npm - @agentuity/runtime - Versions diffs - 2.0.11 → 3.0.0-alpha.1 - Mend

@agentuity/runtime 2.0.11 → 3.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (415) hide show

package/dist/index.d.ts +37 -65
package/dist/index.d.ts.map +1 -1
package/dist/index.js +59 -61
package/dist/index.js.map +1 -1
package/package.json +9 -38
package/src/index.ts +58 -259
package/AGENTS.md +0 -116
package/dist/_config.d.ts +0 -100
package/dist/_config.d.ts.map +0 -1
package/dist/_config.js +0 -147
package/dist/_config.js.map +0 -1
package/dist/_context.d.ts +0 -80
package/dist/_context.d.ts.map +0 -1
package/dist/_context.js +0 -160
package/dist/_context.js.map +0 -1
package/dist/_events.d.ts +0 -64
package/dist/_events.d.ts.map +0 -1
package/dist/_events.js +0 -92
package/dist/_events.js.map +0 -1
package/dist/_globals.d.ts +0 -58
package/dist/_globals.d.ts.map +0 -1
package/dist/_globals.js +0 -71
package/dist/_globals.js.map +0 -1
package/dist/_idle.d.ts +0 -7
package/dist/_idle.d.ts.map +0 -1
package/dist/_idle.js +0 -10
package/dist/_idle.js.map +0 -1
package/dist/_metadata.d.ts +0 -117
package/dist/_metadata.d.ts.map +0 -1
package/dist/_metadata.js +0 -268
package/dist/_metadata.js.map +0 -1
package/dist/_process-protection.d.ts +0 -27
package/dist/_process-protection.d.ts.map +0 -1
package/dist/_process-protection.js +0 -56
package/dist/_process-protection.js.map +0 -1
package/dist/_server.d.ts +0 -50
package/dist/_server.d.ts.map +0 -1
package/dist/_server.js +0 -89
package/dist/_server.js.map +0 -1
package/dist/_services.d.ts +0 -25
package/dist/_services.d.ts.map +0 -1
package/dist/_services.js +0 -286
package/dist/_services.js.map +0 -1
package/dist/_standalone.d.ts +0 -212
package/dist/_standalone.d.ts.map +0 -1
package/dist/_standalone.js +0 -556
package/dist/_standalone.js.map +0 -1
package/dist/_tokens.d.ts +0 -12
package/dist/_tokens.d.ts.map +0 -1
package/dist/_tokens.js +0 -97
package/dist/_tokens.js.map +0 -1
package/dist/_util.d.ts +0 -16
package/dist/_util.d.ts.map +0 -1
package/dist/_util.js +0 -54
package/dist/_util.js.map +0 -1
package/dist/_validation.d.ts +0 -89
package/dist/_validation.d.ts.map +0 -1
package/dist/_validation.js +0 -29
package/dist/_validation.js.map +0 -1
package/dist/_waituntil.d.ts +0 -32
package/dist/_waituntil.d.ts.map +0 -1
package/dist/_waituntil.js +0 -156
package/dist/_waituntil.js.map +0 -1
package/dist/agent.d.ts +0 -1262
package/dist/agent.d.ts.map +0 -1
package/dist/agent.js +0 -981
package/dist/agent.js.map +0 -1
package/dist/app.d.ts +0 -514
package/dist/app.d.ts.map +0 -1
package/dist/app.js +0 -228
package/dist/app.js.map +0 -1
package/dist/bootstrap.d.ts +0 -44
package/dist/bootstrap.d.ts.map +0 -1
package/dist/bootstrap.js +0 -259
package/dist/bootstrap.js.map +0 -1
package/dist/bun-s3-patch.d.ts +0 -37
package/dist/bun-s3-patch.d.ts.map +0 -1
package/dist/bun-s3-patch.js +0 -142
package/dist/bun-s3-patch.js.map +0 -1
package/dist/cors.d.ts +0 -42
package/dist/cors.d.ts.map +0 -1
package/dist/cors.js +0 -117
package/dist/cors.js.map +0 -1
package/dist/dev-patches/aisdk.d.ts +0 -17
package/dist/dev-patches/aisdk.d.ts.map +0 -1
package/dist/dev-patches/aisdk.js +0 -160
package/dist/dev-patches/aisdk.js.map +0 -1
package/dist/dev-patches/gateway.d.ts +0 -16
package/dist/dev-patches/gateway.d.ts.map +0 -1
package/dist/dev-patches/gateway.js +0 -54
package/dist/dev-patches/gateway.js.map +0 -1
package/dist/dev-patches/index.d.ts +0 -21
package/dist/dev-patches/index.d.ts.map +0 -1
package/dist/dev-patches/index.js +0 -33
package/dist/dev-patches/index.js.map +0 -1
package/dist/dev-patches/otel-llm.d.ts +0 -12
package/dist/dev-patches/otel-llm.d.ts.map +0 -1
package/dist/dev-patches/otel-llm.js +0 -352
package/dist/dev-patches/otel-llm.js.map +0 -1
package/dist/devmode.d.ts +0 -3
package/dist/devmode.d.ts.map +0 -1
package/dist/devmode.js +0 -167
package/dist/devmode.js.map +0 -1
package/dist/eval.d.ts +0 -91
package/dist/eval.d.ts.map +0 -1
package/dist/eval.js +0 -16
package/dist/eval.js.map +0 -1
package/dist/handlers/_route-meta.d.ts +0 -22
package/dist/handlers/_route-meta.d.ts.map +0 -1
package/dist/handlers/_route-meta.js +0 -25
package/dist/handlers/_route-meta.js.map +0 -1
package/dist/handlers/cron.d.ts +0 -73
package/dist/handlers/cron.d.ts.map +0 -1
package/dist/handlers/cron.js +0 -43
package/dist/handlers/cron.js.map +0 -1
package/dist/handlers/index.d.ts +0 -6
package/dist/handlers/index.d.ts.map +0 -1
package/dist/handlers/index.js +0 -6
package/dist/handlers/index.js.map +0 -1
package/dist/handlers/sse.d.ts +0 -163
package/dist/handlers/sse.d.ts.map +0 -1
package/dist/handlers/sse.js +0 -175
package/dist/handlers/sse.js.map +0 -1
package/dist/handlers/stream.d.ts +0 -52
package/dist/handlers/stream.d.ts.map +0 -1
package/dist/handlers/stream.js +0 -108
package/dist/handlers/stream.js.map +0 -1
package/dist/handlers/webrtc.d.ts +0 -49
package/dist/handlers/webrtc.d.ts.map +0 -1
package/dist/handlers/webrtc.js +0 -109
package/dist/handlers/webrtc.js.map +0 -1
package/dist/handlers/websocket.d.ts +0 -88
package/dist/handlers/websocket.d.ts.map +0 -1
package/dist/handlers/websocket.js +0 -161
package/dist/handlers/websocket.js.map +0 -1
package/dist/logger/console.d.ts +0 -70
package/dist/logger/console.d.ts.map +0 -1
package/dist/logger/console.js +0 -278
package/dist/logger/console.js.map +0 -1
package/dist/logger/index.d.ts +0 -3
package/dist/logger/index.d.ts.map +0 -1
package/dist/logger/index.js +0 -3
package/dist/logger/index.js.map +0 -1
package/dist/logger/internal.d.ts +0 -79
package/dist/logger/internal.d.ts.map +0 -1
package/dist/logger/internal.js +0 -133
package/dist/logger/internal.js.map +0 -1
package/dist/logger/logger.d.ts +0 -41
package/dist/logger/logger.d.ts.map +0 -1
package/dist/logger/logger.js +0 -2
package/dist/logger/logger.js.map +0 -1
package/dist/logger/user.d.ts +0 -8
package/dist/logger/user.d.ts.map +0 -1
package/dist/logger/user.js +0 -7
package/dist/logger/user.js.map +0 -1
package/dist/logger/util.d.ts +0 -11
package/dist/logger/util.d.ts.map +0 -1
package/dist/logger/util.js +0 -77
package/dist/logger/util.js.map +0 -1
package/dist/middleware.d.ts +0 -105
