aiden-runtime 4.6.1 → 4.7.0

package/dist/cli/v4/aidenCLI.js

@@ -1470,6 +1470,10 @@ async function buildAgentRuntime(cliOpts, opts) {
         resolveVerifiedFlag,
         resolveToolset,
         resolveMutates,
+        // v4.7.0 Phase 2.4 — share the REPL's config-resolved honesty mode
+        // with daemon-built agents so autonomous turns honour the same
+        // setting interactive turns do.
+        honestyMode,
         maxTurns: config.getValue('agent.max_turns', 90),
     });
     // Phase v4.1.2 alive-core: SOUL.md file watcher. Best-effort —

package/dist/cli/v4/daemonAgentBuilder.js

@@ -40,6 +40,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.buildDaemonAgentBuilder = buildDaemonAgentBuilder;
 const aidenAgent_1 = require("../../core/v4/aidenAgent");
 const approvalEngine_1 = require("../../moat/approvalEngine");
+const honestyEnforcement_1 = require("../../moat/honestyEnforcement");
 // ── Implementation ─────────────────────────────────────────────────────────
 const DEFAULT_MAX_TURNS = 90;
 /**
@@ -112,11 +113,18 @@ function buildDaemonAgentBuilder(deps) {
             resolveMutates: deps.resolveMutates,
             // Memory snapshot refresh — daemon agent doesn't track dirty
             // bits because each instance is short-lived; we provide the
-            // refresh callback so honestyEnforcement-style consumers (when
-            // we add them) can still rebuild.
+            // refresh callback so honestyEnforcement (and any future
+            // consumer that needs a current memory snapshot) can rebuild.
             refreshMemorySnapshot: () => deps.memoryManager.loadSnapshot(),
-            // Scope cuts (Phase 7b): no plannerGuard, no honestyEnforcement,
-            // no skillTeacher, no skillMiner. These add LLM calls + state
+            // v4.7.0 Phase 2.4 — HonestyEnforcement is now structural
+            // (reads tool trace only, no natural-language scanning) and
+            // cheap enough to run on autonomous daemon turns. Mode mirrors
+            // the REPL's config-resolved value (default 'enforce'); the
+            // footer appended in enforce mode is captured by the daemon
+            // dispatcher's run_events and surfaced in the channel reply.
+            honestyEnforcement: new honestyEnforcement_1.HonestyEnforcement(deps.honestyMode ?? 'enforce'),
+            // Scope cuts (Phase 7b, still deferred): no plannerGuard, no
+            // skillTeacher, no skillMiner. These add LLM calls + state
             // that don't fit the daemon's "fire and act" pattern.
         });
         // Q-P7b-4(b) — minimal per-turn stdout line for tail-friendly

package/dist/core/v4/aidenAgent.js

@@ -372,25 +372,21 @@ class AidenAgent {
         // 8. Run the tool-calling loop.
         const loopResult = await this.runTurnLoop(messages, narrowedTools, trackers, options);
         // 9. Honesty post-loop scan (only if loop ended with a normal stop).
+        //
+        // v4.7.0 Phase 2.3 — the verifier now records deterministic
+        // outcome events from `toolCallTrace` (not regex over the
+        // assistant's text). When `findings.length > 0` AND mode is
+        // `enforce`, it returns an append-only `footer` we concatenate
+        // to `finalContent`. The model's text is NEVER rewritten —
+        // that was the v4.6.x failure mode this verifier replaces.
         let honestyFindings;
         let finalContent = loopResult.finalContent;
         if (this.honestyEnforcement && loopResult.finishReason === 'stop') {
             try {
                 const scan = await this.honestyEnforcement.check(finalContent, loopResult.messages, loopResult.toolCallTrace);
-                if (!scan.passed) {
-                    honestyFindings = scan.findings;
-                    if (scan.correctedResponse) {
-                        finalContent = scan.correctedResponse;
-                        // Reflect the corrected text in the message history too so
-                        // /debug-prompt and /usage agree on the final string.
-                        for (let i = loopResult.messages.length - 1; i >= 0; i--) {
-                            const m = loopResult.messages[i];
-                            if (m.role === 'assistant' && (!m.toolCalls || m.toolCalls.length === 0)) {
-                                loopResult.messages[i].content = finalContent;
-                                break;
-                            }
-                        }
-                    }
+                honestyFindings = scan.findings;
+                if (scan.footer) {
+                    finalContent = `${finalContent}\n\n${scan.footer}`;
                 }
             }
             catch {
@@ -970,6 +966,15 @@ class AidenAgent {
                     result: result.result,
                     error: result.error,
                     verified: this.resolveVerifiedFlag?.(result),
+                    // v4.7.0 Phase 2.3 — stamp the handler's `mutates` flag
+                    // at dispatch time so the post-loop honesty verifier can
+                    // distinguish mutating vs read-only failures without
+                    // needing a registry handle. Defaults to `false` for
+                    // unknown tools (the resolver returns undefined) — read-
+                    // only tools that error are surfaced via the tool-trail
+                    // row already; the verifier deliberately stays quiet
+                    // about them.
+                    handlerMutates: this.resolveMutates?.(call.name) ?? false,
                     // v4.2 Phase 1 — verification surfaces alongside the trace
                     // entry for downstream callers (chatSession, loopTrace,
                     // future RecoveryReport). Undefined when TCE is off.

