@agentlensai/server 0.2.0

package/dist/lib/retention.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"retention.js","sourceRoot":"","sources":["../../src/lib/retention.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AASH,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9C,MAAM,aAAa,GAAG,OAAO,KAAK,SAAS;QACzC,CAAC,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;QACvB,CAAC,CAAC,sBAAsB,CAAC;IAE3B,OAAO;QACL,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,aAAa;KAC7E,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAAkB,EAClB,MAAwB;IAExB,MAAM,cAAc,GAAG,MAAM,IAAI,kBAAkB,EAAE,CAAC;IAEtD,sCAAsC;IACtC,IAAI,cAAc,CAAC,aAAa,KAAK,CAAC,EAAE,CAAC;QACvC,OAAO,EAAE,YAAY,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC5C,CAAC;IAED,IAAI,cAAc,CAAC,aAAa,GAAG,CAAC,EAAE,CAAC;QACrC,OAAO,EAAE,YAAY,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC5C,CAAC;IAED,iCAAiC;IACjC,MAAM,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;IAC9B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,cAAc,CAAC,aAAa,CAAC,CAAC;IACxE,MAAM,SAAS,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;IAE3C,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IAErD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC/D,CAAC"}

package/dist/middleware/auth.d.ts

@@ -0,0 +1,37 @@
+/**
+ * API Key Authentication Middleware (Story 4.2)
+ *
+ * Validates `Authorization: Bearer als_xxx` header by hashing the key
+ * with SHA-256 and looking it up in the apiKeys table.
+ *
+ * When AUTH_DISABLED=true, authentication is skipped (dev mode).
+ */
+import type { SqliteDb } from '../db/index.js';
+/**
+ * API key info attached to the Hono context.
+ */
+export interface ApiKeyInfo {
+    id: string;
+    name: string;
+    scopes: string[];
+}
+/**
+ * Type augmentation for Hono context variables.
+ */
+export type AuthVariables = {
+    apiKey: ApiKeyInfo;
+};
+/**
+ * SHA-256 hash a raw API key string.
+ */
+export declare function hashApiKey(raw: string): string;
+/**
+ * Create the auth middleware.
+ *
+ * @param db - Drizzle SQLite database instance
+ * @param authDisabled - If true, skip authentication (dev mode)
+ */
+export declare function authMiddleware(db: SqliteDb, authDisabled: boolean): import("hono").MiddlewareHandler<{
+    Variables: AuthVariables;
+}, string, {}, Response>;
+//# sourceMappingURL=auth.d.ts.map

package/dist/middleware/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAI/C;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,UAAU,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO;eAC3B,aAAa;yBA0DnD"}

