@agenticmail/enterprise 0.5.320 → 0.5.321

package/CHANGELOG.md

@@ -0,0 +1,68 @@
+# Changelog
+
+All notable changes to AgenticMail Enterprise are documented here.
+
+## [0.5.320] - 2026-03-05
+
+### Added
+- **Microsoft 365 Integration** — 97 tools across 13 services (Outlook Mail, Calendar, OneDrive, Teams, Excel, SharePoint, OneNote, To Do, Contacts, PowerPoint, Planner, Power BI)
+- **Microsoft Graph API helper** — Retry with backoff, rate-limit handling, auto-pagination, JSON batching
+- **Microsoft system prompts** — 12 structured prompt files mirroring Google tools pattern
+- **Task pipeline redesign** — Table/list view with status tabs, search, pagination, real-time updates via webhook
+- **Client organization data isolation** — Org-bound users see only their organization's data
+- **Visible roles configuration** — Parent org controls which roles client org users can see
+- **Cross-platform dependency manager** — macOS, Linux, Windows support with policy-driven installation
+- **Org-wide dependency policy** — Configurable from Settings > Security tab
+- **PM2 production persistence** — ecosystem.config.cjs, LaunchAgent, log rotation
+- **LOG_LEVEL env var** — Production log noise suppression
+- **Port validation** — Checks availability before local agent deployment
+- **Screen unlock** — Agents can auto-unlock machine screen
+- **Per-section editing** — Independent edit buttons on Security and Permissions tabs
+- **Dynamic sidebar company name** — Updates in real-time from settings
+- **Tiered tool loading** — ~75% tool count reduction for messaging channels
+
+### Fixed
+- DB connection pool exhaustion (MaxClientsInSessionMode)
+- Smart DB URL auto-configuration for Supabase/Neon
+- Stop-impersonation logging user out
+- Client org skills/roles showing all data during impersonation
+- Agent UUID display in compliance reports
+
+## [0.5.315] - 2026-03-03
+
+### Added
+- Client organization data isolation across all dashboard pages
+- `allowed_roles` JSONB column for role visibility control
+- Impersonation token refresh preserving org restrictions
+
+## [0.5.313] - 2026-03-01
+
+### Added
+- Smart DB URL auto-configuration (Supabase/Neon detection)
+- 7 enterprise DLP rule packs (53 rules)
+- SOC 2 Type II compliance reports with HTML export
+- Comprehensive README rewrite
+
+### Fixed
+- DB connection pool exhaustion
+- Compliance report generation crashes
+
+## [0.5.312] - 2026-02-28
+
+### Added
+- Transport encryption (AES-256-GCM)
+- Org switchers across all dashboard pages
+- DLP rule editing, enable/disable toggle, detail modal
+- Journal action detail modal
+
+### Fixed
+- Double encryption with Hono wildcard middleware
+- Engine sub-app body forwarding
+- Org switching not reloading data
+- Knowledge base auto-assign persistence
+- Workforce/guardrails/audit org filtering
+
+[0.5.320]: https://github.com/agenticmail/enterprise/releases/tag/v0.5.320
+[0.5.315]: https://github.com/agenticmail/enterprise/releases/tag/v0.5.315
+[0.5.313]: https://github.com/agenticmail/enterprise/releases/tag/v0.5.313
+[0.5.312]: https://github.com/agenticmail/enterprise/releases/tag/v0.5.312

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,31 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior:
+
+* The use of sexualized language or imagery, and sexual attention or advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to **conduct@agenticmail.io**. All complaints will be reviewed and investigated promptly and fairly.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 2.1.

