@burdenoff/vibe-agent 2.1.1 → 2.3.0

package/dist/{app-31chs2a1.js → index-wr0mkm57.js}

@@ -1,18 +1,9 @@
 // @bun
-import {
-  ServiceRegistry,
-  checkDependencies,
-  installDependencies
-} from "./index-t06ktmx9.js";
 import {
   __export,
   __require,
   __toESM
 } from "./index-g8dczzvv.js";
-import {
-  PluginManager,
-  logger
-} from "./plugin-system-bg1pzjj9.js";
 
 // node_modules/@sinclair/typebox/build/esm/type/guard/value.mjs
 var exports_value = {};
@@ -1058,7 +1049,7 @@ function Literal(value, options) {
 }
 
 // node_modules/@sinclair/typebox/build/esm/type/boolean/boolean.mjs
-function Boolean2(options) {
+function Boolean(options) {
   return CreateType({ [Kind]: "Boolean", type: "boolean" }, options);
 }
 
@@ -1080,7 +1071,7 @@ function String2(options) {
 // node_modules/@sinclair/typebox/build/esm/type/template-literal/syntax.mjs
 function* FromUnion(syntax) {
   const trim = syntax.trim().replace(/"|'/g, "");
-  return trim === "boolean" ? yield Boolean2() : trim === "number" ? yield Number2() : trim === "bigint" ? yield BigInt2() : trim === "string" ? yield String2() : yield (() => {
+  return trim === "boolean" ? yield Boolean() : trim === "number" ? yield Number2() : trim === "bigint" ? yield BigInt2() : trim === "string" ? yield String2() : yield (() => {
     const literals = trim.split("|").map((literal) => Literal(literal.trim()));
     return literals.length === 0 ? Never() : literals.length === 1 ? literals[0] : UnionEvaluated(literals);
   })();
@@ -2693,7 +2684,7 @@ __export(exports_type3, {
   Const: () => Const,
   Composite: () => Composite,
   Capitalize: () => Capitalize,
-  Boolean: () => Boolean2,
+  Boolean: () => Boolean,
   BigInt: () => BigInt2,
   Awaited: () => Awaited,
   AsyncIterator: () => AsyncIterator,
@@ -13966,8 +13957,8 @@ class Elysia {
   }
   handle = async (request) => this.fetch(request);
   get fetch() {
-    let fetch2 = this.config.aot ? composeGeneralHandler(this) : createDynamicHandler(this);
-    return Object.defineProperty(this, "fetch", { value: fetch2, configurable: true, writable: true }), fetch2;
+    let fetch = this.config.aot ? composeGeneralHandler(this) : createDynamicHandler(this);
+    return Object.defineProperty(this, "fetch", { value: fetch, configurable: true, writable: true }), fetch;
   }
   handleError = async (context, error) => {
     return (this.handleError = this.config.aot ? composeErrorHandler(this) : createDynamicErrorHandler(this))(context, error);
@@ -13987,3191 +13978,7 @@ class Elysia {
   }
 }
 
-// node_modules/@elysiajs/cors/dist/index.mjs
-var isBun2 = typeof new Headers()?.toJSON === "function";
-var processHeaders = (headers) => {
-  if (isBun2)
-    return Object.keys(headers.toJSON()).join(", ");
-  let keys = "";
-  let i = 0;
-  headers.forEach((_2, key) => {
-    if (i)
-      keys = keys + ", " + key;
-    else
-      keys = key;
-    i++;
-  });
-  return keys;
-};
-var cors = (config) => {
-  let {
-    aot = true,
-    origin = true,
-    methods = true,
-    allowedHeaders = true,
-    exposeHeaders = true,
-    credentials = true,
-    maxAge = 5,
-    preflight = true
-  } = config ?? {};
-  if (Array.isArray(allowedHeaders))
-    allowedHeaders = allowedHeaders.join(", ");
-  if (Array.isArray(exposeHeaders))
-    exposeHeaders = exposeHeaders.join(", ");
-  const origins = typeof origin === "boolean" ? undefined : Array.isArray(origin) ? origin : [origin];
-  const app = new Elysia({
-    name: "@elysiajs/cors",
-    seed: config,
-    aot
-  });
-  const anyOrigin = origins?.some((o) => o === "*");
-  const originMap = {};
-  if (origins) {
-    for (const origin2 of origins)
-      if (typeof origin2 === "string")
-        originMap[origin2] = true;
-  }
-  const processOrigin = (origin2, request, from) => {
-    if (Array.isArray(origin2))
-      return origin2.some((o) => processOrigin(o, request, from));
-    switch (typeof origin2) {
-      case "string":
-        if (from in originMap)
-          return true;
-        const fromProtocol = from.indexOf("://");
-        if (fromProtocol !== -1)
-          from = from.slice(fromProtocol + 3);
-        return origin2 === from;
-      case "function":
-        return origin2(request) === true;
-      case "object":
-        if (origin2 instanceof RegExp)
-          return origin2.test(from);
-    }
-    return false;
-  };
-  const handleOrigin = (set, request) => {
-    if (origin === true) {
-      set.headers.vary = "*";
-      set.headers["access-control-allow-origin"] = request.headers.get("Origin") || "*";
-      return;
-    }
-    if (anyOrigin) {
-      set.headers.vary = "*";
-      set.headers["access-control-allow-origin"] = "*";
-      return;
-    }
-    if (!origins?.length)
-      return;
-    if (origins.length) {
-      const from = request.headers.get("Origin") ?? "";
-      for (let i = 0;i < origins.length; i++) {
-        const value = processOrigin(origins[i], request, from);
-        if (value === true) {
-          set.headers.vary = origin ? "Origin" : "*";
-          set.headers["access-control-allow-origin"] = from || "*";
-          return;
-        }
-      }
-    }
-    set.headers.vary = "Origin";
-  };
-  const handleMethod = (set, method) => {
-    if (!method)
-      return;
-    if (methods === true)
-      return set.headers["access-control-allow-methods"] = method ?? "*";
-    if (methods === false || !methods?.length)
-      return;
-    if (methods === "*")
-      return set.headers["access-control-allow-methods"] = "*";
-    if (!Array.isArray(methods))
-      return set.headers["access-control-allow-methods"] = methods;
-    set.headers["access-control-allow-methods"] = methods.join(", ");
-  };
-  const defaultHeaders = {};
-  if (typeof exposeHeaders === "string")
-    defaultHeaders["access-control-expose-headers"] = exposeHeaders;
-  if (typeof allowedHeaders === "string")
-    defaultHeaders["access-control-allow-headers"] = allowedHeaders;
-  if (credentials === true)
-    defaultHeaders["access-control-allow-credentials"] = "true";
-  app.headers(defaultHeaders);
-  function handleOption({ set, request, headers }) {
-    handleOrigin(set, request);
-    handleMethod(set, request.headers.get("access-control-request-method"));
-    if (allowedHeaders === true || exposeHeaders === true) {
-      if (allowedHeaders === true)
-        set.headers["access-control-allow-headers"] = headers["access-control-request-headers"];
-      if (exposeHeaders === true)
-        set.headers["access-control-expose-headers"] = Object.keys(headers).join(",");
-    }
-    if (maxAge)
-      set.headers["access-control-max-age"] = maxAge.toString();
-    return new Response(null, {
-      status: 204
-    });
-  }
-  if (preflight)
-    app.options("/", handleOption).options("/*", handleOption);
-  return app.onRequest(function processCors({ set, request }) {
-    handleOrigin(set, request);
-    if (preflight && request.method === "OPTIONS") {
-      return handleOption({
-        set,
-        request,
-        headers: isBun2 ? request.headers.toJSON() : Object.fromEntries(request.headers.entries())
-      });
-    }
-    handleMethod(set, request.method);
-    if (allowedHeaders === true || exposeHeaders === true) {
-      const headers = processHeaders(request.headers);
-      if (allowedHeaders === true)
-        set.headers["access-control-allow-headers"] = headers;
-      if (exposeHeaders === true)
-        set.headers["access-control-expose-headers"] = headers;
-    }
-  });
-};
-
-// src/db/database.ts
-import { Database } from "bun:sqlite";
-import { join } from "path";
-import os from "os";
-import { existsSync, mkdirSync } from "fs";
-var VIBECONTROLS_DIR = join(os.homedir(), ".vibecontrols");
-var DEFAULT_DB_PATH = join(VIBECONTROLS_DIR, "agent.db");
-
-class AgentDatabase {
-  db;
-  constructor(dbPath = DEFAULT_DB_PATH) {
-    const dir = join(dbPath, "..");
-    if (!existsSync(dir)) {
-      mkdirSync(dir, { recursive: true });
-    }
-    this.db = new Database(dbPath);
-    this.db.exec("PRAGMA journal_mode = WAL");
-    this.db.exec("PRAGMA busy_timeout = 5000");
-    this.db.exec("PRAGMA synchronous = NORMAL");
-    this.db.exec("PRAGMA foreign_keys = ON");
-    this.initializeSchema();
-  }
-  initializeSchema() {
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS tasks (
-        id TEXT PRIMARY KEY,
-        type TEXT CHECK(type IN ('command', 'script', 'file_operation')) NOT NULL,
-        status TEXT CHECK(status IN ('pending', 'running', 'completed', 'failed')) DEFAULT 'pending',
-        payload TEXT NOT NULL,
-        result TEXT,
-        error TEXT,
-        createdAt TEXT DEFAULT (datetime('now')),
-        updatedAt TEXT DEFAULT (datetime('now'))
-      );
-
-      CREATE TABLE IF NOT EXISTS agent_config (
-        id TEXT PRIMARY KEY,
-        key TEXT UNIQUE NOT NULL,
-        value TEXT NOT NULL,
-        updatedAt TEXT DEFAULT (datetime('now'))
-      );
-
-      CREATE TABLE IF NOT EXISTS git_repositories (
-        id TEXT PRIMARY KEY,
-        path TEXT UNIQUE NOT NULL,
-        name TEXT NOT NULL,
-        parentPath TEXT,
-        isSubmodule INTEGER DEFAULT 0,
-        projectType TEXT,
-        vitePort INTEGER,
-        lastScanned TEXT DEFAULT (datetime('now')),
-        createdAt TEXT DEFAULT (datetime('now'))
-      );
-
-      CREATE TABLE IF NOT EXISTS bookmarked_commands (
-        id TEXT PRIMARY KEY,
-        projectId TEXT,
-        command TEXT NOT NULL,
-        description TEXT,
-        category TEXT,
-        createdAt TEXT DEFAULT (datetime('now'))
-      );
-
-      CREATE TABLE IF NOT EXISTS notifications (
-        id TEXT PRIMARY KEY,
-        sessionName TEXT,
-        projectId TEXT,
-        type TEXT CHECK(type IN ('info', 'success', 'warning', 'error')) DEFAULT 'info',
-        title TEXT NOT NULL,
-        message TEXT NOT NULL,
-        status TEXT CHECK(status IN ('unread', 'read')) DEFAULT 'unread',
-        createdAt TEXT DEFAULT (datetime('now'))
-      );
-
-      CREATE TABLE IF NOT EXISTS plugin_state (
-        id INTEGER PRIMARY KEY AUTOINCREMENT,
-        pluginName TEXT NOT NULL,
-        key TEXT NOT NULL,
-        value TEXT NOT NULL,
-        updatedAt TEXT DEFAULT (datetime('now')),
-        UNIQUE(pluginName, key)
-      );
-
-      -- Indexes
-      CREATE INDEX IF NOT EXISTS idx_tasks_status ON tasks(status);
-      CREATE INDEX IF NOT EXISTS idx_tasks_type ON tasks(type);
-      CREATE INDEX IF NOT EXISTS idx_git_repositories_path ON git_repositories(path);
-      CREATE INDEX IF NOT EXISTS idx_git_repositories_parentPath ON git_repositories(parentPath);
-      CREATE INDEX IF NOT EXISTS idx_bookmarked_commands_projectId ON bookmarked_commands(projectId);
-      CREATE INDEX IF NOT EXISTS idx_notifications_status ON notifications(status);
-      CREATE INDEX IF NOT EXISTS idx_notifications_projectId ON notifications(projectId);
-      CREATE INDEX IF NOT EXISTS idx_plugin_state_plugin ON plugin_state(pluginName);
-    `);
-  }
-  createTask(task) {
-    const stmt = this.db.prepare(`
-      INSERT INTO tasks (id, type, status, payload, result, error)
-      VALUES ($id, $type, $status, $payload, $result, $error)
-    `);
-    stmt.run({
-      $id: task.id,
-      $type: task.type,
-      $status: task.status,
-      $payload: task.payload,
-      $result: task.result ?? null,
-      $error: task.error ?? null
-    });
-    return this.getTask(task.id);
-  }
-  getTask(id) {
-    return this.db.prepare("SELECT * FROM tasks WHERE id = ?").get(id);
-  }
-  getAllTasks() {
-    return this.db.prepare("SELECT * FROM tasks ORDER BY createdAt DESC").all();
-  }
-  getPendingTasks() {
-    return this.db.prepare("SELECT * FROM tasks WHERE status = 'pending' ORDER BY createdAt").all();
-  }
-  updateTask(id, updates) {
-    const fields = Object.keys(updates).filter((k2) => k2 !== "id" && k2 !== "createdAt").map((k2) => `${k2} = $${k2}`).join(", ");
-    if (!fields)
-      return;
-    const stmt = this.db.prepare(`UPDATE tasks SET ${fields}, updatedAt = datetime('now') WHERE id = $id`);
-    const params = { $id: id };
-    for (const [k2, v] of Object.entries(updates)) {
-      params[`$${k2}`] = v ?? null;
-    }
-    stmt.run(params);
-  }
-  cancelTask(id) {
-    const result = this.db.prepare("UPDATE tasks SET status = 'failed', error = 'Cancelled', updatedAt = datetime('now') WHERE id = ? AND status IN ('pending', 'running')").run(id);
-    return result.changes > 0;
-  }
-  getConfig(key) {
-    const row = this.db.prepare("SELECT value FROM agent_config WHERE key = ?").get(key);
-    if (row?.value === "__DELETED__")
-      return;
-    return row?.value;
-  }
-  setConfig(key, value) {
-    this.db.prepare(`
-      INSERT INTO agent_config (id, key, value)
-      VALUES ($id, $key, $value)
-      ON CONFLICT(key) DO UPDATE SET value = $value, updatedAt = datetime('now')
