npm - @camstack/server - Versions diffs - 0.2.2 → 1.0.1 - Mend

@camstack/server 0.2.2 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (234) hide show

package/{src/agent-status-page.ts → dist/agent-status-page.js} +30 -45
package/dist/api/addon-upload.js +441 -0
package/dist/api/addons-custom.router.js +91 -0
package/dist/api/auth-whoami.js +55 -0
package/dist/api/bridge-addons.router.js +109 -0
package/dist/api/capabilities.router.js +229 -0
package/dist/api/core/addon-settings.router.js +117 -0
package/dist/api/core/agents.router.js +73 -0
package/dist/api/core/auth.router.js +286 -0
package/dist/api/core/bulk-update-coordinator.js +229 -0
package/dist/api/core/cap-providers.js +1124 -0
package/dist/api/core/capabilities.router.js +138 -0
package/dist/api/core/collection-preference.js +17 -0
package/dist/api/core/event-bus-proxy.router.js +45 -0
package/dist/api/core/hwaccel.router.js +91 -0
package/dist/api/core/live-events.router.js +61 -0
package/dist/api/core/logs.router.js +172 -0
package/dist/api/core/notifications.router.js +67 -0
package/dist/api/core/repl.router.js +35 -0
package/dist/api/core/settings-backend.router.js +121 -0
package/dist/api/core/stream-probe.router.js +58 -0
package/dist/api/core/system-events.router.js +100 -0
package/dist/api/health/health.routes.js +68 -0
package/{src/api/oauth2/consent-page.ts → dist/api/oauth2/consent-page.js} +11 -20
package/dist/api/oauth2/oauth2-routes.js +219 -0
package/dist/api/trpc/cap-mount-helpers.js +194 -0
package/dist/api/trpc/cap-route-error-formatter.js +133 -0
package/dist/api/trpc/client-ip.js +147 -0
package/dist/api/trpc/core-cap-bridge.js +115 -0
package/dist/api/trpc/generated-cap-mounts.js +388 -0
package/dist/api/trpc/generated-cap-routers.js +7635 -0
package/dist/api/trpc/scope-access.js +93 -0
package/dist/api/trpc/trpc.context.js +184 -0
package/dist/api/trpc/trpc.middleware.js +139 -0
package/dist/api/trpc/trpc.router.js +188 -0
package/dist/auth/session-cookie.js +47 -0
package/dist/boot/boot-config.js +241 -0
package/dist/boot/integration-id-backfill.js +76 -0
package/dist/boot/post-boot.service.js +85 -0
package/dist/core/addon/addon-call-gateway.js +99 -0
package/dist/core/addon/addon-package.service.js +1560 -0
package/dist/core/addon/addon-registry.service.js +2739 -0
package/{src/core/addon/addon-row-manifest.ts → dist/core/addon/addon-row-manifest.js} +5 -5
package/dist/core/addon/addon-search.service.js +62 -0
package/dist/core/addon/addon-settings-provider.js +102 -0
package/dist/core/addon/addon.tokens.js +5 -0
package/dist/core/addon-bridge/addon-bridge.service.js +145 -0
package/dist/core/addon-pages/addon-pages.service.js +107 -0
package/dist/core/addon-widgets/addon-widgets.service.js +120 -0
package/dist/core/agent/agent-registry.service.js +477 -0
package/dist/core/auth/auth.service.js +10 -0
package/dist/core/capability/capability.service.js +58 -0
package/dist/core/config/config.schema.js +7 -0
package/dist/core/config/config.service.js +10 -0
package/dist/core/events/event-bus.service.js +83 -0
package/dist/core/feature/feature.service.js +10 -0
package/dist/core/lifecycle/lifecycle-state-machine.js +6 -0
package/dist/core/logging/log-ring-buffer.js +6 -0
package/dist/core/logging/logging.service.js +130 -0
package/dist/core/logging/scoped-logger.js +6 -0
package/dist/core/moleculer/cap-call-fn.js +50 -0
package/dist/core/moleculer/cap-route-authority.js +122 -0
