@elsium-ai/app 0.2.1 → 0.2.3

package/README.md

@@ -8,37 +8,522 @@ App bootstrap, HTTP server, and API routes for [ElsiumAI](https://github.com/els
 ## Install
 
 ```bash
-npm install @elsium-ai/app @elsium-ai/core
+npm install @elsium-ai/app
 ```
 
 ## What's Inside
 
-- **HTTP Server** — Built-in server with route definitions
-- **CORS** — Configurable cross-origin resource sharing
-- **Auth** — Authentication middleware
-- **Rate Limiting** — Request rate limiting per client
-- **RBAC** — Role-based access control with inheritance and wildcard matching
+| Category | Export | Kind |
+| --- | --- | --- |
+| **App** | `createApp` | Function |
+| | `ElsiumApp` | Interface |
+| **Types** | `AppConfig` | Interface |
+| | `ServerConfig` | Interface |
+| | `CorsConfig` | Interface |
+| | `AuthConfig` | Interface |
+| | `RateLimitConfig` | Interface |
+| | `ChatRequest` | Interface |
+| | `ChatResponse` | Interface |
+| | `CompleteRequest` | Interface |
+| | `HealthResponse` | Interface |
+| | `MetricsResponse` | Interface |
+| **Middleware** | `corsMiddleware` | Function |
+| | `authMiddleware` | Function |
+| | `rateLimitMiddleware` | Function |
+| **Routes** | `createRoutes` | Function |
+| | `RoutesDeps` | Interface |
+| **RBAC** | `createRBAC` | Function |
+| | `Permission` | Type |
+| | `Role` | Interface |
+| | `RBACConfig` | Interface |
+| | `RBAC` | Interface |
 
-## Usage
+---
 
-```typescript
-import { createApp, createRBAC } from '@elsium-ai/app'
+## App
+
+### `createApp`
+
+Creates and returns a fully configured ElsiumAI application with a gateway, tracer, middleware stack, agent registry, and HTTP routes.
+
+```ts
+function createApp(config: AppConfig): ElsiumApp
+```
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `config` | `AppConfig` | Full application configuration including gateway, agents, observability, and server settings. |
+
+**Returns** `ElsiumApp` -- the application handle exposing the Hono instance, gateway, tracer, and a `listen` method to start the HTTP server.
+
+```ts
+import { createApp } from '@elsium-ai/app'
+
+const app = createApp({
+  gateway: {
+    providers: {
+      openai: { apiKey: process.env.OPENAI_API_KEY! },
+    },
+    defaultModel: 'gpt-4o',
+  },
+  server: {
+    port: 3000,
+    cors: { origin: ['http://localhost:5173'], credentials: true },
+    auth: { type: 'bearer', token: process.env.API_TOKEN! },
+    rateLimit: { windowMs: 60_000, maxRequests: 100 },
+  },
+})
+
+const { port, stop } = app.listen()
+console.log(`Listening on port ${port}`)
+```
+
+### `ElsiumApp`
+
+The object returned by `createApp`. Provides access to the underlying Hono app, gateway, tracer, and a method to start the HTTP server.
+
+```ts
+interface ElsiumApp {
+  readonly hono: Hono
+  readonly gateway: Gateway
+  readonly tracer: Tracer
+  listen(port?: number): { port: number; stop: () => void }
+}
+```
+
+| Property / Method | Type | Description |
+| --- | --- | --- |
+| `hono` | `Hono` | The underlying Hono application instance. Use it to add custom routes or middleware. |
+| `gateway` | `Gateway` | The configured LLM gateway. |
+| `tracer` | `Tracer` | The observability tracer for cost and latency tracking. |
+| `listen(port?)` | `(port?: number) => { port: number; stop: () => void }` | Starts the HTTP server. Falls back to `server.port` from config, then `3000`. Returns the resolved port and a `stop` function to shut down the server. |
+
+---
+
+## Types
+
+### `AppConfig`
+
+Top-level configuration object passed to `createApp`.
+
+```ts
+interface AppConfig {
+  gateway: {
+    providers: Record<string, { apiKey: string; baseUrl?: string }>
+    defaultModel?: string
+  }
+  agents?: Agent[]
+  rag?: RAGPipeline
+  observe?: {
+    tracing?: boolean
+    costTracking?: boolean
+    export?: string
+  }
+  server?: ServerConfig
+}
+```
+
+### `ServerConfig`
+
+HTTP server and middleware configuration.
+
+```ts
+interface ServerConfig {
+  port?: number
+  hostname?: string
+  cors?: boolean | CorsConfig
+  auth?: AuthConfig
+  rateLimit?: RateLimitConfig
+}
+```
+
+### `CorsConfig`
+
+Fine-grained CORS settings. When `cors` in `ServerConfig` is set to `true`, sensible defaults are used.
+
+```ts
+interface CorsConfig {
+  origin?: string | string[]
+  methods?: string[]
+  headers?: string[]
+  credentials?: boolean
+}
+```
+
+### `AuthConfig`
+
+Bearer-token authentication configuration. The middleware uses timing-safe comparison to validate tokens.
+
+```ts
+interface AuthConfig {
+  type: 'bearer'
+  token: string
+}
+```
+
+### `RateLimitConfig`
+
+Per-client sliding-window rate limiting configuration.
+
+```ts
+interface RateLimitConfig {
+  windowMs: number
+  maxRequests: number
+}
+```
+
+### `ChatRequest`
+
+Request body for the `POST /chat` endpoint.
+
+```ts
+interface ChatRequest {
+  message: string
+  agent?: string
+  stream?: boolean
+}
+```
+
+### `ChatResponse`
+
+Response body from the `POST /chat` endpoint.
+
+```ts
+interface ChatResponse {
+  message: string
+  usage: {
+    inputTokens: number
+    outputTokens: number
+    totalTokens: number
+    cost: number
+  }
+  model: string
+  traceId: string
+}
+```
+
+### `CompleteRequest`
+
+Request body for the `POST /complete` endpoint.
+
+```ts
+interface CompleteRequest {
+  messages: Array<{ role: string; content: string }>
+  model?: string
+  system?: string
+  maxTokens?: number
+  temperature?: number
+  stream?: boolean
+}
+```
+
+### `HealthResponse`
+
+Response body from the `GET /health` endpoint.