-    `).run({ $id: key, $key: key, $value: value });
-  }
-  deleteConfig(key) {
-    const result = this.db.prepare("DELETE FROM agent_config WHERE key = ?").run(key);
-    return result.changes > 0;
-  }
-  getAllConfig() {
-    const rows = this.db.prepare("SELECT key, value FROM agent_config").all();
-    return rows.reduce((acc, row) => {
-      if (row.value !== "__DELETED__") {
-        acc[row.key] = row.value;
-      }
-      return acc;
-    }, {});
-  }
-  bulkSetConfig(entries) {
-    const stmt = this.db.prepare(`
-      INSERT INTO agent_config (id, key, value)
-      VALUES ($id, $key, $value)
-      ON CONFLICT(key) DO UPDATE SET value = $value, updatedAt = datetime('now')
-    `);
-    const transaction = this.db.transaction((entries2) => {
-      for (const [key, value] of entries2) {
-        stmt.run({ $id: key, $key: key, $value: value });
-      }
-    });
-    transaction(Object.entries(entries));
-  }
-  getConfigStatus() {
-    const count = this.db.prepare("SELECT COUNT(*) as count FROM agent_config").get();
-    const latest = this.db.prepare("SELECT MAX(updatedAt) as latest FROM agent_config").get();
-    return { totalKeys: count.count, lastUpdated: latest.latest };
-  }
-  createGitRepository(repo) {
-    this.db.prepare(`
-      INSERT INTO git_repositories (id, path, name, parentPath, isSubmodule, projectType, vitePort)
-      VALUES ($id, $path, $name, $parentPath, $isSubmodule, $projectType, $vitePort)
-    `).run({
-      $id: repo.id,
-      $path: repo.path,
-      $name: repo.name,
-      $parentPath: repo.parentPath ?? null,
-      $isSubmodule: repo.isSubmodule ? 1 : 0,
-      $projectType: repo.projectType ?? null,
-      $vitePort: repo.vitePort ?? null
-    });
-    return this.getGitRepository(repo.id);
-  }
-  getGitRepository(id) {
-    const row = this.db.prepare("SELECT * FROM git_repositories WHERE id = ?").get(id);
-    if (row)
-      row.isSubmodule = Boolean(row.isSubmodule);
-    return row ?? undefined;
-  }
-  getGitRepositoryByPath(path) {
-    const row = this.db.prepare("SELECT * FROM git_repositories WHERE path = ?").get(path);
-    if (row)
-      row.isSubmodule = Boolean(row.isSubmodule);
-    return row ?? undefined;
-  }
-  getAllGitRepositories() {
-    const rows = this.db.prepare("SELECT * FROM git_repositories ORDER BY path").all();
-    return rows.map((r) => ({ ...r, isSubmodule: Boolean(r.isSubmodule) }));
-  }
-  updateGitRepository(id, updates) {
-    const fields = Object.keys(updates).filter((k2) => k2 !== "id" && k2 !== "createdAt").map((k2) => `${k2} = $${k2}`).join(", ");
-    if (!fields)
-      return;
-    const params = { $id: id };
-    for (const [k2, v] of Object.entries(updates)) {
-      if (k2 === "isSubmodule")
-        params[`$${k2}`] = v ? 1 : 0;
-      else
-        params[`$${k2}`] = v ?? null;
-    }
-    this.db.prepare(`UPDATE git_repositories SET ${fields}, lastScanned = datetime('now') WHERE id = $id`).run(params);
-  }
-  deleteGitRepository(id) {
-    const result = this.db.prepare("DELETE FROM git_repositories WHERE id = ?").run(id);
-    return result.changes > 0;
-  }
-  fixGitHierarchy() {
-    const repos = this.getAllGitRepositories();
-    let fixed = 0;
-    for (const repo of repos) {
-      if (repo.isSubmodule)
-        continue;
-      const parent = repos.find((r) => r.id !== repo.id && repo.path.startsWith(r.path + "/") && !r.isSubmodule);
-      if (parent && repo.parentPath !== parent.path) {
-        this.updateGitRepository(repo.id, { parentPath: parent.path });
-        fixed++;
-      }
-    }
-    return { fixed };
-  }
-  createBookmarkedCommand(cmd) {
-    this.db.prepare(`
-      INSERT INTO bookmarked_commands (id, projectId, command, description, category)
-      VALUES ($id, $projectId, $command, $description, $category)
-    `).run({
-      $id: cmd.id,
-      $projectId: cmd.projectId ?? null,
-      $command: cmd.command,
-      $description: cmd.description ?? null,
-      $category: cmd.category ?? null
-    });
-    return this.getBookmarkedCommand(cmd.id);
-  }
-  getBookmarkedCommand(id) {
-    return this.db.prepare("SELECT * FROM bookmarked_commands WHERE id = ?").get(id);
-  }
-  getAllBookmarkedCommands() {
-    return this.db.prepare("SELECT * FROM bookmarked_commands ORDER BY createdAt DESC").all();
-  }
-  getBookmarkedCommandsByProject(projectId) {
-    if (projectId === null) {
-      return this.db.prepare("SELECT * FROM bookmarked_commands WHERE projectId IS NULL ORDER BY createdAt DESC").all();
-    }
-    return this.db.prepare("SELECT * FROM bookmarked_commands WHERE projectId = ? ORDER BY createdAt DESC").all(projectId);
-  }
-  getBookmarkedCommandsByCategory(category) {
-    return this.db.prepare("SELECT * FROM bookmarked_commands WHERE category = ? ORDER BY createdAt DESC").all(category);
-  }
-  updateBookmarkedCommand(id, updates) {
-    const fields = Object.keys(updates).filter((k2) => k2 !== "id" && k2 !== "createdAt").map((k2) => `${k2} = $${k2}`).join(", ");
-    if (!fields)
-      return;
-    const params = { $id: id };
-    for (const [k2, v] of Object.entries(updates)) {
-      params[`$${k2}`] = v ?? null;
-    }
-    this.db.prepare(`UPDATE bookmarked_commands SET ${fields} WHERE id = $id`).run(params);
-  }
-  deleteBookmarkedCommand(id) {
-    const result = this.db.prepare("DELETE FROM bookmarked_commands WHERE id = ?").run(id);
-    return result.changes > 0;
-  }
-  executeBookmarkedCommand(id) {
-    return this.getBookmarkedCommand(id);
-  }
-  createNotification(notification) {
-    this.db.prepare(`
-      INSERT INTO notifications (id, sessionName, projectId, type, title, message, status)
-      VALUES ($id, $sessionName, $projectId, $type, $title, $message, $status)
-    `).run({
-      $id: notification.id,
-      $sessionName: notification.sessionName ?? null,
-      $projectId: notification.projectId ?? null,
-      $type: notification.type,
-      $title: notification.title,
-      $message: notification.message,
-      $status: notification.status
-    });
-    return this.getNotification(notification.id);
-  }
-  getNotification(id) {
-    return this.db.prepare("SELECT * FROM notifications WHERE id = ?").get(id);
-  }
-  getAllNotifications() {
-    return this.db.prepare("SELECT * FROM notifications ORDER BY createdAt DESC").all();
-  }
-  getNotificationsByProject(projectId) {
-    if (projectId === null) {
-      return this.db.prepare("SELECT * FROM notifications WHERE projectId IS NULL ORDER BY createdAt DESC").all();
-    }
-    return this.db.prepare("SELECT * FROM notifications WHERE projectId = ? ORDER BY createdAt DESC").all(projectId);
-  }
-  getGlobalNotifications() {
-    return this.db.prepare("SELECT * FROM notifications WHERE projectId IS NULL ORDER BY createdAt DESC").all();
-  }
-  getUnreadNotifications() {
-    return this.db.prepare("SELECT * FROM notifications WHERE status = 'unread' ORDER BY createdAt DESC").all();
-  }
-  updateNotificationStatus(id, status2) {
-    this.db.prepare("UPDATE notifications SET status = ? WHERE id = ?").run(status2, id);
-  }
-  markAllNotificationsRead() {
-    const result = this.db.prepare("UPDATE notifications SET status = 'read' WHERE status = 'unread'").run();
-    return result.changes;
-  }
-  deleteNotification(id) {
-    const result = this.db.prepare("DELETE FROM notifications WHERE id = ?").run(id);
-    return result.changes > 0;
-  }
-  clearOldNotifications(olderThanDays = 30) {
-    const result = this.db.prepare("DELETE FROM notifications WHERE createdAt < datetime('now', '-' || ? || ' days')").run(olderThanDays);
-    return result.changes;
-  }
-  getPluginState(pluginName, key) {
-    const row = this.db.prepare("SELECT value FROM plugin_state WHERE pluginName = ? AND key = ?").get(pluginName, key);
-    return row?.value;
-  }
-  setPluginState(pluginName, key, value) {
-    this.db.prepare(`
-      INSERT INTO plugin_state (pluginName, key, value)
-      VALUES ($pluginName, $key, $value)
-      ON CONFLICT(pluginName, key) DO UPDATE SET value = $value, updatedAt = datetime('now')
-    `).run({ $pluginName: pluginName, $key: key, $value: value });
-  }
-  deletePluginState(pluginName, key) {
-    const result = this.db.prepare("DELETE FROM plugin_state WHERE pluginName = ? AND key = ?").run(pluginName, key);
-    return result.changes > 0;
-  }
-  getAllPluginState(pluginName) {
-    return this.db.prepare("SELECT key, value, updatedAt FROM plugin_state WHERE pluginName = ? ORDER BY key").all(pluginName);
-  }
-  deleteAllPluginState(pluginName) {
-    const result = this.db.prepare("DELETE FROM plugin_state WHERE pluginName = ?").run(pluginName);
-    return result.changes;
-  }
-  close() {
-    this.db.close();
-  }
-}
-
-// src/middleware/auth.ts
-import crypto2 from "crypto";
-import { join as join2 } from "path";
-import { homedir } from "os";
-import { existsSync as existsSync2, readFileSync } from "fs";
-var AUTH_EXEMPT_PREFIXES = [
-  "/health",
-  "/api/agent/identity",
-  "/api/agent/api-key",
-  "/api/agent/tunnel",
-  "/terminal/",
-  "/ws/"
-];
-function isExempt(path) {
-  return AUTH_EXEMPT_PREFIXES.some((prefix) => path.startsWith(prefix));
-}
-function generateApiKey() {
-  const bytes = crypto2.randomBytes(32);
-  return `vcak_${bytes.toString("base64url")}`;
-}
-function loadStaticApiKey() {
-  const configFile = join2(homedir(), ".vibecontrols", "config.json");
-  if (existsSync2(configFile)) {
-    try {
-      const config = JSON.parse(readFileSync(configFile, "utf8"));
-      return config["static-api-key"] || undefined;
-    } catch {
-      return;
-    }
-  }
-  return;
-}
-function createAuthPlugin() {
-  const envKey = process.env.AGENT_API_KEY;
-  const staticKey = loadStaticApiKey();
-  const apiKey = envKey || staticKey || generateApiKey();
-  logger.info("auth", `Agent API key: ${apiKey.substring(0, 12)}...`);
-  return new Elysia({ name: "plugin/auth" }).decorate("apiKey", apiKey).derive(({ headers, path }) => {
-    return {
-      isAuthenticated: (() => {
-        if (isExempt(path))
-          return true;
-        const providedKey = headers["x-agent-api-key"];
-        return providedKey === apiKey;
-      })()
-    };
-  }).onBeforeHandle(({ isAuthenticated, path, set }) => {
-    if (!isAuthenticated && !isExempt(path)) {
-      set.status = 401;
-      return { error: "Unauthorized", message: "Invalid or missing API key" };
-    }
-  });
-}
-
-// src/services/gateway-client.ts
-class GatewayClient {
-  config = null;
-  token = null;
-  configure(config) {
-    this.config = config;
-    this.token = null;
-    logger.info("gateway-client", "Gateway client configured", {
-      globalGatewayUrl: config.globalGatewayUrl,
-      clientId: config.clientId
-    });
-  }
-  isConfigured() {
-    return this.config !== null;
-  }
-  getConfig() {
-    if (!this.config)
-      return null;
-    const { clientSecret: _2, ...rest } = this.config;
-    return rest;
-  }
-  async globalQuery(query, variables) {
-    return this.executeQuery("global", query, variables);
-  }
-  async workspaceQuery(query, variables) {
-    return this.executeQuery("workspaces", query, variables);
-  }
-  async executeQuery(supergraph, query, variables) {
-    if (!this.config) {
-      throw new Error("Gateway client not configured. Call configure() first.");
-    }
-    const token = await this.ensureToken();
-    const baseUrl = supergraph === "workspaces" ? this.config.workspaceGatewayUrl ?? this.config.globalGatewayUrl : this.config.globalGatewayUrl;
-    const url = `${baseUrl.replace(/\/$/, "")}/${supergraph}/graphql`;
-    logger.debug("gateway-client", `GraphQL ${supergraph} request`, {
-      url,
-      queryLength: query.length
-    });
-    const response = await fetch(url, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${token}`
-      },
-      body: JSON.stringify({ query, variables })
-    });
-    const result = await response.json();
-    if (result.errors?.length) {
-      logger.warn("gateway-client", "GraphQL errors", {
-        supergraph,
-        errors: result.errors.map((e) => e.message)
-      });
-    }
-    return result;
-  }
-  async ensureToken() {
-    if (this.token && this.token.expiresAt > Date.now() + 60000) {
-      return this.token.accessToken;
-    }
-    return this.authenticate();
-  }
-  async authenticate() {
-    if (!this.config) {
-      throw new Error("Gateway client not configured.");
-    }
-    logger.info("gateway-client", "Authenticating with gateway", {
-      clientId: this.config.clientId
-    });
-    const url = `${this.config.globalGatewayUrl.replace(/\/$/, "")}/global/graphql`;
-    const response = await fetch(url, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        query: `
-          mutation AuthenticateApp($input: AuthenticateAppInput!) {
-            authenticateApp(input: $input) {
-              accessToken
