@corsair-dev/studio 0.1.0

package/dist/server/index.js

@@ -0,0 +1,1339 @@
+// src/server/index.ts
+import fs from "fs";
+import http2 from "http";
+import { findCorsairConfigPath } from "@corsair-dev/cli";
+
+// src/server/load.ts
+import { getCorsairInstance } from "@corsair-dev/cli";
+import { CORSAIR_INTERNAL } from "corsair/core";
+var cache = /* @__PURE__ */ new Map();
+function loadCorsair(cwd, options = {}) {
+  if (options.force) {
+    cache.delete(cwd);
+  }
+  const cached = cache.get(cwd);
+  if (cached) return cached;
+  const pending = (async () => {
+    const instance = await getCorsairInstance({
+      cwd,
+      shouldThrowOnError: true
+    });
+    const internal = instance[CORSAIR_INTERNAL];
+    if (!internal) {
+      throw new Error(
+        "Could not read internal config from Corsair instance. Upgrade the `corsair` package to the latest version."
+      );
+    }
+    const handle = {
+      instance,
+      internal,
+      resolveClient(tenantId) {
+        const obj = instance;
+        if (typeof obj.withTenant === "function") {
+          const tid = tenantId ?? "default";
+          return obj.withTenant(
+            tid
+          );
+        }
+        return obj;
+      }
+    };
+    return handle;
+  })();
+  cache.set(cwd, pending);
+  pending.catch(() => cache.delete(cwd));
+  return pending;
+}
+
+// src/server/handlers/auth.ts
+import * as http from "http";
+import * as https from "https";
+import * as net from "net";
+import * as querystring from "querystring";
+import {
+  createAccountKeyManager,
+  createIntegrationKeyManager
+} from "corsair/core";
+function getAuthType(plugin) {
+  return plugin.options?.authType;
+}
+function getOAuthConfig(plugin) {
+  return plugin.oauthConfig ?? null;
+}
+function getCustomIntegrationFields(plugin, authType) {
+  const authConfig = plugin.authConfig;
+  return authConfig?.[authType]?.integration ?? [];
+}
+function getCustomAccountFields(plugin, authType) {
+  const authConfig = plugin.authConfig;
+  return authConfig?.[authType]?.account ?? [];
+}
+function findFreePort() {
+  return new Promise((resolve2, reject) => {
+    const server = net.createServer();
+    server.listen(0, "127.0.0.1", () => {
+      const address = server.address();
+      const port = typeof address === "object" && address ? address.port : 0;
+      server.close((err) => {
+        if (err) reject(err);
+        else resolve2(port);
+      });
+    });
+    server.on("error", reject);
+  });
+}
+var pendingListeners = /* @__PURE__ */ new Map();
+function startCodeListener(port) {
+  let resolveCode;
+  let rejectCode;
+  const code = new Promise((resolve2, reject) => {
+    resolveCode = resolve2;
+    rejectCode = reject;
+  });
+  const server = http.createServer((req, res) => {
+    const reqUrl = new URL(req.url ?? "/", `http://localhost:${port}`);
+    const receivedCode = reqUrl.searchParams.get("code");
+    const error = reqUrl.searchParams.get("error");
+    if (error) {
+      res.writeHead(400, { "Content-Type": "text/html" });
+      res.end(
+        `<html><body style="font-family:system-ui;padding:2rem;"><h2>Authorization failed</h2><p>${error}</p><p>You can close this tab.</p></body></html>`
+      );
+      server.close();
+      rejectCode(new Error(`OAuth error: ${error}`));
+      return;
+    }
+    if (receivedCode) {
+      res.writeHead(200, { "Content-Type": "text/html" });
+      res.end(
+        `<html><body style="font-family:system-ui;padding:2rem;"><h2>Authorization successful</h2><p>You can close this tab and return to Corsair Studio.</p></body></html>`
+      );
+      server.close();
+      resolveCode(receivedCode);
+      return;
+    }
+    res.writeHead(400, { "Content-Type": "text/html" });
+    res.end("<html><body><h2>No code received.</h2></body></html>");
+  });
+  server.listen(port, "127.0.0.1");
+  server.on("error", rejectCode);
+  return { server, code };
+}
+function exchangeCodeForTokens(code, clientId, clientSecret, oauthConfig, redirectUri) {
+  const tokenUrl = new URL(oauthConfig.tokenUrl);
+  const useBasicAuth = oauthConfig.tokenAuthMethod === "basic";
+  return new Promise((resolve2, reject) => {
+    const params = {
+      code: code.trim(),
+      redirect_uri: redirectUri,
+      grant_type: "authorization_code"
+    };
+    if (!useBasicAuth) {
+      params.client_id = clientId;
+      params.client_secret = clientSecret;
+    }
+    const postData = querystring.stringify(params);
+    const headers = {
+      "Content-Type": "application/x-www-form-urlencoded",
+      "Content-Length": Buffer.byteLength(postData).toString()
+    };
+    if (useBasicAuth) {
+      headers.Authorization = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString("base64")}`;
+    }
+    const req = https.request(
+      {
+        hostname: tokenUrl.hostname,
+        path: tokenUrl.pathname,
+        method: "POST",
+        headers
+      },
+      (res) => {
+        let data = "";
+        res.on("data", (c) => {
+          data += c;
+        });
+        res.on("end", () => {
+          if (res.statusCode !== 200) {
+            reject(new Error(`Token exchange failed: ${data}`));
+            return;
+          }
+          try {
+            resolve2(JSON.parse(data));
+          } catch {
+            reject(new Error(`Token exchange: invalid JSON response: ${data}`));
+          }
+        });
+      }
+    );
+    req.on(
+      "error",
