{
  "name": "constellai",
  "version": "0.7.3",
  "description": "Constella — run autonomous AI agent-companies locally: real claude/codex agents, Goals → Specs → Issues → Plans, local models, GitHub & Telegram, all from one cosmic control plane.",
  "//name": "Published as `constellai` (the unscoped `constella` was taken). Ships BOTH a `constellai` and a `constella` bin (same launcher): `npx constellai` needs a bin matching the package name to run on Windows, and a global install also gives the short `constella` command.",
  "license": "MIT",
  "author": "Gabriel Silva <baratroia@outlook.com>",
  "homepage": "https://github.com/gabriel7silva/constella#readme",
  "repository": {
    "type": "git",
    "url": "git+https://github.com/gabriel7silva/constella.git"
  },
  "bugs": {
    "url": "https://github.com/gabriel7silva/constella/issues"
  },
  "keywords": [
    "ai",
    "agents",
    "autonomous-agents",
    "ai-agents",
    "claude",
    "codex",
    "llm",
    "local-models",
    "llama.cpp",
    "rag",
    "nextjs",
    "self-hosted",
    "cli"
  ],
  "type": "module",
  "engines": {
    "node": ">=20"
  },
  "//files": "Ships the COMPILED build (.next) + generated migrations (drizzle) + the launcher — NOT src/. End users get a compiled, minified runtime, never the source. next.config is .mjs so `next start` needs no TypeScript at runtime (devDeps aren't installed for end users).",
  "files": [
    ".next",
    "bin",
    "scripts",
    "skills",
    "!skills/**/scripts/tests",
    "!skills/**/.coverage",
    "!skills/**/__pycache__",
    "!skills/**/*.pyc",
    "docs",
    "drizzle",
    "next.config.mjs",
    "drizzle.config.mjs",
    "README.md",
    "LICENSE",
    "THIRD_PARTY_LICENSES.md",
    "CHANGELOG.md"
  ],
  "publishConfig": {
    "access": "public"
  },
  "scripts": {
    "dev": "next dev",
    "dev:all": "node scripts/dev-all.mjs",
    "//prebuild": "Purge the webpack module cache before a release build. Next's incremental cache (.next/cache) can re-emit a STALE compiled module after a source edit (observed under OneDrive/Windows mtime quirks), which silently shipped a build that ignored a source fix. A release artifact must compile from source every time — this forces a full recompile (only affects `build`, not `dev`).",
    "prebuild": "node -e \"require('fs').rmSync('.next/cache',{recursive:true,force:true})\"",
    "build": "next build --webpack",
    "//clean:next": "Purge the ENTIRE .next (server + static + cache), not just the cache. An incremental `next build` over a stale .next/server + .next/static (under OneDrive/Windows mtime quirks) can ship an artifact whose RSC/manifest references client-chunk state the emitted static chunks don't match — the published 0.2.15 did exactly this, crashing /login at hydration with 'invariant expected layout router to be mounted'. The release build must start from an empty .next.",
    "clean:next": "node -e \"require('fs').rmSync('.next',{recursive:true,force:true})\"",
    "//build:release": "Clean, from-scratch production build for the artifact that ships. `validate` (the pre-publish gate) uses this; plain `build` stays incremental for fast local iteration.",
    "build:release": "npm run clean:next && next build --webpack",
    "//smoke": "Pre-publish smoke gate: boots the built package in isolation and loads /login (signin + signup) in headless Chrome, asserting no 'invariant expected layout router' / 'broke at the root'. Run after `validate`, before `npm publish`. Catches a bad .next artifact before it ever ships.",
