npm - @agenticmail/enterprise - Versions diffs - 0.2.1 - Mend

@agenticmail/enterprise 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (69) hide show

package/ARCHITECTURE.md +183 -0
package/agenticmail-enterprise.db +0 -0
package/dashboards/README.md +120 -0
package/dashboards/dotnet/Program.cs +261 -0
package/dashboards/express/app.js +146 -0
package/dashboards/go/main.go +513 -0
package/dashboards/html/index.html +535 -0
package/dashboards/java/AgenticMailDashboard.java +376 -0
package/dashboards/php/index.php +414 -0
package/dashboards/python/app.py +273 -0
package/dashboards/ruby/app.rb +195 -0
package/dist/chunk-77IDQJL3.js +7 -0
package/dist/chunk-7RGCCHIT.js +115 -0
package/dist/chunk-DXNKR3TG.js +1355 -0
package/dist/chunk-IQWA44WT.js +970 -0
package/dist/chunk-LCUZGIDH.js +965 -0
package/dist/chunk-N2JVTNNJ.js +2553 -0
package/dist/chunk-O462UJBH.js +363 -0
package/dist/chunk-PNKVD2UK.js +26 -0
package/dist/cli.js +218 -0
package/dist/dashboard/index.html +558 -0
package/dist/db-adapter-DEWEFNIV.js +7 -0
package/dist/dynamodb-CCGL2E77.js +426 -0
package/dist/engine/index.js +1261 -0
package/dist/index.js +522 -0
package/dist/mongodb-ODTXIVPV.js +319 -0
package/dist/mysql-RM3S2FV5.js +521 -0
package/dist/postgres-LN7A6MGQ.js +518 -0
package/dist/routes-2JEPIIKC.js +441 -0
package/dist/routes-74ZLKJKP.js +399 -0
package/dist/server.js +7 -0
package/dist/sqlite-3K5YOZ4K.js +439 -0
package/dist/turso-LDWODSDI.js +442 -0
package/package.json +49 -0
package/src/admin/routes.ts +331 -0
package/src/auth/routes.ts +130 -0
package/src/cli.ts +260 -0
package/src/dashboard/index.html +558 -0
package/src/db/adapter.ts +230 -0
package/src/db/dynamodb.ts +456 -0
package/src/db/factory.ts +51 -0
package/src/db/mongodb.ts +360 -0
package/src/db/mysql.ts +472 -0
package/src/db/postgres.ts +479 -0
package/src/db/sql-schema.ts +123 -0
package/src/db/sqlite.ts +391 -0
package/src/db/turso.ts +411 -0
package/src/deploy/fly.ts +368 -0
package/src/deploy/managed.ts +213 -0
package/src/engine/activity.ts +474 -0
package/src/engine/agent-config.ts +429 -0
package/src/engine/agenticmail-bridge.ts +296 -0
package/src/engine/approvals.ts +278 -0
package/src/engine/db-adapter.ts +682 -0
package/src/engine/db-schema.ts +335 -0
package/src/engine/deployer.ts +595 -0
package/src/engine/index.ts +134 -0
package/src/engine/knowledge.ts +486 -0
package/src/engine/lifecycle.ts +635 -0
package/src/engine/openclaw-hook.ts +371 -0
package/src/engine/routes.ts +528 -0
package/src/engine/skills.ts +473 -0
package/src/engine/tenant.ts +345 -0
package/src/engine/tool-catalog.ts +189 -0
package/src/index.ts +64 -0
package/src/lib/resilience.ts +326 -0
package/src/middleware/index.ts +286 -0
package/src/server.ts +310 -0
package/tsconfig.json +14 -0

package/dist/chunk-IQWA44WT.js ADDED Viewed

@@ -0,0 +1,970 @@
+// src/engine/db-schema.ts
+var ENGINE_TABLES = `
+-- Managed agents (the deployed AI employees)
+CREATE TABLE IF NOT EXISTS managed_agents (
+  id TEXT PRIMARY KEY,
+  org_id TEXT NOT NULL,
+  name TEXT NOT NULL,
+  display_name TEXT NOT NULL,
+  state TEXT NOT NULL DEFAULT 'draft',
+  config JSON NOT NULL,
+  health JSON NOT NULL DEFAULT '{}',
+  usage JSON NOT NULL DEFAULT '{}',
+  permission_profile_id TEXT,
+  version INTEGER NOT NULL DEFAULT 1,
+  last_deployed_at TEXT,
+  last_health_check_at TEXT,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_managed_agents_org ON managed_agents(org_id);
+CREATE INDEX IF NOT EXISTS idx_managed_agents_state ON managed_agents(state);
+-- State transition history
+CREATE TABLE IF NOT EXISTS agent_state_history (
+  id TEXT PRIMARY KEY,
+  agent_id TEXT NOT NULL,
+  from_state TEXT NOT NULL,
+  to_state TEXT NOT NULL,
+  reason TEXT NOT NULL,
+  triggered_by TEXT NOT NULL,
+  error TEXT,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  FOREIGN KEY (agent_id) REFERENCES managed_agents(id) ON DELETE CASCADE
+);
+CREATE INDEX IF NOT EXISTS idx_state_history_agent ON agent_state_history(agent_id);
+CREATE INDEX IF NOT EXISTS idx_state_history_time ON agent_state_history(created_at);
+-- Permission profiles
+CREATE TABLE IF NOT EXISTS permission_profiles (
+  id TEXT PRIMARY KEY,
+  org_id TEXT NOT NULL,
+  name TEXT NOT NULL,
+  description TEXT,
+  config JSON NOT NULL,
+  is_preset INTEGER NOT NULL DEFAULT 0,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_permission_profiles_org ON permission_profiles(org_id);
