@lumoai/cli 1.39.0 → 1.41.0

package/dist/cli/src/lib/memory-reconcile.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.diffSync = diffSync;
+/**
+ * Pure reconcile: given the owned local files and the server bundle, classify
+ * each into add / update / remove / skipDrift. Idempotent — identical state
+ * yields empty add/update/remove. A locally-edited owned file (drift) is never
+ * an update or remove; it is reported as skipDrift so the dev's edit survives
+ * (and becomes a P3 upsync candidate).
+ */
+function diffSync(owned, bundle) {
+    const ownedById = new Map(owned.map(o => [o.id, o]));
+    const bundleById = new Map(bundle.map(b => [b.id, b]));
+    const add = bundle.filter(b => !ownedById.has(b.id));
+    const remove = [];
+    const update = [];
+    const skipDrift = [];
+    for (const o of owned) {
+        const b = bundleById.get(o.id);
+        if (o.diskHash !== o.contentHash) {
+            // locally edited → protect it regardless of whether the server changed
+            skipDrift.push(o.id);
+            continue;
+        }
+        if (!b) {
+            remove.push(o.id);
+            continue;
+        }
+        if (b.contentHash !== o.contentHash)
+            update.push(b);
+    }
+    return { add, update, remove, skipDrift };
+}

package/dist/cli/src/lib/sync-throttle.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readThrottleState = readThrottleState;
+exports.writeThrottleState = writeThrottleState;
+exports.clearThrottleState = clearThrottleState;
+exports.throttleHours = throttleHours;
+exports.isThrottled = isThrottled;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const STATE_FILE = '.lumo-sync.json';
+const DEFAULT_HOURS = 12;
+function statePath(dir) {
+    return (0, node_path_1.join)(dir, STATE_FILE);
+}
+/** Read the throttle state; null on missing / unreadable / malformed file. */
+function readThrottleState(dir) {
+    const p = statePath(dir);
+    if (!(0, node_fs_1.existsSync)(p))
+        return null;
+    try {
+        const parsed = JSON.parse((0, node_fs_1.readFileSync)(p, 'utf8'));
+        if (typeof parsed.lastSyncAt === 'string' &&
+            typeof parsed.projectId === 'string') {
+            return { lastSyncAt: parsed.lastSyncAt, projectId: parsed.projectId };
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+/** Best-effort write of the throttle state. Never throws. */
+function writeThrottleState(dir, state, 
+// accepted for signature symmetry with the caller; not otherwise needed.
+_now = new Date()) {
+    try {
+        (0, node_fs_1.writeFileSync)(statePath(dir), JSON.stringify(state) + '\n');
+    }
+    catch {
+        // best-effort — a missing dir or read-only fs just means no throttle next time
+    }
+}
+/** Remove the throttle state file (used by `memory sync --clean`). Never throws. */
+function clearThrottleState(dir) {
+    try {
+        (0, node_fs_1.rmSync)(statePath(dir), { force: true });
+    }
+    catch {
+        // best-effort
+    }
+}
+/** The throttle window in hours: LUMO_SYNC_THROTTLE_HOURS or the 12h default. */
+function throttleHours() {
+    const raw = process.env.LUMO_SYNC_THROTTLE_HOURS;
+    if (!raw)
+        return DEFAULT_HOURS;
+    const n = Number(raw);
+    return Number.isFinite(n) && n > 0 ? n : DEFAULT_HOURS;
+}
+/**
+ * True when a fresh sync for `projectId` exists within `hours` of `now`. A null
+ * state, a different project, or a stale timestamp all return false (sync runs).
+ */
+function isThrottled(state, now, hours, projectId) {
+    if (!state || state.projectId !== projectId)
+        return false;
+    const last = Date.parse(state.lastSyncAt);
+    if (!Number.isFinite(last))
+        return false;
+    return now.getTime() - last < hours * 3600_000;
+}

