+	let inString = false;
+	let escaped = false;
+	for (let i = start; i < candidate.length; i++) {
+		const ch = candidate[i];
+		if (escaped) {
+			escaped = false;
+			continue;
+		}
+		if (ch === "\\" && inString) {
+			escaped = true;
+			continue;
+		}
+		if (ch === "\"") {
+			inString = !inString;
+			continue;
+		}
+		if (inString) continue;
+		if (ch === "{") depth++;
+		else if (ch === "}") {
+			depth--;
+			if (depth === 0) return candidate.slice(start, i + 1);
+		}
+	}
+	return null;
+}
+/**
+* Render a SessionHandoff for terminal display, including the generation
+* timestamp so the user knows how fresh the context is.
+*/
+function formatHandoffOutput(handoff) {
+	return formatHandoff(handoff, { includeTimestamp: true });
+}
+/**
+* Build the system message that injects handoff context into a resumed
+* session. Excludes the timestamp so the message text is stable across
+* regenerations — important for keeping LLM prompt caches warm.
+*/
+function buildHandoffSystemMessage(handoff) {
+	return `${HANDOFF_MARKER}\n\n${formatHandoff(handoff, { includeTimestamp: false })}`;
+}
+function formatHandoff(handoff, options) {
+	const lines = [handoff.summary, ""];
+	appendSection(lines, "Key findings", handoff.keyFindings);
+	appendSection(lines, "Next steps", handoff.nextSteps);
+	appendSection(lines, "Pending decisions", handoff.pendingDecisions);
+	appendSection(lines, "Blockers", handoff.blockers);
+	if (options.includeTimestamp) lines.push(`Generated: ${handoff.generatedAt}`);
+	else if (lines[lines.length - 1] === "") lines.pop();
+	return lines.join("\n");
+}
+function appendSection(lines, heading, items) {
+	if (items.length === 0) return;
+	lines.push(`${heading}:`);
+	for (const item of items) lines.push(`  - ${item}`);
+	lines.push("");
+}
+/**
+* True when a message is a previously-injected handoff system message.
+* Used to deduplicate handoff injections across save/resume cycles.
+*/
+function isInjectedHandoff(message) {
+	return message.role === "system" && message.content.startsWith("[Session handoff from previous session]");
+}
+/**
+* Return a new message list with the handoff prepended as a system message.
+* Any previously-injected handoff anywhere in the list is removed so the
+* message list stays stable across repeated save/resume cycles. We scan the
+* whole list rather than just index 0 because compaction can prepend a
+* summary system message, pushing the prior handoff to a later index.
+*/
+function injectHandoffMessage(messages, handoff) {
+	return [{
+		id: v4(),
+		role: "system",
+		content: buildHandoffSystemMessage(handoff),
+		timestamp: (/* @__PURE__ */ new Date()).toISOString()
+	}, ...messages.filter((m) => !isInjectedHandoff(m))];
+}
 //#endregion
 //#region src/utils/imageRenderer.ts
 /**
@@ -6426,6 +6623,46 @@ function CliApp() {
 			console.log("");
 		}
 	};
+	/**
+	* Generate a structured session handoff via a single LLM call and persist it
+	* onto the session's workflow state. Returns the handoff on success, or null
+	* if generation was skipped (short session) or failed (parse / agent error).
+	*
+	* Failures are best-effort and surfaced as a warning rather than thrown —
+	* the surrounding /save flow must not block on handoff generation.
+	*
+	* Callers are responsible for saving the session afterwards.
