npm - @agenticmail/enterprise - Versions diffs - 0.5.311 → 0.5.313 - Mend

@agenticmail/enterprise 0.5.311 → 0.5.313

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (214) hide show

package/README.md +682 -544
package/dist/agent-autonomy-PSXQ4MNP.js +766 -0
package/dist/agent-heartbeat-6H3YAQ32.js +510 -0
package/dist/agent-heartbeat-7WS3XILF.js +510 -0
package/dist/agent-heartbeat-BFGKYUUK.js +510 -0
package/dist/agent-heartbeat-SSV65YTX.js +510 -0
package/dist/agent-heartbeat-T5IIHVF4.js +510 -0
package/dist/agent-heartbeat-X3C6FIU2.js +510 -0
package/dist/agent-tools-BW6CLQQ7.js +13897 -0
package/dist/agent-tools-KEA7QEWF.js +13897 -0
package/dist/agent-tools-NU7V3S5N.js +13899 -0
package/dist/agent-tools-WINDYRQ2.js +13897 -0
package/dist/chunk-3ELH5CU6.js +4910 -0
package/dist/chunk-4QYRS3MS.js +1519 -0
package/dist/chunk-52REEVDW.js +1519 -0
package/dist/chunk-5RZJ76YI.js +4977 -0
package/dist/chunk-6L7FQI5Q.js +4909 -0
package/dist/chunk-763OMGFI.js +1519 -0
package/dist/chunk-7ILSXGY6.js +1519 -0
package/dist/chunk-7UCKD25B.js +551 -0
package/dist/chunk-A6MSR7DL.js +4977 -0
package/dist/chunk-ASD2YB6O.js +1519 -0
package/dist/chunk-AZOIHLLX.js +4977 -0
package/dist/chunk-BDCFOP7O.js +537 -0
package/dist/chunk-BSVWPG6I.js +106 -0
package/dist/chunk-C46DNDZB.js +1519 -0
package/dist/chunk-CFVTK4FQ.js +4977 -0
package/dist/chunk-CHJAOKCJ.js +4921 -0
package/dist/chunk-CYEWTXYH.js +4977 -0
package/dist/chunk-D3KFSWLK.js +48 -0
package/dist/chunk-DUVGNAIY.js +4977 -0
package/dist/chunk-DX4XEFVE.js +25229 -0
package/dist/chunk-EX6FQSEV.js +167 -0
package/dist/chunk-F5VZ5EUH.js +1519 -0
package/dist/chunk-FVUDSPOD.js +4977 -0
package/dist/chunk-G6FTZKJX.js +4977 -0
package/dist/chunk-GFEAZN6Y.js +1519 -0
package/dist/chunk-HKV4FQFW.js +1519 -0
package/dist/chunk-ICCPULDT.js +25217 -0
package/dist/chunk-IYEM627Q.js +25216 -0
package/dist/chunk-JHRJ4QJ6.js +1519 -0
package/dist/chunk-K2DAUYHV.js +4977 -0
package/dist/chunk-KDQDSZZQ.js +4973 -0
package/dist/chunk-LDUD6AZY.js +1519 -0
package/dist/chunk-LES5TJ5L.js +4909 -0
package/dist/chunk-MJGGW6MC.js +106 -0
package/dist/chunk-MQKIWAHQ.js +106 -0
package/dist/chunk-NGA7BBPF.js +48 -0
package/dist/chunk-OE3TI4IQ.js +1519 -0
package/dist/chunk-OHSBIYDR.js +4977 -0
package/dist/chunk-OPOBUYJT.js +1519 -0
package/dist/chunk-OZEYDEPB.js +1519 -0
package/dist/chunk-P4PODSQH.js +1519 -0
package/dist/chunk-P7UOSFIE.js +636 -0
package/dist/chunk-PFN6DODU.js +4921 -0
package/dist/chunk-PKDVM4IY.js +4917 -0
package/dist/chunk-Q5KG3G7U.js +25115 -0
package/dist/chunk-QMVNW4FJ.js +25229 -0
package/dist/chunk-QZ5UPRBE.js +4977 -0
package/dist/chunk-SPP23N42.js +4977 -0
package/dist/chunk-SRGHNFOY.js +4921 -0
package/dist/chunk-TPLVQFXM.js +2594 -0
package/dist/chunk-U3XYF4QP.js +4977 -0
package/dist/chunk-VRRJH2DY.js +4921 -0
package/dist/chunk-WY42BS3F.js +1519 -0
package/dist/chunk-XAA4VHHZ.js +1519 -0
package/dist/chunk-Y2KIY4BA.js +4969 -0
package/dist/chunk-Z5Y5KTPC.js +4977 -0
package/dist/chunk-ZA4QRACH.js +4977 -0
package/dist/chunk-ZHLGSTXF.js +4909 -0
package/dist/cli-agent-26BUULHZ.js +2169 -0
package/dist/cli-agent-2FLJWXOC.js +2169 -0
package/dist/cli-agent-4NNQFLO6.js +2255 -0
package/dist/cli-agent-5WV3EEPW.js +2252 -0
package/dist/cli-agent-65JUT6DU.js +2193 -0
package/dist/cli-agent-6HLL7A5K.js +2255 -0
package/dist/cli-agent-CZ26QWUZ.js +2210 -0
package/dist/cli-agent-HPVSWDNQ.js +2255 -0
package/dist/cli-agent-K4SBVG5X.js +2210 -0
package/dist/cli-agent-K5D424X2.js +2252 -0
package/dist/cli-agent-U4OL5FGK.js +2210 -0
package/dist/cli-agent-WUMPOIKQ.js +2169 -0
package/dist/cli-agent-WWRGGJ2F.js +2255 -0
package/dist/cli-agent-ZDBBTVGU.js +2193 -0
package/dist/cli-agent-ZIZ5JP4O.js +2252 -0
package/dist/cli-recover-I4KNR2OI.js +487 -0
package/dist/cli-recover-IQTUKWR2.js +487 -0
package/dist/cli-recover-OYJHELOR.js +487 -0
package/dist/cli-recover-PVQC7UXB.js +487 -0
package/dist/cli-recover-T32NABFA.js +487 -0
package/dist/cli-serve-FE4CMMSN.js +143 -0
package/dist/cli-serve-FTQJ3RUK.js +143 -0
package/dist/cli-serve-G4PUCASH.js +143 -0
package/dist/cli-serve-HBZYUUQ3.js +143 -0
package/dist/cli-serve-L3NUROMO.js +143 -0
package/dist/cli-serve-LAA5WIZK.js +143 -0
package/dist/cli-serve-LV4TUSJD.js +143 -0
package/dist/cli-serve-MFCTVA2L.js +140 -0
package/dist/cli-serve-QCRUFI5B.js +143 -0
package/dist/cli-serve-S7OGQN4P.js +143 -0
package/dist/cli-serve-SI4BQRXT.js +140 -0
package/dist/cli-serve-UNB7EHN4.js +143 -0
package/dist/cli-serve-UV3GVDRD.js +143 -0