+
+```ts
+interface HealthResponse {
+  status: 'ok' | 'degraded'
+  version: string
+  uptime: number
+  providers: string[]
+}
+```
+
+### `MetricsResponse`
+
+Response body from the `GET /metrics` endpoint.
+
+```ts
+interface MetricsResponse {
+  uptime: number
+  totalRequests: number
+  totalTokens: number
+  totalCost: number
+  byModel: Record<string, { requests: number; tokens: number; cost: number }>
+}
+```
+
+---
+
+## Middleware
+
+All middleware functions return a Hono-compatible handler `(c: Context, next: Next) => Promise<...>`. They are applied automatically when the corresponding `ServerConfig` field is set, but they can also be used standalone on any Hono app.
+
+### `corsMiddleware`
+
+Returns a Hono middleware that sets CORS headers and handles preflight `OPTIONS` requests.
+
+```ts
+function corsMiddleware(config?: CorsConfig | boolean): (c: Context, next: Next) => Promise<Response | void>
+```
+
+| Parameter | Type | Default | Description |
+| --- | --- | --- | --- |
+| `config` | `CorsConfig \| boolean` | `true` | When `true`, uses default methods `['GET', 'POST', 'OPTIONS']` and an empty origin list. Pass a `CorsConfig` object for fine-grained control. |
+
+```ts
+import { corsMiddleware } from '@elsium-ai/app'
+import { Hono } from 'hono'
+
+const app = new Hono()
+
+app.use('*', corsMiddleware({
+  origin: ['https://myapp.com'],
+  methods: ['GET', 'POST'],
+  credentials: true,
+}))
+```
+
+### `authMiddleware`
+
+Returns a Hono middleware that validates `Authorization: Bearer <token>` headers using timing-safe comparison. The `/health` endpoint is always excluded from auth checks.
+
+```ts
+function authMiddleware(config: AuthConfig): (c: Context, next: Next) => Promise<Response | void>
+```
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `config` | `AuthConfig` | Must specify `type: 'bearer'` and the expected `token` string. |
+
+**Responses on failure:**
+- `401` with `{ error: 'Missing Authorization header' }` when the header is absent.
+- `401` with `{ error: 'Invalid token' }` when the token does not match.
+
+```ts
+import { authMiddleware } from '@elsium-ai/app'
+import { Hono } from 'hono'
+
+const app = new Hono()
+
+app.use('*', authMiddleware({
+  type: 'bearer',
+  token: process.env.API_TOKEN!,
+}))
+```
+
+### `rateLimitMiddleware`
+
+Returns a Hono middleware that enforces per-client rate limiting using an in-memory sliding window. Client identity is determined from the `CF-Connecting-IP` header, then `X-Real-IP`, falling back to `'anonymous'`. Sets `X-RateLimit-Limit`, `X-RateLimit-Remaining`, and `X-RateLimit-Reset` response headers.
+
+```ts
+function rateLimitMiddleware(config: RateLimitConfig): (c: Context, next: Next) => Promise<Response | void>
+```
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `config` | `RateLimitConfig` | `windowMs` is the time window in milliseconds; `maxRequests` is the maximum number of requests allowed per window. |
+
+**Responses on failure:**
+- `429` with `{ error: 'Too many requests', retryAfterMs: number }` when the limit is exceeded.
+
+```ts
+import { rateLimitMiddleware } from '@elsium-ai/app'
+import { Hono } from 'hono'
+
+const app = new Hono()
+
+app.use('*', rateLimitMiddleware({
+  windowMs: 60_000,
+  maxRequests: 100,
+}))
+```
+
+---
+
+## Routes
+
+### `createRoutes`
+
+Creates a Hono sub-application with all built-in API routes: `GET /health`, `GET /metrics`, `POST /chat`, `POST /complete`, and `GET /agents`.
+
+```ts
+function createRoutes(deps: RoutesDeps): Hono
+```
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `deps` | `RoutesDeps` | Dependencies injected into route handlers, including the gateway, agent registry, tracer, and server metadata. |
+
+**Returns** a `Hono` instance with the following routes:
+
+| Method | Path | Description |
+| --- | --- | --- |
+| `GET` | `/health` | Returns a `HealthResponse` with status, version, uptime, and provider list. |
+| `GET` | `/metrics` | Returns a `MetricsResponse` with request counts, token usage, and cost breakdowns. |
+| `POST` | `/chat` | Accepts a `ChatRequest`, dispatches to the specified (or default) agent, and returns a `ChatResponse`. |
+| `POST` | `/complete` | Accepts a `CompleteRequest`, forwards to the gateway, and returns the completion result. |
+| `GET` | `/agents` | Lists all registered agents with their names, models, and tool names. |
+
+```ts
+import { createRoutes } from '@elsium-ai/app'
+import { Hono } from 'hono'
+
+const routes = createRoutes({
+  gateway: myGateway,
+  agents: new Map([['assistant', myAgent]]),
+  defaultAgent: myAgent,
+  tracer: myTracer,
+  startTime: Date.now(),
+  version: '1.0.0',
+  providers: ['openai'],
+})
+
+const app = new Hono()
+app.route('/', routes)
+```
+
+### `RoutesDeps`
+
+Dependency injection interface for `createRoutes`.
+
+```ts
+interface RoutesDeps {
+  gateway: Gateway
+  agents: Map<string, Agent>
+  defaultAgent?: Agent
+  tracer?: Tracer
+  startTime: number
+  version: string
+  providers: string[]
+}
+```
+
+| Field | Type | Description |
+| --- | --- | --- |
+| `gateway` | `Gateway` | The LLM gateway used by the `/complete` endpoint. |
+| `agents` | `Map<string, Agent>` | Registry of named agents used by the `/chat` endpoint. |
+| `defaultAgent` | `Agent` (optional) | The agent used when no `agent` field is specified in a chat request. |
+| `tracer` | `Tracer` (optional) | Observability tracer for tracking LLM calls. |
+| `startTime` | `number` | Timestamp (ms) when the server started, used to calculate uptime. |
+| `version` | `string` | Application version string returned by `/health`. |
+| `providers` | `string[]` | List of configured provider names returned by `/health`. |
+
+---
+
+## RBAC
+
+### `createRBAC`
+
+Creates a role-based access control system with permission checking, role inheritance, wildcard matching, and Hono middleware generation. Includes four built-in roles (`admin`, `operator`, `user`, `viewer`) that can be overridden by user-defined roles.
