@mindexec/cli 0.2.88 → 0.2.89

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mindexec/cli",
-  "version": "0.2.88",
+  "version": "0.2.89",
   "description": "MindExec local runtime and bridge CLI",
   "main": "server.js",
   "type": "module",
@@ -20,7 +20,8 @@
   "scripts": {
     "start": "node launch-bridge.cjs",
     "dev": "node launch-bridge.cjs --watch",
-    "test:syntax": "node --check server.js && node --check remote-hub.js && node --check codex-runtime.js && node --check launch-bridge.cjs && node --check port-guard.cjs && node --check scripts/setup-tree-sitter-grammars.mjs && node --check scripts/remote-hub-smoke.mjs && node --check scripts/remote-hub-scale-smoke.mjs && node --check scripts/remote-fleet-render-smoke.mjs && node --check scripts/remote-http-smoke.mjs",
+    "test:syntax": "node --check server.js && node --check remote-hub.js && node --check codex-runtime.js && node --check launch-bridge.cjs && node --check port-guard.cjs && node --check scripts/setup-tree-sitter-grammars.mjs && node --check scripts/auth-session-smoke.mjs && node --check scripts/remote-hub-smoke.mjs && node --check scripts/remote-hub-scale-smoke.mjs && node --check scripts/remote-fleet-render-smoke.mjs && node --check scripts/remote-http-smoke.mjs",
+    "test:auth": "node scripts/auth-session-smoke.mjs",
     "test:remote": "node scripts/remote-hub-smoke.mjs",
     "test:remote:scale": "node scripts/remote-hub-scale-smoke.mjs",
     "test:remote:render": "node scripts/remote-fleet-render-smoke.mjs",

