npm - @dev-anywhere/relay - Versions diffs - 0.1.8 → 0.2.0 - Mend

@dev-anywhere/relay 0.1.8 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/dist/chaos.d.ts +1 -1
package/dist/chaos.d.ts.map +1 -1
package/dist/{chunk-ZFCNDSFL.js → chunk-SM2GRUCV.js} +739 -739
package/dist/chunk-SM2GRUCV.js.map +1 -0
package/dist/handlers/client.d.ts +1 -1
package/dist/handlers/client.d.ts.map +1 -1
package/dist/handlers/proxy.d.ts +1 -1
package/dist/handlers/proxy.d.ts.map +1 -1
package/dist/health.d.ts.map +1 -1
package/dist/index.js +142 -4
package/dist/index.js.map +1 -1
package/dist/registry.d.ts +0 -2
package/dist/registry.d.ts.map +1 -1
package/dist/router.d.ts +1 -1
package/dist/router.d.ts.map +1 -1
package/dist/runtime-env.d.ts +3 -1
package/dist/runtime-env.d.ts.map +1 -1
package/dist/server.d.ts +2 -1
package/dist/server.d.ts.map +1 -1
package/dist/server.js +1 -1
package/package.json +2 -2
package/dist/chunk-ZFCNDSFL.js.map +0 -1

package/dist/{chunk-ZFCNDSFL.js → chunk-SM2GRUCV.js} RENAMED Viewed

@@ -4,373 +4,85 @@
 import express from "express";
 import { existsSync } from "fs";
 import { createServer } from "http";
-import { homedir as homedir2 } from "os";
+import { homedir } from "os";
 import { dirname as dirname2, resolve } from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
 import { WebSocketServer } from "ws";
 // src/registry.ts
 import { WebSocket } from "ws";
-var RelayRegistry = class {
-  proxyStates = /* @__PURE__ */ new Map();
-  clientBindings = /* @__PURE__ */ new Map();
-  connectedClients = /* @__PURE__ */ new Set();
-  registerProxy(proxyId, ws, name) {
-    const existing = this.proxyStates.get(proxyId);
-    if (existing) {
-      if (existing.ws && existing.ws.readyState === WebSocket.OPEN) {
-        existing.ws.terminate();
-      }
-      existing.ws = ws;
-      existing.connectionState = "online";
-      existing.disconnectedAt = null;
-      if (name !== void 0) existing.name = name;
-      return "reconnected";
-    }
-    this.proxyStates.set(proxyId, {
-      ws,
-      connectionState: "online",
-      sessions: /* @__PURE__ */ new Set(),
-      disconnectedAt: null,
-      name
-    });
-    return "new";
-  }
-  // 标记 proxy 离线，保留所有状态等待重连，不设超时
-  // 清理只在 proxy 主动退出（proxy_disconnect）或 relay 启动清理废弃数据时发生
-  markProxyOffline(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    if (!state) return;
-    state.ws = null;
-    state.connectionState = "offline";
-    state.disconnectedAt = Date.now();
-  }
-  // 显式状态转换，校验 from 状态匹配后更新 connectionState
-  transitionProxy(proxyId, from, to) {
-    if (from === to) {
-      throw new Error(`Invalid proxy transition: ${from} -> ${to} (same state)`);
-    }
-    const state = this.proxyStates.get(proxyId);
-    if (!state) {
-      throw new Error(`Proxy not found: ${proxyId}`);
-    }
-    if (state.connectionState !== from) {
-      throw new Error(
-        `Proxy ${proxyId} state mismatch: expected ${from}, actual ${state.connectionState}`
-      );
-    }
-    state.connectionState = to;
-    if (to === "offline") {
-      state.ws = null;
-      state.disconnectedAt = Date.now();
-    }
-  }
-  // 显式客户端状态转换，校验 from 状态匹配后更新 connectionState
-  transitionClient(clientId, from, to) {
-    if (from === to) {
-      throw new Error(`Invalid client transition: ${from} -> ${to} (same state)`);
-    }
-    const binding = this.clientBindings.get(clientId);
-    if (!binding) {
-      throw new Error(`Client not found: ${clientId}`);
-    }
-    if (binding.connectionState !== from) {
-      throw new Error(
-        `Client ${clientId} state mismatch: expected ${from}, actual ${binding.connectionState}`
-      );
-    }
-    binding.connectionState = to;
-  }
-  getProxyConnectionState(proxyId) {
-    return this.proxyStates.get(proxyId)?.connectionState;
-  }
-  getClientConnectionState(clientId) {
-    return this.clientBindings.get(clientId)?.connectionState;
-  }
-  // 彻底清理 proxy 状态和客户端绑定
-  cleanupProxy(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    if (!state) return;
-    for (const [clientId, binding] of this.clientBindings) {
-      if (binding.proxyId === proxyId) {
-        this.clientBindings.delete(clientId);
-      }
-    }
-    this.proxyStates.delete(proxyId);
-  }
-  unregisterProxy(proxyId) {
-    this.cleanupProxy(proxyId);
-  }
-  getProxy(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    return state?.ws ?? void 0;
-  }
-  isProxyOnline(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    if (!state || state.connectionState !== "online") return false;
-    if (!state.ws || state.ws.readyState !== WebSocket.OPEN) return false;
-    return true;
-  }
-  // proxy 是否存在（含宽限期中的）
-  hasProxy(proxyId) {
-    return this.proxyStates.has(proxyId);
-  }
-  listProxies() {
-    return Array.from(this.proxyStates.keys());
-  }
-  // 返回 proxyId、name、online 的列表，用于 proxy_list_response
-  listProxiesWithName() {
-    return Array.from(this.proxyStates.entries()).map(([proxyId, state]) => ({
-      proxyId,
-      ...state.name !== void 0 ? { name: state.name } : {},
-      online: state.connectionState === "online"
-    }));
-  }
-  getProxyName(proxyId) {
-    return this.proxyStates.get(proxyId)?.name;
-  }
-  // 将 sessionId 关联到 proxy
-  addSessionToProxy(proxyId, sessionId) {
-    const state = this.proxyStates.get(proxyId);
-    if (state) {
-      state.sessions.add(sessionId);
-    }
-  }
-  // 通过 sessionId 反查所属 proxyId
-  getProxyForSession(sessionId) {
-    for (const [proxyId, state] of this.proxyStates) {
-      if (state.sessions.has(sessionId)) {
-        return proxyId;
-      }
-    }
-    return void 0;
-  }
-  // 获取 proxy 关联的所有 sessionId
-  getSessionsForProxy(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    return state ? Array.from(state.sessions) : [];
-  }
-  // clientId 绑定方式
-  bindClientById(clientId, proxyId, ws) {
-    if (!this.proxyStates.has(proxyId)) {
-      return false;
-    }
-    this.clientBindings.set(clientId, { proxyId, ws, connectionState: "bound" });
-    return true;
-  }
-  updateClientSocket(clientId, ws) {
-    const binding = this.clientBindings.get(clientId);
-    if (binding) {
-      binding.ws = ws;
-    }
-  }
-  // 断开客户端 WebSocket 但保留绑定关系，重连时可恢复
-  unbindClientById(clientId) {
-    const binding = this.clientBindings.get(clientId);
-    if (binding) {
-      binding.ws = null;
-    }
-  }
-  getClientBinding(clientId) {
-    return this.clientBindings.get(clientId);
-  }
-  // 获取绑定到指定 proxy 的所有活跃客户端 WebSocket
-  getClientsForProxy(proxyId) {
-    const clients = [];
-    for (const [, binding] of this.clientBindings) {
-      if (binding.proxyId === proxyId && binding.ws && binding.ws.readyState === WebSocket.OPEN) {
-        clients.push(binding.ws);
-      }
-    }
-    return clients;
-  }
-  countClients() {
-    let count = 0;
-    for (const [, binding] of this.clientBindings) {
-      if (binding.ws) count++;
-    }
-    return count;
-  }
-  addClientWs(ws) {
-    this.connectedClients.add(ws);
-  }
-  removeClientWs(ws) {
-    this.connectedClients.delete(ws);
-  }
-  getAllClientWs() {
-    const clients = [];
-    for (const ws of this.connectedClients) {
-      if (ws.readyState === WebSocket.OPEN) {
-        clients.push(ws);
-      }
-    }
-    return clients;
-  }
-  // 获取单个 proxy 的详细状态信息
-  getProxyDetail(proxyId) {
-    const state = this.proxyStates.get(proxyId);
-    if (!state) return void 0;
-    return {
-      proxyId,
-      ...state.name !== void 0 ? { name: state.name } : {},
-      online: state.connectionState === "online",
-      connectionState: state.connectionState,
-      sessions: Array.from(state.sessions),
-      disconnectedAt: state.disconnectedAt
-    };
-  }
-  // 获取所有客户端绑定的详细信息
-  getClientDetails() {
-    const details = [];
-    for (const [clientId, binding] of this.clientBindings) {
-      details.push({
-        clientId,
-        proxyId: binding.proxyId,
-        online: binding.ws !== null && binding.ws !== void 0 && binding.ws.readyState === WebSocket.OPEN,
-        connectionState: binding.connectionState
-      });
-    }
-    return details;
-  }
-};
-// src/health.ts
-import { Router } from "express";
-// src/version.ts
-import { readFileSync } from "fs";
-import { dirname, join } from "path";
-import { fileURLToPath } from "url";
-function readRelayVersion() {
-  const packageJsonPath = join(dirname(fileURLToPath(import.meta.url)), "..", "package.json");
-  const pkg = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