package/dist/cli/src/lib/upsync.js

@@ -0,0 +1,50 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.collectUpsyncCandidates = collectUpsyncCandidates;
+exports.projectMemoriesEndpoint = projectMemoriesEndpoint;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const OUTBOX_DIR = 'outbox';
+/**
+ * Collect upsync candidates from `<root>/outbox/*.json` — each a structured
+ * `{ category, content }` the dev authored locally and wants promoted to the
+ * team. JSON (not the rendered team/*.md files) keeps the content lossless and
+ * already category-shaped; a rendered team file cannot be reversed back to
+ * structured content, so edited team files (P1 drift candidates) are reported by
+ * `lumo memory sync`, not auto-converted here. Malformed/non-JSON files are
+ * skipped, not fatal.
+ */
+function collectUpsyncCandidates(root) {
+    const dir = (0, node_path_1.join)(root, OUTBOX_DIR);
+    if (!(0, node_fs_1.existsSync)(dir))
+        return [];
+    const out = [];
+    for (const f of (0, node_fs_1.readdirSync)(dir).sort()) {
+        if (!f.endsWith('.json'))
+            continue;
+        const p = (0, node_path_1.join)(dir, f);
+        try {
+            const parsed = JSON.parse((0, node_fs_1.readFileSync)(p, 'utf8'));
+            if (typeof parsed.category === 'string' && parsed.content !== undefined) {
+                out.push({
+                    file: p,
+                    category: parsed.category,
+                    content: parsed.content,
+                });
+            }
+        }
+        catch {
+            // skip malformed JSON
+        }
+    }
+    return out;
+}
+/**
+ * The endpoint upsync POSTs to. Deliberately the SAME create-project-memory
+ * route the web/CLI already use (`createForProject`: canonicalize → dedup →
+ * reconcile-on-write, LUM-538) — upsync reuses that pipeline rather than adding
+ * a parallel one.
+ */
+function projectMemoriesEndpoint(base, projectId) {
+    return `${base}/api/projects/${encodeURIComponent(projectId)}/memories`;
+}

package/dist/shared/src/code-anchor.js

@@ -0,0 +1,92 @@
+"use strict";
+/**
+ * LUM-547 (P4b) — code-anchor staleness detection.
+ *
+ * Pure logic: parse a memory's flattened text for high-confidence references to
+ * code "anchors" (file paths, symbols, flag/constant names), then — given an
+ * injected existence probe — decide whether the whole memory is stale (every
+ * anchor it names is gone from the repo).
+ *
+ * 高精度优先 / 宁缺毋滥: anchor extraction errs toward under-extraction
+ * (symbols & flags must be backtick-guarded; paths must be path-shaped with a
+ * known extension), and the staleness verdict errs toward keeping a memory (any
+ * single surviving anchor spares the whole memory). Detection only proposes a
+ * candidate; a human confirms before anything is archived (see retire.service).
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractAnchors = extractAnchors;
+exports.classifyMemoryStaleness = classifyMemoryStaleness;
+const KNOWN_EXT = 'ts|tsx|js|jsx|mjs|cjs|json|prisma|md|mdx|css|scss|sass|sql|sh|yml|yaml|html|toml';
+// A repo-relative path: one or more "dir/" segments then a filename.ext.
+const PATH_RE = new RegExp(String.raw `(?<![\w@/.])((?:[\w.-]+/)+[\w.-]+\.(?:${KNOWN_EXT}))\b`, 'g');
+const IDENT_RE = /^[A-Za-z_][A-Za-z0-9_]*$/;
+const SCREAMING_SNAKE_RE = /^[A-Z][A-Z0-9]*(?:_[A-Z0-9]+)+$/;
+// "Compound" identifier: camelCase, snake_case, or PascalCase-with-transition.
+const COMPOUND_RE = /[a-z][A-Z]|_|^[A-Z][a-z0-9]+[A-Z]/;
+function isExternalPath(p) {
+    return (p.startsWith('@') ||
+        p.startsWith('node_modules/') ||
+        p.includes('/node_modules/'));
+}
+/**
+ * Extract high-confidence code anchors from flattened memory text.
+ * - File paths: path-shaped tokens with a known extension (bare or backticked),
+ *   excluding URLs and external packages.
+ * - Symbols: backtick-wrapped compound identifiers (camel/snake/Pascal), with
+ *   single plain words and stop-words excluded.
+ * - Flags: backtick-wrapped SCREAMING_SNAKE constants.
+ * Result is de-duplicated, first-seen order.
+ */
+function extractAnchors(text) {
+    const out = [];
+    const seen = new Set();
+    const push = (kind, value) => {
+        const key = `${kind}::${value}`;
+        if (seen.has(key))
+            return;
+        seen.add(key);
+        out.push({ kind, value });
+    };
+    // Strip URLs so their path-looking tails are never mistaken for repo paths.
+    const deUrled = text.replace(/https?:\/\/\S+/g, ' ');
+    // File paths (from anywhere in the text).
+    PATH_RE.lastIndex = 0;
+    for (let m = PATH_RE.exec(deUrled); m != null; m = PATH_RE.exec(deUrled)) {
+        const p = m[1];
+        if (p && !isExternalPath(p))
+            push('file', p);
+    }
+    // Symbols & flags (backtick-guarded only).
+    const backtickRe = /`([^`]+)`/g;
+    for (let m = backtickRe.exec(text); m != null; m = backtickRe.exec(text)) {
+        const inner = (m[1] ?? '').trim();
+        if (!IDENT_RE.test(inner))
+            continue; // has spaces / slashes / dots → not a bare identifier
+        if (SCREAMING_SNAKE_RE.test(inner)) {
+            push('flag', inner);
+            continue;
+        }
+        if (inner.length >= 3 && COMPOUND_RE.test(inner)) {
+            push('symbol', inner);
+        }
+    }
+    return out;
+}
+function anchorExists(a, probe) {
+    return a.kind === 'file'
+        ? probe.fileExists(a.value)
+        : probe.symbolExists(a.value);
+}
+/**
+ * Decide whether a memory's text is code-anchor stale. A memory is a stale
+ * candidate only when it names at least one anchor and EVERY anchor it names is
+ * absent from the repo (any single survivor spares it — the mis-kill guard). An
+ * anchor-free memory is never a candidate. `deadAnchors` always reports the
+ * absent anchors found (useful as evidence even when the memory is not stale).
+ */
+function classifyMemoryStaleness(text, probe) {
+    const anchors = extractAnchors(text);
+    const deadAnchors = anchors.filter(a => !anchorExists(a, probe));
+    const stale = anchors.length > 0 && deadAnchors.length === anchors.length;
+    return { stale, deadAnchors, anchorsFound: anchors.length };
+}

