byterover-cli 2.2.0 → 2.3.1

package/dist/oclif/commands/restart.js

@@ -1,22 +1,25 @@
-import { DAEMON_INSTANCE_FILE, ensureDaemonRunning, getGlobalDataDir, GlobalInstanceManager, HEARTBEAT_FILE, SPAWN_LOCK_FILE, } from '@campfirein/brv-transport-client';
+import { DAEMON_INSTANCE_FILE, getGlobalDataDir, GlobalInstanceManager, HEARTBEAT_FILE, SPAWN_LOCK_FILE, } from '@campfirein/brv-transport-client';
 import { Command } from '@oclif/core';
 import { spawnSync } from 'node:child_process';
-import { readdirSync, readFileSync, readlinkSync, unlinkSync } from 'node:fs';
-import { dirname, join } from 'node:path';
-import { resolveLocalServerMainPath } from '../../server/utils/server-main-resolver.js';
-const MAX_ATTEMPTS = 3;
+import { readdirSync, readFileSync, unlinkSync } from 'node:fs';
+import { dirname, join, resolve } from 'node:path';
 const KILL_SETTLE_MS = 500;
-const DAEMON_START_TIMEOUT_MS = 15_000;
-const KILL_VERIFY_TIMEOUT_MS = 2000;
+const KILL_VERIFY_TIMEOUT_MS = 5000;
 const KILL_VERIFY_POLL_MS = 100;
+const SIGTERM_BUDGET_MS = 8000;
 export default class Restart extends Command {
     static description = `Restart ByteRover — stop everything and start fresh.
 
