npm - @agentlensai/server - Versions diffs - 0.11.0 → 0.13.0 - Mend

@agentlensai/server 0.11.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (633) hide show

package/LICENSE +21 -0
package/dist/cloud/auth/rbac.d.ts +1 -1
package/dist/cloud/auth/rbac.d.ts.map +1 -1
package/dist/cloud/auth/rbac.js +2 -2
package/dist/cloud/auth/rbac.js.map +1 -1
package/dist/cloud/billing/stripe-client.d.ts.map +1 -1
package/dist/cloud/billing/stripe-client.js +6 -1
package/dist/cloud/billing/stripe-client.js.map +1 -1
package/dist/cloud/ingestion/gateway.d.ts.map +1 -1
package/dist/cloud/ingestion/gateway.js +0 -1
package/dist/cloud/ingestion/gateway.js.map +1 -1
package/dist/cloud/middleware/validate-org-access.d.ts +14 -0
package/dist/cloud/middleware/validate-org-access.d.ts.map +1 -0
package/dist/cloud/middleware/validate-org-access.js +38 -0
package/dist/cloud/middleware/validate-org-access.js.map +1 -0
package/dist/cloud/routes/index.d.ts +13 -0
package/dist/cloud/routes/index.d.ts.map +1 -0
package/dist/cloud/routes/index.js +98 -0
package/dist/cloud/routes/index.js.map +1 -0
package/dist/config.d.ts +33 -1
package/dist/config.d.ts.map +1 -1
package/dist/config.js +71 -1
package/dist/config.js.map +1 -1
package/dist/db/api-key-lookup.d.ts +25 -0
package/dist/db/api-key-lookup.d.ts.map +1 -0
package/dist/db/api-key-lookup.js +38 -0
package/dist/db/api-key-lookup.js.map +1 -0
package/dist/db/connection.postgres.d.ts +44 -0
package/dist/db/connection.postgres.d.ts.map +1 -0
package/dist/db/connection.postgres.js +79 -0
package/dist/db/connection.postgres.js.map +1 -0
package/dist/db/cost-budget-store.d.ts +30 -0
package/dist/db/cost-budget-store.d.ts.map +1 -0
package/dist/db/cost-budget-store.js +201 -0
package/dist/db/cost-budget-store.js.map +1 -0
package/dist/db/drizzle/0000_initial.sql +336 -0
package/dist/db/drizzle/0001_indexes.sql +20 -0
package/dist/db/drizzle/0002_pgvector.sql +19 -0
package/dist/db/drizzle/drizzle/0000_initial.sql +336 -0
package/dist/db/drizzle/drizzle/0001_indexes.sql +20 -0
package/dist/db/drizzle/drizzle/0002_pgvector.sql +19 -0
package/dist/db/drizzle/drizzle/meta/0000_snapshot.json +2593 -0
package/dist/db/drizzle/drizzle/meta/_journal.json +27 -0
package/dist/db/drizzle/meta/0000_snapshot.json +2593 -0
package/dist/db/drizzle/meta/_journal.json +27 -0
package/dist/db/embedding-store.d.ts +2 -1
package/dist/db/embedding-store.d.ts.map +1 -1
package/dist/db/embedding-store.interface.d.ts +19 -0
package/dist/db/embedding-store.interface.d.ts.map +1 -0
package/dist/db/embedding-store.interface.js +7 -0
package/dist/db/embedding-store.interface.js.map +1 -0
package/dist/db/embedding-store.js +3 -1
package/dist/db/embedding-store.js.map +1 -1
package/dist/db/eval-store.d.ts +88 -0
package/dist/db/eval-store.d.ts.map +1 -0
package/dist/db/eval-store.js +408 -0
package/dist/db/eval-store.js.map +1 -0
package/dist/db/guardrail-store.d.ts +9 -0
package/dist/db/guardrail-store.d.ts.map +1 -1
package/dist/db/guardrail-store.js +57 -3
package/dist/db/guardrail-store.js.map +1 -1
package/dist/db/index.d.ts +7 -0
package/dist/db/index.d.ts.map +1 -1
package/dist/db/index.js +4 -12
package/dist/db/index.js.map +1 -1
package/dist/db/migrate.d.ts +5 -22
package/dist/db/migrate.d.ts.map +1 -1
package/dist/db/migrate.js +7 -637
package/dist/db/migrate.js.map +1 -1
package/dist/db/migrate.postgres.d.ts +16 -0
package/dist/db/migrate.postgres.d.ts.map +1 -0
package/dist/db/migrate.postgres.js +23 -0
package/dist/db/migrate.postgres.js.map +1 -0
package/dist/db/migrate.sqlite.d.ts +26 -0
package/dist/db/migrate.sqlite.d.ts.map +1 -0
package/dist/db/migrate.sqlite.js +920 -0
package/dist/db/migrate.sqlite.js.map +1 -0
package/dist/db/postgres-embedding-store.d.ts +23 -0
package/dist/db/postgres-embedding-store.d.ts.map +1 -0
package/dist/db/postgres-embedding-store.js +218 -0
package/dist/db/postgres-embedding-store.js.map +1 -0
package/dist/db/postgres-store.d.ts +80 -0
package/dist/db/postgres-store.d.ts.map +1 -0
package/dist/db/postgres-store.js +910 -0
package/dist/db/postgres-store.js.map +1 -0
package/dist/db/prompt-store.d.ts +57 -0
package/dist/db/prompt-store.d.ts.map +1 -0
package/dist/db/prompt-store.js +300 -0
package/dist/db/prompt-store.js.map +1 -0
package/dist/db/repositories/agent-repository.d.ts +21 -0
package/dist/db/repositories/agent-repository.d.ts.map +1 -0
package/dist/db/repositories/agent-repository.js +142 -0
package/dist/db/repositories/agent-repository.js.map +1 -0
package/dist/db/repositories/alert-repository.d.ts +27 -0
package/dist/db/repositories/alert-repository.d.ts.map +1 -0
package/dist/db/repositories/alert-repository.js +164 -0
package/dist/db/repositories/alert-repository.js.map +1 -0
package/dist/db/repositories/analytics-repository.d.ts +24 -0
package/dist/db/repositories/analytics-repository.d.ts.map +1 -0
package/dist/db/repositories/analytics-repository.js +147 -0
package/dist/db/repositories/analytics-repository.js.map +1 -0
package/dist/db/repositories/event-repository.d.ts +81 -0
package/dist/db/repositories/event-repository.d.ts.map +1 -0
package/dist/db/repositories/event-repository.js +331 -0
package/dist/db/repositories/event-repository.js.map +1 -0
package/dist/db/repositories/notification-channel-repository.d.ts +28 -0
package/dist/db/repositories/notification-channel-repository.d.ts.map +1 -0
package/dist/db/repositories/notification-channel-repository.js +151 -0
package/dist/db/repositories/notification-channel-repository.js.map +1 -0
package/dist/db/repositories/session-repository.d.ts +26 -0
package/dist/db/repositories/session-repository.d.ts.map +1 -0
package/dist/db/repositories/session-repository.js +240 -0
package/dist/db/repositories/session-repository.js.map +1 -0
package/dist/db/schema.postgres.d.ts +4681 -0
package/dist/db/schema.postgres.d.ts.map +1 -0
package/dist/db/schema.postgres.js +458 -0
package/dist/db/schema.postgres.js.map +1 -0
package/dist/db/schema.sqlite.d.ts +2221 -671
package/dist/db/schema.sqlite.d.ts.map +1 -1
package/dist/db/schema.sqlite.js +137 -2
package/dist/db/schema.sqlite.js.map +1 -1
package/dist/db/services/retention-service.d.ts +13 -0
package/dist/db/services/retention-service.d.ts.map +1 -0
package/dist/db/services/retention-service.js +48 -0
package/dist/db/services/retention-service.js.map +1 -0
package/dist/db/shared/query-helpers.d.ts +32 -0
package/dist/db/shared/query-helpers.d.ts.map +1 -0
package/dist/db/shared/query-helpers.js +180 -0
package/dist/db/shared/query-helpers.js.map +1 -0
package/dist/db/sqlite-store.d.ts +48 -55
package/dist/db/sqlite-store.d.ts.map +1 -1
package/dist/db/sqlite-store.js +78 -945
package/dist/db/sqlite-store.js.map +1 -1
package/dist/db/tenant-scoped-store.d.ts +18 -1
package/dist/db/tenant-scoped-store.d.ts.map +1 -1
package/dist/db/tenant-scoped-store.js +6 -0
package/dist/db/tenant-scoped-store.js.map +1 -1
package/dist/index.d.ts +28 -14
package/dist/index.d.ts.map +1 -1
package/dist/index.js +432 -97
package/dist/index.js.map +1 -1
package/dist/lib/alert-engine.d.ts +10 -0
package/dist/lib/alert-engine.d.ts.map +1 -1
package/dist/lib/alert-engine.js +73 -20
package/dist/lib/alert-engine.js.map +1 -1
package/dist/lib/audit-verify.d.ts +40 -0
package/dist/lib/audit-verify.d.ts.map +1 -0
package/dist/lib/audit-verify.js +128 -0
package/dist/lib/audit-verify.js.map +1 -0
package/dist/lib/audit.d.ts +37 -0
package/dist/lib/audit.d.ts.map +1 -0
package/dist/lib/audit.js +59 -0
package/dist/lib/audit.js.map +1 -0
package/dist/lib/budget-engine.d.ts +26 -0
package/dist/lib/budget-engine.d.ts.map +1 -0
package/dist/lib/budget-engine.js +201 -0
package/dist/lib/budget-engine.js.map +1 -0
package/dist/lib/compliance-export.d.ts +41 -0
package/dist/lib/compliance-export.d.ts.map +1 -0
package/dist/lib/compliance-export.js +124 -0
package/dist/lib/compliance-export.js.map +1 -0
package/dist/lib/compliance-report.d.ts +87 -0
package/dist/lib/compliance-report.d.ts.map +1 -0
package/dist/lib/compliance-report.js +148 -0
package/dist/lib/compliance-report.js.map +1 -0
package/dist/lib/context/retrieval.d.ts +5 -3
package/dist/lib/context/retrieval.d.ts.map +1 -1
package/dist/lib/context/retrieval.js +5 -2
package/dist/lib/context/retrieval.js.map +1 -1
package/dist/lib/cost-anomaly-detector.d.ts +23 -0