+	*/
+	const generateHandoff = async (session) => {
+		if (!state.agent) return null;
+		const prompt = buildHandoffPrompt(session);
+		if (!prompt) return null;
+		console.log("📝 Generating session handoff...");
+		useCliStore.getState().setIsThinking(true);
+		try {
+			const result = await state.agent.run(prompt, { maxIterations: 1 });
+			const handoff = parseHandoffResponse(result.finalAnswer);
+			if (!handoff) {
+				console.warn("⚠️  Handoff generation returned no parseable JSON; skipping.");
+				logger.debug(`Handoff response: ${result.finalAnswer.slice(0, 500)}`);
+				return null;
+			}
+			session.metadata.workflow = {
+				decisions: decisionStoreRef.current.decisions,
+				blockers: blockerStoreRef.current.blockers,
+				handoff,
+				reviewGates: session.metadata.workflow?.reviewGates
+			};
+			return handoff;
+		} catch (err) {
+			const reason = err instanceof Error ? err.message : String(err);
+			console.warn(`⚠️  Handoff generation failed: ${reason}`);
+			logger.debug(`Handoff generation error: ${reason}`);
+			return null;
+		} finally {
+			useCliStore.getState().setIsThinking(false);
+		}
+	};
 	const handleCommand = async (command, args) => {
 		const customCommand = state.customCommandStore.getCommand(command);
 		if (customCommand) try {
@@ -6565,8 +6802,10 @@ Multi-line Input:
 					handoff: state.session.metadata.workflow?.handoff,
 					reviewGates: state.session.metadata.workflow?.reviewGates
 				};
+				const handoff = await generateHandoff(state.session);
 				await state.sessionStore.save(state.session);
 				console.log(`✅ Session saved as "${sessionName}"`);
+				if (handoff) console.log("🤝 Session handoff generated");
 				break;
 			}
 			case "resume":
@@ -6592,15 +6831,24 @@ Multi-line Input:
 					await logger.initialize(loadedSession.id);
 					logger.debug("=== Session Resumed ===");
 					if (state.checkpointStore) state.checkpointStore.setSessionId(loadedSession.id);
+					const handoff = loadedSession.metadata.workflow?.handoff;
+					const sessionForState = handoff ? {
+						...loadedSession,
+						messages: injectHandoffMessage(loadedSession.messages, handoff)
+					} : loadedSession;
 					setState((prev) => ({
 						...prev,
-						session: loadedSession
+						session: sessionForState
 					}));
-					setStoreSession(loadedSession);
+					setStoreSession(sessionForState);
 					useCliStore.getState().clearPendingMessages();
 					usageCache = null;
-					console.log(`\n✅ Session resumed: "${loadedSession.name}"`);
-					console.log(`📝 ${loadedSession.messages.length} messages | 🤖 ${loadedSession.model} | 📊 ${loadedSession.metadata.totalTokens.toLocaleString()} tokens\n`);
+					console.log(`\n✅ Session resumed: "${sessionForState.name}"`);
+					console.log(`📝 ${sessionForState.messages.length} messages | 🤖 ${sessionForState.model} | 📊 ${sessionForState.metadata.totalTokens.toLocaleString()} tokens\n`);
+					if (handoff) {
+						console.log("🤝 Session handoff:\n");
+						console.log(formatHandoffOutput(handoff));
+					}
 				};
 				setState((prev) => ({
 					...prev,
@@ -7528,6 +7776,38 @@ Multi-line Input:
 				console.log(formatBlockersOutput(blockerStoreRef.current.blockers));
 				console.log("");
 				break;
+			case "handoff": {
+				if (!state.session) {
+					console.log("No active session");
+					break;
+				}
+				const existing = state.session.metadata.workflow?.handoff;
+				const wantsRegen = args[0] === "generate" || args[0] === "regen";
+				if (existing && !wantsRegen) {
+					console.log("\n🤝 Session handoff\n");
+					console.log(formatHandoffOutput(existing));
+					console.log("Run /handoff generate to refresh.\n");
+					break;
+				}
+				if (state.session.messages.length < 4) {
+					console.log(`Not enough messages to generate a handoff (need at least 4)`);
+					break;
+				}
+				if (!state.agent) {
+					console.log("Cannot generate handoff: no active agent");