+
+```ts
+function createRBAC(config: RBACConfig): RBAC
+```
+
+| Parameter | Type | Description |
+| --- | --- | --- |
+| `config` | `RBACConfig` | Defines custom roles, a default role, and how the role is extracted from each request. |
+
+**Returns** an `RBAC` object with methods for permission checking and middleware creation.
+
+**Built-in roles:**
+
+| Role | Permissions |
+| --- | --- |
+| `admin` | `model:use:*`, `agent:execute:*`, `tool:call:*`, `config:read`, `config:write`, `audit:read`, `audit:write` |
+| `operator` | `model:use:*`, `agent:execute:*`, `tool:call:*`, `config:read`, `audit:read` |
+| `user` | `model:use`, `agent:execute`, `tool:call` |
+| `viewer` | `config:read`, `audit:read` |
+
+```ts
+import { createRBAC } from '@elsium-ai/app'
 
 const rbac = createRBAC({
   roles: [
-    { name: 'viewer', permissions: ['model:read:*'] },
-    { name: 'analyst', permissions: ['model:use:gpt-4o-mini'], inherits: ['viewer'] },
-    { name: 'admin', permissions: ['*'], inherits: ['analyst'] },
+    {
+      name: 'analyst',
+      permissions: ['model:use:gpt-4o-mini'],
+      inherits: ['viewer'],
+    },
   ],
+  defaultRole: 'viewer',
 })
 
-const app = createApp({
-  port: 3000,
-  cors: { origins: ['http://localhost:5173'] },
-  rateLimit: { windowMs: 60_000, max: 100 },
-})
+// Check a permission
+rbac.hasPermission('analyst', 'model:use:gpt-4o-mini') // true
+rbac.hasPermission('analyst', 'config:read')            // true (inherited from viewer)
+
+// Use as Hono middleware
+app.post('/chat', rbac.middleware('model:use'), handler)
+```
+
+### `Permission`
+
+A union type representing all recognized permissions. Supports resource-specific and wildcard variants.
+
+```ts
+type Permission =
+  | 'model:use'
+  | 'model:use:*'
+  | `model:use:${string}`
+  | 'agent:execute'
+  | 'agent:execute:*'
+  | `agent:execute:${string}`
+  | 'tool:call'
+  | 'tool:call:*'
+  | `tool:call:${string}`
+  | 'config:read'
+  | 'config:write'
+  | 'audit:read'
+  | 'audit:write'
+```
+
+Wildcard permissions (e.g., `model:use:*`) grant access to all resource-specific permissions under that namespace (e.g., `model:use:gpt-4o`) as well as the base permission (`model:use`).
+
+### `Role`
+
+Defines a named role with a set of permissions and optional inheritance from other roles.
+
+```ts
+interface Role {
+  name: string
+  permissions: Permission[]
+  inherits?: string[]
+}
+```
+
+### `RBACConfig`
+
+Configuration for `createRBAC`.
+
+```ts
+interface RBACConfig {
+  roles: Role[]
+  defaultRole?: string
+  roleExtractor?: (c: Context) => string | undefined
+  trustRoleHeader?: boolean
+}
 ```
 
+| Field | Type | Description |
+| --- | --- | --- |
+| `roles` | `Role[]` | Custom role definitions. These override built-in roles with the same name. |
+| `defaultRole` | `string` (optional) | The role assigned when no role can be determined from the request. Defaults to `'viewer'`. |
+| `roleExtractor` | `(c: Context) => string \| undefined` (optional) | Custom function to extract the role name from a Hono request context. |
+| `trustRoleHeader` | `boolean` (optional) | When `true`, reads the role from the `X-Role` request header. **Warning:** only enable this in development or behind a trusted reverse proxy, as any client can self-assign roles. |
+
+### `RBAC`
+
+The object returned by `createRBAC`.
+
+```ts
+interface RBAC {
+  hasPermission(role: string, permission: Permission): boolean
+  middleware(required: Permission): (c: Context, next: Next) => Promise<Response | undefined>
+  getRolePermissions(role: string): Permission[]
+}
+```
+
+| Method | Description |
+| --- | --- |
+| `hasPermission(role, permission)` | Returns `true` if the given role (including inherited permissions) grants the specified permission. |
+| `middleware(required)` | Returns a Hono middleware that rejects requests with `403` if the caller's role lacks the required permission. |
+| `getRolePermissions(role)` | Returns the deduplicated list of all permissions for a role, including those inherited from parent roles. |
+
+---
+
 ## Part of ElsiumAI
 
 This package is the app layer of the [ElsiumAI](https://github.com/elsium-ai/elsium-ai) framework. See the [full documentation](https://github.com/elsium-ai/elsium-ai) for guides and examples.