package/SECURITY.md

@@ -0,0 +1,42 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 0.5.x   | :white_check_mark: |
+| < 0.5   | :x:                |
+
+## Reporting a Vulnerability
+
+**Do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them via email to **security@agenticmail.io**.
+
+You should receive an acknowledgment within 48 hours. We will send a detailed response within 7 days indicating next steps.
+
+Please include:
+
+- Description of the vulnerability
+- Steps to reproduce
+- Impact assessment
+- Any suggested fixes (optional)
+
+## Security Measures
+
+AgenticMail Enterprise implements multiple layers of security:
+
+- **Transport Encryption** — AES-256-GCM encryption for all API traffic
+- **Data Loss Prevention (DLP)** — Real-time content scanning with 53 built-in rules across 7 categories
+- **Role-Based Access Control (RBAC)** — Granular permissions with preset profiles
+- **Multi-Tenant Isolation** — Client organization data isolation across all endpoints
+- **Audit Logging** — Comprehensive action journal with org-scoped filtering
+- **SOC 2 Type II Compliance** — Automated reporting across all 9 Common Criteria (CC1-CC9)
+- **OAuth 2.0 / SAML / OIDC** — Enterprise SSO with provider-based tool auto-detection
+- **Rate Limiting** — Configurable per-endpoint and per-agent limits
+- **CORS / Security Headers** — Strict origin validation and security header enforcement
+- **Outbound Guard** — PII and credential scanning on all outgoing communications
+
+## Disclosure Policy
+
+We follow responsible disclosure. Security issues are patched in private and released as part of the next version. Critical vulnerabilities may receive out-of-band patches.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenticmail/enterprise",
-  "version": "0.5.320",
+  "version": "0.5.321",
   "description": "AgenticMail Enterprise — cloud-hosted AI agent identity, email, auth & compliance for organizations",
   "type": "module",
   "bin": {
@@ -28,10 +28,31 @@
     "saml",
     "oidc",
     "scim",
-    "identity"
+    "identity",
+    "ai-agents",
+    "agent-platform",
+    "microsoft-365",
+    "google-workspace",
+    "compliance",
+    "soc2",
+    "gdpr",
+    "dlp",
+    "data-loss-prevention",
+    "oauth",
+    "multi-tenant",
+    "workforce-management",
+    "task-pipeline",
+    "telegram-bot",
+    "whatsapp-bot",
+    "voice-ai",
+    "google-meet",
+    "dependency-management",
+    "audit-log",
+    "rbac",
+    "encryption"
   ],
   "author": "Ope Olatunji (https://github.com/ope-olatunji)",
-  "homepage": "https://github.com/agenticmail/enterprise",
+  "homepage": "https://agenticmail.io",
   "repository": {
     "type": "git",
     "url": "https://github.com/agenticmail/enterprise.git"
@@ -90,5 +111,12 @@
     "mongodb": "^6.3.0",
     "mysql2": "^3.9.0",
     "postgres": "^3.4.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "funding": {
+    "type": "individual",
+    "url": "https://agenticmail.io"
   }
 }

package/.github/CODEOWNERS

@@ -1,23 +0,0 @@
-# ─── AgenticMail Enterprise Code Owners ───────────────
-#
-# These owners are automatically requested for review
-# when a PR touches matching paths.
-#
-# IMPORTANT: Enable "Require review from Code Owners" in
-# GitHub repo Settings → Branches → Branch protection rules
-# for the `main` branch to enforce this.
-
-# Core engine — requires core team review
-src/engine/     @agenticmail/core-team
-src/server.ts   @agenticmail/core-team
-src/auth/       @agenticmail/core-team
-src/admin/      @agenticmail/core-team
-
-# Community skills — ALL submissions require maintainer review
-# No community skill can be merged without explicit approval
-community-skills/   @agenticmail/skill-reviewers
-
-# CI/CD and repo config — requires admin review
-.github/        @agenticmail/core-team
-CLAUDE.md       @agenticmail/core-team
-package.json    @agenticmail/core-team