package/dist/shared/src/index.js

@@ -1,7 +1,7 @@
 "use strict";
 // ── Agent Error types ────────────────────────────────────────────────────────
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.capRenderedOutput = exports.truncateUnitsToBudget = exports.OUTPUT_TOKEN_BUDGET = exports.estimateTokens = exports.buildCmdEvidencePointer = exports.isValidEvidencePointer = exports.EVIDENCE_POINTER_MAX = exports.EVIDENCE_POINTER_FORMAT_HINT = exports.EVIDENCE_POINTER_PATTERNS = exports.sanitizeField = exports.parseStreamJsonUsage = exports.tiptapToMarkdown = exports.markdownToTiptap = exports.AgentError = void 0;
+exports.classifyMemoryStaleness = exports.extractAnchors = exports.capRenderedOutput = exports.truncateUnitsToBudget = exports.OUTPUT_TOKEN_BUDGET = exports.estimateTokens = exports.buildCmdEvidencePointer = exports.isValidEvidencePointer = exports.EVIDENCE_POINTER_MAX = exports.EVIDENCE_POINTER_FORMAT_HINT = exports.EVIDENCE_POINTER_PATTERNS = exports.sanitizeField = exports.parseStreamJsonUsage = exports.tiptapToMarkdown = exports.markdownToTiptap = exports.AgentError = void 0;
 exports.userFriendlyError = userFriendlyError;
 class AgentError extends Error {
     code;
@@ -52,3 +52,7 @@ Object.defineProperty(exports, "estimateTokens", { enumerable: true, get: functi
 Object.defineProperty(exports, "OUTPUT_TOKEN_BUDGET", { enumerable: true, get: function () { return output_budget_1.OUTPUT_TOKEN_BUDGET; } });
 Object.defineProperty(exports, "truncateUnitsToBudget", { enumerable: true, get: function () { return output_budget_1.truncateUnitsToBudget; } });
 Object.defineProperty(exports, "capRenderedOutput", { enumerable: true, get: function () { return output_budget_1.capRenderedOutput; } });
+// ── Memory code-anchor staleness detection (LUM-547) ─────────────────────────
+var code_anchor_1 = require("./code-anchor");
+Object.defineProperty(exports, "extractAnchors", { enumerable: true, get: function () { return code_anchor_1.extractAnchors; } });
+Object.defineProperty(exports, "classifyMemoryStaleness", { enumerable: true, get: function () { return code_anchor_1.classifyMemoryStaleness; } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lumoai/cli",
-  "version": "1.39.0",
+  "version": "1.41.0",
   "description": "Lumo CLI — manage tasks and sessions from the terminal",
   "license": "MIT",
   "author": "cli@uselumo.ai",

