@mutmutco/cli 2.56.0 → 2.57.0

package/dist/saga.cjs

@@ -3612,7 +3612,6 @@ async function runHeadEngine(prompt, timeoutMs = HEAD_ENGINE_TIMEOUT_MS) {
 }
 
 // src/saga-health.ts
-var MEMORY_STALE_DAYS = 14;
 var SESSION_START_LIVENESS = { attempts: 1, timeoutMs: 3e3 };
 function buildHealth(i) {
   const problems = [];
@@ -3625,9 +3624,6 @@ function buildHealth(i) {
   if (i.reachable && i.authorized === false) problems.push("saga backend rejected authenticated state access");
   if (!i.key.sessionId || i.key.sessionId === "-") problems.push("unsafe session id");
   const warnings = [];
-  if (i.memoryAgeDays !== void 0 && i.memoryAgeDays > MEMORY_STALE_DAYS) {
-    warnings.push(`PROJECT MEMORY is ${Math.round(i.memoryAgeDays)}d stale \u2014 the saga-keeper may have stalled`);
-  }
   const safeToWrite = problems.length === 0;
   return {
     ok: safeToWrite,
@@ -3642,8 +3638,7 @@ function buildHealth(i) {
     key: i.key,
     source: i.source,
     problems,
-    warnings,
-    memoryAgeDays: i.memoryAgeDays
+    warnings
   };
 }
 function healthBanner(report) {
@@ -4407,6 +4402,23 @@ function hardExit(code) {
   process.exit(code);
 }
 
+// src/continuity-access.ts
+var CONTINUITY_OWNER_LOGIN = "jervaise";
+function continuityAllowedForLogin(login) {
+  return login?.trim().toLowerCase() === CONTINUITY_OWNER_LOGIN;
+}
+async function firstLogin(source, read) {
+  const login = (await read?.().catch(() => void 0))?.trim();
+  if (!login) return null;
+  return { allowed: continuityAllowedForLogin(login), login, source };
+}
+async function resolveContinuityAccess(deps) {
+  return await firstLogin("hub-session", deps.hubLogin) ?? await firstLogin("github", deps.ghLogin) ?? { allowed: false, source: "unknown" };
+}
+function formatContinuityAccessDenied(kind) {
+  return `${kind}: continuity is restricted to ${CONTINUITY_OWNER_LOGIN}`;
+}
+
 // src/stdin-inject.ts
 var import_node_fs7 = require("node:fs");
 var injectedStdin;
@@ -4472,12 +4484,33 @@ var execFileP3 = (file, args, options = {}) => (
   // promisify(execFile)'s overloads widen to string|Buffer when options is spread in.
   rawExecFileP2(file, args, { encoding: "utf8", windowsHide: true, timeout: DEFAULT_EXEC_TIMEOUT_MS, killSignal: "SIGTERM", ...options })
 );
+var cachedGithubLogin;
+async function githubLogin() {
+  cachedGithubLogin ??= execFileP3("gh", ["api", "user", "--jq", ".login"]).then(({ stdout }) => stdout.trim() || void 0).catch(() => void 0);
+  return cachedGithubLogin;
+}
 async function hubHeaders(extra = {}) {
   const cfg = await loadConfig();
   const t = await hubAuthToken({ baseUrl: cfg.sagaApiUrl ?? defaultHubUrl(), githubToken });
   const base = { ...clientVersionHeaders(), ...extra };
   return t ? { ...base, Authorization: `Bearer ${t}` } : base;
 }
+async function continuityAccess() {
+  const cfg = await loadConfig();
+  return resolveContinuityAccess({
+    hubLogin: async () => (await hubAuthSession({ baseUrl: cfg.sagaApiUrl ?? defaultHubUrl(), githubToken }))?.login,
+    ghLogin: githubLogin
+  });
+}
+async function requireContinuityAccess(kind, opts = {}, io) {
+  const access = await continuityAccess();
+  if (access.allowed) return true;
+  if (!opts.quiet) {
+    (io ?? consoleIo).err(formatContinuityAccessDenied(kind));
+    process.exitCode = 1;
+  }
+  return false;
+}
 var CONFIG_FILE = ".mmi/config.json";
 async function loadConfig() {
   let file = {};
@@ -4549,6 +4582,7 @@ async function postCaptureOnce(sagaApiUrl, body) {
   }
 }
 async function postCapture(capture, quiet = false) {
+  if (!await requireContinuityAccess("saga", { quiet })) return;
   const cfg = await loadConfig();
   if (!cfg.sagaApiUrl) {
     if (!quiet) console.error("mmi-cli saga: Hub API URL not configured");
@@ -4571,6 +4605,7 @@ function spawnSagaFlush() {
 }
 async function maybeSpawnHeadUpdate() {
