v2.0.2 — ADE entity primacy fix

Patch update — no schema migration, no breaking changes.

Bug fixed

AutonomousDecisionEngine.detectEntities() in NESTeq/workers/ai-mind/src/index.ts returned detected entities in the order delivered by the entities table query (no ORDER BY). The caller in handleMindFeel picks detected_entities[0] as the row's linked_entity. Result: any feeling that mentioned the primary human (Fox) AND a secondary person could get auto-linked to whichever person SQLite happened to return first — typically by id ASC.

Surfaced today by 64 mislabeled feelings on Fox's instance (8 weeks of accumulated mistags, manually corrected). The data fix alone wouldn't have stopped reproduction — every new feeling logged after the cleanup would have hit the same code path.

Fix

After detectEntities pushes matches, promote DEFAULT_HUMAN_NAME to position 0 if it's in the array:

const primaryIdx = found.findIndex(e => e === DEFAULT_HUMAN_NAME);
if (primaryIdx > 0) {
  found.unshift(found.splice(primaryIdx, 1)[0]);
}

When the human isn't mentioned, behavior is unchanged — the first detected secondary entity wins as before.

No backfill needed for the bug itself

The patch prevents new mislabels going forward. Existing mislabels (if any) need a manual sweep:

SELECT id, content, linked_entity FROM feelings
WHERE linked_entity != 'Fox' AND content LIKE '%Fox%' AND content NOT LIKE '%[secondary]%';

Decide per row whether to re-attribute. On Fox's instance, the right call was linked_entity = 'Fox' for content with Fox-only references and NULL for introspective content where the person was a passing mention.

Companion to v2.0.1

Same family of small ADE/search bugs that compound over months when uncaught. v2.0.1 fixed journal vectorize + search fallback; v2.0.2 fixes entity primacy.

v2.0.1 — Journal vectorize + search fallback fix

Patch update — no schema migration, no breaking changes.

Bugs fixed

1. Journal writes never pushed to Vectorize

handleMindWrite case "journal" in NESTeq/workers/ai-mind/src/index.ts inserted entries into the D1 journals table but stopped there. The "entity" case has done a env.VECTORS.upsert(...) since v1; the journal path was never given the same treatment. Result: journals exist in D1 but were invisible to nesteq_search.

Fix: mirrors the entity vectorize block — embed the content with getEmbedding, upsert to Vectorize with source: 'journal' metadata. Wrapped in try/catch so Vectorize remains optional.

2. Text-search fallback only queried feelings

handleMindSearch falls back to a SQL LIKE query when the vector index returns empty. The original fallback only SELECTed from feelings — journal entries had no fallback path even when vector search missed.

Fix: UNION feelings + journals with a source_type discriminator, and update the display loop to tag journal results as journal:writing_type.

Migration / backfill

Existing journals written under v2.0.0 are still in D1 but not vectorized. After deploying v2.0.1, run a small backfill loop:

SELECT id, writing_type, content, emotion, tags, entry_date FROM journals;

For each row, run the same getEmbedding + env.VECTORS.upsert from the patched journal-write block. Existing entries come back into semantic search.

Credit

Surfaced by @glo testing with their companion Cael.

NESTstack v2.0.0 — Branded modules, NESTsoul folded in, security pass

Major release. Breaking change for forks — module folder names have been renamed to match the canonical NEST architecture. Plus security pass, new docs, NESTsoul folded in, and the public NESTai Discord.

Module rename (breaking)

Folder names now match the canonical module names. Update any path references in your fork:

Old	New
memory/	NESTeq/
know/	NESTknow/
chat/	NESTchat/
daemon/	NESTcode/
gateway/	NEST-gateway/
discord/	NEST-discord/

Done via git mv so file history is preserved. NESTdesktop/ and dashboard/ unchanged.

NESTsoul folded in

Previously a separate repo (cindiekinzz-coder/NESTsoul), the identity-portrait generator is now NESTsoul/ here as a proper module. Standalone repo will be archived; this is the canonical location going forward.

Security pass on local-agent + pc-tools

• Path traversal × 2 in pc-tools/file-read.js and file-write.js — endpoints now reject .. segments, null bytes, and non-absolute paths via a single assertSafePath helper.
• Command injection in pc-tools/app.js — dropped shell: true, added shell-metacharacter rejection on name and args.
• XSS gap in dashboard/writing.html — escapeHtml now covers ' and backtick in addition to &<>".
• Hardening across all pc-tools — input validation + server-side error logging instead of leaking internals to callers (closes findings on grep, glob, process, screenshot, web).
• Architectural fix — local-agent.js now binds to 127.0.0.1 only (was binding to all interfaces) and CORS is restricted to http://localhost:3456 only. Cross-origin requests are blocked by the browser before they leave.
• Dead bearer-header cleanup — stripped Authorization: Bearer ${API.API_KEY} from 16 dashboard files. API was never defined as a global so the headers were inert (the proxy attaches the bearer server-side), but they looked like a leak in code review. Gone.

