@agent-team-foundation/first-tree-hub 0.11.4 → 0.12.0

package/dist/web/index.html

@@ -16,8 +16,8 @@
         if (t === "dark" || (!t && m)) document.documentElement.classList.add("dark");
       })();
     </script>
-    <script type="module" crossorigin src="/assets/index-k2bWRKc-.js"></script>
-    <link rel="stylesheet" crossorigin href="/assets/index-fNb_M0nL.css">
+    <script type="module" crossorigin src="/assets/index-Dy3jIUX5.js"></script>
+    <link rel="stylesheet" crossorigin href="/assets/index-B_Tf2I6v.css">
   </head>
   <body>
     <div id="root"></div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agent-team-foundation/first-tree-hub",
-  "version": "0.11.4",
+  "version": "0.12.0",
   "type": "module",
   "description": "First Tree Hub — unified CLI for server, client, and agent management",
   "exports": {

package/dist/client-By1K4VVT-DuI6EnSh.mjs

@@ -1,4 +0,0 @@
-import "./dist-ClFs4WMj.mjs";
-import "./errors-BmyRwN0Y-Dad3eV8F.mjs";
-import { y as listMyPinnedAgents } from "./client-CLdRbuml-svTO0Eat.mjs";
-export { listMyPinnedAgents };

package/dist/client-CLdRbuml-svTO0Eat.mjs

@@ -1,524 +0,0 @@
-import { w as clientCapabilitiesSchema } from "./dist-ClFs4WMj.mjs";
-import { a as ConflictError, i as ClientUserMismatchError, l as organizations, n as BadRequestError, s as NotFoundError, u as users } from "./errors-BmyRwN0Y-Dad3eV8F.mjs";
-import { and, eq, inArray, ne, sql } from "drizzle-orm";
-import { index, integer, jsonb, pgTable, text, timestamp, unique } from "drizzle-orm/pg-core";
-//#region ../server/dist/client-CLdRbuml.mjs
-/**
-* Client connections. A client is a single SDK process (AgentRuntime) that may
-* host multiple agents. From the unified-user-token milestone on, a client is
-* owned by a user — Rule R-RUN requires `clients.user_id == jwt.userId` for
-* every `agent:bind` request. `user_id` is nullable only to accommodate legacy
-* rows created before JWT-on-handshake; the WS handshake claims the row on
-* first re-register under an authenticated JWT (see `client:register` M13).
-*
-* A client is also bound to exactly one organization for its lifetime. The
-* `organization_id` column is populated on first registration from the
-* authenticated JWT's org claim and never changes thereafter. Re-registering
-* the same clientId under a JWT for a different org is rejected with
-* `CLIENT_ORG_MISMATCH` — the CLI responds by abandoning the local clientId
-* and registering a new one instead (see docs/multi-tenancy-hardening-design.md).
-*/
-const clients = pgTable("clients", {
-	id: text("id").primaryKey(),
-	userId: text("user_id").references(() => users.id, { onDelete: "set null" }),
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	status: text("status").notNull().default("disconnected"),
-	sdkVersion: text("sdk_version"),
-	hostname: text("hostname"),
-	os: text("os"),
-	instanceId: text("instance_id"),
-	connectedAt: timestamp("connected_at", { withTimezone: true }),
-	lastSeenAt: timestamp("last_seen_at", { withTimezone: true }).notNull().defaultNow(),
-	metadata: jsonb("metadata").$type()
-}, (table) => [index("idx_clients_user").on(table.userId), index("idx_clients_org").on(table.organizationId)]);
-/** Agent registration. Each agent owns a unique inboxId for message delivery. */
-const agents = pgTable("agents", {
-	uuid: text("uuid").primaryKey(),
-	name: text("name"),
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	type: text("type").notNull(),
-	displayName: text("display_name").notNull(),
-	delegateMention: text("delegate_mention"),
-	inboxId: text("inbox_id").unique().notNull(),
-	status: text("status").notNull().default("active"),
-	source: text("source"),
-	visibility: text("visibility").notNull().default("private"),
-	metadata: jsonb("metadata").$type().notNull().default({}),
-	managerId: text("manager_id").notNull(),
-	clientId: text("client_id").references(() => clients.id, { onDelete: "restrict" }),
-	runtimeProvider: text("runtime_provider").notNull().default("claude-code"),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
-	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [
-	index("idx_agents_org").on(table.organizationId),
-	index("idx_agents_manager").on(table.managerId),
-	index("idx_agents_visibility_org").on(table.organizationId, table.visibility),
-	index("idx_agents_client").on(table.clientId),
-	unique("uq_agents_org_name").on(table.organizationId, table.name)
-]);
-/** Organization membership. Links a user to an org with a role and a 1:1 human agent. */
-const members = pgTable("members", {
-	id: text("id").primaryKey(),
-	userId: text("user_id").notNull().references(() => users.id),
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	agentId: text("agent_id").unique().notNull().references(() => agents.uuid),
-	role: text("role").notNull(),
-	status: text("status").notNull().default("active"),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [
-	unique("uq_members_user_org").on(table.userId, table.organizationId),
-	index("idx_members_user").on(table.userId),
-	index("idx_members_org").on(table.organizationId)
-]);
-/** Agent presence and runtime state. Tracked via WebSocket connections; stale entries are cleaned up using server_instances heartbeat. */
-const agentPresence = pgTable("agent_presence", {
-	agentId: text("agent_id").primaryKey().references(() => agents.uuid, { onDelete: "cascade" }),
-	status: text("status").notNull().default("offline"),
-	instanceId: text("instance_id"),
-	connectedAt: timestamp("connected_at", { withTimezone: true }),
-	lastSeenAt: timestamp("last_seen_at", { withTimezone: true }).notNull().defaultNow(),
-	clientId: text("client_id").references(() => clients.id, { onDelete: "set null" }),
-	runtimeType: text("runtime_type"),
-	runtimeVersion: text("runtime_version"),
-	runtimeState: text("runtime_state"),
-	activeSessions: integer("active_sessions"),
-	totalSessions: integer("total_sessions"),
-	runtimeUpdatedAt: timestamp("runtime_updated_at", { withTimezone: true })
-});
-/** Server instance heartbeat. Used to detect crashed instances and clean up associated agent_presence records. */
-const serverInstances = pgTable("server_instances", {
-	instanceId: text("instance_id").primaryKey(),
-	lastHeartbeat: timestamp("last_heartbeat", { withTimezone: true }).notNull().defaultNow()
-});
-/** Common field reset when agent goes offline or is unbound. */
-function runtimeFieldsReset(now) {
-	return {
-		runtimeState: null,
-		activeSessions: null,
-		totalSessions: null,
-		runtimeUpdatedAt: now,
-		lastSeenAt: now
-	};
-}
-async function setOffline(db, agentId) {
-	const now = /* @__PURE__ */ new Date();
-	await db.update(agentPresence).set({
-		status: "offline",
-		instanceId: null,
-		...runtimeFieldsReset(now)
-	}).where(eq(agentPresence.agentId, agentId));
-}
-async function getPresence(db, agentId) {
-	const [row] = await db.select().from(agentPresence).where(eq(agentPresence.agentId, agentId)).limit(1);
-	return row ?? null;
-}
-async function getOnlineCount(db) {
-	const [result] = await db.select({ count: sql`count(*)::int` }).from(agentPresence).where(eq(agentPresence.status, "online"));
-	return result?.count ?? 0;
-}
-async function bindAgent(db, agentId, data) {
-	const now = /* @__PURE__ */ new Date();
-	await db.insert(agentPresence).values({
-		agentId,
-		status: "online",
-		instanceId: data.instanceId,
-		clientId: data.clientId,
-		runtimeType: data.runtimeType,
-		runtimeVersion: data.runtimeVersion ?? null,
-		runtimeState: "idle",
-		connectedAt: now,
-		lastSeenAt: now,
-		runtimeUpdatedAt: now
-	}).onConflictDoUpdate({
-		target: agentPresence.agentId,
-		set: {
-			status: "online",
-			instanceId: data.instanceId,
-			clientId: data.clientId,
-			runtimeType: data.runtimeType,
-			runtimeVersion: data.runtimeVersion ?? null,
-			runtimeState: "idle",
-			activeSessions: null,
-			totalSessions: null,
-			connectedAt: now,
-			lastSeenAt: now,
-			runtimeUpdatedAt: now
-		}
-	});
-}
-async function unbindAgent(db, agentId) {
-	const now = /* @__PURE__ */ new Date();
-	await db.update(agentPresence).set({
-		status: "offline",
-		clientId: null,
-		...runtimeFieldsReset(now)
-	}).where(eq(agentPresence.agentId, agentId));
-}
-/** Set runtime state directly from client-reported value.
