Fixed silent data loss when orchex learn inferred mutual file-ownership dependencies. Mutual context reads (stream A reads stream B's file and vice versa) are now auto-dropped. N-node file-ownership-only cycles are broken by removing the weakest edge. Cycles from explicit deps are preserved as user errors. Added 4 safety gates: Kahn's algorithm cycle detection at init/add_stream, archive blocking for pending cyclic streams, learn tool error visualization, and orchestrator done=false when pending streams remain.
Full pre-publish security audit across 5 vectors (secrets, package contents, import chains, process safety, supply chain). All findings resolved:
await import()npm audit --production clean, all MIT/ISC/BSD-2-Clause licensesStore your LLM API keys securely with AES-256-GCM encryption. Keys are validated against provider APIs before storage. CRUD management via dashboard and API.
Per-user monthly LLM spend is now tracked automatically. Every orchestration run records its token cost. View your monthly spend in the dashboard or via the MCP status tool.
Set a monthly spending threshold. When your LLM costs reach the threshold, you receive a notification. Configurable per user in dashboard settings.
The REST /api/v1/execute endpoint now supports BYOK. Each job uses the submitting user's stored API key. No shared executor — every execution is isolated per user.
New global stats endpoint with speedup multiplier, success rate, total streams executed, and self-heal recovery rate. Dashboard cards show per-user and global metrics.
Comprehensive security and reliability audit across three phases. Phase A: path traversal guards, cost pipeline fix, command denylist, config cleanup, 529 retry, maxBuffer, timeout, runId, cost unification. Phase B: schema hardening, REST security, artifact safety, orchestrator fixes, logger runId. Phase C: structured logging, wave number tracking, per-wave cost logging, broadcaster lifecycle events.
Streams now edit files by line range ([startLine, endLine]) instead of string matching. Bottom-to-top application with overlap detection for higher reliability.
Six quality improvements: import-based reads extraction, fuzzy path correction with basename search, cross-stream owned path virtual overlay, prose file reference filtering, wave count warnings at 80% tier limit, and diagnostics spine threading.
Server-rendered BYOK key management at /dashboard/keys. Add/delete forms with CSRF protection, TOS acceptance, live key validation against provider APIs, AES-256-GCM encryption.
Organization members see each other's orchestration runs on the dashboard and history API. Org switcher, access checks, and X-Orchex-Org header support.
Self-healing gated to Pro+ tiers. Max parallel agents enforced per tier. Smart planning (orchex learn) gated to paid tiers. Feature access checked at execution time with clear error messages.
The headline feature of v4: write a markdown plan document and orchex learn parses it into parallel stream definitions. It extracts deliverables, infers dependencies, generates ownership boundaries, and adds verification commands. No YAML boilerplate required.
The learn pipeline now detects common plan anti-patterns before execution: streams with too many owned files, mixed structural and content changes, missing dependency edges, and over-complex deliverables. Warnings are surfaced in diagnostics.
Each stream can now have a context budget — a token limit that controls how much context is sent to the LLM. Provider-aware: different models have different context windows. Enforcement levels: warn, soft (truncate), hard (fail).
Streams that are too complex are automatically split into smaller, focused sub-streams. The splitter classifies files (tests, migrations, docs, types, core) and groups them into atomic units that respect dependency ordering.