+-- Organizations (tenants)
+CREATE TABLE IF NOT EXISTS organizations (
+  id TEXT PRIMARY KEY,
+  name TEXT NOT NULL,
+  slug TEXT NOT NULL UNIQUE,
+  plan TEXT NOT NULL DEFAULT 'free',
+  limits JSON NOT NULL DEFAULT '{}',
+  usage JSON NOT NULL DEFAULT '{}',
+  settings JSON NOT NULL DEFAULT '{}',
+  sso_config JSON,
+  allowed_domains JSON NOT NULL DEFAULT '[]',
+  billing JSON,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE UNIQUE INDEX IF NOT EXISTS idx_organizations_slug ON organizations(slug);
+-- Knowledge bases
+CREATE TABLE IF NOT EXISTS knowledge_bases (
+  id TEXT PRIMARY KEY,
+  org_id TEXT NOT NULL,
+  name TEXT NOT NULL,
+  description TEXT,
+  agent_ids JSON NOT NULL DEFAULT '[]',
+  config JSON NOT NULL DEFAULT '{}',
+  stats JSON NOT NULL DEFAULT '{}',
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_knowledge_bases_org ON knowledge_bases(org_id);
+-- Knowledge base documents
+CREATE TABLE IF NOT EXISTS kb_documents (
+  id TEXT PRIMARY KEY,
+  knowledge_base_id TEXT NOT NULL,
+  name TEXT NOT NULL,
+  source_type TEXT NOT NULL,
+  source_url TEXT,
+  mime_type TEXT NOT NULL DEFAULT 'text/plain',
+  size INTEGER NOT NULL DEFAULT 0,
+  metadata JSON NOT NULL DEFAULT '{}',
+  status TEXT NOT NULL DEFAULT 'processing',
+  error TEXT,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+  FOREIGN KEY (knowledge_base_id) REFERENCES knowledge_bases(id) ON DELETE CASCADE
+);
+CREATE INDEX IF NOT EXISTS idx_kb_documents_kb ON kb_documents(knowledge_base_id);
+-- Knowledge base chunks (for RAG)
+CREATE TABLE IF NOT EXISTS kb_chunks (
+  id TEXT PRIMARY KEY,
+  document_id TEXT NOT NULL,
+  content TEXT NOT NULL,
+  token_count INTEGER NOT NULL DEFAULT 0,
+  position INTEGER NOT NULL DEFAULT 0,
+  embedding BLOB,
+  metadata JSON NOT NULL DEFAULT '{}',
+  FOREIGN KEY (document_id) REFERENCES kb_documents(id) ON DELETE CASCADE
+);
+CREATE INDEX IF NOT EXISTS idx_kb_chunks_doc ON kb_chunks(document_id);
+-- Tool call records (activity tracking)
+CREATE TABLE IF NOT EXISTS tool_calls (
+  id TEXT PRIMARY KEY,
+  agent_id TEXT NOT NULL,
+  org_id TEXT NOT NULL,
+  session_id TEXT,
+  tool_id TEXT NOT NULL,
+  tool_name TEXT NOT NULL,
+  parameters JSON,
+  result JSON,
+  timing JSON NOT NULL,
+  cost JSON,
+  permission JSON NOT NULL,
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_tool_calls_agent ON tool_calls(agent_id);
+CREATE INDEX IF NOT EXISTS idx_tool_calls_org ON tool_calls(org_id);
+CREATE INDEX IF NOT EXISTS idx_tool_calls_time ON tool_calls(created_at);
+CREATE INDEX IF NOT EXISTS idx_tool_calls_tool ON tool_calls(tool_id);
+-- Activity events (real-time stream)
+CREATE TABLE IF NOT EXISTS activity_events (
+  id TEXT PRIMARY KEY,
+  agent_id TEXT NOT NULL,
+  org_id TEXT NOT NULL,
+  session_id TEXT,
+  type TEXT NOT NULL,
+  data JSON NOT NULL DEFAULT '{}',
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_activity_agent ON activity_events(agent_id);
+CREATE INDEX IF NOT EXISTS idx_activity_org ON activity_events(org_id);
+CREATE INDEX IF NOT EXISTS idx_activity_type ON activity_events(type);
+CREATE INDEX IF NOT EXISTS idx_activity_time ON activity_events(created_at);
+-- Conversation entries
+CREATE TABLE IF NOT EXISTS conversations (
+  id TEXT PRIMARY KEY,
+  agent_id TEXT NOT NULL,
+  session_id TEXT NOT NULL,
+  role TEXT NOT NULL,
+  content TEXT NOT NULL,
+  channel TEXT,
+  token_count INTEGER NOT NULL DEFAULT 0,
+  tool_calls JSON,
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_conversations_agent ON conversations(agent_id);
+CREATE INDEX IF NOT EXISTS idx_conversations_session ON conversations(session_id);
+-- Approval requests
+CREATE TABLE IF NOT EXISTS approval_requests (
+  id TEXT PRIMARY KEY,
+  agent_id TEXT NOT NULL,
+  agent_name TEXT NOT NULL,
+  org_id TEXT NOT NULL,
+  tool_id TEXT NOT NULL,
+  tool_name TEXT NOT NULL,
+  reason TEXT NOT NULL,
+  risk_level TEXT NOT NULL,
+  side_effects JSON NOT NULL DEFAULT '[]',
+  parameters JSON,
+  context TEXT,
+  status TEXT NOT NULL DEFAULT 'pending',
+  decision JSON,
+  expires_at TEXT NOT NULL,
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_approvals_org ON approval_requests(org_id);
+CREATE INDEX IF NOT EXISTS idx_approvals_status ON approval_requests(status);
+CREATE INDEX IF NOT EXISTS idx_approvals_agent ON approval_requests(agent_id);
+-- Approval policies