+      (e) => reject(new Error(`Token exchange request failed: ${e.message}`))
+    );
+    req.write(postData);
+    req.end();
+  });
+}
+var startOAuth = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const pluginId = String(body.pluginId ?? "");
+  const tenantId = String(body.tenantId ?? "default");
+  if (!pluginId) throw new Error("Missing pluginId.");
+  const { internal } = await ctx.getCorsair();
+  const database = internal.database;
+  if (!database) throw new Error("No database configured.");
+  const plugin = internal.plugins.find((p) => p.id === pluginId);
+  if (!plugin) throw new Error(`Plugin '${pluginId}' not found.`);
+  const authType = getAuthType(plugin);
+  if (authType !== "oauth_2") {
+    throw new Error(
+      `Plugin '${pluginId}' uses auth type '${authType}', not OAuth. Set credentials via /api/credentials/set.`
+    );
+  }
+  const oauthCfg = getOAuthConfig(plugin);
+  if (!oauthCfg) throw new Error(`No oauthConfig on plugin '${plugin.id}'.`);
+  const extraIntegration = getCustomIntegrationFields(plugin, "oauth_2");
+  const integrationKm = createIntegrationKeyManager({
+    authType: "oauth_2",
+    integrationName: plugin.id,
+    kek: internal.kek,
+    database,
+    extraIntegrationFields: extraIntegration
+  });
+  const clientId = await integrationKm.get_client_id();
+  const clientSecret = await integrationKm.get_client_secret();
+  if (!clientId || !clientSecret) {
+    throw new Error(
+      `client_id and/or client_secret not set for '${plugin.id}'. Set them in Credentials first.`
+    );
+  }
+  let redirectUri;
+  let localhostPort;
+  if (oauthCfg.requiresRegisteredRedirect) {
+    const stored = await integrationKm.get_redirect_url();
+    if (!stored) {
+      throw new Error(
+        `This provider requires a registered redirect_url. Set it in Credentials first.`
+      );
+    }
+    redirectUri = stored;
+    const m = redirectUri.match(/^https?:\/\/(?:localhost|127\.0\.0\.1):(\d+)/);
+    if (!m?.[1]) {
+      return {
+        status: "needs_code",
+        authUrl: buildAuthUrl(oauthCfg, clientId, redirectUri),
+        redirectUri,
+        note: "This redirect URI is not a localhost URL \u2014 complete the flow manually and paste the code back in."
+      };
+    }
+    localhostPort = parseInt(m[1], 10);
+  } else {
+    localhostPort = await findFreePort();
+    redirectUri = `http://localhost:${localhostPort}`;
+  }
+  const authUrl = buildAuthUrl(oauthCfg, clientId, redirectUri);
+  const key = `${pluginId}:${tenantId}`;
+  const existing = pendingListeners.get(key);
+  if (existing) {
+    existing.server.close();
+    pendingListeners.delete(key);
+  }
+  const { server, code } = startCodeListener(localhostPort);
+  pendingListeners.set(key, { redirectUri, codePromise: code, server });
+  code.then(async (receivedCode) => {
+    try {
+      const tokens = await exchangeCodeForTokens(
+        receivedCode,
+        clientId,
+        clientSecret,
+        oauthCfg,
+        redirectUri
+      );
+      if (!tokens.access_token) return;
+      const extraAccount = getCustomAccountFields(plugin, "oauth_2");
+      const accountKm = createAccountKeyManager({
+        authType: "oauth_2",
+        integrationName: plugin.id,
+        tenantId,
+        kek: internal.kek,
+        database,
+        extraAccountFields: extraAccount
+      });
+      await accountKm.set_access_token(tokens.access_token);
+      if (tokens.refresh_token)
+        await accountKm.set_refresh_token(tokens.refresh_token);
+      if (tokens.expires_in)
+        await accountKm.set_expires_at(
+          (Math.floor(Date.now() / 1e3) + tokens.expires_in).toString()
+        );
+    } finally {
+      pendingListeners.delete(key);
+    }
+  }).catch(() => {
+    pendingListeners.delete(key);
+  });
+  return { status: "pending_oauth", authUrl, redirectUri };
+};
+function buildAuthUrl(oauthCfg, clientId, redirectUri) {
+  const params = {
+    client_id: clientId,
+    redirect_uri: redirectUri,
+    response_type: "code",
+    scope: oauthCfg.scopes.join(" "),
+    ...oauthCfg.authParams
+  };
+  return `${oauthCfg.authUrl}?${querystring.stringify(params)}`;
+}
+var exchangeOAuth = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const pluginId = String(body.pluginId ?? "");
+  const tenantId = String(body.tenantId ?? "default");
+  const code = String(body.code ?? "");
+  if (!pluginId) throw new Error("Missing pluginId.");
+  if (!code) throw new Error("Missing code.");
+  const { internal } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const plugin = internal.plugins.find((p) => p.id === pluginId);
+  if (!plugin) throw new Error(`Plugin '${pluginId}' not found.`);
+  const oauthCfg = getOAuthConfig(plugin);
+  if (!oauthCfg) throw new Error(`No oauthConfig on plugin '${plugin.id}'.`);
+  const extraIntegration = getCustomIntegrationFields(plugin, "oauth_2");
+  const integrationKm = createIntegrationKeyManager({
+    authType: "oauth_2",
+    integrationName: plugin.id,
+    kek: internal.kek,
+    database: internal.database,
+    extraIntegrationFields: extraIntegration
+  });
+  const clientId = await integrationKm.get_client_id();
+  const clientSecret = await integrationKm.get_client_secret();
+  const redirectUri = await integrationKm.get_redirect_url() ?? "";
+  if (!clientId || !clientSecret) {
+    throw new Error(
+      "client_id/client_secret not set. Set them in Credentials first."
