fix: audit findings + subagent prompt visibility + discord link

Three logical groups of fixes bundled together.

## A. Hide subagent prompts from TUI render (issue #50 part 2)

Historian, dreamer, sidekick, compressor, and user-memory subagent calls
were sending their full system prompt body as a regular `text` part on
the user message. OpenCode TUI rendered this as a giant unreadable
"user message" in the subagent pane (compaction prompts can be >90K
chars).

Fix: add `synthetic: true` to the prompt text part on all 7 subagent
call sites. Verified via OpenCode source:
  - `message-v2.ts:74` (toModelMessagesEffect) only filters `!part.ignored`
    for user-role text, so synthetic still reaches the LLM.
  - `transcript.ts:85` filters `!part.synthetic` for TUI render, hiding
    the prompt body from the visible pane.
  - OpenCode's own `compaction.ts:547` and `prompt.ts:234-241` use the
    same pattern — the LLM must read these prompts to function.

E2E proof: `historian-success.test.ts` still passes (29/29 e2e tests
pass) — if synthetic filtered the prompt out, historian would receive
empty input and produce no compartment; the test asserts a compartment
is published.

## B. Audit findings — 8 confirmed real bugs + 2 false-positive comments

Council audit of the post-v0.16.1 stack identified 10 issues. Manual
re-verification against source confirmed 8 real bugs and 2 false
positives.

### Real bugs

1. `setup-opencode.ts` cast `existing.plugin as string[]` and called
   `.startsWith()` on each entry, throwing TypeError on tuple-form
   `["@pkg/name", { ...options }]` entries. Now imports
   `isDevPathPluginEntry` and `matchesPluginEntry` from the shared
   adapter and operates on the raw array. Tuples preserved on write,
   dev-path entries detected (no double-add) but never replaced.

2. `doctor-opencode.ts` filtered the plugin array with
   `(p): p is string => typeof p === "string"` BEFORE writing it
   back, silently destroying every tuple entry on every doctor run.
   Same fix: operate on the raw array. When upgrading a pinned tuple
   entry to @latest, the options object is preserved by mutating only
   index [0] of the tuple. Same fix applied to TUI config plugin
   handling. Also fixes finding #9: the inline `isDevPathEntry` only
   matched `opencode-magic-context`, missing bare `magic-context` paths
   (post-rename) that the shared helper handles correctly.

3. `paths.ts::getOpenCodePluginCacheDir` had a Windows branch
   resolving to `%LOCALAPPDATA%/opencode/Cache/packages` while
   OpenCode (and our `data-path.ts` plugin helper) actually use
   `~/.cache/opencode/packages` on every platform via the
   `xdg-basedir` fallback. Removed the Windows-specific branch so
   `doctor --force` clears the right directory. This regressed the
   exact same fix already applied to `data-path.ts`.

4. `dashboard-release.yml` deploy-updater used `publish_dir: .` +
   `force_orphan: true` + `keep_files: false` together with an
   invalid `include_files` input that peaceiris/actions-gh-pages does
   not support. Result: every dashboard release published the entire
   repo checkout to gh-pages with a single orphan commit, wiping
   history. Fixed by staging just `latest.json` in `_updater_publish/`,
   pointing `publish_dir` at that dir, setting `keep_files: true` and
   `force_orphan: false`.

5. `dashboard-release.yml` used a hardcoded `sleep 30` before
   downloading `latest.json` from the draft release. First-time
   asset uploads can take longer than 30s, causing silent failures.
   Replaced with a 20×15s retry loop (5 minutes total).

8. `release.yml` `github-release` job depended only on test jobs, not
   on the three publish jobs, so a release page could be created on
   GitHub while one of the @cortexkit/* npm packages was missing.
   Now `needs: [..., publish-npm, publish-npm-pi, publish-npm-cli]`.

10. `doctor-pi.ts` had `add(results, "pass", "No known conflicting Pi
    extensions detected")` hardcoded with no detection logic. Replaced
    with real check for multiple magic-context entries in Pi
    `packages[]` (a real self-conflict that loads the plugin twice).

### False positives — documented inline

6. `setup-opencode.ts` Step 8 (OMO conflict prompt) is gated by
   `!hadExistingSetup`. Audit flagged this as "skipped for existing
   users", but existing users hit the same OMO conflict-fix logic via
   the `hadExistingSetup` branch at lines 231-257 (which calls
   `detectConflicts` + `fixConflicts` covering all OMO hooks). Added
   inline comment so future audits don't re-flag.