+CREATE TABLE IF NOT EXISTS approval_policies (
+  id TEXT PRIMARY KEY,
+  org_id TEXT NOT NULL,
+  name TEXT NOT NULL,
+  description TEXT,
+  triggers JSON NOT NULL,
+  approvers JSON NOT NULL,
+  timeout JSON NOT NULL,
+  notify JSON NOT NULL DEFAULT '{}',
+  enabled INTEGER NOT NULL DEFAULT 1,
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_approval_policies_org ON approval_policies(org_id);
+`;
+var ENGINE_TABLES_POSTGRES = ENGINE_TABLES.replace(/JSON/g, "JSONB").replace(/INTEGER NOT NULL DEFAULT 0/g, "INTEGER NOT NULL DEFAULT 0").replace(/datetime\('now'\)/g, "NOW()").replace(/INTEGER NOT NULL DEFAULT 1/g, "BOOLEAN NOT NULL DEFAULT TRUE").replace(/is_preset INTEGER NOT NULL DEFAULT 0/g, "is_preset BOOLEAN NOT NULL DEFAULT FALSE");
+var MIGRATIONS_TABLE = `
+CREATE TABLE IF NOT EXISTS engine_migrations (
+  version INTEGER PRIMARY KEY,
+  name TEXT NOT NULL,
+  applied_at TEXT NOT NULL DEFAULT (datetime('now'))
+);
+`;
+var MIGRATIONS_TABLE_POSTGRES = MIGRATIONS_TABLE.replace(/datetime\('now'\)/g, "NOW()");
+var MIGRATIONS = [
+  {
+    version: 1,
+    name: "initial_schema",
+    sql: ENGINE_TABLES,
+    postgres: ENGINE_TABLES_POSTGRES
+  }
+  // ── Example future migration ──
+  // {
+  //   version: 2,
+  //   name: 'add_agent_tags',
+  //   sql: `
+  //     CREATE TABLE IF NOT EXISTS agent_tags (
+  //       agent_id TEXT NOT NULL,
+  //       tag TEXT NOT NULL,
+  //       PRIMARY KEY (agent_id, tag),
+  //       FOREIGN KEY (agent_id) REFERENCES managed_agents(id) ON DELETE CASCADE
+  //     );
+  //     CREATE INDEX IF NOT EXISTS idx_agent_tags_tag ON agent_tags(tag);
+  //   `,
+  //   nosql: async (db, dialect) => {
+  //     if (dialect === 'mongodb') {
+  //       // MongoDB: add tags field to managed_agents collection
+  //       await db.collection('managed_agents').updateMany(
+  //         { tags: { $exists: false } },
+  //         { $set: { tags: [] } }
+  //       );
+  //     }
+  //   },
+  // },
+];
+function sqliteToPostgres(sql) {
+  return sql.replace(/JSON/g, "JSONB").replace(/datetime\('now'\)/g, "NOW()").replace(/INTEGER NOT NULL DEFAULT 1(?!\d)/g, "BOOLEAN NOT NULL DEFAULT TRUE").replace(/INTEGER NOT NULL DEFAULT 0(?!\d)/g, "INTEGER NOT NULL DEFAULT 0");
+}
+function sqliteToMySQL(sql) {
+  return sql.replace(/TEXT PRIMARY KEY/g, "VARCHAR(255) PRIMARY KEY").replace(/TEXT NOT NULL UNIQUE/g, "VARCHAR(255) NOT NULL UNIQUE").replace(/TEXT NOT NULL DEFAULT/g, "VARCHAR(255) NOT NULL DEFAULT").replace(/BLOB/g, "LONGBLOB").replace(/datetime\('now'\)/g, "NOW()").replace(/INTEGER NOT NULL DEFAULT 1/g, "TINYINT(1) NOT NULL DEFAULT 1").replace(/ON CONFLICT\(.*?\) DO UPDATE SET/g, "ON DUPLICATE KEY UPDATE");
+}
+// src/engine/db-adapter.ts
+var EngineDatabase = class {
+  db;
+  dialect;
+  /** Raw driver handle for NoSQL migrations (MongoClient db, DynamoDB client, etc.) */
+  rawDriver;
+  constructor(db, dialect = "sqlite", rawDriver) {
+    this.db = db;
+    this.dialect = dialect;
+    this.rawDriver = rawDriver;
+  }
+  // ─── Migration System ─────────────────────────────────
+  /**
+   * Run all pending migrations in order.
+   * Creates the migration tracking table first, then applies any unapplied migrations.
+   */
+  async migrate() {
+    const trackingDDL = this.dialect === "postgres" ? MIGRATIONS_TABLE_POSTGRES : MIGRATIONS_TABLE;
+    for (const stmt of this.splitStatements(trackingDDL)) {
+      await this.db.run(stmt);
+    }
+    const applied = await this.db.all("SELECT version FROM engine_migrations ORDER BY version");
+    const appliedSet = new Set(applied.map((r) => r.version));
+    let count = 0;
+    for (const migration of MIGRATIONS) {
+      if (appliedSet.has(migration.version)) continue;
+      if ((this.dialect === "mongodb" || this.dialect === "dynamodb") && migration.nosql) {
+        await migration.nosql(this.rawDriver, this.dialect);
+      } else {
+        const sql = this.getSqlForDialect(migration);
+        if (sql) {
+          for (const stmt of this.splitStatements(sql)) {
+            await this.db.run(stmt);
+          }
+        }
+      }
+      await this.db.run(
+        "INSERT INTO engine_migrations (version, name) VALUES (?, ?)",
+        [migration.version, migration.name]
+      );
+      count++;
+    }
+    return { applied: count, total: MIGRATIONS.length };
+  }
+  /**
+   * Register and create a dynamic table at runtime.