-  return pkg.version ?? "unknown";
-}
-var RELAY_VERSION = readRelayVersion();
-// src/health.ts
-function bearerToken(authHeader) {
-  const match = /^Bearer\s+(.+)$/i.exec(authHeader ?? "");
-  return match?.[1] ?? null;
-}
-function healthRouter(registry, options = {}) {
-  const router = Router();
-  const proxyTokenRequired = options.proxyTokenRequired ?? false;
-  const clientTokenRequired = options.clientTokenRequired ?? false;
-  router.get("/health", (_req, res) => {
-    res.json({
-      status: "ok",
-      version: RELAY_VERSION,
-      uptime: process.uptime(),
-      auth: {
-        proxyTokenRequired,
-        clientTokenRequired
-      }
-    });
-  });
-  router.get("/auth/client", (req, res) => {
-    if (!clientTokenRequired) {
-      res.status(204).end();
-      return;
-    }
-    const token = bearerToken(req.get("authorization"));
-    if (options.validateClientToken?.(token)) {
-      res.status(204).end();
-      return;
-    }
-    res.status(401).json({ error: "invalid_client_token" });
-  });
-  router.get("/admin/client-token", (req, res) => {
-    if (!proxyTokenRequired) {
-      res.status(401).json({ error: "proxy_token_required" });
-      return;
-    }
-    const token = bearerToken(req.get("authorization"));
-    if (!options.validateProxyToken?.(token)) {
-      res.status(401).json({ error: "invalid_proxy_token" });
-      return;
-    }
-    const clientToken = options.getClientToken?.() ?? null;
-    if (!clientToken) {
-      res.status(204).end();
-      return;
-    }
-    res.json({ clientToken });
-  });
-  router.get("/status", (_req, res) => {
-    res.json({
-      version: RELAY_VERSION,
-      proxyCount: registry.listProxies().length,
-      clientCount: registry.countClients(),
-      uptime: process.uptime()
-    });
-  });
-  router.get("/api/status", (_req, res) => {
-    res.json({
-      version: RELAY_VERSION,
-      proxyCount: registry.listProxies().length,
-      clientCount: registry.countClients(),
-      uptime: process.uptime(),
-      bindings: registry.getClientDetails()
-    });
-  });
-  router.get("/api/proxies", (_req, res) => {
-    const proxyIds = registry.listProxies();
-    const details = proxyIds.map((id) => registry.getProxyDetail(id)).filter((d) => d !== void 0);
-    res.json(details);
-  });
-  router.get("/api/clients", (_req, res) => {
-    res.json(registry.getClientDetails());
-  });
-  return router;
-}
-// src/handlers/proxy.ts
-import { WebSocket as WebSocket3 } from "ws";
 // ../../packages/shared/dist/schemas/envelope.js
-import { z as z5 } from "zod";
+import { z as z6 } from "zod";
-// ../../packages/shared/dist/schemas/chat.js
+// ../../packages/shared/dist/schemas/id.js
 import { z } from "zod";
-var UserInputPayloadSchema = z.object({
-  text: z.string().min(1),
-  messageId: z.string().min(1).optional()
+var MAX_ID_LENGTH = 256;
+var IdSchema = z.string().min(1).max(MAX_ID_LENGTH);
+// ../../packages/shared/dist/schemas/chat.js
+import { z as z2 } from "zod";
+var UserInputPayloadSchema = z2.object({
+  text: z2.string().min(1),
+  messageId: z2.string().min(1).optional()
 });
-var AssistantMessagePayloadSchema = z.object({
-  text: z.string(),
-  isPartial: z.boolean()
+var AssistantMessagePayloadSchema = z2.object({
+  text: z2.string(),
+  isPartial: z2.boolean()
 });
-var ThinkingPayloadSchema = z.object({
-  text: z.string()
+var ThinkingPayloadSchema = z2.object({
+  text: z2.string()
 });
 // ../../packages/shared/dist/schemas/tool.js
-import { z as z2 } from "zod";
-var ToolUseRequestPayloadSchema = z2.object({
-  toolName: z2.string(),
-  toolId: z2.string(),
-  parameters: z2.record(z2.string(), z2.unknown())
+import { z as z3 } from "zod";
+var ToolUseRequestPayloadSchema = z3.object({
+  toolName: z3.string(),
+  toolId: IdSchema,
+  parameters: z3.record(z3.string(), z3.unknown())
 });
-var ToolApprovePayloadSchema = z2.object({
-  toolId: z2.string(),
-  whitelistTool: z2.boolean().optional()
+var ToolApprovePayloadSchema = z3.object({
+  toolId: IdSchema,
+  whitelistTool: z3.boolean().optional()
 });
-var ToolDenyPayloadSchema = z2.object({
-  toolId: z2.string(),
-  reason: z2.string().optional()
+var ToolDenyPayloadSchema = z3.object({
+  toolId: IdSchema,
+  reason: z3.string().optional()
 });
-var ToolResultPayloadSchema = z2.object({
-  toolId: z2.string(),
-  result: z2.unknown(),
-  isError: z2.boolean()
+var ToolResultPayloadSchema = z3.object({
+  toolId: IdSchema,
+  result: z3.unknown(),
+  isError: z3.boolean()
 });
 // ../../packages/shared/dist/schemas/session.js
-import { z as z3 } from "zod";
-var sessionStateValues = ["idle", "working", "waiting_approval", "error", "terminated"];
+import { z as z4 } from "zod";
+// ../../packages/shared/dist/constants/enums.js
 var providerValues = ["claude", "codex"];
 var ptyOwnerValues = ["local-terminal", "proxy-hosted"];
+var sessionModeValues = ["pty", "json"];
+// ../../packages/shared/dist/constants/pty.js
+var PtySemanticState = {
+  WORKING: "working",
+  TURN_COMPLETE: "turn_complete",
+  APPROVAL_WAIT: "approval_wait"
+};
+var ptySemanticStateValues = [
+  PtySemanticState.WORKING,
+  PtySemanticState.TURN_COMPLETE,
+  PtySemanticState.APPROVAL_WAIT
+];
+// ../../packages/shared/dist/schemas/session.js
+var sessionStateValues = [
+  "idle",
+  "working",
+  "waiting_approval",
+  "error",
+  "terminated"
+];
 var agentStatusPhaseValues = [
   "idle",
   "thinking",
@@ -379,171 +91,180 @@ var agentStatusPhaseValues = [
   "waiting_permission",
   "error"
 ];
-var SessionInfoSchema = z3.object({
-  sessionId: z3.string(),
-  name: z3.string().optional(),
-  state: z3.enum(sessionStateValues),
-  mode: z3.enum(["pty", "json"]).optional(),
-  provider: z3.enum(providerValues),
+var SessionInfoSchema = z4.object({
+  sessionId: IdSchema,
+  name: z4.string().optional(),
+  state: z4.enum(sessionStateValues),
+  mode: z4.enum(sessionModeValues).optional(),
+  provider: z4.enum(providerValues),
   // PTY 尺寸所有权:
   // - local-terminal: 本地 terminal 进程持有真实 PTY，Web 只按原始 cols/rows 展示
   // - proxy-hosted: serve 内托管 PTY，Web 可按视口请求 resize
-  ptyOwner: z3.enum(ptyOwnerValues).optional(),
-  lastActive: z3.number().optional()
+  ptyOwner: z4.enum(ptyOwnerValues).optional(),
+  lastActive: z4.number().optional()
 });
-var SessionCreatePayloadSchema = z3.object({
-  name: z3.string().optional(),
-  cwd: z3.string().optional(),
-  streamDelta: z3.boolean().optional()
+var SessionCreatePayloadSchema = z4.object({
+  name: z4.string().optional(),
+  cwd: z4.string().optional(),
+  streamDelta: z4.boolean().optional()
 });
-var SessionListPayloadSchema = z3.object({
-  sessions: z3.array(SessionInfoSchema)
+var SessionListPayloadSchema = z4.object({
+  sessions: z4.array(SessionInfoSchema)
 });
-var SessionSwitchPayloadSchema = z3.object({
-  sessionId: z3.string()
+var SessionSwitchPayloadSchema = z4.object({
+  sessionId: IdSchema
 });
-var SessionTerminatePayloadSchema = z3.object({
-  sessionId: z3.string()
+var SessionTerminatePayloadSchema = z4.object({
+  sessionId: IdSchema
 });
-var SessionStatusPayloadSchema = z3.object({
-  sessionId: z3.string(),
-  state: z3.enum(sessionStateValues),
-  lastActive: z3.number()
+var SessionStatusPayloadSchema = z4.object({
+  sessionId: IdSchema,
+  state: z4.enum(sessionStateValues),
+  lastActive: z4.number()
 });
-var PtyStatePayloadSchema = z3.object({
-  state: z3.enum(["working", "turn_complete", "approval_wait", "mid_pause"]),
-  title: z3.string().optional(),
-  tool: z3.string().optional()
+var PtyStatePayloadSchema = z4.object({
+  state: z4.enum(ptySemanticStateValues),
+  title: z4.string().optional(),
+  tool: z4.string().optional()
 });
-var AgentStatusPayloadSchema = z3.object({
-  provider: z3.enum(providerValues),
-  phase: z3.enum(agentStatusPhaseValues),
-  seq: z3.number().int().nonnegative(),
-  updatedAt: z3.number(),
-  toolName: z3.string().optional(),
-  toolInput: z3.record(z3.string(), z3.unknown()).optional(),
-  permissionRequest: z3.object({
-    requestId: z3.string(),
-    toolName: z3.string(),
-    input: z3.record(z3.string(), z3.unknown())
+var AgentStatusPayloadSchema = z4.object({
+  provider: z4.enum(providerValues),
+  phase: z4.enum(agentStatusPhaseValues),
+  seq: z4.number().int().nonnegative(),
+  updatedAt: z4.number(),
+  toolName: z4.string().optional(),
+  toolInput: z4.record(z4.string(), z4.unknown()).optional(),
+  permissionRequest: z4.object({
+    requestId: IdSchema,
+    toolName: z4.string(),
