npm - sidekick-agent-hub - Versions diffs - 0.18.5 → 0.19.0 - Mend

sidekick-agent-hub 0.18.5 → 0.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/sidekick-cli.mjs +417 -60
package/package.json +1 -1

package/dist/sidekick-cli.mjs CHANGED Viewed

@@ -4518,6 +4518,7 @@ var require_codexProfiles = __commonJS({
     exports.prepareCodexAccount = prepareCodexAccount2;
     exports.finalizeCodexAccount = finalizeCodexAccount2;
     exports.switchToCodexAccount = switchToCodexAccount2;
+    exports.reconcileCodexAuthState = reconcileCodexAuthState;
     exports.removeCodexAccount = removeCodexAccount2;
     var fs9 = __importStar(__require("fs"));
     var os6 = __importStar(__require("os"));
@@ -4525,6 +4526,7 @@ var require_codexProfiles = __commonJS({
     var child_process_1 = __require("child_process");
     var crypto_1 = __require("crypto");
     var accountRegistry_1 = require_accountRegistry();
+    var STALE_AUTH_THRESHOLD_MS = 8 * 24 * 60 * 60 * 1e3;
     function getDefaultSystemCodexHome() {
       return path8.join(os6.homedir(), ".codex");
     }
@@ -4551,12 +4553,13 @@ var require_codexProfiles = __commonJS({
       const explicitHome = getExplicitCodexHome();
       if (explicitHome)
         return [explicitHome];
-      const homes = [];
-      const active = getActiveCodexAccount3();
-      if (active) {
-        homes.push(getCodexProfileHome(active.id));
+      const homes = [getDefaultSystemCodexHome()];
+      for (const profile of listCodexAccounts2()) {
+        const profileHome = getCodexProfileHome(profile.id);
+        if (fs9.existsSync(path8.join(profileHome, "sessions"))) {
+          homes.push(profileHome);
+        }
       }
-      homes.push(getDefaultSystemCodexHome());
       return dedupePaths(homes);
     }
     function getCodexProfilesDir() {
@@ -4578,8 +4581,37 @@ var require_codexProfiles = __commonJS({
       const tmp = filePath + ".tmp";
       const json = JSON.stringify(data, null, 2);
       JSON.parse(json);
-      fs9.writeFileSync(tmp, json, { encoding: "utf8", mode });
-      fs9.renameSync(tmp, filePath);
+      try {
+        fs9.writeFileSync(tmp, json, { encoding: "utf8", mode });
+        fs9.renameSync(tmp, filePath);
+      } catch (err) {
+        try {
+          fs9.unlinkSync(tmp);
+        } catch {
+        }
+        throw err;
+      }
+    }
+    function atomicWriteFile(filePath, content, mode = 384) {
+      fs9.mkdirSync(path8.dirname(filePath), { recursive: true, mode: 448 });
+      const tmp = filePath + ".tmp";
+      try {
+        fs9.writeFileSync(tmp, content, { encoding: "utf8", mode });
+        fs9.renameSync(tmp, filePath);
+      } catch (err) {
+        try {
+          fs9.unlinkSync(tmp);
+        } catch {
+        }
+        throw err;
+      }
+    }
+    function readFileOrNull(filePath) {
+      try {
+        return fs9.readFileSync(filePath, "utf8");
+      } catch {
+        return null;
+      }
     }
     function readPendingProfile(profileId) {
       try {
@@ -4618,30 +4650,55 @@ var require_codexProfiles = __commonJS({
         return null;
       }
     }
-    function readMetadataFromAuthJson(codexHome) {
-      const authPath = path8.join(codexHome, "auth.json");
-      if (!fs9.existsSync(authPath))
-        return {};
+    function parseAuthJson(raw) {
+      if (!raw)
+        return null;
       try {
-        const parsed = JSON.parse(fs9.readFileSync(authPath, "utf8"));
-        const idToken = parsed.tokens?.id_token;
-        const claims = idToken ? parseJwtPayload(idToken) : null;
-        const profileClaims = claims?.["https://api.openai.com/profile"];
-        const authClaims = claims?.["https://api.openai.com/auth"];
-        const email = typeof claims?.email === "string" ? claims.email : typeof profileClaims?.email === "string" ? profileClaims.email : void 0;
-        const workspaceId = typeof authClaims?.chatgpt_account_id === "string" ? authClaims.chatgpt_account_id : parsed.tokens?.account_id;
-        const planType = typeof authClaims?.chatgpt_plan_type === "string" ? authClaims.chatgpt_plan_type : void 0;
-        const authMode = parsed.OPENAI_API_KEY || parsed.auth_mode === "api_key" ? "api-key" : "chatgpt";
-        return {
-          email,
-          workspaceId,
-          planType,
-          authMode
-        };
+        return JSON.parse(raw);
       } catch {
-        return {};
+        return null;
       }
     }
+    function readAuthIdentityFromRaw(raw) {
+      const parsed = parseAuthJson(raw);
+      if (!parsed)
+        return null;
+      const idToken = parsed.tokens?.id_token;
+      const claims = idToken ? parseJwtPayload(idToken) : null;
+      const profileClaims = claims?.["https://api.openai.com/profile"];
+      const authClaims = claims?.["https://api.openai.com/auth"];
+      const email = typeof claims?.email === "string" ? claims.email : typeof profileClaims?.email === "string" ? profileClaims.email : void 0;
+      const workspaceId = typeof authClaims?.chatgpt_account_id === "string" ? authClaims.chatgpt_account_id : parsed.tokens?.account_id;
+      const planType = typeof authClaims?.chatgpt_plan_type === "string" ? authClaims.chatgpt_plan_type : void 0;
+      const authMode = parsed.OPENAI_API_KEY || parsed.auth_mode === "api_key" ? "api-key" : "chatgpt";
+      return { email, workspaceId, planType, authMode };
+    }
+    function readLastRefresh(raw, fallbackPath) {
+      const parsed = parseAuthJson(raw);
+      if (parsed?.last_refresh) {
+        const ts = Date.parse(parsed.last_refresh);
+        if (!Number.isNaN(ts))
+          return ts;
+      }
+      if (fallbackPath) {
+        try {
+          return fs9.statSync(fallbackPath).mtimeMs;
+        } catch {
+        }
+      }
+      return null;
+    }
+    function readMetadataFromAuthJson(codexHome) {
+      const identity = readAuthIdentityFromRaw(readFileOrNull(path8.join(codexHome, "auth.json")));
+      if (!identity)
+        return {};
+      return {
+        email: identity.email,
+        workspaceId: identity.workspaceId,
+        planType: identity.planType,
+        authMode: identity.authMode
+      };
+    }
     function readMetadataFromLegacyCredentials(codexHome) {
       const legacyPath = path8.join(codexHome, ".credentials.json");
       if (!fs9.existsSync(legacyPath))
@@ -4676,6 +4733,15 @@ var require_codexProfiles = __commonJS({
       }
       return { loggedIn: false };
     }
+    function detectRunningCodexProcess() {
+      if (process.platform === "win32")
+        return false;
+      try {
+        return (0, child_process_1.spawnSync)("pgrep", ["-x", "codex"], { encoding: "utf8" }).status === 0;
+      } catch {
+        return false;
+      }
+    }
     function readCodexAccountMetadata(codexHome) {
       const fromAuth = readMetadataFromAuthJson(codexHome);
       if (fromAuth.email || fromAuth.workspaceId || fromAuth.planType || fromAuth.authMode) {
@@ -4711,15 +4777,6 @@ var require_codexProfiles = __commonJS({
       return (0, accountRegistry_1.getActiveSavedAccount)("codex");
     }
     function resolveSidekickCodexHome() {
-      const explicitHome = process.env.CODEX_HOME;
-      if (explicitHome)
-        return explicitHome;
-      const active = getActiveCodexAccount3();
-      if (active) {
-        const managedHome = getCodexProfileHome(active.id);
-        if (fs9.existsSync(managedHome))
-          return managedHome;
-      }
       return getSystemCodexHome();
     }
     function getCodexExecutionEnv2(baseEnv = process.env) {
@@ -4773,24 +4830,245 @@ var require_codexProfiles = __commonJS({
         return { success: false, error: "Codex profile is not authenticated yet." };
       }
       const metadata = readCodexAccountMetadata(codexHome);
-      (0, accountRegistry_1.upsertSavedAccountProfile)({
+      const profile = {
         id: profileId,
         providerId: "codex",
         label: pending.label,
         email: metadata.email,
         addedAt: pending.addedAt,
         metadata
-      });
-      (0, accountRegistry_1.setActiveSavedAccount)("codex", profileId);
-      return { success: true };
+      };
+      (0, accountRegistry_1.upsertSavedAccountProfile)(profile);
+      const hasCredentialFiles = fs9.existsSync(path8.join(codexHome, "auth.json")) || fs9.existsSync(path8.join(codexHome, ".credentials.json"));
+      if (!hasCredentialFiles) {
+        (0, accountRegistry_1.setActiveSavedAccount)("codex", profileId);
+        return {
+          success: true,
+          warning: "Codex stores credentials in the OS keyring; sidekick cannot swap them per account, so `codex` keeps using the keyring credentials."
+        };
+      }
+      return performCodexAuthSwap(profile);
+    }
+    function getCodexStashDir() {
+      return path8.join((0, accountRegistry_1.getAccountsDir)(), "codex", "stash");
+    }
+    function stashLiveCodexAuth(liveAuthRaw, liveLegacyRaw) {
+      try {
+        const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+        let stashPath = null;
+        if (liveAuthRaw) {
+          stashPath = path8.join(getCodexStashDir(), `auth-${stamp}.json`);
+          atomicWriteFile(stashPath, liveAuthRaw);
+        }
+        if (liveLegacyRaw) {
+          const legacyStashPath = path8.join(getCodexStashDir(), `credentials-${stamp}.json`);
+          atomicWriteFile(legacyStashPath, liveLegacyRaw);
+          stashPath = stashPath ?? legacyStashPath;
+        }
+        return stashPath;
+      } catch {
+        return null;
+      }
+    }
+    function findProfileForIdentity(identity) {
+      const profiles = listCodexAccounts2();
+      if (identity?.workspaceId) {
+        const byWorkspace = profiles.find((profile) => profile.metadata?.workspaceId === identity.workspaceId);
+        if (byWorkspace)
+          return byWorkspace;
+      }
+      if (identity?.email) {
+        const byEmail = profiles.find((profile) => (profile.email ?? profile.metadata?.email) === identity.email);
+        if (byEmail)
+          return byEmail;
+      }
+      if (!identity?.workspaceId && !identity?.email) {
+        return getActiveCodexAccount3();
+      }
+      return null;
+    }
+    function syncBackLiveCodexAuth(liveAuthRaw, liveLegacyRaw) {
+      if (!liveAuthRaw && !liveLegacyRaw)
+        return {};
+      try {
+        const identity = readAuthIdentityFromRaw(liveAuthRaw);
+        const profile = findProfileForIdentity(identity);
+        if (!profile) {
+          const stashPath = stashLiveCodexAuth(liveAuthRaw, liveLegacyRaw);
+          return {
+            stashPath: stashPath ?? void 0,
+            warning: stashPath ? `Live Codex credentials did not match any saved account; stashed at ${stashPath}.` : "Live Codex credentials did not match any saved account and could not be stashed."