   try {
+    if (!await requireContinuityAccess("saga", { quiet: true })) return;
     const gateKey = await sagaKey(await loadConfig());
     const tsPath = headTsPath(gateKey);
     if (!headGateDue(tsPath)) return;
@@ -4595,6 +4630,7 @@ function installProcessBackstop() {
 
 // src/saga-commands.ts
 async function runNote(summary, o) {
+  if (!await requireContinuityAccess("saga")) return;
   const [sha, key] = await Promise.all([gitOut(["rev-parse", "--short", "HEAD"]), sagaKey(await loadConfig())]);
   const capture = buildNoteCapture(summary, o, (0, import_node_crypto3.randomUUID)(), { sha: sha || void 0, branch: key.branch });
   await postCapture(capture);
@@ -4608,6 +4644,10 @@ function resolveSummary(summary, o) {
   });
 }
 async function runSagaFlush(o, io = consoleIo) {
+  if (!await requireContinuityAccess("saga", { quiet: o.run }, io)) {
+    if (o.json) io.log(JSON.stringify({ flushed: 0, dropped: 0, remaining: 0, restricted: true }));
+    return;
+  }
   if (o.run) {
     try {
       const cfg2 = await loadConfig();
@@ -4631,6 +4671,7 @@ async function runSagaFlush(o, io = consoleIo) {
   io.log(`saga flush: rolled forward ${result.flushed}, dropped ${result.dropped.length}, ${result.remaining} still pending`);
 }
 async function runSagaShow(opts, io = consoleIo) {
+  if (!await requireContinuityAccess("saga", { quiet: opts.quiet }, io)) return;
   const cfg = await loadConfig();
   if (!cfg.sagaApiUrl) {
     if (opts.quiet) return;
@@ -4679,20 +4720,11 @@ async function probeSagaAccess(url, key) {
     return false;
   }
 }
-async function fetchMemoryAge(url, project) {
-  try {
-    const qs = new URLSearchParams({ project }).toString();
-    const res = await fetch(`${url}/saga/memory-age?${qs}`, { headers: await hubHeaders(), signal: AbortSignal.timeout(8e3) });
-    if (!res.ok) return void 0;
-    const body = await res.json();
-    if (!body.updatedAt) return void 0;
-    const ms = Date.now() - Date.parse(body.updatedAt);
-    return Number.isFinite(ms) && ms >= 0 ? ms / 864e5 : void 0;
-  } catch {
-    return void 0;
-  }
-}
 async function runSagaHealth(o, io = consoleIo) {
+  if (!await requireContinuityAccess("saga", { quiet: o.quiet || o.banner }, io)) {
+    if (o.json) io.log(JSON.stringify({ ok: false, restricted: true, problems: ["continuity is restricted to jervaise"], warnings: [] }));
+    return;
+  }
   const cfg = await loadConfig();
   const session = resolveSessionId();
   const key = await sagaKey(cfg, session);
@@ -4703,7 +4735,6 @@ async function runSagaHealth(o, io = consoleIo) {
     cfg.sagaApiUrl ? probeBackend(cfg.sagaApiUrl, livenessOpts) : Promise.resolve({ reachable: false })
   ]);
   const authorized = o.banner ? void 0 : cfg.sagaApiUrl && liveness.reachable ? await probeSagaAccess(cfg.sagaApiUrl, key) : void 0;
-  const memoryAgeDays = o.banner ? void 0 : cfg.sagaApiUrl && liveness.reachable ? await fetchMemoryAge(cfg.sagaApiUrl, key.project) : void 0;
   const report = buildHealth({
     key,
     source,
@@ -4713,8 +4744,7 @@ async function runSagaHealth(o, io = consoleIo) {
     livenessMessage: liveness.message,
     authorized,
     sagaApiUrl: cfg.sagaApiUrl,
-    pendingNotes: readPending().length,
-    memoryAgeDays
+    pendingNotes: readPending().length
   });
   if (o.json) return io.log(JSON.stringify(report));
   if (o.banner) {
@@ -4731,6 +4761,7 @@ async function runSagaHealth(o, io = consoleIo) {
   if (report.pendingNotes > 0) io.log(` - ${report.pendingNotes} note(s) queued locally \u2014 \`mmi-cli saga flush\` to roll forward`);
 }
 async function fetchSagaHead(io = consoleIo) {
+  if (!await requireContinuityAccess("saga", {}, io)) return null;
   const cfg = await loadConfig();
   if (!cfg.sagaApiUrl) {
     io.err("saga snapshot: Hub API URL not configured");