package/dist/core/moleculer/moleculer.service.js +898 -0
package/dist/core/network/network-quality.service.js +7 -0
package/dist/core/notification/notification-wrapper.service.js +33 -0
package/dist/core/notification/toast-wrapper.service.js +25 -0
package/dist/core/provider/provider.tokens.js +4 -0
package/dist/core/repl/repl-engine.service.js +140 -0
package/dist/core/storage/fs-storage-backend.js +6 -0
package/dist/core/storage/storage-location-manager.js +6 -0
package/dist/core/storage/storage.service.js +7 -0
package/dist/core/streaming/stream-probe.service.js +209 -0
package/dist/core/topology/topology-emitter.service.js +106 -0
package/dist/launcher.js +325 -0
package/dist/main.js +1098 -0
package/dist/manual-boot.js +227 -0
package/package.json +5 -1
package/src/__tests__/addon-install-e2e.test.ts +0 -74
package/src/__tests__/addon-pages-e2e.test.ts +0 -200
package/src/__tests__/addon-route-session.test.ts +0 -17
package/src/__tests__/addon-settings-router.spec.ts +0 -67
package/src/__tests__/addon-upload.spec.ts +0 -475
package/src/__tests__/agent-registry.spec.ts +0 -179
package/src/__tests__/agent-status-page.spec.ts +0 -82
package/src/__tests__/auth-session-cookie.test.ts +0 -48
package/src/__tests__/bulk-update-coordinator.spec.ts +0 -303
package/src/__tests__/cap-ownership-authority.spec.ts +0 -431
package/src/__tests__/cap-providers/cap-providers-location-import.spec.ts +0 -206
package/src/__tests__/cap-providers/cap-usage-graph.spec.ts +0 -37
package/src/__tests__/cap-providers/compute-topology-categories.spec.ts +0 -110
package/src/__tests__/cap-providers/integrations-delete-cascade.spec.ts +0 -292
package/src/__tests__/cap-providers-bulk-update.spec.ts +0 -408
package/src/__tests__/cap-route-adapter.spec.ts +0 -302
package/src/__tests__/cap-routers/_meta.spec.ts +0 -199
package/src/__tests__/cap-routers/addon-settings.router.spec.ts +0 -115
package/src/__tests__/cap-routers/broker-routing.router.spec.ts +0 -177
package/src/__tests__/cap-routers/cap-route-error-formatter.spec.ts +0 -125
package/src/__tests__/cap-routers/capabilities-node.spec.ts +0 -68
package/src/__tests__/cap-routers/device-link-overlay.spec.ts +0 -137
package/src/__tests__/cap-routers/device-manager-aggregate.router.spec.ts +0 -194
package/src/__tests__/cap-routers/harness.ts +0 -163
package/src/__tests__/cap-routers/metrics-provider.router.spec.ts +0 -133
package/src/__tests__/cap-routers/null-provider-guard.spec.ts +0 -64
package/src/__tests__/cap-routers/pipeline-executor.router.spec.ts +0 -159
package/src/__tests__/cap-routers/settings-store.router.spec.ts +0 -291
package/src/__tests__/capability-e2e.test.ts +0 -384
package/src/__tests__/cli-e2e.test.ts +0 -150
package/src/__tests__/core-cap-bridge.spec.ts +0 -91
package/src/__tests__/dev-bootstrap-shm-ring.spec.ts +0 -40
package/src/__tests__/device-settings-contribution-dispatch.spec.ts +0 -280
package/src/__tests__/embedded-deps-e2e.test.ts +0 -125
package/src/__tests__/event-bus-proxy-router.spec.ts +0 -75
package/src/__tests__/fixtures/mock-analysis-addon-a.ts +0 -37
package/src/__tests__/fixtures/mock-analysis-addon-b.ts +0 -37
package/src/__tests__/fixtures/mock-log-addon.ts +0 -37
package/src/__tests__/fixtures/mock-storage-addon.ts +0 -40
package/src/__tests__/framework-allowlist.spec.ts +0 -96
package/src/__tests__/framework-installer-defer-restart.spec.ts +0 -165
package/src/__tests__/https-e2e.test.ts +0 -124
package/src/__tests__/lifecycle-e2e.test.ts +0 -189