-*
-* When an org-scoped notifier is provided, emit a PG NOTIFY on the
-* `runtime_state_changes` channel so the pulse aggregator (and any future
-* admin-side consumers) can observe the transition. Fire-and-forget to match
-* notifier semantics elsewhere in this module. */
-async function setRuntimeState(db, agentId, runtimeState, options) {
-	const now = /* @__PURE__ */ new Date();
-	await db.update(agentPresence).set({
-		runtimeState,
-		runtimeUpdatedAt: now,
-		lastSeenAt: now
-	}).where(eq(agentPresence.agentId, agentId));
-	if (options?.notifier && options.organizationId) options.notifier.notifyRuntimeStateChange(agentId, runtimeState, options.organizationId).catch(() => {});
-}
-/** Touch agent last_seen_at on heartbeat (per-agent liveness). */
-async function touchAgent(db, agentId) {
-	await db.update(agentPresence).set({ lastSeenAt: /* @__PURE__ */ new Date() }).where(eq(agentPresence.agentId, agentId));
-}
-async function heartbeatInstance(db, instanceId) {
-	await db.insert(serverInstances).values({
-		instanceId,
-		lastHeartbeat: /* @__PURE__ */ new Date()
-	}).onConflictDoUpdate({
-		target: serverInstances.instanceId,
-		set: { lastHeartbeat: /* @__PURE__ */ new Date() }
-	});
-}
-/**
-* M1: Mark agents as offline whose last_seen_at is older than staleSeconds.
-* Unlike cleanupStalePresence (which checks instance liveness), this checks
-* per-agent heartbeat liveness — detecting agents that stopped heartbeating
-* while the client process may still be alive.
-*
-* Returns the list of agent IDs that were marked stale (for notification in Step 6).
-*/
-async function markStaleAgents(db, staleSeconds = 60) {
-	return (await db.execute(sql`
-    UPDATE agent_presence SET
-      status = 'offline',
-      client_id = NULL,
-      runtime_state = NULL,
-      active_sessions = NULL,
-      total_sessions = NULL,
-      runtime_updated_at = NOW()
-    WHERE status = 'online'
-    AND last_seen_at < NOW() - make_interval(secs => ${staleSeconds})
-    RETURNING agent_id
-  `)).map((r) => r.agent_id);
-}
-async function cleanupStalePresence(db, staleSeconds = 60) {
-	return (await db.execute(sql`
-    UPDATE agent_presence SET status = 'offline', instance_id = NULL,
-      runtime_state = NULL,
-      active_sessions = NULL, total_sessions = NULL,
-      runtime_updated_at = NOW()
-    WHERE instance_id IN (
-      SELECT instance_id FROM server_instances
-      WHERE last_heartbeat < NOW() - make_interval(secs => ${staleSeconds})
-    )
-    AND status = 'online'
-    RETURNING agent_id
-  `)).length;
-}
-/**
-* Assert the caller can act on this client. Throws 404 for both "not found"
-* and "not yours" to prevent UUID enumeration. The client is owned by exactly
-* one user; cross-user admin access is no longer supported by this code path
-* (see decouple-client-from-identity-design §4.10.5 option A). Cross-user
-* ownership transfer goes through `claimClient` in PR-B.
-*/
-async function assertClientOwner(db, clientId, scope) {
-	const [row] = await db.select({
-		id: clients.id,
-		userId: clients.userId
-	}).from(clients).where(eq(clients.id, clientId)).limit(1);
-	if (!row || row.userId !== scope.userId) throw new NotFoundError(`Client "${clientId}" not found`);
-}
-/**
-* Upsert the clients row for a given `client_id` under an authenticated user.
-*
-* Claim semantics (decouple-client-from-identity §4.1.1):
-*   - New client_id → INSERT with the authenticated user_id. `organization_id`
-*     is written as a placeholder (NOT NULL legacy column; no longer consumed
-*     by any read path) sourced from the caller-supplied JWT default org.
-*   - Existing row with the same user_id → refresh runtime columns.
-*     `organization_id` is **not** updated on conflict, so the placeholder set
-*     at first insert sticks for the row's lifetime.
-*   - Existing row with a different user_id → raises
-*     {@link ClientUserMismatchError} (WS close 4403). The CLI guides the
-*     operator through `first-tree-hub client claim --confirm` to take
-*     ownership, which unpins the previous owner's agents from the machine.