+    input: z4.record(z4.string(), z4.unknown())
   }).optional(),
-  permissionResolution: z3.object({
-    requestId: z3.string(),
-    outcome: z3.enum(["allow", "deny"])
+  permissionResolution: z4.object({
+    requestId: IdSchema,
+    outcome: z4.enum(["allow", "deny"])
   }).optional(),
-  summary: z3.string().optional()
+  summary: z4.string().optional()
 });
 // ../../packages/shared/dist/schemas/system.js
-import { z as z4 } from "zod";
-var HeartbeatPayloadSchema = z4.object({});
-var AuthPayloadSchema = z4.object({
-  pairingCode: z4.string().optional(),
-  token: z4.string().optional()
+import { z as z5 } from "zod";
+var HeartbeatPayloadSchema = z5.object({});
+var AuthPayloadSchema = z5.object({
+  pairingCode: z5.string().optional(),
+  token: z5.string().optional()
 });
-var SyncRequestPayloadSchema = z4.object({
-  lastSeq: z4.number().int().nonnegative()
+var SyncRequestPayloadSchema = z5.object({
+  lastSeq: z5.number().int().nonnegative()
 });
-var SyncResponsePayloadSchema = z4.object({
-  messages: z4.array(z4.record(z4.string(), z4.unknown()))
+var SyncResponsePayloadSchema = z5.object({
+  messages: z5.array(z5.record(z5.string(), z5.unknown()))
 });
 // ../../packages/shared/dist/schemas/envelope.js
 var BaseEnvelopeFields = {
-  seq: z5.number().int().nonnegative(),
-  sessionId: z5.string(),
-  timestamp: z5.number(),
-  source: z5.enum(["proxy", "client"]),
-  version: z5.string()
+  seq: z6.number().int().nonnegative(),
+  timestamp: z6.number(),
+  source: z6.enum(["proxy", "client"]),
+  version: z6.string()
+};
+var SessionedEnvelopeFields = {
+  ...BaseEnvelopeFields,
+  sessionId: IdSchema
 };
-var MessageEnvelopeSchema = z5.discriminatedUnion("type", [
+var MessageEnvelopeSchema = z6.discriminatedUnion("type", [
   // chat (3)
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("user_input"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("user_input"),
     payload: UserInputPayloadSchema
   }),
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("assistant_message"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("assistant_message"),
     payload: AssistantMessagePayloadSchema
   }),
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("thinking"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("thinking"),
     payload: ThinkingPayloadSchema
   }),
   // tool (4): 工具审批决策属于 relay control，不进入会话消息信封。
   // tool_use_request: 审批流请求（proxy → client），toolId 是 approval requestId
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("tool_use_request"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("tool_use_request"),
     payload: ToolUseRequestPayloadSchema
   }),
   // tool_result: 工具执行结果（proxy → client），toolId 对应 assistant_tool_use / tool_use_request 的 toolId
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("tool_result"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("tool_result"),
     payload: ToolResultPayloadSchema
   }),
   // assistant_tool_use: 纯展示型工具调用（proxy → client），区别于 tool_use_request 无审批语义
   // payload 结构复用 ToolUseRequestPayloadSchema；toolId 是 Claude 分配的 tool_use id
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("assistant_tool_use"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("assistant_tool_use"),
     payload: ToolUseRequestPayloadSchema
   }),
   // session (5)
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("session_create"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("session_create"),
     payload: SessionCreatePayloadSchema
   }),
-  z5.object({
+  // session_list 是全局广播 (列出所有 session), 不绑定具体 sessionId, 不携带该字段。
+  z6.object({
     ...BaseEnvelopeFields,
-    type: z5.literal("session_list"),
+    type: z6.literal("session_list"),
     payload: SessionListPayloadSchema
   }),
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("session_switch"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("session_switch"),
     payload: SessionSwitchPayloadSchema
   }),
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("session_terminate"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("session_terminate"),
     payload: SessionTerminatePayloadSchema
   }),
-  z5.object({
-    ...BaseEnvelopeFields,
-    type: z5.literal("session_status"),
+  z6.object({
+    ...SessionedEnvelopeFields,
+    type: z6.literal("session_status"),
     payload: SessionStatusPayloadSchema
   }),
-  // system (5)
-  z5.object({
+  // system (5): 心跳 / 认证 / 同步——全局, 无 sessionId
+  z6.object({
     ...BaseEnvelopeFields,
-    type: z5.literal("heartbeat"),
+    type: z6.literal("heartbeat"),
     payload: HeartbeatPayloadSchema
   }),
-  z5.object({
+  z6.object({
     ...BaseEnvelopeFields,
-    type: z5.literal("auth"),
+    type: z6.literal("auth"),
     payload: AuthPayloadSchema
   }),
-  z5.object({
+  z6.object({
     ...BaseEnvelopeFields,
-    type: z5.literal("sync_request"),
+    type: z6.literal("sync_request"),
     payload: SyncRequestPayloadSchema
   }),
-  z5.object({
+  z6.object({
     ...BaseEnvelopeFields,
-    type: z5.literal("sync_response"),
+    type: z6.literal("sync_response"),
     payload: SyncResponsePayloadSchema
   })
 ]);
+// ../../packages/shared/dist/builders/index.js
+function serializeControl(msg) {
+  return JSON.stringify(msg);
+}
 // ../../packages/shared/dist/schemas/relay-control.js
-import { z as z6 } from "zod";
+import { z as z7 } from "zod";
 // ../../packages/shared/dist/constants/relay-errors.js
 var RelayErrorCode = {
@@ -570,297 +291,301 @@ var ControlErrorCode = {
 };
 // ../../packages/shared/dist/schemas/relay-control.js
-var ProxyInfoSchema = z6.object({
-  proxyId: z6.string(),
-  name: z6.string().optional(),
-  online: z6.boolean(),
-  sessions: z6.array(z6.string()).optional()
+var ProxyInfoSchema = z7.object({
+  proxyId: IdSchema,
+  name: z7.string().optional(),
+  online: z7.boolean(),
+  sessions: z7.array(z7.string()).optional()
 });
-var AgentCliAvailabilitySchema = z6.object({
-  available: z6.boolean(),
-  command: z6.string().optional(),
-  error: z6.string().optional(),
-  suggestions: z6.array(z6.string()).optional()
+var AgentCliAvailabilitySchema = z7.object({
+  available: z7.boolean(),
+  command: z7.string().optional(),
+  error: z7.string().optional(),
+  suggestions: z7.array(z7.string()).optional()
 });
-var AgentCliStatusSchema = z6.object({
+var AgentCliStatusSchema = z7.object({
   claude: AgentCliAvailabilitySchema,
   codex: AgentCliAvailabilitySchema
 });
-var DirEntrySchema = z6.object({ name: z6.string(), isDir: z6.boolean() });
-var FileTreeGroupSchema = z6.object({
-  path: z6.string(),
-  entries: z6.array(DirEntrySchema)
+var DirEntrySchema = z7.object({ name: z7.string(), isDir: z7.boolean() });
+var FileTreeGroupSchema = z7.object({
+  path: z7.string(),
+  entries: z7.array(DirEntrySchema)
 });
-var CommandEntrySchema = z6.object({
-  name: z6.string(),
-  description: z6.string(),
-  argumentHint: z6.string().optional(),
-  source: z6.string()
+var CommandEntrySchema = z7.object({
+  name: z7.string(),
+  description: z7.string(),
+  argumentHint: z7.string().optional(),
+  source: z7.string()
 });
-var HistorySessionSchema = z6.object({
-  id: z6.string(),
-  title: z6.string(),
-  projectDir: z6.string(),
-  updatedAt: z6.number(),
-  provider: z6.enum(["claude", "codex"]).optional()
+var HistorySessionSchema = z7.object({
+  id: z7.string(),
+  title: z7.string(),
+  projectDir: z7.string(),
+  updatedAt: z7.number(),
+  provider: z7.enum(providerValues).optional()
 });
-var SessionHistoryMessageSchema = z6.object({
-  role: z6.enum(["user", "assistant"]),
-  text: z6.string(),
-  timestamp: z6.number().optional(),
-  cursor: z6.string().optional()
+var SessionHistoryMessageSchema = z7.object({
+  role: z7.enum(["user", "assistant"]),
+  text: z7.string(),
+  timestamp: z7.number().optional(),
+  cursor: z7.string().optional()
 });
-var RequestIdShape = { requestId: z6.string().min(1).optional() };
-var ControlErrorCodeSchema = z6.enum(Object.values(ControlErrorCode));
+var RequestIdShape = { requestId: IdSchema.optional() };
+var ControlErrorCodeSchema = z7.enum(Object.values(ControlErrorCode));
 var RequestErrorShape = {
-  error: z6.string().optional(),
+  error: z7.string().optional(),
   errorCode: ControlErrorCodeSchema.optional()
 };
-var ClipboardImageMimeTypeSchema = z6.enum(["image/png", "image/jpeg", "image/webp", "image/gif"]);
+var ClipboardImageMimeTypeSchema = z7.enum(["image/png", "image/jpeg", "image/webp", "image/gif"]);
 function control(type, shape, directions) {
