@ijfw/install 1.3.0 → 1.3.2

package/CHANGELOG.md

@@ -1,5 +1,42 @@
 # Changelog
 
+## [1.3.2] -- 2026-05-15
+
+**Project-agnostic swarm orchestration + live visual workflow + richer Codex native surface.** Adds first-class Team Assembly, blackboard coordination, swarm task lifecycle, conservative git worktrees, recovery checkpoints, Superpowers-style live design previews, and Claude-parity Codex command aliases.
+
+- `ijfw design start/open/status/stop/push/clear` now runs a localhost visual companion with live reload, placeholder preview, and multi-file HTML support under `/design`.
+- `ijfw team init/status` creates project-specific agent charters and workflow manifests across software, design, content, book, research, business, and mixed projects.
+- `.ijfw/blackboard/` now provides runtime coordination: artifact claims, notes/findings/decisions/blockers, handoffs, prepared tasks, and append-only events.
+- `ijfw swarm plan/prepare/tasks/start/complete/block/ready/status` turns team workflows into artifact-aware parallel waves with explicit dependencies and review tasks.
+- `ijfw swarm prompt <task-id>` renders a scoped worker prompt for subagents, including artifact scope, dependencies, blockers, checks, blackboard commands, and non-revert rules.
+- Codex-native dispatch now covers `ijfw codex doctor`, `ijfw codex sync-agents`, `.codex/agents/*.toml` generation from Team Assembly, and `ijfw swarm prompt <task-id> --codex` for pasteable Codex worker/explorer dispatch.
+- `ijfw swarm worktree create/list/integrate/cleanup` adds conservative isolated git worktrees for in-progress code-heavy tasks, with no automatic conflict resolution.
+- `ijfw memory checkpoint <label>` and `ijfw recover status/latest` create durable workflow snapshots so project state can be recovered after context loss.
+- Workflow and team skills now include SWARM/PREPARE lifecycle guidance, review gates, worktree safety rules, and checkpoint expectations at stage transitions.
+- Codex now ships the same 22 IJFW command aliases as Claude, installs them to `~/.codex/commands` and project `.codex/commands` when applicable, and advertises `commands_dir` in the Codex plugin manifest.
+- The terminal CLI exposes the same command vocabulary as the agent surfaces: `ijfw cross audit <target>`, `ijfw cross-audit`, `ijfw workflow`, `ijfw memory-audit`, `ijfw ijfw-verify`, and related aliases all route through the shared IJFW command dispatcher.
+
+Files: `mcp-server/src/blackboard.js`, `mcp-server/src/team/`, `mcp-server/src/swarm/`, `mcp-server/src/recovery/`, `mcp-server/src/dashboard-server.js`, `mcp-server/src/cross-orchestrator-cli.js`, `installer/src/ijfw.js`, `shared/skills/ijfw-workflow/SKILL.md`, platform workflow/team/design skill mirrors, and related fixtures/tests.
+
+## [1.3.1] -- 2026-05-12
+
+**Codex hook cleanup + release cadence hardening.** Tightens IJFW's Codex integration for Codex 0.130+, reduces the default dependency footprint, and moves more release drift into automated gates before it reaches users.
+
+- Codex `SessionStart` now emits `additionalContext` inside `hookSpecificOutput` with `hookEventName: "SessionStart"`, matching Codex's strict hook response shape. This closes the `SessionStart hook (failed): hook returned invalid session start JSON output` error.
+- Codex `PostToolUse` is now stdout-silent. IJFW still records local observations and failure signals, but it no longer re-injects cleaned tool output as `systemMessage`, which Codex renders as visible hook warning spam.
+- Codex hook Node shims now pass user/tool text after `--`, so tool output beginning with `---` is treated as data instead of a Node CLI option. This closes the `node: bad option: ---` failure.
+- Codex `UserPromptSubmit` and `PreToolUse` advisory output now use the same `hookSpecificOutput.additionalContext` shape when they do emit context.
+- Codex `Stop` now stays stdout-silent on routine session saves. Normal receipts are written locally; only actionable compression notices can surface by default. This closes the `Stop hook (completed) warning: [ijfw] Session #... saved` noise.
+- Codex bundle tests now cover strict `SessionStart` JSON and silent `PostToolUse` behavior for both routine output and failure-looking output.
+- The shipped MCP server no longer installs `@xenova/transformers` by default. Cold semantic vectors are explicit opt-in and `IJFW_VECTORS` now defaults to `off`, keeping the production install smaller and quieter under package audits.
+- The preflight audit gate now runs against both `installer` and `mcp-server`, so server-side dependency drift is covered by the same release gate as the installer.
+- `ijfw preflight` now routes through the canonical 11-gate preflight entrypoint from both installer and MCP CLI paths instead of falling back to `scripts/check-all.sh`.
+- Platform capability drift is now gated by `platform-capabilities.json` plus `scripts/check-platform-drift.js`, covering skill counts, hook-event counts, and marketplace/plugin manifest claims.
+- Update-check changelog URLs now point at GitLab releases, matching the canonical repository.
+- D2 graph-write lock timeout handling now throws the intended `EBUSY_GRAPH_WRITE` error instead of tripping an undeclared variable path under collision.
+
+Files: `codex/.codex/hooks/session-start.sh`, `codex/.codex/hooks/post-tool-use.sh`, `codex/.codex/hooks/pre-prompt.sh`, `codex/.codex/hooks/pre-tool-use.sh`, `codex/.codex/hooks/session-end.sh`, `scripts/observation/test-envelope-invariant-codex.sh`, `mcp-server/test-codex-bundle.js`, `mcp-server/src/vectors.js`, `mcp-server/package.json`, `installer/src/preflight/gates/audit-ci.js`, `installer/src/preflight.js`, `mcp-server/src/cross-orchestrator-cli.js`, `mcp-server/src/compute/graph-lock.js`, `platform-capabilities.json`, `scripts/check-platform-drift.js`.
+
 ## [1.2.6] -- 2026-05-01
 
 **Token sandbox + parallel workflow dispatch + DeepSeek frontier upgrade.** A new `ijfw_run` MCP tool keeps large command output out of your context window entirely -- builds, test suites, grep runs, and log tails are sandboxed to disk and summarized in a few lines instead of flooding thousands of tokens. The `ijfw-workflow` execution engine gains a formal Wave Table that makes parallel agent dispatch deterministic rather than inferred. DeepSeek moves to `deepseek-v4-pro` -- the actual frontier model -- so the Trident gets Frontier AI checking Frontier AI.
@@ -640,7 +677,7 @@ Platform count: **8 install targets -> 13 MCP-integrated + 1 rules-only**. Same
 