package/dist/lib/cost-anomaly-detector.d.ts.map +1 -0
package/dist/lib/cost-anomaly-detector.js +108 -0
package/dist/lib/cost-anomaly-detector.js.map +1 -0
package/dist/lib/db-resilience.d.ts +15 -0
package/dist/lib/db-resilience.d.ts.map +1 -0
package/dist/lib/db-resilience.js +49 -0
package/dist/lib/db-resilience.js.map +1 -0
package/dist/lib/diagnostics/cache.d.ts +29 -0
package/dist/lib/diagnostics/cache.d.ts.map +1 -0
package/dist/lib/diagnostics/cache.js +88 -0
package/dist/lib/diagnostics/cache.js.map +1 -0
package/dist/lib/diagnostics/context-builder.d.ts +41 -0
package/dist/lib/diagnostics/context-builder.d.ts.map +1 -0
package/dist/lib/diagnostics/context-builder.js +135 -0
package/dist/lib/diagnostics/context-builder.js.map +1 -0
package/dist/lib/diagnostics/index.d.ts +34 -0
package/dist/lib/diagnostics/index.d.ts.map +1 -0
package/dist/lib/diagnostics/index.js +223 -0
package/dist/lib/diagnostics/index.js.map +1 -0
package/dist/lib/diagnostics/llm-client.d.ts +24 -0
package/dist/lib/diagnostics/llm-client.d.ts.map +1 -0
package/dist/lib/diagnostics/llm-client.js +42 -0
package/dist/lib/diagnostics/llm-client.js.map +1 -0
package/dist/lib/diagnostics/prompt-templates.d.ts +18 -0
package/dist/lib/diagnostics/prompt-templates.d.ts.map +1 -0
package/dist/lib/diagnostics/prompt-templates.js +144 -0
package/dist/lib/diagnostics/prompt-templates.js.map +1 -0
package/dist/lib/diagnostics/providers/anthropic.d.ts +8 -0
package/dist/lib/diagnostics/providers/anthropic.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/anthropic.js +79 -0
package/dist/lib/diagnostics/providers/anthropic.js.map +1 -0
package/dist/lib/diagnostics/providers/openai.d.ts +8 -0
package/dist/lib/diagnostics/providers/openai.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/openai.js +70 -0
package/dist/lib/diagnostics/providers/openai.js.map +1 -0
package/dist/lib/diagnostics/providers/types.d.ts +23 -0
package/dist/lib/diagnostics/providers/types.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/types.js +5 -0
package/dist/lib/diagnostics/providers/types.js.map +1 -0
package/dist/lib/diagnostics/response-parser.d.ts +60 -0
package/dist/lib/diagnostics/response-parser.d.ts.map +1 -0
package/dist/lib/diagnostics/response-parser.js +55 -0
package/dist/lib/diagnostics/response-parser.js.map +1 -0
package/dist/lib/diagnostics/types.d.ts +60 -0
package/dist/lib/diagnostics/types.d.ts.map +1 -0
package/dist/lib/diagnostics/types.js +7 -0
package/dist/lib/diagnostics/types.js.map +1 -0
package/dist/lib/embeddings/index.d.ts +6 -3
package/dist/lib/embeddings/index.d.ts.map +1 -1
package/dist/lib/embeddings/index.js +7 -15
package/dist/lib/embeddings/index.js.map +1 -1
package/dist/lib/embeddings/worker.d.ts +2 -2
package/dist/lib/embeddings/worker.d.ts.map +1 -1
package/dist/lib/embeddings/worker.js +3 -1
package/dist/lib/embeddings/worker.js.map +1 -1
package/dist/lib/error-sanitizer.d.ts +28 -0
package/dist/lib/error-sanitizer.d.ts.map +1 -0
package/dist/lib/error-sanitizer.js +106 -0
package/dist/lib/error-sanitizer.js.map +1 -0
package/dist/lib/eval/index.d.ts +15 -0
package/dist/lib/eval/index.d.ts.map +1 -0
package/dist/lib/eval/index.js +24 -0
package/dist/lib/eval/index.js.map +1 -0
package/dist/lib/eval/runner.d.ts +28 -0
package/dist/lib/eval/runner.d.ts.map +1 -0
package/dist/lib/eval/runner.js +260 -0
package/dist/lib/eval/runner.js.map +1 -0
package/dist/lib/eval/scorers/contains.d.ts +10 -0
package/dist/lib/eval/scorers/contains.d.ts.map +1 -0
package/dist/lib/eval/scorers/contains.js +33 -0
package/dist/lib/eval/scorers/contains.js.map +1 -0
package/dist/lib/eval/scorers/exact-match.d.ts +10 -0
package/dist/lib/eval/scorers/exact-match.d.ts.map +1 -0
package/dist/lib/eval/scorers/exact-match.js +33 -0
package/dist/lib/eval/scorers/exact-match.js.map +1 -0
package/dist/lib/eval/scorers/index.d.ts +20 -0
package/dist/lib/eval/scorers/index.d.ts.map +1 -0
package/dist/lib/eval/scorers/index.js +19 -0
package/dist/lib/eval/scorers/index.js.map +1 -0
package/dist/lib/eval/scorers/llm-judge.d.ts +22 -0
package/dist/lib/eval/scorers/llm-judge.d.ts.map +1 -0
package/dist/lib/eval/scorers/llm-judge.js +79 -0
package/dist/lib/eval/scorers/llm-judge.js.map +1 -0
package/dist/lib/eval/scorers/regex.d.ts +10 -0
package/dist/lib/eval/scorers/regex.d.ts.map +1 -0
package/dist/lib/eval/scorers/regex.js +36 -0
package/dist/lib/eval/scorers/regex.js.map +1 -0
package/dist/lib/guardrails/actions.d.ts +6 -0
package/dist/lib/guardrails/actions.d.ts.map +1 -1
package/dist/lib/guardrails/actions.js +82 -0
package/dist/lib/guardrails/actions.js.map +1 -1
package/dist/lib/guardrails/conditions.d.ts +47 -0
package/dist/lib/guardrails/conditions.d.ts.map +1 -1
package/dist/lib/guardrails/conditions.js +55 -10
package/dist/lib/guardrails/conditions.js.map +1 -1
package/dist/lib/guardrails/content-engine.d.ts +19 -0
package/dist/lib/guardrails/content-engine.d.ts.map +1 -0
package/dist/lib/guardrails/content-engine.js +154 -0
package/dist/lib/guardrails/content-engine.js.map +1 -0
package/dist/lib/guardrails/engine.d.ts +33 -0
package/dist/lib/guardrails/engine.d.ts.map +1 -1
package/dist/lib/guardrails/engine.js +37 -2
package/dist/lib/guardrails/engine.js.map +1 -1
package/dist/lib/guardrails/scanners/base-scanner.d.ts +23 -0
package/dist/lib/guardrails/scanners/base-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/base-scanner.js +7 -0
package/dist/lib/guardrails/scanners/base-scanner.js.map +1 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.d.ts +13 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.js +49 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.js.map +1 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.d.ts +6 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.js +69 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.js.map +1 -0
package/dist/lib/guardrails/scanners/pii-scanner.d.ts +10 -0
package/dist/lib/guardrails/scanners/pii-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/pii-scanner.js +57 -0
package/dist/lib/guardrails/scanners/pii-scanner.js.map +1 -0
package/dist/lib/guardrails/scanners/scanner-registry.d.ts +14 -0
package/dist/lib/guardrails/scanners/scanner-registry.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/scanner-registry.js +51 -0
package/dist/lib/guardrails/scanners/scanner-registry.js.map +1 -0
package/dist/lib/guardrails/scanners/secrets-scanner.d.ts +9 -0
package/dist/lib/guardrails/scanners/secrets-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/secrets-scanner.js +47 -0
package/dist/lib/guardrails/scanners/secrets-scanner.js.map +1 -0
package/dist/lib/logger.d.ts +8 -0
package/dist/lib/logger.d.ts.map +1 -0
package/dist/lib/logger.js +31 -0
package/dist/lib/logger.js.map +1 -0
package/dist/lib/lore-client.d.ts +128 -0
package/dist/lib/lore-client.d.ts.map +1 -0
package/dist/lib/lore-client.js +188 -0
package/dist/lib/lore-client.js.map +1 -0
package/dist/lib/mesh-client.d.ts +31 -0
package/dist/lib/mesh-client.d.ts.map +1 -0
package/dist/lib/mesh-client.js +72 -0
package/dist/lib/mesh-client.js.map +1 -0
package/dist/lib/notifications/grouping-buffer.d.ts +25 -0
package/dist/lib/notifications/grouping-buffer.d.ts.map +1 -0
package/dist/lib/notifications/grouping-buffer.js +73 -0
package/dist/lib/notifications/grouping-buffer.js.map +1 -0
package/dist/lib/notifications/provider.d.ts +10 -0
package/dist/lib/notifications/provider.d.ts.map +1 -0
package/dist/lib/notifications/provider.js +5 -0
package/dist/lib/notifications/provider.js.map +1 -0
package/dist/lib/notifications/providers/email.d.ts +14 -0
package/dist/lib/notifications/providers/email.d.ts.map +1 -0
package/dist/lib/notifications/providers/email.js +88 -0
package/dist/lib/notifications/providers/email.js.map +1 -0
package/dist/lib/notifications/providers/pagerduty.d.ts +16 -0
package/dist/lib/notifications/providers/pagerduty.d.ts.map +1 -0
package/dist/lib/notifications/providers/pagerduty.js +94 -0
package/dist/lib/notifications/providers/pagerduty.js.map +1 -0
package/dist/lib/notifications/providers/slack.d.ts +14 -0
package/dist/lib/notifications/providers/slack.d.ts.map +1 -0
package/dist/lib/notifications/providers/slack.js +106 -0
package/dist/lib/notifications/providers/slack.js.map +1 -0
package/dist/lib/notifications/providers/webhook.d.ts +16 -0
