npm - @aitne/daemon - Versions diffs - 0.1.0 - Mend

@aitne/daemon 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1386) hide show

package/LICENSE +21 -0
package/dist/adapters/composite-dashboard-stream.d.ts +42 -0
package/dist/adapters/composite-dashboard-stream.d.ts.map +1 -0
package/dist/adapters/composite-dashboard-stream.js +49 -0
package/dist/adapters/composite-dashboard-stream.js.map +1 -0
package/dist/adapters/dashboard-adapter.d.ts +104 -0
package/dist/adapters/dashboard-adapter.d.ts.map +1 -0
package/dist/adapters/dashboard-adapter.js +216 -0
package/dist/adapters/dashboard-adapter.js.map +1 -0
package/dist/adapters/discord.d.ts +77 -0
package/dist/adapters/discord.d.ts.map +1 -0
package/dist/adapters/discord.js +339 -0
package/dist/adapters/discord.js.map +1 -0
package/dist/adapters/docs-qa-adapter.d.ts +123 -0
package/dist/adapters/docs-qa-adapter.d.ts.map +1 -0
package/dist/adapters/docs-qa-adapter.js +218 -0
package/dist/adapters/docs-qa-adapter.js.map +1 -0
package/dist/adapters/message-hub.d.ts +70 -0
package/dist/adapters/message-hub.d.ts.map +1 -0
package/dist/adapters/message-hub.js +359 -0
package/dist/adapters/message-hub.js.map +1 -0
package/dist/adapters/notification-manager.d.ts +99 -0
package/dist/adapters/notification-manager.d.ts.map +1 -0
package/dist/adapters/notification-manager.js +498 -0
package/dist/adapters/notification-manager.js.map +1 -0
package/dist/adapters/outbound-text.d.ts +28 -0
package/dist/adapters/outbound-text.d.ts.map +1 -0
package/dist/adapters/outbound-text.js +58 -0
package/dist/adapters/outbound-text.js.map +1 -0
package/dist/adapters/slack-adapter.d.ts +82 -0
package/dist/adapters/slack-adapter.d.ts.map +1 -0
package/dist/adapters/slack-adapter.js +359 -0
package/dist/adapters/slack-adapter.js.map +1 -0
package/dist/adapters/telegram-adapter.d.ts +107 -0
package/dist/adapters/telegram-adapter.d.ts.map +1 -0
package/dist/adapters/telegram-adapter.js +477 -0
package/dist/adapters/telegram-adapter.js.map +1 -0
package/dist/adapters/types.d.ts +92 -0
package/dist/adapters/types.d.ts.map +1 -0
package/dist/adapters/types.js +2 -0
package/dist/adapters/types.js.map +1 -0
package/dist/adapters/whatsapp-adapter.d.ts +213 -0
package/dist/adapters/whatsapp-adapter.d.ts.map +1 -0
package/dist/adapters/whatsapp-adapter.js +1216 -0
package/dist/adapters/whatsapp-adapter.js.map +1 -0
package/dist/api/chat-binding-query.d.ts +36 -0
package/dist/api/chat-binding-query.d.ts.map +1 -0
package/dist/api/chat-binding-query.js +63 -0
package/dist/api/chat-binding-query.js.map +1 -0
package/dist/api/chat-session-resume.d.ts +12 -0
package/dist/api/chat-session-resume.d.ts.map +1 -0
package/dist/api/chat-session-resume.js +21 -0
package/dist/api/chat-session-resume.js.map +1 -0
package/dist/api/delegated-proxy-helper.d.ts +33 -0
package/dist/api/delegated-proxy-helper.d.ts.map +1 -0
package/dist/api/delegated-proxy-helper.js +54 -0
package/dist/api/delegated-proxy-helper.js.map +1 -0
package/dist/api/directory-picker.d.ts +38 -0
package/dist/api/directory-picker.d.ts.map +1 -0
package/dist/api/directory-picker.js +278 -0
package/dist/api/directory-picker.js.map +1 -0
package/dist/api/env-writer.d.ts +25 -0
package/dist/api/env-writer.d.ts.map +1 -0
package/dist/api/env-writer.js +421 -0
package/dist/api/env-writer.js.map +1 -0
package/dist/api/integration-route-gate.d.ts +60 -0
package/dist/api/integration-route-gate.d.ts.map +1 -0
package/dist/api/integration-route-gate.js +83 -0
package/dist/api/integration-route-gate.js.map +1 -0
package/dist/api/json-body.d.ts +29 -0
package/dist/api/json-body.d.ts.map +1 -0
package/dist/api/json-body.js +87 -0
package/dist/api/json-body.js.map +1 -0
package/dist/api/routes/activity-sources.d.ts +20 -0
package/dist/api/routes/activity-sources.d.ts.map +1 -0
package/dist/api/routes/activity-sources.js +18 -0
package/dist/api/routes/activity-sources.js.map +1 -0
package/dist/api/routes/agent.d.ts +4 -0
package/dist/api/routes/agent.d.ts.map +1 -0
package/dist/api/routes/agent.js +619 -0
package/dist/api/routes/agent.js.map +1 -0
package/dist/api/routes/apple-calendar.d.ts +31 -0
package/dist/api/routes/apple-calendar.d.ts.map +1 -0
package/dist/api/routes/apple-calendar.js +310 -0
package/dist/api/routes/apple-calendar.js.map +1 -0
package/dist/api/routes/attachments.d.ts +36 -0
package/dist/api/routes/attachments.d.ts.map +1 -0
package/dist/api/routes/attachments.js +305 -0
package/dist/api/routes/attachments.js.map +1 -0
package/dist/api/routes/backends.d.ts +4 -0
package/dist/api/routes/backends.d.ts.map +1 -0
package/dist/api/routes/backends.js +1132 -0
package/dist/api/routes/backends.js.map +1 -0
package/dist/api/routes/books.d.ts +63 -0
package/dist/api/routes/books.d.ts.map +1 -0
package/dist/api/routes/books.js +467 -0
package/dist/api/routes/books.js.map +1 -0
package/dist/api/routes/calendar.d.ts +36 -0
package/dist/api/routes/calendar.d.ts.map +1 -0
package/dist/api/routes/calendar.js +351 -0
package/dist/api/routes/calendar.js.map +1 -0
package/dist/api/routes/commands.d.ts +4 -0
package/dist/api/routes/commands.d.ts.map +1 -0
package/dist/api/routes/commands.js +251 -0
package/dist/api/routes/commands.js.map +1 -0
package/dist/api/routes/context.d.ts +57 -0
package/dist/api/routes/context.d.ts.map +1 -0
package/dist/api/routes/context.js +1765 -0
package/dist/api/routes/context.js.map +1 -0
package/dist/api/routes/dashboard.d.ts +29 -0
package/dist/api/routes/dashboard.d.ts.map +1 -0
package/dist/api/routes/dashboard.js +2062 -0
package/dist/api/routes/dashboard.js.map +1 -0
package/dist/api/routes/delegated-sync.d.ts +4 -0
package/dist/api/routes/delegated-sync.d.ts.map +1 -0
package/dist/api/routes/delegated-sync.js +192 -0
package/dist/api/routes/delegated-sync.js.map +1 -0
package/dist/api/routes/delegated.d.ts +42 -0
package/dist/api/routes/delegated.d.ts.map +1 -0
package/dist/api/routes/delegated.js +250 -0
package/dist/api/routes/delegated.js.map +1 -0
package/dist/api/routes/docs.d.ts +34 -0
package/dist/api/routes/docs.d.ts.map +1 -0
package/dist/api/routes/docs.js +580 -0
package/dist/api/routes/docs.js.map +1 -0
package/dist/api/routes/entities.d.ts +9 -0
package/dist/api/routes/entities.d.ts.map +1 -0
package/dist/api/routes/entities.js +176 -0
package/dist/api/routes/entities.js.map +1 -0
package/dist/api/routes/git-accounts.d.ts +23 -0
package/dist/api/routes/git-accounts.d.ts.map +1 -0
package/dist/api/routes/git-accounts.js +227 -0
package/dist/api/routes/git-accounts.js.map +1 -0
package/dist/api/routes/git-templates.d.ts +50 -0
package/dist/api/routes/git-templates.d.ts.map +1 -0
package/dist/api/routes/git-templates.js +276 -0
package/dist/api/routes/git-templates.js.map +1 -0
package/dist/api/routes/git.d.ts +34 -0
package/dist/api/routes/git.d.ts.map +1 -0
package/dist/api/routes/git.js +126 -0
package/dist/api/routes/git.js.map +1 -0
package/dist/api/routes/github.d.ts +34 -0
package/dist/api/routes/github.d.ts.map +1 -0
package/dist/api/routes/github.js +465 -0
package/dist/api/routes/github.js.map +1 -0
package/dist/api/routes/health.d.ts +4 -0
package/dist/api/routes/health.d.ts.map +1 -0
package/dist/api/routes/health.js +257 -0
package/dist/api/routes/health.js.map +1 -0
package/dist/api/routes/integrations-reconcile.d.ts +33 -0
package/dist/api/routes/integrations-reconcile.d.ts.map +1 -0
package/dist/api/routes/integrations-reconcile.js +463 -0
package/dist/api/routes/integrations-reconcile.js.map +1 -0
package/dist/api/routes/integrations.d.ts +19 -0
package/dist/api/routes/integrations.d.ts.map +1 -0
package/dist/api/routes/integrations.js +1384 -0
package/dist/api/routes/integrations.js.map +1 -0
package/dist/api/routes/knowledge.d.ts +4 -0
package/dist/api/routes/knowledge.d.ts.map +1 -0
package/dist/api/routes/knowledge.js +224 -0
package/dist/api/routes/knowledge.js.map +1 -0
package/dist/api/routes/mail.d.ts +39 -0
package/dist/api/routes/mail.d.ts.map +1 -0
package/dist/api/routes/mail.js +1406 -0
package/dist/api/routes/mail.js.map +1 -0
package/dist/api/routes/managed-tasks.d.ts +48 -0
package/dist/api/routes/managed-tasks.d.ts.map +1 -0
package/dist/api/routes/managed-tasks.js +844 -0
package/dist/api/routes/managed-tasks.js.map +1 -0
package/dist/api/routes/mcp.d.ts +50 -0
package/dist/api/routes/mcp.d.ts.map +1 -0
package/dist/api/routes/mcp.js +470 -0
package/dist/api/routes/mcp.js.map +1 -0
package/dist/api/routes/metrics.d.ts +13 -0
package/dist/api/routes/metrics.d.ts.map +1 -0
package/dist/api/routes/metrics.js +117 -0
package/dist/api/routes/metrics.js.map +1 -0
package/dist/api/routes/notion.d.ts +35 -0
package/dist/api/routes/notion.d.ts.map +1 -0
package/dist/api/routes/notion.js +442 -0
package/dist/api/routes/notion.js.map +1 -0
package/dist/api/routes/observations.d.ts +4 -0
package/dist/api/routes/observations.d.ts.map +1 -0
package/dist/api/routes/observations.js +177 -0
package/dist/api/routes/observations.js.map +1 -0
package/dist/api/routes/obsidian.d.ts +16 -0
package/dist/api/routes/obsidian.d.ts.map +1 -0
package/dist/api/routes/obsidian.js +321 -0
package/dist/api/routes/obsidian.js.map +1 -0
package/dist/api/routes/profile-questions.d.ts +17 -0
package/dist/api/routes/profile-questions.d.ts.map +1 -0
package/dist/api/routes/profile-questions.js +115 -0
package/dist/api/routes/profile-questions.js.map +1 -0
package/dist/api/routes/receipts.d.ts +4 -0
package/dist/api/routes/receipts.d.ts.map +1 -0
package/dist/api/routes/receipts.js +155 -0
package/dist/api/routes/receipts.js.map +1 -0
package/dist/api/routes/recurring-schedules.d.ts +4 -0
package/dist/api/routes/recurring-schedules.d.ts.map +1 -0
package/dist/api/routes/recurring-schedules.js +137 -0
package/dist/api/routes/recurring-schedules.js.map +1 -0
package/dist/api/routes/repositories.d.ts +40 -0
package/dist/api/routes/repositories.d.ts.map +1 -0
package/dist/api/routes/repositories.js +857 -0
package/dist/api/routes/repositories.js.map +1 -0
package/dist/api/routes/setup-migrate.d.ts +74 -0
package/dist/api/routes/setup-migrate.d.ts.map +1 -0
package/dist/api/routes/setup-migrate.js +944 -0
package/dist/api/routes/setup-migrate.js.map +1 -0
package/dist/api/routes/setup.d.ts +4 -0
package/dist/api/routes/setup.d.ts.map +1 -0
package/dist/api/routes/setup.js +443 -0
package/dist/api/routes/setup.js.map +1 -0
package/dist/api/routes/skill-curation.d.ts +5 -0
package/dist/api/routes/skill-curation.d.ts.map +1 -0
package/dist/api/routes/skill-curation.js +728 -0
package/dist/api/routes/skill-curation.js.map +1 -0
package/dist/api/routes/skills.d.ts +52 -0
package/dist/api/routes/skills.d.ts.map +1 -0
package/dist/api/routes/skills.js +429 -0
package/dist/api/routes/skills.js.map +1 -0
package/dist/api/routes/sot-bindings.d.ts +20 -0
package/dist/api/routes/sot-bindings.d.ts.map +1 -0
package/dist/api/routes/sot-bindings.js +163 -0
package/dist/api/routes/sot-bindings.js.map +1 -0
package/dist/api/routes/sse.d.ts +86 -0
package/dist/api/routes/sse.d.ts.map +1 -0
package/dist/api/routes/sse.js +378 -0
package/dist/api/routes/sse.js.map +1 -0
package/dist/api/routes/system.d.ts +4 -0
package/dist/api/routes/system.d.ts.map +1 -0
package/dist/api/routes/system.js +207 -0
package/dist/api/routes/system.js.map +1 -0
package/dist/api/routes/task-flows.d.ts +30 -0
package/dist/api/routes/task-flows.d.ts.map +1 -0
package/dist/api/routes/task-flows.js +155 -0
package/dist/api/routes/task-flows.js.map +1 -0
package/dist/api/routes/travel-bookings.d.ts +4 -0
package/dist/api/routes/travel-bookings.d.ts.map +1 -0
package/dist/api/routes/travel-bookings.js +142 -0
package/dist/api/routes/travel-bookings.js.map +1 -0
package/dist/api/routes/travel-time.d.ts +8 -0
package/dist/api/routes/travel-time.d.ts.map +1 -0
package/dist/api/routes/travel-time.js +87 -0
package/dist/api/routes/travel-time.js.map +1 -0
package/dist/api/routes/triggers.d.ts +4 -0
package/dist/api/routes/triggers.d.ts.map +1 -0
package/dist/api/routes/triggers.js +101 -0
package/dist/api/routes/triggers.js.map +1 -0
package/dist/api/routes/voice.d.ts +48 -0
package/dist/api/routes/voice.d.ts.map +1 -0
package/dist/api/routes/voice.js +232 -0
package/dist/api/routes/voice.js.map +1 -0
package/dist/api/server.d.ts +428 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +558 -0
package/dist/api/server.js.map +1 -0
package/dist/config.d.ts +136 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +699 -0
package/dist/config.js.map +1 -0
package/dist/core/agent-core.d.ts +517 -0
package/dist/core/agent-core.d.ts.map +1 -0
package/dist/core/agent-core.js +102 -0
package/dist/core/agent-core.js.map +1 -0
package/dist/core/alerts.d.ts +86 -0
package/dist/core/alerts.d.ts.map +1 -0
package/dist/core/alerts.js +304 -0
package/dist/core/alerts.js.map +1 -0
package/dist/core/atomic-write.d.ts +51 -0
package/dist/core/atomic-write.d.ts.map +1 -0
package/dist/core/atomic-write.js +135 -0
package/dist/core/atomic-write.js.map +1 -0
package/dist/core/backends/api-key-probe.d.ts +40 -0
package/dist/core/backends/api-key-probe.d.ts.map +1 -0
package/dist/core/backends/api-key-probe.js +116 -0
package/dist/core/backends/api-key-probe.js.map +1 -0
package/dist/core/backends/auth-health-monitor.d.ts +373 -0
package/dist/core/backends/auth-health-monitor.d.ts.map +1 -0
package/dist/core/backends/auth-health-monitor.js +950 -0
package/dist/core/backends/auth-health-monitor.js.map +1 -0
package/dist/core/backends/auth-recovery.d.ts +263 -0
package/dist/core/backends/auth-recovery.d.ts.map +1 -0
package/dist/core/backends/auth-recovery.js +1086 -0
package/dist/core/backends/auth-recovery.js.map +1 -0
package/dist/core/backends/auth-telemetry.d.ts +81 -0
package/dist/core/backends/auth-telemetry.d.ts.map +1 -0
package/dist/core/backends/auth-telemetry.js +108 -0
package/dist/core/backends/auth-telemetry.js.map +1 -0
package/dist/core/backends/backend-router.d.ts +272 -0
package/dist/core/backends/backend-router.d.ts.map +1 -0
package/dist/core/backends/backend-router.js +759 -0
package/dist/core/backends/backend-router.js.map +1 -0
package/dist/core/backends/claude-code-core.d.ts +299 -0
package/dist/core/backends/claude-code-core.d.ts.map +1 -0
package/dist/core/backends/claude-code-core.js +2541 -0
package/dist/core/backends/claude-code-core.js.map +1 -0
package/dist/core/backends/claude-credentials-store.d.ts +83 -0
package/dist/core/backends/claude-credentials-store.d.ts.map +1 -0
package/dist/core/backends/claude-credentials-store.js +243 -0
package/dist/core/backends/claude-credentials-store.js.map +1 -0
package/dist/core/backends/cli-utils.d.ts +95 -0
package/dist/core/backends/cli-utils.d.ts.map +1 -0
package/dist/core/backends/cli-utils.js +464 -0
package/dist/core/backends/cli-utils.js.map +1 -0
package/dist/core/backends/codex-core.d.ts +127 -0
package/dist/core/backends/codex-core.d.ts.map +1 -0
package/dist/core/backends/codex-core.js +1693 -0
package/dist/core/backends/codex-core.js.map +1 -0
package/dist/core/backends/gemini-cli-core.d.ts +367 -0
package/dist/core/backends/gemini-cli-core.d.ts.map +1 -0
package/dist/core/backends/gemini-cli-core.js +2331 -0
package/dist/core/backends/gemini-cli-core.js.map +1 -0
package/dist/core/backends/idle-watchdog.d.ts +77 -0
package/dist/core/backends/idle-watchdog.d.ts.map +1 -0
package/dist/core/backends/idle-watchdog.js +94 -0
package/dist/core/backends/idle-watchdog.js.map +1 -0
package/dist/core/backends/install-methods.d.ts +93 -0
package/dist/core/backends/install-methods.d.ts.map +1 -0
package/dist/core/backends/install-methods.js +267 -0
package/dist/core/backends/install-methods.js.map +1 -0
package/dist/core/backends/model-registry.d.ts +58 -0
package/dist/core/backends/model-registry.d.ts.map +1 -0
package/dist/core/backends/model-registry.js +539 -0
package/dist/core/backends/model-registry.js.map +1 -0
package/dist/core/backends/plan-presets.d.ts +123 -0
package/dist/core/backends/plan-presets.d.ts.map +1 -0
package/dist/core/backends/plan-presets.js +235 -0
package/dist/core/backends/plan-presets.js.map +1 -0
package/dist/core/backends/price-fetcher.d.ts +48 -0
package/dist/core/backends/price-fetcher.d.ts.map +1 -0
package/dist/core/backends/price-fetcher.js +248 -0
package/dist/core/backends/price-fetcher.js.map +1 -0
package/dist/core/backends/process-config-cascade.d.ts +68 -0
package/dist/core/backends/process-config-cascade.d.ts.map +1 -0
package/dist/core/backends/process-config-cascade.js +173 -0
package/dist/core/backends/process-config-cascade.js.map +1 -0
package/dist/core/backends/prompt-utils.d.ts +6 -0
package/dist/core/backends/prompt-utils.d.ts.map +1 -0
package/dist/core/backends/prompt-utils.js +80 -0
package/dist/core/backends/prompt-utils.js.map +1 -0
package/dist/core/backends/proxy-model-registry.d.ts +110 -0
package/dist/core/backends/proxy-model-registry.d.ts.map +1 -0
package/dist/core/backends/proxy-model-registry.js +195 -0
package/dist/core/backends/proxy-model-registry.js.map +1 -0
package/dist/core/backends/silent-api-error-detector.d.ts +31 -0
package/dist/core/backends/silent-api-error-detector.d.ts.map +1 -0
package/dist/core/backends/silent-api-error-detector.js +44 -0
package/dist/core/backends/silent-api-error-detector.js.map +1 -0
package/dist/core/bang-commands/commands-cost.d.ts +13 -0
package/dist/core/bang-commands/commands-cost.d.ts.map +1 -0
package/dist/core/bang-commands/commands-cost.js +91 -0
package/dist/core/bang-commands/commands-cost.js.map +1 -0
package/dist/core/bang-commands/commands-report.d.ts +18 -0
package/dist/core/bang-commands/commands-report.d.ts.map +1 -0
package/dist/core/bang-commands/commands-report.js +105 -0
package/dist/core/bang-commands/commands-report.js.map +1 -0
package/dist/core/bang-commands/commands-stop-start.d.ts +4 -0
package/dist/core/bang-commands/commands-stop-start.d.ts.map +1 -0
package/dist/core/bang-commands/commands-stop-start.js +88 -0
package/dist/core/bang-commands/commands-stop-start.js.map +1 -0
package/dist/core/bang-commands/format-utils.d.ts +34 -0
package/dist/core/bang-commands/format-utils.d.ts.map +1 -0
package/dist/core/bang-commands/format-utils.js +118 -0
package/dist/core/bang-commands/format-utils.js.map +1 -0
package/dist/core/bang-commands/index.d.ts +20 -0
package/dist/core/bang-commands/index.d.ts.map +1 -0
package/dist/core/bang-commands/index.js +31 -0
package/dist/core/bang-commands/index.js.map +1 -0
package/dist/core/bang-commands/registry.d.ts +72 -0
package/dist/core/bang-commands/registry.d.ts.map +1 -0
package/dist/core/bang-commands/registry.js +174 -0
package/dist/core/bang-commands/registry.js.map +1 -0
package/dist/core/bang-commands/user-commands.d.ts +86 -0
package/dist/core/bang-commands/user-commands.d.ts.map +1 -0
package/dist/core/bang-commands/user-commands.js +212 -0
package/dist/core/bang-commands/user-commands.js.map +1 -0
package/dist/core/channel-timeline.d.ts +28 -0