package/src/__tests__/live-events-subscription.spec.ts +0 -149
package/src/__tests__/moleculer/uds-readiness.spec.ts +0 -150
package/src/__tests__/moleculer/uds-topology.spec.ts +0 -418
package/src/__tests__/moleculer/uds-unowned-call.spec.ts +0 -383
package/src/__tests__/moleculer-register-node-idempotency.spec.ts +0 -273
package/src/__tests__/native-cap-route.spec.ts +0 -427
package/src/__tests__/oauth2-account-linking.spec.ts +0 -867
package/src/__tests__/post-boot-restart.spec.ts +0 -161
package/src/__tests__/singleton-contention.test.ts +0 -499
package/src/__tests__/streaming-diagnostic.test.ts +0 -615
package/src/__tests__/streaming-scale.test.ts +0 -314
package/src/__tests__/uds-addon-call-wiring.spec.ts +0 -242
package/src/__tests__/uds-log-ingest.spec.ts +0 -183
package/src/api/__tests__/addons-custom.spec.ts +0 -148
package/src/api/__tests__/capabilities.router.test.ts +0 -56
package/src/api/addon-upload.ts +0 -529
package/src/api/addons-custom.router.ts +0 -101
package/src/api/auth-whoami.ts +0 -101
package/src/api/bridge-addons.router.ts +0 -122
package/src/api/capabilities.router.ts +0 -265
package/src/api/core/__tests__/auth-router-totp.spec.ts +0 -297
package/src/api/core/__tests__/integration-markers.spec.ts +0 -10
package/src/api/core/addon-settings.router.ts +0 -127
package/src/api/core/agents.router.ts +0 -86
package/src/api/core/auth.router.ts +0 -322
package/src/api/core/bulk-update-coordinator.ts +0 -305
package/src/api/core/cap-providers.ts +0 -1339
package/src/api/core/capabilities.router.ts +0 -149
package/src/api/core/collection-preference.ts +0 -40
package/src/api/core/event-bus-proxy.router.ts +0 -45
package/src/api/core/hwaccel.router.ts +0 -108
package/src/api/core/live-events.router.ts +0 -67
package/src/api/core/logs.router.ts +0 -195
package/src/api/core/notifications.router.ts +0 -66
package/src/api/core/repl.router.ts +0 -39
package/src/api/core/settings-backend.router.ts +0 -140
package/src/api/core/stream-probe.router.ts +0 -57
package/src/api/core/system-events.router.ts +0 -125
package/src/api/health/health.routes.ts +0 -117
package/src/api/oauth2/__tests__/oauth2-routes.spec.ts +0 -62
package/src/api/oauth2/oauth2-routes.ts +0 -281
package/src/api/trpc/__tests__/client-ip.spec.ts +0 -146
package/src/api/trpc/__tests__/scope-access-device.spec.ts +0 -268
package/src/api/trpc/__tests__/scope-access.spec.ts +0 -102
package/src/api/trpc/__tests__/webrtc-session-ua-enrich.spec.ts +0 -136
package/src/api/trpc/cap-mount-helpers.ts +0 -245
package/src/api/trpc/cap-route-error-formatter.ts +0 -171
package/src/api/trpc/client-ip.ts +0 -147
package/src/api/trpc/core-cap-bridge.ts +0 -154
package/src/api/trpc/generated-cap-mounts.ts +0 -1240
package/src/api/trpc/generated-cap-routers.ts +0 -11523
package/src/api/trpc/scope-access.ts +0 -110
package/src/api/trpc/trpc.context.ts +0 -258
package/src/api/trpc/trpc.middleware.ts +0 -146
package/src/api/trpc/trpc.router.ts +0 -389
package/src/auth/session-cookie.ts +0 -54
package/src/boot/__tests__/integration-id-backfill.spec.ts +0 -131
package/src/boot/boot-config.ts +0 -259
package/src/boot/integration-id-backfill.ts +0 -109
package/src/boot/post-boot.service.ts +0 -105
package/src/core/addon/__tests__/addon-registry-capability.test.ts +0 -62
package/src/core/addon/__tests__/addon-row-manifest.spec.ts +0 -62
package/src/core/addon/addon-call-gateway.ts +0 -171
package/src/core/addon/addon-package.service.ts +0 -1787