7. `migrate.ts` reports `messageCount: entries.length - 2`. Audit
   flagged this as off-by-N. The `- 2` correctly subtracts the
   structural `session` + `model_change` entries that lead every Pi
   JSONL file; the result counts boundary marker + all migrated
   message entries + (when present) compaction marker — exactly what
   "migrated entries" means in CLI output. Added inline comment.

## C. Discord URL update

Switched README Discord badge + nav link from `discord.gg/F2uWxjGnU`
to `discord.gg/DSa65w8wuf`.

## Verification

- typecheck: 0 errors across plugin + pi-plugin + cli
- lint: 0 errors (after biome autofix)
- plugin tests: 1050 / 1050 pass
- pi-plugin tests: 236 / 236 pass
- cli tests: 58 / 58 pass
- e2e tests: 29 / 29 pass (proves synthetic:true reaches LLM)
- manual smoke tests:
  - tuple-form other plugin preserved when adding magic-context: ✓
  - pinned tuple of magic-context upgraded to @latest, options
    preserved (`myOption` survives `0.16.0 → @latest`): ✓
  - dev-path entry detected (hasDev=true), not double-added: ✓
  - bare `magic-context` (post-rename) dev path detected: ✓

## Reusable helpers

`isDevPathPluginEntry` and `matchesPluginEntry` were promoted from
private to exported in `packages/cli/src/adapters/opencode.ts` so
both `setup-opencode.ts` and `doctor-opencode.ts` can use the same
source of truth for plugin-entry classification — eliminates the
drift that caused finding #9.

Author: ualtinok

.github/workflows/dashboard-release.yml

@@ -121,33 +121,55 @@ jobs:
           APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
           APPLE_API_KEY_PATH: ${{ runner.temp }}/apple-api-key.p8
 
-  # Deploy latest.json to gh-pages for the updater endpoint
+  # Deploy latest.json to gh-pages for the updater endpoint.
+  #
+  # Tauri's updater endpoint lives at https://cortexkit.github.io/magic-context/latest.json.
+  # That URL must keep serving the latest signed manifest after every dashboard
+  # release. We deploy ONLY latest.json by staging it in an isolated directory
+  # and pointing publish_dir at that directory — previous configs used
+  # `publish_dir: .` together with the (non-existent) `include_files` input,
+  # which silently published the entire repo checkout to gh-pages on every
+  # release.
   deploy-updater:
     name: Deploy updater manifest
     needs: build
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
 
-      - name: Wait for release assets
-        run: sleep 30
-
-      - name: Download latest.json from release
+      - name: Download latest.json from release (with retry)
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           TAG="${{ github.ref_name }}"
-          # Try draft release first, then published
-          gh release download "$TAG" --pattern "latest.json" --output latest.json --clobber 2>/dev/null || \
-            gh release download "$TAG" --pattern "latest.json" --output latest.json --clobber
-          cat latest.json
+          mkdir -p _updater_publish
+          OUT=_updater_publish/latest.json
+          # Retry up to 20×15s (5 minutes) — first-time uploads of large
+          # platform binaries can take longer than a single fixed sleep,
+          # and tauri-action publishes assets in parallel.
+          for attempt in $(seq 1 20); do
+            if gh release download "$TAG" --pattern "latest.json" --output "$OUT" --clobber 2>/dev/null; then
+              echo "✓ downloaded latest.json on attempt $attempt"
+              cat "$OUT"
+              exit 0
+            fi
+            echo "attempt $attempt: latest.json not yet available, sleeping 15s…"
+            sleep 15
+          done
+          echo "::error::latest.json never became available on release $TAG"
+          exit 1
 
       - name: Deploy to gh-pages
         uses: peaceiris/actions-gh-pages@v4
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: .
+          # Publish ONLY the staging dir, which contains exactly one file:
+          # latest.json. Anything else in the workspace stays out of gh-pages.
+          publish_dir: ./_updater_publish
           publish_branch: gh-pages
-          keep_files: false
-          force_orphan: true
-          include_files: latest.json
+          # keep_files: true preserves any other files that already exist
+          # on gh-pages so we don't wipe the branch on each release.
+          keep_files: true
+          # force_orphan would discard gh-pages history; we keep history so
+          # the branch acts as a normal append-only artifact log.
+          force_orphan: false