package/dist/core/channel-timeline.d.ts.map +1 -0
package/dist/core/channel-timeline.js +117 -0
package/dist/core/channel-timeline.js.map +1 -0
package/dist/core/character-block.d.ts +37 -0
package/dist/core/character-block.d.ts.map +1 -0
package/dist/core/character-block.js +162 -0
package/dist/core/character-block.js.map +1 -0
package/dist/core/context/activity-sources.d.ts +37 -0
package/dist/core/context/activity-sources.d.ts.map +1 -0
package/dist/core/context/activity-sources.js +69 -0
package/dist/core/context/activity-sources.js.map +1 -0
package/dist/core/context/activity-view-reconciler.d.ts +110 -0
package/dist/core/context/activity-view-reconciler.d.ts.map +1 -0
package/dist/core/context/activity-view-reconciler.js +252 -0
package/dist/core/context/activity-view-reconciler.js.map +1 -0
package/dist/core/context/activity-view-runner.d.ts +38 -0
package/dist/core/context/activity-view-runner.d.ts.map +1 -0
package/dist/core/context/activity-view-runner.js +402 -0
package/dist/core/context/activity-view-runner.js.map +1 -0
package/dist/core/context/default-schedules-reconciler.d.ts +85 -0
package/dist/core/context/default-schedules-reconciler.d.ts.map +1 -0
package/dist/core/context/default-schedules-reconciler.js +153 -0
package/dist/core/context/default-schedules-reconciler.js.map +1 -0
package/dist/core/context/default-schedules-runner.d.ts +40 -0
package/dist/core/context/default-schedules-runner.d.ts.map +1 -0
package/dist/core/context/default-schedules-runner.js +233 -0
package/dist/core/context/default-schedules-runner.js.map +1 -0
package/dist/core/context/domain-index-reconciler.d.ts +81 -0
package/dist/core/context/domain-index-reconciler.d.ts.map +1 -0
package/dist/core/context/domain-index-reconciler.js +199 -0
package/dist/core/context/domain-index-reconciler.js.map +1 -0
package/dist/core/context/domain-index-runner.d.ts +35 -0
package/dist/core/context/domain-index-runner.d.ts.map +1 -0
package/dist/core/context/domain-index-runner.js +223 -0
package/dist/core/context/domain-index-runner.js.map +1 -0
package/dist/core/context/entity-mirror.d.ts +227 -0
package/dist/core/context/entity-mirror.d.ts.map +1 -0
package/dist/core/context/entity-mirror.js +629 -0
package/dist/core/context/entity-mirror.js.map +1 -0
package/dist/core/context/entity-source-rename.d.ts +61 -0
package/dist/core/context/entity-source-rename.d.ts.map +1 -0
package/dist/core/context/entity-source-rename.js +237 -0
package/dist/core/context/entity-source-rename.js.map +1 -0
package/dist/core/context/index-reconciler.d.ts +61 -0
package/dist/core/context/index-reconciler.d.ts.map +1 -0
package/dist/core/context/index-reconciler.js +329 -0
package/dist/core/context/index-reconciler.js.map +1 -0
package/dist/core/context/policy-index-reconciler.d.ts +102 -0
package/dist/core/context/policy-index-reconciler.d.ts.map +1 -0
package/dist/core/context/policy-index-reconciler.js +202 -0
package/dist/core/context/policy-index-reconciler.js.map +1 -0
package/dist/core/context/policy-index-runner.d.ts +66 -0
package/dist/core/context/policy-index-runner.d.ts.map +1 -0
package/dist/core/context/policy-index-runner.js +406 -0
package/dist/core/context/policy-index-runner.js.map +1 -0
package/dist/core/context/reconciler-runner.d.ts +44 -0
package/dist/core/context/reconciler-runner.d.ts.map +1 -0
package/dist/core/context/reconciler-runner.js +273 -0
package/dist/core/context/reconciler-runner.js.map +1 -0
package/dist/core/context-builder.d.ts +115 -0
package/dist/core/context-builder.d.ts.map +1 -0
package/dist/core/context-builder.js +1148 -0
package/dist/core/context-builder.js.map +1 -0
package/dist/core/context-frontmatter-backfill.d.ts +33 -0
package/dist/core/context-frontmatter-backfill.d.ts.map +1 -0
package/dist/core/context-frontmatter-backfill.js +111 -0
package/dist/core/context-frontmatter-backfill.js.map +1 -0
package/dist/core/context-frontmatter.d.ts +13 -0
package/dist/core/context-frontmatter.d.ts.map +1 -0
package/dist/core/context-frontmatter.js +325 -0
package/dist/core/context-frontmatter.js.map +1 -0
package/dist/core/context-health.d.ts +51 -0
package/dist/core/context-health.d.ts.map +1 -0
package/dist/core/context-health.js +304 -0
package/dist/core/context-health.js.map +1 -0
package/dist/core/context-paths.d.ts +183 -0
package/dist/core/context-paths.d.ts.map +1 -0
package/dist/core/context-paths.js +241 -0
package/dist/core/context-paths.js.map +1 -0
package/dist/core/context-staleness.d.ts +45 -0
package/dist/core/context-staleness.d.ts.map +1 -0
package/dist/core/context-staleness.js +88 -0
package/dist/core/context-staleness.js.map +1 -0
package/dist/core/custom-routine-scheduler.d.ts +151 -0
package/dist/core/custom-routine-scheduler.d.ts.map +1 -0
package/dist/core/custom-routine-scheduler.js +335 -0
package/dist/core/custom-routine-scheduler.js.map +1 -0
package/dist/core/daemon-api-cli.d.ts +33 -0
package/dist/core/daemon-api-cli.d.ts.map +1 -0
package/dist/core/daemon-api-cli.js +614 -0
package/dist/core/daemon-api-cli.js.map +1 -0
package/dist/core/dashboard-session-cleanup.d.ts +39 -0
package/dist/core/dashboard-session-cleanup.d.ts.map +1 -0
package/dist/core/dashboard-session-cleanup.js +108 -0
package/dist/core/dashboard-session-cleanup.js.map +1 -0
package/dist/core/dashboard-session-controls.d.ts +41 -0
package/dist/core/dashboard-session-controls.d.ts.map +1 -0
package/dist/core/dashboard-session-controls.js +154 -0
package/dist/core/dashboard-session-controls.js.map +1 -0
package/dist/core/delegated-connector-health.d.ts +63 -0
package/dist/core/delegated-connector-health.d.ts.map +1 -0
package/dist/core/delegated-connector-health.js +157 -0
package/dist/core/delegated-connector-health.js.map +1 -0
package/dist/core/dispatcher.d.ts +999 -0
package/dist/core/dispatcher.d.ts.map +1 -0
package/dist/core/dispatcher.js +4378 -0
package/dist/core/dispatcher.js.map +1 -0
package/dist/core/dm-freshness-metrics.d.ts +73 -0
package/dist/core/dm-freshness-metrics.d.ts.map +1 -0
package/dist/core/dm-freshness-metrics.js +138 -0
package/dist/core/dm-freshness-metrics.js.map +1 -0
package/dist/core/docs/citation-validator.d.ts +73 -0
package/dist/core/docs/citation-validator.d.ts.map +1 -0
package/dist/core/docs/citation-validator.js +195 -0
package/dist/core/docs/citation-validator.js.map +1 -0
package/dist/core/docs/extract-terms.d.ts +78 -0
package/dist/core/docs/extract-terms.d.ts.map +1 -0
package/dist/core/docs/extract-terms.js +147 -0
package/dist/core/docs/extract-terms.js.map +1 -0
package/dist/core/docs/indexer.d.ts +104 -0
package/dist/core/docs/indexer.d.ts.map +1 -0
package/dist/core/docs/indexer.js +340 -0
package/dist/core/docs/indexer.js.map +1 -0
package/dist/core/drift-effects.d.ts +30 -0
package/dist/core/drift-effects.d.ts.map +1 -0
package/dist/core/drift-effects.js +384 -0
package/dist/core/drift-effects.js.map +1 -0
package/dist/core/event-bus.d.ts +56 -0
package/dist/core/event-bus.d.ts.map +1 -0
package/dist/core/event-bus.js +135 -0
package/dist/core/event-bus.js.map +1 -0
package/dist/core/git-project-docs.d.ts +77 -0
package/dist/core/git-project-docs.d.ts.map +1 -0
package/dist/core/git-project-docs.js +439 -0
package/dist/core/git-project-docs.js.map +1 -0
package/dist/core/health-monitor.d.ts +57 -0
package/dist/core/health-monitor.d.ts.map +1 -0
package/dist/core/health-monitor.js +137 -0
package/dist/core/health-monitor.js.map +1 -0
package/dist/core/heartbeat.d.ts +26 -0
package/dist/core/heartbeat.d.ts.map +1 -0
package/dist/core/heartbeat.js +48 -0
package/dist/core/heartbeat.js.map +1 -0
package/dist/core/integration-health.d.ts +49 -0
package/dist/core/integration-health.d.ts.map +1 -0
package/dist/core/integration-health.js +89 -0
package/dist/core/integration-health.js.map +1 -0
package/dist/core/integration-lifecycle.d.ts +79 -0
package/dist/core/integration-lifecycle.d.ts.map +1 -0
package/dist/core/integration-lifecycle.js +153 -0
package/dist/core/integration-lifecycle.js.map +1 -0
package/dist/core/integration-main-backend.d.ts +36 -0
package/dist/core/integration-main-backend.d.ts.map +1 -0
package/dist/core/integration-main-backend.js +59 -0
package/dist/core/integration-main-backend.js.map +1 -0
package/dist/core/integration-probe.d.ts +98 -0
package/dist/core/integration-probe.d.ts.map +1 -0
package/dist/core/integration-probe.js +152 -0
package/dist/core/integration-probe.js.map +1 -0
package/dist/core/management-md-write-lock.d.ts +68 -0
package/dist/core/management-md-write-lock.d.ts.map +1 -0
package/dist/core/management-md-write-lock.js +93 -0
package/dist/core/management-md-write-lock.js.map +1 -0
package/dist/core/management-md.d.ts +186 -0
package/dist/core/management-md.d.ts.map +1 -0
package/dist/core/management-md.js +652 -0
package/dist/core/management-md.js.map +1 -0
package/dist/core/management-registry.d.ts +245 -0
package/dist/core/management-registry.d.ts.map +1 -0
package/dist/core/management-registry.js +906 -0
package/dist/core/management-registry.js.map +1 -0
package/dist/core/management-telemetry.d.ts +100 -0
package/dist/core/management-telemetry.d.ts.map +1 -0
package/dist/core/management-telemetry.js +156 -0
package/dist/core/management-telemetry.js.map +1 -0
package/dist/core/message-recorder.d.ts +38 -0
package/dist/core/message-recorder.d.ts.map +1 -0
package/dist/core/message-recorder.js +88 -0
package/dist/core/message-recorder.js.map +1 -0
package/dist/core/metrics.d.ts +338 -0
package/dist/core/metrics.d.ts.map +1 -0
package/dist/core/metrics.js +747 -0
package/dist/core/metrics.js.map +1 -0
package/dist/core/migration-backup.d.ts +218 -0
package/dist/core/migration-backup.d.ts.map +1 -0
package/dist/core/migration-backup.js +934 -0
package/dist/core/migration-backup.js.map +1 -0
package/dist/core/overview-write-lock.d.ts +48 -0
package/dist/core/overview-write-lock.d.ts.map +1 -0
package/dist/core/overview-write-lock.js +56 -0
package/dist/core/overview-write-lock.js.map +1 -0
package/dist/core/path-compat.d.ts +22 -0
package/dist/core/path-compat.d.ts.map +1 -0
package/dist/core/path-compat.js +67 -0
package/dist/core/path-compat.js.map +1 -0
package/dist/core/path-rewrite.d.ts +58 -0
package/dist/core/path-rewrite.d.ts.map +1 -0
package/dist/core/path-rewrite.js +141 -0
package/dist/core/path-rewrite.js.map +1 -0
package/dist/core/policy-files.d.ts +108 -0
package/dist/core/policy-files.d.ts.map +1 -0
package/dist/core/policy-files.js +198 -0
package/dist/core/policy-files.js.map +1 -0
package/dist/core/profile-questions/seed.d.ts +44 -0
package/dist/core/profile-questions/seed.d.ts.map +1 -0
package/dist/core/profile-questions/seed.js +173 -0
package/dist/core/profile-questions/seed.js.map +1 -0
package/dist/core/profile-questions/slot-filled.d.ts +51 -0
package/dist/core/profile-questions/slot-filled.d.ts.map +1 -0
package/dist/core/profile-questions/slot-filled.js +118 -0
package/dist/core/profile-questions/slot-filled.js.map +1 -0
package/dist/core/prompts.d.ts +111 -0
package/dist/core/prompts.d.ts.map +1 -0
package/dist/core/prompts.js +267 -0
package/dist/core/prompts.js.map +1 -0
package/dist/core/quiet-hours-sync.d.ts +15 -0
package/dist/core/quiet-hours-sync.d.ts.map +1 -0
package/dist/core/quiet-hours-sync.js +51 -0
package/dist/core/quiet-hours-sync.js.map +1 -0
package/dist/core/read-sensitive-token-manager.d.ts +19 -0
package/dist/core/read-sensitive-token-manager.d.ts.map +1 -0
package/dist/core/read-sensitive-token-manager.js +29 -0
package/dist/core/read-sensitive-token-manager.js.map +1 -0
package/dist/core/recurrence.d.ts +24 -0
package/dist/core/recurrence.d.ts.map +1 -0
package/dist/core/recurrence.js +162 -0
package/dist/core/recurrence.js.map +1 -0
package/dist/core/reinstall.d.ts +107 -0
package/dist/core/reinstall.d.ts.map +1 -0
package/dist/core/reinstall.js +163 -0
package/dist/core/reinstall.js.map +1 -0
package/dist/core/release-assets.d.ts +106 -0
package/dist/core/release-assets.d.ts.map +1 -0
package/dist/core/release-assets.js +434 -0
package/dist/core/release-assets.js.map +1 -0
package/dist/core/repository-management-docs.d.ts +216 -0
package/dist/core/repository-management-docs.d.ts.map +1 -0
package/dist/core/repository-management-docs.js +855 -0
package/dist/core/repository-management-docs.js.map +1 -0
package/dist/core/retention.d.ts +164 -0
package/dist/core/retention.d.ts.map +1 -0
package/dist/core/retention.js +1008 -0
package/dist/core/retention.js.map +1 -0
package/dist/core/review-context.d.ts +48 -0
package/dist/core/review-context.d.ts.map +1 -0
package/dist/core/review-context.js +282 -0
package/dist/core/review-context.js.map +1 -0
package/dist/core/roadmap-horizon.d.ts +48 -0
package/dist/core/roadmap-horizon.d.ts.map +1 -0
package/dist/core/roadmap-horizon.js +213 -0
package/dist/core/roadmap-horizon.js.map +1 -0
package/dist/core/roadmap-ids.d.ts +57 -0
package/dist/core/roadmap-ids.d.ts.map +1 -0
package/dist/core/roadmap-ids.js +118 -0
package/dist/core/roadmap-ids.js.map +1 -0
package/dist/core/roadmap-merge.d.ts +7 -0
package/dist/core/roadmap-merge.d.ts.map +1 -0
package/dist/core/roadmap-merge.js +187 -0
package/dist/core/roadmap-merge.js.map +1 -0
package/dist/core/roadmap-refresh-triggers.d.ts +32 -0
package/dist/core/roadmap-refresh-triggers.d.ts.map +1 -0
package/dist/core/roadmap-refresh-triggers.js +51 -0
package/dist/core/roadmap-refresh-triggers.js.map +1 -0
package/dist/core/roadmap-truncate.d.ts +49 -0
package/dist/core/roadmap-truncate.d.ts.map +1 -0
package/dist/core/roadmap-truncate.js +152 -0
package/dist/core/roadmap-truncate.js.map +1 -0
package/dist/core/roadmap-validate.d.ts +31 -0
package/dist/core/roadmap-validate.d.ts.map +1 -0
package/dist/core/roadmap-validate.js +403 -0
package/dist/core/roadmap-validate.js.map +1 -0
package/dist/core/roadmap-write-lock.d.ts +53 -0
package/dist/core/roadmap-write-lock.d.ts.map +1 -0
package/dist/core/roadmap-write-lock.js +59 -0
package/dist/core/roadmap-write-lock.js.map +1 -0
package/dist/core/schedule-insert-helper.d.ts +46 -0
package/dist/core/schedule-insert-helper.d.ts.map +1 -0
package/dist/core/schedule-insert-helper.js +52 -0
package/dist/core/schedule-insert-helper.js.map +1 -0
package/dist/core/schedule-maintenance.d.ts +22 -0
package/dist/core/schedule-maintenance.d.ts.map +1 -0
package/dist/core/schedule-maintenance.js +57 -0
package/dist/core/schedule-maintenance.js.map +1 -0
package/dist/core/scheduler.d.ts +208 -0
package/dist/core/scheduler.d.ts.map +1 -0
package/dist/core/scheduler.js +896 -0
package/dist/core/scheduler.js.map +1 -0
package/dist/core/semaphore.d.ts +13 -0
package/dist/core/semaphore.d.ts.map +1 -0
package/dist/core/semaphore.js +31 -0
package/dist/core/semaphore.js.map +1 -0
package/dist/core/session-gate.d.ts +37 -0
package/dist/core/session-gate.d.ts.map +1 -0
package/dist/core/session-gate.js +69 -0
package/dist/core/session-gate.js.map +1 -0
package/dist/core/session-manager.d.ts +252 -0
package/dist/core/session-manager.d.ts.map +1 -0
package/dist/core/session-manager.js +716 -0
package/dist/core/session-manager.js.map +1 -0
package/dist/core/signal-detector.d.ts +97 -0
package/dist/core/signal-detector.d.ts.map +1 -0
package/dist/core/signal-detector.js +215 -0
package/dist/core/signal-detector.js.map +1 -0
package/dist/core/skeleton.d.ts +83 -0
package/dist/core/skeleton.d.ts.map +1 -0
package/dist/core/skeleton.js +255 -0
package/dist/core/skeleton.js.map +1 -0
package/dist/core/skill-curation/apply-proposal.d.ts +71 -0
package/dist/core/skill-curation/apply-proposal.d.ts.map +1 -0
package/dist/core/skill-curation/apply-proposal.js +175 -0
package/dist/core/skill-curation/apply-proposal.js.map +1 -0
package/dist/core/skill-curation/auto-revert.d.ts +43 -0
package/dist/core/skill-curation/auto-revert.d.ts.map +1 -0
package/dist/core/skill-curation/auto-revert.js +155 -0
package/dist/core/skill-curation/auto-revert.js.map +1 -0
package/dist/core/skill-curation/classify-diff.d.ts +27 -0
package/dist/core/skill-curation/classify-diff.d.ts.map +1 -0
package/dist/core/skill-curation/classify-diff.js +0 -0
package/dist/core/skill-curation/classify-diff.js.map +1 -0
package/dist/core/skill-curation/declarations.d.ts +32 -0
package/dist/core/skill-curation/declarations.d.ts.map +1 -0
package/dist/core/skill-curation/declarations.js +171 -0
package/dist/core/skill-curation/declarations.js.map +1 -0
package/dist/core/skill-curation/knowledge-map.d.ts +26 -0
package/dist/core/skill-curation/knowledge-map.d.ts.map +1 -0
package/dist/core/skill-curation/knowledge-map.js +154 -0
package/dist/core/skill-curation/knowledge-map.js.map +1 -0
package/dist/core/skill-curation/orphan-overlay.d.ts +35 -0
package/dist/core/skill-curation/orphan-overlay.d.ts.map +1 -0
package/dist/core/skill-curation/orphan-overlay.js +167 -0
package/dist/core/skill-curation/orphan-overlay.js.map +1 -0
package/dist/core/skill-curation/overlay-store.d.ts +41 -0
package/dist/core/skill-curation/overlay-store.d.ts.map +1 -0
package/dist/core/skill-curation/overlay-store.js +143 -0
package/dist/core/skill-curation/overlay-store.js.map +1 -0
package/dist/core/skill-curation/render/convention-notes.d.ts +4 -0
package/dist/core/skill-curation/render/convention-notes.d.ts.map +1 -0
package/dist/core/skill-curation/render/convention-notes.js +13 -0
package/dist/core/skill-curation/render/convention-notes.js.map +1 -0
package/dist/core/skill-curation/render/cross-references.d.ts +4 -0
package/dist/core/skill-curation/render/cross-references.d.ts.map +1 -0
package/dist/core/skill-curation/render/cross-references.js +10 -0
package/dist/core/skill-curation/render/cross-references.js.map +1 -0
package/dist/core/skill-curation/render/frontmatter-schema.d.ts +4 -0
package/dist/core/skill-curation/render/frontmatter-schema.d.ts.map +1 -0
package/dist/core/skill-curation/render/frontmatter-schema.js +25 -0
package/dist/core/skill-curation/render/frontmatter-schema.js.map +1 -0
package/dist/core/skill-curation/render/index.d.ts +5 -0
package/dist/core/skill-curation/render/index.d.ts.map +1 -0
package/dist/core/skill-curation/render/index.js +42 -0
package/dist/core/skill-curation/render/index.js.map +1 -0
package/dist/core/skill-curation/render/knowledge-layout.d.ts +4 -0
package/dist/core/skill-curation/render/knowledge-layout.d.ts.map +1 -0
package/dist/core/skill-curation/render/knowledge-layout.js +36 -0
package/dist/core/skill-curation/render/knowledge-layout.js.map +1 -0
package/dist/core/skill-curation/render/routing-table.d.ts +4 -0
package/dist/core/skill-curation/render/routing-table.d.ts.map +1 -0
package/dist/core/skill-curation/render/routing-table.js +37 -0
package/dist/core/skill-curation/render/routing-table.js.map +1 -0
package/dist/core/skill-curation/render/search-recipes.d.ts +4 -0
package/dist/core/skill-curation/render/search-recipes.d.ts.map +1 -0