+   * Used by plugins, skills, or engine extensions that need their own storage.
+   * Table name is auto-prefixed with `ext_` to avoid collisions with core tables.
+   */
+  async createDynamicTable(def) {
+    const prefixedName = def.name.startsWith("ext_") ? def.name : `ext_${def.name}`;
+    if (this.dialect === "mongodb" && def.mongoSetup) {
+      await def.mongoSetup(this.rawDriver);
+      return;
+    }
+    if (this.dialect === "dynamodb" && def.dynamoSetup) {
+      await def.dynamoSetup(this.rawDriver);
+      return;
+    }
+    let ddl;
+    if (this.dialect === "postgres" && def.postgres) {
+      ddl = def.postgres;
+    } else if (this.dialect === "mysql" && def.mysql) {
+      ddl = def.mysql;
+    } else if (this.dialect === "postgres") {
+      ddl = sqliteToPostgres(def.sql);
+    } else if (this.dialect === "mysql") {
+      ddl = sqliteToMySQL(def.sql);
+    } else {
+      ddl = def.sql;
+    }
+    ddl = ddl.replace(new RegExp(`\\b${def.name}\\b`, "g"), prefixedName);
+    for (const stmt of this.splitStatements(ddl)) {
+      await this.db.run(stmt);
+    }
+    if (def.indexes) {
+      for (const idx of def.indexes) {
+        const prefixedIdx = idx.replace(new RegExp(`\\b${def.name}\\b`, "g"), prefixedName);
+        await this.db.run(prefixedIdx);
+      }
+    }
+  }
+  /**
+   * Run arbitrary SQL — for custom queries on dynamic tables.
+   * Returns rows for SELECT, void for mutations.
+   */
+  async query(sql, params) {
+    return this.db.all(sql, params);
+  }
+  async execute(sql, params) {
+    return this.db.run(sql, params);
+  }
+  /**
+   * List all dynamic (ext_*) tables currently in the database.
+   */
+  async listDynamicTables() {
+    if (this.dialect === "postgres") {
+      const rows = await this.db.all(
+        "SELECT tablename FROM pg_tables WHERE schemaname = 'public' AND tablename LIKE 'ext_%'"
+      );
+      return rows.map((r) => r.tablename);
+    } else if (this.dialect === "mysql") {
+      const rows = await this.db.all(
+        "SELECT table_name FROM information_schema.tables WHERE table_schema = DATABASE() AND table_name LIKE 'ext_%'"
+      );
+      return rows.map((r) => r.table_name);
+    } else {
+      const rows = await this.db.all(
+        "SELECT name FROM sqlite_master WHERE type='table' AND name LIKE 'ext_%'"
+      );
+      return rows.map((r) => r.name);
+    }
+  }
+  // ─── Helpers ────────────────────────────────────────
+  splitStatements(sql) {
+    return sql.split(";").map((s) => s.trim()).filter((s) => s.length > 0);
+  }
+  getSqlForDialect(migration) {
+    if (this.dialect === "postgres" && migration.postgres) return migration.postgres;
+    if (this.dialect === "mysql" && migration.mysql) return migration.mysql;
+    if (this.dialect === "postgres" && migration.sql) return sqliteToPostgres(migration.sql);
+    if (this.dialect === "mysql" && migration.sql) return sqliteToMySQL(migration.sql);
+    return migration.sql;
+  }
+  // ─── Managed Agents ─────────────────────────────────
+  async upsertManagedAgent(agent) {
+    await this.db.run(`
+      INSERT INTO managed_agents (id, org_id, name, display_name, state, config, health, usage, permission_profile_id, version, last_deployed_at, last_health_check_at, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+      ON CONFLICT(id) DO UPDATE SET
+        state = excluded.state,
+        config = excluded.config,
+        health = excluded.health,
+        usage = excluded.usage,
+        permission_profile_id = excluded.permission_profile_id,
+        version = excluded.version,
+        last_deployed_at = excluded.last_deployed_at,
+        last_health_check_at = excluded.last_health_check_at,
+        updated_at = excluded.updated_at
+    `, [
+      agent.id,
+      agent.orgId,
+      agent.config.name,
+      agent.config.displayName,
+      agent.state,
+      JSON.stringify(agent.config),
+      JSON.stringify(agent.health),
+      JSON.stringify(agent.usage),
+      agent.config.permissionProfileId,
+      agent.version,
+      agent.lastDeployedAt || null,
+      agent.lastHealthCheckAt || null,
+      agent.createdAt,
+      agent.updatedAt
+    ]);
+  }
+  async getManagedAgent(id) {
+    const row = await this.db.get("SELECT * FROM managed_agents WHERE id = ?", [id]);
+    return row ? this.rowToManagedAgent(row) : null;
+  }
+  async getManagedAgentsByOrg(orgId) {
+    const rows = await this.db.all("SELECT * FROM managed_agents WHERE org_id = ? ORDER BY created_at DESC", [orgId]);
+    return rows.map((r) => this.rowToManagedAgent(r));
+  }
+  async getManagedAgentsByState(state) {
+    const rows = await this.db.all("SELECT * FROM managed_agents WHERE state = ?", [state]);
+    return rows.map((r) => this.rowToManagedAgent(r));
+  }
+  async deleteManagedAgent(id) {
+    await this.db.run("DELETE FROM managed_agents WHERE id = ?", [id]);
+  }
+  async countManagedAgents(orgId, state) {
+    const sql = state ? "SELECT COUNT(*) as count FROM managed_agents WHERE org_id = ? AND state = ?" : "SELECT COUNT(*) as count FROM managed_agents WHERE org_id = ?";
+    const row = await this.db.get(sql, state ? [orgId, state] : [orgId]);
+    return row?.count || 0;
+  }