package/dist/app.d.ts

@@ -8,7 +8,7 @@ export interface ElsiumApp {
     readonly tracer: Tracer;
     listen(port?: number): {
         port: number;
-        stop: () => void;
+        stop: () => Promise<void>;
     };
 }
 export declare function createApp(config: AppConfig): ElsiumApp;

package/dist/app.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,OAAO,EAAW,MAAM,oBAAoB,CAAA;AAC1D,OAAO,EAAE,KAAK,MAAM,EAAW,MAAM,oBAAoB,CAAA;AAIzD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAG3B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,SAAS,CAAA;AAExC,MAAM,WAAW,SAAS;IACzB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAA;IACnB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,IAAI,CAAA;KAAE,CAAA;CACzD;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,CA8FtD"}
+{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,KAAK,OAAO,EAAW,MAAM,oBAAoB,CAAA;AAC1D,OAAO,EAAE,KAAK,MAAM,EAAW,MAAM,oBAAoB,CAAA;AAIzD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAS3B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,SAAS,CAAA;AAExC,MAAM,WAAW,SAAS;IACzB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAA;IACnB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;KAAE,CAAA;CAClE;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,CAgItD"}

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 export { createApp } from './app';
 export type { ElsiumApp } from './app';
 export type { AppConfig, ServerConfig, CorsConfig, AuthConfig, RateLimitConfig, ChatRequest, ChatResponse, CompleteRequest, HealthResponse, MetricsResponse, } from './types';
-export { corsMiddleware, authMiddleware, rateLimitMiddleware } from './middleware';
+export { corsMiddleware, authMiddleware, rateLimitMiddleware, requestIdMiddleware, requestLoggerMiddleware, } from './middleware';
 export { createRoutes } from './routes';
 export type { RoutesDeps } from './routes';
 export { createRBAC } from './rbac';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,OAAO,CAAA;AACjC,YAAY,EAAE,SAAS,EAAE,MAAM,OAAO,CAAA;AAGtC,YAAY,EACX,SAAS,EACT,YAAY,EACZ,UAAU,EACV,UAAU,EACV,eAAe,EACf,WAAW,EACX,YAAY,EACZ,eAAe,EACf,cAAc,EACd,eAAe,GACf,MAAM,SAAS,CAAA;AAGhB,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAGlF,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AACvC,YAAY,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAG1C,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,OAAO,CAAA;AACjC,YAAY,EAAE,SAAS,EAAE,MAAM,OAAO,CAAA;AAGtC,YAAY,EACX,SAAS,EACT,YAAY,EACZ,UAAU,EACV,UAAU,EACV,eAAe,EACf,WAAW,EACX,YAAY,EACZ,eAAe,EACf,cAAc,EACd,eAAe,GACf,MAAM,SAAS,CAAA;AAGhB,OAAO,EACN,cAAc,EACd,cAAc,EACd,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,GACvB,MAAM,cAAc,CAAA;AAGrB,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AACvC,YAAY,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAG1C,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA"}

package/dist/index.js

@@ -389,6 +389,101 @@ function createLogger(options = {}) {
     }
   };
 }
+// ../core/src/shutdown.ts
+function createShutdownManager(config) {
+  const drainTimeoutMs = config?.drainTimeoutMs ?? 30000;
+  const signals = config?.signals ?? ["SIGTERM", "SIGINT"];
+  if (drainTimeoutMs < 0 || !Number.isFinite(drainTimeoutMs)) {
+    throw new ElsiumError({
+      code: "CONFIG_ERROR",
+      message: "drainTimeoutMs must be >= 0 and finite",
+      retryable: false
+    });
+  }
+  let shuttingDown = false;
+  let inFlightCount = 0;
+  let drainResolve = null;
+  let shutdownPromise = null;
+  const signalHandlers = [];
+  function checkDrained() {
+    if (inFlightCount === 0 && drainResolve) {
+      drainResolve();
+      drainResolve = null;
+    }
+  }
+  async function shutdown() {
+    if (shutdownPromise)
+      return shutdownPromise;
+    shuttingDown = true;
+    shutdownPromise = (async () => {
+      config?.onDrainStart?.();
+      if (inFlightCount === 0) {
+        config?.onDrainComplete?.();
+        return;
+      }
+      const drainPromise = new Promise((resolve) => {
+        drainResolve = resolve;
+      });
+      let drainTimer;
+      const timeoutPromise = new Promise((resolve) => {
+        drainTimer = setTimeout(() => resolve("timeout"), drainTimeoutMs);
+      });
+      const result = await Promise.race([
+        drainPromise.then(() => "drained"),
+        timeoutPromise
+      ]);
+      if (drainTimer !== undefined)
+        clearTimeout(drainTimer);
+      if (result === "timeout") {
+        config?.onForceShutdown?.();
+      } else {
+        config?.onDrainComplete?.();
+      }
+    })();
+    return shutdownPromise;
+  }
+  const manager = {
+    get inFlight() {
+      return inFlightCount;
+    },
+    get isShuttingDown() {
+      return shuttingDown;
+    },
+    async trackOperation(fn) {
+      if (shuttingDown) {
+        throw new ElsiumError({
+          code: "VALIDATION_ERROR",
+          message: "Server is shutting down, not accepting new operations",
+          retryable: true
+        });
+      }
+      inFlightCount++;
+      try {
+        return await fn();
+      } finally {
+        inFlightCount--;
+        checkDrained();
+      }
+    },
+    shutdown,
+    dispose() {
+      for (const { signal, handler } of signalHandlers) {
+        process.removeListener(signal, handler);
+      }
+      signalHandlers.length = 0;
+    }
+  };
+  if (typeof process !== "undefined" && process.on) {
+    for (const signal of signals) {
+      const handler = () => {
+        manager.shutdown();
+      };
+      signalHandlers.push({ signal, handler });
+      process.on(signal, handler);
+    }
+  }
+  return manager;
+}
 // ../gateway/src/provider.ts
 var providerRegistry = new Map;
 var metadataRegistry = new Map;
@@ -978,7 +1073,19 @@ function createGoogleProvider(config) {
     return { role, parts };
   }
   function formatGeminiMultipartContent(msg, role) {
-    const parts = msg.content.filter((p) => p.type === "text").map((p) => ({ text: p.text }));
+    const parts = [];
+    for (const p of msg.content) {
+      if (p.type === "text") {