 - `ijfw preflight` -- 11-gate quality pipeline covering shell lint, JS lint, security scan, secret detection, npm audit, dead-code detection, license check, pack-smoke, and upgrade-smoke.
 - Blocking vs advisory distinction: exit 0 when all blocking gates pass even if advisory warnings exist. Exit 1 on any blocking failure.
-- Each gate uses `npx --yes <tool>@<pinned-version>`. Pinned versions in `preflight-versions.json`. Missing tools report "skipped" with a positive install hint, not a failure.
+- Tool-backed gates use `npx --yes <tool>@<pinned-version>`. The dependency-audit gate uses `npm audit --json` directly against the package lockfiles. Pinned versions live in `preflight-versions.json`; missing tools report "skipped" with a positive install hint, not a failure.
 - Warm-cache SLO: <=90s. Cold-cache: <=240s. Both printed in the summary line.
 - `prepublishOnly` in `installer/package.json` now runs preflight before every publish so no tag can ship with a blocking gate open.
 

package/dist/ijfw.js

@@ -267,6 +267,17 @@ import { spawnSync as spawnSync3 } from "node:child_process";
 import { mkdtempSync, rmSync, writeFileSync } from "node:fs";
 import { join as join2 } from "node:path";
 import { tmpdir } from "node:os";
+function formatMessages(results, severity12) {
+  const out = [];
+  for (const file of results) {
+    for (const msg of file.messages || []) {
+      if (severity12 === "error" && msg.severity !== 2) continue;
+      if (severity12 === "warning" && msg.severity !== 1) continue;
+      out.push(`${file.filePath}:${msg.line}:${msg.column} ${msg.severity === 2 ? "error" : "warning"} ${msg.ruleId} -- ${msg.message}`);
+    }
+  }
+  return out;
+}
 async function run3(ctx) {
   const t0 = Date.now();
   const eslintVer = ctx.versions["eslint"] || "latest";
@@ -292,6 +303,7 @@ async function run3(ctx) {
 import security from '${join2(tmpDir, "node_modules", "eslint-plugin-security", "index.js").replace(/\\/g, "/")}';
 export default [
   {
+    linterOptions: { reportUnusedDisableDirectives: 'off' },
     files: ['installer/src/**/*.js', 'mcp-server/src/**/*.js'],
     plugins: { security },
     rules: ${JSON.stringify(RULES)},
@@ -303,13 +315,20 @@ export default [
     const eslintBin = join2(tmpDir, "node_modules", ".bin", "eslint");
     const res = spawnSync3(
       eslintBin,
-      ["--config", configPath, "installer/src/**/*.js", "mcp-server/src/**/*.js"],
+      ["--no-config-lookup", "--config", configPath, "--format", "json", "installer/src/**/*.js", "mcp-server/src/**/*.js"],
       { encoding: "utf8", cwd: ctx.repoRoot, timeout: 6e4 }
     );
     const durationMs = Date.now() - t0;
     const output = (res.stdout || "") + (res.stderr || "");
-    const lines = output.split("\n").filter(Boolean);
-    if (res.status === 0) {
+    let results = [];
+    try {
+      results = JSON.parse(res.stdout || "[]");
+    } catch {
+      results = [];
+    }
+    const errorCount = results.reduce((sum, file) => sum + (file.errorCount || 0), 0);
+    const warningCount = results.reduce((sum, file) => sum + (file.warningCount || 0), 0);
+    if (res.status === 0 && errorCount === 0 && warningCount === 0) {
       return {
         name: "eslint-security",
         status: "PASS",
@@ -318,20 +337,20 @@ export default [
         durationMs
       };
     }
-    if (res.status === 1) {
+    if (errorCount > 0 || res.status === 2) {
       return {
         name: "eslint-security",
-        status: "WARN",
-        message: "eslint-security: advisory warnings (review above)",
-        details: lines.slice(0, 30),
+        status: "FAIL",
+        message: `eslint-security: ${errorCount || "unknown"} security error(s) found`,
+        details: (formatMessages(results, "error").length ? formatMessages(results, "error") : output.split("\n").filter(Boolean)).slice(0, 30),
         durationMs
       };
     }
     return {
       name: "eslint-security",
-      status: "FAIL",
-      message: "eslint-security: security errors found (exit code 2)",
-      details: lines.slice(0, 30),
+      status: "WARN",
+      message: `eslint-security: ${warningCount} advisory warning(s)`,
+      details: (formatMessages(results, "warning").length ? formatMessages(results, "warning") : output.split("\n").filter(Boolean)).slice(0, 30),
       durationMs
     };
   } finally {
@@ -350,11 +369,7 @@ var init_eslint_security = __esm({
   "src/preflight/gates/eslint-security.js"() {
     RULES = {
       "security/detect-eval-with-expression": "error",
-      "security/detect-non-literal-fs-filename": "warn",
-      "security/detect-non-literal-regexp": "warn",
       "security/detect-non-literal-require": "warn",
-      "security/detect-object-injection": "warn",
-      "security/detect-possible-timing-attacks": "warn",
       "security/detect-pseudoRandomBytes": "error",
       "security/detect-unsafe-regex": "error"
     };
@@ -367,15 +382,15 @@ var init_eslint_security = __esm({
 // src/preflight/gates/psscriptanalyzer.js
 var psscriptanalyzer_exports = {};
 __export(psscriptanalyzer_exports, {
+  fallbackAnalyzePowerShellText: () => fallbackAnalyzePowerShellText,
   name: () => name4,
   parallel: () => parallel4,
   run: () => run4,
   severity: () => severity4
 });
 import { spawnSync as spawnSync4 } from "node:child_process";
-import { readdirSync as readdirSync2, statSync as statSync2 } from "node:fs";
+import { readFileSync, readdirSync as readdirSync2, statSync as statSync2 } from "node:fs";
 import { join as join3 } from "node:path";
-import { platform } from "node:os";