package/dist/core/skill-curation/render/search-recipes.js +39 -0
package/dist/core/skill-curation/render/search-recipes.js.map +1 -0
package/dist/core/skill-curation/run-token.d.ts +27 -0
package/dist/core/skill-curation/run-token.d.ts.map +1 -0
package/dist/core/skill-curation/run-token.js +81 -0
package/dist/core/skill-curation/run-token.js.map +1 -0
package/dist/core/skill-curation/signals.d.ts +49 -0
package/dist/core/skill-curation/signals.d.ts.map +1 -0
package/dist/core/skill-curation/signals.js +149 -0
package/dist/core/skill-curation/signals.js.map +1 -0
package/dist/core/skill-curation/smoke-test.d.ts +39 -0
package/dist/core/skill-curation/smoke-test.d.ts.map +1 -0
package/dist/core/skill-curation/smoke-test.js +313 -0
package/dist/core/skill-curation/smoke-test.js.map +1 -0
package/dist/core/skill-curation/splicer.d.ts +16 -0
package/dist/core/skill-curation/splicer.d.ts.map +1 -0
package/dist/core/skill-curation/splicer.js +78 -0
package/dist/core/skill-curation/splicer.js.map +1 -0
package/dist/core/skill-curation/workdir.d.ts +40 -0
package/dist/core/skill-curation/workdir.d.ts.map +1 -0
package/dist/core/skill-curation/workdir.js +242 -0
package/dist/core/skill-curation/workdir.js.map +1 -0
package/dist/core/skills-compiler.d.ts +391 -0
package/dist/core/skills-compiler.d.ts.map +1 -0
package/dist/core/skills-compiler.js +1271 -0
package/dist/core/skills-compiler.js.map +1 -0
package/dist/core/skills-manifest.d.ts +8 -0
package/dist/core/skills-manifest.d.ts.map +1 -0
package/dist/core/skills-manifest.js +408 -0
package/dist/core/skills-manifest.js.map +1 -0
package/dist/core/system-reset.d.ts +268 -0
package/dist/core/system-reset.d.ts.map +1 -0
package/dist/core/system-reset.js +816 -0
package/dist/core/system-reset.js.map +1 -0
package/dist/core/template-store.d.ts +170 -0
package/dist/core/template-store.d.ts.map +1 -0
package/dist/core/template-store.js +388 -0
package/dist/core/template-store.js.map +1 -0
package/dist/core/template-versions.d.ts +95 -0
package/dist/core/template-versions.d.ts.map +1 -0
package/dist/core/template-versions.js +175 -0
package/dist/core/template-versions.js.map +1 -0
package/dist/core/today-agent-plan.d.ts +33 -0
package/dist/core/today-agent-plan.d.ts.map +1 -0
package/dist/core/today-agent-plan.js +120 -0
package/dist/core/today-agent-plan.js.map +1 -0
package/dist/core/today-direct-writer.d.ts +62 -0
package/dist/core/today-direct-writer.d.ts.map +1 -0
package/dist/core/today-direct-writer.js +132 -0
package/dist/core/today-direct-writer.js.map +1 -0
package/dist/core/today-write-lock.d.ts +89 -0
package/dist/core/today-write-lock.d.ts.map +1 -0
package/dist/core/today-write-lock.js +154 -0
package/dist/core/today-write-lock.js.map +1 -0
package/dist/core/trigger-dispatch.d.ts +31 -0
package/dist/core/trigger-dispatch.d.ts.map +1 -0
package/dist/core/trigger-dispatch.js +100 -0
package/dist/core/trigger-dispatch.js.map +1 -0
package/dist/core/trigger-evaluator.d.ts +59 -0
package/dist/core/trigger-evaluator.d.ts.map +1 -0
package/dist/core/trigger-evaluator.js +243 -0
package/dist/core/trigger-evaluator.js.map +1 -0
package/dist/core/workdir.d.ts +241 -0
package/dist/core/workdir.d.ts.map +1 -0
package/dist/core/workdir.js +565 -0
package/dist/core/workdir.js.map +1 -0
package/dist/db/automation-triggers.d.ts +90 -0
package/dist/db/automation-triggers.d.ts.map +1 -0
package/dist/db/automation-triggers.js +199 -0
package/dist/db/automation-triggers.js.map +1 -0
package/dist/db/client.d.ts +6 -0
package/dist/db/client.d.ts.map +1 -0
package/dist/db/client.js +47 -0
package/dist/db/client.js.map +1 -0
package/dist/db/entities-store.d.ts +92 -0
package/dist/db/entities-store.d.ts.map +1 -0
package/dist/db/entities-store.js +180 -0
package/dist/db/entities-store.js.map +1 -0
package/dist/db/hourly-check-signals.d.ts +78 -0
package/dist/db/hourly-check-signals.d.ts.map +1 -0
package/dist/db/hourly-check-signals.js +289 -0
package/dist/db/hourly-check-signals.js.map +1 -0
package/dist/db/integration-probe-store.d.ts +27 -0
package/dist/db/integration-probe-store.d.ts.map +1 -0
package/dist/db/integration-probe-store.js +75 -0
package/dist/db/integration-probe-store.js.map +1 -0
package/dist/db/integrations-store.d.ts +19 -0
package/dist/db/integrations-store.d.ts.map +1 -0
package/dist/db/integrations-store.js +85 -0
package/dist/db/integrations-store.js.map +1 -0
package/dist/db/managed-tasks-store.d.ts +130 -0
package/dist/db/managed-tasks-store.d.ts.map +1 -0
package/dist/db/managed-tasks-store.js +238 -0
package/dist/db/managed-tasks-store.js.map +1 -0
package/dist/db/management-parse-failures-store.d.ts +45 -0
package/dist/db/management-parse-failures-store.d.ts.map +1 -0
package/dist/db/management-parse-failures-store.js +36 -0
package/dist/db/management-parse-failures-store.js.map +1 -0
package/dist/db/observations.d.ts +145 -0
package/dist/db/observations.d.ts.map +1 -0
package/dist/db/observations.js +287 -0
package/dist/db/observations.js.map +1 -0
package/dist/db/recurring-schedules.d.ts +70 -0
package/dist/db/recurring-schedules.d.ts.map +1 -0
package/dist/db/recurring-schedules.js +213 -0
package/dist/db/recurring-schedules.js.map +1 -0
package/dist/db/repositories-store.d.ts +296 -0
package/dist/db/repositories-store.d.ts.map +1 -0
package/dist/db/repositories-store.js +754 -0
package/dist/db/repositories-store.js.map +1 -0
package/dist/db/runtime-state.d.ts +61 -0
package/dist/db/runtime-state.d.ts.map +1 -0
package/dist/db/runtime-state.js +104 -0
package/dist/db/runtime-state.js.map +1 -0
package/dist/db/schema.d.ts +4 -0
package/dist/db/schema.d.ts.map +1 -0
package/dist/db/schema.js +1338 -0
package/dist/db/schema.js.map +1 -0
package/dist/db/sot-bindings-store.d.ts +41 -0
package/dist/db/sot-bindings-store.d.ts.map +1 -0
package/dist/db/sot-bindings-store.js +64 -0
package/dist/db/sot-bindings-store.js.map +1 -0
package/dist/db/test-schemas.d.ts +23 -0
package/dist/db/test-schemas.d.ts.map +1 -0
package/dist/db/test-schemas.js +111 -0
package/dist/db/test-schemas.js.map +1 -0
package/dist/db/voice-transcripts-store.d.ts +28 -0
package/dist/db/voice-transcripts-store.d.ts.map +1 -0
package/dist/db/voice-transcripts-store.js +43 -0
package/dist/db/voice-transcripts-store.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2913 -0
package/dist/index.js.map +1 -0
package/dist/init.d.ts +7 -0
package/dist/init.d.ts.map +1 -0
package/dist/init.js +32 -0
package/dist/init.js.map +1 -0
package/dist/log-buffer.d.ts +71 -0
package/dist/log-buffer.d.ts.map +1 -0
package/dist/log-buffer.js +201 -0
package/dist/log-buffer.js.map +1 -0
package/dist/logging.d.ts +5 -0
package/dist/logging.d.ts.map +1 -0
package/dist/logging.js +130 -0
package/dist/logging.js.map +1 -0
package/dist/management-rules.d.ts +2 -0
package/dist/management-rules.d.ts.map +1 -0
package/dist/management-rules.js +62 -0
package/dist/management-rules.js.map +1 -0
package/dist/messaging/constants.d.ts +33 -0
package/dist/messaging/constants.d.ts.map +1 -0
package/dist/messaging/constants.js +52 -0
package/dist/messaging/constants.js.map +1 -0
package/dist/messaging/magic-phrase.d.ts +16 -0
package/dist/messaging/magic-phrase.d.ts.map +1 -0
package/dist/messaging/magic-phrase.js +103 -0
package/dist/messaging/magic-phrase.js.map +1 -0
package/dist/messaging/owner-channels.d.ts +20 -0
package/dist/messaging/owner-channels.d.ts.map +1 -0
package/dist/messaging/owner-channels.js +41 -0
package/dist/messaging/owner-channels.js.map +1 -0
package/dist/observers/calendar-poller.d.ts +51 -0
package/dist/observers/calendar-poller.d.ts.map +1 -0
package/dist/observers/calendar-poller.js +128 -0
package/dist/observers/calendar-poller.js.map +1 -0
package/dist/observers/context-index-reconciler-observer.d.ts +72 -0
package/dist/observers/context-index-reconciler-observer.d.ts.map +1 -0
package/dist/observers/context-index-reconciler-observer.js +253 -0
package/dist/observers/context-index-reconciler-observer.js.map +1 -0
package/dist/observers/delegated-probe-observer.d.ts +83 -0
package/dist/observers/delegated-probe-observer.d.ts.map +1 -0
package/dist/observers/delegated-probe-observer.js +237 -0
package/dist/observers/delegated-probe-observer.js.map +1 -0
package/dist/observers/delegated-sync-worker.d.ts +375 -0
package/dist/observers/delegated-sync-worker.d.ts.map +1 -0
package/dist/observers/delegated-sync-worker.js +1087 -0
package/dist/observers/delegated-sync-worker.js.map +1 -0
package/dist/observers/entity-mirror-observer.d.ts +55 -0
package/dist/observers/entity-mirror-observer.d.ts.map +1 -0
package/dist/observers/entity-mirror-observer.js +73 -0
package/dist/observers/entity-mirror-observer.js.map +1 -0
package/dist/observers/git-delegated-cron.d.ts +41 -0
package/dist/observers/git-delegated-cron.d.ts.map +1 -0
package/dist/observers/git-delegated-cron.js +159 -0
package/dist/observers/git-delegated-cron.js.map +1 -0
package/dist/observers/git-event-classifier.d.ts +52 -0
package/dist/observers/git-event-classifier.d.ts.map +1 -0
package/dist/observers/git-event-classifier.js +70 -0
package/dist/observers/git-event-classifier.js.map +1 -0
package/dist/observers/git-watcher.d.ts +162 -0
package/dist/observers/git-watcher.d.ts.map +1 -0
package/dist/observers/git-watcher.js +768 -0
package/dist/observers/git-watcher.js.map +1 -0
package/dist/observers/github-poller-classifier.d.ts +101 -0
package/dist/observers/github-poller-classifier.d.ts.map +1 -0
package/dist/observers/github-poller-classifier.js +199 -0
package/dist/observers/github-poller-classifier.js.map +1 -0
package/dist/observers/github-poller.d.ts +291 -0
package/dist/observers/github-poller.d.ts.map +1 -0
package/dist/observers/github-poller.js +609 -0
package/dist/observers/github-poller.js.map +1 -0
package/dist/observers/imminent-event-scheduler.d.ts +34 -0
package/dist/observers/imminent-event-scheduler.d.ts.map +1 -0
package/dist/observers/imminent-event-scheduler.js +125 -0
package/dist/observers/imminent-event-scheduler.js.map +1 -0
package/dist/observers/mail-poller.d.ts +133 -0
package/dist/observers/mail-poller.d.ts.map +1 -0
package/dist/observers/mail-poller.js +563 -0
package/dist/observers/mail-poller.js.map +1 -0
package/dist/observers/mail-reconciliation.d.ts +87 -0
package/dist/observers/mail-reconciliation.d.ts.map +1 -0
package/dist/observers/mail-reconciliation.js +241 -0
package/dist/observers/mail-reconciliation.js.map +1 -0
package/dist/observers/manager.d.ts +67 -0
package/dist/observers/manager.d.ts.map +1 -0
package/dist/observers/manager.js +136 -0
package/dist/observers/manager.js.map +1 -0
package/dist/observers/notion-poller.d.ts +43 -0
package/dist/observers/notion-poller.d.ts.map +1 -0
package/dist/observers/notion-poller.js +184 -0
package/dist/observers/notion-poller.js.map +1 -0
package/dist/observers/observation-summarizer/index.d.ts +13 -0
package/dist/observers/observation-summarizer/index.d.ts.map +1 -0
package/dist/observers/observation-summarizer/index.js +13 -0
package/dist/observers/observation-summarizer/index.js.map +1 -0
package/dist/observers/observation-summarizer/pre-filter.d.ts +62 -0
package/dist/observers/observation-summarizer/pre-filter.d.ts.map +1 -0
package/dist/observers/observation-summarizer/pre-filter.js +189 -0
package/dist/observers/observation-summarizer/pre-filter.js.map +1 -0
package/dist/observers/observation-summarizer/response-parser.d.ts +30 -0
package/dist/observers/observation-summarizer/response-parser.d.ts.map +1 -0
package/dist/observers/observation-summarizer/response-parser.js +106 -0
package/dist/observers/observation-summarizer/response-parser.js.map +1 -0
package/dist/observers/observation-summarizer/summarizer-client.d.ts +83 -0
package/dist/observers/observation-summarizer/summarizer-client.d.ts.map +1 -0
package/dist/observers/observation-summarizer/summarizer-client.js +185 -0
package/dist/observers/observation-summarizer/summarizer-client.js.map +1 -0
package/dist/observers/observation-summarizer/summarizer-prompts.d.ts +51 -0
package/dist/observers/observation-summarizer/summarizer-prompts.d.ts.map +1 -0
package/dist/observers/observation-summarizer/summarizer-prompts.js +286 -0
package/dist/observers/observation-summarizer/summarizer-prompts.js.map +1 -0
package/dist/observers/observation-summarizer/worker.d.ts +106 -0
package/dist/observers/observation-summarizer/worker.d.ts.map +1 -0
package/dist/observers/observation-summarizer/worker.js +311 -0
package/dist/observers/observation-summarizer/worker.js.map +1 -0
package/dist/observers/obsidian-watcher.d.ts +90 -0
package/dist/observers/obsidian-watcher.d.ts.map +1 -0
package/dist/observers/obsidian-watcher.js +166 -0
package/dist/observers/obsidian-watcher.js.map +1 -0
package/dist/observers/primary-vault-watcher.d.ts +73 -0
package/dist/observers/primary-vault-watcher.d.ts.map +1 -0
package/dist/observers/primary-vault-watcher.js +115 -0
package/dist/observers/primary-vault-watcher.js.map +1 -0
package/dist/observers/repository-management-cron.d.ts +70 -0
package/dist/observers/repository-management-cron.d.ts.map +1 -0
package/dist/observers/repository-management-cron.js +166 -0
package/dist/observers/repository-management-cron.js.map +1 -0
package/dist/observers/skill-curation-walker.d.ts +33 -0
package/dist/observers/skill-curation-walker.d.ts.map +1 -0
package/dist/observers/skill-curation-walker.js +216 -0
package/dist/observers/skill-curation-walker.js.map +1 -0
package/dist/safety/absolute-block-audit.d.ts +22 -0
package/dist/safety/absolute-block-audit.d.ts.map +1 -0
package/dist/safety/absolute-block-audit.js +32 -0
package/dist/safety/absolute-block-audit.js.map +1 -0
package/dist/safety/agent-write-tracker.d.ts +42 -0
package/dist/safety/agent-write-tracker.d.ts.map +1 -0
package/dist/safety/agent-write-tracker.js +82 -0
package/dist/safety/agent-write-tracker.js.map +1 -0
package/dist/safety/always-disallowed.d.ts +66 -0
package/dist/safety/always-disallowed.d.ts.map +1 -0
package/dist/safety/always-disallowed.js +347 -0
package/dist/safety/always-disallowed.js.map +1 -0
package/dist/safety/audit.d.ts +118 -0
package/dist/safety/audit.d.ts.map +1 -0
package/dist/safety/audit.js +324 -0
package/dist/safety/audit.js.map +1 -0
package/dist/safety/integration-write-tracker.d.ts +58 -0
package/dist/safety/integration-write-tracker.d.ts.map +1 -0
package/dist/safety/integration-write-tracker.js +41 -0
package/dist/safety/integration-write-tracker.js.map +1 -0
package/dist/safety/risk-classifier.d.ts +65 -0
package/dist/safety/risk-classifier.d.ts.map +1 -0
package/dist/safety/risk-classifier.js +763 -0
package/dist/safety/risk-classifier.js.map +1 -0
package/dist/scheduler/hourly-check-gate.d.ts +73 -0
package/dist/scheduler/hourly-check-gate.d.ts.map +1 -0
package/dist/scheduler/hourly-check-gate.js +128 -0
package/dist/scheduler/hourly-check-gate.js.map +1 -0
package/dist/secrets/backend-api-key-env.d.ts +104 -0
package/dist/secrets/backend-api-key-env.d.ts.map +1 -0
package/dist/secrets/backend-api-key-env.js +197 -0
package/dist/secrets/backend-api-key-env.js.map +1 -0
package/dist/secrets/codex-home-materializer.d.ts +35 -0
package/dist/secrets/codex-home-materializer.d.ts.map +1 -0
package/dist/secrets/codex-home-materializer.js +76 -0
package/dist/secrets/codex-home-materializer.js.map +1 -0
package/dist/secrets/encrypted-blob-store.d.ts +20 -0
package/dist/secrets/encrypted-blob-store.d.ts.map +1 -0
package/dist/secrets/encrypted-blob-store.js +80 -0
package/dist/secrets/encrypted-blob-store.js.map +1 -0
package/dist/secrets/platform-secret-store.d.ts +17 -0
package/dist/secrets/platform-secret-store.d.ts.map +1 -0
package/dist/secrets/platform-secret-store.js +37 -0
package/dist/secrets/platform-secret-store.js.map +1 -0
package/dist/secrets/redaction.d.ts +2 -0
package/dist/secrets/redaction.d.ts.map +1 -0
package/dist/secrets/redaction.js +2 -0
package/dist/secrets/redaction.js.map +1 -0
package/dist/secrets/secret-broker.d.ts +61 -0
package/dist/secrets/secret-broker.d.ts.map +1 -0
package/dist/secrets/secret-broker.js +160 -0
package/dist/secrets/secret-broker.js.map +1 -0
package/dist/secrets/secret-names.d.ts +34 -0
package/dist/secrets/secret-names.d.ts.map +1 -0
package/dist/secrets/secret-names.js +39 -0
package/dist/secrets/secret-names.js.map +1 -0
package/dist/secrets/secret-store.d.ts +8 -0
package/dist/secrets/secret-store.d.ts.map +1 -0
package/dist/secrets/secret-store.js +2 -0
package/dist/secrets/secret-store.js.map +1 -0
package/dist/secrets/types.d.ts +7 -0
package/dist/secrets/types.d.ts.map +1 -0
package/dist/secrets/types.js +2 -0
package/dist/secrets/types.js.map +1 -0
package/dist/services/apple-calendar/caldav-client.d.ts +48 -0
package/dist/services/apple-calendar/caldav-client.d.ts.map +1 -0
package/dist/services/apple-calendar/caldav-client.js +86 -0
package/dist/services/apple-calendar/caldav-client.js.map +1 -0
package/dist/services/apple-calendar/caldav-codec.d.ts +67 -0
package/dist/services/apple-calendar/caldav-codec.d.ts.map +1 -0
package/dist/services/apple-calendar/caldav-codec.js +341 -0
package/dist/services/apple-calendar/caldav-codec.js.map +1 -0
package/dist/services/apple-calendar/index.d.ts +3 -0
package/dist/services/apple-calendar/index.d.ts.map +1 -0
package/dist/services/apple-calendar/index.js +2 -0
package/dist/services/apple-calendar/index.js.map +1 -0
package/dist/services/apple-calendar/service.d.ts +75 -0
package/dist/services/apple-calendar/service.d.ts.map +1 -0
package/dist/services/apple-calendar/service.js +374 -0
package/dist/services/apple-calendar/service.js.map +1 -0
package/dist/services/apple-calendar/types.d.ts +78 -0
package/dist/services/apple-calendar/types.d.ts.map +1 -0
package/dist/services/apple-calendar/types.js +17 -0
package/dist/services/apple-calendar/types.js.map +1 -0
package/dist/services/attachments/hardlink.d.ts +11 -0
package/dist/services/attachments/hardlink.d.ts.map +1 -0
package/dist/services/attachments/hardlink.js +56 -0
package/dist/services/attachments/hardlink.js.map +1 -0
package/dist/services/attachments/sanitize.d.ts +21 -0
package/dist/services/attachments/sanitize.d.ts.map +1 -0
package/dist/services/attachments/sanitize.js +128 -0
package/dist/services/attachments/sanitize.js.map +1 -0
package/dist/services/attachments/store.d.ts +146 -0
package/dist/services/attachments/store.d.ts.map +1 -0
package/dist/services/attachments/store.js +477 -0
package/dist/services/attachments/store.js.map +1 -0
package/dist/services/calendar/outlook/graph-calendar-client.d.ts +114 -0
package/dist/services/calendar/outlook/graph-calendar-client.d.ts.map +1 -0
package/dist/services/calendar/outlook/graph-calendar-client.js +146 -0
package/dist/services/calendar/outlook/graph-calendar-client.js.map +1 -0
package/dist/services/calendar.d.ts +115 -0
package/dist/services/calendar.d.ts.map +1 -0
