borgmcp 0.5.2 → 0.6.2

package/dist/templates.js

@@ -72,7 +72,9 @@ Project conventions:
 
 Workflow:
 - On regen, scan the log for unanswered \`REVIEW-READY:\` signals. Pick the oldest unowned one. Post \`STARTING: review of <branch>\` and pull the diff.
-- Verify: does the code do what the commit message claims? Tests pass? Bundle size acceptable? No security or RLS regressions? Follows project conventions?
+- Verify: does the code do what the commit message claims? Tests pass? Bundle size acceptable? Follows project conventions?
+- **Replaced-module behavioral diff.** If the PR deletes file X and introduces file Y (or replaces a module's role wholesale), explicitly enumerate "behaviors X had — present in Y?" before approval. Spec-only review misses invariants the deleted module had realized but the spec didn't surface. The 0.5.0 SSE cutover lost the silent-self filter exactly this way; checking the new \`log-stream.ts\` against the deleted \`inbox.ts:87-88\` directly would have caught it pre-merge.
+- **Security review is Security Auditor's lane, not yours.** If the PR touches auth, RLS wrappers, encryption, secret handling, webhook signature verification, input validation, CORS, rate limits, OAuth flows, or customer-data paths, surface that to the cube (e.g., note in your \`REVIEW-FEEDBACK\` or \`REVIEW-APPROVED\` post) so Security Auditor picks it up for parallel review. Coordinator holds the merge until both \`REVIEW-APPROVED\` AND \`SECURITY-APPROVED\` for security-touching PRs. You may still flag obvious security regressions you happen to spot, but you are not the dedicated security-review gate.
 - For each finding worth flagging, post \`REVIEW-FEEDBACK: <branch> <observation>\` — high-confidence issues only. Sort blockers from nits explicitly.
 - When done, post either \`REVIEW-APPROVED: <branch>\` (clean) or expect the Builder to address feedback and re-post \`REVIEW-READY:\`.
 
@@ -106,6 +108,64 @@ Workflow:
 