+        parts.push({ text: p.text });
+      } else if (p.type === "image") {
+        const img = p;
+        if (img.source.type === "base64") {
+          parts.push({ inlineData: { mimeType: img.source.mediaType, data: img.source.data } });
+        } else {
+          parts.push({ fileData: { mimeType: "image/jpeg", fileUri: img.source.url } });
+        }
+      }
+    }
     return { role, parts };
   }
   function formatMessages(messages) {
@@ -1153,7 +1260,8 @@ async function handleGoogleErrorResponse(response) {
     throw ElsiumError.authError("google");
   }
   if (response.status === 429) {
-    throw ElsiumError.rateLimit("google");
+    const retryAfter = response.headers.get("retry-after");
+    throw ElsiumError.rateLimit("google", retryAfter ? Number.parseInt(retryAfter) * 1000 : undefined);
   }
   throw ElsiumError.providerError(`Google API error ${response.status}: ${errorBody}`, {
     provider: "google",
@@ -1339,6 +1447,24 @@ function createOpenAIProvider(config) {
     }
     return openaiMsg;
   }
+  function formatUserContent(msg) {
+    if (typeof msg.content === "string")
+      return msg.content;
+    const parts = [];
+    for (const part of msg.content) {
+      if (part.type === "text") {
+        parts.push({ type: "text", text: part.text });
+      } else if (part.type === "image") {
+        if (part.source.type === "base64") {
+          const url = `data:${part.source.mediaType};base64,${part.source.data}`;
+          parts.push({ type: "image_url", image_url: { url } });
+        } else {
+          parts.push({ type: "image_url", image_url: { url: part.source.url } });
+        }
+      }
+    }
+    return parts;
+  }
   function formatMessages(messages) {
     const formatted = [];
     for (const msg of messages) {
@@ -1354,7 +1480,7 @@ function createOpenAIProvider(config) {
         formatted.push(formatAssistantMessage(msg));
         continue;
       }
-      formatted.push({ role: "user", content: extractTextContent(msg) });
+      formatted.push({ role: "user", content: formatUserContent(msg) });
     }
     return formatted;
   }
@@ -1590,7 +1716,7 @@ var PROVIDER_FACTORIES = {
   openai: createOpenAIProvider,
   google: createGoogleProvider
 };
-function gateway(config) {
+function validateGatewayConfig(config) {
   const factory = PROVIDER_FACTORIES[config.provider];
   if (!factory) {
     throw new ElsiumError({
@@ -1599,21 +1725,92 @@ function gateway(config) {
       retryable: false
     });
   }
+  if (typeof config.apiKey !== "string" || config.apiKey.trim() === "") {
+    throw new ElsiumError({
+      code: "CONFIG_ERROR",
+      message: "apiKey must be a non-empty string",
+      retryable: false
+    });
+  }
+  if (config.timeout !== undefined && (!Number.isFinite(config.timeout) || config.timeout <= 0)) {
+    throw new ElsiumError({
+      code: "CONFIG_ERROR",
+      message: "timeout must be a positive finite number",
+      retryable: false
+    });
+  }
+  if (config.maxRetries !== undefined && (!Number.isFinite(config.maxRetries) || !Number.isInteger(config.maxRetries) || config.maxRetries < 0)) {
+    throw new ElsiumError({
+      code: "CONFIG_ERROR",
+      message: "maxRetries must be a non-negative finite integer",
+      retryable: false
+    });
+  }
+  return factory;
+}
+function autoRegisterProvider(provider) {
+  if (!provider.metadata)
+    return;
+  registerProviderMetadata(provider.name, provider.metadata);
+  if (!provider.metadata.pricing)
+    return;
+  for (const [model, pricing] of Object.entries(provider.metadata.pricing)) {
+    registerPricing(model, pricing);
+  }
+}
+function validateRequestLimits(request, maxMessages, maxInputTokens) {
+  if (request.messages.length > maxMessages) {
+    throw ElsiumError.validation(`Message count ${request.messages.length} exceeds limit of ${maxMessages}`);
+  }
+  let estimatedTokens = 0;
+  for (const msg of request.messages) {
+    const text = typeof msg.content === "string" ? msg.content : msg.content.map((p) => p.type === "text" ? p.text : "").join("");
+    estimatedTokens += Math.ceil(text.length / 4);
+  }
+  if (estimatedTokens > maxInputTokens) {
+    throw ElsiumError.validation(`Estimated input tokens (~${estimatedTokens}) exceeds limit of ${maxInputTokens}`);
+  }
+}
+function buildMiddlewareContext(req, providerName, defaultModel, metadata) {
+  return {
+    request: req,
+    provider: providerName,
+    model: req.model ?? defaultModel,
+    traceId: generateTraceId(),
+    startTime: performance.now(),
+    metadata
+  };
+}
+async function accumulateStreamEvents(stream, emit) {
+  let textContent = "";
+  let usage = { inputTokens: 0, outputTokens: 0, totalTokens: 0 };
+  let stopReason = "end_turn";
+  let id = "";
+  for await (const event of stream) {
+    emit(event);
+    if (event.type === "text_delta") {
+      textContent += event.text;
+    } else if (event.type === "message_end") {
+      usage = event.usage;
+      stopReason = event.stopReason;
+    } else if (event.type === "message_start") {
+      id = event.id;
+    }
+  }
+  return { textContent, usage, stopReason, id };
+}
+function gateway(config) {
+  const factory = validateGatewayConfig(config);
   const provider = factory({
     apiKey: config.apiKey,
     baseUrl: config.baseUrl,
     timeout: config.timeout,
     maxRetries: config.maxRetries
   });
-  if (provider.metadata) {
-    registerProviderMetadata(provider.name, provider.metadata);
-    if (provider.metadata.pricing) {
-      for (const [model, pricing] of Object.entries(provider.metadata.pricing)) {
-        registerPricing(model, pricing);
-      }
-    }
-  }
+  autoRegisterProvider(provider);
   const defaultModel = config.model ?? provider.defaultModel;
+  const maxMessages = config.maxMessages ?? 1000;
+  const maxInputTokens = config.maxInputTokens ?? 1e6;
   let xrayStore = null;
   const allMiddleware = [...config.middleware ?? []];
   if (config.xray) {
@@ -1628,14 +1825,7 @@ function gateway(config) {
     if (!composedMiddleware) {