   return {
     type,
     directions: new Set(Array.isArray(directions) ? directions : directions ? [directions] : []),
-    schema: z6.object({
-      type: z6.literal(type),
+    schema: z7.object({
+      type: z7.literal(type),
       ...shape ?? {}
     })
   };
 }
 var relayControlDefinitions = [
   control("proxy_register", {
-    proxyId: z6.string().min(1),
-    name: z6.string().optional()
+    proxyId: IdSchema,
+    name: z7.string().optional()
   }),
   control("proxy_register_response", {
-    status: z6.enum(["new", "reconnected"])
+    status: z7.enum(["new", "reconnected"])
   }),
   control("proxy_list_request", RequestIdShape),
   control("proxy_list_response", {
     ...RequestIdShape,
-    proxies: z6.array(ProxyInfoSchema)
+    proxies: z7.array(ProxyInfoSchema)
   }),
-  control("proxy_select", { ...RequestIdShape, proxyId: z6.string().min(1) }),
+  control("proxy_select", { ...RequestIdShape, proxyId: IdSchema }),
   control("proxy_select_response", {
     ...RequestIdShape,
-    success: z6.boolean(),
-    proxyId: z6.string().optional(),
+    success: z7.boolean(),
+    proxyId: IdSchema.optional(),
     ...RequestErrorShape
   }),
   control("relay_error", {
-    code: z6.enum(Object.values(RelayErrorCode)),
-    message: z6.string()
+    code: z7.enum(Object.values(RelayErrorCode)),
+    message: z7.string()
   }),
   // 客户端注册协议
   control("client_register", {
-    clientId: z6.string().min(1)
+    clientId: IdSchema
   }),
   control("client_register_response", {
-    status: z6.enum(["restored", "proxy_offline", "new"]),
-    proxyId: z6.string().optional()
+    status: z7.enum(["restored", "proxy_offline", "new"]),
+    proxyId: IdSchema.optional()
   }),
   // Proxy 离线通知
   control("proxy_offline", {
-    proxyId: z6.string()
+    proxyId: IdSchema
   }),
   // Proxy 主动断开，relay 立即清理资源
   control("proxy_disconnect", {
-    proxyId: z6.string().min(1)
+    proxyId: IdSchema
   }),
   // Proxy 重连后通知 client 恢复
   control("proxy_online", {
-    proxyId: z6.string().min(1)
+    proxyId: IdSchema
   }),
   // 目录列表请求与响应
   control("dir_list_request", {
-    proxyId: z6.string().min(1).optional(),
+    proxyId: IdSchema.optional(),
     ...RequestIdShape,
-    path: z6.string()
+    path: z7.string()
   }, "client_to_proxy"),
-  control("dir_list_response", { ...RequestIdShape, ...RequestErrorShape, entries: z6.array(DirEntrySchema), path: z6.string() }, "proxy_to_client"),
+  control("dir_list_response", { ...RequestIdShape, ...RequestErrorShape, entries: z7.array(DirEntrySchema), path: z7.string() }, "proxy_to_client"),
   // 目录创建请求与响应
-  control("dir_create_request", { ...RequestIdShape, path: z6.string() }, "client_to_proxy"),
+  control("dir_create_request", { ...RequestIdShape, path: z7.string() }, "client_to_proxy"),
   control("dir_create_response", {
     ...RequestIdShape,
     ...RequestErrorShape,
-    path: z6.string(),
-    success: z6.boolean()
+    path: z7.string(),
+    success: z7.boolean()
   }, "proxy_to_client"),
   // 命令列表推送，proxy 将可用命令列表推给 client
-  control("command_list_push", { commands: z6.array(CommandEntrySchema) }, "proxy_to_client"),
+  control("command_list_push", { commands: z7.array(CommandEntrySchema) }, "proxy_to_client"),
   // 文件树推送: 按目录分组, 首组 path 即为 session cwd
   // 前端直接把每组写入 tree[path], 与 dir_list_response 共享 cache slot
   control("file_tree_push", {
-    groups: z6.array(FileTreeGroupSchema)
+    groups: z7.array(FileTreeGroupSchema)
   }, "proxy_to_client"),
   // 会话列表请求与权限模式变更
   control("session_list", void 0, ["client_to_proxy", "proxy_to_client"]),
   control("permission_mode_change", {
-    mode: z6.enum(["default", "auto_accept", "plan"]),
+    mode: z7.enum(["default", "auto_accept", "plan"]),
     // sessionId 可选：传入时 proxy 按该会话的 mode 分叉（PTY 发 Tab ANSI），未传走全局日志行为
-    sessionId: z6.string().optional()
+    sessionId: IdSchema.optional()
   }, "client_to_proxy"),
   // 会话历史浏览
   control("session_history_request", RequestIdShape, "client_to_proxy"),
-  control("session_history_response", { ...RequestIdShape, sessions: z6.array(HistorySessionSchema) }, "proxy_to_client"),
+  control("session_history_response", { ...RequestIdShape, sessions: z7.array(HistorySessionSchema) }, "proxy_to_client"),
   // PTY 语义状态，从 Envelope 迁移到 Control 层
-  control("pty_state", { sessionId: z6.string(), payload: PtyStatePayloadSchema }, "proxy_to_client"),
+  control("pty_state", { sessionId: IdSchema, payload: PtyStatePayloadSchema }, "proxy_to_client"),
   // Provider 语义状态，来自 Claude/Codex hook 等结构化事件，不从 PTY 字节推断
-  control("agent_status", { sessionId: z6.string(), payload: AgentStatusPayloadSchema }, "proxy_to_client"),
+  control("agent_status", { sessionId: IdSchema, payload: AgentStatusPayloadSchema }, "proxy_to_client"),
   // 终端标题变化，proxy -> client
-  control("terminal_title", { sessionId: z6.string(), title: z6.string() }, "proxy_to_client"),
+  control("terminal_title", { sessionId: IdSchema, title: z7.string() }, "proxy_to_client"),
   // 终端尺寸变化，proxy -> client
-  control("terminal_resize", { sessionId: z6.string(), cols: z6.number().int().positive(), rows: z6.number().int().positive() }, "proxy_to_client"),
-  control("terminal_resize_request", { sessionId: z6.string(), cols: z6.number().int().positive(), rows: z6.number().int().positive() }, "client_to_proxy"),
+  control("terminal_resize", { sessionId: IdSchema, cols: z7.number().int().positive(), rows: z7.number().int().positive() }, "proxy_to_client"),
+  control("terminal_resize_request", { sessionId: IdSchema, cols: z7.number().int().positive(), rows: z7.number().int().positive() }, "client_to_proxy"),
   // 远程终止 JSON 会话，client -> proxy
-  control("session_terminate", { sessionId: z6.string() }, "client_to_proxy"),
+  control("session_terminate", { sessionId: IdSchema }, "client_to_proxy"),
   // 中断当前 turn，client -> proxy，SIGINT 到 worker 进程让 claude CLI abort 当前流
-  control("session_worker_abort", { sessionId: z6.string() }, "client_to_proxy"),
+  control("session_worker_abort", { sessionId: IdSchema }, "client_to_proxy"),
   // turn 完成信号，proxy -> client，对应 claude stream-json 的 result 事件
   control("turn_result", {
-    sessionId: z6.string(),
-    success: z6.boolean(),
-    isError: z6.boolean(),
+    sessionId: IdSchema,
+    success: z7.boolean(),
+    isError: z7.boolean(),
     // stream-json result.result 是本轮最终文本。assistant_message 流丢失或 CLI 未发增量时，
     // Web 用它作为 JSON 模式兜底展示，避免 turn 已结束但界面空白。
-    result: z6.string().optional()
+    result: z7.string().optional()
   }, "proxy_to_client"),
   // 客户端发送到 PTY 的原始字节（ANSI 序列），不追加换行
-  control("remote_input_raw", { sessionId: z6.string().min(1), data: z6.string() }, "client_to_proxy"),
+  control("remote_input_raw", { sessionId: IdSchema, data: z7.string() }, "client_to_proxy"),
   control("clipboard_image_upload", {
     ...RequestIdShape,
-    sessionId: z6.string().min(1),
+    sessionId: IdSchema,
     mimeType: ClipboardImageMimeTypeSchema,
-    dataBase64: z6.string().min(1),
-    fileName: z6.string().optional()
+    dataBase64: z7.string().min(1),
+    fileName: z7.string().optional()
   }, "client_to_proxy"),
   control("clipboard_image_upload_response", {
     ...RequestIdShape,
     ...RequestErrorShape,
-    sessionId: z6.string().min(1),
-    success: z6.boolean(),
-    path: z6.string()
+    sessionId: IdSchema,
+    success: z7.boolean(),
+    // success=false 时 proxy 没有有效 path 可填；保持 optional 以避免占位空字符串通过校验。
+    path: z7.string().optional()
   }, "proxy_to_client"),
   control("image_preview_request", {
     ...RequestIdShape,
-    sessionId: z6.string().min(1),
-    path: z6.string().min(1)
+    sessionId: IdSchema,
+    path: z7.string().min(1)
   }, "client_to_proxy"),
   control("image_preview_response", {
     ...RequestIdShape,
     ...RequestErrorShape,
-    sessionId: z6.string().min(1),
-    success: z6.boolean(),
-    path: z6.string(),
+    sessionId: IdSchema,
+    success: z7.boolean(),
+    // 同 clipboard_image_upload_response：失败时 proxy 不一定有路径。
+    path: z7.string().optional(),
     mimeType: ClipboardImageMimeTypeSchema.optional(),
-    dataBase64: z6.string().optional(),
-    size: z6.number().int().nonnegative().optional()
+    dataBase64: z7.string().optional(),
+    size: z7.number().int().nonnegative().optional()
   }, "proxy_to_client"),
   // 客户端询问 proxy 的环境信息 (home 路径等), client -> proxy -> response
   // FilePathPicker 用 homePath 作为 select 模式下的默认起点, 新建会话时打开即可浏览
   control("proxy_info_request", RequestIdShape, "client_to_proxy"),
