@deeplake/hivemind 0.7.45 → 0.7.47

package/cursor/bundle/graph-pull-worker.js

@@ -0,0 +1,1370 @@
+#!/usr/bin/env node
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// dist/src/index-marker-store.js
+var index_marker_store_exports = {};
+__export(index_marker_store_exports, {
+  buildIndexMarkerPath: () => buildIndexMarkerPath,
+  getIndexMarkerDir: () => getIndexMarkerDir,
+  hasFreshIndexMarker: () => hasFreshIndexMarker,
+  writeIndexMarker: () => writeIndexMarker
+});
+import { existsSync as existsSync2, mkdirSync as mkdirSync3, readFileSync as readFileSync4, writeFileSync as writeFileSync3 } from "node:fs";
+import { join as join5 } from "node:path";
+import { tmpdir } from "node:os";
+function getIndexMarkerDir() {
+  return process.env.HIVEMIND_INDEX_MARKER_DIR ?? join5(tmpdir(), "hivemind-deeplake-indexes");
+}
+function buildIndexMarkerPath(workspaceId, orgId, table, suffix) {
+  const markerKey = [workspaceId, orgId, table, suffix].join("__").replace(/[^a-zA-Z0-9_.-]/g, "_");
+  return join5(getIndexMarkerDir(), `${markerKey}.json`);
+}
+function hasFreshIndexMarker(markerPath) {
+  if (!existsSync2(markerPath))
+    return false;
+  try {
+    const raw = JSON.parse(readFileSync4(markerPath, "utf-8"));
+    const updatedAt = raw.updatedAt ? new Date(raw.updatedAt).getTime() : NaN;
+    if (!Number.isFinite(updatedAt) || Date.now() - updatedAt > INDEX_MARKER_TTL_MS)
+      return false;
+    return true;
+  } catch {
+    return false;
+  }
+}
+function writeIndexMarker(markerPath) {
+  mkdirSync3(getIndexMarkerDir(), { recursive: true });
+  writeFileSync3(markerPath, JSON.stringify({ updatedAt: (/* @__PURE__ */ new Date()).toISOString() }), "utf-8");
+}
+var INDEX_MARKER_TTL_MS;
+var init_index_marker_store = __esm({
+  "dist/src/index-marker-store.js"() {
+    "use strict";
+    INDEX_MARKER_TTL_MS = Number(process.env.HIVEMIND_INDEX_MARKER_TTL_MS ?? 6 * 60 * 6e4);
+  }
+});
+
+// dist/src/hooks/graph-pull-worker.js
+import { appendFileSync as appendFileSync3, mkdirSync as mkdirSync8 } from "node:fs";
+import { join as join10 } from "node:path";
+
+// dist/src/graph/deeplake-pull.js
+import { execFileSync } from "node:child_process";
+import { createHash as createHash3 } from "node:crypto";
+import { existsSync as existsSync5, mkdirSync as mkdirSync7, renameSync as renameSync4, writeFileSync as writeFileSync6 } from "node:fs";
+import { dirname as dirname4, join as join9 } from "node:path";
+
+// dist/src/config.js
+import { readFileSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { homedir, userInfo } from "node:os";
+function loadConfig() {
+  const home = homedir();
+  const credPath = join(home, ".deeplake", "credentials.json");
+  let creds = null;
+  if (existsSync(credPath)) {
+    try {
+      creds = JSON.parse(readFileSync(credPath, "utf-8"));
+    } catch {
+      return null;
+    }
+  }
+  const token = process.env.HIVEMIND_TOKEN ?? creds?.token;
+  const orgId = process.env.HIVEMIND_ORG_ID ?? creds?.orgId;
+  if (!token || !orgId)
+    return null;
+  return {
+    token,
+    orgId,
+    orgName: creds?.orgName ?? orgId,
+    userName: creds?.userName || userInfo().username || "unknown",
+    workspaceId: process.env.HIVEMIND_WORKSPACE_ID ?? creds?.workspaceId ?? "default",
+    apiUrl: process.env.HIVEMIND_API_URL ?? creds?.apiUrl ?? "https://api.deeplake.ai",
+    tableName: process.env.HIVEMIND_TABLE ?? "memory",
+    sessionsTableName: process.env.HIVEMIND_SESSIONS_TABLE ?? "sessions",
+    skillsTableName: process.env.HIVEMIND_SKILLS_TABLE ?? "skills",
+    // Defaults match the table name written into the SQL — keep aligned
+    // with RULES_COLUMNS / TASKS_COLUMNS / TASK_EVENTS_COLUMNS in
+    // deeplake-schema.ts and with the e2e test-org override convention
+    // (memory_test / sessions_test → goals_test, etc.) documented in
+    // CLAUDE.md.
+    rulesTableName: process.env.HIVEMIND_RULES_TABLE ?? "hivemind_rules",
+    tasksTableName: process.env.HIVEMIND_TASKS_TABLE ?? "hivemind_tasks",
+    taskEventsTableName: process.env.HIVEMIND_TASK_EVENTS_TABLE ?? "hivemind_task_events",
+    // Goals + KPIs (refined design — VFS path classifier maps
+    //   memory/goal/<user>/<status>/<uuid>.md → hivemind_goals row
+    //   memory/kpi/<uuid>/<kpi_id>.md → hivemind_kpis row
+    // See src/shell/deeplake-fs.ts for the translation logic and
+    // GOALS_COLUMNS / KPIS_COLUMNS in deeplake-schema.ts for the
+    // table shape.