package/scripts/auth-session-smoke.mjs

@@ -0,0 +1,218 @@
+#!/usr/bin/env node
+
+import assert from 'node:assert/strict';
+import { spawn } from 'node:child_process';
+import { mkdtemp, mkdir, rm, writeFile } from 'node:fs/promises';
+import net from 'node:net';
+import os from 'node:os';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+const BRIDGE_TOKEN = 'auth-session-smoke-token';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const bridgeRoot = path.resolve(__dirname, '..');
+
+function wait(ms) {
+    return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+async function findFreePort() {
+    return await new Promise((resolve, reject) => {
+        const server = net.createServer();
+        server.unref();
+        server.once('error', reject);
+        server.listen(0, '127.0.0.1', () => {
+            const address = server.address();
+            const port = typeof address === 'object' && address ? address.port : 0;
+            server.close(() => resolve(port));
+        });
+    });
+}
+
+async function fetchJson(url, options = {}) {
+    const response = await fetch(url, {
+        ...options,
+        headers: {
+            ...(options.body ? { 'Content-Type': 'application/json' } : {}),
+            ...(options.token ? { 'X-Bridge-Token': options.token } : {}),
+            ...(options.headers || {})
+        }
+    });
+
+    let payload = null;
+    try {
+        payload = await response.json();
+    } catch {
+        // Ignore non-JSON responses.
+    }
+
+    return {
+        status: response.status,
+        ok: response.ok,
+        payload
+    };
+}
+
+function spawnBridge({ bridgePort, workspacePath, authDataRoot }) {
+    const child = spawn(process.execPath, ['server.js'], {
+        cwd: bridgeRoot,
+        stdio: ['ignore', 'pipe', 'pipe'],
+        windowsHide: true,
+        env: {
+            ...process.env,
+            BRIDGE_PORT: String(bridgePort),
+            BRIDGE_TOKEN,
+            BRIDGE_REQUIRE_TOKEN: '1',
+            WORKSPACE_PATH: workspacePath,
+            MINDEXEC_AUTH_DATA_ROOT: authDataRoot,
+            MINDEXEC_REMOTE_HUB: '0',
+            NO_COLOR: '1'
+        }
+    });
+
+    let stdout = '';
+    let stderr = '';
+    child.stdout.on('data', chunk => {
+        stdout += chunk.toString();
+    });
+    child.stderr.on('data', chunk => {
+        stderr += chunk.toString();
+    });
+
+    const details = () => `stdout=${stdout}\nstderr=${stderr}`;
+    const stop = async () => {
+        if (!child.killed) {
+            child.kill();
+        }
+        await Promise.race([
+            new Promise(resolve => child.once('exit', resolve)),
+            wait(3000)
+        ]);
+    };
+
+    return {
+        child,
+        details,
+        stop
+    };
+}
+
+async function waitForBridge(baseUrl, details) {
+    const startedAt = Date.now();
+    while (Date.now() - startedAt < 30000) {
+        try {
+            const response = await fetchJson(`${baseUrl}/api/status`);
+            if (response.ok && response.payload?.status) {
+                return;
+            }
+        } catch {
+            // Bridge is still starting.
+        }
+        await wait(100);
+    }
+
+    throw new Error(`Timed out waiting for LocalBridge.\n${details()}`);
+}
+
+async function withBridge({ workspacePath, authDataRoot }, action) {
+    const bridgePort = await findFreePort();
+    const bridge = spawnBridge({ bridgePort, workspacePath, authDataRoot });
+    const baseUrl = `http://127.0.0.1:${bridgePort}`;
+    try {
+        await waitForBridge(baseUrl, bridge.details);
+        await action(baseUrl);
+    } finally {
+        await bridge.stop();
+    }
+}
+
+const tempRoot = await mkdtemp(path.join(os.tmpdir(), 'mindexec-auth-session-smoke-'));
+try {
+    const authDataRoot = path.join(tempRoot, 'stable-auth');
+    const workspaceA = path.join(tempRoot, 'workspace-a');
+    const workspaceB = path.join(tempRoot, 'workspace-b');
+    await mkdir(workspaceA, { recursive: true });
+    await mkdir(workspaceB, { recursive: true });
+
+    const sessionPayload = JSON.stringify({
+        access_token: 'access-token-a',
+        refresh_token: 'refresh-token-a',
+        user: {
+            id: 'user-a',
+            email: 'auth-smoke@example.com'
+        }
+    });
+
+    await withBridge({ workspacePath: workspaceA, authDataRoot }, async (baseUrl) => {
+        const unauthorized = await fetchJson(`${baseUrl}/api/auth/session`);
+        assert.equal(unauthorized.status, 401);
+
+        const missing = await fetchJson(`${baseUrl}/api/auth/session`, { token: BRIDGE_TOKEN });
+        assert.equal(missing.status, 404);
+
+        const invalid = await fetchJson(`${baseUrl}/api/auth/session`, {
+            method: 'POST',
+            token: BRIDGE_TOKEN,
+            body: JSON.stringify({ content: 'not-json' })
+        });
+        assert.equal(invalid.status, 400);
+
+        const saved = await fetchJson(`${baseUrl}/api/auth/session`, {
+            method: 'POST',
+            token: BRIDGE_TOKEN,
+            body: JSON.stringify({ content: sessionPayload })
+        });
+        assert.equal(saved.status, 200);
+        assert.equal(saved.payload?.success, true);
+
+        const loaded = await fetchJson(`${baseUrl}/api/auth/session`, { token: BRIDGE_TOKEN });
+        assert.equal(loaded.status, 200);
+        assert.equal(loaded.payload?.content, sessionPayload);
+        assert.equal(loaded.payload?.source, 'stable');
+    });
+
+    await withBridge({ workspacePath: workspaceB, authDataRoot }, async (baseUrl) => {
+        const loaded = await fetchJson(`${baseUrl}/api/auth/session`, { token: BRIDGE_TOKEN });
+        assert.equal(loaded.status, 200);
+        assert.equal(loaded.payload?.content, sessionPayload);
+        assert.equal(loaded.payload?.source, 'stable');
+
+        const deleted = await fetchJson(`${baseUrl}/api/auth/session`, {
+            method: 'DELETE',
+            token: BRIDGE_TOKEN
+        });
+        assert.equal(deleted.status, 200);
+        assert.equal(deleted.payload?.success, true);
+    });
+
+    const legacyPayload = JSON.stringify({
+        access_token: 'legacy-access-token',
+        refresh_token: 'legacy-refresh-token',
+        user: {
+            id: 'legacy-user',
+            email: 'legacy-auth-smoke@example.com'
+        }
+    });
+    const legacyPath = path.join(workspaceB, '.mindexec', 'auth', 'supabase-session.json');
+    await mkdir(path.dirname(legacyPath), { recursive: true });
+    await writeFile(legacyPath, legacyPayload, 'utf8');
+
+    await withBridge({ workspacePath: workspaceB, authDataRoot }, async (baseUrl) => {
+        const migrated = await fetchJson(`${baseUrl}/api/auth/session`, { token: BRIDGE_TOKEN });
+        assert.equal(migrated.status, 200);
+        assert.equal(migrated.payload?.content, legacyPayload);
+        assert.equal(migrated.payload?.source, 'legacy-workspace');
+        assert.equal(migrated.payload?.migrated, true);
+    });
+
+    await withBridge({ workspacePath: workspaceA, authDataRoot }, async (baseUrl) => {
+        const loaded = await fetchJson(`${baseUrl}/api/auth/session`, { token: BRIDGE_TOKEN });
+        assert.equal(loaded.status, 200);
+        assert.equal(loaded.payload?.content, legacyPayload);
+        assert.equal(loaded.payload?.source, 'stable');
+    });
+
+    console.log('Auth session persistence smoke OK');
+} finally {
+    await rm(tempRoot, { recursive: true, force: true });
+}