package/dist/cli-serve-V5QICXR5.js +143 -0
package/dist/cli-serve-VG6Z6GIB.js +143 -0
package/dist/cli-serve-XSYHPGZI.js +143 -0
package/dist/cli-serve-Y534FCRV.js +140 -0
package/dist/cli-verify-CZIITRED.js +149 -0
package/dist/cli-verify-N73GOKEF.js +149 -0
package/dist/cli-verify-QEEBZOUZ.js +149 -0
package/dist/cli-verify-RC5HI6DU.js +149 -0
package/dist/cli-verify-VKBNIEAX.js +149 -0
package/dist/cli.js +5 -5
package/dist/dashboard/app.js +16 -3
package/dist/dashboard/components/org-switcher.js +5 -1
package/dist/dashboard/org-switcher.js +156 -0
package/dist/dashboard/pages/login.js +160 -4
package/dist/dashboard/pages/task-pipeline.js +1 -1
package/dist/factory-3IWXVE37.js +9 -0
package/dist/factory-5M6PTMLC.js +11 -0
package/dist/factory-CSSHN7GE.js +11 -0
package/dist/factory-JFWXTAWK.js +11 -0
package/dist/factory-TBGUYM5X.js +9 -0
package/dist/google-W5AYGNUJ.js +33 -0
package/dist/index.js +6 -6
package/dist/meetings-FJ453ENF.js +12 -0
package/dist/postgres-BCHZWRU3.js +832 -0
package/dist/postgres-BI4QVRM6.js +825 -0
package/dist/postgres-BOTHOPDW.js +875 -0
package/dist/postgres-JBUKR3TA.js +873 -0
package/dist/postgres-Z7QYSU6K.js +861 -0
package/dist/routes-7QYAQTWA.js +90 -0
package/dist/routes-JCBVZU54.js +90 -0
package/dist/routes-KEDEJFRE.js +90 -0
package/dist/routes-WI64ADVH.js +90 -0
package/dist/routes-X36OSCID.js +90 -0
package/dist/runtime-75XR6KEW.js +45 -0
package/dist/runtime-BNM7ZNNL.js +45 -0
package/dist/runtime-ES6WCJ7D.js +45 -0
package/dist/runtime-KYJTML2B.js +45 -0
package/dist/runtime-LO67ZHQA.js +45 -0
package/dist/runtime-VIXKKVSZ.js +45 -0
package/dist/runtime-WHWJPCGK.js +45 -0
package/dist/runtime-Z2Q6GUHH.js +45 -0
package/dist/runtime-ZZ6CALSB.js +45 -0
package/dist/server-27A4WEJC.js +28 -0
package/dist/server-2CBXP4WS.js +28 -0
package/dist/server-4JQAB5R4.js +28 -0
package/dist/server-6BOM5U64.js +28 -0
package/dist/server-CA2I3LJY.js +28 -0
package/dist/server-FLJKNPRD.js +28 -0
package/dist/server-HMIHIQ2N.js +28 -0
package/dist/server-KIXXLR2D.js +28 -0
package/dist/server-KSEIZTXF.js +28 -0
package/dist/server-MPVW7DKZ.js +28 -0
package/dist/server-PRTVRQ2D.js +28 -0
package/dist/server-SYIG6HAX.js +28 -0
package/dist/server-U32KDIXC.js +28 -0
package/dist/server-WFN6CA4T.js +28 -0
package/dist/server-XQUE3FGT.js +28 -0
package/dist/server-XWT2UORK.js +28 -0
package/dist/server-Y3BGNN5Q.js +28 -0
package/dist/setup-352L2TPS.js +20 -0
package/dist/setup-4MM645XK.js +20 -0
package/dist/setup-5JPWW6IP.js +20 -0
package/dist/setup-CUN6LVUV.js +20 -0
package/dist/setup-D3YHPWPY.js +20 -0
package/dist/setup-D4A5I6UM.js +20 -0
package/dist/setup-DOPLXTB3.js +20 -0
package/dist/setup-E3NSIM6B.js +20 -0
package/dist/setup-E3V2D7NL.js +20 -0
package/dist/setup-FSYPGI2C.js +20 -0
package/dist/setup-G3RPKRG3.js +20 -0
package/dist/setup-KJ77HNWK.js +20 -0
package/dist/setup-LPSOY5V5.js +20 -0
package/dist/setup-N3ODDSQE.js +20 -0
package/dist/setup-NLDM3M2P.js +20 -0
package/dist/setup-PT6WGOYB.js +20 -0
package/dist/setup-SWJMNDWF.js +20 -0
package/dist/system-prompts-6OUTAMH6.js +41 -0
package/dist/task-queue-YP2I54IA.js +9 -0
package/dist/telegram-QRNGRT5M.js +17 -0
package/dist/whatsapp-VYVINCGV.js +31 -0
package/god_is_great.html +35 -0
package/package.json +1 -1
package/src/admin/routes.ts +24 -4
package/src/agent-tools/index.ts +4 -1
package/src/agent-tools/tool-resolver.ts +15 -4
package/src/agent-tools/tools/browser.ts +2 -2
package/src/agent-tools/tools/local/dependency-manager.ts +286 -0
package/src/agent-tools/tools/local/index.ts +3 -0
package/src/agent-tools/tools/messaging/telegram.ts +29 -0
package/src/agent-tools/tools/messaging/whatsapp.ts +59 -4
package/src/auth/routes.ts +15 -12
package/src/cli-agent.ts +47 -6
package/src/cli-serve.ts +2 -5
package/src/dashboard/app.js +16 -3
package/src/dashboard/components/org-switcher.js +5 -1
package/src/dashboard/pages/login.js +160 -4
package/src/dashboard/pages/task-pipeline.js +1 -1
package/src/db/adapter.ts +2 -0
package/src/db/factory.ts +78 -0
package/src/db/postgres.ts +57 -12
package/src/engine/agent-autonomy.ts +1 -1
package/src/engine/agent-heartbeat.ts +1 -1
package/src/engine/messaging-poller.ts +146 -11
package/src/engine/oauth-connect-routes.ts +23 -3
package/src/engine/routes.ts +1 -1
package/src/engine/task-poller.ts +54 -3
package/src/engine/task-queue.ts +30 -0
package/src/runtime/index.ts +2 -1
package/src/runtime/types.ts +2 -0
package/src/server.ts +43 -1
package/src/system-prompts/triage.ts +1 -1