+					break;
+				}
+				const handoff = await generateHandoff(state.session);
+				if (!handoff) {
+					console.log("❌ Failed to generate handoff");
+					break;
+				}
+				await state.sessionStore.save(state.session);
+				console.log("\n🤝 Session handoff\n");
+				console.log(formatHandoffOutput(handoff));
+				console.log("\n✅ Session saved with refreshed handoff");
+				break;
+			}
 			case "dirs": {
 				const additionalDirs = await state.configStore.getAdditionalDirectories();
 				const cwd = process.cwd();

package/dist/{tools-V5FJ83BJ.mjs → tools-dIVxi-6-.mjs}

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { $ as RechartsChartTypeList, A as ImageGenerationUsageTransaction, At as secureParameters, B as NotFoundError, C as FileEvents, Ct as getMcpProviderMetadata, D as GenericCreditAddTransaction, Dt as obfuscateApiKey, E as GenerateImageToolCallSchema, Et as isGPTImageModel, F as KnowledgeType, G as ProfileEvents, H as OpenAIImageGenerationInput, I as LLMEvents, J as PurchaseTransaction, K as ProjectEvents, L as MiscEvents, M as InboxEvents, N as InviteEvents, Nt as CollectionType, O as GenericCreditDeductTransaction, Ot as resolveNavigationIntents, P as InviteType, Q as ReceivedCreditTransaction, R as ModalEvents, S as FeedbackEvents, St as getDataLakeTags, T as GEMINI_IMAGE_MODELS, Tt as isGPTImage2Model, U as Permission, V as OpenAIEmbeddingModel, W as PermissionDeniedError, X as REASONING_SUPPORTED_MODELS, Y as QuestMasterParamsSchema, Z as RealtimeVoiceUsageTransaction, _ as CompletionApiUsageTransaction, _t as VideoModels, a as ApiKeyEvents, at as SessionEvents, b as FIXED_TEMPERATURE_MODELS, bt as b4mLLMTools, c as AppFileEvents, ct as SupportedFabFileMimeTypes, d as BFL_IMAGE_MODELS, dt as TextGenerationUsageTransaction, et as RegInviteEvents, f as BFL_SAFETY_TOLERANCE, ft as ToolUsageTransaction, g as ChatModels, gt as VideoGenerationUsageTransaction, h as ChatCompletionCreateInputSchema, ht as VIDEO_SIZE_CONSTRAINTS, i as AiEvents, it as ResearchTaskType, j as ImageModels, k as ImageEditUsageTransaction, kt as sanitizeTelemetryError, l as ArtifactTypeSchema, lt as TagType, mt as UiNavigationEvents, n as logger, nt as ResearchTaskExecutionType, o as ApiKeyScope, ot as SpeechToTextModels, p as BedrockEmbeddingModel, pt as TransferCreditTransaction, q as PromptMetaZodSchema, r as ALERT_THRESHOLDS, rt as ResearchTaskPeriodicFrequencyType, s as ApiKeyType, st as SubscriptionCreditTransaction, t as ConfigStore, tt as ResearchModeParamsSchema, u as AuthEvents, ut as TaskScheduleHandler, v as DashboardParamsSchema, vt as VoyageAIEmbeddingModel, w as FriendshipEvents, wt as getViewById, x as FavoriteDocumentType, xt as getAccessibleDataLakes, y as ElabsEvents, yt as XAI_IMAGE_MODELS, z as ModelBackend } from "./ConfigStore-DBUmvCfe.mjs";
+import { $ as RechartsChartTypeList, A as ImageGenerationUsageTransaction, At as secureParameters, B as NotFoundError, C as FileEvents, Ct as getMcpProviderMetadata, D as GenericCreditAddTransaction, Dt as obfuscateApiKey, E as GenerateImageToolCallSchema, Et as isGPTImageModel, F as KnowledgeType, G as ProfileEvents, H as OpenAIImageGenerationInput, I as LLMEvents, J as PurchaseTransaction, K as ProjectEvents, L as MiscEvents, M as InboxEvents, N as InviteEvents, Nt as CollectionType, O as GenericCreditDeductTransaction, Ot as resolveNavigationIntents, P as InviteType, Q as ReceivedCreditTransaction, R as ModalEvents, S as FeedbackEvents, St as getDataLakeTags, T as GEMINI_IMAGE_MODELS, Tt as isGPTImage2Model, U as Permission, V as OpenAIEmbeddingModel, W as PermissionDeniedError, X as REASONING_SUPPORTED_MODELS, Y as QuestMasterParamsSchema, Z as RealtimeVoiceUsageTransaction, _ as CompletionApiUsageTransaction, _t as VideoModels, a as ApiKeyEvents, at as SessionEvents, b as FIXED_TEMPERATURE_MODELS, bt as b4mLLMTools, c as AppFileEvents, ct as