package/server.js

@@ -424,10 +424,12 @@ let currentBrowserSessionId = null;
 let browserSessionSequence = 0;
 let playwrightModulePromise = null;
 let playwrightBrowserPromise = null;
-const DATA_ROOT_DIRNAME = '.mindexec';
-const LEGACY_MIGRATION_MARKER = '.legacy_migrated_v1.json';
-const DATA_GITIGNORE_FILE = '.gitignore';
-const DATA_GITIGNORE_CONTENT = [
+const DATA_ROOT_DIRNAME = '.mindexec';
+const LEGACY_MIGRATION_MARKER = '.legacy_migrated_v1.json';
+const DATA_GITIGNORE_FILE = '.gitignore';
+const AUTH_DATA_ROOT = resolveAuthDataRoot();
+const AUTH_SESSION_FILE_NAME = 'supabase-session.json';
+const DATA_GITIGNORE_CONTENT = [
     '# MindExec managed data',
     '# Keep boards/ and project.json for shared context by default.',
     '/cache/',
@@ -470,13 +472,150 @@ const PLAYWRIGHT_BROWSER_CANDIDATES = process.platform === 'win32'
             '/snap/bin/chromium'
         ];
 
-function getDataRoot(basePath = workspacePath) {
-    return path.join(basePath, DATA_ROOT_DIRNAME);
-}
-
-function getBoardsPath(basePath = workspacePath) {
-    return path.join(getDataRoot(basePath), 'boards');
-}
+function getDataRoot(basePath = workspacePath) {
+    return path.join(basePath, DATA_ROOT_DIRNAME);
+}
+
+function resolveAuthDataRoot() {
+    const configuredRoot = String(process.env.MINDEXEC_AUTH_DATA_ROOT || '').trim();
+    if (configuredRoot) {
+        return path.resolve(configuredRoot);
+    }
+
+    return path.join(os.homedir(), '.mindexec', 'auth');
+}
+
+function getStableSupabaseSessionPath() {
+    return path.join(AUTH_DATA_ROOT, AUTH_SESSION_FILE_NAME);
+}
+
+function getLegacyWorkspaceSupabaseSessionPath(basePath = workspacePath) {
+    return path.join(getDataRoot(basePath), 'auth', AUTH_SESSION_FILE_NAME);
+}
+
+function getLegacySupabaseSessionCandidatePaths() {
+    const candidates = [
+        getLegacyWorkspaceSupabaseSessionPath(workspacePath),
+        getLegacyWorkspaceSupabaseSessionPath(DEFAULT_WORKSPACE)
+    ];
+
+    return Array.from(new Set(candidates.map(candidate => path.resolve(candidate))));
+}
+
+async function tryReadTextFile(filePath) {
+    try {
+        return await fs.readFile(filePath, 'utf8');
+    } catch (err) {
+        if (err?.code === 'ENOENT') {
+            return null;
+        }
+
+        throw err;
+    }
+}
+
+async function writePrivateTextFile(fullPath, content) {
+    await writeFileAtomically(fullPath, content, 'utf8');
+    try {
+        await fs.chmod(fullPath, 0o600);
+    } catch {
+        // Best effort only. Windows ACLs do not map cleanly to chmod.
+    }
+}
+
+function validateAuthSessionPayload(content) {
+    const payload = String(content || '');
+    if (!payload.trim()) {
+        const err = new Error('Session payload is required');
+        err.statusCode = 400;
+        throw err;
+    }
+
+    if (Buffer.byteLength(payload, 'utf8') > 512 * 1024) {
+        const err = new Error('Session payload is too large');
+        err.statusCode = 413;
+        throw err;
+    }
+
+    try {
+        JSON.parse(payload);
+    } catch {
+        const err = new Error('Session payload must be valid JSON');
+        err.statusCode = 400;
+        throw err;
+    }
+
+    return payload;
+}
+
+async function readStableAuthSessionPayload() {
+    const stablePath = getStableSupabaseSessionPath();
+    const stablePayload = await tryReadTextFile(stablePath);
+    if (stablePayload && stablePayload.trim()) {
+        return {
+            found: true,
+            content: stablePayload,
+            source: 'stable',
+            path: stablePath,
+            migrated: false
+        };
+    }
+
+    for (const legacyPath of getLegacySupabaseSessionCandidatePaths()) {
+        const legacyPayload = await tryReadTextFile(legacyPath);
+        if (!legacyPayload || !legacyPayload.trim()) {
+            continue;
+        }
+
+        await writePrivateTextFile(stablePath, legacyPayload);
+        return {
+            found: true,
+            content: legacyPayload,