-              tokenType
-              expiresIn
-              scopes
-            }
-          }
-        `,
-        variables: {
-          input: {
-            clientId: this.config.clientId,
-            clientSecret: this.config.clientSecret,
-            scopes: this.config.scopes ?? []
-          }
-        }
-      })
-    });
-    const result = await response.json();
-    if (result.errors?.length || !result.data?.authenticateApp) {
-      const msg = result.errors?.[0]?.message ?? "Authentication failed";
-      logger.error("gateway-client", `Authentication failed: ${msg}`);
-      throw new Error(`Gateway authentication failed: ${msg}`);
-    }
-    const auth = result.data.authenticateApp;
-    this.token = {
-      accessToken: auth.accessToken,
-      expiresAt: Date.now() + auth.expiresIn * 1000,
-      scopes: auth.scopes
-    };
-    logger.info("gateway-client", "Authenticated successfully", {
-      expiresIn: auth.expiresIn,
-      scopes: auth.scopes
-    });
-    return this.token.accessToken;
-  }
-}
-var gatewayClient = new GatewayClient;
-
-// src/routes/health.routes.ts
-function createHealthRoutes(_serviceRegistry) {
-  return new Elysia({ prefix: "/health" }).get("/", () => ({
-    status: "ok",
-    timestamp: new Date().toISOString(),
-    uptime: process.uptime()
-  })).get("/live", () => ({ status: "ok" })).get("/ready", () => ({ status: "ok" }));
-}
-
-// src/routes/agent.routes.ts
-import os2 from "os";
-import crypto3 from "crypto";
-import { readFileSync as readFileSync2 } from "fs";
-function getMachineId() {
-  const hostname = os2.hostname();
-  const platform = os2.platform();
-  const arch = os2.arch();
-  return crypto3.createHash("sha256").update(`${hostname}-${platform}-${arch}`).digest("hex").substring(0, 16);
-}
-function getAgentVersion() {
-  try {
-    const pkgPath = new URL("../../package.json", import.meta.url);
-    const pkg = JSON.parse(readFileSync2(new URL(pkgPath), "utf8"));
-    return pkg.version || "0.0.0";
-  } catch {
-    return "0.0.0";
-  }
-}
-function createAgentRoutes(db, serviceRegistry) {
-  const version = getAgentVersion();
-  const machineId = getMachineId();
-  return new Elysia({ prefix: "/api/agent" }).get("/identity", () => ({
-    machineId,
-    hostname: os2.hostname(),
-    platform: os2.platform(),
-    arch: os2.arch(),
-    version,
-    uptime: process.uptime()
-  })).get("/api-key", ({ store }) => ({
-    apiKey: store.apiKey ?? "unknown"
-  })).get("/tunnel", async () => {
-    const tunnelProvider = serviceRegistry.getProvider("tunnel");
-    if (!tunnelProvider) {
-      return { tunnelUrl: null, message: "No tunnel provider registered" };
-    }
-    const url = await tunnelProvider.getActiveTunnelUrl();
-    return { tunnelUrl: url };
-  }).post("/tunnel/start", async ({ set }) => {
-    const tunnelProvider = serviceRegistry.getProvider("tunnel");
-    if (!tunnelProvider) {
-      set.status = 400;
-      return { error: "No tunnel provider registered" };
-    }
-    const port = parseInt(process.env.PORT || "3005");
-    const tunnel = await tunnelProvider.start({ port, name: "agent" });
-    return { success: true, tunnel };
-  }).post("/tunnel/stop", async ({ set }) => {
-    const tunnelProvider = serviceRegistry.getProvider("tunnel");
-    if (!tunnelProvider) {
-      set.status = 400;
-      return { error: "No tunnel provider registered" };
-    }
-    const tunnels = await tunnelProvider.list();
-    const agentTunnel = tunnels.find((t2) => t2.metadata?.isAgent);
-    if (agentTunnel) {
-      await tunnelProvider.stop(agentTunnel.id);
-    }
-    return { success: true };
-  }).get("/setup/check", () => {
-    const deps = checkDependencies();
-    const allInstalled = deps.filter((d) => d.required).every((d) => d.installed);
-    return { ready: allInstalled, dependencies: deps };
-  }).post("/setup/install", async () => {
-    const result = await installDependencies();
-    return result;
-  }).post("/gateway-auth", async ({ body, set }) => {
-    try {
-      gatewayClient.configure({
-        globalGatewayUrl: body.tenantApiUrl || body.globalGatewayUrl || "",
-        workspaceGatewayUrl: body.workspacesApiUrl || body.workspaceGatewayUrl,
-        clientId: body.appClientId || body.clientId || "",
-        clientSecret: body.appClientSecret || body.clientSecret || ""
-      });
-      if (body.appClientId || body.clientId) {
-        db.setConfig("gateway-auth:clientId", body.appClientId || body.clientId || "");
-      }
-      if (body.appClientSecret || body.clientSecret) {
-        db.setConfig("gateway-auth:clientSecret", body.appClientSecret || body.clientSecret || "");
-      }
-      if (body.workspacesApiUrl || body.workspaceGatewayUrl) {
-        db.setConfig("gateway-auth:workspaceGatewayUrl", body.workspacesApiUrl || body.workspaceGatewayUrl || "");
-      }
-      if (body.tenantApiUrl || body.globalGatewayUrl) {
-        db.setConfig("gateway-auth:globalGatewayUrl", body.tenantApiUrl || body.globalGatewayUrl || "");
-      }
-      if (body.workspaceId) {
-        db.setConfig("gateway-auth:workspaceId", body.workspaceId);
-      }
-      return { success: true, message: "Gateway auth configured" };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to configure gateway auth",
-        message: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      workspacesApiUrl: t.Optional(t.String()),
-      tenantApiUrl: t.Optional(t.String()),
-      globalGatewayUrl: t.Optional(t.String()),
-      workspaceGatewayUrl: t.Optional(t.String()),
-      appClientId: t.Optional(t.String()),
-      appClientSecret: t.Optional(t.String()),
-      clientId: t.Optional(t.String()),
-      clientSecret: t.Optional(t.String()),
-      workspaceId: t.Optional(t.String())
-    })
-  }).get("/gateway-auth", () => {
-    const config = gatewayClient.getConfig();
-    return { configured: gatewayClient.isConfigured(), config };
-  }).get("/version", () => ({
-    version,
-    runtime: "bun",
-    runtimeVersion: typeof Bun !== "undefined" ? Bun.version : "unknown"
-  })).get("/system", () => ({
-    hostname: os2.hostname(),
-    platform: os2.platform(),
-    arch: os2.arch(),
-    release: os2.release(),
-    cpus: os2.cpus().length,
-    totalMemory: os2.totalmem(),
-    freeMemory: os2.freemem(),
-    uptime: os2.uptime(),
-    bunVersion: typeof Bun !== "undefined" ? Bun.version : undefined,
-    agentVersion: version,
-    homeDir: os2.homedir(),
-    cwd: process.cwd(),
-    environment: "development"
-  })).get("/status", () => ({
-    status: "online",
-    timestamp: new Date().toISOString(),
-    version,
-    providers: serviceRegistry.listProviders(),
-    services: serviceRegistry.listServices()
-  })).get("/url", async () => {
-    const tunnelProvider = serviceRegistry.getProvider("tunnel");
-    const tunnelUrl = tunnelProvider ? await tunnelProvider.getActiveTunnelUrl() : null;
-    const localUrl = `http://localhost:${process.env.PORT || 3005}`;
-    return {
-      url: tunnelUrl || localUrl,
-      tunnelUrl,
-      localUrl,
-      source: tunnelUrl ? "tunnel" : "local"
-    };
-  });
-}
-
-// src/routes/session.routes.ts
-function getSessionProvider(registry) {
-  const provider = registry.getProvider("session");
-  if (!provider) {
-    throw new Error("No session provider registered");
-  }
-  return provider;
-}
-function createSessionRoutes(serviceRegistry) {
-  return new Elysia({ prefix: "/api/sessions" }).get("/", async ({ set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const sessions = await provider.list();
-      return { sessions };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to list sessions", details: String(err) };
-    }
-  }).get("/system", async ({ set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const sessions = await provider.listSystem();
-      return { sessions };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to get system sessions",
-        details: String(err)
-      };
-    }
-  }).get("/system/terminals", async ({ set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const processes = await provider.listSystemTerminals();
-      return { processes };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to get system terminal processes",
-        details: String(err)
-      };
-    }
-  }).post("/system/kill", async ({ body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const results = [];
-      for (const sessionId of body.sessionIds) {
-        try {
-          await provider.killSystem(sessionId);
-          results.push({ target: sessionId, success: true });
-        } catch (err) {
-          results.push({
-            target: sessionId,
-            success: false,
-            error: String(err)
-          });
-        }
-      }
-      return { results };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to kill system sessions",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      sessionIds: t.Array(t.String()),
-      force: t.Optional(t.Boolean())
-    })
-  }).post("/system/terminals/kill", async ({ body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const results = [];
-      for (const pid of body.pids) {
-        try {
-          await provider.killSystemTerminal(pid);
-          results.push({ target: String(pid), success: true });
-        } catch (err) {
-          results.push({
-            target: String(pid),
-            success: false,
-            error: String(err)
-          });
-        }
-      }
-      return { results };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to kill system terminal processes",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      pids: t.Array(t.Number()),
-      force: t.Optional(t.Boolean())
-    })
-  }).post("/health-check", async ({ body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const results = [];
-      for (const sessionId of body.sessionIds) {
-        try {
-          const session = await provider.get(sessionId);
-          if (!session) {
-            results.push({ sessionId, status: "unknown" });
-          } else {
-            results.push({
-              sessionId,
-              status: session.status === "active" ? "running" : "dead"
-            });
-          }
-        } catch {
-          results.push({ sessionId, status: "unknown" });
-        }
-      }
-      return { results };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to health check sessions",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      sessionIds: t.Array(t.String())
-    })
-  }).post("/create", async ({ body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      if (body.sessionId) {
-        const existing = await provider.get(body.sessionId);
-        if (existing && existing.status === "active") {
-          return { session: existing, reused: true };
-        }
-      }
-      const session = await provider.create({
-        name: body.sessionName || `vibecontrols-${Date.now()}`,
-        command: body.command,
-        workingDirectory: body.startDirectory,
-        projectId: body.projectId
-      });
-      return { session, reused: false };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to create session", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      sessionId: t.Optional(t.String()),
-      projectId: t.Optional(t.String()),
-      sessionName: t.Optional(t.String()),
-      windowName: t.Optional(t.String()),
-      command: t.Optional(t.String()),
-      startDirectory: t.Optional(t.String())
-    })
-  }).get("/:id", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      return { session };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to get session", details: String(err) };
-    }
-  }).delete("/:id", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.kill(params.id);
-      return { success: true, sessionName: session.name };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to kill session", details: String(err) };
-    }
-  }).post("/:id/command", async ({ params, body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.sendCommand(params.id, body.command);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to execute command", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      command: t.String()
-    })
-  }).post("/:id/keys", async ({ params, body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.sendKeys(params.id, body.keys);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to send keys", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      keys: t.String()
-    })
-  }).post("/:id/interrupt", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.interrupt(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to send interrupt", details: String(err) };
-    }
-  }).get("/:id/capture", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      const output = await provider.capture(params.id);
