npm - @aitne/daemon - Versions diffs - 0.1.0 - Mend

@aitne/daemon 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1386) hide show

package/LICENSE +21 -0
package/dist/adapters/composite-dashboard-stream.d.ts +42 -0
package/dist/adapters/composite-dashboard-stream.d.ts.map +1 -0
package/dist/adapters/composite-dashboard-stream.js +49 -0
package/dist/adapters/composite-dashboard-stream.js.map +1 -0
package/dist/adapters/dashboard-adapter.d.ts +104 -0
package/dist/adapters/dashboard-adapter.d.ts.map +1 -0
package/dist/adapters/dashboard-adapter.js +216 -0
package/dist/adapters/dashboard-adapter.js.map +1 -0
package/dist/adapters/discord.d.ts +77 -0
package/dist/adapters/discord.d.ts.map +1 -0
package/dist/adapters/discord.js +339 -0
package/dist/adapters/discord.js.map +1 -0
package/dist/adapters/docs-qa-adapter.d.ts +123 -0
package/dist/adapters/docs-qa-adapter.d.ts.map +1 -0
package/dist/adapters/docs-qa-adapter.js +218 -0
package/dist/adapters/docs-qa-adapter.js.map +1 -0
package/dist/adapters/message-hub.d.ts +70 -0
package/dist/adapters/message-hub.d.ts.map +1 -0
package/dist/adapters/message-hub.js +359 -0
package/dist/adapters/message-hub.js.map +1 -0
package/dist/adapters/notification-manager.d.ts +99 -0
package/dist/adapters/notification-manager.d.ts.map +1 -0
package/dist/adapters/notification-manager.js +498 -0
package/dist/adapters/notification-manager.js.map +1 -0
package/dist/adapters/outbound-text.d.ts +28 -0
package/dist/adapters/outbound-text.d.ts.map +1 -0
package/dist/adapters/outbound-text.js +58 -0
package/dist/adapters/outbound-text.js.map +1 -0
package/dist/adapters/slack-adapter.d.ts +82 -0
package/dist/adapters/slack-adapter.d.ts.map +1 -0
package/dist/adapters/slack-adapter.js +359 -0
package/dist/adapters/slack-adapter.js.map +1 -0
package/dist/adapters/telegram-adapter.d.ts +107 -0
package/dist/adapters/telegram-adapter.d.ts.map +1 -0
package/dist/adapters/telegram-adapter.js +477 -0
package/dist/adapters/telegram-adapter.js.map +1 -0
package/dist/adapters/types.d.ts +92 -0
package/dist/adapters/types.d.ts.map +1 -0
package/dist/adapters/types.js +2 -0
package/dist/adapters/types.js.map +1 -0
package/dist/adapters/whatsapp-adapter.d.ts +213 -0
package/dist/adapters/whatsapp-adapter.d.ts.map +1 -0
package/dist/adapters/whatsapp-adapter.js +1216 -0
package/dist/adapters/whatsapp-adapter.js.map +1 -0
package/dist/api/chat-binding-query.d.ts +36 -0
package/dist/api/chat-binding-query.d.ts.map +1 -0
package/dist/api/chat-binding-query.js +63 -0
package/dist/api/chat-binding-query.js.map +1 -0
package/dist/api/chat-session-resume.d.ts +12 -0
package/dist/api/chat-session-resume.d.ts.map +1 -0
package/dist/api/chat-session-resume.js +21 -0
package/dist/api/chat-session-resume.js.map +1 -0
package/dist/api/delegated-proxy-helper.d.ts +33 -0
package/dist/api/delegated-proxy-helper.d.ts.map +1 -0
package/dist/api/delegated-proxy-helper.js +54 -0
package/dist/api/delegated-proxy-helper.js.map +1 -0
package/dist/api/directory-picker.d.ts +38 -0
package/dist/api/directory-picker.d.ts.map +1 -0
package/dist/api/directory-picker.js +278 -0
package/dist/api/directory-picker.js.map +1 -0
package/dist/api/env-writer.d.ts +25 -0
package/dist/api/env-writer.d.ts.map +1 -0
package/dist/api/env-writer.js +421 -0
package/dist/api/env-writer.js.map +1 -0
package/dist/api/integration-route-gate.d.ts +60 -0
package/dist/api/integration-route-gate.d.ts.map +1 -0
package/dist/api/integration-route-gate.js +83 -0
package/dist/api/integration-route-gate.js.map +1 -0
package/dist/api/json-body.d.ts +29 -0
package/dist/api/json-body.d.ts.map +1 -0
package/dist/api/json-body.js +87 -0
package/dist/api/json-body.js.map +1 -0
package/dist/api/routes/activity-sources.d.ts +20 -0
package/dist/api/routes/activity-sources.d.ts.map +1 -0
package/dist/api/routes/activity-sources.js +18 -0
package/dist/api/routes/activity-sources.js.map +1 -0
package/dist/api/routes/agent.d.ts +4 -0
package/dist/api/routes/agent.d.ts.map +1 -0
package/dist/api/routes/agent.js +619 -0
package/dist/api/routes/agent.js.map +1 -0
package/dist/api/routes/apple-calendar.d.ts +31 -0
package/dist/api/routes/apple-calendar.d.ts.map +1 -0
package/dist/api/routes/apple-calendar.js +310 -0
package/dist/api/routes/apple-calendar.js.map +1 -0
package/dist/api/routes/attachments.d.ts +36 -0
package/dist/api/routes/attachments.d.ts.map +1 -0
package/dist/api/routes/attachments.js +305 -0
package/dist/api/routes/attachments.js.map +1 -0
package/dist/api/routes/backends.d.ts +4 -0
package/dist/api/routes/backends.d.ts.map +1 -0
package/dist/api/routes/backends.js +1132 -0
package/dist/api/routes/backends.js.map +1 -0
package/dist/api/routes/books.d.ts +63 -0
package/dist/api/routes/books.d.ts.map +1 -0
package/dist/api/routes/books.js +467 -0
package/dist/api/routes/books.js.map +1 -0
package/dist/api/routes/calendar.d.ts +36 -0
package/dist/api/routes/calendar.d.ts.map +1 -0
package/dist/api/routes/calendar.js +351 -0
package/dist/api/routes/calendar.js.map +1 -0
package/dist/api/routes/commands.d.ts +4 -0
package/dist/api/routes/commands.d.ts.map +1 -0
package/dist/api/routes/commands.js +251 -0
package/dist/api/routes/commands.js.map +1 -0
package/dist/api/routes/context.d.ts +57 -0
package/dist/api/routes/context.d.ts.map +1 -0
package/dist/api/routes/context.js +1765 -0
package/dist/api/routes/context.js.map +1 -0
package/dist/api/routes/dashboard.d.ts +29 -0
package/dist/api/routes/dashboard.d.ts.map +1 -0
package/dist/api/routes/dashboard.js +2062 -0
package/dist/api/routes/dashboard.js.map +1 -0
package/dist/api/routes/delegated-sync.d.ts +4 -0
package/dist/api/routes/delegated-sync.d.ts.map +1 -0
package/dist/api/routes/delegated-sync.js +192 -0
package/dist/api/routes/delegated-sync.js.map +1 -0
package/dist/api/routes/delegated.d.ts +42 -0
package/dist/api/routes/delegated.d.ts.map +1 -0
package/dist/api/routes/delegated.js +250 -0
package/dist/api/routes/delegated.js.map +1 -0
package/dist/api/routes/docs.d.ts +34 -0
package/dist/api/routes/docs.d.ts.map +1 -0
package/dist/api/routes/docs.js +580 -0
package/dist/api/routes/docs.js.map +1 -0
package/dist/api/routes/entities.d.ts +9 -0
package/dist/api/routes/entities.d.ts.map +1 -0
package/dist/api/routes/entities.js +176 -0
package/dist/api/routes/entities.js.map +1 -0
package/dist/api/routes/git-accounts.d.ts +23 -0
package/dist/api/routes/git-accounts.d.ts.map +1 -0
package/dist/api/routes/git-accounts.js +227 -0
package/dist/api/routes/git-accounts.js.map +1 -0
package/dist/api/routes/git-templates.d.ts +50 -0
package/dist/api/routes/git-templates.d.ts.map +1 -0
package/dist/api/routes/git-templates.js +276 -0
package/dist/api/routes/git-templates.js.map +1 -0
package/dist/api/routes/git.d.ts +34 -0
package/dist/api/routes/git.d.ts.map +1 -0
package/dist/api/routes/git.js +126 -0
package/dist/api/routes/git.js.map +1 -0
package/dist/api/routes/github.d.ts +34 -0
package/dist/api/routes/github.d.ts.map +1 -0
package/dist/api/routes/github.js +465 -0
package/dist/api/routes/github.js.map +1 -0
package/dist/api/routes/health.d.ts +4 -0
package/dist/api/routes/health.d.ts.map +1 -0
package/dist/api/routes/health.js +257 -0
package/dist/api/routes/health.js.map +1 -0
package/dist/api/routes/integrations-reconcile.d.ts +33 -0
package/dist/api/routes/integrations-reconcile.d.ts.map +1 -0
package/dist/api/routes/integrations-reconcile.js +463 -0
package/dist/api/routes/integrations-reconcile.js.map +1 -0
package/dist/api/routes/integrations.d.ts +19 -0
package/dist/api/routes/integrations.d.ts.map +1 -0
package/dist/api/routes/integrations.js +1384 -0
package/dist/api/routes/integrations.js.map +1 -0
package/dist/api/routes/knowledge.d.ts +4 -0
package/dist/api/routes/knowledge.d.ts.map +1 -0
package/dist/api/routes/knowledge.js +224 -0
package/dist/api/routes/knowledge.js.map +1 -0
package/dist/api/routes/mail.d.ts +39 -0
package/dist/api/routes/mail.d.ts.map +1 -0
package/dist/api/routes/mail.js +1406 -0
package/dist/api/routes/mail.js.map +1 -0
package/dist/api/routes/managed-tasks.d.ts +48 -0
package/dist/api/routes/managed-tasks.d.ts.map +1 -0
package/dist/api/routes/managed-tasks.js +844 -0
package/dist/api/routes/managed-tasks.js.map +1 -0
package/dist/api/routes/mcp.d.ts +50 -0
package/dist/api/routes/mcp.d.ts.map +1 -0
package/dist/api/routes/mcp.js +470 -0
package/dist/api/routes/mcp.js.map +1 -0
package/dist/api/routes/metrics.d.ts +13 -0
package/dist/api/routes/metrics.d.ts.map +1 -0
package/dist/api/routes/metrics.js +117 -0
package/dist/api/routes/metrics.js.map +1 -0
package/dist/api/routes/notion.d.ts +35 -0
package/dist/api/routes/notion.d.ts.map +1 -0
package/dist/api/routes/notion.js +442 -0
package/dist/api/routes/notion.js.map +1 -0
package/dist/api/routes/observations.d.ts +4 -0
package/dist/api/routes/observations.d.ts.map +1 -0
package/dist/api/routes/observations.js +177 -0
package/dist/api/routes/observations.js.map +1 -0
package/dist/api/routes/obsidian.d.ts +16 -0
package/dist/api/routes/obsidian.d.ts.map +1 -0
package/dist/api/routes/obsidian.js +321 -0
package/dist/api/routes/obsidian.js.map +1 -0
package/dist/api/routes/profile-questions.d.ts +17 -0
package/dist/api/routes/profile-questions.d.ts.map +1 -0
package/dist/api/routes/profile-questions.js +115 -0
package/dist/api/routes/profile-questions.js.map +1 -0
package/dist/api/routes/receipts.d.ts +4 -0
package/dist/api/routes/receipts.d.ts.map +1 -0
package/dist/api/routes/receipts.js +155 -0
package/dist/api/routes/receipts.js.map +1 -0
package/dist/api/routes/recurring-schedules.d.ts +4 -0
package/dist/api/routes/recurring-schedules.d.ts.map +1 -0
package/dist/api/routes/recurring-schedules.js +137 -0
package/dist/api/routes/recurring-schedules.js.map +1 -0
package/dist/api/routes/repositories.d.ts +40 -0
package/dist/api/routes/repositories.d.ts.map +1 -0
package/dist/api/routes/repositories.js +857 -0
package/dist/api/routes/repositories.js.map +1 -0
package/dist/api/routes/setup-migrate.d.ts +74 -0
package/dist/api/routes/setup-migrate.d.ts.map +1 -0
package/dist/api/routes/setup-migrate.js +944 -0
package/dist/api/routes/setup-migrate.js.map +1 -0
package/dist/api/routes/setup.d.ts +4 -0
package/dist/api/routes/setup.d.ts.map +1 -0
package/dist/api/routes/setup.js +443 -0
package/dist/api/routes/setup.js.map +1 -0
package/dist/api/routes/skill-curation.d.ts +5 -0
package/dist/api/routes/skill-curation.d.ts.map +1 -0
package/dist/api/routes/skill-curation.js +728 -0
package/dist/api/routes/skill-curation.js.map +1 -0
package/dist/api/routes/skills.d.ts +52 -0
package/dist/api/routes/skills.d.ts.map +1 -0
package/dist/api/routes/skills.js +429 -0
package/dist/api/routes/skills.js.map +1 -0
package/dist/api/routes/sot-bindings.d.ts +20 -0
package/dist/api/routes/sot-bindings.d.ts.map +1 -0
package/dist/api/routes/sot-bindings.js +163 -0
package/dist/api/routes/sot-bindings.js.map +1 -0
package/dist/api/routes/sse.d.ts +86 -0
package/dist/api/routes/sse.d.ts.map +1 -0
package/dist/api/routes/sse.js +378 -0
package/dist/api/routes/sse.js.map +1 -0
package/dist/api/routes/system.d.ts +4 -0
package/dist/api/routes/system.d.ts.map +1 -0
package/dist/api/routes/system.js +207 -0
package/dist/api/routes/system.js.map +1 -0
package/dist/api/routes/task-flows.d.ts +30 -0
package/dist/api/routes/task-flows.d.ts.map +1 -0
package/dist/api/routes/task-flows.js +155 -0
package/dist/api/routes/task-flows.js.map +1 -0
package/dist/api/routes/travel-bookings.d.ts +4 -0
package/dist/api/routes/travel-bookings.d.ts.map +1 -0
package/dist/api/routes/travel-bookings.js +142 -0
package/dist/api/routes/travel-bookings.js.map +1 -0
package/dist/api/routes/travel-time.d.ts +8 -0
package/dist/api/routes/travel-time.d.ts.map +1 -0
package/dist/api/routes/travel-time.js +87 -0
package/dist/api/routes/travel-time.js.map +1 -0
package/dist/api/routes/triggers.d.ts +4 -0
package/dist/api/routes/triggers.d.ts.map +1 -0
package/dist/api/routes/triggers.js +101 -0
package/dist/api/routes/triggers.js.map +1 -0
package/dist/api/routes/voice.d.ts +48 -0
package/dist/api/routes/voice.d.ts.map +1 -0
package/dist/api/routes/voice.js +232 -0
package/dist/api/routes/voice.js.map +1 -0
package/dist/api/server.d.ts +428 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +558 -0
package/dist/api/server.js.map +1 -0
package/dist/config.d.ts +136 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +699 -0
package/dist/config.js.map +1 -0
package/dist/core/agent-core.d.ts +517 -0
package/dist/core/agent-core.d.ts.map +1 -0
package/dist/core/agent-core.js +102 -0
package/dist/core/agent-core.js.map +1 -0
package/dist/core/alerts.d.ts +86 -0
package/dist/core/alerts.d.ts.map +1 -0
package/dist/core/alerts.js +304 -0
package/dist/core/alerts.js.map +1 -0
package/dist/core/atomic-write.d.ts +51 -0
package/dist/core/atomic-write.d.ts.map +1 -0
package/dist/core/atomic-write.js +135 -0
package/dist/core/atomic-write.js.map +1 -0
package/dist/core/backends/api-key-probe.d.ts +40 -0
package/dist/core/backends/api-key-probe.d.ts.map +1 -0
package/dist/core/backends/api-key-probe.js +116 -0
package/dist/core/backends/api-key-probe.js.map +1 -0
package/dist/core/backends/auth-health-monitor.d.ts +373 -0
package/dist/core/backends/auth-health-monitor.d.ts.map +1 -0
package/dist/core/backends/auth-health-monitor.js +950 -0
package/dist/core/backends/auth-health-monitor.js.map +1 -0
package/dist/core/backends/auth-recovery.d.ts +263 -0
package/dist/core/backends/auth-recovery.d.ts.map +1 -0
package/dist/core/backends/auth-recovery.js +1086 -0
package/dist/core/backends/auth-recovery.js.map +1 -0
package/dist/core/backends/auth-telemetry.d.ts +81 -0
package/dist/core/backends/auth-telemetry.d.ts.map +1 -0
package/dist/core/backends/auth-telemetry.js +108 -0
package/dist/core/backends/auth-telemetry.js.map +1 -0