package/dist/lib/notifications/providers/webhook.d.ts.map +1 -0
package/dist/lib/notifications/providers/webhook.js +78 -0
package/dist/lib/notifications/providers/webhook.js.map +1 -0
package/dist/lib/notifications/router.d.ts +30 -0
package/dist/lib/notifications/router.d.ts.map +1 -0
package/dist/lib/notifications/router.js +137 -0
package/dist/lib/notifications/router.js.map +1 -0
package/dist/lib/notifications/ssrf.d.ts +13 -0
package/dist/lib/notifications/ssrf.d.ts.map +1 -0
package/dist/lib/notifications/ssrf.js +37 -0
package/dist/lib/notifications/ssrf.js.map +1 -0
package/dist/lib/optimization/analyzers/model-downgrade.d.ts +15 -0
package/dist/lib/optimization/analyzers/model-downgrade.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/model-downgrade.js +58 -0
package/dist/lib/optimization/analyzers/model-downgrade.js.map +1 -0
package/dist/lib/optimization/analyzers/prompt-optimization.d.ts +17 -0
package/dist/lib/optimization/analyzers/prompt-optimization.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/prompt-optimization.js +160 -0
package/dist/lib/optimization/analyzers/prompt-optimization.js.map +1 -0
package/dist/lib/optimization/analyzers/types.d.ts +23 -0
package/dist/lib/optimization/analyzers/types.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/types.js +5 -0
package/dist/lib/optimization/analyzers/types.js.map +1 -0
package/dist/lib/optimization/classifier.d.ts +4 -3
package/dist/lib/optimization/classifier.d.ts.map +1 -1
package/dist/lib/optimization/classifier.js +15 -9
package/dist/lib/optimization/classifier.js.map +1 -1
package/dist/lib/optimization/cost-optimizer.d.ts +21 -0
package/dist/lib/optimization/cost-optimizer.d.ts.map +1 -0
package/dist/lib/optimization/cost-optimizer.js +114 -0
package/dist/lib/optimization/cost-optimizer.js.map +1 -0
package/dist/lib/optimization/engine.d.ts.map +1 -1
package/dist/lib/optimization/engine.js +45 -6
package/dist/lib/optimization/engine.js.map +1 -1
package/dist/lib/optimization/forecast.d.ts +39 -0
package/dist/lib/optimization/forecast.d.ts.map +1 -0
package/dist/lib/optimization/forecast.js +128 -0
package/dist/lib/optimization/forecast.js.map +1 -0
package/dist/lib/secrets.d.ts +30 -0
package/dist/lib/secrets.d.ts.map +1 -0
package/dist/lib/secrets.js +103 -0
package/dist/lib/secrets.js.map +1 -0
package/dist/lib/threshold-monitor.d.ts +53 -0
package/dist/lib/threshold-monitor.d.ts.map +1 -0
package/dist/lib/threshold-monitor.js +112 -0
package/dist/lib/threshold-monitor.js.map +1 -0
package/dist/middleware/audit.d.ts +16 -0
package/dist/middleware/audit.d.ts.map +1 -0
package/dist/middleware/audit.js +16 -0
package/dist/middleware/audit.js.map +1 -0
package/dist/middleware/auth-errors.d.ts +67 -0
package/dist/middleware/auth-errors.d.ts.map +1 -0
package/dist/middleware/auth-errors.js +84 -0
package/dist/middleware/auth-errors.js.map +1 -0
package/dist/middleware/auth.d.ts +5 -2
package/dist/middleware/auth.d.ts.map +1 -1
package/dist/middleware/auth.js +44 -17
package/dist/middleware/auth.js.map +1 -1
package/dist/middleware/body-limit.d.ts +9 -0
package/dist/middleware/body-limit.d.ts.map +1 -0
package/dist/middleware/body-limit.js +15 -0
package/dist/middleware/body-limit.js.map +1 -0
package/dist/middleware/cors-config.d.ts +30 -0
package/dist/middleware/cors-config.d.ts.map +1 -0
package/dist/middleware/cors-config.js +55 -0
package/dist/middleware/cors-config.js.map +1 -0
package/dist/middleware/rate-limit.d.ts +9 -0
package/dist/middleware/rate-limit.d.ts.map +1 -0
package/dist/middleware/rate-limit.js +56 -0
package/dist/middleware/rate-limit.js.map +1 -0
package/dist/middleware/rbac.d.ts +30 -0
package/dist/middleware/rbac.d.ts.map +1 -0
package/dist/middleware/rbac.js +87 -0
package/dist/middleware/rbac.js.map +1 -0
package/dist/middleware/security-headers.d.ts +12 -0
package/dist/middleware/security-headers.d.ts.map +1 -0
package/dist/middleware/security-headers.js +57 -0
package/dist/middleware/security-headers.js.map +1 -0
package/dist/middleware/unified-auth.d.ts +49 -0
package/dist/middleware/unified-auth.d.ts.map +1 -0
package/dist/middleware/unified-auth.js +246 -0
package/dist/middleware/unified-auth.js.map +1 -0
package/dist/middleware/validation.d.ts +31 -0
package/dist/middleware/validation.d.ts.map +1 -0
package/dist/middleware/validation.js +45 -0
package/dist/middleware/validation.js.map +1 -0
package/dist/routes/alerts.d.ts.map +1 -1
package/dist/routes/alerts.js +4 -3
package/dist/routes/alerts.js.map +1 -1
package/dist/routes/analytics.d.ts +2 -1
package/dist/routes/analytics.d.ts.map +1 -1
package/dist/routes/analytics.js +175 -95
package/dist/routes/analytics.js.map +1 -1
package/dist/routes/api-keys.d.ts +5 -0
package/dist/routes/api-keys.d.ts.map +1 -1
package/dist/routes/api-keys.js +89 -8
package/dist/routes/api-keys.js.map +1 -1
package/dist/routes/audit-verify.d.ts +12 -0
package/dist/routes/audit-verify.d.ts.map +1 -0
package/dist/routes/audit-verify.js +73 -0
package/dist/routes/audit-verify.js.map +1 -0
package/dist/routes/audit.d.ts +4 -6
package/dist/routes/audit.d.ts.map +1 -1
package/dist/routes/audit.js +54 -157
package/dist/routes/audit.js.map +1 -1
package/dist/routes/auth.d.ts +21 -0
package/dist/routes/auth.d.ts.map +1 -0
package/dist/routes/auth.js +235 -0
package/dist/routes/auth.js.map +1 -0
package/dist/routes/benchmarks.d.ts.map +1 -1
package/dist/routes/benchmarks.js +63 -11
package/dist/routes/benchmarks.js.map +1 -1
package/dist/routes/capabilities-top.d.ts.map +1 -1
package/dist/routes/capabilities-top.js +1 -4
package/dist/routes/capabilities-top.js.map +1 -1
package/dist/routes/capabilities.d.ts.map +1 -1
package/dist/routes/capabilities.js +1 -7
package/dist/routes/capabilities.js.map +1 -1
package/dist/routes/compliance.d.ts +17 -0
package/dist/routes/compliance.d.ts.map +1 -0
package/dist/routes/compliance.js +151 -0
package/dist/routes/compliance.js.map +1 -0
package/dist/routes/config.d.ts +1 -13
package/dist/routes/config.d.ts.map +1 -1
package/dist/routes/context.d.ts.map +1 -1
package/dist/routes/context.js +6 -5
package/dist/routes/context.js.map +1 -1
package/dist/routes/cost-budgets.d.ts +20 -0
package/dist/routes/cost-budgets.d.ts.map +1 -0
package/dist/routes/cost-budgets.js +194 -0
package/dist/routes/cost-budgets.js.map +1 -0
package/dist/routes/delegation.d.ts.map +1 -1
package/dist/routes/delegation.js +67 -41
package/dist/routes/delegation.js.map +1 -1
package/dist/routes/delegations-top.d.ts.map +1 -1
package/dist/routes/delegations-top.js +1 -3
package/dist/routes/delegations-top.js.map +1 -1
package/dist/routes/diagnose.d.ts +16 -0
package/dist/routes/diagnose.d.ts.map +1 -0
package/dist/routes/diagnose.js +82 -0
package/dist/routes/diagnose.js.map +1 -0
package/dist/routes/discovery.d.ts.map +1 -1
package/dist/routes/discovery.js +50 -38
package/dist/routes/discovery.js.map +1 -1
package/dist/routes/eval.d.ts +24 -0
package/dist/routes/eval.d.ts.map +1 -0
package/dist/routes/eval.js +281 -0
package/dist/routes/eval.js.map +1 -0
package/dist/routes/events.d.ts.map +1 -1
package/dist/routes/events.js +11 -6
package/dist/routes/events.js.map +1 -1
package/dist/routes/guardrails.d.ts +2 -1
package/dist/routes/guardrails.d.ts.map +1 -1
package/dist/routes/guardrails.js +85 -14
package/dist/routes/guardrails.js.map +1 -1
package/dist/routes/health.d.ts +14 -11
package/dist/routes/health.d.ts.map +1 -1
package/dist/routes/health.js +181 -61
package/dist/routes/health.js.map +1 -1
package/dist/routes/lore-proxy.d.ts +13 -0
package/dist/routes/lore-proxy.d.ts.map +1 -0
package/dist/routes/lore-proxy.js +229 -0
package/dist/routes/lore-proxy.js.map +1 -0
package/dist/routes/mesh-proxy.d.ts +7 -0
package/dist/routes/mesh-proxy.d.ts.map +1 -0
package/dist/routes/mesh-proxy.js +94 -0
package/dist/routes/mesh-proxy.js.map +1 -0
package/dist/routes/notifications.d.ts +19 -0
package/dist/routes/notifications.d.ts.map +1 -0
package/dist/routes/notifications.js +129 -0
package/dist/routes/notifications.js.map +1 -0
package/dist/routes/optimize.d.ts.map +1 -1
package/dist/routes/optimize.js +44 -0
package/dist/routes/optimize.js.map +1 -1
package/dist/routes/otlp.d.ts +17 -0
package/dist/routes/otlp.d.ts.map +1 -0
package/dist/routes/otlp.js +544 -0
package/dist/routes/otlp.js.map +1 -0