package/dist/cli/src/commands/session-wrap.js

@@ -1,48 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.sessionWrap = sessionWrap;
-const config_1 = require("../lib/config");
-const wrap_panel_1 = require("../lib/wrap-panel");
-const memory_review_section_1 = require("./wrap/memory-review-section");
-const fragment_usage_section_1 = require("./wrap/fragment-usage-section");
-const blocked_prompt_section_1 = require("./wrap/blocked-prompt-section");
-const crossings_reminder_1 = require("./wrap/crossings-reminder");
-/**
- * `lumo session wrap [--yes] [--dry-run]`
- *
- * Session-end wrap-up panel with three sections, run in order: (1) review the
- * Layer1 memories this session sedimented — keep/delete/promote, deduped by a
- * per-session watermark; (2) vote which injected context fragments were
- * actually used (LUM-300, via `--used`); (3) if the session repeatedly hit the
- * same failure, prompt whether to flag the bound task with a `blocked` tag
- * (LUM-153).
- */
-async function sessionWrap(options) {
-    const sessionId = process.env.CLAUDE_CODE_SESSION_ID;
-    if (!sessionId) {
-        console.error('Error: $CLAUDE_CODE_SESSION_ID is not set.\n' +
-            '`lumo session wrap` must be run inside a Claude Code session.');
-        return 1;
-    }
-    const creds = (0, config_1.readCredentials)();
-    if (!creds) {
-        console.error('Error: not logged in. Run `lumo auth login` first.');
-        return 1;
-    }
-    const sections = [
-        new memory_review_section_1.MemoryReviewSection({ creds, sessionId }),
-        new fragment_usage_section_1.FragmentUsageSection({ creds, sessionId, used: options.used }),
-        new blocked_prompt_section_1.BlockedPromptSection({ creds, sessionId }),
-    ];
-    await (0, wrap_panel_1.runWrapPanel)(sections, {
-        yes: options.yes === true,
-        dryRun: options.dryRun === true,
-    });
-    // After the panel: a read-only nudge if the bound task has open boundary
-    // crossings still undispositioned (LUM-448). Silent when there are none —
-    // a clean task adds no wrap-up noise. Awareness only; clearing a crossing is
-    // web + human-only (LUM-426/435/422).
-    const reminder = await (0, crossings_reminder_1.openCrossingReminder)(creds);
-    if (reminder)
-        process.stdout.write(reminder);
-}

