@elizaos/agent 2.0.0-alpha.428 → 2.0.0-alpha.430

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elizaos/agent",
-  "version": "2.0.0-alpha.428",
+  "version": "2.0.0-alpha.430",
   "description": "Standalone elizaOS-based agent and backend server package.",
   "type": "module",
   "license": "MIT",
@@ -467,7 +467,7 @@
     "@elizaos/app-steward": "^0.0.0",
     "@elizaos/app-task-coordinator": "^0.0.0",
     "@elizaos/app-training": "^0.0.1",
-    "@elizaos/core": "^2.0.0-alpha.428",
+    "@elizaos/core": "^2.0.0-alpha.430",
     "@elizaos/plugin-agent-orchestrator": "^0.6.2-alpha.0",
     "@elizaos/plugin-browser-bridge": "^0.1.0",
     "@elizaos/plugin-local-embedding": "^2.0.0-alpha.12",
@@ -476,8 +476,8 @@
     "@elizaos/plugin-solana": "^2.0.0-alpha.6",
     "@elizaos/plugin-sql": "^2.0.0-alpha.19",
     "@elizaos/plugin-wechat": "^0.1.0",
-    "@elizaos/shared": "^2.0.0-alpha.428",
-    "@elizaos/skills": "^2.0.0-alpha.428",
+    "@elizaos/shared": "^2.0.0-alpha.430",
+    "@elizaos/skills": "^2.0.0-alpha.430",
     "@hapi/boom": "^10.0.1",
     "@noble/curves": "^2.0.1",
     "@solana/web3.js": "^1.98.4",

package/packages/agent/src/api/accounts-routes.js

@@ -426,14 +426,29 @@ async function handleOAuthRoutes(ctx, providerId, rest) {
             error(res, parsed.error.issues[0]?.message ?? "Invalid body", 400);
             return true;
         }
-        // Reserve an accountId and the priority slot up front so the
-        // post-save hook lands at a deterministic position.
+        // Reserve an accountId up front so the OAuth flow can wire it
+        // into the credential record before any token exchange completes.
+        // Priority is computed AT SAVE TIME, not now: pre-allocating leaks
+        // a stale priority if two users start parallel OAuth flows before
+        // either completes (both would get the same number). Computing in
+        // the post-save hook is monotonic regardless of concurrency since
+        // the on-disk credential file appears strictly before the hook
+        // fires.
         const accountId = nodeCrypto.randomUUID();
         const pool = await getPool();
-        const priority = nextPriorityFromPool(pool, providerId);
-        const onAccountSaved = (record) => {
-            const linkedConfig = buildLinkedAccountConfigFromRecord(record, priority);
-            void pool.upsert(linkedConfig);
+        const onAccountSaved = async (record) => {
+            // Exclude the just-saved record from the priority calc — its
+            // credential file already exists on disk so `pool.list` would
+            // include it at a default priority (createdAt-sorted index),
+            // which would push the new max one too high.
+            const others = pool
+                .list(providerId)
+                .filter((a) => a.id !== record.id);
+            const livePriority = others.length === 0
+                ? 0
+                : Math.max(...others.map((a) => a.priority)) + 1;
+            const linkedConfig = buildLinkedAccountConfigFromRecord(record, livePriority);
+            await pool.upsert(linkedConfig);
         };
         const startFlow = subscription === "anthropic-subscription"
             ? startAnthropicOAuthFlow

package/packages/app-core/src/components/accounts/AccountList.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AccountList.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/accounts/AccountList.tsx"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAU/D,UAAU,gBAAgB;IACxB,UAAU,EAAE,uBAAuB,CAAC;CACrC;AAOD,wBAAgB,WAAW,CAAC,EAAE,UAAU,EAAE,EAAE,gBAAgB,2CA8I3D"}
+{"version":3,"file":"AccountList.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/accounts/AccountList.tsx"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAU/D,UAAU,gBAAgB;IACxB,UAAU,EAAE,uBAAuB,CAAC;CACrC;AAOD,wBAAgB,WAAW,CAAC,EAAE,UAAU,EAAE,EAAE,gBAAgB,2CA6J3D"}