+          };
+        }
+        const profileHome = getCodexProfileHome(profile.id);
+        if (liveAuthRaw)
+          atomicWriteFile(path8.join(profileHome, "auth.json"), liveAuthRaw);
+        if (liveLegacyRaw)
+          atomicWriteFile(path8.join(profileHome, ".credentials.json"), liveLegacyRaw);
+        try {
+          const metadata = readCodexAccountMetadata(profileHome);
+          (0, accountRegistry_1.upsertSavedAccountProfile)({
+            ...profile,
+            email: metadata.email ?? profile.email,
+            metadata: { ...profile.metadata, ...metadata }
+          });
+        } catch {
+        }
+        return { syncedProfileId: profile.id };
+      } catch (err) {
+        return { warning: `Could not back up live Codex credentials: ${err}` };
+      }
+    }
+    function performCodexAuthSwap(target) {
+      const systemHome = getSystemCodexHome();
+      const liveAuthPath = path8.join(systemHome, "auth.json");
+      const liveLegacyPath = path8.join(systemHome, ".credentials.json");
+      const liveAuthRaw = readFileOrNull(liveAuthPath);
+      const liveLegacyRaw = readFileOrNull(liveLegacyPath);
+      if (!liveAuthRaw && !liveLegacyRaw && getCodexLoginStatus(systemHome).loggedIn) {
+        return {
+          success: false,
+          error: 'Codex stores credentials in the OS keyring; file-based account switching is not supported. Set `cli_auth_credentials_store = "file"` in ~/.codex/config.toml and run `codex login` again.'
+        };
+      }
+      const profileHome = getCodexProfileHome(target.id);
+      const targetAuthPath = path8.join(profileHome, "auth.json");
+      const targetAuthRaw = readFileOrNull(targetAuthPath);
+      const targetLegacyRaw = readFileOrNull(path8.join(profileHome, ".credentials.json"));
+      const targetName = target.label ?? target.email ?? target.id;
+      if (!targetAuthRaw && !targetLegacyRaw) {
+        return { success: false, error: `No stored credentials for "${targetName}". Remove and re-add this account.` };
+      }
+      if (targetAuthRaw && !parseAuthJson(targetAuthRaw)) {
+        return { success: false, error: `Stored credentials for "${targetName}" are corrupted. Remove and re-add this account.` };
+      }
+      const warnings = [];
+      if (detectRunningCodexProcess()) {
+        warnings.push("A codex process appears to be running; restart codex sessions so they pick up the switched account.");
+      }
+      const liveIdentity = readAuthIdentityFromRaw(liveAuthRaw);
+      const targetIdentity = readAuthIdentityFromRaw(targetAuthRaw);
+      const targetWorkspaceId = target.metadata?.workspaceId ?? targetIdentity?.workspaceId;
+      const targetEmail = target.email ?? target.metadata?.email ?? targetIdentity?.email;
+      const liveMatchesTarget = Boolean(liveIdentity?.workspaceId && targetWorkspaceId && liveIdentity.workspaceId === targetWorkspaceId || liveIdentity?.email && targetEmail && liveIdentity.email === targetEmail || liveAuthRaw !== null && liveAuthRaw === targetAuthRaw || !liveAuthRaw && !targetAuthRaw && liveLegacyRaw !== null && liveLegacyRaw === targetLegacyRaw);
+      if (liveMatchesTarget) {
+        try {
+          if (liveAuthRaw)
+            atomicWriteFile(targetAuthPath, liveAuthRaw);
+          if (liveLegacyRaw)
+            atomicWriteFile(path8.join(profileHome, ".credentials.json"), liveLegacyRaw);
+          const metadata = readCodexAccountMetadata(profileHome);
+          (0, accountRegistry_1.upsertSavedAccountProfile)({
+            ...target,
+            email: metadata.email ?? target.email,
+            metadata: { ...target.metadata, ...metadata }
+          });
+        } catch {
+        }
+        (0, accountRegistry_1.setActiveSavedAccount)("codex", target.id);
+        return { success: true, warning: warnings.length ? warnings.join(" ") : void 0 };
+      }
+      const targetLastRefresh = readLastRefresh(targetAuthRaw, targetAuthPath);
+      if (targetLastRefresh !== null && Date.now() - targetLastRefresh > STALE_AUTH_THRESHOLD_MS) {
+        warnings.push(`Stored credentials for "${targetName}" have not been refreshed in over 8 days; codex may ask you to log in again.`);
+      }
+      const syncBack = syncBackLiveCodexAuth(liveAuthRaw, liveLegacyRaw);
+      if (syncBack.warning)
+        warnings.push(syncBack.warning);
+      const restoreLiveFiles = () => {
+        try {
+          if (liveAuthRaw)
+            atomicWriteFile(liveAuthPath, liveAuthRaw);
+          else
+            fs9.rmSync(liveAuthPath, { force: true });
+          if (liveLegacyRaw)
+            atomicWriteFile(liveLegacyPath, liveLegacyRaw);
+          else
+            fs9.rmSync(liveLegacyPath, { force: true });
+        } catch {
+        }
+      };
+      try {
+        if (targetAuthRaw) {
+          atomicWriteFile(liveAuthPath, targetAuthRaw);
+          if (targetLegacyRaw)
+            atomicWriteFile(liveLegacyPath, targetLegacyRaw);
+          else if (liveLegacyRaw)
+            fs9.rmSync(liveLegacyPath, { force: true });
+        } else {
+          atomicWriteFile(liveLegacyPath, targetLegacyRaw);
+          if (liveAuthRaw)
+            fs9.rmSync(liveAuthPath, { force: true });
+        }
+      } catch (err) {
+        restoreLiveFiles();
+        return { success: false, error: `Failed to write Codex credentials: ${err}` };
+      }
+      try {
+        (0, accountRegistry_1.setActiveSavedAccount)("codex", target.id);
+      } catch (err) {
+        restoreLiveFiles();
+        return { success: false, error: `Failed to update account registry: ${err}` };
+      }
+      return { success: true, warning: warnings.length ? warnings.join(" ") : void 0 };
     }
     function switchToCodexAccount2(profileId) {
       const target = listCodexAccounts2().find((account) => account.id === profileId);
       if (!target) {
         return { success: false, error: `Codex account ${profileId} not found.` };
       }
-      (0, accountRegistry_1.setActiveSavedAccount)("codex", profileId);
-      return { success: true };
+      return performCodexAuthSwap(target);
+    }
+    function reconcileCodexAuthState() {
+      try {
+        const markerPath = path8.join((0, accountRegistry_1.getAccountsDir)(), "codex", ".live-auth-migrated-v1");
+        if (fs9.existsSync(markerPath))
+          return;
+        const writeMarker = () => atomicWriteFile(markerPath, (/* @__PURE__ */ new Date()).toISOString() + "\n");
+        const active = getActiveCodexAccount3();
+        if (!active) {
+          writeMarker();
+          return;
+        }
+        const profileHome = getCodexProfileHome(active.id);
+        const profileAuthPath = path8.join(profileHome, "auth.json");
+        const profileAuthRaw = readFileOrNull(profileAuthPath);
+        if (!profileAuthRaw) {
+          writeMarker();
+          return;
+        }
+        const systemHome = getSystemCodexHome();
+        const liveAuthPath = path8.join(systemHome, "auth.json");
+        const liveAuthRaw = readFileOrNull(liveAuthPath);
+        if (!liveAuthRaw) {
+          if (!getCodexLoginStatus(systemHome).loggedIn) {
+            atomicWriteFile(liveAuthPath, profileAuthRaw);
+          }
+          writeMarker();
+          return;
+        }
+        const liveIdentity = readAuthIdentityFromRaw(liveAuthRaw);
+        const profileIdentity = readAuthIdentityFromRaw(profileAuthRaw);
+        const sameIdentity = Boolean(liveIdentity?.workspaceId && profileIdentity?.workspaceId && liveIdentity.workspaceId === profileIdentity.workspaceId || liveIdentity?.email && liveIdentity.email === profileIdentity?.email);
+        if (sameIdentity) {
+          const liveRefresh = readLastRefresh(liveAuthRaw, liveAuthPath);
+          const profileRefresh = readLastRefresh(profileAuthRaw, profileAuthPath);
+          if (profileRefresh !== null && (liveRefresh === null || profileRefresh > liveRefresh)) {
+            stashLiveCodexAuth(liveAuthRaw, null);
+            atomicWriteFile(liveAuthPath, profileAuthRaw);
+          } else {
+            atomicWriteFile(profileAuthPath, liveAuthRaw);
+          }
+        } else {
+          const matching = findProfileForIdentity(liveIdentity);
+          if (matching && matching.id !== active.id) {
+            atomicWriteFile(path8.join(getCodexProfileHome(matching.id), "auth.json"), liveAuthRaw);
+            (0, accountRegistry_1.setActiveSavedAccount)("codex", matching.id);
+          }
+        }
+        writeMarker();
+      } catch {
+      }
     }
     function removeCodexAccount2(profileId) {
       const removed = (0, accountRegistry_1.removeSavedAccountProfile)("codex", profileId);
@@ -5939,7 +6217,9 @@ var require_modelContext = __commonJS({
     exports.DEFAULT_CONTEXT_WINDOW = void 0;
     exports.getModelContextWindowSize = getModelContextWindowSize2;
     var MODEL_CONTEXT_SIZES = {
-      // Claude — native 1M context (Opus 4.6+, Sonnet 4.6+)
+      // Claude — native 1M context (Fable 5, Opus 4.6+, Sonnet 4.6+)
+      "claude-fable-5": 1e6,
+      "claude-opus-4-8": 1e6,
       "claude-opus-4-7": 1e6,
       "claude-opus-4-6": 1e6,
       "claude-sonnet-4-7": 1e6,
@@ -6021,6 +6301,18 @@ var require_modelInfo = __commonJS({
     var modelContext_1 = require_modelContext();
     var PRICING_TABLE = {
       // ── Anthropic: Claude ──
+      "claude-fable-5": {
+        inputCostPerMillion: 10,
+        outputCostPerMillion: 50,
+        cacheWriteCostPerMillion: 12.5,
+        cacheReadCostPerMillion: 1
+      },
+      "claude-haiku-4-5": {
+        inputCostPerMillion: 1,
+        outputCostPerMillion: 5,
+        cacheWriteCostPerMillion: 1.25,
+        cacheReadCostPerMillion: 0.1
+      },
       "claude-haiku-4.5": {
         inputCostPerMillion: 1,
         outputCostPerMillion: 5,
@@ -6033,12 +6325,24 @@ var require_modelInfo = __commonJS({
         cacheWriteCostPerMillion: 1,
         cacheReadCostPerMillion: 0.08
       },
+      "claude-sonnet-4-6": {
+        inputCostPerMillion: 3,
+        outputCostPerMillion: 15,
+        cacheWriteCostPerMillion: 3.75,
+        cacheReadCostPerMillion: 0.3
+      },
