@albinocrabs/o-switcher 0.1.0

package/dist/index.js

@@ -0,0 +1,835 @@
+import {
+  ADMISSION_RESULTS,
+  BackoffConfigSchema,
+  ConfigValidationError,
+  DEFAULT_ALPHA,
+  DEFAULT_BACKOFF_BASE_MS,
+  DEFAULT_BACKOFF_JITTER,
+  DEFAULT_BACKOFF_MAX_MS,
+  DEFAULT_BACKOFF_MULTIPLIER,
+  DEFAULT_BACKOFF_PARAMS,
+  DEFAULT_FAILOVER_BUDGET,
+  DEFAULT_RETRY,
+  DEFAULT_RETRY_BUDGET,
+  DEFAULT_TIMEOUT_MS,
+  DualBreaker,
+  EXCLUSION_REASONS,
+  ErrorClassSchema,
+  INITIAL_HEALTH_SCORE,
+  REDACT_PATHS,
+  SwitcherConfigSchema,
+  TARGET_STATES,
+  TargetConfigSchema,
+  TargetRegistry,
+  addProfile,
+  applyConfigDiff,
+  checkHardRejects,
+  computeBackoffMs,
+  computeConfigDiff,
+  computeCooldownMs,
+  computeScore,
+  createAdmissionController,
+  createAuditLogger,
+  createAuthWatcher,
+  createCircuitBreaker,
+  createConcurrencyTracker,
+  createCooldownManager,
+  createFailoverOrchestrator,
+  createLogSubscriber,
+  createOperatorTools,
+  createProfileTools,
+  createRegistry,
+  createRequestLogger,
+  createRequestTraceBuffer,
+  createRetryPolicy,
+  createRoutingEventBus,
+  disableTarget,
+  discoverTargets,
+  discoverTargetsFromProfiles,
+  drainTarget,
+  generateCorrelationId,
+  getExclusionReason,
+  getTargetStateTransition,
+  inspectRequest,
+  isRetryable,
+  listProfiles,
+  listTargets,
+  loadProfiles,
+  nextProfileId,
+  normalizeLatency,
+  pauseTarget,
+  reloadConfig,
+  removeProfile,
+  resumeTarget,
+  saveProfiles,
+  selectTarget,
+  updateHealthScore,
+  updateLatencyEma,
+  validateConfig
+} from "./chunk-BTDKGS7P.js";
+
+// src/mode/detection.ts
+var detectDeploymentMode = (hint) => {
+  if (hint !== "auto") {
+    return hint;
+  }
+  return "plugin-only";
+};
+var getSignalFidelity = (mode) => {
+  if (mode === "plugin-only") {
+    return "heuristic";
+  }
+  return "direct";
+};
+var getModeCapabilities = (mode) => {
+  if (mode === "plugin-only") {
+    return {
+      mode,
+      signalFidelity: "heuristic",
+      hasHttpStatus: false,
+      hasRetryAfterHeader: false,
+      hasOperatorApi: false
+    };
+  }
+  return {
+    mode,
+    signalFidelity: "direct",
+    hasHttpStatus: true,
+    hasRetryAfterHeader: true,
+    hasOperatorApi: true
+  };
+};
+
+// src/errors/corpus.ts
+var PROVIDER_PATTERNS = [
+  // Anthropic
+  { provider: "anthropic", http_status: 400, error_type_field: "error.type", error_type_value: "invalid_request_error", error_class: "PolicyFailure" },
+  { provider: "anthropic", http_status: 401, error_type_field: "error.type", error_type_value: "authentication_error", error_class: "AuthFailure" },
+  { provider: "anthropic", http_status: 402, error_type_field: "error.type", error_type_value: "billing_error", error_class: "QuotaExhausted" },
+  { provider: "anthropic", http_status: 403, error_type_field: "error.type", error_type_value: "permission_error", error_class: "PermissionFailure" },
+  { provider: "anthropic", http_status: 404, error_type_field: "error.type", error_type_value: "not_found_error", error_class: "ModelUnavailable" },
+  { provider: "anthropic", http_status: 429, error_type_field: "error.type", error_type_value: "rate_limit_error", error_class: "RateLimited" },
+  { provider: "anthropic", http_status: 500, error_type_field: "error.type", error_type_value: "api_error", error_class: "TransientServerFailure" },
+  { provider: "anthropic", http_status: 504, error_type_field: "error.type", error_type_value: "timeout_error", error_class: "TransportFailure" },
+  { provider: "anthropic", http_status: 529, error_type_field: "error.type", error_type_value: "overloaded_error", error_class: "RateLimited", notes: "Server capacity exhaustion; backoff on same provider, do NOT failover" },