 function findPs1Files(dir, acc = []) {
   let entries;
   try {
@@ -397,6 +412,109 @@ function findPs1Files(dir, acc = []) {
   }
   return acc;
 }
+function stripPowerShellComments(source) {
+  let out = "";
+  let i = 0;
+  let inSingle = false;
+  let inDouble = false;
+  let inBlockComment = false;
+  while (i < source.length) {
+    const ch = source[i];
+    const next = source[i + 1];
+    if (inBlockComment) {
+      if (ch === "#" && next === ">") {
+        inBlockComment = false;
+        i += 2;
+      } else {
+        if (ch === "\n") out += "\n";
+        i += 1;
+      }
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "<" && next === "#") {
+      inBlockComment = true;
+      i += 2;
+      continue;
+    }
+    if (!inSingle && !inDouble && ch === "#") {
+      while (i < source.length && source[i] !== "\n") i += 1;
+      out += "\n";
+      continue;
+    }
+    out += ch;
+    if (!inDouble && ch === "'") inSingle = !inSingle;
+    else if (!inSingle && ch === '"' && source[i - 1] !== "`") inDouble = !inDouble;
+    i += 1;
+  }
+  return out;
+}
+function bracketIssues(source, file) {
+  const pairs = { "(": ")", "[": "]", "{": "}" };
+  const closers = new Set(Object.values(pairs));
+  const stack = [];
+  let inSingle = false;
+  let inDouble = false;
+  for (let i = 0; i < source.length; i++) {
+    const ch = source[i];
+    if (!inDouble && ch === "'") {
+      inSingle = !inSingle;
+      continue;
+    }
+    if (!inSingle && ch === '"' && source[i - 1] !== "`") {
+      inDouble = !inDouble;
+      continue;
+    }
+    if (inSingle || inDouble) continue;
+    if (pairs[ch]) stack.push({ ch, index: i });
+    else if (closers.has(ch)) {
+      const open = stack.pop();
+      if (!open || pairs[open.ch] !== ch) return [`${file}: unbalanced bracket near offset ${i}`];
+    }
+  }
+  if (inSingle || inDouble) return [`${file}: unterminated string literal`];
+  if (stack.length > 0) return [`${file}: unclosed bracket near offset ${stack[stack.length - 1].index}`];
+  return [];
+}
+function fallbackAnalyzePowerShellText(source, file = "<inline>") {
+  const stripped = stripPowerShellComments(source);
+  const issues = bracketIssues(stripped, file);
+  const banned = [
+    [/\bInvoke-Expression\b|\biex\b/i, "Invoke-Expression/iex dynamic execution"],
+    [/\bSet-ExecutionPolicy\b[\s\S]{0,80}\bBypass\b/i, "Set-ExecutionPolicy Bypass"],
+    [/\bStart-Process\b[\s\S]{0,160}\b-Verb\s+RunAs\b/i, "Start-Process -Verb RunAs elevation"],
+    [/\bNew-Object\s+Net\.WebClient\b|\bDownloadString\s*\(/i, "legacy WebClient/DownloadString network execution"]
+  ];
+  for (const [re2, label] of banned) {
+    if (re2.test(stripped)) issues.push(`${file}: banned PowerShell pattern: ${label}`);
+  }
+  return issues;
+}
+function runFallback(files, t0, reason) {
+  const issues = [];
+  for (const file of files) {
+    try {
+      issues.push(...fallbackAnalyzePowerShellText(readFileSync(file, "utf8"), file));
+    } catch (e) {
+      issues.push(`${file}: could not read script (${e.message || e})`);
+    }
+  }
+  if (issues.length > 0) {
+    return {
+      name: "psscriptanalyzer",
+      status: "FAIL",
+      message: `PowerShell fallback found issues in ${files.length} script(s)`,
+      details: [reason, ...issues].slice(0, 20),
+      durationMs: Date.now() - t0
+    };
+  }
+  return {
+    name: "psscriptanalyzer",
+    status: "PASS",
+    message: `${files.length} PowerShell script(s) clean (static fallback; ${reason})`,
+    details: [],
+    durationMs: Date.now() - t0
+  };
+}
 async function run4(ctx) {
   const t0 = Date.now();
   const files = findPs1Files(ctx.repoRoot);
@@ -411,14 +529,15 @@ async function run4(ctx) {
   }
   const which = spawnSync4("pwsh", ["--version"], { encoding: "utf8" });
   if (which.status === null || which.error) {
-    const isWin2 = platform() === "win32";
-    return {
-      name: "psscriptanalyzer",
-      status: isWin2 ? "FAIL" : "WARN",
-      message: isWin2 ? `pwsh not found -- ${files.length} .ps1 file(s) unchecked (install PowerShell)` : `pwsh not installed -- PSScriptAnalyzer skipped on non-Windows (runs in CI on windows-latest)`,
-      details: [`Files that would be checked: ${files.join(", ")}`],
-      durationMs: Date.now() - t0
-    };
+    return runFallback(files, t0, "pwsh unavailable");
+  }
+  const moduleCheck = spawnSync4(
+    "pwsh",
+    ["-NoProfile", "-NonInteractive", "-Command", "if (Get-Module -ListAvailable -Name PSScriptAnalyzer) { exit 0 } else { exit 3 }"],
+    { encoding: "utf8", cwd: ctx.repoRoot, timeout: 1e4 }
+  );
+  if (moduleCheck.status !== 0) {
+    return runFallback(files, t0, "PSScriptAnalyzer module unavailable");
   }
   const script = `
 $files = @(${files.map((f) => `'${f.replace(/'/g, "''")}'`).join(",")})
@@ -450,10 +569,9 @@ if ($found) { exit 1 } else { exit 0 }
     };
   }
   const lines = ((res.stdout || "") + (res.stderr || "")).split("\n").filter(Boolean);
-  const isWin = platform() === "win32";
   return {
     name: "psscriptanalyzer",
-    status: isWin ? "FAIL" : "WARN",
+    status: "FAIL",
     message: `PSScriptAnalyzer found issues in ${files.length} script(s)`,
     details: lines.slice(0, 20),
     durationMs
@@ -578,31 +696,66 @@ __export(audit_ci_exports, {
 });
 import { spawnSync as spawnSync7 } from "node:child_process";
 import { join as join4 } from "node:path";
+function parseAuditReport(output) {
+  const start = output.indexOf("{");
+  if (start === -1) return null;
+  try {
+    return JSON.parse(output.slice(start));
+  } catch {