package/dist/routes/prompts.d.ts +21 -0
package/dist/routes/prompts.d.ts.map +1 -0
package/dist/routes/prompts.js +173 -0
package/dist/routes/prompts.js.map +1 -0
package/dist/routes/recall.d.ts.map +1 -1
package/dist/routes/recall.js +6 -4
package/dist/routes/recall.js.map +1 -1
package/dist/routes/replay.d.ts.map +1 -1
package/dist/routes/replay.js +2 -1
package/dist/routes/replay.js.map +1 -1
package/dist/routes/server-info.d.ts +9 -0
package/dist/routes/server-info.d.ts.map +1 -0
package/dist/routes/server-info.js +18 -0
package/dist/routes/server-info.js.map +1 -0
package/dist/routes/sessions.d.ts +7 -7
package/dist/routes/sessions.d.ts.map +1 -1
package/dist/routes/sessions.js +112 -35
package/dist/routes/sessions.js.map +1 -1
package/dist/routes/stats.d.ts.map +1 -1
package/dist/routes/stats.js +40 -0
package/dist/routes/stats.js.map +1 -1
package/dist/routes/stream.d.ts +2 -2
package/dist/routes/stream.d.ts.map +1 -1
package/dist/routes/stream.js +7 -11
package/dist/routes/stream.js.map +1 -1
package/dist/routes/tenant-helper.d.ts +15 -10
package/dist/routes/tenant-helper.d.ts.map +1 -1
package/dist/routes/tenant-helper.js +36 -22
package/dist/routes/tenant-helper.js.map +1 -1
package/dist/routes/trust.d.ts.map +1 -1
package/dist/routes/trust.js +1 -3
package/dist/routes/trust.js.map +1 -1
package/dist/schemas/api-keys.d.ts +11 -0
package/dist/schemas/api-keys.d.ts.map +1 -0
package/dist/schemas/api-keys.js +10 -0
package/dist/schemas/api-keys.js.map +1 -0
package/dist/schemas/common.d.ts +34 -0
package/dist/schemas/common.d.ts.map +1 -0
package/dist/schemas/common.js +43 -0
package/dist/schemas/common.js.map +1 -0
package/dist/schemas/delegation.d.ts +23 -0
package/dist/schemas/delegation.d.ts.map +1 -0
package/dist/schemas/delegation.js +22 -0
package/dist/schemas/delegation.js.map +1 -0
package/dist/schemas/discovery.d.ts +17 -0
package/dist/schemas/discovery.d.ts.map +1 -0
package/dist/schemas/discovery.js +15 -0
package/dist/schemas/discovery.js.map +1 -0
package/dist/schemas/health.d.ts +75 -0
package/dist/schemas/health.d.ts.map +1 -0
package/dist/schemas/health.js +55 -0
package/dist/schemas/health.js.map +1 -0
package/dist/schemas/index.d.ts +6 -0
package/dist/schemas/index.d.ts.map +1 -0
package/dist/schemas/index.js +6 -0
package/dist/schemas/index.js.map +1 -0
package/dist/schemas/sessions.d.ts +67 -0
package/dist/schemas/sessions.d.ts.map +1 -0
package/dist/schemas/sessions.js +58 -0
package/dist/schemas/sessions.js.map +1 -0
package/dist/services/delegation-service.d.ts +1 -4
package/dist/services/delegation-service.d.ts.map +1 -1
package/dist/services/delegation-service.js +5 -31
package/dist/services/delegation-service.js.map +1 -1
package/package.json +29 -19
package/dist/db/lesson-store.d.ts +0 -57
package/dist/db/lesson-store.d.ts.map +0 -1
package/dist/db/lesson-store.js +0 -217
package/dist/db/lesson-store.js.map +0 -1
package/dist/lib/embeddings/local.d.ts +0 -15
package/dist/lib/embeddings/local.d.ts.map +0 -1
package/dist/lib/embeddings/local.js +0 -65
package/dist/lib/embeddings/local.js.map +0 -1
package/dist/lib/redaction/human-review-layer.d.ts +0 -37
package/dist/lib/redaction/human-review-layer.d.ts.map +0 -1
package/dist/lib/redaction/human-review-layer.js +0 -62
package/dist/lib/redaction/human-review-layer.js.map +0 -1
package/dist/lib/redaction/index.d.ts +0 -12
package/dist/lib/redaction/index.d.ts.map +0 -1
package/dist/lib/redaction/index.js +0 -12
package/dist/lib/redaction/index.js.map +0 -1
package/dist/lib/redaction/pii-detection-layer.d.ts +0 -30
package/dist/lib/redaction/pii-detection-layer.d.ts.map +0 -1
package/dist/lib/redaction/pii-detection-layer.js +0 -183
package/dist/lib/redaction/pii-detection-layer.js.map +0 -1
package/dist/lib/redaction/pipeline.d.ts +0 -26
package/dist/lib/redaction/pipeline.d.ts.map +0 -1
package/dist/lib/redaction/pipeline.js +0 -91
package/dist/lib/redaction/pipeline.js.map +0 -1
package/dist/lib/redaction/secret-detection-layer.d.ts +0 -10
package/dist/lib/redaction/secret-detection-layer.d.ts.map +0 -1
package/dist/lib/redaction/secret-detection-layer.js +0 -79
package/dist/lib/redaction/secret-detection-layer.js.map +0 -1
package/dist/lib/redaction/secret-patterns.d.ts +0 -29
package/dist/lib/redaction/secret-patterns.d.ts.map +0 -1
package/dist/lib/redaction/secret-patterns.js +0 -133
package/dist/lib/redaction/secret-patterns.js.map +0 -1
package/dist/lib/redaction/semantic-denylist-layer.d.ts +0 -10
package/dist/lib/redaction/semantic-denylist-layer.d.ts.map +0 -1
package/dist/lib/redaction/semantic-denylist-layer.js +0 -64
package/dist/lib/redaction/semantic-denylist-layer.js.map +0 -1
package/dist/lib/redaction/tenant-deidentification-layer.d.ts +0 -10
package/dist/lib/redaction/tenant-deidentification-layer.d.ts.map +0 -1
package/dist/lib/redaction/tenant-deidentification-layer.js +0 -64
package/dist/lib/redaction/tenant-deidentification-layer.js.map +0 -1
package/dist/lib/redaction/url-path-scrubbing-layer.d.ts +0 -14
package/dist/lib/redaction/url-path-scrubbing-layer.d.ts.map +0 -1
package/dist/lib/redaction/url-path-scrubbing-layer.js +0 -156
package/dist/lib/redaction/url-path-scrubbing-layer.js.map +0 -1
package/dist/routes/community.d.ts +0 -24
package/dist/routes/community.d.ts.map +0 -1
package/dist/routes/community.js +0 -272
package/dist/routes/community.js.map +0 -1
package/dist/routes/lessons.d.ts +0 -19
package/dist/routes/lessons.d.ts.map +0 -1
package/dist/routes/lessons.js +0 -164
package/dist/routes/lessons.js.map +0 -1
package/dist/routes/redaction-test.d.ts +0 -14
package/dist/routes/redaction-test.d.ts.map +0 -1
package/dist/routes/redaction-test.js +0 -33
package/dist/routes/redaction-test.js.map +0 -1
package/dist/services/community-service.d.ts +0 -283
package/dist/services/community-service.d.ts.map +0 -1
package/dist/services/community-service.js +0 -816
package/dist/services/community-service.js.map +0 -1

package/dist/db/sqlite-store.js CHANGED Viewed

@@ -1,992 +1,125 @@
 /**
- * SQLite implementation of IEventStore.
+ * SQLite implementation of IEventStore — thin facade.
  *
- * Write operations (Story 3.4):
- * - insertEvents() — batch insert in single transaction
- * - Auto-create/update session records on event insert
- * - Auto-create agent records on first event
- * - Session status management
- *
- * Read operations (Story 3.5):
- * - queryEvents(), getEvent(), getSessionTimeline(), countEvents()
- * - querySessions(), getSession()
- * - listAgents(), getAgent()
- * - getAnalytics(), getStats()
- */
-import { eq, and, gte, lte, inArray, desc, asc, sql, count as drizzleCount } from 'drizzle-orm';
-import { computeEventHash } from '@agentlensai/core';
-import { events, sessions, agents, alertRules, alertHistory } from './schema.sqlite.js';
-import { HashChainError, NotFoundError } from './errors.js';
-// ─── Helpers ───────────────────────────────────────────────
-/**
- * Safe JSON.parse that returns a fallback on any error instead of throwing.
+ * Delegates to focused repository classes (Story S-7.5):
+ * - EventRepository — event CRUD
+ * - SessionRepository — session CRUD
+ * - AgentRepository — agent CRUD
+ * - AlertRepository — alert rules + history
+ * - AnalyticsRepository — analytics and stats
+ * - RetentionService — data retention/cleanup
  */
-export function safeJsonParse(raw, fallback) {
-    try {
-        return JSON.parse(raw);
-    }
-    catch {
-        return fallback;
-    }
-}
+import { EventRepository } from './repositories/event-repository.js';
+import { SessionRepository } from './repositories/session-repository.js';
+import { AgentRepository } from './repositories/agent-repository.js';
+import { AlertRepository } from './repositories/alert-repository.js';
+import { AnalyticsRepository } from './repositories/analytics-repository.js';
+import { RetentionService } from './services/retention-service.js';
+// Re-export for backward compatibility
+export { safeJsonParse } from './shared/query-helpers.js';
 export class SqliteEventStore {
     db;
+    eventRepo;
+    sessionRepo;
+    agentRepo;
+    alertRepo;
+    analyticsRepo;
+    retentionService;
     constructor(db) {
         this.db = db;
-    }
-    /**
-     * Defense-in-depth: warn when a query method is called without tenantId.
