neohive 6.0.3 → 6.1.0

package/CHANGELOG.md

@@ -1,5 +1,47 @@
 # Changelog
 
+## [6.1.0] - 2026-04-04
+
+### Added
+
+- **Modular tools architecture** — server-side tools split into `agent-bridge/tools/` directory for maintainability; each tool file is independently loaded at startup
+- **Terminal bridge** — `terminal-bridge.js` streams live terminal output to the dashboard with lazy-loaded xterm.js and per-agent isolation; agent status pills show real-time session state
+- **Agent liveness detection v2** — deterministic online/offline/stale/unknown states with heartbeat epoch tracking; dead seats are auto-reclaimed on `register()` and spare seats offered immediately
+- **Listen outcome payload** — `listen()` returns a structured result object with `outcome`, `message`, and `agent` fields for richer branching logic
+- **Liveness sparkline + nudge UI** — dashboard renders a mini activity graph per agent and one-click nudge button for unresponsive agents
+- **Server-side auto-nudge** — coordinator receives an escalation message when a non-compliant agent misses its `listen()` window
+- **Audit log** — every MCP tool call appended to `audit_log.jsonl`; new `log_violation` tool writes policy violations to the same log; dashboard has a dedicated Audit view
+- **Push approval workflow** — `request_push_approval` / `ack_push` tools add a human-in-the-loop gate before git pushes
+- **Review gate on task completion** — `update_task(status="done")` can require `request_review` + `submit_review` before the done event fires; `review_approved` event broadcasts on approval
+- **Scoped rules** — `add_rule` / `list_rules` accept `role`, `provider`, and `agent` filters so rules are applied only to matching agents
+- **Platform-specific default skills** — `register()` auto-populates the agent's skill list based on detected IDE/CLI provider (Claude Code, Cursor, Copilot, Gemini)
+- **Token usage in profile popup** — dashboard resolves the Claude session via ppid walk and displays token usage directly in the agent profile card
+- **VS Code extension: chat participant** — `@neohive` chat participant with slash commands (`/task`, `/broadcast`, `/status`) and a coordinator pipe for inline coordination from Copilot Chat
+- **VS Code extension: Claude Code hooks setup** — extension auto-configures `UserPromptSubmit` and `PostToolUse` hooks on activation; version shown in status bar
+- **Hooks system** — `PostToolUse` hook echoes `send_message` calls to the current chat transcript; `UserPromptSubmit` hook injects context; `enforce-listen.sh` stop hook escalates non-compliant agents
+- **Self-healing watchdog** — stuck tasks are automatically reclaimed after a configurable timeout; escalates to `blocked_permanent` with poison-pill after max retries; `retry_count` badge shown in dashboard
+- **Design system** — `design-system.css` ships design tokens (colors, radii, shadows, glassmorphism variables) consumed by the dashboard; SVG logo and favicon served as dedicated endpoints
+- **Multi-IDE MCP setup** — `neohive init` upserts configs for Claude Code, Cursor, Copilot, Gemini CLI, and Codex TOML in one pass using absolute Node.js paths
+- **Agent name config in VS Code** — extension setting `neohive.agentName` with format validation; used automatically in MCP config generation
+
+### Changed
+
+- **Tool consolidation (Phase 1)** — `check_messages` / `consume_messages` merged into the unified `messages` tool with a `mode` param; deprecated aliases removed for a clean API surface
+- **Config centralization** — `SERVER_CONFIG` and `CLI_CONFIG` objects in `server.js` replace all scattered magic numbers (timeouts, limits, intervals)
+- **Dashboard route dispatch** — simple GET routes moved to a dispatch table; reduces deeply nested if-chains in `dashboard.js`
+- **Dashboard agent popup** — redesigned as a 3-tab layout (Stats · Actions · Profile) with inline profile editing, skill tags, and stuck/unresponsive indicators (orange/red dot + badge)
+- **System events** — dashboard renders system events as compact, color-coded icon banners instead of raw log lines
+- **Glassmorphism UI** — header and sidebar use backdrop-filter blur; agent cards gain micro-animations on hover and status-change
+- **Slack-style new-messages banner** — pill appears above the message list when unread messages arrive while scrolled up
+
+### Fixed
+
+- **Agent disappearance race condition** — `register()` now uses a file-level write lock to prevent two agents stomping on `agents.json` simultaneously; epoch-0 liveness spam suppressed
+- **Mobile dashboard** — menu toggle restored; textarea stretches full width; inject-target dropdown populates correctly on small screens
+- **Dashboard scroll preservation** — message list no longer jumps to top on full re-render
+- **MCP portability** — VS Code extension uses local `node` + `server.js` paths to avoid published-package port conflicts
+- **Nudge suppression** — auto-nudge only injects a message when the agent has genuinely missed its window; compliant agents are skipped
+
 ## [6.0.3] - 2026-04-03
 