+    return null;
+  }
+}
+function highCriticalCount(report) {
+  const vulns = report?.metadata?.vulnerabilities || {};
+  return Number(vulns.high || 0) + Number(vulns.critical || 0);
+}
+function vulnerableNames(report) {
+  const out = [];
+  for (const [name12, vuln] of Object.entries(report?.vulnerabilities || {})) {
+    const severity12 = String(vuln?.severity || "").toLowerCase();
+    if (severity12 === "high" || severity12 === "critical") out.push(`${name12}: ${severity12}`);
+  }
+  return out;
+}
 async function run7(ctx) {
   const t0 = Date.now();
-  const ver = ctx.versions["audit-ci"] || "latest";
-  const configPath = join4(ctx.repoRoot, ".audit-ci.jsonc");
-  const res = spawnSync7(
-    "npx",
-    ["--yes", `audit-ci@${ver}`, "--config", configPath],
-    {
-      encoding: "utf8",
-      cwd: join4(ctx.repoRoot, "installer"),
-      timeout: 6e4
-    }
-  );
+  const packageDirs = ["installer", "mcp-server"];
+  const runs = packageDirs.map((dir) => {
+    const res = spawnSync7(
+      "npm",
+      ["audit", "--audit-level=high", "--json"],
+      {
+        encoding: "utf8",
+        cwd: join4(ctx.repoRoot, dir),
+        timeout: 6e4
+      }
+    );
+    const output = (res.stdout || "") + (res.stderr || "");
+    const report = parseAuditReport(output);
+    const highCritical = highCriticalCount(report);
+    return { dir, status: res.status, output, report, highCritical };
+  });
   const durationMs = Date.now() - t0;
-  const output = (res.stdout || "") + (res.stderr || "");
-  const lines = output.split("\n").filter(Boolean);
-  if (res.status === 0) {
+  const failed = runs.filter((r) => !r.report || r.highCritical > 0);
+  if (failed.length === 0) {
     return {
       name: "audit-ci",
       status: "PASS",
-      message: "audit-ci: no high/critical vulnerabilities",
-      details: [],
+      message: "audit-ci: no high/critical vulnerabilities in installer or mcp-server",
+      details: runs.map((r) => `${r.dir}: pass`),
       durationMs
     };
   }
+  const lines = [];
+  for (const r of failed) {
+    if (!r.report) {
+      lines.push(`${r.dir}: audit report unavailable`);
+      lines.push(...r.output.split("\n").filter(Boolean).slice(0, 10));
+      continue;
+    }
+    lines.push(`${r.dir}: ${r.highCritical} high/critical advisory item(s)`);
+    lines.push(...vulnerableNames(r.report).slice(0, 10));
+  }
   return {
     name: "audit-ci",
     status: "FAIL",
@@ -879,7 +1032,7 @@ __export(upgrade_smoke_exports, {
   severity: () => severity11
 });
 import { spawnSync as spawnSync11 } from "node:child_process";
-import { mkdtempSync as mkdtempSync3, rmSync as rmSync3, mkdirSync as mkdirSync2, writeFileSync as writeFileSync3, readFileSync, existsSync as existsSync2 } from "node:fs";
+import { mkdtempSync as mkdtempSync3, rmSync as rmSync3, mkdirSync as mkdirSync2, writeFileSync as writeFileSync3, readFileSync as readFileSync2, existsSync as existsSync2 } from "node:fs";
 import { join as join7, resolve as resolve2 } from "node:path";
 import { tmpdir as tmpdir3 } from "node:os";
 async function run11(ctx) {
@@ -966,7 +1119,7 @@ async function run11(ctx) {
     if (existsSync2(settingsPath)) {
       let settings;
       try {
-        settings = JSON.parse(readFileSync(settingsPath, "utf8"));
+        settings = JSON.parse(readFileSync2(settingsPath, "utf8"));
       } catch (e) {
         return {
           name: "upgrade-smoke",
@@ -989,7 +1142,7 @@ async function run11(ctx) {
     }
     const marketplaceSrc = join7(installerDir, "src", "marketplace.js");
     if (existsSync2(marketplaceSrc)) {
-      const src = readFileSync(marketplaceSrc, "utf8");
+      const src = readFileSync2(marketplaceSrc, "utf8");
       const registersCorrectKey = src.includes("'ijfw@ijfw'") || src.includes('"ijfw@ijfw"');
       const registersWrongKey = /enabledPlugins\[['"]ijfw-core@ijfw['"]\]\s*=\s*true/.test(src);
       if (!registersCorrectKey) {
@@ -1044,8 +1197,8 @@ var preflight_exports = {};
 __export(preflight_exports, {
   runPreflightCommand: () => runPreflightCommand
 });
-import { readFileSync as readFileSync2, existsSync as existsSync3 } from "node:fs";
-import { join as join8, dirname } from "node:path";
+import { readFileSync as readFileSync3, existsSync as existsSync3 } from "node:fs";
+import { join as join8, dirname, resolve as resolve3 } from "node:path";
 import { fileURLToPath } from "node:url";
 function printHelp() {
   console.log(`
@@ -1088,7 +1241,7 @@ function loadVersions(repoRoot2) {
   for (const f of candidates) {
     if (existsSync3(f)) {
       try {
-        return JSON.parse(readFileSync2(f, "utf8"));
+        return JSON.parse(readFileSync3(f, "utf8"));
       } catch {
       }
     }
@@ -1144,11 +1297,24 @@ async function runPreflightCommand(argv, repoRoot2) {
   const report = await runPreflight(gates, ctx);
   process.exit(report.outcome === "pass" ? 0 : 1);
 }
+function defaultRepoRoot() {
+  let dir = __dirname;
+  for (let i = 0; i < 8; i++) {
+    if (existsSync3(join8(dir, "package.json")) && existsSync3(join8(dir, "mcp-server"))) return dir;
+    const next = resolve3(dir, "..");
+    if (next === dir) break;
+    dir = next;
+  }
+  return process.cwd();
+}
 var __dirname;
 var init_preflight = __esm({
-  "src/preflight.js"() {
+  async "src/preflight.js"() {
     init_runner();
     __dirname = dirname(fileURLToPath(import.meta.url));
+    if (process.argv[1] && resolve3(process.argv[1]) === fileURLToPath(import.meta.url)) {
+      await runPreflightCommand(process.argv, defaultRepoRoot());
+    }
   }
 });
 