+            source: 'legacy-workspace',
+            path: stablePath,
+            migrated: true,
+            legacyPath
+        };
+    }
+
+    return {
+        found: false,
+        content: null,
+        source: 'none',
+        path: stablePath,
+        migrated: false
+    };
+}
+
+async function writeStableAuthSessionPayload(content) {
+    const payload = validateAuthSessionPayload(content);
+    const stablePath = getStableSupabaseSessionPath();
+    await writePrivateTextFile(stablePath, payload);
+    return stablePath;
+}
+
+async function deleteStableAuthSessionPayload() {
+    const paths = [
+        getStableSupabaseSessionPath(),
+        ...getLegacySupabaseSessionCandidatePaths()
+    ];
+
+    const deleted = [];
+    for (const sessionPath of Array.from(new Set(paths.map(candidate => path.resolve(candidate))))) {
+        try {
+            await fs.rm(sessionPath, { force: true });
+            deleted.push(sessionPath);
+        } catch {
+            // Clearing auth should be best-effort across legacy mirrors.
+        }
+    }
+
+    return deleted;
+}
+
+function getBoardsPath(basePath = workspacePath) {
+    return path.join(getDataRoot(basePath), 'boards');
+}
 
 function getAssetsPath(basePath = workspacePath) {
     return path.join(getDataRoot(basePath), 'assets');
@@ -1745,6 +1884,9 @@ const PROTECTED_BRIDGE_ROUTES = [
     { method: 'POST', exact: '/api/file/delete' },
     { method: 'POST', exact: '/api/file/copy' },
     { method: 'POST', exact: '/api/file/move' },
+    { method: 'GET', exact: '/api/auth/session' },
+    { method: 'POST', exact: '/api/auth/session' },
+    { method: 'DELETE', exact: '/api/auth/session' },
     { method: 'POST', exact: '/api/dir/create' },
     { method: 'POST', exact: '/api/dir/delete' },
     { method: 'POST', prefix: '/api/assets/' },
@@ -1869,6 +2011,66 @@ app.use((req, res, next) => {
     requireBridgeToken(req, res, next);
 });
 
+app.get('/api/auth/session', async (req, res) => {
+    try {
+        const result = await readStableAuthSessionPayload();
+        if (!result.found) {
+            return res.status(404).json({
+                success: false,
+                found: false
+            });
+        }
+
+        res.json({
+            success: true,
+            found: true,
+            content: result.content,
+            source: result.source,
+            migrated: result.migrated === true
+        });
+    } catch (err) {
+        logError('auth', 'failed to read persisted auth session.', err);
+        const statusCode = Number(err?.statusCode || 500);
+        res.status(statusCode >= 400 && statusCode < 600 ? statusCode : 500).json({
+            success: false,
+            error: err?.message || 'Failed to read auth session'
+        });
+    }
+});
+
+app.post('/api/auth/session', async (req, res) => {
+    try {
+        const content = req.body?.content;
+        await writeStableAuthSessionPayload(content);
+        res.json({
+            success: true
+        });
+    } catch (err) {
+        logError('auth', 'failed to persist auth session.', err);
+        const statusCode = Number(err?.statusCode || 500);
+        res.status(statusCode >= 400 && statusCode < 600 ? statusCode : 500).json({
+            success: false,
+            error: err?.message || 'Failed to persist auth session'
+        });
+    }
+});
+
+app.delete('/api/auth/session', async (req, res) => {
+    try {
+        await deleteStableAuthSessionPayload();
+        res.json({
+            success: true
+        });
+    } catch (err) {
+        logError('auth', 'failed to clear auth session.', err);
+        const statusCode = Number(err?.statusCode || 500);
+        res.status(statusCode >= 400 && statusCode < 600 ? statusCode : 500).json({
+            success: false,
+            error: err?.message || 'Failed to clear auth session'
+        });
+    }
+});
+
 app.post('/api/local-files/register', async (req, res) => {
     try {
         const body = req.body || {};