package/dist/core/backends/backend-router.d.ts +272 -0
package/dist/core/backends/backend-router.d.ts.map +1 -0
package/dist/core/backends/backend-router.js +759 -0
package/dist/core/backends/backend-router.js.map +1 -0
package/dist/core/backends/claude-code-core.d.ts +299 -0
package/dist/core/backends/claude-code-core.d.ts.map +1 -0
package/dist/core/backends/claude-code-core.js +2541 -0
package/dist/core/backends/claude-code-core.js.map +1 -0
package/dist/core/backends/claude-credentials-store.d.ts +83 -0
package/dist/core/backends/claude-credentials-store.d.ts.map +1 -0
package/dist/core/backends/claude-credentials-store.js +243 -0
package/dist/core/backends/claude-credentials-store.js.map +1 -0
package/dist/core/backends/cli-utils.d.ts +95 -0
package/dist/core/backends/cli-utils.d.ts.map +1 -0
package/dist/core/backends/cli-utils.js +464 -0
package/dist/core/backends/cli-utils.js.map +1 -0
package/dist/core/backends/codex-core.d.ts +127 -0
package/dist/core/backends/codex-core.d.ts.map +1 -0
package/dist/core/backends/codex-core.js +1693 -0
package/dist/core/backends/codex-core.js.map +1 -0
package/dist/core/backends/gemini-cli-core.d.ts +367 -0
package/dist/core/backends/gemini-cli-core.d.ts.map +1 -0
package/dist/core/backends/gemini-cli-core.js +2331 -0
package/dist/core/backends/gemini-cli-core.js.map +1 -0
package/dist/core/backends/idle-watchdog.d.ts +77 -0
package/dist/core/backends/idle-watchdog.d.ts.map +1 -0
package/dist/core/backends/idle-watchdog.js +94 -0
package/dist/core/backends/idle-watchdog.js.map +1 -0
package/dist/core/backends/install-methods.d.ts +93 -0
package/dist/core/backends/install-methods.d.ts.map +1 -0
package/dist/core/backends/install-methods.js +267 -0
package/dist/core/backends/install-methods.js.map +1 -0
package/dist/core/backends/model-registry.d.ts +58 -0
package/dist/core/backends/model-registry.d.ts.map +1 -0
package/dist/core/backends/model-registry.js +539 -0
package/dist/core/backends/model-registry.js.map +1 -0
package/dist/core/backends/plan-presets.d.ts +123 -0
package/dist/core/backends/plan-presets.d.ts.map +1 -0
package/dist/core/backends/plan-presets.js +235 -0
package/dist/core/backends/plan-presets.js.map +1 -0
package/dist/core/backends/price-fetcher.d.ts +48 -0
package/dist/core/backends/price-fetcher.d.ts.map +1 -0
package/dist/core/backends/price-fetcher.js +248 -0
package/dist/core/backends/price-fetcher.js.map +1 -0
package/dist/core/backends/process-config-cascade.d.ts +68 -0
package/dist/core/backends/process-config-cascade.d.ts.map +1 -0
package/dist/core/backends/process-config-cascade.js +173 -0
package/dist/core/backends/process-config-cascade.js.map +1 -0
package/dist/core/backends/prompt-utils.d.ts +6 -0
package/dist/core/backends/prompt-utils.d.ts.map +1 -0
package/dist/core/backends/prompt-utils.js +80 -0
package/dist/core/backends/prompt-utils.js.map +1 -0
package/dist/core/backends/proxy-model-registry.d.ts +110 -0
package/dist/core/backends/proxy-model-registry.d.ts.map +1 -0
package/dist/core/backends/proxy-model-registry.js +195 -0
package/dist/core/backends/proxy-model-registry.js.map +1 -0
package/dist/core/backends/silent-api-error-detector.d.ts +31 -0
package/dist/core/backends/silent-api-error-detector.d.ts.map +1 -0
package/dist/core/backends/silent-api-error-detector.js +44 -0
package/dist/core/backends/silent-api-error-detector.js.map +1 -0
package/dist/core/bang-commands/commands-cost.d.ts +13 -0
package/dist/core/bang-commands/commands-cost.d.ts.map +1 -0
package/dist/core/bang-commands/commands-cost.js +91 -0
package/dist/core/bang-commands/commands-cost.js.map +1 -0
package/dist/core/bang-commands/commands-report.d.ts +18 -0
package/dist/core/bang-commands/commands-report.d.ts.map +1 -0
package/dist/core/bang-commands/commands-report.js +105 -0
package/dist/core/bang-commands/commands-report.js.map +1 -0
package/dist/core/bang-commands/commands-stop-start.d.ts +4 -0
package/dist/core/bang-commands/commands-stop-start.d.ts.map +1 -0
package/dist/core/bang-commands/commands-stop-start.js +88 -0
package/dist/core/bang-commands/commands-stop-start.js.map +1 -0
package/dist/core/bang-commands/format-utils.d.ts +34 -0
package/dist/core/bang-commands/format-utils.d.ts.map +1 -0
package/dist/core/bang-commands/format-utils.js +118 -0
package/dist/core/bang-commands/format-utils.js.map +1 -0
package/dist/core/bang-commands/index.d.ts +20 -0
package/dist/core/bang-commands/index.d.ts.map +1 -0
package/dist/core/bang-commands/index.js +31 -0
package/dist/core/bang-commands/index.js.map +1 -0
package/dist/core/bang-commands/registry.d.ts +72 -0
package/dist/core/bang-commands/registry.d.ts.map +1 -0
package/dist/core/bang-commands/registry.js +174 -0
package/dist/core/bang-commands/registry.js.map +1 -0
package/dist/core/bang-commands/user-commands.d.ts +86 -0
package/dist/core/bang-commands/user-commands.d.ts.map +1 -0
package/dist/core/bang-commands/user-commands.js +212 -0
package/dist/core/bang-commands/user-commands.js.map +1 -0
package/dist/core/channel-timeline.d.ts +28 -0
package/dist/core/channel-timeline.d.ts.map +1 -0
package/dist/core/channel-timeline.js +117 -0
package/dist/core/channel-timeline.js.map +1 -0
package/dist/core/character-block.d.ts +37 -0
package/dist/core/character-block.d.ts.map +1 -0
package/dist/core/character-block.js +162 -0
package/dist/core/character-block.js.map +1 -0
package/dist/core/context/activity-sources.d.ts +37 -0
package/dist/core/context/activity-sources.d.ts.map +1 -0
package/dist/core/context/activity-sources.js +69 -0
package/dist/core/context/activity-sources.js.map +1 -0
package/dist/core/context/activity-view-reconciler.d.ts +110 -0
package/dist/core/context/activity-view-reconciler.d.ts.map +1 -0
package/dist/core/context/activity-view-reconciler.js +252 -0
package/dist/core/context/activity-view-reconciler.js.map +1 -0
package/dist/core/context/activity-view-runner.d.ts +38 -0
package/dist/core/context/activity-view-runner.d.ts.map +1 -0
package/dist/core/context/activity-view-runner.js +402 -0
package/dist/core/context/activity-view-runner.js.map +1 -0
package/dist/core/context/default-schedules-reconciler.d.ts +85 -0
package/dist/core/context/default-schedules-reconciler.d.ts.map +1 -0
package/dist/core/context/default-schedules-reconciler.js +153 -0
package/dist/core/context/default-schedules-reconciler.js.map +1 -0
package/dist/core/context/default-schedules-runner.d.ts +40 -0
package/dist/core/context/default-schedules-runner.d.ts.map +1 -0
package/dist/core/context/default-schedules-runner.js +233 -0
package/dist/core/context/default-schedules-runner.js.map +1 -0
package/dist/core/context/domain-index-reconciler.d.ts +81 -0
package/dist/core/context/domain-index-reconciler.d.ts.map +1 -0
package/dist/core/context/domain-index-reconciler.js +199 -0
package/dist/core/context/domain-index-reconciler.js.map +1 -0
package/dist/core/context/domain-index-runner.d.ts +35 -0
package/dist/core/context/domain-index-runner.d.ts.map +1 -0
package/dist/core/context/domain-index-runner.js +223 -0
package/dist/core/context/domain-index-runner.js.map +1 -0
package/dist/core/context/entity-mirror.d.ts +227 -0
package/dist/core/context/entity-mirror.d.ts.map +1 -0
package/dist/core/context/entity-mirror.js +629 -0
package/dist/core/context/entity-mirror.js.map +1 -0
package/dist/core/context/entity-source-rename.d.ts +61 -0
package/dist/core/context/entity-source-rename.d.ts.map +1 -0
package/dist/core/context/entity-source-rename.js +237 -0
package/dist/core/context/entity-source-rename.js.map +1 -0
package/dist/core/context/index-reconciler.d.ts +61 -0
package/dist/core/context/index-reconciler.d.ts.map +1 -0
package/dist/core/context/index-reconciler.js +329 -0
package/dist/core/context/index-reconciler.js.map +1 -0
package/dist/core/context/policy-index-reconciler.d.ts +102 -0
package/dist/core/context/policy-index-reconciler.d.ts.map +1 -0
package/dist/core/context/policy-index-reconciler.js +202 -0
package/dist/core/context/policy-index-reconciler.js.map +1 -0
package/dist/core/context/policy-index-runner.d.ts +66 -0
package/dist/core/context/policy-index-runner.d.ts.map +1 -0
package/dist/core/context/policy-index-runner.js +406 -0
package/dist/core/context/policy-index-runner.js.map +1 -0
package/dist/core/context/reconciler-runner.d.ts +44 -0
package/dist/core/context/reconciler-runner.d.ts.map +1 -0
package/dist/core/context/reconciler-runner.js +273 -0
package/dist/core/context/reconciler-runner.js.map +1 -0
package/dist/core/context-builder.d.ts +115 -0
package/dist/core/context-builder.d.ts.map +1 -0
package/dist/core/context-builder.js +1148 -0
package/dist/core/context-builder.js.map +1 -0
package/dist/core/context-frontmatter-backfill.d.ts +33 -0
package/dist/core/context-frontmatter-backfill.d.ts.map +1 -0
package/dist/core/context-frontmatter-backfill.js +111 -0
package/dist/core/context-frontmatter-backfill.js.map +1 -0
package/dist/core/context-frontmatter.d.ts +13 -0
package/dist/core/context-frontmatter.d.ts.map +1 -0
package/dist/core/context-frontmatter.js +325 -0
package/dist/core/context-frontmatter.js.map +1 -0
package/dist/core/context-health.d.ts +51 -0
package/dist/core/context-health.d.ts.map +1 -0
package/dist/core/context-health.js +304 -0
package/dist/core/context-health.js.map +1 -0
package/dist/core/context-paths.d.ts +183 -0
package/dist/core/context-paths.d.ts.map +1 -0
package/dist/core/context-paths.js +241 -0
package/dist/core/context-paths.js.map +1 -0
package/dist/core/context-staleness.d.ts +45 -0
package/dist/core/context-staleness.d.ts.map +1 -0
package/dist/core/context-staleness.js +88 -0
package/dist/core/context-staleness.js.map +1 -0
package/dist/core/custom-routine-scheduler.d.ts +151 -0
package/dist/core/custom-routine-scheduler.d.ts.map +1 -0
package/dist/core/custom-routine-scheduler.js +335 -0
package/dist/core/custom-routine-scheduler.js.map +1 -0
package/dist/core/daemon-api-cli.d.ts +33 -0
package/dist/core/daemon-api-cli.d.ts.map +1 -0
package/dist/core/daemon-api-cli.js +614 -0
package/dist/core/daemon-api-cli.js.map +1 -0
package/dist/core/dashboard-session-cleanup.d.ts +39 -0
package/dist/core/dashboard-session-cleanup.d.ts.map +1 -0
package/dist/core/dashboard-session-cleanup.js +108 -0
package/dist/core/dashboard-session-cleanup.js.map +1 -0
package/dist/core/dashboard-session-controls.d.ts +41 -0
package/dist/core/dashboard-session-controls.d.ts.map +1 -0
package/dist/core/dashboard-session-controls.js +154 -0
package/dist/core/dashboard-session-controls.js.map +1 -0
package/dist/core/delegated-connector-health.d.ts +63 -0
package/dist/core/delegated-connector-health.d.ts.map +1 -0
package/dist/core/delegated-connector-health.js +157 -0
package/dist/core/delegated-connector-health.js.map +1 -0
package/dist/core/dispatcher.d.ts +999 -0
package/dist/core/dispatcher.d.ts.map +1 -0
package/dist/core/dispatcher.js +4378 -0
package/dist/core/dispatcher.js.map +1 -0
package/dist/core/dm-freshness-metrics.d.ts +73 -0
package/dist/core/dm-freshness-metrics.d.ts.map +1 -0
package/dist/core/dm-freshness-metrics.js +138 -0
package/dist/core/dm-freshness-metrics.js.map +1 -0
package/dist/core/docs/citation-validator.d.ts +73 -0
package/dist/core/docs/citation-validator.d.ts.map +1 -0
package/dist/core/docs/citation-validator.js +195 -0
package/dist/core/docs/citation-validator.js.map +1 -0
package/dist/core/docs/extract-terms.d.ts +78 -0
package/dist/core/docs/extract-terms.d.ts.map +1 -0
package/dist/core/docs/extract-terms.js +147 -0
package/dist/core/docs/extract-terms.js.map +1 -0
package/dist/core/docs/indexer.d.ts +104 -0
package/dist/core/docs/indexer.d.ts.map +1 -0
package/dist/core/docs/indexer.js +340 -0
package/dist/core/docs/indexer.js.map +1 -0
package/dist/core/drift-effects.d.ts +30 -0
package/dist/core/drift-effects.d.ts.map +1 -0
package/dist/core/drift-effects.js +384 -0
package/dist/core/drift-effects.js.map +1 -0
package/dist/core/event-bus.d.ts +56 -0
package/dist/core/event-bus.d.ts.map +1 -0
package/dist/core/event-bus.js +135 -0
package/dist/core/event-bus.js.map +1 -0
package/dist/core/git-project-docs.d.ts +77 -0
package/dist/core/git-project-docs.d.ts.map +1 -0
package/dist/core/git-project-docs.js +439 -0
package/dist/core/git-project-docs.js.map +1 -0
package/dist/core/health-monitor.d.ts +57 -0
package/dist/core/health-monitor.d.ts.map +1 -0
package/dist/core/health-monitor.js +137 -0
package/dist/core/health-monitor.js.map +1 -0
package/dist/core/heartbeat.d.ts +26 -0
package/dist/core/heartbeat.d.ts.map +1 -0
package/dist/core/heartbeat.js +48 -0
package/dist/core/heartbeat.js.map +1 -0
package/dist/core/integration-health.d.ts +49 -0
package/dist/core/integration-health.d.ts.map +1 -0
package/dist/core/integration-health.js +89 -0
package/dist/core/integration-health.js.map +1 -0
package/dist/core/integration-lifecycle.d.ts +79 -0
package/dist/core/integration-lifecycle.d.ts.map +1 -0
package/dist/core/integration-lifecycle.js +153 -0
package/dist/core/integration-lifecycle.js.map +1 -0
package/dist/core/integration-main-backend.d.ts +36 -0
package/dist/core/integration-main-backend.d.ts.map +1 -0
package/dist/core/integration-main-backend.js +59 -0
package/dist/core/integration-main-backend.js.map +1 -0
package/dist/core/integration-probe.d.ts +98 -0
package/dist/core/integration-probe.d.ts.map +1 -0
package/dist/core/integration-probe.js +152 -0
package/dist/core/integration-probe.js.map +1 -0
package/dist/core/management-md-write-lock.d.ts +68 -0
package/dist/core/management-md-write-lock.d.ts.map +1 -0
package/dist/core/management-md-write-lock.js +93 -0
package/dist/core/management-md-write-lock.js.map +1 -0
package/dist/core/management-md.d.ts +186 -0
package/dist/core/management-md.d.ts.map +1 -0
package/dist/core/management-md.js +652 -0
package/dist/core/management-md.js.map +1 -0