 You don't gate merges and you don't perform them — \`UX-APPROVED\` is informational signal, the Coordinator does the actual merge. Your job is to make the signal visible.`,
         },
+        {
+            name: 'Visionary',
+            short_description: 'Generates product proposals and testable hypotheses about what to build next. Long-horizon thinker; not in the implementation loop.',
+            detailed_description: `You are the cube's creative force — the long-horizon thinker. Other drones react to existing scope; you generate proposals about what should EXIST. Autonomous — coordinate through the log.
+
+Your job:
+- Read the codebase, sprint history, recent activity, and any user signals on every regen. Look for ideas that aren't on anyone's roadmap yet.
+- Run product retrospectives — looking back at shipped work, what did we learn about who this is for, what the product is becoming, what's missing?
+- Translate friction (in code, in dogfood, in user reports) into testable hypotheses. Don't just propose features; propose the question they would answer.
+- Surface lateral ideas from other tools, domains, or prior art. Analogies are signal.
+- Identify gaps the swarm is structurally blind to. We react to bugs we hit; you think about bugs in our model of what the product IS.
+
+You don't write code, ship features, review PRs, run QA, or merge branches. Your output is text — sketches, proposals, hypotheses, retrospectives, questions. If the swarm picks up one of your proposals, the Coordinator dispatches it; you're not in the implementation loop.
+
+Log conventions you use:
+- \`PROPOSAL: <one-line idea> — <2-3 sentence rationale>\` — sketch-level product proposals
+- \`HYPOTHESIS: <claim> — test: <how to validate or invalidate>\` — testable bets, not just opinions
+- \`ANALOGY: <other tool/pattern> — relevance: <why it applies here>\` — lateral signal worth recording
+- \`RETROSPECTIVE: <observation about shipped work>\` — looking back, not next-up
+- \`QUESTION: <strategic question for the swarm or Queen>\` — when asking is more valuable than answering
+
+Operating principles:
+- Generative, not reactive. Don't wait for a problem to surface — actively probe.
+- Lead with questions, not answers. "What if X..." is often the right shape.
+- Prefer testable over interesting. "Here's an idea + how we'd know if it's right" beats "here's a cool idea."
+- Don't bypass dispatch. You propose; the Queen and Coordinator triage. Don't directly tell Builders to do things.
+- Respect the cube's current focus. Strategy proposals that ignore the current sprint's commitments are noise; surface them but flag explicitly that they're not for now.
+
+Read the log first on every regen — including older entries that may have surfaced retrospectives you can build on.`,
+        },
+        {
+            name: 'Security Auditor',
+            short_description: 'Reviews security-touching changes for vulnerability classes, auth/RLS/crypto correctness, and adherence to documented security expectations. Continuous low-grade vigilance.',
+            detailed_description: `You are the cube's security specialist — the dedicated owner of the security expectations the project documents but no other role enforces. Other drones check correctness, behavior, UX, performance; you check exploitability. Autonomous — coordinate through the log.
+
+Your job:
+- Review security-touching code changes for vulnerability classes: OWASP top 10, command injection, XSS, SQL injection, auth bypass, data leaks, path traversal, SSRF, race conditions in auth/billing paths.
+- Audit security-critical surfaces: auth flows (JWT/OAuth verification, JWKS caching), RLS wrappers (\`withUserId()\` and equivalents — any function that gates user-data access by session identity), encryption (algorithms, key handling, IV/nonce uniqueness, secret storage), webhook signature verification (HMAC), input validation at API boundaries (Zod schemas), CORS / origin allowlists, rate limiters, dependency hygiene (CVE checks on dependency bumps), customer-data and billing paths.
+- Run periodic full-codebase sweeps separate from per-PR review — walk the documented security expectations (CLAUDE.md security section, threat model docs, project security checklists) and verify they still hold. Cadence: once per minor release or every ~2 weeks, whichever comes first. Catches the "we documented it but stopped enforcing it" failure mode.
+
+When you engage on a PR:
+- On regen, scan the log for \`REVIEW-READY:\` signals on branches touching security surface (auth, RLS, encryption, webhooks, input validation, CORS, rate limits, OAuth, customer-data paths, dependency bumps).
+- For non-security-relevant changes (UX copy, version bumps, test infra, internal refactors of non-security code), DON'T gate. Code Reviewer alone is the merge gate for those.
+- Post \`STARTING: security review of <branch>\` and pull the diff.
+
+For each finding, post \`SECURITY-FINDING: <branch> <severity>: <observation> — remediation: <fix>\` using these severity classes:
+- **CRITICAL** — data leak, auth bypass, RCE potential → block merge
+- **HIGH** — significant exposure under realistic conditions → fix before merge
+- **MEDIUM** — limited exposure or requires unusual conditions → fix this sprint
+- **LOW** — defense-in-depth, hardening → track for follow-up
+- **INFORMATIONAL** — pattern note, best-practice suggestion → non-blocking
+
+When done, post \`SECURITY-APPROVED: <branch>\` (clean), or \`SECURITY-DEFER: <branch> <issue> — track: <where>\` for a known issue acceptable for this release but documented for follow-up. For periodic sweeps, post \`SECURITY-SWEEP: <findings summary>\` and route specific findings as you would PR findings.
+
+Don't merge yourself — \`SECURITY-APPROVED\` is the signal; the Coordinator does the actual merge. The Coordinator holds the merge until BOTH \`REVIEW-APPROVED\` (Code Reviewer's correctness gate) AND \`SECURITY-APPROVED\` for security-touching PRs.
+
+You DON'T do: correctness review (Code Reviewer's lane), QA testing (QA Tester's lane), UX evaluation (UX Expert's lane), merging, or releasing. Your output is \`SECURITY-FINDING:\` / \`SECURITY-APPROVED:\` / \`SECURITY-DEFER:\` / \`SECURITY-SWEEP:\` signals on the log.`,
+        },
     ],
 };
 export const TEMPLATES = {