package/dist/middleware/auth.js

@@ -0,0 +1,78 @@
+/**
+ * API Key Authentication Middleware (Story 4.2)
+ *
+ * Validates `Authorization: Bearer als_xxx` header by hashing the key
+ * with SHA-256 and looking it up in the apiKeys table.
+ *
+ * When AUTH_DISABLED=true, authentication is skipped (dev mode).
+ */
+import { createHash } from 'node:crypto';
+import { createMiddleware } from 'hono/factory';
+import { apiKeys } from '../db/schema.sqlite.js';
+import { eq, and, isNull } from 'drizzle-orm';
+/**
+ * SHA-256 hash a raw API key string.
+ */
+export function hashApiKey(raw) {
+    return createHash('sha256').update(raw).digest('hex');
+}
+/**
+ * Create the auth middleware.
+ *
+ * @param db - Drizzle SQLite database instance
+ * @param authDisabled - If true, skip authentication (dev mode)
+ */
+export function authMiddleware(db, authDisabled) {
+    return createMiddleware(async (c, next) => {
+        // Dev mode: skip auth
+        if (authDisabled) {
+            c.set('apiKey', { id: 'dev', name: 'dev-mode', scopes: ['*'] });
+            return next();
+        }
+        const authHeader = c.req.header('Authorization');
+        if (!authHeader) {
+            return c.json({ error: 'Missing Authorization header', status: 401 }, 401);
+        }
+        const match = authHeader.match(/^Bearer\s+(als_\w+)$/);
+        if (!match) {
+            return c.json({ error: 'Invalid Authorization header format. Expected: Bearer als_xxx', status: 401 }, 401);
+        }
+        const rawKey = match[1];
+        const keyHash = hashApiKey(rawKey);
+        // Look up the key by hash (not revoked)
+        const row = db
+            .select()
+            .from(apiKeys)
+            .where(and(eq(apiKeys.keyHash, keyHash), isNull(apiKeys.revokedAt)))
+            .get();
+        if (!row) {
+            return c.json({ error: 'Invalid or revoked API key', status: 401 }, 401);
+        }
+        // Fire-and-forget lastUsedAt update
+        const now = Math.floor(Date.now() / 1000);
+        try {
+            db.update(apiKeys)
+                .set({ lastUsedAt: now })
+                .where(eq(apiKeys.id, row.id))
+                .run();
+        }
+        catch {
+            // Non-critical — don't fail the request
+        }
+        const scopes = (() => {
+            try {
+                return JSON.parse(row.scopes);
+            }
+            catch {
+                return [];
+            }
+        })();
+        c.set('apiKey', {
+            id: row.id,
+            name: row.name,
+            scopes,
+        });
+        return next();
+    });
+}
+//# sourceMappingURL=auth.js.map

package/dist/middleware/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEhD,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AACjD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAkB9C;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACxD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,EAAY,EAAE,YAAqB;IAChE,OAAO,gBAAgB,CAA+B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACtE,sBAAsB;QACtB,IAAI,YAAY,EAAE,CAAC;YACjB,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChE,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACvD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,+DAA+D,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC9G,CAAC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACzB,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QAEnC,wCAAwC;QACxC,MAAM,GAAG,GAAG,EAAE;aACX,MAAM,EAAE;aACR,IAAI,CAAC,OAAO,CAAC;aACb,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;aACnE,GAAG,EAAE,CAAC;QAET,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,4BAA4B,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3E,CAAC;QAED,oCAAoC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC;YACH,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;iBACf,GAAG,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;iBACxB,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;iBAC7B,GAAG,EAAE,CAAC;QACX,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;QAED,MAAM,MAAM,GAAa,CAAC,GAAG,EAAE;YAC7B,IAAI,CAAC;gBACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAa,CAAC;YAC5C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE;YACd,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM;SACP,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/routes/agents.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Agent Endpoints (Story 4.7)
+ *
+ * GET /api/agents     — list all agents (with error rate from sessions)
+ * GET /api/agents/:id — single agent
+ */
+import { Hono } from 'hono';
+import type { IEventStore } from '@agentlens/core';
+import type { AuthVariables } from '../middleware/auth.js';
+export declare function agentsRoutes(store: IEventStore): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=agents.d.ts.map

package/dist/routes/agents.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agents.d.ts","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAE3D,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW;eACX,aAAa;0CAiChD"}

package/dist/routes/agents.js

@@ -0,0 +1,34 @@
+/**
+ * Agent Endpoints (Story 4.7)
+ *
+ * GET /api/agents     — list all agents (with error rate from sessions)
+ * GET /api/agents/:id — single agent
+ */
+import { Hono } from 'hono';
+export function agentsRoutes(store) {
+    const app = new Hono();
+    // GET /api/agents — list all agents with computed error rates
+    app.get('/', async (c) => {
+        const agents = await store.listAgents();
+        // Enrich agents with error rate computed from their sessions
+        const enriched = await Promise.all(agents.map(async (agent) => {
+            const { sessions } = await store.querySessions({ agentId: agent.id, limit: 10000 });
+            const totalErrors = sessions.reduce((sum, s) => sum + s.errorCount, 0);
+            const totalEvents = sessions.reduce((sum, s) => sum + s.eventCount, 0);
+            const errorRate = totalEvents > 0 ? totalErrors / totalEvents : 0;
+            return { ...agent, errorRate };
+        }));
+        return c.json({ agents: enriched });
+    });
+    // GET /api/agents/:id — single agent
+    app.get('/:id', async (c) => {
+        const id = c.req.param('id');
+        const agent = await store.getAgent(id);
+        if (!agent) {
+            return c.json({ error: 'Agent not found', status: 404 }, 404);
+        }
+        return c.json(agent);
+    });
+    return app;
+}
+//# sourceMappingURL=agents.js.map