.github/workflows/release.yml

@@ -198,7 +198,11 @@ jobs:
   github-release:
     name: Create GitHub Release
     runs-on: ubuntu-latest
-    needs: [test, test-pi, test-cli]
+    # Wait for ALL three npm publishes to succeed before tagging the GitHub
+    # release. Previously this depended only on the test jobs, so a publish
+    # timeout or registry failure could leave a published release page on
+    # GitHub while one of the @cortexkit/* packages was missing from npm.
+    needs: [test, test-pi, test-cli, publish-npm, publish-npm-pi, publish-npm-cli]
     steps:
       - uses: actions/checkout@v4
 

README.md

@@ -9,7 +9,7 @@
   <a href="https://www.npmjs.com/package/@cortexkit/magic-context"><img src="https://img.shields.io/npm/v/@cortexkit/magic-context?label=cli&color=orange&style=flat-square" alt="npm @cortexkit/magic-context"></a>
   <a href="https://www.npmjs.com/package/@cortexkit/opencode-magic-context"><img src="https://img.shields.io/npm/v/@cortexkit/opencode-magic-context?label=opencode&color=blue&style=flat-square" alt="npm @cortexkit/opencode-magic-context"></a>
   <a href="https://www.npmjs.com/package/@cortexkit/pi-magic-context"><img src="https://img.shields.io/npm/v/@cortexkit/pi-magic-context?label=pi&color=purple&style=flat-square" alt="npm @cortexkit/pi-magic-context"></a>
-  <a href="https://discord.gg/F2uWxjGnU"><img src="https://img.shields.io/discord/1488852091056295957?style=flat-square&logo=discord&logoColor=white&label=Discord&color=5865F2" alt="Discord"></a>
+  <a href="https://discord.gg/DSa65w8wuf"><img src="https://img.shields.io/discord/1488852091056295957?style=flat-square&logo=discord&logoColor=white&label=Discord&color=5865F2" alt="Discord"></a>
   <a href="https://github.com/cortexkit/magic-context/stargazers"><img src="https://img.shields.io/github/stars/cortexkit/magic-context?style=flat-square&color=yellow" alt="stars"></a>
   <a href="https://github.com/cortexkit/magic-context/commits"><img src="https://img.shields.io/github/last-commit/cortexkit/magic-context?style=flat-square&color=green" alt="last commit"></a>
   <a href="https://github.com/cortexkit/magic-context/blob/master/LICENSE"><img src="https://img.shields.io/badge/license-MIT-green?style=flat-square" alt="MIT License"></a>
@@ -31,7 +31,7 @@
   <a href="#magic-context-app">🖥️ Desktop App</a> ·
   <a href="#commands">Commands</a> ·
   <a href="#configuration">Configuration</a> ·
-  <a href="https://discord.gg/F2uWxjGnU">💬 Discord</a>
+  <a href="https://discord.gg/DSa65w8wuf">💬 Discord</a>
 </p>
 
 ---

packages/cli/src/adapters/opencode.ts

@@ -239,15 +239,6 @@ export class OpenCodeAdapter implements HarnessAdapter {
     }
 }
 
-/**
- * Match a plugin array entry against our plugin name. Plugin entries can be:
- *   - a string: "@cortexkit/opencode-magic-context@latest" or "@cortexkit/opencode-magic-context"
- *   - a tuple: ["@cortexkit/opencode-magic-context@latest", { ... options }]
- *   - a file URL: "file:///path/to/local/dev/checkout"
- *
- * For matching purposes we strip everything after `@` (after the first `@org/pkg`
- * segment) so versioned and unversioned entries are equivalent.
- */
 /**
  * Match a plugin entry that resolves to a local dev checkout of magic-context:
  *   - "file:///abs/path/.../opencode-magic-context"
@@ -259,8 +250,12 @@ export class OpenCodeAdapter implements HarnessAdapter {
  * Setup and doctor must detect these so they don't double-add @latest, but
  * must NEVER replace them — that would silently disable the developer's
  * local plugin instance.
+ *
+ * Exported because both `setup-opencode.ts` and `doctor-opencode.ts` need this
+ * exact same logic; previous duplication caused drift (e.g. one path matching
+ * `opencode-magic-context` only, the other also matching bare `magic-context`).
  */
-function isDevPathPluginEntry(entry: unknown): boolean {
+export function isDevPathPluginEntry(entry: unknown): boolean {
     let candidate: string | null = null;
     if (typeof entry === "string") candidate = entry;
     else if (Array.isArray(entry) && typeof entry[0] === "string") candidate = entry[0];
@@ -271,7 +266,21 @@ function isDevPathPluginEntry(entry: unknown): boolean {
     return candidate.includes("opencode-magic-context") || candidate.includes("magic-context");
 }
 