       return provider.complete(req);
     }
-    const ctx = {
-      request: req,
-      provider: provider.name,
-      model: req.model ?? defaultModel,
-      traceId: generateTraceId(),
-      startTime: performance.now(),
-      metadata: request.metadata ?? {}
-    };
+    const ctx = buildMiddlewareContext(req, provider.name, defaultModel, request.metadata ?? {});
     return composedMiddleware(ctx, async (c) => provider.complete(c.request));
   }
   return {
@@ -1647,34 +1837,27 @@ function gateway(config) {
       return xrayStore?.callHistory(limit) ?? [];
     },
     async complete(request) {
+      validateRequestLimits(request, maxMessages, maxInputTokens);
       return executeWithMiddleware(request);
     },
     stream(request) {
+      validateRequestLimits(request, maxMessages, maxInputTokens);
       const req = { ...request, model: request.model ?? defaultModel };
       if (composedMiddleware) {
-        const ctx = {
-          request: req,
-          provider: provider.name,
-          model: req.model ?? defaultModel,
-          traceId: generateTraceId(),
-          startTime: performance.now(),
-          metadata: request.metadata ?? {}
-        };
+        const ctx = buildMiddlewareContext(req, provider.name, defaultModel, request.metadata ?? {});
         return createStream(async (emit) => {
           await composedMiddleware(ctx, async (c) => {
-            const stream = provider.stream(c.request);
-            for await (const event of stream) {
-              emit(event);
-            }
+            const result = await accumulateStreamEvents(provider.stream(c.request), emit);
+            const latencyMs = Math.round(performance.now() - ctx.startTime);
             return {
-              id: "",
-              message: { role: "assistant", content: "" },
-              usage: { inputTokens: 0, outputTokens: 0, totalTokens: 0 },
-              cost: { inputCost: 0, outputCost: 0, totalCost: 0, currency: "USD" },
+              id: result.id,
+              message: { role: "assistant", content: result.textContent },
+              usage: result.usage,
+              cost: calculateCost(c.model, result.usage),
               model: c.model,
               provider: provider.name,
-              stopReason: "end_turn",
-              latencyMs: 0,
+              stopReason: result.stopReason,
+              latencyMs,
               traceId: ctx.traceId
             };
           });
@@ -1854,6 +2037,7 @@ function createSpan(name, options = {}) {
   return span;
 }
 // ../observe/src/tracer.ts
+import { writeFileSync } from "node:fs";
 var log2 = createLogger();
 function observe(config = {}) {
   const {
@@ -1869,7 +2053,21 @@ function observe(config = {}) {
   for (const out of output) {
     if (out === "console") {
       handlers.push(consoleHandler);
-    } else if (out === "json-file") {} else {
+    } else if (out === "json-file") {
+      exporters.push({
+        name: "json-file",
+        export(spansToExport) {
+          const filename = `.elsium/traces-${Date.now()}.json`;
+          try {
+            writeFileSync(filename, JSON.stringify(spansToExport, null, 2));
+          } catch (err2) {
+            log2.error("Failed to write trace file", {
+              error: err2 instanceof Error ? err2.message : String(err2)
+            });
+          }
+        }
+      });
+    } else {
       exporters.push(out);
     }
   }
@@ -4049,7 +4247,7 @@ var Hono2 = class extends Hono {
 // src/middleware.ts
 import { timingSafeEqual } from "node:crypto";
 function corsMiddleware(config = true) {
-  const opts = typeof config === "boolean" ? { origin: [], methods: ["GET", "POST", "OPTIONS"] } : config;
+  const opts = typeof config === "boolean" ? { origin: "*", methods: ["GET", "POST", "OPTIONS"] } : config;
   return async (c, next) => {
     const requestOrigin = c.req.header("Origin") ?? "";
     let allowedOrigin;
@@ -4126,8 +4324,51 @@ function rateLimitMiddleware(config) {
     await next();
   };
 }
+function requestIdMiddleware() {
+  return async (c, next) => {
+    const raw2 = c.req.header("X-Request-ID");
+    const id = raw2 && /^[\w\-.:]{1,128}$/.test(raw2) ? raw2 : generateId("req");
+    c.set("requestId", id);
+    await next();
+    c.res.headers.set("X-Request-ID", id);
+  };
+}
+function requestLoggerMiddleware(logger) {
+  const log4 = logger ?? createLogger();
+  return async (c, next) => {
+    const start = Date.now();
+    await next();
+    const duration = Date.now() - start;
+    log4.info(`${c.req.method} ${c.req.path}`, {
+      method: c.req.method,
+      path: c.req.path,
+      status: c.res.status,
+      durationMs: duration,
+      requestId: c.get("requestId")
+    });
+  };
+}
 
 // src/routes.ts
+function parseJsonBody(raw2) {
+  try {
+    return { ok: true, data: JSON.parse(raw2) };
+  } catch {
+    return { ok: false };
+  }
+}
+function elsiumErrorResponse(c, err2, fallbackMessage) {
+  if (err2 instanceof ElsiumError) {
+    return c.json({ error: err2.message, code: err2.code }, err2.statusCode ?? 500);
+  }
+  return c.json({ error: fallbackMessage }, 500);
+}
+function resolveAgent(name, agents, defaultAgent) {
+  const agent = name ? agents.get(name) : defaultAgent;
+  if (agent)
+    return { agent };
+  return { error: name ? `Agent "${name}" not found` : "No default agent configured" };
+}
 function createRoutes(deps) {
   const app = new Hono2;
   let totalRequests = 0;
@@ -4168,17 +4409,24 @@ function createRoutes(deps) {
     if (rawText.length > MAX_BODY_SIZE) {
       return c.json({ error: "Request body too large (max 1MB)" }, 413);
     }
-    const body = JSON.parse(rawText);
+    const parsed = parseJsonBody(rawText);
+    if (!parsed.ok) {
+      return c.json({ error: "Invalid JSON in request body" }, 400);
+    }
+    const body = parsed.data;
     if (!body.message) {
       return c.json({ error: "message is required" }, 400);
     }
-    const agent = body.agent ? deps.agents.get(body.agent) : deps.defaultAgent;
-    if (!agent) {