package/src/core/addon/addon-registry.service.ts +0 -3130
package/src/core/addon/addon-search.service.ts +0 -91
package/src/core/addon/addon-settings-provider.ts +0 -220
package/src/core/addon/addon.tokens.ts +0 -2
package/src/core/addon-bridge/addon-bridge.service.ts +0 -130
package/src/core/addon-pages/addon-pages.service.spec.ts +0 -117
package/src/core/addon-pages/addon-pages.service.ts +0 -82
package/src/core/addon-widgets/addon-widgets.service.ts +0 -95
package/src/core/agent/agent-registry.service.ts +0 -529
package/src/core/auth/auth.service.spec.ts +0 -86
package/src/core/auth/auth.service.ts +0 -8
package/src/core/capability/capability.service.ts +0 -66
package/src/core/config/config.schema.ts +0 -3
package/src/core/config/config.service.spec.ts +0 -175
package/src/core/config/config.service.ts +0 -7
package/src/core/events/event-bus.service.spec.ts +0 -235
package/src/core/events/event-bus.service.ts +0 -89
package/src/core/feature/feature.service.spec.ts +0 -99
package/src/core/feature/feature.service.ts +0 -8
package/src/core/lifecycle/lifecycle-state-machine.spec.ts +0 -166
package/src/core/lifecycle/lifecycle-state-machine.ts +0 -3
package/src/core/logging/log-ring-buffer.ts +0 -3
package/src/core/logging/logging.service.spec.ts +0 -287
package/src/core/logging/logging.service.ts +0 -143
package/src/core/logging/scoped-logger.ts +0 -3
package/src/core/moleculer/cap-call-fn.spec.ts +0 -173
package/src/core/moleculer/cap-call-fn.ts +0 -107
package/src/core/moleculer/cap-route-authority.ts +0 -194
package/src/core/moleculer/moleculer.service.ts +0 -1072
package/src/core/network/network-quality.service.spec.ts +0 -53
package/src/core/network/network-quality.service.ts +0 -5
package/src/core/notification/notification-wrapper.service.ts +0 -34
package/src/core/notification/toast-wrapper.service.ts +0 -27
package/src/core/provider/provider.tokens.ts +0 -1
package/src/core/repl/repl-engine.service.spec.ts +0 -444
package/src/core/repl/repl-engine.service.ts +0 -155
package/src/core/storage/fs-storage-backend.spec.ts +0 -70
package/src/core/storage/fs-storage-backend.ts +0 -3
package/src/core/storage/storage-location-manager.spec.ts +0 -130
package/src/core/storage/storage-location-manager.ts +0 -3
package/src/core/storage/storage.service.spec.ts +0 -73
package/src/core/storage/storage.service.ts +0 -3
package/src/core/streaming/stream-probe.service.ts +0 -221
package/src/core/topology/topology-emitter.service.ts +0 -105
package/src/launcher.ts +0 -314
package/src/main.ts +0 -1245
package/src/manual-boot.ts +0 -301
package/tsconfig.build.json +0 -8
package/tsconfig.json +0 -33
package/vitest.config.ts +0 -26

package/src/api/auth-whoami.ts DELETED Viewed

@@ -1,101 +0,0 @@
-/**
- * `GET /api/auth/whoami` — validate the caller's token and surface the
- * canonical identity + scope summary the server sees.
- *
- * Designed for the CLI `camstack whoami` command, which used to trust
- * the local cache blindly. Hitting this endpoint catches:
- *   • revocation (token was deleted server-side after the local cache)
- *   • expiry
- *   • orphan-cleanup (e.g. owner deleted, see local-auth boot migration)
- *
- * Accepts both JWT and `cst_*` scoped tokens. Returns 401 on auth fail;
- * 200 with the resolved identity otherwise. We intentionally do NOT
- * expose `tokenHash` or the raw token — only `tokenPrefix` + scopes for
- * the client to confirm the cached blob matches what the server has.