package/dist/cli/src/commands/wrap/blocked-prompt-section.js

@@ -1,64 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.BlockedPromptSection = void 0;
-const sanitize_1 = require("../../lib/sanitize");
-const line_prompt_1 = require("../../lib/line-prompt");
-const failure_summary_api_1 = require("../../lib/failure-summary-api");
-/**
- * Wrap-panel section (LUM-153) that detects repeated same-type failures in this
- * session and *prompts* whether to flag the bound task with a `blocked` tag.
- * Prompt-only by design — it never flips status automatically, and it only
- * shows up when the server says `shouldPrompt` (≥ threshold failures, bound
- * task, not already blocked). Confirming attaches the tag; the empty/`s`
- * default does nothing, so a stray Enter never tags the task.
- */
-class BlockedPromptSection {
-    deps;
-    title = 'Blocked check';
-    draft = null;
-    constructor(deps) {
-        this.deps = deps;
-    }
-    async prepare() {
-        this.draft = await (0, failure_summary_api_1.fetchFailureSummary)(this.deps.creds, this.deps.sessionId);
-        return this.draft.shouldPrompt;
-    }
-    async run(opts) {
-        const draft = this.draft;
-        if (!draft || !draft.shouldPrompt || !draft.taskIdentifier)
-            return;
-        const top = draft.topFailure;
-        const where = top ? (0, sanitize_1.sanitizeField)(top.label) : 'an operation';
-        const count = top ? top.count : 0;
-        process.stdout.write(`This session looks repeatedly stuck on ${where} (${count} failures).\n`);
-        if (top?.lastErrorSummary) {
-            process.stdout.write(`Last error: ${(0, sanitize_1.sanitizeField)(top.lastErrorSummary)}\n`);
-        }
-        if (opts.dryRun) {
-            process.stdout.write(`(dry-run, no changes; confirming would tag ${draft.taskIdentifier} blocked)\n`);
-            return;
-        }
-        // Tagging the shared board is opt-in: it requires an explicit interactive
-        // `y`. `--yes` (and non-TTY, where promptLine returns empty) deliberately
-        // does NOT auto-tag — silently flipping shared board state is exactly what
-        // LUM-153 set out to avoid. We surface the suggestion and move on.
-        if (opts.yes) {
-            process.stdout.write(`(--yes does not auto-tag; answer y interactively, or run \`lumo task update ${draft.taskIdentifier} --add-tag blocked\` manually)\n`);
-            return;
-        }
-        const choice = (await (0, line_prompt_1.promptLine)(`Tag ${draft.taskIdentifier} as blocked? [y] tag  [s] skip > `))
-            .trim()
-            .toLowerCase();
-        if (choice === 'y') {
-            await this.mark();
-            return;
-        }
-        // Empty / 's' / anything else → do nothing. Tagging is opt-in.
-        process.stdout.write('Skipped — not tagged.\n');
-    }
-    async mark() {
-        const { taskIdentifier, tag } = await (0, failure_summary_api_1.markTaskBlocked)(this.deps.creds, this.deps.sessionId);
-        process.stdout.write(`Tagged ${taskIdentifier} with ${tag}.\n`);
-    }
-}
-exports.BlockedPromptSection = BlockedPromptSection;

package/dist/cli/src/commands/wrap/crossings-reminder.js

@@ -1,49 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.formatCrossingReminder = formatCrossingReminder;
-exports.openCrossingReminder = openCrossingReminder;
-const resolve_bound_task_1 = require("../../lib/resolve-bound-task");
-const sanitize_1 = require("../../lib/sanitize");
-const open_crossings_1 = require("../../lib/open-crossings");
-/**
- * Build the wrap-up reminder for a task's OPEN boundary crossings (LUM-448).
- * Returns the reminder string when there is ≥1 open crossing, and `null` only on
- * a genuine empty read — the caller prints nothing on null, so a clean task
- * makes NO noise at wrap time. A check FAILURE (LUM-480) is NOT silent: it
- * returns a warning so a failed safety check never reads as "0 open / safe".
- * Read-only awareness: the reminder points at the human-only web disposition
- * panel and offers no way to clear a crossing from the terminal (LUM-426/435/422).
- */
-function formatCrossingReminder(taskIdentifier, result, url) {
-    if (result.status === 'error') {
-        return (`⚠ Could not check boundary crossings on ${taskIdentifier} ` +
-            `(network/server error) — unable to confirm whether any are still ` +
-            `undispositioned. Review in the web panel: ${url}\n`);
-    }
-    const open = result.crossings;
-    if (open.length === 0)
-        return null;
-    const n = open.length;
-    const lines = [
-        `⚠ ${n} open boundary crossing${n === 1 ? '' : 's'} on ${taskIdentifier} still undispositioned:`,
-    ];
-    for (const c of open) {
-        lines.push(`  • [${c.severity}] ${(0, sanitize_1.sanitizeField)(c.category)}`);
-    }
-    lines.push(`  Review & disposition (web + human-only): ${url}`);
-    return lines.join('\n') + '\n';
-}
-/**
- * Resolve the session's bound task and surface its OPEN boundary crossings as a
- * wrap-up reminder (LUM-448), or `null` when the session is unbound or the read
- * genuinely came back empty. A crossings-check failure yields a warning, not
- * silence (LUM-480). Pure read — `fetchOpenCrossings` hits only the LUM-435 GET
- * endpoint and there is no disposition write path here.
- */
-async function openCrossingReminder(creds) {
-    const taskIdentifier = await (0, resolve_bound_task_1.resolveBoundTaskIdentifier)(creds.apiUrl, creds.token);
-    if (!taskIdentifier)
-        return null;
-    const result = await (0, open_crossings_1.fetchOpenCrossings)(creds.apiUrl, creds.token, taskIdentifier);
-    return formatCrossingReminder(taskIdentifier, result, (0, open_crossings_1.dispositionUrl)(creds.apiUrl, creds.workspaceSlug, taskIdentifier));
-}