package/wwwroot/_framework/blazor.boot.json

@@ -1,7 +1,7 @@
 {
   "mainAssemblyName": "MindExecution.Web",
   "resources": {
-    "hash": "sha256-FkYckiFDay4A9e3HxdrRCNsw5tmmvI8BmELK8eab0hw=",
+    "hash": "sha256-UYjWF1Jxof/7OQBXUWs4OE4sIOguU3A5k8CVb4Nnh/8=",
     "fingerprinting": {
       "Google.Protobuf.9h59ukbel7.dll": "Google.Protobuf.dll",
       "Markdig.d1j7v41cl1.dll": "Markdig.dll",
@@ -123,16 +123,16 @@
       "System.brmz7yk5qh.dll": "System.dll",
       "netstandard.yvr3prsx0x.dll": "netstandard.dll",
       "System.Private.CoreLib.c1dbswx1b2.dll": "System.Private.CoreLib.dll",
-      "MindExecution.Core.csfu1xtj3l.dll": "MindExecution.Core.dll",
-      "MindExecution.Kernel.mdo1lzjvvp.dll": "MindExecution.Kernel.dll",
-      "MindExecution.Plugins.Admin.5fctwf65dx.dll": "MindExecution.Plugins.Admin.dll",
-      "MindExecution.Plugins.Business.nwivpk9djf.dll": "MindExecution.Plugins.Business.dll",
-      "MindExecution.Plugins.Concept.d66vf951hc.dll": "MindExecution.Plugins.Concept.dll",
-      "MindExecution.Plugins.Directory.jnzcrwl049.dll": "MindExecution.Plugins.Directory.dll",
-      "MindExecution.Plugins.PlanMaster.3nmh4z5z35.dll": "MindExecution.Plugins.PlanMaster.dll",
-      "MindExecution.Plugins.YouTube.pk0nd21ct1.dll": "MindExecution.Plugins.YouTube.dll",
-      "MindExecution.Shared.kjl470mcqw.dll": "MindExecution.Shared.dll",
-      "MindExecution.Web.w30rv8f29g.dll": "MindExecution.Web.dll",
+      "MindExecution.Core.qprj2wqc9a.dll": "MindExecution.Core.dll",
+      "MindExecution.Kernel.ksznt6ppyj.dll": "MindExecution.Kernel.dll",
+      "MindExecution.Plugins.Admin.ziclnsvcvi.dll": "MindExecution.Plugins.Admin.dll",
+      "MindExecution.Plugins.Business.q32f5kgky1.dll": "MindExecution.Plugins.Business.dll",
+      "MindExecution.Plugins.Concept.vrmey2vv08.dll": "MindExecution.Plugins.Concept.dll",
+      "MindExecution.Plugins.Directory.3pet73jp0m.dll": "MindExecution.Plugins.Directory.dll",
+      "MindExecution.Plugins.PlanMaster.0pdulhmw15.dll": "MindExecution.Plugins.PlanMaster.dll",
+      "MindExecution.Plugins.YouTube.ye6w0jn4v9.dll": "MindExecution.Plugins.YouTube.dll",
+      "MindExecution.Shared.oxf5h3gtl1.dll": "MindExecution.Shared.dll",
+      "MindExecution.Web.s43m8j3bg0.dll": "MindExecution.Web.dll",
       "dotnet.js": "dotnet.js",
       "dotnet.native.qc8g39g30v.js": "dotnet.native.js",
       "dotnet.native.boem75ye5i.wasm": "dotnet.native.wasm",
@@ -278,18 +278,18 @@