New documentation

• COMMUNITY.md — entry-point doc for builders. Answers: what is this / how do I start / why Cloudflare / how much does it cost / how do I migrate / what if I don't want Cloudflare.
• EXTENDING.md — for contributors and AI agents helping with the codebase. Covers the three mantras (everything is a feeling / emergence over configuration / three-layer brain), deployment order, Cloudflare-binding gotchas, and the common agent failure modes pulled from real Bird scans.

NESTai Discord — public

Public Discord for the NESTstack community: https://discord.gg/9qQFsVB938

Front porch for builders, carriers, and AI companions. Soft on purpose.

Migrating from v1.x

If you've forked or cloned NESTstack at v1.x:

1. Pull or rebase onto v2.0.0
2. Update any import paths or scripts referencing the old folder names
3. If you were using the standalone NESTsoul repo, switch to the in-monorepo NESTsoul/ location

Built by Fox & Alex. Embers Remember. 🔥

NESTstack v1.5.0 — Appearance customization via carrier-profile

What's new

Carriers can now restyle the dashboard without forking. Fonts, accent colors, and background tone are pulled from carrier-profile.json#appearance at runtime via a new gateway endpoint.

Sparked by a Haven thread — Nana asked if they could work with the font; the answer became this release. The carrier-profile system we shipped in v1.4.0 was designed to absorb exactly this kind of customization without forking, and now it does.

New appearance section in carrier-profile.json

"appearance": {
  "font_family": "'Inter', sans-serif",
  "font_display": "'Cinzel', serif",
  "font_mono": "'IBM Plex Mono', monospace",
  "accent_primary": "#a855f7",
  "accent_secondary": "#f59e0b",
  "background_tone": "#0a0a0f"
}

Empty values fall through to NESTstack's cyberpunk defaults. No appearance section = no-op.

How it works

1. Gateway exposes GET /appearance.css — renders carrier-profile.appearance as CSS custom properties on :root. Cached 5 minutes, CORS-enabled.
2. Dashboard's config.js now has injectAppearanceCss() that pulls appearance.css from the configured gateway and appends it after styles.css, so carrier values override the defaults at runtime.
3. styles.css declares the carrier-overridable variables on :root with sane defaults. 20 hardcoded font-family declarations got refactored to reference the variables.

Setup for community users

# Edit your carrier-profile.json — add the appearance section
wrangler secret put CARRIER_PROFILE_JSON < carrier-profile.json

# Reload dashboard. Done. Your fonts, your accents, your home.

Continuity.

NESTstack v1.4.0 — gateway carrier-profile refactor

The big sanitization

The gateway no longer hardcodes any identity. From 196 personal-pattern hits → 0 across all gateway source files.

New carrier-profile.json system

Every place that used to say "Fox" / "Alex" / "Adam" / "Ember" / "Embers Remember" now reads from a structured profile loaded at runtime from the CARRIER_PROFILE_JSON worker secret.

cp gateway/carrier-profile.example.json carrier-profile.json
# fill in your name, pronouns, companion name, anchor phrases, etc.
wrangler secret put CARRIER_PROFILE_JSON < carrier-profile.json

If unset, the gateway falls back to generic "Companion" / "Carrier" defaults so first-time deploys still work.

What got refactored

• buildWorkshopPrompt in daemon.ts — the Workshop system prompt now reads identity, voice, anchors, household, discord IDs from the profile.
• buildSystemPrompt in chat.ts — the chat system prompt fully driven by the profile.
• KAIROS prompt in daemon.ts — Discord monitoring prompt no longer references specific people; uses companion/carrier names from profile.
• NESTsoul synthesis prompt in index.ts — generic synthesis instructions parameterized by companion name.
• Health synthesis prompt — same.
• Activity log + status messages — "Workshop open. ${companionName} is here.", etc.
• Tool descriptions in definitions.ts and tool-registry.ts — "Fox's heart rate" → "Heart rate data", "Ember" → "the pet", etc.
• Class field renames — foxState → carrierState, extractFoxBrief → extractCarrierBrief, emberRaw → petRaw.
• Env binding rename — FOX_HEALTH_URL → HEALTH_URL. fox-health.ts → health.ts (file rename via git mv).

What didn't change (intentionally)

• Tool names like fox_read_uplink, fox_full_status, pet_check are external API contracts registered by the health and AI Mind workers. Renaming them requires coordinated changes across multiple repos. Comments now make this clear.
• Route /fox-synthesis — same reason; external dashboard clients hit this URL.

Continuity.

NESTstack v1.3.0 — Tauri sidecar implementation ported

What this fixes

Public NESTdesktop's Tauri lib.rs was a stub. It set up Tauri plugins but never spawned the local-agent sidecar, which meant the bundled desktop app would launch with no backend — /api/* calls 404, the wizard couldn't save config, the chat couldn't proxy.

