v0.1.3 — Forced upgrade check + stability

What's New

• Forced upgrade on MAJOR version behind — exit 1, parity with zpl-engine-mcp. Stale clients can't miss a security patch or breaking change.
• Soft warning on MINOR/PATCH behind — visible in stderr, non-blocking.
• 1 h on-disk cache at the OS tmpdir so npm isn't hit every invocation.
• 2.5 s timeout on the npm registry fetch — never blocks CLI startup on slow or unreachable npm.
• ZPL_SKIP_UPDATE_CHECK=1 escape hatch for offline, self-hosted, or CI contexts.
• Network errors are swallowed — best-effort, never a DoS on the user.

Why

Without this, CLI users could sit on stale versions indefinitely and miss security patches that the MCP side would force. This brings the CLI to parity with the MCP's upgrade policy.

Files

• NEW: src/update-check.ts — mirror of MCP's checkLatestVersion logic
• Updated: src/index.ts — async IIFE wraps commander.parseAsync so the version check runs before any command dispatch
• Bumped: package.json 0.1.2 → 0.1.3

Install

npm i -g zpl-engine-cli@latest
# or
npx zpl-engine-cli@latest <command>

No Breaking Changes

Additive only. Existing commands unchanged. The new startup check is best-effort and non-blocking on network failure.