@@ -2412,20 +2578,76 @@ Please report this to https://github.com/markedjs/marked.`, e) {
 });
 
 // src/ijfw.js
-import { dirname as dirname2, join as join9, resolve as resolve3, basename } from "node:path";
+import { dirname as dirname2, join as join9, resolve as resolve4, basename } from "node:path";
 import { fileURLToPath as fileURLToPath2 } from "node:url";
-import { existsSync as existsSync4, mkdirSync as mkdirSync3, copyFileSync, readdirSync as readdirSync4, rmSync as rmSync4, readFileSync as readFileSync3, writeFileSync as writeFileSync4 } from "node:fs";
-import { homedir, platform as platform2 } from "node:os";
+import { existsSync as existsSync4, mkdirSync as mkdirSync3, copyFileSync, readdirSync as readdirSync4, rmSync as rmSync4, readFileSync as readFileSync4, writeFileSync as writeFileSync4 } from "node:fs";
+import { homedir, platform } from "node:os";
 import { spawnSync as spawnSync12 } from "node:child_process";
 var __dirname2 = dirname2(fileURLToPath2(import.meta.url));
 function repoRoot() {
   let dir = __dirname2;
   for (let i = 0; i < 6; i++) {
     if (existsSync4(join9(dir, "package.json")) && existsSync4(join9(dir, ".git"))) return dir;
-    dir = resolve3(dir, "..");
+    dir = resolve4(dir, "..");
   }
   return process.cwd();
 }
+function findInternalAsset(...rel) {
+  const root = repoRoot();
+  const ijfwHome = join9(homedir(), ".ijfw");
+  const candidates = [join9(root, ...rel), join9(ijfwHome, ...rel)];
+  return candidates.find((p) => existsSync4(p)) || null;
+}
+function readDashboardPort() {
+  const portFile = join9(homedir(), ".ijfw", "dashboard.port");
+  try {
+    const port = Number.parseInt(readFileSync4(portFile, "utf8").trim(), 10);
+    return Number.isFinite(port) ? port : 37891;
+  } catch {
+    return 37891;
+  }
+}
+function openBrowser(url) {
+  if (process.env.CI || process.env.NO_OPEN) return;
+  const r = platform() === "darwin" ? spawnSync12("open", [url], { stdio: "ignore" }) : platform() === "win32" ? spawnSync12("cmd", ["/c", "start", "", url], { stdio: "ignore", shell: false }) : spawnSync12("xdg-open", [url], { stdio: "ignore" });
+  return r.status ?? 0;
+}
+var ORCHESTRATOR_COMMANDS = /* @__PURE__ */ new Set([
+  "update",
+  "statusline",
+  "config",
+  "insight",
+  "blackboard",
+  "team",
+  "swarm",
+  "codex",
+  "recover",
+  "memory",
+  "cross",
+  "status",
+  "demo",
+  "import",
+  "receipt",
+  "--purge-receipts",
+  "workflow",
+  "handoff",
+  "compress",
+  "consolidate",
+  "cross-audit",
+  "cross-critique",
+  "cross-research",
+  "ijfw-audit",
+  "ijfw-execute",
+  "ijfw-help",
+  "ijfw-plan",
+  "ijfw-ship",
+  "ijfw-verify",
+  "memory-audit",
+  "memory-consent",
+  "memory-why",
+  "metrics",
+  "mode"
+]);
 function printHelp2() {
   console.log(`
 ijfw -- the AI efficiency layer
@@ -2437,9 +2659,15 @@ COMMANDS
   install     Install IJFW into your AI coding agents
   uninstall   Remove IJFW from your AI coding agents
   help        Open the full IJFW guide (terminal, or --browser for rendered)
-  preflight   Run 12-gate quality pipeline before publishing
+  preflight   Run 11-gate quality pipeline before publishing
   dashboard   Start / stop / check the local observability dashboard
-  design      Manage the visual design companion
+  design      Manage live previews and durable design intelligence
+  blackboard  Coordinate project-local swarm state and artifact claims
+  codex       Check and sync Codex-native IJFW surfaces
+  team        Assemble project agents, charter, and workflow manifest
+  swarm       Plan, prepare, and track artifact-aware parallel work
+  recover     Show latest checkpoint and next recovery step
+  cross       Run Trident audit/research/critique, e.g. ijfw cross audit README.md
   doctor      Diagnose IJFW installation health
 