package/dist/core/v4/sandboxFs.js

@@ -94,7 +94,7 @@ function expandPathInline(input, cwd) {
 }
 /**
  * Boundary-aware containment check. `path.relative` avoids the
- * `/home/user-evil` vs `/home/user` false positive that a naive
+ * `<root>/user-evil` vs `<root>/user` false positive that a naive
  * `startsWith` would produce.
  */
 function isWithin(child, parent) {

package/dist/core/v4/subagent/childBuilder.js

@@ -33,6 +33,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ProviderNotFoundError = exports.SUBAGENT_BLOCKED_TOOL_NAMES = void 0;
 exports.buildChildAgent = buildChildAgent;
 const approvalEngine_1 = require("../../../moat/approvalEngine");
+const honestyEnforcement_1 = require("../../../moat/honestyEnforcement");
 const aidenAgent_1 = require("../aidenAgent");
 const providerFallback_1 = require("../providerFallback");
 // ── Hard-coded blocklist (Q5 from design doc §2) ────────────────────────────
@@ -177,10 +178,16 @@ function buildChildAgent(deps, input) {
     // Pure no-op when runStore is absent (unit tests of buildChildAgent).
     const onToolCall = buildOnToolCall(deps);
     // ── 7. Build the child agent ─────────────────────────────────────────────
-    // Focused worker config: omit plannerGuard, honestyEnforcement,
-    // skillTeacher, skillMiner, contextCompressor, promptCaching,
-    // promptBuilder. Match the daemon agent's "act on the task, don't
-    // self-improve" shape.
+    // Focused worker config: omit plannerGuard, skillTeacher, skillMiner,
+    // contextCompressor, promptCaching, promptBuilder. Match the daemon
+    // agent's "act on the task, don't self-improve" shape.
+    //
+    // v4.7.0: HonestyEnforcement is now structural (reads tool trace only,
+    // no natural-language scanning) and cheap enough to run in subagents.
+    // Mode is 'detect' here — events are captured into the child's run
+    // record but never produce user-visible output (subagents have no
+    // chat surface; the parent assembles their summary).
+    const childHonestyEnforcement = new honestyEnforcement_1.HonestyEnforcement('detect');
     const agent = new aidenAgent_1.AidenAgent({
         provider: childProvider,
         tools: childTools,
@@ -192,6 +199,7 @@ function buildChildAgent(deps, input) {
         resolveVerifiedFlag: deps.resolveVerifiedFlag,
         resolveToolset: deps.resolveToolset,
         resolveMutates: deps.resolveMutates,
+        honestyEnforcement: childHonestyEnforcement,
         onToolCall,
         // iterationBudgetInjection inherits the default (true) — child
         // sees its own remaining-budget hint near the end of the run.