package/dist/routes/agents.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agents.js","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAI5B,MAAM,UAAU,YAAY,CAAC,KAAkB;IAC7C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE,CAAC;QAExC,6DAA6D;QAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACzB,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,KAAK,CAAC,aAAa,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YACpF,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACvE,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAClE,OAAO,EAAE,GAAG,KAAK,EAAE,SAAS,EAAE,CAAC;QACjC,CAAC,CAAC,CACH,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAEvC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/api-keys.d.ts

@@ -0,0 +1,14 @@
+/**
+ * API Key Management Endpoints (Story 4.3)
+ *
+ * POST /api/keys — create a new API key
+ * GET  /api/keys — list all keys (no raw key exposed)
+ * DELETE /api/keys/:id — revoke (soft delete) a key
+ */
+import { Hono } from 'hono';
+import type { SqliteDb } from '../db/index.js';
+import { type AuthVariables } from '../middleware/auth.js';
+export declare function apiKeysRoutes(db: SqliteDb): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=api-keys.d.ts.map

package/dist/routes/api-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-keys.d.ts","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,OAAO,EAAc,KAAK,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEvE,wBAAgB,aAAa,CAAC,EAAE,EAAE,QAAQ;eACN,aAAa;0CAyEhD"}

package/dist/routes/api-keys.js

@@ -0,0 +1,81 @@
+/**
+ * API Key Management Endpoints (Story 4.3)
+ *
+ * POST /api/keys — create a new API key
+ * GET  /api/keys — list all keys (no raw key exposed)
+ * DELETE /api/keys/:id — revoke (soft delete) a key
+ */
+import { Hono } from 'hono';
+import { randomBytes } from 'node:crypto';
+import { ulid } from 'ulid';
+import { apiKeys } from '../db/schema.sqlite.js';
+import { eq } from 'drizzle-orm';
+import { hashApiKey } from '../middleware/auth.js';
+export function apiKeysRoutes(db) {
+    const app = new Hono();
+    // POST /api/keys — create a new API key
+    app.post('/', async (c) => {
+        const body = await c.req.json().catch(() => ({}));
+        const name = body.name;
+        const scopes = body.scopes;
+        const id = ulid();
+        const rawKey = `als_${randomBytes(32).toString('hex')}`;
+        const keyHash = hashApiKey(rawKey);
+        const now = Math.floor(Date.now() / 1000);
+        db.insert(apiKeys)
+            .values({
+            id,
+            keyHash,
+            name: name ?? 'Unnamed Key',
+            scopes: JSON.stringify(scopes ?? ['*']),
+            createdAt: now,
+        })
+            .run();
+        return c.json({
+            id,
+            key: rawKey,
+            name: name ?? 'Unnamed Key',
+            scopes: scopes ?? ['*'],
+            createdAt: new Date(now * 1000).toISOString(),
+        }, 201);
+    });
+    // GET /api/keys — list all keys
+    app.get('/', (c) => {
+        const rows = db.select().from(apiKeys).all();
+        const keys = rows.map((row) => ({
+            id: row.id,
+            name: row.name,
+            scopes: (() => {
+                try {
+                    return JSON.parse(row.scopes);
+                }
+                catch {
+                    return [];
+                }
+            })(),
+            createdAt: new Date(row.createdAt * 1000).toISOString(),
+            lastUsedAt: row.lastUsedAt ? new Date(row.lastUsedAt * 1000).toISOString() : null,
+            revokedAt: row.revokedAt ? new Date(row.revokedAt * 1000).toISOString() : null,
+        }));
+        return c.json({ keys });
+    });
+    // DELETE /api/keys/:id — revoke a key
+    app.delete('/:id', (c) => {
+        const id = c.req.param('id');
+        const now = Math.floor(Date.now() / 1000);
+        const existing = db.select().from(apiKeys).where(eq(apiKeys.id, id)).get();
+        if (!existing) {
+            return c.json({ error: 'API key not found', status: 404 }, 404);
+        }
+        if (existing.revokedAt) {
+            return c.json({ error: 'API key already revoked', status: 409 }, 409);
+        }
+        db.update(apiKeys)
+            .set({ revokedAt: now })
+            .where(eq(apiKeys.id, id))
+            .run();
+        return c.json({ id, revoked: true });
+    });
+    return app;
+}
+//# sourceMappingURL=api-keys.js.map