   --help, -h  Show this help
@@ -2477,7 +2705,7 @@ async function main() {
     if (delegateToCli(argv.slice(2))) return;
     try {
       const pkgPath = join9(__dirname2, "..", "package.json");
-      const pkg = JSON.parse(readFileSync3(pkgPath, "utf8"));
+      const pkg = JSON.parse(readFileSync4(pkgPath, "utf8"));
       console.log(`@ijfw/install@${pkg.version || "unknown"}`);
       if (verbose) {
         console.log("  (full --verbose details require a completed install: run ijfw install)");
@@ -2487,44 +2715,41 @@ async function main() {
     }
     process.exit(0);
   }
-  if (sub === "update" || sub === "statusline" || sub === "config" || sub === "insight") {
+  if (ORCHESTRATOR_COMMANDS.has(sub)) {
     if (delegateToCli(argv.slice(2))) return;
     console.error(`'ijfw ${sub}' requires a completed IJFW install. Run: ijfw install`);
     process.exit(1);
   }
+  if (sub === "doctor" && findCli()) {
+    if (delegateToCli(argv.slice(2))) return;
+  }
   switch (sub) {
     case "install": {
-      const installBin = resolve3(__dirname2, "..", "dist", "install.js");
+      const installBin = resolve4(__dirname2, "..", "dist", "install.js");
       const r = spawnSync12("node", [installBin, ...argv.slice(3)], { stdio: "inherit" });
       process.exit(r.status ?? 1);
       break;
     }
     case "uninstall": {
-      const uninstallBin = resolve3(__dirname2, "..", "dist", "uninstall.js");
+      const uninstallBin = resolve4(__dirname2, "..", "dist", "uninstall.js");
       const r = spawnSync12("node", [uninstallBin, ...argv.slice(3)], { stdio: "inherit" });
       process.exit(r.status ?? 1);
       break;
     }
     case "preflight": {
-      const { runPreflightCommand: runPreflightCommand2 } = await Promise.resolve().then(() => (init_preflight(), preflight_exports));
+      const { runPreflightCommand: runPreflightCommand2 } = await init_preflight().then(() => preflight_exports);
       await runPreflightCommand2([argv[0], argv[1], ...argv.slice(3)], repoRoot());
       break;
     }
     case "dashboard": {
       const dashSub = argv[3];
-      const root = repoRoot();
-      const ijfwHome = join9(homedir(), ".ijfw");
-      const findInTree = (...rel) => {
-        const candidates = [join9(root, ...rel), join9(ijfwHome, ...rel)];
-        return candidates.find((p) => existsSync4(p)) || null;
-      };
       if (dashSub === "start" || dashSub === "stop" || dashSub === "status") {
-        const dashBin = findInTree("mcp-server", "bin", "ijfw-dashboard");
+        const dashBin = findInternalAsset("mcp-server", "bin", "ijfw-dashboard");
         if (dashBin) {
           const r = spawnSync12("node", [dashBin, dashSub, ...argv.slice(4)], { stdio: "inherit" });
           process.exit(r.status ?? 0);
         } else {
-          const serverJs = findInTree("mcp-server", "src", "dashboard-server.js");
+          const serverJs = findInternalAsset("mcp-server", "src", "dashboard-server.js");
           if (dashSub === "start" && serverJs) {
             const { spawn } = await import("node:child_process");
             const child = spawn(process.execPath, [serverJs, "start", "--daemon"], {
@@ -2539,7 +2764,7 @@ async function main() {
           process.exit(1);
         }
       } else if (dashSub === "render" || !dashSub) {
-        const binJs = findInTree("scripts", "dashboard", "bin.js");
+        const binJs = findInternalAsset("scripts", "dashboard", "bin.js");
         if (binJs) {
           const r = spawnSync12("node", [binJs, ...argv.slice(dashSub ? 4 : 3)], { stdio: "inherit" });
           process.exit(r.status ?? 0);
@@ -2555,30 +2780,72 @@ async function main() {
     }
     case "design": {
       const designSub = argv[3];
+      const durableDesign = ["init", "plan", "audit", "critique", "polish", "normalize", "bolder", "quieter", "handoff"];
+      if (durableDesign.includes(designSub)) {
+        if (delegateToCli(argv.slice(2))) return;
+        console.error(`'ijfw design ${designSub}' requires a completed IJFW install. Run: ijfw install`);
+        process.exit(1);
+      }
       const contentDir = join9(homedir(), ".ijfw", "design-companion", "content");
       mkdirSync3(contentDir, { recursive: true });
-      if (designSub === "push") {
-        const filePath = argv[4];
-        if (!filePath) {
-          console.error("Usage: ijfw design push <file.html>");
+      if (designSub === "start" || designSub === "open") {
+        const dashBin = findInternalAsset("mcp-server", "bin", "ijfw-dashboard");
+        if (!dashBin) {
+          console.error("[ijfw] Design companion server not found. Run `ijfw-install` to deploy ~/.ijfw/, or run from the IJFW repo root.");
+          process.exit(1);
+        }
+        const noOpen = argv.slice(4).includes("--no-open");
+        const r = spawnSync12("node", [dashBin, "start", "--no-open"], { stdio: designSub === "start" ? "inherit" : "ignore" });
+        if ((r.status ?? 1) !== 0) process.exit(r.status ?? 1);
+        const url = `http://localhost:${readDashboardPort()}/design`;
+        if (!noOpen) openBrowser(url);
+        console.log(`Design companion running at ${url}`);
+      } else if (designSub === "status") {
+        const dashBin = findInternalAsset("mcp-server", "bin", "ijfw-dashboard");
+        if (!dashBin) {
+          console.error("[ijfw] Design companion server not found. Run `ijfw-install` to deploy ~/.ijfw/, or run from the IJFW repo root.");
+          process.exit(1);
+        }
+        const r = spawnSync12("node", [dashBin, "status"], { stdio: "inherit" });
+        if ((r.status ?? 1) === 0) console.log(`Design companion URL: http://localhost:${readDashboardPort()}/design`);
+        process.exit(r.status ?? 0);
+      } else if (designSub === "stop") {
+        const dashBin = findInternalAsset("mcp-server", "bin", "ijfw-dashboard");
+        if (!dashBin) {
+          console.error("[ijfw] Design companion server not found. Run `ijfw-install` to deploy ~/.ijfw/, or run from the IJFW repo root.");
           process.exit(1);
         }
-        const abs = resolve3(filePath);
-        if (!existsSync4(abs)) {
-          console.error(`File not found: ${abs}`);
+        const r = spawnSync12("node", [dashBin, "stop"], { stdio: "inherit" });
+        process.exit(r.status ?? 0);
+      } else if (designSub === "push") {
+        const filePaths = argv.slice(4);
+        if (filePaths.length === 0) {
+          console.error("Usage: ijfw design push <file.html> [more.html ...]");
           process.exit(1);
         }
-        const dest = join9(contentDir, basename(abs));
-        copyFileSync(abs, dest);
-        console.log(`Design pushed: ${dest}`);
+        for (const filePath of filePaths) {
+          const abs = resolve4(filePath);
+          if (!abs.toLowerCase().endsWith(".html")) {
+            console.error("Design companion accepts standalone .html files.");
+            process.exit(1);
+          }
+          if (!existsSync4(abs)) {
+            console.error(`File not found: ${abs}`);
+            process.exit(1);
+          }
+          const dest = join9(contentDir, basename(abs));
+          copyFileSync(abs, dest);
+          console.log(`Design pushed: ${dest}`);
+        }
+        console.log(`Preview: http://localhost:${readDashboardPort()}/design`);
       } else if (designSub === "clear") {
         const files = readdirSync4(contentDir);
         for (const f of files) rmSync4(join9(contentDir, f), { force: true });
         console.log("Design companion content cleared.");
       } else {
-        console.log("ijfw design -- Manage the visual design companion. Push HTML mockups for live preview.");
+        console.log("ijfw design -- Manage live preview and durable design intelligence.");
         console.log("");
-        console.log("Usage: ijfw design push <file.html> | ijfw design clear");
+        console.log("Usage: ijfw design start [--no-open] | open | status | stop | push <file.html> [more.html ...] | clear | init|plan|audit|critique|polish|normalize|bolder|quieter|handoff");
         process.exit(1);
       }
       break;
@@ -2587,7 +2854,7 @@ async function main() {
       const wantsBrowser = argv.slice(3).includes("--browser");
       const candidates = [
         join9(repoRoot(), "docs", "GUIDE.md"),
-        resolve3(__dirname2, "..", "docs", "GUIDE.md"),
+        resolve4(__dirname2, "..", "docs", "GUIDE.md"),
         join9(homedir(), ".ijfw", "docs", "GUIDE.md")
       ];
       const guidePath = candidates.find((p) => existsSync4(p));
@@ -2605,7 +2872,7 @@ async function main() {
             copyFileSync(join9(assetsSrc, f), join9(outDir, "assets", f));
           }
         }
-        const md = readFileSync3(guidePath, "utf8").replace(/\(guide\/assets\//g, "(assets/");
+        const md = readFileSync4(guidePath, "utf8").replace(/\(guide\/assets\//g, "(assets/");
         const rendered = marked.parse(md, { gfm: true, breaks: false });
         const html = `<!doctype html>
 <html lang="en"><head>
@@ -2624,7 +2891,7 @@ async function main() {
 </head><body><div class="wrap markdown-body">${rendered}</div></body></html>`;
         const outHtml = join9(outDir, "index.html");
         writeFileSync4(outHtml, html);
-        const opener = platform2() === "darwin" ? "open" : platform2() === "win32" ? "start" : "xdg-open";
+        const opener = platform() === "darwin" ? "open" : platform() === "win32" ? "start" : "xdg-open";
         spawnSync12(opener, [outHtml], { stdio: "ignore", detached: true });
         console.log(`[ijfw] Guide opened in your browser.`);
         console.log(`       Local copy: ${outHtml}`);
@@ -2634,10 +2901,10 @@ async function main() {
       if (hasLess) {
         const lessRes = spawnSync12("less", ["-R", guidePath], { stdio: "inherit" });
         if (lessRes.status !== 0 && lessRes.status !== null) {
-          process.stdout.write(readFileSync3(guidePath, "utf8"));
+          process.stdout.write(readFileSync4(guidePath, "utf8"));
         }
       } else {
-        process.stdout.write(readFileSync3(guidePath, "utf8"));
+        process.stdout.write(readFileSync4(guidePath, "utf8"));
       }
       process.exit(0);
       break;