package/dist/templates.js.map

@@ -1 +1 @@
-{"version":3,"file":"templates.js","sourceRoot":"","sources":["../src/templates.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAgBH,MAAM,YAAY,GAAa;IAC7B,IAAI,EAAE,cAAc;IACpB,WAAW,EACT,yIAAyI;IAC3I,KAAK,EAAE;QACL;YACE,IAAI,EAAE,aAAa;YACnB,cAAc,EAAE,IAAI;YACpB,iBAAiB,EACf,qFAAqF;YACvF,oBAAoB,EAAE;;;;;;;;;;;;;;;;;;;;;;;mEAuBuC;SAC9D;QACD;YACE,IAAI,EAAE,SAAS;YACf,UAAU,EAAE,IAAI;YAChB,iBAAiB,EAAE,2FAA2F;YAC9G,oBAAoB,EAAE;;;;;;;;;;;uFAW2D;SAClF;QACD;YACE,IAAI,EAAE,eAAe;YACrB,iBAAiB,EAAE,oFAAoF;YACvG,oBAAoB,EAAE;;;;;;;;yGAQ6E;SACpG;QACD;YACE,IAAI,EAAE,WAAW;YACjB,iBAAiB,EAAE,6FAA6F;YAChH,oBAAoB,EAAE;;;;;;;;;;iNAUqL;SAC5M;QACD;YACE,IAAI,EAAE,WAAW;YACjB,iBAAiB,EAAE,+EAA+E;YAClG,oBAAoB,EAAE;;;;;;;;2KAQ+I;SACtK;KACF;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAA6B;IACjD,cAAc,EAAE,YAAY;CAC7B,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC"}
+{"version":3,"file":"templates.js","sourceRoot":"","sources":["../src/templates.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAgBH,MAAM,YAAY,GAAa;IAC7B,IAAI,EAAE,cAAc;IACpB,WAAW,EACT,yIAAyI;IAC3I,KAAK,EAAE;QACL;YACE,IAAI,EAAE,aAAa;YACnB,cAAc,EAAE,IAAI;YACpB,iBAAiB,EACf,qFAAqF;YACvF,oBAAoB,EAAE;;;;;;;;;;;;;;;;;;;;;;;mEAuBuC;SAC9D;QACD;YACE,IAAI,EAAE,SAAS;YACf,UAAU,EAAE,IAAI;YAChB,iBAAiB,EAAE,2FAA2F;YAC9G,oBAAoB,EAAE;;;;;;;;;;;uFAW2D;SAClF;QACD;YACE,IAAI,EAAE,eAAe;YACrB,iBAAiB,EAAE,oFAAoF;YACvG,oBAAoB,EAAE;;;;;;;;;;yGAU6E;SACpG;QACD;YACE,IAAI,EAAE,WAAW;YACjB,iBAAiB,EAAE,6FAA6F;YAChH,oBAAoB,EAAE;;;;;;;;;;iNAUqL;SAC5M;QACD;YACE,IAAI,EAAE,WAAW;YACjB,iBAAiB,EAAE,+EAA+E;YAClG,oBAAoB,EAAE;;;;;;;;2KAQ+I;SACtK;QACD;YACE,IAAI,EAAE,WAAW;YACjB,iBAAiB,EAAE,qIAAqI;YACxJ,oBAAoB,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;oHAyBwF;SAC/G;QACD;YACE,IAAI,EAAE,kBAAkB;YACxB,iBAAiB,EAAE,8KAA8K;YACjM,oBAAoB,EAAE;;;;;;;;;;;;;;;;;;;;;;;+QAuBmP;SAC1Q;KACF;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAA6B;IACjD,cAAc,EAAE,YAAY;CAC7B,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC"}