package/dist/core/management-registry.d.ts +245 -0
package/dist/core/management-registry.d.ts.map +1 -0
package/dist/core/management-registry.js +906 -0
package/dist/core/management-registry.js.map +1 -0
package/dist/core/management-telemetry.d.ts +100 -0
package/dist/core/management-telemetry.d.ts.map +1 -0
package/dist/core/management-telemetry.js +156 -0
package/dist/core/management-telemetry.js.map +1 -0
package/dist/core/message-recorder.d.ts +38 -0
package/dist/core/message-recorder.d.ts.map +1 -0
package/dist/core/message-recorder.js +88 -0
package/dist/core/message-recorder.js.map +1 -0
package/dist/core/metrics.d.ts +338 -0
package/dist/core/metrics.d.ts.map +1 -0
package/dist/core/metrics.js +747 -0
package/dist/core/metrics.js.map +1 -0
package/dist/core/migration-backup.d.ts +218 -0
package/dist/core/migration-backup.d.ts.map +1 -0
package/dist/core/migration-backup.js +934 -0
package/dist/core/migration-backup.js.map +1 -0
package/dist/core/overview-write-lock.d.ts +48 -0
package/dist/core/overview-write-lock.d.ts.map +1 -0
package/dist/core/overview-write-lock.js +56 -0
package/dist/core/overview-write-lock.js.map +1 -0
package/dist/core/path-compat.d.ts +22 -0
package/dist/core/path-compat.d.ts.map +1 -0
package/dist/core/path-compat.js +67 -0
package/dist/core/path-compat.js.map +1 -0
package/dist/core/path-rewrite.d.ts +58 -0
package/dist/core/path-rewrite.d.ts.map +1 -0
package/dist/core/path-rewrite.js +141 -0
package/dist/core/path-rewrite.js.map +1 -0
package/dist/core/policy-files.d.ts +108 -0
package/dist/core/policy-files.d.ts.map +1 -0
package/dist/core/policy-files.js +198 -0
package/dist/core/policy-files.js.map +1 -0
package/dist/core/profile-questions/seed.d.ts +44 -0
package/dist/core/profile-questions/seed.d.ts.map +1 -0
package/dist/core/profile-questions/seed.js +173 -0
package/dist/core/profile-questions/seed.js.map +1 -0
package/dist/core/profile-questions/slot-filled.d.ts +51 -0
package/dist/core/profile-questions/slot-filled.d.ts.map +1 -0
package/dist/core/profile-questions/slot-filled.js +118 -0
package/dist/core/profile-questions/slot-filled.js.map +1 -0
package/dist/core/prompts.d.ts +111 -0
package/dist/core/prompts.d.ts.map +1 -0
package/dist/core/prompts.js +267 -0
package/dist/core/prompts.js.map +1 -0
package/dist/core/quiet-hours-sync.d.ts +15 -0
package/dist/core/quiet-hours-sync.d.ts.map +1 -0
package/dist/core/quiet-hours-sync.js +51 -0
package/dist/core/quiet-hours-sync.js.map +1 -0
package/dist/core/read-sensitive-token-manager.d.ts +19 -0
package/dist/core/read-sensitive-token-manager.d.ts.map +1 -0
package/dist/core/read-sensitive-token-manager.js +29 -0
package/dist/core/read-sensitive-token-manager.js.map +1 -0
package/dist/core/recurrence.d.ts +24 -0
package/dist/core/recurrence.d.ts.map +1 -0
package/dist/core/recurrence.js +162 -0
package/dist/core/recurrence.js.map +1 -0
package/dist/core/reinstall.d.ts +107 -0
package/dist/core/reinstall.d.ts.map +1 -0
package/dist/core/reinstall.js +163 -0
package/dist/core/reinstall.js.map +1 -0
package/dist/core/release-assets.d.ts +106 -0
package/dist/core/release-assets.d.ts.map +1 -0
package/dist/core/release-assets.js +434 -0
package/dist/core/release-assets.js.map +1 -0
package/dist/core/repository-management-docs.d.ts +216 -0
package/dist/core/repository-management-docs.d.ts.map +1 -0
package/dist/core/repository-management-docs.js +855 -0
package/dist/core/repository-management-docs.js.map +1 -0
package/dist/core/retention.d.ts +164 -0
package/dist/core/retention.d.ts.map +1 -0
package/dist/core/retention.js +1008 -0
package/dist/core/retention.js.map +1 -0
package/dist/core/review-context.d.ts +48 -0
package/dist/core/review-context.d.ts.map +1 -0
package/dist/core/review-context.js +282 -0
package/dist/core/review-context.js.map +1 -0
package/dist/core/roadmap-horizon.d.ts +48 -0
package/dist/core/roadmap-horizon.d.ts.map +1 -0
package/dist/core/roadmap-horizon.js +213 -0
package/dist/core/roadmap-horizon.js.map +1 -0
package/dist/core/roadmap-ids.d.ts +57 -0
package/dist/core/roadmap-ids.d.ts.map +1 -0
package/dist/core/roadmap-ids.js +118 -0
package/dist/core/roadmap-ids.js.map +1 -0
package/dist/core/roadmap-merge.d.ts +7 -0
package/dist/core/roadmap-merge.d.ts.map +1 -0
package/dist/core/roadmap-merge.js +187 -0
package/dist/core/roadmap-merge.js.map +1 -0
package/dist/core/roadmap-refresh-triggers.d.ts +32 -0
package/dist/core/roadmap-refresh-triggers.d.ts.map +1 -0
package/dist/core/roadmap-refresh-triggers.js +51 -0
package/dist/core/roadmap-refresh-triggers.js.map +1 -0
package/dist/core/roadmap-truncate.d.ts +49 -0
package/dist/core/roadmap-truncate.d.ts.map +1 -0
package/dist/core/roadmap-truncate.js +152 -0
package/dist/core/roadmap-truncate.js.map +1 -0
package/dist/core/roadmap-validate.d.ts +31 -0
package/dist/core/roadmap-validate.d.ts.map +1 -0
package/dist/core/roadmap-validate.js +403 -0
package/dist/core/roadmap-validate.js.map +1 -0
package/dist/core/roadmap-write-lock.d.ts +53 -0
package/dist/core/roadmap-write-lock.d.ts.map +1 -0
package/dist/core/roadmap-write-lock.js +59 -0
package/dist/core/roadmap-write-lock.js.map +1 -0
package/dist/core/schedule-insert-helper.d.ts +46 -0
package/dist/core/schedule-insert-helper.d.ts.map +1 -0
package/dist/core/schedule-insert-helper.js +52 -0
package/dist/core/schedule-insert-helper.js.map +1 -0
package/dist/core/schedule-maintenance.d.ts +22 -0
package/dist/core/schedule-maintenance.d.ts.map +1 -0
package/dist/core/schedule-maintenance.js +57 -0
package/dist/core/schedule-maintenance.js.map +1 -0
package/dist/core/scheduler.d.ts +208 -0
package/dist/core/scheduler.d.ts.map +1 -0
package/dist/core/scheduler.js +896 -0
package/dist/core/scheduler.js.map +1 -0
package/dist/core/semaphore.d.ts +13 -0
package/dist/core/semaphore.d.ts.map +1 -0
package/dist/core/semaphore.js +31 -0
package/dist/core/semaphore.js.map +1 -0
package/dist/core/session-gate.d.ts +37 -0
package/dist/core/session-gate.d.ts.map +1 -0
package/dist/core/session-gate.js +69 -0
package/dist/core/session-gate.js.map +1 -0
package/dist/core/session-manager.d.ts +252 -0
package/dist/core/session-manager.d.ts.map +1 -0
package/dist/core/session-manager.js +716 -0
package/dist/core/session-manager.js.map +1 -0
package/dist/core/signal-detector.d.ts +97 -0
package/dist/core/signal-detector.d.ts.map +1 -0
package/dist/core/signal-detector.js +215 -0
package/dist/core/signal-detector.js.map +1 -0
package/dist/core/skeleton.d.ts +83 -0
package/dist/core/skeleton.d.ts.map +1 -0
package/dist/core/skeleton.js +255 -0
package/dist/core/skeleton.js.map +1 -0
package/dist/core/skill-curation/apply-proposal.d.ts +71 -0
package/dist/core/skill-curation/apply-proposal.d.ts.map +1 -0
package/dist/core/skill-curation/apply-proposal.js +175 -0
package/dist/core/skill-curation/apply-proposal.js.map +1 -0
package/dist/core/skill-curation/auto-revert.d.ts +43 -0
package/dist/core/skill-curation/auto-revert.d.ts.map +1 -0
package/dist/core/skill-curation/auto-revert.js +155 -0
package/dist/core/skill-curation/auto-revert.js.map +1 -0
package/dist/core/skill-curation/classify-diff.d.ts +27 -0
package/dist/core/skill-curation/classify-diff.d.ts.map +1 -0
package/dist/core/skill-curation/classify-diff.js +0 -0
package/dist/core/skill-curation/classify-diff.js.map +1 -0
package/dist/core/skill-curation/declarations.d.ts +32 -0
package/dist/core/skill-curation/declarations.d.ts.map +1 -0
package/dist/core/skill-curation/declarations.js +171 -0
package/dist/core/skill-curation/declarations.js.map +1 -0
package/dist/core/skill-curation/knowledge-map.d.ts +26 -0
package/dist/core/skill-curation/knowledge-map.d.ts.map +1 -0
package/dist/core/skill-curation/knowledge-map.js +154 -0
package/dist/core/skill-curation/knowledge-map.js.map +1 -0
package/dist/core/skill-curation/orphan-overlay.d.ts +35 -0
package/dist/core/skill-curation/orphan-overlay.d.ts.map +1 -0
package/dist/core/skill-curation/orphan-overlay.js +167 -0
package/dist/core/skill-curation/orphan-overlay.js.map +1 -0
package/dist/core/skill-curation/overlay-store.d.ts +41 -0
package/dist/core/skill-curation/overlay-store.d.ts.map +1 -0
package/dist/core/skill-curation/overlay-store.js +143 -0
package/dist/core/skill-curation/overlay-store.js.map +1 -0
package/dist/core/skill-curation/render/convention-notes.d.ts +4 -0
package/dist/core/skill-curation/render/convention-notes.d.ts.map +1 -0
package/dist/core/skill-curation/render/convention-notes.js +13 -0
package/dist/core/skill-curation/render/convention-notes.js.map +1 -0
package/dist/core/skill-curation/render/cross-references.d.ts +4 -0
package/dist/core/skill-curation/render/cross-references.d.ts.map +1 -0
package/dist/core/skill-curation/render/cross-references.js +10 -0
package/dist/core/skill-curation/render/cross-references.js.map +1 -0
package/dist/core/skill-curation/render/frontmatter-schema.d.ts +4 -0
package/dist/core/skill-curation/render/frontmatter-schema.d.ts.map +1 -0
package/dist/core/skill-curation/render/frontmatter-schema.js +25 -0
package/dist/core/skill-curation/render/frontmatter-schema.js.map +1 -0
package/dist/core/skill-curation/render/index.d.ts +5 -0
package/dist/core/skill-curation/render/index.d.ts.map +1 -0
package/dist/core/skill-curation/render/index.js +42 -0
package/dist/core/skill-curation/render/index.js.map +1 -0
package/dist/core/skill-curation/render/knowledge-layout.d.ts +4 -0
package/dist/core/skill-curation/render/knowledge-layout.d.ts.map +1 -0
package/dist/core/skill-curation/render/knowledge-layout.js +36 -0
package/dist/core/skill-curation/render/knowledge-layout.js.map +1 -0
package/dist/core/skill-curation/render/routing-table.d.ts +4 -0
package/dist/core/skill-curation/render/routing-table.d.ts.map +1 -0
package/dist/core/skill-curation/render/routing-table.js +37 -0
package/dist/core/skill-curation/render/routing-table.js.map +1 -0
package/dist/core/skill-curation/render/search-recipes.d.ts +4 -0
package/dist/core/skill-curation/render/search-recipes.d.ts.map +1 -0
package/dist/core/skill-curation/render/search-recipes.js +39 -0
package/dist/core/skill-curation/render/search-recipes.js.map +1 -0
package/dist/core/skill-curation/run-token.d.ts +27 -0
package/dist/core/skill-curation/run-token.d.ts.map +1 -0
package/dist/core/skill-curation/run-token.js +81 -0
package/dist/core/skill-curation/run-token.js.map +1 -0
package/dist/core/skill-curation/signals.d.ts +49 -0
package/dist/core/skill-curation/signals.d.ts.map +1 -0
package/dist/core/skill-curation/signals.js +149 -0
package/dist/core/skill-curation/signals.js.map +1 -0
package/dist/core/skill-curation/smoke-test.d.ts +39 -0
package/dist/core/skill-curation/smoke-test.d.ts.map +1 -0
package/dist/core/skill-curation/smoke-test.js +313 -0
package/dist/core/skill-curation/smoke-test.js.map +1 -0
package/dist/core/skill-curation/splicer.d.ts +16 -0
package/dist/core/skill-curation/splicer.d.ts.map +1 -0
package/dist/core/skill-curation/splicer.js +78 -0
package/dist/core/skill-curation/splicer.js.map +1 -0
package/dist/core/skill-curation/workdir.d.ts +40 -0
package/dist/core/skill-curation/workdir.d.ts.map +1 -0
package/dist/core/skill-curation/workdir.js +242 -0
package/dist/core/skill-curation/workdir.js.map +1 -0
package/dist/core/skills-compiler.d.ts +391 -0
package/dist/core/skills-compiler.d.ts.map +1 -0
package/dist/core/skills-compiler.js +1271 -0
package/dist/core/skills-compiler.js.map +1 -0
package/dist/core/skills-manifest.d.ts +8 -0
package/dist/core/skills-manifest.d.ts.map +1 -0
package/dist/core/skills-manifest.js +408 -0
package/dist/core/skills-manifest.js.map +1 -0
package/dist/core/system-reset.d.ts +268 -0
package/dist/core/system-reset.d.ts.map +1 -0
package/dist/core/system-reset.js +816 -0
package/dist/core/system-reset.js.map +1 -0
package/dist/core/template-store.d.ts +170 -0
package/dist/core/template-store.d.ts.map +1 -0
package/dist/core/template-store.js +388 -0
package/dist/core/template-store.js.map +1 -0
package/dist/core/template-versions.d.ts +95 -0
package/dist/core/template-versions.d.ts.map +1 -0
package/dist/core/template-versions.js +175 -0
package/dist/core/template-versions.js.map +1 -0
package/dist/core/today-agent-plan.d.ts +33 -0
package/dist/core/today-agent-plan.d.ts.map +1 -0
package/dist/core/today-agent-plan.js +120 -0
package/dist/core/today-agent-plan.js.map +1 -0
package/dist/core/today-direct-writer.d.ts +62 -0
package/dist/core/today-direct-writer.d.ts.map +1 -0
package/dist/core/today-direct-writer.js +132 -0
package/dist/core/today-direct-writer.js.map +1 -0
package/dist/core/today-write-lock.d.ts +89 -0
package/dist/core/today-write-lock.d.ts.map +1 -0
package/dist/core/today-write-lock.js +154 -0
package/dist/core/today-write-lock.js.map +1 -0
package/dist/core/trigger-dispatch.d.ts +31 -0
package/dist/core/trigger-dispatch.d.ts.map +1 -0
package/dist/core/trigger-dispatch.js +100 -0
package/dist/core/trigger-dispatch.js.map +1 -0
package/dist/core/trigger-evaluator.d.ts +59 -0
package/dist/core/trigger-evaluator.d.ts.map +1 -0
package/dist/core/trigger-evaluator.js +243 -0
package/dist/core/trigger-evaluator.js.map +1 -0
package/dist/core/workdir.d.ts +241 -0
package/dist/core/workdir.d.ts.map +1 -0
package/dist/core/workdir.js +565 -0
package/dist/core/workdir.js.map +1 -0
package/dist/db/automation-triggers.d.ts +90 -0
package/dist/db/automation-triggers.d.ts.map +1 -0
package/dist/db/automation-triggers.js +199 -0
package/dist/db/automation-triggers.js.map +1 -0
package/dist/db/client.d.ts +6 -0
package/dist/db/client.d.ts.map +1 -0
package/dist/db/client.js +47 -0
package/dist/db/client.js.map +1 -0
package/dist/db/entities-store.d.ts +92 -0
package/dist/db/entities-store.d.ts.map +1 -0
package/dist/db/entities-store.js +180 -0
package/dist/db/entities-store.js.map +1 -0
package/dist/db/hourly-check-signals.d.ts +78 -0