-  control("proxy_info", { ...RequestIdShape, homePath: z6.string(), agentCli: AgentCliStatusSchema }, "proxy_to_client"),
-  control("agent_cli_config_update", { ...RequestIdShape, provider: z6.enum(["claude", "codex"]), path: z6.string().min(1) }, "client_to_proxy"),
+  control("proxy_info", { ...RequestIdShape, homePath: z7.string(), agentCli: AgentCliStatusSchema }, "proxy_to_client"),
+  control("agent_cli_config_update", { ...RequestIdShape, provider: z7.enum(providerValues), path: z7.string().min(1) }, "client_to_proxy"),
   control("agent_cli_config_update_response", {
     ...RequestIdShape,
-    provider: z6.enum(["claude", "codex"]),
+    provider: z7.enum(providerValues),
     agentCli: AgentCliStatusSchema.optional(),
     ...RequestErrorShape
   }, "proxy_to_client"),
   // 远程创建 JSON 会话，client -> proxy -> response
   control("session_create", {
     ...RequestIdShape,
-    cwd: z6.string(),
-    provider: z6.enum(["claude", "codex"]),
-    mode: z6.enum(["json", "pty"]).optional(),
-    resumeSessionId: z6.string().optional(),
+    cwd: z7.string(),
+    provider: z7.enum(providerValues),
+    mode: z7.enum(sessionModeValues).optional(),
+    resumeSessionId: z7.string().optional(),
     // 透传给 claude CLI 的 --permission-mode, undefined 时 proxy 兜底为 "default"
-    permissionMode: z6.enum(["default", "auto", "acceptEdits", "plan", "bypassPermissions", "dontAsk"]).optional()
+    permissionMode: z7.enum(["default", "auto", "acceptEdits", "plan", "bypassPermissions", "dontAsk"]).optional()
   }, "client_to_proxy"),
   control("session_create_response", {
     ...RequestIdShape,
-    sessionId: z6.string(),
-    mode: z6.enum(["json", "pty"]).optional(),
-    provider: z6.enum(["claude", "codex"]).optional(),
-    ptyOwner: z6.enum(["local-terminal", "proxy-hosted"]).optional(),
+    // 失败路径只送 errorCode/error, sessionId 此时无语义。成功路径才有 id。
+    sessionId: IdSchema.optional(),
+    mode: z7.enum(sessionModeValues).optional(),
+    provider: z7.enum(providerValues).optional(),
+    ptyOwner: z7.enum(ptyOwnerValues).optional(),
     ...RequestErrorShape
   }, "proxy_to_client"),
   // 客户端请求会话历史消息，client -> proxy
   control("session_messages_request", {
     ...RequestIdShape,
-    sessionId: z6.string(),
-    limit: z6.number().int().min(1).max(200).optional(),
-    before: z6.string().optional()
+    sessionId: IdSchema,
+    limit: z7.number().int().min(1).max(200).optional(),
+    before: z7.string().optional()
   }, "client_to_proxy"),
   // 客户端请求会话资源（命令列表 + 文件树），client -> proxy
-  control("session_resources_request", { ...RequestIdShape, sessionId: z6.string() }, "client_to_proxy"),
+  control("session_resources_request", { ...RequestIdShape, sessionId: IdSchema }, "client_to_proxy"),
   control("session_resources_response", {
     ...RequestIdShape,
     ...RequestErrorShape,
-    sessionId: z6.string(),
-    commands: z6.array(CommandEntrySchema),
-    groups: z6.array(FileTreeGroupSchema)
+    sessionId: IdSchema,
+    commands: z7.array(CommandEntrySchema),
+    groups: z7.array(FileTreeGroupSchema)
   }, "proxy_to_client"),
   // 客户端请求当前 provider 语义状态；不经 relay 缓存，由 proxy 返回当前值
-  control("agent_status_request", { ...RequestIdShape, sessionId: z6.string().optional() }, "client_to_proxy"),
+  control("agent_status_request", { ...RequestIdShape, sessionId: IdSchema.optional() }, "client_to_proxy"),
   control("agent_status_response", {
     ...RequestIdShape,
-    statuses: z6.array(z6.object({ sessionId: z6.string(), payload: AgentStatusPayloadSchema }))
+    statuses: z7.array(z7.object({ sessionId: IdSchema, payload: AgentStatusPayloadSchema }))
   }, "proxy_to_client"),
   // 客户端确认已收到审批请求；proxy 只记录送达状态，不把它当成用户决策
-  control("permission_request_delivered", { sessionId: z6.string(), requestId: z6.string() }, "client_to_proxy"),
-  control("tool_approve", { sessionId: z6.string(), payload: ToolApprovePayloadSchema }, "client_to_proxy"),
-  control("tool_deny", { sessionId: z6.string(), payload: ToolDenyPayloadSchema }, "client_to_proxy"),
+  control("permission_request_delivered", { sessionId: IdSchema, requestId: IdSchema }, "client_to_proxy"),
+  control("tool_approve", { sessionId: IdSchema, payload: ToolApprovePayloadSchema }, "client_to_proxy"),
+  control("tool_deny", { sessionId: IdSchema, payload: ToolDenyPayloadSchema }, "client_to_proxy"),
   // proxy 确认用户决策已进入 provider/worker 路径；web 用它更新审批卡片状态
   control("permission_decision_result", {
-    sessionId: z6.string(),
-    requestId: z6.string(),
-    outcome: z6.enum(["allow", "deny"]),
-    delivered: z6.boolean(),
-    message: z6.string().optional()
+    sessionId: IdSchema,
+    requestId: IdSchema,
+    outcome: z7.enum(["allow", "deny"]),
+    delivered: z7.boolean(),
+    message: z7.string().optional()
   }, "proxy_to_client"),
   // proxy 推送当前 pending 的工具审批列表，client 据此恢复审批卡片
   control("pending_approvals_push", {
-    sessionId: z6.string(),
-    approvals: z6.array(z6.object({
-      requestId: z6.string(),
-      toolName: z6.string(),
-      input: z6.record(z6.string(), z6.unknown())
+    sessionId: IdSchema,
+    approvals: z7.array(z7.object({
+      requestId: IdSchema,
+      toolName: z7.string(),
+      input: z7.record(z7.string(), z7.unknown())
     }))
   }, "proxy_to_client"),
   // 恢复会话时推送历史消息，proxy -> client
   control("session_history_messages", {
     ...RequestIdShape,
-    sessionId: z6.string(),
-    before: z6.string().optional(),
-    messages: z6.array(SessionHistoryMessageSchema),
-    hasMore: z6.boolean().optional(),
-    nextBefore: z6.string().optional()
+    sessionId: IdSchema,
+    before: z7.string().optional(),
+    messages: z7.array(SessionHistoryMessageSchema),
+    hasMore: z7.boolean().optional(),
+    nextBefore: z7.string().optional()
   }, "proxy_to_client"),
-  // proxy 重连后同步活跃 session 列表给 relay
+  // proxy 重连后同步活跃 session 列表给 relay。session_sync 由 relay 自消费（更新 proxy-session
+  // 关联）不转发给 client，因此**没有** direction 标注——RelayControlDirection 只描述转发流。
   control("session_sync", {
-    sessions: z6.array(z6.object({
-      id: z6.string(),
-      mode: z6.enum(["pty", "json"]),
-      provider: z6.enum(["claude", "codex"]),
-      ptyOwner: z6.enum(["local-terminal", "proxy-hosted"]).optional(),
-      state: z6.string()
+    sessions: z7.array(z7.object({
+      id: z7.string(),
+      mode: z7.enum(sessionModeValues),
+      provider: z7.enum(providerValues),
+      ptyOwner: z7.enum(ptyOwnerValues).optional(),
+      state: z7.enum(sessionStateValues)
     }))
   }),
   // PTY 会话订阅，client -> proxy，触发 terminal serialize() 返回当前状态
-  control("session_subscribe", { sessionId: z6.string(), requestId: z6.string().optional() }, "client_to_proxy"),
+  control("session_subscribe", { sessionId: IdSchema, requestId: IdSchema.optional() }, "client_to_proxy"),
   // PTY 会话快照，proxy -> client，serialize() 的全量终端状态
   control("session_snapshot", {
-    sessionId: z6.string(),
-    cols: z6.number().int().positive(),
-    rows: z6.number().int().positive(),
-    data: z6.string(),
-    outputSeq: z6.number().int().nonnegative(),
-    requestId: z6.string().optional()
+    sessionId: IdSchema,
+    cols: z7.number().int().positive(),
+    rows: z7.number().int().positive(),
+    data: z7.string(),
+    outputSeq: z7.number().int().nonnegative(),
+    requestId: IdSchema.optional()
   }, "proxy_to_client")
 ];
 var relayControlSchemas = relayControlDefinitions.map((definition) => definition.schema);
-var RelayControlSchema = z6.discriminatedUnion("type", relayControlSchemas);
+var RelayControlSchema = z7.discriminatedUnion("type", relayControlSchemas);
 var ProxyToClientRelayControlTypes = new Set(relayControlDefinitions.filter((definition) => definition.directions.has("proxy_to_client")).map((definition) => definition.type));
 function isProxyToClientRelayControlType(type) {
   return ProxyToClientRelayControlTypes.has(type);
@@ -870,106 +595,348 @@ function isClientToProxyRelayControlType(type) {
   return ClientToProxyRelayControlTypes.has(type);
 }
-// ../../packages/shared/dist/logger.js
-import { lstatSync, mkdirSync, readdirSync, renameSync, statSync, symlinkSync, unlinkSync } from "fs";
-import { homedir } from "os";
-import { basename, join as join2 } from "path";
-import pino from "pino";
-var DEFAULT_LOG_DIR = `${homedir()}/.dev-anywhere/logs`;
-var DEFAULT_LOG_RETENTION = 50;
-var PROCESS_LOG_RUN_ID = sanitizeRunId(`${(/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-")}-${process.pid}`);
-function sanitizeRunId(runId) {