package/.github/workflows/publish-community-skills.yml

@@ -1,121 +0,0 @@
-name: Publish Community Skills
-
-# IMPORTANT: This workflow only runs AFTER code is merged into main.
-# It does NOT auto-approve or auto-merge PRs.
-# All community skill PRs must be reviewed and approved by a maintainer
-# (enforced by CODEOWNERS + branch protection rules) before this runs.
-#
-# After a maintainer-approved merge:
-# 1. Rebuilds community-skills/index.json (the registry index deployed instances fetch)
-# 2. Optionally pushes each skill to a live registry API
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - 'community-skills/**'
-
-permissions:
-  contents: write
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 2
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-
-      # ── Generate index.json ─────────────────────────
-      # This is the file that deployed instances fetch to discover new skills.
-      # Every community-skills/<id>/agenticmail-skill.json gets listed here.
-
-      - name: Generate community-skills/index.json
-        run: |
-          node -e "
-            const fs = require('fs');
-            const path = require('path');
-            const dir = 'community-skills';
-            const skills = [];
-
-            for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
-              if (!entry.isDirectory() || entry.name.startsWith('_') || entry.name.startsWith('.')) continue;
-              const manifestPath = path.join(dir, entry.name, 'agenticmail-skill.json');
-              try {
-                const manifest = JSON.parse(fs.readFileSync(manifestPath, 'utf-8'));
-                skills.push({
-                  id: manifest.id,
-                  name: manifest.name,
-                  version: manifest.version,
-                  author: manifest.author,
-                  category: manifest.category,
-                  risk: manifest.risk,
-                  description: manifest.description,
-                });
-              } catch (err) {
-                console.error('Skipping ' + entry.name + ': ' + err.message);
-              }
-            }
-
-            const index = {
-              generatedAt: new Date().toISOString(),
-              count: skills.length,
-              skills,
-            };
-
-            fs.writeFileSync(path.join(dir, 'index.json'), JSON.stringify(index, null, 2) + '\n');
-            console.log('Generated index.json with ' + skills.length + ' skills');
-          "
-
-      - name: Commit index.json
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add community-skills/index.json
-          git diff --cached --quiet && echo "No changes to index.json" && exit 0
-          git commit -m "chore: update community-skills index [skip ci]"
-          git push
-
-      # ── Publish to live registry (optional) ─────────
-      # If ENTERPRISE_REGISTRY_URL is configured, also push directly to a live server.
-
-      - name: Find changed skill directories
-        id: changed
-        run: |
-          CHANGED=$(git diff --name-only HEAD~1 HEAD -- community-skills/ || true)
-          DIRS=$(echo "$CHANGED" | grep -oP 'community-skills/[^/]+' | sort -u | grep -v '_template' || true)
-          echo "dirs<<EOF" >> $GITHUB_OUTPUT
-          echo "$DIRS" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-          COUNT=$(echo "$DIRS" | grep -c '.' || echo "0")
-          echo "count=$COUNT" >> $GITHUB_OUTPUT
-
-      - name: Publish to live registry
-        if: steps.changed.outputs.count != '0' && env.REGISTRY_URL != ''
-        env:
-          REGISTRY_URL: ${{ secrets.ENTERPRISE_REGISTRY_URL }}
-          REGISTRY_TOKEN: ${{ secrets.ENTERPRISE_API_KEY }}
-        run: |
-          while IFS= read -r dir; do
-            [ -z "$dir" ] && continue
-            SKILL_ID=$(basename "$dir")
-            MANIFEST="$dir/agenticmail-skill.json"
-            [ ! -f "$MANIFEST" ] && continue
-
-            echo "Publishing $SKILL_ID..."
-            HTTP_CODE=$(curl -s -o /tmp/response.json -w "%{http_code}" \
-              -X POST "${REGISTRY_URL}/api/engine/community/skills/publish" \
-              -H "Content-Type: application/json" \
-              -H "Authorization: Bearer ${REGISTRY_TOKEN}" \
-              -d @"$MANIFEST")
-
-            if [ "$HTTP_CODE" -ge 200 ] && [ "$HTTP_CODE" -lt 300 ]; then
-              echo "Published $SKILL_ID (HTTP $HTTP_CODE)"
-            else
-              echo "::warning::Failed to publish $SKILL_ID (HTTP $HTTP_CODE)"
-            fi
-          done <<< "${{ steps.changed.outputs.dirs }}"