 ### Fixed
@@ -7,9 +49,124 @@
 - **MCP data directory** — When the MCP process starts with cwd outside the repo (e.g. Cursor home) and no `NEOHIVE_DATA_DIR`, resolve the hive from repo `.cursor/mcp.json` / sibling config (`lib/resolve-server-data-dir.js`); `lib/config.js` uses the same root so agents and dashboard agree.
 - **Dashboard `projects.json`** — Only rewrite the projects file when the canonical list differs from on-disk data (`pack(nonRedundant) !== pack(raw)`), not on every load when duplicates or default-hive rows were only present in the normalized pass-through list.
 
+## [6.0.2] - 2026-04-02
+
+### Added
+- **Human agent mode** — users can join the team as a human agent via the dashboard
+- **Agent card grid** — overview page shows agent cards with status, active tasks, and quick actions
+- **Checkpoint system** — save and restore agent state snapshots for resumable work
+- **Agent approval flow** — tasks can require explicit agent approval before advancing
+
+### Fixed
+- Message loss on SSE reconnect
+- Token hijack race condition in `listen()`
+- Spinlock in file-based task claiming
+- Silent errors in workflow advancement
+- Messages nav item flickering (switchView scope was too broad)
+- Version strings synced to v6.0.0 across all files
+
+### Changed
+- Dashboard full visual rebrand — amber/gold NeoHive identity with icon rail, overview page, agent bar, and toast notifications
+- Full layout redesign: icon rail sidebar, overview landing page, agent status bar
+
+## [6.0.0] - 2026-04-02
+
+### Breaking — Full Rebrand & Modularization
+
+- **Renamed** — data directory migrated from `.agent-bridge/` → `.neohive/`; startup auto-migrates legacy directories
+- **Modularization** — core business logic extracted to `lib/` modules (`messaging`, `file-io`, `config`, `hooks`, `resolve-server-data-dir`, etc.)
+- **Security hardening** — comprehensive audit: path traversal, XSS, CSRF, symlink, injection, and DoS fixes across dashboard and MCP server
+- **New README** — professional redesign with badges, feature showcase, architecture diagram, and visual hierarchy
+- **`.agent-bridge/` auto-migration** — startup detects and renames legacy data directory with zero data loss
+
+## [5.3.0] - 2026-03-20
+
+### Listen System Overhaul — Zero Token Waste
+
+- **5-minute listen timeout** — `listen()` and `listen_group()` now block for 5 minutes (was 45s), reducing idle token overhead by 7x
+- **fs.watch instant wake** — agents wake immediately when a message arrives, zero CPU/tokens while waiting
+- **Fixed collectBatch bug** — file path was passed as branch name to `sanitizeName()`, breaking `listen_group()` on all platforms
+- **Mode-aware instructions** — managed mode says `listen()`, group mode says `listen_group()`, all modes say "NEVER use sleep()"
+- **Managed mode task tracking** — manager creates tasks/workflows, agents update status as they work (Tasks/Plan tabs stay current)
+- **check_messages warns against loops** — response includes `action_required` telling agents to use `listen()` instead
+- **listen_codex restricted** — description explicitly says "ONLY for Codex CLI, Claude/Gemini must use listen()"
+
+## [5.2.6] - 2026-03-20
+
+### Changed
+- Managed mode guide updated — agents now track active tasks with `update_task` and advance workflows with `advance_workflow` as they work, keeping the Tasks/Plan tabs current in real time
+
+## [5.2.5] - 2026-03-20
+
+### Fixed
+- Token waste — `check_messages` response now includes `action_required` field warning agents to use `listen()` instead of polling loops
+- `listen_codex` description explicitly restricted to Codex CLI only; Claude and Gemini agents must use `listen()`
+
+## [5.2.4] - 2026-03-20
+
+### Fixed