       "claude-sonnet-4.6": {
         inputCostPerMillion: 3,
         outputCostPerMillion: 15,
         cacheWriteCostPerMillion: 3.75,
         cacheReadCostPerMillion: 0.3
       },
+      "claude-sonnet-4-5": {
+        inputCostPerMillion: 3,
+        outputCostPerMillion: 15,
+        cacheWriteCostPerMillion: 3.75,
+        cacheReadCostPerMillion: 0.3
+      },
       "claude-sonnet-4.5": {
         inputCostPerMillion: 3,
         outputCostPerMillion: 15,
@@ -6051,11 +6355,41 @@ var require_modelInfo = __commonJS({
         cacheWriteCostPerMillion: 3.75,
         cacheReadCostPerMillion: 0.3
       },
+      "claude-opus-4-8": {
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
+      },
+      "claude-opus-4.8": {
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
+      },
+      "claude-opus-4-7": {
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
+      },
+      "claude-opus-4.7": {
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
+      },
+      "claude-opus-4-6": {
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
+      },
       "claude-opus-4.6": {
-        inputCostPerMillion: 15,
-        outputCostPerMillion: 75,
-        cacheWriteCostPerMillion: 18.75,
-        cacheReadCostPerMillion: 1.5
+        inputCostPerMillion: 5,
+        outputCostPerMillion: 25,
+        cacheWriteCostPerMillion: 6.25,
+        cacheReadCostPerMillion: 0.5
       },
       "claude-opus-4.5": {
         inputCostPerMillion: 5,
@@ -6063,6 +6397,7 @@ var require_modelInfo = __commonJS({
         cacheWriteCostPerMillion: 6.25,
         cacheReadCostPerMillion: 0.5
       },
+      // Opus 4.0 / 4.1 — pre-4.5 pricing tier
       "claude-opus-4": {
         inputCostPerMillion: 15,
         outputCostPerMillion: 75,
@@ -6161,7 +6496,7 @@ var require_modelInfo = __commonJS({
       overrideTable = {};
       overrideSortedKeys = [];
     }
-    var CLAUDE_RE = /^claude-(haiku|sonnet|opus)-([0-9.]+)/i;
+    var CLAUDE_RE = /^claude-(haiku|sonnet|opus|fable)-([0-9.]+)/i;
     var LEGACY_CLAUDE_RE = /^claude-([0-9]+(?:[-.][0-9]+)?)-(haiku|sonnet|opus)(?:-|$)/i;
     var GPT_RE = /^gpt-([0-9][0-9.A-Za-z-]*)/i;
     var O_SERIES_RE = /^o([0-9]+)(-mini|-pro)?/i;
@@ -6282,9 +6617,10 @@ var require_modelInfo = __commonJS({
       return modelId;
     }
     var CLAUDE_FAMILY_RANK = {
-      opus: 0,
-      sonnet: 1,
-      haiku: 2
+      fable: 0,
+      opus: 1,
+      sonnet: 2,
+      haiku: 3
     };
     function versionRank(version) {
       if (!version)
@@ -19309,6 +19645,11 @@ var require_ensureDefaultAccounts = __commonJS({
     async function ensureDefaultAccounts2(options) {
       const claude = await ensureDefaultClaudeAccount(options);
       const codex = ensureDefaultCodexAccount(options);
+      try {
+        (0, codexProfiles_1.reconcileCodexAuthState)();
+      } catch (error) {
+        logFailure(options, "Codex auth reconciliation failed.", error);
+      }
       return { claude, codex };
     }
   }
@@ -40657,7 +40998,7 @@ var init_UpdateCheckService = __esm({
       /** Run the update check (one-shot). */
       async check() {
         try {
-          const current = "0.18.5";
+          const current = "0.19.0";
           const cached = this.readCache();
           let latest;
           if (cached && Date.now() - cached.checkedAt < CACHE_TTL_MS) {
@@ -81274,7 +81615,7 @@ function StatusBar({
       /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(Text, { children: parseBlessedTags(BRAND_INLINE) }),
       /* @__PURE__ */ (0, import_jsx_runtime7.jsxs)(Text, { dimColor: true, children: [
         " v",
-        "0.18.5"
+        "0.19.0"
       ] }),
       updateInfo && /* @__PURE__ */ (0, import_jsx_runtime7.jsxs)(Text, { color: "yellow", children: [
         " (v",
@@ -81664,7 +82005,7 @@ function ChangelogOverlay({ entries, scrollOffset }) {
       "  ",
       /* @__PURE__ */ (0, import_jsx_runtime12.jsxs)(Text, { bold: true, color: "cyan", children: [
         "Terminal Dashboard v",
-        "0.18.5"
+        "0.19.0"
       ] }),
       latestDate ? /* @__PURE__ */ (0, import_jsx_runtime12.jsxs)(Text, { color: "gray", children: [
         " \u2014 ",
@@ -81986,7 +82327,7 @@ var init_mouse = __esm({
 var CHANGELOG_default;
 var init_CHANGELOG = __esm({
   "CHANGELOG.md"() {
-    CHANGELOG_default = '# Changelog\n\nAll notable changes to the Sidekick Agent Hub CLI will be documented in this file.\n\nThe format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),\nand this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).\n\n## [0.18.5] - 2026-06-04\n\n### Changed\n\n- **Consistent Codex transcripts**: `sidekick dashboard` and `sidekick report` now parse Codex sessions via `parseTranscriptFromEvents()`, matching the canonical `SessionEvent` pipeline used by the other providers\n- **Bundled `sidekick-shared` 0.18.5**: Picks up the new session context evidence snapshot API (`buildSessionContextSnapshot`, `readSessionContextSnapshot`, `SessionContextSnapshot` and related types) and the Codex session evidence gap closures \u2014 `system` audit events, normalized `token_count` rate limits, per-file `apply_patch` expansion, tool-emission dedupe, MCP server attribution, and the new `ProviderReaderSessionWatcher`\n\n## [0.18.4] - 2026-05-27\n\n### Added\n\n- **`sidekick peak --provider <id>`**: New flag gates peak-hours output on the session provider. When the resolved provider is not `claude-code`, the command prints a "not applicable" message instead of calling the upstream endpoint\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.4**: Picks up `scopePeakHoursToSessionProvider()`, `isClaudeCodeSessionProvider()`, `createPeakHoursNotApplicableState()` for peak-hours scoping, the improved Codex quota snapshot selection logic (`isPreferredQuotaHit`, `findAccountRolloutFiles`, `shouldKeepExistingSnapshot`), and the `notApplicable` field on `PeakHoursState`\n\n## [0.18.3] - 2026-05-19\n\n### Added\n\n- **`sidekick quota history`**: New subcommand that renders a 13-week GitHub-contributions-style heatmap of quota utilization for the current workspace. Flags: `--weeks <n>` (1-26, default 13), `--provider claude|codex` (default both), `--workspace <path>` (default cwd). Bucketed glyphs (`\xB7 \u2591 \u2592 \u2593 \u2588`) are color-coded by utilization band (\u22640 / <25 / <50 / <75 / \u226575), with per-provider rows and a peak / avg / unavailable-days / samples footer. Days that hit `available: false` render as a red `\xD7`. With `--json`, emits a `{ workspaceId, weeks, providers: { claude?, codex? }, generatedAt }` payload \u2014 the same shape consumed by the VS Code dashboard\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.3**: Picks up the new per-workspace quota history surface (`appendQuotaHistorySample`, `readQuotaHistoryRange`, `readQuotaHistoryDailyBuckets`, `pruneQuotaHistory`, `getWorkspaceIdFromPath`) and the optional `workspaceId` / `appendHistorySample` hooks on `CodexQuotaWatcher`\n\n## [0.18.2] - 2026-05-19\n\n### Added\n\n- **`sidekick quota --refresh`**: New flag on the `quota` command that, for Codex, explicitly refreshes from the ChatGPT usage API before falling back to local rollout data and cached snapshots. Without the flag, the Codex quota path stays fully local and makes no upstream network call\n\n### Changed\n\n- **Codex quota is local-only by default**: `sidekick quota --provider codex` now delegates to the new `resolveCodexQuota` orchestrator in `sidekick-shared`. It checks the current workspace\'s most recent rollout, then recent account-level rollouts under `CODEX_HOME/sessions`, then the active account\'s cached snapshot \u2014 no upstream network call unless `--refresh` is passed. Failure output continues to include structured `failureKind` / `httpStatus` / `retryAfterMs` fields under `--json`\n- **Bundled `sidekick-shared` 0.18.2**: Picks up the new Codex quota orchestrator (`resolveCodexQuota`, `resolveCodexQuotaFromLocalSources`, `readLatestCodexQuotaFromRollouts`, `fetchCodexQuotaFromApi`), the relaxed `CodexRateLimits` shape (nullable `resets_at` / `window_minutes`), the rate-limit-only `token_count` event emission in `JsonlSessionWatcher`, and `state_N.sqlite` discovery in `CodexDatabase` + provider auto-detect\n\n## [0.18.1] - 2026-05-08\n\n### Changed\n\n- **Shared dashboard formatting**: terminal dashboard `fmtNum()` and `formatDuration()` now delegate to `formatTokenCount()` and `formatDurationMs()` from `sidekick-shared`, keeping the existing CLI surface (uppercase `K`/`M` suffix, compact `1m5s` style) while removing forked rounding logic\n\n## [0.18.0] - 2026-05-08\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.0**: Picks up the new provider-aware quota orchestration surface \u2014 `MultiProviderQuotaService`, `CodexQuotaWatcher`, `getActiveAccountStatus()`, `extractToolCall()`, cost-provenance helpers (`calculateCostWithProvenance`, `mergeCostSources`), and model display helpers (`shortModelName`, `getModelDisplayInfo`, `compareModelIds`, `sortModelIds`). `parseModelId()` also now recognizes legacy Claude IDs such as `claude-3-opus-20240229` and `claude-3-5-sonnet-20241022`\n- **No CLI runtime changes**: This release ships the shared library upgrade for downstream tooling alignment; `sidekick quota`, `sidekick status`, and the live dashboard keep using the existing polling path. Wiring the new orchestrator into the CLI will land in a follow-up release\n\n## [0.17.7] - 2026-04-28\n\n### Fixed\n\n- **Quota snapshot write race**: Updated the bundled `sidekick-shared` snapshot writer so concurrent `sidekick quota` / Codex session updates no longer collide on `quota-snapshots.json.tmp` or throw `ENOENT`. Failed writes now also clean up their partial temp files instead of leaving orphans in `~/.config/sidekick/`\n\n## [0.17.6] - 2026-04-19\n\n### Added\n\n- **`sidekick peak` command**: One-shot check for Claude\'s current peak-hours state \u2014 weekdays 13:00\u201319:00 UTC, when session limits drain faster on Free/Pro/Max/Team subscriptions. Prints a color-coded status block with a countdown to the next transition. Data comes from the public `promoclock.co/api/status` endpoint (third-party, unaffiliated with Anthropic) with a graceful fallback when unreachable. `--json` emits the full raw state\n- **Peak-hours block in `sidekick status`**: When the active provider is `claude-code`, the Claude + OpenAI health blocks are now followed by a **Claude Peak Hours** block (off-peak or in-peak, with countdown). Gated on the provider so OpenCode / Codex users don\'t trigger an unnecessary third-party fetch. `--json` output includes the new `peak` field\n- **Peak-hours summary in `sidekick quota`**: Claude subscription quota output now shows a **Peak** line under the 5-hour / 7-day bars \u2014 green dot off-peak, orange dot during an active peak, with a countdown to the next transition. `--json` output includes the new `peak` field\n\n## [0.17.5] - 2026-04-18\n\n### Added\n\n- **Default account bootstrap at CLI startup**: The CLI now calls `ensureDefaultAccounts()` from `sidekick-shared` at module load and awaits the result inside a Commander `preAction` hook, so the first real subcommand blocks briefly on the bootstrap while `--version` and `--help` stay instant. When a system Claude Code or Codex credential exists and no saved account is active for that provider yet, the CLI registers it as "Default" \u2014 `sidekick quota`, `sidekick account`, and `sidekick stats` now reflect the active account on first run without requiring an explicit `sidekick account --add` first. Idempotent, never overwrites manually saved accounts, and all errors are swallowed so startup is never blocked\n\nThanks to [@B33pBeeps](https://github.com/B33pBeeps) (Juan Fourie) for contributing this feature in [#16](https://github.com/cesarandreslopez/sidekick-agent-hub/pull/16).\n\n## [0.17.4] - 2026-04-17\n\n### Changed\n\n- **Pricing hydration import migrated to `sidekick-shared/node`**: `cli.ts` now imports `hydratePricingCatalog` from the new Node-only subpath and keeps `detectProvider` on the package root. Runtime behavior is unchanged; the split makes the CLI\'s import surface self-documenting (hydration is explicitly a Node API) and aligns the CLI with the shared library\'s new versioned public API contract\n\n## [0.17.3] - 2026-04-17\n\n### Changed\n\n- **Version sync with the VS Code extension**: Republished to keep CLI, extension, and shared-library versions aligned after a cosmetic changelog fix in 0.17.3. No CLI code changes \u2014 functionally identical to 0.17.2\n\n## [0.17.2] - 2026-04-17\n\n### Added\n\n- **LiteLLM pricing hydration on startup**: The CLI now fetches the LiteLLM pricing catalog on startup and caches to `~/.config/sidekick/pricing-catalog.json` with a 24-hour TTL, 3s timeout, and stale-cache fallback \u2014 new model prices are picked up without a CLI upgrade\n- **Expanded pricing coverage**: GPT-4o, GPT-4.1, GPT-5.x, o1, o3, and o3-mini families are now priced alongside the existing Claude entries\n- **Real-dollar Codex / Claude Code costs**: `EventAggregator` computes cost from the pricing table when the session provider doesn\'t report one, so `sidekick` live dashboards now show actual dollars for Codex and Claude Code sessions\n- **`stats` footer lists unpriced models**: `sidekick stats` prints any models encountered with no pricing entry so missing coverage is visible\n\n### Fixed\n\n- **Context-gauge % wrong for Opus 4.7 (1M) and other new models**: The dashboard\'s context gauge was dividing by 200K for Claude Opus 4.7 (native 1M), inflating the displayed %. The shared model \u2192 context-window map now includes Opus/Sonnet 4.7 (1M), GPT-5.4 (1.05M), GPT-5.3-Codex (400K), and GPT-5.3-Codex-Spark (128K). Claude Code\'s `[1m]` suffix is now also honored as an explicit 1M marker\n- **Silent Sonnet-priced fallback for unknown models**: Codex, GPT-5.x, and o-series rows were being rendered at Sonnet rates. Unknown-model rows now render as `\u2014` in yellow instead of inventing a dollar figure\n\n### Changed\n\n- **`historical-data.json` schema v2**: reads `priced` flag and `unpricedModelIds` from records written by the latest VS Code extension; v1 records still read correctly\n\n## [0.17.1] - 2026-04-13\n\n### Fixed\n\n- **Codex multi-home session discovery**: Provider detection now scans all candidate Codex home directories, fixing missed sessions when the managed profile home is empty but the system `~/.codex/` has activity\n\n## [0.17.0] - 2026-04-13\n\n### Added\n\n- **Multi-provider account management**: `sidekick account` now supports `--provider codex` for Codex profile management alongside Claude Code accounts\n- **Codex account lifecycle**: `--add` prepares a profile and spawns `codex login`; `--switch-to` and `--remove` accept email, label, or profile ID\n- **Quota snapshot fallback**: `sidekick quota` for Codex shows cached rate-limit snapshots when no active session exists, with "cached from" timestamp\n\n### Fixed\n\n- **Email normalization**: Claude account lookup normalizes email case for reliable matching\n\n## [0.16.1] - 2026-03-27\n\n### Fixed\n\n- **Dashboard provider status scoping**: The TUI now shows degraded-service notices only for the monitored provider \u2014 Claude for Claude Code sessions, OpenAI for Codex sessions, and no status banner for OpenCode\n\n## [0.16.0] - 2026-03-23\n\n### Changed\n\n- **Consistent cost formatting**: All cost displays (`stats`, `context`, Sessions panel, narrative prompt) now use shared `formatCost()` with intelligent decimal precision (4 places for < $0.01, 2 otherwise)\n- **QuotaService**: Rewritten to wrap shared `QuotaPoller` with exponential backoff instead of manual polling loop\n- **modelContext**: Now re-exports `getModelInfo` from shared library alongside `getContextWindowSize`\n\n## [0.15.2] - 2026-03-18\n\n### Fixed\n\n- **CLI help descriptions**: Updated `quota` and `status` command descriptions to reflect provider-aware behavior\n- **`sidekick quota --provider`**: Added local `--provider` option so `sidekick quota --provider codex` works naturally\n\n## [0.15.0] - 2026-03-18\n\n### Added\n\n- **OpenAI status page monitoring**: CLI dashboard now shows OpenAI API status alongside Claude API status\n- **Codex rate limits in dashboard**: Sessions panel displays Codex rate-limit data with "Rate Limits" header instead of "Quota"\n- **Provider-aware `sidekick quota` command**: Detects active provider and shows Codex rate limits, Claude subscription quota, or an informational message for OpenCode\n\n### Fixed\n\n- **QuotaService polling for Codex**: Dashboard no longer starts Claude OAuth quota polling when the active provider is Codex\n\n## [0.14.2] - 2026-03-16\n\n### Fixed\n\n- **Quota polling interval**: Reduced quota refresh from every 30 seconds to every 5 minutes to avoid unnecessary API calls\n- **SessionsPanel `detailWidth()` call**: Removed unused parameter from `detailWidth()` in the Sessions panel quota rendering\n\n## [0.14.1] - 2026-03-14\n\n### Fixed\n\n- **Per-model context window sizes**: Dashboard context gauge now shows correct utilization for Claude Opus 4.6 (1M context) and other models with non-200K windows\n\n### Changed\n\n- **Shared model context lookup**: CLI dashboard now uses the centralized `getModelContextWindowSize()` from `sidekick-shared` instead of a local duplicate map\n\n## [0.14.0] - 2026-03-12\n\n### Added\n\n- **`sidekick account` Command**: Manage Claude Code accounts from the terminal \u2014 list saved accounts, add the current account with an optional label, switch to the next or a specific account, and remove accounts. Supports `--json` output for scripting\n- **Quota Account Label**: `sidekick quota` now shows the active account email and label above the quota bars when multi-account is enabled\n- **macOS Keychain Support**: `sidekick account` and `sidekick quota` now read and write credentials via the system Keychain on macOS, fixing account switching and quota checks on Mac\n\n## [0.13.8] - 2026-03-12\n\n### Changed\n\n- **Structured quota failure output**: `sidekick quota` now renders consistent auth, rate-limit, server, network, and unexpected-failure copy from shared quota failure descriptors while preserving `--json` machine-readable output\n- **Dashboard unavailable quota rendering**: The Sessions panel now shows Claude Code quota failures inline instead of hiding the quota section whenever subscription data is unavailable\n- **Quota transition toasts**: The Ink dashboard now fires low-noise toast notifications only when Claude Code quota failure state changes, avoiding repeated alerts every polling interval\n\n## [0.13.7] - 2026-03-11\n\n### Changed\n\n- **npm README sync**: Updated the published CLI package README to reflect current OpenCode monitoring behavior, platform-specific data directories, and the `sqlite3` runtime requirement\n- **README badge cleanup**: Removed the Ask DeepWiki badge from the published CLI package README; the repo root README still keeps it\n\n## [0.13.6] - 2026-03-11\n\n### Changed\n\n- **Refreshed CLI Dashboard Wordmark**: Updated the dashboard wordmark/header styling for a cleaner splash and dashboard identity\n\n### Fixed\n\n- **OpenCode dashboard startup**: OpenCode DB-backed session discovery now resolves projects by worktree, sandboxes, and session directory instead of quietly behaving like no session exists\n- **OpenCode runtime notices**: The CLI now prints an OpenCode-only actionable notice when `opencode.db` exists but `sqlite3` is missing, blocked, or otherwise unusable in the current shell environment\n\n## [0.13.5] - 2026-03-10\n\n### Added\n\n- **`sidekick status` Command**: One-shot Claude API status check with color-coded text output and `--json` mode\n- **Dashboard Status Banner**: Status bar shows a colored `\u25CF API minor/major/critical` indicator when Claude is degraded; Sessions panel Summary tab shows an "API Status" section with affected components and active incident details. Polls every 60s\n\n## [0.13.4] - 2026-03-08\n\n### Fixed\n\n- **Onboarding Phrase Spam**: Splash screen and detail pane motivational phrases memoized \u2014 no longer flicker every render tick (fixes [#13](https://github.com/cesarandreslopez/sidekick-agent-hub/issues/13))\n\n### Changed\n\n- **Simplified Logo**: Replaced 6-line ASCII