+  // OpenAI
+  { provider: "openai", http_status: 400, error_type_field: "error.code", error_type_value: "", error_class: "PolicyFailure" },
+  { provider: "openai", http_status: 401, error_type_field: "error.code", error_type_value: "invalid_api_key", error_class: "AuthFailure" },
+  { provider: "openai", http_status: 403, error_type_field: "error.code", error_type_value: "unsupported_country_region_territory", error_class: "RegionRestriction", notes: "GeoIP block \u2014 collected 2026-04-11 from real API" },
+  { provider: "openai", http_status: 403, error_type_field: "error.code", error_type_value: "", error_class: "PermissionFailure" },
+  { provider: "openai", http_status: 429, error_type_field: "error.code", error_type_value: "rate_limit_exceeded", error_class: "RateLimited" },
+  { provider: "openai", http_status: 429, error_type_field: "error.code", error_type_value: "insufficient_quota", error_class: "QuotaExhausted", notes: "Billing exhausted -- NOT retryable" },
+  { provider: "openai", http_status: 500, error_type_field: "error.code", error_type_value: "", error_class: "TransientServerFailure" },
+  { provider: "openai", http_status: 503, error_type_field: "error.code", error_type_value: "", error_class: "TransientServerFailure" },
+  // Google Vertex AI / Gemini
+  { provider: "google", http_status: 400, error_type_field: "error.status", error_type_value: "INVALID_ARGUMENT", error_class: "PolicyFailure" },
+  { provider: "google", http_status: 403, error_type_field: "error.status", error_type_value: "PERMISSION_DENIED", error_class: "PermissionFailure" },
+  { provider: "google", http_status: 429, error_type_field: "error.status", error_type_value: "RESOURCE_EXHAUSTED", error_class: "RateLimited" },
+  { provider: "google", http_status: 500, error_type_field: "error.status", error_type_value: "INTERNAL", error_class: "TransientServerFailure" },
+  { provider: "google", http_status: 503, error_type_field: "error.status", error_type_value: "UNAVAILABLE", error_class: "TransientServerFailure" },
+  // AWS Bedrock
+  { provider: "bedrock", http_status: 429, error_type_field: "__type", error_type_value: "ThrottlingException", error_class: "RateLimited" },
+  { provider: "bedrock", http_status: 408, error_type_field: "__type", error_type_value: "ModelTimeoutException", error_class: "TransportFailure" },
+  { provider: "bedrock", http_status: 424, error_type_field: "__type", error_type_value: "ModelNotReadyException", error_class: "ModelUnavailable" },
+  { provider: "bedrock", http_status: 403, error_type_field: "__type", error_type_value: "AccessDeniedException", error_class: "PermissionFailure" },
+  { provider: "bedrock", http_status: 400, error_type_field: "__type", error_type_value: "ValidationException", error_class: "PolicyFailure" },
+  { provider: "bedrock", http_status: 500, error_type_field: "__type", error_type_value: "InternalServerException", error_class: "TransientServerFailure" }
+];
+var HEURISTIC_PATTERNS = [
+  // Transport errors (high confidence -- these are unambiguous)
+  { pattern: /ECONNREFUSED|ECONNRESET|ETIMEDOUT/, error_class: "TransportFailure", confidence: "high" },
+  // Quota patterns (before rate limit to avoid misclassification -- Pitfall 2/3)
+  { pattern: /quota\s*(?:exceeded|exhausted)/i, error_class: "QuotaExhausted", confidence: "medium" },
+  { pattern: /insufficient\s*quota/i, error_class: "QuotaExhausted", confidence: "medium", provider: "openai" },
+  { pattern: /billing/i, error_class: "QuotaExhausted", confidence: "low", provider: "openai" },
+  // Rate limit patterns
+  { pattern: /rate\s*limit/i, error_class: "RateLimited", confidence: "medium" },
+  { pattern: /too many requests/i, error_class: "RateLimited", confidence: "medium" },