-      return c.json({
-        error: body.agent ? `Agent "${body.agent}" not found` : "No default agent configured"
-      }, 404);
+    const resolved = resolveAgent(body.agent, deps.agents, deps.defaultAgent);
+    if ("error" in resolved) {
+      return c.json({ error: resolved.error }, 404);
+    }
+    let result;
+    try {
+      result = await resolved.agent.run(body.message);
+    } catch (err2) {
+      return elsiumErrorResponse(c, err2, "Agent execution failed");
     }
-    const result = await agent.run(body.message);
     deps.tracer?.trackLLMCall({
       model: "unknown",
       inputTokens: result.usage.totalInputTokens,
@@ -4195,7 +4443,7 @@ function createRoutes(deps) {
         totalTokens: result.usage.totalTokens,
         cost: result.usage.totalCost
       },
-      model: agent.config.model ?? "default",
+      model: resolved.agent.config.model ?? "default",
       traceId: result.traceId
     };
     return c.json(response);
@@ -4207,7 +4455,11 @@ function createRoutes(deps) {
     if (rawText.length > MAX_BODY_SIZE) {
       return c.json({ error: "Request body too large (max 1MB)" }, 413);
     }
-    const body = JSON.parse(rawText);
+    const parsed = parseJsonBody(rawText);
+    if (!parsed.ok) {
+      return c.json({ error: "Invalid JSON in request body" }, 400);
+    }
+    const body = parsed.data;
     if (!body.messages?.length) {
       return c.json({ error: "messages array is required" }, 400);
     }
@@ -4215,13 +4467,18 @@ function createRoutes(deps) {
       role: m.role,
       content: m.content
     }));
-    const response = await deps.gateway.complete({
-      messages,
-      model: body.model,
-      system: body.system,
-      maxTokens: body.maxTokens,
-      temperature: body.temperature
-    });
+    let response;
+    try {
+      response = await deps.gateway.complete({
+        messages,
+        model: body.model,
+        system: body.system,
+        maxTokens: body.maxTokens,
+        temperature: body.temperature
+      });
+    } catch (err2) {
+      return elsiumErrorResponse(c, err2, "Completion failed");
+    }
     deps.tracer?.trackLLMCall({
       model: response.model,
       inputTokens: response.usage.inputTokens,
@@ -4253,6 +4510,15 @@ function createRoutes(deps) {
 var log4 = createLogger();
 function createApp(config) {
   const app = new Hono2;
+  app.onError((err2, c) => {
+    const statusCode = err2 instanceof ElsiumError ? err2.statusCode ?? 500 : 500;
+    const code = err2 instanceof ElsiumError ? err2.code : "UNKNOWN";
+    log4.error("Unhandled error", { error: err2.message, code, path: c.req.path });
+    return c.json({ error: err2.message, code }, statusCode);
+  });
+  app.notFound((c) => {
+    return c.json({ error: "Not found" }, 404);
+  });
   const providerNames = Object.keys(config.gateway.providers);
   const primaryProvider = providerNames[0];
   const primaryConfig = config.gateway.providers[primaryProvider];
@@ -4267,6 +4533,8 @@ function createApp(config) {
     costTracking: config.observe?.costTracking ?? true
   });
   const serverConfig = config.server ?? {};
+  app.use("*", requestIdMiddleware());
+  app.use("*", requestLoggerMiddleware(log4));
   if (serverConfig.cors) {
     app.use("*", corsMiddleware(serverConfig.cors));
   }
@@ -4289,7 +4557,7 @@ function createApp(config) {
     defaultAgent,
     tracer,
     startTime: Date.now(),
-    version: "0.1.0",
+    version: config.version ?? "0.2.2",
     providers: providerNames
   });
   app.route("/", routes);
@@ -4305,13 +4573,25 @@ function createApp(config) {
         port: listenPort,
         hostname
       });
+      let shutdownManager;
+      if (serverConfig.gracefulShutdown) {
+        const drainTimeoutMs = typeof serverConfig.gracefulShutdown === "object" ? serverConfig.gracefulShutdown.drainTimeoutMs : undefined;
+        shutdownManager = createShutdownManager({
+          drainTimeoutMs,
+          onDrainStart: () => log4.info("Draining connections..."),
+          onDrainComplete: () => log4.info("Drain complete")
+        });
+      }
       log4.info("ElsiumAI server started", {
         url: `http://${hostname}:${listenPort}`,
         routes: ["POST /chat", "POST /complete", "GET /health", "GET /metrics", "GET /agents"]
       });
       return {
         port: listenPort,
-        stop: () => {
+        stop: async () => {
+          if (shutdownManager) {
+            await shutdownManager.shutdown();
+          }
           server.close();
         }
       };
@@ -4414,6 +4694,8 @@ function createRBAC(config) {
   };
 }
 export {
+  requestLoggerMiddleware,
+  requestIdMiddleware,
   rateLimitMiddleware,
   createRoutes,
   createRBAC,

package/dist/middleware.d.ts

@@ -1,3 +1,4 @@
+import { type Logger } from '@elsium-ai/core';
 import type { Context, Next } from 'hono';
 import type { AuthConfig, CorsConfig, RateLimitConfig } from './types';
 export declare function corsMiddleware(config?: CorsConfig | boolean): (c: Context, next: Next) => Promise<(Response & import("hono").TypedResponse<null, 200, "body">) | undefined>;
@@ -8,4 +9,6 @@ export declare function rateLimitMiddleware(config: RateLimitConfig): (c: Contex
     error: string;
     retryAfterMs: number;
 }, 429, "json">) | undefined>;
+export declare function requestIdMiddleware(): (c: Context, next: Next) => Promise<void>;
+export declare function requestLoggerMiddleware(logger?: Logger): (c: Context, next: Next) => Promise<void>;
 //# sourceMappingURL=middleware.d.ts.map

package/dist/middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AACzC,OAAO,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAItE,wBAAgB,cAAc,CAAC,MAAM,GAAE,UAAU,GAAG,OAAc,IAInD,GAAG,OAAO,EAAE,MAAM,IAAI,uFAiCpC;AAID,wBAAgB,cAAc,CAAC,MAAM,EAAE,UAAU,IAClC,GAAG,OAAO,EAAE,MAAM,IAAI;;kBAwBpC;AAaD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,eAAe,IAG5C,GAAG,OAAO,EAAE,MAAM,IAAI;;;8BAsCpC"}