       "System.Xml.XDocument.sn51jas17n.dll": "sha256-GNI2kFgFmPTwzuzwUn8gxK+AzGLUWRJFdg9JzIbrybQ=",
       "System.brmz7yk5qh.dll": "sha256-CfM2miyj1KHApFmqMdLYWio3S/jrdON2pW9Xr2nTwlo=",
       "netstandard.yvr3prsx0x.dll": "sha256-EksNn8Luo4bOWqJ6X7dIe9qG9oOqwOVzjH2xYyMNi+E=",
-      "MindExecution.Core.csfu1xtj3l.dll": "sha256-lP9GUQU4xFLsUU4IOwpUjt09mQO5M/bgLAAS8UnjLMs=",
-      "MindExecution.Kernel.mdo1lzjvvp.dll": "sha256-Vj21M+Th5MKfLG5Hvg6/uwlDDdwAJwzeIxfWsK9gYhM=",
-      "MindExecution.Plugins.Concept.d66vf951hc.dll": "sha256-BfSg6eO0Whhlebn79gn/1KzUaJufnQ+vnpBy2nn3MA4=",
-      "MindExecution.Plugins.PlanMaster.3nmh4z5z35.dll": "sha256-34yMohlN570l7hVY8M50ddZu8rhP91MzQgxFR5BvCF8=",
-      "MindExecution.Shared.kjl470mcqw.dll": "sha256-8PIYJXaYrenW4t2I7BZun1WQ8jTMUctPutWsGqdWAJk=",
-      "MindExecution.Web.w30rv8f29g.dll": "sha256-TEjqD1qStW1dbPnahMdnbtzKD9hRmZnZdPTREVVMdDg="
+      "MindExecution.Core.qprj2wqc9a.dll": "sha256-DnXZk8i9ukptBPjChSubsbWJIarYNileavZA4hihKJY=",
+      "MindExecution.Kernel.ksznt6ppyj.dll": "sha256-DAZ9Pzryh17vEhPOjVeFe+eCs/lgH5S0vxP9WFiTI2U=",
+      "MindExecution.Plugins.Concept.vrmey2vv08.dll": "sha256-y8SD/3+q7/5hBWFrizZ5w5QKJP8Nfz0NpV0XrT1eXxQ=",
+      "MindExecution.Plugins.PlanMaster.0pdulhmw15.dll": "sha256-LObinwzmz1i8etnhUMWcvdn6oZ7MSGkqfZnIcyakEFk=",
+      "MindExecution.Shared.oxf5h3gtl1.dll": "sha256-7Lze2YO8XmpwxtjLCUp/J9HND7AyKJyORksP8+XAua0=",
+      "MindExecution.Web.s43m8j3bg0.dll": "sha256-pCKvIt9SzRGSvNRSw/7lk7eG3RyzGrTZNolf1tx5T6A="
     },
     "lazyAssembly": {
-      "MindExecution.Plugins.Admin.5fctwf65dx.dll": "sha256-37+Egd35menNv18hEZ64qjiu0x1r+wFOuO5zDiOGfug=",
-      "MindExecution.Plugins.Business.nwivpk9djf.dll": "sha256-iTV0NyCB7fnU+l8brClBd+KYnBDw628yHCwoRrQdTWE=",
-      "MindExecution.Plugins.Directory.jnzcrwl049.dll": "sha256-fwo2q8bt+WNuVUMnJCOcfLAy151cjLZCQa0Z+iKdsRs=",
-      "MindExecution.Plugins.YouTube.pk0nd21ct1.dll": "sha256-VxiyjfefagL09Utr1A8+YOy/t6F+455WI1ENfWFzqso="
+      "MindExecution.Plugins.Admin.ziclnsvcvi.dll": "sha256-VXbkR7uhooOS62ea02JNcfj2EpKxtIF4ZYRSvdO74kM=",
+      "MindExecution.Plugins.Business.q32f5kgky1.dll": "sha256-Zq3jwQKoz28lRtaqbPJgZenoBwrknjYBccYJhLOhYd4=",
+      "MindExecution.Plugins.Directory.3pet73jp0m.dll": "sha256-p7KSnHrHR4xFgP4WwKX0edQZgAhSsWqOcNRq4/oiH1I=",
+      "MindExecution.Plugins.YouTube.ye6w0jn4v9.dll": "sha256-eoQHQy2IbcBhJtbRR5HShNdMp7DJ4xOsFdwryQNoQrI="
     }
   },
   "cacheBootResources": true,