+    goalsTableName: process.env.HIVEMIND_GOALS_TABLE ?? "hivemind_goals",
+    kpisTableName: process.env.HIVEMIND_KPIS_TABLE ?? "hivemind_kpis",
+    codebaseTableName: process.env.HIVEMIND_CODEBASE_TABLE ?? "codebase",
+    memoryPath: process.env.HIVEMIND_MEMORY_PATH ?? join(home, ".deeplake", "memory")
+  };
+}
+
+// dist/src/deeplake-api.js
+import { randomUUID } from "node:crypto";
+
+// dist/src/utils/debug.js
+import { appendFileSync } from "node:fs";
+import { join as join2 } from "node:path";
+import { homedir as homedir2 } from "node:os";
+var LOG = join2(homedir2(), ".deeplake", "hook-debug.log");
+function isDebug() {
+  return process.env.HIVEMIND_DEBUG === "1";
+}
+function log(tag, msg) {
+  if (!isDebug())
+    return;
+  appendFileSync(LOG, `${(/* @__PURE__ */ new Date()).toISOString()} [${tag}] ${msg}
+`);
+}
+
+// dist/src/utils/sql.js
+function sqlStr(value) {
+  return value.replace(/\\/g, "\\\\").replace(/'/g, "''").replace(/\0/g, "").replace(/[\x01-\x08\x0b\x0c\x0e-\x1f\x7f]/g, "");
+}
+function sqlIdent(name) {
+  if (!/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(name)) {
+    throw new Error(`Invalid SQL identifier: ${JSON.stringify(name)}`);
+  }
+  return name;
+}
+
+// dist/src/embeddings/columns.js
+var SUMMARY_EMBEDDING_COL = "summary_embedding";
+
+// dist/src/utils/client-header.js
+var DEEPLAKE_CLIENT_HEADER = "X-Deeplake-Client";
+function deeplakeClientValue() {
+  return "hivemind";
+}
+function deeplakeClientHeader() {
+  return { [DEEPLAKE_CLIENT_HEADER]: deeplakeClientValue() };
+}
+
+// dist/src/deeplake-schema.js
+var MEMORY_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "path", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "filename", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "summary", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "summary_embedding", sql: "FLOAT4[]" },
+  { name: "author", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "mime_type", sql: "TEXT NOT NULL DEFAULT 'text/plain'" },
+  { name: "size_bytes", sql: "BIGINT NOT NULL DEFAULT 0" },
+  { name: "project", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "description", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "creation_date", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "last_update_date", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var SESSIONS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "path", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "filename", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "message", sql: "JSONB" },
+  { name: "message_embedding", sql: "FLOAT4[]" },
+  { name: "author", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "mime_type", sql: "TEXT NOT NULL DEFAULT 'application/json'" },
+  { name: "size_bytes", sql: "BIGINT NOT NULL DEFAULT 0" },
+  { name: "project", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "description", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "creation_date", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "last_update_date", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var SKILLS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "name", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "project", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "project_key", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "local_path", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "install", sql: "TEXT NOT NULL DEFAULT 'project'" },
+  { name: "source_sessions", sql: "TEXT NOT NULL DEFAULT '[]'" },
+  { name: "source_agent", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "scope", sql: "TEXT NOT NULL DEFAULT 'me'" },
+  { name: "author", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "contributors", sql: "TEXT NOT NULL DEFAULT '[]'" },
+  { name: "description", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "trigger_text", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "body", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "created_at", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "updated_at", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var RULES_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "rule_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "text", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "scope", sql: "TEXT NOT NULL DEFAULT 'team'" },
+  { name: "status", sql: "TEXT NOT NULL DEFAULT 'active'" },
+  { name: "assigned_by", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "created_at", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT 'manual'" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var TASKS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "task_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "text", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "scope", sql: "TEXT NOT NULL DEFAULT 'me'" },
+  { name: "status", sql: "TEXT NOT NULL DEFAULT 'active'" },
+  { name: "assigned_to", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "assigned_by", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "kpis", sql: "JSONB" },
+  { name: "version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "created_at", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT 'manual'" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var TASK_EVENTS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "task_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "task_version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "kpi_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "value", sql: "BIGINT NOT NULL DEFAULT 0" },
+  { name: "note", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "source", sql: "TEXT NOT NULL DEFAULT 'user'" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "ts", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var GOALS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "goal_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "owner", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "status", sql: "TEXT NOT NULL DEFAULT 'opened'" },
+  { name: "content", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "created_at", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT 'manual'" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+var KPIS_COLUMNS = Object.freeze([
+  { name: "id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "goal_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "kpi_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "content", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "version", sql: "BIGINT NOT NULL DEFAULT 1" },
+  { name: "created_at", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "agent", sql: "TEXT NOT NULL DEFAULT 'manual'" },
+  { name: "plugin_version", sql: "TEXT NOT NULL DEFAULT ''" }
+]);
+function validateSchema(label, cols) {
+  const seen = /* @__PURE__ */ new Set();
+  for (const col of cols) {
+    if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(col.name)) {
+      throw new Error(`${label}: column name "${col.name}" is not a valid SQL identifier`);
+    }
+    if (seen.has(col.name)) {
+      throw new Error(`${label}: duplicate column "${col.name}"`);
+    }
+    seen.add(col.name);