-  return runId.replace(/[^a-zA-Z0-9._-]/g, "_");
+// ../../packages/shared/dist/binary-frame.js
+var SID_LEN_BYTES = 1;
+var SEQ_BYTES = 4;
+var HEADER_FIXED_BYTES = SID_LEN_BYTES + SEQ_BYTES;
+// ../../packages/shared/dist/state-machine.js
+function computeAbsorbingSet(transitions) {
+  const absorbing = /* @__PURE__ */ new Set();
+  const entries = Object.entries(transitions);
+  for (const [s, outs] of entries) {
+    if (outs.length === 0)
+      absorbing.add(s);
+  }
+  let changed = true;
+  while (changed) {
+    changed = false;
+    for (const [s, outs] of entries) {
+      if (absorbing.has(s))
+        continue;
+      if (outs.length > 0 && outs.every((t) => absorbing.has(t))) {
+        absorbing.add(s);
+        changed = true;
+      }
+    }
+  }
+  return absorbing;
 }
-function linkLatestLog(logDir, name, filePath, runId) {
-  const latestPath = join2(logDir, `${name}.log`);
-  try {
-    const stat = lstatSync(latestPath);
-    if (stat.isSymbolicLink()) {
-      unlinkSync(latestPath);
-    } else {
-      renameSync(latestPath, join2(logDir, `${name}-legacy-${runId}.log`));
+function defineFSM(transitions) {
+  const absorbing = computeAbsorbingSet(transitions);
+  return {
+    canTransition: (from, to) => transitions[from]?.includes(to) ?? false,
+    isAbsorbing: (state) => absorbing.has(state)
+  };
+}
+// src/registry.ts
+var proxyConnectionFSM = defineFSM({
+  online: ["offline"],
+  offline: ["online"]
+});
+var RelayRegistry = class {
+  proxyStates = /* @__PURE__ */ new Map();
+  clientBindings = /* @__PURE__ */ new Map();
+  connectedClients = /* @__PURE__ */ new Set();
+  registerProxy(proxyId, ws, name) {
+    const existing = this.proxyStates.get(proxyId);
+    if (existing) {
+      if (existing.ws && existing.ws.readyState === WebSocket.OPEN) {
+        existing.ws.terminate();
+      }
+      existing.ws = ws;
+      existing.connectionState = "online";
+      existing.disconnectedAt = null;
+      if (name !== void 0) existing.name = name;
+      return "reconnected";
+    }
+    this.proxyStates.set(proxyId, {
+      ws,
+      connectionState: "online",
+      sessions: /* @__PURE__ */ new Set(),
+      disconnectedAt: null,
+      name
+    });
+    return "new";
+  }
+  // 显式状态转换，校验 from 状态匹配后更新 connectionState
+  transitionProxy(proxyId, from, to) {
+    if (!proxyConnectionFSM.canTransition(from, to)) {
+      throw new Error(`Invalid proxy transition: ${from} -> ${to}`);
+    }
+    const state = this.proxyStates.get(proxyId);
+    if (!state) {
+      throw new Error(`Proxy not found: ${proxyId}`);
+    }
+    if (state.connectionState !== from) {
+      throw new Error(
+        `Proxy ${proxyId} state mismatch: expected ${from}, actual ${state.connectionState}`
+      );
+    }
+    state.connectionState = to;
+    if (to === "offline") {
+      state.ws = null;
+      state.disconnectedAt = Date.now();
+    }
+  }
+  getProxyConnectionState(proxyId) {
+    return this.proxyStates.get(proxyId)?.connectionState;
+  }
+  getClientConnectionState(clientId) {
+    return this.clientBindings.get(clientId)?.connectionState;
+  }
+  // 彻底清理 proxy 状态和客户端绑定
+  cleanupProxy(proxyId) {
+    const state = this.proxyStates.get(proxyId);
+    if (!state) return;
+    for (const [clientId, binding] of this.clientBindings) {
+      if (binding.proxyId === proxyId) {
+        this.clientBindings.delete(clientId);
+      }
+    }
+    this.proxyStates.delete(proxyId);
+  }
+  unregisterProxy(proxyId) {
+    this.cleanupProxy(proxyId);
+  }
+  getProxy(proxyId) {
+    const state = this.proxyStates.get(proxyId);
+    return state?.ws ?? void 0;
+  }
+  isProxyOnline(proxyId) {
+    const state = this.proxyStates.get(proxyId);
+    if (!state || state.connectionState !== "online") return false;
+    if (!state.ws || state.ws.readyState !== WebSocket.OPEN) return false;
+    return true;
+  }
+  // proxy 是否存在（含宽限期中的）
+  hasProxy(proxyId) {
+    return this.proxyStates.has(proxyId);
+  }
+  listProxies() {
+    return Array.from(this.proxyStates.keys());
+  }
+  // 返回 proxyId、name、online 的列表，用于 proxy_list_response
+  listProxiesWithName() {
+    return Array.from(this.proxyStates.entries()).map(([proxyId, state]) => ({
+      proxyId,
+      ...state.name !== void 0 ? { name: state.name } : {},
+      online: state.connectionState === "online"
+    }));
+  }
+  getProxyName(proxyId) {
+    return this.proxyStates.get(proxyId)?.name;
+  }
+  // 将 sessionId 关联到 proxy
+  addSessionToProxy(proxyId, sessionId) {
+    const state = this.proxyStates.get(proxyId);
+    if (state) {
+      state.sessions.add(sessionId);
     }
-  } catch (err) {
-    const code = err.code;
-    if (code !== "ENOENT")
-      return;
   }
-  try {
-    symlinkSync(basename(filePath), latestPath);
-  } catch {
+  // 通过 sessionId 反查所属 proxyId
+  getProxyForSession(sessionId) {
+    for (const [proxyId, state] of this.proxyStates) {
+      if (state.sessions.has(sessionId)) {
+        return proxyId;
+      }
+    }
+    return void 0;
   }
-}
-function resolveRetention(retention) {
-  if (retention === void 0)
-    return DEFAULT_LOG_RETENTION;
-  return Number.isFinite(retention) && retention >= 0 ? Math.floor(retention) : DEFAULT_LOG_RETENTION;
-}
-function pruneOldLogs(logDir, name, currentFilePath, retention) {
-  const keep = resolveRetention(retention);
-  if (keep === 0)
-    return;
-  const currentFileName = basename(currentFilePath);
-  const prefix = `${name}-`;
-  const candidates = readdirSync(logDir).filter((entry) => entry.startsWith(prefix) && entry.endsWith(".log") && entry !== currentFileName).map((entry) => {
-    const path = join2(logDir, entry);
-    try {
-      return { path, mtimeMs: statSync(path).mtimeMs };
-    } catch {
-      return null;
+  // 获取 proxy 关联的所有 sessionId
+  getSessionsForProxy(proxyId) {
+    const state = this.proxyStates.get(proxyId);
+    return state ? Array.from(state.sessions) : [];
+  }
+  // clientId 绑定方式
+  bindClientById(clientId, proxyId, ws) {
+    if (!this.proxyStates.has(proxyId)) {
+      return false;
     }
-  }).filter((entry) => entry !== null).sort((a, b) => b.mtimeMs - a.mtimeMs);
-  for (const stale of candidates.slice(Math.max(0, keep - 1))) {
-    try {
-      unlinkSync(stale.path);
-    } catch {
+    this.clientBindings.set(clientId, { proxyId, ws, connectionState: "bound" });
+    return true;
+  }
+  updateClientSocket(clientId, ws) {
+    const binding = this.clientBindings.get(clientId);
+    if (binding) {
+      binding.ws = ws;
     }
   }
-}
-function buildPinoLogger(options) {
-  const { name, level = "info", logDir = DEFAULT_LOG_DIR, retention, stdout = false, silent = false } = options;
-  if (silent) {
-    return pino({ level: "silent" });
+  // 断开客户端 WebSocket 但保留绑定关系，重连时可恢复
+  unbindClientById(clientId) {
+    const binding = this.clientBindings.get(clientId);
+    if (binding) {
+      binding.ws = null;
+    }
+  }
+  getClientBinding(clientId) {
+    return this.clientBindings.get(clientId);
+  }
+  // 获取绑定到指定 proxy 的所有活跃客户端 WebSocket
+  getClientsForProxy(proxyId) {
+    const clients = [];
+    for (const [, binding] of this.clientBindings) {
+      if (binding.proxyId === proxyId && binding.ws && binding.ws.readyState === WebSocket.OPEN) {
+        clients.push(binding.ws);
+      }
+    }
+    return clients;
+  }
+  countClients() {
+    let count = 0;
+    for (const [, binding] of this.clientBindings) {
+      if (binding.ws && binding.ws.readyState === WebSocket.OPEN) count++;
+    }
+    return count;
+  }
+  addClientWs(ws) {
+    this.connectedClients.add(ws);
+  }
+  removeClientWs(ws) {
+    this.connectedClients.delete(ws);
+  }
+  getAllClientWs() {
+    const clients = [];
+    for (const ws of this.connectedClients) {
+      if (ws.readyState === WebSocket.OPEN) {
+        clients.push(ws);
+      }
+    }
+    return clients;
+  }
+  // 获取单个 proxy 的详细状态信息
+  getProxyDetail(proxyId) {
+    const state = this.proxyStates.get(proxyId);
+    if (!state) return void 0;
+    return {
+      proxyId,
+      ...state.name !== void 0 ? { name: state.name } : {},
+      online: state.connectionState === "online",
+      connectionState: state.connectionState,
+      sessions: Array.from(state.sessions),
+      disconnectedAt: state.disconnectedAt
+    };
   }
-  mkdirSync(logDir, { recursive: true });
-  const runId = PROCESS_LOG_RUN_ID;
-  const filePath = join2(logDir, `${name}-${runId}.log`);
-  linkLatestLog(logDir, name, filePath, runId);