package/dist/core/version.js

@@ -2,4 +2,4 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.VERSION = void 0;
 // AUTO-GENERATED by scripts/inject-version.js — do not edit by hand
-exports.VERSION = '4.6.1';
+exports.VERSION = '4.7.0';

package/dist/moat/honestyEnforcement.js

@@ -6,111 +6,92 @@
  * Aiden — local-first agent.
  */
 /**
- * moat/honestyEnforcement.ts — Aiden v4.0.0
+ * moat/honestyEnforcement.ts — Aiden v4.7.0 (Phase 2.3 — outcome-based verifier)
  *
- * Post-loop trace inspector. Runs after AidenAgent returns its final
- * response. Compares the response's stated actions to the actual tool
- * calls in the trace. If the model claims it did something but the trace
- * says no tool fired (or fired and failed verification), Honesty refuses
- * the claim and rewrites the response.
+ * The regex-based natural-language claim scanner (deleted in Phase 2.2)
+ * has been replaced with a deterministic outcome recorder that consumes
+ * `toolCallTrace` structurally. Two failure modes are recorded:
  *
- * The failure modes this catches:
- *   - "I saved your file to ~/notes/today.md"   → no file_write call
- *   - "I sent the email"                         → no email tool call
- *   - "I remembered that"                        → no memory_add OR memory_add returned verified=false
- *   - "I searched the web"                       → no web_search call
- *   - "I ran X"                                  → no shell_exec call
+ *   1. mutation_errored  — a tool tagged `mutates: true` (in the
+ *      registry, stamped onto trace entries at dispatch time via
+ *      `handlerMutates`) returned an `error` envelope. Path is
+ *      extracted from `result.path` when present.
  *
- * Three modes:
- *   off      — passes everything; no inspection.
- *   detect   — runs checks and populates findings, but does NOT modify the
- *              response. Useful for telemetry / canary measurement.
- *   enforce  — DEFAULT. Rewrites failed claims into honest text that lists
- *              the actual trace summary.
+ *   2. memory_unverified — a memory_* tool's result carries
+ *      `verified === false` (per Phase 9 MemoryGuard). This was
+ *      the v3 C20/C21 lying surface and remains the only memory-
+ *      specific check the verifier performs.
  *
- * Detection:
- *   1. Pattern-based (default, $0 cost) — past-tense action verbs matched
- *      against tool registry. This file owns the table.
- *   2. LLM-classified — auxiliary LLM call. Wired via the optional
- *      `llmAdapter`; defaulted off in Phase 12. Phase 13 turns it on.
+ * Modes:
+ *   off      — bypass entirely. No events recorded.
+ *   detect   — Record events; never user-visible. `findings` populated;
+ *              no `footer`.
+ *   enforce  — DEFAULT. Record events + append a short footer to the
+ *              assistant reply summarising the unverified outcomes.
+ *              The footer is APPEND-ONLY — the assistant's text is
+ *              never rewritten. (This is the key behaviour change vs
+ *              v4.6.x — append-only, never an in-place edit.)
  *
- * Critical invariant for memory:
- *   Every memory_add / memory_replace / memory_remove tool result carries
- *   a `verified` flag (per Phase 9 MemoryGuard). If the model claims
- *   "I remembered X" but `verified=false`, Honesty MUST flag this — even
- *   though a memory tool DID fire. This was the v3 C20/C21 lying surface.
- *
- * Status: PHASE 12.
+ * What the verifier intentionally does NOT do (delta vs the deleted
+ * scanner):
+ *   - It does not look at the assistant's natural-language text at all.
+ *     There's no regex matching of English verbs to tool names.
+ *   - It does not emit `no_tool_call` findings. The previous "model
+ *     claimed X but no tool fired" failure mode is gone — that was
+ *     the false-refusal class. We only record OUTCOMES that ran.
+ *   - It does not mutate `loopResult.messages`. The caller appends
+ *     the footer to its own `finalContent` string variable.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.__test__ = exports.HonestyEnforcement = void 0;
-/** Allows optional adverbs/auxiliaries between "I" and the verb:
- *  "I have", "I also", "I just", "I successfully", "I have just", etc. */
-const I_PREFIX = String.raw `\bI\s+(?:have\s+|just\s+|also\s+|already\s+|successfully\s+|then\s+|now\s+){0,3}`;
-const PATTERNS = [
-    // ── File operations (past tense only) ─────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:saved|wrote|created|modified|patched|updated)\\b[^.]*\\b(?:file|to|at|in)\\b`, 'i'),
-        tools: ['file_write', 'file_patch', 'skill_manage'],
-        label: 'file_write',
-    },