-function matchesPluginEntry(entry: unknown, pkgName: string): boolean {
+/**
+ * Match a plugin array entry against a package name. Plugin entries can be:
+ *   - a string: "@cortexkit/opencode-magic-context@latest" or "@cortexkit/opencode-magic-context"
+ *   - a tuple: ["@cortexkit/opencode-magic-context@latest", { ... options }]
+ *   - a file URL: "file:///path/to/local/dev/checkout"
+ *
+ * For matching purposes we strip everything after `@` (after the first `@org/pkg`
+ * segment) so versioned and unversioned entries are equivalent.
+ *
+ * Returns false for `file://` entries so dev paths are not classified as
+ * "the published plugin". Use `isDevPathPluginEntry` for that detection.
+ *
+ * Exported for reuse across setup and doctor flows.
+ */
+export function matchesPluginEntry(entry: unknown, pkgName: string): boolean {
     let candidate: string | null = null;
     if (typeof entry === "string") candidate = entry;
     else if (Array.isArray(entry) && typeof entry[0] === "string") candidate = entry[0];

packages/cli/src/commands/doctor-opencode.ts

@@ -18,6 +18,7 @@ import {
 import { Database } from "@magic-context/core/shared/sqlite";
 import { ensureTuiPluginEntry } from "@magic-context/core/shared/tui-config";
 import { parse, stringify } from "comment-json";
+import { isDevPathPluginEntry, matchesPluginEntry } from "../adapters/opencode";
 import { collectDiagnostics } from "../lib/diagnostics-opencode";
 import { bundleIssueReport } from "../lib/logs-opencode";
 import { isOpenCodeInstalled } from "../lib/opencode-helpers";
@@ -689,64 +690,78 @@ export async function runDoctor(
         try {
             const raw = readFileSync(paths.opencodeConfig, "utf-8");
             const config = parse(raw) as Record<string, unknown>;
-            const plugins = Array.isArray(config?.plugin) ? config.plugin : [];
-            const pluginList = (plugins as unknown[]).filter(
-                (p): p is string => typeof p === "string",
-            );
-            // Detect any plugin entry that resolves to magic-context, including
-            // local dev paths (file://..., /abs/path, ./relative). Dev paths
-            // are recognized so we don't double-add an @latest entry on top,
-            // but they are NOT replaced — replacing a developer worktree
-            // path with `@latest` would make the dev plugin instance vanish
-            // from OpenCode.
-            const isDevPathEntry = (p: string): boolean =>
-                p.startsWith("file://") || p.startsWith("/") || p.startsWith("./");
-            const existingIdx = pluginList.findIndex(
-                (p) =>
-                    p === PLUGIN_NAME ||
-                    p.startsWith(`${PLUGIN_NAME}@`) ||
-                    (isDevPathEntry(p) && p.includes("opencode-magic-context")),
+            // Operate on the raw plugin array. Entries can be:
+            //   • a string  "@cortexkit/opencode-magic-context@latest"
+            //   • a tuple   ["@pkg/name@latest", { ...options }]
+            //   • a dev URL "file:///abs/path/.../packages/plugin"
+            // We MUST preserve every entry shape on write — filtering out
+            // tuples (or stripping options) would silently drop user config.
+            // matchesPluginEntry / isDevPathPluginEntry are imported from
+            // ../adapters/opencode and accept both strings and tuples.
+            const rawPlugins: unknown[] = Array.isArray(config?.plugin) ? config.plugin : [];
+            const existingIdx = rawPlugins.findIndex(
+                (entry) => matchesPluginEntry(entry, PLUGIN_NAME) || isDevPathPluginEntry(entry),
             );
             const configName =
                 paths.opencodeConfigFormat === "jsonc" ? "opencode.jsonc" : "opencode.json";
-            if (existingIdx >= 0 && pluginList[existingIdx] === PLUGIN_ENTRY_WITH_VERSION) {
+
+            // Helper: extract the plain string (or first element of a tuple) so
+            // we can compare against the desired @latest entry.
+            const entryAsString = (entry: unknown): string | null => {
+                if (typeof entry === "string") return entry;
+                if (Array.isArray(entry) && typeof entry[0] === "string") return entry[0];
+                return null;
+            };
+
+            if (existingIdx >= 0 && rawPlugins[existingIdx] === PLUGIN_ENTRY_WITH_VERSION) {
                 pass(`Plugin registered in ${configName}`);
             } else if (existingIdx >= 0) {
-                const oldEntry = pluginList[existingIdx];
+                const oldEntry = rawPlugins[existingIdx];
+                const oldEntryStr = entryAsString(oldEntry) ?? "";
 