package/dist/services/calendar.js +281 -0
package/dist/services/calendar.js.map +1 -0
package/dist/services/delegated-backend-invoker.d.ts +414 -0
package/dist/services/delegated-backend-invoker.d.ts.map +1 -0
package/dist/services/delegated-backend-invoker.js +2372 -0
package/dist/services/delegated-backend-invoker.js.map +1 -0
package/dist/services/delegated-proxy-config.d.ts +93 -0
package/dist/services/delegated-proxy-config.d.ts.map +1 -0
package/dist/services/delegated-proxy-config.js +98 -0
package/dist/services/delegated-proxy-config.js.map +1 -0
package/dist/services/delegated-task-result-cache.d.ts +176 -0
package/dist/services/delegated-task-result-cache.d.ts.map +1 -0
package/dist/services/delegated-task-result-cache.js +0 -0
package/dist/services/delegated-task-result-cache.js.map +1 -0
package/dist/services/delegated-task-runtime.d.ts +346 -0
package/dist/services/delegated-task-runtime.d.ts.map +1 -0
package/dist/services/delegated-task-runtime.js +589 -0
package/dist/services/delegated-task-runtime.js.map +1 -0
package/dist/services/delegated-task-session-pool.d.ts +182 -0
package/dist/services/delegated-task-session-pool.d.ts.map +1 -0
package/dist/services/delegated-task-session-pool.js +292 -0
package/dist/services/delegated-task-session-pool.js.map +1 -0
package/dist/services/delegated-tool-runtime.d.ts +50 -0
package/dist/services/delegated-tool-runtime.d.ts.map +1 -0
package/dist/services/delegated-tool-runtime.js +120 -0
package/dist/services/delegated-tool-runtime.js.map +1 -0
package/dist/services/fts5.d.ts +40 -0
package/dist/services/fts5.d.ts.map +1 -0
package/dist/services/fts5.js +54 -0
package/dist/services/fts5.js.map +1 -0
package/dist/services/git-account-registry.d.ts +164 -0
package/dist/services/git-account-registry.d.ts.map +1 -0
package/dist/services/git-account-registry.js +297 -0
package/dist/services/git-account-registry.js.map +1 -0
package/dist/services/github.d.ts +49 -0
package/dist/services/github.d.ts.map +1 -0
package/dist/services/github.js +123 -0
package/dist/services/github.js.map +1 -0
package/dist/services/gmail-classifier.d.ts +62 -0
package/dist/services/gmail-classifier.d.ts.map +1 -0
package/dist/services/gmail-classifier.js +221 -0
package/dist/services/gmail-classifier.js.map +1 -0
package/dist/services/gmail.d.ts +192 -0
package/dist/services/gmail.d.ts.map +1 -0
package/dist/services/gmail.js +678 -0
package/dist/services/gmail.js.map +1 -0
package/dist/services/google-auth.d.ts +16 -0
package/dist/services/google-auth.d.ts.map +1 -0
package/dist/services/google-auth.js +37 -0
package/dist/services/google-auth.js.map +1 -0
package/dist/services/google-maps.d.ts +35 -0
package/dist/services/google-maps.d.ts.map +1 -0
package/dist/services/google-maps.js +82 -0
package/dist/services/google-maps.js.map +1 -0
package/dist/services/integrations/extract-write-item-id.d.ts +64 -0
package/dist/services/integrations/extract-write-item-id.d.ts.map +1 -0
package/dist/services/integrations/extract-write-item-id.js +188 -0
package/dist/services/integrations/extract-write-item-id.js.map +1 -0
package/dist/services/integrations/reconcile.d.ts +136 -0
package/dist/services/integrations/reconcile.d.ts.map +1 -0
package/dist/services/integrations/reconcile.js +218 -0
package/dist/services/integrations/reconcile.js.map +1 -0
package/dist/services/integrations/snapshot-partitions.d.ts +40 -0
package/dist/services/integrations/snapshot-partitions.d.ts.map +1 -0
package/dist/services/integrations/snapshot-partitions.js +113 -0
package/dist/services/integrations/snapshot-partitions.js.map +1 -0
package/dist/services/journal/render.d.ts +15 -0
package/dist/services/journal/render.d.ts.map +1 -0
package/dist/services/journal/render.js +17 -0
package/dist/services/journal/render.js.map +1 -0
package/dist/services/journal/writer.d.ts +26 -0
package/dist/services/journal/writer.d.ts.map +1 -0
package/dist/services/journal/writer.js +50 -0
package/dist/services/journal/writer.js.map +1 -0
package/dist/services/mail/account-registry.d.ts +208 -0
package/dist/services/mail/account-registry.d.ts.map +1 -0
package/dist/services/mail/account-registry.js +554 -0
package/dist/services/mail/account-registry.js.map +1 -0
package/dist/services/mail/gmail/auth-failure-classifier.d.ts +24 -0
package/dist/services/mail/gmail/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/gmail/auth-failure-classifier.js +67 -0
package/dist/services/mail/gmail/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/gmail/gmail-provider.d.ts +58 -0
package/dist/services/mail/gmail/gmail-provider.d.ts.map +1 -0
package/dist/services/mail/gmail/gmail-provider.js +434 -0
package/dist/services/mail/gmail/gmail-provider.js.map +1 -0
package/dist/services/mail/gmail/legacy-row.d.ts +24 -0
package/dist/services/mail/gmail/legacy-row.d.ts.map +1 -0
package/dist/services/mail/gmail/legacy-row.js +71 -0
package/dist/services/mail/gmail/legacy-row.js.map +1 -0
package/dist/services/mail/gmail/poll-cursor.d.ts +12 -0
package/dist/services/mail/gmail/poll-cursor.d.ts.map +1 -0
package/dist/services/mail/gmail/poll-cursor.js +32 -0
package/dist/services/mail/gmail/poll-cursor.js.map +1 -0
package/dist/services/mail/html-to-plaintext.d.ts +27 -0
package/dist/services/mail/html-to-plaintext.d.ts.map +1 -0
package/dist/services/mail/html-to-plaintext.js +163 -0
package/dist/services/mail/html-to-plaintext.js.map +1 -0
package/dist/services/mail/imap/app-password.d.ts +27 -0
package/dist/services/mail/imap/app-password.d.ts.map +1 -0
package/dist/services/mail/imap/app-password.js +86 -0
package/dist/services/mail/imap/app-password.js.map +1 -0
package/dist/services/mail/imap/auth-failure-classifier.d.ts +21 -0
package/dist/services/mail/imap/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/imap/auth-failure-classifier.js +54 -0
package/dist/services/mail/imap/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/imap/capabilities.d.ts +30 -0
package/dist/services/mail/imap/capabilities.d.ts.map +1 -0
package/dist/services/mail/imap/capabilities.js +70 -0
package/dist/services/mail/imap/capabilities.js.map +1 -0
package/dist/services/mail/imap/client.d.ts +15 -0
package/dist/services/mail/imap/client.d.ts.map +1 -0
package/dist/services/mail/imap/client.js +60 -0
package/dist/services/mail/imap/client.js.map +1 -0
package/dist/services/mail/imap/cursor.d.ts +19 -0
package/dist/services/mail/imap/cursor.d.ts.map +1 -0
package/dist/services/mail/imap/cursor.js +47 -0
package/dist/services/mail/imap/cursor.js.map +1 -0
package/dist/services/mail/imap/folder-resolver.d.ts +24 -0
package/dist/services/mail/imap/folder-resolver.d.ts.map +1 -0
package/dist/services/mail/imap/folder-resolver.js +58 -0
package/dist/services/mail/imap/folder-resolver.js.map +1 -0
package/dist/services/mail/imap/icloud-provider.d.ts +5 -0
package/dist/services/mail/imap/icloud-provider.d.ts.map +1 -0
package/dist/services/mail/imap/icloud-provider.js +5 -0
package/dist/services/mail/imap/icloud-provider.js.map +1 -0
package/dist/services/mail/imap/imap-provider-base.d.ts +173 -0
package/dist/services/mail/imap/imap-provider-base.d.ts.map +1 -0
package/dist/services/mail/imap/imap-provider-base.js +1004 -0
package/dist/services/mail/imap/imap-provider-base.js.map +1 -0
package/dist/services/mail/imap/query-translator.d.ts +13 -0
package/dist/services/mail/imap/query-translator.d.ts.map +1 -0
package/dist/services/mail/imap/query-translator.js +114 -0
package/dist/services/mail/imap/query-translator.js.map +1 -0
package/dist/services/mail/imap/reconcile-planner.d.ts +56 -0
package/dist/services/mail/imap/reconcile-planner.d.ts.map +1 -0
package/dist/services/mail/imap/reconcile-planner.js +52 -0
package/dist/services/mail/imap/reconcile-planner.js.map +1 -0
package/dist/services/mail/imap/reply-mime.d.ts +24 -0
package/dist/services/mail/imap/reply-mime.d.ts.map +1 -0
package/dist/services/mail/imap/reply-mime.js +77 -0
package/dist/services/mail/imap/reply-mime.js.map +1 -0
package/dist/services/mail/imap/yahoo-provider.d.ts +5 -0
package/dist/services/mail/imap/yahoo-provider.d.ts.map +1 -0
package/dist/services/mail/imap/yahoo-provider.js +5 -0
package/dist/services/mail/imap/yahoo-provider.js.map +1 -0
package/dist/services/mail/mail-search.d.ts +35 -0
package/dist/services/mail/mail-search.d.ts.map +1 -0
package/dist/services/mail/mail-search.js +59 -0
package/dist/services/mail/mail-search.js.map +1 -0
package/dist/services/mail/outlook/auth-failure-classifier.d.ts +38 -0
package/dist/services/mail/outlook/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/outlook/auth-failure-classifier.js +91 -0
package/dist/services/mail/outlook/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/outlook/client-config.d.ts +34 -0
package/dist/services/mail/outlook/client-config.d.ts.map +1 -0
package/dist/services/mail/outlook/client-config.js +58 -0
package/dist/services/mail/outlook/client-config.js.map +1 -0
package/dist/services/mail/outlook/delta-cursor.d.ts +66 -0
package/dist/services/mail/outlook/delta-cursor.d.ts.map +1 -0
package/dist/services/mail/outlook/delta-cursor.js +85 -0
package/dist/services/mail/outlook/delta-cursor.js.map +1 -0
package/dist/services/mail/outlook/graph-client.d.ts +98 -0
package/dist/services/mail/outlook/graph-client.d.ts.map +1 -0
package/dist/services/mail/outlook/graph-client.js +198 -0
package/dist/services/mail/outlook/graph-client.js.map +1 -0
package/dist/services/mail/outlook/msal-app-factory.d.ts +20 -0
package/dist/services/mail/outlook/msal-app-factory.d.ts.map +1 -0
package/dist/services/mail/outlook/msal-app-factory.js +62 -0
package/dist/services/mail/outlook/msal-app-factory.js.map +1 -0
package/dist/services/mail/outlook/msal-cache-plugin.d.ts +19 -0
package/dist/services/mail/outlook/msal-cache-plugin.d.ts.map +1 -0
package/dist/services/mail/outlook/msal-cache-plugin.js +30 -0
package/dist/services/mail/outlook/msal-cache-plugin.js.map +1 -0
package/dist/services/mail/outlook/oauth-device-code.d.ts +26 -0
package/dist/services/mail/outlook/oauth-device-code.d.ts.map +1 -0
package/dist/services/mail/outlook/oauth-device-code.js +32 -0
package/dist/services/mail/outlook/oauth-device-code.js.map +1 -0
package/dist/services/mail/outlook/oauth-loopback.d.ts +41 -0
package/dist/services/mail/outlook/oauth-loopback.d.ts.map +1 -0
package/dist/services/mail/outlook/oauth-loopback.js +223 -0
package/dist/services/mail/outlook/oauth-loopback.js.map +1 -0
package/dist/services/mail/outlook/outlook-provider.d.ts +100 -0
package/dist/services/mail/outlook/outlook-provider.d.ts.map +1 -0
package/dist/services/mail/outlook/outlook-provider.js +619 -0
package/dist/services/mail/outlook/outlook-provider.js.map +1 -0
package/dist/services/mail/outlook/query-translator.d.ts +10 -0
package/dist/services/mail/outlook/query-translator.d.ts.map +1 -0
package/dist/services/mail/outlook/query-translator.js +103 -0
package/dist/services/mail/outlook/query-translator.js.map +1 -0
package/dist/services/mail/provider.d.ts +267 -0
package/dist/services/mail/provider.d.ts.map +1 -0
package/dist/services/mail/provider.js +34 -0
package/dist/services/mail/provider.js.map +1 -0
package/dist/services/mail/query-utils.d.ts +13 -0
package/dist/services/mail/query-utils.d.ts.map +1 -0
package/dist/services/mail/query-utils.js +18 -0
package/dist/services/mail/query-utils.js.map +1 -0
package/dist/services/mail-classifier.d.ts +25 -0
package/dist/services/mail-classifier.d.ts.map +1 -0
package/dist/services/mail-classifier.js +52 -0
package/dist/services/mail-classifier.js.map +1 -0
package/dist/services/mail-ingestion.d.ts +139 -0
package/dist/services/mail-ingestion.d.ts.map +1 -0
package/dist/services/mail-ingestion.js +223 -0
package/dist/services/mail-ingestion.js.map +1 -0
package/dist/services/mcp/auto-probe.d.ts +76 -0
package/dist/services/mcp/auto-probe.d.ts.map +1 -0
package/dist/services/mcp/auto-probe.js +147 -0
package/dist/services/mcp/auto-probe.js.map +1 -0
package/dist/services/mcp/generators/claude.d.ts +18 -0
package/dist/services/mcp/generators/claude.d.ts.map +1 -0
package/dist/services/mcp/generators/claude.js +90 -0
package/dist/services/mcp/generators/claude.js.map +1 -0
package/dist/services/mcp/generators/codex.d.ts +22 -0
package/dist/services/mcp/generators/codex.d.ts.map +1 -0
package/dist/services/mcp/generators/codex.js +102 -0
package/dist/services/mcp/generators/codex.js.map +1 -0
package/dist/services/mcp/generators/gemini.d.ts +20 -0
package/dist/services/mcp/generators/gemini.d.ts.map +1 -0
package/dist/services/mcp/generators/gemini.js +97 -0
package/dist/services/mcp/generators/gemini.js.map +1 -0
package/dist/services/mcp/generators/index.d.ts +20 -0
package/dist/services/mcp/generators/index.d.ts.map +1 -0
package/dist/services/mcp/generators/index.js +29 -0
package/dist/services/mcp/generators/index.js.map +1 -0
package/dist/services/mcp/generators/types.d.ts +47 -0
package/dist/services/mcp/generators/types.d.ts.map +1 -0
package/dist/services/mcp/generators/types.js +40 -0
package/dist/services/mcp/generators/types.js.map +1 -0
package/dist/services/mcp/probe.d.ts +31 -0
package/dist/services/mcp/probe.d.ts.map +1 -0
package/dist/services/mcp/probe.js +437 -0
package/dist/services/mcp/probe.js.map +1 -0
package/dist/services/mcp/registry.d.ts +84 -0
package/dist/services/mcp/registry.d.ts.map +1 -0
package/dist/services/mcp/registry.js +387 -0
package/dist/services/mcp/registry.js.map +1 -0
package/dist/services/mcp/risk.d.ts +82 -0
package/dist/services/mcp/risk.d.ts.map +1 -0
package/dist/services/mcp/risk.js +126 -0
package/dist/services/mcp/risk.js.map +1 -0
package/dist/services/mcp/session-materializer.d.ts +123 -0
package/dist/services/mcp/session-materializer.d.ts.map +1 -0
package/dist/services/mcp/session-materializer.js +361 -0
package/dist/services/mcp/session-materializer.js.map +1 -0
package/dist/services/mcp/tool-audit.d.ts +53 -0
package/dist/services/mcp/tool-audit.d.ts.map +1 -0
package/dist/services/mcp/tool-audit.js +74 -0
package/dist/services/mcp/tool-audit.js.map +1 -0
package/dist/services/mcp/types.d.ts +88 -0
package/dist/services/mcp/types.d.ts.map +1 -0
package/dist/services/mcp/types.js +94 -0
package/dist/services/mcp/types.js.map +1 -0
package/dist/services/notion.d.ts +134 -0
package/dist/services/notion.d.ts.map +1 -0
package/dist/services/notion.js +350 -0
package/dist/services/notion.js.map +1 -0
package/dist/services/obsidian.d.ts +116 -0
package/dist/services/obsidian.d.ts.map +1 -0
package/dist/services/obsidian.js +305 -0
package/dist/services/obsidian.js.map +1 -0
package/dist/services/service-registry.d.ts +31 -0
package/dist/services/service-registry.d.ts.map +1 -0
package/dist/services/service-registry.js +15 -0
package/dist/services/service-registry.js.map +1 -0
package/dist/services/voice/transcriber-impl.d.ts +15 -0
package/dist/services/voice/transcriber-impl.d.ts.map +1 -0
package/dist/services/voice/transcriber-impl.js +129 -0
package/dist/services/voice/transcriber-impl.js.map +1 -0
package/dist/services/voice/transcriber.d.ts +117 -0
package/dist/services/voice/transcriber.d.ts.map +1 -0
package/dist/services/voice/transcriber.js +201 -0
package/dist/services/voice/transcriber.js.map +1 -0
package/dist/settings/runtime-settings.d.ts +232 -0
package/dist/settings/runtime-settings.d.ts.map +1 -0
package/dist/settings/runtime-settings.js +769 -0
package/dist/settings/runtime-settings.js.map +1 -0
package/dist/settings/settings-store.d.ts +13 -0
package/dist/settings/settings-store.d.ts.map +1 -0
package/dist/settings/settings-store.js +87 -0
package/dist/settings/settings-store.js.map +1 -0
package/package.json +85 -0

package/dist/api/routes/dashboard.js ADDED Viewed

@@ -0,0 +1,2062 @@
+import { Hono } from "hono";
+import { readFileSync, writeFileSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { randomUUID } from "node:crypto";
+import { APP_NAME, EDITABLE_RUNTIME_KEY_TUPLE, getAgentDayBoundsUtc, normalizeAgentDisplayName, } from "@aitne/shared";
+import { applyConfigUpdates } from "../env-writer.js";
+import { runDefaultSchedulesReconciler } from "../../core/context/default-schedules-runner.js";
+import { syncDmSessionTimesToQuietHours } from "../../core/quiet-hours-sync.js";
+import { detectGoogleCredentialType, getGoogleOAuthClientConfig, parseGoogleCredentialsJson, } from "../../services/google-auth.js";
+import { getContextDir } from "../../config.js";
+import { CONTEXT_RELATIVE_PATHS } from "../../core/context-paths.js";
+import { createLogger, toSafeErrorMessage } from "../../logging.js";
+import { upsertManagementRulesAgentIdentity } from "../../management-rules.js";
+import { DEFAULT_DISALLOWED_TOOLS, runtimeSettingsSchema } from "../../settings/runtime-settings.js";
+import { createSettingsStore } from "../../settings/settings-store.js";
+import { getSessionWorkdirPath } from "../../core/workdir.js";
+import { rewriteCharacterBlock } from "../../core/skills-compiler.js";
+import { DASHBOARD_CHAT_SCOPE, DOCS_QA_SCOPE } from "../../messaging/constants.js";
+import { deleteAllChatSidebarSessions, deleteChatSession, } from "../../core/dashboard-session-cleanup.js";
+import { readJsonBody } from "../json-body.js";
+import { computeDmFreshnessAggregate } from "../../core/dm-freshness-metrics.js";
+const MAX_UPLOAD_SIZE = 100 * 1024; // 100 KB — credential files are small
+const MAX_OAUTH_STATE_AGE_MS = 10 * 60 * 1000;
+const PUBLIC_CONFIG_RUNTIME_KEYS = [
+    "maxConcurrentSessions",
+    "maxReactiveSessions",
+    "delegatedProxyMaxConcurrent",
+    "delegatedTaskModeEnabled",
+    "delegatedTaskMaxPerDay",
+    "delegatedTaskDefaultMaxToolCalls",
+    "delegatedTaskDefaultMaxBudgetUsd",
+    "delegatedTaskDefaultTimeoutMs",
+    "delegatedTaskHeavyEnabled",
+    "executeTimeoutMinutes",
+    "agentDisplayName",
+    "sessionTimeoutDmMinutes",
+    "sessionTimeoutChannelMinutes",
+    "sessionTimeoutDashboardMinutes",
+    "timezone",
+    "dayBoundaryHour",
+    "hourlyCheckEnabled",
+    "hourlyCheckIntervalMinutes",
+    "hourlyCheckActiveStartHour",
+    "hourlyCheckActiveEndHour",
+    "hourlyCheckMinObservations",
+    "authProbeDisabled",
+    "authPreflightFreshnessMs",
+    "maxNotificationsPerHour",
+    "maxNotificationsPerDay",
+    "quietHoursStart",
+    "quietHoursEnd",
+    "batchIntervalMinutes",
+    "primaryPlatform",
+    "defaultNotificationPlatforms",
+    "whatsappEnabled",
+    "whatsappAuthDir",
+    "disallowedTools",
+    "claudeExecutionPermissionMode",
+    "codexExecutionPermissionMode",
+    "geminiExecutionPermissionMode",
+    "externalObsidianVaultPath",
+    "externalObsidianVaultName",
+    // SETUP-FLOW-REDESIGN-PLAN §6.3 — kill switch for the external-vault
+    // file watcher. Surfaced so the Note step's "Watch for changes"
+    // checkbox round-trips through the dashboard.