+    const notNull = /\bNOT\s+NULL\b/i.test(col.sql);
+    const hasDefault = /\bDEFAULT\b/i.test(col.sql);
+    if (notNull && !hasDefault) {
+      throw new Error(`${label}: column "${col.name}" is NOT NULL but has no DEFAULT \u2014 ALTER TABLE ADD COLUMN on a populated table would fail.`);
+    }
+  }
+}
+var CODEBASE_COLUMNS = Object.freeze([
+  // Identity key (matches the PK below)
+  { name: "org_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "workspace_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "repo_slug", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "user_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "worktree_id", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "commit_sha", sql: "TEXT NOT NULL DEFAULT ''" },
+  // Observation metadata
+  { name: "parent_sha", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "branch", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "ts", sql: "TIMESTAMP" },
+  { name: "pushed_by", sql: "TEXT NOT NULL DEFAULT ''" },
+  // Snapshot payload
+  { name: "snapshot_sha256", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "snapshot_jsonb", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "node_count", sql: "BIGINT NOT NULL DEFAULT 0" },
+  { name: "edge_count", sql: "BIGINT NOT NULL DEFAULT 0" },
+  // Generator metadata (for drift diagnostics — what hivemind version produced this?)
+  { name: "generator", sql: "TEXT NOT NULL DEFAULT 'hivemind-graph'" },
+  { name: "generator_version", sql: "TEXT NOT NULL DEFAULT ''" },
+  { name: "schema_version", sql: "BIGINT NOT NULL DEFAULT 1" }
+]);
+validateSchema("MEMORY_COLUMNS", MEMORY_COLUMNS);
+validateSchema("SESSIONS_COLUMNS", SESSIONS_COLUMNS);
+validateSchema("SKILLS_COLUMNS", SKILLS_COLUMNS);
+validateSchema("RULES_COLUMNS", RULES_COLUMNS);
+validateSchema("TASKS_COLUMNS", TASKS_COLUMNS);
+validateSchema("TASK_EVENTS_COLUMNS", TASK_EVENTS_COLUMNS);
+validateSchema("GOALS_COLUMNS", GOALS_COLUMNS);
+validateSchema("KPIS_COLUMNS", KPIS_COLUMNS);
+validateSchema("CODEBASE_COLUMNS", CODEBASE_COLUMNS);
+function buildCreateTableSql(tableName, cols) {
+  const safe = sqlIdent(tableName);
+  const colSql = cols.map((c) => `${c.name} ${c.sql}`).join(", ");
+  return `CREATE TABLE IF NOT EXISTS "${safe}" (${colSql}) USING deeplake`;
+}
+function buildIntrospectionSql(tableName, workspaceId) {
+  return `SELECT column_name FROM information_schema.columns WHERE table_name = '${sqlStr(tableName)}' AND table_schema = '${sqlStr(workspaceId)}'`;
+}
+async function healMissingColumns(args) {
+  const safeTable = sqlIdent(args.tableName);
+  const introspectSql = buildIntrospectionSql(args.tableName, args.workspaceId);
+  const rows = await args.query(introspectSql);
+  const existing = /* @__PURE__ */ new Set();
+  for (const row of rows) {
+    const v = row?.column_name;
+    if (typeof v === "string")
+      existing.add(v.toLowerCase());
+  }
+  const missingCols = args.columns.filter((c) => !existing.has(c.name.toLowerCase()));
+  const missing = missingCols.map((c) => c.name);
+  if (missingCols.length === 0)
+    return { missing, altered: [] };
+  const altered = [];
+  for (const col of missingCols) {
+    try {
+      await args.query(`ALTER TABLE "${safeTable}" ADD COLUMN ${col.name} ${col.sql}`);
+      altered.push(col.name);
+      args.log?.(`schema-heal: added "${args.tableName}"."${col.name}"`);
+    } catch (e) {
+      const msg = e instanceof Error ? e.message : String(e);
+      if (!/already exists/i.test(msg))
+        throw e;
+      const recheck = await args.query(introspectSql);
+      const present = recheck.some((r) => {
+        const v = r?.column_name;
+        return typeof v === "string" && v.toLowerCase() === col.name.toLowerCase();
+      });
+      if (!present)
+        throw e;
+      args.log?.(`schema-heal: "${args.tableName}"."${col.name}" appeared via race, treating as success`);
+    }
+  }
+  return { missing, altered };
+}
+
+// dist/src/notifications/queue.js
+import { readFileSync as readFileSync2, writeFileSync, renameSync, mkdirSync, openSync, closeSync, unlinkSync, statSync } from "node:fs";
+import { join as join3, resolve } from "node:path";
+import { homedir as homedir3 } from "node:os";
+import { setTimeout as sleep } from "node:timers/promises";
+var log2 = (msg) => log("notifications-queue", msg);
+var LOCK_RETRY_MAX = 50;
+var LOCK_RETRY_BASE_MS = 5;
+var LOCK_STALE_MS = 5e3;
+function queuePath() {
+  return join3(homedir3(), ".deeplake", "notifications-queue.json");
+}
+function lockPath() {
+  return `${queuePath()}.lock`;
+}
+function readQueue() {
+  try {
+    const raw = readFileSync2(queuePath(), "utf-8");
+    const parsed = JSON.parse(raw);
+    if (!parsed || !Array.isArray(parsed.queue)) {
+      log2(`queue malformed \u2192 treating as empty`);
+      return { queue: [] };
+    }
+    return { queue: parsed.queue };
+  } catch {
+    return { queue: [] };
+  }
+}
+function _isQueuePathInsideHome(path, home) {
+  const r = resolve(path);
+  const h = resolve(home);
+  return r.startsWith(h + "/") || r === h;
+}
+function writeQueue(q) {
+  const path = queuePath();
+  const home = resolve(homedir3());
+  if (!_isQueuePathInsideHome(path, home)) {
+    throw new Error(`notifications-queue write blocked: ${path} is outside ${home}`);
+  }
+  mkdirSync(join3(home, ".deeplake"), { recursive: true, mode: 448 });
+  const tmp = `${path}.${process.pid}.tmp`;
+  writeFileSync(tmp, JSON.stringify(q, null, 2), { mode: 384 });
+  renameSync(tmp, path);
+}
+async function withQueueLock(fn) {
+  const path = lockPath();
+  mkdirSync(join3(homedir3(), ".deeplake"), { recursive: true, mode: 448 });
+  let fd = null;
+  for (let attempt = 0; attempt < LOCK_RETRY_MAX; attempt++) {
+    try {
+      fd = openSync(path, "wx", 384);
+      break;
+    } catch (e) {
+      const code = e.code;
+      if (code !== "EEXIST")
+        throw e;
+      try {
+        const age = Date.now() - statSync(path).mtimeMs;
+        if (age > LOCK_STALE_MS) {
+          unlinkSync(path);
+          continue;
+        }
+      } catch {
+      }
+      const delay = LOCK_RETRY_BASE_MS * (attempt + 1);
+      await sleep(delay);
+    }
+  }
+  if (fd === null) {
+    log2(`lock acquisition gave up after ${LOCK_RETRY_MAX} attempts \u2014 proceeding unlocked (last-writer-wins)`);
+    return fn();
+  }
+  try {
+    return fn();
+  } finally {
+    try {
+      closeSync(fd);
+    } catch {
+    }
+    try {
+      unlinkSync(path);
+    } catch {
+    }
+  }
+}
+function sameDedupKey(a, b) {
+  if (a.id !== b.id)
+    return false;
+  return JSON.stringify(a.dedupKey) === JSON.stringify(b.dedupKey);
+}
+async function enqueueNotification(n) {
+  await withQueueLock(() => {
+    const q = readQueue();
+    if (q.queue.some((existing) => sameDedupKey(existing, n))) {
+      return;
+    }
+    q.queue.push(n);
+    writeQueue(q);
+  });
+}
+
+// dist/src/commands/auth-creds.js
+import { readFileSync as readFileSync3, writeFileSync as writeFileSync2, mkdirSync as mkdirSync2, unlinkSync as unlinkSync2 } from "node:fs";
+import { join as join4 } from "node:path";
+import { homedir as homedir4 } from "node:os";
+function configDir() {