package/dist/middleware.d.ts.map +0 -1
package/dist/middleware.js +0 -763
package/dist/middleware.js.map +0 -1
package/dist/otel/config.d.ts +0 -19
package/dist/otel/config.d.ts.map +0 -1
package/dist/otel/config.js +0 -26
package/dist/otel/config.js.map +0 -1
package/dist/otel/console.d.ts +0 -33
package/dist/otel/console.d.ts.map +0 -1
package/dist/otel/console.js +0 -86
package/dist/otel/console.js.map +0 -1
package/dist/otel/exporters/index.d.ts +0 -4
package/dist/otel/exporters/index.d.ts.map +0 -1
package/dist/otel/exporters/index.js +0 -4
package/dist/otel/exporters/index.js.map +0 -1
package/dist/otel/exporters/jsonl-log-exporter.d.ts +0 -36
package/dist/otel/exporters/jsonl-log-exporter.d.ts.map +0 -1
package/dist/otel/exporters/jsonl-log-exporter.js +0 -103
package/dist/otel/exporters/jsonl-log-exporter.js.map +0 -1
package/dist/otel/exporters/jsonl-metric-exporter.d.ts +0 -40
package/dist/otel/exporters/jsonl-metric-exporter.d.ts.map +0 -1
package/dist/otel/exporters/jsonl-metric-exporter.js +0 -104
package/dist/otel/exporters/jsonl-metric-exporter.js.map +0 -1
package/dist/otel/exporters/jsonl-trace-exporter.d.ts +0 -36
package/dist/otel/exporters/jsonl-trace-exporter.d.ts.map +0 -1
package/dist/otel/exporters/jsonl-trace-exporter.js +0 -111
package/dist/otel/exporters/jsonl-trace-exporter.js.map +0 -1
package/dist/otel/fetch.d.ts +0 -12
package/dist/otel/fetch.d.ts.map +0 -1
package/dist/otel/fetch.js +0 -82
package/dist/otel/fetch.js.map +0 -1
package/dist/otel/http.d.ts +0 -16
package/dist/otel/http.d.ts.map +0 -1
package/dist/otel/http.js +0 -44
package/dist/otel/http.js.map +0 -1
package/dist/otel/logger.d.ts +0 -37
package/dist/otel/logger.d.ts.map +0 -1
package/dist/otel/logger.js +0 -265
package/dist/otel/logger.js.map +0 -1
package/dist/otel/otel.d.ts +0 -68
package/dist/otel/otel.d.ts.map +0 -1
package/dist/otel/otel.js +0 -245
package/dist/otel/otel.js.map +0 -1
package/dist/otel/tracestate.d.ts +0 -44
package/dist/otel/tracestate.d.ts.map +0 -1
package/dist/otel/tracestate.js +0 -84
package/dist/otel/tracestate.js.map +0 -1
package/dist/router.d.ts +0 -66
package/dist/router.d.ts.map +0 -1
package/dist/router.js +0 -44
package/dist/router.js.map +0 -1
package/dist/services/evalrun/composite.d.ts +0 -21
package/dist/services/evalrun/composite.d.ts.map +0 -1
package/dist/services/evalrun/composite.js +0 -26
package/dist/services/evalrun/composite.js.map +0 -1
package/dist/services/evalrun/http.d.ts +0 -24
package/dist/services/evalrun/http.d.ts.map +0 -1
package/dist/services/evalrun/http.js +0 -115
package/dist/services/evalrun/http.js.map +0 -1
package/dist/services/evalrun/index.d.ts +0 -5
package/dist/services/evalrun/index.d.ts.map +0 -1
package/dist/services/evalrun/index.js +0 -5
package/dist/services/evalrun/index.js.map +0 -1
package/dist/services/evalrun/json.d.ts +0 -21
package/dist/services/evalrun/json.d.ts.map +0 -1
package/dist/services/evalrun/json.js +0 -38
package/dist/services/evalrun/json.js.map +0 -1
package/dist/services/evalrun/local.d.ts +0 -19
package/dist/services/evalrun/local.d.ts.map +0 -1
package/dist/services/evalrun/local.js +0 -22
package/dist/services/evalrun/local.js.map +0 -1
package/dist/services/local/_db.d.ts +0 -4
package/dist/services/local/_db.d.ts.map +0 -1
package/dist/services/local/_db.js +0 -281
package/dist/services/local/_db.js.map +0 -1
package/dist/services/local/_router.d.ts +0 -3
package/dist/services/local/_router.d.ts.map +0 -1
package/dist/services/local/_router.js +0 -28
package/dist/services/local/_router.js.map +0 -1
package/dist/services/local/_util.d.ts +0 -18
package/dist/services/local/_util.d.ts.map +0 -1
package/dist/services/local/_util.js +0 -44
package/dist/services/local/_util.js.map +0 -1
package/dist/services/local/email.d.ts +0 -24
package/dist/services/local/email.d.ts.map +0 -1
package/dist/services/local/email.js +0 -58
package/dist/services/local/email.js.map +0 -1
package/dist/services/local/index.d.ts +0 -10
package/dist/services/local/index.d.ts.map +0 -1
package/dist/services/local/index.js +0 -10
package/dist/services/local/index.js.map +0 -1
package/dist/services/local/keyvalue.d.ts +0 -17
package/dist/services/local/keyvalue.d.ts.map +0 -1
package/dist/services/local/keyvalue.js +0 -133
package/dist/services/local/keyvalue.js.map +0 -1
package/dist/services/local/queue.d.ts +0 -10
package/dist/services/local/queue.d.ts.map +0 -1
package/dist/services/local/queue.js +0 -96
package/dist/services/local/queue.js.map +0 -1
package/dist/services/local/stream.d.ts +0 -12
package/dist/services/local/stream.d.ts.map +0 -1
package/dist/services/local/stream.js +0 -266
package/dist/services/local/stream.js.map +0 -1
package/dist/services/local/task.d.ts +0 -55
package/dist/services/local/task.d.ts.map +0 -1
package/dist/services/local/task.js +0 -1248
package/dist/services/local/task.js.map +0 -1
package/dist/services/local/vector.d.ts +0 -17
package/dist/services/local/vector.d.ts.map +0 -1
package/dist/services/local/vector.js +0 -303
package/dist/services/local/vector.js.map +0 -1
package/dist/services/sandbox/http.d.ts +0 -23
package/dist/services/sandbox/http.d.ts.map +0 -1
package/dist/services/sandbox/http.js +0 -327
package/dist/services/sandbox/http.js.map +0 -1
package/dist/services/sandbox/index.d.ts +0 -2
package/dist/services/sandbox/index.d.ts.map +0 -1
package/dist/services/sandbox/index.js +0 -2
package/dist/services/sandbox/index.js.map +0 -1
package/dist/services/session/composite.d.ts +0 -21
package/dist/services/session/composite.d.ts.map +0 -1
package/dist/services/session/composite.js +0 -26
package/dist/services/session/composite.js.map +0 -1
package/dist/services/session/http.d.ts +0 -34
package/dist/services/session/http.d.ts.map +0 -1
package/dist/services/session/http.js +0 -124
package/dist/services/session/http.js.map +0 -1
package/dist/services/session/index.d.ts +0 -5
package/dist/services/session/index.d.ts.map +0 -1
package/dist/services/session/index.js +0 -5
package/dist/services/session/index.js.map +0 -1
package/dist/services/session/json.d.ts +0 -22
package/dist/services/session/json.d.ts.map +0 -1
package/dist/services/session/json.js +0 -35