+    "externalObsidianWatch",
+    "primaryVaultPath",
+    "primaryVaultName",
+    // gitRepos / gitWatchedRepos / githubRepos removed at the unified-
+    // repositories cutover (docs/design/appendices/unified-repositories.md);
+    // dashboard reads the rows from /api/repositories instead.
+    "googleCalendarId",
+    "notionDatabaseIds",
+    "character",
+    "historyInjectionMaxMessages",
+    "historyInjectionMaxTokens",
+    "dmStalenessStrict",
+    "obsidianDebounceSeconds",
+    "schedulePollIntervalSeconds",
+    "gitPollIntervalSeconds",
+    "gitPushOverdueMinutes",
+    "gitProjectUpdateDebounceMinutes",
+    "notionPollIntervalSeconds",
+    "calendarPollIntervalSeconds",
+    "gmailPollIntervalSeconds",
+    "mcpAutoProbeIntervalMinutes",
+    "delegatedProbeIntervalMinutes",
+    "autonomousDailyCostCapUsd",
+    "autonomousMonthlyCostCapUsd",
+    "primaryLanguage",
+    "vaultMode",
+];
+const PUBLIC_CONFIG_NULLABLE_STRING_KEYS = new Set([
+    "whatsappAuthDir",
+    "externalObsidianVaultPath",
+    "externalObsidianVaultName",
+    "primaryVaultPath",
+    "primaryVaultName",
+]);
+/**
+ * Pre-defined static cost queries — no string interpolation of user input.
+ * `byModel` is computed in JS via `aggregateByBilledModel` because the SDK
+ * can route a request for one model to a sibling (e.g. opus-4-7 →
+ * opus-4-6[1m]); SQL `GROUP BY model_used` would lump cost under the
+ * requested model and produce a chart that disagrees with the per-row
+ * billed-model badge on the same page.
+ */
+const COST_QUERIES = {
+    daily: {
+        byPeriod: `SELECT date(started_at) as period,
+            SUM(cost_usd) as total_cost, COUNT(*) as session_count,
+            SUM(tokens_input) as total_input_tokens, SUM(tokens_output) as total_output_tokens
+     FROM agent_actions WHERE started_at > datetime('now', '-30 days') AND cost_usd IS NOT NULL
+     GROUP BY date(started_at) ORDER BY period DESC`,
+        byModelRows: `SELECT model_used, model_usage_json, cost_usd
+     FROM agent_actions
+     WHERE started_at > datetime('now', '-30 days')
+       AND cost_usd IS NOT NULL
+       AND (model_used IS NOT NULL OR model_usage_json IS NOT NULL)`,
+        byEventType: `SELECT action_type as event_type, SUM(cost_usd) as total_cost, COUNT(*) as session_count
+     FROM agent_actions WHERE started_at > datetime('now', '-30 days') AND cost_usd IS NOT NULL
+     GROUP BY action_type ORDER BY total_cost DESC`,
+    },
+    weekly: {
+        byPeriod: `SELECT strftime('%Y-W%W', started_at) as period,
+            SUM(cost_usd) as total_cost, COUNT(*) as session_count,
+            SUM(tokens_input) as total_input_tokens, SUM(tokens_output) as total_output_tokens
+     FROM agent_actions WHERE started_at > datetime('now', '-90 days') AND cost_usd IS NOT NULL
+     GROUP BY strftime('%Y-W%W', started_at) ORDER BY period DESC`,
+        byModelRows: `SELECT model_used, model_usage_json, cost_usd
+     FROM agent_actions
+     WHERE started_at > datetime('now', '-90 days')
+       AND cost_usd IS NOT NULL
+       AND (model_used IS NOT NULL OR model_usage_json IS NOT NULL)`,
+        byEventType: `SELECT action_type as event_type, SUM(cost_usd) as total_cost, COUNT(*) as session_count
+     FROM agent_actions WHERE started_at > datetime('now', '-90 days') AND cost_usd IS NOT NULL
+     GROUP BY action_type ORDER BY total_cost DESC`,
+    },
+    monthly: {
+        byPeriod: `SELECT strftime('%Y-%m', started_at) as period,
+            SUM(cost_usd) as total_cost, COUNT(*) as session_count,
+            SUM(tokens_input) as total_input_tokens, SUM(tokens_output) as total_output_tokens
+     FROM agent_actions WHERE started_at > datetime('now', '-365 days') AND cost_usd IS NOT NULL
+     GROUP BY strftime('%Y-%m', started_at) ORDER BY period DESC`,
+        byModelRows: `SELECT model_used, model_usage_json, cost_usd
+     FROM agent_actions
+     WHERE started_at > datetime('now', '-365 days')
+       AND cost_usd IS NOT NULL
+       AND (model_used IS NOT NULL OR model_usage_json IS NOT NULL)`,
+        byEventType: `SELECT action_type as event_type, SUM(cost_usd) as total_cost, COUNT(*) as session_count
+     FROM agent_actions WHERE started_at > datetime('now', '-365 days') AND cost_usd IS NOT NULL
+     GROUP BY action_type ORDER BY total_cost DESC`,
+    },
+};
+/**
+ * Aggregate raw `byModelRows` into the `{ model, total_cost, session_count }`
+ * shape the dashboard expects, attributing cost to the actually-billed model
+ * from `model_usage_json` rather than the requested `model_used`. When a row
+ * has no usage breakdown we fall back to `model_used`. A row that touches
+ * multiple billed models contributes its split cost to each bucket and is
+ * counted once toward each model's `session_count`.
+ *
+ * Cost reconciliation: the SDK's `r.modelUsage[*].costUSD` covers LLM
+ * inference only — server-side tools (web_search, code_execution) appear in
+ * `r.total_cost_usd` (= row.cost_usd) but not in any per-model entry. If
+ * `Σ per-model cost < row.cost_usd`, the residual is credited to
+ * `model_used` (the requested model) so per-model totals add up to the
+ * dashboard's overall cost. Without this, a chart row's "billed total"
+ * silently drops tool-use spend.
+ */
+export function aggregateByBilledModel(rows) {
+    const map = new Map();
+    // Per-row scratch; a single row counts toward `session_count` exactly once
+    // per model it touched, even when residual handling credits the same model
+    // twice (once from per-model breakdown, once from tool-use residual).
+    const addCost = (model, cost) => {
+        const bucket = map.get(model) ?? { total_cost: 0, session_count: 0 };
+        bucket.total_cost += cost;
+        map.set(model, bucket);
+    };
+    const incSession = (rowSeen, model) => {
+        if (rowSeen.has(model))
+            return;
+        rowSeen.add(model);
+        const bucket = map.get(model) ?? { total_cost: 0, session_count: 0 };
+        bucket.session_count += 1;
+        map.set(model, bucket);
+    };
+    // 0.0001¢ — below this, treat the residual as float-arithmetic noise and
+    // skip the bookkeeping. Real tool-use costs are always orders of magnitude
+    // above this.
+    const RESIDUAL_EPSILON_USD = 0.000001;
+    for (const row of rows) {
+        const seenForRow = new Set();
+        let parsed = null;
+        if (row.model_usage_json) {
+            try {
+                parsed = JSON.parse(row.model_usage_json);
+            }
+            catch {
+                parsed = null;
+            }
+        }
+        let perModelTotal = 0;
+        let touchedAny = false;
+        if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+            for (const [modelId, entry] of Object.entries(parsed)) {
+                if (!entry || typeof entry !== "object")
+                    continue;
+                const v = entry;
+                const cost = typeof v.costUsd === "number" ? v.costUsd : 0;
+                addCost(modelId, cost);
+                incSession(seenForRow, modelId);
+                perModelTotal += cost;
+                touchedAny = true;
+            }
+        }
+        if (!touchedAny) {
+            if (row.model_used) {
+                addCost(row.model_used, row.cost_usd);
+                incSession(seenForRow, row.model_used);
+            }
+            continue;
+        }
+        // Residual handles server-side tool cost (web_search, code execution)
+        // that the SDK adds to total_cost_usd but not to any per-model bucket.
+        const residual = row.cost_usd - perModelTotal;
+        if (residual > RESIDUAL_EPSILON_USD && row.model_used) {
+            addCost(row.model_used, residual);
+            incSession(seenForRow, row.model_used);
+        }
+    }
+    return [...map.entries()]
+        .map(([model, v]) => ({ model, ...v }))
+        .sort((a, b) => b.total_cost - a.total_cost);
+}
+const COST_PERIOD_SPECS = {
+    daily: {
+        bucketExpr: "date(started_at)",
+        sinceExpr: "-30 days",
+    },
+    weekly: {
+        bucketExpr: "strftime('%Y-W%W', started_at)",
+        sinceExpr: "-90 days",
+    },
+    monthly: {
+        bucketExpr: "strftime('%Y-%m', started_at)",
+        sinceExpr: "-365 days",
+    },
+};
+/** Escape HTML special characters to prevent XSS */
+function escapeHtml(s) {
+    return s
+        .replace(/&/g, "&amp;")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(/'/g, "&#039;");
+}
+function getLocalHourMinute(date, timeZone) {
+    const formatter = new Intl.DateTimeFormat("en-US", {
+        hour: "2-digit",
+        minute: "2-digit",
+        hour12: false,
+        timeZone,
+    });
+    const parts = formatter.formatToParts(date);
+    const hour = Number(parts.find((part) => part.type === "hour")?.value ?? "0");
+    const minute = Number(parts.find((part) => part.type === "minute")?.value ?? "0");
+    return { hour, minute };
+}
+function isHourlyCheckSlot(date, config) {
+    if (!config.hourlyCheckEnabled)
+        return false;
+    const { hour, minute } = getLocalHourMinute(date, config.timezone || undefined);
+    if (hour === config.dayBoundaryHour)
+        return false;
+    if (hour < config.hourlyCheckActiveStartHour || hour >= config.hourlyCheckActiveEndHour) {
+        return false;
+    }
+    return minute % config.hourlyCheckIntervalMinutes === 0;
+}
+function getNextHourlyCheck(config) {
+    if (!config.hourlyCheckEnabled) {
+        return { active: false, nextRunAt: null };
+    }
+    const now = new Date();
+    const active = isHourlyCheckSlot(now, config);
+    const start = new Date(now.getTime() + 60_000);
+    start.setSeconds(0, 0);
+    for (let offset = 0; offset < 48 * 60; offset++) {
+        const candidate = new Date(start.getTime() + offset * 60_000);
+        if (isHourlyCheckSlot(candidate, config)) {
+            return { active, nextRunAt: candidate.toISOString() };
+        }
+    }
+    return { active, nextRunAt: null };
+}
+function isStringRecord(value) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+        return false;
+    }
+    return Object.entries(value).every(([key, entryValue]) => typeof key === "string" && typeof entryValue === "string");
+}
+function sameStringRecord(a, b) {
+    const aEntries = Object.entries(a);
+    const bEntries = Object.entries(b);
+    if (aEntries.length !== bEntries.length) {
+        return false;
+    }
+    return aEntries.every(([key, value]) => b[key] === value);
+}
+function buildSafeConfig(config, secretSummary) {
+    const safeConfig = {};
+    for (const key of PUBLIC_CONFIG_RUNTIME_KEYS) {
+        const value = config[key];
+        safeConfig[key] = PUBLIC_CONFIG_NULLABLE_STRING_KEYS.has(key)
+            ? value ?? ""
+            : value;
+    }
+    safeConfig.apiPort = config.apiPort;
+    safeConfig.allowedTools = config.allowedToolsOverride ?? [];
+    // Derived — the actual directory `getContextDir(config)` resolves to.
+    // Surfaces the mode/path → disk outcome to the dashboard so the
+    // Management Mode section can show the effective location without
+    // reimplementing the resolution logic. Always an absolute path.
+    safeConfig.contextDir = getContextDir(config);
+    safeConfig.slackConfigured = secretSummary.slackConfigured;
+    safeConfig.slackOwnerUserConfigured = !!config.slackOwnerUserId;
+    safeConfig.telegramConfigured = secretSummary.telegramConfigured;
+    safeConfig.telegramOwnerChatConfigured = !!config.telegramOwnerChatId;
+    safeConfig.discordConfigured = secretSummary.discordConfigured;
+    safeConfig.discordOwnerUserConfigured = !!config.discordOwnerUserId;
+    safeConfig.notionConfigured = secretSummary.notionConfigured;
+    safeConfig.githubConfigured = secretSummary.githubConfigured;
+    safeConfig.githubWebhookSecretConfigured = secretSummary.githubWebhookSecretConfigured;
+    safeConfig.apiTokenConfigured = secretSummary.apiTokenConfigured;
+    safeConfig.whatsappOwnerPhoneConfigured = !!config.whatsappOwnerPhone;
+    safeConfig.googleCalendarCredentialsConfigured = secretSummary.googleCalendarCredentialsConfigured;
+    safeConfig.googleCalendarTokenConfigured = secretSummary.googleCalendarTokenConfigured;
+    // SETUP-FLOW-REDESIGN-PLAN §6.1 — surface Outlook BYOA presence so
+    // dashboards can decide when direct-mode Outlook integrations are
+    // resumable.
+    safeConfig.outlookClientConfigConfigured = secretSummary.outlookClientConfigConfigured;
+    safeConfig.googleCredentialType = secretSummary.googleCredentialType;
+    return safeConfig;
+}
+/**
+ * Dashboard API routes — REST endpoints for the Dashboard UI.
+ *
+ * Provides:
+ * - Config management (GET/PATCH /api/config)
+ * - Event/action logs (GET /api/events)
+ * - Conversation history (GET /api/conversations)
+ * - Cost analytics (GET /api/cost)
+ * - Approval queue (GET/POST /api/approvals)
+ */
+const logger = createLogger("dashboard-api");
+export function createDashboardRoutes(deps) {
+    const app = new Hono();
+    const { db, config, services, secretBroker } = deps;
+    const settingsStore = createSettingsStore(db);
+    const oauthStates = new Map();
+    const agentActionColumns = new Set(db.pragma("table_info(agent_actions)").map((column) => column.name));
+    const backendExpr = agentActionColumns.has("backend")
+        ? "COALESCE(backend, 'claude')"
+        : "'claude'";
+    function pruneOauthStates(now = Date.now()) {
+        for (const [state, data] of oauthStates.entries()) {
+            if (now - data.createdAt > MAX_OAUTH_STATE_AGE_MS) {
+                oauthStates.delete(state);
+            }
+        }
+    }
+    async function getSecretConfigSummary() {
+        const [slackBotToken, slackAppToken, telegramBotToken, discordBotToken, notionApiKey, githubToken, githubWebhookSecret, apiToken, googleCredentialsJson, googleTokenJson,] = await Promise.all([
+            secretBroker.getSlackBotToken(),
+            secretBroker.getSlackAppToken(),
+            secretBroker.getTelegramBotToken(),
+            secretBroker.getDiscordBotToken(),
+            secretBroker.getNotionApiKey(),
+            secretBroker.getGitHubToken(),
+            secretBroker.getGitHubWebhookSecret(),
+            secretBroker.getApiToken(),
+            secretBroker.getGoogleCredentialsJson(),
+            secretBroker.getGoogleTokenJson(),
+        ]);
+        // SETUP-FLOW-REDESIGN-PLAN §6.1 — surface BYOA Outlook client config
+        // presence so the connections page knows when direct-mode Outlook
+        // integrations are resumable. Best-effort: if no blob store is
+        // wired (test harness), report `false` rather than crashing.
+        let outlookClientConfigConfigured = false;
+        try {
+            outlookClientConfigConfigured = deps.blobStore
+                ? await deps.blobStore.exists("mail:outlook:client-config")
+                : false;
+        }
+        catch {
+            outlookClientConfigConfigured = false;
+        }
+        return {
+            slackConfigured: !!(slackBotToken && slackAppToken),
+            telegramConfigured: !!telegramBotToken,
+            discordConfigured: !!discordBotToken,
+            notionConfigured: !!notionApiKey,
+            githubConfigured: !!githubToken,
+            githubWebhookSecretConfigured: !!githubWebhookSecret,
+            apiTokenConfigured: !!apiToken,
+            googleCalendarCredentialsConfigured: !!googleCredentialsJson,
+            googleCalendarTokenConfigured: !!googleTokenJson,
+            outlookClientConfigConfigured,
+            googleCredentialType: detectGoogleCredentialType(googleCredentialsJson),
+        };
+    }
+    async function notifySecretChange(scope) {
+        await deps.onSecretChanged?.(scope);
+    }
+    /**
+     * design/15-character.md §15.6.1 live-overwrite: when character changes,
+     * rewrite the `## Character` block inside every active session's
+     * instruction files (CLAUDE.md / AGENTS.md / GEMINI.md) so the next turn
+     * in the session picks up the new value without waiting for a session
+     * spawn. Per-workdir errors are counted and logged but never thrown —
+     * the DB write is already durable at the caller.