package/dist/cli-verify-VKBNIEAX.js ADDED Viewed

@@ -0,0 +1,149 @@
+import {
+  DomainLock
+} from "./chunk-UPU23ZRG.js";
+import "./chunk-KFQGP6VL.js";
+// src/domain-lock/cli-verify.ts
+function getFlag(args, name) {
+  const idx = args.indexOf(name);
+  if (idx !== -1 && args[idx + 1]) return args[idx + 1];
+  return void 0;
+}
+function hasFlag(args, name) {
+  return args.includes(name);
+}
+function detectDbType(url) {
+  const u = url.toLowerCase().trim();
+  if (u.startsWith("postgres") || u.startsWith("pg:")) return "postgres";
+  if (u.startsWith("mysql")) return "mysql";
+  if (u.startsWith("mongodb")) return "mongodb";
+  if (u.startsWith("libsql") || u.includes(".turso.io")) return "turso";
+  if (u.endsWith(".db") || u.endsWith(".sqlite") || u.endsWith(".sqlite3") || u.startsWith("file:")) return "sqlite";
+  return "postgres";
+}
+async function runVerifyDomain(args) {
+  const { default: chalk } = await import("chalk");
+  const { default: ora } = await import("ora");
+  console.log("");
+  console.log(chalk.bold("  AgenticMail Enterprise \u2014 Domain Verification"));
+  console.log("");
+  let domain = getFlag(args, "--domain");
+  let dnsChallenge;
+  let db = null;
+  let dbConnected = false;
+  const envDbUrl = process.env.DATABASE_URL;
+  if (envDbUrl) {
+    const dbType = detectDbType(envDbUrl);
+    const spinner = ora(`Connecting to database (${dbType})...`).start();
+    try {
+      const { createAdapter } = await import("./factory-TBGUYM5X.js");
+      db = await createAdapter({ type: dbType, connectionString: envDbUrl });
+      await db.migrate();
+      const settings = await db.getSettings();
+      if (!domain && settings?.domain) domain = settings.domain;
+      if (settings?.domainDnsChallenge) dnsChallenge = settings.domainDnsChallenge;
+      dbConnected = true;
+      spinner.succeed(`Connected to ${dbType} database` + (domain ? ` (domain: ${domain})` : ""));
+    } catch (err) {
+      spinner.warn(`Could not connect via DATABASE_URL: ${err.message}`);
+      db = null;
+    }
+  }
+  if (!dbConnected) {
+    const dbPath = getFlag(args, "--db");
+    const dbType = getFlag(args, "--db-type") || "sqlite";
+    if (dbPath) {
+      const spinner = ora(`Connecting to ${dbType} database...`).start();
+      try {
+        const { createAdapter } = await import("./factory-TBGUYM5X.js");
+        db = await createAdapter({ type: dbType, connectionString: dbPath });
+        await db.migrate();
+        const settings = await db.getSettings();
+        if (!domain && settings?.domain) domain = settings.domain;
+        if (settings?.domainDnsChallenge) dnsChallenge = settings.domainDnsChallenge;
+        dbConnected = true;
+        spinner.succeed(`Connected to ${dbType} database`);
+      } catch {
+        spinner.warn("Could not read local database");
+      }
+    }
+  }
+  if (!domain) {
+    const { default: inquirer } = await import("inquirer");
+    const answer = await inquirer.prompt([{
+      type: "input",
+      name: "domain",
+      message: "Domain to verify:",
+      suffix: chalk.dim("  (e.g. agents.yourcompany.com)"),
+      validate: (v) => v.includes(".") || "Enter a valid domain",
+      filter: (v) => v.trim().toLowerCase()
+    }]);
+    domain = answer.domain;
+  }
+  const lock = new DomainLock();
+  const maxAttempts = hasFlag(args, "--poll") ? 5 : 1;
+  for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+    const spinner = ora(
+      maxAttempts > 1 ? `Checking DNS verification (attempt ${attempt}/${maxAttempts})...` : "Checking DNS verification..."
+    ).start();
+    try {
+      const result = await lock.checkVerification(domain);
+      if (!result.success) {
+        spinner.fail("Verification check failed");
+        console.log("");
+        console.error(chalk.red(`  ${result.error}`));
+        console.log("");
+        if (db) await db.disconnect();
+        process.exit(1);
+      }
+      if (result.verified) {
+        spinner.succeed("Domain verified!");
+        if (dbConnected && db) {
+          try {
+            await db.updateSettings({
+              domainStatus: "verified",
+              domainVerifiedAt: (/* @__PURE__ */ new Date()).toISOString()
+            });
+            console.log(chalk.dim("  Database updated with verified status."));
+          } catch {
+          }
+        }
+        console.log("");
+        console.log(chalk.green.bold(`  \u2713 ${domain} is verified and protected.`));
+        console.log(chalk.dim("  Your deployment domain is locked. No other instance can claim it."));
+        console.log(chalk.dim("  The system now operates 100% offline \u2014 no outbound calls are made."));
+        console.log("");
+        if (db) await db.disconnect();
+        return;
+      }
+    } catch (err) {
+      spinner.warn(`Check failed: ${err.message}`);
+    }
+    if (attempt < maxAttempts) {
+      const waitSpinner = ora(`DNS record not found yet. Retrying in 10 seconds...`).start();
+      await new Promise((r) => setTimeout(r, 1e4));
+      waitSpinner.stop();
+    }
+  }
+  console.log("");
+  console.log(chalk.yellow("  DNS record not detected yet."));
+  console.log("");
+  console.log(chalk.bold("  Make sure this TXT record exists at your DNS provider:"));
+  console.log("");
+  console.log(`  ${chalk.bold("Host:")}   ${chalk.cyan(`_agenticmail-verify.${domain}`)}`);
+  console.log(`  ${chalk.bold("Type:")}   ${chalk.cyan("TXT")}`);
+  if (dnsChallenge) {
+    console.log(`  ${chalk.bold("Value:")}  ${chalk.cyan(dnsChallenge)}`);
+  } else {
+    console.log(`  ${chalk.bold("Value:")}  ${chalk.dim("(check your dashboard or setup output)")}`);
+  }
+  console.log("");
+  console.log(chalk.dim("  DNS propagation can take up to 48 hours."));
+  console.log(chalk.dim("  Run with --poll to retry automatically:"));
+  console.log(chalk.dim(`    npx @agenticmail/enterprise verify-domain --domain ${domain} --poll`));
+  console.log("");
+  if (db) await db.disconnect();
+}
+export {
+  runVerifyDomain
+};