robot art with compact text header in splash, help, and changelog overlays\n- **Removed Dead Code**: Removed unused `getSplashContent()` and `HELP_HEADER` exports from branding module\n\n## [0.13.3] - 2026-03-04\n\n_No CLI-specific changes in this release._\n\n## [0.13.2] - 2026-03-04\n\n_No CLI-specific changes in this release._\n\n## [0.13.1] - 2026-03-04\n\n### Added\n\n- **`sidekick quota` Command**: One-shot subscription quota check showing 5-hour and 7-day utilization with color-coded progress bars and reset countdowns \u2014 supports `--json` for machine-readable output\n- **Quota Projections**: Elapsed-time projections shown in `sidekick quota` output and TUI dashboard quota section \u2014 displays projected end-of-window utilization next to current value (e.g., `40% \u2192 100%`), included in `--json` output as `projectedFiveHour` / `projectedSevenDay`\n\n## [0.13.0] - 2026-03-03\n\n_No CLI-specific changes in this release._\n\n## [0.12.10] - 2026-03-01\n\n### Added\n\n- **Events Panel** (key 7): Scrollable live event stream with colored type badges (`[USR]`, `[AST]`, `[TOOL]`, `[RES]`), timestamps, and keyword-highlighted summaries; detail tabs for full event JSON and surrounding context\n- **Charts Panel** (key 8): Tool frequency horizontal bars, event type distribution, 60-minute activity heatmap using `\u2591\u2592\u2593\u2588` intensity characters, and pattern analysis with frequency bars and template text\n- **Multi-Mode Filter**: `/` filter overlay now supports four modes \u2014 substring, fuzzy, regex, and date range \u2014 Tab cycles modes, regex mode shows red validation errors\n- **Search Term Highlighting**: Active filter terms highlighted in blue within side list items\n- **Timeline Keyword Coloring**: Event summaries in the Sessions panel Timeline tab now use semantic keyword coloring \u2014 errors red, success green, tool names cyan, file paths magenta\n\n### Removed\n\n- **Search Panel**: Removed redundant Search panel (previously key 7) \u2014 the `/` filter with multi-mode support serves the same purpose\n\n## [0.12.9] - 2026-02-28\n\n### Added\n\n- **Standalone Data Commands**: `sidekick tasks`, `sidekick decisions`, `sidekick notes`, `sidekick stats`, `sidekick handoff` for accessing project data without launching the TUI\n- **`sidekick search <query>`**: Cross-session full-text search from the terminal\n- **`sidekick context`**: Composite output of tasks, decisions, notes, and handoff for piping into other tools\n- **`--list` flag on `sidekick dump`**: Discover available session IDs before requiring `--session <id>`\n- **Search Panel**: Search panel (panel 7) wired into the TUI dashboard\n\n### Changed\n\n- **`taskMerger` utility**: Duplicate `mergeTasks` logic extracted into shared `taskMerger` utility\n- **Model constants**: Hardcoded model IDs extracted to named constants\n\n### Fixed\n\n- **`convention` icon**: Notes panel icon replaced with valid `tip` type\n- **Linux clipboard**: Now supports Wayland (`wl-copy`) and `xsel` fallbacks, with error messages instead of silent failure\n- **`provider.dispose()`**: Added to `dump` and `report` commands (prevents SQLite connection leaks)\n\n## [0.12.8] - 2026-02-28\n\n### Changed\n\n- **Dashboard UI/UX Polish**: Visual overhaul for better hierarchy, consistency, and readability\n  - Splash screen and help overlay now display the robot ASCII logo\n  - Toast notifications show severity icons (\u2718 error, \u26A0 warning, \u25CF info) with inner padding\n  - Focused pane uses double-border for clear focus indication\n  - Section dividers (`\u2500\u2500 Title \u2500\u2500\u2500\u2500`) replace bare bold headers in summary, agents, and context attribution\n  - Tab bar: active tab underlined in magenta, inactive tabs dimmed, bracket syntax removed\n  - Status bar: segmented layout with `\u2502` separators; keys bold, labels dim\n  - Summary metrics condensed: elapsed/events/compactions on one line, tokens on one line with cache rate and cost\n  - Sparklines display peak metadata annotations\n  - Progress bars use blessed color tags for consistent coloring\n  - Help overlay uses dot-leader alignment for all keybinding rows\n  - Empty state hints per panel (e.g. "Tasks appear as your agent works.")\n  - Session picker groups sessions by provider with section headers when multiple providers are present\n\n## [0.12.7] - 2026-02-27\n\n### Added\n\n- **HTML Session Report**: `sidekick report` command generates a self-contained HTML report and opens it in the default browser\n  - Options: `--session`, `--output`, `--theme` (dark/light), `--no-open`, `--no-thinking`\n  - TUI Dashboard: press `r` to generate and open an HTML report for the current session\n\n## [0.12.6] - 2026-02-26\n\n### Added\n\n- **Session Dump Command**: `sidekick dump` exports session data in text, markdown, or JSON format with `--format`, `--width`, and `--expand` options\n- **Plans Panel Re-enabled**: Plans panel restored in CLI dashboard with plan file discovery from `~/.claude/plans/`\n- **Enhanced Status Bar**: Session info display improved with richer metadata\n\n### Fixed\n\n- **Old snapshot format migration**: Restoring pre-0.12.3 session snapshots no longer shows empty timeline entries\n\n### Changed\n\n- **Phrase library moved to shared**: CLI-specific phrase formatting kept local, all phrase content now from `sidekick-shared`\n\n## [0.12.5] - 2026-02-24\n\n### Fixed\n\n- **Update check too slow to notice new versions**: Reduced npm registry cache TTL from 24 hours to 4 hours so upgrade notices appear sooner after a new release\n\n## [0.12.4] - 2026-02-24\n\n### Fixed\n\n- **Session crash on upgrade**: Fixed `d.timestamp.getTime is not a function` error when restoring tool call data from session snapshots \u2014 `Date` objects were serialized to strings by JSON but not rehydrated on restore, causing the session monitor to crash on first run after upgrading from 0.12.2 to 0.12.3\n\n## [0.12.3] - 2026-02-24\n\n### Added\n\n- **Latest-node indicator**: The most recently added node in tree and boxed mind map views is now marked with a yellow indicator\n- **Plan analytics in mind map**: Tree and boxed views now display plan progress and per-step metrics\n  - Tree view: plan header shows completion stats; steps show complexity, duration, tokens, tool calls, and errors in metadata brackets\n  - Box view: progress bar with completion percentage; steps show right-aligned metrics; subtitle shows step count and total duration\n- **Cross-provider plan extraction**: Shared `PlanExtractor` now handles Claude Code (EnterPlanMode/ExitPlanMode) and OpenCode (`<proposed_plan>` XML) plans \u2014 previously only Codex plans were shown\n- **Enriched plan data model**: Plan steps include duration, token count, tool call count, and error messages\n- **Phase-grouped plan display**: When a plan has phase structure, tree and boxed views group steps under phase headers with context lines from the original plan markdown\n- **Node type filter**: Press `f` on the Mind Map tab to cycle through node type filters (file, tool, task, subagent, command, plan, knowledge-note) \u2014 non-matching sections render dimmed in grey\n\n### Fixed\n\n- **Kanban board regression**: Subagent and plan-step tasks now correctly appear in the kanban board\n\n### Changed\n\n- **Plans panel temporarily disabled**: The Plans panel in the CLI dashboard is disabled until plan-mode event capture is reliably working end-to-end. Plan nodes in the mind map remain active.\n- `DashboardState` now delegates to shared `EventAggregator` instead of maintaining its own aggregation logic\n\n## [0.12.2] - 2026-02-23\n\n### Added\n\n- **Update notifications**: The dashboard now checks the npm registry for newer versions on startup and shows a yellow banner in the status bar when an update is available (e.g., `v0.13.0 available \u2014 npm i -g sidekick-agent-hub`). Results are cached for 24 hours to avoid repeated network requests.\n\n## [0.12.1] - 2026-02-23\n\n### Fixed\n\n- **VS Code integration**: Fixed exit code 127 when the extension launches the CLI dashboard on systems using nvm or volta (node binary not found when shell init is bypassed)\n\n## [0.12.0] - 2026-02-22\n\n### Added\n\n- **"Open CLI Dashboard" VS Code Integration**: New VS Code command `Sidekick: Open CLI Dashboard` launches the TUI dashboard in an integrated terminal\n  - Install the CLI with `npm install -g sidekick-agent-hub`\n\n## [0.11.0] - 2026-02-19\n\n### Added\n\n- **Initial Release**: Full-screen TUI dashboard for monitoring agent sessions from the terminal\n  - Ink-based terminal UI with panels for sessions, tasks, kanban, mind map, notes, decisions, search, files, and git diff\n  - Multi-provider support: auto-detects Claude Code, OpenCode, and Codex sessions\n  - Reads from `~/.config/sidekick/` \u2014 the same data files the VS Code extension writes\n  - Usage: `sidekick dashboard [--project <path>] [--provider <id>]`\n';