package/dist/db/hourly-check-signals.d.ts.map +1 -0
package/dist/db/hourly-check-signals.js +289 -0
package/dist/db/hourly-check-signals.js.map +1 -0
package/dist/db/integration-probe-store.d.ts +27 -0
package/dist/db/integration-probe-store.d.ts.map +1 -0
package/dist/db/integration-probe-store.js +75 -0
package/dist/db/integration-probe-store.js.map +1 -0
package/dist/db/integrations-store.d.ts +19 -0
package/dist/db/integrations-store.d.ts.map +1 -0
package/dist/db/integrations-store.js +85 -0
package/dist/db/integrations-store.js.map +1 -0
package/dist/db/managed-tasks-store.d.ts +130 -0
package/dist/db/managed-tasks-store.d.ts.map +1 -0
package/dist/db/managed-tasks-store.js +238 -0
package/dist/db/managed-tasks-store.js.map +1 -0
package/dist/db/management-parse-failures-store.d.ts +45 -0
package/dist/db/management-parse-failures-store.d.ts.map +1 -0
package/dist/db/management-parse-failures-store.js +36 -0
package/dist/db/management-parse-failures-store.js.map +1 -0
package/dist/db/observations.d.ts +145 -0
package/dist/db/observations.d.ts.map +1 -0
package/dist/db/observations.js +287 -0
package/dist/db/observations.js.map +1 -0
package/dist/db/recurring-schedules.d.ts +70 -0
package/dist/db/recurring-schedules.d.ts.map +1 -0
package/dist/db/recurring-schedules.js +213 -0
package/dist/db/recurring-schedules.js.map +1 -0
package/dist/db/repositories-store.d.ts +296 -0
package/dist/db/repositories-store.d.ts.map +1 -0
package/dist/db/repositories-store.js +754 -0
package/dist/db/repositories-store.js.map +1 -0
package/dist/db/runtime-state.d.ts +61 -0
package/dist/db/runtime-state.d.ts.map +1 -0
package/dist/db/runtime-state.js +104 -0
package/dist/db/runtime-state.js.map +1 -0
package/dist/db/schema.d.ts +4 -0
package/dist/db/schema.d.ts.map +1 -0
package/dist/db/schema.js +1338 -0
package/dist/db/schema.js.map +1 -0
package/dist/db/sot-bindings-store.d.ts +41 -0
package/dist/db/sot-bindings-store.d.ts.map +1 -0
package/dist/db/sot-bindings-store.js +64 -0
package/dist/db/sot-bindings-store.js.map +1 -0
package/dist/db/test-schemas.d.ts +23 -0
package/dist/db/test-schemas.d.ts.map +1 -0
package/dist/db/test-schemas.js +111 -0
package/dist/db/test-schemas.js.map +1 -0
package/dist/db/voice-transcripts-store.d.ts +28 -0
package/dist/db/voice-transcripts-store.d.ts.map +1 -0
package/dist/db/voice-transcripts-store.js +43 -0
package/dist/db/voice-transcripts-store.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2913 -0
package/dist/index.js.map +1 -0
package/dist/init.d.ts +7 -0
package/dist/init.d.ts.map +1 -0
package/dist/init.js +32 -0
package/dist/init.js.map +1 -0
package/dist/log-buffer.d.ts +71 -0
package/dist/log-buffer.d.ts.map +1 -0
package/dist/log-buffer.js +201 -0
package/dist/log-buffer.js.map +1 -0
package/dist/logging.d.ts +5 -0
package/dist/logging.d.ts.map +1 -0
package/dist/logging.js +130 -0
package/dist/logging.js.map +1 -0
package/dist/management-rules.d.ts +2 -0
package/dist/management-rules.d.ts.map +1 -0
package/dist/management-rules.js +62 -0
package/dist/management-rules.js.map +1 -0
package/dist/messaging/constants.d.ts +33 -0
package/dist/messaging/constants.d.ts.map +1 -0
package/dist/messaging/constants.js +52 -0
package/dist/messaging/constants.js.map +1 -0
package/dist/messaging/magic-phrase.d.ts +16 -0
package/dist/messaging/magic-phrase.d.ts.map +1 -0
package/dist/messaging/magic-phrase.js +103 -0
package/dist/messaging/magic-phrase.js.map +1 -0
package/dist/messaging/owner-channels.d.ts +20 -0
package/dist/messaging/owner-channels.d.ts.map +1 -0
package/dist/messaging/owner-channels.js +41 -0
package/dist/messaging/owner-channels.js.map +1 -0
package/dist/observers/calendar-poller.d.ts +51 -0
package/dist/observers/calendar-poller.d.ts.map +1 -0
package/dist/observers/calendar-poller.js +128 -0
package/dist/observers/calendar-poller.js.map +1 -0
package/dist/observers/context-index-reconciler-observer.d.ts +72 -0
package/dist/observers/context-index-reconciler-observer.d.ts.map +1 -0
package/dist/observers/context-index-reconciler-observer.js +253 -0
package/dist/observers/context-index-reconciler-observer.js.map +1 -0
package/dist/observers/delegated-probe-observer.d.ts +83 -0
package/dist/observers/delegated-probe-observer.d.ts.map +1 -0
package/dist/observers/delegated-probe-observer.js +237 -0
package/dist/observers/delegated-probe-observer.js.map +1 -0
package/dist/observers/delegated-sync-worker.d.ts +375 -0
package/dist/observers/delegated-sync-worker.d.ts.map +1 -0
package/dist/observers/delegated-sync-worker.js +1087 -0
package/dist/observers/delegated-sync-worker.js.map +1 -0
package/dist/observers/entity-mirror-observer.d.ts +55 -0
package/dist/observers/entity-mirror-observer.d.ts.map +1 -0
package/dist/observers/entity-mirror-observer.js +73 -0
package/dist/observers/entity-mirror-observer.js.map +1 -0
package/dist/observers/git-delegated-cron.d.ts +41 -0
package/dist/observers/git-delegated-cron.d.ts.map +1 -0
package/dist/observers/git-delegated-cron.js +159 -0
package/dist/observers/git-delegated-cron.js.map +1 -0
package/dist/observers/git-event-classifier.d.ts +52 -0
package/dist/observers/git-event-classifier.d.ts.map +1 -0
package/dist/observers/git-event-classifier.js +70 -0
package/dist/observers/git-event-classifier.js.map +1 -0
package/dist/observers/git-watcher.d.ts +162 -0
package/dist/observers/git-watcher.d.ts.map +1 -0
package/dist/observers/git-watcher.js +768 -0
package/dist/observers/git-watcher.js.map +1 -0
package/dist/observers/github-poller-classifier.d.ts +101 -0
package/dist/observers/github-poller-classifier.d.ts.map +1 -0
package/dist/observers/github-poller-classifier.js +199 -0
package/dist/observers/github-poller-classifier.js.map +1 -0
package/dist/observers/github-poller.d.ts +291 -0
package/dist/observers/github-poller.d.ts.map +1 -0
package/dist/observers/github-poller.js +609 -0
package/dist/observers/github-poller.js.map +1 -0
package/dist/observers/imminent-event-scheduler.d.ts +34 -0
package/dist/observers/imminent-event-scheduler.d.ts.map +1 -0
package/dist/observers/imminent-event-scheduler.js +125 -0
package/dist/observers/imminent-event-scheduler.js.map +1 -0
package/dist/observers/mail-poller.d.ts +133 -0
package/dist/observers/mail-poller.d.ts.map +1 -0
package/dist/observers/mail-poller.js +563 -0
package/dist/observers/mail-poller.js.map +1 -0
package/dist/observers/mail-reconciliation.d.ts +87 -0
package/dist/observers/mail-reconciliation.d.ts.map +1 -0
package/dist/observers/mail-reconciliation.js +241 -0
package/dist/observers/mail-reconciliation.js.map +1 -0
package/dist/observers/manager.d.ts +67 -0
package/dist/observers/manager.d.ts.map +1 -0
package/dist/observers/manager.js +136 -0
package/dist/observers/manager.js.map +1 -0
package/dist/observers/notion-poller.d.ts +43 -0
package/dist/observers/notion-poller.d.ts.map +1 -0
package/dist/observers/notion-poller.js +184 -0
package/dist/observers/notion-poller.js.map +1 -0
package/dist/observers/observation-summarizer/index.d.ts +13 -0
package/dist/observers/observation-summarizer/index.d.ts.map +1 -0
package/dist/observers/observation-summarizer/index.js +13 -0
package/dist/observers/observation-summarizer/index.js.map +1 -0
package/dist/observers/observation-summarizer/pre-filter.d.ts +62 -0
package/dist/observers/observation-summarizer/pre-filter.d.ts.map +1 -0
package/dist/observers/observation-summarizer/pre-filter.js +189 -0
package/dist/observers/observation-summarizer/pre-filter.js.map +1 -0
package/dist/observers/observation-summarizer/response-parser.d.ts +30 -0
package/dist/observers/observation-summarizer/response-parser.d.ts.map +1 -0
package/dist/observers/observation-summarizer/response-parser.js +106 -0
package/dist/observers/observation-summarizer/response-parser.js.map +1 -0
package/dist/observers/observation-summarizer/summarizer-client.d.ts +83 -0
package/dist/observers/observation-summarizer/summarizer-client.d.ts.map +1 -0
package/dist/observers/observation-summarizer/summarizer-client.js +185 -0
package/dist/observers/observation-summarizer/summarizer-client.js.map +1 -0
package/dist/observers/observation-summarizer/summarizer-prompts.d.ts +51 -0
package/dist/observers/observation-summarizer/summarizer-prompts.d.ts.map +1 -0
package/dist/observers/observation-summarizer/summarizer-prompts.js +286 -0
package/dist/observers/observation-summarizer/summarizer-prompts.js.map +1 -0
package/dist/observers/observation-summarizer/worker.d.ts +106 -0
package/dist/observers/observation-summarizer/worker.d.ts.map +1 -0
package/dist/observers/observation-summarizer/worker.js +311 -0
package/dist/observers/observation-summarizer/worker.js.map +1 -0
package/dist/observers/obsidian-watcher.d.ts +90 -0
package/dist/observers/obsidian-watcher.d.ts.map +1 -0
package/dist/observers/obsidian-watcher.js +166 -0
package/dist/observers/obsidian-watcher.js.map +1 -0
package/dist/observers/primary-vault-watcher.d.ts +73 -0
package/dist/observers/primary-vault-watcher.d.ts.map +1 -0
package/dist/observers/primary-vault-watcher.js +115 -0
package/dist/observers/primary-vault-watcher.js.map +1 -0
package/dist/observers/repository-management-cron.d.ts +70 -0
package/dist/observers/repository-management-cron.d.ts.map +1 -0
package/dist/observers/repository-management-cron.js +166 -0
package/dist/observers/repository-management-cron.js.map +1 -0
package/dist/observers/skill-curation-walker.d.ts +33 -0
package/dist/observers/skill-curation-walker.d.ts.map +1 -0
package/dist/observers/skill-curation-walker.js +216 -0
package/dist/observers/skill-curation-walker.js.map +1 -0
package/dist/safety/absolute-block-audit.d.ts +22 -0
package/dist/safety/absolute-block-audit.d.ts.map +1 -0
package/dist/safety/absolute-block-audit.js +32 -0
package/dist/safety/absolute-block-audit.js.map +1 -0
package/dist/safety/agent-write-tracker.d.ts +42 -0
package/dist/safety/agent-write-tracker.d.ts.map +1 -0
package/dist/safety/agent-write-tracker.js +82 -0
package/dist/safety/agent-write-tracker.js.map +1 -0
package/dist/safety/always-disallowed.d.ts +66 -0
package/dist/safety/always-disallowed.d.ts.map +1 -0
package/dist/safety/always-disallowed.js +347 -0
package/dist/safety/always-disallowed.js.map +1 -0
package/dist/safety/audit.d.ts +118 -0
package/dist/safety/audit.d.ts.map +1 -0
package/dist/safety/audit.js +324 -0
package/dist/safety/audit.js.map +1 -0
package/dist/safety/integration-write-tracker.d.ts +58 -0
package/dist/safety/integration-write-tracker.d.ts.map +1 -0
package/dist/safety/integration-write-tracker.js +41 -0
package/dist/safety/integration-write-tracker.js.map +1 -0
package/dist/safety/risk-classifier.d.ts +65 -0
package/dist/safety/risk-classifier.d.ts.map +1 -0
package/dist/safety/risk-classifier.js +763 -0
package/dist/safety/risk-classifier.js.map +1 -0
package/dist/scheduler/hourly-check-gate.d.ts +73 -0
package/dist/scheduler/hourly-check-gate.d.ts.map +1 -0
package/dist/scheduler/hourly-check-gate.js +128 -0
package/dist/scheduler/hourly-check-gate.js.map +1 -0
package/dist/secrets/backend-api-key-env.d.ts +104 -0
package/dist/secrets/backend-api-key-env.d.ts.map +1 -0
package/dist/secrets/backend-api-key-env.js +197 -0
package/dist/secrets/backend-api-key-env.js.map +1 -0
package/dist/secrets/codex-home-materializer.d.ts +35 -0
package/dist/secrets/codex-home-materializer.d.ts.map +1 -0
package/dist/secrets/codex-home-materializer.js +76 -0
package/dist/secrets/codex-home-materializer.js.map +1 -0
package/dist/secrets/encrypted-blob-store.d.ts +20 -0
package/dist/secrets/encrypted-blob-store.d.ts.map +1 -0
package/dist/secrets/encrypted-blob-store.js +80 -0
package/dist/secrets/encrypted-blob-store.js.map +1 -0
package/dist/secrets/platform-secret-store.d.ts +17 -0
package/dist/secrets/platform-secret-store.d.ts.map +1 -0
package/dist/secrets/platform-secret-store.js +37 -0
package/dist/secrets/platform-secret-store.js.map +1 -0
package/dist/secrets/redaction.d.ts +2 -0
package/dist/secrets/redaction.d.ts.map +1 -0
package/dist/secrets/redaction.js +2 -0
package/dist/secrets/redaction.js.map +1 -0
package/dist/secrets/secret-broker.d.ts +61 -0
package/dist/secrets/secret-broker.d.ts.map +1 -0
package/dist/secrets/secret-broker.js +160 -0
package/dist/secrets/secret-broker.js.map +1 -0
package/dist/secrets/secret-names.d.ts +34 -0
package/dist/secrets/secret-names.d.ts.map +1 -0
package/dist/secrets/secret-names.js +39 -0
package/dist/secrets/secret-names.js.map +1 -0
package/dist/secrets/secret-store.d.ts +8 -0
package/dist/secrets/secret-store.d.ts.map +1 -0
package/dist/secrets/secret-store.js +2 -0
package/dist/secrets/secret-store.js.map +1 -0
package/dist/secrets/types.d.ts +7 -0
package/dist/secrets/types.d.ts.map +1 -0
package/dist/secrets/types.js +2 -0
package/dist/secrets/types.js.map +1 -0
package/dist/services/apple-calendar/caldav-client.d.ts +48 -0
package/dist/services/apple-calendar/caldav-client.d.ts.map +1 -0
package/dist/services/apple-calendar/caldav-client.js +86 -0
package/dist/services/apple-calendar/caldav-client.js.map +1 -0
package/dist/services/apple-calendar/caldav-codec.d.ts +67 -0
package/dist/services/apple-calendar/caldav-codec.d.ts.map +1 -0
package/dist/services/apple-calendar/caldav-codec.js +341 -0
package/dist/services/apple-calendar/caldav-codec.js.map +1 -0
package/dist/services/apple-calendar/index.d.ts +3 -0
package/dist/services/apple-calendar/index.d.ts.map +1 -0
package/dist/services/apple-calendar/index.js +2 -0
package/dist/services/apple-calendar/index.js.map +1 -0
package/dist/services/apple-calendar/service.d.ts +75 -0
package/dist/services/apple-calendar/service.d.ts.map +1 -0
package/dist/services/apple-calendar/service.js +374 -0
package/dist/services/apple-calendar/service.js.map +1 -0
package/dist/services/apple-calendar/types.d.ts +78 -0