-     * This helps catch missing tenant scoping in call chains.
-     */
-    warnIfNoTenant(method, tenantId) {
-        if (tenantId === undefined) {
-            console.warn(`[SqliteEventStore] ${method}() called without tenantId — query is unscoped. ` +
-                `Ensure tenant isolation is applied upstream (via TenantScopedStore).`);
-        }
-    }
-    // ─── Events — Write ────────────────────────────────────────
+        this.eventRepo = new EventRepository(db);
+        this.sessionRepo = new SessionRepository(db);
+        this.agentRepo = new AgentRepository(db);
+        this.alertRepo = new AlertRepository(db);
+        this.analyticsRepo = new AnalyticsRepository(db);
+        this.retentionService = new RetentionService(db);
+    }
+    // ─── Events ────────────────────────────────────────────────
     async insertEvents(eventList) {
-        if (eventList.length === 0)
-            return;
-        // Batch insert in a single transaction for atomicity and performance
-        this.db.transaction((tx) => {
-            // CRITICAL 3: Validate hash chain before inserting
-            const firstEvent = eventList[0];
-            const tenantId = firstEvent.tenantId ?? 'default';
-            // Check if the first event already exists (idempotent re-insert)
-            const existingFirst = tx
-                .select({ id: events.id })
-                .from(events)
-                .where(eq(events.id, firstEvent.id))
-                .get();
-            if (!existingFirst) {
-                // Fresh insert — validate chain continuity against stored events
-                const lastStoredEvent = tx
-                    .select({ hash: events.hash })
-                    .from(events)
-                    .where(and(eq(events.sessionId, firstEvent.sessionId), eq(events.tenantId, tenantId)))
-                    .orderBy(desc(events.timestamp), desc(events.id))
-                    .limit(1)
-                    .get();
-                const lastStoredHash = lastStoredEvent?.hash ?? null;
-                // Validate that the first event's prevHash matches the latest stored hash
-                if (firstEvent.prevHash !== lastStoredHash) {
-                    throw new HashChainError(`Chain continuity broken: event ${firstEvent.id} has prevHash=${firstEvent.prevHash} but last stored hash is ${lastStoredHash}`);
-                }
-            }
-            // Validate each event's hash and intra-batch chain links
-            for (let i = 0; i < eventList.length; i++) {
-                const event = eventList[i];
-                // Verify intra-batch chain continuity (for events after the first)
-                if (i > 0) {
-                    const prevEvent = eventList[i - 1];
-                    if (event.prevHash !== prevEvent.hash) {
-                        throw new HashChainError(`Chain continuity broken within batch: event ${event.id} has prevHash=${event.prevHash} but previous event hash is ${prevEvent.hash}`);
-                    }
-                }
-                // Recompute hash server-side and verify
-                const recomputedHash = computeEventHash({
-                    id: event.id,
-                    timestamp: event.timestamp,
-                    sessionId: event.sessionId,
-                    agentId: event.agentId,
-                    eventType: event.eventType,
-                    severity: event.severity,
-                    payload: event.payload,
-                    metadata: event.metadata,
-                    prevHash: event.prevHash,
-                });
-                if (event.hash !== recomputedHash) {
-                    throw new HashChainError(`Hash mismatch for event ${event.id}: supplied=${event.hash}, computed=${recomputedHash}`);
-                }
-            }
-            for (const event of eventList) {
-                // CRITICAL 4: Idempotent event insertion — ON CONFLICT DO NOTHING
-                tx.insert(events)
-                    .values({
-                    id: event.id,
-                    timestamp: event.timestamp,
-                    sessionId: event.sessionId,
-                    agentId: event.agentId,
-                    eventType: event.eventType,
-                    severity: event.severity,
-                    payload: JSON.stringify(event.payload),
-                    metadata: JSON.stringify(event.metadata),
-                    prevHash: event.prevHash,
-                    hash: event.hash,
-                    tenantId,
-                })
-                    .onConflictDoNothing({ target: events.id })
-                    .run();
-                // Handle session management
-                this._handleSessionUpdate(tx, event, tenantId);
-                // Handle agent auto-creation
-                this._handleAgentUpsert(tx, event, tenantId);
-            }
-        });
-    }
-    _handleSessionUpdate(tx, event, tenantId) {
-        if (event.eventType === 'session_started') {
-            // Create new session
-            const payload = event.payload;
-            const tags = payload.tags ?? [];
-            const agentName = payload.agentName ?? undefined;
-            // CRITICAL 4: Use INSERT ... ON CONFLICT DO UPDATE for sessions
-            tx.insert(sessions)
-                .values({
-                id: event.sessionId,
-                agentId: event.agentId,
-                agentName: agentName,
-                startedAt: event.timestamp,
-                status: 'active',
-                eventCount: 1,
-                toolCallCount: 0,
-                errorCount: 0,
-                totalCostUsd: 0,
-                tags: JSON.stringify(tags),
-                tenantId,
-            })
-                .onConflictDoUpdate({
-                target: [sessions.id, sessions.tenantId],
-                set: {
-                    agentName: agentName ?? sql `coalesce(${sessions.agentName}, NULL)`,
-                    status: 'active',
-                    eventCount: sql `${sessions.eventCount} + 1`,
-                    tags: tags.length > 0 ? JSON.stringify(tags) : sql `${sessions.tags}`,
-                },
-            })
-                .run();
-            return;
-        }
-        // For non-session_started events, ensure a session exists first (upsert)
-        tx.insert(sessions)
-            .values({
-            id: event.sessionId,
-            agentId: event.agentId,
-            startedAt: event.timestamp,
-            status: 'active',
-            eventCount: 0,
-            toolCallCount: 0,
-            errorCount: 0,
-            totalCostUsd: 0,
-            tags: '[]',
-            tenantId,
-        })
-            .onConflictDoNothing({ target: [sessions.id, sessions.tenantId] })
-            .run();
-        // Build incremental updates
-        const isToolCall = event.eventType === 'tool_call';
-        const isError = event.severity === 'error' ||
-            event.severity === 'critical' ||
-            event.eventType === 'tool_error';
-        const isCost = event.eventType === 'cost_tracked';
-        const isLlmResponse = event.eventType === 'llm_response';
-        const costPayload = event.payload;
-        const costUsd = isCost ? (Number(costPayload.costUsd) || 0) : 0;
-        const llmCostUsd = isLlmResponse ? (Number(costPayload.costUsd) || 0) : 0;
-        const llmUsage = isLlmResponse ? costPayload.usage : undefined;
-        const llmInputTokens = llmUsage ? (Number(llmUsage.inputTokens) || 0) : 0;
-        const llmOutputTokens = llmUsage ? (Number(llmUsage.outputTokens) || 0) : 0;
-        if (event.eventType === 'session_ended') {
-            const payload = event.payload;
-            const reason = payload.reason;
-            const status = reason === 'error' ? 'error' : 'completed';
-            tx.update(sessions)
-                .set({
-                endedAt: event.timestamp,
-                status: status,
-                eventCount: sql `${sessions.eventCount} + 1`,
-                errorCount: isError
-                    ? sql `${sessions.errorCount} + 1`
-                    : sessions.errorCount,
-            })
-                .where(and(eq(sessions.id, event.sessionId), eq(sessions.tenantId, tenantId)))
-                .run();
-            return;
-        }
-        // Regular event — increment counters
-        tx.update(sessions)
-            .set({
-            eventCount: sql `${sessions.eventCount} + 1`,
-            toolCallCount: isToolCall
-                ? sql `${sessions.toolCallCount} + 1`
-                : sessions.toolCallCount,
-            errorCount: isError
-                ? sql `${sessions.errorCount} + 1`
-                : sessions.errorCount,
-            totalCostUsd: isCost
-                ? sql `${sessions.totalCostUsd} + ${costUsd}`
-                : isLlmResponse
-                    ? sql `${sessions.totalCostUsd} + ${llmCostUsd}`
-                    : sessions.totalCostUsd,
-            llmCallCount: isLlmResponse
-                ? sql `${sessions.llmCallCount} + 1`
-                : sessions.llmCallCount,
-            totalInputTokens: isLlmResponse
-                ? sql `${sessions.totalInputTokens} + ${llmInputTokens}`
-                : sessions.totalInputTokens,
-            totalOutputTokens: isLlmResponse
-                ? sql `${sessions.totalOutputTokens} + ${llmOutputTokens}`
-                : sessions.totalOutputTokens,
-        })
-            .where(and(eq(sessions.id, event.sessionId), eq(sessions.tenantId, tenantId)))
-            .run();
-    }
-    _handleAgentUpsert(tx, event, tenantId) {
-        // CRITICAL 4: Use INSERT ... ON CONFLICT DO UPDATE for agents
-        // Agents are scoped per tenant — use composite key (id + tenant_id)
-        const payload = event.payload;
-        const agentName = payload.agentName ?? event.agentId;
-        tx.insert(agents)
-            .values({
-            id: event.agentId,
-            name: agentName,
-            firstSeenAt: event.timestamp,
-            lastSeenAt: event.timestamp,
-            sessionCount: event.eventType === 'session_started' ? 1 : 0,
-            tenantId,
-        })
-            .onConflictDoUpdate({
-            target: [agents.id, agents.tenantId],
-            set: {
-                lastSeenAt: event.timestamp,
-                sessionCount: event.eventType === 'session_started'
-                    ? sql `${agents.sessionCount} + 1`
-                    : agents.sessionCount,
-            },
-        })
-            .run();
-    }
-    // ─── Sessions — Write ──────────────────────────────────────
-    async upsertSession(session) {