SupportedFabFileMimeTypes, d as BFL_IMAGE_MODELS, dt as TextGenerationUsageTransaction, et as RegInviteEvents, f as BFL_SAFETY_TOLERANCE, ft as ToolUsageTransaction, g as ChatModels, gt as VideoGenerationUsageTransaction, h as ChatCompletionCreateInputSchema, ht as VIDEO_SIZE_CONSTRAINTS, i as AiEvents, it as ResearchTaskType, j as ImageModels, k as ImageEditUsageTransaction, kt as sanitizeTelemetryError, l as ArtifactTypeSchema, lt as TagType, mt as UiNavigationEvents, n as logger, nt as ResearchTaskExecutionType, o as ApiKeyScope, ot as SpeechToTextModels, p as BedrockEmbeddingModel, pt as TransferCreditTransaction, q as PromptMetaZodSchema, r as ALERT_THRESHOLDS, rt as ResearchTaskPeriodicFrequencyType, s as ApiKeyType, st as SubscriptionCreditTransaction, t as ConfigStore, tt as ResearchModeParamsSchema, u as AuthEvents, ut as TaskScheduleHandler, v as DashboardParamsSchema, vt as VoyageAIEmbeddingModel, w as FriendshipEvents, wt as getViewById, x as FavoriteDocumentType, xt as getAccessibleDataLakes, y as ElabsEvents, yt as XAI_IMAGE_MODELS, z as ModelBackend } from "./ConfigStore-Dt6utdSA.mjs";
 import { n as isPathAllowed, t as assertPathAllowed } from "./pathValidation-CIytuhr3-Dt5dntLx.mjs";
 import { execFile, execFileSync, spawn } from "child_process";
 import { createHash, randomBytes } from "crypto";
@@ -530,6 +530,10 @@ const COMMANDS = [
 	{
 		name: "blockers",
 		description: "Show tracked blockers for current session"
+	},
+	{
+		name: "handoff",
+		description: "Show or generate the session handoff for cross-session continuity"
 	}
 ];
 /**
@@ -3099,8 +3103,7 @@ var AIImageService = class {
 	}
 };
 //#endregion
-//#region ../../b4m-core/utils/dist/index.mjs
-var BaseStorage = class {};
+//#region ../../b4m-core/observability/dist/index.mjs
 var Logger = class Logger {
 	static globalInstance = new Logger();
 	metadata = {};
@@ -3304,6 +3307,9 @@ var Logger = class Logger {
 		blue: `\x1b[34m${args.join(" ")}\x1b[0m`
 	});
 };
+//#endregion
+//#region ../../b4m-core/utils/dist/index.mjs
+var BaseStorage = class {};
 dotenv.config();
 /**
 * Execute an array of async tasks either in parallel (with concurrency limiting)
@@ -4760,6 +4766,8 @@ var OpenAIBackend = class {
 			...options
 		};
 		const toolCallCount = options._internal?.toolCallCount ?? 0;
+		const accumInputTokens = options._internal?.accumInputTokens ?? 0;
+		const accumOutputTokens = options._internal?.accumOutputTokens ?? 0;
 		if (toolCallCount >= 10 && options.tools?.length) {
 			this.logger.warn(`⚠️ Max tool calls limit (10) reached. Disabling tools to prevent infinite loops.`);
 			await this.complete(model, messages, {
@@ -4942,7 +4950,9 @@ var OpenAIBackend = class {
 							tools: anyMcpTool ? options.tools : void 0,
 							_internal: {
 								...options._internal,
-								toolCallCount: toolCallCount + 1
+								toolCallCount: toolCallCount + 1,
+								accumInputTokens: accumInputTokens + (response.usage?.prompt_tokens || 0),
+								accumOutputTokens: accumOutputTokens + (response.usage?.completion_tokens || 0)
 							}
 						}, recursiveCallback, toolsUsed);
 						if (anyArtifactWasStreamed && recursiveBuffer) {
@@ -4953,8 +4963,8 @@ var OpenAIBackend = class {
 					} else {
 						this.logger.debug(`[Tool Execution] executeTools=false, passing tool calls to callback`);
 						await callback([null], {
-							inputTokens: response.usage?.prompt_tokens || 0,
-							outputTokens: response.usage?.completion_tokens || 0,
+							inputTokens: accumInputTokens + (response.usage?.prompt_tokens || 0),
+							outputTokens: accumOutputTokens + (response.usage?.completion_tokens || 0),
 							toolsUsed: toolsUsed.length > 0 ? toolsUsed : void 0
 						});
 						return;
@@ -4968,8 +4978,8 @@ var OpenAIBackend = class {
 				if (cacheStats) logCacheStats(this.logger, cacheStats, { streaming: false });
 			}
 			await callback(streamedText, {