package/dist/routes/api-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AACjD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,UAAU,EAAsB,MAAM,uBAAuB,CAAC;AAEvE,MAAM,UAAU,aAAa,CAAC,EAAY;IACxC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,wCAAwC;IACxC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,IAAI,GAAI,IAAgC,CAAC,IAA0B,CAAC;QAC1E,MAAM,MAAM,GAAI,IAAgC,CAAC,MAA8B,CAAC;QAEhF,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,MAAM,CAAC;YACN,EAAE;YACF,OAAO;YACP,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;YACvC,SAAS,EAAE,GAAG;SACf,CAAC;aACD,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE;YACF,GAAG,EAAE,MAAM;YACX,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,MAAM,IAAI,CAAC,GAAG,CAAC;YACvB,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAC9C,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,gCAAgC;IAChC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC;QAE7C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC9B,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,CAAC,GAAG,EAAE;gBACZ,IAAI,CAAC;oBAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAa,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC;oBAAC,OAAO,EAAE,CAAC;gBAAC,CAAC;YACzE,CAAC,CAAC,EAAE;YACJ,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;YACvD,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;YACjF,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;SAC/E,CAAC,CAAC,CAAC;QAEJ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,sCAAsC;IACtC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;QACvB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QAC3E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;aACvB,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;aACzB,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/config.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Config Endpoints (Story 8.4)
+ *
+ * GET  /api/config — get current configuration
+ * PUT  /api/config — update configuration values
+ *
+ * Configuration values are stored in a simple key-value table.
+ * Falls back to environment defaults when no override exists.
+ */
+import { Hono } from 'hono';
+import { z } from 'zod';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+/** Schema for config update request */
+declare const configUpdateSchema: z.ZodObject<{
+    retentionDays: z.ZodOptional<z.ZodNumber>;
+    agentGateUrl: z.ZodOptional<z.ZodString>;
+    agentGateSecret: z.ZodOptional<z.ZodString>;
+    formBridgeUrl: z.ZodOptional<z.ZodString>;
+    formBridgeSecret: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    retentionDays?: number | undefined;
+    agentGateUrl?: string | undefined;
+    agentGateSecret?: string | undefined;
+    formBridgeUrl?: string | undefined;
+    formBridgeSecret?: string | undefined;
+}, {
+    retentionDays?: number | undefined;
+    agentGateUrl?: string | undefined;
+    agentGateSecret?: string | undefined;
+    formBridgeUrl?: string | undefined;
+    formBridgeSecret?: string | undefined;
+}>;
+export type ConfigValues = z.infer<typeof configUpdateSchema>;
+export declare function configRoutes(db: SqliteDb): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+export {};
+//# sourceMappingURL=config.d.ts.map

package/dist/routes/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,uCAAuC;AACvC,QAAA,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;EAMtB,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAoC9D,wBAAgB,YAAY,CAAC,EAAE,EAAE,QAAQ;eACL,aAAa;0CAuDhD"}