+    CHANGELOG_default = '# Changelog\n\nAll notable changes to the Sidekick Agent Hub CLI will be documented in this file.\n\nThe format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),\nand this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).\n\n## [0.19.0] - 2026-06-09\n\n### Added\n\n- **Claude Opus 4.8 & Fable 5 support**: The dashboard\'s context-window gauge and cost estimates recognize `claude-opus-4-8` and `claude-fable-5` (both 1M-token context; Opus 4.8: $5/$25 per MTok, Fable 5: $10/$50 per MTok) via the shared model catalog\n\n### Changed\n\n- **Codex account switching now swaps `~/.codex/auth.json`**: `sidekick account --provider codex --switch-to <id>` (and `--add`) activates the account by atomically swapping its backed-up credentials into the system `~/.codex/` home, mirroring the Claude switch pattern \u2014 codex terminals outside Sidekick pick up the switch. Profile directories become pure credential backups, with a one-time startup migration for installs created under the old `CODEX_HOME`-redirection model. The command surfaces swap warnings on add, switch, and remove: a running codex process that needs restarting, stale credentials, or OS-keyring credential storage that Sidekick cannot swap\n\n### Fixed\n\n- **Opus 4.6/4.7 cost over-estimation**: Dashed model IDs fell back to the Opus 4.0 pricing tier ($15/$75 instead of $5/$25), inflating estimated costs 3\xD7\n- **Haiku 4.5 unpriced under dashed IDs**: Costs for `claude-haiku-4-5-*` sessions could render as "\u2014" because no dashed static pricing key existed\n\n## [0.18.5] - 2026-06-04\n\n### Changed\n\n- **Consistent Codex transcripts**: `sidekick dashboard` and `sidekick report` now parse Codex sessions via `parseTranscriptFromEvents()`, matching the canonical `SessionEvent` pipeline used by the other providers\n- **Bundled `sidekick-shared` 0.18.5**: Picks up the new session context evidence snapshot API (`buildSessionContextSnapshot`, `readSessionContextSnapshot`, `SessionContextSnapshot` and related types) and the Codex session evidence gap closures \u2014 `system` audit events, normalized `token_count` rate limits, per-file `apply_patch` expansion, tool-emission dedupe, MCP server attribution, and the new `ProviderReaderSessionWatcher`\n\n## [0.18.4] - 2026-05-27\n\n### Added\n\n- **`sidekick peak --provider <id>`**: New flag gates peak-hours output on the session provider. When the resolved provider is not `claude-code`, the command prints a "not applicable" message instead of calling the upstream endpoint\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.4**: Picks up `scopePeakHoursToSessionProvider()`, `isClaudeCodeSessionProvider()`, `createPeakHoursNotApplicableState()` for peak-hours scoping, the improved Codex quota snapshot selection logic (`isPreferredQuotaHit`, `findAccountRolloutFiles`, `shouldKeepExistingSnapshot`), and the `notApplicable` field on `PeakHoursState`\n\n## [0.18.3] - 2026-05-19\n\n### Added\n\n- **`sidekick quota history`**: New subcommand that renders a 13-week GitHub-contributions-style heatmap of quota utilization for the current workspace. Flags: `--weeks <n>` (1-26, default 13), `--provider claude|codex` (default both), `--workspace <path>` (default cwd). Bucketed glyphs (`\xB7 \u2591 \u2592 \u2593 \u2588`) are color-coded by utilization band (\u22640 / <25 / <50 / <75 / \u226575), with per-provider rows and a peak / avg / unavailable-days / samples footer. Days that hit `available: false` render as a red `\xD7`. With `--json`, emits a `{ workspaceId, weeks, providers: { claude?, codex? }, generatedAt }` payload \u2014 the same shape consumed by the VS Code dashboard\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.3**: Picks up the new per-workspace quota history surface (`appendQuotaHistorySample`, `readQuotaHistoryRange`, `readQuotaHistoryDailyBuckets`, `pruneQuotaHistory`, `getWorkspaceIdFromPath`) and the optional `workspaceId` / `appendHistorySample` hooks on `CodexQuotaWatcher`\n\n## [0.18.2] - 2026-05-19\n\n### Added\n\n- **`sidekick quota --refresh`**: New flag on the `quota` command that, for Codex, explicitly refreshes from the ChatGPT usage API before falling back to local rollout data and cached snapshots. Without the flag, the Codex quota path stays fully local and makes no upstream network call\n\n### Changed\n\n- **Codex quota is local-only by default**: `sidekick quota --provider codex` now delegates to the new `resolveCodexQuota` orchestrator in `sidekick-shared`. It checks the current workspace\'s most recent rollout, then recent account-level rollouts under `CODEX_HOME/sessions`, then the active account\'s cached snapshot \u2014 no upstream network call unless `--refresh` is passed. Failure output continues to include structured `failureKind` / `httpStatus` / `retryAfterMs` fields under `--json`\n- **Bundled `sidekick-shared` 0.18.2**: Picks up the new Codex quota orchestrator (`resolveCodexQuota`, `resolveCodexQuotaFromLocalSources`, `readLatestCodexQuotaFromRollouts`, `fetchCodexQuotaFromApi`), the relaxed `CodexRateLimits` shape (nullable `resets_at` / `window_minutes`), the rate-limit-only `token_count` event emission in `JsonlSessionWatcher`, and `state_N.sqlite` discovery in `CodexDatabase` + provider auto-detect\n\n## [0.18.1] - 2026-05-08\n\n### Changed\n\n- **Shared dashboard formatting**: terminal dashboard `fmtNum()` and `formatDuration()` now delegate to `formatTokenCount()` and `formatDurationMs()` from `sidekick-shared`, keeping the existing CLI surface (uppercase `K`/`M` suffix, compact `1m5s` style) while removing forked rounding logic\n\n## [0.18.0] - 2026-05-08\n\n### Changed\n\n- **Bundled `sidekick-shared` 0.18.0**: Picks up the new provider-aware quota orchestration surface \u2014 `MultiProviderQuotaService`, `CodexQuotaWatcher`, `getActiveAccountStatus()`, `extractToolCall()`, cost-provenance helpers (`calculateCostWithProvenance`, `mergeCostSources`), and model display helpers (`shortModelName`, `getModelDisplayInfo`, `compareModelIds`, `sortModelIds`). `parseModelId()` also now recognizes legacy Claude IDs such as `claude-3-opus-20240229` and `claude-3-5-sonnet-20241022`\n- **No CLI runtime changes**: This release ships the shared library upgrade for downstream tooling alignment; `sidekick quota`, `sidekick status`, and the live dashboard keep using the existing polling path. Wiring the new orchestrator into the CLI will land in a follow-up release\n\n## [0.17.7] - 2026-04-28\n\n### Fixed\n\n- **Quota snapshot write race**: Updated the bundled `sidekick-shared` snapshot writer so concurrent `sidekick quota` / Codex session updates no longer collide on `quota-snapshots.json.tmp` or throw `ENOENT`. Failed writes now also clean up their partial temp files instead of leaving orphans in `~/.config/sidekick/`\n\n## [0.17.6] - 2026-04-19\n\n### Added\n\n- **`sidekick peak` command**: One-shot check for Claude\'s current peak-hours state \u2014 weekdays 13:00\u201319:00 UTC, when session limits drain faster on Free/Pro/Max/Team subscriptions. Prints a color-coded status block with a countdown to the next transition. Data comes from the public `promoclock.co/api/status` endpoint (third-party, unaffiliated with Anthropic) with a graceful fallback when unreachable. `--json` emits the full raw state\n- **Peak-hours block in `sidekick status`**: When the active provider is `claude-code`, the Claude + OpenAI health blocks are now followed by a **Claude Peak Hours** block (off-peak or in-peak, with countdown). Gated on the provider so OpenCode / Codex users don\'t trigger an unnecessary third-party fetch. `--json` output includes the new `peak` field\n- **Peak-hours summary in `sidekick quota`**: Claude subscription quota output now shows a **Peak** line under the 5-hour / 7-day bars \u2014 green dot off-peak, orange dot during an active peak, with a countdown to the next transition. `--json` output includes the new `peak` field\n\n## [0.17.5] - 2026-04-18\n\n### Added\n\n- **Default account bootstrap at CLI startup**: The CLI now calls `ensureDefaultAccounts()` from `sidekick-shared` at module load and awaits the result inside a Commander `preAction` hook, so the first real subcommand blocks briefly on the bootstrap while `--version` and `--help` stay instant. When a system Claude Code or Codex credential exists and no saved account is active for that provider yet, the CLI registers it as "Default" \u2014 `sidekick quota`, `sidekick account`, and `sidekick stats` now reflect the active account on first run without requiring an explicit `sidekick account --add` first. Idempotent, never overwrites manually saved accounts, and all errors are swallowed so startup is never blocked\n\nThanks to [@B33pBeeps](https://github.com/B33pBeeps) (Juan Fourie) for contributing this feature in [#16](https://github.com/cesarandreslopez/sidekick-agent-hub/pull/16).\n\n## [0.17.4] - 2026-04-17\n\n### Changed\n\n- **Pricing hydration import migrated to `sidekick-shared/node`**: `cli.ts` now imports `hydratePricingCatalog` from the new Node-only subpath and keeps `detectProvider` on the package root. Runtime behavior is unchanged; the split makes the CLI\'s import surface self-documenting (hydration is explicitly a Node API) and aligns the CLI with the shared library\'s new versioned public API contract\n\n## [0.17.3] - 2026-04-17\n\n### Changed\n\n- **Version sync with the VS Code extension**: Republished to keep CLI, extension, and shared-library versions aligned after a cosmetic changelog fix in 0.17.3. No CLI code changes \u2014 functionally identical to 0.17.2\n\n## [0.17.2] - 2026-04-17\n\n### Added\n\n- **LiteLLM pricing hydration on startup**: The CLI now fetches the LiteLLM pricing catalog on startup and caches to `~/.config/sidekick/pricing-catalog.json` with a 24-hour TTL, 3s timeout, and stale-cache fallback \u2014 new model prices are picked up without a CLI upgrade\n- **Expanded pricing coverage**: GPT-4o, GPT-4.1, GPT-5.x, o1, o3, and o3-mini families are now priced alongside the existing Claude entries\n- **Real-dollar Codex / Claude Code costs**: `EventAggregator` computes cost from the pricing table when the session provider doesn\'t report one, so `sidekick` live dashboards now show actual dollars for Codex and Claude Code sessions\n- **`stats` footer lists unpriced models**: `sidekick stats` prints any models encountered with no pricing entry so missing coverage is visible\n\n### Fixed\n\n- **Context-gauge % wrong for Opus 4.7 (1M) and other new models**: The dashboard\'s context gauge was dividing by 200K for Claude Opus 4.7 (native 1M), inflating the displayed %. The shared model \u2192 context-window map now includes Opus/Sonnet 4.7 (1M), GPT-5.4 (1.05M), GPT-5.3-Codex (400K), and GPT-5.3-Codex-Spark (128K). Claude Code\'s `[1m]` suffix is now also honored as an explicit 1M marker\n- **Silent Sonnet-priced fallback for unknown models**: Codex, GPT-5.x, and o-series rows were being rendered at Sonnet rates. Unknown-model rows now render as `\u2014` in yellow instead of inventing a dollar figure\n\n### Changed\n\n- **`historical-data.json` schema v2**: reads `priced` flag and `unpricedModelIds` from records written by the latest VS Code extension; v1 records still read correctly\n\n## [0.17.1] - 2026-04-13\n\n### Fixed\n\n- **Codex multi-home session discovery**: Provider detection now scans all candidate Codex home