+    );
+  }
+  const tokens = await exchangeCodeForTokens(
+    code,
+    clientId,
+    clientSecret,
+    oauthCfg,
+    redirectUri
+  );
+  if (!tokens.access_token) {
+    throw new Error("No access_token in response from provider.");
+  }
+  const extraAccount = getCustomAccountFields(plugin, "oauth_2");
+  const accountKm = createAccountKeyManager({
+    authType: "oauth_2",
+    integrationName: plugin.id,
+    tenantId,
+    kek: internal.kek,
+    database: internal.database,
+    extraAccountFields: extraAccount
+  });
+  await accountKm.set_access_token(tokens.access_token);
+  if (tokens.refresh_token)
+    await accountKm.set_refresh_token(tokens.refresh_token);
+  if (tokens.expires_in)
+    await accountKm.set_expires_at(
+      (Math.floor(Date.now() / 1e3) + tokens.expires_in).toString()
+    );
+  return { ok: true };
+};
+
+// src/server/handlers/credentials-internal.ts
+var BASE_FIELDS = {
+  oauth_2: {
+    integration: ["client_id", "client_secret", "redirect_url"],
+    account: ["access_token", "refresh_token", "expires_at"]
+  },
+  api_key: { integration: [], account: ["api_key"] },
+  bot_token: { integration: [], account: ["bot_token"] }
+};
+function getCustomFields(plugin, authType) {
+  const authConfig = plugin.authConfig;
+  const entry = authConfig?.[authType];
+  return {
+    integration: entry?.integration ?? [],
+    account: entry?.account ?? []
+  };
+}
+async function getAuthFieldStatus(opts) {
+  const {
+    authType,
+    extraIntegration,
+    extraAccount,
+    integrationNamespace,
+    accountNamespace,
+    includeIntegration = true,
+    includeAccount = true
+  } = opts;
+  if (!authType) return [];
+  const base = BASE_FIELDS[authType];
+  const integrationFields = Array.from(
+    /* @__PURE__ */ new Set([...base.integration, ...extraIntegration])
+  );
+  const accountFields = Array.from(/* @__PURE__ */ new Set([...base.account, ...extraAccount]));
+  const result = [];
+  if (includeIntegration && integrationFields.length > 0) {
+    for (const f of integrationFields) {
+      const value = await tryGet(integrationNamespace, f);
+      result.push({ name: f, level: "integration", set: !!value });
+    }
+  }
+  if (includeAccount && accountFields.length > 0) {
+    for (const f of accountFields) {
+      const value = await tryGet(accountNamespace, f);
+      result.push({ name: f, level: "account", set: !!value });
+    }
+  }
+  return result;
+}
+async function tryGet(km, field) {
+  const fn = km[`get_${field}`];
+  if (typeof fn !== "function") return null;
+  try {
+    return await fn();
+  } catch {
+    return null;
+  }
+}
+function maskValue(value) {
+  if (!value) return null;
+  return value.length <= 9 ? "***" : `${value.slice(0, 6)}...${value.slice(-3)}`;
+}
+
+// src/server/handlers/credentials.ts
+var BASE = {
+  oauth_2: {
+    integration: ["client_id", "client_secret", "redirect_url"],
+    account: [
+      "access_token",
+      "refresh_token",
+      "expires_at",
+      "webhook_signature"
+    ]
+  },
+  api_key: { integration: [], account: ["api_key", "webhook_signature"] },
+  bot_token: { integration: [], account: ["bot_token", "webhook_signature"] }
+};
+var getCredentials = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const pluginId = String(body.pluginId ?? "");
+  const tenantId = String(body.tenantId ?? "default");
+  const scope = body.scope === "main" ? "main" : "tenant";
+  const showRaw = body.showRaw === true;
+  const { internal, instance, resolveClient } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const plugin = internal.plugins.find((p) => p.id === pluginId);
+  if (!plugin) throw new Error(`Plugin '${pluginId}' not found.`);
+  const authType = plugin.options?.authType;
+  const state = {
+    authType: authType ?? null,
+    integration: {},
+    account: {}
+  };
+  if (!authType) return state;
+  const custom = getCustomFields(plugin, authType);
+  const base = BASE[authType];
+  const integrationFields = Array.from(
+    /* @__PURE__ */ new Set([...base.integration, ...custom.integration])
+  );
+  const accountFields = Array.from(
+    /* @__PURE__ */ new Set([...base.account, ...custom.account])
+  );
+  const rootKeys = instance.keys ?? null;
+  const integrationNamespace = rootKeys?.[pluginId] ?? null;
+  const client = resolveClient(tenantId);
+  const pluginNamespace = client[pluginId] ?? null;
+  const accountNamespace = scope === "tenant" ? pluginNamespace?.keys ?? null : null;
+  if (integrationFields.length > 0) {
+    for (const f of integrationFields) {
+      const fn = integrationNamespace?.[`get_${f}`];
+      const v = typeof fn === "function" ? await fn() : null;
+      state.integration[f] = showRaw ? v : maskValue(v);
+    }
+  }
+  if (scope === "tenant" && accountFields.length > 0) {
+    for (const f of accountFields) {
+      const fn = accountNamespace?.[`get_${f}`];
+      const v = typeof fn === "function" ? await fn() : null;
+      state.account[f] = showRaw ? v : maskValue(v);
+    }
+  }
+  return state;
+};
+var setCredentials = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const pluginId = String(body.pluginId ?? "");
+  const tenantId = String(body.tenantId ?? "default");
+  const scope = body.scope === "main" ? "main" : "tenant";
+  const fields = body.fields ?? {};
+  const { internal, instance, resolveClient } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const plugin = internal.plugins.find((p) => p.id === pluginId);
+  if (!plugin) throw new Error(`Plugin '${pluginId}' not found.`);
+  const authType = plugin.options?.authType;
+  if (!authType) {
+    throw new Error(`Plugin '${pluginId}' does not require credentials.`);
+  }
+  const custom = getCustomFields(plugin, authType);
+  const base = BASE[authType];
+  const integrationFields = /* @__PURE__ */ new Set([
+    ...base.integration,
+    ...custom.integration
+  ]);
+  const accountFields = /* @__PURE__ */ new Set([...base.account, ...custom.account]);
+  const rootKeys = instance.keys ?? null;
+  const integrationNamespace = rootKeys?.[pluginId] ?? null;
+  const client = resolveClient(tenantId);
+  const pluginNamespace = client[pluginId] ?? null;
+  const accountNamespace = scope === "tenant" ? pluginNamespace?.keys ?? null : null;