package/.github/workflows/validate-community-skills.yml

@@ -1,172 +0,0 @@
-name: Validate Community Skills
-
-on:
-  pull_request:
-    paths:
-      - 'community-skills/**'
-    types: [opened, synchronize, reopened]
-
-permissions:
-  contents: read
-  pull-requests: write
-
-jobs:
-  validate:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-          cache: 'npm'
-
-      - run: npm ci
-
-      - run: npm run build
-
-      - name: Find changed skill directories
-        id: changed
-        run: |
-          CHANGED=$(git diff --name-only ${{ github.event.pull_request.base.sha }} HEAD -- community-skills/ || true)
-          DIRS=$(echo "$CHANGED" | grep -oP 'community-skills/[^/]+' | sort -u | grep -v '_template' || true)
-          echo "dirs<<EOF" >> $GITHUB_OUTPUT
-          echo "$DIRS" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-          COUNT=$(echo "$DIRS" | grep -c '.' || echo "0")
-          echo "count=$COUNT" >> $GITHUB_OUTPUT
-
-      - name: Validate each skill
-        id: validate
-        if: steps.changed.outputs.count != '0'
-        run: |
-          FAILED=0
-          RESULTS=""
-          while IFS= read -r dir; do
-            [ -z "$dir" ] && continue
-            SKILL_ID=$(basename "$dir")
-            echo "::group::Validating $SKILL_ID"
-            if [ -f "$dir/agenticmail-skill.json" ]; then
-              OUTPUT=$(node dist/cli.js validate "$dir" --json 2>&1)
-              echo "$OUTPUT"
-              VALID=$(echo "$OUTPUT" | node -e "const d=require('fs').readFileSync('/dev/stdin','utf-8'); try{const j=JSON.parse(d); console.log(j.results?.[0]?.valid ? 'true':'false')}catch{console.log('false')}")
-              if [ "$VALID" = "true" ]; then
-                RESULTS="${RESULTS}| \`${SKILL_ID}\` | ✅ Passed | — |\n"
-              else
-                ERRORS=$(echo "$OUTPUT" | node -e "const d=require('fs').readFileSync('/dev/stdin','utf-8'); try{const j=JSON.parse(d); console.log((j.results?.[0]?.errors||[]).join(', '))}catch{console.log('parse error')}")
-                RESULTS="${RESULTS}| \`${SKILL_ID}\` | ❌ Failed | ${ERRORS} |\n"
-                FAILED=1
-              fi
-            else
-              echo "::error::Missing agenticmail-skill.json in $dir"
-              RESULTS="${RESULTS}| \`${SKILL_ID}\` | ❌ Failed | Missing agenticmail-skill.json |\n"
-              FAILED=1
-            fi
-            echo "::endgroup::"
-          done <<< "${{ steps.changed.outputs.dirs }}"
-          echo "results<<EOF" >> $GITHUB_OUTPUT
-          echo -e "$RESULTS" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-          echo "failed=$FAILED" >> $GITHUB_OUTPUT
-          exit $FAILED
-
-      - name: Check for README
-        if: steps.changed.outputs.count != '0'
-        id: readme
-        run: |
-          MISSING=""
-          while IFS= read -r dir; do
-            [ -z "$dir" ] && continue
-            if [ ! -f "$dir/README.md" ]; then
-              MISSING="${MISSING}$(basename $dir), "
-            fi
-          done <<< "${{ steps.changed.outputs.dirs }}"
-          echo "missing=$MISSING" >> $GITHUB_OUTPUT
-
-      - name: Label PR
-        if: always() && steps.changed.outputs.count != '0'
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const labels = ['community-skill', 'needs-maintainer-review'];
-            if ('${{ steps.validate.outputs.failed }}' === '0') {
-              labels.push('validated');
-            } else {
-              labels.push('validation-failed');
-            }
-            await github.rest.issues.addLabels({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              labels,
-            });
-
-      - name: Post review checklist
-        if: always() && steps.changed.outputs.count != '0'
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const passed = '${{ steps.validate.outputs.failed }}' === '0';
-            const validationStatus = passed ? '✅ All checks passed' : '❌ Validation failed — see errors below';
-            const missingReadme = '${{ steps.readme.outputs.missing }}'.trim();
-
-            const body = `### Community Skill Review
-
-            **Automated Validation:** ${validationStatus}
-            **Skills checked:** ${{ steps.changed.outputs.count }}
-
-            #### Validation Results
-
-            | Skill | Status | Errors |
-            |-------|--------|--------|
-            ${{ steps.validate.outputs.results }}
-
-            ${missingReadme ? `⚠️ **Missing README.md:** ${missingReadme}\n` : ''}
-
-            ---
-
-            #### Maintainer Review Checklist
-
-            > **This PR requires manual review from a maintainer before merging.**
-            > Automated validation only checks the manifest format — a human must
-            > review the actual skill design, tool definitions, and risk assessment.
-
-            - [ ] **Tool IDs are sensibly named** and follow the \`prefix_action\` convention
-            - [ ] **Descriptions are accurate** and clearly explain what each tool does
-            - [ ] **Risk levels are appropriate** — destructive tools should be \`high\`/\`critical\`
-            - [ ] **Side effects are correctly declared** (sends-email, deletes-data, etc.)
-            - [ ] **Category is correct** for the application type
-            - [ ] **No malicious or deceptive tool definitions** hiding behind legitimate names
-            - [ ] **Config schema is reasonable** — no unnecessary secrets or permissions
-            - [ ] **README documents** all tools, configuration, and usage
-            - [ ] **License is appropriate** for community contribution
-
-            ---
-            *Automated by [AgenticMail Enterprise CI](https://github.com/agenticmail/enterprise) — maintainer approval required to merge*`;
-
-            const comments = await github.rest.issues.listComments({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-            });
-            const existing = comments.data.find(c =>
-              c.body?.includes('Community Skill Review') && c.user?.type === 'Bot'
-            );
-
-            if (existing) {
-              await github.rest.issues.updateComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: existing.id,
-                body,
-              });
-            } else {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.issue.number,
-                body,
-              });
-            }