- */
-import type { FastifyInstance } from 'fastify'
-import type { AuthService } from '../core/auth/auth.service'
-import type { AddonRegistryService } from '../core/addon/addon-registry.service'
-interface ScopedTokenLike {
-  readonly id: string
-  readonly userId: string
-  readonly name: string
-  readonly tokenPrefix: string
-  readonly scopes: readonly { type: string; target: string }[]
-  readonly expiresAt?: number | null
-  readonly lastUsedAt?: number | null
-  readonly createdAt: number
-}
-interface UserManagementLike {
-  validateScopedToken(input: { token: string }): Promise<ScopedTokenLike | null>
-}
-interface WhoamiOk {
-  readonly ok: true
-  readonly kind: 'jwt' | 'scoped'
-  readonly userId: string
-  readonly username: string
-  readonly isAdmin?: boolean
-  readonly tokenPrefix?: string
-  readonly scopes?: readonly { type: string; target: string }[]
-  readonly expiresAt?: number | null
-  readonly createdAt?: number
-}
-export async function registerAuthWhoamiRoute(
-  fastify: FastifyInstance,
-  authService: AuthService,
-  addonRegistry: AddonRegistryService,
-): Promise<void> {
-  fastify.get('/api/auth/whoami', async (request, reply) => {
-    const authHeader = request.headers.authorization
-    if (!authHeader) {
-      return reply.status(401).send({ ok: false, error: 'No Authorization header' })
-    }
-    const token = authHeader.replace('Bearer ', '')
-    // JWT fast path — same logic as addon-upload auth chain.
-    try {
-      const payload = authService.verifyToken(token)
-      const ok: WhoamiOk = {
-        ok: true,
-        kind: 'jwt',
-        userId: payload.userId ?? payload.keyId ?? 'unknown',
-        username: payload.username ?? 'unknown',
-        isAdmin: payload.isAdmin,
-      }
-      return reply.send(ok)
-    } catch {
-      // Not a JWT — try scoped token via cap registry.
-    }
-    try {
-      const capRegistry = addonRegistry.getCapabilityRegistry()
-      const userMgmt = capRegistry.getSingleton('user-management') as UserManagementLike | undefined
-      if (!userMgmt) {
-        return reply.status(503).send({ ok: false, error: 'user-management cap not mounted' })
-      }
-      const record = await userMgmt.validateScopedToken({ token })
-      if (!record) {
-        return reply
-          .status(401)
-          .send({ ok: false, error: 'Token not recognised (revoked, expired, or never issued)' })
-      }
-      const ok: WhoamiOk = {
-        ok: true,
-        kind: 'scoped',
-        userId: record.userId,
-        username: record.userId,
-        tokenPrefix: record.tokenPrefix,
-        scopes: record.scopes,
-        expiresAt: record.expiresAt ?? null,
-        createdAt: record.createdAt,
-      }
-      return reply.send(ok)
-    } catch (err) {
-      const msg = err instanceof Error ? err.message : String(err)
-      return reply.status(500).send({ ok: false, error: `Validation failed: ${msg}` })
-    }
-  })
-}

package/src/api/bridge-addons.router.ts DELETED Viewed

@@ -1,122 +0,0 @@
-import { z } from 'zod'
-import { TRPCError } from '@trpc/server'
-import { protectedProcedure, adminProcedure, trpcRouter } from './trpc/trpc.middleware'
-import type { AddonBridgeService } from '../core/addon-bridge/addon-bridge.service'
-import type { AddonSearchService } from '../core/addon/addon-search.service'
-import type { AddonRegistryService } from '../core/addon/addon-registry.service'
-import type { ToastService } from '@camstack/core'
-export function createBridgeAddonsRouter(
-  bridge: AddonBridgeService,
-  addonSearch: AddonSearchService,
-  addonRegistry?: AddonRegistryService,
-  toastService?: ToastService,
-) {
-  return trpcRouter({
-    /** List all addon packages installed in the addons directory */
-    listPackages: protectedProcedure.query(() => {
-      const installer = bridge.getInstaller()
-      if (!installer) return []
-      return installer.listInstalled()
-    }),
-    /** List all available addons across all loaded packages */
-    listAddons: protectedProcedure.query(() => {
-      return bridge.listAvailableAddons().map((id) => {
-        const addon = bridge.getLoader().getAddon(id)
-        return {
-          id,
-          packageName: addon?.packageName ?? 'unknown',
-          slot: addon?.declaration.slot ?? null,
-        }
-      })
-    }),
-    /** Install a community addon package from npm */
-    installPackage: adminProcedure
-      .input(z.object({ packageName: z.string(), version: z.string().optional() }))
-      .mutation(async ({ input }) => {
-        const installer = bridge.getInstaller()
-        if (!installer) {
-          throw new TRPCError({
-            code: 'PRECONDITION_FAILED',
-            message: 'Addon installer not available — bridge may have failed to initialize',
-          })
-        }
-        await installer.install(input.packageName, input.version)
-        await bridge.reloadPackages()
-        const result = addonRegistry
-          ? await addonRegistry.loadNewAddons()
-          : { loaded: [], failed: [] }
-        toastService?.broadcast({
-          title: 'Addon Installed',
-          message: `${input.packageName} installed successfully${result.loaded.length ? ` (${result.loaded.join(', ')})` : ''}`,
-          severity: result.failed.length ? 'warning' : 'info',
-        })
-        return { success: true, loaded: result.loaded, failed: result.failed }
-      }),
-    /** Uninstall a community addon package */
-    uninstallPackage: adminProcedure
-      .input(z.object({ packageName: z.string() }))
-      .mutation(async ({ input }) => {
-        // Server-side guard: prevent uninstalling required packages.