                 // Dev-path entries (file://, absolute, relative) are detected
                 // so we don't double-add @latest, but we MUST NOT replace them
                 // — that would silently disable the developer's local plugin
                 // checkout. Always log as-is and leave the entry alone, even
                 // under --force.
-                if (isDevPathEntry(oldEntry)) {
-                    pass(`Plugin registered in ${configName} (dev path: ${oldEntry})`);
+                if (isDevPathPluginEntry(oldEntry)) {
+                    pass(`Plugin registered in ${configName} (dev path: ${oldEntryStr})`);
                 } else {
                     const isPinned =
-                        oldEntry !== PLUGIN_NAME &&
-                        oldEntry !== PLUGIN_ENTRY_WITH_VERSION &&
-                        /^@cortexkit\/opencode-magic-context@\d/.test(oldEntry);
+                        oldEntryStr !== PLUGIN_NAME &&
+                        oldEntryStr !== PLUGIN_ENTRY_WITH_VERSION &&
+                        /^@cortexkit\/opencode-magic-context@\d/.test(oldEntryStr);
 
                     if (isPinned && !options.force) {
                         // Warn but don't change — user intentionally pinned
                         warn(
-                            `Plugin pinned to ${oldEntry} in ${configName} — use 'doctor --force' to upgrade`,
+                            `Plugin pinned to ${oldEntryStr} in ${configName} — use 'doctor --force' to upgrade`,
                         );
                     } else {
-                        // Upgrade versionless entry to @latest, or --force upgrades pinned
-                        pluginList[existingIdx] = PLUGIN_ENTRY_WITH_VERSION;
-                        config.plugin = pluginList;
+                        // Upgrade versionless entry to @latest, or --force upgrades pinned.
+                        // If the existing entry is a tuple, preserve options by
+                        // updating only the package-name slot; otherwise replace
+                        // with the plain string entry.
+                        if (Array.isArray(oldEntry) && oldEntry.length >= 1) {
+                            const replacement = [...oldEntry];
+                            replacement[0] = PLUGIN_ENTRY_WITH_VERSION;
+                            rawPlugins[existingIdx] = replacement;
+                        } else {
+                            rawPlugins[existingIdx] = PLUGIN_ENTRY_WITH_VERSION;
+                        }
+                        config.plugin = rawPlugins;
                         writeFileSync(paths.opencodeConfig, `${stringify(config, null, 2)}\n`);
                         pass(
-                            `Upgraded plugin entry in ${configName}: ${oldEntry} → ${PLUGIN_ENTRY_WITH_VERSION}`,
+                            `Upgraded plugin entry in ${configName}: ${oldEntryStr} → ${PLUGIN_ENTRY_WITH_VERSION}`,
                         );
                         fixed++;
                     }
                 }
             } else {
-                // Auto-add plugin entry — preserves comments
-                pluginList.push(PLUGIN_ENTRY_WITH_VERSION);
-                config.plugin = pluginList;
+                // Auto-add plugin entry — preserves comments AND every existing
+                // tuple/options entry the user already had.
+                rawPlugins.push(PLUGIN_ENTRY_WITH_VERSION);
+                config.plugin = rawPlugins;
                 writeFileSync(paths.opencodeConfig, `${stringify(config, null, 2)}\n`);
                 pass(`Added plugin to ${configName}`);
                 fixed++;
@@ -784,32 +799,52 @@ export async function runDoctor(
         warn("Restart OpenCode to see the sidebar");
         fixed++;
     } else if (existsSync(paths.tuiConfig)) {
-        // Check for pinned version in tui config