package/wwwroot/index.html

@@ -7,8 +7,8 @@
     <title>MindExec | Run your ideas as AI task graphs</title>
     <meta name="description" content="MindExec is an AI execution canvas for solo builders, researchers, developers, and creators. Start with free browser tools, then move serious work into saved MindCanvas projects." />
     <base href="/" />
-    <link rel="stylesheet" href="_content/MindExecution.Shared/css/app.css?v=20260615-template-css3d-v552" />
-    <link rel="stylesheet" href="_content/MindExecution.Shared/css/mind-map-overrides.css?v=20260615-template-css3d-v552" />
+    <link rel="stylesheet" href="_content/MindExecution.Shared/css/app.css?v=20260615-auth-session-v553" />
+    <link rel="stylesheet" href="_content/MindExecution.Shared/css/mind-map-overrides.css?v=20260615-auth-session-v553" />
     <!-- ?쇄뼹??Font Awesome (local) ?쇄뼹??-->
     <link rel="stylesheet" href="_content/MindExecution.Shared/lib/font-awesome/css/all.min.css" />
     <!-- ?꿎뼯??-->
@@ -579,7 +579,7 @@
             }
 
             const base = '_content/MindExecution.Shared/js/';
-        const scriptVersion = '20260615-template-css3d-v552';
+        const scriptVersion = '20260615-auth-session-v553';
             const scriptUrl = (script) => `${base}${script}?v=${scriptVersion}`;
             console.log(`[Script Loader] Shared JS version: ${scriptVersion}`);
             const criticalScripts = [