-				inputTokens: response.usage?.prompt_tokens || 0,
-				outputTokens: response.usage?.completion_tokens || 0,
+				inputTokens: accumInputTokens + (response.usage?.prompt_tokens || 0),
+				outputTokens: accumOutputTokens + (response.usage?.completion_tokens || 0),
 				toolsUsed: toolsUsed.length > 0 ? toolsUsed : void 0,
 				cacheStats
 			});
@@ -5008,8 +5018,8 @@ var OpenAIBackend = class {
 				if (c.delta.content) streamedText[c.index] = (streamedText[c.index] || "") + c.delta.content;
 			});
 			await callback(streamedText, {
-				inputTokens,
-				outputTokens,
+				inputTokens: accumInputTokens + inputTokens,
+				outputTokens: accumOutputTokens + outputTokens,
 				toolsUsed: toolsUsed.length > 0 ? toolsUsed : void 0
 			});
 		}
@@ -5114,8 +5124,8 @@ var OpenAIBackend = class {
 						thisToolHadArtifact = true;
 						anyArtifactWasStreamed = true;
 						await callback(results, {
-							inputTokens,
-							outputTokens,
+							inputTokens: accumInputTokens + inputTokens,
+							outputTokens: accumOutputTokens + outputTokens,
 							toolsUsed: toolsUsed.length > 0 ? toolsUsed : void 0,
 							cacheStats
 						});
@@ -5138,7 +5148,9 @@ var OpenAIBackend = class {
 						tools: anyMcpTool ? options.tools : void 0,
 						_internal: {
 							...options._internal,
-							toolCallCount: toolCallCount + 1
+							toolCallCount: toolCallCount + 1,
+							accumInputTokens: accumInputTokens + inputTokens,
+							accumOutputTokens: accumOutputTokens + outputTokens
 						}
 					}, async (results, meta) => {
 						for (const r of results) if (r != null) recursiveBuffer += r;
@@ -5151,14 +5163,16 @@ var OpenAIBackend = class {
 					tools: anyMcpTool ? options.tools : void 0,
 					_internal: {
 						...options._internal,
-						toolCallCount: toolCallCount + 1
+						toolCallCount: toolCallCount + 1,
+						accumInputTokens: accumInputTokens + inputTokens,
+						accumOutputTokens: accumOutputTokens + outputTokens
 					}
 				}, callback, toolsUsed);
 			} else {
 				this.logger.debug(`[Tool Execution] executeTools=false, passing tool calls to callback`);
 				await callback([null], {
-					inputTokens,
-					outputTokens,
+					inputTokens: accumInputTokens + inputTokens,
+					outputTokens: accumOutputTokens + outputTokens,
 					toolsUsed: toolsUsed.length > 0 ? toolsUsed : void 0,
 					cacheStats
 				});
@@ -6859,17 +6873,49 @@ const webFetchTool = {
 	})
 };
 //#endregion
-//#region ../../b4m-core/services/dist/jsonSanitize-NGoqEfny.mjs
+//#region ../../b4m-core/services/dist/jsonSanitize-DPYPbara.mjs
 /**
 * Sanitize a JSON string by escaping control characters inside string literals.
 * LLMs sometimes return JSON with unescaped newlines/tabs inside string values,
 * which causes JSON.parse to fail with "Bad control character in string literal".
 *
 * Covers all U+0000–U+001F control characters per JSON RFC 8259.
+*
+* Also applies a lookahead heuristic to escape unescaped double-quotes inside
+* string values — the most common LLM JSON failure mode (e.g., code snippets
+* containing logger.error("msg") inside a JSON string).
+*
+* Returns the sanitized string and the number of quotes repaired.
+* If the JSON is already valid, it is returned unchanged (zero repairs).
 */
 function sanitizeJsonString(jsonStr) {
+	const { result } = sanitizeJsonStringWithMeta(jsonStr);
+	return result;
+}
+function sanitizeJsonStringWithMeta(jsonStr, options) {
+	try {
+		JSON.parse(jsonStr);
+		return {
+			result: jsonStr,
+			repairedQuotes: 0
+		};
+	} catch {}
 	let result = "";
 	let inString = false;
+	/**
+	* Tracks whether we are in a key position (true) or value position (false).
+	* Starts as true — the first string in valid JSON must be a key.
+	* Flips to false after a key-closing quote + colon pair.
+	* Flips back to true after a value-closing quote (or structural char) + comma/`{`/`[`.