package/dist/services/apple-calendar/types.d.ts.map +1 -0
package/dist/services/apple-calendar/types.js +17 -0
package/dist/services/apple-calendar/types.js.map +1 -0
package/dist/services/attachments/hardlink.d.ts +11 -0
package/dist/services/attachments/hardlink.d.ts.map +1 -0
package/dist/services/attachments/hardlink.js +56 -0
package/dist/services/attachments/hardlink.js.map +1 -0
package/dist/services/attachments/sanitize.d.ts +21 -0
package/dist/services/attachments/sanitize.d.ts.map +1 -0
package/dist/services/attachments/sanitize.js +128 -0
package/dist/services/attachments/sanitize.js.map +1 -0
package/dist/services/attachments/store.d.ts +146 -0
package/dist/services/attachments/store.d.ts.map +1 -0
package/dist/services/attachments/store.js +477 -0
package/dist/services/attachments/store.js.map +1 -0
package/dist/services/calendar/outlook/graph-calendar-client.d.ts +114 -0
package/dist/services/calendar/outlook/graph-calendar-client.d.ts.map +1 -0
package/dist/services/calendar/outlook/graph-calendar-client.js +146 -0
package/dist/services/calendar/outlook/graph-calendar-client.js.map +1 -0
package/dist/services/calendar.d.ts +115 -0
package/dist/services/calendar.d.ts.map +1 -0
package/dist/services/calendar.js +281 -0
package/dist/services/calendar.js.map +1 -0
package/dist/services/delegated-backend-invoker.d.ts +414 -0
package/dist/services/delegated-backend-invoker.d.ts.map +1 -0
package/dist/services/delegated-backend-invoker.js +2372 -0
package/dist/services/delegated-backend-invoker.js.map +1 -0
package/dist/services/delegated-proxy-config.d.ts +93 -0
package/dist/services/delegated-proxy-config.d.ts.map +1 -0
package/dist/services/delegated-proxy-config.js +98 -0
package/dist/services/delegated-proxy-config.js.map +1 -0
package/dist/services/delegated-task-result-cache.d.ts +176 -0
package/dist/services/delegated-task-result-cache.d.ts.map +1 -0
package/dist/services/delegated-task-result-cache.js +0 -0
package/dist/services/delegated-task-result-cache.js.map +1 -0
package/dist/services/delegated-task-runtime.d.ts +346 -0
package/dist/services/delegated-task-runtime.d.ts.map +1 -0
package/dist/services/delegated-task-runtime.js +589 -0
package/dist/services/delegated-task-runtime.js.map +1 -0
package/dist/services/delegated-task-session-pool.d.ts +182 -0
package/dist/services/delegated-task-session-pool.d.ts.map +1 -0
package/dist/services/delegated-task-session-pool.js +292 -0
package/dist/services/delegated-task-session-pool.js.map +1 -0
package/dist/services/delegated-tool-runtime.d.ts +50 -0
package/dist/services/delegated-tool-runtime.d.ts.map +1 -0
package/dist/services/delegated-tool-runtime.js +120 -0
package/dist/services/delegated-tool-runtime.js.map +1 -0
package/dist/services/fts5.d.ts +40 -0
package/dist/services/fts5.d.ts.map +1 -0
package/dist/services/fts5.js +54 -0
package/dist/services/fts5.js.map +1 -0
package/dist/services/git-account-registry.d.ts +164 -0
package/dist/services/git-account-registry.d.ts.map +1 -0
package/dist/services/git-account-registry.js +297 -0
package/dist/services/git-account-registry.js.map +1 -0
package/dist/services/github.d.ts +49 -0
package/dist/services/github.d.ts.map +1 -0
package/dist/services/github.js +123 -0
package/dist/services/github.js.map +1 -0
package/dist/services/gmail-classifier.d.ts +62 -0
package/dist/services/gmail-classifier.d.ts.map +1 -0
package/dist/services/gmail-classifier.js +221 -0
package/dist/services/gmail-classifier.js.map +1 -0
package/dist/services/gmail.d.ts +192 -0
package/dist/services/gmail.d.ts.map +1 -0
package/dist/services/gmail.js +678 -0
package/dist/services/gmail.js.map +1 -0
package/dist/services/google-auth.d.ts +16 -0
package/dist/services/google-auth.d.ts.map +1 -0
package/dist/services/google-auth.js +37 -0
package/dist/services/google-auth.js.map +1 -0
package/dist/services/google-maps.d.ts +35 -0
package/dist/services/google-maps.d.ts.map +1 -0
package/dist/services/google-maps.js +82 -0
package/dist/services/google-maps.js.map +1 -0
package/dist/services/integrations/extract-write-item-id.d.ts +64 -0
package/dist/services/integrations/extract-write-item-id.d.ts.map +1 -0
package/dist/services/integrations/extract-write-item-id.js +188 -0
package/dist/services/integrations/extract-write-item-id.js.map +1 -0
package/dist/services/integrations/reconcile.d.ts +136 -0
package/dist/services/integrations/reconcile.d.ts.map +1 -0
package/dist/services/integrations/reconcile.js +218 -0
package/dist/services/integrations/reconcile.js.map +1 -0
package/dist/services/integrations/snapshot-partitions.d.ts +40 -0
package/dist/services/integrations/snapshot-partitions.d.ts.map +1 -0
package/dist/services/integrations/snapshot-partitions.js +113 -0
package/dist/services/integrations/snapshot-partitions.js.map +1 -0
package/dist/services/journal/render.d.ts +15 -0
package/dist/services/journal/render.d.ts.map +1 -0
package/dist/services/journal/render.js +17 -0
package/dist/services/journal/render.js.map +1 -0
package/dist/services/journal/writer.d.ts +26 -0
package/dist/services/journal/writer.d.ts.map +1 -0
package/dist/services/journal/writer.js +50 -0
package/dist/services/journal/writer.js.map +1 -0
package/dist/services/mail/account-registry.d.ts +208 -0
package/dist/services/mail/account-registry.d.ts.map +1 -0
package/dist/services/mail/account-registry.js +554 -0
package/dist/services/mail/account-registry.js.map +1 -0
package/dist/services/mail/gmail/auth-failure-classifier.d.ts +24 -0
package/dist/services/mail/gmail/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/gmail/auth-failure-classifier.js +67 -0
package/dist/services/mail/gmail/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/gmail/gmail-provider.d.ts +58 -0
package/dist/services/mail/gmail/gmail-provider.d.ts.map +1 -0
package/dist/services/mail/gmail/gmail-provider.js +434 -0
package/dist/services/mail/gmail/gmail-provider.js.map +1 -0
package/dist/services/mail/gmail/legacy-row.d.ts +24 -0
package/dist/services/mail/gmail/legacy-row.d.ts.map +1 -0
package/dist/services/mail/gmail/legacy-row.js +71 -0
package/dist/services/mail/gmail/legacy-row.js.map +1 -0
package/dist/services/mail/gmail/poll-cursor.d.ts +12 -0
package/dist/services/mail/gmail/poll-cursor.d.ts.map +1 -0
package/dist/services/mail/gmail/poll-cursor.js +32 -0
package/dist/services/mail/gmail/poll-cursor.js.map +1 -0
package/dist/services/mail/html-to-plaintext.d.ts +27 -0
package/dist/services/mail/html-to-plaintext.d.ts.map +1 -0
package/dist/services/mail/html-to-plaintext.js +163 -0
package/dist/services/mail/html-to-plaintext.js.map +1 -0
package/dist/services/mail/imap/app-password.d.ts +27 -0
package/dist/services/mail/imap/app-password.d.ts.map +1 -0
package/dist/services/mail/imap/app-password.js +86 -0
package/dist/services/mail/imap/app-password.js.map +1 -0
package/dist/services/mail/imap/auth-failure-classifier.d.ts +21 -0
package/dist/services/mail/imap/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/imap/auth-failure-classifier.js +54 -0
package/dist/services/mail/imap/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/imap/capabilities.d.ts +30 -0
package/dist/services/mail/imap/capabilities.d.ts.map +1 -0
package/dist/services/mail/imap/capabilities.js +70 -0
package/dist/services/mail/imap/capabilities.js.map +1 -0
package/dist/services/mail/imap/client.d.ts +15 -0
package/dist/services/mail/imap/client.d.ts.map +1 -0
package/dist/services/mail/imap/client.js +60 -0
package/dist/services/mail/imap/client.js.map +1 -0
package/dist/services/mail/imap/cursor.d.ts +19 -0
package/dist/services/mail/imap/cursor.d.ts.map +1 -0
package/dist/services/mail/imap/cursor.js +47 -0
package/dist/services/mail/imap/cursor.js.map +1 -0
package/dist/services/mail/imap/folder-resolver.d.ts +24 -0
package/dist/services/mail/imap/folder-resolver.d.ts.map +1 -0
package/dist/services/mail/imap/folder-resolver.js +58 -0
package/dist/services/mail/imap/folder-resolver.js.map +1 -0
package/dist/services/mail/imap/icloud-provider.d.ts +5 -0
package/dist/services/mail/imap/icloud-provider.d.ts.map +1 -0
package/dist/services/mail/imap/icloud-provider.js +5 -0
package/dist/services/mail/imap/icloud-provider.js.map +1 -0
package/dist/services/mail/imap/imap-provider-base.d.ts +173 -0
package/dist/services/mail/imap/imap-provider-base.d.ts.map +1 -0
package/dist/services/mail/imap/imap-provider-base.js +1004 -0
package/dist/services/mail/imap/imap-provider-base.js.map +1 -0
package/dist/services/mail/imap/query-translator.d.ts +13 -0
package/dist/services/mail/imap/query-translator.d.ts.map +1 -0
package/dist/services/mail/imap/query-translator.js +114 -0
package/dist/services/mail/imap/query-translator.js.map +1 -0
package/dist/services/mail/imap/reconcile-planner.d.ts +56 -0
package/dist/services/mail/imap/reconcile-planner.d.ts.map +1 -0
package/dist/services/mail/imap/reconcile-planner.js +52 -0
package/dist/services/mail/imap/reconcile-planner.js.map +1 -0
package/dist/services/mail/imap/reply-mime.d.ts +24 -0
package/dist/services/mail/imap/reply-mime.d.ts.map +1 -0
package/dist/services/mail/imap/reply-mime.js +77 -0
package/dist/services/mail/imap/reply-mime.js.map +1 -0
package/dist/services/mail/imap/yahoo-provider.d.ts +5 -0
package/dist/services/mail/imap/yahoo-provider.d.ts.map +1 -0
package/dist/services/mail/imap/yahoo-provider.js +5 -0
package/dist/services/mail/imap/yahoo-provider.js.map +1 -0
package/dist/services/mail/mail-search.d.ts +35 -0
package/dist/services/mail/mail-search.d.ts.map +1 -0
package/dist/services/mail/mail-search.js +59 -0
package/dist/services/mail/mail-search.js.map +1 -0
package/dist/services/mail/outlook/auth-failure-classifier.d.ts +38 -0
package/dist/services/mail/outlook/auth-failure-classifier.d.ts.map +1 -0
package/dist/services/mail/outlook/auth-failure-classifier.js +91 -0
package/dist/services/mail/outlook/auth-failure-classifier.js.map +1 -0
package/dist/services/mail/outlook/client-config.d.ts +34 -0
package/dist/services/mail/outlook/client-config.d.ts.map +1 -0
package/dist/services/mail/outlook/client-config.js +58 -0
package/dist/services/mail/outlook/client-config.js.map +1 -0
package/dist/services/mail/outlook/delta-cursor.d.ts +66 -0
package/dist/services/mail/outlook/delta-cursor.d.ts.map +1 -0
package/dist/services/mail/outlook/delta-cursor.js +85 -0
package/dist/services/mail/outlook/delta-cursor.js.map +1 -0
package/dist/services/mail/outlook/graph-client.d.ts +98 -0
package/dist/services/mail/outlook/graph-client.d.ts.map +1 -0
package/dist/services/mail/outlook/graph-client.js +198 -0
package/dist/services/mail/outlook/graph-client.js.map +1 -0
package/dist/services/mail/outlook/msal-app-factory.d.ts +20 -0
package/dist/services/mail/outlook/msal-app-factory.d.ts.map +1 -0
package/dist/services/mail/outlook/msal-app-factory.js +62 -0
package/dist/services/mail/outlook/msal-app-factory.js.map +1 -0
package/dist/services/mail/outlook/msal-cache-plugin.d.ts +19 -0
package/dist/services/mail/outlook/msal-cache-plugin.d.ts.map +1 -0
package/dist/services/mail/outlook/msal-cache-plugin.js +30 -0
package/dist/services/mail/outlook/msal-cache-plugin.js.map +1 -0
package/dist/services/mail/outlook/oauth-device-code.d.ts +26 -0
package/dist/services/mail/outlook/oauth-device-code.d.ts.map +1 -0
package/dist/services/mail/outlook/oauth-device-code.js +32 -0
package/dist/services/mail/outlook/oauth-device-code.js.map +1 -0
package/dist/services/mail/outlook/oauth-loopback.d.ts +41 -0
package/dist/services/mail/outlook/oauth-loopback.d.ts.map +1 -0
package/dist/services/mail/outlook/oauth-loopback.js +223 -0
package/dist/services/mail/outlook/oauth-loopback.js.map +1 -0
package/dist/services/mail/outlook/outlook-provider.d.ts +100 -0
package/dist/services/mail/outlook/outlook-provider.d.ts.map +1 -0
package/dist/services/mail/outlook/outlook-provider.js +619 -0
package/dist/services/mail/outlook/outlook-provider.js.map +1 -0
package/dist/services/mail/outlook/query-translator.d.ts +10 -0
package/dist/services/mail/outlook/query-translator.d.ts.map +1 -0
package/dist/services/mail/outlook/query-translator.js +103 -0
package/dist/services/mail/outlook/query-translator.js.map +1 -0
package/dist/services/mail/provider.d.ts +267 -0
package/dist/services/mail/provider.d.ts.map +1 -0
package/dist/services/mail/provider.js +34 -0
package/dist/services/mail/provider.js.map +1 -0
package/dist/services/mail/query-utils.d.ts +13 -0
package/dist/services/mail/query-utils.d.ts.map +1 -0
package/dist/services/mail/query-utils.js +18 -0
package/dist/services/mail/query-utils.js.map +1 -0
package/dist/services/mail-classifier.d.ts +25 -0
package/dist/services/mail-classifier.d.ts.map +1 -0
package/dist/services/mail-classifier.js +52 -0
package/dist/services/mail-classifier.js.map +1 -0
package/dist/services/mail-ingestion.d.ts +139 -0
package/dist/services/mail-ingestion.d.ts.map +1 -0
package/dist/services/mail-ingestion.js +223 -0
package/dist/services/mail-ingestion.js.map +1 -0
package/dist/services/mcp/auto-probe.d.ts +76 -0
package/dist/services/mcp/auto-probe.d.ts.map +1 -0
package/dist/services/mcp/auto-probe.js +147 -0
package/dist/services/mcp/auto-probe.js.map +1 -0
package/dist/services/mcp/generators/claude.d.ts +18 -0
package/dist/services/mcp/generators/claude.d.ts.map +1 -0
package/dist/services/mcp/generators/claude.js +90 -0
package/dist/services/mcp/generators/claude.js.map +1 -0
package/dist/services/mcp/generators/codex.d.ts +22 -0
package/dist/services/mcp/generators/codex.d.ts.map +1 -0
package/dist/services/mcp/generators/codex.js +102 -0
package/dist/services/mcp/generators/codex.js.map +1 -0
package/dist/services/mcp/generators/gemini.d.ts +20 -0
package/dist/services/mcp/generators/gemini.d.ts.map +1 -0
package/dist/services/mcp/generators/gemini.js +97 -0