 Run this when ByteRover is unresponsive, stuck, or after installing an update.
-All open sessions and background processes are stopped before the fresh start.`;
+All open sessions and background processes are stopped.
+The daemon will restart automatically on the next brv command.`;
     static examples = ['<%= config.bin %> <%= command.id %>'];
+    /** Commands whose processes must not be killed (e.g. `brv update` calls `brv restart`). */
+    static PROTECTED_COMMANDS = ['update'];
+    /** Server/agent patterns — cannot match CLI processes, no self-kill risk. */
+    static SERVER_AGENT_PATTERNS = ['brv-server.js', 'agent-process.js'];
     /**
-     * Builds the list of file-path patterns used to identify brv processes for pattern kill.
+     * Builds the list of CLI script patterns used to identify brv client processes.
      *
      * All patterns are absolute paths or specific filenames to avoid false-positive matches
      * against other oclif CLIs (which also use bin/run.js and bin/dev.js conventions).
@@ -29,21 +32,12 @@ All open sessions and background processes are stopped before the fresh start.`;
      *   nvm / system global:         cmdline = node .../bin/brv  ← caught by 'bin/brv' substring
      *   curl install (/.brv-cli/):   join(brvBinDir, 'run') — entry point named 'run' without .js
      *
-     * Relative patterns (./bin/run.js, ./bin/dev.js) are intentionally excluded: they would
-     * match any oclif CLI running in dev mode, not just brv.
-     *
      * Set deduplicates when paths overlap (e.g. process.argv[1] is already run.js).
      */
-    static buildKillPatterns(brvBinDir, argv1) {
-        // Patterns ordered from most specific to broadest:
-        //   bin/brv                    — nvm/bundled binary (.../bin/brv)
-        //   byterover-cli/bin/run.js   — npm global/nvm install (package name is always the folder name
-        //                                in node_modules): /usr/local/.../byterover-cli/bin/run.js,
-        //                                .nvm/.../byterover-cli/bin/run.js. NOT used for dev.js because
-        //                                dev clones can have any directory name — covered by brvBinDir.
-        //   exact sibling paths        — current installation's run.js / dev.js / run (any dir name)
-        //   process.argv[1]            — current executable (bundled binary / dev entry)
-        const brvScripts = [
+    static buildCliPatterns() {
+        const argv1 = resolve(process.argv[1]);
+        const brvBinDir = dirname(argv1);
+        return [
             ...new Set([
                 argv1,
                 join('bin', 'brv'),
@@ -53,90 +47,19 @@ All open sessions and background processes are stopped before the fresh start.`;
                 join(brvBinDir, 'run.js'),
             ]),
         ];
-        return ['brv-server.js', 'agent-process.js', ...brvScripts];
     }
     /**
-     * Build a pid→cwd map from `lsof -d cwd -Fn` output.
-     *
-     * On macOS, `-p <pid>` is ignored and lsof returns ALL processes.
-     * Output format per process: `p<pid>\nfcwd\nn<cwd_path>`.
-     * Returns empty map if lsof is unavailable.
+     * Returns true if the cmdline contains a protected command as an argument.
+     * Handles both /proc null-byte delimiters (Linux) and space delimiters (macOS ps).
      */
-    static buildCwdByPid() {
-        const cwdByPid = new Map();
-        try {
-            const lsofResult = spawnSync('lsof', ['-d', 'cwd', '-Fn'], { encoding: 'utf8' });
-            if (!lsofResult.stdout)
-                return cwdByPid;
-            const lines = lsofResult.stdout.split('\n');
-            let curPid = -1;
-            for (let i = 0; i < lines.length; i++) {
-                if (lines[i].startsWith('p')) {
-                    curPid = Number.parseInt(lines[i].slice(1), 10);
-                }
-                else if (lines[i] === 'fcwd' && curPid > 0 && lines[i + 1]?.startsWith('n')) {
-                    cwdByPid.set(curPid, lines[i + 1].slice(1));
-                }
-            }
-        }
-        catch {
-            // lsof unavailable — caller falls back to relative-path patterns
-        }
-        return cwdByPid;
-    }
-    /**
-     * Kill matching brv processes on macOS by scanning all processes via `ps`.
-     *
-     * For processes started with a relative path (e.g. `./bin/dev.js`), the literal
-     * relative path is in the OS cmdline — absolute-path patterns won't match.
-     * Resolves relative .js paths using buildCwdByPid() to avoid false positives
-     * (e.g. `byterover-cli-clone/bin/dev.js` must not match `byterover-cli/bin/dev.js`).
-     *
-     * When cwd is resolved: check only absolute patterns (precise, no false positives).
-     * When cwd is unavailable: also check relative fallback patterns (./bin/dev.js).
-     */
-    static killByMacOsProcScan(patterns, excludePids) {
-        const psResult = spawnSync('ps', ['-A', '-o', 'pid,args'], { encoding: 'utf8' });
-        if (!psResult.stdout)
-            return;
-        const cwdByPid = Restart.buildCwdByPid();
-        for (const line of psResult.stdout.split('\n').slice(1)) {
-            const match = /^\s*(\d+)\s+(.+)$/.exec(line);
-            if (!match)
-                continue;
-            const pid = Number.parseInt(match[1], 10);
-            const rawCmdline = match[2].trim();
-            if (Number.isNaN(pid) || excludePids.has(pid))