+- All listen instruction strings updated to be mode-aware: managed mode instructs `listen()`, group mode instructs `listen_group()`, all modes say "NEVER use sleep()"
+
+## [5.2.3] - 2026-03-20
+
+### Fixed
+- Mode-aware listen instructions — each conversation mode now returns the correct listen command name in its guide
+
+## [5.2.2] - 2026-03-20
+
+### Fixed
+- Managed mode guide corrected — agents should call `listen()` (not `listen_group()`) between turns in managed mode
+
+## [5.2.1] - 2026-03-20
+
+### Fixed
+- Managed mode guide corrected — agents should use `listen_group()` instead of sleep loops between turns
+
+## [5.2.0] - 2026-03-20
+
+### Security Hardening (50+ fixes across 5 audit rounds)
+
+- **Timing-safe** LAN token comparison (`crypto.timingSafeEqual`)
+- **File permissions** — `.neohive/` created with `0o700`, `.lan-token` with `0o600`
+- **XSS prevention** — `escapeHtml` escapes 6 characters, thread panel escaped, replay export `</script>` escaped, null byte placeholder collision fixed
+- **Path traversal** — containment checks on `/lib/`, `/office/`, `/mods/` with `path.resolve`, mods asset write validated, conversation name regex
+- **Rate limiting** — per-IP API rate limit (300/min), per-IP SSE limit (5), duplicate message detection, escalation broadcast rate limited
+- **File locking** — tasks, workflows, channels all use `withFileLock`, PID-checked force-break, task claiming atomic
+- **Input validation** — content type guards, stricter limits on some dashboard API bodies, agent name regex on all endpoints, avatar URL scheme validation
+- **Security headers** — X-Frame-Options DENY, X-Content-Type-Options nosniff, Referrer-Policy no-referrer, CSP frame-ancestors none
+- **Token removed** from all API responses, destructive endpoints require `confirm: true`
+- **KB prompt injection** prevented — content in separate `reference_notes` field
+- **share_file** denylist for .env, .pem, .key, credentials, data directory
+- **Reserved names** — "Dashboard" blocked from agent registration
+- **Manager claim** TOCTOU fixed with config lock
+
+### Cross-Platform Compatibility
+
+- **Windows line endings** — all JSONL parsing uses `/\r?\n/` (24 sites fixed)
+- **Portable config paths** — removed hardcoded absolute paths from env vars
+- **Codex config backup** — creates `.backup` before modification
+- Works identically on Windows, macOS, and Linux
+
+### New Features
+
+- **Uninstall command** — `npx neohive uninstall` cleanly removes config entries from Claude/Gemini/Codex
+- **Conversation management** — Clear Messages, New Conversation (archive + start fresh), Load saved conversations
+- **Display names** — messages show profile display_name instead of raw registered name
+- **Re-registration prevention** — agents can't change name mid-session
+
+### Fixed
+
+- 11 full-file read optimizations (tailReadJsonl)
+- Test script updated (referenced deleted files)
+- Node engine requirement updated to >=18.0.0
+- Tool count console message corrected (66 tools)
+- SSE heartbeat `.unref()` added
+- Monitor workspace log capped with safe fallback
+- Edit history capped at 10 entries per message
+
 ## [5.1.0] - 2026-03-19
 
-### Major — True Autonomy Engine + Team Intelligence + Scale to 100
+### Major — True Autonomy Engine + Team Intelligence + Scale to 100 Agents
 
 Built by a 4-agent team (Backend, Protocol, Tester, Coordinator) + Advisor agent, working autonomously.
 
@@ -67,39 +224,16 @@ Built by a 4-agent team (Backend, Protocol, Tester, Coordinator) + Advisor agent
 
 ## [4.3.0] - 2026-03-17
 
-### Major — 3D Hub Game World, World Builder, Jukebox
+### Major — Agent Respawn, Team Automation
 
 Built by a 5-agent team (Architect, Builder, Tester, Optimizer, Protocol) working in parallel.
 