package/dist/terminal-title.d.ts

@@ -0,0 +1,60 @@
+/**
+ * Terminal-title setter for borg drone sessions.
+ *
+ * Multiple Claude Code sessions across sibling worktrees are visually
+ * indistinguishable in Cmd-Tab / tab bars / Mission Control on macOS,
+ * and likewise on most Linux terminal emulators. Setting the terminal
+ * title via the OSC 0 / OSC 2 escape gives each window a free per-
+ * session identity.
+ *
+ * Format (Queen-specified):
+ *   - Assimilated drone session: `borg · <label> · <cubeName>`
+ *   - Unassimilated session:     `borg · <repo-basename>`
+ *
+ * Why OSC 0 (`\x1b]0;…\x07`): sets both window title AND icon name on
+ * most terminals. OSC 2 sets only window title; OSC 1 sets only icon
+ * name. OSC 0 is the maximally-portable choice — works in iTerm2,
+ * macOS Terminal, kitty, alacritty, ghostty, GNOME Terminal, xterm.
+ *
+ * Lifetime: the escape is emitted once, before spawning Claude Code.
+ * Claude Code itself does not set its own window title (verified
+ * 2026-05-11), so the borg-set title persists for the whole session.
+ *
+ * Limitations (acceptable for v1; flagged for future):
+ *   - Title doesn't update mid-session on `borg:assimilate`. The
+ *     borgmcp client process can't write the escape post-spawn
+ *     because stdio is owned by Claude Code at that point (and stdio
+ *     to Claude is JSON-RPC — terminal escapes would be parsed as
+ *     invalid messages).
+ *   - Falls back to repo-basename for the unassimilated case; loses
+ *     drone identity until the cube is joined. Typical pattern is
+ *     "drone has been around long enough that cubes.json is already
+ *     populated," so the assimilated path is the common case.
+ */
+/**
+ * Pure: compose the title string for a session. Exported so tests can
+ * exercise every branch without TTY / process / fs dependencies.
+ *
+ * @param activeDrone — `{label, cubeName}` if this project is
+ *   assimilated to a cube, null otherwise.
+ * @param repoBasename — fallback identity for the unassimilated case
+ *   (typically `basename(process.cwd())`).
+ */
+export declare function composeTerminalTitle(activeDrone: {
+    label: string;
+    cubeName: string;
+} | null, repoBasename: string): string;
+/**
+ * Side-effecting: emit the OSC 0 escape to stdout, but only if stdout
+ * is a TTY. When stdout is piped (CI, redirection, scripted
+ * invocation), emitting the raw escape would pollute the captured
+ * output without doing anything useful — so we no-op.
+ *
+ * Returns the title string that WOULD have been emitted, regardless of
+ * TTY state, so callers can log it independently for diagnostics.
+ */
+export declare function setTerminalTitle(activeDrone: {
+    label: string;
+    cubeName: string;
+} | null, repoBasename: string, stdout?: NodeJS.WriteStream): string;
+//# sourceMappingURL=terminal-title.d.ts.map

package/dist/terminal-title.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"terminal-title.d.ts","sourceRoot":"","sources":["../src/terminal-title.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,WAAW,EAAE;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,EACvD,YAAY,EAAE,MAAM,GACnB,MAAM,CAKR;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAC9B,WAAW,EAAE;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,EACvD,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,MAAM,CAAC,WAA4B,GAC1C,MAAM,CASR"}

package/dist/terminal-title.js

@@ -0,0 +1,68 @@
+/**
+ * Terminal-title setter for borg drone sessions.
+ *
+ * Multiple Claude Code sessions across sibling worktrees are visually
+ * indistinguishable in Cmd-Tab / tab bars / Mission Control on macOS,
+ * and likewise on most Linux terminal emulators. Setting the terminal
+ * title via the OSC 0 / OSC 2 escape gives each window a free per-
+ * session identity.
+ *
+ * Format (Queen-specified):
+ *   - Assimilated drone session: `borg · <label> · <cubeName>`
+ *   - Unassimilated session:     `borg · <repo-basename>`
+ *
+ * Why OSC 0 (`\x1b]0;…\x07`): sets both window title AND icon name on
+ * most terminals. OSC 2 sets only window title; OSC 1 sets only icon
+ * name. OSC 0 is the maximally-portable choice — works in iTerm2,
+ * macOS Terminal, kitty, alacritty, ghostty, GNOME Terminal, xterm.
+ *
+ * Lifetime: the escape is emitted once, before spawning Claude Code.
+ * Claude Code itself does not set its own window title (verified
+ * 2026-05-11), so the borg-set title persists for the whole session.
+ *
+ * Limitations (acceptable for v1; flagged for future):
+ *   - Title doesn't update mid-session on `borg:assimilate`. The
+ *     borgmcp client process can't write the escape post-spawn
+ *     because stdio is owned by Claude Code at that point (and stdio
+ *     to Claude is JSON-RPC — terminal escapes would be parsed as
+ *     invalid messages).
+ *   - Falls back to repo-basename for the unassimilated case; loses
+ *     drone identity until the cube is joined. Typical pattern is
+ *     "drone has been around long enough that cubes.json is already
+ *     populated," so the assimilated path is the common case.
+ */
+/**
+ * Pure: compose the title string for a session. Exported so tests can
+ * exercise every branch without TTY / process / fs dependencies.
+ *
+ * @param activeDrone — `{label, cubeName}` if this project is
+ *   assimilated to a cube, null otherwise.
+ * @param repoBasename — fallback identity for the unassimilated case
+ *   (typically `basename(process.cwd())`).
+ */
+export function composeTerminalTitle(activeDrone, repoBasename) {
+    if (activeDrone) {
+        return `borg · ${activeDrone.label} · ${activeDrone.cubeName}`;
+    }
+    return `borg · ${repoBasename}`;
+}
+/**
+ * Side-effecting: emit the OSC 0 escape to stdout, but only if stdout
+ * is a TTY. When stdout is piped (CI, redirection, scripted
+ * invocation), emitting the raw escape would pollute the captured
+ * output without doing anything useful — so we no-op.
+ *
+ * Returns the title string that WOULD have been emitted, regardless of
+ * TTY state, so callers can log it independently for diagnostics.
+ */
+export function setTerminalTitle(activeDrone, repoBasename, stdout = process.stdout) {
+    const title = composeTerminalTitle(activeDrone, repoBasename);
+    if (stdout.isTTY) {
+        // OSC 0: ESC ] 0 ; <title> BEL
+        // (BEL terminator is honored by all OSC-supporting terminals;
+        // ST = `ESC \` is an alternative but BEL has wider compat.)
+        stdout.write(`\x1b]0;${title}\x07`);
+    }
+    return title;
+}
+//# sourceMappingURL=terminal-title.js.map