-                continue;
-            // Resolve relative .js path using cwd map to get an absolute path for matching.
-            let cmdline = rawCmdline;
-            let cwdResolved = false;
-            const relativeJs = rawCmdline.split(/\s+/).find((a) => a.endsWith('.js') && !a.startsWith('/'));
-            if (relativeJs) {
-                const cwd = cwdByPid.get(pid);
-                if (cwd) {
-                    cmdline = rawCmdline.replace(relativeJs, join(cwd, relativeJs));
-                    cwdResolved = true;
-                }
-            }
-            for (const pattern of patterns) {
-                // When cwd resolved to absolute path, skip relative fallback patterns (those starting with
-                // './') — the resolved cmdline no longer contains relative paths, so these won't match.
-                // Prevents false positives against other projects (e.g. byterover-cli-clone) that also
-                // run ./bin/dev.js when lsof is unavailable and cwd cannot be resolved.
-                if (cwdResolved && pattern.startsWith('./'))
-                    continue;
-                if (cmdline.includes(pattern)) {
-                    try {
-                        process.kill(pid, 'SIGKILL');
-                    }
-                    catch {
-                        // Process already dead — ignore
-                    }
-                    break;
-                }
-            }
-        }
+    static isProtectedCommand(cmdline) {
+        return Restart.PROTECTED_COMMANDS.some((cmd) => 
+        // Linux /proc/cmdline: null-byte delimited
+        cmdline.includes(`\0${cmd}\0`) ||
+            cmdline.endsWith(`\0${cmd}`) ||
+            // macOS ps / Windows: space delimited
+            cmdline.endsWith(` ${cmd}`) ||
+            cmdline.includes(` ${cmd} `));
     }
     /**
      * Kill a process by PID.
@@ -158,19 +81,10 @@ All open sessions and background processes are stopped before the fresh start.`;
     }
     /**
      * Kill matching brv processes on Linux by scanning /proc/<pid>/cmdline.
-     *
-     * For processes started with a relative path (e.g. `./bin/dev.js`), resolves
-     * the path using /proc/<pid>/cwd so absolute-path patterns match correctly
-     * without false positives.
-     *
-     * When cwd is resolved: check only absolute patterns (precise, no false positives).
-     * When cwd is unavailable: also check relative fallback patterns (./bin/dev.js).
-     * Mirrors the macOS killByMacOsProcScan behavior.
-     *
-     * Works on all Linux distros including Alpine — /proc is a kernel feature,
-     * no userspace tools required.
+     * Simple substring match — no cwd resolution needed.
+     * Works on all Linux distros including Alpine — /proc is a kernel feature.
      */
-    static killByProcScan(patterns, excludePids) {
+    static killByProcScan(patterns, excludePids, skipProtected) {
         let entries;
         try {
             entries = readdirSync('/proc');
@@ -183,34 +97,11 @@ All open sessions and background processes are stopped before the fresh start.`;
             if (Number.isNaN(pid) || excludePids.has(pid))
                 continue;
             try {
-                const args = readFileSync(join('/proc', entry, 'cmdline'), 'utf8')
-                    .split('\0')
-                    .filter(Boolean);
-                let cmdline = args.join(' ');
-                // Resolve relative .js path using /proc/<pid>/cwd to match against absolute-path patterns.
-                // Without this, `./bin/dev.js` would not match `byterover-cli/bin/dev.js`.
-                let cwdResolved = false;
-                const relativeJs = args.find((a) => a.endsWith('.js') && !a.startsWith('/'));
-                if (relativeJs) {
-                    try {
-                        const cwd = readlinkSync(join('/proc', entry, 'cwd'));
-                        cmdline = cmdline.replace(relativeJs, join(cwd, relativeJs));
-                        cwdResolved = true;
-                    }
-                    catch {
-                        // cwd unreadable — use original cmdline
-                    }
-                }
-                for (const pattern of patterns) {
-                    // When cwd resolved to absolute path, skip relative fallback patterns (those starting with
-                    // './') — the resolved cmdline no longer contains relative paths, so these won't match.
-                    // Prevents false positives against other oclif CLIs that also run ./bin/dev.js.
-                    if (cwdResolved && pattern.startsWith('./'))
+                const cmdline = readFileSync(join('/proc', entry, 'cmdline'), 'utf8');
+                if (patterns.some((p) => cmdline.includes(p))) {
+                    if (skipProtected && Restart.isProtectedCommand(cmdline))
                         continue;
-                    if (cmdline.includes(pattern)) {
-                        process.kill(pid, 'SIGKILL');
-                        break; // Already killing this PID — no need to check remaining patterns
-                    }
+                    process.kill(pid, 'SIGKILL');
                 }
             }
             catch {
@@ -219,36 +110,66 @@ All open sessions and background processes are stopped before the fresh start.`;
         }
     }
     /**
-     * Best-effort pattern kill for all brv processes (daemon, agents, TUI sessions, MCP servers,