package/dist/routes/config.js

@@ -0,0 +1,97 @@
+/**
+ * Config Endpoints (Story 8.4)
+ *
+ * GET  /api/config — get current configuration
+ * PUT  /api/config — update configuration values
+ *
+ * Configuration values are stored in a simple key-value table.
+ * Falls back to environment defaults when no override exists.
+ */
+import { Hono } from 'hono';
+import { sql } from 'drizzle-orm';
+import { z } from 'zod';
+import { getConfig } from '../config.js';
+/** Schema for config update request */
+const configUpdateSchema = z.object({
+    retentionDays: z.number().int().min(0).max(3650).optional(),
+    agentGateUrl: z.string().max(2048).optional(),
+    agentGateSecret: z.string().max(512).optional(),
+    formBridgeUrl: z.string().max(2048).optional(),
+    formBridgeSecret: z.string().max(512).optional(),
+});
+/**
+ * Ensure the config_kv table exists (simple key-value store).
+ */
+function ensureConfigTable(db) {
+    db.run(sql `CREATE TABLE IF NOT EXISTS config_kv (key TEXT PRIMARY KEY, value TEXT NOT NULL)`);
+}
+function getConfigValue(db, key) {
+    const row = db.get(sql `SELECT value FROM config_kv WHERE key = ${key}`);
+    return row?.value ?? null;
+}
+function setConfigValue(db, key, value) {
+    db.run(sql `INSERT INTO config_kv (key, value) VALUES (${key}, ${value}) ON CONFLICT(key) DO UPDATE SET value = ${value}`);
+}
+function getAllConfig(db) {
+    const serverConfig = getConfig();
+    return {
+        retentionDays: (() => {
+            const v = getConfigValue(db, 'retentionDays');
+            return v !== null ? parseInt(v, 10) : serverConfig.retentionDays;
+        })(),
+        agentGateUrl: getConfigValue(db, 'agentGateUrl') ?? '',
+        agentGateSecret: getConfigValue(db, 'agentGateSecret') ?? '',
+        formBridgeUrl: getConfigValue(db, 'formBridgeUrl') ?? '',
+        formBridgeSecret: getConfigValue(db, 'formBridgeSecret') ?? '',
+    };
+}
+export function configRoutes(db) {
+    const app = new Hono();
+    ensureConfigTable(db);
+    // GET /api/config — current config
+    app.get('/', (c) => {
+        const config = getAllConfig(db);
+        // Mask secrets in response
+        return c.json({
+            retentionDays: config.retentionDays,
+            agentGateUrl: config.agentGateUrl,
+            agentGateSecret: config.agentGateSecret ? '••••••••' : '',
+            formBridgeUrl: config.formBridgeUrl,
+            formBridgeSecret: config.formBridgeSecret ? '••••••••' : '',
+        });
+    });
+    // PUT /api/config — update config values
+    app.put('/', async (c) => {
+        const rawBody = await c.req.json().catch(() => null);
+        if (!rawBody) {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const parseResult = configUpdateSchema.safeParse(rawBody);
+        if (!parseResult.success) {
+            return c.json({
+                error: 'Validation failed',
+                status: 400,
+                details: parseResult.error.issues,
+            }, 400);
+        }
+        const updates = parseResult.data;
+        if (updates.retentionDays !== undefined) {
+            setConfigValue(db, 'retentionDays', String(updates.retentionDays));
+        }
+        if (updates.agentGateUrl !== undefined) {
+            setConfigValue(db, 'agentGateUrl', updates.agentGateUrl);
+        }
+        if (updates.agentGateSecret !== undefined) {
+            setConfigValue(db, 'agentGateSecret', updates.agentGateSecret);
+        }
+        if (updates.formBridgeUrl !== undefined) {
+            setConfigValue(db, 'formBridgeUrl', updates.formBridgeUrl);
+        }
+        if (updates.formBridgeSecret !== undefined) {
+            setConfigValue(db, 'formBridgeSecret', updates.formBridgeSecret);
+        }
+        return c.json({ ok: true });
+    });
+    return app;
+}
+//# sourceMappingURL=config.js.map

