@ch4p/cli 0.1.5 → 0.2.0

package/dist/chunk-WYXCGS55.js

@@ -0,0 +1,1845 @@
+import {
+  generateId
+} from "./chunk-YSCX2QQQ.js";
+
+// ../../packages/canvas/dist/index.js
+var KNOWN_COMPONENT_TYPES = /* @__PURE__ */ new Set([
+  "card",
+  "chart",
+  "form",
+  "button",
+  "text_field",
+  "data_table",
+  "code_block",
+  "markdown",
+  "image",
+  "progress",
+  "status"
+]);
+function isA2UIComponent(value) {
+  if (typeof value !== "object" || value === null) {
+    return false;
+  }
+  const obj = value;
+  return typeof obj.id === "string" && typeof obj.type === "string";
+}
+function validateComponentFields(value) {
+  const errors = [];
+  if (!KNOWN_COMPONENT_TYPES.has(value.type)) {
+    errors.push(`Unknown component type "${value.type}". Known types: ${[...KNOWN_COMPONENT_TYPES].join(", ")}.`);
+    return errors;
+  }
+  const obj = value;
+  switch (value.type) {
+    case "card":
+      if (typeof obj.title !== "string") errors.push('Card component requires a "title" string.');
+      if (typeof obj.body !== "string") errors.push('Card component requires a "body" string.');
+      break;
+    case "chart":
+      if (typeof obj.chartType !== "string") errors.push('Chart component requires a "chartType" string.');
+      if (!obj.data || typeof obj.data !== "object") errors.push('Chart component requires a "data" object.');
+      break;
+    case "form":
+      if (!Array.isArray(obj.fields)) errors.push('Form component requires a "fields" array.');
+      break;
+    case "button":
+      if (typeof obj.text !== "string") errors.push('Button component requires a "text" string.');
+      break;
+    case "data_table":
+      if (!Array.isArray(obj.columns)) errors.push('DataTable component requires a "columns" array.');
+      if (!Array.isArray(obj.rows)) errors.push('DataTable component requires a "rows" array.');
+      break;
+    case "code_block":
+      if (typeof obj.code !== "string") errors.push('CodeBlock component requires a "code" string.');
+      break;
+    case "markdown":
+      if (typeof obj.content !== "string") errors.push('Markdown component requires a "content" string.');
+      break;
+    case "image":
+      if (typeof obj.src !== "string") errors.push('Image component requires a "src" string.');
+      break;
+    case "progress":
+      if (typeof obj.value !== "number") errors.push('Progress component requires a numeric "value".');
+      break;
+    case "status":
+      if (typeof obj.state !== "string") errors.push('Status component requires a "state" string.');
+      break;
+  }
+  return errors;
+}
+var CanvasState = class {
+  nodes = /* @__PURE__ */ new Map();
+  connections = /* @__PURE__ */ new Map();
+  nextZIndex = 1;
+  listeners = [];
+  maxComponents;
+  constructor(maxComponents = 500) {
+    this.maxComponents = maxComponents;
+  }
+  // -----------------------------------------------------------------------
+  // Node CRUD
+  // -----------------------------------------------------------------------
+  /**
+   * Add a component to the canvas at the given position.
+   *
+   * @returns The component's `id`.
+   * @throws {Error} If the maximum component limit has been reached.
+   */
+  addComponent(component, position) {
+    if (this.nodes.size >= this.maxComponents) {
+      throw new Error(
+        `Canvas component limit reached (max ${this.maxComponents})`
+      );
+    }
+    const node = {
+      component,
+      position,
+      zIndex: this.nextZIndex++
+    };
+    this.nodes.set(component.id, node);
+    this.emit({
+      type: "add_node",
+      nodeId: component.id,
+      data: node,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return component.id;
+  }
+  /**
+   * Merge partial updates into an existing component.
+   *
+   * @returns `true` if the node existed and was updated.
+   */
+  updateComponent(id, updates) {
+    const node = this.nodes.get(id);
+    if (!node) return false;
+    node.component = { ...node.component, ...updates };
+    this.emit({
+      type: "update_node",
+      nodeId: id,
+      data: updates,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return true;
+  }
+  /**
+   * Remove a component and cascade-delete any connections referencing it.
+   *
+   * @returns `true` if the node existed and was removed.
+   */
+  removeComponent(id) {
+    if (!this.nodes.delete(id)) return false;
+    for (const [connId, conn] of this.connections) {
+      if (conn.fromId === id || conn.toId === id) {
+        this.connections.delete(connId);
+      }
+    }
+    this.emit({
+      type: "remove_node",
+      nodeId: id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return true;
+  }
+  /**
+   * Update the position (and optionally size / rotation) of a component.
+   *
+   * @returns `true` if the node existed and was moved.
+   */
+  moveComponent(id, position) {
+    const node = this.nodes.get(id);
+    if (!node) return false;
+    node.position = { ...node.position, ...position };
+    this.emit({
+      type: "move_node",
+      nodeId: id,
+      data: position,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return true;
+  }
+  // -----------------------------------------------------------------------
+  // Connection CRUD
+  // -----------------------------------------------------------------------
+  /**
+   * Create a directed connection between two existing nodes.
+   *
+   * @returns The new connection's `id`.
+   * @throws {Error} If either endpoint node does not exist.
+   */
+  addConnection(fromId, toId, label, style) {
+    if (!this.nodes.has(fromId)) {
+      throw new Error(`Source node "${fromId}" does not exist`);
+    }
+    if (!this.nodes.has(toId)) {
+      throw new Error(`Target node "${toId}" does not exist`);
+    }
+    const id = generateId(12);
+    const connection = { id, fromId, toId, label, style };
+    this.connections.set(id, connection);
+    this.emit({
+      type: "add_connection",
+      connectionId: id,
+      data: connection,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return id;
+  }
+  /**
+   * Remove a connection by id.
+   *
+   * @returns `true` if the connection existed and was removed.
+   */
+  removeConnection(id) {
+    if (!this.connections.delete(id)) return false;
+    this.emit({
+      type: "remove_connection",
+      connectionId: id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    return true;
+  }
+  // -----------------------------------------------------------------------
+  // Bulk operations
+  // -----------------------------------------------------------------------
+  /** Remove all nodes and connections, resetting the canvas to an empty state. */
+  clear() {
+    this.nodes.clear();
+    this.connections.clear();
+    this.nextZIndex = 1;
+    this.emit({
+      type: "clear",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  }
+  // -----------------------------------------------------------------------
+  // Queries
+  // -----------------------------------------------------------------------
+  /** Look up a single node by component id. */
+  getNode(id) {
+    return this.nodes.get(id);
+  }
+  /** Look up a single connection by id. */
+  getConnection(id) {
+    return this.connections.get(id);
+  }
+  /** Return all nodes as an array. */
+  getAllNodes() {
+    return Array.from(this.nodes.values());
+  }
+  /** Return all connections as an array. */
+  getAllConnections() {
+    return Array.from(this.connections.values());
+  }
+  /** Produce a serialisable snapshot of the entire canvas. */
+  getSnapshot() {
+    return {
+      nodes: this.getAllNodes(),
+      connections: this.getAllConnections()
+    };
+  }
+  /** Return the current number of nodes on the canvas. */
+  getNodeCount() {
+    return this.nodes.size;
+  }
+  // -----------------------------------------------------------------------
+  // Change listener
+  // -----------------------------------------------------------------------
+  /**
+   * Subscribe to canvas mutations.
+   *
+   * @returns An unsubscribe function.