package/dist/install.js

@@ -385,7 +385,7 @@ function mergeYamlPluginsEnabled(dst, pluginName, ts) {
     if (inPluginsBlock) {
       if (/^\S/.test(line) && line.trim() !== "") {
         inPluginsBlock = false;
-      } else if (/^\s+enabled:\s*(\[\s*\])?\s*$/.test(line) || /^\s+enabled:\s*\[.*\]\s*$/.test(line)) {
+      } else if (isIndentedEnabledLine(line)) {
         enabledLineIdx = i;
       } else if (enabledLineIdx >= 0 && itemRe.test(line)) {
         alreadyListed = true;
@@ -423,6 +423,11 @@ function mergeYamlPluginsEnabled(dst, pluginName, ts) {
   outText += "# IJFW-PLUGINS-END\n";
   writeAtomic(dst, outText, { mode: 384 });
 }
+function isIndentedEnabledLine(line) {
+  if (!line || !/\s/.test(line[0])) return false;
+  const trimmed = line.trim();
+  return trimmed === "enabled:" || trimmed === "enabled: []" || trimmed.startsWith("enabled: [") && trimmed.endsWith("]");
+}
 function opencodeMerge(dst, serverJs, ts) {
   mkdirSync2(dirname3(dst), { recursive: true });
   if (ts) backup(dst, ts);
@@ -759,6 +764,12 @@ async function installCodex(ctx) {
   for (const sd of listSubdirs(repoSkills)) {
     copyDirIfAbsent(sd.path, join4(userSkills, sd.name));
   }
+  const userCommands = join4(ctx.home, ".codex", "commands");
+  ensureDir(userCommands);
+  const repoCommands = join4(ctx.repoRoot, "codex", "commands");
+  for (const f of listFiles(repoCommands, ".md")) {
+    copyIfAbsent(f.path, join4(userCommands, f.name));
+  }
   const cwd = ctx.cwd || process.cwd();
   if (existsSync4(join4(cwd, ".codex", "config.toml")) || existsSync4(join4(cwd, ".ijfw"))) {
     const projSkills = join4(cwd, ".codex", "skills");
@@ -766,8 +777,13 @@ async function installCodex(ctx) {
     for (const sd of listSubdirs(repoSkills)) {
       copyDirIfAbsent(sd.path, join4(projSkills, sd.name));
     }
+    const projCommands = join4(cwd, ".codex", "commands");
+    ensureDir(projCommands);
+    for (const f of listFiles(repoCommands, ".md")) {
+      copyIfAbsent(f.path, join4(projCommands, f.name));
+    }
   }
-  ctx.log.ok("Installed Codex bundle: MCP + hooks + 15 skills + context");
+  ctx.log.ok("Installed Codex bundle: MCP + hooks + 19 skills + 22 command aliases + context");
   return { status: "ok" };
 }
 async function installGemini(ctx) {
@@ -832,7 +848,7 @@ async function installGemini(ctx) {
   for (const f of listFiles(agentSrc, ".md")) {
     copyIfAbsent(f.path, join4(extDst, "agents", f.name));
   }
-  ctx.log.ok("Installed Gemini bundle: MCP + extension + 15 skills + 11 hooks + policy");
+  ctx.log.ok("Installed Gemini bundle: MCP + extension + 19 skills + 11 hooks + policy");
   return { status: "ok" };
 }
 async function installWayland(ctx) {
@@ -2048,14 +2064,12 @@ function cloneOrPull(dir, branch) {
     else if (remoteSignal) console.warn(`  git exited on signal ${remoteSignal}`);
     else if (remoteStatus !== 0 && remoteStderr) console.warn(`  git remote get-url: ${remoteStderr.slice(0, 120).trim()}`);
     if (remoteStatus === 0) {
-      const STALE_ORIGINS = [
-        "https://github.com/seandonahoe/ijfw.git",
-        "https://github.com/seandonahoe/ijfw",
-        "https://github.com/seandonahoe/ijfw/",
-        "https://github.com/seandonahoe/ijfw.git/"
+      const STALE_PATTERNS = [
+        /^https:\/\/github\.com\/seandonahoe\/ijfw(\.git)?\/?$/i,
+        /^https:\/\/github\.com\/therealseandonahoe\/ijfw(\.git)?\/?$/i
       ];
       const currentOrigin = (stdout || "").trim();
-      if (STALE_ORIGINS.includes(currentOrigin)) {
+      if (STALE_PATTERNS.some((re) => re.test(currentOrigin))) {
         const setUrl = spawnSync2("git", ["-C", dir, "remote", "set-url", "origin", DEFAULT_REPO], { stdio: "inherit" });
         if (setUrl.status !== 0) {
           console.warn(`  [!] origin migration failed -- could not repoint ${currentOrigin} to ${DEFAULT_REPO}`);