package/dist/cli.js CHANGED Viewed

@@ -14,10 +14,10 @@ switch (command) {
     import("./cli-submit-skill-SNGAHVB7.js").then((m) => m.runSubmitSkill(args.slice(1))).catch(fatal);
     break;
   case "recover":
-    import("./cli-recover-44SVHH3K.js").then((m) => m.runRecover(args.slice(1))).catch(fatal);
+    import("./cli-recover-T32NABFA.js").then((m) => m.runRecover(args.slice(1))).catch(fatal);
     break;
   case "verify-domain":
-    import("./cli-verify-NGRIHB3J.js").then((m) => m.runVerifyDomain(args.slice(1))).catch(fatal);
+    import("./cli-verify-CZIITRED.js").then((m) => m.runVerifyDomain(args.slice(1))).catch(fatal);
     break;
   case "reset-password":
     import("./cli-reset-password-SO5Y6MW7.js").then((m) => m.runResetPassword(args.slice(1))).catch(fatal);
@@ -57,14 +57,14 @@ Skill Development:
     break;
   case "serve":
   case "start":
-    import("./cli-serve-COFEVLTD.js").then((m) => m.runServe(args.slice(1))).catch(fatal);
+    import("./cli-serve-Y534FCRV.js").then((m) => m.runServe(args.slice(1))).catch(fatal);
     break;
   case "agent":
-    import("./cli-agent-EV7RDHZ4.js").then((m) => m.runAgent(args.slice(1))).catch(fatal);
+    import("./cli-agent-5WV3EEPW.js").then((m) => m.runAgent(args.slice(1))).catch(fatal);
     break;
   case "setup":
   default:
-    import("./setup-VF4ZBLQQ.js").then((m) => m.runSetupWizard()).catch(fatal);
+    import("./setup-N3ODDSQE.js").then((m) => m.runSetupWizard()).catch(fatal);
     break;
 }
 function fatal(err) {