package/packages/app-core/src/components/accounts/AccountList.js

@@ -44,16 +44,33 @@ export function AccountList({ providerId }) {
         const neighbour = sorted[neighbourIndex];
         if (!self || !neighbour || self.priority === neighbour.priority)
             return;
-        // Swap priorities. We patch the lower-priority one to a temp
-        // sentinel first to avoid the unique-priority assumption later
-        // consumers might add — for the current pool there's no uniqueness
-        // constraint, so two sequential patches are enough.
+        const selfOriginal = self.priority;
+        const neighbourOriginal = neighbour.priority;
+        // Swap priorities via two sequential PATCHes. There's no atomic
+        // server-side swap, so on failure of the second call we roll the
+        // first one back so the user doesn't end up with two accounts at
+        // the same priority. Worst case a partial-failure leaves the
+        // original ordering with a flash; never a corrupted ordering.
         await accounts.patch(providerId, self.id, {
-            priority: neighbour.priority,
-        });
-        await accounts.patch(providerId, neighbour.id, {
-            priority: self.priority,
+            priority: neighbourOriginal,
         });
+        try {
+            await accounts.patch(providerId, neighbour.id, {
+                priority: selfOriginal,
+            });
+        }
+        catch (err) {
+            try {
+                await accounts.patch(providerId, self.id, {
+                    priority: selfOriginal,
+                });
+            }
+            catch {
+                // Rollback failed — refresh will reconcile from server state.
+                void accounts.refresh();
+            }
+            throw err;
+        }
     }, [accounts, providerId, sorted]);
     if (accounts.loading && !accounts.data) {
         return (_jsxs("div", { className: "mt-3 flex items-center gap-2 text-xs text-muted", children: [_jsx(Spinner, { className: "h-3 w-3" }), t("accounts.loading", { defaultValue: "Loading accounts…" })] }));

package/packages/app-core/src/components/accounts/AddAccountDialog.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AddAccountDialog.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/accounts/AddAccountDialog.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAeH,OAAO,KAAK,EACV,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AAYzB,UAAU,qBAAqB;IAC7B,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,uBAAuB,CAAC;IACpC,OAAO,EAAE,MAAM,IAAI,CAAC;IACpB,SAAS,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,IAAI,CAAC;CACnD;AAoDD,wBAAgB,gBAAgB,CAAC,EAC/B,IAAI,EACJ,UAAU,EACV,OAAO,EACP,SAAS,GACV,EAAE,qBAAqB,2CAkZvB"}
+{"version":3,"file":"AddAccountDialog.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/accounts/AddAccountDialog.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAeH,OAAO,KAAK,EACV,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AAYzB,UAAU,qBAAqB;IAC7B,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,uBAAuB,CAAC;IACpC,OAAO,EAAE,MAAM,IAAI,CAAC;IACpB,SAAS,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,IAAI,CAAC;CACnD;AAoDD,wBAAgB,gBAAgB,CAAC,EAC/B,IAAI,EACJ,UAAU,EACV,OAAO,EACP,SAAS,GACV,EAAE,qBAAqB,2CAwdvB"}