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,MAAM,EAA4B,MAAM,iBAAiB,CAAA;AACvE,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AACzC,OAAO,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAItE,wBAAgB,cAAc,CAAC,MAAM,GAAE,UAAU,GAAG,OAAc,IAInD,GAAG,OAAO,EAAE,MAAM,IAAI,uFAiCpC;AAID,wBAAgB,cAAc,CAAC,MAAM,EAAE,UAAU,IAClC,GAAG,OAAO,EAAE,MAAM,IAAI;;kBAwBpC;AAaD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,eAAe,IAG5C,GAAG,OAAO,EAAE,MAAM,IAAI;;;8BAsCpC;AAID,wBAAgB,mBAAmB,KACpB,GAAG,OAAO,EAAE,MAAM,IAAI,mBASpC;AAID,wBAAgB,uBAAuB,CAAC,MAAM,CAAC,EAAE,MAAM,IAGxC,GAAG,OAAO,EAAE,MAAM,IAAI,mBAcpC"}

package/dist/routes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../src/routes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAS3B,MAAM,WAAW,UAAU;IAC1B,OAAO,EAAE,OAAO,CAAA;IAChB,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAC1B,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,EAAE,CAAA;CACnB;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,CA+JnD"}
+{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../src/routes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AAE9C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAkC3B,MAAM,WAAW,UAAU;IAC1B,OAAO,EAAE,OAAO,CAAA;IAChB,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAC1B,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,EAAE,CAAA;CACnB;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,CAyKnD"}

package/dist/types.d.ts

@@ -16,6 +16,7 @@ export interface AppConfig {
         export?: string;
     };
     server?: ServerConfig;
+    version?: string;
 }
 export interface ServerConfig {
     port?: number;
@@ -23,6 +24,9 @@ export interface ServerConfig {
     cors?: boolean | CorsConfig;
     auth?: AuthConfig;
     rateLimit?: RateLimitConfig;
+    gracefulShutdown?: boolean | {
+        drainTimeoutMs?: number;
+    };
 }
 export interface CorsConfig {
     origin?: string | string[];

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAEjD,MAAM,WAAW,SAAS;IACzB,OAAO,EAAE;QACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC,CAAA;QAC/D,YAAY,CAAC,EAAE,MAAM,CAAA;KACrB,CAAA;IACD,MAAM,CAAC,EAAE,KAAK,EAAE,CAAA;IAChB,GAAG,CAAC,EAAE,WAAW,CAAA;IACjB,OAAO,CAAC,EAAE;QACT,OAAO,CAAC,EAAE,OAAO,CAAA;QACjB,YAAY,CAAC,EAAE,OAAO,CAAA;QACtB,MAAM,CAAC,EAAE,MAAM,CAAA;KACf,CAAA;IACD,MAAM,CAAC,EAAE,YAAY,CAAA;CACrB;AAED,MAAM,WAAW,YAAY;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,CAAC,EAAE,OAAO,GAAG,UAAU,CAAA;IAC3B,IAAI,CAAC,EAAE,UAAU,CAAA;IACjB,SAAS,CAAC,EAAE,eAAe,CAAA;CAC3B;AAED,MAAM,WAAW,UAAU;IAC1B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,WAAW,CAAC,EAAE,OAAO,CAAA;CACrB;AAED,MAAM,WAAW,UAAU;IAC1B,IAAI,EAAE,QAAQ,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;CACb;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;CACnB;AAID,MAAM,WAAW,WAAW;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,YAAY;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE;QACN,WAAW,EAAE,MAAM,CAAA;QACnB,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,EAAE,MAAM,CAAA;QACnB,IAAI,EAAE,MAAM,CAAA;KACZ,CAAA;IACD,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAClD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,cAAc;IAC9B,MAAM,EAAE,IAAI,GAAG,UAAU,CAAA;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,EAAE,CAAA;CACnB;AAED,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAA;IACd,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAC3E"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAEjD,MAAM,WAAW,SAAS;IACzB,OAAO,EAAE;QACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,OAAO,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC,CAAA;QAC/D,YAAY,CAAC,EAAE,MAAM,CAAA;KACrB,CAAA;IACD,MAAM,CAAC,EAAE,KAAK,EAAE,CAAA;IAChB,GAAG,CAAC,EAAE,WAAW,CAAA;IACjB,OAAO,CAAC,EAAE;QACT,OAAO,CAAC,EAAE,OAAO,CAAA;QACjB,YAAY,CAAC,EAAE,OAAO,CAAA;QACtB,MAAM,CAAC,EAAE,MAAM,CAAA;KACf,CAAA;IACD,MAAM,CAAC,EAAE,YAAY,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,WAAW,YAAY;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,CAAC,EAAE,OAAO,GAAG,UAAU,CAAA;IAC3B,IAAI,CAAC,EAAE,UAAU,CAAA;IACjB,SAAS,CAAC,EAAE,eAAe,CAAA;IAC3B,gBAAgB,CAAC,EAAE,OAAO,GAAG;QAAE,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CACxD;AAED,MAAM,WAAW,UAAU;IAC1B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,WAAW,CAAC,EAAE,OAAO,CAAA;CACrB;AAED,MAAM,WAAW,UAAU;IAC1B,IAAI,EAAE,QAAQ,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;CACb;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;CACnB;AAID,MAAM,WAAW,WAAW;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,YAAY;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE;QACN,WAAW,EAAE,MAAM,CAAA;QACnB,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,EAAE,MAAM,CAAA;QACnB,IAAI,EAAE,MAAM,CAAA;KACZ,CAAA;IACD,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAClD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,cAAc;IAC9B,MAAM,EAAE,IAAI,GAAG,UAAU,CAAA;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,EAAE,CAAA;CACnB;AAED,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAA;IACd,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAC3E"}

package/package.json

@@ -1,12 +1,12 @@
 {
 	"name": "@elsium-ai/app",
-	"version": "0.2.1",
+	"version": "0.2.3",
 	"description": "App bootstrap, HTTP server, and API routes for ElsiumAI",
 	"license": "MIT",
 	"author": "Eric Utrera <ebutrera9103@gmail.com>",
 	"repository": {
 		"type": "git",
-		"url": "https://github.com/elsium-ai/elsium-ai",
+		"url": "git+https://github.com/elsium-ai/elsium-ai.git",
 		"directory": "packages/app"
 	},
 	"type": "module",
@@ -26,13 +26,13 @@
 		"dev": "bun --watch src/index.ts"
 	},
 	"dependencies": {
-		"@elsium-ai/core": "^0.2.1",
-		"@elsium-ai/gateway": "^0.2.1",
-		"@elsium-ai/agents": "^0.2.1",
-		"@elsium-ai/tools": "^0.2.1",
-		"@elsium-ai/observe": "^0.2.1",
-		"@elsium-ai/rag": "^0.2.1",
-		"@elsium-ai/workflows": "^0.2.1",
+		"@elsium-ai/core": "^0.2.3",
+		"@elsium-ai/gateway": "^0.2.3",
+		"@elsium-ai/agents": "^0.2.3",
+		"@elsium-ai/tools": "^0.2.3",
+		"@elsium-ai/observe": "^0.2.3",
+		"@elsium-ai/rag": "^0.2.3",
+		"@elsium-ai/workflows": "^0.2.3",
 		"@hono/node-server": "^1.13.0",
 		"hono": "^4.7.0",
 		"zod": "^3.24.0"