package/dist/uninstall.js

@@ -241,9 +241,11 @@ import os; os.replace(p + ".tmp", p)
     return true;
   }
   const stripped = raw.replace(
+    // eslint-disable-next-line security/detect-unsafe-regex -- raw is a small local YAML config file; pattern is line-anchored to the IJFW-owned block.
     /^  ijfw-memory:\n(?:    .*\n)*(?:# IJFW-MCP-END ijfw-memory\n)?/m,
     ""
   ).replace(
+    // eslint-disable-next-line security/detect-unsafe-regex -- raw is a small local YAML config file; pattern is bounded by exact IJFW sentinel markers.
     /# IJFW-MCP-BEGIN ijfw-memory\n(?:.*\n)*?# IJFW-MCP-END ijfw-memory\n/,
     ""
   );
@@ -263,6 +265,42 @@ function removeIjfwSkills(dir) {
   }
   return count;
 }
+var CODEX_COMMAND_FILES = [
+  "compress.md",
+  "consolidate.md",
+  "cross-audit.md",
+  "cross-critique.md",
+  "cross-research.md",
+  "doctor.md",
+  "handoff.md",
+  "ijfw-audit.md",
+  "ijfw-execute.md",
+  "ijfw-help.md",
+  "ijfw-plan.md",
+  "ijfw-ship.md",
+  "ijfw-verify.md",
+  "ijfw.md",
+  "memory-audit.md",
+  "memory-consent.md",
+  "memory-why.md",
+  "metrics.md",
+  "mode.md",
+  "status.md",
+  "team.md",
+  "workflow.md"
+];
+function removeCodexCommands(dir) {
+  if (!existsSync2(dir)) return 0;
+  let count = 0;
+  for (const name of CODEX_COMMAND_FILES) {
+    const path = join2(dir, name);
+    if (existsSync2(path)) {
+      rmSync(path, { force: true });
+      count++;
+    }
+  }
+  return count;
+}
 function cleanPlatforms() {
   const removed = [];
   if (removeTomlSection(join2(HOME, ".codex", "config.toml"))) {
@@ -273,6 +311,8 @@ function cleanPlatforms() {
   }
   const codexSkills = removeIjfwSkills(join2(HOME, ".codex", "skills"));
   if (codexSkills > 0) removed.push(`~/.codex/skills/ijfw-*  (removed ${codexSkills} skill dirs)`);
+  const codexCommands = removeCodexCommands(join2(HOME, ".codex", "commands"));
+  if (codexCommands > 0) removed.push(`~/.codex/commands  (removed ${codexCommands} IJFW command aliases)`);
   const codexMd = join2(HOME, ".codex", "IJFW.md");
   if (existsSync2(codexMd)) {
     rmSync(codexMd, { force: true });

package/docs/GUIDE.md

@@ -172,7 +172,7 @@ Run `/team setup` in Claude Code, or `ijfw team` from the shell, to see your cur
 |------|-------|--------------|
 | Hot  | Plain markdown in `.ijfw/memory/` | Always on. Instant reads. Git friendly. |
 | Warm | BM25 ranked search | Always on. Scales to around 10,000 entries per project. |
-| Cold | Optional semantic vectors | Only if you install `@xenova/transformers`. Off by default. |
+| Cold | Optional semantic vectors | Off by default. Requires a user-installed embedding provider. |
 
 Every session also ends with an optional "dream cycle". Run `/consolidate` or "run a dream cycle" to have IJFW sweep the day's memory: promote observed patterns into your knowledge base, prune stale entries, reconcile contradictions, optionally lift winners into global memory so every future project benefits. Memory that grows sharper over time instead of heavier.
 
@@ -359,9 +359,9 @@ IJFW configures six AI coding agents with native affordances on each, plus a uni
 
 | Platform | What ships |
 |----------|------------|
-| Claude Code | Native plugin via marketplace, MCP auto-registered, 9 hooks, 20 on-demand skills, 21 slash commands |
-| Codex CLI | Native plugin (`.codex-plugin/plugin.json`), 20 skills, 9 hooks, MCP registered, marketplace-ready |
-| Gemini CLI | Native extension (`gemini-extension.json`), 20 skills, 11 hook events, 21 TOML slash commands, policy engine, BeforeModel injection, checkpointing |
+| Claude Code | Native plugin via marketplace, MCP auto-registered, 6 hook events / 12 scripts, 22 on-demand skills, 22 slash commands |
+| Codex CLI | Native plugin (`.codex-plugin/plugin.json`), 19 skills, 5 hook events, MCP registered, marketplace-ready |
+| Gemini CLI | Native extension (`gemini-extension.json`), 19 skills, 11 hook events, 19 TOML slash commands, policy engine, BeforeModel injection, checkpointing |
 | Cursor | `.cursor/mcp.json` plus `.cursor/rules/ijfw.mdc`. Dashboard view-only. |
 | Windsurf | `~/.codeium/windsurf/mcp_config.json` plus `.windsurfrules`. Dashboard view-only. |
 | Copilot (VS Code) | `.vscode/mcp.json` plus `.github/copilot-instructions.md`. Dashboard view-only. |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ijfw/install",
-  "version": "1.3.0",
+  "version": "1.3.2",
   "description": "One-command installer for IJFW -- the AI efficiency layer. One install, every AI coding agent, zero config.",
   "type": "module",
   "bin": {
@@ -55,7 +55,6 @@
     "url": "git+https://gitlab.com/therealseandonahoe/ijfw.git"
   },
   "publishConfig": {
-    "access": "public",
-    "provenance": true
+    "access": "public"
   }
 }