+  const updated = [];
+  for (const [field, value] of Object.entries(fields)) {
+    if (value === void 0 || value === null || value === "") continue;
+    if (integrationFields.has(field)) {
+      const setter = integrationNamespace?.[`set_${field}`];
+      if (typeof setter === "function") {
+        await setter(value);
+        updated.push(`integration:${field}`);
+        continue;
+      }
+    }
+    if (scope === "tenant" && accountFields.has(field)) {
+      const setter = accountNamespace?.[`set_${field}`];
+      if (typeof setter === "function") {
+        await setter(value);
+        updated.push(`account:${field}`);
+        continue;
+      }
+    }
+    throw new Error(`Unknown field '${field}' for plugin '${pluginId}'.`);
+  }
+  return { ok: true, updated };
+};
+
+// src/server/handlers/db.ts
+var CORE_TABLES = [
+  "corsair_integrations",
+  "corsair_accounts",
+  "corsair_entities",
+  "corsair_events",
+  "corsair_permissions"
+];
+function getKyselyDb(database) {
+  if (!database) return null;
+  const obj = database;
+  if (obj.db && typeof obj.db === "object" && "selectFrom" in obj.db) {
+    return obj.db;
+  }
+  if ("selectFrom" in obj) return obj;
+  return null;
+}
+var listDbTables = async (ctx) => {
+  const { internal } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const db = getKyselyDb(internal.database);
+  if (!db) throw new Error("Could not access kysely db handle.");
+  const existing = await db.introspection.getTables();
+  const existingNames = new Set(existing.map((t) => t.name));
+  return {
+    core: CORE_TABLES.filter((t) => existingNames.has(t)),
+    missing: CORE_TABLES.filter((t) => !existingNames.has(t)),
+    all: existing.map((t) => t.name).sort()
+  };
+};
+var listDbRows = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const table = String(body.table ?? "");
+  const limit = Math.min(Math.max(Number(body.limit ?? 50), 1), 500);
+  const offset = Math.max(Number(body.offset ?? 0), 0);
+  if (!table) throw new Error("Missing table.");
+  const { internal } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const db = getKyselyDb(internal.database);
+  if (!db) throw new Error("Could not access kysely db handle.");
+  let rows;
+  try {
+    const q = db.selectFrom(table).selectAll().limit(limit).offset(offset);
+    rows = await q.orderBy("created_at", "desc").execute();
+  } catch {
+    rows = await db.selectFrom(table).selectAll().limit(limit).offset(offset).execute();
+  }
+  const safeRows = rows.map(redactSensitive);
+  return { rows: safeRows, limit, offset };
+};
+var queryEntityData = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const tenant = String(body.tenant ?? "").trim();
+  const integration = String(body.integration ?? "").trim();
+  const entity = String(body.entity ?? "").trim();
+  const search = String(body.search ?? "").trim();
+  const limit = Math.min(Math.max(Number(body.limit ?? 30), 1), 200);
+  const offset = Math.max(Number(body.offset ?? 0), 0);
+  const rawSortField = String(body.sortField ?? "updated_at");
+  const rawSortDirection = String(body.sortDirection ?? "desc");
+  const sortField = rawSortField === "created_at" || rawSortField === "updated_at" ? rawSortField : "updated_at";
+  const sortDirection = rawSortDirection === "asc" || rawSortDirection === "desc" ? rawSortDirection : "desc";
+  if (!tenant) throw new Error("Missing tenant.");
+  if (!integration) throw new Error("Missing integration.");
+  if (!entity) throw new Error("Missing entity.");
+  const { internal } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const db = getKyselyDb(internal.database);
+  if (!db) throw new Error("Could not access kysely db handle.");
+  const base = db.selectFrom("corsair_entities as e").innerJoin("corsair_accounts as a", "a.id", "e.account_id").innerJoin("corsair_integrations as i", "i.id", "a.integration_id").where("a.tenant_id", "=", tenant).where("i.name", "=", integration).where("e.entity_type", "=", entity);
+  let rowsRaw = [];
+  let hasMore = false;
+  let total = 0;
+  if (!search) {
+    const page = await base.select(["e.id as id", "e.entity_id as entity_id", "e.data as data"]).orderBy(`e.${sortField}`, sortDirection).limit(limit + 1).offset(offset).execute();
+    hasMore = page.length > limit;
+    rowsRaw = hasMore ? page.slice(0, limit) : page;
+    total = hasMore ? offset + limit + 1 : offset + rowsRaw.length;
+  } else {
+    const matched = [];
+    const batchSize = 200;
+    let scanOffset = 0;
+    let matchedBeforePage = 0;
+    while (true) {
+      const batch = await base.select(["e.id as id", "e.entity_id as entity_id", "e.data as data"]).orderBy(`e.${sortField}`, sortDirection).limit(batchSize).offset(scanOffset).execute();
+      if (batch.length === 0) {
+        hasMore = false;
+        break;
+      }
+      for (const row of batch) {
+        if (!dataMatchesSearch(row.data, search)) continue;
+        if (matchedBeforePage < offset) {
+          matchedBeforePage += 1;
+          continue;
+        }
+        matched.push(row);
+        if (matched.length > limit) {
+          hasMore = true;
+          break;
+        }
+      }
+      if (hasMore) break;
+      scanOffset += batch.length;
+      if (batch.length < batchSize) break;
+    }
+    rowsRaw = matched.slice(0, limit);
+    total = matchedBeforePage + rowsRaw.length + (hasMore ? 1 : 0);
+  }
+  const rows = rowsRaw.map((row) => ({
+    id: row.id,
+    entity_id: row.entity_id,
+    data: row.data
+  })).map(redactSensitive);
+  return {
+    rows,
+    limit,
+    offset,
+    total,
+    hasMore
+  };
+};
+function redactSensitive(row) {
+  const copy = { ...row };
+  if ("dek" in copy && typeof copy.dek === "string" && copy.dek.length > 0) {
+    copy.dek = "***";
+  }
+  const config = copy.config;
+  if (config && typeof config === "object" && !Array.isArray(config)) {
+    const c = config;
+    const masked = {};
+    for (const [k, v] of Object.entries(c)) {
+      if (typeof v === "string" && v.length > 12) {
+        masked[k] = `${v.slice(0, 4)}\u2026${v.slice(-3)} (${v.length})`;
+      } else if (typeof v === "string") {
+        masked[k] = "***";
+      } else {
+        masked[k] = v;
+      }
+    }