+  return join4(homedir4(), ".deeplake");
+}
+function credsPath() {
+  return join4(configDir(), "credentials.json");
+}
+function loadCredentials() {
+  try {
+    return JSON.parse(readFileSync3(credsPath(), "utf-8"));
+  } catch {
+    return null;
+  }
+}
+
+// dist/src/deeplake-api.js
+var indexMarkerStorePromise = null;
+function getIndexMarkerStore() {
+  if (!indexMarkerStorePromise)
+    indexMarkerStorePromise = Promise.resolve().then(() => (init_index_marker_store(), index_marker_store_exports));
+  return indexMarkerStorePromise;
+}
+var log3 = (msg) => log("sdk", msg);
+function summarizeSql(sql, maxLen = 220) {
+  const compact = sql.replace(/\s+/g, " ").trim();
+  return compact.length > maxLen ? `${compact.slice(0, maxLen)}...` : compact;
+}
+function traceSql(msg) {
+  const traceEnabled = process.env.HIVEMIND_TRACE_SQL === "1" || process.env.HIVEMIND_DEBUG === "1";
+  if (!traceEnabled)
+    return;
+  process.stderr.write(`[deeplake-sql] ${msg}
+`);
+  if (process.env.HIVEMIND_DEBUG === "1")
+    log3(msg);
+}
+var _signalledBalanceExhausted = false;
+function maybeSignalBalanceExhausted(status, bodyText) {
+  if (status !== 402)
+    return;
+  if (!bodyText.includes("balance_cents"))
+    return;
+  if (_signalledBalanceExhausted)
+    return;
+  _signalledBalanceExhausted = true;
+  log3(`balance exhausted \u2014 enqueuing session-start banner (body=${bodyText.slice(0, 120)})`);
+  enqueueNotification({
+    id: "balance-exhausted",
+    severity: "warn",
+    transient: true,
+    title: "Hivemind credits exhausted \u2014 top up to keep capturing",
+    body: `Sessions are not being saved and memory recall is returning empty. Top up at ${billingUrl()} to restore capture and recall.`,
+    dedupKey: { reason: "balance-zero" }
+  }).catch((e) => {
+    log3(`enqueue balance-exhausted failed: ${e instanceof Error ? e.message : String(e)}`);
+  });
+}
+function billingUrl() {
+  try {
+    const c = loadCredentials();
+    if (c?.orgName && c?.workspaceId) {
+      return `https://deeplake.ai/${encodeURIComponent(c.orgName)}/workspace/${encodeURIComponent(c.workspaceId)}/billing`;
+    }
+  } catch {
+  }
+  return "https://deeplake.ai";
+}
+var RETRYABLE_CODES = /* @__PURE__ */ new Set([429, 500, 502, 503, 504]);
+var MAX_RETRIES = 3;
+var BASE_DELAY_MS = 500;
+var MAX_CONCURRENCY = 5;
+function getQueryTimeoutMs() {
+  return Number(process.env.HIVEMIND_QUERY_TIMEOUT_MS ?? 1e4);
+}
+function sleep2(ms) {
+  return new Promise((resolve3) => setTimeout(resolve3, ms));
+}
+function isTimeoutError(error) {
+  const name = error instanceof Error ? error.name.toLowerCase() : "";
+  const message = error instanceof Error ? error.message.toLowerCase() : String(error).toLowerCase();
+  return name.includes("timeout") || name === "aborterror" || message.includes("timeout") || message.includes("timed out");
+}
+function isDuplicateIndexError(error) {
+  const message = error instanceof Error ? error.message.toLowerCase() : String(error).toLowerCase();
+  return message.includes("duplicate key value violates unique constraint") || message.includes("pg_class_relname_nsp_index") || message.includes("already exists");
+}
+function isSessionInsertQuery(sql) {
+  return /^\s*insert\s+into\s+"[^"]+"\s*\(\s*id\s*,\s*path\s*,\s*filename\s*,\s*message\s*,/i.test(sql);
+}
+function isTransientHtml403(text) {
+  const body = text.toLowerCase();
+  return body.includes("<html") || body.includes("403 forbidden") || body.includes("cloudflare") || body.includes("nginx");
+}
+var Semaphore = class {
+  max;
+  waiting = [];
+  active = 0;
+  constructor(max) {
+    this.max = max;
+  }
+  async acquire() {
+    if (this.active < this.max) {
+      this.active++;
+      return;
+    }
+    await new Promise((resolve3) => this.waiting.push(resolve3));
+  }
+  release() {
+    this.active--;
+    const next = this.waiting.shift();
+    if (next) {
+      this.active++;
+      next();
+    }
+  }
+};
+var DeeplakeApi = class {
+  token;
+  apiUrl;
+  orgId;
+  workspaceId;
+  tableName;
+  _pendingRows = [];
+  _sem = new Semaphore(MAX_CONCURRENCY);
+  _tablesCache = null;
+  constructor(token, apiUrl, orgId, workspaceId, tableName) {
+    this.token = token;
+    this.apiUrl = apiUrl;
+    this.orgId = orgId;
+    this.workspaceId = workspaceId;
+    this.tableName = tableName;
+  }
+  /** Execute SQL with retry on transient errors and bounded concurrency. */
+  async query(sql) {
+    const startedAt = Date.now();
+    const summary = summarizeSql(sql);
+    traceSql(`query start: ${summary}`);
+    await this._sem.acquire();
+    try {
+      const rows = await this._queryWithRetry(sql);
+      traceSql(`query ok (${Date.now() - startedAt}ms, rows=${rows.length}): ${summary}`);
+      return rows;
+    } catch (e) {
+      const message = e instanceof Error ? e.message : String(e);
+      traceSql(`query fail (${Date.now() - startedAt}ms): ${summary} :: ${message}`);
+      throw e;
+    } finally {
+      this._sem.release();
+    }
+  }
+  async _queryWithRetry(sql) {
+    let lastError;
+    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+      let resp;
+      const timeoutMs = getQueryTimeoutMs();
+      try {
+        const signal = AbortSignal.timeout(timeoutMs);
+        resp = await fetch(`${this.apiUrl}/workspaces/${this.workspaceId}/tables/query`, {
+          method: "POST",
+          headers: {
+            Authorization: `Bearer ${this.token}`,
+            "Content-Type": "application/json",
+            "X-Activeloop-Org-Id": this.orgId,
+            ...deeplakeClientHeader()
+          },
+          signal,
+          body: JSON.stringify({ query: sql })
+        });
+      } catch (e) {
+        if (isTimeoutError(e)) {
+          lastError = new Error(`Query timeout after ${timeoutMs}ms`);
+          throw lastError;
+        }
+        lastError = e instanceof Error ? e : new Error(String(e));
+        if (attempt < MAX_RETRIES) {
+          const delay = BASE_DELAY_MS * Math.pow(2, attempt) + Math.random() * 200;
+          log3(`query retry ${attempt + 1}/${MAX_RETRIES} (fetch error: ${lastError.message}) in ${delay.toFixed(0)}ms`);
+          await sleep2(delay);
+          continue;
+        }
+        throw lastError;
+      }
+      if (resp.ok) {
+        const raw = await resp.json();
+        if (!raw?.rows || !raw?.columns)
+          return [];
+        return raw.rows.map((row) => Object.fromEntries(raw.columns.map((col, i) => [col, row[i]])));
+      }
+      const text = await resp.text().catch(() => "");
+      const retryable403 = isSessionInsertQuery(sql) && (resp.status === 401 || resp.status === 403 && (text.length === 0 || isTransientHtml403(text)));
+      const alreadyExists = resp.status === 500 && isDuplicateIndexError(text);
+      if (!alreadyExists && attempt < MAX_RETRIES && (RETRYABLE_CODES.has(resp.status) || retryable403)) {
+        const delay = BASE_DELAY_MS * Math.pow(2, attempt) + Math.random() * 200;
+        log3(`query retry ${attempt + 1}/${MAX_RETRIES} (${resp.status}) in ${delay.toFixed(0)}ms`);
+        await sleep2(delay);
+        continue;
+      }
+      maybeSignalBalanceExhausted(resp.status, text);