package/dist/services/session/json.js.map +0 -1
package/dist/services/session/local.d.ts +0 -19
package/dist/services/session/local.d.ts.map +0 -1
package/dist/services/session/local.js +0 -23
package/dist/services/session/local.js.map +0 -1
package/dist/services/thread/local.d.ts +0 -20
package/dist/services/thread/local.d.ts.map +0 -1
package/dist/services/thread/local.js +0 -158
package/dist/services/thread/local.js.map +0 -1
package/dist/session.d.ts +0 -734
package/dist/session.d.ts.map +0 -1
package/dist/session.js +0 -1140
package/dist/session.js.map +0 -1
package/dist/signature.d.ts +0 -22
package/dist/signature.d.ts.map +0 -1
package/dist/signature.js +0 -63
package/dist/signature.js.map +0 -1
package/dist/validator.d.ts +0 -142
package/dist/validator.d.ts.map +0 -1
package/dist/validator.js +0 -149
package/dist/validator.js.map +0 -1
package/dist/version-check.d.ts +0 -20
package/dist/version-check.d.ts.map +0 -1
package/dist/version-check.js +0 -157
package/dist/version-check.js.map +0 -1
package/dist/web.d.ts +0 -8
package/dist/web.d.ts.map +0 -1
package/dist/web.js +0 -67
package/dist/web.js.map +0 -1
package/dist/webrtc-signaling.d.ts +0 -80
package/dist/webrtc-signaling.d.ts.map +0 -1
package/dist/webrtc-signaling.js +0 -237
package/dist/webrtc-signaling.js.map +0 -1
package/dist/workbench.d.ts +0 -17
package/dist/workbench.d.ts.map +0 -1
package/dist/workbench.js +0 -605
package/dist/workbench.js.map +0 -1
package/src/_config.ts +0 -163
package/src/_context.ts +0 -240
package/src/_events.ts +0 -142
package/src/_globals.ts +0 -92
package/src/_idle.ts +0 -10
package/src/_metadata.ts +0 -407
package/src/_process-protection.ts +0 -71
package/src/_server.ts +0 -109
package/src/_services.ts +0 -379
package/src/_standalone.ts +0 -710
package/src/_tokens.ts +0 -114
package/src/_util.ts +0 -62
package/src/_validation.ts +0 -119
package/src/_waituntil.ts +0 -188
package/src/agent.ts +0 -2739
package/src/app.ts +0 -769
package/src/bootstrap.ts +0 -321
package/src/bun-s3-patch.ts +0 -224
package/src/cors.ts +0 -137
package/src/dev-patches/aisdk.ts +0 -169
package/src/dev-patches/gateway.ts +0 -68
package/src/dev-patches/index.ts +0 -37
package/src/dev-patches/otel-llm.ts +0 -405
package/src/devmode.ts +0 -171
package/src/eval.ts +0 -109
package/src/globals.d.ts +0 -28
package/src/handlers/_route-meta.ts +0 -33
package/src/handlers/cron.ts +0 -141
package/src/handlers/index.ts +0 -18
package/src/handlers/sse.ts +0 -358
package/src/handlers/stream.ts +0 -121
package/src/handlers/webrtc.ts +0 -125
package/src/handlers/websocket.ts +0 -203
package/src/logger/console.ts +0 -323
package/src/logger/index.ts +0 -2
package/src/logger/internal.ts +0 -165
package/src/logger/logger.ts +0 -44
package/src/logger/user.ts +0 -15
package/src/logger/util.ts +0 -80
package/src/middleware.ts +0 -1095
package/src/otel/config.ts +0 -47
package/src/otel/console.ts +0 -91
package/src/otel/exporters/README.md +0 -217
package/src/otel/exporters/index.ts +0 -3
package/src/otel/exporters/jsonl-log-exporter.ts +0 -113
package/src/otel/exporters/jsonl-metric-exporter.ts +0 -120
package/src/otel/exporters/jsonl-trace-exporter.ts +0 -121
package/src/otel/fetch.ts +0 -105
package/src/otel/http.ts +0 -53
package/src/otel/logger.ts +0 -293
package/src/otel/otel.ts +0 -354
package/src/otel/tracestate.ts +0 -108
package/src/router.ts +0 -75
package/src/services/evalrun/composite.ts +0 -34
package/src/services/evalrun/http.ts +0 -167
package/src/services/evalrun/index.ts +0 -4
package/src/services/evalrun/json.ts +0 -46
package/src/services/evalrun/local.ts +0 -28
package/src/services/local/README.md +0 -1576
package/src/services/local/_db.ts +0 -353
package/src/services/local/_router.ts +0 -40
package/src/services/local/_util.ts +0 -55
package/src/services/local/email.ts +0 -91
package/src/services/local/index.ts +0 -9
package/src/services/local/keyvalue.ts +0 -174
package/src/services/local/queue.ts +0 -145
package/src/services/local/stream.ts +0 -358
package/src/services/local/task.ts +0 -1711
package/src/services/local/vector.ts +0 -438
package/src/services/sandbox/http.ts +0 -522
package/src/services/sandbox/index.ts +0 -1
package/src/services/session/composite.ts +0 -33
package/src/services/session/http.ts +0 -167
package/src/services/session/index.ts +0 -4
package/src/services/session/json.ts +0 -42
package/src/services/session/local.ts +0 -33
package/src/services/thread/local.ts +0 -199
package/src/session.ts +0 -1960
package/src/signature.ts +0 -82
package/src/validator.ts +0 -283
package/src/version-check.ts +0 -184
package/src/web.ts +0 -76
package/src/webrtc-signaling.ts +0 -288
package/src/workbench.ts +0 -725

package/src/middleware.ts DELETED Viewed

@@ -1,1095 +0,0 @@
-/**
- * Middleware factories for Vite-native architecture
- * Extracted from _server.ts to be used by generated entry files
- */
-import { createMiddleware } from 'hono/factory';
-import { cors } from 'hono/cors';
-import { compress } from 'hono/compress';
-import { setSignedCookie } from 'hono/cookie';
-import type { Env, CompressionConfig, CorsConfig } from './app';
-import { createTrustedCorsOrigin } from './cors';
-import type { Logger } from './logger';
-import { generateId } from './session';
-import { runInHTTPContext } from './_context';
-import { DURATION_HEADER, TOKENS_HEADER } from './_tokens';
-import { extractTraceContextFromRequest } from './otel/http';
-import { enrichContextWithTraceState } from './otel/tracestate';
-import { context, SpanKind, SpanStatusCode, trace, propagation } from '@opentelemetry/api';
-import type { Meter, Tracer } from '@opentelemetry/api';
-import * as runtimeConfig from './_config';
-import { getSessionEventProvider } from './_services';
-import { internal } from './logger/internal';
-import { STREAM_DONE_PROMISE_KEY, IS_STREAMING_RESPONSE_KEY } from './handlers/sse';
-import { WS_DONE_PROMISE_KEY } from './handlers/websocket';
-import { loadBuildMetadata } from './_metadata';
-const SESSION_HEADER = 'x-session-id';
-const THREAD_HEADER = 'x-thread-id';
-const DEPLOYMENT_HEADER = 'x-deployment';
-/**
- * Paths that should skip OTEL session event tracking.