package/agriculture_southwest_nigeria_research.txt

@@ -1,10 +0,0 @@
-Agriculture & Farmland in South West Nigeria – Research Report
-
-This research document contains analysis of agricultural practices, farmland opportunities, and market conditions in South West Nigeria.
-
-Note: This is a placeholder file as I cannot directly access the Google Docs content without authentication. The original document is available at:
-https://docs.google.com/document/d/1DHhVPN13Gjg9roFwUlpcRcT_EFwEVlJOyCHuUOIhuR4/edit
-
-To access the full content, you would need to:
-1. Sign in to Google Docs  
-2. Download the document directly from the link above

package/boa_credit_cards_research.txt

@@ -1,10 +0,0 @@
-Bank of America Credit Cards – Competitor Research Report
-
-This research document contains analysis of Bank of America's credit card offerings, competitive positioning, and market insights. 
-
-Note: This is a placeholder file as I cannot directly access the Google Docs content without authentication. The original document is available at:
-https://docs.google.com/document/d/1m0xznamEn5fMASM0jbje3TPJYLrwr50ptnGYZQe9q98/edit
-
-To access the full content, you would need to:
-1. Sign in to Google Docs
-2. Download the document directly from the link above

package/customer_support_research_feb2026.txt

@@ -1,10 +0,0 @@
-Customer Support Research - Feb 2026
-
-This research document contains customer support analysis, trends, and insights for February 2026.
-
-Note: This is a placeholder file as I cannot directly access the Google Docs content without authentication. The original document is available at:
-https://docs.google.com/document/d/1GUAahCwtMWcIuZRyOAdAVPN2qu9D6j7fvQjS9WiANxU/edit
-
-To access the full content, you would need to:
-1. Sign in to Google Docs
-2. Download the document directly from the link above