-*/
-async function registerClient(db, data) {
-	const now = /* @__PURE__ */ new Date();
-	const [existing] = await db.select({
-		id: clients.id,
-		userId: clients.userId
-	}).from(clients).where(eq(clients.id, data.clientId)).limit(1);
-	if (existing?.userId && existing.userId !== data.userId) throw new ClientUserMismatchError(`Client "${data.clientId}" is owned by a different user. Run \`first-tree-hub client claim --confirm\` to transfer ownership.`);
-	await db.insert(clients).values({
-		id: data.clientId,
-		userId: data.userId,
-		organizationId: data.organizationId,
-		status: "connected",
-		instanceId: data.instanceId,
-		hostname: data.hostname ?? null,
-		os: data.os ?? null,
-		sdkVersion: data.sdkVersion ?? null,
-		connectedAt: now,
-		lastSeenAt: now
-	}).onConflictDoUpdate({
-		target: clients.id,
-		set: {
-			userId: data.userId,
-			status: "connected",
-			instanceId: data.instanceId,
-			hostname: data.hostname ?? null,
-			os: data.os ?? null,
-			sdkVersion: data.sdkVersion ?? null,
-			connectedAt: now,
-			lastSeenAt: now
-		}
-	});
-}
-/**
-* Transfer ownership of a client row to a new user, unpinning any agents
-* whose manager belonged to the previous owner. Atomic: caller is guaranteed
-* either a fully-applied ownership flip + bulk unpin, or no change. Idempotent
-* when `newUserId` already owns the row.
-*
-* Manager → user resolution goes through the members JOIN (the agents table
-* carries only `manager_id`); cross-org agents under the same previous owner
-* are unpinned together (decouple-client-from-identity §4.4).
-*
-* Caller is responsible for the caller-side authorization (the new owner must
-* be the authenticated request's user). The structured log
-* `event: client.owner_transfer` is emitted by the caller after the
-* transaction commits, using the returned `previousUserId` /
-* `unpinnedAgentIds`.
-*/
-async function claimClient(db, clientId, newUserId) {
-	return db.transaction(async (tx) => {
-		const [locked] = await tx.execute(sql`SELECT id, user_id FROM clients WHERE id = ${clientId} FOR UPDATE`);
-		if (!locked) throw new NotFoundError(`Client "${clientId}" not found`);
-		const previousUserId = locked.user_id;
-		if (previousUserId === newUserId) return {
-			previousUserId,
-			unpinnedAgentIds: []
-		};
-		let unpinnedAgentIds = [];
-		if (previousUserId !== null) {
-			unpinnedAgentIds = (await tx.select({ uuid: agents.uuid }).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(agents.clientId, clientId), eq(members.userId, previousUserId)))).map((r) => r.uuid);
-			if (unpinnedAgentIds.length > 0) {
-				const now = /* @__PURE__ */ new Date();
-				await tx.update(agents).set({
-					clientId: null,
-					updatedAt: now
-				}).where(inArray(agents.uuid, unpinnedAgentIds));
-				await tx.update(agentPresence).set({
-					status: "offline",
-					clientId: null,
-					...runtimeFieldsReset(now)
-				}).where(inArray(agentPresence.agentId, unpinnedAgentIds));
-			}
-		}
-		await tx.update(clients).set({ userId: newUserId }).where(eq(clients.id, clientId));
-		return {
-			previousUserId,
-			unpinnedAgentIds
-		};
-	});
-}
-async function disconnectClient(db, clientId) {
-	const now = /* @__PURE__ */ new Date();
-	await db.update(agentPresence).set({
-		status: "offline",
-		clientId: null,
-		...runtimeFieldsReset(now)
-	}).where(eq(agentPresence.clientId, clientId));
-	await db.update(clients).set({
-		status: "disconnected",
-		lastSeenAt: now
-	}).where(eq(clients.id, clientId));
-}
-async function heartbeatClient(db, clientId) {
-	await db.update(clients).set({ lastSeenAt: /* @__PURE__ */ new Date() }).where(eq(clients.id, clientId));
-}
-async function getClient(db, clientId) {
-	const [row] = await db.select().from(clients).where(eq(clients.id, clientId)).limit(1);
-	return row ?? null;
-}
-/**
-* List the active agents currently pinned to a client. Used by the WS
-* registration handshake to backfill `agent:pinned` notifications missed while
-* the client was offline — without it, an admin who pinned an agent during a
-* client outage would still need a manual `first-tree-hub agent add`.
-*
-* Excludes soft-deleted agents (status = "deleted"). Human agents are
-* naturally excluded by the `clientId` filter — they never carry a clientId.