- * These routes still get thread/session setup but won't create session start/complete events.
- */
-const OTEL_SESSION_EVENT_SKIP_PATHS = new Set([
-	'/_agentuity/workbench/ws',
-	'/_agentuity/workbench/sample',
-	'/_agentuity/workbench/state',
-	'/_agentuity/workbench/metadata.json',
-	'/_agentuity/webanalytics/analytics.js',
-	'/_agentuity/webanalytics/session.js',
-]);
-/**
- * Paths that should skip thread/session setup entirely.
- * These are lightweight endpoints that don't need any context.
- */
-const OTEL_FULL_SKIP_PATHS = new Set([
-	'/_agentuity/workbench/metadata.json',
-	'/_agentuity/webanalytics/analytics.js',
-	'/_agentuity/webanalytics/session.js',
-]);
-export const AGENT_CONTEXT_PROPERTIES = [
-	'logger',
-	'tracer',
-	'sessionId',
-	'kv',
-	'stream',
-	'vector',
-	'sandbox',
-	'queue',
-	'email',
-	'schedule',
-	'task',
-	'state',
-	'thread',
-	'session',
-	'config',
-	'app',
-] as const;
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-function installContextPropertyHelpers(c: any): void {
-	for (const property of AGENT_CONTEXT_PROPERTIES) {
-		if (Object.hasOwn(c, property)) {
-			continue;
-		}
-		Object.defineProperty(c, property, {
-			get() {
-				throw new Error(
-					`In route handlers, use c.var.${property} instead of c.${property}. ` +
-						`The property '${property}' is available on AgentContext (for agent handlers) ` +
-						`but must be accessed via c.var in HonoContext (route handlers).`
-				);
-			},
-			configurable: true,
-			enumerable: false,
-		});
-	}
-}
-export interface MiddlewareConfig {
-	logger: Logger;
-	tracer: Tracer;
-	meter: Meter;
-	corsOptions?: Parameters<typeof cors>[0];
-}
-/**
- * Create base middleware that sets up context variables
- */
-export function createBaseMiddleware(config: MiddlewareConfig) {
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	return createMiddleware<Env<any>>(async (c, next) => {
-		c.set('logger', config.logger);
-		c.set('tracer', config.tracer);
-		c.set('meter', config.meter);
-		// Import services dynamically to avoid circular deps
-		const { getServices } = await import('./_services');
-		const services = getServices();
-		c.set('kv', services.kv);
-		c.set('stream', services.stream);
-		c.set('vector', services.vector);
-		c.set('sandbox', services.sandbox);
-		c.set('queue', services.queue);
-		c.set('email', services.email);
-		c.set('schedule', services.schedule);
-		c.set('task', services.task);
-		installContextPropertyHelpers(c);
-		const isWebSocket = c.req.header('upgrade')?.toLowerCase() === 'websocket';
-		const skipLogging = c.req.path.startsWith('/_agentuity/');
-		const started = performance.now();
-		if (!skipLogging) {
-			config.logger.debug('%s %s started', c.req.method, c.req.path);
-		}
-		await runInHTTPContext(c, next);
-		if (!isWebSocket) {
-			const endTime = performance.now();
-			const duration = ((endTime - started) / 1000).toFixed(1);
-			c.header(DURATION_HEADER, `${duration}s`);
-			// Set deployment header for all routes
-			const deploymentId = runtimeConfig.getDeploymentId();
-			if (deploymentId) {
-				c.header(DEPLOYMENT_HEADER, deploymentId);
-			}
-		}
-		if (!skipLogging && !isWebSocket) {
-			config.logger.debug(
-				'%s %s completed (%d) in %sms',
-				c.req.method,
-				c.req.path,
-				c.res.status,
-				Number(performance.now() - started).toFixed(2)
-			);
-		}
-	});
-}
-/**
- * Create CORS middleware with lazy config resolution.
- *
- * Handles Cross-Origin Resource Sharing (CORS) headers for API routes.
- * Config is resolved at request time, allowing it to be set via createApp().
- * Static options passed here take precedence over app config.