+   */
+  onChange(listener) {
+    this.listeners.push(listener);
+    return () => {
+      const idx = this.listeners.indexOf(listener);
+      if (idx !== -1) {
+        this.listeners.splice(idx, 1);
+      }
+    };
+  }
+  // -----------------------------------------------------------------------
+  // Internal
+  // -----------------------------------------------------------------------
+  /** Notify all registered listeners of a change. */
+  emit(change) {
+    for (const listener of this.listeners) {
+      listener(change);
+    }
+  }
+};
+function encodeMessage(msg) {
+  return JSON.stringify(msg);
+}
+var PARAMETERS_SCHEMA = {
+  type: "object",
+  required: ["action"],
+  properties: {
+    action: {
+      type: "string",
+      enum: ["add", "update", "remove", "move", "connect", "clear"],
+      description: "The canvas operation to perform."
+    },
+    component: {
+      type: "object",
+      description: 'The A2UI component to add (required for "add" action). Must have an `id` and `type` field.'
+    },
+    position: {
+      type: "object",
+      description: 'Position on the canvas { x, y, width?, height?, rotation? }. Required for "add" and "move".',
+      properties: {
+        x: { type: "number" },
+        y: { type: "number" },
+        width: { type: "number" },
+        height: { type: "number" },
+        rotation: { type: "number" }
+      },
+      required: ["x", "y"]
+    },
+    componentId: {
+      type: "string",
+      description: 'Target component id (required for "update", "remove", "move").'
+    },
+    updates: {
+      type: "object",
+      description: 'Partial component updates (for "update" action).'
+    },
+    fromId: {
+      type: "string",
+      description: 'Source component id (for "connect" action).'
+    },
+    toId: {
+      type: "string",
+      description: 'Target component id (for "connect" action).'
+    },
+    connectionLabel: {
+      type: "string",
+      description: 'Label for the connection (for "connect" action).'
+    },
+    connectionStyle: {
+      type: "string",
+      enum: ["solid", "dashed", "dotted"],
+      description: 'Line style for the connection (for "connect" action).'
+    }
+  },
+  additionalProperties: false
+};
+var CanvasTool = class {
+  name = "canvas_render";
+  description = "Render visual components on the interactive canvas. Supports adding cards, charts, forms, tables, code blocks, images, markdown, progress bars, and status indicators. Components can be connected with directional edges to show relationships.";
+  parameters = PARAMETERS_SCHEMA;
+  weight = "lightweight";
+  // -------------------------------------------------------------------------
+  // Validation
+  // -------------------------------------------------------------------------
+  validate(args) {
+    const a = args;
+    const errors = [];
+    if (!a || typeof a !== "object") {
+      return { valid: false, errors: ["Arguments must be an object."] };
+    }
+    if (!a.action) {
+      errors.push('Missing required field "action".');
+      return { valid: false, errors };
+    }
+    switch (a.action) {
+      case "add":
+        if (!a.component) {
+          errors.push('"add" requires a "component" object.');
+        } else if (!isA2UIComponent(a.component)) {
+          errors.push('"component" must have "id" and "type" fields.');
+        } else {
+          const fieldErrors = validateComponentFields(a.component);
+          errors.push(...fieldErrors);
+        }
+        if (!a.position) errors.push('"add" requires a "position" object.');
+        else if (typeof a.position.x !== "number" || typeof a.position.y !== "number")
+          errors.push('"position" must have numeric "x" and "y" fields.');
+        break;
+      case "update":
+        if (!a.componentId) errors.push('"update" requires "componentId".');
+        if (!a.updates || typeof a.updates !== "object") errors.push('"update" requires "updates" object.');
+        break;
+      case "remove":
+        if (!a.componentId) errors.push('"remove" requires "componentId".');
+        break;
+      case "move":
+        if (!a.componentId) errors.push('"move" requires "componentId".');
+        if (!a.position) errors.push('"move" requires a "position" object.');
+        break;
+      case "connect":
+        if (!a.fromId) errors.push('"connect" requires "fromId".');
+        if (!a.toId) errors.push('"connect" requires "toId".');
+        break;
+      case "clear":
+        break;
+      default:
+        errors.push(`Unknown action "${String(a.action)}". Use: add, update, remove, move, connect, clear.`);
+    }
+    return { valid: errors.length === 0, errors: errors.length > 0 ? errors : void 0 };
+  }
+  // -------------------------------------------------------------------------
+  // Execution
+  // -------------------------------------------------------------------------
+  async execute(args, context) {
+    const a = args;
+    const canvasState = context.canvasState;
+    if (!canvasState) {
+      return {
+        success: false,
+        output: "",
+        error: "No canvas state available in context. Is this a canvas session?"
+      };
+    }
+    try {
+      switch (a.action) {
+        case "add": {
+          const id = canvasState.addComponent(a.component, a.position);
+          return {
+            success: true,
+            output: `Component "${a.component.type}" added with id "${id}" at (${a.position.x}, ${a.position.y}).`
+          };
+        }
+        case "update": {
+          const updated = canvasState.updateComponent(a.componentId, a.updates);
+          if (!updated) {
+            return { success: false, output: "", error: `Component "${a.componentId}" not found.` };
+          }
+          return { success: true, output: `Component "${a.componentId}" updated.` };
+        }
+        case "remove": {
+          const removed = canvasState.removeComponent(a.componentId);
+          if (!removed) {
+            return { success: false, output: "", error: `Component "${a.componentId}" not found.` };
+          }
+          return { success: true, output: `Component "${a.componentId}" removed.` };
+        }
+        case "move": {
+          const moved = canvasState.moveComponent(a.componentId, a.position);
+          if (!moved) {
+            return { success: false, output: "", error: `Component "${a.componentId}" not found.` };
+          }
+          return { success: true, output: `Component "${a.componentId}" moved to (${a.position.x}, ${a.position.y}).` };
+        }
+        case "connect": {
+          const connId = canvasState.addConnection(
+            a.fromId,
+            a.toId,
+            a.connectionLabel,
+            a.connectionStyle
+          );
+          return {
+            success: true,
+            output: `Connection created: "${a.fromId}" \u2192 "${a.toId}" (id: "${connId}").`
+          };
+        }
+        case "clear": {
+          canvasState.clear();
+          return { success: true, output: "Canvas cleared." };
+        }
+        default:
+          return { success: false, output: "", error: `Unknown action "${String(a.action)}".` };
+      }
+    } catch (err) {
+      return {
+        success: false,
+        output: "",
+        error: err instanceof Error ? err.message : "Unknown error during canvas operation."
+      };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // AWM state snapshot (optional)
+  // -------------------------------------------------------------------------
+  async getStateSnapshot(_args, context) {
+    const canvasState = context.canvasState;
+    const snapshot = canvasState?.getSnapshot();
+    return {
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      state: {
+        nodeCount: snapshot?.nodes.length ?? 0,
+        connectionCount: snapshot?.connections.length ?? 0,
+        nodes: snapshot?.nodes.map((n) => ({
+          id: n.component.id,
+          type: n.component.type,
+          position: n.position
+        })) ?? []
+      },
+      description: `Canvas state: ${snapshot?.nodes.length ?? 0} nodes, ${snapshot?.connections.length ?? 0} connections`
+    };
+  }
+};
+var CanvasChannel = class {
+  id = "canvas";
+  name = "Canvas";
+  messageHandler = null;
+  sendFn = null;
+  sessionId = "";
+  // -----------------------------------------------------------------------
+  // IChannel lifecycle
+  // -----------------------------------------------------------------------
+  async start(config) {
+    const canvasConfig = config;
+    this.sessionId = canvasConfig.sessionId ?? "";
+  }
+  async stop() {
+    this.messageHandler = null;
+    this.sendFn = null;
+  }
+  // -----------------------------------------------------------------------
+  // IChannel messaging
+  // -----------------------------------------------------------------------
+  async send(_to, message) {
+    if (!this.sendFn) {
+      return { success: false, error: "No WebSocket client connected." };
+    }
+    this.sendFn({
+      type: "s2c:text:complete",
+      text: message.text
+    });
+    return { success: true, messageId: generateId(12) };
+  }
+  onMessage(handler) {
+    this.messageHandler = handler;
+  }
+  async isHealthy() {
+    return this.sendFn !== null;
+  }
+  // -----------------------------------------------------------------------
+  // Canvas-specific wiring (called by gateway / WS bridge)
+  // -----------------------------------------------------------------------
+  /**
+   * Inject the WebSocket send function. Called by the WS bridge once the
+   * WebSocket connection is established.