package/dist/routes/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,uCAAuC;AACvC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC3D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC7C,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC/C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC9C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CACjD,CAAC,CAAC;AAIH;;GAEG;AACH,SAAS,iBAAiB,CAAC,EAAY;IACrC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAA,kFAAkF,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,cAAc,CAAC,EAAY,EAAE,GAAW;IAC/C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAChB,GAAG,CAAA,2CAA2C,GAAG,EAAE,CACpD,CAAC;IACF,OAAO,GAAG,EAAE,KAAK,IAAI,IAAI,CAAC;AAC5B,CAAC;AAED,SAAS,cAAc,CAAC,EAAY,EAAE,GAAW,EAAE,KAAa;IAC9D,EAAE,CAAC,GAAG,CACJ,GAAG,CAAA,8CAA8C,GAAG,KAAK,KAAK,4CAA4C,KAAK,EAAE,CAClH,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,EAAY;IAChC,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC;IACjC,OAAO;QACL,aAAa,EAAE,CAAC,GAAG,EAAE;YACnB,MAAM,CAAC,GAAG,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC;QACnE,CAAC,CAAC,EAAE;QACJ,YAAY,EAAE,cAAc,CAAC,EAAE,EAAE,cAAc,CAAC,IAAI,EAAE;QACtD,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,iBAAiB,CAAC,IAAI,EAAE;QAC5D,aAAa,EAAE,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,IAAI,EAAE;QACxD,gBAAgB,EAAE,cAAc,CAAC,EAAE,EAAE,kBAAkB,CAAC,IAAI,EAAE;KAC/D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,EAAY;IACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAEtB,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC;QAChC,2BAA2B;QAC3B,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,eAAe,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;YACzD,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;SAC5D,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,mBAAmB;gBAC1B,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,MAAM;aAClC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC;QAEjC,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACvC,cAAc,CAAC,EAAE,EAAE,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,OAAO,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YAC1C,cAAc,CAAC,EAAE,EAAE,iBAAiB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;QACjE,CAAC;QACD,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC3C,cAAc,CAAC,EAAE,EAAE,kBAAkB,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAC;QACnE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/events.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Event Endpoints (Stories 4.4 + 4.5)
+ *
+ * POST /api/events       — ingest events
+ * GET  /api/events       — query events with filters
+ * GET  /api/events/:id   — get single event
+ */
+import { Hono } from 'hono';
+import type { IEventStore } from '@agentlens/core';
+import type { AuthVariables } from '../middleware/auth.js';
+export declare function eventsRoutes(store: IEventStore): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=events.d.ts.map

package/dist/routes/events.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../../src/routes/events.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAW5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAO3D,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW;eACX,aAAa;0CAyKhD"}