-     * headless commands). Errors are silently ignored.
+     * Kill matching brv processes on macOS by scanning all processes via `ps`.
+     * Simple substring match — no cwd resolution needed because patterns
+     * are either unique filenames (brv-server.js) or absolute paths.
+     */
+    static killByPsScan(patterns, excludePids, skipProtected) {
+        const psResult = spawnSync('ps', ['-A', '-o', 'pid,args'], { encoding: 'utf8' });
+        if (!psResult.stdout)
+            return;
+        for (const line of psResult.stdout.split('\n').slice(1)) {
+            const match = /^\s*(\d+)\s+(.+)$/.exec(line);
+            if (!match)
+                continue;
+            const pid = Number.parseInt(match[1], 10);
+            const cmdline = match[2];
+            if (Number.isNaN(pid) || excludePids.has(pid))
+                continue;
+            if (patterns.some((p) => cmdline.includes(p))) {
+                if (skipProtected && Restart.isProtectedCommand(cmdline))
+                    continue;
+                try {
+                    process.kill(pid, 'SIGKILL');
+                }
+                catch {
+                    // Process already dead — ignore
+                }
+            }
+        }
+    }
+    /**
+     * Pattern-kill brv processes matching the given patterns.
+     *
+     * Self-exclusion: own PID and parent PID are always filtered out.
+     * The parent PID exclusion protects the oclif bin/brv bash wrapper
+     * on bundled installs (it does not use exec, so bash remains as parent).
      *
-     * Relative paths (e.g. `./bin/dev.js`) are resolved via cwd before pattern matching,
-     * ensuring accuracy without false positives from other oclif CLIs.
+     * When skipProtected is true, processes running protected commands
+     * (e.g. `brv update`) are spared — prevents `brv restart` from killing
+     * the `brv update` process that invoked it.
      *
      * OS dispatch:
-     *   Linux (incl. Alpine, WSL2): /proc scan + /proc/<pid>/cwd resolution
-     *   macOS:                      ps -A scan + lsof cwd resolution
+     *   Linux (incl. Alpine, WSL2): /proc scan
+     *   macOS:                      ps -A scan
      *   Windows:                    PowerShell Get-CimInstance — available Windows 8+ / PS 3.0+
-     *
-     * Self-exclusion: own PID filtered on Unix; excluded explicitly in PowerShell query.
      */
-    static patternKill() {
-        const brvBinDir = dirname(process.argv[1]);
-        const allPatterns = Restart.buildKillPatterns(brvBinDir, process.argv[1]);
-        // Exclude both the current node process and its parent shell wrapper (install.sh installs
-        // use a shell script that forks node — killing the wrapper garbles terminal output).
+    static patternKill(patterns, skipProtected = false) {
         const excludePids = new Set([process.pid, process.ppid]);
         if (process.platform === 'win32') {
-            const whereClause = allPatterns.map((p) => `$_.CommandLine -like '*${p}*'`).join(' -or ');
-            const script = `Get-CimInstance Win32_Process | Where-Object { (${whereClause}) -and $_.ProcessId -ne ${process.pid} -and $_.ProcessId -ne ${process.ppid} } | ForEach-Object { Stop-Process -Id $_.ProcessId -Force -ErrorAction SilentlyContinue }`;
+            const whereClause = patterns.map((p) => `$_.CommandLine -like '*${p.replaceAll("'", "''")}*'`).join(' -or ');
+            const protectedClause = skipProtected
+                ? ` -and ${Restart.PROTECTED_COMMANDS.map((cmd) => `$_.CommandLine -notlike '* ${cmd} *' -and $_.CommandLine -notlike '* ${cmd}'`).join(' -and ')}`
+                : '';
+            const script = `Get-CimInstance Win32_Process | Where-Object { (${whereClause}) -and $_.ProcessId -ne ${process.pid} -and $_.ProcessId -ne ${process.ppid}${protectedClause} } | ForEach-Object { Stop-Process -Id $_.ProcessId -Force -ErrorAction SilentlyContinue }`;
             spawnSync('powershell', ['-Command', script], { stdio: 'ignore' });
         }
         else if (process.platform === 'linux') {
-            Restart.killByProcScan(allPatterns, excludePids);
+            Restart.killByProcScan(patterns, excludePids, skipProtected);
         }
         else {
-            // macOS (and other Unix): ps -A scan with lsof cwd resolution for relative paths
-            Restart.killByMacOsProcScan(allPatterns, excludePids);
+            // macOS (and other Unix): ps -A scan
+            Restart.killByPsScan(patterns, excludePids, skipProtected);
         }
     }
     static sleep(ms) {
@@ -257,25 +178,23 @@ All open sessions and background processes are stopped before the fresh start.`;
         });
     }
     /**
-     * Polls until the process with the given PID is no longer alive.
+     * Polls until the process is dead, returning true if it exited within the timeout.
      * Uses `process.kill(pid, 0)` — sends no signal, just checks existence.
-     * On ESRCH the PID is confirmed dead. Silently times out if the process
-     * outlives timeoutMs (e.g. zombie held by parent).
-     * Unix only — on Windows, taskkill /f is synchronous so no polling needed.
+     * On ESRCH the PID is confirmed dead.
      */
-    static async waitForPidToDie(pid, timeoutMs) {
+    static async waitForProcessExit(pid, timeoutMs) {
         const deadline = Date.now() + timeoutMs;
         while (Date.now() < deadline) {