+  { pattern: /retry\s*after/i, error_class: "RateLimited", confidence: "medium" },
+  { pattern: /overloaded/i, error_class: "RateLimited", confidence: "medium", provider: "anthropic" },
+  { pattern: /resource\s*exhausted/i, error_class: "RateLimited", confidence: "medium", provider: "google" },
+  // Auth patterns
+  { pattern: /authentication/i, error_class: "AuthFailure", confidence: "medium" },
+  { pattern: /invalid\s*api\s*key/i, error_class: "AuthFailure", confidence: "medium" },
+  { pattern: /unauthorized/i, error_class: "AuthFailure", confidence: "medium" },
+  // Permission patterns
+  { pattern: /permission\s*denied/i, error_class: "PermissionFailure", confidence: "medium" },
+  { pattern: /forbidden/i, error_class: "PermissionFailure", confidence: "low" },
+  // Model availability patterns
+  { pattern: /model\s*not\s*(?:available|ready|found)/i, error_class: "ModelUnavailable", confidence: "medium" },
+  { pattern: /not\s*found/i, error_class: "ModelUnavailable", confidence: "low" },
+  // Transport patterns (lower confidence than ECONNREFUSED)
+  { pattern: /timeout/i, error_class: "TransportFailure", confidence: "low" },
+  // Region restriction (requires both keywords)
+  { pattern: /unsupported.country.*region.*territory/i, error_class: "RegionRestriction", confidence: "high", notes: "OpenAI GeoIP block \u2014 collected 2026-04-11" },
+  { pattern: /country.*region.*not supported/i, error_class: "RegionRestriction", confidence: "high" },
+  { pattern: /region.*restrict|restrict.*region/i, error_class: "RegionRestriction", confidence: "low" }
+];
+var TEMPORAL_QUOTA_PATTERN = /too many tokens per (?:day|month|hour|week)/i;
+
+// src/errors/classifier.ts
+var buildErrorClass = (className, extras) => {
+  switch (className) {
+    case "RateLimited":
+      return {
+        class: "RateLimited",
+        retryable: true,
+        retry_after_ms: extras?.retry_after_ms,
+        provider_reason: extras?.provider_reason
+      };
+    case "QuotaExhausted":
+      return {
+        class: "QuotaExhausted",
+        retryable: false,
+        provider_reason: extras?.provider_reason
+      };
+    case "AuthFailure":
+      return { class: "AuthFailure", retryable: false, recovery_attempted: false };
+    case "PermissionFailure":
+      return { class: "PermissionFailure", retryable: false };
+    case "PolicyFailure":
+      return { class: "PolicyFailure", retryable: false };
+    case "RegionRestriction":
+      return { class: "RegionRestriction", retryable: false };
+    case "ModelUnavailable":
+      return { class: "ModelUnavailable", retryable: false, failover_eligible: true };
+    case "TransientServerFailure":
+      return {
+        class: "TransientServerFailure",
+        retryable: true,
+        http_status: extras?.http_status
+      };
+    case "TransportFailure":
+      return { class: "TransportFailure", retryable: true };
+    case "InterruptedExecution":
+      return { class: "InterruptedExecution", retryable: true };
+    default:
+      return { class: "TransientServerFailure", retryable: true, http_status: extras?.http_status };
+  }
+};
+var extractErrorTypeFromBody = (body) => {
+  if (typeof body !== "object" || body === null) return void 0;
+  const b = body;
+  const errorObj = b.error;
+  if (typeof errorObj === "object" && errorObj !== null) {
+    if (typeof errorObj.type === "string") return errorObj.type;
+    if (typeof errorObj.code === "string") return errorObj.code;
+    if (typeof errorObj.status === "string") return errorObj.status;
+  }
+  if (typeof b.__type === "string") return b.__type;
+  return void 0;
+};
+var classifyDirect = (signal) => {
+  const status = signal.http_status;