+      throw new Error(`Query failed: ${resp.status}: ${text.slice(0, 200)}`);
+    }
+    throw lastError ?? new Error("Query failed: max retries exceeded");
+  }
+  // ── Writes ──────────────────────────────────────────────────────────────────
+  /** Queue rows for writing. Call commit() to flush. */
+  appendRows(rows) {
+    this._pendingRows.push(...rows);
+  }
+  /** Flush pending rows via SQL. */
+  async commit() {
+    if (this._pendingRows.length === 0)
+      return;
+    const rows = this._pendingRows;
+    this._pendingRows = [];
+    const CONCURRENCY = 10;
+    for (let i = 0; i < rows.length; i += CONCURRENCY) {
+      const chunk = rows.slice(i, i + CONCURRENCY);
+      await Promise.allSettled(chunk.map((r) => this.upsertRowSql(r)));
+    }
+    log3(`commit: ${rows.length} rows`);
+  }
+  async upsertRowSql(row) {
+    const ts = (/* @__PURE__ */ new Date()).toISOString();
+    const cd = row.creationDate ?? ts;
+    const lud = row.lastUpdateDate ?? ts;
+    const exists = await this.query(`SELECT path FROM "${this.tableName}" WHERE path = '${sqlStr(row.path)}' LIMIT 1`);
+    if (exists.length > 0) {
+      let setClauses = `summary = E'${sqlStr(row.contentText)}', ${SUMMARY_EMBEDDING_COL} = NULL, mime_type = '${sqlStr(row.mimeType)}', size_bytes = ${row.sizeBytes}, last_update_date = '${lud}'`;
+      if (row.project !== void 0)
+        setClauses += `, project = '${sqlStr(row.project)}'`;
+      if (row.description !== void 0)
+        setClauses += `, description = '${sqlStr(row.description)}'`;
+      await this.query(`UPDATE "${this.tableName}" SET ${setClauses} WHERE path = '${sqlStr(row.path)}'`);
+    } else {
+      const id = randomUUID();
+      let cols = `id, path, filename, summary, ${SUMMARY_EMBEDDING_COL}, mime_type, size_bytes, creation_date, last_update_date`;
+      let vals = `'${id}', '${sqlStr(row.path)}', '${sqlStr(row.filename)}', E'${sqlStr(row.contentText)}', NULL, '${sqlStr(row.mimeType)}', ${row.sizeBytes}, '${cd}', '${lud}'`;
+      if (row.project !== void 0) {
+        cols += ", project";
+        vals += `, '${sqlStr(row.project)}'`;
+      }
+      if (row.description !== void 0) {
+        cols += ", description";
+        vals += `, '${sqlStr(row.description)}'`;
+      }
+      await this.query(`INSERT INTO "${this.tableName}" (${cols}) VALUES (${vals})`);
+    }
+  }
+  /** Update specific columns on a row by path. */
+  async updateColumns(path, columns) {
+    const setClauses = Object.entries(columns).map(([col, val]) => typeof val === "number" ? `${col} = ${val}` : `${col} = '${sqlStr(String(val))}'`).join(", ");
+    await this.query(`UPDATE "${this.tableName}" SET ${setClauses} WHERE path = '${sqlStr(path)}'`);
+  }
+  // ── Convenience ─────────────────────────────────────────────────────────────
+  /** Create a BM25 search index on a column. */
+  async createIndex(column) {
+    await this.query(`CREATE INDEX IF NOT EXISTS idx_${sqlStr(column)}_bm25 ON "${this.tableName}" USING deeplake_index ("${column}")`);
+  }
+  buildLookupIndexName(table, suffix) {
+    return `idx_${table}_${suffix}`.replace(/[^a-zA-Z0-9_]/g, "_");
+  }
+  async ensureLookupIndex(table, suffix, columnsSql) {
+    const markers = await getIndexMarkerStore();
+    const markerPath = markers.buildIndexMarkerPath(this.workspaceId, this.orgId, table, suffix);
+    if (markers.hasFreshIndexMarker(markerPath))
+      return;
+    const indexName = this.buildLookupIndexName(table, suffix);
+    try {
+      await this.query(`CREATE INDEX IF NOT EXISTS "${indexName}" ON "${table}" ${columnsSql}`);
+      markers.writeIndexMarker(markerPath);
+    } catch (e) {
+      if (isDuplicateIndexError(e)) {
+        markers.writeIndexMarker(markerPath);
+        return;
+      }
+      log3(`index "${indexName}" skipped: ${e.message}`);
+    }
+  }
+  /**
+   * Heal any missing columns on a table so it matches one of the schema
+   * definitions in `deeplake-schema.ts`. One SELECT against
+   * `information_schema.columns` per call, then `ALTER TABLE ADD COLUMN`
+   * only the genuinely missing ones — never blanket, never `IF NOT
+   * EXISTS`.
+   *
+   * History: an earlier path used a local marker file (`col_<name>` under
+   * the index-marker dir) to skip even the SELECT after the first
+   * confirmation, plus per-column ALTERs for `summary_embedding`,
+   * `message_embedding`, `agent`, `plugin_version`. The marker existed
+   * because Deeplake used to expose a ~30s post-ALTER bug where
+   * subsequent INSERTs failed, so we wanted to keep ALTER traffic to a
+   * minimum. The bug was re-verified on 2026-05-18 against
+   * `api.deeplake.ai` (`test_plugin` org) and no longer reproduces
+   * (71/71 INSERTs OK, first success 2ms after ALTER). The single SELECT
+   * + targeted ALTER pattern survives the marker removal because: each
+   * ALTER still costs ~800ms (so blanket sweeps are wasteful) and the
+   * diff produces clearer logs than "ALTER all with IF NOT EXISTS".
+   */
+  async healSchema(table, columns) {
+    await healMissingColumns({
+      query: (sql) => this.query(sql),
+      tableName: table,
+      workspaceId: this.workspaceId,
+      columns,
+      log: log3
+    });
+  }
+  /** List all tables in the workspace (with retry). */
+  async listTables(forceRefresh = false) {
+    if (!forceRefresh && this._tablesCache)
+      return [...this._tablesCache];
+    const { tables, cacheable } = await this._fetchTables();
+    if (cacheable)
+      this._tablesCache = [...tables];
+    return tables;
+  }
+  async _fetchTables() {
+    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+      try {
+        const resp = await fetch(`${this.apiUrl}/workspaces/${this.workspaceId}/tables`, {
+          headers: {
+            Authorization: `Bearer ${this.token}`,
+            "X-Activeloop-Org-Id": this.orgId,
+            ...deeplakeClientHeader()
+          }
+        });
+        if (resp.ok) {
+          const data = await resp.json();
+          return {
+            tables: (data.tables ?? []).map((t) => t.table_name),
+            cacheable: true
+          };
+        }
+        if (attempt < MAX_RETRIES && RETRYABLE_CODES.has(resp.status)) {
+          await sleep2(BASE_DELAY_MS * Math.pow(2, attempt) + Math.random() * 200);
+          continue;
+        }
+        return { tables: [], cacheable: false };
+      } catch {
+        if (attempt < MAX_RETRIES) {
+          await sleep2(BASE_DELAY_MS * Math.pow(2, attempt));
+          continue;
+        }
+        return { tables: [], cacheable: false };
+      }
+    }
+    return { tables: [], cacheable: false };
+  }
+  /**
+   * Run a `CREATE TABLE` with an extra outer retry budget. The base
+   * `query()` already retries 3 times on fetch errors (~3.5s total), but a
+   * failed CREATE is permanent corruption — every subsequent SELECT against
+   * the missing table fails. Wrapping in an outer loop with longer backoff
+   * (2s, 5s, then 10s) gives us ~17s of reach across transient network
+   * blips before giving up. Failures still propagate; getApi() resets its
+   * cache on init failure (openclaw plugin) so the next call retries the
+   * whole init flow.