+  // ─── State History ──────────────────────────────────
+  async addStateTransition(agentId, transition) {
+    await this.db.run(`
+      INSERT INTO agent_state_history (id, agent_id, from_state, to_state, reason, triggered_by, error, created_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+    `, [
+      crypto.randomUUID(),
+      agentId,
+      transition.from,
+      transition.to,
+      transition.reason,
+      transition.triggeredBy,
+      transition.error || null,
+      transition.timestamp
+    ]);
+  }
+  async getStateHistory(agentId, limit = 50) {
+    const rows = await this.db.all(
+      "SELECT * FROM agent_state_history WHERE agent_id = ? ORDER BY created_at DESC LIMIT ?",
+      [agentId, limit]
+    );
+    return rows.map((r) => ({
+      from: r.from_state,
+      to: r.to_state,
+      reason: r.reason,
+      triggeredBy: r.triggered_by,
+      timestamp: r.created_at,
+      error: r.error
+    }));
+  }
+  // ─── Permission Profiles ────────────────────────────
+  async upsertPermissionProfile(orgId, profile) {
+    await this.db.run(`
+      INSERT INTO permission_profiles (id, org_id, name, description, config, is_preset, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, 0, ?, ?)
+      ON CONFLICT(id) DO UPDATE SET
+        name = excluded.name, description = excluded.description,
+        config = excluded.config, updated_at = excluded.updated_at
+    `, [
+      profile.id,
+      orgId,
+      profile.name,
+      profile.description || null,
+      JSON.stringify(profile),
+      profile.createdAt,
+      profile.updatedAt
+    ]);
+  }
+  async getPermissionProfile(id) {
+    const row = await this.db.get("SELECT * FROM permission_profiles WHERE id = ?", [id]);
+    return row ? JSON.parse(row.config) : null;
+  }
+  async getPermissionProfilesByOrg(orgId) {
+    const rows = await this.db.all("SELECT config FROM permission_profiles WHERE org_id = ? ORDER BY name", [orgId]);
+    return rows.map((r) => JSON.parse(r.config));
+  }
+  async deletePermissionProfile(id) {
+    await this.db.run("DELETE FROM permission_profiles WHERE id = ?", [id]);
+  }
+  // ─── Organizations ──────────────────────────────────
+  async upsertOrganization(org) {
+    await this.db.run(`
+      INSERT INTO organizations (id, name, slug, plan, limits, usage, settings, sso_config, allowed_domains, billing, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+      ON CONFLICT(id) DO UPDATE SET
+        name = excluded.name, slug = excluded.slug, plan = excluded.plan,
+        limits = excluded.limits, usage = excluded.usage, settings = excluded.settings,
+        sso_config = excluded.sso_config, allowed_domains = excluded.allowed_domains,
+        billing = excluded.billing, updated_at = excluded.updated_at
+    `, [
+      org.id,
+      org.name,
+      org.slug,
+      org.plan,
+      JSON.stringify(org.limits),
+      JSON.stringify(org.usage),
+      JSON.stringify(org.settings),
+      org.ssoConfig ? JSON.stringify(org.ssoConfig) : null,
+      JSON.stringify(org.allowedDomains),
+      org.billing ? JSON.stringify(org.billing) : null,
+      org.createdAt,
+      org.updatedAt
+    ]);
+  }
+  async getOrganization(id) {
+    const row = await this.db.get("SELECT * FROM organizations WHERE id = ?", [id]);
+    return row ? this.rowToOrg(row) : null;
+  }
+  async getOrganizationBySlug(slug) {
+    const row = await this.db.get("SELECT * FROM organizations WHERE slug = ?", [slug]);
+    return row ? this.rowToOrg(row) : null;
+  }
+  async listOrganizations() {
+    const rows = await this.db.all("SELECT * FROM organizations ORDER BY created_at DESC");
+    return rows.map((r) => this.rowToOrg(r));
+  }
+  async deleteOrganization(id) {
+    await this.db.run("DELETE FROM organizations WHERE id = ?", [id]);
+  }
+  // ─── Knowledge Bases ────────────────────────────────
+  async upsertKnowledgeBase(kb) {
+    await this.db.run(`
+      INSERT INTO knowledge_bases (id, org_id, name, description, agent_ids, config, stats, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+      ON CONFLICT(id) DO UPDATE SET
+        name = excluded.name, description = excluded.description,
+        agent_ids = excluded.agent_ids, config = excluded.config,
+        stats = excluded.stats, updated_at = excluded.updated_at
+    `, [
+      kb.id,
+      kb.orgId,
+      kb.name,
+      kb.description || null,
+      JSON.stringify(kb.agentIds),
+      JSON.stringify(kb.config),
+      JSON.stringify(kb.stats),
+      kb.createdAt,
+      kb.updatedAt
+    ]);
+  }
+  async getKnowledgeBase(id) {
+    const row = await this.db.get("SELECT * FROM knowledge_bases WHERE id = ?", [id]);
+    if (!row) return null;
+    const kb = {
+      id: row.id,
+      orgId: row.org_id,
+      name: row.name,
+      description: row.description,
+      agentIds: JSON.parse(row.agent_ids),
+      config: JSON.parse(row.config),
+      stats: JSON.parse(row.stats),
+      createdAt: row.created_at,
+      updatedAt: row.updated_at,
+      documents: []
+    };
+    kb.documents = await this.getKBDocuments(id);
+    return kb;
+  }
+  async getKnowledgeBasesByOrg(orgId) {
+    const rows = await this.db.all("SELECT * FROM knowledge_bases WHERE org_id = ? ORDER BY name", [orgId]);