             try {
-                process.kill(pid, 0); // throws ESRCH if dead
+                process.kill(pid, 0);
             }
             catch {
-                return; // process confirmed dead
+                return true; // ESRCH = dead
             }
             // eslint-disable-next-line no-await-in-loop -- intentional poll loop
             await Restart.sleep(KILL_VERIFY_POLL_MS);
         }
-        // Timed out — continue anyway; retry loop will kill again if still alive
+        return false;
     }
     cleanupAllDaemonFiles(dataDir) {
         for (const file of [DAEMON_INSTANCE_FILE, HEARTBEAT_FILE, SPAWN_LOCK_FILE]) {
@@ -291,55 +210,49 @@ All open sessions and background processes are stopped before the fresh start.`;
         // eslint-disable-next-line n/no-process-exit, unicorn/no-process-exit
         process.exit(code);
     }
-    async killAllBrvProcesses(dataDir) {
-        this.log('Stopping processes...');
-        // Read PID directly from daemon.json — no health-check filtering.
-        const info = new GlobalInstanceManager({ dataDir }).load();
-        if (info !== undefined) {
-            Restart.killByPid(info.pid);
-            // Verify the daemon PID is dead before pattern-killing the rest.
-            // taskkill /f on Windows is synchronous so polling is only needed on Unix.
-            if (process.platform !== 'win32') {
-                await Restart.waitForPidToDie(info.pid, KILL_VERIFY_TIMEOUT_MS);
-            }
-        }
-        // Always run pattern kill — catches processes not in daemon.json
-        // (agents, TUI sessions, MCP servers, headless commands).
-        Restart.patternKill();
-        await Restart.sleep(KILL_SETTLE_MS);
+    loadDaemonInfo(dataDir) {
+        return new GlobalInstanceManager({ dataDir }).load();
     }
     async run() {
-        const serverPath = resolveLocalServerMainPath();
         const dataDir = getGlobalDataDir();
-        /* eslint-disable no-await-in-loop -- intentional sequential retry loop */
-        for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
-            if (attempt > 1) {
-                this.log(`Attempt ${attempt}/${MAX_ATTEMPTS}...`);
-            }
-            await this.killAllBrvProcesses(dataDir);
-            this.cleanupAllDaemonFiles(dataDir);
-            this.log('Starting daemon...');
-            const result = await this.startDaemon(serverPath);
-            if (result.success) {
-                this.log(`Daemon started (PID ${result.info.pid}, port ${result.info.port})`);
-                break;
+        // Phase 1: Kill all client processes first (TUI, MCP, headless commands).
+        // Must happen BEFORE daemon kill — clients have reconnectors that will
+        // respawn the daemon via ensureDaemonRunning() if they detect disconnection.
+        // Self excluded by process.pid / process.ppid.
+        // Protected commands (e.g. `brv update`) are spared.
+        this.log('Stopping clients...');
+        Restart.patternKill(Restart.buildCliPatterns(), true);
+        await Restart.sleep(KILL_SETTLE_MS);
+        // Phase 2: Graceful daemon kill via daemon.json PID.
+        // SIGTERM triggers ShutdownHandler → stops agents, transport, releases daemon.json.
+        // Safe now because all clients are dead — no one can respawn daemon.
+        const info = this.loadDaemonInfo(dataDir);
+        if (info !== undefined) {
+            this.log(`Stopping daemon (PID ${info.pid})...`);
+            let stopped = false;
+            try {
+                process.kill(info.pid, 'SIGTERM');
+                stopped = await Restart.waitForProcessExit(info.pid, SIGTERM_BUDGET_MS);
             }
-            const detail = result.spawnError ? ` (${result.spawnError})` : '';
-            if (attempt < MAX_ATTEMPTS) {
-                this.log(`Daemon did not start (${result.reason}${detail}). Retrying...`);
+            catch {
+                stopped = true; // ESRCH = already dead
             }
-            else {
-                this.error(`Failed to start daemon after ${MAX_ATTEMPTS} attempts: ${result.reason}${detail}`);
+            if (!stopped) {
+                Restart.killByPid(info.pid);
+                if (process.platform !== 'win32') {
+                    await Restart.waitForProcessExit(info.pid, KILL_VERIFY_TIMEOUT_MS);
+                }
             }
         }
-        /* eslint-enable no-await-in-loop */
+        // Phase 3: Kill orphaned server/agent processes not tracked in daemon.json.
+        Restart.patternKill(Restart.SERVER_AGENT_PATTERNS);
+        await Restart.sleep(KILL_SETTLE_MS);
+        // Phase 4: Clean state files.
+        this.cleanupAllDaemonFiles(dataDir);
+        this.log('All ByteRover processes stopped.');
         // Force exit — oclif does not call process.exit() after run() returns,
-        // relying on the event loop to drain. In production, third-party plugin
-        // hooks (e.g. @oclif/plugin-update) can leave open handles that prevent
-        // the process from exiting naturally. mcp.ts uses the same pattern.
+        // relying on the event loop to drain. Third-party plugin hooks (e.g.
+        // @oclif/plugin-update) can leave open handles that prevent exit.
         this.exitProcess(0);
     }
-    async startDaemon(serverPath) {
-        return ensureDaemonRunning({ serverPath, timeoutMs: DAEMON_START_TIMEOUT_MS });
-    }
 }