package/dist/cli/src/commands/wrap/fragment-usage-section.js

@@ -1,66 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.FragmentUsageSection = void 0;
-exports.parseUsedHandles = parseUsedHandles;
-const sanitize_1 = require("../../lib/sanitize");
-const fragment_usage_api_1 = require("../../lib/fragment-usage-api");
-/** Parse "1,3 5" → 0-based indices. "none" → []. */
-function parseUsedHandles(spec) {
-    if (spec.trim().toLowerCase() === 'none')
-        return [];
-    return spec
-        .split(/[\s,]+/)
-        .map(s => s.trim())
-        .filter(Boolean)
-        .map(s => parseInt(s, 10) - 1)
-        .filter(n => Number.isInteger(n) && n >= 0);
-}
-/**
- * Wrap-panel section (LUM-300) that lists the context fragments this session
- * consumed and records the agent's vote on which it actually used. Voting is
- * non-interactive: the agent passes `lumo session wrap --used <indices>` (or
- * `--used none`). Without `--used`, the section just lists candidates and writes
- * nothing — edges stay null (honest "not voted"). Already-voted sessions skip.
- */
-class FragmentUsageSection {
-    deps;
-    title = 'Fragment-usage vote';
-    draft = null;
-    constructor(deps) {
-        this.deps = deps;
-    }
-    async prepare() {
-        this.draft = await (0, fragment_usage_api_1.fetchUsageDraft)(this.deps.creds, this.deps.sessionId);
-        return this.draft.candidates.length > 0;
-    }
-    async run(opts) {
-        const draft = this.draft;
-        if (!draft || draft.candidates.length === 0)
-            return;
-        if (draft.alreadyVoted) {
-            process.stdout.write('This session already voted — skipping.\n');
-            return;
-        }
-        process.stdout.write('Context fragments injected in this session:\n');
-        draft.candidates.forEach((c, i) => {
-            process.stdout.write(`  [${i + 1}] ${(0, sanitize_1.sanitizeField)(c.label)}\n`);
-        });
-        if (opts.dryRun) {
-            process.stdout.write('(dry-run, no changes)\n');
-            return;
-        }
-        if (this.deps.used === undefined) {
-            process.stdout.write('Use `lumo session wrap --used <indices>` (or `--used none`) to record which fragments you actually used.\n');
-            return;
-        }
-        const idx = parseUsedHandles(this.deps.used);
-        const inRange = (n) => n >= 0 && n < draft.candidates.length;
-        const usedRefs = idx.filter(inRange).map(i => ({
-            fragmentType: draft.candidates[i].fragmentType,
-            fragmentId: draft.candidates[i].fragmentId,
-        }));
-        const { used, unused } = await (0, fragment_usage_api_1.applyFragmentUsage)(this.deps.creds, this.deps.sessionId, { usedRefs });
-        process.stdout.write(`Recorded: ${used} used, ${unused} unused.\n`);
-    }
-}
-exports.FragmentUsageSection = FragmentUsageSection;