package/dist/routes/events.js

@@ -0,0 +1,164 @@
+/**
+ * Event Endpoints (Stories 4.4 + 4.5)
+ *
+ * POST /api/events       — ingest events
+ * GET  /api/events       — query events with filters
+ * GET  /api/events/:id   — get single event
+ */
+import { Hono } from 'hono';
+import { ulid } from 'ulid';
+import { z } from 'zod';
+import { ingestEventSchema, computeEventHash, truncatePayload, DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE, } from '@agentlens/core';
+/** Schema for the batch ingestion request body */
+const ingestBatchSchema = z.object({
+    events: z.array(ingestEventSchema).min(1).max(1000),
+});
+export function eventsRoutes(store) {
+    const app = new Hono();
+    // POST /api/events — ingest events
+    app.post('/', async (c) => {
+        const rawBody = await c.req.json().catch(() => null);
+        if (!rawBody) {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const parseResult = ingestBatchSchema.safeParse(rawBody);
+        if (!parseResult.success) {
+            return c.json({
+                error: 'Validation failed',
+                status: 400,
+                details: parseResult.error.issues.map((issue) => ({
+                    path: issue.path.join('.'),
+                    message: issue.message,
+                })),
+            }, 400);
+        }
+        const { events: inputEvents } = parseResult.data;
+        // Group events by sessionId to handle per-session hash chains
+        const bySession = new Map();
+        for (const ev of inputEvents) {
+            const arr = bySession.get(ev.sessionId) ?? [];
+            arr.push(ev);
+            bySession.set(ev.sessionId, arr);
+        }
+        const allProcessed = [];
+        // Phase 1: Build all events (validate and compute hashes) without writing
+        for (const [sessionId, sessionEvents] of bySession) {
+            // Get the last event hash for this session to chain from
+            const timeline = await store.getSessionTimeline(sessionId);
+            let prevHash = timeline.length > 0 ? timeline[timeline.length - 1].hash : null;
+            for (const input of sessionEvents) {
+                const id = ulid();
+                const timestamp = input.timestamp ?? new Date().toISOString();
+                const severity = input.severity ?? 'info';
+                const metadata = input.metadata ?? {};
+                const payload = truncatePayload(input.payload);
+                const hash = computeEventHash({
+                    id,
+                    timestamp,
+                    sessionId: input.sessionId,
+                    agentId: input.agentId,
+                    eventType: input.eventType,
+                    severity,
+                    payload,
+                    metadata,
+                    prevHash,
+                });
+                const event = {
+                    id,
+                    timestamp,
+                    sessionId: input.sessionId,
+                    agentId: input.agentId,
+                    eventType: input.eventType,
+                    severity: severity,
+                    payload,
+                    metadata,
+                    prevHash,
+                    hash,
+                };
+                allProcessed.push(event);
+                prevHash = hash;
+            }
+        }
+        // Phase 2: Insert all events atomically per session group.
+        // Group by session for hash-chain integrity, but insertEvents already
+        // runs inside a transaction, and if any session group fails the whole
+        // request is an error (no partial success).
+        const sessionGroups = new Map();
+        for (const event of allProcessed) {
+            const arr = sessionGroups.get(event.sessionId) ?? [];
+            arr.push(event);
+            sessionGroups.set(event.sessionId, arr);
+        }
+        try {
+            for (const [, sessionProcessed] of sessionGroups) {
+                await store.insertEvents(sessionProcessed);
+            }
+        }
+        catch (error) {
+            // If any session group fails, the entire batch is rejected
+            const message = error instanceof Error ? error.message : 'Unknown error';
+            return c.json({ error: `Batch insert failed: ${message}`, status: 500 }, 500);
+        }
+        return c.json({
+            ingested: allProcessed.length,
+            events: allProcessed.map((e) => ({ id: e.id, hash: e.hash })),
+        }, 201);
+    });
+    // GET /api/events — query events
+    app.get('/', async (c) => {
+        const query = {};
+        const sessionId = c.req.query('sessionId');
+        if (sessionId)
+            query.sessionId = sessionId;
+        const agentId = c.req.query('agentId');
+        if (agentId)
+            query.agentId = agentId;
+        const eventType = c.req.query('eventType');
+        if (eventType) {
+            query.eventType = eventType.includes(',')
+                ? eventType.split(',')
+                : eventType;
+        }
+        const severity = c.req.query('severity');
+        if (severity) {
+            query.severity = severity.includes(',')
+                ? severity.split(',')
+                : severity;
+        }
+        const from = c.req.query('from');
+        if (from)
+            query.from = from;
+        const to = c.req.query('to');
+        if (to)
+            query.to = to;
+        const search = c.req.query('search');
+        if (search)
+            query.search = search;
+        const limitStr = c.req.query('limit');
+        query.limit = limitStr
+            ? Math.max(1, Math.min(parseInt(limitStr, 10) || DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE))
+            : DEFAULT_PAGE_SIZE;
+        const offsetStr = c.req.query('offset');
+        query.offset = offsetStr ? Math.max(0, parseInt(offsetStr, 10) || 0) : 0;
+        const order = c.req.query('order');
+        if (order === 'asc' || order === 'desc')
+            query.order = order;
+        const result = await store.queryEvents(query);
+        return c.json({
+            events: result.events,
+            total: result.total,
+            hasMore: result.hasMore,
+        });
+    });
+    // GET /api/events/:id — single event
+    app.get('/:id', async (c) => {
+        const id = c.req.param('id');
+        const event = await store.getEvent(id);
+        if (!event) {
+            return c.json({ error: 'Event not found', status: 404 }, 404);
+        }
+        return c.json(event);
+    });
+    return app;
+}
+//# sourceMappingURL=events.js.map