@@ -4752,6 +4783,7 @@ async function fetchSagaHead(io = consoleIo) {
   }
 }
 async function postSnapshotNotes(plan, anchorForce) {
+  if (!await requireContinuityAccess("saga")) return;
   const [sha, key] = await Promise.all([gitOut(["rev-parse", "--short", "HEAD"]), sagaKey(await loadConfig())]);
   const evidence = { sha: sha || void 0, branch: key.branch };
   for (const idx of [...plan.clearIndices].sort((a, b) => b - a)) {
@@ -4786,7 +4818,7 @@ async function runSagaSnapshotSet(snapshot, opts = {}, io = consoleIo) {
   io.log(`saga snapshot: wrote ${snapshot.kind} snapshot (retired ${plan.clearIndices.length}, ${plan.queueOps.length + 1} capture(s))`);
 }
 function registerSagaCommands(program2) {
-  const saga = program2.command("saga").description("per-session continuity");
+  const saga = program2.command("saga").description("Jervaise-only per-session continuity");
   saga.command("note [summary]").description("record a one-line structured note into your saga (the per-turn capture)").option("--next <text>", 'set "where I left off" (NEXT)').option("--decision <text>", "append a verbatim decision").option("--queue-add <text>", "add a worklist item").option("--queue-done <n>", "mark worklist item N done").option("--verified", "mark this claim as checked against source (state: verified, else asserted)").option("--diagnostic", "isolate a probe write (state: diagnostic, source: probe) \u2014 never resume/LAST 5").option("--supersedes <key>", "retire prior decisions matching an evidence key (pr:N | file:path)").option("--anchor <intent>", "set the sprint North-Star (write-protected; needs --anchor-force to change)").option("--anchor-slug <slug>", "bind the anchor to a North Star plan slug (SSOT at plans/.../<slug>.md)").option("--anchor-force", "overwrite an existing anchor").option("--message-file <path|->", "read the summary from a UTF-8 file, or from stdin with - (avoids cmd.exe quoting)").action(async (summary, o) => {
     let text;
     try {
@@ -4806,9 +4838,10 @@ function registerSagaCommands(program2) {
     await runNote(text, { ...o, diagnostic: true });
   });
   saga.command("flush").option("--json", "machine-readable {flushed, dropped, remaining}").option("--run", "detached worker: drain the queue silently (spawned by note/capture)").description("roll the local pending-note queue forward (re-POST queued saga writes); reports what landed").action((o) => runSagaFlush(o));
-  saga.command("show").option("--quiet", "no-op silently when unconfigured/unreachable (SessionStart hook)").option("--latest-anywhere", "resume the newest saga across all repos (default: current repo)").description("print your resume block \u2014 current repo HEAD + project memory (where you left off)").action((opts) => runSagaShow(opts));
+  saga.command("show").option("--quiet", "no-op silently when unconfigured/unreachable (SessionStart hook)").option("--latest-anywhere", "resume the newest saga across all repos (default: current repo)").description("print your resume block \u2014 current repo HEAD + live decisions").action((opts) => runSagaShow(opts));
   saga.command("capture").option("--quiet", "capture silently (for the Stop hook)").description("per-turn deterministic capture (Stop hook): turn boundary + current sha + gated HEAD-update").action(async (opts) => {
     if (!isOrgRepoRoot()) return;
+    if (!await requireContinuityAccess("saga", { quiet: opts.quiet })) return;
     const hook = parseHookInput(await readStdin());
     if (hook.session_id) persistSession(hook.session_id);
     await postCapture({ event: "stop", id: (0, import_node_crypto3.randomUUID)(), source: "hook", sha: await gitOut(["rev-parse", "--short", "HEAD"]), surface: agentSurface() }, opts.quiet ?? false);
@@ -4816,10 +4849,12 @@ function registerSagaCommands(program2) {
   });