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:deleted|removed)\\s+(?:the\\s+)?(?:file|directory|folder)\\b`, 'i'),
-        tools: ['file_delete'],
-        label: 'file_delete',
-    },
-    // ── Web ────────────────────────────────────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:searched|looked\\s+up|found(?:\\s+online)?|googled)\\b`, 'i'),
-        tools: ['web_search', 'deep_research'],
-        label: 'web_search',
-    },
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:fetched|downloaded|retrieved)\\b`, 'i'),
-        tools: ['web_fetch', 'fetch_url'],
-        label: 'web_fetch',
-    },
-    // ── Shell / execution ──────────────────────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:ran|executed|called)\\b`, 'i'),
-        tools: ['shell_exec', 'execute_code', 'run_python', 'run_node'],
-        label: 'shell_exec',
-    },
-    // ── Browser ────────────────────────────────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:navigated|clicked|typed|scrolled)\\b`, 'i'),
-        tools: [
-            'browser_navigate',
-            'open_browser',
-            'browser_click',
-            'browser_type',
-            'browser_scroll',
-        ],
-        label: 'browser_action',
-    },
-    // ── Memory (verified=true required) ────────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:remembered|memori[sz]ed|noted\\s+that|saved\\s+that\\s+to\\s+memory)\\b`, 'i'),
-        tools: ['memory_add', 'memory_upsert'],
-        label: 'memory_add',
-        kind: 'memory',
-    },
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:forgot(?:ten)?|removed)\\b[^.]*\\bmemory\\b`, 'i'),
-        tools: ['memory_remove', 'memory_forget'],
-        label: 'memory_remove',
-        kind: 'memory',
-    },
-    // ── Model switch ───────────────────────────────────────────────
-    {
-        pattern: new RegExp(`${I_PREFIX}(?:switched\\s+to|changed\\s+(?:to|model\\s+to)|am\\s+now\\s+using)\\s+\\S+`, 'i'),
-        tools: ['model_switch'],
-        label: 'model_switch',
-    },
-];
-/** Negation patterns. If matched at the start of a sentence containing
- *  the claim, the claim is NOT flagged. */
-const NEGATION_RE = /\b(?:couldn'?t|cannot|can'?t|wasn'?t\s+able|unable\s+to|failed\s+to|did\s+not|didn'?t|won'?t|will\s+not)\b/i;
+exports.HonestyEnforcement = void 0;
+/**
+ * Memory tools whose results carry the `verified` flag set by
+ * MemoryGuard. The list is closed — adding a new memory_* tool
+ * means extending this set.
+ */
+const MEMORY_TOOLS = new Set([
+    'memory_add',
+    'memory_replace',
+    'memory_remove',
+]);
+/**
+ * Read `result.path` when present (file_* tools' result envelopes
+ * carry it). Returns undefined otherwise. Used only for cosmetic
+ * footer detail — never affects pass/fail outcome.
+ */
+function extractPath(result) {
+    if (result && typeof result === 'object' && 'path' in result) {
+        const p = result.path;
+        if (typeof p === 'string')
+            return p;
+    }
+    return undefined;
+}
+/**
+ * Translate a `HonestyEvent` to the legacy `HonestyFinding` shape so
+ * existing downstream consumers (chatSession, telemetry) keep working.
+ * The fine-grained kind is preserved via `reason`.
+ */
+function toFinding(event) {
+    switch (event.kind) {
+        case 'mutation_errored':
+            return {
+                claim: event.tool,
+                expectedTool: event.tool,
+                found: false,
+                confidence: 1,
+                reason: 'tool_errored',
+            };
+        case 'memory_unverified':
+            return {
+                claim: event.tool,
+                expectedTool: event.tool,
+                found: false,
+                confidence: 1,
+                reason: 'memory_verified_false',
+            };
+    }
+}
 class HonestyEnforcement {
     constructor(mode = 'enforce', llmAdapter, logger) {
         this.llmAdapter = llmAdapter;
@@ -124,20 +105,63 @@ class HonestyEnforcement {
         return this.mode;
     }
     /**
-     * Inspect a finished response against the actual tool-call trace.
-     * Returns a structured result. Caller (AidenAgent) decides whether to
-     * use `correctedResponse` or `originalResponse` based on `passed`.
+     * v4.7.0 Phase 2.3 — record deterministic unverified outcomes from
+     * the per-turn tool trace. Pure function; no I/O, no side effects.
      */
-    async check(response, _messages, toolCallTrace) {
-        if (this.mode === 'off') {
-            return {
-                passed: true,
-                findings: [],
-                confidence: 1,
-                originalResponse: response,
-            };
+    recordOutcomes(trace) {