- *
- * Default behavior:
- * - Reflects the request origin (allows any origin)
- * - Allows common headers: Content-Type, Authorization, Accept, Origin, X-Requested-With
- * - Allows all standard HTTP methods
- * - Enables credentials
- * - Sets max-age to 600 seconds (10 minutes)
- *
- * @param staticOptions - Optional static CORS options that override app config
- *
- * @example
- * ```typescript
- * // Use with default settings
- * app.use('/api/*', createCorsMiddleware());
- *
- * // Or configure via createApp
- * const app = await createApp({
- *   cors: {
- *     origin: 'https://example.com',
- *     allowHeaders: ['Content-Type', 'Authorization', 'X-Custom-Header'],
- *     maxAge: 3600,
- *   }
- * });
- *
- * // Or pass static options directly (overrides app config)
- * app.use('/api/*', createCorsMiddleware({
- *   origin: ['https://app.example.com', 'https://admin.example.com'],
- *   credentials: true,
- * }));
- * ```
- */
-export function createCorsMiddleware(staticOptions?: CorsConfig) {
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	return createMiddleware<Env<any>>(async (c, next) => {
-		const corsOptions = { ...staticOptions };
-		// Extract Agentuity-specific options
-		const { sameOrigin, allowedOrigins, ...honoCorsOptions } = corsOptions;
-		// Determine origin handler based on sameOrigin setting
-		let originHandler: NonNullable<Parameters<typeof cors>[0]>['origin'];
-		if (sameOrigin) {
-			// Use trusted origins (env vars + allowedOrigins + same-origin)
-			originHandler = createTrustedCorsOrigin({ allowedOrigins });
-		} else if (honoCorsOptions.origin !== undefined) {
-			// Use explicitly provided origin
-			originHandler = honoCorsOptions.origin;
-		} else {
-			// Default: reflect any origin (backwards compatible)
-			originHandler = (origin: string) => origin;
-		}
-		// Required headers that must always be allowed/exposed for runtime functionality
-		const requiredAllowHeaders = [THREAD_HEADER];
-		const requiredExposeHeaders = [
-			TOKENS_HEADER,
-			DURATION_HEADER,
-			THREAD_HEADER,
-			SESSION_HEADER,
-			DEPLOYMENT_HEADER,
-		];
-		// Default headers to allow (used if none specified)
-		const defaultAllowHeaders = [
-			'Content-Type',
-			'Authorization',
-			'Accept',
-			'Origin',
-			'X-Requested-With',
-		];
-		// Default headers to expose (used if none specified)
-		const defaultExposeHeaders = ['Content-Length'];
-		const finalAllowHeaders = [
-			...(honoCorsOptions.allowHeaders ?? defaultAllowHeaders),
-			...requiredAllowHeaders,
-		];
-		const corsMiddleware = cors({
-			...honoCorsOptions,
-			origin: originHandler,
-			// Always include required headers, merge with user-provided or defaults
-			allowHeaders: finalAllowHeaders,
-			allowMethods: honoCorsOptions.allowMethods ?? [
-				'POST',
-				'GET',
-				'OPTIONS',
-				'HEAD',
-				'PUT',
-				'DELETE',
-				'PATCH',
-			],
-			// Always include required headers, merge with user-provided or defaults
-			exposeHeaders: [
-				...(honoCorsOptions.exposeHeaders ?? defaultExposeHeaders),
-				...requiredExposeHeaders,
-			],
-			maxAge: honoCorsOptions.maxAge ?? 600,
-			credentials: honoCorsOptions.credentials ?? originHandler !== '*',
-		});
-		return corsMiddleware(c, next);
-	});
-}
-/**
- * Create OpenTelemetry middleware for session/thread tracking
- * This is the critical middleware that creates AgentContext
- */
-export function createOtelMiddleware() {
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	return createMiddleware<Env<any>>(async (c, next) => {
-		// Skip thread/session setup entirely for lightweight endpoints
-		if (OTEL_FULL_SKIP_PATHS.has(c.req.path)) {
-			return next();
-		}
-		// Check if we should skip session events (but still set up thread/session)
-		const skipSessionEvents = OTEL_SESSION_EVENT_SKIP_PATHS.has(c.req.path);
-		// Import providers dynamically to avoid circular deps
-		const { getThreadProvider, getSessionProvider } = await import('./_services');
-		const WaitUntilHandler = (await import('./_waituntil')).default;
-		const extractedContext = extractTraceContextFromRequest(c.req.raw);
-		const method = c.req.method;
-		const url = new URL(c.req.url);
-		const threadProvider = getThreadProvider();
-		const sessionProvider = getSessionProvider();
-		await context.with(extractedContext, async (): Promise<void> => {
-			const tracer = trace.getTracer('http-server');
-			// Build enriched traceState BEFORE span creation so the
-			// recording span inherits it and it gets exported to OTLP.
-			// Previously, traceState was set on a NonRecordingSpan *after*
-			// the recording span was created, which meant it was propagated
-			// to outbound requests but never appeared in the exported span
-			// data (ClickHouse TraceState column was empty).
-			const projectId = runtimeConfig.getProjectId();
-			const orgId = runtimeConfig.getOrganizationId();
-			const deploymentId = runtimeConfig.getDeploymentId();
-			const isDevMode = runtimeConfig.isDevMode();
-			internal.info(
-				'[session] config: orgId=%s, projectId=%s, deploymentId=%s, isDevMode=%s',
-				orgId ?? 'NOT SET (AGENTUITY_CLOUD_ORG_ID)',
-				projectId ?? 'NOT SET (AGENTUITY_CLOUD_PROJECT_ID)',
-				deploymentId ?? 'none',
-				isDevMode
-			);
-			const enrichedContext = enrichContextWithTraceState(context.active(), {
-				pid: projectId,
-				oid: orgId,
-				did: deploymentId,
-				d: isDevMode ? '1' : undefined,
-			});
-			await tracer.startActiveSpan(
-				`${method} ${url.pathname}`,
-				{
-					kind: SpanKind.SERVER,
-					attributes: {
-						'http.method': method,
-						'http.host': url.host,
-						'http.user_agent': c.req.header('user-agent') || '',
-						'http.path': url.pathname,
-					},
-				},
-				enrichedContext,
-				async (span): Promise<void> => {
-					// Track request duration from the SDK's perspective
-					const requestStartTime = performance.now();
-					const sctx = span.spanContext();
-					const sessionId = sctx?.traceId ? `sess_${sctx.traceId}` : generateId('sess');
-					const thread = await threadProvider.restore(c);
-					const session = await sessionProvider.restore(thread, sessionId);
-					const handler = new WaitUntilHandler(tracer);
-					const isWsUpgrade = c.req.header('upgrade')?.toLowerCase() === 'websocket';
-					c.set('sessionId', sessionId);
-					c.set('thread', thread);
-					c.set('session', session);
-					// eslint-disable-next-line @typescript-eslint/no-explicit-any
-					(c as any).set('waitUntilHandler', handler);
-					const agentIds = new Set<string>();
-					// eslint-disable-next-line @typescript-eslint/no-explicit-any
-					(c as any).set('agentIds', agentIds);
-					// eslint-disable-next-line @typescript-eslint/no-explicit-any
-					(c as any).set('trigger', isWsUpgrade ? 'websocket' : 'api');
-					// Send session start event (so evalruns can reference this session)
-					// The provider decides whether to send based on available data (orgId, projectId, etc.)