package/dist/oclif/hooks/init/block-command-update-npm.d.ts

@@ -0,0 +1,11 @@
+import type { Hook } from '@oclif/core';
+export type BlockCommandUpdateNpmDeps = {
+    commandId: string | undefined;
+    errorFn: (message: string, options: {
+        exit: number;
+    }) => void;
+    isNpmGlobalInstalled: boolean;
+};
+export declare function handleBlockCommandUpdateNpm(deps: BlockCommandUpdateNpmDeps): void;
+declare const hook: Hook<'init'>;
+export default hook;

package/dist/oclif/hooks/init/block-command-update-npm.js

@@ -0,0 +1,15 @@
+import { execSync } from 'node:child_process';
+import { isNpmGlobalInstall } from './update-notifier.js';
+export function handleBlockCommandUpdateNpm(deps) {
+    if (deps.commandId === 'update' && deps.isNpmGlobalInstalled) {
+        deps.errorFn('brv was installed via npm. Use `npm update -g byterover-cli` to update.', { exit: 1 });
+    }
+}
+const hook = async function (opts) {
+    handleBlockCommandUpdateNpm({
+        commandId: opts.id,
+        errorFn: this.error.bind(this),
+        isNpmGlobalInstalled: isNpmGlobalInstall(execSync),
+    });
+};
+export default hook;

package/dist/oclif/hooks/init/update-notifier.d.ts

@@ -33,6 +33,9 @@ export type UpdateNotifierDeps = {
     isTTY: boolean;
     log: (message: string) => void;
     notifier: NarrowedUpdateNotifier;
+    spawnRestartFn: () => {
+        unref(): void;
+    };
 };
 /**
  * Check whether byterover-cli is installed as a npm global package.