-        const tenantId = session.tenantId ?? 'default';
-        const existing = this.db
-            .select()
-            .from(sessions)
-            .where(and(eq(sessions.id, session.id), eq(sessions.tenantId, tenantId)))
-            .get();
-        if (existing) {
-            const updates = {};
-            if (session.agentId !== undefined)
-                updates.agentId = session.agentId;
-            if (session.agentName !== undefined)
-                updates.agentName = session.agentName;
-            if (session.startedAt !== undefined)
-                updates.startedAt = session.startedAt;
-            if (session.endedAt !== undefined)
-                updates.endedAt = session.endedAt;
-            if (session.status !== undefined)
-                updates.status = session.status;
-            if (session.eventCount !== undefined)
-                updates.eventCount = session.eventCount;
-            if (session.toolCallCount !== undefined)
-                updates.toolCallCount = session.toolCallCount;
-            if (session.errorCount !== undefined)
-                updates.errorCount = session.errorCount;
-            if (session.totalCostUsd !== undefined)
-                updates.totalCostUsd = session.totalCostUsd;
-            if (session.llmCallCount !== undefined)
-                updates.llmCallCount = session.llmCallCount;
-            if (session.totalInputTokens !== undefined)
-                updates.totalInputTokens = session.totalInputTokens;
-            if (session.totalOutputTokens !== undefined)
-                updates.totalOutputTokens = session.totalOutputTokens;
-            if (session.tags !== undefined)
-                updates.tags = JSON.stringify(session.tags);
-            if (Object.keys(updates).length > 0) {
-                this.db
-                    .update(sessions)
-                    .set(updates)
-                    .where(and(eq(sessions.id, session.id), eq(sessions.tenantId, tenantId)))
-                    .run();
-            }
-        }
-        else {
-            this.db
-                .insert(sessions)
-                .values({
-                id: session.id,
-                agentId: session.agentId ?? '',
-                startedAt: session.startedAt ?? new Date().toISOString(),
-                status: session.status ?? 'active',
-                agentName: session.agentName,
-                endedAt: session.endedAt,
-                eventCount: session.eventCount ?? 0,
-                toolCallCount: session.toolCallCount ?? 0,
-                errorCount: session.errorCount ?? 0,
-                totalCostUsd: session.totalCostUsd ?? 0,
-                llmCallCount: session.llmCallCount ?? 0,
-                totalInputTokens: session.totalInputTokens ?? 0,
-                totalOutputTokens: session.totalOutputTokens ?? 0,
-                tags: JSON.stringify(session.tags ?? []),
-                tenantId,
-            })
-                .run();
-        }
-    }
-    // ─── Agents — Write ────────────────────────────────────────
-    async upsertAgent(agent) {
-        const tenantId = agent.tenantId ?? 'default';
-        const existing = this.db
-            .select()
-            .from(agents)
-            .where(and(eq(agents.id, agent.id), eq(agents.tenantId, tenantId)))
-            .get();
-        if (existing) {
-            const updates = {};
-            if (agent.name !== undefined)
-                updates.name = agent.name;
-            if (agent.description !== undefined)
-                updates.description = agent.description;
-            if (agent.lastSeenAt !== undefined)
-                updates.lastSeenAt = agent.lastSeenAt;
-            if (agent.sessionCount !== undefined)
-                updates.sessionCount = agent.sessionCount;
-            if (Object.keys(updates).length > 0) {
-                this.db
-                    .update(agents)
-                    .set(updates)
-                    .where(and(eq(agents.id, agent.id), eq(agents.tenantId, tenantId)))
-                    .run();
-            }
-        }
-        else {
-            const now = new Date().toISOString();
-            this.db
-                .insert(agents)
-                .values({
-                id: agent.id,
-                name: agent.name ?? agent.id,
-                description: agent.description,
-                firstSeenAt: agent.firstSeenAt ?? now,
-                lastSeenAt: agent.lastSeenAt ?? now,
-                sessionCount: agent.sessionCount ?? 0,
-                tenantId,
-            })
-                .run();
-        }
+        this.eventRepo.insertEvents(eventList, (tx, event, tenantId) => this.sessionRepo.handleSessionUpdate(tx, event, tenantId), (tx, event, tenantId) => this.agentRepo.handleAgentUpsert(tx, event, tenantId));
     }
-    // ─── Agents — Pause/Override (B1 — Story 1.2) ──────────────
-    /**
-     * Pause an agent: set paused_at and pause_reason.
-     */
-    async pauseAgent(tenantId, agentId, reason) {
-        const result = this.db
-            .update(agents)
-            .set({
-            pausedAt: new Date().toISOString(),
-            pauseReason: reason,
-        })
-            .where(and(eq(agents.id, agentId), eq(agents.tenantId, tenantId)))
-            .run();
-        return result.changes > 0;
-    }
-    /**
-     * Unpause an agent: clear paused_at, pause_reason, and optionally model_override.
-     */
-    async unpauseAgent(tenantId, agentId, clearModelOverride) {
-        const updates = {
-            pausedAt: null,
-            pauseReason: null,
-        };
-        if (clearModelOverride) {
-            updates.modelOverride = null;
-        }
-        const result = this.db
-            .update(agents)
-            .set(updates)
-            .where(and(eq(agents.id, agentId), eq(agents.tenantId, tenantId)))
-            .run();
-        return result.changes > 0;
-    }
-    /**
-     * Set model override on an agent.
-     */
-    async setModelOverride(tenantId, agentId, model) {
-        const result = this.db
-            .update(agents)
-            .set({ modelOverride: model })
-            .where(and(eq(agents.id, agentId), eq(agents.tenantId, tenantId)))
-            .run();
-        return result.changes > 0;
-    }
-    // ─── Events — Read (Story 3.5 stubs, implemented later) ────
     async queryEvents(query) {
-        const limit = Math.min(query.limit ?? 50, 500);
-        const offset = query.offset ?? 0;
-        const orderDir = query.order === 'asc' ? asc : desc;
-        const conditions = this._buildEventConditions(query);
-        const rows = this.db
-            .select()
-            .from(events)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .orderBy(orderDir(events.timestamp))
-            .limit(limit)
-            .offset(offset)
-            .all();
-        const total = await this.countEvents(query);
-        return {
-            events: rows.map(this._mapEventRow),
-            total,
-            hasMore: offset + rows.length < total,
-        };
+        return this.eventRepo.queryEvents(query);
     }
     async getEvent(id, tenantId) {
-        this.warnIfNoTenant('getEvent', tenantId);
-        const conditions = [eq(events.id, id)];
-        if (tenantId)
-            conditions.push(eq(events.tenantId, tenantId));
-        const row = this.db
-            .select()
-            .from(events)
-            .where(and(...conditions))
-            .get();
-        return row ? this._mapEventRow(row) : null;
+        return this.eventRepo.getEvent(id, tenantId);
     }
     async getSessionTimeline(sessionId, tenantId) {
-        const conditions = [eq(events.sessionId, sessionId)];
-        if (tenantId)
-            conditions.push(eq(events.tenantId, tenantId));
-        const rows = this.db
-            .select()
-            .from(events)
-            .where(and(...conditions))
-            .orderBy(asc(events.timestamp))
-            .all();
-        return rows.map(this._mapEventRow);
+        return this.eventRepo.getSessionTimeline(sessionId, tenantId);
     }
     async getLastEventHash(sessionId, tenantId) {
-        const conditions = [eq(events.sessionId, sessionId)];
-        if (tenantId)
-            conditions.push(eq(events.tenantId, tenantId));
-        const row = this.db
-            .select({ hash: events.hash })
-            .from(events)
-            .where(and(...conditions))
-            .orderBy(desc(events.timestamp), desc(events.id))
-            .limit(1)
-            .get();
-        return row?.hash ?? null;
+        return this.eventRepo.getLastEventHash(sessionId, tenantId);
     }
     async countEvents(query) {
-        const conditions = this._buildEventConditions(query);
-        const result = this.db
-            .select({ count: drizzleCount() })
-            .from(events)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .get();
-        return result?.count ?? 0;
+        return this.eventRepo.countEvents(query);
+    }
+    async countEventsBatch(query) {
+        return this.eventRepo.countEventsBatch(query);
+    }
+    // ─── Sessions ──────────────────────────────────────────────
+    async upsertSession(session) {
+        return this.sessionRepo.upsertSession(session);
     }
-    // ─── Sessions — Read ───────────────────────────────────────
     async querySessions(query) {
-        this.warnIfNoTenant('querySessions', query.tenantId);
-        const limit = Math.min(query.limit ?? 50, 500);
-        const offset = query.offset ?? 0;
-        const conditions = this._buildSessionConditions(query);
-        const rows = this.db
-            .select()
-            .from(sessions)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .orderBy(desc(sessions.startedAt))
-            .limit(limit)
-            .offset(offset)
-            .all();
-        const totalResult = this.db
-            .select({ count: drizzleCount() })
-            .from(sessions)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .get();
-        return {
-            sessions: rows.map(this._mapSessionRow),
-            total: totalResult?.count ?? 0,
-        };
+        return this.sessionRepo.querySessions(query);
     }
     async getSession(id, tenantId) {
-        const conditions = [eq(sessions.id, id)];
-        if (tenantId)
-            conditions.push(eq(sessions.tenantId, tenantId));
-        const row = this.db
-            .select()
-            .from(sessions)
-            .where(and(...conditions))
-            .get();
-        return row ? this._mapSessionRow(row) : null;
+        return this.sessionRepo.getSession(id, tenantId);
+    }
+    async sumSessionCost(query) {