+   */
+  async createTableWithRetry(sql, label) {
+    const OUTER_BACKOFFS_MS = [2e3, 5e3, 1e4];
+    let lastErr = null;
+    for (let attempt = 0; attempt <= OUTER_BACKOFFS_MS.length; attempt++) {
+      try {
+        await this.query(sql);
+        return;
+      } catch (err) {
+        lastErr = err;
+        const msg = err instanceof Error ? err.message : String(err);
+        log3(`CREATE TABLE "${label}" attempt ${attempt + 1}/${OUTER_BACKOFFS_MS.length + 1} failed: ${msg}`);
+        if (attempt < OUTER_BACKOFFS_MS.length) {
+          await sleep2(OUTER_BACKOFFS_MS[attempt]);
+        }
+      }
+    }
+    throw lastErr;
+  }
+  /** Create the memory table if it doesn't already exist. Heal missing columns on existing tables. */
+  async ensureTable(name) {
+    if (!MEMORY_COLUMNS.some((c) => c.name === SUMMARY_EMBEDDING_COL)) {
+      throw new Error(`MEMORY_COLUMNS missing "${SUMMARY_EMBEDDING_COL}" (embeddings/columns.ts drift)`);
+    }
+    const tbl = sqlIdent(name ?? this.tableName);
+    const tables = await this.listTables();
+    if (!tables.includes(tbl)) {
+      log3(`table "${tbl}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(tbl, MEMORY_COLUMNS), tbl);
+      log3(`table "${tbl}" created`);
+      if (!tables.includes(tbl))
+        this._tablesCache = [...tables, tbl];
+    }
+    await this.healSchema(tbl, MEMORY_COLUMNS);
+  }
+  /** Create the sessions table (uses JSONB for message since every row is a JSON event). */
+  async ensureSessionsTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, SESSIONS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, SESSIONS_COLUMNS);
+    await this.ensureLookupIndex(safe, "path_creation_date", `("path", "creation_date")`);
+  }
+  /**
+   * Create the skills table.
+   *
+   * One row per skill version. Workers INSERT a fresh row on every KEEP /
+   * MERGE rather than UPDATE-ing in place, so the full version history is
+   * recoverable. Uniqueness in the *current* state is by (project_key, name)
+   * — newer rows shadow older ones at read time (ORDER BY version DESC).
+   * This sidesteps the Deeplake UPDATE-coalescing quirk that bit the wiki
+   * worker.
+   */
+  /**
+   * Create the codebase table. One row per (org, workspace, repo, user,
+   * worktree, commit) — see CODEBASE_COLUMNS for the schema. Healing
+   * + index follow the same pattern as ensureSessionsTable.
+   */
+  async ensureCodebaseTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, CODEBASE_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, CODEBASE_COLUMNS);
+    await this.ensureLookupIndex(safe, "codebase_identity", `("org_id", "workspace_id", "repo_slug", "user_id", "worktree_id", "commit_sha")`);
+  }
+  async ensureSkillsTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, SKILLS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, SKILLS_COLUMNS);
+    await this.ensureLookupIndex(safe, "project_key_name", `("project_key", "name")`);
+  }
+  /**
+   * Create the rules table.
+   *
+   * One row per rule version (same write pattern as skills): edits INSERT
+   * a fresh row with version+1, reads pick latest per rule_id via
+   * `ORDER BY version DESC LIMIT 1`. Sidesteps the Deeplake
+   * UPDATE-coalescing quirk by never UPDATEing.
+   */
+  async ensureRulesTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, RULES_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, RULES_COLUMNS);
+    await this.ensureLookupIndex(safe, "rule_id_version", `("rule_id", "version")`);
+  }
+  /**
+   * Create the tasks table.
+   *
+   * Same write pattern as rules + skills. `kpis` is a nullable JSONB
+   * column with the agent's KPI metadata; KPI current values come from
+   * `task_events` (SUM(value)), not this snapshot.
+   */
+  async ensureTasksTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, TASKS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, TASKS_COLUMNS);
+    await this.ensureLookupIndex(safe, "task_id_version", `("task_id", "version")`);
+  }
+  /**
+   * Create the task-events table.
+   *
+   * Append-only. Every INSERT is a fresh row; never UPDATE. KPI current
+   * value is `SUM(value) WHERE task_id=? AND kpi_id=?`. Index on
+   * (task_id, kpi_id) is the canonical aggregation key.
+   */
+  async ensureTaskEventsTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, TASK_EVENTS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, TASK_EVENTS_COLUMNS);
+    await this.ensureLookupIndex(safe, "task_id_kpi_id", `("task_id", "kpi_id")`);
+  }
+  /**
+   * Create the goals table.
+   *
+   * Backed by the VFS path convention memory/goal/<owner>/<status>/<goal_id>.md.
+   * INSERT-only version-bumped: rm and mv operations translate to fresh
+   * v=N+1 rows (status flips for mv → closed; rm is the same soft-close).
+   * The (goal_id, version) index lets the VFS dispatch a cheap latest-row
+   * read on cat / Read of a single goal.
+   */
+  async ensureGoalsTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, GOALS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, GOALS_COLUMNS);
+    await this.ensureLookupIndex(safe, "goal_id_version", `("goal_id", "version")`);
+    await this.ensureLookupIndex(safe, "owner_status", `("owner", "status")`);
+  }
+  /**
+   * Create the kpis table.
+   *
+   * Backed by memory/kpi/<goal_id>/<kpi_id>.md. KPI rows do NOT carry
+   * owner — ownership derives from the parent goal via logical join on
+   * goal_id. INSERT-only version-bumped. (goal_id, kpi_id) index is the
+   * canonical lookup the VFS uses on Read and Write.