package/dist/dashboard/app.js CHANGED Viewed

@@ -163,6 +163,12 @@ function App() {
     if (document.cookie.match(/em_session|em_csrf/)) {
       authCall('/me').then(async d => {
         setUser(d.user || d);
+        // If user is org-bound, lock org context immediately
+        var u = d.user || d;
+        if (u.clientOrgId) {
+          setSelectedOrgId(u.clientOrgId);
+          localStorage.setItem('em_client_org_id', u.clientOrgId);
+        }
         // Init transport encryption BEFORE setting authed — ensures all subsequent
         // API calls from child components are encrypted
         try {
@@ -202,9 +208,10 @@ function App() {
     apiCall('/settings').then(d => { const s = d.settings || d || {}; if (s.primaryColor) applyBrandColor(s.primaryColor); if (s.orgId) setOrgId(s.orgId); }).catch(() => {});
     apiCall('/me/permissions').then(d => {
       if (d && d.permissions) setPermissions(d.permissions);
-      // If user is assigned to a client org, auto-set org context
+      // If user is assigned to a client org, auto-set org context and lock switcher
       if (d && d.clientOrgId) {
         localStorage.setItem('em_client_org_id', d.clientOrgId);
+        setSelectedOrgId(d.clientOrgId);
       } else {
         localStorage.removeItem('em_client_org_id');
       }
@@ -230,10 +237,15 @@ function App() {
         if (d.user.permissions) setPermissions(d.user.permissions);
         if (d.user.clientOrgId) {
           localStorage.setItem('em_client_org_id', d.user.clientOrgId);
+          // Auto-select the client org so all pages filter by it
+          onOrgChange(d.user.clientOrgId, null);
           apiCall('/organizations/' + d.user.clientOrgId).then(function(o) {
-            if (o && o.name) setImpersonating(function(prev) { return prev ? Object.assign({}, prev, { user: Object.assign({}, prev.user, { clientOrgName: o.name }) }) : prev; });
+            if (o && o.name) {
+              setImpersonating(function(prev) { return prev ? Object.assign({}, prev, { user: Object.assign({}, prev.user, { clientOrgName: o.name }) }) : prev; });
+              onOrgChange(d.user.clientOrgId, o);
+            }
           }).catch(function() {});
-        } else localStorage.removeItem('em_client_org_id');
+        } else { localStorage.removeItem('em_client_org_id'); onOrgChange('', null); }
         toast('Now viewing as ' + d.user.name, 'info');
         setPage('dashboard');
       }
@@ -248,6 +260,7 @@ function App() {
       return null;
     });
     localStorage.removeItem('em_client_org_id');
+    onOrgChange('', null); // Reset org selection back to platform org
     authCall('/me').then(d => { setUser(d.user || d); }).catch(() => {});
     apiCall('/me/permissions').then(d => { if (d && d.permissions) setPermissions(d.permissions); }).catch(() => {});
     toast('Stopped impersonation', 'success');

package/dist/dashboard/components/org-switcher.js CHANGED Viewed

@@ -136,7 +136,11 @@ export function OrgContextSwitcher(props) {
  */
 export function useOrgContext() {
   var app = useApp();
-  var selectedOrgId = app.selectedOrgId || '';
+  var user = app.user || {};
+  var userClientOrgId = user.clientOrgId || null;
+  var isLocked = !!userClientOrgId && user.role !== 'owner' && user.role !== 'admin';
+  // If user is org-bound (locked), always use their clientOrgId regardless of selectedOrgId
+  var selectedOrgId = isLocked ? userClientOrgId : (app.selectedOrgId || '');
   var selectedOrg = app.selectedOrg || null;
   var onOrgChange = app.onOrgChange || function() {};