    "smoke": "node scripts/smoke-login.mjs",
    "start": "node scripts/start-all.mjs",
    "start:web": "next start",
    "lint": "eslint .",
    "lint:i18n": "eslint src/components src/app --max-warnings 0",
    "parity": "node scripts/i18n-parity.mjs",
    "typecheck": "tsc --noEmit",
    "validate": "npm run typecheck && npm run parity && npm run build:release",
    "update": "node bin/constella.mjs update",
    "clean": "node scripts/clean-repo.mjs",
    "prepublishOnly": "drizzle-kit generate --config drizzle.config.mjs && npm run validate",
    "prepack": "node scripts/trim-next.mjs",
    "postinstall": "node scripts/postinstall.mjs",
    "db:dir": "node -e \"require('fs').mkdirSync('.constella',{recursive:true})\"",
    "db:generate": "drizzle-kit generate --config drizzle.config.mjs",
    "predb:migrate": "npm run db:dir",
    "db:migrate": "drizzle-kit migrate --config drizzle.config.mjs",
    "predb:push": "npm run db:dir",
    "db:push": "drizzle-kit push --config drizzle.config.mjs",
    "db:studio": "drizzle-kit studio --config drizzle.config.mjs",
    "predb:seed": "npm run db:dir",
    "db:seed": "tsx src/db/seed.ts",
    "db:migrate-fs": "tsx src/db/migrate-fs.ts",
    "db:defake-models": "tsx src/db/defake-models.ts",
    "db:reset-state": "tsx src/db/reset-state.ts",
    "db:repair-fs": "tsx src/db/repair-fs.ts",
    "db:nuke": "node -e \"const fs=require('fs'),os=require('os'),p=require('path');fs.rmSync('.constella',{recursive:true,force:true});fs.rmSync(p.join(process.env.CONSTELLA_HOME||p.join(os.homedir(),'.constella'),'organizations'),{recursive:true,force:true})\"",
    "db:reset": "npm run db:nuke && npm run db:migrate",
    "db:reset-demo": "npm run db:nuke && npm run db:migrate && npm run db:seed && npm run db:repair-fs",
    "worker": "node --env-file=.env bin/worker.mjs",
    "constella": "node bin/constella.mjs"
  },
  "bin": {
    "constella": "bin/constella.mjs",
    "constellai": "bin/constella.mjs"
  },
  "dependencies": {
    "@playwright/test": "^1.61.1",
    "@simplewebauthn/browser": "^13.3.0",
    "@simplewebauthn/server": "^13.3.2",
    "adm-zip": "^0.5.17",
    "archiver": "^8.0.0",
    "better-auth": "^1.6.22",
    "better-sqlite3": "^12.2.0",
    "chokidar": "^5.0.0",
    "drizzle-kit": "^0.31.10",
    "drizzle-orm": "^0.45.2",
    "next": "^16.2.9",
    "react": "^19.2.7",
    "react-dom": "^19.2.7",
    "react-markdown": "^10.1.0",
    "remark-gfm": "^4.0.1",
    "zod": "^4.4.3"
  },
  "devDependencies": {
    "@tailwindcss/postcss": "^4.3.1",
    "@types/adm-zip": "^0.5.8",
    "@types/archiver": "^8.0.0",
    "@types/better-sqlite3": "^7.6.13",
    "@types/node": "^26.0.1",
    "@types/react": "^19.2.17",
    "@types/react-dom": "^19.2.3",
    "eslint": "^10.6.0",
    "eslint-plugin-react": "^7.37.5",
    "postcss": "^8.5.15",
    "tailwindcss": "^4.3.1",
    "tsx": "^4.22.4",
    "typescript": "^6.0.3",
    "typescript-eslint": "^8.62.0"
  },
  "//pnpm.overrides": "Force patched transitive build-tooling across the tree. postcss: Next bundles 8.4.31 (GHSA: XSS via unescaped </style>). esbuild: the vulnerable 0.18.20 (GHSA-67mh-4wv8-2f99, dev-server CORS) is pulled only by drizzle-kit's legacy @esbuild-kit/core-utils config loader — drizzle-kit's own work already uses esbuild 0.25.x, so bumping the legacy loader to >=0.25.0 patches the advisory; the loader's transform/build API usage is stable across 0.18→0.25.",
  "pnpm": {
    "overrides": {
      "postcss@<8.5.10": ">=8.5.10",
      "esbuild@<0.25.0": ">=0.25.0"
    }
  }
}