-*/
-async function listActiveAgentsPinnedToClient(db, clientId) {
-	return db.select({
-		uuid: agents.uuid,
-		name: agents.name,
-		displayName: agents.displayName,
-		type: agents.type,
-		runtimeProvider: agents.runtimeProvider
-	}).from(agents).where(and(eq(agents.clientId, clientId), ne(agents.status, "deleted")));
-}
-/**
-* Member-scoped: every active agent pinned to a client owned by this user.
-* Used by client startup to reconcile its local YAML against the authoritative
-* `agents.runtime_provider`. Cross-org by design — a client is owned by a
-* user, not an org (decouple-client-from-identity §4.1).
-*/
-async function listMyPinnedAgents(db, scope) {
-	return (await db.select({
-		agentId: agents.uuid,
-		clientId: agents.clientId,
-		runtimeProvider: agents.runtimeProvider
-	}).from(agents).innerJoin(clients, eq(agents.clientId, clients.id)).where(and(eq(clients.userId, scope.userId), ne(agents.status, "deleted")))).filter((r) => r.clientId !== null).map((r) => ({
-		agentId: r.agentId,
-		clientId: r.clientId,
-		runtimeProvider: r.runtimeProvider
-	}));
-}
-/**
-* Replace this client's capabilities snapshot. Capabilities live under
-* `clients.metadata.capabilities` (Option C — no dedicated column); other
-* `metadata` subkeys are preserved on merge.
-*
-* Caller is expected to have already passed `assertClientOwner`.
-*/
-async function updateClientCapabilities(db, clientId, capabilities) {
-	const parsed = clientCapabilitiesSchema.safeParse(capabilities);
-	if (!parsed.success) throw new BadRequestError(`Invalid capabilities payload: ${parsed.error.message}`);
-	const [client] = await db.select({ metadata: clients.metadata }).from(clients).where(eq(clients.id, clientId)).limit(1);
-	if (!client) throw new NotFoundError(`Client "${clientId}" not found`);
-	const merged = {
-		...client.metadata ?? {},
-		capabilities: parsed.data
-	};
-	await db.update(clients).set({ metadata: merged }).where(eq(clients.id, clientId));
-}
-/**
-* Scope-aware client listing. Returns the caller's own clients (cross-org —
-* a client is owned by a user, not an org). The admin route adds a separate
-* `?organizationId=` cross-user view via {@link listClientsForOrgAdmin}.
-*/
-async function listClients(db, scope) {
-	return attachAgentCounts(db, await db.select().from(clients).where(eq(clients.userId, scope.userId)));
-}
-/**
-* Admin-only cross-user listing: every client owned by an active member of
-* `orgId`. Joining `clients → members.user_id` instead of `clients.organization_id`
-* keeps the read path consistent with the rule that connection has no
-* runtime relationship to organization (decouple-client-from-identity §A).
-*
-* The caller must verify admin role realtime via `requireMemberInOrg` before
-* invoking this function — the service does not re-check, so it is
-* unsafe to expose without that gate.
-*/
-async function listClientsForOrgAdmin(db, orgId) {
-	return attachAgentCounts(db, await db.select({
-		id: clients.id,
-		userId: clients.userId,
-		organizationId: clients.organizationId,
-		status: clients.status,
-		sdkVersion: clients.sdkVersion,
-		hostname: clients.hostname,
-		os: clients.os,
-		instanceId: clients.instanceId,
-		connectedAt: clients.connectedAt,
-		lastSeenAt: clients.lastSeenAt,
-		metadata: clients.metadata
-	}).from(clients).innerJoin(members, eq(members.userId, clients.userId)).where(and(eq(members.organizationId, orgId), eq(members.status, "active"))));
-}
-/**
-* Infer whether the client's locally-cached refresh token can plausibly
-* still mint access tokens. Used by the Web admin dashboard to render an
-* "AUTH EXPIRED" pill on rows whose offline duration has exceeded the
-* server's configured refresh-token TTL.
-*
-* Uses `lastSeenAt` (not `connectedAt`) because a healthy long-lived
-* client slides the refresh token continuously, so the absolute connect
-* time is no proxy for liveness. `lastSeenAt` is updated on register,
-* heartbeat, and the final disconnect — it lower-bounds the issue time
-* of the refresh token the client most likely still holds.
-*
-* Pure function, no DB access; the column-less design means there's no
-* server-side revocation path yet — every "expired" decision is purely
-* time-based. If we ever want admin-driven revocation, add a column
-* back and OR its value into this function.