-  pruneOldLogs(logDir, name, filePath, retention);
-  const streams = [{ stream: pino.destination(filePath) }];
-  if (stdout) {
-    streams.unshift({ stream: process.stdout });
+  // 获取所有客户端绑定的详细信息
+  getClientDetails() {
+    const details = [];
+    for (const [clientId, binding] of this.clientBindings) {
+      details.push({
+        clientId,
+        proxyId: binding.proxyId,
+        online: binding.ws !== null && binding.ws !== void 0 && binding.ws.readyState === WebSocket.OPEN,
+        connectionState: binding.connectionState
+      });
+    }
+    return details;
   }
-  return pino({ level }, pino.multistream(streams));
+};
+// src/health.ts
+import { Router } from "express";
+// src/version.ts
+import { readFileSync } from "fs";
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+function readRelayVersion() {
+  const packageJsonPath = join(dirname(fileURLToPath(import.meta.url)), "..", "package.json");
+  const pkg = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
+  return pkg.version ?? "unknown";
 }
-function createLogger(options) {
-  let real = null;
-  const ensure = () => {
-    if (!real)
-      real = buildPinoLogger(options);
-    return real;
-  };
-  return new Proxy(/* @__PURE__ */ Object.create(null), {
-    get(_target, prop) {
-      const target = ensure();
-      const value = Reflect.get(target, prop, target);
-      return typeof value === "function" ? value.bind(target) : value;
-    },
-    set(_target, prop, value) {
-      return Reflect.set(ensure(), prop, value);
-    },
-    has(_target, prop) {
-      return Reflect.has(ensure(), prop);
-    },
-    ownKeys() {
-      return Reflect.ownKeys(ensure());
-    },
-    getOwnPropertyDescriptor(_target, prop) {
-      return Reflect.getOwnPropertyDescriptor(ensure(), prop);
+var RELAY_VERSION = readRelayVersion();
+// src/health.ts
+function bearerToken(authHeader) {
+  const match = /^Bearer\s+(.+)$/i.exec(authHeader ?? "");
+  return match?.[1] ?? null;
+}
+function healthRouter(registry, options = {}) {
+  const router = Router();
+  const proxyTokenRequired = options.proxyTokenRequired ?? false;
+  const clientTokenRequired = options.clientTokenRequired ?? false;
+  router.get("/health", (_req, res) => {
+    res.json({
+      status: "ok",
+      version: RELAY_VERSION,
+      uptime: process.uptime(),
+      auth: {
+        proxyTokenRequired,
+        clientTokenRequired
+      }
+    });
+  });
+  router.get("/api/auth/client", (req, res) => {
+    if (!clientTokenRequired) {
+      res.status(204).end();
+      return;
+    }
+    const token = bearerToken(req.get("authorization"));
+    if (options.validateClientToken?.(token)) {
+      res.status(204).end();
+      return;
+    }
+    res.status(401).json({ error: "invalid_client_token" });
+  });
+  router.get("/api/admin/client-token", (req, res) => {
+    if (!proxyTokenRequired) {
+      res.status(401).json({ error: "proxy_token_required" });
+      return;
+    }
+    const token = bearerToken(req.get("authorization"));
+    if (!options.validateProxyToken?.(token)) {
+      res.status(401).json({ error: "invalid_proxy_token" });
+      return;
+    }
+    const clientToken = options.getClientToken?.() ?? null;
+    if (!clientToken) {
+      res.status(204).end();
+      return;
     }
+    res.json({ clientToken });
+  });
+  function requireProxyTokenIfConfigured(req, res) {
+    if (!proxyTokenRequired) return true;
+    const token = bearerToken(req.get("authorization"));
+    if (options.validateProxyToken?.(token)) return true;
+    res.status(401).json({ error: "invalid_proxy_token" });
+    return false;
+  }
+  router.get("/status", (_req, res) => {
+    res.json({
+      version: RELAY_VERSION,
+      proxyCount: registry.listProxies().length,
+      clientCount: registry.countClients(),
+      uptime: process.uptime()
+    });
+  });
+  router.get("/api/status", (req, res) => {
+    if (!requireProxyTokenIfConfigured(req, res)) return;
+    res.json({
+      version: RELAY_VERSION,
+      proxyCount: registry.listProxies().length,
+      clientCount: registry.countClients(),
+      uptime: process.uptime(),
+      bindings: registry.getClientDetails()
+    });
+  });
+  router.get("/api/proxies", (req, res) => {
+    if (!requireProxyTokenIfConfigured(req, res)) return;
+    const proxyIds = registry.listProxies();
+    const details = proxyIds.map((id) => registry.getProxyDetail(id)).filter((d) => d !== void 0);
+    res.json(details);
+  });
+  router.get("/api/clients", (req, res) => {
+    if (!requireProxyTokenIfConfigured(req, res)) return;
+    res.json(registry.getClientDetails());
   });
+  return router;
 }
+// src/handlers/proxy.ts
+import { WebSocket as WebSocket3 } from "ws";
 // src/router.ts
 import { WebSocket as WebSocket2 } from "ws";
 function parseMessage(data) {
@@ -1000,8 +967,9 @@ function routeProxyMessage(raw, proxyId, registry, logger, chaos) {
     return;
   }
   const { message } = result;
-  const { sessionId } = message;
-  registry.addSessionToProxy(proxyId, sessionId);
+  if ("sessionId" in message) {
+    registry.addSessionToProxy(proxyId, message.sessionId);
+  }
   const clients = registry.getClientsForProxy(proxyId);
   for (const clientWs of clients) {
     if (clientWs.readyState === WebSocket2.OPEN) {
@@ -1037,6 +1005,7 @@ function routeClientMessage(raw, proxyId, clientWs, registry, logger, chaos) {
 // src/handlers/proxy.ts
 var MAX_BINARY_FRAME_SIZE = 10 * 1024 * 1024;
+var MAX_JSON_MESSAGE_SIZE = 1 * 1024 * 1024;
 function notifyClientsProxyOffline(proxyId, registry, logger, chaos) {
   const clients = registry.getClientsForProxy(proxyId);
   const msg = JSON.stringify({ type: "proxy_offline", proxyId });
@@ -1067,6 +1036,15 @@ function broadcastProxyList(registry, chaos) {
     else clientWs.send(msg);
   }
 }
+function rejectNotRegistered(ws) {
+  ws.send(
+    JSON.stringify({
+      type: "relay_error",
+      code: RelayErrorCode.NOT_REGISTERED,
+      message: "Proxy must register before sending messages"
+    })
+  );
+}
 function handleProxyConnection(ws, registry, logger, chaos) {
   const proxyWs = ws;
   proxyWs.isAlive = true;
@@ -1099,6 +1077,13 @@ function handleProxyConnection(ws, registry, logger, chaos) {
       }
       return;
     }
+    if (data.length > MAX_JSON_MESSAGE_SIZE) {
+      logger.warn(
+        { size: data.length, proxyId: proxyWs.proxyId },
+        "JSON message rejected: exceeds max size"
+      );
+      return;
+    }
     const raw = data.toString();
     const result = parseMessage(raw);
     if (result.kind === "control" && result.message.type === "proxy_register") {
@@ -1107,7 +1092,7 @@ function handleProxyConnection(ws, registry, logger, chaos) {
       proxyWs.proxyId = proxyId;
       logger.info({ proxyId, status }, "Proxy registered");
       proxyWs.send(
-        JSON.stringify({
+        serializeControl({
           type: "proxy_register_response",
           status
         })
@@ -1133,25 +1118,17 @@ function handleProxyConnection(ws, registry, logger, chaos) {
     }
     if (result.kind === "control" && result.message.type === "session_sync") {
       if (!proxyWs.proxyId) return;
-      const sessions = result.message.sessions;
-      if (Array.isArray(sessions)) {
-        for (const s of sessions) {
-          registry.addSessionToProxy(proxyWs.proxyId, s.id);
-        }
-        logger.info({ proxyId: proxyWs.proxyId, count: sessions.length }, "Session sync received");
+      const { sessions } = result.message;
+      for (const s of sessions) {
+        registry.addSessionToProxy(proxyWs.proxyId, s.id);
       }
+      logger.info({ proxyId: proxyWs.proxyId, count: sessions.length }, "Session sync received");
       return;
     }
     if (result.kind === "control") {
       if (isProxyToClientRelayControlType(result.message.type)) {
         if (!proxyWs.proxyId) {
-          proxyWs.send(
-            JSON.stringify({
-              type: "relay_error",
-              code: RelayErrorCode.NOT_REGISTERED,
-              message: "Proxy must register before sending messages"
-            })
-          );
+          rejectNotRegistered(proxyWs);
           return;
         }
         const clients = registry.getClientsForProxy(proxyWs.proxyId);
@@ -1178,13 +1155,7 @@ function handleProxyConnection(ws, registry, logger, chaos) {
     }
     if (result.kind === "envelope") {
       if (!proxyWs.proxyId) {
-        proxyWs.send(
-          JSON.stringify({
-            type: "relay_error",