+     *
+     * Shared by PATCH /config (dashboard path, Approve tier) and
+     * PATCH /config/character (agent path, Notify tier).
+     */
+    function fanOutCharacterToActiveSessions() {
+        const sessions = db
+            .prepare(`SELECT id FROM conversation_sessions WHERE status = 'active'`)
+            .all();
+        const totals = { rewritten: 0, skipped: 0, failed: 0, missing: 0 };
+        for (const row of sessions) {
+            const sessionId = typeof row.id === "bigint" ? Number(row.id) : row.id;
+            const workdir = getSessionWorkdirPath(config.dataDir, sessionId);
+            if (!existsSync(workdir)) {
+                totals.missing++;
+                continue;
+            }
+            try {
+                const summary = rewriteCharacterBlock(workdir, config.character);
+                totals.rewritten += summary.rewritten;
+                totals.skipped += summary.skipped;
+                totals.failed += summary.failed;
+            }
+            catch (err) {
+                totals.failed++;
+                logger.warn({ err, sessionId, workdir }, "rewriteCharacterBlock threw on character live-overwrite");
+            }
+        }
+        logger.info({ ...totals, activeSessions: sessions.length }, "Character block fanned out to active session workdirs");
+    }
+    // ── Config API ──
+    /** GET /config — return current configuration */
+    app.get("/config", async (c) => {
+        const secretSummary = await getSecretConfigSummary();
+        const safeConfig = buildSafeConfig({ ...config, agentDisplayName: normalizeAgentDisplayName(config.agentDisplayName) }, secretSummary);
+        return c.json(safeConfig);
+    });
+    /** GET /config/defaults — return Zod schema defaults for all editable keys */
+    app.get("/config/defaults", (c) => {
+        const zodDefaults = runtimeSettingsSchema.parse({});
+        const defaults = {};
+        for (const key of EDITABLE_RUNTIME_KEY_TUPLE) {
+            const val = zodDefaults[key];
+            // Mirror GET /config shape: allowedToolsOverride null → empty array
+            if (key === "allowedToolsOverride") {
+                defaults.allowedTools = val ?? [];
+            }
+            else {
+                defaults[key] = val;
+            }
+        }
+        // Bootstrap keys not in runtimeSettingsSchema
+        defaults.apiPort = 8321;
+        return c.json(defaults);
+    });
+    /** PATCH /config — update one or more config fields */
+    app.patch("/config", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        if (!body || typeof body !== "object" || Array.isArray(body)) {
+            return c.json({ error: "Body must be a JSON object" }, 400);
+        }
+        const bodyRecord = { ...body };
+        if (Object.hasOwn(bodyRecord, "notionDatabaseIdsBase")) {
+            if (!Object.hasOwn(bodyRecord, "notionDatabaseIds")) {
+                return c.json({
+                    error: "validation_failed",
+                    details: {
+                        notionDatabaseIdsBase: "notionDatabaseIdsBase requires notionDatabaseIds in the same request",
+                    },
+                }, 400);
+            }
+            if (!isStringRecord(bodyRecord.notionDatabaseIdsBase)) {
+                return c.json({
+                    error: "validation_failed",
+                    details: {
+                        notionDatabaseIdsBase: "notionDatabaseIdsBase must be an object mapping labels to database IDs",
+                    },
+                }, 400);
+            }
+            if (!sameStringRecord(config.notionDatabaseIds, bodyRecord.notionDatabaseIdsBase)) {
+                return c.json({
+                    error: "conflict",
+                    message: "Notion database mappings changed on another tab. Reload and try again.",
+                }, 409);
+            }
+            delete bodyRecord.notionDatabaseIdsBase;
+        }
+        // Snapshot WhatsApp state BEFORE applying so we can detect a transition
+        // and trigger live enable/disable of the adapter (no daemon restart).
+        const prevWhatsappEnabled = config.whatsappEnabled;
+        const prevWhatsappOwnerPhone = config.whatsappOwnerPhone;
+        const prevWhatsappAuthDir = config.whatsappAuthDir;
+        // EXECUTION-MODE-DESIGN.md §5.2 / §6.3 — snapshot pre-apply execution mode
+        // so audit rows below can capture before → after per backend. The
+        // dedicated `POST /api/setup/mode` is the usual path (it emits its own
+        // audit row); this PATCH covers the power-user / env-style API caller
+        // who edits the key directly without going through the settings UI.
+        const prevExecMode = {
+            claude: config.claudeExecutionPermissionMode,
+            codex: config.codexExecutionPermissionMode,
+            gemini: config.geminiExecutionPermissionMode,
+        };
+        // design/15-character.md §15.6.1 — snapshot character pre-apply so the
+        // live-overwrite pass below has a stable "after" value to fan out to
+        // every active session workdir.
+        const prevCharacter = config.character;
+        // gitRepos / gitWatchedRepos no longer live in config — repository
+        // changes go through /api/repositories and trigger
+        // `onGitReposChanged` directly from that route.
+        // §6.2 Note Sources regeneration is centralized inside
+        // applyConfigUpdates (via the db option) — no inline hook in this
+        // handler. Any future caller of applyConfigUpdates that carries
+        // externalObsidianVaultPath / externalObsidianWatch automatically
+        // gets the same regeneration without copy-paste.
+        const result = await applyConfigUpdates(config, settingsStore, bodyRecord, {
+            db: deps.db,
+        });
+        if (Object.keys(result.errors).length > 0 && result.updated.length === 0) {
+            return c.json({ error: "validation_failed", details: result.errors }, 400);
+        }
+        // Hot-reload cron schedules when schedule-related config changes
+        const SCHEDULE_KEYS = [
+            "dayBoundaryHour",
+            "timezone",
+            "hourlyCheckEnabled",
+            "hourlyCheckIntervalMinutes",
+            "hourlyCheckActiveStartHour",
+            "hourlyCheckActiveEndHour",
+        ];
+        if (result.updated.some((k) => SCHEDULE_KEYS.includes(k))) {
+            deps.onScheduleConfigChanged?.();
+        }
+        // git repository changes route through POST/PATCH /api/repositories
+        // (unified-repositories cutover); they trigger onGitReposChanged
+        // from there, not from the dashboard config PATCH path.
+        // SCHEDULED-DM-IMPLEMENTATION-PLAN §6.7 — when quietHoursEnd
+        // changes, retime every enabled `dm_session` recurring row whose
+        // `task_context.pin_to_quiet_hours_end === true` so the briefing
+        // tracks the user's quiet-hours edge by default. Rows with the
+        // pin flag false (user-pinned a custom time) are left alone.
+        if (result.updated.includes("quietHoursEnd")
+            && typeof config.quietHoursEnd === "string"
+            && /^\d{2}:\d{2}$/.test(config.quietHoursEnd)) {
+            try {
+                syncDmSessionTimesToQuietHours(db, config.quietHoursEnd);
+                runDefaultSchedulesReconciler({
+                    db,
+                    contextDir: getContextDir(config, db),
+                    writeTracker: deps.writeTracker,
+                    onPromptContextChanged: deps.onPromptContextChanged,
+                    trigger: "manual",
+                }).catch((err) => {
+                    logger.warn({ err }, "Default-schedules reconciler failed after quietHoursEnd change");
+                });
+            }
+            catch (err) {
+                logger.warn({ err }, "syncDmSessionTimesToQuietHours threw after dashboard config PATCH");
+            }
+        }
+        // Hot-refresh DM session skill dirs when enabledMailProviders changes
+        // through the generic config PATCH. The per-endpoint `PATCH /mail/providers`
+        // handler already drives this through MailAccountRegistry.onScopeChanged,
+        // but the dashboard's catch-all config PATCH bypasses that route, so
+        // without this dispatch the scope toggle wouldn't reach active workdirs.
+        if (result.updated.includes("enabledMailProviders")) {
+            try {
+                deps.services.mail?.onProviderSelectionChanged(config.enabledMailProviders);
+            }
+            catch (err) {
+                logger.warn({ err }, "onProviderSelectionChanged threw after dashboard config PATCH");
+            }
+        }
+        // Hot-reload WhatsApp adapter when whatsappEnabled / phone / auth dir change.
+        // This eliminates the daemon-restart requirement that previously made
+        // pairing impossible from the dashboard.
+        const whatsappKeysTouched = result.updated.some((k) => ["whatsappEnabled", "whatsappOwnerPhone", "whatsappAuthDir"].includes(k));
+        if (whatsappKeysTouched && deps.whatsappControls) {
+            const phoneChanged = config.whatsappOwnerPhone !== prevWhatsappOwnerPhone;
+            const authDirChanged = config.whatsappAuthDir !== prevWhatsappAuthDir;
+            try {
+                if (!config.whatsappEnabled && prevWhatsappEnabled) {
+                    // disabled — tear down
+                    await deps.whatsappControls.disable();
+                }
+                else if (config.whatsappEnabled) {
+                    if (!prevWhatsappEnabled) {
+                        // newly enabled — build and start
+                        await deps.whatsappControls.enable();
+                    }
+                    else if (phoneChanged || authDirChanged) {
+                        // settings changed while enabled — bounce
+                        await deps.whatsappControls.disable();
+                        await deps.whatsappControls.enable();
+                    }
+                }
+                // Drop "whatsappEnabled" / phone / auth dir from requiresRestart since
+                // we just hot-reloaded them. Other restart-required keys (like Slack
+                // tokens) still report restart.
+                result.requiresRestart = result.requiresRestart.filter((k) => !["whatsappEnabled", "whatsappOwnerPhone", "whatsappAuthDir"].includes(k));
+            }
+            catch (err) {
+                const message = toSafeErrorMessage(err, "unknown WhatsApp error");
+                result.errors.whatsapp = `WhatsApp hot-reload failed: ${message}`;
+            }
+        }
+        // EXECUTION-MODE-DESIGN.md §6.3 — emit one `execution_mode_changed`
+        // audit row per backend whose mode moved through this PATCH, matching
+        // the row shape that `POST /api/setup/mode` writes. Without this the
+        // PATCH path would silently bypass audit coverage for a power-user
+        // API caller.
+        for (const [backend, key] of [
+            ["claude", "claudeExecutionPermissionMode"],
+            ["codex", "codexExecutionPermissionMode"],
+            ["gemini", "geminiExecutionPermissionMode"],
+        ]) {
+            if (!result.updated.includes(key))
+                continue;
+            const before = prevExecMode[backend];
+            const after = config[key];
+            if (before === after)
+                continue;
+            try {
+                db.prepare(`INSERT INTO agent_actions (action_type, trigger, result, detail, backend)
+             VALUES (?, ?, ?, ?, ?)`).run("execution_mode_changed", "dashboard_config_patch", "success", JSON.stringify({ before, after }), backend);
+            }
+            catch (err) {
+                logger.warn({ err, backend }, "failed to record execution_mode_changed audit row (PATCH path)");
+            }
+        }
+        if (result.updated.includes("agentDisplayName")) {
+            try {
+                const rulesRelPath = CONTEXT_RELATIVE_PATHS.rules.management;
+                const rulesSnapshotKey = rulesRelPath.replace(/\.md$/, "");
+                const rulesPath = join(getContextDir(config, db), rulesRelPath);
+                if (existsSync(rulesPath)) {
+                    const currentRules = readFileSync(rulesPath, "utf-8");
+                    const nextRules = upsertManagementRulesAgentIdentity(currentRules, normalizeAgentDisplayName(config.agentDisplayName));
+                    if (nextRules !== currentRules) {
+                        db.prepare("INSERT INTO md_file_snapshots (file_path, content, trigger) VALUES (?, ?, ?)").run(rulesSnapshotKey, currentRules, "agent_name_update");
+                        writeFileSync(rulesPath, nextRules, "utf-8");
+                    }
+                }
+            }
+            catch (err) {
+                const message = toSafeErrorMessage(err, `unknown ${CONTEXT_RELATIVE_PATHS.rules.management} error`);
+                result.errors.agentDisplayName = `Saved config, but failed to sync ${CONTEXT_RELATIVE_PATHS.rules.management}: ${message}`;
+            }
+            deps.onPromptContextChanged?.("agentDisplayName", "config_update:agentDisplayName", "loud", { tierReason: "config_agent_display_name" });
+        }
+        // design/15-character.md §15.6.1 — character changed; fan the new value
+        // out to every active session's instruction files.
+        if (result.updated.includes("character") && config.character !== prevCharacter) {
+            fanOutCharacterToActiveSessions();
+        }
+        return c.json({
+            status: "updated",
+            updated: result.updated,
+            requiresRestart: result.requiresRestart,
+            errors: result.errors,
+        });
+    });
+    /**
+     * GET /config/character — agent-callable read of the persona string.
+     *
+     * design/15-character.md §15.6 — the general /api/config surface is
+     * Approve-tier (contains secret summaries, OAuth state, schedule keys),
+     * so bearer-less callers (the agent's curl from a session workdir) need
+     * a narrowly scoped read. Returns the single field shape `{character}`
+     * so `jq .character` in skills keeps working.
+     */
+    app.get("/config/character", (c) => {
+        return c.json({ character: config.character });
+    });
+    /**
+     * PATCH /config/character — agent-callable write of the persona string.
+     *
+     * Notify tier: audit-logged by the auth middleware, no Bearer required.
+     * Accepts only `{character: string}` — extra keys are rejected so this
+     * route cannot be used as a side channel into other config fields.
+     * Zod validation (max 1000 chars, no marker substring, non-blank-or-empty)
+     * runs inside `applyConfigUpdates` as usual.
+     */
+    app.patch("/config/character", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        if (!body || typeof body !== "object" || Array.isArray(body)) {
+            return c.json({ error: "Body must be a JSON object" }, 400);
+        }
+        const bodyRecord = body;
+        const extraKeys = Object.keys(bodyRecord).filter((k) => k !== "character");
+        if (extraKeys.length > 0) {
+            return c.json({
+                error: "validation_failed",
+                details: {
+                    _extraKeys: `Only "character" is accepted on this endpoint; got: ${extraKeys.join(", ")}`,
+                },
+            }, 400);
+        }
+        if (!Object.hasOwn(bodyRecord, "character")) {
+            return c.json({
+                error: "validation_failed",
+                details: { character: "character field is required" },
+            }, 400);
+        }
+        const prevCharacter = config.character;
+        const result = await applyConfigUpdates(config, settingsStore, {
+            character: bodyRecord.character,
+        });
+        if (Object.keys(result.errors).length > 0 && result.updated.length === 0) {
+            return c.json({ error: "validation_failed", details: result.errors }, 400);
+        }
+        if (result.updated.includes("character") && config.character !== prevCharacter) {
+            fanOutCharacterToActiveSessions();
+        }
+        return c.json({
+            status: "updated",
+            character: config.character,
+            updated: result.updated,
+            errors: result.errors,
+        });
+    });
+    app.put("/secrets/slack", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const botToken = typeof body?.botToken === "string" ? body.botToken.trim() : "";
+        const appToken = typeof body?.appToken === "string" ? body.appToken.trim() : "";
+        const validationErrors = {};
+        if (!botToken && !appToken) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: {
+                    botToken: "Provide at least one Slack token to save.",
+                    appToken: "Provide at least one Slack token to save.",
+                },
+            }, 400);
+        }
+        if (botToken)
+            await secretBroker.set("slackBotToken", botToken);
+        if (appToken)
+            await secretBroker.set("slackAppToken", appToken);
+        await notifySecretChange("slack");
+        return c.json({
+            status: "updated",
+            configured: (await getSecretConfigSummary()).slackConfigured,
+            requiresRestart: false,
+            validationErrors,
+        });
+    });
+    app.put("/secrets/telegram", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const botToken = typeof body?.botToken === "string" ? body.botToken.trim() : "";
+        if (!botToken) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { botToken: "Telegram bot token is required." },
+            }, 400);
+        }
+        await secretBroker.set("telegramBotToken", botToken);
+        await notifySecretChange("telegram");
+        return c.json({
+            status: "updated",
+            configured: (await getSecretConfigSummary()).telegramConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.put("/secrets/discord", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const botToken = typeof body?.botToken === "string" ? body.botToken.trim() : "";
+        if (!botToken) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { botToken: "Discord bot token is required." },
+            }, 400);
+        }
+        await secretBroker.set("discordBotToken", botToken);
+        await notifySecretChange("discord");
+        return c.json({
+            status: "updated",
+            configured: (await getSecretConfigSummary()).discordConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.put("/secrets/notion", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const apiKey = typeof body?.apiKey === "string" ? body.apiKey.trim() : "";
+        if (!apiKey) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { apiKey: "Notion API key is required." },
+            }, 400);
+        }
+        await secretBroker.set("notionApiKey", apiKey);
+        await notifySecretChange("notion");
+        return c.json({
+            status: "updated",
+            configured: (await getSecretConfigSummary()).notionConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.put("/secrets/github", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const token = typeof body?.token === "string" ? body.token.trim() : "";
+        const webhookSecret = typeof body?.webhookSecret === "string" ? body.webhookSecret.trim() : "";
+        if (!token && !webhookSecret) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: {
+                    token: "Provide a GitHub token and/or webhook secret.",
+                    webhookSecret: "Provide a GitHub token and/or webhook secret.",
+                },
+            }, 400);
+        }
+        if (token)
+            await secretBroker.set("githubToken", token);
+        if (webhookSecret)
+            await secretBroker.set("githubWebhookSecret", webhookSecret);
+        await notifySecretChange("github");
+        const summary = await getSecretConfigSummary();
+        return c.json({
+            status: "updated",
+            configured: summary.githubConfigured || summary.githubWebhookSecretConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.put("/secrets/google/credentials", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const raw = typeof body?.json === "string" ? body.json : "";
+        if (!raw) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { json: "Credentials JSON is required." },
+            }, 400);
+        }
+        let parsed;
+        try {
+            parsed = JSON.parse(raw);
+        }
+        catch {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { json: "Invalid JSON file" },
+            }, 400);
+        }
+        if (!parsed.installed && !parsed.web && parsed.type !== "service_account") {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: {
+                    json: "Invalid credentials format. Expected OAuth2 credentials JSON or a service account JSON.",
+                },
+            }, 400);
+        }
+        await secretBroker.set("googleCredentialsJson", raw);
+        if (parsed.type === "service_account") {
+            await secretBroker.delete("googleTokenJson");
+        }
+        await notifySecretChange("google");
+        deps.onGoogleServicesReady?.();
+        const summary = await getSecretConfigSummary();
+        return c.json({
+            status: "updated",
+            configured: summary.googleCalendarCredentialsConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.put("/secrets/google/token", async (c) => {
+        const parsedBody = await readJsonBody(c);
+        if (!parsedBody.ok)
+            return parsedBody.response;
+        const body = parsedBody.body;
+        const raw = typeof body?.json === "string" ? body.json : "";
+        if (!raw) {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { json: "Token JSON is required." },
+            }, 400);
+        }
+        try {
+            JSON.parse(raw);
+        }
+        catch {
+            return c.json({
+                status: "validation_failed",
+                configured: false,
+                requiresRestart: false,
+                validationErrors: { json: "Invalid JSON file" },
+            }, 400);
+        }
+        await secretBroker.saveGoogleTokenJson(raw);
+        await notifySecretChange("google");
+        deps.onGoogleServicesReady?.();
+        const summary = await getSecretConfigSummary();
+        return c.json({
+            status: "updated",
+            configured: summary.googleCalendarTokenConfigured,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.delete("/secrets/:name", async (c) => {
+        const name = c.req.param("name");
+        if (name === "apiToken") {
+            return c.json({
+                error: "api_token_not_deletable",
+                message: "The daemon API token cannot be deleted from the API. Rotate it explicitly instead.",
+            }, 400);
+        }
+        const secretNameByParam = {
+            slackBotToken: "slackBotToken",
+            slackAppToken: "slackAppToken",
+            telegramBotToken: "telegramBotToken",
+            discordBotToken: "discordBotToken",
+            notionApiKey: "notionApiKey",
+            githubToken: "githubToken",
+            githubWebhookSecret: "githubWebhookSecret",
+            googleCredentialsJson: "googleCredentialsJson",
+            googleTokenJson: "googleTokenJson",
+        };
+        const secretName = secretNameByParam[name];
+        if (!secretName) {
+            return c.json({ error: "unknown_secret" }, 404);
+        }
+        await secretBroker.delete(secretName);
+        const scopeBySecret = {
+            slackBotToken: "slack",
+            slackAppToken: "slack",
+            telegramBotToken: "telegram",
+            discordBotToken: "discord",
+            notionApiKey: "notion",
+            githubToken: "github",
+            githubWebhookSecret: "github",
+            googleCredentialsJson: "google",
+            googleTokenJson: "google",
+        };
+        await notifySecretChange(scopeBySecret[secretName]);
+        return c.json({
+            status: "deleted",
+            configured: false,
+            requiresRestart: false,
+            validationErrors: {},
+        });
+    });
+    app.get("/dashboard/next-check", (c) => {
+        return c.json(getNextHourlyCheck(config));
+    });
+    // STAGE-C-DM-FRESHNESS-PLAN §Task 4 — DM freshness aggregate. Powered
+    // by `agent_actions.detail.dm_freshness.*` rows the DM dispatch path
+    // writes via AuditLogger.logAction. Window defaults to 7 days; query
+    // param `days` overrides for ad-hoc inspection (clamped to 1..90).