+   */
+  async ensureKpisTable(name) {
+    const safe = sqlIdent(name);
+    const tables = await this.listTables();
+    if (!tables.includes(safe)) {
+      log3(`table "${safe}" not found, creating`);
+      await this.createTableWithRetry(buildCreateTableSql(safe, KPIS_COLUMNS), safe);
+      log3(`table "${safe}" created`);
+      if (!tables.includes(safe))
+        this._tablesCache = [...tables, safe];
+    }
+    await this.healSchema(safe, KPIS_COLUMNS);
+    await this.ensureLookupIndex(safe, "goal_id_kpi_id", `("goal_id", "kpi_id")`);
+  }
+};
+
+// dist/src/utils/repo-identity.js
+import { execSync } from "node:child_process";
+import { createHash } from "node:crypto";
+import { basename, resolve as resolve2 } from "node:path";
+var DEFAULT_PORTS = {
+  http: "80",
+  https: "443",
+  ssh: "22",
+  git: "9418"
+};
+function normalizeGitRemoteUrl(url) {
+  let s = url.trim();
+  const schemeMatch = s.match(/^([a-z][a-z0-9+.-]*):\/\//i);
+  const scheme = schemeMatch ? schemeMatch[1].toLowerCase() : null;
+  if (schemeMatch)
+    s = s.slice(schemeMatch[0].length);
+  if (!scheme) {
+    const scp = s.match(/^(?:[^@/\s]+@)?([^:/\s]+):(.+)$/);
+    if (scp)
+      s = `${scp[1]}/${scp[2]}`;
+  }
+  s = s.replace(/^[^@/]+@/, "");
+  if (scheme && DEFAULT_PORTS[scheme]) {
+    s = s.replace(new RegExp(`^([^/]+):${DEFAULT_PORTS[scheme]}(/|$)`), "$1$2");
+  }
+  s = s.replace(/\.git\/?$/i, "");
+  s = s.replace(/\/+$/, "");
+  return s.toLowerCase();
+}
+function deriveProjectKey(cwd) {
+  const absCwd = resolve2(cwd);
+  const project = basename(absCwd) || "unknown";
+  let signature = null;
+  try {
+    const raw = execSync("git config --get remote.origin.url", {
+      cwd: absCwd,
+      encoding: "utf-8",
+      stdio: ["ignore", "pipe", "ignore"]
+    }).trim();
+    signature = raw ? normalizeGitRemoteUrl(raw) : null;
+  } catch {
+  }
+  const input = signature ?? absCwd;
+  const key = createHash("sha1").update(input).digest("hex").slice(0, 16);
+  return { key, project };
+}
+
+// dist/src/graph/last-build.js
+import { existsSync as existsSync3, mkdirSync as mkdirSync4, readFileSync as readFileSync5, renameSync as renameSync2, writeFileSync as writeFileSync4 } from "node:fs";
+import { dirname, join as join6 } from "node:path";
+function lastBuildPath(baseDir, worktreeId) {
+  if (worktreeId !== void 0) {
+    return join6(baseDir, "worktrees", worktreeId, ".last-build.json");
+  }
+  return join6(baseDir, ".last-build.json");
+}
+function writeLastBuild(baseDir, state, worktreeId) {
+  const path = lastBuildPath(baseDir, worktreeId);
+  try {
+    mkdirSync4(dirname(path), { recursive: true });
+    const tmp = `${path}.tmp.${process.pid}.${Date.now()}`;
+    writeFileSync4(tmp, JSON.stringify(state));
+    renameSync2(tmp, path);
+  } catch {
+  }
+}
+function readLastBuild(baseDir, worktreeId) {
+  let path = lastBuildPath(baseDir, worktreeId);
+  if (!existsSync3(path)) {
+    if (worktreeId === void 0)
+      return null;
+    const legacy = lastBuildPath(baseDir, void 0);
+    if (!existsSync3(legacy))
+      return null;
+    path = legacy;
+  }
+  let raw;
+  try {
+    raw = readFileSync5(path, "utf8");
+  } catch {
+    return null;
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    return null;
+  }
+  if (parsed === null || typeof parsed !== "object")
+    return null;
+  const o = parsed;
+  if (typeof o.ts !== "number" || !Number.isFinite(o.ts))
+    return null;
+  if (o.commit_sha !== null && typeof o.commit_sha !== "string")
+    return null;
+  if (typeof o.snapshot_sha256 !== "string")
+    return null;
+  const out = { ts: o.ts, commit_sha: o.commit_sha, snapshot_sha256: o.snapshot_sha256 };
+  if (typeof o.node_count === "number" && Number.isFinite(o.node_count) && o.node_count >= 0) {
+    out.node_count = o.node_count;
+  }
+  if (typeof o.edge_count === "number" && Number.isFinite(o.edge_count) && o.edge_count >= 0) {
+    out.edge_count = o.edge_count;
+  }
+  return out;
+}
+
+// dist/src/graph/history.js
+import { appendFileSync as appendFileSync2, existsSync as existsSync4, mkdirSync as mkdirSync5, readFileSync as readFileSync6 } from "node:fs";
+import { dirname as dirname2, join as join7 } from "node:path";
+function historyPath(baseDir) {
+  return join7(baseDir, "history.jsonl");
+}
+function appendHistoryEntry(baseDir, entry) {
+  const path = historyPath(baseDir);
+  try {
+    mkdirSync5(dirname2(path), { recursive: true });
+    appendFileSync2(path, JSON.stringify(entry) + "\n");
+  } catch {
+  }
+}
+
+// dist/src/graph/snapshot.js
+import { createHash as createHash2 } from "node:crypto";
+import { mkdirSync as mkdirSync6, renameSync as renameSync3, writeFileSync as writeFileSync5 } from "node:fs";
+import { homedir as homedir5 } from "node:os";
+import { dirname as dirname3, join as join8 } from "node:path";
+function graphsRoot() {
+  return process.env.HIVEMIND_GRAPHS_HOME ?? join8(homedir5(), ".hivemind", "graphs");
+}
+function repoDir(repoKey) {
+  return join8(graphsRoot(), repoKey);
+}
+
+// dist/src/graph/deeplake-pull.js
+function workTreeIdFor(cwd) {
+  return createHash3("sha256").update(cwd).digest("hex").slice(0, 16);
+}
+async function pullSnapshot(cwd, deps = {}) {
+  if (process.env.HIVEMIND_GRAPH_PULL === "0") {
+    return { kind: "skipped-disabled" };
+  }
+  const config = (deps.loadConfig ?? loadConfig)();
+  if (config === null) {
+    return { kind: "skipped-no-auth" };
+  }
+  const head = (deps.readHead ?? defaultReadHead)(cwd);
+  if (head === null) {
+    return { kind: "skipped-no-head" };
+  }
+  const api = (deps.makeApi ?? defaultMakeApi)(config);
+  try {
+    await api.ensureCodebaseTable(config.codebaseTableName);
+  } catch (err) {
+    return errorOutcome("ensureCodebaseTable", err);
+  }
+  const tableId = sqlIdent(config.codebaseTableName);
+  const { key: repoKey } = deriveProjectKey(cwd);
+  const selectSql = `SELECT snapshot_jsonb, snapshot_sha256, ts, node_count, edge_count, branch, generator_version, worktree_id FROM "${tableId}" WHERE org_id = '${sqlStr(config.orgId)}' AND workspace_id = '${sqlStr(config.workspaceId)}' AND repo_slug = '${sqlStr(repoKey)}' AND user_id = '${sqlStr(config.userName)}' AND commit_sha = '${sqlStr(head)}' ORDER BY ts DESC LIMIT 1`;
+  let rows;
+  try {
+    rows = await api.query(selectSql);
+  } catch (err) {
+    return errorOutcome("SELECT cloud row", err);
+  }
+  if (rows.length === 0) {