-            code: RelayErrorCode.NOT_REGISTERED,
-            message: "Proxy must register before sending messages"
-          })
-        );
+        rejectNotRegistered(proxyWs);
         return;
       }
       routeProxyMessage(raw, proxyWs.proxyId, registry, logger, chaos);
@@ -1202,19 +1173,31 @@ function handleProxyConnection(ws, registry, logger, chaos) {
       return;
     }
   });
-  proxyWs.on("close", () => {
-    if (proxyWs.proxyId) {
-      notifyClientsProxyOffline(proxyWs.proxyId, registry, logger, chaos);
-      try {
-        registry.transitionProxy(proxyWs.proxyId, "online", "offline");
-      } catch {
-      }
+  proxyWs.on("close", (code, reason) => {
+    if (!proxyWs.proxyId) return;
+    const closeMeta = { code, reason: reason.toString() || void 0 };
+    const current = registry.getProxy(proxyWs.proxyId);
+    if (current && current !== proxyWs) {
       logger.info(
-        { proxyId: proxyWs.proxyId },
-        "Proxy disconnected, state preserved for reconnect"
+        { proxyId: proxyWs.proxyId, ...closeMeta },
+        "Old proxy ws closed after being superseded by reconnect, skipping offline transition"
       );
-      broadcastProxyList(registry, chaos);
+      return;
     }
+    notifyClientsProxyOffline(proxyWs.proxyId, registry, logger, chaos);
+    try {
+      registry.transitionProxy(proxyWs.proxyId, "online", "offline");
+    } catch (err) {
+      logger.debug(
+        { proxyId: proxyWs.proxyId, err: String(err) },
+        "transitionProxy on close skipped"
+      );
+    }
+    logger.info(
+      { proxyId: proxyWs.proxyId, ...closeMeta },
+      "Proxy disconnected, state preserved for reconnect"
+    );
+    broadcastProxyList(registry, chaos);
   });
   proxyWs.on("error", (err) => {
     logger.error({ err, proxyId: proxyWs.proxyId }, "Proxy WebSocket error");
@@ -1224,6 +1207,7 @@ function handleProxyConnection(ws, registry, logger, chaos) {
 // src/handlers/client.ts
 import { WebSocket as WebSocket4 } from "ws";
 import { nanoid } from "nanoid";
+var MAX_JSON_MESSAGE_SIZE2 = 1 * 1024 * 1024;
 function handleClientRegister(clientId, clientWs, registry, logger) {
   clientWs.clientId = clientId;
   const binding = registry.getClientBinding(clientId);
@@ -1260,6 +1244,26 @@ function handleClientRegister(clientId, clientWs, registry, logger) {
   );
   logger.info({ clientId, proxyId, status: "restored" }, "Client registered");
 }
+function rejectNotBound(ws) {
+  ws.send(
+    JSON.stringify({
+      type: "relay_error",
+      code: RelayErrorCode.NOT_BOUND,
+      message: "Client is not bound to any proxy"
+    })
+  );
+}
+function rejectProxySelect(ws, requestId, proxyId) {
+  ws.send(
+    JSON.stringify({
+      type: "proxy_select_response",
+      requestId,
+      success: false,
+      errorCode: ControlErrorCode.PROXY_OFFLINE,
+      error: `Proxy not online: ${proxyId}`
+    })
+  );
+}
 function handleClientConnection(ws, registry, logger, chaos) {
   const clientWs = ws;
   clientWs.isAlive = true;
@@ -1271,6 +1275,13 @@ function handleClientConnection(ws, registry, logger, chaos) {
     if (isBinary) {
       return;
     }
+    if (data.length > MAX_JSON_MESSAGE_SIZE2) {
+      logger.warn(
+        { size: data.length, clientId: clientWs.clientId },
+        "JSON message rejected: exceeds max size"
+      );
+      return;
+    }
     const raw = data.toString();
     const result = parseMessage(raw);
     if (result.kind === "control") {
@@ -1304,15 +1315,9 @@ function handleClientConnection(ws, registry, logger, chaos) {
         return;
       }
       if (isClientToProxyRelayControlType(msg.type)) {
-        const targetProxyId = ("proxyId" in msg ? msg.proxyId : void 0) || clientWs.boundProxyId;
+        const targetProxyId = clientWs.boundProxyId;
         if (!targetProxyId) {
-          clientWs.send(
-            JSON.stringify({
-              type: "relay_error",
-              code: RelayErrorCode.NOT_BOUND,
-              message: "Client is not bound to any proxy"
-            })
-          );
+          rejectNotBound(clientWs);
           return;
         }
         const proxyWs = registry.getProxy(targetProxyId);
@@ -1332,15 +1337,7 @@ function handleClientConnection(ws, registry, logger, chaos) {
       }
       if (msg.type === "proxy_select") {
         if (!registry.isProxyOnline(msg.proxyId)) {
-          clientWs.send(
-            JSON.stringify({
-              type: "proxy_select_response",
-              requestId: msg.requestId,
-              success: false,
-              errorCode: ControlErrorCode.PROXY_OFFLINE,
-              error: `Proxy not online: ${msg.proxyId}`
-            })
-          );
+          rejectProxySelect(clientWs, msg.requestId, msg.proxyId);
           return;
         }
         if (!clientWs.clientId) {
@@ -1348,15 +1345,7 @@ function handleClientConnection(ws, registry, logger, chaos) {
         }
         const bound = registry.bindClientById(clientWs.clientId, msg.proxyId, clientWs);
         if (!bound) {
-          clientWs.send(
-            JSON.stringify({
-              type: "proxy_select_response",
-              requestId: msg.requestId,
-              success: false,
-              errorCode: ControlErrorCode.PROXY_OFFLINE,
-              error: `Proxy not online: ${msg.proxyId}`
-            })
-          );
+          rejectProxySelect(clientWs, msg.requestId, msg.proxyId);
           return;
         }
         clientWs.boundProxyId = msg.proxyId;
@@ -1388,13 +1377,7 @@ function handleClientConnection(ws, registry, logger, chaos) {
     }
     if (result.kind === "envelope") {
       if (!clientWs.boundProxyId) {
-        clientWs.send(
-          JSON.stringify({
-            type: "relay_error",
-            code: RelayErrorCode.NOT_BOUND,
-            message: "Client is not bound to any proxy"
-          })
-        );
+        rejectNotBound(clientWs);
         return;
       }
       routeClientMessage(raw, clientWs.boundProxyId, clientWs, registry, logger, chaos);
@@ -1411,6 +1394,9 @@ function handleClientConnection(ws, registry, logger, chaos) {
   });
   clientWs.on("close", () => {
     registry.removeClientWs(clientWs);
+    if (clientWs.clientId) {
+      registry.unbindClientById(clientWs.clientId);
+    }
     logger.info({ clientId: clientWs.clientId }, "Client disconnected");
   });
   clientWs.on("error", (err) => {
@@ -1488,6 +1474,11 @@ function createRelayServer(options) {
   const { heartbeatInterval = 3e4, logger, dataDir, proxyToken, clientToken, chaos } = options;
   const proxyTokenRequired = typeof proxyToken === "string" && proxyToken.length > 0;
   const clientTokenRequired = typeof clientToken === "string" && clientToken.length > 0;
+  const allowedOriginsSet = options.allowedOrigins && options.allowedOrigins.length > 0 ? new Set(options.allowedOrigins) : null;
+  const checkOrigin = (origin) => {
+    if (!allowedOriginsSet) return true;
+    return typeof origin === "string" && allowedOriginsSet.has(origin);
+  };
   if (!proxyTokenRequired) {
     logger.warn(
       "proxy auth token not set, /proxy endpoint is open \u2014 ok for dev, not for public relay"
@@ -1512,7 +1503,7 @@ function createRelayServer(options) {
     );
   }
   const app = express();
-  const fontsDir = dataDir ? `${dataDir}/fonts` : `${homedir2()}/.dev-anywhere/relay-data/fonts`;
+  const fontsDir = dataDir ? `${dataDir}/fonts` : `${homedir()}/.dev-anywhere/relay-data/fonts`;
   const fontAssetDir = options.fontAssetDir ?? PACKAGED_FONTS_DIR;
   app.use(
     "/fonts",
@@ -1549,6 +1540,16 @@ function createRelayServer(options) {
   httpServer.on("upgrade", (request, socket, head) => {
     const url = new URL(request.url ?? "/", "http://localhost");
     const { pathname } = url;
+    const origin = request.headers.origin;
+    if (!checkOrigin(origin)) {
+      logger.warn(
+        { ip: request.socket.remoteAddress, origin: origin ?? "(missing)", pathname },
+        "rejected upgrade: origin not in allowedOrigins"
+      );
+      socket.write("HTTP/1.1 403 Forbidden\r\n\r\n");
+      socket.destroy();
+      return;
+    }
     if (pathname === "/proxy") {
       if (proxyTokenRequired) {
         const token = url.searchParams.get("token");
@@ -1627,9 +1628,8 @@ function createRelayServer(options) {
 }
 export {
-  createLogger,
   RELAY_VERSION,
   parseRelayChaosFromEnv,
   createRelayServer
 };
-//# sourceMappingURL=chunk-ZFCNDSFL.js.map
+//# sourceMappingURL=chunk-SM2GRUCV.js.map