+  const errorType = signal.error_type ?? extractErrorTypeFromBody(signal.response_body);
+  const errorMessage = signal.error_message ?? "";
+  if (status === 429 && TEMPORAL_QUOTA_PATTERN.test(errorMessage)) {
+    return {
+      error_class: buildErrorClass("QuotaExhausted"),
+      detection_mode: "direct",
+      confidence: "high",
+      raw_signal: signal
+    };
+  }
+  if (status === 429 && errorType === "insufficient_quota") {
+    return {
+      error_class: buildErrorClass("QuotaExhausted"),
+      detection_mode: "direct",
+      confidence: "high",
+      raw_signal: signal
+    };
+  }
+  if (status === 529 && errorType === "overloaded_error") {
+    return {
+      error_class: buildErrorClass("RateLimited", {
+        retry_after_ms: signal.retry_after_ms,
+        provider_reason: "server_capacity_exhaustion"
+      }),
+      detection_mode: "direct",
+      confidence: "high",
+      raw_signal: signal
+    };
+  }
+  if (errorType) {
+    const match = PROVIDER_PATTERNS.find(
+      (p) => p.http_status === status && p.error_type_value === errorType
+    );
+    if (match) {
+      return {
+        error_class: buildErrorClass(match.error_class, {
+          retry_after_ms: signal.retry_after_ms,
+          http_status: status
+        }),
+        detection_mode: "direct",
+        confidence: "high",
+        raw_signal: signal
+      };
+    }
+  }
+  if (errorType === "ThrottlingException" && TEMPORAL_QUOTA_PATTERN.test(errorMessage)) {
+    return {
+      error_class: buildErrorClass("QuotaExhausted"),
+      detection_mode: "direct",
+      confidence: "high",
+      raw_signal: signal
+    };
+  }
+  const fallbackClass = getClassFromStatus(status);
+  return {
+    error_class: buildErrorClass(fallbackClass, {
+      retry_after_ms: signal.retry_after_ms,
+      http_status: status
+    }),
+    detection_mode: "direct",
+    confidence: "high",
+    raw_signal: signal
+  };
+};
+var getClassFromStatus = (status) => {
+  if (status === 400) return "PolicyFailure";
+  if (status === 401) return "AuthFailure";
+  if (status === 402) return "QuotaExhausted";
+  if (status === 403) return "PermissionFailure";
+  if (status === 404) return "ModelUnavailable";
+  if (status === 408) return "TransportFailure";
+  if (status === 429) return "RateLimited";
+  if (status >= 500) return "TransientServerFailure";
+  return "TransientServerFailure";
+};
+var classifyHeuristic = (signal) => {
+  const message = signal.error_message ?? "";
+  if (TEMPORAL_QUOTA_PATTERN.test(message)) {
+    return {
+      error_class: buildErrorClass("QuotaExhausted"),
+      detection_mode: "heuristic",
+      confidence: "medium",
+      raw_signal: signal
+    };
+  }
+  for (const hp of HEURISTIC_PATTERNS) {
+    if (hp.pattern.test(message)) {
+      return {
+        error_class: buildErrorClass(hp.error_class),
+        detection_mode: "heuristic",
+        confidence: hp.confidence,
+        raw_signal: signal
+      };
+    }
+  }
+  return {
+    error_class: buildErrorClass("TransientServerFailure"),
+    detection_mode: "heuristic",
+    confidence: "low",
+    raw_signal: signal
+  };
+};
+var classify = (signal) => {
+  if (signal.http_status !== void 0) {
+    return classifyDirect(signal);
+  }
+  return classifyHeuristic(signal);
+};
+
+// src/errors/direct-adapter.ts
+var extractErrorType = (body) => {
+  if (typeof body !== "object" || body === null) {
+    return void 0;
+  }
+  const b = body;
+  const errorObj = b.error;
+  if (typeof errorObj === "object" && errorObj !== null) {
+    if (typeof errorObj.type === "string") return errorObj.type;
+    if (typeof errorObj.code === "string") return errorObj.code;
+    if (typeof errorObj.status === "string") return errorObj.status;