package/dist/oclif/hooks/init/update-notifier.js

@@ -1,5 +1,5 @@
 import { confirm } from '@inquirer/prompts';
-import { execSync } from 'node:child_process';
+import { execSync, spawn } from 'node:child_process';
 import updateNotifier from 'update-notifier';
 /**
  * Check interval for update notifications (1 hour)
@@ -34,16 +34,23 @@ export async function handleUpdateNotification(deps) {
     }
     const shouldUpdate = await confirmPrompt({
         default: true,
-        message: `Update available: ${current} → ${latest}. Would you like to update now?`,
+        message: `Update available: ${current} → ${latest}. Update now? (active sessions will be restarted)`,
     });
     if (shouldUpdate) {
         log('Updating byterover-cli...');
         try {
             execSyncFn('npm update -g byterover-cli', { stdio: 'inherit' });
             log('');
-            log(`✓ Successfully updated to ${latest}`);
+            log(`✓ Updated to ${latest}.`);
             log('');
-            log(`The update will take effect on next launch. Run 'brv' when ready.`);
+            try {
+                const child = deps.spawnRestartFn();
+                child.unref();
+                log('Restarting ByteRover in the background. Please wait a few seconds before running brv again.');
+            }
+            catch {
+                log('Failed to restart ByteRover. Please restart it manually by running `brv restart`.');
+            }
             exitFn(0);
         }
         catch {
@@ -63,6 +70,12 @@ const hook = async function () {
         isTTY: process.stdout.isTTY ?? false,
         log: this.log.bind(this),
         notifier,
+        spawnRestartFn: () => spawn('brv restart', {
+            detached: true,
+            shell: true,
+            stdio: 'ignore',
+            windowsHide: true,
+        }),
     });
 };
 export default hook;

package/dist/oclif/hooks/postrun/restart-after-update.d.ts

@@ -0,0 +1,22 @@
+import type { Hook } from '@oclif/core';
+export type RestartAfterUpdateDeps = {
+    argv: string[];
+    commandId: string | undefined;
+    log: (msg: string) => void;
+    spawnRestartFn: () => {
+        unref(): void;
+    };
+};
+/**
+ * Restart daemon/agent processes after a manual `brv update`.
+ *
+ * Fires after every command via the oclif postrun hook; early-returns for
+ * anything other than `brv update`.
+ *
+ * Skips background auto-updates: @oclif/plugin-update passes `--autoupdate`
+ * when spawning `brv update` in the background. Manual `brv update` runs
+ * in the user's shell without that flag.
+ */
+export declare function handleRestartAfterUpdate(deps: RestartAfterUpdateDeps): Promise<void>;
+declare const hook: Hook<'postrun'>;
+export default hook;

package/dist/oclif/hooks/postrun/restart-after-update.js

@@ -0,0 +1,40 @@
+import { spawn } from 'node:child_process';
+/**
+ * Restart daemon/agent processes after a manual `brv update`.
+ *
+ * Fires after every command via the oclif postrun hook; early-returns for
+ * anything other than `brv update`.
+ *
+ * Skips background auto-updates: @oclif/plugin-update passes `--autoupdate`
+ * when spawning `brv update` in the background. Manual `brv update` runs
+ * in the user's shell without that flag.
+ */
+export async function handleRestartAfterUpdate(deps) {
+    if (deps.commandId !== 'update')
+        return;
+    if (deps.argv.includes('--autoupdate'))
+        return;
+    try {
+        const child = deps.spawnRestartFn();
+        child.unref();
+        deps.log('Restarting ByteRover in the background. Please wait a few seconds before running brv again.');
+    }
+    catch {
+        deps.log('Failed to restart ByteRover. Please restart it manually by running `brv restart`.');
+        // best-effort — update already succeeded
+    }
+}
+const hook = async function (opts) {
+    await handleRestartAfterUpdate({
+        argv: opts.argv,
+        commandId: opts.Command.id,
+        log: this.log.bind(this),
+        spawnRestartFn: () => spawn('brv restart', {
+            detached: true,
+            shell: true,
+            stdio: 'ignore',
+            windowsHide: true,
+        }),
+    });
+};
+export default hook;