directories, fixing missed sessions when the managed profile home is empty but the system `~/.codex/` has activity\n\n## [0.17.0] - 2026-04-13\n\n### Added\n\n- **Multi-provider account management**: `sidekick account` now supports `--provider codex` for Codex profile management alongside Claude Code accounts\n- **Codex account lifecycle**: `--add` prepares a profile and spawns `codex login`; `--switch-to` and `--remove` accept email, label, or profile ID\n- **Quota snapshot fallback**: `sidekick quota` for Codex shows cached rate-limit snapshots when no active session exists, with "cached from" timestamp\n\n### Fixed\n\n- **Email normalization**: Claude account lookup normalizes email case for reliable matching\n\n## [0.16.1] - 2026-03-27\n\n### Fixed\n\n- **Dashboard provider status scoping**: The TUI now shows degraded-service notices only for the monitored provider \u2014 Claude for Claude Code sessions, OpenAI for Codex sessions, and no status banner for OpenCode\n\n## [0.16.0] - 2026-03-23\n\n### Changed\n\n- **Consistent cost formatting**: All cost displays (`stats`, `context`, Sessions panel, narrative prompt) now use shared `formatCost()` with intelligent decimal precision (4 places for < $0.01, 2 otherwise)\n- **QuotaService**: Rewritten to wrap shared `QuotaPoller` with exponential backoff instead of manual polling loop\n- **modelContext**: Now re-exports `getModelInfo` from shared library alongside `getContextWindowSize`\n\n## [0.15.2] - 2026-03-18\n\n### Fixed\n\n- **CLI help descriptions**: Updated `quota` and `status` command descriptions to reflect provider-aware behavior\n- **`sidekick quota --provider`**: Added local `--provider` option so `sidekick quota --provider codex` works naturally\n\n## [0.15.0] - 2026-03-18\n\n### Added\n\n- **OpenAI status page monitoring**: CLI dashboard now shows OpenAI API status alongside Claude API status\n- **Codex rate limits in dashboard**: Sessions panel displays Codex rate-limit data with "Rate Limits" header instead of "Quota"\n- **Provider-aware `sidekick quota` command**: Detects active provider and shows Codex rate limits, Claude subscription quota, or an informational message for OpenCode\n\n### Fixed\n\n- **QuotaService polling for Codex**: Dashboard no longer starts Claude OAuth quota polling when the active provider is Codex\n\n## [0.14.2] - 2026-03-16\n\n### Fixed\n\n- **Quota polling interval**: Reduced quota refresh from every 30 seconds to every 5 minutes to avoid unnecessary API calls\n- **SessionsPanel `detailWidth()` call**: Removed unused parameter from `detailWidth()` in the Sessions panel quota rendering\n\n## [0.14.1] - 2026-03-14\n\n### Fixed\n\n- **Per-model context window sizes**: Dashboard context gauge now shows correct utilization for Claude Opus 4.6 (1M context) and other models with non-200K windows\n\n### Changed\n\n- **Shared model context lookup**: CLI dashboard now uses the centralized `getModelContextWindowSize()` from `sidekick-shared` instead of a local duplicate map\n\n## [0.14.0] - 2026-03-12\n\n### Added\n\n- **`sidekick account` Command**: Manage Claude Code accounts from the terminal \u2014 list saved accounts, add the current account with an optional label, switch to the next or a specific account, and remove accounts. Supports `--json` output for scripting\n- **Quota Account Label**: `sidekick quota` now shows the active account email and label above the quota bars when multi-account is enabled\n- **macOS Keychain Support**: `sidekick account` and `sidekick quota` now read and write credentials via the system Keychain on macOS, fixing account switching and quota checks on Mac\n\n## [0.13.8] - 2026-03-12\n\n### Changed\n\n- **Structured quota failure output**: `sidekick quota` now renders consistent auth, rate-limit, server, network, and unexpected-failure copy from shared quota failure descriptors while preserving `--json` machine-readable output\n- **Dashboard unavailable quota rendering**: The Sessions panel now shows Claude Code quota failures inline instead of hiding the quota section whenever subscription data is unavailable\n- **Quota transition toasts**: The Ink dashboard now fires low-noise toast notifications only when Claude Code quota failure state changes, avoiding repeated alerts every polling interval\n\n## [0.13.7] - 2026-03-11\n\n### Changed\n\n- **npm README sync**: Updated the published CLI package README to reflect current OpenCode monitoring behavior, platform-specific data directories, and the `sqlite3` runtime requirement\n- **README badge cleanup**: Removed the Ask DeepWiki badge from the published CLI package README; the repo root README still keeps it\n\n## [0.13.6] - 2026-03-11\n\n### Changed\n\n- **Refreshed CLI Dashboard Wordmark**: Updated the dashboard wordmark/header styling for a cleaner splash and dashboard identity\n\n### Fixed\n\n- **OpenCode dashboard startup**: OpenCode DB-backed session discovery now resolves projects by worktree, sandboxes, and session directory instead of quietly behaving like no session exists\n- **OpenCode runtime notices**: The CLI now prints an OpenCode-only actionable notice when `opencode.db` exists but `sqlite3` is missing, blocked, or otherwise unusable in the current shell environment\n\n## [0.13.5] - 2026-03-10\n\n### Added\n\n- **`sidekick status` Command**: One-shot Claude API status check with color-coded text output and `--json` mode\n- **Dashboard Status Banner**: Status bar shows a colored `\u25CF API minor/major/critical` indicator when Claude is degraded; Sessions panel Summary tab shows an "API Status" section with affected components and active incident details. Polls every 60s\n\n## [0.13.4] - 2026-03-08\n\n### Fixed\n\n- **Onboarding Phrase Spam**: Splash screen and detail pane motivational phrases memoized \u2014 no longer flicker every render tick (fixes [#13](https://github.com/cesarandreslopez/sidekick-agent-hub/issues/13))\n\n### Changed\n\n- **Simplified Logo**: Replaced 6-line ASCII robot art with compact text header in splash, help, and changelog overlays\n- **Removed Dead Code**: Removed unused `getSplashContent()` and `HELP_HEADER` exports from branding module\n\n## [0.13.3] - 2026-03-04\n\n_No CLI-specific changes in this release._\n\n## [0.13.2] - 2026-03-04\n\n_No CLI-specific changes in this release._\n\n## [0.13.1] - 2026-03-04\n\n### Added\n\n- **`sidekick quota` Command**: One-shot subscription quota check showing 5-hour and 7-day utilization with color-coded progress bars and reset countdowns \u2014 supports `--json` for machine-readable output\n- **Quota Projections**: Elapsed-time projections shown in `sidekick quota` output and TUI dashboard quota section \u2014 displays projected end-of-window utilization next to current value (e.g., `40% \u2192 100%`), included in `--json` output as `projectedFiveHour` / `projectedSevenDay`\n\n## [0.13.0] - 2026-03-03\n\n_No CLI-specific changes in this release._\n\n## [0.12.10] - 2026-03-01\n\n### Added\n\n- **Events Panel** (key 7): Scrollable live event stream with colored type badges (`[USR]`, `[AST]`, `[TOOL]`, `[RES]`), timestamps, and keyword-highlighted summaries; detail tabs for full event JSON and surrounding context\n- **Charts Panel** (key 8): Tool frequency horizontal bars, event type distribution, 60-minute activity heatmap using `\u2591\u2592\u2593\u2588` intensity characters, and pattern analysis with frequency bars and template text\n- **Multi-Mode Filter**: `/` filter overlay now supports four modes \u2014 substring, fuzzy, regex, and date range \u2014 Tab cycles modes, regex mode shows red validation errors\n- **Search Term Highlighting**: Active filter terms highlighted in blue within side list items\n- **Timeline Keyword Coloring**: Event summaries in the Sessions panel Timeline tab now use semantic keyword coloring \u2014 errors red, success green, tool names cyan, file paths magenta\n\n### Removed\n\n- **Search Panel**: Removed redundant Search panel (previously key 7) \u2014 the `/` filter with multi-mode support serves the same purpose\n\n## [0.12.9] - 2026-02-28\n\n### Added\n\n- **Standalone Data Commands**: `sidekick tasks`, `sidekick decisions`, `sidekick notes`, `sidekick stats`, `sidekick handoff` for accessing project data without launching the TUI\n- **`sidekick search <query>`**: Cross-session full-text search from the terminal\n- **`sidekick context`**: Composite output of tasks, decisions, notes, and handoff for piping into other tools\n- **`--list` flag on `sidekick dump`**: Discover available session IDs before requiring `--session <id>`\n- **Search Panel**: Search panel (panel 7) wired into the TUI dashboard\n\n### Changed\n\n- **`taskMerger` utility**: Duplicate `mergeTasks` logic extracted into shared `taskMerger` utility\n- **Model constants**: Hardcoded model IDs extracted to named constants\n\n### Fixed\n\n- **`convention` icon**: Notes panel icon replaced with valid `tip` type\n- **Linux clipboard**: Now supports Wayland (`wl-copy`) and `xsel` fallbacks, with error messages instead of silent failure\n- **`provider.dispose()`**: Added to `dump` and `report` commands (prevents SQLite connection leaks)\n\n## [0.12.8] - 2026-02-28\n\n### Changed\n\n- **Dashboard UI/UX Polish**: Visual overhaul for better hierarchy, consistency, and readability\n  - Splash screen and help overlay now display the robot ASCII logo\n  - Toast notifications show severity icons (\u2718 error, \u26A0 warning, \u25CF info) with inner padding\n  - Focused pane uses double-border for clear focus indication\n  - Section dividers (`\u2500\u2500 Title \u2500\u2500\u2500\u2500`) replace bare bold headers in summary, agents, and context attribution\n  - Tab bar: active tab underlined in magenta, inactive tabs dimmed, bracket syntax removed\n  - Status bar: segmented layout with `\u2502` separators; keys bold, labels dim\n  - Summary metrics condensed: elapsed/events/compactions on one line, tokens on one line with cache rate and cost\n  - Sparklines display peak metadata annotations\n  - Progress bars use blessed color tags for consistent coloring\n  - Help overlay uses dot-leader alignment for all keybinding rows\n  - Empty state hints per panel (e.g. "Tasks appear as your agent works.")