package/dist/services/mcp/generators/gemini.js.map +1 -0
package/dist/services/mcp/generators/index.d.ts +20 -0
package/dist/services/mcp/generators/index.d.ts.map +1 -0
package/dist/services/mcp/generators/index.js +29 -0
package/dist/services/mcp/generators/index.js.map +1 -0
package/dist/services/mcp/generators/types.d.ts +47 -0
package/dist/services/mcp/generators/types.d.ts.map +1 -0
package/dist/services/mcp/generators/types.js +40 -0
package/dist/services/mcp/generators/types.js.map +1 -0
package/dist/services/mcp/probe.d.ts +31 -0
package/dist/services/mcp/probe.d.ts.map +1 -0
package/dist/services/mcp/probe.js +437 -0
package/dist/services/mcp/probe.js.map +1 -0
package/dist/services/mcp/registry.d.ts +84 -0
package/dist/services/mcp/registry.d.ts.map +1 -0
package/dist/services/mcp/registry.js +387 -0
package/dist/services/mcp/registry.js.map +1 -0
package/dist/services/mcp/risk.d.ts +82 -0
package/dist/services/mcp/risk.d.ts.map +1 -0
package/dist/services/mcp/risk.js +126 -0
package/dist/services/mcp/risk.js.map +1 -0
package/dist/services/mcp/session-materializer.d.ts +123 -0
package/dist/services/mcp/session-materializer.d.ts.map +1 -0
package/dist/services/mcp/session-materializer.js +361 -0
package/dist/services/mcp/session-materializer.js.map +1 -0
package/dist/services/mcp/tool-audit.d.ts +53 -0
package/dist/services/mcp/tool-audit.d.ts.map +1 -0
package/dist/services/mcp/tool-audit.js +74 -0
package/dist/services/mcp/tool-audit.js.map +1 -0
package/dist/services/mcp/types.d.ts +88 -0
package/dist/services/mcp/types.d.ts.map +1 -0
package/dist/services/mcp/types.js +94 -0
package/dist/services/mcp/types.js.map +1 -0
package/dist/services/notion.d.ts +134 -0
package/dist/services/notion.d.ts.map +1 -0
package/dist/services/notion.js +350 -0
package/dist/services/notion.js.map +1 -0
package/dist/services/obsidian.d.ts +116 -0
package/dist/services/obsidian.d.ts.map +1 -0
package/dist/services/obsidian.js +305 -0
package/dist/services/obsidian.js.map +1 -0
package/dist/services/service-registry.d.ts +31 -0
package/dist/services/service-registry.d.ts.map +1 -0
package/dist/services/service-registry.js +15 -0
package/dist/services/service-registry.js.map +1 -0
package/dist/services/voice/transcriber-impl.d.ts +15 -0
package/dist/services/voice/transcriber-impl.d.ts.map +1 -0
package/dist/services/voice/transcriber-impl.js +129 -0
package/dist/services/voice/transcriber-impl.js.map +1 -0
package/dist/services/voice/transcriber.d.ts +117 -0
package/dist/services/voice/transcriber.d.ts.map +1 -0
package/dist/services/voice/transcriber.js +201 -0
package/dist/services/voice/transcriber.js.map +1 -0
package/dist/settings/runtime-settings.d.ts +232 -0
package/dist/settings/runtime-settings.d.ts.map +1 -0
package/dist/settings/runtime-settings.js +769 -0
package/dist/settings/runtime-settings.js.map +1 -0
package/dist/settings/settings-store.d.ts +13 -0
package/dist/settings/settings-store.d.ts.map +1 -0
package/dist/settings/settings-store.js +87 -0
package/dist/settings/settings-store.js.map +1 -0
package/package.json +85 -0

package/dist/core/backends/auth-recovery.js ADDED Viewed

@@ -0,0 +1,1086 @@
+import { spawn } from "node:child_process";
+import { existsSync, readFileSync, readdirSync, realpathSync, writeFileSync, mkdirSync, chmodSync, copyFileSync, unlinkSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+import { redactSensitiveString } from "@aitne/shared";
+import { OAuth2Client, CodeChallengeMethod } from "google-auth-library";
+import { FIRST_EXPIRED_CASE_SQL, writeAuthFailureDetail, writeAuthOkDetail, } from "./auth-health-monitor.js";
+import { findExecutable, killChildWithEscalation, runLineCommand } from "./cli-utils.js";
+import { createLogger } from "../../logging.js";
+const logger = createLogger("auth-recovery");
+// ──────────────────────────────────────────────────────────────────
+// Codex device auth parsing — empirical regex from §4.0 verification
+// ──────────────────────────────────────────────────────────────────
+const ANSI_ESCAPE_RE = /\x1b\[[0-9;]*m/g;
+/**
+ * Device URL — static for the current Codex CLI, but validated anyway
+ * so we detect changes early. `\S+` will also capture any future
+ * query params without breaking the match.
+ */
+const CODEX_DEVICE_URL_RE = /https:\/\/auth\.openai\.com\/\S+/;
+/**
+ * User code format: 3-6 uppercase alphanumeric, hyphen, 3-6 uppercase
+ * alphanumeric. Observed patterns: `D636-F13CP`, `D65V-KQVNP`.
+ * The line is always indented with 3+ spaces in codex output.
+ */
+const CODEX_USER_CODE_RE = /^\s{2,}([A-Z0-9]{3,6}-[A-Z0-9]{3,6})\s*$/m;
+/**
+ * Expiry from the output text: "(expires in N minutes)".
+ */
+const CODEX_EXPIRES_RE = /expires in (\d+) minutes/;
+/**
+ * Parse the stdout of `codex login --device-auth` into structured info.
+ * Returns `null` if the output doesn't match the expected format.
+ */
+export function parseCodexDeviceAuthOutput(rawStdout) {
+    const clean = rawStdout.replace(ANSI_ESCAPE_RE, "");
+    const urlMatch = clean.match(CODEX_DEVICE_URL_RE);
+    const codeMatch = clean.match(CODEX_USER_CODE_RE);
+    const expiresMatch = clean.match(CODEX_EXPIRES_RE);
+    if (!urlMatch || !codeMatch)
+        return null;
+    return {
+        deviceUrl: urlMatch[0],
+        userCode: codeMatch[1],
+        expiresMinutes: expiresMatch ? parseInt(expiresMatch[1], 10) : 15,
+    };
+}
+// ──────────────────────────────────────────────────────────────────
+// Claude auth login URL parsing — Phase 9 §8.1 empirical
+// ──────────────────────────────────────────────────────────────────
+/**
+ * Regex to extract the OAuth URL from `claude auth login` stdout.
+ * Output format (observed in Claude Code 2.1.104):
+ *   Line 1: "Opening browser to sign in…"
+ *   Line 2: "If the browser didn't open, visit: <URL>"
+ */
+const CLAUDE_AUTH_URL_RE = /visit:\s+(https:\/\/\S+)/;
+/**
+ * Parse the OAuth URL from `claude auth login` stdout.
+ * Returns the URL string, or `null` if the output doesn't match.
+ */
+export function parseClaudeAuthLoginOutput(rawStdout) {
+    const clean = rawStdout.replace(ANSI_ESCAPE_RE, "");
+    const match = clean.match(CLAUDE_AUTH_URL_RE);
+    return match ? match[1] : null;
+}
+/** Default Claude recovery timeout in minutes. Browser OAuth is faster than device code. */
+const CLAUDE_RECOVERY_TIMEOUT_MIN = 10;
+// ──────────────────────────────────────────────────────────────────
+// Gemini OAuth auth code parsing — per design §5.2 + §4.4
+// ──────────────────────────────────────────────────────────────────
+/**
+ * Google OAuth authorization code regex.
+ * Codes start with `4/` followed by URL-safe base64 chars (30+).
+ * The design doc gates on `4/[01]` but Google may change the second
+ * char, so we accept any char after `4/` to avoid false negatives.
+ */
+const GEMINI_AUTH_CODE_RE = /^(4\/[A-Za-z0-9_-]{30,})$/;
+/**
+ * Test whether a raw DM text looks like a Google OAuth authorization code.
+ * Only returns a match when a Gemini recovery session is active — caller
+ * must gate on `isRecoveryActive("gemini")` before calling this.
+ */
+export function parseGeminiAuthCode(text) {
+    const m = text.trim().match(GEMINI_AUTH_CODE_RE);
+    return m ? m[1] : null;
+}
+/** Gemini OAuth scopes — must match what the CLI uses. */
+const GEMINI_OAUTH_SCOPES = [
+    "https://www.googleapis.com/auth/cloud-platform",
+    "https://www.googleapis.com/auth/userinfo.email",
+    "https://www.googleapis.com/auth/userinfo.profile",
+];
+/** Redirect URI for Google's code relay page (user sees the code to copy). */
+const GEMINI_REDIRECT_URI = "https://codeassist.google.com/authcode";
+/** Default Gemini recovery timeout in minutes (Google's auth flow times out at 5 min). */
+const GEMINI_RECOVERY_TIMEOUT_MIN = 5;
+/** Gemini OAuth credentials file path. */
+const GEMINI_OAUTH_CREDS_PATH = join(homedir(), ".gemini", "oauth_creds.json");
+/** Encrypted storage env var — if set, we cannot write plaintext creds. */
+const GEMINI_ENCRYPTED_STORAGE_ENV = "GEMINI_FORCE_ENCRYPTED_FILE_STORAGE";
+/**
+ * Extract Gemini OAuth client credentials.
+ *
+ * Priority:
+ * 1. Env vars PA_GEMINI_OAUTH_CLIENT_ID + PA_GEMINI_OAUTH_CLIENT_SECRET
+ * 2. Runtime scan of @google/gemini-cli bundle chunks
+ *
+ * Returns null if credentials cannot be found.
+ */
+export function extractGeminiOAuthCredentials() {
+    // 1. Env var override (most reliable, recommended for production)
+    const envId = process.env.PA_GEMINI_OAUTH_CLIENT_ID?.trim();
+    const envSecret = process.env.PA_GEMINI_OAUTH_CLIENT_SECRET?.trim();
+    if (envId && envSecret) {
+        return { clientId: envId, clientSecret: envSecret };
+    }
+    // M3 fix: warn if only one of the two env vars is set — likely a
+    // configuration mistake that would silently fall through to bundle scan.
+    if (envId || envSecret) {
+        logger.warn("Only one of PA_GEMINI_OAUTH_CLIENT_ID / PA_GEMINI_OAUTH_CLIENT_SECRET is set — " +
+            "both are required. Falling back to CLI bundle scan.");
+    }
+    // 2. Bundle scan — fragile across CLI versions but works as fallback
+    return scanGeminiCliBundleCredentials();
+}
+/**
+ * Scan the @google/gemini-cli bundle for embedded OAuth credentials.
+ * The credentials are public (shipped in a npm package), not secrets.
+ */
+function scanGeminiCliBundleCredentials() {
+    try {
+        // Find the gemini CLI installation
+        const geminiPath = findExecutable("gemini");
+        if (!geminiPath)
+            return null;
+        // Resolve symlink to get the actual installation path
+        const realPath = realpathSync(geminiPath);
+        // Walk up to find the package root: .../bundle/cli.js or .../bin/cli.js
+        let pkgDir = dirname(realPath);
+        for (let i = 0; i < 5; i++) {
+            if (existsSync(join(pkgDir, "package.json")))
+                break;
+            pkgDir = dirname(pkgDir);
+        }
+        const bundleDir = join(pkgDir, "bundle");
+        if (!existsSync(bundleDir))
+            return null;
+        // Scan chunk files for the known constant patterns
+        const chunks = readdirSync(bundleDir).filter((f) => f.startsWith("chunk-") && f.endsWith(".js"));
+        const clientIdRe = /var OAUTH_CLIENT_ID\s*=\s*"([^"]+)"/;
+        const clientSecretRe = /var OAUTH_CLIENT_SECRET\s*=\s*"([^"]+)"/;
+        for (const chunk of chunks) {
+            const content = readFileSync(join(bundleDir, chunk), "utf-8");
+            const idMatch = content.match(clientIdRe);
+            const secretMatch = content.match(clientSecretRe);
+            if (idMatch && secretMatch) {
+                return { clientId: idMatch[1], clientSecret: secretMatch[1] };
+            }
+        }
+    }
+    catch (err) {
+        logger.debug({ err }, "Failed to scan Gemini CLI bundle for OAuth credentials");
+    }
+    return null;
+}
+// ──────────────────────────────────────────────────────────────────
+// AuthRecovery — manages interactive auth recovery subprocesses
+// ──────────────────────────────────────────────────────────────────
+/** Default recovery timeout in minutes (matches Codex `expires_in`). */
+const DEFAULT_RECOVERY_TIMEOUT_MIN = 15;
+export class AuthRecovery {
+    db;
+    telemetry;
+    authHealthMonitor;
+    notifier;
+    activeRecoveries = new Map();
+    now;
+    claudeRecoveryTimeoutMin;
+    codexRecoveryTimeoutMin;
+    geminiRecoveryTimeoutMin;
+    shuttingDown = false;
+    constructor(db, telemetry, authHealthMonitor, notifier, options = {}) {
+        this.db = db;
+        this.telemetry = telemetry;
+        this.authHealthMonitor = authHealthMonitor;
+        this.notifier = notifier;
+        this.now = options.now ?? (() => new Date());
+        this.claudeRecoveryTimeoutMin = options.claudeRecoveryTimeoutMin ?? CLAUDE_RECOVERY_TIMEOUT_MIN;
+        this.codexRecoveryTimeoutMin = options.codexRecoveryTimeoutMin ?? DEFAULT_RECOVERY_TIMEOUT_MIN;
+        this.geminiRecoveryTimeoutMin = options.geminiRecoveryTimeoutMin ?? GEMINI_RECOVERY_TIMEOUT_MIN;
+    }
+    /**
+     * Get the active recovery session for a backend, or `undefined`.
+     */
+    getActiveRecovery(backendId) {
+        const internal = this.activeRecoveries.get(backendId);
+        if (!internal)
+            return undefined;
+        return {
+            backendId: internal.backendId,
+            startedAt: internal.startedAt,
+            authUrl: internal.authUrl,
+            userCode: internal.userCode,
+            expiresMinutes: internal.expiresMinutes,
+            completion: internal.completion,
+        };
+    }
+    /**
+     * Check if a recovery is currently active for the given backend.
+     */
+    isRecoveryActive(backendId) {
+        return this.activeRecoveries.has(backendId);
+    }
+    // ────────────────────────────────────────────────────────────
+    // Codex device auth recovery (Phase 5 §4.1)
+    // ────────────────────────────────────────────────────────────
+    /**
+     * Initiate Codex device auth recovery.
+     *
+     * Spawns `codex login --device-auth` as a subprocess, parses the
+     * device URL and user code from stdout, writes `recovering` to DB,
+     * and returns the device auth info for user presentation.
+     *
+     * The subprocess blocks until the user completes auth in the browser
+     * or the code expires. On completion:
+     *   - exit 0  → `persistCheckResult({ok:true})`, counter `recovery_success`
+     *   - exit ≠0 → DB → `expired`, counter `recovery_timeout` or `recovery_failed`
+     *   - SIGTERM → daemon shutdown cleanup
+     *
+     * **Notification policy (M1 fix)**: This method does NOT send a DM.
+     * The caller (dispatcher / API route) is responsible for presenting
+     * the returned URL/code to the user, avoiding double-notification.