package/dist/dashboard/org-switcher.js ADDED Viewed

@@ -0,0 +1,156 @@
+import { h, useState, useEffect, useCallback, useRef, Fragment, apiCall, useApp } from './utils.js';
+import { I } from './icons.js';
+// ─── Global org cache (shared across all switcher instances) ────────
+var _orgCache = { orgs: null, loading: false, listeners: [], lastFetch: 0 };
+var ORG_CACHE_TTL = 5 * 60 * 1000; // 5 minutes
+function getOrgsFromCache(forceRefresh) {
+  var now = Date.now();
+  // Return cached if fresh
+  if (!forceRefresh && _orgCache.orgs && (now - _orgCache.lastFetch) < ORG_CACHE_TTL) {
+    return Promise.resolve(_orgCache.orgs);
+  }
+  // Already loading — wait for it
+  if (_orgCache.loading) {
+    return new Promise(function(resolve) {
+      _orgCache.listeners.push(resolve);
+    });
+  }
+  // Fetch
+  _orgCache.loading = true;
+  return apiCall('/organizations').then(function(d) {
+    var list = d.organizations || [];
+    _orgCache.orgs = list;
+    _orgCache.lastFetch = Date.now();
+    _orgCache.loading = false;
+    // Notify waiters
+    var listeners = _orgCache.listeners;
+    _orgCache.listeners = [];
+    listeners.forEach(function(fn) { fn(list); });
+    return list;
+  }).catch(function() {
+    _orgCache.loading = false;
+    _orgCache.orgs = _orgCache.orgs || [];
+    var listeners = _orgCache.listeners;
+    _orgCache.listeners = [];
+    listeners.forEach(function(fn) { fn(_orgCache.orgs || []); });
+    return _orgCache.orgs || [];
+  });
+}
+/** Invalidate org cache (call after creating/deleting orgs) */
+export function invalidateOrgCache() {
+  _orgCache.orgs = null;
+  _orgCache.lastFetch = 0;
+}
+/**
+ * OrgContextSwitcher — Global org context picker for multi-tenant pages.
+ *
+ * If the current user has a clientOrgId, the switcher is LOCKED to that org
+ * (they can only see their org's data). Owners/admins can switch freely.
+ *
+ * Uses a global cache so /organizations is only fetched once across all pages.
+ */
+export function OrgContextSwitcher(props) {
+  var onOrgChange = props.onOrgChange;
+  var selectedOrgId = props.selectedOrgId || '';
+  var showLabel = props.showLabel !== false;
+  var style = props.style || {};
+  var app = useApp();
+  var user = app.user || {};
+  var userOrgId = user.clientOrgId || null;
+  var isLocked = !!userOrgId && user.role !== 'owner' && user.role !== 'admin';
+  var _orgs = useState(_orgCache.orgs || []);
+  var orgs = _orgs[0]; var setOrgs = _orgs[1];
+  var _loaded = useState(!!_orgCache.orgs);
+  var loaded = _loaded[0]; var setLoaded = _loaded[1];
+  useEffect(function() {
+    // If already cached, use immediately (no API call)
+    if (_orgCache.orgs && (Date.now() - _orgCache.lastFetch) < ORG_CACHE_TTL) {
+      setOrgs(_orgCache.orgs);
+      setLoaded(true);
+      return;
+    }
+    getOrgsFromCache(false).then(function(list) {
+      setOrgs(list);
+      setLoaded(true);
+    });
+  }, []);
+  // Don't render if no client orgs and user isn't org-bound
+  if (loaded && orgs.length === 0 && !userOrgId) return null;
+  if (!loaded) return null;
+  var effectiveId = isLocked ? userOrgId : selectedOrgId;
+  var selectedOrg = orgs.find(function(o) { return o.id === effectiveId; });
+  return h('div', {
+    style: Object.assign({
+      display: 'flex', alignItems: 'center', gap: 10, padding: '8px 14px',
+      background: 'var(--bg-tertiary)', border: '1px solid var(--border)',
+      borderRadius: 'var(--radius, 8px)',
+      marginBottom: 16, fontSize: 13
+    }, style)
+  },
+    showLabel && h('span', { style: { color: 'var(--text-muted)', fontWeight: 600, whiteSpace: 'nowrap' } }, I.building(), ' Viewing:'),
+    isLocked
+      ? h('div', { style: { fontWeight: 600, fontSize: 13, color: 'var(--text)', display: 'flex', alignItems: 'center', gap: 6 } },
+          selectedOrg ? selectedOrg.name : 'Your Organization',
+          h('span', { className: 'badge badge-neutral', style: { fontSize: 10 } }, 'Locked')
+        )
+      : h('select', {
+          value: selectedOrgId,
+          onChange: function(e) {
+            var id = e.target.value;
+            var org = orgs.find(function(o) { return o.id === id; });
+            onOrgChange(id, org || null);
+          },
+          style: {
+            padding: '6px 10px', borderRadius: 6, border: '1px solid var(--border)',
+            background: 'var(--bg-card)', color: 'var(--text)', fontSize: 13,
+            cursor: 'pointer', fontWeight: 600, flex: 1, maxWidth: 300
+          }
+        },
+        h('option', { value: '' }, 'My Organization'),
+        orgs.filter(function(o) { return o.is_active !== false; }).map(function(o) {
+          return h('option', { key: o.id, value: o.id }, o.name + (o.billing_rate_per_agent > 0 ? ' (' + (o.currency || 'USD') + ' ' + parseFloat(o.billing_rate_per_agent).toFixed(0) + '/agent)' : ''));
+        })
+      ),
+    selectedOrg && h('span', { style: { fontSize: 11, color: 'var(--text-muted)' } },
+      selectedOrg.contact_name ? selectedOrg.contact_name : '',
+      selectedOrg.contact_email ? ' \u2022 ' + selectedOrg.contact_email : ''
+    ),
+    // Impersonation banner
+    app.impersonating && h('span', { className: 'badge badge-warning', style: { fontSize: 10, marginLeft: 'auto' } }, 'Impersonating: ' + (user.name || user.email))
+  );
+}
+/**
+ * useOrgContext — Hook that provides org switching state.
+ * Auto-selects the user's client org if they are org-bound.
+ */
+export function useOrgContext() {
+  var app = useApp();
+  var user = app.user || {};
+  var userClientOrgId = user.clientOrgId || null;
+  var isLocked = !!userClientOrgId && user.role !== 'owner' && user.role !== 'admin';
+  // If user is org-bound (locked), always use their clientOrgId regardless of selectedOrgId
+  var selectedOrgId = isLocked ? userClientOrgId : (app.selectedOrgId || '');
+  var selectedOrg = app.selectedOrg || null;
+  var onOrgChange = app.onOrgChange || function() {};
+  // Stable Switcher reference
+  var Switcher = useCallback(function(extraProps) {
+    return h(OrgContextSwitcher, Object.assign({
+      selectedOrgId: selectedOrgId,
+      onOrgChange: onOrgChange
+    }, extraProps || {}));
+  }, [selectedOrgId, onOrgChange]);
+  return { selectedOrgId: selectedOrgId, selectedOrg: selectedOrg, onOrgChange: onOrgChange, Switcher: Switcher };
+}