+        // Check for pinned version in tui config. Same tuple/dev-path rules
+        // as the main opencode config — preserve every entry shape on write.
         try {
             const tuiRaw = readFileSync(paths.tuiConfig, "utf-8");
             const tuiConfig = parse(tuiRaw) as Record<string, unknown>;
-            const tuiPlugins = Array.isArray(tuiConfig?.plugin)
-                ? (tuiConfig.plugin as unknown[]).filter((p): p is string => typeof p === "string")
+            const tuiRawPlugins: unknown[] = Array.isArray(tuiConfig?.plugin)
+                ? tuiConfig.plugin
                 : [];
-            const tuiIdx = tuiPlugins.findIndex(
-                (p) => p === PLUGIN_NAME || p.startsWith(`${PLUGIN_NAME}@`),
+            const tuiIdx = tuiRawPlugins.findIndex(
+                (entry) => matchesPluginEntry(entry, PLUGIN_NAME) || isDevPathPluginEntry(entry),
             );
+            const tuiEntryAsString = (entry: unknown): string => {
+                if (typeof entry === "string") return entry;
+                if (Array.isArray(entry) && typeof entry[0] === "string") return entry[0];
+                return "";
+            };
             if (tuiIdx >= 0) {
-                const tuiEntry = tuiPlugins[tuiIdx];
-                const tuiPinned =
-                    tuiEntry !== PLUGIN_NAME &&
-                    tuiEntry !== PLUGIN_ENTRY_WITH_VERSION &&
-                    /^@cortexkit\/opencode-magic-context@\d/.test(tuiEntry);
-                if (tuiPinned && !options.force) {
-                    warn(`TUI plugin pinned to ${tuiEntry} — use 'doctor --force' to upgrade`);
-                } else if (tuiPinned && options.force) {
-                    tuiPlugins[tuiIdx] = PLUGIN_ENTRY_WITH_VERSION;
-                    tuiConfig.plugin = tuiPlugins;
-                    writeFileSync(paths.tuiConfig, `${stringify(tuiConfig, null, 2)}\n`);
-                    pass(`Upgraded TUI plugin: ${tuiEntry} → ${PLUGIN_ENTRY_WITH_VERSION}`);
-                    fixed++;
+                const tuiEntry = tuiRawPlugins[tuiIdx];
+                const tuiEntryStr = tuiEntryAsString(tuiEntry);
+                if (isDevPathPluginEntry(tuiEntry)) {
+                    pass(`TUI sidebar plugin configured (dev path: ${tuiEntryStr})`);
                 } else {
-                    pass("TUI sidebar plugin configured");
+                    const tuiPinned =
+                        tuiEntryStr !== PLUGIN_NAME &&
+                        tuiEntryStr !== PLUGIN_ENTRY_WITH_VERSION &&
+                        /^@cortexkit\/opencode-magic-context@\d/.test(tuiEntryStr);
+                    if (tuiPinned && !options.force) {
+                        warn(
+                            `TUI plugin pinned to ${tuiEntryStr} — use 'doctor --force' to upgrade`,
+                        );
+                    } else if (tuiPinned && options.force) {
+                        // Preserve tuple options when upgrading.
+                        if (Array.isArray(tuiEntry) && tuiEntry.length >= 1) {
+                            const replacement = [...tuiEntry];
+                            replacement[0] = PLUGIN_ENTRY_WITH_VERSION;
+                            tuiRawPlugins[tuiIdx] = replacement;
+                        } else {
+                            tuiRawPlugins[tuiIdx] = PLUGIN_ENTRY_WITH_VERSION;
+                        }
+                        tuiConfig.plugin = tuiRawPlugins;
+                        writeFileSync(paths.tuiConfig, `${stringify(tuiConfig, null, 2)}\n`);
+                        pass(`Upgraded TUI plugin: ${tuiEntryStr} → ${PLUGIN_ENTRY_WITH_VERSION}`);
+                        fixed++;
+                    } else {
+                        pass("TUI sidebar plugin configured");
+                    }
                 }
             } else {
                 pass("TUI sidebar plugin configured");