+   */
+  setSendFunction(fn) {
+    this.sendFn = fn;
+  }
+  /**
+   * Process an incoming C2S message from the WebSocket client and translate
+   * it into an {@link InboundMessage} that the agent loop can consume.
+   */
+  handleClientMessage(msg) {
+    if (!this.messageHandler) return;
+    const base = {
+      id: generateId(12),
+      channelId: this.sessionId || "canvas",
+      from: {
+        channelId: this.sessionId || "canvas",
+        userId: "canvas-user"
+      },
+      timestamp: /* @__PURE__ */ new Date(),
+      raw: msg
+    };
+    switch (msg.type) {
+      case "c2s:message":
+        this.messageHandler({ ...base, text: msg.text });
+        break;
+      case "c2s:click":
+        this.messageHandler({
+          ...base,
+          text: `[USER_CLICK] Component: ${msg.componentId}${msg.actionId ? `, Action: ${msg.actionId}` : ""}`
+        });
+        break;
+      case "c2s:input":
+        this.messageHandler({
+          ...base,
+          text: `[USER_INPUT] Component: ${msg.componentId}${msg.field ? `, Field: ${msg.field}` : ""}, Value: ${msg.value}`
+        });
+        break;
+      case "c2s:form_submit":
+        this.messageHandler({
+          ...base,
+          text: `[FORM_SUBMIT] Component: ${msg.componentId}, Values: ${JSON.stringify(msg.values)}`
+        });
+        break;
+      case "c2s:select":
+        this.messageHandler({
+          ...base,
+          text: `[USER_SELECT] Components: ${msg.componentIds.join(", ")}`
+        });
+        break;
+      case "c2s:steer":
+        this.messageHandler({
+          ...base,
+          text: `[STEER:${msg.steerType}] ${msg.message}`
+        });
+        break;
+      case "c2s:abort":
+        this.messageHandler({
+          ...base,
+          text: `[ABORT] ${msg.reason ?? "User requested abort"}`
+        });
+        break;
+      case "c2s:drag":
+        break;
+      case "c2s:ping":
+        break;
+    }
+  }
+};
+
+// ../../packages/gateway/dist/index.js
+import { createServer } from "http";
+import { WebSocketServer } from "ws";
+import { createReadStream, statSync } from "fs";
+import { resolve, extname, normalize, relative } from "path";
+import { randomBytes, createHash } from "crypto";
+var SessionManager = class {
+  sessions = /* @__PURE__ */ new Map();
+  /** Create a new session and return its state. */
+  createSession(config) {
+    const now = /* @__PURE__ */ new Date();
+    const state = {
+      config,
+      createdAt: now,
+      lastActiveAt: now,
+      status: "active"
+    };
+    this.sessions.set(config.sessionId, state);
+    return state;
+  }
+  /** Look up a session by its id. */
+  getSession(id) {
+    return this.sessions.get(id);
+  }
+  /** Mark a session as ended and remove it from the active map. */
+  endSession(id) {
+    const session = this.sessions.get(id);
+    if (session) {
+      session.status = "ended";
+      session.lastActiveAt = /* @__PURE__ */ new Date();
+      this.sessions.delete(id);
+    }
+  }
+  /** Return the number of active sessions. */
+  get size() {
+    return this.sessions.size;
+  }
+  /** Return all currently tracked sessions (not ended). */
+  listSessions() {
+    return [...this.sessions.values()];
+  }
+  /** Touch a session's lastActiveAt timestamp to keep it alive. */
+  touchSession(id) {
+    const session = this.sessions.get(id);
+    if (session) {
+      session.lastActiveAt = /* @__PURE__ */ new Date();
+      session.status = "active";
+    }
+  }
+  /**
+   * Evict sessions that have been idle longer than `maxIdleMs`.
+   * Returns the number of sessions evicted.
+   */
+  evictIdle(maxIdleMs) {
+    const cutoff = Date.now() - maxIdleMs;
+    let evicted = 0;
+    for (const [id, session] of this.sessions) {
+      if (session.lastActiveAt.getTime() < cutoff) {
+        this.sessions.delete(id);
+        evicted++;
+      }
+    }
+    return evicted;
+  }
+};
+var MessageRouter = class {
+  constructor(sessionManager, defaultSessionConfig, maxRouteEntries = 1e4) {
+    this.sessionManager = sessionManager;
+    this.defaultSessionConfig = defaultSessionConfig;
+    this.maxRouteEntries = maxRouteEntries;
+  }
+  /**
+   * Maps "channelId:userId" keys to session ids so subsequent messages
+   * from the same user on the same channel reach the same session.
+   */
+  routeMap = /* @__PURE__ */ new Map();
+  /**
+   * Safety-net cap: when the route map reaches this size, evictStale() is
+   * called automatically so expired entries cannot accumulate indefinitely
+   * even if the external eviction timer is slow or absent.
+   */
+  maxRouteEntries;
+  /**
+   * Route an inbound message to a session.
+   *
+   * Routing key priority:
+   *   1. Group + thread (Telegram forum topic, Discord thread): all users in the
+   *      same thread share one session.
+   *   2. Group only: each user in the group gets their own session.
+   *   3. Private: keyed by userId (original behaviour).
+   *
+   * Returns `null` only if the message cannot be attributed to a user
+   * (missing channelId).
+   */
+  route(msg) {
+    if (!msg.channelId) return null;
+    const routeKey = this.buildRouteKey(msg);
+    const existingId = this.routeMap.get(routeKey);
+    if (existingId) {
+      const session = this.sessionManager.getSession(existingId);
+      if (session) {
+        this.sessionManager.touchSession(existingId);
+        return { sessionId: existingId, config: session.config };
+      }
+      this.routeMap.delete(routeKey);
+    }
+    const sessionId = generateId();
+    const config = {
+      ...this.defaultSessionConfig,
+      sessionId,
+      channelId: msg.channelId,
+      userId: msg.from.userId
+    };
+    const state = this.sessionManager.createSession(config);
+    this.routeMap.set(routeKey, sessionId);
+    if (this.routeMap.size > this.maxRouteEntries) {
+      this.evictStale();
+    }
+    return { sessionId, config: state.config };
+  }
+  /**
+   * Evict route entries whose sessions no longer exist in the SessionManager.
+   * Returns the number of stale routes removed.