+     *
+     * Throws if:
+     *   - A recovery is already in progress for this backend
+     *   - The Codex CLI is not installed
+     *   - The subprocess fails to produce a device code within 10s
+     */
+    async initiateCodexDeviceAuth() {
+        const backendId = "codex";
+        // Guard: concurrent recovery
+        if (this.activeRecoveries.has(backendId)) {
+            throw new Error(`Recovery already in progress for ${backendId}. Wait for it to complete or cancel.`);
+        }
+        // Guard: CLI installed
+        const cliPath = findExecutable("codex");
+        if (!cliPath) {
+            throw new Error("Codex CLI is not installed or not on PATH.");
+        }
+        // Guard: daemon shutting down
+        if (this.shuttingDown) {
+            throw new Error("Daemon is shutting down, cannot start recovery.");
+        }
+        // Spawn `codex login --device-auth`
+        const child = spawn(cliPath, ["login", "--device-auth"], {
+            stdio: ["pipe", "pipe", "pipe"],
+            env: { ...process.env, TERM: "dumb", NO_COLOR: "1" },
+        });
+        // Parse device code from stdout (collected until first \n\n after code)
+        const deviceInfo = await this.waitForDeviceCode(child);
+        // Write `recovering` status to DB
+        const nowIso = this.now().toISOString();
+        this.db.transaction(() => {
+            this.db
+                .prepare(`UPDATE backends
+              SET auth_status = 'recovering',
+                  auth_checked_at = @now,
+                  auth_last_verified_at = @now,
+                  updated_at = @now
+            WHERE id = @id`)
+                .run({ now: nowIso, id: backendId });
+            writeAuthOkDetail(this.db, backendId, `Device auth in progress — code ${deviceInfo.userCode}`);
+        })();
+        // Telemetry
+        this.incrementRecovery(backendId, "recovery_started");
+        // Set up timeout
+        const timeoutMs = this.codexRecoveryTimeoutMin * 60 * 1000;
+        const timeoutHandle = setTimeout(() => {
+            logger.info({ backendId }, "Recovery timeout — killing subprocess");
+            killChildWithEscalation(child);
+        }, timeoutMs);
+        timeoutHandle.unref?.();
+        // Build completion promise
+        const completion = this.monitorCodexRecovery(child, backendId, timeoutHandle);
+        const internal = {
+            backendId,
+            startedAt: this.now(),
+            authUrl: deviceInfo.deviceUrl,
+            userCode: deviceInfo.userCode,
+            expiresMinutes: deviceInfo.expiresMinutes,
+            completion,
+            child,
+            timeoutHandle,
+        };
+        this.activeRecoveries.set(backendId, internal);
+        return {
+            backendId: internal.backendId,
+            startedAt: internal.startedAt,
+            authUrl: internal.authUrl,
+            userCode: internal.userCode,
+            expiresMinutes: internal.expiresMinutes,
+            completion: internal.completion,
+        };
+    }
+    // ────────────────────────────────────────────────────────────
+    // Claude browser auth recovery (Phase 9 §8.2)
+    // ────────────────────────────────────────────────────────────
+    /**
+     * Initiate Claude auth recovery via browser OAuth.
+     *
+     * Phase 9 empirical verification showed that `claude auth login` does
+     * NOT require a PTY — pipe stdio works. The subprocess prints an OAuth
+     * URL to stdout and blocks until the user completes browser auth:
+     *
+     *   1. Spawn `claude auth login --claudeai` with pipe stdio
+     *   2. Parse OAuth URL from stdout
+     *   3. Present URL to user (caller's responsibility — M1 policy)
+     *   4. Wait for process exit (exit 0 = success)
+     *   5. Verify with `claude auth status --json`
+     *
+     * Structurally identical to Codex device auth (Phase 5).
+     *
+     * **BROWSER=echo**: Suppresses the daemon from opening a browser in the
+     * user's session. The URL is always printed to stdout regardless.
+     */
+    async initiateClaudeAuth() {
+        const backendId = "claude";
+        if (this.activeRecoveries.has(backendId)) {
+            throw new Error(`Recovery already in progress for ${backendId}. Wait for it to complete or cancel.`);
+        }
+        const cliPath = findExecutable("claude");
+        if (!cliPath) {
+            throw new Error("Claude Code CLI is not installed or not on PATH.");
+        }
+        if (this.shuttingDown) {
+            throw new Error("Daemon is shutting down, cannot start recovery.");
+        }
+        // Spawn with BROWSER=echo to suppress daemon-initiated browser launch
+        const child = spawn(cliPath, ["auth", "login", "--claudeai"], {
+            stdio: ["pipe", "pipe", "pipe"],
+            env: { ...process.env, TERM: "dumb", NO_COLOR: "1", BROWSER: "echo" },
+        });
+        // Parse OAuth URL from stdout
+        const authUrl = await this.waitForClaudeAuthUrl(child);
+        // Write `recovering` status to DB
+        const nowIso = this.now().toISOString();
+        this.db.transaction(() => {
+            this.db
+                .prepare(`UPDATE backends
+              SET auth_status = 'recovering',
+                  auth_checked_at = @now,
+                  auth_last_verified_at = @now,
+                  updated_at = @now
+            WHERE id = @id`)
+                .run({ now: nowIso, id: backendId });
+            writeAuthOkDetail(this.db, backendId, "Browser OAuth recovery in progress");
+        })();
+        this.incrementRecovery(backendId, "recovery_started");
+        // Set up timeout
+        const timeoutMs = this.claudeRecoveryTimeoutMin * 60 * 1000;
+        const timeoutHandle = setTimeout(() => {
+            logger.info({ backendId }, "Recovery timeout — killing subprocess");
+            killChildWithEscalation(child);
+        }, timeoutMs);
+        timeoutHandle.unref?.();
+        const completion = this.monitorClaudeRecovery(child, backendId, timeoutHandle);
+        const internal = {
+            backendId,
+            startedAt: this.now(),
+            authUrl,
+            expiresMinutes: this.claudeRecoveryTimeoutMin,
+            completion,
+            child,
+            timeoutHandle,
+        };
+        this.activeRecoveries.set(backendId, internal);
+        return {
+            backendId: internal.backendId,
+            startedAt: internal.startedAt,
+            authUrl: internal.authUrl,
+            expiresMinutes: internal.expiresMinutes,
+            completion: internal.completion,
+        };
+    }
+    // ────────────────────────────────────────────────────────────
+    // Gemini OAuth recovery (Phase 6 §5.1)
+    // ────────────────────────────────────────────────────────────
+    /**
+     * Initiate Gemini OAuth recovery using direct OAuth flow.
+     *
+     * Because the Gemini CLI requires a TTY for its auth flow (§5.0
+     * empirical verification), we bypass the CLI and implement OAuth
+     * directly using google-auth-library:
+     *
+     *   1. Extract client credentials from env vars or CLI bundle
+     *   2. Generate PKCE-protected OAuth URL
+     *   3. Present URL to user (caller's responsibility — M1 policy)
+     *   4. Wait for user to send auth code via handleGeminiAuthCode()
+     *   5. Exchange code for tokens → write oauth_creds.json
+     *
+     * **Encrypted storage rejection**: If GEMINI_FORCE_ENCRYPTED_FILE_STORAGE
+     * is enabled, we cannot write plaintext oauth_creds.json and the recovery
+     * is refused. The user must re-authenticate via the CLI directly.
+     *
+     * **Notification policy (M1 fix)**: This method does NOT send a DM.
+     * The caller is responsible for presenting the URL.
+     *
+     * Throws if:
+     *   - A recovery is already in progress for this backend
+     *   - Encrypted storage mode is enabled
+     *   - OAuth credentials cannot be extracted
+     */
+    async initiateGeminiAuth() {
+        const backendId = "gemini";
+        // Guard: concurrent recovery
+        if (this.activeRecoveries.has(backendId)) {
+            throw new Error(`Recovery already in progress for ${backendId}. Wait for it to complete or cancel.`);
+        }
+        // Guard: daemon shutting down
+        if (this.shuttingDown) {
+            throw new Error("Daemon is shutting down, cannot start recovery.");
+        }
+        // Guard: encrypted storage — we can only write plaintext oauth_creds.json
+        if (process.env[GEMINI_ENCRYPTED_STORAGE_ENV] === "true") {
+            throw new Error("Gemini encrypted storage mode is enabled (GEMINI_FORCE_ENCRYPTED_FILE_STORAGE=true). " +
+                "Cannot write plaintext OAuth credentials. Please re-authenticate via the Gemini CLI directly.");
+        }
+        // Extract OAuth client credentials
+        const credentials = extractGeminiOAuthCredentials();
+        if (!credentials) {
+            throw new Error("Cannot extract Gemini OAuth credentials. " +
+                "Set PA_GEMINI_OAUTH_CLIENT_ID and PA_GEMINI_OAUTH_CLIENT_SECRET env vars, " +
+                "or ensure the Gemini CLI is installed.");
+        }
+        // Create OAuth2 client and generate PKCE auth URL
+        const oauthClient = new OAuth2Client({
+            clientId: credentials.clientId,
+            clientSecret: credentials.clientSecret,
+        });
+        const codeVerifierResult = await oauthClient.generateCodeVerifierAsync();
+        const authUrl = oauthClient.generateAuthUrl({
+            redirect_uri: GEMINI_REDIRECT_URI,
+            access_type: "offline",
+            scope: GEMINI_OAUTH_SCOPES,
+            code_challenge_method: CodeChallengeMethod.S256,
+            code_challenge: codeVerifierResult.codeChallenge,
+        });
+        // Write `recovering` status to DB
+        const nowIso = this.now().toISOString();
+        this.db.transaction(() => {
+            this.db
+                .prepare(`UPDATE backends
+              SET auth_status = 'recovering',
+                  auth_checked_at = @now,
+                  auth_last_verified_at = @now,
+                  updated_at = @now
+            WHERE id = @id`)
+                .run({ now: nowIso, id: backendId });
+            writeAuthOkDetail(this.db, backendId, "OAuth recovery in progress — waiting for authorization code");
+        })();
+        // Telemetry
+        this.incrementRecovery(backendId, "recovery_started");
+        // Set up timeout (Gemini's auth flow expires in ~5 min)
+        const timeoutMs = this.geminiRecoveryTimeoutMin * 60 * 1000;
+        // Build completion promise that resolves when auth code is received or timeout
+        let resolveCompletion;
+        const completion = new Promise((resolve) => {
+            resolveCompletion = resolve;
+        });
+        const timeoutHandle = setTimeout(() => {
+            logger.info({ backendId }, "Gemini recovery timeout — no auth code received");
+            const result = {
+                ok: false,
+                reason: "timeout",
+                detail: `OAuth recovery timed out after ${this.geminiRecoveryTimeoutMin} minutes — no authorization code received`,
+            };
+            // Apply the result (DB + telemetry + notification)
+            this.applyRecoveryResult(backendId, result);
+            resolveCompletion(result);
+            this.activeRecoveries.delete(backendId);
+        }, timeoutMs);
+        timeoutHandle.unref?.();
+        const internal = {
+            backendId,
+            startedAt: this.now(),
+            authUrl,
+            expiresMinutes: this.geminiRecoveryTimeoutMin,
+            completion,
+            oauthClient,
+            codeVerifier: codeVerifierResult.codeVerifier,
+            resolveCompletion,
+            timeoutHandle,
+        };
+        this.activeRecoveries.set(backendId, internal);
+        return {
+            backendId: internal.backendId,
+            startedAt: internal.startedAt,
+            authUrl: internal.authUrl,
+            expiresMinutes: internal.expiresMinutes,
+            completion: internal.completion,
+        };
+    }
+    /**
+     * Handle a Google OAuth authorization code sent by the user.
+     *
+     * Called from the dispatcher (DM interception) or the API route
+     * (POST /backends/gemini/recovery/code). Exchanges the code for
+     * tokens, writes oauth_creds.json, verifies auth, and completes
+     * the recovery.
+     *
+     * Returns the recovery result. Throws if no Gemini recovery is active.
+     */
+    async handleGeminiAuthCode(code) {
+        const backendId = "gemini";
+        const internal = this.activeRecoveries.get(backendId);
+        if (!internal || !internal.oauthClient || !internal.codeVerifier || !internal.resolveCompletion) {
+            throw new Error("No active Gemini recovery session to receive an auth code.");
+        }
+        // Prevent timeout from firing after we start processing
+        clearTimeout(internal.timeoutHandle);
+        // B2 fix: backup existing oauth_creds.json before overwriting so we can
+        // restore on failure (design doc §4.2 backup/restore pattern).
+        const backedUp = backupGeminiOAuthCreds();
+        let result;
+        try {
+            // Exchange auth code for tokens
+            const { tokens } = await internal.oauthClient.getToken({
+                code,
+                codeVerifier: internal.codeVerifier,
+                redirect_uri: GEMINI_REDIRECT_URI,
+            });
+            if (!tokens || !tokens.access_token) {
+                result = {
+                    ok: false,
+                    reason: "verification_failed",
+                    detail: "Token exchange succeeded but no access_token returned",
+                };
+            }
+            else {
+                // Write tokens to oauth_creds.json (same format as Gemini CLI)
+                writeGeminiOAuthCreds(tokens);
+                // Verify the credentials contain a refresh_token
+                const verified = await this.verifyGeminiAuth();
+                if (verified) {
+                    // Success — remove backup
+                    removeGeminiOAuthCredsBackup();
+                    result = {
+                        ok: true,
+                        reason: "success",
+                        detail: "OAuth authentication completed successfully",
+                    };
+                }
+                else {
+                    // Verification failed — restore backup
+                    if (backedUp)
+                        restoreGeminiOAuthCreds();
+                    result = {
+                        ok: false,
+                        reason: "verification_failed",
+                        detail: "Token exchange succeeded but refresh_token missing — original credentials restored",
+                    };
+                }
+            }
+        }
+        catch (err) {
+            // B3 fix: redact provider error messages before they reach DM / logs.
+            const rawDetail = err instanceof Error ? err.message : "unknown error";
+            const safeDetail = redactSensitiveString(rawDetail);
+            // Restore backup on exchange failure
+            if (backedUp)
+                restoreGeminiOAuthCreds();
+            result = {
+                ok: false,
+                reason: "exception",
+                detail: `Failed to exchange authorization code: ${safeDetail}`,
+            };
+        }
+        // Apply result (DB + telemetry + notification)
+        this.applyRecoveryResult(backendId, result);
+        internal.resolveCompletion(result);
+        internal.resolveCompletion = undefined;
+        this.activeRecoveries.delete(backendId);
+        return result;
+    }
+    /**
+     * Post-auth verification: check that oauth_creds.json exists and
+     * contains a refresh_token. Must match GeminiCliCore.checkAuthDetailed
+     * semantics — access_token alone is insufficient because it expires
+     * in ~1h and cannot be renewed without a refresh_token, causing the
+     * next hourly probe to flag it as expired.
+     */
+    async verifyGeminiAuth() {
+        try {
+            if (!existsSync(GEMINI_OAUTH_CREDS_PATH))
+                return false;
+            const raw = readFileSync(GEMINI_OAUTH_CREDS_PATH, "utf-8");
+            const creds = JSON.parse(raw);
+            return typeof creds.refresh_token === "string" && creds.refresh_token.length > 0;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Cancel an active recovery for a backend.
+     *
+     * Synchronously resets the DB row to `expired` so it is never left
+     * stuck in `recovering` even if the subprocess close event arrives
+     * late or never (B3 fix). The subprocess close handler may later
+     * call applyRecoveryResult, but that is guarded by
+     * `WHERE auth_status = 'recovering'` and will no-op.
+     */
+    cancelRecovery(backendId) {
+        const internal = this.activeRecoveries.get(backendId);
+        if (!internal)
+            return false;
+        // Synchronously reset DB BEFORE killing — daemon might exit before
+        // the close event arrives (B3).
+        this.resetRecoveringToExpired(backendId, "Recovery cancelled by user");
+        this.killRecoveryProcess(internal);
+        this.activeRecoveries.delete(backendId);
+        return true;
+    }
+    /**
+     * Graceful shutdown — kill all active recovery subprocesses.
+     * Called from the daemon's SIGTERM handler.
+     *
+     * Synchronously resets DB rows so they are never stuck in `recovering`
+     * across daemon restarts (reinforces reconcilePendingRecoveries).