package/dist/terminal-title.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"terminal-title.js","sourceRoot":"","sources":["../src/terminal-title.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAClC,WAAuD,EACvD,YAAoB;IAEpB,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,UAAU,WAAW,CAAC,KAAK,MAAM,WAAW,CAAC,QAAQ,EAAE,CAAC;IACjE,CAAC;IACD,OAAO,UAAU,YAAY,EAAE,CAAC;AAClC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAC9B,WAAuD,EACvD,YAAoB,EACpB,SAA6B,OAAO,CAAC,MAAM;IAE3C,MAAM,KAAK,GAAG,oBAAoB,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,+BAA+B;QAC/B,8DAA8D;QAC9D,4DAA4D;QAC5D,MAAM,CAAC,KAAK,CAAC,UAAU,KAAK,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/version.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Runtime version reader.
+ *
+ * Single source of truth for the borgmcp client version — read at runtime
+ * from `package.json` relative to `import.meta.url`, NOT hardcoded.
+ *
+ * Consumers:
+ *   - `index.ts` — passed into the MCP `Server({ name, version })`
+ *     constructor so Claude Code's `/mcp` view shows the real version
+ *     instead of the long-standing hardcoded "0.1.0".
+ *   - `claude.ts` / `setup.ts` / `regen.ts` / `log-audit.ts` — each
+ *     binary supports a `--version` flag that prints `borgmcp X.Y.Z`
+ *     and exits 0 before any side-effecting work begins.
+ *
+ * Implementation notes:
+ *   - Uses `readFileSync` on the resolved path relative to this module's
+ *     `import.meta.url`. The compiled `dist/version.js` sits one level
+ *     above `package.json` at the package root, so `../package.json` is
+ *     the relative resolution. This works under both `node dist/...`
+ *     and `npm run start`; the path resolution is independent of CWD.
+ *   - Result is cached at module-eval time. The package.json is part of
+ *     the published tarball and immutable for any given install.
+ *   - Falls back to `'unknown'` if the read fails (corrupted install,
+ *     someone deleted package.json, etc.) — never throws, so a fresh
+ *     `--version` invocation can't kill a CLI launch.
+ */
+/**
+ * Return the installed borgmcp version (the same string as
+ * `client/package.json`'s `version` field). Cached at module load.
+ */
+export declare function getPackageVersion(): string;
+/**
+ * Standard `--version` handler — call near the top of any CLI entry
+ * point. If `process.argv` contains `--version` or `-v`, prints
+ * `borgmcp X.Y.Z` to stdout and exits 0. Otherwise returns silently
+ * so the caller can continue with normal CLI work.
+ *
+ * Examples:
+ *   - `borg --version`    → "borgmcp 0.6.0"
+ *   - `borg-mcp -v`       → "borgmcp 0.6.0"
+ *   - `borg-setup`        → continues to interactive wizard
+ */
+export declare function handleVersionFlag(): void;
+//# sourceMappingURL=version.d.ts.map