package/ecosystem.config.cjs

@@ -1,120 +0,0 @@
-/**
- * PM2 Ecosystem Config — Production-grade process management
- *
- * Features:
- * - Exponential backoff on crash (prevents rapid restart loops)
- * - Max memory restart (prevents memory leaks)
- * - Graceful shutdown with kill timeout
- * - Log rotation via pm2-logrotate module
- * - Auto-start on boot via launchd (macOS) / systemd (Linux)
- *
- * Usage:
- *   pm2 start ecosystem.config.cjs
- *   pm2 save   # persist for auto-start on reboot
- */
-
-const { readFileSync } = require('fs');
-const { resolve } = require('path');
-
-const BASE_DIR = __dirname;
-
-// Parse .env file into object
-function loadEnv(filename) {
-  const filepath = resolve(BASE_DIR, filename);
-  try {
-    const content = readFileSync(filepath, 'utf-8');
-    const env = {};
-    for (const line of content.split('\n')) {
-      const trimmed = line.trim();
-      if (!trimmed || trimmed.startsWith('#')) continue;
-      const eq = trimmed.indexOf('=');
-      if (eq === -1) continue;
-      const key = trimmed.slice(0, eq).trim();
-      let val = trimmed.slice(eq + 1).trim();
-      // Strip surrounding quotes
-      if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
-        val = val.slice(1, -1);
-      }
-      env[key] = val;
-    }
-    return env;
-  } catch {
-    return {};
-  }
-}
-
-const envBase = loadEnv('.env');
-const envFola = { ...envBase, ...loadEnv('.env.fola'), NODE_ENV: 'production', LOG_LEVEL: 'warn' };
-const envJohn = { ...envBase, ...loadEnv('.env.john'), NODE_ENV: 'production', LOG_LEVEL: 'warn' };
-const envEnterprise = { ...envBase, NODE_ENV: 'production', LOG_LEVEL: 'warn' };
-
-// Shared restart policy
-const RESTART_POLICY = {
-  autorestart: true,
-  max_restarts: 50,
-  min_uptime: '10s',
-  exp_backoff_restart_delay: 1500,
-  kill_timeout: 10000,
-  watch: false,
-};
-
-// Shared log config
-function logConfig(name) {
-  return {
-    error_file: resolve(BASE_DIR, `logs/${name}-error.log`),
-    out_file: resolve(BASE_DIR, `logs/${name}-out.log`),
-    log_date_format: 'YYYY-MM-DD HH:mm:ss',
-    merge_logs: true,
-  };
-}
-
-module.exports = {
-  apps: [
-    {
-      name: 'enterprise',
-      script: 'dist/cli.js',
-      args: 'serve',
-      cwd: BASE_DIR,
-      node_args: '--max-old-space-size=512',
-      env: envEnterprise,
-      max_memory_restart: '512M',
-      listen_timeout: 15000,
-      ...RESTART_POLICY,
-      ...logConfig('enterprise'),
-    },
-    {
-      name: 'fola-agent',
-      script: 'dist/cli.js',
-      args: 'agent',
-      cwd: BASE_DIR,
-      node_args: '--max-old-space-size=384',
-      env: envFola,
-      max_memory_restart: '384M',
-      ...RESTART_POLICY,
-      ...logConfig('fola'),
-    },
-    {
-      name: 'john-agent',
-      script: 'dist/cli.js',
-      args: 'agent',
-      cwd: BASE_DIR,
-      node_args: '--max-old-space-size=384',
-      env: envJohn,
-      max_memory_restart: '384M',
-      ...RESTART_POLICY,
-      ...logConfig('john'),
-    },
-    {
-      name: 'cloudflared',
-      script: 'cloudflared',
-      args: 'tunnel run agenticmail',
-      cwd: BASE_DIR,
-      interpreter: 'none',
-      max_memory_restart: '128M',
-      ...RESTART_POLICY,
-      max_restarts: 100,
-      exp_backoff_restart_delay: 3000,
-      ...logConfig('cloudflared'),
-    },
-  ],
-};