+    copy.config = masked;
+  }
+  return copy;
+}
+function dataMatchesSearch(data, rawSearch) {
+  const search = rawSearch.toLowerCase();
+  if (!search) return true;
+  const values = collectPrimitiveValues(data);
+  return values.some((value) => value.toLowerCase().includes(search));
+}
+function collectPrimitiveValues(value) {
+  if (value === null || value === void 0) return [];
+  if (typeof value === "string") return [value];
+  if (typeof value === "number" || typeof value === "boolean") {
+    return [String(value)];
+  }
+  if (value instanceof Date) return [value.toISOString()];
+  if (Array.isArray(value)) {
+    return value.flatMap((item) => collectPrimitiveValues(item));
+  }
+  if (typeof value === "object") {
+    return Object.values(value).flatMap(
+      (v) => collectPrimitiveValues(v)
+    );
+  }
+  return [];
+}
+var listPermissions = async (ctx) => {
+  const { internal } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  const db = getKyselyDb(internal.database);
+  if (!db) throw new Error("Could not access kysely db handle.");
+  const limit = Math.min(
+    Math.max(Number(ctx.url.searchParams.get("limit") ?? 100), 1),
+    500
+  );
+  try {
+    const rows = await db.selectFrom("corsair_permissions").selectAll().limit(limit).offset(0).orderBy("created_at", "desc").execute();
+    return { rows };
+  } catch (err) {
+    return { rows: [], note: err.message };
+  }
+};
+
+// src/server/handlers/operations.ts
+function navigateToEndpoint(client, path) {
+  const parts = path.split(".");
+  let current = client;
+  for (const part of parts) {
+    if (current === null || typeof current !== "object") return void 0;
+    current = current[part];
+  }
+  return typeof current === "function" ? current : void 0;
+}
+var listOperations = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const plugin = body.plugin ? String(body.plugin) : void 0;
+  const type = body.type ? String(body.type) : void 0;
+  const { instance } = await ctx.getCorsair();
+  const corsair = instance;
+  if (typeof corsair.list_operations !== "function") {
+    throw new Error("list_operations not available on this Corsair instance.");
+  }
+  const opts = {};
+  if (plugin) opts.plugin = plugin;
+  if (type === "api" || type === "webhooks" || type === "db") opts.type = type;
+  return corsair.list_operations(opts);
+};
+var schemaForOperation = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const path = String(body.path ?? "");
+  if (!path) throw new Error("Missing path.");
+  const { instance } = await ctx.getCorsair();
+  const corsair = instance;
+  if (typeof corsair.get_schema !== "function") {
+    throw new Error("get_schema not available on this Corsair instance.");
+  }
+  const schema = corsair.get_schema(path);
+  return { schema };
+};
+var runOperation = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const path = String(body.path ?? "");
+  const tenant = body.tenant ? String(body.tenant) : void 0;
+  const input = body.input ?? {};
+  if (!path) throw new Error("Missing path.");
+  const handle = await ctx.getCorsair();
+  const client = handle.resolveClient(tenant);
+  const fn = navigateToEndpoint(client, path);
+  if (!fn) throw new Error(`Could not find endpoint '${path}'.`);
+  const started = Date.now();
+  try {
+    const result = await fn(input);
+    return {
+      ok: true,
+      durationMs: Date.now() - started,
+      result
+    };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return {
+      ok: false,
+      durationMs: Date.now() - started,
+      error: message.slice(0, 4e3)
+    };
+  }
+};
+var runScript = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const code = String(body.code ?? "");
+  const tenant = body.tenant ? String(body.tenant) : void 0;
+  if (!code) throw new Error("Missing code.");
+  const handle = await ctx.getCorsair();
+  const client = handle.resolveClient(tenant);
+  const AsyncFunction = Object.getPrototypeOf(async function() {
+  }).constructor;
+  const fn = new AsyncFunction("corsair", code);
+  const started = Date.now();
+  try {
+    const result = await fn(client);
+    return {
+      ok: true,
+      durationMs: Date.now() - started,
+      result: result ?? null
+    };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return {
+      ok: false,
+      durationMs: Date.now() - started,
+      error: message.slice(0, 4e3)
+    };
+  }
+};
+
+// src/server/handlers/plugin-setup.ts
+import { randomUUID } from "crypto";
+function asDb(internalDatabase) {
+  const wrapped = internalDatabase;
+  const candidate = wrapped.db ?? internalDatabase;
+  if (!candidate || typeof candidate !== "object" || !("selectFrom" in candidate && typeof candidate.selectFrom === "function") || !("insertInto" in candidate && typeof candidate.insertInto === "function")) {
+    throw new Error("Could not access kysely db handle.");
+  }
+  return candidate;
+}
+function hasAuthConfig(internal, pluginId) {
+  const plugin = internal.plugins.find((p) => p.id === pluginId);
+  if (!plugin) return false;
+  const options = plugin.options;
+  return typeof options?.authType === "string";
+}
+var setupPlugin = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const pluginId = String(body.pluginId ?? "").trim();
+  const tenantId = String(body.tenantId ?? "default").trim() || "default";
+  if (!pluginId) throw new Error("pluginId is required.");
+  const { internal, instance, resolveClient } = await ctx.getCorsair();
+  if (!internal.database) throw new Error("No database configured.");
+  if (!hasAuthConfig(internal, pluginId)) {
+    throw new Error(`Plugin '${pluginId}' has no credential setup.`);
+  }
+  const db = asDb(internal.database);
+  const now = /* @__PURE__ */ new Date();
+  let integration = await db.selectFrom("corsair_integrations").selectAll().where("name", "=", pluginId).executeTakeFirst();
+  if (!integration) {
+    const id = randomUUID();
+    await db.insertInto("corsair_integrations").values({
+      id,
+      name: pluginId,
+      config: {},
+      created_at: now,
+      updated_at: now
+    }).execute();
+    integration = await db.selectFrom("corsair_integrations").selectAll().where("id", "=", id).executeTakeFirst();
+  }
+  if (!integration) {