+   */
+  evictStale() {
+    let evicted = 0;
+    for (const [key, sessionId] of this.routeMap) {
+      if (!this.sessionManager.getSession(sessionId)) {
+        this.routeMap.delete(key);
+        evicted++;
+      }
+    }
+    return evicted;
+  }
+  // ---------------------------------------------------------------------------
+  // Private helpers
+  // ---------------------------------------------------------------------------
+  buildRouteKey(msg) {
+    const { channelId, from } = msg;
+    const { userId, groupId, threadId } = from;
+    if (groupId && threadId) {
+      return `${channelId}:group:${groupId}:thread:${threadId}`;
+    }
+    if (groupId) {
+      return `${channelId}:group:${groupId}:user:${userId ?? "anonymous"}`;
+    }
+    return `${channelId}:${userId ?? "anonymous"}`;
+  }
+};
+var WebSocketBridge = class {
+  constructor(ws, canvasState, canvasChannel, sessionId) {
+    this.ws = ws;
+    this.canvasState = canvasState;
+    this.canvasChannel = canvasChannel;
+    this.sessionId = sessionId;
+  }
+  changeUnsubscribe = null;
+  alive = false;
+  messageHandler = null;
+  closeHandler = null;
+  errorHandler = null;
+  /** Start the bridge — subscribe to state changes and handle incoming messages. */
+  start() {
+    this.alive = true;
+    this.changeUnsubscribe = this.canvasState.onChange((change) => {
+      this.send({ type: "s2c:canvas:change", change });
+    });
+    this.send({
+      type: "s2c:canvas:snapshot",
+      snapshot: this.canvasState.getSnapshot()
+    });
+    this.send({ type: "s2c:agent:status", status: "idle" });
+    this.messageHandler = (data) => {
+      try {
+        const raw = Buffer.isBuffer(data) ? data.toString("utf-8") : Array.isArray(data) ? Buffer.concat(data).toString("utf-8") : Buffer.from(data).toString("utf-8");
+        const msg = JSON.parse(raw);
+        this.handleC2S(msg);
+      } catch {
+        this.send({
+          type: "s2c:error",
+          code: "PARSE_ERROR",
+          message: "Invalid message format"
+        });
+      }
+    };
+    this.closeHandler = () => this.stop();
+    this.errorHandler = () => this.stop();
+    this.ws.on("message", this.messageHandler);
+    this.ws.on("close", this.closeHandler);
+    this.ws.on("error", this.errorHandler);
+  }
+  /** Called by the gateway when AgentEvents arrive from the agent loop. */
+  handleAgentEvent(event) {
+    if (!this.alive) return;
+    switch (event.type) {
+      case "thinking":
+        this.send({ type: "s2c:agent:status", status: "thinking" });
+        break;
+      case "text":
+        this.send({ type: "s2c:agent:status", status: "streaming" });
+        this.send({
+          type: "s2c:text:delta",
+          delta: event.delta ?? "",
+          partial: event.partial ?? ""
+        });
+        break;
+      case "tool_start":
+        this.send({
+          type: "s2c:agent:status",
+          status: "tool_executing",
+          tool: event.tool
+        });
+        this.send({
+          type: "s2c:tool:start",
+          tool: event.tool ?? "",
+          data: event.args
+        });
+        break;
+      case "tool_progress":
+        this.send({
+          type: "s2c:tool:progress",
+          tool: event.tool ?? "",
+          data: event.result
+        });
+        break;
+      case "tool_end":
+        this.send({
+          type: "s2c:tool:end",
+          tool: event.tool ?? "",
+          data: event.result
+        });
+        break;
+      case "complete":
+        this.send({
+          type: "s2c:text:complete",
+          text: event.answer ?? ""
+        });
+        this.send({ type: "s2c:agent:status", status: "complete" });
+        break;
+      case "error":
+        this.send({
+          type: "s2c:agent:status",
+          status: "error",
+          message: event.error?.message ?? "Unknown error"
+        });
+        this.send({
+          type: "s2c:error",
+          code: "AGENT_ERROR",
+          message: event.error?.message ?? "Unknown error"
+        });
+        break;
+      case "aborted":
+        this.send({
+          type: "s2c:agent:status",
+          status: "idle",
+          message: `Aborted: ${event.reason ?? "unknown"}`
+        });
+        break;
+    }
+  }
+  /** Stop the bridge — unsubscribe from state changes and remove WS listeners. */
+  stop() {
+    if (!this.alive) return;
+    this.alive = false;
+    this.changeUnsubscribe?.();
+    this.changeUnsubscribe = null;
+    if (this.messageHandler) {
+      this.ws.off("message", this.messageHandler);
+      this.messageHandler = null;
+    }
+    if (this.closeHandler) {
+      this.ws.off("close", this.closeHandler);
+      this.closeHandler = null;
+    }
+    if (this.errorHandler) {
+      this.ws.off("error", this.errorHandler);
+      this.errorHandler = null;
+    }
+  }
+  /** Whether the bridge is currently active. */
+  isAlive() {
+    return this.alive;
+  }
+  /** Get the session ID this bridge is connected to. */
+  getSessionId() {
+    return this.sessionId;
+  }
+  // ---------------------------------------------------------------------------
+  // Internal
+  // ---------------------------------------------------------------------------
+  handleC2S(msg) {
+    switch (msg.type) {
+      case "c2s:ping":
+        this.send({ type: "s2c:pong", timestamp: (/* @__PURE__ */ new Date()).toISOString() });
+        break;
+      case "c2s:drag":
+        this.canvasState.moveComponent(msg.componentId, msg.position);
+        break;
+      case "c2s:abort":
+        this.canvasChannel.handleClientMessage(msg);
+        break;
+      default:
+        this.canvasChannel.handleClientMessage(msg);
+        break;
+    }
+  }
+  send(msg) {
+    if (this.alive && this.ws.readyState === 1) {
+      this.ws.send(encodeMessage(msg));
+    }
+  }
+};
+var MIME_TYPES = {
+  ".html": "text/html; charset=utf-8",
+  ".js": "application/javascript; charset=utf-8",
+  ".mjs": "application/javascript; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".svg": "image/svg+xml",
+  ".ico": "image/x-icon",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2",
+  ".ttf": "font/ttf",
+  ".map": "application/json",
+  ".wasm": "application/wasm",
+  ".webp": "image/webp",
+  ".avif": "image/avif"
+};
+function serveStatic(req, res, staticDir) {
+  if (req.method !== "GET" && req.method !== "HEAD") return false;
+  const urlPath = (req.url ?? "/").split("?")[0];
+  const filePath = urlPath === "/" ? "/index.html" : urlPath;
+  const absoluteDir = resolve(staticDir);
+  const absoluteFile = resolve(absoluteDir, "." + normalize(filePath));
+  const rel = relative(absoluteDir, absoluteFile);
+  if (rel.startsWith("..") || resolve(absoluteFile) !== absoluteFile.replace(/\/$/, "")) {
+    return false;
+  }
+  try {
+    const stat = statSync(absoluteFile);
+    if (!stat.isFile()) {
+      if (!urlPath.startsWith("/api") && !urlPath.startsWith("/ws")) {
+        return serveFallback(res, absoluteDir);
+      }
+      return false;
+    }
+  } catch {
+    if (!urlPath.startsWith("/api") && !urlPath.startsWith("/ws") && !urlPath.startsWith("/health") && !urlPath.startsWith("/pair") && !urlPath.startsWith("/sessions")) {
+      return serveFallback(res, absoluteDir);
+    }
+    return false;
+  }
+  const ext = extname(absoluteFile).toLowerCase();
+  const contentType = MIME_TYPES[ext] ?? "application/octet-stream";
+  const isHashed = /\.[a-f0-9]{8,}\.(js|css|woff2?|png|jpg|svg)$/i.test(absoluteFile);
+  const cacheControl = isHashed ? "public, max-age=31536000, immutable" : "public, max-age=0, must-revalidate";
+  res.setHeader("Content-Type", contentType);
+  res.setHeader("Cache-Control", cacheControl);
+  if (req.method === "HEAD") {
+    res.writeHead(200);
+    res.end();
+    return true;
+  }
+  res.writeHead(200);
+  createReadStream(absoluteFile).pipe(res);
+  return true;
+}
+function serveFallback(res, staticDir) {
+  const indexPath = resolve(staticDir, "index.html");