-					// Skip for workbench routes that don't need session tracking
-					const sessionEventProvider = getSessionEventProvider();
-					if (sessionEventProvider && !skipSessionEvents) {
-						try {
-							// Look up routeId from build metadata by matching method and path
-							// We need to do this here because the router wrapper hasn't run yet
-							const metadata = loadBuildMetadata();
-							const methodUpper = c.req.method.toUpperCase();
-							// Normalize paths: trim trailing slashes for consistent matching
-							const normalizePath = (p: string) => {
-								const decoded = decodeURIComponent(p);
-								return decoded.endsWith('/') && decoded.length > 1
-									? decoded.slice(0, -1)
-									: decoded;
-							};
-							const requestPath = normalizePath(c.req.path);
-							// Helper to check if requestPath ends with routePath at a segment boundary
-							// e.g., "/api/translate" matches "/translate" but "/api/translate-v2" does not
-							const matchesAtSegmentBoundary = (reqPath: string, routePath: string) => {
-								if (reqPath === routePath) return true;
-								if (!reqPath.endsWith(routePath)) return false;
-								// Check that the character before the match is a path separator
-								const charBeforeMatch = reqPath[reqPath.length - routePath.length - 1];
-								return charBeforeMatch === '/';
-							};
-							// Try matching by exact normalized path first
-							let route = metadata?.routes?.find(
-								(r) =>
-									r.method.toUpperCase() === methodUpper &&
-									normalizePath(r.path) === requestPath
-							);
-							// Fall back to segment-boundary matching (handles /api/translate matching /translate)
-							if (!route) {
-								route = metadata?.routes?.find(
-									(r) =>
-										r.method.toUpperCase() === methodUpper &&
-										matchesAtSegmentBoundary(requestPath, normalizePath(r.path))
-								);
-							}
-							const routeId = route?.id || '';
-							await sessionEventProvider.start({
-								id: sessionId,
-								threadId: thread.id,
-								orgId: orgId || '',
-								projectId: projectId || '',
-								deploymentId: deploymentId || undefined,
-								devmode: isDevMode,
-								trigger: isWsUpgrade ? 'websocket' : 'api',
-								routeId,
-								environment: runtimeConfig.getEnvironment(),
-								url: c.req.path,
-								method: c.req.method,
-							});
-						} catch (_ex) {
-							// Silently ignore session start errors - don't block request
-						}
-					}
-					// Factor out finalization logic so it can run synchronously or deferred
-					const finalizeSession = async (statusCode?: number, error?: string) => {
-						internal.info(
-							'[session] saving session %s (thread: %s) (error: %s)',
-							sessionId,
-							thread.id,
-							error
-						);
-						await sessionProvider.save(session);
-						internal.info('[session] session saved, now saving thread');
-						await threadProvider.save(thread);
-						internal.info('[session] thread saved');
-						// Send session complete event (skip for workbench routes)
-						if (sessionEventProvider && !skipSessionEvents) {
-							try {
-								const userData = session.serializeUserData();
-								internal.info(
-									'[session] sending session complete event, userData: %s',
-									userData ? `${userData.length} bytes` : 'none'
-								);
-								// eslint-disable-next-line @typescript-eslint/no-explicit-any
-								const agentIdsSet = (c as any).get('agentIds') as Set<string> | undefined;
-								const agentIds = agentIdsSet ? [...agentIdsSet].filter(Boolean) : undefined;
-								internal.info('[session] agentIds: %o', agentIds);
-								const isEmpty = await thread.empty();
-								await sessionEventProvider.complete({
-									id: sessionId,
-									threadId: isEmpty ? null : thread.id,
-									statusCode: statusCode ?? c.res?.status ?? 200,
-									error,
-									agentIds: agentIds?.length ? agentIds : undefined,
-									userData,
-								});
-								internal.info('[session] session complete event sent');
-							} catch (ex) {
-								internal.info(
-									'[session] session complete event failed: %s',
-									ex instanceof Error ? ex.message : ex
-								);
-								// Silently ignore session complete errors - don't block response
-							}
-						}
-					};
-					// Track state for finalization
-					let responseStatus = 200;
-					let errorMessage: string | undefined;
-					let handlerDurationMs = 0;
-					// Track whether span should be ended in finally block (false for streaming - ended in waitUntil)
-					let shouldEndSpanInFinally = true;
-					try {
-						internal.info(
-							'[request] %s %s - handler starting (session: %s)',
-							method,
-							url.pathname,
-							sessionId
-						);
-						await next();
-						// Capture timing immediately after next() returns - this is when the handler completed
-						// This is the HTTP response time we want to report (excludes waitUntil/finalization)
-						handlerDurationMs = performance.now() - requestStartTime;
-						internal.info(
-							'[request] %s %s - handler completed in %sms (session: %s)',
-							method,
-							url.pathname,
-							handlerDurationMs.toFixed(2),
-							sessionId
-						);
-						// Check if this is a streaming response that needs deferred finalization
-						// eslint-disable-next-line @typescript-eslint/no-explicit-any
-						const streamDone = (c as any).get(STREAM_DONE_PROMISE_KEY) as
-							| Promise<void>
-							| undefined;
-						// eslint-disable-next-line @typescript-eslint/no-explicit-any
-						const isStreaming = Boolean((c as any).get(IS_STREAMING_RESPONSE_KEY));
-						// Check if this is a WebSocket response that needs deferred finalization
-						// eslint-disable-next-line @typescript-eslint/no-explicit-any
-						const wsDone = (c as any).get(WS_DONE_PROMISE_KEY) as Promise<void> | undefined;
-						// Check if Hono caught an error (c.error is set by Hono's error handler)
-						// or if the response status indicates an error
-						// eslint-disable-next-line @typescript-eslint/no-explicit-any
-						const honoError = (c as any).error as Error | undefined;
-						responseStatus = c.res?.status ?? 200;
-						const isError = honoError || responseStatus >= 500;
-						internal.info(
-							'[request] %s %s - status: %d, streaming: %s, websocket: %s, error: %s (session: %s)',
-							method,
-							url.pathname,
-							responseStatus,
-							isStreaming,
-							Boolean(wsDone),
-							isError,
-							sessionId
-						);
-						if (isError) {
-							// Capture error message for finalization
-							errorMessage = honoError
-								? (honoError.stack ?? honoError.message)
-								: `HTTP ${responseStatus}`;
-							span.setStatus({
-								code: SpanStatusCode.ERROR,
-								message: honoError?.message ?? errorMessage,
-							});
-							if (honoError) {
-								span.recordException(honoError);
-							}
-						} else {
-							span.setStatus({ code: SpanStatusCode.OK });
-						}
-						// For streaming responses, defer everything until stream completes
-						if (isStreaming && streamDone) {
-							internal.info(
-								'[request] %s %s - streaming response, deferring finalization (session: %s)',
-								method,
-								url.pathname,
-								sessionId
-							);
-							// For streaming, we end the span inside waitUntil after setting attributes
-							shouldEndSpanInFinally = false;
-							// Capture pending promises BEFORE adding finalization waitUntil to avoid deadlock
-							const pendingPromises = handler.getPendingSnapshot();
-							const hasPendingTasks = pendingPromises.length > 0;
-							if (hasPendingTasks) {
-								internal.info(
-									'[request] %s %s - %d pending waitUntil tasks to wait for after stream (session: %s)',
-									method,
-									url.pathname,
-									pendingPromises.length,
-									sessionId
-								);
-							}
-							// Capture values needed for span attributes (responseStatus already captured above)
-							const capturedResponseStatus = responseStatus;
-							const capturedErrorMessage = errorMessage;
-							// Use waitUntil to handle stream completion and finalization
-							// This runs AFTER the response is sent to the client
-							// Note: We intentionally do NOT use noSpan here - the waitUntil span helps
-							// track the streaming finalization work in telemetry
-							handler.waitUntil(async () => {
-								// Track if stream ended with error so we can update finalization status
-								let streamError: unknown = undefined;
-								try {
-									await streamDone;
-									internal.info(
-										'[request] %s %s - stream completed (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-								} catch (ex) {
-									streamError = ex;
-									internal.info(
-										'[request] %s %s - stream ended with error: %s (session: %s)',
-										method,
-										url.pathname,
-										ex,
-										sessionId
-									);
-								}
-								// Record duration now that stream is complete - set attributes BEFORE ending span
-								const streamDurationMs = performance.now() - requestStartTime;
-								const durationNs = Math.round(streamDurationMs * 1_000_000);
-								internal.info(
-									'[request] %s %s - recording stream duration: %sms (session: %s)',
-									method,
-									url.pathname,
-									streamDurationMs.toFixed(2),
-									sessionId
-								);
-								// Determine final status - use stream error if present
-								const finalStatus = streamError ? 500 : capturedResponseStatus;
-								const finalErrorMessage = streamError
-									? streamError instanceof Error
-										? (streamError.stack ?? streamError.message)
-										: String(streamError)
-									: capturedErrorMessage;
-								try {
-									// Wait for pending tasks (evals, etc.) captured BEFORE this waitUntil was added
-									if (hasPendingTasks) {
-										internal.info(
-											'[request] %s %s - waiting for %d pending waitUntil tasks (session: %s)',
-											method,
-											url.pathname,
-											pendingPromises.length,
-											sessionId
-										);
-										const logger = c.get('logger');
-										await handler.waitForPromises(pendingPromises, logger, sessionId);
-										internal.info(
-											'[request] %s %s - all waitUntil tasks complete (session: %s)',
-											method,
-											url.pathname,
-											sessionId
-										);
-									}
-									// Finalize session after stream completes and evals finish
-									await finalizeSession(
-										finalStatus >= 500 ? finalStatus : undefined,
-										finalErrorMessage
-									);
-									internal.info(
-										'[request] %s %s - stream session finalization complete (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-								} finally {
-									// Set span attributes and end span AFTER all work is done
-									span.setAttribute('@agentuity/request.duration', durationNs);
-									span.setAttribute('http.status_code', finalStatus);
-									// Set span status based on whether there was an error
-									if (streamError) {
-										span.setStatus({
-											code: SpanStatusCode.ERROR,
-											message: finalErrorMessage ?? 'Stream ended with error',
-										});
-										if (streamError instanceof Error) {
-											span.recordException(streamError);
-										}
-									} else {
-										span.setStatus({ code: SpanStatusCode.OK });
-									}
-									span.end();
-									internal.info(
-										'[request] %s %s - stream span ended (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-									// Note: We don't call waitUntilAll() here because this waitUntil callback
-									// IS the final cleanup task. Calling waitUntilAll() would deadlock since
-									// it would wait for this very promise to complete.