+    return rows.map((r) => ({
+      id: r.id,
+      orgId: r.org_id,
+      name: r.name,
+      description: r.description,
+      agentIds: JSON.parse(r.agent_ids),
+      config: JSON.parse(r.config),
+      stats: JSON.parse(r.stats),
+      createdAt: r.created_at,
+      updatedAt: r.updated_at,
+      documents: []
+      // Loaded on demand
+    }));
+  }
+  async deleteKnowledgeBase(id) {
+    await this.db.run("DELETE FROM knowledge_bases WHERE id = ?", [id]);
+  }
+  // ─── KB Documents & Chunks ──────────────────────────
+  async insertKBDocument(doc) {
+    await this.db.run(`
+      INSERT INTO kb_documents (id, knowledge_base_id, name, source_type, source_url, mime_type, size, metadata, status, error, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `, [
+      doc.id,
+      doc.knowledgeBaseId,
+      doc.name,
+      doc.sourceType,
+      doc.sourceUrl || null,
+      doc.mimeType,
+      doc.size,
+      JSON.stringify(doc.metadata),
+      doc.status,
+      doc.error || null,
+      doc.createdAt,
+      doc.updatedAt
+    ]);
+    for (const chunk of doc.chunks) {
+      await this.db.run(`
+        INSERT INTO kb_chunks (id, document_id, content, token_count, position, embedding, metadata)
+        VALUES (?, ?, ?, ?, ?, ?, ?)
+      `, [
+        chunk.id,
+        doc.id,
+        chunk.content,
+        chunk.tokenCount,
+        chunk.position,
+        chunk.embedding ? Buffer.from(new Float32Array(chunk.embedding).buffer) : null,
+        JSON.stringify(chunk.metadata)
+      ]);
+    }
+  }
+  async getKBDocuments(kbId) {
+    const docs = await this.db.all("SELECT * FROM kb_documents WHERE knowledge_base_id = ?", [kbId]);
+    const result = [];
+    for (const d of docs) {
+      const chunks = await this.db.all("SELECT * FROM kb_chunks WHERE document_id = ? ORDER BY position", [d.id]);
+      result.push({
+        id: d.id,
+        knowledgeBaseId: d.knowledge_base_id,
+        name: d.name,
+        sourceType: d.source_type,
+        sourceUrl: d.source_url,
+        mimeType: d.mime_type,
+        size: d.size,
+        metadata: JSON.parse(d.metadata),
+        status: d.status,
+        error: d.error,
+        createdAt: d.created_at,
+        updatedAt: d.updated_at,
+        chunks: chunks.map((c) => ({
+          id: c.id,
+          documentId: c.document_id,
+          content: c.content,
+          tokenCount: c.token_count,
+          position: c.position,
+          embedding: c.embedding ? Array.from(new Float32Array(c.embedding)) : void 0,
+          metadata: JSON.parse(c.metadata)
+        }))
+      });
+    }
+    return result;
+  }
+  async deleteKBDocument(docId) {
+    await this.db.run("DELETE FROM kb_documents WHERE id = ?", [docId]);
+  }
+  // ─── Tool Calls (Activity) ──────────────────────────
+  async insertToolCall(record) {
+    await this.db.run(`
+      INSERT INTO tool_calls (id, agent_id, org_id, session_id, tool_id, tool_name, parameters, result, timing, cost, permission, created_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `, [
+      record.id,
+      record.agentId,
+      record.orgId,
+      record.sessionId || null,
+      record.toolId,
+      record.toolName,
+      JSON.stringify(record.parameters),
+      record.result ? JSON.stringify(record.result) : null,
+      JSON.stringify(record.timing),
+      record.cost ? JSON.stringify(record.cost) : null,
+      JSON.stringify(record.permission),
+      record.timing.startedAt
+    ]);
+  }
+  async updateToolCallResult(id, result, timing, cost) {
+    await this.db.run(
+      "UPDATE tool_calls SET result = ?, timing = ?, cost = ? WHERE id = ?",
+      [JSON.stringify(result), JSON.stringify(timing), cost ? JSON.stringify(cost) : null, id]
+    );
+  }
+  async getToolCalls(opts) {
+    const conditions = [];
+    const params = [];
+    if (opts.agentId) {
+      conditions.push("agent_id = ?");
+      params.push(opts.agentId);
+    }
+    if (opts.orgId) {
+      conditions.push("org_id = ?");
+      params.push(opts.orgId);
+    }
+    if (opts.toolId) {
+      conditions.push("tool_id = ?");
+      params.push(opts.toolId);
+    }
+    if (opts.since) {
+      conditions.push("created_at >= ?");
+      params.push(opts.since);
+    }
+    const where = conditions.length > 0 ? "WHERE " + conditions.join(" AND ") : "";
+    params.push(opts.limit || 50);
+    const rows = await this.db.all(`SELECT * FROM tool_calls ${where} ORDER BY created_at DESC LIMIT ?`, params);
+    return rows.map((r) => ({
+      id: r.id,
+      agentId: r.agent_id,
+      orgId: r.org_id,
+      sessionId: r.session_id,
+      toolId: r.tool_id,
+      toolName: r.tool_name,
+      parameters: JSON.parse(r.parameters || "{}"),
+      result: r.result ? JSON.parse(r.result) : void 0,
+      timing: JSON.parse(r.timing),
+      cost: r.cost ? JSON.parse(r.cost) : void 0,
+      permission: JSON.parse(r.permission)
+    }));
+  }
+  // ─── Activity Events ────────────────────────────────
+  async insertActivityEvent(event) {
+    await this.db.run(`
+      INSERT INTO activity_events (id, agent_id, org_id, session_id, type, data, created_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?)