+    throw new Error(`Failed to create integration for '${pluginId}'.`);
+  }
+  const integrationId = integration.id;
+  if (typeof integrationId !== "string") {
+    throw new Error(`Invalid integration row for '${pluginId}'.`);
+  }
+  let account = await db.selectFrom("corsair_accounts").selectAll().where("tenant_id", "=", tenantId).where("integration_id", "=", integrationId).executeTakeFirst();
+  if (!account) {
+    await db.insertInto("corsair_accounts").values({
+      id: randomUUID(),
+      tenant_id: tenantId,
+      integration_id: integrationId,
+      config: {},
+      created_at: now,
+      updated_at: now
+    }).execute();
+    account = await db.selectFrom("corsair_accounts").selectAll().where("tenant_id", "=", tenantId).where("integration_id", "=", integrationId).executeTakeFirst();
+  }
+  const rootKeys = instance.keys ?? null;
+  const integrationNamespace = rootKeys?.[pluginId] ?? null;
+  if (!integration.dek) {
+    const issueIntegrationDek = integrationNamespace?.issue_new_dek;
+    if (typeof issueIntegrationDek === "function") {
+      await issueIntegrationDek();
+    }
+  }
+  if (account && !account.dek) {
+    const tenantClient = resolveClient(tenantId);
+    const pluginNamespace = tenantClient[pluginId] ?? null;
+    const accountKeys = pluginNamespace?.keys ?? null;
+    const issueAccountDek = accountKeys?.issue_new_dek;
+    if (typeof issueAccountDek === "function") {
+      await issueAccountDek();
+    }
+  }
+  return { ok: true };
+};
+
+// src/server/handlers/plugins.ts
+function getAuthType2(plugin) {
+  return plugin.options?.authType;
+}
+function getOAuthConfig2(plugin) {
+  return plugin.oauthConfig ?? null;
+}
+function getCustomFields2(plugin, authType) {
+  const authConfig = plugin.authConfig;
+  const entry = authConfig?.[authType];
+  return {
+    integration: entry?.integration ?? [],
+    account: entry?.account ?? []
+  };
+}
+var listPlugins = async (ctx) => {
+  const { internal, instance, resolveClient } = await ctx.getCorsair();
+  const tenantId = ctx.url.searchParams.get("tenant") ?? "default";
+  const scope = ctx.url.searchParams.get("scope") === "main" ? "main" : "tenant";
+  const client = resolveClient(tenantId);
+  const rootKeys = instance.keys ?? null;
+  const result = [];
+  for (const plugin of internal.plugins) {
+    const authType = getAuthType2(plugin);
+    const oauth = getOAuthConfig2(plugin);
+    const custom = authType ? getCustomFields2(plugin, authType) : { integration: [], account: [] };
+    const integrationNamespace = rootKeys?.[plugin.id] ?? null;
+    const pluginNamespace = client[plugin.id] ?? null;
+    const accountNamespace = pluginNamespace?.keys ?? null;
+    const status = await getAuthFieldStatus({
+      authType,
+      extraIntegration: custom.integration,
+      extraAccount: custom.account,
+      integrationNamespace,
+      accountNamespace,
+      includeIntegration: true,
+      includeAccount: scope !== "main"
+    });
+    result.push({
+      id: plugin.id,
+      authType: authType ?? "none",
+      authed: status.every((s) => s.set),
+      requiredFields: status,
+      oauth: oauth ? {
+        available: true,
+        scopes: oauth.scopes,
+        providerName: oauth.providerName ?? null
+      } : null
+    });
+  }
+  return result;
+};
+
+// src/server/handlers/status.ts
+var getStatus = async (ctx) => {
+  const { internal } = await ctx.getCorsair();
+  return {
+    multiTenancy: internal.multiTenancy,
+    pluginCount: internal.plugins.length,
+    hasDatabase: !!internal.database,
+    cwd: ctx.cwd
+  };
+};
+
+// src/server/handlers/tenants.ts
+import { randomUUID as randomUUID2 } from "crypto";
+function asDb2(internalDatabase) {
+  const wrapped = internalDatabase;
+  const candidate = wrapped.db ?? internalDatabase;
+  if (!candidate || typeof candidate !== "object" || !("selectFrom" in candidate && typeof candidate.selectFrom === "function") || !("insertInto" in candidate && typeof candidate.insertInto === "function")) {
+    throw new Error("Could not access kysely db handle.");
+  }
+  return candidate;
+}
+function getAuthPluginIds(internal) {
+  return internal.plugins.filter((plugin) => {
+    const options = plugin.options;
+    return typeof options?.authType === "string";
+  }).map((plugin) => plugin.id);
+}
+var listTenants = async (ctx) => {
+  const { internal } = await ctx.getCorsair();
+  if (!internal.multiTenancy) {
+    return { tenants: ["default"] };
+  }
+  if (!internal.database) throw new Error("No database configured.");
+  const db = asDb2(internal.database);
+  const rows = await db.selectFrom("corsair_accounts").selectAll().execute();
+  const ids = /* @__PURE__ */ new Set(["default"]);
+  for (const row of rows) {
+    const tenantId = row.tenant_id;
+    if (typeof tenantId === "string" && tenantId.trim()) {
+      ids.add(tenantId);
+    }
+  }
+  return { tenants: Array.from(ids).sort() };
+};
+var createTenant = async (ctx) => {
+  const body = await readJsonBody(ctx.req);
+  const tenantId = String(body.tenantId ?? "").trim();
+  if (!tenantId) {
+    throw new Error("tenantId is required.");
+  }
+  if (tenantId === "main") {
+    throw new Error('"main" is reserved. Pick another tenant id.');
+  }
+  const { internal, resolveClient } = await ctx.getCorsair();
+  if (!internal.multiTenancy) {
+    throw new Error("Multi-tenancy is not enabled for this Corsair instance.");
+  }
+  if (!internal.database) throw new Error("No database configured.");
+  const db = asDb2(internal.database);
+  const now = /* @__PURE__ */ new Date();
+  const authPluginIds = getAuthPluginIds(internal);
+  if (authPluginIds.length === 0) {
+    return { ok: true, created: false };
+  }
+  const integrations = await db.selectFrom("corsair_integrations").selectAll().execute();
+  const integrationByName = /* @__PURE__ */ new Map();
+  for (const row of integrations) {
+    const name = row.name;
+    if (typeof name === "string") integrationByName.set(name, row);
+  }
+  for (const pluginId of authPluginIds) {
+    if (integrationByName.has(pluginId)) continue;
+    const id = randomUUID2();
+    const row = {
+      id,
+      name: pluginId,
+      config: {},
+      created_at: now,
+      updated_at: now