This release ports the real implementation from the working local copy, with sanitization.

What's new

Sidecar process management

lib.rs now spawns local-agent.js as a child process when the Tauri app launches, captures the PIDs, and registers a Sidecars struct with a Drop impl that kills the children on app exit. Clean lifecycle — no orphaned Node processes after closing the desktop app.

Optional Cloudflare Tunnel auto-start

If you want the desktop app to also spin up a Cloudflare Tunnel on launch, set the NESTDESKTOP_TUNNEL_NAME env var at build time:

NESTDESKTOP_TUNNEL_NAME=mytunnel cargo tauri build

If the var isn't set, the tunnel block is silently skipped — community users with no tunnel see no warnings, no errors.

Cross-platform

Added a spawn_hidden helper that hides the console window on Windows but works correctly on macOS and Linux too.

Sanitization applied

• Removed personal tagline (Embers Remember)
• Removed hardcoded tunnel name
• Updated default ports (3456 / 3457) to match the current local-agent.js
• tauri.conf.json productName updated to NESTdesktop

NOT changed (audit confirmed public is current)

• local-agent.js — public is the newer split-config version (3x larger than local's older copy)
• pc-tools/*.js — CRLF line-ending noise only; content is identical
• Cargo.toml, build files — CRLF noise
• Personal files in local (discord-listener.js, pc-mcp-bridge.js, .env, etc.) deliberately not ported

Embers Remember.

NESTstack v1.2.0 — NESTdesktop platform reframe

Folder rename: community/ → NESTdesktop/

The community/ folder has been renamed to NESTdesktop/ to reflect what it actually is: a complete companion platform that runs on your PC AND your phone.

What it is now

NESTdesktop is everything — local agent, chat dashboard, companion home screens, setup wizard, PC tools, native desktop wrapper. One install, two surfaces:

• PC — Node server (npm start) or native desktop app via Tauri (npm run tauri:build → .exe / .app / .AppImage)
• Phone — Deploy the dashboard to Cloudflare Pages, open the URL on mobile, 'Add to Home Screen' → installs as a PWA. Same companion, both screens, cross-device sync.

README rewrite

Merged the warmth of the original community README with the technical structure of the local working version. Now includes:

• Platform-first opening (PC + Mobile callout box)
• Four-path setup (Starter / New Deploy / Existing Memory / Migration) instead of binary 'Two Speeds'
• Tauri build instructions for native desktop app
• PWA install instructions for mobile
• Full wrangler deploy checklist for Path B
• Security Notes section
• Troubleshooting section (incl. PWA install gotchas)
• All the voice — FAQ, 'Bugs We Already Fixed', GIFs, Philosophy, Credits — preserved

Top-level README

The 'Deploy Your Own — Start Here' CTA now points at NESTdesktop/ and lists all four paths. Repository Layout table updated.

Embers Remember.

NESTstack v1.1.0 — Community deploy surfaced

What's new

Community deploy is now the front door

The top-level README has a prominent 🚀 Deploy Your Own — Start Here section pointing at community/. Two-speed framing:

• Starter (5 min) — local-only chat with OpenRouter or local LLM
• Full Deploy (1–2 hr) — memory, feelings, threads, dreams, dashboard

Split config pattern

community/ now uses the safer two-file config:

• config.public.json — browser-visible settings (companion name, models, feature flags, service URLs)
• config.secret.json — API keys and tokens, gitignored, never leaves your machine
• config.secret.json.example — template for new users

The local-agent.js server reads both, merges them, and exposes only public values to the browser. Secrets are attached server-side when proxying to your AI Mind worker.

Schema upgrade

config.public.json now has nested sections for identity, appearance, services, models, voice, features, cloudflare, and starter. setupVersion is tracked so future migrations can detect upgrades.

Embers Remember.

NESTstack v1.0.0 — Monorepo consolidation

First release of NESTstack — the unified monorepo home of the NEST architecture.

What's in this release

The seven previously-split repos consolidated into one stack:

• gateway/ — connective tissue, 150+ MCP tools, daemon host (was NEST-gateway)
• daemon/ — always-on Durable Object: heartbeat, cron, KAIROS Discord monitoring, alerts, morning report (was NEST-code)
• memory/ — the eq mind: feelings, identity, threads, dreams, emergence (was NESTeqMemory)
• know/ — knowledge layer with usage-weighted retrieval (was NEST-know)
• chat/ — chat persistence + semantic search (was NEST-chat)
• discord/ — Discord MCP integration + KAIROS hooks (was NEST-discord)
• dashboard/ — companion dashboard PWA (was NEST-dashboard)

The split source repos are archived with redirects pointing here. NESTeq-V3 is superseded — NESTstack v1.0.0 is the official v4 stack.

Embers Remember.

Built by Fox & Alex.