-        // After Phase D bundle merge, the pipeline-related packages
-        // (stream-broker, detection-pipeline, motion-wasm, decoders,
-        // audio) all live in @camstack/addon-pipeline.
-        const REQUIRED = new Set([
-          '@camstack/core',
-          '@camstack/addon-pipeline',
-          '@camstack/addon-pipeline-orchestrator',
-          '@camstack/addon-post-analysis',
-          '@camstack/addon-admin-ui',
-        ])
-        if (REQUIRED.has(input.packageName)) {
-          throw new TRPCError({
-            code: 'FORBIDDEN',
-            message: `Package ${input.packageName} is required and cannot be uninstalled`,
-          })
-        }
-        const installer = bridge.getInstaller()
-        if (!installer) {
-          throw new TRPCError({
-            code: 'PRECONDITION_FAILED',
-            message: 'Addon installer not available — bridge may have failed to initialize',
-          })
-        }
-        await installer.uninstall(input.packageName)
-        await bridge.reloadPackages()
-        if (addonRegistry) await addonRegistry.loadNewAddons()
-        toastService?.broadcast({
-          title: 'Addon Uninstalled',
-          message: `${input.packageName} has been removed`,
-          severity: 'info',
-        })
-        return { success: true }
-      }),
-    /** Force reload all addon packages (re-scan directories, re-import modules) */
-    reloadPackages: adminProcedure.mutation(async () => {
-      await bridge.reloadPackages()
-      return { success: true, message: 'Addon packages reloaded' }
-    }),
-    /** Search npm for available CamStack addons */
-    searchAvailable: protectedProcedure
-      .input(z.object({ query: z.string().optional() }).optional())
-      .query(async ({ input }) => {
-        const results = await addonSearch.searchAddons(input?.query)
-        // Enrich with install status from locally installed packages
-        const installed = bridge.getInstaller()?.listInstalled() ?? []
-        const installedMap = new Map(installed.map((p) => [p.name, p.version]))
-        return results.map((r) => ({
-          ...r,
-          installed: installedMap.has(r.name),
-          installedVersion: installedMap.get(r.name),
-        }))
-      }),
-  })
-}

package/src/api/capabilities.router.ts DELETED Viewed

@@ -1,265 +0,0 @@
-import { z } from 'zod'
-import { TRPCError } from '@trpc/server'
-import { adminProcedure, trpcRouter } from './trpc/trpc.middleware'
-import type { AddonRegistryService } from '../core/addon/addon-registry.service'
-import type { ConfigService } from '../core/config/config.service'
-import type { LoggingService } from '../core/logging/logging.service'
-import { isInfraCapability } from '@camstack/kernel'
-import { collectionPreferenceKey, persistCollectionDisabled } from './core/collection-preference'
-// ─── Zod Schemas ───────────────────────────────────────────────────────────
-const setPreferenceInput = z.discriminatedUnion('mode', [
-  z.object({
-    mode: z.literal('singleton'),
-    capability: z.string(),
-    addonId: z.string(),
-  }),
-  z.object({
-    mode: z.literal('collection'),
-    capability: z.string(),
-    addonId: z.string(),
-    enabled: z.boolean(),
-  }),
-])
-// ─── Router ────────────────────────────────────────────────────────────────
-export function createCapabilitiesRouter(
-  addonRegistry: AddonRegistryService,
-  configService: ConfigService,
-  loggingService: LoggingService,
-) {
-  const logger = loggingService.createLogger('CapabilitiesRouter')
-  /** Build enriched provider details from addon metadata */
-  function getProviderDetails(addonIds: readonly string[]) {
-    const allAddons = addonRegistry.listAllAddons()
-    return addonIds.map((addonId) => {
-      const addon = allAddons.find((a) => a.manifest.id === addonId)
-      return {
-        addonId,
-        displayName: addon?.manifest.name ?? addonId,
-        packageName: addon?.manifest.packageName ?? addonId,