+    };
+    await db.insertInto("corsair_integrations").values(row).execute();
+    integrationByName.set(pluginId, row);
+  }
+  const existingAccounts = await db.selectFrom("corsair_accounts").selectAll().where("tenant_id", "=", tenantId).execute();
+  const accountByIntegrationId = /* @__PURE__ */ new Map();
+  for (const row of existingAccounts) {
+    const integrationId = row.integration_id;
+    if (typeof integrationId === "string") {
+      accountByIntegrationId.set(integrationId, row);
+    }
+  }
+  let createdAny = false;
+  const pluginsMissingDek = /* @__PURE__ */ new Set();
+  for (const pluginId of authPluginIds) {
+    const integration = integrationByName.get(pluginId);
+    const integrationId = integration?.id;
+    if (typeof integrationId !== "string") continue;
+    const existing = accountByIntegrationId.get(integrationId);
+    if (!existing) {
+      createdAny = true;
+      pluginsMissingDek.add(pluginId);
+      await db.insertInto("corsair_accounts").values({
+        id: randomUUID2(),
+        tenant_id: tenantId,
+        integration_id: integrationId,
+        config: {},
+        created_at: now,
+        updated_at: now
+      }).execute();
+      continue;
+    }
+    if (!existing.dek) {
+      pluginsMissingDek.add(pluginId);
+    }
+  }
+  if (pluginsMissingDek.size > 0) {
+    const tenantClient = resolveClient(tenantId);
+    for (const pluginId of pluginsMissingDek) {
+      const pluginNamespace = tenantClient[pluginId];
+      const keyNamespace = pluginNamespace?.keys;
+      const issueDek = keyNamespace?.issue_new_dek;
+      if (typeof issueDek === "function") {
+        await issueDek();
+      }
+    }
+  }
+  return { ok: true, created: createdAny };
+};
+
+// src/server/router.ts
+var routes = [
+  { method: "GET", path: "/api/status", handler: getStatus },
+  { method: "GET", path: "/api/plugins", handler: listPlugins },
+  { method: "POST", path: "/api/plugins/setup", handler: setupPlugin },
+  { method: "GET", path: "/api/tenants", handler: listTenants },
+  { method: "POST", path: "/api/tenants/create", handler: createTenant },
+  { method: "POST", path: "/api/operations/list", handler: listOperations },
+  {
+    method: "POST",
+    path: "/api/operations/schema",
+    handler: schemaForOperation
+  },
+  { method: "POST", path: "/api/operations/run", handler: runOperation },
+  { method: "POST", path: "/api/operations/script", handler: runScript },
+  { method: "POST", path: "/api/credentials/get", handler: getCredentials },
+  { method: "POST", path: "/api/credentials/set", handler: setCredentials },
+  { method: "POST", path: "/api/auth/start", handler: startOAuth },
+  { method: "POST", path: "/api/auth/exchange", handler: exchangeOAuth },
+  { method: "GET", path: "/api/db/tables", handler: listDbTables },
+  { method: "POST", path: "/api/db/rows", handler: listDbRows },
+  { method: "POST", path: "/api/db/entities/query", handler: queryEntityData },
+  { method: "GET", path: "/api/db/permissions", handler: listPermissions }
+];
+async function handleApi(req, res, baseCtx) {
+  const url = new URL(req.url ?? "/", "http://localhost");
+  const method = (req.method ?? "GET").toUpperCase();
+  const route = routes.find(
+    (r) => r.method === method && r.path === url.pathname
+  );
+  if (!route) {
+    res.writeHead(404, { "content-type": "application/json" });
+    res.end(
+      JSON.stringify({ error: `No such endpoint: ${method} ${url.pathname}` })
+    );
+    return;
+  }
+  const ctx = { req, res, url, ...baseCtx };
+  try {
+    const result = await route.handler(ctx);
+    if (res.writableEnded || res.headersSent) return;
+    res.writeHead(200, { "content-type": "application/json" });
+    res.end(JSON.stringify(result ?? null));
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    if (!res.headersSent) {
+      res.writeHead(500, { "content-type": "application/json" });
+      res.end(JSON.stringify({ error: message }));
+    }
+  }
+}
+async function readJsonBody(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    req.on("data", (c) => chunks.push(c));
+    req.on("end", () => {
+      const raw = Buffer.concat(chunks).toString("utf8");
+      if (!raw) return resolve2({});
+      try {
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+          resolve2(parsed);
+        } else {
+          resolve2({});
+        }
+      } catch (e) {
+        reject(new Error(`Invalid JSON body: ${e.message}`));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+
+// src/server/serve-static.ts
+import { createReadStream, existsSync, statSync } from "fs";
+import { extname, join, normalize, resolve } from "path";
+import { fileURLToPath } from "url";
+var MIME = {
+  ".html": "text/html; charset=utf-8",
+  ".js": "application/javascript; charset=utf-8",
+  ".mjs": "application/javascript; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".svg": "image/svg+xml",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".ico": "image/x-icon",
+  ".map": "application/json; charset=utf-8",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2"
+};
+function resolveWebRoot() {
+  const here = fileURLToPath(new URL(".", import.meta.url));
+  const built = resolve(here, "../web");
+  if (existsSync(join(built, "index.html"))) return built;
+  const viaDev = resolve(here, "../../dist/web");
+  return viaDev;
+}
+function createStaticServer(webRoot) {
+  const root = webRoot ?? resolveWebRoot();
+  return function serveStatic(req, res) {
+    if (req.method !== "GET" && req.method !== "HEAD") return false;
+    const url = new URL(req.url ?? "/", "http://localhost");
+    let pathname = decodeURIComponent(url.pathname);
+    if (pathname === "/" || pathname === "") pathname = "/index.html";
+    const unsafe = join(root, pathname);
+    const safe = normalize(unsafe);
+    if (!safe.startsWith(root)) {
+      res.writeHead(403).end("forbidden");
+      return true;
+    }
+    let filePath = safe;
+    if (!existsSync(filePath) || !statSync(filePath).isFile()) {
+      filePath = join(root, "index.html");
+      if (!existsSync(filePath)) {
+        res.writeHead(404, { "content-type": "text/plain" });
+        res.end(
+          `Corsair Studio assets not found at ${root}.