-*/
-function deriveAuthState(row, refreshTokenExpirySeconds) {
-	if (row.status === "disconnected") {
-		if (Date.now() - row.lastSeenAt.getTime() > refreshTokenExpirySeconds * 1e3) return "expired";
-	}
-	return "ok";
-}
-async function attachAgentCounts(db, rows) {
-	const counts = await db.select({
-		clientId: agents.clientId,
-		count: sql`count(*)::int`
-	}).from(agents).where(and(sql`${agents.clientId} IS NOT NULL`, ne(agents.status, "deleted"))).groupBy(agents.clientId);
-	const countMap = new Map(counts.map((c) => [c.clientId, c.count]));
-	return rows.map((row) => ({
-		...row,
-		agentCount: countMap.get(row.id) ?? 0
-	}));
-}
-/**
-* Retire a client row. Refuses while any non-deleted agent is still pinned to
-* it — per proposal M12, the operator must delete the agents first
-* (no reassign in this milestone). Throws {@link ConflictError} with the
-* pinned agent list so the UI can show the exact names.
-*
-* Runs in a single transaction with `SELECT … FOR UPDATE` on the client row
-* so a concurrent `createAgent(clientId=X)` cannot land between the pinned
-* check and the DELETE — otherwise the agents.client_id RESTRICT FK would
-* surface as a raw PG 23503 instead of the ConflictError the caller expects.
-*/
-async function retireClient(db, clientId) {
-	await db.transaction(async (tx) => {
-		const [locked] = await tx.execute(sql`SELECT id FROM clients WHERE id = ${clientId} FOR UPDATE`);
-		if (!locked) throw new NotFoundError(`Client "${clientId}" not found`);
-		const pinned = await tx.select({
-			uuid: agents.uuid,
-			name: agents.name
-		}).from(agents).where(and(eq(agents.clientId, clientId), ne(agents.status, "deleted")));
-		if (pinned.length > 0) {
-			const names = pinned.map((a) => a.name ?? a.uuid).join(", ");
-			throw new ConflictError(`Cannot retire client "${clientId}" — ${pinned.length} agent(s) still pinned (${names}). Delete the pinned agents first (no reassign is available in this milestone).`);
-		}
-		await tx.update(agents).set({ clientId: null }).where(and(eq(agents.clientId, clientId), eq(agents.status, "deleted")));
-		await tx.delete(clients).where(eq(clients.id, clientId));
-	});
-}
-/**
-* System-scope sweep: mark clients as disconnected when their last-seen
-* server instance stopped sending heartbeats. Runs globally across all orgs
-* by design — it is invoked only by internal timers, never from a
-* user-scoped request, so the per-org filter the read paths enforce does not
-* apply. Org isolation on the data these clients belong to is still
-* enforced at the read paths (see `assertClientOwner` / `listClients`).
-*/
-async function cleanupStaleClients(db, staleSeconds = 60) {
-	const result = await db.execute(sql`
-    UPDATE clients SET status = 'disconnected'
-    WHERE instance_id IN (
-      SELECT instance_id FROM server_instances
-      WHERE last_heartbeat < NOW() - make_interval(secs => ${staleSeconds})
-    )
-    AND status = 'connected'
-    RETURNING id
-  `);
-	if (result.length > 0) {
-		const staleIds = result.map((r) => r.id);
-		await db.update(agentPresence).set({
-			status: "offline",
-			...runtimeFieldsReset(/* @__PURE__ */ new Date())
-		}).where(inArray(agentPresence.clientId, staleIds));
-	}
-	return result.length;
-}
-//#endregion
-export { retireClient as C, touchAgent as D, setRuntimeState as E, unbindAgent as O, registerClient as S, setOffline as T, listClients as _, claimClient as a, markStaleAgents as b, clients as c, getClient as d, getOnlineCount as f, listActiveAgentsPinnedToClient as g, heartbeatInstance as h, bindAgent as i, updateClientCapabilities as k, deriveAuthState as l, heartbeatClient as m, agents as n, cleanupStaleClients as o, getPresence as p, assertClientOwner as r, cleanupStalePresence as s, agentPresence as t, disconnectClient as u, listClientsForOrgAdmin as v, serverInstances as w, members as x, listMyPinnedAgents as y };

package/dist/invitation-DWlyNb8x-BvXubk24.mjs

@@ -1,4 +0,0 @@
-import "./dist-ClFs4WMj.mjs";
-import "./errors-BmyRwN0Y-Dad3eV8F.mjs";
-import { s as previewInvitation } from "./invitation-Dnn5gGGX-DXryyvRG.mjs";
-export { previewInvitation };