package/packages/app-core/src/components/accounts/AddAccountDialog.js

@@ -67,6 +67,14 @@ export function AddAccountDialog({ open, providerId, onClose, onCreated, }) {
     const [sessionId, setSessionId] = useState(null);
     const eventSourceRef = useRef(null);
     const sessionIdRef = useRef(null);
+    // Mirrors the `open` prop in a ref so async paths (`startOAuth` mid-
+    // await) can detect that the dialog was closed before
+    // `client.startAccountOAuth` resolved and immediately cancel the
+    // freshly-created server-side flow.
+    const openRef = useRef(open);
+    useEffect(() => {
+        openRef.current = open;
+    }, [open]);
     const closeEventSource = useCallback(() => {
         if (eventSourceRef.current) {
             eventSourceRef.current.close();
@@ -114,10 +122,28 @@ export function AddAccountDialog({ open, providerId, onClose, onCreated, }) {
         const url = `/api/accounts/${providerId}/oauth/status?sessionId=${encodeURIComponent(newSessionId)}`;
         const source = new EventSource(url);
         eventSourceRef.current = source;
+        // EventSource auto-reconnects on transient network blips, which
+        // is fine. But persistent failures (server gone, route 404) just
+        // toggle readyState=2 forever and the user is stuck on "Waiting
+        // for browser…". Surface that after a small grace period so the
+        // user can retry instead of staring at a spinner.
+        let connectedOnce = false;
+        let persistentErrorTimer = null;
+        const cancelPersistentErrorTimer = () => {
+            if (persistentErrorTimer) {
+                clearTimeout(persistentErrorTimer);
+                persistentErrorTimer = null;
+            }
+        };
+        source.onopen = () => {
+            connectedOnce = true;
+            cancelPersistentErrorTimer();
+        };
         source.onmessage = (event) => {
             try {
                 const data = JSON.parse(event.data);
                 if (data.status === "success" && data.account) {
+                    cancelPersistentErrorTimer();
                     closeEventSource();
                     sessionIdRef.current = null;
                     onCreated(data.account);
@@ -126,6 +152,7 @@ export function AddAccountDialog({ open, providerId, onClose, onCreated, }) {
                 else if (data.status === "error" ||
                     data.status === "cancelled" ||
                     data.status === "timeout") {
+                    cancelPersistentErrorTimer();
                     closeEventSource();
                     sessionIdRef.current = null;
                     setErrorMessage(data.error ??
@@ -144,7 +171,24 @@ export function AddAccountDialog({ open, providerId, onClose, onCreated, }) {
             }
         };
         source.onerror = () => {
-            // Auto-reconnect noise; ignore unless we hit a terminal status.
+            // EventSource readyState: 0=connecting, 1=open, 2=closed.
+            // If we're at 2 and never got an `onopen`, the route is
+            // unreachable. Give the browser ~5s to retry; if it can't
+            // recover, surface the error.
+            if (persistentErrorTimer)
+                return;
+            persistentErrorTimer = setTimeout(() => {
+                persistentErrorTimer = null;
+                if (!connectedOnce &&
+                    eventSourceRef.current?.readyState === EventSource.CLOSED) {
+                    closeEventSource();
+                    sessionIdRef.current = null;
+                    setErrorMessage(t("accounts.add.oauth.sseUnreachable", {
+                        defaultValue: "Lost connection to the OAuth status stream. Try again.",
+                    }));
+                    setStep("error");
+                }
+            }, 5_000);
         };
     }, [closeEventSource, onClose, onCreated, providerId, t]);
     const startOAuth = useCallback(async () => {
@@ -159,6 +203,28 @@ export function AddAccountDialog({ open, providerId, onClose, onCreated, }) {
             const flow = await client.startAccountOAuth(providerId, {
                 label: label.trim(),
             });
+            // The dialog might have been closed between user clicking "Sign
+            // in" and the server returning the flow handle. If so, the
+            // server-side OAuth listener is orphaned — cancel it explicitly
+            // so the loopback port releases immediately instead of timing
+            // out in 5 minutes.
+            if (!openRef.current) {
+                try {
+                    await client.cancelAccountOAuth(providerId, {
+                        sessionId: flow.sessionId,
+                    });
+                }
+                catch {
+                    // Best-effort.
+                }
+                try {
+                    win?.close();
+                }
+                catch {
+                    // Cross-origin — ignore.
+                }
+                return;
+            }
             navigatePreOpenedWindow(win, flow.authUrl);
             sessionIdRef.current = flow.sessionId;
             setSessionId(flow.sessionId);

package/packages/app-core/src/components/settings/ProviderSwitcher.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ProviderSwitcher.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/settings/ProviderSwitcher.tsx"],"names":[],"mappings":"AAkCA,OAAO,EAAkC,KAAK,cAAc,EAAE,MAAM,WAAW,CAAC;AAahF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAqBhD,UAAU,UAAU;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;CAC9C;AASD,UAAU,qBAAqB;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC;IACvB,YAAY,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,iBAAiB,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,sBAAsB,CAAC,EAAE,CACvB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAwJD,wBAAgB,gBAAgB,CAAC,KAAK,GAAE,qBAA0B,2CA27BjE"}
+{"version":3,"file":"ProviderSwitcher.d.ts","sourceRoot":"","sources":["../../../../../../../app-core/src/components/settings/ProviderSwitcher.tsx"],"names":[],"mappings":"AAkCA,OAAO,EAAkC,KAAK,cAAc,EAAE,MAAM,WAAW,CAAC;AAahF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAqBhD,UAAU,UAAU;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;CAC9C;AASD,UAAU,qBAAqB;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC;IACvB,YAAY,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,iBAAiB,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChC,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,sBAAsB,CAAC,EAAE,CACvB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAwJD,wBAAgB,gBAAgB,CAAC,KAAK,GAAE,qBAA0B,2CAg8BjE"}