+  }
+  if (typeof b.__type === "string") return b.__type;
+  return void 0;
+};
+var extractErrorMessage = (body) => {
+  if (typeof body !== "object" || body === null) {
+    return void 0;
+  }
+  const b = body;
+  const errorObj = b.error;
+  if (typeof errorObj === "object" && errorObj !== null) {
+    if (typeof errorObj.message === "string") return errorObj.message;
+  }
+  if (typeof b.message === "string") return b.message;
+  return void 0;
+};
+var extractRetryAfterMs = (headers) => {
+  if (!headers) return void 0;
+  const value = headers["retry-after"] ?? headers["Retry-After"];
+  if (!value) return void 0;
+  const seconds = Number(value);
+  if (Number.isNaN(seconds) || seconds < 0) return void 0;
+  return seconds * 1e3;
+};
+var directSignalFromResponse = (status, body, headers) => ({
+  http_status: status,
+  error_type: extractErrorType(body),
+  error_message: extractErrorMessage(body),
+  response_body: body,
+  detection_mode: "direct",
+  retry_after_ms: extractRetryAfterMs(headers)
+});
+
+// src/errors/heuristic-adapter.ts
+var heuristicSignalFromEvent = (eventType, message, providerId) => ({
+  error_type: eventType,
+  error_message: message,
+  detection_mode: "heuristic",
+  provider_id: providerId
+});
+
+// src/execution/stream-buffer.ts
+var createStreamBuffer = () => {
+  const chunks = [];
+  return {
+    /**
+     * Appends a chunk to the buffer.
+     *
+     * @param chunk - The stream chunk to append.
+     * @returns The index of the appended chunk (0-based).
+     */
+    append(chunk) {
+      chunks.push(chunk);
+      return chunks.length - 1;
+    },
+    /**
+     * Returns a readonly copy of all accumulated chunks.
+     *
+     * The returned array is a shallow copy; mutations to it
+     * do not affect the internal buffer.
+     *
+     * @returns Readonly array of confirmed chunks.
+     */
+    confirmed() {
+      return [...chunks];
+    },
+    /**
+     * Returns the total character count across all confirmed chunks.
+     *
+     * Used to compute visible_offset for segment provenance.
+     *
+     * @returns Total character count.
+     */
+    confirmedCharCount() {
+      return chunks.reduce((sum, c) => sum + c.text.length, 0);
+    },
+    /**
+     * Returns the concatenated text of all confirmed chunks.
+     *
+     * This is the confirmed output that can be preserved on
+     * interruption and used as prefix for stream stitching.
+     *
+     * @returns Concatenated confirmed text.
+     */
+    snapshot() {
+      return chunks.map((c) => c.text).join("");
+    }
+  };
+};
+
+// src/execution/stream-stitcher.ts
+var determineContinuationMode = (oldTargetId, newTargetId, sameModel) => {
+  if (oldTargetId === newTargetId) {
+    return "same_target_resume";
+  }
+  return sameModel ? "same_model_alternate_target" : "cross_model_semantic";
+};
+var createStreamStitcher = (_requestId) => {
+  const segments = [];
+  return {
+    /**
+     * Adds a segment to the stitcher.
+     *
+     * Computes visible_offset as the cumulative character count
+     * of all previously added segments.
+     *
+     * @param buffer - The stream buffer containing the segment's chunks.
+     * @param provenance - Segment provenance without visible_offset (computed here).
+     */
+    addSegment(buffer, provenance) {
+      const visibleOffset = segments.reduce(
+        (sum, entry) => sum + entry.text.length,
+        0
+      );
+      segments.push({
+        text: buffer.snapshot(),
+        provenance: { ...provenance, visible_offset: visibleOffset }
+      });
+    },
+    /**
+     * Assembles the final stitched output.
+     *
+     * @returns StitchedOutput with concatenated text, segments, and boundaries.