+If running from source, run \`pnpm --filter @corsair-dev/studio build:web\` first.`
+        );
+        return true;
+      }
+    }
+    const ext = extname(filePath).toLowerCase();
+    const type = MIME[ext] ?? "application/octet-stream";
+    res.writeHead(200, { "content-type": type });
+    if (req.method === "HEAD") {
+      res.end();
+      return true;
+    }
+    createReadStream(filePath).pipe(res);
+    return true;
+  };
+}
+
+// src/server/index.ts
+async function startStudio(options = {}) {
+  const cwd = options.cwd ?? process.cwd();
+  const port = options.port ?? 4317;
+  const host = options.host ?? "127.0.0.1";
+  const open = options.open ?? true;
+  let handle;
+  try {
+    handle = await loadCorsair(cwd);
+  } catch (err) {
+    console.error("[corsair:studio] Failed to load your corsair instance:");
+    console.error(`  ${err instanceof Error ? err.message : String(err)}`);
+    throw err;
+  }
+  const configPath = findCorsairConfigPath(cwd);
+  let refreshTimer = null;
+  let refreshing = null;
+  let refreshQueued = false;
+  const uiEventClients = /* @__PURE__ */ new Set();
+  const notifyUiCorsairChanged = () => {
+    const message = `event: corsair-changed
+data: ${JSON.stringify({ ts: Date.now() })}
+
+`;
+    for (const client of uiEventClients) {
+      client.write(message);
+    }
+  };
+  const refreshCorsair = async () => {
+    if (refreshing) {
+      refreshQueued = true;
+      return refreshing;
+    }
+    refreshing = (async () => {
+      do {
+        refreshQueued = false;
+        try {
+          const nextHandle = await loadCorsair(cwd, { force: true });
+          handle = nextHandle;
+          console.log(
+            "[corsair:studio] Reloaded Corsair instance after change."
+          );
+          console.log(
+            `[corsair:studio]   plugins: ${handle.internal.plugins.length}`
+          );
+          console.log(
+            `[corsair:studio]   multiTenant: ${handle.internal.multiTenancy ? "yes" : "no"}`
+          );
+          notifyUiCorsairChanged();
+        } catch (err) {
+          console.error(
+            "[corsair:studio] Failed to reload Corsair instance after change:"
+          );
+          console.error(
+            `  ${err instanceof Error ? err.message : String(err)}`
+          );
+        }
+      } while (refreshQueued);
+    })().finally(() => {
+      refreshing = null;
+    });
+    return refreshing;
+  };
+  const onConfigFileChange = (curr, prev) => {
+    if (curr.mtimeMs === prev.mtimeMs && curr.size === prev.size) return;
+    if (refreshTimer) clearTimeout(refreshTimer);
+    refreshTimer = setTimeout(() => {
+      void refreshCorsair();
+    }, 120);
+  };
+  if (configPath) {
+    fs.watchFile(configPath, { interval: 250 }, onConfigFileChange);
+    console.log(`[corsair:studio] watching: ${configPath}`);
+  } else {
+    console.log(
+      "[corsair:studio] warning: could not find corsair config file."
+    );
+  }
+  const serveStatic = createStaticServer(options.webRoot);
+  const server = http2.createServer(async (req, res) => {
+    res.setHeader("Cache-Control", "no-store");
+    const url2 = new URL(req.url ?? "/", `http://${host}:${port}`);
+    if (url2.pathname === "/api/events") {
+      res.writeHead(200, {
+        "content-type": "text/event-stream",
+        "cache-control": "no-cache, no-transform",
+        connection: "keep-alive"
+      });
+      res.write(": connected\n\n");
+      uiEventClients.add(res);
+      req.on("close", () => {
+        uiEventClients.delete(res);
+      });
+      return;
+    }
+    if (url2.pathname.startsWith("/api/")) {
+      await handleApi(req, res, {
+        cwd,
+        getCorsair: async () => handle
+      });
+      return;
+    }
+    if (serveStatic(req, res)) return;
+    res.writeHead(404).end("not found");
+  });
+  await new Promise((resolve2, reject) => {
+    server.once("error", reject);
+    server.listen(port, host, () => resolve2());
+  });
+  const url = `http://${host}:${port}`;
+  console.log(`[corsair:studio] \u2192 ${url}`);
+  console.log(`[corsair:studio]   project: ${cwd}`);
+  console.log(`[corsair:studio]   plugins: ${handle.internal.plugins.length}`);
+  console.log(
+    `[corsair:studio]   multiTenant: ${handle.internal.multiTenancy ? "yes" : "no"}`
+  );
+  if (open) {
+    openInBrowser(url).catch(() => {
+      console.log("[corsair:studio] Could not open browser automatically.");
+    });
+  }
+  return {
+    port,
+    url,
+    close: async () => {
+      if (refreshTimer) {
+        clearTimeout(refreshTimer);
+        refreshTimer = null;
+      }
+      if (configPath) {
+        fs.unwatchFile(configPath, onConfigFileChange);
+      }
+      for (const client of uiEventClients) {
+        client.end();
+      }
+      uiEventClients.clear();
+      await new Promise(
+        (resolve2, reject) => server.close((err) => err ? reject(err) : resolve2())
+      );
+    }
+  };
+}
+async function openInBrowser(url) {
+  const { spawn } = await import("child_process");
+  const platform = process.platform;
+  const cmd = platform === "darwin" ? "open" : platform === "win32" ? "cmd" : "xdg-open";
+  const args = platform === "win32" ? ["/c", "start", '""', url] : [url];
+  const child = spawn(cmd, args, { detached: true, stdio: "ignore" });
+  child.unref();
+}
+export {
+  startStudio as start,
+  startStudio
+};