package/src/dashboard/docs/_template.txt

@@ -1,92 +0,0 @@
-DOCS TEMPLATE — All doc pages must follow this exact structure:
-
-FILE: /Users/ope/Desktop/projects/agenticmail/enterprise/src/dashboard/docs/{page-name}.html
-URL: /docs/{page-name}
-
-STRUCTURE:
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>{Page Title} — AgenticMail Enterprise</title>
-<style>
-  :root {
-    --bg-primary: #0f1117; --bg-secondary: #161822; --bg-tertiary: #1c1f2e; --bg-card: #181b28;
-    --text-primary: #e8eaf0; --text-secondary: #9ca3b8; --text-muted: #6b7394;
-    --accent: #6366f1; --accent-soft: rgba(99,102,241,0.12);
-    --border: #2a2f45; --border-light: #353a52; --radius: 10px;
-    --success: #15803d; --warning: #eab308; --danger: #ef4444;
-    --info-soft: rgba(99,102,241,0.06);
-  }
-  [data-theme="light"] {
-    --bg-primary: #d0c5a0; --bg-secondary: #ddd3b2; --bg-tertiary: #c8bc94; --bg-card: #e5dcc0;
-    --text-primary: #2c2410; --text-secondary: #3d3520; --text-muted: #6b5e42;
-    --accent: #2563eb; --accent-soft: rgba(37,99,235,0.1);
-    --border: #b8ad8a; --border-light: #a89e7a; --info-soft: rgba(37,99,235,0.06);
-  }
-  * { box-sizing: border-box; margin: 0; padding: 0; }
-  body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; background: var(--bg-primary); color: var(--text-primary); line-height: 1.7; padding: 32px; max-width: 900px; margin: 0 auto; }
-  h1 { font-size: 28px; margin-bottom: 8px; }
-  h2 { font-size: 20px; margin: 32px 0 12px; padding-bottom: 8px; border-bottom: 1px solid var(--border); }
-  h3 { font-size: 16px; margin: 20px 0 8px; color: var(--accent); }
-  p { margin-bottom: 12px; color: var(--text-secondary); }
-  code { background: var(--bg-primary); border: 1px solid var(--border); padding: 2px 6px; border-radius: 4px; font-size: 13px; color: var(--accent); }
-  pre { background: var(--bg-primary); border: 1px solid var(--border); padding: 16px; border-radius: var(--radius); overflow-x: auto; margin: 12px 0; font-size: 13px; line-height: 1.5; color: var(--text-secondary); }
-  pre code { background: none; border: none; padding: 0; }
-  .card { background: var(--bg-card); border: 1px solid var(--border); border-radius: var(--radius); padding: 20px; margin: 16px 0; }
-  .tip { background: var(--info-soft); border: 1px solid rgba(59,130,246,0.3); padding: 12px 16px; border-radius: var(--radius); margin: 12px 0; font-size: 13px; color: var(--text-secondary); }
-  .warning { background: rgba(245,158,11,0.08); border: 1px solid rgba(245,158,11,0.3); padding: 12px 16px; border-radius: var(--radius); margin: 12px 0; font-size: 13px; color: var(--text-secondary); }
-  .danger { background: rgba(239,68,68,0.08); border: 1px solid rgba(239,68,68,0.3); padding: 12px 16px; border-radius: var(--radius); margin: 12px 0; font-size: 13px; color: var(--text-secondary); }
-  table { width: 100%; border-collapse: collapse; margin: 12px 0; font-size: 13px; }
-  th, td { text-align: left; padding: 8px 12px; border: 1px solid var(--border); color: var(--text-secondary); }
-  th { background: var(--bg-secondary); font-weight: 600; color: var(--text-primary); }
-  ul, ol { padding-left: 24px; margin-bottom: 12px; color: var(--text-secondary); }
-  li { margin-bottom: 6px; }
-  .badge { display: inline-block; padding: 2px 8px; border-radius: 4px; font-size: 11px; font-weight: 600; }
-  .badge-easy { background: rgba(21,128,61,0.2); color: var(--success); }
-  .badge-medium { background: rgba(245,158,11,0.2); color: var(--warning); }
-  .badge-advanced { background: rgba(239,68,68,0.2); color: var(--danger); }
-  a { color: var(--accent); }
-  .back { display: inline-block; margin-bottom: 20px; font-size: 13px; color: var(--text-muted); text-decoration: none; }
-  .back:hover { color: var(--text-primary); }
-  strong { color: var(--text-primary); }
-  .nav-links { display: flex; gap: 12px; flex-wrap: wrap; margin: 16px 0; padding: 12px; background: var(--bg-tertiary); border-radius: var(--radius); }
-  .nav-links a { font-size: 12px; padding: 4px 10px; background: var(--bg-card); border: 1px solid var(--border); border-radius: 6px; text-decoration: none; }
-  .toc { background: var(--bg-card); border: 1px solid var(--border); border-radius: var(--radius); padding: 16px 20px; margin: 16px 0; }
-  .toc h3 { margin: 0 0 8px; font-size: 14px; }
-  .toc ul { list-style: none; padding: 0; }
-  .toc li { margin: 4px 0; }
-  .toc a { font-size: 13px; text-decoration: none; }
-</style>
-<script>
-  // Sync theme with dashboard
-  var t = localStorage.getItem('em_theme') || 'dark';
-  document.documentElement.setAttribute('data-theme', t);
-</script>
-</head>
-<body>
-<a href="javascript:history.back()" class="back">← Back to Dashboard</a>
-<h1>{Page Title}</h1>
-<p style="color: var(--text-muted); margin-bottom: 24px;">{Subtitle — what this page/feature does}</p>
-
-REQUIRED SECTIONS:
-1. Table of Contents (if page has 3+ sections)
-2. Overview — what it is, why it matters (both technical and non-technical explanation)
-3. How It Works — step-by-step with screenshots/diagrams described
-4. Key Concepts — definitions, terminology
-5. Configuration / Setup — how to set it up
-6. Best Practices — tips for getting the most out of it
-7. Troubleshooting — common issues
-8. Related Pages — links to other doc pages
-
-TONE:
-- Friendly but professional (like Stripe docs)
-- Both technical and non-technical audiences
-- Use .tip, .warning, .danger boxes for callouts
-- Use .card for grouped information
-- Use tables for comparisons/reference
-- Use code blocks for API/config examples
-- Research paper depth but blog post readability
-</content>
-</invoke>