+    `, [event.id, event.agentId, event.orgId, event.sessionId || null, event.type, JSON.stringify(event.data), event.timestamp]);
+  }
+  async getActivityEvents(opts) {
+    const conditions = [];
+    const params = [];
+    if (opts.agentId) {
+      conditions.push("agent_id = ?");
+      params.push(opts.agentId);
+    }
+    if (opts.orgId) {
+      conditions.push("org_id = ?");
+      params.push(opts.orgId);
+    }
+    if (opts.types?.length) {
+      conditions.push(`type IN (${opts.types.map(() => "?").join(",")})`);
+      params.push(...opts.types);
+    }
+    if (opts.since) {
+      conditions.push("created_at >= ?");
+      params.push(opts.since);
+    }
+    const where = conditions.length > 0 ? "WHERE " + conditions.join(" AND ") : "";
+    params.push(opts.limit || 50);
+    const rows = await this.db.all(`SELECT * FROM activity_events ${where} ORDER BY created_at DESC LIMIT ?`, params);
+    return rows.map((r) => ({
+      id: r.id,
+      agentId: r.agent_id,
+      orgId: r.org_id,
+      sessionId: r.session_id,
+      type: r.type,
+      data: JSON.parse(r.data),
+      timestamp: r.created_at
+    }));
+  }
+  // ─── Conversations ──────────────────────────────────
+  async insertConversation(entry) {
+    await this.db.run(`
+      INSERT INTO conversations (id, agent_id, session_id, role, content, channel, token_count, tool_calls, created_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `, [
+      entry.id,
+      entry.agentId,
+      entry.sessionId,
+      entry.role,
+      entry.content,
+      entry.channel || null,
+      entry.tokenCount,
+      entry.toolCalls ? JSON.stringify(entry.toolCalls) : null,
+      entry.timestamp
+    ]);
+  }
+  async getConversation(sessionId, limit = 50) {
+    const rows = await this.db.all(
+      "SELECT * FROM conversations WHERE session_id = ? ORDER BY created_at ASC LIMIT ?",
+      [sessionId, limit]
+    );
+    return rows.map((r) => ({
+      id: r.id,
+      agentId: r.agent_id,
+      sessionId: r.session_id,
+      role: r.role,
+      content: r.content,
+      channel: r.channel,
+      tokenCount: r.token_count,
+      toolCalls: r.tool_calls ? JSON.parse(r.tool_calls) : void 0,
+      timestamp: r.created_at
+    }));
+  }
+  // ─── Approval Requests ──────────────────────────────
+  async insertApprovalRequest(req, orgId) {
+    await this.db.run(`
+      INSERT INTO approval_requests (id, agent_id, agent_name, org_id, tool_id, tool_name, reason, risk_level, side_effects, parameters, context, status, decision, expires_at, created_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `, [
+      req.id,
+      req.agentId,
+      req.agentName,
+      orgId,
+      req.toolId,
+      req.toolName,
+      req.reason,
+      req.riskLevel,
+      JSON.stringify(req.sideEffects),
+      req.parameters ? JSON.stringify(req.parameters) : null,
+      req.context || null,
+      req.status,
+      req.decision ? JSON.stringify(req.decision) : null,
+      req.expiresAt,
+      req.createdAt
+    ]);
+  }
+  async updateApprovalRequest(id, status, decision) {
+    await this.db.run(
+      "UPDATE approval_requests SET status = ?, decision = ? WHERE id = ?",
+      [status, decision ? JSON.stringify(decision) : null, id]
+    );
+  }
+  async getApprovalRequests(opts) {
+    const conditions = [];
+    const params = [];
+    if (opts.orgId) {
+      conditions.push("org_id = ?");
+      params.push(opts.orgId);
+    }
+    if (opts.status) {
+      conditions.push("status = ?");
+      params.push(opts.status);
+    }
+    if (opts.agentId) {
+      conditions.push("agent_id = ?");
+      params.push(opts.agentId);
+    }
+    const where = conditions.length > 0 ? "WHERE " + conditions.join(" AND ") : "";
+    params.push(opts.limit || 50);
+    const rows = await this.db.all(`SELECT * FROM approval_requests ${where} ORDER BY created_at DESC LIMIT ?`, params);
+    return rows.map((r) => ({
+      id: r.id,
+      agentId: r.agent_id,
+      agentName: r.agent_name,
+      toolId: r.tool_id,
+      toolName: r.tool_name,
+      reason: r.reason,
+      riskLevel: r.risk_level,
+      sideEffects: JSON.parse(r.side_effects),
+      parameters: r.parameters ? JSON.parse(r.parameters) : void 0,
+      context: r.context,
+      status: r.status,
+      decision: r.decision ? JSON.parse(r.decision) : void 0,
+      createdAt: r.created_at,
+      expiresAt: r.expires_at
+    }));
+  }
+  // ─── Approval Policies ──────────────────────────────
+  async upsertApprovalPolicy(orgId, policy) {
+    await this.db.run(`
+      INSERT INTO approval_policies (id, org_id, name, description, triggers, approvers, timeout, notify, enabled, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+      ON CONFLICT(id) DO UPDATE SET