+     */
+    assemble() {
+      const text = segments.map((s) => s.text).join("");
+      const provenanceList = segments.map((s) => s.provenance);
+      const continuationBoundaries = provenanceList.slice(1).map((p) => p.visible_offset);
+      return {
+        text,
+        segments: provenanceList,
+        continuation_boundaries: continuationBoundaries
+      };
+    },
+    /**
+     * Returns the number of segments added so far.
+     *
+     * @returns Segment count.
+     */
+    segmentCount() {
+      return segments.length;
+    }
+  };
+};
+
+// src/execution/audit-collector.ts
+var createAuditCollector = (logger, requestId) => {
+  const requestLogger = createRequestLogger(logger, requestId);
+  const attempts = [];
+  const segments = [];
+  return {
+    recordAttempt(attempt) {
+      attempts.push(attempt);
+    },
+    recordSegment(segment) {
+      segments.push(segment);
+    },
+    flush(outcome, finalTarget, stats) {
+      requestLogger.info({
+        event_type: "request_complete",
+        outcome,
+        final_target: finalTarget,
+        total_attempts: attempts.length,
+        total_segments: segments.length,
+        total_retries: stats?.total_retries,
+        total_failovers: stats?.total_failovers,
+        latency_ms: stats?.latency_ms,
+        attempts: [...attempts],
+        segments: [...segments]
+      });
+    }
+  };
+};
+
+// src/execution/orchestrator.ts
+var createExecutionOrchestrator = (deps) => ({
+  async execute(request) {
+    const requestId = request.request_id || generateCorrelationId();
+    const auditCollector = createAuditCollector(deps.logger, requestId);
+    const stitcher = createStreamStitcher(requestId);
+    const startMs = Date.now();
+    const heuristicFlags = [];
+    let outcome = "failure";
+    let finalTarget;
+    let summaryAttempts = 0;
+    let summaryRetries = 0;
+    let summaryFailovers = 0;
+    let summaryTargets = [];
+    try {
+      const failoverResult = await deps.failover.execute(
+        requestId,
+        async (targetId) => {
+          const buffer = createStreamBuffer();
+          const adapterResult = await deps.adapter.execute(targetId, request);
+          for (const chunk of adapterResult.chunks) {
+            buffer.append(chunk);
+          }
+          heuristicFlags.push(
+            adapterResult.detection_mode === "heuristic"
+          );
+          const value = { buffer, adapterResult };
+          return {
+            success: adapterResult.success,
+            value,
+            error_class: adapterResult.error_class,
+            latency_ms: adapterResult.latency_ms
+          };
+        },
+        []
+      );
+      for (const attempt of failoverResult.attempts) {
+        auditCollector.recordAttempt(attempt);
+      }
+      summaryAttempts = failoverResult.attempts.length;
+      summaryRetries = failoverResult.total_retries;
+      summaryFailovers = failoverResult.total_failovers;
+      summaryTargets = [...new Set(failoverResult.attempts.map((a) => a.target_id))];
+      if (failoverResult.outcome === "success") {
+        outcome = "success";
+        finalTarget = failoverResult.target_id;
+        const attemptValue = failoverResult.value;
+        const continuationMode = stitcher.segmentCount() === 0 ? "same_target_resume" : "same_target_resume";
+        stitcher.addSegment(attemptValue.buffer, {
+          request_id: requestId,
+          segment_id: stitcher.segmentCount(),
+          source_target_id: failoverResult.target_id,
+          continuation_mode: continuationMode,
+          non_deterministic: false
+        });
+        const segmentProvenance = stitcher.assemble().segments;
+        for (const seg of segmentProvenance) {
+          auditCollector.recordSegment(seg);
+        }
+        const stitchedOutput = stitcher.assemble();
+        const isDegraded2 = deps.mode === "plugin-only";
+        const isHeuristic2 = heuristicFlags.some(Boolean);
+        const uniqueModes = [