package/wwwroot/service-worker-assets.js

@@ -1,5 +1,5 @@
 self.assetsManifest = {
-    "version":  "e510O9xl",
+    "version":  "mPvmdx5y",
     "assets":  [
                    {
                        "hash":  "sha256-+CSYMcqLNTsq3VnH11jgYyOCCdxvHzL74CBmo4sCmMU=",
@@ -410,44 +410,44 @@
                        "url":  "_framework/MimeMapping.og9ys58ylm.dll"
                    },
                    {
-                       "hash":  "sha256-lP9GUQU4xFLsUU4IOwpUjt09mQO5M/bgLAAS8UnjLMs=",
-                       "url":  "_framework/MindExecution.Core.csfu1xtj3l.dll"
+                       "hash":  "sha256-DnXZk8i9ukptBPjChSubsbWJIarYNileavZA4hihKJY=",
+                       "url":  "_framework/MindExecution.Core.qprj2wqc9a.dll"
                    },
                    {
-                       "hash":  "sha256-Vj21M+Th5MKfLG5Hvg6/uwlDDdwAJwzeIxfWsK9gYhM=",
-                       "url":  "_framework/MindExecution.Kernel.mdo1lzjvvp.dll"
+                       "hash":  "sha256-DAZ9Pzryh17vEhPOjVeFe+eCs/lgH5S0vxP9WFiTI2U=",
+                       "url":  "_framework/MindExecution.Kernel.ksznt6ppyj.dll"
                    },
                    {
-                       "hash":  "sha256-37+Egd35menNv18hEZ64qjiu0x1r+wFOuO5zDiOGfug=",
-                       "url":  "_framework/MindExecution.Plugins.Admin.5fctwf65dx.dll"
+                       "hash":  "sha256-VXbkR7uhooOS62ea02JNcfj2EpKxtIF4ZYRSvdO74kM=",
+                       "url":  "_framework/MindExecution.Plugins.Admin.ziclnsvcvi.dll"
                    },
                    {
-                       "hash":  "sha256-iTV0NyCB7fnU+l8brClBd+KYnBDw628yHCwoRrQdTWE=",
-                       "url":  "_framework/MindExecution.Plugins.Business.nwivpk9djf.dll"
+                       "hash":  "sha256-Zq3jwQKoz28lRtaqbPJgZenoBwrknjYBccYJhLOhYd4=",
+                       "url":  "_framework/MindExecution.Plugins.Business.q32f5kgky1.dll"
                    },
                    {
-                       "hash":  "sha256-BfSg6eO0Whhlebn79gn/1KzUaJufnQ+vnpBy2nn3MA4=",
-                       "url":  "_framework/MindExecution.Plugins.Concept.d66vf951hc.dll"
+                       "hash":  "sha256-y8SD/3+q7/5hBWFrizZ5w5QKJP8Nfz0NpV0XrT1eXxQ=",
+                       "url":  "_framework/MindExecution.Plugins.Concept.vrmey2vv08.dll"
                    },
                    {
-                       "hash":  "sha256-fwo2q8bt+WNuVUMnJCOcfLAy151cjLZCQa0Z+iKdsRs=",
-                       "url":  "_framework/MindExecution.Plugins.Directory.jnzcrwl049.dll"
+                       "hash":  "sha256-p7KSnHrHR4xFgP4WwKX0edQZgAhSsWqOcNRq4/oiH1I=",
+                       "url":  "_framework/MindExecution.Plugins.Directory.3pet73jp0m.dll"
                    },
                    {
-                       "hash":  "sha256-34yMohlN570l7hVY8M50ddZu8rhP91MzQgxFR5BvCF8=",
-                       "url":  "_framework/MindExecution.Plugins.PlanMaster.3nmh4z5z35.dll"
+                       "hash":  "sha256-LObinwzmz1i8etnhUMWcvdn6oZ7MSGkqfZnIcyakEFk=",
+                       "url":  "_framework/MindExecution.Plugins.PlanMaster.0pdulhmw15.dll"
                    },
                    {
-                       "hash":  "sha256-VxiyjfefagL09Utr1A8+YOy/t6F+455WI1ENfWFzqso=",
-                       "url":  "_framework/MindExecution.Plugins.YouTube.pk0nd21ct1.dll"
+                       "hash":  "sha256-eoQHQy2IbcBhJtbRR5HShNdMp7DJ4xOsFdwryQNoQrI=",
+                       "url":  "_framework/MindExecution.Plugins.YouTube.ye6w0jn4v9.dll"
                    },
                    {
-                       "hash":  "sha256-8PIYJXaYrenW4t2I7BZun1WQ8jTMUctPutWsGqdWAJk=",
-                       "url":  "_framework/MindExecution.Shared.kjl470mcqw.dll"
+                       "hash":  "sha256-7Lze2YO8XmpwxtjLCUp/J9HND7AyKJyORksP8+XAua0=",
+                       "url":  "_framework/MindExecution.Shared.oxf5h3gtl1.dll"
                    },
                    {
-                       "hash":  "sha256-TEjqD1qStW1dbPnahMdnbtzKD9hRmZnZdPTREVVMdDg=",
-                       "url":  "_framework/MindExecution.Web.w30rv8f29g.dll"
+                       "hash":  "sha256-pCKvIt9SzRGSvNRSw/7lk7eG3RyzGrTZNolf1tx5T6A=",
+                       "url":  "_framework/MindExecution.Web.s43m8j3bg0.dll"
                    },
                    {
                        "hash":  "sha256-IsZJ91/OW+fHzNqIgEc7Y072ns8z9dGritiSyvR9Wgc=",
@@ -770,7 +770,7 @@
                        "url":  "_framework/Websocket.Client.vapounvmnl.dll"
                    },
                    {
-                       "hash":  "sha256-bmXXN+uzXoKNR+7AWGzYPLKdBHoBnVGUPns77ucJlYA=",
+                       "hash":  "sha256-nFSI4H6aGg61G8/I7AXIvRFAlfAVhpij+EjRsJ4tctg=",
                        "url":  "_framework/blazor.boot.json"
                    },
                    {
@@ -834,7 +834,7 @@
                        "url":  "image-manifest.json"
                    },
                    {
-                       "hash":  "sha256-o0UhvEoaDO27HItUU1Jjt6rCMzgqbcXNVD6Or8XcEHM=",
+                       "hash":  "sha256-voojFCn8RinDrshRS7nUvpusiYKr/QFSZS0h4auGgOM=",
                        "url":  "index.html"
                    },
                    {

package/wwwroot/service-worker.js

@@ -1,4 +1,4 @@
-/* Manifest version: e510O9xl */
+/* Manifest version: mPvmdx5y */
 // Hosted deployments should prefer the network over stale offline caches.
 // This service worker immediately clears old Blazor offline caches and unregisters itself.