package/packages/app-core/src/components/settings/ProviderSwitcher.js

@@ -568,6 +568,16 @@ export function ProviderSwitcher(props = {}) {
                                 (largeModelOptions.length > 0 || cloudModelSchema) ? (_jsxs("div", { className: "border-border/40 border-t px-4 py-4 sm:px-5", children: [largeModelOptions.length > 0 ? (_jsxs("div", { children: [_jsx("label", { htmlFor: "provider-switcher-primary-model", className: "mb-1.5 block text-muted text-xs font-medium uppercase tracking-wider", children: t("providerswitcher.model", { defaultValue: "Model" }) }), _jsxs(Select, { value: currentLargeModel || "", onValueChange: (v) => handleModelFieldChange("large", v), children: [_jsx(SelectTrigger, { id: "provider-switcher-primary-model", className: "h-9 w-full max-w-sm rounded-lg border border-border bg-card text-sm", children: _jsx(SelectValue, { placeholder: t("providerswitcher.chooseModel", {
                                                                 defaultValue: "Choose a model",
                                                             }) }) }), _jsx(SelectContent, { className: "max-h-64", children: largeModelOptions.map((model) => (_jsx(SelectItem, { value: model.id, children: model.name }, model.id))) })] })] })) : null, cloudModelSchema ? (_jsx(AdvancedSettingsDisclosure, { title: "Model overrides", className: "mt-4", children: _jsx(ConfigRenderer, { schema: cloudModelSchema.schema, hints: cloudModelSchema.hints, values: modelValues.values, setKeys: modelValues.setKeys, registry: defaultRegistry, onChange: handleModelFieldChange }) })) : null, _jsxs("div", { className: "mt-2 flex items-center justify-between gap-2", children: [_jsx("p", { className: "text-muted text-xs-tight", children: t("providerswitcher.restartRequiredHint", appNameInterpolationVars(branding)) }), _jsxs("div", { className: "flex items-center gap-2", children: [modelSaving && (_jsx("span", { className: "inline-flex items-center text-muted", title: t("providerswitcher.savingRestarting"), role: "status", "aria-label": t("providerswitcher.savingRestarting"), children: _jsx(Loader2, { className: "h-3.5 w-3.5 animate-spin" }) })), modelSaveSuccess && (_jsx("span", { className: "inline-flex items-center text-ok", title: t("providerswitcher.savedRestartingAgent"), role: "status", "aria-label": t("providerswitcher.savedRestartingAgent"), children: _jsx(CheckCircle2, { className: "h-3.5 w-3.5" }) }))] })] })] })) : null] })) : null, isSubscriptionProviderSelectionId(visibleProviderPanelId) ? (_jsxs("div", { className: "min-w-0", children: [_jsx(ProviderPanelHeader, { icon: KeyRound, title: getSubscriptionProviderLabel(SUBSCRIPTION_PROVIDER_SELECTIONS.find((provider) => provider.id === visibleProviderPanelId) ?? SUBSCRIPTION_PROVIDER_SELECTIONS[0], t), description: "Connect subscription-backed access for models and task agents.", children: cloudCallsDisabled ||
-                                    resolvedSelectedId !== visibleProviderPanelId ? (_jsx(Button, { type: "button", variant: "outline", className: "h-8 rounded-lg px-2.5 text-xs", onClick: () => void handleSelectSubscription(visibleProviderPanelId), children: "Use subscription" })) : null }), _jsxs("div", { className: "px-3 py-3 sm:px-4", children: [cloudCallsDisabled ? (_jsx("div", { className: "mb-3 rounded-lg border border-warn/30 bg-warn/5 px-3 py-2 text-warn text-xs-tight", children: "Local-only active. Remote subscription routing is paused." })) : null, _jsx(SubscriptionStatus, { resolvedSelectedId: visibleProviderPanelId, subscriptionStatus: subscriptionStatus, anthropicConnected: anthropicConnected, setAnthropicConnected: setAnthropicConnected, anthropicCliDetected: anthropicCliDetected, openaiConnected: openaiConnected, setOpenaiConnected: setOpenaiConnected, handleSelectSubscription: handleSelectSubscription, loadSubscriptionStatus: loadSubscriptionStatus }), _jsx(AccountList, { providerId: SUBSCRIPTION_PROVIDER_SELECTIONS.find((p) => p.id === visibleProviderPanelId)?.storedProvider ?? "anthropic-subscription" })] })] })) : null, selectedPanelProvider ? (_jsxs("div", { className: "min-w-0", children: [_jsx(ProviderPanelHeader, { icon: KeyRound, title: apiProviderChoices.find((choice) => choice.id === visibleProviderPanelId)?.label ?? selectedPanelProvider.name, description: "Use your own provider API key and model routing.", children: cloudCallsDisabled ||
+                                    resolvedSelectedId !== visibleProviderPanelId ? (_jsx(Button, { type: "button", variant: "outline", className: "h-8 rounded-lg px-2.5 text-xs", onClick: () => void handleSelectSubscription(visibleProviderPanelId), children: "Use subscription" })) : null }), _jsxs("div", { className: "px-3 py-3 sm:px-4", children: [cloudCallsDisabled ? (_jsx("div", { className: "mb-3 rounded-lg border border-warn/30 bg-warn/5 px-3 py-2 text-warn text-xs-tight", children: "Local-only active. Remote subscription routing is paused." })) : null, _jsx(SubscriptionStatus, { resolvedSelectedId: visibleProviderPanelId, subscriptionStatus: subscriptionStatus, anthropicConnected: anthropicConnected, setAnthropicConnected: setAnthropicConnected, anthropicCliDetected: anthropicCliDetected, openaiConnected: openaiConnected, setOpenaiConnected: setOpenaiConnected, handleSelectSubscription: handleSelectSubscription, loadSubscriptionStatus: loadSubscriptionStatus }), (() => {
+                                        const selection = SUBSCRIPTION_PROVIDER_SELECTIONS.find((p) => p.id === visibleProviderPanelId);
+                                        // The outer `isSubscriptionProviderSelectionId` guard
+                                        // makes this lookup non-null in practice; the explicit
+                                        // null check is defensive against future panel ids
+                                        // that pass the guard but aren't in the selections
+                                        // table (e.g. a renamed enum left half-migrated).
+                                        if (!selection)
+                                            return null;
+                                        return _jsx(AccountList, { providerId: selection.storedProvider });
+                                    })()] })] })) : null, selectedPanelProvider ? (_jsxs("div", { className: "min-w-0", children: [_jsx(ProviderPanelHeader, { icon: KeyRound, title: apiProviderChoices.find((choice) => choice.id === visibleProviderPanelId)?.label ?? selectedPanelProvider.name, description: "Use your own provider API key and model routing.", children: cloudCallsDisabled ||
                                     resolvedSelectedId !== visibleProviderPanelId ? (_jsx(Button, { type: "button", variant: "outline", className: "h-8 rounded-lg px-2.5 text-xs", onClick: () => void handleSwitchProvider(visibleProviderPanelId), children: "Use provider" })) : null }), _jsxs("div", { className: "px-3 py-3 sm:px-4", children: [cloudCallsDisabled ? (_jsx("div", { className: "mb-3 rounded-lg border border-warn/30 bg-warn/5 px-3 py-2 text-warn text-xs-tight", children: "Local-only active. Remote API routing is paused." })) : null, _jsx(ApiKeyConfig, { selectedProvider: selectedPanelProvider, pluginSaving: pluginSaving, pluginSaveSuccess: pluginSaveSuccess, handlePluginConfigSave: handlePluginConfigSave, loadPlugins: loadPlugins })] })] })) : null] })] }));
 }