   saga.command("session").option("--quiet", "silent (for the SessionStart hook)").description("persist the harness session id for this repo (SessionStart hook)").action(async () => {
     if (!isOrgRepoRoot()) return;
+    if (!await requireContinuityAccess("saga", { quiet: true })) return;
     const hook = parseHookInput(await readStdin());
     if (hook.session_id) persistSession(hook.session_id);
   });
   saga.command("head-update").option("--run", "detached worker: fetch state, run the engine, post the curated HEAD").option("--quiet", "silent (Stop hook)").description("curate the smart HEAD in the background (engine via SAGA_HEAD_ENGINE; default local claude)").action(async (o) => {
+    if (!await requireContinuityAccess("saga", { quiet: o.quiet || o.run })) return;
     if (!o.run) {
       return maybeSpawnHeadUpdate();
     }
@@ -4844,6 +4879,7 @@ function registerSagaCommands(program2) {
     }
   });
   saga.command("key").option("--json", "machine-readable output").description("print the resolved saga key + session-id source (no write)").action(async (o) => {
+    if (!await requireContinuityAccess("saga")) return;
     const cfg = await loadConfig();
     const session = resolveSessionId();
     const key = await sagaKey(cfg, session);
@@ -4983,6 +5019,7 @@ function socketPath(env = process.env, platform2 = process.platform, user) {
   return platform2 === "win32" ? `\\\\.\\pipe\\mmi-cli-${hash}` : (0, import_node_path8.join)(daemonDir(env), `mmi-cli-${hash}.sock`);
 }
 var HOT_VERBS = /* @__PURE__ */ new Set(["note", "probe", "capture", "session", "head-update"]);
+var CONTINUITY_HOT_VERBS = /* @__PURE__ */ new Set(["note", "probe", "capture", "session", "head-update"]);
 function argvReadsStdin(args) {
   for (let i = 0; i < args.length; i++) {
     const a = args[i];
@@ -4992,7 +5029,8 @@ function argvReadsStdin(args) {
   return false;
 }
 function daemonEligible(args) {
-  return args[0] === "saga" && HOT_VERBS.has(args[1] ?? "") && !args.includes("--run") && !args.includes("--help") && !args.includes("-h") && !argvReadsStdin(args);
+  const verb = args[1] ?? "";
+  return args[0] === "saga" && HOT_VERBS.has(verb) && !CONTINUITY_HOT_VERBS.has(verb) && !args.includes("--run") && !args.includes("--help") && !args.includes("-h") && !argvReadsStdin(args);
 }
 function buildStamp(version, bundleMtimeMs) {
   return `${version}#${Math.trunc(bundleMtimeMs)}`;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mutmutco/cli",
-  "version": "2.56.0",
-  "description": "MMI Future CLI — delivers the org rules (whole-file), plus saga and KB access. The cross-IDE engine the plugin's SessionStart hook drives.",
+  "version": "2.57.0",
+  "description": "MMI Future CLI — delivers the org rules (whole-file), Jervaise-only continuity, and KB access. The cross-IDE engine the plugin's SessionStart hook drives.",
   "type": "module",
   "license": "UNLICENSED",
   "author": {

package/dist/overlord-controller.cjs

@@ -1,322 +0,0 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-
-// src/overlord-controller.ts
-var import_node_fs3 = require("node:fs");
-var import_node_path2 = require("node:path");
-
-// src/overlord.ts
-var import_node_fs2 = require("node:fs");
-var import_node_path = require("node:path");
-
-// src/atomic-write.ts
-var import_node_fs = require("node:fs");
-function atomicWriteFileSync(path, content) {
-  const tmp = `${path}.${process.pid}.tmp`;
-  (0, import_node_fs.writeFileSync)(tmp, content, "utf8");
-  (0, import_node_fs.renameSync)(tmp, path);
-}
-
-// src/overlord.ts
-function isoNow(now = () => /* @__PURE__ */ new Date()) {
-  return now().toISOString();
-}
-function buildCodexFuguLaunch(slot, options) {
-  const args = [];
-  if (slot.role === "ultra") args.push("--model", "fugu-ultra");
-  args.push("--no-alt-screen");
-  if (options.profile === "full-trust-repair") {