+	*
+	* This is used to disambiguate `:` after a `"` inside a string:
+	*   - In key position: `"` + `:` → structural (closes the key, colon follows)
+	*   - In value position: `"` + `:` → embedded (e.g., `"status": it was null"`)
+	*/
+	let inKey = true;
+	/** Tracks nested structure context for truncation repair. */
+	const structureStack = [];
+	let repairedQuotes = 0;
 	let i = 0;
 	while (i < jsonStr.length) {
 		const char = jsonStr[i];
@@ -6879,8 +6925,25 @@ function sanitizeJsonString(jsonStr) {
 			continue;
 		}
 		if (char === "\"") {
-			inString = !inString;
-			result += char;
+			if (!inString) {
+				inString = true;
+				result += char;
+				i++;
+				continue;
+			}
+			let j = i + 1;
+			while (j < jsonStr.length && (jsonStr[j] === " " || jsonStr[j] === "	" || jsonStr[j] === "\r" || jsonStr[j] === "\n")) j++;
+			const nextNonWs = j < jsonStr.length ? jsonStr[j] : "";
+			if (nextNonWs === "," || nextNonWs === "}" || nextNonWs === "]" || nextNonWs === "" || nextNonWs === ":" && inKey) {
+				inString = false;
+				result += char;
+				i++;
+				if (nextNonWs === ":") inKey = false;
+				else if (nextNonWs === "," || nextNonWs === "}" || nextNonWs === "]") inKey = true;
+				continue;
+			}
+			result += "\\\"";
+			repairedQuotes++;
 			i++;
 			continue;
 		}
@@ -6907,10 +6970,45 @@ function sanitizeJsonString(jsonStr) {
 					break;
 			}
 			else result += char;
-		} else result += char;
+		} else {
+			result += char;
+			if (char === "{") {
+				structureStack.push("{");
+				inKey = true;
+			} else if (char === "[") {
+				structureStack.push("[");
+				inKey = false;
+			} else if (char === "}" || char === "]") {
+				if (structureStack.length > 0) structureStack.pop();
+				inKey = (structureStack.length > 0 ? structureStack[structureStack.length - 1] : null) !== "[";
+			} else if (char === ",") {
+				if ((structureStack.length > 0 ? structureStack[structureStack.length - 1] : null) === "{") inKey = true;
+			}
+		}
 		i++;
 	}
-	return result;
+	if (inString) {
+		if (options?.attemptTruncationRepair && structureStack.length > 0) {
+			const closing = [...structureStack].reverse().map((c) => c === "{" ? "}" : "]").join("");
+			const salvage = result + "\"" + closing;
+			try {
+				JSON.parse(salvage);
+				return {
+					result: salvage,
+					repairedQuotes,
+					truncationRepaired: true
+				};
+			} catch {}
+		}
+		return {
+			result: jsonStr,
+			repairedQuotes: 0
+		};
+	}
+	return {
+		result,
+		repairedQuotes
+	};
 }
 //#endregion
 //#region ../../b4m-core/quantum/dist/index.mjs
@@ -8758,7 +8856,7 @@ No markdown, no explanation, no code blocks — just the raw JSON object.`;
 	"Minimize: sum(error^2)"
 ].join("\n");
 //#endregion
-//#region ../../b4m-core/services/dist/tools-s4H4po60.mjs
+//#region ../../b4m-core/services/dist/tools-B55E_Q3K.mjs
 async function performDeepResearch(context, params, config) {
 	const maxDepth = config.maxDepth || 7;
 	const duration = config.duration || 4.5;
@@ -15798,56 +15896,6 @@ z.object({
 	embargoDetected: z.boolean().prefault(false),
 	suggestedTags: z.array(z.string()).prefault([])
 });
-z.object({
-	userId: z.string(),
-	sessionId: z.string(),
-	questId: z.string(),
-	message: z.string().min(1, "Message cannot be empty"),
-	messageFileIds: z.array(z.string()),
-	historyCount: z.number(),
-	fabFileIds: z.array(z.string()),
-	params: ChatCompletionCreateInputSchema,
-	dashboardParams: DashboardParamsSchema.optional(),
-	enableQuestMaster: z.boolean().optional(),