package/dist/routes/events.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"events.js","sourceRoot":"","sources":["../../src/routes/events.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,aAAa,GACd,MAAM,iBAAiB,CAAC;AAKzB,kDAAkD;AAClD,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;CACpD,CAAC,CAAC;AAEH,MAAM,UAAU,YAAY,CAAC,KAAkB;IAC7C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,mCAAmC;IACnC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,WAAW,GAAG,iBAAiB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,mBAAmB;gBAC1B,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAqD,EAAE,EAAE,CAAC,CAAC;oBAChG,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;oBAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;iBACvB,CAAC,CAAC;aACJ,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;QAEjD,8DAA8D;QAC9D,MAAM,SAAS,GAAG,IAAI,GAAG,EAA8B,CAAC;QACxD,KAAK,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;YAC9C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QACnC,CAAC;QAED,MAAM,YAAY,GAAqB,EAAE,CAAC;QAE1C,0EAA0E;QAC1E,KAAK,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,IAAI,SAAS,EAAE,CAAC;YACnD,yDAAyD;YACzD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAC3D,IAAI,QAAQ,GAAkB,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAE/F,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC;gBAClB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;gBAC9D,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,MAAM,CAAC;gBAC1C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;gBACtC,MAAM,OAAO,GAAG,eAAe,CAAC,KAAK,CAAC,OAAoC,CAAC,CAAC;gBAE5E,MAAM,IAAI,GAAG,gBAAgB,CAAC;oBAC5B,EAAE;oBACF,SAAS;oBACT,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,QAAQ;oBACR,OAAO;oBACP,QAAQ;oBACR,QAAQ;iBACT,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAmB;oBAC5B,EAAE;oBACF,SAAS;oBACT,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,SAAS,EAAE,KAAK,CAAC,SAAwC;oBACzD,QAAQ,EAAE,QAAsC;oBAChD,OAAO;oBACP,QAAQ;oBACR,QAAQ;oBACR,IAAI;iBACL,CAAC;gBAEF,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACzB,QAAQ,GAAG,IAAI,CAAC;YAClB,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,sEAAsE;QACtE,sEAAsE;QACtE,4CAA4C;QAC5C,MAAM,aAAa,GAAG,IAAI,GAAG,EAA4B,CAAC;QAC1D,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;YACrD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAChB,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,EAAE,gBAAgB,CAAC,IAAI,aAAa,EAAE,CAAC;gBACjD,MAAM,KAAK,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,2DAA2D;YAC3D,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YACzE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChF,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,YAAY,CAAC,MAAM;YAC7B,MAAM,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;SAC9D,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,iCAAiC;IACjC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,KAAK,GAAe,EAAE,CAAC;QAE7B,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,SAAS;YAAE,KAAK,CAAC,SAAS,GAAG,SAAS,CAAC;QAE3C,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO;YAAE,KAAK,CAAC,OAAO,GAAG,OAAO,CAAC;QAErC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,SAAS,EAAE,CAAC;YACd,KAAK,CAAC,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACvC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAgB;gBACrC,CAAC,CAAC,SAAsB,CAAC;QAC7B,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACrC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAoB;gBACxC,CAAC,CAAC,QAAyB,CAAC;QAChC,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,IAAI;YAAE,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC;QAE5B,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,IAAI,EAAE;YAAE,KAAK,CAAC,EAAE,GAAG,EAAE,CAAC;QAEtB,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,MAAM;YAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;QAElC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,KAAK,CAAC,KAAK,GAAG,QAAQ;YACpB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,iBAAiB,EAAE,aAAa,CAAC,CAAC;YACnF,CAAC,CAAC,iBAAiB,CAAC;QAEtB,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACxC,KAAK,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEzE,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,IAAI,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,MAAM;YAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC;QAE7D,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAE9C,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAEvC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}