+          ...new Set(stitchedOutput.segments.map((s) => s.continuation_mode))
+        ];
+        const uniqueTargets = [
+          ...new Set(stitchedOutput.segments.map((s) => s.source_target_id))
+        ];
+        const provenance2 = {
+          request_id: requestId,
+          segments: stitchedOutput.segments,
+          continuation_modes: uniqueModes,
+          targets_involved: uniqueTargets,
+          total_attempts: failoverResult.attempts.length,
+          degraded: isDegraded2,
+          degraded_reason: isDegraded2 ? "plugin-only mode: limited failover capability" : void 0,
+          heuristic_detection: isHeuristic2
+        };
+        return {
+          success: true,
+          output: stitchedOutput.text,
+          provenance: provenance2
+        };
+      }
+      const isDegraded = deps.mode === "plugin-only";
+      const isHeuristic = heuristicFlags.some(Boolean);
+      const provenance = {
+        request_id: requestId,
+        segments: [],
+        continuation_modes: [],
+        targets_involved: [],
+        total_attempts: failoverResult.attempts.length,
+        degraded: isDegraded,
+        degraded_reason: isDegraded ? "plugin-only mode: limited failover capability" : void 0,
+        heuristic_detection: isHeuristic
+      };
+      return {
+        success: false,
+        output: "",
+        provenance
+      };
+    } finally {
+      auditCollector.flush(outcome, finalTarget);
+      const requestLogger = createRequestLogger(deps.logger, requestId);
+      const endMs = Date.now();
+      requestLogger.info({
+        event: "request_summary",
+        component: "execution",
+        outcome,
+        total_attempts: summaryAttempts,
+        total_failovers: summaryFailovers,
+        total_retries: summaryRetries,
+        latency_ms: endMs - startMs,
+        targets_used: summaryTargets,
+        final_target: finalTarget ?? null
+      }, "Request complete");
+    }
+  }
+});
+
+// src/execution/adapters/plugin-adapter.ts
+var createPluginAdapter = (_deps) => ({
+  /**
+   * Executes a request in plugin-only mode.
+   *
+   * Phase 3 stub: returns a not-yet-implemented result.
+   * Phase 4 will wire this to OpenCode plugin lifecycle hooks.
+   *
+   * @param _targetId - The target to execute against.
+   * @param _request - The adapter request payload.
+   * @returns AdapterResult with heuristic detection mode.
+   */
+  async execute(_targetId, _request) {
+    const start = Date.now();
+    return {
+      success: false,
+      chunks: [],
+      error_class: void 0,
+      latency_ms: Date.now() - start,
+      detection_mode: "heuristic"
+    };
+  }
+});
+
+// src/execution/adapters/server-adapter.ts
+var createServerAdapter = (_deps) => ({
+  /**
+   * Executes a request in server-companion mode.
+   *
+   * Phase 3 stub: returns a not-yet-implemented result.
+   * Phase 4 will wire this to the OpenCode SDK client, extracting
+   * statusCode, responseHeaders['retry-after'], and responseBody
+   * from SDK ApiError for direct error classification.
+   *
+   * @param _targetId - The target to execute against.
+   * @param _request - The adapter request payload.
+   * @returns AdapterResult with direct detection mode.
+   */
+  async execute(_targetId, _request) {
+    const start = Date.now();
+    return {
+      success: false,
+      chunks: [],
+      error_class: void 0,
+      latency_ms: Date.now() - start,
+      detection_mode: "direct"
+    };
+  }
+});
+
+// src/execution/adapters/sdk-adapter.ts
+var createSdkAdapter = (_deps) => ({
+  /**
+   * Executes a request in SDK-control mode.
+   *
+   * Phase 3 stub: returns a not-yet-implemented result.
+   * Phase 4 will wire this to the OpenCode SDK client with full
+   * session management and provider control capabilities.
+   *
+   * @param _targetId - The target to execute against.
+   * @param _request - The adapter request payload.
+   * @returns AdapterResult with direct detection mode.