-      return { output };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to capture output", details: String(err) };
-    }
-  }).put("/:id/rename", async ({ params, body, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.rename(params.id, body.newName);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to rename session", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      newName: t.String()
-    })
-  }).post("/:id/toggle-mouse", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.toggleMouse(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to toggle mouse mode", details: String(err) };
-    }
-  }).get("/:id/termination-status", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      const termStatus = await provider.getTerminationStatus(params.id);
-      return {
-        sessionId: params.id,
-        sessionName: session.name,
-        databaseStatus: session.status,
-        ...termStatus,
-        isFullyTerminated: termStatus.exited && session.status === "terminated"
-      };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to verify termination",
-        details: String(err)
-      };
-    }
-  }).get("/:id/terminal", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      const terminal = await provider.getTerminalInfo(params.id);
-      if (!terminal) {
-        set.status = 404;
-        return { error: "Terminal not running for this session" };
-      }
-      const tunnelProvider = serviceRegistry.getProvider("tunnel");
-      const tunnelUrl = tunnelProvider ? await tunnelProvider.getActiveTunnelUrl() : null;
-      const terminalProxyUrl = tunnelUrl ? `${tunnelUrl}/terminal/${params.id}/` : null;
-      return {
-        port: terminal.port,
-        url: `http://localhost:${terminal.port}`,
-        pid: terminal.pid,
-        terminalUrl: terminalProxyUrl
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to get terminal info", details: String(err) };
-    }
-  }).post("/:id/terminal", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      const existingTerminal = await provider.getTerminalInfo(params.id);
-      if (existingTerminal) {
-        const tunnelProvider2 = serviceRegistry.getProvider("tunnel");
-        const tunnelUrl2 = tunnelProvider2 ? await tunnelProvider2.getActiveTunnelUrl() : null;
-        const terminalProxyUrl2 = tunnelUrl2 ? `${tunnelUrl2}/terminal/${params.id}/` : null;
-        return {
-          port: existingTerminal.port,
-          pid: existingTerminal.pid,
-          url: `http://localhost:${existingTerminal.port}`,
-          terminalUrl: terminalProxyUrl2
-        };
-      }
-      const terminal = await provider.startTerminal(params.id);
-      const tunnelProvider = serviceRegistry.getProvider("tunnel");
-      const tunnelUrl = tunnelProvider ? await tunnelProvider.getActiveTunnelUrl() : null;
-      const terminalProxyUrl = tunnelUrl ? `${tunnelUrl}/terminal/${params.id}/` : null;
-      return {
-        port: terminal.port,
-        pid: terminal.pid,
-        url: `http://localhost:${terminal.port}`,
-        terminalUrl: terminalProxyUrl
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to start terminal", details: String(err) };
-    }
-  }).post("/:id/terminal/stop", async ({ params, set }) => {
-    try {
-      const provider = getSessionProvider(serviceRegistry);
-      const session = await provider.get(params.id);
-      if (!session) {
-        set.status = 404;
-        return { error: "Session not found" };
-      }
-      await provider.stopTerminal(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to stop terminal", details: String(err) };
-    }
-  });
-}
-
-// src/routes/tunnel.routes.ts
-function getTunnelProvider(registry) {
-  const provider = registry.getProvider("tunnel");
-  if (!provider) {
-    throw new Error("No tunnel provider registered");
-  }
-  return provider;
-}
-function createTunnelRoutes(serviceRegistry) {
-  return new Elysia({ prefix: "/api/tunnels" }).get("/", async ({ set }) => {
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const tunnels = await provider.list();
-      return { tunnels };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to list tunnels", details: String(err) };
-    }
-  }).get("/status", async ({ set }) => {
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const tunnels = await provider.list();
-      const active = tunnels.filter((t2) => t2.status === "active");
-      const inactive = tunnels.filter((t2) => t2.status === "stopped");
-      const errored = tunnels.filter((t2) => t2.status === "error");
-      return {
-        total: tunnels.length,
-        active: active.length,
-        inactive: inactive.length,
-        errored: errored.length,
-        tunnels: active.map((t2) => ({
-          id: t2.id,
-          port: t2.port,
-          url: t2.url,
-          pid: t2.pid
-        }))
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to get tunnel status", details: String(err) };
-    }
-  }).post("/start", async ({ body, set }) => {
-    if (body.localPort < 1 || body.localPort > 65535) {
-      set.status = 400;
-      return { error: "Invalid localPort: must be between 1 and 65535" };
-    }
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const existing = await provider.list();
-      const portTunnel = existing.find((t2) => t2.port === body.localPort && t2.status === "active");
-      if (portTunnel) {
-        set.status = 409;
-        return {
-          error: `An active tunnel already exists for port ${body.localPort}`,
-          tunnel: portTunnel
-        };
-      }
-      const tunnel = await provider.start({
-        port: body.localPort,
-        name: body.subdomain,
-        metadata: body.sessionId ? { sessionId: body.sessionId } : undefined
-      });
-      return {
-        id: tunnel.id,
-        localPort: tunnel.port,
-        publicUrl: tunnel.url,
-        pid: tunnel.pid,
-        status: tunnel.status,
-        sessionId: body.sessionId || null
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to start tunnel", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      localPort: t.Number(),
-      subdomain: t.Optional(t.String()),
-      sessionId: t.Optional(t.String())
-    })
-  }).get("/:id", async ({ params, set }) => {
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const tunnel = await provider.getStatus(params.id);
-      if (!tunnel) {
-        set.status = 404;
-        return { error: "Tunnel not found" };
-      }
-      return { tunnel };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to get tunnel", details: String(err) };
-    }
-  }).post("/:id/stop", async ({ params, set }) => {
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const tunnel = await provider.getStatus(params.id);
-      if (!tunnel) {
-        set.status = 404;
-        return { error: "Tunnel not found" };
-      }
-      if (tunnel.status !== "active") {
-        set.status = 400;
-        return { error: "Tunnel is not active" };
-      }
-      await provider.stop(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to stop tunnel", details: String(err) };
-    }
-  }).delete("/:id", async ({ params, set }) => {
-    try {
-      const provider = getTunnelProvider(serviceRegistry);
-      const tunnel = await provider.getStatus(params.id);
-      if (!tunnel) {
-        set.status = 404;
-        return { error: "Tunnel not found" };
-      }
-      if (tunnel.status === "active") {
-        await provider.stop(params.id);
-      }
-      await provider.delete(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to delete tunnel", details: String(err) };
-    }
-  });
-}
-
-// src/routes/task.routes.ts
-import crypto4 from "crypto";
-import { promises as fs } from "fs";
-import path from "path";
-import os3 from "os";
-async function executeCommand(payload) {
-  const proc = Bun.spawn(["sh", "-c", payload.command], {
-    cwd: payload.cwd,
-    env: { ...process.env, ...payload.env },
-    stdout: "pipe",
-    stderr: "pipe"
-  });
-  const [stdout, stderr] = await Promise.all([
-    new Response(proc.stdout).text(),
-    new Response(proc.stderr).text()
-  ]);
-  await proc.exited;
-  return { stdout, stderr };
-}
-async function executeScript(payload) {
-  const interpreter = payload.interpreter || "bash";
-  const tmpDir = os3.tmpdir();
-  const scriptFile = path.join(tmpDir, `vibecontrols-script-${Date.now()}.sh`);
-  await fs.writeFile(scriptFile, payload.script, { mode: 493 });
-  try {
-    const proc = Bun.spawn([interpreter, scriptFile], {
-      cwd: payload.cwd,
-      stdout: "pipe",
-      stderr: "pipe"
-    });
-    const [stdout, stderr] = await Promise.all([
-      new Response(proc.stdout).text(),
-      new Response(proc.stderr).text()
-    ]);
-    await proc.exited;
-    return { stdout, stderr };
-  } finally {
-    await fs.unlink(scriptFile).catch(() => {});
-  }
-}
-async function executeFileOperation(payload) {
-  switch (payload.operation) {
-    case "read": {
-      const data = await fs.readFile(payload.path, "utf-8");
-      return { content: data };
-    }
-    case "write": {
-      if (!payload.content)
-        throw new Error("Content is required for write operation");
-      await fs.writeFile(payload.path, payload.content);
-      return { success: true };
-    }
-    case "delete": {
-      await fs.unlink(payload.path);
-      return { success: true };
-    }
-    case "exists": {
-      try {
-        await fs.access(payload.path);
-        return { exists: true };
-      } catch {
-        return { exists: false };
-      }
-    }
-    case "list": {
-      const files = await fs.readdir(payload.path);
-      return { files };
-    }
-    default:
-      throw new Error(`Unknown file operation: ${payload.operation}`);
-  }
-}
-async function processTask(db, task) {
-  try {
-    db.updateTask(task.id, { status: "running" });
-    const payload = JSON.parse(task.payload);
-    let result;
-    switch (task.type) {
-      case "command":
-        result = await executeCommand(payload);
-        break;
-      case "script":
-        result = await executeScript(payload);
-        break;
-      case "file_operation":
-        result = await executeFileOperation(payload);
-        break;
-      default:
-        throw new Error(`Unknown task type: ${task.type}`);
-    }
-    db.updateTask(task.id, {
-      status: "completed",
-      result: JSON.stringify(result)
-    });
-  } catch (err) {
-    db.updateTask(task.id, {
-      status: "failed",
-      error: err instanceof Error ? err.message : String(err)
-    });
-  }
-}
-function createTaskRoutes(db) {
-  return new Elysia({ prefix: "/api/tasks" }).get("/", ({ query }) => {
-    const status2 = query.status;
-    if (status2 === "pending") {
-      return { tasks: db.getPendingTasks() };
-    }
-    return { tasks: db.getAllTasks() };
-  }).get("/:id", ({ params, set }) => {
-    const task = db.getTask(params.id);
-    if (!task) {
-      set.status = 404;
-      return { error: "Task not found" };
-    }
-    return { task };
-  }).post("/", async ({ body, set }) => {
-    try {
-      const task = db.createTask({
-        id: crypto4.randomUUID(),
-        type: body.type,
-        status: "pending",
-        payload: JSON.stringify(body.payload)
-      });
-      processTask(db, task);
-      return { task };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to create task", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      type: t.Union([
-        t.Literal("command"),
-        t.Literal("script"),
-        t.Literal("file_operation")
-      ]),
-      payload: t.Object({
-        command: t.Optional(t.String()),
-        cwd: t.Optional(t.String()),
-        env: t.Optional(t.Record(t.String(), t.String())),
-        script: t.Optional(t.String()),
-        interpreter: t.Optional(t.String()),
-        operation: t.Optional(t.Union([
-          t.Literal("read"),
-          t.Literal("write"),
-          t.Literal("delete"),
-          t.Literal("exists"),
-          t.Literal("list")
-        ])),
-        path: t.Optional(t.String()),
-        content: t.Optional(t.String())
-      })
-    })
-  }).post("/:id/cancel", ({ params, set }) => {
-    const task = db.getTask(params.id);
-    if (!task) {
-      set.status = 404;
-      return { error: "Task not found" };
-    }
-    if (task.status !== "pending") {
-      set.status = 400;
-      return { error: "Only pending tasks can be cancelled" };
-    }
-    db.updateTask(params.id, {
-      status: "failed",
-      error: "Task cancelled by user"
-    });
-    return { success: true };
-  });
-}
-
-// src/routes/config.routes.ts
-function createConfigRoutes(db) {
-  return new Elysia({ prefix: "/api/config" }).get("/", () => {
-    const config = db.getAllConfig();
-    return { config };
-  }).get("/status", () => {
-    const status2 = db.getConfigStatus();
-    return status2;