+        const events = [];
+        for (const t of trace) {
+            if (t.error && t.handlerMutates === true) {
+                events.push({
+                    kind: 'mutation_errored',
+                    tool: t.name,
+                    reason: t.error,
+                    path: extractPath(t.result),
+                });
+                continue;
+            }
+            if (MEMORY_TOOLS.has(t.name) && t.verified === false) {
+                events.push({
+                    kind: 'memory_unverified',
+                    tool: t.name,
+                    reason: 'verification failed',
+                });
+            }
         }
-        if (!response || !response.trim()) {
+        return events;
+    }
+    /**
+     * v4.7.0 Phase 2.3 — render the append-only footer used in enforce
+     * mode. Caller concatenates with a blank line; we own the lines
+     * inside. Format: one summary line + one row per event.
+     */
+    buildFooter(events) {
+        const lines = [];
+        lines.push(`⚠️ Verifier: ${events.length} tool outcome(s) not verified this turn.`);
+        for (const e of events) {
+            if (e.kind === 'mutation_errored') {
+                const where = e.path ? ` (path: ${e.path})` : '';
+                lines.push(`- ${e.tool}${where}: errored — ${e.reason}`);
+            }
+            else {
+                lines.push(`- ${e.tool}: not verified`);
+            }
+        }
+        return lines.join('\n');
+    }
+    /**
+     * v4.7.0 Phase 2.3 — entry point. Records outcome events from the
+     * trace, converts to legacy `HonestyFinding[]` for downstream
+     * consumers, and renders an append-only footer in enforce mode.
+     *
+     * NEVER rewrites `response`. The returned `footer` is what the
+     * caller appends; the original text is preserved verbatim.
+     *
+     * Off mode short-circuits without touching the trace — minimal cost
+     * for users who opt out.
+     */
+    async check(response, _messages, trace) {
+        if (this.mode === 'off') {
             return {
                 passed: true,
                 findings: [],
@@ -145,145 +169,23 @@ class HonestyEnforcement {
                 originalResponse: response,
             };
         }
-        const findings = this.detectClaimsPattern(response, toolCallTrace);
-        const failed = findings.filter((f) => !f.found);
-        const passed = failed.length === 0;
-        const confidence = findings.length === 0
-            ? 1
-            : findings.reduce((s, f) => s + f.confidence, 0) /
-                findings.length;
-        if (this.mode === 'detect') {
-            this.logger?.('info', `[HonestyEnforcement] detect mode: ${findings.length} findings (${failed.length} failed)`);
-            return {
-                passed,
-                findings,
-                confidence,
-                originalResponse: response,
-            };
+        const events = this.recordOutcomes(trace);
+        const findings = events.map(toFinding);
+        const passed = findings.length === 0;
+        let footer;
+        if (this.mode === 'enforce' && !passed) {
+            footer = this.buildFooter(events);
         }
-        // enforce mode
-        let correctedResponse;
         if (!passed) {
-            correctedResponse = this.buildCorrection(response, failed, toolCallTrace);
-            this.logger?.('warn', `[HonestyEnforcement] enforce: rewrote response (${failed.length} failed claims)`);
+            this.logger?.('info', `honesty: ${events.length} unverified outcome(s) this turn`);
         }
         return {
             passed,
             findings,
-            confidence,
+            confidence: 1,
             originalResponse: response,
-            correctedResponse,
+            footer,
         };
     }
-    // ─────────────────────────────────────────────────────────────────────
-    // pattern detection
-    // ─────────────────────────────────────────────────────────────────────
-    detectClaimsPattern(response, trace) {
-        const findings = [];
-        const sentences = splitSentences(response);
-        for (const sentence of sentences) {
-            // Skip negated sentences entirely.
-            if (NEGATION_RE.test(sentence))
-                continue;
-            for (const pat of PATTERNS) {
-                if (!pat.pattern.test(sentence))
-                    continue;
-                const matched = sentence.match(pat.pattern);
-                const claimText = matched?.[0] ?? sentence.trim();
-                const found = this.traceSatisfies(pat, trace);
-                let reason;
-                if (!found) {