+   */
+  async execute(_targetId, _request) {
+    const start = Date.now();
+    return {
+      success: false,
+      chunks: [],
+      error_class: void 0,
+      latency_ms: Date.now() - start,
+      detection_mode: "direct"
+    };
+  }
+});
+
+// src/execution/adapters/adapter-factory.ts
+var createModeAdapter = (mode, deps) => {
+  switch (mode) {
+    case "plugin-only":
+      return createPluginAdapter(deps);
+    case "server-companion":
+      return createServerAdapter(deps);
+    case "sdk-control":
+      return createSdkAdapter(deps);
+    default: {
+      const _exhaustive = mode;
+      throw new Error(`Unknown deployment mode: ${String(_exhaustive)}`);
+    }
+  }
+};
+
+// src/operator/server-auth.ts
+import { timingSafeEqual } from "crypto";
+var validateBearerToken = (authHeader, expectedToken) => {
+  if (authHeader === void 0) {
+    return { authorized: false, reason: "missing Authorization header" };
+  }
+  if (!authHeader.startsWith("Bearer ")) {
+    return { authorized: false, reason: "invalid Authorization scheme" };
+  }
+  const token = authHeader.slice(7);
+  if (token.length !== expectedToken.length) {
+    return { authorized: false, reason: "invalid token" };
+  }
+  const tokenBuffer = Buffer.from(token);
+  const expectedBuffer = Buffer.from(expectedToken);
+  if (!timingSafeEqual(tokenBuffer, expectedBuffer)) {
+    return { authorized: false, reason: "invalid token" };
+  }
+  return { authorized: true };
+};
+export {
+  ADMISSION_RESULTS,
+  BackoffConfigSchema,
+  ConfigValidationError,
+  DEFAULT_ALPHA,
+  DEFAULT_BACKOFF_BASE_MS,
+  DEFAULT_BACKOFF_JITTER,
+  DEFAULT_BACKOFF_MAX_MS,
+  DEFAULT_BACKOFF_MULTIPLIER,
+  DEFAULT_BACKOFF_PARAMS,
+  DEFAULT_FAILOVER_BUDGET,
+  DEFAULT_RETRY,
+  DEFAULT_RETRY_BUDGET,
+  DEFAULT_TIMEOUT_MS,
+  DualBreaker,
+  EXCLUSION_REASONS,
+  ErrorClassSchema,
+  HEURISTIC_PATTERNS,
+  INITIAL_HEALTH_SCORE,
+  PROVIDER_PATTERNS,
+  REDACT_PATHS,
+  SwitcherConfigSchema,
+  TARGET_STATES,
+  TEMPORAL_QUOTA_PATTERN,
+  TargetConfigSchema,
+  TargetRegistry,
+  addProfile,
+  applyConfigDiff,
+  checkHardRejects,
+  classify,
+  computeBackoffMs,
+  computeConfigDiff,
+  computeCooldownMs,
+  computeScore,
+  createAdmissionController,
+  createAuditCollector,
+  createAuditLogger,
+  createAuthWatcher,
+  createCircuitBreaker,
+  createConcurrencyTracker,
+  createCooldownManager,
+  createExecutionOrchestrator,
+  createFailoverOrchestrator,
+  createLogSubscriber,
+  createModeAdapter,
+  createOperatorTools,
+  createProfileTools,
+  createRegistry,
+  createRequestLogger,
+  createRequestTraceBuffer,
+  createRetryPolicy,
+  createRoutingEventBus,
+  createStreamBuffer,
+  createStreamStitcher,
+  detectDeploymentMode,
+  determineContinuationMode,
+  directSignalFromResponse,
+  disableTarget,
+  discoverTargets,
+  discoverTargetsFromProfiles,
+  drainTarget,
+  extractRetryAfterMs,
+  generateCorrelationId,
+  getExclusionReason,
+  getModeCapabilities,
+  getSignalFidelity,
+  getTargetStateTransition,
+  heuristicSignalFromEvent,
+  inspectRequest,
+  isRetryable,
+  listProfiles,
+  listTargets,
+  loadProfiles,
+  nextProfileId,
+  normalizeLatency,
+  pauseTarget,
+  reloadConfig,
+  removeProfile,
+  resumeTarget,
+  saveProfiles,
+  selectTarget,
+  updateHealthScore,
+  updateLatencyEma,
+  validateBearerToken,
+  validateConfig
+};
+//# sourceMappingURL=index.js.map