+  try {
+    statSync(indexPath);
+  } catch {
+    return false;
+  }
+  res.setHeader("Content-Type", "text/html; charset=utf-8");
+  res.setHeader("Cache-Control", "public, max-age=0, must-revalidate");
+  res.writeHead(200);
+  createReadStream(indexPath).pipe(res);
+  return true;
+}
+var GatewayServer = class {
+  server = null;
+  wss = null;
+  port;
+  host;
+  sessionManager;
+  pairingManager;
+  defaultSessionConfig;
+  canvasSessionManager;
+  staticDir;
+  onCanvasConnection;
+  agentRegistration;
+  onWebhook;
+  onRawWebhook;
+  onSteer;
+  onGetConfig;
+  onSaveConfig;
+  preHandler;
+  tunnelUrl = null;
+  constructor(options) {
+    this.port = options.port;
+    this.host = options.host ?? "127.0.0.1";
+    this.sessionManager = options.sessionManager;
+    this.pairingManager = options.pairingManager ?? null;
+    this.defaultSessionConfig = options.defaultSessionConfig ?? {
+      engineId: "native",
+      model: "claude-sonnet-4-6",
+      provider: "anthropic"
+    };
+    this.canvasSessionManager = options.canvasSessionManager ?? null;
+    this.staticDir = options.staticDir ?? null;
+    this.onCanvasConnection = options.onCanvasConnection ?? null;
+    this.agentRegistration = options.agentRegistration ?? null;
+    this.onWebhook = options.onWebhook ?? null;
+    this.onRawWebhook = options.onRawWebhook ?? null;
+    this.onSteer = options.onSteer ?? null;
+    this.onGetConfig = options.onGetConfig ?? null;
+    this.onSaveConfig = options.onSaveConfig ?? null;
+    this.preHandler = options.preHandler ?? null;
+  }
+  /** Start listening on the configured port. */
+  async start() {
+    return new Promise((resolve2, reject) => {
+      this.server = createServer((req, res) => {
+        this.handleRequest(req, res).catch((err) => {
+          this.sendJson(res, 500, { error: err instanceof Error ? err.message : "Internal server error" });
+        });
+      });
+      if (this.canvasSessionManager) {
+        this.wss = new WebSocketServer({ noServer: true });
+        this.server.on("upgrade", (req, socket, head) => {
+          this.handleUpgrade(req, socket, head);
+        });
+      }
+      this.server.on("error", reject);
+      this.server.listen(this.port, this.host, () => {
+        resolve2();
+      });
+    });
+  }
+  /** Gracefully close the server. */
+  async stop() {
+    if (this.wss) {
+      this.wss.close();
+      this.wss = null;
+    }
+    return new Promise((resolve2, reject) => {
+      if (!this.server) {
+        resolve2();
+        return;
+      }
+      this.server.close((err) => {
+        this.server = null;
+        if (err) reject(err);
+        else resolve2();
+      });
+    });
+  }
+  /** Set the public tunnel URL (shown in GET /health). */
+  setTunnelUrl(url) {
+    this.tunnelUrl = url;
+  }
+  /**
+   * Evict canvas sessions that have been idle longer than maxIdleMs.
+   * Returns the number of sessions evicted, or 0 if canvas is not enabled.
+   */
+  evictIdleCanvas(maxIdleMs) {
+    return this.canvasSessionManager?.evictIdle(maxIdleMs) ?? 0;
+  }
+  /** Get the bound address (useful in tests with port 0). */
+  getAddress() {
+    if (!this.server) return null;
+    const addr = this.server.address();
+    if (typeof addr === "string" || addr === null) return null;
+    return { host: addr.address, port: addr.port };
+  }
+  // ---------------------------------------------------------------------------
+  // WebSocket upgrade handling
+  // ---------------------------------------------------------------------------
+  handleUpgrade(req, socket, head) {
+    if (!this.wss || !this.canvasSessionManager) {
+      socket.destroy();
+      return;
+    }
+    const url = req.url ?? "";
+    const wsMatch = url.match(/^\/ws\/([^?]+)/);
+    if (!wsMatch) {
+      socket.destroy();
+      return;
+    }
+    const sessionId = wsMatch[1];
+    if (this.pairingManager) {
+      const urlObj = new URL(url, `http://${req.headers.host ?? "localhost"}`);
+      const token = urlObj.searchParams.get("token");
+      if (!token || !this.pairingManager.validateToken(token)) {
+        socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n");
+        socket.destroy();
+        return;
+      }
+    }
+    if (!this.canvasSessionManager.hasSession(sessionId)) {
+      this.canvasSessionManager.createCanvasSession(sessionId);
+    }
+    const entry = this.canvasSessionManager.getSession(sessionId);
+    if (!entry) {
+      socket.destroy();
+      return;
+    }
+    this.wss.handleUpgrade(req, socket, head, (ws) => {
+      const bridge = new WebSocketBridge(ws, entry.canvasState, entry.canvasChannel, sessionId);
+      entry.canvasChannel.setSendFunction((msg) => {
+        if (ws.readyState === 1) {
+          ws.send(JSON.stringify(msg));
+        }
+      });
+      this.canvasSessionManager.setBridge(sessionId, bridge);
+      bridge.start();
+      this.onCanvasConnection?.(sessionId, bridge);
+      this.wss.emit("connection", ws, req);
+    });
+  }
+  // ---------------------------------------------------------------------------
+  // Request handling
+  // ---------------------------------------------------------------------------
+  async handleRequest(req, res) {
+    const method = req.method ?? "GET";
+    const url = req.url ?? "/";
+    res.setHeader("Access-Control-Allow-Origin", "*");
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+    if (method === "OPTIONS") {
+      res.writeHead(204);
+      res.end();
+      return;
+    }
+    if (method === "GET" && url === "/health") {
+      const stats = this.pairingManager?.stats();
+      this.sendJson(res, 200, {
+        status: "ok",
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        sessions: this.sessionManager.listSessions().length,
+        canvas: this.canvasSessionManager?.listSessionIds().length ?? 0,
+        ...stats ? { pairing: stats } : {},
+        ...this.tunnelUrl ? { tunnel: this.tunnelUrl } : {}
+      });
+      return;
+    }
+    if (method === "GET" && url === "/ready") {
+      this.sendJson(res, 200, {
+        ready: true,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        sessions: this.sessionManager.listSessions().length
+      });
+      return;
+    }
+    if (method === "GET" && url === "/.well-known/agent.json") {
+      if (!this.agentRegistration) {
+        this.sendJson(res, 404, { error: "No agent registration configured." });
+        return;
+      }
+      this.sendJson(res, 200, this.agentRegistration);
+      return;
+    }
+    if (method === "POST" && url === "/pair") {
+      if (!this.pairingManager) {
+        this.sendJson(res, 400, { error: "Pairing is not enabled on this gateway." });
+        return;
+      }
+      const body = await this.readBody(req);
+      let payload = {};
+      try {
+        payload = JSON.parse(body);
+      } catch {
+        this.sendJson(res, 400, { error: "Invalid JSON body." });
+        return;
+      }
+      if (!payload.code) {
+        this.sendJson(res, 400, { error: 'Missing "code" in request body.' });
+        return;
+      }
+      const token = this.pairingManager.exchangeCode(payload.code, payload.label);
+      if (!token) {
+        this.sendJson(res, 401, { error: "Invalid or expired pairing code." });
+        return;
+      }
+      this.sendJson(res, 200, { token, paired: true });
+      return;
+    }
+    if (this.preHandler) {
+      const handled = await this.preHandler(req, res);
+      if (handled) return;
+    }
+    if (this.pairingManager && !this.checkAuth(req)) {
+      this.sendJson(res, 401, { error: "Unauthorized. Provide a valid bearer token." });
+      return;
+    }
+    if (method === "GET" && url === "/sessions") {
+      const sessions = this.sessionManager.listSessions().map((s) => ({
+        sessionId: s.config.sessionId,
+        channelId: s.config.channelId,
+        userId: s.config.userId,
+        status: s.status,