+    app.get("/dashboard/dm-freshness", (c) => {
+        const daysParam = c.req.query("days");
+        let windowDays = 7;
+        if (daysParam !== undefined) {
+            const parsed = Number(daysParam);
+            if (!Number.isFinite(parsed) || parsed < 1 || parsed > 90) {
+                return c.json({
+                    error: "invalid_window",
+                    message: "days must be a number between 1 and 90",
+                }, 400);
+            }
+            windowDays = Math.round(parsed);
+        }
+        const aggregate = computeDmFreshnessAggregate(deps.db, windowDays);
+        return c.json(aggregate);
+    });
+    /**
+     * POST /messaging/whatsapp/pair
+     *
+     * Triggers Baileys pairing and waits up to ~10s for the first scannable QR.
+     * If WhatsApp isn't enabled yet, returns 409 with a clear hint instead of
+     * silently 404'ing — this surfaces the original setup-flow bug where users
+     * clicked Pair without first enabling.
+     */
+    app.post("/messaging/whatsapp/pair", async (c) => {
+        if (!deps.whatsappControls) {
+            return c.json({ error: "whatsapp_not_available" }, 404);
+        }
+        if (!config.whatsappEnabled) {
+            return c.json({
+                error: "whatsapp_not_enabled",
+                message: "Enable WhatsApp first (toggle the Enable button), then click Pair.",
+            }, 409);
+        }
+        if (!config.whatsappOwnerPhone) {
+            return c.json({
+                error: "whatsapp_phone_missing",
+                message: "Set the owner phone (E.164, e.g. +818012345678) and save before pairing.",
+            }, 409);
+        }
+        try {
+            const response = await deps.whatsappControls.waitForQr(10_000);
+            return c.json(response);
+        }
+        catch (err) {
+            const message = toSafeErrorMessage(err, "Unknown WhatsApp error");
+            return c.json({
+                error: "whatsapp_pair_failed",
+                message,
+                state: deps.whatsappControls.getQrResponse().state,
+            }, 500);
+        }
+    });
+    /**
+     * GET /messaging/whatsapp/qr
+     *
+     * Returns the current QR snapshot WITHOUT triggering a fresh pair flow.
+     * Dashboard polls this every ~3s while pairing is in progress so the user
+     * always sees the latest QR (Baileys rotates them every ~20s).
+     */
+    app.get("/messaging/whatsapp/qr", (c) => {
+        if (!deps.whatsappControls) {
+            return c.json({ error: "whatsapp_not_available" }, 404);
+        }
+        const response = deps.whatsappControls.getQrResponse();
+        return c.json({
+            ...response,
+            error: response.error ? toSafeErrorMessage(response.error) : null,
+        });
+    });
+    /**
+     * GET /messaging/whatsapp/status
+     *
+     * Lightweight health probe — connection state + last error, no QR fetch.
+     */
+    app.get("/messaging/whatsapp/status", (c) => {
+        if (!deps.whatsappControls) {
+            return c.json({ error: "whatsapp_not_available" }, 404);
+        }
+        const response = deps.whatsappControls.getQrResponse();
+        return c.json({
+            enabled: config.whatsappEnabled,
+            initialized: deps.whatsappControls.isInitialized(),
+            state: response.state,
+            error: response.error ? toSafeErrorMessage(response.error) : null,
+        });
+    });
+    // ── Telegram pairing ──────────────────────────────────────────────────
+    //
+    // Three endpoints support the dashboard's QR-deep-link pairing flow:
+    //   POST /messaging/telegram/test-token   — getMe (validate token)
+    //   POST /messaging/telegram/start-pairing — generate token + QR + deep link
+    //   GET  /messaging/telegram/pairing-status — poll until paired
+    //
+    // The QR encodes `https://t.me/<bot>?start=<token>`. When the user scans
+    // it, Telegram opens the bot and sends `/start <token>`; the adapter
+    // matches the token, captures the chat ID via discovery mode, and the
+    // daemon writes the ID into .env via the onOwnerDetected callback.
+    app.post("/messaging/telegram/test-token", async (c) => {
+        if (!deps.messagingControls?.telegram) {
+            return c.json({ error: "telegram_not_configured" }, 404);
+        }
+        // Accept an optional candidate token in the request body so the
+        // dashboard can validate an UNSAVED draft before persisting it.
+        const body = await c.req.json().catch(() => ({}));
+        const candidate = typeof body?.token === "string" && body.token.length > 0
+            ? body.token
+            : undefined;
+        try {
+            const info = await deps.messagingControls.telegram.testToken(candidate);
+            return c.json(info);
+        }
+        catch (err) {
+            return c.json({
+                error: "telegram_test_failed",
+                message: toSafeErrorMessage(err, "Telegram token validation failed"),
+            }, 400);
+        }
+    });
+    app.post("/messaging/telegram/start-pairing", async (c) => {
+        if (!deps.messagingControls?.telegram) {
+            return c.json({ error: "telegram_not_configured" }, 404);
+        }
+        try {
+            const result = await deps.messagingControls.telegram.startPairing();
+            return c.json(result);
+        }
+        catch (err) {
+            return c.json({
+                error: "telegram_pair_start_failed",
+                message: toSafeErrorMessage(err, "Telegram pairing could not start"),
+            }, 500);
+        }
+    });
+    app.get("/messaging/telegram/pairing-status", (c) => {
+        if (!deps.messagingControls?.telegram) {
+            return c.json({ error: "telegram_not_configured" }, 404);
+        }
+        return c.json(deps.messagingControls.telegram.getPairingStatus());
+    });
+    app.post("/messaging/telegram/cancel-pairing", (c) => {
+        if (!deps.messagingControls?.telegram) {
+            return c.json({ error: "telegram_not_configured" }, 404);
+        }
+        deps.messagingControls.telegram.cancelPairing();
+        return c.json({ status: "cancelled" });
+    });
+    // ── Slack pairing ─────────────────────────────────────────────────────
+    //
+    // Slack has no QR/deep-link mechanism, so we offer two helpers:
+    //   1. Token validation via auth.test
+    //   2. A pre-built app manifest (one-click app creation at api.slack.com)
+    //   3. Discovery mode for owner user ID — user DMs the bot, daemon captures
+    //
+    // The manifest uses Aitne's required scopes (im:history,
+    // chat:write, app_mentions:read) + Socket Mode + bot scopes. We do NOT
+    // include any oauth_redirect_url since Socket Mode bots don't need one.
+    app.post("/messaging/slack/test-token", async (c) => {
+        if (!deps.messagingControls?.slack) {
+            return c.json({ error: "slack_not_configured" }, 404);
+        }
+        const body = await c.req.json().catch(() => ({}));
+        const candidate = typeof body?.token === "string" && body.token.length > 0
+            ? body.token
+            : undefined;
+        try {
+            const info = await deps.messagingControls.slack.testToken(candidate);
+            return c.json(info);
+        }
+        catch (err) {
+            return c.json({
+                error: "slack_test_failed",
+                message: toSafeErrorMessage(err, "Slack token validation failed"),
+            }, 400);
+        }
+    });
+    app.get("/messaging/slack/manifest", (c) => {
+        // App manifest in JSON form. Slack supports both YAML and JSON in the
+        // `?manifest_json=` and `?manifest_yaml=` query params on the new-app
+        // create page (https://docs.slack.dev/app-manifests/...).
+        //
+        // Scope minimization (intentional, do not re-broaden):
+        //   - app_mentions:read — for @mentions in channels the user invited the bot to
+        //   - chat:write        — required to send messages
+        //   - files:read        — required to download user-uploaded files
+        //   - im:history        — required to receive `message.im` events
+        //   - im:read           — list/inspect direct-message channels
+        //   - im:write          — open a DM channel with the owner
+        //
+        // We DELIBERATELY OMIT:
+        //   - channels:history  — would let the bot read every message in every
+        //                         channel it's added to. Aitne only DMs,
+        //                         so this scope is pure attack surface.
+        //   - users:read        — not needed; resolveUserChannel() uses
+        //                         conversations.open with the configured user ID.
+        const manifest = {
+            display_information: {
+                name: APP_NAME,
+                description: "Local-first proactive assistant",
+                background_color: "#1a1a2e",
+            },
+            features: {
+                bot_user: {
+                    display_name: APP_NAME,
+                    always_online: true,
+                },
+            },
+            oauth_config: {
+                scopes: {
+                    bot: [
+                        "app_mentions:read",
+                        "chat:write",
+                        "files:read",
+                        "im:history",
+                        "im:read",
+                        "im:write",
+                    ],
+                },
+            },
+            settings: {
+                event_subscriptions: {
+                    bot_events: ["app_mention", "message.im"],
+                },
+                interactivity: { is_enabled: false },
+                org_deploy_enabled: false,
+                socket_mode_enabled: true,
+                token_rotation_enabled: false,
+            },
+        };
+        const manifestJson = JSON.stringify(manifest);
+        // Slack's "create app from manifest" deep link.
+        const createAppUrl = `https://api.slack.com/apps?new_app=1&manifest_json=${encodeURIComponent(manifestJson)}`;
+        return c.json({
+            manifest,
+            manifestJson,
+            createAppUrl,
+            instructions: [
+                "1. Click 'Open Slack app builder' below — Slack will pre-fill the manifest.",
+                "2. On the app page, scroll to 'Install App' and click Install to your workspace.",
+                "3. Copy the Bot User OAuth Token (xoxb-…) from 'OAuth & Permissions' into the field below.",
+                "4. Generate an App-Level Token (xapp-…) under 'Basic Information' → 'App-Level Tokens' with `connections:write` scope, paste it below.",
+                "5. Click Save Slack Config, then 'Generate pairing phrase' and DM the bot with the phrase.",
+            ],
+        });
+    });
+    /**
+     * POST /messaging/slack/start-pairing
+     *
+     * Generates a fresh magic phrase, registers it as the Slack adapter's
+     * pairing challenge, and returns it to the dashboard. The user must
+     * include this phrase in the next DM they send to the bot — only that
+     * matching DM captures the owner role. The previous "enable-discovery"
+     * endpoint was vulnerable to a 5-minute race where any DM could
+     * hijack ownership; the magic phrase closes that.
+     */
+    app.post("/messaging/slack/start-pairing", async (c) => {
+        if (!deps.messagingControls?.slack) {
+            return c.json({ error: "slack_not_configured" }, 404);
+        }
+        try {
+            const result = await deps.messagingControls.slack.startPairing();
+            return c.json(result);
+        }
+        catch (err) {
+            return c.json({
+                error: "slack_pair_start_failed",
+                message: toSafeErrorMessage(err, "Slack pairing could not start"),
+            }, 400);
+        }
+    });
+    app.post("/messaging/slack/cancel-pairing", (c) => {
+        if (!deps.messagingControls?.slack) {
+            return c.json({ error: "slack_not_configured" }, 404);
+        }
+        deps.messagingControls.slack.cancelPairing();
+        return c.json({ status: "cancelled" });
+    });
+    app.get("/messaging/slack/pairing-status", (c) => {
+        if (!deps.messagingControls?.slack) {
+            return c.json({ error: "slack_not_configured" }, 404);
+        }
+        return c.json(deps.messagingControls.slack.getPairingStatus());
+    });
+    // ── Discord pairing ───────────────────────────────────────────────────
+    //
+    // Discord parity: token validation + magic-phrase pairing for owner user ID.
+    app.post("/messaging/discord/test-token", async (c) => {
+        if (!deps.messagingControls?.discord) {
+            return c.json({ error: "discord_not_configured" }, 404);
+        }
+        const body = await c.req.json().catch(() => ({}));
+        const candidate = typeof body?.token === "string" && body.token.length > 0
+            ? body.token
+            : undefined;
+        try {
+            const info = await deps.messagingControls.discord.testToken(candidate);
+            return c.json(info);
+        }
+        catch (err) {
+            return c.json({
+                error: "discord_test_failed",
+                message: toSafeErrorMessage(err, "Discord token validation failed"),
+            }, 400);
+        }
+    });
+    app.post("/messaging/discord/start-pairing", async (c) => {
+        if (!deps.messagingControls?.discord) {
+            return c.json({ error: "discord_not_configured" }, 404);
+        }
+        try {
+            const result = await deps.messagingControls.discord.startPairing();
+            return c.json(result);
+        }
+        catch (err) {
+            return c.json({
+                error: "discord_pair_start_failed",
+                message: toSafeErrorMessage(err, "Discord pairing could not start"),
+            }, 400);
+        }
+    });
+    app.post("/messaging/discord/cancel-pairing", (c) => {
+        if (!deps.messagingControls?.discord) {
+            return c.json({ error: "discord_not_configured" }, 404);
+        }
+        deps.messagingControls.discord.cancelPairing();
+        return c.json({ status: "cancelled" });
+    });
+    app.get("/messaging/discord/pairing-status", (c) => {
+        if (!deps.messagingControls?.discord) {
+            return c.json({ error: "discord_not_configured" }, 404);
+        }
+        return c.json(deps.messagingControls.discord.getPairingStatus());
+    });
+    /** POST /config/upload/google-credentials — upload Google Calendar credentials JSON */
+    app.post("/config/upload/google-credentials", async (c) => {
+        const body = await c.req.parseBody();
+        const file = body["file"];
+        if (!file || !(file instanceof File)) {
+            return c.json({ error: "No file uploaded. Send as multipart with field name 'file'" }, 400);
+        }
+        if (file.size > MAX_UPLOAD_SIZE) {
+            return c.json({ error: `File too large (max ${MAX_UPLOAD_SIZE / 1024} KB)` }, 400);
+        }
+        const content = await file.text();
+        let parsed;
+        try {
+            parsed = JSON.parse(content);
+        }
+        catch {
+            return c.json({ error: "Invalid JSON file" }, 400);
+        }
+        // Basic validation: must be OAuth2 (installed/web) or service account
+        const obj = parsed;
+        if (!obj.installed && !obj.web && obj.type !== "service_account") {
+            return c.json({ error: "Invalid credentials format. Expected OAuth2 credentials JSON (with 'installed' or 'web' key) or a service account JSON." }, 400);
+        }
+        await secretBroker.set("googleCredentialsJson", content);
+        if (parsed.type === "service_account") {
+            await secretBroker.delete("googleTokenJson");
+        }
+        await notifySecretChange("google");
+        deps.onGoogleServicesReady?.();
+        return c.json({
+            status: "uploaded",
+            path: "keychain://google-credentials",
+            requiresRestart: false,
+            message: "Credentials saved.",
+        });
+    });
+    /** POST /config/upload/google-token — upload Google Calendar OAuth token JSON */
+    app.post("/config/upload/google-token", async (c) => {
+        const body = await c.req.parseBody();
+        const file = body["file"];
+        if (!file || !(file instanceof File)) {
+            return c.json({ error: "No file uploaded. Send as multipart with field name 'file'" }, 400);
+        }
+        if (file.size > MAX_UPLOAD_SIZE) {
+            return c.json({ error: `File too large (max ${MAX_UPLOAD_SIZE / 1024} KB)` }, 400);
+        }
+        const content = await file.text();
+        // Validate JSON
+        try {
+            JSON.parse(content);
+        }
+        catch {
+            return c.json({ error: "Invalid JSON file" }, 400);
+        }
+        await secretBroker.saveGoogleTokenJson(content);
+        await notifySecretChange("google");
+        deps.onGoogleServicesReady?.();
+        return c.json({
+            status: "uploaded",
+            path: "keychain://google-token",
+            requiresRestart: false,
+            message: "Token saved.",
+        });
+    });
+    // ── Google OAuth2 Authorization Flow ──
+    // Allows users to authenticate with just credentials.json — the daemon
+    // handles the full OAuth2 flow and saves the token automatically.
+    /** POST /config/google-auth/start — begin OAuth2 authorization */
+    app.post("/config/google-auth/start", async (c) => {
+        const credRaw = await secretBroker.getGoogleCredentialsJson();
+        if (!credRaw) {
+            return c.json({ error: "Upload credentials.json first" }, 400);
+        }
+        let cred;
+        try {
+            cred = parseGoogleCredentialsJson(credRaw);
+        }
+        catch {
+            return c.json({ error: "Credentials JSON is invalid. Upload it again." }, 400);
+        }
+        // Service accounts don't need OAuth2 authorization
+        if (cred.type === "service_account") {
+            return c.json({ error: "Service account credentials don't require OAuth authorization. Restart the daemon to activate." }, 400);
+        }
+        const clientConfig = getGoogleOAuthClientConfig(cred);
+        if (!clientConfig) {
+            return c.json({ error: "Invalid credentials format" }, 400);
+        }
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        let google;
+        try {
+            const mod = await import("googleapis");
+            google = mod.google;
+        }
+        catch {
+            return c.json({ error: "googleapis package not installed" }, 500);
+        }
+        // Use daemon's own port for the OAuth callback
+        const redirectUri = `http://localhost:${config.apiPort}/api/config/google-auth/callback`;
+        const oauth2Client = new google.auth.OAuth2(clientConfig.client_id, clientConfig.client_secret, redirectUri);
+        // Request scopes for Calendar + Gmail
+        const scopes = [
+            "https://www.googleapis.com/auth/calendar",
+            "https://www.googleapis.com/auth/gmail.modify",
+            "https://www.googleapis.com/auth/gmail.send",
+        ];
+        pruneOauthStates();
+        const state = randomUUID();
+        // Capture the dashboard origin so the callback can postMessage to the correct window
+        const origin = c.req.header("origin");
+        const referer = c.req.header("referer");
+        const dashboardOrigin = origin
+            || (referer ? new URL(referer).origin : `http://localhost:3000`);
+        oauthStates.set(state, { createdAt: Date.now(), dashboardOrigin });
+        const authUrl = oauth2Client.generateAuthUrl({
+            access_type: "offline",
+            scope: scopes,
+            prompt: "consent", // Force consent to always get a refresh_token
+            state,
+        });
+        return c.json({ authUrl, redirectUri, scopes });
+    });
+    /** GET /config/google-auth/callback — OAuth2 redirect handler */
+    app.get("/config/google-auth/callback", async (c) => {
+        const code = c.req.query("code");
+        const error = c.req.query("error");
+        const state = c.req.query("state");
+        if (error) {
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#dc2626">Authorization Failed</h2>
+        <p>${escapeHtml(error)}</p>
+        <p style="color:#666;font-size:14px">You can close this window.</p>
+      </body></html>`);
+        }
+        pruneOauthStates();
+        const stateData = state ? oauthStates.get(state) : undefined;
+        if (!state || !stateData) {
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#dc2626">Authorization Failed</h2>
+        <p>Invalid or expired OAuth state.</p>
+        <p style="color:#666;font-size:14px">Start the authorization flow again from the dashboard.</p>
+      </body></html>`);
+        }
+        const { dashboardOrigin } = stateData;
+        oauthStates.delete(state);
+        if (!code) {
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#dc2626">Error</h2>
+        <p>No authorization code received.</p>
+      </body></html>`);
+        }
+        // Re-create OAuth2 client from stored credentials
+        const credRaw = await secretBroker.getGoogleCredentialsJson();
+        if (!credRaw) {
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#dc2626">Error</h2>
+        <p>Credentials not configured.</p>
+      </body></html>`);
+        }
+        try {
+            const cred = parseGoogleCredentialsJson(credRaw);
+            const clientConfig = getGoogleOAuthClientConfig(cred);
+            if (!clientConfig)
+                throw new Error("Invalid credentials");
+            const mod = await import("googleapis");
+            const google = mod.google;
+            const redirectUri = `http://localhost:${config.apiPort}/api/config/google-auth/callback`;
+            const oauth2Client = new google.auth.OAuth2(clientConfig.client_id, clientConfig.client_secret, redirectUri);
+            // Exchange authorization code for tokens
+            const { tokens } = await oauth2Client.getToken(code);
+            await secretBroker.saveGoogleTokenJson(JSON.stringify(tokens));
+            await notifySecretChange("google");
+            deps.onGoogleServicesReady?.();
+            const statusMsg = services.calendar || services.gmail
+                ? "Services activated."