package/dist/dashboard/pages/login.js CHANGED Viewed

@@ -382,6 +382,118 @@ export function OnboardingWizard({ onComplete }) {
   var set = function(k, v) { setForm(function(f) { return Object.assign({}, f, { [k]: v }); }); };
+  // ─── Smart DB URL Analysis & Auto-Optimization ─────
+  var analyzeDbUrl = function(url) {
+    if (!url) return null;
+    try {
+      var u = new URL(url);
+      var port = u.port || '5432';
+      var host = u.hostname || '';
+      var info = {
+        host: host, port: port, provider: null, isPooler: false, poolerMode: null,
+        directUrl: null, optimizedUrl: null, warnings: [], tips: [], autoFixed: []
+      };
+      // ── Supabase Detection ──────────────────────────
+      if (host.includes('.supabase.co') || host.includes('pooler.supabase.com')) {
+        info.provider = 'supabase';
+        var projectRef = u.username.replace('postgres.', '');
+        if (host.includes('pooler.supabase.com')) {
+          info.isPooler = true;
+          info.poolerMode = port === '6543' ? 'transaction' : port === '5432' ? 'session' : 'unknown';
+          // Build direct URL: db.{ref}.supabase.co:5432
+          var directU = new URL(url);
+          directU.hostname = 'db.' + projectRef + '.supabase.co';
+          directU.port = '5432';
+          directU.searchParams.delete('pgbouncer');
+          info.directUrl = directU.toString();
+          if (port === '5432') {
+            // Auto-fix: switch from session mode (5432) to transaction mode (6543)
+            var fixedU = new URL(url);
+            fixedU.port = '6543';
+            fixedU.searchParams.set('pgbouncer', 'true');
+            info.optimizedUrl = fixedU.toString();
+            info.autoFixed.push('Switched from session mode (port 5432) to transaction mode (port 6543) — higher connection limits and better for multi-process setups.');
+            info.autoFixed.push('Added ?pgbouncer=true for proper connection pooling.');
+          } else if (port === '6543') {
+            // Already on transaction mode — ensure pgbouncer param is set
+            if (!u.searchParams.get('pgbouncer')) {
+              var optU = new URL(url);
+              optU.searchParams.set('pgbouncer', 'true');
+              info.optimizedUrl = optU.toString();
+              info.autoFixed.push('Added ?pgbouncer=true parameter for proper PgBouncer transaction mode handling.');
+            }
+            info.tips.push('Transaction mode pooler detected — optimal for production.');
+          }
+          info.tips.push('Direct URL auto-generated for migrations (bypasses pooler for DDL operations).');
+        } else if (host.startsWith('db.') || host.includes('.supabase.co')) {
+          // Direct connection — build pooler URL for them
+          info.directUrl = url;
+          var region = host.match(/db\.([^.]+)\.supabase\.co/)?.[1] || projectRef;
+          // Try to detect region from hostname pattern
+          var poolerU = new URL(url);
+          // Supabase pooler format: aws-0-{region}.pooler.supabase.com
+          poolerU.hostname = 'aws-0-us-east-1.pooler.supabase.com'; // default, user may need to adjust
+          poolerU.port = '6543';
+          poolerU.username = 'postgres.' + region;
+          poolerU.searchParams.set('pgbouncer', 'true');
+          info.warnings.push('Direct connection detected. For production with multiple agents, use the Supabase connection pooler.');
+          info.tips.push('Go to Supabase Dashboard > Settings > Database > Connection string > URI, and select "Transaction mode" to get the correct pooler URL.');
+        }
+      }
+      // ── Neon Detection ──────────────────────────────
+      else if (host.includes('.neon.tech')) {
+        info.provider = 'neon';
+        info.isPooler = host.includes('-pooler');
+        if (!info.isPooler) {
+          // Auto-fix: add -pooler to hostname
+          var neonFixedU = new URL(url);
+          var parts = neonFixedU.hostname.split('.');
+          if (parts[0] && !parts[0].endsWith('-pooler')) {
+            parts[0] = parts[0] + '-pooler';
+            neonFixedU.hostname = parts.join('.');
+            info.optimizedUrl = neonFixedU.toString();
+            info.autoFixed.push('Added connection pooler endpoint (-pooler) for better connection handling.');
+          }
+          // Direct URL is the original
+          info.directUrl = url;
+          info.tips.push('Direct URL saved for migrations.');
+        } else {
+          // Already pooled — generate direct URL
+          var neonDirectU = new URL(url);
+          var neonParts = neonDirectU.hostname.split('.');
+          if (neonParts[0]) {
+            neonParts[0] = neonParts[0].replace(/-pooler$/, '');
+            neonDirectU.hostname = neonParts.join('.');
+          }
+          info.directUrl = neonDirectU.toString();
+          info.tips.push('Neon pooler detected — optimal for production. Direct URL auto-generated for migrations.');
+        }
+      }
+      // ── Generic Postgres ────────────────────────────
+      else {
+        info.provider = 'postgres';
+        // Check for common PgBouncer indicators
+        if (port === '6432' || port === '6543' || u.searchParams.get('pgbouncer') === 'true') {
+          info.isPooler = true;
+          info.poolerMode = 'transaction';
+          info.tips.push('PgBouncer detected. Connection pooling will be configured automatically.');
+        }
+      }
+      return info;
+    } catch { return null; }
+  };
+  var dbUrlInfo = useMemo(function() {
+    return analyzeDbUrl(form.dbConnectionString);
+  }, [form.dbConnectionString]);
   // ─── DB Config Builder ──────────────────────────────
   var buildDbConfig = function() {
@@ -389,7 +501,17 @@ export function OnboardingWizard({ onComplete }) {
     if (t === 'sqlite') return { type: 'sqlite' };
     if (t === 'turso') return { type: 'turso', connectionString: form.dbConnectionString, authToken: form.dbAuthToken };
     if (t === 'dynamodb') return { type: 'dynamodb', region: form.dbRegion, accessKeyId: form.dbAccessKey, secretAccessKey: form.dbSecretKey };
-    return { type: t, connectionString: form.dbConnectionString };
+    // Use optimized URL if available (auto-fixed pooler mode, pgbouncer param, etc.)
+    var connStr = (dbUrlInfo && dbUrlInfo.optimizedUrl) ? dbUrlInfo.optimizedUrl : form.dbConnectionString;
+    var config = { type: t, connectionString: connStr };
+    // Auto-attach smart DB metadata for Postgres-family databases
+    if (dbUrlInfo) {
+      config.poolerDetected = dbUrlInfo.isPooler || !!dbUrlInfo.optimizedUrl;
+      config.poolerMode = dbUrlInfo.poolerMode || (dbUrlInfo.optimizedUrl ? 'transaction' : null);
+      config.directUrl = dbUrlInfo.directUrl;
+      config.provider = dbUrlInfo.provider;
+    }
+    return config;
   };
   // ─── Actions ────────────────────────────────────────
@@ -528,9 +650,43 @@ export function OnboardingWizard({ onComplete }) {
       );
     }
     // Connection string types: postgres, mysql, mongodb, supabase, neon, planetscale, cockroachdb
-    return h('div', { className: 'form-group' },
-      h('label', { className: 'form-label' }, 'Connection String'),
-      h('input', { className: 'input', value: form.dbConnectionString, onChange: function(e) { set('dbConnectionString', e.target.value); }, placeholder: currentDbType ? currentDbType.placeholder : '' })
+    var urlHints = dbUrlInfo && form.dbConnectionString.length > 10;
+    return h(Fragment, null,
+      h('div', { className: 'form-group' },
+        h('label', { className: 'form-label' }, 'Connection String'),
+        h('input', { className: 'input', value: form.dbConnectionString, onChange: function(e) { set('dbConnectionString', e.target.value); }, placeholder: currentDbType ? currentDbType.placeholder : '' })
+      ),
+      // Smart URL analysis hints
+      urlHints && h('div', { style: { margin: '-8px 0 12px', fontSize: 12, lineHeight: 1.6 } },
+        dbUrlInfo.provider && dbUrlInfo.provider !== 'postgres' && h('div', { style: { color: 'var(--accent)', fontWeight: 500, marginBottom: 4 } },
+          dbUrlInfo.provider === 'supabase' ? '\uD83D\uDFE2 Supabase' : dbUrlInfo.provider === 'neon' ? '\uD83D\uDFE2 Neon' : dbUrlInfo.provider,
+          ' detected',
+          dbUrlInfo.isPooler || dbUrlInfo.optimizedUrl ? ' \u2014 connection will be auto-optimized' : ' (direct connection)'
+        ),
+        // Auto-fix notifications (green — things we fixed for them)
+        dbUrlInfo.autoFixed && dbUrlInfo.autoFixed.map(function(f, i) {
+          return h('div', { key: 'f' + i, style: { color: '#10b981', padding: '4px 8px', background: 'rgba(16,185,129,0.08)', borderRadius: 6, marginBottom: 4 } },
+            '\u2728 Auto-configured: ', f
+          );
+        }),
+        // Warnings (yellow — things they need to act on)
+        dbUrlInfo.warnings.map(function(w, i) {
+          return h('div', { key: 'w' + i, style: { color: 'var(--warning, #f59e0b)', padding: '4px 8px', background: 'rgba(245,158,11,0.1)', borderRadius: 6, marginBottom: 4 } },
+            '\u26A0\uFE0F ', w
+          );
+        }),
+        // Tips (informational)
+        dbUrlInfo.tips.map(function(t, i) {
+          return h('div', { key: 't' + i, style: { color: 'var(--text-secondary)', padding: '2px 0' } },
+            '\u2714\uFE0F ', t
+          );
+        }),
+        // Summary of what will be sent
+        (dbUrlInfo.directUrl || dbUrlInfo.optimizedUrl) && h('div', { style: { color: 'var(--text-secondary)', padding: '6px 8px', background: 'var(--bg-secondary)', borderRadius: 6, marginTop: 4, fontSize: 11 } },
+          dbUrlInfo.optimizedUrl && h('div', null, '\uD83D\uDD17 Pooler URL: ', h('code', { style: { fontSize: 10 } }, dbUrlInfo.optimizedUrl.substring(0, 60) + '...')),
+          dbUrlInfo.directUrl && h('div', null, '\uD83D\uDD17 Direct URL (migrations): ', h('code', { style: { fontSize: 10 } }, dbUrlInfo.directUrl.substring(0, 60) + '...'))
+        )
+      )
     );
   };