+        createdAt: s.createdAt.toISOString(),
+        lastActiveAt: s.lastActiveAt.toISOString()
+      }));
+      this.sendJson(res, 200, { sessions });
+      return;
+    }
+    if (method === "POST" && url === "/sessions") {
+      const body = await this.readBody(req);
+      let payload = {};
+      try {
+        payload = JSON.parse(body);
+      } catch {
+        this.sendJson(res, 400, { error: "Invalid JSON body." });
+        return;
+      }
+      const sessionId = generateId(16);
+      const config = {
+        ...this.defaultSessionConfig,
+        sessionId,
+        channelId: payload.channelId,
+        userId: payload.userId,
+        systemPrompt: payload.systemPrompt ?? this.defaultSessionConfig.systemPrompt
+      };
+      const session = this.sessionManager.createSession(config);
+      this.sendJson(res, 201, {
+        sessionId: session.config.sessionId,
+        channelId: session.config.channelId,
+        userId: session.config.userId,
+        status: session.status,
+        createdAt: session.createdAt.toISOString()
+      });
+      return;
+    }
+    const sessionMatch = url.match(/^\/sessions\/([^/]+)(\/steer)?$/);
+    if (sessionMatch) {
+      const sessionId = sessionMatch[1];
+      const isSteer = sessionMatch[2] === "/steer";
+      if (method === "GET" && !isSteer) {
+        const session = this.sessionManager.getSession(sessionId);
+        if (!session) {
+          this.sendJson(res, 404, { error: "Session not found" });
+          return;
+        }
+        this.sendJson(res, 200, {
+          sessionId: session.config.sessionId,
+          channelId: session.config.channelId,
+          userId: session.config.userId,
+          status: session.status,
+          createdAt: session.createdAt.toISOString(),
+          lastActiveAt: session.lastActiveAt.toISOString()
+        });
+        return;
+      }
+      if (method === "POST" && isSteer) {
+        const session = this.sessionManager.getSession(sessionId);
+        if (!session) {
+          this.sendJson(res, 404, { error: "Session not found" });
+          return;
+        }
+        const body = await this.readBody(req);
+        let payload;
+        try {
+          payload = JSON.parse(body);
+        } catch {
+          this.sendJson(res, 400, { error: "Invalid JSON body." });
+          return;
+        }
+        if (!payload.message) {
+          this.sendJson(res, 400, { error: 'Missing "message" in request body' });
+          return;
+        }
+        this.sessionManager.touchSession(sessionId);
+        if (this.onSteer) {
+          this.onSteer(sessionId, payload.message);
+        }
+        this.sendJson(res, 200, {
+          sessionId,
+          steered: true,
+          message: payload.message
+        });
+        return;
+      }
+      if (method === "DELETE" && !isSteer) {
+        const session = this.sessionManager.getSession(sessionId);
+        if (!session) {
+          this.sendJson(res, 404, { error: "Session not found" });
+          return;
+        }
+        this.sessionManager.endSession(sessionId);
+        this.canvasSessionManager?.endCanvasSession(sessionId);
+        this.sendJson(res, 200, { sessionId, ended: true });
+        return;
+      }
+    }
+    const webhookMatch = url.match(/^\/webhooks\/([a-zA-Z0-9_-]+)$/);
+    if (method === "POST" && webhookMatch) {
+      const webhookName = webhookMatch[1];
+      if (!this.onWebhook && !this.onRawWebhook) {
+        this.sendJson(res, 404, { error: "Webhooks are not enabled on this gateway." });
+        return;
+      }
+      const body = await this.readBody(req);
+      if (this.onRawWebhook) {
+        try {
+          const handled = this.onRawWebhook(webhookName, body);
+          if (handled) {
+            this.sendJson(res, 200, { webhook: webhookName, accepted: true });
+            return;
+          }
+        } catch (err) {
+          const errMsg = err instanceof Error ? err.message : String(err);
+          this.sendJson(res, 500, { error: `Webhook handler failed: ${errMsg}` });
+          return;
+        }
+      }
+      if (!this.onWebhook) {
+        this.sendJson(res, 404, { error: "Webhooks are not enabled on this gateway." });
+        return;
+      }
+      let payload = {};
+      try {
+        payload = JSON.parse(body);
+      } catch {
+        this.sendJson(res, 400, { error: "Invalid JSON body." });
+        return;
+      }
+      if (!payload.message) {
+        this.sendJson(res, 400, { error: 'Missing "message" in request body.' });
+        return;
+      }
+      try {
+        this.onWebhook(webhookName, { message: payload.message, userId: payload.userId });
+        this.sendJson(res, 200, { webhook: webhookName, accepted: true });
+      } catch (err) {
+        const errMsg = err instanceof Error ? err.message : String(err);
+        this.sendJson(res, 500, { error: `Webhook handler failed: ${errMsg}` });
+      }
+      return;
+    }
+    if (method === "GET" && url === "/config") {
+      if (!this.onGetConfig) {
+        this.sendJson(res, 404, { error: "Config endpoint not configured." });
+        return;
+      }
+      this.sendJson(res, 200, this.onGetConfig());
+      return;
+    }
+    if (method === "PATCH" && url === "/config") {
+      if (!this.onSaveConfig) {
+        this.sendJson(res, 404, { error: "Config endpoint not configured." });
+        return;
+      }
+      const body = await this.readBody(req);
+      let updates;
+      try {
+        updates = JSON.parse(body);
+      } catch {
+        this.sendJson(res, 400, { error: "Invalid JSON body." });
+        return;
+      }
+      try {
+        await this.onSaveConfig(updates);
+        this.sendJson(res, 200, { saved: true, restartRequired: true });
+      } catch (err) {
+        const errMsg = err instanceof Error ? err.message : String(err);
+        this.sendJson(res, 500, { error: `Failed to save config: ${errMsg}` });
+      }
+      return;
+    }
+    if (this.staticDir && serveStatic(req, res, this.staticDir)) {
+      return;
+    }
+    this.sendJson(res, 404, { error: "Not found" });
+  }
+  // ---------------------------------------------------------------------------
+  // Auth
+  // ---------------------------------------------------------------------------
+  checkAuth(req) {
+    if (req["_x402Authenticated"] === true) return true;
+    if (!this.pairingManager) return true;
+    const authHeader = req.headers["authorization"];
+    if (!authHeader || !authHeader.startsWith("Bearer ")) return false;
+    const token = authHeader.slice(7);
+    return this.pairingManager.validateToken(token);
+  }
+  // ---------------------------------------------------------------------------
+  // Helpers
+  // ---------------------------------------------------------------------------
+  sendJson(res, status, data) {
+    const body = JSON.stringify(data);
+    res.writeHead(status, {
+      "Content-Type": "application/json",
+      "Content-Length": Buffer.byteLength(body)
+    });
+    res.end(body);
+  }
+  readBody(req) {
+    return new Promise((resolve2, reject) => {
+      const chunks = [];
+      req.on("data", (chunk) => chunks.push(chunk));
+      req.on("end", () => resolve2(Buffer.concat(chunks).toString("utf-8")));
+      req.on("error", reject);
+    });
+  }
+};
+var PairingManager = class {
+  codes = /* @__PURE__ */ new Map();
+  clients = /* @__PURE__ */ new Map();
+  codeTtlMs;
+  tokenTtlMs;
+  maxActiveCodes;
+  maxPairedClients;
+  constructor(opts = {}) {
+    this.codeTtlMs = opts.codeTtlMs ?? 5 * 60 * 1e3;
+    this.tokenTtlMs = opts.tokenTtlMs ?? 30 * 24 * 60 * 60 * 1e3;
+    this.maxActiveCodes = opts.maxActiveCodes ?? 5;
+    this.maxPairedClients = opts.maxPairedClients ?? 20;
+  }
+  // -----------------------------------------------------------------------
+  // Code generation
+  // -----------------------------------------------------------------------
+  /**
+   * Generate a new pairing code.