+    return { kind: "no-cloud-row", commitSha: head };
+  }
+  const row = rows[0];
+  const cloudSha256 = String(row.snapshot_sha256 ?? "").trim();
+  const cloudPayload = coerceSnapshotPayload(row.snapshot_jsonb);
+  if (cloudPayload === null) {
+    return errorOutcome("SELECT cloud row", new Error("invalid snapshot_jsonb payload"));
+  }
+  if (cloudSha256 !== "") {
+    const computedSha = createHash3("sha256").update(cloudPayload).digest("hex");
+    if (cloudSha256 !== computedSha) {
+      return errorOutcome("SELECT cloud row", new Error(`snapshot_sha256 mismatch (expected ${cloudSha256}, got ${computedSha})`));
+    }
+  }
+  const cloudTs = parseTs(row.ts);
+  const baseDir = repoDir(repoKey);
+  const worktreeId = workTreeIdFor(cwd);
+  const local = readLastBuild(baseDir, worktreeId);
+  if (local !== null && local.commit_sha === head) {
+    if (cloudSha256 !== "" && local.snapshot_sha256 === cloudSha256) {
+      return { kind: "up-to-date", commitSha: head, snapshotSha256: cloudSha256 };
+    }
+    if (local.ts > cloudTs) {
+      return {
+        kind: "local-newer",
+        commitSha: head,
+        localTs: local.ts,
+        cloudTs
+      };
+    }
+  }
+  const snapshotsDir = join9(baseDir, "snapshots");
+  const snapshotPath = join9(snapshotsDir, `${head}.json`);
+  const worktreeRoot = join9(baseDir, "worktrees", worktreeId);
+  try {
+    writeFileAtomic(snapshotPath, cloudPayload);
+    writeFileAtomic(join9(worktreeRoot, "latest-commit.txt"), `${head}
+`);
+    writeLastBuild(baseDir, {
+      ts: cloudTs,
+      commit_sha: head,
+      snapshot_sha256: cloudSha256,
+      node_count: numOrUndefined(row.node_count),
+      edge_count: numOrUndefined(row.edge_count)
+    }, worktreeId);
+    appendHistoryEntry(baseDir, {
+      ts: new Date(cloudTs).toISOString(),
+      commit_sha: head,
+      snapshot_sha256: cloudSha256,
+      node_count: Number(row.node_count ?? 0),
+      edge_count: Number(row.edge_count ?? 0),
+      trigger: "pull"
+    });
+  } catch (err) {
+    return errorOutcome("write local files", err);
+  }
+  return {
+    kind: "pulled",
+    commitSha: head,
+    snapshotSha256: cloudSha256,
+    bytes: Buffer.byteLength(cloudPayload, "utf8"),
+    cloudTs,
+    sourceWorktreePath: String(row.worktree_id ?? "")
+  };
+}
+function defaultReadHead(cwd) {
+  try {
+    return execFileSync("git", ["rev-parse", "HEAD"], {
+      cwd,
+      encoding: "utf8",
+      stdio: ["ignore", "pipe", "ignore"]
+    }).trim();
+  } catch {
+    return null;
+  }
+}
+function defaultMakeApi(config) {
+  return new DeeplakeApi(config.token, config.apiUrl, config.orgId, config.workspaceId, config.tableName);
+}
+function parseTs(raw) {
+  if (typeof raw === "number" && Number.isFinite(raw)) {
+    return raw < 1e12 ? raw * 1e3 : raw;
+  }
+  if (typeof raw === "string") {
+    const parsed = Date.parse(raw);
+    return Number.isFinite(parsed) ? parsed : 0;
+  }
+  return 0;
+}
+function numOrUndefined(raw) {
+  if (typeof raw === "number" && Number.isFinite(raw) && raw >= 0)
+    return raw;
+  if (typeof raw === "string") {
+    const n = Number(raw);
+    if (Number.isFinite(n) && n >= 0)
+      return n;
+  }
+  return void 0;
+}
+function coerceSnapshotPayload(raw) {
+  if (typeof raw === "string")
+    return raw;
+  if (raw !== null && typeof raw === "object")
+    return JSON.stringify(raw);
+  return null;
+}
+function writeFileAtomic(filePath, contents) {
+  mkdirSync7(dirname4(filePath), { recursive: true });
+  const tmp = `${filePath}.tmp.${process.pid}.${Date.now()}`;
+  writeFileSync6(tmp, contents);
+  renameSync4(tmp, filePath);
+}
+function errorOutcome(stage, err) {
+  const message = err instanceof Error ? err.message : String(err);
+  return { kind: "error", message: `${stage}: ${message}` };
+}
+
+// dist/src/hooks/graph-pull-worker.js
+function getArg(name) {
+  const idx = process.argv.indexOf(name);
+  if (idx === -1 || idx + 1 >= process.argv.length)
+    return null;
+  return process.argv[idx + 1];
+}
+function workerTimeoutMs() {
+  const raw = process.env.HIVEMIND_GRAPH_PULL_TIMEOUT_MS;
+  if (raw === void 0)
+    return 3e4;
+  const n = parseInt(raw, 10);
+  return Number.isFinite(n) && n > 0 ? n : 3e4;
+}
+async function main() {
+  const cwd = getArg("--cwd") ?? process.cwd();
+  const t0 = Date.now();
+  const timeoutPromise = new Promise((resolve3) => {
+    setTimeout(() => resolve3("timeout"), workerTimeoutMs()).unref();
+  });
+  let logLine;
+  try {
+    const outcome = await Promise.race([pullSnapshot(cwd), timeoutPromise]);
+    if (outcome === "timeout") {
+      const dur2 = Date.now() - t0;
+      logLine = `[${(/* @__PURE__ */ new Date()).toISOString()}] timeout (${dur2}ms) \u2014 pullSnapshot did not return within ${workerTimeoutMs()}ms; forcing exit
+`;
+      try {
+        const { key } = deriveProjectKey(cwd);
+        const dir = repoDir(key);
+        mkdirSync8(dir, { recursive: true });
+        appendFileSync3(join10(dir, ".graph-pull.log"), logLine);
+      } catch {
+      }
+      process.exit(0);
+    }
+    const dur = Date.now() - t0;
+    const extras = [];
+    if (outcome.kind === "pulled") {
+      extras.push(`commit=${outcome.commitSha.slice(0, 7)}`);
+      extras.push(`bytes=${outcome.bytes}`);
+      extras.push(`sha256=${outcome.snapshotSha256.slice(0, 12)}`);
+    } else if (outcome.kind === "up-to-date") {
+      extras.push(`commit=${outcome.commitSha.slice(0, 7)}`);
+    } else if (outcome.kind === "local-newer") {
+      extras.push(`commit=${outcome.commitSha.slice(0, 7)}`);
+      extras.push(`localTs=${outcome.localTs}`);
+      extras.push(`cloudTs=${outcome.cloudTs}`);
+    } else if (outcome.kind === "no-cloud-row") {
+      extras.push(`commit=${outcome.commitSha.slice(0, 7)}`);
+    } else if (outcome.kind === "error") {
+      extras.push(outcome.message);
+    }
+    logLine = `[${(/* @__PURE__ */ new Date()).toISOString()}] ${outcome.kind} (${dur}ms)` + (extras.length ? ` \u2014 ${extras.join(" ")}` : "") + "\n";
+  } catch (err) {
+    const dur = Date.now() - t0;
+    logLine = `[${(/* @__PURE__ */ new Date()).toISOString()}] threw ${err instanceof Error ? err.message : String(err)} (${dur}ms)
+`;
+  }
+  try {
+    const { key } = deriveProjectKey(cwd);
+    const dir = repoDir(key);
+    mkdirSync8(dir, { recursive: true });
+    appendFileSync3(join10(dir, ".graph-pull.log"), logLine);
+  } catch {
+  }
+}
+main().catch(() => {
+  process.exit(0);
+});