package/dist/cli/src/commands/wrap/memory-review-section.js

@@ -1,81 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MemoryReviewSection = void 0;
-exports.parseReviewInstruction = parseReviewInstruction;
-const sanitize_1 = require("../../lib/sanitize");
-const line_prompt_1 = require("../../lib/line-prompt");
-const memory_content_1 = require("../../lib/memory-content");
-const session_memory_api_1 = require("../../lib/session-memory-api");
-/** Parse a one-line review instruction into 0-based row indices. */
-function parseReviewInstruction(line) {
-    const result = { deleteIdx: [], promoteIdx: [] };
-    const re = /([dp])\s*([\d,\s]+)/gi;
-    let m;
-    while ((m = re.exec(line)) !== null) {
-        const nums = m[2]
-            .split(/[\s,]+/)
-            .map(s => s.trim())
-            .filter(Boolean)
-            .map(s => parseInt(s, 10) - 1)
-            .filter(n => Number.isInteger(n) && n >= 0);
-        if (m[1].toLowerCase() === 'd')
-            result.deleteIdx.push(...nums);
-        else
-            result.promoteIdx.push(...nums);
-    }
-    return result;
-}
-/**
- * Wrap-panel section that lists the Layer1 memories this session sedimented and
- * lets the user delete noise / promote keepers to project scope. Keeps its own
- * draft state between prepare() and run(). Dedup is server-side via watermark.
- */
-class MemoryReviewSection {
-    deps;
-    title = 'Memory review';
-    draft = null;
-    constructor(deps) {
-        this.deps = deps;
-    }
-    async prepare() {
-        this.draft = await (0, session_memory_api_1.fetchMemoryDraft)(this.deps.creds, this.deps.sessionId);
-        return this.draft.memories.length > 0;
-    }
-    async run(opts) {
-        const draft = this.draft;
-        if (!draft || !draft.watermark || draft.memories.length === 0)
-            return;
-        process.stdout.write(`This session recorded ${draft.memories.length} new memories:\n`);
-        process.stdout.write(`${(0, sanitize_1.sanitizeField)((0, memory_content_1.formatMemoryReviewList)(draft.memories))}\n`);
-        if (opts.dryRun) {
-            process.stdout.write('(dry-run, no changes)\n');
-            return;
-        }
-        if (opts.yes) {
-            await this.apply(draft.watermark, [], []);
-            return;
-        }
-        const line = (await (0, line_prompt_1.promptLine)('[Enter] keep all  [d 1,3] delete  [p 2] promote to project  [s] skip > ')).trim();
-        if (line.toLowerCase() === 's') {
-            process.stdout.write('Section skipped.\n');
-            return;
-        }
-        if (line === '') {
-            await this.apply(draft.watermark, [], []);
-            return;
-        }
-        const { deleteIdx, promoteIdx } = parseReviewInstruction(line);
-        const inRange = (n) => n >= 0 && n < draft.memories.length;
-        const deleteIds = deleteIdx.filter(inRange).map(i => draft.memories[i].id);
-        const promoteIds = promoteIdx
-            .filter(inRange)
-            .map(i => draft.memories[i].id)
-            .filter(id => !deleteIds.includes(id));
-        await this.apply(draft.watermark, deleteIds, promoteIds);
-    }
-    async apply(watermark, deleteIds, promoteIds) {
-        const { deleted, promoted } = await (0, session_memory_api_1.applyMemoryReview)(this.deps.creds, this.deps.sessionId, { watermark, deleteIds, promoteIds });
-        process.stdout.write(`Deleted ${deleted}, promoted ${promoted} to project scope.\n`);
-    }
-}
-exports.MemoryReviewSection = MemoryReviewSection;

package/dist/cli/src/lib/failure-summary-api.js

@@ -1,43 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.fetchFailureSummary = fetchFailureSummary;
-exports.markTaskBlocked = markTaskBlocked;
-const api_1 = require("./api");
-function base(creds) {
-    return (0, api_1.trimTrailingSlash)((0, api_1.resolveAuthedApiUrl)(creds.apiUrl));
-}
-/** GET the blocked-tag prompt draft for the session. Throws on transport / non-200. */
-async function fetchFailureSummary(creds, sessionId) {
-    const url = `${base(creds)}/api/sessions/${encodeURIComponent(sessionId)}/failure-summary`;
-    const res = await fetch(url, {
-        headers: { Authorization: `Bearer ${creds.token}` },
-    });
-    if (res.status === 401)
-        throw new Error('API key invalid or revoked. Run `lumo auth login`.');
-    if (!res.ok)
-        throw new Error(`failure summary fetch failed (HTTP ${res.status})`);
-    return (await res.json());
-}
-/** POST to attach the `blocked` tag to the session's bound task. Throws the server message on non-201. */
-async function markTaskBlocked(creds, sessionId) {
-    const url = `${base(creds)}/api/sessions/${encodeURIComponent(sessionId)}/mark-blocked`;
-    const res = await fetch(url, {
-        method: 'POST',
-        headers: { Authorization: `Bearer ${creds.token}` },
-    });
-    if (res.status === 401)
-        throw new Error('API key invalid or revoked. Run `lumo auth login`.');
-    if (res.status !== 201) {
-        let serverMsg = null;
-        try {
-            const errBody = (await res.json());
-            if (typeof errBody.error === 'string')
-                serverMsg = errBody.error;
-        }
-        catch {
-            // body wasn't JSON
-        }
-        throw new Error(serverMsg ?? `mark blocked failed (HTTP ${res.status})`);
-    }
-    return (await res.json());
-}