+   * Returns the code object. The code string is what gets shared.
+   */
+  generateCode(label) {
+    this.pruneExpiredCodes();
+    if (this.codes.size >= this.maxActiveCodes) {
+      throw new Error(
+        `Maximum active pairing codes (${this.maxActiveCodes}) reached. Revoke existing codes or wait for them to expire.`
+      );
+    }
+    const code = this.createRandomCode();
+    const now = /* @__PURE__ */ new Date();
+    const pairingCode = {
+      code,
+      createdAt: now,
+      expiresAt: new Date(now.getTime() + this.codeTtlMs),
+      label
+    };
+    this.codes.set(code, pairingCode);
+    return pairingCode;
+  }
+  /**
+   * List all active (non-expired) pairing codes.
+   */
+  listCodes() {
+    this.pruneExpiredCodes();
+    return [...this.codes.values()];
+  }
+  /**
+   * Revoke a specific pairing code.
+   */
+  revokeCode(code) {
+    return this.codes.delete(code);
+  }
+  // -----------------------------------------------------------------------
+  // Code exchange → token
+  // -----------------------------------------------------------------------
+  /**
+   * Exchange a pairing code for a session token.
+   *
+   * Returns the token string on success, or null if the code is invalid
+   * or expired. The code is consumed (deleted) after successful exchange.
+   */
+  exchangeCode(code, label) {
+    this.pruneExpiredCodes();
+    const pairingCode = this.codes.get(code);
+    if (!pairingCode) return null;
+    if (/* @__PURE__ */ new Date() > pairingCode.expiresAt) {
+      this.codes.delete(code);
+      return null;
+    }
+    this.codes.delete(code);
+    if (this.clients.size >= this.maxPairedClients) {
+      this.evictOldestClient();
+    }
+    const token = randomBytes(32).toString("hex");
+    const tokenHash = this.hashToken(token);
+    const now = /* @__PURE__ */ new Date();
+    this.clients.set(tokenHash, {
+      token,
+      tokenHash,
+      pairedAt: now,
+      lastSeenAt: now,
+      expiresAt: new Date(now.getTime() + this.tokenTtlMs),
+      label: label ?? pairingCode.label
+    });
+    return token;
+  }
+  // -----------------------------------------------------------------------
+  // Token validation
+  // -----------------------------------------------------------------------
+  /**
+   * Validate a bearer token.
+   * Returns true if the token belongs to a paired client and has not expired.
+   * Updates `lastSeenAt` on successful validation.
+   * Expired tokens are evicted on discovery.
+   */
+  validateToken(token) {
+    const tokenHash = this.hashToken(token);
+    const client = this.clients.get(tokenHash);
+    if (!client) return false;
+    if (/* @__PURE__ */ new Date() > client.expiresAt) {
+      this.clients.delete(tokenHash);
+      return false;
+    }
+    client.lastSeenAt = /* @__PURE__ */ new Date();
+    return true;
+  }
+  /**
+   * List all paired clients (tokens are masked).
+   */
+  listClients() {
+    this.pruneExpiredTokens();
+    return [...this.clients.values()].map((c) => ({
+      tokenHash: c.tokenHash,
+      tokenPreview: c.token.slice(0, 8) + "...",
+      pairedAt: c.pairedAt,
+      lastSeenAt: c.lastSeenAt,
+      expiresAt: c.expiresAt,
+      label: c.label
+    }));
+  }
+  /**
+   * Revoke a paired client by token hash.
+   */
+  revokeClient(tokenHash) {
+    return this.clients.delete(tokenHash);
+  }
+  /**
+   * Get the number of active codes and paired clients.
+   */
+  stats() {
+    this.pruneExpiredCodes();
+    this.pruneExpiredTokens();
+    return {
+      activeCodes: this.codes.size,
+      pairedClients: this.clients.size
+    };
+  }
+  // -----------------------------------------------------------------------
+  // Private helpers
+  // -----------------------------------------------------------------------
+  createRandomCode() {
+    const chars = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
+    const bytes = randomBytes(6);
+    let code = "";
+    for (let i = 0; i < 6; i++) {
+      code += chars[bytes[i] % chars.length];
+    }
+    return code;
+  }
+  hashToken(token) {
+    return createHash("sha256").update(token).digest("hex");
+  }
+  pruneExpiredCodes() {
+    const now = /* @__PURE__ */ new Date();
+    for (const [code, pc] of this.codes) {
+      if (now > pc.expiresAt) {
+        this.codes.delete(code);
+      }
+    }
+  }
+  pruneExpiredTokens() {
+    const now = /* @__PURE__ */ new Date();
+    for (const [hash, client] of this.clients) {
+      if (now > client.expiresAt) {
+        this.clients.delete(hash);
+      }
+    }
+  }
+  evictOldestClient() {
+    let oldest = null;
+    for (const [hash, client] of this.clients) {
+      const time = client.lastSeenAt.getTime();
+      if (!oldest || time < oldest.time) {
+        oldest = { hash, time };
+      }
+    }
+    if (oldest) {
+      this.clients.delete(oldest.hash);
+    }
+  }
+};
+var CanvasSessionManager = class {
+  sessions = /* @__PURE__ */ new Map();
+  /** Create a new canvas session with fresh state and channel. */
+  createCanvasSession(sessionId, maxComponents) {
+    const canvasState = new CanvasState(maxComponents);
+    const canvasChannel = new CanvasChannel();
+    const entry = { canvasState, canvasChannel, bridge: null, lastActiveAt: Date.now() };
+    this.sessions.set(sessionId, entry);
+    return entry;
+  }
+  /** Get the canvas state for a session. */
+  getCanvasState(sessionId) {
+    return this.sessions.get(sessionId)?.canvasState;
+  }
+  /** Get the canvas channel for a session. */
+  getCanvasChannel(sessionId) {
+    return this.sessions.get(sessionId)?.canvasChannel;
+  }
+  /** Get the full session entry. */
+  getSession(sessionId) {
+    return this.sessions.get(sessionId);
+  }
+  /** Associate a WebSocket bridge with a canvas session. */
+  setBridge(sessionId, bridge) {
+    const entry = this.sessions.get(sessionId);
+    if (entry) {
+      entry.bridge = bridge;
+      entry.lastActiveAt = Date.now();
+    }
+  }
+  /** Touch a session's lastActiveAt timestamp. */
+  touchSession(sessionId) {
+    const entry = this.sessions.get(sessionId);
+    if (entry) {
+      entry.lastActiveAt = Date.now();
+    }
+  }
+  /** Check if a canvas session exists. */
+  hasSession(sessionId) {
+    return this.sessions.has(sessionId);
+  }
+  /** List all active canvas session IDs. */
+  listSessionIds() {
+    return [...this.sessions.keys()];
+  }
+  /** End and clean up a canvas session. */
+  endCanvasSession(sessionId) {
+    const entry = this.sessions.get(sessionId);
+    if (entry) {
+      entry.bridge?.stop();
+      entry.bridge = null;
+      this.sessions.delete(sessionId);
+    }
+  }
+  /** End all canvas sessions. */
+  endAll() {
+    for (const sessionId of this.sessions.keys()) {
+      this.endCanvasSession(sessionId);
+    }
+  }
+  /**
+   * Evict canvas sessions idle longer than `maxIdleMs`.