-### Added — 3D Hub Game Features
-- **World Builder** — Press B in player mode to open builder panel. 16 placeable assets across 5 categories (structural, furniture, decor, tech, lighting). Grid snap, ghost preview, R to rotate, right-click delete, Ctrl+Z undo. Draggable panel, works in fullscreen.
-- **Jukebox** — Wurlitzer 1015-style jukebox in bar area with neon glow animation. Press E to interact. 4 playlist selector with YouTube popup player. Music persists while exploring.
-- **Minimap** — 140px radar overlay showing agent positions (color-coded by status) and player location. Only visible in fullscreen mode.
-- **Controls HUD** — Press H to toggle keybind reference panel. Auto-shows for 4 seconds on world entry.
-- **Fullscreen** — Dashboard fullscreen button now fullscreens only the 3D Hub (game mode), not the entire page.
-
-### Added — Character Intelligence
-- **Emotion system** — 11 emotion presets (happy, frustrated, thinking, excited, surprised, etc.) with auto-triggers from message content. Temporary face expression changes with auto-revert.
-- **Social visits** — Idle agents randomly walk to other agents' desks to chat (max 2 concurrent walks).
-- **Glance reactions** — Sitting agents turn heads toward speakers when messages are sent.
-- **Head nods** — Periodic nod animation when being visited by another agent.
-- **Auto coffee break** — Sleeping agents walk to rest area, return to desk when active again.
-- **Non-blocking input overlay** — Replaced browser prompt() dialogs with styled HTML overlay for click commands.
-
 ### Added — Dashboard
-- **Respawn button** — One-click respawn for dead agents. Generates resume prompt from recovery snapshot + profile + tasks + recent history.
-- **Respawn API** — `GET /api/agents/:name/respawn-prompt` endpoint with full context generation.
-- **World Builder API** — `GET /api/world-layout` + `POST /api/world-save` for persistent world placements.
-- **3D-only fullscreen** — Fullscreen targets 3D container when on 3D Hub tab.
+- **Respawn button** — One-click respawn for dead agents. Generates a resume prompt from the agent's recovery snapshot, profile, active tasks, and recent message history.
+- **Respawn API** — `GET /api/agents/:name/respawn-prompt` endpoint returns full context for agent resurrection.
 
 ### Fixed
-- **Manager chair spawn** — Stand-up now places player in front of desk (toward door), preventing wall collision.
-- **CSRF on 3D Hub** — Added X-LTT-Request header to all office module POST requests (builder save, command menu actions).
 - **Respawn endpoint validation** — Agent name validated (alphanumeric, max 20 chars) to prevent path traversal.
-- **Builder lazy-load** — Dynamic import() with silent failure prevents builder issues from breaking 3D Hub.
-- **Jukebox popup orphan** — Module-scoped reference survives overlay dismiss/reopen cycles.
-- **Builder drag listener leak** — Stored refs removed in hidePanel().
-- **Jukebox prompt cleanup** — dismissJukebox() called in office3dStop().
 
 ### Security
 - npm audit: 0 vulnerabilities
@@ -185,6 +319,11 @@ Massive scaling overhaul designed, implemented, and audited by a 3-agent team (A
 - **Input type validation** — `reply_to` and `channel` parameters type-checked as strings in `send_message`.
 - **Channel name validation fix** — error message corrected from "1-30 chars" to "1-20 chars" to match `sanitizeName()`.
 
+## [3.10.1] - 2026-03-17
+
+### Added
+- **Stuck detector** — `listen_group()` detects when an agent has sent the same error or message pattern 3 times in a row and injects targeted hints to break the loop
+
 ## [3.10.0] - 2026-03-17
 
 ### Added — Dynamic Guide with Progressive Disclosure
@@ -257,11 +396,6 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - Own messages are auto-consumed on sight
 - Own messages still visible in `context` array for reference
 
-### Added — 3D World: Player Mode & Improvements
-- **Player character** — users can spawn as a controllable character in the 3D Hub
-- **Spectator camera improvements** — refined controls and speed
-- **Environment updates** — campus environment refinements
-
 ## [3.7.0] - 2026-03-16
 
 ### Added — Agent Ecosystem (20 new tools, 52 total)
@@ -287,8 +421,6 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - **Auto-reputation tracking** — global hook tracks every action (messages, tasks, reviews, decisions, KB writes) without manual calls
 
 ### Fixed
-- **Monitor screens stay red** when agent stops listening — persistent color state instead of 300ms flash
-- **"NOT LISTENING" warning** shown prominently on desk monitor canvas
 - **Status color logic** — green = listening, red = active but not listening, yellow = sleeping, dim = dead
 