+        name = excluded.name, description = excluded.description,
+        triggers = excluded.triggers, approvers = excluded.approvers,
+        timeout = excluded.timeout, notify = excluded.notify,
+        enabled = excluded.enabled, updated_at = excluded.updated_at
+    `, [
+      policy.id,
+      orgId,
+      policy.name,
+      policy.description || null,
+      JSON.stringify(policy.triggers),
+      JSON.stringify(policy.approvers),
+      JSON.stringify(policy.timeout),
+      JSON.stringify(policy.notify),
+      policy.enabled ? 1 : 0,
+      (/* @__PURE__ */ new Date()).toISOString(),
+      (/* @__PURE__ */ new Date()).toISOString()
+    ]);
+  }
+  async getApprovalPolicies(orgId) {
+    const rows = await this.db.all("SELECT * FROM approval_policies WHERE org_id = ? ORDER BY name", [orgId]);
+    return rows.map((r) => ({
+      id: r.id,
+      name: r.name,
+      description: r.description,
+      triggers: JSON.parse(r.triggers),
+      approvers: JSON.parse(r.approvers),
+      timeout: JSON.parse(r.timeout),
+      notify: JSON.parse(r.notify),
+      enabled: !!r.enabled
+    }));
+  }
+  async deleteApprovalPolicy(id) {
+    await this.db.run("DELETE FROM approval_policies WHERE id = ?", [id]);
+  }
+  // ─── Aggregate Stats ───────────────────────────────
+  async getEngineStats(orgId) {
+    const today = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+    const [agents, running, toolCalls, activity, approvals, kbs] = await Promise.all([
+      this.db.get("SELECT COUNT(*) as c FROM managed_agents WHERE org_id = ?", [orgId]),
+      this.db.get("SELECT COUNT(*) as c FROM managed_agents WHERE org_id = ? AND state = ?", [orgId, "running"]),
+      this.db.get("SELECT COUNT(*) as c FROM tool_calls WHERE org_id = ? AND created_at >= ?", [orgId, today]),
+      this.db.get("SELECT COUNT(*) as c FROM activity_events WHERE org_id = ? AND created_at >= ?", [orgId, today]),
+      this.db.get("SELECT COUNT(*) as c FROM approval_requests WHERE org_id = ? AND status = ?", [orgId, "pending"]),
+      this.db.get("SELECT COUNT(*) as c FROM knowledge_bases WHERE org_id = ?", [orgId])
+    ]);
+    return {
+      totalManagedAgents: agents?.c || 0,
+      runningAgents: running?.c || 0,
+      totalToolCallsToday: toolCalls?.c || 0,
+      totalActivityToday: activity?.c || 0,
+      pendingApprovals: approvals?.c || 0,
+      totalKnowledgeBases: kbs?.c || 0
+    };
+  }
+  /**
+   * Cleanup old data based on retention
+   */
+  async cleanup(retainDays) {
+    const cutoff = new Date(Date.now() - retainDays * 864e5).toISOString();
+    const tc = await this.db.get("SELECT COUNT(*) as c FROM tool_calls WHERE created_at < ?", [cutoff]);
+    const ev = await this.db.get("SELECT COUNT(*) as c FROM activity_events WHERE created_at < ?", [cutoff]);
+    const cv = await this.db.get("SELECT COUNT(*) as c FROM conversations WHERE created_at < ?", [cutoff]);
+    await this.db.run("DELETE FROM tool_calls WHERE created_at < ?", [cutoff]);
+    await this.db.run("DELETE FROM activity_events WHERE created_at < ?", [cutoff]);
+    await this.db.run("DELETE FROM conversations WHERE created_at < ?", [cutoff]);
+    return {
+      toolCalls: tc?.c || 0,
+      events: ev?.c || 0,
+      conversations: cv?.c || 0
+    };
+  }
+  // ─── Row Mappers ────────────────────────────────────
+  rowToManagedAgent(row) {
+    return {
+      id: row.id,
+      orgId: row.org_id,
+      config: JSON.parse(row.config),
+      state: row.state,
+      stateHistory: [],
+      // Loaded separately via getStateHistory
+      health: JSON.parse(row.health || "{}"),
+      usage: JSON.parse(row.usage || "{}"),
+      createdAt: row.created_at,
+      updatedAt: row.updated_at,
+      lastDeployedAt: row.last_deployed_at,
+      lastHealthCheckAt: row.last_health_check_at,
+      version: row.version
+    };
+  }
+  rowToOrg(row) {
+    return {
+      id: row.id,
+      name: row.name,
+      slug: row.slug,
+      plan: row.plan,
+      limits: JSON.parse(row.limits || "{}"),
+      usage: JSON.parse(row.usage || "{}"),
+      settings: JSON.parse(row.settings || "{}"),
+      ssoConfig: row.sso_config ? JSON.parse(row.sso_config) : void 0,
+      allowedDomains: JSON.parse(row.allowed_domains || "[]"),
+      billing: row.billing ? JSON.parse(row.billing) : void 0,
+      createdAt: row.created_at,
+      updatedAt: row.updated_at
+    };
+  }
+};
+export {
+  ENGINE_TABLES,
+  ENGINE_TABLES_POSTGRES,
+  MIGRATIONS_TABLE,
+  MIGRATIONS_TABLE_POSTGRES,
+  MIGRATIONS,
+  sqliteToPostgres,
+  sqliteToMySQL,
+  EngineDatabase
+};