+        return this.sessionRepo.sumSessionCost(query);
+    }
+    // ─── Agents ────────────────────────────────────────────────
+    async upsertAgent(agent) {
+        return this.agentRepo.upsertAgent(agent);
+    }
+    async pauseAgent(tenantId, agentId, reason) {
+        return this.agentRepo.pauseAgent(tenantId, agentId, reason);
+    }
+    async unpauseAgent(tenantId, agentId, clearModelOverride) {
+        return this.agentRepo.unpauseAgent(tenantId, agentId, clearModelOverride);
+    }
+    async setModelOverride(tenantId, agentId, model) {
+        return this.agentRepo.setModelOverride(tenantId, agentId, model);
     }
-    // ─── Agents — Read ─────────────────────────────────────────
     async listAgents(tenantId) {
-        this.warnIfNoTenant('listAgents', tenantId);
-        const conditions = tenantId ? [eq(agents.tenantId, tenantId)] : [];
-        const rows = this.db
-            .select()
-            .from(agents)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .orderBy(desc(agents.lastSeenAt))
-            .all();
-        return rows.map(this._mapAgentRow);
+        return this.agentRepo.listAgents(tenantId);
     }
     async getAgent(id, tenantId) {
-        const conditions = [eq(agents.id, id)];
-        if (tenantId)
-            conditions.push(eq(agents.tenantId, tenantId));
-        const row = this.db
-            .select()
-            .from(agents)
-            .where(and(...conditions))
-            .get();
-        return row ? this._mapAgentRow(row) : null;
-    }
-    // ─── Analytics ─────────────────────────────────────────────
-    async getAnalytics(params) {
-        this.warnIfNoTenant('getAnalytics', params.tenantId);
-        // HIGH 5: Build the time-bucket format string for SQLite strftime
-        const formatStr = params.granularity === 'hour'
-            ? '%Y-%m-%dT%H:00:00Z'
-            : params.granularity === 'day'
-                ? '%Y-%m-%dT00:00:00Z'
-                : '%Y-%W'; // week — true ISO week bucketing
-        const conditions = [
-            gte(events.timestamp, params.from),
-            lte(events.timestamp, params.to),
-        ];
-        if (params.agentId) {
-            conditions.push(eq(events.agentId, params.agentId));
-        }
-        // HIGH 6: Compute avgLatencyMs and totalCostUsd from payload JSON
-        // Bucketed query
-        const bucketRows = this.db
-            .all(sql `
-          SELECT
-            strftime(${formatStr}, timestamp) as bucket,
-            COUNT(*) as eventCount,
-            SUM(CASE WHEN event_type = 'tool_call' THEN 1 ELSE 0 END) as toolCallCount,
-            SUM(CASE WHEN severity IN ('error', 'critical') OR event_type = 'tool_error' THEN 1 ELSE 0 END) as errorCount,
-            COUNT(DISTINCT session_id) as uniqueSessions,
-            COALESCE(AVG(CASE WHEN event_type = 'tool_response' THEN json_extract(payload, '$.durationMs') ELSE NULL END), 0) as avgLatencyMs,
-            COALESCE(SUM(CASE WHEN event_type = 'cost_tracked' THEN json_extract(payload, '$.costUsd') ELSE 0 END), 0) as totalCostUsd
-          FROM events
-          WHERE timestamp >= ${params.from}
-            AND timestamp <= ${params.to}
-            ${params.agentId ? sql `AND agent_id = ${params.agentId}` : sql ``}
-            ${params.tenantId ? sql `AND tenant_id = ${params.tenantId}` : sql ``}
-          GROUP BY bucket
-          ORDER BY bucket ASC
-        `);
-        // Totals query
-        const totalsRow = this.db.get(sql `
-        SELECT
-          COUNT(*) as eventCount,
-          SUM(CASE WHEN event_type = 'tool_call' THEN 1 ELSE 0 END) as toolCallCount,
-          SUM(CASE WHEN severity IN ('error', 'critical') OR event_type = 'tool_error' THEN 1 ELSE 0 END) as errorCount,
-          COUNT(DISTINCT session_id) as uniqueSessions,
-          COUNT(DISTINCT agent_id) as uniqueAgents,
-          COALESCE(AVG(CASE WHEN event_type = 'tool_response' THEN json_extract(payload, '$.durationMs') ELSE NULL END), 0) as avgLatencyMs,
-          COALESCE(SUM(CASE WHEN event_type = 'cost_tracked' THEN json_extract(payload, '$.costUsd') ELSE 0 END), 0) as totalCostUsd
-        FROM events
-        WHERE timestamp >= ${params.from}
-          AND timestamp <= ${params.to}
-          ${params.agentId ? sql `AND agent_id = ${params.agentId}` : sql ``}
-          ${params.tenantId ? sql `AND tenant_id = ${params.tenantId}` : sql ``}
-      `);
-        return {
-            buckets: bucketRows.map((row) => ({
-                timestamp: row.bucket,
-                eventCount: Number(row.eventCount),
-                toolCallCount: Number(row.toolCallCount),
-                errorCount: Number(row.errorCount),
-                avgLatencyMs: Number(row.avgLatencyMs),
-                totalCostUsd: Number(row.totalCostUsd),
-                uniqueSessions: Number(row.uniqueSessions),
-            })),
-            totals: {
-                eventCount: Number(totalsRow?.eventCount ?? 0),
-                toolCallCount: Number(totalsRow?.toolCallCount ?? 0),
-                errorCount: Number(totalsRow?.errorCount ?? 0),
-                avgLatencyMs: Number(totalsRow?.avgLatencyMs ?? 0),
-                totalCostUsd: Number(totalsRow?.totalCostUsd ?? 0),
-                uniqueSessions: Number(totalsRow?.uniqueSessions ?? 0),
-                uniqueAgents: Number(totalsRow?.uniqueAgents ?? 0),
-            },
-        };
+        return this.agentRepo.getAgent(id, tenantId);
     }
-    // ─── Alert Rules ───────────────────────────────────────────
+    // ─── Alerts ────────────────────────────────────────────────
     async createAlertRule(rule) {
-        this.db
-            .insert(alertRules)
-            .values({
-            id: rule.id,
-            name: rule.name,
-            enabled: rule.enabled,
-            condition: rule.condition,
-            threshold: rule.threshold,
-            windowMinutes: rule.windowMinutes,
-            scope: JSON.stringify(rule.scope),
-            notifyChannels: JSON.stringify(rule.notifyChannels),
-            createdAt: rule.createdAt,
-            updatedAt: rule.updatedAt,
-            tenantId: rule.tenantId ?? 'default',
-        })
-            .run();
+        return this.alertRepo.createAlertRule(rule);
     }
-    // HIGH 8: Check affected row count and throw NotFoundError when zero
     async updateAlertRule(id, updates, tenantId) {
-        const setValues = {};
-        if (updates.name !== undefined)
-            setValues.name = updates.name;
-        if (updates.enabled !== undefined)
-            setValues.enabled = updates.enabled;
-        if (updates.condition !== undefined)
-            setValues.condition = updates.condition;
-        if (updates.threshold !== undefined)
-            setValues.threshold = updates.threshold;
-        if (updates.windowMinutes !== undefined)
-            setValues.windowMinutes = updates.windowMinutes;
-        if (updates.scope !== undefined)
-            setValues.scope = JSON.stringify(updates.scope);
-        if (updates.notifyChannels !== undefined)
-            setValues.notifyChannels = JSON.stringify(updates.notifyChannels);
-        if (updates.updatedAt !== undefined)
-            setValues.updatedAt = updates.updatedAt;
-        const whereConditions = [eq(alertRules.id, id)];
-        if (tenantId)
-            whereConditions.push(eq(alertRules.tenantId, tenantId));
-        if (Object.keys(setValues).length === 0) {
-            // Even with no actual updates, verify the rule exists
-            const existing = this.db
-                .select({ id: alertRules.id })
-                .from(alertRules)
-                .where(and(...whereConditions))
-                .get();
-            if (!existing) {
-                throw new NotFoundError(`Alert rule not found: ${id}`);
-            }
-            return;
-        }
-        const result = this.db
-            .update(alertRules)
-            .set(setValues)
-            .where(and(...whereConditions))
-            .run();
-        if (result.changes === 0) {
-            throw new NotFoundError(`Alert rule not found: ${id}`);
-        }
+        return this.alertRepo.updateAlertRule(id, updates, tenantId);
     }
     async deleteAlertRule(id, tenantId) {
-        const whereConditions = [eq(alertRules.id, id)];
-        if (tenantId)
-            whereConditions.push(eq(alertRules.tenantId, tenantId));
-        const result = this.db.delete(alertRules).where(and(...whereConditions)).run();
-        if (result.changes === 0) {
-            throw new NotFoundError(`Alert rule not found: ${id}`);
-        }
+        return this.alertRepo.deleteAlertRule(id, tenantId);
     }
     async listAlertRules(tenantId) {
-        this.warnIfNoTenant('listAlertRules', tenantId);
-        const conditions = tenantId ? [eq(alertRules.tenantId, tenantId)] : [];
-        const rows = this.db
-            .select()
-            .from(alertRules)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .all();
-        return rows.map(this._mapAlertRuleRow);
+        return this.alertRepo.listAlertRules(tenantId);
     }
     async getAlertRule(id, tenantId) {
-        const conditions = [eq(alertRules.id, id)];
-        if (tenantId)
-            conditions.push(eq(alertRules.tenantId, tenantId));
-        const row = this.db
-            .select()
-            .from(alertRules)
-            .where(and(...conditions))
-            .get();
-        return row ? this._mapAlertRuleRow(row) : null;
+        return this.alertRepo.getAlertRule(id, tenantId);
     }
-    // ─── Alert History ─────────────────────────────────────────
     async insertAlertHistory(entry) {
-        this.db
-            .insert(alertHistory)
-            .values({
-            id: entry.id,
-            ruleId: entry.ruleId,
-            triggeredAt: entry.triggeredAt,
-            resolvedAt: entry.resolvedAt ?? null,
-            currentValue: entry.currentValue,
-            threshold: entry.threshold,
-            message: entry.message,
-            tenantId: entry.tenantId ?? 'default',
-        })
-            .run();
+        return this.alertRepo.insertAlertHistory(entry);
     }
     async listAlertHistory(opts) {
-        const limit = Math.min(opts?.limit ?? 50, 500);
-        const offset = opts?.offset ?? 0;
-        const conditions = [];
-        if (opts?.ruleId) {
-            conditions.push(eq(alertHistory.ruleId, opts.ruleId));
-        }
-        if (opts?.tenantId) {
-            conditions.push(eq(alertHistory.tenantId, opts.tenantId));
-        }
-        const rows = this.db
-            .select()