-  }).get("/:key", ({ params, set }) => {
-    const value = db.getConfig(params.key);
-    if (value === undefined) {
-      set.status = 404;
-      return { error: "Configuration key not found" };
-    }
-    return { key: params.key, value };
-  }).put("/:key", ({ params, body, set }) => {
-    try {
-      db.setConfig(params.key, body.value);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to set configuration",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      value: t.String()
-    })
-  }).delete("/:key", ({ params, set }) => {
-    const current = db.getConfig(params.key);
-    if (current === undefined) {
-      set.status = 404;
-      return { error: "Configuration key not found" };
-    }
-    try {
-      db.deleteConfig(params.key);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to delete configuration",
-        details: String(err)
-      };
-    }
-  }).post("/bulk", ({ body, set }) => {
-    try {
-      db.bulkSetConfig(body.configs);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to set configuration",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      configs: t.Record(t.String(), t.String())
-    })
-  });
-}
-
-// src/routes/git.routes.ts
-import crypto5 from "crypto";
-import { promises as fs2 } from "fs";
-import path2 from "path";
-async function detectProjectType(directory) {
-  try {
-    const entries = await fs2.readdir(directory);
-    if (entries.includes("package.json")) {
-      try {
-        const packageJson = JSON.parse(await fs2.readFile(path2.join(directory, "package.json"), "utf8"));
-        const deps = {
-          ...packageJson.dependencies,
-          ...packageJson.devDependencies
-        };
-        if (deps.react || deps["@types/react"])
-          return "react";
-        if (deps.vue || deps["@vue/cli"])
-          return "vue";
-        if (deps.angular || deps["@angular/core"])
-          return "angular";
-        if (deps.next || deps["@types/next"])
-          return "nextjs";
-        if (deps.nuxt || deps["@nuxt/core"])
-          return "nuxtjs";
-        if (deps.svelte || deps["@sveltejs/kit"])
-          return "svelte";
-        if (deps.express || deps.fastify || deps.koa)
-          return "nodejs-backend";
-        if (deps.electron)
-          return "electron";
-        if (deps.vite)
-          return "vite";
-      } catch {}
-      return "nodejs";
-    }
-    if (entries.includes("setup.py") || entries.includes("requirements.txt") || entries.includes("pyproject.toml") || entries.includes("Pipfile")) {
-      if (entries.includes("manage.py"))
-        return "django";
-      if (entries.includes("app.py"))
-        return "flask";
-      return "python";
-    }
-    if (entries.includes("go.mod"))
-      return "go";
-    if (entries.includes("Cargo.toml"))
-      return "rust";
-    if (entries.includes("pom.xml"))
-      return "maven";
-    if (entries.includes("build.gradle") || entries.includes("build.gradle.kts"))
-      return "gradle";
-    if (entries.includes("Gemfile"))
-      return "ruby";
-    if (entries.includes("composer.json"))
-      return "php";
-    if (entries.some((e) => e.endsWith(".csproj") || e.endsWith(".sln")))
-      return "dotnet";
-    if (entries.includes("CMakeLists.txt") || entries.includes("Makefile"))
-      return "cpp";
-    if (entries.includes("Package.swift"))
-      return "swift";
-    if (entries.includes("pubspec.yaml"))
-      return "flutter";
-    if (entries.some((e) => e.endsWith(".tf")))
-      return "terraform";
-    if (entries.includes("Dockerfile"))
-      return "docker";
-  } catch {}
-  return;
-}
-async function detectVitePort(directory) {
-  try {
-    const variants = ["vite.config.ts", "vite.config.js"];
-    for (const name of variants) {
-      try {
-        const content = await fs2.readFile(path2.join(directory, name), "utf-8");
-        const match = content.match(/port:\s*(\d+)/);
-        if (match)
-          return parseInt(match[1], 10);
-      } catch {}
-    }
-  } catch {}
-  return;
-}
-var SKIP_DIRS = new Set([
-  ".git",
-  "node_modules",
-  "__pycache__",
-  ".venv",
-  "venv",
-  "dist",
-  "build"
-]);
-async function scanForGitRepositories(directory, includeSubmodules, parentPath) {
-  const repositories = [];
-  try {
-    const entries = await fs2.readdir(directory, { withFileTypes: true });
-    const hasGit = entries.some((e) => e.name === ".git" && e.isDirectory());
-    if (hasGit) {
-      repositories.push({
-        path: directory,
-        name: path2.basename(directory),
-        parentPath,
-        isSubmodule: !!parentPath,
-        projectType: await detectProjectType(directory),
-        vitePort: await detectVitePort(directory)
-      });
-      if (!includeSubmodules)
-        return repositories;
-      parentPath = directory;
-    }
-    for (const entry of entries) {
-      if (entry.isDirectory() && !SKIP_DIRS.has(entry.name) && !entry.name.startsWith(".")) {
-        const subPath = path2.join(directory, entry.name);
-        const subRepos = await scanForGitRepositories(subPath, includeSubmodules, parentPath);
-        repositories.push(...subRepos);
-      }
-    }
-  } catch {}
-  return repositories;
-}
-function createGitRoutes(db) {
-  return new Elysia({ prefix: "/api/git" }).get("/", () => {
-    const repositories = db.getAllGitRepositories();
-    return { repositories };
-  }).get("/:id", ({ params, set }) => {
-    const repository = db.getGitRepository(params.id);
-    if (!repository) {
-      set.status = 404;
-      return { error: "Repository not found" };
-    }
-    return { repository };
-  }).post("/scan", async ({ body, set }) => {
-    try {
-      const stats = await fs2.stat(body.directory);
-      if (!stats.isDirectory()) {
-        set.status = 400;
-        return { error: "Path is not a directory" };
-      }
-      const repositories = await scanForGitRepositories(body.directory, body.includeSubmodules ?? true);
-      const savedRepos = [];
-      for (const repo of repositories) {
-        const existing = db.getGitRepositoryByPath(repo.path);
-        if (existing) {
-          db.updateGitRepository(existing.id, repo);
-          savedRepos.push({ ...existing, ...repo });
-        } else {
-          const newRepo = db.createGitRepository({
-            id: crypto5.randomUUID(),
-            ...repo
-          });
-          savedRepos.push(newRepo);
-        }
-      }
-      return {
-        repositories: savedRepos,
-        scannedPath: body.directory,
-        totalFound: savedRepos.length
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to scan directory", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      directory: t.String(),
-      includeSubmodules: t.Optional(t.Boolean())
-    })
-  }).put("/:id", ({ params, body, set }) => {
-    const repository = db.getGitRepository(params.id);
-    if (!repository) {
-      set.status = 404;
-      return { error: "Repository not found" };
-    }
-    try {
-      db.updateGitRepository(params.id, body);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to update repository",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      name: t.Optional(t.String()),
-      projectType: t.Optional(t.String()),
-      vitePort: t.Optional(t.Number())
-    })
-  }).delete("/:id", ({ params, set }) => {
-    const repository = db.getGitRepository(params.id);
-    if (!repository) {
-      set.status = 404;
-      return { error: "Repository not found" };
-    }
-    try {
-      db.deleteGitRepository(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to delete repository", details: String(err) };
-    }
-  }).post("/fix-hierarchy", ({ set }) => {
-    try {
-      const result = db.fixGitHierarchy();
-      const repos = db.getAllGitRepositories();
-      return { success: true, fixed: result.fixed, total: repos.length };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to fix hierarchy", details: String(err) };
-    }
-  });
-}
-
-// src/routes/file.routes.ts
-import { promises as fs3 } from "fs";
-import nodePath from "path";
-var SENSITIVE_PATTERNS = [
-  /\.env$/,
-  /\.pem$/,
-  /\.key$/,
-  /id_rsa/,
-  /\.ssh\//,
-  /\.git\/config$/,
-  /\.npmrc$/
-];
-var PROTECTED_PATHS = ["/", "/etc", "/usr", "/bin", "/sbin", "/var", "/opt"];
-function validatePath(filePath) {
-  const normalized = nodePath.normalize(filePath);
-  if (normalized.includes("..")) {
-    return {
-      valid: false,
-      normalized,
-      error: "Directory traversal not allowed"
-    };
-  }
-  return { valid: true, normalized };
-}
-function isSensitiveFile(filePath) {
-  return SENSITIVE_PATTERNS.some((p) => p.test(filePath));
-}
-function isProtectedPath(filePath) {
-  return PROTECTED_PATHS.includes(filePath) || PROTECTED_PATHS.some((p) => filePath.startsWith(p + "/"));
-}
-function createFileRoutes() {
-  return new Elysia({ prefix: "/api/files" }).post("/read", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    if (isSensitiveFile(normalized)) {
-      set.status = 403;
-      return { error: "Access to sensitive files not allowed" };
-    }
-    try {
-      const content = await fs3.readFile(normalized, "utf-8");
-      return { content, path: normalized, size: content.length };
-    } catch (err) {
-      const nodeErr = err;
-      if (nodeErr.code === "ENOENT") {
-        set.status = 404;
-        return { error: "File not found" };
-      }
-      if (nodeErr.code === "EACCES") {
-        set.status = 403;
-        return { error: "Permission denied" };
-      }
-      set.status = 500;
-      return { error: "Failed to read file", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      path: t.String(),
-      projectId: t.Optional(t.String())
-    })
-  }).post("/write", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    try {
-      const dir = nodePath.dirname(normalized);
-      await fs3.mkdir(dir, { recursive: true });
-      await fs3.writeFile(normalized, body.content, "utf-8");
-      const stats = await fs3.stat(normalized);
-      return { success: true, path: normalized, size: stats.size };
-    } catch (err) {
-      const nodeErr = err;
-      if (nodeErr.code === "EACCES") {
-        set.status = 403;
-        return { error: "Permission denied" };
-      }
-      set.status = 500;
-      return { error: "Failed to write file", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      path: t.String(),
-      content: t.String(),
-      projectId: t.Optional(t.String())
-    })
-  }).post("/list", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    try {
-      const entries = await fs3.readdir(normalized, {
-        withFileTypes: true
-      });
-      const files = await Promise.all(entries.map(async (entry) => {
-        const fullPath = nodePath.join(normalized, entry.name);
-        let stats;
-        try {
-          stats = await fs3.stat(fullPath);
-        } catch {
-          stats = null;
-        }
-        return {
-          name: entry.name,
-          path: fullPath,
-          type: entry.isDirectory() ? "directory" : entry.isFile() ? "file" : entry.isSymbolicLink() ? "symlink" : "other",
-          size: stats?.size || 0,
-          modified: stats?.mtime || null,
-          permissions: stats?.mode || null
-        };
-      }));
-      files.sort((a, b) => {
-        if (a.type === "directory" && b.type !== "directory")
-          return -1;
-        if (a.type !== "directory" && b.type === "directory")
-          return 1;
-        return a.name.localeCompare(b.name);
-      });
-      return { path: normalized, files, count: files.length };
-    } catch (err) {
-      const nodeErr = err;
-      if (nodeErr.code === "ENOENT") {
-        set.status = 404;
-        return { error: "Directory not found" };
-      }
-      if (nodeErr.code === "ENOTDIR") {
-        set.status = 400;
-        return { error: "Path is not a directory" };
-      }
-      if (nodeErr.code === "EACCES") {
-        set.status = 403;
-        return { error: "Permission denied" };
-      }
-      set.status = 500;
-      return { error: "Failed to list directory", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      path: t.String(),
-      projectId: t.Optional(t.String())
-    })
-  }).post("/exists", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    try {
-      const stats = await fs3.stat(normalized);
-      return {
-        exists: true,
-        path: normalized,
-        type: stats.isDirectory() ? "directory" : stats.isFile() ? "file" : "other",
-        size: stats.size,
-        modified: stats.mtime
-      };
-    } catch (err) {
-      const nodeErr = err;
-      if (nodeErr.code === "ENOENT") {
-        return { exists: false, path: normalized };
-      }
-      set.status = 500;
-      return { error: "Failed to check path", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      path: t.String()
-    })