-	enableMementos: z.boolean().optional(),
-	enableArtifacts: z.boolean().optional(),
-	enableAgents: z.boolean().optional(),
-	enableLattice: z.boolean().optional(),
-	promptMeta: PromptMetaZodSchema,
-	tools: z.array(z.union([b4mLLMTools, z.string()])).optional(),
-	mcpServers: z.array(z.string()).optional(),
-	projectId: z.string().optional(),
-	organizationId: z.string().nullable().optional(),
-	questMaster: QuestMasterParamsSchema.optional(),
-	toolPromptId: z.string().optional(),
-	researchMode: ResearchModeParamsSchema.optional(),
-	fallbackModel: z.string().optional(),
-	embeddingModel: z.string().optional(),
-	queryComplexity: z.string(),
-	imageConfig: GenerateImageToolCallSchema.optional(),
-	deepResearchConfig: z.object({
-		maxDepth: z.number().optional(),
-		duration: z.number().optional(),
-		searchers: z.array(z.any()).optional()
-	}).optional(),
-	extraContextMessages: z.array(z.object({
-		role: z.enum([
-			"user",
-			"assistant",
-			"system",
-			"function",
-			"tool"
-		]),
-		content: z.union([z.string(), z.array(z.any())]),
-		fabFileIds: z.array(z.string()).optional()
-	})).optional(),
-	/** User's timezone (IANA format, e.g., "America/New_York") */
-	timezone: z.string().optional(),
-	/** Persona-based sub-agent filter — only these agent names are available for delegation */
-	allowedAgents: z.array(z.string()).optional(),
-	/** When true, Quest Processor injects Slack-specific tool configs (help, notebooks, curated files) */
-	enableSlackTools: z.boolean().optional()
-});
 /**
 * Regex patterns for extracting GitHub entities from text
 */
@@ -16345,6 +16393,56 @@ var CombinedExtractor = class {
 	}
 };
 new CombinedExtractor();
+z.object({
+	userId: z.string(),
+	sessionId: z.string(),
+	questId: z.string(),
+	message: z.string().min(1, "Message cannot be empty"),
+	messageFileIds: z.array(z.string()),
+	historyCount: z.number(),
+	fabFileIds: z.array(z.string()),
+	params: ChatCompletionCreateInputSchema,
+	dashboardParams: DashboardParamsSchema.optional(),
+	enableQuestMaster: z.boolean().optional(),
+	enableMementos: z.boolean().optional(),
+	enableArtifacts: z.boolean().optional(),
+	enableAgents: z.boolean().optional(),
+	enableLattice: z.boolean().optional(),
+	promptMeta: PromptMetaZodSchema,
+	tools: z.array(z.union([b4mLLMTools, z.string()])).optional(),
+	mcpServers: z.array(z.string()).optional(),
+	projectId: z.string().optional(),
+	organizationId: z.string().nullable().optional(),
+	questMaster: QuestMasterParamsSchema.optional(),
+	toolPromptId: z.string().optional(),
+	researchMode: ResearchModeParamsSchema.optional(),
+	fallbackModel: z.string().optional(),
+	embeddingModel: z.string().optional(),
+	queryComplexity: z.string(),
+	imageConfig: GenerateImageToolCallSchema.optional(),
+	deepResearchConfig: z.object({
+		maxDepth: z.number().optional(),
+		duration: z.number().optional(),
+		searchers: z.array(z.any()).optional()
+	}).optional(),
+	extraContextMessages: z.array(z.object({
+		role: z.enum([
+			"user",
+			"assistant",
+			"system",
+			"function",
+			"tool"
+		]),
+		content: z.union([z.string(), z.array(z.any())]),
+		fabFileIds: z.array(z.string()).optional()
+	})).optional(),
+	/** User's timezone (IANA format, e.g., "America/New_York") */
+	timezone: z.string().optional(),
+	/** Persona-based sub-agent filter — only these agent names are available for delegation */
+	allowedAgents: z.array(z.string()).optional(),
+	/** When true, Quest Processor injects Slack-specific tool configs (help, notebooks, curated files) */