-    args.push("-a", "never", "-s", "danger-full-access");
-    if (options.cwd) args.push("-C", options.cwd);
-    return { command: "codex-fugu", args };
-  }
-  const sandbox = options.profile === "implementation" ? "workspace-write" : "read-only";
-  if (options.profile === "implementation" && !options.cwd) {
-    throw new Error("implementation servant launch requires an owned worktree cwd");
-  }
-  args.push(
-    "-a",
-    "never",
-    "-s",
-    sandbox,
-    "-c",
-    'sandbox_permissions=["disk-full-read-access"]'
-  );
-  if (options.cwd) args.push("-C", options.cwd);
-  return { command: "codex-fugu", args };
-}
-function readOverlordRegistry(statePath2) {
-  if (!(0, import_node_fs2.existsSync)(statePath2)) return { runs: {} };
-  try {
-    const parsed = JSON.parse((0, import_node_fs2.readFileSync)(statePath2, "utf8"));
-    return { activeRunId: parsed.activeRunId, runs: parsed.runs ?? {} };
-  } catch {
-    return { runs: {} };
-  }
-}
-function writeOverlordRegistry(statePath2, registry) {
-  (0, import_node_fs2.mkdirSync)((0, import_node_path.dirname)(statePath2), { recursive: true });
-  atomicWriteFileSync(statePath2, `${JSON.stringify(registry, null, 2)}
-`);
-}
-function recordOverlordHeartbeat(run, options) {
-  const timestamp = isoNow(options.now);
-  const controllerResource = {
-    kind: "process",
-    pid: options.controllerPid,
-    commandName: "mmi-cli overlord controller",
-    runId: run.runId,
-    runToken: run.runToken,
-    fingerprint: options.fingerprint
-  };
-  const others = run.ownedResources.filter((resource) => resource.commandName !== "mmi-cli overlord controller");
-  return {
-    ...run,
-    state: run.state === "starting" ? "active" : run.state,
-    updatedAt: timestamp,
-    controllerPid: options.controllerPid,
-    controllerFingerprint: options.fingerprint,
-    lastControllerHeartbeatAt: timestamp,
-    ownedResources: [controllerResource, ...others]
-  };
-}
-function recordOverlordControllerHeartbeat(runId2, statePath2, fingerprint2, controllerPid, now = () => /* @__PURE__ */ new Date()) {
-  const registry = readOverlordRegistry(statePath2);
-  const run = registry.runs[runId2];
-  if (!run || run.state === "stopped" || run.state === "failed") return false;
-  const next = recordOverlordHeartbeat(run, { controllerPid, fingerprint: fingerprint2, now });
-  writeOverlordRegistry(statePath2, {
-    ...registry,
-    activeRunId: registry.activeRunId ?? runId2,
-    runs: { ...registry.runs, [runId2]: next }
-  });
-  return true;
-}
-
-// src/overlord-controller.ts
-var [runId, statePath, fingerprint] = process.argv.slice(2);
-if (!runId || !statePath || !fingerprint) {
-  console.error("mmi-cli overlord controller: missing run id, state path, or fingerprint");
-  process.exit(2);
-}
-var intervalMs = Number(process.env.MMI_OVERLORD_HEARTBEAT_MS ?? 1e4);
-var servants = /* @__PURE__ */ new Map();
-function heartbeat() {
-  const alive = recordOverlordControllerHeartbeat(runId, statePath, fingerprint, process.pid);
-  if (!alive) process.exit(0);
-}
-function servantPrompt(servant, run) {
-  const roleLine = servant.role === "ultra" ? "You are the single Ultra Fugu: take the hardest, highest-uncertainty questions and report calibrated judgment." : "You are a normal Fugu servant: take one bounded mission at a time and report concise evidence.";
-  return [
-    `You are ${servant.name} in Overlord run ${run.runId}.`,
-    roleLine,
-    "First respond with exactly: ACK " + servant.name + " ready",
-    "After the ACK, wait for the Overlord to assign bounded work.",
-    "Do not start dev servers, browsers, Playwright, PRs, merges, releases, or worktree changes unless the Overlord explicitly assigns that scope.",
-    "When assigned work, gather evidence before editing, verify before claiming done, and escalate blockers instead of looping."