 ## [3.6.2] - 2026-03-16
@@ -300,18 +432,6 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - **Agent status in batch** — `listen_group` returns `agents_status` map showing who is `listening` vs `working`
 - **listen_group retry** — timeout now returns `retry: true` with explicit instruction to call again immediately
 - **next_action field** — successful `listen_group` response tells agent to call `listen_group()` again after responding
-- **Ctrl key removed from camera** — no longer moves camera down (Q/E only)
-
-### Added — 3D World: Campus Environment & Navigation
-- **Campus environment** — new outdoor environment option with buildings, paths, green spaces
-- **Navigation system** — pathfinding for agents to walk around obstacles instead of through walls
-- **Door animations** — manager office door slides open when agents approach, closes when they leave
-- **Roof visibility** — roof hides when camera is above ceiling height
-
-## [3.6.1] - 2026-03-16
-
-### Fixed
-- **3D Hub black screen on page load** — the office module loads asynchronously, but the initial `switchView('office')` fired before `office3dStart` was defined. Added auto-start at end of module so the 3D Hub loads immediately on refresh.
 
 ## [3.6.0] - 2026-03-16
 
@@ -331,31 +451,6 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - **Dashboard Docs tab** — in-dashboard documentation with full tool reference, managed mode guide, architecture, version history
 - **Dashboard managed mode badge** — header shows current phase and floor status when managed mode is active
 
-### Added — 3D World Improvements
-
-- **Spectator camera** — free-fly WASD + mouse camera replacing OrbitControls, no distance limits, Shift for fast movement, Q/E up/down
-- **6 new hairstyles** — curly, afro, bun, braids, mohawk, wavy
-- **6 new eye styles** — surprised, angry, happy, wink, confident, tired
-- **5 new mouth styles** — grin, frown, smirk, tongue, whistle
-- **6 outfit types** — hoodie, suit, dress, lab coat, vest, jacket with color customization
-- **3 body types** — default, stocky, slim (scale multipliers on torso/legs/arms)
-- **5 gesture animations** — wave, think, point, celebrate, stretch with idle gesture system
-- **New furniture** — bookshelf (random colored books), wall TV (animated dashboard with agent stats, scrolling ticker, clock), arcade machine (cabinet + screen + joystick + buttons), floor lamp (warm point light), area rug
-- **Agent behavior** — realistic conversation distance (1.8m), listener turns toward speaker, broadcast triggers wave gesture, task completion triggers celebrate
-- **3D Hub** — renamed from "Office", now default tab on page load
-- **Speed slider** — camera speed control in toolbar (1-20)
-
-### Added — 3D Virtual Office (v1 foundation from previous session)
-
-- **Modular 3D engine** — 14 ES modules under `office/`
-- **Expanded office** — 28x16 floor with right wing, dividing wall, LOUNGE archway
-- **Dressing room** — mirror, raised platform, privacy partitions, coat hooks
-- **Rest area** — beanbags, circular rug, side table, warm ambient lighting
-- **Click-to-command** — Dressing Room, Go Rest, Back to Work, Edit Profile
-- **Character designer** — 5-tab panel with live 3D rotating preview
-- **Accessory system** — glasses, headwear, neckwear with color customization
-- **Mod system infrastructure** — GLB/GLTF pipeline with validation
-
 ### Security
 - **Config file lock** — `config.json` read-modify-write operations now use file-based locking (same pattern as `agents.json`)
 - **Reserved name blocklist** — `__system__`, `__all__`, `__open__`, `__close__`, `system` cannot be registered as agent names
@@ -363,12 +458,6 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - **Floor enforcement on all message paths** — `handoff` and `share_file` now enforce managed mode floor control
 - **Branch-aware system messages** — floor/phase notifications sent to recipient's branch, not sender's
 - **Phase history cap** — limited to 50 entries to prevent config.json bloat
-- `/office/*` and `/mods/*` static routes with path traversal protection
-- Mod file type allowlist blocks all executable formats
-- GLB magic bytes validation (server + client)
-
-### Removed
-- ~1,100 lines of dead 2D isometric office code
 
 ## [3.5.0] - 2026-03-15
 
@@ -516,6 +605,14 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - Copy-to-clipboard double-escaped HTML entities in template prompts
 - Duplicate deleteMessage function shadowing
 