package/packages/app-core/src/i18n/locales/en.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/es.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/ko.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/pt.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/tl.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/vi.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",

package/packages/app-core/src/i18n/locales/zh-CN.json

@@ -6,13 +6,16 @@
     "accounts.add.disabledHint": "API-key accounts for this provider are not yet supported.",
     "accounts.add.label": "Account name",
     "accounts.add.labelPlaceholder": "e.g. Personal, Work",
+    "accounts.add.oauth.cancelled": "Login cancelled.",
     "accounts.add.oauth.codeFailed": "Failed to submit code.",
     "accounts.add.oauth.codeHint": "Auto-redirect didn't reach us. Paste the code (or full redirect URL) from the browser.",
     "accounts.add.oauth.codePlaceholder": "Paste the code or redirect URL",
+    "accounts.add.oauth.error": "Login failed.",
     "accounts.add.oauth.sessionHint": "Session: {{sessionId}}",
     "accounts.add.oauth.startFailed": "Failed to start login flow.",
     "accounts.add.oauth.starting": "Starting login flow...",
     "accounts.add.oauth.submitCode": "Submit code",
+    "accounts.add.oauth.timeout": "Login timed out. Try again.",
     "accounts.add.oauth.waiting": "Waiting for browser... Complete the sign-in there.",
     "accounts.add.save": "Add account",
     "accounts.add.signIn": "Sign in with {{provider}}",
@@ -52,6 +55,14 @@
     "accounts.source.oauth": "OAuth",
     "accounts.strategy.choose": "Choose strategy",
     "accounts.strategy.label": "Strategy",
+    "accounts.strategy.leastUsed.description": "Prefer the account with the lowest current usage.",
+    "accounts.strategy.leastUsed.label": "Least used",
+    "accounts.strategy.priority.description": "Always prefer the top healthy account.",
+    "accounts.strategy.priority.label": "Priority",
+    "accounts.strategy.quotaAware.description": "Skip accounts above 85% utilization.",
+    "accounts.strategy.quotaAware.label": "Quota-aware",
+    "accounts.strategy.roundRobin.description": "Alternate across enabled accounts.",
+    "accounts.strategy.roundRobin.label": "Round-robin",
     "accounts.test": "Test",
     "accounts.usage.none": "No usage data yet - click Refresh to probe.",
     "accounts.usage.session": "Session",