-								}
-							});
-						} else if (wsDone) {
-							// WebSocket upgrade — end the span immediately (short-lived upgrade span)
-							// Per OTel conventions, spans should be short-lived. The HTTP upgrade
-							// request is a discrete event that completes in milliseconds. Keeping
-							// a span open for the entire WS connection lifetime (minutes/hours) is
-							// non-standard and causes issues with OTel backends.
-							internal.info(
-								'[request] %s %s - websocket upgrade, ending span immediately (session: %s)',
-								method,
-								url.pathname,
-								sessionId
-							);
-							// End the upgrade span now with the upgrade duration
-							const upgradeDurationNs = Math.round(handlerDurationMs * 1_000_000);
-							span.setAttribute('@agentuity/request.duration', upgradeDurationNs);
-							span.setAttribute('http.status_code', responseStatus);
-							span.setStatus({ code: SpanStatusCode.OK });
-							span.end();
-							shouldEndSpanInFinally = false; // already ended
-							// Session finalization still defers until WS close, but without holding a span
-							const pendingPromises = handler.getPendingSnapshot();
-							const hasPendingTasks = pendingPromises.length > 0;
-							if (hasPendingTasks) {
-								internal.info(
-									'[request] %s %s - %d pending waitUntil tasks to wait for after websocket close (session: %s)',
-									method,
-									url.pathname,
-									pendingPromises.length,
-									sessionId
-								);
-							}
-							handler.waitUntil(async () => {
-								let wsError: unknown = undefined;
-								try {
-									await wsDone;
-									internal.info(
-										'[request] %s %s - websocket closed (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-								} catch (ex) {
-									wsError = ex;
-									internal.info(
-										'[request] %s %s - websocket closed with error: %s (session: %s)',
-										method,
-										url.pathname,
-										ex,
-										sessionId
-									);
-								}
-								const finalStatus = wsError ? 500 : responseStatus;
-								const finalErrorMessage = wsError
-									? wsError instanceof Error
-										? (wsError.stack ?? wsError.message)
-										: String(wsError)
-									: errorMessage;
-								// Wait for pending tasks captured BEFORE this waitUntil was added
-								if (hasPendingTasks) {
-									internal.info(
-										'[request] %s %s - waiting for %d pending waitUntil tasks (session: %s)',
-										method,
-										url.pathname,
-										pendingPromises.length,
-										sessionId
-									);
-									const logger = c.get('logger');
-									await handler.waitForPromises(pendingPromises, logger, sessionId);
-									internal.info(
-										'[request] %s %s - all waitUntil tasks complete (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-								}
-								// Finalize session after WebSocket closes
-								await finalizeSession(
-									finalStatus >= 500 ? finalStatus : undefined,
-									finalErrorMessage
-								);
-								internal.info(
-									'[request] %s %s - websocket session finalization complete (session: %s)',
-									method,
-									url.pathname,
-									sessionId
-								);
-							});
-						} else {
-							// Non-streaming: record duration immediately
-							const durationNs = Math.round(handlerDurationMs * 1_000_000);
-							internal.info(
-								'[request] %s %s - recording duration: %sms (%dns) (session: %s)',
-								method,
-								url.pathname,
-								handlerDurationMs.toFixed(2),
-								durationNs,
-								sessionId
-							);
-							span.setAttribute('@agentuity/request.duration', durationNs);
-							span.setAttribute('http.status_code', responseStatus);
-							// Capture pending promises BEFORE adding finalization waitUntil to avoid deadlock.
-							// If we called waitUntilAll inside waitUntil, it would wait for itself.
-							const pendingPromises = handler.getPendingSnapshot();
-							const hasPendingTasks = pendingPromises.length > 0;
-							if (hasPendingTasks) {
-								internal.info(
-									'[request] %s %s - %d pending waitUntil tasks to wait for (session: %s)',
-									method,
-									url.pathname,
-									pendingPromises.length,
-									sessionId
-								);
-							}
-							// Capture values for use in waitUntil callback
-							const capturedResponseStatus = responseStatus;
-							const capturedErrorMessage = errorMessage;
-							// Defer session finalization to run AFTER response is sent
-							// Use noSpan: true since finalizeSession creates its own Session End span
-							handler.waitUntil(
-								async () => {
-									// Wait for the snapshot of pending tasks (evals, etc.) captured BEFORE this waitUntil was added
-									if (hasPendingTasks) {
-										internal.info(
-											'[request] %s %s - waiting for %d pending waitUntil tasks (session: %s)',
-											method,
-											url.pathname,
-											pendingPromises.length,
-											sessionId
-										);
-										const logger = c.get('logger');
-										await handler.waitForPromises(pendingPromises, logger, sessionId);
-										internal.info(
-											'[request] %s %s - all waitUntil tasks complete (session: %s)',
-											method,
-											url.pathname,
-											sessionId
-										);
-									}
-									// Finalize session - this is the actual work
-									internal.info(
-										'[request] %s %s - starting session finalization (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-									try {
-										await finalizeSession(
-											capturedResponseStatus >= 500 ? capturedResponseStatus : undefined,
-											capturedErrorMessage
-										);
-										internal.info(
-											'[request] %s %s - session finalization complete (session: %s)',
-											method,
-											url.pathname,
-											sessionId
-										);
-									} catch (ex) {
-										internal.error(
-											'[request] %s %s - session finalization failed: %s (session: %s)',
-											method,
-											url.pathname,
-											ex,
-											sessionId
-										);
-									}
-									// Note: We don't call waitUntilAll() here because this waitUntil callback
-									// IS the final cleanup task. Calling waitUntilAll() would deadlock since
-									// it would wait for this very promise to complete.