-      }
-    })
-  }
-  return trpcRouter({
-    // ─── List all capabilities with enriched metadata ──────────────────
-    list: adminProcedure.query(() => {
-      const registry = addonRegistry.getCapabilityRegistry()
-      const caps = registry.listCapabilities()
-      return caps.map((cap) => ({
-        ...cap,
-        providerDetails: getProviderDetails(cap.providers),
-        isInfra: isInfraCapability(cap.name),
-      }))
-    }),
-    // ─── Get current preference for a capability ──────────────────────
-    getPreference: adminProcedure.input(z.object({ capability: z.string() })).query(({ input }) => {
-      const registry = addonRegistry.getCapabilityRegistry()
-      const mode = registry.getMode(input.capability)
-      if (!mode) return null
-      if (mode === 'singleton') {
-        const addonId = configService.get<string>(`capabilities.singleton.${input.capability}`)
-        return {
-          capability: input.capability,
-          mode: mode as 'singleton',
-          preference: addonId ? { addonId } : null,
-        }
-      }
-      // collection
-      const raw = configService.get<string>(collectionPreferenceKey(input.capability))
-      let disabled: string[] = []
-      if (raw) {
-        try {
-          const parsed = JSON.parse(raw) as { disabled?: string[] }
-          disabled = Array.isArray(parsed.disabled) ? parsed.disabled : []
-        } catch {
-          /* ignore malformed */
-        }
-      }
-      return {
-        capability: input.capability,
-        mode: mode as 'collection',
-        preference: { disabled },
-      }
-    }),
-    // ─── Set preference (singleton switch or collection toggle) ───────
-    setPreference: adminProcedure.input(setPreferenceInput).mutation(async ({ input }) => {
-      const registry = addonRegistry.getCapabilityRegistry()
-      if (input.mode === 'singleton') {
-        const { capability, addonId } = input
-        const caps = registry.listCapabilities()
-        const cap = caps.find((c) => c.name === capability)
-        if (!cap)
-          throw new TRPCError({ code: 'NOT_FOUND', message: `Unknown capability: ${capability}` })
-        if (cap.mode !== 'singleton')
-          throw new TRPCError({
-            code: 'BAD_REQUEST',
-            message: `"${capability}" is not a singleton`,
-          })
-        if (!cap.providers.includes(addonId)) {
-          throw new TRPCError({
-            code: 'BAD_REQUEST',
-            message: `Provider "${addonId}" is not registered for "${capability}"`,
-          })
-        }
-        const requiresRestart = isInfraCapability(capability)
-        if (!requiresRestart) {
-          // Hot-swap at runtime
-          await registry.setActiveSingleton(capability, addonId)
-        }
-        // Persist preference
-        configService.set(`capabilities.singleton.${capability}`, addonId)
-        logger.info('Singleton preference set', {
-          tags: { addonId },
-          meta: { capability, requiresRestart },
-        })
-        return { success: true, requiresRestart }
-      }
-      // collection toggle
-      const { capability, addonId, enabled } = input
-      const caps = registry.listCapabilities()
-      const cap = caps.find((c) => c.name === capability)
-      if (!cap)
-        throw new TRPCError({ code: 'NOT_FOUND', message: `Unknown capability: ${capability}` })
-      if (cap.mode !== 'collection')
-        throw new TRPCError({ code: 'BAD_REQUEST', message: `"${capability}" is not a collection` })
-      if (!cap.providers.includes(addonId)) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: `Provider "${addonId}" is not registered for "${capability}"`,
-        })
-      }
-      if (enabled) {
-        registry.enableCollectionProvider(capability, addonId)
-      } else {
-        registry.disableCollectionProvider(capability, addonId)
-      }
-      // Persist disabled list via the shared canonical writer.