-  }).post("/delete", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    if (isProtectedPath(normalized)) {
-      set.status = 403;
-      return { error: "Cannot delete system directories" };
-    }
-    try {
-      const stats = await fs3.stat(normalized);
-      if (stats.isDirectory()) {
-        await fs3.rm(normalized, { recursive: true, force: true });
-      } else {
-        await fs3.unlink(normalized);
-      }
-      return {
-        success: true,
-        path: normalized
-      };
-    } catch (err) {
-      const nodeErr = err;
-      if (nodeErr.code === "ENOENT") {
-        set.status = 404;
-        return { error: "Path not found" };
-      }
-      if (nodeErr.code === "EACCES") {
-        set.status = 403;
-        return { error: "Permission denied" };
-      }
-      set.status = 500;
-      return { error: "Failed to delete path", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      path: t.String()
-    })
-  }).post("/readme", async ({ body, set }) => {
-    const { valid, normalized, error } = validatePath(body.path);
-    if (!valid) {
-      set.status = 403;
-      return { error };
-    }
-    const readmeVariants = [
-      "README.md",
-      "readme.md",
-      "README.MD",
-      "README",
-      "readme",
-      "README.txt",
-      "readme.txt",
-      "README.rst",
-      "readme.rst"
-    ];
-    for (const variant of readmeVariants) {
-      try {
-        const readmePath = nodePath.join(normalized, variant);
-        const content = await fs3.readFile(readmePath, "utf-8");
-        return {
-          content,
-          path: readmePath,
-          variant,
-          size: content.length
-        };
-      } catch {}
-    }
-    set.status = 404;
-    return { error: "No README file found" };
-  }, {
-    body: t.Object({
-      path: t.String()
-    })
-  });
-}
-
-// src/routes/bookmark.routes.ts
-import crypto6 from "crypto";
-function createBookmarkRoutes(db, serviceRegistry) {
-  return new Elysia({ prefix: "/api/bookmarks" }).get("/", ({ query }) => {
-    const q = query;
-    const bookmarks = q.projectId !== undefined ? db.getBookmarkedCommandsByProject(q.projectId) : db.getAllBookmarkedCommands();
-    return { bookmarks };
-  }).get("/global", () => {
-    const bookmarks = db.getBookmarkedCommandsByProject(null);
-    return { bookmarks };
-  }).get("/project/:projectId", ({ params }) => {
-    const bookmarks = db.getBookmarkedCommandsByProject(params.projectId);
-    return { bookmarks };
-  }).get("/category/:category", ({ params }) => {
-    const bookmarks = db.getBookmarkedCommandsByCategory(params.category);
-    return { bookmarks, category: params.category };
-  }).get("/:id", ({ params, set }) => {
-    const bookmark = db.getBookmarkedCommand(params.id);
-    if (!bookmark) {
-      set.status = 404;
-      return { error: "Bookmarked command not found" };
-    }
-    return { bookmark };
-  }).post("/", ({ body, set }) => {
-    try {
-      const bookmark = db.createBookmarkedCommand({
-        id: crypto6.randomUUID(),
-        projectId: body.projectId,
-        command: body.command,
-        description: body.description,
-        category: body.category
-      });
-      return { bookmark };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to create bookmarked command",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      projectId: t.Optional(t.String()),
-      command: t.String(),
-      description: t.Optional(t.String()),
-      category: t.Optional(t.String())
-    })
-  }).put("/:id", ({ params, body, set }) => {
-    const bookmark = db.getBookmarkedCommand(params.id);
-    if (!bookmark) {
-      set.status = 404;
-      return { error: "Bookmarked command not found" };
-    }
-    try {
-      const updates = {};
-      if (body.command !== undefined)
-        updates.command = body.command;
-      if (body.description !== undefined)
-        updates.description = body.description;
-      if (body.category !== undefined)
-        updates.category = body.category;
-      db.updateBookmarkedCommand(params.id, updates);
-      const updatedBookmark = db.getBookmarkedCommand(params.id);
-      return { bookmark: updatedBookmark };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to update bookmarked command",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      command: t.Optional(t.String()),
-      description: t.Optional(t.String()),
-      category: t.Optional(t.String())
-    })
-  }).delete("/:id", ({ params, set }) => {
-    const bookmark = db.getBookmarkedCommand(params.id);
-    if (!bookmark) {
-      set.status = 404;
-      return { error: "Bookmarked command not found" };
-    }
-    try {
-      db.deleteBookmarkedCommand(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to delete bookmarked command",
-        details: String(err)
-      };
-    }
-  }).post("/:id/execute", async ({ params, body, set }) => {
-    const bookmark = db.getBookmarkedCommand(params.id);
-    if (!bookmark) {
-      set.status = 404;
-      return { error: "Bookmarked command not found" };
-    }
-    try {
-      if (body.sessionId) {
-        const sessionProvider = serviceRegistry.getProvider("session");
-        if (!sessionProvider) {
-          set.status = 400;
-          return { error: "No session provider registered" };
-        }
-        const session = await sessionProvider.get(body.sessionId);
-        if (!session) {
-          set.status = 404;
-          return { error: "Session not found" };
-        }
-        await sessionProvider.sendCommand(body.sessionId, bookmark.command);
-        return {
-          success: true,
-          executedIn: "session",
-          sessionId: body.sessionId
-        };
-      }
-      const task = db.createTask({
-        id: crypto6.randomUUID(),
-        type: "command",
-        status: "pending",
-        payload: JSON.stringify({
-          command: bookmark.command,
-          cwd: body.cwd || process.cwd()
-        })
-      });
-      return {
-        success: true,
-        executedIn: "task",
-        taskId: task.id
-      };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to execute bookmarked command",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      sessionId: t.Optional(t.String()),
-      cwd: t.Optional(t.String())
-    })
-  });
-}
-
-// src/routes/notification.routes.ts
-import crypto7 from "crypto";
-function createNotificationRoutes(db) {
-  return new Elysia({ prefix: "/api/notifications" }).get("/", ({ query }) => {
-    const q = query;
-    if (q.status === "unread") {
-      return { notifications: db.getUnreadNotifications() };
-    }
-    if (q.projectId !== undefined) {
-      return { notifications: db.getNotificationsByProject(q.projectId) };
-    }
-    return { notifications: db.getAllNotifications() };
-  }).get("/unread", () => {
-    const notifications = db.getUnreadNotifications();
-    return { notifications, count: notifications.length };
-  }).get("/global", () => {
-    const notifications = db.getGlobalNotifications();
-    return { notifications, count: notifications.length };
-  }).get("/project/:projectId", ({ params }) => {
-    const notifications = db.getNotificationsByProject(params.projectId);
-    return { notifications };
-  }).put("/read-all", ({ set }) => {
-    try {
-      const count = db.markAllNotificationsRead();
-      return { success: true, markedCount: count };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to mark all notifications as read",
-        details: String(err)
-      };
-    }
-  }).delete("/clear/old", ({ query }) => {
-    const q = query;
-    const days = q.days ? parseInt(q.days, 10) : 30;
-    const count = db.clearOldNotifications(days);
-    return { success: true, deletedCount: count };
-  }).get("/:id", ({ params, set }) => {
-    const notification = db.getNotification(params.id);
-    if (!notification) {
-      set.status = 404;
-      return { error: "Notification not found" };
-    }
-    return { notification };
-  }).post("/", ({ body, set }) => {
-    try {
-      const notification = db.createNotification({
-        id: crypto7.randomUUID(),
-        sessionName: body.sessionName,
-        projectId: body.projectId,
-        type: body.type || "info",
-        title: body.title,
-        message: body.message,
-        status: "unread"
-      });
-      return { notification };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to create notification",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      sessionName: t.Optional(t.String()),
-      projectId: t.Optional(t.String()),
-      type: t.Optional(t.Union([
-        t.Literal("info"),
-        t.Literal("success"),
-        t.Literal("warning"),
-        t.Literal("error")
-      ])),
-      title: t.String(),
-      message: t.String()
-    })
-  }).put("/:id/read", ({ params, set }) => {
-    const notification = db.getNotification(params.id);
-    if (!notification) {
-      set.status = 404;
-      return { error: "Notification not found" };
-    }
-    db.updateNotificationStatus(params.id, "read");
-    return { success: true };
-  }).put("/:id/unread", ({ params, set }) => {
-    const notification = db.getNotification(params.id);
-    if (!notification) {
-      set.status = 404;
-      return { error: "Notification not found" };
-    }
-    db.updateNotificationStatus(params.id, "unread");
-    return { success: true };
-  }).delete("/:id", ({ params, set }) => {
-    const notification = db.getNotification(params.id);
-    if (!notification) {
-      set.status = 404;
-      return { error: "Notification not found" };
-    }
-    try {
-      db.deleteNotification(params.id);
-      return { success: true };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to delete notification",
-        details: String(err)
-      };
-    }
-  }).post("/webhook/:sessionId", ({ params, body, set }) => {
-    try {
-      const typeMap = {
-        task_completed: "success",
-        info: "info",
-        success: "success",
-        warning: "warning",
-        error: "error"
-      };
-      const mappedType = typeMap[body.type || "info"] || "info";
-      const message = body.metadata ? `${body.message}
-
-Metadata: ${JSON.stringify(body.metadata, null, 2)}` : body.message;
-      const notification = db.createNotification({
-        id: crypto7.randomUUID(),
-        sessionName: body.projectName,
-        projectId: params.sessionId,
-        type: mappedType,
-        title: body.title,
-        message,
-        status: "unread"
-      });
-      return {
-        notification,
-        webhook: true,
-        originalType: body.type || "info",
-        mappedType
-      };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to create webhook notification",
-        details: String(err)
-      };
-    }
-  }, {
-    body: t.Object({
-      type: t.Optional(t.String()),
-      title: t.String(),
-      message: t.String(),
-      metadata: t.Optional(t.Record(t.String(), t.Unknown())),
-      projectName: t.Optional(t.String())
-    })
-  });
-}
-
-// src/routes/project.routes.ts
-import { promises as fs4 } from "fs";
-import nodePath2 from "path";
-var FORBIDDEN_PATHS = [
-  "/System",
-  "/usr",
-  "/bin",
-  "/sbin",
-  "/etc",
-  "/var/root",
-  "/private/var/root",
-  "/tmp",
-  "/Windows",
-  "/Program Files",
-  "C:\\Windows",
-  "C:\\Program Files"
-];
-var ALLOWED_PREFIXES = [
-  "/Users",
-  "/home",
-  "/opt",
-  process.env.HOME || "",
-  "C:\\Users",
-  "D:\\",
-  "E:\\"
-].filter(Boolean);
-function isAllowedPath(scanPath) {
-  const normalized = nodePath2.resolve(scanPath);
-  if (FORBIDDEN_PATHS.some((fp) => normalized.startsWith(fp)))
-    return false;
-  return ALLOWED_PREFIXES.some((prefix) => normalized.startsWith(prefix));
-}
-async function detectProject(dirPath, dirName) {
-  try {
-    const files = await fs4.readdir(dirPath);
-    const hasPackageJson = files.includes("package.json");
-    const hasPyproject = files.includes("pyproject.toml");
-    const hasRequirements = files.includes("requirements.txt");
-    const hasCargoToml = files.includes("Cargo.toml");
-    const hasGitDir = files.includes(".git");
-    if (!hasPackageJson && !hasPyproject && !hasRequirements && !hasCargoToml && !hasGitDir) {
-      return null;
-    }
-    let projectType = "unknown";
-    let vitePort;
-    if (hasPackageJson) {
-      try {
-        const content = await fs4.readFile(nodePath2.join(dirPath, "package.json"), "utf-8");
-        if (content.trim()) {
-          const pkg = JSON.parse(content);
-          const deps = { ...pkg.dependencies, ...pkg.devDependencies };
-          if (deps.vite) {
-            projectType = "vite";
-            const devScript = pkg.scripts?.dev;
-            if (typeof devScript === "string") {
-              const portMatch = devScript.match(/--port[=\s]+(\d+)/);
-              if (portMatch)