-            .from(alertHistory)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .orderBy(desc(alertHistory.triggeredAt))
-            .limit(limit)
-            .offset(offset)
-            .all();
-        const totalResult = this.db
-            .select({ count: drizzleCount() })
-            .from(alertHistory)
-            .where(conditions.length > 0 ? and(...conditions) : undefined)
-            .get();
-        return {
-            entries: rows.map((row) => ({
-                id: row.id,
-                ruleId: row.ruleId,
-                triggeredAt: row.triggeredAt,
-                resolvedAt: row.resolvedAt ?? undefined,
-                currentValue: row.currentValue,
-                threshold: row.threshold,
-                message: row.message,
-                tenantId: row.tenantId,
-            })),
-            total: totalResult?.count ?? 0,
-        };
+        return this.alertRepo.listAlertHistory(opts);
     }
-    // ─── Maintenance ───────────────────────────────────────────
-    async applyRetention(olderThan, tenantId) {
-        // Build conditions — always filter by timestamp, optionally by tenant
-        const countConditions = [lte(events.timestamp, olderThan)];
-        if (tenantId)
-            countConditions.push(eq(events.tenantId, tenantId));
-        // Count events to be deleted
-        const countResult = this.db
-            .select({ count: drizzleCount() })
-            .from(events)
-            .where(and(...countConditions))
-            .get();
-        const deletedCount = countResult?.count ?? 0;
-        if (deletedCount === 0)
-            return { deletedCount: 0 };
-        this.db.transaction((tx) => {
-            if (tenantId) {
-                // Tenant-scoped retention: only delete this tenant's old events
-                tx.delete(events)
-                    .where(and(lte(events.timestamp, olderThan), eq(events.tenantId, tenantId)))
-                    .run();
-                // Clean up this tenant's sessions that have no remaining events
-                tx.run(sql `
-          DELETE FROM sessions
-          WHERE tenant_id = ${tenantId}
-            AND id NOT IN (
-              SELECT DISTINCT session_id FROM events WHERE tenant_id = ${tenantId}
-            )
-        `);
-            }
-            else {
-                // Global retention (system-level, not exposed through TenantScopedStore)
-                tx.delete(events).where(lte(events.timestamp, olderThan)).run();
-                tx.run(sql `
-          DELETE FROM sessions
-          WHERE id NOT IN (SELECT DISTINCT session_id FROM events)
-        `);
-            }
-        });
-        return { deletedCount };
+    // ─── Analytics & Stats ─────────────────────────────────────
+    async getAnalytics(params) {
+        return this.analyticsRepo.getAnalytics(params);
     }
     async getStats(tenantId) {
-        const eventConditions = tenantId ? [eq(events.tenantId, tenantId)] : [];
-        const sessionConditions = tenantId ? [eq(sessions.tenantId, tenantId)] : [];
-        const agentConditions = tenantId ? [eq(agents.tenantId, tenantId)] : [];
-        const eventCount = this.db
-            .select({ count: drizzleCount() })
-            .from(events)
-            .where(eventConditions.length > 0 ? and(...eventConditions) : undefined)
-            .get()?.count ?? 0;
-        const sessionCount = this.db
-            .select({ count: drizzleCount() })
-            .from(sessions)
-            .where(sessionConditions.length > 0 ? and(...sessionConditions) : undefined)
-            .get()?.count ?? 0;
-        const agentCount = this.db
-            .select({ count: drizzleCount() })
-            .from(agents)
-            .where(agentConditions.length > 0 ? and(...agentConditions) : undefined)
-            .get()?.count ?? 0;
-        const oldest = this.db
-            .select({ timestamp: events.timestamp })
-            .from(events)
-            .where(eventConditions.length > 0 ? and(...eventConditions) : undefined)
-            .orderBy(asc(events.timestamp))
-            .limit(1)
-            .get();
-        const newest = this.db
-            .select({ timestamp: events.timestamp })
-            .from(events)
-            .where(eventConditions.length > 0 ? and(...eventConditions) : undefined)
-            .orderBy(desc(events.timestamp))
-            .limit(1)
-            .get();
-        // SQLite page_count * page_size for storage size
-        const pageCount = this.db.get(sql `PRAGMA page_count`)
-            ?.page_count ?? 0;
-        const pageSize = this.db.get(sql `PRAGMA page_size`)
-            ?.page_size ?? 0;
-        return {
-            totalEvents: eventCount,
-            totalSessions: sessionCount,
-            totalAgents: agentCount,
-            oldestEvent: oldest?.timestamp,
-            newestEvent: newest?.timestamp,
-            storageSizeBytes: pageCount * pageSize,
-        };
-    }
-    // ─── Private Helpers ───────────────────────────────────────
-    _buildEventConditions(query) {
-        const conditions = [];
-        if (query.tenantId) {
-            conditions.push(eq(events.tenantId, query.tenantId));
-        }
-        if (query.sessionId) {
-            conditions.push(eq(events.sessionId, query.sessionId));
-        }
-        if (query.agentId) {
-            conditions.push(eq(events.agentId, query.agentId));
-        }
-        if (query.eventType) {
-            if (Array.isArray(query.eventType)) {
-                conditions.push(inArray(events.eventType, query.eventType));
-            }
-            else {
-                conditions.push(eq(events.eventType, query.eventType));
-            }
-        }
-        if (query.severity) {
-            if (Array.isArray(query.severity)) {
-                conditions.push(inArray(events.severity, query.severity));
-            }
-            else {
-                conditions.push(eq(events.severity, query.severity));
-            }
-        }
-        if (query.from) {
-            conditions.push(gte(events.timestamp, query.from));
-        }
-        if (query.to) {
-            conditions.push(lte(events.timestamp, query.to));
-        }
-        if (query.search) {
-            // H1 fix: Escape LIKE wildcards to prevent wildcard abuse
-            const escaped = query.search
-                .replace(/\\/g, '\\\\')
-                .replace(/%/g, '\\%')
-                .replace(/_/g, '\\_');
-            conditions.push(sql `${events.payload} LIKE ${'%' + escaped + '%'} ESCAPE '\\'`);
-        }
-        return conditions;
-    }
-    // HIGH 4: Use json_each() for exact tag matching with OR semantics
-    _buildSessionConditions(query) {
-        const conditions = [];
-        if (query.tenantId) {
-            conditions.push(eq(sessions.tenantId, query.tenantId));
-        }
-        if (query.agentId) {
-            conditions.push(eq(sessions.agentId, query.agentId));
-        }
-        if (query.status) {
-            if (Array.isArray(query.status)) {
-                if (query.status.length === 1) {
-                    conditions.push(eq(sessions.status, query.status[0]));
-                }
-                else if (query.status.length > 1) {
-                    conditions.push(inArray(sessions.status, query.status));
-                }
-            }
-            else {
-                conditions.push(eq(sessions.status, query.status));
-            }
-        }
-        if (query.from) {
-            conditions.push(gte(sessions.startedAt, query.from));
-        }
-        if (query.to) {
-            conditions.push(lte(sessions.startedAt, query.to));
-        }
-        if (query.tags && query.tags.length > 0) {
-            // Use json_each for exact tag matching with OR semantics
-            // A session matches if it contains ANY of the specified tags
-            const tagPlaceholders = query.tags.map((tag) => sql `${tag}`);
-            conditions.push(sql `EXISTS (
-          SELECT 1 FROM json_each(${sessions.tags}) AS je
-          WHERE je.value IN (${sql.join(tagPlaceholders, sql `, `)})
-        )`);
-        }
-        return conditions;
+        return this.analyticsRepo.getStats(tenantId);
     }
-    // HIGH 7: Use safeJsonParse everywhere
-    _mapEventRow(row) {
-        return {
-            id: row.id,
-            timestamp: row.timestamp,
-            sessionId: row.sessionId,
-            agentId: row.agentId,
-            eventType: row.eventType,
-            severity: row.severity,
-            payload: safeJsonParse(row.payload, {}),
-            metadata: safeJsonParse(row.metadata, {}),
-            prevHash: row.prevHash,
-            hash: row.hash,
-            tenantId: row.tenantId,
-        };
-    }
-    _mapSessionRow(row) {
-        return {
-            id: row.id,
-            agentId: row.agentId,
-            agentName: row.agentName ?? undefined,
-            startedAt: row.startedAt,
-            endedAt: row.endedAt ?? undefined,
-            status: row.status,
-            eventCount: row.eventCount,
-            toolCallCount: row.toolCallCount,
-            errorCount: row.errorCount,
-            totalCostUsd: row.totalCostUsd,
-            llmCallCount: row.llmCallCount,
-            totalInputTokens: row.totalInputTokens,
-            totalOutputTokens: row.totalOutputTokens,
-            tags: safeJsonParse(row.tags, []),
-            tenantId: row.tenantId,
-        };
-    }
-    _mapAgentRow(row) {
-        return {
-            id: row.id,
-            name: row.name,
-            description: row.description ?? undefined,
-            firstSeenAt: row.firstSeenAt,
-            lastSeenAt: row.lastSeenAt,
-            sessionCount: row.sessionCount,
-            tenantId: row.tenantId,
-            modelOverride: row.modelOverride ?? undefined,
-            pausedAt: row.pausedAt ?? undefined,
-            pauseReason: row.pauseReason ?? undefined,
-        };
-    }
-    _mapAlertRuleRow(row) {
-        return {
-            id: row.id,
-            name: row.name,
-            enabled: row.enabled,
-            condition: row.condition,
-            threshold: row.threshold,
-            windowMinutes: row.windowMinutes,
-            scope: safeJsonParse(row.scope, {}),
-            notifyChannels: safeJsonParse(row.notifyChannels, []),
-            createdAt: row.createdAt,
-            updatedAt: row.updatedAt,
-            tenantId: row.tenantId,
-        };
+    // ─── Maintenance ───────────────────────────────────────────
+    async applyRetention(olderThan, tenantId) {
+        return this.retentionService.applyRetention(olderThan, tenantId);
     }
 }
 //# sourceMappingURL=sqlite-store.js.map