-								},
-								{ noSpan: true }
-							);
-						}
-					} catch (ex) {
-						// Record request metrics even on exceptions (500 status)
-						const exceptionDurationMs = performance.now() - requestStartTime;
-						const durationNs = Math.round(exceptionDurationMs * 1_000_000);
-						internal.info(
-							'[request] %s %s - recording exception duration: %sms (session: %s)',
-							method,
-							url.pathname,
-							exceptionDurationMs.toFixed(2),
-							sessionId
-						);
-						span.setAttribute('@agentuity/request.duration', durationNs);
-						span.setAttribute('http.status_code', 500);
-						if (ex instanceof Error) {
-							span.recordException(ex);
-						}
-						errorMessage = ex instanceof Error ? (ex.stack ?? ex.message) : String(ex);
-						responseStatus = 500;
-						span.setStatus({
-							code: SpanStatusCode.ERROR,
-							message: ex instanceof Error ? ex.message : String(ex),
-						});
-						// Capture error message for use in waitUntil callback
-						const capturedErrorMessage = errorMessage;
-						// Capture pending promises BEFORE adding finalization waitUntil to avoid deadlock
-						const pendingPromises = handler.getPendingSnapshot();
-						const hasPendingTasks = pendingPromises.length > 0;
-						if (hasPendingTasks) {
-							internal.info(
-								'[request] %s %s - %d pending waitUntil tasks to wait for after error (session: %s)',
-								method,
-								url.pathname,
-								pendingPromises.length,
-								sessionId
-							);
-						}
-						// Still defer finalization even on error
-						// Use noSpan: true since finalizeSession creates its own Session End span
-						handler.waitUntil(
-							async () => {
-								// Wait for pending tasks (evals, etc.) captured BEFORE this waitUntil was added
-								if (hasPendingTasks) {
-									internal.info(
-										'[request] %s %s - waiting for %d pending waitUntil tasks (session: %s)',
-										method,
-										url.pathname,
-										pendingPromises.length,
-										sessionId
-									);
-									const logger = c.get('logger');
-									await handler.waitForPromises(pendingPromises, logger, sessionId);
-									internal.info(
-										'[request] %s %s - all waitUntil tasks complete (session: %s)',
-										method,
-										url.pathname,
-										sessionId
-									);
-								}
-								try {
-									await finalizeSession(500, capturedErrorMessage);
-								} catch (finalizeEx) {
-									internal.error(
-										'[request] %s %s - error session finalization failed: %s (session: %s)',
-										method,
-										url.pathname,
-										finalizeEx,
-										sessionId
-									);
-								}
-								// Note: We don't call waitUntilAll() here because this waitUntil callback
-								// IS the final cleanup task. Calling waitUntilAll() would deadlock since
-								// it would wait for this very promise to complete.
-							},
-							{ noSpan: true }
-						);
-						throw ex;
-					} finally {
-						// Set response headers - this is the only thing that should block the response
-						const headers: Record<string, string> = {};
-						propagation.inject(context.active(), headers);
-						for (const key of Object.keys(headers)) {
-							c.header(key, headers[key]);
-						}
-						const traceId = sctx?.traceId || sessionId.replace(/^sess_/, '');
-						c.header(SESSION_HEADER, `sess_${traceId}`);
-						internal.info(
-							'[request] %s %s - response ready, duration: %sms (session: %s)',
-							method,
-							url.pathname,
-							handlerDurationMs.toFixed(2),
-							sessionId
-						);
-						// Only end span here for non-streaming responses
-						// For streaming, span is ended in the waitUntil callback after setting duration attributes
-						if (shouldEndSpanInFinally) {
-							span.end();
-						}
-					}
-				}
-			);
-		});
-	});
-}
-/**
- * Create compression middleware with lazy config resolution.
- *
- * Compresses response bodies using gzip or deflate based on the Accept-Encoding header.
- * Config is resolved at request time, allowing it to be set via createApp().
- *
- * @param staticConfig - Optional static config that overrides app config
- *
- * @example
- * ```typescript
- * // Use with default settings
- * app.use('*', createCompressionMiddleware());
- *
- * // Or configure via createApp
- * const app = await createApp({
- *   compression: {
- *     threshold: 2048,
- *   }
- * });
- * ```
- */
-export function createCompressionMiddleware(staticConfig?: CompressionConfig | false) {
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	return createMiddleware<Env<any>>(async (c, next) => {
-		// Check if compression is explicitly disabled
-		if (staticConfig === false || staticConfig?.enabled === false) {
-			return next();
-		}
-		const config: CompressionConfig = { ...staticConfig };
-		const { enabled = true, threshold = 1024, filter, honoOptions } = config;
-		// Skip if explicitly disabled
-		if (!enabled) {
-			return next();
-		}
-		// Skip WebSocket upgrade requests
-		const upgrade = c.req.header('upgrade');
-		if (upgrade && upgrade.toLowerCase() === 'websocket') {
-			return next();
-		}
-		// Skip if no Accept-Encoding header
-		const acceptEncoding = c.req.header('accept-encoding');
-		if (!acceptEncoding) {
-			return next();
-		}
-		// Check custom filter
-		if (filter && !filter(c)) {
-			return next();
-		}
-		// Create and run the Hono compress middleware
-		const compressMiddleware = compress({
-			threshold,
-			...honoOptions,
-		});
-		await compressMiddleware(c, next);
-	});
-}
-/**
- * Create lightweight thread middleware for web routes (analytics).
- *
- * Sets thread cookie that persists across page views for client-side analytics.
- * This middleware does NOT:
- * - Create or track sessions (no session ID)
- * - Set session/thread response headers
- * - Send events to Catalyst sessions table
- *
- * This is intentionally separate from createOtelMiddleware to avoid
- * polluting the sessions table with web browsing activity.
- *
- * - Thread cookie (atid_a): Analytics-readable copy, 1-week expiry
- */
-export function createWebSessionMiddleware() {
-	// eslint-disable-next-line @typescript-eslint/no-explicit-any
-	return createMiddleware<Env<any>>(async (c, next) => {
-		// Import providers dynamically to avoid circular deps
-		const { getThreadProvider } = await import('./_services');
-		const secret = getSessionSecret();
-		// Use ThreadProvider.restore() to get/create thread (handles header, cookie, generation)
-		const threadProvider = getThreadProvider();
-		const thread = await threadProvider.restore(c);
-		// Set thread cookie for analytics
-		// httpOnly: false so beacon script can read it
-		const isSecure = c.req.url.startsWith('https://');
-		await setSignedCookie(c, 'atid_a', thread.id, secret, {
-			httpOnly: false, // Readable by JavaScript for analytics
-			secure: isSecure,
-			sameSite: 'Lax',
-			path: '/',
-			maxAge: 604800, // 1 week
-		});
-		// Store in context for handler to access in same request
-		// (cookies aren't readable until the next request)
-		c.set('_webThreadId', thread.id);
-		await next();
-	});
-}
-/**
- * Get the secret used for signing session/thread cookies.
- * Uses AGENTUITY_SDK_KEY if available, falls back to 'agentuity'.
- */
-export function getSessionSecret(): string {
-	return process.env.AGENTUITY_SDK_KEY || 'agentuity';
-}