-                vitePort = parseInt(portMatch[1], 10);
-            }
-          } else if (deps.react)
-            projectType = "react";
-          else if (deps.next)
-            projectType = "nextjs";
-          else if (deps.express)
-            projectType = "express";
-          else if (deps.fastify)
-            projectType = "fastify";
-          else
-            projectType = "nodejs";
-        }
-      } catch {
-        projectType = "nodejs";
-      }
-    } else if (hasPyproject || hasRequirements) {
-      projectType = "python";
-    } else if (hasCargoToml) {
-      projectType = "rust";
-    }
-    const stats = await fs4.stat(dirPath);
-    const project = {
-      id: `local-${Buffer.from(dirPath).toString("base64url").slice(0, 8)}-${Date.now()}`,
-      name: dirName,
-      path: dirPath,
-      type: projectType,
-      lastUpdated: stats.mtime.getTime(),
-      status: "INACTIVE",
-      tags: [projectType]
-    };
-    if (vitePort)
-      project.vitePort = vitePort;
-    if (hasGitDir) {
-      try {
-        const gitConfig = await fs4.readFile(nodePath2.join(dirPath, ".git", "config"), "utf-8");
-        const remoteMatch = gitConfig.match(/url = (.+)/);
-        if (remoteMatch)
-          project.repository = remoteMatch[1].trim();
-      } catch {}
-    }
-    return project;
-  } catch {
-    return null;
-  }
-}
-async function scanForProjects(basePath, recursive) {
-  const projects = [];
-  try {
-    const entries = await fs4.readdir(basePath, { withFileTypes: true });
-    for (const entry of entries) {
-      if (!entry.isDirectory())
-        continue;
-      if (entry.name.startsWith(".") || entry.name === "node_modules")
-        continue;
-      const fullPath = nodePath2.join(basePath, entry.name);
-      const project = await detectProject(fullPath, entry.name);
-      if (project)
-        projects.push(project);
-      if (recursive) {
-        try {
-          const subProjects = await scanForProjects(fullPath, true);
-          projects.push(...subProjects);
-        } catch {}
-      }
-    }
-  } catch {}
-  return projects;
-}
-function createProjectRoutes() {
-  return new Elysia({ prefix: "/api/projects" }).get("/", () => {
-    return { projects: [] };
-  }).post("/", () => {
-    const id = `project-${Date.now()}`;
-    return { id, success: true };
-  }).post("/scan", async ({ body, set }) => {
-    if (!body.scanPath) {
-      set.status = 400;
-      return { error: "scanPath is required", success: false };
-    }
-    const normalized = nodePath2.normalize(body.scanPath);
-    if (normalized.includes("..")) {
-      set.status = 403;
-      return { error: "Directory traversal not allowed", success: false };
-    }
-    if (!isAllowedPath(normalized)) {
-      set.status = 403;
-      return {
-        error: "Access to this path is not allowed",
-        success: false
-      };
-    }
-    try {
-      const projects = await scanForProjects(normalized, body.recursive ?? false);
-      return { projects, success: true, count: projects.length };
-    } catch (err) {
-      set.status = 500;
-      return {
-        error: "Failed to scan projects",
-        details: String(err),
-        success: false
-      };
-    }
-  }, {
-    body: t.Object({
-      recursive: t.Optional(t.Boolean()),
-      scanPath: t.Optional(t.String()),
-      respectGitignore: t.Optional(t.Boolean())
-    })
-  }).post("/scan-remote", async ({ body, set }) => {
-    if (!body.scanPath) {
-      set.status = 400;
-      return {
-        error: "scanPath is required for remote scanning",
-        success: false
-      };
-    }
-    return {
-      projects: [],
-      success: true,
-      count: 0,
-      message: "Remote scanning not yet implemented"
-    };
-  }, {
-    body: t.Object({
-      recursive: t.Optional(t.Boolean()),
-      connectionId: t.Optional(t.String()),
-      scanPath: t.Optional(t.String()),
-      respectGitignore: t.Optional(t.Boolean())
-    })
-  }).put("/:id", () => {
-    return { success: true, changes: 1 };
-  });
-}
-
-// src/routes/plugin.routes.ts
-var AVAILABLE_PLUGINS = [
-  {
-    packageName: "@burdenoff/vibe-plugin-tunnel-cloudflare",
-    name: "tunnel-cloudflare",
-    description: "Cloudflare Tunnel provider for remote access",
-    cliCommand: "tunnel",
-    apiPrefix: "/api/tunnel-cloudflare",
-    installed: false,
-    category: "tunnel"
-  },
-  {
-    packageName: "@burdenoff/vibe-plugin-session-tmux",
-    name: "session-tmux",
-    description: "tmux session provider for terminal management",
-    cliCommand: "session",
-    apiPrefix: "/api/session-tmux",
-    installed: false,
-    category: "session"
-  },
-  {
-    packageName: "@burdenoff/vibe-plugin-ssh",
-    name: "ssh",
-    description: "SSH connection management and port forwarding",
-    cliCommand: "ssh",
-    apiPrefix: "/api/ssh",
-    installed: false,
-    category: "tool"
-  },
-  {
-    packageName: "@burdenoff/vibe-plugin-ai",
-    name: "ai",
-    description: "AI tool management and integration",
-    cliCommand: "ai",
-    apiPrefix: undefined,
-    installed: false,
-    category: "integration"
-  }
-];
-function createPluginRoutes(pluginManager) {
-  return new Elysia({ prefix: "/api/plugins" }).get("/", () => {
-    const plugins = pluginManager.getPluginDetails();
-    return { plugins, count: plugins.length };
-  }).get("/available", () => {
-    const installed = pluginManager.getPluginDetails();
-    const installedNames = new Set(installed.map((p) => p.packageName));
-    return {
-      plugins: AVAILABLE_PLUGINS.map((p) => ({
-        ...p,
-        installed: installedNames.has(p.packageName)
-      }))
-    };
-  }).post("/install", async ({ body, set }) => {
-    if (!body.packageName || typeof body.packageName !== "string") {
-      set.status = 400;
-      return { error: "Missing required field: packageName" };
-    }
-    try {
-      await pluginManager.install(body.packageName);
-      return {
-        success: true,
-        message: `Plugin ${body.packageName} installed and loaded successfully`
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to install plugin", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      packageName: t.String()
-    })
-  }).post("/remove", async ({ body, set }) => {
-    if (!body.packageName || typeof body.packageName !== "string") {
-      set.status = 400;
-      return { error: "Missing required field: packageName" };
-    }
-    try {
-      await pluginManager.remove(body.packageName);
-      return {
-        success: true,
-        message: `Plugin ${body.packageName} removed successfully`
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to remove plugin", details: String(err) };
-    }
-  }, {
-    body: t.Object({
-      packageName: t.String()
-    })
-  }).post("/reload", async ({ set }) => {
-    try {
-      await pluginManager.dispatchServerStop();
-      await pluginManager.loadAll();
-      const plugins = pluginManager.getPluginDetails();
-      return {
-        success: true,
-        plugins,
-        message: `Reloaded ${plugins.length} plugin(s)`
-      };
-    } catch (err) {
-      set.status = 500;
-      return { error: "Failed to reload plugins", details: String(err) };
-    }
-  });
-}
-
-// src/routes/plugin-state.routes.ts
-class LocalPluginStateBackend {
-  db;
-  constructor(db) {
-    this.db = db;
-  }
-  async getAll(pluginName) {
-    return this.db.getAllPluginState(pluginName).map((e) => ({
-      key: e.key,
-      value: e.value
-    }));
-  }
-  async get(pluginName, key) {
-    return this.db.getPluginState(pluginName, key);
-  }
-  async set(pluginName, key, value) {
-    this.db.setPluginState(pluginName, key, value);
-  }
-  async delete(pluginName, key) {
-    return this.db.deletePluginState(pluginName, key);
-  }
-  async deleteAll(pluginName) {
-    return this.db.deleteAllPluginState(pluginName);
-  }
-}
-
-class PluginStateRouter {
-  db;
-  _agentId;
-  localBackend;
-  externalConfig;
-  constructor(db, _agentId) {
-    this.db = db;
-    this._agentId = _agentId;
-    this.localBackend = new LocalPluginStateBackend(db);
-  }
-  configureExternal(config) {
-    this.externalConfig = config;
-  }
-  resolve(backend) {
-    switch (backend) {
-      case "remote":
-        logger.warn("plugin-state", "Remote backend not yet implemented, falling back to local");
-        return this.localBackend;
-      case "external":
-        if (!this.externalConfig) {
-          logger.warn("plugin-state", "External backend not configured, falling back to local");
-          return this.localBackend;
-        }
-        logger.warn("plugin-state", "External backend not yet implemented, falling back to local");
-        return this.localBackend;
-      case "local":
-      default:
-        return this.localBackend;
-    }
-  }
-}
-function createPluginStateRoutes(db) {
-  const agentId = db.getConfig("gateway-auth:clientId");
-  const router = new PluginStateRouter(db, agentId);
-  const externalConfigStr = db.getConfig("plugin-state:external-config");
-  if (externalConfigStr) {
-    try {
-      const config = JSON.parse(externalConfigStr);
-      router.configureExternal(config);
-    } catch {
-      logger.warn("plugin-state-routes", "Failed to parse saved external config");
-    }
-  }
-  return new Elysia({ prefix: "/api/plugin-state" }).post("/config/external", ({ body, set }) => {
-    if (!body.baseUrl) {
-      set.status = 400;
-      return { error: "Missing required field: baseUrl" };
-    }
-    router.configureExternal(body);
-    db.setConfig("plugin-state:external-config", JSON.stringify(body));
-    return { configured: true, baseUrl: body.baseUrl };
-  }, {
-    body: t.Object({
-      baseUrl: t.String(),
-      headers: t.Optional(t.Record(t.String(), t.String()))
-    })
-  }).get("/:pluginName", async ({ params, query }) => {
-    const q = query;
-    const backend = router.resolve(q.backend);
-    const entries = await backend.getAll(params.pluginName);
-    return {
-      pluginName: params.pluginName,
-      entries,
-      count: entries.length,
-      backend: q.backend ?? "local"
-    };
-  }).get("/:pluginName/:key", async ({ params, query, set }) => {
-    const q = query;
-    const backend = router.resolve(q.backend);
-    const value = await backend.get(params.pluginName, params.key);
-    if (value === undefined) {
-      set.status = 404;
-      return {
-        error: "Not found",
-        message: `Key "${params.key}" not found for plugin "${params.pluginName}"`
-      };
-    }
-    return {
-      pluginName: params.pluginName,
-      key: params.key,
-      value,
-      backend: q.backend ?? "local"
-    };
-  }).put("/:pluginName/:key", async ({ params, body, query, set }) => {
-    if (body.value === undefined || body.value === null) {
-      set.status = 400;
-      return { error: "Missing required field: value" };
-    }
-    const q = query;
-    const strValue = typeof body.value === "string" ? body.value : JSON.stringify(body.value);
-    const backend = router.resolve(q.backend);
-    await backend.set(params.pluginName, params.key, strValue);
-    return {
-      pluginName: params.pluginName,
-      key: params.key,
-      value: strValue,
-      updated: true,
-      backend: q.backend ?? "local"
-    };
-  }, {
-    body: t.Object({
-      value: t.Union([t.String(), t.Any()])
-    })
-  }).delete("/:pluginName/:key", async ({ params, query, set }) => {
-    const q = query;
-    const backend = router.resolve(q.backend);
-    const deleted = await backend.delete(params.pluginName, params.key);
-    if (!deleted) {
-      set.status = 404;
-      return {
-        error: "Not found",
-        message: `Key "${params.key}" not found for plugin "${params.pluginName}"`
-      };
-    }
-    return {
-      pluginName: params.pluginName,
-      key: params.key,
-      deleted: true,
-      backend: q.backend ?? "local"
-    };
-  }).delete("/:pluginName", async ({ params, query }) => {
-    const q = query;
-    const backend = router.resolve(q.backend);
-    const count = await backend.deleteAll(params.pluginName);
-    return {
-      pluginName: params.pluginName,
-      deletedCount: count,
-      backend: q.backend ?? "local"
-    };
-  });
-}
-
-// src/ws/events.ws.ts
-import { EventEmitter } from "events";
-var eventBus = new EventEmitter;
-eventBus.setMaxListeners(100);
-function createEventsWs() {
-  const clients = new Set;
-  eventBus.on("ws:event", (event) => {
-    const json = JSON.stringify(event);
-    for (const client of clients) {
-      try {
-        client.send(json);
-      } catch {}
-    }
-  });
-  return new Elysia().ws("/ws/events", {
-    open(ws) {
-      const client = {
-        ws,
-        channels: new Set,
-        send: (data) => ws.send(data)
-      };
-      clients.add(client);