+     * Scans the DB in addition to the in-memory map for defense-in-depth
+     * — if a recovery was started but the in-memory tracking diverged
+     * (e.g. partial init failure), the DB scan catches it.
+     */
+    shutdown() {
+        this.shuttingDown = true;
+        // 1. Kill tracked subprocesses
+        for (const internal of this.activeRecoveries.values()) {
+            this.killRecoveryProcess(internal);
+        }
+        this.activeRecoveries.clear();
+        // 2. Reset ALL recovering rows in DB (defense-in-depth)
+        try {
+            const ids = this.db.prepare("SELECT id FROM backends WHERE auth_status = 'recovering'").all().map((r) => r.id);
+            for (const id of ids) {
+                this.resetRecoveringToExpired(id, "Recovery interrupted by daemon shutdown");
+            }
+        }
+        catch (err) {
+            logger.warn({ err }, "shutdown: failed to reset recovering rows");
+        }
+    }
+    // ────────────────────────────────────────────────────────────
+    // Private helpers
+    // ────────────────────────────────────────────────────────────
+    /**
+     * Wait for the device code output from `codex login --device-auth`.
+     * Times out after 10 seconds if the expected output doesn't appear.
+     */
+    waitForDeviceCode(child) {
+        return new Promise((resolve, reject) => {
+            let stdout = "";
+            const PARSE_TIMEOUT_MS = 10_000;
+            const timer = setTimeout(() => {
+                cleanup();
+                killChildWithEscalation(child);
+                reject(new Error("Codex device auth did not produce a device code within 10s. " +
+                    `Captured stdout: ${redactSensitiveString(stdout.slice(0, 200))}`));
+            }, PARSE_TIMEOUT_MS);
+            timer.unref?.();
+            const onData = (chunk) => {
+                stdout += chunk.toString();
+                const info = parseCodexDeviceAuthOutput(stdout);
+                if (info) {
+                    cleanup();
+                    resolve(info);
+                }
+            };
+            const onError = (err) => {
+                cleanup();
+                reject(err);
+            };
+            const onClose = (code) => {
+                cleanup();
+                reject(new Error(`Codex login exited (code=${code}) before producing a device code.`));
+            };
+            child.stdout?.on("data", onData);
+            child.once("error", onError);
+            child.once("close", onClose);
+            function cleanup() {
+                clearTimeout(timer);
+                child.stdout?.off("data", onData);
+                child.off("error", onError);
+                child.off("close", onClose);
+            }
+        });
+    }
+    /**
+     * Monitor the Codex recovery subprocess until it exits.
+     *
+     * B2 fix: after `waitForDeviceCode` resolves, the child may have
+     * already exited (e.g. crash immediately after printing the code).
+     * We check `child.exitCode !== null` before registering `once("close")`
+     * and handle the already-exited case synchronously.
+     */
+    async monitorCodexRecovery(child, backendId, timeoutHandle) {
+        try {
+            const result = await new Promise((resolve) => {
+                const handleClose = async (code, signal) => {
+                    clearTimeout(timeoutHandle);
+                    try {
+                        if (code === 0) {
+                            const verified = await this.verifyCodexAuth();
+                            if (verified) {
+                                resolve({ ok: true, reason: "success", detail: "Device auth completed successfully" });
+                            }
+                            else {
+                                resolve({ ok: false, reason: "verification_failed", detail: "Device auth process exited 0 but login status check failed" });
+                            }
+                        }
+                        else if (signal) {
+                            resolve({ ok: false, reason: "killed", detail: `Recovery process killed (signal=${signal})` });
+                        }
+                        else {
+                            resolve({ ok: false, reason: "exit_error", detail: `Device auth failed (exit code=${code})` });
+                        }
+                    }
+                    catch (err) {
+                        resolve({ ok: false, reason: "exception", detail: `Recovery verification failed: ${err instanceof Error ? err.message : "unknown"}` });
+                    }
+                };
+                // B2 fix: child may have already exited between waitForDeviceCode
+                // resolve and this registration. Node sets child.exitCode
+                // synchronously on exit before emitting "close".
+                if (child.exitCode !== null) {
+                    void handleClose(child.exitCode, null);
+                }
+                else {
+                    child.once("close", (code, signal) => void handleClose(code, signal));
+                }
+            });
+            this.applyRecoveryResult(backendId, result);
+            return result;
+        }
+        finally {
+            this.activeRecoveries.delete(backendId);
+        }
+    }
+    /**
+     * Post-auth verification: run `codex login status` and check exit code.
+     */
+    async verifyCodexAuth() {
+        const cliPath = findExecutable("codex");
+        if (!cliPath)
+            return false;
+        try {
+            const result = await runLineCommand({
+                command: cliPath,
+                args: ["login", "status"],
+                cwd: process.cwd(),
+                timeoutMs: 10_000,
+            });
+            return result.exitCode === 0;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Wait for the OAuth URL from `claude auth login` stdout.
+     * Times out after 10 seconds if the expected output doesn't appear.
+     */
+    waitForClaudeAuthUrl(child) {
+        return new Promise((resolve, reject) => {
+            let stdout = "";
+            const PARSE_TIMEOUT_MS = 10_000;
+            const timer = setTimeout(() => {
+                cleanup();
+                killChildWithEscalation(child);
+                reject(new Error("Claude auth login did not produce an OAuth URL within 10s. " +
+                    `Captured stdout: ${redactSensitiveString(stdout.slice(0, 200))}`));
+            }, PARSE_TIMEOUT_MS);
+            timer.unref?.();
+            const onData = (chunk) => {
+                stdout += chunk.toString();
+                const url = parseClaudeAuthLoginOutput(stdout);
+                if (url) {
+                    cleanup();
+                    resolve(url);
+                }
+            };
+            const onError = (err) => {
+                cleanup();
+                reject(err);
+            };
+            const onClose = (code) => {
+                cleanup();
+                reject(new Error(`Claude auth login exited (code=${code}) before producing an OAuth URL.`));
+            };
+            child.stdout?.on("data", onData);
+            child.once("error", onError);
+            child.once("close", onClose);
+            function cleanup() {
+                clearTimeout(timer);
+                child.stdout?.off("data", onData);
+                child.off("error", onError);
+                child.off("close", onClose);
+            }
+        });
+    }
+    /**
+     * Monitor the Claude recovery subprocess until it exits.
+     * Mirrors monitorCodexRecovery — same B2 fix pattern.
+     */
+    async monitorClaudeRecovery(child, backendId, timeoutHandle) {
+        try {
+            const result = await new Promise((resolve) => {
+                const handleClose = async (code, signal) => {
+                    clearTimeout(timeoutHandle);
+                    try {
+                        if (code === 0) {
+                            const verified = await this.verifyClaudeAuth();
+                            if (verified) {
+                                resolve({ ok: true, reason: "success", detail: "Browser auth completed successfully" });
+                            }
+                            else {
+                                resolve({ ok: false, reason: "verification_failed", detail: "Claude auth process exited 0 but auth status check failed" });
+                            }
+                        }
+                        else if (signal) {
+                            resolve({ ok: false, reason: "killed", detail: `Recovery process killed (signal=${signal})` });
+                        }
+                        else {
+                            resolve({ ok: false, reason: "exit_error", detail: `Claude auth failed (exit code=${code})` });
+                        }
+                    }
+                    catch (err) {
+                        resolve({ ok: false, reason: "exception", detail: `Recovery verification failed: ${err instanceof Error ? err.message : "unknown"}` });
+                    }
+                };
+                if (child.exitCode !== null) {
+                    void handleClose(child.exitCode, null);
+                }
+                else {
+                    child.once("close", (code, signal) => void handleClose(code, signal));
+                }
+            });
+            this.applyRecoveryResult(backendId, result);
+            return result;
+        }
+        finally {
+            this.activeRecoveries.delete(backendId);
+        }
+    }
+    /**
+     * Post-auth verification: run `claude auth status --json` and check loggedIn.
+     */
+    async verifyClaudeAuth() {
+        const cliPath = findExecutable("claude");
+        if (!cliPath)
+            return false;
+        try {
+            const result = await runLineCommand({
+                command: cliPath,
+                args: ["auth", "status", "--json"],
+                cwd: process.cwd(),
+                timeoutMs: 10_000,
+            });
+            if (result.exitCode !== 0)
+                return false;
+            const stdout = result.stdoutLines.join("");
+            try {
+                const parsed = JSON.parse(stdout);
+                return parsed.loggedIn === true;
+            }
+            catch {
+                return false;
+            }
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Apply recovery result: update DB status and record telemetry.
+     */
+    applyRecoveryResult(backendId, result) {
+        try {
+            if (result.ok) {
+                // Persist success via AuthHealthMonitor — clears failure
+                // bookkeeping, stamps auth_last_success_at, records self-heal.
+                this.authHealthMonitor.persistCheckResult(backendId, {
+                    ok: true,
+                    status: "ok",
+                    method: "oauth",
+                    detail: result.detail,
+                });
+                this.incrementRecovery(backendId, "recovery_success");
+                this.telemetry.recordSelfHealObserved(backendId, "reactive");
+                logger.info({ backendId }, "Auth recovery succeeded");
+            }
+            else {
+                // Write `expired` back — the recovering subprocess no longer
+                // owns the row. Uses FIRST_EXPIRED_CASE_SQL (M4 fix) so that
+                // `auth_first_expired_at` is preserved from the pre-recovery
+                // state (the ELSE/COALESCE branch handles `recovering` →
+                // `expired`). The `WHERE auth_status = 'recovering'` guard
+                // ensures we only touch rows we own — if cancelRecovery or
+                // reconcilePendingRecoveries already reset the row, this is
+                // a no-op (B1 fix: writeAuthFailureDetail is gated on changes).
+                const nowIso = this.now().toISOString();
+                let changes = 0;
+                this.db.transaction(() => {
+                    const info = this.db
+                        .prepare(`UPDATE backends
+                  SET auth_status = 'expired',
+                      auth_checked_at = @now,
+                      auth_last_verified_at = @now,
+                      ${FIRST_EXPIRED_CASE_SQL},
+                      updated_at = @now
+                WHERE id = @id
+                  AND auth_status = 'recovering'`)
+                        .run({ now: nowIso, id: backendId });
+                    changes = Number(info.changes);
+                    // B1 fix: only write detail if the UPDATE actually matched.
+                    // If another path (cancelRecovery, reconcilePendingRecoveries)
+                    // already reset the row, we must not clobber their detail.
+                    if (changes > 0) {
+                        writeAuthFailureDetail(this.db, backendId, result.detail);
+                    }
+                })();
+                // M6 fix: use structured reason for counter attribution.
+                const counterKey = result.reason === "killed" || result.reason === "timeout"
+                    ? "recovery_timeout"
+                    : "recovery_failed";
+                this.incrementRecovery(backendId, counterKey);
+                logger.info({ backendId, detail: result.detail, reason: result.reason }, "Auth recovery failed");
+            }
+        }
+        catch (err) {
+            logger.warn({ err, backendId }, "Failed to apply recovery result to DB");
+        }
+        // Notify user of result (D2 fix: kind = "recovery")
+        this.notifyRecoveryComplete(backendId, result).catch((err) => {
+            logger.warn({ err, backendId }, "Failed to send recovery completion notification");
+        });
+    }
+    /**
+     * Synchronously reset a `recovering` row back to `expired`.
+     * Used by cancelRecovery and shutdown (B3 fix) so the DB is never
+     * left stuck even if the subprocess close event doesn't arrive.
+     */
+    resetRecoveringToExpired(backendId, detail) {
+        try {
+            const nowIso = this.now().toISOString();
+            this.db.transaction(() => {
+                const info = this.db
+                    .prepare(`UPDATE backends
+                SET auth_status = 'expired',
+                    auth_checked_at = @now,
+                    auth_last_verified_at = @now,
+                    ${FIRST_EXPIRED_CASE_SQL},
+                    updated_at = @now
+              WHERE id = @id
+                AND auth_status = 'recovering'`)
+                    .run({ now: nowIso, id: backendId });
+                if (Number(info.changes) > 0) {
+                    writeAuthFailureDetail(this.db, backendId, detail);
+                }
+            })();
+        }
+        catch (err) {
+            logger.warn({ err, backendId }, "resetRecoveringToExpired: DB write failed");
+        }
+    }
+    killRecoveryProcess(internal) {
+        clearTimeout(internal.timeoutHandle);
+        if (internal.child) {
+            killChildWithEscalation(internal.child);
+        }
+        // Gemini: reject the pending completion promise so callers aren't stuck
+        if (internal.resolveCompletion) {
+            internal.resolveCompletion({
+                ok: false,
+                reason: "killed",
+                detail: "Recovery cancelled",
+            });
+            internal.resolveCompletion = undefined;
+        }
+    }
+    /**
+     * Notify the user that a recovery completed (D2 fix: kind = "recovery").
+     */
+    async notifyRecoveryComplete(backendId, result) {
+        if (!this.notifier)
+            return;
+        const icon = result.ok ? "✅" : "❌";
+        // B3 fix: redact detail before sending to DM — provider error messages
+        // may contain token fragments or client credentials.
+        const safeDetail = redactSensitiveString(result.detail);
+        const msg = `${icon} ${backendId} auth recovery: ${safeDetail}`;
+        try {
+            await this.notifier.send(msg, { kind: "recovery" });
+        }
+        catch (err) {
+            logger.warn({ err }, "Failed to send recovery completion notification");
+        }
+    }
+    /**
+     * Increment a recovery telemetry counter.
+     * Recovery counters reuse the AuthTelemetry infrastructure with
+     * `source = "reactive"` since recovery is user-initiated.
+     */
+    incrementRecovery(backendId, key) {
+        try {
+            this.telemetry.increment(backendId, key, "reactive");
+        }
+        catch {
+            // Telemetry is best-effort
+        }
+    }
+}
+/**
+ * Write OAuth tokens to ~/.gemini/oauth_creds.json in the same format
+ * the Gemini CLI uses (mode 0600). Creates the directory if needed.
+ */
+function writeGeminiOAuthCreds(tokens) {
+    const dir = dirname(GEMINI_OAUTH_CREDS_PATH);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    const content = JSON.stringify(tokens, null, 2);
+    writeFileSync(GEMINI_OAUTH_CREDS_PATH, content, { mode: 0o600 });
+    try {
+        chmodSync(GEMINI_OAUTH_CREDS_PATH, 0o600);
+    }
+    catch {
+        // Best-effort
+    }
+}
+const GEMINI_OAUTH_CREDS_BACKUP = GEMINI_OAUTH_CREDS_PATH + ".pa-backup";
+/**
+ * B2 fix: backup existing oauth_creds.json before overwriting.
+ * Returns true if a backup was created.
+ */
+function backupGeminiOAuthCreds() {
+    try {
+        if (existsSync(GEMINI_OAUTH_CREDS_PATH)) {
+            copyFileSync(GEMINI_OAUTH_CREDS_PATH, GEMINI_OAUTH_CREDS_BACKUP);
+            return true;
+        }
+    }
+    catch (err) {
+        logger.debug({ err }, "Failed to backup oauth_creds.json — proceeding without backup");
+    }
+    return false;
+}
+/**
+ * B2 fix: restore oauth_creds.json from backup on recovery failure.
+ */
+function restoreGeminiOAuthCreds() {
+    try {
+        if (existsSync(GEMINI_OAUTH_CREDS_BACKUP)) {
+            copyFileSync(GEMINI_OAUTH_CREDS_BACKUP, GEMINI_OAUTH_CREDS_PATH);
+            unlinkSync(GEMINI_OAUTH_CREDS_BACKUP);
+            logger.info("Restored original oauth_creds.json from backup after failed recovery");
+        }
+    }
+    catch (err) {
+        logger.warn({ err }, "Failed to restore oauth_creds.json backup");
+    }
+}
+/**
+ * Remove the backup file after successful recovery.
+ */
+function removeGeminiOAuthCredsBackup() {
+    try {
+        if (existsSync(GEMINI_OAUTH_CREDS_BACKUP)) {
+            unlinkSync(GEMINI_OAUTH_CREDS_BACKUP);
+        }
+    }
+    catch {
+        // Best-effort
+    }
+}
+//# sourceMappingURL=auth-recovery.js.map