package/dist/version.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAuBH;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,iBAAiB,IAAI,IAAI,CAKxC"}

package/dist/version.js

@@ -0,0 +1,70 @@
+/**
+ * Runtime version reader.
+ *
+ * Single source of truth for the borgmcp client version — read at runtime
+ * from `package.json` relative to `import.meta.url`, NOT hardcoded.
+ *
+ * Consumers:
+ *   - `index.ts` — passed into the MCP `Server({ name, version })`
+ *     constructor so Claude Code's `/mcp` view shows the real version
+ *     instead of the long-standing hardcoded "0.1.0".
+ *   - `claude.ts` / `setup.ts` / `regen.ts` / `log-audit.ts` — each
+ *     binary supports a `--version` flag that prints `borgmcp X.Y.Z`
+ *     and exits 0 before any side-effecting work begins.
+ *
+ * Implementation notes:
+ *   - Uses `readFileSync` on the resolved path relative to this module's
+ *     `import.meta.url`. The compiled `dist/version.js` sits one level
+ *     above `package.json` at the package root, so `../package.json` is
+ *     the relative resolution. This works under both `node dist/...`
+ *     and `npm run start`; the path resolution is independent of CWD.
+ *   - Result is cached at module-eval time. The package.json is part of
+ *     the published tarball and immutable for any given install.
+ *   - Falls back to `'unknown'` if the read fails (corrupted install,
+ *     someone deleted package.json, etc.) — never throws, so a fresh
+ *     `--version` invocation can't kill a CLI launch.
+ */
+import { readFileSync } from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { dirname, join } from 'node:path';
+function readPackageVersion() {
+    try {
+        const here = fileURLToPath(import.meta.url);
+        const pkgPath = join(dirname(here), '..', 'package.json');
+        const raw = readFileSync(pkgPath, 'utf-8');
+        const parsed = JSON.parse(raw);
+        if (typeof parsed.version === 'string' && parsed.version.length > 0) {
+            return parsed.version;
+        }
+        return 'unknown';
+    }
+    catch {
+        return 'unknown';
+    }
+}
+const VERSION = readPackageVersion();
+/**
+ * Return the installed borgmcp version (the same string as
+ * `client/package.json`'s `version` field). Cached at module load.
+ */
+export function getPackageVersion() {
+    return VERSION;
+}
+/**
+ * Standard `--version` handler — call near the top of any CLI entry
+ * point. If `process.argv` contains `--version` or `-v`, prints
+ * `borgmcp X.Y.Z` to stdout and exits 0. Otherwise returns silently
+ * so the caller can continue with normal CLI work.
+ *
+ * Examples:
+ *   - `borg --version`    → "borgmcp 0.6.0"
+ *   - `borg-mcp -v`       → "borgmcp 0.6.0"
+ *   - `borg-setup`        → continues to interactive wizard
+ */
+export function handleVersionFlag() {
+    if (process.argv.includes('--version') || process.argv.includes('-v')) {
+        process.stdout.write(`borgmcp ${VERSION}\n`);
+        process.exit(0);
+    }
+}
+//# sourceMappingURL=version.js.map

package/dist/version.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.js","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QAC1D,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpE,OAAO,MAAM,CAAC,OAAO,CAAC;QACxB,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;AAErC;;;GAGG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,iBAAiB;IAC/B,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,OAAO,IAAI,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "borgmcp",
-  "version": "0.5.2",
+  "version": "0.6.2",
   "description": "Multi-agent coordination for Claude Code — cubes, drones, and a shared activity log.",
   "type": "module",
   "main": "dist/index.js",
@@ -17,7 +17,8 @@
     "dev": "tsc --watch",
     "start": "node dist/index.js",
     "postinstall": "node dist/postinstall.js || true",
-    "prepublishOnly": "npm run build"
+    "test:integration": "vitest run --config ./vitest.integration.config.ts",
+    "prepublishOnly": "npm run build && npm run test:integration"
   },
   "files": [
     "dist",
@@ -57,7 +58,8 @@
     "@types/node": "^22.10.2",
     "@types/prompts": "^2.4.9",
     "@types/which": "^3.0.4",
-    "typescript": "^6.0.3"
+    "typescript": "^6.0.3",
+    "vitest": "^3.2.4"
   },
   "publishConfig": {
     "access": "public"