-      const updatedCap = registry.listCapabilities().find((c) => c.name === capability)
-      persistCollectionDisabled(configService, capability, updatedCap?.disabledProviders ?? [])
-      logger.info('Collection provider toggled', {
-        tags: { addonId },
-        meta: { capability, enabled },
-      })
-      return { success: true, requiresRestart: false }
-    }),
-    // ─── Reset preference to default ──────────────────────────────────
-    resetPreference: adminProcedure
-      .input(z.object({ capability: z.string() }))
-      .mutation(({ input }) => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        const mode = registry.getMode(input.capability)
-        if (!mode)
-          throw new TRPCError({
-            code: 'NOT_FOUND',
-            message: `Unknown capability: ${input.capability}`,
-          })
-        if (mode === 'singleton') {
-          configService.set(`capabilities.singleton.${input.capability}`, null)
-          logger.info('Singleton preference reset (takes effect on restart)', {
-            meta: { capability: input.capability },
-          })
-          return { success: true, requiresRestart: true }
-        }
-        // collection: re-enable all disabled providers
-        const caps = registry.listCapabilities()
-        const cap = caps.find((c) => c.name === input.capability)
-        if (cap) {
-          for (const addonId of cap.disabledProviders) {
-            registry.enableCollectionProvider(input.capability, addonId)
-          }
-        }
-        configService.set(`capabilities.collection.${input.capability}`, null)
-        logger.info('Collection preference reset (all providers re-enabled)', {
-          meta: { capability: input.capability },
-        })
-        return { success: true, requiresRestart: false }
-      }),
-    // ─── Per-device overrides (existing, unchanged) ───────────────────
-    listCapabilities: adminProcedure.query(() => {
-      const registry = addonRegistry.getCapabilityRegistry()
-      return registry.listCapabilities()
-    }),
-    setDeviceCapability: adminProcedure
-      .input(z.object({ deviceId: z.string(), capability: z.string(), addonId: z.string() }))
-      .mutation(({ input }) => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        registry.setDeviceOverride(input.deviceId, input.capability, input.addonId)
-        logger.info('Device capability override set', {
-          tags: { deviceId: Number(input.deviceId), addonId: input.addonId },
-          meta: { capability: input.capability },
-        })
-      }),
-    clearDeviceCapability: adminProcedure
-      .input(z.object({ deviceId: z.string(), capability: z.string() }))
-      .mutation(({ input }) => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        registry.clearDeviceOverride(input.deviceId, input.capability)
-        logger.info('Device capability override cleared', {
-          tags: { deviceId: Number(input.deviceId) },
-          meta: { capability: input.capability },
-        })
-      }),
-    getDeviceCapabilities: adminProcedure
-      .input(z.object({ deviceId: z.string() }))
-      .output(z.record(z.string(), z.string()))
-      .query(({ input }): Record<string, string> => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        const overrides = registry.getDeviceOverrides(input.deviceId)
-        return Object.fromEntries(overrides) as Record<string, string>
-      }),
-    setDeviceCollectionFilter: adminProcedure
-      .input(
-        z.object({ deviceId: z.string(), capability: z.string(), addonIds: z.array(z.string()) }),
-      )
-      .mutation(({ input }) => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        registry.setDeviceCollectionFilter(input.deviceId, input.capability, input.addonIds)
-        logger.info('Device collection filter set', {
-          tags: { deviceId: Number(input.deviceId) },
-          meta: { capability: input.capability, addonIds: input.addonIds },
-        })
-      }),
-    clearDeviceCollectionFilter: adminProcedure
-      .input(z.object({ deviceId: z.string(), capability: z.string() }))
-      .mutation(({ input }) => {
-        const registry = addonRegistry.getCapabilityRegistry()
-        registry.clearDeviceCollectionFilter(input.deviceId, input.capability)
-        logger.info('Device collection filter cleared', {
-          tags: { deviceId: Number(input.deviceId) },
-          meta: { capability: input.capability },
-        })
-      }),
-  })
-}