+	enableSlackTools: z.boolean().optional()
+});
 (class AnomalyAlertService {
 	static {
 		this.MAX_CACHE_ENTRIES = 1e3;

package/dist/{updateChecker-Boy2GLk4.mjs → updateChecker-DZXWZfKF.mjs}

@@ -4,7 +4,7 @@ import { homedir } from "os";
 import path from "path";
 import axios from "axios";
 //#region package.json
-var version = "0.5.0";
+var version = "0.6.0";
 //#endregion
 //#region src/utils/updateChecker.ts
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bike4mind/cli",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "type": "module",
   "description": "Interactive CLI tool for Bike4Mind with ReAct agents",
   "license": "UNLICENSED",
@@ -32,15 +32,15 @@
   ],
   "dependencies": {
     "@anthropic-ai/sdk": "^0.79.0",
-    "@aws-sdk/client-apigatewaymanagementapi": "^3.1026.0",
-    "@aws-sdk/client-bedrock-runtime": "^3.1026.0",
-    "@aws-sdk/client-cloudwatch": "^3.1026.0",
-    "@aws-sdk/client-lambda": "^3.1026.0",
-    "@aws-sdk/client-s3": "^3.1026.0",
-    "@aws-sdk/client-sqs": "^3.1026.0",
-    "@aws-sdk/client-transcribe": "^3.1026.0",
-    "@aws-sdk/credential-provider-node": "^3.972.30",
-    "@aws-sdk/s3-request-presigner": "^3.1026.0",
+    "@aws-sdk/client-apigatewaymanagementapi": "^3.1041.0",
+    "@aws-sdk/client-bedrock-runtime": "^3.1041.0",
+    "@aws-sdk/client-cloudwatch": "^3.1041.0",
+    "@aws-sdk/client-lambda": "^3.1041.0",
+    "@aws-sdk/client-s3": "^3.1041.0",
+    "@aws-sdk/client-sqs": "^3.1041.0",
+    "@aws-sdk/client-transcribe": "^3.1041.0",
+    "@aws-sdk/credential-provider-node": "^3.972.39",
+    "@aws-sdk/s3-request-presigner": "^3.1041.0",
     "@casl/ability": "^6.8.1",
     "@google/genai": "^1.46.0",
     "@joplin/turndown-plugin-gfm": "^1.0.64",
@@ -48,7 +48,7 @@
     "@modelcontextprotocol/sdk": "1.27.1",
     "@octokit/rest": "^22.0.1",
     "@opensearch-project/opensearch": "2.11.0",
-    "@smithy/node-http-handler": "^4.5.2",
+    "@smithy/node-http-handler": "^4.6.1",
     "async-mutex": "^0.5.0",
     "axios": "1.15.1",
     "bcryptjs": "^3.0.2",
@@ -63,7 +63,7 @@
     "eventsource-parser": "^3.0.8",
     "exceljs": "^4.4.0",
     "fdir": "^6.5.0",
-    "file-type": "^18.7.0",
+    "file-type": "^22.0.1",
     "fuse.js": "^7.3.0",
     "fzf": "^0.5.2",
     "glob": "^13.0.6",
@@ -78,7 +78,7 @@
     "mammoth": "^1.12.0",
     "marked": "^15.0.11",
     "mathjs": "^15.2.0",
-    "mime-types": "^2.1.35",
+    "mime-types": "^3.0.2",
     "mongoose": "^8.8.3",
     "ollama": "^0.6.3",
     "open": "^11.0.0",
@@ -103,7 +103,7 @@
     "yauzl": "^3.3.0",
     "zod": "^4.3.6",
     "zod-validation-error": "^5.0.0",
-    "zustand": "^4.5.4"
+    "zustand": "^5.0.13"
   },
   "devDependencies": {
     "@types/better-sqlite3": "^7.6.13",
@@ -118,11 +118,11 @@
     "tsx": "^4.21.0",
     "typescript": "^5.9.3",
     "vitest": "^4.1.2",
-    "@bike4mind/agents": "0.5.3",
-    "@bike4mind/common": "2.89.0",
-    "@bike4mind/mcp": "1.36.0",
-    "@bike4mind/services": "2.77.0",
-    "@bike4mind/utils": "2.18.10"
+    "@bike4mind/agents": "0.0.0-changeset-release-main-20260505221459",
+    "@bike4mind/common": "0.0.0-changeset-release-main-20260505221459",
+    "@bike4mind/mcp": "0.0.0-changeset-release-main-20260505221459",
+    "@bike4mind/services": "0.0.0-changeset-release-main-20260505221459",
+    "@bike4mind/utils": "0.0.0-changeset-release-main-20260505221459"
   },
   "optionalDependencies": {
     "@vscode/ripgrep": "^1.17.1"