+## [3.3.3] - 2026-03-15
+
+### Fixed
+- iOS dashboard crash — `Notification` API unavailable on iOS Safari; wrapped in availability check
+- Mobile UI overhaul — layout, font sizes, and button targets reworked for phone-sized screens
+- Phone sync — wait for `loadProjects()` to complete before first poll; auto-select project when only one is registered
+- LAN mode now persists across dashboard restarts (stored in `.lan-token` file)
+
 ## [3.3.2] - 2026-03-14
 
 ### Changed
@@ -525,6 +622,71 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - Added .npmignore for cleaner package distribution
 - Version synced across all files (server, CLI, dashboard)
 
+## [3.3.1] - 2026-03-14
+
+### Added
+- SECURITY.md with vulnerability disclosure policy
+- CHANGELOG.md added to published npm package
+- Version strings synced across server, CLI, dashboard, and package.json
+
+## [3.3.0] - 2026-03-14
+
+### Security — Deep Hardening
+- **Sandbox hardening** — eval and Function constructor blocked in message rendering context
+- **Anti-impersonation** — agents cannot register names that shadow existing live agents
+- **Rate limiting** — per-agent send rate limiting (10 messages/10s) to prevent broadcast storms
+- **Input sanitization** — agent name, message content, and task fields validated and length-capped on all endpoints
+- Discord invite link added to README and docs
+
+## [3.2.3] - 2026-03-14
+
+### Fixed
+- README added to npm package (`files` array in package.json)
+
+## [3.2.2] - 2026-03-14
+
+### Security
+- CSRF protection added to all mutating dashboard endpoints
+- XSS fixes in message rendering and export
+- Symlink traversal prevention in file-serving routes
+- Command injection guards on reset and init paths
+- DoS mitigation: request body size limits, JSON parse error handling
+
+## [3.2.1] - 2026-03-14
+
+### Changed
+- MCP SDK updated to 1.27.1
+- Removed unused `exec` import from server.js
+
+## [3.2.0] - 2026-03-14
+
+### Added
+- Documentation site scaffolding
+- LICENSE file (MIT)
+- MCP SDK version pinned to prevent breaking changes on install
+
+### Fixed
+- Reset crash when `.neohive/` directory contained unexpected files
+- Version strings updated across all files
+
+## [3.1.1] - 2026-03-14
+
+### Added
+- **Phone access modal** — dashboard shows QR code and LAN URL for mobile access
+- **LAN toggle** — enable/disable LAN mode without restarting the server
+- **Project auto-init** — adding a folder via the dashboard now initializes it if no `.neohive/` exists
+
+### Fixed
+- Avatar undefined in messages — `getMsgAvatar()` moved before conditional rendering
+- Phone URL now includes the active project for automatic sync on mobile open
+- Auto-switch to newly added project after adding via dashboard
+
+## [3.1.0] - 2026-03-14
+
+### Fixed
+- LAN IP detection now prefers real interface addresses over link-local (`169.254.x.x`) and loopback addresses
+- LAN toggle no longer kills the dashboard process (use `handle.close()` not `server.close()`)
+
 ## [3.0.0] - 2026-03-14
 
 ### Added — Agent Profiles
@@ -593,6 +755,21 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - Registration guard on `reset` tool
 - Removed absolute file paths from share_file responses
 
+## [2.4.0] - 2026-03-14
+
+### Added
+- Agent metrics panel — per-agent message counts, average response time, and activity sparklines
+- Shareable HTML export — `/api/export` endpoint generates a self-contained replay file
+- Export dropdown (HTML + Markdown formats)
+- Stats panel in dashboard sidebar
+
+## [2.3.1] - 2026-03-14
+
+### Added
+- Context hints — agents warned when conversation exceeds 50 messages
+- Auto-compact — `messages.jsonl` automatically compacted when exceeding 500 lines
+- Project auto-discover — dashboard scans sibling directories and suggests projects to add
+
 ## [2.3.0] - 2026-03-14
 
 ### Added
@@ -606,6 +783,14 @@ Redesigned from the ground up based on 3-agent collaborative testing and design
 - Handoff message rendering (purple banner)
 - File share message rendering (file icon + size)
 
+## [2.2.0] - 2026-03-14
+
+### Added
+- Agent templates — 4 built-in conversation starters (pair, team, review, debate)
+- Conversation summary tool (`get_summary`) for generating recaps
+- Auto-archive — conversations archived automatically before reset
+- Dashboard: "New Conversation" flow
+
 ## [2.1.0] - 2026-03-14
 
 ### Added