-                    if (pat.kind === 'memory' && memoryFiredButUnverified(pat, trace)) {
-                        reason = 'memory_verified_false';
-                    }
-                    else if (toolFiredButErrored(pat, trace)) {
-                        reason = 'tool_errored';
-                    }
-                    else {
-                        reason = 'no_tool_call';
-                    }
-                }
-                findings.push({
-                    claim: claimText.trim(),
-                    expectedTool: pat.tools.length === 1 ? pat.tools[0] : pat.tools,
-                    found,
-                    confidence: 0.8,
-                    reason,
-                });
-            }
-        }
-        return findings;
-    }
-    traceSatisfies(pat, trace) {
-        const matching = trace.filter((t) => pat.tools.includes(t.name) && !t.error);
-        if (matching.length === 0)
-            return false;
-        if (pat.kind === 'memory') {
-            // verified must be explicitly true
-            return matching.some((m) => m.verified === true);
-        }
-        return true;
-    }
-    // ─────────────────────────────────────────────────────────────────────
-    // correction builder
-    // ─────────────────────────────────────────────────────────────────────
-    buildCorrection(_original, failed, trace) {
-        const lines = [];
-        lines.push("I shouldn't claim actions I didn't take. Honest summary of what I actually did:");
-        lines.push('');
-        if (trace.length === 0) {
-            lines.push('- No tools were called this turn.');
-        }
-        else {
-            for (const entry of trace) {
-                const status = entry.error ? `errored (${entry.error})` : 'succeeded';
-                const verified = entry.verified === false
-                    ? ' (NOT VERIFIED)'
-                    : entry.verified === true
-                        ? ' (verified)'
-                        : '';
-                lines.push(`- ${entry.name}: ${status}${verified}`);
-            }
-        }
-        lines.push('');
-        lines.push('Refused claims:');
-        for (const f of failed) {
-            const tool = Array.isArray(f.expectedTool)
-                ? f.expectedTool.join('/')
-                : f.expectedTool;
-            const why = f.reason === 'memory_verified_false'
-                ? `(memory write returned verified=false — fact was not stored)`
-                : f.reason === 'tool_errored'
-                    ? `(tool errored)`
-                    : `(no ${tool} call in trace)`;
-            lines.push(`- "${f.claim}" ${why}`);
-        }
-        return lines.join('\n');
-    }
 }
 exports.HonestyEnforcement = HonestyEnforcement;
-// ─────────────────────────────────────────────────────────────────────
-// helpers (exported for tests)
-// ─────────────────────────────────────────────────────────────────────
-function splitSentences(text) {
-    // Split on sentence terminators while keeping reasonable bounds.
-    // Don't try to be clever about abbreviations — false positives are
-    // benign (we just inspect more granular slices).
-    return text
-        .split(/(?<=[.!?])\s+|\n+/)
-        .map((s) => s.trim())
-        .filter((s) => s.length > 0);
-}
-function memoryFiredButUnverified(pat, trace) {
-    if (pat.kind !== 'memory')
-        return false;
-    return trace.some((t) => pat.tools.includes(t.name) && !t.error && t.verified === false);
-}
-function toolFiredButErrored(pat, trace) {
-    return trace.some((t) => pat.tools.includes(t.name) && !!t.error);
-}
-exports.__test__ = {
-    splitSentences,
-    PATTERNS,
-    NEGATION_RE,
-};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aiden-runtime",
-  "version": "4.6.1",
+  "version": "4.7.0",
   "publishConfig": {
     "access": "public"
   },
@@ -254,7 +254,7 @@
     "epub2": "^3.0.2",
     "execa": "^8.0.1",
     "express": "^4.18.2",
-    "form-data": "^4.0.0",
+    "form-data": "^4.0.4",
     "imap-simple": "^5.1.0",
     "js-tiktoken": "^1.0.21",
     "js-yaml": "^4.1.1",
@@ -284,7 +284,7 @@
     "uuid": "^9.0.0",
     "whatsapp-web.js": "^1.26.0",
     "wrap-ansi": "^9.0.2",
-    "ws": "^8.20.0"
+    "ws": "^8.20.1"
   },
   "optionalDependencies": {
     "decibri": "*",
@@ -296,7 +296,13 @@
     "semver": "^7.5.2",
     "postcss": "^8.5.10",
     "hono": "^4.12.16",
-    "minimatch": "^9.0.9"
+    "minimatch": "^9.0.9",
+    "qs": ">=6.14.1",
+    "tough-cookie": ">=4.1.3",
+    "protobufjs": ">=7.5.8",
+    "request": {
+      "form-data": "^2.5.5"
+    }
   },
   "devDependencies": {
     "@types/better-sqlite3": "^7.6.13",