package/dist/dashboard/pages/task-pipeline.js CHANGED Viewed

@@ -231,6 +231,7 @@ var ACTIVITY_TYPE_COLORS = {
   created: '#6366f1', assigned: '#991b1b', started: '#06b6d4', in_progress: '#06b6d4',
   completed: '#15803d', failed: '#ef4444', cancelled: '#6b7394', delegated: '#a855f7',
   compaction: '#8b5cf6', error: '#ef4444',
+  crash: '#dc2626', recovery: '#f59e0b', note: '#3b82f6',
 };
 function ActivityLog(props) {
@@ -1084,7 +1085,6 @@ export function AgentTaskPipeline(props) {
   }
   return h(Fragment, null,
-    h(orgCtx.Switcher),
     active.length > 0 && h('div', { style: { marginBottom: 12 } },
       h('div', { style: { fontSize: 11, fontWeight: 600, color: STATUS_COLORS.in_progress, marginBottom: 6, display: 'flex', alignItems: 'center', gap: 4 } },
         h('div', { style: { width: 6, height: 6, borderRadius: '50%', background: STATUS_COLORS.in_progress, animation: 'flowPulse 2s infinite' } }),

package/dist/factory-3IWXVE37.js ADDED Viewed

@@ -0,0 +1,9 @@
+import {
+  createAdapter,
+  getSupportedDatabases
+} from "./chunk-D3KFSWLK.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createAdapter,
+  getSupportedDatabases
+};

package/dist/factory-5M6PTMLC.js ADDED Viewed

@@ -0,0 +1,11 @@
+import {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+} from "./chunk-BSVWPG6I.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+};

package/dist/factory-CSSHN7GE.js ADDED Viewed

@@ -0,0 +1,11 @@
+import {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+} from "./chunk-MQKIWAHQ.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+};

package/dist/factory-JFWXTAWK.js ADDED Viewed

@@ -0,0 +1,11 @@
+import {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+} from "./chunk-MJGGW6MC.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createAdapter,
+  getSupportedDatabases,
+  smartDbConfig
+};

package/dist/factory-TBGUYM5X.js ADDED Viewed

@@ -0,0 +1,9 @@
+import {
+  createAdapter,
+  getSupportedDatabases
+} from "./chunk-NGA7BBPF.js";
+import "./chunk-KFQGP6VL.js";
+export {
+  createAdapter,
+  getSupportedDatabases
+};