-  ].join("\n");
-}
-function quoteCmdArg(arg) {
-  const normalized = arg.replace(/\r?\n/g, " ");
-  return `"${normalized.replace(/"/g, '\\"')}"`;
-}
-function ptyLaunchCommand(command, args) {
-  if (process.platform !== "win32") return { file: command, args };
-  return {
-    file: "cmd.exe",
-    args: `/d /s /c ${command} ${args.map(quoteCmdArg).join(" ")}`
-  };
-}
-function servantFingerprint(run, servant) {
-  return `mmi-overlord-servant:${run.runId}:${servant.slotId}`;
-}
-function writeJournal(servant, text) {
-  try {
-    (0, import_node_fs3.mkdirSync)((0, import_node_path2.dirname)(servant.journalPath), { recursive: true });
-    (0, import_node_fs3.appendFileSync)(servant.journalPath, text, "utf8");
-  } catch {
-  }
-}
-function upsertOwnedResource(resources, resource) {
-  return [
-    resource,
-    ...resources.filter(
-      (existing) => !(existing.kind === resource.kind && existing.pid === resource.pid && existing.fingerprint === resource.fingerprint)
-    )
-  ];
-}
-function updateServant(slotId, mutate) {
-  const registry = readOverlordRegistry(statePath);
-  const run = registry.runs[runId];
-  if (!run) return;
-  const nextServants = run.servants.map((servant) => servant.slotId === slotId ? mutate(run, servant) : servant);
-  writeOverlordRegistry(statePath, {
-    ...registry,
-    runs: {
-      ...registry.runs,
-      [runId]: {
-        ...run,
-        updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
-        servants: nextServants
-      }
-    }
-  });
-}
-function recordServantStart(run, servant, pid, servantFp) {
-  const registry = readOverlordRegistry(statePath);
-  const current = registry.runs[run.runId] ?? run;
-  const resource = {
-    kind: "process",
-    pid,
-    commandName: "codex-fugu",
-    runId: run.runId,
-    runToken: run.runToken,
-    fingerprint: servantFp
-  };
-  writeOverlordRegistry(statePath, {
-    ...registry,
-    activeRunId: registry.activeRunId ?? run.runId,
-    runs: {
-      ...registry.runs,
-      [run.runId]: {
-        ...current,
-        updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
-        servants: current.servants.map((item) => item.slotId === servant.slotId ? {
-          ...item,
-          state: "starting",
-          pid,
-          fingerprint: servantFp,
-          composerSubmitMode: "crlf",
-          lastLivenessCheckAt: (/* @__PURE__ */ new Date()).toISOString()
-        } : item),
-        ownedResources: upsertOwnedResource(current.ownedResources, resource)
-      }
-    }
-  });
-}
-function markServantExit(slotId) {
-  updateServant(slotId, (_run, servant) => ({
-    ...servant,
-    state: servant.state === "stopped" ? "stopped" : "lost",
-    lastLivenessCheckAt: (/* @__PURE__ */ new Date()).toISOString()
-  }));
-}
-function markServantAck(slotId) {
-  updateServant(slotId, (_run, servant) => ({
-    ...servant,
-    state: "ready",
-    lastAckAt: (/* @__PURE__ */ new Date()).toISOString(),
-    lastUsefulSignalAt: (/* @__PURE__ */ new Date()).toISOString()
-  }));
-}
-function messageTargets(run, target) {
-  if (target === "all") return run.servants;