package/dist/oclif/lib/daemon-client.d.ts

@@ -30,6 +30,10 @@ export declare function isRetryableError(error: unknown): boolean;
  * Checks if an error left leaked Socket.IO handles that prevent Node.js from exiting.
  */
 export declare function hasLeakedHandles(error: unknown): boolean;
+/**
+ * Builds a user-friendly message when provider credentials are missing from storage.
+ */
+export declare function providerMissingMessage(activeProvider: string, authMethod?: 'api-key' | 'oauth'): string;
 export interface ProviderErrorContext {
     activeModel?: string;
     activeProvider?: string;

package/dist/oclif/lib/daemon-client.js

@@ -12,6 +12,8 @@ const USER_FRIENDLY_MESSAGES = {
     [TaskErrorCode.CONTEXT_TREE_NOT_INITIALIZED]: 'Context tree not initialized.',
     [TaskErrorCode.LOCAL_CHANGES_EXIST]: 'You have local changes. Run "brv push" to save your changes before pulling.',
     [TaskErrorCode.NOT_AUTHENTICATED]: 'Not authenticated. Cloud sync features (push/pull/space) require login — local query and curate work without authentication.',
+    [TaskErrorCode.OAUTH_REFRESH_FAILED]: 'OAuth token refresh failed. Run "brv providers connect <provider> --oauth" to reconnect.',
+    [TaskErrorCode.OAUTH_TOKEN_EXPIRED]: 'OAuth token has expired. Run "brv providers connect <provider> --oauth" to reconnect.',
     [TaskErrorCode.PROJECT_NOT_INIT]: 'Project not initialized. Run "brv restart" to reinitialize.',
     [TaskErrorCode.PROVIDER_NOT_CONFIGURED]: 'No provider connected. Run "brv providers connect byterover" to use the free built-in provider, or connect another provider.',
     [TaskErrorCode.SPACE_NOT_CONFIGURED]: 'No space configured. Run "brv space list" to see available spaces, then "brv space switch --team <team> --name <space>" to select one.',
@@ -83,6 +85,14 @@ export function hasLeakedHandles(error) {
         return false;
     return error.code === TaskErrorCode.AGENT_DISCONNECTED || error.code === TaskErrorCode.AGENT_NOT_AVAILABLE;
 }
+/**
+ * Builds a user-friendly message when provider credentials are missing from storage.
+ */
+export function providerMissingMessage(activeProvider, authMethod) {
+    return authMethod === 'oauth'
+        ? `${activeProvider} authentication has expired.\nPlease reconnect: brv providers connect ${activeProvider} --oauth`
+        : `${activeProvider} API key is missing from storage.\nPlease reconnect: brv providers connect ${activeProvider} --api-key <your-key>`;
+}
 /**
  * Formats a connection error into a user-friendly message.
  */
@@ -131,9 +141,9 @@ export function formatConnectionError(error, providerContext) {
         const provider = providerContext?.activeProvider ?? '<provider>';
         const model = providerContext?.activeModel;
         const currentInfo = model ? `Provider: ${provider}  Model: ${model}\n\n` : `Provider: ${provider}\n\n`;
-        return (`LLM provider API key is missing or invalid.\n${currentInfo}` +
-            '  Reconnect with your API key:\n' +
-            `    brv providers connect ${provider} --api-key <key>\n\n` +
+        return (`LLM provider credentials are missing or invalid.\n${currentInfo}` +
+            '  Reconnect your provider:\n' +
+            `    brv providers connect ${provider}\n\n` +
             '  Switch to a different provider:\n' +
             '    brv providers switch <provider>\n\n' +
             '  See all options:  brv providers --help');