+                : "Token saved.";
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#059669">Authorization Successful</h2>
+        <p>${escapeHtml(statusMsg)}</p>
+        <p style="color:#666;font-size:14px">You can close this window.</p>
+        <script>
+          if (window.opener) {
+            window.opener.postMessage({ type: "google-auth-success" }, ${JSON.stringify(dashboardOrigin)});
+          }
+        </script>
+      </body></html>`);
+        }
+        catch (err) {
+            const msg = toSafeErrorMessage(err, "Unknown error");
+            return c.html(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:60px">
+        <h2 style="color:#dc2626">Token Exchange Failed</h2>
+        <p>${escapeHtml(msg)}</p>
+        <p style="color:#666;font-size:14px">You can close this window and try again.</p>
+      </body></html>`);
+        }
+    });
+    /** POST /config/reset-safety — reset disallowedTools to defaults */
+    app.post("/config/reset-safety", async (c) => {
+        const defaults = [...DEFAULT_DISALLOWED_TOOLS];
+        // Actually persist the reset — update in-memory config and .env
+        // Use null for allowedToolsOverride to match the Zod default (null = "no override")
+        const result = await applyConfigUpdates(config, settingsStore, {
+            disallowedTools: defaults,
+            allowedToolsOverride: null,
+        });
+        return c.json({ status: "reset", disallowedTools: defaults, ...result });
+    });
+    // ── Events/Logs API ──
+    /** GET /events — paginated event/action log */
+    app.get("/events", (c) => {
+        const page = Math.max(1, Number(c.req.query("page") ?? "1"));
+        const limit = Math.min(Number(c.req.query("limit") ?? "50"), 100);
+        const offset = (page - 1) * limit;
+        const type = c.req.query("type");
+        const result = c.req.query("result");
+        const days = c.req.query("days"); // "1" (today), "7", "30"
+        let whereClause = "WHERE 1=1";
+        const params = [];
+        if (type) {
+            whereClause += " AND action_type = ?";
+            params.push(type);
+        }
+        if (result) {
+            whereClause += " AND result = ?";
+            params.push(result);
+        }
+        if (days) {
+            const d = Number(days);
+            if (d > 0 && d <= 365) {
+                // datetime(started_at) normalizes mixed ISO-8601 / SQL formats — the
+                // delegated_proxy.invoke writer historically inserted ISO-with-T-and-Z
+                // strings, which sort lexicographically above same-day SQL strings.
+                whereClause += " AND datetime(started_at) > datetime('now', '-' || ? || ' days')";
+                params.push(d);
+            }
+        }
+        const total = db
+            .prepare(`SELECT COUNT(*) as cnt FROM agent_actions ${whereClause}`)
+            .get(...params);
+        params.push(limit, offset);
+        const rows = db
+            .prepare(`SELECT id, event_id, action_type, trigger, model_used, model_usage_json, cost_usd,
+                tokens_input, tokens_output,
+                cache_creation_tokens, cache_read_tokens,
+                duration_ms, num_turns,
+                result, detail, started_at, completed_at, error
+         FROM agent_actions ${whereClause}
+         ORDER BY datetime(started_at) DESC, id DESC
+         LIMIT ? OFFSET ?`)
+            .all(...params);
+        return c.json({
+            events: rows,
+            pagination: {
+                page,
+                limit,
+                total: total.cnt,
+                totalPages: Math.ceil(total.cnt / limit),
+            },
+        });
+    });
+    // ── Conversations API ──
+    /** GET /conversations — paginated conversation sessions */
+    app.get("/conversations", (c) => {
+        const page = Number(c.req.query("page") ?? "1");
+        const limit = Math.min(Number(c.req.query("limit") ?? "20"), 50);
+        const offset = (page - 1) * limit;
+        const platform = c.req.query("platform");
+        const status = c.req.query("status");
+        const scope = c.req.query("scope");
+        const scopes = scope
+            ?.split(",")
+            .map((value) => value.trim())
+            .filter((value) => value.length > 0);
+        let whereClause = "WHERE 1=1";
+        const params = [];
+        if (platform) {
+            whereClause += " AND platform = ?";
+            params.push(platform);
+        }
+        if (status) {
+            whereClause += " AND status = ?";
+            params.push(status);
+        }
+        if (scopes && scopes.length > 0) {
+            if (scopes.length === 1) {
+                whereClause += " AND scope = ?";
+                params.push(scopes[0]);
+            }
+            else {
+                whereClause += ` AND scope IN (${scopes.map(() => "?").join(", ")})`;
+                params.push(...scopes);
+            }
+        }
+        else {
+            // Default view excludes docs_qa: QA transcripts are short lookups
+            // and would drown out chat in /activity. Operators opt in with the
+            // explicit `?scope=docs_qa` filter chip.
+            whereClause += " AND scope != ?";
+            params.push(DOCS_QA_SCOPE);
+        }
+        const total = db
+            .prepare(`SELECT COUNT(*) as cnt FROM conversation_sessions ${whereClause}`)
+            .get(...params);
+        params.push(limit, offset);
+        const rows = db
+            .prepare(`SELECT id, platform, channel_id, thread_id, scope, model, status,
+                message_count, started_at, last_message_at, is_dm, backend_session_id
+         FROM conversation_sessions ${whereClause}
+         ORDER BY last_message_at DESC
+         LIMIT ? OFFSET ?`)
+            .all(...params);
+        const sourcePlatformsStmt = db.prepare(`SELECT DISTINCT platform
+         FROM messages
+        WHERE session_id = ?
+        ORDER BY CASE platform
+          WHEN 'dashboard' THEN 0
+          WHEN 'whatsapp' THEN 1
+          WHEN 'telegram' THEN 2
+          WHEN 'slack' THEN 3
+          WHEN 'discord' THEN 4
+          ELSE 99
+        END, platform`);
+        const conversations = rows.map((row) => {
+            const sourcePlatforms = sourcePlatformsStmt.all(row.id).map((platformRow) => platformRow.platform);
+            const normalizedSourcePlatforms = sourcePlatforms.length > 0
+                ? sourcePlatforms
+                : row.platform !== "owner"
+                    ? [row.platform]
+                    : [];
+            const browserOnly = normalizedSourcePlatforms.length > 0
+                && normalizedSourcePlatforms.every((platform) => platform === "dashboard");
+            return {
+                id: row.id,
+                platform: row.platform,
+                channel_id: row.channel_id,
+                thread_id: row.thread_id,
+                model: row.model,
+                status: row.status,
+                message_count: row.message_count,
+                started_at: row.started_at,
+                last_message_at: row.last_message_at,
+                summary: null,
+                source_platforms: normalizedSourcePlatforms,
+                read_only_from_dashboard: normalizedSourcePlatforms.length === 0 ||
+                    normalizedSourcePlatforms.some((platform) => platform !== "dashboard"),
+                // A session is continuable when the dispatcher can actually
+                // execute against it — not when its stored SDK session id is
+                // non-null. `continueDashboardSession` legitimately writes
+                // `backend_session_id = NULL` on the `shouldInvalidateSdkSession`
+                // path, and the dispatcher falls back to fresh-execute + history
+                // injection for NULL backends. The real gates are: scope,
+                // browser-only provenance, and the workdir surviving on disk.
+                continue_available: row.scope === DASHBOARD_CHAT_SCOPE
+                    && browserOnly
+                    && existsSync(getSessionWorkdirPath(config.dataDir, row.id)),
+            };
+        });
+        return c.json({
+            conversations,
+            pagination: {
+                page,
+                limit,
+                total: total.cnt,
+                totalPages: Math.ceil(total.cnt / limit),
+            },
+        });
+    });
+    /**
+     * DELETE /conversations — bulk-delete every non-active sidebar session.
+     * Scope is hard-coded to `dashboard_chat` + `owner_dm` (what the chat
+     * sidebar shows); the live active session is filtered out so deleting
+     * "all past sessions" never kills the current chat.
+     */
+    app.delete("/conversations", (c) => {
+        const result = deleteAllChatSidebarSessions({ db, dataDir: config.dataDir });
+        return c.json({ status: "deleted", deleted: result.deleted });
+    });
+    /** DELETE /conversations/:id — delete one non-active sidebar session. */
+    app.delete("/conversations/:id", (c) => {
+        const sessionId = Number(c.req.param("id"));
+        if (!Number.isFinite(sessionId) || sessionId <= 0) {
+            return c.json({ error: "invalid_session_id" }, 400);
+        }
+        const result = deleteChatSession({
+            db,
+            dataDir: config.dataDir,
+            sessionId,
+        });
+        if (!result.ok) {
+            return c.json({ error: "delete_failed", message: result.message }, result.status);
+        }
+        return c.json({ status: "deleted", deleted: result.deleted });
+    });
+    /** GET /conversations/:id/messages — messages for a specific conversation */
+    app.get("/conversations/:id/messages", (c) => {
+        const sessionId = Number(c.req.param("id"));
+        const limit = Math.min(Number(c.req.query("limit") ?? "50"), 200);
+        const before = c.req.query("before"); // cursor-based pagination
+        let whereClause = "WHERE session_id = ?";
+        const params = [sessionId];
+        if (before) {
+            whereClause += " AND id < ?";
+            params.push(Number(before));
+        }
+        params.push(limit);
+        const rows = db
+            .prepare(`SELECT id, role, content, platform, sender_id, timestamp
+         FROM messages ${whereClause}
+         ORDER BY id DESC
+         LIMIT ?`)
+            .all(...params);
+        // Chat-attachments Phase 1 — inline attachment refs per message so
+        // the dashboard transcript can render thumbnails/download chips
+        // alongside past messages without an extra round-trip per row.
+        // Skipped when the chat_attachments table doesn't exist (older DB
+        // snapshots / tests that don't run migrations).
+        const hasAttachments = (() => {
+            try {
+                const row = db
+                    .prepare(`SELECT name FROM sqlite_master WHERE type='table' AND name='chat_attachments'`)
+                    .get();
+                return row !== undefined;
+            }
+            catch {
+                return false;
+            }
+        })();
+        const attachmentsByMessage = new Map();
+        if (hasAttachments && rows.length > 0) {
+            const ids = rows.map((r) => r.id);
+            const placeholders = ids.map(() => "?").join(",");
+            const attachmentRows = db
+                .prepare(`SELECT message_id, id, direction, original_filename, mime_type, size_bytes, caption
+           FROM chat_attachments
+           WHERE message_id IN (${placeholders})
+           ORDER BY created_at ASC`)
+                .all(...ids);
+            for (const a of attachmentRows) {
+                let bucket = attachmentsByMessage.get(a.message_id);
+                if (!bucket) {
+                    bucket = [];
+                    attachmentsByMessage.set(a.message_id, bucket);
+                }
+                bucket.push({
+                    id: a.id,
+                    direction: a.direction,
+                    originalFilename: a.original_filename,
+                    mimeType: a.mime_type,
+                    sizeBytes: a.size_bytes,
+                    caption: a.caption,
+                });
+            }
+        }
+        const enriched = rows.map((row) => {
+            const attachments = attachmentsByMessage.get(row.id);
+            return attachments && attachments.length > 0
+                ? { ...row, attachments }
+                : row;
+        });
+        return c.json({
+            messages: enriched.reverse(), // Return in chronological order
+            hasMore: rows.length === limit,
+        });
+    });
+    // ── Cost API ──
+    /** GET /cost — cost analytics */
+    app.get("/cost", (c) => {
+        const period = c.req.query("period") ?? "daily"; // daily, weekly, monthly
+        const periodKey = period in COST_QUERIES
+            ? period
+            : "daily";
+        const queries = COST_QUERIES[periodKey];
+        const spec = COST_PERIOD_SPECS[periodKey];
+        const byPeriod = db.prepare(queries.byPeriod).all();
+        const byModelRaw = db.prepare(queries.byModelRows).all();
+        const byModel = aggregateByBilledModel(byModelRaw);
+        const byEventType = db.prepare(queries.byEventType).all();
+        const byBackend = db
+            .prepare(`SELECT ${backendExpr} as backend,
+                SUM(cost_usd) as total_cost,
+                COUNT(*) as session_count
+           FROM agent_actions
+          WHERE started_at > datetime('now', ?)
+            AND cost_usd IS NOT NULL
+          GROUP BY 1
+          ORDER BY total_cost DESC`)
+            .all(spec.sinceExpr);
+        const byBackendPeriod = db
+            .prepare(`SELECT ${spec.bucketExpr} as period,
+                ${backendExpr} as backend,
+                SUM(cost_usd) as total_cost,
+                COUNT(*) as session_count
+           FROM agent_actions
+          WHERE started_at > datetime('now', ?)
+            AND cost_usd IS NOT NULL
+          GROUP BY 1, 2
+          ORDER BY period DESC, backend ASC`)
+            .all(spec.sinceExpr);
+        // Today's total (timezone-aware agent day, executed sessions only).
+        // datetime(started_at) normalizes mixed ISO-8601 / SQL formats — same
+        // rationale as the /events ORDER BY fix above.
+        const bounds = getAgentDayBoundsUtc(config.timezone, config.dayBoundaryHour);
+        const today = db
+            .prepare(`SELECT COALESCE(SUM(cost_usd), 0) as cost,
+                COUNT(*) as sessions
+         FROM agent_actions
+         WHERE datetime(started_at) >= ? AND datetime(started_at) < ?
+           AND cost_usd IS NOT NULL`)
+            .get(bounds.start, bounds.end);
+        return c.json({
+            period,
+            today: { costUsd: today.cost, sessions: today.sessions },
+            byPeriod,
+            byModel,
+            byEventType,
+            byBackend,
+            byBackendPeriod,
+        });
+    });
+    // ── Approvals API ──
+    /** GET /approvals — list pending approval requests */
+    app.get("/approvals", (c) => {
+        const rows = db
+            .prepare(`SELECT id, scheduled_for, task_type, task_description,
+                task_context, model, status, created_at
+         FROM agent_schedule
+         WHERE status = 'pending' AND task_type = 'approval'
+         ORDER BY created_at DESC`)
+            .all();
+        return c.json({ approvals: rows });
+    });
+    /** POST /approvals/:id/approve — approve a pending request */
+    app.post("/approvals/:id/approve", (c) => {
+        const id = Number(c.req.param("id"));
+        const result = db
+            .prepare("UPDATE agent_schedule SET status = 'pending', task_type = 'approved_task' WHERE id = ? AND status = 'pending' AND task_type = 'approval'")
+            .run(id);
+        if (result.changes === 0) {
+            return c.json({ error: "approval not found or already processed" }, 404);
+        }
+        return c.json({ status: "approved", id });
+    });
+    /** POST /approvals/:id/deny — deny a pending request */
+    app.post("/approvals/:id/deny", (c) => {
+        const id = Number(c.req.param("id"));
+        const result = db
+            .prepare("UPDATE agent_schedule SET status = 'skipped' WHERE id = ? AND status = 'pending' AND task_type = 'approval'")
+            .run(id);
+        if (result.changes === 0) {
+            return c.json({ error: "approval not found or already processed" }, 404);
+        }
+        return c.json({ status: "denied", id });
+    });
+    // ── Schedule API ──
+    /** GET /schedule/next — next pending scheduled task */
+    app.get("/schedule/next", (c) => {
+        const row = db
+            .prepare(`SELECT id, scheduled_for, task_type, task_description
+         FROM agent_schedule
+         WHERE status = 'pending' AND scheduled_for > datetime('now')
+         ORDER BY scheduled_for ASC LIMIT 1`)
+            .get();
+        return c.json({ next: row ?? null });
+    });
+    /** GET /schedule/list — all scheduled tasks (paginated) */
+    app.get("/schedule/list", (c) => {
+        const page = Math.max(1, Number(c.req.query("page") ?? "1"));
+        const limit = Math.min(Number(c.req.query("limit") ?? "20"), 50);
+        const status = c.req.query("status");
+        const type = c.req.query("type");
+        const offset = (page - 1) * limit;
+        let where = "1=1";
+        const params = [];
+        if (status) {
+            where += " AND status = ?";
+            params.push(status);
+        }
+        if (type) {
+            where += " AND task_type = ?";
+            params.push(type);
+        }
+        const total = db
+            .prepare(`SELECT COUNT(*) as count FROM agent_schedule WHERE ${where}`)
+            .get(...params).count;
+        params.push(limit, offset);
+        const schedules = db
+            .prepare(`SELECT id, scheduled_for, task_type, task_description, task_prompt, model, status, task_context, created_at
+         FROM agent_schedule WHERE ${where}
+         ORDER BY scheduled_for DESC LIMIT ? OFFSET ?`)
+            .all(...params);
+        return c.json({
+            schedules,
+            pagination: { page, limit, total, totalPages: Math.ceil(total / limit) },
+        });
+    });
+    // ── Search API ──
+    /** GET /search?q= — full-text search via FTS5 */
+    app.get("/search", (c) => {
+        const q = c.req.query("q");
+        if (!q || q.length < 2)
+            return c.json({ error: "query too short" }, 400);
+        if (q.length > 200)
+            return c.json({ error: "query too long" }, 400);
+        const limit = Math.min(Number(c.req.query("limit") ?? "20"), 50);
+        // Sanitize: wrap each word in double-quotes to disable FTS5 operators (NEAR, NOT, OR, etc.)
+        const safeQuery = q
+            .replace(/[^\w\s\u3000-\u9FFF\uF900-\uFAFF]/g, " ") // strip punctuation except CJK
+            .split(/\s+/)
+            .filter(Boolean)
+            .map((w) => `"${w}"`)
+            .join(" ");
+        if (!safeQuery)
+            return c.json({ actions: [], messages: [] });
+        let actions = [];
+        let messages = [];
+        try {
+            actions = db
+                .prepare(`SELECT a.id, a.action_type, a.started_at,
+                  highlight(fts_actions, 1, '<mark>', '</mark>') as snippet
+           FROM fts_actions JOIN agent_actions a ON a.id = fts_actions.rowid
+           WHERE fts_actions MATCH ? ORDER BY rank LIMIT ?`)
+                .all(safeQuery, limit);
+        }
+        catch {
+            // FTS table may not exist yet
+        }
+        try {
+            messages = db
+                .prepare(`SELECT m.id, m.role, m.timestamp, m.session_id,
+                  highlight(fts_messages, 0, '<mark>', '</mark>') as snippet
+           FROM fts_messages JOIN messages m ON m.id = fts_messages.rowid
+           WHERE fts_messages MATCH ? ORDER BY rank LIMIT ?`)
+                .all(safeQuery, limit);
+        }
+        catch {
+            // FTS table may not exist yet
+        }
+        return c.json({ actions, messages });
+    });
+    // ── Snapshots API ──
+    /** GET /snapshots/content/:id — single snapshot content */
+    app.get("/snapshots/content/:id", (c) => {
+        const id = Number(c.req.param("id"));
+        if (!Number.isSafeInteger(id) || id <= 0) {
+            return c.json({ error: "invalid id" }, 400);
+        }
+        const row = db
+            .prepare("SELECT id, file_path, content, trigger, created_at FROM md_file_snapshots WHERE id = ?")
+            .get(id);
+        if (!row)
+            return c.json({ error: "not_found" }, 404);
+        return c.json(row);
+    });
+    /** GET /snapshots/* — snapshot history for a context file */
+    app.get("/snapshots/*", (c) => {
+        const filePath = c.req.path.replace("/api/snapshots/", "");
+        // Validate: reject path traversal and unsafe characters
+        if (!filePath || /\.\./.test(filePath) || !/^[\w./-]+$/.test(filePath)) {
+            return c.json({ error: "invalid file path" }, 400);
+        }
+        const limit = Math.min(Number(c.req.query("limit") ?? "20"), 50);
+        const rows = db
+            .prepare(`SELECT id, file_path, trigger, session_id, created_at
+         FROM md_file_snapshots WHERE file_path = ?
+         ORDER BY created_at DESC LIMIT ?`)
+            .all(filePath, limit);
+        return c.json({ snapshots: rows });
+    });
+    // ── Notifications API ──
+    /** GET /notifications — notification history (paginated) */
+    app.get("/notifications", (c) => {
+        const page = Math.max(1, Number(c.req.query("page") ?? "1"));
+        const limit = Math.min(Number(c.req.query("limit") ?? "50"), 100);
+        const status = c.req.query("status");
+        const priority = c.req.query("priority");
+        const offset = (page - 1) * limit;
+        let where = "1=1";
+        const params = [];
+        if (status) {
+            where += " AND status = ?";
+            params.push(status);
+        }
+        if (priority) {
+            where += " AND priority = ?";
+            params.push(priority);
+        }
+        const total = db
+            .prepare(`SELECT COUNT(*) as count FROM notification_log WHERE ${where}`)
+            .get(...params).count;
+        params.push(limit, offset);
+        const notifications = db
+            .prepare(`SELECT
+           id,
+           dispatch_id,
+           content_summary AS message,
+           platform,
+           delivery_channel,
+           priority,
+           status,
+           user_reaction,
+           reacted_at,
+           created_at
+         FROM notification_log WHERE ${where}
+         ORDER BY created_at DESC LIMIT ? OFFSET ?`)
+            .all(...params);
+        return c.json({
+            notifications,
+            pagination: { page, limit, total, totalPages: Math.ceil(total / limit) },
+        });
+    });
+    return app;
+}
+//# sourceMappingURL=dashboard.js.map