-  return run.servants.filter((servant) => servant.slotId === target || servant.name.toLowerCase().replace(/\s+/g, "-") === target);
-}
-function deliverPendingMessages() {
-  const registry = readOverlordRegistry(statePath);
-  const run = registry.runs[runId];
-  if (!run?.messages?.length) return;
-  let changed = false;
-  const nextMessages = run.messages.map((message) => {
-    if (message.startedAt || message.completedAt || message.failedAt || message.deliveredAt) return message;
-    const targets = messageTargets(run, message.target);
-    if (!targets.length) return message;
-    const liveTargets = targets.map((servant) => servants.get(servant.slotId));
-    if (liveTargets.some((servant) => !servant)) return message;
-    for (const child of liveTargets) child?.write(`${message.text}\r
-`);
-    changed = true;
-    return { ...message, state: "started", startedAt: (/* @__PURE__ */ new Date()).toISOString() };
-  });
-  if (!changed) return;
-  writeOverlordRegistry(statePath, {
-    ...registry,
-    runs: {
-      ...registry.runs,
-      [runId]: {
-        ...run,
-        updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
-        messages: nextMessages
-      }
-    }
-  });
-}
-async function launchServants() {
-  const registry = readOverlordRegistry(statePath);
-  const run = registry.runs[runId];
-  if (!run || run.state === "stopped" || run.state === "failed") return;
-  const pty = await import("@homebridge/node-pty-prebuilt-multiarch");
-  (0, import_node_fs3.mkdirSync)(run.journalDir, { recursive: true });
-  for (const servant of run.servants) {
-    if (servants.has(servant.slotId) || servant.state === "ready" || servant.state === "starting") continue;
-    const launch = buildCodexFuguLaunch(servant, { profile: servant.profile, cwd: run.worktree });
-    const command = ptyLaunchCommand(launch.command, [...launch.args, servantPrompt(servant, run)]);
-    const child = pty.spawn(command.file, command.args, {
-      name: "xterm-256color",
-      cols: 120,
-      rows: 40,
-      cwd: run.worktree,
-      env: {
-        ...process.env,
-        TERM: "xterm-256color",
-        CODEX_FUGU_NO_NOTICE: "1",
-        CODEX_FUGU_NO_UPDATE: "1"
-      }
-    });
-    servants.set(servant.slotId, child);
-    const servantFp = servantFingerprint(run, servant);
-    writeJournal(servant, `
-[overlord] launched ${launch.command} ${launch.args.join(" ")}
-`);
-    recordServantStart(run, servant, child.pid, servantFp);
-    child.onData((data) => {
-      writeJournal(servant, data);
-      if (/ACK\s+.+\s+ready/i.test(data)) markServantAck(servant.slotId);
-    });
-    child.onExit(() => {
-      servants.delete(servant.slotId);
-      markServantExit(servant.slotId);
-    });
-  }
-}
-function shutdown() {
-  for (const child of servants.values()) {
-    try {
-      child.kill();
-    } catch {
-    }
-  }
-  process.exit(0);
-}
-process.on("SIGTERM", shutdown);
-process.on("SIGINT", shutdown);
-heartbeat();
-if (process.env.MMI_OVERLORD_SKIP_SERVANT_LAUNCH !== "1") {
-  void launchServants().then(deliverPendingMessages).catch(() => void 0);
-}
-setInterval(() => {
-  heartbeat();
-  deliverPendingMessages();
-}, Number.isFinite(intervalMs) && intervalMs > 0 ? intervalMs : 1e4);