\n  - Session picker groups sessions by provider with section headers when multiple providers are present\n\n## [0.12.7] - 2026-02-27\n\n### Added\n\n- **HTML Session Report**: `sidekick report` command generates a self-contained HTML report and opens it in the default browser\n  - Options: `--session`, `--output`, `--theme` (dark/light), `--no-open`, `--no-thinking`\n  - TUI Dashboard: press `r` to generate and open an HTML report for the current session\n\n## [0.12.6] - 2026-02-26\n\n### Added\n\n- **Session Dump Command**: `sidekick dump` exports session data in text, markdown, or JSON format with `--format`, `--width`, and `--expand` options\n- **Plans Panel Re-enabled**: Plans panel restored in CLI dashboard with plan file discovery from `~/.claude/plans/`\n- **Enhanced Status Bar**: Session info display improved with richer metadata\n\n### Fixed\n\n- **Old snapshot format migration**: Restoring pre-0.12.3 session snapshots no longer shows empty timeline entries\n\n### Changed\n\n- **Phrase library moved to shared**: CLI-specific phrase formatting kept local, all phrase content now from `sidekick-shared`\n\n## [0.12.5] - 2026-02-24\n\n### Fixed\n\n- **Update check too slow to notice new versions**: Reduced npm registry cache TTL from 24 hours to 4 hours so upgrade notices appear sooner after a new release\n\n## [0.12.4] - 2026-02-24\n\n### Fixed\n\n- **Session crash on upgrade**: Fixed `d.timestamp.getTime is not a function` error when restoring tool call data from session snapshots \u2014 `Date` objects were serialized to strings by JSON but not rehydrated on restore, causing the session monitor to crash on first run after upgrading from 0.12.2 to 0.12.3\n\n## [0.12.3] - 2026-02-24\n\n### Added\n\n- **Latest-node indicator**: The most recently added node in tree and boxed mind map views is now marked with a yellow indicator\n- **Plan analytics in mind map**: Tree and boxed views now display plan progress and per-step metrics\n  - Tree view: plan header shows completion stats; steps show complexity, duration, tokens, tool calls, and errors in metadata brackets\n  - Box view: progress bar with completion percentage; steps show right-aligned metrics; subtitle shows step count and total duration\n- **Cross-provider plan extraction**: Shared `PlanExtractor` now handles Claude Code (EnterPlanMode/ExitPlanMode) and OpenCode (`<proposed_plan>` XML) plans \u2014 previously only Codex plans were shown\n- **Enriched plan data model**: Plan steps include duration, token count, tool call count, and error messages\n- **Phase-grouped plan display**: When a plan has phase structure, tree and boxed views group steps under phase headers with context lines from the original plan markdown\n- **Node type filter**: Press `f` on the Mind Map tab to cycle through node type filters (file, tool, task, subagent, command, plan, knowledge-note) \u2014 non-matching sections render dimmed in grey\n\n### Fixed\n\n- **Kanban board regression**: Subagent and plan-step tasks now correctly appear in the kanban board\n\n### Changed\n\n- **Plans panel temporarily disabled**: The Plans panel in the CLI dashboard is disabled until plan-mode event capture is reliably working end-to-end. Plan nodes in the mind map remain active.\n- `DashboardState` now delegates to shared `EventAggregator` instead of maintaining its own aggregation logic\n\n## [0.12.2] - 2026-02-23\n\n### Added\n\n- **Update notifications**: The dashboard now checks the npm registry for newer versions on startup and shows a yellow banner in the status bar when an update is available (e.g., `v0.13.0 available \u2014 npm i -g sidekick-agent-hub`). Results are cached for 24 hours to avoid repeated network requests.\n\n## [0.12.1] - 2026-02-23\n\n### Fixed\n\n- **VS Code integration**: Fixed exit code 127 when the extension launches the CLI dashboard on systems using nvm or volta (node binary not found when shell init is bypassed)\n\n## [0.12.0] - 2026-02-22\n\n### Added\n\n- **"Open CLI Dashboard" VS Code Integration**: New VS Code command `Sidekick: Open CLI Dashboard` launches the TUI dashboard in an integrated terminal\n  - Install the CLI with `npm install -g sidekick-agent-hub`\n\n## [0.11.0] - 2026-02-19\n\n### Added\n\n- **Initial Release**: Full-screen TUI dashboard for monitoring agent sessions from the terminal\n  - Ink-based terminal UI with panels for sessions, tasks, kanban, mind map, notes, decisions, search, files, and git diff\n  - Multi-provider support: auto-detects Claude Code, OpenCode, and Codex sessions\n  - Reads from `~/.config/sidekick/` \u2014 the same data files the VS Code extension writes\n  - Usage: `sidekick dashboard [--project <path>] [--provider <id>]`\n';
   }
 });
@@ -84756,6 +85097,11 @@ function runCodexLogin(codexHome) {
   }
   return { success: true };
 }
+function printCodexWarning(warning, jsonOutput) {
+  if (warning && !jsonOutput) {
+    process.stderr.write(source_default.yellow(warning) + "\n");
+  }
+}
 function codexAccountAction(opts, jsonOutput) {
   if (opts.add) {
     if (!opts.label?.trim()) {
@@ -84769,6 +85115,7 @@ function codexAccountAction(opts, jsonOutput) {
       process.exit(1);
       return;
     }
+    let warning = prepared.warning;
     if (prepared.needsLogin) {
       if (!prepared.profileId || !prepared.codexHome) {
         process.stderr.write(source_default.red("Prepared Codex profile is missing login context.") + "\n");
@@ -84783,12 +85130,15 @@ function codexAccountAction(opts, jsonOutput) {
       }
       const finalized = (0, import_sidekick_shared33.finalizeCodexAccount)(prepared.profileId);
       if (!finalized.success) {
-        process.stderr.write(source_default.red(finalized.error ?? "Failed to finalize Codex account.") + "\n");
+        process.stderr.write(source_default.red("Account saved, but activation failed: " + (finalized.error ?? "unknown error")) + "\n");
+        process.stderr.write(source_default.dim("Use `sidekick account --provider codex --switch-to <label>` to retry activation.\n"));
         process.exit(1);
         return;
       }
+      warning = finalized.warning;
     }
     const active2 = (0, import_sidekick_shared33.getActiveCodexAccount)();
+    printCodexWarning(warning, jsonOutput);
     if (jsonOutput) {
       process.stdout.write(JSON.stringify({
         action: "added",
@@ -84796,7 +85146,8 @@ function codexAccountAction(opts, jsonOutput) {
         id: active2?.id,
         label: active2?.label,
         email: active2?.email ?? null,
-        authMode: active2?.metadata?.authMode ?? null
+        authMode: active2?.metadata?.authMode ?? null,
+        warning: warning ?? null
       }) + "\n");
     } else {
       process.stdout.write(source_default.green("Codex account saved: ") + (active2 ? formatCodexAccount(active2) : opts.label) + "\n");
@@ -84811,6 +85162,7 @@ function codexAccountAction(opts, jsonOutput) {
       process.exit(1);
       return;
     }
+    const wasActive = (0, import_sidekick_shared33.getActiveCodexAccount)()?.id === target.id;
     const result = (0, import_sidekick_shared33.removeCodexAccount)(target.id);
     if (!result.success) {
       process.stderr.write(source_default.red(result.error ?? "Failed to remove Codex account.") + "\n");
@@ -84821,6 +85173,9 @@ function codexAccountAction(opts, jsonOutput) {
       process.stdout.write(JSON.stringify({ action: "removed", provider: "codex", id: target.id, label: target.label }) + "\n");
     } else {
       process.stdout.write(source_default.green("Removed: ") + formatCodexAccount(target) + "\n");
+      if (wasActive) {
+        process.stdout.write(source_default.dim("The live ~/.codex credentials are unchanged. Use `--switch-to` to activate another saved account.\n"));
+      }
     }
     return;
   }
@@ -84838,8 +85193,9 @@ function codexAccountAction(opts, jsonOutput) {
       process.exit(1);
       return;
     }
+    printCodexWarning(result.warning, jsonOutput);
     if (jsonOutput) {
-      process.stdout.write(JSON.stringify({ action: "switched", provider: "codex", id: target.id, label: target.label }) + "\n");
+      process.stdout.write(JSON.stringify({ action: "switched", provider: "codex", id: target.id, label: target.label, warning: result.warning ?? null }) + "\n");
     } else {
       process.stdout.write(source_default.green("Switched to: ") + formatCodexAccount(target) + "\n");
     }
@@ -84862,8 +85218,9 @@ function codexAccountAction(opts, jsonOutput) {
       process.exit(1);
       return;
     }
+    printCodexWarning(result.warning, jsonOutput);
     if (jsonOutput) {
-      process.stdout.write(JSON.stringify({ action: "switched", provider: "codex", id: target.id, label: target.label }) + "\n");
+      process.stdout.write(JSON.stringify({ action: "switched", provider: "codex", id: target.id, label: target.label, warning: result.warning ?? null }) + "\n");
     } else {
       process.stdout.write(source_default.green("Switched to: ") + formatCodexAccount(target) + "\n");
     }
@@ -84997,7 +85354,7 @@ var init_cli = __esm({
     defaultAccountsReady = (0, import_sidekick_shared35.ensureDefaultAccounts)().catch(() => {
     });
     program2 = new Command();
-    program2.name("sidekick").description("Query Sidekick project intelligence from the command line").version("0.18.5").option("--json", "Output as JSON").option("--project <path>", "Override project path (default: cwd)").option("--provider <id>", "Provider: claude-code, opencode, codex, auto (default: auto)");
+    program2.name("sidekick").description("Query Sidekick project intelligence from the command line").version("0.19.0").option("--json", "Output as JSON").option("--project <path>", "Override project path (default: cwd)").option("--provider <id>", "Provider: claude-code, opencode, codex, auto (default: auto)");
     program2.hook("preAction", async () => {
       await defaultAccountsReady;
     });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sidekick-agent-hub",
-  "version": "0.18.5",
+  "version": "0.19.0",
   "description": "Terminal dashboard for monitoring AI coding agent sessions",
   "type": "module",
   "bin": {