-      ws._client = client;
-      logger.info("ws-events", "Client connected", {
-        id: String(ws.id || "unknown")
-      });
-      ws.send(JSON.stringify({
-        type: "connected",
-        timestamp: new Date().toISOString()
-      }));
-    },
-    message(ws, message) {
-      try {
-        const data = typeof message === "string" ? JSON.parse(message) : message;
-        switch (data.type) {
-          case "subscribe": {
-            const client = ws._client;
-            if (client)
-              client.channels.add(data.channel);
-            logger.debug("ws-events", `Subscribed to ${data.channel}`);
-            break;
-          }
-          case "unsubscribe": {
-            const client = ws._client;
-            if (client)
-              client.channels.delete(data.channel);
-            logger.debug("ws-events", `Unsubscribed from ${data.channel}`);
-            break;
-          }
-          case "ping":
-            ws.send(JSON.stringify({
-              type: "pong",
-              timestamp: new Date().toISOString()
-            }));
-            break;
-          default:
-            logger.debug("ws-events", `Unknown message type: ${data.type}`);
-        }
-      } catch {
-        logger.warn("ws-events", "Failed to parse incoming message");
-      }
-    },
-    close(ws) {
-      const client = ws._client;
-      if (client)
-        clients.delete(client);
-      logger.info("ws-events", "Client disconnected");
-    }
-  });
-}
-// src/ws/terminal.ws.ts
-async function proxyToTtyd(port, upstreamPath, method, headers, body) {
-  const fetchHeaders = {};
-  for (const [k2, v] of Object.entries(headers)) {
-    if (v && !["host", "connection"].includes(k2.toLowerCase())) {
-      fetchHeaders[k2] = v;
-    }
-  }
-  const init = { method, headers: fetchHeaders };
-  if (method !== "GET" && method !== "HEAD" && body) {
-    init.body = typeof body === "string" ? body : JSON.stringify(body);
-  }
-  return fetch(`http://127.0.0.1:${port}${upstreamPath}`, init);
-}
-async function resolveTtydPort(serviceRegistry, sessionId) {
-  const provider = serviceRegistry.getProvider("session");
-  if (!provider)
-    return null;
-  const terminal = await provider.getTerminalInfo(sessionId);
-  if (!terminal)
-    return null;
-  try {
-    process.kill(terminal.pid, 0);
-    return terminal.port;
-  } catch {
-    return null;
-  }
-}
-function createTerminalProxy(serviceRegistry) {
-  return new Elysia().all("/terminal/:sessionId", async ({ params, request, set }) => {
-    const port = await resolveTtydPort(serviceRegistry, params.sessionId);
-    if (!port) {
-      set.status = 502;
-      return { error: "Terminal not running for this session" };
-    }
-    const upstream = await proxyToTtyd(port, "/", request.method, Object.fromEntries(Object.entries(request.headers).map(([k2, v]) => [k2, v])));
-    set.status = upstream.status;
-    const buf = await upstream.arrayBuffer();
-    return new Response(buf, {
-      status: upstream.status,
-      headers: upstream.headers
-    });
-  }).all("/terminal/:sessionId/*", async ({ params, request, set }) => {
-    const sessionId = params.sessionId;
-    const wildcardPath = params["*"] || "";
-    const port = await resolveTtydPort(serviceRegistry, sessionId);
-    if (!port) {
-      set.status = 502;
-      return { error: "Terminal not running for this session" };
-    }
-    const upstream = await proxyToTtyd(port, `/${wildcardPath}`, request.method, Object.fromEntries(Object.entries(request.headers).map(([k2, v]) => [k2, v])));
-    set.status = upstream.status;
-    const buf = await upstream.arrayBuffer();
-    return new Response(buf, {
-      status: upstream.status,
-      headers: upstream.headers
-    });
-  }).ws("/terminal/:sessionId/ws", {
-    open(ws) {
-      const wsData = ws.data;
-      const sessionId = wsData.params?.sessionId;
-      if (!sessionId) {
-        ws.close(1008, "Missing sessionId");
-        return;
-      }
-      logger.info("terminal-ws", `Client connected for session ${sessionId}`);
-      resolveTtydPort(serviceRegistry, sessionId).then((port) => {
-        if (!port) {
-          logger.warn("terminal-ws", `No ttyd running for session ${sessionId}`);
-          ws.close(1011, "No terminal running");
-          return;
-        }
-        const upstreamUrl = `ws://127.0.0.1:${port}/ws`;
-        const upstreamWs = new WebSocket(upstreamUrl, ["tty"]);
-        const upstreamBuffer = [];
-        let upstreamReady = false;
-        upstreamWs.addEventListener("open", () => {
-          upstreamReady = true;
-          logger.info("terminal-ws", `Bridge established \u2192 port ${port}`, {
-            sessionId
-          });
-          for (const msg of upstreamBuffer) {
-            upstreamWs.send(msg);
-          }
-          upstreamBuffer.length = 0;
-        });
-        upstreamWs.addEventListener("message", (event) => {
-          try {
-            ws.send(event.data);
-          } catch {}
-        });
-        upstreamWs.addEventListener("close", (event) => {
-          logger.info("terminal-ws", `Upstream closed (code=${event.code})`, { sessionId });
-          try {
-            ws.close(1000, "Upstream closed");
-          } catch {}
-        });
-        upstreamWs.addEventListener("error", (event) => {
-          logger.error("terminal-ws", `Upstream error`, { sessionId });
-          try {
-            ws.close(1011, "Upstream error");
-          } catch {}
-        });
-        ws._upstream = upstreamWs;
-        ws._upstreamReady = () => upstreamReady;
-        ws._upstreamBuffer = upstreamBuffer;
-      });
-    },
-    message(ws, message) {
-      const upstreamWs = ws._upstream;
-      const isReady = ws._upstreamReady?.();
-      const buffer = ws._upstreamBuffer;
-      if (upstreamWs && isReady && upstreamWs.readyState === WebSocket.OPEN) {
-        upstreamWs.send(message);
-      } else if (buffer) {
-        buffer.push(message);
-      }
-    },
-    close(ws) {
-      const sessionId = ws.data.params?.sessionId;
-      logger.info("terminal-ws", `Client disconnected`, { sessionId });
-      const upstreamWs = ws._upstream;
-      if (upstreamWs && upstreamWs.readyState === WebSocket.OPEN) {
-        upstreamWs.close(1000, "Client disconnected");
-      }
-    }
-  });
-}
-// src/ws/logs.ws.ts
-var LEVEL_PRIORITY = {
-  debug: 0,
-  info: 1,
-  warn: 2,
-  error: 3
-};
-function createLogRoutes() {
-  return new Elysia({ prefix: "/api/logs" }).get("/", async ({ query }) => {
-    const q = query;
-    const entries = await logger.readHistory({
-      level: q.level,
-      source: q.source,
-      from: q.from,
-      to: q.to,
-      limit: q.limit ? parseInt(q.limit, 10) : 200,
-      offset: q.offset ? parseInt(q.offset, 10) : 0
-    });
-    return { entries, count: entries.length };
-  }).get("/stream", ({ query, set }) => {
-    const q = query;
-    const minLevel = q.level ?? "info";
-    const sourceFilter = q.source ?? "";
-    set.headers["Content-Type"] = "text/event-stream";
-    set.headers["Cache-Control"] = "no-cache";
-    set.headers["Connection"] = "keep-alive";
-    set.headers["X-Accel-Buffering"] = "no";
-    return new ReadableStream({
-      start(controller) {
-        const encoder2 = new TextEncoder;
-        controller.enqueue(encoder2.encode(`: connected
-
-`));
-        const heartbeat = setInterval(() => {
-          try {
-            controller.enqueue(encoder2.encode(`: heartbeat
-
-`));
-          } catch {
-            cleanup();
-          }
-        }, 15000);
-        const onLog = (entry) => {
-          if (LEVEL_PRIORITY[entry.level] < LEVEL_PRIORITY[minLevel])
-            return;
-          if (sourceFilter && !entry.source.includes(sourceFilter))
-            return;
-          try {
-            controller.enqueue(encoder2.encode(`event: log
-data: ${JSON.stringify(entry)}
-
-`));
-          } catch {
-            cleanup();
-          }
-        };
-        const cleanup = () => {
-          clearInterval(heartbeat);
-          logger.removeListener("log", onLog);
-          try {
-            controller.close();
-          } catch {}
-        };
-        logger.on("log", onLog);
-        return () => cleanup();
-      },
-      cancel() {}
-    });
-  });
-}
-function createLogWs() {
-  return new Elysia().ws("/ws/logs", {
-    open(ws) {
-      logger.info("ws-logs", "Log stream client connected");
-      const filters = {
-        minLevel: "info",
-        source: ""
-      };
-      ws._filters = filters;
-      const onLog = (entry) => {
-        const f = ws._filters;
-        if (LEVEL_PRIORITY[entry.level] < LEVEL_PRIORITY[f.minLevel])
-          return;
-        if (f.source && !entry.source.includes(f.source))
-          return;
-        try {
-          ws.send(JSON.stringify(entry));
-        } catch {}
-      };
-      logger.on("log", onLog);
-      ws._logHandler = onLog;
-      ws.send(JSON.stringify({
-        type: "connected",
-        timestamp: new Date().toISOString()
-      }));
-    },
-    message(ws, message) {
-      try {
-        const data = typeof message === "string" ? JSON.parse(message) : message;
-        if (data.type === "filter") {
-          const filters = ws._filters;
-          if (data.level)
-            filters.minLevel = data.level;
-          if (data.source !== undefined)
-            filters.source = data.source;
-          ws.send(JSON.stringify({ type: "filter-updated", filters }));
-        }
-      } catch {}
-    },
-    close(ws) {
-      const handler = ws._logHandler;
-      if (handler) {
-        logger.removeListener("log", handler);
-      }
-      logger.info("ws-logs", "Log stream client disconnected");
-    }
-  });
-}
-// src/app.ts
-async function createApp(options) {
-  const { port, host, dbPath, apiKey, logLevel, corsOrigin } = options;
-  const db = new AgentDatabase(dbPath);
-  const serviceRegistry = new ServiceRegistry;
-  const pluginManager = new PluginManager;
-  try {
-    const gwGlobalUrl = db.getConfig("gateway-auth:globalGatewayUrl");
-    const gwClientId = db.getConfig("gateway-auth:clientId");
-    const gwClientSecret = db.getConfig("gateway-auth:clientSecret");
-    if (gwGlobalUrl && gwClientId && gwClientSecret) {
-      const gwWorkspaceUrl = db.getConfig("gateway-auth:workspaceGatewayUrl");
-      gatewayClient.configure({
-        globalGatewayUrl: gwGlobalUrl,
-        workspaceGatewayUrl: gwWorkspaceUrl,
-        clientId: gwClientId,
-        clientSecret: gwClientSecret
-      });
-      logger.info("app", "Restored gateway client config from database");
-    }
-  } catch (err) {
-    logger.warn("app", "Failed to restore gateway client config", {
-      error: String(err)
-    });
-  }
-  const app = new Elysia().use(cors({
-    origin: corsOrigin || true,
-    credentials: true
-  })).use(createAuthPlugin()).onAfterHandle(({ request, set }) => {
-    const url = new URL(request.url).pathname;
-    const isNoisy = url === "/health" || url.startsWith("/api/logs/stream");
-    const status2 = typeof set.status === "number" ? set.status : 200;
-    const level = isNoisy ? "debug" : status2 >= 400 ? "warn" : "info";
-    logger[level]("http", `${request.method} ${url} \u2192 ${status2}`, {
-      method: request.method,
-      path: url,
-      statusCode: status2
-    });
-  }).use(createHealthRoutes(serviceRegistry)).use(createAgentRoutes(db, serviceRegistry)).use(createSessionRoutes(serviceRegistry)).use(createTunnelRoutes(serviceRegistry)).use(createTaskRoutes(db)).use(createConfigRoutes(db)).use(createGitRoutes(db)).use(createFileRoutes()).use(createBookmarkRoutes(db, serviceRegistry)).use(createNotificationRoutes(db)).use(createProjectRoutes()).use(createPluginRoutes(pluginManager)).use(createPluginStateRoutes(db)).use(createLogRoutes()).use(createEventsWs()).use(createLogWs()).use(createTerminalProxy(serviceRegistry));
-  try {
-    await pluginManager.loadAll();
-    logger.info("app", `Loaded ${pluginManager.getPluginDetails().length} plugin(s)`);
-  } catch (err) {
-    logger.warn("app", "Failed to load plugins", { error: String(err) });
-  }
-  return {
-    app,
-    db,
-    serviceRegistry,
-    pluginManager,
-    async start() {
-      app.listen({ port, hostname: host });
-      logger.info("app", `Agent server listening on ${host}:${port}`);
-      return app;
-    },
-    async stop() {
-      try {
-        await pluginManager.dispatchServerStop();
-      } catch (err) {
-        logger.warn("app", "Error stopping plugins", { error: String(err) });
-      }
-      db.close();
-      logger.info("app", "Agent server stopped");
-    }
-  };
-}
-
-export { createApp };
+export { t, Elysia };
 
-//# debugId=31917A174C319B4864756E2164756E21
-//# sourceMappingURL=app-31chs2a1.js.map
+//# debugId=12770D641240622664756E2164756E21
+//# sourceMappingURL=index-wr0mkm57.js.map