+   * Returns the number of sessions evicted.
+   */
+  evictIdle(maxIdleMs) {
+    const cutoff = Date.now() - maxIdleMs;
+    let evicted = 0;
+    for (const [sessionId, entry] of this.sessions) {
+      if (entry.lastActiveAt < cutoff) {
+        this.endCanvasSession(sessionId);
+        evicted++;
+      }
+    }
+    return evicted;
+  }
+};
+var FIELD_RANGES = [
+  { name: "minute", min: 0, max: 59 },
+  { name: "hour", min: 0, max: 23 },
+  { name: "day-of-month", min: 1, max: 31 },
+  { name: "month", min: 1, max: 12 },
+  { name: "day-of-week", min: 0, max: 6 }
+];
+function parseCron(expression) {
+  const trimmed = expression.trim();
+  const fields = trimmed.split(/\s+/);
+  if (fields.length !== 5) {
+    throw new Error(`Invalid cron expression: expected 5 fields, got ${fields.length} ("${trimmed}")`);
+  }
+  const parsed = fields.map(
+    (field, i) => parseField(field, FIELD_RANGES[i].min, FIELD_RANGES[i].max, FIELD_RANGES[i].name)
+  );
+  return {
+    minutes: new Set(parsed[0]),
+    hours: new Set(parsed[1]),
+    daysOfMonth: new Set(parsed[2]),
+    months: new Set(parsed[3]),
+    daysOfWeek: new Set(parsed[4])
+  };
+}
+function cronMatches(schedule, date) {
+  return schedule.minutes.has(date.getMinutes()) && schedule.hours.has(date.getHours()) && schedule.daysOfMonth.has(date.getDate()) && schedule.months.has(date.getMonth() + 1) && schedule.daysOfWeek.has(date.getDay());
+}
+function parseField(field, min, max, name) {
+  const values = /* @__PURE__ */ new Set();
+  for (const part of field.split(",")) {
+    const trimmedPart = part.trim();
+    if (trimmedPart.length === 0) {
+      throw new Error(`Empty value in ${name} field`);
+    }
+    const slashIndex = trimmedPart.indexOf("/");
+    let rangePart = trimmedPart;
+    let step = 1;
+    if (slashIndex !== -1) {
+      rangePart = trimmedPart.slice(0, slashIndex);
+      const stepStr = trimmedPart.slice(slashIndex + 1);
+      step = parseInt(stepStr, 10);
+      if (isNaN(step) || step < 1) {
+        throw new Error(`Invalid step "${stepStr}" in ${name} field`);
+      }
+    }
+    if (rangePart === "*") {
+      for (let v = min; v <= max; v += step) {
+        values.add(v);
+      }
+    } else if (rangePart.includes("-")) {
+      const [startStr, endStr] = rangePart.split("-");
+      const start = parseInt(startStr, 10);
+      const end = parseInt(endStr, 10);
+      if (isNaN(start) || isNaN(end)) {
+        throw new Error(`Invalid range "${rangePart}" in ${name} field`);
+      }
+      if (start < min || end > max || start > end) {
+        throw new Error(`Range ${start}-${end} out of bounds (${min}-${max}) in ${name} field`);
+      }
+      for (let v = start; v <= end; v += step) {
+        values.add(v);
+      }
+    } else {
+      const val = parseInt(rangePart, 10);
+      if (isNaN(val) || val < min || val > max) {
+        throw new Error(`Value "${rangePart}" out of bounds (${min}-${max}) in ${name} field`);
+      }
+      values.add(val);
+    }
+  }
+  if (values.size === 0) {
+    throw new Error(`No valid values resolved for ${name} field`);
+  }
+  return [...values].sort((a, b) => a - b);
+}
+var Scheduler = class {
+  jobs = /* @__PURE__ */ new Map();
+  onTrigger;
+  tickMs;
+  timer = null;
+  lastTickMinute = -1;
+  constructor(opts) {
+    this.onTrigger = opts.onTrigger;
+    this.tickMs = opts.tickMs ?? 6e4;
+  }
+  /**
+   * Add or replace a cron job. Validates the schedule eagerly.
+   * Throws if the cron expression is invalid.
+   */
+  addJob(job) {
+    const parsed = parseCron(job.schedule);
+    this.jobs.set(job.name, { ...job, enabled: job.enabled ?? true, parsed });
+  }
+  /**
+   * Remove a job by name. Returns true if removed.
+   */
+  removeJob(name) {
+    return this.jobs.delete(name);
+  }
+  /**
+   * List all registered jobs.
+   */
+  listJobs() {
+    return [...this.jobs.values()].map(({ parsed: _p, ...rest }) => rest);
+  }
+  /**
+   * Get the number of registered jobs.
+   */
+  get size() {
+    return this.jobs.size;
+  }
+  /**
+   * Start the tick loop. Idempotent — calling start() while running is a no-op.
+   */
+  start() {
+    if (this.timer) return;
+    this.timer = setInterval(() => this.tick(), this.tickMs);
+    this.timer.unref();
+    this.tick();
+  }
+  /**
+   * Stop the tick loop. Safe to call when not running.
+   */
+  stop() {
+    if (this.timer) {
+      clearInterval(this.timer);
+      this.timer = null;
+    }
+  }
+  /**
+   * Whether the scheduler is currently running.
+   */
+  get running() {
+    return this.timer !== null;
+  }
+  // ---------------------------------------------------------------------------
+  // Internal
+  // ---------------------------------------------------------------------------
+  tick() {
+    const now = /* @__PURE__ */ new Date();
+    const currentMinute = Math.floor(Date.now() / 6e4);
+    if (currentMinute === this.lastTickMinute) return;
+    this.lastTickMinute = currentMinute;
+    for (const job of this.jobs.values()) {
+      if (!job.enabled) continue;
+      if (cronMatches(job.parsed, now)) {
+        try {
+          this.onTrigger(job);
+        } catch {
+        }
+      }
+    }
+  }
+};
+var LogChannel = class {
+  id = "log-channel";
+  name = "log";
+  messageHandler = null;
+  onResponseCb;
+  constructor(opts) {
+    this.onResponseCb = opts?.onResponse;
+  }
+  // IChannel interface
+  async start(_config) {
+  }
+  async stop() {
+    this.messageHandler = null;
+  }
+  onMessage(handler) {
+    this.messageHandler = handler;
+  }
+  async send(to, msg) {
+    this.onResponseCb?.(to, msg);
+    return { success: true };
+  }
+  async isHealthy() {
+    return true;
+  }
+  /**
+   * Inject a synthetic inbound message (used by scheduler and webhooks).
+   */
+  injectMessage(msg) {
+    this.messageHandler?.(msg);
+  }
+};
+
+export {
+  CanvasTool,
+  SessionManager,
+  MessageRouter,
+  GatewayServer,
+  PairingManager,
+  CanvasSessionManager,
+  Scheduler,
+  LogChannel
+};